Created
October 3, 2012 15:31
-
-
Save garyc40/3827596 to your computer and use it in GitHub Desktop.
WordPress AJAX check nonces
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // if both logged in and not logged in users can send this AJAX request, | |
| // add both of these actions, otherwise add only the appropriate one | |
| add_action( 'wp_ajax_nopriv_myajax-submit', 'myajax_submit' ); | |
| add_action( 'wp_ajax_myajax-submit', 'myajax_submit' ); | |
| function myajax_submit() { | |
| $nonce = $_POST['postCommentNonce']; | |
| // check to see if the submitted nonce matches with the | |
| // generated nonce we created earlier | |
| if ( ! wp_verify_nonce( $nonce, 'myajax-post-comment-nonce' ) ) | |
| die ( 'Busted!') | |
| // get the submitted parameters | |
| $postID = $_POST['postID']; | |
| // generate the response | |
| $response = json_encode( array( 'success' => true ) ); | |
| // response output | |
| header( "Content-Type: application/json" ); | |
| echo $response; | |
| // IMPORTANT: don't forget to "exit" | |
| exit; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment