From bdeb3348ed30b88e8f5f59348a2ba2bbd2142fbd Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Wed, 9 Jul 2014 18:05:00 +0000 Subject: [PATCH] Persist the "Remember Me" state of the auth cookie when changing your own password. Props jesin. Fixes #27627. git-svn-id: https://develop.svn.wordpress.org/trunk@29043 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/user.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php index 11972642ec..f134d5e6a2 100644 --- a/src/wp-includes/user.php +++ b/src/wp-includes/user.php @@ -1888,7 +1888,14 @@ function wp_update_user($userdata) { if ( $current_user->ID == $ID ) { if ( isset($plaintext_pass) ) { wp_clear_auth_cookie(); - wp_set_auth_cookie($ID); + + // Here we calculate the expiration length of the current auth cookie and compare it to the default expiration. + // If it's greater than this, then we know the user checked 'Remember Me' when they logged in. + $logged_in_cookie = wp_parse_auth_cookie( '', 'logged_in' ); + $default_cookie_life = apply_filters( 'auth_cookie_expiration', ( 2 * DAY_IN_SECONDS ), $ID, false ); + $remember = ( ( $logged_in_cookie['expiration'] - time() ) > $default_cookie_life ); + + wp_set_auth_cookie( $ID, $remember ); } }