Not the OP, but I'll jump in. Learn about using nonces with postbacks. It's not overly complicated, but it took me a while to understand the pattern. Once I understood this cycle, WordPress development (writing code) became so much clearer.
Create an html form, that includes wp_nonce_field(). Now your form includes a string that's unique to that form and will be unique to post requests submitted by that form.
In a plugin or in functions.php, add an init action that checks for post requests and uses wp_verify_nonce to check for the nonce. Now you know that form was submitted.
Process the form data however you want, then use wp_redirect with the _wp_http_referer created by wp_nonce_field to send the user back to the form.
I now use this pattern everywhere in WordPress.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Not the OP, but I'll jump in. Learn about using nonces with postbacks. It's not overly complicated, but it took me a while to understand the pattern. Once I understood this cycle, WordPress development (writing code) became so much clearer.
Create an html form, that includes wp_nonce_field(). Now your form includes a string that's unique to that form and will be unique to post requests submitted by that form.
In a plugin or in functions.php, add an init action that checks for post requests and uses wp_verify_nonce to check for the nonce. Now you know that form was submitted.
Process the form data however you want, then use wp_redirect with the _wp_http_referer created by wp_nonce_field to send the user back to the form.
I now use this pattern everywhere in WordPress.