wp_parse_auth_cookie( string $cookie = , string $scheme =  ): string[]|false

Parses a cookie into its components.

Parameters

$cookiestringoptional
Authentication cookie.

Default:''

$schemestringoptional
The cookie scheme to use: 'auth', 'secure_auth', or 'logged_in'.

Default:''

Return

string[]|false Authentication cookie components. None of the components should be assumed to be valid as they come directly from a client-provided cookie value. If the cookie value is malformed, false is returned.
  • username string
    User’s username.
  • expiration string
    The time the cookie expires as a UNIX timestamp.
  • token string
    User’s session token used.
  • hmac string
    The security hash for the cookie.
  • scheme string
    The cookie scheme to use.

Source

function wp_parse_auth_cookie( $cookie = '', $scheme = '' ) {
	if ( empty( $cookie ) ) {
		switch ( $scheme ) {
			case 'auth':
				$cookie_name = AUTH_COOKIE;
				break;
			case 'secure_auth':
				$cookie_name = SECURE_AUTH_COOKIE;
				break;
			case 'logged_in':
				$cookie_name = LOGGED_IN_COOKIE;
				break;
			default:
				if ( is_ssl() ) {
					$cookie_name = SECURE_AUTH_COOKIE;
					$scheme      = 'secure_auth';
				} else {
					$cookie_name = AUTH_COOKIE;
					$scheme      = 'auth';
				}
		}

		if ( empty( $_COOKIE[ $cookie_name ] ) ) {
			return false;
		}
		$cookie = $_COOKIE[ $cookie_name ];
	}

	$cookie_elements = explode( '|', $cookie );
	if ( count( $cookie_elements ) !== 4 ) {
		return false;
	}

	list( $username, $expiration, $token, $hmac ) = $cookie_elements;

	return compact( 'username', 'expiration', 'token', 'hmac', 'scheme' );
}

Changelog

VersionDescription
4.0.0The $token element was added to the return value.
2.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.