Navigation

← Previous Changeset
Next Changeset →

Changeset 1588

Timestamp:

07/11/08 16:34:53 (5 months ago)

Author:

sambauers

Message:

Bring bbPress cookies up to speed with WordPress, first pass.

Files:

trunk/bb-config-sample.php (modified) (1 diff)
trunk/bb-edit.php (modified) (1 diff)
trunk/bb-includes/functions.php (modified) (1 diff)
trunk/bb-includes/pluggable.php (modified) (5 diffs)
trunk/bb-post.php (modified) (1 diff)
trunk/bb-settings.php (modified) (4 diffs)
trunk/edit.php (modified) (1 diff)
trunk/favorites.php (modified) (1 diff)
trunk/profile-edit.php (modified) (1 diff)
trunk/tag-add.php (modified) (1 diff)
trunk/tag-remove.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/bb-config-sample.php

r1573	r1588
11	11	// If you are installing for the first time, leave them here
12	12
13		// Change BB_SECRET_KEY to a unique phrase. You won't have to remember it later,
14		// so make it long and complicated. You can visit https://www.grc.com/passwords.htm
15		// to get a phrase generated for you, or just make something up.
16		// If you are integrating logins with WordPress, you will need to match the value
17		// of the "SECRET_KEY" in the WordPress file wp-config.php
18		define('BB_SECRET_KEY', 'put your unique phrase here'); // Change this to a unique phrase.
	13	// Change each KEY to a different unique phrase. You won't have to remember the phrases later,
	14	// so make them long and complicated. You can visit https://www.grc.com/passwords.htm
	15	// to get phrases generated for you, or just make something up. Each key should have a different phrase.
	16	// If you are integrating logins with WordPress, you will need to match each key to
	17	// the value of their equivalent keys in the WordPress file wp-config.php
	18	define('BB_AUTH_KEY', 'put your unique phrase here'); // Change this to a unique phrase.
	19	define('BB_SECURE_AUTH_KEY', 'put your unique phrase here'); // Change this to a unique phrase.
	20	define('BB_LOGGED_IN_KEY', 'put your unique phrase here'); // Change this to a unique phrase.
19	21
20	22	// If you are running multiple bbPress installations in a single database,

trunk/bb-edit.php

r1575 r1588

2 2 require('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 $post_id = (int) $_POST['post_id'];

trunk/bb-includes/functions.php

r1585	r1588
1787	1787	'wp_siteurl' => '',
1788	1788	'wp_home' => '',
1789		'cookiedomain' => '',
	1789	'cookiedomain' => false,
1790	1790	'usercookie' => '',
1791	1791	'passcookie' => '',
1792	1792	'authcookie' => '',
1793	1793	'cookiepath' => '',
1794		'sitecookiepath' => ''
	1794	'sitecookiepath' => '',
	1795	'secure_auth_cookie' => '',
	1796	'logged_in_cookie' => '',
	1797	'admin_cookie_path' => '',
	1798	'core_plugins_cookie_path' => '',
	1799	'user_plugins_cookie_path' => '',
	1800	'wp_admin_cookie_path' => '',
	1801	'wp_plugins_cookie_path' => ''
1795	1802	);
1796	1803

