can i save my data more conveniently

  • hi i just finished reading the codex section for sub menus
    link to codex. assuming there is NO field limitation for example:
    <?php if (empty($_POST[‘my_field’])){ echo ‘print error msg’; } ?> I would really like to know if im doing this properly. how would you folks do it with less code and more security. i dont know if wordpress even escapes these $_POST fields. let me know what you think! thanks in advance

    <?php
	//must check that the user has the required capability
	if (!current_user_can('manage_options')){
		wp_die(__('You do not have sufficient permissions to access this page.'));
	}

	// See if the user has posted us some information
	// If they did, this hidden field will be set to 'Y'
	if (isset($_POST['submit_hidden_color']) && $_POST['submit_hidden_color'] == 'Y'){
		$field1 = $_POST['favorite_color'];
		// Save the posted value in the database
		update_option('favorite_color', $field1);
	}else{
		$field1 = get_option('favorite_color');
	}
	if (isset($_POST['submit_hidden_car']) && $_POST['submit_hidden_car'] == 'Y'){
		$field2 = $_POST['favorite_car'];
		// Save the posted value in the database
		update_option('favorite_car', $field2);
	}else{
		$field2 = get_option('favorite_car');
	}

	if (isset($_POST['Submit'])){
        // Put a settings updated message on the screen
		echo '<div class="updated"><p><strong>';
		_e('settings saved.', 'mpc-products-settings-page');
		echo '</strong></p></div>';
	}

	// Now display the settings editing screen
	echo '<div class="wrap">';
		// header
		echo '<h2>' . __('Menu Test Plugin Settings', 'mpc-products-settings-page') . '</h2><div id="icon-options-general" class="icon32"><br></div>';
		// settings form
?>
		<form name="form1" method="post" action="">
            <input type="hidden" name="submit_hidden_color" value="Y">
            <p><?php _e("Favorite Color:", 'mpc-products-settings-page' ); ?>
            <input type="text" name="favorite_color" value="<?php echo $field1; ?>" size="20">
            </p>

            <input type="hidden" name="submit_hidden_car" value="Y">
            <p><?php _e("Favorite Car:", 'mpc-products-settings-page' ); ?>
            <input type="text" name="favorite_car" value="<?php echo $field2; ?>" size="20">
            </p>

            <hr />
            <p class="submit">
            <input type="submit" name="Submit" class="button-primary" value="<?php esc_attr_e('Save Changes') ?>" />
            </p>
		</form>
	</div>
Viewing 1 replies (of 1 total)
  • Thread Starter gavimobile

    (@gavimobile)

    as i was continuing with my reading, it seems im going to need to use an array. also, only 1 hidden field is required. wasnt sure what its purpose was untill now. maybe someone can show me a better example of this as an array! it would help me understand it better. also i would still like to know about if i need to do any kind of escaping.

    thanks

Viewing 1 replies (of 1 total)
  • The topic ‘can i save my data more conveniently’ is closed to new replies.