[wp-trac] Re: [WordPress Trac] #2977: Username/Nickname with spaces
cannot delete it's own posts or comments
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 26 13:52:50 GMT 2006
#2977: Username/Nickname with spaces cannot delete it's own posts or comments
----------------------------+-----------------------------------------------
Reporter: hgfischer | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.0.4
Component: Administration | Version: 2.0.3
Severity: major | Resolution:
Keywords: |
----------------------------+-----------------------------------------------
Comment (by hgfischer):
I found the source of the problem. It's in the WordPress AJAX code. Spaces
are encoded as "+" by the browser so WP cannot found "foo+bar" and
authenticate them. I don't know if it is some other place to fix this but
I solved my problem adding "urldecode" calls to the "wp-includes
/pluggable-functions.php" check_ajax_referer function:
if ( !function_exists('check_ajax_referer') ) :
function check_ajax_referer() {
$cookie = explode('; ', urldecode(empty($_POST['cookie']) ?
$_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass
cookie=document.cookie
foreach ( $cookie as $tasty ) {
if ( false !== strpos($tasty, USER_COOKIE) )
$user = urldecode(substr(strstr($tasty, '='), 1));
if ( false !== strpos($tasty, PASS_COOKIE) )
$pass = urldecode(substr(strstr($tasty, '='), 1));
}
if ( wp_login( $user, $pass, true ) )
return true;
return false;
}
endif;
--
Ticket URL: <http://trac.wordpress.org/ticket/2977>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list