See my comments above, but part of the problem is that you are checking that
$_POST['action'] == "new_post"
In the example you’ve given you have commented out the hidden ‘action’ field; which, in any case is set to post
not new-post
. I believe you a trying to check the nonce…
To do that (following the Codex), once you’ve checked the action, do:
$nonce=$_REQUEST['_wpnonce'];
if (! wp_verify_nonce($nonce, 'new-post') ) die('Well that was naughty.');
Also, I don’t think it’s necessary to check:
'POST' == $_SERVER['REQUEST_METHOD']
Finally, before using wp_insert_post
. You should check that the category is set (see above comments too). You should probably intval
the posted category data before inserting as an array into the wp_insert_post
arguments.