Changeset 45565
- Timestamp:
- 06/25/2019 05:06:57 PM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/pluggable.php
r45489 r45565 1075 1075 if ( ! function_exists( 'check_admin_referer' ) ) : 1076 1076 /** 1077 * Makes sure that a user was referred from another admin page. 1078 * 1079 * To avoid security exploits. 1077 * Ensures intent by verifying that a user was referred from another admin page with the correct security nonce. 1078 * 1079 * This function ensures the user intends to perform a given action, which helps protect against clickjacking style 1080 * attacks. It verifies intent, not authorisation, therefore it does not verify the user's capabilities. This should 1081 * be performed with `current_user_can()` or similar. 1082 * 1083 * If the nonce value is invalid, the function will exit with an "Are You Sure?" style message. 1080 1084 * 1081 1085 * @since 1.2.0 1082 * 1083 * @param int|string $action Action nonce.1084 * @param string $query_arg Optional. Key to check for nonce in `$_REQUEST` (since 2.5).1085 * 1086 * @since 2.5.0 The `$query_arg` parameter was added. 1087 * 1088 * @param int|string $action The nonce action. 1089 * @param string $query_arg Optional. Key to check for nonce in `$_REQUEST`. Default '_wpnonce'. 1086 1090 * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between 1087 1091 * 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago. … … 2019 2023 if ( ! function_exists( 'wp_nonce_tick' ) ) : 2020 2024 /** 2021 * Getthe time-dependent variable for nonce creation.2025 * Returns the time-dependent variable for nonce creation. 2022 2026 * 2023 2027 * A nonce has a lifespan of two ticks. Nonces in their second tick may be … … 2044 2048 if ( ! function_exists( 'wp_verify_nonce' ) ) : 2045 2049 /** 2046 * Verify that correct nonce was used with time limit. 2047 * 2048 * The user is given an amount of time to use the token, so therefore, since the 2049 * UID and $action remain the same, the independent variable is the time. 2050 * Verifies that a correct security nonce was used with time limit. 2051 * 2052 * A nonce is valid for 24 hours (by default). 2050 2053 * 2051 2054 * @since 2.0.3 2052 2055 * 2053 * @param string $nonce Nonce that was used in the form to verify2056 * @param string $nonce Nonce value that was used for verification, usually via a form field. 2054 2057 * @param string|int $action Should give context to what is taking place and be the same when nonce was created. 2055 2058 * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between … … 2136 2139 if ( ! function_exists( 'wp_salt' ) ) : 2137 2140 /** 2138 * Getsalt to add to hashes.2141 * Returns a salt to add to hashes. 2139 2142 * 2140 2143 * Salts are created using secret keys. Secret keys are located in two places:
Note: See TracChangeset
for help on using the changeset viewer.