wp_is_authorize_application_password_request_valid()
Checks if the Authorize Application Password request is valid.
Хуки из функции
Возвращает
true|WP_Error
. True if the request is valid, a WP_Error object contains errors if not.
Использование
wp_is_authorize_application_password_request_valid( $request, $user );
- $request(массив) (обязательный)
The array of request data. All arguments are optional and may be empty.
-
app_name(строка)
The suggested name of the application. -
app_id(строка)
A UUID provided by the application to uniquely identify it. -
success_url(строка)
The URL the user will be redirected to after approving the application. - reject_url(строка)
The URL the user will be redirected to after rejecting the application.
-
- $user(WP_User) (обязательный)
- The user authorizing the application.
Список изменений
С версии 5.6.0 | Введена. |
С версии 6.2.0 | Allow insecure HTTP connections for the local environment. |
С версии 6.3.2 | Validates the success and reject URLs to prevent javascript pseudo protocol from being executed. |
Код wp_is_authorize_application_password_request_valid() wp is authorize application password request valid WP 6.6.2
function wp_is_authorize_application_password_request_valid( $request, $user ) { $error = new WP_Error(); if ( isset( $request['success_url'] ) ) { $validated_success_url = wp_is_authorize_application_redirect_url_valid( $request['success_url'] ); if ( is_wp_error( $validated_success_url ) ) { $error->add( $validated_success_url->get_error_code(), $validated_success_url->get_error_message() ); } } if ( isset( $request['reject_url'] ) ) { $validated_reject_url = wp_is_authorize_application_redirect_url_valid( $request['reject_url'] ); if ( is_wp_error( $validated_reject_url ) ) { $error->add( $validated_reject_url->get_error_code(), $validated_reject_url->get_error_message() ); } } if ( ! empty( $request['app_id'] ) && ! wp_is_uuid( $request['app_id'] ) ) { $error->add( 'invalid_app_id', __( 'The application ID must be a UUID.' ) ); } /** * Fires before application password errors are returned. * * @since 5.6.0 * * @param WP_Error $error The error object. * @param array $request The array of request data. * @param WP_User $user The user authorizing the application. */ do_action( 'wp_authorize_application_password_request_errors', $error, $request, $user ); if ( $error->has_errors() ) { return $error; } return true; }