diff options
Diffstat (limited to 'wp-admin/includes')
106 files changed, 95746 insertions, 0 deletions
diff --git a/wp-admin/includes/admin-filters.php b/wp-admin/includes/admin-filters.php new file mode 100644 index 0000000..b5adb94 --- /dev/null +++ b/wp-admin/includes/admin-filters.php @@ -0,0 +1,174 @@ +<?php +/** + * Administration API: Default admin hooks + * + * @package WordPress + * @subpackage Administration + * @since 4.3.0 + */ + +// Bookmark hooks. +add_action( 'admin_page_access_denied', 'wp_link_manager_disabled_message' ); + +// Dashboard hooks. +add_action( 'activity_box_end', 'wp_dashboard_quota' ); +add_action( 'welcome_panel', 'wp_welcome_panel' ); + +// Media hooks. +add_action( 'attachment_submitbox_misc_actions', 'attachment_submitbox_metadata' ); +add_filter( 'plupload_init', 'wp_show_heic_upload_error' ); + +add_action( 'media_upload_image', 'wp_media_upload_handler' ); +add_action( 'media_upload_audio', 'wp_media_upload_handler' ); +add_action( 'media_upload_video', 'wp_media_upload_handler' ); +add_action( 'media_upload_file', 'wp_media_upload_handler' ); + +add_action( 'post-plupload-upload-ui', 'media_upload_flash_bypass' ); + +add_action( 'post-html-upload-ui', 'media_upload_html_bypass' ); + +add_filter( 'async_upload_image', 'get_media_item', 10, 2 ); +add_filter( 'async_upload_audio', 'get_media_item', 10, 2 ); +add_filter( 'async_upload_video', 'get_media_item', 10, 2 ); +add_filter( 'async_upload_file', 'get_media_item', 10, 2 ); + +add_filter( 'media_upload_gallery', 'media_upload_gallery' ); +add_filter( 'media_upload_library', 'media_upload_library' ); + +add_filter( 'media_upload_tabs', 'update_gallery_tab' ); + +// Admin color schemes. +add_action( 'admin_init', 'register_admin_color_schemes', 1 ); +add_action( 'admin_head', 'wp_color_scheme_settings' ); +add_action( 'admin_color_scheme_picker', 'admin_color_scheme_picker' ); + +// Misc hooks. +add_action( 'admin_init', 'wp_admin_headers' ); +add_action( 'login_init', 'wp_admin_headers' ); +add_action( 'admin_init', 'send_frame_options_header', 10, 0 ); +add_action( 'admin_head', 'wp_admin_canonical_url' ); +add_action( 'admin_head', 'wp_site_icon' ); +add_action( 'admin_head', 'wp_admin_viewport_meta' ); +add_action( 'customize_controls_head', 'wp_admin_viewport_meta' ); +add_filter( 'nav_menu_meta_box_object', '_wp_nav_menu_meta_box_object' ); + +// Prerendering. +if ( ! is_customize_preview() ) { + add_filter( 'admin_print_styles', 'wp_resource_hints', 1 ); +} + +add_action( 'admin_print_scripts', 'print_emoji_detection_script' ); +add_action( 'admin_print_scripts', 'print_head_scripts', 20 ); +add_action( 'admin_print_footer_scripts', '_wp_footer_scripts' ); +add_action( 'admin_enqueue_scripts', 'wp_enqueue_emoji_styles' ); +add_action( 'admin_print_styles', 'print_emoji_styles' ); // Retained for backwards-compatibility. Unhooked by wp_enqueue_emoji_styles(). +add_action( 'admin_print_styles', 'print_admin_styles', 20 ); + +add_action( 'admin_print_scripts-index.php', 'wp_localize_community_events' ); +add_action( 'admin_print_scripts-post.php', 'wp_page_reload_on_back_button_js' ); +add_action( 'admin_print_scripts-post-new.php', 'wp_page_reload_on_back_button_js' ); + +add_action( 'update_option_home', 'update_home_siteurl', 10, 2 ); +add_action( 'update_option_siteurl', 'update_home_siteurl', 10, 2 ); +add_action( 'update_option_page_on_front', 'update_home_siteurl', 10, 2 ); +add_action( 'update_option_admin_email', 'wp_site_admin_email_change_notification', 10, 3 ); + +add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); +add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); + +add_filter( 'heartbeat_received', 'wp_check_locked_posts', 10, 3 ); +add_filter( 'heartbeat_received', 'wp_refresh_post_lock', 10, 3 ); +add_filter( 'heartbeat_received', 'heartbeat_autosave', 500, 2 ); + +add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 ); +add_filter( 'wp_refresh_nonces', 'wp_refresh_metabox_loader_nonces', 10, 2 ); +add_filter( 'wp_refresh_nonces', 'wp_refresh_heartbeat_nonces' ); + +add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' ); + +add_action( 'use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2 ); +add_action( 'edit_form_after_title', '_disable_content_editor_for_navigation_post_type' ); +add_action( 'edit_form_after_editor', '_enable_content_editor_for_navigation_post_type' ); + +// Nav Menu hooks. +add_action( 'admin_head-nav-menus.php', '_wp_delete_orphaned_draft_menu_items' ); + +// Plugin hooks. +add_filter( 'allowed_options', 'option_update_filter' ); + +// Plugin Install hooks. +add_action( 'install_plugins_featured', 'install_dashboard' ); +add_action( 'install_plugins_upload', 'install_plugins_upload' ); +add_action( 'install_plugins_search', 'display_plugins_table' ); +add_action( 'install_plugins_popular', 'display_plugins_table' ); +add_action( 'install_plugins_recommended', 'display_plugins_table' ); +add_action( 'install_plugins_new', 'display_plugins_table' ); +add_action( 'install_plugins_beta', 'display_plugins_table' ); +add_action( 'install_plugins_favorites', 'display_plugins_table' ); +add_action( 'install_plugins_pre_plugin-information', 'install_plugin_information' ); + +// Template hooks. +add_action( 'admin_enqueue_scripts', array( 'WP_Internal_Pointers', 'enqueue_scripts' ) ); +add_action( 'user_register', array( 'WP_Internal_Pointers', 'dismiss_pointers_for_new_users' ) ); + +// Theme hooks. +add_action( 'customize_controls_print_footer_scripts', 'customize_themes_print_templates' ); + +// Theme Install hooks. +add_action( 'install_themes_pre_theme-information', 'install_theme_information' ); + +// User hooks. +add_action( 'admin_init', 'default_password_nag_handler' ); + +add_action( 'admin_notices', 'default_password_nag' ); +add_action( 'admin_notices', 'new_user_email_admin_notice' ); + +add_action( 'profile_update', 'default_password_nag_edit_user', 10, 2 ); + +add_action( 'personal_options_update', 'send_confirmation_on_profile_email' ); + +// Update hooks. +add_action( 'load-plugins.php', 'wp_plugin_update_rows', 20 ); // After wp_update_plugins() is called. +add_action( 'load-themes.php', 'wp_theme_update_rows', 20 ); // After wp_update_themes() is called. + +add_action( 'admin_notices', 'update_nag', 3 ); +add_action( 'admin_notices', 'deactivated_plugins_notice', 5 ); +add_action( 'admin_notices', 'paused_plugins_notice', 5 ); +add_action( 'admin_notices', 'paused_themes_notice', 5 ); +add_action( 'admin_notices', 'maintenance_nag', 10 ); +add_action( 'admin_notices', 'wp_recovery_mode_nag', 1 ); + +add_filter( 'update_footer', 'core_update_footer' ); + +// Update Core hooks. +add_action( '_core_updated_successfully', '_redirect_to_about_wordpress' ); + +// Upgrade hooks. +add_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 ); +add_action( 'upgrader_process_complete', 'wp_version_check', 10, 0 ); +add_action( 'upgrader_process_complete', 'wp_update_plugins', 10, 0 ); +add_action( 'upgrader_process_complete', 'wp_update_themes', 10, 0 ); + +// Privacy hooks. +add_filter( 'wp_privacy_personal_data_erasure_page', 'wp_privacy_process_personal_data_erasure_page', 10, 5 ); +add_filter( 'wp_privacy_personal_data_export_page', 'wp_privacy_process_personal_data_export_page', 10, 7 ); +add_action( 'wp_privacy_personal_data_export_file', 'wp_privacy_generate_personal_data_export_file', 10 ); +add_action( 'wp_privacy_personal_data_erased', '_wp_privacy_send_erasure_fulfillment_notification', 10 ); + +// Privacy policy text changes check. +add_action( 'admin_init', array( 'WP_Privacy_Policy_Content', 'text_change_check' ), 100 ); + +// Show a "postbox" with the text suggestions for a privacy policy. +add_action( 'admin_notices', array( 'WP_Privacy_Policy_Content', 'notice' ) ); + +// Add the suggested policy text from WordPress. +add_action( 'admin_init', array( 'WP_Privacy_Policy_Content', 'add_suggested_content' ), 1 ); + +// Update the cached policy info when the policy page is updated. +add_action( 'post_updated', array( 'WP_Privacy_Policy_Content', '_policy_page_updated' ) ); + +// Append '(Draft)' to draft page titles in the privacy page dropdown. +add_filter( 'list_pages', '_wp_privacy_settings_filter_draft_page_titles', 10, 2 ); + +// Font management. +add_action( 'admin_print_styles', 'wp_print_font_faces', 50 ); diff --git a/wp-admin/includes/admin.php b/wp-admin/includes/admin.php new file mode 100644 index 0000000..ce2ec0c --- /dev/null +++ b/wp-admin/includes/admin.php @@ -0,0 +1,101 @@ +<?php +/** + * Core Administration API + * + * @package WordPress + * @subpackage Administration + * @since 2.3.0 + */ + +if ( ! defined( 'WP_ADMIN' ) ) { + /* + * This file is being included from a file other than wp-admin/admin.php, so + * some setup was skipped. Make sure the admin message catalog is loaded since + * load_default_textdomain() will not have done so in this context. + */ + $admin_locale = get_locale(); + load_textdomain( 'default', WP_LANG_DIR . '/admin-' . $admin_locale . '.mo', $admin_locale ); + unset( $admin_locale ); +} + +/** WordPress Administration Hooks */ +require_once ABSPATH . 'wp-admin/includes/admin-filters.php'; + +/** WordPress Bookmark Administration API */ +require_once ABSPATH . 'wp-admin/includes/bookmark.php'; + +/** WordPress Comment Administration API */ +require_once ABSPATH . 'wp-admin/includes/comment.php'; + +/** WordPress Administration File API */ +require_once ABSPATH . 'wp-admin/includes/file.php'; + +/** WordPress Image Administration API */ +require_once ABSPATH . 'wp-admin/includes/image.php'; + +/** WordPress Media Administration API */ +require_once ABSPATH . 'wp-admin/includes/media.php'; + +/** WordPress Import Administration API */ +require_once ABSPATH . 'wp-admin/includes/import.php'; + +/** WordPress Misc Administration API */ +require_once ABSPATH . 'wp-admin/includes/misc.php'; + +/** WordPress Misc Administration API */ +require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-policy-content.php'; + +/** WordPress Options Administration API */ +require_once ABSPATH . 'wp-admin/includes/options.php'; + +/** WordPress Plugin Administration API */ +require_once ABSPATH . 'wp-admin/includes/plugin.php'; + +/** WordPress Post Administration API */ +require_once ABSPATH . 'wp-admin/includes/post.php'; + +/** WordPress Administration Screen API */ +require_once ABSPATH . 'wp-admin/includes/class-wp-screen.php'; +require_once ABSPATH . 'wp-admin/includes/screen.php'; + +/** WordPress Taxonomy Administration API */ +require_once ABSPATH . 'wp-admin/includes/taxonomy.php'; + +/** WordPress Template Administration API */ +require_once ABSPATH . 'wp-admin/includes/template.php'; + +/** WordPress List Table Administration API and base class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-list-table.php'; +require_once ABSPATH . 'wp-admin/includes/class-wp-list-table-compat.php'; +require_once ABSPATH . 'wp-admin/includes/list-table.php'; + +/** WordPress Theme Administration API */ +require_once ABSPATH . 'wp-admin/includes/theme.php'; + +/** WordPress Privacy Functions */ +require_once ABSPATH . 'wp-admin/includes/privacy-tools.php'; + +/** WordPress Privacy List Table classes. */ +// Previously in wp-admin/includes/user.php. Need to be loaded for backward compatibility. +require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-requests-table.php'; +require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-data-export-requests-list-table.php'; +require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-data-removal-requests-list-table.php'; + +/** WordPress User Administration API */ +require_once ABSPATH . 'wp-admin/includes/user.php'; + +/** WordPress Site Icon API */ +require_once ABSPATH . 'wp-admin/includes/class-wp-site-icon.php'; + +/** WordPress Update Administration API */ +require_once ABSPATH . 'wp-admin/includes/update.php'; + +/** WordPress Deprecated Administration API */ +require_once ABSPATH . 'wp-admin/includes/deprecated.php'; + +/** WordPress Multisite support API */ +if ( is_multisite() ) { + require_once ABSPATH . 'wp-admin/includes/ms-admin-filters.php'; + require_once ABSPATH . 'wp-admin/includes/ms.php'; + require_once ABSPATH . 'wp-admin/includes/ms-deprecated.php'; +} diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php new file mode 100644 index 0000000..69f5fd4 --- /dev/null +++ b/wp-admin/includes/ajax-actions.php @@ -0,0 +1,5612 @@ +<?php +/** + * Administration API: Core Ajax handlers + * + * @package WordPress + * @subpackage Administration + * @since 2.1.0 + */ + +// +// No-privilege Ajax handlers. +// + +/** + * Handles the Heartbeat API in the no-privilege context via AJAX . + * + * Runs when the user is not logged in. + * + * @since 3.6.0 + */ +function wp_ajax_nopriv_heartbeat() { + $response = array(); + + // 'screen_id' is the same as $current_screen->id and the JS global 'pagenow'. + if ( ! empty( $_POST['screen_id'] ) ) { + $screen_id = sanitize_key( $_POST['screen_id'] ); + } else { + $screen_id = 'front'; + } + + if ( ! empty( $_POST['data'] ) ) { + $data = wp_unslash( (array) $_POST['data'] ); + + /** + * Filters Heartbeat Ajax response in no-privilege environments. + * + * @since 3.6.0 + * + * @param array $response The no-priv Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + */ + $response = apply_filters( 'heartbeat_nopriv_received', $response, $data, $screen_id ); + } + + /** + * Filters Heartbeat Ajax response in no-privilege environments when no data is passed. + * + * @since 3.6.0 + * + * @param array $response The no-priv Heartbeat response. + * @param string $screen_id The screen ID. + */ + $response = apply_filters( 'heartbeat_nopriv_send', $response, $screen_id ); + + /** + * Fires when Heartbeat ticks in no-privilege environments. + * + * Allows the transport to be easily replaced with long-polling. + * + * @since 3.6.0 + * + * @param array $response The no-priv Heartbeat response. + * @param string $screen_id The screen ID. + */ + do_action( 'heartbeat_nopriv_tick', $response, $screen_id ); + + // Send the current time according to the server. + $response['server_time'] = time(); + + wp_send_json( $response ); +} + +// +// GET-based Ajax handlers. +// + +/** + * Handles fetching a list table via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_fetch_list() { + $list_class = $_GET['list_args']['class']; + check_ajax_referer( "fetch-list-$list_class", '_ajax_fetch_list_nonce' ); + + $wp_list_table = _get_list_table( $list_class, array( 'screen' => $_GET['list_args']['screen']['id'] ) ); + if ( ! $wp_list_table ) { + wp_die( 0 ); + } + + if ( ! $wp_list_table->ajax_user_can() ) { + wp_die( -1 ); + } + + $wp_list_table->ajax_response(); + + wp_die( 0 ); +} + +/** + * Handles tag search via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_ajax_tag_search() { + if ( ! isset( $_GET['tax'] ) ) { + wp_die( 0 ); + } + + $taxonomy = sanitize_key( $_GET['tax'] ); + $taxonomy_object = get_taxonomy( $taxonomy ); + + if ( ! $taxonomy_object ) { + wp_die( 0 ); + } + + if ( ! current_user_can( $taxonomy_object->cap->assign_terms ) ) { + wp_die( -1 ); + } + + $search = wp_unslash( $_GET['q'] ); + + $comma = _x( ',', 'tag delimiter' ); + if ( ',' !== $comma ) { + $search = str_replace( $comma, ',', $search ); + } + + if ( str_contains( $search, ',' ) ) { + $search = explode( ',', $search ); + $search = $search[ count( $search ) - 1 ]; + } + + $search = trim( $search ); + + /** + * Filters the minimum number of characters required to fire a tag search via Ajax. + * + * @since 4.0.0 + * + * @param int $characters The minimum number of characters required. Default 2. + * @param WP_Taxonomy $taxonomy_object The taxonomy object. + * @param string $search The search term. + */ + $term_search_min_chars = (int) apply_filters( 'term_search_min_chars', 2, $taxonomy_object, $search ); + + /* + * Require $term_search_min_chars chars for matching (default: 2) + * ensure it's a non-negative, non-zero integer. + */ + if ( ( 0 == $term_search_min_chars ) || ( strlen( $search ) < $term_search_min_chars ) ) { + wp_die(); + } + + $results = get_terms( + array( + 'taxonomy' => $taxonomy, + 'name__like' => $search, + 'fields' => 'names', + 'hide_empty' => false, + 'number' => isset( $_GET['number'] ) ? (int) $_GET['number'] : 0, + ) + ); + + /** + * Filters the Ajax term search results. + * + * @since 6.1.0 + * + * @param string[] $results Array of term names. + * @param WP_Taxonomy $taxonomy_object The taxonomy object. + * @param string $search The search term. + */ + $results = apply_filters( 'ajax_term_search_results', $results, $taxonomy_object, $search ); + + echo implode( "\n", $results ); + wp_die(); +} + +/** + * Handles compression testing via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_wp_compression_test() { + if ( ! current_user_can( 'manage_options' ) ) { + wp_die( -1 ); + } + + if ( ini_get( 'zlib.output_compression' ) || 'ob_gzhandler' === ini_get( 'output_handler' ) ) { + // Use `update_option()` on single site to mark the option for autoloading. + if ( is_multisite() ) { + update_site_option( 'can_compress_scripts', 0 ); + } else { + update_option( 'can_compress_scripts', 0, 'yes' ); + } + wp_die( 0 ); + } + + if ( isset( $_GET['test'] ) ) { + header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); + header( 'Content-Type: application/javascript; charset=UTF-8' ); + $force_gzip = ( defined( 'ENFORCE_GZIP' ) && ENFORCE_GZIP ); + $test_str = '"wpCompressionTest Lorem ipsum dolor sit amet consectetuer mollis sapien urna ut a. Eu nonummy condimentum fringilla tempor pretium platea vel nibh netus Maecenas. Hac molestie amet justo quis pellentesque est ultrices interdum nibh Morbi. Cras mattis pretium Phasellus ante ipsum ipsum ut sociis Suspendisse Lorem. Ante et non molestie. Porta urna Vestibulum egestas id congue nibh eu risus gravida sit. Ac augue auctor Ut et non a elit massa id sodales. Elit eu Nulla at nibh adipiscing mattis lacus mauris at tempus. Netus nibh quis suscipit nec feugiat eget sed lorem et urna. Pellentesque lacus at ut massa consectetuer ligula ut auctor semper Pellentesque. Ut metus massa nibh quam Curabitur molestie nec mauris congue. Volutpat molestie elit justo facilisis neque ac risus Ut nascetur tristique. Vitae sit lorem tellus et quis Phasellus lacus tincidunt nunc Fusce. Pharetra wisi Suspendisse mus sagittis libero lacinia Integer consequat ac Phasellus. Et urna ac cursus tortor aliquam Aliquam amet tellus volutpat Vestibulum. Justo interdum condimentum In augue congue tellus sollicitudin Quisque quis nibh."'; + + if ( 1 == $_GET['test'] ) { + echo $test_str; + wp_die(); + } elseif ( 2 == $_GET['test'] ) { + if ( ! isset( $_SERVER['HTTP_ACCEPT_ENCODING'] ) ) { + wp_die( -1 ); + } + + if ( false !== stripos( $_SERVER['HTTP_ACCEPT_ENCODING'], 'deflate' ) && function_exists( 'gzdeflate' ) && ! $force_gzip ) { + header( 'Content-Encoding: deflate' ); + $out = gzdeflate( $test_str, 1 ); + } elseif ( false !== stripos( $_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip' ) && function_exists( 'gzencode' ) ) { + header( 'Content-Encoding: gzip' ); + $out = gzencode( $test_str, 1 ); + } else { + wp_die( -1 ); + } + + echo $out; + wp_die(); + } elseif ( 'no' === $_GET['test'] ) { + check_ajax_referer( 'update_can_compress_scripts' ); + // Use `update_option()` on single site to mark the option for autoloading. + if ( is_multisite() ) { + update_site_option( 'can_compress_scripts', 0 ); + } else { + update_option( 'can_compress_scripts', 0, 'yes' ); + } + } elseif ( 'yes' === $_GET['test'] ) { + check_ajax_referer( 'update_can_compress_scripts' ); + // Use `update_option()` on single site to mark the option for autoloading. + if ( is_multisite() ) { + update_site_option( 'can_compress_scripts', 1 ); + } else { + update_option( 'can_compress_scripts', 1, 'yes' ); + } + } + } + + wp_die( 0 ); +} + +/** + * Handles image editor previews via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_imgedit_preview() { + $post_id = (int) $_GET['postid']; + if ( empty( $post_id ) || ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( -1 ); + } + + check_ajax_referer( "image_editor-$post_id" ); + + require_once ABSPATH . 'wp-admin/includes/image-edit.php'; + + if ( ! stream_preview_image( $post_id ) ) { + wp_die( -1 ); + } + + wp_die(); +} + +/** + * Handles oEmbed caching via AJAX. + * + * @since 3.1.0 + * + * @global WP_Embed $wp_embed + */ +function wp_ajax_oembed_cache() { + $GLOBALS['wp_embed']->cache_oembed( $_GET['post'] ); + wp_die( 0 ); +} + +/** + * Handles user autocomplete via AJAX. + * + * @since 3.4.0 + */ +function wp_ajax_autocomplete_user() { + if ( ! is_multisite() || ! current_user_can( 'promote_users' ) || wp_is_large_network( 'users' ) ) { + wp_die( -1 ); + } + + /** This filter is documented in wp-admin/user-new.php */ + if ( ! current_user_can( 'manage_network_users' ) && ! apply_filters( 'autocomplete_users_for_site_admins', false ) ) { + wp_die( -1 ); + } + + $return = array(); + + /* + * Check the type of request. + * Current allowed values are `add` and `search`. + */ + if ( isset( $_REQUEST['autocomplete_type'] ) && 'search' === $_REQUEST['autocomplete_type'] ) { + $type = $_REQUEST['autocomplete_type']; + } else { + $type = 'add'; + } + + /* + * Check the desired field for value. + * Current allowed values are `user_email` and `user_login`. + */ + if ( isset( $_REQUEST['autocomplete_field'] ) && 'user_email' === $_REQUEST['autocomplete_field'] ) { + $field = $_REQUEST['autocomplete_field']; + } else { + $field = 'user_login'; + } + + // Exclude current users of this blog. + if ( isset( $_REQUEST['site_id'] ) ) { + $id = absint( $_REQUEST['site_id'] ); + } else { + $id = get_current_blog_id(); + } + + $include_blog_users = ( 'search' === $type ? get_users( + array( + 'blog_id' => $id, + 'fields' => 'ID', + ) + ) : array() ); + + $exclude_blog_users = ( 'add' === $type ? get_users( + array( + 'blog_id' => $id, + 'fields' => 'ID', + ) + ) : array() ); + + $users = get_users( + array( + 'blog_id' => false, + 'search' => '*' . $_REQUEST['term'] . '*', + 'include' => $include_blog_users, + 'exclude' => $exclude_blog_users, + 'search_columns' => array( 'user_login', 'user_nicename', 'user_email' ), + ) + ); + + foreach ( $users as $user ) { + $return[] = array( + /* translators: 1: User login, 2: User email address. */ + 'label' => sprintf( _x( '%1$s (%2$s)', 'user autocomplete result' ), $user->user_login, $user->user_email ), + 'value' => $user->$field, + ); + } + + wp_die( wp_json_encode( $return ) ); +} + +/** + * Handles Ajax requests for community events + * + * @since 4.8.0 + */ +function wp_ajax_get_community_events() { + require_once ABSPATH . 'wp-admin/includes/class-wp-community-events.php'; + + check_ajax_referer( 'community_events' ); + + $search = isset( $_POST['location'] ) ? wp_unslash( $_POST['location'] ) : ''; + $timezone = isset( $_POST['timezone'] ) ? wp_unslash( $_POST['timezone'] ) : ''; + $user_id = get_current_user_id(); + $saved_location = get_user_option( 'community-events-location', $user_id ); + $events_client = new WP_Community_Events( $user_id, $saved_location ); + $events = $events_client->get_events( $search, $timezone ); + $ip_changed = false; + + if ( is_wp_error( $events ) ) { + wp_send_json_error( + array( + 'error' => $events->get_error_message(), + ) + ); + } else { + if ( empty( $saved_location['ip'] ) && ! empty( $events['location']['ip'] ) ) { + $ip_changed = true; + } elseif ( isset( $saved_location['ip'] ) && ! empty( $events['location']['ip'] ) && $saved_location['ip'] !== $events['location']['ip'] ) { + $ip_changed = true; + } + + /* + * The location should only be updated when it changes. The API doesn't always return + * a full location; sometimes it's missing the description or country. The location + * that was saved during the initial request is known to be good and complete, though. + * It should be left intact until the user explicitly changes it (either by manually + * searching for a new location, or by changing their IP address). + * + * If the location was updated with an incomplete response from the API, then it could + * break assumptions that the UI makes (e.g., that there will always be a description + * that corresponds to a latitude/longitude location). + * + * The location is stored network-wide, so that the user doesn't have to set it on each site. + */ + if ( $ip_changed || $search ) { + update_user_meta( $user_id, 'community-events-location', $events['location'] ); + } + + wp_send_json_success( $events ); + } +} + +/** + * Handles dashboard widgets via AJAX. + * + * @since 3.4.0 + */ +function wp_ajax_dashboard_widgets() { + require_once ABSPATH . 'wp-admin/includes/dashboard.php'; + + $pagenow = $_GET['pagenow']; + if ( 'dashboard-user' === $pagenow || 'dashboard-network' === $pagenow || 'dashboard' === $pagenow ) { + set_current_screen( $pagenow ); + } + + switch ( $_GET['widget'] ) { + case 'dashboard_primary': + wp_dashboard_primary(); + break; + } + wp_die(); +} + +/** + * Handles Customizer preview logged-in status via AJAX. + * + * @since 3.4.0 + */ +function wp_ajax_logged_in() { + wp_die( 1 ); +} + +// +// Ajax helpers. +// + +/** + * Sends back current comment total and new page links if they need to be updated. + * + * Contrary to normal success Ajax response ("1"), die with time() on success. + * + * @since 2.7.0 + * @access private + * + * @param int $comment_id + * @param int $delta + */ +function _wp_ajax_delete_comment_response( $comment_id, $delta = -1 ) { + $total = isset( $_POST['_total'] ) ? (int) $_POST['_total'] : 0; + $per_page = isset( $_POST['_per_page'] ) ? (int) $_POST['_per_page'] : 0; + $page = isset( $_POST['_page'] ) ? (int) $_POST['_page'] : 0; + $url = isset( $_POST['_url'] ) ? sanitize_url( $_POST['_url'] ) : ''; + + // JS didn't send us everything we need to know. Just die with success message. + if ( ! $total || ! $per_page || ! $page || ! $url ) { + $time = time(); + $comment = get_comment( $comment_id ); + $comment_status = ''; + $comment_link = ''; + + if ( $comment ) { + $comment_status = $comment->comment_approved; + } + + if ( 1 === (int) $comment_status ) { + $comment_link = get_comment_link( $comment ); + } + + $counts = wp_count_comments(); + + $x = new WP_Ajax_Response( + array( + 'what' => 'comment', + // Here for completeness - not used. + 'id' => $comment_id, + 'supplemental' => array( + 'status' => $comment_status, + 'postId' => $comment ? $comment->comment_post_ID : '', + 'time' => $time, + 'in_moderation' => $counts->moderated, + 'i18n_comments_text' => sprintf( + /* translators: %s: Number of comments. */ + _n( '%s Comment', '%s Comments', $counts->approved ), + number_format_i18n( $counts->approved ) + ), + 'i18n_moderation_text' => sprintf( + /* translators: %s: Number of comments. */ + _n( '%s Comment in moderation', '%s Comments in moderation', $counts->moderated ), + number_format_i18n( $counts->moderated ) + ), + 'comment_link' => $comment_link, + ), + ) + ); + $x->send(); + } + + $total += $delta; + if ( $total < 0 ) { + $total = 0; + } + + // Only do the expensive stuff on a page-break, and about 1 other time per page. + if ( 0 == $total % $per_page || 1 == mt_rand( 1, $per_page ) ) { + $post_id = 0; + // What type of comment count are we looking for? + $status = 'all'; + $parsed = parse_url( $url ); + + if ( isset( $parsed['query'] ) ) { + parse_str( $parsed['query'], $query_vars ); + + if ( ! empty( $query_vars['comment_status'] ) ) { + $status = $query_vars['comment_status']; + } + + if ( ! empty( $query_vars['p'] ) ) { + $post_id = (int) $query_vars['p']; + } + + if ( ! empty( $query_vars['comment_type'] ) ) { + $type = $query_vars['comment_type']; + } + } + + if ( empty( $type ) ) { + // Only use the comment count if not filtering by a comment_type. + $comment_count = wp_count_comments( $post_id ); + + // We're looking for a known type of comment count. + if ( isset( $comment_count->$status ) ) { + $total = $comment_count->$status; + } + } + // Else use the decremented value from above. + } + + // The time since the last comment count. + $time = time(); + $comment = get_comment( $comment_id ); + $counts = wp_count_comments(); + + $x = new WP_Ajax_Response( + array( + 'what' => 'comment', + 'id' => $comment_id, + 'supplemental' => array( + 'status' => $comment ? $comment->comment_approved : '', + 'postId' => $comment ? $comment->comment_post_ID : '', + /* translators: %s: Number of comments. */ + 'total_items_i18n' => sprintf( _n( '%s item', '%s items', $total ), number_format_i18n( $total ) ), + 'total_pages' => ceil( $total / $per_page ), + 'total_pages_i18n' => number_format_i18n( ceil( $total / $per_page ) ), + 'total' => $total, + 'time' => $time, + 'in_moderation' => $counts->moderated, + 'i18n_moderation_text' => sprintf( + /* translators: %s: Number of comments. */ + _n( '%s Comment in moderation', '%s Comments in moderation', $counts->moderated ), + number_format_i18n( $counts->moderated ) + ), + ), + ) + ); + $x->send(); +} + +// +// POST-based Ajax handlers. +// + +/** + * Handles adding a hierarchical term via AJAX. + * + * @since 3.1.0 + * @access private + */ +function _wp_ajax_add_hierarchical_term() { + $action = $_POST['action']; + $taxonomy = get_taxonomy( substr( $action, 4 ) ); + check_ajax_referer( $action, '_ajax_nonce-add-' . $taxonomy->name ); + + if ( ! current_user_can( $taxonomy->cap->edit_terms ) ) { + wp_die( -1 ); + } + + $names = explode( ',', $_POST[ 'new' . $taxonomy->name ] ); + $parent = isset( $_POST[ 'new' . $taxonomy->name . '_parent' ] ) ? (int) $_POST[ 'new' . $taxonomy->name . '_parent' ] : 0; + + if ( 0 > $parent ) { + $parent = 0; + } + + if ( 'category' === $taxonomy->name ) { + $post_category = isset( $_POST['post_category'] ) ? (array) $_POST['post_category'] : array(); + } else { + $post_category = ( isset( $_POST['tax_input'] ) && isset( $_POST['tax_input'][ $taxonomy->name ] ) ) ? (array) $_POST['tax_input'][ $taxonomy->name ] : array(); + } + + $checked_categories = array_map( 'absint', (array) $post_category ); + $popular_ids = wp_popular_terms_checklist( $taxonomy->name, 0, 10, false ); + + foreach ( $names as $cat_name ) { + $cat_name = trim( $cat_name ); + $category_nicename = sanitize_title( $cat_name ); + + if ( '' === $category_nicename ) { + continue; + } + + $cat_id = wp_insert_term( $cat_name, $taxonomy->name, array( 'parent' => $parent ) ); + + if ( ! $cat_id || is_wp_error( $cat_id ) ) { + continue; + } else { + $cat_id = $cat_id['term_id']; + } + + $checked_categories[] = $cat_id; + + if ( $parent ) { // Do these all at once in a second. + continue; + } + + ob_start(); + + wp_terms_checklist( + 0, + array( + 'taxonomy' => $taxonomy->name, + 'descendants_and_self' => $cat_id, + 'selected_cats' => $checked_categories, + 'popular_cats' => $popular_ids, + ) + ); + + $data = ob_get_clean(); + + $add = array( + 'what' => $taxonomy->name, + 'id' => $cat_id, + 'data' => str_replace( array( "\n", "\t" ), '', $data ), + 'position' => -1, + ); + } + + if ( $parent ) { // Foncy - replace the parent and all its children. + $parent = get_term( $parent, $taxonomy->name ); + $term_id = $parent->term_id; + + while ( $parent->parent ) { // Get the top parent. + $parent = get_term( $parent->parent, $taxonomy->name ); + if ( is_wp_error( $parent ) ) { + break; + } + $term_id = $parent->term_id; + } + + ob_start(); + + wp_terms_checklist( + 0, + array( + 'taxonomy' => $taxonomy->name, + 'descendants_and_self' => $term_id, + 'selected_cats' => $checked_categories, + 'popular_cats' => $popular_ids, + ) + ); + + $data = ob_get_clean(); + + $add = array( + 'what' => $taxonomy->name, + 'id' => $term_id, + 'data' => str_replace( array( "\n", "\t" ), '', $data ), + 'position' => -1, + ); + } + + ob_start(); + + wp_dropdown_categories( + array( + 'taxonomy' => $taxonomy->name, + 'hide_empty' => 0, + 'name' => 'new' . $taxonomy->name . '_parent', + 'orderby' => 'name', + 'hierarchical' => 1, + 'show_option_none' => '— ' . $taxonomy->labels->parent_item . ' —', + ) + ); + + $sup = ob_get_clean(); + + $add['supplemental'] = array( 'newcat_parent' => $sup ); + + $x = new WP_Ajax_Response( $add ); + $x->send(); +} + +/** + * Handles deleting a comment via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_delete_comment() { + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + + $comment = get_comment( $id ); + + if ( ! $comment ) { + wp_die( time() ); + } + + if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) ) { + wp_die( -1 ); + } + + check_ajax_referer( "delete-comment_$id" ); + $status = wp_get_comment_status( $comment ); + $delta = -1; + + if ( isset( $_POST['trash'] ) && 1 == $_POST['trash'] ) { + if ( 'trash' === $status ) { + wp_die( time() ); + } + + $r = wp_trash_comment( $comment ); + } elseif ( isset( $_POST['untrash'] ) && 1 == $_POST['untrash'] ) { + if ( 'trash' !== $status ) { + wp_die( time() ); + } + + $r = wp_untrash_comment( $comment ); + + // Undo trash, not in Trash. + if ( ! isset( $_POST['comment_status'] ) || 'trash' !== $_POST['comment_status'] ) { + $delta = 1; + } + } elseif ( isset( $_POST['spam'] ) && 1 == $_POST['spam'] ) { + if ( 'spam' === $status ) { + wp_die( time() ); + } + + $r = wp_spam_comment( $comment ); + } elseif ( isset( $_POST['unspam'] ) && 1 == $_POST['unspam'] ) { + if ( 'spam' !== $status ) { + wp_die( time() ); + } + + $r = wp_unspam_comment( $comment ); + + // Undo spam, not in spam. + if ( ! isset( $_POST['comment_status'] ) || 'spam' !== $_POST['comment_status'] ) { + $delta = 1; + } + } elseif ( isset( $_POST['delete'] ) && 1 == $_POST['delete'] ) { + $r = wp_delete_comment( $comment ); + } else { + wp_die( -1 ); + } + + if ( $r ) { + // Decide if we need to send back '1' or a more complicated response including page links and comment counts. + _wp_ajax_delete_comment_response( $comment->comment_ID, $delta ); + } + + wp_die( 0 ); +} + +/** + * Handles deleting a tag via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_delete_tag() { + $tag_id = (int) $_POST['tag_ID']; + check_ajax_referer( "delete-tag_$tag_id" ); + + if ( ! current_user_can( 'delete_term', $tag_id ) ) { + wp_die( -1 ); + } + + $taxonomy = ! empty( $_POST['taxonomy'] ) ? $_POST['taxonomy'] : 'post_tag'; + $tag = get_term( $tag_id, $taxonomy ); + + if ( ! $tag || is_wp_error( $tag ) ) { + wp_die( 1 ); + } + + if ( wp_delete_term( $tag_id, $taxonomy ) ) { + wp_die( 1 ); + } else { + wp_die( 0 ); + } +} + +/** + * Handles deleting a link via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_delete_link() { + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + + check_ajax_referer( "delete-bookmark_$id" ); + + if ( ! current_user_can( 'manage_links' ) ) { + wp_die( -1 ); + } + + $link = get_bookmark( $id ); + if ( ! $link || is_wp_error( $link ) ) { + wp_die( 1 ); + } + + if ( wp_delete_link( $id ) ) { + wp_die( 1 ); + } else { + wp_die( 0 ); + } +} + +/** + * Handles deleting meta via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_delete_meta() { + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + + check_ajax_referer( "delete-meta_$id" ); + $meta = get_metadata_by_mid( 'post', $id ); + + if ( ! $meta ) { + wp_die( 1 ); + } + + if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $meta->post_id, $meta->meta_key ) ) { + wp_die( -1 ); + } + + if ( delete_meta( $meta->meta_id ) ) { + wp_die( 1 ); + } + + wp_die( 0 ); +} + +/** + * Handles deleting a post via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_delete_post( $action ) { + if ( empty( $action ) ) { + $action = 'delete-post'; + } + + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + check_ajax_referer( "{$action}_$id" ); + + if ( ! current_user_can( 'delete_post', $id ) ) { + wp_die( -1 ); + } + + if ( ! get_post( $id ) ) { + wp_die( 1 ); + } + + if ( wp_delete_post( $id ) ) { + wp_die( 1 ); + } else { + wp_die( 0 ); + } +} + +/** + * Handles sending a post to the Trash via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_trash_post( $action ) { + if ( empty( $action ) ) { + $action = 'trash-post'; + } + + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + check_ajax_referer( "{$action}_$id" ); + + if ( ! current_user_can( 'delete_post', $id ) ) { + wp_die( -1 ); + } + + if ( ! get_post( $id ) ) { + wp_die( 1 ); + } + + if ( 'trash-post' === $action ) { + $done = wp_trash_post( $id ); + } else { + $done = wp_untrash_post( $id ); + } + + if ( $done ) { + wp_die( 1 ); + } + + wp_die( 0 ); +} + +/** + * Handles restoring a post from the Trash via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_untrash_post( $action ) { + if ( empty( $action ) ) { + $action = 'untrash-post'; + } + + wp_ajax_trash_post( $action ); +} + +/** + * Handles deleting a page via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_delete_page( $action ) { + if ( empty( $action ) ) { + $action = 'delete-page'; + } + + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + check_ajax_referer( "{$action}_$id" ); + + if ( ! current_user_can( 'delete_page', $id ) ) { + wp_die( -1 ); + } + + if ( ! get_post( $id ) ) { + wp_die( 1 ); + } + + if ( wp_delete_post( $id ) ) { + wp_die( 1 ); + } else { + wp_die( 0 ); + } +} + +/** + * Handles dimming a comment via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_dim_comment() { + $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + $comment = get_comment( $id ); + + if ( ! $comment ) { + $x = new WP_Ajax_Response( + array( + 'what' => 'comment', + 'id' => new WP_Error( + 'invalid_comment', + /* translators: %d: Comment ID. */ + sprintf( __( 'Comment %d does not exist' ), $id ) + ), + ) + ); + $x->send(); + } + + if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) && ! current_user_can( 'moderate_comments' ) ) { + wp_die( -1 ); + } + + $current = wp_get_comment_status( $comment ); + + if ( isset( $_POST['new'] ) && $_POST['new'] == $current ) { + wp_die( time() ); + } + + check_ajax_referer( "approve-comment_$id" ); + + if ( in_array( $current, array( 'unapproved', 'spam' ), true ) ) { + $result = wp_set_comment_status( $comment, 'approve', true ); + } else { + $result = wp_set_comment_status( $comment, 'hold', true ); + } + + if ( is_wp_error( $result ) ) { + $x = new WP_Ajax_Response( + array( + 'what' => 'comment', + 'id' => $result, + ) + ); + $x->send(); + } + + // Decide if we need to send back '1' or a more complicated response including page links and comment counts. + _wp_ajax_delete_comment_response( $comment->comment_ID ); + wp_die( 0 ); +} + +/** + * Handles adding a link category via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_add_link_category( $action ) { + if ( empty( $action ) ) { + $action = 'add-link-category'; + } + + check_ajax_referer( $action ); + + $taxonomy_object = get_taxonomy( 'link_category' ); + + if ( ! current_user_can( $taxonomy_object->cap->manage_terms ) ) { + wp_die( -1 ); + } + + $names = explode( ',', wp_unslash( $_POST['newcat'] ) ); + $x = new WP_Ajax_Response(); + + foreach ( $names as $cat_name ) { + $cat_name = trim( $cat_name ); + $slug = sanitize_title( $cat_name ); + + if ( '' === $slug ) { + continue; + } + + $cat_id = wp_insert_term( $cat_name, 'link_category' ); + + if ( ! $cat_id || is_wp_error( $cat_id ) ) { + continue; + } else { + $cat_id = $cat_id['term_id']; + } + + $cat_name = esc_html( $cat_name ); + + $x->add( + array( + 'what' => 'link-category', + 'id' => $cat_id, + 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='" . esc_attr( $cat_id ) . "' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>", + 'position' => -1, + ) + ); + } + $x->send(); +} + +/** + * Handles adding a tag via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_add_tag() { + check_ajax_referer( 'add-tag', '_wpnonce_add-tag' ); + + $taxonomy = ! empty( $_POST['taxonomy'] ) ? $_POST['taxonomy'] : 'post_tag'; + $taxonomy_object = get_taxonomy( $taxonomy ); + + if ( ! current_user_can( $taxonomy_object->cap->edit_terms ) ) { + wp_die( -1 ); + } + + $x = new WP_Ajax_Response(); + + $tag = wp_insert_term( $_POST['tag-name'], $taxonomy, $_POST ); + + if ( $tag && ! is_wp_error( $tag ) ) { + $tag = get_term( $tag['term_id'], $taxonomy ); + } + + if ( ! $tag || is_wp_error( $tag ) ) { + $message = __( 'An error has occurred. Please reload the page and try again.' ); + $error_code = 'error'; + + if ( is_wp_error( $tag ) && $tag->get_error_message() ) { + $message = $tag->get_error_message(); + } + + if ( is_wp_error( $tag ) && $tag->get_error_code() ) { + $error_code = $tag->get_error_code(); + } + + $x->add( + array( + 'what' => 'taxonomy', + 'data' => new WP_Error( $error_code, $message ), + ) + ); + $x->send(); + } + + $wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => $_POST['screen'] ) ); + + $level = 0; + $noparents = ''; + + if ( is_taxonomy_hierarchical( $taxonomy ) ) { + $level = count( get_ancestors( $tag->term_id, $taxonomy, 'taxonomy' ) ); + ob_start(); + $wp_list_table->single_row( $tag, $level ); + $noparents = ob_get_clean(); + } + + ob_start(); + $wp_list_table->single_row( $tag ); + $parents = ob_get_clean(); + + require ABSPATH . 'wp-admin/includes/edit-tag-messages.php'; + + $message = ''; + if ( isset( $messages[ $taxonomy_object->name ][1] ) ) { + $message = $messages[ $taxonomy_object->name ][1]; + } elseif ( isset( $messages['_item'][1] ) ) { + $message = $messages['_item'][1]; + } + + $x->add( + array( + 'what' => 'taxonomy', + 'data' => $message, + 'supplemental' => array( + 'parents' => $parents, + 'noparents' => $noparents, + 'notice' => $message, + ), + ) + ); + + $x->add( + array( + 'what' => 'term', + 'position' => $level, + 'supplemental' => (array) $tag, + ) + ); + + $x->send(); +} + +/** + * Handles getting a tagcloud via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_get_tagcloud() { + if ( ! isset( $_POST['tax'] ) ) { + wp_die( 0 ); + } + + $taxonomy = sanitize_key( $_POST['tax'] ); + $taxonomy_object = get_taxonomy( $taxonomy ); + + if ( ! $taxonomy_object ) { + wp_die( 0 ); + } + + if ( ! current_user_can( $taxonomy_object->cap->assign_terms ) ) { + wp_die( -1 ); + } + + $tags = get_terms( + array( + 'taxonomy' => $taxonomy, + 'number' => 45, + 'orderby' => 'count', + 'order' => 'DESC', + ) + ); + + if ( empty( $tags ) ) { + wp_die( $taxonomy_object->labels->not_found ); + } + + if ( is_wp_error( $tags ) ) { + wp_die( $tags->get_error_message() ); + } + + foreach ( $tags as $key => $tag ) { + $tags[ $key ]->link = '#'; + $tags[ $key ]->id = $tag->term_id; + } + + // We need raw tag names here, so don't filter the output. + $return = wp_generate_tag_cloud( + $tags, + array( + 'filter' => 0, + 'format' => 'list', + ) + ); + + if ( empty( $return ) ) { + wp_die( 0 ); + } + + echo $return; + wp_die(); +} + +/** + * Handles getting comments via AJAX. + * + * @since 3.1.0 + * + * @global int $post_id + * + * @param string $action Action to perform. + */ +function wp_ajax_get_comments( $action ) { + global $post_id; + + if ( empty( $action ) ) { + $action = 'get-comments'; + } + + check_ajax_referer( $action ); + + if ( empty( $post_id ) && ! empty( $_REQUEST['p'] ) ) { + $id = absint( $_REQUEST['p'] ); + if ( ! empty( $id ) ) { + $post_id = $id; + } + } + + if ( empty( $post_id ) ) { + wp_die( -1 ); + } + + $wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) ); + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( -1 ); + } + + $wp_list_table->prepare_items(); + + if ( ! $wp_list_table->has_items() ) { + wp_die( 1 ); + } + + $x = new WP_Ajax_Response(); + + ob_start(); + foreach ( $wp_list_table->items as $comment ) { + if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) && 0 === $comment->comment_approved ) { + continue; + } + get_comment( $comment ); + $wp_list_table->single_row( $comment ); + } + $comment_list_item = ob_get_clean(); + + $x->add( + array( + 'what' => 'comments', + 'data' => $comment_list_item, + ) + ); + + $x->send(); +} + +/** + * Handles replying to a comment via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_replyto_comment( $action ) { + if ( empty( $action ) ) { + $action = 'replyto-comment'; + } + + check_ajax_referer( $action, '_ajax_nonce-replyto-comment' ); + + $comment_post_id = (int) $_POST['comment_post_ID']; + $post = get_post( $comment_post_id ); + + if ( ! $post ) { + wp_die( -1 ); + } + + if ( ! current_user_can( 'edit_post', $comment_post_id ) ) { + wp_die( -1 ); + } + + if ( empty( $post->post_status ) ) { + wp_die( 1 ); + } elseif ( in_array( $post->post_status, array( 'draft', 'pending', 'trash' ), true ) ) { + wp_die( __( 'You cannot reply to a comment on a draft post.' ) ); + } + + $user = wp_get_current_user(); + + if ( $user->exists() ) { + $comment_author = wp_slash( $user->display_name ); + $comment_author_email = wp_slash( $user->user_email ); + $comment_author_url = wp_slash( $user->user_url ); + $user_id = $user->ID; + + if ( current_user_can( 'unfiltered_html' ) ) { + if ( ! isset( $_POST['_wp_unfiltered_html_comment'] ) ) { + $_POST['_wp_unfiltered_html_comment'] = ''; + } + + if ( wp_create_nonce( 'unfiltered-html-comment' ) != $_POST['_wp_unfiltered_html_comment'] ) { + kses_remove_filters(); // Start with a clean slate. + kses_init_filters(); // Set up the filters. + remove_filter( 'pre_comment_content', 'wp_filter_post_kses' ); + add_filter( 'pre_comment_content', 'wp_filter_kses' ); + } + } + } else { + wp_die( __( 'Sorry, you must be logged in to reply to a comment.' ) ); + } + + $comment_content = trim( $_POST['content'] ); + + if ( '' === $comment_content ) { + wp_die( __( 'Please type your comment text.' ) ); + } + + $comment_type = isset( $_POST['comment_type'] ) ? trim( $_POST['comment_type'] ) : 'comment'; + + $comment_parent = 0; + + if ( isset( $_POST['comment_ID'] ) ) { + $comment_parent = absint( $_POST['comment_ID'] ); + } + + $comment_auto_approved = false; + + $commentdata = array( + 'comment_post_ID' => $comment_post_id, + ); + + $commentdata += compact( + 'comment_author', + 'comment_author_email', + 'comment_author_url', + 'comment_content', + 'comment_type', + 'comment_parent', + 'user_id' + ); + + // Automatically approve parent comment. + if ( ! empty( $_POST['approve_parent'] ) ) { + $parent = get_comment( $comment_parent ); + + if ( $parent && '0' === $parent->comment_approved && $parent->comment_post_ID == $comment_post_id ) { + if ( ! current_user_can( 'edit_comment', $parent->comment_ID ) ) { + wp_die( -1 ); + } + + if ( wp_set_comment_status( $parent, 'approve' ) ) { + $comment_auto_approved = true; + } + } + } + + $comment_id = wp_new_comment( $commentdata ); + + if ( is_wp_error( $comment_id ) ) { + wp_die( $comment_id->get_error_message() ); + } + + $comment = get_comment( $comment_id ); + + if ( ! $comment ) { + wp_die( 1 ); + } + + $position = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ? (int) $_POST['position'] : '-1'; + + ob_start(); + if ( isset( $_REQUEST['mode'] ) && 'dashboard' === $_REQUEST['mode'] ) { + require_once ABSPATH . 'wp-admin/includes/dashboard.php'; + _wp_dashboard_recent_comments_row( $comment ); + } else { + if ( isset( $_REQUEST['mode'] ) && 'single' === $_REQUEST['mode'] ) { + $wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) ); + } else { + $wp_list_table = _get_list_table( 'WP_Comments_List_Table', array( 'screen' => 'edit-comments' ) ); + } + $wp_list_table->single_row( $comment ); + } + $comment_list_item = ob_get_clean(); + + $response = array( + 'what' => 'comment', + 'id' => $comment->comment_ID, + 'data' => $comment_list_item, + 'position' => $position, + ); + + $counts = wp_count_comments(); + $response['supplemental'] = array( + 'in_moderation' => $counts->moderated, + 'i18n_comments_text' => sprintf( + /* translators: %s: Number of comments. */ + _n( '%s Comment', '%s Comments', $counts->approved ), + number_format_i18n( $counts->approved ) + ), + 'i18n_moderation_text' => sprintf( + /* translators: %s: Number of comments. */ + _n( '%s Comment in moderation', '%s Comments in moderation', $counts->moderated ), + number_format_i18n( $counts->moderated ) + ), + ); + + if ( $comment_auto_approved ) { + $response['supplemental']['parent_approved'] = $parent->comment_ID; + $response['supplemental']['parent_post_id'] = $parent->comment_post_ID; + } + + $x = new WP_Ajax_Response(); + $x->add( $response ); + $x->send(); +} + +/** + * Handles editing a comment via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_edit_comment() { + check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ); + + $comment_id = (int) $_POST['comment_ID']; + + if ( ! current_user_can( 'edit_comment', $comment_id ) ) { + wp_die( -1 ); + } + + if ( '' === $_POST['content'] ) { + wp_die( __( 'Please type your comment text.' ) ); + } + + if ( isset( $_POST['status'] ) ) { + $_POST['comment_status'] = $_POST['status']; + } + + $updated = edit_comment(); + if ( is_wp_error( $updated ) ) { + wp_die( $updated->get_error_message() ); + } + + $position = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ? (int) $_POST['position'] : '-1'; + $checkbox = ( isset( $_POST['checkbox'] ) && true == $_POST['checkbox'] ) ? 1 : 0; + $wp_list_table = _get_list_table( $checkbox ? 'WP_Comments_List_Table' : 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) ); + + $comment = get_comment( $comment_id ); + + if ( empty( $comment->comment_ID ) ) { + wp_die( -1 ); + } + + ob_start(); + $wp_list_table->single_row( $comment ); + $comment_list_item = ob_get_clean(); + + $x = new WP_Ajax_Response(); + + $x->add( + array( + 'what' => 'edit_comment', + 'id' => $comment->comment_ID, + 'data' => $comment_list_item, + 'position' => $position, + ) + ); + + $x->send(); +} + +/** + * Handles adding a menu item via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_add_menu_item() { + check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + require_once ABSPATH . 'wp-admin/includes/nav-menu.php'; + + /* + * For performance reasons, we omit some object properties from the checklist. + * The following is a hacky way to restore them when adding non-custom items. + */ + $menu_items_data = array(); + + foreach ( (array) $_POST['menu-item'] as $menu_item_data ) { + if ( + ! empty( $menu_item_data['menu-item-type'] ) && + 'custom' !== $menu_item_data['menu-item-type'] && + ! empty( $menu_item_data['menu-item-object-id'] ) + ) { + switch ( $menu_item_data['menu-item-type'] ) { + case 'post_type': + $_object = get_post( $menu_item_data['menu-item-object-id'] ); + break; + + case 'post_type_archive': + $_object = get_post_type_object( $menu_item_data['menu-item-object'] ); + break; + + case 'taxonomy': + $_object = get_term( $menu_item_data['menu-item-object-id'], $menu_item_data['menu-item-object'] ); + break; + } + + $_menu_items = array_map( 'wp_setup_nav_menu_item', array( $_object ) ); + $_menu_item = reset( $_menu_items ); + + // Restore the missing menu item properties. + $menu_item_data['menu-item-description'] = $_menu_item->description; + } + + $menu_items_data[] = $menu_item_data; + } + + $item_ids = wp_save_nav_menu_items( 0, $menu_items_data ); + if ( is_wp_error( $item_ids ) ) { + wp_die( 0 ); + } + + $menu_items = array(); + + foreach ( (array) $item_ids as $menu_item_id ) { + $menu_obj = get_post( $menu_item_id ); + + if ( ! empty( $menu_obj->ID ) ) { + $menu_obj = wp_setup_nav_menu_item( $menu_obj ); + $menu_obj->title = empty( $menu_obj->title ) ? __( 'Menu Item' ) : $menu_obj->title; + $menu_obj->label = $menu_obj->title; // Don't show "(pending)" in ajax-added items. + $menu_items[] = $menu_obj; + } + } + + /** This filter is documented in wp-admin/includes/nav-menu.php */ + $walker_class_name = apply_filters( 'wp_edit_nav_menu_walker', 'Walker_Nav_Menu_Edit', $_POST['menu'] ); + + if ( ! class_exists( $walker_class_name ) ) { + wp_die( 0 ); + } + + if ( ! empty( $menu_items ) ) { + $args = array( + 'after' => '', + 'before' => '', + 'link_after' => '', + 'link_before' => '', + 'walker' => new $walker_class_name(), + ); + + echo walk_nav_menu_tree( $menu_items, 0, (object) $args ); + } + + wp_die(); +} + +/** + * Handles adding meta via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_add_meta() { + check_ajax_referer( 'add-meta', '_ajax_nonce-add-meta' ); + $c = 0; + $pid = (int) $_POST['post_id']; + $post = get_post( $pid ); + + if ( isset( $_POST['metakeyselect'] ) || isset( $_POST['metakeyinput'] ) ) { + if ( ! current_user_can( 'edit_post', $pid ) ) { + wp_die( -1 ); + } + + if ( isset( $_POST['metakeyselect'] ) && '#NONE#' === $_POST['metakeyselect'] && empty( $_POST['metakeyinput'] ) ) { + wp_die( 1 ); + } + + // If the post is an autodraft, save the post as a draft and then attempt to save the meta. + if ( 'auto-draft' === $post->post_status ) { + $post_data = array(); + $post_data['action'] = 'draft'; // Warning fix. + $post_data['post_ID'] = $pid; + $post_data['post_type'] = $post->post_type; + $post_data['post_status'] = 'draft'; + $now = time(); + /* translators: 1: Post creation date, 2: Post creation time. */ + $post_data['post_title'] = sprintf( __( 'Draft created on %1$s at %2$s' ), gmdate( __( 'F j, Y' ), $now ), gmdate( __( 'g:i a' ), $now ) ); + + $pid = edit_post( $post_data ); + + if ( $pid ) { + if ( is_wp_error( $pid ) ) { + $x = new WP_Ajax_Response( + array( + 'what' => 'meta', + 'data' => $pid, + ) + ); + $x->send(); + } + + $mid = add_meta( $pid ); + if ( ! $mid ) { + wp_die( __( 'Please provide a custom field value.' ) ); + } + } else { + wp_die( 0 ); + } + } else { + $mid = add_meta( $pid ); + if ( ! $mid ) { + wp_die( __( 'Please provide a custom field value.' ) ); + } + } + + $meta = get_metadata_by_mid( 'post', $mid ); + $pid = (int) $meta->post_id; + $meta = get_object_vars( $meta ); + + $x = new WP_Ajax_Response( + array( + 'what' => 'meta', + 'id' => $mid, + 'data' => _list_meta_row( $meta, $c ), + 'position' => 1, + 'supplemental' => array( 'postid' => $pid ), + ) + ); + } else { // Update? + $mid = (int) key( $_POST['meta'] ); + $key = wp_unslash( $_POST['meta'][ $mid ]['key'] ); + $value = wp_unslash( $_POST['meta'][ $mid ]['value'] ); + + if ( '' === trim( $key ) ) { + wp_die( __( 'Please provide a custom field name.' ) ); + } + + $meta = get_metadata_by_mid( 'post', $mid ); + + if ( ! $meta ) { + wp_die( 0 ); // If meta doesn't exist. + } + + if ( + is_protected_meta( $meta->meta_key, 'post' ) || is_protected_meta( $key, 'post' ) || + ! current_user_can( 'edit_post_meta', $meta->post_id, $meta->meta_key ) || + ! current_user_can( 'edit_post_meta', $meta->post_id, $key ) + ) { + wp_die( -1 ); + } + + if ( $meta->meta_value != $value || $meta->meta_key != $key ) { + $u = update_metadata_by_mid( 'post', $mid, $value, $key ); + if ( ! $u ) { + wp_die( 0 ); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). + } + } + + $x = new WP_Ajax_Response( + array( + 'what' => 'meta', + 'id' => $mid, + 'old_id' => $mid, + 'data' => _list_meta_row( + array( + 'meta_key' => $key, + 'meta_value' => $value, + 'meta_id' => $mid, + ), + $c + ), + 'position' => 0, + 'supplemental' => array( 'postid' => $meta->post_id ), + ) + ); + } + $x->send(); +} + +/** + * Handles adding a user via AJAX. + * + * @since 3.1.0 + * + * @param string $action Action to perform. + */ +function wp_ajax_add_user( $action ) { + if ( empty( $action ) ) { + $action = 'add-user'; + } + + check_ajax_referer( $action ); + + if ( ! current_user_can( 'create_users' ) ) { + wp_die( -1 ); + } + + $user_id = edit_user(); + + if ( ! $user_id ) { + wp_die( 0 ); + } elseif ( is_wp_error( $user_id ) ) { + $x = new WP_Ajax_Response( + array( + 'what' => 'user', + 'id' => $user_id, + ) + ); + $x->send(); + } + + $user_object = get_userdata( $user_id ); + $wp_list_table = _get_list_table( 'WP_Users_List_Table' ); + + $role = current( $user_object->roles ); + + $x = new WP_Ajax_Response( + array( + 'what' => 'user', + 'id' => $user_id, + 'data' => $wp_list_table->single_row( $user_object, '', $role ), + 'supplemental' => array( + 'show-link' => sprintf( + /* translators: %s: The new user. */ + __( 'User %s added' ), + '<a href="#user-' . $user_id . '">' . $user_object->user_login . '</a>' + ), + 'role' => $role, + ), + ) + ); + $x->send(); +} + +/** + * Handles closed post boxes via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_closed_postboxes() { + check_ajax_referer( 'closedpostboxes', 'closedpostboxesnonce' ); + $closed = isset( $_POST['closed'] ) ? explode( ',', $_POST['closed'] ) : array(); + $closed = array_filter( $closed ); + + $hidden = isset( $_POST['hidden'] ) ? explode( ',', $_POST['hidden'] ) : array(); + $hidden = array_filter( $hidden ); + + $page = isset( $_POST['page'] ) ? $_POST['page'] : ''; + + if ( sanitize_key( $page ) != $page ) { + wp_die( 0 ); + } + + $user = wp_get_current_user(); + if ( ! $user ) { + wp_die( -1 ); + } + + if ( is_array( $closed ) ) { + update_user_meta( $user->ID, "closedpostboxes_$page", $closed ); + } + + if ( is_array( $hidden ) ) { + // Postboxes that are always shown. + $hidden = array_diff( $hidden, array( 'submitdiv', 'linksubmitdiv', 'manage-menu', 'create-menu' ) ); + update_user_meta( $user->ID, "metaboxhidden_$page", $hidden ); + } + + wp_die( 1 ); +} + +/** + * Handles hidden columns via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_hidden_columns() { + check_ajax_referer( 'screen-options-nonce', 'screenoptionnonce' ); + $page = isset( $_POST['page'] ) ? $_POST['page'] : ''; + + if ( sanitize_key( $page ) != $page ) { + wp_die( 0 ); + } + + $user = wp_get_current_user(); + if ( ! $user ) { + wp_die( -1 ); + } + + $hidden = ! empty( $_POST['hidden'] ) ? explode( ',', $_POST['hidden'] ) : array(); + update_user_meta( $user->ID, "manage{$page}columnshidden", $hidden ); + + wp_die( 1 ); +} + +/** + * Handles updating whether to display the welcome panel via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_update_welcome_panel() { + check_ajax_referer( 'welcome-panel-nonce', 'welcomepanelnonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + update_user_meta( get_current_user_id(), 'show_welcome_panel', empty( $_POST['visible'] ) ? 0 : 1 ); + + wp_die( 1 ); +} + +/** + * Handles for retrieving menu meta boxes via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_menu_get_metabox() { + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + require_once ABSPATH . 'wp-admin/includes/nav-menu.php'; + + if ( isset( $_POST['item-type'] ) && 'post_type' === $_POST['item-type'] ) { + $type = 'posttype'; + $callback = 'wp_nav_menu_item_post_type_meta_box'; + $items = (array) get_post_types( array( 'show_in_nav_menus' => true ), 'object' ); + } elseif ( isset( $_POST['item-type'] ) && 'taxonomy' === $_POST['item-type'] ) { + $type = 'taxonomy'; + $callback = 'wp_nav_menu_item_taxonomy_meta_box'; + $items = (array) get_taxonomies( array( 'show_ui' => true ), 'object' ); + } + + if ( ! empty( $_POST['item-object'] ) && isset( $items[ $_POST['item-object'] ] ) ) { + $menus_meta_box_object = $items[ $_POST['item-object'] ]; + + /** This filter is documented in wp-admin/includes/nav-menu.php */ + $item = apply_filters( 'nav_menu_meta_box_object', $menus_meta_box_object ); + + $box_args = array( + 'id' => 'add-' . $item->name, + 'title' => $item->labels->name, + 'callback' => $callback, + 'args' => $item, + ); + + ob_start(); + $callback( null, $box_args ); + + $markup = ob_get_clean(); + + echo wp_json_encode( + array( + 'replace-id' => $type . '-' . $item->name, + 'markup' => $markup, + ) + ); + } + + wp_die(); +} + +/** + * Handles internal linking via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_wp_link_ajax() { + check_ajax_referer( 'internal-linking', '_ajax_linking_nonce' ); + + $args = array(); + + if ( isset( $_POST['search'] ) ) { + $args['s'] = wp_unslash( $_POST['search'] ); + } + + if ( isset( $_POST['term'] ) ) { + $args['s'] = wp_unslash( $_POST['term'] ); + } + + $args['pagenum'] = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1; + + if ( ! class_exists( '_WP_Editors', false ) ) { + require ABSPATH . WPINC . '/class-wp-editor.php'; + } + + $results = _WP_Editors::wp_link_query( $args ); + + if ( ! isset( $results ) ) { + wp_die( 0 ); + } + + echo wp_json_encode( $results ); + echo "\n"; + + wp_die(); +} + +/** + * Handles saving menu locations via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_menu_locations_save() { + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' ); + + if ( ! isset( $_POST['menu-locations'] ) ) { + wp_die( 0 ); + } + + set_theme_mod( 'nav_menu_locations', array_map( 'absint', $_POST['menu-locations'] ) ); + wp_die( 1 ); +} + +/** + * Handles saving the meta box order via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_meta_box_order() { + check_ajax_referer( 'meta-box-order' ); + $order = isset( $_POST['order'] ) ? (array) $_POST['order'] : false; + $page_columns = isset( $_POST['page_columns'] ) ? $_POST['page_columns'] : 'auto'; + + if ( 'auto' !== $page_columns ) { + $page_columns = (int) $page_columns; + } + + $page = isset( $_POST['page'] ) ? $_POST['page'] : ''; + + if ( sanitize_key( $page ) != $page ) { + wp_die( 0 ); + } + + $user = wp_get_current_user(); + if ( ! $user ) { + wp_die( -1 ); + } + + if ( $order ) { + update_user_meta( $user->ID, "meta-box-order_$page", $order ); + } + + if ( $page_columns ) { + update_user_meta( $user->ID, "screen_layout_$page", $page_columns ); + } + + wp_send_json_success(); +} + +/** + * Handles menu quick searching via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_menu_quick_search() { + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + require_once ABSPATH . 'wp-admin/includes/nav-menu.php'; + + _wp_ajax_menu_quick_search( $_POST ); + + wp_die(); +} + +/** + * Handles retrieving a permalink via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_get_permalink() { + check_ajax_referer( 'getpermalink', 'getpermalinknonce' ); + $post_id = isset( $_POST['post_id'] ) ? (int) $_POST['post_id'] : 0; + wp_die( get_preview_post_link( $post_id ) ); +} + +/** + * Handles retrieving a sample permalink via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_sample_permalink() { + check_ajax_referer( 'samplepermalink', 'samplepermalinknonce' ); + $post_id = isset( $_POST['post_id'] ) ? (int) $_POST['post_id'] : 0; + $title = isset( $_POST['new_title'] ) ? $_POST['new_title'] : ''; + $slug = isset( $_POST['new_slug'] ) ? $_POST['new_slug'] : null; + wp_die( get_sample_permalink_html( $post_id, $title, $slug ) ); +} + +/** + * Handles Quick Edit saving a post from a list table via AJAX. + * + * @since 3.1.0 + * + * @global string $mode List table view mode. + */ +function wp_ajax_inline_save() { + global $mode; + + check_ajax_referer( 'inlineeditnonce', '_inline_edit' ); + + if ( ! isset( $_POST['post_ID'] ) || ! (int) $_POST['post_ID'] ) { + wp_die(); + } + + $post_id = (int) $_POST['post_ID']; + + if ( 'page' === $_POST['post_type'] ) { + if ( ! current_user_can( 'edit_page', $post_id ) ) { + wp_die( __( 'Sorry, you are not allowed to edit this page.' ) ); + } + } else { + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); + } + } + + $last = wp_check_post_lock( $post_id ); + if ( $last ) { + $last_user = get_userdata( $last ); + $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' ); + + /* translators: %s: User's display name. */ + $msg_template = __( 'Saving is disabled: %s is currently editing this post.' ); + + if ( 'page' === $_POST['post_type'] ) { + /* translators: %s: User's display name. */ + $msg_template = __( 'Saving is disabled: %s is currently editing this page.' ); + } + + printf( $msg_template, esc_html( $last_user_name ) ); + wp_die(); + } + + $data = &$_POST; + + $post = get_post( $post_id, ARRAY_A ); + + // Since it's coming from the database. + $post = wp_slash( $post ); + + $data['content'] = $post['post_content']; + $data['excerpt'] = $post['post_excerpt']; + + // Rename. + $data['user_ID'] = get_current_user_id(); + + if ( isset( $data['post_parent'] ) ) { + $data['parent_id'] = $data['post_parent']; + } + + // Status. + if ( isset( $data['keep_private'] ) && 'private' === $data['keep_private'] ) { + $data['visibility'] = 'private'; + $data['post_status'] = 'private'; + } else { + $data['post_status'] = $data['_status']; + } + + if ( empty( $data['comment_status'] ) ) { + $data['comment_status'] = 'closed'; + } + + if ( empty( $data['ping_status'] ) ) { + $data['ping_status'] = 'closed'; + } + + // Exclude terms from taxonomies that are not supposed to appear in Quick Edit. + if ( ! empty( $data['tax_input'] ) ) { + foreach ( $data['tax_input'] as $taxonomy => $terms ) { + $tax_object = get_taxonomy( $taxonomy ); + /** This filter is documented in wp-admin/includes/class-wp-posts-list-table.php */ + if ( ! apply_filters( 'quick_edit_show_taxonomy', $tax_object->show_in_quick_edit, $taxonomy, $post['post_type'] ) ) { + unset( $data['tax_input'][ $taxonomy ] ); + } + } + } + + // Hack: wp_unique_post_slug() doesn't work for drafts, so we will fake that our post is published. + if ( ! empty( $data['post_name'] ) && in_array( $post['post_status'], array( 'draft', 'pending' ), true ) ) { + $post['post_status'] = 'publish'; + $data['post_name'] = wp_unique_post_slug( $data['post_name'], $post['ID'], $post['post_status'], $post['post_type'], $post['post_parent'] ); + } + + // Update the post. + edit_post(); + + $wp_list_table = _get_list_table( 'WP_Posts_List_Table', array( 'screen' => $_POST['screen'] ) ); + + $mode = 'excerpt' === $_POST['post_view'] ? 'excerpt' : 'list'; + + $level = 0; + if ( is_post_type_hierarchical( $wp_list_table->screen->post_type ) ) { + $request_post = array( get_post( $_POST['post_ID'] ) ); + $parent = $request_post[0]->post_parent; + + while ( $parent > 0 ) { + $parent_post = get_post( $parent ); + $parent = $parent_post->post_parent; + ++$level; + } + } + + $wp_list_table->display_rows( array( get_post( $_POST['post_ID'] ) ), $level ); + + wp_die(); +} + +/** + * Handles Quick Edit saving for a term via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_inline_save_tax() { + check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' ); + + $taxonomy = sanitize_key( $_POST['taxonomy'] ); + $taxonomy_object = get_taxonomy( $taxonomy ); + + if ( ! $taxonomy_object ) { + wp_die( 0 ); + } + + if ( ! isset( $_POST['tax_ID'] ) || ! (int) $_POST['tax_ID'] ) { + wp_die( -1 ); + } + + $id = (int) $_POST['tax_ID']; + + if ( ! current_user_can( 'edit_term', $id ) ) { + wp_die( -1 ); + } + + $wp_list_table = _get_list_table( 'WP_Terms_List_Table', array( 'screen' => 'edit-' . $taxonomy ) ); + + $tag = get_term( $id, $taxonomy ); + $_POST['description'] = $tag->description; + + $updated = wp_update_term( $id, $taxonomy, $_POST ); + + if ( $updated && ! is_wp_error( $updated ) ) { + $tag = get_term( $updated['term_id'], $taxonomy ); + if ( ! $tag || is_wp_error( $tag ) ) { + if ( is_wp_error( $tag ) && $tag->get_error_message() ) { + wp_die( $tag->get_error_message() ); + } + wp_die( __( 'Item not updated.' ) ); + } + } else { + if ( is_wp_error( $updated ) && $updated->get_error_message() ) { + wp_die( $updated->get_error_message() ); + } + wp_die( __( 'Item not updated.' ) ); + } + + $level = 0; + $parent = $tag->parent; + + while ( $parent > 0 ) { + $parent_tag = get_term( $parent, $taxonomy ); + $parent = $parent_tag->parent; + ++$level; + } + + $wp_list_table->single_row( $tag, $level ); + wp_die(); +} + +/** + * Handles querying posts for the Find Posts modal via AJAX. + * + * @see window.findPosts + * + * @since 3.1.0 + */ +function wp_ajax_find_posts() { + check_ajax_referer( 'find-posts' ); + + $post_types = get_post_types( array( 'public' => true ), 'objects' ); + unset( $post_types['attachment'] ); + + $args = array( + 'post_type' => array_keys( $post_types ), + 'post_status' => 'any', + 'posts_per_page' => 50, + ); + + $search = wp_unslash( $_POST['ps'] ); + + if ( '' !== $search ) { + $args['s'] = $search; + } + + $posts = get_posts( $args ); + + if ( ! $posts ) { + wp_send_json_error( __( 'No items found.' ) ); + } + + $html = '<table class="widefat"><thead><tr><th class="found-radio"><br /></th><th>' . __( 'Title' ) . '</th><th class="no-break">' . __( 'Type' ) . '</th><th class="no-break">' . __( 'Date' ) . '</th><th class="no-break">' . __( 'Status' ) . '</th></tr></thead><tbody>'; + $alt = ''; + foreach ( $posts as $post ) { + $title = trim( $post->post_title ) ? $post->post_title : __( '(no title)' ); + $alt = ( 'alternate' === $alt ) ? '' : 'alternate'; + + switch ( $post->post_status ) { + case 'publish': + case 'private': + $stat = __( 'Published' ); + break; + case 'future': + $stat = __( 'Scheduled' ); + break; + case 'pending': + $stat = __( 'Pending Review' ); + break; + case 'draft': + $stat = __( 'Draft' ); + break; + } + + if ( '0000-00-00 00:00:00' === $post->post_date ) { + $time = ''; + } else { + /* translators: Date format in table columns, see https://www.php.net/manual/datetime.format.php */ + $time = mysql2date( __( 'Y/m/d' ), $post->post_date ); + } + + $html .= '<tr class="' . trim( 'found-posts ' . $alt ) . '"><td class="found-radio"><input type="radio" id="found-' . $post->ID . '" name="found_post_id" value="' . esc_attr( $post->ID ) . '"></td>'; + $html .= '<td><label for="found-' . $post->ID . '">' . esc_html( $title ) . '</label></td><td class="no-break">' . esc_html( $post_types[ $post->post_type ]->labels->singular_name ) . '</td><td class="no-break">' . esc_html( $time ) . '</td><td class="no-break">' . esc_html( $stat ) . ' </td></tr>' . "\n\n"; + } + + $html .= '</tbody></table>'; + + wp_send_json_success( $html ); +} + +/** + * Handles saving the widgets order via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_widgets_order() { + check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + unset( $_POST['savewidgets'], $_POST['action'] ); + + // Save widgets order for all sidebars. + if ( is_array( $_POST['sidebars'] ) ) { + $sidebars = array(); + + foreach ( wp_unslash( $_POST['sidebars'] ) as $key => $val ) { + $sb = array(); + + if ( ! empty( $val ) ) { + $val = explode( ',', $val ); + + foreach ( $val as $k => $v ) { + if ( ! str_contains( $v, 'widget-' ) ) { + continue; + } + + $sb[ $k ] = substr( $v, strpos( $v, '_' ) + 1 ); + } + } + $sidebars[ $key ] = $sb; + } + + wp_set_sidebars_widgets( $sidebars ); + wp_die( 1 ); + } + + wp_die( -1 ); +} + +/** + * Handles saving a widget via AJAX. + * + * @since 3.1.0 + * + * @global array $wp_registered_widgets + * @global array $wp_registered_widget_controls + * @global array $wp_registered_widget_updates + */ +function wp_ajax_save_widget() { + global $wp_registered_widgets, $wp_registered_widget_controls, $wp_registered_widget_updates; + + check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' ); + + if ( ! current_user_can( 'edit_theme_options' ) || ! isset( $_POST['id_base'] ) ) { + wp_die( -1 ); + } + + unset( $_POST['savewidgets'], $_POST['action'] ); + + /** + * Fires early when editing the widgets displayed in sidebars. + * + * @since 2.8.0 + */ + do_action( 'load-widgets.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** + * Fires early when editing the widgets displayed in sidebars. + * + * @since 2.8.0 + */ + do_action( 'widgets.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/widgets.php */ + do_action( 'sidebar_admin_setup' ); + + $id_base = wp_unslash( $_POST['id_base'] ); + $widget_id = wp_unslash( $_POST['widget-id'] ); + $sidebar_id = $_POST['sidebar']; + $multi_number = ! empty( $_POST['multi_number'] ) ? (int) $_POST['multi_number'] : 0; + $settings = isset( $_POST[ 'widget-' . $id_base ] ) && is_array( $_POST[ 'widget-' . $id_base ] ) ? $_POST[ 'widget-' . $id_base ] : false; + $error = '<p>' . __( 'An error has occurred. Please reload the page and try again.' ) . '</p>'; + + $sidebars = wp_get_sidebars_widgets(); + $sidebar = isset( $sidebars[ $sidebar_id ] ) ? $sidebars[ $sidebar_id ] : array(); + + // Delete. + if ( isset( $_POST['delete_widget'] ) && $_POST['delete_widget'] ) { + + if ( ! isset( $wp_registered_widgets[ $widget_id ] ) ) { + wp_die( $error ); + } + + $sidebar = array_diff( $sidebar, array( $widget_id ) ); + $_POST = array( + 'sidebar' => $sidebar_id, + 'widget-' . $id_base => array(), + 'the-widget-id' => $widget_id, + 'delete_widget' => '1', + ); + + /** This action is documented in wp-admin/widgets.php */ + do_action( 'delete_widget', $widget_id, $sidebar_id, $id_base ); + + } elseif ( $settings && preg_match( '/__i__|%i%/', key( $settings ) ) ) { + if ( ! $multi_number ) { + wp_die( $error ); + } + + $_POST[ 'widget-' . $id_base ] = array( $multi_number => reset( $settings ) ); + $widget_id = $id_base . '-' . $multi_number; + $sidebar[] = $widget_id; + } + $_POST['widget-id'] = $sidebar; + + foreach ( (array) $wp_registered_widget_updates as $name => $control ) { + + if ( $name == $id_base ) { + if ( ! is_callable( $control['callback'] ) ) { + continue; + } + + ob_start(); + call_user_func_array( $control['callback'], $control['params'] ); + ob_end_clean(); + break; + } + } + + if ( isset( $_POST['delete_widget'] ) && $_POST['delete_widget'] ) { + $sidebars[ $sidebar_id ] = $sidebar; + wp_set_sidebars_widgets( $sidebars ); + echo "deleted:$widget_id"; + wp_die(); + } + + if ( ! empty( $_POST['add_new'] ) ) { + wp_die(); + } + + $form = $wp_registered_widget_controls[ $widget_id ]; + if ( $form ) { + call_user_func_array( $form['callback'], $form['params'] ); + } + + wp_die(); +} + +/** + * Handles updating a widget via AJAX. + * + * @since 3.9.0 + * + * @global WP_Customize_Manager $wp_customize + */ +function wp_ajax_update_widget() { + global $wp_customize; + $wp_customize->widgets->wp_ajax_update_widget(); +} + +/** + * Handles removing inactive widgets via AJAX. + * + * @since 4.4.0 + */ +function wp_ajax_delete_inactive_widgets() { + check_ajax_referer( 'remove-inactive-widgets', 'removeinactivewidgets' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( -1 ); + } + + unset( $_POST['removeinactivewidgets'], $_POST['action'] ); + /** This action is documented in wp-admin/includes/ajax-actions.php */ + do_action( 'load-widgets.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + /** This action is documented in wp-admin/includes/ajax-actions.php */ + do_action( 'widgets.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + /** This action is documented in wp-admin/widgets.php */ + do_action( 'sidebar_admin_setup' ); + + $sidebars_widgets = wp_get_sidebars_widgets(); + + foreach ( $sidebars_widgets['wp_inactive_widgets'] as $key => $widget_id ) { + $pieces = explode( '-', $widget_id ); + $multi_number = array_pop( $pieces ); + $id_base = implode( '-', $pieces ); + $widget = get_option( 'widget_' . $id_base ); + unset( $widget[ $multi_number ] ); + update_option( 'widget_' . $id_base, $widget ); + unset( $sidebars_widgets['wp_inactive_widgets'][ $key ] ); + } + + wp_set_sidebars_widgets( $sidebars_widgets ); + + wp_die(); +} + +/** + * Handles creating missing image sub-sizes for just uploaded images via AJAX. + * + * @since 5.3.0 + */ +function wp_ajax_media_create_image_subsizes() { + check_ajax_referer( 'media-form' ); + + if ( ! current_user_can( 'upload_files' ) ) { + wp_send_json_error( array( 'message' => __( 'Sorry, you are not allowed to upload files.' ) ) ); + } + + if ( empty( $_POST['attachment_id'] ) ) { + wp_send_json_error( array( 'message' => __( 'Upload failed. Please reload and try again.' ) ) ); + } + + $attachment_id = (int) $_POST['attachment_id']; + + if ( ! empty( $_POST['_wp_upload_failed_cleanup'] ) ) { + // Upload failed. Cleanup. + if ( wp_attachment_is_image( $attachment_id ) && current_user_can( 'delete_post', $attachment_id ) ) { + $attachment = get_post( $attachment_id ); + + // Created at most 10 min ago. + if ( $attachment && ( time() - strtotime( $attachment->post_date_gmt ) < 600 ) ) { + wp_delete_attachment( $attachment_id, true ); + wp_send_json_success(); + } + } + } + + /* + * Set a custom header with the attachment_id. + * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. + */ + if ( ! headers_sent() ) { + header( 'X-WP-Upload-Attachment-ID: ' . $attachment_id ); + } + + /* + * This can still be pretty slow and cause timeout or out of memory errors. + * The js that handles the response would need to also handle HTTP 500 errors. + */ + wp_update_image_subsizes( $attachment_id ); + + if ( ! empty( $_POST['_legacy_support'] ) ) { + // The old (inline) uploader. Only needs the attachment_id. + $response = array( 'id' => $attachment_id ); + } else { + // Media modal and Media Library grid view. + $response = wp_prepare_attachment_for_js( $attachment_id ); + + if ( ! $response ) { + wp_send_json_error( array( 'message' => __( 'Upload failed.' ) ) ); + } + } + + // At this point the image has been uploaded successfully. + wp_send_json_success( $response ); +} + +/** + * Handles uploading attachments via AJAX. + * + * @since 3.3.0 + */ +function wp_ajax_upload_attachment() { + check_ajax_referer( 'media-form' ); + /* + * This function does not use wp_send_json_success() / wp_send_json_error() + * as the html4 Plupload handler requires a text/html Content-Type for older IE. + * See https://core.trac.wordpress.org/ticket/31037 + */ + + if ( ! current_user_can( 'upload_files' ) ) { + echo wp_json_encode( + array( + 'success' => false, + 'data' => array( + 'message' => __( 'Sorry, you are not allowed to upload files.' ), + 'filename' => esc_html( $_FILES['async-upload']['name'] ), + ), + ) + ); + + wp_die(); + } + + if ( isset( $_REQUEST['post_id'] ) ) { + $post_id = $_REQUEST['post_id']; + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + echo wp_json_encode( + array( + 'success' => false, + 'data' => array( + 'message' => __( 'Sorry, you are not allowed to attach files to this post.' ), + 'filename' => esc_html( $_FILES['async-upload']['name'] ), + ), + ) + ); + + wp_die(); + } + } else { + $post_id = null; + } + + $post_data = ! empty( $_REQUEST['post_data'] ) ? _wp_get_allowed_postdata( _wp_translate_postdata( false, (array) $_REQUEST['post_data'] ) ) : array(); + + if ( is_wp_error( $post_data ) ) { + wp_die( $post_data->get_error_message() ); + } + + // If the context is custom header or background, make sure the uploaded file is an image. + if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ), true ) ) { + $wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'] ); + + if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { + echo wp_json_encode( + array( + 'success' => false, + 'data' => array( + 'message' => __( 'The uploaded file is not a valid image. Please try again.' ), + 'filename' => esc_html( $_FILES['async-upload']['name'] ), + ), + ) + ); + + wp_die(); + } + } + + $attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data ); + + if ( is_wp_error( $attachment_id ) ) { + echo wp_json_encode( + array( + 'success' => false, + 'data' => array( + 'message' => $attachment_id->get_error_message(), + 'filename' => esc_html( $_FILES['async-upload']['name'] ), + ), + ) + ); + + wp_die(); + } + + if ( isset( $post_data['context'] ) && isset( $post_data['theme'] ) ) { + if ( 'custom-background' === $post_data['context'] ) { + update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', $post_data['theme'] ); + } + + if ( 'custom-header' === $post_data['context'] ) { + update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', $post_data['theme'] ); + } + } + + $attachment = wp_prepare_attachment_for_js( $attachment_id ); + if ( ! $attachment ) { + wp_die(); + } + + echo wp_json_encode( + array( + 'success' => true, + 'data' => $attachment, + ) + ); + + wp_die(); +} + +/** + * Handles image editing via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_image_editor() { + $attachment_id = (int) $_POST['postid']; + + if ( empty( $attachment_id ) || ! current_user_can( 'edit_post', $attachment_id ) ) { + wp_die( -1 ); + } + + check_ajax_referer( "image_editor-$attachment_id" ); + require_once ABSPATH . 'wp-admin/includes/image-edit.php'; + + $msg = false; + + switch ( $_POST['do'] ) { + case 'save': + $msg = wp_save_image( $attachment_id ); + if ( ! empty( $msg->error ) ) { + wp_send_json_error( $msg ); + } + + wp_send_json_success( $msg ); + break; + case 'scale': + $msg = wp_save_image( $attachment_id ); + break; + case 'restore': + $msg = wp_restore_image( $attachment_id ); + break; + } + + ob_start(); + wp_image_editor( $attachment_id, $msg ); + $html = ob_get_clean(); + + if ( ! empty( $msg->error ) ) { + wp_send_json_error( + array( + 'message' => $msg, + 'html' => $html, + ) + ); + } + + wp_send_json_success( + array( + 'message' => $msg, + 'html' => $html, + ) + ); +} + +/** + * Handles setting the featured image via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_set_post_thumbnail() { + $json = ! empty( $_REQUEST['json'] ); // New-style request. + + $post_id = (int) $_POST['post_id']; + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( -1 ); + } + + $thumbnail_id = (int) $_POST['thumbnail_id']; + + if ( $json ) { + check_ajax_referer( "update-post_$post_id" ); + } else { + check_ajax_referer( "set_post_thumbnail-$post_id" ); + } + + if ( '-1' == $thumbnail_id ) { + if ( delete_post_thumbnail( $post_id ) ) { + $return = _wp_post_thumbnail_html( null, $post_id ); + $json ? wp_send_json_success( $return ) : wp_die( $return ); + } else { + wp_die( 0 ); + } + } + + if ( set_post_thumbnail( $post_id, $thumbnail_id ) ) { + $return = _wp_post_thumbnail_html( $thumbnail_id, $post_id ); + $json ? wp_send_json_success( $return ) : wp_die( $return ); + } + + wp_die( 0 ); +} + +/** + * Handles retrieving HTML for the featured image via AJAX. + * + * @since 4.6.0 + */ +function wp_ajax_get_post_thumbnail_html() { + $post_id = (int) $_POST['post_id']; + + check_ajax_referer( "update-post_$post_id" ); + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( -1 ); + } + + $thumbnail_id = (int) $_POST['thumbnail_id']; + + // For backward compatibility, -1 refers to no featured image. + if ( -1 === $thumbnail_id ) { + $thumbnail_id = null; + } + + $return = _wp_post_thumbnail_html( $thumbnail_id, $post_id ); + wp_send_json_success( $return ); +} + +/** + * Handles setting the featured image for an attachment via AJAX. + * + * @since 4.0.0 + * + * @see set_post_thumbnail() + */ +function wp_ajax_set_attachment_thumbnail() { + if ( empty( $_POST['urls'] ) || ! is_array( $_POST['urls'] ) ) { + wp_send_json_error(); + } + + $thumbnail_id = (int) $_POST['thumbnail_id']; + if ( empty( $thumbnail_id ) ) { + wp_send_json_error(); + } + + if ( false === check_ajax_referer( 'set-attachment-thumbnail', '_ajax_nonce', false ) ) { + wp_send_json_error(); + } + + $post_ids = array(); + // For each URL, try to find its corresponding post ID. + foreach ( $_POST['urls'] as $url ) { + $post_id = attachment_url_to_postid( $url ); + if ( ! empty( $post_id ) ) { + $post_ids[] = $post_id; + } + } + + if ( empty( $post_ids ) ) { + wp_send_json_error(); + } + + $success = 0; + // For each found attachment, set its thumbnail. + foreach ( $post_ids as $post_id ) { + if ( ! current_user_can( 'edit_post', $post_id ) ) { + continue; + } + + if ( set_post_thumbnail( $post_id, $thumbnail_id ) ) { + ++$success; + } + } + + if ( 0 === $success ) { + wp_send_json_error(); + } else { + wp_send_json_success(); + } + + wp_send_json_error(); +} + +/** + * Handles formatting a date via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_date_format() { + wp_die( date_i18n( sanitize_option( 'date_format', wp_unslash( $_POST['date'] ) ) ) ); +} + +/** + * Handles formatting a time via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_time_format() { + wp_die( date_i18n( sanitize_option( 'time_format', wp_unslash( $_POST['date'] ) ) ) ); +} + +/** + * Handles saving posts from the fullscreen editor via AJAX. + * + * @since 3.1.0 + * @deprecated 4.3.0 + */ +function wp_ajax_wp_fullscreen_save_post() { + $post_id = isset( $_POST['post_ID'] ) ? (int) $_POST['post_ID'] : 0; + + $post = null; + + if ( $post_id ) { + $post = get_post( $post_id ); + } + + check_ajax_referer( 'update-post_' . $post_id, '_wpnonce' ); + + $post_id = edit_post(); + + if ( is_wp_error( $post_id ) ) { + wp_send_json_error(); + } + + if ( $post ) { + $last_date = mysql2date( __( 'F j, Y' ), $post->post_modified ); + $last_time = mysql2date( __( 'g:i a' ), $post->post_modified ); + } else { + $last_date = date_i18n( __( 'F j, Y' ) ); + $last_time = date_i18n( __( 'g:i a' ) ); + } + + $last_id = get_post_meta( $post_id, '_edit_last', true ); + if ( $last_id ) { + $last_user = get_userdata( $last_id ); + /* translators: 1: User's display name, 2: Date of last edit, 3: Time of last edit. */ + $last_edited = sprintf( __( 'Last edited by %1$s on %2$s at %3$s' ), esc_html( $last_user->display_name ), $last_date, $last_time ); + } else { + /* translators: 1: Date of last edit, 2: Time of last edit. */ + $last_edited = sprintf( __( 'Last edited on %1$s at %2$s' ), $last_date, $last_time ); + } + + wp_send_json_success( array( 'last_edited' => $last_edited ) ); +} + +/** + * Handles removing a post lock via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_wp_remove_post_lock() { + if ( empty( $_POST['post_ID'] ) || empty( $_POST['active_post_lock'] ) ) { + wp_die( 0 ); + } + + $post_id = (int) $_POST['post_ID']; + $post = get_post( $post_id ); + + if ( ! $post ) { + wp_die( 0 ); + } + + check_ajax_referer( 'update-post_' . $post_id ); + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_die( -1 ); + } + + $active_lock = array_map( 'absint', explode( ':', $_POST['active_post_lock'] ) ); + + if ( get_current_user_id() != $active_lock[1] ) { + wp_die( 0 ); + } + + /** + * Filters the post lock window duration. + * + * @since 3.3.0 + * + * @param int $interval The interval in seconds the post lock duration + * should last, plus 5 seconds. Default 150. + */ + $new_lock = ( time() - apply_filters( 'wp_check_post_lock_window', 150 ) + 5 ) . ':' . $active_lock[1]; + update_post_meta( $post_id, '_edit_lock', $new_lock, implode( ':', $active_lock ) ); + wp_die( 1 ); +} + +/** + * Handles dismissing a WordPress pointer via AJAX. + * + * @since 3.1.0 + */ +function wp_ajax_dismiss_wp_pointer() { + $pointer = $_POST['pointer']; + + if ( sanitize_key( $pointer ) != $pointer ) { + wp_die( 0 ); + } + + // check_ajax_referer( 'dismiss-pointer_' . $pointer ); + + $dismissed = array_filter( explode( ',', (string) get_user_meta( get_current_user_id(), 'dismissed_wp_pointers', true ) ) ); + + if ( in_array( $pointer, $dismissed, true ) ) { + wp_die( 0 ); + } + + $dismissed[] = $pointer; + $dismissed = implode( ',', $dismissed ); + + update_user_meta( get_current_user_id(), 'dismissed_wp_pointers', $dismissed ); + wp_die( 1 ); +} + +/** + * Handles getting an attachment via AJAX. + * + * @since 3.5.0 + */ +function wp_ajax_get_attachment() { + if ( ! isset( $_REQUEST['id'] ) ) { + wp_send_json_error(); + } + + $id = absint( $_REQUEST['id'] ); + if ( ! $id ) { + wp_send_json_error(); + } + + $post = get_post( $id ); + if ( ! $post ) { + wp_send_json_error(); + } + + if ( 'attachment' !== $post->post_type ) { + wp_send_json_error(); + } + + if ( ! current_user_can( 'upload_files' ) ) { + wp_send_json_error(); + } + + $attachment = wp_prepare_attachment_for_js( $id ); + if ( ! $attachment ) { + wp_send_json_error(); + } + + wp_send_json_success( $attachment ); +} + +/** + * Handles querying attachments via AJAX. + * + * @since 3.5.0 + */ +function wp_ajax_query_attachments() { + if ( ! current_user_can( 'upload_files' ) ) { + wp_send_json_error(); + } + + $query = isset( $_REQUEST['query'] ) ? (array) $_REQUEST['query'] : array(); + $keys = array( + 's', + 'order', + 'orderby', + 'posts_per_page', + 'paged', + 'post_mime_type', + 'post_parent', + 'author', + 'post__in', + 'post__not_in', + 'year', + 'monthnum', + ); + + foreach ( get_taxonomies_for_attachments( 'objects' ) as $t ) { + if ( $t->query_var && isset( $query[ $t->query_var ] ) ) { + $keys[] = $t->query_var; + } + } + + $query = array_intersect_key( $query, array_flip( $keys ) ); + $query['post_type'] = 'attachment'; + + if ( + MEDIA_TRASH && + ! empty( $_REQUEST['query']['post_status'] ) && + 'trash' === $_REQUEST['query']['post_status'] + ) { + $query['post_status'] = 'trash'; + } else { + $query['post_status'] = 'inherit'; + } + + if ( current_user_can( get_post_type_object( 'attachment' )->cap->read_private_posts ) ) { + $query['post_status'] .= ',private'; + } + + // Filter query clauses to include filenames. + if ( isset( $query['s'] ) ) { + add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); + } + + /** + * Filters the arguments passed to WP_Query during an Ajax + * call for querying attachments. + * + * @since 3.7.0 + * + * @see WP_Query::parse_query() + * + * @param array $query An array of query variables. + */ + $query = apply_filters( 'ajax_query_attachments_args', $query ); + $attachments_query = new WP_Query( $query ); + update_post_parent_caches( $attachments_query->posts ); + + $posts = array_map( 'wp_prepare_attachment_for_js', $attachments_query->posts ); + $posts = array_filter( $posts ); + $total_posts = $attachments_query->found_posts; + + if ( $total_posts < 1 ) { + // Out-of-bounds, run the query again without LIMIT for total count. + unset( $query['paged'] ); + + $count_query = new WP_Query(); + $count_query->query( $query ); + $total_posts = $count_query->found_posts; + } + + $posts_per_page = (int) $attachments_query->get( 'posts_per_page' ); + + $max_pages = $posts_per_page ? ceil( $total_posts / $posts_per_page ) : 0; + + header( 'X-WP-Total: ' . (int) $total_posts ); + header( 'X-WP-TotalPages: ' . (int) $max_pages ); + + wp_send_json_success( $posts ); +} + +/** + * Handles updating attachment attributes via AJAX. + * + * @since 3.5.0 + */ +function wp_ajax_save_attachment() { + if ( ! isset( $_REQUEST['id'] ) || ! isset( $_REQUEST['changes'] ) ) { + wp_send_json_error(); + } + + $id = absint( $_REQUEST['id'] ); + if ( ! $id ) { + wp_send_json_error(); + } + + check_ajax_referer( 'update-post_' . $id, 'nonce' ); + + if ( ! current_user_can( 'edit_post', $id ) ) { + wp_send_json_error(); + } + + $changes = $_REQUEST['changes']; + $post = get_post( $id, ARRAY_A ); + + if ( 'attachment' !== $post['post_type'] ) { + wp_send_json_error(); + } + + if ( isset( $changes['parent'] ) ) { + $post['post_parent'] = $changes['parent']; + } + + if ( isset( $changes['title'] ) ) { + $post['post_title'] = $changes['title']; + } + + if ( isset( $changes['caption'] ) ) { + $post['post_excerpt'] = $changes['caption']; + } + + if ( isset( $changes['description'] ) ) { + $post['post_content'] = $changes['description']; + } + + if ( MEDIA_TRASH && isset( $changes['status'] ) ) { + $post['post_status'] = $changes['status']; + } + + if ( isset( $changes['alt'] ) ) { + $alt = wp_unslash( $changes['alt'] ); + if ( get_post_meta( $id, '_wp_attachment_image_alt', true ) !== $alt ) { + $alt = wp_strip_all_tags( $alt, true ); + update_post_meta( $id, '_wp_attachment_image_alt', wp_slash( $alt ) ); + } + } + + if ( wp_attachment_is( 'audio', $post['ID'] ) ) { + $changed = false; + $id3data = wp_get_attachment_metadata( $post['ID'] ); + + if ( ! is_array( $id3data ) ) { + $changed = true; + $id3data = array(); + } + + foreach ( wp_get_attachment_id3_keys( (object) $post, 'edit' ) as $key => $label ) { + if ( isset( $changes[ $key ] ) ) { + $changed = true; + $id3data[ $key ] = sanitize_text_field( wp_unslash( $changes[ $key ] ) ); + } + } + + if ( $changed ) { + wp_update_attachment_metadata( $id, $id3data ); + } + } + + if ( MEDIA_TRASH && isset( $changes['status'] ) && 'trash' === $changes['status'] ) { + wp_delete_post( $id ); + } else { + wp_update_post( $post ); + } + + wp_send_json_success(); +} + +/** + * Handles saving backward compatible attachment attributes via AJAX. + * + * @since 3.5.0 + */ +function wp_ajax_save_attachment_compat() { + if ( ! isset( $_REQUEST['id'] ) ) { + wp_send_json_error(); + } + + $id = absint( $_REQUEST['id'] ); + if ( ! $id ) { + wp_send_json_error(); + } + + if ( empty( $_REQUEST['attachments'] ) || empty( $_REQUEST['attachments'][ $id ] ) ) { + wp_send_json_error(); + } + + $attachment_data = $_REQUEST['attachments'][ $id ]; + + check_ajax_referer( 'update-post_' . $id, 'nonce' ); + + if ( ! current_user_can( 'edit_post', $id ) ) { + wp_send_json_error(); + } + + $post = get_post( $id, ARRAY_A ); + + if ( 'attachment' !== $post['post_type'] ) { + wp_send_json_error(); + } + + /** This filter is documented in wp-admin/includes/media.php */ + $post = apply_filters( 'attachment_fields_to_save', $post, $attachment_data ); + + if ( isset( $post['errors'] ) ) { + $errors = $post['errors']; // @todo return me and display me! + unset( $post['errors'] ); + } + + wp_update_post( $post ); + + foreach ( get_attachment_taxonomies( $post ) as $taxonomy ) { + if ( isset( $attachment_data[ $taxonomy ] ) ) { + wp_set_object_terms( $id, array_map( 'trim', preg_split( '/,+/', $attachment_data[ $taxonomy ] ) ), $taxonomy, false ); + } + } + + $attachment = wp_prepare_attachment_for_js( $id ); + + if ( ! $attachment ) { + wp_send_json_error(); + } + + wp_send_json_success( $attachment ); +} + +/** + * Handles saving the attachment order via AJAX. + * + * @since 3.5.0 + */ +function wp_ajax_save_attachment_order() { + if ( ! isset( $_REQUEST['post_id'] ) ) { + wp_send_json_error(); + } + + $post_id = absint( $_REQUEST['post_id'] ); + if ( ! $post_id ) { + wp_send_json_error(); + } + + if ( empty( $_REQUEST['attachments'] ) ) { + wp_send_json_error(); + } + + check_ajax_referer( 'update-post_' . $post_id, 'nonce' ); + + $attachments = $_REQUEST['attachments']; + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + wp_send_json_error(); + } + + foreach ( $attachments as $attachment_id => $menu_order ) { + if ( ! current_user_can( 'edit_post', $attachment_id ) ) { + continue; + } + + $attachment = get_post( $attachment_id ); + + if ( ! $attachment ) { + continue; + } + + if ( 'attachment' !== $attachment->post_type ) { + continue; + } + + wp_update_post( + array( + 'ID' => $attachment_id, + 'menu_order' => $menu_order, + ) + ); + } + + wp_send_json_success(); +} + +/** + * Handles sending an attachment to the editor via AJAX. + * + * Generates the HTML to send an attachment to the editor. + * Backward compatible with the {@see 'media_send_to_editor'} filter + * and the chain of filters that follow. + * + * @since 3.5.0 + */ +function wp_ajax_send_attachment_to_editor() { + check_ajax_referer( 'media-send-to-editor', 'nonce' ); + + $attachment = wp_unslash( $_POST['attachment'] ); + + $id = (int) $attachment['id']; + + $post = get_post( $id ); + if ( ! $post ) { + wp_send_json_error(); + } + + if ( 'attachment' !== $post->post_type ) { + wp_send_json_error(); + } + + if ( current_user_can( 'edit_post', $id ) ) { + // If this attachment is unattached, attach it. Primarily a back compat thing. + $insert_into_post_id = (int) $_POST['post_id']; + + if ( 0 == $post->post_parent && $insert_into_post_id ) { + wp_update_post( + array( + 'ID' => $id, + 'post_parent' => $insert_into_post_id, + ) + ); + } + } + + $url = empty( $attachment['url'] ) ? '' : $attachment['url']; + $rel = ( str_contains( $url, 'attachment_id' ) || get_attachment_link( $id ) === $url ); + + remove_filter( 'media_send_to_editor', 'image_media_send_to_editor' ); + + if ( str_starts_with( $post->post_mime_type, 'image' ) ) { + $align = isset( $attachment['align'] ) ? $attachment['align'] : 'none'; + $size = isset( $attachment['image-size'] ) ? $attachment['image-size'] : 'medium'; + $alt = isset( $attachment['image_alt'] ) ? $attachment['image_alt'] : ''; + + // No whitespace-only captions. + $caption = isset( $attachment['post_excerpt'] ) ? $attachment['post_excerpt'] : ''; + if ( '' === trim( $caption ) ) { + $caption = ''; + } + + $title = ''; // We no longer insert title tags into <img> tags, as they are redundant. + $html = get_image_send_to_editor( $id, $caption, $title, $align, $url, $rel, $size, $alt ); + } elseif ( wp_attachment_is( 'video', $post ) || wp_attachment_is( 'audio', $post ) ) { + $html = stripslashes_deep( $_POST['html'] ); + } else { + $html = isset( $attachment['post_title'] ) ? $attachment['post_title'] : ''; + $rel = $rel ? ' rel="attachment wp-att-' . $id . '"' : ''; // Hard-coded string, $id is already sanitized. + + if ( ! empty( $url ) ) { + $html = '<a href="' . esc_url( $url ) . '"' . $rel . '>' . $html . '</a>'; + } + } + + /** This filter is documented in wp-admin/includes/media.php */ + $html = apply_filters( 'media_send_to_editor', $html, $id, $attachment ); + + wp_send_json_success( $html ); +} + +/** + * Handles sending a link to the editor via AJAX. + * + * Generates the HTML to send a non-image embed link to the editor. + * + * Backward compatible with the following filters: + * - file_send_to_editor_url + * - audio_send_to_editor_url + * - video_send_to_editor_url + * + * @since 3.5.0 + * + * @global WP_Post $post Global post object. + * @global WP_Embed $wp_embed + */ +function wp_ajax_send_link_to_editor() { + global $post, $wp_embed; + + check_ajax_referer( 'media-send-to-editor', 'nonce' ); + + $src = wp_unslash( $_POST['src'] ); + if ( ! $src ) { + wp_send_json_error(); + } + + if ( ! strpos( $src, '://' ) ) { + $src = 'http://' . $src; + } + + $src = sanitize_url( $src ); + if ( ! $src ) { + wp_send_json_error(); + } + + $link_text = trim( wp_unslash( $_POST['link_text'] ) ); + if ( ! $link_text ) { + $link_text = wp_basename( $src ); + } + + $post = get_post( isset( $_POST['post_id'] ) ? $_POST['post_id'] : 0 ); + + // Ping WordPress for an embed. + $check_embed = $wp_embed->run_shortcode( '[embed]' . $src . '[/embed]' ); + + // Fallback that WordPress creates when no oEmbed was found. + $fallback = $wp_embed->maybe_make_link( $src ); + + if ( $check_embed !== $fallback ) { + // TinyMCE view for [embed] will parse this. + $html = '[embed]' . $src . '[/embed]'; + } elseif ( $link_text ) { + $html = '<a href="' . esc_url( $src ) . '">' . $link_text . '</a>'; + } else { + $html = ''; + } + + // Figure out what filter to run: + $type = 'file'; + $ext = preg_replace( '/^.+?\.([^.]+)$/', '$1', $src ); + if ( $ext ) { + $ext_type = wp_ext2type( $ext ); + if ( 'audio' === $ext_type || 'video' === $ext_type ) { + $type = $ext_type; + } + } + + /** This filter is documented in wp-admin/includes/media.php */ + $html = apply_filters( "{$type}_send_to_editor_url", $html, $src, $link_text ); + + wp_send_json_success( $html ); +} + +/** + * Handles the Heartbeat API via AJAX. + * + * Runs when the user is logged in. + * + * @since 3.6.0 + */ +function wp_ajax_heartbeat() { + if ( empty( $_POST['_nonce'] ) ) { + wp_send_json_error(); + } + + $response = array(); + $data = array(); + $nonce_state = wp_verify_nonce( $_POST['_nonce'], 'heartbeat-nonce' ); + + // 'screen_id' is the same as $current_screen->id and the JS global 'pagenow'. + if ( ! empty( $_POST['screen_id'] ) ) { + $screen_id = sanitize_key( $_POST['screen_id'] ); + } else { + $screen_id = 'front'; + } + + if ( ! empty( $_POST['data'] ) ) { + $data = wp_unslash( (array) $_POST['data'] ); + } + + if ( 1 !== $nonce_state ) { + /** + * Filters the nonces to send to the New/Edit Post screen. + * + * @since 4.3.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + */ + $response = apply_filters( 'wp_refresh_nonces', $response, $data, $screen_id ); + + if ( false === $nonce_state ) { + // User is logged in but nonces have expired. + $response['nonces_expired'] = true; + wp_send_json( $response ); + } + } + + if ( ! empty( $data ) ) { + /** + * Filters the Heartbeat response received. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + */ + $response = apply_filters( 'heartbeat_received', $response, $data, $screen_id ); + } + + /** + * Filters the Heartbeat response sent. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param string $screen_id The screen ID. + */ + $response = apply_filters( 'heartbeat_send', $response, $screen_id ); + + /** + * Fires when Heartbeat ticks in logged-in environments. + * + * Allows the transport to be easily replaced with long-polling. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param string $screen_id The screen ID. + */ + do_action( 'heartbeat_tick', $response, $screen_id ); + + // Send the current time according to the server. + $response['server_time'] = time(); + + wp_send_json( $response ); +} + +/** + * Handles getting revision diffs via AJAX. + * + * @since 3.6.0 + */ +function wp_ajax_get_revision_diffs() { + require ABSPATH . 'wp-admin/includes/revision.php'; + + $post = get_post( (int) $_REQUEST['post_id'] ); + if ( ! $post ) { + wp_send_json_error(); + } + + if ( ! current_user_can( 'edit_post', $post->ID ) ) { + wp_send_json_error(); + } + + // Really just pre-loading the cache here. + $revisions = wp_get_post_revisions( $post->ID, array( 'check_enabled' => false ) ); + if ( ! $revisions ) { + wp_send_json_error(); + } + + $return = array(); + + if ( function_exists( 'set_time_limit' ) ) { + set_time_limit( 0 ); + } + + foreach ( $_REQUEST['compare'] as $compare_key ) { + list( $compare_from, $compare_to ) = explode( ':', $compare_key ); // from:to + + $return[] = array( + 'id' => $compare_key, + 'fields' => wp_get_revision_ui_diff( $post, $compare_from, $compare_to ), + ); + } + wp_send_json_success( $return ); +} + +/** + * Handles auto-saving the selected color scheme for + * a user's own profile via AJAX. + * + * @since 3.8.0 + * + * @global array $_wp_admin_css_colors + */ +function wp_ajax_save_user_color_scheme() { + global $_wp_admin_css_colors; + + check_ajax_referer( 'save-color-scheme', 'nonce' ); + + $color_scheme = sanitize_key( $_POST['color_scheme'] ); + + if ( ! isset( $_wp_admin_css_colors[ $color_scheme ] ) ) { + wp_send_json_error(); + } + + $previous_color_scheme = get_user_meta( get_current_user_id(), 'admin_color', true ); + update_user_meta( get_current_user_id(), 'admin_color', $color_scheme ); + + wp_send_json_success( + array( + 'previousScheme' => 'admin-color-' . $previous_color_scheme, + 'currentScheme' => 'admin-color-' . $color_scheme, + ) + ); +} + +/** + * Handles getting themes from themes_api() via AJAX. + * + * @since 3.9.0 + * + * @global array $themes_allowedtags + * @global array $theme_field_defaults + */ +function wp_ajax_query_themes() { + global $themes_allowedtags, $theme_field_defaults; + + if ( ! current_user_can( 'install_themes' ) ) { + wp_send_json_error(); + } + + $args = wp_parse_args( + wp_unslash( $_REQUEST['request'] ), + array( + 'per_page' => 20, + 'fields' => array_merge( + (array) $theme_field_defaults, + array( + 'reviews_url' => true, // Explicitly request the reviews URL to be linked from the Add Themes screen. + ) + ), + ) + ); + + if ( isset( $args['browse'] ) && 'favorites' === $args['browse'] && ! isset( $args['user'] ) ) { + $user = get_user_option( 'wporg_favorites' ); + if ( $user ) { + $args['user'] = $user; + } + } + + $old_filter = isset( $args['browse'] ) ? $args['browse'] : 'search'; + + /** This filter is documented in wp-admin/includes/class-wp-theme-install-list-table.php */ + $args = apply_filters( 'install_themes_table_api_args_' . $old_filter, $args ); + + $api = themes_api( 'query_themes', $args ); + + if ( is_wp_error( $api ) ) { + wp_send_json_error(); + } + + $update_php = network_admin_url( 'update.php?action=install-theme' ); + + $installed_themes = search_theme_directories(); + + if ( false === $installed_themes ) { + $installed_themes = array(); + } + + foreach ( $installed_themes as $theme_slug => $theme_data ) { + // Ignore child themes. + if ( str_contains( $theme_slug, '/' ) ) { + unset( $installed_themes[ $theme_slug ] ); + } + } + + foreach ( $api->themes as &$theme ) { + $theme->install_url = add_query_arg( + array( + 'theme' => $theme->slug, + '_wpnonce' => wp_create_nonce( 'install-theme_' . $theme->slug ), + ), + $update_php + ); + + if ( current_user_can( 'switch_themes' ) ) { + if ( is_multisite() ) { + $theme->activate_url = add_query_arg( + array( + 'action' => 'enable', + '_wpnonce' => wp_create_nonce( 'enable-theme_' . $theme->slug ), + 'theme' => $theme->slug, + ), + network_admin_url( 'themes.php' ) + ); + } else { + $theme->activate_url = add_query_arg( + array( + 'action' => 'activate', + '_wpnonce' => wp_create_nonce( 'switch-theme_' . $theme->slug ), + 'stylesheet' => $theme->slug, + ), + admin_url( 'themes.php' ) + ); + } + } + + $is_theme_installed = array_key_exists( $theme->slug, $installed_themes ); + + // We only care about installed themes. + $theme->block_theme = $is_theme_installed && wp_get_theme( $theme->slug )->is_block_theme(); + + if ( ! is_multisite() && current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { + $customize_url = $theme->block_theme ? admin_url( 'site-editor.php' ) : wp_customize_url( $theme->slug ); + + $theme->customize_url = add_query_arg( + array( + 'return' => urlencode( network_admin_url( 'theme-install.php', 'relative' ) ), + ), + $customize_url + ); + } + + $theme->name = wp_kses( $theme->name, $themes_allowedtags ); + $theme->author = wp_kses( $theme->author['display_name'], $themes_allowedtags ); + $theme->version = wp_kses( $theme->version, $themes_allowedtags ); + $theme->description = wp_kses( $theme->description, $themes_allowedtags ); + + $theme->stars = wp_star_rating( + array( + 'rating' => $theme->rating, + 'type' => 'percent', + 'number' => $theme->num_ratings, + 'echo' => false, + ) + ); + + $theme->num_ratings = number_format_i18n( $theme->num_ratings ); + $theme->preview_url = set_url_scheme( $theme->preview_url ); + $theme->compatible_wp = is_wp_version_compatible( $theme->requires ); + $theme->compatible_php = is_php_version_compatible( $theme->requires_php ); + } + + wp_send_json_success( $api ); +} + +/** + * Applies [embed] Ajax handlers to a string. + * + * @since 4.0.0 + * + * @global WP_Post $post Global post object. + * @global WP_Embed $wp_embed Embed API instance. + * @global WP_Scripts $wp_scripts + * @global int $content_width + */ +function wp_ajax_parse_embed() { + global $post, $wp_embed, $content_width; + + if ( empty( $_POST['shortcode'] ) ) { + wp_send_json_error(); + } + + $post_id = isset( $_POST['post_ID'] ) ? (int) $_POST['post_ID'] : 0; + + if ( $post_id > 0 ) { + $post = get_post( $post_id ); + + if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) { + wp_send_json_error(); + } + setup_postdata( $post ); + } elseif ( ! current_user_can( 'edit_posts' ) ) { // See WP_oEmbed_Controller::get_proxy_item_permissions_check(). + wp_send_json_error(); + } + + $shortcode = wp_unslash( $_POST['shortcode'] ); + + preg_match( '/' . get_shortcode_regex() . '/s', $shortcode, $matches ); + $atts = shortcode_parse_atts( $matches[3] ); + + if ( ! empty( $matches[5] ) ) { + $url = $matches[5]; + } elseif ( ! empty( $atts['src'] ) ) { + $url = $atts['src']; + } else { + $url = ''; + } + + $parsed = false; + $wp_embed->return_false_on_fail = true; + + if ( 0 === $post_id ) { + /* + * Refresh oEmbeds cached outside of posts that are past their TTL. + * Posts are excluded because they have separate logic for refreshing + * their post meta caches. See WP_Embed::cache_oembed(). + */ + $wp_embed->usecache = false; + } + + if ( is_ssl() && str_starts_with( $url, 'http://' ) ) { + /* + * Admin is ssl and the user pasted non-ssl URL. + * Check if the provider supports ssl embeds and use that for the preview. + */ + $ssl_shortcode = preg_replace( '%^(\\[embed[^\\]]*\\])http://%i', '$1https://', $shortcode ); + $parsed = $wp_embed->run_shortcode( $ssl_shortcode ); + + if ( ! $parsed ) { + $no_ssl_support = true; + } + } + + // Set $content_width so any embeds fit in the destination iframe. + if ( isset( $_POST['maxwidth'] ) && is_numeric( $_POST['maxwidth'] ) && $_POST['maxwidth'] > 0 ) { + if ( ! isset( $content_width ) ) { + $content_width = (int) $_POST['maxwidth']; + } else { + $content_width = min( $content_width, (int) $_POST['maxwidth'] ); + } + } + + if ( $url && ! $parsed ) { + $parsed = $wp_embed->run_shortcode( $shortcode ); + } + + if ( ! $parsed ) { + wp_send_json_error( + array( + 'type' => 'not-embeddable', + /* translators: %s: URL that could not be embedded. */ + 'message' => sprintf( __( '%s failed to embed.' ), '<code>' . esc_html( $url ) . '</code>' ), + ) + ); + } + + if ( has_shortcode( $parsed, 'audio' ) || has_shortcode( $parsed, 'video' ) ) { + $styles = ''; + $mce_styles = wpview_media_sandbox_styles(); + + foreach ( $mce_styles as $style ) { + $styles .