[wp-trac] [WordPress Trac] #63230: Correct expiration time documentation for `wp_set_auth_cookie()`
WordPress Trac
noreply at wordpress.org
Fri Apr 4 15:32:14 UTC 2025
#63230: Correct expiration time documentation for `wp_set_auth_cookie()`
------------------------------------+---------------------
Reporter: peterwilsoncc | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.9
Component: Login and Registration | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-docs | Focuses: docs
------------------------------------+---------------------
Comment (by zodiac1978):
Replying to [comment:4 siliconforks]:
> Isn't the value still used on the server side, though? I believe the
value is checked in `wp_validate_auth_cookie()` (regardless of whether
"remember me" was used or not):
>
> https://github.com/WordPress/wordpress-
develop/blob/07bf0f91117629fb382ad09b6de1d138baea15e0/src/wp-
includes/pluggable.php#L729
Looking at this code it reads the cookie via `wp_parse_auth_cookie` and
then it casts it to integer:
{{{
$cookie_elements = wp_parse_auth_cookie( $cookie, $scheme );
// ...
$expiration = $cookie_elements['expiration'];
// ...
$expired = (int) $expiration;
}}}
For a session cookie this means the value is 0.
What do you mean with server side?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63230#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list