Use wordpress nonce functions in a object oriented environment.
MIT License
Use wordpress nonce functions in a object oriented environment.
Add this package as requirement at your composer.json file and then run 'composer update'
"wberredo/nonce": "1.0.*"
Or directly run
composer require wberredo/nonce
If you want to change some configs before you start to generate nonces, you will use Nonce_Config class.
// set lifetime for 4 hours
Nonce_Config::set_nonce_lifetime( 4 * HOUR_IN_SECONDS );
// set message showed when showAys is called
Nonce_Config::set_error_message( "Are you sure" );
To create a nonce you have to use the Nonce_Generator class and to verify a nonce already created you will need the Nonce_Verifier class.
To generate a nonce
$nonce_gen = new Nonce_Generator( "default-action" );
$nonce = $nonce_gen->generate_nonce();
To generate a URL nonce
// you can also set parameters with set functions
$nonce_gen = new Nonce_Generator();
$complete_url = $nonce_gen
->set_url( "http://github.com/WBerredo" )
->set_action( "default_action" )
->generate_nonce_url();
To retrieve a nonce field.
$nonce_gen = new Nonce_Generator();
$nonceField = $nonce_gen
->set_action( "default_action" )
->generate_nonce_field( "nonce", "referer", "do_not_echo" );
// to print the nonce field you have to set the last param as true
$nonce_gen
->generate_nonce_field( "nonce", "referer", "echo" );
To Display 'Are you sure you want to do this?' message (or the new message set with Nonce_Config#setErrorMessage) to confirm the action being taken.
Nonce_Generator::show_ays( 'action' );
To verify a nonce
if ( Nonce_Verifier::verify( $nonce, $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To verify a URL nonce
if ( Nonce_Verifier::verify_url( $complete_url, $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To tests either if the current request carries a valid nonce, or if the current request was referred from an administration screen
if ( Nonce_Verifier::verify_admin_referer( $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To verify the AJAX request, to prevent any processing of requests which are passed in by third-party sites or systems.
if ( Nonce_Verifier::verify_ajax_referer( $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
git checkout -b my-new-feature
git commit -am 'Add some feature'
git push origin my-new-feature
Install PHPUnit. WordPress uses PHPUnit, the standard for unit testing PHP projects. Installation instructions can be found in the PHPUnit manual or on the PHPUnit Github repository.
Check out the test repository. The WordPress tests live in the core development repository, at https://develop.svn.wordpress.org/trunk/:
svn co https://develop.svn.wordpress.org/trunk/ wordpress-develop
cd wordpress-develop
Create an empty MySQL database. The test suite will delete all data from all tables for whichever MySQL database it is configured. Use a separate database.
Set up a config file. Copy wp-tests-config-sample.php to wp-tests-config.php, and enter your database credentials. Use a separate database.
Change the path of Wordpress project in the bootstrap.php file of the plugin
/**
* The path to the WordPress tests checkout.
*/
define( 'WP_TESTS_DIR', '/home/berredo/Documents/repository/wordpress/wordpress-develop/tests/phpunit/' );
cd vendor/wberredo/nonce
phpunit