2003-06-12 00:59:14 +02:00
< ? php
2008-08-16 09:27:34 +02:00
/**
2011-04-28 17:24:49 +02:00
* Options Management Administration Screen .
2008-08-16 09:27:34 +02:00
*
2010-02-17 18:50:42 +01:00
* If accessed directly in a browser this page shows a list of all saved options
* along with editable fields for their values . Serialized data is not supported
* and there is no way to remove options via this page . It is not linked to from
* anywhere else in the admin .
2008-08-16 09:27:34 +02:00
*
2010-02-17 18:50:42 +01:00
* This file is also the target of the forms in core and custom options pages
* that use the Settings API . In this case it saves the new option values
* and returns the user to their page of origin .
2008-08-16 09:27:34 +02:00
*
* @ package WordPress
* @ subpackage Administration
*/
/** WordPress Administration Bootstrap */
2020-02-06 07:33:11 +01:00
require_once __DIR__ . '/admin.php' ;
2004-06-13 18:14:58 +02:00
2017-12-01 00:11:00 +01:00
$title = __ ( 'Settings' );
$this_file = 'options.php' ;
2006-11-18 08:31:29 +01:00
$parent_file = 'options-general.php' ;
2017-12-01 00:11:00 +01:00
wp_reset_vars ( array ( 'action' , 'option_page' ) );
2010-03-09 11:57:49 +01:00
2011-05-22 23:32:22 +02:00
$capability = 'manage_options' ;
2014-06-25 23:48:15 +02:00
// This is for back compat and will eventually be removed.
2017-12-01 00:11:00 +01:00
if ( empty ( $option_page ) ) {
2010-03-09 11:57:49 +01:00
$option_page = 'options' ;
2014-06-25 23:48:15 +02:00
} else {
2013-09-12 05:44:08 +02:00
2013-10-25 04:29:52 +02:00
/**
2016-05-22 20:01:30 +02:00
* Filters the capability required when using the Settings API .
2013-10-25 04:29:52 +02:00
*
* By default , the options groups for all registered settings require the manage_options capability .
* This filter is required to change the capability required for a certain options page .
*
2013-09-12 05:44:08 +02:00
* @ since 3.2 . 0
2013-10-25 04:29:52 +02:00
*
* @ param string $capability The capability used for the page , which is manage_options by default .
2013-09-12 05:44:08 +02:00
*/
2011-05-22 23:32:22 +02:00
$capability = apply_filters ( " option_page_capability_ { $option_page } " , $capability );
2014-06-25 23:48:15 +02:00
}
2010-03-09 11:57:49 +01:00
2015-09-02 20:31:21 +02:00
if ( ! current_user_can ( $capability ) ) {
wp_die (
2018-02-19 03:13:32 +01:00
'<h1>' . __ ( 'You need a higher level of permission.' ) . '</h1>' .
2019-05-26 18:00:52 +02:00
'<p>' . __ ( 'Sorry, you are not allowed to manage options for this site.' ) . '</p>' ,
2015-09-02 20:31:21 +02:00
403
);
}
2010-03-17 17:27:25 +01:00
2020-01-29 01:45:18 +01:00
// Handle admin email change requests.
2017-12-01 00:11:00 +01:00
if ( ! empty ( $_GET [ 'adminhash' ] ) ) {
2017-08-14 22:13:43 +02:00
$new_admin_details = get_option ( 'adminhash' );
2017-12-01 00:11:00 +01:00
$redirect = 'options-general.php?updated=false' ;
if ( is_array ( $new_admin_details ) && hash_equals ( $new_admin_details [ 'hash' ], $_GET [ 'adminhash' ] ) && ! empty ( $new_admin_details [ 'newemail' ] ) ) {
update_option ( 'admin_email' , $new_admin_details [ 'newemail' ] );
2010-04-26 19:55:41 +02:00
delete_option ( 'adminhash' );
delete_option ( 'new_admin_email' );
2017-08-14 22:13:43 +02:00
$redirect = 'options-general.php?updated=true' ;
2010-04-26 19:55:41 +02:00
}
2017-08-14 22:13:43 +02:00
wp_redirect ( admin_url ( $redirect ) );
exit ;
2020-05-16 20:42:12 +02:00
} elseif ( ! empty ( $_GET [ 'dismiss' ] ) && 'new_admin_email' === $_GET [ 'dismiss' ] ) {
2017-08-14 22:13:43 +02:00
check_admin_referer ( 'dismiss-' . get_current_blog_id () . '-new_admin_email' );
delete_option ( 'adminhash' );
delete_option ( 'new_admin_email' );
wp_redirect ( admin_url ( 'options-general.php?updated=true' ) );
exit ;
2010-04-26 19:55:41 +02:00
}
2017-01-20 18:39:41 +01:00
if ( is_multisite () && ! current_user_can ( 'manage_network_options' ) && 'update' != $action ) {
2015-09-02 20:31:21 +02:00
wp_die (
2018-02-19 03:13:32 +01:00
'<h1>' . __ ( 'You need a higher level of permission.' ) . '</h1>' .
2016-06-29 17:16:29 +02:00
'<p>' . __ ( 'Sorry, you are not allowed to delete these items.' ) . '</p>' ,
2015-09-02 20:31:21 +02:00
403
);
}
2003-06-13 00:48:52 +02:00
2019-07-01 14:52:01 +02:00
$whitelist_options = array (
2018-08-17 03:51:36 +02:00
'general' => array (
2018-07-17 11:08:26 +02:00
'blogname' ,
'blogdescription' ,
'gmt_offset' ,
'date_format' ,
'time_format' ,
'start_of_week' ,
'timezone_string' ,
'WPLANG' ,
'new_admin_email' ,
),
'discussion' => array (
'default_pingback_flag' ,
'default_ping_status' ,
'default_comment_status' ,
'comments_notify' ,
'moderation_notify' ,
'comment_moderation' ,
'require_name_email' ,
'comment_whitelist' ,
'comment_max_links' ,
'moderation_keys' ,
'blacklist_keys' ,
'show_avatars' ,
'avatar_rating' ,
'avatar_default' ,
'close_comments_for_old_posts' ,
'close_comments_days_old' ,
'thread_comments' ,
'thread_comments_depth' ,
'page_comments' ,
'comments_per_page' ,
'default_comments_page' ,
'comment_order' ,
'comment_registration' ,
2018-07-24 19:06:24 +02:00
'show_comments_cookies_opt_in' ,
2018-07-17 11:08:26 +02:00
),
2018-08-17 03:51:36 +02:00
'media' => array (
2018-07-17 11:08:26 +02:00
'thumbnail_size_w' ,
'thumbnail_size_h' ,
'thumbnail_crop' ,
'medium_size_w' ,
'medium_size_h' ,
'large_size_w' ,
'large_size_h' ,
'image_default_size' ,
'image_default_align' ,
'image_default_link_type' ,
),
2018-08-17 03:51:36 +02:00
'reading' => array (
2018-07-17 11:08:26 +02:00
'posts_per_page' ,
'posts_per_rss' ,
'rss_use_excerpt' ,
'show_on_front' ,
'page_on_front' ,
'page_for_posts' ,
'blog_public' ,
),
2018-08-17 03:51:36 +02:00
'writing' => array (
2018-07-17 11:08:26 +02:00
'default_category' ,
'default_email_category' ,
'default_link_category' ,
'default_post_format' ,
),
2012-09-13 19:28:57 +02:00
);
2019-07-01 14:52:01 +02:00
$whitelist_options [ 'misc' ] = array ();
$whitelist_options [ 'options' ] = array ();
$whitelist_options [ 'privacy' ] = array ();
2010-01-25 22:33:49 +01:00
2017-12-01 00:11:00 +01:00
$mail_options = array ( 'mailserver_url' , 'mailserver_port' , 'mailserver_login' , 'mailserver_pass' );
2010-01-25 22:33:49 +01:00
2020-04-05 05:02:11 +02:00
if ( ! in_array ( get_option ( 'blog_charset' ), array ( 'utf8' , 'utf-8' , 'UTF8' , 'UTF-8' ), true ) ) {
2012-09-14 05:23:06 +02:00
$whitelist_options [ 'reading' ][] = 'blog_charset' ;
2017-12-01 00:11:00 +01:00
}
2012-09-14 05:23:06 +02:00
2015-10-07 19:11:25 +02:00
if ( get_site_option ( 'initial_db_version' ) < 32453 ) {
2015-05-08 13:59:26 +02:00
$whitelist_options [ 'writing' ][] = 'use_smilies' ;
$whitelist_options [ 'writing' ][] = 'use_balanceTags' ;
