Ok, first of all, lets (temporarily) disregard the code from wptuts-user-log so as not to confuse that code with the basic objective first.
For the record however, that code was written by our very own Stephen Harris, an updstanding member of this community and the WordPress community at large. The particular link question was part of a tutorial series on Creating Custom Database Tables.
So…
As I mentioned in my earlier comment to you, there are many ways to insert data from a remote site, I’m going to cover a very basic way in which you can achieve this.
I’ll give fair warning that the following example code makes no assumption about security, data validation and sanitization, with the exception of using $wpdb->prepare, the ultimate responsibility will lay with you to ensure your application is secure.
In order for us to help you more precisely with your implementation of remote insertion requests we need some context as to how your implementation is intended to work. For example, what kind of people are allowed to make such requests, what limitations you would like imposed on those requests and any other relevant information to the problem.
That aside, I strongly recommend not including the code you have exampled in a theme template file, certainly not a page template file. If that page is accessible on the front end of your site which I assume to be the case, it may be possible for anyone to access that URL and initiate insertion requests to your database not to mention potentially hack the sh*t out of you.
Instead of handling this functionality in your theme, I suggest creating a plugin.
<?php
/*
Plugin Name: Plugin Name
Plugin URI: http://www.yoursite.com/
Description: Remote Insert
Author: Your Name
Version: 1.0
Author URI: http://yoursite.com
*/
add_action( 'plugins_loaded', array( RemoteRequest::instance(), 'setup' ));
class RemoteRequest {
public function __construct() {}
public function setup() {
add_filter( 'init', array($this, 'rewrite_rules'));
add_filter( 'query_vars', array($this, 'add_query_vars'), 10, 1);
add_action( 'parse_request', array($this, 'parse_request') );
}
public static function instance() {
NULL === self::$instance and self::$instance = new self;
return self::$instance;
}
public function rewrite_rules() {
//http://www.yoursite.com/remote/insert
//http://www.yoursite.com/remote/update
//http://www.yoursite.com/remote/delete
//etc...
add_rewrite_rule(
'^remote/(insert|update|delete)/?$',
'index.php?remote_request=true&remote_action=$matches[1]',
'top'
);
}
public function add_query_vars($query_vars) {
$query_vars[] = 'remote_request';
$query_vars[] = 'remote_action';
return $query_vars;
}
public function parse_request($wp) {
$query = $wp->query_vars;
if( array_key_exists( 'remote_insert', $query ) && isset($query['remote_action']) ) {
//it would be very wise to check the origin of the
//request at this point in addition to the existence
//of a valid API key prior to continuing execution.
if ( $query['remote_action'] === 'insert' ) {
if ( $this->insert_data($_POST) ) {
//on success redirect user to success link
wp_redirect($success_link);
exit;
} else {
//on success redirect user to success link
wp_redirect($failed_link);
exit;
}
} elseif ( $query['remote_action'] === 'update' ) {
//your update code...
} elseif ( $query['remote_action'] === 'delete' ) {
//your delete code...
} else {
//handle other condtions...
}
}
}
public function insert_data($data) {
global $wpdb;
$result = $wpdb->query( $wpdb->prepare(
"
INSERT INTO $wpdb->yourcustomtable
( user_ID, PL_part_ID, part_save_date )
VALUES ( %d, %d, %s )
",
$data['user_id'],
$data['pl_part_id'],
$data['part_save_date ']
)
);
return $result;
}
}
…the above is only a rough example, not neccessarily the best.
Extrapolating remote API requests into there own plugin will make your code and implementation much more maintainable and interoperable with site changes (especially changing themes as you wont lose your remote capabilities).