云策 WordPress 开发者社区

钩子文档

check_admin_referer

查看官方原文 ↗
💡 云策文档标注

概述

check_admin_referer 是一个 WordPress 的 Hook,在管理员请求验证后触发,无论验证是否通过。它允许插件在安全检查后执行额外操作,例如强制终止进程以增强安全性。

关键要点

  • 这是一个 Action Hook,在 check_admin_referer() 函数中调用,用于处理管理员请求的非验证结果。
  • 参数包括 $action(非验证操作字符串)和 $result(验证结果:false 表示无效,1 表示有效且在 0-12 小时内生成,2 表示有效且在 12-24 小时内生成)。
  • check_admin_referer() 函数是可插拔的,插件可以覆盖其默认行为。

注意事项

此 Hook 主要用于安全增强,插件可以利用它来强制 WordPress 在特定条件下终止执行,以提供额外的安全层。

📄 原文内容

Fires once the admin request has been validated or not.

Parameters

$actionstring
The nonce action.
$resultfalse|int
False if the nonce is invalid, 1 if the nonce is valid and generated between 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.

More Information

The filter hook is applied in the default check_admin_referrer() function after the nonce has been checked for security purposes; this allows a plugin to force WordPress to die for extra security reasons. Note that check_admin_referrer is also a “pluggable” function, meaning that plugins can override it.

Source

do_action( 'check_admin_referer', $action, $result );

View all references View on Trac View on GitHub

Used by Description
check_admin_referer()wp-includes/pluggable.php

Ensures intent by verifying that a user was referred from another admin page with the correct security nonce.

Changelog

Version Description
1.5.1 Introduced.