/** * Validates the General settings * @param array $settings * @return array */ public function save_general_settings(array $settings) { $current = mc4wp_get_options(); // merge with current settings to allow passing partial arrays to this method $settings = array_merge($current, $settings); // toggle usage tracking if ($settings['allow_usage_tracking'] !== $current['allow_usage_tracking']) { MC4WP_Usage_Tracking::instance()->toggle($settings['allow_usage_tracking']); } // Make sure not to use obfuscated key if (strpos($settings['api_key'], '*') !== false) { $settings['api_key'] = $current['api_key']; } // Sanitize API key $settings['api_key'] = sanitize_text_field($settings['api_key']); // if API key changed, empty MailChimp cache if ($settings['api_key'] !== $current['api_key']) { $this->mailchimp->empty_cache(); } /** * Runs right before general settings are saved. * * @param array $settings The updated settings array * @param array $current The old settings array */ do_action('mc4wp_save_settings', $settings, $current); return $settings; }
/** * Sanitize the plugin settings * * @var array $settings Raw input array of settings * @return array $settings Sanitized array of settings */ public function validate_settings(array $settings) { $current = mc4wp_get_options(); // sanitize simple text fields (no HTML, just chars & numbers) $simple_text_fields = array('api_key', 'redirect', 'css'); foreach ($simple_text_fields as $field) { if (isset($settings[$field])) { $settings[$field] = sanitize_text_field($settings[$field]); } } // empty MailChimp lists cache when API key changed if (isset($settings['api_key']) && $settings['api_key'] !== $current['general']['api_key']) { $this->mailchimp->empty_cache(); } // validate woocommerce checkbox position if (isset($settings['woocommerce_position'])) { // make sure position is either 'order' or 'billing' if (!in_array($settings['woocommerce_position'], array('order', 'billing'))) { $settings['woocommerce_position'] = 'billing'; } } // dynamic sanitization foreach ($settings as $setting => $value) { // strip special tags from text settings if (substr($setting, 0, 5) === 'text_' || $setting === 'label') { $value = trim($value); $value = strip_tags($value, '<a><b><strong><em><i><br><u><pre><script><span><abbr><strike>'); $settings[$setting] = $value; } } return $settings; }
/** * Validates the General settings * @param array $settings * @return array */ public function save_general_settings(array $settings) { $current = mc4wp_get_options(); // Toggle usage tracking if (isset($settings['allow_usage_tracking'])) { MC4WP_Usage_Tracking::instance()->toggle((bool) $settings['allow_usage_tracking']); } // Sanitize API key & empty cache when API key changed if (isset($settings['api_key'])) { $settings['api_key'] = sanitize_text_field($settings['api_key']); if ($settings['api_key'] !== $current['api_key']) { $this->mailchimp->empty_cache(); } } return $settings; }
/** * Validates the General settings * * @param array $settings * @return array */ public function validate_settings(array $settings) { $current = mc4wp_get_options(); // Toggle usage tracking if (isset($settings['allow_usage_tracking'])) { MC4WP_Usage_Tracking::instance()->toggle((bool) $settings['allow_usage_tracking']); } // sanitize simple text fields (no HTML, just chars & numbers) $simple_text_fields = array('api_key', 'redirect', 'css'); foreach ($simple_text_fields as $field) { if (isset($settings[$field])) { $settings[$field] = sanitize_text_field($settings[$field]); } } // if api key changed, empty cache if (isset($settings['api_key']) && $settings['api_key'] !== $current['general']['api_key']) { $this->mailchimp->empty_cache(); } // validate woocommerce checkbox position if (isset($settings['woocommerce_position'])) { // make sure position is either 'order' or 'billing' if (!in_array($settings['woocommerce_position'], array('order', 'billing'))) { $settings['woocommerce_position'] = 'billing'; } } // dynamic sanitization foreach ($settings as $setting => $value) { // strip special tags from text settings if (substr($setting, 0, 5) === 'text_' || $setting === 'label') { $value = trim($value); $value = strip_tags($value, '<a><b><strong><em><i><br><u><script><span><abbr><strike>'); $settings[$setting] = $value; } } // strip <form> from form mark-up if (isset($settings['markup'])) { $settings['markup'] = preg_replace('/<\\/?form(.|\\s)*?>/i', '', $settings['markup']); } return $settings; }