';
if ( $l_bool_settings_updated ) {
echo sprintf( '
%s
', __( 'Settings saved', 'footnotes' ) );
}
// Form to submit the active section.
echo '';
echo '
';
// Echo JavaScript for the expand/collapse function of the meta boxes.
echo '';
}
// phpcs:enable WordPress.Security.NonceVerification.Recommended, WordPress.Security.NonceVerification.Missing
// phpcs:disable WordPress.Security.NonceVerification.Recommended, WordPress.Security.NonceVerification.Missing
/**
* Save all Plugin settings.
*
* @since 1.5.0
* @return bool
*/
private function save_settings() {
$l_arr_new_settings = array();
// TODO: add nonce verification.
// Get current section.
reset( $this->a_arr_sections );
$l_str_active_section_id = isset( $_GET['t'] ) ? wp_unslash( $_GET['t'] ) : key( $this->a_arr_sections );
$l_arr_active_section = $this->a_arr_sections[ $l_str_active_section_id ];
foreach ( MCI_Footnotes_Settings::instance()->get_defaults( $l_arr_active_section['container'] ) as $l_str_key => $l_mixed_value ) {
if ( array_key_exists( $l_str_key, $_POST ) ) {
$l_arr_new_settings[ $l_str_key ] = wp_unslash( $_POST[ $l_str_key ] );
} else {
// Setting is not defined in the POST array, define it to avoid the Default value.
$l_arr_new_settings[ $l_str_key ] = '';
}
}
// Update settings.
return MCI_Footnotes_Settings::instance()->save_options( $l_arr_active_section['container'], $l_arr_new_settings );
}
// phpcs:enable WordPress.Security.NonceVerification.Recommended, WordPress.Security.NonceVerification.Missing
/**
* Output the Description of a section. May be overwritten in any section.
*
* @since 1.5.0
*/
public function description() {
// Default no description will be displayed.
}
/**
* Loads specific setting and returns an array with the keys [id, name, value].
*
* @since 1.5.0
* @param string $p_str_setting_key_name Settings Array key name.
* @return array Contains Settings ID, Settings Name and Settings Value.
*
* @since 2.5.11 Remove escapement function.
* When refactoring the codebase after 2.5.8, all and every output was escaped.
* After noticing that the plugin was broken, all escapement functions were removed.
* @link https://github.com/markcheret/footnotes/pull/50/commits/25c3f2f12eb5de1079e9215bf624ec4289b095a5
* @link https://github.com/markcheret/footnotes/pull/50#issuecomment-787624123
* In that process, this instance of esc_attr() was removed too, so the plugin was
* broken again.
* @link https://github.com/markcheret/footnotes/pull/50/commits/25c3f2f12eb5de1079e9215bf624ec4289b095a5#diff-a8ed6e859c32a18fc10bbbad3b4dd8ce7f43f2378d29471c7638e314ab30f1bdL349-L354
*
* @since 2.5.15 To fix it, the data was escaped in add_select_box() instead.
* @since 2.6.1 Restore esc_attr() in load_setting().
* @see add_select_box()
* This is the only instance of esc_|kses|sanitize in the pre-2.5.11 codebase.
* Removing this did not fix the quotation mark backslash escapement bug.
*/
protected function load_setting( $p_str_setting_key_name ) {
// Get current section.
reset( $this->a_arr_sections );
$p_arr_return = array();
$p_arr_return['id'] = sprintf( '%s', $p_str_setting_key_name );
$p_arr_return['name'] = sprintf( '%s', $p_str_setting_key_name );
$p_arr_return['value'] = esc_attr( MCI_Footnotes_Settings::instance()->get( $p_str_setting_key_name ) );
return $p_arr_return;
}
/**
* Returns a line break to start a new line.
*
* @since 1.5.0
* @return string
*/
protected function add_newline() {
return ' ';
}
/**
* Returns a line break to have a space between two lines.
*
* @since 1.5.0
* @return string
*/
protected function add_line_space() {
return '
';
}
/**
* Returns a simple text inside html text.
*
* @since 1.5.0
* @param string $p_str_text Message to be surrounded with simple html tag (span).
* @return string
*/
protected function add_text( $p_str_text ) {
return sprintf( '%s', $p_str_text );
}
/**
* Returns the html tag for an input/select label.
*
* @since 1.5.0
* @param string $p_str_setting_name Name of the Settings key to connect the Label with the input/select field.
* @param string $p_str_caption Label caption.
* @return string
*/
protected function add_label( $p_str_setting_name, $p_str_caption ) {
if ( empty( $p_str_caption ) ) {
return '';
}
/*
* Remove the colon causing localization issues with French, and with
* languages not using punctuation at all, and with languages using other
* punctuation marks instead of colon, e.g. Greek using a raised dot.
* In French, colon is preceded by a space, forcibly non-breaking, and
* narrow per new school.
* Add colon to label strings for inclusion in localization. Colon after
* label is widely preferred best practice, mandatory per
* [style guides](https://softwareengineering.stackexchange.com/questions/234546/colons-in-internationalized-ui).
*/
return sprintf( '', $p_str_setting_name, $p_str_caption );
}
/**
* Returns the html tag for an input [type = text].
*
* @since 1.5.0
* @param string $p_str_setting_name Name of the Settings key to pre load the input field.
* @param int $p_str_max_length Maximum length of the input, default 999 characters.
* @param bool $p_bool_readonly Set the input to be read only, default false.
* @param bool $p_bool_hidden Set the input to be hidden, default false.
* @return string
*/
protected function add_text_box( $p_str_setting_name, $p_str_max_length = 999, $p_bool_readonly = false, $p_bool_hidden = false ) {
$l_str_style = '';
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
if ( $p_bool_hidden ) {
$l_str_style .= 'display:none;';
}
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$p_str_max_length,
$l_str_style,
$l_arr_data['value'],
$p_bool_readonly ? 'readonly="readonly"' : ''
);
}
/**
* Returns the html tag for an input [type = checkbox].
*
* @since 1.5.0
* @param string $p_str_setting_name Name of the Settings key to pre load the input field.
* @return string
*/
protected function add_checkbox( $p_str_setting_name ) {
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
MCI_Footnotes_Convert::to_bool( $l_arr_data['value'] ) ? 'checked="checked"' : ''
);
}
/**
* Returns the html tag for a select box.
*
* @since 1.5.0
*
* - Bugfix: Dashboard: Referrers and tooltips: Backlink symbol: debug select box by reverting identity check to equality check, thanks to @lolzim bug report.
*
* @reporter @lolzim
*
* @since 2.5.13
* @param string $p_str_setting_name Name of the Settings key to pre select the current value.
* @param array $p_arr_options Possible options to be selected.
* @return string
*
* @since 2.5.15 Bugfix: Dashboard: General settings: Footnote start and end short codes: debug select box for shortcodes with pointy brackets.
* @since 2.6.1 Restore esc_attr() in load_setting(), remove htmlspecialchars() here.
*/
protected function add_select_box( $p_str_setting_name, $p_arr_options ) {
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
$l_str_options = '';
// Loop through all array keys.
foreach ( $p_arr_options as $l_str_value => $l_str_caption ) {
$l_str_options .= sprintf(
'',
$l_str_value,
// Only check for equality, not identity, WRT backlink symbol arrows.
$l_str_value == $l_arr_data['value'] ? 'selected' : '',
$l_str_caption
);
}
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$l_str_options
);
}
/**
* Returns the html tag for a text area.
*
* @since 1.5.0
* @param string $p_str_setting_name Name of the Settings key to pre fill the text area.
* @return string
*/
protected function add_textarea( $p_str_setting_name ) {
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$l_arr_data['value']
);
}
/**
* Returns the html tag for an input [type = text] with color selection class.
*
* @since 1.5.6
* @param string $p_str_setting_name Name of the Settings key to pre load the input field.
* @return string
*/
protected function add_color_selection( $p_str_setting_name ) {
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$l_arr_data['value']
);
}
/**
* Returns the html tag for an input [type = num].
*
* @since 1.5.0
* @param string $p_str_setting_name Name of the Settings key to pre load the input field.
* @param int $p_in_min Minimum value.
* @param int $p_int_max Maximum value.
* @param bool $p_bool_deci true if 0.1 steps and floating to string, false if integer (default).
* @return string
*
* Edited:
* @since 2.1.4 step argument and number_format() to allow decimals 2020-12-03T0631+0100..2020-12-12T1110+0100
*/
protected function add_num_box( $p_str_setting_name, $p_in_min, $p_int_max, $p_bool_deci = false ) {
// Collect data for given settings field.
$l_arr_data = $this->load_setting( $p_str_setting_name );
if ( $p_bool_deci ) {
$l_str_value = number_format( floatval( $l_arr_data['value'] ), 1 );
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$l_str_value,
$p_in_min,
$p_int_max
);
} else {
return sprintf(
'',
$l_arr_data['name'],
$l_arr_data['id'],
$l_arr_data['value'],
$p_in_min,
$p_int_max
);
}
}
}