= sprintf( '<link rel="stylesheet" href="%s" />', $style ); + } + + $html = do_shortcode( $parsed ); + + global $wp_scripts; + + if ( ! empty( $wp_scripts ) ) { + $wp_scripts->done = array(); + } + + ob_start(); + wp_print_scripts( array( 'mediaelement-vimeo', 'wp-mediaelement' ) ); + $scripts = ob_get_clean(); + + $parsed = $styles . $html . $scripts; + } + + if ( ! empty( $no_ssl_support ) || ( is_ssl() && ( preg_match( '%<(iframe|script|embed) [^>]*src="http://%', $parsed ) || + preg_match( '%<link [^>]*href="http://%', $parsed ) ) ) ) { + // Admin is ssl and the embed is not. Iframes, scripts, and other "active content" will be blocked. + wp_send_json_error( + array( + 'type' => 'not-ssl', + 'message' => __( 'This preview is unavailable in the editor.' ), + ) + ); + } + + $return = array( + 'body' => $parsed, + 'attr' => $wp_embed->last_attr, + ); + + if ( str_contains( $parsed, 'class="wp-embedded-content' ) ) { + if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) { + $script_src = includes_url( 'js/wp-embed.js' ); + } else { + $script_src = includes_url( 'js/wp-embed.min.js' ); + } + + $return['head'] = '<script src="' . $script_src . '"></script>'; + $return['sandbox'] = true; + } + + wp_send_json_success( $return ); +} + +/** + * @since 4.0.0 + * + * @global WP_Post $post Global post object. + * @global WP_Scripts $wp_scripts + */ +function wp_ajax_parse_media_shortcode() { + global $post, $wp_scripts; + + if ( empty( $_POST['shortcode'] ) ) { + wp_send_json_error(); + } + + $shortcode = wp_unslash( $_POST['shortcode'] ); + + // Only process previews for media related shortcodes: + $found_shortcodes = get_shortcode_tags_in_content( $shortcode ); + $media_shortcodes = array( + 'audio', + 'embed', + 'playlist', + 'video', + 'gallery', + ); + + $other_shortcodes = array_diff( $found_shortcodes, $media_shortcodes ); + + if ( ! empty( $other_shortcodes ) ) { + wp_send_json_error(); + } + + if ( ! empty( $_POST['post_ID'] ) ) { + $post = get_post( (int) $_POST['post_ID'] ); + } + + // The embed shortcode requires a post. + if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) { + if ( in_array( 'embed', $found_shortcodes, true ) ) { + wp_send_json_error(); + } + } else { + setup_postdata( $post ); + } + + $parsed = do_shortcode( $shortcode ); + + if ( empty( $parsed ) ) { + wp_send_json_error( + array( + 'type' => 'no-items', + 'message' => __( 'No items found.' ), + ) + ); + } + + $head = ''; + $styles = wpview_media_sandbox_styles(); + + foreach ( $styles as $style ) { + $head .= '<link type="text/css" rel="stylesheet" href="' . $style . '">'; + } + + if ( ! empty( $wp_scripts ) ) { + $wp_scripts->done = array(); + } + + ob_start(); + + echo $parsed; + + if ( 'playlist' === $_REQUEST['type'] ) { + wp_underscore_playlist_templates(); + + wp_print_scripts( 'wp-playlist' ); + } else { + wp_print_scripts( array( 'mediaelement-vimeo', 'wp-mediaelement' ) ); + } + + wp_send_json_success( + array( + 'head' => $head, + 'body' => ob_get_clean(), + ) + ); +} + +/** + * Handles destroying multiple open sessions for a user via AJAX. + * + * @since 4.1.0 + */ +function wp_ajax_destroy_sessions() { + $user = get_userdata( (int) $_POST['user_id'] ); + + if ( $user ) { + if ( ! current_user_can( 'edit_user', $user->ID ) ) { + $user = false; + } elseif ( ! wp_verify_nonce( $_POST['nonce'], 'update-user_' . $user->ID ) ) { + $user = false; + } + } + + if ( ! $user ) { + wp_send_json_error( + array( + 'message' => __( 'Could not log out user sessions. Please try again.' ), + ) + ); + } + + $sessions = WP_Session_Tokens::get_instance( $user->ID ); + + if ( get_current_user_id() === $user->ID ) { + $sessions->destroy_others( wp_get_session_token() ); + $message = __( 'You are now logged out everywhere else.' ); + } else { + $sessions->destroy_all(); + /* translators: %s: User's display name. */ + $message = sprintf( __( '%s has been logged out.' ), $user->display_name ); + } + + wp_send_json_success( array( 'message' => $message ) ); +} + +/** + * Handles cropping an image via AJAX. + * + * @since 4.3.0 + */ +function wp_ajax_crop_image() { + $attachment_id = absint( $_POST['id'] ); + + check_ajax_referer( 'image_editor-' . $attachment_id, 'nonce' ); + + if ( empty( $attachment_id ) || ! current_user_can( 'edit_post', $attachment_id ) ) { + wp_send_json_error(); + } + + $context = str_replace( '_', '-', $_POST['context'] ); + $data = array_map( 'absint', $_POST['cropDetails'] ); + $cropped = wp_crop_image( $attachment_id, $data['x1'], $data['y1'], $data['width'], $data['height'], $data['dst_width'], $data['dst_height'] ); + + if ( ! $cropped || is_wp_error( $cropped ) ) { + wp_send_json_error( array( 'message' => __( 'Image could not be processed.' ) ) ); + } + + switch ( $context ) { + case 'site-icon': + require_once ABSPATH . 'wp-admin/includes/class-wp-site-icon.php'; + $wp_site_icon = new WP_Site_Icon(); + + // Skip creating a new attachment if the attachment is a Site Icon. + if ( get_post_meta( $attachment_id, '_wp_attachment_context', true ) == $context ) { + + // Delete the temporary cropped file, we don't need it. + wp_delete_file( $cropped ); + + // Additional sizes in wp_prepare_attachment_for_js(). + add_filter( 'image_size_names_choose', array( $wp_site_icon, 'additional_sizes' ) ); + break; + } + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $cropped = apply_filters( 'wp_create_file_in_uploads', $cropped, $attachment_id ); // For replication. + $attachment = $wp_site_icon->create_attachment_object( $cropped, $attachment_id ); + unset( $attachment['ID'] ); + + // Update the attachment. + add_filter( 'intermediate_image_sizes_advanced', array( $wp_site_icon, 'additional_sizes' ) ); + $attachment_id = $wp_site_icon->insert_attachment( $attachment, $cropped ); + remove_filter( 'intermediate_image_sizes_advanced', array( $wp_site_icon, 'additional_sizes' ) ); + + // Additional sizes in wp_prepare_attachment_for_js(). + add_filter( 'image_size_names_choose', array( $wp_site_icon, 'additional_sizes' ) ); + break; + + default: + /** + * Fires before a cropped image is saved. + * + * Allows to add filters to modify the way a cropped image is saved. + * + * @since 4.3.0 + * + * @param string $context The Customizer control requesting the cropped image. + * @param int $attachment_id The attachment ID of the original image. + * @param string $cropped Path to the cropped image file. + */ + do_action( 'wp_ajax_crop_image_pre_save', $context, $attachment_id, $cropped ); + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $cropped = apply_filters( 'wp_create_file_in_uploads', $cropped, $attachment_id ); // For replication. + + $parent_url = wp_get_attachment_url( $attachment_id ); + $parent_basename = wp_basename( $parent_url ); + $url = str_replace( $parent_basename, wp_basename( $cropped ), $parent_url ); + + $size = wp_getimagesize( $cropped ); + $image_type = ( $size ) ? $size['mime'] : 'image/jpeg'; + + // Get the original image's post to pre-populate the cropped image. + $original_attachment = get_post( $attachment_id ); + $sanitized_post_title = sanitize_file_name( $original_attachment->post_title ); + $use_original_title = ( + ( '' !== trim( $original_attachment->post_title ) ) && + /* + * Check if the original image has a title other than the "filename" default, + * meaning the image had a title when originally uploaded or its title was edited. + */ + ( $parent_basename !== $sanitized_post_title ) && + ( pathinfo( $parent_basename, PATHINFO_FILENAME ) !== $sanitized_post_title ) + ); + $use_original_description = ( '' !== trim( $original_attachment->post_content ) ); + + $attachment = array( + 'post_title' => $use_original_title ? $original_attachment->post_title : wp_basename( $cropped ), + 'post_content' => $use_original_description ? $original_attachment->post_content : $url, + 'post_mime_type' => $image_type, + 'guid' => $url, + 'context' => $context, + ); + + // Copy the image caption attribute (post_excerpt field) from the original image. + if ( '' !== trim( $original_attachment->post_excerpt ) ) { + $attachment['post_excerpt'] = $original_attachment->post_excerpt; + } + + // Copy the image alt text attribute from the original image. + if ( '' !== trim( $original_attachment->_wp_attachment_image_alt ) ) { + $attachment['meta_input'] = array( + '_wp_attachment_image_alt' => wp_slash( $original_attachment->_wp_attachment_image_alt ), + ); + } + + $attachment_id = wp_insert_attachment( $attachment, $cropped ); + $metadata = wp_generate_attachment_metadata( $attachment_id, $cropped ); + + /** + * Filters the cropped image attachment metadata. + * + * @since 4.3.0 + * + * @see wp_generate_attachment_metadata() + * + * @param array $metadata Attachment metadata. + */ + $metadata = apply_filters( 'wp_ajax_cropped_attachment_metadata', $metadata ); + wp_update_attachment_metadata( $attachment_id, $metadata ); + + /** + * Filters the attachment ID for a cropped image. + * + * @since 4.3.0 + * + * @param int $attachment_id The attachment ID of the cropped image. + * @param string $context The Customizer control requesting the cropped image. + */ + $attachment_id = apply_filters( 'wp_ajax_cropped_attachment_id', $attachment_id, $context ); + } + + wp_send_json_success( wp_prepare_attachment_for_js( $attachment_id ) ); +} + +/** + * Handles generating a password via AJAX. + * + * @since 4.4.0 + */ +function wp_ajax_generate_password() { + wp_send_json_success( wp_generate_password( 24 ) ); +} + +/** + * Handles generating a password in the no-privilege context via AJAX. + * + * @since 5.7.0 + */ +function wp_ajax_nopriv_generate_password() { + wp_send_json_success( wp_generate_password( 24 ) ); +} + +/** + * Handles saving the user's WordPress.org username via AJAX. + * + * @since 4.4.0 + */ +function wp_ajax_save_wporg_username() { + if ( ! current_user_can( 'install_themes' ) && ! current_user_can( 'install_plugins' ) ) { + wp_send_json_error(); + } + + check_ajax_referer( 'save_wporg_username_' . get_current_user_id() ); + + $username = isset( $_REQUEST['username'] ) ? wp_unslash( $_REQUEST['username'] ) : false; + + if ( ! $username ) { + wp_send_json_error(); + } + + wp_send_json_success( update_user_meta( get_current_user_id(), 'wporg_favorites', $username ) ); +} + +/** + * Handles installing a theme via AJAX. + * + * @since 4.6.0 + * + * @see Theme_Upgrader + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_install_theme() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['slug'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_theme_specified', + 'errorMessage' => __( 'No theme specified.' ), + ) + ); + } + + $slug = sanitize_key( wp_unslash( $_POST['slug'] ) ); + + $status = array( + 'install' => 'theme', + 'slug' => $slug, + ); + + if ( ! current_user_can( 'install_themes' ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to install themes on this site.' ); + wp_send_json_error( $status ); + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + require_once ABSPATH . 'wp-admin/includes/theme.php'; + + $api = themes_api( + 'theme_information', + array( + 'slug' => $slug, + 'fields' => array( 'sections' => false ), + ) + ); + + if ( is_wp_error( $api ) ) { + $status['errorMessage'] = $api->get_error_message(); + wp_send_json_error( $status ); + } + + $skin = new WP_Ajax_Upgrader_Skin(); + $upgrader = new Theme_Upgrader( $skin ); + $result = $upgrader->install( $api->download_link ); + + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + $status['debug'] = $skin->get_upgrade_messages(); + } + + if ( is_wp_error( $result ) ) { + $status['errorCode'] = $result->get_error_code(); + $status['errorMessage'] = $result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( is_wp_error( $skin->result ) ) { + $status['errorCode'] = $skin->result->get_error_code(); + $status['errorMessage'] = $skin->result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( $skin->get_errors()->has_errors() ) { + $status['errorMessage'] = $skin->get_error_messages(); + wp_send_json_error( $status ); + } elseif ( is_null( $result ) ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + $status['themeName'] = wp_get_theme( $slug )->get( 'Name' ); + + if ( current_user_can( 'switch_themes' ) ) { + if ( is_multisite() ) { + $status['activateUrl'] = add_query_arg( + array( + 'action' => 'enable', + '_wpnonce' => wp_create_nonce( 'enable-theme_' . $slug ), + 'theme' => $slug, + ), + network_admin_url( 'themes.php' ) + ); + } else { + $status['activateUrl'] = add_query_arg( + array( + 'action' => 'activate', + '_wpnonce' => wp_create_nonce( 'switch-theme_' . $slug ), + 'stylesheet' => $slug, + ), + admin_url( 'themes.php' ) + ); + } + } + + $theme = wp_get_theme( $slug ); + $status['blockTheme'] = $theme->is_block_theme(); + + if ( ! is_multisite() && current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { + $status['customizeUrl'] = add_query_arg( + array( + 'return' => urlencode( network_admin_url( 'theme-install.php', 'relative' ) ), + ), + wp_customize_url( $slug ) + ); + } + + /* + * See WP_Theme_Install_List_Table::_get_theme_status() if we wanted to check + * on post-installation status. + */ + wp_send_json_success( $status ); +} + +/** + * Handles updating a theme via AJAX. + * + * @since 4.6.0 + * + * @see Theme_Upgrader + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_update_theme() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['slug'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_theme_specified', + 'errorMessage' => __( 'No theme specified.' ), + ) + ); + } + + $stylesheet = preg_replace( '/[^A-z0-9_\-]/', '', wp_unslash( $_POST['slug'] ) ); + $status = array( + 'update' => 'theme', + 'slug' => $stylesheet, + 'oldVersion' => '', + 'newVersion' => '', + ); + + if ( ! current_user_can( 'update_themes' ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to update themes for this site.' ); + wp_send_json_error( $status ); + } + + $theme = wp_get_theme( $stylesheet ); + if ( $theme->exists() ) { + $status['oldVersion'] = $theme->get( 'Version' ); + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + + $current = get_site_transient( 'update_themes' ); + if ( empty( $current ) ) { + wp_update_themes(); + } + + $skin = new WP_Ajax_Upgrader_Skin(); + $upgrader = new Theme_Upgrader( $skin ); + $result = $upgrader->bulk_upgrade( array( $stylesheet ) ); + + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + $status['debug'] = $skin->get_upgrade_messages(); + } + + if ( is_wp_error( $skin->result ) ) { + $status['errorCode'] = $skin->result->get_error_code(); + $status['errorMessage'] = $skin->result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( $skin->get_errors()->has_errors() ) { + $status['errorMessage'] = $skin->get_error_messages(); + wp_send_json_error( $status ); + } elseif ( is_array( $result ) && ! empty( $result[ $stylesheet ] ) ) { + + // Theme is already at the latest version. + if ( true === $result[ $stylesheet ] ) { + $status['errorMessage'] = $upgrader->strings['up_to_date']; + wp_send_json_error( $status ); + } + + $theme = wp_get_theme( $stylesheet ); + if ( $theme->exists() ) { + $status['newVersion'] = $theme->get( 'Version' ); + } + + wp_send_json_success( $status ); + } elseif ( false === $result ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + // An unhandled error occurred. + $status['errorMessage'] = __( 'Theme update failed.' ); + wp_send_json_error( $status ); +} + +/** + * Handles deleting a theme via AJAX. + * + * @since 4.6.0 + * + * @see delete_theme() + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_delete_theme() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['slug'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_theme_specified', + 'errorMessage' => __( 'No theme specified.' ), + ) + ); + } + + $stylesheet = preg_replace( '/[^A-z0-9_\-]/', '', wp_unslash( $_POST['slug'] ) ); + $status = array( + 'delete' => 'theme', + 'slug' => $stylesheet, + ); + + if ( ! current_user_can( 'delete_themes' ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to delete themes on this site.' ); + wp_send_json_error( $status ); + } + + if ( ! wp_get_theme( $stylesheet )->exists() ) { + $status['errorMessage'] = __( 'The requested theme does not exist.' ); + wp_send_json_error( $status ); + } + + // Check filesystem credentials. `delete_theme()` will bail otherwise. + $url = wp_nonce_url( 'themes.php?action=delete&stylesheet=' . urlencode( $stylesheet ), 'delete-theme_' . $stylesheet ); + + ob_start(); + $credentials = request_filesystem_credentials( $url ); + ob_end_clean(); + + if ( false === $credentials || ! WP_Filesystem( $credentials ) ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + require_once ABSPATH . 'wp-admin/includes/theme.php'; + + $result = delete_theme( $stylesheet ); + + if ( is_wp_error( $result ) ) { + $status['errorMessage'] = $result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( false === $result ) { + $status['errorMessage'] = __( 'Theme could not be deleted.' ); + wp_send_json_error( $status ); + } + + wp_send_json_success( $status ); +} + +/** + * Handles installing a plugin via AJAX. + * + * @since 4.6.0 + * + * @see Plugin_Upgrader + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_install_plugin() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['slug'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_plugin_specified', + 'errorMessage' => __( 'No plugin specified.' ), + ) + ); + } + + $status = array( + 'install' => 'plugin', + 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ), + ); + + if ( ! current_user_can( 'install_plugins' ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to install plugins on this site.' ); + wp_send_json_error( $status ); + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; + + $api = plugins_api( + 'plugin_information', + array( + 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ), + 'fields' => array( + 'sections' => false, + ), + ) + ); + + if ( is_wp_error( $api ) ) { + $status['errorMessage'] = $api->get_error_message(); + wp_send_json_error( $status ); + } + + $status['pluginName'] = $api->name; + + $skin = new WP_Ajax_Upgrader_Skin(); + $upgrader = new Plugin_Upgrader( $skin ); + $result = $upgrader->install( $api->download_link ); + + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + $status['debug'] = $skin->get_upgrade_messages(); + } + + if ( is_wp_error( $result ) ) { + $status['errorCode'] = $result->get_error_code(); + $status['errorMessage'] = $result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( is_wp_error( $skin->result ) ) { + $status['errorCode'] = $skin->result->get_error_code(); + $status['errorMessage'] = $skin->result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( $skin->get_errors()->has_errors() ) { + $status['errorMessage'] = $skin->get_error_messages(); + wp_send_json_error( $status ); + } elseif ( is_null( $result ) ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + $install_status = install_plugin_install_status( $api ); + $pagenow = isset( $_POST['pagenow'] ) ? sanitize_key( $_POST['pagenow'] ) : ''; + + // If installation request is coming from import page, do not return network activation link. + $plugins_url = ( 'import' === $pagenow ) ? admin_url( 'plugins.php' ) : network_admin_url( 'plugins.php' ); + + if ( current_user_can( 'activate_plugin', $install_status['file'] ) && is_plugin_inactive( $install_status['file'] ) ) { + $status['activateUrl'] = add_query_arg( + array( + '_wpnonce' => wp_create_nonce( 'activate-plugin_' . $install_status['file'] ), + 'action' => 'activate', + 'plugin' => $install_status['file'], + ), + $plugins_url + ); + } + + if ( is_multisite() && current_user_can( 'manage_network_plugins' ) && 'import' !== $pagenow ) { + $status['activateUrl'] = add_query_arg( array( 'networkwide' => 1 ), $status['activateUrl'] ); + } + + wp_send_json_success( $status ); +} + +/** + * Handles updating a plugin via AJAX. + * + * @since 4.2.0 + * + * @see Plugin_Upgrader + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_update_plugin() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['plugin'] ) || empty( $_POST['slug'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_plugin_specified', + 'errorMessage' => __( 'No plugin specified.' ), + ) + ); + } + + $plugin = plugin_basename( sanitize_text_field( wp_unslash( $_POST['plugin'] ) ) ); + + $status = array( + 'update' => 'plugin', + 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ), + 'oldVersion' => '', + 'newVersion' => '', + ); + + if ( ! current_user_can( 'update_plugins' ) || 0 !== validate_file( $plugin ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to update plugins for this site.' ); + wp_send_json_error( $status ); + } + + $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin ); + $status['plugin'] = $plugin; + $status['pluginName'] = $plugin_data['Name']; + + if ( $plugin_data['Version'] ) { + /* translators: %s: Plugin version. */ + $status['oldVersion'] = sprintf( __( 'Version %s' ), $plugin_data['Version'] ); + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + + wp_update_plugins(); + + $skin = new WP_Ajax_Upgrader_Skin(); + $upgrader = new Plugin_Upgrader( $skin ); + $result = $upgrader->bulk_upgrade( array( $plugin ) ); + + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + $status['debug'] = $skin->get_upgrade_messages(); + } + + if ( is_wp_error( $skin->result ) ) { + $status['errorCode'] = $skin->result->get_error_code(); + $status['errorMessage'] = $skin->result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( $skin->get_errors()->has_errors() ) { + $status['errorMessage'] = $skin->get_error_messages(); + wp_send_json_error( $status ); + } elseif ( is_array( $result ) && ! empty( $result[ $plugin ] ) ) { + + /* + * Plugin is already at the latest version. + * + * This may also be the return value if the `update_plugins` site transient is empty, + * e.g. when you update two plugins in quick succession before the transient repopulates. + * + * Preferably something can be done to ensure `update_plugins` isn't empty. + * For now, surface some sort of error here. + */ + if ( true === $result[ $plugin ] ) { + $status['errorMessage'] = $upgrader->strings['up_to_date']; + wp_send_json_error( $status ); + } + + $plugin_data = get_plugins( '/' . $result[ $plugin ]['destination_name'] ); + $plugin_data = reset( $plugin_data ); + + if ( $plugin_data['Version'] ) { + /* translators: %s: Plugin version. */ + $status['newVersion'] = sprintf( __( 'Version %s' ), $plugin_data['Version'] ); + } + + wp_send_json_success( $status ); + } elseif ( false === $result ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + // An unhandled error occurred. + $status['errorMessage'] = __( 'Plugin update failed.' ); + wp_send_json_error( $status ); +} + +/** + * Handles deleting a plugin via AJAX. + * + * @since 4.6.0 + * + * @see delete_plugins() + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + */ +function wp_ajax_delete_plugin() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['slug'] ) || empty( $_POST['plugin'] ) ) { + wp_send_json_error( + array( + 'slug' => '', + 'errorCode' => 'no_plugin_specified', + 'errorMessage' => __( 'No plugin specified.' ), + ) + ); + } + + $plugin = plugin_basename( sanitize_text_field( wp_unslash( $_POST['plugin'] ) ) ); + + $status = array( + 'delete' => 'plugin', + 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ), + ); + + if ( ! current_user_can( 'delete_plugins' ) || 0 !== validate_file( $plugin ) ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to delete plugins for this site.' ); + wp_send_json_error( $status ); + } + + $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin ); + $status['plugin'] = $plugin; + $status['pluginName'] = $plugin_data['Name']; + + if ( is_plugin_active( $plugin ) ) { + $status['errorMessage'] = __( 'You cannot delete a plugin while it is active on the main site.' ); + wp_send_json_error( $status ); + } + + // Check filesystem credentials. `delete_plugins()` will bail otherwise. + $url = wp_nonce_url( 'plugins.php?action=delete-selected&verify-delete=1&checked[]=' . $plugin, 'bulk-plugins' ); + + ob_start(); + $credentials = request_filesystem_credentials( $url ); + ob_end_clean(); + + if ( false === $credentials || ! WP_Filesystem( $credentials ) ) { + global $wp_filesystem; + + $status['errorCode'] = 'unable_to_connect_to_filesystem'; + $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + + // Pass through the error from WP_Filesystem if one was raised. + if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() ); + } + + wp_send_json_error( $status ); + } + + $result = delete_plugins( array( $plugin ) ); + + if ( is_wp_error( $result ) ) { + $status['errorMessage'] = $result->get_error_message(); + wp_send_json_error( $status ); + } elseif ( false === $result ) { + $status['errorMessage'] = __( 'Plugin could not be deleted.' ); + wp_send_json_error( $status ); + } + + wp_send_json_success( $status ); +} + +/** + * Handles searching plugins via AJAX. + * + * @since 4.6.0 + * + * @global string $s Search term. + */ +function wp_ajax_search_plugins() { + check_ajax_referer( 'updates' ); + + // Ensure after_plugin_row_{$plugin_file} gets hooked. + wp_plugin_update_rows(); + + $pagenow = isset( $_POST['pagenow'] ) ? sanitize_key( $_POST['pagenow'] ) : ''; + if ( 'plugins-network' === $pagenow || 'plugins' === $pagenow ) { + set_current_screen( $pagenow ); + } + + /** @var WP_Plugins_List_Table $wp_list_table */ + $wp_list_table = _get_list_table( + 'WP_Plugins_List_Table', + array( + 'screen' => get_current_screen(), + ) + ); + + $status = array(); + + if ( ! $wp_list_table->ajax_user_can() ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to manage plugins for this site.' ); + wp_send_json_error( $status ); + } + + // Set the correct requester, so pagination works. + $_SERVER['REQUEST_URI'] = add_query_arg( + array_diff_key( + $_POST, + array( + '_ajax_nonce' => null, + 'action' => null, + ) + ), + network_admin_url( 'plugins.php', 'relative' ) + ); + + $GLOBALS['s'] = wp_unslash( $_POST['s'] ); + + $wp_list_table->prepare_items(); + + ob_start(); + $wp_list_table->display(); + $status['count'] = count( $wp_list_table->items ); + $status['items'] = ob_get_clean(); + + wp_send_json_success( $status ); +} + +/** + * Handles searching plugins to install via AJAX. + * + * @since 4.6.0 + */ +function wp_ajax_search_install_plugins() { + check_ajax_referer( 'updates' ); + + $pagenow = isset( $_POST['pagenow'] ) ? sanitize_key( $_POST['pagenow'] ) : ''; + if ( 'plugin-install-network' === $pagenow || 'plugin-install' === $pagenow ) { + set_current_screen( $pagenow ); + } + + /** @var WP_Plugin_Install_List_Table $wp_list_table */ + $wp_list_table = _get_list_table( + 'WP_Plugin_Install_List_Table', + array( + 'screen' => get_current_screen(), + ) + ); + + $status = array(); + + if ( ! $wp_list_table->ajax_user_can() ) { + $status['errorMessage'] = __( 'Sorry, you are not allowed to manage plugins for this site.' ); + wp_send_json_error( $status ); + } + + // Set the correct requester, so pagination works. + $_SERVER['REQUEST_URI'] = add_query_arg( + array_diff_key( + $_POST, + array( + '_ajax_nonce' => null, + 'action' => null, + ) + ), + network_admin_url( 'plugin-install.php', 'relative' ) + ); + + $wp_list_table->prepare_items(); + + ob_start(); + $wp_list_table->display(); + $status['count'] = (int) $wp_list_table->get_pagination_arg( 'total_items' ); + $status['items'] = ob_get_clean(); + + wp_send_json_success( $status ); +} + +/** + * Handles editing a theme or plugin file via AJAX. + * + * @since 4.9.0 + * + * @see wp_edit_theme_plugin_file() + */ +function wp_ajax_edit_theme_plugin_file() { + $r = wp_edit_theme_plugin_file( wp_unslash( $_POST ) ); // Validation of args is done in wp_edit_theme_plugin_file(). + + if ( is_wp_error( $r ) ) { + wp_send_json_error( + array_merge( + array( + 'code' => $r->get_error_code(), + 'message' => $r->get_error_message(), + ), + (array) $r->get_error_data() + ) + ); + } else { + wp_send_json_success( + array( + 'message' => __( 'File edited successfully.' ), + ) + ); + } +} + +/** + * Handles exporting a user's personal data via AJAX. + * + * @since 4.9.6 + */ +function wp_ajax_wp_privacy_export_personal_data() { + + if ( empty( $_POST['id'] ) ) { + wp_send_json_error( __( 'Missing request ID.' ) ); + } + + $request_id = (int) $_POST['id']; + + if ( $request_id < 1 ) { + wp_send_json_error( __( 'Invalid request ID.' ) ); + } + + if ( ! current_user_can( 'export_others_personal_data' ) ) { + wp_send_json_error( __( 'Sorry, you are not allowed to perform this action.' ) ); + } + + check_ajax_referer( 'wp-privacy-export-personal-data-' . $request_id, 'security' ); + + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'export_personal_data' !== $request->action_name ) { + wp_send_json_error( __( 'Invalid request type.' ) ); + } + + $email_address = $request->email; + if ( ! is_email( $email_address ) ) { + wp_send_json_error( __( 'A valid email address must be given.' ) ); + } + + if ( ! isset( $_POST['exporter'] ) ) { + wp_send_json_error( __( 'Missing exporter index.' ) ); + } + + $exporter_index = (int) $_POST['exporter']; + + if ( ! isset( $_POST['page'] ) ) { + wp_send_json_error( __( 'Missing page index.' ) ); + } + + $page = (int) $_POST['page']; + + $send_as_email = isset( $_POST['sendAsEmail'] ) ? ( 'true' === $_POST['sendAsEmail'] ) : false; + + /** + * Filters the array of exporter callbacks. + * + * @since 4.9.6 + * + * @param array $args { + * An array of callable exporters of personal data. Default empty array. + * + * @type array ...$0 { + * Array of personal data exporters. + * + * @type callable $callback Callable exporter function that accepts an + * email address and a page number and returns an + * array of name => value pairs of personal data. + * @type string $exporter_friendly_name Translated user facing friendly name for the + * exporter. + * } + * } + */ + $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); + + if ( ! is_array( $exporters ) ) { + wp_send_json_error( __( 'An exporter has improperly used the registration filter.' ) ); + } + + // Do we have any registered exporters? + if ( 0 < count( $exporters ) ) { + if ( $exporter_index < 1 ) { + wp_send_json_error( __( 'Exporter index cannot be negative.' ) ); + } + + if ( $exporter_index > count( $exporters ) ) { + wp_send_json_error( __( 'Exporter index is out of range.' ) ); + } + + if ( $page < 1 ) { + wp_send_json_error( __( 'Page index cannot be less than one.' ) ); + } + + $exporter_keys = array_keys( $exporters ); + $exporter_key = $exporter_keys[ $exporter_index - 1 ]; + $exporter = $exporters[ $exporter_key ]; + + if ( ! is_array( $exporter ) ) { + wp_send_json_error( + /* translators: %s: Exporter array index. */ + sprintf( __( 'Expected an array describing the exporter at index %s.' ), $exporter_key ) + ); + } + + if ( ! array_key_exists( 'exporter_friendly_name', $exporter ) ) { + wp_send_json_error( + /* translators: %s: Exporter array index. */ + sprintf( __( 'Exporter array at index %s does not include a friendly name.' ), $exporter_key ) + ); + } + + $exporter_friendly_name = $exporter['exporter_friendly_name']; + + if ( ! array_key_exists( 'callback', $exporter ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Exporter does not include a callback: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + + if ( ! is_callable( $exporter['callback'] ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Exporter callback is not a valid callback: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + + $callback = $exporter['callback']; + $response = call_user_func( $callback, $email_address, $page ); + + if ( is_wp_error( $response ) ) { + wp_send_json_error( $response ); + } + + if ( ! is_array( $response ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Expected response as an array from exporter: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + + if ( ! array_key_exists( 'data', $response ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Expected data in response array from exporter: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + + if ( ! is_array( $response['data'] ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Expected data array in response array from exporter: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + + if ( ! array_key_exists( 'done', $response ) ) { + wp_send_json_error( + /* translators: %s: Exporter friendly name. */ + sprintf( __( 'Expected done (boolean) in response array from exporter: %s.' ), esc_html( $exporter_friendly_name ) ) + ); + } + } else { + // No exporters, so we're done. + $exporter_key = ''; + + $response = array( + 'data' => array(), + 'done' => true, + ); + } + + /** + * Filters a page of personal data exporter data. Used to build the export report. + * + * Allows the export response to be consumed by destinations in addition to Ajax. + * + * @since 4.9.6 + * + * @param array $response The personal data for the given exporter and page number. + * @param int $exporter_index The index of the exporter that provided this data. + * @param string $email_address The email address associated with this personal data. + * @param int $page The page number for this response. + * @param int $request_id The privacy request post ID associated with this request. + * @param bool $send_as_email Whether the final results of the export should be emailed to the user. + * @param string $exporter_key The key (slug) of the exporter that provided this data. + */ + $response = apply_filters( 'wp_privacy_personal_data_export_page', $response, $exporter_index, $email_address, $page, $request_id, $send_as_email, $exporter_key ); + + if ( is_wp_error( $response ) ) { + wp_send_json_error( $response ); + } + + wp_send_json_success( $response ); +} + +/** + * Handles erasing personal data via AJAX. + * + * @since 4.9.6 + */ +function wp_ajax_wp_privacy_erase_personal_data() { + + if ( empty( $_POST['id'] ) ) { + wp_send_json_error( __( 'Missing request ID.' ) ); + } + + $request_id = (int) $_POST['id']; + + if ( $request_id < 1 ) { + wp_send_json_error( __( 'Invalid request ID.' ) ); + } + + // Both capabilities are required to avoid confusion, see `_wp_personal_data_removal_page()`. + if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) { + wp_send_json_error( __( 'Sorry, you are not allowed to perform this action.' ) ); + } + + check_ajax_referer( 'wp-privacy-erase-personal-data-' . $request_id, 'security' ); + + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'remove_personal_data' !== $request->action_name ) { + wp_send_json_error( __( 'Invalid request type.' ) ); + } + + $email_address = $request->email; + + if ( ! is_email( $email_address ) ) { + wp_send_json_error( __( 'Invalid email address in request.' ) ); + } + + if ( ! isset( $_POST['eraser'] ) ) { + wp_send_json_error( __( 'Missing eraser index.' ) ); + } + + $eraser_index = (int) $_POST['eraser']; + + if ( ! isset( $_POST['page'] ) ) { + wp_send_json_error( __( 'Missing page index.' ) ); + } + + $page = (int) $_POST['page']; + + /** + * Filters the array of personal data eraser callbacks. + * + * @since 4.9.6 + * + * @param array $args { + * An array of callable erasers of personal data. Default empty array. + * + * @type array ...$0 { + * Array of personal data exporters. + * + * @type callable $callback Callable eraser that accepts an email address and a page + * number, and returns an array with boolean values for + * whether items were removed or retained and any messages + * from the eraser, as well as if additional pages are + * available. + * @type string $exporter_friendly_name Translated user facing friendly name for the eraser. + * } + * } + */ + $erasers = apply_filters( 'wp_privacy_personal_data_erasers', array() ); + + // Do we have any registered erasers? + if ( 0 < count( $erasers ) ) { + + if ( $eraser_index < 1 ) { + wp_send_json_error( __( 'Eraser index cannot be less than one.' ) ); + } + + if ( $eraser_index > count( $erasers ) ) { + wp_send_json_error( __( 'Eraser index is out of range.' ) ); + } + + if ( $page < 1 ) { + wp_send_json_error( __( 'Page index cannot be less than one.' ) ); + } + + $eraser_keys = array_keys( $erasers ); + $eraser_key = $eraser_keys[ $eraser_index - 1 ]; + $eraser = $erasers[ $eraser_key ]; + + if ( ! is_array( $eraser ) ) { + /* translators: %d: Eraser array index. */ + wp_send_json_error( sprintf( __( 'Expected an array describing the eraser at index %d.' ), $eraser_index ) ); + } + + if ( ! array_key_exists( 'eraser_friendly_name', $eraser ) ) { + /* translators: %d: Eraser array index. */ + wp_send_json_error( sprintf( __( 'Eraser array at index %d does not include a friendly name.' ), $eraser_index ) ); + } + + $eraser_friendly_name = $eraser['eraser_friendly_name']; + + if ( ! array_key_exists( 'callback', $eraser ) ) { + wp_send_json_error( + sprintf( + /* translators: %s: Eraser friendly name. */ + __( 'Eraser does not include a callback: %s.' ), + esc_html( $eraser_friendly_name ) + ) + ); + } + + if ( ! is_callable( $eraser['callback'] ) ) { + wp_send_json_error( + sprintf( + /* translators: %s: Eraser friendly name. */ + __( 'Eraser callback is not valid: %s.' ), + esc_html( $eraser_friendly_name ) + ) + ); + } + + $callback = $eraser['callback']; + $response = call_user_func( $callback, $email_address, $page ); + + if ( is_wp_error( $response ) ) { + wp_send_json_error( $response ); + } + + if ( ! is_array( $response ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Did not receive array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + + if ( ! array_key_exists( 'items_removed', $response ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Expected items_removed key in response array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + + if ( ! array_key_exists( 'items_retained', $response ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Expected items_retained key in response array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + + if ( ! array_key_exists( 'messages', $response ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Expected messages key in response array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + + if ( ! is_array( $response['messages'] ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Expected messages key to reference an array in response array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + + if ( ! array_key_exists( 'done', $response ) ) { + wp_send_json_error( + sprintf( + /* translators: 1: Eraser friendly name, 2: Eraser array index. */ + __( 'Expected done flag in response array from %1$s eraser (index %2$d).' ), + esc_html( $eraser_friendly_name ), + $eraser_index + ) + ); + } + } else { + // No erasers, so we're done. + $eraser_key = ''; + + $response = array( + 'items_removed' => false, + 'items_retained' => false, + 'messages' => array(), + 'done' => true, + ); + } + + /** + * Filters a page of personal data eraser data. + * + * Allows the erasure response to be consumed by destinations in addition to Ajax. + * + * @since 4.9.6 + * + * @param array $response { + * The personal data for the given exporter and page number. + * + * @type bool $items_removed Whether items were actually removed or not. + * @type bool $items_retained Whether items were retained or not. + * @type string[] $messages An array of messages to add to the personal data export file. + * @type bool $done Whether the eraser is finished or not. + * } + * @param int $eraser_index The index of the eraser that provided this data. + * @param string $email_address The email address associated with this personal data. + * @param int $page The page number for this response. + * @param int $request_id The privacy request post ID associated with this request. + * @param string $eraser_key The key (slug) of the eraser that provided this data. + */ + $response = apply_filters( 'wp_privacy_personal_data_erasure_page', $response, $eraser_index, $email_address, $page, $request_id, $eraser_key ); + + if ( is_wp_error( $response ) ) { + wp_send_json_error( $response ); + } + + wp_send_json_success( $response ); +} + +/** + * Handles site health checks on server communication via AJAX. + * + * @since 5.2.0 + * @deprecated 5.6.0 Use WP_REST_Site_Health_Controller::test_dotorg_communication() + * @see WP_REST_Site_Health_Controller::test_dotorg_communication() + */ +function wp_ajax_health_check_dotorg_communication() { + _doing_it_wrong( + 'wp_ajax_health_check_dotorg_communication', + sprintf( + // translators: 1: The Site Health action that is no longer used by core. 2: The new function that replaces it. + __( 'The Site Health check for %1$s has been replaced with %2$s.' ), + 'wp_ajax_health_check_dotorg_communication', + 'WP_REST_Site_Health_Controller::test_dotorg_communication' + ), + '5.6.0' + ); + + check_ajax_referer( 'health-check-site-status' ); + + if ( ! current_user_can( 'view_site_health_checks' ) ) { + wp_send_json_error(); + } + + if ( ! class_exists( 'WP_Site_Health' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-site-health.php'; + } + + $site_health = WP_Site_Health::get_instance(); + wp_send_json_success( $site_health->get_test_dotorg_communication() ); +} + +/** + * Handles site health checks on background updates via AJAX. + * + * @since 5.2.0 + * @deprecated 5.6.0 Use WP_REST_Site_Health_Controller::test_background_updates() + * @see WP_REST_Site_Health_Controller::test_background_updates() + */ +function wp_ajax_health_check_background_updates() { + _doing_it_wrong( + 'wp_ajax_health_check_background_updates', + sprintf( + // translators: 1: The Site Health action that is no longer used by core. 2: The new function that replaces it. + __( 'The Site Health check for %1$s has been replaced with %2$s.' ), + 'wp_ajax_health_check_background_updates', + 'WP_REST_Site_Health_Controller::test_background_updates' + ), + '5.6.0' + ); + + check_ajax_referer( 'health-check-site-status' ); + + if ( ! current_user_can( 'view_site_health_checks' ) ) { + wp_send_json_error(); + } + + if ( ! class_exists( 'WP_Site_Health' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-site-health.php'; + } + + $site_health = WP_Site_Health::get_instance(); + wp_send_json_success( $site_health->get_test_background_updates() ); +} + +/** + * Handles site health checks on loopback requests via AJAX. + * + * @since 5.2.0 + * @deprecated 5.6.0 Use WP_REST_Site_Health_Controller::test_loopback_requests() + * @see WP_REST_Site_Health_Controller::test_loopback_requests() + */ +function wp_ajax_health_check_loopback_requests() { + _doing_it_wrong( + 'wp_ajax_health_check_loopback_requests', + sprintf( + // translators: 1: The Site Health action that is no longer used by core. 2: The new function that replaces it. + __( 'The Site Health check for %1$s has been replaced with %2$s.' ), + 'wp_ajax_health_check_loopback_requests', + 'WP_REST_Site_Health_Controller::test_loopback_requests' + ), + '5.6.0' + ); + + check_ajax_referer( 'health-check-site-status' ); + + if ( ! current_user_can( 'view_site_health_checks' ) ) { + wp_send_json_error(); + } + + if ( ! class_exists( 'WP_Site_Health' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-site-health.php'; + } + + $site_health = WP_Site_Health::get_instance(); + wp_send_json_success( $site_health->get_test_loopback_requests() ); +} + +/** + * Handles site health check to update the result status via AJAX. + * + * @since 5.2.0 + */ +function wp_ajax_health_check_site_status_result() { + check_ajax_referer( 'health-check-site-status-result' ); + + if ( ! current_user_can( 'view_site_health_checks' ) ) { + wp_send_json_error(); + } + + set_transient( 'health-check-site-status-result', wp_json_encode( $_POST['counts'] ) ); + + wp_send_json_success(); +} + +/** + * Handles site health check to get directories and database sizes via AJAX. + * + * @since 5.2.0 + * @deprecated 5.6.0 Use WP_REST_Site_Health_Controller::get_directory_sizes() + * @see WP_REST_Site_Health_Controller::get_directory_sizes() + */ +function wp_ajax_health_check_get_sizes() { + _doing_it_wrong( + 'wp_ajax_health_check_get_sizes', + sprintf( + // translators: 1: The Site Health action that is no longer used by core. 2: The new function that replaces it. + __( 'The Site Health check for %1$s has been replaced with %2$s.' ), + 'wp_ajax_health_check_get_sizes', + 'WP_REST_Site_Health_Controller::get_directory_sizes' + ), + '5.6.0' + ); + + check_ajax_referer( 'health-check-site-status-result' ); + + if ( ! current_user_can( 'view_site_health_checks' ) || is_multisite() ) { + wp_send_json_error(); + } + + if ( ! class_exists( 'WP_Debug_Data' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-debug-data.php'; + } + + $sizes_data = WP_Debug_Data::get_sizes(); + $all_sizes = array( 'raw' => 0 ); + + foreach ( $sizes_data as $name => $value ) { + $name = sanitize_text_field( $name ); + $data = array(); + + if ( isset( $value['size'] ) ) { + if ( is_string( $value['size'] ) ) { + $data['size'] = sanitize_text_field( $value['size'] ); + } else { + $data['size'] = (int) $value['size']; + } + } + + if ( isset( $value['debug'] ) ) { + if ( is_string( $value['debug'] ) ) { + $data['debug'] = sanitize_text_field( $value['debug'] ); + } else { + $data['debug'] = (int) $value['debug']; + } + } + + if ( ! empty( $value['raw'] ) ) { + $data['raw'] = (int) $value['raw']; + } + + $all_sizes[ $name ] = $data; + } + + if ( isset( $all_sizes['total_size']['debug'] ) && 'not available' === $all_sizes['total_size']['debug'] ) { + wp_send_json_error( $all_sizes ); + } + + wp_send_json_success( $all_sizes ); +} + +/** + * Handles renewing the REST API nonce via AJAX. + * + * @since 5.3.0 + */ +function wp_ajax_rest_nonce() { + exit( wp_create_nonce( 'wp_rest' ) ); +} + +/** + * Handles enabling or disable plugin and theme auto-updates via AJAX. + * + * @since 5.5.0 + */ +function wp_ajax_toggle_auto_updates() { + check_ajax_referer( 'updates' ); + + if ( empty( $_POST['type'] ) || empty( $_POST['asset'] ) || empty( $_POST['state'] ) ) { + wp_send_json_error( array( 'error' => __( 'Invalid data. No selected item.' ) ) ); + } + + $asset = sanitize_text_field( urldecode( $_POST['asset'] ) ); + + if ( 'enable' !== $_POST['state'] && 'disable' !== $_POST['state'] ) { + wp_send_json_error( array( 'error' => __( 'Invalid data. Unknown state.' ) ) ); + } + $state = $_POST['state']; + + if ( 'plugin' !== $_POST['type'] && 'theme' !== $_POST['type'] ) { + wp_send_json_error( array( 'error' => __( 'Invalid data. Unknown type.' ) ) ); + } + $type = $_POST['type']; + + switch ( $type ) { + case 'plugin': + if ( ! current_user_can( 'update_plugins' ) ) { + $error_message = __( 'Sorry, you are not allowed to modify plugins.' ); + wp_send_json_error( array( 'error' => $error_message ) ); + } + + $option = 'auto_update_plugins'; + /** This filter is documented in wp-admin/includes/class-wp-plugins-list-table.php */ + $all_items = apply_filters( 'all_plugins', get_plugins() ); + break; + case 'theme': + if ( ! current_user_can( 'update_themes' ) ) { + $error_message = __( 'Sorry, you are not allowed to modify themes.' ); + wp_send_json_error( array( 'error' => $error_message ) ); + } + + $option = 'auto_update_themes'; + $all_items = wp_get_themes(); + break; + default: + wp_send_json_error( array( 'error' => __( 'Invalid data. Unknown type.' ) ) ); + } + + if ( ! array_key_exists( $asset, $all_items ) ) { + $error_message = __( 'Invalid data. The item does not exist.' ); + wp_send_json_error( array( 'error' => $error_message ) ); + } + + $auto_updates = (array) get_site_option( $option, array() ); + + if ( 'disable' === $state ) { + $auto_updates = array_diff( $auto_updates, array( $asset ) ); + } else { + $auto_updates[] = $asset; + $auto_updates = array_unique( $auto_updates ); + } + + // Remove items that have been deleted since the site option was last updated. + $auto_updates = array_intersect( $auto_updates, array_keys( $all_items ) ); + + update_site_option( $option, $auto_updates ); + + wp_send_json_success(); +} + +/** + * Handles sending a password reset link via AJAX. + * + * @since 5.7.0 + */ +function wp_ajax_send_password_reset() { + + // Validate the nonce for this action. + $user_id = isset( $_POST['user_id'] ) ? (int) $_POST['user_id'] : 0; + check_ajax_referer( 'reset-password-for-' . $user_id, 'nonce' ); + + // Verify user capabilities. + if ( ! current_user_can( 'edit_user', $user_id ) ) { + wp_send_json_error( __( 'Cannot send password reset, permission denied.' ) ); + } + + // Send the password reset link. + $user = get_userdata( $user_id ); + $results = retrieve_password( $user->user_login ); + + if ( true === $results ) { + wp_send_json_success( + /* translators: %s: User's display name. */ + sprintf( __( 'A password reset link was emailed to %s.' ), $user->display_name ) + ); + } else { + wp_send_json_error( $results->get_error_message() ); + } +} diff --git a/wp-admin/includes/bookmark.php b/wp-admin/includes/bookmark.php new file mode 100644 index 0000000..c5600bf --- /dev/null +++ b/wp-admin/includes/bookmark.php @@ -0,0 +1,379 @@ +<?php +/** + * WordPress Bookmark Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Adds a link using values provided in $_POST. + * + * @since 2.0.0 + * + * @return int|WP_Error Value 0 or WP_Error on failure. The link ID on success. + */ +function add_link() { + return edit_link(); +} + +/** + * Updates or inserts a link using values provided in $_POST. + * + * @since 2.0.0 + * + * @param int $link_id Optional. ID of the link to edit. Default 0. + * @return int|WP_Error Value 0 or WP_Error on failure. The link ID on success. + */ +function edit_link( $link_id = 0 ) { + if ( ! current_user_can( 'manage_links' ) ) { + wp_die( + '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' . + '<p>' . __( 'Sorry, you are not allowed to edit the links for this site.' ) . '</p>', + 403 + ); + } + + $_POST['link_url'] = esc_url( $_POST['link_url'] ); + $_POST['link_name'] = esc_html( $_POST['link_name'] ); + $_POST['link_image'] = esc_html( $_POST['link_image'] ); + $_POST['link_rss'] = esc_url( $_POST['link_rss'] ); + if ( ! isset( $_POST['link_visible'] ) || 'N' !== $_POST['link_visible'] ) { + $_POST['link_visible'] = 'Y'; + } + + if ( ! empty( $link_id ) ) { + $_POST['link_id'] = $link_id; + return wp_update_link( $_POST ); + } else { + return wp_insert_link( $_POST ); + } +} + +/** + * Retrieves the default link for editing. + * + * @since 2.0.0 + * + * @return stdClass Default link object. + */ +function get_default_link_to_edit() { + $link = new stdClass(); + if ( isset( $_GET['linkurl'] ) ) { + $link->link_url = esc_url( wp_unslash( $_GET['linkurl'] ) ); + } else { + $link->link_url = ''; + } + + if ( isset( $_GET['name'] ) ) { + $link->link_name = esc_attr( wp_unslash( $_GET['name'] ) ); + } else { + $link->link_name = ''; + } + + $link->link_visible = 'Y'; + + return $link; +} + +/** + * Deletes a specified link from the database. + * + * @since 2.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $link_id ID of the link to delete. + * @return true Always true. + */ +function wp_delete_link( $link_id ) { + global $wpdb; + /** + * Fires before a link is deleted. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link to delete. + */ + do_action( 'delete_link', $link_id ); + + wp_delete_object_term_relationships( $link_id, 'link_category' ); + + $wpdb->delete( $wpdb->links, array( 'link_id' => $link_id ) ); + + /** + * Fires after a link has been deleted. + * + * @since 2.2.0 + * + * @param int $link_id ID of the deleted link. + */ + do_action( 'deleted_link', $link_id ); + + clean_bookmark_cache( $link_id ); + + return true; +} + +/** + * Retrieves the link category IDs associated with the link specified. + * + * @since 2.1.0 + * + * @param int $link_id Link ID to look up. + * @return int[] The IDs of the requested link's categories. + */ +function wp_get_link_cats( $link_id = 0 ) { + $cats = wp_get_object_terms( $link_id, 'link_category', array( 'fields' => 'ids' ) ); + return array_unique( $cats ); +} + +/** + * Retrieves link data based on its ID. + * + * @since 2.0.0 + * + * @param int|stdClass $link Link ID or object to retrieve. + * @return object Link object for editing. + */ +function get_link_to_edit( $link ) { + return get_bookmark( $link, OBJECT, 'edit' ); +} + +/** + * Inserts a link into the database, or updates an existing link. + * + * Runs all the necessary sanitizing, provides default values if arguments are missing, + * and finally saves the link. + * + * @since 2.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param array $linkdata { + * Elements that make up the link to insert. + * + * @type int $link_id Optional. The ID of the existing link if updating. + * @type string $link_url The URL the link points to. + * @type string $link_name The title of the link. + * @type string $link_image Optional. A URL of an image. + * @type string $link_target Optional. The target element for the anchor tag. + * @type string $link_description Optional. A short description of the link. + * @type string $link_visible Optional. 'Y' means visible, anything else means not. + * @type int $link_owner Optional. A user ID. + * @type int $link_rating Optional. A rating for the link. + * @type string $link_rel Optional. A relationship of the link to you. + * @type string $link_notes Optional. An extended description of or notes on the link. + * @type string $link_rss Optional. A URL of an associated RSS feed. + * @type int $link_category Optional. The term ID of the link category. + * If empty, uses default link category. + * } + * @param bool $wp_error Optional. Whether to return a WP_Error object on failure. Default false. + * @return int|WP_Error Value 0 or WP_Error on failure. The link ID on success. + */ +function wp_insert_link( $linkdata, $wp_error = false ) { + global $wpdb; + + $defaults = array( + 'link_id' => 0, + 'link_name' => '', + 'link_url' => '', + 'link_rating' => 0, + ); + + $parsed_args = wp_parse_args( $linkdata, $defaults ); + $parsed_args = wp_unslash( sanitize_bookmark( $parsed_args, 'db' ) ); + + $link_id = $parsed_args['link_id']; + $link_name = $parsed_args['link_name']; + $link_url = $parsed_args['link_url']; + + $update = false; + if ( ! empty( $link_id ) ) { + $update = true; + } + + if ( '' === trim( $link_name ) ) { + if ( '' !== trim( $link_url ) ) { + $link_name = $link_url; + } else { + return 0; + } + } + + if ( '' === trim( $link_url ) ) { + return 0; + } + + $link_rating = ( ! empty( $parsed_args['link_rating'] ) ) ? $parsed_args['link_rating'] : 0; + $link_image = ( ! empty( $parsed_args['link_image'] ) ) ? $parsed_args['link_image'] : ''; + $link_target = ( ! empty( $parsed_args['link_target'] ) ) ? $parsed_args['link_target'] : ''; + $link_visible = ( ! empty( $parsed_args['link_visible'] ) ) ? $parsed_args['link_visible'] : 'Y'; + $link_owner = ( ! empty( $parsed_args['link_owner'] ) ) ? $parsed_args['link_owner'] : get_current_user_id(); + $link_notes = ( ! empty( $parsed_args['link_notes'] ) ) ? $parsed_args['link_notes'] : ''; + $link_description = ( ! empty( $parsed_args['link_description'] ) ) ? $parsed_args['link_description'] : ''; + $link_rss = ( ! empty( $parsed_args['link_rss'] ) ) ? $parsed_args['link_rss'] : ''; + $link_rel = ( ! empty( $parsed_args['link_rel'] ) ) ? $parsed_args['link_rel'] : ''; + $link_category = ( ! empty( $parsed_args['link_category'] ) ) ? $parsed_args['link_category'] : array(); + + // Make sure we set a valid category. + if ( ! is_array( $link_category ) || 0 === count( $link_category ) ) { + $link_category = array( get_option( 'default_link_category' ) ); + } + + if ( $update ) { + if ( false === $wpdb->update( $wpdb->links, compact( 'link_url', 'link_name', 'link_image', 'link_target', 'link_description', 'link_visible', 'link_owner', 'link_rating', 'link_rel', 'link_notes', 'link_rss' ), compact( 'link_id' ) ) ) { + if ( $wp_error ) { + return new WP_Error( 'db_update_error', __( 'Could not update link in the database.' ), $wpdb->last_error ); + } else { + return 0; + } + } + } else { + if ( false === $wpdb->insert( $wpdb->links, compact( 'link_url', 'link_name', 'link_image', 'link_target', 'link_description', 'link_visible', 'link_owner', 'link_rating', 'link_rel', 'link_notes', 'link_rss' ) ) ) { + if ( $wp_error ) { + return new WP_Error( 'db_insert_error', __( 'Could not insert link into the database.' ), $wpdb->last_error ); + } else { + return 0; + } + } + $link_id = (int) $wpdb->insert_id; + } + + wp_set_link_cats( $link_id, $link_category ); + + if ( $update ) { + /** + * Fires after a link was updated in the database. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link that was updated. + */ + do_action( 'edit_link', $link_id ); + } else { + /** + * Fires after a link was added to the database. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link that was added. + */ + do_action( 'add_link', $link_id ); + } + clean_bookmark_cache( $link_id ); + + return $link_id; +} + +/** + * Updates link with the specified link categories. + * + * @since 2.1.0 + * + * @param int $link_id ID of the link to update. + * @param int[] $link_categories Array of link category IDs to add the link to. + */ +function wp_set_link_cats( $link_id = 0, $link_categories = array() ) { + // If $link_categories isn't already an array, make it one: + if ( ! is_array( $link_categories ) || 0 === count( $link_categories ) ) { + $link_categories = array( get_option( 'default_link_category' ) ); + } + + $link_categories = array_map( 'intval', $link_categories ); + $link_categories = array_unique( $link_categories ); + + wp_set_object_terms( $link_id, $link_categories, 'link_category' ); + + clean_bookmark_cache( $link_id ); +} + +/** + * Updates a link in the database. + * + * @since 2.0.0 + * + * @param array $linkdata Link data to update. See wp_insert_link() for accepted arguments. + * @return int|WP_Error Value 0 or WP_Error on failure. The updated link ID on success. + */ +function wp_update_link( $linkdata ) { + $link_id = (int) $linkdata['link_id']; + + $link = get_bookmark( $link_id, ARRAY_A ); + + // Escape data pulled from DB. + $link = wp_slash( $link ); + + // Passed link category list overwrites existing category list if not empty. + if ( isset( $linkdata['link_category'] ) && is_array( $linkdata['link_category'] ) + && count( $linkdata['link_category'] ) > 0 + ) { + $link_cats = $linkdata['link_category']; + } else { + $link_cats = $link['link_category']; + } + + // Merge old and new fields with new fields overwriting old ones. + $linkdata = array_merge( $link, $linkdata ); + $linkdata['link_category'] = $link_cats; + + return wp_insert_link( $linkdata ); +} + +/** + * Outputs the 'disabled' message for the WordPress Link Manager. + * + * @since 3.5.0 + * @access private + * + * @global string $pagenow The filename of the current screen. + */ +function wp_link_manager_disabled_message() { + global $pagenow; + + if ( ! in_array( $pagenow, array( 'link-manager.php', 'link-add.php', 'link.php' ), true ) ) { + return; + } + + add_filter( 'pre_option_link_manager_enabled', '__return_true', 100 ); + $really_can_manage_links = current_user_can( 'manage_links' ); + remove_filter( 'pre_option_link_manager_enabled', '__return_true', 100 ); + + if ( $really_can_manage_links ) { + $plugins = get_plugins(); + + if ( empty( $plugins['link-manager/link-manager.php'] ) ) { + if ( current_user_can( 'install_plugins' ) ) { + $install_url = wp_nonce_url( + self_admin_url( 'update.php?action=install-plugin&plugin=link-manager' ), + 'install-plugin_link-manager' + ); + + wp_die( + sprintf( + /* translators: %s: A link to install the Link Manager plugin. */ + __( 'If you are looking to use the link manager, please install the <a href="%s">Link Manager plugin</a>.' ), + esc_url( $install_url ) + ) + ); + } + } elseif ( is_plugin_inactive( 'link-manager/link-manager.php' ) ) { + if ( current_user_can( 'activate_plugins' ) ) { + $activate_url = wp_nonce_url( + self_admin_url( 'plugins.php?action=activate&plugin=link-manager/link-manager.php' ), + 'activate-plugin_link-manager/link-manager.php' + ); + + wp_die( + sprintf( + /* translators: %s: A link to activate the Link Manager plugin. */ + __( 'Please activate the <a href="%s">Link Manager plugin</a> to use the link manager.' ), + esc_url( $activate_url ) + ) + ); + } + } + } + + wp_die( __( 'Sorry, you are not allowed to edit the links for this site.' ) ); +} diff --git a/wp-admin/includes/class-automatic-upgrader-skin.php b/wp-admin/includes/class-automatic-upgrader-skin.php new file mode 100644 index 0000000..4fee620 --- /dev/null +++ b/wp-admin/includes/class-automatic-upgrader-skin.php @@ -0,0 +1,135 @@ +<?php +/** + * Upgrader API: Automatic_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Upgrader Skin for Automatic WordPress Upgrades. + * + * This skin is designed to be used when no output is intended, all output + * is captured and stored for the caller to process and log/email/discard. + * + * @since 3.7.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see Bulk_Upgrader_Skin + */ +class Automatic_Upgrader_Skin extends WP_Upgrader_Skin { + protected $messages = array(); + + /** + * Determines whether the upgrader needs FTP/SSH details in order to connect + * to the filesystem. + * + * @since 3.7.0 + * @since 4.6.0 The `$context` parameter default changed from `false` to an empty string. + * + * @see request_filesystem_credentials() + * + * @param bool|WP_Error $error Optional. Whether the current request has failed to connect, + * or an error object. Default false. + * @param string $context Optional. Full path to the directory that is tested + * for being writable. Default empty. + * @param bool $allow_relaxed_file_ownership Optional. Whether to allow Group/World writable. Default false. + * @return bool True on success, false on failure. + */ + public function request_filesystem_credentials( $error = false, $context = '', $allow_relaxed_file_ownership = false ) { + if ( $context ) { + $this->options['context'] = $context; + } + /* + * TODO: Fix up request_filesystem_credentials(), or split it, to allow us to request a no-output version. + * This will output a credentials form in event of failure. We don't want that, so just hide with a buffer. + */ + ob_start(); + $result = parent::request_filesystem_credentials( $error, $context, $allow_relaxed_file_ownership ); + ob_end_clean(); + return $result; + } + + /** + * Retrieves the upgrade messages. + * + * @since 3.7.0 + * + * @return string[] Messages during an upgrade. + */ + public function get_upgrade_messages() { + return $this->messages; + } + + /** + * Stores a message about the upgrade. + * + * @since 3.7.0 + * @since 5.9.0 Renamed `$data` to `$feedback` for PHP 8 named parameter support. + * + * @param string|array|WP_Error $feedback Message data. + * @param mixed ...$args Optional text replacements. + */ + public function feedback( $feedback, ...$args ) { + if ( is_wp_error( $feedback ) ) { + $string = $feedback->get_error_message(); + } elseif ( is_array( $feedback ) ) { + return; + } else { + $string = $feedback; + } + + if ( ! empty( $this->upgrader->strings[ $string ] ) ) { + $string = $this->upgrader->strings[ $string ]; + } + + if ( str_contains( $string, '%' ) ) { + if ( ! empty( $args ) ) { + $string = vsprintf( $string, $args ); + } + } + + $string = trim( $string ); + + // Only allow basic HTML in the messages, as it'll be used in emails/logs rather than direct browser output. + $string = wp_kses( + $string, + array( + 'a' => array( + 'href' => true, + ), + 'br' => true, + 'em' => true, + 'strong' => true, + ) + ); + + if ( empty( $string ) ) { + return; + } + + $this->messages[] = $string; + } + + /** + * Creates a new output buffer. + * + * @since 3.7.0 + */ + public function header() { + ob_start(); + } + + /** + * Retrieves the buffered content, deletes the buffer, and processes the output. + * + * @since 3.7.0 + */ + public function footer() { + $output = ob_get_clean(); + if ( ! empty( $output ) ) { + $this->feedback( $output ); + } + } +} diff --git a/wp-admin/includes/class-bulk-plugin-upgrader-skin.php b/wp-admin/includes/class-bulk-plugin-upgrader-skin.php new file mode 100644 index 0000000..7cbf334 --- /dev/null +++ b/wp-admin/includes/class-bulk-plugin-upgrader-skin.php @@ -0,0 +1,87 @@ +<?php +/** + * Upgrader API: Bulk_Plugin_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Bulk Plugin Upgrader Skin for WordPress Plugin Upgrades. + * + * @since 3.0.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see Bulk_Upgrader_Skin + */ +class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin { + + /** + * Plugin info. + * + * The Plugin_Upgrader::bulk_upgrade() method will fill this in + * with info retrieved from the get_plugin_data() function. + * + * @var array Plugin data. Values will be empty if not supplied by the plugin. + */ + public $plugin_info = array(); + + public function add_strings() { + parent::add_strings(); + /* translators: 1: Plugin name, 2: Number of the plugin, 3: Total number of plugins being updated. */ + $this->upgrader->strings['skin_before_update_header'] = __( 'Updating Plugin %1$s (%2$d/%3$d)' ); + } + + /** + * @param string $title + */ + public function before( $title = '' ) { + parent::before( $this->plugin_info['Title'] ); + } + + /** + * @param string $title + */ + public function after( $title = '' ) { + parent::after( $this->plugin_info['Title'] ); + $this->decrement_update_count( 'plugin' ); + } + + /** + */ + public function bulk_footer() { + parent::bulk_footer(); + + $update_actions = array( + 'plugins_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'plugins.php' ), + __( 'Go to Plugins page' ) + ), + 'updates_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'update-core.php' ), + __( 'Go to WordPress Updates page' ) + ), + ); + + if ( ! current_user_can( 'activate_plugins' ) ) { + unset( $update_actions['plugins_page'] ); + } + + /** + * Filters the list of action links available following bulk plugin updates. + * + * @since 3.0.0 + * + * @param string[] $update_actions Array of plugin action links. + * @param array $plugin_info Array of information for the last-updated plugin. + */ + $update_actions = apply_filters( 'update_bulk_plugins_complete_actions', $update_actions, $this->plugin_info ); + + if ( ! empty( $update_actions ) ) { + $this->feedback( implode( ' | ', (array) $update_actions ) ); + } + } +} diff --git a/wp-admin/includes/class-bulk-theme-upgrader-skin.php b/wp-admin/includes/class-bulk-theme-upgrader-skin.php new file mode 100644 index 0000000..8ec3bbf --- /dev/null +++ b/wp-admin/includes/class-bulk-theme-upgrader-skin.php @@ -0,0 +1,88 @@ +<?php +/** + * Upgrader API: Bulk_Plugin_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Bulk Theme Upgrader Skin for WordPress Theme Upgrades. + * + * @since 3.0.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see Bulk_Upgrader_Skin + */ +class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin { + + /** + * Theme info. + * + * The Theme_Upgrader::bulk_upgrade() method will fill this in + * with info retrieved from the Theme_Upgrader::theme_info() method, + * which in turn calls the wp_get_theme() function. + * + * @var WP_Theme|false The theme's info object, or false. + */ + public $theme_info = false; + + public function add_strings() { + parent::add_strings(); + /* translators: 1: Theme name, 2: Number of the theme, 3: Total number of themes being updated. */ + $this->upgrader->strings['skin_before_update_header'] = __( 'Updating Theme %1$s (%2$d/%3$d)' ); + } + + /** + * @param string $title + */ + public function before( $title = '' ) { + parent::before( $this->theme_info->display( 'Name' ) ); + } + + /** + * @param string $title + */ + public function after( $title = '' ) { + parent::after( $this->theme_info->display( 'Name' ) ); + $this->decrement_update_count( 'theme' ); + } + + /** + */ + public function bulk_footer() { + parent::bulk_footer(); + + $update_actions = array( + 'themes_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'themes.php' ), + __( 'Go to Themes page' ) + ), + 'updates_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'update-core.php' ), + __( 'Go to WordPress Updates page' ) + ), + ); + + if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'edit_theme_options' ) ) { + unset( $update_actions['themes_page'] ); + } + + /** + * Filters the list of action links available following bulk theme updates. + * + * @since 3.0.0 + * + * @param string[] $update_actions Array of theme action links. + * @param WP_Theme $theme_info Theme object for the last-updated theme. + */ + $update_actions = apply_filters( 'update_bulk_theme_complete_actions', $update_actions, $this->theme_info ); + + if ( ! empty( $update_actions ) ) { + $this->feedback( implode( ' | ', (array) $update_actions ) ); + } + } +} diff --git a/wp-admin/includes/class-bulk-upgrader-skin.php b/wp-admin/includes/class-bulk-upgrader-skin.php new file mode 100644 index 0000000..4613119 --- /dev/null +++ b/wp-admin/includes/class-bulk-upgrader-skin.php @@ -0,0 +1,187 @@ +<?php +/** + * Upgrader API: Bulk_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Generic Bulk Upgrader Skin for WordPress Upgrades. + * + * @since 3.0.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Bulk_Upgrader_Skin extends WP_Upgrader_Skin { + public $in_loop = false; + /** + * @var string|false + */ + public $error = false; + + /** + * @param array $args + */ + public function __construct( $args = array() ) { + $defaults = array( + 'url' => '', + 'nonce' => '', + ); + $args = wp_parse_args( $args, $defaults ); + + parent::__construct( $args ); + } + + /** + */ + public function add_strings() { + $this->upgrader->strings['skin_upgrade_start'] = __( 'The update process is starting. This process may take a while on some hosts, so please be patient.' ); + /* translators: 1: Title of an update, 2: Error message. */ + $this->upgrader->strings['skin_update_failed_error'] = __( 'An error occurred while updating %1$s: %2$s' ); + /* translators: %s: Title of an update. */ + $this->upgrader->strings['skin_update_failed'] = __( 'The update of %s failed.' ); + /* translators: %s: Title of an update. */ + $this->upgrader->strings['skin_update_successful'] = __( '%s updated successfully.' ); + $this->upgrader->strings['skin_upgrade_end'] = __( 'All updates have been completed.' ); + } + + /** + * @since 5.9.0 Renamed `$string` (a PHP reserved keyword) to `$feedback` for PHP 8 named parameter support. + * + * @param string $feedback Message data. + * @param mixed ...$args Optional text replacements. + */ + public function feedback( $feedback, ...$args ) { + if ( isset( $this->upgrader->strings[ $feedback ] ) ) { + $feedback = $this->upgrader->strings[ $feedback ]; + } + + if ( str_contains( $feedback, '%' ) ) { + if ( $args ) { + $args = array_map( 'strip_tags', $args ); + $args = array_map( 'esc_html', $args ); + $feedback = vsprintf( $feedback, $args ); + } + } + if ( empty( $feedback ) ) { + return; + } + if ( $this->in_loop ) { + echo "$feedback<br />\n"; + } else { + echo "<p>$feedback</p>\n"; + } + } + + /** + */ + public function header() { + // Nothing. This will be displayed within an iframe. + } + + /** + */ + public function footer() { + // Nothing. This will be displayed within an iframe. + } + + /** + * @since 5.9.0 Renamed `$error` to `$errors` for PHP 8 named parameter support. + * + * @param string|WP_Error $errors Errors. + */ + public function error( $errors ) { + if ( is_string( $errors ) && isset( $this->upgrader->strings[ $errors ] ) ) { + $this->error = $this->upgrader->strings[ $errors ]; + } + + if ( is_wp_error( $errors ) ) { + $messages = array(); + foreach ( $errors->get_error_messages() as $emessage ) { + if ( $errors->get_error_data() && is_string( $errors->get_error_data() ) ) { + $messages[] = $emessage . ' ' . esc_html( strip_tags( $errors->get_error_data() ) ); + } else { + $messages[] = $emessage; + } + } + $this->error = implode( ', ', $messages ); + } + echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js( $this->upgrader->update_current ) . '\').hide();</script>'; + } + + /** + */ + public function bulk_header() { + $this->feedback( 'skin_upgrade_start' ); + } + + /** + */ + public function bulk_footer() { + $this->feedback( 'skin_upgrade_end' ); + } + + /** + * @param string $title + */ + public function before( $title = '' ) { + $this->in_loop = true; + printf( '<h2>' . $this->upgrader->strings['skin_before_update_header'] . ' <span class="spinner waiting-' . $this->upgrader->update_current . '"></span></h2>', $title, $this->upgrader->update_current, $this->upgrader->update_count ); + echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js( $this->upgrader->update_current ) . '\').css("display", "inline-block");</script>'; + // This progress messages div gets moved via JavaScript when clicking on "More details.". + echo '<div class="update-messages hide-if-js" id="progress-' . esc_attr( $this->upgrader->update_current ) . '"><p>'; + $this->flush_output(); + } + + /** + * @param string $title + */ + public function after( $title = '' ) { + echo '</p></div>'; + if ( $this->error || ! $this->result ) { + if ( $this->error ) { + $after_error_message = sprintf( $this->upgrader->strings['skin_update_failed_error'], $title, '<strong>' . $this->error . '</strong>' ); + } else { + $after_error_message = sprintf( $this->upgrader->strings['skin_update_failed'], $title ); + } + wp_admin_notice( + $after_error_message, + array( + 'additional_classes' => array( 'error' ), + ) + ); + + echo '<script type="text/javascript">jQuery(\'#progress-' . esc_js( $this->upgrader->update_current ) . '\').show();</script>'; + } + if ( $this->result && ! is_wp_error( $this->result ) ) { + if ( ! $this->error ) { + echo '<div class="updated js-update-details" data-update-details="progress-' . esc_attr( $this->upgrader->update_current ) . '">' . + '<p>' . sprintf( $this->upgrader->strings['skin_update_successful'], $title ) . + ' <button type="button" class="hide-if-no-js button-link js-update-details-toggle" aria-expanded="false">' . __( 'More details.' ) . '<span class="dashicons dashicons-arrow-down" aria-hidden="true"></span></button>' . + '</p></div>'; + } + + echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js( $this->upgrader->update_current ) . '\').hide();</script>'; + } + + $this->reset(); + $this->flush_output(); + } + + /** + */ + public function reset() { + $this->in_loop = false; + $this->error = false; + } + + /** + */ + public function flush_output() { + wp_ob_end_flush_all(); + flush(); + } +} diff --git a/wp-admin/includes/class-core-upgrader.php b/wp-admin/includes/class-core-upgrader.php new file mode 100644 index 0000000..165e1f7 --- /dev/null +++ b/wp-admin/includes/class-core-upgrader.php @@ -0,0 +1,420 @@ +<?php +/** + * Upgrade API: Core_Upgrader class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for updating core. + * + * It allows for WordPress to upgrade itself in combination with + * the wp-admin/includes/update-core.php file. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + * + * @see WP_Upgrader + */ +class Core_Upgrader extends WP_Upgrader { + + /** + * Initializes the upgrade strings. + * + * @since 2.8.0 + */ + public function upgrade_strings() { + $this->strings['up_to_date'] = __( 'WordPress is at the latest version.' ); + $this->strings['locked'] = __( 'Another update is currently in progress.' ); + $this->strings['no_package'] = __( 'Update package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading update from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the update…' ); + $this->strings['copy_failed'] = __( 'Could not copy files.' ); + $this->strings['copy_failed_space'] = __( 'Could not copy files. You may have run out of disk space.' ); + $this->strings['start_rollback'] = __( 'Attempting to restore the previous version.' ); + $this->strings['rollback_was_required'] = __( 'Due to an error during updating, WordPress has been restored to your previous version.' ); + } + + /** + * Upgrades WordPress core. + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global callable $_wp_filesystem_direct_method + * + * @param object $current Response object for whether WordPress is current. + * @param array $args { + * Optional. Arguments for upgrading WordPress core. Default empty array. + * + * @type bool $pre_check_md5 Whether to check the file checksums before + * attempting the upgrade. Default true. + * @type bool $attempt_rollback Whether to attempt to rollback the chances if + * there is a problem. Default false. + * @type bool $do_rollback Whether to perform this "upgrade" as a rollback. + * Default false. + * } + * @return string|false|WP_Error New WordPress version on success, false or WP_Error on failure. + */ + public function upgrade( $current, $args = array() ) { + global $wp_filesystem; + + require ABSPATH . WPINC . '/version.php'; // $wp_version; + + $start_time = time(); + + $defaults = array( + 'pre_check_md5' => true, + 'attempt_rollback' => false, + 'do_rollback' => false, + 'allow_relaxed_file_ownership' => false, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->upgrade_strings(); + + // Is an update available? + if ( ! isset( $current->response ) || 'latest' === $current->response ) { + return new WP_Error( 'up_to_date', $this->strings['up_to_date'] ); + } + + $res = $this->fs_connect( array( ABSPATH, WP_CONTENT_DIR ), $parsed_args['allow_relaxed_file_ownership'] ); + if ( ! $res || is_wp_error( $res ) ) { + return $res; + } + + $wp_dir = trailingslashit( $wp_filesystem->abspath() ); + + $partial = true; + if ( $parsed_args['do_rollback'] ) { + $partial = false; + } elseif ( $parsed_args['pre_check_md5'] && ! $this->check_files() ) { + $partial = false; + } + + /* + * If partial update is returned from the API, use that, unless we're doing + * a reinstallation. If we cross the new_bundled version number, then use + * the new_bundled zip. Don't though if the constant is set to skip bundled items. + * If the API returns a no_content zip, go with it. Finally, default to the full zip. + */ + if ( $parsed_args['do_rollback'] && $current->packages->rollback ) { + $to_download = 'rollback'; + } elseif ( $current->packages->partial && 'reinstall' !== $current->response && $wp_version === $current->partial_version && $partial ) { + $to_download = 'partial'; + } elseif ( $current->packages->new_bundled && version_compare( $wp_version, $current->new_bundled, '<' ) + && ( ! defined( 'CORE_UPGRADE_SKIP_NEW_BUNDLED' ) || ! CORE_UPGRADE_SKIP_NEW_BUNDLED ) ) { + $to_download = 'new_bundled'; + } elseif ( $current->packages->no_content ) { + $to_download = 'no_content'; + } else { + $to_download = 'full'; + } + + // Lock to prevent multiple Core Updates occurring. + $lock = WP_Upgrader::create_lock( 'core_updater', 15 * MINUTE_IN_SECONDS ); + if ( ! $lock ) { + return new WP_Error( 'locked', $this->strings['locked'] ); + } + + $download = $this->download_package( $current->packages->$to_download, true ); + + /* + * Allow for signature soft-fail. + * WARNING: This may be removed in the future. + */ + if ( is_wp_error( $download ) && $download->get_error_data( 'softfail-filename' ) ) { + // Output the failure error as a normal feedback, and not as an error: + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', $download->get_error_message() ); + + // Report this failure back to WordPress.org for debugging purposes. + wp_version_check( + array( + 'signature_failure_code' => $download->get_error_code(), + 'signature_failure_data' => $download->get_error_data(), + ) + ); + + // Pretend this error didn't happen. + $download = $download->get_error_data( 'softfail-filename' ); + } + + if ( is_wp_error( $download ) ) { + WP_Upgrader::release_lock( 'core_updater' ); + return $download; + } + + $working_dir = $this->unpack_package( $download ); + if ( is_wp_error( $working_dir ) ) { + WP_Upgrader::release_lock( 'core_updater' ); + return $working_dir; + } + + // Copy update-core.php from the new version into place. + if ( ! $wp_filesystem->copy( $working_dir . '/wordpress/wp-admin/includes/update-core.php', $wp_dir . 'wp-admin/includes/update-core.php', true ) ) { + $wp_filesystem->delete( $working_dir, true ); + WP_Upgrader::release_lock( 'core_updater' ); + return new WP_Error( 'copy_failed_for_update_core_file', __( 'The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.' ), 'wp-admin/includes/update-core.php' ); + } + $wp_filesystem->chmod( $wp_dir . 'wp-admin/includes/update-core.php', FS_CHMOD_FILE ); + + wp_opcache_invalidate( ABSPATH . 'wp-admin/includes/update-core.php' ); + require_once ABSPATH . 'wp-admin/includes/update-core.php'; + + if ( ! function_exists( 'update_core' ) ) { + WP_Upgrader::release_lock( 'core_updater' ); + return new WP_Error( 'copy_failed_space', $this->strings['copy_failed_space'] ); + } + + $result = update_core( $working_dir, $wp_dir ); + + // In the event of an issue, we may be able to roll back. + if ( $parsed_args['attempt_rollback'] && $current->packages->rollback && ! $parsed_args['do_rollback'] ) { + $try_rollback = false; + if ( is_wp_error( $result ) ) { + $error_code = $result->get_error_code(); + /* + * Not all errors are equal. These codes are critical: copy_failed__copy_dir, + * mkdir_failed__copy_dir, copy_failed__copy_dir_retry, and disk_full. + * do_rollback allows for update_core() to trigger a rollback if needed. + */ + if ( str_contains( $error_code, 'do_rollback' ) ) { + $try_rollback = true; + } elseif ( str_contains( $error_code, '__copy_dir' ) ) { + $try_rollback = true; + } elseif ( 'disk_full' === $error_code ) { + $try_rollback = true; + } + } + + if ( $try_rollback ) { + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', $result ); + + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', $this->strings['start_rollback'] ); + + $rollback_result = $this->upgrade( $current, array_merge( $parsed_args, array( 'do_rollback' => true ) ) ); + + $original_result = $result; + $result = new WP_Error( + 'rollback_was_required', + $this->strings['rollback_was_required'], + (object) array( + 'update' => $original_result, + 'rollback' => $rollback_result, + ) + ); + } + } + + /** This action is documented in wp-admin/includes/class-wp-upgrader.php */ + do_action( + 'upgrader_process_complete', + $this, + array( + 'action' => 'update', + 'type' => 'core', + ) + ); + + // Clear the current updates. + delete_site_transient( 'update_core' ); + + if ( ! $parsed_args['do_rollback'] ) { + $stats = array( + 'update_type' => $current->response, + 'success' => true, + 'fs_method' => $wp_filesystem->method, + 'fs_method_forced' => defined( 'FS_METHOD' ) || has_filter( 'filesystem_method' ), + 'fs_method_direct' => ! empty( $GLOBALS['_wp_filesystem_direct_method'] ) ? $GLOBALS['_wp_filesystem_direct_method'] : '', + 'time_taken' => time() - $start_time, + 'reported' => $wp_version, + 'attempted' => $current->version, + ); + + if ( is_wp_error( $result ) ) { + $stats['success'] = false; + // Did a rollback occur? + if ( ! empty( $try_rollback ) ) { + $stats['error_code'] = $original_result->get_error_code(); + $stats['error_data'] = $original_result->get_error_data(); + // Was the rollback successful? If not, collect its error too. + $stats['rollback'] = ! is_wp_error( $rollback_result ); + if ( is_wp_error( $rollback_result ) ) { + $stats['rollback_code'] = $rollback_result->get_error_code(); + $stats['rollback_data'] = $rollback_result->get_error_data(); + } + } else { + $stats['error_code'] = $result->get_error_code(); + $stats['error_data'] = $result->get_error_data(); + } + } + + wp_version_check( $stats ); + } + + WP_Upgrader::release_lock( 'core_updater' ); + + return $result; + } + + /** + * Determines if this WordPress Core version should update to an offered version or not. + * + * @since 3.7.0 + * + * @param string $offered_ver The offered version, of the format x.y.z. + * @return bool True if we should update to the offered version, otherwise false. + */ + public static function should_update_to_version( $offered_ver ) { + require ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z + + $current_branch = implode( '.', array_slice( preg_split( '/[.-]/', $wp_version ), 0, 2 ) ); // x.y + $new_branch = implode( '.', array_slice( preg_split( '/[.-]/', $offered_ver ), 0, 2 ) ); // x.y + + $current_is_development_version = (bool) strpos( $wp_version, '-' ); + + // Defaults: + $upgrade_dev = get_site_option( 'auto_update_core_dev', 'enabled' ) === 'enabled'; + $upgrade_minor = get_site_option( 'auto_update_core_minor', 'enabled' ) === 'enabled'; + $upgrade_major = get_site_option( 'auto_update_core_major', 'unset' ) === 'enabled'; + + // WP_AUTO_UPDATE_CORE = true (all), 'beta', 'rc', 'development', 'branch-development', 'minor', false. + if ( defined( 'WP_AUTO_UPDATE_CORE' ) ) { + if ( false === WP_AUTO_UPDATE_CORE ) { + // Defaults to turned off, unless a filter allows it. + $upgrade_dev = false; + $upgrade_minor = false; + $upgrade_major = false; + } elseif ( true === WP_AUTO_UPDATE_CORE + || in_array( WP_AUTO_UPDATE_CORE, array( 'beta', 'rc', 'development', 'branch-development' ), true ) + ) { + // ALL updates for core. + $upgrade_dev = true; + $upgrade_minor = true; + $upgrade_major = true; + } elseif ( 'minor' === WP_AUTO_UPDATE_CORE ) { + // Only minor updates for core. + $upgrade_dev = false; + $upgrade_minor = true; + $upgrade_major = false; + } + } + + // 1: If we're already on that version, not much point in updating? + if ( $offered_ver === $wp_version ) { + return false; + } + + // 2: If we're running a newer version, that's a nope. + if ( version_compare( $wp_version, $offered_ver, '>' ) ) { + return false; + } + + $failure_data = get_site_option( 'auto_core_update_failed' ); + if ( $failure_data ) { + // If this was a critical update failure, cannot update. + if ( ! empty( $failure_data['critical'] ) ) { + return false; + } + + // Don't claim we can update on update-core.php if we have a non-critical failure logged. + if ( $wp_version === $failure_data['current'] && str_contains( $offered_ver, '.1.next.minor' ) ) { + return false; + } + + /* + * Cannot update if we're retrying the same A to B update that caused a non-critical failure. + * Some non-critical failures do allow retries, like download_failed. + * 3.7.1 => 3.7.2 resulted in files_not_writable, if we are still on 3.7.1 and still trying to update to 3.7.2. + */ + if ( empty( $failure_data['retry'] ) && $wp_version === $failure_data['current'] && $offered_ver === $failure_data['attempted'] ) { + return false; + } + } + + // 3: 3.7-alpha-25000 -> 3.7-alpha-25678 -> 3.7-beta1 -> 3.7-beta2. + if ( $current_is_development_version ) { + + /** + * Filters whether to enable automatic core updates for development versions. + * + * @since 3.7.0 + * + * @param bool $upgrade_dev Whether to enable automatic updates for + * development versions. + */ + if ( ! apply_filters( 'allow_dev_auto_core_updates', $upgrade_dev ) ) { + return false; + } + // Else fall through to minor + major branches below. + } + + // 4: Minor in-branch updates (3.7.0 -> 3.7.1 -> 3.7.2 -> 3.7.4). + if ( $current_branch === $new_branch ) { + + /** + * Filters whether to enable minor automatic core updates. + * + * @since 3.7.0 + * + * @param bool $upgrade_minor Whether to enable minor automatic core updates. + */ + return apply_filters( 'allow_minor_auto_core_updates', $upgrade_minor ); + } + + // 5: Major version updates (3.7.0 -> 3.8.0 -> 3.9.1). + if ( version_compare( $new_branch, $current_branch, '>' ) ) { + + /** + * Filters whether to enable major automatic core updates. + * + * @since 3.7.0 + * + * @param bool $upgrade_major Whether to enable major automatic core updates. + */ + return apply_filters( 'allow_major_auto_core_updates', $upgrade_major ); + } + + // If we're not sure, we don't want it. + return false; + } + + /** + * Compares the disk file checksums against the expected checksums. + * + * @since 3.7.0 + * + * @global string $wp_version The WordPress version string. + * @global string $wp_local_package Locale code of the package. + * + * @return bool True if the checksums match, otherwise false. + */ + public function check_files() { + global $wp_version, $wp_local_package; + + $checksums = get_core_checksums( $wp_version, isset( $wp_local_package ) ? $wp_local_package : 'en_US' ); + + if ( ! is_array( $checksums ) ) { + return false; + } + + foreach ( $checksums as $file => $checksum ) { + // Skip files which get updated. + if ( str_starts_with( $file, 'wp-content' ) ) { + continue; + } + if ( ! file_exists( ABSPATH . $file ) || md5_file( ABSPATH . $file ) !== $checksum ) { + return false; + } + } + + return true; + } +} diff --git a/wp-admin/includes/class-custom-background.php b/wp-admin/includes/class-custom-background.php new file mode 100644 index 0000000..2eb3ccf --- /dev/null +++ b/wp-admin/includes/class-custom-background.php @@ -0,0 +1,666 @@ +<?php +/** + * The custom background script. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * The custom background class. + * + * @since 3.0.0 + */ +#[AllowDynamicProperties] +class Custom_Background { + + /** + * Callback for administration header. + * + * @var callable + * @since 3.0.0 + */ + public $admin_header_callback; + + /** + * Callback for header div. + * + * @var callable + * @since 3.0.0 + */ + public $admin_image_div_callback; + + /** + * Used to trigger a success message when settings updated and set to true. + * + * @since 3.0.0 + * @var bool + */ + private $updated; + + /** + * Constructor - Registers administration header callback. + * + * @since 3.0.0 + * @param callable $admin_header_callback + * @param callable $admin_image_div_callback Optional custom image div output callback. + */ + public function __construct( $admin_header_callback = '', $admin_image_div_callback = '' ) { + $this->admin_header_callback = $admin_header_callback; + $this->admin_image_div_callback = $admin_image_div_callback; + + add_action( 'admin_menu', array( $this, 'init' ) ); + + add_action( 'wp_ajax_custom-background-add', array( $this, 'ajax_background_add' ) ); + + // Unused since 3.5.0. + add_action( 'wp_ajax_set-background-image', array( $this, 'wp_set_background_image' ) ); + } + + /** + * Sets up the hooks for the Custom Background admin page. + * + * @since 3.0.0 + */ + public function init() { + $page = add_theme_page( + _x( 'Background', 'custom background' ), + _x( 'Background', 'custom background' ), + 'edit_theme_options', + 'custom-background', + array( $this, 'admin_page' ) + ); + + if ( ! $page ) { + return; + } + + add_action( "load-{$page}", array( $this, 'admin_load' ) ); + add_action( "load-{$page}", array( $this, 'take_action' ), 49 ); + add_action( "load-{$page}", array( $this, 'handle_upload' ), 49 ); + + if ( $this->admin_header_callback ) { + add_action( "admin_head-{$page}", $this->admin_header_callback, 51 ); + } + } + + /** + * Sets up the enqueue for the CSS & JavaScript files. + * + * @since 3.0.0 + */ + public function admin_load() { + get_current_screen()->add_help_tab( + array( + 'id' => 'overview', + 'title' => __( 'Overview' ), + 'content' => + '<p>' . __( 'You can customize the look of your site without touching any of your theme’s code by using a custom background. Your background can be an image or a color.' ) . '</p>' . + '<p>' . __( 'To use a background image, simply upload it or choose an image that has already been uploaded to your Media Library by clicking the “Choose Image” button. You can display a single instance of your image, or tile it to fill the screen. You can have your background fixed in place, so your site content moves on top of it, or you can have it scroll with your site.' ) . '</p>' . + '<p>' . __( 'You can also choose a background color by clicking the Select Color button and either typing in a legitimate HTML hex value, e.g. “#ff0000” for red, or by choosing a color using the color picker.' ) . '</p>' . + '<p>' . __( 'Do not forget to click on the Save Changes button when you are finished.' ) . '</p>', + ) + ); + + get_current_screen()->set_help_sidebar( + '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . + '<p>' . __( '<a href="https://codex.wordpress.org/Appearance_Background_Screen">Documentation on Custom Background</a>' ) . '</p>' . + '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' + ); + + wp_enqueue_media(); + wp_enqueue_script( 'custom-background' ); + wp_enqueue_style( 'wp-color-picker' ); + } + + /** + * Executes custom background modification. + * + * @since 3.0.0 + */ + public function take_action() { + if ( empty( $_POST ) ) { + return; + } + + if ( isset( $_POST['reset-background'] ) ) { + check_admin_referer( 'custom-background-reset', '_wpnonce-custom-background-reset' ); + + remove_theme_mod( 'background_image' ); + remove_theme_mod( 'background_image_thumb' ); + + $this->updated = true; + return; + } + + if ( isset( $_POST['remove-background'] ) ) { + // @todo Uploaded files are not removed here. + check_admin_referer( 'custom-background-remove', '_wpnonce-custom-background-remove' ); + + set_theme_mod( 'background_image', '' ); + set_theme_mod( 'background_image_thumb', '' ); + + $this->updated = true; + wp_safe_redirect( $_POST['_wp_http_referer'] ); + return; + } + + if ( isset( $_POST['background-preset'] ) ) { + check_admin_referer( 'custom-background' ); + + if ( in_array( $_POST['background-preset'], array( 'default', 'fill', 'fit', 'repeat', 'custom' ), true ) ) { + $preset = $_POST['background-preset']; + } else { + $preset = 'default'; + } + + set_theme_mod( 'background_preset', $preset ); + } + + if ( isset( $_POST['background-position'] ) ) { + check_admin_referer( 'custom-background' ); + + $position = explode( ' ', $_POST['background-position'] ); + + if ( in_array( $position[0], array( 'left', 'center', 'right' ), true ) ) { + $position_x = $position[0]; + } else { + $position_x = 'left'; + } + + if ( in_array( $position[1], array( 'top', 'center', 'bottom' ), true ) ) { + $position_y = $position[1]; + } else { + $position_y = 'top'; + } + + set_theme_mod( 'background_position_x', $position_x ); + set_theme_mod( 'background_position_y', $position_y ); + } + + if ( isset( $_POST['background-size'] ) ) { + check_admin_referer( 'custom-background' ); + + if ( in_array( $_POST['background-size'], array( 'auto', 'contain', 'cover' ), true ) ) { + $size = $_POST['background-size']; + } else { + $size = 'auto'; + } + + set_theme_mod( 'background_size', $size ); + } + + if ( isset( $_POST['background-repeat'] ) ) { + check_admin_referer( 'custom-background' ); + + $repeat = $_POST['background-repeat']; + + if ( 'no-repeat' !== $repeat ) { + $repeat = 'repeat'; + } + + set_theme_mod( 'background_repeat', $repeat ); + } + + if ( isset( $_POST['background-attachment'] ) ) { + check_admin_referer( 'custom-background' ); + + $attachment = $_POST['background-attachment']; + + if ( 'fixed' !== $attachment ) { + $attachment = 'scroll'; + } + + set_theme_mod( 'background_attachment', $attachment ); + } + + if ( isset( $_POST['background-color'] ) ) { + check_admin_referer( 'custom-background' ); + + $color = preg_replace( '/[^0-9a-fA-F]/', '', $_POST['background-color'] ); + + if ( strlen( $color ) === 6 || strlen( $color ) === 3 ) { + set_theme_mod( 'background_color', $color ); + } else { + set_theme_mod( 'background_color', '' ); + } + } + + $this->updated = true; + } + + /** + * Displays the custom background page. + * + * @since 3.0.0 + */ + public function admin_page() { + ?> +<div class="wrap" id="custom-background"> +<h1><?php _e( 'Custom Background' ); ?></h1> + + <?php + if ( current_user_can( 'customize' ) ) { + $message = sprintf( + /* translators: %s: URL to background image configuration in Customizer. */ + __( 'You can now manage and live-preview Custom Backgrounds in the <a href="%s">Customizer</a>.' ), + admin_url( 'customize.php?autofocus[control]=background_image' ) + ); + wp_admin_notice( + $message, + array( + 'type' => 'info', + 'additional_classes' => array( 'hide-if-no-customize' ), + ) + ); + } + + if ( ! empty( $this->updated ) ) { + $updated_message = sprintf( + /* translators: %s: Home URL. */ + __( 'Background updated. <a href="%s">Visit your site</a> to see how it looks.' ), + esc_url( home_url( '/' ) ) + ); + wp_admin_notice( + $updated_message, + array( + 'id' => 'message', + 'additional_classes' => array( 'updated' ), + ) + ); + } + ?> + +<h2><?php _e( 'Background Image' ); ?></h2> + +<table class="form-table" role="presentation"> +<tbody> +<tr> +<th scope="row"><?php _e( 'Preview' ); ?></th> +<td> + <?php + if ( $this->admin_image_div_callback ) { + call_user_func( $this->admin_image_div_callback ); + } else { + $background_styles = ''; + $bgcolor = get_background_color(); + if ( $bgcolor ) { + $background_styles .= 'background-color: #' . $bgcolor . ';'; + } + + $background_image_thumb = get_background_image(); + if ( $background_image_thumb ) { + $background_image_thumb = esc_url( set_url_scheme( get_theme_mod( 'background_image_thumb', str_replace( '%', '%%', $background_image_thumb ) ) ) ); + $background_position_x = get_theme_mod( 'background_position_x', get_theme_support( 'custom-background', 'default-position-x' ) ); + $background_position_y = get_theme_mod( 'background_position_y', get_theme_support( 'custom-background', 'default-position-y' ) ); + $background_size = get_theme_mod( 'background_size', get_theme_support( 'custom-background', 'default-size' ) ); + $background_repeat = get_theme_mod( 'background_repeat', get_theme_support( 'custom-background', 'default-repeat' ) ); + $background_attachment = get_theme_mod( 'background_attachment', get_theme_support( 'custom-background', 'default-attachment' ) ); + + // Background-image URL must be single quote, see below. + $background_styles .= " background-image: url('$background_image_thumb');" + . " background-size: $background_size;" + . " background-position: $background_position_x $background_position_y;" + . " background-repeat: $background_repeat;" + . " background-attachment: $background_attachment;"; + } + ?> + <div id="custom-background-image" style="<?php echo $background_styles; ?>"><?php // Must be double quote, see above. ?> + <?php if ( $background_image_thumb ) { ?> + <img class="custom-background-image" src="<?php echo $background_image_thumb; ?>" style="visibility:hidden;" alt="" /><br /> + <img class="custom-background-image" src="<?php echo $background_image_thumb; ?>" style="visibility:hidden;" alt="" /> + <?php } ?> + </div> + <?php } ?> +</td> +</tr> + + <?php if ( get_background_image() ) : ?> +<tr> +<th scope="row"><?php _e( 'Remove Image' ); ?></th> +<td> +<form method="post"> + <?php wp_nonce_field( 'custom-background-remove', '_wpnonce-custom-background-remove' ); ?> + <?php submit_button( __( 'Remove Background Image' ), '', 'remove-background', false ); ?><br /> + <?php _e( 'This will remove the background image. You will not be able to restore any customizations.' ); ?> +</form> +</td> +</tr> + <?php endif; ?> + + <?php $default_image = get_theme_support( 'custom-background', 'default-image' ); ?> + <?php if ( $default_image && get_background_image() !== $default_image ) : ?> +<tr> +<th scope="row"><?php _e( 'Restore Original Image' ); ?></th> +<td> +<form method="post"> + <?php wp_nonce_field( 'custom-background-reset', '_wpnonce-custom-background-reset' ); ?> + <?php submit_button( __( 'Restore Original Image' ), '', 'reset-background', false ); ?><br /> + <?php _e( 'This will restore the original background image. You will not be able to restore any customizations.' ); ?> +</form> +</td> +</tr> + <?php endif; ?> + + <?php if ( current_user_can( 'upload_files' ) ) : ?> +<tr> +<th scope="row"><?php _e( 'Select Image' ); ?></th> +<td><form enctype="multipart/form-data" id="upload-form" class="wp-upload-form" method="post"> + <p> + <label for="upload"><?php _e( 'Choose an image from your computer:' ); ?></label><br /> + <input type="file" id="upload" name="import" /> + <input type="hidden" name="action" value="save" /> + <?php wp_nonce_field( 'custom-background-upload', '_wpnonce-custom-background-upload' ); ?> + <?php submit_button( __( 'Upload' ), '', 'submit', false ); ?> + </p> + <p> + <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br /> + <button id="choose-from-library-link" class="button" + data-choose="<?php esc_attr_e( 'Choose a Background Image' ); ?>" + data-update="<?php esc_attr_e( 'Set as background' ); ?>"><?php _e( 'Choose Image' ); ?></button> + </p> + </form> +</td> +</tr> + <?php endif; ?> +</tbody> +</table> + +<h2><?php _e( 'Display Options' ); ?></h2> +<form method="post"> +<table class="form-table" role="presentation"> +<tbody> + <?php if ( get_background_image() ) : ?> +<input name="background-preset" type="hidden" value="custom"> + + <?php + $background_position = sprintf( + '%s %s', + get_theme_mod( 'background_position_x', get_theme_support( 'custom-background', 'default-position-x' ) ), + get_theme_mod( 'background_position_y', get_theme_support( 'custom-background', 'default-position-y' ) ) + ); + + $background_position_options = array( + array( + 'left top' => array( + 'label' => __( 'Top Left' ), + 'icon' => 'dashicons dashicons-arrow-left-alt', + ), + 'center top' => array( + 'label' => __( 'Top' ), + 'icon' => 'dashicons dashicons-arrow-up-alt', + ), + 'right top' => array( + 'label' => __( 'Top Right' ), + 'icon' => 'dashicons dashicons-arrow-right-alt', + ), + ), + array( + 'left center' => array( + 'label' => __( 'Left' ), + 'icon' => 'dashicons dashicons-arrow-left-alt', + ), + 'center center' => array( + 'label' => __( 'Center' ), + 'icon' => 'background-position-center-icon', + ), + 'right center' => array( + 'label' => __( 'Right' ), + 'icon' => 'dashicons dashicons-arrow-right-alt', + ), + ), + array( + 'left bottom' => array( + 'label' => __( 'Bottom Left' ), + 'icon' => 'dashicons dashicons-arrow-left-alt', + ), + 'center bottom' => array( + 'label' => __( 'Bottom' ), + 'icon' => 'dashicons dashicons-arrow-down-alt', + ), + 'right bottom' => array( + 'label' => __( 'Bottom Right' ), + 'icon' => 'dashicons dashicons-arrow-right-alt', + ), + ), + ); + ?> +<tr> +<th scope="row"><?php _e( 'Image Position' ); ?></th> +<td><fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Image Position' ); + ?> +</span></legend> +<div class="background-position-control"> + <?php foreach ( $background_position_options as $group ) : ?> + <div class="button-group"> + <?php foreach ( $group as $value => $input ) : ?> + <label> + <input class="ui-helper-hidden-accessible" name="background-position" type="radio" value="<?php echo esc_attr( $value ); ?>"<?php checked( $value, $background_position ); ?>> + <span class="button display-options position"><span class="<?php echo esc_attr( $input['icon'] ); ?>" aria-hidden="true"></span></span> + <span class="screen-reader-text"><?php echo $input['label']; ?></span> + </label> + <?php endforeach; ?> + </div> +<?php endforeach; ?> +</div> +</fieldset></td> +</tr> + +<tr> +<th scope="row"><label for="background-size"><?php _e( 'Image Size' ); ?></label></th> +<td><fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Image Size' ); + ?> +</span></legend> +<select id="background-size" name="background-size"> +<option value="auto"<?php selected( 'auto', get_theme_mod( 'background_size', get_theme_support( 'custom-background', 'default-size' ) ) ); ?>><?php _ex( 'Original', 'Original Size' ); ?></option> +<option value="contain"<?php selected( 'contain', get_theme_mod( 'background_size', get_theme_support( 'custom-background', 'default-size' ) ) ); ?>><?php _e( 'Fit to Screen' ); ?></option> +<option value="cover"<?php selected( 'cover', get_theme_mod( 'background_size', get_theme_support( 'custom-background', 'default-size' ) ) ); ?>><?php _e( 'Fill Screen' ); ?></option> +</select> +</fieldset></td> +</tr> + +<tr> +<th scope="row"><?php _ex( 'Repeat', 'Background Repeat' ); ?></th> +<td><fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _ex( 'Repeat', 'Background Repeat' ); + ?> +</span></legend> +<input name="background-repeat" type="hidden" value="no-repeat"> +<label><input type="checkbox" name="background-repeat" value="repeat"<?php checked( 'repeat', get_theme_mod( 'background_repeat', get_theme_support( 'custom-background', 'default-repeat' ) ) ); ?>> <?php _e( 'Repeat Background Image' ); ?></label> +</fieldset></td> +</tr> + +<tr> +<th scope="row"><?php _ex( 'Scroll', 'Background Scroll' ); ?></th> +<td><fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _ex( 'Scroll', 'Background Scroll' ); + ?> +</span></legend> +<input name="background-attachment" type="hidden" value="fixed"> +<label><input name="background-attachment" type="checkbox" value="scroll" <?php checked( 'scroll', get_theme_mod( 'background_attachment', get_theme_support( 'custom-background', 'default-attachment' ) ) ); ?>> <?php _e( 'Scroll with Page' ); ?></label> +</fieldset></td> +</tr> +<?php endif; // get_background_image() ?> +<tr> +<th scope="row"><?php _e( 'Background Color' ); ?></th> +<td><fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Background Color' ); + ?> +</span></legend> + <?php + $default_color = ''; + if ( current_theme_supports( 'custom-background', 'default-color' ) ) { + $default_color = ' data-default-color="#' . esc_attr( get_theme_support( 'custom-background', 'default-color' ) ) . '"'; + } + ?> +<input type="text" name="background-color" id="background-color" value="#<?php echo esc_attr( get_background_color() ); ?>"<?php echo $default_color; ?>> +</fieldset></td> +</tr> +</tbody> +</table> + + <?php wp_nonce_field( 'custom-background' ); ?> + <?php submit_button( null, 'primary', 'save-background-options' ); ?