Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialCory Lawrence
10,222 PointsAssigning HTML escaped value of input field
I am working on the Building a Wordpress Plugin project. In the second task of the Admin Area Forms in Wordpress challenge it's asking "Inside of the if statement create a variable named "my_plugin_username". Assign it the HTML escaped value of the my_plugin_username input field."
I have the following line inside my if statement and I cannot figure out what I'm missing...
$my_plugin_username = esc_html($_POST['my_plugin_username']);
Please give me a clue if you can! Thank you.
10 Answers
Paul Yorde
10,497 PointsWait! Try this!
if(isset( $_POST['my_plugin_hidden_field'])) {
$my_plugin_username = esc_html( $_POST['my_plugin_username'] );
}
Brandon Harvey
14,672 PointsI encountered the same issue as well.. Here is my code that passed.
I had to remove the conditional check.
<?php
function my_plugin_options_page() {
if (!current_user_can('manage_options')) {
wp_die('You do not have sufficient permissions to access this page.');
}
if(isset( $_POST['my_plugin_hidden_field'])) {
$my_plugin_username = esc_html( $_POST['my_plugin_username'] );
}
}
?>
Alex Misnovs
12,163 Pointshey all, I guess the problem is in the whitespace when you copy over the input field name.. Basically this doesnt work: if(isset($_POST['my_plugin_hidden_field '])){ $my_plugin_username = esc_html( $_POST['my_plugin_username'] ); }
But this works:
if(isset($_POST['my_plugin_hidden_field'])){ $my_plugin_username = esc_html( $_POST['my_plugin_username'] ); }
so need to make sure no whitespace is left in $_POST['my_plugin_username'].
hope this will help ;)
Jerry Schrader
4,396 PointsThanks for this, wasted so much time trying to figure out what was wrong with my code.
Paul Yorde
10,497 PointsAre you getting a specific error? It might be helpful to display your full code snippet for the question. Simply because what you have seems to be correct per Codex: (http://codex.wordpress.org/Validating_Sanitizing_and_Escaping_User_Data)
Cory Lawrence
10,222 PointsThis is my full code.
<?php
function my_plugin_options_page() {
if (!current_user_can('manage_options')) {
wp_die('You do not have sufficient permissions to access this page.');
}
if(isset( $_POST['my_plugin_hidden_field'])){
$hidden_field = esc_html( $_POST['my_plugin_hidden_field'] );
$my_plugin_username = esc_html($_POST['my_plugin_username'] );
}
}
?>
The error I get says, "Bummer! You should pass the posted form element my_plugin_username into esc_html in order to sanitize it." I've looked on the codex, too and I thought I had it right. Thank you for replying.
Paul Yorde
10,497 PointsYeah, I went over it and got the same results. I think we are supposed to contact support when these things aren't working properly.
Cory Lawrence
10,222 PointsThat worked! I guess you have to delete the other line of code from the step before to get it to work. Thank you!
Paul Yorde
10,497 PointsWelcome ~
Luke Lee
7,577 PointsI have the same problem. what should I do?
<?php
function my_plugin_options_page() {
if (!current_user_can('manage_options')) {
wp_die('You do not have sufficient permissions to access this page.');
}
if(isset($_POST['$my_plugin_hidden_field'])){
$my_plugin_username = esc_html( $_POST['my_plugin_username'] );
}
}
?>
Ben Larcey
Courses Plus Student 4,852 PointsSame problem here.
LisaMarie Barnes
9,346 PointsTry this: it passed for me. <?php
function my_plugin_options_page() {
if (!current_user_can('manage_options')) { wp_die('You do not have sufficient permissions to access this page.'); if( isset( $_POST['my_plugin_hidden_field_form_submitted'] ) ) $hidden_field = esc_html( $_POST['my_plugin_hidden_field_form_submitted'] ); if(isset( $_POST['my_plugin_hidden_field'])) {
$my_plugin_username = esc_html( $_POST['my_plugin_username'] );
} } }
?>
Ty Yamaguchi
25,397 PointsI was having a problem with this too. My problem was that I didn't have the second conditional statement INSIDE of the my_plugin_options_page() function. Here is the full code that worked for me:
<?php
function my_plugin_options_page() {
if (!current_user_can('manage_options')) {
wp_die('You do not have sufficient permissions to access this page.');
}
if ( isset( $_POST['my_plugin_hidden_field'] ) ) {
$my_plugin_username = esc_html($_POST['my_plugin_username']);
}
}
?>