Generating wp_nonce outside of WordPress | WordPress.org

Daniel J. Summers
(@danielsummers)

15 years ago

I’ve written a couple of web applications that utilize WordPress for the front end – it gives the customers a public website that they can edit, and they can control the users. I hook into the WordPress database for user management (all lookups – they still use the WP create user pages to create the users).

With WordPress 2.7, the introduction of the wp_nonce has broken my “Log Out” link. I understand the logic behind it, and I’m in favor – it’s a great security enhancement. However, I’ve made several attempts at generating that from within my app, and haven’t had any success. At one point, I was trying to determine what files I’d need to include from the WordPress codebase to make the function call work.

Googling for this problem also didn’t yield anything fruitful, so I’m bringing the question here in hopes that you smart folks can point me in the right direction. Thanks…

Viewing 1 replies (of 1 total)

amirulali
(@amirulali)

14 years, 2 months ago

Hey there, you are not alone. Been looking for the solution all over the internet and could not find one that would work. This nonce is a great security feature but it has its downside i guess.

The closes I get was to show wp_nonce_ays error page and once confirm it would redirect to the page I wanted. Base on the code, I don’t think we will be able to verify as check_admin_referer function compares $referrer and $adminurl in order to verify. That issue a side, I still can’t make wp_logout_url nonce to be a verified ones 🙁

Viewing 1 replies (of 1 total)

The topic ‘Generating wp_nonce outside of WordPress’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: amirulali
Last activity: 14 years, 2 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics