';
// Actual content of metabox - same used for Post and Pages
// Variables for use in the metabox
if( $dfcg_options['image-url-type'] == 'partial' ) {
$text = 'Partial URL';
$url = $dfcg_options['imageurl'];
if( $url == '' ) {
$url = 'Not defined. You must define this in the DCG Settings page.';
}
} else {
$text = 'Full URL';
$url = 'not used';
}
?>
ID;
}
// Is the user allowed to edit the post or page?
if ( 'page' == $_POST['post_type'] ) {
if ( !current_user_can( 'edit_page', $post->ID ))
return $post->ID;
} else {
if ( !current_user_can( 'edit_post', $post->ID ))
return $post->ID;
}
// Build array from $_POST data
$newdata['_dfcg-image'] = $_POST['_dfcg-image'];
$newdata['_dfcg-desc'] = $_POST['_dfcg-desc'];
$newdata['_dfcg-link'] = $_POST['_dfcg-link'];
$newdata['_dfcg-sort'] = $_POST['_dfcg-sort'];
if( isset( $_POST['_dfcg-exclude'] ) ) {
$newdata['_dfcg-exclude'] = $_POST['_dfcg-exclude'];
} else {
$newdata['_dfcg-exclude'] = false;
}
/* Sanitise data */
// trim whitespace - all options
foreach( $newdata as $key => $value ) {
$input[$key] = trim($value);
}
// Deal with Image (could be partial or full)
$newdata['_dfcg-image'] = esc_attr( $newdata['_dfcg-image'] );
// If we are using Partial URL, check if first character in string is a /
if( substr( $newdata['_dfcg-image'], 0, 1 ) == '/' ) {
// Remove leading slash
$newdata['_dfcg-image'] = substr( $newdata['_dfcg-image'], 1 );
}
// Deal with URLs
$newdata['_dfcg-link'] = esc_url_raw( $newdata['_dfcg-link'] );
// Deal with Description
$allowed_html = array( 'a' => array('href' => array(),'title' => array() ), 'br' => array(), 'em' => array(), 'strong' => array() );
$allowed_protocols = array( 'http', 'https', 'mailto', 'feed' );
$newdata['_dfcg-desc'] = wp_kses( $newdata['_dfcg-desc'], $allowed_html, $allowed_protocols );
// Deal with Sort Order
$newdata['_dfcg-sort'] = substr( $newdata['_dfcg-sort'], 0, 4 );
$newdata['_dfcg-sort'] = esc_attr($newdata['_dfcg-sort']);
// Deal with checkbox - we don't want to save this postmeta if _dfcg-exclude is not true
$newdata['_dfcg-exclude'] = $newdata['_dfcg-exclude'] ? 'true' : NULL;
// Add values of $newdata as custom fields
foreach ($newdata as $key => $value) {
if( $post->post_type == 'revision' ) return; //don't store custom data twice
$value = implode(',', (array)$value); //if $value is an array, make it a CSV (unlikely)
if(get_post_meta($post->ID, $key, FALSE)) { //if the custom field already has a value
update_post_meta($post->ID, $key, $value);
} else { //if the custom field doesn't have a value
add_post_meta($post->ID, $key, $value);
}
if(!$value) delete_post_meta($post->ID, $key); //delete if any are blank, eg _dfcg-exclude is NULL
}
}