trunk/bb-includes/pluggable.php

r1582	r1588
2	2
3	3	if ( !function_exists('bb_auth') ) :
4		function bb_auth() { // Checks if a user has a valid cookie, if not redirects them to the main page
5		if ( !wp_validate_auth_cookie() ) {
	4	function bb_auth($scheme = 'auth') { // Checks if a user has a valid cookie, if not redirects them to the main page
	5	if ( !wp_validate_auth_cookie('', $scheme) ) {
6	6	nocache_headers();
7	7	header('Location: ' . bb_get_uri(null, null, BB_URI_CONTEXT_HEADER));
…	…
98	98
99	99	if ( !function_exists('wp_validate_auth_cookie') ) :
100		function wp_validate_auth_cookie($cookie = '') {
	100	function wp_validate_auth_cookie($cookie = '', $scheme = 'auth') {
101	101	global $wp_auth_object;
102		return $wp_auth_object->validate_auth_cookie( $cookie );
	102	if ( empty($cookie) && $scheme == 'auth' ) {
	103	if ( bb_is_ssl() ) {
	104	$scheme = 'secure_auth';
	105	} else {
	106	$scheme = 'auth';
	107	}
	108	}
	109	return $wp_auth_object->validate_auth_cookie( $cookie, $scheme );
103	110	}
104	111	endif;
105	112
106	113	if ( !function_exists('wp_set_auth_cookie') ) :
107		function wp_set_auth_cookie($user_id, $remember = false) {
	114	function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
108	115	global $wp_auth_object;
109	116
110		if ( $remember )
111		$expiration = time() + 1209600;
112		else
113		$expiration = 0;
114
115		$wp_auth_object->set_auth_cookie( $user_id, $expiration );
	117	if ( $remember ) {
	118	$expiration = $expire = time() + 1209600;
	119	} else {
	120	$expiration = time() + 172800;
	121	$expire = 0;
	122	}
	123
	124	if ( '' === $secure )
	125	$secure = bb_is_ssl() ? true : false;
	126
	127	if ( $secure ) {
	128	$scheme = 'secure_auth';
	129	} else {
	130	$scheme = 'auth';
	131	}
	132
	133	$wp_auth_object->set_auth_cookie( $user_id, $expiration, $expire, $scheme );
116	134	}
117	135	endif;
…	…
120	138	function wp_clear_auth_cookie() {
121	139	global $bb, $wp_auth_object;
122
	140
123	141	$wp_auth_object->clear_auth_cookie();
124	142
125	143	// Old cookies
	144	setcookie($bb->authcookie, ' ', time() - 31536000, $bb->cookiepath, $bb->cookiedomain);
	145	setcookie($bb->authcookie, ' ', time() - 31536000, $bb->sitecookiepath, $bb->cookiedomain);
	146
	147	// Even older cookies
126	148	setcookie($bb->usercookie, ' ', time() - 31536000, $bb->cookiepath, $bb->cookiedomain);
127	149	setcookie($bb->usercookie, ' ', time() - 31536000, $bb->sitecookiepath, $bb->cookiedomain);
…	…
236	258	endif;
237	259
238		// Not verbatim WP, ~~bb has no options table and~~ constants have different names.
	260	// Not verbatim WP, constants have different names.
239	261	if ( !function_exists('wp_salt') ) :
240		function wp_salt() {
241
	262	function wp_salt($scheme = 'auth') {
	263	global $bb_default_secret_key;
	264
242	265	$secret_key = '';
243		if ( defined('BB_SECRET_KEY') && ('' != BB_SECRET_KEY) && (~~'put your unique phrase here'~~ != BB_SECRET_KEY) )
	266	if ( defined('BB_SECRET_KEY') && ('' != BB_SECRET_KEY) && ($bb_default_secret_key != BB_SECRET_KEY) )
244	267	$secret_key = BB_SECRET_KEY;
245
246		if ( defined('BB_SECRET_SALT') ) {
247		$salt = BB_SECRET_SALT;
248		} else {
249		if (!BB_INSTALLING) {
250		$salt = bb_get_option('secret');
251		if ( empty($salt) ) {
252		$salt = wp_generate_password(64);
253		bb_update_option('secret', $salt);
	268
	269	switch ($scheme) {
	270	case 'auth':
	271	if ( defined('BB_AUTH_KEY') && ('' != BB_AUTH_KEY) && ( $bb_default_secret_key != BB_AUTH_KEY) )
	272	$secret_key = BB_AUTH_KEY;
	273
	274	if ( defined('BB_AUTH_SALT') ) {
	275	$salt = BB_AUTH_SALT;
	276	} elseif ( defined('BB_SECRET_SALT') ) {
	277	$salt = BB_SECRET_SALT;
	278	} elseif ( !BB_INSTALLING ) {
	279	$salt = bb_get_option('bb_auth_salt');
	280	if ( empty($salt) ) {
	281	$salt = wp_generate_password();
	282	bb_update_option('bb_auth_salt', $salt);
	283	}
254	284	}
255		}
256		}
257
258		return apply_filters('salt', $secret_key . $salt);
	285	break;
	286
	287	case 'secure_auth':
	288	if ( defined('BB_SECURE_AUTH_KEY') && ('' != BB_SECURE_AUTH_KEY) && ( $bb_default_secret_key != BB_SECURE_AUTH_KEY) )
	289	$secret_key = BB_SECURE_AUTH_KEY;
	290
	291	if ( defined('BB_SECURE_AUTH_SALT') ) {
	292	$salt = BB_SECURE_AUTH_SALT;
	293	} else {
	294	$salt = bb_get_option('bb_secure_auth_salt');
	295	if ( empty($salt) ) {
	296	$salt = wp_generate_password();
	297	bb_update_option('bb_secure_auth_salt', $salt);
	298	}
	299	}
	300	break;
	301
	302	case 'logged_in':
	303	if ( defined('BB_LOGGED_IN_KEY') && ('' != BB_LOGGED_IN_KEY) && ( $bb_default_secret_key != BB_LOGGED_IN_KEY) )
	304	$secret_key = BB_LOGGED_IN_KEY;
	305
	306	if ( defined('BB_LOGGED_IN_SALT') ) {
	307	$salt = BB_LOGGED_IN_SALT;
	308	} else {
	309	$salt = bb_get_option('bb_logged_in_salt');
	310	if ( empty($salt) ) {
	311	$salt = wp_generate_password();
	312	bb_update_option('bb_logged_in_salt', $salt);
	313	}
	314	}
	315	break;
	316	}
	317
	318	return apply_filters('salt', $secret_key . $salt, $scheme);
259	319	}
260	320	endif;
261	321
262	322	if ( !function_exists('wp_hash') ) :
263		function wp_hash($data) {
264		$salt = wp_salt();
	323	function wp_hash($data, $scheme = 'auth') {
	324	$salt = wp_salt($scheme);
265	325
266	326	return hash_hmac('md5', $data, $salt);
…	…
285	345	* @return string the password
286	346	**/
287		function wp_generate_password( $length = 7 ) {
288		return WP_Pass::generate_password( $length );
	347	function wp_generate_password( $length = 12, $special_chars = true ) {
	348	return WP_Pass::generate_password( $length, $special_chars );
289	349	}
290	350	endif;

