I built my theme settings page based on this (probably a bit too old) tutorial, and it's been working fine when I developed my site as a admin user, but when the site went public and more users came along I got the "Cheating uh?" error when updating the theme settings for non-admin users (ie. editors).
I've done some googling and found out that the problem is probably that my form points to "options.php", which is causing the problem for non-admin users. But is there any way I can fix my theme options page without rewriting it completely? I've figured that I should probably use the "Theme Customization API" the next time.
Here's my current theme-options.php:
<?php
add_action( 'admin_init', 'theme_options_init' );
add_action( 'admin_menu', 'theme_options_add_page' );
/**
* Init plugin options to white list our options
*/
function theme_options_init(){
register_setting( 'er_options', 'my_theme_options', 'theme_options_validate' );
}
/**
* Load up the menu page
*/
function theme_options_add_page() {
add_theme_page( __( 'Innstillinger', 'my_theme' ), __( 'Innstillinger', 'my_theme' ), 'edit_theme_options', 'theme_options', 'theme_options_do_page' );
}
/**
* Create the options page
*/
function theme_options_do_page() {
global $select_options, $radio_options;
if ( ! isset( $_REQUEST['settings-updated'] ) )
$_REQUEST['settings-updated'] = false;
?>
<div class="wrap">
<?php screen_icon(); echo "<h2>" . __( ' Innstillinger', 'my_theme' ) . "</h2>"; ?>
<?php if ( false !== $_REQUEST['settings-updated'] ) : ?>
<div class="updated fade"><p><strong><?php _e( 'Options saved', 'my_theme' ); ?></strong></p></div>
<?php endif; ?>
<form method="post" action="options.php">
<?php settings_fields( 'er_options' ); ?>
<?php $options = get_option( 'my_theme_options' ); ?>
<!-- lots of inputs and textareas here. For example: -->
<input id="my_theme_options[<?php echo $textval; ?>]" class="regular-text" type="text" name="my_theme_options[<?php echo $textval; ?>]" value="<?php esc_attr_e( $options[$textval] ) ; ?>" />
<p class="submit">
<input type="submit" class="button-primary" value="<?php _e( 'Save Options', 'my_theme' ); ?>" />
</p>
</form>
</div>
<?php
}
/**
* Sanitize and validate input. Accepts an array, return a sanitized array.
*/
function theme_options_validate( $input ) {
global $select_options, $radio_options;
// Validation
return $input;
}
// adapted from http://planetozh.com/blog/2009/05/handling-plugins-options-in-wordpress-28-with-register_setting/