WordPress nonce

/**
 * Adds a nonce.
 *
 * @see https://wpcodebook.com/wordpress-nonce/
 * @see https://developer.wordpress.org/apis/security/nonces/
 * @see https://developer.wordpress.org/reference/functions/wp_nonce_field/
 * @see https://developer.wordpress.org/reference/functions/wp_nonce_url/
 * @see https://developer.wordpress.org/reference/functions/wp_create_nonce/
 */
wp_nonce_field(
	"wpcodebook-comment-parent-{$comment_id}",
	'_wpcodebook_nonce'
);

/**
 * Nonce verification.
 *
 * @see https://wpcodebook.com/wordpress-nonce/
 * @see https://developer.wordpress.org/apis/security/nonces/
 * @see https://developer.wordpress.org/reference/functions/wp_verify_nonce/
 * @see https://developer.wordpress.org/reference/functions/check_ajax_referer/
 * @see https://developer.wordpress.org/reference/functions/check_admin_referer/
 */
if (
	! isset( $_POST['_wpcodebook_nonce'] ) ||
	! wp_verify_nonce(
		$_POST['_wpcodebook_nonce'],
		"wpcodebook-comment-parent-{$comment_id}"
	)
) {
	wp_die( esc_html__( 'Invalid nonce.' ) );
}

Leave a Comment