[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)





/wp-includes/ -> class-wp-recovery-mode-cookie-service.php (summary)

Error Protection API: WP_Recovery_Mode_Cookie_Service class

File Size: 234 lines (6 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 1 file

Defines 8 functions


Functions that are not part of a class:

is_cookie_set()   X-Ref
Checks whether the recovery mode cookie is set.

return: bool True if the cookie is set, false otherwise.

set_cookie()   X-Ref
Sets the recovery mode cookie.

This must be immediately followed by exiting the request.

clear_cookie()   X-Ref
Clears the recovery mode cookie.

validate_cookie( $cookie = '' )   X-Ref
Validates the recovery mode cookie.

param: string $cookie Optionally specify the cookie string.
return: true|WP_Error True on success, error object on failure.

get_session_id_from_cookie( $cookie = '' )   X-Ref
Gets the session identifier from the cookie.

The cookie should be validated before calling this API.

param: string $cookie Optionally specify the cookie string.
return: string|WP_Error Session ID on success, or error object on failure.

parse_cookie( $cookie )   X-Ref
Parses the cookie into its four parts.

param: string $cookie Cookie content.
return: array|WP_Error Cookie parts array, or error object on failure.

generate_cookie()   X-Ref
Generates the recovery mode cookie value.

The cookie is a base64 encoded string with the following format:


Where "recovery_mode" is a constant string,
iat is the time the cookie was generated at,
rand is a randomly generated password that is also used as a session identifier
and signature is an hmac of the preceding 3 parts.

return: string Generated cookie content.

recovery_mode_hash( $data )   X-Ref
Gets a form of `wp_hash()` specific to Recovery Mode.

We cannot use `wp_hash()` because it is defined in `pluggable.php` which is not loaded until after plugins are loaded,
which is too late to verify the recovery mode cookie.

This tries to use the `AUTH` salts first, but if they aren't valid specific salts will be generated and stored.

param: string $data Data to hash.
return: string|false The hashed $data, or false on failure.

Generated : Wed Sep 30 08:20:01 2020 Cross-referenced by PHPXref