I am creating a custom plugin for user registration with the following steps:
A function to create my HTML form fields
function render_registration_form() {
ob_start();
...
<input type="hidden" id="register_nonce" name="register_nonce" value="<?php wp_create_nonce('generate-nonce'); ?>" />
//Above line does not create a nonce at all
...
return ob_get_clean();
}
A function to use as shortcode to display the above form
function custom_user_registration_form() {
//Render registration form only if user is not logged in already!
if(!is_user_logged_in()) {
$registration_enabled = get_option('users_can_register');
if($registration_enabled) {
$output = render_registration_form(); (written above)
} else {
$output = __('User registration is not enabled');
}
return $output;
} else {
return _e('You are already logged in!');
}
}
add_shortcode('register-user', 'custom_user_registration_form');
A function to validate and add a new user along with meta to the database:
function validate_and_create_user() {
if(isset($_POST['txt_username']) && wp_verify_nonce($_POST['register_nonce'], 'register-nonce')) {
$user_data = array(
'user_login' => $loginid,
'user_pass' => $password,
'user_nicename' => $first_name,
'display_name' => $first_name . ' ' . $last_name,
'user_email' => $email,
'first_name' => $first_name,
'last_name' => $last_name,
'user_registered' => date('Y-m-d H:i:s'),
'role' => 'subscriber'
);
$new_user_id = wp_insert_user($user_data);
...
}
add_action('init', 'validate_and_create_user');
Since no nonce value is getting created inside the form the check wp_verify_nonce($_POST['register_nonce'], 'register-nonce') always fails and no user data is getting saved in the database.
According to https://codex.wordpress.org/Pluggable_Functions
Pluggable functions are no longer being added to WordPress core. All new functions instead use filters on their output to allow for similar overriding of their functionality.
I am new to WordPress. Don't have any idea about how to solve this! Any help would greatly help me.
Try This:
wp_nonce_field('register_nonce');
in the place of input.
And for retrieving nonce use following
$retrieved_nonce = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($retrieved_nonce, 'register_nonce')) die( 'Failed security check' );
Related
I'm building a WordPress Page for course registration. All I want the plugin to do is send the filled in form details to my email ID and send an email to the user that he/she has successfully registered for the course. I don't need users to signup with username and password.
I've tried my luck with WP Forms but it only seems to have the option to forward the email to me and not the user.
Any suggestion on which plugin I should use?
As #Hughes mentioned, you cant use wpcf7, and just hook on it to insert custom post on every query.
// Hook on wpcf7
add_filter( 'wpcf7_mail_components', 'do_on_cf7_submit', 50, 2 );
function do_on_cf7_submit($mail_params, $form = null) {
// Empty post content
$content = '';
// set post content if field not empty
if ($_POST['field-name'] != '') {
$content .= 'Field Name Label: '.$_POST['field-name'] ;
}
// insert post if content not epmty
if ($content != '') {
insertQueryPost($_POST['email'], $content);
}
// allow cf7 to do his stuff
return $mail_params;
}
// insert custom post type "query", don't forget to setup your custom post type first
function insertQueryPost($title, $content) {
// insted of proper post slug, just make a hashed slug, when setting custom post type, set it to not public and not search-able
$t = time();
$thash = md5($t);
$my_query = array(
'post_title' => wp_strip_all_tags( $title ),
'post_content' => $content,
'post_type' => 'query',
'post_name' => $thash,
'post_status' => 'publish',
'post_author' => 1
);
$data = wp_insert_post( $my_query );
}
So, here's my code so far:
add_action( 'rest_api_init', 'rest_api_user_meta_fields' );
function rest_api_user_meta_fields() {
// register_rest_field ( 'name-of-post-type', 'name-of-field-to-return', array-of-callbacks-and-schema() )
register_rest_field( 'user', 'grad', array(
'get_callback' => 'get_user_acf_fields',
'update_callback' => 'update_user_acf_fields',
'schema' => null,
)
);
}
function get_user_acf_fields( $object ) {
//get the id of the post object array
$grad = get_field('grad', 'user_32');
error_log($object);
return $grad;
}
function update_user_acf_fields( $value, $object, $field_name ) {
error_log($value);
error_log($field_name);
error_log($object);
}
Now, I expect to have get_user_acf_fields function to be executed when I send GET request to /users/ endpoint, and update_user_acf_fields to be run when I send POST request to said endpoint. In both cases it executes former, get_user_acf_fields, function. What am I doing wrong here?
Maybe you didn't include the proper nonce?
For developers making manual Ajax requests, the nonce will need to be
passed with each request. The API uses nonces with the action set to
wp_rest. These can then be passed to the API via the _wpnonce data
parameter (either POST data or in the query for GET requests), or via
the X-WP-Nonce header. If no nonce is provided the API will set the
current user to 0, turning the request into an unauthenticated
request, even if you’re logged into WordPress.
— Read more on https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/
Here's your code that I modified and tested working on WordPress 4.9.5 with Advanced Custom Fields 4.4.12.
add_action( 'rest_api_init', 'rest_api_user_meta_fields' );
function rest_api_user_meta_fields() {
// register_rest_field ( 'name-of-post-type', 'name-of-field-to-return', array-of-callbacks-and-schema() )
register_rest_field( 'user', 'grad', array(
'get_callback' => 'get_user_acf_fields',
'update_callback' => 'update_user_acf_fields',
'schema' => [
'description' => 'User grad blah',
'type' => 'string',
],
)
);
}
// $user_arr is an `array` of the user data; e.g. `id`, `username`, and `name`.
// $field_name is the name of the ACF custom field; i.e. in this case, it's `grad`.
function get_user_acf_fields( $user_arr, $field_name ) {
// Get the value of the 'grad' custom field.
$grad = get_field($field_name, 'user_' . $user_arr['id']);
error_log(var_export( $user_arr, true ));
error_log($field_name);
//return $grad;
return $field_name . ';' . $grad . ';' . $user_arr['id'];
}
// $field_value is the value of the ACF custom field; i.e. in this case, it's `grad`.
// $user_obj is an `object` of the user data; e.g. `id`, `username`, and `name`.
function update_user_acf_fields( $field_value, $user_obj, $field_name ) {
// Get the value of the 'grad' custom field.
$grad = get_field($field_name, 'user_' . $user_obj->ID);
if ( $grad !== $field_value ) {
update_field( $field_name, $field_value, 'user_' . $user_obj->ID );
}
error_log($field_value);
error_log($field_name);
error_log(var_export( $user_obj, true ));
return true;
}
And here's the HTML and JS/AJAX I used for testing the PHP code above.
$_GET, $_POST and UPDATE are different things to the rest API. Since update isn't necessarily a construct of the language it just means that when a request usually a $_POST comes in with a specific "Update" header that it should call your update function.
Situation
I have a custom module that is using hook_field_formatter_info() to add an "fancy" option to the image field in the manage display of a content type. When this option is chosen I want to be able to surround the ENTIRE field in custom divs and markup. I want the solution to be a hook in my custom module and not a template override.
Process
A user wants the display of an image field to be the "fancy" option. They check it in the drop down and click save from the content types Manage Display admin page. Now on that content type node there should be custom markup surrounding the entire field even if there are multiple images, the new markup should surround ALL the images and not each individual image.
hook_field_formatter_view
hook_field_formatter_view seems to demand it's output be an array and I can't seem to be able to wrap the output in a div.
Template overrides
I can't just make a field.tpl.php for the specific field because like I initially mentioned I need to be able to switch themes and the module still work like normal. Unless there is a way to get my module to override any field where said field has hook_field_formatter_info() set specifically.
/**
* Implements hook_field_formatter_view().
*/
function bootstrap_modal_field_formatter_view($entity_type, $entity, $field, $instance, $langcode, $items, $display) {
$element = array();
foreach ($items as $delta => $item) {
if ($index === NULL || $index === $delta) {
$element[$delta] = array(
'#theme' => 'bootstrap_modal_image_formatter',
'#item' => $item,
'#entity_type' => $entity_type,
'#entity' => $entity,
'#node' => $entity, // Left for legacy support.
'#field' => $field,
'#display_settings' => $display['settings'],
'#delta' => $delta,
);
}
}
// $element = '<div id="CUSTOMDIVSTUFF">' . $element . '</div>';
return $element;
}
And here is the #theme function:
function theme_bootstrap_modal_image_formatter($variables) {
$item = $variables['item'];
$entity_type = $variables['entity_type'];
$entity = $variables['entity'];
$field = $variables['field'];
$settings = $variables['display_settings'];
$image = array(
'path' => $item['uri'],
'alt' => isset($item['alt']) ? $item['alt'] : '',
'title' => isset($item['title']) ? $item['title'] : '',
'style_name' => $settings['bootstrap_modal_node_style'],
);
if (isset($item['width']) && isset($item['height'])) {
$image['width'] = $item['width'];
$image['height'] = $item['height'];
}
if (isset($item['attributes'])) {
$image['attributes'] = $item['attributes'];
}
// Allow image attributes to be overridden.
if (isset($variables['item']['override']['attributes'])) {
foreach (array('width', 'height', 'alt', 'title') as $key) {
if (isset($variables['item']['override']['attributes'][$key])) {
$image[$key] = $variables['item']['override']['attributes'][$key];
unset($variables['item']['override']['attributes'][$key]);
}
}
if (isset($image['attributes'])) {
$image['attributes'] = $variables['item']['override']['attributes'] + $image['attributes'];
}
else {
$image['attributes'] = $variables['item']['override']['attributes'];
}
}
$entity_title = entity_label($entity_type, $entity);
if ($style_name = $settings['bootstrap_modal_image_style']) {
$path = image_style_url($style_name, $image['path']);
}
else {
$path = file_create_url($image['path']);
}
$caption = 'some value';
$gallery_id = 'some value';
return theme('bootstrap_modal_imagefield', array('image' => $image, 'path' => $path, 'title' => $caption, 'gid' => $gallery_id));
}
Been working on this for days, I'm drowning here.
This is possible via HOOK_process_field(). Use this hook to define a new template file for your field by adding it to theme_hook_suggestions array (place the template file in your module directory, because you wanted to change the theme -as you mentioned-). More info about field template suggestions.
Then, you will need to add the module path to drupal theme registry, so it picks up the template file. Demo.
I found out it was:
function bootstrap_modal_field_formatter_view($entity_type, $entity, $field, $instance, $langcode, $items, $display) {
$element = array(
'#prefix' => '<div class="wrapper">',
'#suffix' => '</div>',
);
When publishing a new link, using php sdk, the link is only available for logged user, it's not publish as public.
$facebook = new Facebook(array(
'appId' => $appId,
'secret' => $secret,
'cookie' => true
));
$user = $facebook->getUser(); // Get the UID of the connected user, or 0 if the Facebook user is not connected.
if($user == 0) {
setcookie('cod_eventos', $_POST['cod_eventos']);
$login_url = $facebook->getLoginUrl($params = array('scope' => "publish_stream"));
setcookie('userlogin', 1);
echo ("<script>window.open('".$login_url."')</script>");
} else {
$page_id = $page_id;
try {
$access_token = $facebook->getAccessToken();
$attachment2 = array(
'access_token' => $access_token
);
$page = $facebook->api('/me/accounts', 'get', $attachment2);
} catch (FacebookApiException $e) {
echo 'Unable to get page access token';
}
$privacy = array(
'value' => 'EVERYONE',
);
$attachment = array(
'access_token' => $page['data'][0]['access_token'],
'name' => 'Test',
'link' => 'http://www.facebook.com/',
'description' =>'Facebook',
'privacy' => json_encode($privacy),
);
try {
$facebook->api('/' . $page_id . '/feed', 'POST', $attachment);
echo '<div class="gestor_ficheiros_tipo">Event publish Facebook</div>';
}
catch (FacebookApiException $e)
{
echo '<div class="gestor_ficheiros_tipo">'.$e->getMessage().'</div>';
}
After running this the content is publish, but not view-able by un-registered facebook users
Apparently, despite what the API documentation says, the privacy setting is 'privacy_type', not 'privacy'. I found that out here on SO I think, but closed the tab so I can't immediately share the link.
Check the settings on your app as well - I think it's the 'Visibility of app and posts' setting defaults to 'Friends' instead of 'Public'. Maybe that'll do it?
I found out what was the problem, I was using facebook app in sandbox mode... :(. Once I've changed it started working perfectly
function searchsong_block($op='list',$delta=0){
$block = array();
switch($op){
case "list":
$block[0][info] = t('Search song');
return $block;
case "view":
$block['subject']='THIS IS SONG SEARCH MODULE';
$block['content']=drupal_get_form('custom1_default_form');
return $block;
}
}
function custom1_default_form () {
$form = array();
$form['txt_name'] =
array('#type' => 'textfield',
'#title' => t('Please enter your name'),
'#default_value' => variable_get('webservice_user_url',''),
'#maxlength' => '40',
'#size' => '20',
);
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Save Details'),
);
return $form;
}
function custom1_default_form_validate (&$form, &$form_state) {
if(($form_state['values']['txt_name']) == '') {
form_set_error('user_webservice', t('Enter a name'));
}
}
function custom1_default_form_submit ($form_id, $form_values) {
$GET_TXT_VAL = $_POST['txt_name'];
$result = db_query('SELECT title FROM {node} WHERE type = "%s" AND title LIKE "%%%s%%"', 'song', $GET_TXT_VAL);
$output='';
while ($row = db_fetch_object($result)) {
// drupal_set_message($row->title);----IF I ENABLE THIS LINE THEN MY SEARCH RESULT DISPLAYING IN THE GREEN BLOCK, YES I KNOW THIS FUNCTION SOMETHING LIKE ECHO JUST FOR TESTING PURPOSE WE SHOULD USE
$output .=$row->title;
}
$block['content'] = $output;
}
How to print my output ,
Above module does not display anything , even error also,
i thing i should use theme('itemlist') somthing , but i am not sure how to use this , and where i should use this ,
So what i want is , i want to display my search result , in the content region ,
Please find my question picture view below..
Validate and submit are not for outputting data.
You should show your results in custom1_default_form:
Add in submit $_SESSION['search_text'] or use multistep "storage" (learn drupal form api for this).
But let's look how to work via sessions:
Add in custom1_default_form:
// Here is your form code, so form will appear on the top
// ...
if (isset($_SESSION['search_text'])) {
//add here your code from submit that output searching result
$form['result'] = array(
'#type' => 'item',
'#value' => $output,
);
unset($_SESSION['search_text']); // don't forget clear session
}
Your submit function should be like this:
function custom1_default_form_submit($form, &$form_state) {
$_SESSION['search_text'] = $form_state['values']['txt_name'];
// this will store text field into session, then reload page,
// so you drupal_get_form will see entered values.
}
This is all.
Tips:
if(($form_state['values']['txt_name']) == '') {
form_set_error('user_webservice', t('Enter a name'));
}
This code is not needed, if you do:
$form['txt_name'] = array(
... // other properties
'#required' => true,
);
Read please about form api here: http://api.drupal.org
Other way to use block, just call function that output result and form via drupal_get_form, so:
...
$block['content']='custom1_default_result';
...
function custom1_default_result () {
$output .= drupal_get_form('custom1_default_form');
...
$output .= //search result if session filled/
}