I am working on pages which are secured so no-one can link to that page using this:
Code below is called inside a loop.
$gentok = uniqid();
if(isset($_GET["action"]) && $_GET["action"] == "clean_$gentok") {
// stuff
}
Then, I have this to call the URL:
<a href="<?php echo admin_url("themes.php?page=cleaner&action=clean_$gentok"); ?>">Clean this and that</a>
But when clicking the link, the page refreshes and the uniqid()
has already changed.
How can I make it so the uniqid()
is still the same after the page refresh? I'm open for any changes or better ideas you may have.
Thank you!
Posting this as a community wiki since I've nothing to gain from this.
My suggestion in comments about using a nonce brought the OP to use the WordPress version of a nonce as their solution.
Reference:
Sidenote: To be honest, I was not aware that WordPress had one and found that reference link on the Internet.
My original reference:
Additional reference: