2017 © Pedro Peláez
 

wordpress-package wp-oop-nonces-csrf

This package enables the wordpress nonce function in an object-oriented environment

image

ympervej/wp-oop-nonces-csrf

This package enables the wordpress nonce function in an object-oriented environment

  • Friday, January 19, 2018
  • by ympervej
  • Repository
  • 1 Watchers
  • 0 Stars
  • 0 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 2 Versions
  • 0 % Grown

The README.md

WordPress Nonces in OOP Environment

A composer package, which serves the functionality working with WordPress Nonces in an object orientated environment., (*1)

Requirement


Wordpress Version: Minimum 4.8 PHP Version: Minimum 5.6 PHP Unit Version: 5

Installation

Add this package as requirement at your composer.json file and then run 'composer update', (*2)


"ympervej/wp-oop-nonces-csrf": "1.0.*"

Or directly run, (*3)

composer require ympervej/wp-oop-nonces-csrf

Usage

add to your functions.php, in the active theme, (*4)


// Autoload files using Composer autoload require __DIR__ . '/vendor/autoload.php';

Examples

Create a nonce

This will creates a cryptographic token tied to a specific action
# Arguments string or int $action Scalar value to add context to the nonce.
# Return The token.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_create = $Wp_Csrf_Nonce->wp_oop_create_nonce( $action );

For example:, (*5)

<a href='my_url.php?nonce_something=nonce_action&_wpnonce=<?php echo $csrf_nonce_create; ?>'>Your Nonce Action</a>

Verify a nonce

Verify that correct nonce was used with time limit.
# Arguments $nonce and $action.
# Return Boolean or 1.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_verify = $Wp_Csrf_Nonce->wp_oop_verify_nonce( $nonce, $action );

Add a nonce to a URL

Retrieve URL with nonce added to URL query.
# Arguments $action_url and $action and $name.
# Return Escaped URL with nonce action added.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_url = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_URL($action_url, $action, $name );

Add a nonce to a form

Retrieve URL with nonce added to URL query.
# Arguments action, $name, $referer, $echo.
# Return Nonce field HTML markup.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_field = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_field(action, $name, $referer, $echo );

Ajax Nonce Verification

Verify a nonce passed in an AJAX request

# Arguments $action, $query_arg, $die.
# Return Boolean or 1.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_ajax_ref = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_checka_ajax_referer($action, $query_arg, $die);

Admin Nonce Verification.

Makes sure that a user was referred from another admin page.

# Arguments $action, $query_arg.
# Return Boolean or 1.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_nonce_admin_ref = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_check_admin_referer($action, $query_arg);

Display Nonce Action Message.

This will display 'Are you sure you want to do this?' message to confirm the action being taken.

# Arguments $action.
# Return Boolean or 1.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_action_text = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_ays($action);

Retrieve or display referer hidden field for forms.

# Arguments $echo Boolean.
# Return Referer field HTML markup.

$Wp_Csrf_Nonce = new \wp_oop_nonce_csrf\Wp_Oop_Nonces_Csrf(); $csrf_refer_field = $Wp_Csrf_Nonce->wp_oop_nonce_csrf_referer_field($echo);

How to run Unit Tests

  1. In Terminal Run this

$ CD /wordpress/your-theme-folder/wp-oop-nonces-csrf
  1. Install PHP Unit on dev

$ composer require --dev phpunit/phpunit:~5
  1. Copy the Test Directory from "/vendor/ympervej/wp-oop-nonces-csrf/tests" to "your-theme-folder/wp-oop-nonces-csrf", (*6)

  2. Run Composer Update, (*7)


$ composer update
  1. Run This in Terminal to test

$ ./vendor/bin/phpunit --bootstrap vendor/autoload.php tests/WpOopCsrfTest
  1. You can also test with this

$ ./vendor/bin/phpunit --bootstrap vendor/autoload.php --testdox tests

Thanks to

License

MIT, (*8)

The Versions

19/01 2018

dev-master

9999999-dev

This package enables the wordpress nonce function in an object-oriented environment

  Sources   Download

The Requires

  • php >=5.6.0

 

The Development Requires

by Yeasir

19/01 2018

1.0.0

1.0.0.0

This package enables the wordpress nonce function in an object-oriented environment

  Sources   Download

The Requires

  • php >=5.6.0

 

The Development Requires

by Yeasir