Updating post meta for custom post types
https://wordpress.stackexchange.com/questions/6902
-
16-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm writing a plugin for work (still) and having one more issue.
I've added my meta boxes as needed. However, the problem I'm having occurs when saving the post. My snippets for saving pretty much come from this post. I've also recieved a similar answer here, but it's just not working for some reason. :/
protected function __update_post_meta( $post_id, $field_name, $value = '' )
{
if ( empty( $value ) OR ! $value )
{
delete_post_meta( $post_id, $field_name );
}
elseif ( ! get_post_meta( $post_id, $field_name ) )
{
add_post_meta( $post_id, $field_name, $value );
}
else
{
update_post_meta( $post_id, $field_name, $value );
}
}
The above is called using the following. However, I'm not sure my problem lies with the actual saving now that I think of it. I'm thinking it might be the nonce which may be throwing it off.
public function _wp_save_post( $post_id, $post )
{
if ( empty($_POST)
OR !isset($_POST['argus_edit_visitor'])
OR !wp_verify_nonce( $_POST['argus_edit_visitor'], 'argus_edit_visitor' ) )
{
return $post->ID;
}
if ( ! current_user_can( 'edit_post', $post->ID ) ) return $post->ID;
// v_f_name | v_l_name | v_workstation | v_id
// Argh!
$this->__update_post_meta( $post->ID, 'v_f_name', $_POST['v_f_name'] );
$this->__update_post_meta( $post->ID, 'v_l_name', $_POST['v_l_name'] );
$this->__update_post_meta( $post->ID, 'v_workstation', $_POST['v_workstation'] );
$this->__update_post_meta( $post->ID, 'v_id', $_POST['v_id'] );
}
The nonce is used like the following: <input type="hidden" name="argus_edit_visitor" id="argus_edit_visitor" value="{$nonce}" /> and created using $nonce = wp_create_nonce( plugin_basename( __FILE__ ) );. The input field is inside block of html being stored in variable $html. Stackexchange was parsing my html otherwise I'd paste it here.
-Zack
EDIT: Just tested it, and it is the nonce's fault.
EDIT2: Typo on my part, but still doesn't work.
Solution
I really like your clean class structure :-) But I have a suggestion that might fix things (based on my experience with nonces and meta boxes from a plug-in I built last weekend):
Don't try to create the nonce field manually. You currently have:
$nonce = wp_create_nonce( plugin_basename( __FILE__ ) );
...
<input type="hidden" name="argus_edit_visitor" id="argus_edit_visitor" value="{$nonce}" />
The standard way to create this field is using WordPress' wp_nonce_field() function. It will add the hidden field for you:
wp_nonce_field( __FILE__, 'argus_edit_visitor' );
Verifying the nonce
You're verifying against the wrong string. In your code, you created the nonce with __FILE__ but you verify with the string argus_edit_vistor. You have:
if ( empty($_POST)
OR !isset($_POST['argus_edit_visitor'])
OR !wp_verify_nonce( $_POST['argus_edit_visitor'], 'argus_edit_visitor' ) )
{
echo "Erm. Why?";
return $post->ID;
}
You should have:
if ( empty($_POST)
OR !isset($_POST['argus_edit_visitor'])
OR !wp_verify_nonce( $_POST['argus_edit_visitor'], __FILE__ ) )
{
echo "Erm. Why?";
return $post->ID;
}
I usually use plugin_basename(__FILE__) when creating nonces. But you shouldn't run into problems doing it your way so long as the nonce creation and nonce verification happens in the same file.
