-if ( !current_user_can('manage_options') )
- die ( __('Cheatin’ uh?') );
-
-function sanitize_option($option, $value) {
-
- switch ($option) {
- case 'admin_email':
- $value = sanitize_email($value);
- break;
-
- case 'default_post_edit_rows':
- case 'mailserver_port':
- case 'comment_max_links':
- $value = abs((int) $value);
- break;
-
- case 'posts_per_page':
- case 'posts_per_rss':
- $value = (int) $value;
- if ( empty($value) ) $value = 1;
- if ( $value < -1 ) $value = abs($value);
- break;
-
- case 'default_ping_status':
- case 'default_comment_status':
- // Options that if not there have 0 value but need to be something like "closed"
- if ( $value == '0' || $value == '')
- $value = 'closed';
- break;
-
- case 'blogdescription':
- case 'blogname':
- if (current_user_can('unfiltered_html') == false)
- $value = wp_filter_post_kses( $value );
- break;
-
- case 'blog_charset':
- $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value);
- break;
-
- case 'date_format':
- case 'time_format':
- case 'mailserver_url':
- case 'mailserver_login':
- case 'mailserver_pass':
- case 'ping_sites':
- case 'upload_path':
- $value = strip_tags($value);
- $value = wp_filter_kses($value);
- break;
-
- case 'gmt_offset':
- $value = preg_replace('/[^0-9:.-]/', '', $value);
- break;
-
- case 'siteurl':
- case 'home':
- $value = clean_url($value);
- break;
- }
+if ( is_multisite() && !is_super_admin() && 'update' != $action )
+ wp_die(__('Cheatin’ uh?'));
+
+$whitelist_options = array(
+ 'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string' ),
+ 'discussion' => array( 'default_pingback_flag', 'default_ping_status', 'default_comment_status', 'comments_notify', 'moderation_notify', 'comment_moderation', 'require_name_email', 'comment_whitelist', 'comment_max_links', 'moderation_keys', 'blacklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', 'close_comments_for_old_posts', 'close_comments_days_old', 'thread_comments', 'thread_comments_depth', 'page_comments', 'comments_per_page', 'default_comments_page', 'comment_order', 'comment_registration' ),
+ 'media' => array( 'thumbnail_size_w', 'thumbnail_size_h', 'thumbnail_crop', 'medium_size_w', 'medium_size_h', 'large_size_w', 'large_size_h', 'image_default_size', 'image_default_align', 'image_default_link_type', 'embed_autourls', 'embed_size_w', 'embed_size_h' ),
+ 'privacy' => array( 'blog_public' ),
+ 'reading' => array( 'posts_per_page', 'posts_per_rss', 'rss_use_excerpt', 'blog_charset', 'show_on_front', 'page_on_front', 'page_for_posts' ),
+ 'writing' => array( 'default_post_edit_rows', 'use_smilies', 'default_category', 'default_email_category', 'use_balanceTags', 'default_link_category', 'default_post_format', 'enable_app', 'enable_xmlrpc' ),
+ 'options' => array( '' ) );