kingkool68/Simple Metabox Example

## Simple Metabox Example
<?php
/*
Plugin Name: Simple Metabox Example
Description: Here's a barebones metabox example
Version: 1.0
Author: Russell Heimlich
Author URI: http://www.russellheimlich.com
*/

//Hook in to the load-post.php and load-post-new.php to determine if we want to show our metabox or not. If you only want to show your metabox on the screen once the post has been saved as a draft or published (aka not a brand new post) then remove the load-post-new.php action....
add_action( 'load-post.php', 'sample_metabox_pre_metabox' );
add_action( 'load-post-new.php', 'sample_metabox_pre_metabox' );

//Determine if we can load the metabox on the edit post screen.
function sample_metabox_pre_metabox() {
	//Figure out what the post_type is via http://themergency.com/wordpress-tip-get-post-type-in-admin/
	$post_type = null;
	global $post, $typenow, $current_screen;

	//we have a post so we can just get the post type from that
	if ( $post && $post->post_type ) {
		$post_type = $post->post_type;
	}

	//check the global $typenow - set in admin.php
	elseif( $typenow ) {
		$post_type = $typenow;
	}

	//check the global $current_screen object - set in sceen.php
	elseif( $current_screen && $current_screen->post_type ) {
		$post_type = $current_screen->post_type;
	}

	//lastly check the post_type querystring
	elseif( isset( $_REQUEST['post_type'] ) ) {
		$post_type = sanitize_key( $_REQUEST['post_type'] );
	}

	//Here you can specify which post types should have this metabox
	$allowed_post_types = array( 'post' );

	if( in_array($post_type, $allowed_post_types) ) {
		add_action( 'add_meta_boxes', 'add_sample_metabox' );
		add_action( 'save_post', 'save_sample_metabox', 10, 2 );
	}
}


//This function will add our metabox to the post edit screen for a given post type
function add_sample_metabox( $post_type ) {
	//See http://codex.wordpress.org/Function_Reference/add_meta_box
	add_meta_box( 'sample-metabox' , 'Sample Metabox', 'render_the_sample_metabox', $post_type, 'normal', 'high' );
}

//This function is responsible for rendering the HTML in the metabox that appears on the post edit screen
function render_the_sample_metabox($post, $box) {
	//Fetch previously stored data to prefill the input field...
	$sample_field_value = get_post_meta( $post->ID, 'sample-field', true );

	//Always do a check to make sure we actually have previously stored data. If we don't (i.e. $sample_field_value == FALSE) then we need to provide a default value, in this case an empty string.
	if( !$sample_field_value ) {
		$sample_field_value = '';
	}

	?>
	<h2>Hello World!</h2>

	<div class="form-wrap">
		<div class="form-field" style="clear:both;">
			<label for="sample-field-id">Sample Field</label>
			<input type="text" name="sample-field" id="sample-field-id" value="<?php echo $sample_field_value; ?>">
			<p>This is a sample field that stores a value.</p>
		</div>

		<!-- See http://codex.wordpress.org/Function_Reference/wp_create_nonce -->
		<input type="hidden" name="sample_metabox_nonce" value="<?php echo wp_create_nonce( 'sample-meta-box' );?>">
	</div>

	<?php
}

function save_sample_metabox($post_id) {
	//We don't want to save the value of the sample-field if WordPress is performing an autosave!
	if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) {
		//Bail!
		return $post_id;
	}

	//We don't want to save the value of the sample-field if WordPress is performing an AJAX request!
	if( defined('DOING_AJAX') && DOING_AJAX ) {
		//Bail!
		return $post_id;
	}

	//Detects if the save action is coming from a quick edit/batch edit and not on the edit post screen
	if( ereg('/\edit\.php', $_SERVER['REQUEST_URI']) ) {
		//Bail!
		return $post_id;
	}

	/*
		This is a post request so the PHP super global $_POST is available to us. We can also use $_REQUEST which is the same thing as either $_POST or $_GET, whichever one is available. Uncomment the following lines to see what is contained in the $_REQUEST...
	*/

	//var_dump( $_REQUEST );
	//die();


	//Check to make sure the name of our field that is going to be saved is there.
	if( isset($_POST['sample-field']) ) {

		//Make sure a nonce value was passed along and the nonce value can be verified. This prevents malicious requests. See http://codex.wordpress.org/WordPress_Nonces
		if( !isset( $_POST['sample_metabox_nonce'] ) || !wp_verify_nonce( $_POST['sample_metabox_nonce'], 'sample-meta-box' ) ) {
			wp_die( 'Something fishy is going on. [Nonce failure!]' );
		}


		//We've made it this far which means we can save the data from the metabox.

		//WARNING! You want to sanitize and check all data you are recieving to make sure it is what you expect it to be. Failure to do this is bad security. See http://codex.wordpress.org/Data_Validation

		//See http://codex.wordpress.org/Function_Reference/sanitize_text_field
		$safe_data = sanitize_text_field( $_POST['sample-field'] );
		update_post_meta( $post_id, 'sample-field', $safe_data );
	}

}


// Make life easier and make yourself a helper function for getting the data. You can use this in the admin or on the frontend in your theme. Yay for reusability.
function get_sample_metabox_data( $post_id = FALSE ) {
	if( !$post_id ) {
		$post = get_post();
		$post_id = $post->ID;
	}

	//This is identical to the "Fetch previously stored data to prefill the input field..." part of the render_the_sample_metabox() function. Ideally you would replace that function up there with a call to your helper function, get_sample_metabox_data();
	$sample_field_value = get_post_meta( $post_id, 'sample-field', true );
	if( !$sample_field_value ) {
		$sample_field_value = '';
	}

	return $sample_field_value;
}
	<?php
	/*
	Plugin Name: Simple Metabox Example
	Description: Here's a barebones metabox example
	Version: 1.0
	Author: Russell Heimlich
	Author URI: http://www.russellheimlich.com
	*/

	//Hook in to the load-post.php and load-post-new.php to determine if we want to show our metabox or not. If you only want to show your metabox on the screen once the post has been saved as a draft or published (aka not a brand new post) then remove the load-post-new.php action....
	add_action( 'load-post.php', 'sample_metabox_pre_metabox' );
	add_action( 'load-post-new.php', 'sample_metabox_pre_metabox' );

	//Determine if we can load the metabox on the edit post screen.
	function sample_metabox_pre_metabox() {
	//Figure out what the post_type is via http://themergency.com/wordpress-tip-get-post-type-in-admin/
	$post_type = null;
	global $post, $typenow, $current_screen;

	//we have a post so we can just get the post type from that
	if ( $post && $post->post_type ) {
	$post_type = $post->post_type;
	}

	//check the global $typenow - set in admin.php
	elseif( $typenow ) {
	$post_type = $typenow;
	}

	//check the global $current_screen object - set in sceen.php
	elseif( $current_screen && $current_screen->post_type ) {
	$post_type = $current_screen->post_type;
	}

	//lastly check the post_type querystring
	elseif( isset( $_REQUEST['post_type'] ) ) {
	$post_type = sanitize_key( $_REQUEST['post_type'] );
	}

	//Here you can specify which post types should have this metabox
	$allowed_post_types = array( 'post' );

	if( in_array($post_type, $allowed_post_types) ) {
	add_action( 'add_meta_boxes', 'add_sample_metabox' );
	add_action( 'save_post', 'save_sample_metabox', 10, 2 );
	}
	}


	//This function will add our metabox to the post edit screen for a given post type
	function add_sample_metabox( $post_type ) {
	//See http://codex.wordpress.org/Function_Reference/add_meta_box
	add_meta_box( 'sample-metabox' , 'Sample Metabox', 'render_the_sample_metabox', $post_type, 'normal', 'high' );
	}

	//This function is responsible for rendering the HTML in the metabox that appears on the post edit screen
	function render_the_sample_metabox($post, $box) {
	//Fetch previously stored data to prefill the input field...
	$sample_field_value = get_post_meta( $post->ID, 'sample-field', true );

	//Always do a check to make sure we actually have previously stored data. If we don't (i.e. $sample_field_value == FALSE) then we need to provide a default value, in this case an empty string.
	if( !$sample_field_value ) {
	$sample_field_value = '';
	}

	?>
	<h2>Hello World!</h2>

	<div class="form-wrap">
	<div class="form-field" style="clear:both;">
	<label for="sample-field-id">Sample Field</label>
	<input type="text" name="sample-field" id="sample-field-id" value="<?php echo $sample_field_value; ?>">
	<p>This is a sample field that stores a value.</p>
	</div>

	<!-- See http://codex.wordpress.org/Function_Reference/wp_create_nonce -->
	<input type="hidden" name="sample_metabox_nonce" value="<?php echo wp_create_nonce( 'sample-meta-box' );?>">
	</div>

	<?php
	}

	function save_sample_metabox($post_id) {
	//We don't want to save the value of the sample-field if WordPress is performing an autosave!
	if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) {
	//Bail!
	return $post_id;
	}

	//We don't want to save the value of the sample-field if WordPress is performing an AJAX request!
	if( defined('DOING_AJAX') && DOING_AJAX ) {
	//Bail!
	return $post_id;
	}

	//Detects if the save action is coming from a quick edit/batch edit and not on the edit post screen
	if( ereg('/\edit\.php', $_SERVER['REQUEST_URI']) ) {
	//Bail!
	return $post_id;
	}

	/*
	This is a post request so the PHP super global $_POST is available to us. We can also use $_REQUEST which is the same thing as either $_POST or $_GET, whichever one is available. Uncomment the following lines to see what is contained in the $_REQUEST...
	*/

	//var_dump( $_REQUEST );
	//die();


	//Check to make sure the name of our field that is going to be saved is there.
	if( isset($_POST['sample-field']) ) {

	//Make sure a nonce value was passed along and the nonce value can be verified. This prevents malicious requests. See http://codex.wordpress.org/WordPress_Nonces
	if( !isset( $_POST['sample_metabox_nonce'] ) \|\| !wp_verify_nonce( $_POST['sample_metabox_nonce'], 'sample-meta-box' ) ) {
	wp_die( 'Something fishy is going on. [Nonce failure!]' );
	}


	//We've made it this far which means we can save the data from the metabox.

	//WARNING! You want to sanitize and check all data you are recieving to make sure it is what you expect it to be. Failure to do this is bad security. See http://codex.wordpress.org/Data_Validation

	//See http://codex.wordpress.org/Function_Reference/sanitize_text_field
	$safe_data = sanitize_text_field( $_POST['sample-field'] );
	update_post_meta( $post_id, 'sample-field', $safe_data );
	}

	}





	// Make life easier and make yourself a helper function for getting the data. You can use this in the admin or on the frontend in your theme. Yay for reusability.
	function get_sample_metabox_data( $post_id = FALSE ) {
	if( !$post_id ) {
	$post = get_post();
	$post_id = $post->ID;
	}

	//This is identical to the "Fetch previously stored data to prefill the input field..." part of the render_the_sample_metabox() function. Ideally you would replace that function up there with a call to your helper function, get_sample_metabox_data();
	$sample_field_value = get_post_meta( $post_id, 'sample-field', true );
	if( !$sample_field_value ) {
	$sample_field_value = '';
	}

	return $sample_field_value;
	}