Experiences with adding Nonces to the comment form

I haven’t done this personally, but it would be pretty easy. If you are building your comment form manually, just before the end of the </form> put:

<?php wp_nonce_field( 'comment_nonce' ) ?>

Then, just hook into the pre_comment_on_post action which fires when you submit a comment:

add_action( 'pre_comment_on_post', 'my_verify_comment_nonce' );

function my_verify_comment_nonce() {

    check_admin_referer( 'comment_nonce' );

}

If you want to just hook into the standard comment form that Twenty Ten uses (comment_form()) then you could instead hook into comment_form like so:

add_action( 'comment_form', 'my_add_comment_nonce_to_form' );

function my_add_comment_nonce_to_form() {

    wp_nonce_field( 'comment_nonce' );

}

Not tested, so let me know if you have any issues!

Related Posts:

  1. What are the package and subpackage comment for?
  2. adding a text message beside the comment submit button
  3. Akismet plugin is deleting spam despite preferences
  4. posts comments goes to trash
  5. Moving FB comments at the end of page
  6. Display WordPress comments before the plugins?
  7. how to get path to images in the uploads folder to be used in a plugin
  8. How to maintain W3C standards compliance of a theme
  9. How to export comments in WordPress?
  10. Difference between a theme and a plugin?
  11. How can I have two different urls for the same page that load two different templates?
  12. How to enable edit button in the theme’s customize UI?
  13. Facebook comments box on front page
  14. Ship plugin with a custom theme
  15. How to solve a conflict between a plugin and a theme?
  16. WP Config for FTP credentials
  17. WordPress error – PHP Fatal error: Uncaught Error: Call to undefined function register_block_type_from_metadata()
  18. Which hook callback has priority if both plugin and theme use the same hook?
  19. Force wordpress to request for FTP Info on theme/plugin install/update
  20. Workflow and best practice for documentation [closed]
  21. How to expire all wordpress user passwords instantly?
  22. Can I share predefined fonts from theme_support with a gutenberg component?
  23. How can I measure the performance of any WordPress Plugin or Theme?
  24. Get total number of comment of the posts written by an author
  25. add_action in functions.php, do_action in plugin?
  26. Implement plugins as part of a theme
  27. Theme or Plugin: Where should I write my code?
  28. Auto delete WordPress users according to time
  29. Is it possible to use WordPress as an online portfolio for text content? What kind of theme would I look for?
  30. How can I get WordPress to save comments in markdown format?
  31. Do I still need a theme to use page builders?
  32. Uncode theme content block header ignoring saved changes/not updating?
  33. Theme and plugin install or update display error in localhost
  34. Can I make a super plugin that also has a theme?
  35. Prevent WordPress installing plugins and themes via Admin
  36. Plugin Handle URL With Custom Theme
  37. Check for security updates
  38. Plugin-generated pages use Not Found or Pages Archive templates?
  39. Create custom registration form for WordPress Multisite
  40. Advanced Custom Field DatePicker [closed]
  41. All sites themes functions.php have been changed
  42. What will happen if i deactivate my visual composer plug in? [closed]
  43. Finding the URL to be used to check if plugin is installed with a theme
  44. WordPress 3.8.3. custom theme – sliders won’t load js/css files
  45. “No Add Button” for me to customize my WordPress with themes and pluggins
  46. How can I list all installed plugins/themes/versions from CLI/API?
  47. Is there a way to get plugins and themes not built for multisite to work on a network subsite?
  48. Why does my file_exist check fail?
  49. How to protect WordPress from security scanner [closed]
  50. Add back to post link on blank comment post error page
  51. how can I query all wordpress users of a blog
  52. Making that Admin Bar transparent or a blue color
  53. how to activate a plugin inside a theme
  54. Help with comments.php
  55. Some WordPress Posts are automatically becoming comments on other Posts
  56. There has been a critical error on your website – won’t fix no matter what
  57. Is it possible not to load theme on a specific page in wordpress?
  58. I receive taxonomy id
  59. How to extract a .wp-env.json or composer.json containing plugin versions from a production website?
  60. How to include files relative to a file’s directory
  61. How to save comment name email url fields?
  62. I want to use wordpress themes and plugin to develop website
  63. Blocking Plugin Css to load custom in template directory
  64. After a manual update, themes and plugins that were installed (and still in the directory) are not being seen
  65. Per theme plugins?
  66. Mobilepress fails to translate short codes
  67. uncaught TypeError: Cannot read properties of null (reading ‘classList’) custom plugin
  68. In Multisite Setups, how to update mass sections of sub-sites
  69. How to override any plugin file in the child theme
  70. Replace old theme that understand old css (vcex_icon_box css_animation)
  71. Mobile Menu and Mobile Sidebar missing
  72. custom fields not displaying on wordpress site
  73. elementor development – custom widget like an inner section widget
  74. WordPress fresh installation did not update default plugin and themes to latest version
  75. How to store a custom theme and update it on other installations
  76. How to get a post views count using ‘WordPress popular posts’ plugin
  77. Can’t add new plugin or themes on a wordpress multisite network from the primary site as administrator. Error: ERR_TOO_MANY_REDIRECTS
  78. How to prevent redoing get_posts queries and make results available to other scripts?
  79. Is it possible to disable a theme programmatically?
  80. Google trying to index child theme files
  81. WordPress panel is not loading after plugin activated with error: HTTP ERROR 500
  82. In the WordPress API is there a way to set the width of the post/page container
  83. AddThis Plugin adding html comments in P tags
  84. Disqus comments count taking long to update
  85. wp_login_form() ignoring login_form action hook
  86. What Are the Advantages of Using an mu-plugin
  87. Things that saved lose when logout
  88. Images is not showing after migration
  89. Child Theme Changes Are Not Reflecting In Parent Theme
  90. Automatic updates of plugins and themes outside of wordpress.org
  91. Input gets deleted/overwritten after changing to different Admin Menu
  92. How to fix vanilla comments extra iframe space
  93. Reply form used in wordpress.com
  94. Theme causing SSL break on chrome
  95. Why does theme need woocommerce to show images / content on front page?
  96. Divi Template A Few Questions
  97. Trying to use wp_register_script/style and enqueu them from an array – getting an error [duplicate]
  98. My Blog page ( posts page ) theme isn’t changing with the new theme [closed]
  99. How to Allow Users to Select Recipients In a WordPress Comment section?
  100. Very slow page loads

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)