설명

Biscotti is a plugin that modifies the expiration of the logged in user cookie in WordPress. Choose from the default WordPress expiration (14 days), three months (90 days), six months (180 days), or one year (365 days). Because some people hate to have to keep entering their passwords.

Features

Per-user cookie expiration settings
Four expiration options: default, 3 months, 6 months, 1 year
WP-CLI support for managing settings programmatically
Fully translatable with i18n support
Secure implementation with CSRF protection
Clean uninstall that removes all plugin data

Security

Version 3.0.0 includes critical security improvements:
* CSRF protection with nonce verification
* Input validation with whitelist checking
* Strict type comparisons throughout
* Modern PHP 8.0+ type hints

Requirements

WordPress 6.0 or higher
PHP 8.0 or higher

WP-CLI Commands

As of version 2.1.0, Biscotti includes WP-CLI commands for managing a user’s logged in session cookie expiration.

Get a user’s cookie expiration

wp biscotti get <user_id>

Retrieves the current cookie expiration setting for a user.

Example:
wp biscotti get 123

Set a user’s cookie expiration

wp biscotti set <user_id> <expiration>

Sets the logged in session cookie expiration for a user.

Parameters:
* <user_id> — The ID of the user
* <expiration> — One of: default, 3 months, 6 months, 1 year

Examples:
* Set to 1 year: wp biscotti set 123 '1 year'
* Reset to default: wp biscotti set 123 default

설치

Upload the biscotti folder to the /wp-content/plugins/ directory
Activate the plugin through the ‘Plugins’ menu in WordPress
Navigate to your user profile (Users Profile) to configure your cookie expiration

FAQ

How do I use this plugin?

Once activated, go to Users Profile in the WordPress dashboard. You’ll see a new “Login Cookie Expiration” section where you can choose from four options:
* Default (14 days) – WordPress standard
* 3 months (90 days)
* 6 months (180 days)
* 1 year (365 days)

After changing this setting, log out and back in for the change to take effect.

Can I set different expirations for different users?

Yes! Each user can set their own preferred cookie expiration on their individual profile page.

What happens to my data if I uninstall the plugin?

Starting with version 3.0.0, Biscotti includes proper uninstall cleanup. When you delete the plugin through WordPress, all user meta data created by Biscotti will be automatically removed from your database.

Can I manage this via WP-CLI?

Yes! Since version 2.1.0, you can use wp biscotti get and wp biscotti set commands. See the WP-CLI Commands section for details.

Is this plugin secure?

Version 3.0.0 includes significant security improvements including CSRF protection, input validation, and modern security best practices. The plugin has been hardened against common vulnerabilities.

후기

protoo 2023년 10월 7일

This plugin really helped relieve me of my “WordPress keeps logging me out” frustration, I tried other options that promise the same features before finding this gem, and this is the BEST, SIMPLEST one! This plugin is of HUGE help and is CRUCIAL to my website, I don’t know what I would’ve done without it! I appreciate you SO much, plugin author! Keep up the great work, I wish you the absolute best!

모든 1 평가 읽기

기여자 & 개발자

“Biscotti”(은)는 오픈 소스 소프트웨어입니다. 다음의 사람들이 이 플러그인에 기여하였습니다.

자국어로 “Biscotti”(을)를 번역하세요.

개발에 관심이 있으십니까?

코드 탐색하기는, SVN 저장소를 확인하시거나, 개발 기록을 RSS로 구독하세요.

변경이력

3.0.0

Major Security & Feature Update

CRITICAL SECURITY FIX: Added CSRF protection with nonce verification on profile form submissions
SECURITY: Added input validation with whitelist checking for all user inputs
SECURITY: Added user existence validation in WP-CLI commands
SECURITY: Changed all loose comparisons to strict comparisons throughout
NEW: Added “Default (14 days)” option to allow users to revert to WordPress standard expiration
NEW: Added full internationalization (i18n) support with text domain
NEW: Enhanced form descriptions with clearer explanations
NEW: Added uninstall.php for proper database cleanup on plugin deletion
IMPROVED: WP-CLI commands now have better output formatting and validation
IMPROVED: Added PHP 8.0+ type hints throughout codebase
IMPROVED: Added comprehensive PHPDoc blocks
IMPROVED: Form markup updated with ARIA roles for accessibility
IMPROVED: Code organization with constants for all magic strings

2.1.0

Added WP-CLI command. Bumped required PHP version to 8.0.

2.0.3

@webaware has decided to help make this code less awful and submitted a pull request on GitHub. This release implements their improvements.

2.0.2

Sanitize. Not escape. Ack!

2.0.1

Forgot to escape the lone $_POST in my code. Feel dumb about it. Fixed now tho.

2.0.0

Rewrite! Now, instead of forcing everyone to use the same login cookie expiration, Biscotti allows users to individually select their login cookie expiration on their profile page.

1.0.0

Initial release. Simple plugin that forced login cookie expiration for every user to 1 year.

설명