Ticket #35188: 35188-2.patch

src/wp-includes/pluggable.php

@@ -1789 +1789 @@
  *
  * @since 2.5.0
  *
+ * @param string|int $action the current action.
+ *
  * @return float Float value rounded up to the next highest integer.
  */
-function wp_nonce_tick() {
-        /**
-         * Filter the lifespan of nonces in seconds.
-         *
-         * @since 2.5.0
-         *
-         * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day.
-         */
-        $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS );
+function wp_nonce_tick( $action = -1 ) {
+    /**
+     * Filter the lifespan of nonces in seconds.
+     *
+     * @since 2.5.0
+     *
+     * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day.
+     * @param string|int $action The current nonce.
+     */
+    $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS, $action );
 
-        return ceil(time() / ( $nonce_life / 2 ));
+    return ceil( time() / ( $nonce_life / 2 ) );
 }
 endif;
 
@@ -1840 +1843 @@
         }
 
         $token = wp_get_session_token();
-        $i = wp_nonce_tick();
+        $i = wp_nonce_tick( $action );
 
         // Nonce generated 0-12 hours ago
         $expected = substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10 );
@@ -1891 +1894 @@
         }
 
         $token = wp_get_session_token();
-        $i = wp_nonce_tick();
+        $i = wp_nonce_tick( $action );
 
         return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 );
 }