本文整理汇总了PHP中wp_parse_auth_cookie函数的典型用法代码示例。如果您正苦于以下问题:PHP wp_parse_auth_cookie函数的具体用法?PHP wp_parse_auth_cookie怎么用?PHP wp_parse_auth_cookie使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了wp_parse_auth_cookie函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: remember
/**
* Return whether or not the current logged in user is being remembered in the form of a persistent browser
* cookie (ie. they checked the 'Remember Me' check box when they logged in). This is used to persist the
* 'remember me' value when the user switches to another user.
*
* @return bool Whether the current user is being 'remembered' or not.
*/
function remember()
{
$current_user = wp_get_current_user();
$current = wp_parse_auth_cookie('', 'logged_in');
$cookie_life = apply_filters('auth_cookie_expiration', 172800, $current_user->ID, false);
return $current['expiration'] - time() > $cookie_life;
}
开发者ID:sp1ke77,项目名称:unilevel-mlm-pro,代码行数:14,代码来源:user-switching.php
示例2: wppb_autologin_after_password_changed
function wppb_autologin_after_password_changed()
{
if (isset($_POST['action']) && $_POST['action'] == 'edit_profile') {
if (isset($_POST['passw1']) && !empty($_POST['passw1']) && !empty($_POST['form_name'])) {
/* all the error checking filters are defined in each field file so we need them here */
if (file_exists(WPPB_PLUGIN_DIR . '/front-end/default-fields/default-fields.php')) {
require_once WPPB_PLUGIN_DIR . '/front-end/default-fields/default-fields.php';
}
if (file_exists(WPPB_PLUGIN_DIR . '/front-end/extra-fields/extra-fields.php')) {
require_once WPPB_PLUGIN_DIR . '/front-end/extra-fields/extra-fields.php';
}
/* we get the form_name through $_POST so we can apply correctly the filter so we generate the correct fields in the current form */
$form_fields = apply_filters('wppb_change_form_fields', get_option('wppb_manage_fields'), array('form_type' => 'edit_profile', 'form_fields' => array(), 'form_name' => $_POST['form_name'], 'role' => '', 'ID' => Profile_Builder_Form_Creator::wppb_get_form_id_from_form_name($_POST['form_name'], 'edit_profile')));
if (!empty($form_fields)) {
/* check for errors in the form through the filters */
$output_field_errors = array();
foreach ($form_fields as $field) {
$error_for_field = apply_filters('wppb_check_form_field_' . Wordpress_Creation_Kit_PB::wck_generate_slug($field['field']), '', $field, $_POST, 'edit_profile');
if (!empty($error_for_field)) {
$output_field_errors[$field['id']] = '<span class="wppb-form-error">' . $error_for_field . '</span>';
}
}
/* if we have no errors change the password */
if (empty($output_field_errors)) {
$user_id = get_current_user_id();
if (!is_multisite() && current_user_can('edit_users') || is_multisite() && current_user_can('manage_network')) {
if (isset($_GET['edit_user']) && !empty($_GET['edit_user'])) {
$user_id = $_GET['edit_user'];
}
}
if (!isset($_GET['edit_user'])) {
wp_clear_auth_cookie();
/* set the new password for the user */
wp_set_password($_POST['passw1'], $user_id);
// Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
// If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
$logged_in_cookie = wp_parse_auth_cookie('', 'logged_in');
/** This filter is documented in wp-includes/pluggable.php */
$default_cookie_life = apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, false);
$remember = $logged_in_cookie['expiration'] - time() > $default_cookie_life;
wp_set_auth_cookie($user_id, $remember);
} else {
wp_set_password($_POST['passw1'], $user_id);
}
}
}
}
}
}
开发者ID:aaronfrey,项目名称:PepperLillie-TAT,代码行数:49,代码来源:edit-profile.php
示例3: remember
/**
* Return whether or not the current logged in user is being remembered in the form of a persistent browser cookie
* (ie. they checked the 'Remember Me' check box when they logged in). This is used to persist the 'remember me'
* value when the user switches to another user.
*
* @return bool Whether the current user is being 'remembered' or not.
