HiveBrain v1.2.0
Get Started
← Back to all entries
patternphpMinor

WordPress Post Type template

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
typeposttemplatewordpress

Problem

I have created this class for my WP theme. It allows you to create templates for a meta box which relates directly to a custom frontend template to have better control of the content displayed on the page.

So for example:

The meta box content file, which defines a "template":

theme_folder/post-templates/templates/admin/print.php


The file would define variables containing information about the template:

templates[] = array( 
    'print' =>  array(
        'admin_filepath'    =>  basename(__FILE__),
        'template_name'     =>  'Print Design Project',
        'template_id'       =>  'print',
        'frontend_file'     =>  'print-design.php'
    )
);
if( self::TEMPLATE_PARSER ) return;

$data = $this->_getLayoutData($post->ID);

?>

    Test Field
    " />

    Test Field 2
    " />

    Test Field 3
    " />


Here's the front end file which would look pretty much the same as a normal WP template file:


    Custom Print Template
    _getLayoutData($post->ID)); ?>
    


The engine file:

```
_getAvailableTemplates();

// Meta Box Hooks
add_action('admin_menu', array( $this, 'add_meta_boxes' ) );
add_action('save_post', array( $this, 'save_meta_box_content' ));

// Frontend Template Redirect
add_action('template_redirect', array($this, '_interceptTemplateDisplay'));

// AJAX
add_action('wp_ajax_braveGetMetaBoxContent', array( $this, 'ajax_braveGetMetaBoxContent' ));
add_action('wp_ajax_nopriv_braveGetMetaBoxContent', array( $this, 'ajax_braveGetMetaBoxContent' ));

}

/**
* _interceptTemplateDisplay
*
* Load custom template file if one is set.
*
*/
public function _interceptTemplateDisplay() {

global $post;

if( $post && in_array($post->post_type, $this->enabled_post_types) ) {

if($this->hasPostTemplate($post->ID)) {

$this->_loadFrontEndTemplate($this->_getTemplate($post->ID));

Solution

Your code looks good, (although I did not review each particular) The only thing that stood out to me is that your files do not begin with a check to see if the file is being accessed directly. You should have a variable defined at the beginning of the theme that is checked for at the beginning of each other file, and if the variable is not defined, reject the access. There is a section about that here: https://www.wordfence.com/learn/how-to-write-secure-php-code/

Context

StackExchange Code Review Q#29866, answer score: 3

Revisions (0)

No revisions yet.