}
2017-12-01 00:11:00 +01:00
if ( ! is_multisite () ) {
if ( ! defined ( 'WP_SITEURL' ) ) {
2010-03-09 11:57:49 +01:00
$whitelist_options [ 'general' ][] = 'siteurl' ;
2017-12-01 00:11:00 +01:00
}
if ( ! defined ( 'WP_HOME' ) ) {
2010-03-09 11:57:49 +01:00
$whitelist_options [ 'general' ][] = 'home' ;
2017-12-01 00:11:00 +01:00
}
2010-03-09 11:57:49 +01:00
2010-01-25 22:33:49 +01:00
$whitelist_options [ 'general' ][] = 'users_can_register' ;
$whitelist_options [ 'general' ][] = 'default_role' ;
2017-12-01 00:11:00 +01:00
$whitelist_options [ 'writing' ] = array_merge ( $whitelist_options [ 'writing' ], $mail_options );
2010-01-25 22:33:49 +01:00
$whitelist_options [ 'writing' ][] = 'ping_sites' ;
2010-03-02 11:31:06 +01:00
2012-09-14 23:00:39 +02:00
$whitelist_options [ 'media' ][] = 'uploads_use_yearmonth_folders' ;
2020-06-01 13:22:13 +02:00
/*
* If upload_url_path is not the default ( empty ),
* or upload_path is not the default ( 'wp-content/uploads' or empty ),
* they can be edited , otherwise they ' re locked .
*/
2017-12-01 00:11:00 +01:00
if ( get_option ( 'upload_url_path' ) || ( get_option ( 'upload_path' ) != 'wp-content/uploads' && get_option ( 'upload_path' ) ) ) {
2012-09-14 23:00:39 +02:00
$whitelist_options [ 'media' ][] = 'upload_path' ;
$whitelist_options [ 'media' ][] = 'upload_url_path' ;
}
2010-01-25 22:33:49 +01:00
} else {
2013-09-12 05:44:08 +02:00
/**
2016-05-22 20:01:30 +02:00
* Filters whether the post - by - email functionality is enabled .
2013-09-12 05:44:08 +02:00
*
* @ since 3.0 . 0
*
2014-04-12 02:01:15 +02:00
* @ param bool $enabled Whether post - by - email configuration is enabled . Default true .
2013-09-12 05:44:08 +02:00
*/
2017-12-01 00:11:00 +01:00
if ( apply_filters ( 'enable_post_by_email_configuration' , true ) ) {
$whitelist_options [ 'writing' ] = array_merge ( $whitelist_options [ 'writing' ], $mail_options );
}
2010-01-25 22:33:49 +01:00
}
2008-09-04 03:11:18 +02:00
2013-09-12 05:44:08 +02:00
/**
2020-02-01 23:01:07 +01:00
* Filters the options whitelist .
2013-10-25 04:29:52 +02:00
*
2013-09-12 05:44:08 +02:00
* @ since 2.7 . 0
*
2020-02-01 23:42:06 +01:00
* @ param array $whitelist_options The options whitelist .
2013-09-12 05:44:08 +02:00
*/
2008-09-04 03:11:18 +02:00
$whitelist_options = apply_filters ( 'whitelist_options' , $whitelist_options );
2020-05-16 20:42:12 +02:00
if ( 'update' === $action ) { // We are saving settings sent from a settings page.
if ( 'options' === $option_page && ! isset ( $_POST [ 'option_page' ] ) ) { // This is for back compat and will eventually be removed.
2010-03-21 08:38:10 +01:00
$unregistered = true ;
2008-10-20 02:40:36 +02:00
check_admin_referer ( 'update-options' );
2010-03-21 08:38:10 +01:00
} else {
$unregistered = false ;
2010-03-09 11:57:49 +01:00
check_admin_referer ( $option_page . '-options' );
2010-03-21 08:38:10 +01:00
}
2005-11-30 08:27:39 +01:00
2017-12-01 00:11:00 +01:00
if ( ! isset ( $whitelist_options [ $option_page ] ) ) {
2020-02-01 23:42:06 +01:00
wp_die (
sprintf (
/* translators: %s: The options page name. */
__ ( '<strong>Error</strong>: Options page %s not found in the options whitelist.' ),
'<code>' . esc_html ( $option_page ) . '</code>'
)
);
2017-12-01 00:11:00 +01:00
}
2008-09-04 03:11:18 +02:00
2020-05-16 20:42:12 +02:00
if ( 'options' === $option_page ) {
2017-01-20 18:39:41 +01:00
if ( is_multisite () && ! current_user_can ( 'manage_network_options' ) ) {
2016-06-29 17:16:29 +02:00
wp_die ( __ ( 'Sorry, you are not allowed to modify unregistered settings for this site.' ) );
2017-01-20 18:39:41 +01:00
}
2017-12-01 00:11:00 +01:00
$options = explode ( ',' , wp_unslash ( $_POST [ 'page_options' ] ) );
2010-03-16 21:59:26 +01:00
} else {
2008-09-04 03:11:18 +02:00
$options = $whitelist_options [ $option_page ];
2010-03-16 21:59:26 +01:00
}
2004-02-13 10:59:47 +01:00
2020-05-16 20:42:12 +02:00
if ( 'general' === $option_page ) {
2014-11-13 18:01:24 +01:00
// Handle custom date/time formats.
2020-05-16 20:42:12 +02:00
if ( ! empty ( $_POST [ 'date_format' ] ) && isset ( $_POST [ 'date_format_custom' ] )
&& '\c\u\s\t\o\m' === wp_unslash ( $_POST [ 'date_format' ] )
) {
2008-10-13 20:32:16 +02:00
$_POST [ 'date_format' ] = $_POST [ 'date_format_custom' ];
2017-12-01 00:11:00 +01:00
}
2020-05-16 20:42:12 +02:00
if ( ! empty ( $_POST [ 'time_format' ] ) && isset ( $_POST [ 'time_format_custom' ] )
&& '\c\u\s\t\o\m' === wp_unslash ( $_POST [ 'time_format' ] )
) {
2008-10-13 20:32:16 +02:00
$_POST [ 'time_format' ] = $_POST [ 'time_format_custom' ];
2017-12-01 00:11:00 +01:00
}
2020-05-16 20:42:12 +02:00
2009-12-23 15:16:36 +01:00
// Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
2017-12-01 00:11:00 +01:00
if ( ! empty ( $_POST [ 'timezone_string' ] ) && preg_match ( '/^UTC[+-]/' , $_POST [ 'timezone_string' ] ) ) {
$_POST [ 'gmt_offset' ] = $_POST [ 'timezone_string' ];
$_POST [ 'gmt_offset' ] = preg_replace ( '/UTC\+?/' , '' , $_POST [ 'gmt_offset' ] );
2009-12-23 15:16:36 +01:00
$_POST [ 'timezone_string' ] = '' ;
}
2014-11-13 18:01:24 +01:00
2017-08-22 13:52:48 +02:00
// Handle translation installation.
