WordPress.org

Make WordPress Core

Changeset 40580


Ignore:
Timestamp:
05/07/17 16:53:51 (8 months ago)
Author:
johnbillion
Message:

Users: Clear the user settings cookies when clearing auth cookies.

This prevents lingering cookies when logging out and when switching between user accounts.

Props soulseekah, shanee
Fixes #32567

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r40387 r40580  
    939939    } 
    940940 
     941    // Auth cookies 
    941942    setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN ); 
    942943    setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN ); 
     
    945946    setcookie( LOGGED_IN_COOKIE,   ' ', time() - YEAR_IN_SECONDS, COOKIEPATH,          COOKIE_DOMAIN ); 
    946947    setcookie( LOGGED_IN_COOKIE,   ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH,      COOKIE_DOMAIN ); 
     948 
     949    // Settings cookies 
     950    setcookie( 'wp-settings-' . get_current_user_id(),      ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH ); 
     951    setcookie( 'wp-settings-time-' . get_current_user_id(), ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH ); 
    947952 
    948953    // Old cookies 
Note: See TracChangeset for help on using the changeset viewer.