alin999/demo-wp-nonces-oop

Composer package, It implements working with WordPress Nonces in an object orientated way

Maintainers

Details

github.com/alin999/demo-wp-nonces-oop

Source

Issues

Installs: 8

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

dev-master 2018-04-23 11:54 UTC

Requires

  • php: >=5.3.0

Requires (Dev)

MIT 233b724d2c0fc35423ef65482e669260312b921c

  • Alin Duica <alinduica.woop@gmail.com>

This package is not auto-updated.

Last update: 2024-06-09 03:34:33 UTC

README

Composer package, which serves the functionality working with WordPress Nonces. Implementing wp_nonce_*() function in an object orientated way.

Installation

shell:

	composer require alin999/demo-wp-nonces-oop

or, just add in your composer file:

{
    "repositories": [
        {
            "type": "vcs",
            "url" : "https://github.com/alin999/demo-wp-nonces-oop"
        }
    ],
    "require": {
        "alin999/demo-wp-nonces-oop" : "dev-master"
    }
}

Public Functions

Usage

    $my_nonce = new WP_Nonce;

set_action

It sets a custom nonce action
Parameters:

  • $action (string/int) (optional) Nonce action. If missing, the daluat value will be -1
    $my_nonce->set_action('test-action');
    echo $my_nonce->action;

get_action

Returns the nonce action

    $action = $my_nonce->get_action();
    echo $action;

set_nonce_name

_It sets a custom nonce name
Parameters:

  • $name (string/int) (optional) Action name. If missing, the default value is _wpnonce
    $my_nonce->set_nonce_name( '_wpnonce' );
    echo $my_nonce->nouce_name;

get_nonce_name

Returns the nonce name

    $name = $my_nonce->get_nonce_name();
    echo $name;

create_nonce

Function to generate and return a nonce based on WordPress wp_create_nonce function
Returns: string
Parameters:

  • $action (string/int) (optional) Nonce action.Optional. If missing, the class var ($my_nonce->action) will be used
    $nonce = $my_nonce->create_nonce();
    echo $nonce;

nonce_to_url

Function to add a nonce to an URL and return the updated URL. It wraps WordPress function wp_nonce_url
Returns: string : the URL with nonce action added
Parameters:

  • $actionurl string URL where to add nonce action
  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
  • $name string Optional. Nonce name. If missing, null or blank, the class var (nonce_name) will be used
    $test_url = $my_nonce->nonce_to_url( 'http://my-wp-site.com', -1, '_wpnonce');
    echo $test_url;

nonce_to_field

Function to retrieve or display the nonce hidden form field. It wraps WordPress function wp_nonce_field
Returns: string : the nonce hidden form field
Parameters:

  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
  • $name string Optional. Nonce name. If missing, null or blank, the class var (nonce_name) will be used
  • $referer boolean Optional. Whether also the referer hidden form field should be created with the wp_referer_field() function. Default is true
  • $echo boolean Optional. Whether to display or return the nonce hidden form field. Defalut is true
    $nonce_field = $my_nonce->nonce_to_field( -1, '_wpnonce', true, false );
    echo $nonce_field;

nonce_ays

Function to display 'Are you sure you want to do this?' message to confirm the action being taken.It wraps WordPress function wp_nonce_ays
Parameters:

  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
    $my_nonce->nonce_ays();

verify_nonce

Function to verify that a nonce is correct and unexpired with the respect to a specified action.It wraps WordPress function wp_verify_nonce
Returns: (boolean|integer) False if the nonce is invalid. Otherwise, returns an integer with the value of: 1 – if generated in the past 12 hours or less or 2 – if generated between 12 and 24 hours ago.
Parameters:

  • $nonce string Required. Nonce to verify.
  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
    $nonce = $my_nonce->create_nonce();
    $verify_nonce_response = $my_nonce->verify_nonce($nonce);
    echo $verify_nonce_response;

check_admin_referer

Function to tests either if the current request carries a valid nonce, or if the current request was referred from an administration screen; depending on whether the $action argument is given (which is prefered), or not, respectively. On failure, the function dies after calling the wp_nonce_ays() function.
It wraps WordPress function check_admin_referer
Returns: To return boolean true, in the case of the obsolete usage, the current request must be referred from an administration screen; in the case of the prefered usage, the nonce must be sent and valid. Otherwise the function dies with an appropriate message ("Are you sure you want to do this?" by default). Parameters:

  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
  • $query_arg_name string Optional. Nonce name. Where to look for nonce in the $REQUEST PHP variable. If missing, null or blank, the class var (nonce_name) will be used
	//You add a nonce to a form using the wp_nonce_field() function:
		<form method="post">
		   <!-- some inputs here -->
		   <?php $my_nonce->nonce_to_field( 'name_of_my_action', 'name_of_nonce_field' , true , true ); ?>
		</form>
	
	//Then in the page where the form submits to, you can verify whether or not the form was submitted and update values if it was successfully submitted:
	<?php
	$my_nonce->check_admin_referer( 'name_of_my_action', 'name_of_nonce_field' );
	// process form data, e.g. update fields
	// you can use it in a IF statement if you want, not mandatory because there is not "false" return, only true or die().

check_ajax_referer

This function can be overridden by plugins. If no plugin redefines this function, then the standard functionality will be used.The standard function verifies the AJAX request, to prevent any processing of requests which are passed in by third-party sites or systems.
It wraps WordPress function check_ajax_referer_
Returns: boolean . If parameter $die is set to false, this function will return a boolean of true if the check passes or false if the check fails.
Parameters:

  • $action string|int Optional. Nonce action name. If null or blank, the class var (action) will be used
  • $query_arg string optional. Where to look for nonce in $REQUEST. Default: false
  • $die @param boolean optional. Whether to die if the nonce is invalid. Default: true Example
	$my_nonce->check_ajax_referer('my-action', 'my-query-arg');