X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/8a4706fdeb1ae30268e510df6ccf3c39b3028059..refs/tags/wordpress-4.4.2-scripts:/wp-includes/functions.php?ds=sidebyside
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index f4b4634b..b3781639 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -8,7 +8,7 @@
require( ABSPATH . WPINC . '/option.php' );
/**
- * Converts given date string into a different format.
+ * Convert given date string into a different format.
*
* $format should be either a PHP date format string, e.g. 'U' for a Unix
* timestamp, or 'G' for a Unix timestamp assuming that $date is GMT.
@@ -18,10 +18,10 @@ require( ABSPATH . WPINC . '/option.php' );
*
* @since 0.71
*
- * @param string $format Format of the date to return.
- * @param string $date Date string to convert.
- * @param bool $translate Whether the return date should be translated. Default is true.
- * @return string|int Formatted date string, or Unix timestamp.
+ * @param string $format Format of the date to return.
+ * @param string $date Date string to convert.
+ * @param bool $translate Whether the return date should be translated. Default true.
+ * @return string|int|bool Formatted date string or Unix timestamp. False if $date is empty.
*/
function mysql2date( $format, $date, $translate = true ) {
if ( empty( $date ) )
@@ -46,24 +46,26 @@ function mysql2date( $format, $date, $translate = true ) {
*
* The 'mysql' type will return the time in the format for MySQL DATETIME field.
* The 'timestamp' type will return the current timestamp.
+ * Other strings will be interpreted as PHP date formats (e.g. 'Y-m-d').
*
* If $gmt is set to either '1' or 'true', then both types will use GMT time.
* if $gmt is false, the output is adjusted with the GMT offset in the WordPress option.
*
* @since 1.0.0
*
- * @param string $type Either 'mysql' or 'timestamp'.
- * @param int|bool $gmt Optional. Whether to use GMT timezone. Default is false.
- * @return int|string String if $type is 'gmt', int if $type is 'timestamp'.
+ * @param string $type Type of time to retrieve. Accepts 'mysql', 'timestamp', or PHP date
+ * format string (e.g. 'Y-m-d').
+ * @param int|bool $gmt Optional. Whether to use GMT timezone. Default false.
+ * @return int|string Integer if $type is 'timestamp', string otherwise.
*/
function current_time( $type, $gmt = 0 ) {
switch ( $type ) {
case 'mysql':
return ( $gmt ) ? gmdate( 'Y-m-d H:i:s' ) : gmdate( 'Y-m-d H:i:s', ( time() + ( get_option( 'gmt_offset' ) * HOUR_IN_SECONDS ) ) );
- break;
case 'timestamp':
return ( $gmt ) ? time() : time() + ( get_option( 'gmt_offset' ) * HOUR_IN_SECONDS );
- break;
+ default:
+ return ( $gmt ) ? date( $type ) : date( $type, time() + ( get_option( 'gmt_offset' ) * HOUR_IN_SECONDS ) );
}
}
@@ -76,9 +78,12 @@ function current_time( $type, $gmt = 0 ) {
*
* @since 0.71
*
- * @param string $dateformatstring Format to display the date.
- * @param int $unixtimestamp Optional. Unix timestamp.
- * @param bool $gmt Optional, default is false. Whether to convert to GMT for time.
+ * @global WP_Locale $wp_locale
+ *
+ * @param string $dateformatstring Format to display the date.
+ * @param bool|int $unixtimestamp Optional. Unix timestamp. Default false.
+ * @param bool $gmt Optional. Whether to use GMT timezone. Default false.
+ *
* @return string The date, translated if locale specifies it.
*/
function date_i18n( $dateformatstring, $unixtimestamp = false, $gmt = false ) {
@@ -95,8 +100,10 @@ function date_i18n( $dateformatstring, $unixtimestamp = false, $gmt = false ) {
$gmt = true;
}
- // store original value for language with untypical grammars
- // see http://core.trac.wordpress.org/ticket/9396
+ /*
+ * Store original value for language with untypical grammars.
+ * See https://core.trac.wordpress.org/ticket/9396
+ */
$req_format = $dateformatstring;
$datefunc = $gmt? 'gmdate' : 'date';
@@ -125,7 +132,7 @@ function date_i18n( $dateformatstring, $unixtimestamp = false, $gmt = false ) {
if ( $timezone_string ) {
$timezone_object = timezone_open( $timezone_string );
$date_object = date_create( null, $timezone_object );
- foreach( $timezone_formats as $timezone_format ) {
+ foreach ( $timezone_formats as $timezone_format ) {
if ( false !== strpos( $dateformatstring, $timezone_format ) ) {
$formatted = date_format( $date_object, $timezone_format );
$dateformatstring = ' '.$dateformatstring;
@@ -136,30 +143,101 @@ function date_i18n( $dateformatstring, $unixtimestamp = false, $gmt = false ) {
}
}
$j = @$datefunc( $dateformatstring, $i );
- // allow plugins to redo this entirely for languages with untypical grammars
- $j = apply_filters('date_i18n', $j, $req_format, $i, $gmt);
+
+ /**
+ * Filter the date formatted based on the locale.
+ *
+ * @since 2.8.0
+ *
+ * @param string $j Formatted date string.
+ * @param string $req_format Format to display the date.
+ * @param int $i Unix timestamp.
+ * @param bool $gmt Whether to convert to GMT for time. Default false.
+ */
+ $j = apply_filters( 'date_i18n', $j, $req_format, $i, $gmt );
return $j;
}
+/**
+ * Determines if the date should be declined.
+ *
+ * If the locale specifies that month names require a genitive case in certain
+ * formats (like 'j F Y'), the month name will be replaced with a correct form.
+ *
+ * @since 4.4.0
+ *
+ * @param string $date Formatted date string.
+ * @return string The date, declined if locale specifies it.
+ */
+function wp_maybe_decline_date( $date ) {
+ global $wp_locale;
+
+ // i18n functions are not available in SHORTINIT mode
+ if ( ! function_exists( '_x' ) ) {
+ return $date;
+ }
+
+ /* translators: If months in your language require a genitive case,
+ * translate this to 'on'. Do not translate into your own language.
+ */
+ if ( 'on' === _x( 'off', 'decline months names: on or off' ) ) {
+ // Match a format like 'j F Y' or 'j. F'
+ if ( @preg_match( '#^\d{1,2}\.? \w+#u', $date ) ) {
+ $months = $wp_locale->month;
+
+ foreach ( $months as $key => $month ) {
+ $months[ $key ] = '#' . $month . '#';
+ }
+
+ $date = preg_replace( $months, $wp_locale->month_genitive, $date );
+ }
+ }
+
+ // Used for locale-specific rules
+ $locale = get_locale();
+
+ if ( 'ca' === $locale ) {
+ // " de abril| de agost| de octubre..." -> " d'abril| d'agost| d'octubre..."
+ $date = preg_replace( '# de ([ao])#i', " d'\\1", $date );
+ }
+
+ return $date;
+}
+
/**
* Convert integer number to format based on the locale.
*
* @since 2.3.0
*
- * @param int $number The number to convert based on locale.
- * @param int $decimals Precision of the number of decimal places.
+ * @global WP_Locale $wp_locale
+ *
+ * @param int $number The number to convert based on locale.
+ * @param int $decimals Optional. Precision of the number of decimal places. Default 0.
* @return string Converted number in string format.
*/
function number_format_i18n( $number, $decimals = 0 ) {
global $wp_locale;
- $formatted = number_format( $number, absint( $decimals ), $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] );
+
+ if ( isset( $wp_locale ) ) {
+ $formatted = number_format( $number, absint( $decimals ), $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] );
+ } else {
+ $formatted = number_format( $number, absint( $decimals ) );
+ }
+
+ /**
+ * Filter the number formatted based on the locale.
+ *
+ * @since 2.8.0
+ *
+ * @param string $formatted Converted number in string format.
+ */
return apply_filters( 'number_format_i18n', $formatted );
}
/**
* Convert number of bytes largest unit bytes will fit into.
*
- * It is easier to read 1kB than 1024 bytes and 1MB than 1048576 bytes. Converts
+ * It is easier to read 1 kB than 1024 bytes and 1 MB than 1048576 bytes. Converts
* number of bytes to human readable number by taking the number of that unit
* that the bytes will go into it. Supports TB value.
*
@@ -169,53 +247,67 @@ function number_format_i18n( $number, $decimals = 0 ) {
* be converted to a double, which should always have 64 bit length.
*
* Technically the correct unit names for powers of 1024 are KiB, MiB etc.
- * @link http://en.wikipedia.org/wiki/Byte
*
* @since 2.3.0
*
- * @param int|string $bytes Number of bytes. Note max integer size for integers.
- * @param int $decimals Precision of number of decimal places. Deprecated.
- * @return bool|string False on failure. Number string on success.
+ * @param int|string $bytes Number of bytes. Note max integer size for integers.
+ * @param int $decimals Optional. Precision of number of decimal places. Default 0.
+ * @return string|false False on failure. Number string on success.
*/
function size_format( $bytes, $decimals = 0 ) {
$quant = array(
- // ========================= Origin ====
- 'TB' => 1099511627776, // pow( 1024, 4)
- 'GB' => 1073741824, // pow( 1024, 3)
- 'MB' => 1048576, // pow( 1024, 2)
- 'kB' => 1024, // pow( 1024, 1)
- 'B ' => 1, // pow( 1024, 0)
+ 'TB' => TB_IN_BYTES,
+ 'GB' => GB_IN_BYTES,
+ 'MB' => MB_IN_BYTES,
+ 'kB' => KB_IN_BYTES,
+ 'B' => 1,
);
- foreach ( $quant as $unit => $mag )
- if ( doubleval($bytes) >= $mag )
+
+ foreach ( $quant as $unit => $mag ) {
+ if ( doubleval( $bytes ) >= $mag ) {
return number_format_i18n( $bytes / $mag, $decimals ) . ' ' . $unit;
+ }
+ }
return false;
}
/**
- * Get the week start and end from the datetime or date string from mysql.
+ * Get the week start and end from the datetime or date string from MySQL.
*
* @since 0.71
*
- * @param string $mysqlstring Date or datetime field type from mysql.
- * @param int $start_of_week Optional. Start of the week as an integer.
+ * @param string $mysqlstring Date or datetime field type from MySQL.
+ * @param int|string $start_of_week Optional. Start of the week as an integer. Default empty string.
* @return array Keys are 'start' and 'end'.
*/
function get_weekstartend( $mysqlstring, $start_of_week = '' ) {
- $my = substr( $mysqlstring, 0, 4 ); // Mysql string Year
- $mm = substr( $mysqlstring, 8, 2 ); // Mysql string Month
- $md = substr( $mysqlstring, 5, 2 ); // Mysql string day
- $day = mktime( 0, 0, 0, $md, $mm, $my ); // The timestamp for mysqlstring day.
- $weekday = date( 'w', $day ); // The day of the week from the timestamp
+ // MySQL string year.
+ $my = substr( $mysqlstring, 0, 4 );
+
+ // MySQL string month.
+ $mm = substr( $mysqlstring, 8, 2 );
+
+ // MySQL string day.
+ $md = substr( $mysqlstring, 5, 2 );
+
+ // The timestamp for MySQL string day.
+ $day = mktime( 0, 0, 0, $md, $mm, $my );
+
+ // The day of the week from the timestamp.
+ $weekday = date( 'w', $day );
+
if ( !is_numeric($start_of_week) )
$start_of_week = get_option( 'start_of_week' );
if ( $weekday < $start_of_week )
$weekday += 7;
- $start = $day - DAY_IN_SECONDS * ( $weekday - $start_of_week ); // The most recent week start day on or before $day
- $end = $start + 7 * DAY_IN_SECONDS - 1; // $start + 7 days - 1 second
+ // The most recent week start day on or before $day.
+ $start = $day - DAY_IN_SECONDS * ( $weekday - $start_of_week );
+
+ // $start + 1 week - 1 second.
+ $end = $start + WEEK_IN_SECONDS - 1;
return compact( 'start', 'end' );
}
@@ -241,36 +333,61 @@ function maybe_unserialize( $original ) {
*
* @since 2.0.5
*
- * @param mixed $data Value to check to see if was serialized.
+ * @param string $data Value to check to see if was serialized.
+ * @param bool $strict Optional. Whether to be strict about the end of the string. Default true.
* @return bool False if not serialized and true if it was.
*/
-function is_serialized( $data ) {
- // if it isn't a string, it isn't serialized
- if ( ! is_string( $data ) )
+function is_serialized( $data, $strict = true ) {
+ // if it isn't a string, it isn't serialized.
+ if ( ! is_string( $data ) ) {
return false;
+ }
$data = trim( $data );
- if ( 'N;' == $data )
+ if ( 'N;' == $data ) {
return true;
- $length = strlen( $data );
- if ( $length < 4 )
- return false;
- if ( ':' !== $data[1] )
+ }
+ if ( strlen( $data ) < 4 ) {
return false;
- $lastc = $data[$length-1];
- if ( ';' !== $lastc && '}' !== $lastc )
+ }
+ if ( ':' !== $data[1] ) {
return false;
+ }
+ if ( $strict ) {
+ $lastc = substr( $data, -1 );
+ if ( ';' !== $lastc && '}' !== $lastc ) {
+ return false;
+ }
+ } else {
+ $semicolon = strpos( $data, ';' );
+ $brace = strpos( $data, '}' );
+ // Either ; or } must exist.
+ if ( false === $semicolon && false === $brace )
+ return false;
+ // But neither must be in the first X characters.
+ if ( false !== $semicolon && $semicolon < 3 )
+ return false;
+ if ( false !== $brace && $brace < 4 )
+ return false;
+ }
$token = $data[0];
switch ( $token ) {
case 's' :
- if ( '"' !== $data[$length-2] )
+ if ( $strict ) {
+ if ( '"' !== substr( $data, -2, 1 ) ) {
+ return false;
+ }
+ } elseif ( false === strpos( $data, '"' ) ) {
return false;
+ }
+ // or else fall through
case 'a' :
case 'O' :
return (bool) preg_match( "/^{$token}:[0-9]+:/s", $data );
case 'b' :
case 'i' :
case 'd' :
- return (bool) preg_match( "/^{$token}:[0-9.E-]+;\$/", $data );
+ $end = $strict ? '$' : '';
+ return (bool) preg_match( "/^{$token}:[0-9.E-]+;$end/", $data );
}
return false;
}
@@ -280,27 +397,28 @@ function is_serialized( $data ) {
*
* @since 2.0.5
*
- * @param mixed $data Serialized data
+ * @param string $data Serialized data.
* @return bool False if not a serialized string, true if it is.
*/
function is_serialized_string( $data ) {
- // if it isn't a string, it isn't a serialized string
- if ( !is_string( $data ) )
+ // if it isn't a string, it isn't a serialized string.
+ if ( ! is_string( $data ) ) {
return false;
+ }
$data = trim( $data );
- $length = strlen( $data );
- if ( $length < 4 )
+ if ( strlen( $data ) < 4 ) {
return false;
- elseif ( ':' !== $data[1] )
+ } elseif ( ':' !== $data[1] ) {
return false;
- elseif ( ';' !== $data[$length-1] )
+ } elseif ( ';' !== substr( $data, -1 ) ) {
return false;
- elseif ( $data[0] !== 's' )
+ } elseif ( $data[0] !== 's' ) {
return false;
- elseif ( '"' !== $data[$length-2] )
+ } elseif ( '"' !== substr( $data, -2, 1 ) ) {
return false;
- else
+ } else {
return true;
+ }
}
/**
@@ -308,7 +426,7 @@ function is_serialized_string( $data ) {
*
* @since 2.0.5
*
- * @param mixed $data Data that might be serialized.
+ * @param string|array|object $data Data that might be serialized.
* @return mixed A scalar data
*/
function maybe_serialize( $data ) {
@@ -316,8 +434,9 @@ function maybe_serialize( $data ) {
return serialize( $data );
// Double serialization is required for backward compatibility.
- // See http://core.trac.wordpress.org/ticket/12930
- if ( is_serialized( $data ) )
+ // See https://core.trac.wordpress.org/ticket/12930
+ // Also the world will end. See WP 3.6.1.
+ if ( is_serialized( $data, false ) )
return serialize( $data );
return $data;
@@ -329,11 +448,9 @@ function maybe_serialize( $data ) {
* If the title element is not part of the XML, then the default post title from
* the $post_default_title will be used instead.
