我正在Wordpress的前端创建一个可发布的表单(通过一个快捷码)。如果我在没有任何输入的情况下提交此表单,则表单将被罚款。但一旦我在字段中输入数据并发布表单,WordPress就会给出404 Not Found错误。我假设这是某种防止CSRF的措施,但我找不到任何关于如何克服这种行为的文档。
下面是处理短代码的代码:
/**
*
* @param type $atts
*/
public function shortcode_invoice_sales($atts) {
extract(shortcode_atts(array(
), $atts));
$error = array();
$user = wp_get_current_user(); // the viewing user
if (isset($_GET["id"])) {
$id = (int)$_GET["id"];
$invoice = new Bbpp_Invoices_Invoice($id);
if (!$invoice->numInvoices()) {
return __("Sorry, this invoice does not exist.", "bbpp_invoices");
}
if (!$invoice->canView($user->ID)) {
return __("Sorry, this invoice does not exist.", "bbpp_invoices");
}
} else {
$invoice = new Bbpp_Invoices_Invoice();
$invoice->addInvoice(array(
"user_id" => $user->ID,
"type" => "sale",
"invoice_date" => date("d/m/Y"),
"name" => "",
"invoice_number" => "",
"method" => "",
"pay_date" => "",
"amount" => "",
"cis_amount" => "",
"cis_net" => ""
));
}
if ($_POST) {
// save the changes to the database
$data = stripslashes_deep($_POST);
$invoice->setInvoice($data);
$error = $invoice->save();
}
$html = "";
$html .= "<style type=\\"text/css\\">";
$html .= ".bbpp-invoices-input + .bbpp-invoices-input { margin-top: 10px; }";
$html .= ".bbpp-invoices-form label { width: 150px; margin-right: 15px; display: inline-block; text-align: right; }";
$html .= ".bbpp-invoices-form input { font-size: 13px; padding: 5px; }";
$html .= ".bbpp-invoices-form input[type=submit] { font-size: 13px; padding: 5px !important; }";
$html .= ".bbpp-invoices-hint { font-size: 12px; color: #444; margin-left: 5px; display: inline-block; }";
$html .= ".bbpp-invoices-prefix { display: inline-block; width: 9px; margin-left: -9px; overflow: hidden; }";
$html .= "input.bbpp-invoices-currency { width: 70px; }";
$html .= "</style>";
if ($id) {
$html .= "<h3>" . __("Edit Invoice", "bbpp_invoices") . "</h3>";
} else {
$html .= "<h3>" . __("New Invoice", "bbpp_invoices") . "</h3>";
}
$html .= "<form class=\\"bbpp-invoices-form\\" method=\\"post\\">";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-invoice-date\\">" . __("Invoice Date", "bbpp_invoices") . "</label>";
$html .= "<input type=\\"text\\" name=\\"invoice_date\\" id=\\"bbpp-invoices-input-invoice-date\\" value=\\"" . esc_attr($invoice->getInvoiceDate()) . "\\">";
$html .= "<span class=\\"bbpp-invoices-hint\\">dd/mm/yyyy</span>";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-name\\">" . __("Customer Name", "bbpp_invoices") . "</label>";
$html .= "<input type=\\"text\\" name=\\"name\\" id=\\"bbpp-invoices-input-name\\" value=\\"" . esc_attr($invoice->getName()) . "\\">";
$html .= "<span class=\\"bbpp-invoices-hint\\">" . __("e.g. John Smith", "bbpp_invoices") . "</span>";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-invoice-number\\">" . __("Invoice Number", "bbpp_invoices") . "</label>";
$html .= "<input type=\\"text\\" name=\\"invoice_number\\" id=\\"bbpp-invoices-input-invoice-number\\" value=\\"" . esc_attr($invoice->getInvoiceNumber()) . "\\">";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-method\\">" . __("Received Method", "bbpp_invoices") . "</label>";
$html .= "<input type=\\"text\\" name=\\"method\\" id=\\"bbpp-invoices-input-method\\" value=\\"" . esc_attr($invoice->getMethod()) . "\\">";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-pay-date\\">" . __("Date Received", "bbpp_invoices") . "</label>";
$html .= "<input type=\\"text\\" name=\\"pay_date\\" id=\\"bbpp-invoices-input-pay-date\\" value=\\"" . esc_attr($invoice->getPayDate()) . "\\">";
$html .= "<span class=\\"bbpp-invoices-hint\\">dd/mm/yyyy</span>";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-amount\\">" . __("Invoice Amount", "bbpp_invoices") . "</label>";
$html .= "<span class=\\"bbpp-invoices-prefix\\">£</span>";
$html .= "<input type=\\"text\\" name=\\"amount\\" id=\\"bbpp-invoices-input-amount\\" class=\\"bbpp-invoices-currency\\" value=\\"" . esc_attr($invoice->getAmount()) . "\\">";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-cis-amount\\">" . __("CIS Amount", "bbpp_invoices") . "</label>";
$html .= "<span class=\\"bbpp-invoices-prefix\\">£</span>";
$html .= "<input type=\\"text\\" name=\\"cis_amount\\" id=\\"bbpp-invoices-input-cis-amount\\" class=\\"bbpp-invoices-currency\\" value=\\"" . esc_attr($invoice->getCisAmount()) . "\\">";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-cis-net\\">" . __("CIS Net", "bbpp_invoices") . "</label>";
$html .= "<span class=\\"bbpp-invoices-prefix\\">£</span>";
$html .= "<input type=\\"text\\" name=\\"cis_net\\" id=\\"bbpp-invoices-input-cis-net\\" class=\\"bbpp-invoices-currency\\" value=\\"" . esc_attr($invoice->getCisNet()) . "\\">";
$html .= "</div>";
$html .= "<div class=\\"bbpp-invoices-input\\">";
$html .= "<label for=\\"bbpp-invoices-input-submit\\"> </label>";
$html .= "<input type=\\"submit\\" value=\\"" . __("Add new invoice", "bbpp_invoices") . "\\">";
$html .= "</div>";
$html .= "</form>";
return $html;
}
有人知道解决方案吗?
