If I set up a theme options page in the way suggested by the codex (http://codex.wordpress.org/Creating_Options_Pages)
then my form submits to ‘option.php’.
settings_fields creates a nonce, which if I was creating my own submission page would be checked with check_admin_referer.
My question then…. if I use options.php as my ‘form processor’ does this mean I cannot use check_admin_referer?
Thanks,
Nick
You do not need to use
check_admin_referer. If you are using the Settings API then WordPress handles nonce checking and saving data to the database.In terms of data validation, the only thing you need to provide is a validation callback. This callback receives all inputs with name specified in the second argument of
register_setting(I often use this name to store an array of all my plugin option – so I only register one setting). The callback is specified in the third argument ofregister_settingand is responsible for returning the validated setting(s).