> +</form> + +</div> + <?php + } + + /** + * Handles an Image upload for the background image. + * + * @since 3.0.0 + */ + public function handle_upload() { + if ( empty( $_FILES ) ) { + return; + } + + check_admin_referer( 'custom-background-upload', '_wpnonce-custom-background-upload' ); + + $overrides = array( 'test_form' => false ); + + $uploaded_file = $_FILES['import']; + $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); + if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { + wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) ); + } + + $file = wp_handle_upload( $uploaded_file, $overrides ); + + if ( isset( $file['error'] ) ) { + wp_die( $file['error'] ); + } + + $url = $file['url']; + $type = $file['type']; + $file = $file['file']; + $filename = wp_basename( $file ); + + // Construct the attachment array. + $attachment = array( + 'post_title' => $filename, + 'post_content' => $url, + 'post_mime_type' => $type, + 'guid' => $url, + 'context' => 'custom-background', + ); + + // Save the data. + $id = wp_insert_attachment( $attachment, $file ); + + // Add the metadata. + wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); + update_post_meta( $id, '_wp_attachment_is_custom_background', get_option( 'stylesheet' ) ); + + set_theme_mod( 'background_image', sanitize_url( $url ) ); + + $thumbnail = wp_get_attachment_image_src( $id, 'thumbnail' ); + set_theme_mod( 'background_image_thumb', sanitize_url( $thumbnail[0] ) ); + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $file = apply_filters( 'wp_create_file_in_uploads', $file, $id ); // For replication. + + $this->updated = true; + } + + /** + * Handles Ajax request for adding custom background context to an attachment. + * + * Triggers when the user adds a new background image from the + * Media Manager. + * + * @since 4.1.0 + */ + public function ajax_background_add() { + check_ajax_referer( 'background-add', 'nonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_send_json_error(); + } + + $attachment_id = absint( $_POST['attachment_id'] ); + if ( $attachment_id < 1 ) { + wp_send_json_error(); + } + + update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_stylesheet() ); + + wp_send_json_success(); + } + + /** + * @since 3.4.0 + * @deprecated 3.5.0 + * + * @param array $form_fields + * @return array $form_fields + */ + public function attachment_fields_to_edit( $form_fields ) { + return $form_fields; + } + + /** + * @since 3.4.0 + * @deprecated 3.5.0 + * + * @param array $tabs + * @return array $tabs + */ + public function filter_upload_tabs( $tabs ) { + return $tabs; + } + + /** + * @since 3.4.0 + * @deprecated 3.5.0 + */ + public function wp_set_background_image() { + check_ajax_referer( 'custom-background' ); + + if ( ! current_user_can( 'edit_theme_options' ) || ! isset( $_POST['attachment_id'] ) ) { + exit; + } + + $attachment_id = absint( $_POST['attachment_id'] ); + + $sizes = array_keys( + /** This filter is documented in wp-admin/includes/media.php */ + apply_filters( + 'image_size_names_choose', + array( + 'thumbnail' => __( 'Thumbnail' ), + 'medium' => __( 'Medium' ), + 'large' => __( 'Large' ), + 'full' => __( 'Full Size' ), + ) + ) + ); + + $size = 'thumbnail'; + if ( in_array( $_POST['size'], $sizes, true ) ) { + $size = esc_attr( $_POST['size'] ); + } + + update_post_meta( $attachment_id, '_wp_attachment_is_custom_background', get_option( 'stylesheet' ) ); + + $url = wp_get_attachment_image_src( $attachment_id, $size ); + $thumbnail = wp_get_attachment_image_src( $attachment_id, 'thumbnail' ); + set_theme_mod( 'background_image', sanitize_url( $url[0] ) ); + set_theme_mod( 'background_image_thumb', sanitize_url( $thumbnail[0] ) ); + exit; + } +} diff --git a/wp-admin/includes/class-custom-image-header.php b/wp-admin/includes/class-custom-image-header.php new file mode 100644 index 0000000..ee3bcb1 --- /dev/null +++ b/wp-admin/includes/class-custom-image-header.php @@ -0,0 +1,1617 @@ +<?php +/** + * The custom header image script. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * The custom header image class. + * + * @since 2.1.0 + */ +#[AllowDynamicProperties] +class Custom_Image_Header { + + /** + * Callback for administration header. + * + * @var callable + * @since 2.1.0 + */ + public $admin_header_callback; + + /** + * Callback for header div. + * + * @var callable + * @since 3.0.0 + */ + public $admin_image_div_callback; + + /** + * Holds default headers. + * + * @var array + * @since 3.0.0 + */ + public $default_headers = array(); + + /** + * Used to trigger a success message when settings updated and set to true. + * + * @since 3.0.0 + * @var bool + */ + private $updated; + + /** + * Constructor - Register administration header callback. + * + * @since 2.1.0 + * @param callable $admin_header_callback + * @param callable $admin_image_div_callback Optional custom image div output callback. + */ + public function __construct( $admin_header_callback, $admin_image_div_callback = '' ) { + $this->admin_header_callback = $admin_header_callback; + $this->admin_image_div_callback = $admin_image_div_callback; + + add_action( 'admin_menu', array( $this, 'init' ) ); + + add_action( 'customize_save_after', array( $this, 'customize_set_last_used' ) ); + add_action( 'wp_ajax_custom-header-crop', array( $this, 'ajax_header_crop' ) ); + add_action( 'wp_ajax_custom-header-add', array( $this, 'ajax_header_add' ) ); + add_action( 'wp_ajax_custom-header-remove', array( $this, 'ajax_header_remove' ) ); + } + + /** + * Sets up the hooks for the Custom Header admin page. + * + * @since 2.1.0 + */ + public function init() { + $page = add_theme_page( + _x( 'Header', 'custom image header' ), + _x( 'Header', 'custom image header' ), + 'edit_theme_options', + 'custom-header', + array( $this, 'admin_page' ) + ); + + if ( ! $page ) { + return; + } + + add_action( "admin_print_scripts-{$page}", array( $this, 'js_includes' ) ); + add_action( "admin_print_styles-{$page}", array( $this, 'css_includes' ) ); + add_action( "admin_head-{$page}", array( $this, 'help' ) ); + add_action( "admin_head-{$page}", array( $this, 'take_action' ), 50 ); + add_action( "admin_head-{$page}", array( $this, 'js' ), 50 ); + + if ( $this->admin_header_callback ) { + add_action( "admin_head-{$page}", $this->admin_header_callback, 51 ); + } + } + + /** + * Adds contextual help. + * + * @since 3.0.0 + */ + public function help() { + get_current_screen()->add_help_tab( + array( + 'id' => 'overview', + 'title' => __( 'Overview' ), + 'content' => + '<p>' . __( 'This screen is used to customize the header section of your theme.' ) . '</p>' . + '<p>' . __( 'You can choose from the theme’s default header images, or use one of your own. You can also customize how your Site Title and Tagline are displayed.' ) . '<p>', + ) + ); + + get_current_screen()->add_help_tab( + array( + 'id' => 'set-header-image', + 'title' => __( 'Header Image' ), + 'content' => + '<p>' . __( 'You can set a custom image header for your site. Simply upload the image and crop it, and the new header will go live immediately. Alternatively, you can use an image that has already been uploaded to your Media Library by clicking the “Choose Image” button.' ) . '</p>' . + '<p>' . __( 'Some themes come with additional header images bundled. If you see multiple images displayed, select the one you would like and click the “Save Changes” button.' ) . '</p>' . + '<p>' . __( 'If your theme has more than one default header image, or you have uploaded more than one custom header image, you have the option of having WordPress display a randomly different image on each page of your site. Click the “Random” radio button next to the Uploaded Images or Default Images section to enable this feature.' ) . '</p>' . + '<p>' . __( 'If you do not want a header image to be displayed on your site at all, click the “Remove Header Image” button at the bottom of the Header Image section of this page. If you want to re-enable the header image later, you just have to select one of the other image options and click “Save Changes”.' ) . '</p>', + ) + ); + + get_current_screen()->add_help_tab( + array( + 'id' => 'set-header-text', + 'title' => __( 'Header Text' ), + 'content' => + '<p>' . sprintf( + /* translators: %s: URL to General Settings screen. */ + __( 'For most themes, the header text is your Site Title and Tagline, as defined in the <a href="%s">General Settings</a> section.' ), + admin_url( 'options-general.php' ) + ) . + '</p>' . + '<p>' . __( 'In the Header Text section of this page, you can choose whether to display this text or hide it. You can also choose a color for the text by clicking the Select Color button and either typing in a legitimate HTML hex value, e.g. “#ff0000” for red, or by choosing a color using the color picker.' ) . '</p>' . + '<p>' . __( 'Do not forget to click “Save Changes” when you are done!' ) . '</p>', + ) + ); + + get_current_screen()->set_help_sidebar( + '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . + '<p>' . __( '<a href="https://codex.wordpress.org/Appearance_Header_Screen">Documentation on Custom Header</a>' ) . '</p>' . + '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>' + ); + } + + /** + * Gets the current step. + * + * @since 2.6.0 + * + * @return int Current step. + */ + public function step() { + if ( ! isset( $_GET['step'] ) ) { + return 1; + } + + $step = (int) $_GET['step']; + if ( $step < 1 || 3 < $step || + ( 2 === $step && ! wp_verify_nonce( $_REQUEST['_wpnonce-custom-header-upload'], 'custom-header-upload' ) ) || + ( 3 === $step && ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'custom-header-crop-image' ) ) + ) { + return 1; + } + + return $step; + } + + /** + * Sets up the enqueue for the JavaScript files. + * + * @since 2.1.0 + */ + public function js_includes() { + $step = $this->step(); + + if ( ( 1 === $step || 3 === $step ) ) { + wp_enqueue_media(); + wp_enqueue_script( 'custom-header' ); + if ( current_theme_supports( 'custom-header', 'header-text' ) ) { + wp_enqueue_script( 'wp-color-picker' ); + } + } elseif ( 2 === $step ) { + wp_enqueue_script( 'imgareaselect' ); + } + } + + /** + * Sets up the enqueue for the CSS files. + * + * @since 2.7.0 + */ + public function css_includes() { + $step = $this->step(); + + if ( ( 1 === $step || 3 === $step ) && current_theme_supports( 'custom-header', 'header-text' ) ) { + wp_enqueue_style( 'wp-color-picker' ); + } elseif ( 2 === $step ) { + wp_enqueue_style( 'imgareaselect' ); + } + } + + /** + * Executes custom header modification. + * + * @since 2.6.0 + */ + public function take_action() { + if ( ! current_user_can( 'edit_theme_options' ) ) { + return; + } + + if ( empty( $_POST ) ) { + return; + } + + $this->updated = true; + + if ( isset( $_POST['resetheader'] ) ) { + check_admin_referer( 'custom-header-options', '_wpnonce-custom-header-options' ); + + $this->reset_header_image(); + + return; + } + + if ( isset( $_POST['removeheader'] ) ) { + check_admin_referer( 'custom-header-options', '_wpnonce-custom-header-options' ); + + $this->remove_header_image(); + + return; + } + + if ( isset( $_POST['text-color'] ) && ! isset( $_POST['display-header-text'] ) ) { + check_admin_referer( 'custom-header-options', '_wpnonce-custom-header-options' ); + + set_theme_mod( 'header_textcolor', 'blank' ); + } elseif ( isset( $_POST['text-color'] ) ) { + check_admin_referer( 'custom-header-options', '_wpnonce-custom-header-options' ); + + $_POST['text-color'] = str_replace( '#', '', $_POST['text-color'] ); + + $color = preg_replace( '/[^0-9a-fA-F]/', '', $_POST['text-color'] ); + + if ( strlen( $color ) === 6 || strlen( $color ) === 3 ) { + set_theme_mod( 'header_textcolor', $color ); + } elseif ( ! $color ) { + set_theme_mod( 'header_textcolor', 'blank' ); + } + } + + if ( isset( $_POST['default-header'] ) ) { + check_admin_referer( 'custom-header-options', '_wpnonce-custom-header-options' ); + + $this->set_header_image( $_POST['default-header'] ); + + return; + } + } + + /** + * Processes the default headers. + * + * @since 3.0.0 + * + * @global array $_wp_default_headers + */ + public function process_default_headers() { + global $_wp_default_headers; + + if ( ! isset( $_wp_default_headers ) ) { + return; + } + + if ( ! empty( $this->default_headers ) ) { + return; + } + + $this->default_headers = $_wp_default_headers; + $template_directory_uri = get_template_directory_uri(); + $stylesheet_directory_uri = get_stylesheet_directory_uri(); + + foreach ( array_keys( $this->default_headers ) as $header ) { + $this->default_headers[ $header ]['url'] = sprintf( + $this->default_headers[ $header ]['url'], + $template_directory_uri, + $stylesheet_directory_uri + ); + + $this->default_headers[ $header ]['thumbnail_url'] = sprintf( + $this->default_headers[ $header ]['thumbnail_url'], + $template_directory_uri, + $stylesheet_directory_uri + ); + } + } + + /** + * Displays UI for selecting one of several default headers. + * + * Shows the random image option if this theme has multiple header images. + * Random image option is on by default if no header has been set. + * + * @since 3.0.0 + * + * @param string $type The header type. One of 'default' (for the Uploaded Images control) + * or 'uploaded' (for the Uploaded Images control). + */ + public function show_header_selector( $type = 'default' ) { + if ( 'default' === $type ) { + $headers = $this->default_headers; + } else { + $headers = get_uploaded_header_images(); + $type = 'uploaded'; + } + + if ( 1 < count( $headers ) ) { + echo '<div class="random-header">'; + echo '<label><input name="default-header" type="radio" value="random-' . $type . '-image"' . checked( is_random_header_image( $type ), true, false ) . ' />'; + _e( '<strong>Random:</strong> Show a different image on each page.' ); + echo '</label>'; + echo '</div>'; + } + + echo '<div class="available-headers">'; + + foreach ( $headers as $header_key => $header ) { + $header_thumbnail = $header['thumbnail_url']; + $header_url = $header['url']; + $header_alt_text = empty( $header['alt_text'] ) ? '' : $header['alt_text']; + + echo '<div class="default-header">'; + echo '<label><input name="default-header" type="radio" value="' . esc_attr( $header_key ) . '" ' . checked( $header_url, get_theme_mod( 'header_image' ), false ) . ' />'; + $width = ''; + if ( ! empty( $header['attachment_id'] ) ) { + $width = ' width="230"'; + } + echo '<img src="' . esc_url( set_url_scheme( $header_thumbnail ) ) . '" alt="' . esc_attr( $header_alt_text ) . '"' . $width . ' /></label>'; + echo '</div>'; + } + + echo '<div class="clear"></div></div>'; + } + + /** + * Executes JavaScript depending on step. + * + * @since 2.1.0 + */ + public function js() { + $step = $this->step(); + + if ( ( 1 === $step || 3 === $step ) && current_theme_supports( 'custom-header', 'header-text' ) ) { + $this->js_1(); + } elseif ( 2 === $step ) { + $this->js_2(); + } + } + + /** + * Displays JavaScript based on Step 1 and 3. + * + * @since 2.6.0 + */ + public function js_1() { + $default_color = ''; + if ( current_theme_supports( 'custom-header', 'default-text-color' ) ) { + $default_color = get_theme_support( 'custom-header', 'default-text-color' ); + if ( $default_color && ! str_contains( $default_color, '#' ) ) { + $default_color = '#' . $default_color; + } + } + ?> +<script type="text/javascript"> +(function($){ + var default_color = '<?php echo esc_js( $default_color ); ?>', + header_text_fields; + + function pickColor(color) { + $('#name').css('color', color); + $('#desc').css('color', color); + $('#text-color').val(color); + } + + function toggle_text() { + var checked = $('#display-header-text').prop('checked'), + text_color; + header_text_fields.toggle( checked ); + if ( ! checked ) + return; + text_color = $('#text-color'); + if ( '' === text_color.val().replace('#', '') ) { + text_color.val( default_color ); + pickColor( default_color ); + } else { + pickColor( text_color.val() ); + } + } + + $( function() { + var text_color = $('#text-color'); + header_text_fields = $('.displaying-header-text'); + text_color.wpColorPicker({ + change: function( event, ui ) { + pickColor( text_color.wpColorPicker('color') ); + }, + clear: function() { + pickColor( '' ); + } + }); + $('#display-header-text').click( toggle_text ); + <?php if ( ! display_header_text() ) : ?> + toggle_text(); + <?php endif; ?> + } ); +})(jQuery); +</script> + <?php + } + + /** + * Displays JavaScript based on Step 2. + * + * @since 2.6.0 + */ + public function js_2() { + + ?> +<script type="text/javascript"> + function onEndCrop( coords ) { + jQuery( '#x1' ).val(coords.x); + jQuery( '#y1' ).val(coords.y); + jQuery( '#width' ).val(coords.w); + jQuery( '#height' ).val(coords.h); + } + + jQuery( function() { + var xinit = <?php echo absint( get_theme_support( 'custom-header', 'width' ) ); ?>; + var yinit = <?php echo absint( get_theme_support( 'custom-header', 'height' ) ); ?>; + var ratio = xinit / yinit; + var ximg = jQuery('img#upload').width(); + var yimg = jQuery('img#upload').height(); + + if ( yimg < yinit || ximg < xinit ) { + if ( ximg / yimg > ratio ) { + yinit = yimg; + xinit = yinit * ratio; + } else { + xinit = ximg; + yinit = xinit / ratio; + } + } + + jQuery('img#upload').imgAreaSelect({ + handles: true, + keys: true, + show: true, + x1: 0, + y1: 0, + x2: xinit, + y2: yinit, + <?php + if ( ! current_theme_supports( 'custom-header', 'flex-height' ) + && ! current_theme_supports( 'custom-header', 'flex-width' ) + ) { + ?> + aspectRatio: xinit + ':' + yinit, + <?php + } + if ( ! current_theme_supports( 'custom-header', 'flex-height' ) ) { + ?> + maxHeight: <?php echo get_theme_support( 'custom-header', 'height' ); ?>, + <?php + } + if ( ! current_theme_supports( 'custom-header', 'flex-width' ) ) { + ?> + maxWidth: <?php echo get_theme_support( 'custom-header', 'width' ); ?>, + <?php + } + ?> + onInit: function () { + jQuery('#width').val(xinit); + jQuery('#height').val(yinit); + }, + onSelectChange: function(img, c) { + jQuery('#x1').val(c.x1); + jQuery('#y1').val(c.y1); + jQuery('#width').val(c.width); + jQuery('#height').val(c.height); + } + }); + } ); +</script> + <?php + } + + /** + * Displays first step of custom header image page. + * + * @since 2.1.0 + */ + public function step_1() { + $this->process_default_headers(); + ?> + +<div class="wrap"> +<h1><?php _e( 'Custom Header' ); ?></h1> + + <?php + if ( current_user_can( 'customize' ) ) { + $message = sprintf( + /* translators: %s: URL to header image configuration in Customizer. */ + __( 'You can now manage and live-preview Custom Header in the <a href="%s">Customizer</a>.' ), + admin_url( 'customize.php?autofocus[control]=header_image' ) + ); + wp_admin_notice( + $message, + array( + 'type' => 'info', + 'additional_classes' => array( 'hide-if-no-customize' ), + ) + ); + } + + if ( ! empty( $this->updated ) ) { + $updated_message = sprintf( + /* translators: %s: Home URL. */ + __( 'Header updated. <a href="%s">Visit your site</a> to see how it looks.' ), + esc_url( home_url( '/' ) ) + ); + wp_admin_notice( + $updated_message, + array( + 'id' => 'message', + 'additional_classes' => array( 'updated' ), + ) + ); + } + ?> + +<h2><?php _e( 'Header Image' ); ?></h2> + +<table class="form-table" role="presentation"> +<tbody> + + <?php if ( get_custom_header() || display_header_text() ) : ?> +<tr> +<th scope="row"><?php _e( 'Preview' ); ?></th> +<td> + <?php + if ( $this->admin_image_div_callback ) { + call_user_func( $this->admin_image_div_callback ); + } else { + $custom_header = get_custom_header(); + $header_image = get_header_image(); + + if ( $header_image ) { + $header_image_style = 'background-image:url(' . esc_url( $header_image ) . ');'; + } else { + $header_image_style = ''; + } + + if ( $custom_header->width ) { + $header_image_style .= 'max-width:' . $custom_header->width . 'px;'; + } + if ( $custom_header->height ) { + $header_image_style .= 'height:' . $custom_header->height . 'px;'; + } + ?> + <div id="headimg" style="<?php echo $header_image_style; ?>"> + <?php + if ( display_header_text() ) { + $style = ' style="color:#' . get_header_textcolor() . ';"'; + } else { + $style = ' style="display:none;"'; + } + ?> + <h1><a id="name" class="displaying-header-text" <?php echo $style; ?> onclick="return false;" href="<?php bloginfo( 'url' ); ?>" tabindex="-1"><?php bloginfo( 'name' ); ?></a></h1> + <div id="desc" class="displaying-header-text" <?php echo $style; ?>><?php bloginfo( 'description' ); ?></div> + </div> + <?php } ?> +</td> +</tr> + <?php endif; ?> + + <?php if ( current_user_can( 'upload_files' ) && current_theme_supports( 'custom-header', 'uploads' ) ) : ?> +<tr> +<th scope="row"><?php _e( 'Select Image' ); ?></th> +<td> + <p><?php _e( 'You can select an image to be shown at the top of your site by uploading from your computer or choosing from your media library. After selecting an image you will be able to crop it.' ); ?><br /> + <?php + if ( ! current_theme_supports( 'custom-header', 'flex-height' ) + && ! current_theme_supports( 'custom-header', 'flex-width' ) + ) { + printf( + /* translators: 1: Image width in pixels, 2: Image height in pixels. */ + __( 'Images of exactly <strong>%1$d × %2$d pixels</strong> will be used as-is.' ) . '<br />', + get_theme_support( 'custom-header', 'width' ), + get_theme_support( 'custom-header', 'height' ) + ); + } elseif ( current_theme_supports( 'custom-header', 'flex-height' ) ) { + if ( ! current_theme_supports( 'custom-header', 'flex-width' ) ) { + printf( + /* translators: %s: Size in pixels. */ + __( 'Images should be at least %s wide.' ) . ' ', + sprintf( + /* translators: %d: Custom header width. */ + '<strong>' . __( '%d pixels' ) . '</strong>', + get_theme_support( 'custom-header', 'width' ) + ) + ); + } + } elseif ( current_theme_supports( 'custom-header', 'flex-width' ) ) { + if ( ! current_theme_supports( 'custom-header', 'flex-height' ) ) { + printf( + /* translators: %s: Size in pixels. */ + __( 'Images should be at least %s tall.' ) . ' ', + sprintf( + /* translators: %d: Custom header height. */ + '<strong>' . __( '%d pixels' ) . '</strong>', + get_theme_support( 'custom-header', 'height' ) + ) + ); + } + } + + if ( current_theme_supports( 'custom-header', 'flex-height' ) + || current_theme_supports( 'custom-header', 'flex-width' ) + ) { + if ( current_theme_supports( 'custom-header', 'width' ) ) { + printf( + /* translators: %s: Size in pixels. */ + __( 'Suggested width is %s.' ) . ' ', + sprintf( + /* translators: %d: Custom header width. */ + '<strong>' . __( '%d pixels' ) . '</strong>', + get_theme_support( 'custom-header', 'width' ) + ) + ); + } + + if ( current_theme_supports( 'custom-header', 'height' ) ) { + printf( + /* translators: %s: Size in pixels. */ + __( 'Suggested height is %s.' ) . ' ', + sprintf( + /* translators: %d: Custom header height. */ + '<strong>' . __( '%d pixels' ) . '</strong>', + get_theme_support( 'custom-header', 'height' ) + ) + ); + } + } + ?> + </p> + <form enctype="multipart/form-data" id="upload-form" class="wp-upload-form" method="post" action="<?php echo esc_url( add_query_arg( 'step', 2 ) ); ?>"> + <p> + <label for="upload"><?php _e( 'Choose an image from your computer:' ); ?></label><br /> + <input type="file" id="upload" name="import" /> + <input type="hidden" name="action" value="save" /> + <?php wp_nonce_field( 'custom-header-upload', '_wpnonce-custom-header-upload' ); ?> + <?php submit_button( __( 'Upload' ), '', 'submit', false ); ?> + </p> + <?php + $modal_update_href = add_query_arg( + array( + 'page' => 'custom-header', + 'step' => 2, + '_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ), + ), + admin_url( 'themes.php' ) + ); + ?> + <p> + <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br /> + <button id="choose-from-library-link" class="button" + data-update-link="<?php echo esc_url( $modal_update_href ); ?>" + data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>" + data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button> + </p> + </form> +</td> +</tr> + <?php endif; ?> +</tbody> +</table> + +<form method="post" action="<?php echo esc_url( add_query_arg( 'step', 1 ) ); ?>"> + <?php submit_button( null, 'screen-reader-text', 'save-header-options', false ); ?> +<table class="form-table" role="presentation"> +<tbody> + <?php if ( get_uploaded_header_images() ) : ?> +<tr> +<th scope="row"><?php _e( 'Uploaded Images' ); ?></th> +<td> + <p><?php _e( 'You can choose one of your previously uploaded headers, or show a random one.' ); ?></p> + <?php + $this->show_header_selector( 'uploaded' ); + ?> +</td> +</tr> + <?php + endif; + if ( ! empty( $this->default_headers ) ) : + ?> +<tr> +<th scope="row"><?php _e( 'Default Images' ); ?></th> +<td> + <?php if ( current_theme_supports( 'custom-header', 'uploads' ) ) : ?> + <p><?php _e( 'If you do not want to upload your own image, you can use one of these cool headers, or show a random one.' ); ?></p> + <?php else : ?> + <p><?php _e( 'You can use one of these cool headers or show a random one on each page.' ); ?></p> + <?php endif; ?> + <?php + $this->show_header_selector( 'default' ); + ?> +</td> +</tr> + <?php + endif; + if ( get_header_image() ) : + ?> +<tr> +<th scope="row"><?php _e( 'Remove Image' ); ?></th> +<td> + <p><?php _e( 'This will remove the header image. You will not be able to restore any customizations.' ); ?></p> + <?php submit_button( __( 'Remove Header Image' ), '', 'removeheader', false ); ?> +</td> +</tr> + <?php + endif; + + $default_image = sprintf( + get_theme_support( 'custom-header', 'default-image' ), + get_template_directory_uri(), + get_stylesheet_directory_uri() + ); + + if ( $default_image && get_header_image() !== $default_image ) : + ?> +<tr> +<th scope="row"><?php _e( 'Reset Image' ); ?></th> +<td> + <p><?php _e( 'This will restore the original header image. You will not be able to restore any customizations.' ); ?></p> + <?php submit_button( __( 'Restore Original Header Image' ), '', 'resetheader', false ); ?> +</td> +</tr> + <?php endif; ?> +</tbody> +</table> + + <?php if ( current_theme_supports( 'custom-header', 'header-text' ) ) : ?> + +<h2><?php _e( 'Header Text' ); ?></h2> + +<table class="form-table" role="presentation"> +<tbody> +<tr> +<th scope="row"><?php _e( 'Header Text' ); ?></th> +<td> + <p> + <label><input type="checkbox" name="display-header-text" id="display-header-text"<?php checked( display_header_text() ); ?> /> <?php _e( 'Show header text with your image.' ); ?></label> + </p> +</td> +</tr> + +<tr class="displaying-header-text"> +<th scope="row"><?php _e( 'Text Color' ); ?></th> +<td> + <p> + <?php + $default_color = ''; + if ( current_theme_supports( 'custom-header', 'default-text-color' ) ) { + $default_color = get_theme_support( 'custom-header', 'default-text-color' ); + if ( $default_color && ! str_contains( $default_color, '#' ) ) { + $default_color = '#' . $default_color; + } + } + + $default_color_attr = $default_color ? ' data-default-color="' . esc_attr( $default_color ) . '"' : ''; + + $header_textcolor = display_header_text() ? get_header_textcolor() : get_theme_support( 'custom-header', 'default-text-color' ); + if ( $header_textcolor && ! str_contains( $header_textcolor, '#' ) ) { + $header_textcolor = '#' . $header_textcolor; + } + + echo '<input type="text" name="text-color" id="text-color" value="' . esc_attr( $header_textcolor ) . '"' . $default_color_attr . ' />'; + if ( $default_color ) { + /* translators: %s: Default text color. */ + echo ' <span class="description hide-if-js">' . sprintf( _x( 'Default: %s', 'color' ), esc_html( $default_color ) ) . '</span>'; + } + ?> + </p> +</td> +</tr> +</tbody> +</table> + <?php +endif; + + /** + * Fires just before the submit button in the custom header options form. + * + * @since 3.1.0 + */ + do_action( 'custom_header_options' ); + + wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); + ?> + + <?php submit_button( null, 'primary', 'save-header-options' ); ?> +</form> +</div> + + <?php + } + + /** + * Displays second step of custom header image page. + * + * @since 2.1.0 + */ + public function step_2() { + check_admin_referer( 'custom-header-upload', '_wpnonce-custom-header-upload' ); + + if ( ! current_theme_supports( 'custom-header', 'uploads' ) ) { + wp_die( + '<h1>' . __( 'Something went wrong.' ) . '</h1>' . + '<p>' . __( 'The active theme does not support uploading a custom header image.' ) . '</p>', + 403 + ); + } + + if ( empty( $_POST ) && isset( $_GET['file'] ) ) { + $attachment_id = absint( $_GET['file'] ); + $file = get_attached_file( $attachment_id, true ); + $url = wp_get_attachment_image_src( $attachment_id, 'full' ); + $url = $url[0]; + } elseif ( isset( $_POST ) ) { + $data = $this->step_2_manage_upload(); + $attachment_id = $data['attachment_id']; + $file = $data['file']; + $url = $data['url']; + } + + if ( file_exists( $file ) ) { + list( $width, $height, $type, $attr ) = wp_getimagesize( $file ); + } else { + $data = wp_get_attachment_metadata( $attachment_id ); + $height = isset( $data['height'] ) ? (int) $data['height'] : 0; + $width = isset( $data['width'] ) ? (int) $data['width'] : 0; + unset( $data ); + } + + $max_width = 0; + + // For flex, limit size of image displayed to 1500px unless theme says otherwise. + if ( current_theme_supports( 'custom-header', 'flex-width' ) ) { + $max_width = 1500; + } + + if ( current_theme_supports( 'custom-header', 'max-width' ) ) { + $max_width = max( $max_width, get_theme_support( 'custom-header', 'max-width' ) ); + } + + $max_width = max( $max_width, get_theme_support( 'custom-header', 'width' ) ); + + // If flexible height isn't supported and the image is the exact right size. + if ( ! current_theme_supports( 'custom-header', 'flex-height' ) + && ! current_theme_supports( 'custom-header', 'flex-width' ) + && (int) get_theme_support( 'custom-header', 'width' ) === $width + && (int) get_theme_support( 'custom-header', 'height' ) === $height + ) { + // Add the metadata. + if ( file_exists( $file ) ) { + wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); + } + + $this->set_header_image( compact( 'url', 'attachment_id', 'width', 'height' ) ); + + /** + * Filters the attachment file path after the custom header or background image is set. + * + * Used for file replication. + * + * @since 2.1.0 + * + * @param string $file Path to the file. + * @param int $attachment_id Attachment ID. + */ + $file = apply_filters( 'wp_create_file_in_uploads', $file, $attachment_id ); // For replication. + + return $this->finished(); + } elseif ( $width > $max_width ) { + $oitar = $width / $max_width; + + $image = wp_crop_image( + $attachment_id, + 0, + 0, + $width, + $height, + $max_width, + $height / $oitar, + false, + str_replace( wp_basename( $file ), 'midsize-' . wp_basename( $file ), $file ) + ); + + if ( ! $image || is_wp_error( $image ) ) { + wp_die( __( 'Image could not be processed. Please go back and try again.' ), __( 'Image Processing Error' ) ); + } + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $image = apply_filters( 'wp_create_file_in_uploads', $image, $attachment_id ); // For replication. + + $url = str_replace( wp_basename( $url ), wp_basename( $image ), $url ); + $width = $width / $oitar; + $height = $height / $oitar; + } else { + $oitar = 1; + } + ?> + +<div class="wrap"> +<h1><?php _e( 'Crop Header Image' ); ?></h1> + +<form method="post" action="<?php echo esc_url( add_query_arg( 'step', 3 ) ); ?>"> + <p class="hide-if-no-js"><?php _e( 'Choose the part of the image you want to use as your header.' ); ?></p> + <p class="hide-if-js"><strong><?php _e( 'You need JavaScript to choose a part of the image.' ); ?></strong></p> + + <div id="crop_image" style="position: relative"> + <img src="<?php echo esc_url( $url ); ?>" id="upload" width="<?php echo $width; ?>" height="<?php echo $height; ?>" alt="" /> + </div> + + <input type="hidden" name="x1" id="x1" value="0" /> + <input type="hidden" name="y1" id="y1" value="0" /> + <input type="hidden" name="width" id="width" value="<?php echo esc_attr( $width ); ?>" /> + <input type="hidden" name="height" id="height" value="<?php echo esc_attr( $height ); ?>" /> + <input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo esc_attr( $attachment_id ); ?>" /> + <input type="hidden" name="oitar" id="oitar" value="<?php echo esc_attr( $oitar ); ?>" /> + <?php if ( empty( $_POST ) && isset( $_GET['file'] ) ) { ?> + <input type="hidden" name="create-new-attachment" value="true" /> + <?php } ?> + <?php wp_nonce_field( 'custom-header-crop-image' ); ?> + + <p class="submit"> + <?php submit_button( __( 'Crop and Publish' ), 'primary', 'submit', false ); ?> + <?php + if ( isset( $oitar ) && 1 === $oitar + && ( current_theme_supports( 'custom-header', 'flex-height' ) + || current_theme_supports( 'custom-header', 'flex-width' ) ) + ) { + submit_button( __( 'Skip Cropping, Publish Image as Is' ), '', 'skip-cropping', false ); + } + ?> + </p> +</form> +</div> + <?php + } + + + /** + * Uploads the file to be cropped in the second step. + * + * @since 3.4.0 + */ + public function step_2_manage_upload() { + $overrides = array( 'test_form' => false ); + + $uploaded_file = $_FILES['import']; + $wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] ); + + if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) { + wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) ); + } + + $file = wp_handle_upload( $uploaded_file, $overrides ); + + if ( isset( $file['error'] ) ) { + wp_die( $file['error'], __( 'Image Upload Error' ) ); + } + + $url = $file['url']; + $type = $file['type']; + $file = $file['file']; + $filename = wp_basename( $file ); + + // Construct the attachment array. + $attachment = array( + 'post_title' => $filename, + 'post_content' => $url, + 'post_mime_type' => $type, + 'guid' => $url, + 'context' => 'custom-header', + ); + + // Save the data. + $attachment_id = wp_insert_attachment( $attachment, $file ); + + return compact( 'attachment_id', 'file', 'filename', 'url', 'type' ); + } + + /** + * Displays third step of custom header image page. + * + * @since 2.1.0 + * @since 4.4.0 Switched to using wp_get_attachment_url() instead of the guid + * for retrieving the header image URL. + */ + public function step_3() { + check_admin_referer( 'custom-header-crop-image' ); + + if ( ! current_theme_supports( 'custom-header', 'uploads' ) ) { + wp_die( + '<h1>' . __( 'Something went wrong.' ) . '</h1>' . + '<p>' . __( 'The active theme does not support uploading a custom header image.' ) . '</p>', + 403 + ); + } + + if ( ! empty( $_POST['skip-cropping'] ) + && ! current_theme_supports( 'custom-header', 'flex-height' ) + && ! current_theme_supports( 'custom-header', 'flex-width' ) + ) { + wp_die( + '<h1>' . __( 'Something went wrong.' ) . '</h1>' . + '<p>' . __( 'The active theme does not support a flexible sized header image.' ) . '</p>', + 403 + ); + } + + if ( $_POST['oitar'] > 1 ) { + $_POST['x1'] = $_POST['x1'] * $_POST['oitar']; + $_POST['y1'] = $_POST['y1'] * $_POST['oitar']; + $_POST['width'] = $_POST['width'] * $_POST['oitar']; + $_POST['height'] = $_POST['height'] * $_POST['oitar']; + } + + $attachment_id = absint( $_POST['attachment_id'] ); + $original = get_attached_file( $attachment_id ); + + $dimensions = $this->get_header_dimensions( + array( + 'height' => $_POST['height'], + 'width' => $_POST['width'], + ) + ); + $height = $dimensions['dst_height']; + $width = $dimensions['dst_width']; + + if ( empty( $_POST['skip-cropping'] ) ) { + $cropped = wp_crop_image( + $attachment_id, + (int) $_POST['x1'], + (int) $_POST['y1'], + (int) $_POST['width'], + (int) $_POST['height'], + $width, + $height + ); + } elseif ( ! empty( $_POST['create-new-attachment'] ) ) { + $cropped = _copy_image_file( $attachment_id ); + } else { + $cropped = get_attached_file( $attachment_id ); + } + + if ( ! $cropped || is_wp_error( $cropped ) ) { + wp_die( __( 'Image could not be processed. Please go back and try again.' ), __( 'Image Processing Error' ) ); + } + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $cropped = apply_filters( 'wp_create_file_in_uploads', $cropped, $attachment_id ); // For replication. + + $attachment = $this->create_attachment_object( $cropped, $attachment_id ); + + if ( ! empty( $_POST['create-new-attachment'] ) ) { + unset( $attachment['ID'] ); + } + + // Update the attachment. + $attachment_id = $this->insert_attachment( $attachment, $cropped ); + + $url = wp_get_attachment_url( $attachment_id ); + $this->set_header_image( compact( 'url', 'attachment_id', 'width', 'height' ) ); + + // Cleanup. + $medium = str_replace( wp_basename( $original ), 'midsize-' . wp_basename( $original ), $original ); + if ( file_exists( $medium ) ) { + wp_delete_file( $medium ); + } + + if ( empty( $_POST['create-new-attachment'] ) && empty( $_POST['skip-cropping'] ) ) { + wp_delete_file( $original ); + } + + return $this->finished(); + } + + /** + * Displays last step of custom header image page. + * + * @since 2.1.0 + */ + public function finished() { + $this->updated = true; + $this->step_1(); + } + + /** + * Displays the page based on the current step. + * + * @since 2.1.0 + */ + public function admin_page() { + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_die( __( 'Sorry, you are not allowed to customize headers.' ) ); + } + + $step = $this->step(); + + if ( 2 === $step ) { + $this->step_2(); + } elseif ( 3 === $step ) { + $this->step_3(); + } else { + $this->step_1(); + } + } + + /** + * Unused since 3.5.0. + * + * @since 3.4.0 + * + * @param array $form_fields + * @return array $form_fields + */ + public function attachment_fields_to_edit( $form_fields ) { + return $form_fields; + } + + /** + * Unused since 3.5.0. + * + * @since 3.4.0 + * + * @param array $tabs + * @return array $tabs + */ + public function filter_upload_tabs( $tabs ) { + return $tabs; + } + + /** + * Chooses a header image, selected from existing uploaded and default headers, + * or provides an array of uploaded header data (either new, or from media library). + * + * @since 3.4.0 + * + * @param mixed $choice Which header image to select. Allows for values of 'random-default-image', + * for randomly cycling among the default images; 'random-uploaded-image', + * for randomly cycling among the uploaded images; the key of a default image + * registered for that theme; and the key of an image uploaded for that theme + * (the attachment ID of the image). Or an array of arguments: attachment_id, + * url, width, height. All are required. + */ + final public function set_header_image( $choice ) { + if ( is_array( $choice ) || is_object( $choice ) ) { + $choice = (array) $choice; + + if ( ! isset( $choice['attachment_id'] ) || ! isset( $choice['url'] ) ) { + return; + } + + $choice['url'] = sanitize_url( $choice['url'] ); + + $header_image_data = (object) array( + 'attachment_id' => $choice['attachment_id'], + 'url' => $choice['url'], + 'thumbnail_url' => $choice['url'], + 'height' => $choice['height'], + 'width' => $choice['width'], + ); + + update_post_meta( $choice['attachment_id'], '_wp_attachment_is_custom_header', get_stylesheet() ); + + set_theme_mod( 'header_image', $choice['url'] ); + set_theme_mod( 'header_image_data', $header_image_data ); + + return; + } + + if ( in_array( $choice, array( 'remove-header', 'random-default-image', 'random-uploaded-image' ), true ) ) { + set_theme_mod( 'header_image', $choice ); + remove_theme_mod( 'header_image_data' ); + + return; + } + + $uploaded = get_uploaded_header_images(); + + if ( $uploaded && isset( $uploaded[ $choice ] ) ) { + $header_image_data = $uploaded[ $choice ]; + } else { + $this->process_default_headers(); + if ( isset( $this->default_headers[ $choice ] ) ) { + $header_image_data = $this->default_headers[ $choice ]; + } else { + return; + } + } + + set_theme_mod( 'header_image', sanitize_url( $header_image_data['url'] ) ); + set_theme_mod( 'header_image_data', $header_image_data ); + } + + /** + * Removes a header image. + * + * @since 3.4.0 + */ + final public function remove_header_image() { + $this->set_header_image( 'remove-header' ); + } + + /** + * Resets a header image to the default image for the theme. + * + * This method does not do anything if the theme does not have a default header image. + * + * @since 3.4.0 + */ + final public function reset_header_image() { + $this->process_default_headers(); + $default = get_theme_support( 'custom-header', 'default-image' ); + + if ( ! $default ) { + $this->remove_header_image(); + return; + } + + $default = sprintf( $default, get_template_directory_uri(), get_stylesheet_directory_uri() ); + + $default_data = array(); + foreach ( $this->default_headers as $header => $details ) { + if ( $details['url'] === $default ) { + $default_data = $details; + break; + } + } + + set_theme_mod( 'header_image', $default ); + set_theme_mod( 'header_image_data', (object) $default_data ); + } + + /** + * Calculates width and height based on what the currently selected theme supports. + * + * @since 3.9.0 + * + * @param array $dimensions + * @return array dst_height and dst_width of header image. + */ + final public function get_header_dimensions( $dimensions ) { + $max_width = 0; + $width = absint( $dimensions['width'] ); + $height = absint( $dimensions['height'] ); + $theme_height = get_theme_support( 'custom-header', 'height' ); + $theme_width = get_theme_support( 'custom-header', 'width' ); + $has_flex_width = current_theme_supports( 'custom-header', 'flex-width' ); + $has_flex_height = current_theme_supports( 'custom-header', 'flex-height' ); + $has_max_width = current_theme_supports( 'custom-header', 'max-width' ); + $dst = array( + 'dst_height' => null, + 'dst_width' => null, + ); + + // For flex, limit size of image displayed to 1500px unless theme says otherwise. + if ( $has_flex_width ) { + $max_width = 1500; + } + + if ( $has_max_width ) { + $max_width = max( $max_width, get_theme_support( 'custom-header', 'max-width' ) ); + } + $max_width = max( $max_width, $theme_width ); + + if ( $has_flex_height && ( ! $has_flex_width || $width > $max_width ) ) { + $dst['dst_height'] = absint( $height * ( $max_width / $width ) ); + } elseif ( $has_flex_height && $has_flex_width ) { + $dst['dst_height'] = $height; + } else { + $dst['dst_height'] = $theme_height; + } + + if ( $has_flex_width && ( ! $has_flex_height || $width > $max_width ) ) { + $dst['dst_width'] = absint( $width * ( $max_width / $width ) ); + } elseif ( $has_flex_width && $has_flex_height ) { + $dst['dst_width'] = $width; + } else { + $dst['dst_width'] = $theme_width; + } + + return $dst; + } + + /** + * Creates an attachment 'object'. + * + * @since 3.9.0 + * + * @param string $cropped Cropped image URL. + * @param int $parent_attachment_id Attachment ID of parent image. + * @return array An array with attachment object data. + */ + final public function create_attachment_object( $cropped, $parent_attachment_id ) { + $parent = get_post( $parent_attachment_id ); + $parent_url = wp_get_attachment_url( $parent->ID ); + $url = str_replace( wp_basename( $parent_url ), wp_basename( $cropped ), $parent_url ); + + $size = wp_getimagesize( $cropped ); + $image_type = ( $size ) ? $size['mime'] : 'image/jpeg'; + + $attachment = array( + 'ID' => $parent_attachment_id, + 'post_title' => wp_basename( $cropped ), + 'post_mime_type' => $image_type, + 'guid' => $url, + 'context' => 'custom-header', + 'post_parent' => $parent_attachment_id, + ); + + return $attachment; + } + + /** + * Inserts an attachment and its metadata. + * + * @since 3.9.0 + * + * @param array $attachment An array with attachment object data. + * @param string $cropped File path to cropped image. + * @return int Attachment ID. + */ + final public function insert_attachment( $attachment, $cropped ) { + $parent_id = isset( $attachment['post_parent'] ) ? $attachment['post_parent'] : null; + unset( $attachment['post_parent'] ); + + $attachment_id = wp_insert_attachment( $attachment, $cropped ); + $metadata = wp_generate_attachment_metadata( $attachment_id, $cropped ); + + // If this is a crop, save the original attachment ID as metadata. + if ( $parent_id ) { + $metadata['attachment_parent'] = $parent_id; + } + + /** + * Filters the header image attachment metadata. + * + * @since 3.9.0 + * + * @see wp_generate_attachment_metadata() + * + * @param array $metadata Attachment metadata. + */ + $metadata = apply_filters( 'wp_header_image_attachment_metadata', $metadata ); + + wp_update_attachment_metadata( $attachment_id, $metadata ); + + return $attachment_id; + } + + /** + * Gets attachment uploaded by Media Manager, crops it, then saves it as a + * new object. Returns JSON-encoded object details. + * + * @since 3.9.0 + */ + public function ajax_header_crop() { + check_ajax_referer( 'image_editor-' . $_POST['id'], 'nonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_send_json_error(); + } + + if ( ! current_theme_supports( 'custom-header', 'uploads' ) ) { + wp_send_json_error(); + } + + $crop_details = $_POST['cropDetails']; + + $dimensions = $this->get_header_dimensions( + array( + 'height' => $crop_details['height'], + 'width' => $crop_details['width'], + ) + ); + + $attachment_id = absint( $_POST['id'] ); + + $cropped = wp_crop_image( + $attachment_id, + (int) $crop_details['x1'], + (int) $crop_details['y1'], + (int) $crop_details['width'], + (int) $crop_details['height'], + (int) $dimensions['dst_width'], + (int) $dimensions['dst_height'] + ); + + if ( ! $cropped || is_wp_error( $cropped ) ) { + wp_send_json_error( array( 'message' => __( 'Image could not be processed. Please go back and try again.' ) ) ); + } + + /** This filter is documented in wp-admin/includes/class-custom-image-header.php */ + $cropped = apply_filters( 'wp_create_file_in_uploads', $cropped, $attachment_id ); // For replication. + + $attachment = $this->create_attachment_object( $cropped, $attachment_id ); + + $previous = $this->get_previous_crop( $attachment ); + + if ( $previous ) { + $attachment['ID'] = $previous; + } else { + unset( $attachment['ID'] ); + } + + $new_attachment_id = $this->insert_attachment( $attachment, $cropped ); + + $attachment['attachment_id'] = $new_attachment_id; + $attachment['url'] = wp_get_attachment_url( $new_attachment_id ); + + $attachment['width'] = $dimensions['dst_width']; + $attachment['height'] = $dimensions['dst_height']; + + wp_send_json_success( $attachment ); + } + + /** + * Given an attachment ID for a header image, updates its "last used" + * timestamp to now. + * + * Triggered when the user tries adds a new header image from the + * Media Manager, even if s/he doesn't save that change. + * + * @since 3.9.0 + */ + public function ajax_header_add() { + check_ajax_referer( 'header-add', 'nonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_send_json_error(); + } + + $attachment_id = absint( $_POST['attachment_id'] ); + if ( $attachment_id < 1 ) { + wp_send_json_error(); + } + + $key = '_wp_attachment_custom_header_last_used_' . get_stylesheet(); + update_post_meta( $attachment_id, $key, time() ); + update_post_meta( $attachment_id, '_wp_attachment_is_custom_header', get_stylesheet() ); + + wp_send_json_success(); + } + + /** + * Given an attachment ID for a header image, unsets it as a user-uploaded + * header image for the active theme. + * + * Triggered when the user clicks the overlay "X" button next to each image + * choice in the Customizer's Header tool. + * + * @since 3.9.0 + */ + public function ajax_header_remove() { + check_ajax_referer( 'header-remove', 'nonce' ); + + if ( ! current_user_can( 'edit_theme_options' ) ) { + wp_send_json_error(); + } + + $attachment_id = absint( $_POST['attachment_id'] ); + if ( $attachment_id < 1 ) { + wp_send_json_error(); + } + + $key = '_wp_attachment_custom_header_last_used_' . get_stylesheet(); + delete_post_meta( $attachment_id, $key ); + delete_post_meta( $attachment_id, '_wp_attachment_is_custom_header', get_stylesheet() ); + + wp_send_json_success(); + } + + /** + * Updates the last-used postmeta on a header image attachment after saving a new header image via the Customizer. + * + * @since 3.9.0 + * + * @param WP_Customize_Manager $wp_customize Customize manager. + */ + public function customize_set_last_used( $wp_customize ) { + + $header_image_data_setting = $wp_customize->get_setting( 'header_image_data' ); + + if ( ! $header_image_data_setting ) { + return; + } + + $data = $header_image_data_setting->post_value(); + + if ( ! isset( $data['attachment_id'] ) ) { + return; + } + + $attachment_id = $data['attachment_id']; + $key = '_wp_attachment_custom_header_last_used_' . get_stylesheet(); + update_post_meta( $attachment_id, $key, time() ); + } + + /** + * Gets the details of default header images if defined. + * + * @since 3.9.0 + * + * @return array Default header images. + */ + public function get_default_header_images() { + $this->process_default_headers(); + + // Get the default image if there is one. + $default = get_theme_support( 'custom-header', 'default-image' ); + + if ( ! $default ) { // If not, easy peasy. + return $this->default_headers; + } + + $default = sprintf( $default, get_template_directory_uri(), get_stylesheet_directory_uri() ); + + $already_has_default = false; + + foreach ( $this->default_headers as $k => $h ) { + if ( $h['url'] === $default ) { + $already_has_default = true; + break; + } + } + + if ( $already_has_default ) { + return $this->default_headers; + } + + // If the one true image isn't included in the default set, prepend it. + $header_images = array(); + $header_images['default'] = array( + 'url' => $default, + 'thumbnail_url' => $default, + 'description' => 'Default', + ); + + // The rest of the set comes after. + return array_merge( $header_images, $this->default_headers ); + } + + /** + * Gets the previously uploaded header images. + * + * @since 3.9.0 + * + * @return array Uploaded header images. + */ + public function get_uploaded_header_images() { + $header_images = get_uploaded_header_images(); + $timestamp_key = '_wp_attachment_custom_header_last_used_' . get_stylesheet(); + $alt_text_key = '_wp_attachment_image_alt'; + + foreach ( $header_images as &$header_image ) { + $header_meta = get_post_meta( $header_image['attachment_id'] ); + $header_image['timestamp'] = isset( $header_meta[ $timestamp_key ] ) ? $header_meta[ $timestamp_key ] : ''; + $header_image['alt_text'] = isset( $header_meta[ $alt_text_key ] ) ? $header_meta[ $alt_text_key ] : ''; + } + + return $header_images; + } + + /** + * Gets the ID of a previous crop from the same base image. + * + * @since 4.9.0 + * + * @param array $attachment An array with a cropped attachment object data. + * @return int|false An attachment ID if one exists. False if none. + */ + public function get_previous_crop( $attachment ) { + $header_images = $this->get_uploaded_header_images(); + + // Bail early if there are no header images. + if ( empty( $header_images ) ) { + return false; + } + + $previous = false; + + foreach ( $header_images as $image ) { + if ( $image['attachment_parent'] === $attachment['post_parent'] ) { + $previous = $image['attachment_id']; + break; + } + } + + return $previous; + } +} diff --git a/wp-admin/includes/class-file-upload-upgrader.php b/wp-admin/includes/class-file-upload-upgrader.php new file mode 100644 index 0000000..e625615 --- /dev/null +++ b/wp-admin/includes/class-file-upload-upgrader.php @@ -0,0 +1,158 @@ +<?php +/** + * Upgrade API: File_Upload_Upgrader class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for handling file uploads. + * + * This class handles the upload process and passes it as if it's a local file + * to the Upgrade/Installer functions. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + */ +#[AllowDynamicProperties] +class File_Upload_Upgrader { + + /** + * The full path to the file package. + * + * @since 2.8.0 + * @var string $package + */ + public $package; + + /** + * The name of the file. + * + * @since 2.8.0 + * @var string $filename + */ + public $filename; + + /** + * The ID of the attachment post for this file. + * + * @since 3.3.0 + * @var int $id + */ + public $id = 0; + + /** + * Construct the upgrader for a form. + * + * @since 2.8.0 + * + * @param string $form The name of the form the file was uploaded from. + * @param string $urlholder The name of the `GET` parameter that holds the filename. + */ + public function __construct( $form, $urlholder ) { + + if ( empty( $_FILES[ $form ]['name'] ) && empty( $_GET[ $urlholder ] ) ) { + wp_die( __( 'Please select a file' ) ); + } + + // Handle a newly uploaded file. Else, assume it's already been uploaded. + if ( ! empty( $_FILES ) ) { + $overrides = array( + 'test_form' => false, + 'test_type' => false, + ); + $file = wp_handle_upload( $_FILES[ $form ], $overrides ); + + if ( isset( $file['error'] ) ) { + wp_die( $file['error'] ); + } + + if ( 'pluginzip' === $form || 'themezip' === $form ) { + $archive_is_valid = false; + + /** This filter is documented in wp-admin/includes/file.php */ + if ( class_exists( 'ZipArchive', false ) && apply_filters( 'unzip_file_use_ziparchive', true ) ) { + $archive = new ZipArchive(); + $archive_is_valid = $archive->open( $file['file'], ZIPARCHIVE::CHECKCONS ); + + if ( true === $archive_is_valid ) { + $archive->close(); + } + } else { + require_once ABSPATH . 'wp-admin/includes/class-pclzip.php'; + + $archive = new PclZip( $file['file'] ); + $archive_is_valid = is_array( $archive->properties() ); + } + + if ( true !== $archive_is_valid ) { + wp_delete_file( $file['file'] ); + wp_die( __( 'Incompatible Archive.' ) ); + } + } + + $this->filename = $_FILES[ $form ]['name']; + $this->package = $file['file']; + + // Construct the attachment array. + $attachment = array( + 'post_title' => $this->filename, + 'post_content' => $file['url'], + 'post_mime_type' => $file['type'], + 'guid' => $file['url'], + 'context' => 'upgrader', + 'post_status' => 'private', + ); + + // Save the data. + $this->id = wp_insert_attachment( $attachment, $file['file'] ); + + // Schedule a cleanup for 2 hours from now in case of failed installation. + wp_schedule_single_event( time() + 2 * HOUR_IN_SECONDS, 'upgrader_scheduled_cleanup', array( $this->id ) ); + + } elseif ( is_numeric( $_GET[ $urlholder ] ) ) { + // Numeric Package = previously uploaded file, see above. + $this->id = (int) $_GET[ $urlholder ]; + $attachment = get_post( $this->id ); + if ( empty( $attachment ) ) { + wp_die( __( 'Please select a file' ) ); + } + + $this->filename = $attachment->post_title; + $this->package = get_attached_file( $attachment->ID ); + } else { + // Else, It's set to something, Back compat for plugins using the old (pre-3.3) File_Uploader handler. + $uploads = wp_upload_dir(); + if ( ! ( $uploads && false === $uploads['error'] ) ) { + wp_die( $uploads['error'] ); + } + + $this->filename = sanitize_file_name( $_GET[ $urlholder ] ); + $this->package = $uploads['basedir'] . '/' . $this->filename; + + if ( ! str_starts_with( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) { + wp_die( __( 'Please select a file' ) ); + } + } + } + + /** + * Deletes the attachment/uploaded file. + * + * @since 3.2.2 + * + * @return bool Whether the cleanup was successful. + */ + public function cleanup() { + if ( $this->id ) { + wp_delete_attachment( $this->id ); + + } elseif ( file_exists( $this->package ) ) { + return @unlink( $this->package ); + } + + return true; + } +} diff --git a/wp-admin/includes/class-ftp-pure.php b/wp-admin/includes/class-ftp-pure.php new file mode 100644 index 0000000..4c51876 --- /dev/null +++ b/wp-admin/includes/class-ftp-pure.php @@ -0,0 +1,186 @@ +<?php +/** + * PemFTP - An Ftp implementation in pure PHP + * + * @package PemFTP + * @since 2.5.0 + * + * @version 1.0 + * @copyright Alexey Dotsenko + * @author Alexey Dotsenko + * @link https://www.phpclasses.org/package/1743-PHP-FTP-client-in-pure-PHP.html + * @license LGPL https://opensource.org/licenses/lgpl-license.html + */ + +/** + * FTP implementation using fsockopen to connect. + * + * @package PemFTP + * @subpackage Pure + * @since 2.5.0 + * + * @version 1.0 + * @copyright Alexey Dotsenko + * @author Alexey Dotsenko + * @link https://www.phpclasses.org/package/1743-PHP-FTP-client-in-pure-PHP.html + * @license LGPL https://opensource.org/licenses/lgpl-license.html + */ +class ftp_pure extends ftp_base { + + function __construct($verb=FALSE, $le=FALSE) { + parent::__construct(false, $verb, $le); + } + +// <!-- --------------------------------------------------------------------------------------- --> +// <!-- Private functions --> +// <!-- --------------------------------------------------------------------------------------- --> + + function _settimeout($sock) { + if(!@stream_set_timeout($sock, $this->_timeout)) { + $this->PushError('_settimeout','socket set send timeout'); + $this->_quit(); + return FALSE; + } + return TRUE; + } + + function _connect($host, $port) { + $this->SendMSG("Creating socket"); + $sock = @fsockopen($host, $port, $errno, $errstr, $this->_timeout); + if (!$sock) { + $this->PushError('_connect','socket connect failed', $errstr." (".$errno.")"); + return FALSE; + } + $this->_connected=true; + return $sock; + } + + function _readmsg($fnction="_readmsg"){ + if(!$this->_connected) { + $this->PushError($fnction, 'Connect first'); + return FALSE; + } + $result=true; + $this->_message=""; + $this->_code=0; + $go=true; + do { + $tmp=@fgets($this->_ftp_control_sock, 512); + if($tmp===false) { + $go=$result=false; + $this->PushError($fnction,'Read failed'); + } else { + $this->_message.=$tmp; + if(preg_match("/^([0-9]{3})(-(.*[".CRLF."]{1,2})+\\1)? [^".CRLF."]+[".CRLF."]{1,2}$/", $this->_message, $regs)) $go=false; + } + } while($go); + if($this->LocalEcho) echo "GET < ".rtrim($this->_message, CRLF).CRLF; + $this->_code=(int)$regs[1]; + return $result; + } + + function _exec($cmd, $fnction="_exec") { + if(!$this->_ready) { + $this->PushError($fnction,'Connect first'); + return FALSE; + } + if($this->LocalEcho) echo "PUT > ",$cmd,CRLF; + $status=@fputs($this->_ftp_control_sock, $cmd.CRLF); + if($status===false) { + $this->PushError($fnction,'socket write failed'); + return FALSE; + } + $this->_lastaction=time(); + if(!$this->_readmsg($fnction)) return FALSE; + return TRUE; + } + + function _data_prepare($mode=FTP_ASCII) { + if(!$this->_settype($mode)) return FALSE; + if($this->_passive) { + if(!$this->_exec("PASV", "pasv")) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + $ip_port = explode(",", preg_replace("/^.+ \\(?([0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+)\\)?.*$/s", "\\1", $this->_message)); + $this->_datahost=$ip_port[0].".".$ip_port[1].".".$ip_port[2].".".$ip_port[3]; + $this->_dataport=(((int)$ip_port[4])<<8) + ((int)$ip_port[5]); + $this->SendMSG("Connecting to ".$this->_datahost.":".$this->_dataport); + $this->_ftp_data_sock=@fsockopen($this->_datahost, $this->_dataport, $errno, $errstr, $this->_timeout); + if(!$this->_ftp_data_sock) { + $this->PushError("_data_prepare","fsockopen fails", $errstr." (".$errno.")"); + $this->_data_close(); + return FALSE; + } + else $this->_ftp_data_sock; + } else { + $this->SendMSG("Only passive connections available!"); + return FALSE; + } + return TRUE; + } + + function _data_read($mode=FTP_ASCII, $fp=NULL) { + if(is_resource($fp)) $out=0; + else $out=""; + if(!$this->_passive) { + $this->SendMSG("Only passive connections available!"); + return FALSE; + } + while (!feof($this->_ftp_data_sock)) { + $block=fread($this->_ftp_data_sock, $this->_ftp_buff_size); + if($mode!=FTP_BINARY) $block=preg_replace("/\r\n|\r|\n/", $this->_eol_code[$this->OS_local], $block); + if(is_resource($fp)) $out+=fwrite($fp, $block, strlen($block)); + else $out.=$block; + } + return $out; + } + + function _data_write($mode=FTP_ASCII, $fp=NULL) { + if(is_resource($fp)) $out=0; + else $out=""; + if(!$this->_passive) { + $this->SendMSG("Only passive connections available!"); + return FALSE; + } + if(is_resource($fp)) { + while(!feof($fp)) { + $block=fread($fp, $this->_ftp_buff_size); + if(!$this->_data_write_block($mode, $block)) return false; + } + } elseif(!$this->_data_write_block($mode, $fp)) return false; + return TRUE; + } + + function _data_write_block($mode, $block) { + if($mode!=FTP_BINARY) $block=preg_replace("/\r\n|\r|\n/", $this->_eol_code[$this->OS_remote], $block); + do { + if(($t=@fwrite($this->_ftp_data_sock, $block))===FALSE) { + $this->PushError("_data_write","Can't write to socket"); + return FALSE; + } + $block=substr($block, $t); + } while(!empty($block)); + return true; + } + + function _data_close() { + @fclose($this->_ftp_data_sock); + $this->SendMSG("Disconnected data from remote host"); + return TRUE; + } + + function _quit($force=FALSE) { + if($this->_connected or $force) { + @fclose($this->_ftp_control_sock); + $this->_connected=false; + $this->SendMSG("Socket closed"); + } + } +} + +?> diff --git a/wp-admin/includes/class-ftp-sockets.php b/wp-admin/includes/class-ftp-sockets.php new file mode 100644 index 0000000..575b393 --- /dev/null +++ b/wp-admin/includes/class-ftp-sockets.php @@ -0,0 +1,246 @@ +<?php +/** + * PemFTP - An Ftp implementation in pure PHP + * + * @package PemFTP + * @since 2.5.0 + * + * @version 1.0 + * @copyright Alexey Dotsenko + * @author Alexey Dotsenko + * @link https://www.phpclasses.org/package/1743-PHP-FTP-client-in-pure-PHP.html + * @license LGPL https://opensource.org/licenses/lgpl-license.html + */ + +/** + * Socket Based FTP implementation + * + * @package PemFTP + * @subpackage Socket + * @since 2.5.0 + * + * @version 1.0 + * @copyright Alexey Dotsenko + * @author Alexey Dotsenko + * @link https://www.phpclasses.org/package/1743-PHP-FTP-client-in-pure-PHP.html + * @license LGPL https://opensource.org/licenses/lgpl-license.html + */ +class ftp_sockets extends ftp_base { + + function __construct($verb=FALSE, $le=FALSE) { + parent::__construct(true, $verb, $le); + } + +// <!-- --------------------------------------------------------------------------------------- --> +// <!-- Private functions --> +// <!-- --------------------------------------------------------------------------------------- --> + + function _settimeout($sock) { + if(!@socket_set_option($sock, SOL_SOCKET, SO_RCVTIMEO, array("sec"=>$this->_timeout, "usec"=>0))) { + $this->PushError('_connect','socket set receive timeout',socket_strerror(socket_last_error($sock))); + @socket_close($sock); + return FALSE; + } + if(!@socket_set_option($sock, SOL_SOCKET , SO_SNDTIMEO, array("sec"=>$this->_timeout, "usec"=>0))) { + $this->PushError('_connect','socket set send timeout',socket_strerror(socket_last_error($sock))); + @socket_close($sock); + return FALSE; + } + return true; + } + + function _connect($host, $port) { + $this->SendMSG("Creating socket"); + if(!($sock = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP))) { + $this->PushError('_connect','socket create failed',socket_strerror(socket_last_error($sock))); + return FALSE; + } + if(!$this->_settimeout($sock)) return FALSE; + $this->SendMSG("Connecting to \"".$host.":".$port."\""); + if (!($res = @socket_connect($sock, $host, $port))) { + $this->PushError('_connect','socket connect failed',socket_strerror(socket_last_error($sock))); + @socket_close($sock); + return FALSE; + } + $this->_connected=true; + return $sock; + } + + function _readmsg($fnction="_readmsg"){ + if(!$this->_connected) { + $this->PushError($fnction,'Connect first'); + return FALSE; + } + $result=true; + $this->_message=""; + $this->_code=0; + $go=true; + do { + $tmp=@socket_read($this->_ftp_control_sock, 4096, PHP_BINARY_READ); + if($tmp===false) { + $go=$result=false; + $this->PushError($fnction,'Read failed', socket_strerror(socket_last_error($this->_ftp_control_sock))); + } else { + $this->_message.=$tmp; + $go = !preg_match("/^([0-9]{3})(-.+\\1)? [^".CRLF."]+".CRLF."$/Us", $this->_message, $regs); + } + } while($go); + if($this->LocalEcho) echo "GET < ".rtrim($this->_message, CRLF).CRLF; + $this->_code=(int)$regs[1]; + return $result; + } + + function _exec($cmd, $fnction="_exec") { + if(!$this->_ready) { + $this->PushError($fnction,'Connect first'); + return FALSE; + } + if($this->LocalEcho) echo "PUT > ",$cmd,CRLF; + $status=@socket_write($this->_ftp_control_sock, $cmd.CRLF); + if($status===false) { + $this->PushError($fnction,'socket write failed', socket_strerror(socket_last_error($this->stream))); + return FALSE; + } + $this->_lastaction=time(); + if(!$this->_readmsg($fnction)) return FALSE; + return TRUE; + } + + function _data_prepare($mode=FTP_ASCII) { + if(!$this->_settype($mode)) return FALSE; + $this->SendMSG("Creating data socket"); + $this->_ftp_data_sock = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP); + if ($this->_ftp_data_sock < 0) { + $this->PushError('_data_prepare','socket create failed',socket_strerror(socket_last_error($this->_ftp_data_sock))); + return FALSE; + } + if(!$this->_settimeout($this->_ftp_data_sock)) { + $this->_data_close(); + return FALSE; + } + if($this->_passive) { + if(!$this->_exec("PASV", "pasv")) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + $ip_port = explode(",", preg_replace("/^.+ \\(?([0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+)\\)?.*$/s", "\\1", $this->_message)); + $this->_datahost=$ip_port[0].".".$ip_port[1].".".$ip_port[2].".".$ip_port[3]; + $this->_dataport=(((int)$ip_port[4])<<8) + ((int)$ip_port[5]); + $this->SendMSG("Connecting to ".$this->_datahost.":".$this->_dataport); + if(!@socket_connect($this->_ftp_data_sock, $this->_datahost, $this->_dataport)) { + $this->PushError("_data_prepare","socket_connect", socket_strerror(socket_last_error($this->_ftp_data_sock))); + $this->_data_close(); + return FALSE; + } + else $this->_ftp_temp_sock=$this->_ftp_data_sock; + } else { + if(!@socket_getsockname($this->_ftp_control_sock, $addr, $port)) { + $this->PushError("_data_prepare","cannot get control socket information", socket_strerror(socket_last_error($this->_ftp_control_sock))); + $this->_data_close(); + return FALSE; + } + if(!@socket_bind($this->_ftp_data_sock,$addr)){ + $this->PushError("_data_prepare","cannot bind data socket", socket_strerror(socket_last_error($this->_ftp_data_sock))); + $this->_data_close(); + return FALSE; + } + if(!@socket_listen($this->_ftp_data_sock)) { + $this->PushError("_data_prepare","cannot listen data socket", socket_strerror(socket_last_error($this->_ftp_data_sock))); + $this->_data_close(); + return FALSE; + } + if(!@socket_getsockname($this->_ftp_data_sock, $this->_datahost, $this->_dataport)) { + $this->PushError("_data_prepare","cannot get data socket information", socket_strerror(socket_last_error($this->_ftp_data_sock))); + $this->_data_close(); + return FALSE; + } + if(!$this->_exec('PORT '.str_replace('.',',',$this->_datahost.'.'.($this->_dataport>>8).'.'.($this->_dataport&0x00FF)), "_port")) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + } + return TRUE; + } + + function _data_read($mode=FTP_ASCII, $fp=NULL) { + $NewLine=$this->_eol_code[$this->OS_local]; + if(is_resource($fp)) $out=0; + else $out=""; + if(!$this->_passive) { + $this->SendMSG("Connecting to ".$this->_datahost.":".$this->_dataport); + $this->_ftp_temp_sock=socket_accept($this->_ftp_data_sock); + if($this->_ftp_temp_sock===FALSE) { + $this->PushError("_data_read","socket_accept", socket_strerror(socket_last_error($this->_ftp_temp_sock))); + $this->_data_close(); + return FALSE; + } + } + + while(($block=@socket_read($this->_ftp_temp_sock, $this->_ftp_buff_size, PHP_BINARY_READ))!==false) { + if($block==="") break; + if($mode!=FTP_BINARY) $block=preg_replace("/\r\n|\r|\n/", $this->_eol_code[$this->OS_local], $block); + if(is_resource($fp)) $out+=fwrite($fp, $block, strlen($block)); + else $out.=$block; + } + return $out; + } + + function _data_write($mode=FTP_ASCII, $fp=NULL) { + $NewLine=$this->_eol_code[$this->OS_local]; + if(is_resource($fp)) $out=0; + else $out=""; + if(!$this->_passive) { + $this->SendMSG("Connecting to ".$this->_datahost.":".$this->_dataport); + $this->_ftp_temp_sock=socket_accept($this->_ftp_data_sock); + if($this->_ftp_temp_sock===FALSE) { + $this->PushError("_data_write","socket_accept", socket_strerror(socket_last_error($this->_ftp_temp_sock))); + $this->_data_close(); + return false; + } + } + if(is_resource($fp)) { + while(!feof($fp)) { + $block=fread($fp, $this->_ftp_buff_size); + if(!$this->_data_write_block($mode, $block)) return false; + } + } elseif(!$this->_data_write_block($mode, $fp)) return false; + return true; + } + + function _data_write_block($mode, $block) { + if($mode!=FTP_BINARY) $block=preg_replace("/\r\n|\r|\n/", $this->_eol_code[$this->OS_remote], $block); + do { + if(($t=@socket_write($this->_ftp_temp_sock, $block))===FALSE) { + $this->PushError("_data_write","socket_write", socket_strerror(socket_last_error($this->_ftp_temp_sock))); + $this->_data_close(); + return FALSE; + } + $block=substr($block, $t); + } while(!empty($block)); + return true; + } + + function _data_close() { + @socket_close($this->_ftp_temp_sock); + @socket_close($this->_ftp_data_sock); + $this->SendMSG("Disconnected data from remote host"); + return TRUE; + } + + function _quit() { + if($this->_connected) { + @socket_close($this->_ftp_control_sock); + $this->_connected=false; + $this->SendMSG("Socket closed"); + } + } +} +?> diff --git a/wp-admin/includes/class-ftp.php b/wp-admin/includes/class-ftp.php new file mode 100644 index 0000000..7658a0b --- /dev/null +++ b/wp-admin/includes/class-ftp.php @@ -0,0 +1,913 @@ +<?php +/** + * PemFTP - An Ftp implementation in pure PHP + * + * @package PemFTP + * @since 2.5.0 + * + * @version 1.0 + * @copyright Alexey Dotsenko + * @author Alexey Dotsenko + * @link https://www.phpclasses.org/package/1743-PHP-FTP-client-in-pure-PHP.html + * @license LGPL https://opensource.org/licenses/lgpl-license.html + */ + +/** + * Defines the newline characters, if not defined already. + * + * This can be redefined. + * + * @since 2.5.0 + * @var string + */ +if(!defined('CRLF')) define('CRLF',"\r\n"); + +/** + * Sets whatever to autodetect ASCII mode. + * + * This can be redefined. + * + * @since 2.5.0 + * @var int + */ +if(!defined("FTP_AUTOASCII")) define("FTP_AUTOASCII", -1); + +/** + * + * This can be redefined. + * @since 2.5.0 + * @var int + */ +if(!defined("FTP_BINARY")) define("FTP_BINARY", 1); + +/** + * + * This can be redefined. + * @since 2.5.0 + * @var int + */ +if(!defined("FTP_ASCII")) define("FTP_ASCII", 0); + +/** + * Whether to force FTP. + * + * This can be redefined. + * + * @since 2.5.0 + * @var bool + */ +if(!defined('FTP_FORCE')) define('FTP_FORCE', true); + +/** + * @since 2.5.0 + * @var string + */ +define('FTP_OS_Unix','u'); + +/** + * @since 2.5.0 + * @var string + */ +define('FTP_OS_Windows','w'); + +/** + * @since 2.5.0 + * @var string + */ +define('FTP_OS_Mac','m'); + +/** + * PemFTP base class + * + */ +class ftp_base { + /* Public variables */ + var $LocalEcho; + var $Verbose; + var $OS_local; + var $OS_remote; + + /* Private variables */ + var $_lastaction; + var $_errors; + var $_type; + var $_umask; + var $_timeout; + var $_passive; + var $_host; + var $_fullhost; + var $_port; + var $_datahost; + var $_dataport; + var $_ftp_control_sock; + var $_ftp_data_sock; + var $_ftp_temp_sock; + var $_ftp_buff_size; + var $_login; + var $_password; + var $_connected; + var $_ready; + var $_code; + var $_message; + var $_can_restore; + var $_port_available; + var $_curtype; + var $_features; + + var $_error_array; + var $AuthorizedTransferMode; + var $OS_FullName; + var $_eol_code; + var $AutoAsciiExt; + + /* Constructor */ + function __construct($port_mode=FALSE, $verb=FALSE, $le=FALSE) { + $this->LocalEcho=$le; + $this->Verbose=$verb; + $this->_lastaction=NULL; + $this->_error_array=array(); + $this->_eol_code=array(FTP_OS_Unix=>"\n", FTP_OS_Mac=>"\r", FTP_OS_Windows=>"\r\n"); + $this->AuthorizedTransferMode=array(FTP_AUTOASCII, FTP_ASCII, FTP_BINARY); + $this->OS_FullName=array(FTP_OS_Unix => 'UNIX', FTP_OS_Windows => 'WINDOWS', FTP_OS_Mac => 'MACOS'); + $this->AutoAsciiExt=array("ASP","BAT","C","CPP","CSS","CSV","JS","H","HTM","HTML","SHTML","INI","LOG","PHP3","PHTML","PL","PERL","SH","SQL","TXT"); + $this->_port_available=($port_mode==TRUE); + $this->SendMSG("Staring FTP client class".($this->_port_available?"":" without PORT mode support")); + $this->_connected=FALSE; + $this->_ready=FALSE; + $this->_can_restore=FALSE; + $this->_code=0; + $this->_message=""; + $this->_ftp_buff_size=4096; + $this->_curtype=NULL; + $this->SetUmask(0022); + $this->SetType(FTP_AUTOASCII); + $this->SetTimeout(30); + $this->Passive(!$this->_port_available); + $this->_login="anonymous"; + $this->_password="anon@ftp.com"; + $this->_features=array(); + $this->OS_local=FTP_OS_Unix; + $this->OS_remote=FTP_OS_Unix; + $this->features=array(); + if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') $this->OS_local=FTP_OS_Windows; + elseif(strtoupper(substr(PHP_OS, 0, 3)) === 'MAC') $this->OS_local=FTP_OS_Mac; + } + + function ftp_base($port_mode=FALSE) { + $this->__construct($port_mode); + } + +// <!-- --------------------------------------------------------------------------------------- --> +// <!-- Public functions --> +// <!-- --------------------------------------------------------------------------------------- --> + + function parselisting($line) { + $is_windows = ($this->OS_remote == FTP_OS_Windows); + if ($is_windows && preg_match("/([0-9]{2})-([0-9]{2})-([0-9]{2}) +([0-9]{2}):([0-9]{2})(AM|PM) +([0-9]+|<DIR>) +(.+)/",$line,$lucifer)) { + $b = array(); + if ($lucifer[3]<70) { $lucifer[3]+=2000; } else { $lucifer[3]+=1900; } // 4digit year fix + $b['isdir'] = ($lucifer[7]=="<DIR>"); + if ( $b['isdir'] ) + $b['type'] = 'd'; + else + $b['type'] = 'f'; + $b['size'] = $lucifer[7]; + $b['month'] = $lucifer[1]; + $b['day'] = $lucifer[2]; + $b['year'] = $lucifer[3]; + $b['hour'] = $lucifer[4]; + $b['minute'] = $lucifer[5]; + $b['time'] = @mktime($lucifer[4]+(strcasecmp($lucifer[6],"PM")==0?12:0),$lucifer[5],0,$lucifer[1],$lucifer[2],$lucifer[3]); + $b['am/pm'] = $lucifer[6]; + $b['name'] = $lucifer[8]; + } else if (!$is_windows && $lucifer=preg_split("/[ ]/",$line,9,PREG_SPLIT_NO_EMPTY)) { + //echo $line."\n"; + $lcount=count($lucifer); + if ($lcount<8) return ''; + $b = array(); + $b['isdir'] = $lucifer[0][0] === "d"; + $b['islink'] = $lucifer[0][0] === "l"; + if ( $b['isdir'] ) + $b['type'] = 'd'; + elseif ( $b['islink'] ) + $b['type'] = 'l'; + else + $b['type'] = 'f'; + $b['perms'] = $lucifer[0]; + $b['number'] = $lucifer[1]; + $b['owner'] = $lucifer[2]; + $b['group'] = $lucifer[3]; + $b['size'] = $lucifer[4]; + if ($lcount==8) { + sscanf($lucifer[5],"%d-%d-%d",$b['year'],$b['month'],$b['day']); + sscanf($lucifer[6],"%d:%d",$b['hour'],$b['minute']); + $b['time'] = @mktime($b['hour'],$b['minute'],0,$b['month'],$b['day'],$b['year']); + $b['name'] = $lucifer[7]; + } else { + $b['month'] = $lucifer[5]; + $b['day'] = $lucifer[6]; + if (preg_match("/([0-9]{2}):([0-9]{2})/",$lucifer[7],$l2)) { + $b['year'] = gmdate("Y"); + $b['hour'] = $l2[1]; + $b['minute'] = $l2[2]; + } else { + $b['year'] = $lucifer[7]; + $b['hour'] = 0; + $b['minute'] = 0; + } + $b['time'] = strtotime(sprintf("%d %s %d %02d:%02d",$b['day'],$b['month'],$b['year'],$b['hour'],$b['minute'])); + $b['name'] = $lucifer[8]; + } + } + + return $b; + } + + function SendMSG($message = "", $crlf=true) { + if ($this->Verbose) { + echo $message.($crlf?CRLF:""); + flush(); + } + return TRUE; + } + + function SetType($mode=FTP_AUTOASCII) { + if(!in_array($mode, $this->AuthorizedTransferMode)) { + $this->SendMSG("Wrong type"); + return FALSE; + } + $this->_type=$mode; + $this->SendMSG("Transfer type: ".($this->_type==FTP_BINARY?"binary":($this->_type==FTP_ASCII?"ASCII":"auto ASCII") ) ); + return TRUE; + } + + function _settype($mode=FTP_ASCII) { + if($this->_ready) { + if($mode==FTP_BINARY) { + if($this->_curtype!=FTP_BINARY) { + if(!$this->_exec("TYPE I", "SetType")) return FALSE; + $this->_curtype=FTP_BINARY; + } + } elseif($this->_curtype!=FTP_ASCII) { + if(!$this->_exec("TYPE A", "SetType")) return FALSE; + $this->_curtype=FTP_ASCII; + } + } else return FALSE; + return TRUE; + } + + function Passive($pasv=NULL) { + if(is_null($pasv)) $this->_passive=!$this->_passive; + else $this->_passive=$pasv; + if(!$this->_port_available and !$this->_passive) { + $this->SendMSG("Only passive connections available!"); + $this->_passive=TRUE; + return FALSE; + } + $this->SendMSG("Passive mode ".($this->_passive?"on":"off")); + return TRUE; + } + + function SetServer($host, $port=21, $reconnect=true) { + if(!is_long($port)) { + $this->verbose=true; + $this->SendMSG("Incorrect port syntax"); + return FALSE; + } else { + $ip=@gethostbyname($host); + $dns=@gethostbyaddr($host); + if(!$ip) $ip=$host; + if(!$dns) $dns=$host; + // Validate the IPAddress PHP4 returns -1 for invalid, PHP5 false + // -1 === "255.255.255.255" which is the broadcast address which is also going to be invalid + $ipaslong = ip2long($ip); + if ( ($ipaslong == false) || ($ipaslong === -1) ) { + $this->SendMSG("Wrong host name/address \"".$host."\""); + return FALSE; + } + $this->_host=$ip; + $this->_fullhost=$dns; + $this->_port=$port; + $this->_dataport=$port-1; + } + $this->SendMSG("Host \"".$this->_fullhost."(".$this->_host."):".$this->_port."\""); + if($reconnect){ + if($this->_connected) { + $this->SendMSG("Reconnecting"); + if(!$this->quit(FTP_FORCE)) return FALSE; + if(!$this->connect()) return FALSE; + } + } + return TRUE; + } + + function SetUmask($umask=0022) { + $this->_umask=$umask; + umask($this->_umask); + $this->SendMSG("UMASK 0".decoct($this->_umask)); + return TRUE; + } + + function SetTimeout($timeout=30) { + $this->_timeout=$timeout; + $this->SendMSG("Timeout ".$this->_timeout); + if($this->_connected) + if(!$this->_settimeout($this->_ftp_control_sock)) return FALSE; + return TRUE; + } + + function connect($server=NULL) { + if(!empty($server)) { + if(!$this->SetServer($server)) return false; + } + if($this->_ready) return true; + $this->SendMsg('Local OS : '.$this->OS_FullName[$this->OS_local]); + if(!($this->_ftp_control_sock = $this->_connect($this->_host, $this->_port))) { + $this->SendMSG("Error : Cannot connect to remote host \"".$this->_fullhost." :".$this->_port."\""); + return FALSE; + } + $this->SendMSG("Connected to remote host \"".$this->_fullhost.":".$this->_port."\". Waiting for greeting."); + do { + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + $this->_lastaction=time(); + } while($this->_code<200); + $this->_ready=true; + $syst=$this->systype(); + if(!$syst) $this->SendMSG("Cannot detect remote OS"); + else { + if(preg_match("/win|dos|novell/i", $syst[0])) $this->OS_remote=FTP_OS_Windows; + elseif(preg_match("/os/i", $syst[0])) $this->OS_remote=FTP_OS_Mac; + elseif(preg_match("/(li|u)nix/i", $syst[0])) $this->OS_remote=FTP_OS_Unix; + else $this->OS_remote=FTP_OS_Mac; + $this->SendMSG("Remote OS: ".$this->OS_FullName[$this->OS_remote]); + } + if(!$this->features()) $this->SendMSG("Cannot get features list. All supported - disabled"); + else $this->SendMSG("Supported features: ".implode(", ", array_keys($this->_features))); + return TRUE; + } + + function quit($force=false) { + if($this->_ready) { + if(!$this->_exec("QUIT") and !$force) return FALSE; + if(!$this->_checkCode() and !$force) return FALSE; + $this->_ready=false; + $this->SendMSG("Session finished"); + } + $this->_quit(); + return TRUE; + } + + function login($user=NULL, $pass=NULL) { + if(!is_null($user)) $this->_login=$user; + else $this->_login="anonymous"; + if(!is_null($pass)) $this->_password=$pass; + else $this->_password="anon@anon.com"; + if(!$this->_exec("USER ".$this->_login, "login")) return FALSE; + if(!$this->_checkCode()) return FALSE; + if($this->_code!=230) { + if(!$this->_exec((($this->_code==331)?"PASS ":"ACCT ").$this->_password, "login")) return FALSE; + if(!$this->_checkCode()) return FALSE; + } + $this->SendMSG("Authentication succeeded"); + if(empty($this->_features)) { + if(!$this->features()) $this->SendMSG("Cannot get features list. All supported - disabled"); + else $this->SendMSG("Supported features: ".implode(", ", array_keys($this->_features))); + } + return TRUE; + } + + function pwd() { + if(!$this->_exec("PWD", "pwd")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return preg_replace("/^[0-9]{3} \"(.+)\".*$/s", "\\1", $this->_message); + } + + function cdup() { + if(!$this->_exec("CDUP", "cdup")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return true; + } + + function chdir($pathname) { + if(!$this->_exec("CWD ".$pathname, "chdir")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function rmdir($pathname) { + if(!$this->_exec("RMD ".$pathname, "rmdir")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function mkdir($pathname) { + if(!$this->_exec("MKD ".$pathname, "mkdir")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function rename($from, $to) { + if(!$this->_exec("RNFR ".$from, "rename")) return FALSE; + if(!$this->_checkCode()) return FALSE; + if($this->_code==350) { + if(!$this->_exec("RNTO ".$to, "rename")) return FALSE; + if(!$this->_checkCode()) return FALSE; + } else return FALSE; + return TRUE; + } + + function filesize($pathname) { + if(!isset($this->_features["SIZE"])) { + $this->PushError("filesize", "not supported by server"); + return FALSE; + } + if(!$this->_exec("SIZE ".$pathname, "filesize")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return preg_replace("/^[0-9]{3} ([0-9]+).*$/s", "\\1", $this->_message); + } + + function abort() { + if(!$this->_exec("ABOR", "abort")) return FALSE; + if(!$this->_checkCode()) { + if($this->_code!=426) return FALSE; + if(!$this->_readmsg("abort")) return FALSE; + if(!$this->_checkCode()) return FALSE; + } + return true; + } + + function mdtm($pathname) { + if(!isset($this->_features["MDTM"])) { + $this->PushError("mdtm", "not supported by server"); + return FALSE; + } + if(!$this->_exec("MDTM ".$pathname, "mdtm")) return FALSE; + if(!$this->_checkCode()) return FALSE; + $mdtm = preg_replace("/^[0-9]{3} ([0-9]+).*$/s", "\\1", $this->_message); + $date = sscanf($mdtm, "%4d%2d%2d%2d%2d%2d"); + $timestamp = mktime($date[3], $date[4], $date[5], $date[1], $date[2], $date[0]); + return $timestamp; + } + + function systype() { + if(!$this->_exec("SYST", "systype")) return FALSE; + if(!$this->_checkCode()) return FALSE; + $DATA = explode(" ", $this->_message); + return array($DATA[1], $DATA[3]); + } + + function delete($pathname) { + if(!$this->_exec("DELE ".$pathname, "delete")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function site($command, $fnction="site") { + if(!$this->_exec("SITE ".$command, $fnction)) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function chmod($pathname, $mode) { + if(!$this->site( sprintf('CHMOD %o %s', $mode, $pathname), "chmod")) return FALSE; + return TRUE; + } + + function restore($from) { + if(!isset($this->_features["REST"])) { + $this->PushError("restore", "not supported by server"); + return FALSE; + } + if($this->_curtype!=FTP_BINARY) { + $this->PushError("restore", "cannot restore in ASCII mode"); + return FALSE; + } + if(!$this->_exec("REST ".$from, "resore")) return FALSE; + if(!$this->_checkCode()) return FALSE; + return TRUE; + } + + function features() { + if(!$this->_exec("FEAT", "features")) return FALSE; + if(!$this->_checkCode()) return FALSE; + $f=preg_split("/[".CRLF."]+/", preg_replace("/[0-9]{3}[ -].*[".CRLF."]+/", "", $this->_message), -1, PREG_SPLIT_NO_EMPTY); + $this->_features=array(); + foreach($f as $k=>$v) { + $v=explode(" ", trim($v)); + $this->_features[array_shift($v)]=$v; + } + return true; + } + + function rawlist($pathname="", $arg="") { + return $this->_list(($arg?" ".$arg:"").($pathname?" ".$pathname:""), "LIST", "rawlist"); + } + + function nlist($pathname="", $arg="") { + return $this->_list(($arg?" ".$arg:"").($pathname?" ".$pathname:""), "NLST", "nlist"); + } + + function is_exists($pathname) { + return $this->file_exists($pathname); + } + + function file_exists($pathname) { + $exists=true; + if(!$this->_exec("RNFR ".$pathname, "rename")) $exists=FALSE; + else { + if(!$this->_checkCode()) $exists=FALSE; + $this->abort(); + } + if($exists) $this->SendMSG("Remote file ".$pathname." exists"); + else $this->SendMSG("Remote file ".$pathname." does not exist"); + return $exists; + } + + function fget($fp, $remotefile, $rest=0) { + if($this->_can_restore and $rest!=0) fseek($fp, $rest); + $pi=pathinfo($remotefile); + if($this->_type==FTP_ASCII or ($this->_type==FTP_AUTOASCII and in_array(strtoupper($pi["extension"]), $this->AutoAsciiExt))) $mode=FTP_ASCII; + else $mode=FTP_BINARY; + if(!$this->_data_prepare($mode)) { + return FALSE; + } + if($this->_can_restore and $rest!=0) $this->restore($rest); + if(!$this->_exec("RETR ".$remotefile, "get")) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + $out=$this->_data_read($mode, $fp); + $this->_data_close(); + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + return $out; + } + + function get($remotefile, $localfile=NULL, $rest=0) { + if(is_null($localfile)) $localfile=$remotefile; + if (@file_exists($localfile)) $this->SendMSG("Warning : local file will be overwritten"); + $fp = @fopen($localfile, "w"); + if (!$fp) { + $this->PushError("get","cannot open local file", "Cannot create \"".$localfile."\""); + return FALSE; + } + if($this->_can_restore and $rest!=0) fseek($fp, $rest); + $pi=pathinfo($remotefile); + if($this->_type==FTP_ASCII or ($this->_type==FTP_AUTOASCII and in_array(strtoupper($pi["extension"]), $this->AutoAsciiExt))) $mode=FTP_ASCII; + else $mode=FTP_BINARY; + if(!$this->_data_prepare($mode)) { + fclose($fp); + return FALSE; + } + if($this->_can_restore and $rest!=0) $this->restore($rest); + if(!$this->_exec("RETR ".$remotefile, "get")) { + $this->_data_close(); + fclose($fp); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + fclose($fp); + return FALSE; + } + $out=$this->_data_read($mode, $fp); + fclose($fp); + $this->_data_close(); + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + return $out; + } + + function fput($remotefile, $fp, $rest=0) { + if($this->_can_restore and $rest!=0) fseek($fp, $rest); + $pi=pathinfo($remotefile); + if($this->_type==FTP_ASCII or ($this->_type==FTP_AUTOASCII and in_array(strtoupper($pi["extension"]), $this->AutoAsciiExt))) $mode=FTP_ASCII; + else $mode=FTP_BINARY; + if(!$this->_data_prepare($mode)) { + return FALSE; + } + if($this->_can_restore and $rest!=0) $this->restore($rest); + if(!$this->_exec("STOR ".$remotefile, "put")) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + $ret=$this->_data_write($mode, $fp); + $this->_data_close(); + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + return $ret; + } + + function put($localfile, $remotefile=NULL, $rest=0) { + if(is_null($remotefile)) $remotefile=$localfile; + if (!file_exists($localfile)) { + $this->PushError("put","cannot open local file", "No such file or directory \"".$localfile."\""); + return FALSE; + } + $fp = @fopen($localfile, "r"); + + if (!$fp) { + $this->PushError("put","cannot open local file", "Cannot read file \"".$localfile."\""); + return FALSE; + } + if($this->_can_restore and $rest!=0) fseek($fp, $rest); + $pi=pathinfo($localfile); + if($this->_type==FTP_ASCII or ($this->_type==FTP_AUTOASCII and in_array(strtoupper($pi["extension"]), $this->AutoAsciiExt))) $mode=FTP_ASCII; + else $mode=FTP_BINARY; + if(!$this->_data_prepare($mode)) { + fclose($fp); + return FALSE; + } + if($this->_can_restore and $rest!=0) $this->restore($rest); + if(!$this->_exec("STOR ".$remotefile, "put")) { + $this->_data_close(); + fclose($fp); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + fclose($fp); + return FALSE; + } + $ret=$this->_data_write($mode, $fp); + fclose($fp); + $this->_data_close(); + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + return $ret; + } + + function mput($local=".", $remote=NULL, $continious=false) { + $local=realpath($local); + if(!@file_exists($local)) { + $this->PushError("mput","cannot open local folder", "Cannot stat folder \"".$local."\""); + return FALSE; + } + if(!is_dir($local)) return $this->put($local, $remote); + if(empty($remote)) $remote="."; + elseif(!$this->file_exists($remote) and !$this->mkdir($remote)) return FALSE; + if($handle = opendir($local)) { + $list=array(); + while (false !== ($file = readdir($handle))) { + if ($file != "." && $file != "..") $list[]=$file; + } + closedir($handle); + } else { + $this->PushError("mput","cannot open local folder", "Cannot read folder \"".$local."\""); + return FALSE; + } + if(empty($list)) return TRUE; + $ret=true; + foreach($list as $el) { + if(is_dir($local."/".$el)) $t=$this->mput($local."/".$el, $remote."/".$el); + else $t=$this->put($local."/".$el, $remote."/".$el); + if(!$t) { + $ret=FALSE; + if(!$continious) break; + } + } + return $ret; + + } + + function mget($remote, $local=".", $continious=false) { + $list=$this->rawlist($remote, "-lA"); + if($list===false) { + $this->PushError("mget","cannot read remote folder list", "Cannot read remote folder \"".$remote."\" contents"); + return FALSE; + } + if(empty($list)) return true; + if(!@file_exists($local)) { + if(!@mkdir($local)) { + $this->PushError("mget","cannot create local folder", "Cannot create folder \"".$local."\""); + return FALSE; + } + } + foreach($list as $k=>$v) { + $list[$k]=$this->parselisting($v); + if( ! $list[$k] or $list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); + } + $ret=true; + foreach($list as $el) { + if($el["type"]=="d") { + if(!$this->mget($remote."/".$el["name"], $local."/".$el["name"], $continious)) { + $this->PushError("mget", "cannot copy folder", "Cannot copy remote folder \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""); + $ret=false; + if(!$continious) break; + } + } else { + if(!$this->get($remote."/".$el["name"], $local."/".$el["name"])) { + $this->PushError("mget", "cannot copy file", "Cannot copy remote file \"".$remote."/".$el["name"]."\" to local \"".$local."/".$el["name"]."\""); + $ret=false; + if(!$continious) break; + } + } + @chmod($local."/".$el["name"], $el["perms"]); + $t=strtotime($el["date"]); + if($t!==-1 and $t!==false) @touch($local."/".$el["name"], $t); + } + return $ret; + } + + function mdel($remote, $continious=false) { + $list=$this->rawlist($remote, "-la"); + if($list===false) { + $this->PushError("mdel","cannot read remote folder list", "Cannot read remote folder \"".$remote."\" contents"); + return false; + } + + foreach($list as $k=>$v) { + $list[$k]=$this->parselisting($v); + if( ! $list[$k] or $list[$k]["name"]=="." or $list[$k]["name"]=="..") unset($list[$k]); + } + $ret=true; + + foreach($list as $el) { + if ( empty($el) ) + continue; + + if($el["type"]=="d") { + if(!$this->mdel($remote."/".$el["name"], $continious)) { + $ret=false; + if(!$continious) break; + } + } else { + if (!$this->delete($remote."/".$el["name"])) { + $this->PushError("mdel", "cannot delete file", "Cannot delete remote file \"".$remote."/".$el["name"]."\""); + $ret=false; + if(!$continious) break; + } + } + } + + if(!$this->rmdir($remote)) { + $this->PushError("mdel", "cannot delete folder", "Cannot delete remote folder \"".$remote."/".$el["name"]."\""); + $ret=false; + } + return $ret; + } + + function mmkdir($dir, $mode = 0777) { + if(empty($dir)) return FALSE; + if($this->is_exists($dir) or $dir == "/" ) return TRUE; + if(!$this->mmkdir(dirname($dir), $mode)) return false; + $r=$this->mkdir($dir, $mode); + $this->chmod($dir,$mode); + return $r; + } + + function glob($pattern, $handle=NULL) { + $path=$output=null; + if(PHP_OS=='WIN32') $slash='\\'; + else $slash='/'; + $lastpos=strrpos($pattern,$slash); + if(!($lastpos===false)) { + $path=substr($pattern,0,-$lastpos-1); + $pattern=substr($pattern,$lastpos); + } else $path=getcwd(); + if(is_array($handle) and !empty($handle)) { + foreach($handle as $dir) { + if($this->glob_pattern_match($pattern,$dir)) + $output[]=$dir; + } + } else { + $handle=@opendir($path); + if($handle===false) return false; + while($dir=readdir($handle)) { + if($this->glob_pattern_match($pattern,$dir)) + $output[]=$dir; + } + closedir($handle); + } + if(is_array($output)) return $output; + return false; + } + + function glob_pattern_match($pattern,$subject) { + $out=null; + $chunks=explode(';',$pattern); + foreach($chunks as $pattern) { + $escape=array('$','^','.','{','}','(',')','[',']','|'); + while(str_contains($pattern,'**')) + $pattern=str_replace('**','*',$pattern); + foreach($escape as $probe) + $pattern=str_replace($probe,"\\$probe",$pattern); + $pattern=str_replace('?*','*', + str_replace('*?','*', + str_replace('*',".*", + str_replace('?','.{1,1}',$pattern)))); + $out[]=$pattern; + } + if(count($out)==1) return($this->glob_regexp("^$out[0]$",$subject)); + else { + foreach($out as $tester) + // TODO: This should probably be glob_regexp(), but needs tests. + if($this->my_regexp("^$tester$",$subject)) return true; + } + return false; + } + + function glob_regexp($pattern,$subject) { + $sensitive=(PHP_OS!='WIN32'); + return ($sensitive? + preg_match( '/' . preg_quote( $pattern, '/' ) . '/', $subject ) : + preg_match( '/' . preg_quote( $pattern, '/' ) . '/i', $subject ) + ); + } + + function dirlist($remote) { + $list=$this->rawlist($remote, "-la"); + if($list===false) { + $this->PushError("dirlist","cannot read remote folder list", "Cannot read remote folder \"".$remote."\" contents"); + return false; + } + + $dirlist = array(); + foreach($list as $k=>$v) { + $entry=$this->parselisting($v); + if ( empty($entry) ) + continue; + + if($entry["name"]=="." or $entry["name"]=="..") + continue; + + $dirlist[$entry['name']] = $entry; + } + + return $dirlist; + } +// <!-- --------------------------------------------------------------------------------------- --> +// <!-- Private functions --> +// <!-- --------------------------------------------------------------------------------------- --> + function _checkCode() { + return ($this->_code<400 and $this->_code>0); + } + + function _list($arg="", $cmd="LIST", $fnction="_list") { + if(!$this->_data_prepare()) return false; + if(!$this->_exec($cmd.$arg, $fnction)) { + $this->_data_close(); + return FALSE; + } + if(!$this->_checkCode()) { + $this->_data_close(); + return FALSE; + } + $out=""; + if($this->_code<200) { + $out=$this->_data_read(); + $this->_data_close(); + if(!$this->_readmsg()) return FALSE; + if(!$this->_checkCode()) return FALSE; + if($out === FALSE ) return FALSE; + $out=preg_split("/[".CRLF."]+/", $out, -1, PREG_SPLIT_NO_EMPTY); +// $this->SendMSG(implode($this->_eol_code[$this->OS_local], $out)); + } + return $out; + } + +// <!-- --------------------------------------------------------------------------------------- --> +// <!-- Partie : gestion des erreurs --> +// <!-- --------------------------------------------------------------------------------------- --> +// Gnre une erreur pour traitement externe la classe + function PushError($fctname,$msg,$desc=false){ + $error=array(); + $error['time']=time(); + $error['fctname']=$fctname; + $error['msg']=$msg; + $error['desc']=$desc; + if($desc) $tmp=' ('.$desc.')'; else $tmp=''; + $this->SendMSG($fctname.': '.$msg.$tmp); + return(array_push($this->_error_array,$error)); + } + +// Rcupre une erreur externe + function PopError(){ + if(count($this->_error_array)) return(array_pop($this->_error_array)); + else return(false); + } +} + +$mod_sockets = extension_loaded( 'sockets' ); +if ( ! $mod_sockets && function_exists( 'dl' ) && is_callable( 'dl' ) ) { + $prefix = ( PHP_SHLIB_SUFFIX == 'dll' ) ? 'php_' : ''; + @dl( $prefix . 'sockets.' . PHP_SHLIB_SUFFIX ); // phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.dlDeprecated + $mod_sockets = extension_loaded( 'sockets' ); +} + +require_once __DIR__ . "/class-ftp-" . ( $mod_sockets ? "sockets" : "pure" ) . ".php"; + +if ( $mod_sockets ) { + class ftp extends ftp_sockets {} +} else { + class ftp extends ftp_pure {} +} diff --git a/wp-admin/includes/class-language-pack-upgrader-skin.php b/wp-admin/includes/class-language-pack-upgrader-skin.php new file mode 100644 index 0000000..57b0a1c --- /dev/null +++ b/wp-admin/includes/class-language-pack-upgrader-skin.php @@ -0,0 +1,97 @@ +<?php +/** + * Upgrader API: Language_Pack_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Translation Upgrader Skin for WordPress Translation Upgrades. + * + * @since 3.7.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Language_Pack_Upgrader_Skin extends WP_Upgrader_Skin { + public $language_update = null; + public $done_header = false; + public $done_footer = false; + public $display_footer_actions = true; + + /** + * @param array $args + */ + public function __construct( $args = array() ) { + $defaults = array( + 'url' => '', + 'nonce' => '', + 'title' => __( 'Update Translations' ), + 'skip_header_footer' => false, + ); + $args = wp_parse_args( $args, $defaults ); + if ( $args['skip_header_footer'] ) { + $this->done_header = true; + $this->done_footer = true; + $this->display_footer_actions = false; + } + parent::__construct( $args ); + } + + /** + */ + public function before() { + $name = $this->upgrader->get_name_for_update( $this->language_update ); + + echo '<div class="update-messages lp-show-latest">'; + + /* translators: 1: Project name (plugin, theme, or WordPress), 2: Language. */ + printf( '<h2>' . __( 'Updating translations for %1$s (%2$s)…' ) . '</h2>', $name, $this->language_update->language ); + } + + /** + * @since 5.9.0 Renamed `$error` to `$errors` for PHP 8 named parameter support. + * + * @param string|WP_Error $errors Errors. + */ + public function error( $errors ) { + echo '<div class="lp-error">'; + parent::error( $errors ); + echo '</div>'; + } + + /** + */ + public function after() { + echo '</div>'; + } + + /** + */ + public function bulk_footer() { + $this->decrement_update_count( 'translation' ); + + $update_actions = array( + 'updates_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'update-core.php' ), + __( 'Go to WordPress Updates page' ) + ), + ); + + /** + * Filters the list of action links available following a translations update. + * + * @since 3.7.0 + * + * @param string[] $update_actions Array of translations update links. + */ + $update_actions = apply_filters( 'update_translations_complete_actions', $update_actions ); + + if ( $update_actions && $this->display_footer_actions ) { + $this->feedback( implode( ' | ', $update_actions ) ); + } + } +} diff --git a/wp-admin/includes/class-language-pack-upgrader.php b/wp-admin/includes/class-language-pack-upgrader.php new file mode 100644 index 0000000..3c3d42a --- /dev/null +++ b/wp-admin/includes/class-language-pack-upgrader.php @@ -0,0 +1,474 @@ +<?php +/** + * Upgrade API: Language_Pack_Upgrader class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for updating/installing language packs (translations) + * for plugins, themes, and core. + * + * @since 3.7.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + * + * @see WP_Upgrader + */ +class Language_Pack_Upgrader extends WP_Upgrader { + + /** + * Result of the language pack upgrade. + * + * @since 3.7.0 + * @var array|WP_Error $result + * @see WP_Upgrader::$result + */ + public $result; + + /** + * Whether a bulk upgrade/installation is being performed. + * + * @since 3.7.0 + * @var bool $bulk + */ + public $bulk = true; + + /** + * Asynchronously upgrades language packs after other upgrades have been made. + * + * Hooked to the {@see 'upgrader_process_complete'} action by default. + * + * @since 3.7.0 + * + * @param false|WP_Upgrader $upgrader Optional. WP_Upgrader instance or false. If `$upgrader` is + * a Language_Pack_Upgrader instance, the method will bail to + * avoid recursion. Otherwise unused. Default false. + */ + public static function async_upgrade( $upgrader = false ) { + // Avoid recursion. + if ( $upgrader && $upgrader instanceof Language_Pack_Upgrader ) { + return; + } + + // Nothing to do? + $language_updates = wp_get_translation_updates(); + if ( ! $language_updates ) { + return; + } + + /* + * Avoid messing with VCS installations, at least for now. + * Noted: this is not the ideal way to accomplish this. + */ + $check_vcs = new WP_Automatic_Updater(); + if ( $check_vcs->is_vcs_checkout( WP_CONTENT_DIR ) ) { + return; + } + + foreach ( $language_updates as $key => $language_update ) { + $update = ! empty( $language_update->autoupdate ); + + /** + * Filters whether to asynchronously update translation for core, a plugin, or a theme. + * + * @since 4.0.0 + * + * @param bool $update Whether to update. + * @param object $language_update The update offer. + */ + $update = apply_filters( 'async_update_translation', $update, $language_update ); + + if ( ! $update ) { + unset( $language_updates[ $key ] ); + } + } + + if ( empty( $language_updates ) ) { + return; + } + + // Re-use the automatic upgrader skin if the parent upgrader is using it. + if ( $upgrader && $upgrader->skin instanceof Automatic_Upgrader_Skin ) { + $skin = $upgrader->skin; + } else { + $skin = new Language_Pack_Upgrader_Skin( + array( + 'skip_header_footer' => true, + ) + ); + } + + $lp_upgrader = new Language_Pack_Upgrader( $skin ); + $lp_upgrader->bulk_upgrade( $language_updates ); + } + + /** + * Initializes the upgrade strings. + * + * @since 3.7.0 + */ + public function upgrade_strings() { + $this->strings['starting_upgrade'] = __( 'Some of your translations need updating. Sit tight for a few more seconds while they are updated as well.' ); + $this->strings['up_to_date'] = __( 'Your translations are all up to date.' ); + $this->strings['no_package'] = __( 'Update package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading translation from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the update…' ); + $this->strings['process_failed'] = __( 'Translation update failed.' ); + $this->strings['process_success'] = __( 'Translation updated successfully.' ); + $this->strings['remove_old'] = __( 'Removing the old version of the translation…' ); + $this->strings['remove_old_failed'] = __( 'Could not remove the old translation.' ); + } + + /** + * Upgrades a language pack. + * + * @since 3.7.0 + * + * @param string|false $update Optional. Whether an update offer is available. Default false. + * @param array $args Optional. Other optional arguments, see + * Language_Pack_Upgrader::bulk_upgrade(). Default empty array. + * @return array|bool|WP_Error The result of the upgrade, or a WP_Error object instead. + */ + public function upgrade( $update = false, $args = array() ) { + if ( $update ) { + $update = array( $update ); + } + + $results = $this->bulk_upgrade( $update, $args ); + + if ( ! is_array( $results ) ) { + return $results; + } + + return $results[0]; + } + + /** + * Upgrades several language packs at once. + * + * @since 3.7.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param object[] $language_updates Optional. Array of language packs to update. See {@see wp_get_translation_updates()}. + * Default empty array. + * @param array $args { + * Other arguments for upgrading multiple language packs. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the update cache when done. + * Default true. + * } + * @return array|bool|WP_Error Will return an array of results, or true if there are no updates, + * false or WP_Error for initial errors. + */ + public function bulk_upgrade( $language_updates = array(), $args = array() ) { + global $wp_filesystem; + + $defaults = array( + 'clear_update_cache' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->upgrade_strings(); + + if ( ! $language_updates ) { + $language_updates = wp_get_translation_updates(); + } + + if ( empty( $language_updates ) ) { + $this->skin->header(); + $this->skin->set_result( true ); + $this->skin->feedback( 'up_to_date' ); + $this->skin->bulk_footer(); + $this->skin->footer(); + return true; + } + + if ( 'upgrader_process_complete' === current_filter() ) { + $this->skin->feedback( 'starting_upgrade' ); + } + + // Remove any existing upgrade filters from the plugin/theme upgraders #WP29425 & #WP29230. + remove_all_filters( 'upgrader_pre_install' ); + remove_all_filters( 'upgrader_clear_destination' ); + remove_all_filters( 'upgrader_post_install' ); + remove_all_filters( 'upgrader_source_selection' ); + + add_filter( 'upgrader_source_selection', array( $this, 'check_package' ), 10, 2 ); + + $this->skin->header(); + + // Connect to the filesystem first. + $res = $this->fs_connect( array( WP_CONTENT_DIR, WP_LANG_DIR ) ); + if ( ! $res ) { + $this->skin->footer(); + return false; + } + + $results = array(); + + $this->update_count = count( $language_updates ); + $this->update_current = 0; + + /* + * The filesystem's mkdir() is not recursive. Make sure WP_LANG_DIR exists, + * as we then may need to create a /plugins or /themes directory inside of it. + */ + $remote_destination = $wp_filesystem->find_folder( WP_LANG_DIR ); + if ( ! $wp_filesystem->exists( $remote_destination ) ) { + if ( ! $wp_filesystem->mkdir( $remote_destination, FS_CHMOD_DIR ) ) { + return new WP_Error( 'mkdir_failed_lang_dir', $this->strings['mkdir_failed'], $remote_destination ); + } + } + + $language_updates_results = array(); + + foreach ( $language_updates as $language_update ) { + + $this->skin->language_update = $language_update; + + $destination = WP_LANG_DIR; + if ( 'plugin' === $language_update->type ) { + $destination .= '/plugins'; + } elseif ( 'theme' === $language_update->type ) { + $destination .= '/themes'; + } + + ++$this->update_current; + + $options = array( + 'package' => $language_update->package, + 'destination' => $destination, + 'clear_destination' => true, + 'abort_if_destination_exists' => false, // We expect the destination to exist. + 'clear_working' => true, + 'is_multi' => true, + 'hook_extra' => array( + 'language_update_type' => $language_update->type, + 'language_update' => $language_update, + ), + ); + + $result = $this->run( $options ); + + $results[] = $this->result; + + // Prevent credentials auth screen from displaying multiple times. + if ( false === $result ) { + break; + } + + $language_updates_results[] = array( + 'language' => $language_update->language, + 'type' => $language_update->type, + 'slug' => isset( $language_update->slug ) ? $language_update->slug : 'default', + 'version' => $language_update->version, + ); + } + + // Remove upgrade hooks which are not required for translation updates. + remove_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 ); + remove_action( 'upgrader_process_complete', 'wp_version_check' ); + remove_action( 'upgrader_process_complete', 'wp_update_plugins' ); + remove_action( 'upgrader_process_complete', 'wp_update_themes' ); + + /** This action is documented in wp-admin/includes/class-wp-upgrader.php */ + do_action( + 'upgrader_process_complete', + $this, + array( + 'action' => 'update', + 'type' => 'translation', + 'bulk' => true, + 'translations' => $language_updates_results, + ) + ); + + // Re-add upgrade hooks. + add_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 ); + add_action( 'upgrader_process_complete', 'wp_version_check', 10, 0 ); + add_action( 'upgrader_process_complete', 'wp_update_plugins', 10, 0 ); + add_action( 'upgrader_process_complete', 'wp_update_themes', 10, 0 ); + + $this->skin->bulk_footer(); + + $this->skin->footer(); + + // Clean up our hooks, in case something else does an upgrade on this connection. + remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + + if ( $parsed_args['clear_update_cache'] ) { + wp_clean_update_cache(); + } + + return $results; + } + + /** + * Checks that the package source contains .mo and .po files. + * + * Hooked to the {@see 'upgrader_source_selection'} filter by + * Language_Pack_Upgrader::bulk_upgrade(). + * + * @since 3.7.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string|WP_Error $source The path to the downloaded package source. + * @param string $remote_source Remote file source location. + * @return string|WP_Error The source as passed, or a WP_Error object on failure. + */ + public function check_package( $source, $remote_source ) { + global $wp_filesystem; + + if ( is_wp_error( $source ) ) { + return $source; + } + + // Check that the folder contains a valid language. + $files = $wp_filesystem->dirlist( $remote_source ); + + // Check to see if a .po and .mo exist in the folder. + $po = false; + $mo = false; + foreach ( (array) $files as $file => $filedata ) { + if ( str_ends_with( $file, '.po' ) ) { + $po = true; + } elseif ( str_ends_with( $file, '.mo' ) ) { + $mo = true; + } + } + + if ( ! $mo || ! $po ) { + return new WP_Error( + 'incompatible_archive_pomo', + $this->strings['incompatible_archive'], + sprintf( + /* translators: 1: .po, 2: .mo */ + __( 'The language pack is missing either the %1$s or %2$s files.' ), + '<code>.po</code>', + '<code>.mo</code>' + ) + ); + } + + return $source; + } + + /** + * Gets the name of an item being updated. + * + * @since 3.7.0 + * + * @param object $update The data for an update. + * @return string The name of the item being updated. + */ + public function get_name_for_update( $update ) { + switch ( $update->type ) { + case 'core': + return 'WordPress'; // Not translated. + + case 'theme': + $theme = wp_get_theme( $update->slug ); + if ( $theme->exists() ) { + return $theme->Get( 'Name' ); + } + break; + case 'plugin': + $plugin_data = get_plugins( '/' . $update->slug ); + $plugin_data = reset( $plugin_data ); + if ( $plugin_data ) { + return $plugin_data['Name']; + } + break; + } + return ''; + } + + /** + * Clears existing translations where this item is going to be installed into. + * + * @since 5.1.