Administration: Display serialized option values read-only instead of a placeholder

[anatolinicolae]

Fixes https://core.trac.wordpress.org/ticket/64581

Summary

Replaces the hard-coded SERIALIZED DATA placeholder in wp-admin/options.php and wp-admin/network/site-settings.php with the raw serialized value rendered read-only inside a native <details>/<summary> element. The value remains non-editable and is excluded from form submission, so it cannot be accidentally corrupted on save.

This is an alternative implementation to #10853 based on the feedback left there:

• No JavaScript. Uses the native <details> disclosure widget instead of a custom JS toggle.
• Raw serialized value, not print_r(). Preserves the exact stored value so it can be safely copied / inspected without lossy reformatting.
• readonly textarea + name attribute omitted so the value cannot round-trip back into the database via the form.
• Translatable string __( 'Serialized data' ) replaces the hard-coded English placeholder.

The same pattern is applied to the network site settings screen, which had the identical placeholder issue.

Incidental cleanup in the touched code

• options.php: hoists $value = $option->option_value out of per-branch assignments, collapses the disabled-class logic into a ternary, merges the home/siteurl WP_HOME/WP_SITEURL checks.
• site-settings.php: hoists the \$ltr_fields list out of the per-row loop, consolidates four duplicated <tr> blocks into a single row with inline branches, and removes a double-escape on serialized-string values — esc_html() was applied at assignment and then again at output through esc_textarea/esc_attr, corrupting any unserialized string containing <, >, or &.

Test plan

• On Single Site, visit /wp-admin/options.php. Any option whose value is a serialized array/object now renders as a ▸ Serialized data toggle; expanding it shows the raw a:N:{…} payload in a disabled textarea.
• Submit the form and confirm the serialized option's value is unchanged in the DB (it must not be present in $_POST).
• Serialized-string options (e.g. some legacy single-string serialized values) still render as their unserialized text in a normal input/textarea, and special characters (<, >, &) display correctly without double-escaping.
• On Multisite, edit a site via Network → Sites → Settings and verify the same behaviour for serialized values there.
• Visual regression on home/siteurl rows when WP_HOME/WP_SITEURL constants are defined — they remain disabled inputs.

[github-actions]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

Core Committers: Use this line as a base for the props when committing in SVN:

Props anatolinicolae.

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

[github-actions]

Hi @anatolinicolae! 👋

Thank you for your contribution to WordPress! 💖

It looks like this is your first pull request to wordpress-develop. Here are a few things to be aware of that may help you out!

No one monitors this repository for new pull requests. Pull requests must be attached to a Trac ticket to be considered for inclusion in WordPress Core. To attach a pull request to a Trac ticket, please include the ticket's full URL in your pull request description.

Pull requests are never merged on GitHub. The WordPress codebase continues to be managed through the SVN repository that this GitHub repository mirrors. Please feel free to open pull requests to work on any contribution you are making.

More information about how GitHub pull requests can be used to contribute to WordPress can be found in the Core Handbook.

Please include automated tests. Including tests in your pull request is one way to help your patch be considered faster. To learn about WordPress' test suites, visit the Automated Testing page in the handbook.

If you have not had a chance, please review the Contribute with Code page in the WordPress Core Handbook.

The Developer Hub also documents the various coding standards that are followed:

• PHP Coding Standards
• CSS Coding Standards
• HTML Coding Standards
• JavaScript Coding Standards
• Accessibility Coding Standards
• Inline Documentation Standards

Thank you,
The WordPress Project

[github-actions]

Test using WordPress Playground

The changes in this pull request can previewed and tested using a WordPress Playground instance.

WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser.

Some things to be aware of

• All changes will be lost when closing a tab with a Playground instance.
• All changes will be lost when refreshing the page.
• A fresh instance is created each time the link below is clicked.
• Every time this pull request is updated, a new ZIP file containing all changes is created. If changes are not reflected in the Playground instance,
  it's possible that the most recent build failed, or has not completed. Check the list of workflow runs to be sure.

For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation.

Test this pull request with WordPress Playground.