*/
public static function remember()
{
$current = wp_parse_auth_cookie('', 'logged_in');
$cookie_life = apply_filters('auth_cookie_expiration', 172800, get_current_user_id(), false);
# Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
# If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
return $current['expiration'] - time() > $cookie_life;
}
开发者ID:nobu222,项目名称:Wordpress1DayTraning,代码行数:15,代码来源:user-switching.php
示例4: wp_validate_auth_cookie
function wp_validate_auth_cookie($cookie = '', $scheme = 'auth')
{
//here starts the part that is new -- get cookie value from request, model taken from media.php
global $photoq;
if (is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) {
$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
} elseif (empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) {
$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
}
//here ends the part that is new -- the rest is copy paste from pluggable.php
//this is for wordpress 2.7 or 2.7.1
if (get_bloginfo('version') === '2.7' || get_bloginfo('version') === '2.7.1') {
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += 3600;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
$key = wp_hash($username . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if ($hmac != $hash) {
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
$user = get_userdatabylogin($username);
if (!$user) {
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
} else {
// this replaces the above in wp 2.8
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += 3600;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
$user = get_userdatabylogin($username);
if (!$user) {
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if ($hmac != $hash) {
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
}
}
开发者ID:alx,项目名称:amandineleconte.fr,代码行数:73,代码来源:whoismanu-photoq.php
示例5: get_user_id
/**
* Returns the current user ID.
* This function can be called before the init action hook.
*
* Much of this logic is taken from wp-includes/pluggable.php
*
* @since 1.0.0
* @internal
* @return int|false
*/
public static function get_user_id()
{
static $User_id = false;
if ($User_id) {
// We already found the user-id, no need to do it again.
return $User_id;
}
if (defined('DOING_CRON') && DOING_CRON) {
// A cron request has no user credentials...
return 0;
}
$cookie = wp_parse_auth_cookie();
if (!$cookie) {
// Missing, expired or corrupt cookie.
return 0;
}
$scheme = $cookie['scheme'];
$username = $cookie['username'];
$hmac = $cookie['hmac'];
$token = $cookie['token'];
$expiration = $cookie['expiration'];
$user = get_user_by('login', $username);
if (!$user) {
// Invalid username.
return 0;
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme);
$algo = function_exists('hash') ? 'sha256' : 'sha1';
$hash = hash_hmac($algo, $username . '|' . $expiration . '|' . $token, $key);
if (!hash_equals($hash, $hmac)) {
// Forged/expired cookie value.
return 0;
}
// Remember the user-ID so we don't have to validate everything again.
$User_id = $user->ID;
return $User_id;
}
开发者ID:nayabbukhari,项目名称:circulocristiano,代码行数:48,代码来源:class-ms-model-member.php
示例6: wp_validate_auth_cookie
/**
* Validates authentication cookie.
*
* The checks include making sure that the authentication cookie is set and
* pulling in the contents (if $cookie is not used).
*
* Makes sure the cookie is not expired. Verifies the hash in cookie is what is
* should be and compares the two.
*
* @since 2.5.0
*
* @param string $cookie Optional. If used, will validate contents instead of cookie's
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return bool|int False if invalid cookie, User ID if valid.
*/
function wp_validate_auth_cookie($cookie = '', $scheme = '') {
if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) {
/**
* Fires if an authentication cookie is malformed.
*
* @since 2.7.0
*
* @param string $cookie Malformed auth cookie.
* @param string $scheme Authentication scheme. Values include 'auth', 'secure_auth',
* or 'logged_in'.
*/
do_action( 'auth_cookie_malformed', $cookie, $scheme );
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] )
$expired += HOUR_IN_SECONDS;
// Quick check to see if an honest cookie has expired
if ( $expired < time() ) {
/**
* Fires once an authentication cookie has expired.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action( 'auth_cookie_expired', $cookie_elements );
return false;
}
$user = get_user_by('login', $username);
if ( ! $user ) {
/**
* Fires if a bad username is entered in the user authentication process.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action( 'auth_cookie_bad_username', $cookie_elements );
return false;
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if ( ! hash_equals( $hash, $hmac ) ) {
/**
* Fires if a bad authentication cookie hash is encountered.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action( 'auth_cookie_bad_hash', $cookie_elements );
return false;
}
if ( $expiration < time() ) // AJAX/POST grace period set above
$GLOBALS['login_grace_period'] = 1;
/**
* Fires once an authentication cookie has been validated.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
* @param WP_User $user User object.
