X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/449d082fcc4873c1f7d363a0d9f7409be7f6e77d..2376fb745f4ae8c6bd2353127524e0b28005143d:/wp-includes/classes.php?ds=sidebyside

diff --git a/wp-includes/classes.php b/wp-includes/classes.php
index 4bcd9fe8..f24a6ec2 100644
--- a/wp-includes/classes.php
+++ b/wp-includes/classes.php
@@ -26,7 +26,7 @@ class WP {
 	 * @access public
 	 * @var array
 	 */
-	var $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'debug', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage');
+	var $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'debug', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type');
 
 	/**
 	 * Private query variables.
@@ -36,7 +36,7 @@ class WP {
 	 * @since 2.0.0
 	 * @var array
 	 */
-	var $private_query_vars = array('offset', 'posts_per_page', 'posts_per_archive_page', 'what_to_show', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page');
+	var $private_query_vars = array('offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page');
 
 	/**
 	 * Extra query variables set by the user.
@@ -133,6 +133,7 @@ class WP {
 
 		$this->query_vars = array();
 		$taxonomy_query_vars = array();
+		$post_type_query_vars = array();
 
 		if ( is_array($extra_query_vars) )
 			$this->extra_query_vars = & $extra_query_vars;
@@ -144,7 +145,7 @@ class WP {
 		// Fetch the rewrite rules.
 		$rewrite = $wp_rewrite->wp_rewrite_rules();
 
-		if (! empty($rewrite)) {
+		if ( ! empty($rewrite) ) {
 			// If we match a rewrite rule, this will be cleared.
 			$error = '404';
 			$this->did_permalink = true;
@@ -159,7 +160,7 @@ class WP {
 			$req_uri_array = explode('?', $req_uri);
 			$req_uri = $req_uri_array[0];
 			$self = $_SERVER['PHP_SELF'];
-			$home_path = parse_url(get_option('home'));
+			$home_path = parse_url(home_url());
 			if ( isset($home_path['path']) )
 				$home_path = $home_path['path'];
 			else
@@ -203,12 +204,11 @@ class WP {
 
 				// If the requesting file is the anchor of the match, prepend it
 				// to the path info.
-				if ((! empty($req_uri)) && (strpos($match, $req_uri) === 0) && ($req_uri != $request)) {
+				if ( (! empty($req_uri)) && (strpos($match, $req_uri) === 0) && ($req_uri != $request) )
 					$request_match = $req_uri . '/' . $request;
-				}
 
-				if (preg_match("!^$match!", $request_match, $matches) ||
-					preg_match("!^$match!", urldecode($request_match), $matches)) {
+				if ( preg_match("#^$match#", $request_match, $matches) ||
+					preg_match("#^$match#", urldecode($request_match), $matches) ) {
 					// Got a match.
 					$this->matched_rule = $match;
 
@@ -216,7 +216,7 @@ class WP {
 					$query = preg_replace("!^.+\?!", '', $query);
 
 					// Substitute the substring matches into the query.
-					eval("@\$query = \"" . addslashes($query) . "\";");
+					$query = addslashes(WP_MatchesMapRegex::apply($query, $matches));
 
 					$this->matched_query = $query;
 
@@ -225,10 +225,10 @@ class WP {
 
 					// If we're processing a 404 request, clear the error var
 					// since we found something.
-					if (isset($_GET['error']))
+					if ( isset($_GET['error']) )
 						unset($_GET['error']);
 
-					if (isset($error))
+					if ( isset($error) )
 						unset($error);
 
 					break;
@@ -236,14 +236,14 @@ class WP {
 			}
 
 			// If req_uri is empty or if it is a request for ourself, unset error.
-			if (empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false) {
-				if (isset($_GET['error']))
+			if ( empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) {
+				if ( isset($_GET['error']) )
 					unset($_GET['error']);
 
-				if (isset($error))
+				if ( isset($error) )
 					unset($error);
 
-				if (isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false)
+				if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false )
 					unset($perma_query_vars);
 
