Support

Account

Home Forums Front-end Issues `acf_form` and `_acfnonce` validation not working

Solving

`acf_form` and `_acfnonce` validation not working

  • Hello. Running into issues with ACFPRO here.

    I’m using acf_form in order to create new posts in WordPress.

    I’ve followed the tutorials and looked through Google and a few related forum threads, but I still can’t figure out why validating the _acfnonce POST data is not working.

    acf_form_head is called and the nonce validation function is run, but the nonce (for action acf_form) doesn’t seem to be valid at all.

    Output of the acf_form‘s nonce field is as such:

    <input type="hidden" name="_acfnonce" value="5430916710" />

    When using var_dump inside the acf_verify_nonce (which is called inside acf_form_head), the nonce isn’t valid at all. Never. wp_verify_nonce returns false 100% times.

    Here are the options I’m giving for acf_form:

    $acf_form_options = [
        'post_id' => 'new_post',
        'return' => home_url(),
        'submit_value' => 'Send',
        'post_title' => true,
        'post_content' => true,
        'new_post' => [
            'post_status' => 'publish',
            'post_type' => 'post'
        ]
    ];

    My templating is done with Timber/Twig. Does this affect the ACF system somehow?

    In post-new.php which is displayed for the new post page:

    acf_form_head();
    
    $acf_form_options = [
        'post_id' => 'new_post',
        'return' => home_url(),
        'submit_value' => 'Send',
        'post_title' => true,
        'post_content' => true,
        'new_post' => [
            'post_status' => 'publish',
            'post_type' => 'post'
        ]
    ];
     
    $data = Timber::get_context();
    
    $data['acf_form']['options'] = $acf_form_options;
    
    Timber::render( 'views/admin/new-post.twig', $data );

    And inside new-post.twig I output the form using {{ function( 'acf_form', acf_form.options ) }}.

    It is not WordPress, as I can save posts just fine with the built-in forms.

  • If I use acf_form to edit an existing post, the nonce validation doesn’t pass on the first submit, but works fine on subsequent submits. I lose all my changes and it returns to the edit form (acf_form). Does the nonce get calculated with a referer that needs to be the same as the page where acf_form is displayed?

    EDIT:

    I’m also running WP on Apache behind Nginx, which acts as a reverse proxy. Client IPs and such are forwarded correctly.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.