Make WordPress Core

Changeset 19728 for trunk/wp-pass.php


Ignore:
Timestamp:
01/11/2012 04:42:42 PM (13 years ago)
Author:
ryan
Message:

Hash post password in cookies. fixes #19797

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-pass.php

    r19712 r19728  
    88
    99/** Make sure that the WordPress bootstrap has run before continuing. */
    10 require( dirname(__FILE__) . '/wp-load.php');
     10require( dirname( __FILE__ ) . '/wp-load.php');
     11
     12if ( empty( $wp_hasher ) ) {
     13    require_once( ABSPATH . 'wp-includes/class-phpass.php');
     14    // By default, use the portable hash from phpass
     15    $wp_hasher = new PasswordHash(8, true);
     16}
    1117
    1218// 10 days
    13 setcookie('wp-postpass_' . COOKIEHASH, stripslashes( $_POST['post_password'] ), time() + 864000, COOKIEPATH);
     19setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 864000, COOKIEPATH );
    1420
    15 wp_safe_redirect(wp_get_referer());
     21wp_safe_redirect( wp_get_referer() );
    1622exit;
Note: See TracChangeset for help on using the changeset viewer.