Theme settings – "Cheating uh?" for non-admins
-
I built my theme settings page based on this (probably a bit too old) tutorial, and it’s been working fine when I developed my site as a admin user, but when the site went public and more users came along I got the “Cheating uh?” error when updating the theme settings for non-admin users (ie. editors).
I’ve done some googling and found out that the problem is probably that my form points to “options.php”, which is causing the problem for non-admin users. But is there any way I can fix my theme options page without rewriting it completely? I’ve figured that I should probably use the “Theme Customization API” the next time.
Here’s my current theme-options.php:
<?php add_action( 'admin_init', 'theme_options_init' ); add_action( 'admin_menu', 'theme_options_add_page' ); /** * Init plugin options to white list our options */ function theme_options_init(){ register_setting( 'er_options', 'my_theme_options', 'theme_options_validate' ); } /** * Load up the menu page */ function theme_options_add_page() { add_theme_page( __( 'Innstillinger', 'my_theme' ), __( 'Innstillinger', 'my_theme' ), 'edit_theme_options', 'theme_options', 'theme_options_do_page' ); } /** * Create the options page */ function theme_options_do_page() { global $select_options, $radio_options; if ( ! isset( $_REQUEST['settings-updated'] ) ) $_REQUEST['settings-updated'] = false; ?> <div class="wrap"> <?php screen_icon(); echo "<h2>" . __( ' Innstillinger', 'my_theme' ) . "</h2>"; ?> <?php if ( false !== $_REQUEST['settings-updated'] ) : ?> <div class="updated fade"><p><strong><?php _e( 'Options saved', 'my_theme' ); ?></strong></p></div> <?php endif; ?> <form method="post" action="options.php"> <?php settings_fields( 'er_options' ); ?> <?php $options = get_option( 'my_theme_options' ); ?> <!-- lots of inputs and textareas here. For example: --> <input id="my_theme_options[<?php echo $textval; ?>]" class="regular-text" type="text" name="my_theme_options[<?php echo $textval; ?>]" value="<?php esc_attr_e( $options[$textval] ) ; ?>" /> <p class="submit"> <input type="submit" class="button-primary" value="<?php _e( 'Save Options', 'my_theme' ); ?>" /> </p> </form> </div> <?php } /** * Sanitize and validate input. Accepts an array, return a sanitized array. */ function theme_options_validate( $input ) { global $select_options, $radio_options; // Validation return $input; } // adapted from http://planetozh.com/blog/2009/05/handling-plugins-options-in-wordpress-28-with-register_setting/
- The topic ‘Theme settings – "Cheating uh?" for non-admins’ is closed to new replies.