Support Forum
Support › MB Frontend Submission › List of post to edit in frontend › Reply To: List of post to edit in frontend
No, everything works fine. Another question:
Someone who knows:
http://xxx.es/crear-articulo/?rwmb_frontend_field_post_id=540
Knowing this url and changing the post id, anyone can enter and update all the posts...
What people do to solve it?
I think one solution is make a function wiht the add_action('template_redirect',
and check that the user has permission to modify the post id.
I don't know if to do this, is important this code, that I don't understand very well:
add_filter( 'rwmb_frontend_field_value_post_id', 'my_custom_population_function', 10, 2 );
function my_custom_population_function( $value, $args ) {
if ( $args['id'] === 'your_meta_box_id' ) { // Only filter for a specific form.
$value = 123;
}
return $value;
}
I can see the args printed in the page, but when I call the action template_redirect, or the arguments are not yet, or I do not know how to collect them.
Is there any easier solution? Or does it have to be done this way?
Thanks,
Sergio