X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/fd1685fbc29cf422e0d23f1bf1815bc023be805d..256a3b381f63716209b3527d0a14442ae570c283:/wp-admin/admin.php?import=%24id diff --git a/wp-admin/admin.php b/wp-admin/admin.php index f8405f9a..85979327 100644 --- a/wp-admin/admin.php +++ b/wp-admin/admin.php @@ -7,69 +7,154 @@ */ /** - * In WordPress Administration Panels + * In WordPress Administration Screens * - * @since unknown + * @since 2.3.2 */ -if ( !defined('WP_ADMIN') ) - define('WP_ADMIN', TRUE); +if ( ! defined('WP_ADMIN') ) + define('WP_ADMIN', true); -if ( defined('ABSPATH') ) - require_once(ABSPATH . 'wp-load.php'); -else - require_once('../wp-load.php'); +if ( ! defined('WP_NETWORK_ADMIN') ) + define('WP_NETWORK_ADMIN', false); + +if ( ! defined('WP_USER_ADMIN') ) + define('WP_USER_ADMIN', false); + +if ( ! WP_NETWORK_ADMIN && ! WP_USER_ADMIN ) { + define('WP_BLOG_ADMIN', true); +} + +if ( isset($_GET['import']) && !defined('WP_LOAD_IMPORTERS') ) + define('WP_LOAD_IMPORTERS', true); + +require_once(dirname(dirname(__FILE__)) . '/wp-load.php'); + +nocache_headers(); if ( get_option('db_upgraded') ) { - $wp_rewrite->flush_rules(); + flush_rewrite_rules(); update_option( 'db_upgraded', false ); /** - * Runs on the next page load after successful upgrade + * Fires on the next page load after a successful DB upgrade. + * + * @since 2.8.0 + */ + do_action( 'after_db_upgrade' ); +} elseif ( get_option('db_version') != $wp_db_version && empty($_POST) ) { + if ( !is_multisite() ) { + wp_redirect( admin_url( 'upgrade.php?_wp_http_referer=' . urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) ); + exit; + + /** + * Filter whether to attempt to perform the multisite DB upgrade routine. + * + * In single site, the user would be redirected to wp-admin/upgrade.php. + * In multisite, it is automatically fired, but only when this filter + * returns true. + * + * If the network is 50 sites or less, it will run every time. Otherwise, + * it will throttle itself to reduce load. * - * @since 2.8 + * @since 3.0.0 + * + * @param bool true Whether to perform the Multisite upgrade routine. Default true. */ - do_action('after_db_upgrade'); -} elseif ( get_option('db_version') != $wp_db_version ) { - wp_redirect(admin_url('upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])))); - exit; + } elseif ( apply_filters( 'do_mu_upgrade', true ) ) { + $c = get_blog_count(); + // If 50 or fewer sites, run every time. Else, run "about ten percent" of the time. Shh, don't check that math. + if ( $c <= 50 || ( $c > 50 && mt_rand( 0, (int)( $c / 50 ) ) == 1 ) ) { + require_once( ABSPATH . WPINC . '/http.php' ); + $response = wp_remote_get( admin_url( 'upgrade.php?step=1' ), array( 'timeout' => 120, 'httpversion' => '1.1' ) ); + /** + * Fires after the multisite DB upgrade is complete. + * + * @since 3.0.0 + * + * @param array|WP_Error $response The upgrade response array or WP_Error on failure. + */ + do_action( 'after_mu_upgrade', $response ); + unset($response); + } + unset($c); + } } require_once(ABSPATH . 'wp-admin/includes/admin.php'); auth_redirect(); -nocache_headers(); - -update_category_cache(); +// Schedule trash collection +if ( !wp_next_scheduled('wp_scheduled_delete') && !defined('WP_INSTALLING') ) + wp_schedule_event(time(), 'daily', 'wp_scheduled_delete'); set_screen_options(); -$posts_per_page = get_option('posts_per_page'); $date_format = get_option('date_format'); $time_format = get_option('time_format'); -wp_reset_vars(array('profile', 'redirect', 'redirect_url', 'a', 'popuptitle', 'popupurl', 'text', 'trackback', 'pingback')); - -wp_admin_css_color('classic', __('Blue'), admin_url("css/colors-classic.css"), array('#073447', '#21759B', '#EAF3FA', '#BBD8E7')); -wp_admin_css_color('fresh', __('Gray'), admin_url("css/colors-fresh.css"), array('#464646', '#6D6D6D', '#F1F1F1', '#DFDFDF')); - wp_enqueue_script( 'common' ); -wp_enqueue_script( 'jquery-color' ); $editing = false; -if (isset($_GET['page'])) { - $plugin_page = stripslashes($_GET['page']); +if ( isset($_GET['page']) ) { + $plugin_page = wp_unslash( $_GET['page'] ); $plugin_page = plugin_basename($plugin_page); } -require(ABSPATH . 'wp-admin/menu.php'); +if ( isset( $_REQUEST['post_type'] ) && post_type_exists( $_REQUEST['post_type'] ) ) + $typenow = $_REQUEST['post_type']; +else + $typenow = ''; -do_action('admin_init'); +if ( isset( $_REQUEST['taxonomy'] ) && taxonomy_exists( $_REQUEST['taxonomy'] ) ) + $taxnow = $_REQUEST['taxonomy']; +else + $taxnow = ''; -// Handle plugin admin pages. -if (isset($plugin_page)) { - if( ! $page_hook = get_plugin_page_hook($plugin_page, $pagenow) ) { +if ( WP_NETWORK_ADMIN ) + require(ABSPATH . 'wp-admin/network/menu.php'); +elseif ( WP_USER_ADMIN ) + require(ABSPATH . 'wp-admin/user/menu.php'); +else + require(ABSPATH . 'wp-admin/menu.php'); + +if ( current_user_can( 'manage_options' ) ) { + /** + * Filter the maximum memory limit available for administration screens. + * + * This only applies to administrators, who may require more memory for tasks like updates. + * Memory limits when processing images (uploaded or edited by users of any role) are + * handled separately. + * + * The WP_MAX_MEMORY_LIMIT constant specifically defines the maximum memory limit available + * when in the administration back-end. The default is 256M, or 256 megabytes of memory. + * + * @since 3.0.0 + * + * @param string 'WP_MAX_MEMORY_LIMIT' The maximum WordPress memory limit. Default 256M. + */ + @ini_set( 'memory_limit', apply_filters( 'admin_memory_limit', WP_MAX_MEMORY_LIMIT ) ); +} + +/** + * Fires as an admin screen or script is being initialized. + * + * Note, this does not just run on user-facing admin screens. + * It runs on admin-ajax.php and admin-post.php as well. + * + * This is roughly analgous to the more general 'init' hook, which fires earlier. + * + * @since 2.5.0 + */ +do_action( 'admin_init' ); + +if ( isset($plugin_page) ) { + if ( !empty($typenow) ) + $the_parent = $pagenow . '?post_type=' . $typenow; + else + $the_parent = $pagenow; + if ( ! $page_hook = get_plugin_page_hook($plugin_page, $the_parent) ) { $page_hook = get_plugin_page_hook($plugin_page, $plugin_page); // backwards compatibility for plugins using add_management_page if ( empty( $page_hook ) && 'edit.php' == $pagenow && '' != get_plugin_page_hook($plugin_page, 'tools.php') ) { @@ -78,31 +163,86 @@ if (isset($plugin_page)) { $query_string = $_SERVER[ 'QUERY_STRING' ]; else $query_string = 'page=' . $plugin_page; - wp_redirect( 'tools.php?' . $query_string ); + wp_redirect( admin_url('tools.php?' . $query_string) ); exit; } } + unset($the_parent); +} +$hook_suffix = ''; +if ( isset($page_hook) ) + $hook_suffix = $page_hook; +else if ( isset($plugin_page) ) + $hook_suffix = $plugin_page; +else if ( isset($pagenow) ) + $hook_suffix = $pagenow; + +set_current_screen(); + +// Handle plugin admin pages. +if ( isset($plugin_page) ) { if ( $page_hook ) { - do_action('load-' . $page_hook); + /** + * Fires before a particular screen is loaded. + * + * The load-* hook fires in a number of contexts. This hook is for plugin screens + * where a callback is provided when the screen is registered. + * + * The dynamic portion of the hook name, $page_hook, refers to a mixture of plugin + * page information including: + * 1. The page type. If the plugin page is registered as a submenu page, such as for + * Settings, the page type would be 'settings'. Otherwise the type is 'toplevel'. + * 2. A separator of '_page_'. + * 3. The plugin basename minus the file extension. + * + * Together, the three parts form the $page_hook. Citing the example above, + * the hook name used would be 'load-settings_page_pluginbasename'. + * + * @see get_plugin_page_hook() + * + * @since 2.1.0 + */ + do_action( 'load-' . $page_hook ); if (! isset($_GET['noheader'])) require_once(ABSPATH . 'wp-admin/admin-header.php'); - do_action($page_hook); + /** + * Used to call the registered callback for a plugin screen. + * + * @access private + * + * @since 1.5.0 + */ + do_action( $page_hook ); } else { - if ( validate_file($plugin_page) ) { + if ( validate_file($plugin_page) ) wp_die(__('Invalid plugin page')); - } - if (! ( file_exists(WP_PLUGIN_DIR . "/$plugin_page") && is_file(WP_PLUGIN_DIR . "/$plugin_page") ) ) + if ( !( file_exists(WP_PLUGIN_DIR . "/$plugin_page") && is_file(WP_PLUGIN_DIR . "/$plugin_page") ) && !( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") && is_file(WPMU_PLUGIN_DIR . "/$plugin_page") ) ) wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page))); - do_action('load-' . $plugin_page); - - if (! isset($_GET['noheader'])) + /** + * Fires before a particular screen is loaded. + * + * The load-* hook fires in a number of contexts. This hook is for plugin screens + * where the file to load is directly included, rather than the use of a function. + * + * The dynamic portion of the hook name, $plugin_page, refers to the plugin basename. + * + * @see plugin_basename() + * + * @since 1.5.0 + */ + do_action( 'load-' . $plugin_page ); + + if ( !isset($_GET['noheader'])) require_once(ABSPATH . 'wp-admin/admin-header.php'); - include(WP_PLUGIN_DIR . "/$plugin_page"); + if ( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") ) + include(WPMU_PLUGIN_DIR . "/$plugin_page"); + else + include(WP_PLUGIN_DIR . "/$plugin_page"); } include(ABSPATH . 'wp-admin/admin-footer.php'); @@ -116,19 +256,24 @@ if (isset($plugin_page)) { wp_die(__('You are not allowed to import.')); if ( validate_file($importer) ) { - wp_die(__('Invalid importer.')); + wp_redirect( admin_url( 'import.php?invalid=' . $importer ) ); + exit; } - // Allow plugins to define importers as well - if ( !isset($wp_importers) || !isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2])) - { - if (! file_exists(ABSPATH . "wp-admin/import/$importer.php")) - { - wp_die(__('Cannot load importer.')); - } - include(ABSPATH . "wp-admin/import/$importer.php"); + if ( ! isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2]) ) { + wp_redirect( admin_url( 'import.php?invalid=' . $importer ) ); + exit; } + /** + * Fires before an importer screen is loaded. + * + * The dynamic portion of the hook name, $importer, refers to the importer slug. + * + * @since 3.5.0 + */ + do_action( 'load-importer-' . $importer ); + $parent_file = 'tools.php'; $submenu_file = 'import.php'; $title = __('Import'); @@ -140,20 +285,63 @@ if (isset($plugin_page)) { define('WP_IMPORTING', true); + /** + * Whether to filter imported data through kses on import. + * + * Multisite uses this hook to filter all data through kses by default, + * as a super administrator may be assisting an untrusted user. + * + * @since 3.1.0 + * + * @param bool false Whether to force data to be filtered through kses. Default false. + */ + if ( apply_filters( 'force_filtered_html_on_import', false ) ) + kses_init_filters(); // Always filter imported data with kses on multisite. + call_user_func($wp_importers[$importer][2]); include(ABSPATH . 'wp-admin/admin-footer.php'); // Make sure rules are flushed - global $wp_rewrite; - $wp_rewrite->flush_rules(false); + flush_rewrite_rules(false); exit(); } else { - do_action("load-$pagenow"); + /** + * Fires before a particular screen is loaded. + * + * The load-* hook fires in a number of contexts. This hook is for core screens. + * + * The dynamic portion of the hook name, $pagenow, is a global variable + * referring to the filename of the current page, such as 'admin.php', + * 'post-new.php' etc. A complete hook for the latter would be 'load-post-new.php'. + * + * @since 2.1.0 + */ + do_action( 'load-' . $pagenow ); + // Backwards compatibility with old load-page-new.php, load-page.php, + // and load-categories.php actions. + if ( $typenow == 'page' ) { + if ( $pagenow == 'post-new.php' ) + do_action( 'load-page-new.php' ); + elseif ( $pagenow == 'post.php' ) + do_action( 'load-page.php' ); + } elseif ( $pagenow == 'edit-tags.php' ) { + if ( $taxnow == 'category' ) + do_action( 'load-categories.php' ); + elseif ( $taxnow == 'link_category' ) + do_action( 'load-edit-link-categories.php' ); + } } -if ( !empty($_REQUEST['action']) ) - do_action('admin_action_' . $_REQUEST['action']); - -?> +if ( ! empty( $_REQUEST['action'] ) ) { + /** + * Fires when an 'action' request variable is sent. + * + * The dynamic portion of the hook name, $_REQUEST['action'], + * refers to the action derived from the GET or POST request. + * + * @since 2.6.0 + */ + do_action( 'admin_action_' . $_REQUEST['action'] ); +}