Appears to be working good. But, when you log out, does it have to say both "You session has expired." and "Successfully logged you out."?
On Dec 16, 2007 10:00 AM, Ryan Boren <[EMAIL PROTECTED]> wrote: > (Cross-posted to hackers and testers) > > A new cookie protocol has landed in trunk. This protocol is based on > the one described here: > > http://www.cse.msu.edu/~alexliu/publications/Cookie/cookie.pdf > > The cookie is laid out like so: > > user name|expiration time|HMAC( user name|expiration time, k) > where k = HMAC(user name|expiration time, sk) > and where sk is a secret key > > sk, the secret key, consists of a random string saved to the options > table in a "secret" field and a user definable secret key specified > in wp-config.php with the SECRET_KEY define. If SECRET_KEY is not > defined, the DB connect info is used to construct SECRET_KEY. Cookies > can be mass-expired by changing SECRET_KEY or "secret" in the options > table. > > This protocol requires the hash_hmac() function. This function is > available only in php 5.1.2 and later, so we added a php > implementation of it to compat.php. If you are using PHP versions < > 5.1.2, let us know if you have any troubles with regard to > hash_hmac(). > > The cookie design is still being discussed, so expect some more > changes. You can join the ongoing design discussion here: > > http://trac.wordpress.org/ticket/5367#comment:29 > _______________________________________________ > wp-testers mailing list > [email protected] > http://lists.automattic.com/mailman/listinfo/wp-testers > -- Matt ([EMAIL PROTECTED]) http://mattsblog.ca/ _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers
