Fix the `wp-settings-*` cookies used in getUserSetting()/setUserSetting(). They should be set without `COOKIE_DOMAIN` to work properly for sub-domains. Fixes #29095.
Built from https://develop.svn.wordpress.org/trunk@29478 git-svn-id: http://core.svn.wordpress.org/trunk@29256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Ozz
parent
aed71de2d6
commit
8f2b4fbe9e
|
|
@ -128,8 +128,8 @@ var wpCookies = {
|
|||
*
|
||||
* This is done by setting it to an empty value and setting the expiration time in the past.
|
||||
*/
|
||||
remove: function( name, path ) {
|
||||
this.set( name, '', -1000, path );
|
||||
remove: function( name, path, domain, secure ) {
|
||||
this.set( name, '', -1000, path, domain, secure );
|
||||
}
|
||||
};
|
||||
|
||||
|
|
@ -157,9 +157,9 @@ function setUserSetting( name, value, _del ) {
|
|||
}
|
||||
|
||||
var uid = userSettings.uid,
|
||||
oldUid = uid.lastIndexOf('-') > 0 ? uid.substring( 0, uid.lastIndexOf('-') ) : 0,
|
||||
settings = wpCookies.getHash( 'wp-settings-' + uid ),
|
||||
path = userSettings.url;
|
||||
path = userSettings.url,
|
||||
secure = !! userSettings.secure;
|
||||
|
||||
name = name.toString().replace( /[^A-Za-z0-9_]/, '' );
|
||||
|
||||
|
|
@ -169,17 +169,6 @@ function setUserSetting( name, value, _del ) {
|
|||
value = value.toString().replace( /[^A-Za-z0-9_]/, '' );
|
||||
}
|
||||
|
||||
if ( oldUid ) {
|
||||
if ( ! settings ) {
|
||||
settings = wpCookies.getHash( 'wp-settings-' + oldUid );
|
||||
}
|
||||
// Delete old cookies
|
||||
if ( wpCookies.get( 'wp-settings-time-' + oldUid ) ) {
|
||||
wpCookies.remove( 'wp-settings-' + oldUid, path );
|
||||
wpCookies.remove( 'wp-settings-time-' + oldUid, path );
|
||||
}
|
||||
}
|
||||
|
||||
settings = settings || {};
|
||||
|
||||
if ( _del ) {
|
||||
|
|
@ -188,8 +177,8 @@ function setUserSetting( name, value, _del ) {
|
|||
settings[name] = value;
|
||||
}
|
||||
|
||||
wpCookies.setHash( 'wp-settings-' + uid, settings, 31536000, path );
|
||||
wpCookies.set( 'wp-settings-time-' + uid, userSettings.time, 31536000, path );
|
||||
wpCookies.setHash( 'wp-settings-' + uid, settings, 31536000, path, '', secure );
|
||||
wpCookies.set( 'wp-settings-time-' + uid, userSettings.time, 31536000, path, '', secure );
|
||||
|
||||
return name;
|
||||
}
|
||||
|
|
@ -204,14 +193,5 @@ function getAllUserSettings() {
|
|||
return {};
|
||||
}
|
||||
|
||||
var uid = userSettings.uid,
|
||||
settings = wpCookies.getHash( 'wp-settings-' + uid );
|
||||
|
||||
// Try the old format cookie
|
||||
if ( ! settings && uid.lastIndexOf('-') > 0 ) {
|
||||
uid = uid.substring( 0, uid.lastIndexOf('-') );
|
||||
settings = wpCookies.getHash( 'wp-settings-' + uid );
|
||||
}
|
||||
|
||||
return settings || {};
|
||||
return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
function getUserSetting(a,b){var c=getAllUserSettings();return c.hasOwnProperty(a)?c[a]:"undefined"!=typeof b?b:""}function setUserSetting(a,b,c){if("object"!=typeof userSettings)return!1;var d=userSettings.uid,e=d.lastIndexOf("-")>0?d.substring(0,d.lastIndexOf("-")):0,f=wpCookies.getHash("wp-settings-"+d),g=userSettings.url;return a=a.toString().replace(/[^A-Za-z0-9_]/,""),b="number"==typeof b?parseInt(b,10):b.toString().replace(/[^A-Za-z0-9_]/,""),e&&(f||(f=wpCookies.getHash("wp-settings-"+e)),wpCookies.get("wp-settings-time-"+e)&&(wpCookies.remove("wp-settings-"+e,g),wpCookies.remove("wp-settings-time-"+e,g))),f=f||{},c?delete f[a]:f[a]=b,wpCookies.setHash("wp-settings-"+d,f,31536e3,g),wpCookies.set("wp-settings-time-"+d,userSettings.time,31536e3,g),a}function deleteUserSetting(a){return setUserSetting(a,"",1)}function getAllUserSettings(){if("object"!