wp_comment_form_unfiltered_html_nonce()
云策文档标注
概述
wp_comment_form_unfiltered_html_nonce() 函数用于显示未过滤评论的表单令牌,仅当当前用户具有 unfiltered_html 权限时才会输出 nonce 令牌。
关键要点
- 函数仅在当前用户拥有 unfiltered_html 权限时显示 nonce 令牌,对其他用户不显示。
- 该函数向后移植到 2.0.10 版本,并在 2.1.3 及以上版本中添加;在 2.0 分支的 2.0.10 之前版本和 2.1 分支的 2.1.3 之前版本中不存在,技术上在 2.2.0 版本中添加。
- 函数内部使用 wp_nonce_field() 生成 nonce 字段,并结合 wp_print_inline_script_tag() 输出内联脚本以处理表单提交。
代码示例
function wp_comment_form_unfiltered_html_nonce() {
$post = get_post();
$post_id = $post ? $post->ID : 0;
if ( current_user_can( 'unfiltered_html' ) ) {
wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled', false );
wp_print_inline_script_tag( "(function(){if(window===window.parent){document.getElementById('_wp_unfiltered_html_comment_disabled').name='_wp_unfiltered_html_comment';}})();n//# sourceURL=" . rawurlencode( __FUNCTION__ ) );
}
}
原文内容
Displays form token for unfiltered comments.
Description
Will only display nonce token if the current user has permissions for unfiltered html. Won’t display the token for other users.
The function was backported to 2.0.10 and was added to versions 2.1.3 and above. Does not exist in versions prior to 2.0.10 in the 2.0 branch and in the 2.1 branch, prior to 2.1.3. Technically added in 2.2.0.
Backported to 2.0.10.
Source
function wp_comment_form_unfiltered_html_nonce() {
$post = get_post();
$post_id = $post ? $post->ID : 0;
if ( current_user_can( 'unfiltered_html' ) ) {
wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled', false );
wp_print_inline_script_tag( "(function(){if(window===window.parent){document.getElementById('_wp_unfiltered_html_comment_disabled').name='_wp_unfiltered_html_comment';}})();n//# sourceURL=" . rawurlencode( __FUNCTION__ ) );
}
}
Changelog
| Version | Description |
|---|---|
| 2.1.3 | Introduced. |