More importantly, you should not let *untrusted, unsanitized $_POST data* into WordPress.
But I think the issue is that you’re updating the option with the entire $_POST data, instead of the appropriate array key:
update_option('eirepanel_inline_ads_options', $_POST);
Should probably be something like:
update_option('eirepanel_inline_ads_options', $_POST['eirepanel_inline_ads_options_name']);
Are your Plugin options discrete (one DB entry per option), or an options array?
EDIT
Since you’re using an options array, the correct approach would be:
- Define an array to hold the
$_POST
data ($input = array()
) - Define an array to get the current settings from the DB (
$valid_input = array()
) - Sanitize the
$_POST
data - Update the
$valid_data
array with the sanitized$input
array - Pass the updated
$valid_data
back to the DB
e.g.
$input = ( isset( $_POST ) ? $_POST : false );
$valid_input = get_option( 'eirepanel_inline_ads_options' );
foreach ( $input as $key ) {
// sanitize data here
}
$valid_input = array_merge( $valid_input, $input );
update_option( 'eirepanel_inline_ads_options', $valid_input );
Just quick and dirty, but should give you an idea.
Also: using the Settings API would be especially helpful here.