require_once( dirname( __FILE__ ) . '/admin.php' );
if ( ! current_user_can( 'customize' ) ) {
- wp_die( __( 'Cheatin’ uh?' ) );
+ wp_die( __( 'Cheatin’ uh?' ), 403 );
}
wp_reset_vars( array( 'url', 'return' ) );
wp_enqueue_script( 'customize-controls' );
wp_enqueue_style( 'customize-controls' );
-wp_enqueue_script( 'accordion' );
-
/**
* Enqueue Customizer control scripts.
*
$is_ios = wp_is_mobile() && preg_match( '/iPad|iPod|iPhone/', $_SERVER['HTTP_USER_AGENT'] );
-if ( $is_ios )
+if ( $is_ios ) {
$body_class .= ' ios';
+}
-if ( is_rtl() )
- $body_class .= ' rtl';
+if ( is_rtl() ) {
+ $body_class .= ' rtl';
+}
$body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) );
-$admin_title = sprintf( __( '%1$s — WordPress' ), strip_tags( sprintf( __( 'Customize %s' ), $wp_customize->theme()->display('Name') ) ) );
+if ( $wp_customize->is_theme_active() ) {
+ $document_title_tmpl = _x( 'Customize: %s', 'Placeholder is the document title from the preview' );
+} else {
+ $document_title_tmpl = _x( 'Live Preview: %s', 'Placeholder is the document title from the preview' );
+}
+$document_title_tmpl = html_entity_decode( $document_title_tmpl, ENT_QUOTES, 'UTF-8' ); // because exported to JS and assigned to document.title
+$admin_title = sprintf( $document_title_tmpl, __( 'Loading…' ) );
+
?><title><?php echo $admin_title; ?></title>
<script type="text/javascript">
<body class="<?php echo esc_attr( $body_class ); ?>">
<div class="wp-full-overlay expanded">
<form id="customize-controls" class="wrap wp-full-overlay-sidebar">
+ <div id="screen-reader-messages" aria-live="polite" aria-relevant="all" aria-role="status" aria-atomic="true" class="screen-reader-text"></div>
<div id="customize-header-actions" class="wp-full-overlay-header">
<?php
$cannot_expand = ! ( $wp_customize->is_theme_active() || $screenshot || $wp_customize->theme()->get('Description') );
?>
- <div id="widgets-right"><!-- For Widget Customizer, many widgets try to look for instances under div#widgets-right, so we have to add that ID to a container div in the customizer for compat -->
- <div class="wp-full-overlay-sidebar-content accordion-container" tabindex="-1">
+ <div id="widgets-right"><!-- For Widget Customizer, many widgets try to look for instances under div#widgets-right, so we have to add that ID to a container div in the Customizer for compat -->
+ <div class="wp-full-overlay-sidebar-content" tabindex="-1">
<div id="customize-info" class="accordion-section <?php if ( $cannot_expand ) echo ' cannot-expand'; ?>">
- <div class="accordion-section-title" aria-label="<?php esc_attr_e( 'Theme Customizer Options' ); ?>" tabindex="0">
+ <div class="accordion-section-title" aria-label="<?php esc_attr_e( 'Customizer Options' ); ?>" tabindex="0">
<span class="preview-notice"><?php
if ( ! $wp_customize->is_theme_active() ) {
/* translators: %s is the theme name in the Customize/Live Preview pane */
<?php endif; ?>
</div>
- <div id="customize-theme-controls"><ul>
- <?php
- foreach ( $wp_customize->containers() as $container ) {
- $container->maybe_render();
- }
- ?>
- </ul></div>
+ <div id="customize-theme-controls">
+ <ul><?php // Panels and sections are managed here via JavaScript ?></ul>
+ </div>
</div>
</div>
<div id="customize-preview" class="wp-full-overlay-main"></div>
<?php
+ // Render control templates.
+ $wp_customize->render_control_templates();
+
/**
* Print Customizer control scripts in the footer.
*
/*
* If the frontend and the admin are served from the same domain, load the
- * preview over ssl if the customizer is being loaded over ssl. This avoids
+ * preview over ssl if the Customizer is being loaded over ssl. This avoids
* insecure content warnings. This is not attempted if the admin and frontend
* are on different domains to avoid the case where the frontend doesn't have
* ssl certs. Domain mapping plugins can allow other urls in these conditions
'customize-login' => 1
), wp_login_url() );
- // Prepare customizer settings to pass to Javascript.
+ // Prepare Customizer settings to pass to JavaScript.
$settings = array(
'theme' => array(
'stylesheet' => $wp_customize->get_stylesheet(),
),
'settings' => array(),
'controls' => array(),
+ 'panels' => array(),
+ 'sections' => array(),
'nonce' => array(
'save' => wp_create_nonce( 'save-customize_' . $wp_customize->get_stylesheet() ),
'preview' => wp_create_nonce( 'preview-customize_' . $wp_customize->get_stylesheet() )
),
+ 'autofocus' => array(),
+ 'documentTitleTmpl' => $document_title_tmpl,
);
- // Prepare Customize Setting objects to pass to Javascript.
+ // Prepare Customize Setting objects to pass to JavaScript.
foreach ( $wp_customize->settings() as $id => $setting ) {
$settings['settings'][ $id ] = array(
'value' => $setting->js_value(),
);
}
- // Prepare Customize Control objects to pass to Javascript.
+ // Prepare Customize Control objects to pass to JavaScript.
foreach ( $wp_customize->controls() as $id => $control ) {
- $control->to_json();
- $settings['controls'][ $id ] = $control->json;
+ $settings['controls'][ $id ] = $control->json();
+ }
+
+ // Prepare Customize Section objects to pass to JavaScript.
+ foreach ( $wp_customize->sections() as $id => $section ) {
+ $settings['sections'][ $id ] = $section->json();
+ }
+
+ // Prepare Customize Panel objects to pass to JavaScript.
+ foreach ( $wp_customize->panels() as $id => $panel ) {
+ $settings['panels'][ $id ] = $panel->json();
+ foreach ( $panel->sections as $section_id => $section ) {
+ $settings['sections'][ $section_id ] = $section->json();
+ }
+ }
+
+ // Pass to frontend the Customizer construct being deeplinked
+ if ( isset( $_GET['autofocus'] ) ) {
+ $autofocus = wp_unslash( $_GET['autofocus'] );
+ if ( is_array( $autofocus ) ) {
+ foreach ( $autofocus as $type => $id ) {
+ if ( isset( $settings[ $type . 's' ][ $id ] ) ) {
+ $settings['autofocus'][ $type ] = $id;
+ }
+ }
+ }
}
?>
<script type="text/javascript">
- var _wpCustomizeSettings = <?php echo json_encode( $settings ); ?>;
+ var _wpCustomizeSettings = <?php echo wp_json_encode( $settings ); ?>;
</script>
</div>
</body>