I am new to wordpress plugin development (in fact, new to PHP too), so don’t roast me if this does not make sense.

I am developing a plugin where subscriber can upload their own images from a user page that will be available once they logged in. images from all subscriber will be displayed by a custom shortcode in a specific way.

From my reading there are two upload function I may used in the front end script: wp_handle_upload and media_handle_upload. In my understanding the difference between the two is the first one upload to defined upload folder while the second one upload to the media library (along with a media ID generated and stored in database).

My question is:1) which method should I use for my purpose, and any potential security issue?

And extended questions as well:
2) do I need to grant “upload_file” capability to “subscriber” in order for user to use these methods in front-end?

Thanks in advance!

Read more here: Front end image upload to media library or upload folder?


If you know the solution of this issue, please leave us a reply in Comment section, to update the question.

Wordpress related questions and answers: