Make WordPress Core


Ignore:
Timestamp:
08/23/2013 09:26:58 PM (11 years ago)
Author:
azaozz
Message:

Logging in: when the Remember Me checkbox is checked, make sure the browser continues to send the expired cookies so the "login grace period" for POST and AJAX requests works. Fixes #24735.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r25105 r25107  
    650650function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
    651651    if ( $remember ) {
    652         $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember);
     652        $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember);
     653        // Ensure the browser will continue to send the cookie after the expiration time is reached.
     654        // Needed for the login grace period in wp_validate_auth_cookie().
     655        $expire = $expiration + ( 12 * HOUR_IN_SECONDS );
    653656    } else {
    654657        $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember);
Note: See TracChangeset for help on using the changeset viewer.