0
0
Wordpressframework~20 mins

Nonce verification in Wordpress - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Nonce Verification Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What happens when a WordPress nonce verification fails?
Consider a WordPress plugin that uses check_admin_referer('my_action') to verify a nonce. What is the typical behavior if the nonce is invalid or missing?
AThe function triggers a WordPress error and stops script execution immediately.
BThe function returns false and the script continues without interruption.
CThe function logs the error but allows the script to continue running.
DThe function automatically regenerates a new nonce and retries verification.
Attempts:
2 left
💡 Hint
Think about how WordPress protects admin actions from unauthorized access.
📝 Syntax
intermediate
2:00remaining
Which code snippet correctly verifies a nonce in a WordPress AJAX handler?
You want to verify a nonce sent via POST in your AJAX handler function. Which snippet correctly checks the nonce named 'my_nonce'?
Aif (check_admin_referer('my_nonce', 'my_action')) { wp_die('Invalid nonce'); }
Bif (!check_ajax_referer('my_action', 'my_nonce', false)) { wp_die('Invalid nonce'); }
Cif (!wp_verify_nonce($_POST['my_nonce'], 'my_action')) { wp_die('Invalid nonce'); }
Dif (!wp_verify_nonce('my_action', $_POST['my_nonce'])) { wp_die('Invalid nonce'); }
Attempts:
2 left
💡 Hint
Remember the order of parameters for wp_verify_nonce and how to handle failure.
state_output
advanced
2:00remaining
What is the output of this nonce verification code snippet?
Given the following code in a WordPress plugin, what will be the output if the nonce is valid?
Wordpress
<?php
if (isset($_POST['my_nonce']) && wp_verify_nonce($_POST['my_nonce'], 'save_data')) {
  echo 'Nonce verified';
} else {
  echo 'Nonce failed';
}
?>
ANonce failed
BNonce verified
CPHP Warning: Undefined index 'my_nonce'
DNo output
Attempts:
2 left
💡 Hint
Check the condition and what happens when the nonce is valid.
🔧 Debug
advanced
2:00remaining
Why does this nonce verification always fail?
Identify the reason why the nonce verification fails every time in this code snippet:
Wordpress
<?php
if (!wp_verify_nonce('save_data', $_POST['my_nonce'])) {
  wp_die('Invalid nonce');
}
?>
AThe parameters to wp_verify_nonce are reversed; nonce value should be first.
BThe nonce action string 'save_data' is missing from the POST data.
Cwp_die() is called incorrectly without an error message.
DThe nonce is not generated before verification.
Attempts:
2 left
💡 Hint
Check the order of parameters for wp_verify_nonce.
🧠 Conceptual
expert
2:00remaining
Why is nonce verification important in WordPress forms?
Choose the best explanation for why WordPress uses nonce verification in forms and AJAX requests.
ATo encrypt user data before sending it to the server for security.
BTo speed up form submissions by caching nonce values.
CTo validate user input formats like email and phone numbers.
DTo prevent Cross-Site Request Forgery (CSRF) attacks by ensuring requests come from trusted sources.
Attempts:
2 left
💡 Hint
Think about what kind of attacks nonce verification protects against.