SkyRanger

Thanks all for your help got it working and a special thanks again to barand, worked like I needed it to.

Hi mac_gyver. For some reason not sure what happened with that script. It actually is(was) working in another part of my plugin but for some reason not sure if I typed something wrong in the new part of the program. I squashed the latest validation check above as it was causing nightmares. I am currently working on securing the validation as I got it working almost the way it is needed but still having a problem with one field. The account one that barand has provided assistance on. person leaves account field empty should not give error. When enters data into field check field to ensure they are only numbers. if (isset($_POST['account']) && ctype_digit($_POST['account'])) { // OK } else { $accountErr = "Only numbers are permitted or leave blank"; }

Run in to a new issue and still having issue with code advised of Barand. Even if there are errors the info is still submitting to database and if somebody does not enter anything in the account field it is stating that is required. if( isset($_POST['submit']) ) { if(empty($_POST['kudoagent'])) $msg_name = "You must supply agent name"; $name_subject = $_POST['kudoagent']; $name_pattern = '/^[a-zA-Z ]*$/'; preg_match($name_pattern, $name_subject, $name_matches); if(!$name_matches[0]) $msg2_name = "Only alphabets and white space allowed"; if(empty($_POST['agentloc'])) $msg_agloc = "You must select a location"; if(empty($_POST['kudoclient'])) $msg_kclient = "You must select a queue"; if(empty($_POST['kudocust'])) $msg_custname = "You must supply customer name"; $custname_subject = $_POST['kudocust']; $custname_pattern = '/^[a-zA-Z ]*$/'; preg_match($custname_pattern, $custname_subject, $custname_matches); if(!$custname_matches[0]) $msg2_custname = "Only alphabets and white space allowed"; if(empty($_POST['kudomsg'])) $msg_kmsg = "You must enter a kudos"; if (isset($_POST['account']) && ctype_digit($_POST['account'])) { // Nothing to output } else { // ERROR $msg = "Only number are permitted"; } } if(isset($_POST['submit'])){ if($msg_name=="" && $msg2_name=="" && $msg_agloc=="" && $msg_kclient=="" && $msg_custname=="" && $msg2_custname=="" && $msg_kmsg=="") $msg_success = "Kudos has been submitted"; global $wpdb; $table = $tablename; $kudokey = randkey(); $kudoposted = date("Y-m-d H:i:s"); $data = array( 'kudoid' => '', 'kudomsg' => $_POST['kudomsg'], 'kudoagent' => $_POST['kudoagent'], 'kudoagentid' => $_POST['kudoagentid'], 'kudocust' => $_POST['kudocust'], 'kudoacct' => $_POST['kudoacct'], 'kudoclient' => $_POST['kudoclient'], 'kudoloc' => $_POST['agentloc'], 'kudoentry' => $kudoposted, 'kudoadmin' => $_POST['kudoadmin'], 'kudopic' => $_POST['kudobanner'], 'kudostatus' => '0', 'kudokey' => $kudokey, ); $format = array( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ); $success=$wpdb->insert( $table, $data, $format ); if($success){ /* echo "<blockquote class=\"otro-blockquote\">"; echo nl2br($_POST['kudomsg']); echo "<span>"; echo "<b>Kudos for:</b> " .$_POST['kudoagent']. " - " .$_POST['kudoagentid']. ", ".$_POST['agentloc']; echo "<br>By: ".$_POST['kudocust']. ", " . date("F j, Y g:i a", strtotime($kudoposted)); echo "<br/>" .$_POST['kudoacct']; echo "<br/> Submitted By: " .$_POST['kudoadmin']; echo "</span></blockquote>"; $urlparts = parse_url(home_url()); $kudourl = $urlparts['host']; */ echo "<div class='success_msg'>".$msg_success."</div>"; } }

Sorry maxxd if( isset($_POST['submit']) ) { if(empty($_POST['kudoagent'])) $msg_name = "You must supply agent name"; $name_subject = $_POST['kudoagent']; $name_pattern = '/^[a-zA-Z ]*$/'; preg_match($name_pattern, $name_subject, $name_matches); if(!$name_matches[0]) $msg2_name = "Only alphabets and white space allowed"; if(empty($_POST['agentloc'])) $msg_agloc = "You must select a location"; if(empty($_POST['kudoclient'])) $msg_kclient = "You must select a queue"; if(empty($_POST['kudocust'])) $msg_custname = "You must supply customer name"; $custname_subject = $_POST['kudocust']; $custname_pattern = '/^[a-zA-Z ]*$/'; preg_match($custname_pattern, $custname_subject, $custname_matches); if(!$custname_matches[0]) $msg2_custname = "Only alphabets and white space allowed"; /*This is the issue part*/ if(empty($_POST['account'])) $acct_subject = $_POST['account']; $acct_pattern = '/^[0-9]*$/'; preg_match($acct_subject, $aact_matches); if(!$acct_matches[0]) $msg_acct = "Only numbers are allowed"; /*end of issue part*/ if(empty($_POST['kudomsg'])) $msg_kmsg = "You must enter a kudos"; } if(isset($_POST['submit'])){ if($msg_name=="" && $msg2_name=="" && $msg_agloc=="" && $msg_kclient=="" && $msg_custname=="" && $msg2_custname=="" && $msg_kmsg=="" && msg_acct=="") $msg_success = "Kudos has been submitted";

I am working on a form validation script and not sure how to approach this. I can validate current entries that are required but I am trying to figure out how to validate an entry only if submitted and ignored if field is empty. /*form field*/ <input type="text" name="account"> <?php echo "<div class='note'>".$msg_acct."<br/>"; /*This is in the validation script*/ if(empty($_POST['account'])) $acct_subject = $_POST['account']; $acct_pattern = '/^[0-9]*$/'; preg_match($acct_subject, $aact_matches); if(!$acct_matches[0]) $msg_acct = "Only numbers are allowed";

Thanks maxxd. Yeah once I get the bugs all worked out and start putting everything together I am am going to be securing the crap out of this thing. That is all I need is to leave an open hole for somebody to access a businesses server.

