/** * Validate settings * * @since 1.3 */ public function validate_settings($input) { if (empty($_POST)) { return $input; } $defaults = $this->our_parser->these_options; $options = self::get_options(); $current_options = $options->get_current_options(); $valid_input = $current_options; // we start with the current options if (isset($_POST['fflcommerce_options_processed']) && wp_verify_nonce($_POST['fflcommerce_options_processed'], 'fflcommerce_options_processed')) { return $valid_input; } // Find the current TAB we are working with and use it's option settings $this_section = $this->get_current_tab_name(); $tab = $this->our_parser->tabs[sanitize_title($this_section)]; // with each option, get it's type and validate it if (!empty($tab)) { foreach ($tab as $setting) { if (isset($setting['id'])) { // special case tax classes should be updated, they will do nothing if this is not the right TAB if ($setting['id'] == 'fflcommerce_tax_rates') { $valid_input['fflcommerce_tax_rates'] = $this->get_updated_tax_classes(); $options->set('fflcommerce_tax_rates', $valid_input['fflcommerce_tax_rates']); continue; } // get this settings options $option = array(); foreach ($defaults as $default_options) { if (in_array($setting['id'], $default_options, true)) { $option = $default_options; break; } } $value = isset($input[$setting['id']]) ? $input[$setting['id']] : false; // we have a $setting // $value has the WordPress user submitted value for this $setting // $option has this $setting parameters // validate for $option 'type' checking for a submitted $value switch ($option['type']) { case 'user_defined': if (isset($option['update'])) { if (is_callable($option['update'], true)) { $result = call_user_func($option['update']); $valid_input[$setting['id']] = $result; } } break; case 'multi_select_countries': $countries = fflcommerce_countries::get_countries(); asort($countries); $selected = array(); foreach ($countries as $key => $val) { if (in_array($key, (array) $value)) { $selected[] = $key; } } $valid_input[$setting['id']] = $selected; break; case 'checkbox': // there will be no $value for a false checkbox, set it now $valid_input[$setting['id']] = $value !== false ? 'yes' : 'no'; break; case 'multicheck': $selected = array(); foreach ($option['choices'] as $key => $val) { if (isset($value[$key])) { $selected[$key] = true; } else { $selected[$key] = false; } } $valid_input[$setting['id']] = $selected; break; case 'text': case 'longtext': case 'textarea': $valid_input[$setting['id']] = esc_attr(fflcommerce_clean($value)); break; case 'codeblock': $allowedtags = array('a' => array('href' => true, 'title' => true), 'img' => array('src' => true, 'title' => true, 'alt' => true), 'abbr' => array('title' => true), 'acronym' => array('title' => true), 'b' => array(), 'blockquote' => array('cite' => true), 'cite' => array(), 'code' => array(), 'script' => array('src' => true, 'language' => true, 'type' => true), 'del' => array('datetime' => true), 'em' => array(), 'i' => array(), 'q' => array('cite' => true), 'strike' => array(), 'strong' => array()); $valid_input[$setting['id']] = wp_kses($value, $allowedtags); break; case 'email': $email = sanitize_email($value); if ($email != $value) { add_settings_error($setting['id'], 'fflcommerce_email_error', sprintf(__('You entered "%s" as the value for "%s" and it was not a valid email address. It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name']), 'error'); $valid_input[$setting['id']] = $current_options[$setting['id']]; } else { $valid_input[$setting['id']] = esc_attr(fflcommerce_clean($email)); } break; case 'decimal': $cleaned = fflcommerce_clean($value); if (!fflcommerce_validation::is_decimal($cleaned) && $cleaned != '') { add_settings_error($setting['id'], 'fflcommerce_decimal_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid decimal number (may have leading negative sign, with optional decimal point, numbers 0-9). It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error'); $valid_input[$setting['id']] = $current_options[$setting['id']]; } else { $valid_input[$setting['id']] = $cleaned; } break; case 'integer': $cleaned = fflcommerce_clean($value); if (!fflcommerce_validation::is_integer($cleaned) && $cleaned != '') { add_settings_error($setting['id'], 'fflcommerce_integer_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid integer number (may have leading negative sign, numbers 0-9). It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error'); $valid_input[$setting['id']] = $current_options[$setting['id']]; } else { $valid_input[$setting['id']] = $cleaned; } break; case 'natural': $cleaned = fflcommerce_clean($value); if (!fflcommerce_validation::is_natural($cleaned) && $cleaned != '') { add_settings_error($setting['id'], 'fflcommerce_natural_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid natural number (numbers 0-9). It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error'); $valid_input[$setting['id']] = $current_options[$setting['id']]; } else { $valid_input[$setting['id']] = $cleaned; } break; default: if (isset($value)) { $valid_input[$setting['id']] = $value; } break; } if (isset($valid_input[$setting['id']])) { $options->set($setting['id'], $valid_input[$setting['id']]); } } } } // remove all fflcommerce_update_options actions on shipping classes when not on the shipping tab if ($this_section != __('Shipping', 'fflcommerce')) { $this->remove_update_options(fflcommerce_shipping::get_all_methods()); } if ($this_section != __('Payment Gateways', 'fflcommerce')) { $this->remove_update_options(fflcommerce_payment_gateways::payment_gateways()); } // Allow any hooked in option updating do_action('fflcommerce_update_options'); $errors = get_settings_errors(); if (empty($errors)) { add_settings_error('', 'settings_updated', sprintf(__('"%s" settings were updated successfully.', 'fflcommerce'), $this_section), 'updated'); } foreach ($valid_input as $key => $value) { if (is_numeric($key)) { unset($valid_input[$key]); } } $_POST['fflcommerce_options_processed'] = wp_create_nonce('fflcommerce_options_processed'); return $valid_input; }