You appear to be a bot. Output may be restricted
Description
Makes sure that a user was referred from another admin page.
To avoid security exploits.
Usage
$false|int = check_admin_referer( $action, $query_arg );
Parameters
- $action
- ( int|string ) optional default: -1 – Action nonce.
- $query_arg
- ( string ) optional default: _wpnonce – Optional. Key to check for nonce in
$_REQUEST(since 2.5). Default '_wpnonce'.
Returns
false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
- -12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
Source
File name: wordpress/wp-includes/pluggable.php
Lines:
1 to 27 of 27
function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) { if ( -1 == $action ) { _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' ); } $adminurl = strtolower( admin_url() ); $referer = strtolower( wp_get_referer() ); $result = isset( $_REQUEST[ $query_arg ] ) ? wp_verify_nonce( $_REQUEST[ $query_arg ], $action ) : false; /** * Fires once the admin request has been validated or not. * * @since 1.5.1 * * @param string $action The nonce action. * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between * 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago. */ do_action( 'check_admin_referer', $action, $result ); if ( ! $result && ! ( -1 == $action && strpos( $referer, $adminurl ) === 0 ) ) { wp_nonce_ays( $action ); die(); } return $result; }
