Creates a cryptographic token tied to a specific action, user, user session, and window of time.
$actionstring|intoptional
Default:-1
The function should be called using the init or any subsequent action hook. Calling it outside of an action hook can lead to problems, see the ticket #14024 for details.
function wp_create_nonce( $action = -1 ) {
$user = wp_get_current_user();
$uid = (int) $user->ID;
if ( ! $uid ) {
/** This filter is documented in wp-includes/pluggable.php */
$uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
}
$token = wp_get_session_token();
$i = wp_nonce_tick( $action );
return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 );
}
Filters whether the user who generated the nonce is logged out.
© 2003–2024 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_create_nonce