[wp-trac] [WordPress Trac] #39903: is_user_logged_in() true on ajax after cookie has been deleted
WordPress Trac
noreply at wordpress.org
Fri Feb 17 14:46:35 UTC 2017
#39903: is_user_logged_in() true on ajax after cookie has been deleted
--------------------------+-----------------------------
Reporter: esemlabel | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.7.2
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
is_user_logged_in() will return true on ajax after cookie has been deleted
manually in browser, until the session tokens expired or after
destroy_sessions from admin for this user.
To reproduce on:
1. Add ajax callback function with one checkup is_user_logged_in().
2. Log in front-end.
3. Clear browser cookie.
4. Refresh page and run ajax. It will return true. But the var_dump(
is_user_logged_in() ) on page will return correct false.
Even more: after deleting cookie and refreshing page, new wordpress_
cookie will appear again, maybe because of is_user_logged_in() check.
Proof on video attached using fresh wp install.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39903>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list