Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

WordPress

Cory Lawrence
Cory Lawrence
10,222 Points
Posted by Cory Lawrence
Cory Lawrence
10,222 Points

Assigning HTML escaped value of input field

I am working on the Building a Wordpress Plugin project. In the second task of the Admin Area Forms in Wordpress challenge it's asking "Inside of the if statement create a variable named "my_plugin_username". Assign it the HTML escaped value of the my_plugin_username input field."

I have the following line inside my if statement and I cannot figure out what I'm missing...

$my_plugin_username = esc_html($_POST['my_plugin_username']);

Please give me a clue if you can! Thank you.

10 Answers

Paul Yorde
Paul Yorde
10,497 Points
Paul Yorde
Paul Yorde
10,497 Points

Wait! Try this!

if(isset( $_POST['my_plugin_hidden_field'])) {

        $my_plugin_username = esc_html( $_POST['my_plugin_username'] );

 }
Brandon Harvey
Brandon Harvey
14,672 Points
Brandon Harvey
Brandon Harvey
14,672 Points

I encountered the same issue as well.. Here is my code that passed.

I had to remove the conditional check.

<?php

function my_plugin_options_page() {

    if (!current_user_can('manage_options')) {
        wp_die('You do not have sufficient permissions to access this page.');
    }

if(isset( $_POST['my_plugin_hidden_field'])) {

        $my_plugin_username = esc_html( $_POST['my_plugin_username'] );

 }
}
?>
Alex Misnovs
Alex Misnovs
12,163 Points
Alex Misnovs
Alex Misnovs
12,163 Points

hey all, I guess the problem is in the whitespace when you copy over the input field name.. Basically this doesnt work: if(isset($_POST['my_plugin_hidden_field '])){ $my_plugin_username = esc_html( $_POST['my_plugin_username'] ); }

But this works:

if(isset($_POST['my_plugin_hidden_field'])){ $my_plugin_username = esc_html( $_POST['my_plugin_username'] ); }

so need to make sure no whitespace is left in $_POST['my_plugin_username'].

hope this will help ;)

Jerry Schrader
Jerry Schrader
4,396 Points
Jerry Schrader
Jerry Schrader
4,396 Points

Thanks for this, wasted so much time trying to figure out what was wrong with my code.

Paul Yorde
Paul Yorde
10,497 Points
Paul Yorde
Paul Yorde
10,497 Points

Are you getting a specific error? It might be helpful to display your full code snippet for the question. Simply because what you have seems to be correct per Codex: (http://codex.wordpress.org/Validating_Sanitizing_and_Escaping_User_Data)

Cory Lawrence
Cory Lawrence
10,222 Points
Cory Lawrence
Cory Lawrence
10,222 Points

This is my full code.

<?php

function my_plugin_options_page() {

if (!current_user_can('manage_options')) {
    wp_die('You do not have sufficient permissions to access this page.');
}

if(isset( $_POST['my_plugin_hidden_field'])){
$hidden_field = esc_html( $_POST['my_plugin_hidden_field'] );

$my_plugin_username = esc_html($_POST['my_plugin_username'] );

}

}

?>

The error I get says, "Bummer! You should pass the posted form element my_plugin_username into esc_html in order to sanitize it." I've looked on the codex, too and I thought I had it right. Thank you for replying.

Paul Yorde
Paul Yorde
10,497 Points
Paul Yorde
Paul Yorde
10,497 Points

Yeah, I went over it and got the same results. I think we are supposed to contact support when these things aren't working properly.

Cory Lawrence
Cory Lawrence
10,222 Points
Cory Lawrence
Cory Lawrence
10,222 Points

That worked! I guess you have to delete the other line of code from the step before to get it to work. Thank you!

Luke Lee
Luke Lee
7,577 Points
Luke Lee
Luke Lee
7,577 Points

I have the same problem. what should I do?

<?php

function my_plugin_options_page() {

    if (!current_user_can('manage_options')) {
        wp_die('You do not have sufficient permissions to access this page.');

    }
    if(isset($_POST['$my_plugin_hidden_field'])){

    $my_plugin_username = esc_html( $_POST['my_plugin_username'] );

  }


}

?>
LisaMarie Barnes
LisaMarie Barnes
9,346 Points
LisaMarie Barnes
LisaMarie Barnes
9,346 Points

Try this: it passed for me. <?php

function my_plugin_options_page() {

if (!current_user_can('manage_options')) { wp_die('You do not have sufficient permissions to access this page.'); if( isset( $_POST['my_plugin_hidden_field_form_submitted'] ) ) $hidden_field = esc_html( $_POST['my_plugin_hidden_field_form_submitted'] ); if(isset( $_POST['my_plugin_hidden_field'])) {

    $my_plugin_username = esc_html( $_POST['my_plugin_username'] );

} } }

?>

Ty Yamaguchi
Ty Yamaguchi
25,397 Points
Ty Yamaguchi
Ty Yamaguchi
25,397 Points

I was having a problem with this too. My problem was that I didn't have the second conditional statement INSIDE of the my_plugin_options_page() function. Here is the full code that worked for me:

<?php

function my_plugin_options_page() {

    if (!current_user_can('manage_options')) {
        wp_die('You do not have sufficient permissions to access this page.');
    }

    if ( isset( $_POST['my_plugin_hidden_field'] ) ) {
  $my_plugin_username = esc_html($_POST['my_plugin_username']);
  }

}

?>