*
- * @package WordPress
- * @subpackage XMLRPC
* @since 0.71
*
- * @global string $post_default_title Default XMLRPC post title.
+ * @global string $post_default_title Default XML-RPC post title.
*
* @param string $content XMLRPC XML Request content
* @return string Post title
@@ -355,11 +472,9 @@ function xmlrpc_getposttitle( $content ) {
* used. The return type then would be what $post_default_category. If the
* category is found, then it will always be an array.
*
- * @package WordPress
- * @subpackage XMLRPC
* @since 0.71
*
- * @global string $post_default_category Default XMLRPC post category.
+ * @global string $post_default_category Default XML-RPC post category.
*
* @param string $content XMLRPC XML Request content
* @return string|array List of categories or category name.
@@ -378,11 +493,9 @@ function xmlrpc_getpostcategory( $content ) {
/**
* XMLRPC XML content without title and category elements.
*
- * @package WordPress
- * @subpackage XMLRPC
* @since 0.71
*
- * @param string $content XMLRPC XML Request content
+ * @param string $content XML-RPC XML Request content.
* @return string XMLRPC XML Request content without title and category elements.
*/
function xmlrpc_removepostdata( $content ) {
@@ -392,6 +505,37 @@ function xmlrpc_removepostdata( $content ) {
return $content;
}
+/**
+ * Use RegEx to extract URLs from arbitrary content.
+ *
+ * @since 3.7.0
+ *
+ * @param string $content Content to extract URLs from.
+ * @return array URLs found in passed string.
+ */
+function wp_extract_urls( $content ) {
+ preg_match_all(
+ "#([\"']?)("
+ . "(?:([\w-]+:)?//?)"
+ . "[^\s()<>]+"
+ . "[.]"
+ . "(?:"
+ . "\([\w\d]+\)|"
+ . "(?:"
+ . "[^`!()\[\]{};:'\".,<>«»ââââ\s]|"
+ . "(?:[:]\d+)?/?"
+ . ")+"
+ . ")"
+ . ")\\1#",
+ $content,
+ $post_links
+ );
+
+ $post_links = array_unique( array_map( 'html_entity_decode', $post_links[2] ) );
+
+ return array_values( $post_links );
+}
+
/**
* Check content for video and audio links to add as enclosures.
*
@@ -399,13 +543,12 @@ function xmlrpc_removepostdata( $content ) {
* remove enclosures that are no longer in the post. This is called as
* pingbacks and trackbacks.
*
- * @package WordPress
* @since 1.5.0
*
- * @uses $wpdb
+ * @global wpdb $wpdb WordPress database abstraction object.
*
- * @param string $content Post Content
- * @param int $post_ID Post ID
+ * @param string $content Post Content.
+ * @param int $post_ID Post ID.
*/
function do_enclose( $content, $post_ID ) {
global $wpdb;
@@ -417,22 +560,17 @@ function do_enclose( $content, $post_ID ) {
$pung = get_enclosed( $post_ID );
- $ltrs = '\w';
- $gunk = '/#~:.?+=&%@!\-';
- $punc = '.:?\-';
- $any = $ltrs . $gunk . $punc;
-
- preg_match_all( "{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp );
+ $post_links_temp = wp_extract_urls( $content );
foreach ( $pung as $link_test ) {
- if ( !in_array( $link_test, $post_links_temp[0] ) ) { // link no longer in post
- $mids = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $link_test ) . '%') );
+ if ( ! in_array( $link_test, $post_links_temp ) ) { // link no longer in post
+ $mids = $wpdb->get_col( $wpdb->prepare("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE %s", $post_ID, $wpdb->esc_like( $link_test ) . '%') );
foreach ( $mids as $mid )
delete_metadata_by_mid( 'post', $mid );
}
}
- foreach ( (array) $post_links_temp[0] as $link_test ) {
+ foreach ( (array) $post_links_temp as $link_test ) {
if ( !in_array( $link_test, $pung ) ) { // If we haven't pung it already
$test = @parse_url( $link_test );
if ( false === $test )
@@ -444,8 +582,21 @@ function do_enclose( $content, $post_ID ) {
}
}
+ /**
+ * Filter the list of enclosure links before querying the database.
+ *
+ * Allows for the addition and/or removal of potential enclosures to save
+ * to postmeta before checking the database for existing enclosures.
+ *
+ * @since 4.4.0
+ *
+ * @param array $post_links An array of enclosure links.
+ * @param int $post_ID Post ID.
+ */
+ $post_links = apply_filters( 'enclosure_links', $post_links, $post_ID );
+
foreach ( (array) $post_links as $url ) {
- if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, like_escape( $url ) . '%' ) ) ) {
+ if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE %s", $post_ID, $wpdb->esc_like( $url ) . '%' ) ) ) {
if ( $headers = wp_get_http_headers( $url) ) {
$len = isset( $headers['content-length'] ) ? (int) $headers['content-length'] : 0;
@@ -475,75 +626,20 @@ function do_enclose( $content, $post_ID ) {
}
}
-/**
- * Perform a HTTP HEAD or GET request.
- *
- * If $file_path is a writable filename, this will do a GET request and write
- * the file to that path.
- *
- * @since 2.5.0
- *
- * @param string $url URL to fetch.
- * @param string|bool $file_path Optional. File path to write request to.
- * @param int $red (private) The number of Redirects followed, Upon 5 being hit, returns false.
- * @return bool|string False on failure and string of headers if HEAD request.
- */
-function wp_get_http( $url, $file_path = false, $red = 1 ) {
- @set_time_limit( 60 );
-
- if ( $red > 5 )
- return false;
-
- $options = array();
- $options['redirection'] = 5;
-
- if ( false == $file_path )
- $options['method'] = 'HEAD';
- else
- $options['method'] = 'GET';
-
- $response = wp_remote_request($url, $options);
-
- if ( is_wp_error( $response ) )
- return false;
-
- $headers = wp_remote_retrieve_headers( $response );
- $headers['response'] = wp_remote_retrieve_response_code( $response );
-
- // WP_HTTP no longer follows redirects for HEAD requests.
- if ( 'HEAD' == $options['method'] && in_array($headers['response'], array(301, 302)) && isset( $headers['location'] ) ) {
- return wp_get_http( $headers['location'], $file_path, ++$red );
- }
-
- if ( false == $file_path )
- return $headers;
-
- // GET request - write it to the supplied filename
- $out_fp = fopen($file_path, 'w');
- if ( !$out_fp )
- return $headers;
-
- fwrite( $out_fp, wp_remote_retrieve_body( $response ) );
- fclose($out_fp);
- clearstatcache();
-
- return $headers;
-}
-
/**
* Retrieve HTTP Headers from URL.
*
* @since 1.5.1
*
- * @param string $url
- * @param bool $deprecated Not Used.
+ * @param string $url URL to retrieve HTTP headers from.
+ * @param bool $deprecated Not Used.
* @return bool|string False on failure, headers on success.
*/
function wp_get_http_headers( $url, $deprecated = false ) {
if ( !empty( $deprecated ) )
_deprecated_argument( __FUNCTION__, '2.7' );
- $response = wp_remote_head( $url );
+ $response = wp_safe_remote_head( $url );
if ( is_wp_error( $response ) )
return false;
@@ -552,11 +648,13 @@ function wp_get_http_headers( $url, $deprecated = false ) {
}
/**
- * Whether today is a new day.
+ * Whether the publish date of the current post in the loop is different from the
+ * publish date of the previous post in the loop.
*
* @since 0.71
- * @uses $day Today
- * @uses $previousday Previous day
+ *
+ * @global string $currentday The day of the current post in the loop.
+ * @global string $previousday The day of the previous post in the loop.
*
* @return int 1 when new day, 0 if not a new day.
*/
@@ -574,21 +672,38 @@ function is_new_day() {
* This is a convenient function for easily building url queries. It sets the
* separator to '&' and uses _http_build_query() function.
*
+ * @since 2.3.0
+ *
* @see _http_build_query() Used to build the query
- * @link http://us2.php.net/manual/en/function.http-build-query.php more on what
+ * @see http://us2.php.net/manual/en/function.http-build-query.php for more on what
* http_build_query() does.
*
- * @since 2.3.0
- *
* @param array $data URL-encode key/value pairs.
- * @return string URL encoded string
+ * @return string URL-encoded string.
*/
function build_query( $data ) {
return _http_build_query( $data, null, '&', '', false );
}
-// from php.net (modified by Mark Jaquith to behave like the native PHP5 function)
-function _http_build_query($data, $prefix=null, $sep=null, $key='', $urlencode=true) {
+/**
+ * From php.net (modified by Mark Jaquith to behave like the native PHP5 function).
+ *
+ * @since 3.2.0
+ * @access private
+ *
+ * @see http://us1.php.net/manual/en/function.http-build-query.php
+ *
+ * @param array|object $data An array or object of data. Converted to array.
+ * @param string $prefix Optional. Numeric index. If set, start parameter numbering with it.
+ * Default null.
+ * @param string $sep Optional. Argument separator; defaults to 'arg_separator.output'.
+ * Default null.
+ * @param string $key Optional. Used to prefix key name. Default empty.
+ * @param bool $urlencode Optional. Whether to use urlencode() in the result. Default true.
+ *
+ * @return string The query string.
+ */
+function _http_build_query( $data, $prefix = null, $sep = null, $key = '', $urlencode = true ) {
$ret = array();
foreach ( (array) $data as $k => $v ) {
@@ -600,7 +715,7 @@ function _http_build_query($data, $prefix=null, $sep=null, $key='', $urlencode=t
$k = $key . '%5B' . $k . '%5D';
if ( $v === null )
continue;
- elseif ( $v === FALSE )
+ elseif ( $v === false )
$v = '0';
if ( is_array($v) || is_object($v) )
@@ -618,25 +733,41 @@ function _http_build_query($data, $prefix=null, $sep=null, $key='', $urlencode=t
}
/**
- * Retrieve a modified URL query string.
+ * Retrieves a modified URL query string.
+ *
+ * You can rebuild the URL and append query variables to the URL query by using this function.
+ * There are two ways to use this function; either a single key and value, or an associative array.
*
- * You can rebuild the URL and append a new query variable to the URL query by
- * using this function. You can also retrieve the full URL with query data.
+ * Using a single key and value:
*
- * Adding a single key & value or an associative array. Setting a key value to
- * an empty string removes the key. Omitting oldquery_or_uri uses the $_SERVER
- * value. Additional values provided are expected to be encoded appropriately
- * with urlencode() or rawurlencode().
+ * add_query_arg( 'key', 'value', 'http://example.com' );
+ *
+ * Using an associative array:
+ *
+ * add_query_arg( array(
+ * 'key1' => 'value1',
+ * 'key2' => 'value2',
+ * ), 'http://example.com' );
+ *
+ * Omitting the URL from either use results in the current URL being used
+ * (the value of `$_SERVER['REQUEST_URI']`).
+ *
+ * Values are expected to be encoded appropriately with urlencode() or rawurlencode().
+ *
+ * Setting any query variable's value to boolean false removes the key (see remove_query_arg()).
+ *
+ * Important: The return value of add_query_arg() is not escaped by default. Output should be
+ * late-escaped with esc_url() or similar to help prevent vulnerability to cross-site scripting
+ * (XSS) attacks.
*
* @since 1.5.0
*
- * @param mixed $param1 Either newkey or an associative_array
- * @param mixed $param2 Either newvalue or oldquery or uri
- * @param mixed $param3 Optional. Old query or uri
- * @return string New URL query string.
+ * @param string|array $key Either a query variable key, or an associative array of query variables.
+ * @param string $value Optional. Either a query variable value, or a URL to act upon.
+ * @param string $url Optional. A URL to act upon.
+ * @return string New URL query string (unescaped).
*/
function add_query_arg() {
- $ret = '';
$args = func_get_args();
if ( is_array( $args[0] ) ) {
if ( count( $args ) < 2 || false === $args[1] )
@@ -655,10 +786,10 @@ function add_query_arg() {
else
$frag = '';
- if ( 0 === stripos( 'http://', $uri ) ) {
+ if ( 0 === stripos( $uri, 'http://' ) ) {
$protocol = 'http://';
$uri = substr( $uri, 7 );
- } elseif ( 0 === stripos( 'https://', $uri ) ) {
+ } elseif ( 0 === stripos( $uri, 'https://' ) ) {
$protocol = 'https://';
$uri = substr( $uri, 8 );
} else {
@@ -666,14 +797,8 @@ function add_query_arg() {
}
if ( strpos( $uri, '?' ) !== false ) {
- $parts = explode( '?', $uri, 2 );
- if ( 1 == count( $parts ) ) {
- $base = '?';
- $query = $parts[0];
- } else {
- $base = $parts[0] . '?';
- $query = $parts[1];
- }
+ list( $base, $query ) = explode( '?', $uri, 2 );
+ $base .= '?';
} elseif ( $protocol || strpos( $uri, '=' ) === false ) {
$base = $uri . '?';
$query = '';
@@ -685,8 +810,9 @@ function add_query_arg() {
wp_parse_str( $query, $qs );
$qs = urlencode_deep( $qs ); // this re-URL-encodes things that were already in the query string
if ( is_array( $args[0] ) ) {
- $kayvees = $args[0];
- $qs = array_merge( $qs, $kayvees );
+ foreach ( $args[0] as $k => $v ) {
+ $qs[ $k ] = $v;
+ }
} else {
$qs[ $args[0] ] = $args[1];
}
@@ -705,15 +831,15 @@ function add_query_arg() {
}
/**
- * Removes an item or list from the query string.
+ * Removes an item or items from a query string.
*
* @since 1.5.0
*
- * @param string|array $key Query key or keys to remove.
- * @param bool $query When false uses the $_SERVER value.
+ * @param string|array $key Query key or keys to remove.
+ * @param bool|string $query Optional. When false uses the current URL. Default false.
* @return string New URL query string.
*/
-function remove_query_arg( $key, $query=false ) {
+function remove_query_arg( $key, $query = false ) {
if ( is_array( $key ) ) { // removing multiple keys
foreach ( $key as $k )
$query = add_query_arg( $k, false, $query );
@@ -722,12 +848,54 @@ function remove_query_arg( $key, $query=false ) {
return add_query_arg( $key, false, $query );
}
+/**
+ * Returns an array of single-use query variable names that can be removed from a URL.
+ *
+ * @since 4.4.0
+ *
+ * @return array An array of parameters to remove from the URL.
+ */
+function wp_removable_query_args() {
+ $removable_query_args = array(
+ 'activate',
+ 'activated',
+ 'approved',
+ 'deactivate',
+ 'deleted',
+ 'disabled',
+ 'enabled',
+ 'error',
+ 'locked',
+ 'message',
+ 'same',
+ 'saved',
+ 'settings-updated',
+ 'skipped',
+ 'spammed',
+ 'trashed',
+ 'unspammed',
+ 'untrashed',
+ 'update',
+ 'updated',
+ 'wp-post-new-reload',
+ );
+
+ /**
+ * Filter the list of query variables to remove.
+ *
+ * @since 4.2.0
+ *
+ * @param array $removable_query_args An array of query variables to remove from a URL.
+ */
+ return apply_filters( 'removable_query_args', $removable_query_args );
+}
+
/**
* Walks the array while sanitizing the contents.
*
* @since 0.71
*
- * @param array $array Array to used to walk while sanitizing contents.
+ * @param array $array Array to walk while sanitizing contents.
* @return array Sanitized $array.
*/
function add_magic_quotes( $array ) {
@@ -745,10 +913,11 @@ function add_magic_quotes( $array ) {
* HTTP request for URI to retrieve content.
*
* @since 1.5.1
- * @uses wp_remote_get()
+ *
+ * @see wp_safe_remote_get()
*
* @param string $uri URI/URL of web page to retrieve.
- * @return bool|string HTTP content. False on failure.
+ * @return false|string HTTP content. False on failure.
*/
function wp_remote_fopen( $uri ) {
$parsed_url = @parse_url( $uri );
@@ -759,7 +928,7 @@ function wp_remote_fopen( $uri ) {
$options = array();
$options['timeout'] = 10;
- $response = wp_remote_get( $uri, $options );
+ $response = wp_safe_remote_get( $uri, $options );
if ( is_wp_error( $response ) )
return false;
@@ -772,7 +941,11 @@ function wp_remote_fopen( $uri ) {
*
* @since 2.0.0
*
- * @param string $query_vars Default WP_Query arguments.
+ * @global WP $wp_locale
+ * @global WP_Query $wp_query
+ * @global WP_Query $wp_the_query
+ *
+ * @param string|array $query_vars Default WP_Query arguments.