=typeof userSettings)return{};var a=userSettings.uid,b=wpCookies.getHash("wp-settings-"+a);return!b&&a.lastIndexOf("-")>0&&(a=a.substring(0,a.lastIndexOf("-")),b=wpCookies.getHash("wp-settings-"+a)),b||{}}var wpCookies={each:function(a,b,c){var d,e;if(!a)return 0;if(c=c||a,"undefined"!=typeof a.length){for(d=0,e=a.length;e>d;d++)if(b.call(c,a[d],d,a)===!1)return 0}else for(d in a)if(a.hasOwnProperty(d)&&b.call(c,a[d],d,a)===!1)return 0;return 1},getHash:function(a){var b,c=this.get(a);return c&&this.each(c.split("&"),function(a){a=a.split("="),b=b||{},b[a[0]]=a[1]}),b},setHash:function(a,b,c,d,e,f){var g="";this.each(b,function(a,b){g+=(g?"&":"")+b+"="+a}),this.set(a,g,c,d,e,f)},get:function(a){var b,c,d=document.cookie,e=a+"=";if(d){if(c=d.indexOf("; "+e),-1===c){if(c=d.indexOf(e),0!==c)return null}else c+=2;return b=d.indexOf(";",c),-1===b&&(b=d.length),decodeURIComponent(d.substring(c+e.length,b))}},set:function(a,b,c,d,e,f){var g=new Date;"object"==typeof c&&c.toGMTString?c=c.toGMTString():parseInt(c,10)?(g.setTime(g.getTime()+1e3*parseInt(c,10)),c=g.toGMTString()):c="",document.cookie=a+"="+encodeURIComponent(b)+(c?"; expires="+c:"")+(d?"; path="+d:"")+(e?"; domain="+e:"")+(f?"; secure":"")},remove:function(a,b){this.set(a,"",-1e3,b)}};
|
||||
function getUserSetting(a,b){var c=getAllUserSettings();return c.hasOwnProperty(a)?c[a]:"undefined"!=typeof b?b:""}function setUserSetting(a,b,c){if("object"!=typeof userSettings)return!1;var d=userSettings.uid,e=wpCookies.getHash("wp-settings-"+d),f=userSettings.url,g=!!userSettings.secure;return a=a.toString().replace(/[^A-Za-z0-9_]/,""),b="number"==typeof b?parseInt(b,10):b.toString().replace(/[^A-Za-z0-9_]/,""),e=e||{},c?delete e[a]:e[a]=b,wpCookies.setHash("wp-settings-"+d,e,31536e3,f,"",g),wpCookies.set("wp-settings-time-"+d,userSettings.time,31536e3,f,"",g),a}function deleteUserSetting(a){return setUserSetting(a,"",1)}function getAllUserSettings(){return"object"!=typeof userSettings?{}:wpCookies.getHash("wp-settings-"+userSettings.uid)||{}}var wpCookies={each:function(a,b,c){var d,e;if(!a)return 0;if(c=c||a,"undefined"!=typeof a.length){for(d=0,e=a.length;e>d;d++)if(b.call(c,a[d],d,a)===!1)return 0}else for(d in a)if(a.hasOwnProperty(d)&&b.call(c,a[d],d,a)===!1)return 0;return 1},getHash:function(a){var b,c=this.get(a);return c&&this.each(c.split("&"),function(a){a=a.split("="),b=b||{},b[a[0]]=a[1]}),b},setHash:function(a,b,c,d,e,f){var g="";this.each(b,function(a,b){g+=(g?"&":"")+b+"="+a}),this.set(a,g,c,d,e,f)},get:function(a){var b,c,d=document.cookie,e=a+"=";if(d){if(c=d.indexOf("; "+e),-1===c){if(c=d.indexOf(e),0!==c)return null}else c+=2;return b=d.indexOf(";",c),-1===b&&(b=d.length),decodeURIComponent(d.substring(c+e.length,b))}},set:function(a,b,c,d,e,f){var g=new Date;"object"==typeof c&&c.toGMTString?c=c.toGMTString():parseInt(c,10)?(g.setTime(g.getTime()+1e3*parseInt(c,10)),c=g.toGMTString()):c="",document.cookie=a+"="+encodeURIComponent(b)+(c?"; expires="+c:"")+(d?"; path="+d:"")+(e?"; domain="+e:"")+(f?"; secure":"")},remove:function(a,b,c,d){this.set(a,"",-1e3,b,c,d)}};
|
||||
|
|
@ -726,17 +726,16 @@ function wp_user_settings() {
|
|||
}
|
||||
|
||||
$settings = (string) get_user_option( 'user-settings', $user_id );
|
||||
$uid = $user_id . '-' . get_current_blog_id();
|
||||
|
||||
if ( isset( $_COOKIE['wp-settings-' . $uid] ) ) {
|
||||
$cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $uid] );
|
||||
if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
|
||||
$cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
|
||||
|
||||
// No change or both empty
|
||||
if ( $cookie == $settings )
|
||||
return;
|
||||
|
||||
$last_saved = (int) get_user_option( 'user-settings-time', $user_id );
|
||||
$current = isset( $_COOKIE['wp-settings-time-' . $uid]) ? preg_replace( '/[^0-9]/', '', $_COOKIE['wp-settings-time-' . $uid] ) : 0;
|
||||
$current = isset( $_COOKIE['wp-settings-time-' . $user_id]) ? preg_replace( '/[^0-9]/', '', $_COOKIE['wp-settings-time-' . $user_id] ) : 0;
|
||||
|
||||
// The cookie is newer than the saved value. Update the user_option and leave the cookie as-is
|
||||
if ( $current > $last_saved ) {
|
||||
|
|
@ -748,9 +747,9 @@ function wp_user_settings() {
|
|||
|
||||
// The cookie is not set in the current browser or the saved value is newer.
|
||||
$secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) );
|
||||
setcookie( 'wp-settings-' . $uid, $settings, time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
|
||||
setcookie( 'wp-settings-time-' . $uid, time(), time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
|
||||
$_COOKIE['wp-settings-' . $uid] = $settings;
|
||||
setcookie( 'wp-settings-' . $user_id, $settings, time() + YEAR_IN_SECONDS, SITECOOKIEPATH, null, $secure );
|
||||
setcookie( 'wp-settings-time-' . $user_id, time(), time() + YEAR_IN_SECONDS, SITECOOKIEPATH, null, $secure );
|
||||
$_COOKIE['wp-settings-' . $user_id] = $settings;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -846,20 +845,19 @@ function get_all_user_settings() {
|
|||
}
|
||||
|
||||
$user_settings = array();
|
||||
$uid = $user_id . '-' . get_current_blog_id();
|
||||
|
||||
if ( isset( $_COOKIE['wp-settings-' . $uid] ) ) {
|
||||
$cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $uid] );
|
||||
} elseif ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
|
||||
if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
|
||||
$cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
|
||||
}
|
||||
|
||||
if ( ! empty( $cookie ) && strpos( $cookie, '=' ) ) { // '=' cannot be 1st char
|
||||
parse_str( $cookie, $user_settings );
|
||||
if ( strpos( $cookie, '=' ) ) { // '=' cannot be 1st char
|
||||
parse_str( $cookie, $user_settings );
|
||||
}
|
||||
} else {
|
||||
$option = get_user_option( 'user-settings', $user_id );
|
||||
if ( $option && is_string( $option ) )
|
||||
|
||||
if ( $option && is_string( $option ) ) {
|
||||
parse_str( $option, $user_settings );
|
||||
}
|
||||
}
|
||||
|
||||
$_updated_user_settings = $user_settings;
|
||||
|
|
@ -914,9 +912,8 @@ function delete_all_user_settings() {
|
|||
return;
|
||||
}
|
||||
|
||||
$uid = $user_id . '-' . get_current_blog_id();
|
||||
update_user_option( $user_id, 'user-settings', '', false );
|
||||
setcookie( 'wp-settings-' . $uid, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
|
||||
setcookie( 'wp-settings-' . $user_id, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -72,8 +72,9 @@ function wp_default_scripts( &$scripts ) {
|
|||
$scripts->add( 'utils', "/wp-includes/js/utils$suffix.js" );
|
||||
did_action( 'init' ) && $scripts->localize( 'utils', 'userSettings', array(
|
||||
'url' => (string) SITECOOKIEPATH,
|
||||
'uid' => get_current_user_id() . '-' . get_current_blog_id(),
|
||||
'uid' => (string) get_current_user_id(),
|
||||
'time' => (string) time(),
|
||||
'secure' => (string) ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) ),
|
||||
) );
|
||||
|
||||
$scripts->add( 'common', "/wp-admin/js/common$suffix.js", array('jquery', 'hoverIntent', 'utils'), false, 1 );
|
||||
|
|
|
|||
Loading…
Reference in New Issue