*/
do_action( 'auth_cookie_valid', $cookie_elements, $user );
return $user->ID;
}
开发者ID:staylor,项目名称:develop.svn.wordpress.org,代码行数:96,代码来源:pluggable.php
示例7: lls_update_session_last_activity
function lls_update_session_last_activity()
{
if (!is_user_logged_in()) {
return;
}
// get the login cookie from browser
$logged_in_cookie = $_COOKIE[LOGGED_IN_COOKIE];
// check for valid auth cookie
if (!($cookie_element = wp_parse_auth_cookie($logged_in_cookie))) {
return;
}
// get the current session
$manager = WP_Session_Tokens::get_instance(get_current_user_id());
$current_session = $manager->get($cookie_element['token']);
if ($current_session['expiration'] <= time() || $current_session['last_activity'] + 5 * MINUTE_IN_SECONDS > time()) {
return;
}
$current_session['last_activity'] = time();
$manager->update($cookie_element['token'], $current_session);
}
开发者ID:prionkor,项目名称:limit-login-sessions,代码行数:20,代码来源:limit-login-sessions.php
示例8: wp_validate_auth_cookie
/**
* Validates authentication cookie.
*
* The checks include making sure that the authentication cookie is set and
* pulling in the contents (if $cookie is not used).
*
* Makes sure the cookie is not expired. Verifies the hash in cookie is what is
* should be and compares the two.
*
* @since 2.5.0
*
* @param string $cookie Optional. If used, will validate contents instead of cookie's
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return bool|int False if invalid cookie, User ID if valid.
*/
function wp_validate_auth_cookie($cookie = '', $scheme = '')
{
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
/**
* Fires if an authentication cookie is malformed.
*
* @since 2.7.0
*
* @param string $cookie Malformed auth cookie.
* @param string $scheme Authentication scheme. Values include 'auth', 'secure_auth',
* or 'logged_in'.
*/
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
$scheme = $cookie_elements['scheme'];
$username = $cookie_elements['username'];
$hmac = $cookie_elements['hmac'];
$token = $cookie_elements['token'];
$expired = $expiration = $cookie_elements['expiration'];
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += HOUR_IN_SECONDS;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
/**
* Fires once an authentication cookie has expired.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
$user = get_user_by('login', $username);
if (!$user) {
/**
* Fires if a bad username is entered in the user authentication process.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme);
// If ext/hash is not present, compat.php's hash_hmac() does not support sha256.
$algo = function_exists('hash') ? 'sha256' : 'sha1';
$hash = hash_hmac($algo, $username . '|' . $expiration . '|' . $token, $key);
if (!hash_equals($hash, $hmac)) {
/**
* Fires if a bad authentication cookie hash is encountered.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
*/
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
$manager = WP_Session_Tokens::get_instance($user->ID);
if (!$manager->verify($token)) {
do_action('auth_cookie_bad_session_token', $cookie_elements);
return false;
}
// AJAX/POST grace period set above
if ($expiration < time()) {
$GLOBALS['login_grace_period'] = 1;
}
/**
* Fires once an authentication cookie has been validated.
*
* @since 2.7.0
*
* @param array $cookie_elements An array of data for the authentication cookie.
* @param WP_User $user User object.
*/
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
}
开发者ID:cybKIRA,项目名称:roverlink-updated,代码行数:99,代码来源:pluggable.php
示例9: wp_validate_auth_cookie
/**
* Validates authentication cookie.
*
* The checks include making sure that the authentication cookie is set and
* pulling in the contents (if $cookie is not used).
*
* Makes sure the cookie is not expired. Verifies the hash in cookie is what is
* should be and compares the two.
*
* @since 2.5
*
* @param string $cookie Optional. If used, will validate contents instead of cookie's
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return bool|int False if invalid cookie, User ID if valid.
*/
function wp_validate_auth_cookie($cookie = '', $scheme = '')
{
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += HOUR_IN_SECONDS;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
$user = get_user_by('login', $username);
if (!$user) {
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if (!hash_equals($hash, $hmac)) {
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
if ($expiration < time()) {
// AJAX/POST grace period set above
$GLOBALS['login_grace_period'] = 1;
}
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
}
开发者ID:souljatechie,项目名称:Web-Dev,代码行数:51,代码来源:pluggable.php
示例10: _isUserRemembered
private static function _isUserRemembered($user)
{
$logged_in_cookie = wp_parse_auth_cookie('', 'logged_in');
$default_cookie_life = apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, RublonHelper::getUserId($user), false);
$remember = $logged_in_cookie['expiration'] - time() > $default_cookie_life;
return $remember;
}
开发者ID:khanhnd91,项目名称:khaosan,代码行数:7,代码来源:rublon2factor_cookies.php
示例11: wp_set_auth_cookie
/** 4.0 and higher version - NOTE: I need a better way to do this.
* Sets the authentication cookies based on user ID.
