I am building a data-entry form for a wordpress website, strictly for logged-in users with editing capabilities.
Conceptually, the user submits the database table they will work on, and receives a semi-populated form/table. They can then update certain values and upload them to the database. Preferably, the table would use jquery for validation and a nice UI.
What is the most foolproof way to go about this? Right now I see two ways:
Database selection in PHP, POST, then redirect to second PHP page which populates the table with wpdb SELECT. jQuery validation script loads. PHP also has POST for the submit button which performs the wpdb INSERT.
All in jQuery. Make a plugin of it with shortcode that is put on regular wordpress page. jQuery builds all HTML for form; wpdb SELECT and INSERT is handled by wordpress’s ajax.
Anything else I’m missing?
Are there any advantages for either method? I find many “tutorials” online for 1., but it seems more messy. Are there any gaping security holes in 2. that aren’t mitigated with check_ajax_referer?
Read more here:: Building a logged-in user form that interacts with database