Creating a WordPress Admin Post action allows you to create a custom form and create a custom function that
If you want more information on this action, check out https://codex.wordpress.org/Plugin_API/Action_Reference/admin_post_(action).
To remind you, we are using the WordPress Plugin Boilerplate (WPPB) to create this WordPress plugin. If you have never used the WordPress Plugin Boilerplate framework, check out our post on WordPress Plugin Development. You need to use the text editor of your choice and open the class-plugin-name-admin.php file that exists within your plugin’s admin directory.
Step 1: Add Action in class-plugin-name-admin.php file’s construct function
You need to start off by adding the action in your construct function.
add_action( 'admin_post_add_something', array($this,'add_something'));If you are using a different WordPress plugin framework that doesn’t use classes to organize your PHP code, your action will look like the following: add_action( 'admin_post_add_something', 'add_something');
If you want to allow anyone to post form data to that function you would add no_priv_ after admin_post, like the following:
add_action( 'admin_post_nopriv_add_something', array($this,'add_something'));Register a nonce wherever you display your
$payment_nonce = wp_create_nonce( "plugin_name_add_something_nonce" );Step 2: Add the add_something function
From the add_action function above, we reference the add_something function. Therefore, you need to make sure that the add_something function is present in your script, otherwise, the admin action will not work properly.
You’ll notice in the function below that we are checking the nonce before any action is completed and we are checking if the current user is an administrator, this conditional statement is used to protect your function from bad actors. If you are neither an administrator nor have the same nonce, you will be redirected to the referring URL.
public function add_something(){
$nonce = sanitize_text_field($_POST['security']);
if(!wp_verify_nonce($nonce,'plugin_name_add_something_nonce') || !current_user_can( 'administrator' )){
header('Location:'.$_SERVER["HTTP_REFERER"].'?error=unauthenticated');
exit();
}
}Step 3: Add Form
Now, you need to add the form to your Admin dashboard. You can add this to the Plugin settings page or to a random Plugin page that you create. Make sure the action input in the form is equal to the value after admin_post_ in the action that you added in the construct function above.
<form action="/wp-admin/admin-post.php" method="post">
<input type="hidden" name="action" value="add_something">
<input type="hidden" name="email" value="email@gmail.com">
<input type="submit" value="Submit">
</form>That’s all there is to it! Now, you can submit the
In the next post, we’ll show you how to pass PHP variables to a JavaScript file in WordPress. Click on the button below to view that post: