Replies: 0
Hi,
I have a frontend form and want to add the submissions to the database. For ultimate protection I’m adding a nonce field to my form.
But somehow I’m not getting the nonce to verify.
// validate form
if ( ($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['submit']) ) {
if ( isset( $_POST['name_of_nonce_field'] ) && wp_verify_nonce( $_POST['name_of_nonce_field'], 'name_of_my_action' ) ) {
// do stuff
}
}
// create nonce
$nonce = wp_nonce_field( 'name_of_my_action', 'name_of_nonce_field' );
// form
$email_form = '<form class="my-class" id="my-id" method="post">
// all inputs
<?php $nonce; ?>
<button type="submit" name="submit" id="submit" class="btn btn-primary">Submit</button>
</form>';
// display form
return $email_form;
What am I doing wrong? Is it because I’m returning the form perhaps?
Guido