-
-
Save oddjar/54bd63399e2e27b15a25d10b6edd4ec2 to your computer and use it in GitHub Desktop.
<?php | |
/* | |
Plugin Name: CONF Secure Docs | |
Description: A plugin that creates a custom menu item and admin screen to save a "Doc API Key" option. | |
*/ | |
class CONF_Secure_Docs { | |
// Constructor | |
public function __construct() { | |
// Add custom menu item | |
add_action('admin_menu', array($this, 'add_secure_docs_menu_item')); | |
// Register settings and fields | |
add_action('admin_init', array($this, 'register_secure_docs_settings')); | |
} | |
// Add custom menu item | |
public function add_secure_docs_menu_item() { | |
add_menu_page( | |
'CONF Secure Docs Settings', // Page title | |
'CONF Secure Docs', // Menu title | |
'manage_options', // Capability | |
'conf-secure-docs-settings', // Menu slug | |
array($this, 'display_secure_docs_settings_screen'), // Function to render screen | |
'dashicons-admin-generic', // Icon URL | |
99 // Menu position | |
); | |
} | |
// Register settings and fields | |
public function register_secure_docs_settings() { | |
register_setting( | |
'conf_secure_docs_settings', // Option group | |
'conf_secure_docs_api_key', // Option name | |
array($this, 'validate_secure_docs_api_key') // Sanitize callback | |
); | |
add_settings_section( | |
'conf_secure_docs_api_key_section', // ID | |
'Doc API Key', // Title | |
array($this, 'display_secure_docs_api_key_section_info'), // Callback | |
'conf-secure-docs-settings' // Page | |
); | |
add_settings_field( | |
'conf_secure_docs_api_key_field', // ID | |
'Doc API Key', // Title | |
array($this, 'display_secure_docs_api_key_field'), // Callback | |
'conf-secure-docs-settings', // Page | |
'conf_secure_docs_api_key_section' // Section | |
); | |
} | |
// Display Doc API Key section info | |
public function display_secure_docs_api_key_section_info() { | |
echo '<p>Enter your Doc API Key to enable secure access to your documents.</p>'; | |
} | |
// Display Doc API Key field | |
public function display_secure_docs_api_key_field() { | |
// Get existing option value | |
$api_key = get_option('conf_secure_docs_api_key'); | |
// Display text field | |
echo '<input type="text" id="conf_secure_docs_api_key" name="conf_secure_docs_api_key" value="' . $api_key . '" />'; | |
} | |
// Validate Doc API Key field | |
public function validate_secure_docs_api_key($input) { | |
// Only allow alphanumeric values | |
return preg_replace('/[^a-zA-Z0-9]/', '', $input); | |
} | |
// Render settings screen | |
public function display_secure_docs_settings_screen() { | |
// Check user capabilities | |
if (!current_user_can('manage_options')) { | |
return; | |
} | |
// Display settings screen HTML | |
echo '<div class="wrap">'; | |
echo '<h1>CONF Secure Docs Settings</h1>'; | |
echo '<form method="post" action="options.php">'; | |
// Output security fields and settings sections | |
settings_fields('conf_secure_docs_settings'); | |
do_settings_sections('conf-secure-docs-settings'); | |
// Display submit button | |
submit_button(); | |
echo '</form>'; | |
echo '</div>'; | |
} | |
} | |
new CONF_Secure_Docs(); |
Agreed. And the model could be trained to include such security best practices. The fact that it is absent is more just a reflection on the fact that a lot of plugin authors don't do this.
Just out of curiosity was this provided in a single answer - it seems like the amount of code generated is more than the maximum output per answer. I also use it for code generation and it's incredible.
If that's a WordPress plugin god help us. I will still have a job in the next 20 years haha.
If that's a WordPress plugin god help us. I will still have a job in the next 20 years haha.
Keep in mind it's not just the plugin that it generates - you can extend specific sections of the plugin just by giving it instructions e.g. expand on the x function to account for y, z etc. and it will rewrite that particualr part of the code. In my experience it's about 80% accurate - not ready for prime time but great as a learning tool to literally learn at your own pace.
@westonruter Yeah, it's definitely not a one button solution (at least not yet). But being able to instantly generate scaffolding and structural code that's mostly correct is a huge time saver.