Custom Fields Eraser is a powerful tool for WordPress administrators to manage and clean up custom fields in the database. It adds a new "Custom Fields" menu item in the WordPress admin menu, allowing users to view and delete custom fields, excluding some internal fields like _edit_last
and _edit_lock
.
Important: This plugin is designed for experienced administrators. The list of custom fields can be very long, and the initial load time might be significant depending on the number of custom fields.
- Custom Fields Management: View and delete custom fields from the WordPress database.
- Permission Verification: Ensures that only users with
manage_options
capability can access the plugin's functionalities. - Input Sanitization: Utilizes
sanitize_text_field()
to sanitize the$meta_key
before it is used in SQL queries or displayed. - WordPress Functions: Employs WordPress functions like
$wpdb->get_results()
and$wpdb->delete()
to handle database interactions securely. - AJAX Security: Uses
check_ajax_referer()
to validate the security token (Nonce) for AJAX requests.
Over time, as you install and test various plugins and themes, your WordPress database can become cluttered with numerous custom fields. These fields can bloat your database, impacting performance and making it difficult to manage your data. Custom Fields Eraser helps you identify and remove unnecessary custom fields, keeping your database clean and optimized.
- Download the plugin and upload it to the
/wp-content/plugins/
directory. - Activate the plugin through the 'Plugins' menu in WordPress.
- After activation, navigate to the "Custom Fields" menu item in the WordPress admin menu.
- The plugin will display a list of all custom fields in the database.
- For each custom field, you will find a "Delete" button that allows you to remove the custom field from the database.
-
Permission Verification:
- Functions such as
custom_fields_manager_menu()
,load_custom_fields_callback()
, anddelete_custom_field_callback()
check if the user has the requiredmanage_options
capability before execution.
- Functions such as
-
Sanitization of Inputs:
- The function
sanitize_text_field()
is used to clean the$meta_key
before using it in SQL queries or displaying it.
- The function
-
WordPress Functions:
- Instead of direct database access, WordPress functions like
$wpdb->get_results()
and$wpdb->delete()
are used, which inherently apply security measures such as escaping and query preparation.
- Instead of direct database access, WordPress functions like
-
AJAX Security Measures:
- AJAX functions use
check_ajax_referer()
to verify the validity of the security token (Nonce) before execution.
- AJAX functions use
- This plugin is intended for experienced WordPress administrators.
- The list of custom fields can be extensive, leading to longer load times on the first call.
- Fork the repository.
- Create a new branch (
git checkout -b feature-branch
). - Commit your changes (
git commit -am 'Add some feature'
). - Push to the branch (
git push origin feature-branch
). - Create a new Pull Request.
This plugin is licensed under the GPLv3 or later.
- For support and feature requests, please open an issue on the GitHub repository.
- If you appreciate my work, please consider becoming a 'Sponsor', giving a ⭐ to my projects, or following me.