Jump to content

jdlev

Members
  • Content Count

    53
  • Joined

  • Last visited

Community Reputation

0 Neutral

About jdlev

  • Rank
    Regular Member

Profile Information

  • Gender
    Not Telling
  1. The principles of santization are pretty straight forward, but I guess I was wrong about how much sanitizing wordpress does on your behalf. I though a lot of the wpdb functions actually took care of that for you? I agree 100% with your opinion on wordpress. It's great out of the gate if you want to do some dynamic stuff like manage user profiles, build forms, etc...but all of these stupid caveats it has when you won't to build something or customize something are really starting to get on my nerves. Where you from in NC, I'm actually from Charlotte (small world!)
  2. Since your submitting the form to itself, why not just use an if-then statement based on available post variables? Shouldn't be too hard to implement: Something simple like this should do the trick: if (!isset($_POST['com_firstname']){ //show form } else { //hide form } Also, I'm not sure you actually need to sanitize the data. I remember reading that certain methods used by wpdb like $wpdb->insert, etc are sanitized automatically by the $wpdb class (someone who's a bit more familiar with the wpdb class in wordpress, feel free to correct me if I'm wrong, but I think that's the case)
  3. Thanks for the tip requinix. I use the chrome tools all the time and didn't know you could see the request/response headers. Good idea, I'll give it a shot
  4. I'm running it through wordpress's wpdb function, so basically, I click a button to delete the record and nothing happens beyond the alert. It's also not the variable 'id', as I just updated it to 'deleteID' and it had no effect To be honest, I'm thinking about just ditching wordpress, but I'm hoping that once I get a handle on the numerous functions coupled with the various plugins it provides...it'll eventually make development easier. But so far, all it seems to do is slow me down lol. I found this example and it's functionality is exactly what I'm looking for...I just need to do it using wordpress's protocols: http://phppot.com/demo/ajax-add-edit-delete-records-in-database-using-php-and-jquery/
  5. I'm not sure what is wrong with my code, but I basically have a dynamic table with a delete button at the end of each row. A person clicks the row, I'd like the table to update and drop the row. Should be easy enough, but I can't get it. Here's where I'm at: jQuery(document).ready(function($) { jQuery(document).on('click', "#delete", function() { var deleteID = $(this).val(); alert("ID to Delete: " + deleteID); // script works fine to here an alerts me with the proper ID to delete. $.ajax({ type: 'POST', url: '../admin/del.php', data: {"action": "del", "element_id": id}, success: function(data) { alert("Question Deleted"); } }); }); Something has to be wrong with the above script, because I can handle post requests and db manipulation from php scripts just fine. Any ideas where I went astray? TIA for your help
  6. If I understand what you're asking, it sounds like you have an issue with including custom plugins you created -or- you're downloading other peoples plugins and they're not working... A) If they're other people plugins, you're activating the plugins after you download them, correct? B) If you made custom plugins, are you saving your custom plugins under the /wp-content/plugins folder? Are you including the header information on your plugins so wordpress knows where to find your plugin...like this: <?php /* * Plugin Name: xyz plugin * Author: Barak Obama * Description: My first plugin */ Once you have the correct header information on your custom plugin, you still have to activate it. Go to your plugins menu, and click activate underneath the plugin name. C) WP has a peculiar way of handling javascript and css. If you don't want to deal with the code, you can always use some plugins that are meant just for editing your css or using shortcodes to insert your javascript. For the coding purist, it's all about the hooks and where the files are located. If you have a custom plugin, wp has a lot of custom hooks to make adding your js/css easier. Here's an example of how to include a javascript file: Let's say you have the following file and folder structure: /wp-content/plugins/your-plugin/ my-plugin.php (this is your primary file where your plugin header info listed above would go) /js/ my_script.js You need to use a wordpress function called wp_enqueue_scripts() that imports your javascript so it appears on your main page. What you do is 'queue' your scripts - it's similar to 'include' or 'require' with php. You'll soon discover the wordpress codex is your best friend: http://codex.wordpress.org where all of these things like wp_enqueue_scripts() are detailed. First things first, we need an action hook to tell wordpress where to look for the functions: add_action('admin_enqueue_scripts', 'your_js_function'); // if you want to make the scripts available to admins only add_action('wp_enqueue_scripts', 'your_js_function'); // if you want your scripts available on the viewer side Next, we setup the function from the above add_action call, not the lack of the 's' on the 'wp_enqueue_script' - it's because it's a different function than the one we mentioned above: function(your_js_function) { wp_enqueue_script('script name', (plugins_url('/js/my_script.js',__FILE__))); } So here, the function 'your_js_function' is referenced by both of the add_action calls above. The wp_enqueue_script function calls the name of your js file. From there you see where the file is located. The plugins_url function gives wp the path to your plugin directory - in this case it's the 'your-plugin' folder we referenced earlier. From here, we insert the full path from the plugin base directory to your js file. __FILE__ is basically a way of referencing the current page. To test and make sure you JS is included in your homepage - go to the admin panel (if you used admin_enqueue_scripts) or your home page (if you used wp_enqueue_scripts), open the page source, and in the head of the page, you should see you JS file referenced. Hope this helps
  7. I just ended up using the $_Server['DOCUMENT_ROOT'] global to get things working. Seems like gotten rid of the funky error I was getting before and after I logged in. Thanks everyone for the help. I really do appreciate it Good grief, I'd ask a question over on the wordpress forums and they were totally worthless.
  8. Hi Guys, Thanks for the help. I wasn't sure if wordpress was using PEAR already, and if I removed the include_path to the PEAR file from php.ini if that would screw up wordpress's functionality. For that matter, I can't even figure out why php isn't writing to the php_error log. I think I've properly setup everything in the php.ini file, but when I update it nothing happens. I have the path to the log file correct. I made sure a blank log file exists and that it's writable to the windows system user account - which I 'think' is what apache runs on. There was some weird file in there named NOEMPTY or some such thing which I don't understand. As for what was happening with the required() issues...It was weird. I'm building my first custom plugin for wordpress. When I would go to the index page, I'd get the required error - the 'Can't find required('xyz.php') directory' etc. So I'd change it to something like ../xyz.php, and it'd find it. Then as soon as I'd login and go to the wordpress admin menu, I'd get the 'can't find it' error again. So I'd go back into the file and remove the ../ and just go back to xyz.php, and it'd find it again. I have no idea what was causing the issue. I'll check out wordpress's plugin_dir_path() function and see if that may be a better solution.
  9. Hi Guys, I've got xampp running on my machine with wordpress, and had 2 security related questions: A) I was constantly running into issues with wordpress and trying to find includes. I'm building a plugin, so on the plugin's main file, I just added a 'set_include_path' function equal to the root directory of my website. Then, the require_once, and include functions that are also on that page seem to have stopped having issues. Are there any security issues with using the set_include_path, and setting it to say 'C:/htdocs/home'? B) I used Xampp to install apache, mysql, and php. Until recently, I had no idea what PEAR was. I'm curious though...is PEAR installed by default with PHP or Xampp? Thanks for any help guys
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.