CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
wp_create_nonce example
public function column_email( $item ) {
/** This filter is documented in wp-admin/includes/ajax-actions.php */
$exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() );
$exporters_count = count( $exporters );
$status = $item->status;
$request_id = $item->ID;
$nonce = wp_create_nonce( 'wp-privacy-export-personal-data-' . $request_id );
$download_data_markup = '<span class="export-personal-data" ' .
'data-exporters-count="' . esc_attr( $exporters_count ) . '" ' .
'data-request-id="' . esc_attr( $request_id ) . '" ' .
'data-nonce="' . esc_attr( $nonce ) .
'">';
$download_data_markup .= '<span class="export-personal-data-idle"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data' ) . '</button></span>' .
'<span class="export-personal-data-processing hidden">' . __( 'Downloading data...' ) . ' <span class="export-progress"></span></span>' .
'<span class="export-personal-data-success hidden"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data again' ) . '</button></span>' .
'<span class="export-personal-data-failed hidden">' . __( 'Download failed.' ) . ' <button type="button" class="button-link export-personal-data-handle">' . __( 'Retry' ) . '</button></span>';
array(
array( 'autofocus' => array( 'panel' => 'widgets' ) ),
'return' => urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ),
),
admin_url( 'customize.php' )
)
),
__( 'Manage with Live Preview' )
);
}
$nonce = wp_create_nonce( 'widgets-access' );
?> <div class="widget-access-link"> <a id="access-on" href="widgets.php?widgets-access=on&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Enable accessibility mode' ); ?></a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Disable accessibility mode' ); ?></a> </div> <hr class="wp-header-end"> <?php if ( isset( $_GET['message'] ) && isset( $messages[ $_GET['message'] ] ) ) { ?> <div id="message" class="updated notice is-dismissible"><p><?php echo $messages[ $_GET['message'] ]; ?></p></div> <?php } ?> <?php if ( isset( $_GET['error'] ) && isset( $errors[ $_GET['error'] ] ) ) { ?>
array( 'autofocus' => array( 'panel' => 'widgets' ) ),
'return' => urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ),
),
admin_url( 'customize.php' )
)
),
__( 'Manage with Live Preview' )
);
}
$nonce = wp_create_nonce( 'widgets-access' );
?> <div class="widget-access-link"> <a id="access-on" href="widgets.php?widgets-access=on&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Enable accessibility mode' ); ?></a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Disable accessibility mode' ); ?></a> </div> <hr class="wp-header-end"> <?php if ( isset( $_GET['message'] ) && isset( $messages[ $_GET['message'] ] ) ) { ?> <div id="message" class="updated notice is-dismissible"><p><?php echo $messages[ $_GET['message'] ]; ?></p></div> <?php } ?> <?php if ( isset( $_GET['error'] ) && isset( $errors[ $_GET['error'] ] ) ) { ?>
return true;
}
// Check the nonce. $result = wp_verify_nonce( $nonce, 'wp_rest' );
if ( ! $result ) {
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie check failed' ), array( 'status' => 403 ) );
}
// Send a refreshed nonce in header. rest_get_server()->send_header( 'X-WP-Nonce', wp_create_nonce( 'wp_rest' ) );
return true;
}
/** * Collects cookie authentication status. * * Collects errors from wp_validate_auth_cookie for use by rest_cookie_check_errors. * * @since 4.4.0 * * @see current_action() * @global mixed $wp_rest_auth_cookie */
}
// Check the nonce. $result = wp_verify_nonce( $nonce, 'wp_rest' );
if ( ! $result ) {
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie check failed' ), array( 'status' => 403 ) );
}
// Send a refreshed nonce in header. rest_get_server()->send_header( 'X-WP-Nonce', wp_create_nonce( 'wp_rest' ) );
return true;
}
/** * Collects cookie authentication status. * * Collects errors from wp_validate_auth_cookie for use by rest_cookie_check_errors. * * @since 4.4.0 * * @see current_action() * @global mixed $wp_rest_auth_cookie */
<?php printf( __( 'Please <a href="%s" target="_blank">contact our support team</a> with any questions.', 'akismet' ), 'https://akismet.com/contact/' ); ?>
</p>
</div>
<?php elseif ( $type == 'new-key-valid' ) :
global $wpdb;
$check_pending_link = false;
$at_least_one_comment_in_moderation = !! $wpdb->get_var( "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_approved = '0' LIMIT 1" );
if ( $at_least_one_comment_in_moderation) {
$check_pending_link = 'edit-comments.php?akismet_recheck=' . wp_create_nonce( 'akismet_recheck' );
}
?> <div class="akismet-alert akismet-active"> <h3 class="akismet-key-status"><?php esc_html_e( 'Akismet is now protecting your site from spam. Happy blogging!', 'akismet' ); ?></h3> <?php if ( $check_pending_link ) { ?> <p class="akismet-description"><?php printf( __( 'Would you like to <a href="%s">check pending comments</a>?', 'akismet' ), esc_url( $check_pending_link ) ); ?></p> <?php } ?> </div> <?php elseif ( $type == 'new-key-invalid' ) : ?> <div class="akismet-alert akismet-critical"> <h3 class="akismet-key-status"><?php esc_html_e( 'The key you entered is invalid. Please double-check it.' , 'akismet'); ?></h3> </div>
global $wpdb;
$check_pending_link = false;
$at_least_one_comment_in_moderation = !! $wpdb->get_var( "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_approved = '0' LIMIT 1" );
if ( $at_least_one_comment_in_moderation) {
$check_pending_link = 'edit-comments.php?akismet_recheck=' . wp_create_nonce( 'akismet_recheck' );
}
?> <div class="akismet-alert akismet-active"> <h3 class="akismet-key-status"><?php esc_html_e( 'Akismet is now protecting your site from spam. Happy blogging!', 'akismet' ); ?></h3> <?php if ( $check_pending_link ) { ?> <p class="akismet-description"><?php printf( __( 'Would you like to <a href="%s">check pending comments</a>?', 'akismet' ), esc_url( $check_pending_link ) ); ?></p> <?php } ?> </div> <?php elseif ( $type == 'new-key-invalid' ) : ?> <div class="akismet-alert akismet-critical"> <h3 class="akismet-key-status"><?php esc_html_e( 'The key you entered is invalid. Please double-check it.' , 'akismet'); ?></h3> </div>
wp_register_style( 'akismet-admin', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.css', array(), filemtime( dirname( __FILE__ ) . '/_inc/akismet-admin.css' ) );
wp_enqueue_style( 'akismet-admin' );
wp_register_script( 'akismet.js', plugin_dir_url( __FILE__ ) . '_inc/akismet.js', array( 'jquery' ), AKISMET_VERSION );
wp_enqueue_script( 'akismet.js' );
wp_register_script( 'akismet-admin.js', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.js', array( 'jquery' ), filemtime( dirname( __FILE__ ) . '/_inc/akismet-admin.js' ) );
wp_enqueue_script( 'akismet-admin.js' );
$inline_js = array(
'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ),
'strings' => array(
'Remove this URL' => __( 'Remove this URL' , 'akismet'),
'Removing...' => __( 'Removing...' , 'akismet'),
'URL removed' => __( 'URL removed' , 'akismet'),
'(undo)' => __( '(undo)' , 'akismet'),
'Re-adding...' => __( 'Re-adding...' , 'akismet'),
)
);
if ( isset( $_GET['akismet_recheck'] ) && wp_verify_nonce( $_GET['akismet_recheck'], 'akismet_recheck' ) ) {
$inline_js['start_recheck'] = true;
}
wp_enqueue_style( 'akismet-admin' );
wp_register_script( 'akismet.js', plugin_dir_url( __FILE__ ) . '_inc/akismet.js', array( 'jquery' ), AKISMET_VERSION );
wp_enqueue_script( 'akismet.js' );
wp_register_script( 'akismet-admin.js', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.js', array( 'jquery' ), filemtime( dirname( __FILE__ ) . '/_inc/akismet-admin.js' ) );
wp_enqueue_script( 'akismet-admin.js' );
$inline_js = array(
'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ),
'strings' => array(
'Remove this URL' => __( 'Remove this URL' , 'akismet'),
'Removing...' => __( 'Removing...' , 'akismet'),
'URL removed' => __( 'URL removed' , 'akismet'),
'(undo)' => __( '(undo)' , 'akismet'),
'Re-adding...' => __( 'Re-adding...' , 'akismet'),
)
);
if ( isset( $_GET['akismet_recheck'] ) && wp_verify_nonce( $_GET['akismet_recheck'], 'akismet_recheck' ) ) {
$inline_js['start_recheck'] = true;
}
/** * Adds a nonce for customizing menus. * * @since 4.5.0 * * @param string[] $nonces Array of nonces. * @return string[] Modified array of nonces. */
public function filter_nonces( $nonces ) {
$nonces['customize-menus'] = wp_create_nonce( 'customize-menus' );
return $nonces;
}
/** * Ajax handler for loading available menu items. * * @since 4.3.0 */
public function ajax_load_available_items() {
check_ajax_referer( 'customize-menus', 'customize-menus-nonce' );
if ( ! $post_id ) {
return $response;
}
if ( ! current_user_can( 'edit_post', $post_id ) ) {
return $response;
}
$response['wp-refresh-post-nonces'] = array(
'replace' => array(
'getpermalinknonce' => wp_create_nonce( 'getpermalink' ),
'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
'_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
'_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
),
);
}
return $response;
}
return $response;
}
if ( ! current_user_can( 'edit_post', $post_id ) ) {
return $response;
}
$response['wp-refresh-post-nonces'] = array(
'replace' => array(
'getpermalinknonce' => wp_create_nonce( 'getpermalink' ),
'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
'_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
'_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
),
);
}
return $response;
}
public function enqueue_scripts() {
$screen = get_current_screen();
if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) {
return;
}
$health_check_js_variables = array(
'screen' => $screen->id,
'nonce' => array(
'site_status' => wp_create_nonce( 'health-check-site-status' ),
'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ),
),
'site_status' => array(
'direct' => array(),
'async' => array(),
'issues' => array(
'good' => 0,
'recommended' => 0,
'critical' => 0,
),
),
);
$action_links[] = sprintf(
'<button type="button" class="button button-disabled" disabled="disabled">%s</button>',
_x( 'Active', 'plugin' )
);
} elseif ( current_user_can( 'activate_plugin', $status['file'] ) ) {
if ( $compatible_php && $compatible_wp ) {
$button_text = __( 'Activate' );
/* translators: %s: Plugin name. */
$button_label = _x( 'Activate %s', 'plugin' );
$activate_url = add_query_arg(
array(
'_wpnonce' => wp_create_nonce( 'activate-plugin_' . $status['file'] ),
'action' => 'activate',
'plugin' => $status['file'],
),
network_admin_url( 'plugins.php' )
);
if ( is_network_admin() ) {
$button_text = __( 'Network Activate' );
/* translators: %s: Plugin name. */
$button_label = _x( 'Network Activate %s', 'plugin' );
$activate_url = add_query_arg( array( 'networkwide' => 1 ), $activate_url );
}
'<button type="button" class="button button-disabled" disabled="disabled">%s</button>',
_x( 'Active', 'plugin' )
);
} elseif ( current_user_can( 'activate_plugin', $status['file'] ) ) {
if ( $compatible_php && $compatible_wp ) {
$button_text = __( 'Activate' );
/* translators: %s: Plugin name. */
$button_label = _x( 'Activate %s', 'plugin' );
$activate_url = add_query_arg(
array(
'_wpnonce' => wp_create_nonce( 'activate-plugin_' . $status['file'] ),
'action' => 'activate',
'plugin' => $status['file'],
),
network_admin_url( 'plugins.php' )
);
if ( is_network_admin() ) {
$button_text = __( 'Network Activate' );
/* translators: %s: Plugin name. */
$button_label = _x( 'Network Activate %s', 'plugin' );
$activate_url = add_query_arg( array( 'networkwide' => 1 ), $activate_url );
}
'wp-blocks',
'wp.blocks.unstable__bootstrapServerSideBlockDefinitions(' . wp_json_encode( get_block_editor_server_block_settings() ) . ');'
);
// Get admin url for handling meta boxes. $meta_box_url = admin_url( 'post.php' );
$meta_box_url = add_query_arg(
array(
'post' => $post->ID,
'action' => 'edit',
'meta-box-loader' => true,
'meta-box-loader-nonce' => wp_create_nonce( 'meta-box-loader' ),
),
$meta_box_url
);
wp_add_inline_script(
'wp-editor',
sprintf( 'var _wpMetaBoxUrl = %s;', wp_json_encode( $meta_box_url ) ),
'before'
);
/* * Get all available templates for the post/page attributes meta-box. * The "Default template" array element should only be added if the array is * not empty so we do not trigger the template select element without any options * besides the default value. */
'wp.blocks.unstable__bootstrapServerSideBlockDefinitions(' . wp_json_encode( get_block_editor_server_block_settings() ) . ');'
);
// Get admin url for handling meta boxes. $meta_box_url = admin_url( 'post.php' );
$meta_box_url = add_query_arg(
array(
'post' => $post->ID,
'action' => 'edit',
'meta-box-loader' => true,
'meta-box-loader-nonce' => wp_create_nonce( 'meta-box-loader' ),
),
$meta_box_url
);
wp_add_inline_script(
'wp-editor',
sprintf( 'var _wpMetaBoxUrl = %s;', wp_json_encode( $meta_box_url ) ),
'before'
);
/* * Get all available templates for the post/page attributes meta-box. * The "Default template" array element should only be added if the array is * not empty so we do not trigger the template select element without any options * besides the default value. */
elseif ( $parent_type && current_user_can( 'read_post', $post->post_parent ) ) {
printf( '<strong>%s</strong>', $title );
} else {
_e( '(Private post)' );
}
if ( $user_can_edit ) :
$detach_url = add_query_arg(
array(
'parent_post_id' => $post->post_parent,
'media[]' => $post->ID,
'_wpnonce' => wp_create_nonce( 'bulk-' . $this->_args['plural'] ),
),
'upload.php'
);
printf(
'<br /><a href="%s" class="hide-if-no-js detach-from-parent" aria-label="%s">%s</a>',
$detach_url,
/* translators: %s: Title of the post the attachment is attached to. */
esc_attr( sprintf( __( 'Detach from “%s”' ), $title ) ),
__( 'Detach' )
);
endif;
}
printf( '<strong>%s</strong>', $title );
} else {
_e( '(Private post)' );
}
if ( $user_can_edit ) :
$detach_url = add_query_arg(
array(
'parent_post_id' => $post->post_parent,
'media[]' => $post->ID,
'_wpnonce' => wp_create_nonce( 'bulk-' . $this->_args['plural'] ),
),
'upload.php'
);
printf(
'<br /><a href="%s" class="hide-if-no-js detach-from-parent" aria-label="%s">%s</a>',
$detach_url,
/* translators: %s: Title of the post the attachment is attached to. */
esc_attr( sprintf( __( 'Detach from “%s”' ), $title ) ),
__( 'Detach' )
);
endif;
}
function _list_meta_row( $entry, &$count ) {
static $update_nonce = '';
if ( is_protected_meta( $entry['meta_key'], 'post' ) ) {
return '';
}
if ( ! $update_nonce ) {
$update_nonce = wp_create_nonce( 'add-meta' );
}
$r = '';
++$count;
if ( is_serialized( $entry['meta_value'] ) ) {
if ( is_serialized_string( $entry['meta_value'] ) ) {
// This is a serialized string, so we should display it. $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
} else {
// This is a serialized array/object so we should NOT display it.