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $remote_destination The location on the remote filesystem to be cleared. + * @return bool|WP_Error True upon success, WP_Error on failure. + */ + public function clear_destination( $remote_destination ) { + global $wp_filesystem; + + $language_update = $this->skin->language_update; + $language_directory = WP_LANG_DIR . '/'; // Local path for use with glob(). + + if ( 'core' === $language_update->type ) { + $files = array( + $remote_destination . $language_update->language . '.po', + $remote_destination . $language_update->language . '.mo', + $remote_destination . 'admin-' . $language_update->language . '.po', + $remote_destination . 'admin-' . $language_update->language . '.mo', + $remote_destination . 'admin-network-' . $language_update->language . '.po', + $remote_destination . 'admin-network-' . $language_update->language . '.mo', + $remote_destination . 'continents-cities-' . $language_update->language . '.po', + $remote_destination . 'continents-cities-' . $language_update->language . '.mo', + ); + + $json_translation_files = glob( $language_directory . $language_update->language . '-*.json' ); + if ( $json_translation_files ) { + foreach ( $json_translation_files as $json_translation_file ) { + $files[] = str_replace( $language_directory, $remote_destination, $json_translation_file ); + } + } + } else { + $files = array( + $remote_destination . $language_update->slug . '-' . $language_update->language . '.po', + $remote_destination . $language_update->slug . '-' . $language_update->language . '.mo', + ); + + $language_directory = $language_directory . $language_update->type . 's/'; + $json_translation_files = glob( $language_directory . $language_update->slug . '-' . $language_update->language . '-*.json' ); + if ( $json_translation_files ) { + foreach ( $json_translation_files as $json_translation_file ) { + $files[] = str_replace( $language_directory, $remote_destination, $json_translation_file ); + } + } + } + + $files = array_filter( $files, array( $wp_filesystem, 'exists' ) ); + + // No files to delete. + if ( ! $files ) { + return true; + } + + // Check all files are writable before attempting to clear the destination. + $unwritable_files = array(); + + // Check writability. + foreach ( $files as $file ) { + if ( ! $wp_filesystem->is_writable( $file ) ) { + // Attempt to alter permissions to allow writes and try again. + $wp_filesystem->chmod( $file, FS_CHMOD_FILE ); + if ( ! $wp_filesystem->is_writable( $file ) ) { + $unwritable_files[] = $file; + } + } + } + + if ( ! empty( $unwritable_files ) ) { + return new WP_Error( 'files_not_writable', $this->strings['files_not_writable'], implode( ', ', $unwritable_files ) ); + } + + foreach ( $files as $file ) { + if ( ! $wp_filesystem->delete( $file ) ) { + return new WP_Error( 'remove_old_failed', $this->strings['remove_old_failed'] ); + } + } + + return true; + } +} diff --git a/wp-admin/includes/class-pclzip.php b/wp-admin/includes/class-pclzip.php new file mode 100644 index 0000000..3fdade5 --- /dev/null +++ b/wp-admin/includes/class-pclzip.php @@ -0,0 +1,5732 @@ +<?php +// -------------------------------------------------------------------------------- +// PhpConcept Library - Zip Module 2.8.2 +// -------------------------------------------------------------------------------- +// License GNU/LGPL - Vincent Blavet - August 2009 +// http://www.phpconcept.net +// -------------------------------------------------------------------------------- +// +// Presentation : +// PclZip is a PHP library that manage ZIP archives. +// So far tests show that archives generated by PclZip are readable by +// WinZip application and other tools. +// +// Description : +// See readme.txt and http://www.phpconcept.net +// +// Warning : +// This library and the associated files are non commercial, non professional +// work. +// It should not have unexpected results. However if any damage is caused by +// this software the author can not be responsible. +// The use of this software is at the risk of the user. +// +// -------------------------------------------------------------------------------- +// $Id: pclzip.lib.php,v 1.60 2009/09/30 21:01:04 vblavet Exp $ +// -------------------------------------------------------------------------------- + + // ----- Constants + if (!defined('PCLZIP_READ_BLOCK_SIZE')) { + define( 'PCLZIP_READ_BLOCK_SIZE', 2048 ); + } + + // ----- File list separator + // In version 1.x of PclZip, the separator for file list is a space + // (which is not a very smart choice, specifically for windows paths !). + // A better separator should be a comma (,). This constant gives you the + // ability to change that. + // However notice that changing this value, may have impact on existing + // scripts, using space separated filenames. + // Recommended values for compatibility with older versions : + //define( 'PCLZIP_SEPARATOR', ' ' ); + // Recommended values for smart separation of filenames. + if (!defined('PCLZIP_SEPARATOR')) { + define( 'PCLZIP_SEPARATOR', ',' ); + } + + // ----- Error configuration + // 0 : PclZip Class integrated error handling + // 1 : PclError external library error handling. By enabling this + // you must ensure that you have included PclError library. + // [2,...] : reserved for futur use + if (!defined('PCLZIP_ERROR_EXTERNAL')) { + define( 'PCLZIP_ERROR_EXTERNAL', 0 ); + } + + // ----- Optional static temporary directory + // By default temporary files are generated in the script current + // path. + // If defined : + // - MUST BE terminated by a '/'. + // - MUST be a valid, already created directory + // Samples : + // define( 'PCLZIP_TEMPORARY_DIR', '/temp/' ); + // define( 'PCLZIP_TEMPORARY_DIR', 'C:/Temp/' ); + if (!defined('PCLZIP_TEMPORARY_DIR')) { + define( 'PCLZIP_TEMPORARY_DIR', '' ); + } + + // ----- Optional threshold ratio for use of temporary files + // Pclzip sense the size of the file to add/extract and decide to + // use or not temporary file. The algorithm is looking for + // memory_limit of PHP and apply a ratio. + // threshold = memory_limit * ratio. + // Recommended values are under 0.5. Default 0.47. + // Samples : + // define( 'PCLZIP_TEMPORARY_FILE_RATIO', 0.5 ); + if (!defined('PCLZIP_TEMPORARY_FILE_RATIO')) { + define( 'PCLZIP_TEMPORARY_FILE_RATIO', 0.47 ); + } + +// -------------------------------------------------------------------------------- +// ***** UNDER THIS LINE NOTHING NEEDS TO BE MODIFIED ***** +// -------------------------------------------------------------------------------- + + // ----- Global variables + $g_pclzip_version = "2.8.2"; + + // ----- Error codes + // -1 : Unable to open file in binary write mode + // -2 : Unable to open file in binary read mode + // -3 : Invalid parameters + // -4 : File does not exist + // -5 : Filename is too long (max. 255) + // -6 : Not a valid zip file + // -7 : Invalid extracted file size + // -8 : Unable to create directory + // -9 : Invalid archive extension + // -10 : Invalid archive format + // -11 : Unable to delete file (unlink) + // -12 : Unable to rename file (rename) + // -13 : Invalid header checksum + // -14 : Invalid archive size + define( 'PCLZIP_ERR_USER_ABORTED', 2 ); + define( 'PCLZIP_ERR_NO_ERROR', 0 ); + define( 'PCLZIP_ERR_WRITE_OPEN_FAIL', -1 ); + define( 'PCLZIP_ERR_READ_OPEN_FAIL', -2 ); + define( 'PCLZIP_ERR_INVALID_PARAMETER', -3 ); + define( 'PCLZIP_ERR_MISSING_FILE', -4 ); + define( 'PCLZIP_ERR_FILENAME_TOO_LONG', -5 ); + define( 'PCLZIP_ERR_INVALID_ZIP', -6 ); + define( 'PCLZIP_ERR_BAD_EXTRACTED_FILE', -7 ); + define( 'PCLZIP_ERR_DIR_CREATE_FAIL', -8 ); + define( 'PCLZIP_ERR_BAD_EXTENSION', -9 ); + define( 'PCLZIP_ERR_BAD_FORMAT', -10 ); + define( 'PCLZIP_ERR_DELETE_FILE_FAIL', -11 ); + define( 'PCLZIP_ERR_RENAME_FILE_FAIL', -12 ); + define( 'PCLZIP_ERR_BAD_CHECKSUM', -13 ); + define( 'PCLZIP_ERR_INVALID_ARCHIVE_ZIP', -14 ); + define( 'PCLZIP_ERR_MISSING_OPTION_VALUE', -15 ); + define( 'PCLZIP_ERR_INVALID_OPTION_VALUE', -16 ); + define( 'PCLZIP_ERR_ALREADY_A_DIRECTORY', -17 ); + define( 'PCLZIP_ERR_UNSUPPORTED_COMPRESSION', -18 ); + define( 'PCLZIP_ERR_UNSUPPORTED_ENCRYPTION', -19 ); + define( 'PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE', -20 ); + define( 'PCLZIP_ERR_DIRECTORY_RESTRICTION', -21 ); + + // ----- Options values + define( 'PCLZIP_OPT_PATH', 77001 ); + define( 'PCLZIP_OPT_ADD_PATH', 77002 ); + define( 'PCLZIP_OPT_REMOVE_PATH', 77003 ); + define( 'PCLZIP_OPT_REMOVE_ALL_PATH', 77004 ); + define( 'PCLZIP_OPT_SET_CHMOD', 77005 ); + define( 'PCLZIP_OPT_EXTRACT_AS_STRING', 77006 ); + define( 'PCLZIP_OPT_NO_COMPRESSION', 77007 ); + define( 'PCLZIP_OPT_BY_NAME', 77008 ); + define( 'PCLZIP_OPT_BY_INDEX', 77009 ); + define( 'PCLZIP_OPT_BY_EREG', 77010 ); + define( 'PCLZIP_OPT_BY_PREG', 77011 ); + define( 'PCLZIP_OPT_COMMENT', 77012 ); + define( 'PCLZIP_OPT_ADD_COMMENT', 77013 ); + define( 'PCLZIP_OPT_PREPEND_COMMENT', 77014 ); + define( 'PCLZIP_OPT_EXTRACT_IN_OUTPUT', 77015 ); + define( 'PCLZIP_OPT_REPLACE_NEWER', 77016 ); + define( 'PCLZIP_OPT_STOP_ON_ERROR', 77017 ); + // Having big trouble with crypt. Need to multiply 2 long int + // which is not correctly supported by PHP ... + //define( 'PCLZIP_OPT_CRYPT', 77018 ); + define( 'PCLZIP_OPT_EXTRACT_DIR_RESTRICTION', 77019 ); + define( 'PCLZIP_OPT_TEMP_FILE_THRESHOLD', 77020 ); + define( 'PCLZIP_OPT_ADD_TEMP_FILE_THRESHOLD', 77020 ); // alias + define( 'PCLZIP_OPT_TEMP_FILE_ON', 77021 ); + define( 'PCLZIP_OPT_ADD_TEMP_FILE_ON', 77021 ); // alias + define( 'PCLZIP_OPT_TEMP_FILE_OFF', 77022 ); + define( 'PCLZIP_OPT_ADD_TEMP_FILE_OFF', 77022 ); // alias + + // ----- File description attributes + define( 'PCLZIP_ATT_FILE_NAME', 79001 ); + define( 'PCLZIP_ATT_FILE_NEW_SHORT_NAME', 79002 ); + define( 'PCLZIP_ATT_FILE_NEW_FULL_NAME', 79003 ); + define( 'PCLZIP_ATT_FILE_MTIME', 79004 ); + define( 'PCLZIP_ATT_FILE_CONTENT', 79005 ); + define( 'PCLZIP_ATT_FILE_COMMENT', 79006 ); + + // ----- Call backs values + define( 'PCLZIP_CB_PRE_EXTRACT', 78001 ); + define( 'PCLZIP_CB_POST_EXTRACT', 78002 ); + define( 'PCLZIP_CB_PRE_ADD', 78003 ); + define( 'PCLZIP_CB_POST_ADD', 78004 ); + /* For futur use + define( 'PCLZIP_CB_PRE_LIST', 78005 ); + define( 'PCLZIP_CB_POST_LIST', 78006 ); + define( 'PCLZIP_CB_PRE_DELETE', 78007 ); + define( 'PCLZIP_CB_POST_DELETE', 78008 ); + */ + + // -------------------------------------------------------------------------------- + // Class : PclZip + // Description : + // PclZip is the class that represent a Zip archive. + // The public methods allow the manipulation of the archive. + // Attributes : + // Attributes must not be accessed directly. + // Methods : + // PclZip() : Object creator + // create() : Creates the Zip archive + // listContent() : List the content of the Zip archive + // extract() : Extract the content of the archive + // properties() : List the properties of the archive + // -------------------------------------------------------------------------------- + class PclZip + { + // ----- Filename of the zip file + var $zipname = ''; + + // ----- File descriptor of the zip file + var $zip_fd = 0; + + // ----- Internal error handling + var $error_code = 1; + var $error_string = ''; + + // ----- Current status of the magic_quotes_runtime + // This value store the php configuration for magic_quotes + // The class can then disable the magic_quotes and reset it after + var $magic_quotes_status; + + // -------------------------------------------------------------------------------- + // Function : PclZip() + // Description : + // Creates a PclZip object and set the name of the associated Zip archive + // filename. + // Note that no real action is taken, if the archive does not exist it is not + // created. Use create() for that. + // -------------------------------------------------------------------------------- + function __construct($p_zipname) + { + + // ----- Tests the zlib + if (!function_exists('gzopen')) + { + die('Abort '.basename(__FILE__).' : Missing zlib extensions'); + } + + // ----- Set the attributes + $this->zipname = $p_zipname; + $this->zip_fd = 0; + $this->magic_quotes_status = -1; + + // ----- Return + return; + } + + public function PclZip($p_zipname) { + self::__construct($p_zipname); + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : + // create($p_filelist, $p_add_dir="", $p_remove_dir="") + // create($p_filelist, $p_option, $p_option_value, ...) + // Description : + // This method supports two different synopsis. The first one is historical. + // This method creates a Zip Archive. The Zip file is created in the + // filesystem. The files and directories indicated in $p_filelist + // are added in the archive. See the parameters description for the + // supported format of $p_filelist. + // When a directory is in the list, the directory and its content is added + // in the archive. + // In this synopsis, the function takes an optional variable list of + // options. See below the supported options. + // Parameters : + // $p_filelist : An array containing file or directory names, or + // a string containing one filename or one directory name, or + // a string containing a list of filenames and/or directory + // names separated by spaces. + // $p_add_dir : A path to add before the real path of the archived file, + // in order to have it memorized in the archive. + // $p_remove_dir : A path to remove from the real path of the file to archive, + // in order to have a shorter path memorized in the archive. + // When $p_add_dir and $p_remove_dir are set, $p_remove_dir + // is removed first, before $p_add_dir is added. + // Options : + // PCLZIP_OPT_ADD_PATH : + // PCLZIP_OPT_REMOVE_PATH : + // PCLZIP_OPT_REMOVE_ALL_PATH : + // PCLZIP_OPT_COMMENT : + // PCLZIP_CB_PRE_ADD : + // PCLZIP_CB_POST_ADD : + // Return Values : + // 0 on failure, + // The list of the added files, with a status of the add action. + // (see PclZip::listContent() for list entry format) + // -------------------------------------------------------------------------------- + function create($p_filelist) + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Set default values + $v_options = array(); + $v_options[PCLZIP_OPT_NO_COMPRESSION] = FALSE; + + // ----- Look for variable options arguments + $v_size = func_num_args(); + + // ----- Look for arguments + if ($v_size > 1) { + // ----- Get the arguments + $v_arg_list = func_get_args(); + + // ----- Remove from the options list the first argument + array_shift($v_arg_list); + $v_size--; + + // ----- Look for first arg + if ((is_integer($v_arg_list[0])) && ($v_arg_list[0] > 77000)) { + + // ----- Parse the options + $v_result = $this->privParseOptions($v_arg_list, $v_size, $v_options, + array (PCLZIP_OPT_REMOVE_PATH => 'optional', + PCLZIP_OPT_REMOVE_ALL_PATH => 'optional', + PCLZIP_OPT_ADD_PATH => 'optional', + PCLZIP_CB_PRE_ADD => 'optional', + PCLZIP_CB_POST_ADD => 'optional', + PCLZIP_OPT_NO_COMPRESSION => 'optional', + PCLZIP_OPT_COMMENT => 'optional', + PCLZIP_OPT_TEMP_FILE_THRESHOLD => 'optional', + PCLZIP_OPT_TEMP_FILE_ON => 'optional', + PCLZIP_OPT_TEMP_FILE_OFF => 'optional' + //, PCLZIP_OPT_CRYPT => 'optional' + )); + if ($v_result != 1) { + return 0; + } + } + + // ----- Look for 2 args + // Here we need to support the first historic synopsis of the + // method. + else { + + // ----- Get the first argument + $v_options[PCLZIP_OPT_ADD_PATH] = $v_arg_list[0]; + + // ----- Look for the optional second argument + if ($v_size == 2) { + $v_options[PCLZIP_OPT_REMOVE_PATH] = $v_arg_list[1]; + } + else if ($v_size > 2) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, + "Invalid number / type of arguments"); + return 0; + } + } + } + + // ----- Look for default option values + $this->privOptionDefaultThreshold($v_options); + + // ----- Init + $v_string_list = array(); + $v_att_list = array(); + $v_filedescr_list = array(); + $p_result_list = array(); + + // ----- Look if the $p_filelist is really an array + if (is_array($p_filelist)) { + + // ----- Look if the first element is also an array + // This will mean that this is a file description entry + if (isset($p_filelist[0]) && is_array($p_filelist[0])) { + $v_att_list = $p_filelist; + } + + // ----- The list is a list of string names + else { + $v_string_list = $p_filelist; + } + } + + // ----- Look if the $p_filelist is a string + else if (is_string($p_filelist)) { + // ----- Create a list from the string + $v_string_list = explode(PCLZIP_SEPARATOR, $p_filelist); + } + + // ----- Invalid variable type for $p_filelist + else { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid variable type p_filelist"); + return 0; + } + + // ----- Reformat the string list + if (sizeof($v_string_list) != 0) { + foreach ($v_string_list as $v_string) { + if ($v_string != '') { + $v_att_list[][PCLZIP_ATT_FILE_NAME] = $v_string; + } + else { + } + } + } + + // ----- For each file in the list check the attributes + $v_supported_attributes + = array ( PCLZIP_ATT_FILE_NAME => 'mandatory' + ,PCLZIP_ATT_FILE_NEW_SHORT_NAME => 'optional' + ,PCLZIP_ATT_FILE_NEW_FULL_NAME => 'optional' + ,PCLZIP_ATT_FILE_MTIME => 'optional' + ,PCLZIP_ATT_FILE_CONTENT => 'optional' + ,PCLZIP_ATT_FILE_COMMENT => 'optional' + ); + foreach ($v_att_list as $v_entry) { + $v_result = $this->privFileDescrParseAtt($v_entry, + $v_filedescr_list[], + $v_options, + $v_supported_attributes); + if ($v_result != 1) { + return 0; + } + } + + // ----- Expand the filelist (expand directories) + $v_result = $this->privFileDescrExpand($v_filedescr_list, $v_options); + if ($v_result != 1) { + return 0; + } + + // ----- Call the create fct + $v_result = $this->privCreate($v_filedescr_list, $p_result_list, $v_options); + if ($v_result != 1) { + return 0; + } + + // ----- Return + return $p_result_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : + // add($p_filelist, $p_add_dir="", $p_remove_dir="") + // add($p_filelist, $p_option, $p_option_value, ...) + // Description : + // This method supports two synopsis. The first one is historical. + // This methods add the list of files in an existing archive. + // If a file with the same name already exists, it is added at the end of the + // archive, the first one is still present. + // If the archive does not exist, it is created. + // Parameters : + // $p_filelist : An array containing file or directory names, or + // a string containing one filename or one directory name, or + // a string containing a list of filenames and/or directory + // names separated by spaces. + // $p_add_dir : A path to add before the real path of the archived file, + // in order to have it memorized in the archive. + // $p_remove_dir : A path to remove from the real path of the file to archive, + // in order to have a shorter path memorized in the archive. + // When $p_add_dir and $p_remove_dir are set, $p_remove_dir + // is removed first, before $p_add_dir is added. + // Options : + // PCLZIP_OPT_ADD_PATH : + // PCLZIP_OPT_REMOVE_PATH : + // PCLZIP_OPT_REMOVE_ALL_PATH : + // PCLZIP_OPT_COMMENT : + // PCLZIP_OPT_ADD_COMMENT : + // PCLZIP_OPT_PREPEND_COMMENT : + // PCLZIP_CB_PRE_ADD : + // PCLZIP_CB_POST_ADD : + // Return Values : + // 0 on failure, + // The list of the added files, with a status of the add action. + // (see PclZip::listContent() for list entry format) + // -------------------------------------------------------------------------------- + function add($p_filelist) + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Set default values + $v_options = array(); + $v_options[PCLZIP_OPT_NO_COMPRESSION] = FALSE; + + // ----- Look for variable options arguments + $v_size = func_num_args(); + + // ----- Look for arguments + if ($v_size > 1) { + // ----- Get the arguments + $v_arg_list = func_get_args(); + + // ----- Remove form the options list the first argument + array_shift($v_arg_list); + $v_size--; + + // ----- Look for first arg + if ((is_integer($v_arg_list[0])) && ($v_arg_list[0] > 77000)) { + + // ----- Parse the options + $v_result = $this->privParseOptions($v_arg_list, $v_size, $v_options, + array (PCLZIP_OPT_REMOVE_PATH => 'optional', + PCLZIP_OPT_REMOVE_ALL_PATH => 'optional', + PCLZIP_OPT_ADD_PATH => 'optional', + PCLZIP_CB_PRE_ADD => 'optional', + PCLZIP_CB_POST_ADD => 'optional', + PCLZIP_OPT_NO_COMPRESSION => 'optional', + PCLZIP_OPT_COMMENT => 'optional', + PCLZIP_OPT_ADD_COMMENT => 'optional', + PCLZIP_OPT_PREPEND_COMMENT => 'optional', + PCLZIP_OPT_TEMP_FILE_THRESHOLD => 'optional', + PCLZIP_OPT_TEMP_FILE_ON => 'optional', + PCLZIP_OPT_TEMP_FILE_OFF => 'optional' + //, PCLZIP_OPT_CRYPT => 'optional' + )); + if ($v_result != 1) { + return 0; + } + } + + // ----- Look for 2 args + // Here we need to support the first historic synopsis of the + // method. + else { + + // ----- Get the first argument + $v_options[PCLZIP_OPT_ADD_PATH] = $v_add_path = $v_arg_list[0]; + + // ----- Look for the optional second argument + if ($v_size == 2) { + $v_options[PCLZIP_OPT_REMOVE_PATH] = $v_arg_list[1]; + } + else if ($v_size > 2) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid number / type of arguments"); + + // ----- Return + return 0; + } + } + } + + // ----- Look for default option values + $this->privOptionDefaultThreshold($v_options); + + // ----- Init + $v_string_list = array(); + $v_att_list = array(); + $v_filedescr_list = array(); + $p_result_list = array(); + + // ----- Look if the $p_filelist is really an array + if (is_array($p_filelist)) { + + // ----- Look if the first element is also an array + // This will mean that this is a file description entry + if (isset($p_filelist[0]) && is_array($p_filelist[0])) { + $v_att_list = $p_filelist; + } + + // ----- The list is a list of string names + else { + $v_string_list = $p_filelist; + } + } + + // ----- Look if the $p_filelist is a string + else if (is_string($p_filelist)) { + // ----- Create a list from the string + $v_string_list = explode(PCLZIP_SEPARATOR, $p_filelist); + } + + // ----- Invalid variable type for $p_filelist + else { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid variable type '".gettype($p_filelist)."' for p_filelist"); + return 0; + } + + // ----- Reformat the string list + if (sizeof($v_string_list) != 0) { + foreach ($v_string_list as $v_string) { + $v_att_list[][PCLZIP_ATT_FILE_NAME] = $v_string; + } + } + + // ----- For each file in the list check the attributes + $v_supported_attributes + = array ( PCLZIP_ATT_FILE_NAME => 'mandatory' + ,PCLZIP_ATT_FILE_NEW_SHORT_NAME => 'optional' + ,PCLZIP_ATT_FILE_NEW_FULL_NAME => 'optional' + ,PCLZIP_ATT_FILE_MTIME => 'optional' + ,PCLZIP_ATT_FILE_CONTENT => 'optional' + ,PCLZIP_ATT_FILE_COMMENT => 'optional' + ); + foreach ($v_att_list as $v_entry) { + $v_result = $this->privFileDescrParseAtt($v_entry, + $v_filedescr_list[], + $v_options, + $v_supported_attributes); + if ($v_result != 1) { + return 0; + } + } + + // ----- Expand the filelist (expand directories) + $v_result = $this->privFileDescrExpand($v_filedescr_list, $v_options); + if ($v_result != 1) { + return 0; + } + + // ----- Call the create fct + $v_result = $this->privAdd($v_filedescr_list, $p_result_list, $v_options); + if ($v_result != 1) { + return 0; + } + + // ----- Return + return $p_result_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : listContent() + // Description : + // This public method, gives the list of the files and directories, with their + // properties. + // The properties of each entries in the list are (used also in other functions) : + // filename : Name of the file. For a create or add action it is the filename + // given by the user. For an extract function it is the filename + // of the extracted file. + // stored_filename : Name of the file / directory stored in the archive. + // size : Size of the stored file. + // compressed_size : Size of the file's data compressed in the archive + // (without the headers overhead) + // mtime : Last known modification date of the file (UNIX timestamp) + // comment : Comment associated with the file + // folder : true | false + // index : index of the file in the archive + // status : status of the action (depending of the action) : + // Values are : + // ok : OK ! + // filtered : the file / dir is not extracted (filtered by user) + // already_a_directory : the file can not be extracted because a + // directory with the same name already exists + // write_protected : the file can not be extracted because a file + // with the same name already exists and is + // write protected + // newer_exist : the file was not extracted because a newer file exists + // path_creation_fail : the file is not extracted because the folder + // does not exist and can not be created + // write_error : the file was not extracted because there was an + // error while writing the file + // read_error : the file was not extracted because there was an error + // while reading the file + // invalid_header : the file was not extracted because of an archive + // format error (bad file header) + // Note that each time a method can continue operating when there + // is an action error on a file, the error is only logged in the file status. + // Return Values : + // 0 on an unrecoverable failure, + // The list of the files in the archive. + // -------------------------------------------------------------------------------- + function listContent() + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + return(0); + } + + // ----- Call the extracting fct + $p_list = array(); + if (($v_result = $this->privList($p_list)) != 1) + { + unset($p_list); + return(0); + } + + // ----- Return + return $p_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : + // extract($p_path="./", $p_remove_path="") + // extract([$p_option, $p_option_value, ...]) + // Description : + // This method supports two synopsis. The first one is historical. + // This method extract all the files / directories from the archive to the + // folder indicated in $p_path. + // If you want to ignore the 'root' part of path of the memorized files + // you can indicate this in the optional $p_remove_path parameter. + // By default, if a newer file with the same name already exists, the + // file is not extracted. + // + // If both PCLZIP_OPT_PATH and PCLZIP_OPT_ADD_PATH options + // are used, the path indicated in PCLZIP_OPT_ADD_PATH is append + // at the end of the path value of PCLZIP_OPT_PATH. + // Parameters : + // $p_path : Path where the files and directories are to be extracted + // $p_remove_path : First part ('root' part) of the memorized path + // (if any similar) to remove while extracting. + // Options : + // PCLZIP_OPT_PATH : + // PCLZIP_OPT_ADD_PATH : + // PCLZIP_OPT_REMOVE_PATH : + // PCLZIP_OPT_REMOVE_ALL_PATH : + // PCLZIP_CB_PRE_EXTRACT : + // PCLZIP_CB_POST_EXTRACT : + // Return Values : + // 0 or a negative value on failure, + // The list of the extracted files, with a status of the action. + // (see PclZip::listContent() for list entry format) + // -------------------------------------------------------------------------------- + function extract() + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + return(0); + } + + // ----- Set default values + $v_options = array(); +// $v_path = "./"; + $v_path = ''; + $v_remove_path = ""; + $v_remove_all_path = false; + + // ----- Look for variable options arguments + $v_size = func_num_args(); + + // ----- Default values for option + $v_options[PCLZIP_OPT_EXTRACT_AS_STRING] = FALSE; + + // ----- Look for arguments + if ($v_size > 0) { + // ----- Get the arguments + $v_arg_list = func_get_args(); + + // ----- Look for first arg + if ((is_integer($v_arg_list[0])) && ($v_arg_list[0] > 77000)) { + + // ----- Parse the options + $v_result = $this->privParseOptions($v_arg_list, $v_size, $v_options, + array (PCLZIP_OPT_PATH => 'optional', + PCLZIP_OPT_REMOVE_PATH => 'optional', + PCLZIP_OPT_REMOVE_ALL_PATH => 'optional', + PCLZIP_OPT_ADD_PATH => 'optional', + PCLZIP_CB_PRE_EXTRACT => 'optional', + PCLZIP_CB_POST_EXTRACT => 'optional', + PCLZIP_OPT_SET_CHMOD => 'optional', + PCLZIP_OPT_BY_NAME => 'optional', + PCLZIP_OPT_BY_EREG => 'optional', + PCLZIP_OPT_BY_PREG => 'optional', + PCLZIP_OPT_BY_INDEX => 'optional', + PCLZIP_OPT_EXTRACT_AS_STRING => 'optional', + PCLZIP_OPT_EXTRACT_IN_OUTPUT => 'optional', + PCLZIP_OPT_REPLACE_NEWER => 'optional' + ,PCLZIP_OPT_STOP_ON_ERROR => 'optional' + ,PCLZIP_OPT_EXTRACT_DIR_RESTRICTION => 'optional', + PCLZIP_OPT_TEMP_FILE_THRESHOLD => 'optional', + PCLZIP_OPT_TEMP_FILE_ON => 'optional', + PCLZIP_OPT_TEMP_FILE_OFF => 'optional' + )); + if ($v_result != 1) { + return 0; + } + + // ----- Set the arguments + if (isset($v_options[PCLZIP_OPT_PATH])) { + $v_path = $v_options[PCLZIP_OPT_PATH]; + } + if (isset($v_options[PCLZIP_OPT_REMOVE_PATH])) { + $v_remove_path = $v_options[PCLZIP_OPT_REMOVE_PATH]; + } + if (isset($v_options[PCLZIP_OPT_REMOVE_ALL_PATH])) { + $v_remove_all_path = $v_options[PCLZIP_OPT_REMOVE_ALL_PATH]; + } + if (isset($v_options[PCLZIP_OPT_ADD_PATH])) { + // ----- Check for '/' in last path char + if ((strlen($v_path) > 0) && (substr($v_path, -1) != '/')) { + $v_path .= '/'; + } + $v_path .= $v_options[PCLZIP_OPT_ADD_PATH]; + } + } + + // ----- Look for 2 args + // Here we need to support the first historic synopsis of the + // method. + else { + + // ----- Get the first argument + $v_path = $v_arg_list[0]; + + // ----- Look for the optional second argument + if ($v_size == 2) { + $v_remove_path = $v_arg_list[1]; + } + else if ($v_size > 2) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid number / type of arguments"); + + // ----- Return + return 0; + } + } + } + + // ----- Look for default option values + $this->privOptionDefaultThreshold($v_options); + + // ----- Trace + + // ----- Call the extracting fct + $p_list = array(); + $v_result = $this->privExtractByRule($p_list, $v_path, $v_remove_path, + $v_remove_all_path, $v_options); + if ($v_result < 1) { + unset($p_list); + return(0); + } + + // ----- Return + return $p_list; + } + // -------------------------------------------------------------------------------- + + + // -------------------------------------------------------------------------------- + // Function : + // extractByIndex($p_index, $p_path="./", $p_remove_path="") + // extractByIndex($p_index, [$p_option, $p_option_value, ...]) + // Description : + // This method supports two synopsis. The first one is historical. + // This method is doing a partial extract of the archive. + // The extracted files or folders are identified by their index in the + // archive (from 0 to n). + // Note that if the index identify a folder, only the folder entry is + // extracted, not all the files included in the archive. + // Parameters : + // $p_index : A single index (integer) or a string of indexes of files to + // extract. The form of the string is "0,4-6,8-12" with only numbers + // and '-' for range or ',' to separate ranges. No spaces or ';' + // are allowed. + // $p_path : Path where the files and directories are to be extracted + // $p_remove_path : First part ('root' part) of the memorized path + // (if any similar) to remove while extracting. + // Options : + // PCLZIP_OPT_PATH : + // PCLZIP_OPT_ADD_PATH : + // PCLZIP_OPT_REMOVE_PATH : + // PCLZIP_OPT_REMOVE_ALL_PATH : + // PCLZIP_OPT_EXTRACT_AS_STRING : The files are extracted as strings and + // not as files. + // The resulting content is in a new field 'content' in the file + // structure. + // This option must be used alone (any other options are ignored). + // PCLZIP_CB_PRE_EXTRACT : + // PCLZIP_CB_POST_EXTRACT : + // Return Values : + // 0 on failure, + // The list of the extracted files, with a status of the action. + // (see PclZip::listContent() for list entry format) + // -------------------------------------------------------------------------------- + //function extractByIndex($p_index, options...) + function extractByIndex($p_index) + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + return(0); + } + + // ----- Set default values + $v_options = array(); +// $v_path = "./"; + $v_path = ''; + $v_remove_path = ""; + $v_remove_all_path = false; + + // ----- Look for variable options arguments + $v_size = func_num_args(); + + // ----- Default values for option + $v_options[PCLZIP_OPT_EXTRACT_AS_STRING] = FALSE; + + // ----- Look for arguments + if ($v_size > 1) { + // ----- Get the arguments + $v_arg_list = func_get_args(); + + // ----- Remove form the options list the first argument + array_shift($v_arg_list); + $v_size--; + + // ----- Look for first arg + if ((is_integer($v_arg_list[0])) && ($v_arg_list[0] > 77000)) { + + // ----- Parse the options + $v_result = $this->privParseOptions($v_arg_list, $v_size, $v_options, + array (PCLZIP_OPT_PATH => 'optional', + PCLZIP_OPT_REMOVE_PATH => 'optional', + PCLZIP_OPT_REMOVE_ALL_PATH => 'optional', + PCLZIP_OPT_EXTRACT_AS_STRING => 'optional', + PCLZIP_OPT_ADD_PATH => 'optional', + PCLZIP_CB_PRE_EXTRACT => 'optional', + PCLZIP_CB_POST_EXTRACT => 'optional', + PCLZIP_OPT_SET_CHMOD => 'optional', + PCLZIP_OPT_REPLACE_NEWER => 'optional' + ,PCLZIP_OPT_STOP_ON_ERROR => 'optional' + ,PCLZIP_OPT_EXTRACT_DIR_RESTRICTION => 'optional', + PCLZIP_OPT_TEMP_FILE_THRESHOLD => 'optional', + PCLZIP_OPT_TEMP_FILE_ON => 'optional', + PCLZIP_OPT_TEMP_FILE_OFF => 'optional' + )); + if ($v_result != 1) { + return 0; + } + + // ----- Set the arguments + if (isset($v_options[PCLZIP_OPT_PATH])) { + $v_path = $v_options[PCLZIP_OPT_PATH]; + } + if (isset($v_options[PCLZIP_OPT_REMOVE_PATH])) { + $v_remove_path = $v_options[PCLZIP_OPT_REMOVE_PATH]; + } + if (isset($v_options[PCLZIP_OPT_REMOVE_ALL_PATH])) { + $v_remove_all_path = $v_options[PCLZIP_OPT_REMOVE_ALL_PATH]; + } + if (isset($v_options[PCLZIP_OPT_ADD_PATH])) { + // ----- Check for '/' in last path char + if ((strlen($v_path) > 0) && (substr($v_path, -1) != '/')) { + $v_path .= '/'; + } + $v_path .= $v_options[PCLZIP_OPT_ADD_PATH]; + } + if (!isset($v_options[PCLZIP_OPT_EXTRACT_AS_STRING])) { + $v_options[PCLZIP_OPT_EXTRACT_AS_STRING] = FALSE; + } + else { + } + } + + // ----- Look for 2 args + // Here we need to support the first historic synopsis of the + // method. + else { + + // ----- Get the first argument + $v_path = $v_arg_list[0]; + + // ----- Look for the optional second argument + if ($v_size == 2) { + $v_remove_path = $v_arg_list[1]; + } + else if ($v_size > 2) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid number / type of arguments"); + + // ----- Return + return 0; + } + } + } + + // ----- Trace + + // ----- Trick + // Here I want to reuse extractByRule(), so I need to parse the $p_index + // with privParseOptions() + $v_arg_trick = array (PCLZIP_OPT_BY_INDEX, $p_index); + $v_options_trick = array(); + $v_result = $this->privParseOptions($v_arg_trick, sizeof($v_arg_trick), $v_options_trick, + array (PCLZIP_OPT_BY_INDEX => 'optional' )); + if ($v_result != 1) { + return 0; + } + $v_options[PCLZIP_OPT_BY_INDEX] = $v_options_trick[PCLZIP_OPT_BY_INDEX]; + + // ----- Look for default option values + $this->privOptionDefaultThreshold($v_options); + + // ----- Call the extracting fct + if (($v_result = $this->privExtractByRule($p_list, $v_path, $v_remove_path, $v_remove_all_path, $v_options)) < 1) { + return(0); + } + + // ----- Return + return $p_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : + // delete([$p_option, $p_option_value, ...]) + // Description : + // This method removes files from the archive. + // If no parameters are given, then all the archive is emptied. + // Parameters : + // None or optional arguments. + // Options : + // PCLZIP_OPT_BY_INDEX : + // PCLZIP_OPT_BY_NAME : + // PCLZIP_OPT_BY_EREG : + // PCLZIP_OPT_BY_PREG : + // Return Values : + // 0 on failure, + // The list of the files which are still present in the archive. + // (see PclZip::listContent() for list entry format) + // -------------------------------------------------------------------------------- + function delete() + { + $v_result=1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + return(0); + } + + // ----- Set default values + $v_options = array(); + + // ----- Look for variable options arguments + $v_size = func_num_args(); + + // ----- Look for arguments + if ($v_size > 0) { + // ----- Get the arguments + $v_arg_list = func_get_args(); + + // ----- Parse the options + $v_result = $this->privParseOptions($v_arg_list, $v_size, $v_options, + array (PCLZIP_OPT_BY_NAME => 'optional', + PCLZIP_OPT_BY_EREG => 'optional', + PCLZIP_OPT_BY_PREG => 'optional', + PCLZIP_OPT_BY_INDEX => 'optional' )); + if ($v_result != 1) { + return 0; + } + } + + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Call the delete fct + $v_list = array(); + if (($v_result = $this->privDeleteByRule($v_list, $v_options)) != 1) { + $this->privSwapBackMagicQuotes(); + unset($v_list); + return(0); + } + + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : deleteByIndex() + // Description : + // ***** Deprecated ***** + // delete(PCLZIP_OPT_BY_INDEX, $p_index) should be preferred. + // -------------------------------------------------------------------------------- + function deleteByIndex($p_index) + { + + $p_list = $this->delete(PCLZIP_OPT_BY_INDEX, $p_index); + + // ----- Return + return $p_list; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : properties() + // Description : + // This method gives the properties of the archive. + // The properties are : + // nb : Number of files in the archive + // comment : Comment associated with the archive file + // status : not_exist, ok + // Parameters : + // None + // Return Values : + // 0 on failure, + // An array with the archive properties. + // -------------------------------------------------------------------------------- + function properties() + { + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + $this->privSwapBackMagicQuotes(); + return(0); + } + + // ----- Default properties + $v_prop = array(); + $v_prop['comment'] = ''; + $v_prop['nb'] = 0; + $v_prop['status'] = 'not_exist'; + + // ----- Look if file exists + if (@is_file($this->zipname)) + { + // ----- Open the zip file + if (($this->zip_fd = @fopen($this->zipname, 'rb')) == 0) + { + $this->privSwapBackMagicQuotes(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open archive \''.$this->zipname.'\' in binary read mode'); + + // ----- Return + return 0; + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + $this->privSwapBackMagicQuotes(); + return 0; + } + + // ----- Close the zip file + $this->privCloseFd(); + + // ----- Set the user attributes + $v_prop['comment'] = $v_central_dir['comment']; + $v_prop['nb'] = $v_central_dir['entries']; + $v_prop['status'] = 'ok'; + } + + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_prop; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : duplicate() + // Description : + // This method creates an archive by copying the content of an other one. If + // the archive already exist, it is replaced by the new one without any warning. + // Parameters : + // $p_archive : The filename of a valid archive, or + // a valid PclZip object. + // Return Values : + // 1 on success. + // 0 or a negative value on error (error code). + // -------------------------------------------------------------------------------- + function duplicate($p_archive) + { + $v_result = 1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Look if the $p_archive is an instantiated PclZip object + if ($p_archive instanceof pclzip) + { + + // ----- Duplicate the archive + $v_result = $this->privDuplicate($p_archive->zipname); + } + + // ----- Look if the $p_archive is a string (so a filename) + else if (is_string($p_archive)) + { + + // ----- Check that $p_archive is a valid zip file + // TBC : Should also check the archive format + if (!is_file($p_archive)) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_FILE, "No file with filename '".$p_archive."'"); + $v_result = PCLZIP_ERR_MISSING_FILE; + } + else { + // ----- Duplicate the archive + $v_result = $this->privDuplicate($p_archive); + } + } + + // ----- Invalid variable + else + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid variable type p_archive_to_add"); + $v_result = PCLZIP_ERR_INVALID_PARAMETER; + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : merge() + // Description : + // This method merge the $p_archive_to_add archive at the end of the current + // one ($this). + // If the archive ($this) does not exist, the merge becomes a duplicate. + // If the $p_archive_to_add archive does not exist, the merge is a success. + // Parameters : + // $p_archive_to_add : It can be directly the filename of a valid zip archive, + // or a PclZip object archive. + // Return Values : + // 1 on success, + // 0 or negative values on error (see below). + // -------------------------------------------------------------------------------- + function merge($p_archive_to_add) + { + $v_result = 1; + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Check archive + if (!$this->privCheckFormat()) { + return(0); + } + + // ----- Look if the $p_archive_to_add is an instantiated PclZip object + if ($p_archive_to_add instanceof pclzip) + { + + // ----- Merge the archive + $v_result = $this->privMerge($p_archive_to_add); + } + + // ----- Look if the $p_archive_to_add is a string (so a filename) + else if (is_string($p_archive_to_add)) + { + + // ----- Create a temporary archive + $v_object_archive = new PclZip($p_archive_to_add); + + // ----- Merge the archive + $v_result = $this->privMerge($v_object_archive); + } + + // ----- Invalid variable + else + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid variable type p_archive_to_add"); + $v_result = PCLZIP_ERR_INVALID_PARAMETER; + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + + + // -------------------------------------------------------------------------------- + // Function : errorCode() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function errorCode() + { + if (PCLZIP_ERROR_EXTERNAL == 1) { + return(PclErrorCode()); + } + else { + return($this->error_code); + } + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : errorName() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function errorName($p_with_code=false) + { + $v_name = array ( PCLZIP_ERR_NO_ERROR => 'PCLZIP_ERR_NO_ERROR', + PCLZIP_ERR_WRITE_OPEN_FAIL => 'PCLZIP_ERR_WRITE_OPEN_FAIL', + PCLZIP_ERR_READ_OPEN_FAIL => 'PCLZIP_ERR_READ_OPEN_FAIL', + PCLZIP_ERR_INVALID_PARAMETER => 'PCLZIP_ERR_INVALID_PARAMETER', + PCLZIP_ERR_MISSING_FILE => 'PCLZIP_ERR_MISSING_FILE', + PCLZIP_ERR_FILENAME_TOO_LONG => 'PCLZIP_ERR_FILENAME_TOO_LONG', + PCLZIP_ERR_INVALID_ZIP => 'PCLZIP_ERR_INVALID_ZIP', + PCLZIP_ERR_BAD_EXTRACTED_FILE => 'PCLZIP_ERR_BAD_EXTRACTED_FILE', + PCLZIP_ERR_DIR_CREATE_FAIL => 'PCLZIP_ERR_DIR_CREATE_FAIL', + PCLZIP_ERR_BAD_EXTENSION => 'PCLZIP_ERR_BAD_EXTENSION', + PCLZIP_ERR_BAD_FORMAT => 'PCLZIP_ERR_BAD_FORMAT', + PCLZIP_ERR_DELETE_FILE_FAIL => 'PCLZIP_ERR_DELETE_FILE_FAIL', + PCLZIP_ERR_RENAME_FILE_FAIL => 'PCLZIP_ERR_RENAME_FILE_FAIL', + PCLZIP_ERR_BAD_CHECKSUM => 'PCLZIP_ERR_BAD_CHECKSUM', + PCLZIP_ERR_INVALID_ARCHIVE_ZIP => 'PCLZIP_ERR_INVALID_ARCHIVE_ZIP', + PCLZIP_ERR_MISSING_OPTION_VALUE => 'PCLZIP_ERR_MISSING_OPTION_VALUE', + PCLZIP_ERR_INVALID_OPTION_VALUE => 'PCLZIP_ERR_INVALID_OPTION_VALUE', + PCLZIP_ERR_UNSUPPORTED_COMPRESSION => 'PCLZIP_ERR_UNSUPPORTED_COMPRESSION', + PCLZIP_ERR_UNSUPPORTED_ENCRYPTION => 'PCLZIP_ERR_UNSUPPORTED_ENCRYPTION' + ,PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE => 'PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE' + ,PCLZIP_ERR_DIRECTORY_RESTRICTION => 'PCLZIP_ERR_DIRECTORY_RESTRICTION' + ); + + if (isset($v_name[$this->error_code])) { + $v_value = $v_name[$this->error_code]; + } + else { + $v_value = 'NoName'; + } + + if ($p_with_code) { + return($v_value.' ('.$this->error_code.')'); + } + else { + return($v_value); + } + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : errorInfo() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function errorInfo($p_full=false) + { + if (PCLZIP_ERROR_EXTERNAL == 1) { + return(PclErrorString()); + } + else { + if ($p_full) { + return($this->errorName(true)." : ".$this->error_string); + } + else { + return($this->error_string." [code ".$this->error_code."]"); + } + } + } + // -------------------------------------------------------------------------------- + + +// -------------------------------------------------------------------------------- +// ***** UNDER THIS LINE ARE DEFINED PRIVATE INTERNAL FUNCTIONS ***** +// ***** ***** +// ***** THESES FUNCTIONS MUST NOT BE USED DIRECTLY ***** +// -------------------------------------------------------------------------------- + + + + // -------------------------------------------------------------------------------- + // Function : privCheckFormat() + // Description : + // This method check that the archive exists and is a valid zip archive. + // Several level of check exists. (futur) + // Parameters : + // $p_level : Level of check. Default 0. + // 0 : Check the first bytes (magic codes) (default value)) + // 1 : 0 + Check the central directory (futur) + // 2 : 1 + Check each file header (futur) + // Return Values : + // true on success, + // false on error, the error code is set. + // -------------------------------------------------------------------------------- + function privCheckFormat($p_level=0) + { + $v_result = true; + + // ----- Reset the file system cache + clearstatcache(); + + // ----- Reset the error handler + $this->privErrorReset(); + + // ----- Look if the file exits + if (!is_file($this->zipname)) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_FILE, "Missing archive file '".$this->zipname."'"); + return(false); + } + + // ----- Check that the file is readable + if (!is_readable($this->zipname)) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, "Unable to read archive '".$this->zipname."'"); + return(false); + } + + // ----- Check the magic code + // TBC + + // ----- Check the central header + // TBC + + // ----- Check each file header + // TBC + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privParseOptions() + // Description : + // This internal methods reads the variable list of arguments ($p_options_list, + // $p_size) and generate an array with the options and values ($v_result_list). + // $v_requested_options contains the options that can be present and those that + // must be present. + // $v_requested_options is an array, with the option value as key, and 'optional', + // or 'mandatory' as value. + // Parameters : + // See above. + // Return Values : + // 1 on success. + // 0 on failure. + // -------------------------------------------------------------------------------- + function privParseOptions(&$p_options_list, $p_size, &$v_result_list, $v_requested_options=false) + { + $v_result=1; + + // ----- Read the options + $i=0; + while ($i<$p_size) { + + // ----- Check if the option is supported + if (!isset($v_requested_options[$p_options_list[$i]])) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid optional parameter '".$p_options_list[$i]."' for this method"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Look for next option + switch ($p_options_list[$i]) { + // ----- Look for options that request a path value + case PCLZIP_OPT_PATH : + case PCLZIP_OPT_REMOVE_PATH : + case PCLZIP_OPT_ADD_PATH : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + $v_result_list[$p_options_list[$i]] = PclZipUtilTranslateWinPath($p_options_list[$i+1], FALSE); + $i++; + break; + + case PCLZIP_OPT_TEMP_FILE_THRESHOLD : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + return PclZip::errorCode(); + } + + // ----- Check for incompatible options + if (isset($v_result_list[PCLZIP_OPT_TEMP_FILE_OFF])) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Option '".PclZipUtilOptionText($p_options_list[$i])."' can not be used with option 'PCLZIP_OPT_TEMP_FILE_OFF'"); + return PclZip::errorCode(); + } + + // ----- Check the value + $v_value = $p_options_list[$i+1]; + if ((!is_integer($v_value)) || ($v_value<0)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Integer expected for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + return PclZip::errorCode(); + } + + // ----- Get the value (and convert it in bytes) + $v_result_list[$p_options_list[$i]] = $v_value*1048576; + $i++; + break; + + case PCLZIP_OPT_TEMP_FILE_ON : + // ----- Check for incompatible options + if (isset($v_result_list[PCLZIP_OPT_TEMP_FILE_OFF])) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Option '".PclZipUtilOptionText($p_options_list[$i])."' can not be used with option 'PCLZIP_OPT_TEMP_FILE_OFF'"); + return PclZip::errorCode(); + } + + $v_result_list[$p_options_list[$i]] = true; + break; + + case PCLZIP_OPT_TEMP_FILE_OFF : + // ----- Check for incompatible options + if (isset($v_result_list[PCLZIP_OPT_TEMP_FILE_ON])) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Option '".PclZipUtilOptionText($p_options_list[$i])."' can not be used with option 'PCLZIP_OPT_TEMP_FILE_ON'"); + return PclZip::errorCode(); + } + // ----- Check for incompatible options + if (isset($v_result_list[PCLZIP_OPT_TEMP_FILE_THRESHOLD])) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Option '".PclZipUtilOptionText($p_options_list[$i])."' can not be used with option 'PCLZIP_OPT_TEMP_FILE_THRESHOLD'"); + return PclZip::errorCode(); + } + + $v_result_list[$p_options_list[$i]] = true; + break; + + case PCLZIP_OPT_EXTRACT_DIR_RESTRICTION : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + if ( is_string($p_options_list[$i+1]) + && ($p_options_list[$i+1] != '')) { + $v_result_list[$p_options_list[$i]] = PclZipUtilTranslateWinPath($p_options_list[$i+1], FALSE); + $i++; + } + else { + } + break; + + // ----- Look for options that request an array of string for value + case PCLZIP_OPT_BY_NAME : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + if (is_string($p_options_list[$i+1])) { + $v_result_list[$p_options_list[$i]][0] = $p_options_list[$i+1]; + } + else if (is_array($p_options_list[$i+1])) { + $v_result_list[$p_options_list[$i]] = $p_options_list[$i+1]; + } + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Wrong parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + $i++; + break; + + // ----- Look for options that request an EREG or PREG expression + case PCLZIP_OPT_BY_EREG : + // ereg() is deprecated starting with PHP 5.3. Move PCLZIP_OPT_BY_EREG + // to PCLZIP_OPT_BY_PREG + $p_options_list[$i] = PCLZIP_OPT_BY_PREG; + case PCLZIP_OPT_BY_PREG : + //case PCLZIP_OPT_CRYPT : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + if (is_string($p_options_list[$i+1])) { + $v_result_list[$p_options_list[$i]] = $p_options_list[$i+1]; + } + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Wrong parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + $i++; + break; + + // ----- Look for options that takes a string + case PCLZIP_OPT_COMMENT : + case PCLZIP_OPT_ADD_COMMENT : + case PCLZIP_OPT_PREPEND_COMMENT : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, + "Missing parameter value for option '" + .PclZipUtilOptionText($p_options_list[$i]) + ."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + if (is_string($p_options_list[$i+1])) { + $v_result_list[$p_options_list[$i]] = $p_options_list[$i+1]; + } + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, + "Wrong parameter value for option '" + .PclZipUtilOptionText($p_options_list[$i]) + ."'"); + + // ----- Return + return PclZip::errorCode(); + } + $i++; + break; + + // ----- Look for options that request an array of index + case PCLZIP_OPT_BY_INDEX : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + $v_work_list = array(); + if (is_string($p_options_list[$i+1])) { + + // ----- Remove spaces + $p_options_list[$i+1] = strtr($p_options_list[$i+1], ' ', ''); + + // ----- Parse items + $v_work_list = explode(",", $p_options_list[$i+1]); + } + else if (is_integer($p_options_list[$i+1])) { + $v_work_list[0] = $p_options_list[$i+1].'-'.$p_options_list[$i+1]; + } + else if (is_array($p_options_list[$i+1])) { + $v_work_list = $p_options_list[$i+1]; + } + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Value must be integer, string or array for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Reduce the index list + // each index item in the list must be a couple with a start and + // an end value : [0,3], [5-5], [8-10], ... + // ----- Check the format of each item + $v_sort_flag=false; + $v_sort_value=0; + for ($j=0; $j<sizeof($v_work_list); $j++) { + // ----- Explode the item + $v_item_list = explode("-", $v_work_list[$j]); + $v_size_item_list = sizeof($v_item_list); + + // ----- TBC : Here we might check that each item is a + // real integer ... + + // ----- Look for single value + if ($v_size_item_list == 1) { + // ----- Set the option value + $v_result_list[$p_options_list[$i]][$j]['start'] = $v_item_list[0]; + $v_result_list[$p_options_list[$i]][$j]['end'] = $v_item_list[0]; + } + elseif ($v_size_item_list == 2) { + // ----- Set the option value + $v_result_list[$p_options_list[$i]][$j]['start'] = $v_item_list[0]; + $v_result_list[$p_options_list[$i]][$j]['end'] = $v_item_list[1]; + } + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Too many values in index range for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + + // ----- Look for list sort + if ($v_result_list[$p_options_list[$i]][$j]['start'] < $v_sort_value) { + $v_sort_flag=true; + + // ----- TBC : An automatic sort should be written ... + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Invalid order of index range for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + $v_sort_value = $v_result_list[$p_options_list[$i]][$j]['start']; + } + + // ----- Sort the items + if ($v_sort_flag) { + // TBC : To Be Completed + } + + // ----- Next option + $i++; + break; + + // ----- Look for options that request no value + case PCLZIP_OPT_REMOVE_ALL_PATH : + case PCLZIP_OPT_EXTRACT_AS_STRING : + case PCLZIP_OPT_NO_COMPRESSION : + case PCLZIP_OPT_EXTRACT_IN_OUTPUT : + case PCLZIP_OPT_REPLACE_NEWER : + case PCLZIP_OPT_STOP_ON_ERROR : + $v_result_list[$p_options_list[$i]] = true; + break; + + // ----- Look for options that request an octal value + case PCLZIP_OPT_SET_CHMOD : + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + $v_result_list[$p_options_list[$i]] = $p_options_list[$i+1]; + $i++; + break; + + // ----- Look for options that request a call-back + case PCLZIP_CB_PRE_EXTRACT : + case PCLZIP_CB_POST_EXTRACT : + case PCLZIP_CB_PRE_ADD : + case PCLZIP_CB_POST_ADD : + /* for futur use + case PCLZIP_CB_PRE_DELETE : + case PCLZIP_CB_POST_DELETE : + case PCLZIP_CB_PRE_LIST : + case PCLZIP_CB_POST_LIST : + */ + // ----- Check the number of parameters + if (($i+1) >= $p_size) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_OPTION_VALUE, "Missing parameter value for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Get the value + $v_function_name = $p_options_list[$i+1]; + + // ----- Check that the value is a valid existing function + if (!function_exists($v_function_name)) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, "Function '".$v_function_name."()' is not an existing function for option '".PclZipUtilOptionText($p_options_list[$i])."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Set the attribute + $v_result_list[$p_options_list[$i]] = $v_function_name; + $i++; + break; + + default : + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, + "Unknown parameter '" + .$p_options_list[$i]."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Next options + $i++; + } + + // ----- Look for mandatory options + if ($v_requested_options !== false) { + for ($key=reset($v_requested_options); $key=key($v_requested_options); $key=next($v_requested_options)) { + // ----- Look for mandatory option + if ($v_requested_options[$key] == 'mandatory') { + // ----- Look if present + if (!isset($v_result_list[$key])) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Missing mandatory parameter ".PclZipUtilOptionText($key)."(".$key.")"); + + // ----- Return + return PclZip::errorCode(); + } + } + } + } + + // ----- Look for default values + if (!isset($v_result_list[PCLZIP_OPT_TEMP_FILE_THRESHOLD])) { + + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privOptionDefaultThreshold() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privOptionDefaultThreshold(&$p_options) + { + $v_result=1; + + if (isset($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD]) + || isset($p_options[PCLZIP_OPT_TEMP_FILE_OFF])) { + return $v_result; + } + + // ----- Get 'memory_limit' configuration value + $v_memory_limit = ini_get('memory_limit'); + $v_memory_limit = trim($v_memory_limit); + $v_memory_limit_int = (int) $v_memory_limit; + $last = strtolower(substr($v_memory_limit, -1)); + + if($last == 'g') + //$v_memory_limit_int = $v_memory_limit_int*1024*1024*1024; + $v_memory_limit_int = $v_memory_limit_int*1073741824; + if($last == 'm') + //$v_memory_limit_int = $v_memory_limit_int*1024*1024; + $v_memory_limit_int = $v_memory_limit_int*1048576; + if($last == 'k') + $v_memory_limit_int = $v_memory_limit_int*1024; + + $p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD] = floor($v_memory_limit_int*PCLZIP_TEMPORARY_FILE_RATIO); + + + // ----- Sanity check : No threshold if value lower than 1M + if ($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD] < 1048576) { + unset($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD]); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privFileDescrParseAtt() + // Description : + // Parameters : + // Return Values : + // 1 on success. + // 0 on failure. + // -------------------------------------------------------------------------------- + function privFileDescrParseAtt(&$p_file_list, &$p_filedescr, $v_options, $v_requested_options=false) + { + $v_result=1; + + // ----- For each file in the list check the attributes + foreach ($p_file_list as $v_key => $v_value) { + + // ----- Check if the option is supported + if (!isset($v_requested_options[$v_key])) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid file attribute '".$v_key."' for this file"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Look for attribute + switch ($v_key) { + case PCLZIP_ATT_FILE_NAME : + if (!is_string($v_value)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid type ".gettype($v_value).". String expected for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + $p_filedescr['filename'] = PclZipUtilPathReduction($v_value); + + if ($p_filedescr['filename'] == '') { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid empty filename for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + break; + + case PCLZIP_ATT_FILE_NEW_SHORT_NAME : + if (!is_string($v_value)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid type ".gettype($v_value).". String expected for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + $p_filedescr['new_short_name'] = PclZipUtilPathReduction($v_value); + + if ($p_filedescr['new_short_name'] == '') { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid empty short filename for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + break; + + case PCLZIP_ATT_FILE_NEW_FULL_NAME : + if (!is_string($v_value)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid type ".gettype($v_value).". String expected for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + $p_filedescr['new_full_name'] = PclZipUtilPathReduction($v_value); + + if ($p_filedescr['new_full_name'] == '') { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid empty full filename for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + break; + + // ----- Look for options that takes a string + case PCLZIP_ATT_FILE_COMMENT : + if (!is_string($v_value)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid type ".gettype($v_value).". String expected for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + $p_filedescr['comment'] = $v_value; + break; + + case PCLZIP_ATT_FILE_MTIME : + if (!is_integer($v_value)) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ATTRIBUTE_VALUE, "Invalid type ".gettype($v_value).". Integer expected for attribute '".PclZipUtilOptionText($v_key)."'"); + return PclZip::errorCode(); + } + + $p_filedescr['mtime'] = $v_value; + break; + + case PCLZIP_ATT_FILE_CONTENT : + $p_filedescr['content'] = $v_value; + break; + + default : + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, + "Unknown parameter '".$v_key."'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Look for mandatory options + if ($v_requested_options !== false) { + for ($key=reset($v_requested_options); $key=key($v_requested_options); $key=next($v_requested_options)) { + // ----- Look for mandatory option + if ($v_requested_options[$key] == 'mandatory') { + // ----- Look if present + if (!isset($p_file_list[$key])) { + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Missing mandatory parameter ".PclZipUtilOptionText($key)."(".$key.")"); + return PclZip::errorCode(); + } + } + } + } + + // end foreach + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privFileDescrExpand() + // Description : + // This method look for each item of the list to see if its a file, a folder + // or a string to be added as file. For any other type of files (link, other) + // just ignore the item. + // Then prepare the information that will be stored for that file. + // When its a folder, expand the folder with all the files that are in that + // folder (recursively). + // Parameters : + // Return Values : + // 1 on success. + // 0 on failure. + // -------------------------------------------------------------------------------- + function privFileDescrExpand(&$p_filedescr_list, &$p_options) + { + $v_result=1; + + // ----- Create a result list + $v_result_list = array(); + + // ----- Look each entry + for ($i=0; $i<sizeof($p_filedescr_list); $i++) { + + // ----- Get filedescr + $v_descr = $p_filedescr_list[$i]; + + // ----- Reduce the filename + $v_descr['filename'] = PclZipUtilTranslateWinPath($v_descr['filename'], false); + $v_descr['filename'] = PclZipUtilPathReduction($v_descr['filename']); + + // ----- Look for real file or folder + if (file_exists($v_descr['filename'])) { + if (@is_file($v_descr['filename'])) { + $v_descr['type'] = 'file'; + } + else if (@is_dir($v_descr['filename'])) { + $v_descr['type'] = 'folder'; + } + else if (@is_link($v_descr['filename'])) { + // skip + continue; + } + else { + // skip + continue; + } + } + + // ----- Look for string added as file + else if (isset($v_descr['content'])) { + $v_descr['type'] = 'virtual_file'; + } + + // ----- Missing file + else { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_MISSING_FILE, "File '".$v_descr['filename']."' does not exist"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Calculate the stored filename + $this->privCalculateStoredFilename($v_descr, $p_options); + + // ----- Add the descriptor in result list + $v_result_list[sizeof($v_result_list)] = $v_descr; + + // ----- Look for folder + if ($v_descr['type'] == 'folder') { + // ----- List of items in folder + $v_dirlist_descr = array(); + $v_dirlist_nb = 0; + if ($v_folder_handler = @opendir($v_descr['filename'])) { + while (($v_item_handler = @readdir($v_folder_handler)) !== false) { + + // ----- Skip '.' and '..' + if (($v_item_handler == '.') || ($v_item_handler == '..')) { + continue; + } + + // ----- Compose the full filename + $v_dirlist_descr[$v_dirlist_nb]['filename'] = $v_descr['filename'].'/'.$v_item_handler; + + // ----- Look for different stored filename + // Because the name of the folder was changed, the name of the + // files/sub-folders also change + if (($v_descr['stored_filename'] != $v_descr['filename']) + && (!isset($p_options[PCLZIP_OPT_REMOVE_ALL_PATH]))) { + if ($v_descr['stored_filename'] != '') { + $v_dirlist_descr[$v_dirlist_nb]['new_full_name'] = $v_descr['stored_filename'].'/'.$v_item_handler; + } + else { + $v_dirlist_descr[$v_dirlist_nb]['new_full_name'] = $v_item_handler; + } + } + + $v_dirlist_nb++; + } + + @closedir($v_folder_handler); + } + else { + // TBC : unable to open folder in read mode + } + + // ----- Expand each element of the list + if ($v_dirlist_nb != 0) { + // ----- Expand + if (($v_result = $this->privFileDescrExpand($v_dirlist_descr, $p_options)) != 1) { + return $v_result; + } + + // ----- Concat the resulting list + $v_result_list = array_merge($v_result_list, $v_dirlist_descr); + } + else { + } + + // ----- Free local array + unset($v_dirlist_descr); + } + } + + // ----- Get the result list + $p_filedescr_list = $v_result_list; + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privCreate() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privCreate($p_filedescr_list, &$p_result_list, &$p_options) + { + $v_result=1; + $v_list_detail = array(); + + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Open the file in write mode + if (($v_result = $this->privOpenFd('wb')) != 1) + { + // ----- Return + return $v_result; + } + + // ----- Add the list of files + $v_result = $this->privAddList($p_filedescr_list, $p_result_list, $p_options); + + // ----- Close + $this->privCloseFd(); + + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privAdd() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privAdd($p_filedescr_list, &$p_result_list, &$p_options) + { + $v_result=1; + $v_list_detail = array(); + + // ----- Look if the archive exists or is empty + if ((!is_file($this->zipname)) || (filesize($this->zipname) == 0)) + { + + // ----- Do a create + $v_result = $this->privCreate($p_filedescr_list, $p_result_list, $p_options); + + // ----- Return + return $v_result; + } + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Open the zip file + if (($v_result=$this->privOpenFd('rb')) != 1) + { + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result; + } + + // ----- Go to beginning of File + @rewind($this->zip_fd); + + // ----- Creates a temporary file + $v_zip_temp_name = PCLZIP_TEMPORARY_DIR.uniqid('pclzip-').'.tmp'; + + // ----- Open the temporary file in write mode + if (($v_zip_temp_fd = @fopen($v_zip_temp_name, 'wb')) == 0) + { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open temporary file \''.$v_zip_temp_name.'\' in binary write mode'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Copy the files from the archive to the temporary file + // TBC : Here I should better append the file and go back to erase the central dir + $v_size = $v_central_dir['offset']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = fread($this->zip_fd, $v_read_size); + @fwrite($v_zip_temp_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Swap the file descriptor + // Here is a trick : I swap the temporary fd with the zip fd, in order to use + // the following methods on the temporary fil and not the real archive + $v_swap = $this->zip_fd; + $this->zip_fd = $v_zip_temp_fd; + $v_zip_temp_fd = $v_swap; + + // ----- Add the files + $v_header_list = array(); + if (($v_result = $this->privAddFileList($p_filedescr_list, $v_header_list, $p_options)) != 1) + { + fclose($v_zip_temp_fd); + $this->privCloseFd(); + @unlink($v_zip_temp_name); + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + + // ----- Store the offset of the central dir + $v_offset = @ftell($this->zip_fd); + + // ----- Copy the block of file headers from the old archive + $v_size = $v_central_dir['size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($v_zip_temp_fd, $v_read_size); + @fwrite($this->zip_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Create the Central Dir files header + for ($i=0, $v_count=0; $i<sizeof($v_header_list); $i++) + { + // ----- Create the file header + if ($v_header_list[$i]['status'] == 'ok') { + if (($v_result = $this->privWriteCentralFileHeader($v_header_list[$i])) != 1) { + fclose($v_zip_temp_fd); + $this->privCloseFd(); + @unlink($v_zip_temp_name); + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + $v_count++; + } + + // ----- Transform the header to a 'usable' info + $this->privConvertHeader2FileInfo($v_header_list[$i], $p_result_list[$i]); + } + + // ----- Zip file comment + $v_comment = $v_central_dir['comment']; + if (isset($p_options[PCLZIP_OPT_COMMENT])) { + $v_comment = $p_options[PCLZIP_OPT_COMMENT]; + } + if (isset($p_options[PCLZIP_OPT_ADD_COMMENT])) { + $v_comment = $v_comment.$p_options[PCLZIP_OPT_ADD_COMMENT]; + } + if (isset($p_options[PCLZIP_OPT_PREPEND_COMMENT])) { + $v_comment = $p_options[PCLZIP_OPT_PREPEND_COMMENT].$v_comment; + } + + // ----- Calculate the size of the central header + $v_size = @ftell($this->zip_fd)-$v_offset; + + // ----- Create the central dir footer + if (($v_result = $this->privWriteCentralHeader($v_count+$v_central_dir['entries'], $v_size, $v_offset, $v_comment)) != 1) + { + // ----- Reset the file list + unset($v_header_list); + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + + // ----- Swap back the file descriptor + $v_swap = $this->zip_fd; + $this->zip_fd = $v_zip_temp_fd; + $v_zip_temp_fd = $v_swap; + + // ----- Close + $this->privCloseFd(); + + // ----- Close the temporary file + @fclose($v_zip_temp_fd); + + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Delete the zip file + // TBC : I should test the result ... + @unlink($this->zipname); + + // ----- Rename the temporary file + // TBC : I should test the result ... + //@rename($v_zip_temp_name, $this->zipname); + PclZipUtilRename($v_zip_temp_name, $this->zipname); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privOpenFd() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function privOpenFd($p_mode) + { + $v_result=1; + + // ----- Look if already open + if ($this->zip_fd != 0) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Zip file \''.$this->zipname.'\' already open'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Open the zip file + if (($this->zip_fd = @fopen($this->zipname, $p_mode)) == 0) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open archive \''.$this->zipname.'\' in '.$p_mode.' mode'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privCloseFd() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function privCloseFd() + { + $v_result=1; + + if ($this->zip_fd != 0) + @fclose($this->zip_fd); + $this->zip_fd = 0; + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privAddList() + // Description : + // $p_add_dir and $p_remove_dir will give the ability to memorize a path which is + // different from the real path of the file. This is useful if you want to have PclTar + // running in any directory, and memorize relative path from an other directory. + // Parameters : + // $p_list : An array containing the file or directory names to add in the tar + // $p_result_list : list of added files with their properties (specially the status field) + // $p_add_dir : Path to add in the filename path archived + // $p_remove_dir : Path to remove in the filename path archived + // Return Values : + // -------------------------------------------------------------------------------- +// function privAddList($p_list, &$p_result_list, $p_add_dir, $p_remove_dir, $p_remove_all_dir, &$p_options) + function privAddList($p_filedescr_list, &$p_result_list, &$p_options) + { + $v_result=1; + + // ----- Add the files + $v_header_list = array(); + if (($v_result = $this->privAddFileList($p_filedescr_list, $v_header_list, $p_options)) != 1) + { + // ----- Return + return $v_result; + } + + // ----- Store the offset of the central dir + $v_offset = @ftell($this->zip_fd); + + // ----- Create the Central Dir files header + for ($i=0,$v_count=0; $i<sizeof($v_header_list); $i++) + { + // ----- Create the file header + if ($v_header_list[$i]['status'] == 'ok') { + if (($v_result = $this->privWriteCentralFileHeader($v_header_list[$i])) != 1) { + // ----- Return + return $v_result; + } + $v_count++; + } + + // ----- Transform the header to a 'usable' info + $this->privConvertHeader2FileInfo($v_header_list[$i], $p_result_list[$i]); + } + + // ----- Zip file comment + $v_comment = ''; + if (isset($p_options[PCLZIP_OPT_COMMENT])) { + $v_comment = $p_options[PCLZIP_OPT_COMMENT]; + } + + // ----- Calculate the size of the central header + $v_size = @ftell($this->zip_fd)-$v_offset; + + // ----- Create the central dir footer + if (($v_result = $this->privWriteCentralHeader($v_count, $v_size, $v_offset, $v_comment)) != 1) + { + // ----- Reset the file list + unset($v_header_list); + + // ----- Return + return $v_result; + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privAddFileList() + // Description : + // Parameters : + // $p_filedescr_list : An array containing the file description + // or directory names to add in the zip + // $p_result_list : list of added files with their properties (specially the status field) + // Return Values : + // -------------------------------------------------------------------------------- + function privAddFileList($p_filedescr_list, &$p_result_list, &$p_options) + { + $v_result=1; + $v_header = array(); + + // ----- Recuperate the current number of elt in list + $v_nb = sizeof($p_result_list); + + // ----- Loop on the files + for ($j=0; ($j<sizeof($p_filedescr_list)) && ($v_result==1); $j++) { + // ----- Format the filename + $p_filedescr_list[$j]['filename'] + = PclZipUtilTranslateWinPath($p_filedescr_list[$j]['filename'], false); + + + // ----- Skip empty file names + // TBC : Can this be possible ? not checked in DescrParseAtt ? + if ($p_filedescr_list[$j]['filename'] == "") { + continue; + } + + // ----- Check the filename + if ( ($p_filedescr_list[$j]['type'] != 'virtual_file') + && (!file_exists($p_filedescr_list[$j]['filename']))) { + PclZip::privErrorLog(PCLZIP_ERR_MISSING_FILE, "File '".$p_filedescr_list[$j]['filename']."' does not exist"); + return PclZip::errorCode(); + } + + // ----- Look if it is a file or a dir with no all path remove option + // or a dir with all its path removed +// if ( (is_file($p_filedescr_list[$j]['filename'])) +// || ( is_dir($p_filedescr_list[$j]['filename']) + if ( ($p_filedescr_list[$j]['type'] == 'file') + || ($p_filedescr_list[$j]['type'] == 'virtual_file') + || ( ($p_filedescr_list[$j]['type'] == 'folder') + && ( !isset($p_options[PCLZIP_OPT_REMOVE_ALL_PATH]) + || !$p_options[PCLZIP_OPT_REMOVE_ALL_PATH])) + ) { + + // ----- Add the file + $v_result = $this->privAddFile($p_filedescr_list[$j], $v_header, + $p_options); + if ($v_result != 1) { + return $v_result; + } + + // ----- Store the file infos + $p_result_list[$v_nb++] = $v_header; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privAddFile() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privAddFile($p_filedescr, &$p_header, &$p_options) + { + $v_result=1; + + // ----- Working variable + $p_filename = $p_filedescr['filename']; + + // TBC : Already done in the fileAtt check ... ? + if ($p_filename == "") { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_PARAMETER, "Invalid file list parameter (invalid or empty list)"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Look for a stored different filename + /* TBC : Removed + if (isset($p_filedescr['stored_filename'])) { + $v_stored_filename = $p_filedescr['stored_filename']; + } + else { + $v_stored_filename = $p_filedescr['stored_filename']; + } + */ + + // ----- Set the file properties + clearstatcache(); + $p_header['version'] = 20; + $p_header['version_extracted'] = 10; + $p_header['flag'] = 0; + $p_header['compression'] = 0; + $p_header['crc'] = 0; + $p_header['compressed_size'] = 0; + $p_header['filename_len'] = strlen($p_filename); + $p_header['extra_len'] = 0; + $p_header['disk'] = 0; + $p_header['internal'] = 0; + $p_header['offset'] = 0; + $p_header['filename'] = $p_filename; +// TBC : Removed $p_header['stored_filename'] = $v_stored_filename; + $p_header['stored_filename'] = $p_filedescr['stored_filename']; + $p_header['extra'] = ''; + $p_header['status'] = 'ok'; + $p_header['index'] = -1; + + // ----- Look for regular file + if ($p_filedescr['type']=='file') { + $p_header['external'] = 0x00000000; + $p_header['size'] = filesize($p_filename); + } + + // ----- Look for regular folder + else if ($p_filedescr['type']=='folder') { + $p_header['external'] = 0x00000010; + $p_header['mtime'] = filemtime($p_filename); + $p_header['size'] = filesize($p_filename); + } + + // ----- Look for virtual file + else if ($p_filedescr['type'] == 'virtual_file') { + $p_header['external'] = 0x00000000; + $p_header['size'] = strlen($p_filedescr['content']); + } + + + // ----- Look for filetime + if (isset($p_filedescr['mtime'])) { + $p_header['mtime'] = $p_filedescr['mtime']; + } + else if ($p_filedescr['type'] == 'virtual_file') { + $p_header['mtime'] = time(); + } + else { + $p_header['mtime'] = filemtime($p_filename); + } + + // ------ Look for file comment + if (isset($p_filedescr['comment'])) { + $p_header['comment_len'] = strlen($p_filedescr['comment']); + $p_header['comment'] = $p_filedescr['comment']; + } + else { + $p_header['comment_len'] = 0; + $p_header['comment'] = ''; + } + + // ----- Look for pre-add callback + if (isset($p_options[PCLZIP_CB_PRE_ADD])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_header, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_PRE_ADD](PCLZIP_CB_PRE_ADD, $v_local_header); + if ($v_result == 0) { + // ----- Change the file status + $p_header['status'] = "skipped"; + $v_result = 1; + } + + // ----- Update the information + // Only some fields can be modified + if ($p_header['stored_filename'] != $v_local_header['stored_filename']) { + $p_header['stored_filename'] = PclZipUtilPathReduction($v_local_header['stored_filename']); + } + } + + // ----- Look for empty stored filename + if ($p_header['stored_filename'] == "") { + $p_header['status'] = "filtered"; + } + + // ----- Check the path length + if (strlen($p_header['stored_filename']) > 0xFF) { + $p_header['status'] = 'filename_too_long'; + } + + // ----- Look if no error, or file not skipped + if ($p_header['status'] == 'ok') { + + // ----- Look for a file + if ($p_filedescr['type'] == 'file') { + // ----- Look for using temporary file to zip + if ( (!isset($p_options[PCLZIP_OPT_TEMP_FILE_OFF])) + && (isset($p_options[PCLZIP_OPT_TEMP_FILE_ON]) + || (isset($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD]) + && ($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD] <= $p_header['size'])) ) ) { + $v_result = $this->privAddFileUsingTempFile($p_filedescr, $p_header, $p_options); + if ($v_result < PCLZIP_ERR_NO_ERROR) { + return $v_result; + } + } + + // ----- Use "in memory" zip algo + else { + + // ----- Open the source file + if (($v_file = @fopen($p_filename, "rb")) == 0) { + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, "Unable to open file '$p_filename' in binary read mode"); + return PclZip::errorCode(); + } + + // ----- Read the file content + if ($p_header['size'] > 0) { + $v_content = @fread($v_file, $p_header['size']); + } + else { + $v_content = ''; + } + + // ----- Close the file + @fclose($v_file); + + // ----- Calculate the CRC + $p_header['crc'] = @crc32($v_content); + + // ----- Look for no compression + if ($p_options[PCLZIP_OPT_NO_COMPRESSION]) { + // ----- Set header parameters + $p_header['compressed_size'] = $p_header['size']; + $p_header['compression'] = 0; + } + + // ----- Look for normal compression + else { + // ----- Compress the content + $v_content = @gzdeflate($v_content); + + // ----- Set header parameters + $p_header['compressed_size'] = strlen($v_content); + $p_header['compression'] = 8; + } + + // ----- Call the header generation + if (($v_result = $this->privWriteFileHeader($p_header)) != 1) { + @fclose($v_file); + return $v_result; + } + + // ----- Write the compressed (or not) content + @fwrite($this->zip_fd, $v_content, $p_header['compressed_size']); + + } + + } + + // ----- Look for a virtual file (a file from string) + else if ($p_filedescr['type'] == 'virtual_file') { + + $v_content = $p_filedescr['content']; + + // ----- Calculate the CRC + $p_header['crc'] = @crc32($v_content); + + // ----- Look for no compression + if ($p_options[PCLZIP_OPT_NO_COMPRESSION]) { + // ----- Set header parameters + $p_header['compressed_size'] = $p_header['size']; + $p_header['compression'] = 0; + } + + // ----- Look for normal compression + else { + // ----- Compress the content + $v_content = @gzdeflate($v_content); + + // ----- Set header parameters + $p_header['compressed_size'] = strlen($v_content); + $p_header['compression'] = 8; + } + + // ----- Call the header generation + if (($v_result = $this->privWriteFileHeader($p_header)) != 1) { + @fclose($v_file); + return $v_result; + } + + // ----- Write the compressed (or not) content + @fwrite($this->zip_fd, $v_content, $p_header['compressed_size']); + } + + // ----- Look for a directory + else if ($p_filedescr['type'] == 'folder') { + // ----- Look for directory last '/' + if (@substr($p_header['stored_filename'], -1) != '/') { + $p_header['stored_filename'] .= '/'; + } + + // ----- Set the file properties + $p_header['size'] = 0; + //$p_header['external'] = 0x41FF0010; // Value for a folder : to be checked + $p_header['external'] = 0x00000010; // Value for a folder : to be checked + + // ----- Call the header generation + if (($v_result = $this->privWriteFileHeader($p_header)) != 1) + { + return $v_result; + } + } + } + + // ----- Look for post-add callback + if (isset($p_options[PCLZIP_CB_POST_ADD])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_header, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_POST_ADD](PCLZIP_CB_POST_ADD, $v_local_header); + if ($v_result == 0) { + // ----- Ignored + $v_result = 1; + } + + // ----- Update the information + // Nothing can be modified + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privAddFileUsingTempFile() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privAddFileUsingTempFile($p_filedescr, &$p_header, &$p_options) + { + $v_result=PCLZIP_ERR_NO_ERROR; + + // ----- Working variable + $p_filename = $p_filedescr['filename']; + + + // ----- Open the source file + if (($v_file = @fopen($p_filename, "rb")) == 0) { + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, "Unable to open file '$p_filename' in binary read mode"); + return PclZip::errorCode(); + } + + // ----- Creates a compressed temporary file + $v_gzip_temp_name = PCLZIP_TEMPORARY_DIR.uniqid('pclzip-').'.gz'; + if (($v_file_compressed = @gzopen($v_gzip_temp_name, "wb")) == 0) { + fclose($v_file); + PclZip::privErrorLog(PCLZIP_ERR_WRITE_OPEN_FAIL, 'Unable to open temporary file \''.$v_gzip_temp_name.'\' in binary write mode'); + return PclZip::errorCode(); + } + + // ----- Read the file by PCLZIP_READ_BLOCK_SIZE octets blocks + $v_size = filesize($p_filename); + while ($v_size != 0) { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($v_file, $v_read_size); + //$v_binary_data = pack('a'.$v_read_size, $v_buffer); + @gzputs($v_file_compressed, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Close the file + @fclose($v_file); + @gzclose($v_file_compressed); + + // ----- Check the minimum file size + if (filesize($v_gzip_temp_name) < 18) { + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'gzip temporary file \''.$v_gzip_temp_name.'\' has invalid filesize - should be minimum 18 bytes'); + return PclZip::errorCode(); + } + + // ----- Extract the compressed attributes + if (($v_file_compressed = @fopen($v_gzip_temp_name, "rb")) == 0) { + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open temporary file \''.$v_gzip_temp_name.'\' in binary read mode'); + return PclZip::errorCode(); + } + + // ----- Read the gzip file header + $v_binary_data = @fread($v_file_compressed, 10); + $v_data_header = unpack('a1id1/a1id2/a1cm/a1flag/Vmtime/a1xfl/a1os', $v_binary_data); + + // ----- Check some parameters + $v_data_header['os'] = bin2hex($v_data_header['os']); + + // ----- Read the gzip file footer + @fseek($v_file_compressed, filesize($v_gzip_temp_name)-8); + $v_binary_data = @fread($v_file_compressed, 8); + $v_data_footer = unpack('Vcrc/Vcompressed_size', $v_binary_data); + + // ----- Set the attributes + $p_header['compression'] = ord($v_data_header['cm']); + //$p_header['mtime'] = $v_data_header['mtime']; + $p_header['crc'] = $v_data_footer['crc']; + $p_header['compressed_size'] = filesize($v_gzip_temp_name)-18; + + // ----- Close the file + @fclose($v_file_compressed); + + // ----- Call the header generation + if (($v_result = $this->privWriteFileHeader($p_header)) != 1) { + return $v_result; + } + + // ----- Add the compressed data + if (($v_file_compressed = @fopen($v_gzip_temp_name, "rb")) == 0) + { + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open temporary file \''.$v_gzip_temp_name.'\' in binary read mode'); + return PclZip::errorCode(); + } + + // ----- Read the file by PCLZIP_READ_BLOCK_SIZE octets blocks + fseek($v_file_compressed, 10); + $v_size = $p_header['compressed_size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($v_file_compressed, $v_read_size); + //$v_binary_data = pack('a'.$v_read_size, $v_buffer); + @fwrite($this->zip_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Close the file + @fclose($v_file_compressed); + + // ----- Unlink the temporary file + @unlink($v_gzip_temp_name); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privCalculateStoredFilename() + // Description : + // Based on file descriptor properties and global options, this method + // calculate the filename that will be stored in the archive. + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privCalculateStoredFilename(&$p_filedescr, &$p_options) + { + $v_result=1; + + // ----- Working variables + $p_filename = $p_filedescr['filename']; + if (isset($p_options[PCLZIP_OPT_ADD_PATH])) { + $p_add_dir = $p_options[PCLZIP_OPT_ADD_PATH]; + } + else { + $p_add_dir = ''; + } + if (isset($p_options[PCLZIP_OPT_REMOVE_PATH])) { + $p_remove_dir = $p_options[PCLZIP_OPT_REMOVE_PATH]; + } + else { + $p_remove_dir = ''; + } + if (isset($p_options[PCLZIP_OPT_REMOVE_ALL_PATH])) { + $p_remove_all_dir = $p_options[PCLZIP_OPT_REMOVE_ALL_PATH]; + } + else { + $p_remove_all_dir = 0; + } + + + // ----- Look for full name change + if (isset($p_filedescr['new_full_name'])) { + // ----- Remove drive letter if any + $v_stored_filename = PclZipUtilTranslateWinPath($p_filedescr['new_full_name']); + } + + // ----- Look for path and/or short name change + else { + + // ----- Look for short name change + // Its when we change just the filename but not the path + if (isset($p_filedescr['new_short_name'])) { + $v_path_info = pathinfo($p_filename); + $v_dir = ''; + if ($v_path_info['dirname'] != '') { + $v_dir = $v_path_info['dirname'].'/'; + } + $v_stored_filename = $v_dir.$p_filedescr['new_short_name']; + } + else { + // ----- Calculate the stored filename + $v_stored_filename = $p_filename; + } + + // ----- Look for all path to remove + if ($p_remove_all_dir) { + $v_stored_filename = basename($p_filename); + } + // ----- Look for partial path remove + else if ($p_remove_dir != "") { + if (substr($p_remove_dir, -1) != '/') + $p_remove_dir .= "/"; + + if ( (substr($p_filename, 0, 2) == "./") + || (substr($p_remove_dir, 0, 2) == "./")) { + + if ( (substr($p_filename, 0, 2) == "./") + && (substr($p_remove_dir, 0, 2) != "./")) { + $p_remove_dir = "./".$p_remove_dir; + } + if ( (substr($p_filename, 0, 2) != "./") + && (substr($p_remove_dir, 0, 2) == "./")) { + $p_remove_dir = substr($p_remove_dir, 2); + } + } + + $v_compare = PclZipUtilPathInclusion($p_remove_dir, + $v_stored_filename); + if ($v_compare > 0) { + if ($v_compare == 2) { + $v_stored_filename = ""; + } + else { + $v_stored_filename = substr($v_stored_filename, + strlen($p_remove_dir)); + } + } + } + + // ----- Remove drive letter if any + $v_stored_filename = PclZipUtilTranslateWinPath($v_stored_filename); + + // ----- Look for path to add + if ($p_add_dir != "") { + if (substr($p_add_dir, -1) == "/") + $v_stored_filename = $p_add_dir.$v_stored_filename; + else + $v_stored_filename = $p_add_dir."/".$v_stored_filename; + } + } + + // ----- Filename (reduce the path of stored name) + $v_stored_filename = PclZipUtilPathReduction($v_stored_filename); + $p_filedescr['stored_filename'] = $v_stored_filename; + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privWriteFileHeader() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privWriteFileHeader(&$p_header) + { + $v_result=1; + + // ----- Store the offset position of the file + $p_header['offset'] = ftell($this->zip_fd); + + // ----- Transform UNIX mtime to DOS format mdate/mtime + $v_date = getdate($p_header['mtime']); + $v_mtime = ($v_date['hours']<<11) + ($v_date['minutes']<<5) + $v_date['seconds']/2; + $v_mdate = (($v_date['year']-1980)<<9) + ($v_date['mon']<<5) + $v_date['mday']; + + // ----- Packed data + $v_binary_data = pack("VvvvvvVVVvv", 0x04034b50, + $p_header['version_extracted'], $p_header['flag'], + $p_header['compression'], $v_mtime, $v_mdate, + $p_header['crc'], $p_header['compressed_size'], + $p_header['size'], + strlen($p_header['stored_filename']), + $p_header['extra_len']); + + // ----- Write the first 148 bytes of the header in the archive + fputs($this->zip_fd, $v_binary_data, 30); + + // ----- Write the variable fields + if (strlen($p_header['stored_filename']) != 0) + { + fputs($this->zip_fd, $p_header['stored_filename'], strlen($p_header['stored_filename'])); + } + if ($p_header['extra_len'] != 0) + { + fputs($this->zip_fd, $p_header['extra'], $p_header['extra_len']); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privWriteCentralFileHeader() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privWriteCentralFileHeader(&$p_header) + { + $v_result=1; + + // TBC + //for(reset($p_header); $key = key($p_header); next($p_header)) { + //} + + // ----- Transform UNIX mtime to DOS format mdate/mtime + $v_date = getdate($p_header['mtime']); + $v_mtime = ($v_date['hours']<<11) + ($v_date['minutes']<<5) + $v_date['seconds']/2; + $v_mdate = (($v_date['year']-1980)<<9) + ($v_date['mon']<<5) + $v_date['mday']; + + + // ----- Packed data + $v_binary_data = pack("VvvvvvvVVVvvvvvVV", 0x02014b50, + $p_header['version'], $p_header['version_extracted'], + $p_header['flag'], $p_header['compression'], + $v_mtime, $v_mdate, $p_header['crc'], + $p_header['compressed_size'], $p_header['size'], + strlen($p_header['stored_filename']), + $p_header['extra_len'], $p_header['comment_len'], + $p_header['disk'], $p_header['internal'], + $p_header['external'], $p_header['offset']); + + // ----- Write the 42 bytes of the header in the zip file + fputs($this->zip_fd, $v_binary_data, 46); + + // ----- Write the variable fields + if (strlen($p_header['stored_filename']) != 0) + { + fputs($this->zip_fd, $p_header['stored_filename'], strlen($p_header['stored_filename'])); + } + if ($p_header['extra_len'] != 0) + { + fputs($this->zip_fd, $p_header['extra'], $p_header['extra_len']); + } + if ($p_header['comment_len'] != 0) + { + fputs($this->zip_fd, $p_header['comment'], $p_header['comment_len']); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privWriteCentralHeader() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privWriteCentralHeader($p_nb_entries, $p_size, $p_offset, $p_comment) + { + $v_result=1; + + // ----- Packed data + $v_binary_data = pack("VvvvvVVv", 0x06054b50, 0, 0, $p_nb_entries, + $p_nb_entries, $p_size, + $p_offset, strlen($p_comment)); + + // ----- Write the 22 bytes of the header in the zip file + fputs($this->zip_fd, $v_binary_data, 22); + + // ----- Write the variable fields + if (strlen($p_comment) != 0) + { + fputs($this->zip_fd, $p_comment, strlen($p_comment)); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privList() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privList(&$p_list) + { + $v_result=1; + + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Open the zip file + if (($this->zip_fd = @fopen($this->zipname, 'rb')) == 0) + { + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open archive \''.$this->zipname.'\' in binary read mode'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + $this->privSwapBackMagicQuotes(); + return $v_result; + } + + // ----- Go to beginning of Central Dir + @rewind($this->zip_fd); + if (@fseek($this->zip_fd, $v_central_dir['offset'])) + { + $this->privSwapBackMagicQuotes(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ARCHIVE_ZIP, 'Invalid archive size'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read each entry + for ($i=0; $i<$v_central_dir['entries']; $i++) + { + // ----- Read the file header + if (($v_result = $this->privReadCentralFileHeader($v_header)) != 1) + { + $this->privSwapBackMagicQuotes(); + return $v_result; + } + $v_header['index'] = $i; + + // ----- Get the only interesting attributes + $this->privConvertHeader2FileInfo($v_header, $p_list[$i]); + unset($v_header); + } + + // ----- Close the zip file + $this->privCloseFd(); + + // ----- Magic quotes trick + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privConvertHeader2FileInfo() + // Description : + // This function takes the file information from the central directory + // entries and extract the interesting parameters that will be given back. + // The resulting file infos are set in the array $p_info + // $p_info['filename'] : Filename with full path. Given by user (add), + // extracted in the filesystem (extract). + // $p_info['stored_filename'] : Stored filename in the archive. + // $p_info['size'] = Size of the file. + // $p_info['compressed_size'] = Compressed size of the file. + // $p_info['mtime'] = Last modification date of the file. + // $p_info['comment'] = Comment associated with the file. + // $p_info['folder'] = true/false : indicates if the entry is a folder or not. + // $p_info['status'] = status of the action on the file. + // $p_info['crc'] = CRC of the file content. + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privConvertHeader2FileInfo($p_header, &$p_info) + { + $v_result=1; + + // ----- Get the interesting attributes + $v_temp_path = PclZipUtilPathReduction($p_header['filename']); + $p_info['filename'] = $v_temp_path; + $v_temp_path = PclZipUtilPathReduction($p_header['stored_filename']); + $p_info['stored_filename'] = $v_temp_path; + $p_info['size'] = $p_header['size']; + $p_info['compressed_size'] = $p_header['compressed_size']; + $p_info['mtime'] = $p_header['mtime']; + $p_info['comment'] = $p_header['comment']; + $p_info['folder'] = (($p_header['external']&0x00000010)==0x00000010); + $p_info['index'] = $p_header['index']; + $p_info['status'] = $p_header['status']; + $p_info['crc'] = $p_header['crc']; + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privExtractByRule() + // Description : + // Extract a file or directory depending of rules (by index, by name, ...) + // Parameters : + // $p_file_list : An array where will be placed the properties of each + // extracted file + // $p_path : Path to add while writing the extracted files + // $p_remove_path : Path to remove (from the file memorized path) while writing the + // extracted files. If the path does not match the file path, + // the file is extracted with its memorized path. + // $p_remove_path does not apply to 'list' mode. + // $p_path and $p_remove_path are commulative. + // Return Values : + // 1 on success,0 or less on error (see error code list) + // -------------------------------------------------------------------------------- + function privExtractByRule(&$p_file_list, $p_path, $p_remove_path, $p_remove_all_path, &$p_options) + { + $v_result=1; + + // ----- Magic quotes trick + $this->privDisableMagicQuotes(); + + // ----- Check the path + if ( ($p_path == "") + || ( (substr($p_path, 0, 1) != "/") + && (substr($p_path, 0, 3) != "../") + && (substr($p_path,1,2)!=":/"))) + $p_path = "./".$p_path; + + // ----- Reduce the path last (and duplicated) '/' + if (($p_path != "./") && ($p_path != "/")) + { + // ----- Look for the path end '/' + while (substr($p_path, -1) == "/") + { + $p_path = substr($p_path, 0, strlen($p_path)-1); + } + } + + // ----- Look for path to remove format (should end by /) + if (($p_remove_path != "") && (substr($p_remove_path, -1) != '/')) + { + $p_remove_path .= '/'; + } + $p_remove_path_size = strlen($p_remove_path); + + // ----- Open the zip file + if (($v_result = $this->privOpenFd('rb')) != 1) + { + $this->privSwapBackMagicQuotes(); + return $v_result; + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + return $v_result; + } + + // ----- Start at beginning of Central Dir + $v_pos_entry = $v_central_dir['offset']; + + // ----- Read each entry + $j_start = 0; + for ($i=0, $v_nb_extracted=0; $i<$v_central_dir['entries']; $i++) + { + + // ----- Read next Central dir entry + @rewind($this->zip_fd); + if (@fseek($this->zip_fd, $v_pos_entry)) + { + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ARCHIVE_ZIP, 'Invalid archive size'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read the file header + $v_header = array(); + if (($v_result = $this->privReadCentralFileHeader($v_header)) != 1) + { + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + return $v_result; + } + + // ----- Store the index + $v_header['index'] = $i; + + // ----- Store the file position + $v_pos_entry = ftell($this->zip_fd); + + // ----- Look for the specific extract rules + $v_extract = false; + + // ----- Look for extract by name rule + if ( (isset($p_options[PCLZIP_OPT_BY_NAME])) + && ($p_options[PCLZIP_OPT_BY_NAME] != 0)) { + + // ----- Look if the filename is in the list + for ($j=0; ($j<sizeof($p_options[PCLZIP_OPT_BY_NAME])) && (!$v_extract); $j++) { + + // ----- Look for a directory + if (substr($p_options[PCLZIP_OPT_BY_NAME][$j], -1) == "/") { + + // ----- Look if the directory is in the filename path + if ( (strlen($v_header['stored_filename']) > strlen($p_options[PCLZIP_OPT_BY_NAME][$j])) + && (substr($v_header['stored_filename'], 0, strlen($p_options[PCLZIP_OPT_BY_NAME][$j])) == $p_options[PCLZIP_OPT_BY_NAME][$j])) { + $v_extract = true; + } + } + // ----- Look for a filename + elseif ($v_header['stored_filename'] == $p_options[PCLZIP_OPT_BY_NAME][$j]) { + $v_extract = true; + } + } + } + + // ----- Look for extract by ereg rule + // ereg() is deprecated with PHP 5.3 + /* + else if ( (isset($p_options[PCLZIP_OPT_BY_EREG])) + && ($p_options[PCLZIP_OPT_BY_EREG] != "")) { + + if (ereg($p_options[PCLZIP_OPT_BY_EREG], $v_header['stored_filename'])) { + $v_extract = true; + } + } + */ + + // ----- Look for extract by preg rule + else if ( (isset($p_options[PCLZIP_OPT_BY_PREG])) + && ($p_options[PCLZIP_OPT_BY_PREG] != "")) { + + if (preg_match($p_options[PCLZIP_OPT_BY_PREG], $v_header['stored_filename'])) { + $v_extract = true; + } + } + + // ----- Look for extract by index rule + else if ( (isset($p_options[PCLZIP_OPT_BY_INDEX])) + && ($p_options[PCLZIP_OPT_BY_INDEX] != 0)) { + + // ----- Look if the index is in the list + for ($j=$j_start; ($j<sizeof($p_options[PCLZIP_OPT_BY_INDEX])) && (!$v_extract); $j++) { + + if (($i>=$p_options[PCLZIP_OPT_BY_INDEX][$j]['start']) && ($i<=$p_options[PCLZIP_OPT_BY_INDEX][$j]['end'])) { + $v_extract = true; + } + if ($i>=$p_options[PCLZIP_OPT_BY_INDEX][$j]['end']) { + $j_start = $j+1; + } + + if ($p_options[PCLZIP_OPT_BY_INDEX][$j]['start']>$i) { + break; + } + } + } + + // ----- Look for no rule, which means extract all the archive + else { + $v_extract = true; + } + + // ----- Check compression method + if ( ($v_extract) + && ( ($v_header['compression'] != 8) + && ($v_header['compression'] != 0))) { + $v_header['status'] = 'unsupported_compression'; + + // ----- Look for PCLZIP_OPT_STOP_ON_ERROR + if ( (isset($p_options[PCLZIP_OPT_STOP_ON_ERROR])) + && ($p_options[PCLZIP_OPT_STOP_ON_ERROR]===true)) { + + $this->privSwapBackMagicQuotes(); + + PclZip::privErrorLog(PCLZIP_ERR_UNSUPPORTED_COMPRESSION, + "Filename '".$v_header['stored_filename']."' is " + ."compressed by an unsupported compression " + ."method (".$v_header['compression'].") "); + + return PclZip::errorCode(); + } + } + + // ----- Check encrypted files + if (($v_extract) && (($v_header['flag'] & 1) == 1)) { + $v_header['status'] = 'unsupported_encryption'; + + // ----- Look for PCLZIP_OPT_STOP_ON_ERROR + if ( (isset($p_options[PCLZIP_OPT_STOP_ON_ERROR])) + && ($p_options[PCLZIP_OPT_STOP_ON_ERROR]===true)) { + + $this->privSwapBackMagicQuotes(); + + PclZip::privErrorLog(PCLZIP_ERR_UNSUPPORTED_ENCRYPTION, + "Unsupported encryption for " + ." filename '".$v_header['stored_filename'] + ."'"); + + return PclZip::errorCode(); + } + } + + // ----- Look for real extraction + if (($v_extract) && ($v_header['status'] != 'ok')) { + $v_result = $this->privConvertHeader2FileInfo($v_header, + $p_file_list[$v_nb_extracted++]); + if ($v_result != 1) { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result; + } + + $v_extract = false; + } + + // ----- Look for real extraction + if ($v_extract) + { + + // ----- Go to the file position + @rewind($this->zip_fd); + if (@fseek($this->zip_fd, $v_header['offset'])) + { + // ----- Close the zip file + $this->privCloseFd(); + + $this->privSwapBackMagicQuotes(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ARCHIVE_ZIP, 'Invalid archive size'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Look for extraction as string + if ($p_options[PCLZIP_OPT_EXTRACT_AS_STRING]) { + + $v_string = ''; + + // ----- Extracting the file + $v_result1 = $this->privExtractFileAsString($v_header, $v_string, $p_options); + if ($v_result1 < 1) { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result1; + } + + // ----- Get the only interesting attributes + if (($v_result = $this->privConvertHeader2FileInfo($v_header, $p_file_list[$v_nb_extracted])) != 1) + { + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + return $v_result; + } + + // ----- Set the file content + $p_file_list[$v_nb_extracted]['content'] = $v_string; + + // ----- Next extracted file + $v_nb_extracted++; + + // ----- Look for user callback abort + if ($v_result1 == 2) { + break; + } + } + // ----- Look for extraction in standard output + elseif ( (isset($p_options[PCLZIP_OPT_EXTRACT_IN_OUTPUT])) + && ($p_options[PCLZIP_OPT_EXTRACT_IN_OUTPUT])) { + // ----- Extracting the file in standard output + $v_result1 = $this->privExtractFileInOutput($v_header, $p_options); + if ($v_result1 < 1) { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result1; + } + + // ----- Get the only interesting attributes + if (($v_result = $this->privConvertHeader2FileInfo($v_header, $p_file_list[$v_nb_extracted++])) != 1) { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result; + } + + // ----- Look for user callback abort + if ($v_result1 == 2) { + break; + } + } + // ----- Look for normal extraction + else { + // ----- Extracting the file + $v_result1 = $this->privExtractFile($v_header, + $p_path, $p_remove_path, + $p_remove_all_path, + $p_options); + if ($v_result1 < 1) { + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + return $v_result1; + } + + // ----- Get the only interesting attributes + if (($v_result = $this->privConvertHeader2FileInfo($v_header, $p_file_list[$v_nb_extracted++])) != 1) + { + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + return $v_result; + } + + // ----- Look for user callback abort + if ($v_result1 == 2) { + break; + } + } + } + } + + // ----- Close the zip file + $this->privCloseFd(); + $this->privSwapBackMagicQuotes(); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privExtractFile() + // Description : + // Parameters : + // Return Values : + // + // 1 : ... ? + // PCLZIP_ERR_USER_ABORTED(2) : User ask for extraction stop in callback + // -------------------------------------------------------------------------------- + function privExtractFile(&$p_entry, $p_path, $p_remove_path, $p_remove_all_path, &$p_options) + { + $v_result=1; + + // ----- Read the file header + if (($v_result = $this->privReadFileHeader($v_header)) != 1) + { + // ----- Return + return $v_result; + } + + + // ----- Check that the file header is coherent with $p_entry info + if ($this->privCheckFileHeaders($v_header, $p_entry) != 1) { + // TBC + } + + // ----- Look for all path to remove + if ($p_remove_all_path == true) { + // ----- Look for folder entry that not need to be extracted + if (($p_entry['external']&0x00000010)==0x00000010) { + + $p_entry['status'] = "filtered"; + + return $v_result; + } + + // ----- Get the basename of the path + $p_entry['filename'] = basename($p_entry['filename']); + } + + // ----- Look for path to remove + else if ($p_remove_path != "") + { + if (PclZipUtilPathInclusion($p_remove_path, $p_entry['filename']) == 2) + { + + // ----- Change the file status + $p_entry['status'] = "filtered"; + + // ----- Return + return $v_result; + } + + $p_remove_path_size = strlen($p_remove_path); + if (substr($p_entry['filename'], 0, $p_remove_path_size) == $p_remove_path) + { + + // ----- Remove the path + $p_entry['filename'] = substr($p_entry['filename'], $p_remove_path_size); + + } + } + + // ----- Add the path + if ($p_path != '') { + $p_entry['filename'] = $p_path."/".$p_entry['filename']; + } + + // ----- Check a base_dir_restriction + if (isset($p_options[PCLZIP_OPT_EXTRACT_DIR_RESTRICTION])) { + $v_inclusion + = PclZipUtilPathInclusion($p_options[PCLZIP_OPT_EXTRACT_DIR_RESTRICTION], + $p_entry['filename']); + if ($v_inclusion == 0) { + + PclZip::privErrorLog(PCLZIP_ERR_DIRECTORY_RESTRICTION, + "Filename '".$p_entry['filename']."' is " + ."outside PCLZIP_OPT_EXTRACT_DIR_RESTRICTION"); + + return PclZip::errorCode(); + } + } + + // ----- Look for pre-extract callback + if (isset($p_options[PCLZIP_CB_PRE_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_PRE_EXTRACT](PCLZIP_CB_PRE_EXTRACT, $v_local_header); + if ($v_result == 0) { + // ----- Change the file status + $p_entry['status'] = "skipped"; + $v_result = 1; + } + + // ----- Look for abort result + if ($v_result == 2) { + // ----- This status is internal and will be changed in 'skipped' + $p_entry['status'] = "aborted"; + $v_result = PCLZIP_ERR_USER_ABORTED; + } + + // ----- Update the information + // Only some fields can be modified + $p_entry['filename'] = $v_local_header['filename']; + } + + + // ----- Look if extraction should be done + if ($p_entry['status'] == 'ok') { + + // ----- Look for specific actions while the file exist + if (file_exists($p_entry['filename'])) + { + + // ----- Look if file is a directory + if (is_dir($p_entry['filename'])) + { + + // ----- Change the file status + $p_entry['status'] = "already_a_directory"; + + // ----- Look for PCLZIP_OPT_STOP_ON_ERROR + // For historical reason first PclZip implementation does not stop + // when this kind of error occurs. + if ( (isset($p_options[PCLZIP_OPT_STOP_ON_ERROR])) + && ($p_options[PCLZIP_OPT_STOP_ON_ERROR]===true)) { + + PclZip::privErrorLog(PCLZIP_ERR_ALREADY_A_DIRECTORY, + "Filename '".$p_entry['filename']."' is " + ."already used by an existing directory"); + + return PclZip::errorCode(); + } + } + // ----- Look if file is write protected + else if (!is_writeable($p_entry['filename'])) + { + + // ----- Change the file status + $p_entry['status'] = "write_protected"; + + // ----- Look for PCLZIP_OPT_STOP_ON_ERROR + // For historical reason first PclZip implementation does not stop + // when this kind of error occurs. + if ( (isset($p_options[PCLZIP_OPT_STOP_ON_ERROR])) + && ($p_options[PCLZIP_OPT_STOP_ON_ERROR]===true)) { + + PclZip::privErrorLog(PCLZIP_ERR_WRITE_OPEN_FAIL, + "Filename '".$p_entry['filename']."' exists " + ."and is write protected"); + + return PclZip::errorCode(); + } + } + + // ----- Look if the extracted file is older + else if (filemtime($p_entry['filename']) > $p_entry['mtime']) + { + // ----- Change the file status + if ( (isset($p_options[PCLZIP_OPT_REPLACE_NEWER])) + && ($p_options[PCLZIP_OPT_REPLACE_NEWER]===true)) { + } + else { + $p_entry['status'] = "newer_exist"; + + // ----- Look for PCLZIP_OPT_STOP_ON_ERROR + // For historical reason first PclZip implementation does not stop + // when this kind of error occurs. + if ( (isset($p_options[PCLZIP_OPT_STOP_ON_ERROR])) + && ($p_options[PCLZIP_OPT_STOP_ON_ERROR]===true)) { + + PclZip::privErrorLog(PCLZIP_ERR_WRITE_OPEN_FAIL, + "Newer version of '".$p_entry['filename']."' exists " + ."and option PCLZIP_OPT_REPLACE_NEWER is not selected"); + + return PclZip::errorCode(); + } + } + } + else { + } + } + + // ----- Check the directory availability and create it if necessary + else { + if ((($p_entry['external']&0x00000010)==0x00000010) || (substr($p_entry['filename'], -1) == '/')) + $v_dir_to_check = $p_entry['filename']; + else if (!strstr($p_entry['filename'], "/")) + $v_dir_to_check = ""; + else + $v_dir_to_check = dirname($p_entry['filename']); + + if (($v_result = $this->privDirCheck($v_dir_to_check, (($p_entry['external']&0x00000010)==0x00000010))) != 1) { + + // ----- Change the file status + $p_entry['status'] = "path_creation_fail"; + + // ----- Return + //return $v_result; + $v_result = 1; + } + } + } + + // ----- Look if extraction should be done + if ($p_entry['status'] == 'ok') { + + // ----- Do the extraction (if not a folder) + if (!(($p_entry['external']&0x00000010)==0x00000010)) + { + // ----- Look for not compressed file + if ($p_entry['compression'] == 0) { + + // ----- Opening destination file + if (($v_dest_file = @fopen($p_entry['filename'], 'wb')) == 0) + { + + // ----- Change the file status + $p_entry['status'] = "write_error"; + + // ----- Return + return $v_result; + } + + + // ----- Read the file by PCLZIP_READ_BLOCK_SIZE octets blocks + $v_size = $p_entry['compressed_size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($this->zip_fd, $v_read_size); + /* Try to speed up the code + $v_binary_data = pack('a'.$v_read_size, $v_buffer); + @fwrite($v_dest_file, $v_binary_data, $v_read_size); + */ + @fwrite($v_dest_file, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Closing the destination file + fclose($v_dest_file); + + // ----- Change the file mtime + touch($p_entry['filename'], $p_entry['mtime']); + + + } + else { + // ----- TBC + // Need to be finished + if (($p_entry['flag'] & 1) == 1) { + PclZip::privErrorLog(PCLZIP_ERR_UNSUPPORTED_ENCRYPTION, 'File \''.$p_entry['filename'].'\' is encrypted. Encrypted files are not supported.'); + return PclZip::errorCode(); + } + + + // ----- Look for using temporary file to unzip + if ( (!isset($p_options[PCLZIP_OPT_TEMP_FILE_OFF])) + && (isset($p_options[PCLZIP_OPT_TEMP_FILE_ON]) + || (isset($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD]) + && ($p_options[PCLZIP_OPT_TEMP_FILE_THRESHOLD] <= $p_entry['size'])) ) ) { + $v_result = $this->privExtractFileUsingTempFile($p_entry, $p_options); + if ($v_result < PCLZIP_ERR_NO_ERROR) { + return $v_result; + } + } + + // ----- Look for extract in memory + else { + + + // ----- Read the compressed file in a buffer (one shot) + if ($p_entry['compressed_size'] > 0) { + $v_buffer = @fread($this->zip_fd, $p_entry['compressed_size']); + } + else { + $v_buffer = ''; + } + + // ----- Decompress the file + $v_file_content = @gzinflate($v_buffer); + unset($v_buffer); + if ($v_file_content === FALSE) { + + // ----- Change the file status + // TBC + $p_entry['status'] = "error"; + + return $v_result; + } + + // ----- Opening destination file + if (($v_dest_file = @fopen($p_entry['filename'], 'wb')) == 0) { + + // ----- Change the file status + $p_entry['status'] = "write_error"; + + return $v_result; + } + + // ----- Write the uncompressed data + @fwrite($v_dest_file, $v_file_content, $p_entry['size']); + unset($v_file_content); + + // ----- Closing the destination file + @fclose($v_dest_file); + + } + + // ----- Change the file mtime + @touch($p_entry['filename'], $p_entry['mtime']); + } + + // ----- Look for chmod option + if (isset($p_options[PCLZIP_OPT_SET_CHMOD])) { + + // ----- Change the mode of the file + @chmod($p_entry['filename'], $p_options[PCLZIP_OPT_SET_CHMOD]); + } + + } + } + + // ----- Change abort status + if ($p_entry['status'] == "aborted") { + $p_entry['status'] = "skipped"; + } + + // ----- Look for post-extract callback + elseif (isset($p_options[PCLZIP_CB_POST_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_POST_EXTRACT](PCLZIP_CB_POST_EXTRACT, $v_local_header); + + // ----- Look for abort result + if ($v_result == 2) { + $v_result = PCLZIP_ERR_USER_ABORTED; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privExtractFileUsingTempFile() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privExtractFileUsingTempFile(&$p_entry, &$p_options) + { + $v_result=1; + + // ----- Creates a temporary file + $v_gzip_temp_name = PCLZIP_TEMPORARY_DIR.uniqid('pclzip-').'.gz'; + if (($v_dest_file = @fopen($v_gzip_temp_name, "wb")) == 0) { + fclose($v_file); + PclZip::privErrorLog(PCLZIP_ERR_WRITE_OPEN_FAIL, 'Unable to open temporary file \''.$v_gzip_temp_name.'\' in binary write mode'); + return PclZip::errorCode(); + } + + + // ----- Write gz file format header + $v_binary_data = pack('va1a1Va1a1', 0x8b1f, Chr($p_entry['compression']), Chr(0x00), time(), Chr(0x00), Chr(3)); + @fwrite($v_dest_file, $v_binary_data, 10); + + // ----- Read the file by PCLZIP_READ_BLOCK_SIZE octets blocks + $v_size = $p_entry['compressed_size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($this->zip_fd, $v_read_size); + //$v_binary_data = pack('a'.$v_read_size, $v_buffer); + @fwrite($v_dest_file, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Write gz file format footer + $v_binary_data = pack('VV', $p_entry['crc'], $p_entry['size']); + @fwrite($v_dest_file, $v_binary_data, 8); + + // ----- Close the temporary file + @fclose($v_dest_file); + + // ----- Opening destination file + if (($v_dest_file = @fopen($p_entry['filename'], 'wb')) == 0) { + $p_entry['status'] = "write_error"; + return $v_result; + } + + // ----- Open the temporary gz file + if (($v_src_file = @gzopen($v_gzip_temp_name, 'rb')) == 0) { + @fclose($v_dest_file); + $p_entry['status'] = "read_error"; + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open temporary file \''.$v_gzip_temp_name.'\' in binary read mode'); + return PclZip::errorCode(); + } + + + // ----- Read the file by PCLZIP_READ_BLOCK_SIZE octets blocks + $v_size = $p_entry['size']; + while ($v_size != 0) { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @gzread($v_src_file, $v_read_size); + //$v_binary_data = pack('a'.$v_read_size, $v_buffer); + @fwrite($v_dest_file, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + @fclose($v_dest_file); + @gzclose($v_src_file); + + // ----- Delete the temporary file + @unlink($v_gzip_temp_name); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privExtractFileInOutput() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privExtractFileInOutput(&$p_entry, &$p_options) + { + $v_result=1; + + // ----- Read the file header + if (($v_result = $this->privReadFileHeader($v_header)) != 1) { + return $v_result; + } + + + // ----- Check that the file header is coherent with $p_entry info + if ($this->privCheckFileHeaders($v_header, $p_entry) != 1) { + // TBC + } + + // ----- Look for pre-extract callback + if (isset($p_options[PCLZIP_CB_PRE_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. +// eval('$v_result = '.$p_options[PCLZIP_CB_PRE_EXTRACT].'(PCLZIP_CB_PRE_EXTRACT, $v_local_header);'); + $v_result = $p_options[PCLZIP_CB_PRE_EXTRACT](PCLZIP_CB_PRE_EXTRACT, $v_local_header); + if ($v_result == 0) { + // ----- Change the file status + $p_entry['status'] = "skipped"; + $v_result = 1; + } + + // ----- Look for abort result + if ($v_result == 2) { + // ----- This status is internal and will be changed in 'skipped' + $p_entry['status'] = "aborted"; + $v_result = PCLZIP_ERR_USER_ABORTED; + } + + // ----- Update the information + // Only some fields can be modified + $p_entry['filename'] = $v_local_header['filename']; + } + + // ----- Trace + + // ----- Look if extraction should be done + if ($p_entry['status'] == 'ok') { + + // ----- Do the extraction (if not a folder) + if (!(($p_entry['external']&0x00000010)==0x00000010)) { + // ----- Look for not compressed file + if ($p_entry['compressed_size'] == $p_entry['size']) { + + // ----- Read the file in a buffer (one shot) + if ($p_entry['compressed_size'] > 0) { + $v_buffer = @fread($this->zip_fd, $p_entry['compressed_size']); + } + else { + $v_buffer = ''; + } + + // ----- Send the file to the output + echo $v_buffer; + unset($v_buffer); + } + else { + + // ----- Read the compressed file in a buffer (one shot) + if ($p_entry['compressed_size'] > 0) { + $v_buffer = @fread($this->zip_fd, $p_entry['compressed_size']); + } + else { + $v_buffer = ''; + } + + // ----- Decompress the file + $v_file_content = gzinflate($v_buffer); + unset($v_buffer); + + // ----- Send the file to the output + echo $v_file_content; + unset($v_file_content); + } + } + } + + // ----- Change abort status + if ($p_entry['status'] == "aborted") { + $p_entry['status'] = "skipped"; + } + + // ----- Look for post-extract callback + elseif (isset($p_options[PCLZIP_CB_POST_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_POST_EXTRACT](PCLZIP_CB_POST_EXTRACT, $v_local_header); + + // ----- Look for abort result + if ($v_result == 2) { + $v_result = PCLZIP_ERR_USER_ABORTED; + } + } + + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privExtractFileAsString() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privExtractFileAsString(&$p_entry, &$p_string, &$p_options) + { + $v_result=1; + + // ----- Read the file header + $v_header = array(); + if (($v_result = $this->privReadFileHeader($v_header)) != 1) + { + // ----- Return + return $v_result; + } + + + // ----- Check that the file header is coherent with $p_entry info + if ($this->privCheckFileHeaders($v_header, $p_entry) != 1) { + // TBC + } + + // ----- Look for pre-extract callback + if (isset($p_options[PCLZIP_CB_PRE_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_PRE_EXTRACT](PCLZIP_CB_PRE_EXTRACT, $v_local_header); + if ($v_result == 0) { + // ----- Change the file status + $p_entry['status'] = "skipped"; + $v_result = 1; + } + + // ----- Look for abort result + if ($v_result == 2) { + // ----- This status is internal and will be changed in 'skipped' + $p_entry['status'] = "aborted"; + $v_result = PCLZIP_ERR_USER_ABORTED; + } + + // ----- Update the information + // Only some fields can be modified + $p_entry['filename'] = $v_local_header['filename']; + } + + + // ----- Look if extraction should be done + if ($p_entry['status'] == 'ok') { + + // ----- Do the extraction (if not a folder) + if (!(($p_entry['external']&0x00000010)==0x00000010)) { + // ----- Look for not compressed file + // if ($p_entry['compressed_size'] == $p_entry['size']) + if ($p_entry['compression'] == 0) { + + // ----- Reading the file + if ($p_entry['compressed_size'] > 0) { + $p_string = @fread($this->zip_fd, $p_entry['compressed_size']); + } + else { + $p_string = ''; + } + } + else { + + // ----- Reading the file + if ($p_entry['compressed_size'] > 0) { + $v_data = @fread($this->zip_fd, $p_entry['compressed_size']); + } + else { + $v_data = ''; + } + + // ----- Decompress the file + if (($p_string = @gzinflate($v_data)) === FALSE) { + // TBC + } + } + + // ----- Trace + } + else { + // TBC : error : can not extract a folder in a string + } + + } + + // ----- Change abort status + if ($p_entry['status'] == "aborted") { + $p_entry['status'] = "skipped"; + } + + // ----- Look for post-extract callback + elseif (isset($p_options[PCLZIP_CB_POST_EXTRACT])) { + + // ----- Generate a local information + $v_local_header = array(); + $this->privConvertHeader2FileInfo($p_entry, $v_local_header); + + // ----- Swap the content to header + $v_local_header['content'] = $p_string; + $p_string = ''; + + // ----- Call the callback + // Here I do not use call_user_func() because I need to send a reference to the + // header. + $v_result = $p_options[PCLZIP_CB_POST_EXTRACT](PCLZIP_CB_POST_EXTRACT, $v_local_header); + + // ----- Swap back the content to header + $p_string = $v_local_header['content']; + unset($v_local_header['content']); + + // ----- Look for abort result + if ($v_result == 2) { + $v_result = PCLZIP_ERR_USER_ABORTED; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privReadFileHeader() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privReadFileHeader(&$p_header) + { + $v_result=1; + + // ----- Read the 4 bytes signature + $v_binary_data = @fread($this->zip_fd, 4); + $v_data = unpack('Vid', $v_binary_data); + + // ----- Check signature + if ($v_data['id'] != 0x04034b50) + { + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'Invalid archive structure'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read the first 42 bytes of the header + $v_binary_data = fread($this->zip_fd, 26); + + // ----- Look for invalid block size + if (strlen($v_binary_data) != 26) + { + $p_header['filename'] = ""; + $p_header['status'] = "invalid_header"; + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, "Invalid block size : ".strlen($v_binary_data)); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Extract the values + $v_data = unpack('vversion/vflag/vcompression/vmtime/vmdate/Vcrc/Vcompressed_size/Vsize/vfilename_len/vextra_len', $v_binary_data); + + // ----- Get filename + $p_header['filename'] = fread($this->zip_fd, $v_data['filename_len']); + + // ----- Get extra_fields + if ($v_data['extra_len'] != 0) { + $p_header['extra'] = fread($this->zip_fd, $v_data['extra_len']); + } + else { + $p_header['extra'] = ''; + } + + // ----- Extract properties + $p_header['version_extracted'] = $v_data['version']; + $p_header['compression'] = $v_data['compression']; + $p_header['size'] = $v_data['size']; + $p_header['compressed_size'] = $v_data['compressed_size']; + $p_header['crc'] = $v_data['crc']; + $p_header['flag'] = $v_data['flag']; + $p_header['filename_len'] = $v_data['filename_len']; + + // ----- Recuperate date in UNIX format + $p_header['mdate'] = $v_data['mdate']; + $p_header['mtime'] = $v_data['mtime']; + if ($p_header['mdate'] && $p_header['mtime']) + { + // ----- Extract time + $v_hour = ($p_header['mtime'] & 0xF800) >> 11; + $v_minute = ($p_header['mtime'] & 0x07E0) >> 5; + $v_seconde = ($p_header['mtime'] & 0x001F)*2; + + // ----- Extract date + $v_year = (($p_header['mdate'] & 0xFE00) >> 9) + 1980; + $v_month = ($p_header['mdate'] & 0x01E0) >> 5; + $v_day = $p_header['mdate'] & 0x001F; + + // ----- Get UNIX date format + $p_header['mtime'] = @mktime($v_hour, $v_minute, $v_seconde, $v_month, $v_day, $v_year); + + } + else + { + $p_header['mtime'] = time(); + } + + // TBC + //for(reset($v_data); $key = key($v_data); next($v_data)) { + //} + + // ----- Set the stored filename + $p_header['stored_filename'] = $p_header['filename']; + + // ----- Set the status field + $p_header['status'] = "ok"; + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privReadCentralFileHeader() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privReadCentralFileHeader(&$p_header) + { + $v_result=1; + + // ----- Read the 4 bytes signature + $v_binary_data = @fread($this->zip_fd, 4); + $v_data = unpack('Vid', $v_binary_data); + + // ----- Check signature + if ($v_data['id'] != 0x02014b50) + { + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'Invalid archive structure'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read the first 42 bytes of the header + $v_binary_data = fread($this->zip_fd, 42); + + // ----- Look for invalid block size + if (strlen($v_binary_data) != 42) + { + $p_header['filename'] = ""; + $p_header['status'] = "invalid_header"; + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, "Invalid block size : ".strlen($v_binary_data)); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Extract the values + $p_header = unpack('vversion/vversion_extracted/vflag/vcompression/vmtime/vmdate/Vcrc/Vcompressed_size/Vsize/vfilename_len/vextra_len/vcomment_len/vdisk/vinternal/Vexternal/Voffset', $v_binary_data); + + // ----- Get filename + if ($p_header['filename_len'] != 0) + $p_header['filename'] = fread($this->zip_fd, $p_header['filename_len']); + else + $p_header['filename'] = ''; + + // ----- Get extra + if ($p_header['extra_len'] != 0) + $p_header['extra'] = fread($this->zip_fd, $p_header['extra_len']); + else + $p_header['extra'] = ''; + + // ----- Get comment + if ($p_header['comment_len'] != 0) + $p_header['comment'] = fread($this->zip_fd, $p_header['comment_len']); + else + $p_header['comment'] = ''; + + // ----- Extract properties + + // ----- Recuperate date in UNIX format + //if ($p_header['mdate'] && $p_header['mtime']) + // TBC : bug : this was ignoring time with 0/0/0 + if (1) + { + // ----- Extract time + $v_hour = ($p_header['mtime'] & 0xF800) >> 11; + $v_minute = ($p_header['mtime'] & 0x07E0) >> 5; + $v_seconde = ($p_header['mtime'] & 0x001F)*2; + + // ----- Extract date + $v_year = (($p_header['mdate'] & 0xFE00) >> 9) + 1980; + $v_month = ($p_header['mdate'] & 0x01E0) >> 5; + $v_day = $p_header['mdate'] & 0x001F; + + // ----- Get UNIX date format + $p_header['mtime'] = @mktime($v_hour, $v_minute, $v_seconde, $v_month, $v_day, $v_year); + + } + else + { + $p_header['mtime'] = time(); + } + + // ----- Set the stored filename + $p_header['stored_filename'] = $p_header['filename']; + + // ----- Set default status to ok + $p_header['status'] = 'ok'; + + // ----- Look if it is a directory + if (substr($p_header['filename'], -1) == '/') { + //$p_header['external'] = 0x41FF0010; + $p_header['external'] = 0x00000010; + } + + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privCheckFileHeaders() + // Description : + // Parameters : + // Return Values : + // 1 on success, + // 0 on error; + // -------------------------------------------------------------------------------- + function privCheckFileHeaders(&$p_local_header, &$p_central_header) + { + $v_result=1; + + // ----- Check the static values + // TBC + if ($p_local_header['filename'] != $p_central_header['filename']) { + } + if ($p_local_header['version_extracted'] != $p_central_header['version_extracted']) { + } + if ($p_local_header['flag'] != $p_central_header['flag']) { + } + if ($p_local_header['compression'] != $p_central_header['compression']) { + } + if ($p_local_header['mtime'] != $p_central_header['mtime']) { + } + if ($p_local_header['filename_len'] != $p_central_header['filename_len']) { + } + + // ----- Look for flag bit 3 + if (($p_local_header['flag'] & 8) == 8) { + $p_local_header['size'] = $p_central_header['size']; + $p_local_header['compressed_size'] = $p_central_header['compressed_size']; + $p_local_header['crc'] = $p_central_header['crc']; + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privReadEndCentralDir() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privReadEndCentralDir(&$p_central_dir) + { + $v_result=1; + + // ----- Go to the end of the zip file + $v_size = filesize($this->zipname); + @fseek($this->zip_fd, $v_size); + if (@ftell($this->zip_fd) != $v_size) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'Unable to go to the end of the archive \''.$this->zipname.'\''); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- First try : look if this is an archive with no commentaries (most of the time) + // in this case the end of central dir is at 22 bytes of the file end + $v_found = 0; + if ($v_size > 26) { + @fseek($this->zip_fd, $v_size-22); + if (($v_pos = @ftell($this->zip_fd)) != ($v_size-22)) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'Unable to seek back to the middle of the archive \''.$this->zipname.'\''); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read for bytes + $v_binary_data = @fread($this->zip_fd, 4); + $v_data = @unpack('Vid', $v_binary_data); + + // ----- Check signature + if ($v_data['id'] == 0x06054b50) { + $v_found = 1; + } + + $v_pos = ftell($this->zip_fd); + } + + // ----- Go back to the maximum possible size of the Central Dir End Record + if (!$v_found) { + $v_maximum_size = 65557; // 0xFFFF + 22; + if ($v_maximum_size > $v_size) + $v_maximum_size = $v_size; + @fseek($this->zip_fd, $v_size-$v_maximum_size); + if (@ftell($this->zip_fd) != ($v_size-$v_maximum_size)) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, 'Unable to seek back to the middle of the archive \''.$this->zipname.'\''); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read byte per byte in order to find the signature + $v_pos = ftell($this->zip_fd); + $v_bytes = 0x00000000; + while ($v_pos < $v_size) + { + // ----- Read a byte + $v_byte = @fread($this->zip_fd, 1); + + // ----- Add the byte + //$v_bytes = ($v_bytes << 8) | Ord($v_byte); + // Note we mask the old value down such that once shifted we can never end up with more than a 32bit number + // Otherwise on systems where we have 64bit integers the check below for the magic number will fail. + $v_bytes = ( ($v_bytes & 0xFFFFFF) << 8) | Ord($v_byte); + + // ----- Compare the bytes + if ($v_bytes == 0x504b0506) + { + $v_pos++; + break; + } + + $v_pos++; + } + + // ----- Look if not found end of central dir + if ($v_pos == $v_size) + { + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, "Unable to find End of Central Dir Record signature"); + + // ----- Return + return PclZip::errorCode(); + } + } + + // ----- Read the first 18 bytes of the header + $v_binary_data = fread($this->zip_fd, 18); + + // ----- Look for invalid block size + if (strlen($v_binary_data) != 18) + { + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, "Invalid End of Central Dir Record size : ".strlen($v_binary_data)); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Extract the values + $v_data = unpack('vdisk/vdisk_start/vdisk_entries/ventries/Vsize/Voffset/vcomment_size', $v_binary_data); + + // ----- Check the global size + if (($v_pos + $v_data['comment_size'] + 18) != $v_size) { + + // ----- Removed in release 2.2 see readme file + // The check of the file size is a little too strict. + // Some bugs where found when a zip is encrypted/decrypted with 'crypt'. + // While decrypted, zip has training 0 bytes + if (0) { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_BAD_FORMAT, + 'The central dir is not at the end of the archive.' + .' Some trailing bytes exists after the archive.'); + + // ----- Return + return PclZip::errorCode(); + } + } + + // ----- Get comment + if ($v_data['comment_size'] != 0) { + $p_central_dir['comment'] = fread($this->zip_fd, $v_data['comment_size']); + } + else + $p_central_dir['comment'] = ''; + + $p_central_dir['entries'] = $v_data['entries']; + $p_central_dir['disk_entries'] = $v_data['disk_entries']; + $p_central_dir['offset'] = $v_data['offset']; + $p_central_dir['size'] = $v_data['size']; + $p_central_dir['disk'] = $v_data['disk']; + $p_central_dir['disk_start'] = $v_data['disk_start']; + + // TBC + //for(reset($p_central_dir); $key = key($p_central_dir); next($p_central_dir)) { + //} + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privDeleteByRule() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privDeleteByRule(&$p_result_list, &$p_options) + { + $v_result=1; + $v_list_detail = array(); + + // ----- Open the zip file + if (($v_result=$this->privOpenFd('rb')) != 1) + { + // ----- Return + return $v_result; + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + $this->privCloseFd(); + return $v_result; + } + + // ----- Go to beginning of File + @rewind($this->zip_fd); + + // ----- Scan all the files + // ----- Start at beginning of Central Dir + $v_pos_entry = $v_central_dir['offset']; + @rewind($this->zip_fd); + if (@fseek($this->zip_fd, $v_pos_entry)) + { + // ----- Close the zip file + $this->privCloseFd(); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ARCHIVE_ZIP, 'Invalid archive size'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read each entry + $v_header_list = array(); + $j_start = 0; + for ($i=0, $v_nb_extracted=0; $i<$v_central_dir['entries']; $i++) + { + + // ----- Read the file header + $v_header_list[$v_nb_extracted] = array(); + if (($v_result = $this->privReadCentralFileHeader($v_header_list[$v_nb_extracted])) != 1) + { + // ----- Close the zip file + $this->privCloseFd(); + + return $v_result; + } + + + // ----- Store the index + $v_header_list[$v_nb_extracted]['index'] = $i; + + // ----- Look for the specific extract rules + $v_found = false; + + // ----- Look for extract by name rule + if ( (isset($p_options[PCLZIP_OPT_BY_NAME])) + && ($p_options[PCLZIP_OPT_BY_NAME] != 0)) { + + // ----- Look if the filename is in the list + for ($j=0; ($j<sizeof($p_options[PCLZIP_OPT_BY_NAME])) && (!$v_found); $j++) { + + // ----- Look for a directory + if (substr($p_options[PCLZIP_OPT_BY_NAME][$j], -1) == "/") { + + // ----- Look if the directory is in the filename path + if ( (strlen($v_header_list[$v_nb_extracted]['stored_filename']) > strlen($p_options[PCLZIP_OPT_BY_NAME][$j])) + && (substr($v_header_list[$v_nb_extracted]['stored_filename'], 0, strlen($p_options[PCLZIP_OPT_BY_NAME][$j])) == $p_options[PCLZIP_OPT_BY_NAME][$j])) { + $v_found = true; + } + elseif ( (($v_header_list[$v_nb_extracted]['external']&0x00000010)==0x00000010) /* Indicates a folder */ + && ($v_header_list[$v_nb_extracted]['stored_filename'].'/' == $p_options[PCLZIP_OPT_BY_NAME][$j])) { + $v_found = true; + } + } + // ----- Look for a filename + elseif ($v_header_list[$v_nb_extracted]['stored_filename'] == $p_options[PCLZIP_OPT_BY_NAME][$j]) { + $v_found = true; + } + } + } + + // ----- Look for extract by ereg rule + // ereg() is deprecated with PHP 5.3 + /* + else if ( (isset($p_options[PCLZIP_OPT_BY_EREG])) + && ($p_options[PCLZIP_OPT_BY_EREG] != "")) { + + if (ereg($p_options[PCLZIP_OPT_BY_EREG], $v_header_list[$v_nb_extracted]['stored_filename'])) { + $v_found = true; + } + } + */ + + // ----- Look for extract by preg rule + else if ( (isset($p_options[PCLZIP_OPT_BY_PREG])) + && ($p_options[PCLZIP_OPT_BY_PREG] != "")) { + + if (preg_match($p_options[PCLZIP_OPT_BY_PREG], $v_header_list[$v_nb_extracted]['stored_filename'])) { + $v_found = true; + } + } + + // ----- Look for extract by index rule + else if ( (isset($p_options[PCLZIP_OPT_BY_INDEX])) + && ($p_options[PCLZIP_OPT_BY_INDEX] != 0)) { + + // ----- Look if the index is in the list + for ($j=$j_start; ($j<sizeof($p_options[PCLZIP_OPT_BY_INDEX])) && (!$v_found); $j++) { + + if (($i>=$p_options[PCLZIP_OPT_BY_INDEX][$j]['start']) && ($i<=$p_options[PCLZIP_OPT_BY_INDEX][$j]['end'])) { + $v_found = true; + } + if ($i>=$p_options[PCLZIP_OPT_BY_INDEX][$j]['end']) { + $j_start = $j+1; + } + + if ($p_options[PCLZIP_OPT_BY_INDEX][$j]['start']>$i) { + break; + } + } + } + else { + $v_found = true; + } + + // ----- Look for deletion + if ($v_found) + { + unset($v_header_list[$v_nb_extracted]); + } + else + { + $v_nb_extracted++; + } + } + + // ----- Look if something need to be deleted + if ($v_nb_extracted > 0) { + + // ----- Creates a temporary file + $v_zip_temp_name = PCLZIP_TEMPORARY_DIR.uniqid('pclzip-').'.tmp'; + + // ----- Creates a temporary zip archive + $v_temp_zip = new PclZip($v_zip_temp_name); + + // ----- Open the temporary zip file in write mode + if (($v_result = $v_temp_zip->privOpenFd('wb')) != 1) { + $this->privCloseFd(); + + // ----- Return + return $v_result; + } + + // ----- Look which file need to be kept + for ($i=0; $i<sizeof($v_header_list); $i++) { + + // ----- Calculate the position of the header + @rewind($this->zip_fd); + if (@fseek($this->zip_fd, $v_header_list[$i]['offset'])) { + // ----- Close the zip file + $this->privCloseFd(); + $v_temp_zip->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_INVALID_ARCHIVE_ZIP, 'Invalid archive size'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Read the file header + $v_local_header = array(); + if (($v_result = $this->privReadFileHeader($v_local_header)) != 1) { + // ----- Close the zip file + $this->privCloseFd(); + $v_temp_zip->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Return + return $v_result; + } + + // ----- Check that local file header is same as central file header + if ($this->privCheckFileHeaders($v_local_header, + $v_header_list[$i]) != 1) { + // TBC + } + unset($v_local_header); + + // ----- Write the file header + if (($v_result = $v_temp_zip->privWriteFileHeader($v_header_list[$i])) != 1) { + // ----- Close the zip file + $this->privCloseFd(); + $v_temp_zip->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Return + return $v_result; + } + + // ----- Read/write the data block + if (($v_result = PclZipUtilCopyBlock($this->zip_fd, $v_temp_zip->zip_fd, $v_header_list[$i]['compressed_size'])) != 1) { + // ----- Close the zip file + $this->privCloseFd(); + $v_temp_zip->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Return + return $v_result; + } + } + + // ----- Store the offset of the central dir + $v_offset = @ftell($v_temp_zip->zip_fd); + + // ----- Re-Create the Central Dir files header + for ($i=0; $i<sizeof($v_header_list); $i++) { + // ----- Create the file header + if (($v_result = $v_temp_zip->privWriteCentralFileHeader($v_header_list[$i])) != 1) { + $v_temp_zip->privCloseFd(); + $this->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Return + return $v_result; + } + + // ----- Transform the header to a 'usable' info + $v_temp_zip->privConvertHeader2FileInfo($v_header_list[$i], $p_result_list[$i]); + } + + + // ----- Zip file comment + $v_comment = ''; + if (isset($p_options[PCLZIP_OPT_COMMENT])) { + $v_comment = $p_options[PCLZIP_OPT_COMMENT]; + } + + // ----- Calculate the size of the central header + $v_size = @ftell($v_temp_zip->zip_fd)-$v_offset; + + // ----- Create the central dir footer + if (($v_result = $v_temp_zip->privWriteCentralHeader(sizeof($v_header_list), $v_size, $v_offset, $v_comment)) != 1) { + // ----- Reset the file list + unset($v_header_list); + $v_temp_zip->privCloseFd(); + $this->privCloseFd(); + @unlink($v_zip_temp_name); + + // ----- Return + return $v_result; + } + + // ----- Close + $v_temp_zip->privCloseFd(); + $this->privCloseFd(); + + // ----- Delete the zip file + // TBC : I should test the result ... + @unlink($this->zipname); + + // ----- Rename the temporary file + // TBC : I should test the result ... + //@rename($v_zip_temp_name, $this->zipname); + PclZipUtilRename($v_zip_temp_name, $this->zipname); + + // ----- Destroy the temporary archive + unset($v_temp_zip); + } + + // ----- Remove every files : reset the file + else if ($v_central_dir['entries'] != 0) { + $this->privCloseFd(); + + if (($v_result = $this->privOpenFd('wb')) != 1) { + return $v_result; + } + + if (($v_result = $this->privWriteCentralHeader(0, 0, 0, '')) != 1) { + return $v_result; + } + + $this->privCloseFd(); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privDirCheck() + // Description : + // Check if a directory exists, if not it creates it and all the parents directory + // which may be useful. + // Parameters : + // $p_dir : Directory path to check. + // Return Values : + // 1 : OK + // -1 : Unable to create directory + // -------------------------------------------------------------------------------- + function privDirCheck($p_dir, $p_is_dir=false) + { + $v_result = 1; + + + // ----- Remove the final '/' + if (($p_is_dir) && (substr($p_dir, -1)=='/')) + { + $p_dir = substr($p_dir, 0, strlen($p_dir)-1); + } + + // ----- Check the directory availability + if ((is_dir($p_dir)) || ($p_dir == "")) + { + return 1; + } + + // ----- Extract parent directory + $p_parent_dir = dirname($p_dir); + + // ----- Just a check + if ($p_parent_dir != $p_dir) + { + // ----- Look for parent directory + if ($p_parent_dir != "") + { + if (($v_result = $this->privDirCheck($p_parent_dir)) != 1) + { + return $v_result; + } + } + } + + // ----- Create the directory + if (!@mkdir($p_dir, 0777)) + { + // ----- Error log + PclZip::privErrorLog(PCLZIP_ERR_DIR_CREATE_FAIL, "Unable to create directory '$p_dir'"); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privMerge() + // Description : + // If $p_archive_to_add does not exist, the function exit with a success result. + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privMerge(&$p_archive_to_add) + { + $v_result=1; + + // ----- Look if the archive_to_add exists + if (!is_file($p_archive_to_add->zipname)) + { + + // ----- Nothing to merge, so merge is a success + $v_result = 1; + + // ----- Return + return $v_result; + } + + // ----- Look if the archive exists + if (!is_file($this->zipname)) + { + + // ----- Do a duplicate + $v_result = $this->privDuplicate($p_archive_to_add->zipname); + + // ----- Return + return $v_result; + } + + // ----- Open the zip file + if (($v_result=$this->privOpenFd('rb')) != 1) + { + // ----- Return + return $v_result; + } + + // ----- Read the central directory information + $v_central_dir = array(); + if (($v_result = $this->privReadEndCentralDir($v_central_dir)) != 1) + { + $this->privCloseFd(); + return $v_result; + } + + // ----- Go to beginning of File + @rewind($this->zip_fd); + + // ----- Open the archive_to_add file + if (($v_result=$p_archive_to_add->privOpenFd('rb')) != 1) + { + $this->privCloseFd(); + + // ----- Return + return $v_result; + } + + // ----- Read the central directory information + $v_central_dir_to_add = array(); + if (($v_result = $p_archive_to_add->privReadEndCentralDir($v_central_dir_to_add)) != 1) + { + $this->privCloseFd(); + $p_archive_to_add->privCloseFd(); + + return $v_result; + } + + // ----- Go to beginning of File + @rewind($p_archive_to_add->zip_fd); + + // ----- Creates a temporary file + $v_zip_temp_name = PCLZIP_TEMPORARY_DIR.uniqid('pclzip-').'.tmp'; + + // ----- Open the temporary file in write mode + if (($v_zip_temp_fd = @fopen($v_zip_temp_name, 'wb')) == 0) + { + $this->privCloseFd(); + $p_archive_to_add->privCloseFd(); + + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open temporary file \''.$v_zip_temp_name.'\' in binary write mode'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Copy the files from the archive to the temporary file + // TBC : Here I should better append the file and go back to erase the central dir + $v_size = $v_central_dir['offset']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = fread($this->zip_fd, $v_read_size); + @fwrite($v_zip_temp_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Copy the files from the archive_to_add into the temporary file + $v_size = $v_central_dir_to_add['offset']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = fread($p_archive_to_add->zip_fd, $v_read_size); + @fwrite($v_zip_temp_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Store the offset of the central dir + $v_offset = @ftell($v_zip_temp_fd); + + // ----- Copy the block of file headers from the old archive + $v_size = $v_central_dir['size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($this->zip_fd, $v_read_size); + @fwrite($v_zip_temp_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Copy the block of file headers from the archive_to_add + $v_size = $v_central_dir_to_add['size']; + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($p_archive_to_add->zip_fd, $v_read_size); + @fwrite($v_zip_temp_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Merge the file comments + $v_comment = $v_central_dir['comment'].' '.$v_central_dir_to_add['comment']; + + // ----- Calculate the size of the (new) central header + $v_size = @ftell($v_zip_temp_fd)-$v_offset; + + // ----- Swap the file descriptor + // Here is a trick : I swap the temporary fd with the zip fd, in order to use + // the following methods on the temporary fil and not the real archive fd + $v_swap = $this->zip_fd; + $this->zip_fd = $v_zip_temp_fd; + $v_zip_temp_fd = $v_swap; + + // ----- Create the central dir footer + if (($v_result = $this->privWriteCentralHeader($v_central_dir['entries']+$v_central_dir_to_add['entries'], $v_size, $v_offset, $v_comment)) != 1) + { + $this->privCloseFd(); + $p_archive_to_add->privCloseFd(); + @fclose($v_zip_temp_fd); + $this->zip_fd = null; + + // ----- Reset the file list + unset($v_header_list); + + // ----- Return + return $v_result; + } + + // ----- Swap back the file descriptor + $v_swap = $this->zip_fd; + $this->zip_fd = $v_zip_temp_fd; + $v_zip_temp_fd = $v_swap; + + // ----- Close + $this->privCloseFd(); + $p_archive_to_add->privCloseFd(); + + // ----- Close the temporary file + @fclose($v_zip_temp_fd); + + // ----- Delete the zip file + // TBC : I should test the result ... + @unlink($this->zipname); + + // ----- Rename the temporary file + // TBC : I should test the result ... + //@rename($v_zip_temp_name, $this->zipname); + PclZipUtilRename($v_zip_temp_name, $this->zipname); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privDuplicate() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privDuplicate($p_archive_filename) + { + $v_result=1; + + // ----- Look if the $p_archive_filename exists + if (!is_file($p_archive_filename)) + { + + // ----- Nothing to duplicate, so duplicate is a success. + $v_result = 1; + + // ----- Return + return $v_result; + } + + // ----- Open the zip file + if (($v_result=$this->privOpenFd('wb')) != 1) + { + // ----- Return + return $v_result; + } + + // ----- Open the temporary file in write mode + if (($v_zip_temp_fd = @fopen($p_archive_filename, 'rb')) == 0) + { + $this->privCloseFd(); + + PclZip::privErrorLog(PCLZIP_ERR_READ_OPEN_FAIL, 'Unable to open archive file \''.$p_archive_filename.'\' in binary write mode'); + + // ----- Return + return PclZip::errorCode(); + } + + // ----- Copy the files from the archive to the temporary file + // TBC : Here I should better append the file and go back to erase the central dir + $v_size = filesize($p_archive_filename); + while ($v_size != 0) + { + $v_read_size = ($v_size < PCLZIP_READ_BLOCK_SIZE ? $v_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = fread($v_zip_temp_fd, $v_read_size); + @fwrite($this->zip_fd, $v_buffer, $v_read_size); + $v_size -= $v_read_size; + } + + // ----- Close + $this->privCloseFd(); + + // ----- Close the temporary file + @fclose($v_zip_temp_fd); + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privErrorLog() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function privErrorLog($p_error_code=0, $p_error_string='') + { + if (PCLZIP_ERROR_EXTERNAL == 1) { + PclError($p_error_code, $p_error_string); + } + else { + $this->error_code = $p_error_code; + $this->error_string = $p_error_string; + } + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privErrorReset() + // Description : + // Parameters : + // -------------------------------------------------------------------------------- + function privErrorReset() + { + if (PCLZIP_ERROR_EXTERNAL == 1) { + PclErrorReset(); + } + else { + $this->error_code = 0; + $this->error_string = ''; + } + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privDisableMagicQuotes() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privDisableMagicQuotes() + { + $v_result=1; + + // EDIT for WordPress 5.3.0 + // magic_quote functions are deprecated in PHP 7.4, now assuming it's always off. + /* + + // ----- Look if function exists + if ( (!function_exists("get_magic_quotes_runtime")) + || (!function_exists("set_magic_quotes_runtime"))) { + return $v_result; + } + + // ----- Look if already done + if ($this->magic_quotes_status != -1) { + return $v_result; + } + + // ----- Get and memorize the magic_quote value + $this->magic_quotes_status = @get_magic_quotes_runtime(); + + // ----- Disable magic_quotes + if ($this->magic_quotes_status == 1) { + @set_magic_quotes_runtime(0); + } + */ + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : privSwapBackMagicQuotes() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function privSwapBackMagicQuotes() + { + $v_result=1; + + // EDIT for WordPress 5.3.0 + // magic_quote functions are deprecated in PHP 7.4, now assuming it's always off. + /* + + // ----- Look if function exists + if ( (!function_exists("get_magic_quotes_runtime")) + || (!function_exists("set_magic_quotes_runtime"))) { + return $v_result; + } + + // ----- Look if something to do + if ($this->magic_quotes_status != -1) { + return $v_result; + } + + // ----- Swap back magic_quotes + if ($this->magic_quotes_status == 1) { + @set_magic_quotes_runtime($this->magic_quotes_status); + } + + */ + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + } + // End of class + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilPathReduction() + // Description : + // Parameters : + // Return Values : + // -------------------------------------------------------------------------------- + function PclZipUtilPathReduction($p_dir) + { + $v_result = ""; + + // ----- Look for not empty path + if ($p_dir != "") { + // ----- Explode path by directory names + $v_list = explode("/", $p_dir); + + // ----- Study directories from last to first + $v_skip = 0; + for ($i=sizeof($v_list)-1; $i>=0; $i--) { + // ----- Look for current path + if ($v_list[$i] == ".") { + // ----- Ignore this directory + // Should be the first $i=0, but no check is done + } + else if ($v_list[$i] == "..") { + $v_skip++; + } + else if ($v_list[$i] == "") { + // ----- First '/' i.e. root slash + if ($i == 0) { + $v_result = "/".$v_result; + if ($v_skip > 0) { + // ----- It is an invalid path, so the path is not modified + // TBC + $v_result = $p_dir; + $v_skip = 0; + } + } + // ----- Last '/' i.e. indicates a directory + else if ($i == (sizeof($v_list)-1)) { + $v_result = $v_list[$i]; + } + // ----- Double '/' inside the path + else { + // ----- Ignore only the double '//' in path, + // but not the first and last '/' + } + } + else { + // ----- Look for item to skip + if ($v_skip > 0) { + $v_skip--; + } + else { + $v_result = $v_list[$i].($i!=(sizeof($v_list)-1)?"/".$v_result:""); + } + } + } + + // ----- Look for skip + if ($v_skip > 0) { + while ($v_skip > 0) { + $v_result = '../'.$v_result; + $v_skip--; + } + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilPathInclusion() + // Description : + // This function indicates if the path $p_path is under the $p_dir tree. Or, + // said in an other way, if the file or sub-dir $p_path is inside the dir + // $p_dir. + // The function indicates also if the path is exactly the same as the dir. + // This function supports path with duplicated '/' like '//', but does not + // support '.' or '..' statements. + // Parameters : + // Return Values : + // 0 if $p_path is not inside directory $p_dir + // 1 if $p_path is inside directory $p_dir + // 2 if $p_path is exactly the same as $p_dir + // -------------------------------------------------------------------------------- + function PclZipUtilPathInclusion($p_dir, $p_path) + { + $v_result = 1; + + // ----- Look for path beginning by ./ + if ( ($p_dir == '.') + || ((strlen($p_dir) >=2) && (substr($p_dir, 0, 2) == './'))) { + $p_dir = PclZipUtilTranslateWinPath(getcwd(), FALSE).'/'.substr($p_dir, 1); + } + if ( ($p_path == '.') + || ((strlen($p_path) >=2) && (substr($p_path, 0, 2) == './'))) { + $p_path = PclZipUtilTranslateWinPath(getcwd(), FALSE).'/'.substr($p_path, 1); + } + + // ----- Explode dir and path by directory separator + $v_list_dir = explode("/", $p_dir); + $v_list_dir_size = sizeof($v_list_dir); + $v_list_path = explode("/", $p_path); + $v_list_path_size = sizeof($v_list_path); + + // ----- Study directories paths + $i = 0; + $j = 0; + while (($i < $v_list_dir_size) && ($j < $v_list_path_size) && ($v_result)) { + + // ----- Look for empty dir (path reduction) + if ($v_list_dir[$i] == '') { + $i++; + continue; + } + if ($v_list_path[$j] == '') { + $j++; + continue; + } + + // ----- Compare the items + if (($v_list_dir[$i] != $v_list_path[$j]) && ($v_list_dir[$i] != '') && ( $v_list_path[$j] != '')) { + $v_result = 0; + } + + // ----- Next items + $i++; + $j++; + } + + // ----- Look if everything seems to be the same + if ($v_result) { + // ----- Skip all the empty items + while (($j < $v_list_path_size) && ($v_list_path[$j] == '')) $j++; + while (($i < $v_list_dir_size) && ($v_list_dir[$i] == '')) $i++; + + if (($i >= $v_list_dir_size) && ($j >= $v_list_path_size)) { + // ----- There are exactly the same + $v_result = 2; + } + else if ($i < $v_list_dir_size) { + // ----- The path is shorter than the dir + $v_result = 0; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilCopyBlock() + // Description : + // Parameters : + // $p_mode : read/write compression mode + // 0 : src & dest normal + // 1 : src gzip, dest normal + // 2 : src normal, dest gzip + // 3 : src & dest gzip + // Return Values : + // -------------------------------------------------------------------------------- + function PclZipUtilCopyBlock($p_src, $p_dest, $p_size, $p_mode=0) + { + $v_result = 1; + + if ($p_mode==0) + { + while ($p_size != 0) + { + $v_read_size = ($p_size < PCLZIP_READ_BLOCK_SIZE ? $p_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($p_src, $v_read_size); + @fwrite($p_dest, $v_buffer, $v_read_size); + $p_size -= $v_read_size; + } + } + else if ($p_mode==1) + { + while ($p_size != 0) + { + $v_read_size = ($p_size < PCLZIP_READ_BLOCK_SIZE ? $p_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @gzread($p_src, $v_read_size); + @fwrite($p_dest, $v_buffer, $v_read_size); + $p_size -= $v_read_size; + } + } + else if ($p_mode==2) + { + while ($p_size != 0) + { + $v_read_size = ($p_size < PCLZIP_READ_BLOCK_SIZE ? $p_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @fread($p_src, $v_read_size); + @gzwrite($p_dest, $v_buffer, $v_read_size); + $p_size -= $v_read_size; + } + } + else if ($p_mode==3) + { + while ($p_size != 0) + { + $v_read_size = ($p_size < PCLZIP_READ_BLOCK_SIZE ? $p_size : PCLZIP_READ_BLOCK_SIZE); + $v_buffer = @gzread($p_src, $v_read_size); + @gzwrite($p_dest, $v_buffer, $v_read_size); + $p_size -= $v_read_size; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilRename() + // Description : + // This function tries to do a simple rename() function. If it fails, it + // tries to copy the $p_src file in a new $p_dest file and then unlink the + // first one. + // Parameters : + // $p_src : Old filename + // $p_dest : New filename + // Return Values : + // 1 on success, 0 on failure. + // -------------------------------------------------------------------------------- + function PclZipUtilRename($p_src, $p_dest) + { + $v_result = 1; + + // ----- Try to rename the files + if (!@rename($p_src, $p_dest)) { + + // ----- Try to copy & unlink the src + if (!@copy($p_src, $p_dest)) { + $v_result = 0; + } + else if (!@unlink($p_src)) { + $v_result = 0; + } + } + + // ----- Return + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilOptionText() + // Description : + // Translate option value in text. Mainly for debug purpose. + // Parameters : + // $p_option : the option value. + // Return Values : + // The option text value. + // -------------------------------------------------------------------------------- + function PclZipUtilOptionText($p_option) + { + + $v_list = get_defined_constants(); + for (reset($v_list); $v_key = key($v_list); next($v_list)) { + $v_prefix = substr($v_key, 0, 10); + if (( ($v_prefix == 'PCLZIP_OPT') + || ($v_prefix == 'PCLZIP_CB_') + || ($v_prefix == 'PCLZIP_ATT')) + && ($v_list[$v_key] == $p_option)) { + return $v_key; + } + } + + $v_result = 'Unknown'; + + return $v_result; + } + // -------------------------------------------------------------------------------- + + // -------------------------------------------------------------------------------- + // Function : PclZipUtilTranslateWinPath() + // Description : + // Translate windows path by replacing '\' by '/' and optionally removing + // drive letter. + // Parameters : + // $p_path : path to translate. + // $p_remove_disk_letter : true | false + // Return Values : + // The path translated. + // -------------------------------------------------------------------------------- + function PclZipUtilTranslateWinPath($p_path, $p_remove_disk_letter=true) + { + if (stristr(php_uname(), 'windows')) { + // ----- Look for potential disk letter + if (($p_remove_disk_letter) && (($v_position = strpos($p_path, ':')) != false)) { + $p_path = substr($p_path, $v_position+1); + } + // ----- Change potential windows directory separator + if ((strpos($p_path, '\\') > 0) || (substr($p_path, 0,1) == '\\')) { + $p_path = strtr($p_path, '\\', '/'); + } + } + return $p_path; + } + // -------------------------------------------------------------------------------- + + +?> diff --git a/wp-admin/includes/class-plugin-installer-skin.php b/wp-admin/includes/class-plugin-installer-skin.php new file mode 100644 index 0000000..ed165ed --- /dev/null +++ b/wp-admin/includes/class-plugin-installer-skin.php @@ -0,0 +1,349 @@ +<?php +/** + * Upgrader API: Plugin_Installer_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Plugin Installer Skin for WordPress Plugin Installer. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Plugin_Installer_Skin extends WP_Upgrader_Skin { + public $api; + public $type; + public $url; + public $overwrite; + + private $is_downgrading = false; + + /** + * @param array $args + */ + public function __construct( $args = array() ) { + $defaults = array( + 'type' => 'web', + 'url' => '', + 'plugin' => '', + 'nonce' => '', + 'title' => '', + 'overwrite' => '', + ); + $args = wp_parse_args( $args, $defaults ); + + $this->type = $args['type']; + $this->url = $args['url']; + $this->api = isset( $args['api'] ) ? $args['api'] : array(); + $this->overwrite = $args['overwrite']; + + parent::__construct( $args ); + } + + /** + * Performs an action before installing a plugin. + * + * @since 2.8.0 + */ + public function before() { + if ( ! empty( $this->api ) ) { + $this->upgrader->strings['process_success'] = sprintf( + $this->upgrader->strings['process_success_specific'], + $this->api->name, + $this->api->version + ); + } + } + + /** + * Hides the `process_failed` error when updating a plugin by uploading a zip file. + * + * @since 5.5.0 + * + * @param WP_Error $wp_error WP_Error object. + * @return bool True if the error should be hidden, false otherwise. + */ + public function hide_process_failed( $wp_error ) { + if ( + 'upload' === $this->type && + '' === $this->overwrite && + $wp_error->get_error_code() === 'folder_exists' + ) { + return true; + } + + return false; + } + + /** + * Performs an action following a plugin install. + * + * @since 2.8.0 + */ + public function after() { + // Check if the plugin can be overwritten and output the HTML. + if ( $this->do_overwrite() ) { + return; + } + + $plugin_file = $this->upgrader->plugin_info(); + + $install_actions = array(); + + $from = isset( $_GET['from'] ) ? wp_unslash( $_GET['from'] ) : 'plugins'; + + if ( 'import' === $from ) { + $install_actions['activate_plugin'] = sprintf( + '<a class="button button-primary" href="%s" target="_parent">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&from=import&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file ), + __( 'Activate Plugin & Run Importer' ) + ); + } elseif ( 'press-this' === $from ) { + $install_actions['activate_plugin'] = sprintf( + '<a class="button button-primary" href="%s" target="_parent">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&from=press-this&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file ), + __( 'Activate Plugin & Go to Press This' ) + ); + } else { + $install_actions['activate_plugin'] = sprintf( + '<a class="button button-primary" href="%s" target="_parent">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file ), + __( 'Activate Plugin' ) + ); + } + + if ( is_multisite() && current_user_can( 'manage_network_plugins' ) ) { + $install_actions['network_activate'] = sprintf( + '<a class="button button-primary" href="%s" target="_parent">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&networkwide=1&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file ), + __( 'Network Activate' ) + ); + unset( $install_actions['activate_plugin'] ); + } + + if ( 'import' === $from ) { + $install_actions['importers_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + admin_url( 'import.php' ), + __( 'Go to Importers' ) + ); + } elseif ( 'web' === $this->type ) { + $install_actions['plugins_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'plugin-install.php' ), + __( 'Go to Plugin Installer' ) + ); + } elseif ( 'upload' === $this->type && 'plugins' === $from ) { + $install_actions['plugins_page'] = sprintf( + '<a href="%s">%s</a>', + self_admin_url( 'plugin-install.php' ), + __( 'Go to Plugin Installer' ) + ); + } else { + $install_actions['plugins_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'plugins.php' ), + __( 'Go to Plugins page' ) + ); + } + + if ( ! $this->result || is_wp_error( $this->result ) ) { + unset( $install_actions['activate_plugin'], $install_actions['network_activate'] ); + } elseif ( ! current_user_can( 'activate_plugin', $plugin_file ) || is_plugin_active( $plugin_file ) ) { + unset( $install_actions['activate_plugin'] ); + } + + /** + * Filters the list of action links available following a single plugin installation. + * + * @since 2.7.0 + * + * @param string[] $install_actions Array of plugin action links. + * @param object $api Object containing WordPress.org API plugin data. Empty + * for non-API installs, such as when a plugin is installed + * via upload. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + */ + $install_actions = apply_filters( 'install_plugin_complete_actions', $install_actions, $this->api, $plugin_file ); + + if ( ! empty( $install_actions ) ) { + $this->feedback( implode( ' ', (array) $install_actions ) ); + } + } + + /** + * Checks if the plugin can be overwritten and outputs the HTML for overwriting a plugin on upload. + * + * @since 5.5.0 + * + * @return bool Whether the plugin can be overwritten and HTML was outputted. + */ + private function do_overwrite() { + if ( 'upload' !== $this->type || ! is_wp_error( $this->result ) || 'folder_exists' !== $this->result->get_error_code() ) { + return false; + } + + $folder = $this->result->get_error_data( 'folder_exists' ); + $folder = ltrim( substr( $folder, strlen( WP_PLUGIN_DIR ) ), '/' ); + + $current_plugin_data = false; + $all_plugins = get_plugins(); + + foreach ( $all_plugins as $plugin => $plugin_data ) { + if ( strrpos( $plugin, $folder ) !== 0 ) { + continue; + } + + $current_plugin_data = $plugin_data; + } + + $new_plugin_data = $this->upgrader->new_plugin_data; + + if ( ! $current_plugin_data || ! $new_plugin_data ) { + return false; + } + + echo '<h2 class="update-from-upload-heading">' . esc_html__( 'This plugin is already installed.' ) . '</h2>'; + + $this->is_downgrading = version_compare( $current_plugin_data['Version'], $new_plugin_data['Version'], '>' ); + + $rows = array( + 'Name' => __( 'Plugin name' ), + 'Version' => __( 'Version' ), + 'Author' => __( 'Author' ), + 'RequiresWP' => __( 'Required WordPress version' ), + 'RequiresPHP' => __( 'Required PHP version' ), + ); + + $table = '<table class="update-from-upload-comparison"><tbody>'; + $table .= '<tr><th></th><th>' . esc_html_x( 'Current', 'plugin' ) . '</th>'; + $table .= '<th>' . esc_html_x( 'Uploaded', 'plugin' ) . '</th></tr>'; + + $is_same_plugin = true; // Let's consider only these rows. + + foreach ( $rows as $field => $label ) { + $old_value = ! empty( $current_plugin_data[ $field ] ) ? (string) $current_plugin_data[ $field ] : '-'; + $new_value = ! empty( $new_plugin_data[ $field ] ) ? (string) $new_plugin_data[ $field ] : '-'; + + $is_same_plugin = $is_same_plugin && ( $old_value === $new_value ); + + $diff_field = ( 'Version' !== $field && $new_value !== $old_value ); + $diff_version = ( 'Version' === $field && $this->is_downgrading ); + + $table .= '<tr><td class="name-label">' . $label . '</td><td>' . wp_strip_all_tags( $old_value ) . '</td>'; + $table .= ( $diff_field || $diff_version ) ? '<td class="warning">' : '<td>'; + $table .= wp_strip_all_tags( $new_value ) . '</td></tr>'; + } + + $table .= '</tbody></table>'; + + /** + * Filters the compare table output for overwriting a plugin package on upload. + * + * @since 5.5.0 + * + * @param string $table The output table with Name, Version, Author, RequiresWP, and RequiresPHP info. + * @param array $current_plugin_data Array with current plugin data. + * @param array $new_plugin_data Array with uploaded plugin data. + */ + echo apply_filters( 'install_plugin_overwrite_comparison', $table, $current_plugin_data, $new_plugin_data ); + + $install_actions = array(); + $can_update = true; + + $blocked_message = '<p>' . esc_html__( 'The plugin cannot be updated due to the following:' ) . '</p>'; + $blocked_message .= '<ul class="ul-disc">'; + + $requires_php = isset( $new_plugin_data['RequiresPHP'] ) ? $new_plugin_data['RequiresPHP'] : null; + $requires_wp = isset( $new_plugin_data['RequiresWP'] ) ? $new_plugin_data['RequiresWP'] : null; + + if ( ! is_php_version_compatible( $requires_php ) ) { + $error = sprintf( + /* translators: 1: Current PHP version, 2: Version required by the uploaded plugin. */ + __( 'The PHP version on your server is %1$s, however the uploaded plugin requires %2$s.' ), + PHP_VERSION, + $requires_php + ); + + $blocked_message .= '<li>' . esc_html( $error ) . '</li>'; + $can_update = false; + } + + if ( ! is_wp_version_compatible( $requires_wp ) ) { + $error = sprintf( + /* translators: 1: Current WordPress version, 2: Version required by the uploaded plugin. */ + __( 'Your WordPress version is %1$s, however the uploaded plugin requires %2$s.' ), + get_bloginfo( 'version' ), + $requires_wp + ); + + $blocked_message .= '<li>' . esc_html( $error ) . '</li>'; + $can_update = false; + } + + $blocked_message .= '</ul>'; + + if ( $can_update ) { + if ( $this->is_downgrading ) { + $warning = sprintf( + /* translators: %s: Documentation URL. */ + __( 'You are uploading an older version of a current plugin. You can continue to install the older version, but be sure to <a href="%s">back up your database and files</a> first.' ), + __( 'https://wordpress.org/documentation/article/wordpress-backups/' ) + ); + } else { + $warning = sprintf( + /* translators: %s: Documentation URL. */ + __( 'You are updating a plugin. Be sure to <a href="%s">back up your database and files</a> first.' ), + __( 'https://wordpress.org/documentation/article/wordpress-backups/' ) + ); + } + + echo '<p class="update-from-upload-notice">' . $warning . '</p>'; + + $overwrite = $this->is_downgrading ? 'downgrade-plugin' : 'update-plugin'; + + $install_actions['overwrite_plugin'] = sprintf( + '<a class="button button-primary update-from-upload-overwrite" href="%s" target="_parent">%s</a>', + wp_nonce_url( add_query_arg( 'overwrite', $overwrite, $this->url ), 'plugin-upload' ), + _x( 'Replace current with uploaded', 'plugin' ) + ); + } else { + echo $blocked_message; + } + + $cancel_url = add_query_arg( 'action', 'upload-plugin-cancel-overwrite', $this->url ); + + $install_actions['plugins_page'] = sprintf( + '<a class="button" href="%s">%s</a>', + wp_nonce_url( $cancel_url, 'plugin-upload-cancel-overwrite' ), + __( 'Cancel and go back' ) + ); + + /** + * Filters the list of action links available following a single plugin installation failure + * when overwriting is allowed. + * + * @since 5.5.0 + * + * @param string[] $install_actions Array of plugin action links. + * @param object $api Object containing WordPress.org API plugin data. + * @param array $new_plugin_data Array with uploaded plugin data. + */ + $install_actions = apply_filters( 'install_plugin_overwrite_actions', $install_actions, $this->api, $new_plugin_data ); + + if ( ! empty( $install_actions ) ) { + printf( + '<p class="update-from-upload-expired hidden">%s</p>', + __( 'The uploaded file has expired. Please go back and upload it again.' ) + ); + echo '<p class="update-from-upload-actions">' . implode( ' ', (array) $install_actions ) . '</p>'; + } + + return true; + } +} diff --git a/wp-admin/includes/class-plugin-upgrader-skin.php b/wp-admin/includes/class-plugin-upgrader-skin.php new file mode 100644 index 0000000..0e3e778 --- /dev/null +++ b/wp-admin/includes/class-plugin-upgrader-skin.php @@ -0,0 +1,123 @@ +<?php +/** + * Upgrader API: Plugin_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Plugin Upgrader Skin for WordPress Plugin Upgrades. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Plugin_Upgrader_Skin extends WP_Upgrader_Skin { + + /** + * Holds the plugin slug in the Plugin Directory. + * + * @since 2.8.0 + * + * @var string + */ + public $plugin = ''; + + /** + * Whether the plugin is active. + * + * @since 2.8.0 + * + * @var bool + */ + public $plugin_active = false; + + /** + * Whether the plugin is active for the entire network. + * + * @since 2.8.0 + * + * @var bool + */ + public $plugin_network_active = false; + + /** + * Constructor. + * + * Sets up the plugin upgrader skin. + * + * @since 2.8.0 + * + * @param array $args Optional. The plugin upgrader skin arguments to + * override default options. Default empty array. + */ + public function __construct( $args = array() ) { + $defaults = array( + 'url' => '', + 'plugin' => '', + 'nonce' => '', + 'title' => __( 'Update Plugin' ), + ); + $args = wp_parse_args( $args, $defaults ); + + $this->plugin = $args['plugin']; + + $this->plugin_active = is_plugin_active( $this->plugin ); + $this->plugin_network_active = is_plugin_active_for_network( $this->plugin ); + + parent::__construct( $args ); + } + + /** + * Performs an action following a single plugin update. + * + * @since 2.8.0 + */ + public function after() { + $this->plugin = $this->upgrader->plugin_info(); + if ( ! empty( $this->plugin ) && ! is_wp_error( $this->result ) && $this->plugin_active ) { + // Currently used only when JS is off for a single plugin update? + printf( + '<iframe title="%s" style="border:0;overflow:hidden" width="100%%" height="170" src="%s"></iframe>', + esc_attr__( 'Update progress' ), + wp_nonce_url( 'update.php?action=activate-plugin&networkwide=' . $this->plugin_network_active . '&plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin ) + ); + } + + $this->decrement_update_count( 'plugin' ); + + $update_actions = array( + 'activate_plugin' => sprintf( + '<a href="%s" target="_parent">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin ), + __( 'Activate Plugin' ) + ), + 'plugins_page' => sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'plugins.php' ), + __( 'Go to Plugins page' ) + ), + ); + + if ( $this->plugin_active || ! $this->result || is_wp_error( $this->result ) || ! current_user_can( 'activate_plugin', $this->plugin ) ) { + unset( $update_actions['activate_plugin'] ); + } + + /** + * Filters the list of action links available following a single plugin update. + * + * @since 2.7.0 + * + * @param string[] $update_actions Array of plugin action links. + * @param string $plugin Path to the plugin file relative to the plugins directory. + */ + $update_actions = apply_filters( 'update_plugin_complete_actions', $update_actions, $this->plugin ); + + if ( ! empty( $update_actions ) ) { + $this->feedback( implode( ' | ', (array) $update_actions ) ); + } + } +} diff --git a/wp-admin/includes/class-plugin-upgrader.php b/wp-admin/includes/class-plugin-upgrader.php new file mode 100644 index 0000000..02743f6 --- /dev/null +++ b/wp-admin/includes/class-plugin-upgrader.php @@ -0,0 +1,712 @@ +<?php +/** + * Upgrade API: Plugin_Upgrader class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for upgrading/installing plugins. + * + * It is designed to upgrade/install plugins from a local zip, remote zip URL, + * or uploaded zip file. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + * + * @see WP_Upgrader + */ +class Plugin_Upgrader extends WP_Upgrader { + + /** + * Plugin upgrade result. + * + * @since 2.8.0 + * @var array|WP_Error $result + * + * @see WP_Upgrader::$result + */ + public $result; + + /** + * Whether a bulk upgrade/installation is being performed. + * + * @since 2.9.0 + * @var bool $bulk + */ + public $bulk = false; + + /** + * New plugin info. + * + * @since 5.5.0 + * @var array $new_plugin_data + * + * @see check_package() + */ + public $new_plugin_data = array(); + + /** + * Initializes the upgrade strings. + * + * @since 2.8.0 + */ + public function upgrade_strings() { + $this->strings['up_to_date'] = __( 'The plugin is at the latest version.' ); + $this->strings['no_package'] = __( 'Update package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading update from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the update…' ); + $this->strings['remove_old'] = __( 'Removing the old version of the plugin…' ); + $this->strings['remove_old_failed'] = __( 'Could not remove the old plugin.' ); + $this->strings['process_failed'] = __( 'Plugin update failed.' ); + $this->strings['process_success'] = __( 'Plugin updated successfully.' ); + $this->strings['process_bulk_success'] = __( 'Plugins updated successfully.' ); + } + + /** + * Initializes the installation strings. + * + * @since 2.8.0 + */ + public function install_strings() { + $this->strings['no_package'] = __( 'Installation package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading installation package from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the package…' ); + $this->strings['installing_package'] = __( 'Installing the plugin…' ); + $this->strings['remove_old'] = __( 'Removing the current plugin…' ); + $this->strings['remove_old_failed'] = __( 'Could not remove the current plugin.' ); + $this->strings['no_files'] = __( 'The plugin contains no files.' ); + $this->strings['process_failed'] = __( 'Plugin installation failed.' ); + $this->strings['process_success'] = __( 'Plugin installed successfully.' ); + /* translators: 1: Plugin name, 2: Plugin version. */ + $this->strings['process_success_specific'] = __( 'Successfully installed the plugin <strong>%1$s %2$s</strong>.' ); + + if ( ! empty( $this->skin->overwrite ) ) { + if ( 'update-plugin' === $this->skin->overwrite ) { + $this->strings['installing_package'] = __( 'Updating the plugin…' ); + $this->strings['process_failed'] = __( 'Plugin update failed.' ); + $this->strings['process_success'] = __( 'Plugin updated successfully.' ); + } + + if ( 'downgrade-plugin' === $this->skin->overwrite ) { + $this->strings['installing_package'] = __( 'Downgrading the plugin…' ); + $this->strings['process_failed'] = __( 'Plugin downgrade failed.' ); + $this->strings['process_success'] = __( 'Plugin downgraded successfully.' ); + } + } + } + + /** + * Install a plugin package. + * + * @since 2.8.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the plugin update cache optional. + * + * @param string $package The full local path or URI of the package. + * @param array $args { + * Optional. Other arguments for installing a plugin package. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the plugin updates cache if successful. + * Default true. + * } + * @return bool|WP_Error True if the installation was successful, false or a WP_Error otherwise. + */ + public function install( $package, $args = array() ) { + $defaults = array( + 'clear_update_cache' => true, + 'overwrite_package' => false, // Do not overwrite files. + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->install_strings(); + + add_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + + if ( $parsed_args['clear_update_cache'] ) { + // Clear cache so wp_update_plugins() knows about the new plugin. + add_action( 'upgrader_process_complete', 'wp_clean_plugins_cache', 9, 0 ); + } + + $this->run( + array( + 'package' => $package, + 'destination' => WP_PLUGIN_DIR, + 'clear_destination' => $parsed_args['overwrite_package'], + 'clear_working' => true, + 'hook_extra' => array( + 'type' => 'plugin', + 'action' => 'install', + ), + ) + ); + + remove_action( 'upgrader_process_complete', 'wp_clean_plugins_cache', 9 ); + remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + + if ( ! $this->result || is_wp_error( $this->result ) ) { + return $this->result; + } + + // Force refresh of plugin update information. + wp_clean_plugins_cache( $parsed_args['clear_update_cache'] ); + + if ( $parsed_args['overwrite_package'] ) { + /** + * Fires when the upgrader has successfully overwritten a currently installed + * plugin or theme with an uploaded zip package. + * + * @since 5.5.0 + * + * @param string $package The package file. + * @param array $data The new plugin or theme data. + * @param string $package_type The package type ('plugin' or 'theme'). + */ + do_action( 'upgrader_overwrote_package', $package, $this->new_plugin_data, 'plugin' ); + } + + return true; + } + + /** + * Upgrades a plugin. + * + * @since 2.8.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the plugin update cache optional. + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param array $args { + * Optional. Other arguments for upgrading a plugin package. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the plugin updates cache if successful. + * Default true. + * } + * @return bool|WP_Error True if the upgrade was successful, false or a WP_Error object otherwise. + */ + public function upgrade( $plugin, $args = array() ) { + $defaults = array( + 'clear_update_cache' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->upgrade_strings(); + + $current = get_site_transient( 'update_plugins' ); + if ( ! isset( $current->response[ $plugin ] ) ) { + $this->skin->before(); + $this->skin->set_result( false ); + $this->skin->error( 'up_to_date' ); + $this->skin->after(); + return false; + } + + // Get the URL to the zip file. + $r = $current->response[ $plugin ]; + + add_filter( 'upgrader_pre_install', array( $this, 'deactivate_plugin_before_upgrade' ), 10, 2 ); + add_filter( 'upgrader_pre_install', array( $this, 'active_before' ), 10, 2 ); + add_filter( 'upgrader_clear_destination', array( $this, 'delete_old_plugin' ), 10, 4 ); + add_filter( 'upgrader_post_install', array( $this, 'active_after' ), 10, 2 ); + /* + * There's a Trac ticket to move up the directory for zips which are made a bit differently, useful for non-.org plugins. + * 'source_selection' => array( $this, 'source_selection' ), + */ + if ( $parsed_args['clear_update_cache'] ) { + // Clear cache so wp_update_plugins() knows about the new plugin. + add_action( 'upgrader_process_complete', 'wp_clean_plugins_cache', 9, 0 ); + } + + $this->run( + array( + 'package' => $r->package, + 'destination' => WP_PLUGIN_DIR, + 'clear_destination' => true, + 'clear_working' => true, + 'hook_extra' => array( + 'plugin' => $plugin, + 'type' => 'plugin', + 'action' => 'update', + 'temp_backup' => array( + 'slug' => dirname( $plugin ), + 'src' => WP_PLUGIN_DIR, + 'dir' => 'plugins', + ), + ), + ) + ); + + // Cleanup our hooks, in case something else does an upgrade on this connection. + remove_action( 'upgrader_process_complete', 'wp_clean_plugins_cache', 9 ); + remove_filter( 'upgrader_pre_install', array( $this, 'deactivate_plugin_before_upgrade' ) ); + remove_filter( 'upgrader_pre_install', array( $this, 'active_before' ) ); + remove_filter( 'upgrader_clear_destination', array( $this, 'delete_old_plugin' ) ); + remove_filter( 'upgrader_post_install', array( $this, 'active_after' ) ); + + if ( ! $this->result || is_wp_error( $this->result ) ) { + return $this->result; + } + + // Force refresh of plugin update information. + wp_clean_plugins_cache( $parsed_args['clear_update_cache'] ); + + /* + * Ensure any future auto-update failures trigger a failure email by removing + * the last failure notification from the list when plugins update successfully. + */ + $past_failure_emails = get_option( 'auto_plugin_theme_update_emails', array() ); + + if ( isset( $past_failure_emails[ $plugin ] ) ) { + unset( $past_failure_emails[ $plugin ] ); + update_option( 'auto_plugin_theme_update_emails', $past_failure_emails ); + } + + return true; + } + + /** + * Upgrades several plugins at once. + * + * @since 2.8.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the plugin update cache optional. + * + * @global string $wp_version The WordPress version string. + * + * @param string[] $plugins Array of paths to plugin files relative to the plugins directory. + * @param array $args { + * Optional. Other arguments for upgrading several plugins at once. + * + * @type bool $clear_update_cache Whether to clear the plugin updates cache if successful. Default true. + * } + * @return array|false An array of results indexed by plugin file, or false if unable to connect to the filesystem. + */ + public function bulk_upgrade( $plugins, $args = array() ) { + global $wp_version; + + $defaults = array( + 'clear_update_cache' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->bulk = true; + $this->upgrade_strings(); + + $current = get_site_transient( 'update_plugins' ); + + add_filter( 'upgrader_clear_destination', array( $this, 'delete_old_plugin' ), 10, 4 ); + + $this->skin->header(); + + // Connect to the filesystem first. + $res = $this->fs_connect( array( WP_CONTENT_DIR, WP_PLUGIN_DIR ) ); + if ( ! $res ) { + $this->skin->footer(); + return false; + } + + $this->skin->bulk_header(); + + /* + * Only start maintenance mode if: + * - running Multisite and there are one or more plugins specified, OR + * - a plugin with an update available is currently active. + * @todo For multisite, maintenance mode should only kick in for individual sites if at all possible. + */ + $maintenance = ( is_multisite() && ! empty( $plugins ) ); + foreach ( $plugins as $plugin ) { + $maintenance = $maintenance || ( is_plugin_active( $plugin ) && isset( $current->response[ $plugin ] ) ); + } + if ( $maintenance ) { + $this->maintenance_mode( true ); + } + + $results = array(); + + $this->update_count = count( $plugins ); + $this->update_current = 0; + foreach ( $plugins as $plugin ) { + ++$this->update_current; + $this->skin->plugin_info = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin, false, true ); + + if ( ! isset( $current->response[ $plugin ] ) ) { + $this->skin->set_result( 'up_to_date' ); + $this->skin->before(); + $this->skin->feedback( 'up_to_date' ); + $this->skin->after(); + $results[ $plugin ] = true; + continue; + } + + // Get the URL to the zip file. + $r = $current->response[ $plugin ]; + + $this->skin->plugin_active = is_plugin_active( $plugin ); + + if ( isset( $r->requires ) && ! is_wp_version_compatible( $r->requires ) ) { + $result = new WP_Error( + 'incompatible_wp_required_version', + sprintf( + /* translators: 1: Current WordPress version, 2: WordPress version required by the new plugin version. */ + __( 'Your WordPress version is %1$s, however the new plugin version requires %2$s.' ), + $wp_version, + $r->requires + ) + ); + + $this->skin->before( $result ); + $this->skin->error( $result ); + $this->skin->after(); + } elseif ( isset( $r->requires_php ) && ! is_php_version_compatible( $r->requires_php ) ) { + $result = new WP_Error( + 'incompatible_php_required_version', + sprintf( + /* translators: 1: Current PHP version, 2: PHP version required by the new plugin version. */ + __( 'The PHP version on your server is %1$s, however the new plugin version requires %2$s.' ), + PHP_VERSION, + $r->requires_php + ) + ); + + $this->skin->before( $result ); + $this->skin->error( $result ); + $this->skin->after(); + } else { + add_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + $result = $this->run( + array( + 'package' => $r->package, + 'destination' => WP_PLUGIN_DIR, + 'clear_destination' => true, + 'clear_working' => true, + 'is_multi' => true, + 'hook_extra' => array( + 'plugin' => $plugin, + 'temp_backup' => array( + 'slug' => dirname( $plugin ), + 'src' => WP_PLUGIN_DIR, + 'dir' => 'plugins', + ), + ), + ) + ); + remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + } + + $results[ $plugin ] = $result; + + // Prevent credentials auth screen from displaying multiple times. + if ( false === $result ) { + break; + } + } // End foreach $plugins. + + $this->maintenance_mode( false ); + + // Force refresh of plugin update information. + wp_clean_plugins_cache( $parsed_args['clear_update_cache'] ); + + /** This action is documented in wp-admin/includes/class-wp-upgrader.php */ + do_action( + 'upgrader_process_complete', + $this, + array( + 'action' => 'update', + 'type' => 'plugin', + 'bulk' => true, + 'plugins' => $plugins, + ) + ); + + $this->skin->bulk_footer(); + + $this->skin->footer(); + + // Cleanup our hooks, in case something else does an upgrade on this connection. + remove_filter( 'upgrader_clear_destination', array( $this, 'delete_old_plugin' ) ); + + /* + * Ensure any future auto-update failures trigger a failure email by removing + * the last failure notification from the list when plugins update successfully. + */ + $past_failure_emails = get_option( 'auto_plugin_theme_update_emails', array() ); + + foreach ( $results as $plugin => $result ) { + // Maintain last failure notification when plugins failed to update manually. + if ( ! $result || is_wp_error( $result ) || ! isset( $past_failure_emails[ $plugin ] ) ) { + continue; + } + + unset( $past_failure_emails[ $plugin ] ); + } + + update_option( 'auto_plugin_theme_update_emails', $past_failure_emails ); + + return $results; + } + + /** + * Checks that the source package contains a valid plugin. + * + * Hooked to the {@see 'upgrader_source_selection'} filter by Plugin_Upgrader::install(). + * + * @since 3.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global string $wp_version The WordPress version string. + * + * @param string $source The path to the downloaded package source. + * @return string|WP_Error The source as passed, or a WP_Error object on failure. + */ + public function check_package( $source ) { + global $wp_filesystem, $wp_version; + + $this->new_plugin_data = array(); + + if ( is_wp_error( $source ) ) { + return $source; + } + + $working_directory = str_replace( $wp_filesystem->wp_content_dir(), trailingslashit( WP_CONTENT_DIR ), $source ); + if ( ! is_dir( $working_directory ) ) { // Sanity check, if the above fails, let's not prevent installation. + return $source; + } + + // Check that the folder contains at least 1 valid plugin. + $files = glob( $working_directory . '*.php' ); + if ( $files ) { + foreach ( $files as $file ) { + $info = get_plugin_data( $file, false, false ); + if ( ! empty( $info['Name'] ) ) { + $this->new_plugin_data = $info; + break; + } + } + } + + if ( empty( $this->new_plugin_data ) ) { + return new WP_Error( 'incompatible_archive_no_plugins', $this->strings['incompatible_archive'], __( 'No valid plugins were found.' ) ); + } + + $requires_php = isset( $info['RequiresPHP'] ) ? $info['RequiresPHP'] : null; + $requires_wp = isset( $info['RequiresWP'] ) ? $info['RequiresWP'] : null; + + if ( ! is_php_version_compatible( $requires_php ) ) { + $error = sprintf( + /* translators: 1: Current PHP version, 2: Version required by the uploaded plugin. */ + __( 'The PHP version on your server is %1$s, however the uploaded plugin requires %2$s.' ), + PHP_VERSION, + $requires_php + ); + + return new WP_Error( 'incompatible_php_required_version', $this->strings['incompatible_archive'], $error ); + } + + if ( ! is_wp_version_compatible( $requires_wp ) ) { + $error = sprintf( + /* translators: 1: Current WordPress version, 2: Version required by the uploaded plugin. */ + __( 'Your WordPress version is %1$s, however the uploaded plugin requires %2$s.' ), + $wp_version, + $requires_wp + ); + + return new WP_Error( 'incompatible_wp_required_version', $this->strings['incompatible_archive'], $error ); + } + + return $source; + } + + /** + * Retrieves the path to the file that contains the plugin info. + * + * This isn't used internally in the class, but is called by the skins. + * + * @since 2.8.0 + * + * @return string|false The full path to the main plugin file, or false. + */ + public function plugin_info() { + if ( ! is_array( $this->result ) ) { + return false; + } + if ( empty( $this->result['destination_name'] ) ) { + return false; + } + + // Ensure to pass with leading slash. + $plugin = get_plugins( '/' . $this->result['destination_name'] ); + if ( empty( $plugin ) ) { + return false; + } + + // Assume the requested plugin is the first in the list. + $pluginfiles = array_keys( $plugin ); + + return $this->result['destination_name'] . '/' . $pluginfiles[0]; + } + + /** + * Deactivates a plugin before it is upgraded. + * + * Hooked to the {@see 'upgrader_pre_install'} filter by Plugin_Upgrader::upgrade(). + * + * @since 2.8.0 + * @since 4.1.0 Added a return value. + * + * @param bool|WP_Error $response The installation response before the installation has started. + * @param array $plugin Plugin package arguments. + * @return bool|WP_Error The original `$response` parameter or WP_Error. + */ + public function deactivate_plugin_before_upgrade( $response, $plugin ) { + + if ( is_wp_error( $response ) ) { // Bypass. + return $response; + } + + // When in cron (background updates) don't deactivate the plugin, as we require a browser to reactivate it. + if ( wp_doing_cron() ) { + return $response; + } + + $plugin = isset( $plugin['plugin'] ) ? $plugin['plugin'] : ''; + if ( empty( $plugin ) ) { + return new WP_Error( 'bad_request', $this->strings['bad_request'] ); + } + + if ( is_plugin_active( $plugin ) ) { + // Deactivate the plugin silently, Prevent deactivation hooks from running. + deactivate_plugins( $plugin, true ); + } + + return $response; + } + + /** + * Turns on maintenance mode before attempting to background update an active plugin. + * + * Hooked to the {@see 'upgrader_pre_install'} filter by Plugin_Upgrader::upgrade(). + * + * @since 5.4.0 + * + * @param bool|WP_Error $response The installation response before the installation has started. + * @param array $plugin Plugin package arguments. + * @return bool|WP_Error The original `$response` parameter or WP_Error. + */ + public function active_before( $response, $plugin ) { + if ( is_wp_error( $response ) ) { + return $response; + } + + // Only enable maintenance mode when in cron (background update). + if ( ! wp_doing_cron() ) { + return $response; + } + + $plugin = isset( $plugin['plugin'] ) ? $plugin['plugin'] : ''; + + // Only run if plugin is active. + if ( ! is_plugin_active( $plugin ) ) { + return $response; + } + + // Change to maintenance mode. Bulk edit handles this separately. + if ( ! $this->bulk ) { + $this->maintenance_mode( true ); + } + + return $response; + } + + /** + * Turns off maintenance mode after upgrading an active plugin. + * + * Hooked to the {@see 'upgrader_post_install'} filter by Plugin_Upgrader::upgrade(). + * + * @since 5.4.0 + * + * @param bool|WP_Error $response The installation response after the installation has finished. + * @param array $plugin Plugin package arguments. + * @return bool|WP_Error The original `$response` parameter or WP_Error. + */ + public function active_after( $response, $plugin ) { + if ( is_wp_error( $response ) ) { + return $response; + } + + // Only disable maintenance mode when in cron (background update). + if ( ! wp_doing_cron() ) { + return $response; + } + + $plugin = isset( $plugin['plugin'] ) ? $plugin['plugin'] : ''; + + // Only run if plugin is active. + if ( ! is_plugin_active( $plugin ) ) { + return $response; + } + + // Time to remove maintenance mode. Bulk edit handles this separately. + if ( ! $this->bulk ) { + $this->maintenance_mode( false ); + } + + return $response; + } + + /** + * Deletes the old plugin during an upgrade. + * + * Hooked to the {@see 'upgrader_clear_destination'} filter by + * Plugin_Upgrader::upgrade() and Plugin_Upgrader::bulk_upgrade(). + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param bool|WP_Error $removed Whether the destination was cleared. + * True on success, WP_Error on failure. + * @param string $local_destination The local package destination. + * @param string $remote_destination The remote package destination. + * @param array $plugin Extra arguments passed to hooked filters. + * @return bool|WP_Error + */ + public function delete_old_plugin( $removed, $local_destination, $remote_destination, $plugin ) { + global $wp_filesystem; + + if ( is_wp_error( $removed ) ) { + return $removed; // Pass errors through. + } + + $plugin = isset( $plugin['plugin'] ) ? $plugin['plugin'] : ''; + if ( empty( $plugin ) ) { + return new WP_Error( 'bad_request', $this->strings['bad_request'] ); + } + + $plugins_dir = $wp_filesystem->wp_plugins_dir(); + $this_plugin_dir = trailingslashit( dirname( $plugins_dir . $plugin ) ); + + if ( ! $wp_filesystem->exists( $this_plugin_dir ) ) { // If it's already vanished. + return $removed; + } + + /* + * If plugin is in its own directory, recursively delete the directory. + * Base check on if plugin includes directory separator AND that it's not the root plugin folder. + */ + if ( strpos( $plugin, '/' ) && $this_plugin_dir !== $plugins_dir ) { + $deleted = $wp_filesystem->delete( $this_plugin_dir, true ); + } else { + $deleted = $wp_filesystem->delete( $plugins_dir . $plugin ); + } + + if ( ! $deleted ) { + return new WP_Error( 'remove_old_failed', $this->strings['remove_old_failed'] ); + } + + return true; + } +} diff --git a/wp-admin/includes/class-theme-installer-skin.php b/wp-admin/includes/class-theme-installer-skin.php new file mode 100644 index 0000000..99fe322 --- /dev/null +++ b/wp-admin/includes/class-theme-installer-skin.php @@ -0,0 +1,384 @@ +<?php +/** + * Upgrader API: Theme_Installer_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Theme Installer Skin for the WordPress Theme Installer. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Theme_Installer_Skin extends WP_Upgrader_Skin { + public $api; + public $type; + public $url; + public $overwrite; + + private $is_downgrading = false; + + /** + * @param array $args + */ + public function __construct( $args = array() ) { + $defaults = array( + 'type' => 'web', + 'url' => '', + 'theme' => '', + 'nonce' => '', + 'title' => '', + 'overwrite' => '', + ); + $args = wp_parse_args( $args, $defaults ); + + $this->type = $args['type']; + $this->url = $args['url']; + $this->api = isset( $args['api'] ) ? $args['api'] : array(); + $this->overwrite = $args['overwrite']; + + parent::__construct( $args ); + } + + /** + * Performs an action before installing a theme. + * + * @since 2.8.0 + */ + public function before() { + if ( ! empty( $this->api ) ) { + $this->upgrader->strings['process_success'] = sprintf( + $this->upgrader->strings['process_success_specific'], + $this->api->name, + $this->api->version + ); + } + } + + /** + * Hides the `process_failed` error when updating a theme by uploading a zip file. + * + * @since 5.5.0 + * + * @param WP_Error $wp_error WP_Error object. + * @return bool True if the error should be hidden, false otherwise. + */ + public function hide_process_failed( $wp_error ) { + if ( + 'upload' === $this->type && + '' === $this->overwrite && + $wp_error->get_error_code() === 'folder_exists' + ) { + return true; + } + + return false; + } + + /** + * Performs an action following a single theme install. + * + * @since 2.8.0 + */ + public function after() { + if ( $this->do_overwrite() ) { + return; + } + + if ( empty( $this->upgrader->result['destination_name'] ) ) { + return; + } + + $theme_info = $this->upgrader->theme_info(); + if ( empty( $theme_info ) ) { + return; + } + + $name = $theme_info->display( 'Name' ); + $stylesheet = $this->upgrader->result['destination_name']; + $template = $theme_info->get_template(); + + $activate_link = add_query_arg( + array( + 'action' => 'activate', + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), + ), + admin_url( 'themes.php' ) + ); + $activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet ); + + $install_actions = array(); + + if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) && ! $theme_info->is_block_theme() ) { + $customize_url = add_query_arg( + array( + 'theme' => urlencode( $stylesheet ), + 'return' => urlencode( admin_url( 'web' === $this->type ? 'theme-install.php' : 'themes.php' ) ), + ), + admin_url( 'customize.php' ) + ); + + $install_actions['preview'] = sprintf( + '<a href="%s" class="hide-if-no-customize load-customize">' . + '<span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + esc_url( $customize_url ), + __( 'Live Preview' ), + /* translators: Hidden accessibility text. %s: Theme name. */ + sprintf( __( 'Live Preview “%s”' ), $name ) + ); + } + + $install_actions['activate'] = sprintf( + '<a href="%s" class="activatelink">' . + '<span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + esc_url( $activate_link ), + __( 'Activate' ), + /* translators: Hidden accessibility text. %s: Theme name. */ + sprintf( _x( 'Activate “%s”', 'theme' ), $name ) + ); + + if ( is_network_admin() && current_user_can( 'manage_network_themes' ) ) { + $install_actions['network_enable'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + esc_url( wp_nonce_url( 'themes.php?action=enable&theme=' . urlencode( $stylesheet ), 'enable-theme_' . $stylesheet ) ), + __( 'Network Enable' ) + ); + } + + if ( 'web' === $this->type ) { + $install_actions['themes_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'theme-install.php' ), + __( 'Go to Theme Installer' ) + ); + } elseif ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) ) { + $install_actions['themes_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'themes.php' ), + __( 'Go to Themes page' ) + ); + } + + if ( ! $this->result || is_wp_error( $this->result ) || is_network_admin() || ! current_user_can( 'switch_themes' ) ) { + unset( $install_actions['activate'], $install_actions['preview'] ); + } elseif ( get_option( 'template' ) === $stylesheet ) { + unset( $install_actions['activate'] ); + } + + /** + * Filters the list of action links available following a single theme installation. + * + * @since 2.8.0 + * + * @param string[] $install_actions Array of theme action links. + * @param object $api Object containing WordPress.org API theme data. + * @param string $stylesheet Theme directory name. + * @param WP_Theme $theme_info Theme object. + */ + $install_actions = apply_filters( 'install_theme_complete_actions', $install_actions, $this->api, $stylesheet, $theme_info ); + if ( ! empty( $install_actions ) ) { + $this->feedback( implode( ' | ', (array) $install_actions ) ); + } + } + + /** + * Checks if the theme can be overwritten and outputs the HTML for overwriting a theme on upload. + * + * @since 5.5.0 + * + * @return bool Whether the theme can be overwritten and HTML was outputted. + */ + private function do_overwrite() { + if ( 'upload' !== $this->type || ! is_wp_error( $this->result ) || 'folder_exists' !== $this->result->get_error_code() ) { + return false; + } + + $folder = $this->result->get_error_data( 'folder_exists' ); + $folder = rtrim( $folder, '/' ); + + $current_theme_data = false; + $all_themes = wp_get_themes( array( 'errors' => null ) ); + + foreach ( $all_themes as $theme ) { + $stylesheet_dir = wp_normalize_path( $theme->get_stylesheet_directory() ); + + if ( rtrim( $stylesheet_dir, '/' ) !== $folder ) { + continue; + } + + $current_theme_data = $theme; + } + + $new_theme_data = $this->upgrader->new_theme_data; + + if ( ! $current_theme_data || ! $new_theme_data ) { + return false; + } + + echo '<h2 class="update-from-upload-heading">' . esc_html__( 'This theme is already installed.' ) . '</h2>'; + + // Check errors for active theme. + if ( is_wp_error( $current_theme_data->errors() ) ) { + $this->feedback( 'current_theme_has_errors', $current_theme_data->errors()->get_error_message() ); + } + + $this->is_downgrading = version_compare( $current_theme_data['Version'], $new_theme_data['Version'], '>' ); + + $is_invalid_parent = false; + if ( ! empty( $new_theme_data['Template'] ) ) { + $is_invalid_parent = ! in_array( $new_theme_data['Template'], array_keys( $all_themes ), true ); + } + + $rows = array( + 'Name' => __( 'Theme name' ), + 'Version' => __( 'Version' ), + 'Author' => __( 'Author' ), + 'RequiresWP' => __( 'Required WordPress version' ), + 'RequiresPHP' => __( 'Required PHP version' ), + 'Template' => __( 'Parent theme' ), + ); + + $table = '<table class="update-from-upload-comparison"><tbody>'; + $table .= '<tr><th></th><th>' . esc_html_x( 'Active', 'theme' ) . '</th><th>' . esc_html_x( 'Uploaded', 'theme' ) . '</th></tr>'; + + $is_same_theme = true; // Let's consider only these rows. + + foreach ( $rows as $field => $label ) { + $old_value = $current_theme_data->display( $field, false ); + $old_value = $old_value ? (string) $old_value : '-'; + + $new_value = ! empty( $new_theme_data[ $field ] ) ? (string) $new_theme_data[ $field ] : '-'; + + if ( $old_value === $new_value && '-' === $new_value && 'Template' === $field ) { + continue; + } + + $is_same_theme = $is_same_theme && ( $old_value === $new_value ); + + $diff_field = ( 'Version' !== $field && $new_value !== $old_value ); + $diff_version = ( 'Version' === $field && $this->is_downgrading ); + $invalid_parent = false; + + if ( 'Template' === $field && $is_invalid_parent ) { + $invalid_parent = true; + $new_value .= ' ' . __( '(not found)' ); + } + + $table .= '<tr><td class="name-label">' . $label . '</td><td>' . wp_strip_all_tags( $old_value ) . '</td>'; + $table .= ( $diff_field || $diff_version || $invalid_parent ) ? '<td class="warning">' : '<td>'; + $table .= wp_strip_all_tags( $new_value ) . '</td></tr>'; + } + + $table .= '</tbody></table>'; + + /** + * Filters the compare table output for overwriting a theme package on upload. + * + * @since 5.5.0 + * + * @param string $table The output table with Name, Version, Author, RequiresWP, and RequiresPHP info. + * @param WP_Theme $current_theme_data Active theme data. + * @param array $new_theme_data Array with uploaded theme data. + */ + echo apply_filters( 'install_theme_overwrite_comparison', $table, $current_theme_data, $new_theme_data ); + + $install_actions = array(); + $can_update = true; + + $blocked_message = '<p>' . esc_html__( 'The theme cannot be updated due to the following:' ) . '</p>'; + $blocked_message .= '<ul class="ul-disc">'; + + $requires_php = isset( $new_theme_data['RequiresPHP'] ) ? $new_theme_data['RequiresPHP'] : null; + $requires_wp = isset( $new_theme_data['RequiresWP'] ) ? $new_theme_data['RequiresWP'] : null; + + if ( ! is_php_version_compatible( $requires_php ) ) { + $error = sprintf( + /* translators: 1: Current PHP version, 2: Version required by the uploaded theme. */ + __( 'The PHP version on your server is %1$s, however the uploaded theme requires %2$s.' ), + PHP_VERSION, + $requires_php + ); + + $blocked_message .= '<li>' . esc_html( $error ) . '</li>'; + $can_update = false; + } + + if ( ! is_wp_version_compatible( $requires_wp ) ) { + $error = sprintf( + /* translators: 1: Current WordPress version, 2: Version required by the uploaded theme. */ + __( 'Your WordPress version is %1$s, however the uploaded theme requires %2$s.' ), + get_bloginfo( 'version' ), + $requires_wp + ); + + $blocked_message .= '<li>' . esc_html( $error ) . '</li>'; + $can_update = false; + } + + $blocked_message .= '</ul>'; + + if ( $can_update ) { + if ( $this->is_downgrading ) { + $warning = sprintf( + /* translators: %s: Documentation URL. */ + __( 'You are uploading an older version of the active theme. You can continue to install the older version, but be sure to <a href="%s">back up your database and files</a> first.' ), + __( 'https://wordpress.org/documentation/article/wordpress-backups/' ) + ); + } else { + $warning = sprintf( + /* translators: %s: Documentation URL. */ + __( 'You are updating a theme. Be sure to <a href="%s">back up your database and files</a> first.' ), + __( 'https://wordpress.org/documentation/article/wordpress-backups/' ) + ); + } + + echo '<p class="update-from-upload-notice">' . $warning . '</p>'; + + $overwrite = $this->is_downgrading ? 'downgrade-theme' : 'update-theme'; + + $install_actions['overwrite_theme'] = sprintf( + '<a class="button button-primary update-from-upload-overwrite" href="%s" target="_parent">%s</a>', + wp_nonce_url( add_query_arg( 'overwrite', $overwrite, $this->url ), 'theme-upload' ), + _x( 'Replace active with uploaded', 'theme' ) + ); + } else { + echo $blocked_message; + } + + $cancel_url = add_query_arg( 'action', 'upload-theme-cancel-overwrite', $this->url ); + + $install_actions['themes_page'] = sprintf( + '<a class="button" href="%s" target="_parent">%s</a>', + wp_nonce_url( $cancel_url, 'theme-upload-cancel-overwrite' ), + __( 'Cancel and go back' ) + ); + + /** + * Filters the list of action links available following a single theme installation failure + * when overwriting is allowed. + * + * @since 5.5.0 + * + * @param string[] $install_actions Array of theme action links. + * @param object $api Object containing WordPress.org API theme data. + * @param array $new_theme_data Array with uploaded theme data. + */ + $install_actions = apply_filters( 'install_theme_overwrite_actions', $install_actions, $this->api, $new_theme_data ); + + if ( ! empty( $install_actions ) ) { + printf( + '<p class="update-from-upload-expired hidden">%s</p>', + __( 'The uploaded file has expired. Please go back and upload it again.' ) + ); + echo '<p class="update-from-upload-actions">' . implode( ' ', (array) $install_actions ) . '</p>'; + } + + return true; + } +} diff --git a/wp-admin/includes/class-theme-upgrader-skin.php b/wp-admin/includes/class-theme-upgrader-skin.php new file mode 100644 index 0000000..97d76a8 --- /dev/null +++ b/wp-admin/includes/class-theme-upgrader-skin.php @@ -0,0 +1,144 @@ +<?php +/** + * Upgrader API: Theme_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Theme Upgrader Skin for WordPress Theme Upgrades. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + * + * @see WP_Upgrader_Skin + */ +class Theme_Upgrader_Skin extends WP_Upgrader_Skin { + + /** + * Holds the theme slug in the Theme Directory. + * + * @since 2.8.0 + * + * @var string + */ + public $theme = ''; + + /** + * Constructor. + * + * Sets up the theme upgrader skin. + * + * @since 2.8.0 + * + * @param array $args Optional. The theme upgrader skin arguments to + * override default options. Default empty array. + */ + public function __construct( $args = array() ) { + $defaults = array( + 'url' => '', + 'theme' => '', + 'nonce' => '', + 'title' => __( 'Update Theme' ), + ); + $args = wp_parse_args( $args, $defaults ); + + $this->theme = $args['theme']; + + parent::__construct( $args ); + } + + /** + * Performs an action following a single theme update. + * + * @since 2.8.0 + */ + public function after() { + $this->decrement_update_count( 'theme' ); + + $update_actions = array(); + $theme_info = $this->upgrader->theme_info(); + if ( $theme_info ) { + $name = $theme_info->display( 'Name' ); + $stylesheet = $this->upgrader->result['destination_name']; + $template = $theme_info->get_template(); + + $activate_link = add_query_arg( + array( + 'action' => 'activate', + 'template' => urlencode( $template ), + 'stylesheet' => urlencode( $stylesheet ), + ), + admin_url( 'themes.php' ) + ); + $activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet ); + + $customize_url = add_query_arg( + array( + 'theme' => urlencode( $stylesheet ), + 'return' => urlencode( admin_url( 'themes.php' ) ), + ), + admin_url( 'customize.php' ) + ); + + if ( get_stylesheet() === $stylesheet ) { + if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { + $update_actions['preview'] = sprintf( + '<a href="%s" class="hide-if-no-customize load-customize">' . + '<span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + esc_url( $customize_url ), + __( 'Customize' ), + /* translators: Hidden accessibility text. %s: Theme name. */ + sprintf( __( 'Customize “%s”' ), $name ) + ); + } + } elseif ( current_user_can( 'switch_themes' ) ) { + if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { + $update_actions['preview'] = sprintf( + '<a href="%s" class="hide-if-no-customize load-customize">' . + '<span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + esc_url( $customize_url ), + __( 'Live Preview' ), + /* translators: Hidden accessibility text. %s: Theme name. */ + sprintf( __( 'Live Preview “%s”' ), $name ) + ); + } + + $update_actions['activate'] = sprintf( + '<a href="%s" class="activatelink">' . + '<span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + esc_url( $activate_link ), + __( 'Activate' ), + /* translators: Hidden accessibility text. %s: Theme name. */ + sprintf( _x( 'Activate “%s”', 'theme' ), $name ) + ); + } + + if ( ! $this->result || is_wp_error( $this->result ) || is_network_admin() ) { + unset( $update_actions['preview'], $update_actions['activate'] ); + } + } + + $update_actions['themes_page'] = sprintf( + '<a href="%s" target="_parent">%s</a>', + self_admin_url( 'themes.php' ), + __( 'Go to Themes page' ) + ); + + /** + * Filters the list of action links available following a single theme update. + * + * @since 2.8.0 + * + * @param string[] $update_actions Array of theme action links. + * @param string $theme Theme directory name. + */ + $update_actions = apply_filters( 'update_theme_complete_actions', $update_actions, $this->theme ); + + if ( ! empty( $update_actions ) ) { + $this->feedback( implode( ' | ', (array) $update_actions ) ); + } + } +} diff --git a/wp-admin/includes/class-theme-upgrader.php b/wp-admin/includes/class-theme-upgrader.php new file mode 100644 index 0000000..12bd477 --- /dev/null +++ b/wp-admin/includes/class-theme-upgrader.php @@ -0,0 +1,771 @@ +<?php +/** + * Upgrade API: Theme_Upgrader class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for upgrading/installing themes. + * + * It is designed to upgrade/install themes from a local zip, remote zip URL, + * or uploaded zip file. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + * + * @see WP_Upgrader + */ +class Theme_Upgrader extends WP_Upgrader { + + /** + * Result of the theme upgrade offer. + * + * @since 2.8.0 + * @var array|WP_Error $result + * @see WP_Upgrader::$result + */ + public $result; + + /** + * Whether multiple themes are being upgraded/installed in bulk. + * + * @since 2.9.0 + * @var bool $bulk + */ + public $bulk = false; + + /** + * New theme info. + * + * @since 5.5.0 + * @var array $new_theme_data + * + * @see check_package() + */ + public $new_theme_data = array(); + + /** + * Initializes the upgrade strings. + * + * @since 2.8.0 + */ + public function upgrade_strings() { + $this->strings['up_to_date'] = __( 'The theme is at the latest version.' ); + $this->strings['no_package'] = __( 'Update package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading update from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the update…' ); + $this->strings['remove_old'] = __( 'Removing the old version of the theme…' ); + $this->strings['remove_old_failed'] = __( 'Could not remove the old theme.' ); + $this->strings['process_failed'] = __( 'Theme update failed.' ); + $this->strings['process_success'] = __( 'Theme updated successfully.' ); + } + + /** + * Initializes the installation strings. + * + * @since 2.8.0 + */ + public function install_strings() { + $this->strings['no_package'] = __( 'Installation package not available.' ); + /* translators: %s: Package URL. */ + $this->strings['downloading_package'] = sprintf( __( 'Downloading installation package from %s…' ), '<span class="code pre">%s</span>' ); + $this->strings['unpack_package'] = __( 'Unpacking the package…' ); + $this->strings['installing_package'] = __( 'Installing the theme…' ); + $this->strings['remove_old'] = __( 'Removing the old version of the theme…' ); + $this->strings['remove_old_failed'] = __( 'Could not remove the old theme.' ); + $this->strings['no_files'] = __( 'The theme contains no files.' ); + $this->strings['process_failed'] = __( 'Theme installation failed.' ); + $this->strings['process_success'] = __( 'Theme installed successfully.' ); + /* translators: 1: Theme name, 2: Theme version. */ + $this->strings['process_success_specific'] = __( 'Successfully installed the theme <strong>%1$s %2$s</strong>.' ); + $this->strings['parent_theme_search'] = __( 'This theme requires a parent theme. Checking if it is installed…' ); + /* translators: 1: Theme name, 2: Theme version. */ + $this->strings['parent_theme_prepare_install'] = __( 'Preparing to install <strong>%1$s %2$s</strong>…' ); + /* translators: 1: Theme name, 2: Theme version. */ + $this->strings['parent_theme_currently_installed'] = __( 'The parent theme, <strong>%1$s %2$s</strong>, is currently installed.' ); + /* translators: 1: Theme name, 2: Theme version. */ + $this->strings['parent_theme_install_success'] = __( 'Successfully installed the parent theme, <strong>%1$s %2$s</strong>.' ); + /* translators: %s: Theme name. */ + $this->strings['parent_theme_not_found'] = sprintf( __( '<strong>The parent theme could not be found.</strong> You will need to install the parent theme, %s, before you can use this child theme.' ), '<strong>%s</strong>' ); + /* translators: %s: Theme error. */ + $this->strings['current_theme_has_errors'] = __( 'The active theme has the following error: "%s".' ); + + if ( ! empty( $this->skin->overwrite ) ) { + if ( 'update-theme' === $this->skin->overwrite ) { + $this->strings['installing_package'] = __( 'Updating the theme…' ); + $this->strings['process_failed'] = __( 'Theme update failed.' ); + $this->strings['process_success'] = __( 'Theme updated successfully.' ); + } + + if ( 'downgrade-theme' === $this->skin->overwrite ) { + $this->strings['installing_package'] = __( 'Downgrading the theme…' ); + $this->strings['process_failed'] = __( 'Theme downgrade failed.' ); + $this->strings['process_success'] = __( 'Theme downgraded successfully.' ); + } + } + } + + /** + * Checks if a child theme is being installed and its parent also needs to be installed. + * + * Hooked to the {@see 'upgrader_post_install'} filter by Theme_Upgrader::install(). + * + * @since 3.4.0 + * + * @param bool $install_result + * @param array $hook_extra + * @param array $child_result + * @return bool + */ + public function check_parent_theme_filter( $install_result, $hook_extra, $child_result ) { + // Check to see if we need to install a parent theme. + $theme_info = $this->theme_info(); + + if ( ! $theme_info->parent() ) { + return $install_result; + } + + $this->skin->feedback( 'parent_theme_search' ); + + if ( ! $theme_info->parent()->errors() ) { + $this->skin->feedback( 'parent_theme_currently_installed', $theme_info->parent()->display( 'Name' ), $theme_info->parent()->display( 'Version' ) ); + // We already have the theme, fall through. + return $install_result; + } + + // We don't have the parent theme, let's install it. + $api = themes_api( + 'theme_information', + array( + 'slug' => $theme_info->get( 'Template' ), + 'fields' => array( + 'sections' => false, + 'tags' => false, + ), + ) + ); // Save on a bit of bandwidth. + + if ( ! $api || is_wp_error( $api ) ) { + $this->skin->feedback( 'parent_theme_not_found', $theme_info->get( 'Template' ) ); + // Don't show activate or preview actions after installation. + add_filter( 'install_theme_complete_actions', array( $this, 'hide_activate_preview_actions' ) ); + return $install_result; + } + + // Backup required data we're going to override: + $child_api = $this->skin->api; + $child_success_message = $this->strings['process_success']; + + // Override them. + $this->skin->api = $api; + + $this->strings['process_success_specific'] = $this->strings['parent_theme_install_success']; + + $this->skin->feedback( 'parent_theme_prepare_install', $api->name, $api->version ); + + add_filter( 'install_theme_complete_actions', '__return_false', 999 ); // Don't show any actions after installing the theme. + + // Install the parent theme. + $parent_result = $this->run( + array( + 'package' => $api->download_link, + 'destination' => get_theme_root(), + 'clear_destination' => false, // Do not overwrite files. + 'clear_working' => true, + ) + ); + + if ( is_wp_error( $parent_result ) ) { + add_filter( 'install_theme_complete_actions', array( $this, 'hide_activate_preview_actions' ) ); + } + + // Start cleaning up after the parent's installation. + remove_filter( 'install_theme_complete_actions', '__return_false', 999 ); + + // Reset child's result and data. + $this->result = $child_result; + $this->skin->api = $child_api; + $this->strings['process_success'] = $child_success_message; + + return $install_result; + } + + /** + * Don't display the activate and preview actions to the user. + * + * Hooked to the {@see 'install_theme_complete_actions'} filter by + * Theme_Upgrader::check_parent_theme_filter() when installing + * a child theme and installing the parent theme fails. + * + * @since 3.4.0 + * + * @param array $actions Preview actions. + * @return array + */ + public function hide_activate_preview_actions( $actions ) { + unset( $actions['activate'], $actions['preview'] ); + return $actions; + } + + /** + * Install a theme package. + * + * @since 2.8.