Test wp_nonce_field | ww.wp.xz.cn

arustad
(@arustad)

10 years ago

I used wp_nonce_field, how does a whitehat test it to make sure it is doing what it is supposed to?

Viewing 4 replies - 1 through 4 (of 4 total)

Clarion Technologies
(@clarionwpdeveloper)

10 years ago
Hello arustad,

The nonce field is used to validate that the contents of the form request came from the current site and not somewhere else.Like this you can check:
```
if (
    ! isset( $_POST['name_of_nonce_field'] )
    || ! wp_verify_nonce( $_POST['name_of_nonce_field'], 'name_of_my_action' )
) {

   print 'Sorry, your nonce did not verify.';
   exit;

}
```
Thanks
Thread Starter arustad
(@arustad)

10 years ago

I understand what it is, I just do not know how to check if it is working correctly.

esmi
(@esmi)

10 years ago

What are you building – a theme or a plugin?

Thread Starter arustad
(@arustad)

10 years ago

A plugin, it is for a multi-site, the form will hold a private key so I am trying to throw the book at it for security.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Test wp_nonce_field’ is closed to new replies.

In: Fixing WordPress
4 replies
3 participants
Last reply from: arustad
Last activity: 10 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics