WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' ): true|WP_Error
Validates the recovery mode cookie.
Parameters
-
$cookiestring Optional -
Optionally specify the cookie string.
If omitted, it will be retrieved from the super global.Default:
''
Return
true|WP_Error True on success, error object on failure.
Source
File: wp-includes/class-wp-recovery-mode-cookie-service.php.
View all references
public function validate_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , $created_at, $random, $signature ) = $parts;
if ( ! ctype_digit( $created_at ) ) {
return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
}
/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
if ( time() > $created_at + $length ) {
return new WP_Error( 'expired', __( 'Cookie expired.' ) );
}
$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
$hashed = $this->recovery_mode_hash( $to_sign );
if ( ! hash_equals( $signature, $hashed ) ) {
return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
}
return true;
}
Hooks
-
apply_filters( 'recovery_mode_cookie_length',
int $length ) -
Filters the length of time a Recovery Mode cookie is valid for.
Changelog
| Version | Description |
|---|---|
| 5.2.0 | Introduced. |