How to call WordPress functions from a form processing script
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty{ margin-bottom:0;
}
up vote
2
down vote
favorite
I'm working on a plugin which submits data via a form from a custom admin page. This is a simplified version of my form:
<form action="<?php echo plugin_dir_path(); ?>/process.php" method="post">
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
The form is inside my main php file for the plugin, so it has access to all the WordPress functions like the plugin_dir_path() I called above.
However when the user clicks the "submit" button, and the $_POST variable is submitted to the "process.php" script, I lose access to all the WordPress functions in that process script.
I searched how to add WordPress functions into external scripts and I saw this question: How can I call WordPress core functions in external scripts?
The answer provided is that I include this line of code at the top of my processing script:
require_once("wp-load.php");
However when I do the "wp-load.php" is appended to the end of the current url which results in a 404 type error. I can't use the "get_site_directory()" function to point to the main WordPress install directory because it's a WordPress function.
How can I make this work? Is there an action hook I should be using to submit the form vs my own custom submit button?
functions forms
add a comment |
up vote
2
down vote
favorite
I'm working on a plugin which submits data via a form from a custom admin page. This is a simplified version of my form:
<form action="<?php echo plugin_dir_path(); ?>/process.php" method="post">
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
The form is inside my main php file for the plugin, so it has access to all the WordPress functions like the plugin_dir_path() I called above.
However when the user clicks the "submit" button, and the $_POST variable is submitted to the "process.php" script, I lose access to all the WordPress functions in that process script.
I searched how to add WordPress functions into external scripts and I saw this question: How can I call WordPress core functions in external scripts?
The answer provided is that I include this line of code at the top of my processing script:
require_once("wp-load.php");
However when I do the "wp-load.php" is appended to the end of the current url which results in a 404 type error. I can't use the "get_site_directory()" function to point to the main WordPress install directory because it's a WordPress function.
How can I make this work? Is there an action hook I should be using to submit the form vs my own custom submit button?
functions forms
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I'm working on a plugin which submits data via a form from a custom admin page. This is a simplified version of my form:
<form action="<?php echo plugin_dir_path(); ?>/process.php" method="post">
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
The form is inside my main php file for the plugin, so it has access to all the WordPress functions like the plugin_dir_path() I called above.
However when the user clicks the "submit" button, and the $_POST variable is submitted to the "process.php" script, I lose access to all the WordPress functions in that process script.
I searched how to add WordPress functions into external scripts and I saw this question: How can I call WordPress core functions in external scripts?
The answer provided is that I include this line of code at the top of my processing script:
require_once("wp-load.php");
However when I do the "wp-load.php" is appended to the end of the current url which results in a 404 type error. I can't use the "get_site_directory()" function to point to the main WordPress install directory because it's a WordPress function.
How can I make this work? Is there an action hook I should be using to submit the form vs my own custom submit button?
functions forms
I'm working on a plugin which submits data via a form from a custom admin page. This is a simplified version of my form:
<form action="<?php echo plugin_dir_path(); ?>/process.php" method="post">
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
The form is inside my main php file for the plugin, so it has access to all the WordPress functions like the plugin_dir_path() I called above.
However when the user clicks the "submit" button, and the $_POST variable is submitted to the "process.php" script, I lose access to all the WordPress functions in that process script.
I searched how to add WordPress functions into external scripts and I saw this question: How can I call WordPress core functions in external scripts?
The answer provided is that I include this line of code at the top of my processing script:
require_once("wp-load.php");
However when I do the "wp-load.php" is appended to the end of the current url which results in a 404 type error. I can't use the "get_site_directory()" function to point to the main WordPress install directory because it's a WordPress function.
How can I make this work? Is there an action hook I should be using to submit the form vs my own custom submit button?
functions forms
functions forms
edited Nov 18 at 9:00
Krzysiek Dróżdż
12.8k52637
12.8k52637
asked Nov 18 at 7:38
YAHsaves
1134
1134
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
5
down vote
accepted
You should never post anything to plugins files directly. It's almost always a security flaw and it prevents site owner from hardening the site properly (in perfect situation no requests to PHP files inside wp-content
should be necessary at all)
Good practice is that you use admin_post
actions... (similar to admin_ajax
).
So your form should look like so:
<form action="<?php echo esc_attr('admin-post.php'); ?>" method="post">
<input type="hidden" name="action" value="my_action" />
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
And then in your plugin you add your action method:
add_action( 'admin_post_my_action', 'prefix_admin_my_action' );
add_action( 'admin_post_nopriv_my_action', 'prefix_admin_add_foobar' );
function prefix_admin_my_action() {
// Handle request then generate response using echo or leaving PHP and using HTML
}
PS. It's always a good idea to include some nonces inside that form too.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
5
down vote
accepted
You should never post anything to plugins files directly. It's almost always a security flaw and it prevents site owner from hardening the site properly (in perfect situation no requests to PHP files inside wp-content
should be necessary at all)
Good practice is that you use admin_post
actions... (similar to admin_ajax
).
So your form should look like so:
<form action="<?php echo esc_attr('admin-post.php'); ?>" method="post">
<input type="hidden" name="action" value="my_action" />
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
And then in your plugin you add your action method:
add_action( 'admin_post_my_action', 'prefix_admin_my_action' );
add_action( 'admin_post_nopriv_my_action', 'prefix_admin_add_foobar' );
function prefix_admin_my_action() {
// Handle request then generate response using echo or leaving PHP and using HTML
}
PS. It's always a good idea to include some nonces inside that form too.
add a comment |
up vote
5
down vote
accepted
You should never post anything to plugins files directly. It's almost always a security flaw and it prevents site owner from hardening the site properly (in perfect situation no requests to PHP files inside wp-content
should be necessary at all)
Good practice is that you use admin_post
actions... (similar to admin_ajax
).
So your form should look like so:
<form action="<?php echo esc_attr('admin-post.php'); ?>" method="post">
<input type="hidden" name="action" value="my_action" />
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
And then in your plugin you add your action method:
add_action( 'admin_post_my_action', 'prefix_admin_my_action' );
add_action( 'admin_post_nopriv_my_action', 'prefix_admin_add_foobar' );
function prefix_admin_my_action() {
// Handle request then generate response using echo or leaving PHP and using HTML
}
PS. It's always a good idea to include some nonces inside that form too.
add a comment |
up vote
5
down vote
accepted
up vote
5
down vote
accepted
You should never post anything to plugins files directly. It's almost always a security flaw and it prevents site owner from hardening the site properly (in perfect situation no requests to PHP files inside wp-content
should be necessary at all)
Good practice is that you use admin_post
actions... (similar to admin_ajax
).
So your form should look like so:
<form action="<?php echo esc_attr('admin-post.php'); ?>" method="post">
<input type="hidden" name="action" value="my_action" />
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
And then in your plugin you add your action method:
add_action( 'admin_post_my_action', 'prefix_admin_my_action' );
add_action( 'admin_post_nopriv_my_action', 'prefix_admin_add_foobar' );
function prefix_admin_my_action() {
// Handle request then generate response using echo or leaving PHP and using HTML
}
PS. It's always a good idea to include some nonces inside that form too.
You should never post anything to plugins files directly. It's almost always a security flaw and it prevents site owner from hardening the site properly (in perfect situation no requests to PHP files inside wp-content
should be necessary at all)
Good practice is that you use admin_post
actions... (similar to admin_ajax
).
So your form should look like so:
<form action="<?php echo esc_attr('admin-post.php'); ?>" method="post">
<input type="hidden" name="action" value="my_action" />
<input type="text" name="keyName">
<input type="submit" value="Update">
</form>
And then in your plugin you add your action method:
add_action( 'admin_post_my_action', 'prefix_admin_my_action' );
add_action( 'admin_post_nopriv_my_action', 'prefix_admin_add_foobar' );
function prefix_admin_my_action() {
// Handle request then generate response using echo or leaving PHP and using HTML
}
PS. It's always a good idea to include some nonces inside that form too.
answered Nov 18 at 8:56
Krzysiek Dróżdż
12.8k52637
12.8k52637
add a comment |
add a comment |
Thanks for contributing an answer to WordPress Development Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwordpress.stackexchange.com%2fquestions%2f319546%2fhow-to-call-wordpress-functions-from-a-form-processing-script%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown