Docs4dev
Docs
wordpress / latest / functions / wp_refresh_post_nonces.html

wp_refresh_post_nonces( array $response, array $data, string $screen_id ): array

Checks nonce expiration on the New/Edit Post screen and refresh if needed.

Parameters

$response array Required
The Heartbeat response.
$data array Required
The $_POST data sent.
$screen_id string Required
The screen ID.

Return

array The Heartbeat response.

Source

File: wp-admin/includes/misc.php. View all references

function wp_refresh_post_nonces( $response, $data, $screen_id ) {
	if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) {
		$received = $data['wp-refresh-post-nonces'];

		$response['wp-refresh-post-nonces'] = array( 'check' => 1 );

		$post_id = absint( $received['post_id'] );

		if ( ! $post_id ) {
			return $response;
		}

		if ( ! current_user_can( 'edit_post', $post_id ) ) {
			return $response;
		}

		$response['wp-refresh-post-nonces'] = array(
			'replace' => array(
				'getpermalinknonce'    => wp_create_nonce( 'getpermalink' ),
				'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
				'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
				'_ajax_linking_nonce'  => wp_create_nonce( 'internal-linking' ),
				'_wpnonce'             => wp_create_nonce( 'update-post_' . $post_id ),
			),
		);
	}

	return $response;
}

Uses

Uses Description
wp_create_nonce() wp-includes/pluggable.php

Creates a cryptographic token tied to a specific action, user, user session, and window of time.
current_user_can() wp-includes/capabilities.php

Returns whether the current user has the specified capability.
absint() wp-includes/functions.php

Converts a value to non-negative integer.

Changelog

Version Description
3.6.0 Introduced.

© 2003–2022 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_refresh_post_nonces