Use Nonces (when not using Settings API) Plugins and Themes should explicitly provide Settings-page nonce checking, if not using the Settings API: WordPress Nonces (Codex) WordPress Nonces (Mark Jaquith) Improving security in WordPress plugins using Nonces (Vladimir Prelovac) 5 tips for using AJAX in WordPress > 3. Use nonces and check for permission (Gary Cao)
I fixed this by going through PHPMyAdmin to the table “Options” and then the row active_plugins. I had the following stored there (formatted for readability): a:10:{ i:0;s:49:”1and1-wordpress-wizard/1and1-wordpress-wizard.php”; i:1;s:29:”acf-repeater/acf-repeater.php”; i:2;s:30:”advanced-custom-fields/acf.php”; i:3;s:45:”limit-login-attempts/limit-login-attempts.php”; i:4;s:27:”redirection/redirection.php”; i:6;s:33:”w3-total-cache/w3-total-cache.php”; i:7;s:41:”wordpress-importer/wordpress-importer.php”; i:8;s:24:”wordpress-seo/wp-seo.php”; i:9;s:34:”wpml-string-translation/plugin.php”; i:10;s:38:”wpml-translation-management/plugin.php”; } I added a new line (for the missing plugin) and incremented the a:10 to a:11 to indicate that … Read more
As a reference To create network or global settings, you need to do the following Add a settings page add_submenu_page( ‘settings.php’… # cf options.php for blog level` Add a global option add_site_option($key,$value) Update a global option update_site_option($key,$value) Get a site option get_site_option($key) Global settings are saved to the sitemeta table (individual blog settings are saved … Read more
When WordPress activates a plugin, it calls the activate_plugin() function. This function activates the plugin in a sandbox and redirects somewhere else on success. It’s been used by a few authors to programmatically activate plugin dependencies. There’s another function, deactivate_plugins(), that does a similar thing in reverse … it’s actually how WordPress deactivates plug-ins when … Read more
This is how I did it in some web apps: function run_activate_plugin( $plugin ) { $current = get_option( ‘active_plugins’ ); $plugin = plugin_basename( trim( $plugin ) ); if ( !in_array( $plugin, $current ) ) { $current[] = $plugin; sort( $current ); do_action( ‘activate_plugin’, trim( $plugin ) ); update_option( ‘active_plugins’, $current ); do_action( ‘activate_’ . trim( … Read more
That’s because the file in which is_plugin_active() is defined – wp-admin/includes/plugin.php – is only loaded in the admin, after your plugin is loaded. Thus, you can only call it after ‘admin_init’ has fired: function check_some_other_plugin() { if ( is_plugin_active(‘some-plugin.php’) ) { … } } add_action( ‘admin_init’, ‘check_some_other_plugin’ );
When your going through your loop add this: global $post; $post = get_post( $ID, OBJECT ); setup_postdata( $post ); //Do something wp_reset_postdata();
The wp_insert_post_data filter can do that: add_filter( ‘wp_insert_post_data’ , ‘filter_post_data’ , ’99’, 2 ); function filter_post_data( $data , $postarr ) { // Change post title $data[‘post_title’] .= ‘_suffix’; return $data; }
you can try to use the script_loader_src filter hook e.g: add_filter(‘script_loader_src’,’add_id_to_script’,10,2); function add_id_to_script($src, $handle){ if ($handle != ‘dropbox.js’) return $src; return $src.”‘ id=’dropboxjs’ data-app-key=’MY_APP_KEY”; } Update i just figured it out myself that the src is escaped by esc_url, so looking a bit more i found the clean_url filter which you can use to return … Read more
Products in WooCommerce are a custom post type, so this should work: $url = get_permalink( $product_id ); You can treat that $product_id as a postID (that’s what it is), so you can use it with other normal WP functions, like: echo ‘<a href=”‘.get_permalink($product_id).'”>’.get_the_title($product_id).'</a>’;