Send ajax request in wordpress using wpnonce

wpsecuritythumblet’s send ajax request in wordpress using wpnonce

Hei, I am not going to discuss what is wpnonce and why you should use this in your plugin or how important to use this to secure your plugin 😛
But here I am going to discuss how you can use wpnonce in ajax request, I mean if your plugin handles ajax request.
Steps that we need to follow are:

One: Create wpnonce value.
Two: Send wpnonce value as an extra parameter with ajax requestion
Three: Check ajax referrer with the wpnonce value that was created in step one and sent in step two.

Ok, how to create a wpnonce value ?
we need to use wordpress function wp_create_nonce() . See wordpress codex here.
< ?php $my_wpnonce= wp_create_nonce (‘you-look-nice’); ?> // “you-look-nice” is just a string, u can use whatever u want. here $my_wpnonce will get a hash from wp_create_nonce. Oh that is not direct hash of “you-look-nice” but based on user id, time and that string. To know more about this function please check pluggable.php in wp-includes folder

Now send wpnonce value $my_wpnonce as an extra parameter while seding ajax req. Continue reading

Ajax!!!

Today I started to learn Ajax. Actually I learn most thing from web but I kept a book too from whick I can learn the basics. Somedays ago I bought a book on ajax name “Professional Ajax” by Nicholas C. Zakas, Jeremy McPeak and Joe Fawcett and publisher is wrox. I don’t know who this book is but I think I will get the basic concepts from it.If u have any suggestion about  ajax like which book is good or any web link from whick I can get better help about this plz let me know…