Re: [wp-testers] Angsuman’s Authenticated WordPress Plugin
Mistah P
mistahp.testers at gmail.com
Fri Mar 14 20:36:17 GMT 2008
On Fri, Mar 14, 2008 at 3:11 PM, Chris <fck.u.too at gmail.com> wrote:
> Angsuman's Authenticated WordPress Plugin just keeps redirecting back
> to the dashboard, alternately the Authenticate plugin seems to work
> correctly.
>
I'm glad you mentioned this. I was planning on bringing this up myself
sometime soon. I also use Angsuman's plugin. The reason it doesn't
work in 2.5 is that there's a new system for generating cookies and
that plugin implicitly relies on the old system.
I work around the issue by modifying the plugin. I replaced this bit:
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) )
with this bit:
global $user_ID;
if (!$user_ID) {
and it _seems_ to work exactly as it should. But it seems too simple.
If it was really that easy, why didn't it work like that to begin
with? I wonder, is there something I'm missing? Is checking for a
value to $user_ID less secure than verifying cookie contents?
More information about the wp-testers
mailing list