Function Reference/wp verify nonce

来自WordPress中文文档
跳转至: 导航搜索

Description

Verify that a nonce is correct and unexpired with the respect to a specified action. The function is used to verify the nonce sent in the current request usually accessed by the $_REQUEST PHP variable.

Usage

%%%<?php wp_verify_nonce( $nonce, $action ); ?>%%%

Parameters

tt$nonce/tt
(string) (required) Nonce to verify.
Default: Nonenoinclude

div class=template-description style=padding: 0 1.5em; border: 1px solid #eeeeee; background-color: #f9f9f9

Notes

This template is for standardizing how parameters look in the Function Reference and in Template Tags. Here is an example of this template being called: prenowiki检查到模板循环:模板:Parameter/nowiki/pre 检查到模板循环:模板:Parameter

The usage of this template is below: prenowiki检查到模板循环:模板:Parameter/nowiki/pre Let's take a closer look at the parameters..

name
The name of the parameter.
datatype
The datatype that should be given for this parameter when called.
  • string
  • integer
  • boolean
  • mixed
description
A short description of the parameter.
importance
Set this parameter to optional if the parameter is optional. Otherwise, do not declare this parameter—it defaults to required.
  • required
  • optional
default
If this parameter is optional, ttdefault/tt is the value that will be used if the parameter is not declared.

wordpress.org.cn /div /noinclude

tt$action/tt
(string/int) (optional) Action name. Should give the context to what is taking place and be the same when the nonce was created.
Default: -1noinclude

div class=template-description style=padding: 0 1.5em; border: 1px solid #eeeeee; background-color: #f9f9f9

Notes

This template is for standardizing how parameters look in the Function Reference and in Template Tags. Here is an example of this template being called: prenowiki检查到模板循环:模板:Parameter/nowiki/pre 检查到模板循环:模板:Parameter

The usage of this template is below: prenowiki检查到模板循环:模板:Parameter/nowiki/pre Let's take a closer look at the parameters..

name
The name of the parameter.
datatype
The datatype that should be given for this parameter when called.
  • string
  • integer
  • boolean
  • mixed
description
A short description of the parameter.
importance
Set this parameter to optional if the parameter is optional. Otherwise, do not declare this parameter—it defaults to required.
  • required
  • optional
default
If this parameter is optional, ttdefault/tt is the value that will be used if the parameter is not declared.

wordpress.org.cn /div /noinclude

Return Values

tt/tt
tt style=color:gray@return/tt (boolean/integer) tt style=color:blue/tt: Boolean false if the nonce is invalid. Otherwise, returns an integer with the value of:
  • 1 – if the nonce has been generated in the past 12 hours or less.
  • 2 – if the nonce was generated between 12 and 24 hours ago.noinclude

div class=template-description style=padding: 0 1.5em; border: 1px solid #eeeeee; background-color: #f9f9f9

Description

This template is for standardizing how return values look in the Function Reference and in Template Tags.

Parameters

(1|param|param)
Return param or value (also can be: null, void...).
(2|datatype|datatype)
Datatype of return value.
(3|description|description)
Description of return value.

Usage

prenowiki检查到模板循环:模板:Return/nowiki/pre

Example

prenowiki检查到模板循环:模板:Return/nowiki/pre

Output

检查到模板循环:模板:Return /div /noinclude

Example

Verify an nonce created with wp_create_nonce():

<?php

// Create an nonce, and add it as a query var in a link to perform an action.
$nonce = wp_create_nonce( 'my-nonce' );

echo "<a href='myplugin.php?_wpnonce={$nonce}'>Save Something</a>";

?>

.....

<?php 

// In our file that handles the request, verify the nonce.

$nonce = $_REQUEST['_wpnonce'];

if ( ! wp_verify_nonce( $nonce, 'my-nonce' ) ) {

     die( 'Security check' ); 

} else {

     // Do stuff here.
}

?>

You may also decide to take different actions based on the age of the nonce:

<?php

$nonce = wp_verify_nonce( $nonce, 'my-nonce' );

switch ( $nonce ) {

    case 1:
        echo 'Nonce is less than 12 hours old';
    break;

    case 2:
        echo 'Nonce is between 12 and 24 hours old';
    break;

    default:
        exit( 'Nonce is invalid' );
}

?>

Change Log

Since: 2.0.3

Source File

wp_verify_nonce() is defined in onlyincludecodewp-includes/pluggable.php/code/onlyinclude

div class=template-description style=padding: 0 1.5em; border: 1px solid #eeeeee; background-color: #f9f9f9

Template Description

Link to the source code on http://core.trac.wordpress.org/browser/.

Parameters

  1. filename
  2. (option) path to codetag/code (version) or codetrunk/code. This option is only used for a new function.br /Default: codetrunk/code -- trunk is the latest bleeding edge development version of WordPress.

Usage

Link to the stable version: pre检查到模板循环:模板:Trac/pre

Link to trunk: pre检查到模板循环:模板:Trac/pre

/div

wordpress.org.cn

Related

模板:Nonces

External Resources

includeonlydiv style=clear:both; background-color:#F7F7F7; border:1px solid #CCCCCC; color:#000000; padding:7px; margin:0.5em auto 0.5em auto; vertical-align:middle;See also index of Function Reference and index of Template Tags./div/includeonlynoinclude

Description

This Template is used by Codex:Template Messages.

Usage

pre 检查到模板循环:模板:Message /pre

Result

检查到模板循环:模板:Message

/noinclude