The save_post hook is called every time someone calls the function wp_insert_post(). Plugins do that, unfortunately some themes too, and WordPress itself on several places when … someone uses post per email or XML RPC an auto-draft is created the Quick Draft feature on the dashboard is used a navigation menu item is added a … Read more
I had one more look at the code and I realized the save function was missing couple of checks. So replace meta_boxes.php:366 with this, if ( empty( $_POST[‘nonce_car_details’] ) ) { return; } check_admin_referer( ‘save_car_details_meta’, ‘nonce_car_details’ ); if ( ! current_user_can( ‘edit_post’, $post_id ) ) { return; } if ( wp_is_post_autosave( $post_id ) ) { … Read more
If anybody is strangling with it, the proper solution is to use both wp_set_auth_cookie specifying the second parameter being the logged_in cookie, which now gives me the following code: wp_set_current_user($user_id); if ( wp_validate_auth_cookie( ”, ‘logged_in’ ) != $user_id ) { wp_set_auth_cookie( $user_id ); } And to add an action, as suggested in this thread: Extend … Read more
You shouldn’t pass your nonce to your JavaScript to verify it, since client side scripts can be easily manipulated. Instead, you should get the nonce from your front-end content, and then pass it to server to verify it. After verification, you should decide to output content by server, not by your JavaScript file. Something like … Read more
Whoever wrote your theme didn’t bother to verify the existence of array keys before using them. The error is happening because the key album_tracks_metabox_nonce doesn’t exist in the $_POST array. The line likely should be: if ( !isset($_POST[‘album_tracks_metabox_nonce’]) || !wp_verify_nonce($_POST[‘album_tracks_metabox_nonce’], ‘album_tracks_metabox’) ) { // whatever is in the if condition, likely `return` }
You are not inserting the nonce field in your form, so your script won’t recieve the nonce field and this code: if ( !isset($_POST[‘nonce_name’])) Will be validated becasue $_POST[‘nonce_name’] is not set. In your code, remove this line: <input type=”hidden” value=””.wp_nonce_field(“nonce_action’,’nonce_name’).”‘/> And, where it said //TODO: set nonce, you need to include: $out .= wp_nonce_field( … Read more
You could just force a reload after a user toggles the connect button in again. Of course it’s not the nicest UX anymore and i guess it doesn’t fits in your plan.
These are your problem lines: if ( $_POST && !wp_verify_nonce($_POST[‘at_nonce’], __FILE__) ) { return; } You check to see that $_POST is set, but you don’t check $_POST[‘at_nonce’]. If $_POST is set but that key is not then you will get a Notice. It is a simple fix: if ( isset($_POST[‘at_nonce’]) && !wp_verify_nonce($_POST[‘at_nonce’], __FILE__) ) … Read more
Rarst said it worked for him both logged in and logged out, i can also confirm the same, here’s my ugly test code that works, very much just a hacked together version of your code(for testing). function say_coucou(){ check_ajax_referer( ‘hello’, ‘nonce’ ); echo “Hello”; die; } add_action(‘wp_ajax_hello_hello’, ‘say_coucou’); add_action(‘wp_ajax_nopriv_hello_hello’, ‘say_coucou’); add_action(‘admin_print_footer_scripts’,’blabla’,20000); add_action(‘wp_head’,’enj’,20000); add_action(‘wp_footer’,’blabla’,20000); function enj() … Read more
I get it a few time on my Hostnoc hosting, it happens when you have something running at the back of your WordPress (i.e. cron job or schedule backup up etc), this happens when you put a lot of usage on the server. Make sure you save each and everything before pressing publish. Furthermore, changed … Read more