Custom Fields Eraser

Powerful WordPress plugin for managing custom fields

Custom Fields Manager
Features Get Started

Overview

Custom Fields Eraser is a powerful tool for WordPress administrators to manage and clean up custom fields in the database. It adds a new "Custom Fields" menu item in the WordPress admin menu, allowing users to view and delete custom fields, excluding some internal fields like _edit_last and _edit_lock.

This plugin is designed for experienced administrators. The list of custom fields can be very long, and the initial load time might be significant depending on the number of custom fields.

Why Use This Plugin

Over time, as you install and test various plugins and themes, your WordPress database can become cluttered with numerous custom fields. These fields can bloat your database, impacting performance and making it difficult to manage your data. Custom Fields Eraser helps you identify and remove unnecessary custom fields, keeping your database clean and optimized.

Features

Custom Fields Management

View and delete custom fields from the WordPress database.

Permission Verification

Ensures that only users with manage_options capability can access the plugin's functionalities.

Input Sanitization

Utilizes sanitize_text_field() to sanitize the $meta_key before it is used in SQL queries or displayed.

WordPress Functions

Employs WordPress functions like $wpdb->get_results() and $wpdb->delete() to handle database interactions securely.

AJAX Security

Uses check_ajax_referer() to validate the security token (Nonce) for AJAX requests.

Installation

  1. Download the plugin and upload it to the /wp-content/plugins/ directory.
  2. Activate the plugin through the 'Plugins' menu in WordPress.

Usage

  1. After activation, navigate to the "Custom Fields" menu item in the WordPress admin menu.
  2. The plugin will display a list of all custom fields in the database.
  3. For each custom field, you will find a "Delete" button that allows you to remove the custom field from the database.

Security Features

Permission Verification

Functions such as custom_fields_manager_menu(), load_custom_fields_callback(), and delete_custom_field_callback() check if the user has the required manage_options capability before execution.

Sanitization of Inputs

The function sanitize_text_field() is used to clean the $meta_key before using it in SQL queries or displaying it.

WordPress Functions

Instead of direct database access, WordPress functions like $wpdb->get_results() and $wpdb->delete() are used, which inherently apply security measures such as escaping and query preparation.

AJAX Security Measures

AJAX functions use check_ajax_referer() to verify the validity of the security token (Nonce) before execution.

Notes

  • This plugin is intended for experienced WordPress administrators.
  • The list of custom fields can be extensive, leading to longer load times on the first call.

Contributing

  1. Fork the repository.
  2. Create a new branch (git checkout -b feature-branch).
  3. Commit your changes (git commit -am 'Add some feature').
  4. Push to the branch (git push origin feature-branch).
  5. Create a new Pull Request.

License

This plugin is licensed under the GPLv3 or later.

Support

For support and feature requests, please open an issue on the GitHub repository.

If you appreciate my work, please consider becoming a 'Sponsor', giving a to my projects, or following me.

Credits

VolkanSah on Github