*/
/** WordPress Administration Bootstrap */
-require_once('./admin.php');
+require_once( dirname( __FILE__ ) . '/admin.php' );
$title = __('Settings');
$this_file = 'options.php';
if ( empty($option_page) ) // This is for back compat and will eventually be removed.
$option_page = 'options';
else
+
+ /**
+ * Filter the capability required when using the Settings API.
+ *
+ * By default, the options groups for all registered settings require the manage_options capability.
+ * This filter is required to change the capability required for a certain options page.
+ *
+ * @since 3.2.0
+ *
+ * @param string $capability The capability used for the page, which is manage_options by default.
+ */
$capability = apply_filters( "option_page_capability_{$option_page}", $capability );
if ( !current_user_can( $capability ) )
$whitelist_options['general'][] = 'new_admin_email';
$whitelist_options['general'][] = 'WPLANG';
+ /**
+ * Toggle post-by-email functionality.
+ *
+ * @since 3.0.0
+ *
+ * @param bool True or false, based on whether post-by-email configuration is enabled or not.
+ */
if ( apply_filters( 'enable_post_by_email_configuration', true ) )
$whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
}
+/**
+ * Filter the options white list.
+ *
+ * @since 2.7.0
+ *
+ * @param array White list options.
+ */
$whitelist_options = apply_filters( 'whitelist_options', $whitelist_options );
/*
if ( 'options' == $option_page ) {
if ( is_multisite() && ! is_super_admin() )
wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
- $options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );
+ $options = explode( ',', wp_unslash( $_POST[ 'page_options' ] ) );
} else {
$options = $whitelist_options[ $option_page ];
}
// Handle custom date/time formats
if ( 'general' == $option_page ) {
- if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )
+ if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['date_format'] ) )
$_POST['date_format'] = $_POST['date_format_custom'];
- if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )
+ if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['time_format'] ) )
$_POST['time_format'] = $_POST['time_format_custom'];
// Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
if ( !empty($_POST['timezone_string']) && preg_match('/^UTC[+-]/', $_POST['timezone_string']) ) {
$value = $_POST[ $option ];
if ( ! is_array( $value ) )
$value = trim( $value );
- $value = stripslashes_deep( $value );
+ $value = wp_unslash( $value );
}
update_option( $option, $value );
}
exit;
}
-include('./admin-header.php'); ?>
+include( ABSPATH . 'wp-admin/admin-header.php' ); ?>
<div class="wrap">
<?php screen_icon(); ?>
</div>
<?php
-include('./admin-footer.php');
+include( ABSPATH . 'wp-admin/admin-footer.php' );
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff