wp_create_nonce example


    public function column_email( $item ) {
        /** This filter is documented in wp-admin/includes/ajax-actions.php */
        $exporters       = apply_filters( 'wp_privacy_personal_data_exporters', array() );
        $exporters_count = count( $exporters );
        $status          = $item->status;
        $request_id      = $item->ID;
        $nonce           = wp_create_nonce( 'wp-privacy-export-personal-data-' . $request_id );

        $download_data_markup = '<span class="export-personal-data" ' .
            'data-exporters-count="' . esc_attr( $exporters_count ) . '" ' .
            'data-request-id="' . esc_attr( $request_id ) . '" ' .
            'data-nonce="' . esc_attr( $nonce ) .
            '">';

        $download_data_markup .= '<span class="export-personal-data-idle"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data' ) . '</button></span>' .
            '<span class="export-personal-data-processing hidden">' . __( 'Downloading data...' ) . ' <span class="export-progress"></span></span>' .
            '<span class="export-personal-data-success hidden"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data again' ) . '</button></span>' .
            '<span class="export-personal-data-failed hidden">' . __( 'Download failed.' ) . ' <button type="button" class="button-link export-personal-data-handle">' . __( 'Retry' ) . '</button></span>';

        
array(
                    array( 'autofocus' => array( 'panel' => 'widgets' ) ),
                    'return' => urlencode( remove_query_arg( wp_removable_query_args()wp_unslash( $_SERVER['REQUEST_URI'] ) ) ),
                ),
                admin_url( 'customize.php' )
            )
        ),
        __( 'Manage with Live Preview' )
    );
}

$nonce = wp_create_nonce( 'widgets-access' );
?> <div class="widget-access-link"> <a id="access-on" href="widgets.php?widgets-access=on&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Enable accessibility mode' ); ?></a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce=<?php echo urlencode( $nonce ); ?>"><?php _e( 'Disable accessibility mode' ); ?></a> </div> <hr class="wp-header-end"> <?php if ( isset( $_GET['message'] ) && isset( $messages[ $_GET['message'] ] ) ) { ?> <div id="message" class="updated notice is-dismissible"><p><?php echo $messages[ $_GET['message'] ]; ?></p></div> <?php } ?> <?php if ( isset( $_GET['error'] ) && isset( $errors[ $_GET['error'] ] ) ) { ?>
return true;
    }

    // Check the nonce.     $result = wp_verify_nonce( $nonce, 'wp_rest' );

    if ( ! $result ) {
        return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie check failed' ), array( 'status' => 403 ) );
    }

    // Send a refreshed nonce in header.     rest_get_server()->send_header( 'X-WP-Nonce', wp_create_nonce( 'wp_rest' ) );

    return true;
}

/** * Collects cookie authentication status. * * Collects errors from wp_validate_auth_cookie for use by rest_cookie_check_errors. * * @since 4.4.0 * * @see current_action() * @global mixed $wp_rest_auth_cookie */
<?php printf( __( 'Please <a href="%s" target="_blank">contact our support team</a> with any questions.', 'akismet' ), 'https://akismet.com/contact/' ); ?> </p> </div> <?php elseif ( $type == 'new-key-valid' ) :
    global $wpdb;
    
    $check_pending_link = false;
    
    $at_least_one_comment_in_moderation = !! $wpdb->get_var( "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_approved = '0' LIMIT 1" );
    
    if ( $at_least_one_comment_in_moderation)  {
        $check_pending_link = 'edit-comments.php?akismet_recheck=' . wp_create_nonce( 'akismet_recheck' );
    }
    ?> <div class="akismet-alert akismet-active"> <h3 class="akismet-key-status"><?php esc_html_e( 'Akismet is now protecting your site from spam. Happy blogging!', 'akismet' ); ?></h3> <?php if ( $check_pending_link ) { ?> <p class="akismet-description"><?php printf( __( 'Would you like to <a href="%s">check pending comments</a>?', 'akismet' )esc_url( $check_pending_link ) ); ?></p> <?php } ?> </div> <?php elseif ( $type == 'new-key-invalid' ) : ?> <div class="akismet-alert akismet-critical"> <h3 class="akismet-key-status"><?php esc_html_e( 'The key you entered is invalid. Please double-check it.' , 'akismet'); ?></h3> </div>
wp_register_style( 'akismet-admin', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.css', array()filemtime( dirname( __FILE__ ) . '/_inc/akismet-admin.css' ) );
            wp_enqueue_style( 'akismet-admin' );

            wp_register_script( 'akismet.js', plugin_dir_url( __FILE__ ) . '_inc/akismet.js', array( 'jquery' ), AKISMET_VERSION );
            wp_enqueue_script( 'akismet.js' );

            wp_register_script( 'akismet-admin.js', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.js', array( 'jquery' )filemtime( dirname( __FILE__ ) . '/_inc/akismet-admin.js' ) );
            wp_enqueue_script( 'akismet-admin.js' );
        
            $inline_js = array(
                'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ),
                'strings' => array(
                    'Remove this URL' => __( 'Remove this URL' , 'akismet'),
                    'Removing...'     => __( 'Removing...' , 'akismet'),
                    'URL removed'     => __( 'URL removed' , 'akismet'),
                    '(undo)'          => __( '(undo)' , 'akismet'),
                    'Re-adding...'    => __( 'Re-adding...' , 'akismet'),
                )
            );

            if ( isset( $_GET['akismet_recheck'] ) && wp_verify_nonce( $_GET['akismet_recheck'], 'akismet_recheck' ) ) {
                $inline_js['start_recheck'] = true;
            }


    /** * Adds a nonce for customizing menus. * * @since 4.5.0 * * @param string[] $nonces Array of nonces. * @return string[] Modified array of nonces. */
    public function filter_nonces( $nonces ) {
        $nonces['customize-menus'] = wp_create_nonce( 'customize-menus' );
        return $nonces;
    }

    /** * Ajax handler for loading available menu items. * * @since 4.3.0 */
    public function ajax_load_available_items() {
        check_ajax_referer( 'customize-menus', 'customize-menus-nonce' );

        
if ( ! $post_id ) {
            return $response;
        }

        if ( ! current_user_can( 'edit_post', $post_id ) ) {
            return $response;
        }

        $response['wp-refresh-post-nonces'] = array(
            'replace' => array(
                'getpermalinknonce'    => wp_create_nonce( 'getpermalink' ),
                'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
                'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
                '_ajax_linking_nonce'  => wp_create_nonce( 'internal-linking' ),
                '_wpnonce'             => wp_create_nonce( 'update-post_' . $post_id ),
            ),
        );
    }

    return $response;
}


    public function enqueue_scripts() {
        $screen = get_current_screen();
        if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) {
            return;
        }

        $health_check_js_variables = array(
            'screen'      => $screen->id,
            'nonce'       => array(
                'site_status'        => wp_create_nonce( 'health-check-site-status' ),
                'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ),
            ),
            'site_status' => array(
                'direct' => array(),
                'async'  => array(),
                'issues' => array(
                    'good'        => 0,
                    'recommended' => 0,
                    'critical'    => 0,
                ),
            ),
        );
$action_links[] = sprintf(
                                '<button type="button" class="button button-disabled" disabled="disabled">%s</button>',
                                _x( 'Active', 'plugin' )
                            );
                        } elseif ( current_user_can( 'activate_plugin', $status['file'] ) ) {
                            if ( $compatible_php && $compatible_wp ) {
                                $button_text = __( 'Activate' );
                                /* translators: %s: Plugin name. */
                                $button_label = _x( 'Activate %s', 'plugin' );
                                $activate_url = add_query_arg(
                                    array(
                                        '_wpnonce' => wp_create_nonce( 'activate-plugin_' . $status['file'] ),
                                        'action'   => 'activate',
                                        'plugin'   => $status['file'],
                                    ),
                                    network_admin_url( 'plugins.php' )
                                );

                                if ( is_network_admin() ) {
                                    $button_text = __( 'Network Activate' );
                                    /* translators: %s: Plugin name. */
                                    $button_label = _x( 'Network Activate %s', 'plugin' );
                                    $activate_url = add_query_arg( array( 'networkwide' => 1 )$activate_url );
                                }
'wp-blocks',
    'wp.blocks.unstable__bootstrapServerSideBlockDefinitions(' . wp_json_encode( get_block_editor_server_block_settings() ) . ');'
);

// Get admin url for handling meta boxes. $meta_box_url = admin_url( 'post.php' );
$meta_box_url = add_query_arg(
    array(
        'post'                  => $post->ID,
        'action'                => 'edit',
        'meta-box-loader'       => true,
        'meta-box-loader-nonce' => wp_create_nonce( 'meta-box-loader' ),
    ),
    $meta_box_url
);
wp_add_inline_script(
    'wp-editor',
    sprintf( 'var _wpMetaBoxUrl = %s;', wp_json_encode( $meta_box_url ) ),
    'before'
);

/* * Get all available templates for the post/page attributes meta-box. * The "Default template" array element should only be added if the array is * not empty so we do not trigger the template select element without any options * besides the default value. */
 elseif ( $parent_type && current_user_can( 'read_post', $post->post_parent ) ) {
                printf( '<strong>%s</strong>', $title );
            } else {
                _e( '(Private post)' );
            }

            if ( $user_can_edit ) :
                $detach_url = add_query_arg(
                    array(
                        'parent_post_id' => $post->post_parent,
                        'media[]'        => $post->ID,
                        '_wpnonce'       => wp_create_nonce( 'bulk-' . $this->_args['plural'] ),
                    ),
                    'upload.php'
                );
                printf(
                    '<br /><a href="%s" class="hide-if-no-js detach-from-parent" aria-label="%s">%s</a>',
                    $detach_url,
                    /* translators: %s: Title of the post the attachment is attached to. */
                    esc_attr( sprintf( __( 'Detach from &#8220;%s&#8221;' )$title ) ),
                    __( 'Detach' )
                );
            endif;
        }

function _list_meta_row( $entry, &$count ) {
    static $update_nonce = '';

    if ( is_protected_meta( $entry['meta_key'], 'post' ) ) {
        return '';
    }

    if ( ! $update_nonce ) {
        $update_nonce = wp_create_nonce( 'add-meta' );
    }

    $r = '';
    ++$count;

    if ( is_serialized( $entry['meta_value'] ) ) {
        if ( is_serialized_string( $entry['meta_value'] ) ) {
            // This is a serialized string, so we should display it.             $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
        } else {
            // This is a serialized array/object so we should NOT display it.


    /** * Gets nonces for the Customizer. * * @since 4.5.0 * * @return array Nonces. */
    public function get_nonces() {
        $nonces = array(
            'save'                     => wp_create_nonce( 'save-customize_' . $this->get_stylesheet() ),
            'preview'                  => wp_create_nonce( 'preview-customize_' . $this->get_stylesheet() ),
            'switch_themes'            => wp_create_nonce( 'switch_themes' ),
            'dismiss_autosave_or_lock' => wp_create_nonce( 'customize_dismiss_autosave_or_lock' ),
            'override_lock'            => wp_create_nonce( 'customize_override_changeset_lock' ),
            'trash'                    => wp_create_nonce( 'trash_customize_changeset' ),
        );

        /** * Filters nonces for Customizer. * * @since 4.2.0 * * @param string[] $nonces Array of refreshed nonces for save and * preview actions. * @param WP_Customize_Manager $manager WP_Customize_Manager instance. */
<?php _e( 'Choose an image from your computer:' ); ?></label><br /> <input type="file" id="upload" name="import" /> <input type="hidden" name="action" value="save" /> <?php wp_nonce_field( 'custom-header-upload', '_wpnonce-custom-header-upload' ); ?> <?php submit_button( __( 'Upload' ), '', 'submit', false ); ?> </p> <?php             $modal_update_href = add_query_arg(
                array(
                    'page'                          => 'custom-header',
                    'step'                          => 2,
                    '_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
                ),
                admin_url( 'themes.php' )
            );
            ?> <p> <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br /> <button id="choose-from-library-link" class="button" data-update-link="<?php echo esc_url( $modal_update_href ); ?>" data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>" data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button> </p> </form> </td> </tr>
function install_plugins_favorites_form() {
    $user   = get_user_option( 'wporg_favorites' );
    $action = 'save_wporg_username_' . get_current_user_id();
    ?> <p><?php _e( 'If you have marked plugins as favorites on WordPress.org, you can browse them here.' ); ?></p> <form method="get"> <input type="hidden" name="tab" value="favorites" /> <p> <label for="user"><?php _e( 'Your WordPress.org username:' ); ?></label> <input type="search" id="user" name="user" value="<?php echo esc_attr( $user ); ?>" /> <input type="submit" class="button" value="<?php esc_attr_e( 'Get Favorites' ); ?>" /> <input type="hidden" id="wporg-username-nonce" name="_wpnonce" value="<?php echo esc_attr( wp_create_nonce( $action ) ); ?>" /> </p> </form> <?php }

/** * Displays plugin content based on plugin list. * * @since 2.7.0 * * @global WP_List_Table $wp_list_table */
Home | Imprint | This part of the site doesn't use cookies.