2017-08-18 20:31:44 +02:00
if ( ! empty ( $_POST [ 'WPLANG' ] ) && current_user_can ( 'install_languages' ) ) {
2020-02-06 07:33:11 +01:00
require_once ABSPATH . 'wp-admin/includes/translation-install.php' ;
2014-11-13 18:01:24 +01:00
2018-01-24 23:42:30 +01:00
if ( wp_can_install_language_pack () ) {
$language = wp_download_language_pack ( $_POST [ 'WPLANG' ] );
if ( $language ) {
$_POST [ 'WPLANG' ] = $language ;
}
2014-11-13 18:01:24 +01:00
}
}
2008-10-13 20:32:16 +02:00
}
if ( $options ) {
2016-11-04 18:09:31 +01:00
$user_language_old = get_user_locale ();
2008-10-13 20:32:16 +02:00
foreach ( $options as $option ) {
2015-09-18 22:43:25 +02:00
if ( $unregistered ) {
2017-12-01 00:11:00 +01:00
_deprecated_argument (
2018-08-17 03:51:36 +02:00
'options.php' ,
'2.7.0' ,
2015-09-18 22:43:25 +02:00
sprintf (
2019-09-03 02:41:05 +02:00
/* translators: %s: The option/setting. */
2019-07-26 00:45:57 +02:00
__ ( 'The %s setting is unregistered. Unregistered settings are deprecated. See https://developer.wordpress.org/plugins/settings/settings-api/' ),
2020-02-01 23:42:06 +01:00
'<code>' . esc_html ( $option ) . '</code>'
2015-09-18 22:43:25 +02:00
)
);
}
2010-03-21 02:49:00 +01:00
2012-09-14 21:12:35 +02:00
$option = trim ( $option );
2017-12-01 00:11:00 +01:00
$value = null ;
2012-09-14 21:12:35 +02:00
if ( isset ( $_POST [ $option ] ) ) {
$value = $_POST [ $option ];
2016-10-03 09:04:29 +02:00
if ( ! is_array ( $value ) ) {
2012-09-14 21:12:35 +02:00
$value = trim ( $value );
2016-10-03 09:04:29 +02:00
}
2013-03-01 18:14:09 +01:00
$value = wp_unslash ( $value );
2012-09-14 21:12:35 +02:00
}
update_option ( $option , $value );
2006-01-09 23:24:57 +01:00
}
2014-08-26 21:59:16 +02:00
2016-11-04 18:09:31 +01:00
/*
* Switch translation in case WPLANG was changed .
* The global $locale is used in get_locale () which is
* used as a fallback in get_user_locale () .
*/
unset ( $GLOBALS [ 'locale' ] );
$user_language_new = get_user_locale ();
2017-12-01 00:11:00 +01:00
if ( $user_language_old !== $user_language_new ) {
2016-11-04 18:09:31 +01:00
load_default_textdomain ( $user_language_new );
2014-08-26 21:59:16 +02:00
}
2006-01-09 23:24:57 +01:00
}
2007-06-14 04:25:30 +02:00
2020-02-02 03:42:04 +01:00
/*
* Handle settings errors and return to options page .
2010-02-17 18:50:42 +01:00
*/
2020-02-02 03:42:04 +01:00
2010-02-17 18:50:42 +01:00
// If no settings errors were registered add a general 'updated' message.
2017-12-01 00:11:00 +01:00
if ( ! count ( get_settings_errors () ) ) {
2019-08-16 02:39:55 +02:00
add_settings_error ( 'general' , 'settings_updated' , __ ( 'Settings saved.' ), 'success' );
2017-12-01 00:11:00 +01:00
}
set_transient ( 'settings_errors' , get_settings_errors (), 30 );
2010-02-17 18:50:42 +01:00
2020-02-02 03:42:04 +01:00
// Redirect back to the settings page that was submitted.
2017-12-01 00:11:00 +01:00
$goback = add_query_arg ( 'settings-updated' , 'true' , wp_get_referer () );
2008-10-13 20:32:16 +02:00
wp_redirect ( $goback );
2010-03-09 11:57:49 +01:00
exit ;
}
2010-01-12 22:11:52 +01:00
2020-02-06 07:33:11 +01:00
require_once ABSPATH . 'wp-admin/admin-header.php' ; ?>
2004-04-11 10:15:10 +02:00
2003-06-12 00:59:14 +02:00
< div class = " wrap " >
2017-11-27 00:57:55 +01:00
< h1 >< ? php esc_html_e ( 'All Settings' ); ?> </h1>
2019-08-04 15:03:55 +02:00
< div class = " notice notice-warning " >
< p >< strong >< ? php _e ( 'WARNING!' ); ?> </strong> <?php _e( 'This page allows direct access to your site settings. You can break things here. Please be cautious!' ); ?></p>
</ div >
2017-11-27 00:57:55 +01:00
< form name = " form " action = " options.php " method = " post " id = " all-options " >
2017-12-01 00:11:00 +01:00
< ? php wp_nonce_field ( 'options-options' ); ?>
2017-11-27 00:57:55 +01:00
< input type = " hidden " name = " action " value = " update " />
< input type = " hidden " name = " option_page " value = " options " />
2019-05-24 23:56:54 +02:00
< table class = " form-table " role = " presentation " >
2003-06-12 00:59:14 +02:00
< ? php
2010-02-27 23:50:00 +01:00
$options = $wpdb -> get_results ( " SELECT * FROM $wpdb->options ORDER BY option_name " );
2004-04-24 23:21:19 +02:00
2010-02-27 23:50:00 +01:00
foreach ( ( array ) $options as $option ) :
2010-03-11 18:12:23 +01:00
$disabled = false ;
2020-05-16 20:42:12 +02:00
if ( '' === $option -> option_name ) {
2010-01-12 22:11:52 +01:00
continue ;
2017-12-01 00:11:00 +01:00
}
2020-05-16 20:42:12 +02:00
2010-02-27 23:50:00 +01:00
if ( is_serialized ( $option -> option_value ) ) {
if ( is_serialized_string ( $option -> option_value ) ) {
2014-07-17 11:14:16 +02:00
// This is a serialized string, so we should display it.
2017-12-01 00:11:00 +01:00
$value = maybe_unserialize ( $option -> option_value );
2006-10-13 01:54:36 +02:00
$options_to_update [] = $option -> option_name ;
2017-12-01 00:11:00 +01:00
$class = 'all-options' ;
2006-10-13 01:54:36 +02:00
} else {
2017-12-01 00:11:00 +01:00
$value = 'SERIALIZED DATA' ;
2010-03-11 18:12:23 +01:00
$disabled = true ;
2017-12-01 00:11:00 +01:00
$class = 'all-options disabled' ;
2006-10-13 01:54:36 +02:00
}
} else {
2017-12-01 00:11:00 +01:00
$value = $option -> option_value ;
2006-10-13 01:54:36 +02:00
$options_to_update [] = $option -> option_name ;
2017-12-01 00:11:00 +01:00
$class = 'all-options' ;
2006-10-13 01:54:36 +02:00
}
2020-05-16 20:42:12 +02:00
2010-02-27 23:50:00 +01:00
$name = esc_attr ( $option -> option_name );
2014-05-19 19:10:15 +02:00
?>
2004-09-05 02:24:28 +02:00
< tr >
2017-12-01 00:11:00 +01:00
< th scope = " row " >< label for = " <?php echo $name ; ?> " >< ? php echo esc_html ( $option -> option_name ); ?> </label></th>
2014-05-19 19:10:15 +02:00
< td >
2018-02-08 11:58:31 +01:00
< ? php if ( strpos ( $value , " \n " ) !== false ) : ?>
< textarea class = " <?php echo $class ; ?> " name = " <?php echo $name ; ?> " id = " <?php echo $name ; ?> " cols = " 30 " rows = " 5 " >< ? php echo esc_textarea ( $value ); ?> </textarea>
2017-12-01 00:11:00 +01:00
< ? php else : ?>
< input class = " regular-text <?php echo $class ; ?> " type = " text " name = " <?php echo $name ; ?> " id = " <?php echo $name ; ?> " value = " <?php echo esc_attr( $value ); ?> " < ? php disabled ( $disabled , true ); ?> />
2014-05-19 19:10:15 +02:00
< ? php endif ?> </td>
</ tr >
< ? php endforeach ; ?>
2017-11-27 00:57:55 +01:00
</ table >
2010-10-17 20:24:34 +02:00
< input type = " hidden " name = " page_options " value = " <?php echo esc_attr( implode( ',', $options_to_update ) ); ?> " />
2010-10-28 23:56:43 +02:00
< ? php submit_button ( __ ( 'Save Changes' ), 'primary' , 'Update' ); ?>
2010-10-17 20:24:34 +02:00
2017-11-27 00:57:55 +01:00
</ form >
2003-06-12 00:59:14 +02:00
</ div >
< ? php
2020-02-06 07:33:11 +01:00
require_once ABSPATH . 'wp-admin/admin-footer.php' ;