Workaround for login problem in 1.5.2

I’m not yet too familiar with this forum, so please point me in the right direction, if “Plugin & Hacks” isn’t proper section for this post.

After I upgraded from 1.5.1.3 to 1.5.2 login didn’t work anymore. After inserting right username and password it redirected to the same login page again.

I checked the cookies in Firefox’s cookie manager and found out that “Send for” property in the cookies was “Encrypted connection only” even though it isn’t possible to use https in the server where my WordPress installation is.

It looks like wp_setcookie function sets the secure mode to the cookies even if you don’t use HTTPS. So I made a few changes to wp-includes/pluggable-functions.php.

Added following lines to line 152 before setcookie -function calls:

$my_securecon = 0;
if (stristr($_ENV['SERVER_PROTOCOL'],'https'))
$my_securecon = 1;

And changed setcookie calls to use $my_securecon -variable:

setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $cookiepath, '', $my_securecon);
setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $cookiepath, '', $my_securecon);

if ( $cookiepath != $sitecookiepath ) {
setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $sitecookiepath, '', $my_securecon);
setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $sitecookiepath, '', $my_securecon);
}

At least this worked in my situation. I hope this helps others with the same problem.

This is only a very ugly hack, so if there is a better way, please let me now it. 😉