Esempio n. 1
0
/**
 * Function to map an array while applying a
 * specific function to it.
 * Source and interesting info:
 * http://stackoverflow.com/questions/4861053/php-sanitize-values-of-a-array
 */
function quadro_array_map_r($func, $arr)
{
    // Return early if not an array
    if (!is_array($arr)) {
        return;
    }
    $newArr = array();
    foreach ($arr as $key => $value) {
        $newArr[$key] = is_array($value) ? quadro_array_map_r($func, $value) : (is_array($func) ? call_user_func_array($func, $value) : $func($value));
    }
    return $newArr;
}
Esempio n. 2
0
/**
 * Quadro register_setting() sanitize callback
 * 
 * Validate and whitelist user-input data before updating Theme 
 * Options in the database. Only whitelisted options are passed
 * back to the database, and user-input data for all whitelisted
 * options are sanitized.
 * 
 * @link	http://codex.wordpress.org/Data_Validation	Codex Reference: Data Validation
 * 
 * @param	array	$input	Raw user-input data submitted via the Theme Settings page
 * @return	array	$input	Sanitized user-input data passed to the database
 */
function quadro_options_validate($input)
{
    // This is the "whitelist": current settings
    $valid_input = quadro_get_options();
    // Get the array of Theme settings, by Settings Page tab
    $settingsbytab = quadro_get_settings_by_tab();
    // Get the array of option parameters
    $option_parameters = quadro_get_option_parameters();
    // Get the array of option defaults
    $option_defaults = quadro_get_option_defaults();
    // Get list of tabs
    $tabs = quadro_get_settings_page_tabs();
    // Determine what type of submit was input
    $submittype = 'submit';
    foreach ($tabs as $tab) {
        $resetname = 'reset-' . $tab['name'];
        if (!empty($input[$resetname])) {
            $submittype = 'reset';
        }
    }
    // Determine what tab was input
    $submittab = 'general';
    foreach ($tabs as $tab) {
        $submitname = 'submit-' . $tab['name'];
        $resetname = 'reset-' . $tab['name'];
        if (!empty($input[$submitname]) || !empty($input[$resetname])) {
            $submittab = $tab['name'];
        }
    }
    global $wp_customize;
    // Get settings by tab
    $tabsettings = isset($wp_customize) ? $settingsbytab['all'] : $settingsbytab[$submittab];
    // Restore options from backup if submitted
    if (isset($input['restore_next']) && $input['restore_next'] === true) {
        $tabsettings = $settingsbytab['all'];
        $valid_input['restore_next'] = false;
    }
    // Loop through each tab setting
    foreach ($tabsettings as $setting) {
        // If no option is selected, set the default
        $valid_input[$setting] = !isset($input[$setting]) ? $option_defaults[$setting] : $input[$setting];
        // Get the setting details from the defaults array
        $optiondetails = $option_parameters[$setting];
        // If submit, validate/sanitize $input
        if ('submit' == $submittype) {
            // Get the array of valid options, if applicable
            $valid_options = isset($optiondetails['valid_options']) ? $optiondetails['valid_options'] : false;
            // Validate checkbox fields
            if ('checkbox' == $optiondetails['type']) {
                // If input value is set and is true, return true; otherwise return false
                $valid_input[$setting] = isset($input[$setting]) && true == $input[$setting] ? true : false;
            } else {
                if ('radio' == $optiondetails['type']) {
                    // Only update setting if input value is in the list of valid options
                    $valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
                } else {
                    if ('select' == $optiondetails['type']) {
                        // Only update setting if input value is in the list of valid options
                        $valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
                    } else {
                        if ('text' == $optiondetails['type'] || 'textarea' == $optiondetails['type'] || 'pass' == $optiondetails['type'] || 'text-hideable' == $optiondetails['type']) {
                            // Validate no-HTML content
                            if ('nohtml' == $optiondetails['sanitize']) {
                                // Pass input data through the wp_filter_nohtml_kses filter
                                $valid_input[$setting] = wp_filter_nohtml_kses($input[$setting]);
                            }
                            // Validate HTML content
                            if ('html' == $optiondetails['sanitize']) {
                                // Pass input data through the wp_filter_kses filter
                                $valid_input[$setting] = wp_kses_post($input[$setting]);
                            }
                        } else {
                            if ('text-hideable-kses' == $optiondetails['type']) {
                                // Pass input data through the wp_filter_nohtml_kses filter
                                $valid_input[$setting] = wp_kses($input[$setting], '');
                            } else {
                                if ('upload' == $optiondetails['type']) {
                                    // Pass input data through the wp_filter_nohtml_kses filter
                                    $valid_input[$setting] = wp_filter_nohtml_kses($input[$setting]);
                                } else {
                                    if ('color' == $optiondetails['type']) {
                                        // Pass input data through the wp_filter_kses filter
                                        $valid_input[$setting] = preg_match('/#([a-f]|[A-F]|[0-9]){3}(([a-f]|[A-F]|[0-9]){3})?\\b/', $input[$setting]) ? $input[$setting] : $option_defaults[$setting];
                                        // $valid_input[$setting] = ( sanitize_hex_color($input[$setting]) ? $input[$setting] : $option_defaults[$setting] );
                                    } else {
                                        if ('layout-picker' == $optiondetails['type']) {
                                            // Only update setting if input value is in the list of valid options
                                            $valid_input[$setting] = array_key_exists($input[$setting], $valid_options) ? $input[$setting] : $valid_input[$setting];
                                        } else {
                                            if ('font' == $optiondetails['type']) {
                                                $valid_fonts = quadro_get_valid_fontslist();
                                                $chosen_font = explode('|', $input[$setting]);
                                                // Only update setting if input value is in the list of valid options
                                                $valid_input[$setting] = array_key_exists($chosen_font[0], $valid_fonts) ? $input[$setting] : $valid_input[$setting];
                                            } else {
                                                if ('number' == $optiondetails['type']) {
                                                    // Only update setting if number is between defined limits
                                                    $valid_input[$setting] = intval($input[$setting] >= $optiondetails['min']) && intval($input[$setting] <= $optiondetails['max']) ? intval($input[$setting]) : $option_defaults[$setting];
                                                } else {
                                                    if ('repeatable' == $optiondetails['type']) {
                                                        $valid_input[$setting] = quadro_array_map_r('wp_filter_kses', $input[$setting]);
                                                    } else {
                                                        if ('backup_options' == $optiondetails['type']) {
                                                        } else {
                                                            if ('transfer_options' == $optiondetails['type']) {
                                                            }
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        } elseif ('reset' == $submittype) {
            // Escape this Reset iteration if no_reset is set to true
            if (isset($optiondetails['no_reset']) && $optiondetails['no_reset'] == true) {
                continue;
            }
            // Set $setting to the default value
            $valid_input[$setting] = $option_defaults[$setting];
        }
    }
    return $valid_input;
}