^ 回到顶部
  • 人生没有定律,每个人都有自己的节奏
  • 本站wordpress建站教程均通过实践后发布,希望对你有帮助
  • 希望你的坚持,都是因为热爱,而不是因为不甘心
  • 5年wordpress建站经验,5星服务品质
  • 那些不愿意让你吃亏的人,才是真正值得你深交的人,也是值得你付出时间的人
  • 阿里云1核2g仅需102元/年,今日10点开抢

wordpress函数check_ajax_referer()用法示例

check_ajax_referer( int|string $action = -1,  false|string $query_arg = false,  bool $die = true )

Verifies the Ajax request to prevent processing requests external of the blog.


描述


参数

$action

(int|string)
(Optional)
Action nonce.

Default value: -1

$query_arg

(false|string)
(Optional)
Key to check for the nonce in $_REQUEST (since 2.5). If false, $_REQUEST values will be evaluated for ‘_ajax_nonce’, and ‘_wpnonce’ (in that order).

Default value: false

$die

(bool)
(Optional)
Whether to die early when the nonce cannot be verified.

Default value: true


返回值

(false|int) False if the nonce is invalid, 1 if the nonce is valid and generated between 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.


源代码

File: wp-includes/pluggable.php

function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
	if ( -1 == $action ) {
		_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '4.7' );
	}

	$nonce = '';

	if ( $query_arg && isset( $_REQUEST[ $query_arg ] ) )
		$nonce = $_REQUEST[ $query_arg ];
	elseif ( isset( $_REQUEST['_ajax_nonce'] ) )
		$nonce = $_REQUEST['_ajax_nonce'];
	elseif ( isset( $_REQUEST['_wpnonce'] ) )
		$nonce = $_REQUEST['_wpnonce'];

	$result = wp_verify_nonce( $nonce, $action );

	/**
	 * Fires once the Ajax request has been validated or not.
	 *
	 * @since 2.1.0
	 *
	 * @param string    $action The Ajax nonce action.
	 * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
	 *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
	 */
	do_action( 'check_ajax_referer', $action, $result );

	if ( $die && false === $result ) {
		if ( wp_doing_ajax() ) {
			wp_die( -1, 403 );
		} else {
			die( '-1' );
		}
	}

	return $result;
}

更新日志

Version 描述
2.0.3 Introduced.

相关函数

Uses

  • wp-includes/load.php:
    wp_doing_ajax()
  • wp-includes/l10n.php:
    __()
  • wp-includes/pluggable.php:
    wp_verify_nonce()
  • wp-includes/pluggable.php:
    check_ajax_referer
  • wp-includes/functions.php:
    _doing_it_wrong()
  • wp-includes/functions.php:
    wp_die()
  • wp-includes/plugin.php:
    do_action()
  • Show 2 more uses
    Hide more uses


Used By

  • wp-admin/includes/ajax-actions.php:
    wp_ajax_get_community_events()
  • wp-includes/class-wp-customize-nav-menus.php:
    WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_search_install_plugins()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_plugin()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_search_plugins()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_install_theme()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_update_theme()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_theme()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_install_plugin()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_get_post_thumbnail_html()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_wporg_username()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_inactive_widgets()
  • wp-includes/class-wp-customize-nav-menus.php:
    WP_Customize_Nav_Menus::ajax_load_available_items()
  • wp-includes/class-wp-customize-nav-menus.php:
    WP_Customize_Nav_Menus::ajax_search_available_items()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_crop_image()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_update_plugin()
  • wp-admin/custom-background.php:
    Custom_Background::ajax_background_add()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_attachment_order()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_send_attachment_to_editor()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_send_link_to_editor()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_user_color_scheme()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_widget()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_upload_attachment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_image_editor()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_set_post_thumbnail()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_wp_fullscreen_save_post()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_wp_remove_post_lock()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_attachment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_save_attachment_compat()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_add_menu_item()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_add_meta()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_add_user()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_closed_postboxes()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_hidden_columns()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_update_welcome_panel()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_wp_link_ajax()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_menu_locations_save()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_meta_box_order()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_get_permalink()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_sample_permalink()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_inline_save()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_inline_save_tax()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_find_posts()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_widgets_order()
  • wp-admin/includes/ajax-actions.php:
    _wp_ajax_add_hierarchical_term()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_comment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_tag()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_link()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_meta()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_post()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_trash_post()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_delete_page()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_dim_comment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_add_link_category()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_add_tag()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_get_comments()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_replyto_comment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_edit_comment()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_fetch_list()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_wp_compression_test()
  • wp-admin/includes/ajax-actions.php:
    wp_ajax_imgedit_preview()
  • wp-admin/custom-header.php:
    Custom_Image_Header::ajax_header_crop()
  • wp-admin/custom-header.php:
    Custom_Image_Header::ajax_header_add()
  • wp-admin/custom-header.php:
    Custom_Image_Header::ajax_header_remove()
  • wp-includes/class-wp-customize-manager.php:
    WP_Customize_Manager::save()
  • wp-includes/class-wp-customize-manager.php:
    WP_Customize_Manager::setup_theme()
  • wp-includes/class-wp-customize-widgets.php:
    WP_Customize_Widgets::wp_ajax_update_widget()
  • Show 62 more used by
    Hide more used by


User Contributed Notes

  1. Skip to note content

    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note

    Contributed by Codex

    Example
    In your main file, set the nonce like this:

    
    <?php
    //Set Your Nonce
    $ajax_nonce = wp_create_nonce( "wpdocs-special-string" );
    ?>
    
    <script type="text/javascript">
    jQuery(document).ready(function($){
    	var data = {
    		action: 'wpdocs_action',
    		security: '<?php echo $ajax_nonce; ?>',
    		wpdocs_string: 'Hello World!'
    	};
    	$.post(ajaxurl, data, function(response) {
    		alert("Response: " + response);
    	});
    });
    </script>
    

    In your AJAX file, check the referrer like this:

    
    /**
     * Check the referrer for the AJAX call.
     */
    function wpdocs_action_function() {
    	check_ajax_referer( 'wpdocs-special-string', 'security' );
    	echo sanitize_text_field( $_POST['wpdocs_string'] );
    	die;
    }
    add_action( 'wp_ajax_wpdocs_action', 'wpdocs_action_function' );
    

让小雨知道,这篇文章帮到了你
扫码关注微信公众号zs40086(微搜片)随时随地微信看片,抢先福利电影等你来

热门推荐

如有疑问,请前往问答中心反馈!

反馈