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the update cache optional. + * + * @param string $package The full local path or URI of the package. + * @param array $args { + * Optional. Other arguments for installing a theme package. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the updates cache if successful. + * Default true. + * } + * + * @return bool|WP_Error True if the installation was successful, false or a WP_Error object otherwise. + */ + public function install( $package, $args = array() ) { + $defaults = array( + 'clear_update_cache' => true, + 'overwrite_package' => false, // Do not overwrite files. + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->install_strings(); + + add_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + add_filter( 'upgrader_post_install', array( $this, 'check_parent_theme_filter' ), 10, 3 ); + + if ( $parsed_args['clear_update_cache'] ) { + // Clear cache so wp_update_themes() knows about the new theme. + add_action( 'upgrader_process_complete', 'wp_clean_themes_cache', 9, 0 ); + } + + $this->run( + array( + 'package' => $package, + 'destination' => get_theme_root(), + 'clear_destination' => $parsed_args['overwrite_package'], + 'clear_working' => true, + 'hook_extra' => array( + 'type' => 'theme', + 'action' => 'install', + ), + ) + ); + + remove_action( 'upgrader_process_complete', 'wp_clean_themes_cache', 9 ); + remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); + remove_filter( 'upgrader_post_install', array( $this, 'check_parent_theme_filter' ) ); + + if ( ! $this->result || is_wp_error( $this->result ) ) { + return $this->result; + } + + // Refresh the Theme Update information. + wp_clean_themes_cache( $parsed_args['clear_update_cache'] ); + + if ( $parsed_args['overwrite_package'] ) { + /** This action is documented in wp-admin/includes/class-plugin-upgrader.php */ + do_action( 'upgrader_overwrote_package', $package, $this->new_theme_data, 'theme' ); + } + + return true; + } + + /** + * Upgrades a theme. + * + * @since 2.8.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the update cache optional. + * + * @param string $theme The theme slug. + * @param array $args { + * Optional. Other arguments for upgrading a theme. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the update cache if successful. + * Default true. + * } + * @return bool|WP_Error True if the upgrade was successful, false or a WP_Error object otherwise. + */ + public function upgrade( $theme, $args = array() ) { + $defaults = array( + 'clear_update_cache' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->upgrade_strings(); + + // Is an update available? + $current = get_site_transient( 'update_themes' ); + if ( ! isset( $current->response[ $theme ] ) ) { + $this->skin->before(); + $this->skin->set_result( false ); + $this->skin->error( 'up_to_date' ); + $this->skin->after(); + return false; + } + + $r = $current->response[ $theme ]; + + add_filter( 'upgrader_pre_install', array( $this, 'current_before' ), 10, 2 ); + add_filter( 'upgrader_post_install', array( $this, 'current_after' ), 10, 2 ); + add_filter( 'upgrader_clear_destination', array( $this, 'delete_old_theme' ), 10, 4 ); + if ( $parsed_args['clear_update_cache'] ) { + // Clear cache so wp_update_themes() knows about the new theme. + add_action( 'upgrader_process_complete', 'wp_clean_themes_cache', 9, 0 ); + } + + $this->run( + array( + 'package' => $r['package'], + 'destination' => get_theme_root( $theme ), + 'clear_destination' => true, + 'clear_working' => true, + 'hook_extra' => array( + 'theme' => $theme, + 'type' => 'theme', + 'action' => 'update', + 'temp_backup' => array( + 'slug' => $theme, + 'src' => get_theme_root( $theme ), + 'dir' => 'themes', + ), + ), + ) + ); + + remove_action( 'upgrader_process_complete', 'wp_clean_themes_cache', 9 ); + remove_filter( 'upgrader_pre_install', array( $this, 'current_before' ) ); + remove_filter( 'upgrader_post_install', array( $this, 'current_after' ) ); + remove_filter( 'upgrader_clear_destination', array( $this, 'delete_old_theme' ) ); + + if ( ! $this->result || is_wp_error( $this->result ) ) { + return $this->result; + } + + wp_clean_themes_cache( $parsed_args['clear_update_cache'] ); + + /* + * Ensure any future auto-update failures trigger a failure email by removing + * the last failure notification from the list when themes update successfully. + */ + $past_failure_emails = get_option( 'auto_plugin_theme_update_emails', array() ); + + if ( isset( $past_failure_emails[ $theme ] ) ) { + unset( $past_failure_emails[ $theme ] ); + update_option( 'auto_plugin_theme_update_emails', $past_failure_emails ); + } + + return true; + } + + /** + * Upgrades several themes at once. + * + * @since 3.0.0 + * @since 3.7.0 The `$args` parameter was added, making clearing the update cache optional. + * + * @param string[] $themes Array of the theme slugs. + * @param array $args { + * Optional. Other arguments for upgrading several themes at once. Default empty array. + * + * @type bool $clear_update_cache Whether to clear the update cache if successful. + * Default true. + * } + * @return array[]|false An array of results, or false if unable to connect to the filesystem. + */ + public function bulk_upgrade( $themes, $args = array() ) { + $defaults = array( + 'clear_update_cache' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + $this->init(); + $this->bulk = true; + $this->upgrade_strings(); + + $current = get_site_transient( 'update_themes' ); + + add_filter( 'upgrader_pre_install', array( $this, 'current_before' ), 10, 2 ); + add_filter( 'upgrader_post_install', array( $this, 'current_after' ), 10, 2 ); + add_filter( 'upgrader_clear_destination', array( $this, 'delete_old_theme' ), 10, 4 ); + + $this->skin->header(); + + // Connect to the filesystem first. + $res = $this->fs_connect( array( WP_CONTENT_DIR ) ); + if ( ! $res ) { + $this->skin->footer(); + return false; + } + + $this->skin->bulk_header(); + + /* + * Only start maintenance mode if: + * - running Multisite and there are one or more themes specified, OR + * - a theme with an update available is currently in use. + * @todo For multisite, maintenance mode should only kick in for individual sites if at all possible. + */ + $maintenance = ( is_multisite() && ! empty( $themes ) ); + foreach ( $themes as $theme ) { + $maintenance = $maintenance || get_stylesheet() === $theme || get_template() === $theme; + } + if ( $maintenance ) { + $this->maintenance_mode( true ); + } + + $results = array(); + + $this->update_count = count( $themes ); + $this->update_current = 0; + foreach ( $themes as $theme ) { + ++$this->update_current; + + $this->skin->theme_info = $this->theme_info( $theme ); + + if ( ! isset( $current->response[ $theme ] ) ) { + $this->skin->set_result( true ); + $this->skin->before(); + $this->skin->feedback( 'up_to_date' ); + $this->skin->after(); + $results[ $theme ] = true; + continue; + } + + // Get the URL to the zip file. + $r = $current->response[ $theme ]; + + $result = $this->run( + array( + 'package' => $r['package'], + 'destination' => get_theme_root( $theme ), + 'clear_destination' => true, + 'clear_working' => true, + 'is_multi' => true, + 'hook_extra' => array( + 'theme' => $theme, + 'temp_backup' => array( + 'slug' => $theme, + 'src' => get_theme_root( $theme ), + 'dir' => 'themes', + ), + ), + ) + ); + + $results[ $theme ] = $result; + + // Prevent credentials auth screen from displaying multiple times. + if ( false === $result ) { + break; + } + } // End foreach $themes. + + $this->maintenance_mode( false ); + + // Refresh the Theme Update information. + wp_clean_themes_cache( $parsed_args['clear_update_cache'] ); + + /** This action is documented in wp-admin/includes/class-wp-upgrader.php */ + do_action( + 'upgrader_process_complete', + $this, + array( + 'action' => 'update', + 'type' => 'theme', + 'bulk' => true, + 'themes' => $themes, + ) + ); + + $this->skin->bulk_footer(); + + $this->skin->footer(); + + // Cleanup our hooks, in case something else does an upgrade on this connection. + remove_filter( 'upgrader_pre_install', array( $this, 'current_before' ) ); + remove_filter( 'upgrader_post_install', array( $this, 'current_after' ) ); + remove_filter( 'upgrader_clear_destination', array( $this, 'delete_old_theme' ) ); + + /* + * Ensure any future auto-update failures trigger a failure email by removing + * the last failure notification from the list when themes update successfully. + */ + $past_failure_emails = get_option( 'auto_plugin_theme_update_emails', array() ); + + foreach ( $results as $theme => $result ) { + // Maintain last failure notification when themes failed to update manually. + if ( ! $result || is_wp_error( $result ) || ! isset( $past_failure_emails[ $theme ] ) ) { + continue; + } + + unset( $past_failure_emails[ $theme ] ); + } + + update_option( 'auto_plugin_theme_update_emails', $past_failure_emails ); + + return $results; + } + + /** + * Checks that the package source contains a valid theme. + * + * Hooked to the {@see 'upgrader_source_selection'} filter by Theme_Upgrader::install(). + * + * @since 3.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global string $wp_version The WordPress version string. + * + * @param string $source The path to the downloaded package source. + * @return string|WP_Error The source as passed, or a WP_Error object on failure. + */ + public function check_package( $source ) { + global $wp_filesystem, $wp_version; + + $this->new_theme_data = array(); + + if ( is_wp_error( $source ) ) { + return $source; + } + + // Check that the folder contains a valid theme. + $working_directory = str_replace( $wp_filesystem->wp_content_dir(), trailingslashit( WP_CONTENT_DIR ), $source ); + if ( ! is_dir( $working_directory ) ) { // Sanity check, if the above fails, let's not prevent installation. + return $source; + } + + // A proper archive should have a style.css file in the single subdirectory. + if ( ! file_exists( $working_directory . 'style.css' ) ) { + return new WP_Error( + 'incompatible_archive_theme_no_style', + $this->strings['incompatible_archive'], + sprintf( + /* translators: %s: style.css */ + __( 'The theme is missing the %s stylesheet.' ), + '<code>style.css</code>' + ) + ); + } + + // All these headers are needed on Theme_Installer_Skin::do_overwrite(). + $info = get_file_data( + $working_directory . 'style.css', + array( + 'Name' => 'Theme Name', + 'Version' => 'Version', + 'Author' => 'Author', + 'Template' => 'Template', + 'RequiresWP' => 'Requires at least', + 'RequiresPHP' => 'Requires PHP', + ) + ); + + if ( empty( $info['Name'] ) ) { + return new WP_Error( + 'incompatible_archive_theme_no_name', + $this->strings['incompatible_archive'], + sprintf( + /* translators: %s: style.css */ + __( 'The %s stylesheet does not contain a valid theme header.' ), + '<code>style.css</code>' + ) + ); + } + + /* + * Parent themes must contain an index file: + * - classic themes require /index.php + * - block themes require /templates/index.html or block-templates/index.html (deprecated 5.9.0). + */ + if ( + empty( $info['Template'] ) && + ! file_exists( $working_directory . 'index.php' ) && + ! file_exists( $working_directory . 'templates/index.html' ) && + ! file_exists( $working_directory . 'block-templates/index.html' ) + ) { + return new WP_Error( + 'incompatible_archive_theme_no_index', + $this->strings['incompatible_archive'], + sprintf( + /* translators: 1: templates/index.html, 2: index.php, 3: Documentation URL, 4: Template, 5: style.css */ + __( 'Template is missing. Standalone themes need to have a %1$s or %2$s template file. <a href="%3$s">Child themes</a> need to have a %4$s header in the %5$s stylesheet.' ), + '<code>templates/index.html</code>', + '<code>index.php</code>', + __( 'https://developer.wordpress.org/themes/advanced-topics/child-themes/' ), + '<code>Template</code>', + '<code>style.css</code>' + ) + ); + } + + $requires_php = isset( $info['RequiresPHP'] ) ? $info['RequiresPHP'] : null; + $requires_wp = isset( $info['RequiresWP'] ) ? $info['RequiresWP'] : null; + + if ( ! is_php_version_compatible( $requires_php ) ) { + $error = sprintf( + /* translators: 1: Current PHP version, 2: Version required by the uploaded theme. */ + __( 'The PHP version on your server is %1$s, however the uploaded theme requires %2$s.' ), + PHP_VERSION, + $requires_php + ); + + return new WP_Error( 'incompatible_php_required_version', $this->strings['incompatible_archive'], $error ); + } + if ( ! is_wp_version_compatible( $requires_wp ) ) { + $error = sprintf( + /* translators: 1: Current WordPress version, 2: Version required by the uploaded theme. */ + __( 'Your WordPress version is %1$s, however the uploaded theme requires %2$s.' ), + $wp_version, + $requires_wp + ); + + return new WP_Error( 'incompatible_wp_required_version', $this->strings['incompatible_archive'], $error ); + } + + $this->new_theme_data = $info; + + return $source; + } + + /** + * Turns on maintenance mode before attempting to upgrade the active theme. + * + * Hooked to the {@see 'upgrader_pre_install'} filter by Theme_Upgrader::upgrade() and + * Theme_Upgrader::bulk_upgrade(). + * + * @since 2.8.0 + * + * @param bool|WP_Error $response The installation response before the installation has started. + * @param array $theme Theme arguments. + * @return bool|WP_Error The original `$response` parameter or WP_Error. + */ + public function current_before( $response, $theme ) { + if ( is_wp_error( $response ) ) { + return $response; + } + + $theme = isset( $theme['theme'] ) ? $theme['theme'] : ''; + + // Only run if active theme. + if ( get_stylesheet() !== $theme ) { + return $response; + } + + // Change to maintenance mode. Bulk edit handles this separately. + if ( ! $this->bulk ) { + $this->maintenance_mode( true ); + } + + return $response; + } + + /** + * Turns off maintenance mode after upgrading the active theme. + * + * Hooked to the {@see 'upgrader_post_install'} filter by Theme_Upgrader::upgrade() + * and Theme_Upgrader::bulk_upgrade(). + * + * @since 2.8.0 + * + * @param bool|WP_Error $response The installation response after the installation has finished. + * @param array $theme Theme arguments. + * @return bool|WP_Error The original `$response` parameter or WP_Error. + */ + public function current_after( $response, $theme ) { + if ( is_wp_error( $response ) ) { + return $response; + } + + $theme = isset( $theme['theme'] ) ? $theme['theme'] : ''; + + // Only run if active theme. + if ( get_stylesheet() !== $theme ) { + return $response; + } + + // Ensure stylesheet name hasn't changed after the upgrade: + if ( get_stylesheet() === $theme && $theme !== $this->result['destination_name'] ) { + wp_clean_themes_cache(); + $stylesheet = $this->result['destination_name']; + switch_theme( $stylesheet ); + } + + // Time to remove maintenance mode. Bulk edit handles this separately. + if ( ! $this->bulk ) { + $this->maintenance_mode( false ); + } + return $response; + } + + /** + * Deletes the old theme during an upgrade. + * + * Hooked to the {@see 'upgrader_clear_destination'} filter by Theme_Upgrader::upgrade() + * and Theme_Upgrader::bulk_upgrade(). + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem Subclass + * + * @param bool $removed + * @param string $local_destination + * @param string $remote_destination + * @param array $theme + * @return bool + */ + public function delete_old_theme( $removed, $local_destination, $remote_destination, $theme ) { + global $wp_filesystem; + + if ( is_wp_error( $removed ) ) { + return $removed; // Pass errors through. + } + + if ( ! isset( $theme['theme'] ) ) { + return $removed; + } + + $theme = $theme['theme']; + $themes_dir = trailingslashit( $wp_filesystem->wp_themes_dir( $theme ) ); + if ( $wp_filesystem->exists( $themes_dir . $theme ) ) { + if ( ! $wp_filesystem->delete( $themes_dir . $theme, true ) ) { + return false; + } + } + + return true; + } + + /** + * Gets the WP_Theme object for a theme. + * + * @since 2.8.0 + * @since 3.0.0 The `$theme` argument was added. + * + * @param string $theme The directory name of the theme. This is optional, and if not supplied, + * the directory name from the last result will be used. + * @return WP_Theme|false The theme's info object, or false `$theme` is not supplied + * and the last result isn't set. + */ + public function theme_info( $theme = null ) { + if ( empty( $theme ) ) { + if ( ! empty( $this->result['destination_name'] ) ) { + $theme = $this->result['destination_name']; + } else { + return false; + } + } + + $theme = wp_get_theme( $theme ); + $theme->cache_delete(); + + return $theme; + } +} diff --git a/wp-admin/includes/class-walker-category-checklist.php b/wp-admin/includes/class-walker-category-checklist.php new file mode 100644 index 0000000..1deb3f9 --- /dev/null +++ b/wp-admin/includes/class-walker-category-checklist.php @@ -0,0 +1,138 @@ +<?php +/** + * Taxonomy API: Walker_Category_Checklist class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Core walker class to output an unordered list of category checkbox input elements. + * + * @since 2.5.1 + * + * @see Walker + * @see wp_category_checklist() + * @see wp_terms_checklist() + */ +class Walker_Category_Checklist extends Walker { + public $tree_type = 'category'; + public $db_fields = array( + 'parent' => 'parent', + 'id' => 'term_id', + ); // TODO: Decouple this. + + /** + * Starts the list before the elements are added. + * + * @see Walker:start_lvl() + * + * @since 2.5.1 + * + * @param string $output Used to append additional content (passed by reference). + * @param int $depth Depth of category. Used for tab indentation. + * @param array $args An array of arguments. See {@see wp_terms_checklist()}. + */ + public function start_lvl( &$output, $depth = 0, $args = array() ) { + $indent = str_repeat( "\t", $depth ); + $output .= "$indent<ul class='children'>\n"; + } + + /** + * Ends the list of after the elements are added. + * + * @see Walker::end_lvl() + * + * @since 2.5.1 + * + * @param string $output Used to append additional content (passed by reference). + * @param int $depth Depth of category. Used for tab indentation. + * @param array $args An array of arguments. See {@see wp_terms_checklist()}. + */ + public function end_lvl( &$output, $depth = 0, $args = array() ) { + $indent = str_repeat( "\t", $depth ); + $output .= "$indent</ul>\n"; + } + + /** + * Start the element output. + * + * @see Walker::start_el() + * + * @since 2.5.1 + * @since 5.9.0 Renamed `$category` to `$data_object` and `$id` to `$current_object_id` + * to match parent class for PHP 8 named parameter support. + * + * @param string $output Used to append additional content (passed by reference). + * @param WP_Term $data_object The current term object. + * @param int $depth Depth of the term in reference to parents. Default 0. + * @param array $args An array of arguments. See {@see wp_terms_checklist()}. + * @param int $current_object_id Optional. ID of the current term. Default 0. + */ + public function start_el( &$output, $data_object, $depth = 0, $args = array(), $current_object_id = 0 ) { + // Restores the more descriptive, specific name for use within this method. + $category = $data_object; + + if ( empty( $args['taxonomy'] ) ) { + $taxonomy = 'category'; + } else { + $taxonomy = $args['taxonomy']; + } + + if ( 'category' === $taxonomy ) { + $name = 'post_category'; + } else { + $name = 'tax_input[' . $taxonomy . ']'; + } + + $args['popular_cats'] = ! empty( $args['popular_cats'] ) ? array_map( 'intval', $args['popular_cats'] ) : array(); + + $class = in_array( $category->term_id, $args['popular_cats'], true ) ? ' class="popular-category"' : ''; + + $args['selected_cats'] = ! empty( $args['selected_cats'] ) ? array_map( 'intval', $args['selected_cats'] ) : array(); + + if ( ! empty( $args['list_only'] ) ) { + $aria_checked = 'false'; + $inner_class = 'category'; + + if ( in_array( $category->term_id, $args['selected_cats'], true ) ) { + $inner_class .= ' selected'; + $aria_checked = 'true'; + } + + $output .= "\n" . '<li' . $class . '>' . + '<div class="' . $inner_class . '" data-term-id=' . $category->term_id . + ' tabindex="0" role="checkbox" aria-checked="' . $aria_checked . '">' . + /** This filter is documented in wp-includes/category-template.php */ + esc_html( apply_filters( 'the_category', $category->name, '', '' ) ) . '</div>'; + } else { + $is_selected = in_array( $category->term_id, $args['selected_cats'], true ); + $is_disabled = ! empty( $args['disabled'] ); + + $output .= "\n<li id='{$taxonomy}-{$category->term_id}'$class>" . + '<label class="selectit"><input value="' . $category->term_id . '" type="checkbox" name="' . $name . '[]" id="in-' . $taxonomy . '-' . $category->term_id . '"' . + checked( $is_selected, true, false ) . + disabled( $is_disabled, true, false ) . ' /> ' . + /** This filter is documented in wp-includes/category-template.php */ + esc_html( apply_filters( 'the_category', $category->name, '', '' ) ) . '</label>'; + } + } + + /** + * Ends the element output, if needed. + * + * @see Walker::end_el() + * + * @since 2.5.1 + * @since 5.9.0 Renamed `$category` to `$data_object` to match parent class for PHP 8 named parameter support. + * + * @param string $output Used to append additional content (passed by reference). + * @param WP_Term $data_object The current term object. + * @param int $depth Depth of the term in reference to parents. Default 0. + * @param array $args An array of arguments. See {@see wp_terms_checklist()}. + */ + public function end_el( &$output, $data_object, $depth = 0, $args = array() ) { + $output .= "</li>\n"; + } +} diff --git a/wp-admin/includes/class-walker-nav-menu-checklist.php b/wp-admin/includes/class-walker-nav-menu-checklist.php new file mode 100644 index 0000000..6fc5c41 --- /dev/null +++ b/wp-admin/includes/class-walker-nav-menu-checklist.php @@ -0,0 +1,126 @@ +<?php +/** + * Navigation Menu API: Walker_Nav_Menu_Checklist class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Create HTML list of nav menu input items. + * + * @since 3.0.0 + * @uses Walker_Nav_Menu + */ +class Walker_Nav_Menu_Checklist extends Walker_Nav_Menu { + /** + * @param array|false $fields Database fields to use. + */ + public function __construct( $fields = false ) { + if ( $fields ) { + $this->db_fields = $fields; + } + } + + /** + * Starts the list before the elements are added. + * + * @see Walker_Nav_Menu::start_lvl() + * + * @since 3.0.0 + * + * @param string $output Used to append additional content (passed by reference). + * @param int $depth Depth of page. Used for padding. + * @param stdClass $args Not used. + */ + public function start_lvl( &$output, $depth = 0, $args = null ) { + $indent = str_repeat( "\t", $depth ); + $output .= "\n$indent<ul class='children'>\n"; + } + + /** + * Ends the list of after the elements are added. + * + * @see Walker_Nav_Menu::end_lvl() + * + * @since 3.0.0 + * + * @param string $output Used to append additional content (passed by reference). + * @param int $depth Depth of page. Used for padding. + * @param stdClass $args Not used. + */ + public function end_lvl( &$output, $depth = 0, $args = null ) { + $indent = str_repeat( "\t", $depth ); + $output .= "\n$indent</ul>"; + } + + /** + * Start the element output. + * + * @see Walker_Nav_Menu::start_el() + * + * @since 3.0.0 + * @since 5.9.0 Renamed `$item` to `$data_object` and `$id` to `$current_object_id` + * to match parent class for PHP 8 named parameter support. + * + * @global int $_nav_menu_placeholder + * @global int|string $nav_menu_selected_id + * + * @param string $output Used to append additional content (passed by reference). + * @param WP_Post $data_object Menu item data object. + * @param int $depth Depth of menu item. Used for padding. + * @param stdClass $args Not used. + * @param int $current_object_id Optional. ID of the current menu item. Default 0. + */ + public function start_el( &$output, $data_object, $depth = 0, $args = null, $current_object_id = 0 ) { + global $_nav_menu_placeholder, $nav_menu_selected_id; + + // Restores the more descriptive, specific name for use within this method. + $menu_item = $data_object; + + $_nav_menu_placeholder = ( 0 > $_nav_menu_placeholder ) ? (int) $_nav_menu_placeholder - 1 : -1; + $possible_object_id = isset( $menu_item->post_type ) && 'nav_menu_item' === $menu_item->post_type ? $menu_item->object_id : $_nav_menu_placeholder; + $possible_db_id = ( ! empty( $menu_item->ID ) ) && ( 0 < $possible_object_id ) ? (int) $menu_item->ID : 0; + + $indent = ( $depth ) ? str_repeat( "\t", $depth ) : ''; + + $output .= $indent . '<li>'; + $output .= '<label class="menu-item-title">'; + $output .= '<input type="checkbox"' . wp_nav_menu_disabled_check( $nav_menu_selected_id, false ) . ' class="menu-item-checkbox'; + + if ( ! empty( $menu_item->front_or_home ) ) { + $output .= ' add-to-top'; + } + + $output .= '" name="menu-item[' . $possible_object_id . '][menu-item-object-id]" value="' . esc_attr( $menu_item->object_id ) . '" /> '; + + if ( ! empty( $menu_item->label ) ) { + $title = $menu_item->label; + } elseif ( isset( $menu_item->post_type ) ) { + /** This filter is documented in wp-includes/post-template.php */ + $title = apply_filters( 'the_title', $menu_item->post_title, $menu_item->ID ); + } + + $output .= isset( $title ) ? esc_html( $title ) : esc_html( $menu_item->title ); + + if ( empty( $menu_item->label ) && isset( $menu_item->post_type ) && 'page' === $menu_item->post_type ) { + // Append post states. + $output .= _post_states( $menu_item, false ); + } + + $output .= '</label>'; + + // Menu item hidden fields. + $output .= '<input type="hidden" class="menu-item-db-id" name="menu-item[' . $possible_object_id . '][menu-item-db-id]" value="' . $possible_db_id . '" />'; + $output .= '<input type="hidden" class="menu-item-object" name="menu-item[' . $possible_object_id . '][menu-item-object]" value="' . esc_attr( $menu_item->object ) . '" />'; + $output .= '<input type="hidden" class="menu-item-parent-id" name="menu-item[' . $possible_object_id . '][menu-item-parent-id]" value="' . esc_attr( $menu_item->menu_item_parent ) . '" />'; + $output .= '<input type="hidden" class="menu-item-type" name="menu-item[' . $possible_object_id . '][menu-item-type]" value="' . esc_attr( $menu_item->type ) . '" />'; + $output .= '<input type="hidden" class="menu-item-title" name="menu-item[' . $possible_object_id . '][menu-item-title]" value="' . esc_attr( $menu_item->title ) . '" />'; + $output .= '<input type="hidden" class="menu-item-url" name="menu-item[' . $possible_object_id . '][menu-item-url]" value="' . esc_attr( $menu_item->url ) . '" />'; + $output .= '<input type="hidden" class="menu-item-target" name="menu-item[' . $possible_object_id . '][menu-item-target]" value="' . esc_attr( $menu_item->target ) . '" />'; + $output .= '<input type="hidden" class="menu-item-attr-title" name="menu-item[' . $possible_object_id . '][menu-item-attr-title]" value="' . esc_attr( $menu_item->attr_title ) . '" />'; + $output .= '<input type="hidden" class="menu-item-classes" name="menu-item[' . $possible_object_id . '][menu-item-classes]" value="' . esc_attr( implode( ' ', $menu_item->classes ) ) . '" />'; + $output .= '<input type="hidden" class="menu-item-xfn" name="menu-item[' . $possible_object_id . '][menu-item-xfn]" value="' . esc_attr( $menu_item->xfn ) . '" />'; + } +} diff --git a/wp-admin/includes/class-walker-nav-menu-edit.php b/wp-admin/includes/class-walker-nav-menu-edit.php new file mode 100644 index 0000000..7cc7052 --- /dev/null +++ b/wp-admin/includes/class-walker-nav-menu-edit.php @@ -0,0 +1,323 @@ +<?php +/** + * Navigation Menu API: Walker_Nav_Menu_Edit class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Create HTML list of nav menu input items. + * + * @since 3.0.0 + * + * @see Walker_Nav_Menu + */ +class Walker_Nav_Menu_Edit extends Walker_Nav_Menu { + /** + * Starts the list before the elements are added. + * + * @see Walker_Nav_Menu::start_lvl() + * + * @since 3.0.0 + * + * @param string $output Passed by reference. + * @param int $depth Depth of menu item. Used for padding. + * @param stdClass $args Not used. + */ + public function start_lvl( &$output, $depth = 0, $args = null ) {} + + /** + * Ends the list of after the elements are added. + * + * @see Walker_Nav_Menu::end_lvl() + * + * @since 3.0.0 + * + * @param string $output Passed by reference. + * @param int $depth Depth of menu item. Used for padding. + * @param stdClass $args Not used. + */ + public function end_lvl( &$output, $depth = 0, $args = null ) {} + + /** + * Start the element output. + * + * @see Walker_Nav_Menu::start_el() + * @since 3.0.0 + * @since 5.9.0 Renamed `$item` to `$data_object` and `$id` to `$current_object_id` + * to match parent class for PHP 8 named parameter support. + * + * @global int $_wp_nav_menu_max_depth + * + * @param string $output Used to append additional content (passed by reference). + * @param WP_Post $data_object Menu item data object. + * @param int $depth Depth of menu item. Used for padding. + * @param stdClass $args Not used. + * @param int $current_object_id Optional. ID of the current menu item. Default 0. + */ + public function start_el( &$output, $data_object, $depth = 0, $args = null, $current_object_id = 0 ) { + global $_wp_nav_menu_max_depth; + + // Restores the more descriptive, specific name for use within this method. + $menu_item = $data_object; + + $_wp_nav_menu_max_depth = $depth > $_wp_nav_menu_max_depth ? $depth : $_wp_nav_menu_max_depth; + + ob_start(); + $item_id = esc_attr( $menu_item->ID ); + $removed_args = array( + 'action', + 'customlink-tab', + 'edit-menu-item', + 'menu-item', + 'page-tab', + '_wpnonce', + ); + + $original_title = false; + + if ( 'taxonomy' === $menu_item->type ) { + $original_object = get_term( (int) $menu_item->object_id, $menu_item->object ); + if ( $original_object && ! is_wp_error( $original_object ) ) { + $original_title = $original_object->name; + } + } elseif ( 'post_type' === $menu_item->type ) { + $original_object = get_post( $menu_item->object_id ); + if ( $original_object ) { + $original_title = get_the_title( $original_object->ID ); + } + } elseif ( 'post_type_archive' === $menu_item->type ) { + $original_object = get_post_type_object( $menu_item->object ); + if ( $original_object ) { + $original_title = $original_object->labels->archives; + } + } + + $classes = array( + 'menu-item menu-item-depth-' . $depth, + 'menu-item-' . esc_attr( $menu_item->object ), + 'menu-item-edit-' . ( ( isset( $_GET['edit-menu-item'] ) && $item_id === $_GET['edit-menu-item'] ) ? 'active' : 'inactive' ), + ); + + $title = $menu_item->title; + + if ( ! empty( $menu_item->_invalid ) ) { + $classes[] = 'menu-item-invalid'; + /* translators: %s: Title of an invalid menu item. */ + $title = sprintf( __( '%s (Invalid)' ), $menu_item->title ); + } elseif ( isset( $menu_item->post_status ) && 'draft' === $menu_item->post_status ) { + $classes[] = 'pending'; + /* translators: %s: Title of a menu item in draft status. */ + $title = sprintf( __( '%s (Pending)' ), $menu_item->title ); + } + + $title = ( ! isset( $menu_item->label ) || '' === $menu_item->label ) ? $title : $menu_item->label; + + $submenu_text = ''; + if ( 0 === $depth ) { + $submenu_text = 'style="display: none;"'; + } + + ?> + <li id="menu-item-<?php echo $item_id; ?>" class="<?php echo implode( ' ', $classes ); ?>"> + <div class="menu-item-bar"> + <div class="menu-item-handle"> + <label class="item-title" for="menu-item-checkbox-<?php echo $item_id; ?>"> + <input id="menu-item-checkbox-<?php echo $item_id; ?>" type="checkbox" class="menu-item-checkbox" data-menu-item-id="<?php echo $item_id; ?>" disabled="disabled" /> + <span class="menu-item-title"><?php echo esc_html( $title ); ?></span> + <span class="is-submenu" <?php echo $submenu_text; ?>><?php _e( 'sub item' ); ?></span> + </label> + <span class="item-controls"> + <span class="item-type"><?php echo esc_html( $menu_item->type_label ); ?></span> + <span class="item-order hide-if-js"> + <?php + printf( + '<a href="%s" class="item-move-up" aria-label="%s">↑</a>', + wp_nonce_url( + add_query_arg( + array( + 'action' => 'move-up-menu-item', + 'menu-item' => $item_id, + ), + remove_query_arg( $removed_args, admin_url( 'nav-menus.php' ) ) + ), + 'move-menu_item' + ), + esc_attr__( 'Move up' ) + ); + ?> + | + <?php + printf( + '<a href="%s" class="item-move-down" aria-label="%s">↓</a>', + wp_nonce_url( + add_query_arg( + array( + 'action' => 'move-down-menu-item', + 'menu-item' => $item_id, + ), + remove_query_arg( $removed_args, admin_url( 'nav-menus.php' ) ) + ), + 'move-menu_item' + ), + esc_attr__( 'Move down' ) + ); + ?> + </span> + <?php + if ( isset( $_GET['edit-menu-item'] ) && $item_id === $_GET['edit-menu-item'] ) { + $edit_url = admin_url( 'nav-menus.php' ); + } else { + $edit_url = add_query_arg( + array( + 'edit-menu-item' => $item_id, + ), + remove_query_arg( $removed_args, admin_url( 'nav-menus.php#menu-item-settings-' . $item_id ) ) + ); + } + + printf( + '<a class="item-edit" id="edit-%s" href="%s" aria-label="%s"><span class="screen-reader-text">%s</span></a>', + $item_id, + esc_url( $edit_url ), + esc_attr__( 'Edit menu item' ), + /* translators: Hidden accessibility text. */ + __( 'Edit' ) + ); + ?> + </span> + </div> + </div> + + <div class="menu-item-settings wp-clearfix" id="menu-item-settings-<?php echo $item_id; ?>"> + <?php if ( 'custom' === $menu_item->type ) : ?> + <p class="field-url description description-wide"> + <label for="edit-menu-item-url-<?php echo $item_id; ?>"> + <?php _e( 'URL' ); ?><br /> + <input type="text" id="edit-menu-item-url-<?php echo $item_id; ?>" class="widefat code edit-menu-item-url" name="menu-item-url[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->url ); ?>" /> + </label> + </p> + <?php endif; ?> + <p class="description description-wide"> + <label for="edit-menu-item-title-<?php echo $item_id; ?>"> + <?php _e( 'Navigation Label' ); ?><br /> + <input type="text" id="edit-menu-item-title-<?php echo $item_id; ?>" class="widefat edit-menu-item-title" name="menu-item-title[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->title ); ?>" /> + </label> + </p> + <p class="field-title-attribute field-attr-title description description-wide"> + <label for="edit-menu-item-attr-title-<?php echo $item_id; ?>"> + <?php _e( 'Title Attribute' ); ?><br /> + <input type="text" id="edit-menu-item-attr-title-<?php echo $item_id; ?>" class="widefat edit-menu-item-attr-title" name="menu-item-attr-title[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->post_excerpt ); ?>" /> + </label> + </p> + <p class="field-link-target description"> + <label for="edit-menu-item-target-<?php echo $item_id; ?>"> + <input type="checkbox" id="edit-menu-item-target-<?php echo $item_id; ?>" value="_blank" name="menu-item-target[<?php echo $item_id; ?>]"<?php checked( $menu_item->target, '_blank' ); ?> /> + <?php _e( 'Open link in a new tab' ); ?> + </label> + </p> + <p class="field-css-classes description description-thin"> + <label for="edit-menu-item-classes-<?php echo $item_id; ?>"> + <?php _e( 'CSS Classes (optional)' ); ?><br /> + <input type="text" id="edit-menu-item-classes-<?php echo $item_id; ?>" class="widefat code edit-menu-item-classes" name="menu-item-classes[<?php echo $item_id; ?>]" value="<?php echo esc_attr( implode( ' ', $menu_item->classes ) ); ?>" /> + </label> + </p> + <p class="field-xfn description description-thin"> + <label for="edit-menu-item-xfn-<?php echo $item_id; ?>"> + <?php _e( 'Link Relationship (XFN)' ); ?><br /> + <input type="text" id="edit-menu-item-xfn-<?php echo $item_id; ?>" class="widefat code edit-menu-item-xfn" name="menu-item-xfn[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->xfn ); ?>" /> + </label> + </p> + <p class="field-description description description-wide"> + <label for="edit-menu-item-description-<?php echo $item_id; ?>"> + <?php _e( 'Description' ); ?><br /> + <textarea id="edit-menu-item-description-<?php echo $item_id; ?>" class="widefat edit-menu-item-description" rows="3" cols="20" name="menu-item-description[<?php echo $item_id; ?>]"><?php echo esc_html( $menu_item->description ); // textarea_escaped ?></textarea> + <span class="description"><?php _e( 'The description will be displayed in the menu if the active theme supports it.' ); ?></span> + </label> + </p> + + <?php + /** + * Fires just before the move buttons of a nav menu item in the menu editor. + * + * @since 5.4.0 + * + * @param string $item_id Menu item ID as a numeric string. + * @param WP_Post $menu_item Menu item data object. + * @param int $depth Depth of menu item. Used for padding. + * @param stdClass|null $args An object of menu item arguments. + * @param int $current_object_id Nav menu ID. + */ + do_action( 'wp_nav_menu_item_custom_fields', $item_id, $menu_item, $depth, $args, $current_object_id ); + ?> + + <fieldset class="field-move hide-if-no-js description description-wide"> + <span class="field-move-visual-label" aria-hidden="true"><?php _e( 'Move' ); ?></span> + <button type="button" class="button-link menus-move menus-move-up" data-dir="up"><?php _e( 'Up one' ); ?></button> + <button type="button" class="button-link menus-move menus-move-down" data-dir="down"><?php _e( 'Down one' ); ?></button> + <button type="button" class="button-link menus-move menus-move-left" data-dir="left"></button> + <button type="button" class="button-link menus-move menus-move-right" data-dir="right"></button> + <button type="button" class="button-link menus-move menus-move-top" data-dir="top"><?php _e( 'To the top' ); ?></button> + </fieldset> + + <div class="menu-item-actions description-wide submitbox"> + <?php if ( 'custom' !== $menu_item->type && false !== $original_title ) : ?> + <p class="link-to-original"> + <?php + /* translators: %s: Link to menu item's original object. */ + printf( __( 'Original: %s' ), '<a href="' . esc_url( $menu_item->url ) . '">' . esc_html( $original_title ) . '</a>' ); + ?> + </p> + <?php endif; ?> + + <?php + printf( + '<a class="item-delete submitdelete deletion" id="delete-%s" href="%s">%s</a>', + $item_id, + wp_nonce_url( + add_query_arg( + array( + 'action' => 'delete-menu-item', + 'menu-item' => $item_id, + ), + admin_url( 'nav-menus.php' ) + ), + 'delete-menu_item_' . $item_id + ), + __( 'Remove' ) + ); + ?> + <span class="meta-sep hide-if-no-js"> | </span> + <?php + printf( + '<a class="item-cancel submitcancel hide-if-no-js" id="cancel-%s" href="%s#menu-item-settings-%s">%s</a>', + $item_id, + esc_url( + add_query_arg( + array( + 'edit-menu-item' => $item_id, + 'cancel' => time(), + ), + admin_url( 'nav-menus.php' ) + ) + ), + $item_id, + __( 'Cancel' ) + ); + ?> + </div> + + <input class="menu-item-data-db-id" type="hidden" name="menu-item-db-id[<?php echo $item_id; ?>]" value="<?php echo $item_id; ?>" /> + <input class="menu-item-data-object-id" type="hidden" name="menu-item-object-id[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->object_id ); ?>" /> + <input class="menu-item-data-object" type="hidden" name="menu-item-object[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->object ); ?>" /> + <input class="menu-item-data-parent-id" type="hidden" name="menu-item-parent-id[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->menu_item_parent ); ?>" /> + <input class="menu-item-data-position" type="hidden" name="menu-item-position[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->menu_order ); ?>" /> + <input class="menu-item-data-type" type="hidden" name="menu-item-type[<?php echo $item_id; ?>]" value="<?php echo esc_attr( $menu_item->type ); ?>" /> + </div><!-- .menu-item-settings--> + <ul class="menu-item-transport"></ul> + <?php + $output .= ob_get_clean(); + } +} diff --git a/wp-admin/includes/class-wp-ajax-upgrader-skin.php b/wp-admin/includes/class-wp-ajax-upgrader-skin.php new file mode 100644 index 0000000..1ac8e31 --- /dev/null +++ b/wp-admin/includes/class-wp-ajax-upgrader-skin.php @@ -0,0 +1,159 @@ +<?php +/** + * Upgrader API: WP_Ajax_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Upgrader Skin for Ajax WordPress upgrades. + * + * This skin is designed to be used for Ajax updates. + * + * @since 4.6.0 + * + * @see Automatic_Upgrader_Skin + */ +class WP_Ajax_Upgrader_Skin extends Automatic_Upgrader_Skin { + + /** + * Plugin info. + * + * The Plugin_Upgrader::bulk_upgrade() method will fill this in + * with info retrieved from the get_plugin_data() function. + * + * @var array Plugin data. Values will be empty if not supplied by the plugin. + */ + public $plugin_info = array(); + + /** + * Theme info. + * + * The Theme_Upgrader::bulk_upgrade() method will fill this in + * with info retrieved from the Theme_Upgrader::theme_info() method, + * which in turn calls the wp_get_theme() function. + * + * @var WP_Theme|false The theme's info object, or false. + */ + public $theme_info = false; + + /** + * Holds the WP_Error object. + * + * @since 4.6.0 + * + * @var null|WP_Error + */ + protected $errors = null; + + /** + * Constructor. + * + * Sets up the WordPress Ajax upgrader skin. + * + * @since 4.6.0 + * + * @see WP_Upgrader_Skin::__construct() + * + * @param array $args Optional. The WordPress Ajax upgrader skin arguments to + * override default options. See WP_Upgrader_Skin::__construct(). + * Default empty array. + */ + public function __construct( $args = array() ) { + parent::__construct( $args ); + + $this->errors = new WP_Error(); + } + + /** + * Retrieves the list of errors. + * + * @since 4.6.0 + * + * @return WP_Error Errors during an upgrade. + */ + public function get_errors() { + return $this->errors; + } + + /** + * Retrieves a string for error messages. + * + * @since 4.6.0 + * + * @return string Error messages during an upgrade. + */ + public function get_error_messages() { + $messages = array(); + + foreach ( $this->errors->get_error_codes() as $error_code ) { + $error_data = $this->errors->get_error_data( $error_code ); + + if ( $error_data && is_string( $error_data ) ) { + $messages[] = $this->errors->get_error_message( $error_code ) . ' ' . esc_html( strip_tags( $error_data ) ); + } else { + $messages[] = $this->errors->get_error_message( $error_code ); + } + } + + return implode( ', ', $messages ); + } + + /** + * Stores an error message about the upgrade. + * + * @since 4.6.0 + * @since 5.3.0 Formalized the existing `...$args` parameter by adding it + * to the function signature. + * + * @param string|WP_Error $errors Errors. + * @param mixed ...$args Optional text replacements. + */ + public function error( $errors, ...$args ) { + if ( is_string( $errors ) ) { + $string = $errors; + if ( ! empty( $this->upgrader->strings[ $string ] ) ) { + $string = $this->upgrader->strings[ $string ]; + } + + if ( str_contains( $string, '%' ) ) { + if ( ! empty( $args ) ) { + $string = vsprintf( $string, $args ); + } + } + + // Count existing errors to generate a unique error code. + $errors_count = count( $this->errors->get_error_codes() ); + $this->errors->add( 'unknown_upgrade_error_' . ( $errors_count + 1 ), $string ); + } elseif ( is_wp_error( $errors ) ) { + foreach ( $errors->get_error_codes() as $error_code ) { + $this->errors->add( $error_code, $errors->get_error_message( $error_code ), $errors->get_error_data( $error_code ) ); + } + } + + parent::error( $errors, ...$args ); + } + + /** + * Stores a message about the upgrade. + * + * @since 4.6.0 + * @since 5.3.0 Formalized the existing `...$args` parameter by adding it + * to the function signature. + * @since 5.9.0 Renamed `$data` to `$feedback` for PHP 8 named parameter support. + * + * @param string|array|WP_Error $feedback Message data. + * @param mixed ...$args Optional text replacements. + */ + public function feedback( $feedback, ...$args ) { + if ( is_wp_error( $feedback ) ) { + foreach ( $feedback->get_error_codes() as $error_code ) { + $this->errors->add( $error_code, $feedback->get_error_message( $error_code ), $feedback->get_error_data( $error_code ) ); + } + } + + parent::feedback( $feedback, ...$args ); + } +} diff --git a/wp-admin/includes/class-wp-application-passwords-list-table.php b/wp-admin/includes/class-wp-application-passwords-list-table.php new file mode 100644 index 0000000..6c0bf26 --- /dev/null +++ b/wp-admin/includes/class-wp-application-passwords-list-table.php @@ -0,0 +1,267 @@ +<?php +/** + * List Table API: WP_Application_Passwords_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 5.6.0 + */ + +/** + * Class for displaying the list of application password items. + * + * @since 5.6.0 + * + * @see WP_List_Table + */ +class WP_Application_Passwords_List_Table extends WP_List_Table { + + /** + * Gets the list of columns. + * + * @since 5.6.0 + * + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + return array( + 'name' => __( 'Name' ), + 'created' => __( 'Created' ), + 'last_used' => __( 'Last Used' ), + 'last_ip' => __( 'Last IP' ), + 'revoke' => __( 'Revoke' ), + ); + } + + /** + * Prepares the list of items for displaying. + * + * @since 5.6.0 + * + * @global int $user_id User ID. + */ + public function prepare_items() { + global $user_id; + $this->items = array_reverse( WP_Application_Passwords::get_user_application_passwords( $user_id ) ); + } + + /** + * Handles the name column output. + * + * @since 5.6.0 + * + * @param array $item The current application password item. + */ + public function column_name( $item ) { + echo esc_html( $item['name'] ); + } + + /** + * Handles the created column output. + * + * @since 5.6.0 + * + * @param array $item The current application password item. + */ + public function column_created( $item ) { + if ( empty( $item['created'] ) ) { + echo '—'; + } else { + echo date_i18n( __( 'F j, Y' ), $item['created'] ); + } + } + + /** + * Handles the last used column output. + * + * @since 5.6.0 + * + * @param array $item The current application password item. + */ + public function column_last_used( $item ) { + if ( empty( $item['last_used'] ) ) { + echo '—'; + } else { + echo date_i18n( __( 'F j, Y' ), $item['last_used'] ); + } + } + + /** + * Handles the last ip column output. + * + * @since 5.6.0 + * + * @param array $item The current application password item. + */ + public function column_last_ip( $item ) { + if ( empty( $item['last_ip'] ) ) { + echo '—'; + } else { + echo $item['last_ip']; + } + } + + /** + * Handles the revoke column output. + * + * @since 5.6.0 + * + * @param array $item The current application password item. + */ + public function column_revoke( $item ) { + $name = 'revoke-application-password-' . $item['uuid']; + printf( + '<button type="button" name="%1$s" id="%1$s" class="button delete" aria-label="%2$s">%3$s</button>', + esc_attr( $name ), + /* translators: %s: the application password's given name. */ + esc_attr( sprintf( __( 'Revoke "%s"' ), $item['name'] ) ), + __( 'Revoke' ) + ); + } + + /** + * Generates content for a single row of the table + * + * @since 5.6.0 + * + * @param array $item The current item. + * @param string $column_name The current column name. + */ + protected function column_default( $item, $column_name ) { + /** + * Fires for each custom column in the Application Passwords list table. + * + * Custom columns are registered using the {@see 'manage_application-passwords-user_columns'} filter. + * + * @since 5.6.0 + * + * @param string $column_name Name of the custom column. + * @param array $item The application password item. + */ + do_action( "manage_{$this->screen->id}_custom_column", $column_name, $item ); + } + + /** + * Generates custom table navigation to prevent conflicting nonces. + * + * @since 5.6.0 + * + * @param string $which The location of the bulk actions: 'top' or 'bottom'. + */ + protected function display_tablenav( $which ) { + ?> + <div class="tablenav <?php echo esc_attr( $which ); ?>"> + <?php if ( 'bottom' === $which ) : ?> + <div class="alignright"> + <button type="button" name="revoke-all-application-passwords" id="revoke-all-application-passwords" class="button delete"><?php _e( 'Revoke all application passwords' ); ?></button> + </div> + <?php endif; ?> + <div class="alignleft actions bulkactions"> + <?php $this->bulk_actions( $which ); ?> + </div> + <?php + $this->extra_tablenav( $which ); + $this->pagination( $which ); + ?> + <br class="clear" /> + </div> + <?php + } + + /** + * Generates content for a single row of the table. + * + * @since 5.6.0 + * + * @param array $item The current item. + */ + public function single_row( $item ) { + echo '<tr data-uuid="' . esc_attr( $item['uuid'] ) . '">'; + $this->single_row_columns( $item ); + echo '</tr>'; + } + + /** + * Gets the name of the default primary column. + * + * @since 5.6.0 + * + * @return string Name of the default primary column, in this case, 'name'. + */ + protected function get_default_primary_column_name() { + return 'name'; + } + + /** + * Prints the JavaScript template for the new row item. + * + * @since 5.6.0 + */ + public function print_js_template_row() { + list( $columns, $hidden, , $primary ) = $this->get_column_info(); + + echo '<tr data-uuid="{{ data.uuid }}">'; + + foreach ( $columns as $column_name => $display_name ) { + $is_primary = $primary === $column_name; + $classes = "{$column_name} column-{$column_name}"; + + if ( $is_primary ) { + $classes .= ' has-row-actions column-primary'; + } + + if ( in_array( $column_name, $hidden, true ) ) { + $classes .= ' hidden'; + } + + printf( '<td class="%s" data-colname="%s">', esc_attr( $classes ), esc_attr( wp_strip_all_tags( $display_name ) ) ); + + switch ( $column_name ) { + case 'name': + echo '{{ data.name }}'; + break; + case 'created': + // JSON encoding automatically doubles backslashes to ensure they don't get lost when printing the inline JS. + echo '<# print( wp.date.dateI18n( ' . wp_json_encode( __( 'F j, Y' ) ) . ', data.created ) ) #>'; + break; + case 'last_used': + echo '<# print( data.last_used !== null ? wp.date.dateI18n( ' . wp_json_encode( __( 'F j, Y' ) ) . ", data.last_used ) : '—' ) #>"; + break; + case 'last_ip': + echo "{{ data.last_ip || '—' }}"; + break; + case 'revoke': + printf( + '<button type="button" class="button delete" aria-label="%1$s">%2$s</button>', + /* translators: %s: the application password's given name. */ + esc_attr( sprintf( __( 'Revoke "%s"' ), '{{ data.name }}' ) ), + esc_html__( 'Revoke' ) + ); + break; + default: + /** + * Fires in the JavaScript row template for each custom column in the Application Passwords list table. + * + * Custom columns are registered using the {@see 'manage_application-passwords-user_columns'} filter. + * + * @since 5.6.0 + * + * @param string $column_name Name of the custom column. + */ + do_action( "manage_{$this->screen->id}_custom_column_js_template", $column_name ); + break; + } + + if ( $is_primary ) { + echo '<button type="button" class="toggle-row"><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Show more details' ) . + '</span></button>'; + } + + echo '</td>'; + } + + echo '</tr>'; + } +} diff --git a/wp-admin/includes/class-wp-automatic-updater.php b/wp-admin/includes/class-wp-automatic-updater.php new file mode 100644 index 0000000..bb8cb40 --- /dev/null +++ b/wp-admin/includes/class-wp-automatic-updater.php @@ -0,0 +1,1554 @@ +<?php +/** + * Upgrade API: WP_Automatic_Updater class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Core class used for handling automatic background updates. + * + * @since 3.7.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader.php. + */ +#[AllowDynamicProperties] +class WP_Automatic_Updater { + + /** + * Tracks update results during processing. + * + * @var array + */ + protected $update_results = array(); + + /** + * Determines whether the entire automatic updater is disabled. + * + * @since 3.7.0 + * + * @return bool True if the automatic updater is disabled, false otherwise. + */ + public function is_disabled() { + // Background updates are disabled if you don't want file changes. + if ( ! wp_is_file_mod_allowed( 'automatic_updater' ) ) { + return true; + } + + if ( wp_installing() ) { + return true; + } + + // More fine grained control can be done through the WP_AUTO_UPDATE_CORE constant and filters. + $disabled = defined( 'AUTOMATIC_UPDATER_DISABLED' ) && AUTOMATIC_UPDATER_DISABLED; + + /** + * Filters whether to entirely disable background updates. + * + * There are more fine-grained filters and controls for selective disabling. + * This filter parallels the AUTOMATIC_UPDATER_DISABLED constant in name. + * + * This also disables update notification emails. That may change in the future. + * + * @since 3.7.0 + * + * @param bool $disabled Whether the updater should be disabled. + */ + return apply_filters( 'automatic_updater_disabled', $disabled ); + } + + /** + * Checks whether access to a given directory is allowed. + * + * This is used when detecting version control checkouts. Takes into account + * the PHP `open_basedir` restrictions, so that WordPress does not try to access + * directories it is not allowed to. + * + * @since 6.2.0 + * + * @param string $dir The directory to check. + * @return bool True if access to the directory is allowed, false otherwise. + */ + public function is_allowed_dir( $dir ) { + if ( is_string( $dir ) ) { + $dir = trim( $dir ); + } + + if ( ! is_string( $dir ) || '' === $dir ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %s: The "$dir" argument. */ + __( 'The "%s" argument must be a non-empty string.' ), + '$dir' + ), + '6.2.0' + ); + + return false; + } + + $open_basedir = ini_get( 'open_basedir' ); + + if ( empty( $open_basedir ) ) { + return true; + } + + $open_basedir_list = explode( PATH_SEPARATOR, $open_basedir ); + + foreach ( $open_basedir_list as $basedir ) { + if ( '' !== trim( $basedir ) && str_starts_with( $dir, $basedir ) ) { + return true; + } + } + + return false; + } + + /** + * Checks for version control checkouts. + * + * Checks for Subversion, Git, Mercurial, and Bazaar. It recursively looks up the + * filesystem to the top of the drive, erring on the side of detecting a VCS + * checkout somewhere. + * + * ABSPATH is always checked in addition to whatever `$context` is (which may be the + * wp-content directory, for example). The underlying assumption is that if you are + * using version control *anywhere*, then you should be making decisions for + * how things get updated. + * + * @since 3.7.0 + * + * @param string $context The filesystem path to check, in addition to ABSPATH. + * @return bool True if a VCS checkout was discovered at `$context` or ABSPATH, + * or anywhere higher. False otherwise. + */ + public function is_vcs_checkout( $context ) { + $context_dirs = array( untrailingslashit( $context ) ); + if ( ABSPATH !== $context ) { + $context_dirs[] = untrailingslashit( ABSPATH ); + } + + $vcs_dirs = array( '.svn', '.git', '.hg', '.bzr' ); + $check_dirs = array(); + + foreach ( $context_dirs as $context_dir ) { + // Walk up from $context_dir to the root. + do { + $check_dirs[] = $context_dir; + + // Once we've hit '/' or 'C:\', we need to stop. dirname will keep returning the input here. + if ( dirname( $context_dir ) === $context_dir ) { + break; + } + + // Continue one level at a time. + } while ( $context_dir = dirname( $context_dir ) ); + } + + $check_dirs = array_unique( $check_dirs ); + $checkout = false; + + // Search all directories we've found for evidence of version control. + foreach ( $vcs_dirs as $vcs_dir ) { + foreach ( $check_dirs as $check_dir ) { + if ( ! $this->is_allowed_dir( $check_dir ) ) { + continue; + } + + $checkout = is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ); + if ( $checkout ) { + break 2; + } + } + } + + /** + * Filters whether the automatic updater should consider a filesystem + * location to be potentially managed by a version control system. + * + * @since 3.7.0 + * + * @param bool $checkout Whether a VCS checkout was discovered at `$context` + * or ABSPATH, or anywhere higher. + * @param string $context The filesystem context (a path) against which + * filesystem status should be checked. + */ + return apply_filters( 'automatic_updates_is_vcs_checkout', $checkout, $context ); + } + + /** + * Tests to see if we can and should update a specific item. + * + * @since 3.7.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $type The type of update being checked: 'core', 'theme', + * 'plugin', 'translation'. + * @param object $item The update offer. + * @param string $context The filesystem context (a path) against which filesystem + * access and status should be checked. + * @return bool True if the item should be updated, false otherwise. + */ + public function should_update( $type, $item, $context ) { + // Used to see if WP_Filesystem is set up to allow unattended updates. + $skin = new Automatic_Upgrader_Skin(); + + if ( $this->is_disabled() ) { + return false; + } + + // Only relax the filesystem checks when the update doesn't include new files. + $allow_relaxed_file_ownership = false; + if ( 'core' === $type && isset( $item->new_files ) && ! $item->new_files ) { + $allow_relaxed_file_ownership = true; + } + + // If we can't do an auto core update, we may still be able to email the user. + if ( ! $skin->request_filesystem_credentials( false, $context, $allow_relaxed_file_ownership ) + || $this->is_vcs_checkout( $context ) + ) { + if ( 'core' === $type ) { + $this->send_core_update_notification_email( $item ); + } + return false; + } + + // Next up, is this an item we can update? + if ( 'core' === $type ) { + $update = Core_Upgrader::should_update_to_version( $item->current ); + } elseif ( 'plugin' === $type || 'theme' === $type ) { + $update = ! empty( $item->autoupdate ); + + if ( ! $update && wp_is_auto_update_enabled_for_type( $type ) ) { + // Check if the site admin has enabled auto-updates by default for the specific item. + $auto_updates = (array) get_site_option( "auto_update_{$type}s", array() ); + $update = in_array( $item->{$type}, $auto_updates, true ); + } + } else { + $update = ! empty( $item->autoupdate ); + } + + // If the `disable_autoupdate` flag is set, override any user-choice, but allow filters. + if ( ! empty( $item->disable_autoupdate ) ) { + $update = $item->disable_autoupdate; + } + + /** + * Filters whether to automatically update core, a plugin, a theme, or a language. + * + * The dynamic portion of the hook name, `$type`, refers to the type of update + * being checked. + * + * Possible hook names include: + * + * - `auto_update_core` + * - `auto_update_plugin` + * - `auto_update_theme` + * - `auto_update_translation` + * + * Since WordPress 3.7, minor and development versions of core, and translations have + * been auto-updated by default. New installs on WordPress 5.6 or higher will also + * auto-update major versions by default. Starting in 5.6, older sites can opt-in to + * major version auto-updates, and auto-updates for plugins and themes. + * + * See the {@see 'allow_dev_auto_core_updates'}, {@see 'allow_minor_auto_core_updates'}, + * and {@see 'allow_major_auto_core_updates'} filters for a more straightforward way to + * adjust core updates. + * + * @since 3.7.0 + * @since 5.5.0 The `$update` parameter accepts the value of null. + * + * @param bool|null $update Whether to update. The value of null is internally used + * to detect whether nothing has hooked into this filter. + * @param object $item The update offer. + */ + $update = apply_filters( "auto_update_{$type}", $update, $item ); + + if ( ! $update ) { + if ( 'core' === $type ) { + $this->send_core_update_notification_email( $item ); + } + return false; + } + + // If it's a core update, are we actually compatible with its requirements? + if ( 'core' === $type ) { + global $wpdb; + + $php_compat = version_compare( PHP_VERSION, $item->php_version, '>=' ); + if ( file_exists( WP_CONTENT_DIR . '/db.php' ) && empty( $wpdb->is_mysql ) ) { + $mysql_compat = true; + } else { + $mysql_compat = version_compare( $wpdb->db_version(), $item->mysql_version, '>=' ); + } + + if ( ! $php_compat || ! $mysql_compat ) { + return false; + } + } + + // If updating a plugin or theme, ensure the minimum PHP version requirements are satisfied. + if ( in_array( $type, array( 'plugin', 'theme' ), true ) ) { + if ( ! empty( $item->requires_php ) && version_compare( PHP_VERSION, $item->requires_php, '<' ) ) { + return false; + } + } + + return true; + } + + /** + * Notifies an administrator of a core update. + * + * @since 3.7.0 + * + * @param object $item The update offer. + * @return bool True if the site administrator is notified of a core update, + * false otherwise. + */ + protected function send_core_update_notification_email( $item ) { + $notified = get_site_option( 'auto_core_update_notified' ); + + // Don't notify if we've already notified the same email address of the same version. + if ( $notified + && get_site_option( 'admin_email' ) === $notified['email'] + && $notified['version'] === $item->current + ) { + return false; + } + + // See if we need to notify users of a core update. + $notify = ! empty( $item->notify_email ); + + /** + * Filters whether to notify the site administrator of a new core update. + * + * By default, administrators are notified when the update offer received + * from WordPress.org sets a particular flag. This allows some discretion + * in if and when to notify. + * + * This filter is only evaluated once per release. If the same email address + * was already notified of the same new version, WordPress won't repeatedly + * email the administrator. + * + * This filter is also used on about.php to check if a plugin has disabled + * these notifications. + * + * @since 3.7.0 + * + * @param bool $notify Whether the site administrator is notified. + * @param object $item The update offer. + */ + if ( ! apply_filters( 'send_core_update_notification_email', $notify, $item ) ) { + return false; + } + + $this->send_email( 'manual', $item ); + return true; + } + + /** + * Updates an item, if appropriate. + * + * @since 3.7.0 + * + * @param string $type The type of update being checked: 'core', 'theme', 'plugin', 'translation'. + * @param object $item The update offer. + * @return null|WP_Error + */ + public function update( $type, $item ) { + $skin = new Automatic_Upgrader_Skin(); + + switch ( $type ) { + case 'core': + // The Core upgrader doesn't use the Upgrader's skin during the actual main part of the upgrade, instead, firing a filter. + add_filter( 'update_feedback', array( $skin, 'feedback' ) ); + $upgrader = new Core_Upgrader( $skin ); + $context = ABSPATH; + break; + case 'plugin': + $upgrader = new Plugin_Upgrader( $skin ); + $context = WP_PLUGIN_DIR; // We don't support custom Plugin directories, or updates for WPMU_PLUGIN_DIR. + break; + case 'theme': + $upgrader = new Theme_Upgrader( $skin ); + $context = get_theme_root( $item->theme ); + break; + case 'translation': + $upgrader = new Language_Pack_Upgrader( $skin ); + $context = WP_CONTENT_DIR; // WP_LANG_DIR; + break; + } + + // Determine whether we can and should perform this update. + if ( ! $this->should_update( $type, $item, $context ) ) { + return false; + } + + /** + * Fires immediately prior to an auto-update. + * + * @since 4.4.0 + * + * @param string $type The type of update being checked: 'core', 'theme', 'plugin', or 'translation'. + * @param object $item The update offer. + * @param string $context The filesystem context (a path) against which filesystem access and status + * should be checked. + */ + do_action( 'pre_auto_update', $type, $item, $context ); + + $upgrader_item = $item; + switch ( $type ) { + case 'core': + /* translators: %s: WordPress version. */ + $skin->feedback( __( 'Updating to WordPress %s' ), $item->version ); + /* translators: %s: WordPress version. */ + $item_name = sprintf( __( 'WordPress %s' ), $item->version ); + break; + case 'theme': + $upgrader_item = $item->theme; + $theme = wp_get_theme( $upgrader_item ); + $item_name = $theme->Get( 'Name' ); + // Add the current version so that it can be reported in the notification email. + $item->current_version = $theme->get( 'Version' ); + if ( empty( $item->current_version ) ) { + $item->current_version = false; + } + /* translators: %s: Theme name. */ + $skin->feedback( __( 'Updating theme: %s' ), $item_name ); + break; + case 'plugin': + $upgrader_item = $item->plugin; + $plugin_data = get_plugin_data( $context . '/' . $upgrader_item ); + $item_name = $plugin_data['Name']; + // Add the current version so that it can be reported in the notification email. + $item->current_version = $plugin_data['Version']; + if ( empty( $item->current_version ) ) { + $item->current_version = false; + } + /* translators: %s: Plugin name. */ + $skin->feedback( __( 'Updating plugin: %s' ), $item_name ); + break; + case 'translation': + $language_item_name = $upgrader->get_name_for_update( $item ); + /* translators: %s: Project name (plugin, theme, or WordPress). */ + $item_name = sprintf( __( 'Translations for %s' ), $language_item_name ); + /* translators: 1: Project name (plugin, theme, or WordPress), 2: Language. */ + $skin->feedback( sprintf( __( 'Updating translations for %1$s (%2$s)…' ), $language_item_name, $item->language ) ); + break; + } + + $allow_relaxed_file_ownership = false; + if ( 'core' === $type && isset( $item->new_files ) && ! $item->new_files ) { + $allow_relaxed_file_ownership = true; + } + + // Boom, this site's about to get a whole new splash of paint! + $upgrade_result = $upgrader->upgrade( + $upgrader_item, + array( + 'clear_update_cache' => false, + // Always use partial builds if possible for core updates. + 'pre_check_md5' => false, + // Only available for core updates. + 'attempt_rollback' => true, + // Allow relaxed file ownership in some scenarios. + 'allow_relaxed_file_ownership' => $allow_relaxed_file_ownership, + ) + ); + + // If the filesystem is unavailable, false is returned. + if ( false === $upgrade_result ) { + $upgrade_result = new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) ); + } + + if ( 'core' === $type ) { + if ( is_wp_error( $upgrade_result ) + && ( 'up_to_date' === $upgrade_result->get_error_code() + || 'locked' === $upgrade_result->get_error_code() ) + ) { + /* + * These aren't actual errors, treat it as a skipped-update instead + * to avoid triggering the post-core update failure routines. + */ + return false; + } + + // Core doesn't output this, so let's append it, so we don't get confused. + if ( is_wp_error( $upgrade_result ) ) { + $upgrade_result->add( 'installation_failed', __( 'Installation failed.' ) ); + $skin->error( $upgrade_result ); + } else { + $skin->feedback( __( 'WordPress updated successfully.' ) ); + } + } + + $this->update_results[ $type ][] = (object) array( + 'item' => $item, + 'result' => $upgrade_result, + 'name' => $item_name, + 'messages' => $skin->get_upgrade_messages(), + ); + + return $upgrade_result; + } + + /** + * Kicks off the background update process, looping through all pending updates. + * + * @since 3.7.0 + */ + public function run() { + if ( $this->is_disabled() ) { + return; + } + + if ( ! is_main_network() || ! is_main_site() ) { + return; + } + + if ( ! WP_Upgrader::create_lock( 'auto_updater' ) ) { + return; + } + + // Don't automatically run these things, as we'll handle it ourselves. + remove_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 ); + remove_action( 'upgrader_process_complete', 'wp_version_check' ); + remove_action( 'upgrader_process_complete', 'wp_update_plugins' ); + remove_action( 'upgrader_process_complete', 'wp_update_themes' ); + + // Next, plugins. + wp_update_plugins(); // Check for plugin updates. + $plugin_updates = get_site_transient( 'update_plugins' ); + if ( $plugin_updates && ! empty( $plugin_updates->response ) ) { + foreach ( $plugin_updates->response as $plugin ) { + $this->update( 'plugin', $plugin ); + } + // Force refresh of plugin update information. + wp_clean_plugins_cache(); + } + + // Next, those themes we all love. + wp_update_themes(); // Check for theme updates. + $theme_updates = get_site_transient( 'update_themes' ); + if ( $theme_updates && ! empty( $theme_updates->response ) ) { + foreach ( $theme_updates->response as $theme ) { + $this->update( 'theme', (object) $theme ); + } + // Force refresh of theme update information. + wp_clean_themes_cache(); + } + + // Next, process any core update. + wp_version_check(); // Check for core updates. + $core_update = find_core_auto_update(); + + if ( $core_update ) { + $this->update( 'core', $core_update ); + } + + /* + * Clean up, and check for any pending translations. + * (Core_Upgrader checks for core updates.) + */ + $theme_stats = array(); + if ( isset( $this->update_results['theme'] ) ) { + foreach ( $this->update_results['theme'] as $upgrade ) { + $theme_stats[ $upgrade->item->theme ] = ( true === $upgrade->result ); + } + } + wp_update_themes( $theme_stats ); // Check for theme updates. + + $plugin_stats = array(); + if ( isset( $this->update_results['plugin'] ) ) { + foreach ( $this->update_results['plugin'] as $upgrade ) { + $plugin_stats[ $upgrade->item->plugin ] = ( true === $upgrade->result ); + } + } + wp_update_plugins( $plugin_stats ); // Check for plugin updates. + + // Finally, process any new translations. + $language_updates = wp_get_translation_updates(); + if ( $language_updates ) { + foreach ( $language_updates as $update ) { + $this->update( 'translation', $update ); + } + + // Clear existing caches. + wp_clean_update_cache(); + + wp_version_check(); // Check for core updates. + wp_update_themes(); // Check for theme updates. + wp_update_plugins(); // Check for plugin updates. + } + + // Send debugging email to admin for all development installations. + if ( ! empty( $this->update_results ) ) { + $development_version = str_contains( get_bloginfo( 'version' ), '-' ); + + /** + * Filters whether to send a debugging email for each automatic background update. + * + * @since 3.7.0 + * + * @param bool $development_version By default, emails are sent if the + * install is a development version. + * Return false to avoid the email. + */ + if ( apply_filters( 'automatic_updates_send_debug_email', $development_version ) ) { + $this->send_debug_email(); + } + + if ( ! empty( $this->update_results['core'] ) ) { + $this->after_core_update( $this->update_results['core'][0] ); + } elseif ( ! empty( $this->update_results['plugin'] ) || ! empty( $this->update_results['theme'] ) ) { + $this->after_plugin_theme_update( $this->update_results ); + } + + /** + * Fires after all automatic updates have run. + * + * @since 3.8.0 + * + * @param array $update_results The results of all attempted updates. + */ + do_action( 'automatic_updates_complete', $this->update_results ); + } + + WP_Upgrader::release_lock( 'auto_updater' ); + } + + /** + * Checks whether to send an email and avoid processing future updates after + * attempting a core update. + * + * @since 3.7.0 + * + * @param object $update_result The result of the core update. Includes the update offer and result. + */ + protected function after_core_update( $update_result ) { + $wp_version = get_bloginfo( 'version' ); + + $core_update = $update_result->item; + $result = $update_result->result; + + if ( ! is_wp_error( $result ) ) { + $this->send_email( 'success', $core_update ); + return; + } + + $error_code = $result->get_error_code(); + + /* + * Any of these WP_Error codes are critical failures, as in they occurred after we started to copy core files. + * We should not try to perform a background update again until there is a successful one-click update performed by the user. + */ + $critical = false; + if ( 'disk_full' === $error_code || str_contains( $error_code, '__copy_dir' ) ) { + $critical = true; + } elseif ( 'rollback_was_required' === $error_code && is_wp_error( $result->get_error_data()->rollback ) ) { + // A rollback is only critical if it failed too. + $critical = true; + $rollback_result = $result->get_error_data()->rollback; + } elseif ( str_contains( $error_code, 'do_rollback' ) ) { + $critical = true; + } + + if ( $critical ) { + $critical_data = array( + 'attempted' => $core_update->current, + 'current' => $wp_version, + 'error_code' => $error_code, + 'error_data' => $result->get_error_data(), + 'timestamp' => time(), + 'critical' => true, + ); + if ( isset( $rollback_result ) ) { + $critical_data['rollback_code'] = $rollback_result->get_error_code(); + $critical_data['rollback_data'] = $rollback_result->get_error_data(); + } + update_site_option( 'auto_core_update_failed', $critical_data ); + $this->send_email( 'critical', $core_update, $result ); + return; + } + + /* + * Any other WP_Error code (like download_failed or files_not_writable) occurs before + * we tried to copy over core files. Thus, the failures are early and graceful. + * + * We should avoid trying to perform a background update again for the same version. + * But we can try again if another version is released. + * + * For certain 'transient' failures, like download_failed, we should allow retries. + * In fact, let's schedule a special update for an hour from now. (It's possible + * the issue could actually be on WordPress.org's side.) If that one fails, then email. + */ + $send = true; + $transient_failures = array( 'incompatible_archive', 'download_failed', 'insane_distro', 'locked' ); + if ( in_array( $error_code, $transient_failures, true ) && ! get_site_option( 'auto_core_update_failed' ) ) { + wp_schedule_single_event( time() + HOUR_IN_SECONDS, 'wp_maybe_auto_update' ); + $send = false; + } + + $notified = get_site_option( 'auto_core_update_notified' ); + + // Don't notify if we've already notified the same email address of the same version of the same notification type. + if ( $notified + && 'fail' === $notified['type'] + && get_site_option( 'admin_email' ) === $notified['email'] + && $notified['version'] === $core_update->current + ) { + $send = false; + } + + update_site_option( + 'auto_core_update_failed', + array( + 'attempted' => $core_update->current, + 'current' => $wp_version, + 'error_code' => $error_code, + 'error_data' => $result->get_error_data(), + 'timestamp' => time(), + 'retry' => in_array( $error_code, $transient_failures, true ), + ) + ); + + if ( $send ) { + $this->send_email( 'fail', $core_update, $result ); + } + } + + /** + * Sends an email upon the completion or failure of a background core update. + * + * @since 3.7.0 + * + * @param string $type The type of email to send. Can be one of 'success', 'fail', 'manual', 'critical'. + * @param object $core_update The update offer that was attempted. + * @param mixed $result Optional. The result for the core update. Can be WP_Error. + */ + protected function send_email( $type, $core_update, $result = null ) { + update_site_option( + 'auto_core_update_notified', + array( + 'type' => $type, + 'email' => get_site_option( 'admin_email' ), + 'version' => $core_update->current, + 'timestamp' => time(), + ) + ); + + $next_user_core_update = get_preferred_from_update_core(); + + // If the update transient is empty, use the update we just performed. + if ( ! $next_user_core_update ) { + $next_user_core_update = $core_update; + } + + if ( 'upgrade' === $next_user_core_update->response + && version_compare( $next_user_core_update->version, $core_update->version, '>' ) + ) { + $newer_version_available = true; + } else { + $newer_version_available = false; + } + + /** + * Filters whether to send an email following an automatic background core update. + * + * @since 3.7.0 + * + * @param bool $send Whether to send the email. Default true. + * @param string $type The type of email to send. Can be one of + * 'success', 'fail', 'critical'. + * @param object $core_update The update offer that was attempted. + * @param mixed $result The result for the core update. Can be WP_Error. + */ + if ( 'manual' !== $type && ! apply_filters( 'auto_core_update_send_email', true, $type, $core_update, $result ) ) { + return; + } + + switch ( $type ) { + case 'success': // We updated. + /* translators: Site updated notification email subject. 1: Site title, 2: WordPress version. */ + $subject = __( '[%1$s] Your site has updated to WordPress %2$s' ); + break; + + case 'fail': // We tried to update but couldn't. + case 'manual': // We can't update (and made no attempt). + /* translators: Update available notification email subject. 1: Site title, 2: WordPress version. */ + $subject = __( '[%1$s] WordPress %2$s is available. Please update!' ); + break; + + case 'critical': // We tried to update, started to copy files, then things went wrong. + /* translators: Site down notification email subject. 1: Site title. */ + $subject = __( '[%1$s] URGENT: Your site may be down due to a failed update' ); + break; + + default: + return; + } + + // If the auto-update is not to the latest version, say that the current version of WP is available instead. + $version = 'success' === $type ? $core_update->current : $next_user_core_update->current; + $subject = sprintf( $subject, wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), $version ); + + $body = ''; + + switch ( $type ) { + case 'success': + $body .= sprintf( + /* translators: 1: Home URL, 2: WordPress version. */ + __( 'Howdy! Your site at %1$s has been updated automatically to WordPress %2$s.' ), + home_url(), + $core_update->current + ); + $body .= "\n\n"; + if ( ! $newer_version_available ) { + $body .= __( 'No further action is needed on your part.' ) . ' '; + } + + // Can only reference the About screen if their update was successful. + list( $about_version ) = explode( '-', $core_update->current, 2 ); + /* translators: %s: WordPress version. */ + $body .= sprintf( __( 'For more on version %s, see the About WordPress screen:' ), $about_version ); + $body .= "\n" . admin_url( 'about.php' ); + + if ( $newer_version_available ) { + /* translators: %s: WordPress latest version. */ + $body .= "\n\n" . sprintf( __( 'WordPress %s is also now available.' ), $next_user_core_update->current ) . ' '; + $body .= __( 'Updating is easy and only takes a few moments:' ); + $body .= "\n" . network_admin_url( 'update-core.php' ); + } + + break; + + case 'fail': + case 'manual': + $body .= sprintf( + /* translators: 1: Home URL, 2: WordPress version. */ + __( 'Please update your site at %1$s to WordPress %2$s.' ), + home_url(), + $next_user_core_update->current + ); + + $body .= "\n\n"; + + /* + * Don't show this message if there is a newer version available. + * Potential for confusion, and also not useful for them to know at this point. + */ + if ( 'fail' === $type && ! $newer_version_available ) { + $body .= __( 'An attempt was made, but your site could not be updated automatically.' ) . ' '; + } + + $body .= __( 'Updating is easy and only takes a few moments:' ); + $body .= "\n" . network_admin_url( 'update-core.php' ); + break; + + case 'critical': + if ( $newer_version_available ) { + $body .= sprintf( + /* translators: 1: Home URL, 2: WordPress version. */ + __( 'Your site at %1$s experienced a critical failure while trying to update WordPress to version %2$s.' ), + home_url(), + $core_update->current + ); + } else { + $body .= sprintf( + /* translators: 1: Home URL, 2: WordPress latest version. */ + __( 'Your site at %1$s experienced a critical failure while trying to update to the latest version of WordPress, %2$s.' ), + home_url(), + $core_update->current + ); + } + + $body .= "\n\n" . __( "This means your site may be offline or broken. Don't panic; this can be fixed." ); + + $body .= "\n\n" . __( "Please check out your site now. It's possible that everything is working. If it says you need to update, you should do so:" ); + $body .= "\n" . network_admin_url( 'update-core.php' ); + break; + } + + $critical_support = 'critical' === $type && ! empty( $core_update->support_email ); + if ( $critical_support ) { + // Support offer if available. + $body .= "\n\n" . sprintf( + /* translators: %s: Support email address. */ + __( 'The WordPress team is willing to help you. Forward this email to %s and the team will work with you to make sure your site is working.' ), + $core_update->support_email + ); + } else { + // Add a note about the support forums. + $body .= "\n\n" . __( 'If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.' ); + $body .= "\n" . __( 'https://wordpress.org/support/forums/' ); + } + + // Updates are important! + if ( 'success' !== $type || $newer_version_available ) { + $body .= "\n\n" . __( 'Keeping your site updated is important for security. It also makes the internet a safer place for you and your readers.' ); + } + + if ( $critical_support ) { + $body .= ' ' . __( "Reach out to WordPress Core developers to ensure you'll never have this problem again." ); + } + + // If things are successful and we're now on the latest, mention plugins and themes if any are out of date. + if ( 'success' === $type && ! $newer_version_available && ( get_plugin_updates() || get_theme_updates() ) ) { + $body .= "\n\n" . __( 'You also have some plugins or themes with updates available. Update them now:' ); + $body .= "\n" . network_admin_url(); + } + + $body .= "\n\n" . __( 'The WordPress Team' ) . "\n"; + + if ( 'critical' === $type && is_wp_error( $result ) ) { + $body .= "\n***\n\n"; + /* translators: %s: WordPress version. */ + $body .= sprintf( __( 'Your site was running version %s.' ), get_bloginfo( 'version' ) ); + $body .= ' ' . __( 'Some data that describes the error your site encountered has been put together.' ); + $body .= ' ' . __( 'Your hosting company, support forum volunteers, or a friendly developer may be able to use this information to help you:' ); + + /* + * If we had a rollback and we're still critical, then the rollback failed too. + * Loop through all errors (the main WP_Error, the update result, the rollback result) for code, data, etc. + */ + if ( 'rollback_was_required' === $result->get_error_code() ) { + $errors = array( $result, $result->get_error_data()->update, $result->get_error_data()->rollback ); + } else { + $errors = array( $result ); + } + + foreach ( $errors as $error ) { + if ( ! is_wp_error( $error ) ) { + continue; + } + + $error_code = $error->get_error_code(); + /* translators: %s: Error code. */ + $body .= "\n\n" . sprintf( __( 'Error code: %s' ), $error_code ); + + if ( 'rollback_was_required' === $error_code ) { + continue; + } + + if ( $error->get_error_message() ) { + $body .= "\n" . $error->get_error_message(); + } + + $error_data = $error->get_error_data(); + if ( $error_data ) { + $body .= "\n" . implode( ', ', (array) $error_data ); + } + } + + $body .= "\n"; + } + + $to = get_site_option( 'admin_email' ); + $headers = ''; + + $email = compact( 'to', 'subject', 'body', 'headers' ); + + /** + * Filters the email sent following an automatic background core update. + * + * @since 3.7.0 + * + * @param array $email { + * Array of email arguments that will be passed to wp_mail(). + * + * @type string $to The email recipient. An array of emails + * can be returned, as handled by wp_mail(). + * @type string $subject The email's subject. + * @type string $body The email message body. + * @type string $headers Any email headers, defaults to no headers. + * } + * @param string $type The type of email being sent. Can be one of + * 'success', 'fail', 'manual', 'critical'. + * @param object $core_update The update offer that was attempted. + * @param mixed $result The result for the core update. Can be WP_Error. + */ + $email = apply_filters( 'auto_core_update_email', $email, $type, $core_update, $result ); + + wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] ); + } + + + /** + * Checks whether an email should be sent after attempting plugin or theme updates. + * + * @since 5.5.0 + * + * @param array $update_results The results of update tasks. + */ + protected function after_plugin_theme_update( $update_results ) { + $successful_updates = array(); + $failed_updates = array(); + + if ( ! empty( $update_results['plugin'] ) ) { + /** + * Filters whether to send an email following an automatic background plugin update. + * + * @since 5.5.0 + * @since 5.5.1 Added the `$update_results` parameter. + * + * @param bool $enabled True if plugin update notifications are enabled, false otherwise. + * @param array $update_results The results of plugins update tasks. + */ + $notifications_enabled = apply_filters( 'auto_plugin_update_send_email', true, $update_results['plugin'] ); + + if ( $notifications_enabled ) { + foreach ( $update_results['plugin'] as $update_result ) { + if ( true === $update_result->result ) { + $successful_updates['plugin'][] = $update_result; + } else { + $failed_updates['plugin'][] = $update_result; + } + } + } + } + + if ( ! empty( $update_results['theme'] ) ) { + /** + * Filters whether to send an email following an automatic background theme update. + * + * @since 5.5.0 + * @since 5.5.1 Added the `$update_results` parameter. + * + * @param bool $enabled True if theme update notifications are enabled, false otherwise. + * @param array $update_results The results of theme update tasks. + */ + $notifications_enabled = apply_filters( 'auto_theme_update_send_email', true, $update_results['theme'] ); + + if ( $notifications_enabled ) { + foreach ( $update_results['theme'] as $update_result ) { + if ( true === $update_result->result ) { + $successful_updates['theme'][] = $update_result; + } else { + $failed_updates['theme'][] = $update_result; + } + } + } + } + + if ( empty( $successful_updates ) && empty( $failed_updates ) ) { + return; + } + + if ( empty( $failed_updates ) ) { + $this->send_plugin_theme_email( 'success', $successful_updates, $failed_updates ); + } elseif ( empty( $successful_updates ) ) { + $this->send_plugin_theme_email( 'fail', $successful_updates, $failed_updates ); + } else { + $this->send_plugin_theme_email( 'mixed', $successful_updates, $failed_updates ); + } + } + + /** + * Sends an email upon the completion or failure of a plugin or theme background update. + * + * @since 5.5.0 + * + * @param string $type The type of email to send. Can be one of 'success', 'fail', 'mixed'. + * @param array $successful_updates A list of updates that succeeded. + * @param array $failed_updates A list of updates that failed. + */ + protected function send_plugin_theme_email( $type, $successful_updates, $failed_updates ) { + // No updates were attempted. + if ( empty( $successful_updates ) && empty( $failed_updates ) ) { + return; + } + + $unique_failures = false; + $past_failure_emails = get_option( 'auto_plugin_theme_update_emails', array() ); + + /* + * When only failures have occurred, an email should only be sent if there are unique failures. + * A failure is considered unique if an email has not been sent for an update attempt failure + * to a plugin or theme with the same new_version. + */ + if ( 'fail' === $type ) { + foreach ( $failed_updates as $update_type => $failures ) { + foreach ( $failures as $failed_update ) { + if ( ! isset( $past_failure_emails[ $failed_update->item->{$update_type} ] ) ) { + $unique_failures = true; + continue; + } + + // Check that the failure represents a new failure based on the new_version. + if ( version_compare( $past_failure_emails[ $failed_update->item->{$update_type} ], $failed_update->item->new_version, '<' ) ) { + $unique_failures = true; + } + } + } + + if ( ! $unique_failures ) { + return; + } + } + + $body = array(); + $successful_plugins = ( ! empty( $successful_updates['plugin'] ) ); + $successful_themes = ( ! empty( $successful_updates['theme'] ) ); + $failed_plugins = ( ! empty( $failed_updates['plugin'] ) ); + $failed_themes = ( ! empty( $failed_updates['theme'] ) ); + + switch ( $type ) { + case 'success': + if ( $successful_plugins && $successful_themes ) { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some plugins and themes have automatically updated' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Some plugins and themes have automatically updated to their latest versions on your site at %s. No further action is needed on your part.' ), + home_url() + ); + } elseif ( $successful_plugins ) { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some plugins were automatically updated' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Some plugins have automatically updated to their latest versions on your site at %s. No further action is needed on your part.' ), + home_url() + ); + } else { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some themes were automatically updated' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Some themes have automatically updated to their latest versions on your site at %s. No further action is needed on your part.' ), + home_url() + ); + } + + break; + case 'fail': + case 'mixed': + if ( $failed_plugins && $failed_themes ) { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some plugins and themes have failed to update' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Plugins and themes failed to update on your site at %s.' ), + home_url() + ); + } elseif ( $failed_plugins ) { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some plugins have failed to update' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Plugins failed to update on your site at %s.' ), + home_url() + ); + } else { + /* translators: %s: Site title. */ + $subject = __( '[%s] Some themes have failed to update' ); + $body[] = sprintf( + /* translators: %s: Home URL. */ + __( 'Howdy! Themes failed to update on your site at %s.' ), + home_url() + ); + } + + break; + } + + if ( in_array( $type, array( 'fail', 'mixed' ), true ) ) { + $body[] = "\n"; + $body[] = __( 'Please check your site now. It’s possible that everything is working. If there are updates available, you should update.' ); + $body[] = "\n"; + + // List failed plugin updates. + if ( ! empty( $failed_updates['plugin'] ) ) { + $body[] = __( 'These plugins failed to update:' ); + + foreach ( $failed_updates['plugin'] as $item ) { + $body_message = ''; + $item_url = ''; + + if ( ! empty( $item->item->url ) ) { + $item_url = ' : ' . esc_url( $item->item->url ); + } + + if ( $item->item->current_version ) { + $body_message .= sprintf( + /* translators: 1: Plugin name, 2: Current version number, 3: New version number, 4: Plugin URL. */ + __( '- %1$s (from version %2$s to %3$s)%4$s' ), + html_entity_decode( $item->name ), + $item->item->current_version, + $item->item->new_version, + $item_url + ); + } else { + $body_message .= sprintf( + /* translators: 1: Plugin name, 2: Version number, 3: Plugin URL. */ + __( '- %1$s version %2$s%3$s' ), + html_entity_decode( $item->name ), + $item->item->new_version, + $item_url + ); + } + + $body[] = $body_message; + + $past_failure_emails[ $item->item->plugin ] = $item->item->new_version; + } + + $body[] = "\n"; + } + + // List failed theme updates. + if ( ! empty( $failed_updates['theme'] ) ) { + $body[] = __( 'These themes failed to update:' ); + + foreach ( $failed_updates['theme'] as $item ) { + if ( $item->item->current_version ) { + $body[] = sprintf( + /* translators: 1: Theme name, 2: Current version number, 3: New version number. */ + __( '- %1$s (from version %2$s to %3$s)' ), + html_entity_decode( $item->name ), + $item->item->current_version, + $item->item->new_version + ); + } else { + $body[] = sprintf( + /* translators: 1: Theme name, 2: Version number. */ + __( '- %1$s version %2$s' ), + html_entity_decode( $item->name ), + $item->item->new_version + ); + } + + $past_failure_emails[ $item->item->theme ] = $item->item->new_version; + } + + $body[] = "\n"; + } + } + + // List successful updates. + if ( in_array( $type, array( 'success', 'mixed' ), true ) ) { + $body[] = "\n"; + + // List successful plugin updates. + if ( ! empty( $successful_updates['plugin'] ) ) { + $body[] = __( 'These plugins are now up to date:' ); + + foreach ( $successful_updates['plugin'] as $item ) { + $body_message = ''; + $item_url = ''; + + if ( ! empty( $item->item->url ) ) { + $item_url = ' : ' . esc_url( $item->item->url ); + } + + if ( $item->item->current_version ) { + $body_message .= sprintf( + /* translators: 1: Plugin name, 2: Current version number, 3: New version number, 4: Plugin URL. */ + __( '- %1$s (from version %2$s to %3$s)%4$s' ), + html_entity_decode( $item->name ), + $item->item->current_version, + $item->item->new_version, + $item_url + ); + } else { + $body_message .= sprintf( + /* translators: 1: Plugin name, 2: Version number, 3: Plugin URL. */ + __( '- %1$s version %2$s%3$s' ), + html_entity_decode( $item->name ), + $item->item->new_version, + $item_url + ); + } + $body[] = $body_message; + + unset( $past_failure_emails[ $item->item->plugin ] ); + } + + $body[] = "\n"; + } + + // List successful theme updates. + if ( ! empty( $successful_updates['theme'] ) ) { + $body[] = __( 'These themes are now up to date:' ); + + foreach ( $successful_updates['theme'] as $item ) { + if ( $item->item->current_version ) { + $body[] = sprintf( + /* translators: 1: Theme name, 2: Current version number, 3: New version number. */ + __( '- %1$s (from version %2$s to %3$s)' ), + html_entity_decode( $item->name ), + $item->item->current_version, + $item->item->new_version + ); + } else { + $body[] = sprintf( + /* translators: 1: Theme name, 2: Version number. */ + __( '- %1$s version %2$s' ), + html_entity_decode( $item->name ), + $item->item->new_version + ); + } + + unset( $past_failure_emails[ $item->item->theme ] ); + } + + $body[] = "\n"; + } + } + + if ( $failed_plugins ) { + $body[] = sprintf( + /* translators: %s: Plugins screen URL. */ + __( 'To manage plugins on your site, visit the Plugins page: %s' ), + admin_url( 'plugins.php' ) + ); + $body[] = "\n"; + } + + if ( $failed_themes ) { + $body[] = sprintf( + /* translators: %s: Themes screen URL. */ + __( 'To manage themes on your site, visit the Themes page: %s' ), + admin_url( 'themes.php' ) + ); + $body[] = "\n"; + } + + // Add a note about the support forums. + $body[] = __( 'If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.' ); + $body[] = __( 'https://wordpress.org/support/forums/' ); + $body[] = "\n" . __( 'The WordPress Team' ); + + if ( '' !== get_option( 'blogname' ) ) { + $site_title = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); + } else { + $site_title = parse_url( home_url(), PHP_URL_HOST ); + } + + $body = implode( "\n", $body ); + $to = get_site_option( 'admin_email' ); + $subject = sprintf( $subject, $site_title ); + $headers = ''; + + $email = compact( 'to', 'subject', 'body', 'headers' ); + + /** + * Filters the email sent following an automatic background update for plugins and themes. + * + * @since 5.5.0 + * + * @param array $email { + * Array of email arguments that will be passed to wp_mail(). + * + * @type string $to The email recipient. An array of emails + * can be returned, as handled by wp_mail(). + * @type string $subject The email's subject. + * @type string $body The email message body. + * @type string $headers Any email headers, defaults to no headers. + * } + * @param string $type The type of email being sent. Can be one of 'success', 'fail', 'mixed'. + * @param array $successful_updates A list of updates that succeeded. + * @param array $failed_updates A list of updates that failed. + */ + $email = apply_filters( 'auto_plugin_theme_update_email', $email, $type, $successful_updates, $failed_updates ); + + $result = wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] ); + + if ( $result ) { + update_option( 'auto_plugin_theme_update_emails', $past_failure_emails ); + } + } + + /** + * Prepares and sends an email of a full log of background update results, useful for debugging and geekery. + * + * @since 3.7.0 + */ + protected function send_debug_email() { + $update_count = 0; + foreach ( $this->update_results as $type => $updates ) { + $update_count += count( $updates ); + } + + $body = array(); + $failures = 0; + + /* translators: %s: Network home URL. */ + $body[] = sprintf( __( 'WordPress site: %s' ), network_home_url( '/' ) ); + + // Core. + if ( isset( $this->update_results['core'] ) ) { + $result = $this->update_results['core'][0]; + + if ( $result->result && ! is_wp_error( $result->result ) ) { + /* translators: %s: WordPress version. */ + $body[] = sprintf( __( 'SUCCESS: WordPress was successfully updated to %s' ), $result->name ); + } else { + /* translators: %s: WordPress version. */ + $body[] = sprintf( __( 'FAILED: WordPress failed to update to %s' ), $result->name ); + ++$failures; + } + + $body[] = ''; + } + + // Plugins, Themes, Translations. + foreach ( array( 'plugin', 'theme', 'translation' ) as $type ) { + if ( ! isset( $this->update_results[ $type ] ) ) { + continue; + } + + $success_items = wp_list_filter( $this->update_results[ $type ], array( 'result' => true ) ); + + if ( $success_items ) { + $messages = array( + 'plugin' => __( 'The following plugins were successfully updated:' ), + 'theme' => __( 'The following themes were successfully updated:' ), + 'translation' => __( 'The following translations were successfully updated:' ), + ); + + $body[] = $messages[ $type ]; + foreach ( wp_list_pluck( $success_items, 'name' ) as $name ) { + /* translators: %s: Name of plugin / theme / translation. */ + $body[] = ' * ' . sprintf( __( 'SUCCESS: %s' ), $name ); + } + } + + if ( $success_items !== $this->update_results[ $type ] ) { + // Failed updates. + $messages = array( + 'plugin' => __( 'The following plugins failed to update:' ), + 'theme' => __( 'The following themes failed to update:' ), + 'translation' => __( 'The following translations failed to update:' ), + ); + + $body[] = $messages[ $type ]; + + foreach ( $this->update_results[ $type ] as $item ) { + if ( ! $item->result || is_wp_error( $item->result ) ) { + /* translators: %s: Name of plugin / theme / translation. */ + $body[] = ' * ' . sprintf( __( 'FAILED: %s' ), $item->name ); + ++$failures; + } + } + } + + $body[] = ''; + } + + if ( '' !== get_bloginfo( 'name' ) ) { + $site_title = wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ); + } else { + $site_title = parse_url( home_url(), PHP_URL_HOST ); + } + + if ( $failures ) { + $body[] = trim( + __( + "BETA TESTING? +============= + +This debugging email is sent when you are using a development version of WordPress. + +If you think these failures might be due to a bug in WordPress, could you report it? + * Open a thread in the support forums: https://wordpress.org/support/forum/alphabeta + * Or, if you're comfortable writing a bug report: https://core.trac.wordpress.org/ + +Thanks! -- The WordPress Team" + ) + ); + $body[] = ''; + + /* translators: Background update failed notification email subject. %s: Site title. */ + $subject = sprintf( __( '[%s] Background Update Failed' ), $site_title ); + } else { + /* translators: Background update finished notification email subject. %s: Site title. */ + $subject = sprintf( __( '[%s] Background Update Finished' ), $site_title ); + } + + $body[] = trim( + __( + 'UPDATE LOG +==========' + ) + ); + $body[] = ''; + + foreach ( array( 'core', 'plugin', 'theme', 'translation' ) as $type ) { + if ( ! isset( $this->update_results[ $type ] ) ) { + continue; + } + + foreach ( $this->update_results[ $type ] as $update ) { + $body[] = $update->name; + $body[] = str_repeat( '-', strlen( $update->name ) ); + + foreach ( $update->messages as $message ) { + $body[] = ' ' . html_entity_decode( str_replace( '…', '...', $message ) ); + } + + if ( is_wp_error( $update->result ) ) { + $results = array( 'update' => $update->result ); + + // If we rolled back, we want to know an error that occurred then too. + if ( 'rollback_was_required' === $update->result->get_error_code() ) { + $results = (array) $update->result->get_error_data(); + } + + foreach ( $results as $result_type => $result ) { + if ( ! is_wp_error( $result ) ) { + continue; + } + + if ( 'rollback' === $result_type ) { + /* translators: 1: Error code, 2: Error message. */ + $body[] = ' ' . sprintf( __( 'Rollback Error: [%1$s] %2$s' ), $result->get_error_code(), $result->get_error_message() ); + } else { + /* translators: 1: Error code, 2: Error message. */ + $body[] = ' ' . sprintf( __( 'Error: [%1$s] %2$s' ), $result->get_error_code(), $result->get_error_message() ); + } + + if ( $result->get_error_data() ) { + $body[] = ' ' . implode( ', ', (array) $result->get_error_data() ); + } + } + } + + $body[] = ''; + } + } + + $email = array( + 'to' => get_site_option( 'admin_email' ), + 'subject' => $subject, + 'body' => implode( "\n", $body ), + 'headers' => '', + ); + + /** + * Filters the debug email that can be sent following an automatic + * background core update. + * + * @since 3.8.0 + * + * @param array $email { + * Array of email arguments that will be passed to wp_mail(). + * + * @type string $to The email recipient. An array of emails + * can be returned, as handled by wp_mail(). + * @type string $subject Email subject. + * @type string $body Email message body. + * @type string $headers Any email headers. Default empty. + * } + * @param int $failures The number of failures encountered while upgrading. + * @param mixed $results The results of all attempted updates. + */ + $email = apply_filters( 'automatic_updates_debug_email', $email, $failures, $this->update_results ); + + wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] ); + } +} diff --git a/wp-admin/includes/class-wp-comments-list-table.php b/wp-admin/includes/class-wp-comments-list-table.php new file mode 100644 index 0000000..1433818 --- /dev/null +++ b/wp-admin/includes/class-wp-comments-list-table.php @@ -0,0 +1,1120 @@ +<?php +/** + * List Table API: WP_Comments_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying comments in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Comments_List_Table extends WP_List_Table { + + public $checkbox = true; + + public $pending_count = array(); + + public $extra_items; + + private $user_can; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @global int $post_id + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + global $post_id; + + $post_id = isset( $_REQUEST['p'] ) ? absint( $_REQUEST['p'] ) : 0; + + if ( get_option( 'show_avatars' ) ) { + add_filter( 'comment_author', array( $this, 'floated_admin_avatar' ), 10, 2 ); + } + + parent::__construct( + array( + 'plural' => 'comments', + 'singular' => 'comment', + 'ajax' => true, + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + } + + /** + * Adds avatars to comment author names. + * + * @since 3.1.0 + * + * @param string $name Comment author name. + * @param int $comment_id Comment ID. + * @return string Avatar with the user name. + */ + public function floated_admin_avatar( $name, $comment_id ) { + $comment = get_comment( $comment_id ); + $avatar = get_avatar( $comment, 32, 'mystery' ); + return "$avatar $name"; + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'edit_posts' ); + } + + /** + * @global string $mode List table view mode. + * @global int $post_id + * @global string $comment_status + * @global string $comment_type + * @global string $search + */ + public function prepare_items() { + global $mode, $post_id, $comment_status, $comment_type, $search; + + if ( ! empty( $_REQUEST['mode'] ) ) { + $mode = 'excerpt' === $_REQUEST['mode'] ? 'excerpt' : 'list'; + set_user_setting( 'posts_list_mode', $mode ); + } else { + $mode = get_user_setting( 'posts_list_mode', 'list' ); + } + + $comment_status = isset( $_REQUEST['comment_status'] ) ? $_REQUEST['comment_status'] : 'all'; + + if ( ! in_array( $comment_status, array( 'all', 'mine', 'moderated', 'approved', 'spam', 'trash' ), true ) ) { + $comment_status = 'all'; + } + + $comment_type = ! empty( $_REQUEST['comment_type'] ) ? $_REQUEST['comment_type'] : ''; + + $search = ( isset( $_REQUEST['s'] ) ) ? $_REQUEST['s'] : ''; + + $post_type = ( isset( $_REQUEST['post_type'] ) ) ? sanitize_key( $_REQUEST['post_type'] ) : ''; + + $user_id = ( isset( $_REQUEST['user_id'] ) ) ? $_REQUEST['user_id'] : ''; + + $orderby = ( isset( $_REQUEST['orderby'] ) ) ? $_REQUEST['orderby'] : ''; + $order = ( isset( $_REQUEST['order'] ) ) ? $_REQUEST['order'] : ''; + + $comments_per_page = $this->get_per_page( $comment_status ); + + $doing_ajax = wp_doing_ajax(); + + if ( isset( $_REQUEST['number'] ) ) { + $number = (int) $_REQUEST['number']; + } else { + $number = $comments_per_page + min( 8, $comments_per_page ); // Grab a few extra. + } + + $page = $this->get_pagenum(); + + if ( isset( $_REQUEST['start'] ) ) { + $start = $_REQUEST['start']; + } else { + $start = ( $page - 1 ) * $comments_per_page; + } + + if ( $doing_ajax && isset( $_REQUEST['offset'] ) ) { + $start += $_REQUEST['offset']; + } + + $status_map = array( + 'mine' => '', + 'moderated' => 'hold', + 'approved' => 'approve', + 'all' => '', + ); + + $args = array( + 'status' => isset( $status_map[ $comment_status ] ) ? $status_map[ $comment_status ] : $comment_status, + 'search' => $search, + 'user_id' => $user_id, + 'offset' => $start, + 'number' => $number, + 'post_id' => $post_id, + 'type' => $comment_type, + 'orderby' => $orderby, + 'order' => $order, + 'post_type' => $post_type, + 'update_comment_post_cache' => true, + ); + + /** + * Filters the arguments for the comment query in the comments list table. + * + * @since 5.1.0 + * + * @param array $args An array of get_comments() arguments. + */ + $args = apply_filters( 'comments_list_table_query_args', $args ); + + $_comments = get_comments( $args ); + + if ( is_array( $_comments ) ) { + $this->items = array_slice( $_comments, 0, $comments_per_page ); + $this->extra_items = array_slice( $_comments, $comments_per_page ); + + $_comment_post_ids = array_unique( wp_list_pluck( $_comments, 'comment_post_ID' ) ); + + $this->pending_count = get_pending_comments_num( $_comment_post_ids ); + } + + $total_comments = get_comments( + array_merge( + $args, + array( + 'count' => true, + 'offset' => 0, + 'number' => 0, + 'orderby' => 'none', + ) + ) + ); + + $this->set_pagination_args( + array( + 'total_items' => $total_comments, + 'per_page' => $comments_per_page, + ) + ); + } + + /** + * @param string $comment_status + * @return int + */ + public function get_per_page( $comment_status = 'all' ) { + $comments_per_page = $this->get_items_per_page( 'edit_comments_per_page' ); + + /** + * Filters the number of comments listed per page in the comments list table. + * + * @since 2.6.0 + * + * @param int $comments_per_page The number of comments to list per page. + * @param string $comment_status The comment status name. Default 'All'. + */ + return apply_filters( 'comments_per_page', $comments_per_page, $comment_status ); + } + + /** + * @global string $comment_status + */ + public function no_items() { + global $comment_status; + + if ( 'moderated' === $comment_status ) { + _e( 'No comments awaiting moderation.' ); + } elseif ( 'trash' === $comment_status ) { + _e( 'No comments found in Trash.' ); + } else { + _e( 'No comments found.' ); + } + } + + /** + * @global int $post_id + * @global string $comment_status + * @global string $comment_type + */ + protected function get_views() { + global $post_id, $comment_status, $comment_type; + + $status_links = array(); + $num_comments = ( $post_id ) ? wp_count_comments( $post_id ) : wp_count_comments(); + + $stati = array( + /* translators: %s: Number of comments. */ + 'all' => _nx_noop( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + 'comments' + ), // Singular not used. + + /* translators: %s: Number of comments. */ + 'mine' => _nx_noop( + 'Mine <span class="count">(%s)</span>', + 'Mine <span class="count">(%s)</span>', + 'comments' + ), + + /* translators: %s: Number of comments. */ + 'moderated' => _nx_noop( + 'Pending <span class="count">(%s)</span>', + 'Pending <span class="count">(%s)</span>', + 'comments' + ), + + /* translators: %s: Number of comments. */ + 'approved' => _nx_noop( + 'Approved <span class="count">(%s)</span>', + 'Approved <span class="count">(%s)</span>', + 'comments' + ), + + /* translators: %s: Number of comments. */ + 'spam' => _nx_noop( + 'Spam <span class="count">(%s)</span>', + 'Spam <span class="count">(%s)</span>', + 'comments' + ), + + /* translators: %s: Number of comments. */ + 'trash' => _nx_noop( + 'Trash <span class="count">(%s)</span>', + 'Trash <span class="count">(%s)</span>', + 'comments' + ), + ); + + if ( ! EMPTY_TRASH_DAYS ) { + unset( $stati['trash'] ); + } + + $link = admin_url( 'edit-comments.php' ); + + if ( ! empty( $comment_type ) && 'all' !