WordPress 4.4
[autoinstalls/wordpress.git] / wp-includes / canonical.php
index 683c1479a8759a4136613358c28034227ed48ee7..cacbdaadfe33ed86a100520a4193453e55bbf456 100644 (file)
  * one or the other.
  *
  * Prevents redirection for feeds, trackbacks, searches, comment popup, and
- * admin URLs. Does not redirect on IIS, page/post previews, and on form data.
+ * admin URLs. Does not redirect on non-pretty-permalink-supporting IIS 7+,
+ * page/post previews, WP admin, Trackbacks, robots.txt, searches, or on POST
+ * requests.
  *
  * Will also attempt to find the correct link when a user enters a URL that does
  * not exist based on exact WordPress query. Will instead try to parse the URL
  * or query in an attempt to figure the correct page to go to.
  *
  * @since 2.3.0
- * @uses $wp_rewrite
- * @uses $is_IIS
+ *
+ * @global WP_Rewrite $wp_rewrite
+ * @global bool $is_IIS
+ * @global WP_Query $wp_query
+ * @global wpdb $wpdb WordPress database abstraction object.
  *
  * @param string $requested_url Optional. The URL that was requested, used to
  *             figure if redirect is needed.
  * @param bool $do_redirect Optional. Redirect to the new URL.
- * @return null|false|string Null, if redirect not needed. False, if redirect
- *             not needed or the string of the URL
+ * @return string|void The string of the URL, if redirect needed.
  */
 function redirect_canonical( $requested_url = null, $do_redirect = true ) {
-       global $wp_rewrite, $is_IIS, $wp_query, $wpdb;
+       global $wp_rewrite, $is_IIS, $wp_query, $wpdb, $wp;
+
+       if ( isset( $_SERVER['REQUEST_METHOD'] ) && ! in_array( strtoupper( $_SERVER['REQUEST_METHOD'] ), array( 'GET', 'HEAD' ) ) ) {
+               return;
+       }
+
+       // If we're not in wp-admin and the post has been published and preview nonce
+       // is non-existent or invalid then no need for preview in query
+       if ( is_preview() && get_query_var( 'p' ) && 'publish' == get_post_status( get_query_var( 'p' ) ) ) {
+               if ( ! isset( $_GET['preview_id'] )
+                       || ! isset( $_GET['preview_nonce'] )
+                       || ! wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . (int) $_GET['preview_id'] ) ) {
+                       $wp_query->is_preview = false;
+               }
+       }
 
-       if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || !empty($_POST) || is_preview() || is_robots() || $is_IIS )
+       if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || is_preview() || is_robots() || ( $is_IIS && !iis7_supports_permalinks() ) ) {
                return;
+       }
 
-       if ( !$requested_url ) {
+       if ( ! $requested_url && isset( $_SERVER['HTTP_HOST'] ) ) {
                // build the URL in the address bar
                $requested_url  = is_ssl() ? 'https://' : 'http://';
                $requested_url .= $_SERVER['HTTP_HOST'];
@@ -48,14 +67,9 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
        }
 
        $original = @parse_url($requested_url);
-       if ( false === $original )
+       if ( false === $original ) {
                return;
-
-       // Some PHP setups turn requests for / into /index.php in REQUEST_URI
-       // See: http://trac.wordpress.org/ticket/5017
-       // See: http://trac.wordpress.org/ticket/7173
-       // Disabled, for now:
-       // $original['path'] = preg_replace('|/index\.php$|', '/', $original['path']);
+       }
 
        $redirect = $original;
        $redirect_url = false;
@@ -66,6 +80,16 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
        if ( !isset($redirect['query']) )
                $redirect['query'] = '';
 
+       // If the original URL ended with non-breaking spaces, they were almost
+       // certainly inserted by accident. Let's remove them, so the reader doesn't
+       // see a 404 error with no obvious cause.
+       $redirect['path'] = preg_replace( '|(%C2%A0)+$|i', '', $redirect['path'] );
+
+       // It's not a preview, so remove it from URL
+       if ( get_query_var( 'preview' ) ) {
+               $redirect['query'] = remove_query_arg( 'preview', $redirect['query'] );
+       }
+
        if ( is_feed() && ( $id = get_query_var( 'p' ) ) ) {
                if ( $redirect_url = get_post_comments_feed_link( $id, get_query_var( 'feed' ) ) ) {
                        $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type', 'feed'), $redirect_url );
@@ -93,23 +117,52 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                $id = max( get_query_var('p'), get_query_var('page_id'), get_query_var('attachment_id') );
                if ( $id && $redirect_post = get_post($id) ) {
                        $post_type_obj = get_post_type_object($redirect_post->post_type);
-                       if ( $post_type_obj->public ) {
+                       if ( $post_type_obj->public && 'auto-draft' != $redirect_post->post_status ) {
                                $redirect_url = get_permalink($redirect_post);
                                $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), $redirect_url );
                        }
                }
 
+               if ( get_query_var( 'day' ) && get_query_var( 'monthnum' ) && get_query_var( 'year' ) ) {
+                       $year  = get_query_var( 'year' );
+                       $month = get_query_var( 'monthnum' );
+                       $day   = get_query_var( 'day' );
+                       $date  = sprintf( '%04d-%02d-%02d', $year, $month, $day );
+                       if ( ! wp_checkdate( $month, $day, $year, $date ) ) {
+                               $redirect_url = get_month_link( $year, $month );
+                               $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'year', 'monthnum', 'day' ), $redirect_url );
+                       }
+               } elseif ( get_query_var( 'monthnum' ) && get_query_var( 'year' ) && 12 < get_query_var( 'monthnum' ) ) {
+                       $redirect_url = get_year_link( get_query_var( 'year' ) );
+                       $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'year', 'monthnum' ), $redirect_url );
+               }
+
                if ( ! $redirect_url ) {
-                       if ( $redirect_url = redirect_guess_404_permalink( $requested_url ) ) {
+                       if ( $redirect_url = redirect_guess_404_permalink() ) {
                                $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'page', 'feed', 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), $redirect_url );
                        }
                }
 
+               if ( get_query_var( 'page' ) && $wp_query->post &&
+                       false !== strpos( $wp_query->post->post_content, '<!--nextpage-->' ) ) {
+                       $redirect['path'] = rtrim( $redirect['path'], (int) get_query_var( 'page' ) . '/' );
+                       $redirect['query'] = remove_query_arg( 'page', $redirect['query'] );
+                       $redirect_url = get_permalink( $wp_query->post->ID );
+               }
+
        } elseif ( is_object($wp_rewrite) && $wp_rewrite->using_permalinks() ) {
                // rewriting of old ?p=X, ?m=2004, ?m=200401, ?m=20040101
-               if ( is_attachment() && !empty($_GET['attachment_id']) && ! $redirect_url ) {
-                       if ( $redirect_url = get_attachment_link(get_query_var('attachment_id')) )
-                               $redirect['query'] = remove_query_arg('attachment_id', $redirect['query']);
+               if ( is_attachment() &&
+                       ! array_diff( array_keys( $wp->query_vars ), array( 'attachment', 'attachment_id' ) ) &&
+                       ! $redirect_url ) {
+                       if ( ! empty( $_GET['attachment_id'] ) ) {
+                               $redirect_url = get_attachment_link( get_query_var( 'attachment_id' ) );
+                               if ( $redirect_url ) {
+                                       $redirect['query'] = remove_query_arg( 'attachment_id', $redirect['query'] );
+                               }
+                       } else {
+                               $redirect_url = get_attachment_link();
+                       }
                } elseif ( is_single() && !empty($_GET['p']) && ! $redirect_url ) {
                        if ( $redirect_url = get_permalink(get_query_var('p')) )
                                $redirect['query'] = remove_query_arg(array('p', 'post_type'), $redirect['query']);
@@ -158,7 +211,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                } elseif ( is_category() || is_tag() || is_tax() ) { // Terms (Tags/categories)
 
                        $term_count = 0;
-                       foreach ( $wp_query->tax_query->queries as $tax_query )
+                       foreach ( $wp_query->tax_query->queried_terms as $tax_query )
                                $term_count += count( $tax_query['terms'] );
 
                        $obj = $wp_query->get_queried_object();
@@ -218,11 +271,11 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 
                // paging and feeds
                if ( get_query_var('paged') || is_feed() || get_query_var('cpage') ) {
-                       while ( preg_match( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", $redirect['path'] ) || preg_match( '#/(comments/?)?(feed|rss|rdf|atom|rss2)(/+)?$#', $redirect['path'] ) || preg_match( '#/comment-page-[0-9]+(/+)?$#', $redirect['path'] ) ) {
+                       while ( preg_match( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", $redirect['path'] ) || preg_match( '#/(comments/?)?(feed|rss|rdf|atom|rss2)(/+)?$#', $redirect['path'] ) || preg_match( "#/{$wp_rewrite->comments_pagination_base}-[0-9]+(/+)?$#", $redirect['path'] ) ) {
                                // Strip off paging and feed
                                $redirect['path'] = preg_replace("#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", '/', $redirect['path']); // strip off any existing paging
                                $redirect['path'] = preg_replace('#/(comments/?)?(feed|rss2?|rdf|atom)(/+|$)#', '/', $redirect['path']); // strip off feed endings
-                               $redirect['path'] = preg_replace('#/comment-page-[0-9]+?(/+)?$#', '/', $redirect['path']); // strip off any existing comment paging
+                               $redirect['path'] = preg_replace("#/{$wp_rewrite->comments_pagination_base}-[0-9]+?(/+)?$#", '/', $redirect['path']); // strip off any existing comment paging
                        }
 
                        $addl_path = '';
@@ -265,24 +318,30 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                                }
                        }
 
-                       if ( get_option('page_comments') && ( ( 'newest' == get_option('default_comments_page') && get_query_var('cpage') > 0 ) || ( 'newest' != get_option('default_comments_page') && get_query_var('cpage') > 1 ) ) ) {
-                               $addl_path = ( !empty( $addl_path ) ? trailingslashit($addl_path) : '' ) . user_trailingslashit( 'comment-page-' . get_query_var('cpage'), 'commentpaged' );
+                       if ( get_option( 'page_comments' ) && (
+                               ( 'newest' == get_option( 'default_comments_page' ) && get_query_var( 'cpage' ) > 0 ) ||
+                               ( 'newest' != get_option( 'default_comments_page' ) && get_query_var( 'cpage' ) > 1 )
+                       ) ) {
+                               $addl_path = ( !empty( $addl_path ) ? trailingslashit($addl_path) : '' ) . user_trailingslashit( $wp_rewrite->comments_pagination_base . '-' . get_query_var('cpage'), 'commentpaged' );
                                $redirect['query'] = remove_query_arg( 'cpage', $redirect['query'] );
                        }
 
-                       $redirect['path'] = user_trailingslashit( preg_replace('|/index.php/?$|', '/', $redirect['path']) ); // strip off trailing /index.php/
-                       if ( !empty( $addl_path ) && $wp_rewrite->using_index_permalinks() && strpos($redirect['path'], '/index.php/') === false )
-                               $redirect['path'] = trailingslashit($redirect['path']) . 'index.php/';
+                       $redirect['path'] = user_trailingslashit( preg_replace('|/' . preg_quote( $wp_rewrite->index, '|' ) . '/?$|', '/', $redirect['path']) ); // strip off trailing /index.php/
+                       if ( !empty( $addl_path ) && $wp_rewrite->using_index_permalinks() && strpos($redirect['path'], '/' . $wp_rewrite->index . '/') === false )
+                               $redirect['path'] = trailingslashit($redirect['path']) . $wp_rewrite->index . '/';
                        if ( !empty( $addl_path ) )
                                $redirect['path'] = trailingslashit($redirect['path']) . $addl_path;
                        $redirect_url = $redirect['scheme'] . '://' . $redirect['host'] . $redirect['path'];
                }
 
                if ( 'wp-register.php' == basename( $redirect['path'] ) ) {
-                       if ( is_multisite() )
-                               $redirect_url = apply_filters( 'wp_signup_location', site_url( 'wp-signup.php' ) );
-                       else
-                               $redirect_url = site_url( 'wp-login.php?action=register' );
+                       if ( is_multisite() ) {
+                               /** This filter is documented in wp-login.php */
+                               $redirect_url = apply_filters( 'wp_signup_location', network_site_url( 'wp-signup.php' ) );
+                       } else {
+                               $redirect_url = wp_registration_url();
+                       }
+
                        wp_redirect( $redirect_url, 301 );
                        die();
                }
@@ -322,7 +381,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                unset($redirect['port']);
 
        // trailing /index.php
-       $redirect['path'] = preg_replace('|/index.php/*?$|', '/', $redirect['path']);
+       $redirect['path'] = preg_replace('|/' . preg_quote( $wp_rewrite->index, '|' ) . '/*?$|', '/', $redirect['path']);
 
        // Remove trailing spaces from the path
        $redirect['path'] = preg_replace( '#(%20| )+$#', '', $redirect['path'] );
@@ -335,7 +394,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                $redirect['query'] = trim(preg_replace( '#(^|&)(p|page_id|cat|tag)=?(&|$)#', '&', $redirect['query']), '&');
 
                // Redirect obsolete feeds
-               $redirect['query'] = preg_replace( '#(^|&)feed=rss(&|$)#', '$1feed=rss2$3', $redirect['query'] );
+               $redirect['query'] = preg_replace( '#(^|&)feed=rss(&|$)#', '$1feed=rss2$2', $redirect['query'] );
 
                // Remove redundant leading ampersands
                $redirect['query'] = preg_replace( '#^\??&*?#', '', $redirect['query'] );
@@ -343,7 +402,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 
        // strip /index.php/ when we're not using PATHINFO permalinks
        if ( !$wp_rewrite->using_index_permalinks() )
-               $redirect['path'] = str_replace('/index.php/', '/', $redirect['path']);
+               $redirect['path'] = str_replace( '/' . $wp_rewrite->index . '/', '/', $redirect['path'] );
 
        // trailing slashes
        if ( is_object($wp_rewrite) && $wp_rewrite->using_permalinks() && !is_404() && (!is_front_page() || ( is_front_page() && (get_query_var('paged') > 1) ) ) ) {
@@ -378,7 +437,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                ( strtolower($original['host']) != 'www.' . strtolower($redirect['host']) && 'www.' . strtolower($original['host']) != strtolower($redirect['host']) ) )
                $redirect['host'] = $original['host'];
 
-       $compare_original = array($original['host'], $original['path']);
+       $compare_original = array( $original['host'], $original['path'] );
 
        if ( !empty( $original['port'] ) )
                $compare_original[] = $original['port'];
@@ -386,7 +445,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
        if ( !empty( $original['query'] ) )
                $compare_original[] = $original['query'];
 
-       $compare_redirect = array($redirect['host'], $redirect['path']);
+       $compare_redirect = array( $redirect['host'], $redirect['path'] );
 
        if ( !empty( $redirect['port'] ) )
                $compare_redirect[] = $redirect['port'];
@@ -403,8 +462,9 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                        $redirect_url .= '?' . $redirect['query'];
        }
 
-       if ( !$redirect_url || $redirect_url == $requested_url )
-               return false;
+       if ( ! $redirect_url || $redirect_url == $requested_url ) {
+               return;
+       }
 
        // Hex encoded octets are case-insensitive.
        if ( false !== strpos($requested_url, '%') ) {
@@ -416,11 +476,22 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                $requested_url = preg_replace_callback('|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url);
        }
 
-       // Note that you can use the "redirect_canonical" filter to cancel a canonical redirect for whatever reason by returning false
-       $redirect_url = apply_filters('redirect_canonical', $redirect_url, $requested_url);
-
-       if ( !$redirect_url || $redirect_url == $requested_url ) // yes, again -- in case the filter aborted the request
-               return false;
+       /**
+        * Filter the canonical redirect URL.
+        *
+        * Returning false to this filter will cancel the redirect.
+        *
+        * @since 2.3.0
+        *
+        * @param string $redirect_url  The redirect URL.
+        * @param string $requested_url The requested URL.
+        */
+       $redirect_url = apply_filters( 'redirect_canonical', $redirect_url, $requested_url );
+
+       // yes, again -- in case the filter aborted the request
+       if ( ! $redirect_url || strip_fragment_from_url( $redirect_url ) == strip_fragment_from_url( $requested_url ) ) {
+               return;
+       }
 
        if ( $do_redirect ) {
                // protect against chained redirects
@@ -430,7 +501,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
                } else {
                        // Debug
                        // die("1: $redirect_url<br />2: " . redirect_canonical( $redirect_url, false ) );
-                       return false;
+                       return;
                }
        } else {
                return $redirect_url;
@@ -441,9 +512,12 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
  * Removes arguments from a query string if they are not present in a URL
  * DO NOT use this in plugin code.
  *
- * @since 3.4
+ * @since 3.4.0
  * @access private
  *
+ * @param string $query_string
+ * @param array $args_to_check
+ * @param string $url
  * @return string The altered query string
  */
 function _remove_qs_args_if_not_in_url( $query_string, Array $args_to_check, $url ) {
@@ -461,33 +535,44 @@ function _remove_qs_args_if_not_in_url( $query_string, Array $args_to_check, $ur
 }
 
 /**
- * Attempts to guess the correct URL from the current URL (that produced a 404) or
- * the current query variables.
+ * Strips the #fragment from a URL, if one is present.
  *
- * @since 2.3.0
- * @uses $wpdb
+ * @since 4.4.0
  *
- * @param string $current_url Optional. The URL that has 404'd.
- * @return bool|string The correct URL if one is found. False on failure.
+ * @param string $url The URL to strip.
+ * @return string The altered URL.
  */
-function redirect_guess_404_permalink( $current_url = '' ) {
-       global $wpdb, $wp_rewrite;
-
-       if ( ! empty( $current_url ) )
-               $parsed_url = @parse_url( $current_url );
-
-       // Attempt to redirect bare category slugs if the permalink structure starts
-       // with the %category% tag.
-       if ( isset( $parsed_url['path'] )
-               && preg_match( '#^[^%]+%category%#', $wp_rewrite->permalink_structure )
-               && $cat = get_category_by_path( $parsed_url['path'] )
-       ) {
-               if ( ! is_wp_error( $cat ) )
-                       return get_term_link( $cat );
+function strip_fragment_from_url( $url ) {
+       $parsed_url = @parse_url( $url );
+       if ( ! empty( $parsed_url['host'] ) ) {
+               // This mirrors code in redirect_canonical(). It does not handle every case.
+               $url = $parsed_url['scheme'] . '://' . $parsed_url['host'];
+               if ( ! empty( $parsed_url['port'] ) ) {
+                       $url .= ':' . $parsed_url['port'];
+               }
+               $url .= $parsed_url['path'];
+               if ( ! empty( $parsed_url['query'] ) ) {
+                       $url .= '?' . $parsed_url['query'];
+               }
        }
 
+       return $url;
+}
+
+/**
+ * Attempts to guess the correct URL based on query vars
+ *
+ * @since 2.3.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @return false|string The correct URL if one is found. False on failure.
+ */
+function redirect_guess_404_permalink() {
+       global $wpdb;
+
        if ( get_query_var('name') ) {
-               $where = $wpdb->prepare("post_name LIKE %s", like_escape( get_query_var('name') ) . '%');
+               $where = $wpdb->prepare("post_name LIKE %s", $wpdb->esc_like( get_query_var('name') ) . '%');
 
                // if any of post_type, year, monthnum, or day are set, use them to refine the query
                if ( get_query_var('post_type') )
@@ -507,7 +592,7 @@ function redirect_guess_404_permalink( $current_url = '' ) {
                        return false;
                if ( get_query_var( 'feed' ) )
                        return get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) );
-               elseif ( get_query_var( 'page' ) )
+               elseif ( get_query_var( 'page' ) && 1 < get_query_var( 'page' ) )
                        return trailingslashit( get_permalink( $post_id ) ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' );
                else
                        return get_permalink( $post_id );
@@ -516,8 +601,10 @@ function redirect_guess_404_permalink( $current_url = '' ) {
        return false;
 }
 
-add_action('template_redirect', 'redirect_canonical');
-
+/**
+ *
+ * @global WP_Rewrite $wp_rewrite
+ */
 function wp_redirect_admin_locations() {
        global $wp_rewrite;
        if ( ! ( is_404() && $wp_rewrite->using_permalinks() ) )
@@ -541,9 +628,7 @@ function wp_redirect_admin_locations() {
                site_url( 'login', 'relative' ),
        );
        if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins ) ) {
-               wp_redirect( site_url( 'wp-login.php', 'login' ) );
+               wp_redirect( wp_login_url() );
                exit;
        }
 }
-
-add_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );