WP_Recovery_Mode_Cookie_Service::validate_cookie( string $cookie = '' ): true|WP_Error

Validates the recovery mode cookie.


Parameters

$cookie string Optional
Optionally specify the cookie string.
If omitted, it will be retrieved from the super global.

Default: ''


Top ↑

Return

true|WP_Error True on success, error object on failure.


Top ↑

Source

File: wp-includes/class-wp-recovery-mode-cookie-service.php. View all references

public function validate_cookie( $cookie = '' ) {

	if ( ! $cookie ) {
		if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
			return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
		}

		$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
	}

	$parts = $this->parse_cookie( $cookie );

	if ( is_wp_error( $parts ) ) {
		return $parts;
	}

	list( , $created_at, $random, $signature ) = $parts;

	if ( ! ctype_digit( $created_at ) ) {
		return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
	}

	/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
	$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );

	if ( time() > $created_at + $length ) {
		return new WP_Error( 'expired', __( 'Cookie expired.' ) );
	}

	$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
	$hashed  = $this->recovery_mode_hash( $to_sign );

	if ( ! hash_equals( $signature, $hashed ) ) {
		return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
	}

	return true;
}

Top ↑

Hooks



Top ↑

Changelog

Changelog
Version Description
5.2.0 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.