+if ( ! in_array( get_option( 'blog_charset' ), array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) )
+ $whitelist_options['reading'][] = 'blog_charset';
+
+if ( get_site_option( 'initial_db_version' ) < 32453 ) {
+ $whitelist_options['writing'][] = 'use_smilies';
+ $whitelist_options['writing'][] = 'use_balanceTags';
+}
+
+if ( !is_multisite() ) {
+ if ( !defined( 'WP_SITEURL' ) )
+ $whitelist_options['general'][] = 'siteurl';
+ if ( !defined( 'WP_HOME' ) )
+ $whitelist_options['general'][] = 'home';
+
+ $whitelist_options['general'][] = 'admin_email';
+ $whitelist_options['general'][] = 'users_can_register';
+ $whitelist_options['general'][] = 'default_role';
+
+ $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
+ $whitelist_options['writing'][] = 'ping_sites';
+
+ $whitelist_options['media'][] = 'uploads_use_yearmonth_folders';
+
+ // If upload_url_path and upload_path are both default values, they're locked.
+ if ( get_option( 'upload_url_path' ) || ( get_option('upload_path') != 'wp-content/uploads' && get_option('upload_path') ) ) {
+ $whitelist_options['media'][] = 'upload_path';
+ $whitelist_options['media'][] = 'upload_url_path';
+ }
+} else {
+ $whitelist_options['general'][] = 'new_admin_email';
+
+ /**
+ * Filter whether the post-by-email functionality is enabled.
+ *
+ * @since 3.0.0
+ *
+ * @param bool $enabled Whether post-by-email configuration is enabled. Default true.
+ */
+ if ( apply_filters( 'enable_post_by_email_configuration', true ) )
+ $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
+}
+
+/**
+ * Filter the options white list.
+ *
+ * @since 2.7.0
+ *
+ * @param array White list options.
+ */
+$whitelist_options = apply_filters( 'whitelist_options', $whitelist_options );
+
+/*
+ * If $_GET['action'] == 'update' we are saving settings sent from a settings page
+ */
+if ( 'update' == $action ) {
+ if ( 'options' == $option_page && !isset( $_POST['option_page'] ) ) { // This is for back compat and will eventually be removed.
+ $unregistered = true;
+ check_admin_referer( 'update-options' );