PHPackages                             zahardoc/z-nonce - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. zahardoc/z-nonce

ActiveLibrary[Utility &amp; Helpers](/categories/utility)

zahardoc/z-nonce
================

WordPress nonce functionality in more object-oriented way

1.1.0(9y ago)020MITPHPPHP &gt;=5.6

Since Jul 2Pushed 9y agoCompare

[ Source](https://github.com/zahardoc/z-nonce)[ Packagist](https://packagist.org/packages/zahardoc/z-nonce)[ RSS](/packages/zahardoc-z-nonce/feed)WikiDiscussions master Synced 2w ago

READMEChangelog (1)Dependencies (1)Versions (3)Used By (0)

ZNonce
======

[](#znonce)

- [Introduction](#introduction)
- [Installation](#installation)
- [Hos to use it](#how-to-use-it)
    - [Creating a nonce](#creating-a-nonce)
        - [Adding a nonce to a URL](#adding-a-nonce-to-a-url)
        - [Adding a nonce to a form](#adding-a-nonce-to-a-form)
        - [Creating a nonce for use in some other way](#creating-a-nonce-for-use-in-some-other-way)
    - [Verifying a nonce](#verifying-a-nonce)
        - [Verifying a nonce passed from an admin screen](#verifying-a-nonce-passed-from-an-admin-screen)
        - [Verifying a nonce passed in an AJAX request](#verifying-a-nonce-passed-in-an-ajax-request)
        - [Verifying a nonce passed in some other context](#verifying-a-nonce-passed-in-some-other-context)
- [Testing](#testing)
- [License](#license)

Introduction
============

[](#introduction)

ZNonce library provides WordPress nonce functionality in more object-oriented way. Nonces are used to help protect URLs and forms from certain types of misuse, malicious or otherwise. Please see [https://codex.wordpress.org/WordPress\_Nonces](https://codex.wordpress.org/WordPress_Nonces) for details.

---

Installation
============

[](#installation)

The recomended way to install ZNonce is using composer:

```
composer require zahardoc/z-nonce

```

---

How to use it
=============

[](#how-to-use-it)

After installation ensure you required composer autoload.php file anywhere in your code before using ZNonce:

```
require_once 'path/to/folder/vendor/autoload.php';

```

Then you could get ZNonce everywhere in your code using ZNonce::init() function:

```
$znonce = Zahardoc\ZNonce\ZNonce::init();

```

Then you can create or verify a nonce.

Note that nonces has lifetime after which they expire. By default it is 24 hours, but you can modify it by set\_nonce\_life() method. Just call it with number of seconds you want nonce to live. Example: set nonce time to 1 minute:

```
$znonce->set_nonce_life(60);

```

Also, you can always check nonce life time by get\_nonce\_life():

```
$life = $znonce->get_nonce_life();

```

Creating a nonce
----------------

[](#creating-a-nonce)

When you creating a nonce try to use as more specific action as you can. For example, if you are dealing with post, add post id to your action. There are 3 ways to use creating a nonce functionality:

### Adding a nonce to a URL

[](#adding-a-nonce-to-a-url)

To add a nonce to a URL, call nonce\_url() method specifying the bare URL and a string representing the action:

```
$action_url = $znonce->nonce_url( $bare_url, 'your_action_'.$post_id );

```

### Adding a nonce to a form

[](#adding-a-nonce-to-a-form)

To add a nonce to a form, use nonce\_field():

```
$znonce->nonce_field( 'your_action_'.$post_id );

```

It will create 2 hidden fields with nonce and referer values, which you could verify later.

### Creating a nonce for use in some other way

[](#creating-a-nonce-for-use-in-some-other-way)

If you need nonce itself to use it in some other way, call create\_nonce() method:

```
$nonce = $znonce->create_nonce( 'your-action_'.$post_id );

```

Verifying a nonce
-----------------

[](#verifying-a-nonce)

If nonce is valid, all verify methods return 1 or 2 depending on how much time ago it has been created. If it is less then half of expire time - method returns 1, otherwise - 2.

### Verifying a nonce passed from an admin screen

[](#verifying-a-nonce-passed-from-an-admin-screen)

To verify a nonce passed from an admin screen, call check\_admin\_referer() specifying the string representing the action.

```
$znonce->check_admin_referer( 'your_action' );

```

This call checks the nonce and the referrer, and if the check fails it terminates script execution with a "403 Forbidden" response and an error message.

### Verifying a nonce passed in an AJAX request

[](#verifying-a-nonce-passed-in-an-ajax-request)

To verify a nonce passed from an AJAX request, call check\_ajax\_referer() method specifying the string representing the action.

```
$znonce->check_ajax_referer( 'your_action' );

```

This call checks the nonce (but not the referrer), and if the check fails then it terminates script execution.

### Verifying a nonce passed in some other context

[](#verifying-a-nonce-passed-in-some-other-context)

If you want just verify a nonce and then do some of your custom actions, use verify\_nonce() method:

```
$result = $znonce->verify_nonce( $_REQUEST['your_nonce'], 'your-action_'.$post_id );

```

---

Testing
=======

[](#testing)

ZNonce is provided with phpunit tests. To run them, please follow these steps:

1. Go to the library root directory: `cd /your/vendor/path/zahardoc/z-nonce`
2. Install environment `tests/install.sh    [db-host] [wp-version]`Note: use database user with privileges to create new database. Don't specify existing database here.
3. Install library dependencies: `composer update`
4. Run tests: `vendor/bin/phpunit`

---

License
=======

[](#license)

This library is released under the [MIT](https://github.com/zahardoc/z-nonce/blob/master/LICENSE) license, you can use it free of charge on your personal or commercial sites.

###  Health Score

25

—

LowBetter than 35% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity6

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity59

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

2

Last Release

3285d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/f44f0e72d2fb3c4ec36b5c2cf5f9641479277806838799763e0ff1e46e222e69?d=identicon)[zahardoc](/maintainers/zahardoc)

---

Top Contributors

[![zahardev](https://avatars.githubusercontent.com/u/5578322?v=4)](https://github.com/zahardev "zahardev (9 commits)")

---

Tags

wordpresswpnoncez-nonce

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/zahardoc-z-nonce/health.svg)

```
[![Health](https://phpackages.com/badges/zahardoc-z-nonce/health.svg)](https://phpackages.com/packages/zahardoc-z-nonce)
```

###  Alternatives

[roots/bedrock

WordPress boilerplate with Composer, easier configuration, and an improved folder structure

6.5k456.5k2](/packages/roots-bedrock)[ffraenz/private-composer-installer

A composer install helper for private packages

2321.7M5](/packages/ffraenz-private-composer-installer)[tareq1988/wordpress-settings-api-class

WordPress settings API Abstraction Class

46711.6k4](/packages/tareq1988-wordpress-settings-api-class)[gotoandplay/gravityforms-composer-installer

A composer install helper for Gravity Forms

31402.0k](/packages/gotoandplay-gravityforms-composer-installer)[seravo/seravo-plugin

Enhances WordPress with Seravo.com specific features and integrations

40167.9k2](/packages/seravo-seravo-plugin)[proteusthemes/wp-customizer-utilities

Advanced WordPress customizer controls and settings for better user experience.

329.7k1](/packages/proteusthemes-wp-customizer-utilities)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
