### Eclipse Workspace Patch 1.0 #P wordpress Index: wp-admin/options.php =================================================================== --- wp-admin/options.php (revision 10593) +++ wp-admin/options.php (working copy) @@ -83,6 +83,148 @@ wp_redirect( $goback ); break; +case 'serialoption': +// viewer for a serialized option value. + + // validate input + $option_name = isset( $_GET['option_name'] ) ? (string) trim( $_GET['option_name'] ) : null; + + if ( $option_name === null ) + wp_die(__('Cheatin’ uh?')); + + $r = preg_match('/^[a-z0-9_]*$/', $option_name); + if ( $r == 0 ) + wp_die(__('Cheatin’ uh?')); + + $options_to_update = array(); // nothing to update right now. + + include('admin-header.php'); ?> +
+ +

+
+ + + +get_results(sprintf("SELECT * FROM %s WHERE option_name = '%s'", $wpdb->options, $option_name)); + + // the serialoption page can handle only one value + if ( count($options) != 1) + wp_die(__('Cheatin’ uh?')); + + $option = $options[0]; + + // $option must be stdclass to continue + if ( is_object($option) == false ) + wp_die(__('Cheatin’ uh?')); + + // not a serialized value? well, handeled in full options page already + if ( !is_serialized($option->option_value) ) + wp_die(__('Cheatin’ uh?')); + + // this case is handeled in the full options page already as well + if ( is_serialized_string($option->option_value) ) + wp_die(__('Cheatin’ uh?')); + + // unserialize: false on failure, notice will be given as well (usefull for the admin) + $unserialized = unserialize($option->option_value); + + // serialized scalar makes not much sense right now + if ( is_scalar($unserialized) ) + wp_die(__('Cheatin’ uh?')); + + // array + // object - will fail/become '__PHP_Incomplete_Class_Name' if class is not defined + + $title = $type = 'UNDEFINED'; + + switch ( true ) { + case is_scalar($unserialized): + $title = 'SCALAR'; + $type = 'SCALAR'; + break; + + case is_object($unserialized): + $title = sprintf('OBJECT (%s)', get_class($unserialized)); + $type = 'OBJECT'; + break; + + case is_array($unserialized): + $title = sprintf('ARRAY (%d Elements)', count($unserialized)); + $type = 'ARRAY'; + break; + + case gettype($unserialized) == 'object': + // this is a fallback since sometime is_object did not make it. + $title = sprintf('OBJECT (%s)', get_class($unserialized)); + $type = 'OBJECT'; + break; + + default: + $title = 'UNKNOWN TYPE ' . gettype($unserialized); + $type = 'UNKNOWN'; + } // end inner switch + + $values = array('UNDEFINED' => ''); + + switch ( $type ) { + case 'SCALAR': + $values = array($type => (string) $unserialized); + break; + + case 'OBJECT': + $values = array(get_class($unserialized) => $unserialized); + break; + + case 'ARRAY': + $values = $unserialized; + break; + + default: + $values = array('UNKNOWN' => ''); + } // end inner switch + +?> +

+ + $value ): + + $id = sprintf('edit-%s', htmlspecialchars($key)); + $html_label = sprintf( '', $id, htmlspecialchars($key)); + + // prevent recurisions, stacked arrays and such + if (! is_scalar($value) ) { + $value = print_r($value, true); + } + + // put values in form elements for a better editing experience + // $html_input = sprintf('
%s
', htmlspecialchars(print_r($value, true)) ); + if ( strpos($value, "\n") !== false ) { + $html_input = sprintf('', $id, $id, htmlspecialchars($value)); + } else { + $html_input = sprintf('', $id, $id, htmlspecialchars($value), $disabled); + } +?> + + + + + +
+

+ + + +

+
+
+ @@ -99,38 +241,50 @@ foreach ( (array) $options as $option) : $disabled = ''; + $more = false; $option->option_name = attribute_escape($option->option_name); if ( is_serialized($option->option_value) ) { if ( is_serialized_string($option->option_value) ) { // this is a serialized string, so we should display it $value = maybe_unserialize($option->option_value); $options_to_update[] = $option->option_name; - $class = 'all-options'; + $class = 'all-options'; } else { - $value = 'SERIALIZED DATA'; + $value = sprintf('SERIALIZED DATA (~ %s %s)', number_format(strlen($option->option_value)), __('Bytes') ); $disabled = ' disabled="disabled"'; - $class = 'all-options disabled'; - } - } else { + $class = 'all-options disabled'; + $more = true; + } + } else { $value = $option->option_value; - $options_to_update[] = $option->option_name; + $options_to_update[] = $option->option_name; $class = 'all-options'; } - echo " - - -"; - - if (strpos($value, "\n") !== false) echo ""; - else echo ""; + + $html_label = sprintf( '', $option->option_name ); + $html_input = ''; + if ( strpos($value, "\n") !== false ) { + $html_input = sprintf('', $class, $option->option_name, $option->option_name, wp_specialchars($value)); + } else { + $html_input = sprintf('', $class, $option->option_name, $option->option_name, attribute_escape($value), $disabled); + } + + /* more info on seriazlied data, add the expand button to gain access to serialoption */ + if ( $more ) { + $html_href = sprintf('options.php?action=serialoption&option_name=%s', urlencode($option->option_name)); + $html_label = sprintf('%s', $html_href, $option->option_name); + // uncommented: for label/expand button combo but I like the other combo more. $html_input .= sprintf(' %s', $html_href, _('Expand')); + } - echo " -"; -endforeach; ?> + + + + + -

+