*/
function wp( $query_vars = '' ) {
global $wp, $wp_query, $wp_the_query;
@@ -787,6 +960,8 @@ function wp( $query_vars = '' ) {
*
* @since 2.3.0
*
+ * @global array $wp_header_to_desc
+ *
* @param int $code HTTP status code.
* @return string Empty string if not found, or description if found.
*/
@@ -838,10 +1013,14 @@ function get_status_header_desc( $code ) {
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
+ 418 => 'I\'m a teapot',
422 => 'Unprocessable Entity',
423 => 'Locked',
424 => 'Failed Dependency',
426 => 'Upgrade Required',
+ 428 => 'Precondition Required',
+ 429 => 'Too Many Requests',
+ 431 => 'Request Header Fields Too Large',
500 => 'Internal Server Error',
501 => 'Not Implemented',
@@ -851,7 +1030,8 @@ function get_status_header_desc( $code ) {
505 => 'HTTP Version Not Supported',
506 => 'Variant Also Negotiates',
507 => 'Insufficient Storage',
- 510 => 'Not Extended'
+ 510 => 'Not Extended',
+ 511 => 'Network Authentication Required',
);
}
@@ -865,38 +1045,49 @@ function get_status_header_desc( $code ) {
* Set HTTP status header.
*
* @since 2.0.0
- * @uses apply_filters() Calls 'status_header' on status header string, HTTP
- * HTTP code, HTTP code description, and protocol string as separate
- * parameters.
+ * @since 4.4.0 Added the `$description` parameter.
*
- * @param int $header HTTP status code
- * @return unknown
+ * @see get_status_header_desc()
+ *
+ * @param int $code HTTP status code.
+ * @param string $description Optional. A custom description for the HTTP status.
*/
-function status_header( $header ) {
- $text = get_status_header_desc( $header );
+function status_header( $code, $description = '' ) {
+ if ( ! $description ) {
+ $description = get_status_header_desc( $code );
+ }
- if ( empty( $text ) )
- return false;
+ if ( empty( $description ) ) {
+ return;
+ }
- $protocol = $_SERVER["SERVER_PROTOCOL"];
- if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol )
- $protocol = 'HTTP/1.0';
- $status_header = "$protocol $header $text";
+ $protocol = wp_get_server_protocol();
+ $status_header = "$protocol $code $description";
if ( function_exists( 'apply_filters' ) )
- $status_header = apply_filters( 'status_header', $status_header, $header, $text, $protocol );
- return @header( $status_header, true, $header );
+ /**
+ * Filter an HTTP status header.
+ *
+ * @since 2.2.0
+ *
+ * @param string $status_header HTTP status header.
+ * @param int $code HTTP status code.
+ * @param string $description Description for the status code.
+ * @param string $protocol Server protocol.
+ */
+ $status_header = apply_filters( 'status_header', $status_header, $code, $description, $protocol );
+
+ @header( $status_header, true, $code );
}
/**
- * Gets the header information to prevent caching.
+ * Get the header information to prevent caching.
*
- * The several different headers cover the different ways cache prevention is handled
- * by different browsers
+ * The several different headers cover the different ways cache prevention
+ * is handled by different browsers
*
* @since 2.8.0
*
- * @uses apply_filters()
* @return array The associative array of header names and field values.
*/
function wp_get_nocache_headers() {
@@ -907,20 +1098,37 @@ function wp_get_nocache_headers() {
);
if ( function_exists('apply_filters') ) {
- $headers = (array) apply_filters('nocache_headers', $headers);
+ /**
+ * Filter the cache-controlling headers.
+ *
+ * @since 2.8.0
+ *
+ * @see wp_get_nocache_headers()
+ *
+ * @param array $headers {
+ * Header names and field values.
+ *
+ * @type string $Expires Expires header.
+ * @type string $Cache-Control Cache-Control header.
+ * @type string $Pragma Pragma header.
+ * }
+ */
+ $headers = (array) apply_filters( 'nocache_headers', $headers );
}
$headers['Last-Modified'] = false;
return $headers;
}
/**
- * Sets the headers to prevent caching for the different browsers.
+ * Set the headers to prevent caching for the different browsers.
*
- * Different browsers support different nocache headers, so several headers must
- * be sent so that all of them get the point that no caching should occur.
+ * Different browsers support different nocache headers, so several
+ * headers must be sent so that all of them get the point that no
+ * caching should occur.
*
* @since 2.0.0
- * @uses wp_get_nocache_headers()
+ *
+ * @see wp_get_nocache_headers()
*/
function nocache_headers() {
$headers = wp_get_nocache_headers();
@@ -941,7 +1149,7 @@ function nocache_headers() {
}
}
- foreach( $headers as $name => $field_value )
+ foreach ( $headers as $name => $field_value )
@header("{$name}: {$field_value}");
}
@@ -952,6 +1160,7 @@ function nocache_headers() {
*/
function cache_javascript_headers() {
$expiresOffset = 10 * DAY_IN_SECONDS;
+
header( "Content-Type: text/javascript; charset=" . get_bloginfo( 'charset' ) );
header( "Vary: Accept-Encoding" ); // Handle proxies
header( "Expires: " . gmdate( "D, d M Y H:i:s", time() + $expiresOffset ) . " GMT" );
@@ -962,7 +1171,9 @@ function cache_javascript_headers() {
*
* @since 2.0.0
*
- * @return int Number of database queries
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @return int Number of database queries.
*/
function get_num_queries() {
global $wpdb;
@@ -970,19 +1181,21 @@ function get_num_queries() {
}
/**
- * Whether input is yes or no. Must be 'y' to be true.
+ * Whether input is yes or no.
+ *
+ * Must be 'y' to be true.
*
* @since 1.0.0
*
- * @param string $yn Character string containing either 'y' or 'n'
- * @return bool True if yes, false on anything else
+ * @param string $yn Character string containing either 'y' (yes) or 'n' (no).
+ * @return bool True if yes, false on anything else.
*/
function bool_from_yn( $yn ) {
return ( strtolower( $yn ) == 'y' );
}
/**
- * Loads the feed template from the use of an action hook.
+ * Load the feed template from the use of an action hook.
*
* If the feed action does not have a hook, then the function will die with a
* message telling the visitor that the feed is not valid.
@@ -990,8 +1203,8 @@ function bool_from_yn( $yn ) {
* It is better to only have one hook for each feed.
*
* @since 2.1.0
- * @uses $wp_query Used to tell if the use a comment feed.
- * @uses do_action() Calls 'do_feed_$feed' hook, if a hook exists for the feed.
+ *
+ * @global WP_Query $wp_query Used to tell if the use a comment feed.
*/
function do_feed() {
global $wp_query;
@@ -1004,19 +1217,31 @@ function do_feed() {
if ( $feed == '' || $feed == 'feed' )
$feed = get_default_feed();
- $hook = 'do_feed_' . $feed;
- if ( !has_action($hook) ) {
- $message = sprintf( __( 'ERROR: %s is not a valid feed template.' ), esc_html($feed));
- wp_die( $message, '', array( 'response' => 404 ) );
+ if ( ! has_action( "do_feed_{$feed}" ) ) {
+ wp_die( __( 'ERROR: This is not a valid feed template.' ), '', array( 'response' => 404 ) );
}
- do_action( $hook, $wp_query->is_comment_feed );
+ /**
+ * Fires once the given feed is loaded.
+ *
+ * The dynamic portion of the hook name, `$feed`, refers to the feed template name.
+ * Possible values include: 'rdf', 'rss', 'rss2', and 'atom'.
+ *
+ * @since 2.1.0
+ * @since 4.4.0 The `$feed` parameter was added.
+ *
+ * @param bool $is_comment_feed Whether the feed is a comment feed.
+ * @param string $feed The feed name.
+ */
+ do_action( "do_feed_{$feed}", $wp_query->is_comment_feed, $feed );
}
/**
* Load the RDF RSS 0.91 Feed template.
*
* @since 2.1.0
+ *
+ * @see load_template()
*/
function do_feed_rdf() {
load_template( ABSPATH . WPINC . '/feed-rdf.php' );
@@ -1026,6 +1251,8 @@ function do_feed_rdf() {
* Load the RSS 1.0 Feed Template.
*
* @since 2.1.0
+ *
+ * @see load_template()
*/
function do_feed_rss() {
load_template( ABSPATH . WPINC . '/feed-rss.php' );
@@ -1036,6 +1263,8 @@ function do_feed_rss() {
*
* @since 2.1.0
*
+ * @see load_template()
+ *
* @param bool $for_comments True for the comment feed, false for normal feed.
*/
function do_feed_rss2( $for_comments ) {
@@ -1050,6 +1279,8 @@ function do_feed_rss2( $for_comments ) {
*
* @since 2.1.0
*
+ * @see load_template()
+ *
* @param bool $for_comments True for the comment feed, false for normal feed.
*/
function do_feed_atom( $for_comments ) {
@@ -1066,11 +1297,15 @@ function do_feed_atom( $for_comments ) {
* robots.txt file.
*
* @since 2.1.0
- * @uses do_action() Calls 'do_robotstxt' hook for displaying robots.txt rules.
*/
function do_robots() {
header( 'Content-Type: text/plain; charset=utf-8' );
+ /**
+ * Fires when displaying the robots.txt file.
+ *
+ * @since 2.1.0
+ */
do_action( 'do_robotstxt' );
$output = "User-agent: *\n";
@@ -1081,35 +1316,47 @@ function do_robots() {
$site_url = parse_url( site_url() );
$path = ( !empty( $site_url['path'] ) ) ? $site_url['path'] : '';
$output .= "Disallow: $path/wp-admin/\n";
- $output .= "Disallow: $path/wp-includes/\n";
+ $output .= "Allow: $path/wp-admin/admin-ajax.php\n";
}
- echo apply_filters('robots_txt', $output, $public);
+ /**
+ * Filter the robots.txt output.
+ *
+ * @since 3.0.0
+ *
+ * @param string $output Robots.txt output.
+ * @param bool $public Whether the site is considered "public".
+ */
+ echo apply_filters( 'robots_txt', $output, $public );
}
/**
* Test whether blog is already installed.
*
- * The cache will be checked first. If you have a cache plugin, which saves the
- * cache values, then this will work. If you use the default WordPress cache,
- * and the database goes away, then you might have problems.
+ * The cache will be checked first. If you have a cache plugin, which saves
+ * the cache values, then this will work. If you use the default WordPress
+ * cache, and the database goes away, then you might have problems.
*
- * Checks for the option siteurl for whether WordPress is installed.
+ * Checks for the 'siteurl' option for whether WordPress is installed.
*
* @since 2.1.0
- * @uses $wpdb
*
- * @return bool Whether blog is already installed.
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @return bool Whether the blog is already installed.
*/
function is_blog_installed() {
global $wpdb;
- // Check cache first. If options table goes away and we have true cached, oh well.
+ /*
+ * Check cache first. If options table goes away and we have true
+ * cached, oh well.
+ */
if ( wp_cache_get( 'is_blog_installed' ) )
return true;
$suppress = $wpdb->suppress_errors();
- if ( ! defined( 'WP_INSTALLING' ) ) {
+ if ( ! wp_installing() ) {
$alloptions = wp_load_alloptions();
}
// If siteurl is not set to autoload, check it specifically
@@ -1131,9 +1378,11 @@ function is_blog_installed() {
$suppress = $wpdb->suppress_errors();
- // Loop over the WP tables. If none exist, then scratch install is allowed.
- // If one or more exist, suggest table repair since we got here because the options
- // table could not be accessed.
+ /*
+ * Loop over the WP tables. If none exist, then scratch install is allowed.
+ * If one or more exist, suggest table repair since we got here because the
+ * options table could not be accessed.
+ */
$wp_tables = $wpdb->tables();
foreach ( $wp_tables as $table ) {
// The existence of custom user tables shouldn't suggest an insane state or prevent a clean install.
@@ -1164,17 +1413,16 @@ function is_blog_installed() {
/**
* Retrieve URL with nonce added to URL query.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @param string $actionurl URL to add nonce action
- * @param string $action Optional. Nonce action name
- * @return string URL with nonce action added.
+ * @param string $actionurl URL to add nonce action.
+ * @param int|string $action Optional. Nonce action name. Default -1.
+ * @param string $name Optional. Nonce name. Default '_wpnonce'.
+ * @return string Escaped URL with nonce action added.
*/
-function wp_nonce_url( $actionurl, $action = -1 ) {
+function wp_nonce_url( $actionurl, $action = -1, $name = '_wpnonce' ) {
$actionurl = str_replace( '&', '&', $actionurl );
- return esc_html( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $actionurl ) );
+ return esc_html( add_query_arg( $name, wp_create_nonce( $action ), $actionurl ) );
}
/**
@@ -1195,15 +1443,13 @@ function wp_nonce_url( $actionurl, $action = -1 ) {
* The input name will be whatever $name value you gave. The input value will be
* the nonce creation value.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @param string $action Optional. Action name.
- * @param string $name Optional. Nonce name.
- * @param bool $referer Optional, default true. Whether to set the referer field for validation.
- * @param bool $echo Optional, default true. Whether to display or return hidden form field.
- * @return string Nonce field.
+ * @param int|string $action Optional. Action name. Default -1.
+ * @param string $name Optional. Nonce name. Default '_wpnonce'.
+ * @param bool $referer Optional. Whether to set the referer field for validation. Default true.
+ * @param bool $echo Optional. Whether to display or return hidden form field. Default true.
+ * @return string Nonce field HTML markup.
*/
function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {
$name = esc_attr( $name );
@@ -1224,16 +1470,13 @@ function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $ec
* The referer link is the current Request URI from the server super global. The
* input name is '_wp_http_referer', in case you wanted to check manually.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @param bool $echo Whether to echo or return the referer field.
- * @return string Referer field.
+ * @param bool $echo Optional. Whether to echo or return the referer field. Default true.
+ * @return string Referer field HTML markup.
*/
function wp_referer_field( $echo = true ) {
- $ref = esc_attr( $_SERVER['REQUEST_URI'] );
- $referer_field = '';
+ $referer_field = '';
if ( $echo )
echo $referer_field;
@@ -1244,60 +1487,59 @@ function wp_referer_field( $echo = true ) {
* Retrieve or display original referer hidden field for forms.
*
* The input name is '_wp_original_http_referer' and will be either the same
- * value of {@link wp_referer_field()}, if that was posted already or it will
- * be the current page, if it doesn't exist.
+ * value of wp_referer_field(), if that was posted already or it will be the
+ * current page, if it doesn't exist.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @param bool $echo Whether to echo the original http referer
- * @param string $jump_back_to Optional, default is 'current'. Can be 'previous' or page you want to jump back to.
+ * @param bool $echo Optional. Whether to echo the original http referer. Default true.
+ * @param string $jump_back_to Optional. Can be 'previous' or page you want to jump back to.
+ * Default 'current'.
* @return string Original referer field.
*/
function wp_original_referer_field( $echo = true, $jump_back_to = 'current' ) {
- $jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : $_SERVER['REQUEST_URI'];
- $ref = ( wp_get_original_referer() ) ? wp_get_original_referer() : $jump_back_to;
- $orig_referer_field = '';
+ if ( ! $ref = wp_get_original_referer() ) {
+ $ref = 'previous' == $jump_back_to ? wp_get_referer() : wp_unslash( $_SERVER['REQUEST_URI'] );
+ }
+ $orig_referer_field = '';
if ( $echo )
echo $orig_referer_field;
return $orig_referer_field;
}
/**
- * Retrieve referer from '_wp_http_referer' or HTTP referer. If it's the same
- * as the current request URL, will return false.
+ * Retrieve referer from '_wp_http_referer' or HTTP referer.
+ *
+ * If it's the same as the current request URL, will return false.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @return string|bool False on failure. Referer URL on success.
+ * @return false|string False on failure. Referer URL on success.
*/
function wp_get_referer() {
+ if ( ! function_exists( 'wp_validate_redirect' ) )
+ return false;
$ref = false;
if ( ! empty( $_REQUEST['_wp_http_referer'] ) )
- $ref = $_REQUEST['_wp_http_referer'];
- else if ( ! empty( $_SERVER['HTTP_REFERER'] ) )
- $ref = $_SERVER['HTTP_REFERER'];
+ $ref = wp_unslash( $_REQUEST['_wp_http_referer'] );
+ elseif ( ! empty( $_SERVER['HTTP_REFERER'] ) )
+ $ref = wp_unslash( $_SERVER['HTTP_REFERER'] );
- if ( $ref && $ref !== $_SERVER['REQUEST_URI'] )
- return $ref;
+ if ( $ref && $ref !== wp_unslash( $_SERVER['REQUEST_URI'] ) )
+ return wp_validate_redirect( $ref, false );
return false;
}
/**
* Retrieve original referer that was posted, if it exists.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
- * @return string|bool False if no original referer or original referer if set.
+ * @return string|false False if no original referer or original referer if set.
*/
function wp_get_original_referer() {
- if ( !empty( $_REQUEST['_wp_original_http_referer'] ) )
- return $_REQUEST['_wp_original_http_referer'];
+ if ( ! empty( $_REQUEST['_wp_original_http_referer'] ) && function_exists( 'wp_validate_redirect' ) )
+ return wp_validate_redirect( wp_unslash( $_REQUEST['_wp_original_http_referer'] ), false );
return false;
}
@@ -1314,77 +1556,101 @@ function wp_get_original_referer() {
function wp_mkdir_p( $target ) {
$wrapper = null;
- // strip the protocol
- if( wp_is_stream( $target ) ) {
+ // Strip the protocol.
+ if ( wp_is_stream( $target ) ) {
list( $wrapper, $target ) = explode( '://', $target, 2 );
}
- // from php.net/mkdir user contributed notes
+ // From php.net/mkdir user contributed notes.
$target = str_replace( '//', '/', $target );
- // put the wrapper back on the target
- if( $wrapper !== null ) {
+ // Put the wrapper back on the target.
+ if ( $wrapper !== null ) {
$target = $wrapper . '://' . $target;
}
- // safe mode fails with a trailing slash under certain PHP versions.
- $target = rtrim($target, '/'); // Use rtrim() instead of untrailingslashit to avoid formatting.php dependency.
+ /*
+ * Safe mode fails with a trailing slash under certain PHP versions.
+ * Use rtrim() instead of untrailingslashit to avoid formatting.php dependency.
+ */
+ $target = rtrim($target, '/');
if ( empty($target) )
$target = '/';
if ( file_exists( $target ) )
return @is_dir( $target );
- // Attempting to create the directory may clutter up our display.
- if ( @mkdir( $target ) ) {
- $stat = @stat( dirname( $target ) );
- $dir_perms = $stat['mode'] & 0007777; // Get the permission bits.
- @chmod( $target, $dir_perms );
- return true;
- } elseif ( is_dir( dirname( $target ) ) ) {
- return false;
+ // We need to find the permissions of the parent folder that exists and inherit that.
+ $target_parent = dirname( $target );
+ while ( '.' != $target_parent && ! is_dir( $target_parent ) ) {
+ $target_parent = dirname( $target_parent );
}
- // If the above failed, attempt to create the parent node, then try again.
- if ( ( $target != '/' ) && ( wp_mkdir_p( dirname( $target ) ) ) )
- return wp_mkdir_p( $target );
+ // Get the permission bits.
+ if ( $stat = @stat( $target_parent ) ) {
+ $dir_perms = $stat['mode'] & 0007777;
+ } else {
+ $dir_perms = 0777;
+ }
+
+ if ( @mkdir( $target, $dir_perms, true ) ) {
+
+ /*
+ * If a umask is set that modifies $dir_perms, we'll have to re-set
+ * the $dir_perms correctly with chmod()
+ */
+ if ( $dir_perms != ( $dir_perms & ~umask() ) ) {
+ $folder_parts = explode( '/', substr( $target, strlen( $target_parent ) + 1 ) );
+ for ( $i = 1, $c = count( $folder_parts ); $i <= $c; $i++ ) {
+ @chmod( $target_parent . '/' . implode( '/', array_slice( $folder_parts, 0, $i ) ), $dir_perms );
+ }
+ }
+
+ return true;
+ }
return false;
}
/**
- * Test if a give filesystem path is absolute ('/foo/bar', 'c:\windows').
+ * Test if a give filesystem path is absolute.
+ *
+ * For example, '/foo/bar', or 'c:\windows'.
*
* @since 2.5.0
*
- * @param string $path File path
+ * @param string $path File path.
* @return bool True if path is absolute, false is not absolute.
*/
function path_is_absolute( $path ) {
- // this is definitive if true but fails if $path does not exist or contains a symbolic link
+ /*
+ * This is definitive if true but fails if $path does not exist or contains
+ * a symbolic link.
+ */
if ( realpath($path) == $path )
return true;
if ( strlen($path) == 0 || $path[0] == '.' )
return false;
- // windows allows absolute paths like this
+ // Windows allows absolute paths like this.
if ( preg_match('#^[a-zA-Z]:\\\\#', $path) )
return true;
- // a path starting with / or \ is absolute; anything else is relative
+ // A path starting with / or \ is absolute; anything else is relative.
return ( $path[0] == '/' || $path[0] == '\\' );
}
/**
- * Join two filesystem paths together (e.g. 'give me $path relative to $base').
+ * Join two filesystem paths together.
*
- * If the $path is absolute, then it the full path is returned.
+ * For example, 'give me $path relative to $base'. If the $path is absolute,
+ * then it the full path is returned.
*
* @since 2.5.0
*
- * @param string $base
- * @param string $path
+ * @param string $base Base path.
+ * @param string $path Path relative to $base.
* @return string The path with the base or absolute path.
*/
function path_join( $base, $path ) {
@@ -1395,67 +1661,111 @@ function path_join( $base, $path ) {
}
/**
- * Determines a writable directory for temporary files.
- * Function's preference is the return value of sys_get_temp_dir()
,
+ * Normalize a filesystem path.
+ *
+ * On windows systems, replaces backslashes with forward slashes
+ * and forces upper-case drive letters.
+ * Ensures that no duplicate slashes exist.
+ *
+ * @since 3.9.0
+ * @since 4.4.0 Ensures upper-case drive letters on Windows systems.
+ *
+ * @param string $path Path to normalize.
+ * @return string Normalized path.
+ */
+function wp_normalize_path( $path ) {
+ $path = str_replace( '\\', '/', $path );
+ $path = preg_replace( '|/+|','/', $path );
+ if ( ':' === substr( $path, 1, 1 ) ) {
+ $path = ucfirst( $path );
+ }
+ return $path;
+}
+
+/**
+ * Determine a writable directory for temporary files.
+ *
+ * Function's preference is the return value of sys_get_temp_dir(),
* followed by your PHP temporary upload directory, followed by WP_CONTENT_DIR,
* before finally defaulting to /tmp/
*
* In the event that this function does not find a writable location,
- * It may be overridden by the WP_TEMP_DIR
constant in
- * your wp-config.php
file.
+ * It may be overridden by the WP_TEMP_DIR constant in your wp-config.php file.
*
* @since 2.5.0
*
- * @return string Writable temporary directory
+ * @staticvar string $temp
+ *
+ * @return string Writable temporary directory.
*/
function get_temp_dir() {
- static $temp;
+ static $temp = '';
if ( defined('WP_TEMP_DIR') )
return trailingslashit(WP_TEMP_DIR);
if ( $temp )
- return trailingslashit( rtrim( $temp, '\\' ) );
-
- $is_win = ( 'WIN' === strtoupper( substr( PHP_OS, 0, 3 ) ) );
+ return trailingslashit( $temp );
if ( function_exists('sys_get_temp_dir') ) {
$temp = sys_get_temp_dir();
- if ( @is_dir( $temp ) && ( $is_win ? win_is_writable( $temp ) : @is_writable( $temp ) ) ) {
- return trailingslashit( rtrim( $temp, '\\' ) );
- }
+ if ( @is_dir( $temp ) && wp_is_writable( $temp ) )
+ return trailingslashit( $temp );
}
$temp = ini_get('upload_tmp_dir');
- if ( is_dir( $temp ) && ( $is_win ? win_is_writable( $temp ) : @is_writable( $temp ) ) )
- return trailingslashit( rtrim( $temp, '\\' ) );
+ if ( @is_dir( $temp ) && wp_is_writable( $temp ) )
+ return trailingslashit( $temp );
$temp = WP_CONTENT_DIR . '/';
- if ( is_dir( $temp ) && ( $is_win ? win_is_writable( $temp ) : @is_writable( $temp ) ) )
+ if ( is_dir( $temp ) && wp_is_writable( $temp ) )
return $temp;
- $temp = '/tmp/';
- return $temp;
+ return '/tmp/';
+}
+
+/**
+ * Determine if a directory is writable.
+ *
+ * This function is used to work around certain ACL issues in PHP primarily
+ * affecting Windows Servers.
+ *
+ * @since 3.6.0
+ *
+ * @see win_is_writable()
+ *
+ * @param string $path Path to check for write-ability.
+ * @return bool Whether the path is writable.
+ */
+function wp_is_writable( $path ) {
+ if ( 'WIN' === strtoupper( substr( PHP_OS, 0, 3 ) ) )
+ return win_is_writable( $path );
+ else
+ return @is_writable( $path );
}
/**
* Workaround for Windows bug in is_writable() function
*
+ * PHP has issues with Windows ACL's for determine if a
+ * directory is writable or not, this works around them by
+ * checking the ability to open files rather than relying
+ * upon PHP to interprate the OS ACL.
+ *
* @since 2.8.0
*
- * @param string $path
- * @return bool
+ * @see http://bugs.php.net/bug.php?id=27609
+ * @see http://bugs.php.net/bug.php?id=30931
+ *
+ * @param string $path Windows path to check for write-ability.
+ * @return bool Whether the path is writable.
*/
function win_is_writable( $path ) {
- /* will work in despite of Windows ACLs bug
- * NOTE: use a trailing slash for folders!!!
- * see http://bugs.php.net/bug.php?id=27609
- * see http://bugs.php.net/bug.php?id=30931
- */
- if ( $path[strlen( $path ) - 1] == '/' ) // recursively return a temporary file path
+ if ( $path[strlen( $path ) - 1] == '/' ) { // if it looks like a directory, check a random file within the directory
return win_is_writable( $path . uniqid( mt_rand() ) . '.tmp');
- else if ( is_dir( $path ) )
+ } elseif ( is_dir( $path ) ) { // If it's a directory (and not a file) check a random file within the directory
return win_is_writable( $path . '/' . uniqid( mt_rand() ) . '.tmp' );
+ }
// check tmp file for read/write capabilities
$should_delete_tmp_file = !file_exists( $path );
$f = @fopen( $path, 'a' );
@@ -1495,9 +1805,8 @@ function win_is_writable( $path ) {
* 'error' - set to false.
*
* @since 2.0.0
- * @uses apply_filters() Calls 'upload_dir' on returned array.
*
- * @param string $time Optional. Time formatted in 'yyyy/mm'.
+ * @param string $time Optional. Time formatted in 'yyyy/mm'. Default null.
* @return array See above for description.
*/
function wp_upload_dir( $time = null ) {
@@ -1520,22 +1829,27 @@ function wp_upload_dir( $time = null ) {
$url = trailingslashit( $siteurl ) . $upload_path;
}
- // Obey the value of UPLOADS. This happens as long as ms-files rewriting is disabled.
- // We also sometimes obey UPLOADS when rewriting is enabled -- see the next block.
+ /*
+ * Honor the value of UPLOADS. This happens as long as ms-files rewriting is disabled.
+ * We also sometimes obey UPLOADS when rewriting is enabled -- see the next block.
+ */
if ( defined( 'UPLOADS' ) && ! ( is_multisite() && get_site_option( 'ms_files_rewriting' ) ) ) {
$dir = ABSPATH . UPLOADS;
$url = trailingslashit( $siteurl ) . UPLOADS;
}
// If multisite (and if not the main site in a post-MU network)
- if ( is_multisite() && ! ( is_main_site() && defined( 'MULTISITE' ) ) ) {
+ if ( is_multisite() && ! ( is_main_network() && is_main_site() && defined( 'MULTISITE' ) ) ) {
if ( ! get_site_option( 'ms_files_rewriting' ) ) {
- // If ms-files rewriting is disabled (networks created post-3.5), it is fairly straightforward:
- // Append sites/%d if we're not on the main site (for post-MU networks). (The extra directory
- // prevents a four-digit ID from conflicting with a year-based directory for the main site.
- // But if a MU-era network has disabled ms-files rewriting manually, they don't need the extra
- // directory, as they never had wp-content/uploads for the main site.)
+ /*
+ * If ms-files rewriting is disabled (networks created post-3.5), it is fairly
+ * straightforward: Append sites/%d if we're not on the main site (for post-MU
+ * networks). (The extra directory prevents a four-digit ID from conflicting with
+ * a year-based directory for the main site. But if a MU-era network has disabled
+ * ms-files rewriting manually, they don't need the extra directory, as they never
+ * had wp-content/uploads for the main site.)
+ */
if ( defined( 'MULTISITE' ) )
$ms_dir = '/sites/' . get_current_blog_id();
@@ -1546,17 +1860,19 @@ function wp_upload_dir( $time = null ) {
$url .= $ms_dir;
} elseif ( defined( 'UPLOADS' ) && ! ms_is_switched() ) {
- // Handle the old-form ms-files.php rewriting if the network still has that enabled.
- // When ms-files rewriting is enabled, then we only listen to UPLOADS when:
- // 1) we are not on the main site in a post-MU network,
- // as wp-content/uploads is used there, and
- // 2) we are not switched, as ms_upload_constants() hardcodes
- // these constants to reflect the original blog ID.
- //
- // Rather than UPLOADS, we actually use BLOGUPLOADDIR if it is set, as it is absolute.
- // (And it will be set, see ms_upload_constants().) Otherwise, UPLOADS can be used, as
- // as it is relative to ABSPATH. For the final piece: when UPLOADS is used with ms-files
- // rewriting in multisite, the resulting URL is /files. (#WP22702 for background.)
+ /*
+ * Handle the old-form ms-files.php rewriting if the network still has that enabled.
+ * When ms-files rewriting is enabled, then we only listen to UPLOADS when:
+ * 1) We are not on the main site in a post-MU network, as wp-content/uploads is used
+ * there, and
+ * 2) We are not switched, as ms_upload_constants() hardcodes these constants to reflect
+ * the original blog ID.
+ *
+ * Rather than UPLOADS, we actually use BLOGUPLOADDIR if it is set, as it is absolute.
+ * (And it will be set, see ms_upload_constants().) Otherwise, UPLOADS can be used, as
+ * as it is relative to ABSPATH. For the final piece: when UPLOADS is used with ms-files
+ * rewriting in multisite, the resulting URL is /files. (#WP22702 for background.)
+ */
if ( defined( 'BLOGUPLOADDIR' ) )
$dir = untrailingslashit( BLOGUPLOADDIR );
@@ -1582,6 +1898,14 @@ function wp_upload_dir( $time = null ) {
$dir .= $subdir;
$url .= $subdir;
+ /**
+ * Filter the uploads directory data.
+ *
+ * @since 2.0.0
+ *
+ * @param array $uploads Array of upload directory data with keys of 'path',
+ * 'url', 'subdir, 'basedir', and 'error'.
+ */
$uploads = apply_filters( 'upload_dir',
array(
'path' => $dir,
@@ -1592,7 +1916,7 @@ function wp_upload_dir( $time = null ) {
'error' => false,
) );
- // Make sure we have an uploads dir
+ // Make sure we have an uploads directory.
if ( ! wp_mkdir_p( $uploads['path'] ) ) {
if ( 0 === strpos( $uploads['basedir'], ABSPATH ) )
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir'];
@@ -1618,50 +1942,54 @@ function wp_upload_dir( $time = null ) {
*
* @since 2.5.0
*
- * @param string $dir
- * @param string $filename
- * @param mixed $unique_filename_callback Callback.
+ * @param string $dir Directory.
+ * @param string $filename File name.
+ * @param callable $unique_filename_callback Callback. Default null.
* @return string New filename, if given wasn't unique.
*/
function wp_unique_filename( $dir, $filename, $unique_filename_callback = null ) {
- // sanitize the file name before we begin processing
+ // Sanitize the file name before we begin processing.
$filename = sanitize_file_name($filename);
- // separate the filename into a name and extension
+ // Separate the filename into a name and extension.
$info = pathinfo($filename);
$ext = !empty($info['extension']) ? '.' . $info['extension'] : '';
$name = basename($filename, $ext);
- // edge case: if file is named '.ext', treat as an empty name
+ // Edge case: if file is named '.ext', treat as an empty name.
if ( $name === $ext )
$name = '';
- // Increment the file number until we have a unique file to save in $dir. Use callback if supplied.
+ /*
+ * Increment the file number until we have a unique file to save in $dir.
+ * Use callback if supplied.
+ */
if ( $unique_filename_callback && is_callable( $unique_filename_callback ) ) {
$filename = call_user_func( $unique_filename_callback, $dir, $name, $ext );
} else {
$number = '';
- // change '.ext' to lower case
+ // Change '.ext' to lower case.
if ( $ext && strtolower($ext) != $ext ) {
$ext2 = strtolower($ext);
$filename2 = preg_replace( '|' . preg_quote($ext) . '$|', $ext2, $filename );
- // check for both lower and upper case extension or image sub-sizes may be overwritten
+ // Check for both lower and upper case extension or image sub-sizes may be overwritten.
while ( file_exists($dir . "/$filename") || file_exists($dir . "/$filename2") ) {
$new_number = $number + 1;
- $filename = str_replace( "$number$ext", "$new_number$ext", $filename );
- $filename2 = str_replace( "$number$ext2", "$new_number$ext2", $filename2 );
+ $filename = str_replace( array( "-$number$ext", "$number$ext" ), "-$new_number$ext", $filename );
+ $filename2 = str_replace( array( "-$number$ext2", "$number$ext2" ), "-$new_number$ext2", $filename2 );
$number = $new_number;
}
return $filename2;
}
while ( file_exists( $dir . "/$filename" ) ) {
- if ( '' == "$number$ext" )
- $filename = $filename . ++$number . $ext;
- else
- $filename = str_replace( "$number$ext", ++$number . $ext, $filename );
+ if ( '' == "$number$ext" ) {
+ $filename = "$filename-" . ++$number;
+ } else {
+ $filename = str_replace( array( "-$number$ext", "$number$ext" ), "-" . ++$number . $ext, $filename );
+ }
}
}
@@ -1685,10 +2013,10 @@ function wp_unique_filename( $dir, $filename, $unique_filename_callback = null )
*
* @since 2.0.0
*
- * @param string $name
- * @param null $deprecated Never used. Set to null.
- * @param mixed $bits File content
- * @param string $time Optional. Time formatted in 'yyyy/mm'.
+ * @param string $name Filename.
+ * @param null|string $deprecated Never used. Set to null.
+ * @param mixed $bits File content
+ * @param string $time Optional. Time formatted in 'yyyy/mm'. Default null.
* @return array
*/
function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
@@ -1707,6 +2035,16 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
if ( $upload['error'] !== false )
return $upload;
+ /**
+ * Filter whether to treat the upload bits as an error.
+ *
+ * Passing a non-array to the filter will effectively short-circuit preparing
+ * the upload bits, returning that value instead.
+ *
+ * @since 3.0.0
+ *
+ * @param mixed $upload_bits_error An array of upload bits data, or a non-array error to return.
+ */
$upload_bits_error = apply_filters( 'wp_upload_bits', array( 'name' => $name, 'bits' => $bits, 'time' => $time ) );
if ( !is_array( $upload_bits_error ) ) {
$upload[ 'error' ] = $upload_bits_error;
@@ -1744,30 +2082,43 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) {
// Compute the URL
$url = $upload['url'] . "/$filename";
- return array( 'file' => $new_file, 'url' => $url, 'error' => false );
+ /** This filter is documented in wp-admin/includes/file.php */
+ return apply_filters( 'wp_handle_upload', array( 'file' => $new_file, 'url' => $url, 'type' => $wp_filetype['type'], 'error' => false ), 'sideload' );
}
/**
* Retrieve the file type based on the extension name.
*
- * @package WordPress
* @since 2.5.0
- * @uses apply_filters() Calls 'ext2type' hook on default supported types.
*
* @param string $ext The extension to search.
- * @return string|null The file type, example: audio, video, document, spreadsheet, etc. Null if not found.
+ * @return string|void The file type, example: audio, video, document, spreadsheet, etc.
*/
function wp_ext2type( $ext ) {
+ $ext = strtolower( $ext );
+
+ /**
+ * Filter file type based on the extension name.
+ *
+ * @since 2.5.0
+ *
+ * @see wp_ext2type()
+ *
+ * @param array $ext2type Multi-dimensional array with extensions for a default set
+ * of file types.
+ */
$ext2type = apply_filters( 'ext2type', array(
+ 'image' => array( 'jpg', 'jpeg', 'jpe', 'gif', 'png', 'bmp', 'tif', 'tiff', 'ico' ),
'audio' => array( 'aac', 'ac3', 'aif', 'aiff', 'm3a', 'm4a', 'm4b', 'mka', 'mp1', 'mp2', 'mp3', 'ogg', 'oga', 'ram', 'wav', 'wma' ),
- 'video' => array( 'asf', 'avi', 'divx', 'dv', 'flv', 'm4v', 'mkv', 'mov', 'mp4', 'mpeg', 'mpg', 'mpv', 'ogm', 'ogv', 'qt', 'rm', 'vob', 'wmv' ),
- 'document' => array( 'doc', 'docx', 'docm', 'dotm', 'odt', 'pages', 'pdf', 'rtf', 'wp', 'wpd' ),
+ 'video' => array( '3g2', '3gp', '3gpp', 'asf', 'avi', 'divx', 'dv', 'flv', 'm4v', 'mkv', 'mov', 'mp4', 'mpeg', 'mpg', 'mpv', 'ogm', 'ogv', 'qt', 'rm', 'vob', 'wmv' ),
+ 'document' => array( 'doc', 'docx', 'docm', 'dotm', 'odt', 'pages', 'pdf', 'xps', 'oxps', 'rtf', 'wp', 'wpd', 'psd', 'xcf' ),
'spreadsheet' => array( 'numbers', 'ods', 'xls', 'xlsx', 'xlsm', 'xlsb' ),
'interactive' => array( 'swf', 'key', 'ppt', 'pptx', 'pptm', 'pps', 'ppsx', 'ppsm', 'sldx', 'sldm', 'odp' ),
'text' => array( 'asc', 'csv', 'tsv', 'txt' ),
'archive' => array( 'bz2', 'cab', 'dmg', 'gz', 'rar', 'sea', 'sit', 'sqx', 'tar', 'tgz', 'zip', '7z' ),
'code' => array( 'css', 'htm', 'html', 'php', 'js' ),
- ));
+ ) );
+
foreach ( $ext2type as $type => $exts )
if ( in_array( $ext, $exts ) )
return $type;
@@ -1781,7 +2132,7 @@ function wp_ext2type( $ext ) {
* @since 2.0.4
*
* @param string $filename File name or path.
- * @param array $mimes Optional. Key is the file extension with value as the mime type.
+ * @param array $mimes Optional. Key is the file extension with value as the mime type.
* @return array Values with extension first and mime type.
*/
function wp_check_filetype( $filename, $mimes = null ) {
@@ -1804,6 +2155,7 @@ function wp_check_filetype( $filename, $mimes = null ) {
/**
* Attempt to determine the real file type of a file.
+ *
* If unable to, the file name extension will be used to determine type.
*
* If it's determined that the extension does not match the file's real type,
@@ -1813,22 +2165,25 @@ function wp_check_filetype( $filename, $mimes = null ) {
*
* @since 3.0.0
*
- * @param string $file Full path to the image.
- * @param string $filename The filename of the image (may differ from $file due to $file being in a tmp directory)
- * @param array $mimes Optional. Key is the file extension with value as the mime type.
- * @return array Values for the extension, MIME, and either a corrected filename or false if original $filename is valid
+ * @param string $file Full path to the file.
+ * @param string $filename The name of the file (may differ from $file due to $file being
+ * in a tmp directory).
+ * @param array $mimes Optional. Key is the file extension with value as the mime type.
+ * @return array Values for the extension, MIME, and either a corrected filename or false
+ * if original $filename is valid.
*/
function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
-
$proper_filename = false;
// Do basic extension validation and MIME mapping
$wp_filetype = wp_check_filetype( $filename, $mimes );
- extract( $wp_filetype );
+ $ext = $wp_filetype['ext'];
+ $type = $wp_filetype['type'];
// We can't do any further validation without a file to work with
- if ( ! file_exists( $file ) )
+ if ( ! file_exists( $file ) ) {
return compact( 'ext', 'type', 'proper_filename' );
+ }
// We're able to validate images using GD
if ( $type && 0 === strpos( $type, 'image/' ) && function_exists('getimagesize') ) {
@@ -1838,8 +2193,13 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
// If getimagesize() knows what kind of image it really is and if the real MIME doesn't match the claimed MIME
if ( !empty($imgstats['mime']) && $imgstats['mime'] != $type ) {
- // This is a simplified array of MIMEs that getimagesize() can detect and their extensions
- // You shouldn't need to use this filter, but it's here just in case
+ /**
+ * Filter the list mapping image mime types to their respective extensions.
+ *
+ * @since 3.0.0
+ *
+ * @param array $mime_to_ext Array of image mime types and their matching extensions.
+ */
$mime_to_ext = apply_filters( 'getimagesize_mimes_to_exts', array(
'image/jpeg' => 'jpg',
'image/png' => 'png',
@@ -1855,18 +2215,29 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
$filename_parts[] = $mime_to_ext[ $imgstats['mime'] ];
$new_filename = implode( '.', $filename_parts );
- if ( $new_filename != $filename )
+ if ( $new_filename != $filename ) {
$proper_filename = $new_filename; // Mark that it changed
-
+ }
// Redefine the extension / MIME
$wp_filetype = wp_check_filetype( $new_filename, $mimes );
- extract( $wp_filetype );
+ $ext = $wp_filetype['ext'];
+ $type = $wp_filetype['type'];
}
}
}
- // Let plugins try and validate other types of files
- // Should return an array in the style of array( 'ext' => $ext, 'type' => $type, 'proper_filename' => $proper_filename )
+ /**
+ * Filter the "real" file type of the given file.
+ *
+ * @since 3.0.0
+ *
+ * @param array $wp_check_filetype_and_ext File data array containing 'ext', 'type', and
+ * 'proper_filename' keys.
+ * @param string $file Full path to the file.
+ * @param string $filename The name of the file (may differ from $file due to
+ * $file being in a tmp directory).
+ * @param array $mimes Key is the file extension with value as the mime type.
+ */
return apply_filters( 'wp_check_filetype_and_ext', compact( 'ext', 'type', 'proper_filename' ), $file, $filename, $mimes );
}
@@ -1874,24 +2245,35 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
* Retrieve list of mime types and file extensions.
*
* @since 3.5.0
- *
- * @uses apply_filters() Calls 'mime_types' on returned array. This filter should
- * be used to add types, not remove them. To remove types use the upload_mimes filter.
+ * @since 4.2.0 Support was added for GIMP (xcf) files.
*
* @return array Array of mime types keyed by the file extension regex corresponding to those types.
*/
function wp_get_mime_types() {
- // Accepted MIME types are set here as PCRE unless provided.
+ /**
+ * Filter the list of mime types and file extensions.
+ *
+ * This filter should be used to add, not remove, mime types. To remove
+ * mime types, use the 'upload_mimes' filter.
+ *
+ * @since 3.5.0
+ *
+ * @param array $wp_get_mime_types Mime types keyed by the file extension regex
+ * corresponding to those types.
+ */
return apply_filters( 'mime_types', array(
- // Image formats
+ // Image formats.
'jpg|jpeg|jpe' => 'image/jpeg',
'gif' => 'image/gif',
'png' => 'image/png',
'bmp' => 'image/bmp',
- 'tif|tiff' => 'image/tiff',
+ 'tiff|tif' => 'image/tiff',
'ico' => 'image/x-icon',
- // Video formats
- 'asf|asx|wax|wmv|wmx' => 'video/asf',
+ // Video formats.
+ 'asf|asx' => 'video/x-ms-asf',
+ 'wmv' => 'video/x-ms-wmv',
+ 'wmx' => 'video/x-ms-wmx',
+ 'wm' => 'video/x-ms-wm',
'avi' => 'video/avi',
'divx' => 'video/divx',
'flv' => 'video/x-flv',
@@ -1899,24 +2281,30 @@ function wp_get_mime_types() {
'mpeg|mpg|mpe' => 'video/mpeg',
'mp4|m4v' => 'video/mp4',
'ogv' => 'video/ogg',
+ 'webm' => 'video/webm',
'mkv' => 'video/x-matroska',
- // Text formats
- 'txt|asc|c|cc|h' => 'text/plain',
+ '3gp|3gpp' => 'video/3gpp', // Can also be audio
+ '3g2|3gp2' => 'video/3gpp2', // Can also be audio
+ // Text formats.
+ 'txt|asc|c|cc|h|srt' => 'text/plain',
'csv' => 'text/csv',
'tsv' => 'text/tab-separated-values',
'ics' => 'text/calendar',
'rtx' => 'text/richtext',
'css' => 'text/css',
'htm|html' => 'text/html',
- // Audio formats
+ 'vtt' => 'text/vtt',
+ 'dfxp' => 'application/ttaf+xml',
+ // Audio formats.
'mp3|m4a|m4b' => 'audio/mpeg',
'ra|ram' => 'audio/x-realaudio',
'wav' => 'audio/wav',
'ogg|oga' => 'audio/ogg',
'mid|midi' => 'audio/midi',
- 'wma' => 'audio/wma',
+ 'wma' => 'audio/x-ms-wma',
+ 'wax' => 'audio/x-ms-wax',
'mka' => 'audio/x-matroska',
- // Misc application formats
+ // Misc application formats.
'rtf' => 'application/rtf',
'js' => 'application/javascript',
'pdf' => 'application/pdf',
@@ -1928,7 +2316,9 @@ function wp_get_mime_types() {
'rar' => 'application/rar',
'7z' => 'application/x-7z-compressed',
'exe' => 'application/x-msdownload',
- // MS Office formats
+ 'psd' => 'application/octet-stream',
+ 'xcf' => 'application/octet-stream',
+ // MS Office formats.
'doc' => 'application/msword',
'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
'wri' => 'application/vnd.ms-write',
@@ -1955,7 +2345,9 @@ function wp_get_mime_types() {
'sldx' => 'application/vnd.openxmlformats-officedocument.presentationml.slide',
'sldm' => 'application/vnd.ms-powerpoint.slide.macroEnabled.12',
'onetoc|onetoc2|onetmp|onepkg' => 'application/onenote',
- // OpenOffice formats
+ 'oxps' => 'application/oxps',
+ 'xps' => 'application/vnd.ms-xpsdocument',
+ // OpenOffice formats.
'odt' => 'application/vnd.oasis.opendocument.text',
'odp' => 'application/vnd.oasis.opendocument.presentation',
'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
@@ -1963,8 +2355,12 @@ function wp_get_mime_types() {
'odc' => 'application/vnd.oasis.opendocument.chart',
'odb' => 'application/vnd.oasis.opendocument.database',
'odf' => 'application/vnd.oasis.opendocument.formula',
- // WordPerfect formats
+ // WordPerfect formats.
'wp|wpd' => 'application/wordperfect',
+ // iWork formats.
+ 'key' => 'application/vnd.apple.keynote',
+ 'numbers' => 'application/vnd.apple.numbers',
+ 'pages' => 'application/vnd.apple.pages',
) );
}
/**
@@ -1972,63 +2368,127 @@ function wp_get_mime_types() {
*
* @since 2.8.6
*
- * @uses apply_filters() Calls 'upload_mimes' on returned array
- * @uses wp_get_upload_mime_types() to fetch the list of mime types
- *
- * @return array Array of mime types keyed by the file extension regex corresponding to those types.
+ * @param int|WP_User $user Optional. User to check. Defaults to current user.
+ * @return array Array of mime types keyed by the file extension regex corresponding
+ * to those types.
*/
-function get_allowed_mime_types() {
- return apply_filters( 'upload_mimes', wp_get_mime_types() );
+function get_allowed_mime_types( $user = null ) {
+ $t = wp_get_mime_types();
+
+ unset( $t['swf'], $t['exe'] );
+ if ( function_exists( 'current_user_can' ) )
+ $unfiltered = $user ? user_can( $user, 'unfiltered_html' ) : current_user_can( 'unfiltered_html' );
+
+ if ( empty( $unfiltered ) )
+ unset( $t['htm|html'] );
+
+ /**
+ * Filter list of allowed mime types and file extensions.
+ *
+ * @since 2.0.0
+ *
+ * @param array $t Mime types keyed by the file extension regex corresponding to
+ * those types. 'swf' and 'exe' removed from full list. 'htm|html' also
+ * removed depending on '$user' capabilities.
