<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[29362] trunk/src/wp-includes: Add blog_id to the `wp-settings-*` cookie (used for storing user state) to prevent it being overloaded on sub-domain sites.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://core.trac.wordpress.org/changeset/29362">29362</a></dd>
<dt>Author</dt> <dd>azaozz</dd>
<dt>Date</dt> <dd>2014-08-02 20:08:52 +0000 (Sat, 02 Aug 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Add blog_id to the `wp-settings-*` cookie (used for storing user state) to prevent it being overloaded on sub-domain sites. Fixes <a href="http://core.trac.wordpress.org/ticket/29095">#29095</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpincludesjsutilsjs">trunk/src/wp-includes/js/utils.js</a></li>
<li><a href="#trunksrcwpincludesoptionphp">trunk/src/wp-includes/option.php</a></li>
<li><a href="#trunksrcwpincludesscriptloaderphp">trunk/src/wp-includes/script-loader.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpincludesjsutilsjs"></a>
<div class="modfile"><h4>Modified: trunk/src/wp-includes/js/utils.js (29361 => 29362)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/src/wp-includes/js/utils.js 2014-08-02 20:02:00 UTC (rev 29361)
+++ trunk/src/wp-includes/js/utils.js 2014-08-02 20:08:52 UTC (rev 29362)
</span><span class="lines">@@ -3,25 +3,27 @@
</span><span class="cx"> // utility functions
</span><span class="cx">
</span><span class="cx"> var wpCookies = {
</span><del>-// The following functions are from Cookie.js class in TinyMCE, Moxiecode, used under LGPL.
</del><ins>+// The following functions are from Cookie.js class in TinyMCE 3, Moxiecode, used under LGPL.
</ins><span class="cx">
</span><del>- each : function(obj, cb, scope) {
</del><ins>+ each: function( obj, cb, scope ) {
</ins><span class="cx"> var n, l;
</span><span class="cx">
</span><del>- if ( !obj )
</del><ins>+ if ( ! obj ) {
</ins><span class="cx"> return 0;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> scope = scope || obj;
</span><span class="cx">
</span><del>- if ( typeof(obj.length) != 'undefined' ) {
</del><ins>+ if ( typeof( obj.length ) !== 'undefined' ) {
</ins><span class="cx"> for ( n = 0, l = obj.length; n < l; n++ ) {
</span><del>- if ( cb.call(scope, obj[n], n, obj) === false )
</del><ins>+ if ( cb.call( scope, obj[n], n, obj ) === false ) {
</ins><span class="cx"> return 0;
</span><ins>+ }
</ins><span class="cx"> }
</span><span class="cx"> } else {
</span><span class="cx"> for ( n in obj ) {
</span><span class="cx"> if ( obj.hasOwnProperty(n) ) {
</span><del>- if ( cb.call(scope, obj[n], n, obj) === false ) {
</del><ins>+ if ( cb.call( scope, obj[n], n, obj ) === false ) {
</ins><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="lines">@@ -34,17 +36,18 @@
</span><span class="cx"> * Get a multi-values cookie.
</span><span class="cx"> * Returns a JS object with the name: 'value' pairs.
</span><span class="cx"> */
</span><del>- getHash : function(name) {
- var all = this.get(name), ret;
</del><ins>+ getHash: function( name ) {
+ var cookie = this.get( name ), values;
</ins><span class="cx">
</span><del>- if ( all ) {
- this.each( all.split('&'), function(pair) {
</del><ins>+ if ( cookie ) {
+ this.each( cookie.split('&'), function( pair ) {
</ins><span class="cx"> pair = pair.split('=');
</span><del>- ret = ret || {};
- ret[pair[0]] = pair[1];
</del><ins>+ values = values || {};
+ values[pair[0]] = pair[1];
</ins><span class="cx"> });
</span><span class="cx"> }
</span><del>- return ret;
</del><ins>+
+ return values;
</ins><span class="cx"> },
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -52,45 +55,47 @@
</span><span class="cx"> *
</span><span class="cx"> * 'values_obj' is the JS object that is stored. It is encoded as URI in wpCookies.set().
</span><span class="cx"> */
</span><del>- setHash : function(name, values_obj, expires, path, domain, secure) {
</del><ins>+ setHash: function( name, values_obj, expires, path, domain, secure ) {
</ins><span class="cx"> var str = '';
</span><span class="cx">
</span><del>- this.each(values_obj, function(val, key) {
- str += (!str ? '' : '&') + key + '=' + val;
</del><ins>+ this.each( values_obj, function( val, key ) {
+ str += ( ! str ? '' : '&' ) + key + '=' + val;
</ins><span class="cx"> });
</span><span class="cx">
</span><del>- this.set(name, str, expires, path, domain, secure);
</del><ins>+ this.set( name, str, expires, path, domain, secure );
</ins><span class="cx"> },
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * Get a cookie.
</span><span class="cx"> */
</span><del>- get : function(name) {
</del><ins>+ get: function( name ) {
</ins><span class="cx"> var e, b,
</span><span class="cx"> cookie = document.cookie,
</span><span class="cx"> p = name + '=';
</span><span class="cx">
</span><del>- if ( !cookie )
</del><ins>+ if ( ! cookie ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><del>- b = cookie.indexOf('; ' + p);
</del><ins>+ b = cookie.indexOf( '; ' + p );
</ins><span class="cx">
</span><del>- if ( b == -1 ) {
</del><ins>+ if ( b === -1 ) {
</ins><span class="cx"> b = cookie.indexOf(p);
</span><span class="cx">
</span><del>- if ( b !== 0 )
</del><ins>+ if ( b !== 0 ) {
</ins><span class="cx"> return null;
</span><del>-
</del><ins>+ }
</ins><span class="cx"> } else {
</span><span class="cx"> b += 2;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> e = cookie.indexOf( ';', b );
</span><span class="cx">
</span><del>- if ( e == -1 )
</del><ins>+ if ( e === -1 ) {
</ins><span class="cx"> e = cookie.length;
</span><ins>+ }
</ins><span class="cx">
</span><del>- return decodeURIComponent( cookie.substring(b + p.length, e) );
</del><ins>+ return decodeURIComponent( cookie.substring( b + p.length, e ) );
</ins><span class="cx"> },
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -99,13 +104,13 @@
</span><span class="cx"> * The 'expires' arg can be either a JS Date() object set to the expiration date (back-compat)
</span><span class="cx"> * or the number of seconds until expiration
</span><span class="cx"> */
</span><del>- set : function(name, value, expires, path, domain, secure) {
</del><ins>+ set: function( name, value, expires, path, domain, secure ) {
</ins><span class="cx"> var d = new Date();
</span><span class="cx">
</span><del>- if ( typeof(expires) == 'object' && expires.toGMTString ) {
</del><ins>+ if ( typeof( expires ) === 'object' && expires.toGMTString ) {
</ins><span class="cx"> expires = expires.toGMTString();
</span><del>- } else if ( parseInt(expires, 10) ) {
- d.setTime( d.getTime() + ( parseInt(expires, 10) * 1000 ) ); // time must be in miliseconds
</del><ins>+ } else if ( parseInt( expires, 10 ) ) {
+ d.setTime( d.getTime() + ( parseInt( expires, 10 ) * 1000 ) ); // time must be in miliseconds
</ins><span class="cx"> expires = d.toGMTString();
</span><span class="cx"> } else {
</span><span class="cx"> expires = '';
</span><span class="lines">@@ -123,41 +128,68 @@
</span><span class="cx"> *
</span><span class="cx"> * This is done by setting it to an empty value and setting the expiration time in the past.
</span><span class="cx"> */
</span><del>- remove : function(name, path) {
- this.set(name, '', -1000, path);
</del><ins>+ remove: function( name, path ) {
+ this.set( name, '', -1000, path );
</ins><span class="cx"> }
</span><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> // Returns the value as string. Second arg or empty string is returned when value is not set.
