| [ Index ] |
|
Code source de WordPress 2.1.2 |
1 <?php 2 require_once ('admin.php'); 3 4 $title = __('Options'); 5 $this_file = 'options.php'; 6 $parent_file = 'options-general.php'; 7 8 wp_reset_vars(array('action')); 9 10 if ( !current_user_can('manage_options') ) 11 wp_die(__('Cheatin’ uh?')); 12 13 function sanitize_option($option, $value) { // Remember to call stripslashes! 14 15 switch ($option) { 16 case 'admin_email': 17 $value = stripslashes($value); 18 $value = sanitize_email($value); 19 break; 20 21 case 'default_post_edit_rows': 22 case 'mailserver_port': 23 case 'comment_max_links': 24 $value = stripslashes($value); 25 $value = abs((int) $value); 26 break; 27 28 case 'posts_per_page': 29 case 'posts_per_rss': 30 $value = stripslashes($value); 31 $value = (int) $value; 32 if ( empty($value) ) $value = 1; 33 if ( $value < -1 ) $value = abs($value); 34 break; 35 36 case 'default_ping_status': 37 case 'default_comment_status': 38 $value = stripslashes($value); 39 // Options that if not there have 0 value but need to be something like "closed" 40 if ( $value == '0' || $value == '') 41 $value = 'closed'; 42 break; 43 44 case 'blogdescription': 45 case 'blogname': 46 if (current_user_can('unfiltered_html') == false) 47 $value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes 48 $value = stripslashes($value); 49 break; 50 51 case 'blog_charset': 52 $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes 53 break; 54 55 case 'date_format': 56 case 'time_format': 57 case 'mailserver_url': 58 case 'mailserver_login': 59 case 'mailserver_pass': 60 case 'ping_sites': 61 case 'upload_path': 62 $value = strip_tags($value); 63 $value = wp_filter_kses($value); // calls stripslashes then addslashes 64 $value = stripslashes($value); 65 break; 66 67 case 'gmt_offset': 68 $value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes 69 break; 70 71 case 'siteurl': 72 case 'home': 73 $value = stripslashes($value); 74 $value = clean_url($value); 75 break; 76 default : 77 $value = stripslashes($value); 78 break; 79 } 80 81 return $value; 82 } 83 84 switch($action) { 85 86 case 'update': 87 $any_changed = 0; 88 89 check_admin_referer('update-options'); 90 91 if ( !$_POST['page_options'] ) { 92 foreach ( (array) $_POST as $key => $value) { 93 if ( !in_array($key, array('_wpnonce', '_wp_http_referer')) ) 94 $options[] = $key; 95 } 96 } else { 97 $options = explode(',', stripslashes($_POST['page_options'])); 98 } 99 100 if ($options) { 101 foreach ($options as $option) { 102 $option = trim($option); 103 $value = trim($_POST[$option]); 104 $value = sanitize_option($option, $value); // This does stripslashes on those that need it 105 update_option($option, $value); 106 } 107 } 108 109 $referred = remove_query_arg('updated' , wp_get_referer()); 110 $goback = add_query_arg('updated', 'true', wp_get_referer()); 111 $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); 112 wp_redirect($goback); 113 break; 114 115 default: 116 include ('admin-header.php'); ?> 117 118 <div class="wrap"> 119 <h2><?php _e('All Options'); ?></h2> 120 <form name="form" action="options.php" method="post" id="all-options"> 121 <?php wp_nonce_field('update-options') ?> 122 <input type="hidden" name="action" value="update" /> 123 <p class="submit"><input type="submit" name="Update" value="<?php _e('Update Options »') ?>" /></p> 124 <table width="98%"> 125 <?php 126 $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name"); 127 128 foreach ( (array) $options as $option) : 129 $disabled = ''; 130 if ( is_serialized($option->option_value) ) { 131 if ( is_serialized_string($option->option_value) ) { 132 // this is a serialized string, so we should display it 133 $value = wp_specialchars(maybe_unserialize($option->option_value), 'single'); 134 $options_to_update[] = $option->option_name; 135 $class = 'all-options'; 136 } else { 137 $value = 'SERIALIZED DATA'; 138 $disabled = ' disabled="disabled"'; 139 $class = 'all-options disabled'; 140 } 141 } else { 142 $value = wp_specialchars($option->option_value, 'single'); 143 $options_to_update[] = $option->option_name; 144 $class = 'all-options'; 145 } 146 echo " 147 <tr> 148 <th scope='row'><label for='$option->option_name'>$option->option_name</label></th> 149 <td>"; 150 151 if (stristr($value, "\n")) echo "<textarea class='$class' name='$option->option_name' id='$option->option_name' cols='30' rows='5'>$value</textarea>"; 152 else echo "<input class='$class' type='text' name='$option->option_name' id='$option->option_name' size='30' value='" . $value . "'$disabled />"; 153 154 echo "</td> 155 <td>$option->option_description</td> 156 </tr>"; 157 endforeach; 158 ?> 159 </table> 160 <?php $options_to_update = implode(',', $options_to_update); ?> 161 <p class="submit"><input type="hidden" name="page_options" value="<?php echo attribute_escape($options_to_update); ?>" /><input type="submit" name="Update" value="<?php _e('Update Options »') ?>" /></p> 162 </form> 163 </div> 164 165 166 <?php 167 break; 168 } // end switch 169 170 include ('admin-footer.php'); 171 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Fri Mar 30 19:41:27 2007 | par Balluche grâce à PHPXref 0.7 |