+ * @param int|WP_User|null $user User ID, User object or null if not provided (indicates current user).
+ */
+ return apply_filters( 'upload_mimes', $t, $user );
}
/**
* Display "Are You Sure" message to confirm the action being taken.
*
- * If the action has the nonce explain message, then it will be displayed along
- * with the "Are you sure?" message.
+ * If the action has the nonce explain message, then it will be displayed
+ * along with the "Are you sure?" message.
*
- * @package WordPress
- * @subpackage Security
* @since 2.0.4
*
* @param string $action The nonce action.
*/
function wp_nonce_ays( $action ) {
- $title = __( 'WordPress Failure Notice' );
if ( 'log-out' == $action ) {
$html = sprintf( __( 'You are attempting to log out of %s' ), get_bloginfo( 'name' ) ) . '
'; - $html .= sprintf( __( "Do you really want to log out?"), wp_logout_url() ); + $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; + $html .= sprintf( __( "Do you really want to log out?"), wp_logout_url( $redirect_to ) ); } else { $html = __( 'Are you sure you want to do this?' ); if ( wp_get_referer() ) $html .= "
" . __( 'Please try again.' ) . ""; } - wp_die( $html, $title, array('response' => 403) ); + wp_die( $html, __( 'WordPress Failure Notice' ), 403 ); } /** * Kill WordPress execution and display HTML message with error message. * - * This function complements the die() PHP function. The difference is that + * This function complements the `die()` PHP function. The difference is that * HTML will be displayed to the user. It is recommended to use this function - * only, when the execution should not continue any further. It is not - * recommended to call this function very often and try to handle as many errors - * as possible silently. + * only when the execution should not continue any further. It is not recommended + * to call this function very often, and try to handle as many errors as possible + * silently or more gracefully. * - * @since 2.0.4 + * As a shorthand, the desired HTTP response code may be passed as an integer to + * the `$title` parameter (the default title would apply) or the `$args` parameter. * - * @param string $message Error message. - * @param string $title Error title. - * @param string|array $args Optional arguments to control behavior. + * @since 2.0.4 + * @since 4.1.0 The `$title` and `$args` parameters were changed to optionally accept + * an integer to be used as the response code. + * + * @param string|WP_Error $message Optional. Error message. If this is a {@see WP_Error} object, + * the error's messages are used. Default empty. + * @param string|int $title Optional. Error title. If `$message` is a `WP_Error` object, + * error data with the key 'title' may be used to specify the title. + * If `$title` is an integer, then it is treated as the response + * code. Default empty. + * @param string|array|int $args { + * Optional. Arguments to control behavior. If `$args` is an integer, then it is treated + * as the response code. Default empty array. + * + * @type int $response The HTTP response code. Default 500. + * @type bool $back_link Whether to include a link to go back. Default false. + * @type string $text_direction The text direction. This is only useful internally, when WordPress + * is still loading and the site's locale is not set up yet. Accepts 'rtl'. + * Default is the value of {@see is_rtl()}. + * } */ function wp_die( $message = '', $title = '', $args = array() ) { - if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) + + if ( is_int( $args ) ) { + $args = array( 'response' => $args ); + } elseif ( is_int( $title ) ) { + $args = array( 'response' => $title ); + $title = ''; + } + + if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) { + /** + * Filter callback for killing WordPress execution for AJAX requests. + * + * @since 3.4.0 + * + * @param callable $function Callback function name. + */ $function = apply_filters( 'wp_die_ajax_handler', '_ajax_wp_die_handler' ); - elseif ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) + } elseif ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) { + /** + * Filter callback for killing WordPress execution for XML-RPC requests. + * + * @since 3.4.0 + * + * @param callable $function Callback function name. + */ $function = apply_filters( 'wp_die_xmlrpc_handler', '_xmlrpc_wp_die_handler' ); - else + } else { + /** + * Filter callback for killing WordPress execution for all non-AJAX, non-XML-RPC requests. + * + * @since 3.0.0 + * + * @param callable $function Callback function name. + */ $function = apply_filters( 'wp_die_handler', '_default_wp_die_handler' ); + } call_user_func( $function, $message, $title, $args ); } @@ -2042,9 +2502,9 @@ function wp_die( $message = '', $title = '', $args = array() ) { * @since 3.0.0 * @access private * - * @param string $message Error message. - * @param string $title Error title. - * @param string|array $args Optional arguments to control behavior. + * @param string $message Error message. + * @param string $title Optional. Error title. Default empty. + * @param string|array $args Optional. Arguments to control behavior. Default empty array. */ function _default_wp_die_handler( $message, $title = '', $args = array() ) { $defaults = array( 'response' => 500 ); @@ -2059,7 +2519,7 @@ function _default_wp_die_handler( $message, $title = '', $args = array() ) { $title = $error_data['title']; } $errors = $message->get_error_messages(); - switch ( count( $errors ) ) : + switch ( count( $errors ) ) { case 0 : $message = ''; break; @@ -2069,7 +2529,7 @@ function _default_wp_die_handler( $message, $title = '', $args = array() ) { default : $message = "
$message
"; } @@ -2101,27 +2561,27 @@ function _default_wp_die_handler( $message, $title = '', $args = array() ) { > +__construct()' ) ); + } else { + trigger_error( sprintf( 'The called constructor method for %1$s is deprecated since version %2$s! Use %3$s instead.', $class, $version, '
__construct()' ) ); + } } + } /** - * Marks a file as deprecated and informs when it has been used. + * Mark a file as deprecated and inform when it has been used. * * There is a hook deprecated_file_included that will be called that can be used * to get the backtrace up to what file and function included the deprecated @@ -2853,45 +3640,63 @@ function _deprecated_function( $function, $version, $replacement = null ) { * * This function is to be used in every file that is deprecated. * - * @package WordPress - * @subpackage Debug * @since 2.5.0 * @access private * - * @uses do_action() Calls 'deprecated_file_included' and passes the file name, what to use instead, - * the version in which the file was deprecated, and any message regarding the change. - * @uses apply_filters() Calls 'deprecated_file_trigger_error' and expects boolean value of true to do - * trigger or false to not trigger error. - * - * @param string $file The file that was included - * @param string $version The version of WordPress that deprecated the file - * @param string $replacement Optional. The file that should have been included based on ABSPATH - * @param string $message Optional. A message regarding the change + * @param string $file The file that was included. + * @param string $version The version of WordPress that deprecated the file. + * @param string $replacement Optional. The file that should have been included based on ABSPATH. + * Default null. + * @param string $message Optional. A message regarding the change. Default empty. */ function _deprecated_file( $file, $version, $replacement = null, $message = '' ) { + /** + * Fires when a deprecated file is called. + * + * @since 2.5.0 + * + * @param string $file The file that was called. + * @param string $replacement The file that should have been included based on ABSPATH. + * @param string $version The version of WordPress that deprecated the file. + * @param string $message A message regarding the change. + */ do_action( 'deprecated_file_included', $file, $replacement, $version, $message ); - // Allow plugin to filter the output error trigger + /** + * Filter whether to trigger an error for deprecated files. + * + * @since 2.5.0 + * + * @param bool $trigger Whether to trigger the error for deprecated files. Default true. + */ if ( WP_DEBUG && apply_filters( 'deprecated_file_trigger_error', true ) ) { $message = empty( $message ) ? '' : ' ' . $message; - if ( ! is_null( $replacement ) ) - trigger_error( sprintf( __('%1$s is deprecated since version %2$s! Use %3$s instead.'), $file, $version, $replacement ) . $message ); - else - trigger_error( sprintf( __('%1$s is deprecated since version %2$s with no alternative available.'), $file, $version ) . $message ); + if ( function_exists( '__' ) ) { + if ( ! is_null( $replacement ) ) + trigger_error( sprintf( __('%1$s is deprecated since version %2$s! Use %3$s instead.'), $file, $version, $replacement ) . $message ); + else + trigger_error( sprintf( __('%1$s is deprecated since version %2$s with no alternative available.'), $file, $version ) . $message ); + } else { + if ( ! is_null( $replacement ) ) + trigger_error( sprintf( '%1$s is deprecated since version %2$s! Use %3$s instead.', $file, $version, $replacement ) . $message ); + else + trigger_error( sprintf( '%1$s is deprecated since version %2$s with no alternative available.', $file, $version ) . $message ); + } } } /** - * Marks a function argument as deprecated and informs when it has been used. + * Mark a function argument as deprecated and inform when it has been used. * * This function is to be used whenever a deprecated function argument is used. * Before this function is called, the argument must be checked for whether it was * used by comparing it to its default value or evaluating whether it is empty. * For example: - *
- * if ( !empty($deprecated) )
- * _deprecated_argument( __FUNCTION__, '3.0' );
- *
+ *
+ * if ( ! empty( $deprecated ) ) {
+ * _deprecated_argument( __FUNCTION__, '3.0' );
+ * }
+ *
*
* There is a hook deprecated_argument_run that will be called that can be used
* to get the backtrace up to what file and function used the deprecated
@@ -2899,35 +3704,50 @@ function _deprecated_file( $file, $version, $replacement = null, $message = '' )
*
* The current behavior is to trigger a user error if WP_DEBUG is true.
*
- * @package WordPress
- * @subpackage Debug
* @since 3.0.0
* @access private
*
- * @uses do_action() Calls 'deprecated_argument_run' and passes the function name, a message on the change,
- * and the version in which the argument was deprecated.
- * @uses apply_filters() Calls 'deprecated_argument_trigger_error' and expects boolean value of true to do
- * trigger or false to not trigger error.
- *
- * @param string $function The function that was called
- * @param string $version The version of WordPress that deprecated the argument used
- * @param string $message Optional. A message regarding the change.
+ * @param string $function The function that was called.
+ * @param string $version The version of WordPress that deprecated the argument used.
+ * @param string $message Optional. A message regarding the change. Default null.
*/
function _deprecated_argument( $function, $version, $message = null ) {
+ /**
+ * Fires when a deprecated argument is called.
+ *
+ * @since 3.0.0
+ *
+ * @param string $function The function that was called.
+ * @param string $message A message regarding the change.
+ * @param string $version The version of WordPress that deprecated the argument used.
+ */
do_action( 'deprecated_argument_run', $function, $message, $version );
- // Allow plugin to filter the output error trigger
+ /**
+ * Filter whether to trigger an error for deprecated arguments.
+ *
+ * @since 3.0.0
+ *
+ * @param bool $trigger Whether to trigger the error for deprecated arguments. Default true.
+ */
if ( WP_DEBUG && apply_filters( 'deprecated_argument_trigger_error', true ) ) {
- if ( ! is_null( $message ) )
- trigger_error( sprintf( __('%1$s was called with an argument that is deprecated since version %2$s! %3$s'), $function, $version, $message ) );
- else
- trigger_error( sprintf( __('%1$s was called with an argument that is deprecated since version %2$s with no alternative available.'), $function, $version ) );
+ if ( function_exists( '__' ) ) {
+ if ( ! is_null( $message ) )
+ trigger_error( sprintf( __('%1$s was called with an argument that is deprecated since version %2$s! %3$s'), $function, $version, $message ) );
+ else
+ trigger_error( sprintf( __('%1$s was called with an argument that is deprecated since version %2$s with no alternative available.'), $function, $version ) );
+ } else {
+ if ( ! is_null( $message ) )
+ trigger_error( sprintf( '%1$s was called with an argument that is deprecated since version %2$s! %3$s', $function, $version, $message ) );
+ else
+ trigger_error( sprintf( '%1$s was called with an argument that is deprecated since version %2$s with no alternative available.', $function, $version ) );
+ }
}
}
/**
- * Marks something as being incorrectly called.
+ * Mark something as being incorrectly called.
*
* There is a hook doing_it_wrong_run that will be called that can be used
* to get the backtrace up to what file and function called the deprecated
@@ -2935,28 +3755,48 @@ function _deprecated_argument( $function, $version, $message = null ) {
*
* The current behavior is to trigger a user error if WP_DEBUG is true.
*
- * @package WordPress
- * @subpackage Debug
* @since 3.1.0
* @access private
*
- * @uses do_action() Calls 'doing_it_wrong_run' and passes the function arguments.
- * @uses apply_filters() Calls 'doing_it_wrong_trigger_error' and expects boolean value of true to do
- * trigger or false to not trigger error.
- *
* @param string $function The function that was called.
- * @param string $message A message explaining what has been done incorrectly.
- * @param string $version The version of WordPress where the message was added.
+ * @param string $message A message explaining what has been done incorrectly.
+ * @param string $version The version of WordPress where the message was added.
*/
function _doing_it_wrong( $function, $message, $version ) {
+ /**
+ * Fires when the given function is being used incorrectly.
+ *
+ * @since 3.1.0
+ *
+ * @param string $function The function that was called.
+ * @param string $message A message explaining what has been done incorrectly.
+ * @param string $version The version of WordPress where the message was added.
+ */
do_action( 'doing_it_wrong_run', $function, $message, $version );
- // Allow plugin to filter the output error trigger
+ /**
+ * Filter whether to trigger an error for _doing_it_wrong() calls.
+ *
+ * @since 3.1.0
+ *
+ * @param bool $trigger Whether to trigger the error for _doing_it_wrong() calls. Default true.
+ */
if ( WP_DEBUG && apply_filters( 'doing_it_wrong_trigger_error', true ) ) {
- $version = is_null( $version ) ? '' : sprintf( __( '(This message was added in version %s.)' ), $version );
- $message .= ' ' . __( 'Please see Debugging in WordPress for more information.' );
- trigger_error( sprintf( __( '%1$s was called incorrectly. %2$s %3$s' ), $function, $message, $version ) );
+ if ( function_exists( '__' ) ) {
+ $version = is_null( $version ) ? '' : sprintf( __( '(This message was added in version %s.)' ), $version );
+ /* translators: %s: Codex URL */
+ $message .= ' ' . sprintf( __( 'Please see Debugging in WordPress for more information.' ),
+ __( 'https://codex.wordpress.org/Debugging_in_WordPress' )
+ );
+ trigger_error( sprintf( __( '%1$s was called incorrectly. %2$s %3$s' ), $function, $message, $version ) );
+ } else {
+ $version = is_null( $version ) ? '' : sprintf( '(This message was added in version %s.)', $version );
+ $message .= sprintf( ' Please see Debugging in WordPress for more information.',
+ 'https://codex.wordpress.org/Debugging_in_WordPress'
+ );
+ trigger_error( sprintf( '%1$s was called incorrectly. %2$s %3$s', $function, $message, $version ) );
+ }
}
}
@@ -2965,7 +3805,7 @@ function _doing_it_wrong( $function, $message, $version ) {
*
* @since 2.5.0
*
- * @return bool Whether the server is running lighttpd < 1.5.0
+ * @return bool Whether the server is running lighttpd < 1.5.0.
*/
function is_lighttpd_before_150() {
$server_parts = explode( '/', isset( $_SERVER['SERVER_SOFTWARE'] )? $_SERVER['SERVER_SOFTWARE'] : '' );
@@ -2978,9 +3818,11 @@ function is_lighttpd_before_150() {
*
* @since 2.5.0
*
- * @param string $mod e.g. mod_rewrite
- * @param bool $default The default return value if the module is not found
- * @return bool
+ * @global bool $is_apache
+ *
+ * @param string $mod The module, e.g. mod_rewrite.
+ * @param bool $default Optional. The default return value if the module is not found. Default false.
+ * @return bool Whether the specified module is loaded.
*/
function apache_mod_loaded($mod, $default = false) {
global $is_apache;
@@ -2988,11 +3830,11 @@ function apache_mod_loaded($mod, $default = false) {
if ( !$is_apache )
return false;
- if ( function_exists('apache_get_modules') ) {
+ if ( function_exists( 'apache_get_modules' ) ) {
$mods = apache_get_modules();
if ( in_array($mod, $mods) )
return true;
- } elseif ( function_exists('phpinfo') ) {
+ } elseif ( function_exists( 'phpinfo' ) && false === strpos( ini_get( 'disable_functions' ), 'phpinfo' ) ) {
ob_start();
phpinfo(8);
$phpinfo = ob_get_clean();
@@ -3003,31 +3845,39 @@ function apache_mod_loaded($mod, $default = false) {
}
/**
- * Check if IIS 7 supports pretty permalinks.
+ * Check if IIS 7+ supports pretty permalinks.
*
* @since 2.8.0
*
- * @return bool
+ * @global bool $is_iis7
+ *
+ * @return bool Whether IIS7 supports permalinks.
