# sample code to get the current dir of the plugin, could be a key info to customize the QRlogin pages

<img class="crown_img" src="<?php echo esc_url( Onid_SAML_Utilities::onid_saml_get_plugin_dir_url() . '/images/crown.webp' ); ?>">






//////////////////////////////////////////////////////////////////////////////////////////////////

onid-saml-20-single-sign-on/class-onid-saml-utilities.php:945 <— 1
onid-saml-20-single-sign-on/class-onid-saml-login-validate.php:134-141 <— IdP generated, can’t hold nonce, 2, 3
onid-saml-20-single-sign-on/class-onid-saml-assertion.php:234 <— IdP generated, can’t hold nonce, 4
onid-saml-20-single-sign-on/class-onid-saml-assertion.php:295 <— IdP generated, can’t hold nonce, 5
onid-saml-20-single-sign-on/onid-saml-settings-page.php:209-211 <— IdP generated, can’t hold nonce, 6


//////////////////////////////////////////////////////////////////////////////////////////////////

<?php wp_nonce_field( 'onid-saml-sp-sso-login-form' ); ?>

//////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////

$nonce = wp_create_nonce('azione_personalizzata_nonce');
echo '<input type="hidden" name="onid_saml_nonce" value="' . esc_attr($nonce) . '">';

// Verifica che il nonce sia valido
if (!isset($_POST['onid_saml_nonce']) || !wp_verify_nonce($_POST['onid_saml_nonce'], 'azione_personalizzata_nonce')) {
    wp_die('Richiesta non valida!'); // Blocca la richiesta se il nonce non è valido
}



    //validate onid_saml_nonce
    if(wp_verify_nonce($response->onid_saml_get_nonce(), 'onid_saml_nonce') == true) {
        //error_log("onid_saml_process_response >>>> NONCE SUCCESSSSSSSSSSS!!!!");
    }
    else {
        //error_log("onid_saml_process_response >>>> NONCE FAIL");
        die("wp_verify_nonce fail");
    }
