/** * Save Force SSL option to post or page * * @param int $post_id * @return int $post_id */ public function post_save($post_id) { if (array_key_exists($this->getPlugin()->getSlug(), $_POST)) { if (!wp_verify_nonce($_POST[$this->getPlugin()->getSlug()], $this->getPlugin()->getSlug())) { return $post_id; } if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } if (@$_POST['post_type'] == 'page') { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } else { if (!current_user_can('edit_post', $post_id)) { return $post_id; } } $force_ssl = @$_POST['force_ssl'] == 1 ? true : false; if ($force_ssl) { update_post_meta($post_id, 'force_ssl', 1); } else { delete_post_meta($post_id, 'force_ssl'); } $force_ssl_children = @$_POST['force_ssl_children'] == 1 ? true : false; if ($force_ssl_children) { update_post_meta($post_id, 'force_ssl_children', 1); } else { delete_post_meta($post_id, 'force_ssl_children'); } } return $post_id; }
function generate_ryuzine_stylesheets() { // verify this came from the our screen and with proper authorization. if (!wp_verify_nonce($_POST['ryu_regenstyles_noncename'], 'ryuzine-regenstyles_install')) { return; } // Check permissions if (!current_user_can('administrator')) { echo "<div class='error'><p>Sorry, you do not have the correct priveledges to install the files.</p></div>"; return; } $my_query = null; $my_query = new WP_Query(array('post_type' => 'ryuzine')); if ($my_query->have_posts()) { while ($my_query->have_posts()) { $my_query->the_post(); $stylesheet = ""; $issuestyles = get_post_meta(get_the_ID(), '_ryustyles', false); if (!empty($issuestyles)) { foreach ($issuestyles as $appendstyle) { // If there are multiple ryustyles append them // $stylesheet = $stylesheet . $appendstyle; } } if ($stylesheet != "") { ryu_create_css($stylesheet, get_the_ID()); } } } // reset css check // // update_option('ryu_css_admin',0); wp_reset_query(); return; }
/** * When the post is saved, saves our custom data. * * @param int $post_id The ID of the post being saved. */ function perpageath_save_postdata($post_id) { /* * We need to verify this came from the our screen and with proper authorization, * because save_post can be triggered at other times. */ // Check if our nonce is set. if (!isset($_POST['athcontent'])) { return $post_id; } $nonce = $_POST['athcontent']; // Verify that the nonce is valid. if (!wp_verify_nonce($nonce, 'athcallback')) { return $post_id; } // If this is an autosave, our form has not been submitted, so we don't want to do anything. if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // Check the user's permissions. if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } else { if (!current_user_can('edit_post', $post_id)) { return $post_id; } } /* OK, its safe for us to save the data now. */ // Sanitize user input. $mydata = esc_sql(str_replace(array("\r\n", "\r", "\n"), '%BREAK%', $_POST['per-page-ath'])); // Update the meta field in the database. update_post_meta($post_id, 'per-page-ath-content', $mydata); }
function linkblog_save_post($post_id) { // Ignore if doing an autosave if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } // verify data came from the linkblog meta box if (!wp_verify_nonce($_POST['linkblog_noncename'], plugin_basename(__FILE__))) { return; } // Check user permissions if ('post' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return; } } else { if (!current_user_can('edit_post', $post_id)) { return; } } $linkblog_data = $_POST['linkblog_url']; if ($linkblog_data == "") { return; } else { update_post_meta($post_id, 'linkblog_url', $linkblog_data); } }
