halben

Here is what I have: add_filter('wp_nav_menu_items', 'custom_menu', 50, 2); function custom_menu($items, $args) { if (is_admin() || $args -> theme_location != 'top_menu') return $items; if (is_user_logged_in()) { $user = wp_get_current_user(); $firstName = $user -> user_firstname; $lastName = $user -> user_lastname; $items .= '<li id="user-name" title="Edit" ><a href="' . esc_url(site_url('/profile')) . '">' . esc_attr($firstName) . ' ' . esc_attr($lastName) . '</a></li>'; $link = '<a href="' . esc_url(wp_logout_url($redirect)) . '" title="' . esc_attr(__('Logout')) . '">' . esc_attr(__('Logout')) . '</a>'; } else { $link2 = '<a href="' . esc_url(site_url('/register')) . '" title="' . esc_attr(__('Register')) . '">' . esc_attr(__('Register')) . '</a>'; $items .= '<li id="register-link" class="menu-item menu-type-link">' . $link2 . '</li>'; $link = '<a href="' . esc_url(wp_login_url($redirect)) . '" title="' . esc_attr(__('Login')) . '">' . esc_attr(__('Login')) . '</a>'; } return $items .= '<li id="log-in-out-link" class="menu-item menu-type-link">' . $link . '</li>'; }

I'm getting this : PHP Parse error: syntax error, unexpected T_STRING on this line of code, $link = '<a href="' . esc_url(wp_logout_url($redirect)) . '" title="' . esc_attr(__('Logout')) . '">' . esc_attr(__('Logout')) . '</a>'; Am I missing something? Thanks, hal

Thank you requinix, that was helpful. I'll definitely learn more about sql injection.

I'm working on a WordPress website. This is in the child's function.php file. I'm just wondering if I need to sanitize when I embed strings within HTML markup. if (is_user_logged_in()) { $user = wp_get_current_user(); $fName = $user -> user_firstname; $lName = $user -> user_lastname; $items .= '<li id="user-name" title="Edit my profile" ><a href="' . site_url('/something') . '">' . $fName . ' ' . $lName . '</a></li>'; $link = '<a href="' . wp_logout_url($redirect) . '" title="' . __('Logout') . '">' . __('Logout') . '</a>'; } Do I need to sanitize $items and $link? If so, would it be this? $items .= '<li id="user-name" title="Edit my profile" >htmlspecialchars(<a href="' . site_url('/something') . '">, ENT_QUOTES)' . $firstName . ' ' . $lastName . '</a></li>'; $link = htmlspecialchars('<a href="' . wp_logout_url($redirect) . '" title="' . __('Logout') . '">' . __('Logout') . '</a>, ENT_QUOTES)'; How about this one? echo '<p>' . __('A message will be sent to your email address.') . '</p>'; to echo '<p>' . htmlspecialchars(__('A message will be sent to your email address.'), ENT_QUOTES) . '</p>'; Thanks for helping.

Hi, I am hoping someone could please help/guide in the right direction. I have a form in an iframe and I want to use PHP to check when the user has pressed the submit button in the iframe form. How would I approach on doing this? Thanks, Hal

Thanks for helping, I figured it out. Here's what I have: $('.x-combo-list-item').click(function() { var item = $(this); if (item.text() === "Partner") { alert('You have selected Partner!'); // Fire your ajax call here /* $.post('handler.php', {data: data : {even: 'more data'}}, function(data), 'json'); */ } });

I have the following: The Inspected element from the combo box. <div class="x-combo-list-inner" id="ext-1111"> <div class="x-combo-list-item">Target</div> <div class="x-combo-list-item">Partner</div> <div class="x-combo-list-item">Other</div> <div class="x-combo-list-item x-combo-selected">Too small</div> </div> I am trying to get the selected value "Partner" from it. here's my jquery: $('.x-combo-list-item').click(function() { var item = $(this).data('item'); var isPartner = ??? if (item === (??I'm Stuck here??)) { alert('You have selected Partner!'); // Fire your ajax call here /* $.post('handler.php', {data: data : {even: 'more data'}}, function(data), 'json'); */ } }); I'm stuck on getting the selected value from the COMBO BOX. I did found something online that could be a solution: var isPartner = _getText(_byId("ext-gen484").childNodes[2]); But I'm not sure how to translate that to javascript. Can someone please help me?

Thanks for helping, kudos to the both!

I think I figured it out. Thanks guys.

Can someone tell me if this is excessive use of IF statement? Thanks. if ($role == 'admin') { // Check if the user exist if (isset($_POST['user_email']) && !empty($_POST['user_email'])) { // Sanitize the data $user_email_data = trim(strip_tags(stripslashes($_POST['user_email']))); // Now use PHP to check for validation if (filter_var($user_email_data, FILTER_VALIDATE_EMAIL)) { if (false == get_user_by('email', $user_email_data)) { // the user doesn't exist } else { // the user exists update_user_meta($userID, 'wp_user_roles', '10'); // check wp if the new value has been stored if (get_user_meta($userID, 'wp_user_roles', true) != '10') { wp_die('An error occured!'); } } } } } else { // Do nothing, exit exit ; }

I'm doing something like this: $user_email_data = trim(strip_tags(stripslashes($_POST['user_email']))); // Now use PHP to check for validation if (filter_var($user_email_data, FILTER_VALIDATE_EMAIL)) { ..... How safe is that?

Hello Guys/Gals, Can someone please tell me how safe this sanitation is? $username = filter_var($_POST['user_name'], FILTER_SANITIZE_STRING); Thanks, Halben

Hello Guys/Gals, I'm trying to get a drop down list name "SomeAccount" and get a value from the list which is "Partner." I don't this this is the right way to do it but can someone please help me? $someRole = $some_client -> getID($userId, array('SomeAccount' => 'Partner')); After assigning the variable, I want to check against a $_Post['role'] to see if $someRole == $_Post['role']. if ($someRole == $_Post['role'] == 'subscriber') { update_something(); } Thanks, Halben

Thanks, I'll give it a try. Do you know if there's another method to do so besides the one you and I post?

I would like to open a SOAP connection that reflects changes to another database onlywhen the following forms has been submitted(Register & Update profile forms) through WordPress. I am able to get the connection working using a try/catch block statement but it seems like the connection are always present so it's slowing the site down alot and it's not safe. Does anyone know how to check when an user submits a form? All I could think of is using this code: if($_SERVER['REQUEST_METHOD'] == "POST") and doing something like this: if($_SERVER['REQUEST_METHOD'] == "POST"){ try{ //import soap class // connect to another DB // Do more stuff here... } catch(exception $e){ // errror } }

Thanks guys. Fast reply, I'm liking this forum!

Hi, I'm new to this forum and I'm looking for some assistance. I have the following code: (just a quick example) <?php try { // import Soap client require_once('/random.php'); // connect to 3rd party DB $3rd_db_client = new Something($one, $two, $three); // Do some more stuff } catch(exception $e) { echo $e->getMessage() ; exit; } ?> My question is, does the catch{ exit; } close the DB connection?