</span><span class="cx"> function getUserSetting( name, def ) {
</span><del>- var obj = getAllUserSettings();
</del><ins>+ var settings = getAllUserSettings();
</ins><span class="cx">
</span><del>- if ( obj.hasOwnProperty(name) )
- return obj[name];
</del><ins>+ if ( settings.hasOwnProperty( name ) ) {
+ return settings[name];
+ }
</ins><span class="cx">
</span><del>- if ( typeof def != 'undefined' )
</del><ins>+ if ( typeof def !== 'undefined' ) {
</ins><span class="cx"> return def;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> return '';
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Both name and value must be only ASCII letters, numbers or underscore
</span><span class="cx"> // and the shorter, the better (cookies can store maximum 4KB). Not suitable to store text.
</span><ins>+// The value is converted and stored as string.
</ins><span class="cx"> function setUserSetting( name, value, _del ) {
</span><del>- if ( 'object' !== typeof userSettings )
</del><ins>+ if ( 'object' !== typeof userSettings ) {
</ins><span class="cx"> return false;
</span><ins>+ }
</ins><span class="cx">
</span><del>- var cookie = 'wp-settings-' + userSettings.uid, all = wpCookies.getHash(cookie) || {}, path = userSettings.url,
- n = name.toString().replace(/[^A-Za-z0-9_]/, ''), v = value.toString().replace(/[^A-Za-z0-9_]/, '');
</del><ins>+ var uid = userSettings.uid,
+ oldUid = uid.lastIndexOf('-') > 0 ? uid.substring( 0, uid.lastIndexOf('-') ) : 0,
+ settings = wpCookies.getHash( 'wp-settings-' + uid ),
+ path = userSettings.url;
</ins><span class="cx">
</span><ins>+ name = name.toString().replace( /[^A-Za-z0-9_]/, '' );
+
+ if ( typeof value === 'number' ) {
+ value = parseInt( value, 10 );
+ } else {
+ value = value.toString().replace( /[^A-Za-z0-9_]/, '' );
+ }
+
+ if ( oldUid ) {
+ if ( ! settings ) {
+ settings = wpCookies.getHash( 'wp-settings-' + oldUid );
+ }
+ // Delete old cookies
+ if ( wpCookies.get( 'wp-settings-time-' + oldUid ) ) {
+ wpCookies.remove( 'wp-settings-' + oldUid, path );
+ wpCookies.remove( 'wp-settings-time-' + oldUid, path );
+ }
+ }
+
+ settings = settings || {};
+
</ins><span class="cx"> if ( _del ) {
</span><del>- delete all[n];
</del><ins>+ delete settings[name];
</ins><span class="cx"> } else {
</span><del>- all[n] = v;
</del><ins>+ settings[name] = value;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- wpCookies.setHash(cookie, all, 31536000, path);
- wpCookies.set('wp-settings-time-'+userSettings.uid, userSettings.time, 31536000, path);
</del><ins>+ wpCookies.setHash( 'wp-settings-' + uid, settings, 31536000, path );
+ wpCookies.set( 'wp-settings-time-' + uid, userSettings.time, 31536000, path );
</ins><span class="cx">
</span><span class="cx"> return name;
</span><span class="cx"> }
</span><span class="lines">@@ -168,8 +200,18 @@
</span><span class="cx">
</span><span class="cx"> // Returns all settings as js object.