*/
function iis7_supports_permalinks() {
global $is_iis7;
$supports_permalinks = false;
if ( $is_iis7 ) {
- /* First we check if the DOMDocument class exists. If it does not exist,
- * which is the case for PHP 4.X, then we cannot easily update the xml configuration file,
- * hence we just bail out and tell user that pretty permalinks cannot be used.
- * This is not a big issue because PHP 4.X is going to be deprecated and for IIS it
- * is recommended to use PHP 5.X NTS.
+ /* First we check if the DOMDocument class exists. If it does not exist, then we cannot
+ * easily update the xml configuration file, hence we just bail out and tell user that
+ * pretty permalinks cannot be used.
+ *
* Next we check if the URL Rewrite Module 1.1 is loaded and enabled for the web site. When
* URL Rewrite 1.1 is loaded it always sets a server variable called 'IIS_UrlRewriteModule'.
* Lastly we make sure that PHP is running via FastCGI. This is important because if it runs
* via ISAPI then pretty permalinks will not work.
*/
- $supports_permalinks = class_exists('DOMDocument') && isset($_SERVER['IIS_UrlRewriteModule']) && ( php_sapi_name() == 'cgi-fcgi' );
+ $supports_permalinks = class_exists( 'DOMDocument', false ) && isset($_SERVER['IIS_UrlRewriteModule']) && ( PHP_SAPI == 'cgi-fcgi' );
}
- return apply_filters('iis7_supports_permalinks', $supports_permalinks);
+ /**
+ * Filter whether IIS 7+ supports pretty permalinks.
+ *
+ * @since 2.8.0
+ *
+ * @param bool $supports_permalinks Whether IIS7 supports permalinks. Default false.
+ */
+ return apply_filters( 'iis7_supports_permalinks', $supports_permalinks );
}
/**
@@ -3041,7 +3891,7 @@ function iis7_supports_permalinks() {
* @since 1.2.0
*
* @param string $file File path.
- * @param array $allowed_files List of allowed files.
+ * @param array $allowed_files List of allowed files.
* @return int 0 means nothing is wrong, greater than 0 means something was wrong.
*/
function validate_file( $file, $allowed_files = '' ) {
@@ -3079,32 +3929,14 @@ function is_ssl() {
return false;
}
-/**
- * Whether SSL login should be forced.
- *
- * @since 2.6.0
- *
- * @param string|bool $force Optional.
- * @return bool True if forced, false if not forced.
- */
-function force_ssl_login( $force = null ) {
- static $forced = false;
-
- if ( !is_null( $force ) ) {
- $old_forced = $forced;
- $forced = $force;
- return $old_forced;
- }
-
- return $forced;
-}
-
/**
* Whether to force SSL used for the Administration Screens.
*
* @since 2.6.0
*
- * @param string|bool $force
+ * @staticvar bool $forced
+ *
+ * @param string|bool $force Optional. Whether to force SSL in admin screens. Default null.
* @return bool True if forced, false if not forced.
*/
function force_ssl_admin( $force = null ) {
@@ -3127,14 +3959,42 @@ function force_ssl_admin( $force = null ) {
*
* @since 2.6.0
*
- * @return string
+ * @return string The guessed URL.
*/
function wp_guess_url() {
if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
$url = WP_SITEURL;
} else {
+ $abspath_fix = str_replace( '\\', '/', ABSPATH );
+ $script_filename_dir = dirname( $_SERVER['SCRIPT_FILENAME'] );
+
+ // The request is for the admin
+ if ( strpos( $_SERVER['REQUEST_URI'], 'wp-admin' ) !== false || strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false ) {
+ $path = preg_replace( '#/(wp-admin/.*|wp-login.php)#i', '', $_SERVER['REQUEST_URI'] );
+
+ // The request is for a file in ABSPATH
+ } elseif ( $script_filename_dir . '/' == $abspath_fix ) {
+ // Strip off any file/query params in the path
+ $path = preg_replace( '#/[^/]*$#i', '', $_SERVER['PHP_SELF'] );
+
+ } else {
+ if ( false !== strpos( $_SERVER['SCRIPT_FILENAME'], $abspath_fix ) ) {
+ // Request is hitting a file inside ABSPATH
+ $directory = str_replace( ABSPATH, '', $script_filename_dir );
+ // Strip off the sub directory, and any file/query params
+ $path = preg_replace( '#/' . preg_quote( $directory, '#' ) . '/[^/]*$#i', '' , $_SERVER['REQUEST_URI'] );
+ } elseif ( false !== strpos( $abspath_fix, $script_filename_dir ) ) {
+ // Request is hitting a file above ABSPATH
+ $subdirectory = substr( $abspath_fix, strpos( $abspath_fix, $script_filename_dir ) + strlen( $script_filename_dir ) );
+ // Strip off any file/query params from the path, appending the sub directory to the install
+ $path = preg_replace( '#/[^/]*$#i', '' , $_SERVER['REQUEST_URI'] ) . $subdirectory;
+ } else {
+ $path = $_SERVER['REQUEST_URI'];
+ }
+ }
+
$schema = is_ssl() ? 'https://' : 'http://'; // set_url_scheme() is not defined yet
- $url = preg_replace( '#/(wp-admin/.*|wp-login.php)#i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+ $url = $schema . $_SERVER['HTTP_HOST'] . $path;
}
return rtrim($url, '/');
@@ -3152,6 +4012,8 @@ function wp_guess_url() {
*
* @since 3.3.0
*
+ * @staticvar bool $_suspend
+ *
* @param bool $suspend Optional. Suspends additions if true, re-enables them if false.
* @return bool The current suspend setting
*/
@@ -3167,16 +4029,18 @@ function wp_suspend_cache_addition( $suspend = null ) {
/**
* Suspend cache invalidation.
*
- * Turns cache invalidation on and off. Useful during imports where you don't wont to do invalidations
- * every time a post is inserted. Callers must be sure that what they are doing won't lead to an inconsistent
- * cache when invalidation is suspended.
+ * Turns cache invalidation on and off. Useful during imports where you don't wont to do
+ * invalidations every time a post is inserted. Callers must be sure that what they are
+ * doing won't lead to an inconsistent cache when invalidation is suspended.
*
* @since 2.7.0
*
- * @param bool $suspend Whether to suspend or enable cache invalidation
- * @return bool The current suspend setting
+ * @global bool $_wp_suspend_cache_invalidation
+ *
+ * @param bool $suspend Optional. Whether to suspend or enable cache invalidation. Default true.
+ * @return bool The current suspend setting.
*/
-function wp_suspend_cache_invalidation($suspend = true) {
+function wp_suspend_cache_invalidation( $suspend = true ) {
global $_wp_suspend_cache_invalidation;
$current_suspend = $_wp_suspend_cache_invalidation;
@@ -3185,35 +4049,102 @@ function wp_suspend_cache_invalidation($suspend = true) {
}
/**
- * Is main site?
- *
+ * Determine whether a site is the main site of the current network.
*
* @since 3.0.0
- * @package WordPress
*
- * @param int $blog_id optional blog id to test (default current blog)
- * @return bool True if not multisite or $blog_id is main site
+ * @global object $current_site
+ *
+ * @param int $site_id Optional. Site ID to test. Defaults to current site.
+ * Defaults to current site.
+ * @return bool True if $site_id is the main site of the network, or if not
+ * running Multisite.
*/
-function is_main_site( $blog_id = '' ) {
+function is_main_site( $site_id = null ) {
+ // This is the current network's information; 'site' is old terminology.
global $current_site;
if ( ! is_multisite() )
return true;
- if ( ! $blog_id )
- $blog_id = get_current_blog_id();
+ if ( ! $site_id )
+ $site_id = get_current_blog_id();
+
+ return (int) $site_id === (int) $current_site->blog_id;
+}
+
+/**
+ * Determine whether a network is the main network of the Multisite install.
+ *
+ * @since 3.7.0
+ *
+ * @param int $network_id Optional. Network ID to test. Defaults to current network.
+ * @return bool True if $network_id is the main network, or if not running Multisite.
+ */
+function is_main_network( $network_id = null ) {
+ if ( ! is_multisite() ) {
+ return true;
+ }
+
+ $current_network_id = (int) get_current_site()->id;
- return $blog_id == $current_site->blog_id;
+ if ( null === $network_id ) {
+ $network_id = $current_network_id;
+ }
+
+ $network_id = (int) $network_id;
+
+ return ( $network_id === get_main_network_id() );
}
/**
- * Whether global terms are enabled.
+ * Get the main network ID.
*
+ * @since 4.3.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @return int The ID of the main network.
+ */
+function get_main_network_id() {
+ global $wpdb;
+
+ if ( ! is_multisite() ) {
+ return 1;
+ }
+
+ if ( defined( 'PRIMARY_NETWORK_ID' ) ) {
+ $main_network_id = PRIMARY_NETWORK_ID;
+ } elseif ( 1 === (int) get_current_site()->id ) {
+ // If the current network has an ID of 1, assume it is the main network.
+ $main_network_id = 1;
+ } else {
+ $main_network_id = wp_cache_get( 'primary_network_id', 'site-options' );
+
+ if ( false === $main_network_id ) {
+ $main_network_id = (int) $wpdb->get_var( "SELECT id FROM {$wpdb->site} ORDER BY id LIMIT 1" );
+ wp_cache_add( 'primary_network_id', $main_network_id, 'site-options' );
+ }
+ }
+
+ /**
+ * Filter the main network ID.
+ *
+ * @since 4.3.0
+ *
+ * @param int $main_network_id The ID of the main network.
+ */
+ return (int) apply_filters( 'get_main_network_id', $main_network_id );
+}
+
+/**
+ * Determine whether global terms are enabled.
*
* @since 3.0.0
- * @package WordPress
*
- * @return bool True if multisite and global terms enabled
+ * @staticvar bool $global_terms
+ *
+ * @return bool True if multisite and global terms enabled.
*/
function global_terms_enabled() {
if ( ! is_multisite() )
@@ -3221,6 +4152,17 @@ function global_terms_enabled() {
static $global_terms = null;
if ( is_null( $global_terms ) ) {
+
+ /**
+ * Filter whether global terms are enabled.
+ *
+ * Passing a non-null value to the filter will effectively short-circuit the function,
+ * returning the value of the 'global_terms_enabled' site option instead.
+ *
+ * @since 3.0.0
+ *
+ * @param null $enabled Whether global terms are enabled.
+ */
$filter = apply_filters( 'global_terms_enabled', null );
if ( ! is_null( $filter ) )
$global_terms = (bool) $filter;
@@ -3237,7 +4179,7 @@ function global_terms_enabled() {
*
* @since 2.8.0
*
- * @return float|bool
+ * @return float|false Timezone GMT offset, false otherwise.
*/
function wp_timezone_override_offset() {
if ( !$timezone_string = get_option( 'timezone_string' ) ) {
@@ -3253,12 +4195,13 @@ function wp_timezone_override_offset() {
}
/**
- * {@internal Missing Short Description}}
+ * Sort-helper for timezones.
*
* @since 2.9.0
+ * @access private
*
- * @param unknown_type $a
- * @param unknown_type $b
+ * @param array $a
+ * @param array $b
* @return int
*/
function _wp_timezone_choice_usort_callback( $a, $b ) {
@@ -3300,11 +4243,13 @@ function _wp_timezone_choice_usort_callback( $a, $b ) {
}
/**
- * Gives a nicely formatted list of timezone strings. // temporary! Not in final
+ * Gives a nicely-formatted list of timezone strings.
*
* @since 2.9.0
*
- * @param string $selected_zone Selected Zone
+ * @staticvar bool $mo_loaded
+ *
+ * @param string $selected_zone Selected timezone.
* @return string
*/
function wp_timezone_choice( $selected_zone ) {
@@ -3430,21 +4375,28 @@ function wp_timezone_choice( $selected_zone ) {
/**
* Strip close comment and close php tags from file headers used by WP.
- * See http://core.trac.wordpress.org/ticket/8497
*
* @since 2.8.0
+ * @access private
+ *
+ * @see https://core.trac.wordpress.org/ticket/8497
*
- * @param string $str
+ * @param string $str Header comment to clean up.
* @return string
*/
-function _cleanup_header_comment($str) {
+function _cleanup_header_comment( $str ) {
return trim(preg_replace("/\s*(?:\*\/|\?>).*/", '', $str));
}
/**
- * Permanently deletes posts, pages, attachments, and comments which have been in the trash for EMPTY_TRASH_DAYS.
+ * Permanently delete comments or posts of any type that have held a status
+ * of 'trash' for the number of days defined in EMPTY_TRASH_DAYS.
+ *
+ * The default value of `EMPTY_TRASH_DAYS` is 30 (days).
*
* @since 2.9.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
*/
function wp_scheduled_delete() {
global $wpdb;
@@ -3481,7 +4433,7 @@ function wp_scheduled_delete() {
delete_comment_meta($comment_id, '_wp_trash_meta_time');
delete_comment_meta($comment_id, '_wp_trash_meta_status');
} else {
- wp_delete_comment($comment_id);
+ wp_delete_comment( $del_comment );
}
}
}
@@ -3496,12 +4448,15 @@ function wp_scheduled_delete() {
* If the file data is not within that first 8kiB, then the author should correct
* their plugin file and move the data headers to the top.
*
- * @see http://codex.wordpress.org/File_Header
+ * @link https://codex.wordpress.org/File_Header
*
* @since 2.9.0
- * @param string $file Path to the file
- * @param array $default_headers List of headers, in the format array('HeaderKey' => 'Header Name')
- * @param string $context If specified adds filter hook "extra_{$context}_headers"
+ *
+ * @param string $file Path to the file.
+ * @param array $default_headers List of headers, in the format array('HeaderKey' => 'Header Name').
+ * @param string $context Optional. If specified adds filter hook "extra_{$context}_headers".
+ * Default empty.
+ * @return array Array of file headers in `HeaderKey => Header Value` format.
*/
function get_file_data( $file, $default_headers, $context = '' ) {
// We don't need to write to the file, so just open for reading.
@@ -3516,6 +4471,16 @@ function get_file_data( $file, $default_headers, $context = '' ) {
// Make sure we catch CR-only line endings.
$file_data = str_replace( "\r", "\n", $file_data );
+ /**
+ * Filter extra file headers by context.
+ *
+ * The dynamic portion of the hook name, `$context`, refers to
+ * the context where extra headers might be loaded.
+ *
+ * @since 2.9.0
+ *
+ * @param array $extra_context_headers Empty array by default.
+ */
if ( $context && $extra_headers = apply_filters( "extra_{$context}_headers", array() ) ) {
$extra_headers = array_combine( $extra_headers, $extra_headers ); // keys equal values
$all_headers = array_merge( $extra_headers, (array) $default_headers );
@@ -3533,27 +4498,16 @@ function get_file_data( $file, $default_headers, $context = '' ) {
return $all_headers;
}
-/**
- * Used internally to tidy up the search terms.
- *
- * @access private
- * @since 2.9.0
- *
- * @param string $t
- * @return string
- */
-function _search_terms_tidy($t) {
- return trim($t, "\"'\n\r ");
-}
-
/**
* Returns true.
*
* Useful for returning true to filters easily.
*
* @since 3.0.0
+ *
* @see __return_false()
- * @return bool true
+ *
+ * @return true True.
*/
function __return_true() {
return true;
@@ -3565,8 +4519,10 @@ function __return_true() {
* Useful for returning false to filters easily.
*
* @since 3.0.0
+ *
* @see __return_true()
- * @return bool false
+ *
+ * @return false False.
*/
function __return_false() {
return false;
@@ -3578,8 +4534,8 @@ function __return_false() {
* Useful for returning 0 to filters easily.
*
* @since 3.0.0
- * @see __return_zero()
- * @return int 0
+ *
+ * @return int 0.
*/
function __return_zero() {
return 0;
@@ -3591,8 +4547,8 @@ function __return_zero() {
* Useful for returning an empty array to filters easily.
*
* @since 3.0.0
- * @see __return_zero()
- * @return array Empty array
+ *
+ * @return array Empty array.
*/
function __return_empty_array() {
return array();
@@ -3604,38 +4560,51 @@ function __return_empty_array() {
* Useful for returning null to filters easily.
*
* @since 3.4.0
- * @return null
+ *
+ * @return null Null value.
*/
function __return_null() {
return null;
}
/**
- * Send a HTTP header to disable content type sniffing in browsers which support it.
+ * Returns an empty string.
+ *
+ * Useful for returning an empty string to filters easily.
+ *
+ * @since 3.7.0
*
- * @link http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
- * @link http://src.chromium.org/viewvc/chrome?view=rev&revision=6985
+ * @see __return_null()
+ *
+ * @return string Empty string.
+ */
+function __return_empty_string() {
+ return '';
+}
+
+/**
+ * Send a HTTP header to disable content type sniffing in browsers which support it.
*
* @since 3.0.0
- * @return none
+ *
+ * @see http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
+ * @see http://src.chromium.org/viewvc/chrome?view=rev&revision=6985
*/
function send_nosniff_header() {
@header( 'X-Content-Type-Options: nosniff' );
}
/**
- * Returns a MySQL expression for selecting the week number based on the start_of_week option.
+ * Return a MySQL expression for selecting the week number based on the start_of_week option.
*
- * @internal
+ * @ignore
* @since 3.0.0
- * @param string $column
- * @return string
+ *
+ * @param string $column Database column.
+ * @return string SQL clause.
*/
function _wp_mysql_week( $column ) {
switch ( $start_of_week = (int) get_option( 'start_of_week' ) ) {
- default :
- case 0 :
- return "WEEK( $column, 0 )";
case 1 :
return "WEEK( $column, 1 )";
case 2 :
@@ -3644,20 +4613,24 @@ function _wp_mysql_week( $column ) {
case 5 :
case 6 :
return "WEEK( DATE_SUB( $column, INTERVAL $start_of_week DAY ), 0 )";
+ case 0 :
+ default :
+ return "WEEK( $column, 0 )";
}
}
/**
- * Finds hierarchy loops using a callback function that maps object IDs to parent IDs.
+ * Find hierarchy loops using a callback function that maps object IDs to parent IDs.
*
* @since 3.1.0
* @access private
*
- * @param callback $callback function that accepts ( ID, $callback_args ) and outputs parent_ID
- * @param int $start The ID to start the loop check at
- * @param int $start_parent the parent_ID of $start to use instead of calling $callback( $start ). Use null to always use $callback
- * @param array $callback_args optional additional arguments to send to $callback
- * @return array IDs of all members of loop
+ * @param callable $callback Function that accepts ( ID, $callback_args ) and outputs parent_ID.
+ * @param int $start The ID to start the loop check at.
+ * @param int $start_parent The parent_ID of $start to use instead of calling $callback( $start ).
+ * Use null to always use $callback
+ * @param array $callback_args Optional. Additional arguments to send to $callback.
+ * @return array IDs of all members of loop.
*/
function wp_find_hierarchy_loop( $callback, $start, $start_parent, $callback_args = array() ) {
$override = is_null( $start_parent ) ? array() : array( $start => $start_parent );
@@ -3669,7 +4642,7 @@ function wp_find_hierarchy_loop( $callback, $start, $start_parent, $callback_arg
}
/**
- * Uses the "The Tortoise and the Hare" algorithm to detect loops.
+ * Use the "The Tortoise and the Hare" algorithm to detect loops.
*
* For every step of the algorithm, the hare takes two steps and the tortoise one.
* If the hare ever laps the tortoise, there must be a loop.
@@ -3677,14 +4650,16 @@ function wp_find_hierarchy_loop( $callback, $start, $start_parent, $callback_arg
* @since 3.1.0
* @access private
*
- * @param callback $callback function that accepts ( ID, callback_arg, ... ) and outputs parent_ID
- * @param int $start The ID to start the loop check at
- * @param array $override an array of ( ID => parent_ID, ... ) to use instead of $callback
- * @param array $callback_args optional additional arguments to send to $callback
- * @param bool $_return_loop Return loop members or just detect presence of loop?
- * Only set to true if you already know the given $start is part of a loop
- * (otherwise the returned array might include branches)
- * @return mixed scalar ID of some arbitrary member of the loop, or array of IDs of all members of loop if $_return_loop
+ * @param callable $callback Function that accepts ( ID, callback_arg, ... ) and outputs parent_ID.
+ * @param int $start The ID to start the loop check at.
+ * @param array $override Optional. An array of ( ID => parent_ID, ... ) to use instead of $callback.
+ * Default empty array.
+ * @param array $callback_args Optional. Additional arguments to send to $callback. Default empty array.
+ * @param bool $_return_loop Optional. Return loop members or just detect presence of loop? Only set
+ * to true if you already know the given $start is part of a loop (otherwise
+ * the returned array might include branches). Default false.
+ * @return mixed Scalar ID of some arbitrary member of the loop, or array of IDs of all members of loop if
+ * $_return_loop
*/
function wp_find_hierarchy_loop_tortoise_hare( $callback, $start, $override = array(), $callback_args = array(), $_return_loop = false ) {
$tortoise = $hare = $evanescent_hare = $start;
@@ -3716,10 +4691,9 @@ function wp_find_hierarchy_loop_tortoise_hare( $callback, $start, $override = ar
/**
* Send a HTTP header to limit rendering of pages to same origin iframes.
*
- * @link https://developer.mozilla.org/en/the_x-frame-options_response_header
- *
* @since 3.1.3
- * @return none
+ *
+ * @see https://developer.mozilla.org/en/the_x-frame-options_response_header
*/
function send_frame_options_header() {
@header( 'X-Frame-Options: SAMEORIGIN' );
@@ -3729,16 +4703,30 @@ function send_frame_options_header() {
* Retrieve a list of protocols to allow in HTML attributes.
*
* @since 3.3.0
+ * @since 4.3.0 Added 'webcal' to the protocols array.
+ *
* @see wp_kses()
* @see esc_url()
*
- * @return array Array of allowed protocols
+ * @staticvar array $protocols
+ *
+ * @return array Array of allowed protocols. Defaults to an array containing 'http', 'https',
+ * 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet',
+ * 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', and 'webcal'.
*/
function wp_allowed_protocols() {
- static $protocols;
+ static $protocols = array();
if ( empty( $protocols ) ) {
- $protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp' );
+ $protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal' );
+
+ /**
+ * Filter the list of protocols allowed in HTML attributes.
+ *
+ * @since 3.0.0
+ *
+ * @param array $protocols Array of allowed protocols e.g. 'http', 'ftp', 'tel', and more.
+ */
$protocols = apply_filters( 'kses_allowed_protocols', $protocols );
}
@@ -3746,15 +4734,21 @@ function wp_allowed_protocols() {
}
/**
- * Return a comma separated string of functions that have been called to get to the current point in code.
+ * Return a comma-separated string of functions that have been called to get
+ * to the current point in code.
+ *
+ * @since 3.4.0
*
- * @link http://core.trac.wordpress.org/ticket/19589
- * @since 3.4
+ * @see https://core.trac.wordpress.org/ticket/19589
*
- * @param string $ignore_class A class to ignore all function calls within - useful when you want to just give info about the callee
- * @param int $skip_frames A number of stack frames to skip - useful for unwinding back to the source of the issue
- * @param bool $pretty Whether or not you want a comma separated string or raw array returned
- * @return string|array Either a string containing a reversed comma separated trace or an array of individual calls.
+ * @param string $ignore_class Optional. A class to ignore all function calls within - useful
+ * when you want to just give info about the callee. Default null.
+ * @param int $skip_frames Optional. A number of stack frames to skip - useful for unwinding
+ * back to the source of the issue. Default 0.
+ * @param bool $pretty Optional. Whether or not you want a comma separated string or raw
+ * array returned. Default true.
+ * @return string|array Either a string containing a reversed comma separated trace or an array
+ * of individual calls.
*/
function wp_debug_backtrace_summary( $ignore_class = null, $skip_frames = 0, $pretty = true ) {
if ( version_compare( PHP_VERSION, '5.2.5', '>=' ) )
@@ -3791,14 +4785,15 @@ function wp_debug_backtrace_summary( $ignore_class = null, $skip_frames = 0, $pr
}
/**
- * Retrieve ids that are not already present in the cache
+ * Retrieve ids that are not already present in the cache.
*
* @since 3.4.0
+ * @access private
*
- * @param array $object_ids ID list
- * @param string $cache_key The cache bucket to check against
+ * @param array $object_ids ID list.
+ * @param string $cache_key The cache bucket to check against.
*
- * @return array
+ * @return array List of ids not present in the cache.
*/
function _get_non_cached_ids( $object_ids, $cache_key ) {
$clean = array();
@@ -3818,7 +4813,7 @@ function _get_non_cached_ids( $object_ids, $cache_key ) {
* @since 3.4.0
* @access private
*
- * @return bool true|false
+ * @return bool Whether the device is able to upload files.
*/
function _device_can_upload() {
if ( ! wp_is_mobile() )
@@ -3838,8 +4833,8 @@ function _device_can_upload() {
/**
* Test if a given path is a stream URL
*
- * @param string $path The resource path or URL
- * @return bool True if the path is a stream URL
+ * @param string $path The resource path or URL.
+ * @return bool True if the path is a stream URL.
*/
function wp_is_stream( $path ) {
$wrappers = stream_get_wrappers();
@@ -3849,12 +4844,330 @@ function wp_is_stream( $path ) {
}
/**
- * Test if the supplied date is valid for the Gregorian calendar
+ * Test if the supplied date is valid for the Gregorian calendar.
*
* @since 3.5.0
*
- * @return bool true|false
+ * @see checkdate()
+ *
+ * @param int $month Month number.
+ * @param int $day Day number.
+ * @param int $year Year number.
+ * @param string $source_date The date to filter.
+ * @return bool True if valid date, false if not valid date.
*/
function wp_checkdate( $month, $day, $year, $source_date ) {
+ /**
+ * Filter whether the given date is valid for the Gregorian calendar.
+ *
+ * @since 3.5.0
+ *
+ * @param bool $checkdate Whether the given date is valid.
+ * @param string $source_date Date to check.
+ */
return apply_filters( 'wp_checkdate', checkdate( $month, $day, $year ), $source_date );
}
+
+/**
+ * Load the auth check for monitoring whether the user is still logged in.
+ *
+ * Can be disabled with remove_action( 'admin_enqueue_scripts', 'wp_auth_check_load' );
+ *
+ * This is disabled for certain screens where a login screen could cause an
+ * inconvenient interruption. A filter called wp_auth_check_load can be used
+ * for fine-grained control.
+ *
+ * @since 3.6.0
+ */
+function wp_auth_check_load() {
+ if ( ! is_admin() && ! is_user_logged_in() )
+ return;
+
+ if ( defined( 'IFRAME_REQUEST' ) )
+ return;
+
+ $screen = get_current_screen();
+ $hidden = array( 'update', 'update-network', 'update-core', 'update-core-network', 'upgrade', 'upgrade-network', 'network' );
+ $show = ! in_array( $screen->id, $hidden );
+
+ /**
+ * Filter whether to load the authentication check.
+ *
+ * Passing a falsey value to the filter will effectively short-circuit
+ * loading the authentication check.
+ *
+ * @since 3.6.0
+ *
+ * @param bool $show Whether to load the authentication check.
+ * @param WP_Screen $screen The current screen object.
+ */
+ if ( apply_filters( 'wp_auth_check_load', $show, $screen ) ) {
+ wp_enqueue_style( 'wp-auth-check' );
+ wp_enqueue_script( 'wp-auth-check' );
+
+ add_action( 'admin_print_footer_scripts', 'wp_auth_check_html', 5 );
+ add_action( 'wp_print_footer_scripts', 'wp_auth_check_html', 5 );
+ }
+}
+
+/**
+ * Output the HTML that shows the wp-login dialog when the user is no longer logged in.
+ *
+ * @since 3.6.0
+ */
+function wp_auth_check_html() {
+ $login_url = wp_login_url();
+ $current_domain = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'];
+ $same_domain = ( strpos( $login_url, $current_domain ) === 0 );
+
+ /**
+ * Filter whether the authentication check originated at the same domain.
+ *
+ * @since 3.6.0
+ *
+ * @param bool $same_domain Whether the authentication check originated at the same domain.
+ */
+ $same_domain = apply_filters( 'wp_auth_check_same_domain', $same_domain );
+ $wrap_class = $same_domain ? 'hidden' : 'hidden fallback';
+
+ ?>
+
+ [\s\S]*<\/%1$s>|\s*\/>)', tag_escape( $tag ) );
+}
+
+/**
+ * Retrieve a canonical form of the provided charset appropriate for passing to PHP
+ * functions such as htmlspecialchars() and charset html attributes.
+ *
+ * @since 3.6.0
+ * @access private
+ *
+ * @see https://core.trac.wordpress.org/ticket/23688
+ *
+ * @param string $charset A charset name.
+ * @return string The canonical form of the charset.
+ */
+function _canonical_charset( $charset ) {
+ if ( 'UTF-8' === $charset || 'utf-8' === $charset || 'utf8' === $charset ||
+ 'UTF8' === $charset )
+ return 'UTF-8';
+
+ if ( 'ISO-8859-1' === $charset || 'iso-8859-1' === $charset ||
+ 'iso8859-1' === $charset || 'ISO8859-1' === $charset )
+ return 'ISO-8859-1';
+
+ return $charset;
+}
+
+/**
+ * Set the mbstring internal encoding to a binary safe encoding when func_overload
+ * is enabled.
+ *
+ * When mbstring.func_overload is in use for multi-byte encodings, the results from
+ * strlen() and similar functions respect the utf8 characters, causing binary data
+ * to return incorrect lengths.
+ *
+ * This function overrides the mbstring encoding to a binary-safe encoding, and
+ * resets it to the users expected encoding afterwards through the
+ * `reset_mbstring_encoding` function.
+ *
+ * It is safe to recursively call this function, however each
+ * `mbstring_binary_safe_encoding()` call must be followed up with an equal number
+ * of `reset_mbstring_encoding()` calls.
+ *
+ * @since 3.7.0
+ *
+ * @see reset_mbstring_encoding()
+ *
+ * @staticvar array $encodings
+ * @staticvar bool $overloaded
+ *
+ * @param bool $reset Optional. Whether to reset the encoding back to a previously-set encoding.
+ * Default false.
+ */
+function mbstring_binary_safe_encoding( $reset = false ) {
+ static $encodings = array();
+ static $overloaded = null;
+
+ if ( is_null( $overloaded ) )
+ $overloaded = function_exists( 'mb_internal_encoding' ) && ( ini_get( 'mbstring.func_overload' ) & 2 );
+
+ if ( false === $overloaded )
+ return;
+
+ if ( ! $reset ) {
+ $encoding = mb_internal_encoding();
+ array_push( $encodings, $encoding );
+ mb_internal_encoding( 'ISO-8859-1' );
+ }
+
+ if ( $reset && $encodings ) {
+ $encoding = array_pop( $encodings );
+ mb_internal_encoding( $encoding );
+ }
+}
+
+/**
+ * Reset the mbstring internal encoding to a users previously set encoding.
+ *
+ * @see mbstring_binary_safe_encoding()
+ *
+ * @since 3.7.0
+ */
+function reset_mbstring_encoding() {
+ mbstring_binary_safe_encoding( true );
+}
+
+/**
+ * Filter/validate a variable as a boolean.
+ *
+ * Alternative to `filter_var( $var, FILTER_VALIDATE_BOOLEAN )`.
+ *
+ * @since 4.0.0
+ *
+ * @param mixed $var Boolean value to validate.
+ * @return bool Whether the value is validated.
+ */
+function wp_validate_boolean( $var ) {
+ if ( is_bool( $var ) ) {
+ return $var;
+ }
+
+ if ( is_string( $var ) && 'false' === strtolower( $var ) ) {
+ return false;
+ }
+
+ return (bool) $var;
+}
+
+/**
+ * Delete a file
+ *
+ * @since 4.2.0
+ *
+ * @param string $file The path to the file to delete.
+ */
+function wp_delete_file( $file ) {
+ /**
+ * Filter the path of the file to delete.
+ *
+ * @since 2.1.0
+ *
+ * @param string $medium Path to the file to delete.
+ */
+ $delete = apply_filters( 'wp_delete_file', $file );
+ if ( ! empty( $delete ) ) {
+ @unlink( $delete );
+ }
+}
+
+/**
+ * Outputs a small JS snippet on preview tabs/windows to remove `window.name` on unload.
+ *
+ * This prevents reusing the same tab for a preview when the user has navigated away.
+ *
+ * @since 4.3.0
+ */
+function wp_post_preview_js() {
+ global $post;
+
+ if ( ! is_preview() || empty( $post ) ) {
+ return;
+ }
+
+ // Has to match the window name used in post_submit_meta_box()
+ $name = 'wp-preview-' . (int) $post->ID;
+
+ ?>
+
+