WordPress at a glance
Home Functions Other Functions Security

Security (category)

check_admin_referer()

Makes sure that a user was referred from another admin page. Сhecks a nonce token. Stops php with die() in case of error.

check_ajax_referer()

Verifies nonce token of an Ajax request. Kills PHP if the verification failed. By default searches for a nonce token in $_REQUEST['_ajax_nonce'] and $_REQUEST['_wpnonce'].

wp_create_nonce()

Creates a cryptographic token for a short amount of time (from 12 to 24 hours).

wp_generate_password()

Generates a random password. You can specify the length and what characters to use.

wp_hash()

Gets hash of a given string.

wp_hash_password()

Encrypts the specified text to make a password hash from it.

wp_http_validate_url()

Validate a URL for safe use in the HTTP API.

wp_kses_post()

Sanitize content for allowed HTML tags for post content.

wp_nonce_ays()

Display "The link you followed has expired" message with a link to the previous page - wp_get_referer().

wp_nonce_field()

Retrieve or display hidden nonce field for a form.

wp_nonce_url()

Adds a nonce token to the URL: ?_wpnonce=9d6bd884a1.

wp_referer_field()

Display or retrieve a hidden input field for form with the current page URI value (referer).

wp_salt()

Get salt to add to hashes.

wp_sanitize_redirect()

Sanitizes a URL for use in a redirect.

wp_verify_nonce()

Verify nonce token.