WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

WP_Recovery_Mode_Cookie_Service::validate_cookie()

WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' ): true|WP_Error

In this article

Back to top

Validates the recovery mode cookie.

Parameters

$cookiestringoptional
Optionally specify the cookie string.
If omitted, it will be retrieved from the super global.

Default:''

Return

true|WP_Error True on success, error object on failure.

Source

public function validate_cookie( $cookie = '' ) {

	if ( ! $cookie ) {
		if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
			return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
		}

		$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
	}

	$parts = $this->parse_cookie( $cookie );

	if ( is_wp_error( $parts ) ) {
		return $parts;
	}

	list( , $created_at, $random, $signature ) = $parts;

	if ( ! ctype_digit( $created_at ) ) {
		return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
	}

	/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
	$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );

	if ( time() > $created_at + $length ) {
		return new WP_Error( 'expired', __( 'Cookie expired.' ) );
	}

	$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
	$hashed  = $this->recovery_mode_hash( $to_sign );

	if ( ! hash_equals( $signature, $hashed ) ) {
		return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
	}

	return true;
}

View all references View on Trac View on GitHub

Hooks

apply_filters( ‘recovery_mode_cookie_length’, int $length )

Filters the length of time a Recovery Mode cookie is valid for.

UsesDescription
WP_Recovery_Mode_Cookie_Service::parse_cookie()wp-includes/class-wp-recovery-mode-cookie-service.php

Parses the cookie into its four parts.

WP_Recovery_Mode_Cookie_Service::recovery_mode_hash()wp-includes/class-wp-recovery-mode-cookie-service.php

Gets a form of wp_hash() specific to Recovery Mode.

apply_filters()wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.

is_wp_error()wp-includes/load.php

Checks whether the given variable is a WordPress Error.

WP_Error::__construct()wp-includes/class-wp-error.php

Initializes the error.

Show 3 moreShow less

Changelog

VersionDescription
5.2.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.