m_cache = $cache; $this->m_admin_ui = $admin_ui; add_action('admin_menu', array(&$this, 'action_admin_menu')); } // --------------------------------------------------------------------------- // hooks // --------------------------------------------------------------------------- function action_admin_menu() { add_submenu_page('options-general.php', __('Exec-PHP Options', ExecPhp_PLUGIN_ID), __('Exec-PHP', ExecPhp_PLUGIN_ID), ExecPhp_CAPABILITY_EDIT_PLUGINS, __FILE__, array(&$this, 'submenu_page_option_general')); } // --------------------------------------------------------------------------- // tools // --------------------------------------------------------------------------- function print_request_users($display_id, $legend, $introduction) { ?>

m_cache->get_option(); if (isset($_POST[ExecPhp_ACTION_UPDATE_OPTIONS])) { check_admin_referer(ExecPhp_ACTION_UPDATE_OPTIONS); $option->set_from_POST(); $option->save(); echo '

'. __('Options saved.', ExecPhp_PLUGIN_ID) . "

\n"; } $this->m_admin_ui->toggle_action($option->get_status()); ?>
= 0) : ?>

<?php ?> code in your posts, pages and text widgets. See the local documentation for further information. The latest version of the plugin, documentation and information will be found on the official plugin homepage.', ExecPhp_PLUGIN_ID), get_option('siteurl'). '/'. ExecPhp_DIR. '/docs/readme.html'); ?>

print_request_users(ExecPhp_ID_INFO_SECURITY_HOLE, __('Security Hole', ExecPhp_PLUGIN_ID), sprintf(__('The following list shows which users have either or both of the "%1$s" or "%2$s" capability and are allowed to change others PHP code by having the "%3$s" capability but do not have the "%4$s" capability for themself. This is a security hole, because the listed users can write and execute PHP code in articles of other users although they are not supposed to execute PHP code at all.', ExecPhp_PLUGIN_ID), ExecPhp_CAPABILITY_EDIT_OTHERS_POSTS, ExecPhp_CAPABILITY_EDIT_OTHERS_PAGES, ExecPhp_CAPABILITY_EDIT_OTHERS_PHP, ExecPhp_CAPABILITY_EXECUTE_ARTICLES)); ?> = 0) : ?> print_request_users(ExecPhp_ID_INFO_WIDGETS, __('Executing PHP Code in Text Widgets', ExecPhp_PLUGIN_ID), sprintf(__('The following list shows which users have the "%s" capability and therefore are allowed to write and execute PHP code in text widgets. In case you have deselected the option "Execute PHP code in text widgets" from above, this list will appear empty.', ExecPhp_PLUGIN_ID), ExecPhp_CAPABILITY_EXECUTE_WIDGETS)); ?> print_request_users(ExecPhp_ID_INFO_EXECUTE_ARTICLES, __('Executing PHP Code in Articles', ExecPhp_PLUGIN_ID), sprintf(__('The following list shows which users have the "%s" capability and therefore are allowed to execute PHP code in articles.', ExecPhp_PLUGIN_ID), ExecPhp_CAPABILITY_EXECUTE_ARTICLES)); ?>