+function validate_file( $file, $allowed_files = '' ) {
+ if ( false !== strpos( $file, '..' ) )
+ return 1;
+
+ if ( false !== strpos( $file, './' ) )
+ return 1;
+
+ if ( ! empty( $allowed_files ) && ! in_array( $file, $allowed_files ) )
+ return 3;
+
+ if (':' == substr( $file, 1, 1 ) )
+ return 2;
+
+ return 0;
+}
+
+/**
+ * Determine if SSL is used.
+ *
+ * @since 2.6.0
+ *
+ * @return bool True if SSL, false if not used.
+ */
+function is_ssl() {
+ if ( isset($_SERVER['HTTPS']) ) {
+ if ( 'on' == strtolower($_SERVER['HTTPS']) )
+ return true;
+ if ( '1' == $_SERVER['HTTPS'] )
+ return true;
+ } elseif ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
+ return true;
+ }
+ return false;
+}
+
+/**
+ * Whether to force SSL used for the Administration Screens.
+ *
+ * @since 2.6.0
+ *
+ * @staticvar bool $forced
+ *
+ * @param string|bool $force Optional. Whether to force SSL in admin screens. Default null.
+ * @return bool True if forced, false if not forced.
+ */
+function force_ssl_admin( $force = null ) {
+ static $forced = false;
+
+ if ( !is_null( $force ) ) {
+ $old_forced = $forced;
+ $forced = $force;
+ return $old_forced;
+ }
+
+ return $forced;
+}
+
+/**
+ * Guess the URL for the site.
+ *
+ * Will remove wp-admin links to retrieve only return URLs not in the wp-admin
+ * directory.
+ *
+ * @since 2.6.0
+ *
+ * @return string The guessed URL.
+ */
+function wp_guess_url() {
+ if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
+ $url = WP_SITEURL;
+ } else {
+ $abspath_fix = str_replace( '\\', '/', ABSPATH );
+ $script_filename_dir = dirname( $_SERVER['SCRIPT_FILENAME'] );
+
+ // The request is for the admin
+ if ( strpos( $_SERVER['REQUEST_URI'], 'wp-admin' ) !== false || strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false ) {
+ $path = preg_replace( '#/(wp-admin/.*|wp-login.php)#i', '', $_SERVER['REQUEST_URI'] );
+
+ // The request is for a file in ABSPATH
+ } elseif ( $script_filename_dir . '/' == $abspath_fix ) {
+ // Strip off any file/query params in the path
+ $path = preg_replace( '#/[^/]*$#i', '', $_SERVER['PHP_SELF'] );
+
+ } else {
+ if ( false !== strpos( $_SERVER['SCRIPT_FILENAME'], $abspath_fix ) ) {
+ // Request is hitting a file inside ABSPATH
+ $directory = str_replace( ABSPATH, '', $script_filename_dir );
+ // Strip off the sub directory, and any file/query params
+ $path = preg_replace( '#/' . preg_quote( $directory, '#' ) . '/[^/]*$#i', '' , $_SERVER['REQUEST_URI'] );
+ } elseif ( false !== strpos( $abspath_fix, $script_filename_dir ) ) {
+ // Request is hitting a file above ABSPATH
+ $subdirectory = substr( $abspath_fix, strpos( $abspath_fix, $script_filename_dir ) + strlen( $script_filename_dir ) );
+ // Strip off any file/query params from the path, appending the sub directory to the install
+ $path = preg_replace( '#/[^/]*$#i', '' , $_SERVER['REQUEST_URI'] ) . $subdirectory;
+ } else {
+ $path = $_SERVER['REQUEST_URI'];
+ }
+ }
+
+ $schema = is_ssl() ? 'https://' : 'http://'; // set_url_scheme() is not defined yet
+ $url = $schema . $_SERVER['HTTP_HOST'] . $path;
+ }
+
+ return rtrim($url, '/');
+}
+
+/**
+ * Temporarily suspend cache additions.
+ *
+ * Stops more data being added to the cache, but still allows cache retrieval.
+ * This is useful for actions, such as imports, when a lot of data would otherwise
+ * be almost uselessly added to the cache.
+ *
+ * Suspension lasts for a single page load at most. Remember to call this
+ * function again if you wish to re-enable cache adds earlier.
+ *
+ * @since 3.3.0
+ *
+ * @staticvar bool $_suspend
+ *
+ * @param bool $suspend Optional. Suspends additions if true, re-enables them if false.
+ * @return bool The current suspend setting
+ */
+function wp_suspend_cache_addition( $suspend = null ) {
+ static $_suspend = false;
+
+ if ( is_bool( $suspend ) )
+ $_suspend = $suspend;
+
+ return $_suspend;
+}
+
+/**
+ * Suspend cache invalidation.
+ *
+ * Turns cache invalidation on and off. Useful during imports where you don't wont to do
+ * invalidations every time a post is inserted. Callers must be sure that what they are
+ * doing won't lead to an inconsistent cache when invalidation is suspended.
+ *
+ * @since 2.7.0
+ *
+ * @global bool $_wp_suspend_cache_invalidation
+ *
+ * @param bool $suspend Optional. Whether to suspend or enable cache invalidation. Default true.
+ * @return bool The current suspend setting.
+ */
+function wp_suspend_cache_invalidation( $suspend = true ) {
+ global $_wp_suspend_cache_invalidation;
+
+ $current_suspend = $_wp_suspend_cache_invalidation;
+ $_wp_suspend_cache_invalidation = $suspend;
+ return $current_suspend;
+}
+
+/**
+ * Determine whether a site is the main site of the current network.
+ *
+ * @since 3.0.0
+ *
+ * @global object $current_site
+ *
+ * @param int $site_id Optional. Site ID to test. Defaults to current site.
+ * Defaults to current site.
+ * @return bool True if $site_id is the main site of the network, or if not
+ * running Multisite.
+ */
+function is_main_site( $site_id = null ) {
+ // This is the current network's information; 'site' is old terminology.
+ global $current_site;
+
+ if ( ! is_multisite() )
+ return true;
+
+ if ( ! $site_id )
+ $site_id = get_current_blog_id();
+
+ return (int) $site_id === (int) $current_site->blog_id;
+}
+
+/**
+ * Determine whether a network is the main network of the Multisite install.
+ *
+ * @since 3.7.0
+ *
+ * @param int $network_id Optional. Network ID to test. Defaults to current network.
+ * @return bool True if $network_id is the main network, or if not running Multisite.
+ */
+function is_main_network( $network_id = null ) {
+ if ( ! is_multisite() ) {
+ return true;
+ }
+
+ $current_network_id = (int) get_current_site()->id;
+
+ if ( null === $network_id ) {
+ $network_id = $current_network_id;
+ }
+
+ $network_id = (int) $network_id;
+
+ return ( $network_id === get_main_network_id() );
+}
+
+/**
+ * Get the main network ID.
+ *
+ * @since 4.3.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @return int The ID of the main network.
+ */
+function get_main_network_id() {
+ global $wpdb;
+
+ if ( ! is_multisite() ) {
+ return 1;
+ }
+
+ if ( defined( 'PRIMARY_NETWORK_ID' ) ) {
+ $main_network_id = PRIMARY_NETWORK_ID;
+ } elseif ( 1 === (int) get_current_site()->id ) {
+ // If the current network has an ID of 1, assume it is the main network.
+ $main_network_id = 1;
+ } else {
+ $main_network_id = wp_cache_get( 'primary_network_id', 'site-options' );
+
+ if ( false === $main_network_id ) {
+ $main_network_id = (int) $wpdb->get_var( "SELECT id FROM {$wpdb->site} ORDER BY id LIMIT 1" );
+ wp_cache_add( 'primary_network_id', $main_network_id, 'site-options' );
+ }
+ }
+
+ /**
+ * Filter the main network ID.
+ *
+ * @since 4.3.0
+ *
+ * @param int $main_network_id The ID of the main network.
+ */
+ return (int) apply_filters( 'get_main_network_id', $main_network_id );
+}
+
+/**
+ * Determine whether global terms are enabled.
+ *
+ * @since 3.0.0
+ *
+ * @staticvar bool $global_terms
+ *
+ * @return bool True if multisite and global terms enabled.
+ */
+function global_terms_enabled() {
+ if ( ! is_multisite() )
+ return false;
+
+ static $global_terms = null;
+ if ( is_null( $global_terms ) ) {
+
+ /**
+ * Filter whether global terms are enabled.
+ *
+ * Passing a non-null value to the filter will effectively short-circuit the function,
+ * returning the value of the 'global_terms_enabled' site option instead.
+ *
+ * @since 3.0.0
+ *
+ * @param null $enabled Whether global terms are enabled.
+ */
+ $filter = apply_filters( 'global_terms_enabled', null );
+ if ( ! is_null( $filter ) )
+ $global_terms = (bool) $filter;
+ else
+ $global_terms = (bool) get_site_option( 'global_terms_enabled', false );
+ }
+ return $global_terms;
+}
+
+/**
+ * gmt_offset modification for smart timezone handling.
+ *
+ * Overrides the gmt_offset option if we have a timezone_string available.
+ *
+ * @since 2.8.0
+ *
+ * @return float|false Timezone GMT offset, false otherwise.
+ */
+function wp_timezone_override_offset() {
+ if ( !$timezone_string = get_option( 'timezone_string' ) ) {
+ return false;
+ }
+
+ $timezone_object = timezone_open( $timezone_string );
+ $datetime_object = date_create();
+ if ( false === $timezone_object || false === $datetime_object ) {
+ return false;
+ }
+ return round( timezone_offset_get( $timezone_object, $datetime_object ) / HOUR_IN_SECONDS, 2 );
+}
+
+/**
+ * Sort-helper for timezones.
+ *
+ * @since 2.9.0
+ * @access private
+ *
+ * @param array $a
+ * @param array $b
+ * @return int
+ */
+function _wp_timezone_choice_usort_callback( $a, $b ) {
+ // Don't use translated versions of Etc
+ if ( 'Etc' === $a['continent'] && 'Etc' === $b['continent'] ) {
+ // Make the order of these more like the old dropdown
+ if ( 'GMT+' === substr( $a['city'], 0, 4 ) && 'GMT+' === substr( $b['city'], 0, 4 ) ) {
+ return -1 * ( strnatcasecmp( $a['city'], $b['city'] ) );
+ }
+ if ( 'UTC' === $a['city'] ) {
+ if ( 'GMT+' === substr( $b['city'], 0, 4 ) ) {
+ return 1;
+ }
+ return -1;
+ }
+ if ( 'UTC' === $b['city'] ) {
+ if ( 'GMT+' === substr( $a['city'], 0, 4 ) ) {
+ return -1;
+ }
+ return 1;
+ }
+ return strnatcasecmp( $a['city'], $b['city'] );
+ }
+ if ( $a['t_continent'] == $b['t_continent'] ) {
+ if ( $a['t_city'] == $b['t_city'] ) {
+ return strnatcasecmp( $a['t_subcity'], $b['t_subcity'] );
+ }
+ return strnatcasecmp( $a['t_city'], $b['t_city'] );
+ } else {
+ // Force Etc to the bottom of the list
+ if ( 'Etc' === $a['continent'] ) {
+ return 1;
+ }
+ if ( 'Etc' === $b['continent'] ) {
+ return -1;
+ }
+ return strnatcasecmp( $a['t_continent'], $b['t_continent'] );
+ }
+}
+
+/**
+ * Gives a nicely-formatted list of timezone strings.
+ *
+ * @since 2.9.0
+ *
+ * @staticvar bool $mo_loaded
+ *
+ * @param string $selected_zone Selected timezone.
+ * @return string
+ */
+function wp_timezone_choice( $selected_zone ) {
+ static $mo_loaded = false;
+
+ $continents = array( 'Africa', 'America', 'Antarctica', 'Arctic', 'Asia', 'Atlantic', 'Australia', 'Europe', 'Indian', 'Pacific');
+
+ // Load translations for continents and cities
+ if ( !$mo_loaded ) {
+ $locale = get_locale();
+ $mofile = WP_LANG_DIR . '/continents-cities-' . $locale . '.mo';
+ load_textdomain( 'continents-cities', $mofile );
+ $mo_loaded = true;
+ }
+
+ $zonen = array();
+ foreach ( timezone_identifiers_list() as $zone ) {
+ $zone = explode( '/', $zone );
+ if ( !in_array( $zone[0], $continents ) ) {
+ continue;
+ }
+
+ // This determines what gets set and translated - we don't translate Etc/* strings here, they are done later
+ $exists = array(
+ 0 => ( isset( $zone[0] ) && $zone[0] ),
+ 1 => ( isset( $zone[1] ) && $zone[1] ),
+ 2 => ( isset( $zone[2] ) && $zone[2] ),
+ );
+ $exists[3] = ( $exists[0] && 'Etc' !== $zone[0] );
+ $exists[4] = ( $exists[1] && $exists[3] );
+ $exists[5] = ( $exists[2] && $exists[3] );
+
+ $zonen[] = array(
+ 'continent' => ( $exists[0] ? $zone[0] : '' ),
+ 'city' => ( $exists[1] ? $zone[1] : '' ),
+ 'subcity' => ( $exists[2] ? $zone[2] : '' ),
+ 't_continent' => ( $exists[3] ? translate( str_replace( '_', ' ', $zone[0] ), 'continents-cities' ) : '' ),
+ 't_city' => ( $exists[4] ? translate( str_replace( '_', ' ', $zone[1] ), 'continents-cities' ) : '' ),
+ 't_subcity' => ( $exists[5] ? translate( str_replace( '_', ' ', $zone[2] ), 'continents-cities' ) : '' )
+ );
+ }
+ usort( $zonen, '_wp_timezone_choice_usort_callback' );
+
+ $structure = array();
+
+ if ( empty( $selected_zone ) ) {
+ $structure[] = '<option selected="selected" value="">' . __( 'Select a city' ) . '</option>';
+ }
+
+ foreach ( $zonen as $key => $zone ) {
+ // Build value in an array to join later
+ $value = array( $zone['continent'] );
+
+ if ( empty( $zone['city'] ) ) {
+ // It's at the continent level (generally won't happen)
+ $display = $zone['t_continent'];
+ } else {
+ // It's inside a continent group
+
+ // Continent optgroup
+ if ( !isset( $zonen[$key - 1] ) || $zonen[$key - 1]['continent'] !== $zone['continent'] ) {
+ $label = $zone['t_continent'];
+ $structure[] = '<optgroup label="'. esc_attr( $label ) .'">';
+ }
+
+ // Add the city to the value
+ $value[] = $zone['city'];
+
+ $display = $zone['t_city'];
+ if ( !empty( $zone['subcity'] ) ) {
+ // Add the subcity to the value
+ $value[] = $zone['subcity'];
+ $display .= ' - ' . $zone['t_subcity'];
+ }
+ }
+
+ // Build the value
+ $value = join( '/', $value );
+ $selected = '';
+ if ( $value === $selected_zone ) {
+ $selected = 'selected="selected" ';
+ }
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( $value ) . '">' . esc_html( $display ) . "</option>";
+
+ // Close continent optgroup
+ if ( !empty( $zone['city'] ) && ( !isset($zonen[$key + 1]) || (isset( $zonen[$key + 1] ) && $zonen[$key + 1]['continent'] !== $zone['continent']) ) ) {
+ $structure[] = '</optgroup>';
+ }
+ }
+
+ // Do UTC
+ $structure[] = '<optgroup label="'. esc_attr__( 'UTC' ) .'">';
+ $selected = '';
+ if ( 'UTC' === $selected_zone )
+ $selected = 'selected="selected" ';
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( 'UTC' ) . '">' . __('UTC') . '</option>';
+ $structure[] = '</optgroup>';
+
+ // Do manual UTC offsets
+ $structure[] = '<optgroup label="'. esc_attr__( 'Manual Offsets' ) .'">';
+ $offset_range = array (-12, -11.5, -11, -10.5, -10, -9.5, -9, -8.5, -8, -7.5, -7, -6.5, -6, -5.5, -5, -4.5, -4, -3.5, -3, -2.5, -2, -1.5, -1, -0.5,
+ 0, 0.5, 1, 1.5, 2, 2.5, 3, 3.5, 4, 4.5, 5, 5.5, 5.75, 6, 6.5, 7, 7.5, 8, 8.5, 8.75, 9, 9.5, 10, 10.5, 11, 11.5, 12, 12.75, 13, 13.75, 14);
+ foreach ( $offset_range as $offset ) {
+ if ( 0 <= $offset )
+ $offset_name = '+' . $offset;
+ else
+ $offset_name = (string) $offset;
+
+ $offset_value = $offset_name;
+ $offset_name = str_replace(array('.25','.5','.75'), array(':15',':30',':45'), $offset_name);
+ $offset_name = 'UTC' . $offset_name;
+ $offset_value = 'UTC' . $offset_value;
+ $selected = '';
+ if ( $offset_value === $selected_zone )
+ $selected = 'selected="selected" ';
+ $structure[] = '<option ' . $selected . 'value="' . esc_attr( $offset_value ) . '">' . esc_html( $offset_name ) . "</option>";
+
+ }
+ $structure[] = '</optgroup>';
+
+ return join( "\n", $structure );
+}
+
+/**
+ * Strip close comment and close php tags from file headers used by WP.
+ *
+ * @since 2.8.0
+ * @access private
+ *
+ * @see https://core.trac.wordpress.org/ticket/8497
+ *
+ * @param string $str Header comment to clean up.
+ * @return string
+ */
+function _cleanup_header_comment( $str ) {
+ return trim(preg_replace("/\s*(?:\*\/|\?>).*/", '', $str));
+}
+
+/**
+ * Permanently delete comments or posts of any type that have held a status
+ * of 'trash' for the number of days defined in EMPTY_TRASH_DAYS.
+ *
+ * The default value of `EMPTY_TRASH_DAYS` is 30 (days).
+ *
+ * @since 2.9.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ */
+function wp_scheduled_delete() {
+ global $wpdb;
+
+ $delete_timestamp = time() - ( DAY_IN_SECONDS * EMPTY_TRASH_DAYS );
+
+ $posts_to_delete = $wpdb->get_results($wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_trash_meta_time' AND meta_value < '%d'", $delete_timestamp), ARRAY_A);
+
+ foreach ( (array) $posts_to_delete as $post ) {
+ $post_id = (int) $post['post_id'];
+ if ( !$post_id )
+ continue;
+
+ $del_post = get_post($post_id);
+
+ if ( !$del_post || 'trash' != $del_post->post_status ) {
+ delete_post_meta($post_id, '_wp_trash_meta_status');
+ delete_post_meta($post_id, '_wp_trash_meta_time');
+ } else {
+ wp_delete_post($post_id);
+ }
+ }