我建议有一个通用的表格,可以由公众在前端完成。表单的提交将生成帖子,在其元数据(密码)中保存一个随机字符串,并发送一封包含以下链接的电子邮件/?p=PAGEID&post_id=THE_POST_ID&pw=THE_PASSWORD. POST\\u ID和\\u PASSWORD是来自生成的帖子的值,PAGEID是您创建的一个页面,其中包含用于处理编辑的快捷码。不要太过详细,但您的短代码如下所示:
add_shortcode(\'viktor_edit_post\', function() {
// Sanitize
$_REQUEST[\'post_id\'] = absint($_REQUEST[\'post_id\']);
// Validate
if(empty($_REQUEST[\'post_id\'])
|| get_post_status($_REQUEST[\'post_id\']) === FALSE
|| get_post_meta($_REQUEST[\'post_id\'], \'pw\', TRUE) !== $_REQUEST[\'pw\']
) {
// I would suggest echoing the public form here and handling its submission
// here as well. I think it would be preferable as you need not hard-code
// the PAGEID because this shortcode sits on that page. You could get it by way
// of the global $page (as done below).
return;
}
// If edit submission, update.
if(wp_verify_nonce(\'viktor_nonce_\'.$_REQUEST[\'post_id\'], \'viktor_check\')
&& isset($_REQUEST[\'new_post_content\'])
) {
wp_update_post(array(
\'ID\' => $_REQUEST[\'post_id\'],
\'post_content\' => sanitize_textarea_field($_REQUEST[\'new_post_content\']);
));
}
// Display edit form
global $post;
?><form action=\'/?p=<?= $post->ID ?>\' method=\'POST\'>
<?php wp_nonce_field(\'viktor_check\', \'viktor_nonce_\'.$_REQUEST[\'post_id\'], FALSE); ?>
<input type=\'hidden\' name=\'post_id\' value=\'<?= $_REQUEST[\'post_id\'] ?>\'>
<input type=\'hidden\' name=\'pw\' value=\'<?= $_REQUEST[\'pw\'] ?>\'>
<p><?= sprintf(
__(\'Please make changes as you see fit to %s.\'),
get_the_title($_REQUEST[\'post_id\']),
) ?></p>
<textarea name="new_post_content"><?= get_the_content(NULL, FALSE, $_REQUEST[\'post_id\']) ?></textarea>
<?php submit_button(\'Save\'); ?>
</form><?php
});
这里的交易是,你不能在控制你网站用户的功能上胡闹。由于您还想与非用户打交道,我认为一个简单的短代码插件是最好的选择。
