[wp-hackers] wp-config.php, wp-load.php, and ABSPATH
Dion Hulse (dd32)
wordpress at dd32.id.au
Sat Sep 12 02:04:05 UTC 2009
admin-post.php would be better suited IMO
wp-admin/admin-post.php?action=myplugin_export_db
add_action('admin_post_myplugin_export_db', 'my_plugin_export_the_db_now');
function my_plugin_export_the_db_now() {
echo 'Hello World!';
}
If the user isnt logged in, The hook fired is
admin_post_nopriv_myplugin_export_db
So its possible to differentiate between a logged in user, and one that
has either not been logged in, or more likely, who's admin session has
expired.
Also, Don't forget the nonce proetection on such a URL..
You can use admin-ajax.php, I just prefer to seeadmin-post.php used for
everything other than Ajaxy things myself..
On Sat, 12 Sep 2009 04:10:10 +1000, Matt Martz <matt at sivel.net> wrote:
> On Fri, Sep 11, 2009 at 2:01 PM, Derek <derek at amphibian.info> wrote:
>> I'm actually encountering this right now ... I'm making a call to:
>>
>> '../../../../wp-load.php'
>>
>> ... from within a subdirectory of my plugin directory. Obviously, if
>> someone has chosen to move wp-content elsewhere, this breaks. So,
>> here's a specific example Otto. ;)
>>
>> What I'm doing is exporting data from my plugin's DB tables into a CSV
>> file from the admin. I can't have any other output to the browser so I
>> can set proper headers for the file.
>>
>> Any ideas as to how I can achieve this from strictly within the WP
>> framework?
>>
>> Best,
>> Derek
>
> Perhaps one of the best solutions is using admin-ajax.php.
>
> Take a look at the source, and you will quickly find out how easy it
> is to use and how to use it.
>
--
--
Dion Hulse
e: contact at dd32.id.au
w: http://dd32.id.au/
m: 04 6621 9112 (+614 6621 9112)
WordPressQI: http://wordpressqi.com/
More information about the wp-hackers
mailing list