 				$this->did_permalink = false;
@@ -253,35 +253,49 @@ class WP {
 		$this->public_query_vars = apply_filters('query_vars', $this->public_query_vars);
 
 		foreach ( $GLOBALS['wp_taxonomies'] as $taxonomy => $t )
-			if ( isset($t->query_var) )
+			if ( $t->query_var )
 				$taxonomy_query_vars[$t->query_var] = $taxonomy;
 
-		for ($i=0; $i<count($this->public_query_vars); $i += 1) {
+		foreach ( $GLOBALS['wp_post_types'] as $post_type => $t )
+			if ( $t->query_var )
+				$post_type_query_vars[$t->query_var] = $post_type;
+
+		for ( $i = 0; $i < count($this->public_query_vars); $i += 1 ) {
 			$wpvar = $this->public_query_vars[$i];
-			if (isset($this->extra_query_vars[$wpvar]))
+			if ( isset($this->extra_query_vars[$wpvar]) )
 				$this->query_vars[$wpvar] = $this->extra_query_vars[$wpvar];
-			elseif (isset($GLOBALS[$wpvar]))
+			elseif ( isset($GLOBALS[$wpvar]) )
 				$this->query_vars[$wpvar] = $GLOBALS[$wpvar];
-			elseif (!empty($_POST[$wpvar]))
+			elseif ( !empty($_POST[$wpvar]) )
 				$this->query_vars[$wpvar] = $_POST[$wpvar];
-			elseif (!empty($_GET[$wpvar]))
+			elseif ( !empty($_GET[$wpvar]) )
 				$this->query_vars[$wpvar] = $_GET[$wpvar];
-			elseif (!empty($perma_query_vars[$wpvar]))
+			elseif ( !empty($perma_query_vars[$wpvar]) )
 				$this->query_vars[$wpvar] = $perma_query_vars[$wpvar];
 
 			if ( !empty( $this->query_vars[$wpvar] ) ) {
 				$this->query_vars[$wpvar] = (string) $this->query_vars[$wpvar];
-				if ( in_array( $wpvar, $taxonomy_query_vars ) ) {
+				if ( isset( $taxonomy_query_vars[$wpvar] ) ) {
 					$this->query_vars['taxonomy'] = $taxonomy_query_vars[$wpvar];
 					$this->query_vars['term'] = $this->query_vars[$wpvar];
+				} elseif ( isset($post_type_query_vars[$wpvar] ) ) {
+					$this->query_vars['post_type'] = $post_type_query_vars[$wpvar];
+					$this->query_vars['name'] = $this->query_vars[$wpvar];
 				}
 			}
 		}
 
+		// Limit publicly queried post_types to those that are publicly_queryable
+		if ( isset( $this->query_vars['post_type']) ) {
+			$queryable_post_types =  get_post_types( array('publicly_queryable' => true) );
+			if ( ! in_array( $this->query_vars['post_type'], $queryable_post_types ) )
+				unset( $this->query_vars['post_type'] );
+		}
+
 		foreach ( (array) $this->private_query_vars as $var) {
-			if (isset($this->extra_query_vars[$var]))
+			if ( isset($this->extra_query_vars[$var]) )
 				$this->query_vars[$var] = $this->extra_query_vars[$var];
-			elseif (isset($GLOBALS[$var]) && '' != $GLOBALS[$var])
+			elseif ( isset($GLOBALS[$var]) && '' != $GLOBALS[$var] )
 				$this->query_vars[$var] = $GLOBALS[$var];
 		}
 
@@ -302,16 +316,19 @@ class WP {
 	 * @since 2.0.0
 	 */
 	function send_headers() {
-		@header('X-Pingback: '. get_bloginfo('pingback_url'));
+		$headers = array('X-Pingback' => get_bloginfo('pingback_url'));
+		$status = null;
+		$exit_required = false;
+
 		if ( is_user_logged_in() )
-			nocache_headers();
+			$headers = array_merge($headers, wp_get_nocache_headers());
 		if ( !empty($this->query_vars['error']) && '404' == $this->query_vars['error'] ) {
-			status_header( 404 );
+			$status = 404;
 			if ( !is_user_logged_in() )
-				nocache_headers();
-			@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
+				$headers = array_merge($headers, wp_get_nocache_headers());
+			$headers['Content-Type'] = get_option('html_type') . '; charset=' . get_option('blog_charset');
 		} else if ( empty($this->query_vars['feed']) ) {
-			@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
+			$headers['Content-Type'] = get_option('html_type') . '; charset=' . get_option('blog_charset');
 		} else {
 			// We're showing a feed, so WP is indeed the only thing that last changed
 			if ( !empty($this->query_vars['withcomments'])
@@ -329,8 +346,8 @@ class WP {
 			else
 				$wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0).' GMT';
 			$wp_etag = '"' . md5($wp_last_modified) . '"';
-			@header("Last-Modified: $wp_last_modified");
-			@header("ETag: $wp_etag");
+			$headers['Last-Modified'] = $wp_last_modified;
+			$headers['ETag'] = $wp_etag;
 
 			// Support for Conditional GET
 			if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
@@ -347,11 +364,21 @@ class WP {
 			if ( ($client_last_modified && $client_etag) ?
 					 (($client_modified_timestamp >= $wp_modified_timestamp) && ($client_etag == $wp_etag)) :
 					 (($client_modified_timestamp >= $wp_modified_timestamp) || ($client_etag == $wp_etag)) ) {
-				status_header( 304 );
-				exit;
+				$status = 304;
+				$exit_required = true;
 			}
 		}
 
+		$headers = apply_filters('wp_headers', $headers, $this);
+
+		if ( ! empty( $status ) )
+			status_header( $status );
+		foreach( (array) $headers as $name => $field_value )
+			@header("{$name}: {$field_value}");
+
+		if ($exit_required)
+			exit();
+
 		do_action_ref_array('send_headers', array(&$this));
 	}
 
@@ -382,7 +409,7 @@ class WP {
 	}
 
 	/**
-	 * Setup the WordPress Globals.
+	 * Set up the WordPress Globals.
 	 *
 	 * The query_vars property will be extracted to the GLOBALS. So care should
 	 * be taken when naming global variables that might interfere with the
@@ -401,10 +428,10 @@ class WP {
 			$GLOBALS[$key] = $value;
 		}
 
-		$GLOBALS['query_string'] = & $this->query_string;
+		$GLOBALS['query_string'] = $this->query_string;
 		$GLOBALS['posts'] = & $wp_query->posts;
-		$GLOBALS['post'] = & $wp_query->post;
-		$GLOBALS['request'] = & $wp_query->request;
+		$GLOBALS['post'] = $wp_query->post;
+		$GLOBALS['request'] = $wp_query->request;
 
 		if ( is_single() || is_page() ) {
 			$GLOBALS['more'] = 1;
@@ -413,7 +440,7 @@ class WP {
 	}
 
 	/**
-	 * Setup the current user.
+	 * Set up the current user.
 	 *
 	 * @since 2.0.0
 	 */
@@ -422,7 +449,7 @@ class WP {
 	}
 
 	/**
-	 * Setup the Loop based on the query variables.
+	 * Set up the Loop based on the query variables.
 	 *
 	 * @uses WP::$query_vars
 	 * @since 2.0.0
@@ -434,21 +461,22 @@ class WP {
  	}
 
  	/**
- 	 * Set the Headers for 404, if permalink is not found.
+ 	 * Set the Headers for 404, if nothing is found for requested URL.
+	 *
+	 * Issue a 404 if a request doesn't match any posts and doesn't match
+	 * any object (e.g. an existing-but-empty category, tag, author) and a 404 was not already
+	 * issued, and if the request was not a search or the homepage.
 	 *
-	 * Issue a 404 if a permalink request doesn't match any posts.  Don't issue
-	 * a 404 if one was already issued, if the request was a search, or if the
-	 * request was a regular query string request rather than a permalink
-	 * request. Issues a 200, if not 404.
+	 * Otherwise, issue a 200.
 	 *
 	 * @since 2.0.0
  	 */
 	function handle_404() {
 		global $wp_query;
 
-		if ( (0 == count($wp_query->posts)) && !is_404() && !is_search() && ( $this->did_permalink || (!empty($_SERVER['QUERY_STRING']) && (false === strpos($_SERVER['REQUEST_URI'], '?'))) ) ) {
+		if ( !is_admin() && ( 0 == count( $wp_query->posts ) ) && !is_404() && !is_robots() && !is_search() && !is_home() ) {
 			// Don't 404 for these queries if they matched an object.
-			if ( ( is_tag() || is_category() || is_author() ) && $wp_query->get_queried_object() ) {
+			if ( ( is_tag() || is_category() || is_tax() || is_author() ) && $wp_query->get_queried_object() && !is_paged() ) {
 				if ( !is_404() )
 					status_header( 200 );
 				return;
@@ -894,7 +922,7 @@ class Walker {
 
 		/*
 		 * need to display in hierarchical order
-		 * seperate elements into two buckets: top level and children elements
+		 * separate elements into two buckets: top level and children elements
 		 * children_elements is two dimensional array, eg.
 		 * children_elements[10][] contains all sub-elements whose parent is 10.
 		 */
@@ -1008,7 +1036,7 @@ class Walker {
 		}
 
 		/*
-		 * seperate elements into two buckets: top level and children elements
+		 * separate elements into two buckets: top level and children elements
 		 * children_elements is two dimensional array, eg.
 		 * children_elements[10][] contains all sub-elements whose parent is 10.
 		 */
@@ -1127,7 +1155,7 @@ class Walker_Page extends Walker {
 	 */
 	function start_lvl(&$output, $depth) {
 		$indent = str_repeat("\t", $depth);
-		$output .= "\n$indent<ul>\n";
+		$output .= "\n$indent<ul class='children'>\n";
 	}
 
 	/**
@@ -1159,20 +1187,22 @@ class Walker_Page extends Walker {
 			$indent = '';
 
 		extract($args, EXTR_SKIP);
-		$css_class = 'page_item page-item-'.$page->ID;
+		$css_class = array('page_item', 'page-item-'.$page->ID);
 		if ( !empty($current_page) ) {
 			$_current_page = get_page( $current_page );
 			if ( isset($_current_page->ancestors) && in_array($page->ID, (array) $_current_page->ancestors) )
-				$css_class .= ' current_page_ancestor';
+				$css_class[] = 'current_page_ancestor';
 			if ( $page->ID == $current_page )
-				$css_class .= ' current_page_item';
+				$css_class[] = 'current_page_item';
 			elseif ( $_current_page && $page->ID == $_current_page->post_parent )
-				$css_class .= ' current_page_parent';
+				$css_class[] = 'current_page_parent';
 		} elseif ( $page->ID == get_option('page_for_posts') ) {
-			$css_class .= ' current_page_parent';
+			$css_class[] = 'current_page_parent';
 		}
 
-		$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . attribute_escape(apply_filters('the_title', $page->post_title)) . '">' . $link_before . apply_filters('the_title', $page->post_title) . $link_after . '</a>';
+		$css_class = implode(' ', apply_filters('page_css_class', $css_class, $page));
+
+		$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . esc_attr( wp_strip_all_tags( apply_filters( 'the_title', $page->post_title, $page->ID ) ) ) . '">' . $link_before . apply_filters( 'the_title', $page->post_title, $page->ID ) . $link_after . '</a>';
 
 		if ( !empty($show_date) ) {
 			if ( 'modified' == $show_date )
@@ -1237,7 +1267,7 @@ class Walker_PageDropdown extends Walker {
 		if ( $page->ID == $args['selected'] )
 			$output .= ' selected="selected"';
 		$output .= '>';
-		$title = wp_specialchars($page->post_title);
+		$title = esc_html($page->post_title);
 		$output .= "$pad$title";
 		$output .= "</option>\n";
 	}
@@ -1310,13 +1340,13 @@ class Walker_Category extends Walker {
 	function start_el(&$output, $category, $depth, $args) {
 		extract($args);
 
-		$cat_name = attribute_escape( $category->name);
+		$cat_name = esc_attr( $category->name);
 		$cat_name = apply_filters( 'list_cats', $cat_name, $category );
-		$link = '<a href="' . get_category_link( $category->term_id ) . '" ';
+		$link = '<a href="' . get_term_link( $category, $category->taxonomy ) . '" ';
 		if ( $use_desc_for_title == 0 || empty($category->description) )
 			$link .= 'title="' . sprintf(__( 'View all posts filed under %s' ), $cat_name) . '"';
 		else
-			$link .= 'title="' . attribute_escape( apply_filters( 'category_description', $category->description, $category )) . '"';
+			$link .= 'title="' . esc_attr( strip_tags( apply_filters( 'category_description', $category->description, $category ) ) ) . '"';
 		$link .= '>';
 		$link .= $cat_name . '</a>';
 
@@ -1326,7 +1356,7 @@ class Walker_Category extends Walker {
 			if ( empty($feed_image) )
 				$link .= '(';
 
-			$link .= '<a href="' . get_category_feed_link($category->term_id, $feed_type) . '"';
+			$link .= '<a href="' . get_term_feed_link( $category->term_id, $category->taxonomy, $feed_type ) . '"';
 
 			if ( empty($feed) )
 				$alt = ' alt="' . sprintf(__( 'Feed for all posts filed under %s' ), $cat_name ) . '"';
@@ -1577,4 +1607,94 @@ class WP_Ajax_Response {
 	}
 }
 
+/**
+ * Helper class to remove the need to use eval to replace $matches[] in query strings.
+ *
+ * @since 2.9.0
+ */
+class WP_MatchesMapRegex {
+	/**
+	 * store for matches
+	 *
+	 * @access private
+	 * @var array
+	 */
+	var $_matches;
+
+	/**
+	 * store for mapping result
+	 *
+	 * @access public
+	 * @var string
+	 */
+	var $output;
+
+	/**
+	 * subject to perform mapping on (query string containing $matches[] references
+	 *
+	 * @access private
+	 * @var string
+	 */
+	var $_subject;
+
+	/**
+	 * regexp pattern to match $matches[] references
+	 *
+	 * @var string
+	 */
+	var $_pattern = '(\$matches\[[1-9]+[0-9]*\])'; // magic number
+
+	/**
+	 * constructor
+	 *
+	 * @param string $subject subject if regex
+	 * @param array  $matches data to use in map
+	 * @return self
+	 */
+	function WP_MatchesMapRegex($subject, $matches) {
+		$this->_subject = $subject;
+		$this->_matches = $matches;
+		$this->output = $this->_map();
+	}
+
+	/**
+	 * Substitute substring matches in subject.
+	 *
+	 * static helper function to ease use
+	 *
+	 * @access public
+	 * @param string $subject subject
+	 * @param array  $matches data used for subsitution
+	 * @return string
+	 */
+	function apply($subject, $matches) {
+		$oSelf =& new WP_MatchesMapRegex($subject, $matches);
+		return $oSelf->output;
+	}
+
+	/**
+	 * do the actual mapping
+	 *
+	 * @access private
+	 * @return string
+	 */
+	function _map() {
+		$callback = array(&$this, 'callback');
+		return preg_replace_callback($this->_pattern, $callback, $this->_subject);
+	}
+
+	/**
+	 * preg_replace_callback hook
+	 *
+	 * @access public
+	 * @param  array $matches preg_replace regexp matches
+	 * @return string
+	 */
+	function callback($matches) {
+		$index = intval(substr($matches[0], 9, -1));
+		return ( isset( $this->_matches[$index] ) ? urlencode($this->_matches[$index]) : '' );
+	}
+
+}
+
 ?>