I know this question is ancient, but no, it’s not very secure. Anyone with knowledge of the AJAX endpoint would be able to generate valid nonces, which defeats the purpose in the first place. That being said, nonces are a low level defence in the first place: they only stop the simplest of attacks. A … Read more
To create your own independent search functionality, follow these steps. 1- You need a form to send the data for you. This is a simple form that can do this for you: <form method=”post” name=”car-select” action=”<?php echo site_url(‘/my-page/’); ?>”> <select name=”make”> <option value=”benz”>Benz</option> <option value=”bmw”>BMW</option> <option value=”audi”>Audi</option> </select> <select name=”type”> <option value=”sedan”>Sedan</option> <option value=”coupe”>Coupe</option> </select> … Read more
Well, it is the same form, but it is moved to another place in the DOM tree. So you could create one style for just .comments #respond, and one for .comments .comment #respond for the moved reply form.
The two variables $name and $email are unknown inside the function. You have to make them globally available inside it by changing global $wpdb into global $wpdb, $name, $email: require_once(‘../../../wp-load.php’); /** * After t f’s comment about putting global before the variable. * Not necessary (http://php.net/manual/en/language.variables.scope.php) */ global $name = $_POST[‘name’]; global $email = $_POST[’email’]; … Read more
Hi You have Use this COde For WordPress front-end AJAX file upload tutorial Code Here is my code: In my template file example.php <form enctype=”multipart/form-data”> <input type=”text” name=”support_title” class=”support-title”> <input type=”file” id=”sortpicture” name=”upload”> <input class=”save-support” name=”save_support” type=”button” value=”Save”> </form> This is in ajax-file-upload.js jQuery(document).on(‘click’, ‘.save-support’, function (e) { var supporttitle = jQuery(‘.support-title’).val(); var querytype = … Read more
you can do that by running the function set_post_thumbnail( $my_post_id, $thumbnail_id ); remember, you have to process and insert the image into the library first: $uploaddir = wp_upload_dir(); $file = $_FILES[ … whatever you have in your POST data … ]; $uploadfile = $uploaddir[‘path’] . “https://wordpress.stackexchange.com/” . basename( $file ); move_uploaded_file( $file , $uploadfile ); … Read more
I got the problem solution myself. See the code below this will do that. Put the code inside your newly created custom template. <?php if (!empty($_POST)) { global $wpdb; $table = wp_achord; $data = array( ‘name’ => $_POST[‘yourname’], ‘chord’ => $_POST[‘chord’] ); $format = array( ‘%s’, ‘%s’ ); $success=$wpdb->insert( $table, $data, $format ); if($success){ echo … Read more
The simplest option if you want to show search results within a page context you’ll need to do a custom loop, otherwise you won’t be able to access the page information. Change the input with the name s to something else like search or q to stop wordpress from doing it’s usual built in search. … Read more
admin-post.php is like a poor mans controller for handling requests. It’s useful in the sense that you don’t need to process your request on an alternative hook such as init and check to see whether or not special keys exists on the superglobals, like: function handle_request() { if ( !empty($_POST[‘action’]) && $_POST[‘action’] === ‘xyz’ ) … Read more
The WordPress way of doing this is by not using the admin_post hook at all. Since this question was asked quiet a while ago I wonder if option was available back then. Anyway you should create a custom settings page. Have a look at the complete example in the linked post. You will have to … Read more