admin管理员组

文章数量:1336660

I am creating a solution to enable front end editing of custom fields, I am using hidden input containing the custom field to send via POST request to an editing form, the form contains default value in the form of shortcodes to render the correct $_POST received.

I am using an attribute to choose which $_POST to render in each shortcode, [Edit_Field Field="Email_1"] should output $_POST for email 1 (Sent from the previous page via post request and hidden input]

function Edit_field($atts){
     extract(shortcode_atts(array(
                  'Field' => '',
               ), $atts));
               
    if($Field == 'Email_1'){
   return $_POST['Edit_Email_1'];}
   
   if($Field == 'Client_Description'){
   return $_POST['Edit_Client_Description'];}
}
add_shortcode('Edit_field', 'Edit_field');

The input HTML:

<input type="hidden" name="Edit_Email_1">Value to be sent</input>

On the front end I am anticipating to use:

[Edit_Field Field="Email_1"]

Is there anything special for dealing with $_POST in this case?

Many thanks in advance,

I am creating a solution to enable front end editing of custom fields, I am using hidden input containing the custom field to send via POST request to an editing form, the form contains default value in the form of shortcodes to render the correct $_POST received.

I am using an attribute to choose which $_POST to render in each shortcode, [Edit_Field Field="Email_1"] should output $_POST for email 1 (Sent from the previous page via post request and hidden input]

function Edit_field($atts){
     extract(shortcode_atts(array(
                  'Field' => '',
               ), $atts));
               
    if($Field == 'Email_1'){
   return $_POST['Edit_Email_1'];}
   
   if($Field == 'Client_Description'){
   return $_POST['Edit_Client_Description'];}
}
add_shortcode('Edit_field', 'Edit_field');

The input HTML:

<input type="hidden" name="Edit_Email_1">Value to be sent</input>

On the front end I am anticipating to use:

[Edit_Field Field="Email_1"]

Is there anything special for dealing with $_POST in this case?

Many thanks in advance,

  • plugins
  • plugin-development
  • functions
  • theme-development
  • shortcode
Share Improve this question edited Jul 26, 2020 at 16:55 Ali Hamdan asked Jul 26, 2020 at 16:43 Ali HamdanAli Hamdan 791 silver badge5 bronze badges 0
Add a comment  | 

1 Answer 1

Reset to default 1

Is there anything special for dealing with $_POST in this case?

Maybe, if you can elaborate more on what you mean by "special"?

But as with other PHP arrays, you should always check if the POST variable is actually set before attempting to use it:

// Example for the Edit_Email_1 input:
if ( isset( $_POST['Edit_Email_1'] ) ) {
    return $_POST['Edit_Email_1'];
}

Secondly, you should also escape the value just as with any user-supplied or untrusted data, e.g. using esc_html() or absint() if the input should be a (non-negative) number, or esc_attr() if the value is to be displayed in a form field like <input>.

So for the above reason, you might want to add a context attribute to your shortcode which will determine whether the value should be escaped, sanitized or returned as-is (i.e. raw/unchanged).

On the front end I am anticipating to use:

[Edit_Field Field="Email_1"]

Yes, you can do so, but you should know that:

  1. Shortcodes are case-sensitive, so you should:

    • Use [Edit_field Field="Email_1"]

    • And not [Edit_Field Field="Email_1"]


    Because you defined the shortcode as add_shortcode('Edit_field', 'Edit_field'); — note the first Edit_field, where the f is in lowercase.

  2. WordPress converts the shortcode attributes (i.e. the attribute name) to lowercase, so the $Field in your Edit_field() function will be empty and you should use $field instead along with 'field' => '' in your shortcode_atts() array.

However, please just avoid using extract() and use the $atts instead to access the shortcode attributes:

Note: I've applied the context attribute in this function.

function Edit_field( $atts ) {
    // Don't use extract().
    $atts = shortcode_atts( array(
        'field'   => '',
        'context' => 'view',
    ), $atts );

    if ( $atts['field'] == 'Email_1' && isset( $_POST['Edit_Email_1'] ) ) {
        return ( 'edit' === $atts['context'] ) ?
            esc_attr( $_POST['Edit_Email_1'] ) :
            esc_html( $_POST['Edit_Email_1'] );
    }

    if ( $atts['field'] == 'Client_Description' && isset( $_POST['Edit_Client_Description'] ) ) {
        return ( 'edit' === $atts['context'] ) ?
            esc_attr( $_POST['Edit_Client_Description'] ) :
            esc_html( $_POST['Edit_Client_Description'] );
    }

    // Shortcodes should always return something.
    return ''; // .. even if it's an empty string.
}

And because the attribute names are lowercased, then just use lowercase in the shortcode like so:

<p>[Edit_field field="Email_1"]</p>
<p>[Edit_field field="Client_Description"]</p>

<input value='[Edit_field field="Email_1" context="edit"]'>
<input value='[Edit_field field="Client_Description" context="edit"]'>

本文标签: pluginsShortcode Attributes to Return different POST

版权声明:本文标题:plugins - Shortcode Attributes to Return different $_POST 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742230342a2437107.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。