Thank you guys. It was me who did a stupid and not watching what I was typing. Thanks for your help it is working perfectly now.

echo "<table>"; echo "<form name='FormData' method='post' action=''>"; echo "<thead><th>Name</th><th>Email</th><th> <button type='submit' value='kudoemaildelete' class='formbutton' name='kudoemaildelete' />Delete</button> </th></thead>"; $kudolistem = $wpdb->get_results( "SELECT * from $tableemname where kuemqueue = '$kemail->kuemqueue'" ); foreach ($kudolistem as $kudosndem) { $kuemid = $kudosndem->kuemid; echo "<tr>"; echo "<td>" .$kudosndem->kuemname. " </td><td>" .$kudosndem->kuemaddy. "</td><td><center><input name='kuemid[]' type='checkbox' id='checkbox[]' value=" .$kuemid. "></center></td>"; echo "</tr>"; } echo "</form>"; echo "</table>"; It is probably something so stupid I am missing. I have tried both _POST and _GET

The query is not running. For some reason the page just refreshes and reloads the list with checkboxes. The isset is not being called

Unsure why this is not working debug is showing no issues if (isset($_GET['kudoemaildelete'])) { //data removal code will be going here $kuemid = $_GET['kuemid']; for($i=0;$i<count($kuemid);$i++){ $del_id = $kuemid[$i]; $wpdb->query( 'DELETE FROM '.$wpdb->prefix.'kudos_email WHERE kuemid IN($del_id)' ); $adminurl = get_admin_url(); $redirurl = $adminurl."admin.php?page=kudos"; echo "Removing emails if not returned in 5 seconds <a href=" .$redirurl . ">click here</a>"; # echo("<script>location.href = '".$redirurl."';</script>"); } } else { ?> <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css"> <script src="https://code.jquery.com/jquery-1.12.4.js"></script> <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script> <script> $( function() { $( "#accordion" ).accordion({ collapsible: true }); } ); </script> <table><tr><td width=300px> <?php global $wpdb; $tableemname= $wpdb->prefix.'kudos_email'; $kudoemlist = $wpdb->get_results( "SELECT * from $tableemname group by kuemqueue" ); echo " <div id='accordion'> "; foreach ($kudoemlist as $kemail) { echo "<h3>" .$kemail->kuemqueue. "</h3> <div> <p>"; echo "<table>"; ?> <form name="FormData" method="post" action=""> <?php echo "<thead><th>Name</th><th>Email</th><th> <button type='submit' value='kudoemaildelete' class='formbutton' name='kudoemaildelete' />Delete</button> </th></thead>"; $kudolistem = $wpdb->get_results( "SELECT * from $tableemname where kuemqueue = '$kemail->kuemqueue'" ); foreach ($kudolistem as $kudosndem) { $kuemid = $kudosndem->kuemid; echo "<tr>"; echo "<td>" .$kudosndem->kuemname. " </td><td>" .$kudosndem->kuemaddy. "</td><td><center><input name='kuemid[]' type='checkbox' id='checkbox[]' value=" .$kuemid. "></center></td>"; echo "</tr>"; } echo "</form>"; echo "</table>"; echo "</p> </div>"; } ?> </div> </td></tr></table> <?php }

All I can say they are happy with what is done so far and now I have another company thanks to an idiot friend...lol that would like a copy also which is the reason I am trying to get the permalink issue resolved. Almost have them talked into using the Post Name Permalink as right now they are using plain which is causing a nightmare with what I currently have coded.

2 reasons. One is I am an idiot for not doing it that way and was too far in to the plugin to redo (possible next version if I can talk the company I work for to go that route). They also wanted to keep the entries in a separate table for ease of transfer to another site later down the road (previous guy who wrote the kudos program back in 2014 for tham also last time WordPress was updated, provided no way to update so they wanted stand alone plugin that can also me modified down the road for use on a stand alone site if needed.

Might not have been one if I would have typed and copied it in properly. The whole plugin is separate from posttype. Own database tables for settings and entries. User role access only pages etc.

Thanks maxxd, except for the parse error under the $rules = array_merge thank you. It looks like there may be an issue with my code in the end as I am unable to get it to work properly on my end. More than likely it is something I have done so will just need to see what I have done wrong. Thank you for all your assistance thus far.

Little farther ahead almost got it working but not sure how to get the var to work properly to only show the kudokey entry only and not the full list of kudos. This is what I have so far: add_action( 'init', 'add_kudoskey_rule' ); function add_kudoskey_rule() { add_rewrite_rule( '^kudos/(.+)/?$', 'index.php?kudokey=$matches[1]', 'top' ); } add_filter('query_vars', 'kudos_plugin_query_vars'); function kudos_plugin_query_vars($vars) { $vars[] = 'kudokey'; return $vars; } Current URL: echo '<a target=blank href=' .get_permalink( get_page_by_title( 'kudos' ) ). '?kudokey=' .$kudokey. '>View Kudo</a>'; http://127.0.0.1/?kudokey=JFMGTTQ5 That link will show the kudokey post but when I use the URL rewrite: this link http://127.0.0.1/?page_id=142?kudokey=JFMGTTQ5 it shows all entries.