admin管理员组

文章数量:1319477

I am workin on a plugin (for use on my own site). I recently added a button to the admin page that generates some text, and it works fine. This is what I use (pilfered from examples):

if (!current_user_can('manage_options'))  {
  wp_die( __('You do not have sufficient galooph to access this page.')    );
}

if ($_POST['plugin_button'] == 'thing' && check_admin_referer('thing_button_clicked')) {
  plugin_thing_button();
}
echo '<form action="options-general.php?page=plugin-list" method="post">';

wp_nonce_field('thing_button_clicked');
echo '<input type="hidden" value="thing" name="plugin_button" />';
submit_button('Generate new thing');

echo '</form>';

This works fine and calls the function as it should.

Now I want a second button to do something completely unrelated.

Here is what I tried, basically copying from above:

if (!current_user_can('manage_options'))  {
  wp_die( __('You do not have sufficient galooph to access this page.')    );
}

if ($_POST['plugin_button'] == 'thing' && check_admin_referer('thing_button_clicked')) {
  plugin_thing_button();
}
if ($_POST['plugin_button2'] == 'thing2' && check_admin_referer('thing2_button_clicked')) {
  plugin_thing2_button();
}
echo '<form action="options-general.php?page=plugin-list" method="post">';

wp_nonce_field('thing_button_clicked');
echo '<input type="hidden" value="thing" name="plugin_button" />';
submit_button('Generate new thing');

wp_nonce_field('thing2_button_clicked');
echo '<input type="hidden" value="thing2" name="plugin_button2" />';
submit_button('Generate new new thing');

echo '</form>';

The code for 2 buttons returns "The link you followed has expired." for both buttons, i.e. the one that worked alone does not work either now.

Where is my mistake? Thank you in advance!

I am workin on a plugin (for use on my own site). I recently added a button to the admin page that generates some text, and it works fine. This is what I use (pilfered from examples):

if (!current_user_can('manage_options'))  {
  wp_die( __('You do not have sufficient galooph to access this page.')    );
}

if ($_POST['plugin_button'] == 'thing' && check_admin_referer('thing_button_clicked')) {
  plugin_thing_button();
}
echo '<form action="options-general.php?page=plugin-list" method="post">';

wp_nonce_field('thing_button_clicked');
echo '<input type="hidden" value="thing" name="plugin_button" />';
submit_button('Generate new thing');

echo '</form>';

This works fine and calls the function as it should.

Now I want a second button to do something completely unrelated.

Here is what I tried, basically copying from above:

if (!current_user_can('manage_options'))  {
  wp_die( __('You do not have sufficient galooph to access this page.')    );
}

if ($_POST['plugin_button'] == 'thing' && check_admin_referer('thing_button_clicked')) {
  plugin_thing_button();
}
if ($_POST['plugin_button2'] == 'thing2' && check_admin_referer('thing2_button_clicked')) {
  plugin_thing2_button();
}
echo '<form action="options-general.php?page=plugin-list" method="post">';

wp_nonce_field('thing_button_clicked');
echo '<input type="hidden" value="thing" name="plugin_button" />';
submit_button('Generate new thing');

wp_nonce_field('thing2_button_clicked');
echo '<input type="hidden" value="thing2" name="plugin_button2" />';
submit_button('Generate new new thing');

echo '</form>';

The code for 2 buttons returns "The link you followed has expired." for both buttons, i.e. the one that worked alone does not work either now.

Where is my mistake? Thank you in advance!

Share Improve this question edited Oct 15, 2020 at 13:12 Dominic Bender asked Oct 15, 2020 at 9:56 Dominic BenderDominic Bender 133 bronze badges 6
  • If it doesn't do what you expect, what does it do instead? How does it fail? – Tom J Nowell Commented Oct 15, 2020 at 10:41
  • Sorry, forgot to mention that. The code for 2 buttons returns "The link you followed has expired." for both buttons, i.e. the one that worked alone does not work either. Added it above. – Dominic Bender Commented Oct 15, 2020 at 13:11
  • 1 hmmm there's nothing in your code that has that message, what does the implementation of plugin_thing_button look like? I notice your buttons share the same <form> tag so technically both buttons are submitted regardless of which one was pressed – Tom J Nowell Commented Oct 15, 2020 at 13:28
  • plugin_thing_button generates a piece of text and writes it into a logfile. I need to try putting them in different forms later! I assumed that "The link you followed has expired." must be coming from Wordpress since that line appears nowhere in my code. – Dominic Bender Commented Oct 15, 2020 at 15:50
  • it might be, I suspect the nonce handling, and that you have made calls to certain APIs, but I cannot be sure as you still haven't shared the contents of those functions. Remember, it's not the button you're submitting, it's the form and everything it contains – Tom J Nowell Commented Oct 15, 2020 at 17:37
 |  Show 1 more comment

2 Answers 2

Reset to default 0

I think I've solved the problem, there are 2 issues:

  1. You have 1 form for both buttons, submitting means submitting the entire form, so both buttons are submitted
  2. Your nonce/referrer checks appear to be incomplete

The second item is why you're having issues, although server time issues could also factor in.

If we inspect your nonce and check closer:


...

check_admin_referer('thing_button_clicked')

...

wp_nonce_field('thing_button_clicked');

Notice that they only use the first parameter which is the action. They do not specify the name. This means that when you use wp_nonce_field, it will default too _nonce, resulting in <input type="hidden" name="_nonce"... which is a problem when you have 2 nonces.

So specify the second parameter, or switch to a singular nonce

Thanks to Tom J Nowell, I found the solution. The problem was putting both buttons in the same . This fixed it:

echo '<form action="options-general.php?page=plugin-list" method="post">';
wp_nonce_field('thing_button_clicked');
echo '<input type="hidden" value="thing" name="plugin_button" />';
submit_button('Generate new thing');
echo '</form>';

echo '<form action="options-general.php?page=plugin-list" method="post">';
wp_nonce_field('thing2_button_clicked');
echo '<input type="hidden" value="thing2" name="plugin_button2" />';
submit_button('Generate new new thing');
echo '</form>';

(I hope this is the right way to go about this! And thank you again, Tom!)

本文标签: One button on admin page works but not two