本文整理汇总了PHP中wp_validate_auth_cookie函数的典型用法代码示例。如果您正苦于以下问题:PHP wp_validate_auth_cookie函数的具体用法?PHP wp_validate_auth_cookie怎么用?PHP wp_validate_auth_cookie使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了wp_validate_auth_cookie函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: get_currentuserinfo
/**
* Populate global variables with information about the currently logged in user.
*
* Will set the current user, if the current user is not set. The current user
* will be set to the logged in person. If no user is logged in, then it will
* set the current user to 0, which is invalid and won't have any permissions.
*
* @since 0.71
* @uses $current_user Checks if the current user is set
* @uses wp_validate_auth_cookie() Retrieves current logged in user.
*
* @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
*/
function get_currentuserinfo()
{
global $current_user;
if (!empty($current_user)) {
if ($current_user instanceof WP_User) {
return;
}
// Upgrade stdClass to WP_User
if (is_object($current_user) && isset($current_user->ID)) {
$cur_id = $current_user->ID;
$current_user = null;
wp_set_current_user($cur_id);
return;
}
// $current_user has a junk value. Force to WP_User with ID 0.
$current_user = null;
wp_set_current_user(0);
return false;
}
if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) {
wp_set_current_user(0);
return false;
}
if (!($user = wp_validate_auth_cookie())) {
if (is_blog_admin() || is_network_admin() || empty($_COOKIE[LOGGED_IN_COOKIE]) || !($user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in'))) {
wp_set_current_user(0);
return false;
}
}
wp_set_current_user($user);
}示例2: verify_cookie
public static function verify_cookie($value)
{
if ($old_user_id = wp_validate_auth_cookie($value, 'logged_in')) {
return user_can($old_user_id, 'view_query_monitor');
}
return false;
}示例3: create_post
public function create_post()
{
global $json_api;
if (!$json_api->query->nonce) {
$json_api->error("You must include a 'nonce' value to create posts. Use the `get_nonce` Core API method.");
}
if (!$json_api->query->cookie) {
$json_api->error("You must include a 'cookie' authentication cookie. Use the `create_auth_cookie` Auth API method.");
}
$nonce_id = $json_api->get_nonce_id('posts', 'create_post');
if (!wp_verify_nonce($json_api->query->nonce, $nonce_id)) {
$json_api->error("Your 'nonce' value was incorrect. Use the 'get_nonce' API method.");
}
$user_id = wp_validate_auth_cookie($json_api->query->cookie, 'logged_in');
if (!$user_id) {
$json_api->error("Invalid authentication cookie. Use the `generate_auth_cookie` Auth API method.");
}
if (!user_can($user_id, 'edit_posts')) {
$json_api->error("You need to login with a user capable of creating posts.");
}
nocache_headers();
$post = new JSON_API_Post();
$id = $post->create($_REQUEST);
if (empty($id)) {
$json_api->error("Could not create post.");
}
return array('post' => $post);
}示例4: test_auth_cookie_scheme
function test_auth_cookie_scheme()
{
// arbitrary scheme name
$cookie = wp_generate_auth_cookie(self::$user_id, time() + 3600, 'foo');
$this->assertEquals(self::$user_id, wp_validate_auth_cookie($cookie, 'foo'));
// wrong scheme name - should fail
$cookie = wp_generate_auth_cookie(self::$user_id, time() + 3600, 'foo');
$this->assertEquals(false, wp_validate_auth_cookie($cookie, 'bar'));
}示例5: wp_signon
function wp_signon($credentials = '')
{
if (empty($credentials)) {
if (!empty($_POST['log'])) {
$credentials['user_login'] = $_POST['log'];
}
if (!empty($_POST['pwd'])) {
$credentials['user_password'] = $_POST['pwd'];
}
if (!empty($_POST['rememberme'])) {
$credentials['remember'] = $_POST['rememberme'];
}
}
if (!empty($credentials['user_login'])) {
$credentials['user_login'] = sanitize_user($credentials['user_login']);
}
if (!empty($credentials['user_password'])) {
$credentials['user_password'] = trim($credentials['user_password']);
}
if (!empty($credentials['remember'])) {
$credentials['remember'] = true;
} else {
$credentials['remember'] = false;
}
do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password']));
// If no credential info provided, check cookie.
if (empty($credentials['user_login']) && empty($credentials['user_password'])) {
$user = wp_validate_auth_cookie();
if ($user) {
return new WP_User($user);
}
if (!empty($_COOKIE[AUTH_COOKIE])) {
return new WP_Error('expired_session', __('Please log in again.'));
}
// If the cookie is not set, be silent.
return new WP_Error();
}
if (empty($credentials['user_login']) || empty($credentials['user_password'])) {
$error = new WP_Error();
if (empty($credentials['user_login'])) {
$error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
}
if (empty($credentials['user_password'])) {
$error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
}
return $error;
}
$user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
if (is_wp_error($user)) {
return $user;
}
wp_set_auth_cookie($user->ID, $credentials['remember']);
do_action('wp_login', $credentials['user_login']);
return $user;
}示例6: json_api_auth_checkAuthCookie
function json_api_auth_checkAuthCookie($sDefaultPath)
{
global $json_api;
if ($json_api->query->cookie) {
$user_id = wp_validate_auth_cookie($json_api->query->cookie, 'logged_in');
if ($user_id) {
$user = get_userdata($user_id);
wp_set_current_user($user->ID, $user->user_login);
}
}
}示例7: login
public function login(StatTracker $app)
{
$response = null;
if (wp_validate_auth_cookie('', 'logged_in')) {
if ($app['session']->get("agent") === null) {
$user = wp_get_current_user();
// Allow a plugin to grant/deny this user. See wiki for details
$user = apply_filters(ST_USER_AUTH_FILTER, $user);
if (!$user instanceof \WP_User) {
if (is_string($user)) {
$response = AuthResponse::registrationRequired($user);
} else {
$response = AuthResponse::registrationRequired("Access was denied. Please contact @" . ADMIN_AGENT);
}
$this->logger->info(sprintf("Registration required for %s", $email_address));
} else {
$agent = Agent::lookupAgentName($user->user_email);
if (!$agent->isValid()) {
$name = apply_filters(ST_AGENT_NAME_FILTER, $user->user_login);
$this->logger->info(sprintf("Adding new agent %s", $name));
$agent->name = $name;
// Insert them into the DB
$stmt = $app->db()->prepare("INSERT INTO Agent (email, agent) VALUES (?, ?) ON DUPLICATE KEY UPDATE agent = ?;");
$stmt->execute(array($user->user_email, $name, $name));
$stmt->closeCursor();
// Generate an API token
$this->generateAPIToken($agent);
$agent = Agent::lookupAgentName($user->user_email);
if (!$agent->isValid()) {
$this->logger->error(sprintf("%s still not a valid agent", $agent->name));
return AuthResponse::error("An unrecoverable error has occured");
}
}
$app['session']->set("agent", $agent);
$response = AuthResponse::okay($agent);
$this->logger->info(sprintf("%s authenticated successfully", $agent->name));
}
} else {
$agent = $app['session']->get("agent");
if (Agent::lookupAgentByToken($agent->getToken())->isValid()) {
$response = AuthResponse::okay($agent);
} else {
$this->logger->info(sprintf("Invalid token for %s. Logging out", $agent->name));
return $this->logout($app);
}
}
return $response;
} else {
$app['session']->set("agent", null);
$response = AuthResponse::authenticationRequired($this);
}
return $response;
}示例8: get_currentuserinfo
public function get_currentuserinfo()
{
global $json_api;
if (!$json_api->query->cookie) {
$json_api->error("You must include a 'cookie' var in your request. Use the `generate_auth_cookie` Auth API method.");
}
$user_id = wp_validate_auth_cookie($json_api->query->cookie, 'logged_in');
if (!$user_id) {
$json_api->error("Invalid authentication cookie. Use the `generate_auth_cookie` Auth API method.");
}
$user = get_userdata($user_id);
return array("user" => array("id" => $user->ID, "username" => $user->user_login, "nicename" => $user->user_nicename, "email" => $user->user_email, "url" => $user->user_url, "registered" => $user->user_registered, "displayname" => $user->display_name, "firstname" => $user->user_firstname, "lastname" => $user->last_name, "nickname" => $user->nickname, "description" => $user->user_description, "capabilities" => $user->wp_capabilities));
}示例9: auth_redirect
function auth_redirect()
{
// Checks if a user is logged in, if not redirects them to the login page
if (is_ssl() || force_ssl_admin()) {
$secure = true;
} else {
$secure = false;
}
// If https is required and request is http, redirect
if ($secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
if ($user_id = wp_validate_auth_cookie()) {
do_action('auth_redirect', $user_id);
// If the user wants ssl but the session is not ssl, redirect.
if (!$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
return;
// The cookie is good so we're done
}
// The cookie is no good so force login
nocache_headers();
if (OPENSSO_ENABLED) {
// Redirect to OpenSSO login page then return here
$login_url = OPENSSO_BASE_URL . '?goto=' . urlencode(opensso_full_url());
} else {
if (is_ssl()) {
$proto = 'https://';
} else {
$proto = 'http://';
}
$redirect = strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$login_url = wp_login_url($redirect);
}
wp_redirect($login_url);
exit;
}示例10: auth_redirect
function auth_redirect()
{
// Checks if a user is logged in, if not redirects them to the login page
$secure = is_ssl() || force_ssl_admin();
$secure = apply_filters('secure_auth_redirect', $secure);
// If https is required and request is http, redirect
if ($secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(set_url_scheme($_SERVER['REQUEST_URI'], 'https'));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
if (is_user_admin()) {
$scheme = 'logged_in';
} else {
$scheme = apply_filters('auth_redirect_scheme', '');
}
if ($user_id = wp_validate_auth_cookie('', $scheme)) {
do_action('auth_redirect', $user_id);
// If the user wants ssl but the session is not ssl, redirect.
