Create a simple GET endpoint Create a simple POST endpoint Authenticating the current user in a call to the endpoint A REST api request is by default non-authenticated. If you want to use things like get_current_user_id() in your endpoint handling code, you need to pass a nonce to the endpoint when calling it. If using […]
Category: Forms
Form nonce
Using a nonce with your forms validates that the contents of the form came from the location on the current site and not somewhere else. Using with a form Create the nonce HTML Include it in the form contents Verifying the nonce when receiving the form submission
Nonce Functions
wp_create_nonce() and wp_verify_nonce() use the logged in user ID and will not work for other users or if the user has logged out. MySiteSomeUniqueNonceNameThis field is actually defined as an action name, so you can set this differently per form on your site, so that it becomes individual form action based. However, from a basic […]