/** * @param array $input * * @return array */ function filter_postback($input) { static $called_already; if (isset($called_already) || empty($_POST)) { /** * When using the Settings API this filter will be called twice when the option needs to be added. * This happens because of how WordPress is implemented and not something we can control. * IOW, it's a hack but not a hack we can avoid unless WordPress makes changes. */ return $input; } $unfiltered_input = $input; $called_already = true; if (!current_user_can('manage_options')) { /** * TODO: Verify someone without proper options can actually get here. */ wp_die(__('Sorry, you do not have sufficient priviledges.')); } $this->_do_plugin_action('initialize_postback'); /** * Get the array that contains names of 'plugin', 'page', 'tab', 'form' and 'settings' * as well as special 'clear' and 'reset' for clearing and resetting the form respectively. */ $post_values = $_POST[$_POST['option_page']]; $this->plugin->set_current_admin_page($this); $form = $this->plugin->get_form($post_values['_sidecar_form_meta']['form']); $this->plugin->set_current_form($form); $form_values = $input[$form->form_name]; /** * Check with the API to see if we are authenticated * @var RESTian_Client $api */ $api = $this->plugin->get_api(); if ($api && ($this->is_authentication_tab() || !$this->has_tabs()) && $form == $this->get_auth_form()) { if (!$api->is_credentials($form_values)) { add_settings_error($this->plugin->option_name, 'sidecar-no-credentials', $api->get_message()); } else { /** * @var RESTian_Response */ $response = $api->authenticate($form_values); if ($response->has_error()) { $form_values['authenticated'] = false; if (!($message = $response->get_error()->message)) { $message = 'Please try again.'; } add_settings_error($this->plugin->option_name, 'sidecar-not-authenticated', __("Authentication Failed. {$message}", 'sidecar')); } else { $form_values = array_merge($form_values, $response->grant); $form_values['authenticated'] = true; $message = $this->_apply_plugin_filter('filter_authentication_success_message', __('Authentication successful. Settings saved.', 'sidecar')); if ($message) { add_settings_error($this->plugin->option_name, 'sidecar-authenticated', $message, 'updated'); } } } } //$this->plugin->set_api( $api ); if (isset($post_values['action']['clear'])) { $form_values = $form->get_empty_field_values(); $message = __('Form values cleared.%s%sNOTE:%s Your browser may still be displaying values from its cache but this plugin has indeed cleared these values.%s', 'sidecar'); add_settings_error($this->plugin->option_name, "sidecar-clear", sprintf($message, "<br/><br/> ", '<em>', '</em>', '<br/><br/>'), 'updated'); } else { if (isset($post_values['action']['reset'])) { $form_values = $this->plugin->get_current_form()->get_default_settings_values(); add_settings_error($this->plugin->option_name, 'sidecar-reset', __('Defaults reset.', 'sidecar'), 'updated'); } else { $form_values = array_map('rtrim', (array) $form_values); add_filter($action_key = "pre_update_option_{$this->plugin->option_name}", array($this->plugin, '_pre_update_option'), 10, 2); /** * @todo How to signal a failed validation? */ $form_values = $this->_apply_plugin_filter('validate_settings_values', $form_values, $form); /** * Esnure that all fields have a value in the $form_values array. * Checkboxes and radio buttons might not. */ $form_values = $form->ensure_default_values($form_values); /** * @var Sidecar_Field $field */ foreach ($form->get_fields() as $field_name => $field) { $validation_options = false; if ($field->field_allow_html) { $form_values[$field_name] = htmlentities($form_values[$field_name]); } /** * Default to FILTER_SANITIZE_STRING if ['validator'] not set. */ if ($field->field_options) { $validated_value = isset($field->field_options[$form_values[$field_name]]) ? $form_values[$field_name] : false; } else { if (isset($field->field_validator['filter'])) { $validated_value = filter_var($form_values[$field_name], $field->field_validator['filter']); if (isset($field->field_validator['options'])) { $validation_options = $field->field_validator['options']; } } else { $validator = $field->field_validator ? $field->field_validator : FILTER_SANITIZE_STRING; $validated_value = filter_var($form_values[$field_name], $validator); } } $validated_value = $this->_apply_plugin_filter("sanitize_setting_{$field_name}", $validated_value, $field, $form); if ($validation_options || $validated_value != $form_values[$field_name]) { if (!$validation_options) { add_settings_error($this->plugin->option_name, 'sidecar-value', sprintf(__('Please enter a valid value for "%s."', 'sidecar'), $field->field_label)); } else { if (isset($validation_options['min']) && $validation_options['min'] > intval($form_values[$field_name])) { add_settings_error($this->plugin->option_name, 'sidecar-min', sprintf(__('Please enter a value greater than or equal to %d for "%s."', 'sidecar'), $validation_options['min'], $field->field_label)); } if (isset($validation_options['max']) && $validation_options['max'] < intval($form_values[$field_name])) { add_settings_error($this->plugin->option_name, 'sidecar-max', sprintf(__('Please enter a value less than or equal to %d for "%s."', 'sidecar'), $validation_options['max'], $field->field_label)); $continue = true; } } } } } } $form_values = $this->_apply_plugin_filter($method_name = "process_form_{$form->form_name}", $form_values); if (method_exists($this->plugin, $method_name)) { /** * This presumes that "process_form_{$form->form_name}" uses the $api. * We may need to make it a bit more generic, i.e. allow setting a message on the plugin * and then our process form would need to set the plugin's message. */ if (!empty($api->response->message)) { $message_type = $api->response->has_error() ? 'error' : 'updated'; add_settings_error($this->plugin->option_name, "sidecar-form-processed-{$form->form_name}", $api->response->message, $message_type); } } $input[$form->form_name] = $form_values; $input = $this->_apply_plugin_filter('filter_postback', $input); $postback_info = (object) array('admin_page' => $this, 'form' => $form, 'form_values' => $form_values, 'input' => $input, 'unfiltered' => $unfiltered_input); $this->_do_plugin_action("set_postback_{$form->form_name}_{$this->page_name}_message", $postback_info); $this->_do_plugin_action('set_postback_message', $this, $form, $postback_info); return $input; }