WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Nonce help needed (2 posts)

  1. Gregg Banse
    Member
    Posted 4 months ago #

    I created a form that pulls data from a database. The fields fill in fine. I want to protect the form by making sure the user is at least an Editor so I added:

    if(current_user_can('manage_options') && (strlen($_GET['PID']) <= 5)){
        $auth = 1;
    }
    else {
        header('Location: top of the site being protected');
        exit;
    }

    So I included the WordPress blog header before the above code:

    define('WP_USE_THEMES', false);
        require_once( 'wp-blog-header.php' );

    That worked fine but then when I submit the form after edits - I get an error: "Security check: referal does not match this site." After reading a bit I learned this has to do with nonces. I'm not sure why/how to deal with it and can't find a way to troubleshoot the issue. I'd appreciate if someone could point me in the right direction.

  2. Gregg Banse
    Member
    Posted 4 months ago #

    I solved the problem. I was using a form created by Visual Form Builder which still had the VFB names including in the submit action "vfb-submit" which must be a hook for VFB processing. I set this back to a normal submit and it worked just fine.

Reply

You must log in to post.

About this Topic