WordPress.org

Make WordPress Core


Ignore:
Timestamp:
02/09/2015 04:56:42 AM (5 years ago)
Author:
DrewAPicture
Message:

Improve return and parameter documentation for check_admin_referer(), check_ajax_referer(), and wp_verify_nonce().

Also update and clarify docsfor the check_admin_referer and check_ajax_referer hooks.

Props johnbillion, DrewAPicture.
Fixes #31055.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r31188 r31381  
    10651065 * @since 1.2.0
    10661066 *
    1067  * @param int|string $action    Action nonce
    1068  * @param string     $query_arg Where to look for nonce in $_REQUEST (since 2.5)
    1069  */
    1070 function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
     1067 * @param int|string $action    Action nonce.
     1068 * @param string     $query_arg Optional. Key to check for nonce in `$_REQUEST` (since 2.5).
     1069 *                              Default '_wpnonce'.
     1070 * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
     1071 *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
     1072 */
     1073function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
    10711074    if ( -1 == $action )
    10721075        _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
     
    10851088     * @since 1.5.1
    10861089     *
    1087      * @param string $action The nonce action.
    1088      * @param bool   $result Whether the admin request nonce was validated.
     1090     * @param string    $action The nonce action.
     1091     * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
     1092     *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
    10891093     */
    10901094    do_action( 'check_admin_referer', $action, $result );
     
    10991103 * @since 2.0.3
    11001104 *
    1101  * @param int|string $action    Action nonce
    1102  * @param string     $query_arg Where to look for nonce in $_REQUEST (since 2.5)
     1105 * @param int|string   $action    Action nonce.
     1106 * @param false|string $query_arg Optional. Key to check for the nonce in `$_REQUEST` (since 2.5). If false,
     1107 *                                `$_REQUEST` values will be evaluated for '_ajax_nonce', and '_wpnonce'
     1108 *                                (in that order). Default false.
     1109 * @param bool         $die       Optional. Whether to die early when the nonce cannot be verified.
     1110 *                                Default true.
     1111 * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
     1112 *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
    11031113 */
    11041114function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
     
    11261136     * @since 2.1.0
    11271137     *
    1128      * @param string $action The AJAX nonce action.
    1129      * @param bool   $result Whether the AJAX request nonce was validated.
     1138     * @param string    $action The AJAX nonce action.
     1139     * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
     1140     *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
    11301141     */
    11311142    do_action( 'check_ajax_referer', $action, $result );
     
    16941705 * @param string     $nonce  Nonce that was used in the form to verify
    16951706 * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
    1696  * @return bool Whether the nonce check passed or failed.
     1707 * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
     1708 *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
    16971709 */
    16981710function wp_verify_nonce( $nonce, $action = -1 ) {
Note: See TracChangeset for help on using the changeset viewer.