Search code examples
phpwordpresscustom-post-type

Spam post types in WordPress

I'm trying to add action 'spam' to my post type actions but when clicking on the link I'm getting this error 'The link you followed has expired.'. Followed some instructions such as increasing max_execution_time nothing it's working as expected. Bellow you have the code.

function wpc_remove_add_row_actions( $actions, $post ){
   if( $post->post_type === 'cpost' ){ 
      $url = admin_url( 'edit.php?post=' . $post->ID );
      $spam_link = wp_nonce_url(add_query_arg( array( 'action' => 'spam' ), $url ), 'cpost');
      $actions['spam'] = '<a href="'.$spam_link.'">Spam</a>';
    }   
    return $actions;  
}  
add_filter( 'post_row_actions', 'wpc_remove_add_row_actions', 10, 2 );

Thanks for the help in advance.

Solution

  • The error is in regards you Wordpress Nonce validation not your PHP settings. Also, in your case, you should be calling the post.php page instead edit.php page, and have to declare your custom post action request (spam) to handle the resquest using add_action( "post_action_{$action}", 'my_custom_action', 10, 1 );, see docs: https://developer.wordpress.org/reference/hooks/post_action_action/

    On my_custom_action() function you should verify the nonce you have declared on your post_row_actions filter using the Wordpress check_admin_referer() function.

    So, let's wrap everything up:

    First update the edit.php to post.php:

    function wpc_remove_add_row_actions( $actions, $post ){
  if( $post->post_type === 'cpost' ){ 
      $url = admin_url( 'post.php?post=' . $post->ID );
      $spam_link = wp_nonce_url(add_query_arg( array( 'action' => 'spam' ), $url ), 'cpost');
      $actions['spam'] = '<a href="'.$spam_link.'">Spam</a>';
    }   
    return $actions;  
}  
add_filter( 'post_row_actions', 'wpc_remove_add_row_actions', 10, 2 );

    By the Wordpress docs the second parameter of wp_nonce_url() is the 'Nonce action name'. See docs: https://developer.wordpress.org/reference/functions/wp_nonce_url/

    wp_nonce_url(add_query_arg( array( 'action' => 'spam' ), $url ), 'cpost');

    So, your nonce name is cpost

    Now you just need to setup your custom action handler:

    // define the post_action_<action> callback 
function my_custom_action_spam( $post_id ) { 
    check_admin_referer('cpost'); //Your nonce name validation
    // make action magic happen here... 
}; 
// add the action 
add_action( "post_action_spam", 'my_custom_action_spam', 10, 1 );