Add `'wp_verify_nonce_failed'` action that fires when nonce verification fails.
props johnbillion, garza, Shelob9. fixes #24030. git-svn-id: https://develop.svn.wordpress.org/trunk@33744 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
4bc9b3db6d
commit
b935049f24
|
@ -1812,6 +1812,18 @@ function wp_verify_nonce( $nonce, $action = -1 ) {
|
|||
return 2;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fires when nonce verification fails.
|
||||
*
|
||||
* @since 4.4.0
|
||||
*
|
||||
* @param string $nonce The invalid nonce.
|
||||
* @param string|int $action The nonce action.
|
||||
* @param WP_User $user The current user object.
|
||||
* @param string $token The user's session token.
|
||||
*/
|
||||
do_action( 'wp_verify_nonce_failed', $nonce, $action, $user, $token );
|
||||
|
||||
// Invalid nonce
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -8,6 +8,11 @@ class Tests_Auth extends WP_UnitTestCase {
|
|||
var $user_id;
|
||||
var $wp_hasher;
|
||||
|
||||
/**
|
||||
* action hook
|
||||
*/
|
||||
protected $nonce_failure_hook = 'wp_verify_nonce_failed';
|
||||
|
||||
function setUp() {
|
||||
parent::setUp();
|
||||
$this->user_id = $this->factory->user->create();
|
||||
|
@ -110,6 +115,30 @@ class Tests_Auth extends WP_UnitTestCase {
|
|||
$this->assertFalse( wp_verify_nonce( 1 ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 24030
|
||||
*/
|
||||
function test_wp_nonce_verify_failed() {
|
||||
$nonce = substr( md5( uniqid() ), 0, 10 );
|
||||
$count = did_action( $this->nonce_failure_hook );
|
||||
|
||||
wp_verify_nonce( $nonce, 'nonce_test_action' );
|
||||
|
||||
$this->assertEquals( ( $count + 1 ), did_action( $this->nonce_failure_hook ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 24030
|
||||
*/
|
||||
function test_wp_nonce_verify_success() {
|
||||
$nonce = wp_create_nonce( 'nonce_test_action' );
|
||||
$count = did_action( $this->nonce_failure_hook );
|
||||
|
||||
wp_verify_nonce( $nonce, 'nonce_test_action' );
|
||||
|
||||
$this->assertEquals( $count, did_action( $this->nonce_failure_hook ) );
|
||||
}
|
||||
|
||||
function test_password_length_limit() {
|
||||
$passwords = array(
|
||||
str_repeat( 'a', 4095 ), // short
|
||||
|
|
Loading…
Reference in New Issue