0

I have a function which uses Ajax calls:

function bs_reserve_gift() { if (!wp_verify_nonce($_POST['_wpnonce'], 'reserve_gift')) { $response['status'] = 'error'; $response['message'] = __('Something went wrong, please try again later!', 'bs'); echo json_encode($response); exit(); } else { update_post_meta($_POST['reserve_gift_id'], 'gift_status', 'reserved'); $response['status'] = 'success'; $response['gift_id'] = $_POST['reserve_gift_id']; $response['message'] = __('Thank you, the gift was reserved for you!', 'bs'); echo json_encode($response); exit(); } } add_action('wp_ajax_nopriv_reserve_gift', 'bs_reserve_gift'); add_action('wp_ajax_reserve_gift', 'bs_reserve_gift');

This works for logged in users, but for non logged users the nonce doesn't validate for some reason...

How can I solve this?

Improve this question

1 Answer 1

Reset to default
2

Use check_ajax_referer: https://codex.wordpress.org/Function_Reference/check_ajax_referer

//Check nonce if ( !check_ajax_referer( 'nonce-action-name', '_wpnonce', false ) ){ echo __('Ajax Security Check', 'yourtextdomain'); die(); }
Improve this answer
1
  • Thanks, this works, but I'm still curious why the wp_verify_nonce doesn't work... Commented Apr 16, 2015 at 21:36

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.