My code was working fine:
$registrado = "no";
$redirect_url = site_url( "/pedido-nao-recebido/?mpms2pagarme=retorno&codigo=nao200&mensagem=oui®istrado=$registrado");
wp_redirect($redirect_url);
exit;
With this, I was being redirected to
http://s16138.p360.sites.pressdns.com/pedido-nao-recebido/?mpms2pagarme=retorno&codigo=nao200&mensagem=oui®istrado=no.
Exactly what I need.
Then I decided to take a security measure, with wp_nonce_url.
$registrado = "no";
$redirect_url = site_url( "/pedido-nao-recebido/?mpms2pagarme=retorno&codigo=nao200&mensagem=oui®istrado=$registrado");
//WP Nonce (security measure)
$nonce_redirect_url = wp_nonce_url( $redirect_url, 'pedido-nao-recebido', 'mpms2nonce' );
wp_redirect($nonce_redirect_url);
exit;
Now I get this URL:
http://s16138.p360.sites.pressdns.com/pedido-nao-recebido/?mpms2pagarme=retorno&codigo=nao200&mensagem=oui&registrado=no&mpms2nonce=aeb5ba40d2.
Because of these amp;, my code is broke and browser gives me a The s16138.p360.sites.pressdns.com page isnât working. There is a script on the redirected page that is not running. It goes like this:
//If it is not a subscription request, abort...
if ( !isset( $_GET['mpms2pagarme'] ) || 'retorno' != $_GET['mpms2pagarme'] || !isset( $_GET['codigo'] ) || !isset( $_GET['mensagem'] ) ) {
return;
}
//Checking WP Nonce
check_admin_referer( 'pedido-nao-recebido', 'mpms2nonce' );
(...)
I tried using php header function instead of wp_redirect, but the same happened (ampersand). I tried also esc_url, esc_url_raw, urlencode…with no success.
Strange thing…wp_redirect (or header) only works for me without wp_nonce_url. Should I get rid of the latter? Any other solution?
Thanks in advance.
You can use
html_entity_decode()to convert&back to&The string is being url encoded somewhere along the way
you can decode it with urldecode
I hope this still helps someone:
Taken from the comment below:
https://developer.wordpress.org/reference/functions/wp_nonce_url/#comment-1927