More importantly, you should not let *untrusted, unsanitized $_POST data* into WordPress.
But I think the issue is that you’re updating the option with the entire $_POST data, instead of the appropriate array key:
update_option('eirepanel_inline_ads_options', $_POST);
Should probably be something like:
update_option('eirepanel_inline_ads_options', $_POST['eirepanel_inline_ads_options_name']);
Are your Plugin options discrete (one DB entry per option), or an options array?
EDIT
Since you’re using an options array, the correct approach would be:
- Define an array to hold the
$_POSTdata ($input = array()) - Define an array to get the current settings from the DB (
$valid_input = array()) - Sanitize the
$_POSTdata - Update the
$valid_dataarray with the sanitized$inputarray - Pass the updated
$valid_databack to the DB
e.g.
$input = ( isset( $_POST ) ? $_POST : false );
$valid_input = get_option( 'eirepanel_inline_ads_options' );
foreach ( $input as $key ) {
// sanitize data here
}
$valid_input = array_merge( $valid_input, $input );
update_option( 'eirepanel_inline_ads_options', $valid_input );
Just quick and dirty, but should give you an idea.
Also: using the Settings API would be especially helpful here.