Make WordPress Core

Opened 15 years ago

Closed 9 years ago

#9873 closed defect (bug) (wontfix)

enforce a consistent home and siteurl www. pref

Reported by: denis-de-bernardy's profile Denis-de-Bernardy Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.8
Component: Users Keywords: has-patch
Focuses: Cc:

Description

Seen on a few sites. home and siteurl with inconsistent www prefs prevents the admin user's cookie from getting picked up properly, upon logging in.

code I currently use to prevent the issue is this:

add_action('login_head', 'fix_www_pref');

function fix_www_pref() {
	$home_url = get_option('home');
	$site_url = get_option('siteurl');
		
	$home_www = strpos($home_url, '://www.') !== false;
	$site_www = strpos($site_url, '://www.') !== false;
		
	if ( $home_www != $site_www ) {
		if ( $home_www )
			$site_url = str_replace('://', '://www.', $site_url);
		else
			$site_url = str_replace('://www.', '://', $site_url);
		update_option('site_url', $site_url);
	}
} # fix_www_pref()

there's probably a better way and a better location for this.

Attachments (2)

options.php.diff (1.4 KB) - added by norcross 12 years ago.
catch $_POST values for urls and check / replace if needed
9873.patch (754 bytes) - added by johnpbloch 11 years ago.
Explicit COOKIE_DOMAIN for www inconsistency

Download all attachments as: .zip

Change History (17)

#1 @Denis-de-Bernardy
15 years ago

  • Milestone changed from 2.8 to Future Release

punting pending patch

#2 @Denis-de-Bernardy
15 years ago

see also #10095 (closed issue), which highlights a side-effect

#3 @Denis-de-Bernardy
15 years ago

see also #10447 for more potential side effects

#4 @hakre
15 years ago

Related: #10970

#5 @scribu
14 years ago

Related: #11945

#6 @mikeschinkel
14 years ago

  • Cc mikeschinkel@… added

#7 @nacin
12 years ago

Closed #20430 as a duplicate.

#8 @SergeyBiryukov
12 years ago

Crops up on support forums once in a while.

@norcross
12 years ago

catch $_POST values for urls and check / replace if needed

#9 @norcross
12 years ago

  • Cc andrew@… added
  • Keywords has-patch added
  • Type changed from enhancement to defect (bug)
  • Version changed from 2.8 to 3.4

#10 @helenyhou
12 years ago

  • Version changed from 3.4 to 2.8

Version number indicates when the bug was initially introduced/reported.

#11 @Ipstenu
12 years ago

  • Cc ipstenu@… added

@johnpbloch
11 years ago

Explicit COOKIE_DOMAIN for www inconsistency

#12 @johnpbloch
11 years ago

  • Cc johnpbloch@… added

It seems to me that overriding a user's chosen preference in the options table is the wrong way to fix this bug. Since the problem is that it causes inconsistencies in cookie behavior, it makes more sense to me to fix this issue by forcing a value for COOKIE_DOMAIN if a www. inconsistency is detected.

This ticket was mentioned in IRC in #wordpress-dev by ipstenu. View the logs.


10 years ago

#14 @chriscct7
9 years ago

  • Keywords dev-feedback added

#15 @johnbillion
9 years ago

  • Keywords dev-feedback removed
  • Milestone Future Release deleted
  • Resolution set to wontfix
  • Status changed from new to closed

I struggle to believe that this is such a common occurrence that core needs to handle this.

In addition, both of the proposed solutions will break sites which use a different domain name for home and siteurl (eg. www.example.com and admin.example.com).

Feel free to re-open if there's a common situation which leads to this that I'm not accounting for, and/or if someone wants to write a comprehensive patch with unit tests.

Note: See TracTickets for help on using tickets.