function ultimatum_meta_save_postdata( $post_id, $post ) { //echo '<pre>';print_r($_POST);die(); //* Verify the nonce if ( ! isset( $_POST[ 'ultimatum_additional_meta_nonce' ] ) || ! wp_verify_nonce( $_POST[ 'ultimatum_additional_meta_nonce' ], 'ultimatum_additional_meta' ) ) return; //* Don't try to save the data under autosave, ajax, or future post. if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) return; if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) return; if ( defined( 'DOING_CRON' ) && DOING_CRON ) return; //* Grab the post object $post = get_post( $post ); //* Don't save if WP is creating a revision (same as DOING_AUTOSAVE?) if ( 'revision' === $post->post_type ) return; //* Check that the user is allowed to edit the post if ( ! current_user_can( 'edit_post', $post->ID ) ) return; $mydata = $_POST['ultimatum_video']; update_post_meta($post->ID, 'ultimatum_video', $mydata); $mydata = $_POST['ultimatum_author']; update_post_meta($post->ID, 'ultimatum_author', $mydata); }
function comcon_meta_save() { global $post; $post_id = $post->ID; if (!isset($_POST['comcon-form-nonce']) || !wp_verify_nonce($_POST['comcon-form-nonce'], basename(__FILE__))) { return $post->ID; } $post_type = get_post_type_object($post->post_type); if (!current_user_can($post_type->cap->edit_post, $post_id)) { return $post->ID; } $input = array(); $input['position'] = isset($_POST['comcon-form-position']) ? $_POST['comcon-form-position'] : ''; $input['major'] = isset($_POST['comcon-form-major']) ? $_POST['comcon-form-major'] : ''; $input['order'] = str_pad($input['order'], 3, "0", STR_PAD_LEFT); foreach ($input as $field => $value) { $old = get_post_meta($post_id, 'comcon-form-' . $field, true); if ($value && '' == $old) { add_post_meta($post_id, 'comcon-form-' . $field, $value, true); } else { if ($value && $value != $old) { update_post_meta($post_id, 'comcon-form-' . $field, $value); } else { if ('' == $value && $old) { delete_post_meta($post_id, 'comcon-form-' . $field, $old); } } } } }
function submitAJAX() { // check noncee $nonce = $_POST['nonce']; if (!wp_verify_nonce($nonce, 'qb_ajax_nonce')) { echo json_encode(array('errors' => 'Invalid nonce; please try refreshing the page')); exit; } $form_name = $_POST['form_name']; /* Permissions levels: edit_posts = contributor publish_posts = author edit_pages = editor edit_users = admin */ //if ( current_user_can( 'publish_posts' ) ) { include_once TEMPLATEPATH . '/includes/' . $form_name . '.php'; // generate the response $response = json_encode($_POST); // response output header("Content-Type: application/json"); echo $response; //} exit; }
function tz_save_data_page($post_id) { global $meta_box_category; // verify nonce if (!isset($_POST['tz_meta_box_nonce']) || !wp_verify_nonce($_POST['tz_meta_box_nonce'], basename(__FILE__))) { return $post_id; } // check autosave if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // check permissions if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } elseif (!current_user_can('edit_post', $post_id)) { return $post_id; } foreach ($meta_box_category['fields'] as $field) { $old = get_post_meta($post_id, $field['id'], true); $new = $_POST[$field['id']]; if ($new && $new != $old) { update_post_meta($post_id, $field['id'], stripslashes(htmlspecialchars($new))); } elseif ('' == $new && $old) { delete_post_meta($post_id, $field['id'], $old); } } }
function admin_head() { // save if (isset($_POST['acf_options_page'])) { if (wp_verify_nonce($_POST['acf_options_page'], 'acf_options_page')) { do_action('acf_save_post', 'options'); $this->data['admin_message'] = __("Options Updated", 'acf'); } } // get field groups $filter = array(); $metabox_ids = array(); $metabox_ids = apply_filters('acf/location/match_field_groups', $metabox_ids, $filter); if (empty($metabox_ids)) { $this->data['no_fields'] = true; return false; } // Style echo '<style type="text/css">#side-sortables.empty-container { border: 0 none; }</style>'; // add user js + css do_action('acf_head-input'); // get acf's $acfs = $this->parent->get_field_groups(); if ($acfs) { foreach ($acfs as $acf) { // hide / show $show = in_array($acf['id'], $metabox_ids) ? 1 : 0; if ($show) { // add meta box add_meta_box('acf_' . $acf['id'], $acf['title'], array($this->parent->input, 'meta_box_input'), 'acf_options_page', $acf['options']['position'], 'high', array('fields' => $acf['fields'], 'options' => $acf['options'], 'show' => $show, 'post_id' => "options")); } } } }
/** * Save metabox data. * * @param int $post_id Current post type ID. * * @return void */ public function save($post_id) { // Verify nonce. if (!isset($_POST['wcboleto_metabox_nonce']) || !wp_verify_nonce($_POST['wcboleto_metabox_nonce'], basename(__FILE__))) { return $post_id; } // Verify if this is an auto save routine. if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // Check permissions. if ('shop_order' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } elseif (!current_user_can('edit_post', $post_id)) { return $post_id; } if (isset($_POST['wcboleto_expiration_date']) && !empty($_POST['wcboleto_expiration_date'])) { // Gets boleto data. $boleto_data = get_post_meta($post_id, 'wc_boleto_data', true); $boleto_data['data_vencimento'] = sanitize_text_field($_POST['wcboleto_expiration_date']); // Update boleto data. update_post_meta($post_id, 'wc_boleto_data', $boleto_data); // Gets order data. $order = new WC_Order($post_id); // Add order note. $order->add_order_note(sprintf(__('Expiration date updated to: %s', 'wcboleto'), $boleto_data['data_vencimento'])); // Send email notification. $this->email_notification($order, $boleto_data['data_vencimento']); } }
/** * Ajax handler for Admin Widget * * @return json|int */ function ajax_widget_reports() { global $GADASH_Config; if (!isset($_REQUEST['gadash_security_widget_reports']) or !wp_verify_nonce($_REQUEST['gadash_security_widget_reports'], 'gadash_get_widgetreports')) { wp_die(-30); } $projectId = $_REQUEST['projectId']; $from = $_REQUEST['from']; $to = $_REQUEST['to']; $query = $_REQUEST['query']; if (ob_get_length()) { ob_clean(); } $tools = new GADASH_Tools(); if (!$tools->check_roles($GADASH_Config->options['ga_dash_access_back']) or 0 == $GADASH_Config->options['dashboard_widget']) { wp_die(-31); } if ($GADASH_Config->options['ga_dash_token'] and $projectId and $from and $to) { include_once $GADASH_Config->plugin_path . '/tools/gapi.php'; global $GADASH_GAPI; } else { wp_die(-24); } $profile_info = $tools->get_selected_profile($GADASH_Config->options['ga_dash_profile_list'], $projectId); if (isset($profile_info[4])) { $GADASH_GAPI->timeshift = $profile_info[4]; } else { $GADASH_GAPI->timeshift = (int) current_time('timestamp') - time(); } $GADASH_GAPI->get($projectId, $query, $from, $to); }
/** * Save the custom Status, used when posting to an Fan Page's Timeline * * @since 1.0 * @param int $post_id post identifier */ public static function save($post_id) { // verify if this is an auto save routine. // If it is our form has not been submitted, so we dont want to do anything if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if (!isset($_POST[self::FIELD_MESSAGE]) || empty($_POST[self::NONCE_NAME]) || !wp_verify_nonce($_POST[self::NONCE_NAME], plugin_basename(__FILE__))) { return; } // Check permissions $post_type = get_post_type($post_id); if (!($post_type && post_type_supports($post_type, 'author'))) { return; } if (!class_exists('Facebook_Social_Publisher')) { require_once dirname(__FILE__) . '/social_publisher.php'; } $capability_singular_base = Facebook_Social_Publisher::post_type_capability_base($post_type); if (!current_user_can('edit_' . $capability_singular_base, $post_id)) { return; } $message = trim(sanitize_text_field($_POST[self::FIELD_MESSAGE])); if ($message) { update_post_meta($post_id, self::POST_META_KEY, $message); } }
public function user_can_save($post_id) { $is_valid_nonce = isset($_POST['tmj-post-notice-nonce']) && wp_verify_nonce($_POST['tmj-post-notice-nonce'], 'tmj-post-notice-save'); $is_autosave = wp_is_post_autosave($post_id); $is_revision = wp_is_post_revision($post_id); return !($is_autosave || $is_revision) && $is_valid_nonce; }
/** * Process Login Form * * @since 1.0 * @param array $data Data sent from the login form * @return void */ function edd_process_login_form($data) { if (wp_verify_nonce($data['edd_login_nonce'], 'edd-login-nonce')) { $user_data = get_user_by('login', $data['edd_user_login']); if (!$user_data) { $user_data = get_user_by('email', $data['edd_user_login']); } if ($user_data) { $user_ID = $user_data->ID; $user_email = $user_data->user_email; if (wp_check_password($data['edd_user_pass'], $user_data->user_pass, $user_data->ID)) { edd_log_user_in($user_data->ID, $data['edd_user_login'], $data['edd_user_pass']); } else { edd_set_error('password_incorrect', __('The password you entered is incorrect', 'edd')); } } else { edd_set_error('username_incorrect', __('The username you entered does not exist', 'edd')); } // Check for errors and redirect if none present $errors = edd_get_errors(); if (!$errors) { $redirect = apply_filters('edd_login_redirect', $data['edd_redirect'], $user_ID); wp_redirect($redirect); edd_die(); } } }
/** * Given we have a valid nonce we: * convert the legacy settings * update the settings in the db * delete the legacy settings * * @since 2.0.0 */ public function upgradeNotice() { if (isset($_GET['zm_alr_update_nonce']) && wp_verify_nonce($_GET['zm_alr_update_nonce'], 'zm_alr_do_update')) { $this->convertLegacySettingToQuilt(); $this->deleteLegacySettings(); } }
function save_newsletter($post_id) { // verify nonce if (!wp_verify_nonce($_POST['custom_meta_box_nonce'], basename(__FILE__))) { return $post_id; } // check autosave if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // check permissions if ('newsletter' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } elseif (!current_user_can('edit_post', $post_id)) { return $post_id; } $old = get_post_meta($post_id, "name", true); $new = $_POST["name"]; if ($new && $new != $old) { update_post_meta($post_id, "name", $new); } elseif ('' == $new && $old) { delete_post_meta($post_id, "name", $old); } }
public function metabox_save($post_id) { if (!isset($_POST[MI_PREFIX . 'meta_box_nonce'])) { return; } if (!wp_verify_nonce($_POST[MI_PREFIX . 'meta_box_nonce'], MI_PREFIX . 'meta_box')) { return; } if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } if (isset($_POST['post_type']) && 'page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return; } } else { if (!current_user_can('edit_post', $post_id)) { return; } } foreach ($_POST['metabox'] as $metabox_id) { foreach ($this->fields as $id => $field) { add_post_meta($post_id, MI_PREFIX . $id, $_POST[$id], true) or update_post_meta($post_id, MI_PREFIX . $id, $_POST[$id]); } } // foreach ( $_POST[ 'metabox' ] as $metabox_id ) { // if ( $this->boxes->$metabox_id->fields ) { // foreach ( $this->boxes->$metabox_id->fields as $id => $field ) { // add_post_meta( $post_id, MI_PREFIX . $id, $_POST[ $id ], true ) or update_post_meta( $post_id, MI_PREFIX . $id, $_POST[ $id ] ); // } // } // } }
/** * Save post hook */ public function save_slider_post($post_id) { global $cyclone_slider_saved_done; // Stop! We have already saved.. if ($cyclone_slider_saved_done) { return $post_id; } // Verify nonce $nonce_name = $this->nonce_name; if (!empty($_POST[$nonce_name])) { if (!wp_verify_nonce($_POST[$nonce_name], $this->nonce_action)) { return $post_id; } } else { return $post_id; // Make sure we cancel on missing nonce! } // Check autosave if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } // Assign POST data with array key checks $slides = isset($_POST['cycloneslider_metas']) ? $_POST['cycloneslider_metas'] : array(); $slider_settings = isset($_POST['cycloneslider_settings']) ? $_POST['cycloneslider_settings'] : array(); // Resize images $this->image_resizer->resize_images($slider_settings, $slides); // Save slides $this->add_slider_slides($post_id, $slides); // Save slider settings $this->add_slider_settings($post_id, $slider_settings); // Marked as done $cyclone_slider_saved_done = true; }
/** * Output the shortcode. * * @param array $atts */ public static function output($atts) { // Check cart class is loaded or abort if (is_null(WC()->cart)) { return; } extract(shortcode_atts(array(), $atts)); global $post; if (!empty($_REQUEST['orderid']) && isset($_POST['_wpnonce']) && wp_verify_nonce($_POST['_wpnonce'], 'woocommerce-order_tracking')) { $order_id = empty($_REQUEST['orderid']) ? 0 : esc_attr($_REQUEST['orderid']); $order_email = empty($_REQUEST['order_email']) ? '' : esc_attr($_REQUEST['order_email']); if (!$order_id) { echo '<p class="woocommerce-error">' . __('Please enter a valid order ID', 'woocommerce') . '</p>'; } elseif (!$order_email) { echo '<p class="woocommerce-error">' . __('Please enter a valid order email', 'woocommerce') . '</p>'; } else { $order = wc_get_order(apply_filters('woocommerce_shortcode_order_tracking_order_id', $order_id)); if ($order && $order->get_id() && $order_email) { if (strtolower($order->get_billing_email()) == strtolower($order_email)) { do_action('woocommerce_track_order', $order->get_id()); wc_get_template('order/tracking.php', array('order' => $order)); return; } } else { echo '<p class="woocommerce-error">' . sprintf(__('Sorry, we could not find that order ID in our database.', 'woocommerce'), get_permalink($post->ID)) . '</p>'; } } } wc_get_template('order/form-tracking.php'); }
function save_postdata() { $post_id = $_POST['post_ID']; foreach ($this->options as $option) { if (!wp_verify_nonce($_POST[$this->boxinfo['id'] . '_noncename'], plugin_basename(__FILE__))) { return $post_id; } //判断权限 if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } else { if (!current_user_can('edit_post', $post_id)) { return $post_id; } } //将预定义字符转换为html实体 $data = htmlspecialchars($_POST[$option['id']], ENT_QUOTES, "UTF-8"); if (get_post_meta($post_id, $option['id']) == "") { add_post_meta($post_id, $option['id'], $data, true); } elseif ($data != get_post_meta($post_id, $option['id'], true)) { update_post_meta($post_id, $option['id'], $data); } elseif ($data == "") { delete_post_meta($post_id, $option['id'], get_post_meta($post_id, $option['id'], true)); } } }
function wso_save_post($postid) { // ONLY FOR Press This !! if (isset($_POST['press-this']) && wp_verify_nonce($_POST['press-this'], 'press-this')) { wso_publish_post($postid); } }
public function delete_attachment() { global $json_api; if (!current_user_can('upload_files') && !current_user_can('delete_posts')) { $json_api->error("You do not have permission to delete files."); } //$json_api->error("Test 1 You do not have permission to delete files."); //return null; $nonce_id = $json_api->get_nonce_id('attachments', 'update_attachment'); if (!wp_verify_nonce($json_api->query->nonce, $nonce_id)) { //$json_api->error("Your 'nonce' value was incorrect. Use the 'get_nonce' API method."); } $id = $json_api->query->id !== null; if ($json_api->query->id !== null) { $id = (int) $json_api->query->id; } else { $json_api->error("Include 'id' or 'slug' var in your request."); } $force_delete = true; if ($json_api->query->force_delete !== null) { $force_delete = (bool) $json_api->query->force_delete; } $result = wp_delete_attachment($id, $force_delete); if ($result) { $successful = true; } else { $successful = false; } $result = array('post' => $result, 'deleted' => (bool) $successful); return $result; }
/** * Process the request * @todo Setting for reassigning user's posts */ public function process() { // Verify the security nonce and die if it fails if (!isset($_POST['wp_delete_user_accounts_nonce']) || !wp_verify_nonce($_POST['wp_delete_user_accounts_nonce'], 'wp_delete_user_accounts_nonce')) { wp_send_json(array('status' => 'fail', 'title' => __('Error!', 'wp-delete-user-accounts'), 'message' => __('Request failed security check.', 'wp-delete-user-accounts'))); } // Don't permit admins to delete their own accounts if (current_user_can('manage_options')) { wp_send_json(array('status' => 'fail', 'title' => __('Error!', 'wp-delete-user-accounts'), 'message' => __('Administrators cannot