/** * Validate and sanitize options on save * * This function iterates through our options, sanitizes them, and * saves them to the database. * * @uses has_filter() * @uses apply_filters() * */ function upfw_options_validate($input) { global $up_tabs; // This is the "whitelist": current settings $valid_input = (array) upfw_get_options(); // Get the array of Theme settings, by Settings Page tab $settingsbytab = upfw_get_settings_by_tab(); // Get the array of option parameters $option_parameters = upfw_get_option_parameters(); // Get the array of option defaults $option_defaults = upfw_get_option_defaults(); // Get list of tabs // Determine what type of submit was input $submittype = 'submit'; foreach ($up_tabs as $tab) { $resetname = 'reset-' . $tab['name']; if (!empty($input[$resetname])) { $submittype = 'reset'; } } // Determine what tab was input $submittab = ''; foreach ($up_tabs as $tab) { $submitname = 'submit-' . $tab['name']; $resetname = 'reset-' . $tab['name']; if (!empty($input[$submitname]) || !empty($input[$resetname])) { $submittab = $tab['name']; } } global $wp_customize; // Get settings by tab $tabsettings = isset($wp_customize) ? $settingsbytab['all'] : $settingsbytab[$submittab]; // Loop through each tab setting foreach ($tabsettings as $setting) { // If no option is selected, set the default $valid_input[$setting] = !isset($input[$setting]) ? $option_defaults[$setting] : $input[$setting]; // If submit, validate/sanitize $input if ('submit' == $submittype) { // Get the setting details from the defaults array $option = $option_parameters[$setting]; // Get the array of valid options, if applicable $valid_options = isset($option['valid_options']) ? $option['valid_options'] : false; if (!isset($option['name'])) { continue; } if (!isset($option['type'])) { continue; } $setting = preg_replace('/[^a-zA-Z0-9._\\-]/', '', strtolower($option['name'])); // Set checkbox to false if it wasn't sent in the $_POST if ('checkbox' == $option['type'] && !isset($input[$setting])) { $input[$setting] = false; } // Set each item in the multicheck to false if it wasn't sent in the $_POST if ('multicheck' == $option['type'] && !isset($input[$setting])) { foreach ($option['valid_options'] as $key => $value) { $input[$setting][$key] = false; } } // For a value to be submitted to database it must pass through a sanitization filter if (has_filter('upfw_sanitize_' . $option['type'])) { $clean[$setting] = apply_filters('upfw_sanitize_' . $option['type'], $input[$setting], $option); } } elseif ('reset' == $submittype) { // Set $setting to the default value $clean[$setting] = $option_defaults[$setting]; } } // Hook to run after validation do_action('upfw_after_validate', $clean); return $clean; }
/** * Get Theme Options * * Array that holds all of the defined values * for upfw Theme options. If the user * has not specified a value for a given Theme * option, then the option's default value is * used instead. * * @uses upfw_get_option_defaults() defined in options.php * * @uses get_option() * @uses wp_parse_args() * * @return array $upfw_options current values for all Theme options */ function upfw_get_options() { // Get the option defaults $option_defaults = upfw_get_option_defaults(); // Globalize the variable that holds the Theme options global $up_options; // Parse the stored options with the defaults $up_options = (object) wp_parse_args(get_option("theme_" . upfw_get_current_theme_id() . "_options", array()), $option_defaults); // Return the parsed array return $up_options; }
/** * Theme register_setting() sanitize callback * * Validate and whitelist user-input data before updating Theme * Options in the database. Only whitelisted options are passed * back to the database, and user-input data for all whitelisted * options are sanitized. * * @link http://codex.wordpress.org/Data_Validation Codex Reference: Data Validation * * @param array $input Raw user-input data submitted via the Theme Settings page * @return array $input Sanitized user-input data passed to the database */ function upfw_options_validate($input) { global $up_tabs; // This is the "whitelist": current settings $valid_input = upfw_get_options(); // Get the array of Theme settings, by Settings Page tab $settingsbytab = upfw_get_settings_by_tab(); // Get the array of option parameters $option_parameters = upfw_get_option_parameters(); // Get the array of option defaults $option_defaults = upfw_get_option_defaults(); // Get list of tabs // Determine what type of submit was input $submittype = 'submit'; foreach ($up_tabs as $tab) { $resetname = 'reset-' . $tab['name']; if (!empty($input[$resetname])) { $submittype = 'reset'; } } // Determine what tab was input $submittab = ''; foreach ($up_tabs as $tab) { $submitname = 'submit-' . $tab['name']; $resetname = 'reset-' . $tab['name']; if (!empty($input[$submitname]) || !empty($input[$resetname])) { $submittab = $tab['name']; } } // Get settings by tab $tabsettings = $settingsbytab[$submittab]; // Loop through each tab setting foreach ($tabsettings as $setting) { // If no option is selected, set the default $valid_input[$setting] = !isset($input[$setting]) ? $option_defaults[$setting] : $input[$setting]; // If submit, validate/sanitize $input if ('submit' == $submittype) { // Get the setting details from the defaults array $optiondetails = $option_parameters[$setting]; // Get the array of valid options, if applicable //echo "<pre>"; print_r( $optiondetails['valid_options'] ); echo "</pre>"; $valid_options = isset($optiondetails['valid_options']) ? $optiondetails['valid_options'] : false; // Validate checkbox fields if ('checkbox' == $optiondetails['type']) { // If input value is set and is true, return true; otherwise return false $valid_input[$setting] = isset($input[$setting]) && true == $input[$setting] ? true : false; } else { if ('radio' == $optiondetails['type']) { // Only update setting if input value is in the list of valid options $valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting]; } else { if ('select' == $optiondetails['type']) { // Only update setting if input value is in the list of valid options //echo $setting; $valid_input[$setting] = array_key_exists($setting, $valid_options) ? $input[$setting] : $valid_input[$setting]; } else { if ('text' == $optiondetails['type'] || 'textarea' == $optiondetails['type']) { // Validate no-HTML content if ('nohtml' == $optiondetails['sanitize']) { // Pass input data through the wp_filter_nohtml_kses filter $valid_input[$setting] = wp_filter_nohtml_kses($input[$setting]); } // Validate HTML content if ('html' == $optiondetails['sanitize']) { // Pass input data through the wp_filter_kses filter $valid_input[$setting] = wp_filter_kses($input[$setting]); } } } } } } elseif ('reset' == $submittype) { // Set $setting to the default value $valid_input[$setting] = $option_defaults[$setting]; } } return $valid_input; }