Thanks for this, Demetris!<div><br></div><div>We've not (yet) addressed much at all the issue of best-practice for handling Theme Options. I know we'll get there as we continue to move forward (and as several of us - most of all, me - traverse the learning curve regarding Theme Options, security, and best practices.</div>
<div><br></div><div>This information will certainly be an invaluable part of that learning curve, and we welcome anything else you might be able to contribute along these lines.</div><div><br></div><div>Chip<br><br><div class="gmail_quote">
On Wed, Nov 17, 2010 at 1:46 PM, Demetris Kikizas <span dir="ltr"><<a href="mailto:kikizas@gmail.com">kikizas@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hello, dearly beloved theme reviewers!<br>
<br>
As more and more themes come now with options/settings, I see quite a<br>
few of them using the edit_themes capability for controlling access to<br>
their options screens, which is wrong:<br>
<br>
edit_themes controls access to the code editor; it has nothing to do<br>
with theme options.<br>
<br>
Access to theme options is controlled with edit_theme_options, which<br>
was introduced in WordPress 3.0. For earlier versions, one can use<br>
switch_themes or manage_options. (I’m not certain which one is best;<br>
someone who knows WP better could help us here.)<br>
<br>
So, if it is not difficult to check for that, I think it would be good<br>
to offer a recommendation for the appropriate capability. It would<br>
benefit both theme users and theme creators.<br>
<br>
Cheers,<br>
<br>
Demetris<br>
<a href="http://op111.net/" target="_blank">http://op111.net/</a><br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</blockquote></div><br></div>