PHPackages boospot/boo-settings-helper - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Utility & Helpers](/categories/utility) 4. / 5. boospot/boo-settings-helper ActiveLibrary[Utility & Helpers](/categories/utility) boospot/boo-settings-helper =========================== Helper class that lets you create options settings page securely and swiftly without dealing with WordPress Settings API. v5.4.1(6mo ago)19690↓22.2%7[1 issues](https://github.com/boospot/boo-settings-helper/issues)GPL-2.0PHP Since Jan 11Pushed 6mo ago1 watchersCompare [ Source](https://github.com/boospot/boo-settings-helper)[ Packagist](https://packagist.org/packages/boospot/boo-settings-helper)[ Docs](https://github.com/boospot/boo-settings-helper)[ RSS](/packages/boospot-boo-settings-helper/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (5)Used By (0) ### What is it? [](#what-is-it) This helper class lets you create the settings page for your plugin using the Wordpress Settings API without having to deal with the API directly. No deeper dependencies, No framework, just a light weight helper class! require the class, hook into `admin_menu` and pass the config array to class object to build your plugin settings page. ### Why should i use it? [](#why-should-i-use-it) If you want to create plugin settings menu that is following WordPress best practices without having to deal with complex WorPress Settings API, then this helper class can be used. The Benefits: - Take away the pain of dealing with Settings API - One config array to create everything: admin menu, settings page, sections, fields. - Fields input is auto sanitized - Can be used to make Tabs or Tab-less Settings page - Can be used to add plugin action links - Ability to override sanitization callback - Ability to override fields display callback ### Requirements [](#requirements) - PHP 7.4 or higher - WordPress 5.8 or higher ### Installation [](#installation) #### Via Composer (Recommended) [](#via-composer-recommended) **Basic Installation:** ``` composer require boospot/boo-settings-helper ``` **For WordPress Plugins (composer.json example):** ``` { "require": { "php": ">=7.4", "boospot/boo-settings-helper": "^5.4" }, "autoload": { "files": [ "vendor/boospot/boo-settings-helper/class-boo-settings-helper.php" ] } } ``` **Version Constraints:** - `"^5.4"` - Latest compatible version (recommended for security fixes) - `"5.4.*"` - Specific 5.4.x versions only - `"~5.4.1"` - 5.4.1 and patch versions only (latest bug fixes) Or visit the [Packagist page](https://packagist.org/packages/boospot/boo-settings-helper) for more installation options and version information. #### Manual Installation [](#manual-installation) 1. Download the `class-boo-settings-helper.php` file 2. Copy the class file to your plugin's assets or includes folder 3. Require the class in your plugin files: `require_once 'path/to/class-boo-settings-helper.php';` ### How to use? [](#how-to-use) Complete Details can be found in the [Wiki](https://github.com/boospot/boo-settings-helper/wiki), in the nutshell, follow the steps above for installation, then: Its that easy. Here is a [simple example](https://github.com/boospot/boo-settings-helper/wiki/Simple-Example) code that will create a plugin menu, 2 sections and some fields under these sections. ### Example [](#example) Here are two example plugins to demonstrate this class if you can figure out thing at your own: 1. [Functional / Procedural plugin example](https://github.com/boospot/demo-simple-plugin-to-demonstrate-settings-helper-class) 2. Object Oriented Plugin Example ### What this helper class can create? [](#what-this-helper-class-can-create) This helper class can create the following: - Plugin admin menu (top level / sub menu) - Settings Sections (tabbed and tab-less) - Settings fields under these sections ### Available Field Types [](#available-field-types) Following Field Types can be added using this Helper Class: - text - url - number - color - textarea - radio - select - checkbox - multicheck - media - file - posts (WP posts and Custom Post Types) - pages (WP pages) - password - html [![demo plugin settings page](https://camo.githubusercontent.com/3ab710d302d8f38785bf444f0db02057bba1fec9f196ff46213022c9cd75f08c/687474703a2f2f672e7265636f726469742e636f2f37615253646d707247662e676966)](https://camo.githubusercontent.com/3ab710d302d8f38785bf444f0db02057bba1fec9f196ff46213022c9cd75f08c/687474703a2f2f672e7265636f726469742e636f2f37615253646d707247662e676966) Security & Updates ---------------------- [](#security--updates) ### Version 5.4.1 - Bug Fix Release (November 2025) [](#version-541---bug-fix-release-november-2025) This patch release fixes critical PHP 8+ compatibility issues while maintaining 100% backward compatibility. #### Bug Fixes: [](#bug-fixes) - **PHP 8+ Compatibility**: Fixed "Undefined array key 'id'" warnings in field processing - **Defensive Programming**: Added `isset()` checks before accessing `$field['id']` in all methods - **Error Prevention**: Graceful handling of incomplete field definitions passed by plugins - **Production Ready**: Eliminates PHP warnings in production environments #### Technical Changes: [](#technical-changes) - Fixed `get_default_field_args()` method to handle missing 'id' keys (lines 476, 487, 491, 492) - Fixed `get_settings_fields_ids()` method to validate field structure (line 1343) - Added fallback to empty string for missing field IDs - Maintained all existing functionality and API compatibility ### Version 5.4 - Security Fixes (January 2025) [](#version-54---security-fixes-january-2025) This version addresses multiple security vulnerabilities while maintaining 100% backward compatibility. #### Security Improvements: [](#security-improvements) - **XSS Prevention**: Fixed output escaping in all callback methods (text, textarea, select, checkbox, radio, number, color) - **Password Security**: Eliminated hash leakage - password fields no longer display stored values - **REST API Security**: Changed default `show_in_rest` from `true` to `false` to reduce attack surface - **HTML Security**: Added proper escaping for navigation tabs, action links, and field descriptions - **Log Security**: Moved log files from plugin directory to secure WordPress uploads directory #### Infrastructure Improvements: [](#infrastructure-improvements) - **PHP 8.2 Compatibility**: Added proper property declarations with default values - **Bug Fixes**: Added missing echo in callback\_media() method, improved array handling - **Enhanced Security**: All user-facing output now properly escaped using WordPress functions #### Backward Compatibility: [](#backward-compatibility) - Zero breaking changes to public API or method signatures - 100% compatible with existing plugins using this helper - Safe upgrade path - existing implementations continue to work without modification - No changes to text domains or translation compatibility Changelog --------- [](#changelog) ### v5.4.1 (November 2025) [](#v541-november-2025) - BUGFIX: Fixed "Undefined array key 'id'" warnings in PHP 8+ - BUGFIX: Added defensive `isset()` checks in `get_default_field_args()` - BUGFIX: Added defensive `isset()` checks in `get_settings_fields_ids()` - IMPROVEMENT: Graceful handling of incomplete field definitions - IMPROVEMENT: Enhanced error prevention for production environments - COMPATIBILITY: 100% backward compatible with existing plugins ### v5.4 (January 2025) [](#v54-january-2025) - SECURITY: Fixed multiple XSS vulnerabilities in form callbacks - SECURITY: Eliminated password hash leakage in HTML output - SECURITY: Changed REST API exposure default to false - SECURITY: Moved log files to secure location - IMPROVEMENT: Added PHP 8.2 compatibility - BUGFIX: Added missing echo in callback\_media() description - IMPROVEMENT: Enhanced array handling with array\_replace\_recursive() ### v5.3 (Previous stable) [](#v53-previous-stable) - Base version with existing functionality ### Health Score 45 — FairBetter than 93% of packages Maintenance66 Regular maintenance activity Popularity30 Limited adoption so far Community12 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 68.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~708 days Total 4 Last Release 195d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/761506c68407153cecbf543b614dd8ea53f07203e346f075c2029d18ca977219?d=identicon)[boospot](/maintainers/boospot) --- Top Contributors [![numanzahid](https://avatars.githubusercontent.com/u/6734385?v=4)](https://github.com/numanzahid "numanzahid (11 commits)")[![booskills](https://avatars.githubusercontent.com/u/46623905?v=4)](https://github.com/booskills "booskills (5 commits)") --- Tags wordpresswordpress pluginwp-adminplugin settingssettings pageplugin options ### Embed Badge ![Health badge](/badges/boospot-boo-settings-helper/health.svg) ``` [![Health](https://phpackages.com/badges/boospot-boo-settings-helper/health.svg)](https://phpackages.com/packages/boospot-boo-settings-helper) ``` ### Alternatives [log1x/navi A developer-friendly alternative to the WordPress NavWalker. 367633.2k7](/packages/log1x-navi)[wpmetabox/meta-box The most powerful & comprehensive plugin to create, manage, show and connect dynamic data with forms and custom fields effortlessly on WordPress. 1.2k20.5k3](/packages/wpmetabox-meta-box)[freemius/wordpress-sdk Freemius WordPress SDK 303101.4k4](/packages/freemius-wordpress-sdk)[log1x/acf-editor-palette A replica Gutenberg color picker field for Advanced Custom Fields. 100284.1k](/packages/log1x-acf-editor-palette)[hellonico/acf-country A country field for ACF. 12193.2k](/packages/hellonico-acf-country)[alleyinteractive/wp-asset-manager Asset Manager is a toolkit for managing front-end assets and more tightly controlling where, when, and how they're loaded. 32343.0k2](/packages/alleyinteractive-wp-asset-manager) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)