function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = strip_tags($new_instance['title']); $instance['adsenseCode'] = current_user_can('unfiltered_html') ? $new_instance['adsenseCode'] : stripslashes(nxt_filter_post_kses(addslashes($new_instance['adsenseCode']))); return $instance; }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = strip_tags($new_instance['title']); $instance['imagePath'] = esc_url($new_instance['imagePath']); $instance['aboutText'] = current_user_can('unfiltered_html') ? $new_instance['aboutText'] : stripslashes(nxt_filter_post_kses(addslashes($new_instance['aboutText']))); return $instance; }
/** * Updates the widget control options for the particular instance of the widget. * * @since 0.1.0 */ function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = strip_tags($new_instance['title']); $instance['label_username'] = strip_tags($new_instance['label_username']); $instance['label_password'] = strip_tags($new_instance['label_password']); $instance['label_remember'] = strip_tags($new_instance['label_remember']); $instance['label_log_in'] = strip_tags($new_instance['label_log_in']); $instance['id_username'] = strip_tags($new_instance['id_username']); $instance['id_password'] = strip_tags($new_instance['id_password']); $instance['id_remember'] = strip_tags($new_instance['id_remember']); $instance['id_submit'] = strip_tags($new_instance['id_submit']); $instance['value_username'] = strip_tags($new_instance['value_username']); $instance['remember'] = isset($new_instance['remember']) ? 1 : 0; $instance['value_remember'] = isset($new_instance['value_remember']) ? 1 : 0; $instance['show_avatar'] = isset($new_instance['show_avatar']) ? 1 : 0; if (current_user_can('unfiltered_html')) { $instance['logged_in_text'] = $new_instance['logged_in_text']; $instance['logged_out_text'] = $new_instance['logged_out_text']; } else { $instance['logged_in_text'] = nxt_filter_post_kses($new_instance['logged_in_text']); $instance['logged_out_text'] = nxt_filter_post_kses($new_instance['logged_out_text']); } return $instance; }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = strip_tags($new_instance['title']); if (current_user_can('unfiltered_html')) { $instance['text'] = $new_instance['text']; } else { $instance['text'] = stripslashes(nxt_filter_post_kses(addslashes($new_instance['text']))); } // nxt_filter_post_kses() expects slashed $instance['filter'] = isset($new_instance['filter']); return $instance; }
/** * Function for validating the settings input from the plugin settings page. * * @since 0.2.0 */ function members_validate_settings($input) { /* Check if the role manager is active. */ $settings['role_manager'] = isset($input['role_manager']) ? 1 : 0; /* Check if the content permissions feature is active. */ $settings['content_permissions'] = isset($input['content_permissions']) ? 1 : 0; /* Set the content permissions error text and kill evil scripts. */ if (current_user_can('unfiltered_html') && isset($input['content_permissions_error'])) { $settings['content_permissions_error'] = stripslashes(nxt_filter_post_kses(addslashes($input['content_permissions_error']))); } elseif (isset($input['content_permissions_error'])) { $settings['content_permissions_error'] = $input['content_permissions_error']; } /* Check if the login form and users widgets are active. */ $settings['login_form_widget'] = isset($input['login_form_widget']) ? 1 : 0; $settings['users_widget'] = isset($input['users_widget']) ? 1 : 0; /* Check if the private blog and private feed features are active. */ $settings['private_blog'] = isset($input['private_blog']) ? 1 : 0; $settings['private_feed'] = isset($input['private_feed']) ? 1 : 0; /* Set the private feed error text and kill evil scripts. */ if (current_user_can('unfiltered_html') && isset($input['private_feed_error'])) { $settings['private_feed_error'] = stripslashes(nxt_filter_post_kses(addslashes($input['private_feed_error']))); } elseif (isset($input['private_feed_error'])) { $settings['private_feed_error'] = $input['private_feed_error']; } /* Return the validated/sanitized settings. */ return $settings; }
/** * Sanitises various option values based on the nature of the option. * * This is basically a switch statement which will pass $value through a number * of functions depending on the $option. * * @since 2.0.5 * * @param string $option The name of the option. * @param string $value The unsanitised value. * @return string Sanitized value. */ function sanitize_option($option, $value) { switch ($option) { case 'admin_email': $value = sanitize_email($value); if (!is_email($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.')); } } break; case 'new_admin_email': $value = sanitize_email($value); if (!is_email($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.')); } } break; case 'thumbnail_size_w': case 'thumbnail_size_h': case 'medium_size_w': case 'medium_size_h': case 'large_size_w': case 'large_size_h': case 'embed_size_h': case 'default_post_edit_rows': case 'mailserver_port': case 'comment_max_links': case 'page_on_front': case 'page_for_posts': case 'rss_excerpt_length': case 'default_category': case 'default_email_category': case 'default_link_category': case 'close_comments_days_old': case 'comments_per_page': case 'thread_comments_depth': case 'users_can_register': case 'start_of_week': $value = absint($value); break; case 'embed_size_w': if ('' !== $value) { $value = absint($value); } break; case 'posts_per_page': case 'posts_per_rss': $value = (int) $value; if (empty($value)) { $value = 1; } if ($value < -1) { $value = abs($value); } break; case 'default_ping_status': case 'default_comment_status': // Options that if not there have 0 value but need to be something like "closed" if ($value == '0' || $value == '') { $value = 'closed'; } break; case 'blogdescription': case 'blogname': $value = addslashes($value); $value = nxt_filter_post_kses($value); // calls stripslashes then addslashes $value = stripslashes($value); $value = esc_html($value); break; case 'blog_charset': $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes break; case 'date_format': case 'time_format': case 'mailserver_url': case 'mailserver_login': case 'mailserver_pass': case 'ping_sites': case 'upload_path': $value = strip_tags($value); $value = addslashes($value); $value = nxt_filter_kses($value); // calls stripslashes then addslashes $value = stripslashes($value); break; case 'gmt_offset': $value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes break; case 'siteurl': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('siteurl', 'invalid_siteurl', __('The NXTClass address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'home': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'nxtLANG': $allowed = get_available_languages(); if (!in_array($value, $allowed) && !empty($value)) { $value = get_option($option); } break; case 'timezone_string': $allowed_zones = timezone_identifiers_list(); if (!in_array($value, $allowed_zones) && !empty($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.')); } } break; case 'permalink_structure': case 'category_base': case 'tag_base': $value = esc_url_raw($value); $value = str_replace('http://', '', $value); break; } $value = apply_filters("sanitize_option_{$option}", $value, $option); return $value; }
function update($new_instance, $old_instance) { $instance = $old_instance; $defaults = array('title' => '', 'content' => '', 'sub' => 'none'); foreach ($defaults as $key => $val) { $instance[$key] = $new_instance[$key]; } if (!current_user_can('unfiltered_html')) { $instance['content'] = stripslashes(nxt_filter_post_kses(addslashes($instance['content']))); // nxt_filter_post_kses() expects slashed } return $instance; }