WordPress.org

Make WordPress Core

Changeset 8811


Ignore:
Timestamp:
09/05/08 05:35:58 (7 years ago)
Author:
ryan
Message:

Don't append HTTPOnly if cookie domain is empty. see #7677

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/class-wp-filesystem-ftpext.php

    r8645 r8811  
    7373            $this->options['password'] = $opt['password']; 
    7474 
    75         $this->options['ssl'] = ( !empty($opt['ssl']) ); 
     75        $this->options['ssl'] = false; 
     76        if ( isset($opt['ssl']) ) 
     77            $this->options['ssl'] = ( !empty($opt['ssl']) ); 
     78        elseif ( isset( $opt['connection_type']) ) 
     79            $this->options['ssl'] = ( 'ftps' == $opt['connection_type'] ); 
    7680    } 
    7781 
  • trunk/wp-admin/includes/file.php

    r8718 r8811  
    449449    require_once(ABSPATH . 'wp-admin/includes/class-wp-filesystem-base.php'); 
    450450 
    451     $method = get_filesystem_method(); 
     451    $method = get_filesystem_method($args); 
    452452 
    453453    if ( ! $method ) 
     
    472472} 
    473473 
    474 function get_filesystem_method() { 
     474function get_filesystem_method($args = array()) { 
    475475    $method = false; 
    476476    if( function_exists('getmyuid') && function_exists('fileowner') ){ 
     
    481481    } 
    482482 
     483    if ( isset($args['connection_type']) && 'ssh' == $args['connection_type'] ) { 
     484        $method = 'SSH2'; 
     485        return apply_filters('filesystem_method', $method); 
     486    } 
     487 
    483488    if ( ! $method && extension_loaded('ftp') ) $method = 'ftpext'; 
    484489    if ( ! $method && ( extension_loaded('sockets') || function_exists('fsockopen') ) ) $method = 'ftpsockets'; //Sockets: Socket extension; PHP Mode: FSockopen / fwrite / fread 
     
    503508    $credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($_POST['username']) ? $_POST['username'] : $credentials['username']); 
    504509    $credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($_POST['password']) ? $_POST['password'] : $credentials['password']); 
    505     $credentials['ssl']      = defined('FTP_SSL')  ? FTP_SSL  : ( isset($_POST['ssl'])      ? $_POST['ssl']      : $credentials['ssl']); 
     510    if ( defined('FTP_SSH') || 'ssh' == $_POST['connection_type'] ) 
     511        $credentials['connection_type'] = 'ssh'; 
     512    else if ( defined('FTP_SSL') || 'ftps' == $_POST['connection_type'] ) 
     513        $credentials['connection_type'] = 'ftps'; 
     514    else 
     515        $credentials['connection_type'] = 'ftp'; 
    506516 
    507517    if ( ! $error && !empty($credentials['password']) && !empty($credentials['username']) && !empty($credentials['hostname']) ) { 
     
    517527    if ( !empty($credentials) ) 
    518528        extract($credentials, EXTR_OVERWRITE); 
    519     if( $error ) 
    520         echo '<div id="message" class="error"><p>' . __('<strong>Error:</strong> There was an error connecting to the server, Please verify the settings are correct.') . '</p></div>'; 
     529    if ( $error ) { 
     530        $error_string = __('<strong>Error:</strong> There was an error connecting to the server, Please verify the settings are correct.'); 
     531        if ( is_wp_error($error) ) 
     532            $error_string = $error->get_error_message(); 
     533        echo '<div id="message" class="error"><p>' . $error_string . '</p></div>'; 
     534    } 
    521535?> 
    522536<form action="<?php echo $form_post ?>" method="post"> 
     
    526540<table class="form-table"> 
    527541<tr valign="top"> 
    528 <th scope="row"><label for="hostname"><?php _e('Hostname:') ?></label></th> 
     542<th scope="row"><label for="hostname"><?php _e('Hostname') ?></label></th> 
    529543<td><input name="hostname" type="text" id="hostname" value="<?php echo attribute_escape($hostname) ?>"<?php if( defined('FTP_HOST') ) echo ' disabled="disabled"' ?> size="40" /></td> 
    530544</tr> 
    531545<tr valign="top"> 
    532 <th scope="row"><label for="username"><?php _e('Username:') ?></label></th> 
     546<th scope="row"><label for="username"><?php _e('Username') ?></label></th> 
    533547<td><input name="username" type="text" id="username" value="<?php echo attribute_escape($username) ?>"<?php if( defined('FTP_USER') ) echo ' disabled="disabled"' ?> size="40" /></td> 
    534548</tr> 
    535549<tr valign="top"> 
    536 <th scope="row"><label for="password"><?php _e('Password:') ?></label></th> 
     550<th scope="row"><label for="password"><?php _e('Password') ?></label></th> 
    537551<td><input name="password" type="password" id="password" value=""<?php if( defined('FTP_PASS') ) echo ' disabled="disabled"' ?> size="40" /><?php if( defined('FTP_PASS') && !empty($password) ) echo '<em>'.__('(Password not shown)').'</em>'; ?></td> 
    538552</tr> 
    539553<tr valign="top"> 
    540 <th scope="row"><label for="ssl"><?php _e('Use SSL:') ?></label></th> 
     554<th scope="row"><?php _e('Connection Type') ?></th> 
    541555<td> 
    542 <select name="ssl" id="ssl"<?php if( defined('FTP_SSL') ) echo ' disabled="disabled"' ?>> 
    543 <?php 
    544 foreach ( array(0 => __('No'), 1 => __('Yes')) as $key => $value ) : 
    545     $selected = ($ssl == $value) ? 'selected="selected"' : ''; 
    546     echo "\n\t<option value='$key' $selected>" . $value . '</option>'; 
    547 endforeach; 
    548 ?> 
    549 </select> 
     556<fieldset><legend class="hidden"><?php _e('Connection Type') ?> </legend> 
     557<p><label><input name="connection_type"  type="radio" value="ftp" <?php checked('ftp', $connection_type); ?>    /> <?php _e('FTP') ?></label><br /> 
     558<label><input name="connection_type" type="radio" value="ftps" <?php checked('ftps', $connection_type); ?> /> <?php _e('FTPS (SSL)') ?></label><br /> 
     559<label><input name="connection_type" type="radio" value="ssh" <?php checked('ssh', $connection_type); ?> /> <?php _e('SSH') ?></label></p> 
     560</fieldset> 
    550561</td> 
    551562</tr> 
  • trunk/wp-admin/update.php

    r8656 r8811  
    2828 
    2929    if ( ! WP_Filesystem($credentials) ) { 
    30         request_filesystem_credentials($url, '', true); //Failed to connect, Error and request again 
     30        $error = true; 
     31        if ( is_object($wp_filesystem) && $wp_filesystem->errors->get_error_code() ) 
     32            $error = $wp_filesystem->errors; 
     33        request_filesystem_credentials($url, '', $error); //Failed to connect, Error and request again 
    3134        return; 
    3235    } 
  • trunk/wp-includes/pluggable.php

    r8810 r8811  
    635635    do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in'); 
    636636 
    637     global $is_safari; 
    638     // No HTTPOnly for Safari 
    639     if ( $is_safari ) { 
    640         setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure); 
    641         setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure); 
    642         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN); 
    643         if ( COOKIEPATH != SITECOOKIEPATH ) 
    644             setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN); 
    645         return; 
    646     } 
    647  
    648637    // Set httponly if the php version is >= 5.2.0 
    649638    if ( version_compare(phpversion(), '5.2.0', 'ge') ) { 
     
    654643            setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true); 
    655644    } else { 
    656         setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure); 
    657         setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure); 
    658         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN . '; HttpOnly'); 
     645        $cookie_domain = COOKIE_DOMAIN; 
     646        if ( !empty($cookie_domain) ) 
     647            $cookie_domain .= '; HttpOnly'; 
     648        setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure); 
     649        setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure); 
     650        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain); 
    659651        if ( COOKIEPATH != SITECOOKIEPATH ) 
    660             setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN . '; HttpOnly');   
     652            setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain);     
    661653    } 
    662654} 
Note: See TracChangeset for help on using the changeset viewer.