WordPress.org

Ready to get started?Download WordPress

Forums

can i save my data more conveniently (2 posts)

  1. gavimobile
    Member
    Posted 1 year ago #

    hi i just finished reading the codex section for sub menus
    link to codex. assuming there is NO field limitation for example:
    <?php if (empty($_POST['my_field'])){ echo 'print error msg'; } ?> I would really like to know if im doing this properly. how would you folks do it with less code and more security. i dont know if wordpress even escapes these $_POST fields. let me know what you think! thanks in advance

    <?php
    	//must check that the user has the required capability
    	if (!current_user_can('manage_options')){
    		wp_die(__('You do not have sufficient permissions to access this page.'));
    	}
    
    	// See if the user has posted us some information
    	// If they did, this hidden field will be set to 'Y'
    	if (isset($_POST['submit_hidden_color']) && $_POST['submit_hidden_color'] == 'Y'){
    		$field1 = $_POST['favorite_color'];
    		// Save the posted value in the database
    		update_option('favorite_color', $field1);
    	}else{
    		$field1 = get_option('favorite_color');
    	}
    	if (isset($_POST['submit_hidden_car']) && $_POST['submit_hidden_car'] == 'Y'){
    		$field2 = $_POST['favorite_car'];
    		// Save the posted value in the database
    		update_option('favorite_car', $field2);
    	}else{
    		$field2 = get_option('favorite_car');
    	}
    
    	if (isset($_POST['Submit'])){
            // Put a settings updated message on the screen
    		echo '<div class="updated"><p><strong>';
    		_e('settings saved.', 'mpc-products-settings-page');
    		echo '</strong></p></div>';
    	}
    
    	// Now display the settings editing screen
    	echo '<div class="wrap">';
    		// header
    		echo '<h2>' . __('Menu Test Plugin Settings', 'mpc-products-settings-page') . '</h2><div id="icon-options-general" class="icon32"><br></div>';
    		// settings form
    ?>
    		<form name="form1" method="post" action="">
                <input type="hidden" name="submit_hidden_color" value="Y">
                <p><?php _e("Favorite Color:", 'mpc-products-settings-page' ); ?>
                <input type="text" name="favorite_color" value="<?php echo $field1; ?>" size="20">
                </p>
    
                <input type="hidden" name="submit_hidden_car" value="Y">
                <p><?php _e("Favorite Car:", 'mpc-products-settings-page' ); ?>
                <input type="text" name="favorite_car" value="<?php echo $field2; ?>" size="20">
                </p>
    
                <hr />
                <p class="submit">
                <input type="submit" name="Submit" class="button-primary" value="<?php esc_attr_e('Save Changes') ?>" />
                </p>
    		</form>
    	</div>
  2. gavimobile
    Member
    Posted 1 year ago #

    as i was continuing with my reading, it seems im going to need to use an array. also, only 1 hidden field is required. wasnt sure what its purpose was untill now. maybe someone can show me a better example of this as an array! it would help me understand it better. also i would still like to know about if i need to do any kind of escaping.

    thanks

Topic Closed

This topic has been closed to new replies.

About this Topic