WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

wp_parse_auth_cookie()

wp_parse_auth_cookie( string $cookie = '', string $scheme = '' ): string[]|false

In this article

Back to top

Parses a cookie into its components.

Parameters

$cookiestringoptional
Authentication cookie.

Default:''

$schemestringoptional
The cookie scheme to use: 'auth', 'secure_auth', or 'logged_in'.

Default:''

Return

string[]|false Authentication cookie components. None of the components should be assumed to be valid as they come directly from a client-provided cookie value. If the cookie value is malformed, false is returned.
  • username string
    User’s username.
  • expiration string
    The time the cookie expires as a UNIX timestamp.
  • token string
    User’s session token used.
  • hmac string
    The security hash for the cookie.
  • scheme string
    The cookie scheme to use.

Source

function wp_parse_auth_cookie( $cookie = '', $scheme = '' ) {	if ( empty( $cookie ) ) {	switch ( $scheme ) {	case 'auth':	$cookie_name = AUTH_COOKIE;	break;	case 'secure_auth':	$cookie_name = SECURE_AUTH_COOKIE;	break;	case 'logged_in':	$cookie_name = LOGGED_IN_COOKIE;	break;	default:	if ( is_ssl() ) {	$cookie_name = SECURE_AUTH_COOKIE;	$scheme = 'secure_auth';	} else {	$cookie_name = AUTH_COOKIE;	$scheme = 'auth';	}	}	if ( empty( $_COOKIE[ $cookie_name ] ) ) {	return false;	}	$cookie = $_COOKIE[ $cookie_name ];	}	$cookie_elements = explode( '|', $cookie );	if ( count( $cookie_elements ) !== 4 ) {	return false;	}	list( $username, $expiration, $token, $hmac ) = $cookie_elements;	return compact( 'username', 'expiration', 'token', 'hmac', 'scheme' ); }

View all references View on Trac View on GitHub

UsesDescription
is_ssl()wp-includes/load.php

Determines if SSL is used.

Used byDescription
wp_get_session_token()wp-includes/user.php

Retrieves the current session token from the logged_in cookie.

wp_validate_auth_cookie()wp-includes/pluggable.php

Validates authentication cookie.

wp_update_user()wp-includes/user.php

Updates a user in the database.

Changelog

VersionDescription
4.0.0The $token element was added to the return value.
2.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.