From c1b80c091e7950ef076e0bfe84a217368054f389 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Thu, 24 Jan 2008 21:19:42 +0000
Subject: [PATCH] check_ajax_referer() should look for *only* the auth_cookie,
 not others that look like they match. Autosave should know that an ajax
 response of -1 or 0 is a failure. Props mdawaffe

git-svn-id: https://develop.svn.wordpress.org/trunk@6649 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/js/autosave.js    | 4 +++-
 wp-includes/pluggable.php     | 4 +++-
 wp-includes/script-loader.php | 3 ++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/wp-includes/js/autosave.js b/wp-includes/js/autosave.js
index bdea35cca9..d10cb3c077 100644
--- a/wp-includes/js/autosave.js
+++ b/wp-includes/js/autosave.js
@@ -28,7 +28,7 @@ function autosave_update_post_ID(response) {
 
 	if(isNaN(res)) {
 		message = autosaveL10n.errorText.replace(/%response%/g, response);
-	} else {
+	} else if( res > 0 ) {
 		message = autosaveL10n.saveText.replace(/%time%/g, autosave_cur_time());
 		jQuery('#post_ID').attr({name: "post_ID"});
 		jQuery('#post_ID').val(res);
@@ -42,6 +42,8 @@ function autosave_update_post_ID(response) {
 			jQuery('#_wpnonce').val(html);
 		});
 		jQuery('#hiddenaction').val('editpost');
+	} else {
+		message = autosaveL10n.failText;
 	}
 	jQuery('#autosave').html(message);
 	autosave_enable_buttons();
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index 85b2a4e7c6..181846138a 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -661,8 +661,10 @@ function check_ajax_referer( $action = -1 ) {
 		$auth_cookie = '';
 		$cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
 		foreach ( $cookie as $tasty ) {
-			if ( false !== strpos($tasty, AUTH_COOKIE) )
+			if ( false !== strpos($tasty, AUTH_COOKIE . '=') ) {
 				$auth_cookie = substr(strstr($tasty, '='), 1);
+				break;
+			}
 		}
 
 		if ( empty($auth_cookie) )
diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php
index 97273f9cfb..78b74044dd 100644
--- a/wp-includes/script-loader.php
+++ b/wp-includes/script-loader.php
@@ -37,10 +37,11 @@ class WP_Scripts {
 
 		$this->add( 'prototype', '/wp-includes/js/prototype.js', false, '1.6');
 
-		$this->add( 'autosave', '/wp-includes/js/autosave.js', array('jquery', 'schedule'), '20080104');
+		$this->add( 'autosave', '/wp-includes/js/autosave.js', array('prototype', 'sack'), '20080124');
 		$this->localize( 'autosave', 'autosaveL10n', array(
 			'autosaveInterval' => apply_filters('autosave_interval', '120'),
 			'errorText' => __('Error: %response%'),
+			'failText' => __('Error: Autosave Failed.'),
 			'saveText' => __('Saved at %time%.'),
 			'requestFile' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php',
 			'savingText' => __('Saving Draft...')