Multiple nonces with the same action name

  • Guido

    (@guido07111975)


    2 years ago

    Hi,

    I have multiple forms on a website, and all of them contain an unique nonce name, example:

    $nonce_field_one = wp_nonce_field( 'my_nonce_action', 'nonce_one', true, false );
$nonce_field_two = wp_nonce_field( 'my_nonce_action', 'nonce_two', true, false );

    My question: should I also have an unique action name for every nonce, or can I use the same action name for all nonces?

    It does work with the same action name, but it’s not clear to me whether this can cause conflicts between the various nonces or not?

    Guido

Viewing 2 replies - 1 through 2 (of 2 total)
  • Hugh Lashbrooke

    (@hlashbrooke)

    Having two nonces with the same action value will not cause any conflicts, so this is fine to do. So long as you keep your name (second parameter) different, you’ll be OK, and there won’t be any conflicts.

    That being said, for security purposes, I would recommend having a different action value for each nonce – purely for the sake of making them harder to crack. That isn’t strictly necessary though.

    Thread Starter Guido

    (@guido07111975)

    Hi Hugh,

    Thanks for your explanation! Clearly my knowledge about how actions work is limited. Gonna look into this.

    Guido

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Multiple nonces with the same action name’ is closed to new replies.