*
* The $remember parameter increases the time that the cookie will be kept. The
* default the cookie is kept without remembering is two days. When $remember is
* set, the cookies will be kept for 14 days or two weeks.
*
* @since 2.5.0
*
* @param int $user_id User ID
* @param bool $remember Whether to remember the user
* @param mixed $secure Whether the admin cookies should only be sent over HTTPS.
* Default is_ssl().
*/
function wp_set_auth_cookie($user_id, $remember = false, $secure = '')
{
if ($remember) {
/**
* Filter the duration of the authentication cookie expiration period.
*
* @since 2.8.0
*
* @param int $length Duration of the expiration period in seconds.
* @param int $user_id User ID.
* @param bool $remember Whether to remember the user login. Default false.
*/
$expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember);
/*
* Ensure the browser will continue to send the cookie after the expiration time is reached.
* Needed for the login grace period in wp_validate_auth_cookie().
*/
$expire = $expiration + 12 * HOUR_IN_SECONDS;
} else {
/** This filter is documented in wp-includes/pluggable.php */
$expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember);
$expire = 0;
}
$expire = apply_filters('auth_cookie_expire_time', $expire, $user_id, $remember, $expiration);
if ('' === $secure) {
$secure = is_ssl();
}
// Frontend cookie is secure when the auth cookie is secure and the site's home URL is forced HTTPS.
$secure_logged_in_cookie = $secure && 'https' === parse_url(get_option('home'), PHP_URL_SCHEME);
/**
* Filter whether the connection is secure.
*
* @since 3.1.0
*
* @param bool $secure Whether the connection is secure.
* @param int $user_id User ID.
*/
$secure = apply_filters('secure_auth_cookie', $secure, $user_id);
/**
* Filter whether to use a secure cookie when logged-in.
*
* @since 3.1.0
*
* @param bool $secure_logged_in_cookie Whether to use a secure cookie when logged-in.
* @param int $user_id User ID.
* @param bool $secure Whether the connection is secure.
*/
$secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', $secure_logged_in_cookie, $user_id, $secure);
if ($secure) {
$auth_cookie_name = SECURE_AUTH_COOKIE;
$scheme = 'secure_auth';
} else {
$auth_cookie_name = AUTH_COOKIE;
$scheme = 'auth';
}
$manager = WP_Session_Tokens::get_instance($user_id);
$current_cookie = wp_parse_auth_cookie('', 'logged_in');
if (!$current_cookie || !isset($current_cookie['token'])) {
$token = $manager->create($expiration);
} else {
$token = $current_cookie['token'];
$sess = $manager->get($token);
$sess['expiration'] = $expiration;
$manager->update($token, $sess);
}
$auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme, $token);
$logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in', $token);
/**
* Fires immediately before the authentication cookie is set.
*
* @since 2.5.0
*
* @param string $auth_cookie Authentication cookie.
* @param int $expire Login grace period in seconds. Default 43,200 seconds, or 12 hours.
* @param int $expiration Duration in seconds the authentication cookie should be valid.
* Default 1,209,600 seconds, or 14 days.
* @param int $user_id User ID.
* @param string $scheme Authentication scheme. Values include 'auth', 'secure_auth', or 'logged_in'.
*/
do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme);
/**
* Fires immediately before the secure authentication cookie is set.
*
* @since 2.6.0
*
* @param string $logged_in_cookie The logged-in cookie.
//.........这里部分代码省略.........
开发者ID:Jayriq,项目名称:opentickets-community,代码行数:101,代码来源:opentickets.php
示例12: get_user_session
/**
* Calculates the user ID and Session Token to be used when calculating the Cache Key
* @return string
*/
function get_user_session()
{
if (!is_user_logged_in()) {
return '';
}
/**
* @see wp_get_session_token()
*/
$cookie = wp_parse_auth_cookie('', 'logged_in');
$token = !empty($cookie['token']) ? $cookie['token'] : '';
return get_current_user_id() . '_' . $token;
}
开发者ID:hansstam,项目名称:makerfaire,代码行数:16,代码来源:class-datatables-data.php
示例13: wp_validate_auth_cookie
function wp_validate_auth_cookie($cookie = '', $scheme = '')
{
if (OPENSSO_ENABLED) {
// Quick hack to get round the fact that '+' often gets decoded to ' '
$ssotoken = str_replace(' ', '+', $_COOKIE[OPENSSO_COOKIE_NAME]);
// Is there an SSO token?
if (empty($ssotoken)) {
return false;
}
// Is the token valid?
