Skip to content

Instantly share code, notes, and snippets.

Created December 6, 2022 00:04
  • Star 25 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Plugin Name: CONF Secure Docs
Description: A plugin that creates a custom menu item and admin screen to save a "Doc API Key" option.
class CONF_Secure_Docs {
// Constructor
public function __construct() {
// Add custom menu item
add_action('admin_menu', array($this, 'add_secure_docs_menu_item'));
// Register settings and fields
add_action('admin_init', array($this, 'register_secure_docs_settings'));
// Add custom menu item
public function add_secure_docs_menu_item() {
'CONF Secure Docs Settings', // Page title
'CONF Secure Docs', // Menu title
'manage_options', // Capability
'conf-secure-docs-settings', // Menu slug
array($this, 'display_secure_docs_settings_screen'), // Function to render screen
'dashicons-admin-generic', // Icon URL
99 // Menu position
// Register settings and fields
public function register_secure_docs_settings() {
'conf_secure_docs_settings', // Option group
'conf_secure_docs_api_key', // Option name
array($this, 'validate_secure_docs_api_key') // Sanitize callback
'conf_secure_docs_api_key_section', // ID
'Doc API Key', // Title
array($this, 'display_secure_docs_api_key_section_info'), // Callback
'conf-secure-docs-settings' // Page
'conf_secure_docs_api_key_field', // ID
'Doc API Key', // Title
array($this, 'display_secure_docs_api_key_field'), // Callback
'conf-secure-docs-settings', // Page
'conf_secure_docs_api_key_section' // Section
// Display Doc API Key section info
public function display_secure_docs_api_key_section_info() {
echo '<p>Enter your Doc API Key to enable secure access to your documents.</p>';
// Display Doc API Key field
public function display_secure_docs_api_key_field() {
// Get existing option value
$api_key = get_option('conf_secure_docs_api_key');
// Display text field
echo '<input type="text" id="conf_secure_docs_api_key" name="conf_secure_docs_api_key" value="' . $api_key . '" />';
// Validate Doc API Key field
public function validate_secure_docs_api_key($input) {
// Only allow alphanumeric values
return preg_replace('/[^a-zA-Z0-9]/', '', $input);
// Render settings screen
public function display_secure_docs_settings_screen() {
// Check user capabilities
if (!current_user_can('manage_options')) {
// Display settings screen HTML
echo '<div class="wrap">';
echo '<h1>CONF Secure Docs Settings</h1>';
echo '<form method="post" action="options.php">';
// Output security fields and settings sections
// Display submit button
echo '</form>';
echo '</div>';
new CONF_Secure_Docs();
Copy link

oddjar commented Dec 6, 2022

@westonruter Yeah, it's definitely not a one button solution (at least not yet). But being able to instantly generate scaffolding and structural code that's mostly correct is a huge time saver.

Copy link

Agreed. And the model could be trained to include such security best practices. The fact that it is absent is more just a reflection on the fact that a lot of plugin authors don't do this.

Copy link

Just out of curiosity was this provided in a single answer - it seems like the amount of code generated is more than the maximum output per answer. I also use it for code generation and it's incredible.

Copy link

If that's a WordPress plugin god help us. I will still have a job in the next 20 years haha.

Copy link

If that's a WordPress plugin god help us. I will still have a job in the next 20 years haha.

Keep in mind it's not just the plugin that it generates - you can extend specific sections of the plugin just by giving it instructions e.g. expand on the x function to account for y, z etc. and it will rewrite that particualr part of the code. In my experience it's about 80% accurate - not ready for prime time but great as a learning tool to literally learn at your own pace.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment