Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3449426

Timestamp:

01/29/2026 09:56:56 AM (6 weeks ago)

Author:

codeandcore

Message:

Search functionality now integrated directly into the main WordPress search box

Location:

slug-search-and-admin-columns

Files:

: 25 added
: 6 edited

assets/screenshot-1.png (modified) (previous)
tags/2.0.0 (added)
tags/2.0.0/admin (added)
tags/2.0.0/admin/css (added)
tags/2.0.0/admin/css/admin.css (added)
tags/2.0.0/admin/css/index.php (added)
tags/2.0.0/admin/images (added)
tags/2.0.0/admin/images/speedy-go.gif (added)
tags/2.0.0/admin/images/wysiwyg-character-limit-for-acf.png (added)
tags/2.0.0/admin/index.php (added)
tags/2.0.0/admin/js (added)
tags/2.0.0/admin/js/admin.js (added)
tags/2.0.0/admin/js/index.php (added)
tags/2.0.0/admin/templates (added)
tags/2.0.0/admin/templates/index.php (added)
tags/2.0.0/admin/templates/settings-page.php (added)
tags/2.0.0/includes (added)
tags/2.0.0/includes/class-ssac-columns.php (added)
tags/2.0.0/includes/class-ssac-search.php (added)
tags/2.0.0/includes/class-ssac-settings.php (added)
tags/2.0.0/includes/helpers.php (added)
tags/2.0.0/includes/index.php (added)
tags/2.0.0/index.php (added)
tags/2.0.0/readme.txt (added)
tags/2.0.0/slug-search-and-admin-columns.php (added)
tags/2.0.0/uninstall.php (added)
trunk/admin/templates/settings-page.php (modified) (1 diff)
trunk/includes/class-ssac-search.php (modified) (3 diffs)
trunk/includes/class-ssac-settings.php (modified) (3 diffs)
trunk/readme.txt (modified) (7 diffs)
trunk/slug-search-and-admin-columns.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

slug-search-and-admin-columns/trunk/admin/templates/settings-page.php

-                      r3425226
+                      r3449426
         <!-- Search -->
-        <div class="ssac-section-card">
-            <div class="ssac-section-card-header">
-                <h2><?php esc_html_e('Search Settings', 'slug-search-and-admin-columns'); ?></h2>
-                <p class="description">
-                    <?php esc_html_e('Choose how to search for posts.', 'slug-search-and-admin-columns'); ?>
-                </p>
-            </div>
-            <div class="ssac-field-row-parent">
-                <div class="ssac-field-row">
-                    <div class="ssac-field-label">
-                        <?php esc_html_e('Search Mode', 'slug-search-and-admin-columns'); ?>
-                        <span class="ssac-help-icon" data-tooltip="<?php esc_attr_e('Exact matches the whole slug; Partial searches anywhere within the slug (useful for fragments).', 'slug-search-and-admin-columns'); ?>">
-                                <span class="dashicons dashicons-editor-help"></span>
-                            </span>
-                    </div>
-                    <div class="ssac-field-control ssac-radio-group">
-                        <label>
-                            <input type="radio" name="ssac_settings[search_mode]" value="exact" <?php checked($ssac_settings['search_mode'], 'exact'); ?> />
-                            <span><?php esc_html_e('Exact Match', 'slug-search-and-admin-columns'); ?></span>
-                        </label>
-                        <label>
-                            <input type="radio" name="ssac_settings[search_mode]" value="partial" <?php checked($ssac_settings['search_mode'], 'partial'); ?> />
-                            <span><?php esc_html_e('Partial Match', 'slug-search-and-admin-columns'); ?></span>
-                        </label>
-                    </div>
-                </div>
-                <div class="ssac-field-row">
-                    <div class="ssac-field-label">
-                        <?php esc_html_e('Case Sensitive?', 'slug-search-and-admin-columns'); ?>
-                        <span class="ssac-help-icon" data-tooltip="<?php esc_attr_e('Treat uppercase and lowercase as different.', 'slug-search-and-admin-columns'); ?>">
-                                <span class="dashicons dashicons-editor-help"></span>
-                            </span>
-                    </div>
-                    <div class="ssac-field-control">
-                        <label>
-                            <input type="checkbox" name="ssac_settings[case_sensitive]" value="1" <?php checked($ssac_settings['case_sensitive']); ?> />
-                            <?php esc_html_e('Treat uppercase and lowercase as different.', 'slug-search-and-admin-columns'); ?>
-                        </label>
-                    </div>
-                </div>
-            </div>
-        </div>
         <!-- Capability -->
         <div class="ssac-section-card">

slug-search-and-admin-columns/trunk/includes/class-ssac-search.php

-                      r3425226
+                      r3449426
     /**
-     * Partial slug search term
+     *
-     * @var string|null
-     */
-    private static $partial_slug = null;
-    /**
-     * Active WP_Query instance
+     *
-     * @var WP_Query|null
-     */
-    private static $active_query = null;
-    /**
      * Initialize the search functionality
+     *
      * Hooks into WordPress actions to add search field and handle search queries
+     * Hooks into WordPress actions to integrate slug search into global WP admin search
+     *
      * @return void
 …
     public static function init()
+    {
+        add_action('restrict_manage_posts', [__CLASS__, 'add_slug_search_field']);
+        add_action('pre_get_posts', [__CLASS__, 'handle_slug_search']);
+        add_filter('posts_search', [__CLASS__, 'include_slug_in_search'], 10, 2);
+    }
     /**
      * Add slug search field to admin post list filters
+     * Include post slug in global WordPress admin search
+     *
+     * Displays a search input field in the post list table filters area
+     * Modifies the search query to search ONLY in post slugs when users use the
+     * standard WordPress admin search box
+     *
+     * Security Note: This method does not use nonce verification because it handles
+     * standard WordPress admin list table filters (like search, category, etc.).
+     * Per WordPress core conventions, list table filters do not require nonces as they:
+     * 1. Are only accessible to logged-in users with appropriate capabilities
+     * 2. Are read-only GET parameters that don't modify data
+     * 3. Follow the same pattern as WordPress' native filters
+     * Security Note: This method sanitizes the search term from WordPress core.
+     * The $search parameter comes from WordPress's native search handling which
+     * already sanitizes the input. This filter only modifies the WHERE clause
+     * for read-only query purposes.
+     *
+     * @return void
+     * @param string   $search The WHERE clause of the search query
+     * @param WP_Query $query  The WP_Query instance
+     * @return string Modified WHERE clause for slug-only search
      */
+    public static function add_slug_search_field()
+    {
+        global $typenow;
+        $settings = SSAC_Settings::get_settings();
+        // Only show on enabled post types
+        if (!in_array($typenow, $settings['post_types'], true)) {
+            return;
+        }
+        // Check user capability - only users with the required capability can see this field
+        if (!current_user_can($settings['capability'])) {
+            return;
+        }
+        // Lint-safe: Search filters in admin list tables use GET without nonces per WordPress core convention.
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- core WP convention
+        $ssac_slug_input = '';
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- core WP convention
+        if (isset($_GET['ssac_slug'])) {
+            // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+            $ssac_slug_input = sanitize_text_field(wp_unslash($_GET['ssac_slug']));
+        }
+        // Output search field
+        printf(
+            '<input type="text" name="ssac_slug" placeholder="%s" value="%s" />',
+            esc_attr__('Search by slug…', 'slug-search-and-admin-columns'),
+            esc_attr($ssac_slug_input)
+        );
+    }
+    /**
+     * Handle slug search query modification
+     *
+     * Modifies the main query to search by post slug based on user input
+     *
+     * Security Note: This method does not use nonce verification for the following reasons:
+     * 1. It hooks into 'pre_get_posts' which filters read-only query parameters
+     * 2. All data is sanitized with sanitize_text_field() and wp_unslash()
+     * 3. User capability is strictly checked with current_user_can()
+     * 4. This follows WordPress core conventions for list table filters
+     * 5. No data is modified based on $_GET input - only query parameters are altered
+     *
+     * See WordPress Developer Handbook: List Tables and Security
+     * https://developer.wordpress.org/plugins/security/nonces/
+     *
+     * @param WP_Query $query The WordPress query object
+     * @return void
+     */
+    public static function handle_slug_search($query)
+    public static function include_slug_in_search($search, $query)
+    {
         // Only run in admin on main query
         if (!is_admin() || !$query->is_main_query()) {
             return;
+            return $search;
+        }
 …
         // Only run on enabled post types
         if (!in_array($ptype, $settings['post_types'])) {
             return;
+            return $search;
+        }
+        // Check user capability - critical security check
+        // Only users with the required capability can filter by slug
+        // Check user capability
         if (!current_user_can($settings['capability'])) {
             return;
+            return $search;
+        }
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+        // Reason: WP Admin List Table filters (search, dropdowns, custom GET params)
+        // do not use nonces in core and are safe when sanitized and capability-checked.
+        $ssac_slug = '';
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- core WP convention
+        if (isset($_GET['ssac_slug'])) {
+            // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- core WP convention
+            $ssac_slug = sanitize_text_field(wp_unslash($_GET['ssac_slug']));
+        // Only modify if there's a search term
+        $search_term = $query->get('s');
+        if (empty($search_term)) {
+            return $search;
+        }
         // Exit if no search term
         if (empty($ssac_slug)) {
             return;
+        // Check if search term matches slug pattern (lowercase, hyphens, numbers only)
+        if (!preg_match('/^[a-z0-9\-]+$/', $search_term)) {
+            return $search;
+        }
         $mode = $settings['search_mode'];
+        global $wpdb;
+        // Handle exact match
+        if ($mode === 'exact') {
+            $query->set('name', $ssac_slug);
+        } else {
+            // Handle partial match
+            self::$partial_slug = $ssac_slug;
+            self::$active_query = $query;
+            add_filter('posts_where', [__CLASS__, 'posts_where_partial']);
+            add_filter('posts_request', [__CLASS__, 'remove_partial_filter']);
+        }
+        // Replace the entire search with slug-only search
+        // This searches ONLY the post_name (slug) field
+        $search = $wpdb->prepare("AND ({$wpdb->posts}.post_name LIKE %s)", '%' . $search_term . '%');
+        return $search;
+    }
-    /**
-     * Modify WHERE clause for partial slug search
+     *
-     * Adds LIKE condition to search for partial slug matches
+     *
-     * @param string $where The WHERE clause of the query
-     * @return string Modified WHERE clause
-     */
-    public static function posts_where_partial($where)
+    {
-        global $wpdb;
-        // Add partial match condition if we have an active search
-        if (self::$partial_slug && self::$active_query && self::$active_query->is_main_query()) {
-            $where .= $wpdb->prepare(" AND {$wpdb->posts}.post_name LIKE %s", '%' . self::$partial_slug . '%');
+        }
-        return $where;
+    }
-    /**
-     * Remove partial search filter after query is built
+     *
-     * Cleans up filters and resets static properties after the query is complete
+     *
-     * @param string $request The complete SQL query
-     * @return string Unmodified SQL query
-     */
-    public static function remove_partial_filter($request)
+    {
-        // Remove filters
-        remove_filter('posts_where', [__CLASS__, 'posts_where_partial']);
-        remove_filter('posts_request', [__CLASS__, 'remove_partial_filter']);
-        // Reset static properties
-        self::$partial_slug = null;
-        self::$active_query = null;
-        return $request;
+    }
+}

slug-search-and-admin-columns/trunk/includes/class-ssac-settings.php

-                      r3425226
+                      r3449426
         'label_id' => 'ID',
         'label_slug' => 'Slug',
-        'search_mode' => 'partial',
-        'case_sensitive' => 0,
         'capability' => 'edit_posts',
     ];
 …
         $output['enable_id'] = !empty($input['enable_id']) ? 1 : 0;
         $output['enable_slug'] = !empty($input['enable_slug']) ? 1 : 0;
-        $output['case_sensitive'] = !empty($input['case_sensitive']) ? 1 : 0;
         // Sanitize text labels
 …
         $output['label_slug'] = isset($input['label_slug']) ? sanitize_text_field($input['label_slug']) : self::$defaults['label_slug'];
-        // Sanitize search mode
-        $output['search_mode'] = in_array($input['search_mode'], ['exact', 'partial']) ? $input['search_mode'] : 'partial';
         // Sanitize capability
         $caps = ['manage_options', 'edit_others_posts', 'edit_posts', 'read'];

slug-search-and-admin-columns/trunk/readme.txt

-                      r3426055
+                      r3449426
 Tested up to: 6.9
 Requires PHP: 7.4
 Stable tag: 1.0.1
+Stable tag: 2.0.0
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 …
 * **Slug Search** - Search posts, pages, and custom post types by their slug (URL path)
 * **Sortable Columns** - Add ID and Slug columns to admin post lists with sorting capability
+* **Flexible Search Modes** - Choose between exact match or partial match search
+* **Integrated Search** - Works directly with the default WordPress search box
+* **Smart Detection** - Automatically detects slug searches without configuration
 * **Post Type Control** - Enable features for specific post types only
 * **User Permissions** - Control which user roles can see the columns and search
 …
 . Select which post types to enable (Posts, Pages, Custom Post Types)
 . Enable ID and/or Slug columns as needed
+. Choose search mode (Exact or Partial match)
 . Set user capability level for column visibility
 . Customize column labels if desired
 . Click **Save Changes**
 That's it! The search field and columns will now appear in your admin post lists.
+. Set user capability level for column visibility
+. Customize column labels if desired
+. Click **Save Changes**
+That's it! You can now search by slug directly in the main WordPress search bar, and columns will appear in your admin post lists.
 == Frequently Asked Questions ==
 …
 = Will this slow down my admin panel? =
 No. The plugin is lightweight and only runs in the WordPress admin area. It uses native WordPress queries and is optimized for performance. For very large sites, using "Exact" search mode is recommended for faster results.
+No. The plugin is lightweight and only runs in the WordPress admin area. It uses native WordPress queries and is optimized for performance.
 = Can I customize the column labels? =
 …
 Yes! You can customize the labels for both the ID and Slug columns from the settings page to match your workflow or language preferences.
+= What's the difference between Exact and Partial search? =
+* **Exact Match**: Finds posts where the slug exactly matches your search term (faster)
+* **Partial Match**: Finds posts where the slug contains your search term anywhere (more flexible)
 = Does it work with Gutenberg and Classic Editor? =
 …
 == Screenshots ==
 . **Slug Search Field** - Search by slug input field in the post list table filters
+. **Integrated Search** - Search by slug directly using the default WordPress search box
 . **ID and Slug Columns** - Sortable ID and Slug columns in the admin post list
 . **Settings Page** - Comprehensive settings panel with post type selection
 . **Column Customization** - Enable/disable columns and customize labels
-. **Search Modes** - Choose between exact and partial match search
 . **User Permissions** - Control which user roles can access features
 == Changelog ==
+= 2.0.0 - 2026-01-29 =
+* Major Update: Search functionality now integrated directly into the main WordPress search box.
+* Improvement: Removed separate "Slug Search" input field for a cleaner UI.
+* Improvement: Removed "Search Mode" settings; plugin now automatically handles fuzzy/partial matching for slug-like queries.
+* Enhancement: Streamlined codebase for better performance.
 = 1.0.1 - 2025-12-23 =
 …
 == Upgrade Notice ==
+= 2.0.0 =
+Major update: Search is now integrated into the main WordPress search bar. Separate search field has been removed.
 = 1.0.1 =
 Critical update: Fixes fatal error on activation and potential conflicts with other plugins. Upgrade immediately.

slug-search-and-admin-columns/trunk/slug-search-and-admin-columns.php

r3426055	r3449426
3	3	* Plugin Name: Slug Search and Admin Columns
4	4	* Description: Adds slug search and ID/slug columns to WP admin. Settings included.
5		* Version: ~~1.0.1~~
	5	* Version: 2.0.0
6	6	* Author: Code and Core
7	7	* Author URI: https://codeandcore.com

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory