2003-06-12 00:59:14 +02:00
< ? php
2008-08-16 09:27:34 +02:00
/**
2011-04-28 17:24:49 +02:00
* Options Management Administration Screen .
2008-08-16 09:27:34 +02:00
*
2010-02-17 18:50:42 +01:00
* If accessed directly in a browser this page shows a list of all saved options
* along with editable fields for their values . Serialized data is not supported
* and there is no way to remove options via this page . It is not linked to from
* anywhere else in the admin .
2008-08-16 09:27:34 +02:00
*
2010-02-17 18:50:42 +01:00
* This file is also the target of the forms in core and custom options pages
* that use the Settings API . In this case it saves the new option values
* and returns the user to their page of origin .
2008-08-16 09:27:34 +02:00
*
* @ package WordPress
* @ subpackage Administration
*/
/** WordPress Administration Bootstrap */
2010-04-18 08:14:45 +02:00
require_once ( './admin.php' );
2004-06-13 18:14:58 +02:00
2008-02-14 01:39:38 +01:00
$title = __ ( 'Settings' );
2006-11-18 08:31:29 +01:00
$this_file = 'options.php' ;
$parent_file = 'options-general.php' ;
2010-03-09 11:57:49 +01:00
wp_reset_vars ( array ( 'action' , 'option_page' ));
2011-05-22 23:32:22 +02:00
$capability = 'manage_options' ;
2010-03-09 11:57:49 +01:00
if ( empty ( $option_page ) ) // This is for back compat and will eventually be removed.
$option_page = 'options' ;
2011-05-22 23:32:22 +02:00
else
$capability = apply_filters ( " option_page_capability_ { $option_page } " , $capability );
2010-03-09 11:57:49 +01:00
2011-05-22 23:32:22 +02:00
if ( ! current_user_can ( $capability ) )
2010-03-09 11:57:49 +01:00
wp_die ( __ ( 'Cheatin’ uh?' ));
2010-03-17 17:27:25 +01:00
2010-04-26 19:55:41 +02:00
// Handle admin email change requests
if ( is_multisite () ) {
if ( ! empty ( $_GET [ 'adminhash' ] ) ) {
$new_admin_details = get_option ( 'adminhash' );
$redirect = 'options-general.php?updated=false' ;
if ( is_array ( $new_admin_details ) && $new_admin_details [ 'hash' ] == $_GET [ 'adminhash' ] && ! empty ( $new_admin_details [ 'newemail' ]) ) {
update_option ( 'admin_email' , $new_admin_details [ 'newemail' ] );
delete_option ( 'adminhash' );
delete_option ( 'new_admin_email' );
$redirect = 'options-general.php?updated=true' ;
}
wp_redirect ( admin_url ( $redirect ) );
exit ;
} elseif ( ! empty ( $_GET [ 'dismiss' ] ) && 'new_admin_email' == $_GET [ 'dismiss' ] ) {
delete_option ( 'adminhash' );
delete_option ( 'new_admin_email' );
wp_redirect ( admin_url ( 'options-general.php?updated=true' ) );
exit ;
}
}
2010-03-09 11:57:49 +01:00
if ( is_multisite () && ! is_super_admin () && 'update' != $action )
wp_die ( __ ( 'Cheatin’ uh?' ));
2003-06-13 00:48:52 +02:00
2008-09-04 03:11:18 +02:00
$whitelist_options = array (
2010-01-25 22:33:49 +01:00
'general' => array ( 'blogname' , 'blogdescription' , 'gmt_offset' , 'date_format' , 'time_format' , 'start_of_week' , 'timezone_string' ),
2010-05-15 06:56:56 +02:00
'discussion' => array ( 'default_pingback_flag' , 'default_ping_status' , 'default_comment_status' , 'comments_notify' , 'moderation_notify' , 'comment_moderation' , 'require_name_email' , 'comment_whitelist' , 'comment_max_links' , 'moderation_keys' , 'blacklist_keys' , 'show_avatars' , 'avatar_rating' , 'avatar_default' , 'close_comments_for_old_posts' , 'close_comments_days_old' , 'thread_comments' , 'thread_comments_depth' , 'page_comments' , 'comments_per_page' , 'default_comments_page' , 'comment_order' , 'comment_registration' ),
2010-04-30 16:31:18 +02:00
'media' => array ( 'thumbnail_size_w' , 'thumbnail_size_h' , 'thumbnail_crop' , 'medium_size_w' , 'medium_size_h' , 'large_size_w' , 'large_size_h' , 'image_default_size' , 'image_default_align' , 'image_default_link_type' , 'embed_autourls' , 'embed_size_w' , 'embed_size_h' ),
2012-09-14 05:23:06 +02:00
'reading' => array ( 'posts_per_page' , 'posts_per_rss' , 'rss_use_excerpt' , 'show_on_front' , 'page_on_front' , 'page_for_posts' , 'blog_public' ),
2012-09-13 19:28:57 +02:00
'writing' => array ( 'default_post_edit_rows' , 'use_smilies' , 'default_category' , 'default_email_category' , 'use_balanceTags' , 'default_link_category' , 'default_post_format' )
);
$whitelist_options [ 'misc' ] = $whitelist_options [ 'options' ] = $whitelist_options [ 'privacy' ] = array ();
2010-01-25 22:33:49 +01:00
$mail_options = array ( 'mailserver_url' , 'mailserver_port' , 'mailserver_login' , 'mailserver_pass' );
2012-09-14 05:23:06 +02:00
if ( ! in_array ( get_option ( 'blog_charset' ), array ( 'utf8' , 'utf-8' , 'UTF8' , 'UTF-8' ) ) )
$whitelist_options [ 'reading' ][] = 'blog_charset' ;
2010-01-25 22:33:49 +01:00
if ( ! is_multisite () ) {
2010-03-09 11:57:49 +01:00
if ( ! defined ( 'WP_SITEURL' ) )
$whitelist_options [ 'general' ][] = 'siteurl' ;
if ( ! defined ( 'WP_HOME' ) )
$whitelist_options [ 'general' ][] = 'home' ;
2010-01-25 22:33:49 +01:00
$whitelist_options [ 'general' ][] = 'admin_email' ;
$whitelist_options [ 'general' ][] = 'users_can_register' ;
$whitelist_options [ 'general' ][] = 'default_role' ;
$whitelist_options [ 'writing' ] = array_merge ( $whitelist_options [ 'writing' ], $mail_options );
$whitelist_options [ 'writing' ][] = 'ping_sites' ;
2010-03-02 11:31:06 +01:00
2012-09-14 23:00:39 +02:00
$whitelist_options [ 'media' ][] = 'uploads_use_yearmonth_folders' ;
// If upload_url_path and upload_path are both default values, they're locked.
if ( get_option ( 'upload_url_path' ) || ( get_option ( 'upload_path' ) != 'wp-content/uploads' && get_option ( 'upload_path' ) ) ) {
$whitelist_options [ 'media' ][] = 'upload_path' ;
$whitelist_options [ 'media' ][] = 'upload_url_path' ;
}
2010-01-25 22:33:49 +01:00
} else {
$whitelist_options [ 'general' ][] = 'new_admin_email' ;
$whitelist_options [ 'general' ][] = 'WPLANG' ;
2010-03-09 11:57:49 +01:00
if ( apply_filters ( 'enable_post_by_email_configuration' , true ) )
2010-01-25 22:33:49 +01:00
$whitelist_options [ 'writing' ] = array_merge ( $whitelist_options [ 'writing' ], $mail_options );
}
2008-09-04 03:11:18 +02:00
$whitelist_options = apply_filters ( 'whitelist_options' , $whitelist_options );
2010-03-21 08:38:10 +01:00
/*
2010-02-17 18:50:42 +01:00
* If $_GET [ 'action' ] == 'update' we are saving settings sent from a settings page
*/
2010-03-09 11:57:49 +01:00
if ( 'update' == $action ) {
2010-03-21 08:38:10 +01:00
if ( 'options' == $option_page && ! isset ( $_POST [ 'option_page' ] ) ) { // This is for back compat and will eventually be removed.
$unregistered = true ;
2008-10-20 02:40:36 +02:00
check_admin_referer ( 'update-options' );
2010-03-21 08:38:10 +01:00
} else {
$unregistered = false ;
2010-03-09 11:57:49 +01:00
check_admin_referer ( $option_page . '-options' );
2010-03-21 08:38:10 +01:00
}
2005-11-30 08:27:39 +01:00
2008-09-04 03:11:18 +02:00
if ( ! isset ( $whitelist_options [ $option_page ] ) )
2011-09-30 19:18:35 +02:00
wp_die ( __ ( '<strong>ERROR</strong>: options page not found.' ) );
2008-09-04 03:11:18 +02:00
2010-03-21 08:38:10 +01:00
if ( 'options' == $option_page ) {
2010-03-16 21:59:26 +01:00
if ( is_multisite () && ! is_super_admin () )
2010-03-15 23:00:48 +01:00
wp_die ( __ ( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
2010-03-16 21:59:26 +01:00
$options = explode ( ',' , stripslashes ( $_POST [ 'page_options' ] ) );
} else {
2008-09-04 03:11:18 +02:00
$options = $whitelist_options [ $option_page ];
2010-03-16 21:59:26 +01:00
}
2004-02-13 10:59:47 +01:00
2008-10-13 20:32:16 +02:00
// Handle custom date/time formats
if ( 'general' == $option_page ) {
2008-10-14 03:43:04 +02:00
if ( ! empty ( $_POST [ 'date_format' ]) && isset ( $_POST [ 'date_format_custom' ]) && '\c\u\s\t\o\m' == stripslashes ( $_POST [ 'date_format' ] ) )
2008-10-13 20:32:16 +02:00
$_POST [ 'date_format' ] = $_POST [ 'date_format_custom' ];
2008-10-14 03:43:04 +02:00
if ( ! empty ( $_POST [ 'time_format' ]) && isset ( $_POST [ 'time_format_custom' ]) && '\c\u\s\t\o\m' == stripslashes ( $_POST [ 'time_format' ] ) )
2008-10-13 20:32:16 +02:00
$_POST [ 'time_format' ] = $_POST [ 'time_format_custom' ];
2009-12-23 15:16:36 +01:00
// Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
if ( ! empty ( $_POST [ 'timezone_string' ]) && preg_match ( '/^UTC[+-]/' , $_POST [ 'timezone_string' ]) ) {
$_POST [ 'gmt_offset' ] = $_POST [ 'timezone_string' ];
$_POST [ 'gmt_offset' ] = preg_replace ( '/UTC\+?/' , '' , $_POST [ 'gmt_offset' ]);
$_POST [ 'timezone_string' ] = '' ;
}
2008-10-13 20:32:16 +02:00
}
if ( $options ) {
foreach ( $options as $option ) {
2010-03-21 02:49:00 +01:00
if ( $unregistered )
2010-04-11 12:41:54 +02:00
_deprecated_argument ( 'options.php' , '2.7' , sprintf ( __ ( 'The <code>%1$s</code> setting is unregistered. Unregistered settings are deprecated. See http://codex.wordpress.org/Settings_API' ), $option , $option_page ) );
2010-03-21 02:49:00 +01:00
2012-09-14 21:12:35 +02:00
$option = trim ( $option );
2008-11-04 04:22:24 +01:00
$value = null ;
2012-09-14 21:12:35 +02:00
if ( isset ( $_POST [ $option ] ) ) {
$value = $_POST [ $option ];
if ( ! is_array ( $value ) )
$value = trim ( $value );
$value = stripslashes_deep ( $value );
}
update_option ( $option , $value );
2006-01-09 23:24:57 +01:00
}
}
2007-06-14 04:25:30 +02:00
2010-02-17 18:50:42 +01:00
/**
2011-12-14 18:36:38 +01:00
* Handle settings errors and return to options page
2010-02-17 18:50:42 +01:00
*/
// If no settings errors were registered add a general 'updated' message.
if ( ! count ( get_settings_errors () ) )
add_settings_error ( 'general' , 'settings_updated' , __ ( 'Settings saved.' ), 'updated' );
set_transient ( 'settings_errors' , get_settings_errors (), 30 );
/**
* Redirect back to the settings page that was submitted
*/
2010-12-03 11:59:20 +01:00
$goback = add_query_arg ( 'settings-updated' , 'true' , wp_get_referer () );
2008-10-13 20:32:16 +02:00
wp_redirect ( $goback );
2010-03-09 11:57:49 +01:00
exit ;
}
2010-01-12 22:11:52 +01:00
2010-04-18 08:14:45 +02:00
include ( './admin-header.php' ); ?>
2004-04-11 10:15:10 +02:00
2003-06-12 00:59:14 +02:00
< div class = " wrap " >
2008-11-27 00:35:23 +01:00
< ? php screen_icon (); ?>
2010-02-27 23:50:00 +01:00
< h2 >< ? php esc_html_e ( 'All Settings' ); ?> </h2>
2006-10-04 13:28:38 +02:00
< form name = " form " action = " options.php " method = " post " id = " all-options " >
2008-09-04 03:11:18 +02:00
< ? php wp_nonce_field ( 'options-options' ) ?>
2003-12-17 02:07:40 +01:00
< input type = " hidden " name = " action " value = " update " />
2008-09-04 03:11:18 +02:00
< input type = 'hidden' name = 'option_page' value = 'options' />
2008-02-24 05:33:10 +01:00
< table class = " form-table " >
2003-06-12 00:59:14 +02:00
< ? php
2010-02-27 23:50:00 +01:00
$options = $wpdb -> get_results ( " SELECT * FROM $wpdb->options ORDER BY option_name " );
2004-04-24 23:21:19 +02:00
2010-02-27 23:50:00 +01:00
foreach ( ( array ) $options as $option ) :
2010-03-11 18:12:23 +01:00
$disabled = false ;
2010-01-18 21:34:48 +01:00
if ( $option -> option_name == '' )
2010-01-12 22:11:52 +01:00
continue ;
2010-02-27 23:50:00 +01:00
if ( is_serialized ( $option -> option_value ) ) {
if ( is_serialized_string ( $option -> option_value ) ) {
2006-10-13 01:54:36 +02:00
// this is a serialized string, so we should display it
2010-02-27 23:50:00 +01:00
$value = maybe_unserialize ( $option -> option_value );
2006-10-13 01:54:36 +02:00
$options_to_update [] = $option -> option_name ;
$class = 'all-options' ;
} else {
$value = 'SERIALIZED DATA' ;
2010-03-11 18:12:23 +01:00
$disabled = true ;
2006-10-13 01:54:36 +02:00
$class = 'all-options disabled' ;
}
} else {
2007-08-01 21:24:51 +02:00
$value = $option -> option_value ;
2006-10-13 01:54:36 +02:00
$options_to_update [] = $option -> option_name ;
$class = 'all-options' ;
}
2010-02-27 23:50:00 +01:00
$name = esc_attr ( $option -> option_name );
2004-09-05 02:24:28 +02:00
echo "
< tr >
2010-02-27 23:54:40 +01:00
< th scope = 'row' >< label for = '$name' > " . esc_html( $option->option_name ) . " </ label ></ th >
2006-10-04 13:28:38 +02:00
< td > " ;
2010-02-27 23:50:00 +01:00
if ( strpos ( $value , " \n " ) !== false )
2010-11-17 18:12:01 +01:00
echo " <textarea class=' $class ' name=' $name ' id=' $name ' cols='30' rows='5'> " . esc_textarea ( $value ) . " </textarea> " ;
2010-02-27 23:50:00 +01:00
else
2010-03-11 18:12:23 +01:00
echo " <input class='regular-text $class ' type='text' name=' $name ' id=' $name ' value=' " . esc_attr ( $value ) . " ' " . disabled ( $disabled , true , false ) . " /> " ;
2006-10-04 13:28:38 +02:00
echo " </td>
2004-09-05 02:24:28 +02:00
</ tr > " ;
2004-04-24 23:21:19 +02:00
endforeach ;
2003-06-12 00:59:14 +02:00
?>
</ table >
2010-10-17 20:24:34 +02:00
< input type = " hidden " name = " page_options " value = " <?php echo esc_attr( implode( ',', $options_to_update ) ); ?> " />
2010-10-28 23:56:43 +02:00
< ? php submit_button ( __ ( 'Save Changes' ), 'primary' , 'Update' ); ?>
2010-10-17 20:24:34 +02:00
2003-12-17 02:07:40 +01:00
</ form >
2003-06-12 00:59:14 +02:00
</ div >
< ? php
2010-04-18 08:14:45 +02:00
include ( './admin-footer.php' );