admin_post in object oriented plugin

by

You can build this in to just one class.

Obviously change the method names to anything you wish, these are just the ones I use in my plugins.

You’ll notice that I’ve also added a couple of sanity checks – one is designed to stop people accessing your plugin page directly (i.e. before the core files have been loaded), and the other is to prevent access to the on_save_settings method from anywhere other than your admin page.

I should also point you towards the Writing a Plugin Codex, which has lots of examples and can direct you to further reference material to help you with this process.

Finally, I’d recommend also looking in to the Settings API. It’s not a silver bullet, but it can make managing plugin settings much easier.

/**
 * Avoid direct calls to this file where WP core files are not present
 */
if(!function_exists('add_action')) :
    header('Status: 403 Forbidden');
    header('HTTP/1.1 403 Forbidden');
    exit();
endif;

$sm_admin = new SM_Admin();
class SM_Admin{

    /** Constructor */
    function __construct(){

        add_action('admin_menu', array(&$this, 'on_admin_menu'));                           // Add the admin menu
        add_action('admin_post_change_socialmedia', array( &$this, 'on_save_settings'));    // Save any changes

    }

    /**
     * Add the admin menu
     */
    function on_admin_menu(){

        add_menu_page( 'Social Media', 'Social Media', 'read', SM_CUSTOMPOSTTYPE, array( &$this, 'on_show_page' ), '', 22 );

    }  

    /**
     * Render the page
     */
    function on_show_page(){
?>
        <form action="<?php echo admin_url( 'admin-post.php' ); ?>" method="post">
            <input type="hidden" name="action" value="change_socialmedia">
            <!-- { Your form... } -->
            <?php wp_nonce_field('ms_change_socialmedia', 'ms_nonce'); ?>
            <?php echo get_submit_button('Speichern'); ?>
        </form>
<?php      
    }

    /**
     * Save the settings
     */
    function on_save_settings(){

        if(!isset( $_POST['ms_nonce']) || ! wp_verify_nonce( $_POST['ms_nonce'], 'ms_change_socialmedia')) :
            wp_die(new WP_Error(
                'invalid_nonce', __('Sorry, I\'m afraid you\'re not authorised to do this.')
            ));
            exit;
        endif;

        echo '<pre>'; print_r($_POST); echo '</pre>';
        die('Hey, it works!  You can now edit the \'on_save_settings\' method to sanitize and save your settings as you require.');

        wp_redirect($_POST['_wp_http_referer']);

    }

}