function amt_save_postdata($post_id, $post)
{
// Verify if this is an auto save routine.
// If it is our form has not been submitted, so we dont want to do anything
if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
return;
}
/* Verify the nonce before proceeding. */
// Verify this came from the our screen and with proper authorization,
// because save_post can be triggered at other times
if (!isset($_POST['amt_noncename']) || !wp_verify_nonce($_POST['amt_noncename'], plugin_basename(AMT_PLUGIN_FILE))) {
return;
}
// Get the Metadata metabox permissions (filtered)
$metabox_permissions = amt_get_metadata_metabox_permissions();
// Global Metadata metabox permission check (can be user customized via filter).
if (!current_user_can($metabox_permissions['global_metabox_capability'])) {
return;
}
// Get the Add-Meta-Tags options.
$options = get_option("add_meta_tags_opts");
/* Get the post type object. */
$post_type_obj = get_post_type_object($post->post_type);
/* Check if the current user has permission to edit the post. */
if (!current_user_can($post_type_obj->cap->edit_post, $post_id)) {
return;
}
// OK, we're authenticated: we need to find and save the data
//
// Sanitize user input
//
//
// Description
if (isset($_POST['amt_custom_description'])) {
$description_value = sanitize_text_field(amt_sanitize_description(stripslashes($_POST['amt_custom_description'])));
}
// Keywords - sanitize_text_field() removes '%ca' part of '%cats%', so we enclose 'sanitize_text_field()' in amt_(convert|revert)_placeholders()
if (isset($_POST['amt_custom_keywords'])) {
$keywords_value = amt_sanitize_keywords(amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($_POST['amt_custom_keywords'])))));
}
// Title
if (isset($_POST['amt_custom_title'])) {
$title_value = amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($_POST['amt_custom_title']))));
}
// News keywords
if (isset($_POST['amt_custom_newskeywords'])) {
$newskeywords_value = sanitize_text_field(amt_sanitize_keywords(stripslashes($_POST['amt_custom_newskeywords'])));
}
// Full metatags - We allow only <meta> elements.
if (isset($_POST['amt_custom_full_metatags'])) {
$full_metatags_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_full_metatags']), amt_get_allowed_html_kses()));
}
// Image URL
if (isset($_POST['amt_custom_image_url'])) {
$image_url_value = amt_esc_id_or_url_notation(stripslashes($_POST['amt_custom_image_url']));
}
// Content locale
if (isset($_POST['amt_custom_content_locale'])) {
$content_locale_value = esc_attr(stripslashes($_POST['amt_custom_content_locale']));
}
// Express review
if (isset($_POST['amt_custom_express_review'])) {
$express_review_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_express_review']), array()));
//
// REVIEW_AMPERSAND_NOTE: We replace & to & for (see also REVIEW_AMPERSAND_NOTE in amt-utils.php)
//
$express_review_value = str_replace('&', '&', $express_review_value);
}
// List of referenced items - We allow no HTML elements.
if (isset($_POST['amt_custom_referenced_list'])) {
$referenced_list_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_referenced_list']), array()));
}
// If a value has not been entered we try to delete existing data from the database
// If the user has entered data, store it in the database.
// Add-Meta-Tags custom field names
$amt_description_field_name = '_amt_description';
$amt_keywords_field_name = '_amt_keywords';
$amt_title_field_name = '_amt_title';
$amt_newskeywords_field_name = '_amt_news_keywords';
$amt_full_metatags_field_name = '_amt_full_metatags';
$amt_image_url_field_name = '_amt_image_url';
$amt_content_locale_field_name = '_amt_content_locale';
$amt_express_review_field_name = '_amt_express_review';
$amt_referenced_list_field_name = '_amt_referenced_list';
// As an extra security measure, here we also check the user-defined per box
// permissions before we save any data in the database.
// Description
if ($options['metabox_enable_description'] == '1' && current_user_can($metabox_permissions['description_box_capability'])) {
if (empty($description_value)) {
delete_post_meta($post_id, $amt_description_field_name);
// Also clean up old description field
delete_post_meta($post_id, 'description');
} else {
update_post_meta($post_id, $amt_description_field_name, $description_value);
// Also clean up again old description field - no need to exist any more since the new field is used.
delete_post_meta($post_id, 'description');
}
}
// Keywords
if ($options['metabox_enable_keywords'] == '1' && current_user_can($metabox_permissions['keywords_box_capability'])) {
if (empty($keywords_value)) {
delete_post_meta($post_id, $amt_keywords_field_name);
// Also clean up old keywords field
delete_post_meta($post_id, 'keywords');
} else {
update_post_meta($post_id, $amt_keywords_field_name, $keywords_value);
// Also clean up again old keywords field - no need to exist any more since the new field is used.
delete_post_meta($post_id, 'keywords');
}
}
// Title
if ($options['metabox_enable_title'] == '1' && current_user_can($metabox_permissions['title_box_capability'])) {
if (empty($title_value)) {
delete_post_meta($post_id, $amt_title_field_name);
} else {
update_post_meta($post_id, $amt_title_field_name, $title_value);
}
}
// 'news_keywords'
if ($options['metabox_enable_news_keywords'] == '1' && current_user_can($metabox_permissions['news_keywords_box_capability'])) {
if (empty($newskeywords_value)) {
delete_post_meta($post_id, $amt_newskeywords_field_name);
} else {
update_post_meta($post_id, $amt_newskeywords_field_name, $newskeywords_value);
}
}
// per post full meta tags
if ($options['metabox_enable_full_metatags'] == '1' && current_user_can($metabox_permissions['full_metatags_box_capability'])) {
if (empty($full_metatags_value)) {
delete_post_meta($post_id, $amt_full_metatags_field_name);
} else {
update_post_meta($post_id, $amt_full_metatags_field_name, $full_metatags_value);
}
}
// Image URL
if ($options['metabox_enable_image_url'] == '1' && current_user_can($metabox_permissions['image_url_box_capability'])) {
if (empty($image_url_value)) {
delete_post_meta($post_id, $amt_image_url_field_name);
} else {
update_post_meta($post_id, $amt_image_url_field_name, $image_url_value);
}
}
// Content locale
if ($options['metabox_enable_content_locale'] == '1' && current_user_can($metabox_permissions['content_locale_box_capability'])) {
if (empty($content_locale_value)) {
delete_post_meta($post_id, $amt_content_locale_field_name);
} else {
update_post_meta($post_id, $amt_content_locale_field_name, $content_locale_value);
}
}
// Express review
if ($options['metabox_enable_express_review'] == '1' && current_user_can($metabox_permissions['express_review_box_capability'])) {
if (empty($express_review_value)) {
delete_post_meta($post_id, $amt_express_review_field_name);
} else {
update_post_meta($post_id, $amt_express_review_field_name, $express_review_value);
}
}
// Referenced list
if ($options['metabox_enable_referenced_list'] == '1' && current_user_can($metabox_permissions['referenced_list_box_capability'])) {
if (empty($referenced_list_value)) {
delete_post_meta($post_id, $amt_referenced_list_field_name);
} else {
update_post_meta($post_id, $amt_referenced_list_field_name, $referenced_list_value);
}
}
}
/**
* Saves the new settings in the database.
* Accepts the POST request data.
*/
function amt_save_settings($post_payload)
{
// Default Add-Meta-Tags Settings
$default_options = amt_get_default_options();
$add_meta_tags_opts = array();
foreach ($default_options as $def_key => $def_value) {
// **Always** use the ``settings_version`` from the defaults
if ($def_key == 'settings_version') {
$add_meta_tags_opts['settings_version'] = $def_value;
} elseif (array_key_exists($def_key, $post_payload)) {
// Validate and sanitize input before adding to 'add_meta_tags_opts'
if ($def_key == 'site_description') {
$add_meta_tags_opts[$def_key] = sanitize_text_field(amt_sanitize_description(stripslashes($post_payload[$def_key])));
} elseif ($def_key == 'site_keywords') {
// No placeholders here
$add_meta_tags_opts[$def_key] = sanitize_text_field(amt_sanitize_keywords(stripslashes($post_payload[$def_key])));
} elseif ($def_key == 'global_keywords') {
// placeholder may exist here
$add_meta_tags_opts[$def_key] = amt_sanitize_keywords(amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($post_payload[$def_key])))));
} elseif ($def_key == 'site_wide_meta') {
$add_meta_tags_opts[$def_key] = esc_textarea(wp_kses(stripslashes($post_payload[$def_key]), amt_get_allowed_html_kses()));
} elseif ($def_key == 'copyright_url') {
$add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
} elseif ($def_key == 'default_image_url') {
$add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
} elseif ($def_key == 'social_main_facebook_publisher_profile_url') {
$add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
} elseif ($def_key == 'social_main_googleplus_publisher_profile_url') {
$add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
} elseif ($def_key == 'author_profile_source') {
$author_profile_source_value = sanitize_text_field(stripslashes($post_payload[$def_key]));
if (!in_array($author_profile_source_value, array('default', 'frontpage', 'buddypress', 'url'))) {
$author_profile_source_value = 'default';
}
$add_meta_tags_opts[$def_key] = $author_profile_source_value;
} elseif ($def_key == 'transient_cache_expiration') {
$transient_cache_expiration_value = sanitize_text_field(stripslashes($post_payload[$def_key]));
if (!is_numeric($transient_cache_expiration_value) || intval($transient_cache_expiration_value) < 0) {
$transient_cache_expiration_value = '0';
}
$add_meta_tags_opts[$def_key] = $transient_cache_expiration_value;
} else {
$add_meta_tags_opts[$def_key] = sanitize_text_field(stripslashes($post_payload[$def_key]));
}
} else {
// The following settings have a default value of 1, so they can never be
// deactivated, unless the following check takes place.
if ($def_key == 'auto_description' || $def_key == 'auto_keywords' || $def_key == 'noindex_search_results' || $def_key == 'metabox_enable_description' || $def_key == 'metabox_enable_keywords' || $def_key == 'metabox_enable_title') {
if (!isset($post_payload[$def_key])) {
$add_meta_tags_opts[$def_key] = "0";
}
} else {
// Else save the default value in the db.
$add_meta_tags_opts[$def_key] = $def_value;
}
}
}
// Finally update the Add-Meta-Tags options.
update_option("add_meta_tags_opts", $add_meta_tags_opts);
//var_dump($post_payload);
//var_dump($add_meta_tags_opts);
amt_show_info_msg(__('Add-Meta-Tags options saved', 'add-meta-tags'));
}