WordPress.org

Ready to get started?Download WordPress

Forums

Bootstrap admin (Incl. auth) to generate image data (3 posts)

  1. Lee Willis
    Member
    Posted 4 years ago #

    As part of a plugin I'm developing I want to query the database and generate some image data based on that. I have the code to do that - however I need to make sure that the script can only be called by a logged in, authenticated admin user.

    If I call the script via the standard wp-admin/index.php it sets headers, and outputs a bunch of HTML which I don't want/need.

    Ideally I'm looking for either:
    - A minimal code snippet that bootstraps the right files to give me $wpdb, config settings etc. and be able to check/know that the user is a logged in admin so I can include the code in my script and reference it directly (E.g. <img src="http://www.foo.com/wp-content/plugins/my_plugin/generate_image.php">)
    - An alternative to wp-admin/index.php that contains the above code so I can call my script through that (Something like <img src="/wp-admin/index-bare.php?page=my_plugin">)

  2. Lee Willis
    Member
    Posted 4 years ago #

    I'm not sure if this is the best way of achieving this, however what I've ended up doing is using admin-ajax.php, e.g.

    <img src="/wp-admin/admin-ajax.php?action=ses_wpscd_sales_graph">

    Then registering an action in my code as follows to a function to actually generate the image data:

    add_action('wp_ajax_ses_wpscd_sales_graph','ses_wpscd_sales_graph');

    While this seems to work I'm a bit concerned that this isn't really a supported way to use admin-ajax.php so I'm still on the lookout or something better if anyone has any ideas?

  3. Stefan
    Member
    Posted 3 years ago #

    Hi leewillis77,

    I just found your question while searching for something similar. The solution I found (on adrogen) was working fine:

    require('<path-to>/wp-config.php');
    $wp->init();
    $wp->parse_request();
    $wp->query_posts();
    $wp->register_globals();

    Afterwards you can check for admin:

    if (!is_super_admin()) {
     die('No admin, no luck!');
    }

    (You cannot use is_admin(), because that checks if the script is used inside the administration panel, which is not the case).

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.