0

我正在对 WordPress 前端用户登录表单的问题进行故障排除。该代码适用于开发服务器上的同一站点,但不适用于生产服务器。

在生产服务器上,身份验证通过,并且 wp_signon() 返回一个完整的用户对象,但是 cookie 没有被插入到响应流中。

下面的代码演示了这一点:

$user = wp_signon( '', $secure_cookie );
var_dump($user);

使用 Fiddler 嗅探数据包时,生产服务器返回以下内容:

HTTP/1.1 302 Found
Server: cloudflare-nginx
Date: Fri, 24 May 2013 07:53:01 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.domain.com/blog/xmlrpc.php
X-Frame-Options: SAMEORIGIN
Location: http://www.domain.com/log-in/
Vary: Accept-Encoding,User-Agent
X-Cacheable: YES:FORCED
X-Varnish: 1753703763
Age: 0
Via: 1.1 varnish
X-Cache: MISS
CF-RAY: 73868e9b8da0418
Content-Length: 802

object(WP_User)#329 (7) {
["data"]=>
object(stdClass)#388 (10) {
["ID"]=>
string(2) "53"
["user_login"]=>
string(14) "SubscriberTest"
["user_pass"]=>
string(34) "$P$B8O8w6awJnKrHNoFLOyHJHfKiPE1nt/"
["user_nicename"]=>
string(14) "subscribertest"
["user_email"]=>
string(33) "SubscriberTest@domain.com"
["user_url"]=>
string(0) ""
["user_registered"]=>
string(19) "2013-05-23 05:56:42"
["user_activation_key"]=>
string(0) ""
["user_status"]=>
string(1) "0"
["display_name"]=>
string(14) "SubscriberTest"
}
["ID"]=>
int(53)
["caps"]=>
array(1) {
["subscriber"]=>
bool(true)
}
["cap_key"]=>
string(15) "wp_capabilities"
["roles"]=>
array(1) {
[0]=>
string(10) "subscriber"
}
["allcaps"]=>
array(3) {
["read"]=>
bool(true)
["level_0"]=>
bool(true)
["subscriber"]=>
bool(true)
}
["filter"]=>
NULL
}

WordPress 控制面板登录仍然有效,并且在登录后端时会插入 cookie。

生产服务器也在使用 CloudFlare,但我不确定这是否相关。我也向 Cloud Flare 发送了支持票,希望他们能够确认他们的代理服务是否可能会剥离它们。

这是我的开发服务器上运行相同代码时响应头部分的样子。在这个中,您可以看到正在发送 cookie:

HTTP/1.1 302 Found
Date: Fri, 24 May 2013 02:18:23 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: W3 Total Cache/0.9.2.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://domain.com/blog/xmlrpc.php
X-Frame-Options: SAMEORIGIN
Set-Cookie: wordpress_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7C08d4578ca9049beadffa39e0be0ea941; path=/blog/wp-content/plugins; httponly
Set-Cookie: wordpress_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7C08d4578ca9049beadffa39e0be0ea941; path=/blog/wp-admin; httponly
Set-Cookie: wordpress_logged_in_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7Cc41eb224ebec7f57982d0f93e70f7cff; path=/; httponly
Set-Cookie: wordpress_logged_in_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7Cc41eb224ebec7f57982d0f93e70f7cff; path=/blog/; httponly
Location: http://domain.com/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
4

1 回答 1

0

我终于发现 Varnish 正在生产服务器上运行,它正在剥离 cookie。添加 URL 排除项后,WP 功能开始按预期工作。

于 2013-05-30T21:03:14.270 回答