/**
* Function to map an array while applying a
* specific function to it.
* Source and interesting info:
* http://stackoverflow.com/questions/4861053/php-sanitize-values-of-a-array
*/
function quadro_array_map_r($func, $arr)
{
// Return early if not an array
if (!is_array($arr)) {
return;
}
$newArr = array();
foreach ($arr as $key => $value) {
$newArr[$key] = is_array($value) ? quadro_array_map_r($func, $value) : (is_array($func) ? call_user_func_array($func, $value) : $func($value));
}
return $newArr;
}
/**
* Quadro register_setting() sanitize callback
*
* Validate and whitelist user-input data before updating Theme
* Options in the database. Only whitelisted options are passed
* back to the database, and user-input data for all whitelisted
* options are sanitized.
*
* @link http://codex.wordpress.org/Data_Validation Codex Reference: Data Validation
*
* @param array $input Raw user-input data submitted via the Theme Settings page
* @return array $input Sanitized user-input data passed to the database
*/
function quadro_options_validate($input)
{
// This is the "whitelist": current settings
$valid_input = quadro_get_options();
// Get the array of Theme settings, by Settings Page tab
$settingsbytab = quadro_get_settings_by_tab();
// Get the array of option parameters
$option_parameters = quadro_get_option_parameters();
// Get the array of option defaults
$option_defaults = quadro_get_option_defaults();
// Get list of tabs
$tabs = quadro_get_settings_page_tabs();
// Determine what type of submit was input
$submittype = 'submit';
foreach ($tabs as $tab) {
$resetname = 'reset-' . $tab['name'];
if (!empty($input[$resetname])) {
$submittype = 'reset';
}
}
// Determine what tab was input
$submittab = 'general';
foreach ($tabs as $tab) {
$submitname = 'submit-' . $tab['name'];
$resetname = 'reset-' . $tab['name'];
if (!empty($input[$submitname]) || !empty($input[$resetname])) {
$submittab = $tab['name'];
}
}
global $wp_customize;
// Get settings by tab
$tabsettings = isset($wp_customize) ? $settingsbytab['all'] : $settingsbytab[$submittab];
// Restore options from backup if submitted
if (isset($input['restore_next']) && $input['restore_next'] === true) {
$tabsettings = $settingsbytab['all'];
$valid_input['restore_next'] = false;
}
// Loop through each tab setting
foreach ($tabsettings as $setting) {
// If no option is selected, set the default
$valid_input[$setting] = !isset($input[$setting]) ? $option_defaults[$setting] : $input[$setting];
// Get the setting details from the defaults array
$optiondetails = $option_parameters[$setting];
// If submit, validate/sanitize $input
if ('submit' == $submittype) {
// Get the array of valid options, if applicable
$valid_options = isset($optiondetails['valid_options']) ? $optiondetails['valid_options'] : false;
// Validate checkbox fields
if ('checkbox' == $optiondetails['type']) {
// If input value is set and is true, return true; otherwise return false
$valid_input[$setting] = isset($input[$setting]) && true == $input[$setting] ? true : false;
} else {
if ('radio' == $optiondetails['type']) {
// Only update setting if input value is in the list of valid options
$valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
} else {
if ('select' == $optiondetails['type']) {
// Only update setting if input value is in the list of valid options
$valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
} else {
if ('text' == $optiondetails['type'] || 'textarea' == $optiondetails['type'] || 'pass' == $optiondetails['type'] || 'text-hideable' == $optiondetails['type']) {
// Validate no-HTML content
if ('nohtml' == $optiondetails['sanitize']) {
// Pass input data through the wp_filter_nohtml_kses filter
$valid_input[$setting] = wp_filter_nohtml_kses($input[$setting]);
}
// Validate HTML content
if ('html' == $optiondetails['sanitize']) {
// Pass input data through the wp_filter_kses filter
$valid_input[$setting] = wp_kses_post($input[$setting]);
}
} else {
if ('text-hideable-kses' == $optiondetails['type']) {
// Pass input data through the wp_filter_nohtml_kses filter
$valid_input[$setting] = wp_kses($input[$setting], '');
} else {
if ('upload' == $optiondetails['type']) {
// Pass input data through the wp_filter_nohtml_kses filter
$valid_input[$setting] = wp_filter_nohtml_kses($input[$setting]);
} else {
if ('color' == $optiondetails['type']) {
// Pass input data through the wp_filter_kses filter
$valid_input[$setting] = preg_match('/#([a-f]|[A-F]|[0-9]){3}(([a-f]|[A-F]|[0-9]){3})?\\b/', $input[$setting]) ? $input[$setting] : $option_defaults[$setting];
// $valid_input[$setting] = ( sanitize_hex_color($input[$setting]) ? $input[$setting] : $option_defaults[$setting] );
} else {
if ('layout-picker' == $optiondetails['type']) {
// Only update setting if input value is in the list of valid options
$valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
} else {
if ('font' == $optiondetails['type']) {
$valid_fonts = quadro_get_valid_fontslist();
$chosen_font = explode('|', $input[$setting]);
// Only update setting if input value is in the list of valid options
$valid_input[$setting] = array_key_exists($chosen_font[0], $valid_fonts) ? $input[$setting] : $valid_input[$setting];
} else {
if ('number' == $optiondetails['type']) {
// Only update setting if number is between defined limits
$valid_input[$setting] = intval($input[$setting] >= $optiondetails['min']) && intval($input[$setting] <= $optiondetails['max']) ? intval($input[$setting]) : $option_defaults[$setting];
} else {
if ('repeatable' == $optiondetails['type']) {
$valid_input[$setting] = quadro_array_map_r('wp_filter_kses', $input[$setting]);
} else {
if ('backup_options' == $optiondetails['type']) {
} else {
if ('transfer_options' == $optiondetails['type']) {
}
}
}
}
}
}
}
}
}
}
}
}
}
} elseif ('reset' == $submittype) {
// Escape this Reset iteration if no_reset is set to true
if (isset($optiondetails['no_reset']) && $optiondetails['no_reset'] == true) {
continue;
}
// Set $setting to the default value
$valid_input[$setting] = $option_defaults[$setting];
}
}
return $valid_input;
}