switch (opensso_is_token_valid($ssotoken)) {
case 0:
// Session expired
return false;
case -1:
// Error validating token
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
$username = opensso_get_name($ssotoken);
} else {
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += 3600;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
}
$user = get_userdatabylogin($username);
if (!$user) {
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
if (!OPENSSO_ENABLED) {
$pass_frag = substr($user->user_pass, 8, 4);
$key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if ($hmac != $hash) {
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
}
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
}
开发者ID:GajendraNaidu,项目名称:openam,代码行数:54,代码来源:opensso.php
示例14: remember
/**
* Return whether or not the current logged in user is being remembered in the form of a persistent browser cookie
* (ie. they checked the 'Remember Me' check box when they logged in). This is used to persist the 'remember me'
* value when the user switches to another user.
*
* @return bool Whether the current user is being 'remembered' or not.
*/
public static function remember()
{
/**
* Filter the duration of the authentication cookie expiration period.
*
* This matches the WordPress core filter in `wp_set_auth_cookie()`.
*
* @since 0.2.2
*
* @param int $length Duration of the expiration period in seconds.
* @param int $user_id User ID.
* @param bool $remember Whether to remember the user login. Default false.
*/
$cookie_life = apply_filters('auth_cookie_expiration', 172800, get_current_user_id(), false);
$current = wp_parse_auth_cookie('', 'logged_in');
# Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
# If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
return $current['expiration'] - time() > $cookie_life;
}
开发者ID:fia3876,项目名称:iqmas-portal,代码行数:26,代码来源:user-switching.php
示例15: explode
}
}
if (empty($_COOKIE[$cookie_name])) {
return false;
}
$cookie = $_COOKIE[$cookie_name];
}
$cookie_elements = explode('|', $cookie);
if (count($cookie_elements) != 3) {
return false;
}
list($username, $expiration, $hmac) = $cookie_elements;
return compact('username', 'expiration', 'hmac', 'scheme');
}
}
if ($cookie_elements = wp_parse_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in')) {
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += HOUR_IN_SECONDS;
}
// Quick check to see if an honest cookie has expired
if ($expired >= time()) {
$CI_USER = get_user_by('login', $username);
}
}
$ci_path = get_option('wp_igniter_ci_path');
$cwd = getcwd();
$errmsg = '';
// always force CodeIgniter to load it's default controller,
开发者ID:sevir,项目名称:toffy-lite,代码行数:31,代码来源:wp_igniter.php
示例16: wp_validate_auth_cookie
/**
* Validates authentication cookie.
*
* The checks include making sure that the authentication cookie is set and
* pulling in the contents (if $cookie is not used).
*
* Makes sure the cookie is not expired. Verifies the hash in cookie is what is
* should be and compares the two.
*
* @since 2.5
*
* @param string $cookie Optional. If used, will validate contents instead of cookie's
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return bool|int False if invalid cookie, User ID if valid.
*/
function wp_validate_auth_cookie($cookie = '', $scheme = '')
{
if (!($cookie_elements = wp_parse_auth_cookie($cookie, $scheme))) {
do_action('auth_cookie_malformed', $cookie, $scheme);
return false;
}
extract($cookie_elements, EXTR_OVERWRITE);
$expired = $expiration;
// Allow a grace period for POST and AJAX requests
if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) {
$expired += 3600;
}
// Quick check to see if an honest cookie has expired
if ($expired < time()) {
do_action('auth_cookie_expired', $cookie_elements);
return false;
}
$key = wp_hash($username . '|' . $expiration, $scheme);
$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
if ($hmac != $hash) {
do_action('auth_cookie_bad_hash', $cookie_elements);
return false;
}
$user = get_userdatabylogin($username);
if (!$user) {
do_action('auth_cookie_bad_username', $cookie_elements);
return false;
}
do_action('auth_cookie_valid', $cookie_elements, $user);
return $user->ID;
}
开发者ID:blowery,项目名称:wordpress,代码行数:46,代码来源:pluggable.php
示例17: run
/**
* Run the plugin!