== $comment_type ) { + $link = add_query_arg( 'comment_type', $comment_type, $link ); + } + + foreach ( $stati as $status => $label ) { + if ( 'mine' === $status ) { + $current_user_id = get_current_user_id(); + $num_comments->mine = get_comments( + array( + 'post_id' => $post_id ? $post_id : 0, + 'user_id' => $current_user_id, + 'count' => true, + 'orderby' => 'none', + ) + ); + $link = add_query_arg( 'user_id', $current_user_id, $link ); + } else { + $link = remove_query_arg( 'user_id', $link ); + } + + if ( ! isset( $num_comments->$status ) ) { + $num_comments->$status = 10; + } + + $link = add_query_arg( 'comment_status', $status, $link ); + + if ( $post_id ) { + $link = add_query_arg( 'p', absint( $post_id ), $link ); + } + + /* + // I toyed with this, but decided against it. Leaving it in here in case anyone thinks it is a good idea. ~ Mark + if ( !empty( $_REQUEST['s'] ) ) + $link = add_query_arg( 's', esc_attr( wp_unslash( $_REQUEST['s'] ) ), $link ); + */ + + $status_links[ $status ] = array( + 'url' => esc_url( $link ), + 'label' => sprintf( + translate_nooped_plural( $label, $num_comments->$status ), + sprintf( + '<span class="%s-count">%s</span>', + ( 'moderated' === $status ) ? 'pending' : $status, + number_format_i18n( $num_comments->$status ) + ) + ), + 'current' => $status === $comment_status, + ); + } + + /** + * Filters the comment status links. + * + * @since 2.5.0 + * @since 5.1.0 The 'Mine' link was added. + * + * @param string[] $status_links An associative array of fully-formed comment status links. Includes 'All', 'Mine', + * 'Pending', 'Approved', 'Spam', and 'Trash'. + */ + return apply_filters( 'comment_status_links', $this->get_views_links( $status_links ) ); + } + + /** + * @global string $comment_status + * + * @return array + */ + protected function get_bulk_actions() { + global $comment_status; + + $actions = array(); + + if ( in_array( $comment_status, array( 'all', 'approved' ), true ) ) { + $actions['unapprove'] = __( 'Unapprove' ); + } + + if ( in_array( $comment_status, array( 'all', 'moderated' ), true ) ) { + $actions['approve'] = __( 'Approve' ); + } + + if ( in_array( $comment_status, array( 'all', 'moderated', 'approved', 'trash' ), true ) ) { + $actions['spam'] = _x( 'Mark as spam', 'comment' ); + } + + if ( 'trash' === $comment_status ) { + $actions['untrash'] = __( 'Restore' ); + } elseif ( 'spam' === $comment_status ) { + $actions['unspam'] = _x( 'Not spam', 'comment' ); + } + + if ( in_array( $comment_status, array( 'trash', 'spam' ), true ) || ! EMPTY_TRASH_DAYS ) { + $actions['delete'] = __( 'Delete permanently' ); + } else { + $actions['trash'] = __( 'Move to Trash' ); + } + + return $actions; + } + + /** + * @global string $comment_status + * @global string $comment_type + * + * @param string $which + */ + protected function extra_tablenav( $which ) { + global $comment_status, $comment_type; + static $has_items; + + if ( ! isset( $has_items ) ) { + $has_items = $this->has_items(); + } + + echo '<div class="alignleft actions">'; + + if ( 'top' === $which ) { + ob_start(); + + $this->comment_type_dropdown( $comment_type ); + + /** + * Fires just before the Filter submit button for comment types. + * + * @since 3.5.0 + */ + do_action( 'restrict_manage_comments' ); + + $output = ob_get_clean(); + + if ( ! empty( $output ) && $this->has_items() ) { + echo $output; + submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) ); + } + } + + if ( ( 'spam' === $comment_status || 'trash' === $comment_status ) && $has_items + && current_user_can( 'moderate_comments' ) + ) { + wp_nonce_field( 'bulk-destroy', '_destroy_nonce' ); + $title = ( 'spam' === $comment_status ) ? esc_attr__( 'Empty Spam' ) : esc_attr__( 'Empty Trash' ); + submit_button( $title, 'apply', 'delete_all', false ); + } + + /** + * Fires after the Filter submit button for comment types. + * + * @since 2.5.0 + * @since 5.6.0 The `$which` parameter was added. + * + * @param string $comment_status The comment status name. Default 'All'. + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'manage_comments_nav', $comment_status, $which ); + + echo '</div>'; + } + + /** + * @return string|false + */ + public function current_action() { + if ( isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) { + return 'delete_all'; + } + + return parent::current_action(); + } + + /** + * @global int $post_id + * + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + global $post_id; + + $columns = array(); + + if ( $this->checkbox ) { + $columns['cb'] = '<input type="checkbox" />'; + } + + $columns['author'] = __( 'Author' ); + $columns['comment'] = _x( 'Comment', 'column name' ); + + if ( ! $post_id ) { + /* translators: Column name or table row header. */ + $columns['response'] = __( 'In response to' ); + } + + $columns['date'] = _x( 'Submitted on', 'column name' ); + + return $columns; + } + + /** + * Displays a comment type drop-down for filtering on the Comments list table. + * + * @since 5.5.0 + * @since 5.6.0 Renamed from `comment_status_dropdown()` to `comment_type_dropdown()`. + * + * @param string $comment_type The current comment type slug. + */ + protected function comment_type_dropdown( $comment_type ) { + /** + * Filters the comment types shown in the drop-down menu on the Comments list table. + * + * @since 2.7.0 + * + * @param string[] $comment_types Array of comment type labels keyed by their name. + */ + $comment_types = apply_filters( + 'admin_comment_types_dropdown', + array( + 'comment' => __( 'Comments' ), + 'pings' => __( 'Pings' ), + ) + ); + + if ( $comment_types && is_array( $comment_types ) ) { + printf( + '<label class="screen-reader-text" for="filter-by-comment-type">%s</label>', + /* translators: Hidden accessibility text. */ + __( 'Filter by comment type' ) + ); + + echo '<select id="filter-by-comment-type" name="comment_type">'; + + printf( "\t<option value=''>%s</option>", __( 'All comment types' ) ); + + foreach ( $comment_types as $type => $label ) { + if ( get_comments( + array( + 'count' => true, + 'orderby' => 'none', + 'type' => $type, + ) + ) ) { + printf( + "\t<option value='%s'%s>%s</option>\n", + esc_attr( $type ), + selected( $comment_type, $type, false ), + esc_html( $label ) + ); + } + } + + echo '</select>'; + } + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array( + 'author' => array( 'comment_author', false, __( 'Author' ), __( 'Table ordered by Comment Author.' ) ), + 'response' => array( 'comment_post_ID', false, _x( 'In Response To', 'column name' ), __( 'Table ordered by Post Replied To.' ) ), + 'date' => 'comment_date', + ); + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'comment'. + */ + protected function get_default_primary_column_name() { + return 'comment'; + } + + /** + * Displays the comments table. + * + * Overrides the parent display() method to render extra comments. + * + * @since 3.1.0 + */ + public function display() { + wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' ); + static $has_items; + + if ( ! isset( $has_items ) ) { + $has_items = $this->has_items(); + + if ( $has_items ) { + $this->display_tablenav( 'top' ); + } + } + + $this->screen->render_screen_reader_content( 'heading_list' ); + + ?> +<table class="wp-list-table <?php echo implode( ' ', $this->get_table_classes() ); ?>"> + <?php + if ( ! isset( $_GET['orderby'] ) ) { + // In the initial view, Comments are ordered by comment's date but there's no column for that. + echo '<caption class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Ordered by Comment Date, descending.' ) . + '</caption>'; + } else { + $this->print_table_description(); + } + ?> + <thead> + <tr> + <?php $this->print_column_headers(); ?> + </tr> + </thead> + + <tbody id="the-comment-list" data-wp-lists="list:comment"> + <?php $this->display_rows_or_placeholder(); ?> + </tbody> + + <tbody id="the-extra-comment-list" data-wp-lists="list:comment" style="display: none;"> + <?php + /* + * Back up the items to restore after printing the extra items markup. + * The extra items may be empty, which will prevent the table nav from displaying later. + */ + $items = $this->items; + $this->items = $this->extra_items; + $this->display_rows_or_placeholder(); + $this->items = $items; + ?> + </tbody> + + <tfoot> + <tr> + <?php $this->print_column_headers( false ); ?> + </tr> + </tfoot> + +</table> + <?php + + $this->display_tablenav( 'bottom' ); + } + + /** + * @global WP_Post $post Global post object. + * @global WP_Comment $comment Global comment object. + * + * @param WP_Comment $item + */ + public function single_row( $item ) { + global $post, $comment; + + $comment = $item; + + $the_comment_class = wp_get_comment_status( $comment ); + + if ( ! $the_comment_class ) { + $the_comment_class = ''; + } + + $the_comment_class = implode( ' ', get_comment_class( $the_comment_class, $comment, $comment->comment_post_ID ) ); + + if ( $comment->comment_post_ID > 0 ) { + $post = get_post( $comment->comment_post_ID ); + } + + $this->user_can = current_user_can( 'edit_comment', $comment->comment_ID ); + + $edit_post_cap = $post ? 'edit_post' : 'edit_posts'; + if ( + current_user_can( $edit_post_cap, $comment->comment_post_ID ) || + ( + empty( $post->post_password ) && + current_user_can( 'read_post', $comment->comment_post_ID ) + ) + ) { + // The user has access to the post + } else { + return false; + } + + echo "<tr id='comment-$comment->comment_ID' class='$the_comment_class'>"; + $this->single_row_columns( $comment ); + echo "</tr>\n"; + + unset( $GLOBALS['post'], $GLOBALS['comment'] ); + } + + /** + * Generates and displays row actions links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support. + * + * @global string $comment_status Status for the current listed comments. + * + * @param WP_Comment $item The comment object. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for comments. An empty string + * if the current column is not the primary column, + * or if the current user cannot edit the comment. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + global $comment_status; + + if ( $primary !== $column_name ) { + return ''; + } + + if ( ! $this->user_can ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $comment = $item; + + $the_comment_status = wp_get_comment_status( $comment ); + + $output = ''; + + $del_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "delete-comment_$comment->comment_ID" ) ); + $approve_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "approve-comment_$comment->comment_ID" ) ); + + $url = "comment.php?c=$comment->comment_ID"; + + $approve_url = esc_url( $url . "&action=approvecomment&$approve_nonce" ); + $unapprove_url = esc_url( $url . "&action=unapprovecomment&$approve_nonce" ); + $spam_url = esc_url( $url . "&action=spamcomment&$del_nonce" ); + $unspam_url = esc_url( $url . "&action=unspamcomment&$del_nonce" ); + $trash_url = esc_url( $url . "&action=trashcomment&$del_nonce" ); + $untrash_url = esc_url( $url . "&action=untrashcomment&$del_nonce" ); + $delete_url = esc_url( $url . "&action=deletecomment&$del_nonce" ); + + // Preorder it: Approve | Reply | Quick Edit | Edit | Spam | Trash. + $actions = array( + 'approve' => '', + 'unapprove' => '', + 'reply' => '', + 'quickedit' => '', + 'edit' => '', + 'spam' => '', + 'unspam' => '', + 'trash' => '', + 'untrash' => '', + 'delete' => '', + ); + + // Not looking at all comments. + if ( $comment_status && 'all' !== $comment_status ) { + if ( 'approved' === $the_comment_status ) { + $actions['unapprove'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-u vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $unapprove_url, + "delete:the-comment-list:comment-{$comment->comment_ID}:e7e7d3:action=dim-comment&new=unapproved", + esc_attr__( 'Unapprove this comment' ), + __( 'Unapprove' ) + ); + } elseif ( 'unapproved' === $the_comment_status ) { + $actions['approve'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-a vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $approve_url, + "delete:the-comment-list:comment-{$comment->comment_ID}:e7e7d3:action=dim-comment&new=approved", + esc_attr__( 'Approve this comment' ), + __( 'Approve' ) + ); + } + } else { + $actions['approve'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-a aria-button-if-js" aria-label="%s">%s</a>', + $approve_url, + "dim:the-comment-list:comment-{$comment->comment_ID}:unapproved:e7e7d3:e7e7d3:new=approved", + esc_attr__( 'Approve this comment' ), + __( 'Approve' ) + ); + + $actions['unapprove'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-u aria-button-if-js" aria-label="%s">%s</a>', + $unapprove_url, + "dim:the-comment-list:comment-{$comment->comment_ID}:unapproved:e7e7d3:e7e7d3:new=unapproved", + esc_attr__( 'Unapprove this comment' ), + __( 'Unapprove' ) + ); + } + + if ( 'spam' !== $the_comment_status ) { + $actions['spam'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-s vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $spam_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::spam=1", + esc_attr__( 'Mark this comment as spam' ), + /* translators: "Mark as spam" link. */ + _x( 'Spam', 'verb' ) + ); + } elseif ( 'spam' === $the_comment_status ) { + $actions['unspam'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-z vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $unspam_url, + "delete:the-comment-list:comment-{$comment->comment_ID}:66cc66:unspam=1", + esc_attr__( 'Restore this comment from the spam' ), + _x( 'Not Spam', 'comment' ) + ); + } + + if ( 'trash' === $the_comment_status ) { + $actions['untrash'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-z vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $untrash_url, + "delete:the-comment-list:comment-{$comment->comment_ID}:66cc66:untrash=1", + esc_attr__( 'Restore this comment from the Trash' ), + __( 'Restore' ) + ); + } + + if ( 'spam' === $the_comment_status || 'trash' === $the_comment_status || ! EMPTY_TRASH_DAYS ) { + $actions['delete'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="delete vim-d vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $delete_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::delete=1", + esc_attr__( 'Delete this comment permanently' ), + __( 'Delete Permanently' ) + ); + } else { + $actions['trash'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="delete vim-d vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $trash_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::trash=1", + esc_attr__( 'Move this comment to the Trash' ), + _x( 'Trash', 'verb' ) + ); + } + + if ( 'spam' !== $the_comment_status && 'trash' !== $the_comment_status ) { + $actions['edit'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + "comment.php?action=editcomment&c={$comment->comment_ID}", + esc_attr__( 'Edit this comment' ), + __( 'Edit' ) + ); + + $format = '<button type="button" data-comment-id="%d" data-post-id="%d" data-action="%s" class="%s button-link" aria-expanded="false" aria-label="%s">%s</button>'; + + $actions['quickedit'] = sprintf( + $format, + $comment->comment_ID, + $comment->comment_post_ID, + 'edit', + 'vim-q comment-inline', + esc_attr__( 'Quick edit this comment inline' ), + __( 'Quick Edit' ) + ); + + $actions['reply'] = sprintf( + $format, + $comment->comment_ID, + $comment->comment_post_ID, + 'replyto', + 'vim-r comment-inline', + esc_attr__( 'Reply to this comment' ), + __( 'Reply' ) + ); + } + + /** This filter is documented in wp-admin/includes/dashboard.php */ + $actions = apply_filters( 'comment_row_actions', array_filter( $actions ), $comment ); + + $always_visible = false; + + $mode = get_user_setting( 'posts_list_mode', 'list' ); + + if ( 'excerpt' === $mode ) { + $always_visible = true; + } + + $output .= '<div class="' . ( $always_visible ? 'row-actions visible' : 'row-actions' ) . '">'; + + $i = 0; + + foreach ( $actions as $action => $link ) { + ++$i; + + if ( ( ( 'approve' === $action || 'unapprove' === $action ) && 2 === $i ) + || 1 === $i + ) { + $separator = ''; + } else { + $separator = ' | '; + } + + // Reply and quickedit need a hide-if-no-js span when not added with Ajax. + if ( ( 'reply' === $action || 'quickedit' === $action ) && ! wp_doing_ajax() ) { + $action .= ' hide-if-no-js'; + } elseif ( ( 'untrash' === $action && 'trash' === $the_comment_status ) + || ( 'unspam' === $action && 'spam' === $the_comment_status ) + ) { + if ( '1' === get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ) ) { + $action .= ' approve'; + } else { + $action .= ' unapprove'; + } + } + + $output .= "<span class='$action'>{$separator}{$link}</span>"; + } + + $output .= '</div>'; + + $output .= '<button type="button" class="toggle-row"><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Show more details' ) . + '</span></button>'; + + return $output; + } + + /** + * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Comment $item The comment object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $comment = $item; + + if ( $this->user_can ) { + ?> + <input id="cb-select-<?php echo $comment->comment_ID; ?>" type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /> + <label for="cb-select-<?php echo $comment->comment_ID; ?>"> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Select comment' ); + ?> + </span> + </label> + <?php + } + } + + /** + * @param WP_Comment $comment The comment object. + */ + public function column_comment( $comment ) { + echo '<div class="comment-author">'; + $this->column_author( $comment ); + echo '</div>'; + + if ( $comment->comment_parent ) { + $parent = get_comment( $comment->comment_parent ); + + if ( $parent ) { + $parent_link = esc_url( get_comment_link( $parent ) ); + $name = get_comment_author( $parent ); + printf( + /* translators: %s: Comment link. */ + __( 'In reply to %s.' ), + '<a href="' . $parent_link . '">' . $name . '</a>' + ); + } + } + + comment_text( $comment ); + + if ( $this->user_can ) { + /** This filter is documented in wp-admin/includes/comment.php */ + $comment_content = apply_filters( 'comment_edit_pre', $comment->comment_content ); + ?> + <div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden"> + <textarea class="comment" rows="1" cols="1"><?php echo esc_textarea( $comment_content ); ?></textarea> + <div class="author-email"><?php echo esc_html( $comment->comment_author_email ); ?></div> + <div class="author"><?php echo esc_html( $comment->comment_author ); ?></div> + <div class="author-url"><?php echo esc_url( $comment->comment_author_url ); ?></div> + <div class="comment_status"><?php echo $comment->comment_approved; ?></div> + </div> + <?php + } + } + + /** + * @global string $comment_status + * + * @param WP_Comment $comment The comment object. + */ + public function column_author( $comment ) { + global $comment_status; + + $author_url = get_comment_author_url( $comment ); + + $author_url_display = untrailingslashit( preg_replace( '|^http(s)?://(www\.)?|i', '', $author_url ) ); + + if ( strlen( $author_url_display ) > 50 ) { + $author_url_display = wp_html_excerpt( $author_url_display, 49, '…' ); + } + + echo '<strong>'; + comment_author( $comment ); + echo '</strong><br />'; + + if ( ! empty( $author_url_display ) ) { + // Print link to author URL, and disallow referrer information (without using target="_blank"). + printf( + '<a href="%s" rel="noopener noreferrer">%s</a><br />', + esc_url( $author_url ), + esc_html( $author_url_display ) + ); + } + + if ( $this->user_can ) { + if ( ! empty( $comment->comment_author_email ) ) { + /** This filter is documented in wp-includes/comment-template.php */ + $email = apply_filters( 'comment_email', $comment->comment_author_email, $comment ); + + if ( ! empty( $email ) && '@' !== $email ) { + printf( '<a href="%1$s">%2$s</a><br />', esc_url( 'mailto:' . $email ), esc_html( $email ) ); + } + } + + $author_ip = get_comment_author_IP( $comment ); + + if ( $author_ip ) { + $author_ip_url = add_query_arg( + array( + 's' => $author_ip, + 'mode' => 'detail', + ), + admin_url( 'edit-comments.php' ) + ); + + if ( 'spam' === $comment_status ) { + $author_ip_url = add_query_arg( 'comment_status', 'spam', $author_ip_url ); + } + + printf( '<a href="%1$s">%2$s</a>', esc_url( $author_ip_url ), esc_html( $author_ip ) ); + } + } + } + + /** + * @param WP_Comment $comment The comment object. + */ + public function column_date( $comment ) { + $submitted = sprintf( + /* translators: 1: Comment date, 2: Comment time. */ + __( '%1$s at %2$s' ), + /* translators: Comment date format. See https://www.php.net/manual/datetime.format.php */ + get_comment_date( __( 'Y/m/d' ), $comment ), + /* translators: Comment time format. See https://www.php.net/manual/datetime.format.php */ + get_comment_date( __( 'g:i a' ), $comment ) + ); + + echo '<div class="submitted-on">'; + + if ( 'approved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_post_ID ) ) { + printf( + '<a href="%s">%s</a>', + esc_url( get_comment_link( $comment ) ), + $submitted + ); + } else { + echo $submitted; + } + + echo '</div>'; + } + + /** + * @param WP_Comment $comment The comment object. + */ + public function column_response( $comment ) { + $post = get_post(); + + if ( ! $post ) { + return; + } + + if ( isset( $this->pending_count[ $post->ID ] ) ) { + $pending_comments = $this->pending_count[ $post->ID ]; + } else { + $_pending_count_temp = get_pending_comments_num( array( $post->ID ) ); + $pending_comments = $_pending_count_temp[ $post->ID ]; + $this->pending_count[ $post->ID ] = $pending_comments; + } + + if ( current_user_can( 'edit_post', $post->ID ) ) { + $post_link = "<a href='" . get_edit_post_link( $post->ID ) . "' class='comments-edit-item-link'>"; + $post_link .= esc_html( get_the_title( $post->ID ) ) . '</a>'; + } else { + $post_link = esc_html( get_the_title( $post->ID ) ); + } + + echo '<div class="response-links">'; + + if ( 'attachment' === $post->post_type ) { + $thumb = wp_get_attachment_image( $post->ID, array( 80, 60 ), true ); + if ( $thumb ) { + echo $thumb; + } + } + + echo $post_link; + + $post_type_object = get_post_type_object( $post->post_type ); + echo "<a href='" . get_permalink( $post->ID ) . "' class='comments-view-item-link'>" . $post_type_object->labels->view_item . '</a>'; + + echo '<span class="post-com-count-wrapper post-com-count-', $post->ID, '">'; + $this->comments_bubble( $post->ID, $pending_comments ); + echo '</span> '; + + echo '</div>'; + } + + /** + * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Comment $item The comment object. + * @param string $column_name The custom column's name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $comment = $item; + + /** + * Fires when the default column output is displayed for a single row. + * + * @since 2.8.0 + * + * @param string $column_name The custom column's name. + * @param string $comment_id The comment ID as a numeric string. + */ + do_action( 'manage_comments_custom_column', $column_name, $comment->comment_ID ); + } +} diff --git a/wp-admin/includes/class-wp-community-events.php b/wp-admin/includes/class-wp-community-events.php new file mode 100644 index 0000000..008611a --- /dev/null +++ b/wp-admin/includes/class-wp-community-events.php @@ -0,0 +1,530 @@ +<?php +/** + * Administration: Community Events class. + * + * @package WordPress + * @subpackage Administration + * @since 4.8.0 + */ + +/** + * Class WP_Community_Events. + * + * A client for api.wordpress.org/events. + * + * @since 4.8.0 + */ +#[AllowDynamicProperties] +class WP_Community_Events { + /** + * ID for a WordPress user account. + * + * @since 4.8.0 + * + * @var int + */ + protected $user_id = 0; + + /** + * Stores location data for the user. + * + * @since 4.8.0 + * + * @var false|array + */ + protected $user_location = false; + + /** + * Constructor for WP_Community_Events. + * + * @since 4.8.0 + * + * @param int $user_id WP user ID. + * @param false|array $user_location { + * Stored location data for the user. false to pass no location. + * + * @type string $description The name of the location + * @type string $latitude The latitude in decimal degrees notation, without the degree + * symbol. e.g.: 47.615200. + * @type string $longitude The longitude in decimal degrees notation, without the degree + * symbol. e.g.: -122.341100. + * @type string $country The ISO 3166-1 alpha-2 country code. e.g.: BR + * } + */ + public function __construct( $user_id, $user_location = false ) { + $this->user_id = absint( $user_id ); + $this->user_location = $user_location; + } + + /** + * Gets data about events near a particular location. + * + * Cached events will be immediately returned if the `user_location` property + * is set for the current user, and cached events exist for that location. + * + * Otherwise, this method sends a request to the w.org Events API with location + * data. The API will send back a recognized location based on the data, along + * with nearby events. + * + * The browser's request for events is proxied with this method, rather + * than having the browser make the request directly to api.wordpress.org, + * because it allows results to be cached server-side and shared with other + * users and sites in the network. This makes the process more efficient, + * since increasing the number of visits that get cached data means users + * don't have to wait as often; if the user's browser made the request + * directly, it would also need to make a second request to WP in order to + * pass the data for caching. Having WP make the request also introduces + * the opportunity to anonymize the IP before sending it to w.org, which + * mitigates possible privacy concerns. + * + * @since 4.8.0 + * @since 5.5.2 Response no longer contains formatted date field. They're added + * in `wp.communityEvents.populateDynamicEventFields()` now. + * + * @param string $location_search Optional. City name to help determine the location. + * e.g., "Seattle". Default empty string. + * @param string $timezone Optional. Timezone to help determine the location. + * Default empty string. + * @return array|WP_Error A WP_Error on failure; an array with location and events on + * success. + */ + public function get_events( $location_search = '', $timezone = '' ) { + $cached_events = $this->get_cached_events(); + + if ( ! $location_search && $cached_events ) { + return $cached_events; + } + + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $api_url = 'http://api.wordpress.org/events/1.0/'; + $request_args = $this->get_request_args( $location_search, $timezone ); + $request_args['user-agent'] = 'WordPress/' . $wp_version . '; ' . home_url( '/' ); + + if ( wp_http_supports( array( 'ssl' ) ) ) { + $api_url = set_url_scheme( $api_url, 'https' ); + } + + $response = wp_remote_get( $api_url, $request_args ); + $response_code = wp_remote_retrieve_response_code( $response ); + $response_body = json_decode( wp_remote_retrieve_body( $response ), true ); + $response_error = null; + + if ( is_wp_error( $response ) ) { + $response_error = $response; + } elseif ( 200 !== $response_code ) { + $response_error = new WP_Error( + 'api-error', + /* translators: %d: Numeric HTTP status code, e.g. 400, 403, 500, 504, etc. */ + sprintf( __( 'Invalid API response code (%d).' ), $response_code ) + ); + } elseif ( ! isset( $response_body['location'], $response_body['events'] ) ) { + $response_error = new WP_Error( + 'api-invalid-response', + isset( $response_body['error'] ) ? $response_body['error'] : __( 'Unknown API error.' ) + ); + } + + if ( is_wp_error( $response_error ) ) { + return $response_error; + } else { + $expiration = false; + + if ( isset( $response_body['ttl'] ) ) { + $expiration = $response_body['ttl']; + unset( $response_body['ttl'] ); + } + + /* + * The IP in the response is usually the same as the one that was sent + * in the request, but in some cases it is different. In those cases, + * it's important to reset it back to the IP from the request. + * + * For example, if the IP sent in the request is private (e.g., 192.168.1.100), + * then the API will ignore that and use the corresponding public IP instead, + * and the public IP will get returned. If the public IP were saved, though, + * then get_cached_events() would always return `false`, because the transient + * would be generated based on the public IP when saving the cache, but generated + * based on the private IP when retrieving the cache. + */ + if ( ! empty( $response_body['location']['ip'] ) ) { + $response_body['location']['ip'] = $request_args['body']['ip']; + } + + /* + * The API doesn't return a description for latitude/longitude requests, + * but the description is already saved in the user location, so that + * one can be used instead. + */ + if ( $this->coordinates_match( $request_args['body'], $response_body['location'] ) && empty( $response_body['location']['description'] ) ) { + $response_body['location']['description'] = $this->user_location['description']; + } + + /* + * Store the raw response, because events will expire before the cache does. + * The response will need to be processed every page load. + */ + $this->cache_events( $response_body, $expiration ); + + $response_body['events'] = $this->trim_events( $response_body['events'] ); + + return $response_body; + } + } + + /** + * Builds an array of args to use in an HTTP request to the w.org Events API. + * + * @since 4.8.0 + * + * @param string $search Optional. City search string. Default empty string. + * @param string $timezone Optional. Timezone string. Default empty string. + * @return array The request args. + */ + protected function get_request_args( $search = '', $timezone = '' ) { + $args = array( + 'number' => 5, // Get more than three in case some get trimmed out. + 'ip' => self::get_unsafe_client_ip(), + ); + + /* + * Include the minimal set of necessary arguments, in order to increase the + * chances of a cache-hit on the API side. + */ + if ( empty( $search ) && isset( $this->user_location['latitude'], $this->user_location['longitude'] ) ) { + $args['latitude'] = $this->user_location['latitude']; + $args['longitude'] = $this->user_location['longitude']; + } else { + $args['locale'] = get_user_locale( $this->user_id ); + + if ( $timezone ) { + $args['timezone'] = $timezone; + } + + if ( $search ) { + $args['location'] = $search; + } + } + + // Wrap the args in an array compatible with the second parameter of `wp_remote_get()`. + return array( + 'body' => $args, + ); + } + + /** + * Determines the user's actual IP address and attempts to partially + * anonymize an IP address by converting it to a network ID. + * + * Geolocating the network ID usually returns a similar location as the + * actual IP, but provides some privacy for the user. + * + * $_SERVER['REMOTE_ADDR'] cannot be used in all cases, such as when the user + * is making their request through a proxy, or when the web server is behind + * a proxy. In those cases, $_SERVER['REMOTE_ADDR'] is set to the proxy address rather + * than the user's actual address. + * + * Modified from https://stackoverflow.com/a/2031935/450127, MIT license. + * Modified from https://github.com/geertw/php-ip-anonymizer, MIT license. + * + * SECURITY WARNING: This function is _NOT_ intended to be used in + * circumstances where the authenticity of the IP address matters. This does + * _NOT_ guarantee that the returned address is valid or accurate, and it can + * be easily spoofed. + * + * @since 4.8.0 + * + * @return string|false The anonymized address on success; the given address + * or false on failure. + */ + public static function get_unsafe_client_ip() { + $client_ip = false; + + // In order of preference, with the best ones for this purpose first. + $address_headers = array( + 'HTTP_CLIENT_IP', + 'HTTP_X_FORWARDED_FOR', + 'HTTP_X_FORWARDED', + 'HTTP_X_CLUSTER_CLIENT_IP', + 'HTTP_FORWARDED_FOR', + 'HTTP_FORWARDED', + 'REMOTE_ADDR', + ); + + foreach ( $address_headers as $header ) { + if ( array_key_exists( $header, $_SERVER ) ) { + /* + * HTTP_X_FORWARDED_FOR can contain a chain of comma-separated + * addresses. The first one is the original client. It can't be + * trusted for authenticity, but we don't need to for this purpose. + */ + $address_chain = explode( ',', $_SERVER[ $header ] ); + $client_ip = trim( $address_chain[0] ); + + break; + } + } + + if ( ! $client_ip ) { + return false; + } + + $anon_ip = wp_privacy_anonymize_ip( $client_ip, true ); + + if ( '0.0.0.0' === $anon_ip || '::' === $anon_ip ) { + return false; + } + + return $anon_ip; + } + + /** + * Test if two pairs of latitude/longitude coordinates match each other. + * + * @since 4.8.0 + * + * @param array $a The first pair, with indexes 'latitude' and 'longitude'. + * @param array $b The second pair, with indexes 'latitude' and 'longitude'. + * @return bool True if they match, false if they don't. + */ + protected function coordinates_match( $a, $b ) { + if ( ! isset( $a['latitude'], $a['longitude'], $b['latitude'], $b['longitude'] ) ) { + return false; + } + + return $a['latitude'] === $b['latitude'] && $a['longitude'] === $b['longitude']; + } + + /** + * Generates a transient key based on user location. + * + * This could be reduced to a one-liner in the calling functions, but it's + * intentionally a separate function because it's called from multiple + * functions, and having it abstracted keeps the logic consistent and DRY, + * which is less prone to errors. + * + * @since 4.8.0 + * + * @param array $location Should contain 'latitude' and 'longitude' indexes. + * @return string|false Transient key on success, false on failure. + */ + protected function get_events_transient_key( $location ) { + $key = false; + + if ( isset( $location['ip'] ) ) { + $key = 'community-events-' . md5( $location['ip'] ); + } elseif ( isset( $location['latitude'], $location['longitude'] ) ) { + $key = 'community-events-' . md5( $location['latitude'] . $location['longitude'] ); + } + + return $key; + } + + /** + * Caches an array of events data from the Events API. + * + * @since 4.8.0 + * + * @param array $events Response body from the API request. + * @param int|false $expiration Optional. Amount of time to cache the events. Defaults to false. + * @return bool true if events were cached; false if not. + */ + protected function cache_events( $events, $expiration = false ) { + $set = false; + $transient_key = $this->get_events_transient_key( $events['location'] ); + $cache_expiration = $expiration ? absint( $expiration ) : HOUR_IN_SECONDS * 12; + + if ( $transient_key ) { + $set = set_site_transient( $transient_key, $events, $cache_expiration ); + } + + return $set; + } + + /** + * Gets cached events. + * + * @since 4.8.0 + * @since 5.5.2 Response no longer contains formatted date field. They're added + * in `wp.communityEvents.populateDynamicEventFields()` now. + * + * @return array|false An array containing `location` and `events` items + * on success, false on failure. + */ + public function get_cached_events() { + $transient_key = $this->get_events_transient_key( $this->user_location ); + if ( ! $transient_key ) { + return false; + } + + $cached_response = get_site_transient( $transient_key ); + if ( isset( $cached_response['events'] ) ) { + $cached_response['events'] = $this->trim_events( $cached_response['events'] ); + } + + return $cached_response; + } + + /** + * Adds formatted date and time items for each event in an API response. + * + * This has to be called after the data is pulled from the cache, because + * the cached events are shared by all users. If it was called before storing + * the cache, then all users would see the events in the localized data/time + * of the user who triggered the cache refresh, rather than their own. + * + * @since 4.8.0 + * @deprecated 5.6.0 No longer used in core. + * + * @param array $response_body The response which contains the events. + * @return array The response with dates and times formatted. + */ + protected function format_event_data_time( $response_body ) { + _deprecated_function( + __METHOD__, + '5.5.2', + 'This is no longer used by core, and only kept for backward compatibility.' + ); + + if ( isset( $response_body['events'] ) ) { + foreach ( $response_body['events'] as $key => $event ) { + $timestamp = strtotime( $event['date'] ); + + /* + * The `date_format` option is not used because it's important + * in this context to keep the day of the week in the formatted date, + * so that users can tell at a glance if the event is on a day they + * are available, without having to open the link. + */ + /* translators: Date format for upcoming events on the dashboard. Include the day of the week. See https://www.php.net/manual/datetime.format.php */ + $formatted_date = date_i18n( __( 'l, M j, Y' ), $timestamp ); + $formatted_time = date_i18n( get_option( 'time_format' ), $timestamp ); + + if ( isset( $event['end_date'] ) ) { + $end_timestamp = strtotime( $event['end_date'] ); + $formatted_end_date = date_i18n( __( 'l, M j, Y' ), $end_timestamp ); + + if ( 'meetup' !== $event['type'] && $formatted_end_date !== $formatted_date ) { + /* translators: Upcoming events month format. See https://www.php.net/manual/datetime.format.php */ + $start_month = date_i18n( _x( 'F', 'upcoming events month format' ), $timestamp ); + $end_month = date_i18n( _x( 'F', 'upcoming events month format' ), $end_timestamp ); + + if ( $start_month === $end_month ) { + $formatted_date = sprintf( + /* translators: Date string for upcoming events. 1: Month, 2: Starting day, 3: Ending day, 4: Year. */ + __( '%1$s %2$d–%3$d, %4$d' ), + $start_month, + /* translators: Upcoming events day format. See https://www.php.net/manual/datetime.format.php */ + date_i18n( _x( 'j', 'upcoming events day format' ), $timestamp ), + date_i18n( _x( 'j', 'upcoming events day format' ), $end_timestamp ), + /* translators: Upcoming events year format. See https://www.php.net/manual/datetime.format.php */ + date_i18n( _x( 'Y', 'upcoming events year format' ), $timestamp ) + ); + } else { + $formatted_date = sprintf( + /* translators: Date string for upcoming events. 1: Starting month, 2: Starting day, 3: Ending month, 4: Ending day, 5: Year. */ + __( '%1$s %2$d – %3$s %4$d, %5$d' ), + $start_month, + date_i18n( _x( 'j', 'upcoming events day format' ), $timestamp ), + $end_month, + date_i18n( _x( 'j', 'upcoming events day format' ), $end_timestamp ), + date_i18n( _x( 'Y', 'upcoming events year format' ), $timestamp ) + ); + } + + $formatted_date = wp_maybe_decline_date( $formatted_date, 'F j, Y' ); + } + } + + $response_body['events'][ $key ]['formatted_date'] = $formatted_date; + $response_body['events'][ $key ]['formatted_time'] = $formatted_time; + } + } + + return $response_body; + } + + /** + * Prepares the event list for presentation. + * + * Discards expired events, and makes WordCamps "sticky." Attendees need more + * advanced notice about WordCamps than they do for meetups, so camps should + * appear in the list sooner. If a WordCamp is coming up, the API will "stick" + * it in the response, even if it wouldn't otherwise appear. When that happens, + * the event will be at the end of the list, and will need to be moved into a + * higher position, so that it doesn't get trimmed off. + * + * @since 4.8.0 + * @since 4.9.7 Stick a WordCamp to the final list. + * @since 5.5.2 Accepts and returns only the events, rather than an entire HTTP response. + * @since 6.0.0 Decode HTML entities from the event title. + * + * @param array $events The events that will be prepared. + * @return array The response body with events trimmed. + */ + protected function trim_events( array $events ) { + $future_events = array(); + + foreach ( $events as $event ) { + /* + * The API's `date` and `end_date` fields are in the _event's_ local timezone, but UTC is needed so + * it can be converted to the _user's_ local time. + */ + $end_time = (int) $event['end_unix_timestamp']; + + if ( time() < $end_time ) { + // Decode HTML entities from the event title. + $event['title'] = html_entity_decode( $event['title'], ENT_QUOTES, 'UTF-8' ); + + array_push( $future_events, $event ); + } + } + + $future_wordcamps = array_filter( + $future_events, + static function ( $wordcamp ) { + return 'wordcamp' === $wordcamp['type']; + } + ); + + $future_wordcamps = array_values( $future_wordcamps ); // Remove gaps in indices. + $trimmed_events = array_slice( $future_events, 0, 3 ); + $trimmed_event_types = wp_list_pluck( $trimmed_events, 'type' ); + + // Make sure the soonest upcoming WordCamp is pinned in the list. + if ( $future_wordcamps && ! in_array( 'wordcamp', $trimmed_event_types, true ) ) { + array_pop( $trimmed_events ); + array_push( $trimmed_events, $future_wordcamps[0] ); + } + + return $trimmed_events; + } + + /** + * Logs responses to Events API requests. + * + * @since 4.8.0 + * @deprecated 4.9.0 Use a plugin instead. See #41217 for an example. + * + * @param string $message A description of what occurred. + * @param array $details Details that provide more context for the + * log entry. + */ + protected function maybe_log_events_response( $message, $details ) { + _deprecated_function( __METHOD__, '4.9.0' ); + + if ( ! WP_DEBUG_LOG ) { + return; + } + + error_log( + sprintf( + '%s: %s. Details: %s', + __METHOD__, + trim( $message, '.' ), + wp_json_encode( $details ) + ) + ); + } +} diff --git a/wp-admin/includes/class-wp-debug-data.php b/wp-admin/includes/class-wp-debug-data.php new file mode 100644 index 0000000..d83c873 --- /dev/null +++ b/wp-admin/includes/class-wp-debug-data.php @@ -0,0 +1,1716 @@ +<?php +/** + * Class for providing debug data based on a users WordPress environment. + * + * @package WordPress + * @subpackage Site_Health + * @since 5.2.0 + */ + +#[AllowDynamicProperties] +class WP_Debug_Data { + /** + * Calls all core functions to check for updates. + * + * @since 5.2.0 + */ + public static function check_for_updates() { + wp_version_check(); + wp_update_plugins(); + wp_update_themes(); + } + + /** + * Static function for generating site debug data when required. + * + * @since 5.2.0 + * @since 5.3.0 Added database charset, database collation, + * and timezone information. + * @since 5.5.0 Added pretty permalinks support information. + * + * @throws ImagickException + * @global wpdb $wpdb WordPress database abstraction object. + * @global array $_wp_theme_features + * + * @return array The debug data for the site. + */ + public static function debug_data() { + global $wpdb, $_wp_theme_features; + + // Save few function calls. + $upload_dir = wp_upload_dir(); + $permalink_structure = get_option( 'permalink_structure' ); + $is_ssl = is_ssl(); + $is_multisite = is_multisite(); + $users_can_register = get_option( 'users_can_register' ); + $blog_public = get_option( 'blog_public' ); + $default_comment_status = get_option( 'default_comment_status' ); + $environment_type = wp_get_environment_type(); + $core_version = get_bloginfo( 'version' ); + $core_updates = get_core_updates(); + $core_update_needed = ''; + + if ( is_array( $core_updates ) ) { + foreach ( $core_updates as $core => $update ) { + if ( 'upgrade' === $update->response ) { + /* translators: %s: Latest WordPress version number. */ + $core_update_needed = ' ' . sprintf( __( '(Latest version: %s)' ), $update->version ); + } else { + $core_update_needed = ''; + } + } + } + + // Set up the array that holds all debug information. + $info = array(); + + $info['wp-core'] = array( + 'label' => __( 'WordPress' ), + 'fields' => array( + 'version' => array( + 'label' => __( 'Version' ), + 'value' => $core_version . $core_update_needed, + 'debug' => $core_version, + ), + 'site_language' => array( + 'label' => __( 'Site Language' ), + 'value' => get_locale(), + ), + 'user_language' => array( + 'label' => __( 'User Language' ), + 'value' => get_user_locale(), + ), + 'timezone' => array( + 'label' => __( 'Timezone' ), + 'value' => wp_timezone_string(), + ), + 'home_url' => array( + 'label' => __( 'Home URL' ), + 'value' => get_bloginfo( 'url' ), + 'private' => true, + ), + 'site_url' => array( + 'label' => __( 'Site URL' ), + 'value' => get_bloginfo( 'wpurl' ), + 'private' => true, + ), + 'permalink' => array( + 'label' => __( 'Permalink structure' ), + 'value' => $permalink_structure ? $permalink_structure : __( 'No permalink structure set' ), + 'debug' => $permalink_structure, + ), + 'https_status' => array( + 'label' => __( 'Is this site using HTTPS?' ), + 'value' => $is_ssl ? __( 'Yes' ) : __( 'No' ), + 'debug' => $is_ssl, + ), + 'multisite' => array( + 'label' => __( 'Is this a multisite?' ), + 'value' => $is_multisite ? __( 'Yes' ) : __( 'No' ), + 'debug' => $is_multisite, + ), + 'user_registration' => array( + 'label' => __( 'Can anyone register on this site?' ), + 'value' => $users_can_register ? __( 'Yes' ) : __( 'No' ), + 'debug' => $users_can_register, + ), + 'blog_public' => array( + 'label' => __( 'Is this site discouraging search engines?' ), + 'value' => $blog_public ? __( 'No' ) : __( 'Yes' ), + 'debug' => $blog_public, + ), + 'default_comment_status' => array( + 'label' => __( 'Default comment status' ), + 'value' => 'open' === $default_comment_status ? _x( 'Open', 'comment status' ) : _x( 'Closed', 'comment status' ), + 'debug' => $default_comment_status, + ), + 'environment_type' => array( + 'label' => __( 'Environment type' ), + 'value' => $environment_type, + 'debug' => $environment_type, + ), + ), + ); + + if ( ! $is_multisite ) { + $info['wp-paths-sizes'] = array( + 'label' => __( 'Directories and Sizes' ), + 'fields' => array(), + ); + } + + $info['wp-dropins'] = array( + 'label' => __( 'Drop-ins' ), + 'show_count' => true, + 'description' => sprintf( + /* translators: %s: wp-content directory name. */ + __( 'Drop-ins are single files, found in the %s directory, that replace or enhance WordPress features in ways that are not possible for traditional plugins.' ), + '<code>' . str_replace( ABSPATH, '', WP_CONTENT_DIR ) . '</code>' + ), + 'fields' => array(), + ); + + $info['wp-active-theme'] = array( + 'label' => __( 'Active Theme' ), + 'fields' => array(), + ); + + $info['wp-parent-theme'] = array( + 'label' => __( 'Parent Theme' ), + 'fields' => array(), + ); + + $info['wp-themes-inactive'] = array( + 'label' => __( 'Inactive Themes' ), + 'show_count' => true, + 'fields' => array(), + ); + + $info['wp-mu-plugins'] = array( + 'label' => __( 'Must Use Plugins' ), + 'show_count' => true, + 'fields' => array(), + ); + + $info['wp-plugins-active'] = array( + 'label' => __( 'Active Plugins' ), + 'show_count' => true, + 'fields' => array(), + ); + + $info['wp-plugins-inactive'] = array( + 'label' => __( 'Inactive Plugins' ), + 'show_count' => true, + 'fields' => array(), + ); + + $info['wp-media'] = array( + 'label' => __( 'Media Handling' ), + 'fields' => array(), + ); + + $info['wp-server'] = array( + 'label' => __( 'Server' ), + 'description' => __( 'The options shown below relate to your server setup. If changes are required, you may need your web host’s assistance.' ), + 'fields' => array(), + ); + + $info['wp-database'] = array( + 'label' => __( 'Database' ), + 'fields' => array(), + ); + + // Check if WP_DEBUG_LOG is set. + $wp_debug_log_value = __( 'Disabled' ); + + if ( is_string( WP_DEBUG_LOG ) ) { + $wp_debug_log_value = WP_DEBUG_LOG; + } elseif ( WP_DEBUG_LOG ) { + $wp_debug_log_value = __( 'Enabled' ); + } + + // Check CONCATENATE_SCRIPTS. + if ( defined( 'CONCATENATE_SCRIPTS' ) ) { + $concatenate_scripts = CONCATENATE_SCRIPTS ? __( 'Enabled' ) : __( 'Disabled' ); + $concatenate_scripts_debug = CONCATENATE_SCRIPTS ? 'true' : 'false'; + } else { + $concatenate_scripts = __( 'Undefined' ); + $concatenate_scripts_debug = 'undefined'; + } + + // Check COMPRESS_SCRIPTS. + if ( defined( 'COMPRESS_SCRIPTS' ) ) { + $compress_scripts = COMPRESS_SCRIPTS ? __( 'Enabled' ) : __( 'Disabled' ); + $compress_scripts_debug = COMPRESS_SCRIPTS ? 'true' : 'false'; + } else { + $compress_scripts = __( 'Undefined' ); + $compress_scripts_debug = 'undefined'; + } + + // Check COMPRESS_CSS. + if ( defined( 'COMPRESS_CSS' ) ) { + $compress_css = COMPRESS_CSS ? __( 'Enabled' ) : __( 'Disabled' ); + $compress_css_debug = COMPRESS_CSS ? 'true' : 'false'; + } else { + $compress_css = __( 'Undefined' ); + $compress_css_debug = 'undefined'; + } + + // Check WP_ENVIRONMENT_TYPE. + if ( defined( 'WP_ENVIRONMENT_TYPE' ) && WP_ENVIRONMENT_TYPE ) { + $wp_environment_type = WP_ENVIRONMENT_TYPE; + } else { + $wp_environment_type = __( 'Undefined' ); + } + + $info['wp-constants'] = array( + 'label' => __( 'WordPress Constants' ), + 'description' => __( 'These settings alter where and how parts of WordPress are loaded.' ), + 'fields' => array( + 'ABSPATH' => array( + 'label' => 'ABSPATH', + 'value' => ABSPATH, + 'private' => true, + ), + 'WP_HOME' => array( + 'label' => 'WP_HOME', + 'value' => ( defined( 'WP_HOME' ) ? WP_HOME : __( 'Undefined' ) ), + 'debug' => ( defined( 'WP_HOME' ) ? WP_HOME : 'undefined' ), + ), + 'WP_SITEURL' => array( + 'label' => 'WP_SITEURL', + 'value' => ( defined( 'WP_SITEURL' ) ? WP_SITEURL : __( 'Undefined' ) ), + 'debug' => ( defined( 'WP_SITEURL' ) ? WP_SITEURL : 'undefined' ), + ), + 'WP_CONTENT_DIR' => array( + 'label' => 'WP_CONTENT_DIR', + 'value' => WP_CONTENT_DIR, + ), + 'WP_PLUGIN_DIR' => array( + 'label' => 'WP_PLUGIN_DIR', + 'value' => WP_PLUGIN_DIR, + ), + 'WP_MEMORY_LIMIT' => array( + 'label' => 'WP_MEMORY_LIMIT', + 'value' => WP_MEMORY_LIMIT, + ), + 'WP_MAX_MEMORY_LIMIT' => array( + 'label' => 'WP_MAX_MEMORY_LIMIT', + 'value' => WP_MAX_MEMORY_LIMIT, + ), + 'WP_DEBUG' => array( + 'label' => 'WP_DEBUG', + 'value' => WP_DEBUG ? __( 'Enabled' ) : __( 'Disabled' ), + 'debug' => WP_DEBUG, + ), + 'WP_DEBUG_DISPLAY' => array( + 'label' => 'WP_DEBUG_DISPLAY', + 'value' => WP_DEBUG_DISPLAY ? __( 'Enabled' ) : __( 'Disabled' ), + 'debug' => WP_DEBUG_DISPLAY, + ), + 'WP_DEBUG_LOG' => array( + 'label' => 'WP_DEBUG_LOG', + 'value' => $wp_debug_log_value, + 'debug' => WP_DEBUG_LOG, + ), + 'SCRIPT_DEBUG' => array( + 'label' => 'SCRIPT_DEBUG', + 'value' => SCRIPT_DEBUG ? __( 'Enabled' ) : __( 'Disabled' ), + 'debug' => SCRIPT_DEBUG, + ), + 'WP_CACHE' => array( + 'label' => 'WP_CACHE', + 'value' => WP_CACHE ? __( 'Enabled' ) : __( 'Disabled' ), + 'debug' => WP_CACHE, + ), + 'CONCATENATE_SCRIPTS' => array( + 'label' => 'CONCATENATE_SCRIPTS', + 'value' => $concatenate_scripts, + 'debug' => $concatenate_scripts_debug, + ), + 'COMPRESS_SCRIPTS' => array( + 'label' => 'COMPRESS_SCRIPTS', + 'value' => $compress_scripts, + 'debug' => $compress_scripts_debug, + ), + 'COMPRESS_CSS' => array( + 'label' => 'COMPRESS_CSS', + 'value' => $compress_css, + 'debug' => $compress_css_debug, + ), + 'WP_ENVIRONMENT_TYPE' => array( + 'label' => 'WP_ENVIRONMENT_TYPE', + 'value' => $wp_environment_type, + 'debug' => $wp_environment_type, + ), + 'WP_DEVELOPMENT_MODE' => array( + 'label' => 'WP_DEVELOPMENT_MODE', + 'value' => WP_DEVELOPMENT_MODE ? WP_DEVELOPMENT_MODE : __( 'Disabled' ), + 'debug' => WP_DEVELOPMENT_MODE, + ), + 'DB_CHARSET' => array( + 'label' => 'DB_CHARSET', + 'value' => ( defined( 'DB_CHARSET' ) ? DB_CHARSET : __( 'Undefined' ) ), + 'debug' => ( defined( 'DB_CHARSET' ) ? DB_CHARSET : 'undefined' ), + ), + 'DB_COLLATE' => array( + 'label' => 'DB_COLLATE', + 'value' => ( defined( 'DB_COLLATE' ) ? DB_COLLATE : __( 'Undefined' ) ), + 'debug' => ( defined( 'DB_COLLATE' ) ? DB_COLLATE : 'undefined' ), + ), + ), + ); + + $is_writable_abspath = wp_is_writable( ABSPATH ); + $is_writable_wp_content_dir = wp_is_writable( WP_CONTENT_DIR ); + $is_writable_upload_dir = wp_is_writable( $upload_dir['basedir'] ); + $is_writable_wp_plugin_dir = wp_is_writable( WP_PLUGIN_DIR ); + $is_writable_template_directory = wp_is_writable( get_theme_root( get_template() ) ); + + $info['wp-filesystem'] = array( + 'label' => __( 'Filesystem Permissions' ), + 'description' => __( 'Shows whether WordPress is able to write to the directories it needs access to.' ), + 'fields' => array( + 'wordpress' => array( + 'label' => __( 'The main WordPress directory' ), + 'value' => ( $is_writable_abspath ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_abspath ? 'writable' : 'not writable' ), + ), + 'wp-content' => array( + 'label' => __( 'The wp-content directory' ), + 'value' => ( $is_writable_wp_content_dir ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_wp_content_dir ? 'writable' : 'not writable' ), + ), + 'uploads' => array( + 'label' => __( 'The uploads directory' ), + 'value' => ( $is_writable_upload_dir ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_upload_dir ? 'writable' : 'not writable' ), + ), + 'plugins' => array( + 'label' => __( 'The plugins directory' ), + 'value' => ( $is_writable_wp_plugin_dir ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_wp_plugin_dir ? 'writable' : 'not writable' ), + ), + 'themes' => array( + 'label' => __( 'The themes directory' ), + 'value' => ( $is_writable_template_directory ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_template_directory ? 'writable' : 'not writable' ), + ), + ), + ); + + // Conditionally add debug information for multisite setups. + if ( is_multisite() ) { + $network_query = new WP_Network_Query(); + $network_ids = $network_query->query( + array( + 'fields' => 'ids', + 'number' => 100, + 'no_found_rows' => false, + ) + ); + + $site_count = 0; + foreach ( $network_ids as $network_id ) { + $site_count += get_blog_count( $network_id ); + } + + $info['wp-core']['fields']['site_count'] = array( + 'label' => __( 'Site count' ), + 'value' => $site_count, + ); + + $info['wp-core']['fields']['network_count'] = array( + 'label' => __( 'Network count' ), + 'value' => $network_query->found_networks, + ); + } + + $info['wp-core']['fields']['user_count'] = array( + 'label' => __( 'User count' ), + 'value' => get_user_count(), + ); + + // WordPress features requiring processing. + $wp_dotorg = wp_remote_get( 'https://wordpress.org', array( 'timeout' => 10 ) ); + + if ( ! is_wp_error( $wp_dotorg ) ) { + $info['wp-core']['fields']['dotorg_communication'] = array( + 'label' => __( 'Communication with WordPress.org' ), + 'value' => __( 'WordPress.org is reachable' ), + 'debug' => 'true', + ); + } else { + $info['wp-core']['fields']['dotorg_communication'] = array( + 'label' => __( 'Communication with WordPress.org' ), + 'value' => sprintf( + /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */ + __( 'Unable to reach WordPress.org at %1$s: %2$s' ), + gethostbyname( 'wordpress.org' ), + $wp_dotorg->get_error_message() + ), + 'debug' => $wp_dotorg->get_error_message(), + ); + } + + // Remove accordion for Directories and Sizes if in Multisite. + if ( ! $is_multisite ) { + $loading = __( 'Loading…' ); + + $info['wp-paths-sizes']['fields'] = array( + 'wordpress_path' => array( + 'label' => __( 'WordPress directory location' ), + 'value' => untrailingslashit( ABSPATH ), + ), + 'wordpress_size' => array( + 'label' => __( 'WordPress directory size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + 'uploads_path' => array( + 'label' => __( 'Uploads directory location' ), + 'value' => $upload_dir['basedir'], + ), + 'uploads_size' => array( + 'label' => __( 'Uploads directory size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + 'themes_path' => array( + 'label' => __( 'Themes directory location' ), + 'value' => get_theme_root(), + ), + 'themes_size' => array( + 'label' => __( 'Themes directory size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + 'plugins_path' => array( + 'label' => __( 'Plugins directory location' ), + 'value' => WP_PLUGIN_DIR, + ), + 'plugins_size' => array( + 'label' => __( 'Plugins directory size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + 'database_size' => array( + 'label' => __( 'Database size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + 'total_size' => array( + 'label' => __( 'Total installation size' ), + 'value' => $loading, + 'debug' => 'loading...', + ), + ); + } + + // Get a list of all drop-in replacements. + $dropins = get_dropins(); + + // Get dropins descriptions. + $dropin_descriptions = _get_dropins(); + + // Spare few function calls. + $not_available = __( 'Not available' ); + + foreach ( $dropins as $dropin_key => $dropin ) { + $info['wp-dropins']['fields'][ sanitize_text_field( $dropin_key ) ] = array( + 'label' => $dropin_key, + 'value' => $dropin_descriptions[ $dropin_key ][0], + 'debug' => 'true', + ); + } + + // Populate the media fields. + $info['wp-media']['fields']['image_editor'] = array( + 'label' => __( 'Active editor' ), + 'value' => _wp_image_editor_choose(), + ); + + // Get ImageMagic information, if available. + if ( class_exists( 'Imagick' ) ) { + // Save the Imagick instance for later use. + $imagick = new Imagick(); + $imagemagick_version = $imagick->getVersion(); + } else { + $imagemagick_version = __( 'Not available' ); + } + + $info['wp-media']['fields']['imagick_module_version'] = array( + 'label' => __( 'ImageMagick version number' ), + 'value' => ( is_array( $imagemagick_version ) ? $imagemagick_version['versionNumber'] : $imagemagick_version ), + ); + + $info['wp-media']['fields']['imagemagick_version'] = array( + 'label' => __( 'ImageMagick version string' ), + 'value' => ( is_array( $imagemagick_version ) ? $imagemagick_version['versionString'] : $imagemagick_version ), + ); + + $imagick_version = phpversion( 'imagick' ); + + $info['wp-media']['fields']['imagick_version'] = array( + 'label' => __( 'Imagick version' ), + 'value' => ( $imagick_version ) ? $imagick_version : __( 'Not available' ), + ); + + if ( ! function_exists( 'ini_get' ) ) { + $info['wp-media']['fields']['ini_get'] = array( + 'label' => __( 'File upload settings' ), + 'value' => sprintf( + /* translators: %s: ini_get() */ + __( 'Unable to determine some settings, as the %s function has been disabled.' ), + 'ini_get()' + ), + 'debug' => 'ini_get() is disabled', + ); + } else { + // Get the PHP ini directive values. + $file_uploads = ini_get( 'file_uploads' ); + $post_max_size = ini_get( 'post_max_size' ); + $upload_max_filesize = ini_get( 'upload_max_filesize' ); + $max_file_uploads = ini_get( 'max_file_uploads' ); + $effective = min( wp_convert_hr_to_bytes( $post_max_size ), wp_convert_hr_to_bytes( $upload_max_filesize ) ); + + // Add info in Media section. + $info['wp-media']['fields']['file_uploads'] = array( + 'label' => __( 'File uploads' ), + 'value' => $file_uploads ? __( 'Enabled' ) : __( 'Disabled' ), + 'debug' => $file_uploads, + ); + $info['wp-media']['fields']['post_max_size'] = array( + 'label' => __( 'Max size of post data allowed' ), + 'value' => $post_max_size, + ); + $info['wp-media']['fields']['upload_max_filesize'] = array( + 'label' => __( 'Max size of an uploaded file' ), + 'value' => $upload_max_filesize, + ); + $info['wp-media']['fields']['max_effective_size'] = array( + 'label' => __( 'Max effective file size' ), + 'value' => size_format( $effective ), + ); + $info['wp-media']['fields']['max_file_uploads'] = array( + 'label' => __( 'Max number of files allowed' ), + 'value' => number_format( $max_file_uploads ), + ); + } + + // If Imagick is used as our editor, provide some more information about its limitations. + if ( 'WP_Image_Editor_Imagick' === _wp_image_editor_choose() && isset( $imagick ) && $imagick instanceof Imagick ) { + $limits = array( + 'area' => ( defined( 'imagick::RESOURCETYPE_AREA' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_AREA ) ) : $not_available ), + 'disk' => ( defined( 'imagick::RESOURCETYPE_DISK' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_DISK ) : $not_available ), + 'file' => ( defined( 'imagick::RESOURCETYPE_FILE' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_FILE ) : $not_available ), + 'map' => ( defined( 'imagick::RESOURCETYPE_MAP' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_MAP ) ) : $not_available ), + 'memory' => ( defined( 'imagick::RESOURCETYPE_MEMORY' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_MEMORY ) ) : $not_available ), + 'thread' => ( defined( 'imagick::RESOURCETYPE_THREAD' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_THREAD ) : $not_available ), + 'time' => ( defined( 'imagick::RESOURCETYPE_TIME' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_TIME ) : $not_available ), + ); + + $limits_debug = array( + 'imagick::RESOURCETYPE_AREA' => ( defined( 'imagick::RESOURCETYPE_AREA' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_AREA ) ) : 'not available' ), + 'imagick::RESOURCETYPE_DISK' => ( defined( 'imagick::RESOURCETYPE_DISK' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_DISK ) : 'not available' ), + 'imagick::RESOURCETYPE_FILE' => ( defined( 'imagick::RESOURCETYPE_FILE' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_FILE ) : 'not available' ), + 'imagick::RESOURCETYPE_MAP' => ( defined( 'imagick::RESOURCETYPE_MAP' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_MAP ) ) : 'not available' ), + 'imagick::RESOURCETYPE_MEMORY' => ( defined( 'imagick::RESOURCETYPE_MEMORY' ) ? size_format( $imagick->getResourceLimit( imagick::RESOURCETYPE_MEMORY ) ) : 'not available' ), + 'imagick::RESOURCETYPE_THREAD' => ( defined( 'imagick::RESOURCETYPE_THREAD' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_THREAD ) : 'not available' ), + 'imagick::RESOURCETYPE_TIME' => ( defined( 'imagick::RESOURCETYPE_TIME' ) ? $imagick->getResourceLimit( imagick::RESOURCETYPE_TIME ) : 'not available' ), + ); + + $info['wp-media']['fields']['imagick_limits'] = array( + 'label' => __( 'Imagick Resource Limits' ), + 'value' => $limits, + 'debug' => $limits_debug, + ); + + try { + $formats = Imagick::queryFormats( '*' ); + } catch ( Exception $e ) { + $formats = array(); + } + + $info['wp-media']['fields']['imagemagick_file_formats'] = array( + 'label' => __( 'ImageMagick supported file formats' ), + 'value' => ( empty( $formats ) ) ? __( 'Unable to determine' ) : implode( ', ', $formats ), + 'debug' => ( empty( $formats ) ) ? 'Unable to determine' : implode( ', ', $formats ), + ); + } + + // Get GD information, if available. + if ( function_exists( 'gd_info' ) ) { + $gd = gd_info(); + } else { + $gd = false; + } + + $info['wp-media']['fields']['gd_version'] = array( + 'label' => __( 'GD version' ), + 'value' => ( is_array( $gd ) ? $gd['GD Version'] : $not_available ), + 'debug' => ( is_array( $gd ) ? $gd['GD Version'] : 'not available' ), + ); + + $gd_image_formats = array(); + $gd_supported_formats = array( + 'GIF Create' => 'GIF', + 'JPEG' => 'JPEG', + 'PNG' => 'PNG', + 'WebP' => 'WebP', + 'BMP' => 'BMP', + 'AVIF' => 'AVIF', + 'HEIF' => 'HEIF', + 'TIFF' => 'TIFF', + 'XPM' => 'XPM', + ); + + foreach ( $gd_supported_formats as $format_key => $format ) { + $index = $format_key . ' Support'; + if ( isset( $gd[ $index ] ) && $gd[ $index ] ) { + array_push( $gd_image_formats, $format ); + } + } + + if ( ! empty( $gd_image_formats ) ) { + $info['wp-media']['fields']['gd_formats'] = array( + 'label' => __( 'GD supported file formats' ), + 'value' => implode( ', ', $gd_image_formats ), + ); + } + + // Get Ghostscript information, if available. + if ( function_exists( 'exec' ) ) { + $gs = exec( 'gs --version' ); + + if ( empty( $gs ) ) { + $gs = $not_available; + $gs_debug = 'not available'; + } else { + $gs_debug = $gs; + } + } else { + $gs = __( 'Unable to determine if Ghostscript is installed' ); + $gs_debug = 'unknown'; + } + + $info['wp-media']['fields']['ghostscript_version'] = array( + 'label' => __( 'Ghostscript version' ), + 'value' => $gs, + 'debug' => $gs_debug, + ); + + // Populate the server debug fields. + if ( function_exists( 'php_uname' ) ) { + $server_architecture = sprintf( '%s %s %s', php_uname( 's' ), php_uname( 'r' ), php_uname( 'm' ) ); + } else { + $server_architecture = 'unknown'; + } + + $php_version_debug = PHP_VERSION; + // Whether PHP supports 64-bit. + $php64bit = ( PHP_INT_SIZE * 8 === 64 ); + + $php_version = sprintf( + '%s %s', + $php_version_debug, + ( $php64bit ? __( '(Supports 64bit values)' ) : __( '(Does not support 64bit values)' ) ) + ); + + if ( $php64bit ) { + $php_version_debug .= ' 64bit'; + } + + $info['wp-server']['fields']['server_architecture'] = array( + 'label' => __( 'Server architecture' ), + 'value' => ( 'unknown' !== $server_architecture ? $server_architecture : __( 'Unable to determine server architecture' ) ), + 'debug' => $server_architecture, + ); + $info['wp-server']['fields']['httpd_software'] = array( + 'label' => __( 'Web server' ), + 'value' => ( isset( $_SERVER['SERVER_SOFTWARE'] ) ? $_SERVER['SERVER_SOFTWARE'] : __( 'Unable to determine what web server software is used' ) ), + 'debug' => ( isset( $_SERVER['SERVER_SOFTWARE'] ) ? $_SERVER['SERVER_SOFTWARE'] : 'unknown' ), + ); + $info['wp-server']['fields']['php_version'] = array( + 'label' => __( 'PHP version' ), + 'value' => $php_version, + 'debug' => $php_version_debug, + ); + $info['wp-server']['fields']['php_sapi'] = array( + 'label' => __( 'PHP SAPI' ), + 'value' => PHP_SAPI, + 'debug' => PHP_SAPI, + ); + + // Some servers disable `ini_set()` and `ini_get()`, we check this before trying to get configuration values. + if ( ! function_exists( 'ini_get' ) ) { + $info['wp-server']['fields']['ini_get'] = array( + 'label' => __( 'Server settings' ), + 'value' => sprintf( + /* translators: %s: ini_get() */ + __( 'Unable to determine some settings, as the %s function has been disabled.' ), + 'ini_get()' + ), + 'debug' => 'ini_get() is disabled', + ); + } else { + $info['wp-server']['fields']['max_input_variables'] = array( + 'label' => __( 'PHP max input variables' ), + 'value' => ini_get( 'max_input_vars' ), + ); + $info['wp-server']['fields']['time_limit'] = array( + 'label' => __( 'PHP time limit' ), + 'value' => ini_get( 'max_execution_time' ), + ); + + if ( WP_Site_Health::get_instance()->php_memory_limit !== ini_get( 'memory_limit' ) ) { + $info['wp-server']['fields']['memory_limit'] = array( + 'label' => __( 'PHP memory limit' ), + 'value' => WP_Site_Health::get_instance()->php_memory_limit, + ); + $info['wp-server']['fields']['admin_memory_limit'] = array( + 'label' => __( 'PHP memory limit (only for admin screens)' ), + 'value' => ini_get( 'memory_limit' ), + ); + } else { + $info['wp-server']['fields']['memory_limit'] = array( + 'label' => __( 'PHP memory limit' ), + 'value' => ini_get( 'memory_limit' ), + ); + } + + $info['wp-server']['fields']['max_input_time'] = array( + 'label' => __( 'Max input time' ), + 'value' => ini_get( 'max_input_time' ), + ); + $info['wp-server']['fields']['upload_max_filesize'] = array( + 'label' => __( 'Upload max filesize' ), + 'value' => ini_get( 'upload_max_filesize' ), + ); + $info['wp-server']['fields']['php_post_max_size'] = array( + 'label' => __( 'PHP post max size' ), + 'value' => ini_get( 'post_max_size' ), + ); + } + + if ( function_exists( 'curl_version' ) ) { + $curl = curl_version(); + + $info['wp-server']['fields']['curl_version'] = array( + 'label' => __( 'cURL version' ), + 'value' => sprintf( '%s %s', $curl['version'], $curl['ssl_version'] ), + ); + } else { + $info['wp-server']['fields']['curl_version'] = array( + 'label' => __( 'cURL version' ), + 'value' => $not_available, + 'debug' => 'not available', + ); + } + + // SUHOSIN. + $suhosin_loaded = ( extension_loaded( 'suhosin' ) || ( defined( 'SUHOSIN_PATCH' ) && constant( 'SUHOSIN_PATCH' ) ) ); + + $info['wp-server']['fields']['suhosin'] = array( + 'label' => __( 'Is SUHOSIN installed?' ), + 'value' => ( $suhosin_loaded ? __( 'Yes' ) : __( 'No' ) ), + 'debug' => $suhosin_loaded, + ); + + // Imagick. + $imagick_loaded = extension_loaded( 'imagick' ); + + $info['wp-server']['fields']['imagick_availability'] = array( + 'label' => __( 'Is the Imagick library available?' ), + 'value' => ( $imagick_loaded ? __( 'Yes' ) : __( 'No' ) ), + 'debug' => $imagick_loaded, + ); + + // Pretty permalinks. + $pretty_permalinks_supported = got_url_rewrite(); + + $info['wp-server']['fields']['pretty_permalinks'] = array( + 'label' => __( 'Are pretty permalinks supported?' ), + 'value' => ( $pretty_permalinks_supported ? __( 'Yes' ) : __( 'No' ) ), + 'debug' => $pretty_permalinks_supported, + ); + + // Check if a .htaccess file exists. + if ( is_file( ABSPATH . '.htaccess' ) ) { + // If the file exists, grab the content of it. + $htaccess_content = file_get_contents( ABSPATH . '.htaccess' ); + + // Filter away the core WordPress rules. + $filtered_htaccess_content = trim( preg_replace( '/\# BEGIN WordPress[\s\S]+?# END WordPress/si', '', $htaccess_content ) ); + $filtered_htaccess_content = ! empty( $filtered_htaccess_content ); + + if ( $filtered_htaccess_content ) { + /* translators: %s: .htaccess */ + $htaccess_rules_string = sprintf( __( 'Custom rules have been added to your %s file.' ), '.htaccess' ); + } else { + /* translators: %s: .htaccess */ + $htaccess_rules_string = sprintf( __( 'Your %s file contains only core WordPress features.' ), '.htaccess' ); + } + + $info['wp-server']['fields']['htaccess_extra_rules'] = array( + 'label' => __( '.htaccess rules' ), + 'value' => $htaccess_rules_string, + 'debug' => $filtered_htaccess_content, + ); + } + + // Server time. + $date = new DateTime( 'now', new DateTimeZone( 'UTC' ) ); + + $info['wp-server']['fields']['current'] = array( + 'label' => __( 'Current time' ), + 'value' => $date->format( DateTime::ATOM ), + ); + $info['wp-server']['fields']['utc-time'] = array( + 'label' => __( 'Current UTC time' ), + 'value' => $date->format( DateTime::RFC850 ), + ); + $info['wp-server']['fields']['server-time'] = array( + 'label' => __( 'Current Server time' ), + 'value' => wp_date( 'c', $_SERVER['REQUEST_TIME'] ), + ); + + // Populate the database debug fields. + if ( is_object( $wpdb->dbh ) ) { + // mysqli or PDO. + $extension = get_class( $wpdb->dbh ); + } else { + // Unknown sql extension. + $extension = null; + } + + $server = $wpdb->get_var( 'SELECT VERSION()' ); + + $client_version = $wpdb->dbh->client_info; + + $info['wp-database']['fields']['extension'] = array( + 'label' => __( 'Extension' ), + 'value' => $extension, + ); + + $info['wp-database']['fields']['server_version'] = array( + 'label' => __( 'Server version' ), + 'value' => $server, + ); + + $info['wp-database']['fields']['client_version'] = array( + 'label' => __( 'Client version' ), + 'value' => $client_version, + ); + + $info['wp-database']['fields']['database_user'] = array( + 'label' => __( 'Database username' ), + 'value' => $wpdb->dbuser, + 'private' => true, + ); + + $info['wp-database']['fields']['database_host'] = array( + 'label' => __( 'Database host' ), + 'value' => $wpdb->dbhost, + 'private' => true, + ); + + $info['wp-database']['fields']['database_name'] = array( + 'label' => __( 'Database name' ), + 'value' => $wpdb->dbname, + 'private' => true, + ); + + $info['wp-database']['fields']['database_prefix'] = array( + 'label' => __( 'Table prefix' ), + 'value' => $wpdb->prefix, + 'private' => true, + ); + + $info['wp-database']['fields']['database_charset'] = array( + 'label' => __( 'Database charset' ), + 'value' => $wpdb->charset, + 'private' => true, + ); + + $info['wp-database']['fields']['database_collate'] = array( + 'label' => __( 'Database collation' ), + 'value' => $wpdb->collate, + 'private' => true, + ); + + $info['wp-database']['fields']['max_allowed_packet'] = array( + 'label' => __( 'Max allowed packet size' ), + 'value' => self::get_mysql_var( 'max_allowed_packet' ), + ); + + $info['wp-database']['fields']['max_connections'] = array( + 'label' => __( 'Max connections number' ), + 'value' => self::get_mysql_var( 'max_connections' ), + ); + + // List must use plugins if there are any. + $mu_plugins = get_mu_plugins(); + + foreach ( $mu_plugins as $plugin_path => $plugin ) { + $plugin_version = $plugin['Version']; + $plugin_author = $plugin['Author']; + + $plugin_version_string = __( 'No version or author information is available.' ); + $plugin_version_string_debug = 'author: (undefined), version: (undefined)'; + + if ( ! empty( $plugin_version ) && ! empty( $plugin_author ) ) { + /* translators: 1: Plugin version number. 2: Plugin author name. */ + $plugin_version_string = sprintf( __( 'Version %1$s by %2$s' ), $plugin_version, $plugin_author ); + $plugin_version_string_debug = sprintf( 'version: %s, author: %s', $plugin_version, $plugin_author ); + } else { + if ( ! empty( $plugin_author ) ) { + /* translators: %s: Plugin author name. */ + $plugin_version_string = sprintf( __( 'By %s' ), $plugin_author ); + $plugin_version_string_debug = sprintf( 'author: %s, version: (undefined)', $plugin_author ); + } + + if ( ! empty( $plugin_version ) ) { + /* translators: %s: Plugin version number. */ + $plugin_version_string = sprintf( __( 'Version %s' ), $plugin_version ); + $plugin_version_string_debug = sprintf( 'author: (undefined), version: %s', $plugin_version ); + } + } + + $info['wp-mu-plugins']['fields'][ sanitize_text_field( $plugin['Name'] ) ] = array( + 'label' => $plugin['Name'], + 'value' => $plugin_version_string, + 'debug' => $plugin_version_string_debug, + ); + } + + // List all available plugins. + $plugins = get_plugins(); + $plugin_updates = get_plugin_updates(); + $transient = get_site_transient( 'update_plugins' ); + + $auto_updates = array(); + + $auto_updates_enabled = wp_is_auto_update_enabled_for_type( 'plugin' ); + + if ( $auto_updates_enabled ) { + $auto_updates = (array) get_site_option( 'auto_update_plugins', array() ); + } + + foreach ( $plugins as $plugin_path => $plugin ) { + $plugin_part = ( is_plugin_active( $plugin_path ) ) ? 'wp-plugins-active' : 'wp-plugins-inactive'; + + $plugin_version = $plugin['Version']; + $plugin_author = $plugin['Author']; + + $plugin_version_string = __( 'No version or author information is available.' ); + $plugin_version_string_debug = 'author: (undefined), version: (undefined)'; + + if ( ! empty( $plugin_version ) && ! empty( $plugin_author ) ) { + /* translators: 1: Plugin version number. 2: Plugin author name. */ + $plugin_version_string = sprintf( __( 'Version %1$s by %2$s' ), $plugin_version, $plugin_author ); + $plugin_version_string_debug = sprintf( 'version: %s, author: %s', $plugin_version, $plugin_author ); + } else { + if ( ! empty( $plugin_author ) ) { + /* translators: %s: Plugin author name. */ + $plugin_version_string = sprintf( __( 'By %s' ), $plugin_author ); + $plugin_version_string_debug = sprintf( 'author: %s, version: (undefined)', $plugin_author ); + } + + if ( ! empty( $plugin_version ) ) { + /* translators: %s: Plugin version number. */ + $plugin_version_string = sprintf( __( 'Version %s' ), $plugin_version ); + $plugin_version_string_debug = sprintf( 'author: (undefined), version: %s', $plugin_version ); + } + } + + if ( array_key_exists( $plugin_path, $plugin_updates ) ) { + /* translators: %s: Latest plugin version number. */ + $plugin_version_string .= ' ' . sprintf( __( '(Latest version: %s)' ), $plugin_updates[ $plugin_path ]->update->new_version ); + $plugin_version_string_debug .= sprintf( ' (latest version: %s)', $plugin_updates[ $plugin_path ]->update->new_version ); + } + + if ( $auto_updates_enabled ) { + if ( isset( $transient->response[ $plugin_path ] ) ) { + $item = $transient->response[ $plugin_path ]; + } elseif ( isset( $transient->no_update[ $plugin_path ] ) ) { + $item = $transient->no_update[ $plugin_path ]; + } else { + $item = array( + 'id' => $plugin_path, + 'slug' => '', + 'plugin' => $plugin_path, + 'new_version' => '', + 'url' => '', + 'package' => '', + 'icons' => array(), + 'banners' => array(), + 'banners_rtl' => array(), + 'tested' => '', + 'requires_php' => '', + 'compatibility' => new stdClass(), + ); + $item = wp_parse_args( $plugin, $item ); + } + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'plugin', null, (object) $item ); + + if ( ! is_null( $auto_update_forced ) ) { + $enabled = $auto_update_forced; + } else { + $enabled = in_array( $plugin_path, $auto_updates, true ); + } + + if ( $enabled ) { + $auto_updates_string = __( 'Auto-updates enabled' ); + } else { + $auto_updates_string = __( 'Auto-updates disabled' ); + } + + /** + * Filters the text string of the auto-updates setting for each plugin in the Site Health debug data. + * + * @since 5.5.0 + * + * @param string $auto_updates_string The string output for the auto-updates column. + * @param string $plugin_path The path to the plugin file. + * @param array $plugin An array of plugin data. + * @param bool $enabled Whether auto-updates are enabled for this item. + */ + $auto_updates_string = apply_filters( 'plugin_auto_update_debug_string', $auto_updates_string, $plugin_path, $plugin, $enabled ); + + $plugin_version_string .= ' | ' . $auto_updates_string; + $plugin_version_string_debug .= ', ' . $auto_updates_string; + } + + $info[ $plugin_part ]['fields'][ sanitize_text_field( $plugin['Name'] ) ] = array( + 'label' => $plugin['Name'], + 'value' => $plugin_version_string, + 'debug' => $plugin_version_string_debug, + ); + } + + // Populate the section for the currently active theme. + $theme_features = array(); + + if ( ! empty( $_wp_theme_features ) ) { + foreach ( $_wp_theme_features as $feature => $options ) { + $theme_features[] = $feature; + } + } + + $active_theme = wp_get_theme(); + $theme_updates = get_theme_updates(); + $transient = get_site_transient( 'update_themes' ); + + $active_theme_version = $active_theme->version; + $active_theme_version_debug = $active_theme_version; + + $auto_updates = array(); + $auto_updates_enabled = wp_is_auto_update_enabled_for_type( 'theme' ); + if ( $auto_updates_enabled ) { + $auto_updates = (array) get_site_option( 'auto_update_themes', array() ); + } + + if ( array_key_exists( $active_theme->stylesheet, $theme_updates ) ) { + $theme_update_new_version = $theme_updates[ $active_theme->stylesheet ]->update['new_version']; + + /* translators: %s: Latest theme version number. */ + $active_theme_version .= ' ' . sprintf( __( '(Latest version: %s)' ), $theme_update_new_version ); + $active_theme_version_debug .= sprintf( ' (latest version: %s)', $theme_update_new_version ); + } + + $active_theme_author_uri = $active_theme->display( 'AuthorURI' ); + + if ( $active_theme->parent_theme ) { + $active_theme_parent_theme = sprintf( + /* translators: 1: Theme name. 2: Theme slug. */ + __( '%1$s (%2$s)' ), + $active_theme->parent_theme, + $active_theme->template + ); + $active_theme_parent_theme_debug = sprintf( + '%s (%s)', + $active_theme->parent_theme, + $active_theme->template + ); + } else { + $active_theme_parent_theme = __( 'None' ); + $active_theme_parent_theme_debug = 'none'; + } + + $info['wp-active-theme']['fields'] = array( + 'name' => array( + 'label' => __( 'Name' ), + 'value' => sprintf( + /* translators: 1: Theme name. 2: Theme slug. */ + __( '%1$s (%2$s)' ), + $active_theme->name, + $active_theme->stylesheet + ), + ), + 'version' => array( + 'label' => __( 'Version' ), + 'value' => $active_theme_version, + 'debug' => $active_theme_version_debug, + ), + 'author' => array( + 'label' => __( 'Author' ), + 'value' => wp_kses( $active_theme->author, array() ), + ), + 'author_website' => array( + 'label' => __( 'Author website' ), + 'value' => ( $active_theme_author_uri ? $active_theme_author_uri : __( 'Undefined' ) ), + 'debug' => ( $active_theme_author_uri ? $active_theme_author_uri : '(undefined)' ), + ), + 'parent_theme' => array( + 'label' => __( 'Parent theme' ), + 'value' => $active_theme_parent_theme, + 'debug' => $active_theme_parent_theme_debug, + ), + 'theme_features' => array( + 'label' => __( 'Theme features' ), + 'value' => implode( ', ', $theme_features ), + ), + 'theme_path' => array( + 'label' => __( 'Theme directory location' ), + 'value' => get_stylesheet_directory(), + ), + ); + + if ( $auto_updates_enabled ) { + if ( isset( $transient->response[ $active_theme->stylesheet ] ) ) { + $item = $transient->response[ $active_theme->stylesheet ]; + } elseif ( isset( $transient->no_update[ $active_theme->stylesheet ] ) ) { + $item = $transient->no_update[ $active_theme->stylesheet ]; + } else { + $item = array( + 'theme' => $active_theme->stylesheet, + 'new_version' => $active_theme->version, + 'url' => '', + 'package' => '', + 'requires' => '', + 'requires_php' => '', + ); + } + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'theme', null, (object) $item ); + + if ( ! is_null( $auto_update_forced ) ) { + $enabled = $auto_update_forced; + } else { + $enabled = in_array( $active_theme->stylesheet, $auto_updates, true ); + } + + if ( $enabled ) { + $auto_updates_string = __( 'Enabled' ); + } else { + $auto_updates_string = __( 'Disabled' ); + } + + /** This filter is documented in wp-admin/includes/class-wp-debug-data.php */ + $auto_updates_string = apply_filters( 'theme_auto_update_debug_string', $auto_updates_string, $active_theme, $enabled ); + + $info['wp-active-theme']['fields']['auto_update'] = array( + 'label' => __( 'Auto-updates' ), + 'value' => $auto_updates_string, + 'debug' => $auto_updates_string, + ); + } + + $parent_theme = $active_theme->parent(); + + if ( $parent_theme ) { + $parent_theme_version = $parent_theme->version; + $parent_theme_version_debug = $parent_theme_version; + + if ( array_key_exists( $parent_theme->stylesheet, $theme_updates ) ) { + $parent_theme_update_new_version = $theme_updates[ $parent_theme->stylesheet ]->update['new_version']; + + /* translators: %s: Latest theme version number. */ + $parent_theme_version .= ' ' . sprintf( __( '(Latest version: %s)' ), $parent_theme_update_new_version ); + $parent_theme_version_debug .= sprintf( ' (latest version: %s)', $parent_theme_update_new_version ); + } + + $parent_theme_author_uri = $parent_theme->display( 'AuthorURI' ); + + $info['wp-parent-theme']['fields'] = array( + 'name' => array( + 'label' => __( 'Name' ), + 'value' => sprintf( + /* translators: 1: Theme name. 2: Theme slug. */ + __( '%1$s (%2$s)' ), + $parent_theme->name, + $parent_theme->stylesheet + ), + ), + 'version' => array( + 'label' => __( 'Version' ), + 'value' => $parent_theme_version, + 'debug' => $parent_theme_version_debug, + ), + 'author' => array( + 'label' => __( 'Author' ), + 'value' => wp_kses( $parent_theme->author, array() ), + ), + 'author_website' => array( + 'label' => __( 'Author website' ), + 'value' => ( $parent_theme_author_uri ? $parent_theme_author_uri : __( 'Undefined' ) ), + 'debug' => ( $parent_theme_author_uri ? $parent_theme_author_uri : '(undefined)' ), + ), + 'theme_path' => array( + 'label' => __( 'Theme directory location' ), + 'value' => get_template_directory(), + ), + ); + + if ( $auto_updates_enabled ) { + if ( isset( $transient->response[ $parent_theme->stylesheet ] ) ) { + $item = $transient->response[ $parent_theme->stylesheet ]; + } elseif ( isset( $transient->no_update[ $parent_theme->stylesheet ] ) ) { + $item = $transient->no_update[ $parent_theme->stylesheet ]; + } else { + $item = array( + 'theme' => $parent_theme->stylesheet, + 'new_version' => $parent_theme->version, + 'url' => '', + 'package' => '', + 'requires' => '', + 'requires_php' => '', + ); + } + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'theme', null, (object) $item ); + + if ( ! is_null( $auto_update_forced ) ) { + $enabled = $auto_update_forced; + } else { + $enabled = in_array( $parent_theme->stylesheet, $auto_updates, true ); + } + + if ( $enabled ) { + $parent_theme_auto_update_string = __( 'Enabled' ); + } else { + $parent_theme_auto_update_string = __( 'Disabled' ); + } + + /** This filter is documented in wp-admin/includes/class-wp-debug-data.php */ + $parent_theme_auto_update_string = apply_filters( 'theme_auto_update_debug_string', $auto_updates_string, $parent_theme, $enabled ); + + $info['wp-parent-theme']['fields']['auto_update'] = array( + 'label' => __( 'Auto-update' ), + 'value' => $parent_theme_auto_update_string, + 'debug' => $parent_theme_auto_update_string, + ); + } + } + + // Populate a list of all themes available in the install. + $all_themes = wp_get_themes(); + + foreach ( $all_themes as $theme_slug => $theme ) { + // Exclude the currently active theme from the list of all themes. + if ( $active_theme->stylesheet === $theme_slug ) { + continue; + } + + // Exclude the currently active parent theme from the list of all themes. + if ( ! empty( $parent_theme ) && $parent_theme->stylesheet === $theme_slug ) { + continue; + } + + $theme_version = $theme->version; + $theme_author = $theme->author; + + // Sanitize. + $theme_author = wp_kses( $theme_author, array() ); + + $theme_version_string = __( 'No version or author information is available.' ); + $theme_version_string_debug = 'undefined'; + + if ( ! empty( $theme_version ) && ! empty( $theme_author ) ) { + /* translators: 1: Theme version number. 2: Theme author name. */ + $theme_version_string = sprintf( __( 'Version %1$s by %2$s' ), $theme_version, $theme_author ); + $theme_version_string_debug = sprintf( 'version: %s, author: %s', $theme_version, $theme_author ); + } else { + if ( ! empty( $theme_author ) ) { + /* translators: %s: Theme author name. */ + $theme_version_string = sprintf( __( 'By %s' ), $theme_author ); + $theme_version_string_debug = sprintf( 'author: %s, version: (undefined)', $theme_author ); + } + + if ( ! empty( $theme_version ) ) { + /* translators: %s: Theme version number. */ + $theme_version_string = sprintf( __( 'Version %s' ), $theme_version ); + $theme_version_string_debug = sprintf( 'author: (undefined), version: %s', $theme_version ); + } + } + + if ( array_key_exists( $theme_slug, $theme_updates ) ) { + /* translators: %s: Latest theme version number. */ + $theme_version_string .= ' ' . sprintf( __( '(Latest version: %s)' ), $theme_updates[ $theme_slug ]->update['new_version'] ); + $theme_version_string_debug .= sprintf( ' (latest version: %s)', $theme_updates[ $theme_slug ]->update['new_version'] ); + } + + if ( $auto_updates_enabled ) { + if ( isset( $transient->response[ $theme_slug ] ) ) { + $item = $transient->response[ $theme_slug ]; + } elseif ( isset( $transient->no_update[ $theme_slug ] ) ) { + $item = $transient->no_update[ $theme_slug ]; + } else { + $item = array( + 'theme' => $theme_slug, + 'new_version' => $theme->version, + 'url' => '', + 'package' => '', + 'requires' => '', + 'requires_php' => '', + ); + } + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'theme', null, (object) $item ); + + if ( ! is_null( $auto_update_forced ) ) { + $enabled = $auto_update_forced; + } else { + $enabled = in_array( $theme_slug, $auto_updates, true ); + } + + if ( $enabled ) { + $auto_updates_string = __( 'Auto-updates enabled' ); + } else { + $auto_updates_string = __( 'Auto-updates disabled' ); + } + + /** + * Filters the text string of the auto-updates setting for each theme in the Site Health debug data. + * + * @since 5.5.0 + * + * @param string $auto_updates_string The string output for the auto-updates column. + * @param WP_Theme $theme An object of theme data. + * @param bool $enabled Whether auto-updates are enabled for this item. + */ + $auto_updates_string = apply_filters( 'theme_auto_update_debug_string', $auto_updates_string, $theme, $enabled ); + + $theme_version_string .= ' | ' . $auto_updates_string; + $theme_version_string_debug .= ', ' . $auto_updates_string; + } + + $info['wp-themes-inactive']['fields'][ sanitize_text_field( $theme->name ) ] = array( + 'label' => sprintf( + /* translators: 1: Theme name. 2: Theme slug. */ + __( '%1$s (%2$s)' ), + $theme->name, + $theme_slug + ), + 'value' => $theme_version_string, + 'debug' => $theme_version_string_debug, + ); + } + + // Add more filesystem checks. + if ( defined( 'WPMU_PLUGIN_DIR' ) && is_dir( WPMU_PLUGIN_DIR ) ) { + $is_writable_wpmu_plugin_dir = wp_is_writable( WPMU_PLUGIN_DIR ); + + $info['wp-filesystem']['fields']['mu-plugins'] = array( + 'label' => __( 'The must use plugins directory' ), + 'value' => ( $is_writable_wpmu_plugin_dir ? __( 'Writable' ) : __( 'Not writable' ) ), + 'debug' => ( $is_writable_wpmu_plugin_dir ? 'writable' : 'not writable' ), + ); + } + + /** + * Filters the debug information shown on the Tools -> Site Health -> Info screen. + * + * Plugin or themes may wish to introduce their own debug information without creating + * additional admin pages. They can utilize this filter to introduce their own sections + * or add more data to existing sections. + * + * Array keys for sections added by core are all prefixed with `wp-`. Plugins and themes + * should use their own slug as a prefix, both for consistency as well as avoiding + * key collisions. Note that the array keys are used as labels for the copied data. + * + * All strings are expected to be plain text except `$description` that can contain + * inline HTML tags (see below). + * + * @since 5.2.0 + * + * @param array $args { + * The debug information to be added to the core information page. + * + * This is an associative multi-dimensional array, up to three levels deep. + * The topmost array holds the sections, keyed by section ID. + * + * @type array ...$0 { + * Each section has a `$fields` associative array (see below), and each `$value` in `$fields` + * can be another associative array of name/value pairs when there is more structured data + * to display. + * + * @type string $label Required. The title for this section of the debug output. + * @type string $description Optional. A description for your information section which + * may contain basic HTML markup, inline tags only as it is + * outputted in a paragraph. + * @type bool $show_count Optional. If set to `true`, the amount of fields will be included + * in the title for this section. Default false. + * @type bool $private Optional. If set to `true`, the section and all associated fields + * will be excluded from the copied data. Default false. + * @type array $fields { + * Required. An associative array containing the fields to be displayed in the section, + * keyed by field ID. + * + * @type array ...$0 { + * An associative array containing the data to be displayed for the field. + * + * @type string $label Required. The label for this piece of information. + * @type mixed $value Required. The output that is displayed for this field. + * Text should be translated. Can be an associative array + * that is displayed as name/value pairs. + * Accepted types: `string|int|float|(string|int|float)[]`. + * @type string $debug Optional. The output that is used for this field when + * the user copies the data. It should be more concise and + * not translated. If not set, the content of `$value` + * is used. Note that the array keys are used as labels + * for the copied data. + * @type bool $private Optional. If set to `true`, the field will be excluded + * from the copied data, allowing you to show, for example, + * API keys here. Default false. + * } + * } + * } + * } + */ + $info = apply_filters( 'debug_information', $info ); + + return $info; + } + + /** + * Returns the value of a MySQL system variable. + * + * @since 5.9.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $mysql_var Name of the MySQL system variable. + * @return string|null The variable value on success. Null if the variable does not exist. + */ + public static function get_mysql_var( $mysql_var ) { + global $wpdb; + + $result = $wpdb->get_row( + $wpdb->prepare( 'SHOW VARIABLES LIKE %s', $mysql_var ), + ARRAY_A + ); + + if ( ! empty( $result ) && array_key_exists( 'Value', $result ) ) { + return $result['Value']; + } + + return null; + } + + /** + * Formats the information gathered for debugging, in a manner suitable for copying to a forum or support ticket. + * + * @since 5.2.0 + * + * @param array $info_array Information gathered from the `WP_Debug_Data::debug_data()` function. + * @param string $data_type The data type to return, either 'info' or 'debug'. + * @return string The formatted data. + */ + public static function format( $info_array, $data_type ) { + $return = "`\n"; + + foreach ( $info_array as $section => $details ) { + // Skip this section if there are no fields, or the section has been declared as private. + if ( empty( $details['fields'] ) || ( isset( $details['private'] ) && $details['private'] ) ) { + continue; + } + + $section_label = 'debug' === $data_type ? $section : $details['label']; + + $return .= sprintf( + "### %s%s ###\n\n", + $section_label, + ( isset( $details['show_count'] ) && $details['show_count'] ? sprintf( ' (%d)', count( $details['fields'] ) ) : '' ) + ); + + foreach ( $details['fields'] as $field_name => $field ) { + if ( isset( $field['private'] ) && true === $field['private'] ) { + continue; + } + + if ( 'debug' === $data_type && isset( $field['debug'] ) ) { + $debug_data = $field['debug']; + } else { + $debug_data = $field['value']; + } + + // Can be array, one level deep only. + if ( is_array( $debug_data ) ) { + $value = ''; + + foreach ( $debug_data as $sub_field_name => $sub_field_value ) { + $value .= sprintf( "\n\t%s: %s", $sub_field_name, $sub_field_value ); + } + } elseif ( is_bool( $debug_data ) ) { + $value = $debug_data ? 'true' : 'false'; + } elseif ( empty( $debug_data ) && '0' !== $debug_data ) { + $value = 'undefined'; + } else { + $value = $debug_data; + } + + if ( 'debug' === $data_type ) { + $label = $field_name; + } else { + $label = $field['label']; + } + + $return .= sprintf( "%s: %s\n", $label, $value ); + } + + $return .= "\n"; + } + + $return .= '`'; + + return $return; + } + + /** + * Fetches the total size of all the database tables for the active database user. + * + * @since 5.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return int The size of the database, in bytes. + */ + public static function get_database_size() { + global $wpdb; + $size = 0; + $rows = $wpdb->get_results( 'SHOW TABLE STATUS', ARRAY_A ); + + if ( $wpdb->num_rows > 0 ) { + foreach ( $rows as $row ) { + $size += $row['Data_length'] + $row['Index_length']; + } + } + + return (int) $size; + } + + /** + * Fetches the sizes of the WordPress directories: `wordpress` (ABSPATH), `plugins`, `themes`, and `uploads`. + * Intended to supplement the array returned by `WP_Debug_Data::debug_data()`. + * + * @since 5.2.0 + * + * @return array The sizes of the directories, also the database size and total installation size. + */ + public static function get_sizes() { + $size_db = self::get_database_size(); + $upload_dir = wp_get_upload_dir(); + + /* + * We will be using the PHP max execution time to prevent the size calculations + * from causing a timeout. The default value is 30 seconds, and some + * hosts do not allow you to read configuration values. + */ + if ( function_exists( 'ini_get' ) ) { + $max_execution_time = ini_get( 'max_execution_time' ); + } + + /* + * The max_execution_time defaults to 0 when PHP runs from cli. + * We still want to limit it below. + */ + if ( empty( $max_execution_time ) ) { + $max_execution_time = 30; // 30 seconds. + } + + if ( $max_execution_time > 20 ) { + /* + * If the max_execution_time is set to lower than 20 seconds, reduce it a bit to prevent + * edge-case timeouts that may happen after the size loop has finished running. + */ + $max_execution_time -= 2; + } + + /* + * Go through the various installation directories and calculate their sizes. + * No trailing slashes. + */ + $paths = array( + 'wordpress_size' => untrailingslashit( ABSPATH ), + 'themes_size' => get_theme_root(), + 'plugins_size' => WP_PLUGIN_DIR, + 'uploads_size' => $upload_dir['basedir'], + ); + + $exclude = $paths; + unset( $exclude['wordpress_size'] ); + $exclude = array_values( $exclude ); + + $size_total = 0; + $all_sizes = array(); + + // Loop over all the directories we want to gather the sizes for. + foreach ( $paths as $name => $path ) { + $dir_size = null; // Default to timeout. + $results = array( + 'path' => $path, + 'raw' => 0, + ); + + if ( microtime( true ) - WP_START_TIMESTAMP < $max_execution_time ) { + if ( 'wordpress_size' === $name ) { + $dir_size = recurse_dirsize( $path, $exclude, $max_execution_time ); + } else { + $dir_size = recurse_dirsize( $path, null, $max_execution_time ); + } + } + + if ( false === $dir_size ) { + // Error reading. + $results['size'] = __( 'The size cannot be calculated. The directory is not accessible. Usually caused by invalid permissions.' ); + $results['debug'] = 'not accessible'; + + // Stop total size calculation. + $size_total = null; + } elseif ( null === $dir_size ) { + // Timeout. + $results['size'] = __( 'The directory size calculation has timed out. Usually caused by a very large number of sub-directories and files.' ); + $results['debug'] = 'timeout while calculating size'; + + // Stop total size calculation. + $size_total = null; + } else { + if ( null !== $size_total ) { + $size_total += $dir_size; + } + + $results['raw'] = $dir_size; + $results['size'] = size_format( $dir_size, 2 ); + $results['debug'] = $results['size'] . " ({$dir_size} bytes)"; + } + + $all_sizes[ $name ] = $results; + } + + if ( $size_db > 0 ) { + $database_size = size_format( $size_db, 2 ); + + $all_sizes['database_size'] = array( + 'raw' => $size_db, + 'size' => $database_size, + 'debug' => $database_size . " ({$size_db} bytes)", + ); + } else { + $all_sizes['database_size'] = array( + 'size' => __( 'Not available' ), + 'debug' => 'not available', + ); + } + + if ( null !== $size_total && $size_db > 0 ) { + $total_size = $size_total + $size_db; + $total_size_mb = size_format( $total_size, 2 ); + + $all_sizes['total_size'] = array( + 'raw' => $total_size, + 'size' => $total_size_mb, + 'debug' => $total_size_mb . " ({$total_size} bytes)", + ); + } else { + $all_sizes['total_size'] = array( + 'size' => __( 'Total size is not available. Some errors were encountered when determining the size of your installation.' ), + 'debug' => 'not available', + ); + } + + return $all_sizes; + } +} diff --git a/wp-admin/includes/class-wp-filesystem-base.php b/wp-admin/includes/class-wp-filesystem-base.php new file mode 100644 index 0000000..8b29127 --- /dev/null +++ b/wp-admin/includes/class-wp-filesystem-base.php @@ -0,0 +1,864 @@ +<?php +/** + * Base WordPress Filesystem + * + * @package WordPress + * @subpackage Filesystem + */ + +/** + * Base WordPress Filesystem class which Filesystem implementations extend. + * + * @since 2.5.0 + */ +#[AllowDynamicProperties] +class WP_Filesystem_Base { + + /** + * Whether to display debug data for the connection. + * + * @since 2.5.0 + * @var bool + */ + public $verbose = false; + + /** + * Cached list of local filepaths to mapped remote filepaths. + * + * @since 2.7.0 + * @var array + */ + public $cache = array(); + + /** + * The Access method of the current connection, Set automatically. + * + * @since 2.5.0 + * @var string + */ + public $method = ''; + + /** + * @var WP_Error + */ + public $errors = null; + + /** + */ + public $options = array(); + + /** + * Returns the path on the remote filesystem of ABSPATH. + * + * @since 2.7.0 + * + * @return string The location of the remote path. + */ + public function abspath() { + $folder = $this->find_folder( ABSPATH ); + + /* + * Perhaps the FTP folder is rooted at the WordPress install. + * Check for wp-includes folder in root. Could have some false positives, but rare. + */ + if ( ! $folder && $this->is_dir( '/' . WPINC ) ) { + $folder = '/'; + } + + return $folder; + } + + /** + * Returns the path on the remote filesystem of WP_CONTENT_DIR. + * + * @since 2.7.0 + * + * @return string The location of the remote path. + */ + public function wp_content_dir() { + return $this->find_folder( WP_CONTENT_DIR ); + } + + /** + * Returns the path on the remote filesystem of WP_PLUGIN_DIR. + * + * @since 2.7.0 + * + * @return string The location of the remote path. + */ + public function wp_plugins_dir() { + return $this->find_folder( WP_PLUGIN_DIR ); + } + + /** + * Returns the path on the remote filesystem of the Themes Directory. + * + * @since 2.7.0 + * + * @param string|false $theme Optional. The theme stylesheet or template for the directory. + * Default false. + * @return string The location of the remote path. + */ + public function wp_themes_dir( $theme = false ) { + $theme_root = get_theme_root( $theme ); + + // Account for relative theme roots. + if ( '/themes' === $theme_root || ! is_dir( $theme_root ) ) { + $theme_root = WP_CONTENT_DIR . $theme_root; + } + + return $this->find_folder( $theme_root ); + } + + /** + * Returns the path on the remote filesystem of WP_LANG_DIR. + * + * @since 3.2.0 + * + * @return string The location of the remote path. + */ + public function wp_lang_dir() { + return $this->find_folder( WP_LANG_DIR ); + } + + /** + * Locates a folder on the remote filesystem. + * + * @since 2.5.0 + * @deprecated 2.7.0 use WP_Filesystem_Base::abspath() or WP_Filesystem_Base::wp_*_dir() instead. + * @see WP_Filesystem_Base::abspath() + * @see WP_Filesystem_Base::wp_content_dir() + * @see WP_Filesystem_Base::wp_plugins_dir() + * @see WP_Filesystem_Base::wp_themes_dir() + * @see WP_Filesystem_Base::wp_lang_dir() + * + * @param string $base Optional. The folder to start searching from. Default '.'. + * @param bool $verbose Optional. True to display debug information. Default false. + * @return string The location of the remote path. + */ + public function find_base_dir( $base = '.', $verbose = false ) { + _deprecated_function( __FUNCTION__, '2.7.0', 'WP_Filesystem_Base::abspath() or WP_Filesystem_Base::wp_*_dir()' ); + $this->verbose = $verbose; + return $this->abspath(); + } + + /** + * Locates a folder on the remote filesystem. + * + * @since 2.5.0 + * @deprecated 2.7.0 use WP_Filesystem_Base::abspath() or WP_Filesystem_Base::wp_*_dir() methods instead. + * @see WP_Filesystem_Base::abspath() + * @see WP_Filesystem_Base::wp_content_dir() + * @see WP_Filesystem_Base::wp_plugins_dir() + * @see WP_Filesystem_Base::wp_themes_dir() + * @see WP_Filesystem_Base::wp_lang_dir() + * + * @param string $base Optional. The folder to start searching from. Default '.'. + * @param bool $verbose Optional. True to display debug information. Default false. + * @return string The location of the remote path. + */ + public function get_base_dir( $base = '.', $verbose = false ) { + _deprecated_function( __FUNCTION__, '2.7.0', 'WP_Filesystem_Base::abspath() or WP_Filesystem_Base::wp_*_dir()' ); + $this->verbose = $verbose; + return $this->abspath(); + } + + /** + * Locates a folder on the remote filesystem. + * + * Assumes that on Windows systems, Stripping off the Drive + * letter is OK Sanitizes \\ to / in Windows filepaths. + * + * @since 2.7.0 + * + * @param string $folder the folder to locate. + * @return string|false The location of the remote path, false on failure. + */ + public function find_folder( $folder ) { + if ( isset( $this->cache[ $folder ] ) ) { + return $this->cache[ $folder ]; + } + + if ( stripos( $this->method, 'ftp' ) !== false ) { + $constant_overrides = array( + 'FTP_BASE' => ABSPATH, + 'FTP_CONTENT_DIR' => WP_CONTENT_DIR, + 'FTP_PLUGIN_DIR' => WP_PLUGIN_DIR, + 'FTP_LANG_DIR' => WP_LANG_DIR, + ); + + // Direct matches ( folder = CONSTANT/ ). + foreach ( $constant_overrides as $constant => $dir ) { + if ( ! defined( $constant ) ) { + continue; + } + + if ( $folder === $dir ) { + return trailingslashit( constant( $constant ) ); + } + } + + // Prefix matches ( folder = CONSTANT/subdir ), + foreach ( $constant_overrides as $constant => $dir ) { + if ( ! defined( $constant ) ) { + continue; + } + + if ( 0 === stripos( $folder, $dir ) ) { // $folder starts with $dir. + $potential_folder = preg_replace( '#^' . preg_quote( $dir, '#' ) . '/#i', trailingslashit( constant( $constant ) ), $folder ); + $potential_folder = trailingslashit( $potential_folder ); + + if ( $this->is_dir( $potential_folder ) ) { + $this->cache[ $folder ] = $potential_folder; + + return $potential_folder; + } + } + } + } elseif ( 'direct' === $this->method ) { + $folder = str_replace( '\\', '/', $folder ); // Windows path sanitization. + + return trailingslashit( $folder ); + } + + $folder = preg_replace( '|^([a-z]{1}):|i', '', $folder ); // Strip out Windows drive letter if it's there. + $folder = str_replace( '\\', '/', $folder ); // Windows path sanitization. + + if ( isset( $this->cache[ $folder ] ) ) { + return $this->cache[ $folder ]; + } + + if ( $this->exists( $folder ) ) { // Folder exists at that absolute path. + $folder = trailingslashit( $folder ); + $this->cache[ $folder ] = $folder; + + return $folder; + } + + $return = $this->search_for_folder( $folder ); + + if ( $return ) { + $this->cache[ $folder ] = $return; + } + + return $return; + } + + /** + * Locates a folder on the remote filesystem. + * + * Expects Windows sanitized path. + * + * @since 2.7.0 + * + * @param string $folder The folder to locate. + * @param string $base The folder to start searching from. + * @param bool $loop If the function has recursed. Internal use only. + * @return string|false The location of the remote path, false to cease looping. + */ + public function search_for_folder( $folder, $base = '.', $loop = false ) { + if ( empty( $base ) || '.' === $base ) { + $base = trailingslashit( $this->cwd() ); + } + + $folder = untrailingslashit( $folder ); + + if ( $this->verbose ) { + /* translators: 1: Folder to locate, 2: Folder to start searching from. */ + printf( "\n" . __( 'Looking for %1$s in %2$s' ) . "<br />\n", $folder, $base ); + } + + $folder_parts = explode( '/', $folder ); + $folder_part_keys = array_keys( $folder_parts ); + $last_index = array_pop( $folder_part_keys ); + $last_path = $folder_parts[ $last_index ]; + + $files = $this->dirlist( $base ); + + foreach ( $folder_parts as $index => $key ) { + if ( $index === $last_index ) { + continue; // We want this to be caught by the next code block. + } + + /* + * Working from /home/ to /user/ to /wordpress/ see if that file exists within + * the current folder, If it's found, change into it and follow through looking + * for it. If it can't find WordPress down that route, it'll continue onto the next + * folder level, and see if that matches, and so on. If it reaches the end, and still + * can't find it, it'll return false for the entire function. + */ + if ( isset( $files[ $key ] ) ) { + + // Let's try that folder: + $newdir = trailingslashit( path_join( $base, $key ) ); + + if ( $this->verbose ) { + /* translators: %s: Directory name. */ + printf( "\n" . __( 'Changing to %s' ) . "<br />\n", $newdir ); + } + + // Only search for the remaining path tokens in the directory, not the full path again. + $newfolder = implode( '/', array_slice( $folder_parts, $index + 1 ) ); + $ret = $this->search_for_folder( $newfolder, $newdir, $loop ); + + if ( $ret ) { + return $ret; + } + } + } + + /* + * Only check this as a last resort, to prevent locating the incorrect install. + * All above procedures will fail quickly if this is the right branch to take. + */ + if ( isset( $files[ $last_path ] ) ) { + if ( $this->verbose ) { + /* translators: %s: Directory name. */ + printf( "\n" . __( 'Found %s' ) . "<br />\n", $base . $last_path ); + } + + return trailingslashit( $base . $last_path ); + } + + /* + * Prevent this function from looping again. + * No need to proceed if we've just searched in `/`. + */ + if ( $loop || '/' === $base ) { + return false; + } + + /* + * As an extra last resort, Change back to / if the folder wasn't found. + * This comes into effect when the CWD is /home/user/ but WP is at /var/www/.... + */ + return $this->search_for_folder( $folder, '/', true ); + } + + /** + * Returns the *nix-style file permissions for a file. + * + * From the PHP documentation page for fileperms(). + * + * @link https://www.php.net/manual/en/function.fileperms.php + * + * @since 2.5.0 + * + * @param string $file String filename. + * @return string The *nix-style representation of permissions. + */ + public function gethchmod( $file ) { + $perms = intval( $this->getchmod( $file ), 8 ); + + if ( ( $perms & 0xC000 ) === 0xC000 ) { // Socket. + $info = 's'; + } elseif ( ( $perms & 0xA000 ) === 0xA000 ) { // Symbolic Link. + $info = 'l'; + } elseif ( ( $perms & 0x8000 ) === 0x8000 ) { // Regular. + $info = '-'; + } elseif ( ( $perms & 0x6000 ) === 0x6000 ) { // Block special. + $info = 'b'; + } elseif ( ( $perms & 0x4000 ) === 0x4000 ) { // Directory. + $info = 'd'; + } elseif ( ( $perms & 0x2000 ) === 0x2000 ) { // Character special. + $info = 'c'; + } elseif ( ( $perms & 0x1000 ) === 0x1000 ) { // FIFO pipe. + $info = 'p'; + } else { // Unknown. + $info = 'u'; + } + + // Owner. + $info .