^ 回到顶部
  • 人生没有定律,每个人都有自己的节奏
  • 本站wordpress建站教程均通过实践后发布,希望对你有帮助
  • 希望你的坚持,都是因为热爱,而不是因为不甘心
  • 5年wordpress建站经验,5星服务品质
  • 那些不愿意让你吃亏的人,才是真正值得你深交的人,也是值得你付出时间的人
  • 阿里云1核2g仅需102元/年,今日10点开抢

wordpress函数check_admin_referer()用法示例

check_admin_referer( int|string $action = -1,  string $query_arg = '_wpnonce' )

Makes sure that a user was referred from another admin page.


描述

To avoid security exploits.


参数

$action

(int|string)
(Optional)
Action nonce.

Default value: -1

$query_arg

(string)
(Optional)
Key to check for nonce in $_REQUEST (since 2.5).

Default value: ‘_wpnonce’


返回值

(false|int) False if the nonce is invalid, 1 if the nonce is valid and generated between 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.


源代码

File: wp-includes/pluggable.php

function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
	if ( -1 == $action )
		_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );

	$adminurl = strtolower(admin_url());
	$referer = strtolower(wp_get_referer());
	$result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;

	/**
	 * Fires once the admin request has been validated or not.
	 *
	 * @since 1.5.1
	 *
	 * @param string    $action The nonce action.
	 * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
	 *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
	 */
	do_action( 'check_admin_referer', $action, $result );

	if ( ! $result && ! ( -1 == $action && strpos( $referer, $adminurl ) === 0 ) ) {
		wp_nonce_ays( $action );
		die();
	}

	return $result;
}

更新日志

Version 描述
1.2.0 Introduced.

相关函数

Uses

  • wp-includes/l10n.php:
    __()
  • wp-includes/pluggable.php:
    wp_verify_nonce()
  • wp-includes/pluggable.php:
    check_admin_referer
  • wp-includes/functions.php:
    _doing_it_wrong()
  • wp-includes/functions.php:
    wp_nonce_ays()
  • wp-includes/functions.php:
    wp_get_referer()
  • wp-includes/link-template.php:
    admin_url()
  • wp-includes/plugin.php:
    do_action()
  • Show 3 more uses
    Hide more uses


Used By

  • wp-admin/includes/misc.php:
    set_screen_options()
  • wp-admin/includes/dashboard.php:
    wp_dashboard_setup()
  • wp-admin/includes/media.php:
    media_upload_form_handler()
  • wp-admin/includes/media.php:
    wp_media_upload_handler()
  • wp-admin/custom-header.php:
    Custom_Image_Header::step_2()
  • wp-admin/custom-header.php:
    Custom_Image_Header::step_3()
  • wp-admin/custom-header.php:
    Custom_Image_Header::take_action()
  • wp-admin/custom-background.php:
    Custom_Background::take_action()
  • wp-admin/custom-background.php:
    Custom_Background::handle_upload()
  • Show 4 more used by
    Hide more used by


User Contributed Notes

  1. Skip to note content

    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note

    Contributed by Codex

    Usage in a plugin’s option page

    Here is an example of how you might use this in a plugin’s option page. You add a nonce to a form using the wp_nonce_field() function:

    
    <form method="post">
       <!-- some inputs here ... -->
       <?php wp_nonce_field( 'name_of_my_action','name_of_nonce_field' ); ?>
    </form>
    

    Then in the page where the form submits to, you can verify whether or not the form was submitted and update values if it was successfully submitted:

    
    <?php
    // if this fails, check_admin_referer() will automatically print a "failed" page and die.
    if ( ! empty( $_POST ) && check_admin_referer( 'name_of_my_action', 'name_of_nonce_field' ) ) {
       // process form data, e.g. update fields
    }
    
    // Display the form
    
  2. Note – Obsolete usage

    script dies if the admin referer is not validated.

    
    <?php check_admin_referer(); ?>
    

让小雨知道,这篇文章帮到了你
扫码关注微信公众号zs40086(微搜片)随时随地微信看片,抢先福利电影等你来

热门推荐

如有疑问,请前往问答中心反馈!

反馈