WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' )

Validates the recovery mode cookie.


Parameters Parameters

$cookie

(string) (Optional) y specify the cookie string. If omitted, it will be retrieved from the super global.

Default value: ''


Top ↑

Return Return

(true|WP_Error) True on success, error object on failure.


Top ↑

Source Source

File: wp-includes/class-wp-recovery-mode-cookie-service.php

	public function validate_cookie( $cookie = '' ) {

		if ( ! $cookie ) {
			if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
				return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
			}

			$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
		}

		$parts = $this->parse_cookie( $cookie );

		if ( is_wp_error( $parts ) ) {
			return $parts;
		}

		list( , $created_at, $random, $signature ) = $parts;

		if ( ! ctype_digit( $created_at ) ) {
			return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
		}

		/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
		$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );

		if ( time() > $created_at + $length ) {
			return new WP_Error( 'expired', __( 'Cookie expired.' ) );
		}

		$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
		$hashed  = $this->recovery_mode_hash( $to_sign );

		if ( ! hash_equals( $signature, $hashed ) ) {
			return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
		}

		return true;
	}


Top ↑

Changelog Changelog

Changelog
Version Description
5.2.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.