trunk/bb-post.php

r1575 r1588

2 2 require('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 if ( $throttle_time = bb_get_option( 'throttle_time' ) )

trunk/bb-settings.php

r1575	r1588
406	406
407	407	if ( preg_match( '@^(https?://[^/]+)((?:/.)/{1,1})$@i', $bb->uri, $matches ) ) {
408		// ~~Not used in core anymore, only set here for plugin compatibility~~
	408	// Used when setting up cookie domain
409	409	$bb->domain = $matches[1];
410	410	// Used when setting up cookie paths
…	…
609	609	}
610	610
	611	$bb->secure_auth_cookie = bb_get_option('secure_auth_cookie');
	612	if ( !$bb->secure_auth_cookie ) {
	613	$bb->secure_auth_cookie = ($bb->wp_cookies_integrated ? 'wordpress_sec_' : 'bbpress_sec_') . BB_HASH;
	614	}
	615
	616	$bb->logged_in_cookie = bb_get_option('logged_in_cookie');
	617	if ( !$bb->logged_in_cookie ) {
	618	$bb->logged_in_cookie = ($bb->wp_cookies_integrated ? 'wordpress_logged_in_' : 'bbpress_logged_in_') . BB_HASH;
	619	}
	620
611	621	$bb->cookiepath = bb_get_option('cookiepath');
612	622	if ( !$bb->cookiepath ) {
…	…
614	624	}
615	625
	626	$bb->admin_cookie_path = bb_get_option('bb_admin_cookie_path');
	627	if ( !$bb->admin_cookie_path ) {
	628	$bb->admin_cookie_path = $bb->path . 'bb-admin/';
	629	}
	630
	631	$bb->core_plugins_cookie_path = bb_get_option('bb_core_plugins_cookie_path');
	632	if ( !$bb->core_plugins_cookie_path ) {
	633	$bb->core_plugins_cookie_path = preg_replace('\|https?://[^/]+\|i', '', BB_CORE_PLUGIN_URL);
	634	}
	635
	636	$bb->user_plugins_cookie_path = bb_get_option('bb_user_plugins_cookie_path');
	637	if ( !$bb->user_plugins_cookie_path ) {
	638	$bb->user_plugins_cookie_path = preg_replace('\|https?://[^/]+\|i', '', BB_PLUGIN_URL);
	639	}
	640
616	641	$bb->sitecookiepath = bb_get_option('sitecookiepath');
617		if ( !$bb->sitecookiepath ) {
618		$bb->sitecookiepath = $bb->wp_cookies_integrated ? preg_replace('\|https?://[^/]+\|i', '', $bb->wp_siteurl ) : $bb->path;
619		}
	642	$_bb_sitecookiepath = $bb->sitecookiepath;
	643	if ( !$bb->sitecookiepath && $bb->wp_cookies_integrated ) {
	644	$bb->sitecookiepath = preg_replace('\|https?://[^/]+\|i', '', $bb->wp_siteurl );
	645	$_bb_sitecookiepath = $bb->sitecookiepath;
	646	if (bb_get_common_paths($bb->sitecookiepath, $bb->cookiepath) == $bb->cookiepath) {
	647	$bb->sitecookiepath = $bb->cookiepath;
	648	}
	649	}
	650
	651	$bb->wp_admin_cookie_path = bb_get_option('wp_admin_cookie_path');
	652	if ( !$bb->wp_admin_cookie_path && $bb->wp_cookies_integrated ) {
	653	$bb->wp_admin_cookie_path = $_bb_sitecookiepath . 'wp-admin/';
	654	}
	655
	656	$bb->wp_plugins_cookie_path = bb_get_option('wp_plugins_cookie_path');
	657	if ( !$bb->wp_plugins_cookie_path && $bb->wp_cookies_integrated ) {
	658	// This is a best guess only, should be manually set to match WP_PLUGIN_URL
	659	$bb->wp_plugins_cookie_path = $_bb_sitecookiepath . 'wp-content/plugins/';
