Security (category)
check_admin_referer() | Makes sure that a user was referred from another admin page. Сhecks a nonce token. Stops php with die() in case of error. |
check_ajax_referer() | Verifies nonce token of an Ajax request. Kills PHP if the verification failed. By default searches for a nonce token in $_REQUEST['_ajax_nonce'] and $_REQUEST['_wpnonce']. |
sanitize_url() | Sanitizes a URL for database or redirect usage. |
wp_create_nonce() | Creates a cryptographic token for a short amount of time (from 12 to 24 hours). |
wp_generate_password() | Generates a random password. You can specify the length and what characters to use. |
wp_hash() | Gets hash of a given string. |
wp_hash_password() | Encrypts the specified text to make a password hash from it. |
wp_http_validate_url() | Validate a URL for safe use in the HTTP API. |
wp_kses_post() | Sanitizes the passed string (content), leaving in it only allowed post content HTML tags for the current user. |
wp_nonce_ays() | Display "The link you followed has expired" message with a link to the previous page - wp_get_referer(). |
wp_nonce_field() | Retrieve or display hidden nonce field for a form. |
wp_nonce_url() | Adds a nonce token to the URL: |
wp_referer_field() | Display or retrieve a hidden input field for form with the current page URI value (referer). |
wp_salt() | Get salt to add to hashes. |
wp_sanitize_redirect() | Sanitizes a URL for use in a redirect. |
wp_verify_nonce() | Verify nonce token. |