Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-13 22:26:06 +01:00
Code Issues Projects Releases Wiki Activity

SSL fixes. see #7001

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-06-24 22:19:27 +00:00
parent cdaefc84b8
commit 636c562256
4 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/async-upload.php
View File

@ -10,7 +10,9 @@ else
require_once('../wp-load.php');
// Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
if ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
if ( is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
$_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
elseif ( empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie']) )
$_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
unset($current_user);
require_once('admin.php');

2
wp-admin/includes/media.php
View File

@ -850,7 +850,7 @@ jQuery(function($){
file_types: "<?php echo apply_filters('upload_file_glob', '*.*'); ?>",
post_params : {
"post_id" : "<?php echo $post_id; ?>",
"auth_cookie" : "<?php echo $_COOKIE[AUTH_COOKIE]; ?>",
"auth_cookie" : "<?php if ( is_ssl() ) echo $_COOKIE[SECURE_AUTH_COOKIE]; else echo $_COOKIE[AUTH_COOKIE]; ?>",
"_wpnonce" : "<?php echo wp_create_nonce('media-form'); ?>",
"type" : "<?php echo $type; ?>",
"tab" : "<?php echo $tab; ?>",

4
wp-includes/pluggable.php
View File

@ -589,8 +589,8 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
$auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme);
$logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in');
do_action('set_auth_cookie', $auth_cookie, $expire, $scheme);
do_action('set_auth_cookie', $logged_in_cookie, $expire, 'logged_in');
do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme);
do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in');
setcookie($auth_cookie_name, $auth_cookie, $expire, SITECOOKIEPATH . 'wp-admin', COOKIE_DOMAIN, $secure);
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN);

2
wp-login.php
View File

@ -411,7 +411,7 @@ default:
else
$redirect_to = 'wp-admin/';
if ( is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) )
if ( is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
$secure_cookie = false;
else
$secure_cookie = '';