Automator_Utilities::ajax_auth_check( array $post = array() )
Verifies that a correct security nonce was used with time limit.
Contents
Parameters Parameters
- $post
-
(Optional)
Default value: array()
Source Source
File: src/core/lib/utilities/class-automator-utilities.php
public function ajax_auth_check( $post ) {
$capability = 'manage_options';
$capability = apply_filters_deprecated( 'modify_recipe', array( $capability ), '3.0', 'automator_capability_required' );
$capability = apply_filters( 'automator_capability_required', $capability, $post );
if ( ! current_user_can( $capability ) ) {
$return['status'] = 'auth-failed';
$return['error'] = __( 'You do not have permission to update options.', 'uncanny-automator' );
echo wp_json_encode( $return );
die();
}
if ( empty( $post ) ) {
$return['status'] = 'auth-failed';
$return['error'] = __( '$_POST object is empty.', 'uncanny-automator' );
echo wp_json_encode( $return );
die();
}
if ( ! isset( $post['nonce'] ) ) {
$return['status'] = 'auth-failed';
$return['error'] = __( 'nonce was not received.', 'uncanny-automator' );
echo wp_json_encode( $return );
die();
}
if ( ! wp_verify_nonce( $post['nonce'], 'wp_rest' ) ) {
$return['status'] = 'auth-failed';
$return['error'] = __( 'nonce did not validate.', 'uncanny-automator' );
echo wp_json_encode( $return );
die();
}
}
Expand full source code Collapse full source code View on Github