Persist the "Remember Me" state of the auth cookie when changing your own password. Props jesin. Fixes #27627.

git-svn-id: https://develop.svn.wordpress.org/trunk@29043 602fd350-edb4-49c9-b593-d223f7449a82
2014-07-09 18:05:00 +00:00 · 2014-07-09 18:05:00 +00:00 · bdeb3348ed
parent 194122cb84
commit bdeb3348ed
1 changed files with 8 additions and 1 deletions
--- a/src/wp-includes/user.php
+++ b/src/wp-includes/user.php
@ -1888,7 +1888,14 @@ function wp_update_user($userdata) {
 	if ( $current_user->ID == $ID ) {
 		if ( isset($plaintext_pass) ) {
 			wp_clear_auth_cookie();
-			wp_set_auth_cookie($ID);
+
+			// Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
+			// If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
+			$logged_in_cookie    = wp_parse_auth_cookie( '', 'logged_in' );
+			$default_cookie_life = apply_filters( 'auth_cookie_expiration', ( 2 * DAY_IN_SECONDS ), $ID, false );
+			$remember            = ( ( $logged_in_cookie['expiration'] - time() ) > $default_cookie_life );
+
+			wp_set_auth_cookie( $ID, $remember );
 		}
 	}