I'm trying to update user meta but is always 1, What I doing wrong? [closed]












1















<?php function consultation_user_profile_fields($user){
if ( user_can( $user->ID, "subscriber" ) ) {
?>
<h3>Consultation</h3>
<?php $query = new WP_Query(
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
if ($query->have_posts()) :
while($query->have_posts()) : $query->the_post();
$hasAccess = '';
if ( is_object( $user ) && isset( $user->ID ) ) {

$hasAccess = get_user_meta(
$user>ID,'consultation'.get_the_ID(), true );

} ?>
<div class="consultation">
<span>Has access&nbsp;</span>
<div class="title"><?php the_title(); ?></div>
<input type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>/>
</div>
<?php endwhile; endif;
} else {
return;
}
}
add_action( 'show_user_profile', 'consultation_user_profile_fields' );
add_action( 'edit_user_profile', 'consultation_user_profile_fields' );
add_action( "user_new_form", "consultation_user_profile_fields" );
function save_consultation_user_profile_fields($user_id){
if(!current_user_can('manage_options'))
return false;

foreach ($_POST['consultation'] as $key => $val) {
update_user_meta($user_id,'consultation'.$key,$_POST['consultation'][$key]);
}
# save my custom field

}
add_action( 'user_register', 'save_consultation_user_profile_fields');
add_action('personal_options_update','save_consultation_user_profile_fields' );
add_action( 'edit_user_profile_update','save_consultation_user_profile_fields' );









share|improve this question













closed as off-topic by Jacob Peattie, fuxia Jan 8 at 9:53


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?" – fuxia

If this question can be reworded to fit the rules in the help center, please edit the question.

















  • Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

    – Jacob Peattie
    Jan 8 at 8:51











  • And what value are you expecting? All your checkboxes has value set as 1, so...

    – Krzysiek Dróżdż
    Jan 8 at 8:55











  • so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

    – pawel1993
    Jan 8 at 9:02
















1















<?php function consultation_user_profile_fields($user){
if ( user_can( $user->ID, "subscriber" ) ) {
?>
<h3>Consultation</h3>
<?php $query = new WP_Query(
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
if ($query->have_posts()) :
while($query->have_posts()) : $query->the_post();
$hasAccess = '';
if ( is_object( $user ) && isset( $user->ID ) ) {

$hasAccess = get_user_meta(
$user>ID,'consultation'.get_the_ID(), true );

} ?>
<div class="consultation">
<span>Has access&nbsp;</span>
<div class="title"><?php the_title(); ?></div>
<input type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>/>
</div>
<?php endwhile; endif;
} else {
return;
}
}
add_action( 'show_user_profile', 'consultation_user_profile_fields' );
add_action( 'edit_user_profile', 'consultation_user_profile_fields' );
add_action( "user_new_form", "consultation_user_profile_fields" );
function save_consultation_user_profile_fields($user_id){
if(!current_user_can('manage_options'))
return false;

foreach ($_POST['consultation'] as $key => $val) {
update_user_meta($user_id,'consultation'.$key,$_POST['consultation'][$key]);
}
# save my custom field

}
add_action( 'user_register', 'save_consultation_user_profile_fields');
add_action('personal_options_update','save_consultation_user_profile_fields' );
add_action( 'edit_user_profile_update','save_consultation_user_profile_fields' );









share|improve this question













closed as off-topic by Jacob Peattie, fuxia Jan 8 at 9:53


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?" – fuxia

If this question can be reworded to fit the rules in the help center, please edit the question.

















  • Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

    – Jacob Peattie
    Jan 8 at 8:51











  • And what value are you expecting? All your checkboxes has value set as 1, so...

    – Krzysiek Dróżdż
    Jan 8 at 8:55











  • so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

    – pawel1993
    Jan 8 at 9:02














1












1








1








<?php function consultation_user_profile_fields($user){
if ( user_can( $user->ID, "subscriber" ) ) {
?>
<h3>Consultation</h3>
<?php $query = new WP_Query(
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
if ($query->have_posts()) :
while($query->have_posts()) : $query->the_post();
$hasAccess = '';
if ( is_object( $user ) && isset( $user->ID ) ) {

$hasAccess = get_user_meta(
$user>ID,'consultation'.get_the_ID(), true );

} ?>
<div class="consultation">
<span>Has access&nbsp;</span>
<div class="title"><?php the_title(); ?></div>
<input type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>/>
</div>
<?php endwhile; endif;
} else {
return;
}
}
add_action( 'show_user_profile', 'consultation_user_profile_fields' );
add_action( 'edit_user_profile', 'consultation_user_profile_fields' );
add_action( "user_new_form", "consultation_user_profile_fields" );
function save_consultation_user_profile_fields($user_id){
if(!current_user_can('manage_options'))
return false;

foreach ($_POST['consultation'] as $key => $val) {
update_user_meta($user_id,'consultation'.$key,$_POST['consultation'][$key]);
}
# save my custom field

}
add_action( 'user_register', 'save_consultation_user_profile_fields');
add_action('personal_options_update','save_consultation_user_profile_fields' );
add_action( 'edit_user_profile_update','save_consultation_user_profile_fields' );









share|improve this question














<?php function consultation_user_profile_fields($user){
if ( user_can( $user->ID, "subscriber" ) ) {
?>
<h3>Consultation</h3>
<?php $query = new WP_Query(
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
if ($query->have_posts()) :
while($query->have_posts()) : $query->the_post();
$hasAccess = '';
if ( is_object( $user ) && isset( $user->ID ) ) {

$hasAccess = get_user_meta(
$user>ID,'consultation'.get_the_ID(), true );

} ?>
<div class="consultation">
<span>Has access&nbsp;</span>
<div class="title"><?php the_title(); ?></div>
<input type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>/>
</div>
<?php endwhile; endif;
} else {
return;
}
}
add_action( 'show_user_profile', 'consultation_user_profile_fields' );
add_action( 'edit_user_profile', 'consultation_user_profile_fields' );
add_action( "user_new_form", "consultation_user_profile_fields" );
function save_consultation_user_profile_fields($user_id){
if(!current_user_can('manage_options'))
return false;

foreach ($_POST['consultation'] as $key => $val) {
update_user_meta($user_id,'consultation'.$key,$_POST['consultation'][$key]);
}
# save my custom field

}
add_action( 'user_register', 'save_consultation_user_profile_fields');
add_action('personal_options_update','save_consultation_user_profile_fields' );
add_action( 'edit_user_profile_update','save_consultation_user_profile_fields' );






plugins user-meta






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jan 8 at 8:41









pawel1993pawel1993

83




83




closed as off-topic by Jacob Peattie, fuxia Jan 8 at 9:53


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?" – fuxia

If this question can be reworded to fit the rules in the help center, please edit the question.







closed as off-topic by Jacob Peattie, fuxia Jan 8 at 9:53


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions that are too localized (such as syntax errors, code with restricted access, hacked sites, hosting or support issues) are not in scope. See how do I ask a good question?" – fuxia

If this question can be reworded to fit the rules in the help center, please edit the question.













  • Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

    – Jacob Peattie
    Jan 8 at 8:51











  • And what value are you expecting? All your checkboxes has value set as 1, so...

    – Krzysiek Dróżdż
    Jan 8 at 8:55











  • so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

    – pawel1993
    Jan 8 at 9:02



















  • Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

    – Jacob Peattie
    Jan 8 at 8:51











  • And what value are you expecting? All your checkboxes has value set as 1, so...

    – Krzysiek Dróżdż
    Jan 8 at 8:55











  • so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

    – pawel1993
    Jan 8 at 9:02

















Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

– Jacob Peattie
Jan 8 at 8:51





Probably not the actual problem, but you're missing a character here: $user>ID. Needs to be $user->ID.

– Jacob Peattie
Jan 8 at 8:51













And what value are you expecting? All your checkboxes has value set as 1, so...

– Krzysiek Dróżdż
Jan 8 at 8:55





And what value are you expecting? All your checkboxes has value set as 1, so...

– Krzysiek Dróżdż
Jan 8 at 8:55













so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

– pawel1993
Jan 8 at 9:02





so value="<?= ($hasAccess == 1 ? 1 : 0);?>" ? this is nothing changes

– pawel1993
Jan 8 at 9:02










2 Answers
2






active

oldest

votes


















1














Your user_meta is not updated, because you process checkboxes incorrectly...



First of all... You've set values of all your checkboxes to 1. So if they're checked, then their value is 1 - and this is the value you save as user_meta.



On the other hand, when the checkbox is not checked, then it won't be sent in POST request. So your foreach loop won't loop through them - so the user_meta will never be set to anything other than 1 ;)



How to fix it?



You shouldn't iterate posted array and loop through posts instead. And inside that loop you should check if given value is set in POST request and process it properly (set user_meta to 1, if the value is set, and to 0 if the value is not set).



Also, you should not trust user inputs so much - what if user tampers with data and makes some changes to IDs in checkboxes? He will get access to other posts ;)



So I would do it like so:



function save_consultation_user_profile_fields( $user_id ) {
# save my custom field
if( ! current_user_can('manage_options') )
return false;

$query = new WP_Query( // it's the same query you use to create checkboxes in form
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
foreach ( $query->posts as $post ) {
if ( isset( $_POST['consultation'][$post->ID] ) && 1 == $_POST['consultation'][$post->ID] ) {
update_user_meta( $user_id, 'consultation' . $post->ID, 1 );
} else {
delete_user_meta( $user_id, 'consultation' . $post->ID, 1 );
}
}
}


This way you'll be sure, that users can gain access only for existing posts. You will be nicer for DB also - if user has no access to post, then no meta is stored in DB.






share|improve this answer


























  • Krzysiek could you take my small this snippet?

    – pawel1993
    Jan 8 at 9:12











  • @pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

    – Krzysiek Dróżdż
    Jan 8 at 9:23



















1














The problem is that when the checkbox is not checked, $_POST['consultation'][$key] does not exist for that key. No value is posted for an unchecked checkbox.



So $_POST['consultation'] will only contain values for the checked checkboxes. This means that the existing saved values for the other checkboxes are not changed.



The simplest way to post a value for an unchecked checkbox is to have a hidden input before it with the same name and a different value. Like this:



<input type="hidden" name="consultation[<?= get_the_ID(); ?>]" value="0">
<input
type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>
/>


Or with less repeating yourself:



printf(
'<input id="%1$s" name="%1$s" type="hidden" value="0">
<input name="%1$s" type="checkbox" value="1" %2$s>',
esc_attr( 'consultation[' . get_the_ID() . ']' ),
checked( '1', $hasAccess, false )
);


So now if the checkbox is unchecked, $_POST['consultation'][$key] will be the value of the hidden input, 0.






share|improve this answer
























  • Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

    – Krzysiek Dróżdż
    Jan 8 at 9:24











  • Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

    – Jacob Peattie
    Jan 8 at 9:30











  • Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

    – Krzysiek Dróżdż
    Jan 8 at 9:32


















2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














Your user_meta is not updated, because you process checkboxes incorrectly...



First of all... You've set values of all your checkboxes to 1. So if they're checked, then their value is 1 - and this is the value you save as user_meta.



On the other hand, when the checkbox is not checked, then it won't be sent in POST request. So your foreach loop won't loop through them - so the user_meta will never be set to anything other than 1 ;)



How to fix it?



You shouldn't iterate posted array and loop through posts instead. And inside that loop you should check if given value is set in POST request and process it properly (set user_meta to 1, if the value is set, and to 0 if the value is not set).



Also, you should not trust user inputs so much - what if user tampers with data and makes some changes to IDs in checkboxes? He will get access to other posts ;)



So I would do it like so:



function save_consultation_user_profile_fields( $user_id ) {
# save my custom field
if( ! current_user_can('manage_options') )
return false;

$query = new WP_Query( // it's the same query you use to create checkboxes in form
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
foreach ( $query->posts as $post ) {
if ( isset( $_POST['consultation'][$post->ID] ) && 1 == $_POST['consultation'][$post->ID] ) {
update_user_meta( $user_id, 'consultation' . $post->ID, 1 );
} else {
delete_user_meta( $user_id, 'consultation' . $post->ID, 1 );
}
}
}


This way you'll be sure, that users can gain access only for existing posts. You will be nicer for DB also - if user has no access to post, then no meta is stored in DB.






share|improve this answer


























  • Krzysiek could you take my small this snippet?

    – pawel1993
    Jan 8 at 9:12











  • @pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

    – Krzysiek Dróżdż
    Jan 8 at 9:23
















1














Your user_meta is not updated, because you process checkboxes incorrectly...



First of all... You've set values of all your checkboxes to 1. So if they're checked, then their value is 1 - and this is the value you save as user_meta.



On the other hand, when the checkbox is not checked, then it won't be sent in POST request. So your foreach loop won't loop through them - so the user_meta will never be set to anything other than 1 ;)



How to fix it?



You shouldn't iterate posted array and loop through posts instead. And inside that loop you should check if given value is set in POST request and process it properly (set user_meta to 1, if the value is set, and to 0 if the value is not set).



Also, you should not trust user inputs so much - what if user tampers with data and makes some changes to IDs in checkboxes? He will get access to other posts ;)



So I would do it like so:



function save_consultation_user_profile_fields( $user_id ) {
# save my custom field
if( ! current_user_can('manage_options') )
return false;

$query = new WP_Query( // it's the same query you use to create checkboxes in form
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
foreach ( $query->posts as $post ) {
if ( isset( $_POST['consultation'][$post->ID] ) && 1 == $_POST['consultation'][$post->ID] ) {
update_user_meta( $user_id, 'consultation' . $post->ID, 1 );
} else {
delete_user_meta( $user_id, 'consultation' . $post->ID, 1 );
}
}
}


This way you'll be sure, that users can gain access only for existing posts. You will be nicer for DB also - if user has no access to post, then no meta is stored in DB.






share|improve this answer


























  • Krzysiek could you take my small this snippet?

    – pawel1993
    Jan 8 at 9:12











  • @pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

    – Krzysiek Dróżdż
    Jan 8 at 9:23














1












1








1







Your user_meta is not updated, because you process checkboxes incorrectly...



First of all... You've set values of all your checkboxes to 1. So if they're checked, then their value is 1 - and this is the value you save as user_meta.



On the other hand, when the checkbox is not checked, then it won't be sent in POST request. So your foreach loop won't loop through them - so the user_meta will never be set to anything other than 1 ;)



How to fix it?



You shouldn't iterate posted array and loop through posts instead. And inside that loop you should check if given value is set in POST request and process it properly (set user_meta to 1, if the value is set, and to 0 if the value is not set).



Also, you should not trust user inputs so much - what if user tampers with data and makes some changes to IDs in checkboxes? He will get access to other posts ;)



So I would do it like so:



function save_consultation_user_profile_fields( $user_id ) {
# save my custom field
if( ! current_user_can('manage_options') )
return false;

$query = new WP_Query( // it's the same query you use to create checkboxes in form
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
foreach ( $query->posts as $post ) {
if ( isset( $_POST['consultation'][$post->ID] ) && 1 == $_POST['consultation'][$post->ID] ) {
update_user_meta( $user_id, 'consultation' . $post->ID, 1 );
} else {
delete_user_meta( $user_id, 'consultation' . $post->ID, 1 );
}
}
}


This way you'll be sure, that users can gain access only for existing posts. You will be nicer for DB also - if user has no access to post, then no meta is stored in DB.






share|improve this answer















Your user_meta is not updated, because you process checkboxes incorrectly...



First of all... You've set values of all your checkboxes to 1. So if they're checked, then their value is 1 - and this is the value you save as user_meta.



On the other hand, when the checkbox is not checked, then it won't be sent in POST request. So your foreach loop won't loop through them - so the user_meta will never be set to anything other than 1 ;)



How to fix it?



You shouldn't iterate posted array and loop through posts instead. And inside that loop you should check if given value is set in POST request and process it properly (set user_meta to 1, if the value is set, and to 0 if the value is not set).



Also, you should not trust user inputs so much - what if user tampers with data and makes some changes to IDs in checkboxes? He will get access to other posts ;)



So I would do it like so:



function save_consultation_user_profile_fields( $user_id ) {
# save my custom field
if( ! current_user_can('manage_options') )
return false;

$query = new WP_Query( // it's the same query you use to create checkboxes in form
array(
'posts_per_page' => -1,
'post_type' => 'consultation',
'post_status' => 'publish'
)
);
foreach ( $query->posts as $post ) {
if ( isset( $_POST['consultation'][$post->ID] ) && 1 == $_POST['consultation'][$post->ID] ) {
update_user_meta( $user_id, 'consultation' . $post->ID, 1 );
} else {
delete_user_meta( $user_id, 'consultation' . $post->ID, 1 );
}
}
}


This way you'll be sure, that users can gain access only for existing posts. You will be nicer for DB also - if user has no access to post, then no meta is stored in DB.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 8 at 9:20

























answered Jan 8 at 9:04









Krzysiek DróżdżKrzysiek Dróżdż

16.3k63045




16.3k63045













  • Krzysiek could you take my small this snippet?

    – pawel1993
    Jan 8 at 9:12











  • @pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

    – Krzysiek Dróżdż
    Jan 8 at 9:23



















  • Krzysiek could you take my small this snippet?

    – pawel1993
    Jan 8 at 9:12











  • @pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

    – Krzysiek Dróżdż
    Jan 8 at 9:23

















Krzysiek could you take my small this snippet?

– pawel1993
Jan 8 at 9:12





Krzysiek could you take my small this snippet?

– pawel1993
Jan 8 at 9:12













@pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

– Krzysiek Dróżdż
Jan 8 at 9:23





@pawel1993 I've updated my answer with some code and explanation, why this approach is better and safer.

– Krzysiek Dróżdż
Jan 8 at 9:23













1














The problem is that when the checkbox is not checked, $_POST['consultation'][$key] does not exist for that key. No value is posted for an unchecked checkbox.



So $_POST['consultation'] will only contain values for the checked checkboxes. This means that the existing saved values for the other checkboxes are not changed.



The simplest way to post a value for an unchecked checkbox is to have a hidden input before it with the same name and a different value. Like this:



<input type="hidden" name="consultation[<?= get_the_ID(); ?>]" value="0">
<input
type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>
/>


Or with less repeating yourself:



printf(
'<input id="%1$s" name="%1$s" type="hidden" value="0">
<input name="%1$s" type="checkbox" value="1" %2$s>',
esc_attr( 'consultation[' . get_the_ID() . ']' ),
checked( '1', $hasAccess, false )
);


So now if the checkbox is unchecked, $_POST['consultation'][$key] will be the value of the hidden input, 0.






share|improve this answer
























  • Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

    – Krzysiek Dróżdż
    Jan 8 at 9:24











  • Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

    – Jacob Peattie
    Jan 8 at 9:30











  • Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

    – Krzysiek Dróżdż
    Jan 8 at 9:32
















1














The problem is that when the checkbox is not checked, $_POST['consultation'][$key] does not exist for that key. No value is posted for an unchecked checkbox.



So $_POST['consultation'] will only contain values for the checked checkboxes. This means that the existing saved values for the other checkboxes are not changed.



The simplest way to post a value for an unchecked checkbox is to have a hidden input before it with the same name and a different value. Like this:



<input type="hidden" name="consultation[<?= get_the_ID(); ?>]" value="0">
<input
type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>
/>


Or with less repeating yourself:



printf(
'<input id="%1$s" name="%1$s" type="hidden" value="0">
<input name="%1$s" type="checkbox" value="1" %2$s>',
esc_attr( 'consultation[' . get_the_ID() . ']' ),
checked( '1', $hasAccess, false )
);


So now if the checkbox is unchecked, $_POST['consultation'][$key] will be the value of the hidden input, 0.






share|improve this answer
























  • Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

    – Krzysiek Dróżdż
    Jan 8 at 9:24











  • Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

    – Jacob Peattie
    Jan 8 at 9:30











  • Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

    – Krzysiek Dróżdż
    Jan 8 at 9:32














1












1








1







The problem is that when the checkbox is not checked, $_POST['consultation'][$key] does not exist for that key. No value is posted for an unchecked checkbox.



So $_POST['consultation'] will only contain values for the checked checkboxes. This means that the existing saved values for the other checkboxes are not changed.



The simplest way to post a value for an unchecked checkbox is to have a hidden input before it with the same name and a different value. Like this:



<input type="hidden" name="consultation[<?= get_the_ID(); ?>]" value="0">
<input
type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>
/>


Or with less repeating yourself:



printf(
'<input id="%1$s" name="%1$s" type="hidden" value="0">
<input name="%1$s" type="checkbox" value="1" %2$s>',
esc_attr( 'consultation[' . get_the_ID() . ']' ),
checked( '1', $hasAccess, false )
);


So now if the checkbox is unchecked, $_POST['consultation'][$key] will be the value of the hidden input, 0.






share|improve this answer













The problem is that when the checkbox is not checked, $_POST['consultation'][$key] does not exist for that key. No value is posted for an unchecked checkbox.



So $_POST['consultation'] will only contain values for the checked checkboxes. This means that the existing saved values for the other checkboxes are not changed.



The simplest way to post a value for an unchecked checkbox is to have a hidden input before it with the same name and a different value. Like this:



<input type="hidden" name="consultation[<?= get_the_ID(); ?>]" value="0">
<input
type="checkbox" id="consultation[<?= get_the_ID(); ?>]"
class="regular-text" name="consultation[<?= get_the_ID(); ?>]"
value="1" <?= ($hasAccess == 1 ? 'checked' : ''); ?>
/>


Or with less repeating yourself:



printf(
'<input id="%1$s" name="%1$s" type="hidden" value="0">
<input name="%1$s" type="checkbox" value="1" %2$s>',
esc_attr( 'consultation[' . get_the_ID() . ']' ),
checked( '1', $hasAccess, false )
);


So now if the checkbox is unchecked, $_POST['consultation'][$key] will be the value of the hidden input, 0.







share|improve this answer












share|improve this answer



share|improve this answer










answered Jan 8 at 9:01









Jacob PeattieJacob Peattie

16.1k42029




16.1k42029













  • Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

    – Krzysiek Dróżdż
    Jan 8 at 9:24











  • Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

    – Jacob Peattie
    Jan 8 at 9:30











  • Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

    – Krzysiek Dróżdż
    Jan 8 at 9:32



















  • Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

    – Krzysiek Dróżdż
    Jan 8 at 9:24











  • Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

    – Jacob Peattie
    Jan 8 at 9:30











  • Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

    – Krzysiek Dróżdż
    Jan 8 at 9:32

















Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

– Krzysiek Dróżdż
Jan 8 at 9:24





Nice trick. On the other hand, I can gain access to all posts, if I prepare the POST request - there is still no validation in saving function.

– Krzysiek Dróżdż
Jan 8 at 9:24













Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

– Jacob Peattie
Jan 8 at 9:30





Right, but this isn’t code review. The question was about values for unchecked checkboxes, so that’s what I’ve addressed.

– Jacob Peattie
Jan 8 at 9:30













Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

– Krzysiek Dróżdż
Jan 8 at 9:32





Well, you're right, but... It's always good idea to promote best practices and comment on such bad/unsafe solutions in posted code. There's no harm in that, I guess...

– Krzysiek Dróżdż
Jan 8 at 9:32



Popular posts from this blog

"Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

Alcedinidae

Origin of the phrase “under your belt”?