Disable Nonce Check For Non Logged In Users

/**

 * Page caching causes problems for donors who are not logged in.

 *

 * This filter disables the nonce check for non-logged in donors. Since this

 * is provides less protection than the normal nonce check, it is not recommended

 * unless you are also using a captcha solution.

 *

 * @param  boolean                  $validated Whether the security check passed the core checks.

 * @param  Charitable_Donation_Form $form      The form object.

 * @return boolean

 */

add_filter(

	'charitable_validate_donation_form_submission_security_check',

	function( $validated, Charitable_Donation_Form $form ) {

		/* The security check passed, so do no more. */

		if ( $validated ) {

			return $validated;

		}

		/* The honeypot failed. */

		if ( ! $form->validate_honeypot() ) {

			return $validated;

		}

		/* Nonce failed for a logged in user. */

		if ( is_user_logged_in() ) {

			return $validated;

		}

		/* Add the nonce failure to the donation log. */

		add_action( 'charitable_after_save_donation', 'ed_charitable_log_donation_nonce_failure' );

		charitable_get_notices()->clear_notices_by_type( 'error' );

		return true;

	},

	10,

	2

);

/**

 * This function logs the nonce failure to the donation log.

 *

 * @param  int $donation_id The ID of the donation.

 * @return void

 */

function ed_charitable_log_donation_nonce_failure( $donation_id ) {

	$log = new Charitable_Donation_Log( $donation_id );

	$log->add( 'The nonce check failed for non logged-in donor, but the donation was allowed to go ahead as nonce checks have been deactivated for non logged-in users.' );

	/* Disable this hook. */

	remove_action( 'charitable_after_save_donation', 'ed_charitable_log_donation_nonce_failure' );

}