delete their own accounts.', 'wp-delete-user-accounts'))); } // Get the current user $user_id = get_current_user_id(); // Get user meta $meta = get_user_meta($user_id); // Delete user's meta foreach ($meta as $key => $val) { delete_user_meta($user_id, $key); } // Destroy user's session wp_logout(); // Delete the user's account $deleted = wp_delete_user($user_id); if ($deleted) { // Send success message wp_send_json(array('status' => 'success', 'title' => __('Success!', 'wp-delete-user-accounts'), 'message' => __('Your account was successfully deleted. Fair well.', 'wp-delete-user-accounts'))); } else { wp_send_json(array('status' => 'fail', 'title' => __('Error!', 'wp-delete-user-accounts'), 'message' => __('Request failed.', 'wp-delete-user-accounts'))); } }
function save_postdata($post_id) { // verify if this is an auto save routine. // If it is our form has not been submitted, so we dont want to do anything if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if (!wp_verify_nonce($_POST['aceelpress_noncename'], plugin_basename(__FILE__))) { return; } // Check permissions if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return; } } else { if (!current_user_can('edit_post', $post_id)) { return; } } // OK, we're authenticated: we need to find and save the data $l = new Language(); if (!($languageIDs = $_POST[$l->getFormName()])) { return; } foreach ($languageIDs as $lid => $val) { add_post_meta($post_id, 'accelpress_language_' . $lid, $val, true) or update_post_meta($post_id, 'accelpress_language_' . $lid, $val); } }
function ajax_callback() { $_REQUEST = array_filter($_REQUEST); //print_r($_REQUEST); if (!wp_verify_nonce($_REQUEST['nonce'], 'convertToRedux' . $this->framework)) { //die(); } if (isset($_REQUEST['download'])) { header("Content-Type: application/octet-stream"); header("Content-Transfer-Encoding: Binary"); header("Pragma: no-cache"); header("Expires: 0"); header("Content-disposition: attachment; filename=\"ReduxFramework.config.php\""); } else { header("Content-Type: text/plain"); } $_REQUEST['uuid'] = uniqid($_REQUEST['nonce']); $_REQUEST['sections'] = $this->getSections(); if (!empty($_REQUEST['sections'])) { $_REQUEST['sections'] = $this->converter->objectToHTML($_REQUEST['sections']); echo $this->converter->getConfigFile($_REQUEST); } die; // this is required to return a proper result }
static function savePost($post_id) { // verify if this is an auto save routine. // If it is our form has not been submitted, so we dont want to do anything if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if (!isset($_POST[__CLASS__ . '_noncename'])) { return; } if (!wp_verify_nonce($_POST[__CLASS__ . '_noncename'], 'save_' . __CLASS__)) { return; } // Check permissions if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return; } } else { if (!current_user_can('edit_post', $post_id)) { return; } } // OK, we're authenticated: we need to find and save the data if (isset($_POST[__CLASS__])) { foreach ($_POST[__CLASS__] as $meta_key => $value) { update_post_meta($post_id, $meta_key, $value); } } }
function art_save_postdata($post_id) { // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if (!wp_verify_nonce($_POST['art-direction-nonce'], plugin_basename(__FILE__))) { return $post_id; } if ('page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return $post_id; } } else { if (!current_user_can('edit_post', $post_id)) { return $post_id; } } // OK, we're authenticated: we need to find and save the data delete_post_meta($post_id, 'art_direction_single'); delete_post_meta($post_id, 'art_direction_global'); if (trim($_POST['single-code']) != '') { add_post_meta($post_id, 'art_direction_single', stripslashes($_POST['single-code'])); } if (trim($_POST['global-code']) != '') { add_post_meta($post_id, 'art_direction_global', stripslashes($_POST['global-code'])); return true; } }
function comber_login_guest() { if (isset($_POST['comber_user_login']) && wp_verify_nonce($_POST['comber_login_nonce'], 'comber-login-nonce')) { // this returns the user ID and other info from the user name $user = get_userdatabylogin($_POST['comber_user_login']); if (!$user) { // if the user name doesn't exist comber_errors()->add('empty_username', __('Invalid username')); } if (!isset($_POST['comber_user_pass']) || $_POST['comber_user_pass'] == '') { // if no password was entered comber_errors()->add('empty_password', __('Please enter a password')); } // check the user's login with their password if (!wp_check_password($_POST['comber_user_pass'], $user->user_pass, $user->ID)) { // if the password is incorrect for the specified user comber_errors()->add('empty_password', __('Incorrect password')); } // retrieve all error messages $errors = comber_errors()->get_error_messages(); // only log the user in if there are no errors if (empty($errors)) { wp_setcookie($_POST['comber_user_login'], $_POST['comber_user_pass'], true); wp_set_current_user($user->ID, $_POST['comber_user_login']); do_action('wp_login', $_POST['comber_user_login']); wp_redirect(home_url($_POST['current_page'])); exit; } else { wp_redirect(home_url($_POST['current_page'] . '/?login=true&fail=true')); exit; } } }
/** * Save post custom fields * * This function is attached to the 'pre_post_update' action hook. * * @since 1.0.0 */ public function pre_post_update($post_id) { if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return; } // Check if quick edit if (!empty($_POST['_inline_edit']) && wp_verify_nonce($_POST['_inline_edit'], 'inlineeditnonce')) { return; } if (!empty($_POST['bavotasan_nonce']) && !wp_verify_nonce($_POST['bavotasan_nonce'], 'bavotasan_nonce')) { return; } if (!empty($_POST['post_type']) && 'page' == $_POST['post_type']) { if (!current_user_can('edit_page', $post_id)) { return; } } else { if (!current_user_can('edit_post', $post_id)) { return; } } $alignment = empty($_POST['bavotasan_home_page_alignment']) ? '' : $_POST['bavotasan_home_page_alignment']; if ($alignment) { update_post_meta($post_id, 'bavotasan_home_page_alignment', $alignment); } else { delete_post_meta($post_id, 'bavotasan_home_page_alignment'); } $layout = empty($_POST['bavotasan_single_layout']) ? '' : $_POST['bavotasan_single_layout']; if ($layout) { update_post_meta($post_id, 'bavotasan_single_layout', $layout); } else { delete_post_meta($post_id, 'bavotasan_single_layout'); } }
/** * Create new slider by type * * @since 1.0.0 */ public function create_new_slider() { header("Content-Type: application/json"); // verify nonce if (!isset($_POST['nonce']) || !wp_verify_nonce($_POST['nonce'], "msp_panel")) { echo json_encode(array('success' => false, 'message' => __("Authorization failed!", 'master-slider'))); exit; } // ignore the request if the current user doesn't have sufficient permissions if (!current_user_can('create_masterslider') && !current_user_can('publish_masterslider')) { echo json_encode(array('success' => false, 'message' => apply_filters('masterslider_create_slider_permissions_message', __("Sorry, You don't have enough permission to create slider!", 'master-slider')))); exit; } ///////////////////////////////////////////////////////////////////////////////////////// // Get the slider id $slider_type = isset($_REQUEST['slider_type']) ? $_REQUEST['slider_type'] : ''; // Get new slider id global $mspdb; $slider_id = $mspdb->add_slider(array('status' => 'draft', 'type' => $slider_type)); // create and output the response if (false !== $slider_id) { $response = json_encode(array('success' => true, 'slider_id' => $slider_id, 'redirect' => admin_url('admin.php?page=' . MSWP_SLUG . '&action=edit&slider_id=' . $slider_id . '&slider_type=' . $slider_type), 'message' => __("Slider Created Successfully.", 'master-slider'))); } else { $response = json_encode(array('success' => true, 'slider_id' => '', 'redirect' => '', message => __("Slider can not be created.", 'master-slider'))); } echo $response; exit; // IMPORTANT }