Opened 15 years ago
Closed 12 years ago
#12969 closed defect (bug) (fixed)
save_post action hook called before post-new.php is loaded
Reported by: | duck_ | Owned by: | |
---|---|---|---|
Milestone: | WordPress.org | Priority: | normal |
Severity: | normal | Version: | 3.0 |
Component: | Inline Docs | Keywords: | |
Focuses: | Cc: |
Description
Since r12987 new posts/pages are being saved into database as auto-drafts, this means that the save_post action hook is called as post-new.php is loading ($post = get_default_post_to_edit( $post_type, true );
on line 55).
Unfortunately any plugin or theme following the codex on adding meta boxes may run into trouble with nonce protection. Whenever a user goes to create a new post/page myplugin_save_postdata (function from codex example) will be called (because of the save_post action). However, the custom nonce will not exist since the function to create the meta box hasn't been called.
I guess best fix might be just to change the instructions.
Change History (4)
#3
@
14 years ago
- Component changed from General to Inline Docs
- Milestone changed from Awaiting Review to WordPress.org site
save_post also gets called for revisions and autosaves I believe.
That whole Codex example needs to be rewritten from a 3.0 standpoint.
I don't think this is a core issue, and rather is a documentation problem.
Marking for WordPress.org/Inline Docs, which we can fake to be the Codex needing an update.
See also this thread: http://lists.automattic.com/pipermail/wp-hackers/2010-October/035469.html
More general description:
save_post action called at a dubious location, because, although post data is technically being inserted into the db, nothing has been saved as far as user and plugin/theme developers are concerned.