|
<?php |
|
|
|
function sav_encrypt_cookie( $decrypted ) { |
|
$encrypted = mcrypt_encrypt( MCRYPT_RIJNDAEL_256, substr( AUTH_SALT, 0, 32 ), $decrypted, MCRYPT_MODE_ECB, mcrypt_create_iv( mcrypt_get_iv_size( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB ), MCRYPT_RAND ) ); |
|
return trim( base64_encode( $encrypted ) ); |
|
} |
|
|
|
function sav_decrypt_cookie( $encrypted ) { |
|
$decrypted = mcrypt_decrypt( MCRYPT_RIJNDAEL_256, substr( AUTH_SALT, 0, 32 ), base64_decode( $encrypted ), MCRYPT_MODE_ECB, mcrypt_create_iv( mcrypt_get_iv_size( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB ), MCRYPT_RAND ) ); |
|
return trim( $decrypted ); |
|
} |
|
|
|
if ( !function_exists( 'wp_generate_auth_cookie' ) ) : |
|
/** |
|
* Generate authentication cookie contents. |
|
* |
|
* @since 2.5 |
|
* @uses apply_filters() Calls 'auth_cookie' hook on $cookie contents, User ID |
|
* and expiration of cookie. |
|
* |
|
* @param int $user_id User ID |
|
* @param int $expiration Cookie expiration in seconds |
|
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in |
|
* @return string Authentication cookie contents |
|
*/ |
|
function wp_generate_auth_cookie( $user_id, $expiration, $scheme = 'auth' ) { |
|
$user = get_userdata( $user_id ); |
|
|
|
$pass_frag = substr( $user->user_pass, 8, 4 ); |
|
|
|
$key = wp_hash( $user->user_login . $pass_frag . '|' . $expiration, $scheme ); |
|
$hash = hash_hmac( 'md5', $user->user_login . '|' . $expiration, $key ); |
|
|
|
$cookie = $user->user_login . '|' . $expiration . '|' . $hash; |
|
|
|
$cookie = sav_encrypt_cookie( $cookie ); |
|
|
|
return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme ); |
|
} |
|
endif; |
|
|
|
if ( !function_exists( 'wp_parse_auth_cookie' ) ) : |
|
/** |
|
* Parse a cookie into its components |
|
* |
|
* @since 2.7 |
|
* |
|
* @param string $cookie |
|
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in |
|
* @return array Authentication cookie components |
|
*/ |
|
function wp_parse_auth_cookie( $cookie = '', $scheme = '' ) { |
|
if ( empty( $cookie ) ) { |
|
switch ( $scheme ) { |
|
case 'auth': |
|
$cookie_name = AUTH_COOKIE; |
|
break; |
|
case 'secure_auth': |
|
$cookie_name = SECURE_AUTH_COOKIE; |
|
break; |
|
case "logged_in": |
|
$cookie_name = LOGGED_IN_COOKIE; |
|
break; |
|
default: |
|
if ( is_ssl() ) { |
|
$cookie_name = SECURE_AUTH_COOKIE; |
|
$scheme = 'secure_auth'; |
|
} else { |
|
$cookie_name = AUTH_COOKIE; |
|
$scheme = 'auth'; |
|
} |
|
} |
|
|
|
if ( empty( $_COOKIE[$cookie_name] ) ) |
|
return false; |
|
$cookie = $_COOKIE[$cookie_name]; |
|
} |
|
|
|
$cookie = sav_decrypt_cookie( $cookie ); |
|
$cookie_elements = explode( '|', $cookie ); |
|
if ( count( $cookie_elements ) != 3 ) |
|
return false; |
|
|
|
list( $username, $expiration, $hmac ) = $cookie_elements; |
|
|
|
return compact( 'username', 'expiration', 'hmac', 'scheme' ); |
|
} |
|
endif; |