I have a directory inside my wordpress directory for some template application
apacheWWW/wordpress/jtpc
In my application i want the wordpress current user id
I am able to do this in one page but in the other I get an error
This is what I am doing to get the user id:
require_once( '/../../wp-load.php' );
global $current_user;
get_currentuserinfo();
$user_id = $current_user->ID;
but I get an error on this line
require_once( '/../../wp-load.php' );
The error says
File does not exist: D:/programming/apacheWWW/wordpress/jtpc/ajaxHandlers/wp-admin, referrer: http://localhost/wordpress/?page_id=23
what dose he wants with the wp-admin ,
and why he is looking for it in the wrong directory ,
It's suppose to be under
D:/programming/apacheWWW/wordpress/
It's working for one page, (I am uploading file and creating a directory for this user id)
but for the other page I send an ajax request to delete files by user request
so I need to id again, but there he throws the error
ok got i working i put
require_once( '/../../wp-load.php' );
at the top of the page
and not inside the function
My issue is that I've set up a standalone ajax controller for my plugin's admin.
In hindsight, I wish I didn't, because now I need $current_user->ID on a particular method.
using the following code gives me undefined function errors:
global $current_user;
get_currentuserinfo();
same when I use this:
$current_user = wp_get_current_user();
I've used GREP to trace the spaghetti function calls, and was able to get stable using the following chain of includes within my ajax_request method of my base controller:
include APP_ROOT.'wp-includes'.DS.'meta.php';
include APP_ROOT.'wp-includes'.DS.'plugin.php';
include APP_ROOT.'wp-includes'.DS.'user.php';
include APP_ROOT.'wp-includes'.DS.'capabilities.php';
include APP_ROOT.'wp-includes'.DS.'load.php';
include APP_ROOT.'wp-includes'.DS.'functions.php';
include APP_ROOT.'wp-includes'.DS.'pluggable.php';
(I have defined my own APP_ROOT, which is the include path to the base of the whole application.)
This eliminates my errors, but I am still getting a user id of 0, and data is NULL, which doesn't solve my problem.
Surely there is a better way to do this. Has anyone deciphered the cookie or session variables for direct access?
Any and all suggestions would be welcome. I know I'm asking a lot for wordpress to work like normal OOP/MVC code...
In addition, I have deployed a CodeIgniter front-end, and I am using WordPress solely for the back-end. I highly recommend this for ultimate flexibility if you are forced to use WordPress. Front-end hooks are a pain, and really kind of "hacky". Here's where I got the idea:
http://jidd.jimisaacs.com/post/wordigniter-wordpress-codeigniter/
So if anyone has any questions about that, I bet I could help.
Best regards, happy coding.
You may want to try one of the following two lines:
require_once STYLESHEETPATH . '/wp-load.php';
or
require_once TEMPLATEPATH . '/wp-load.php';
There is a slight difference between the STYLESHEETPATH constant and the TEMPLATEPATH constant. If you are developing a child theme, STYLESHEETPATH will be the child theme path, while TEMPLATEPATH will be the parent theme path.
This is how you can get current user:
global $current_user;
$current_user = wp_get_current_user();
After that, you can use $current_user->ID where you want.
More Info:
Function Reference/wp get current user
Related
I'm developing a wordpress plugin and was wondering how I can make it so only my plugn can access its own files. basically looking for something similar to this:
defined('ABSPATH') or die();
I think I saw something like this in someone elses plugin once:
defined('PLUGINNAME') or die();
I didn't understand how it worked, but was wondering if there is anything similar that will only allow my plugin to "require_once(plugin_dir_path(__ FILE __).'secondpluginfile.php');" its own files. (spaces between __ and FILE because otherwise stackoverflow tries to make it bold instead) Not sure if this restriction is built into wordpress(probobly not because some plugins have add-ons), or if I have to add something to make this happen. do I just put the pluginname or something in the "defined()" function, or do I need to set something up first?
So basically, if your plugin was a single php file, all the functions and logic included in the file would be accessible to the rest of the application once the plugin was installed and activated.
Most plugins are not designed that way, however. The plugin filename that acts as the entry point to your plugin usually loads the rest of the files in your plugin directory either by simply including them or calling classes and functions based on events occurring on the site via hooks.
So, if you want only your plugin to be able to access its own files you could do a few things.
First of all, add defined('ABSPATH') or die(); at the top of the main plugin file. As user Ifty wrote, "ABSPATH is a constant defined in wp-config.php line 86. When wordpress will try to execute your plugin, the ABSPATH constant will be defined. But if someone else try to execute your plugins file directly, ABSPATH will not be defined and in that case your script will not get executed."
So that protects your file from being accessed directly outside the context of Wordpress.
To protect your plugin's files from the rest of the site itself, simple wrap any include or require_once statement or code in your main plugin file in a function or class which is only called based on conditions you set. For example
<?php
/*
Plugin Name: Example plugin
Plugin URI: http://stackoverflow.com/
Version: 1.0
*/
defined('ABSPATH') or die();
add_action('your-custom-action', 'protector_function');
function protector_function(){
if ( current_user_can('manage_options') ) { //checks if user is admin you can use whichever conditions you want here
require_once plugin_dir_path( __FILE__ ) . 'filename-with-plugin-code.php';
// any other plugin code here
}
}
You can define your own action and call it using do_action() (reference) so that you can ensure your plugin code is only called where you have specified throughout the application.
Wordpress plugins exist to extend the functionality of Wordpress so if you do not want your code to be accessed from Wordpress in any way at all, I am not sure a plugin is the correct solution.
Hope this helps!
You can put
defined('ABSPATH') or die();
at the beginning of your plugins code. Actually what it does is check if ABSPATH is defined or not. If it's not defined then it will execute die() and stop executing your plugin file.
ABSPATH is a constant defined in wp-config.php line 86. When wordpress will try to execute your plugin, the ABSPATHconstant will be defined. But if someone else try to execute your plugins file directly, ABSPATHwill not be defined and in that case your script will not get executed.
Another way of accomplishing the same result is to check for add_action function.
if ( !function_exists( 'add_action' ) ) {
echo 'Hi there! I\'m just a plugin, not much I can do when called directly.';
exit;
}
Code Reference: Akismet Plugin. You can take a look at their source code. As far as I know this plugin comes with wordpress package.
I have been building a wordpress plugin that displays information on the site. This data has been POSTed via cURL to a page in my plugins/[plugin_name]/inc/ directory (update.php) and runs the relevant function required to update the database. The pluging works fine, but when I submitted it for review, I have two remaining issues that I can't seem to solve:
1. Allowing Direct File Access to plugin files
...avoid this by putting this code at the top of all php files:
if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
Surely I need direct access to this file to send the POST data to? Or is there another way I should do this?
2. Calling core loading files directly
Including wp-config.php, wp-blog-header.php, wp-load.php, or pretty much any other WordPress core file that you have to call directly via an include is not a good idea and we cannot approve a plugin that does so unless it has a very good reason to load the file(s). It is prone to failure since not all WordPress installs have the exact same file structure.
Usually plugins will include wp-config.php or wp-load.php in order to gain access to core WordPress functions, but there are much better ways to do this. It's best if you tie your processing functions (the ones that need but don't have access to core functions) into an action hook, such as "init" or "admin_init".
At the top of the same file (update.php) I have included as such:
require( dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '\wp-load.php' );
Because I need to access the core wp functions and classes such as
$wpdb->prepare
And I'm not sure how I can otherwise do this. I would appreciate any help with these problems!
As for 1. You should create a method in your plugin that handles the post data and runs the CURL request.
As for 2. I think you can get away with global $wpdb;
https://codex.wordpress.org/Class_Reference/wpdb
Here's what I did, if anyone else has this question:
1. I added this function and hook to my plugin file:
//GET POST DATA IF APPLICABLE
function wp_getpostdata() {
if ( isset( $_POST['user'] ) && isset( $_POST['pass'] ) && isset( $_POST['op'] )) {
require 'inc/update.php';
exit;
} // end if
} // end wp_getpostdata
add_action( 'init', 'wp_getpostdata' );`
2. Removed the wp-load include and added
global $wpdb;
to my update.php file as Kyra suggested. And finally...
3. Changed the POST target to my website address.
Works like a charm - hope others find it useful!
I have IPB and I have an PHP application which is outside of forum ROOT and on another subdomain as well.
In application I need to have access to member data, eg. posts count, email etc.
I have the latest IPB version and PHP 5.6
I googled a lot for solution, and finally I found this one:
Accessing IPB Classes Externally From Main Website
However, it didn't worked at all. There is no errors, just redirection to main forum URL.
Does anybody have experience wit IPB classes and or it's API?
Can somebody help me to reach the goal.
Solution is probably just one line of code.
EDIT:
I found work around, check out my answer below.
However I'm still interested for "nicer" solution.
After some research, I configured out that IPB redirects because board url doesn't match with current URL/subdomain. (my case)
So... There is workaround, not so nice but works at least, and is one-line solution:
<?PHP
$_SERVER['HTTP_HOST_R'] = $_SERVER['HTTP_HOST']; // Keep original info in another index.
$_SERVER['HTTP_HOST'] = "www.your-ipb-forum.com"; // Work-around
$forumPath = '../forum'; //FORUM FOLDER
define( 'IPS_ENFORCE_ACCESS', TRUE ); // Important so it does not redirect to forums
define( 'IPB_THIS_SCRIPT', 'public' );
require_once( $forumPath.'/initdata.php' );
require_once( IPS_ROOT_PATH . 'sources/base/ipsRegistry.php' );
require_once( IPS_ROOT_PATH . 'sources/base/ipsController.php' );
$ipbRegistry = ipsRegistry::instance();
$ipbRegistry->init();
// Init done
$member = IPSMember::load($memberName, 'all', 'username');
print_r($member); // For demo purposes only
The third line is work-around with which we cheat on IPB.
The second line is "moving" $_SERVER['HTTP_HOST'] data to $_SERVER['HTTP_HOST_R'] so if you need current(real) URL in your application, you may use this variable instead because HTTP_HOST one is changed. (needed for workaround).
I'm reposting this question because the problem wasn't solved.
In a relevant question the answer below may be the solution.
Apparently this is happening because the file /wp-includes/pluggable which contains the function doesn't get loaded until after the plugins are loaded.
Indeed it is. So wrap whichever thing you're doing in a function, and hook it onto the plugins_loaded or init hook. (see the wp-settings.php file)
Where exactly do I write the add_action('plugins_loaded','my_function'); command?
In the "wp-settings file", the "pluggable" or my own php file?
All I want to do is to display the user info in a php file which is loaded in a page in wordpress,but I'm constantly getting the same error "call to undefined function".
I've tried including the relevant php file, still doesn't work.
<?php
global $current_user;
get_currentuserinfo();
echo $current_user->user_login;
?>
This might work for you!!
require (ABSPATH . WPINC . '/pluggable.php');
global $current_user;
get_currentuserinfo();
echo $current_user->user_login;
All you do is include the pluggable.php file in your plugin.
i am making a plugin - most of the plugin files are within the loop and has no problem with global $wpdb however i now have a use for ajax in a way that i need onsuccess message to return into a variable. if i do that on pages that are within the loop. the message returned by ajax are the whole page due to the way plugin works.
So i have to create a separate page that wouldn't be within the plugin frame. then send the ajax to that page
My problem is since its a separate page it doesn't include WP's file or functions and therefore i am unable to use global $wpdb.
Anyone has an idea on what do i need to include to be able to use it ?
Thanks in advanced.
well didn't think about that.
There are probably better ways of doing this but this is how I did it.
define('WP_USE_THEMES', false);
require '/x/x/x/blog_main_dir/wp-blog-header.php';
And i find the true location by using
dirname(__FILE__);
and pregmatch_replace to cut what i dont need..
Yes there are better ways but this is a fast one that works for my problem.
just to clarify this solution works for me, it might not work for someone else.
(I know this is 2 years late, but in case anyone searches for this...)
//Tells WordPress to only load the very basic components
define( 'SHORTINIT', true );
//Include the database code
require_once( $_SERVER['DOCUMENT_ROOT'] . '/wp-load.php' );
//Now use the database
echo $wpdb->prefix;