WordPress 2.7 requires that plugins explicitly white list their options using a couple new functions. WordPress MU has required this security measure for a while, and it’s nice to see an evolved form of it brought to the core code. Migrating Plugins and Themes to 2.7 article in the codex offers some guidance, but here’s how it works:
First, register each option for your plugin during the admin_init action:
function myplugin_admin_init(){
register_setting( 'my-options-group', 'my-option-name-1', 'absint' );
register_setting( 'my-options-group', 'my-option-name-2', 'wp_filter_nohtml_kses' );
}
add_action( 'admin_init', 'myplugin_admin_init' );In the example above, the value for my-option-name-1 will be filtered by absint before being saved to the options table. my-option-name-2 will be stripped of any HTML by wp_filter_nohtml_kses.
Then build a form like this prototype:
<form method="post" action="options.php">
<?php settings_fields('my-options-group'); ?>
<input name="my-option-name-1" id="my-option-name-1" type="checkbox" value="1" <?php checked('1', get_option('bsuite_insert_related')); ?> />
<input name="my-option-name-2" id="my-option-name-2" type="text" value="<?php format_to_edit( get_option( 'bsuite_insert_related' )) ?>" />
<input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" class="button" />
</form>Easy.
Posted December 17, 2008 by Casey Bisson
Categories: Technology. Tags: compatibility, form validation, plugins, security, wordpress, WordPress 2.7.
6 Comments
Comments RSS
TrackBack Identifier URI
User contributed tags for this post:
wordpress craigslist plugin (65) - wordpress register_setting (38) - wordpress admin_init (27) - register_Settings (27) - tables in wordpress 2.7 (15) - wordpress settings_fields (15) - craigslist wordpress plugin (15) - wordpress plugin options (12) - wordpress 2.7 plugins (10) - Craigslist plugin for wordpress (10) - wordpress 2.7 table plugin (10) - craigslist plugin wordpress (10) - admin_init Wordpress (9) - wordpress 2.7 options (9) - register_setting wordpress (9) - wordpress 2.7 survey plugin (9) - wordpress plugin options page (9) - wordpress 2.7 plugin options (8) - wordpress group plugin (8) - wordpress 2.7 tables (8) - wordpress 2.7 table (7) - wordpress 2.7 photo gallery (7) - wordpress table 2.7 (7) - wordpress table plugin 2.7 (7) - FAlbum wordpress 2.7 (7) - wordpress tables 2.7 (7) - related posts plugin wordpress 2.7 (7) - wp-table 2.7 (7) - table plugin wordpress 2.7 (6) - wordpress table plugin (6) - wordpress 2.7 contact form (6) - flickr plugin wordpress 2.7 (6) - Wordpress group pages (6) - wordpress 2.7 get_option (5) - related post plugin wordpress 2.7 (5) - register_settings wordpress (5) - tables wordpress 2.7 (5) - wordpress whitelist options (5) - wordpress post to craigslist (5) - category groups plugin (5) - wordpress register_settings (5) - settings_fields wordpress (5) - wordpress 2.7 plugin option (4) - where is options in wordpress 2.7 (4) - wordpress 2.7 photo gallery plugin (4) - wordpress options page plugin (4) - wordpress 2.7 rss plugin (4) - plugin options wordpress 2.7 (4) - wordpress 2.7 category ID (4) - photo gallery wordpress 2.7 (4) - flickr wordpress 2.7 (4) - wordpress 2.7 comments on pages (4) - wp-table wordpress 2.7 (4) - WordPress 2.7 photo album (4) - wordpress plugin private pages (4) - private blog wordpress 2.7 (4) - flickr plugin for wordpress 2.7 (4) - adding table to wordpress 2.7 (4) - wordpress related posts 2.7 (4) - plugin options (4) - wordpress to craigslist plugin (4) - wordpress settings api (4) - register_setting (4) - wordpress private pages (3) - popular posts plugin for wordpress 2.7 (3) - popular posts wordpress 2.7 (3) - wordpress 2.7 pages categories (3) - wordpress 2.7 where are the plugins (3) - wordpress 2.7 register_setting (3) - wordpress 2.7 rss (3) - popular posts plugin wordpress 2.7 (3) - wordpress 2.7 flickr (3) - related post plugin for wordpress 2.7 (3) - related posts plugin 2.7 (3) - table plugin wordpress (3) - wordpress 2.7 private blog (3) - wordpress 2.7.1 photo gallery (3) - falbum wordpress 2.7.1 (3) - wordpress 2.7.1 gallery (3) - wordpress 2.7 table in post (3) - wordpress comments on pages (3) - post to craigslist plugin (3) - wordpress 2.7 html tables (3) - wordpress recent pages plugin (3) - wordpress options page (3) - wordpress 2.7.1 plugin options (3) - wordpress pages in categories (3) - how to post two page wordpress (3) - comments pages wordpress (3) - wordpress related posts plugin 2.7.1 (3) - wordpress tables in pages (3) - post to craigslist from wordpress (3) - wordpress options whitelist (3) - wordpress plugins craigslist (3) - craiglist wordpress plugin (3) - wordpress post to craigslist plugin (3) - registering options in plugin wordpress (3) - two blog pages wordpress (3) - wordpress plugin for craigslist (3) - settings_fields (3) - craigslist wordpress (3) - wordpress (2) - pages in wordpress (2) - private pages wordpress (2) - wordpress 2.7 plugin (2) - options.php wordpress plugin (2) - wordpress 2.7 paged comments (2) - popular post plugin for wordpress 2.7 (2) - where are the plugins options in 2.7 (2) - table wordpress plugin (2) - tables on wordpress pages (2) - wordpress tables plugin 2.7 (2) - flickrRSS wordpress 2.7 (2) - wordpress 2.7 contact page (2) - flickr rss wordpress 2.7 (2) - wordpress 2.7 plugin gallery (2) - wordpress 2.7 photo plugin (2) - wordpress.org categories pages plugin (2) - wordpress 2.7 contact (2) - wordpress 2.7 options page (2) - wordpress private blog 2.7.1 (2) - table plugin for wordpress 2.7 (2) - wordpress 2.7.1 options (2) - wordpress private pages plugin (2) - posting to two pages in wordpress (2) - wordpress table with picture (2) - contact form for wordpress 2.7 (2) - wordpress 2.7 counter (2) - wordpress plugin pages in categories (2) - recent pages wordpress (2) - wordpress table plugin for 2.7 (2) - wordpress 2.7 popular posts (2) - wordpress plugin options 2.7.1 (2) - Wordpress 2.7.1 get_option (2) - using tables in wordpress 2.7 (2) - wordpress 2.7.1 plugins (2) - best Related Posts Plugin for WP 2.7 (2) - wordpress tables in posts (2) - rss plugin for pages in wordpress (2) - wordpress whitelist (2) - cforms wordpress 2.7 (2) - how to post to pages in wordpress (2) - wordpress 2.7 flickr gallery (2) - wordpress 2.7.1 contact form (2) - tables plugin wordpress 2.7 (2) - wordpress 2.7 flickr plugin (2) - wordpress options table (2) - survey plugin wordpress mu (2) - tables on wordpress post (2) - register plugin options in WordPress 2.7 (2) -
Thanks, this helped a lot!
Most interesting.Great idea.
Just what I needed, thanks!
[...] to Casey Bisson for his help with [...]
wow, easy huh? lol, I have no idea where each code goes to which file. I know I am working with the options.php missing when I set my plugins only 2 settings which is user name and password. Do I edit the plugins options file along with wp_options file or is it just the plugins file I edit?
The docs for the 2.7 settings are so bad. And it seems that the “new settings api” (http://codex.wordpress.org/Settings_API) does not work with custom settings pages. Thanks to your post at least I know how to do it without the settings api :-/