	660	}
	661	unset($_bb_sitecookiepath);
	662
	663	/**
	664	* Should be exactly the same as the default value of the KEYS in bb-config-sample.php
	665	* @since 1.0-beta
	666	*/
	667	$bb_default_secret_key = 'put your unique phrase here';
620	668
621	669
…	…
651	699	require( BACKPRESS_PATH . 'class.wp-auth.php' );
652	700
	701	$cookies = array();
	702
	703	$cookies['logged_in'][] = array(
	704	'domain' => $bb->cookiedomain,
	705	'path' => $bb->cookiepath,
	706	'name' => $bb->logged_in_cookie
	707	);
	708
	709	if ($bb->sitecookiepath && $bb->cookiepath != $bb->sitecookiepath) {
	710	$cookies['logged_in'][] = array(
	711	'domain' => $bb->cookiedomain,
	712	'path' => $bb->sitecookiepath,
	713	'name' => $bb->logged_in_cookie
	714	);
	715	}
	716
	717	$cookies['auth'][] = array(
	718	'domain' => $bb->cookiedomain,
	719	'path' => $bb->admin_cookie_path,
	720	'name' => $bb->authcookie
	721	);
	722
	723	$cookies['secure_auth'][] = array(
	724	'domain' => $bb->cookiedomain,
	725	'path' => $bb->admin_cookie_path,
	726	'name' => $bb->secure_auth_cookie
	727	);
	728
	729	$cookies['auth'][] = array(
	730	'domain' => $bb->cookiedomain,
	731	'path' => $bb->core_plugins_cookie_path,
	732	'name' => $bb->authcookie
	733	);
	734
	735	$cookies['secure_auth'][] = array(
	736	'domain' => $bb->cookiedomain,
	737	'path' => $bb->core_plugins_cookie_path,
	738	'name' => $bb->secure_auth_cookie
	739	);
	740
	741	$cookies['auth'][] = array(
	742	'domain' => $bb->cookiedomain,
	743	'path' => $bb->user_plugins_cookie_path,
	744	'name' => $bb->authcookie
	745	);
	746
	747	$cookies['secure_auth'][] = array(
	748	'domain' => $bb->cookiedomain,
	749	'path' => $bb->user_plugins_cookie_path,
	750	'name' => $bb->secure_auth_cookie
	751	);
	752
	753	if ($bb->wp_admin_cookie_path) {
	754	$cookies['auth'][] = array(
	755	'domain' => $bb->cookiedomain,
	756	'path' => $bb->wp_admin_cookie_path,
	757	'name' => $bb->authcookie
	758	);
	759
	760	$cookies['secure_auth'][] = array(
	761	'domain' => $bb->cookiedomain,
	762	'path' => $bb->wp_admin_cookie_path,
	763	'name' => $bb->secure_auth_cookie
	764	);
	765	}
	766
	767	if ($bb->wp_plugins_cookie_path) {
	768	$cookies['auth'][] = array(
	769	'domain' => $bb->cookiedomain,
	770	'path' => $bb->wp_plugins_cookie_path,
	771	'name' => $bb->authcookie
	772	);
	773
	774	$cookies['secure_auth'][] = array(
	775	'domain' => $bb->cookiedomain,
	776	'path' => $bb->wp_plugins_cookie_path,
	777	'name' => $bb->secure_auth_cookie
	778	);
	779	}
	780
653	781	/**
654	782	* WP_Auth object
655	783	*/
656		$wp_auth_object = new WP_Auth( $bbdb, $wp_users_object, array(
657		'domain' => $bb->cookiedomain,
658		'path' => array( $bb->cookiepath, $bb->sitecookiepath ),
659		'name' => $bb->authcookie
660		) );
	784	$wp_auth_object = new WP_Auth(
	785	$bbdb,
	786	$wp_users_object,
	787	$cookies
	788	);
	789
	790	unset($cookies);
661	791	}
662	792

