class-wc-admin-settings.php — WooCommerce 7.4.0-rc.2

woocommerce / includes / admin / class-wc-admin-settings.php

woocommerce / includes / admin Last commit date

class-wc-admin-settings.php

965 lines

1	<?php
2	/**
3	* WooCommerce Admin Settings Class
4	*
5	* @package WooCommerce\Admin
6	* @version 3.4.0
7	*/
8
9	use Automattic\Jetpack\Constants;
10	use Automattic\WooCommerce\Utilities\ArrayUtil;
11
12	if ( ! defined( 'ABSPATH' ) ) {
13	exit;
14	}
15
16	if ( ! class_exists( 'WC_Admin_Settings', false ) ) :
17
18	/**
19	* WC_Admin_Settings Class.
20	*/
21	class WC_Admin_Settings {
22
23	/**
24	* Setting pages.
25	*
26	* @var array
27	*/
28	private static $settings = array();
29
30	/**
31	* Error messages.
32	*
33	* @var array
34	*/
35	private static $errors = array();
36
37	/**
38	* Update messages.
39	*
40	* @var array
41	*/
42	private static $messages = array();
43
44	/**
45	* Include the settings page classes.
46	*/
47	public static function get_settings_pages() {
48	if ( empty( self::$settings ) ) {
49	$settings = array();
50
51	include_once dirname( __FILE__ ) . '/settings/class-wc-settings-page.php';
52
53	$settings[] = include __DIR__ . '/settings/class-wc-settings-general.php';
54	$settings[] = include __DIR__ . '/settings/class-wc-settings-products.php';
55	$settings[] = include __DIR__ . '/settings/class-wc-settings-tax.php';
56	$settings[] = include __DIR__ . '/settings/class-wc-settings-shipping.php';
57	$settings[] = include __DIR__ . '/settings/class-wc-settings-payment-gateways.php';
58	$settings[] = include __DIR__ . '/settings/class-wc-settings-accounts.php';
59	$settings[] = include __DIR__ . '/settings/class-wc-settings-emails.php';
60	$settings[] = include __DIR__ . '/settings/class-wc-settings-integrations.php';
61	$settings[] = include __DIR__ . '/settings/class-wc-settings-advanced.php';
62
63	self::$settings = apply_filters( 'woocommerce_get_settings_pages', $settings );
64	}
65
66	return self::$settings;
67	}
68
69	/**
70	* Save the settings.
71	*/
72	public static function save() {
73	global $current_tab;
74
75	check_admin_referer( 'woocommerce-settings' );
76
77	// Trigger actions.
78	do_action( 'woocommerce_settings_save_' . $current_tab );
79	do_action( 'woocommerce_update_options_' . $current_tab );
80	do_action( 'woocommerce_update_options' );
81
82	self::add_message( __( 'Your settings have been saved.', 'woocommerce' ) );
83	self::check_download_folder_protection();
84
85	// Clear any unwanted data and flush rules.
86	update_option( 'woocommerce_queue_flush_rewrite_rules', 'yes' );
87	WC()->query->init_query_vars();
88	WC()->query->add_endpoints();
89
90	do_action( 'woocommerce_settings_saved' );
91	}
92
93	/**
94	* Add a message.
95	*
96	* @param string $text Message.
97	*/
98	public static function add_message( $text ) {
99	self::$messages[] = $text;
100	}
101
102	/**
103	* Add an error.
104	*
105	* @param string $text Message.
106	*/
107	public static function add_error( $text ) {
108	self::$errors[] = $text;
109	}
110
111	/**
112	* Output messages + errors.
113	*/
114	public static function show_messages() {
115	if ( count( self::$errors ) > 0 ) {
116	foreach ( self::$errors as $error ) {
117	echo '<div id="message" class="error inline"><p><strong>' . esc_html( $error ) . '</strong></p></div>';
118	}
119	} elseif ( count( self::$messages ) > 0 ) {
120	foreach ( self::$messages as $message ) {
121	echo '<div id="message" class="updated inline"><p><strong>' . esc_html( $message ) . '</strong></p></div>';
122	}
123	}
124	}
125
126	/**
127	* Settings page.
128	*
129	* Handles the display of the main woocommerce settings page in admin.
130	*/
131	public static function output() {
132	global $current_section, $current_tab;
133
134	$suffix = Constants::is_true( 'SCRIPT_DEBUG' ) ? '' : '.min';
135
136	do_action( 'woocommerce_settings_start' );
137
138	wp_enqueue_script( 'woocommerce_settings', WC()->plugin_url() . '/assets/js/admin/settings' . $suffix . '.js', array( 'jquery', 'wp-util', 'jquery-ui-datepicker', 'jquery-ui-sortable', 'iris', 'selectWoo' ), WC()->version, true );
139
140	wp_localize_script(
141	'woocommerce_settings',
142	'woocommerce_settings_params',
143	array(
144	'i18n_nav_warning' => __( 'The changes you made will be lost if you navigate away from this page.', 'woocommerce' ),
145	'i18n_moved_up' => __( 'Item moved up', 'woocommerce' ),
146	'i18n_moved_down' => __( 'Item moved down', 'woocommerce' ),
147	'i18n_no_specific_countries_selected' => __( 'Selecting no country / region to sell to prevents from completing the checkout. Continue anyway?', 'woocommerce' ),
148	)
149	);
150
151	// Get tabs for the settings page.
152	$tabs = apply_filters( 'woocommerce_settings_tabs_array', array() );
153
154	include dirname( __FILE__ ) . '/views/html-admin-settings.php';
155	}
156
157	/**
158	* Get a setting from the settings API.
159	*
160	* @param string $option_name Option name.
161	* @param mixed $default Default value.
162	* @return mixed
163	*/
164	public static function get_option( $option_name, $default = '' ) {
165	if ( ! $option_name ) {
166	return $default;
167	}
168
169	// Array value.
170	if ( strstr( $option_name, '[' ) ) {
171
172	parse_str( $option_name, $option_array );
173
174	// Option name is first key.
175	$option_name = current( array_keys( $option_array ) );
176
177	// Get value.
178	$option_values = get_option( $option_name, '' );
179
180	$key = key( $option_array[ $option_name ] );
181
182	if ( isset( $option_values[ $key ] ) ) {
183	$option_value = $option_values[ $key ];
184	} else {
185	$option_value = null;
186	}
187	} else {
188	// Single value.
189	$option_value = get_option( $option_name, null );
190	}
191
192	if ( is_array( $option_value ) ) {
193	$option_value = wp_unslash( $option_value );
194	} elseif ( ! is_null( $option_value ) ) {
195	$option_value = stripslashes( $option_value );
196	}
197
198	return ( null === $option_value ) ? $default : $option_value;
199	}
200
201	/**
202	* Output admin fields.
203	*
204	* Loops through the woocommerce options array and outputs each field.
205	*
206	* @param array[] $options Opens array to output.
207	*/
208	public static function output_fields( $options ) {
209	foreach ( $options as $value ) {
210	if ( ! isset( $value['type'] ) ) {
211	continue;
212	}
213	if ( ! isset( $value['id'] ) ) {
214	$value['id'] = '';
215	}
216
217	// The 'field_name' key can be used when it is useful to specify an input field name that is different
218	// from the input field ID. We use the key 'field_name' because 'name' is already in use for a different
219	// purpose.
220	if ( ! isset( $value['field_name'] ) ) {
221	$value['field_name'] = $value['id'];
222	}
223	if ( ! isset( $value['title'] ) ) {
224	$value['title'] = isset( $value['name'] ) ? $value['name'] : '';
225	}
226	if ( ! isset( $value['class'] ) ) {
227	$value['class'] = '';
228	}
229	if ( ! isset( $value['css'] ) ) {
230	$value['css'] = '';
231	}
232	if ( ! isset( $value['default'] ) ) {
233	$value['default'] = '';
234	}
235	if ( ! isset( $value['desc'] ) ) {
236	$value['desc'] = '';
237	}
238	if ( ! isset( $value['desc_tip'] ) ) {
239	$value['desc_tip'] = false;
240	}
241	if ( ! isset( $value['placeholder'] ) ) {
242	$value['placeholder'] = '';
243	}
244	if ( ! isset( $value['suffix'] ) ) {
245	$value['suffix'] = '';
246	}
247	if ( ! isset( $value['value'] ) ) {
248	$value['value'] = self::get_option( $value['id'], $value['default'] );
249	}
250
251	// Custom attribute handling.
252	$custom_attributes = array();
253
254	if ( ! empty( $value['custom_attributes'] ) && is_array( $value['custom_attributes'] ) ) {
255	foreach ( $value['custom_attributes'] as $attribute => $attribute_value ) {
256	$custom_attributes[] = esc_attr( $attribute ) . '="' . esc_attr( $attribute_value ) . '"';
257	}
258	}
259
260	// Description handling.
261	$field_description = self::get_field_description( $value );
262	$description = $field_description['description'];
263	$tooltip_html = $field_description['tooltip_html'];
264
265	// Switch based on type.
266	switch ( $value['type'] ) {
267
268	// Section Titles.
269	case 'title':
270	if ( ! empty( $value['title'] ) ) {
271	echo '<h2>' . esc_html( $value['title'] ) . '</h2>';
272	}
273	if ( ! empty( $value['desc'] ) ) {
274	echo '<div id="' . esc_attr( sanitize_title( $value['id'] ) ) . '-description">';
275	echo wp_kses_post( wpautop( wptexturize( $value['desc'] ) ) );
276	echo '</div>';
277	}
278	echo '<table class="form-table">' . "\n\n";
279	if ( ! empty( $value['id'] ) ) {
280	do_action( 'woocommerce_settings_' . sanitize_title( $value['id'] ) );
281	}
282	break;
283
284	case 'info':
285	echo '<tr><th scope="row" class="titledesc"/><td style="' . esc_attr( $value['css'] ) . '">';
286	echo wp_kses_post( wpautop( wptexturize( $value['text'] ) ) );
287	echo '</td></tr>';
288	break;
289
290	// Section Ends.
291	case 'sectionend':
292	if ( ! empty( $value['id'] ) ) {
293	do_action( 'woocommerce_settings_' . sanitize_title( $value['id'] ) . '_end' );
294	}
295	echo '</table>';
296	if ( ! empty( $value['id'] ) ) {
297	do_action( 'woocommerce_settings_' . sanitize_title( $value['id'] ) . '_after' );
298	}
299	break;
300
301	// Standard text inputs and subtypes like 'number'.
302	case 'text':
303	case 'password':
304	case 'datetime':
305	case 'datetime-local':
306	case 'date':
307	case 'month':
308	case 'time':
309	case 'week':
310	case 'number':
311	case 'email':
312	case 'url':
313	case 'tel':
314	$option_value = $value['value'];
315
316	?><tr valign="top">
317	<th scope="row" class="titledesc">
318	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
319	</th>
320	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">
321	<input
322	name="<?php echo esc_attr( $value['field_name'] ); ?>"
323	id="<?php echo esc_attr( $value['id'] ); ?>"
324	type="<?php echo esc_attr( $value['type'] ); ?>"
325	style="<?php echo esc_attr( $value['css'] ); ?>"
326	value="<?php echo esc_attr( $option_value ); ?>"
327	class="<?php echo esc_attr( $value['class'] ); ?>"
328	placeholder="<?php echo esc_attr( $value['placeholder'] ); ?>"
329	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
330	/><?php echo esc_html( $value['suffix'] ); ?> <?php echo $description; // WPCS: XSS ok. ?>
331	</td>
332	</tr>
333	<?php
334	break;
335
336	// Color picker.
337	case 'color':
338	$option_value = $value['value'];
339
340	?>
341	<tr valign="top">
342	<th scope="row" class="titledesc">
343	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
344	</th>
345	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">&lrm;
346	<span class="colorpickpreview" style="background: <?php echo esc_attr( $option_value ); ?>"> </span>
347	<input
348	name="<?php echo esc_attr( $value['field_name'] ); ?>"
349	id="<?php echo esc_attr( $value['id'] ); ?>"
350	type="text"
351	dir="ltr"
352	style="<?php echo esc_attr( $value['css'] ); ?>"
353	value="<?php echo esc_attr( $option_value ); ?>"
354	class="<?php echo esc_attr( $value['class'] ); ?>colorpick"
355	placeholder="<?php echo esc_attr( $value['placeholder'] ); ?>"
356	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
357	/>&lrm; <?php echo $description; // WPCS: XSS ok. ?>
358	<div id="colorPickerDiv_<?php echo esc_attr( $value['id'] ); ?>" class="colorpickdiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;display:none;"></div>
359	</td>
360	</tr>
361	<?php
362	break;
363
364	// Textarea.
365	case 'textarea':
366	$option_value = $value['value'];
367
368	?>
369	<tr valign="top">
370	<th scope="row" class="titledesc">
371	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
372	</th>
373	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">
374	<?php echo $description; // WPCS: XSS ok. ?>
375
376	<textarea
377	name="<?php echo esc_attr( $value['field_name'] ); ?>"
378	id="<?php echo esc_attr( $value['id'] ); ?>"
379	style="<?php echo esc_attr( $value['css'] ); ?>"
380	class="<?php echo esc_attr( $value['class'] ); ?>"
381	placeholder="<?php echo esc_attr( $value['placeholder'] ); ?>"
382	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
383	><?php echo esc_textarea( $option_value ); // WPCS: XSS ok. ?></textarea>
384	</td>
385	</tr>
386	<?php
387	break;
388
389	// Select boxes.
