On Fri, Mar 14, 2008 at 3:11 PM, Chris <[EMAIL PROTECTED]> wrote:
> Angsuman's Authenticated WordPress Plugin just keeps redirecting back
> to the dashboard, alternately the Authenticate plugin seems to work
> correctly.
>
I'm glad you mentioned this. I was planning on bringing this up myself
sometime soon. I also use Angsuman's plugin. The reason it doesn't
work in 2.5 is that there's a new system for generating cookies and
that plugin implicitly relies on the old system.
I work around the issue by modifying the plugin. I replaced this bit:
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE],
$_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) )
with this bit:
global $user_ID;
if (!$user_ID) {
and it _seems_ to work exactly as it should. But it seems too simple.
If it was really that easy, why didn't it work like that to begin
with? I wonder, is there something I'm missing? Is checking for a
value to $user_ID less secure than verifying cookie contents?
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers
