[wp-hackers] Re: Working with $_registered_pages for plugins
Ryan Boren
ryan at boren.nu
Fri Jul 3 23:50:19 UTC 2009
On Fri, Jul 3, 2009 at 3:49 PM, Alex<alex at dunae.ca> wrote:
> On 3 Jul 2009, at 20:01, Ryan Boren wrote:
>> > Just add a current_user_can() check to it. That's what all plugins
>> > should be doing anyway. Don't rely on the menu cap check for
>> > security.
>
> I was actually having the opposite problem -- I was actually getting
> permission denied errors from wp_die().
Ah, okay.
> On Jul 3, 2:15 pm, Peter Westwood <peter.westw... at ftwr.co.uk> wrote:
>>
>> I assume you have a plugin page registered as a menu item.
>>
>> You could add an extra query var which triggered the special action
>> and pass it to that page.
>>
>
> That did it, thanks westi. Much appreciated.
You can also do this:
admin.php?action=my_action
And then hook to 'admin_action_my_action'.
Or, admin-post.php?action=my_action and hook onto 'admin_post_my_action'.
Or, admin-ajax.php?action=my_action and hook onto 'wp_ajax_my_action'.
You have to do your own permission checks inside any handlers you attach.
More information about the wp-hackers
mailing list