I’m looking for a simple way for a WordPress plugin to process $_POST data from a user submitted form. Back end processing will be performed and then I’ll redirect to a new page as appropriate — so during processing there is no UI.
Basically, I want to take a form submit such as…
<form method="post" action="/back-end-processing.php">
<input type="text" name="text" />
<input type="submit" value="submit" />
</form>';
…and process it like I would with PHP but still be able to use WP’s “nonce” protection.
Some examples I’ve seen suggest that I should use admin-post.php but I was concerned that it should only be used for actual admins and not for general users.
Another approach suggested…
function checkCheckBox()
{
if($_POST['checkbox'] == 1)
{
return true;
}
return false;
}
add_action('init', 'checkCheckBox');
…however, this seems like overkill because it will be called for every page while my site visitors will only be posting data to it infrequently.
2 Answers
The best way to process the custom form is the following. If you are using nonce then you don’t really have to check $_POST[‘checkbox’], the code below can be used simply to verify_nonce and then process the form.
function process_my_form() {
if ( wp_verify_nonce( $_POST['my_nonce_field'], 'my_nonce' ) ) {
// process your form here
// you can also redirect and call exit here.
}
}
add_action( 'init', 'process_my_form' );
But if you still you want to submit your form to a custom php script, then load the wp-blog-header.php.
<?php
define('WP_USE_THEMES', false);
require('./wp-blog-header.php');
?>
See http://codex.wordpress.org/Integrating_WordPress_with_Your_Website for more information.