[wp-hackers] register_setting and unregister_setting
Ryan Boren
ryan at boren.nu
Tue Oct 21 16:52:24 GMT 2008
On Tue, Oct 21, 2008 at 9:13 AM, Stephane Daury <wordpress at tekartist.org> wrote:
>
> In regards to
> http://codex.wordpress.org/Migrating_Plugins_and_Themes_to_2.7#Plugins_need_to_Register_their_Options and
> http://codex.wordpress.org/Version_2.7#Administration_Manage_Section_API
>
> http://trac.wordpress.org/browser/trunk/wp-admin/includes/plugin.php#L812
>
> Can anyone brief us on what exactly are the register_setting and
> unregister_setting functions are, when/where they'll be required exactly and
> how to use them for our plugins?
> Especially since the migration page states that WPMU currently uses them.
Actually, WPMU doesn't have register_setting() and
unregister_setting() yet. It uses add_option_update_handler() and
remove_option_update_handler(). It will get the register/unregister
aliases eventually.
WP 2.7 doesn't require using these functions, but WPMU does. Any
plugin that uses options.php as a post handler for option updates must
use these functions to whitelist their options and register
sanitization callbacks for them. In WPMU, this is required to prevent
admins (who are not necessarily trusted on a WPMU setup that allows
anyone to create a blog) from tinkering with private options such as
rewrite_rules or active_plugins.
Here's how to use them, if you are so inclined.
// Do the following off of admin_init for each setting you want to update
register_setting('some-options', 'option-1', 'intval');
register_setting('some-options', 'option-2', 'intval');
Do this in your option update form:
settings_fields('some-options');
settings_fields() outputs all of the hidden fields that options.php
will check, including the nonce. You no longer need to setup the
page_options hidden field if you use the new API.
More information about the wp-hackers
mailing list