Not the OP, but I'll jump in. Learn about using nonces with postbacks. It's not overly complicated, but it took me a while to understand the pattern. Once I understood this cycle, WordPress development (writing code) became so much clearer.
Create an html form, that includes wp_nonce_field(). Now your form includes a string that's unique to that form and will be unique to post requests submitted by that form.
In a plugin or in functions.php, add an init action that checks for post requests and uses wp_verify_nonce to check for the nonce. Now you know that form was submitted.
Process the form data however you want, then use wp_redirect with the _wp_http_referer created by wp_nonce_field to send the user back to the form.
I now use this pattern everywhere in WordPress.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
If you can give one lifehack in developing Wordpress applications what would it be?
Not the OP, but I'll jump in. Learn about using nonces with postbacks. It's not overly complicated, but it took me a while to understand the pattern. Once I understood this cycle, WordPress development (writing code) became so much clearer.
Create an html form, that includes wp_nonce_field(). Now your form includes a string that's unique to that form and will be unique to post requests submitted by that form.
In a plugin or in functions.php, add an init action that checks for post requests and uses wp_verify_nonce to check for the nonce. Now you know that form was submitted.
Process the form data however you want, then use wp_redirect with the _wp_http_referer created by wp_nonce_field to send the user back to the form.
I now use this pattern everywhere in WordPress.