, (*1)
nonce
Use wordpress nonce functions in a object oriented environment., (*2)
Installation
Add this package as requirement at your composer.json file and
then run 'composer update', (*3)
"wberredo/nonce": "1.0.*"
Or directly run, (*4)
composer require wberredo/nonce
Setup
If you want to change some configs before you start to generate
nonces, you will use Nonce_Config class., (*5)
// set lifetime for 4 hours
Nonce_Config::set_nonce_lifetime( 4 * HOUR_IN_SECONDS );
// set message showed when showAys is called
Nonce_Config::set_error_message( "Are you sure" );
Usage
To create a nonce you have to use the Nonce_Generator class and
to verify a nonce already created you will need the Nonce_Verifier
class., (*6)
Nonce_Generator
To generate a nonce, (*7)
$nonce_gen = new Nonce_Generator( "default-action" );
$nonce = $nonce_gen->generate_nonce();
To generate a URL nonce, (*8)
// you can also set parameters with set functions
$nonce_gen = new Nonce_Generator();
$complete_url = $nonce_gen
->set_url( "http://github.com/WBerredo" )
->set_action( "default_action" )
->generate_nonce_url();
To retrieve a nonce field., (*9)
$nonce_gen = new Nonce_Generator();
$nonceField = $nonce_gen
->set_action( "default_action" )
->generate_nonce_field( "nonce", "referer", "do_not_echo" );
// to print the nonce field you have to set the last param as true
$nonce_gen
->generate_nonce_field( "nonce", "referer", "echo" );
To Display 'Are you sure you want to do this?' message
(or the new message set with Nonce_Config#setErrorMessage)
to confirm the action being taken., (*10)
Nonce_Generator::show_ays( 'action' );
Nonce_Verifier
To verify a nonce, (*11)
if ( Nonce_Verifier::verify( $nonce, $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To verify a URL nonce, (*12)
if ( Nonce_Verifier::verify_url( $complete_url, $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To tests either if the current request carries a valid nonce,
or if the current request was referred from an administration screen, (*13)
if ( Nonce_Verifier::verify_admin_referer( $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
To verify the AJAX request, to prevent any processing of
requests which are passed in by third-party sites or systems., (*14)
if ( Nonce_Verifier::verify_ajax_referer( $defaultAction ) ) {
// if is valid
} else {
// if is not valid
}
Contributing
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Tests
-
Install PHPUnit. WordPress uses PHPUnit, the standard for unit
testing PHP projects. Installation instructions can be found in
the PHPUnit manual
or on the PHPUnit Github repository., (*15)
-
Check out the test repository. The WordPress tests live in
the core development repository,
at https://develop.svn.wordpress.org/trunk/:, (*16)
svn co https://develop.svn.wordpress.org/trunk/ wordpress-develop
cd wordpress-develop
-
Create an empty MySQL database. The test suite will delete all
data from all tables for whichever MySQL database it is configured.
Use a separate database., (*17)
-
Set up a config file. Copy wp-tests-config-sample.php
to wp-tests-config.php, and enter your database credentials.
Use a separate database., (*18)
-
Change the path of Wordpress project in the bootstrap.php file of the plugin, (*19)
/**
* The path to the WordPress tests checkout.
*/
define( 'WP_TESTS_DIR', '/home/berredo/Documents/repository/wordpress/wordpress-develop/tests/phpunit/' );
-
Go to plugin's folder, (*20)
cd vendor/wberredo/nonce
-
Run phpunit to test, (*21)
phpunit
Thanks to
License
MIT, (*22)
Wallogit.com
