+/**
+ * File validates against allowed set of defined rules.
+ *
+ * A return value of '1' means that the $file contains either '..' or './'. A
+ * return value of '2' means that the $file contains ':' after the first
+ * character. A return value of '3' means that the file is not in the allowed
+ * files list.
+ *
+ * @since 1.2.0
+ *
+ * @param string $file File path.
+ * @param array $allowed_files List of allowed files.
+ * @return int 0 means nothing is wrong, greater than 0 means something was wrong.
+ */
+function validate_file( $file, $allowed_files = '' ) {
+ if ( false !== strpos( $file, '..' ))
+ return 1;
+
+ if ( false !== strpos( $file, './' ))
+ return 1;
+
+ if (!empty ( $allowed_files ) && (!in_array( $file, $allowed_files ) ) )
+ return 3;
+
+ if (':' == substr( $file, 1, 1 ))
+ return 2;
+
+ return 0;
+}
+
+/**
+ * Determine if SSL is used.
+ *
+ * @since 2.6.0
+ *
+ * @return bool True if SSL, false if not used.
+ */
+function is_ssl() {
+ if ( isset($_SERVER['HTTPS']) ) {
+ if ( 'on' == strtolower($_SERVER['HTTPS']) )
+ return true;
+ if ( '1' == $_SERVER['HTTPS'] )
+ return true;
+ } elseif ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
+ return true;
+ }
+ return false;
+}
+
+/**
+ * Whether SSL login should be forced.
+ *
+ * @since 2.6.0
+ *
+ * @param string|bool $force Optional.
+ * @return bool True if forced, false if not forced.
+ */
+function force_ssl_login( $force = null ) {
+ static $forced = false;
+
+ if ( !is_null( $force ) ) {
+ $old_forced = $forced;
+ $forced = $force;
+ return $old_forced;
+ }
+
+ return $forced;
+}
+
+/**
+ * Whether to force SSL used for the Administration Panels.
+ *
+ * @since 2.6.0
+ *
+ * @param string|bool $force
+ * @return bool True if forced, false if not forced.
+ */
+function force_ssl_admin( $force = null ) {
+ static $forced = false;
+
+ if ( !is_null( $force ) ) {
+ $old_forced = $forced;
+ $forced = $force;
+ return $old_forced;
+ }
+
+ return $forced;
+}
+
+/**
+ * Guess the URL for the site.
+ *
+ * Will remove wp-admin links to retrieve only return URLs not in the wp-admin
+ * directory.
+ *
+ * @since 2.6.0
+ *
+ * @return string
+ */
+function wp_guess_url() {
+ if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
+ $url = WP_SITEURL;
+ } else {
+ $schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
+ $url = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
+ }
+ return $url;
+}
+
+/**
+ * Suspend cache invalidation.
+ *
+ * Turns cache invalidation on and off. Useful during imports where you don't wont to do invalidations
+ * every time a post is inserted. Callers must be sure that what they are doing won't lead to an inconsistent
+ * cache when invalidation is suspended.
+ *
+ * @since 2.7.0
+ *
+ * @param bool $suspend Whether to suspend or enable cache invalidation
+ * @return bool The current suspend setting
+ */
+function wp_suspend_cache_invalidation($suspend = true) {
+ global $_wp_suspend_cache_invalidation;
+
+ $current_suspend = $_wp_suspend_cache_invalidation;
+ $_wp_suspend_cache_invalidation = $suspend;
+ return $current_suspend;
+}
+
+function get_site_option( $key, $default = false, $use_cache = true ) {
+ // Allow plugins to short-circuit site options.
+ $pre = apply_filters( 'pre_site_option_' . $key, false );
+ if ( false !== $pre )
+ return $pre;
+
+ $value = get_option($key, $default);
+
+ return apply_filters( 'site_option_' . $key, $value );
+}
+
+// expects $key, $value not to be SQL escaped
+function add_site_option( $key, $value ) {
+ $value = apply_filters( 'pre_add_site_option_' . $key, $value );
+ $result = add_option($key, $value);
+ do_action( "add_site_option_{$key}", $key, $value );
+ return $result;
+}
+
+function delete_site_option( $key ) {
+ $result = delete_option($key);
+ do_action( "delete_site_option_{$key}", $key );
+ return $result;
+}
+
+// expects $key, $value not to be SQL escaped
+function update_site_option( $key, $value ) {
+ $oldvalue = get_site_option( $key );
+ $value = apply_filters( 'pre_update_site_option_' . $key, $value, $oldvalue );
+ $result = update_option($key, $value);
+ do_action( "update_site_option_{$key}", $key, $value );
+ return $result;
+}
+
+/**
+ * Delete a site transient
+ *
+ * @since 2.890
+ * @package WordPress
+ * @subpackage Transient
+ *
+ * @param string $transient Transient name. Expected to not be SQL-escaped
+ * @return bool true if successful, false otherwise
+ */
+function delete_site_transient($transient) {
+ global $_wp_using_ext_object_cache, $wpdb;
+
+ if ( $_wp_using_ext_object_cache ) {
+ return wp_cache_delete($transient, 'site-transient');
+ } else {
+ $transient = '_site_transient_' . esc_sql($transient);
+ return delete_site_option($transient);
+ }
+}
+
+/**
+ * Get the value of a site transient
+ *
+ * If the transient does not exist or does not have a value, then the return value
+ * will be false.
+ *
+ * @since 2.9.0
+ * @package WordPress
+ * @subpackage Transient
+ *
+ * @param string $transient Transient name. Expected to not be SQL-escaped
+ * @return mixed Value of transient
+ */
+function get_site_transient($transient) {
+ global $_wp_using_ext_object_cache, $wpdb;
+
+ $pre = apply_filters( 'pre_site_transient_' . $transient, false );
+ if ( false !== $pre )
+ return $pre;
+
+ if ( $_wp_using_ext_object_cache ) {
+ $value = wp_cache_get($transient, 'site-transient');
+ } else {
+ $transient_option = '_site_transient_' . esc_sql($transient);
+ $transient_timeout = '_site_transient_timeout_' . esc_sql($transient);
+ if ( get_site_option($transient_timeout) < time() ) {
+ delete_site_option($transient_option);
+ delete_site_option($transient_timeout);
+ return false;
+ }
+
+ $value = get_site_option($transient_option);
+ }
+
+ return apply_filters('site_transient_' . $transient, $value);
+}
+
+/**
+ * Set/update the value of a site transient
+ *
+ * You do not need to serialize values, if the value needs to be serialize, then
+ * it will be serialized before it is set.
+ *
+ * @since 2.9.0
+ * @package WordPress
+ * @subpackage Transient
+ *
+ * @param string $transient Transient name. Expected to not be SQL-escaped
+ * @param mixed $value Transient value.
+ * @param int $expiration Time until expiration in seconds, default 0
+ * @return bool False if value was not set and true if value was set.
+ */
+function set_site_transient($transient, $value, $expiration = 0) {
+ global $_wp_using_ext_object_cache, $wpdb;
+
+ if ( $_wp_using_ext_object_cache ) {
+ return wp_cache_set($transient, $value, 'site-transient', $expiration);
+ } else {
+ $transient_timeout = '_site_transient_timeout_' . $transient;
+ $transient = '_site_transient_' . $transient;
+ $safe_transient = esc_sql($transient);
+ if ( false === get_site_option( $safe_transient ) ) {
+ if ( 0 != $expiration )
+ add_site_option($transient_timeout, time() + $expiration);
+ return add_site_option($transient, $value);
+ } else {
+ if ( 0 != $expiration )
+ update_site_option($transient_timeout, time() + $expiration);
+ return update_site_option($transient, $value);
+ }
+ }
+}
+
+/**
+ * gmt_offset modification for smart timezone handling
+ *
+ * Overrides the gmt_offset option if we have a timezone_string available
+ */
+function wp_timezone_override_offset() {
+ if ( !wp_timezone_supported() ) {
+ return false;
+ }
+ if ( !$timezone_string = get_option( 'timezone_string' ) ) {
+ return false;
+ }
+
+ @date_default_timezone_set( $timezone_string );
+ $timezone_object = timezone_open( $timezone_string );
+ $datetime_object = date_create();
+ if ( false === $timezone_object || false === $datetime_object ) {
+ return false;
+ }
+ return round( timezone_offset_get( $timezone_object, $datetime_object ) / 3600, 2 );
+}
+
+/**
+ * Check for PHP timezone support
+ */
+function wp_timezone_supported() {
+ $support = false;
+ if (
+ function_exists( 'date_default_timezone_set' ) &&
+ function_exists( 'timezone_identifiers_list' ) &&
+ function_exists( 'timezone_open' ) &&
+ function_exists( 'timezone_offset_get' )
+ ) {
+ $support = true;
+ }
+ return apply_filters( 'timezone_support', $support );
+}
+
+function _wp_timezone_choice_usort_callback( $a, $b ) {
+ // Don't use translated versions of Etc
+ if ( 'Etc' === $a['continent'] && 'Etc' === $b['continent'] ) {
+ // Make the order of these more like the old dropdown
+ if ( 'GMT+' === substr( $a['city'], 0, 4 ) && 'GMT+' === substr( $b['city'], 0, 4 ) ) {
+ return -1 * ( strnatcasecmp( $a['city'], $b['city'] ) );
+ }
+ if ( 'UTC' === $a['city'] ) {
+ if ( 'GMT+' === substr( $b['city'], 0, 4 ) ) {
+ return 1;
+ }
+ return -1;
+ }
+ if ( 'UTC' === $b['city'] ) {
+ if ( 'GMT+' === substr( $a['city'], 0, 4 ) ) {
+ return -1;
+ }
+ return 1;
+ }
+ return strnatcasecmp( $a['city'], $b['city'] );
+ }
+ if ( $a['t_continent'] == $b['t_continent'] ) {
+ if ( $a['t_city'] == $b['t_city'] ) {
+ return strnatcasecmp( $a['t_subcity'], $b['t_subcity'] );
+ }
+ return strnatcasecmp( $a['t_city'], $b['t_city'] );
+ } else {
+ // Force Etc to the bottom of the list
+ if ( 'Etc' === $a['continent'] ) {
+ return 1;
+ }
+ if ( 'Etc' === $b['continent'] ) {
+ return -1;
+ }
+ return strnatcasecmp( $a['t_continent'], $b['t_continent'] );
+ }
+}
+
+/**
+ * Gives a nicely formatted list of timezone strings // temporary! Not in final
+ *
+ * @param $selected_zone string Selected Zone
+ *
+ */
+function wp_timezone_choice( $selected_zone ) {
+ static $mo_loaded = false;
+
+ $continents = array( 'Africa', 'America', 'Antarctica', 'Arctic', 'Asia', 'Atlantic', 'Australia', 'Europe', 'Indian', 'Pacific');
+
+ // Load translations for continents and cities
+ if ( !$mo_loaded ) {
+ $locale = get_locale();
+ $mofile = WP_LANG_DIR . '/continents-cities-' . $locale . '.mo';
+ load_textdomain( 'continents-cities', $mofile );
+ $mo_loaded = true;
+ }
+
+ $zonen = array();
+ foreach ( timezone_identifiers_list() as $zone ) {
+ $zone = explode( '/', $zone );
+ if ( !in_array( $zone[0], $continents ) ) {
+ continue;
+ }
+
+ // This determines what gets set and translated - we don't translate Etc/* strings here, they are done later
+ $exists = array(
+ 0 => ( isset( $zone[0] ) && $zone[0] ) ? true : false,
+ 1 => ( isset( $zone[1] ) && $zone[1] ) ? true : false,
+ 2 => ( isset( $zone[2] ) && $zone[2] ) ? true : false
+ );
+ $exists[3] = ( $exists[0] && 'Etc' !== $zone[0] ) ? true : false;
+ $exists[4] = ( $exists[1] && $exists[3] ) ? true : false;
+ $exists[5] = ( $exists[2] && $exists[3] ) ? true : false;
+
+ $zonen[] = array(
+ 'continent' => ( $exists[0] ? $zone[0] : '' ),
+ 'city' => ( $exists[1] ? $zone[1] : '' ),
+ 'subcity' => ( $exists[2] ? $zone[2] : '' ),
+ 't_continent' => ( $exists[3] ? translate( str_replace( '_', ' ', $zone[0] ), 'continents-cities' ) : '' ),
+ 't_city' => ( $exists[4] ? translate( str_replace( '_', ' ', $zone[1] ), 'continents-cities' ) : '' ),
+ 't_subcity' => ( $exists[5] ? translate( str_replace( '_', ' ', $zone[2] ), 'continents-cities' ) : '' )
+ );
+ }
+ usort( $zonen, '_wp_timezone_choice_usort_callback' );
+
+ $structure = array();
+
+ if ( empty( $selected_zone ) ) {
+ $structure[] = '<option selected="selected" value="">' . __( 'Select a city' ) . '</option>';
+ }
+
+ foreach ( $zonen as $key => $zone ) {
+ // Build value in an array to join later
+ $value = array( $zone['continent'] );
+
+ if ( empty( $zone['city'] ) ) {
+ // It's at the continent level (generally won't happen)
+ $display = $zone['t_continent'];
+ } else {
+ // It's inside a continent group
+
+ // Continent optgroup
+ if ( !isset( $zonen[$key - 1] ) || $zonen[$key - 1]['continent'] !== $zone['continent'] ) {
+ $label = $zone['t_continent'];
+ $structure[] = '<optgroup label="'. esc_attr( $label ) .'">';
+ }
+
+ // Add the city to the value
+ $value[] = $zone['city'];
+
+ $display = $zone['t_city'];
+ if ( !empty( $zone['subcity'] ) ) {
+ // Add the subcity to the value
+ $value[] = $zone['subcity'];
+ $display .= ' - ' . $zone['t_subcity'];
+ }
+ }
+
+ // Build the value
+ $value = join( '/', $value );
+ $selected = '';
+ if ( $value === $selected_zone ) {
+ $selected = 'selected="selected" ';
+ }
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( $value ) . '">' . esc_html( $display ) . "</option>";
+
+ // Close continent optgroup
+ if ( !empty( $zone['city'] ) && ( !isset($zonen[$key + 1]) || (isset( $zonen[$key + 1] ) && $zonen[$key + 1]['continent'] !== $zone['continent']) ) ) {
+ $structure[] = '</optgroup>';
+ }
+ }
+
+ // Do UTC
+ $structure[] = '<optgroup label="'. esc_attr__( 'UTC' ) .'">';
+ $selected = '';
+ if ( 'UTC' === $selected_zone )
+ $selected = 'selected="selected" ';
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( 'UTC' ) . '">' . __('UTC') . '</option>';
+ $structure[] = '</optgroup>';
+
+ // Do manual UTC offsets
+ $structure[] = '<optgroup label="'. esc_attr__( 'Manual Offsets' ) .'">';
+ $offset_range = array (-12, -11.5, -11, -10.5, -10, -9.5, -9, -8.5, -8, -7.5, -7, -6.5, -6, -5.5, -5, -4.5, -4, -3.5, -3, -2.5, -2, -1.5, -1, -0.5,
+ 0, 0.5, 1, 1.5, 2, 2.5, 3, 3.5, 4, 4.5, 5, 5.5, 5.75, 6, 6.5, 7, 7.5, 8, 8.5, 8.75, 9, 9.5, 10, 10.5, 11, 11.5, 12, 12.75, 13, 13.75, 14);
+ foreach ( $offset_range as $offset ) {
+ if ( 0 <= $offset )
+ $offset_name = '+' . $offset;
+ else
+ $offset_name = (string) $offset;
+
+ $offset_value = $offset_name;
+ $offset_name = str_replace(array('.25','.5','.75'), array(':15',':30',':45'), $offset_name);
+ $offset_name = 'UTC' . $offset_name;
+ $offset_value = 'UTC' . $offset_value;
+ $selected = '';
+ if ( $offset_value === $selected_zone )
+ $selected = 'selected="selected" ';
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( $offset_value ) . '">' . esc_html( $offset_name ) . "</option>";
+
+ }
+ $structure[] = '</optgroup>';
+
+ return join( "\n", $structure );
+}
+
+/**
+ * Strip close comment and close php tags from file headers used by WP
+ * See http://core.trac.wordpress.org/ticket/8497
+ *
+ * @since 2.8
+**/
+function _cleanup_header_comment($str) {
+ return trim(preg_replace("/\s*(?:\*\/|\?>).*/", '', $str));
+}
+
+/**
+ * Permanently deletes posts, pages, attachments, and comments which have been in the trash for EMPTY_TRASH_DAYS.
+ *
+ * @since 2.9.0
+ *
+ * @return void
+ */
+function wp_scheduled_delete() {
+ global $wpdb;
+
+ $delete_timestamp = time() - (60*60*24*EMPTY_TRASH_DAYS);
+
+ $posts_to_delete = $wpdb->get_results($wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < '%d'", $delete_timestamp), ARRAY_A);
+
+ foreach ( (array) $posts_to_delete as $post ) {
+ $post_id = (int) $post['post_id'];
+ if ( !$post_id )
+ continue;
+
+ $del_post = get_post($post_id);
+
+ if ( !$del_post || 'trash' != $del_post->post_status ) {
+ delete_post_meta($post_id, '_wp_trash_meta_status');
+ delete_post_meta($post_id, '_wp_trash_meta_time');
+ } else {
+ wp_delete_post($post_id);
+ }
+ }
+
+ $comments_to_delete = $wpdb->get_results($wpdb->prepare("SELECT comment_id FROM $wpdb->commentmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < '%d'", $delete_timestamp), ARRAY_A);
+
+ foreach ( (array) $comments_to_delete as $comment ) {
+ $comment_id = (int) $comment['comment_id'];
+ if ( !$comment_id )
+ continue;
+
+ $del_comment = get_comment($comment_id);
+
+ if ( !$del_comment || 'trash' != $del_comment->comment_approved ) {
+ delete_comment_meta($comment_id, '_wp_trash_meta_time');
+ delete_comment_meta($comment_id, '_wp_trash_meta_status');
+ } else {
+ wp_delete_comment($comment_id);
+ }
+ }
+}
+
+/**
+ * Parse the file contents to retrieve its metadata.
+ *
+ * Searches for metadata for a file, such as a plugin or theme. Each piece of
+ * metadata must be on its own line. For a field spanning multple lines, it
+ * must not have any newlines or only parts of it will be displayed.
+ *
+ * Some users have issues with opening large files and manipulating the contents
+ * for want is usually the first 1kiB or 2kiB. This function stops pulling in
+ * the file contents when it has all of the required data.
+ *
+ * The first 8kiB of the file will be pulled in and if the file data is not
+ * within that first 8kiB, then the author should correct their plugin file
+ * and move the data headers to the top.
+ *
+ * The file is assumed to have permissions to allow for scripts to read
+ * the file. This is not checked however and the file is only opened for
+ * reading.
+ *
+ * @since 2.9.0
+ *
+ * @param string $file Path to the file
+ * @param bool $markup If the returned data should have HTML markup applied
+ * @param string $context If specified adds filter hook "extra_<$context>_headers"
+ */
+function get_file_data( $file, $default_headers, $context = '' ) {
+ // We don't need to write to the file, so just open for reading.
+ $fp = fopen( $file, 'r' );
+
+ // Pull only the first 8kiB of the file in.
+ $file_data = fread( $fp, 8192 );
+
+ // PHP will close file handle, but we are good citizens.
+ fclose( $fp );
+
+ if( $context != '' ) {
+ $extra_headers = apply_filters( "extra_$context".'_headers', array() );
+
+ $extra_headers = array_flip( $extra_headers );
+ foreach( $extra_headers as $key=>$value ) {
+ $extra_headers[$key] = $key;
+ }
+ $all_headers = array_merge($extra_headers, $default_headers);
+ } else {
+ $all_headers = $default_headers;
+ }
+
+
+ foreach ( $all_headers as $field => $regex ) {
+ preg_match( '/' . preg_quote( $regex, '/' ) . ':(.*)$/mi', $file_data, ${$field});
+ if ( !empty( ${$field} ) )
+ ${$field} = _cleanup_header_comment( ${$field}[1] );
+ else
+ ${$field} = '';
+ }
+
+ $file_data = compact( array_keys( $all_headers ) );
+
+ return $file_data;
+}
+/*
+ * Used internally to tidy up the search terms
+ *
+ * @private
+ * @since 2.9.0
+ */
+function _search_terms_tidy($t) {
+ return trim($t, "\"'\n\r ");
+}