trunk/edit.php

r1575 r1588

2 2 require('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 $post_id = (int) $_GET['id'];
trunk/favorites.php

r1575 r1588

2 2 require_once('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 if ( !bb_current_user_can( 'edit_favorites_of', $user_id ) )
trunk/profile-edit.php

r1585 r1588

4 4 bb_ssl_redirect();
5 5
6 bb_auth();
6 bb_auth('logged_in');
7 7
8 8 if ( !bb_current_user_can( 'edit_user', $user_id ) ) {
trunk/tag-add.php

r1026 r1588

2 2 require('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 if ( !bb_is_user_logged_in() )
trunk/tag-remove.php

r1285 r1588

2 2 require('./bb-load.php');
3 3
4 bb_auth();
4 bb_auth('logged_in');
5 5
6 6 $tag_id = (int) @$_GET['tag'];

r1575	r1588
2	2	require('./bb-load.php');
3	3
4		bb_auth();
	4	bb_auth('logged_in');
5	5
6	6	$post_id = (int) $_POST['post_id'];

r1575	r1588
2	2	require_once('./bb-load.php');
3	3
4		bb_auth();
	4	bb_auth('logged_in');
5	5
6	6	if ( !bb_current_user_can( 'edit_favorites_of', $user_id ) )

r1585	r1588
4	4	bb_ssl_redirect();
5	5
6		bb_auth();
	6	bb_auth('logged_in');
7	7
8	8	if ( !bb_current_user_can( 'edit_user', $user_id ) ) {

Navigation

Changeset 1588

Legend:

Download in other formats: