From b4fa70c19c02a7cafdb45f956e47ddf4e3fe76f4 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <nacin@git.wordpress.org>
Date: Thu, 13 Sep 2012 17:17:47 +0000
Subject: [PATCH] Add nonce_user_logged_out filters to wp_create_nonce() and
 wp_verify_nonce() for when there is no user ID. Provides plugins the ability
 to tie a nonce to some other characteristic of the session. props
 sc0ttkclark, fixes #21111.

git-svn-id: https://develop.svn.wordpress.org/trunk@21837 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/pluggable.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index e3791961c7..94e505dcdf 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -1251,6 +1251,8 @@ if ( !function_exists('wp_verify_nonce') ) :
 function wp_verify_nonce($nonce, $action = -1) {
 	$user = wp_get_current_user();
 	$uid = (int) $user->ID;
+	if ( ! $uid )
+		$uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
 
 	$i = wp_nonce_tick();
 
@@ -1277,6 +1279,8 @@ if ( !function_exists('wp_create_nonce') ) :
 function wp_create_nonce($action = -1) {
 	$user = wp_get_current_user();
 	$uid = (int) $user->ID;
+	if ( ! $uid )
+		$uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
 
 	$i = wp_nonce_tick();