Home

wp_nonce_field

February 12, 2011 by Thorsten 0 Comments

Definition:
function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {}

Retrieve or display nonce hidden field for forms.
The nonce field is used to validate that the contents of the form came from the location on the current site and not somewhere else. The nonce does not offer absolute protection, but should protect against most cases. It is very important to use nonce field in forms.

Parameters

  • string $action: Optional. Action name.
  • string $name: Optional. Nonce name.
  • bool $referer: Optional, default true. Whether to set the referer field for validation.
  • bool $echo: Optional, default true. Whether to display or return hidden form field.

Return values

returns:Nonce field.

Source code

function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {

	$name = esc_attr( $name );

	$nonce_field = '<input type="hidden" id="' . $name . '" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />';



	if ( $referer )

		$nonce_field .= wp_referer_field( false );



	if ( $echo )

		echo $nonce_field;



	return $nonce_field;

}

3949

/wp-includes/functions.php, Documentation, Files, Functions, Functions by letter w
, ,

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: