I have a strange issue that seems to affect IE but not Chrome (I haven’t tried any other browsers) I’m generating a form with a nonce using the following code – <?php wp_nonce_field(‘solution-reg’) ?> I currently have the code outputting the entire $_REQUEST array to the browser so I can see the nonce field is … Read more
I’m trying to create and verify nonce, and I did it almost the same way as described in wp_create_nonce. I believe it’s related to REST api, but not sure where to investigate? How I create nonce: (I have an REST function that returns codes to draw up HTML, which properly draws up the HTML, where … Read more
I’m using the built-in Backbone Client whenever I try to make a request it gives me this error: {“code”:”rest_cookie_invalid_nonce”,”message”:”Cookie nonce is invalid”,”data”:{“status”:403}} I read the Rest API Handbook – Authentication, and from what I’ve learned I don’t need to do any manual setting. Plugins in use: Askimet Anti-spam WP Fastest Cache iThemes WP Bannerize Yoast … Read more
I have a headless install of WordPress on v5.4.0. The frontend can’t GET any post that is in draft status, though when accessing the API url directly the data is returned without an issue. I’m assuming this is cookie/auth related. Note, I’m dynamically grabbing the nonce values from the backend, showing full strings here for … Read more
I read a tutorial about metaboxes, most of things are clear but I have a question about multiple metaboxes. My question is about saving, in the tutorial: <?php add_action( ‘save_post’, ‘cd_meta_box_save’ ); function cd_meta_box_save( $post_id ) { // Bail if we’re doing an auto save if( defined( ‘DOING_AUTOSAVE’ ) && DOING_AUTOSAVE ) return; // if … Read more
$.ajax({ type: “POST”, dataType: “text”, url: ajaxurl, data: { action: “more_news”, nonce: nonce, offset: offset }, success : function(data, textStatus, jqXHR){ console.log( nonce ); console.log( data ); console.log( textStatus ); } }); Checking for this AJAX request nonce locally works perfectly. As seen below, my console prints my nonce, “Awesome”, and then “success”. 9a91a5fdca Awesome … Read more
There are a lot of examples using the save_post hook, that include adding and verifying a nonce, and checking the user has appropriate permissions before you continue. Is this necessary? When updating/publishing a post, WP verifies the normal nonce, and checks permissions itself, redirecting to a 403 or ‘Are you sure you want to do … Read more
I am envisioning WordPress on the back end to work with React.js on the front end like this: WordPress is installed on http://example.com/api React.js script is loaded into http://example.com/index.html, through script tags and then injected into a root div There is a problem though. Without wordpress controlling registration and enqueuing, I do not see how … Read more
I know that wp_verify_nonce() is used to make sure that the $_POST is coming from a safe place. I am developing a WordPress plugin which creates custom lists. In order to do that the web site owner has to access to the plugin settings login in your wp-admin server. Is necessary to use wp_create_nonce() & … Read more
So I’m still learning around WordPress and can’t seem to figure out how to properly hook a nonce into a AJAX Form that I have created. Here I am hooking and localizing the js file and defining a update_profile_validation nonce [WORKS]: function enqueue_scripts() { if (!is_admin()) { wp_register_script(‘profile_edit_submit’, content_url() . ‘/mu-plugins/fleishmanhillard/scripts/frontend-profile-edit.js’, [‘jquery’], ”, true); wp_localize_script( … Read more
