/** * used by the admin panel hook */ function eshop_admin() { global $wp_version; $page[] = add_menu_page(__('eShop', 'eshop'), __('eShop', 'eshop'), 'eShop', 'eshop-orders.php', 'eshop_admin_orders', plugins_url('/eshop/eshop.png')); $page[] = add_submenu_page('eshop-orders.php', __('eShop Orders', 'eshop'), __('Orders', 'eshop'), 'eShop_admin', basename('eshop-orders.php'), 'eshop_admin_orders'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Shipping', 'eshop'), __('Shipping', 'eshop'), 'eShop_admin', basename('eshop-shipping.php'), 'eshop_admin_shipping'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Products', 'eshop'), __('Products', 'eshop'), 'eShop', basename('eshop-products.php'), 'eshop_admin_products'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Options', 'eshop'), __('Option Sets', 'eshop'), 'eShop', basename('eshop-options.php'), 'eshop_admin_options'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Downloads', 'eshop'), __('Downloads', 'eshop'), 'eShop_admin', basename('eshop-downloads.php'), 'eshop_admin_downloads'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Discount Codes', 'eshop'), __('Discount Codes', 'eshop'), 'eShop_admin', basename('eshop-discount-codes.php'), 'eshop_discount_codes'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Base', 'eshop'), __('Base', 'eshop'), 'eShop_admin', basename('eshop-base.php'), 'eshop_admin_base'); $page[] = add_submenu_page('eshop-orders.php', __('eShop Email Templates', 'eshop'), __('Emails', 'eshop'), 'eShop_admin', basename('eshop-templates.php'), 'eshop_admin_templates'); $page[] = add_submenu_page('eshop-orders.php', __('eShop About', 'eshop'), __('About & Help', 'eshop'), 'eShop', basename('eshop-about.php'), 'eshop_admin_about'); if (eshop_wp_version('3')) { $page[] = add_users_page(__('eShop Orders', 'eshop'), __('My Orders', 'eshop'), 'read', basename('my-orders.php'), 'eshop_user_orders'); } //only add if you can edit it! if (@(!file_exists(get_stylesheet_directory() . '/eshop.css'))) { $page[] = add_theme_page(__('eShop Style', 'eshop'), __('eShop', 'eshop'), 'eShop_admin', basename('eshop-style.php'), 'eshop_admin_style'); } $page[] = add_submenu_page('plugins.php', __('eShop Uninstall', 'eshop'), __('eShop Uninstall', 'eshop'), 'eShop_admin', basename('eshop-uninstall.php'), 'eshop_admin_uninstall'); $help = ' <p><strong>' . __('eShop Help', 'eshop') . '</strong></p> <ul> <li>' . __('<a href="http://quirm.net/wiki/eshop/">eShop Wiki</a>', 'eshop') . '</li> <li>' . __('<a href="http://wordpress.org/support/plugin/eshop">Wordpress forums</a>', 'eshop') . '</li> <li>' . __('<a href="http://quirm.net/forum/forum.php?id=14">Quirm.net</a>', 'eshop') . '</li> </ul>'; foreach ($page as $paged) { add_action('admin_print_styles-' . $paged, 'eshop_admin_styles'); if ($paged != 'users_page_my_orders' && $paged != '') { eshop_helptab($paged, $help); } //add_contextual_help($paged,$help); } if (is_admin()) { include ESHOP_PATH . 'user.php'; } }
function on_save_changes() { global $wpdb; //user permission check if (!current_user_can('eShop_admin')) { wp_die(__('Cheatin’ uh?')); } //cross check the given referer check_admin_referer('eshop-metaboxes-general'); $err = '100'; $eshopoptions = get_option('eshop_plugin_settings'); //process here your on $_POST validation and / or option saving $eshopoptions['sale'] = $wpdb->escape($_POST['eshop_sale']); $eshopoptions['from_email'] = $wpdb->escape($_POST['eshop_from_email']); $eshopoptions['cron_email'] = $wpdb->escape($_POST['eshop_cron_email']); $eshopoptions['sysemails'] = $wpdb->escape($_POST['eshop_sysemails']); $eshopoptions['currency_symbol'] = $wpdb->escape($_POST['eshop_currency_symbol']); $eshopoptions['cart_nostock'] = $wpdb->escape($_POST['eshop_cart_nostock']); $eshopoptions['credits'] = $wpdb->escape($_POST['eshop_credits']); $eshopoptions['fold_menu'] = $wpdb->escape($_POST['eshop_fold_menu']); $eshopoptions['hide_cartco'] = $wpdb->escape($_POST['eshop_hide_cartco']); $eshopoptions['stock_control'] = $wpdb->escape($_POST['eshop_stock_control']); $eshopoptions['min_qty'] = $wpdb->escape($_POST['eshop_min_qty']); $eshopoptions['max_qty'] = $wpdb->escape($_POST['eshop_max_qty']); $eshopoptions['search_img'] = $wpdb->escape($_POST['eshop_search_img']); $eshopoptions['show_forms'] = $wpdb->escape($_POST['eshop_show_forms']); $eshopoptions['addtocart_image'] = $wpdb->escape($_POST['eshop_addtocart_image']); $eshopoptions['hide_addinfo'] = $wpdb->escape($_POST['eshop_hide_addinfo']); $eshopoptions['hide_shipping'] = $wpdb->escape($_POST['eshop_hide_shipping']); $eshopoptions['tandc'] = $wpdb->escape($_POST['eshop_tandc']); $eshopoptions['tandc_use'] = $wpdb->escape($_POST['eshop_tandc_use']); $eshopoptions['tandc_id'] = $wpdb->escape($_POST['eshop_tandc_id']); $eshopoptions['set_cacheability'] = $wpdb->escape($_POST['eshop_set_cacheability']); $eshopoptions['cart_text'] = $_POST['eshop_cart_text']; $eshopoptions['cart_text_where'] = $wpdb->escape($_POST['eshop_cart_text_where']); $eshopoptions['sale_prices'] = $wpdb->escape($_POST['eshop_sale_prices']); if (eshop_wp_version('3')) { $eshopoptions['users'] = $wpdb->escape($_POST['eshop_users']); $eshopoptions['users_text'] = $wpdb->escape($_POST['eshop_users_text']); } $eshopoptions['zero'] = $wpdb->escape($_POST['eshop_zero']); $remove = array("'", '"', '"', "'", "!", " "); $eshopoptions['details']['show'] = $wpdb->escape(str_replace($remove, "", $_POST['eshop_details_show'])); $eshopoptions['details']['class'] = $wpdb->escape(str_replace($remove, "", $_POST['eshop_details_class'])); $eshopoptions['details']['hide'] = $wpdb->escape(str_replace($remove, "", $_POST['eshop_details_hide'])); $eshopoptions['details']['display'] = $wpdb->escape($_POST['eshop_details_display']); //minimal form $eshopoptions['downloads_only'] = $wpdb->escape($_POST['eshop_downloads_only']); //ajax $eshopoptions['ajax_cart'] = $wpdb->escape($_POST['eshop_ajax_cart']); //error grabbing if (is_numeric($_POST['eshop_records'])) { $eshopoptions['records'] = $wpdb->escape($_POST['eshop_records']); } else { $err = '1'; $eshopoptions['records'] = '10'; } if (is_numeric($_POST['eshop_options_num']) && $_POST['eshop_options_num'] > '0') { $eshopoptions['options_num'] = $wpdb->escape($_POST['eshop_options_num']); } else { $err = '2'; $eshopoptions['options_num'] = '3'; } if (is_numeric($_POST['eshop_image_in_cart']) || $_POST['eshop_image_in_cart'] == '') { $eshopoptions['image_in_cart'] = $wpdb->escape($_POST['eshop_image_in_cart']); } else { $err = '3'; $eshopoptions['image_in_cart'] = '75'; } if ($_POST['eshop_currency_symbol'] == '') { $err = '4'; $eshopoptions['currency_symbol'] = '$'; } if ($_POST['eshop_status'] == 'live') { if (!is_array($eshopoptions['method'])) { $err = '5'; } if ($eshopoptions['from_email'] == '') { $err = '6'; } if ($err == '100') { $eshopoptions['status'] = $wpdb->escape($_POST['eshop_status']); } } else { $eshopoptions['status'] = $wpdb->escape($_POST['eshop_status']); } update_option('eshop_plugin_settings', $eshopoptions); //lets redirect the post request into get request $_POST['_wp_http_referer'] = add_query_arg('eshop_message', $err, $_POST['_wp_http_referer']); wp_redirect($_POST['_wp_http_referer']); }