Get user input from a form

2 Views

I am trying to create a form that will allow users to update their information on the front end. I am just starting to learn PHP (I know C# very well). If I use this code to create a form on a WordPress page, how do I get the information from the user when they press the ‘Update’ button and then update the database? 

function Insert_AccountTable_1()
{
    $current_user = wp_get_current_user();

    if ($current_user->ID != 0)
    {
        return <<<HTML
            <form class="AlumniForm" method="post">
            <h3>Name</h3>
            <br>
            <table>
                <tbody>
                    <tr>
                        <th><label for="Username">Username</label></th>
                        <td><span>$current_user->user_login</span></td>
                        <td><span class="description">Usernames cannot be changed.</span></td>
                    </tr>
                    <tr>
                        <th><label for="current_user_firstname">First Name</label></th>
                        <td><input id="current_user_firstname" type="text" name="current_user_firstname" value="$current_user->user_firstname"/></td>
                    </tr>
                    <tr>
                        <th><label for="current_user_lastname">Last Name</label></th>
                        <td><input id="current_user_lastname" name="current_user_lastname" type="text" value="$current_user->user_lastname"/></td>
                    </tr>
                    <tr>
                        <th><label for="current_user_displayname">Display Name<span class="description">(required)</span></label></th>
                        <td><input id="current_user_displayname" type="text" value="$current_user->display_name"/></td>
                    </tr>
                </tbody>
            </table>

            <h3>Contact Info</h3>
            <br>
            <table>
                <tbody>
                    <tr>
                        <th><label for="current_user_email">E-mail<span class="description">(Required)</span></label></th>
                        <td><input id="current_user_email" type="text" value="$current_user->user_email"/></td>
                    </tr>
                    <tr>
                        <th><label for="current_user_url">Website</label></th>
                        <td><input id="current_user_email" type="text" value="$current_user->user_url"/></td>
                    </tr>
                </tbody>
            </table>
            <input type="submit" name="current_user_submitupdates">Update</input>
            </form>
HTML;
    }
    else
    {
        return <<<HTML
        <h3>Error - User not logged in</h3>
HTML;
    }
}

add_shortcode('InsertAccountTableI', 'Insert_AccountTable_1');
Post Views: 2

Related posts

Leave a Reply

1 comment

  1. Use wp-admin/admin-post.php as form action handler, and bind your custom function as callback to that.

    A simple example for email updates. We will use a shortcode named [userform] here, but you can use a template too.

    add_shortcode( 'userform', 'wpse_75723_userform' );
add_action( 'admin_post_update_user_email', 'wpse_75723_update' );

/**
 * Create the form.
 */
function wpse_75723_userform()
{
    $here = esc_url( home_url( $_SERVER['REQUEST_URI'] ) );

    if ( ! is_user_logged_in() )
        return  'You have to <a href="' . wp_login_url( $here ) . '">log in</a> to use this page.';

    $action  = admin_url( 'admin-post.php');
    $user_id = get_current_user_id();

    return "<form method='post' action='$action'>
    <input type='hidden' name='action' value='update_user_email'>
    <input type='hidden' name='redirect' value='$here'>
    <input type='hidden' name='user_id' value='$user_id'>
    <input type='email' name='email' size='15'>
    <input type='submit'>
    </form>";
}

/**
 * Update user email
 */
function wpse_75723_update()
{
    if ( ! isset ( $_POST['user_id'] ) )
        die( 'no id' );

    $user_id = absint( $_POST['user_id'] );

    if ( ! current_user_can( 'edit_user', $user_id ) )
        die( 'not allowed' );

    if ( ! isset ( $_POST['email'] ) )
        die( 'no email' );

    if ( ! is_email( $_POST['email'] ) )
        die( 'invalid email' );

    $user = get_userdata( $user_id );

    if ( empty ( $user->user_login ) )
        die( 'user denied' );

    global $wpdb;

    $wpdb->query(
        $wpdb->prepare(
            "UPDATE {$wpdb->users} SET user_email = %s WHERE user_login = %s",
            $_POST['email'],
            $user->user_login
        )
    );

    $location = isset ( $_POST['redirect'] )
        ? urldecode( $_POST['redirect'] )
        : home_url( '/' );

    wp_redirect( $location, 303 );
    exit;
}

    Inserting …

    [userform]

    … into a page will produce a basic form:

    enter image description here

    The user can change her/his email address here.

    To understand what variables are available and where they are stored look at these files:

    • wp-admin/user-edit.php
    • wp-admin/includes/user.php and
    • wp-includes/user.php

    The tables users and user_meta are worth a look too if you want to send plain SQL queries.