function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {}

Retrieve or display nonce hidden field for forms.
The nonce field is used to validate that the contents of the form came from the location on the current site and not somewhere else. The nonce does not offer absolute protection, but should protect against most cases. It is very important to use nonce field in forms.


  • string $action: Optional. Action name.
  • string $name: Optional. Nonce name.
  • bool $referer: Optional, default true. Whether to set the referer field for validation.
  • bool $echo: Optional, default true. Whether to display or return hidden form field.

Return values

returns:Nonce field.

Source code

function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {

	$name = esc_attr( $name );

	$nonce_field = '<input type="hidden" id="' . $name . '" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />';

	if ( $referer )

		$nonce_field .= wp_referer_field( false );

	if ( $echo )

		echo $nonce_field;

	return $nonce_field;



No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: