WordPress at a glance

wp_nonce_ays() WP 2.0.4

Display "The link you followed has expired" message with a link to the previous page - wp_get_referer().

No Hooks.

Return

Null. Nothing.

Usage

wp_nonce_ays( $action );
$action(string) (required)
If log-out then the message will be "You are attempting to log out of SiteName. Do you really want to log out?"

Examples

#1 Wrong link

If the current is wrong you can stop the further PHP execution with a message that the current link is expired:

global $wp;
$current_url = home_url( $wp->request );

// if $current_url is illegal
if( $current_url === "https://example.com/destroy/the/world" ){
	wp_nonce_ays();
	// stops PHP execution with a link to the previous page
} else {
	// nice
}

#2 Logout warning

If you want to warn a user before logout, you can use such code:

if( $_GET['logout'] ){
	wp_nonce_ays( 'log-out' );
}

Changelog

Since 2.0.4 Introduced.

Code of wp nonce ays: wp-includes/functions.php WP 5.2.2

<?php
function wp_nonce_ays( $action ) {
	if ( 'log-out' == $action ) {
		$html = sprintf(
			/* translators: %s: site name */
			__( 'You are attempting to log out of %s' ),
			get_bloginfo( 'name' )
		);
		$html       .= '</p><p>';
		$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
		$html       .= sprintf(
			/* translators: %s: logout URL */
			__( 'Do you really want to <a href="%s">log out</a>?' ),
			wp_logout_url( $redirect_to )
		);
	} else {
		$html = __( 'The link you followed has expired.' );
		if ( wp_get_referer() ) {
			$html .= '</p><p>';
			$html .= sprintf(
				'<a href="%s">%s</a>',
				esc_url( remove_query_arg( 'updated', wp_get_referer() ) ),
				__( 'Please try again.' )
			);
		}
	}

	wp_die( $html, __( 'Something went wrong.' ), 403 );
}

Related Functions

From tag: nonce (security protection defence)

More from category: Security

No comments
    Hello, !     Log In . Register