WP_Recovery_Mode_Cookie_Service::validate_cookie() WordPress Method

The WP_Recovery_Mode_Cookie_Service::validate_cookie() method is used to validate a user's recovery mode cookie. This cookie is used to access the WordPress site in recovery mode. This mode allows a user to recover their WordPress site if it becomes unavailable. The validate_cookie() method checks the user's current cookie against the recovery mode cookie. If the recovery mode cookie is valid, the user is granted access to the WordPress site. If the cookie is invalid, the user is redirected to the WordPress login page.

WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' ) #

Validates the recovery mode cookie.

Contents

Parameters

$cookie

(string)(Optional)y specify the cookie string. If omitted, it will be retrieved from the super global.

Default value: ''

Top ↑

Return

(true|WP_Error) True on success, error object on failure.

Top ↑

Source

File: wp-includes/class-wp-recovery-mode-cookie-service.php

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
public function validate_cookie( $cookie = '' ) {
 
    if ( ! $cookie ) {
        if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
            return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
        }
 
        $cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
    }
 
    $parts = $this->parse_cookie( $cookie );
 
    if ( is_wp_error( $parts ) ) {
        return $parts;
    }
 
    list( , $created_at, $random, $signature ) = $parts;
 
    if ( ! ctype_digit( $created_at ) ) {
        return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
    }
 
    /** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
    $length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
 
    if ( time() > $created_at + $length ) {
        return new WP_Error( 'expired', __( 'Cookie expired.' ) );
    }
 
    $to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
    $hashed  = $this->recovery_mode_hash( $to_sign );
 
    if ( ! hash_equals( $signature, $hashed ) ) {
        return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
    }
 
    return true;
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Uses

Uses
UsesDescription
wp-includes/class-wp-recovery-mode-cookie-service.php:WP_Recovery_Mode_Cookie_Service::parse_cookie()

Parses the cookie into its four parts.

wp-includes/class-wp-recovery-mode-cookie-service.php:WP_Recovery_Mode_Cookie_Service::recovery_mode_hash()

Gets a form of wp_hash() specific to Recovery Mode.

wp-includes/class-wp-recovery-mode-cookie-service.php:recovery_mode_cookie_length

Filters the length of time a Recovery Mode cookie is valid for.

wp-includes/l10n.php:__()

Retrieve the translation of $text.

wp-includes/plugin.php:apply_filters()

Calls the callback functions that have been added to a filter hook.

wp-includes/load.php:is_wp_error()

Checks whether the given variable is a WordPress Error.

wp-includes/class-wp-error.php:WP_Error::__construct()

Initializes the error.

Show 2 more usesHide more uses

Top ↑

Changelog

Changelog
VersionDescription
5.2.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by the Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.