| 1 | <?php |
|---|
| 2 | |
|---|
| 3 | /* |
|---|
| 4 | Plugin Name: Get User By Name (fast) |
|---|
| 5 | */ |
|---|
| 6 | |
|---|
| 7 | function wp_validate_auth_cookie($cookie = '') { |
|---|
| 8 | if ( empty($cookie) ) { |
|---|
| 9 | global $bb; |
|---|
| 10 | if ( empty($_COOKIE[$bb->authcookie]) ) {return false;} |
|---|
| 11 | $cookie = $_COOKIE[$bb->authcookie]; |
|---|
| 12 | } |
|---|
| 13 | |
|---|
| 14 | $cookie_elements = explode('|', $cookie); |
|---|
| 15 | if ( count($cookie_elements) != 3 ) {return false;} |
|---|
| 16 | |
|---|
| 17 | list($username, $expiration, $hmac) = $cookie_elements; |
|---|
| 18 | |
|---|
| 19 | $expired = $expiration; |
|---|
| 20 | |
|---|
| 21 | // Allow a grace period for POST and AJAX requests |
|---|
| 22 | if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] ) |
|---|
| 23 | $expired += 3600; |
|---|
| 24 | |
|---|
| 25 | if ( $expired < time() ) {return false;} |
|---|
| 26 | |
|---|
| 27 | $key = wp_hash($username . '|' . $expiration); |
|---|
| 28 | $hash = hash_hmac('md5', $username . '|' . $expiration, $key); |
|---|
| 29 | |
|---|
| 30 | if ( $hmac != $hash ) {return false;} |
|---|
| 31 | |
|---|
| 32 | $username = sanitize_user( $username, true ); |
|---|
| 33 | global $bbdb; |
|---|
| 34 | if ( $user = $bbdb->get_row( $bbdb->prepare( "SELECT * FROM $bbdb->users WHERE user_login = %s", $username ) ) ) { |
|---|
| 35 | bb_append_meta( $user, 'user' ); |
|---|
| 36 | } |
|---|
| 37 | |
|---|
| 38 | if ( empty($user->ID) ) {return false;} |
|---|
| 39 | |
|---|
| 40 | return $user->ID; |
|---|
| 41 | } |
|---|
| 42 | |
|---|
| 43 | ?> |
|---|
