From 34d67f99079d7e3841dba1ae08b478d9df8d39b9 Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 18 Mar 2008 02:43:20 +0000 Subject: [PATCH] Renew autosave nonce. Props andy. fixes #6266 git-svn-id: http://svn.automattic.com/wordpress/trunk@7375 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-ajax.php | 5 +++- wp-includes/js/autosave.js | 13 +++++++--- wp-includes/pluggable.php | 50 +++++++++++++++++++++++++++++--------- 3 files changed, 52 insertions(+), 16 deletions(-) diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index 44d64781a2..a4ef690f79 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -460,7 +460,7 @@ case 'add-user' : $x->send(); break; case 'autosave' : // The name of this action is hardcoded in edit_post() - check_ajax_referer( 'autosave', 'autosavenonce' ); + $nonce_age = check_ajax_referer( 'autosave', 'autosavenonce'); global $current_user; $_POST['post_status'] = 'draft'; @@ -520,6 +520,9 @@ case 'autosave' : // The name of this action is hardcoded in edit_post() if ( $do_lock && $id && is_numeric($id) ) wp_set_post_lock( $id ); + if ( $nonce_age == 2 ) + $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave'); + $x = new WP_Ajax_Response( array( 'what' => 'autosave', 'id' => $id, diff --git a/wp-includes/js/autosave.js b/wp-includes/js/autosave.js index 96ea8d672c..37d817b55c 100644 --- a/wp-includes/js/autosave.js +++ b/wp-includes/js/autosave.js @@ -24,9 +24,16 @@ function autosave_saved(response) { if ( res && res.responses && res.responses.length ) { message = res.responses[0].data; // The saved message or error. // someone else is editing: disable autosave, set errors - if ( res.responses[0].supplemental && 'disable' == res.responses[0].supplemental['disable_autosave'] ) { - autosave = function() {}; - res = { errors: true }; + if ( res.responses[0].supplemental ) { + if ( 'disable' == res.responses[0].supplemental['disable_autosave'] ) { + autosave = function() {}; + res = { errors: true }; + } + jQuery.each(res.responses[0].supplemental, function(selector, value) { + if ( selector.match(/^replace-/) ) { + jQuery('#'+selector.replace('replace-', '')).val(value); + } + }); } // if no errors: add preview link and slug UI diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 19437833ed..4c87877343 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -624,15 +624,16 @@ if ( !function_exists('check_admin_referer') ) : * @param string $action Action nonce * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5) */ -function check_admin_referer($action = -1, $query_arg = '_wpnonce' ) { +function check_admin_referer($action = -1, $query_arg = '_wpnonce') { $adminurl = strtolower(get_option('siteurl')).'/wp-admin'; $referer = strtolower(wp_get_referer()); - if ( !wp_verify_nonce($_REQUEST[$query_arg], $action) && - !(-1 == $action && strpos($referer, $adminurl) !== false)) { + $result = wp_verify_nonce($_REQUEST[$query_arg], $action); + if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) { wp_nonce_ays($action); die(); } - do_action('check_admin_referer', $action); + do_action('check_admin_referer', $action, $result); + return $result; }endif; if ( !function_exists('check_ajax_referer') ) : @@ -644,16 +645,20 @@ if ( !function_exists('check_ajax_referer') ) : * @param string $action Action nonce * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5) */ -function check_ajax_referer( $action = -1, $query_arg = false ) { +function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) { if ( $query_arg ) $nonce = $_REQUEST[$query_arg]; else $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; - if ( !wp_verify_nonce( $nonce, $action ) ) + $result = wp_verify_nonce( $nonce, $action ); + + if ( $die && false == $result ) die('-1'); - do_action('check_ajax_referer'); + do_action('check_ajax_referer', $action, $result); + + return $result; } endif; @@ -937,6 +942,23 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') { } endif; +if ( !function_exists('wp_nonce_tick') ) : +/** + * wp_nonce_tick() - Get the time-dependent variable for nonce creation + * + * A nonce has a lifespan of two ticks. Nonces in their second tick may be updated, e.g. by autosave. + * + * @since 2.5 + * + * @return int + */ +function wp_nonce_tick() { + $nonce_life = apply_filters('nonce_life', 86400) / 2; + + return ceil(time() / ( $nonce_life / 2 )); +} +endif; + if ( !function_exists('wp_verify_nonce') ) : /** * wp_verify_nonce() - Verify that correct nonce was used with time limit @@ -954,11 +976,15 @@ function wp_verify_nonce($nonce, $action = -1) { $user = wp_get_current_user(); $uid = (int) $user->id; - $i = ceil(time() / 43200); + $i = wp_nonce_tick(); - //Allow for expanding range, but only do one check if we can - if( substr(wp_hash($i . $action . $uid), -12, 10) == $nonce || substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce ) - return true; + // Nonce generated 0-12 hours ago + if ( substr(wp_hash($i . $action . $uid), -12, 10) == $nonce ) + return 1; + // Nonce generated 12-24 hours ago + if ( substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce ) + return 2; + // Invalid nonce return false; } endif; @@ -976,7 +1002,7 @@ function wp_create_nonce($action = -1) { $user = wp_get_current_user(); $uid = (int) $user->id; - $i = ceil(time() / 43200); + $i = wp_nonce_tick(); return substr(wp_hash($i . $action . $uid), -12, 10); }