duan36000 2018-03-25 14:59
浏览 104
已采纳

确认代码页无需输入即自动验证

My custom Wordpress plugin lets users submit posts of a custom post type from a form on my site. They input the information, click submit, and then they are taken to a Verification page. This instructs them to either click the link that was e-mailed to them or input the code, at which point it goes from Draft to Publish.

This is all working for the most part except after submission. When they are taken to the Verification page, it is automatically approving/publishing the post for some reason. I have triple checked the code and it is making absolutely zero sense.

Hoping someone can spot the error because I am at a loss...

Submit Page function

function slicer_profile_submit()
{
    // if the submit button is clicked, submit
    if (isset($_POST['slicer-profile-submitted']))
    {
        $xml = simplexml_load_file($_FILES['slicer-profile']['tmp_name']) or die("Error: Cannot upload file. Please contact the administrator.");
        $contents = $xml->asXML();

        //https://developer.wordpress.org/reference/functions/wp_insert_post/

        // sanitize form values
        $profile_author = sanitize_text_field( $_POST["slicer-profile-author"] );
        $profile_email = sanitize_text_field( $_POST["slicer-profile-email"] );
        $profile_name = sanitize_text_field( $_POST["slicer-profile-name"] );
        $profile_description = sanitize_textarea_field( $_POST["slicer-profile-description"] );

        $profile_model = intval($_POST["slicer-profile-model"]);
        $profile_slicer = intval($_POST["slicer-profile-software"]);

        // Create post object
        $slicer_profile = array(
            'post_title'    => $profile_name,
            'post_content'  => $contents,
            'post_type' => 'slicer_profiles',
            'post_status'   => 'draft',
            'post_author'   => 3,
            'tax_input' => array(
                'model'     => array($profile_model),
                'slicer'    => array($profile_slicer)
            ),
            'meta_input' => array(
                'slicer_profile_author' => $profile_author,
                'slicer_profile_description' => $profile_description
            )
        );

        // Insert the post into the database
        $post_id = wp_insert_post( $slicer_profile );

        // Generate a hashed code for the confirmation URL
        $hash = hash_hmac('sha256', $post_id, secret);

        $confirm_url = site_url(). '/verification?id=' . $post_id . '&hash=' . $hash;

        // Send a verification e-mail to the user to confirm publication
        $subject = 'Please confirm your Slicer Profile submission';
        $body = $confirm_url;
        wp_mail( $profile_email, $subject, $body );

        // Redirect the submitter to the post
        wp_redirect( site_url(). "/verification" );
    }
}

Verification page function

function slicer_profiles_verification_shortcode($atts = [], $content = null, $tag = '')
{
    // Check that both parameters are set
    if( isset($_GET['id']) && !empty($_GET['id']) && isset($_GET['hash']) && !empty($_GET['hash']) )
    {
        $post_id = $_GET['id'];
        $hash = $_GET['hash'];

        $target_hash = hash_hmac('sha256', $post_id, secret);

        // Check if the hash code matches the provided Post ID
        if ($hash != $target_hash)
        {
            echo 'The code provided is incorrect or has been mistyped.';
            return;
        }

        // Get the Post data based on ID
        $post_data = get_post( $post_id ); 
        $post_type = $post_data->post_type;
        $post_status = $post_data->post_status;

        // Check to confirm this is a Slicer Profile post type
        if ($post_type == 'slicer_profiles')
        {
            // If the post has already been published
            if ($post_status == 'draft')
            {
                // Publish the Post by ID
                wp_publish_post($post_id);

                echo 'Thank you, the profile submission has been confirmed.';
            }
            else
            {
                echo 'The code provide has already been used.';
            }
        }
        else
        {
            echo 'The code provide is not a valid submission. Please contact the Administrator.';
        }
    }
    else
    {

    ?>

        <div style="align:center;text-align: center;">
        <p>A confirmation e-mail has been sent to the address provided, containing the verification code to approve your submission. Please use the included link to approve and publish your slicer profile, or the form below the submit your code.</p>

        <form name="confirmSub" method="GET" action="">
            <input type="text" name="id" size="4" /> - <input type="text" name="hash" size="24" /></br></br>
            <input type="submit" value="Confirm" />
        </form>

        <?php

        echo '</div>';
    }
}
add_shortcode('slicer_profile_verification', 'slicer_profiles_verification_shortcode');

展开全部

  • 写回答

1条回答 默认 最新

  • dongxing9219 2018-03-25 15:42
    关注

    Try it this way. The code you have is not going trought all the conditions or else statements.

    function example() {
    
      if(you have a post){
        //analyse post value this way
        if(){
    
        }
        elseif(){
    
              }
        elseif(){
              }
        else{
          }
    
    }
    
    else{ // you dont have a post
    }
    
    
    }
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

客服 返回
顶部