if (!$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(set_url_scheme($_SERVER['REQUEST_URI'], 'https'));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
return;
// The cookie is good so we're done
}
// The cookie is no good so force login
nocache_headers();
$redirect = strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ? wp_get_referer() : set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
// Change login url
$login_url = Maestrano::sso()->getInitPath();
wp_redirect($login_url);
exit;
}示例11: syncAttackData
public static function syncAttackData($exit = true)
{
global $wpdb;
$waf = wfWAF::getInstance();
$lastAttackMicroseconds = $wpdb->get_var("SELECT MAX(attackLogTime) FROM {$wpdb->base_prefix}wfHits");
if ($waf->getStorageEngine()->hasNewerAttackData($lastAttackMicroseconds)) {
$attackData = $waf->getStorageEngine()->getNewestAttackDataArray($lastAttackMicroseconds);
if ($attackData) {
foreach ($attackData as $request) {
if (count($request) !== 9) {
continue;
}
list($logTimeMicroseconds, $requestTime, $ip, $learningMode, $paramKey, $paramValue, $failedRules, $ssl, $requestString) = $request;
// Skip old entries and hits in learning mode, since they'll get picked up anyways.
if ($logTimeMicroseconds <= $lastAttackMicroseconds || $learningMode) {
continue;
}
$hit = new wfRequestModel();
$hit->attackLogTime = $logTimeMicroseconds;
$hit->statusCode = 403;
$hit->ctime = $requestTime;
$hit->IP = wfUtils::inet_pton($ip);
if (preg_match('/user\\-agent:(.*?)\\n/i', $requestString, $matches)) {
$hit->UA = trim($matches[1]);
$hit->isGoogle = wfCrawl::isGoogleCrawler($hit->UA);
}
if (preg_match('/Referer:(.*?)\\n/i', $requestString, $matches)) {
$hit->referer = trim($matches[1]);
}
if (preg_match('/^[a-z]+\\s+(.*?)\\s+/i', $requestString, $uriMatches) && preg_match('/Host:(.*?)\\n/i', $requestString, $hostMatches)) {
$hit->URL = 'http' . ($ssl ? 's' : '') . '://' . trim($hostMatches[1]) . trim($uriMatches[1]);
}
if (preg_match('/cookie:(.*?)\\n/i', $requestString, $matches)) {
$hit->newVisit = strpos($matches[1], 'wfvt_' . crc32(site_url())) !== false ? 1 : 0;
$hasVerifiedHumanCookie = strpos($matches[1], 'wordfence_verifiedHuman') !== false;
if ($hasVerifiedHumanCookie && preg_match('/wordfence_verifiedHuman=(.*?);/', $matches[1], $cookieMatches)) {
$hit->jsRun = (int) wp_verify_nonce($cookieMatches[1], 'wordfence_verifiedHuman' . $hit->UA . $ip);
}
$hasLoginCookie = strpos($matches[1], $ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) !== false;
if ($hasLoginCookie && preg_match('/' . ($ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) . '=(.*?);/', $matches[1], $cookieMatches)) {
$authCookie = rawurldecode($cookieMatches[1]);
$authID = $ssl ? wp_validate_auth_cookie($authCookie, 'secure_auth') : wp_validate_auth_cookie($authCookie, 'auth');
if ($authID) {
$hit->userID = $authID;
}
}
}
$path = '/';
if (preg_match('/^[A-Z]+ (.*?) HTTP\\/1\\.1/', $requestString, $matches)) {
if (($pos = strpos($matches[1], '?')) !== false) {
$path = substr($matches[1], 0, $pos);
} else {
$path = $matches[1];
}
}
$hit->action = 'blocked:waf';
/** @var wfWAFRule $rule */
$ruleIDs = explode('|', $failedRules);
$actionData = array('learningMode' => $learningMode, 'failedRules' => $failedRules, 'paramKey' => $paramKey, 'paramValue' => $paramValue, 'path' => $path);
if ($ruleIDs && $ruleIDs[0]) {
$rule = $waf->getRule($ruleIDs[0]);
if ($rule) {
$hit->actionDescription = $rule->getDescription();
$actionData['category'] = $rule->getCategory();
$actionData['ssl'] = $ssl;
$actionData['fullRequest'] = base64_encode($requestString);
}
}
$hit->actionData = wfRequestModel::serializeActionData($actionData);
$hit->save();
self::scheduleSendAttackData();
}
}
$waf->getStorageEngine()->truncateAttackData();
}
update_site_option('wordfence_syncingAttackData', 0);
update_site_option('wordfence_syncAttackDataAttempts', 0);
if ($exit) {
exit;
}
}示例12: handle_fb_session_state
/**
* This happens only if allow_facebook_registration is true.
*/
function handle_fb_session_state()
{
if (wp_validate_auth_cookie('')) {
return $this->handle_fb_auth_tokens();
}
$fb_user = $this->model->fb->getUser();
if ($fb_user) {
$user_id = $this->model->get_wp_user_from_fb();
if (!$user_id) {
$user_id = $this->model->map_fb_to_current_wp_user();
}
if ($user_id) {
$user = get_userdata($user_id);
/*
if (is_multisite() && function_exists('is_user_member_of_blog')) {
if (!is_user_member_of_blog($user_id)) return false; // Don't allow this
}
*/
wp_set_current_user($user->ID, $user->user_login);
wp_set_auth_cookie($user->ID);
// Logged in with Facebook, yay
do_action('wp_login', $user->user_login);
$this->handle_fb_auth_tokens();
if (!(defined('DOING_AJAX') && isset($_REQUEST['action']) && 'wdfb_perhaps_create_wp_user' == $_REQUEST['action'])) {
wp_redirect(admin_url());
exit;
}
}
}
}示例13: define
if (!defined('WP_ADMIN')) {
define('WP_ADMIN', true);
}
if (defined('ABSPATH')) {
require_once ABSPATH . 'wp-load.php';
} else {
require_once dirname(dirname(__FILE__)) . '/wp-load.php';
}
/** Allow for cross-domain requests (from the front end). */
send_origin_headers();
require_once ABSPATH . 'wp-admin/includes/admin.php';
nocache_headers();
/** This action is documented in wp-admin/admin.php */
do_action('admin_init');
$action = empty($_REQUEST['action']) ? '' : $_REQUEST['action'];
if (!wp_validate_auth_cookie()) {
if (empty($action)) {
/**
* Fires on a non-authenticated admin post request where no action was supplied.
*
* @since 2.6.0
*/
do_action('admin_post_nopriv');
} else {
/**
* Fires on a non-authenticated admin post request for the given action.
*
* The dynamic portion of the hook name, `$action`, refers to the given
* request action.
*
* @since 2.6.0示例14: auth_redirect
/**
* Checks if a user is logged in, if not it redirects them to the login page.
*
* @param none
* @return void
*/
function auth_redirect()
{
if ($this->is_ssl() || force_ssl_admin()) {
$secure = true;
} else {
$secure = false;
}
// If https is required and request is http, redirect
if ($secure && !$this->is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
$this->redirect('https');
}
if ($user_id = wp_validate_auth_cookie('', apply_filters('auth_redirect_scheme', ''))) {
do_action('auth_redirect', $user_id);
// If the user wants ssl but the session is not ssl, redirect.
if (!$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin')) {
$this->redirect('https');
}
return;
// The cookie is good so we're done
}
// The cookie is no good so force login
nocache_headers();
if ($this->is_ssl()) {
$proto = 'https://';
} else {
$proto = 'http://';
}
$redirect = strpos($_SERVER['REQUEST_URI'], '/admin.php') && wp_get_referer() ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
// Rewrite URL to Shared SSL URL
if ($this->shared_ssl && strpos($redirect, 'https://') !== false) {
$redirect = $this->replace_http_url($redirect);
}
$login_url = wp_login_url($redirect);
wp_redirect($login_url);
exit;
}示例15: set_headers_cookies
/**
* Set headers and cookies.
*
* @since 1.1.0
*/
protected function set_headers_cookies()
{
if (!$this->options_handler->is_enabled('enable_cache') || $this->is_url_blacklisted()) {
header('X-Cache-Enabled: False');
return;
}
header('X-Cache-Enabled: True');
// Check if WP LOGGED_IN_COOKIE is set, validate it and define $userIsLoggedIn
if (isset($_COOKIE[LOGGED_IN_COOKIE])) {
$userIsLoggedIn = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in');
} else {
$userIsLoggedIn = false;
}
// Logged In Users
if ($userIsLoggedIn || !empty($_POST['wp-submit']) && 'Log In' === $_POST['wp-submit']) {
// Enable the cache bypass for logged users by setting a cache bypass cookie
setcookie('wpSGCacheBypass', 1, time() + 100 * MINUTE_IN_SECONDS, '/');
} elseif (!$userIsLoggedIn || 'logout' === $_GET['action']) {
setcookie('wpSGCacheBypass', 0, time() - HOUR_IN_SECONDS, '/');
}
}