390	case 'select':
391	case 'multiselect':
392	$option_value = $value['value'];
393
394	?>
395	<tr valign="top">
396	<th scope="row" class="titledesc">
397	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
398	</th>
399	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">
400	<select
401	name="<?php echo esc_attr( $value['field_name'] ); ?><?php echo ( 'multiselect' === $value['type'] ) ? '[]' : ''; ?>"
402	id="<?php echo esc_attr( $value['id'] ); ?>"
403	style="<?php echo esc_attr( $value['css'] ); ?>"
404	class="<?php echo esc_attr( $value['class'] ); ?>"
405	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
406	<?php echo 'multiselect' === $value['type'] ? 'multiple="multiple"' : ''; ?>
407	>
408	<?php
409	foreach ( $value['options'] as $key => $val ) {
410	?>
411	<option value="<?php echo esc_attr( $key ); ?>"
412	<?php
413
414	if ( is_array( $option_value ) ) {
415	selected( in_array( (string) $key, $option_value, true ), true );
416	} else {
417	selected( $option_value, (string) $key );
418	}
419
420	?>
421	><?php echo esc_html( $val ); ?></option>
422	<?php
423	}
424	?>
425	</select> <?php echo $description; // WPCS: XSS ok. ?>
426	</td>
427	</tr>
428	<?php
429	break;
430
431	// Radio inputs.
432	case 'radio':
433	$option_value = $value['value'];
434	$disabled_values = ArrayUtil::get_value_or_default($value, 'disabled', array());
435
436	?>
437	<tr valign="top">
438	<th scope="row" class="titledesc">
439	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
440	</th>
441	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">
442	<fieldset>
443	<?php echo $description; // WPCS: XSS ok. ?>
444	<ul>
445	<?php
446	foreach ( $value['options'] as $key => $val ) {
447	?>
448	<li>
449	<label><input
450	name="<?php echo esc_attr( $value['field_name'] ); ?>"
451	value="<?php echo esc_attr( $key ); ?>"
452	type="radio"
453	<?php if( in_array( $key, $disabled_values ) ) { echo 'disabled'; } ?>
454	style="<?php echo esc_attr( $value['css'] ); ?>"
455	class="<?php echo esc_attr( $value['class'] ); ?>"
456	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
457	<?php checked( $key, $option_value ); ?>
458	/> <?php echo esc_html( $val ); ?></label>
459	</li>
460	<?php
461	}
462	?>
463	</ul>
464	</fieldset>
465	</td>
466	</tr>
467	<?php
468	break;
469
470	// Checkbox input.
471	case 'checkbox':
472	$option_value = $value['value'];
473	$visibility_class = array();
474
475	if ( ! isset( $value['hide_if_checked'] ) ) {
476	$value['hide_if_checked'] = false;
477	}
478	if ( ! isset( $value['show_if_checked'] ) ) {
479	$value['show_if_checked'] = false;
480	}
481	if ( 'yes' === $value['hide_if_checked'] \|\| 'yes' === $value['show_if_checked'] ) {
482	$visibility_class[] = 'hidden_option';
483	}
484	if ( 'option' === $value['hide_if_checked'] ) {
485	$visibility_class[] = 'hide_options_if_checked';
486	}
487	if ( 'option' === $value['show_if_checked'] ) {
488	$visibility_class[] = 'show_options_if_checked';
489	}
490
491	if ( ! isset( $value['checkboxgroup'] ) \|\| 'start' === $value['checkboxgroup'] ) {
492	$has_tooltip = isset( $value['tooltip'] ) && '' !== $value['tooltip'];
493	$tooltip_container_class = $has_tooltip ? 'with-tooltip' : '';
494	?>
495	<tr valign="top" class="<?php echo esc_attr( implode( ' ', $visibility_class ) ); ?>">
496	<th scope="row" class="titledesc"><?php echo esc_html( $value['title'] ); ?></th>
497	<td class="forminp forminp-checkbox <?php echo esc_html( $tooltip_container_class ); ?>">
498	<?php if ( $has_tooltip ) : ?>
499	<span class="help-tooltip"><?php echo wc_help_tip( esc_html( $value['tooltip'] ) ); ?></span>
500	<?php endif; ?>
501	<fieldset>
502	<?php
503	} else {
504	?>
505	<fieldset class="<?php echo esc_attr( implode( ' ', $visibility_class ) ); ?>">
506	<?php
507	}
508
509	if ( ! empty( $value['title'] ) ) {
510	?>
511	<legend class="screen-reader-text"><span><?php echo esc_html( $value['title'] ); ?></span></legend>
512	<?php
513	}
514
515	?>
516	<label for="<?php echo esc_attr( $value['id'] ); ?>">
517	<input
518	name="<?php echo esc_attr( $value['field_name'] ); ?>"
519	id="<?php echo esc_attr( $value['id'] ); ?>"
520	type="checkbox"
521	class="<?php echo esc_attr( isset( $value['class'] ) ? $value['class'] : '' ); ?>"
522	value="1"
523	<?php disabled( $value['disabled'] ?? false ); ?>
524	<?php checked( $option_value, 'yes' ); ?>
525	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
526	/> <?php echo $description; // WPCS: XSS ok. ?>
527	</label> <?php echo $tooltip_html; // WPCS: XSS ok. ?>
528	<?php
529
530	if ( ! isset( $value['checkboxgroup'] ) \|\| 'end' === $value['checkboxgroup'] ) {
531	?>
532	</fieldset>
533	</td>
534	</tr>
535	<?php
536	} else {
537	?>
538	</fieldset>
539	<?php
540	}
541	break;
542
543	// Image width settings. @todo deprecate and remove in 4.0. No longer needed by core.
