如何在 Wordpress 多站点中使用 nonce
[英]How to use nonces in a Wordpress multisite
问题描述
For a domain based multisite installation I have written some ajax endpoints to retrieve data from one blog of the network and display it in another blog of the same network.
对于基于域的多站点安装,我编写了一些 ajax 端点来从网络的一个博客中检索数据并将其显示在同一网络的另一个博客中。
I would had try wp_nonce_url and wp_verify_nonce but somehow, the nonces aren't indentical so the verification fails.我会尝试 wp_nonce_url 和 wp_verify_nonce 但不知何故,随机数不是相同的,所以验证失败。
I wonder why this is so.我想知道为什么会这样。 As far as I could read from the docs of wordpress the nonce isn't bound to a domain, so it should be the same regardless which blog of the network I call.据我从 wordpress 的文档中读到的,nonce 没有绑定到域,因此无论我调用网络的哪个博客,它都应该是相同的。
Any hints what could be the reason, that the verification fails?任何提示可能是什么原因,验证失败?
1 个解决方案
解决方案1
0 2020-02-10 15:02:14
Ah, I got it.啊,我明白了。
I was logged in on the site which makes the ajax call and therefore uid and session were not identical.我登录了进行 ajax 调用的站点,因此 uid 和 session 不相同。 Because this information is used to build the hash it is obvious that the nonce could not match.由于此信息用于构建哈希,因此很明显随机数无法匹配。 Since I can not surely determine whether the user is logged into one of the affected blogs of the Ajax call (sender / recipient), I have no choice but to implement my own nonce routine.由于我无法确定用户是否登录到 Ajax 调用(发送者/接收者)受影响的博客之一,我别无选择,只能实现我自己的 nonce 例程。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.