Those are some dangerous words “public…can enter data directly to the DB”
You could write your own form and use wp_insert_post()
Something like this:
$new_post = array(
'comment_status' => 'closed',
'ping_status' => 'closed',
'post_author' => 1, // id of admin, or some other user
'post_title' => $_POST['title'],
'post_name' => $_POST['title'],
'post_status' => 'draft',
'post_type' => 'post', // or whatever
'post_date' => date('Y-m-d H:i:s'),
);
$new_post_id = wp_insert_post( $new_post );
Related Posts:
- Avoid updating post when sending POST or GET request to post.php
- Plugin Form Submission Best Practice
- $_POST form request with admin-post
- Add screen options to custom admin pages
- Handling results from data hooked into admin_post
- What is the real intention for admin-post.php?
- Change default admin page for specific role(s)
- What is the recommended way to create plugin administration forms?
- Dashboard like meta boxes in my plugin – how to save their position and open/closed state?
- Using AJAX in a plugin to submit form – REALLY confused
- How to change post status in hook?
- How to trap “Publish” button to check for meta box validation?
- Post from front-end with post types, categories and taxonomies
- Front-End Form Submission in Shortcode
- Check spam in custom form – akismet
- Use a PHP file as action for a form in a WordPress plugin, what’s the correct way?
- Rearranging Dashboard meta boxes with use of plugin/functions.php
- Front-End Interfaces Without Shortcodes
- Best Practices for Creating and Handling Forms with Plugins?
- Plugin options page – form with two different submit buttons
- How to create a Tools menu on the Network Admin dashboard from a plugin
- How to sanitize user input?
- how do you prevent showing a particular category on the admin dashboard for specific user roles?
- WooCommerce registration password field not displaying
- wordpress plugin php file processing form
- How to add custom fields to the all users page
- Example Dashboard Widget, Cancel not working
- Error on inserting a form value to database
- Multiple options pages validation for a plugin
- Dashboard – get status and position of metaboxes and pass them to ajax method
- “dashboard”-named PHP file doesn’t get included
- Form doesnt save to database
- Create custom HTML/JS app inside page
- Plugin Development for registered users
- Is there documentation reference for forms in menu and setting pages?
- Input in plugin widget does not allow spaces
- admin_post equivalent for guest user?
- How can I add a simple custom field to my plugin?
- Add Password Generator on password protected page
- Run JavaScript validation script on form submit in plugin
- I am unable to save my data from a form
- The Correct Way to Use Nonce Field without Settings API
- How to add search form in main page body?
- WordPress publish_post hook not getting featured image and meta on first publish, but works on updating title
- How to make and save custom form in custom plugin page?
- Catching Form Submission in WordPress Admin Panel
- Form using admin-post.php gives 404 after submission
- Submit form to a different PHP file in the same plugin folder
- A function that will remove HTML and tags from a string?
- Plugin Form Submitting to admin-ajax.php instead of admin-post.php
- Form submission to another page returning 404 error [duplicate]
- Lead form that submits to 2 external APIs
- Set page to draft on plugin deactivation
- WordPress: redirecting to the form page after form submission to admin-post.php
- Custom Icon for Plugin
- How to create a custom post-new.php page for plugin , no wp menu
- How to show the posts listing on dashboard or custom page in admin panel?
- Information and Page from WordPress Plugin
- Quick Draft widget (dashboard.php) using custom post_type
- Why is that only the first row getting inserted into Mysql table when i import csv file on backend custom plugin?
- Using AJAX to submit and return data inside the WordPress Plugin Boiler Plate framework
- Use admin-post to submit form data to external database
- How to Maintain url on form submit
- How to retrieve custom profile fields associated with different users
- form does not generate $_POST request
- Publish, Save Draft and Preview buttons do not work after being moved with jQuery
- Acessing WP functions in form submission handler
- Form and database, plugin development
- Can I use a hook other than ‘init’ to handle form submissions?
- wp_mail links are dead
- problem with blank page
- Best way to handle a form post in plugin
- Post data in wp-admin to external database
- Multi-part form and wp_redirect()
- Create wordpress dashboard metabox which spans all columns
- Page reload occurs before request finishes
- Submitting a plugin form to database in admin page
- Plugin SVN folder structure
- How can I add a custom button to the post editor?
- How do I display and edit other posts within the ‘Edit Post’ area of Wp-Admin Dashboard
- Is it possible to add Custom Dashboard Widgets to Custom Admin Menu Page?
- Bulk post approval and publishing doesn’t work
- Hook a search form anywhere on the site, using a custom plugin
- Plugin forms overwrite each other’s options
- Does using set_transient() function can lead to MySQL problems?
- permalinks with get variables
- I should hide the API Key in a plugin?
- Register a sidebar in a WordPress plugin
- How to stop your plugin from executing on certain pages?
- Search the product by tag or category not working
- Codex Version Focus on Production or Nightly?
- Fatal error: Uncaught Error: Call to undefined function convert_to_screen()
- Using the same class across multiple functions
- admin-ajax.php returns “No Script Kiddies!” sometimes
- Widget won’t be activated
- dbDelta not doing what it says
- Custom options page for themes
- How can I make my website with wordpress having on-spot editing feature as compared to concrete5 CMS?
- Making a user platform reachable by a qr code on a pin-back-button [closed]
- how to add contact form 7 shortcode in javascript variable