validation

wp_verify_nonce for comment form is not returning false

Instead of adding the nonce_life filter and then immediately removing it, try telling WordPress that the lifetime for your nonce is 30 seconds. add_filter( ‘nonce_life’, ‘wpse426626_my_nonce_lifetime’, 10, 2 ); /** * Sets the nonce lifetime for the creacomments nonce. * * @param int $lifetime The nonce lifetime. * @param string $action The nonce action. * … Read more

Simple way to alert error messages in Javascript

Thank you Jacob Peattie for suggesting. It is very simple to use confirm() to replace alert() although confirm() has two options for users to select: OK and Cancel. When users click OK or Cancel button, I use function focus() to direct users where to correct that empty Content. Here are my working sample codes: if(content … Read more

Do I need to validate the nonce when using the settings api?

As mentioned I wasn’t able to find it explicitly mentioned, although it was implied in some articles, that it was being done. When using the settings_fields( string $option_group ) wordpress function you can see from the source code that it includes a nonce field: https://developer.wordpress.org/reference/functions/settings_fields/ function settings_fields( $option_group ) { echo “<input type=”hidden” name=”option_page” value=”” … Read more

What is the correct way of validating running code when a particular role accesses a screen?

Reducing the number of checks increases the performance of your code, so yes, check is_user_logged_in() and current_user_can() as few times as you can. For executing functions depending on the admin page, I’d probably attach callbacks to load-{$pagenow} hook (untested): function wpse417218_do_something_for_edit_page() { if ( ‘page’ !== get_current_screen()->id ) { return; } if ( ! current_user_can( … Read more

+ More
techhipbettruvabetnorabahisbahis forumutaraftarium24eduedueduedueduedueduedusedusedus