Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[WordPress] Secure WordPress Form Submission: An Object-Oriented Approach
<?php
protected function verifyRequest($nonce, $action);
<?php
protected function verifyRequest($nonce, $action)
{
return isset($_GET[$nonce]) &&
wp_verify_nonce(strip_tags(stripslashes($_GET[$nonce])), $action);
}
<?php
protected function verifyRequest($nonce, $action)
{
return
(
isset($_GET[$nonce]) &&
wp_verify_nonce(strip_tags(stripslashes($_GET[$nonce])), $action)
) ||
(
isset($_POST[$nonce]) &&
wp_verify_nonce(strip_tags(stripslashes($_POST[$nonce])), $action)
);
}
<?php
private function verifyPostRequest($nonce, $action)
{
return
isset($_POST[$nonce]) &&
wp_verify_nonce(strip_tags(stripslashes(filter_input(INPUT_POST, $nonce))), $action);
}
<?php
private function verifyGetRequest($nonce, $action)
{
return
isset($_GET[$nonce]) &&
wp_verify_nonce(strip_tags(stripslashes(filter_input(INPUT_GET, $nonce))), $action);
}
<?php
protected function verifyRequest($nonce, $action)
{
switch (strtolower($_SERVER['REQUEST_METHOD'])) {
case 'post':
return $this->verifyPostRequest($nonce, $action);
break;
case 'get':
return $this->verifyGetRequest($nonce, $action);
break;
default:
return false;
break;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.