diff options
Diffstat (limited to 'plugins/jetpack/class.jetpack-network.php')
| -rw-r--r-- | plugins/jetpack/class.jetpack-network.php | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/plugins/jetpack/class.jetpack-network.php b/plugins/jetpack/class.jetpack-network.php index 31327e3b..991358f8 100644 --- a/plugins/jetpack/class.jetpack-network.php +++ b/plugins/jetpack/class.jetpack-network.php @@ -401,9 +401,6 @@ class Jetpack_Network { // Figure out what site we are working on $site_id = ( is_null( $site_id ) ) ? $_GET['site_id'] : $site_id; - // Build secrets to sent to wpcom for verification - $secrets = $jp->generate_secrets(); - // Remote query timeout limit $timeout = $jp->get_remote_query_timeout_limit(); @@ -419,9 +416,11 @@ class Jetpack_Network { // Save the secrets in the subsite so when the wpcom server does a pingback it // will be able to validate the connection - Jetpack_Options::update_option( 'register', - $secrets[0] . ':' . $secrets[1] . ':' . $secrets[2] - ); + $secrets = $jp->generate_secrets( 'register' ); + @list( $secret_1, $secret_2, $secret_eol ) = explode( ':', $secrets ); + if ( empty( $secret_1 ) || empty( $secret_2 ) || empty( $secret_eol ) || $secret_eol < time() ) { + return new Jetpack_Error( 'missing_secrets' ); + } // Gra info for gmt offset $gmt_offset = get_option( 'gmt_offset' ); @@ -438,7 +437,14 @@ class Jetpack_Network { */ $stat_options = get_option( 'stats_options' ); $stat_id = $stat_options = isset( $stats_options['blog_id'] ) ? $stats_options['blog_id'] : null; + $user_id = get_current_user_id(); + /** + * Both `state` and `user_id` need to be sent in the request, even though they are the same value. + * Connecting via the network admin combines `register()` and `authorize()` methods into one step, + * because we assume the main site is already authorized. `state` is used to verify the `register()` + * request, while `user_id()` is used to create the token in the `authorize()` request. + */ $args = array( 'method' => 'POST', 'body' => array( @@ -449,12 +455,13 @@ class Jetpack_Network { 'gmt_offset' => $gmt_offset, 'timezone_string' => (string) get_option( 'timezone_string' ), 'site_name' => (string) get_option( 'blogname' ), - 'secret_1' => $secrets[0], - 'secret_2' => $secrets[1], + 'secret_1' => $secret_1, + 'secret_2' => $secret_2, 'site_lang' => get_locale(), 'timeout' => $timeout, 'stats_id' => $stat_id, // Is this still required? - 'user_id' => get_current_user_id(), + 'user_id' => $user_id, + 'state' => $user_id ), 'headers' => array( 'Accept' => 'application/json', |