Fatal编程技术网
  • php/
  • Php WordPress插件设置页面(选项页面)重定向到DB升级页面

Php WordPress插件设置页面(选项页面)重定向到DB升级页面

php wordpress

Php WordPress插件设置页面(选项页面)重定向到DB升级页面,php,wordpress,Php,Wordpress,我一直在为一个客户端构建WordPress插件,但是我似乎遇到了一个奇怪的问题。我添加了一个选项页面,但它不能正常工作 当我进入Wordpress菜单时,我可以看到我的选项页面。它有正确的选项页面options general.php?page=Beacon\u registration\u WP,但是当我单击菜单项时,该页面将我重定向到upgrade.php?\u WP\u http\u referer=%2Fwp admin%2Foptions general.php%3Fpage%3dba

我一直在为一个客户端构建WordPress插件,但是我似乎遇到了一个奇怪的问题。我添加了一个选项页面,但它不能正常工作

当我进入Wordpress菜单时,我可以看到我的选项页面。它有正确的选项页面
options general.php?page=Beacon\u registration\u WP
,但是当我单击菜单项时,该页面将我重定向到
upgrade.php?\u WP\u http\u referer=%2Fwp admin%2Foptions general.php%3Fpage%3dbacon\u registration\u WP

我不确定为什么会发生这种情况

im用作插件入口点的代码:

<?php
/**
* Plugin Name: ** OMITED **
* Plugin URI: ** OMITED **
* Description: This plugin enabled the wordpress site to register new users to the beaconapp 
* Version: 1.0
* Author: Martin Barker - ** OMITED **
* Author URI: ** OMITED **
* License: Propriatry Software (do not distribute)
*/

class BeaconRegistation
{
    // handler for registing the wp-admin menu
    public function addMenuItem()
    {
        add_options_page( 'Configure Server', 'BeaconApp Registation', 'manage_options', 'Beacon_Registation_WP', array($this, "wp_admin") );
    }

    // display the wp_admin page for this plugin
    public function wp_admin()
    {
        ob_start();
        if ( !current_user_can( 'manage_options' ) )  {
            wp_die( __( 'You do not have sufficient permissions to access this page.' ) );
        }
        $this->sdr = get_option("sdr", "martindev.** OMITED **");
        if($_POST['sdr'] !== $this->sdr){
            update_option("sdr", $_POST['sdr']);
            $this->sdr = get_option("sdr", "martindev.** OMITED **");
        }
        // include the view for switch environment
        include("admin.php");
        return ob_get_clean();
    }

    // displays the shortcode 'ba_business_form'
    public function showBusinessForm($atts, $content = "")
    {
        ob_start();
        if($_POST['form_mode'] == "business"){
            // form has been posted
        }else{
            include("business.html");
        }

        return ob_get_clean();
    }

    // displays the short code 'ba_agency_form'
    public function showAgencyForm($atts, $content = "")
    {
        ob_start();
        if($_POST['form_mode'] == "agency"){
            // form has been posted
        }else{
            include("agency.html");
        }

        return ob_get_clean();
    }

    public function init()
    {
        // add the admin menu call
        add_action( 'admin_menu', array($this, "addMenuItem"));

        // add the short code for the business form
        add_shortcode("ba_business_form", array($this, "showBusinessForm"));

        // add the short code for the agency form
        add_shortcode("ba_agency_form", array($this, "showAgencyForm"));
    }
}

(new BeaconRegistation())->init();

因此,在对Wordpress管理面板进行了一些黑客攻击之后,我们设法将其深入到
包含(“admin.php”)
我不确定如何进行,但Wordpress似乎干扰并阻止了该过程的工作

因此,
include
相对路径似乎与
include(“business.html”)一样有效
包括(“agency.html”)但是“admin.php”一个似乎没有出现,就像另一个admin.php包含在内,不确定这是如何发生的或为什么发生的


为了修复这个问题,我解析了绝对路径,并通过
include(realpath(dirname(_FILE__))“/admin.php”包含它
您可能包含了标准的admin.php。它有一个重定向,就像你的一样。的手册声明它将首先检查include_路径,然后检查调用文件和cwd的目录。这就解释了商业和代理机构的运作与预期相符。