WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' )
Validates the recovery mode cookie.
Parameters
- $cookie
-
(string) (Optional) y specify the cookie string. If omitted, it will be retrieved from the super global.
Default value: ''
Return
(true|WP_Error) True on success, error object on failure.
Source
File: wp-includes/class-wp-recovery-mode-cookie-service.php
public function validate_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , $created_at, $random, $signature ) = $parts;
if ( ! ctype_digit( $created_at ) ) {
return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
}
/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
if ( time() > $created_at + $length ) {
return new WP_Error( 'expired', __( 'Cookie expired.' ) );
}
$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
$hashed = $this->recovery_mode_hash( $to_sign );
if ( ! hash_equals( $signature, $hashed ) ) {
return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
}
return true;
} Changelog
| Version | Description |
|---|---|
| 5.2.0 | Introduced. |
© 2003–2021 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_recovery_mode_cookie_service/validate_cookie