Working with $_registered_pages for plugins
|
View:
New views
6 Messages
—
Rating Filter:
Alert me
|
 |
Working with $_registered_pages for plugins
by Alex Dunae
::
Rate this Message:
Ryan recently updated /wp-admin/includes/plugins.php so that it checks
plugin pages (?page=...) against $_registered_pages before executing (http://core.trac.wordpress.org/changeset/11595 and http://core.trac.wordpress.org/changeset/11596). I have a plugin that needs to run a specific file (smush.php? attachment_ID=n) but it doesn't make sense for it to appear in any of the admin menus. So far, the best workaround is to add the following to `admin_menu`: $hookname = get_plugin_page_hookname( $plugin_file . '/smush.php', '' ); $_registered_pages[$hookname] = true; Doesn't seem very proper, though. Is there a proper way to add a page to the $_registered_pages array without having it appear as a menu item? Alex _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
|
|
Re: Working with $_registered_pages for plugins
by Ryan Boren
::
Rate this Message:
On Fri, Jul 3, 2009 at 10:24 AM, Alex Dunae<alex@...> wrote:
> Ryan recently updated /wp-admin/includes/plugins.php so that it checks > plugin pages (?page=...) against $_registered_pages before executing > (http://core.trac.wordpress.org/changeset/11595 and > http://core.trac.wordpress.org/changeset/11596). > > I have a plugin that needs to run a specific file (smush.php? > attachment_ID=n) but it doesn't make sense for it to appear in any of > the admin menus. > > So far, the best workaround is to add the following to `admin_menu`: > > $hookname = get_plugin_page_hookname( $plugin_file . '/smush.php', > '' ); > $_registered_pages[$hookname] = true; > > Doesn't seem very proper, though. > > Is there a proper way to add a page to the $_registered_pages array > without having it appear as a menu item? Just add a current_user_can() check to it. That's what all plugins should be doing anyway. Don't rely on the menu cap check for security. _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
|
|
Re: Working with $_registered_pages for plugins
by Peter Westwood
::
Rate this Message:
On 3 Jul 2009, at 20:01, Ryan Boren wrote: > On Fri, Jul 3, 2009 at 10:24 AM, Alex Dunae<alex@...> wrote: >> Ryan recently updated /wp-admin/includes/plugins.php so that it >> checks >> plugin pages (?page=...) against $_registered_pages before executing >> (http://core.trac.wordpress.org/changeset/11595 and >> http://core.trac.wordpress.org/changeset/11596). >> >> I have a plugin that needs to run a specific file (smush.php? >> attachment_ID=n) but it doesn't make sense for it to appear in any of >> the admin menus. >> >> So far, the best workaround is to add the following to `admin_menu`: >> >> $hookname = get_plugin_page_hookname( $plugin_file . '/ >> smush.php', >> '' ); >> $_registered_pages[$hookname] = true; >> >> Doesn't seem very proper, though. >> >> Is there a proper way to add a page to the $_registered_pages array >> without having it appear as a menu item? > > Just add a current_user_can() check to it. That's what all plugins > should be doing anyway. Don't rely on the menu cap check for > security. I wouldn't recommend messing with the $_registered_pages array it's better to work with the API rather than hacking around it - your plugin is more likely to be past and future proof. I assume you have a plugin page registered as a menu item. You could add an extra query var which triggered the special action and pass it to that page. And don't forget that page should always have a current_user_can() cap check for whatever capabilities are required to use it. westi -- Peter Westwood http://blog.ftwr.co.uk | http://westi.wordpress.com C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5 _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
|
|
Re: Working with $_registered_pages for plugins
by Alex Dunae
::
Rate this Message:
On 3 Jul 2009, at 20:01, Ryan Boren wrote:
> > Just add a current_user_can() check to it. That's what all plugins > > should be doing anyway. Don't rely on the menu cap check for > > security. I was actually having the opposite problem -- I was actually getting permission denied errors from wp_die(). On Jul 3, 2:15 pm, Peter Westwood <peter.westw...@...> wrote: > > I assume you have a plugin page registered as a menu item. > > You could add an extra query var which triggered the special action > and pass it to that page. > That did it, thanks westi. Much appreciated. _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
|
|
Re: Re: Working with $_registered_pages for plugins
by Ryan Boren
::
Rate this Message:
On Fri, Jul 3, 2009 at 3:49 PM, Alex<alex@...> wrote:
> On 3 Jul 2009, at 20:01, Ryan Boren wrote: >> > Just add a current_user_can() check to it. That's what all plugins >> > should be doing anyway. Don't rely on the menu cap check for >> > security. > > I was actually having the opposite problem -- I was actually getting > permission denied errors from wp_die(). Ah, okay. > On Jul 3, 2:15 pm, Peter Westwood <peter.westw...@...> wrote: >> >> I assume you have a plugin page registered as a menu item. >> >> You could add an extra query var which triggered the special action >> and pass it to that page. >> > > That did it, thanks westi. Much appreciated. You can also do this: admin.php?action=my_action And then hook to 'admin_action_my_action'. Or, admin-post.php?action=my_action and hook onto 'admin_post_my_action'. Or, admin-ajax.php?action=my_action and hook onto 'wp_ajax_my_action'. You have to do your own permission checks inside any handlers you attach. _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
|
|
Re: Working with $_registered_pages for plugins
by Alex Dunae
::
Rate this Message:
On Jul 3, 4:50 pm, Ryan Boren <r...@...> wrote:
> You can also do this: > > admin.php?action=my_action That's exactly what I was looking for. Thank you. Alex _______________________________________________ wp-hackers mailing list wp-hackers@... http://lists.automattic.com/mailman/listinfo/wp-hackers |
| Free embeddable forum powered by Nabble | Forum Help |
