Home » Functions » wp_nonce_url

Function Name: wp_nonce_url

WordPress provides a built-in security system to protect your website from malicious attacks. One of the key components of this security system is the use of nonces, which are unique, one-time-use tokens that help ensure that form submissions and other actions on your site come from legitimate sources.

The wp_nonce_url() function is a WordPress function that allows you to generate a URL with a nonce added to it. This URL can be used to perform actions on your site while ensuring that the request is legitimate and not a forgery.

The function takes three parameters: the URL to which you want to add the nonce, the name of the nonce (which can be any string value), and an optional parameter that specifies the name of the query string variable to use for the nonce (the default is "_wpnonce").

Here’s an example of how you might use wp_nonce_url() to generate a URL with a nonce:

$url = 'https://example.com/my-action/';
$action = 'my-action';
$nonce_url = wp_nonce_url( $url, $action );

In this example, the $url variable contains the URL to which we want to add the nonce, and the $action variable is a string that identifies the action we want the nonce to protect. The wp_nonce_url() function generates a new URL with a nonce added, and stores it in the $nonce_url variable. This URL can then be used to perform the desired action on your site while ensuring that the request is legitimate.

Overall, the wp_nonce_url() function is a powerful tool for adding an extra layer of security to your WordPress site. By using nonces, you can help protect your site against CSRF attacks and other malicious activity.

Learn More on WordPress.org

Register an account to save your snippets or go Pro to get more features.