/** * Adds a nonce. * * @see https://wpcodebook.com/wordpress-nonce/ * @see https://developer.wordpress.org/apis/security/nonces/ * @see https://developer.wordpress.org/reference/functions/wp_nonce_field/ * @see https://developer.wordpress.org/reference/functions/wp_nonce_url/ * @see https://developer.wordpress.org/reference/functions/wp_create_nonce/ */ wp_nonce_field( "wpcodebook-comment-parent-{$comment_id}", '_wpcodebook_nonce' ); /** * Nonce verification. * * @see https://wpcodebook.com/wordpress-nonce/ * @see https://developer.wordpress.org/apis/security/nonces/ * @see https://developer.wordpress.org/reference/functions/wp_verify_nonce/ * @see https://developer.wordpress.org/reference/functions/check_ajax_referer/ * @see https://developer.wordpress.org/reference/functions/check_admin_referer/ */ if ( ! isset( $_POST['_wpcodebook_nonce'] ) || ! wp_verify_nonce( $_POST['_wpcodebook_nonce'], "wpcodebook-comment-parent-{$comment_id}" ) ) { wp_die( esc_html__( 'Invalid nonce.' ) ); }