* Check current user, load nessesary data and register all used hooks
*
* @since 0.1
* @access private
* @return void
*/
private function run()
{
// Not needed, the delete_user actions already remove all metadata
//add_action( 'remove_user_from_blog', array( $this->store, 'delete_user_meta' ) );
//add_action( 'wpmu_delete_user', array( $this->store, 'delete_user_meta' ) );
//add_action( 'wp_delete_user', array( $this->store, 'delete_user_meta' ) );
if (is_user_logged_in()) {
$this->store->set_nonce('view-admin-as');
// Get the current user
$this->store->set_curUser(wp_get_current_user());
// Get the current user session
if (function_exists('wp_get_session_token')) {
// WP 4.0+
$this->store->set_curUserSession((string) wp_get_session_token());
} else {
$cookie = wp_parse_auth_cookie('', 'logged_in');
if (!empty($cookie['token'])) {
$this->store->set_curUserSession((string) $cookie['token']);
} else {
// Fallback. This disables the use of multiple views in different sessions
$this->store->set_curUserSession($this->store->get_curUser()->ID);
}
}
/**
* Validate if the current user has access to the functionalities
*
* @since 0.1 Check if the current user had administrator rights (is_super_admin)
* Disable plugin functions for nedwork admin pages
* @since 1.4 Make sure we have a session for the current user
* @since 1.5.1 If a user has the correct capability (view_admin_as + edit_users) this plugin is also enabled, use with care
* Note that in network installations the non-admin user also needs the manage_network_users capability (of not the edit_users will return false)
* @since 1.5.3 Enable on network pages for superior admins
*/
if ((is_super_admin($this->store->get_curUser()->ID) || current_user_can('view_admin_as') && current_user_can('edit_users')) && (!is_network_admin() || VAA_API::is_superior_admin($this->store->get_curUser()->ID)) && $this->store->get_curUserSession() != '') {
$this->enable = true;
}
// Get database settings
$this->store->set_optionData(get_option($this->store->get_optionKey()));
// Get database settings of the current user
$this->store->set_userMeta(get_user_meta($this->store->get_curUser()->ID, $this->store->get_userMetaKey(), true));
$this->load_modules();
// Check if a database update is needed
VAA_View_Admin_As_Update::get_instance($this)->maybe_db_update();
if ($this->is_enabled()) {
// Fix some compatibility issues, more to come!
VAA_View_Admin_As_Compat::get_instance($this)->init();
$this->store->store_caps();
$this->store->store_roles();
$this->store->store_users();
$this->view->init();
$this->load_ui();
// Dúh..
add_action('admin_enqueue_scripts', array($this, 'enqueue_scripts'));
add_action('wp_enqueue_scripts', array($this, 'enqueue_scripts'));
add_filter('wp_die_handler', array($this, 'die_handler'));
/**
* Init is finished. Hook is used for other classes related to View Admin As
* @since 1.5
* @param object $this VAA_View_Admin_As
*/
do_action('vaa_view_admin_as_init', $this);
} else {
// Extra security check for non-admins who did something naughty or we're demoted to a lesser role
// If they have settings etc. we'll keep them in case they get promoted again
add_action('wp_login', array($this, 'reset_all_views'), 10, 2);
}
}
}
开发者ID:JoryHogeveen,项目名称:view-admin-as,代码行数:76,代码来源:class-vaa.php
示例18: user_lang_by_authcookie
public function user_lang_by_authcookie()
{
$username = '';
if (function_exists('wp_parse_auth_cookie')) {
$cookie_data = wp_parse_auth_cookie();
$username = isset($cookie_data['username']) ? $cookie_data['username'] : null;
}
$user_obj = new WP_User(null, $username);
$user_id = isset($user_obj->ID) ? $user_obj->ID : 0;
$user_lang = $this->get_user_admin_language($user_id);
$user_lang = $user_lang ? $user_lang : $this->get_current_language();
return $user_lang;
}
开发者ID:tlandn,项目名称:akvo-sites-zz-template,代码行数:13,代码来源:sitepress.class.php
示例19: elseif
*/
// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
// We then have to validate the cookie manually. NOTE: WordPress functions, like
// get_current_user_id() and the like are NOT available in this file.
if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
if ( empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie']) )
$_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie'];
header('Content-Type: text/plain; charset=' . get_option('blog_charset'));
if (wp_validate_auth_cookie()) {
$results = wp_parse_auth_cookie();
$logged_in = FALSE;
if (isset($results['username']) && isset($results['expiration'])) {
if (time() < floatval($results['expiration'])) {
if (($userdata = get_userdatabylogin($results['username'])))
$logged_in = $userdata->ID;
}
}
if (!$logged_in) die("Login failure. -1");
else if (!user_can($logged_in, 'NextGEN Upload images')) {
die('You do not have permission to upload files. -2');
}
}
//check for nggallery
开发者ID:ramo01,项目名称:1kapp,代码行数:31,代码来源:upload.php
示例20: wp_get_session_token
|
客服电话
APP下载
官方微信
请发表评论