</span><span class="cx"> function getAllUserSettings() {
</span><del>- if ( 'object' !== typeof userSettings )
</del><ins>+ if ( 'object' !== typeof userSettings ) {
</ins><span class="cx"> return {};
</span><ins>+ }
</ins><span class="cx">
</span><del>- return wpCookies.getHash('wp-settings-' + userSettings.uid) || {};
</del><ins>+ var uid = userSettings.uid,
+ settings = wpCookies.getHash( 'wp-settings-' + uid );
+
+ // Try the old format cookie
+ if ( ! settings && uid.lastIndexOf('-') > 0 ) {
+ uid = uid.substring( 0, uid.lastIndexOf('-') );
+ settings = wpCookies.getHash( 'wp-settings-' + uid );
+ }
+
+ return settings || {};
</ins><span class="cx"> }
</span></span></pre></div>
<a id="trunksrcwpincludesoptionphp"></a>
<div class="modfile"><h4>Modified: trunk/src/wp-includes/option.php (29361 => 29362)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/src/wp-includes/option.php 2014-08-02 20:02:00 UTC (rev 29361)
+++ trunk/src/wp-includes/option.php 2014-08-02 20:08:52 UTC (rev 29362)
</span><span class="lines">@@ -713,29 +713,30 @@
</span><span class="cx"> */
</span><span class="cx"> function wp_user_settings() {
</span><span class="cx">
</span><del>- if ( ! is_admin() )
</del><ins>+ if ( ! is_admin() || defined( 'DOING_AJAX' ) ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( defined('DOING_AJAX') )
</del><ins>+ if ( ! $user_id = get_current_user_id() ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( ! $user_id = get_current_user_id() )
</del><ins>+ if ( is_super_admin() && ! is_user_member_of_blog() ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( is_super_admin() && ! is_user_member_of_blog() )
- return;
-
</del><span class="cx"> $settings = (string) get_user_option( 'user-settings', $user_id );
</span><ins>+ $uid = $user_id . '-' . get_current_blog_id();
</ins><span class="cx">
</span><del>- if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
- $cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
</del><ins>+ if ( isset( $_COOKIE['wp-settings-' . $uid] ) ) {
+ $cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $uid] );
</ins><span class="cx">
</span><span class="cx"> // No change or both empty
</span><span class="cx"> if ( $cookie == $settings )
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> $last_saved = (int) get_user_option( 'user-settings-time', $user_id );
</span><del>- $current = isset( $_COOKIE['wp-settings-time-' . $user_id]) ? preg_replace( '/[^0-9]/', '', $_COOKIE['wp-settings-time-' . $user_id] ) : 0;
</del><ins>+ $current = isset( $_COOKIE['wp-settings-time-' . $uid]) ? preg_replace( '/[^0-9]/', '', $_COOKIE['wp-settings-time-' . $uid] ) : 0;
</ins><span class="cx">
</span><span class="cx"> // The cookie is newer than the saved value. Update the user_option and leave the cookie as-is
</span><span class="cx"> if ( $current > $last_saved ) {
</span><span class="lines">@@ -747,9 +748,9 @@
</span><span class="cx">
</span><span class="cx"> // The cookie is not set in the current browser or the saved value is newer.
</span><span class="cx"> $secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) );
</span><del>- setcookie( 'wp-settings-' . $user_id, $settings, time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
- setcookie( 'wp-settings-time-' . $user_id, time(), time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
- $_COOKIE['wp-settings-' . $user_id] = $settings;
</del><ins>+ setcookie( 'wp-settings-' . $uid, $settings, time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
+ setcookie( 'wp-settings-time-' . $uid, time(), time() + YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
+ $_COOKIE['wp-settings-' . $uid] = $settings;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -781,8 +782,9 @@
</span><span class="cx"> */
</span><span class="cx"> function set_user_setting( $name, $value ) {
</span><span class="cx">
</span><del>- if ( headers_sent() )
</del><ins>+ if ( headers_sent() ) {
</ins><span class="cx"> return false;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> $all_user_settings = get_all_user_settings();
</span><span class="cx"> $all_user_settings[$name] = $value;
</span><span class="lines">@@ -803,8 +805,9 @@
</span><span class="cx"> */
</span><span class="cx"> function delete_user_setting( $names ) {
</span><span class="cx">
</span><del>- if ( headers_sent() )
</del><ins>+ if ( headers_sent() ) {
</ins><span class="cx"> return false;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> $all_user_settings = get_all_user_settings();
</span><span class="cx"> $names = (array) $names;
</span><span class="lines">@@ -817,8 +820,9 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if ( $deleted )
</del><ins>+ if ( $deleted ) {
