+wp_reset_vars(array('action', 'option_page'));
+
+$capability = 'manage_options';
+
+// This is for back compat and will eventually be removed.
+if ( empty($option_page) ) {
+ $option_page = 'options';
+} else {
+
+ /**
+ * Filter the capability required when using the Settings API.
+ *
+ * By default, the options groups for all registered settings require the manage_options capability.
+ * This filter is required to change the capability required for a certain options page.
+ *
+ * @since 3.2.0
+ *
+ * @param string $capability The capability used for the page, which is manage_options by default.
+ */
+ $capability = apply_filters( "option_page_capability_{$option_page}", $capability );
+}
+
+if ( !current_user_can( $capability ) )
+ wp_die( __( 'Cheatin’ uh?' ), 403 );
+
+// Handle admin email change requests
+if ( is_multisite() ) {
+ if ( ! empty($_GET[ 'adminhash' ] ) ) {
+ $new_admin_details = get_option( 'adminhash' );
+ $redirect = 'options-general.php?updated=false';
+ if ( is_array( $new_admin_details ) && $new_admin_details[ 'hash' ] == $_GET[ 'adminhash' ] && !empty($new_admin_details[ 'newemail' ]) ) {
+ update_option( 'admin_email', $new_admin_details[ 'newemail' ] );
+ delete_option( 'adminhash' );
+ delete_option( 'new_admin_email' );
+ $redirect = 'options-general.php?updated=true';
+ }
+ wp_redirect( admin_url( $redirect ) );
+ exit;
+ } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) {
+ delete_option( 'adminhash' );
+ delete_option( 'new_admin_email' );
+ wp_redirect( admin_url( 'options-general.php?updated=true' ) );
+ exit;
+ }
+}
+
+if ( is_multisite() && !is_super_admin() && 'update' != $action )
+ wp_die( __( 'Cheatin’ uh?' ), 403 );