[wp-trac] [WordPress Trac] #27627: auth cookies lose their correct expiration date when changing password
WordPress Trac
noreply at wordpress.org
Sun Apr 6 15:44:59 UTC 2014
#27627: auth cookies lose their correct expiration date when changing password
------------------------------------+-----------------------------
Reporter: Denis-de-Bernardy | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Login and Registration | Version: 2.0
Severity: normal | Resolution:
Keywords: 2nd-opinion has-patch | Focuses: administration
------------------------------------+-----------------------------
Comment (by jesin):
I understood that the `auth_cookie_expiration` filter is required,
otherwise if the cookie lifetime was set to something more than **172800**
a "Remember Me" cookie would be created when one changes their password
!!!
However with this patch if the Non-Remember Me cookie's lifetime is set to
something more than that of Remember Me's this bug appears.
Code to do that:
{{{
add_filter( 'auth_cookie_expiration', 'change_cookie_expiration_insanely',
10, 3);
function change_cookie_expiration_insanely( $time, $user_id, $remember ) {
return ( $remember ? '3600' : '86400' );
}
}}}
But doing this achieves nothing other than modifying the Remember Me
cookie's expires parameter, because
[[https://core.trac.wordpress.org/browser/tags/3.8.1/src/wp-
includes/pluggable.php#L655|WordPress sets]] `$expire` to `0` if
`$remember` is `false`.
There is no other reliable way I could find for detecting if Remember Me
was checked at login.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27627#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list