544	case 'image_width':
545	$image_size = str_replace( '_image_size', '', $value['id'] );
546	$size = wc_get_image_size( $image_size );
547	$width = isset( $size['width'] ) ? $size['width'] : $value['default']['width'];
548	$height = isset( $size['height'] ) ? $size['height'] : $value['default']['height'];
549	$crop = isset( $size['crop'] ) ? $size['crop'] : $value['default']['crop'];
550	$disabled_attr = '';
551	$disabled_message = '';
552
553	if ( has_filter( 'woocommerce_get_image_size_' . $image_size ) ) {
554	$disabled_attr = 'disabled="disabled"';
555	$disabled_message = '<p><small>' . esc_html__( 'The settings of this image size have been disabled because its values are being overwritten by a filter.', 'woocommerce' ) . '</small></p>';
556	}
557
558	?>
559	<tr valign="top">
560	<th scope="row" class="titledesc">
561	<label><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html . $disabled_message; // WPCS: XSS ok. ?></label>
562	</th>
563	<td class="forminp image_width_settings">
564
565	<input name="<?php echo esc_attr( $value['field_name'] ); ?>[width]" <?php echo $disabled_attr; // WPCS: XSS ok. ?> id="<?php echo esc_attr( $value['id'] ); ?>-width" type="text" size="3" value="<?php echo esc_attr( $width ); ?>" /> × <input name="<?php echo esc_attr( $value['id'] ); ?>[height]" <?php echo $disabled_attr; // WPCS: XSS ok. ?> id="<?php echo esc_attr( $value['id'] ); ?>-height" type="text" size="3" value="<?php echo esc_attr( $height ); ?>" />px
566
567	<label><input name="<?php echo esc_attr( $value['field_name'] ); ?>[crop]" <?php echo $disabled_attr; // WPCS: XSS ok. ?> id="<?php echo esc_attr( $value['id'] ); ?>-crop" type="checkbox" value="1" <?php checked( 1, $crop ); ?> /> <?php esc_html_e( 'Hard crop?', 'woocommerce' ); ?></label>
568
569	</td>
570	</tr>
571	<?php
572	break;
573
574	// Single page selects.
575	case 'single_select_page':
576	$args = array(
577	'name' => $value['field_name'],
578	'id' => $value['id'],
579	'sort_column' => 'menu_order',
580	'sort_order' => 'ASC',
581	'show_option_none' => ' ',
582	'class' => $value['class'],
583	'echo' => false,
584	'selected' => absint( $value['value'] ),
585	'post_status' => 'publish,private,draft',
586	);
587
588	if ( isset( $value['args'] ) ) {
589	$args = wp_parse_args( $value['args'], $args );
590	}
591
592	?>
593	<tr valign="top" class="single_select_page">
594	<th scope="row" class="titledesc">
595	<label><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
596	</th>
597	<td class="forminp">
598	<?php echo str_replace( ' id=', " data-placeholder='" . esc_attr__( 'Select a page…', 'woocommerce' ) . "' style='" . $value['css'] . "' class='" . $value['class'] . "' id=", wp_dropdown_pages( $args ) ); // WPCS: XSS ok. ?> <?php echo $description; // WPCS: XSS ok. ?>
599	</td>
600	</tr>
601	<?php
602	break;
603
604	case 'single_select_page_with_search':
605	$option_value = $value['value'];
606	$page = get_post( $option_value );
607
608	if ( ! is_null( $page ) ) {
609	$page = get_post( $option_value );
610	$option_display_name = sprintf(
611	/* translators: 1: page name 2: page ID */
612	__( '%1$s (ID: %2$s)', 'woocommerce' ),
613	$page->post_title,
614	$option_value
615	);
616	}
617	?>
618	<tr valign="top" class="single_select_page">
619	<th scope="row" class="titledesc">
620	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></label>
621	</th>
622	<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ); ?>">
623	<select
624	name="<?php echo esc_attr( $value['field_name'] ); ?>"
625	id="<?php echo esc_attr( $value['id'] ); ?>"
626	style="<?php echo esc_attr( $value['css'] ); ?>"
627	class="<?php echo esc_attr( $value['class'] ); ?>"
628	<?php echo implode( ' ', $custom_attributes ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
629	data-placeholder="<?php esc_attr_e( 'Search for a page…', 'woocommerce' ); ?>"
630	data-allow_clear="true"
631	data-exclude="<?php echo wc_esc_json( wp_json_encode( $value['args']['exclude'] ) ); ?>"
632	>
633	<option value=""></option>
634	<?php if ( ! is_null( $page ) ) { ?>
635	<option value="<?php echo esc_attr( $option_value ); ?>" selected="selected">
636	<?php echo wp_strip_all_tags( $option_display_name ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
637	</option>
638	<?php } ?>
639	</select> <?php echo $description; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
640	</td>
641	</tr>
642	<?php
643	break;
644
645	// Single country selects.
646	case 'single_select_country':
647	$country_setting = (string) $value['value'];
648
649	if ( strstr( $country_setting, ':' ) ) {
650	$country_setting = explode( ':', $country_setting );
651	$country = current( $country_setting );
652	$state = end( $country_setting );
653	} else {
654	$country = $country_setting;
655	$state = '*';
656	}
657	?>
658	<tr valign="top">
659	<th scope="row" class="titledesc">
660	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
661	</th>
662	<td class="forminp"><select name="<?php echo esc_attr( $value['field_name'] ); ?>" style="<?php echo esc_attr( $value['css'] ); ?>" data-placeholder="<?php esc_attr_e( 'Choose a country / region…', 'woocommerce' ); ?>" aria-label="<?php esc_attr_e( 'Country / Region', 'woocommerce' ); ?>" class="wc-enhanced-select">
663	<?php WC()->countries->country_dropdown_options( $country, $state ); ?>
664	</select> <?php echo $description; // WPCS: XSS ok. ?>
665	</td>
666	</tr>
667	<?php
668	break;
669
670	// Country multiselects.
671	case 'multi_select_countries':
672	$selections = (array) $value['value'];
673
674	if ( ! empty( $value['options'] ) ) {
675	$countries = $value['options'];
676	} else {
677	$countries = WC()->countries->countries;
678	}
679
680	asort( $countries );
681	?>
682	<tr valign="top">
683	<th scope="row" class="titledesc">
684	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
685	</th>
686	<td class="forminp">
687	<select multiple="multiple" name="<?php echo esc_attr( $value['field_name'] ); ?>[]" style="width:350px" data-placeholder="<?php esc_attr_e( 'Choose countries / regions…', 'woocommerce' ); ?>" aria-label="<?php esc_attr_e( 'Country / Region', 'woocommerce' ); ?>" class="wc-enhanced-select">
688	<?php
689	if ( ! empty( $countries ) ) {
690	foreach ( $countries as $key => $val ) {
691	echo '<option value="' . esc_attr( $key ) . '"' . wc_selected( $key, $selections ) . '>' . esc_html( $val ) . '</option>'; // WPCS: XSS ok.
692	}
693	}
694	?>
695	</select> <?php echo ( $description ) ? $description : ''; // WPCS: XSS ok. ?> <br /><a class="select_all button" href="#"><?php esc_html_e( 'Select all', 'woocommerce' ); ?></a> <a class="select_none button" href="#"><?php esc_html_e( 'Select none', 'woocommerce' ); ?></a>
696	</td>
697	</tr>
698	<?php
699	break;
700
701	// Days/months/years selector.
702	case 'relative_date_selector':
703	$periods = array(
704	'days' => __( 'Day(s)', 'woocommerce' ),
705	'weeks' => __( 'Week(s)', 'woocommerce' ),
706	'months' => __( 'Month(s)', 'woocommerce' ),
707	'years' => __( 'Year(s)', 'woocommerce' ),
708	);
709	$option_value = wc_parse_relative_date_option( $value['value'] );
710	?>
711	<tr valign="top">
712	<th scope="row" class="titledesc">
713	<label for="<?php echo esc_attr( $value['id'] ); ?>"><?php echo esc_html( $value['title'] ); ?> <?php echo $tooltip_html; // WPCS: XSS ok. ?></label>
714	</th>
715	<td class="forminp">
716	<input
717	name="<?php echo esc_attr( $value['field_name'] ); ?>[number]"
718	id="<?php echo esc_attr( $value['id'] ); ?>"
719	type="number"
720	style="width: 80px;"
721	value="<?php echo esc_attr( $option_value['number'] ); ?>"
722	class="<?php echo esc_attr( $value['class'] ); ?>"
723	placeholder="<?php echo esc_attr( $value['placeholder'] ); ?>"
724	step="1"
725	min="1"
726	<?php echo implode( ' ', $custom_attributes ); // WPCS: XSS ok. ?>
727	/>
728	<select name="<?php echo esc_attr( $value['field_name'] ); ?>[unit]" style="width: auto;">
729	<?php
730	foreach ( $periods as $value => $label ) {
731	echo '<option value="' . esc_attr( $value ) . '"' . selected( $option_value['unit'], $value, false ) . '>' . esc_html( $label ) . '</option>';
732	}
733	?>
734	</select> <?php echo ( $description ) ? $description : ''; // WPCS: XSS ok. ?>
735	</td>
736	</tr>
737	<?php
738	break;
739
740	// Default: run an action.
741	default:
742	do_action( 'woocommerce_admin_field_' . $value['type'], $value );
743	break;
744	}
745	}
746	}
747
748	/**
749	* Helper function to get the formatted description and tip HTML for a
750	* given form field. Plugins can call this when implementing their own custom
751	* settings types.
752	*
753	* @param array $value The form field value array.
754	* @return array The description and tip as a 2 element array.
755	*/
756	public static function get_field_description( $value ) {
757	$description = '';
758	$tooltip_html = '';
759
760	if ( true === $value['desc_tip'] ) {
761	$tooltip_html = $value['desc'];
762	} elseif ( ! empty( $value['desc_tip'] ) ) {
763	$description = $value['desc'];
764	$tooltip_html = $value['desc_tip'];
765	} elseif ( ! empty( $value['desc'] ) ) {
766	$description = $value['desc'];
767	}
768
769	if ( $description && in_array( $value['type'], array( 'textarea', 'radio' ), true ) ) {
770	$description = '<p style="margin-top:0">' . wp_kses_post( $description ) . '</p>';
771	} elseif ( $description && in_array( $value['type'], array( 'checkbox' ), true ) ) {
772	$description = wp_kses_post( $description );
773	} elseif ( $description ) {
774	$description = '<p class="description">' . wp_kses_post( $description ) . '</p>';
775	}
776
777	if ( $tooltip_html && in_array( $value['type'], array( 'checkbox' ), true ) ) {
778	$tooltip_html = '<p class="description">' . $tooltip_html . '</p>';
779	} elseif ( $tooltip_html ) {
780	$tooltip_html = wc_help_tip( $tooltip_html );
781	}
782
783	return array(
784	'description' => $description,
785	'tooltip_html' => $tooltip_html,
786	);
787	}
788
789	/**
790	* Save admin fields.
791	*
792	* Loops through the woocommerce options array and outputs each field.
793	*
794	* @param array $options Options array to output.
795	* @param array $data Optional. Data to use for saving. Defaults to $_POST.
796	* @return bool
797	*/
798	public static function save_fields( $options, $data = null ) {
799	if ( is_null( $data ) ) {
800	$data = $_POST; // WPCS: input var okay, CSRF ok.
801	}
802	if ( empty( $data ) ) {
803	return false;
804	}
805
806	// Options to update will be stored here and saved later.
807	$update_options = array();
808	$autoload_options = array();
809
810	// Loop options and get values to save.
811	foreach ( $options as $option ) {
812	if ( ! isset( $option['id'] ) \|\| ! isset( $option['type'] ) \|\| ( isset( $option['is_option'] ) && false === $option['is_option'] ) ) {
813	continue;
814	}
815
816	$option_name = $option['field_name'] ?? $option['id'];
817
818	// Get posted value.
819	if ( strstr( $option_name, '[' ) ) {
820	parse_str( $option_name, $option_name_array );
821	$option_name = current( array_keys( $option_name_array ) );
822	$setting_name = key( $option_name_array[ $option_name ] );
823	$raw_value = isset( $data[ $option_name ][ $setting_name ] ) ? wp_unslash( $data[ $option_name ][ $setting_name ] ) : null;
824	} else {
825	$setting_name = '';
826	$raw_value = isset( $data[ $option_name ] ) ? wp_unslash( $data[ $option_name ] ) : null;
827	}
828
829	// Format the value based on option type.
