# AI Prompt Generator (WordPress Plugin)
A sophisticated WordPress plugin for creating, managing, and distributing AI prompts with granular access controls, per-user permissions, favorites system, and comprehensive admin dashboard. Designed for teams and organizations that need controlled access to AI prompt templates.
Purpose and Philosophy
The Problem
AI prompt management in organizations faces challenges:
- Access control: Not everyone should see all prompts (confidential prompts)
- Permission management: Different users need different prompt access
- Tracking: Who used which prompts and when
- GDPR: Compliance requirements for data handling
The Solution
A complete system with:
- Hierarchical prompt library organized by categories
- Token-based access for external users (no WordPress accounts needed)
- Per-user permissions override global visibility
- Favorites system for quick access to frequently used prompts
- Complete audit logging for compliance and tracking
- GDPR compliance tools including data export/deletion
Architecture
Database Schema
5 Custom Tables
sql
-- 1. Access Requests Table
CREATE TABLE {$wpdb->prefix}aipm_access_requests (
id mediumint(9) NOT NULL AUTO_INCREMENT,
user_name varchar(100) NOT NULL,
user_email varchar(100) NOT NULL,
access_token varchar(64) DEFAULT '' NOT NULL,
token_status varchar(20) DEFAULT 'pending' NOT NULL,
requested_at datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
approved_at datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
PRIMARY KEY (id),
UNIQUE KEY user_email (user_email),
UNIQUE KEY access_token (access_token)
);
-- 2. Library Table
CREATE TABLE {$wpdb->prefix}aipm_library (
id mediumint(9) NOT NULL AUTO_INCREMENT,
item_type varchar(100) NOT NULL,
item_value varchar(255) NOT NULL,
PRIMARY KEY (id),
UNIQUE KEY type_value (item_type, item_value(191))
);
-- 3. Favorites Table
CREATE TABLE {$wpdb->prefix}aipm_favorites (
id bigint(20) NOT NULL AUTO_INCREMENT,
user_id bigint(20) UNSIGNED NOT NULL DEFAULT 0,
user_access_token varchar(64) NOT NULL,
favorite_name varchar(255) NOT NULL,
favorite_details text,
saved_prompt_content longtext NOT NULL,
saved_at datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
PRIMARY KEY (id),
KEY user_id (user_id),
KEY user_access_token (user_access_token)
);
-- 4. Prompt Logs Table
CREATE TABLE {$wpdb->prefix}aipm_prompt_logs (
id bigint(20) NOT NULL AUTO_INCREMENT,
prompt_cpt_id bigint(20) NOT NULL DEFAULT 0,
user_access_token varchar(64) DEFAULT '' NOT NULL,
generated_prompt longtext NOT NULL,
generated_at datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
PRIMARY KEY (id),
KEY prompt_cpt_id (prompt_cpt_id),
KEY user_access_token (user_access_token)
);
-- 5. Permissions Table
CREATE TABLE {$wpdb->prefix}aipm_permissions (
id bigint(20) NOT NULL AUTO_INCREMENT,
user_id bigint(20) NOT NULL DEFAULT 0,
prompt_id bigint(20) NOT NULL DEFAULT 0,
can_access tinyint(1) DEFAULT 1,
PRIMARY KEY (id),
KEY user_id (user_id),
KEY prompt_id (prompt_id)
);Core Features
1. Prompt Management (CPT)
php
// Register Prompt CPT
function aipm_register_post_types() {
register_post_type(AIPM_CPT_PROMPT, [
'labels' => [
'name' => 'AI Prompts',
'singular_name' => 'AI Prompt',
'add_new' => 'Add New Prompt',
],
'public' => false,
'show_ui' => true,
'supports' => ['title', 'editor', 'custom-fields', 'author'],
'menu_icon' => 'dashicons-lightbulb',
'menu_position' => 50,
'show_in_menu' => 'aipm-menu',
]);
// Register Taxonomy
register_taxonomy(AIPM_TAXONOMY_CATEGORY, [AIPM_CPT_PROMPT], [
'labels' => ['name' => 'Prompt Categories'],
'hierarchical' => true,
'show_in_menu' => 'aipm-menu',
]);
}2. Access Control System
php
// Check if user can access a prompt
function aipm_check_prompt_access($prompt_id, $user_id, $token = null) {
// 1. Check global visibility setting
$global_visibility = get_option(AIPM_PROMPT_VISIBILITY_META_KEY, 'all');
if ($global_visibility === 'all') {
return true; // Everyone can access
}
if ($global_visibility === 'admin') {
return current_user_can('manage_options');
}
// 2. Check per-user permissions (overrides global)
global $wpdb;
$permitted = $wpdb->get_var($wpdb->prepare(
"SELECT can_access FROM {$wpdb->prefix}aipm_permissions
WHERE user_id = %d AND prompt_id = %d",
$user_id, $prompt_id
));
if ($permitted !== null) {
return (bool) $permitted;
}
// 3. Check token-based access for external users
if ($token) {
return aipm_validate_token($token, $prompt_id);
}
return false;
}3. Access Request System
php
function aipm_render_access_request_form() {
?>
<div class="aipm-access-card">
<h2>Request Access to AI Prompt Generator</h2>
<p>To use this tool, please request access below. Once approved by an administrator, you will receive a unique access link via email.</p>
<form method="POST" action="" class="aipm-form">
<?php wp_nonce_field('aipm_request_access', 'aipm_nonce'); ?>
<div class="aipm-form-group">
<label for="aipm_name">Your Name</label>
<input type="text" id="aipm_name" name="aipm_name" required>
</div>
<div class="aipm-form-group">
<label for="aipm_email">Your Email</label>
<input type="email" id="aipm_email" name="aipm_email" required>
</div>
<button type="submit" class="aipm-button aipm-button-primary">Request Access</button>
</form>
</div>
<?php
}4. Favorites System
php
// Add prompt to favorites
function aipm_add_to_favorites($user_id, $token, $prompt_id, $prompt_title) {
global $wpdb;
$prompt_content = get_post_field('post_content', $prompt_id);
$wpdb->insert(
$wpdb->prefix . AIPM_FAVORITES_TABLE_NAME,
[
'user_id' => $user_id,
'user_access_token' => $token,
'favorite_name' => sanitize_text_field($prompt_title),
'favorite_details' => json_encode(['prompt_id' => $prompt_id]),
'saved_prompt_content' => $prompt_content,
'saved_at' => current_time('mysql')
]
);
}5. Prompt Logging
php
// Log prompt usage
function aipm_log_prompt_usage($prompt_id, $token, $generated_prompt) {
global $wpdb;
$wpdb->insert(
$wpdb->prefix . AIPM_LOGS_TABLE_NAME,
[
'prompt_cpt_id' => $prompt_id,
'user_access_token' => $token,
'generated_prompt' => $generated_prompt,
'generated_at' => current_time('mysql')
]
);
}6. Admin Dashboard
php
function aipm_admin_dashboard_shortcode() {
if (!current_user_can('manage_options')) {
return '<div class="aipm-app-container"><p>Access Denied: You do not have permission.</p></div>';
}
?>
<div id="aipm-admin-app" class="aipm-app-container">
<div id="aipm-toast-container"></div>
<!-- User Management Modal -->
<div id="aipm-user-modal-overlay" class="aipm-modal-overlay" style="display:none;">
<div id="aipm-user-modal" class="aipm-modal-content">
<button id="aipm-close-modal-btn" class="aipm-modal-close">×</button>
<h3>Manage User Permissions</h3>
<form id="aipm-user-modal-form">
<input type="hidden" id="aipm-modal-user-id" name="user_id">
<h4>Prompt Permissions</h4>
<p class="aipm-subtext">Grant access to specific prompts. This overrides global visibility.</p>
<div id="aipm-modal-prompt-permissions" class="aipm-permissions-checklist">
<!-- Loaded via AJAX -->
</div>
<div class="aipm-form-actions">
<button type="submit" class="aipm-button-primary">Save Permissions</button>
</div>
</form>
</div>
</div>
<!-- Dashboard Content -->
<div class="aipm-dashboard-stats">
<!-- Stats loaded via AJAX -->
</div>
</div>
<?php
}Shortcodes
| Shortcode | Description |
|---|---|
[aipm_generator] | Public prompt generator with access control |
[aipm_library] | Browse available prompts |
[aipm_admin_dashboard] | Admin management interface |
[aipm_favorites] | User's saved prompts |
Access Levels
Global Settings
- All users — Everyone with access token can see all prompts
- Admin only — Only logged-in administrators
Per-User Override
- Specific prompts can be granted/revoked per user
- Overrides global setting when defined
Token-Based Access
- For external users without WordPress accounts
- Tokens managed in admin dashboard
- Can be revoked anytime
GDPR Compliance Features
User Data Management
php
// Export user data (GDPR)
function aipm_export_user_data($user_id) {
global $wpdb;
// Get favorites
$favorites = $wpdb->get_results($wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}aipm_favorites WHERE user_id = %d",
$user_id
));
// Get access logs
$logs = $wpdb->get_results($wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}aipm_prompt_logs WHERE user_id = %d",
$user_id
));
return [
'favorites' => $favorites,
'logs' => $logs
];
}
// Delete user data (GDPR)
function aipm_delete_user_data($user_id) {
global $wpdb;
$wpdb->delete($wpdb->prefix . AIPM_FAVORITES_TABLE_NAME, ['user_id' => $user_id]);
$wpdb->delete($wpdb->prefix . AIPM_LOGS_TABLE_NAME, ['user_id' => $user_id]);
$wpdb->delete($wpdb->prefix . AIPM_PERMISSIONS_TABLE_NAME, ['user_id' => $user_id]);
}Data Retention
- Logs retention period configurable
- Auto-cleanup of old logs
- Export in JSON format
Version History
| Version | Date | Changes |
|---|---|---|
| 9.3.2 | August 2025 | Latest with bug fixes |
| 9.3.1 | Earlier | Permission improvements |
| 9.0 | Earlier | Added favorites system |
Installation
- Upload plugin to WordPress
- Activate via WP Admin
- Database tables created automatically
- Create pages with shortcodes
- Add prompts in the AI Prompts CPT
Portfolio Context
This plugin demonstrates:
- Custom database tables — 5 tables for complex data
- Access control — Multiple layers of permissions
- AJAX interfaces — Modern WordPress development
- GDPR compliance — Data export/deletion tools
- Audit logging — Complete usage tracking
- Token management — External user handling without accounts
- Shortcode development — Reusable UI components
Architecture Feedback
Spotted a potential optimization or antipattern? Let me know.