wp_create_nonce('wp-allstars-nonce'), 'ajaxurl' => admin_url('admin-ajax.php') )); } /** * Register core plugin settings */ public static function register_settings() { // Core settings groups - tab-specific settings are registered in their respective manager classes register_setting('wp_allstars_general', 'wp_allstars_general_settings'); register_setting('wp_allstars_advanced', 'wp_allstars_advanced_settings'); } /** * AJAX handler for updating options */ public static function update_option() { // Verify nonce for security check_ajax_referer('wp-allstars-nonce', 'nonce'); // Check if user has proper permissions if (!current_user_can('manage_options')) { wp_send_json_error('Insufficient permissions'); return; } // Validate and sanitize input if (!isset($_POST['option']) || !isset($_POST['value'])) { wp_send_json_error('Missing required parameters'); return; } $option = sanitize_text_field($_POST['option']); // Different sanitization based on expected value type $value = $_POST['value']; if (is_numeric($value)) { $value = intval($value); } elseif (is_string($value)) { $value = sanitize_text_field($value); } elseif (is_array($value)) { $value = array_map('sanitize_text_field', $value); } // Whitelist of allowed options to update for security $allowed_options = array( 'wp_allstars_simple_setting', 'wp_allstars_auto_upload_images', 'wp_allstars_max_width', 'wp_allstars_max_height', 'wp_allstars_exclude_urls', 'wp_allstars_image_name_pattern', 'wp_allstars_image_alt_pattern' ); if (!in_array($option, $allowed_options)) { wp_send_json_error('Invalid option'); return; } // Update the option $result = update_option($option, $value); if ($result) { wp_send_json_success(array( 'message' => 'Option updated successfully', 'option' => $option, 'value' => $value )); } else { wp_send_json_success(array( 'message' => 'No changes made to option', 'option' => $option )); } } /** * Register the admin menu item */ public static function register_admin_menu() { add_options_page( 'WP ALLSTARS Settings', 'WP ALLSTARS', 'manage_options', 'wp-allstars', array(__CLASS__, 'render_settings_page') ); } /** * Render the settings page */ public static function render_settings_page() { global $tabs; $active_tab = isset($_GET['tab']) ? $_GET['tab'] : 'general'; $active_category = isset($_GET['category']) ? $_GET['category'] : 'minimal'; // Tab-specific resources if ($active_tab === 'recommended') { WP_Allstars_Plugin_Manager::clear_plugin_cache(); wp_enqueue_script('plugin-install'); wp_enqueue_script('updates'); add_thickbox(); wp_enqueue_style('wp-allstars-plugins', plugins_url('css/wp-allstars-plugins.css', dirname(__FILE__))); // Add inline script to load plugins on page load wp_add_inline_script('wp-allstars-admin', ' jQuery(document).ready(function($) { if ($("#wpa-plugin-list").length && $("#wpa-plugin-list").is(":empty")) { var category = "' . esc_js($active_category) . '"; var $container = $("#wpa-plugin-list"); var $loadingOverlay = $("
"); // Show loading overlay $container.css("position", "relative").append($loadingOverlay); // AJAX request to get plugins $.ajax({ url: ajaxurl, type: "POST", data: { action: "wp_allstars_get_plugins", category: category, _wpnonce: wpAllstars.nonce }, success: function(response) { $loadingOverlay.remove(); if (response.success) { $container.html(response.data); // Initialize plugin action buttons if (typeof initPluginActions === "function") { initPluginActions(); } // Spinners have been removed from individual cards } else { $container.html("" + response.data + "
Failed to load plugins. Please try again. Error: " + error + "