[wp-hackers] How to prevent "You do not have sufficient permissions to access this page."

Dion Hulse (dd32) wordpress at dd32.id.au
Tue May 29 00:59:21 UTC 2012 

Sorry for not being clearer, Neither of what I suggested was for
-displaying- data, both were for processing the data received, I may
have mis understood part of your original question.

If you're simply looking to be able to display different page contents
under the one admin menu, i'd simply be doing something similar to
this:

add_settings_page(......., 'page-slug-here', 'function_to_call');
function function_to_call() {

$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : false;

switch ( $action ) {
   default:
      standard_plugin_page_content();
      break;
  case 'action2':
      include 'file2.php';
      action2_page_output();
      break;
   case 'action4':
       .....
     break;
}
}

If you're outputting data on file inclusion, wrap it in a function
instead to make it easier.

On 29 May 2012 10:41, Mike Walsh <mpwalsh8 at gmail.com> wrote:
> Can you point me to an example that uses admin-post.php?  I have been
> unable to find one nor can I find a reference to it within WordPress itself.
>
> I played around with it a bit this afternoon and while it appears to work,
> I am missing something fundamental because I am missing everything but the
> "wrap" DIV on my rendered pages.
>
> Mike
>
> On Tue, May 29, 2012 at 12:47 AM, Dion Hulse (dd32) <wordpress at dd32.id.au>wrote:
>
>> It would be best to send a nonce no matter where you're posting the data
>> to.
>> you shouldn't ever simply rely on a cap check, you should use a cap
>> check to make sure the user is allowed to do it, and a nonce check to
>> make sure the user actually requested it.
>>
>> On 29 May 2012 00:29, Mike Walsh <mpwalsh8 at gmail.com> wrote:
>> > On Mon, May 28, 2012 at 1:21 PM, Dion Hulse (dd32) <wordpress at dd32.id.au
>> >wrote:
>> >
>> >> I'd suggest one of 2 things:
>> >>  1. Use admin-post.php for callbacks, and redirect back to the plugin
>> >> page afterwards
>> >> or
>> >>  2. Register the pages you need, and use the load-<pagehook> action to
>> >> process form events from that page. The load hook is run before any
>> >> admin template code is run.
>> >>
>> >> I'm not sure if I'm missing something here though :)
>> >>
>> >>
>> > Just to clarify, if I use admin-post.php, I need to add a nonce to the
>> URL,
>> > correct?
>> >
>> > Mike
>> > --
>> > Mike Walsh - mpwalsh8 at gmail.com
>> > _______________________________________________
>> > wp-hackers mailing list
>> > wp-hackers at lists.automattic.com
>> > http://lists.automattic.com/mailman/listinfo/wp-hackers
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
>
>
>
> --
> Mike Walsh - mpwalsh8 at gmail.com
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list