wp_create_nonce

The timeline below displays how wordpress function wp_create_nonce has changed across different WordPress versions. If a version is not listed, refer to the next available version below.

WordPress Version: 6.3

/**
 * Creates a cryptographic token tied to a specific action, user, user session,
 * and window of time.
 *
 * @since 2.0.3
 * @since 4.0.0 Session tokens were integrated with nonce creation.
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The token.
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token();
    $i = wp_nonce_tick($action);
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

WordPress Version: 6.1

/**
 * Creates a cryptographic token tied to a specific action, user, user session,
 * and window of time.
 *
 * @since 2.0.3
 * @since 4.0.0 Session tokens were integrated with nonce creation.
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The token.
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token($action);
    $i = wp_nonce_tick($action);
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

WordPress Version: 4.4

/**
 * Creates a cryptographic token tied to a specific action, user, user session,
 * and window of time.
 *
 * @since 2.0.3
 * @since 4.0.0 Session tokens were integrated with nonce creation
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The token.
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token();
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

WordPress Version: 4.1

/**
 * Creates a cryptographic token tied to a specific action, user, and window of time.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The token.
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token();
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

WordPress Version: 4.0

/**
 * Creates a cryptographic token tied to a specific action, user, and window of time.
 *
 * @since 2.0.3
 *
 * @param string $action Scalar value to add context to the nonce.
 * @return string The token.
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token();
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

WordPress Version: .10

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 3.9

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .30

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 8.3

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .20

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 8.2

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .10

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 3.8

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .30

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 7.3

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .20

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 7.2

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}

WordPress Version: .10

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid, 'nonce'), -12, 10);
}

WordPress Version: 3.7

/**
 * Creates a random, one time use token.
 *
 * @since 2.0.3
 *
 * @param string|int $action Scalar value to add context to the nonce.
 * @return string The one use form token
 */
function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $i = wp_nonce_tick();
    return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}