Code for adding fields to WordPress user meta

Hello Guys
Not sure if this is the right place to ask.
If not can you point me to the right direction?

​

So I got a code to add different files to the user meta in the Backend of my WordPress/ Woocommerce site (also crossposted). The Fields should not get displayed in the frontend or be editable by the user itself. It is just to store some info about the user for admins.

My question is, do you guys see any problems with the code or problems that could occure in the future? I am not that big of a pro with this. Most of the Code was written by AI even.

I would really appreciate if you could share your thoughts on this.
Thank you so much.

The code basically adds a dropdown and three textfields to all users with a specific role. It also checks if another user with the same value in the “Vereinsname” textfield exists and warns you if so.

​

function add_custom_user_profile_fields($user) {
$cantons = [
‘AU’ => ‘Auswählen…’, ‘AG’ => ‘Aargau’, ‘AR’ => ‘Appenzell Ausserrhoden’, ‘AI’ => ‘Appenzell Innerrhoden’,
‘BL’ => ‘Basel-Landschaft’, ‘BS’ => ‘Basel-Stadt’, ‘BE’ => ‘Bern’,
‘FR’ => ‘Freiburg’, ‘GE’ => ‘Genf’, ‘GL’ => ‘Glarus’,
‘GR’ => ‘Graubünden’, ‘JU’ => ‘Jura’, ‘LU’ => ‘Luzern’,
‘NE’ => ‘Neuenburg’, ‘NW’ => ‘Nidwalden’, ‘OW’ => ‘Obwalden’,
‘SG’ => ‘St. Gallen’, ‘SH’ => ‘Schaffhausen’, ‘SZ’ => ‘Schwyz’,
‘SO’ => ‘Solothurn’, ‘TG’ => ‘Thurgau’, ‘TI’ => ‘Tessin’,
‘UR’ => ‘Uri’, ‘VS’ => ‘Wallis’, ‘VD’ => ‘Waadt’,
‘ZG’ => ‘Zug’, ‘ZH’ => ‘Zürich’
];

if (in_array(‘vereinskonto’, (array) $user->roles)) {
echo ‘<h3>Vereinsinformationen</h3><table class=”form-table”>’;
echo ‘<tr><th><label for=”club_name”>Vereinsname</label></th><td>’;
echo ‘<input type=”text” name=”club_name” id=”club_name” value=”‘ . esc_attr(get_the_author_meta(‘club_name’, $user->ID)) . ‘” class=”regular-text” />’;
echo ‘</td></tr>’;

echo ‘<tr><th><label for=”canton”>Kanton</label></th><td>’;
echo ‘<select name=”canton” id=”canton” class=”regular-text”>’;
foreach ($cantons as $abbr => $name) {
echo sprintf(‘<option value=”%s” %s>%s</option>’, esc_attr($abbr), selected(get_the_author_meta(‘canton’, $user->ID), $abbr, false), esc_html($name));
}
echo ‘</select></td></tr>’;

echo ‘<tr><th><label for=”club_website”>Webseite des Vereins</label></th><td>’;
echo ‘<input type=”text” name=”club_website” id=”club_website” value=”‘ . esc_attr(get_the_author_meta(‘club_website’, $user->ID)) . ‘” class=”regular-text” />’;
echo ‘</td></tr>’;

echo ‘<tr><th><label for=”club_instagram”>Instagram-Profil</label></th><td>’;
echo ‘<input type=”text” name=”club_instagram” id=”club_instagram” value=”‘ . esc_attr(get_the_author_meta(‘club_instagram’, $user->ID)) . ‘” class=”regular-text” />’;
echo ‘</td></tr>’;
echo ‘</table>’;
}
wp_nonce_field(‘update_profile_’ . $user->ID, ‘custom_user_profile_nonce’);
}
add_action(‘show_user_profile’, ‘add_custom_user_profile_fields’);
add_action(‘edit_user_profile’, ‘add_custom_user_profile_fields’);

function save_custom_user_profile_fields($user_id) {
if (!current_user_can(‘edit_user’, $user_id)) {
return false;
}

// Überprüfe das Nonce-Feld
if (!isset($_POST[‘custom_user_profile_nonce’]) || !wp_verify_nonce($_POST[‘custom_user_profile_nonce’], ‘update_profile_’ . $user_id)) {
wp_die(‘Sicherheitsüberprüfung fehlgeschlagen.’);
}

// Prüfen, ob Vereinsname eingegeben wurde und nicht leer ist. Füge Sanitization hinzu.
if (isset($_POST[‘club_name’]) && !empty(trim($_POST[‘club_name’]))) {
$existing_users = get_users(array(
‘meta_key’ => ‘club_name’,
‘meta_value’ => sanitize_text_field($_POST[‘club_name’]),
‘exclude’ => array($user_id),
‘fields’ => ‘ID’
));

if (!empty($existing_users)) {
$existing_user_id = $existing_users[0]; // ID des ersten gefundenen Benutzers
wp_die(‘Fehler: Dieser Vereinsname ist bereits bei Benutzer ID ‘ . $existing_user_id . ‘ hinterlegt.’);
return;
}

update_user_meta($user_id, ‘club_name’, sanitize_text_field($_POST[‘club_name’]));
}

// Sanitization für Kanton, Webseite und Instagram
if (isset($_POST[‘canton’])) {
update_user_meta($user_id, ‘canton’, sanitize_text_field($_POST[‘canton’]));
}
if (isset($_POST[‘club_website’])) {
update_user_meta($user_id, ‘club_website’, esc_url_raw($_POST[‘club_website’]));
}
if (isset($_POST[‘club_instagram’])) {
update_user_meta($user_id, ‘club_instagram’, sanitize_text_field($_POST[‘club_instagram’]));
}
}
add_action(‘personal_options_update’, ‘save_custom_user_profile_fields’);
add_action(‘edit_user_profile_update’, ‘save_custom_user_profile_fields’);

&#x200B;

1 Comment

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer