Add WordPress Admin Post Action

Creating a WordPress Admin Post action allows you to create a custom form and create a custom function that form data is sent to when the form is submitted. In other words, if you want to create a custom form and then submit that form to a function that you create, this is the post for you!

If you want more information on this action, check out https://codex.wordpress.org/Plugin_API/Action_Reference/admin_post_(action).

To remind you, we are using the WordPress Plugin Boilerplate (WPPB) to create this WordPress plugin. If you have never used the WordPress Plugin Boilerplate framework, check out our post on WordPress Plugin Development. You need to use the text editor of your choice and open the class-plugin-name-admin.php file that exists within your plugin’s admin directory.

Step 1: Add Action in class-plugin-name-admin.php file’s construct function

You need to start off by adding the action in your construct function.

add_action( 'admin_post_add_something', array($this,'add_something'));

If you are using a different WordPress plugin framework that doesn’t use classes to organize your PHP code, your action will look like the following:

add_action( 'admin_post_add_something', 'add_something');

If you want to allow anyone to post form data to that function you would add no_priv_ after admin_post, like the following:

add_action( 'admin_post_nopriv_add_something', array($this,'add_something'));

Register a nonce wherever you display your form, so that you can check the nonce in the post function when someone submits information to the endpoint.

$payment_nonce = wp_create_nonce( "plugin_name_add_something_nonce" );

Step 2: Add the add_something function

From the add_action function above, we reference the add_something function. Therefore, you need to make sure that the add_something function is present in your script, otherwise, the admin action will not work properly.

You’ll notice in the function below that we are checking the nonce before any action is completed and we are checking if the current user is an administrator, this conditional statement is used to protect your function from bad actors. If you are neither an administrator nor have the same nonce, you will be redirected to the referring URL.

public function add_something(){
     $nonce = sanitize_text_field($_POST['security']);
     if(!wp_verify_nonce($nonce,'plugin_name_add_something_nonce') || !current_user_can( 'administrator' )){
          header('Location:'.$_SERVER["HTTP_REFERER"].'?error=unauthenticated');
          exit();
     }
}

Step 3: Add Form

Now, you need to add the form to your Admin dashboard. You can add this to the Plugin settings page or to a random Plugin page that you create. Make sure the action input in the form is equal to the value after admin_post_ in the action that you added in the construct function above.

<form action="/wp-admin/admin-post.php" method="post">
  <input type="hidden" name="action" value="add_something">
  <input type="hidden" name="email" value="email@gmail.com">
  <input type="submit" value="Submit">
</form>

That’s all there is to it! Now, you can submit the custom form to the function that you created.

In the next post, we’ll show you how to pass PHP variables to a JavaScript file in WordPress. Click on the button below to view that post:

Pass PHP Values to a JavaScript File in WordPress

Leave a Reply

Your email address will not be published. Required fields are marked *