830	switch ( $option['type'] ) {
831	case 'checkbox':
832	$value = '1' === $raw_value \|\| 'yes' === $raw_value ? 'yes' : 'no';
833	break;
834	case 'textarea':
835	$value = wp_kses_post( trim( $raw_value ) );
836	break;
837	case 'multiselect':
838	case 'multi_select_countries':
839	$value = array_filter( array_map( 'wc_clean', (array) $raw_value ) );
840	break;
841	case 'image_width':
842	$value = array();
843	if ( isset( $raw_value['width'] ) ) {
844	$value['width'] = wc_clean( $raw_value['width'] );
845	$value['height'] = wc_clean( $raw_value['height'] );
846	$value['crop'] = isset( $raw_value['crop'] ) ? 1 : 0;
847	} else {
848	$value['width'] = $option['default']['width'];
849	$value['height'] = $option['default']['height'];
850	$value['crop'] = $option['default']['crop'];
851	}
852	break;
853	case 'select':
854	$allowed_values = empty( $option['options'] ) ? array() : array_map( 'strval', array_keys( $option['options'] ) );
855	if ( empty( $option['default'] ) && empty( $allowed_values ) ) {
856	$value = null;
857	break;
858	}
859	$default = ( empty( $option['default'] ) ? $allowed_values[0] : $option['default'] );
860	$value = in_array( $raw_value, $allowed_values, true ) ? $raw_value : $default;
861	break;
862	case 'relative_date_selector':
863	$value = wc_parse_relative_date_option( $raw_value );
864	break;
865	default:
866	$value = wc_clean( $raw_value );
867	break;
868	}
869
870	/**
871	* Fire an action when a certain 'type' of field is being saved.
872	*
873	* @deprecated 2.4.0 - doesn't allow manipulation of values!
874	*/
875	if ( has_action( 'woocommerce_update_option_' . sanitize_title( $option['type'] ) ) ) {
876	wc_deprecated_function( 'The woocommerce_update_option_X action', '2.4.0', 'woocommerce_admin_settings_sanitize_option filter' );
877	do_action( 'woocommerce_update_option_' . sanitize_title( $option['type'] ), $option );
878	continue;
879	}
880
881	/**
882	* Sanitize the value of an option.
883	*
884	* @since 2.4.0
885	*/
886	$value = apply_filters( 'woocommerce_admin_settings_sanitize_option', $value, $option, $raw_value );
887
888	/**
889	* Sanitize the value of an option by option name.
890	*
891	* @since 2.4.0
892	*/
893	$value = apply_filters( "woocommerce_admin_settings_sanitize_option_$option_name", $value, $option, $raw_value );
894
895	if ( is_null( $value ) ) {
896	continue;
897	}
898
899	// Check if option is an array and handle that differently to single values.
900	if ( $option_name && $setting_name ) {
901	if ( ! isset( $update_options[ $option_name ] ) ) {
902	$update_options[ $option_name ] = get_option( $option_name, array() );
903	}
904	if ( ! is_array( $update_options[ $option_name ] ) ) {
905	$update_options[ $option_name ] = array();
906	}
907	$update_options[ $option_name ][ $setting_name ] = $value;
908	} else {
909	$update_options[ $option_name ] = $value;
910	}
911
912	$autoload_options[ $option_name ] = isset( $option['autoload'] ) ? (bool) $option['autoload'] : true;
913
914	/**
915	* Fire an action before saved.
916	*
917	* @deprecated 2.4.0 - doesn't allow manipulation of values!
918	*/
919	do_action( 'woocommerce_update_option', $option );
920	}
921
922	// Save all options in our array.
923	foreach ( $update_options as $name => $value ) {
924	update_option( $name, $value, $autoload_options[ $name ] ? 'yes' : 'no' );
925	}
926
927	return true;
928	}
929
930	/**
931	* Checks which method we're using to serve downloads.
932	*
933	* If using force or x-sendfile, this ensures the .htaccess is in place.
934	*/
935	public static function check_download_folder_protection() {
936	$upload_dir = wp_get_upload_dir();
937	$downloads_path = $upload_dir['basedir'] . '/woocommerce_uploads';
938	$download_method = get_option( 'woocommerce_file_download_method' );
939	$file_path = $downloads_path . '/.htaccess';
940	$file_content = 'redirect' === $download_method ? 'Options -Indexes' : 'deny from all';
941	$create = false;
942
943	if ( wp_mkdir_p( $downloads_path ) && ! file_exists( $file_path ) ) {
944	$create = true;
945	} else {
946	$current_content = @file_get_contents( $file_path ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged, WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents
947
948	if ( $current_content !== $file_content ) {
949	unlink( $file_path );
950	$create = true;
951	}
952	}
953
954	if ( $create ) {
955	$file_handle = @fopen( $file_path, 'wb' ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged, WordPress.WP.AlternativeFunctions.file_system_read_fopen
956	if ( $file_handle ) {
957	fwrite( $file_handle, $file_content ); // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fwrite
958	fclose( $file_handle ); // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_read_fclose
959	}
960	}
961	}
962	}
963
964	endif;
965