/** * Gets nonces for the Customizer. * * @since 4.5.0 * * @return array Nonces. */
public function get_nonces() {
$nonces = array(
'save' => wp_create_nonce( 'save-customize_' . $this->get_stylesheet() ),
'preview' => wp_create_nonce( 'preview-customize_' . $this->get_stylesheet() ),
'switch_themes' => wp_create_nonce( 'switch_themes' ),
'dismiss_autosave_or_lock' => wp_create_nonce( 'customize_dismiss_autosave_or_lock' ),
'override_lock' => wp_create_nonce( 'customize_override_changeset_lock' ),
'trash' => wp_create_nonce( 'trash_customize_changeset' ),
);
/** * Filters nonces for Customizer. * * @since 4.2.0 * * @param string[] $nonces Array of refreshed nonces for save and * preview actions. * @param WP_Customize_Manager $manager WP_Customize_Manager instance. */
<?php _e( 'Choose an image from your computer:' ); ?></label><br />
<input type="file" id="upload" name="import" />
<input type="hidden" name="action" value="save" />
<?php wp_nonce_field( 'custom-header-upload', '_wpnonce-custom-header-upload' ); ?>
<?php submit_button( __( 'Upload' ), '', 'submit', false ); ?>
</p>
<?php
$modal_update_href = add_query_arg(
array(
'page' => 'custom-header',
'step' => 2,
'_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
),
admin_url( 'themes.php' )
);
?> <p> <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br /> <button id="choose-from-library-link" class="button" data-update-link="<?php echo esc_url( $modal_update_href ); ?>" data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>" data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button> </p> </form> </td> </tr>
array(
'page' => 'custom-header',
'step' => 2,
'_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
),
admin_url( 'themes.php' )
);
?> <p> <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br /> <button id="choose-from-library-link" class="button" data-update-link="<?php echo esc_url( $modal_update_href ); ?>" data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>" data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button> </p> </form> </td> </tr>
function install_plugins_favorites_form() {
$user = get_user_option( 'wporg_favorites' );
$action = 'save_wporg_username_' . get_current_user_id();
?> <p><?php _e( 'If you have marked plugins as favorites on WordPress.org, you can browse them here.' ); ?></p> <form method="get"> <input type="hidden" name="tab" value="favorites" /> <p> <label for="user"><?php _e( 'Your WordPress.org username:' ); ?></label> <input type="search" id="user" name="user" value="<?php echo esc_attr( $user ); ?>" /> <input type="submit" class="button" value="<?php esc_attr_e( 'Get Favorites' ); ?>" /> <input type="hidden" id="wporg-username-nonce" name="_wpnonce" value="<?php echo esc_attr( wp_create_nonce( $action ) ); ?>" /> </p> </form> <?php }
/** * Displays plugin content based on plugin list. * * @since 2.7.0 * * @global WP_List_Table $wp_list_table */
$user = get_user_option( 'wporg_favorites' );
$action = 'save_wporg_username_' . get_current_user_id();
?> <p><?php _e( 'If you have marked plugins as favorites on WordPress.org, you can browse them here.' ); ?></p> <form method="get"> <input type="hidden" name="tab" value="favorites" /> <p> <label for="user"><?php _e( 'Your WordPress.org username:' ); ?></label> <input type="search" id="user" name="user" value="<?php echo esc_attr( $user ); ?>" /> <input type="submit" class="button" value="<?php esc_attr_e( 'Get Favorites' ); ?>" /> <input type="hidden" id="wporg-username-nonce" name="_wpnonce" value="<?php echo esc_attr( wp_create_nonce( $action ) ); ?>" /> </p> </form> <?php }
/** * Displays plugin content based on plugin list. * * @since 2.7.0 * * @global WP_List_Table $wp_list_table */