Nota sobre o Metabox nonce PHP

2

Estou recebendo um aviso quando tento adicionar uma nova postagem em duas taxonomias diferentes, em uma eu uso uma meta box personalizada e na outra não, mas o aviso aparece para ambas ao tentar adicionar um novo item , eu vejo isso: Aviso: Índice indefinido: product_noncename em /Applications/MAMP/htdocs/site/wordpress/wp-content/themes/theme/functions.php na linha 259 escondido apenas um pouco abaixo da faixa preta superior no WP Admin

A linha 259 é:

if ( !wp_verify_nonce( $_POST['product_noncename'], plugin_basename(__FILE__) )) {

que faz parte disso:

// Save the Metabox Data
function wpt_save_product_meta($post_id, $post) {
    // verify this came from the our screen and with proper authorization,
    // because save_post can be triggered at other times
    if ( !wp_verify_nonce( $_POST['product_noncename'], plugin_basename(__FILE__) )) {
    return $post->ID;
    }
    // Is the user allowed to edit the post or page?
    if ( !current_user_can( 'edit_post', $post->ID ))
        return $post->ID;
    // OK, we're authenticated: we need to find and save the data
    // We'll put it into an array to make it easier to loop though.
    $product_meta['_location'] = $_POST['_location'];
    $product_meta['_asiaLoc'] = $_POST['_asiaLoc'];
    $product_meta['_europeLoc'] = $_POST['_europeLoc'];
    $product_meta['_isbn'] = $_POST['_isbn'];
    $product_meta['_orderform'] = $_POST['_orderform'];
     // Add values of $events_meta as custom fields
    foreach ($product_meta as $key => $value) { // Cycle through the $events_meta array!
        if( $post->post_type == 'revision' ) return; // Don't store custom data twice
        $value = implode(',', (array)$value); // If $value is an array, make it a CSV (unlikely)
        if(get_post_meta($post->ID, $key, FALSE)) { // If the custom field already has a value
            update_post_meta($post->ID, $key, $value);
        } else { // If the custom field doesn't have a value
            add_post_meta($post->ID, $key, $value);
        }
        if(!$value) delete_post_meta($post->ID, $key); // Delete if blank
    }
}
add_action('save_post', 'wpt_save_product_meta', 1, 2); // save the custom fields
    
por Beto 03.04.2012 / 09:14

3 respostas

2
// Save the Metabox Data
function wpt_save_product_meta($post_id, $post) {

    if($post->post_type!='post type with metabox') {
       return $post->ID;
    }

    // verify this came from the our screen and with proper authorization,
    // because save_post can be triggered at other times
    if ( !wp_verify_nonce( $_POST['product_noncename'], plugin_basename(__FILE__) )) {
    return $post->ID;
    }
    // Is the user allowed to edit the post or page?
    if ( !current_user_can( 'edit_post', $post->ID ))
        return $post->ID;
    // OK, we're authenticated: we need to find and save the data
    // We'll put it into an array to make it easier to loop though.
    $product_meta['_location'] = $_POST['_location'];
    $product_meta['_asiaLoc'] = $_POST['_asiaLoc'];
    $product_meta['_europeLoc'] = $_POST['_europeLoc'];
    $product_meta['_isbn'] = $_POST['_isbn'];
    $product_meta['_orderform'] = $_POST['_orderform'];
     // Add values of $events_meta as custom fields
    foreach ($product_meta as $key => $value) { // Cycle through the $events_meta array!
        if( $post->post_type == 'revision' ) return; // Don't store custom data twice
        $value = implode(',', (array)$value); // If $value is an array, make it a CSV (unlikely)
        if(get_post_meta($post->ID, $key, FALSE)) { // If the custom field already has a value
            update_post_meta($post->ID, $key, $value);
        } else { // If the custom field doesn't have a value
            add_post_meta($post->ID, $key, $value);
        }
        if(!$value) delete_post_meta($post->ID, $key); // Delete if blank
    }
}
add_action('save_post', 'wpt_save_product_meta', 1, 2); // save the custom fields
    
por Rajeev Vyas 03.04.2012 / 09:25
6

Simplesmente verifique se $_POST['product_noncename'] está definido primeiro, por isso altere esta linha:

if ( !wp_verify_nonce( $_POST['product_noncename'], plugin_basename(__FILE__) )) {

para isso:

if ( !isset($_POST['product_noncename']) || !wp_verify_nonce( $_POST['product_noncename'], plugin_basename(__FILE__) )) {
    
por Bainternet 03.04.2012 / 11:04
0

Aproveitando a resposta da Bainternet, isso funcionou para mim:

if ( !isset($_POST['product_noncename']) || !wp_verify_nonce( $_POST['product_noncename'], basename(__FILE__) )) {

Observe a diferença no nome de base do plugin_basename vs.

    
por Luke Keller 19.07.2013 / 05:43