Admin: Custom Query Returning Permissions Error

I think the problem is that by just appending ?deleteUser=XX you get an ‘illegal’ url, for example:

http://localhost/wordpress/wp-admin/edit.php?post_type=type&page=mypage?deleteUser=xxx

Instead, use WordPress’ add_query_arg:

    $url = $_SERVER['REQUEST_URI'];
    $url = add_query_arg('test','val',$url);

which gives:

http://localhost/wordpress/wp-admin/edit.php?post_type=type&page=mypage&deleteUser=xxx

Personally, I wouldn’t use $_SERVER['REQUEST_URI']; and instead hard-code the url of the page using admin_url. Also, see @Joshua comments on using the WordPress in-built functions which handle sanitization of your SQL statements.

Final point, you will want to perform nonce-checks (as well permission checks – should the current user be able to delete/modify table?). For the nonce-check you can do:

 $url = wp_nonce_url( $url, 'my-nonce-action' );

to add the nonce to the url the user is directed to. Then prior to deleting/modifying anything, use wp_verify_nonce to verify the nonce.

Related Posts:

  1. How to set selected attribute on option after filter query?
  2. How to clear the cache?
  3. How to do a query only on a specific admin page?
  4. WP_Query pagination not working in admin area
  5. Custom Loop in Page Admin Causing Other Fields to Fail
  6. Use ‘parse_query’ filter to show posts that from multiple criteria
  7. Trouble with wp_reset_postdata() in Admin Panel
  8. Add quicklink to in the Admin posts page where I can query by a meta_key
  9. hide custom post types with specific meta key ON admin backend
  10. I need help using pre_get_comments to limit comments in the comments admin screen
  11. How to pass query string vars between admin pages?
  12. How to view all posts of current day as default in admin
  13. Phpmyadmin – post editing
  14. Disable (or limit) queries when certain content (or data) is not needed (or showed)
  15. WordPress AJAX Request returns 400
  16. How to use custom page for all posts with custom url, call another directory?
  17. Is it possible to give a classname to specific comments in the WordPress admin?
  18. Is the ‘parse_query’ filter still valid to change filtered content on admin list view?
  19. Is instantiating WP_Query not possible within an admin Ajax call?
  20. Issue generating custom filter for cpt admin columns
  21. Modify query to exclude certain ids and certain parents and its corresponding children
  22. When to use WP_query(), query_posts() and pre_get_posts
  23. What are the standard admin CSS id/class tags?
  24. How to get an array of post data from wp_query result?
  25. How to only display posts whose meta_value field is not empty?
  26. How to print the excuted sql right after its execution
  27. WP query taxonomy input differs to output?
  28. How to add taxonomy filter on the query fly?
  29. WP_Query min and max values
  30. post_type is ignored by WP_Query when ‘tag’ argument is included
  31. How to query posts of standard post format. For real
  32. Orderby menu_order doesn’t work
  33. WP_Query by Category Name
  34. assign 2 $args to one wp_query
  35. WP_Query OR clause for tax_query and keywords
  36. Transient pagination not working properly
  37. query posts in functions.php and update a field
  38. get_posts() seemingly ignoring post_type
  39. If orderby parameter using pre_get_posts is the same for multiple posts what fallback does the query use?
  40. Which filter/action hook gets triggered after a query has been performed?
  41. How to add a column to the Trash page?
  42. Why query_vars get altered in WP_Query Object?
  43. pre_get_posts filter meta_query without conflicting existing meta_query
  44. Minimising Database Queries when using Advanced Custom Fields
  45. Adding text in more than one language (at the same time)
  46. Get data of all posts of a query before pagination
  47. WP Pagination on Posts Search Results Page resulting from AJAX WP Query
  48. How to avoid wp_query returning the same post I’m on in results?
  49. Why isn’t my multiple orderby working?
  50. WordPress Loop and $post
  51. How can I create ‘future’ and ‘past’ parameter for restAPI by filtering the CPT custom date field by greater than / less than current datetime?
  52. WP_Query tax query part of slug
  53. Query posts without meta preload
  54. How to implement a new row_count method in WordPress?
  55. Applying posts_clauses filter to specific queries only
  56. Some doubts about how the main query and the custom query works in this custom theme?
  57. How to do a wp_query with two acf-fields, sorting on one of them
  58. Shortcode for latest -not expired- posts
  59. meta_compare not comparing whole integer
  60. WP_Query – Object manipulation vs WordPress functions
  61. Only display post if published in last 24 hours?
  62. Transients with dynamic WP_Query
  63. How to remove the most recent post from $the_query
  64. WP_Query loop else statement not executing
  65. Selecting posts with a given meta value for a meta key
  66. pre_get_posts – editing query, tax_query
  67. Check if a post has term inside loop
  68. Display all posts in a custom post type, grouped by a custom taxonomy. How to sort the posts alphabetically and the terms by ID?
  69. How do I add a relation parameter to my filter query?
  70. Hacking ‘posts_per_page’ in WP_Query
  71. Query outputting YouTube url rather than embedded video
  72. Paginate pages with dynamic query
  73. wp list pages using meta box value
  74. get_var is neither a string, integer, or array …?
  75. Why my query is not “Main_query”?
  76. Filter sub-category from checkbox form
  77. Meta Box WP_Query array for showing items with a certain relationship
  78. Multi-layered WP_Query
  79. `offset` WP_Query argument dont work via `pre_get_posts`
  80. Function the_posts_pagination() not compatible with WP_Query arguments
  81. How to add a “base” filter for all posts visible to visitors on the site?
  82. Pagination of custom page with custom fields query
  83. WP_Query() not filtering posts for category
  84. wp query search multi terms
  85. WP_User_Query Orderby Not Working
  86. add action for wordpress query at a specific position
  87. WordPress post_status and meta_query
  88. How to query wordpress with array of meta_values?
  89. Updating an intensive wp_query result once daily
  90. Custom query return
  91. WP_Query: Meta_Query with serialized value (or a workaround)
  92. Query All Attachments and Order by Parent Publish Date
  93. Filter custom post type by custom taxomony
  94. Query post Pagination Problem
  95. An archive page without post format (just standard post)
  96. Pull Instagram images into an existing loop?
  97. Pagination showing same posts despite changing page
  98. Query custom post types by meta field in a term from custom taxonomy
  99. Filtering product search results using tags
  100. Why am I getting no results of a query placed after another query?
error code: 523