</ins><span class="cx"> return wp_set_all_user_settings( $all_user_settings );
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -833,22 +837,28 @@
</span><span class="cx"> function get_all_user_settings() {
</span><span class="cx"> global $_updated_user_settings;
</span><span class="cx">
</span><del>- if ( ! $user_id = get_current_user_id() )
</del><ins>+ if ( ! $user_id = get_current_user_id() ) {
</ins><span class="cx"> return array();
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( isset( $_updated_user_settings ) && is_array( $_updated_user_settings ) )
</del><ins>+ if ( isset( $_updated_user_settings ) && is_array( $_updated_user_settings ) ) {
</ins><span class="cx"> return $_updated_user_settings;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> $user_settings = array();
</span><del>- if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
</del><ins>+ $uid = $user_id . '-' . get_current_blog_id();
+
+ if ( isset( $_COOKIE['wp-settings-' . $uid] ) ) {
+ $cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $uid] );
+ } elseif ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
</ins><span class="cx"> $cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( $cookie && strpos( $cookie, '=' ) ) // '=' cannot be 1st char
- parse_str( $cookie, $user_settings );
-
</del><ins>+ if ( ! empty( $cookie ) && strpos( $cookie, '=' ) ) { // '=' cannot be 1st char
+ parse_str( $cookie, $user_settings );
</ins><span class="cx"> } else {
</span><span class="cx"> $option = get_user_option( 'user-settings', $user_id );
</span><del>- if ( $option && is_string($option) )
</del><ins>+ if ( $option && is_string( $option ) )
</ins><span class="cx"> parse_str( $option, $user_settings );
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -867,22 +877,25 @@
</span><span class="cx"> function wp_set_all_user_settings( $user_settings ) {
</span><span class="cx"> global $_updated_user_settings;
</span><span class="cx">
</span><del>- if ( ! $user_id = get_current_user_id() )
</del><ins>+ if ( ! $user_id = get_current_user_id() ) {
</ins><span class="cx"> return false;
</span><ins>+ }
</ins><span class="cx">
</span><del>- if ( is_super_admin() && ! is_user_member_of_blog() )
</del><ins>+ if ( is_super_admin() && ! is_user_member_of_blog() ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> $settings = '';
</span><span class="cx"> foreach ( $user_settings as $name => $value ) {
</span><span class="cx"> $_name = preg_replace( '/[^A-Za-z0-9_]+/', '', $name );
</span><span class="cx"> $_value = preg_replace( '/[^A-Za-z0-9_]+/', '', $value );
</span><span class="cx">
</span><del>- if ( ! empty( $_name ) )
</del><ins>+ if ( ! empty( $_name ) ) {
</ins><span class="cx"> $settings .= $_name . '=' . $_value . '&';
</span><ins>+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- $settings = rtrim($settings, '&');
</del><ins>+ $settings = rtrim( $settings, '&' );
</ins><span class="cx"> parse_str( $settings, $_updated_user_settings );
</span><span class="cx">
</span><span class="cx"> update_user_option( $user_id, 'user-settings', $settings, false );
</span><span class="lines">@@ -897,11 +910,13 @@
</span><span class="cx"> * @since 2.7.0
</span><span class="cx"> */
</span><span class="cx"> function delete_all_user_settings() {
</span><del>- if ( ! $user_id = get_current_user_id() )
</del><ins>+ if ( ! $user_id = get_current_user_id() ) {
</ins><span class="cx"> return;
</span><ins>+ }
</ins><span class="cx">
</span><ins>+ $uid = $user_id . '-' . get_current_blog_id();
</ins><span class="cx"> update_user_option( $user_id, 'user-settings', '', false );
</span><del>- setcookie('wp-settings-' . $user_id, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH);
</del><ins>+ setcookie( 'wp-settings-' . $uid, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> /**
</span></span></pre></div>
<a id="trunksrcwpincludesscriptloaderphp"></a>
<div class="modfile"><h4>Modified: trunk/src/wp-includes/script-loader.php (29361 => 29362)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/src/wp-includes/script-loader.php 2014-08-02 20:02:00 UTC (rev 29361)
+++ trunk/src/wp-includes/script-loader.php 2014-08-02 20:08:52 UTC (rev 29362)
</span><span class="lines">@@ -72,7 +72,7 @@
</span><span class="cx"> $scripts->add( 'utils', "/wp-includes/js/utils$suffix.js" );
</span><span class="cx"> did_action( 'init' ) && $scripts->localize( 'utils', 'userSettings', array(
</span><span class="cx"> 'url' => (string) SITECOOKIEPATH,
</span><del>- 'uid' => (string) get_current_user_id(),
</del><ins>+ 'uid' => get_current_user_id() . '-' . get_current_blog_id(),
</ins><span class="cx"> 'time' => (string) time(),
</span><span class="cx"> ) );
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>