check_admin_referer()
最后更新于:2021-11-25 20:28:27
check_admin_referer( int|string$action=-1, string$query_arg=’_gcnonce’)Ensures intent by verifying that a user was referred from another admin page with the correct security nonce.
参数
- $action
-
(int|string) (Optional) The nonce action.
Default value: -1
- $query_arg
-
(string) (Optional) Key to check for nonce in
$_REQUEST
.Default value: ‘_gcnonce’
响应
(int|false) 1 if the nonce is valid and generated between 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago. False if the nonce is invalid.
源文件
文件: gc-includes/pluggable.php
function check_admin_referer( $action = -1, $query_arg = '_gcnonce' ) {
if ( -1 === $action ) {
_doing_it_wrong( __FUNCTION__, __( 'You should specify an action to be verified by using the first parameter.' ), '3.2.0' );
}
$adminurl = strtolower( admin_url() );
$referer = strtolower( gc_get_referer() );
$result = isset( $_REQUEST[ $query_arg ] ) ? gc_verify_nonce( $_REQUEST[ $query_arg ], $action ) : false;
/**
* Fires once the admin request has been validated or not.
*
* @since 1.5.1
*
* @param string $action The nonce action.
* @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
* 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
*/
do_action( 'check_admin_referer', $action, $result );
if ( ! $result && ! ( -1 === $action && strpos( $referer, $adminurl ) === 0 ) ) {
gc_nonce_ays( $action );
die();
}
return $result;
}