From 961bbcb78073b72a48fbef925f7df6495915b30c Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Fri, 23 Aug 2013 21:26:58 +0000 Subject: [PATCH] Logging in: when the Remember Me checkbox is checked, make sure the browser continues to send the expired cookies so the "login grace period" for POST and AJAX requests works. Fixes #24735. git-svn-id: https://develop.svn.wordpress.org/trunk@25107 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/pluggable.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php index d108e4a457..b097bca227 100644 --- a/src/wp-includes/pluggable.php +++ b/src/wp-includes/pluggable.php @@ -649,7 +649,10 @@ if ( !function_exists('wp_set_auth_cookie') ) : */ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') { if ( $remember ) { - $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); + $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); + // Ensure the browser will continue to send the cookie after the expiration time is reached. + // Needed for the login grace period in wp_validate_auth_cookie(). + $expire = $expiration + ( 12 * HOUR_IN_SECONDS ); } else { $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember); $expire = 0;