/**
* Validates the nonce given in a request for the given action.
*
* @return bool
*/
public function validate()
{
if (!isset($_SERVER['REQUEST_METHOD']) || $_SERVER['REQUEST_METHOD'] !== $this->request_method) {
return false;
}
if (!isset($this->allowed_request_methods[$this->request_method])) {
return false;
}
if (!$this->context) {
return false;
}
$nonce = filter_input($this->allowed_request_methods[$this->request_method], $this->context->get_name());
return (bool) wp_verify_nonce($nonce, $this->context->get_action());
}
/**
* Test for the get_name() method.
*
* @dataProvider provide_get_name_data
*
* @param string $expected
* @param string $action
* @param string $name
*
* @return void
*/
public function test_get_name($expected, $action, $name)
{
Monkey\Functions::when('sanitize_title_with_dashes')->returnArg();
$testee = new Testee($action, $name);
$this->assertSame($expected, $testee->get_name());
}
/**
* Returns the given URL with the query argument for the given nonce context.
*
* @param string $url The current URL.
* @param Context $context The nonce context object.
*
* @return string
*/
public function get($url, Context $context)
{
return wp_nonce_url((string) $url, $context->get_action(), $context->get_name());
}
/**
* Returns the input element for the given nonce context.
*
* @param Context $context Nonce context object.
*
* @return string
*/
public function get(Context $context)
{
return wp_nonce_field($context->get_action(), $context->get_name(), false, false);
}
/**
* Returns the HTML data attribute string for the given nonce context.
*
* @param Context $context Nonce context object.
*
* @return string
*/
public function get(Context $context)
{
$nonce = wp_create_nonce($context->get_action());
return 'data-' . esc_attr($context->get_name()) . '="' . esc_attr($nonce) . '"';
}
