Ticket #35188: 35188-2.patch
File 35188-2.patch, 1.6 KB (added by , 8 years ago) |
---|
-
src/wp-includes/pluggable.php
1789 1789 * 1790 1790 * @since 2.5.0 1791 1791 * 1792 * @param string|int $action the current action. 1793 * 1792 1794 * @return float Float value rounded up to the next highest integer. 1793 1795 */ 1794 function wp_nonce_tick() { 1795 /** 1796 * Filter the lifespan of nonces in seconds. 1797 * 1798 * @since 2.5.0 1799 * 1800 * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day. 1801 */ 1802 $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS ); 1796 function wp_nonce_tick( $action = -1 ) { 1797 /** 1798 * Filter the lifespan of nonces in seconds. 1799 * 1800 * @since 2.5.0 1801 * 1802 * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day. 1803 * @param string|int $action The current nonce. 1804 */ 1805 $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS, $action ); 1803 1806 1804 return ceil(time() / ( $nonce_life / 2 ));1807 return ceil( time() / ( $nonce_life / 2 ) ); 1805 1808 } 1806 1809 endif; 1807 1810 … … 1840 1843 } 1841 1844 1842 1845 $token = wp_get_session_token(); 1843 $i = wp_nonce_tick( );1846 $i = wp_nonce_tick( $action ); 1844 1847 1845 1848 // Nonce generated 0-12 hours ago 1846 1849 $expected = substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10 ); … … 1891 1894 } 1892 1895 1893 1896 $token = wp_get_session_token(); 1894 $i = wp_nonce_tick( );1897 $i = wp_nonce_tick( $action ); 1895 1898 1896 1899 return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 ); 1897 1900 }