Ticket #26706: 26706.2.diff
| File 26706.2.diff, 2.6 KB (added by , 10 years ago) |
|---|
-
src/wp-includes/default-filters.php
301 301 add_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 ); 302 302 add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 ); 303 303 304 // Default user checking filters 305 add_filter( 'determine_current_user', 'wp_validate_auth_cookie' ); 306 add_filter( 'determine_current_user', 'wp_validate_logged_in_cookie', 20 ); 307 304 308 unset($filter, $action); -
src/wp-includes/pluggable.php
97 97 return false; 98 98 } 99 99 100 if ( ! $user = wp_validate_auth_cookie() ) { 101 if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) { 102 wp_set_current_user( 0 ); 103 return false; 104 } 100 /** 101 * Determine the current user based on request data. 102 * 103 * The default filters use this to determine the current user from the 104 * request's cookies, if available. 105 * 106 * @since 3.9.0 107 * 108 * @param int|boolean $user_id User ID if determined, or false otherwise. 109 */ 110 $user_id = apply_filters( 'determine_current_user', false ); 111 if ( ! $user_id ) { 112 wp_set_current_user( 0 ); 113 return false; 105 114 } 106 115 107 wp_set_current_user( $user );116 wp_set_current_user( $user_id ); 108 117 } 109 118 endif; 110 119 -
src/wp-includes/user.php
220 220 } 221 221 222 222 /** 223 * Validates logged in cookie. 224 * 225 * Checks the logged_in cookie if the previous auth cookie could not be 226 * validated and parsed. 227 * 228 * This is a callback for the determine_current_user filter, rather than API. 229 * 230 * @since 3.9.0 231 * 232 * @param mixed $user The user ID (or null) as received from the determine_current_user filter. 233 * @return int|boolean User ID if validated, or false otherwise. 234 */ 235 function wp_validate_logged_in_cookie( $user_id ) { 236 if ( $user_id ) { 237 return $user_id; 238 } 239 240 if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) ) { 241 return false; 242 } 243 244 return wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ); 245 } 246 247 /** 223 248 * Number of posts user has written. 224 249 * 225 250 * @since 3.0.0