WordPress at a glance

Category: Security 15

check_admin_referer()

Makes sure that a user was referred from another admin page.

check_ajax_referer()

Verifies the Ajax request to prevent processing requests external of the blog.

wp_create_nonce()

Creates a cryptographic token tied to a specific action, user, user session, and window of time.

wp_generate_password()

Generates a random password drawn from the defined set of characters.

wp_hash()

Gets hash of a given string.

wp_hash_password()

Encrypts the specified text to make a password hash from it.

wp_http_validate_url()

Validate a URL for safe use in the HTTP API.

wp_kses_post()

Sanitize content for allowed HTML tags for post content.

wp_nonce_ays()

Display "Are You Sure" message to confirm the action being taken.

wp_nonce_field()

Retrieve or display nonce hidden field for forms.

wp_nonce_url()

Retrieve URL with nonce added to URL query.

wp_referer_field()

Retrieve or display referer hidden field for forms.

wp_salt()

Get salt to add to hashes.

wp_sanitize_redirect()

Sanitizes a URL for use in a redirect.

wp_verify_nonce()

Verify that correct nonce was used with time limit.