= ( ( $perms & 0x0100 ) ? 'r' : '-' ); + $info .= ( ( $perms & 0x0080 ) ? 'w' : '-' ); + $info .= ( ( $perms & 0x0040 ) ? + ( ( $perms & 0x0800 ) ? 's' : 'x' ) : + ( ( $perms & 0x0800 ) ? 'S' : '-' ) ); + + // Group. + $info .= ( ( $perms & 0x0020 ) ? 'r' : '-' ); + $info .= ( ( $perms & 0x0010 ) ? 'w' : '-' ); + $info .= ( ( $perms & 0x0008 ) ? + ( ( $perms & 0x0400 ) ? 's' : 'x' ) : + ( ( $perms & 0x0400 ) ? 'S' : '-' ) ); + + // World. + $info .= ( ( $perms & 0x0004 ) ? 'r' : '-' ); + $info .= ( ( $perms & 0x0002 ) ? 'w' : '-' ); + $info .= ( ( $perms & 0x0001 ) ? + ( ( $perms & 0x0200 ) ? 't' : 'x' ) : + ( ( $perms & 0x0200 ) ? 'T' : '-' ) ); + + return $info; + } + + /** + * Gets the permissions of the specified file or filepath in their octal format. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string Mode of the file (the last 3 digits). + */ + public function getchmod( $file ) { + return '777'; + } + + /** + * Converts *nix-style file permissions to an octal number. + * + * Converts '-rw-r--r--' to 0644 + * From "info at rvgate dot nl"'s comment on the PHP documentation for chmod() + * + * @link https://www.php.net/manual/en/function.chmod.php#49614 + * + * @since 2.5.0 + * + * @param string $mode string The *nix-style file permissions. + * @return string Octal representation of permissions. + */ + public function getnumchmodfromh( $mode ) { + $realmode = ''; + $legal = array( '', 'w', 'r', 'x', '-' ); + $attarray = preg_split( '//', $mode ); + + for ( $i = 0, $c = count( $attarray ); $i < $c; $i++ ) { + $key = array_search( $attarray[ $i ], $legal, true ); + + if ( $key ) { + $realmode .= $legal[ $key ]; + } + } + + $mode = str_pad( $realmode, 10, '-', STR_PAD_LEFT ); + $trans = array( + '-' => '0', + 'r' => '4', + 'w' => '2', + 'x' => '1', + ); + $mode = strtr( $mode, $trans ); + + $newmode = $mode[0]; + $newmode .= $mode[1] + $mode[2] + $mode[3]; + $newmode .= $mode[4] + $mode[5] + $mode[6]; + $newmode .= $mode[7] + $mode[8] + $mode[9]; + + return $newmode; + } + + /** + * Determines if the string provided contains binary characters. + * + * @since 2.7.0 + * + * @param string $text String to test against. + * @return bool True if string is binary, false otherwise. + */ + public function is_binary( $text ) { + return (bool) preg_match( '|[^\x20-\x7E]|', $text ); // chr(32)..chr(127) + } + + /** + * Changes the owner of a file or directory. + * + * Default behavior is to do nothing, override this in your subclass, if desired. + * + * @since 2.5.0 + * + * @param string $file Path to the file or directory. + * @param string|int $owner A user name or number. + * @param bool $recursive Optional. If set to true, changes file owner recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chown( $file, $owner, $recursive = false ) { + return false; + } + + /** + * Connects filesystem. + * + * @since 2.5.0 + * @abstract + * + * @return bool True on success, false on failure (always true for WP_Filesystem_Direct). + */ + public function connect() { + return true; + } + + /** + * Reads entire file into a string. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Name of the file to read. + * @return string|false Read data on success, false on failure. + */ + public function get_contents( $file ) { + return false; + } + + /** + * Reads entire file into an array. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file. + * @return array|false File contents in an array on success, false on failure. + */ + public function get_contents_array( $file ) { + return false; + } + + /** + * Writes a string to a file. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Remote path to the file where to write the data. + * @param string $contents The data to write. + * @param int|false $mode Optional. The file permissions as octal number, usually 0644. + * Default false. + * @return bool True on success, false on failure. + */ + public function put_contents( $file, $contents, $mode = false ) { + return false; + } + + /** + * Gets the current working directory. + * + * @since 2.5.0 + * @abstract + * + * @return string|false The current working directory on success, false on failure. + */ + public function cwd() { + return false; + } + + /** + * Changes current directory. + * + * @since 2.5.0 + * @abstract + * + * @param string $dir The new current directory. + * @return bool True on success, false on failure. + */ + public function chdir( $dir ) { + return false; + } + + /** + * Changes the file group. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file. + * @param string|int $group A group name or number. + * @param bool $recursive Optional. If set to true, changes file group recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chgrp( $file, $group, $recursive = false ) { + return false; + } + + /** + * Changes filesystem permissions. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for directories. Default false. + * @param bool $recursive Optional. If set to true, changes file permissions recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chmod( $file, $mode = false, $recursive = false ) { + return false; + } + + /** + * Gets the file owner. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file. + * @return string|false Username of the owner on success, false on failure. + */ + public function owner( $file ) { + return false; + } + + /** + * Gets the file's group. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file. + * @return string|false The group on success, false on failure. + */ + public function group( $file ) { + return false; + } + + /** + * Copies a file. + * + * @since 2.5.0 + * @abstract + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for dirs. Default false. + * @return bool True on success, false on failure. + */ + public function copy( $source, $destination, $overwrite = false, $mode = false ) { + return false; + } + + /** + * Moves a file. + * + * @since 2.5.0 + * @abstract + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @return bool True on success, false on failure. + */ + public function move( $source, $destination, $overwrite = false ) { + return false; + } + + /** + * Deletes a file or directory. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to the file or directory. + * @param bool $recursive Optional. If set to true, deletes files and folders recursively. + * Default false. + * @param string|false $type Type of resource. 'f' for file, 'd' for directory. + * Default false. + * @return bool True on success, false on failure. + */ + public function delete( $file, $recursive = false, $type = false ) { + return false; + } + + /** + * Checks if a file or directory exists. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Path to file or directory. + * @return bool Whether $path exists or not. + */ + public function exists( $path ) { + return false; + } + + /** + * Checks if resource is a file. + * + * @since 2.5.0 + * @abstract + * + * @param string $file File path. + * @return bool Whether $file is a file. + */ + public function is_file( $file ) { + return false; + } + + /** + * Checks if resource is a directory. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Directory path. + * @return bool Whether $path is a directory. + */ + public function is_dir( $path ) { + return false; + } + + /** + * Checks if a file is readable. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to file. + * @return bool Whether $file is readable. + */ + public function is_readable( $file ) { + return false; + } + + /** + * Checks if a file or directory is writable. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Path to file or directory. + * @return bool Whether $path is writable. + */ + public function is_writable( $path ) { + return false; + } + + /** + * Gets the file's last access time. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing last access time, false on failure. + */ + public function atime( $file ) { + return false; + } + + /** + * Gets the file modification time. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing modification time, false on failure. + */ + public function mtime( $file ) { + return false; + } + + /** + * Gets the file size (in bytes). + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to file. + * @return int|false Size of the file in bytes on success, false on failure. + */ + public function size( $file ) { + return false; + } + + /** + * Sets the access and modification times of a file. + * + * Note: If $file doesn't exist, it will be created. + * + * @since 2.5.0 + * @abstract + * + * @param string $file Path to file. + * @param int $time Optional. Modified time to set for file. + * Default 0. + * @param int $atime Optional. Access time to set for file. + * Default 0. + * @return bool True on success, false on failure. + */ + public function touch( $file, $time = 0, $atime = 0 ) { + return false; + } + + /** + * Creates a directory. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Path for new directory. + * @param int|false $chmod Optional. The permissions as octal number (or false to skip chmod). + * Default false. + * @param string|int|false $chown Optional. A user name or number (or false to skip chown). + * Default false. + * @param string|int|false $chgrp Optional. A group name or number (or false to skip chgrp). + * Default false. + * @return bool True on success, false on failure. + */ + public function mkdir( $path, $chmod = false, $chown = false, $chgrp = false ) { + return false; + } + + /** + * Deletes a directory. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Path to directory. + * @param bool $recursive Optional. Whether to recursively remove files/directories. + * Default false. + * @return bool True on success, false on failure. + */ + public function rmdir( $path, $recursive = false ) { + return false; + } + + /** + * Gets details for files in a directory or a specific file. + * + * @since 2.5.0 + * @abstract + * + * @param string $path Path to directory or file. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default true. + * @param bool $recursive Optional. Whether to recursively include file details in nested directories. + * Default false. + * @return array|false { + * Array of arrays containing file information. False if unable to list directory contents. + * + * @type array $0... { + * Array of file information. Note that some elements may not be available on all filesystems. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type int|string|false $number File number. May be a numeric string. False if not available. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type int|string|false $size Size of file in bytes. May be a numeric string. + * False if not available. + * @type int|string|false $lastmodunix Last modified unix timestamp. May be a numeric string. + * False if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of + * files. False if unable to list directory contents. + * } + * } + */ + public function dirlist( $path, $include_hidden = true, $recursive = false ) { + return false; + } +} diff --git a/wp-admin/includes/class-wp-filesystem-direct.php b/wp-admin/includes/class-wp-filesystem-direct.php new file mode 100644 index 0000000..9fdfeb9 --- /dev/null +++ b/wp-admin/includes/class-wp-filesystem-direct.php @@ -0,0 +1,688 @@ +<?php +/** + * WordPress Direct Filesystem. + * + * @package WordPress + * @subpackage Filesystem + */ + +/** + * WordPress Filesystem Class for direct PHP file and folder manipulation. + * + * @since 2.5.0 + * + * @see WP_Filesystem_Base + */ +class WP_Filesystem_Direct extends WP_Filesystem_Base { + + /** + * Constructor. + * + * @since 2.5.0 + * + * @param mixed $arg Not used. + */ + public function __construct( $arg ) { + $this->method = 'direct'; + $this->errors = new WP_Error(); + } + + /** + * Reads entire file into a string. + * + * @since 2.5.0 + * + * @param string $file Name of the file to read. + * @return string|false Read data on success, false on failure. + */ + public function get_contents( $file ) { + return @file_get_contents( $file ); + } + + /** + * Reads entire file into an array. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return array|false File contents in an array on success, false on failure. + */ + public function get_contents_array( $file ) { + return @file( $file ); + } + + /** + * Writes a string to a file. + * + * @since 2.5.0 + * + * @param string $file Remote path to the file where to write the data. + * @param string $contents The data to write. + * @param int|false $mode Optional. The file permissions as octal number, usually 0644. + * Default false. + * @return bool True on success, false on failure. + */ + public function put_contents( $file, $contents, $mode = false ) { + $fp = @fopen( $file, 'wb' ); + + if ( ! $fp ) { + return false; + } + + mbstring_binary_safe_encoding(); + + $data_length = strlen( $contents ); + + $bytes_written = fwrite( $fp, $contents ); + + reset_mbstring_encoding(); + + fclose( $fp ); + + if ( $data_length !== $bytes_written ) { + return false; + } + + $this->chmod( $file, $mode ); + + return true; + } + + /** + * Gets the current working directory. + * + * @since 2.5.0 + * + * @return string|false The current working directory on success, false on failure. + */ + public function cwd() { + return getcwd(); + } + + /** + * Changes current directory. + * + * @since 2.5.0 + * + * @param string $dir The new current directory. + * @return bool True on success, false on failure. + */ + public function chdir( $dir ) { + return @chdir( $dir ); + } + + /** + * Changes the file group. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @param string|int $group A group name or number. + * @param bool $recursive Optional. If set to true, changes file group recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chgrp( $file, $group, $recursive = false ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + if ( ! $recursive ) { + return chgrp( $file, $group ); + } + + if ( ! $this->is_dir( $file ) ) { + return chgrp( $file, $group ); + } + + // Is a directory, and we want recursive. + $file = trailingslashit( $file ); + $filelist = $this->dirlist( $file ); + + foreach ( $filelist as $filename ) { + $this->chgrp( $file . $filename, $group, $recursive ); + } + + return true; + } + + /** + * Changes filesystem permissions. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for directories. Default false. + * @param bool $recursive Optional. If set to true, changes file permissions recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chmod( $file, $mode = false, $recursive = false ) { + if ( ! $mode ) { + if ( $this->is_file( $file ) ) { + $mode = FS_CHMOD_FILE; + } elseif ( $this->is_dir( $file ) ) { + $mode = FS_CHMOD_DIR; + } else { + return false; + } + } + + if ( ! $recursive || ! $this->is_dir( $file ) ) { + return chmod( $file, $mode ); + } + + // Is a directory, and we want recursive. + $file = trailingslashit( $file ); + $filelist = $this->dirlist( $file ); + + foreach ( (array) $filelist as $filename => $filemeta ) { + $this->chmod( $file . $filename, $mode, $recursive ); + } + + return true; + } + + /** + * Changes the owner of a file or directory. + * + * @since 2.5.0 + * + * @param string $file Path to the file or directory. + * @param string|int $owner A user name or number. + * @param bool $recursive Optional. If set to true, changes file owner recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chown( $file, $owner, $recursive = false ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + if ( ! $recursive ) { + return chown( $file, $owner ); + } + + if ( ! $this->is_dir( $file ) ) { + return chown( $file, $owner ); + } + + // Is a directory, and we want recursive. + $filelist = $this->dirlist( $file ); + + foreach ( $filelist as $filename ) { + $this->chown( $file . '/' . $filename, $owner, $recursive ); + } + + return true; + } + + /** + * Gets the file owner. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false Username of the owner on success, false on failure. + */ + public function owner( $file ) { + $owneruid = @fileowner( $file ); + + if ( ! $owneruid ) { + return false; + } + + if ( ! function_exists( 'posix_getpwuid' ) ) { + return $owneruid; + } + + $ownerarray = posix_getpwuid( $owneruid ); + + if ( ! $ownerarray ) { + return false; + } + + return $ownerarray['name']; + } + + /** + * Gets the permissions of the specified file or filepath in their octal format. + * + * FIXME does not handle errors in fileperms() + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string Mode of the file (the last 3 digits). + */ + public function getchmod( $file ) { + return substr( decoct( @fileperms( $file ) ), -3 ); + } + + /** + * Gets the file's group. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false The group on success, false on failure. + */ + public function group( $file ) { + $gid = @filegroup( $file ); + + if ( ! $gid ) { + return false; + } + + if ( ! function_exists( 'posix_getgrgid' ) ) { + return $gid; + } + + $grouparray = posix_getgrgid( $gid ); + + if ( ! $grouparray ) { + return false; + } + + return $grouparray['name']; + } + + /** + * Copies a file. + * + * @since 2.5.0 + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for dirs. Default false. + * @return bool True on success, false on failure. + */ + public function copy( $source, $destination, $overwrite = false, $mode = false ) { + if ( ! $overwrite && $this->exists( $destination ) ) { + return false; + } + + $rtval = copy( $source, $destination ); + + if ( $mode ) { + $this->chmod( $destination, $mode ); + } + + return $rtval; + } + + /** + * Moves a file or directory. + * + * After moving files or directories, OPcache will need to be invalidated. + * + * If moving a directory fails, `copy_dir()` can be used for a recursive copy. + * + * Use `move_dir()` for moving directories with OPcache invalidation and a + * fallback to `copy_dir()`. + * + * @since 2.5.0 + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @return bool True on success, false on failure. + */ + public function move( $source, $destination, $overwrite = false ) { + if ( ! $overwrite && $this->exists( $destination ) ) { + return false; + } + + if ( $overwrite && $this->exists( $destination ) && ! $this->delete( $destination, true ) ) { + // Can't overwrite if the destination couldn't be deleted. + return false; + } + + // Try using rename first. if that fails (for example, source is read only) try copy. + if ( @rename( $source, $destination ) ) { + return true; + } + + // Backward compatibility: Only fall back to `::copy()` for single files. + if ( $this->is_file( $source ) && $this->copy( $source, $destination, $overwrite ) && $this->exists( $destination ) ) { + $this->delete( $source ); + + return true; + } else { + return false; + } + } + + /** + * Deletes a file or directory. + * + * @since 2.5.0 + * + * @param string $file Path to the file or directory. + * @param bool $recursive Optional. If set to true, deletes files and folders recursively. + * Default false. + * @param string|false $type Type of resource. 'f' for file, 'd' for directory. + * Default false. + * @return bool True on success, false on failure. + */ + public function delete( $file, $recursive = false, $type = false ) { + if ( empty( $file ) ) { + // Some filesystems report this as /, which can cause non-expected recursive deletion of all files in the filesystem. + return false; + } + + $file = str_replace( '\\', '/', $file ); // For Win32, occasional problems deleting files otherwise. + + if ( 'f' === $type || $this->is_file( $file ) ) { + return @unlink( $file ); + } + + if ( ! $recursive && $this->is_dir( $file ) ) { + return @rmdir( $file ); + } + + // At this point it's a folder, and we're in recursive mode. + $file = trailingslashit( $file ); + $filelist = $this->dirlist( $file, true ); + + $retval = true; + + if ( is_array( $filelist ) ) { + foreach ( $filelist as $filename => $fileinfo ) { + if ( ! $this->delete( $file . $filename, $recursive, $fileinfo['type'] ) ) { + $retval = false; + } + } + } + + if ( file_exists( $file ) && ! @rmdir( $file ) ) { + $retval = false; + } + + return $retval; + } + + /** + * Checks if a file or directory exists. + * + * @since 2.5.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path exists or not. + */ + public function exists( $path ) { + return @file_exists( $path ); + } + + /** + * Checks if resource is a file. + * + * @since 2.5.0 + * + * @param string $file File path. + * @return bool Whether $file is a file. + */ + public function is_file( $file ) { + return @is_file( $file ); + } + + /** + * Checks if resource is a directory. + * + * @since 2.5.0 + * + * @param string $path Directory path. + * @return bool Whether $path is a directory. + */ + public function is_dir( $path ) { + return @is_dir( $path ); + } + + /** + * Checks if a file is readable. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return bool Whether $file is readable. + */ + public function is_readable( $file ) { + return @is_readable( $file ); + } + + /** + * Checks if a file or directory is writable. + * + * @since 2.5.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path is writable. + */ + public function is_writable( $path ) { + return @is_writable( $path ); + } + + /** + * Gets the file's last access time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing last access time, false on failure. + */ + public function atime( $file ) { + return @fileatime( $file ); + } + + /** + * Gets the file modification time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing modification time, false on failure. + */ + public function mtime( $file ) { + return @filemtime( $file ); + } + + /** + * Gets the file size (in bytes). + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Size of the file in bytes on success, false on failure. + */ + public function size( $file ) { + return @filesize( $file ); + } + + /** + * Sets the access and modification times of a file. + * + * Note: If $file doesn't exist, it will be created. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @param int $time Optional. Modified time to set for file. + * Default 0. + * @param int $atime Optional. Access time to set for file. + * Default 0. + * @return bool True on success, false on failure. + */ + public function touch( $file, $time = 0, $atime = 0 ) { + if ( 0 === $time ) { + $time = time(); + } + + if ( 0 === $atime ) { + $atime = time(); + } + + return touch( $file, $time, $atime ); + } + + /** + * Creates a directory. + * + * @since 2.5.0 + * + * @param string $path Path for new directory. + * @param int|false $chmod Optional. The permissions as octal number (or false to skip chmod). + * Default false. + * @param string|int|false $chown Optional. A user name or number (or false to skip chown). + * Default false. + * @param string|int|false $chgrp Optional. A group name or number (or false to skip chgrp). + * Default false. + * @return bool True on success, false on failure. + */ + public function mkdir( $path, $chmod = false, $chown = false, $chgrp = false ) { + // Safe mode fails with a trailing slash under certain PHP versions. + $path = untrailingslashit( $path ); + + if ( empty( $path ) ) { + return false; + } + + if ( ! $chmod ) { + $chmod = FS_CHMOD_DIR; + } + + if ( ! @mkdir( $path ) ) { + return false; + } + + $this->chmod( $path, $chmod ); + + if ( $chown ) { + $this->chown( $path, $chown ); + } + + if ( $chgrp ) { + $this->chgrp( $path, $chgrp ); + } + + return true; + } + + /** + * Deletes a directory. + * + * @since 2.5.0 + * + * @param string $path Path to directory. + * @param bool $recursive Optional. Whether to recursively remove files/directories. + * Default false. + * @return bool True on success, false on failure. + */ + public function rmdir( $path, $recursive = false ) { + return $this->delete( $path, $recursive ); + } + + /** + * Gets details for files in a directory or a specific file. + * + * @since 2.5.0 + * + * @param string $path Path to directory or file. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default true. + * @param bool $recursive Optional. Whether to recursively include file details in nested directories. + * Default false. + * @return array|false { + * Array of arrays containing file information. False if unable to list directory contents. + * + * @type array $0... { + * Array of file information. Note that some elements may not be available on all filesystems. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type false $number File number. Always false in this context. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type int|string|false $size Size of file in bytes. May be a numeric string. + * False if not available. + * @type int|string|false $lastmodunix Last modified unix timestamp. May be a numeric string. + * False if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of + * files. False if unable to list directory contents. + * } + * } + */ + public function dirlist( $path, $include_hidden = true, $recursive = false ) { + if ( $this->is_file( $path ) ) { + $limit_file = basename( $path ); + $path = dirname( $path ); + } else { + $limit_file = false; + } + + if ( ! $this->is_dir( $path ) || ! $this->is_readable( $path ) ) { + return false; + } + + $dir = dir( $path ); + + if ( ! $dir ) { + return false; + } + + $path = trailingslashit( $path ); + $ret = array(); + + while ( false !== ( $entry = $dir->read() ) ) { + $struc = array(); + $struc['name'] = $entry; + + if ( '.' === $struc['name'] || '..' === $struc['name'] ) { + continue; + } + + if ( ! $include_hidden && '.' === $struc['name'][0] ) { + continue; + } + + if ( $limit_file && $struc['name'] !== $limit_file ) { + continue; + } + + $struc['perms'] = $this->gethchmod( $path . $entry ); + $struc['permsn'] = $this->getnumchmodfromh( $struc['perms'] ); + $struc['number'] = false; + $struc['owner'] = $this->owner( $path . $entry ); + $struc['group'] = $this->group( $path . $entry ); + $struc['size'] = $this->size( $path . $entry ); + $struc['lastmodunix'] = $this->mtime( $path . $entry ); + $struc['lastmod'] = gmdate( 'M j', $struc['lastmodunix'] ); + $struc['time'] = gmdate( 'h:i:s', $struc['lastmodunix'] ); + $struc['type'] = $this->is_dir( $path . $entry ) ? 'd' : 'f'; + + if ( 'd' === $struc['type'] ) { + if ( $recursive ) { + $struc['files'] = $this->dirlist( $path . $struc['name'], $include_hidden, $recursive ); + } else { + $struc['files'] = array(); + } + } + + $ret[ $struc['name'] ] = $struc; + } + + $dir->close(); + unset( $dir ); + + return $ret; + } +} diff --git a/wp-admin/includes/class-wp-filesystem-ftpext.php b/wp-admin/includes/class-wp-filesystem-ftpext.php new file mode 100644 index 0000000..7db0685 --- /dev/null +++ b/wp-admin/includes/class-wp-filesystem-ftpext.php @@ -0,0 +1,830 @@ +<?php +/** + * WordPress FTP Filesystem. + * + * @package WordPress + * @subpackage Filesystem + */ + +/** + * WordPress Filesystem Class for implementing FTP. + * + * @since 2.5.0 + * + * @see WP_Filesystem_Base + */ +class WP_Filesystem_FTPext extends WP_Filesystem_Base { + + /** + * @since 2.5.0 + * @var resource + */ + public $link; + + /** + * Constructor. + * + * @since 2.5.0 + * + * @param array $opt + */ + public function __construct( $opt = '' ) { + $this->method = 'ftpext'; + $this->errors = new WP_Error(); + + // Check if possible to use ftp functions. + if ( ! extension_loaded( 'ftp' ) ) { + $this->errors->add( 'no_ftp_ext', __( 'The ftp PHP extension is not available' ) ); + return; + } + + // This class uses the timeout on a per-connection basis, others use it on a per-action basis. + if ( ! defined( 'FS_TIMEOUT' ) ) { + define( 'FS_TIMEOUT', 4 * MINUTE_IN_SECONDS ); + } + + if ( empty( $opt['port'] ) ) { + $this->options['port'] = 21; + } else { + $this->options['port'] = $opt['port']; + } + + if ( empty( $opt['hostname'] ) ) { + $this->errors->add( 'empty_hostname', __( 'FTP hostname is required' ) ); + } else { + $this->options['hostname'] = $opt['hostname']; + } + + // Check if the options provided are OK. + if ( empty( $opt['username'] ) ) { + $this->errors->add( 'empty_username', __( 'FTP username is required' ) ); + } else { + $this->options['username'] = $opt['username']; + } + + if ( empty( $opt['password'] ) ) { + $this->errors->add( 'empty_password', __( 'FTP password is required' ) ); + } else { + $this->options['password'] = $opt['password']; + } + + $this->options['ssl'] = false; + + if ( isset( $opt['connection_type'] ) && 'ftps' === $opt['connection_type'] ) { + $this->options['ssl'] = true; + } + } + + /** + * Connects filesystem. + * + * @since 2.5.0 + * + * @return bool True on success, false on failure. + */ + public function connect() { + if ( isset( $this->options['ssl'] ) && $this->options['ssl'] && function_exists( 'ftp_ssl_connect' ) ) { + $this->link = @ftp_ssl_connect( $this->options['hostname'], $this->options['port'], FS_CONNECT_TIMEOUT ); + } else { + $this->link = @ftp_connect( $this->options['hostname'], $this->options['port'], FS_CONNECT_TIMEOUT ); + } + + if ( ! $this->link ) { + $this->errors->add( + 'connect', + sprintf( + /* translators: %s: hostname:port */ + __( 'Failed to connect to FTP Server %s' ), + $this->options['hostname'] . ':' . $this->options['port'] + ) + ); + + return false; + } + + if ( ! @ftp_login( $this->link, $this->options['username'], $this->options['password'] ) ) { + $this->errors->add( + 'auth', + sprintf( + /* translators: %s: Username. */ + __( 'Username/Password incorrect for %s' ), + $this->options['username'] + ) + ); + + return false; + } + + // Set the connection to use Passive FTP. + ftp_pasv( $this->link, true ); + + if ( @ftp_get_option( $this->link, FTP_TIMEOUT_SEC ) < FS_TIMEOUT ) { + @ftp_set_option( $this->link, FTP_TIMEOUT_SEC, FS_TIMEOUT ); + } + + return true; + } + + /** + * Reads entire file into a string. + * + * @since 2.5.0 + * + * @param string $file Name of the file to read. + * @return string|false Read data on success, false if no temporary file could be opened, + * or if the file couldn't be retrieved. + */ + public function get_contents( $file ) { + $tempfile = wp_tempnam( $file ); + $temphandle = fopen( $tempfile, 'w+' ); + + if ( ! $temphandle ) { + unlink( $tempfile ); + return false; + } + + if ( ! ftp_fget( $this->link, $temphandle, $file, FTP_BINARY ) ) { + fclose( $temphandle ); + unlink( $tempfile ); + return false; + } + + fseek( $temphandle, 0 ); // Skip back to the start of the file being written to. + $contents = ''; + + while ( ! feof( $temphandle ) ) { + $contents .= fread( $temphandle, 8 * KB_IN_BYTES ); + } + + fclose( $temphandle ); + unlink( $tempfile ); + + return $contents; + } + + /** + * Reads entire file into an array. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return array|false File contents in an array on success, false on failure. + */ + public function get_contents_array( $file ) { + return explode( "\n", $this->get_contents( $file ) ); + } + + /** + * Writes a string to a file. + * + * @since 2.5.0 + * + * @param string $file Remote path to the file where to write the data. + * @param string $contents The data to write. + * @param int|false $mode Optional. The file permissions as octal number, usually 0644. + * Default false. + * @return bool True on success, false on failure. + */ + public function put_contents( $file, $contents, $mode = false ) { + $tempfile = wp_tempnam( $file ); + $temphandle = fopen( $tempfile, 'wb+' ); + + if ( ! $temphandle ) { + unlink( $tempfile ); + return false; + } + + mbstring_binary_safe_encoding(); + + $data_length = strlen( $contents ); + $bytes_written = fwrite( $temphandle, $contents ); + + reset_mbstring_encoding(); + + if ( $data_length !== $bytes_written ) { + fclose( $temphandle ); + unlink( $tempfile ); + return false; + } + + fseek( $temphandle, 0 ); // Skip back to the start of the file being written to. + + $ret = ftp_fput( $this->link, $file, $temphandle, FTP_BINARY ); + + fclose( $temphandle ); + unlink( $tempfile ); + + $this->chmod( $file, $mode ); + + return $ret; + } + + /** + * Gets the current working directory. + * + * @since 2.5.0 + * + * @return string|false The current working directory on success, false on failure. + */ + public function cwd() { + $cwd = ftp_pwd( $this->link ); + + if ( $cwd ) { + $cwd = trailingslashit( $cwd ); + } + + return $cwd; + } + + /** + * Changes current directory. + * + * @since 2.5.0 + * + * @param string $dir The new current directory. + * @return bool True on success, false on failure. + */ + public function chdir( $dir ) { + return @ftp_chdir( $this->link, $dir ); + } + + /** + * Changes filesystem permissions. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for directories. Default false. + * @param bool $recursive Optional. If set to true, changes file permissions recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chmod( $file, $mode = false, $recursive = false ) { + if ( ! $mode ) { + if ( $this->is_file( $file ) ) { + $mode = FS_CHMOD_FILE; + } elseif ( $this->is_dir( $file ) ) { + $mode = FS_CHMOD_DIR; + } else { + return false; + } + } + + // chmod any sub-objects if recursive. + if ( $recursive && $this->is_dir( $file ) ) { + $filelist = $this->dirlist( $file ); + + foreach ( (array) $filelist as $filename => $filemeta ) { + $this->chmod( $file . '/' . $filename, $mode, $recursive ); + } + } + + // chmod the file or directory. + if ( ! function_exists( 'ftp_chmod' ) ) { + return (bool) ftp_site( $this->link, sprintf( 'CHMOD %o %s', $mode, $file ) ); + } + + return (bool) ftp_chmod( $this->link, $mode, $file ); + } + + /** + * Gets the file owner. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false Username of the owner on success, false on failure. + */ + public function owner( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['owner']; + } + + /** + * Gets the permissions of the specified file or filepath in their octal format. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string Mode of the file (the last 3 digits). + */ + public function getchmod( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['permsn']; + } + + /** + * Gets the file's group. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false The group on success, false on failure. + */ + public function group( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['group']; + } + + /** + * Copies a file. + * + * @since 2.5.0 + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for dirs. Default false. + * @return bool True on success, false on failure. + */ + public function copy( $source, $destination, $overwrite = false, $mode = false ) { + if ( ! $overwrite && $this->exists( $destination ) ) { + return false; + } + + $content = $this->get_contents( $source ); + + if ( false === $content ) { + return false; + } + + return $this->put_contents( $destination, $content, $mode ); + } + + /** + * Moves a file or directory. + * + * After moving files or directories, OPcache will need to be invalidated. + * + * If moving a directory fails, `copy_dir()` can be used for a recursive copy. + * + * Use `move_dir()` for moving directories with OPcache invalidation and a + * fallback to `copy_dir()`. + * + * @since 2.5.0 + * + * @param string $source Path to the source file or directory. + * @param string $destination Path to the destination file or directory. + * @param bool $overwrite Optional. Whether to overwrite the destination if it exists. + * Default false. + * @return bool True on success, false on failure. + */ + public function move( $source, $destination, $overwrite = false ) { + return ftp_rename( $this->link, $source, $destination ); + } + + /** + * Deletes a file or directory. + * + * @since 2.5.0 + * + * @param string $file Path to the file or directory. + * @param bool $recursive Optional. If set to true, deletes files and folders recursively. + * Default false. + * @param string|false $type Type of resource. 'f' for file, 'd' for directory. + * Default false. + * @return bool True on success, false on failure. + */ + public function delete( $file, $recursive = false, $type = false ) { + if ( empty( $file ) ) { + return false; + } + + if ( 'f' === $type || $this->is_file( $file ) ) { + return ftp_delete( $this->link, $file ); + } + + if ( ! $recursive ) { + return ftp_rmdir( $this->link, $file ); + } + + $filelist = $this->dirlist( trailingslashit( $file ) ); + + if ( ! empty( $filelist ) ) { + foreach ( $filelist as $delete_file ) { + $this->delete( trailingslashit( $file ) . $delete_file['name'], $recursive, $delete_file['type'] ); + } + } + + return ftp_rmdir( $this->link, $file ); + } + + /** + * Checks if a file or directory exists. + * + * @since 2.5.0 + * @since 6.3.0 Returns false for an empty path. + * + * @param string $path Path to file or directory. + * @return bool Whether $path exists or not. + */ + public function exists( $path ) { + /* + * Check for empty path. If ftp_nlist() receives an empty path, + * it checks the current working directory and may return true. + * + * See https://core.trac.wordpress.org/ticket/33058. + */ + if ( '' === $path ) { + return false; + } + + $list = ftp_nlist( $this->link, $path ); + + if ( empty( $list ) && $this->is_dir( $path ) ) { + return true; // File is an empty directory. + } + + return ! empty( $list ); // Empty list = no file, so invert. + } + + /** + * Checks if resource is a file. + * + * @since 2.5.0 + * + * @param string $file File path. + * @return bool Whether $file is a file. + */ + public function is_file( $file ) { + return $this->exists( $file ) && ! $this->is_dir( $file ); + } + + /** + * Checks if resource is a directory. + * + * @since 2.5.0 + * + * @param string $path Directory path. + * @return bool Whether $path is a directory. + */ + public function is_dir( $path ) { + $cwd = $this->cwd(); + $result = @ftp_chdir( $this->link, trailingslashit( $path ) ); + + if ( $result && $path === $this->cwd() || $this->cwd() !== $cwd ) { + @ftp_chdir( $this->link, $cwd ); + return true; + } + + return false; + } + + /** + * Checks if a file is readable. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return bool Whether $file is readable. + */ + public function is_readable( $file ) { + return true; + } + + /** + * Checks if a file or directory is writable. + * + * @since 2.5.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path is writable. + */ + public function is_writable( $path ) { + return true; + } + + /** + * Gets the file's last access time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing last access time, false on failure. + */ + public function atime( $file ) { + return false; + } + + /** + * Gets the file modification time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing modification time, false on failure. + */ + public function mtime( $file ) { + return ftp_mdtm( $this->link, $file ); + } + + /** + * Gets the file size (in bytes). + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Size of the file in bytes on success, false on failure. + */ + public function size( $file ) { + $size = ftp_size( $this->link, $file ); + + return ( $size > -1 ) ? $size : false; + } + + /** + * Sets the access and modification times of a file. + * + * Note: If $file doesn't exist, it will be created. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @param int $time Optional. Modified time to set for file. + * Default 0. + * @param int $atime Optional. Access time to set for file. + * Default 0. + * @return bool True on success, false on failure. + */ + public function touch( $file, $time = 0, $atime = 0 ) { + return false; + } + + /** + * Creates a directory. + * + * @since 2.5.0 + * + * @param string $path Path for new directory. + * @param int|false $chmod Optional. The permissions as octal number (or false to skip chmod). + * Default false. + * @param string|int|false $chown Optional. A user name or number (or false to skip chown). + * Default false. + * @param string|int|false $chgrp Optional. A group name or number (or false to skip chgrp). + * Default false. + * @return bool True on success, false on failure. + */ + public function mkdir( $path, $chmod = false, $chown = false, $chgrp = false ) { + $path = untrailingslashit( $path ); + + if ( empty( $path ) ) { + return false; + } + + if ( ! ftp_mkdir( $this->link, $path ) ) { + return false; + } + + $this->chmod( $path, $chmod ); + + return true; + } + + /** + * Deletes a directory. + * + * @since 2.5.0 + * + * @param string $path Path to directory. + * @param bool $recursive Optional. Whether to recursively remove files/directories. + * Default false. + * @return bool True on success, false on failure. + */ + public function rmdir( $path, $recursive = false ) { + return $this->delete( $path, $recursive ); + } + + /** + * @param string $line + * @return array { + * Array of file information. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type string|false $number File number as a string, or false if not available. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type string|false $size Size of file in bytes as a string, or false if not available. + * @type string|false $lastmodunix Last modified unix timestamp as a string, or false if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of files. + * False if unable to list directory contents. + * } + */ + public function parselisting( $line ) { + static $is_windows = null; + + if ( is_null( $is_windows ) ) { + $is_windows = stripos( ftp_systype( $this->link ), 'win' ) !== false; + } + + if ( $is_windows && preg_match( '/([0-9]{2})-([0-9]{2})-([0-9]{2}) +([0-9]{2}):([0-9]{2})(AM|PM) +([0-9]+|<DIR>) +(.+)/', $line, $lucifer ) ) { + $b = array(); + + if ( $lucifer[3] < 70 ) { + $lucifer[3] += 2000; + } else { + $lucifer[3] += 1900; // 4-digit year fix. + } + + $b['isdir'] = ( '<DIR>' === $lucifer[7] ); + + if ( $b['isdir'] ) { + $b['type'] = 'd'; + } else { + $b['type'] = 'f'; + } + + $b['size'] = $lucifer[7]; + $b['month'] = $lucifer[1]; + $b['day'] = $lucifer[2]; + $b['year'] = $lucifer[3]; + $b['hour'] = $lucifer[4]; + $b['minute'] = $lucifer[5]; + $b['time'] = mktime( $lucifer[4] + ( strcasecmp( $lucifer[6], 'PM' ) === 0 ? 12 : 0 ), $lucifer[5], 0, $lucifer[1], $lucifer[2], $lucifer[3] ); + $b['am/pm'] = $lucifer[6]; + $b['name'] = $lucifer[8]; + } elseif ( ! $is_windows ) { + $lucifer = preg_split( '/[ ]/', $line, 9, PREG_SPLIT_NO_EMPTY ); + + if ( $lucifer ) { + // echo $line."\n"; + $lcount = count( $lucifer ); + + if ( $lcount < 8 ) { + return ''; + } + + $b = array(); + $b['isdir'] = 'd' === $lucifer[0][0]; + $b['islink'] = 'l' === $lucifer[0][0]; + + if ( $b['isdir'] ) { + $b['type'] = 'd'; + } elseif ( $b['islink'] ) { + $b['type'] = 'l'; + } else { + $b['type'] = 'f'; + } + + $b['perms'] = $lucifer[0]; + $b['permsn'] = $this->getnumchmodfromh( $b['perms'] ); + $b['number'] = $lucifer[1]; + $b['owner'] = $lucifer[2]; + $b['group'] = $lucifer[3]; + $b['size'] = $lucifer[4]; + + if ( 8 === $lcount ) { + sscanf( $lucifer[5], '%d-%d-%d', $b['year'], $b['month'], $b['day'] ); + sscanf( $lucifer[6], '%d:%d', $b['hour'], $b['minute'] ); + + $b['time'] = mktime( $b['hour'], $b['minute'], 0, $b['month'], $b['day'], $b['year'] ); + $b['name'] = $lucifer[7]; + } else { + $b['month'] = $lucifer[5]; + $b['day'] = $lucifer[6]; + + if ( preg_match( '/([0-9]{2}):([0-9]{2})/', $lucifer[7], $l2 ) ) { + $b['year'] = gmdate( 'Y' ); + $b['hour'] = $l2[1]; + $b['minute'] = $l2[2]; + } else { + $b['year'] = $lucifer[7]; + $b['hour'] = 0; + $b['minute'] = 0; + } + + $b['time'] = strtotime( sprintf( '%d %s %d %02d:%02d', $b['day'], $b['month'], $b['year'], $b['hour'], $b['minute'] ) ); + $b['name'] = $lucifer[8]; + } + } + } + + // Replace symlinks formatted as "source -> target" with just the source name. + if ( isset( $b['islink'] ) && $b['islink'] ) { + $b['name'] = preg_replace( '/(\s*->\s*.*)$/', '', $b['name'] ); + } + + return $b; + } + + /** + * Gets details for files in a directory or a specific file. + * + * @since 2.5.0 + * + * @param string $path Path to directory or file. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default true. + * @param bool $recursive Optional. Whether to recursively include file details in nested directories. + * Default false. + * @return array|false { + * Array of arrays containing file information. False if unable to list directory contents. + * + * @type array $0... { + * Array of file information. Note that some elements may not be available on all filesystems. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type int|string|false $number File number. May be a numeric string. False if not available. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type int|string|false $size Size of file in bytes. May be a numeric string. + * False if not available. + * @type int|string|false $lastmodunix Last modified unix timestamp. May be a numeric string. + * False if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of + * files. False if unable to list directory contents. + * } + * } + */ + public function dirlist( $path = '.', $include_hidden = true, $recursive = false ) { + if ( $this->is_file( $path ) ) { + $limit_file = basename( $path ); + $path = dirname( $path ) . '/'; + } else { + $limit_file = false; + } + + $pwd = ftp_pwd( $this->link ); + + if ( ! @ftp_chdir( $this->link, $path ) ) { // Can't change to folder = folder doesn't exist. + return false; + } + + $list = ftp_rawlist( $this->link, '-a', false ); + + @ftp_chdir( $this->link, $pwd ); + + if ( empty( $list ) ) { // Empty array = non-existent folder (real folder will show . at least). + return false; + } + + $dirlist = array(); + + foreach ( $list as $k => $v ) { + $entry = $this->parselisting( $v ); + + if ( empty( $entry ) ) { + continue; + } + + if ( '.' === $entry['name'] || '..' === $entry['name'] ) { + continue; + } + + if ( ! $include_hidden && '.' === $entry['name'][0] ) { + continue; + } + + if ( $limit_file && $entry['name'] !== $limit_file ) { + continue; + } + + $dirlist[ $entry['name'] ] = $entry; + } + + $path = trailingslashit( $path ); + $ret = array(); + + foreach ( (array) $dirlist as $struc ) { + if ( 'd' === $struc['type'] ) { + if ( $recursive ) { + $struc['files'] = $this->dirlist( $path . $struc['name'], $include_hidden, $recursive ); + } else { + $struc['files'] = array(); + } + } + + $ret[ $struc['name'] ] = $struc; + } + + return $ret; + } + + /** + * Destructor. + * + * @since 2.5.0 + */ + public function __destruct() { + if ( $this->link ) { + ftp_close( $this->link ); + } + } +} diff --git a/wp-admin/includes/class-wp-filesystem-ftpsockets.php b/wp-admin/includes/class-wp-filesystem-ftpsockets.php new file mode 100644 index 0000000..c69d801 --- /dev/null +++ b/wp-admin/includes/class-wp-filesystem-ftpsockets.php @@ -0,0 +1,718 @@ +<?php +/** + * WordPress FTP Sockets Filesystem. + * + * @package WordPress + * @subpackage Filesystem + */ + +/** + * WordPress Filesystem Class for implementing FTP Sockets. + * + * @since 2.5.0 + * + * @see WP_Filesystem_Base + */ +class WP_Filesystem_ftpsockets extends WP_Filesystem_Base { + + /** + * @since 2.5.0 + * @var ftp + */ + public $ftp; + + /** + * Constructor. + * + * @since 2.5.0 + * + * @param array $opt + */ + public function __construct( $opt = '' ) { + $this->method = 'ftpsockets'; + $this->errors = new WP_Error(); + + // Check if possible to use ftp functions. + if ( ! require_once ABSPATH . 'wp-admin/includes/class-ftp.php' ) { + return; + } + + $this->ftp = new ftp(); + + if ( empty( $opt['port'] ) ) { + $this->options['port'] = 21; + } else { + $this->options['port'] = (int) $opt['port']; + } + + if ( empty( $opt['hostname'] ) ) { + $this->errors->add( 'empty_hostname', __( 'FTP hostname is required' ) ); + } else { + $this->options['hostname'] = $opt['hostname']; + } + + // Check if the options provided are OK. + if ( empty( $opt['username'] ) ) { + $this->errors->add( 'empty_username', __( 'FTP username is required' ) ); + } else { + $this->options['username'] = $opt['username']; + } + + if ( empty( $opt['password'] ) ) { + $this->errors->add( 'empty_password', __( 'FTP password is required' ) ); + } else { + $this->options['password'] = $opt['password']; + } + } + + /** + * Connects filesystem. + * + * @since 2.5.0 + * + * @return bool True on success, false on failure. + */ + public function connect() { + if ( ! $this->ftp ) { + return false; + } + + $this->ftp->setTimeout( FS_CONNECT_TIMEOUT ); + + if ( ! $this->ftp->SetServer( $this->options['hostname'], $this->options['port'] ) ) { + $this->errors->add( + 'connect', + sprintf( + /* translators: %s: hostname:port */ + __( 'Failed to connect to FTP Server %s' ), + $this->options['hostname'] . ':' . $this->options['port'] + ) + ); + + return false; + } + + if ( ! $this->ftp->connect() ) { + $this->errors->add( + 'connect', + sprintf( + /* translators: %s: hostname:port */ + __( 'Failed to connect to FTP Server %s' ), + $this->options['hostname'] . ':' . $this->options['port'] + ) + ); + + return false; + } + + if ( ! $this->ftp->login( $this->options['username'], $this->options['password'] ) ) { + $this->errors->add( + 'auth', + sprintf( + /* translators: %s: Username. */ + __( 'Username/Password incorrect for %s' ), + $this->options['username'] + ) + ); + + return false; + } + + $this->ftp->SetType( FTP_BINARY ); + $this->ftp->Passive( true ); + $this->ftp->setTimeout( FS_TIMEOUT ); + + return true; + } + + /** + * Reads entire file into a string. + * + * @since 2.5.0 + * + * @param string $file Name of the file to read. + * @return string|false Read data on success, false if no temporary file could be opened, + * or if the file couldn't be retrieved. + */ + public function get_contents( $file ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + $tempfile = wp_tempnam( $file ); + $temphandle = fopen( $tempfile, 'w+' ); + + if ( ! $temphandle ) { + unlink( $tempfile ); + return false; + } + + mbstring_binary_safe_encoding(); + + if ( ! $this->ftp->fget( $temphandle, $file ) ) { + fclose( $temphandle ); + unlink( $tempfile ); + + reset_mbstring_encoding(); + + return ''; // Blank document. File does exist, it's just blank. + } + + reset_mbstring_encoding(); + + fseek( $temphandle, 0 ); // Skip back to the start of the file being written to. + $contents = ''; + + while ( ! feof( $temphandle ) ) { + $contents .= fread( $temphandle, 8 * KB_IN_BYTES ); + } + + fclose( $temphandle ); + unlink( $tempfile ); + + return $contents; + } + + /** + * Reads entire file into an array. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return array|false File contents in an array on success, false on failure. + */ + public function get_contents_array( $file ) { + return explode( "\n", $this->get_contents( $file ) ); + } + + /** + * Writes a string to a file. + * + * @since 2.5.0 + * + * @param string $file Remote path to the file where to write the data. + * @param string $contents The data to write. + * @param int|false $mode Optional. The file permissions as octal number, usually 0644. + * Default false. + * @return bool True on success, false on failure. + */ + public function put_contents( $file, $contents, $mode = false ) { + $tempfile = wp_tempnam( $file ); + $temphandle = @fopen( $tempfile, 'w+' ); + + if ( ! $temphandle ) { + unlink( $tempfile ); + return false; + } + + // The FTP class uses string functions internally during file download/upload. + mbstring_binary_safe_encoding(); + + $bytes_written = fwrite( $temphandle, $contents ); + + if ( false === $bytes_written || strlen( $contents ) !== $bytes_written ) { + fclose( $temphandle ); + unlink( $tempfile ); + + reset_mbstring_encoding(); + + return false; + } + + fseek( $temphandle, 0 ); // Skip back to the start of the file being written to. + + $ret = $this->ftp->fput( $file, $temphandle ); + + reset_mbstring_encoding(); + + fclose( $temphandle ); + unlink( $tempfile ); + + $this->chmod( $file, $mode ); + + return $ret; + } + + /** + * Gets the current working directory. + * + * @since 2.5.0 + * + * @return string|false The current working directory on success, false on failure. + */ + public function cwd() { + $cwd = $this->ftp->pwd(); + + if ( $cwd ) { + $cwd = trailingslashit( $cwd ); + } + + return $cwd; + } + + /** + * Changes current directory. + * + * @since 2.5.0 + * + * @param string $dir The new current directory. + * @return bool True on success, false on failure. + */ + public function chdir( $dir ) { + return $this->ftp->chdir( $dir ); + } + + /** + * Changes filesystem permissions. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for directories. Default false. + * @param bool $recursive Optional. If set to true, changes file permissions recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chmod( $file, $mode = false, $recursive = false ) { + if ( ! $mode ) { + if ( $this->is_file( $file ) ) { + $mode = FS_CHMOD_FILE; + } elseif ( $this->is_dir( $file ) ) { + $mode = FS_CHMOD_DIR; + } else { + return false; + } + } + + // chmod any sub-objects if recursive. + if ( $recursive && $this->is_dir( $file ) ) { + $filelist = $this->dirlist( $file ); + + foreach ( (array) $filelist as $filename => $filemeta ) { + $this->chmod( $file . '/' . $filename, $mode, $recursive ); + } + } + + // chmod the file or directory. + return $this->ftp->chmod( $file, $mode ); + } + + /** + * Gets the file owner. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false Username of the owner on success, false on failure. + */ + public function owner( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['owner']; + } + + /** + * Gets the permissions of the specified file or filepath in their octal format. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string Mode of the file (the last 3 digits). + */ + public function getchmod( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['permsn']; + } + + /** + * Gets the file's group. + * + * @since 2.5.0 + * + * @param string $file Path to the file. + * @return string|false The group on success, false on failure. + */ + public function group( $file ) { + $dir = $this->dirlist( $file ); + + return $dir[ $file ]['group']; + } + + /** + * Copies a file. + * + * @since 2.5.0 + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for dirs. Default false. + * @return bool True on success, false on failure. + */ + public function copy( $source, $destination, $overwrite = false, $mode = false ) { + if ( ! $overwrite && $this->exists( $destination ) ) { + return false; + } + + $content = $this->get_contents( $source ); + + if ( false === $content ) { + return false; + } + + return $this->put_contents( $destination, $content, $mode ); + } + + /** + * Moves a file or directory. + * + * After moving files or directories, OPcache will need to be invalidated. + * + * If moving a directory fails, `copy_dir()` can be used for a recursive copy. + * + * Use `move_dir()` for moving directories with OPcache invalidation and a + * fallback to `copy_dir()`. + * + * @since 2.5.0 + * + * @param string $source Path to the source file or directory. + * @param string $destination Path to the destination file or directory. + * @param bool $overwrite Optional. Whether to overwrite the destination if it exists. + * Default false. + * @return bool True on success, false on failure. + */ + public function move( $source, $destination, $overwrite = false ) { + return $this->ftp->rename( $source, $destination ); + } + + /** + * Deletes a file or directory. + * + * @since 2.5.0 + * + * @param string $file Path to the file or directory. + * @param bool $recursive Optional. If set to true, deletes files and folders recursively. + * Default false. + * @param string|false $type Type of resource. 'f' for file, 'd' for directory. + * Default false. + * @return bool True on success, false on failure. + */ + public function delete( $file, $recursive = false, $type = false ) { + if ( empty( $file ) ) { + return false; + } + + if ( 'f' === $type || $this->is_file( $file ) ) { + return $this->ftp->delete( $file ); + } + + if ( ! $recursive ) { + return $this->ftp->rmdir( $file ); + } + + return $this->ftp->mdel( $file ); + } + + /** + * Checks if a file or directory exists. + * + * @since 2.5.0 + * @since 6.3.0 Returns false for an empty path. + * + * @param string $path Path to file or directory. + * @return bool Whether $path exists or not. + */ + public function exists( $path ) { + /* + * Check for empty path. If ftp::nlist() receives an empty path, + * it checks the current working directory and may return true. + * + * See https://core.trac.wordpress.org/ticket/33058. + */ + if ( '' === $path ) { + return false; + } + + $list = $this->ftp->nlist( $path ); + + if ( empty( $list ) && $this->is_dir( $path ) ) { + return true; // File is an empty directory. + } + + return ! empty( $list ); // Empty list = no file, so invert. + // Return $this->ftp->is_exists($file); has issues with ABOR+426 responses on the ncFTPd server. + } + + /** + * Checks if resource is a file. + * + * @since 2.5.0 + * + * @param string $file File path. + * @return bool Whether $file is a file. + */ + public function is_file( $file ) { + if ( $this->is_dir( $file ) ) { + return false; + } + + if ( $this->exists( $file ) ) { + return true; + } + + return false; + } + + /** + * Checks if resource is a directory. + * + * @since 2.5.0 + * + * @param string $path Directory path. + * @return bool Whether $path is a directory. + */ + public function is_dir( $path ) { + $cwd = $this->cwd(); + + if ( $this->chdir( $path ) ) { + $this->chdir( $cwd ); + return true; + } + + return false; + } + + /** + * Checks if a file is readable. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return bool Whether $file is readable. + */ + public function is_readable( $file ) { + return true; + } + + /** + * Checks if a file or directory is writable. + * + * @since 2.5.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path is writable. + */ + public function is_writable( $path ) { + return true; + } + + /** + * Gets the file's last access time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing last access time, false on failure. + */ + public function atime( $file ) { + return false; + } + + /** + * Gets the file modification time. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing modification time, false on failure. + */ + public function mtime( $file ) { + return $this->ftp->mdtm( $file ); + } + + /** + * Gets the file size (in bytes). + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @return int|false Size of the file in bytes on success, false on failure. + */ + public function size( $file ) { + return $this->ftp->filesize( $file ); + } + + /** + * Sets the access and modification times of a file. + * + * Note: If $file doesn't exist, it will be created. + * + * @since 2.5.0 + * + * @param string $file Path to file. + * @param int $time Optional. Modified time to set for file. + * Default 0. + * @param int $atime Optional. Access time to set for file. + * Default 0. + * @return bool True on success, false on failure. + */ + public function touch( $file, $time = 0, $atime = 0 ) { + return false; + } + + /** + * Creates a directory. + * + * @since 2.5.0 + * + * @param string $path Path for new directory. + * @param int|false $chmod Optional. The permissions as octal number (or false to skip chmod). + * Default false. + * @param string|int|false $chown Optional. A user name or number (or false to skip chown). + * Default false. + * @param string|int|false $chgrp Optional. A group name or number (or false to skip chgrp). + * Default false. + * @return bool True on success, false on failure. + */ + public function mkdir( $path, $chmod = false, $chown = false, $chgrp = false ) { + $path = untrailingslashit( $path ); + + if ( empty( $path ) ) { + return false; + } + + if ( ! $this->ftp->mkdir( $path ) ) { + return false; + } + + if ( ! $chmod ) { + $chmod = FS_CHMOD_DIR; + } + + $this->chmod( $path, $chmod ); + + return true; + } + + /** + * Deletes a directory. + * + * @since 2.5.0 + * + * @param string $path Path to directory. + * @param bool $recursive Optional. Whether to recursively remove files/directories. + * Default false. + * @return bool True on success, false on failure. + */ + public function rmdir( $path, $recursive = false ) { + return $this->delete( $path, $recursive ); + } + + /** + * Gets details for files in a directory or a specific file. + * + * @since 2.5.0 + * + * @param string $path Path to directory or file. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default true. + * @param bool $recursive Optional. Whether to recursively include file details in nested directories. + * Default false. + * @return array|false { + * Array of arrays containing file information. False if unable to list directory contents. + * + * @type array $0... { + * Array of file information. Note that some elements may not be available on all filesystems. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type int|string|false $number File number. May be a numeric string. False if not available. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type int|string|false $size Size of file in bytes. May be a numeric string. + * False if not available. + * @type int|string|false $lastmodunix Last modified unix timestamp. May be a numeric string. + * False if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of + * files. False if unable to list directory contents. + * } + * } + */ + public function dirlist( $path = '.', $include_hidden = true, $recursive = false ) { + if ( $this->is_file( $path ) ) { + $limit_file = basename( $path ); + $path = dirname( $path ) . '/'; + } else { + $limit_file = false; + } + + mbstring_binary_safe_encoding(); + + $list = $this->ftp->dirlist( $path ); + + if ( empty( $list ) && ! $this->exists( $path ) ) { + + reset_mbstring_encoding(); + + return false; + } + + $path = trailingslashit( $path ); + $ret = array(); + + foreach ( $list as $struc ) { + + if ( '.' === $struc['name'] || '..' === $struc['name'] ) { + continue; + } + + if ( ! $include_hidden && '.' === $struc['name'][0] ) { + continue; + } + + if ( $limit_file && $struc['name'] !== $limit_file ) { + continue; + } + + if ( 'd' === $struc['type'] ) { + if ( $recursive ) { + $struc['files'] = $this->dirlist( $path . $struc['name'], $include_hidden, $recursive ); + } else { + $struc['files'] = array(); + } + } + + // Replace symlinks formatted as "source -> target" with just the source name. + if ( $struc['islink'] ) { + $struc['name'] = preg_replace( '/(\s*->\s*.*)$/', '', $struc['name'] ); + } + + // Add the octal representation of the file permissions. + $struc['permsn'] = $this->getnumchmodfromh( $struc['perms'] ); + + $ret[ $struc['name'] ] = $struc; + } + + reset_mbstring_encoding(); + + return $ret; + } + + /** + * Destructor. + * + * @since 2.5.0 + */ + public function __destruct() { + $this->ftp->quit(); + } +} diff --git a/wp-admin/includes/class-wp-filesystem-ssh2.php b/wp-admin/includes/class-wp-filesystem-ssh2.php new file mode 100644 index 0000000..d68f143 --- /dev/null +++ b/wp-admin/includes/class-wp-filesystem-ssh2.php @@ -0,0 +1,834 @@ +<?php +/** + * WordPress Filesystem Class for implementing SSH2 + * + * To use this class you must follow these steps for PHP 5.2.6+ + * + * @contrib http://kevin.vanzonneveld.net/techblog/article/make_ssh_connections_with_php/ - Installation Notes + * + * Compile libssh2 (Note: Only 0.14 is officaly working with PHP 5.2.6+ right now, But many users have found the latest versions work) + * + * cd /usr/src + * wget https://www.libssh2.org/download/libssh2-0.14.tar.gz + * tar -zxvf libssh2-0.14.tar.gz + * cd libssh2-0.14/ + * ./configure + * make all install + * + * Note: Do not leave the directory yet! + * + * Enter: pecl install -f ssh2 + * + * Copy the ssh.so file it creates to your PHP Module Directory. + * Open up your PHP.INI file and look for where extensions are placed. + * Add in your PHP.ini file: extension=ssh2.so + * + * Restart Apache! + * Check phpinfo() streams to confirm that: ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp exist. + * + * Note: As of WordPress 2.8, this utilizes the PHP5+ function `stream_get_contents()`. + * + * @since 2.7.0 + * + * @package WordPress + * @subpackage Filesystem + */ +class WP_Filesystem_SSH2 extends WP_Filesystem_Base { + + /** + * @since 2.7.0 + * @var resource + */ + public $link = false; + + /** + * @since 2.7.0 + * @var resource + */ + public $sftp_link; + + /** + * @since 2.7.0 + * @var bool + */ + public $keys = false; + + /** + * Constructor. + * + * @since 2.7.0 + * + * @param array $opt + */ + public function __construct( $opt = '' ) { + $this->method = 'ssh2'; + $this->errors = new WP_Error(); + + // Check if possible to use ssh2 functions. + if ( ! extension_loaded( 'ssh2' ) ) { + $this->errors->add( 'no_ssh2_ext', __( 'The ssh2 PHP extension is not available' ) ); + return; + } + + // Set defaults: + if ( empty( $opt['port'] ) ) { + $this->options['port'] = 22; + } else { + $this->options['port'] = $opt['port']; + } + + if ( empty( $opt['hostname'] ) ) { + $this->errors->add( 'empty_hostname', __( 'SSH2 hostname is required' ) ); + } else { + $this->options['hostname'] = $opt['hostname']; + } + + // Check if the options provided are OK. + if ( ! empty( $opt['public_key'] ) && ! empty( $opt['private_key'] ) ) { + $this->options['public_key'] = $opt['public_key']; + $this->options['private_key'] = $opt['private_key']; + + $this->options['hostkey'] = array( 'hostkey' => 'ssh-rsa,ssh-ed25519' ); + + $this->keys = true; + } elseif ( empty( $opt['username'] ) ) { + $this->errors->add( 'empty_username', __( 'SSH2 username is required' ) ); + } + + if ( ! empty( $opt['username'] ) ) { + $this->options['username'] = $opt['username']; + } + + if ( empty( $opt['password'] ) ) { + // Password can be blank if we are using keys. + if ( ! $this->keys ) { + $this->errors->add( 'empty_password', __( 'SSH2 password is required' ) ); + } else { + $this->options['password'] = null; + } + } else { + $this->options['password'] = $opt['password']; + } + } + + /** + * Connects filesystem. + * + * @since 2.7.0 + * + * @return bool True on success, false on failure. + */ + public function connect() { + if ( ! $this->keys ) { + $this->link = @ssh2_connect( $this->options['hostname'], $this->options['port'] ); + } else { + $this->link = @ssh2_connect( $this->options['hostname'], $this->options['port'], $this->options['hostkey'] ); + } + + if ( ! $this->link ) { + $this->errors->add( + 'connect', + sprintf( + /* translators: %s: hostname:port */ + __( 'Failed to connect to SSH2 Server %s' ), + $this->options['hostname'] . ':' . $this->options['port'] + ) + ); + + return false; + } + + if ( ! $this->keys ) { + if ( ! @ssh2_auth_password( $this->link, $this->options['username'], $this->options['password'] ) ) { + $this->errors->add( + 'auth', + sprintf( + /* translators: %s: Username. */ + __( 'Username/Password incorrect for %s' ), + $this->options['username'] + ) + ); + + return false; + } + } else { + if ( ! @ssh2_auth_pubkey_file( $this->link, $this->options['username'], $this->options['public_key'], $this->options['private_key'], $this->options['password'] ) ) { + $this->errors->add( + 'auth', + sprintf( + /* translators: %s: Username. */ + __( 'Public and Private keys incorrect for %s' ), + $this->options['username'] + ) + ); + + return false; + } + } + + $this->sftp_link = ssh2_sftp( $this->link ); + + if ( ! $this->sftp_link ) { + $this->errors->add( + 'connect', + sprintf( + /* translators: %s: hostname:port */ + __( 'Failed to initialize a SFTP subsystem session with the SSH2 Server %s' ), + $this->options['hostname'] . ':' . $this->options['port'] + ) + ); + + return false; + } + + return true; + } + + /** + * Gets the ssh2.sftp PHP stream wrapper path to open for the given file. + * + * This method also works around a PHP bug where the root directory (/) cannot + * be opened by PHP functions, causing a false failure. In order to work around + * this, the path is converted to /./ which is semantically the same as / + * See https://bugs.php.net/bug.php?id=64169 for more details. + * + * @since 4.4.0 + * + * @param string $path The File/Directory path on the remote server to return + * @return string The ssh2.sftp:// wrapped path to use. + */ + public function sftp_path( $path ) { + if ( '/' === $path ) { + $path = '/./'; + } + + return 'ssh2.sftp://' . $this->sftp_link . '/' . ltrim( $path, '/' ); + } + + /** + * @since 2.7.0 + * + * @param string $command + * @param bool $returnbool + * @return bool|string True on success, false on failure. String if the command was executed, `$returnbool` + * is false (default), and data from the resulting stream was retrieved. + */ + public function run_command( $command, $returnbool = false ) { + if ( ! $this->link ) { + return false; + } + + $stream = ssh2_exec( $this->link, $command ); + + if ( ! $stream ) { + $this->errors->add( + 'command', + sprintf( + /* translators: %s: Command. */ + __( 'Unable to perform command: %s' ), + $command + ) + ); + } else { + stream_set_blocking( $stream, true ); + stream_set_timeout( $stream, FS_TIMEOUT ); + $data = stream_get_contents( $stream ); + fclose( $stream ); + + if ( $returnbool ) { + return ( false === $data ) ? false : '' !== trim( $data ); + } else { + return $data; + } + } + + return false; + } + + /** + * Reads entire file into a string. + * + * @since 2.7.0 + * + * @param string $file Name of the file to read. + * @return string|false Read data on success, false if no temporary file could be opened, + * or if the file couldn't be retrieved. + */ + public function get_contents( $file ) { + return file_get_contents( $this->sftp_path( $file ) ); + } + + /** + * Reads entire file into an array. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @return array|false File contents in an array on success, false on failure. + */ + public function get_contents_array( $file ) { + return file( $this->sftp_path( $file ) ); + } + + /** + * Writes a string to a file. + * + * @since 2.7.0 + * + * @param string $file Remote path to the file where to write the data. + * @param string $contents The data to write. + * @param int|false $mode Optional. The file permissions as octal number, usually 0644. + * Default false. + * @return bool True on success, false on failure. + */ + public function put_contents( $file, $contents, $mode = false ) { + $ret = file_put_contents( $this->sftp_path( $file ), $contents ); + + if ( strlen( $contents ) !== $ret ) { + return false; + } + + $this->chmod( $file, $mode ); + + return true; + } + + /** + * Gets the current working directory. + * + * @since 2.7.0 + * + * @return string|false The current working directory on success, false on failure. + */ + public function cwd() { + $cwd = ssh2_sftp_realpath( $this->sftp_link, '.' ); + + if ( $cwd ) { + $cwd = trailingslashit( trim( $cwd ) ); + } + + return $cwd; + } + + /** + * Changes current directory. + * + * @since 2.7.0 + * + * @param string $dir The new current directory. + * @return bool True on success, false on failure. + */ + public function chdir( $dir ) { + return $this->run_command( 'cd ' . $dir, true ); + } + + /** + * Changes the file group. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @param string|int $group A group name or number. + * @param bool $recursive Optional. If set to true, changes file group recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chgrp( $file, $group, $recursive = false ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + if ( ! $recursive || ! $this->is_dir( $file ) ) { + return $this->run_command( sprintf( 'chgrp %s %s', escapeshellarg( $group ), escapeshellarg( $file ) ), true ); + } + + return $this->run_command( sprintf( 'chgrp -R %s %s', escapeshellarg( $group ), escapeshellarg( $file ) ), true ); + } + + /** + * Changes filesystem permissions. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for directories. Default false. + * @param bool $recursive Optional. If set to true, changes file permissions recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chmod( $file, $mode = false, $recursive = false ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + if ( ! $mode ) { + if ( $this->is_file( $file ) ) { + $mode = FS_CHMOD_FILE; + } elseif ( $this->is_dir( $file ) ) { + $mode = FS_CHMOD_DIR; + } else { + return false; + } + } + + if ( ! $recursive || ! $this->is_dir( $file ) ) { + return $this->run_command( sprintf( 'chmod %o %s', $mode, escapeshellarg( $file ) ), true ); + } + + return $this->run_command( sprintf( 'chmod -R %o %s', $mode, escapeshellarg( $file ) ), true ); + } + + /** + * Changes the owner of a file or directory. + * + * @since 2.7.0 + * + * @param string $file Path to the file or directory. + * @param string|int $owner A user name or number. + * @param bool $recursive Optional. If set to true, changes file owner recursively. + * Default false. + * @return bool True on success, false on failure. + */ + public function chown( $file, $owner, $recursive = false ) { + if ( ! $this->exists( $file ) ) { + return false; + } + + if ( ! $recursive || ! $this->is_dir( $file ) ) { + return $this->run_command( sprintf( 'chown %s %s', escapeshellarg( $owner ), escapeshellarg( $file ) ), true ); + } + + return $this->run_command( sprintf( 'chown -R %s %s', escapeshellarg( $owner ), escapeshellarg( $file ) ), true ); + } + + /** + * Gets the file owner. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @return string|false Username of the owner on success, false on failure. + */ + public function owner( $file ) { + $owneruid = @fileowner( $this->sftp_path( $file ) ); + + if ( ! $owneruid ) { + return false; + } + + if ( ! function_exists( 'posix_getpwuid' ) ) { + return $owneruid; + } + + $ownerarray = posix_getpwuid( $owneruid ); + + if ( ! $ownerarray ) { + return false; + } + + return $ownerarray['name']; + } + + /** + * Gets the permissions of the specified file or filepath in their octal format. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @return string Mode of the file (the last 3 digits). + */ + public function getchmod( $file ) { + return substr( decoct( @fileperms( $this->sftp_path( $file ) ) ), -3 ); + } + + /** + * Gets the file's group. + * + * @since 2.7.0 + * + * @param string $file Path to the file. + * @return string|false The group on success, false on failure. + */ + public function group( $file ) { + $gid = @filegroup( $this->sftp_path( $file ) ); + + if ( ! $gid ) { + return false; + } + + if ( ! function_exists( 'posix_getgrgid' ) ) { + return $gid; + } + + $grouparray = posix_getgrgid( $gid ); + + if ( ! $grouparray ) { + return false; + } + + return $grouparray['name']; + } + + /** + * Copies a file. + * + * @since 2.7.0 + * + * @param string $source Path to the source file. + * @param string $destination Path to the destination file. + * @param bool $overwrite Optional. Whether to overwrite the destination file if it exists. + * Default false. + * @param int|false $mode Optional. The permissions as octal number, usually 0644 for files, + * 0755 for dirs. Default false. + * @return bool True on success, false on failure. + */ + public function copy( $source, $destination, $overwrite = false, $mode = false ) { + if ( ! $overwrite && $this->exists( $destination ) ) { + return false; + } + + $content = $this->get_contents( $source ); + + if ( false === $content ) { + return false; + } + + return $this->put_contents( $destination, $content, $mode ); + } + + /** + * Moves a file or directory. + * + * After moving files or directories, OPcache will need to be invalidated. + * + * If moving a directory fails, `copy_dir()` can be used for a recursive copy. + * + * Use `move_dir()` for moving directories with OPcache invalidation and a + * fallback to `copy_dir()`. + * + * @since 2.7.0 + * + * @param string $source Path to the source file or directory. + * @param string $destination Path to the destination file or directory. + * @param bool $overwrite Optional. Whether to overwrite the destination if it exists. + * Default false. + * @return bool True on success, false on failure. + */ + public function move( $source, $destination, $overwrite = false ) { + if ( $this->exists( $destination ) ) { + if ( $overwrite ) { + // We need to remove the destination before we can rename the source. + $this->delete( $destination, false, 'f' ); + } else { + // If we're not overwriting, the rename will fail, so return early. + return false; + } + } + + return ssh2_sftp_rename( $this->sftp_link, $source, $destination ); + } + + /** + * Deletes a file or directory. + * + * @since 2.7.0 + * + * @param string $file Path to the file or directory. + * @param bool $recursive Optional. If set to true, deletes files and folders recursively. + * Default false. + * @param string|false $type Type of resource. 'f' for file, 'd' for directory. + * Default false. + * @return bool True on success, false on failure. + */ + public function delete( $file, $recursive = false, $type = false ) { + if ( 'f' === $type || $this->is_file( $file ) ) { + return ssh2_sftp_unlink( $this->sftp_link, $file ); + } + + if ( ! $recursive ) { + return ssh2_sftp_rmdir( $this->sftp_link, $file ); + } + + $filelist = $this->dirlist( $file ); + + if ( is_array( $filelist ) ) { + foreach ( $filelist as $filename => $fileinfo ) { + $this->delete( $file . '/' . $filename, $recursive, $fileinfo['type'] ); + } + } + + return ssh2_sftp_rmdir( $this->sftp_link, $file ); + } + + /** + * Checks if a file or directory exists. + * + * @since 2.7.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path exists or not. + */ + public function exists( $path ) { + return file_exists( $this->sftp_path( $path ) ); + } + + /** + * Checks if resource is a file. + * + * @since 2.7.0 + * + * @param string $file File path. + * @return bool Whether $file is a file. + */ + public function is_file( $file ) { + return is_file( $this->sftp_path( $file ) ); + } + + /** + * Checks if resource is a directory. + * + * @since 2.7.0 + * + * @param string $path Directory path. + * @return bool Whether $path is a directory. + */ + public function is_dir( $path ) { + return is_dir( $this->sftp_path( $path ) ); + } + + /** + * Checks if a file is readable. + * + * @since 2.7.0 + * + * @param string $file Path to file. + * @return bool Whether $file is readable. + */ + public function is_readable( $file ) { + return is_readable( $this->sftp_path( $file ) ); + } + + /** + * Checks if a file or directory is writable. + * + * @since 2.7.0 + * + * @param string $path Path to file or directory. + * @return bool Whether $path is writable. + */ + public function is_writable( $path ) { + // PHP will base its writable checks on system_user === file_owner, not ssh_user === file_owner. + return true; + } + + /** + * Gets the file's last access time. + * + * @since 2.7.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing last access time, false on failure. + */ + public function atime( $file ) { + return fileatime( $this->sftp_path( $file ) ); + } + + /** + * Gets the file modification time. + * + * @since 2.7.0 + * + * @param string $file Path to file. + * @return int|false Unix timestamp representing modification time, false on failure. + */ + public function mtime( $file ) { + return filemtime( $this->sftp_path( $file ) ); + } + + /** + * Gets the file size (in bytes). + * + * @since 2.7.0 + * + * @param string $file Path to file. + * @return int|false Size of the file in bytes on success, false on failure. + */ + public function size( $file ) { + return filesize( $this->sftp_path( $file ) ); + } + + /** + * Sets the access and modification times of a file. + * + * Note: Not implemented. + * + * @since 2.7.0 + * + * @param string $file Path to file. + * @param int $time Optional. Modified time to set for file. + * Default 0. + * @param int $atime Optional. Access time to set for file. + * Default 0. + */ + public function touch( $file, $time = 0, $atime = 0 ) { + // Not implemented. + } + + /** + * Creates a directory. + * + * @since 2.7.0 + * + * @param string $path Path for new directory. + * @param int|false $chmod Optional. The permissions as octal number (or false to skip chmod). + * Default false. + * @param string|int|false $chown Optional. A user name or number (or false to skip chown). + * Default false. + * @param string|int|false $chgrp Optional. A group name or number (or false to skip chgrp). + * Default false. + * @return bool True on success, false on failure. + */ + public function mkdir( $path, $chmod = false, $chown = false, $chgrp = false ) { + $path = untrailingslashit( $path ); + + if ( empty( $path ) ) { + return false; + } + + if ( ! $chmod ) { + $chmod = FS_CHMOD_DIR; + } + + if ( ! ssh2_sftp_mkdir( $this->sftp_link, $path, $chmod, true ) ) { + return false; + } + + // Set directory permissions. + ssh2_sftp_chmod( $this->sftp_link, $path, $chmod ); + + if ( $chown ) { + $this->chown( $path, $chown ); + } + + if ( $chgrp ) { + $this->chgrp( $path, $chgrp ); + } + + return true; + } + + /** + * Deletes a directory. + * + * @since 2.7.0 + * + * @param string $path Path to directory. + * @param bool $recursive Optional. Whether to recursively remove files/directories. + * Default false. + * @return bool True on success, false on failure. + */ + public function rmdir( $path, $recursive = false ) { + return $this->delete( $path, $recursive ); + } + + /** + * Gets details for files in a directory or a specific file. + * + * @since 2.7.0 + * + * @param string $path Path to directory or file. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default true. + * @param bool $recursive Optional. Whether to recursively include file details in nested directories. + * Default false. + * @return array|false { + * Array of arrays containing file information. False if unable to list directory contents. + * + * @type array $0... { + * Array of file information. Note that some elements may not be available on all filesystems. + * + * @type string $name Name of the file or directory. + * @type string $perms *nix representation of permissions. + * @type string $permsn Octal representation of permissions. + * @type false $number File number. Always false in this context. + * @type string|false $owner Owner name or ID, or false if not available. + * @type string|false $group File permissions group, or false if not available. + * @type int|string|false $size Size of file in bytes. May be a numeric string. + * False if not available. + * @type int|string|false $lastmodunix Last modified unix timestamp. May be a numeric string. + * False if not available. + * @type string|false $lastmod Last modified month (3 letters) and day (without leading 0), or + * false if not available. + * @type string|false $time Last modified time, or false if not available. + * @type string $type Type of resource. 'f' for file, 'd' for directory, 'l' for link. + * @type array|false $files If a directory and `$recursive` is true, contains another array of + * files. False if unable to list directory contents. + * } + * } + */ + public function dirlist( $path, $include_hidden = true, $recursive = false ) { + if ( $this->is_file( $path ) ) { + $limit_file = basename( $path ); + $path = dirname( $path ); + } else { + $limit_file = false; + } + + if ( ! $this->is_dir( $path ) || ! $this->is_readable( $path ) ) { + return false; + } + + $ret = array(); + $dir = dir( $this->sftp_path( $path ) ); + + if ( ! $dir ) { + return false; + } + + $path = trailingslashit( $path ); + + while ( false !== ( $entry = $dir->read() ) ) { + $struc = array(); + $struc['name'] = $entry; + + if ( '.' === $struc['name'] || '..' === $struc['name'] ) { + continue; // Do not care about these folders. + } + + if ( ! $include_hidden && '.' === $struc['name'][0] ) { + continue; + } + + if ( $limit_file && $struc['name'] !== $limit_file ) { + continue; + } + + $struc['perms'] = $this->gethchmod( $path . $entry ); + $struc['permsn'] = $this->getnumchmodfromh( $struc['perms'] ); + $struc['number'] = false; + $struc['owner'] = $this->owner( $path . $entry ); + $struc['group'] = $this->group( $path . $entry ); + $struc['size'] = $this->size( $path . $entry ); + $struc['lastmodunix'] = $this->mtime( $path . $entry ); + $struc['lastmod'] = gmdate( 'M j', $struc['lastmodunix'] ); + $struc['time'] = gmdate( 'h:i:s', $struc['lastmodunix'] ); + $struc['type'] = $this->is_dir( $path . $entry ) ? 'd' : 'f'; + + if ( 'd' === $struc['type'] ) { + if ( $recursive ) { + $struc['files'] = $this->dirlist( $path . $struc['name'], $include_hidden, $recursive ); + } else { + $struc['files'] = array(); + } + } + + $ret[ $struc['name'] ] = $struc; + } + + $dir->close(); + unset( $dir ); + + return $ret; + } +} diff --git a/wp-admin/includes/class-wp-importer.php b/wp-admin/includes/class-wp-importer.php new file mode 100644 index 0000000..eca3199 --- /dev/null +++ b/wp-admin/includes/class-wp-importer.php @@ -0,0 +1,327 @@ +<?php +/** + * WP_Importer base class + */ +#[AllowDynamicProperties] +class WP_Importer { + /** + * Class Constructor + */ + public function __construct() {} + + /** + * Returns array with imported permalinks from WordPress database. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $importer_name + * @param string $blog_id + * @return array + */ + public function get_imported_posts( $importer_name, $blog_id ) { + global $wpdb; + + $hashtable = array(); + + $limit = 100; + $offset = 0; + + // Grab all posts in chunks. + do { + $meta_key = $importer_name . '_' . $blog_id . '_permalink'; + $sql = $wpdb->prepare( "SELECT post_id, meta_value FROM $wpdb->postmeta WHERE meta_key = %s LIMIT %d,%d", $meta_key, $offset, $limit ); + $results = $wpdb->get_results( $sql ); + + // Increment offset. + $offset = ( $limit + $offset ); + + if ( ! empty( $results ) ) { + foreach ( $results as $r ) { + // Set permalinks into array. + $hashtable[ $r->meta_value ] = (int) $r->post_id; + } + } + } while ( count( $results ) === $limit ); + + return $hashtable; + } + + /** + * Returns count of imported permalinks from WordPress database. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $importer_name + * @param string $blog_id + * @return int + */ + public function count_imported_posts( $importer_name, $blog_id ) { + global $wpdb; + + $count = 0; + + // Get count of permalinks. + $meta_key = $importer_name . '_' . $blog_id . '_permalink'; + $sql = $wpdb->prepare( "SELECT COUNT( post_id ) AS cnt FROM $wpdb->postmeta WHERE meta_key = %s", $meta_key ); + + $result = $wpdb->get_results( $sql ); + + if ( ! empty( $result ) ) { + $count = (int) $result[0]->cnt; + } + + return $count; + } + + /** + * Sets array with imported comments from WordPress database. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $blog_id + * @return array + */ + public function get_imported_comments( $blog_id ) { + global $wpdb; + + $hashtable = array(); + + $limit = 100; + $offset = 0; + + // Grab all comments in chunks. + do { + $sql = $wpdb->prepare( "SELECT comment_ID, comment_agent FROM $wpdb->comments LIMIT %d,%d", $offset, $limit ); + $results = $wpdb->get_results( $sql ); + + // Increment offset. + $offset = ( $limit + $offset ); + + if ( ! empty( $results ) ) { + foreach ( $results as $r ) { + // Explode comment_agent key. + list ( $comment_agent_blog_id, $source_comment_id ) = explode( '-', $r->comment_agent ); + + $source_comment_id = (int) $source_comment_id; + + // Check if this comment came from this blog. + if ( (int) $blog_id === (int) $comment_agent_blog_id ) { + $hashtable[ $source_comment_id ] = (int) $r->comment_ID; + } + } + } + } while ( count( $results ) === $limit ); + + return $hashtable; + } + + /** + * @param int $blog_id + * @return int|void + */ + public function set_blog( $blog_id ) { + if ( is_numeric( $blog_id ) ) { + $blog_id = (int) $blog_id; + } else { + $blog = 'http://' . preg_replace( '#^https?://#', '', $blog_id ); + $parsed = parse_url( $blog ); + if ( ! $parsed || empty( $parsed['host'] ) ) { + fwrite( STDERR, "Error: can not determine blog_id from $blog_id\n" ); + exit; + } + if ( empty( $parsed['path'] ) ) { + $parsed['path'] = '/'; + } + $blogs = get_sites( + array( + 'domain' => $parsed['host'], + 'number' => 1, + 'path' => $parsed['path'], + ) + ); + if ( ! $blogs ) { + fwrite( STDERR, "Error: Could not find blog\n" ); + exit; + } + $blog = array_shift( $blogs ); + $blog_id = (int) $blog->blog_id; + } + + if ( function_exists( 'is_multisite' ) ) { + if ( is_multisite() ) { + switch_to_blog( $blog_id ); + } + } + + return $blog_id; + } + + /** + * @param int $user_id + * @return int|void + */ + public function set_user( $user_id ) { + if ( is_numeric( $user_id ) ) { + $user_id = (int) $user_id; + } else { + $user_id = (int) username_exists( $user_id ); + } + + if ( ! $user_id || ! wp_set_current_user( $user_id ) ) { + fwrite( STDERR, "Error: can not find user\n" ); + exit; + } + + return $user_id; + } + + /** + * Sorts by strlen, longest string first. + * + * @param string $a + * @param string $b + * @return int + */ + public function cmpr_strlen( $a, $b ) { + return strlen( $b ) - strlen( $a ); + } + + /** + * Gets URL. + * + * @param string $url + * @param string $username + * @param string $password + * @param bool $head + * @return array + */ + public function get_page( $url, $username = '', $password = '', $head = false ) { + // Increase the timeout. + add_filter( 'http_request_timeout', array( $this, 'bump_request_timeout' ) ); + + $headers = array(); + $args = array(); + if ( true === $head ) { + $args['method'] = 'HEAD'; + } + if ( ! empty( $username ) && ! empty( $password ) ) { + $headers['Authorization'] = 'Basic ' . base64_encode( "$username:$password" ); + } + + $args['headers'] = $headers; + + return wp_safe_remote_request( $url, $args ); + } + + /** + * Bumps up the request timeout for http requests. + * + * @param int $val + * @return int + */ + public function bump_request_timeout( $val ) { + return 60; + } + + /** + * Checks if user has exceeded disk quota. + * + * @return bool + */ + public function is_user_over_quota() { + if ( function_exists( 'upload_is_user_over_quota' ) ) { + if ( upload_is_user_over_quota() ) { + return true; + } + } + + return false; + } + + /** + * Replaces newlines, tabs, and multiple spaces with a single space. + * + * @param string $text + * @return string + */ + public function min_whitespace( $text ) { + return preg_replace( '|[\r\n\t ]+|', ' ', $text ); + } + + /** + * Resets global variables that grow out of control during imports. + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global int[] $wp_actions + */ + public function stop_the_insanity() { + global $wpdb, $wp_actions; + // Or define( 'WP_IMPORTING', true ); + $wpdb->queries = array(); + // Reset $wp_actions to keep it from growing out of control. + $wp_actions = array(); + } +} + +/** + * Returns value of command line params. + * Exits when a required param is not set. + * + * @param string $param + * @param bool $required + * @return mixed + */ +function get_cli_args( $param, $required = false ) { + $args = $_SERVER['argv']; + if ( ! is_array( $args ) ) { + $args = array(); + } + + $out = array(); + + $last_arg = null; + $return = null; + + $il = count( $args ); + + for ( $i = 1, $il; $i < $il; $i++ ) { + if ( (bool) preg_match( '/^--(.+)/', $args[ $i ], $match ) ) { + $parts = explode( '=', $match[1] ); + $key = preg_replace( '/[^a-z0-9]+/', '', $parts[0] ); + + if ( isset( $parts[1] ) ) { + $out[ $key ] = $parts[1]; + } else { + $out[ $key ] = true; + } + + $last_arg = $key; + } elseif ( (bool) preg_match( '/^-([a-zA-Z0-9]+)/', $args[ $i ], $match ) ) { + for ( $j = 0, $jl = strlen( $match[1] ); $j < $jl; $j++ ) { + $key = $match[1][ $j ]; + $out[ $key ] = true; + } + + $last_arg = $key; + } elseif ( null !== $last_arg ) { + $out[ $last_arg ] = $args[ $i ]; + } + } + + // Check array for specified param. + if ( isset( $out[ $param ] ) ) { + // Set return value. + $return = $out[ $param ]; + } + + // Check for missing required param. + if ( ! isset( $out[ $param ] ) && $required ) { + // Display message and exit. + echo "\"$param\" parameter is required but was not specified\n"; + exit; + } + + return $return; +} diff --git a/wp-admin/includes/class-wp-internal-pointers.php b/wp-admin/includes/class-wp-internal-pointers.php new file mode 100644 index 0000000..6d7ebe9 --- /dev/null +++ b/wp-admin/includes/class-wp-internal-pointers.php @@ -0,0 +1,175 @@ +<?php +/** + * Administration API: WP_Internal_Pointers class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Core class used to implement an internal admin pointers API. + * + * @since 3.3.0 + */ +#[AllowDynamicProperties] +final class WP_Internal_Pointers { + /** + * Initializes the new feature pointers. + * + * @since 3.3.0 + * + * All pointers can be disabled using the following: + * remove_action( 'admin_enqueue_scripts', array( 'WP_Internal_Pointers', 'enqueue_scripts' ) ); + * + * Individual pointers (e.g. wp390_widgets) can be disabled using the following: + * + * function yourprefix_remove_pointers() { + * remove_action( + * 'admin_print_footer_scripts', + * array( 'WP_Internal_Pointers', 'pointer_wp390_widgets' ) + * ); + * } + * add_action( 'admin_enqueue_scripts', 'yourprefix_remove_pointers', 11 ); + * + * @param string $hook_suffix The current admin page. + */ + public static function enqueue_scripts( $hook_suffix ) { + /* + * Register feature pointers + * + * Format: + * array( + * hook_suffix => pointer callback + * ) + * + * Example: + * array( + * 'themes.php' => 'wp390_widgets' + * ) + */ + $registered_pointers = array( + // None currently. + ); + + // Check if screen related pointer is registered. + if ( empty( $registered_pointers[ $hook_suffix ] ) ) { + return; + } + + $pointers = (array) $registered_pointers[ $hook_suffix ]; + + /* + * Specify required capabilities for feature pointers + * + * Format: + * array( + * pointer callback => Array of required capabilities + * ) + * + * Example: + * array( + * 'wp390_widgets' => array( 'edit_theme_options' ) + * ) + */ + $caps_required = array( + // None currently. + ); + + // Get dismissed pointers. + $dismissed = explode( ',', (string) get_user_meta( get_current_user_id(), 'dismissed_wp_pointers', true ) ); + + $got_pointers = false; + foreach ( array_diff( $pointers, $dismissed ) as $pointer ) { + if ( isset( $caps_required[ $pointer ] ) ) { + foreach ( $caps_required[ $pointer ] as $cap ) { + if ( ! current_user_can( $cap ) ) { + continue 2; + } + } + } + + // Bind pointer print function. + add_action( 'admin_print_footer_scripts', array( 'WP_Internal_Pointers', 'pointer_' . $pointer ) ); + $got_pointers = true; + } + + if ( ! $got_pointers ) { + return; + } + + // Add pointers script and style to queue. + wp_enqueue_style( 'wp-pointer' ); + wp_enqueue_script( 'wp-pointer' ); + } + + /** + * Prints the pointer JavaScript data. + * + * @since 3.3.0 + * + * @param string $pointer_id The pointer ID. + * @param string $selector The HTML elements, on which the pointer should be attached. + * @param array $args Arguments to be passed to the pointer JS (see wp-pointer.js). + */ + private static function print_js( $pointer_id, $selector, $args ) { + if ( empty( $pointer_id ) || empty( $selector ) || empty( $args ) || empty( $args['content'] ) ) { + return; + } + + ?> + <script type="text/javascript"> + (function($){ + var options = <?php echo wp_json_encode( $args ); ?>, setup; + + if ( ! options ) + return; + + options = $.extend( options, { + close: function() { + $.post( ajaxurl, { + pointer: '<?php echo $pointer_id; ?>', + action: 'dismiss-wp-pointer' + }); + } + }); + + setup = function() { + $('<?php echo $selector; ?>').first().pointer( options ).pointer('open'); + }; + + if ( options.position && options.position.defer_loading ) + $(window).bind( 'load.wp-pointers', setup ); + else + $( function() { + setup(); + } ); + + })( jQuery ); + </script> + <?php + } + + public static function pointer_wp330_toolbar() {} + public static function pointer_wp330_media_uploader() {} + public static function pointer_wp330_saving_widgets() {} + public static function pointer_wp340_customize_current_theme_link() {} + public static function pointer_wp340_choose_image_from_library() {} + public static function pointer_wp350_media() {} + public static function pointer_wp360_revisions() {} + public static function pointer_wp360_locks() {} + public static function pointer_wp390_widgets() {} + public static function pointer_wp410_dfw() {} + public static function pointer_wp496_privacy() {} + + /** + * Prevents new users from seeing existing 'new feature' pointers. + * + * @since 3.3.0 + * + * @param int $user_id User ID. + */ + public static function dismiss_pointers_for_new_users( $user_id ) { + add_user_meta( $user_id, 'dismissed_wp_pointers', '' ); + } +} diff --git a/wp-admin/includes/class-wp-links-list-table.php b/wp-admin/includes/class-wp-links-list-table.php new file mode 100644 index 0000000..5159c1c --- /dev/null +++ b/wp-admin/includes/class-wp-links-list-table.php @@ -0,0 +1,354 @@ +<?php +/** + * List Table API: WP_Links_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying links in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Links_List_Table extends WP_List_Table { + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + parent::__construct( + array( + 'plural' => 'bookmarks', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'manage_links' ); + } + + /** + * @global int $cat_id + * @global string $s + * @global string $orderby + * @global string $order + */ + public function prepare_items() { + global $cat_id, $s, $orderby, $order; + + wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) ); + + $args = array( + 'hide_invisible' => 0, + 'hide_empty' => 0, + ); + + if ( 'all' !== $cat_id ) { + $args['category'] = $cat_id; + } + if ( ! empty( $s ) ) { + $args['search'] = $s; + } + if ( ! empty( $orderby ) ) { + $args['orderby'] = $orderby; + } + if ( ! empty( $order ) ) { + $args['order'] = $order; + } + + $this->items = get_bookmarks( $args ); + } + + /** + */ + public function no_items() { + _e( 'No links found.' ); + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + $actions['delete'] = __( 'Delete' ); + + return $actions; + } + + /** + * @global int $cat_id + * @param string $which + */ + protected function extra_tablenav( $which ) { + global $cat_id; + + if ( 'top' !== $which ) { + return; + } + ?> + <div class="alignleft actions"> + <?php + $dropdown_options = array( + 'selected' => $cat_id, + 'name' => 'cat_id', + 'taxonomy' => 'link_category', + 'show_option_all' => get_taxonomy( 'link_category' )->labels->all_items, + 'hide_empty' => true, + 'hierarchical' => 1, + 'show_count' => 0, + 'orderby' => 'name', + ); + + echo '<label class="screen-reader-text" for="cat_id">' . get_taxonomy( 'link_category' )->labels->filter_by_item . '</label>'; + + wp_dropdown_categories( $dropdown_options ); + + submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) ); + ?> + </div> + <?php + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + return array( + 'cb' => '<input type="checkbox" />', + 'name' => _x( 'Name', 'link name' ), + 'url' => __( 'URL' ), + 'categories' => __( 'Categories' ), + 'rel' => __( 'Relationship' ), + 'visible' => __( 'Visible' ), + 'rating' => __( 'Rating' ), + ); + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array( + 'name' => array( 'name', false, _x( 'Name', 'link name' ), __( 'Table ordered by Name.' ), 'asc' ), + 'url' => array( 'url', false, __( 'URL' ), __( 'Table ordered by URL.' ) ), + 'visible' => array( 'visible', false, __( 'Visible' ), __( 'Table ordered by Visibility.' ) ), + 'rating' => array( 'rating', false, __( 'Rating' ), __( 'Table ordered by Rating.' ) ), + ); + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'name'. + */ + protected function get_default_primary_column_name() { + return 'name'; + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$link` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param object $item The current link object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $link = $item; + + ?> + <input type="checkbox" name="linkcheck[]" id="cb-select-<?php echo $link->link_id; ?>" value="<?php echo esc_attr( $link->link_id ); ?>" /> + <label for="cb-select-<?php echo $link->link_id; ?>"> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. %s: Link name. */ + printf( __( 'Select %s' ), $link->link_name ); + ?> + </span> + </label> + <?php + } + + /** + * Handles the link name column output. + * + * @since 4.3.0 + * + * @param object $link The current link object. + */ + public function column_name( $link ) { + $edit_link = get_edit_bookmark_link( $link ); + printf( + '<strong><a class="row-title" href="%s" aria-label="%s">%s</a></strong>', + $edit_link, + /* translators: %s: Link name. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $link->link_name ) ), + $link->link_name + ); + } + + /** + * Handles the link URL column output. + * + * @since 4.3.0 + * + * @param object $link The current link object. + */ + public function column_url( $link ) { + $short_url = url_shorten( $link->link_url ); + echo "<a href='$link->link_url'>$short_url</a>"; + } + + /** + * Handles the link categories column output. + * + * @since 4.3.0 + * + * @global int $cat_id + * + * @param object $link The current link object. + */ + public function column_categories( $link ) { + global $cat_id; + + $cat_names = array(); + foreach ( $link->link_category as $category ) { + $cat = get_term( $category, 'link_category', OBJECT, 'display' ); + if ( is_wp_error( $cat ) ) { + echo $cat->get_error_message(); + } + $cat_name = $cat->name; + if ( (int) $cat_id !== $category ) { + $cat_name = "<a href='link-manager.php?cat_id=$category'>$cat_name</a>"; + } + $cat_names[] = $cat_name; + } + echo implode( ', ', $cat_names ); + } + + /** + * Handles the link relation column output. + * + * @since 4.3.0 + * + * @param object $link The current link object. + */ + public function column_rel( $link ) { + echo empty( $link->link_rel ) ? '<br />' : $link->link_rel; + } + + /** + * Handles the link visibility column output. + * + * @since 4.3.0 + * + * @param object $link The current link object. + */ + public function column_visible( $link ) { + if ( 'Y' === $link->link_visible ) { + _e( 'Yes' ); + } else { + _e( 'No' ); + } + } + + /** + * Handles the link rating column output. + * + * @since 4.3.0 + * + * @param object $link The current link object. + */ + public function column_rating( $link ) { + echo $link->link_rating; + } + + /** + * Handles the default column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$link` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param object $item Link object. + * @param string $column_name Current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $link = $item; + + /** + * Fires for each registered custom link column. + * + * @since 2.1.0 + * + * @param string $column_name Name of the custom column. + * @param int $link_id Link ID. + */ + do_action( 'manage_link_custom_column', $column_name, $link->link_id ); + } + + public function display_rows() { + foreach ( $this->items as $link ) { + $link = sanitize_bookmark( $link ); + $link->link_name = esc_attr( $link->link_name ); + $link->link_category = wp_get_link_cats( $link->link_id ); + ?> + <tr id="link-<?php echo $link->link_id; ?>"> + <?php $this->single_row_columns( $link ); ?> + </tr> + <?php + } + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$link` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param object $item Link being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for links, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $link = $item; + + $edit_link = get_edit_bookmark_link( $link ); + + $actions = array(); + $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; + $actions['delete'] = sprintf( + '<a class="submitdelete" href="%s" onclick="return confirm( \'%s\' );">%s</a>', + wp_nonce_url( "link.php?action=delete&link_id=$link->link_id", 'delete-bookmark_' . $link->link_id ), + /* translators: %s: Link name. */ + esc_js( sprintf( __( "You are about to delete this link '%s'\n 'Cancel' to stop, 'OK' to delete." ), $link->link_name ) ), + __( 'Delete' ) + ); + + return $this->row_actions( $actions ); + } +} diff --git a/wp-admin/includes/class-wp-list-table-compat.php b/wp-admin/includes/class-wp-list-table-compat.php new file mode 100644 index 0000000..2a3a138 --- /dev/null +++ b/wp-admin/includes/class-wp-list-table-compat.php @@ -0,0 +1,67 @@ +<?php +/** + * Helper functions for displaying a list of items in an ajaxified HTML table. + * + * @package WordPress + * @subpackage List_Table + * @since 4.7.0 + */ + +/** + * Helper class to be used only by back compat functions. + * + * @since 3.1.0 + */ +class _WP_List_Table_Compat extends WP_List_Table { + public $_screen; + public $_columns; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @param string|WP_Screen $screen The screen hook name or screen object. + * @param string[] $columns An array of columns with column IDs as the keys + * and translated column names as the values. + */ + public function __construct( $screen, $columns = array() ) { + if ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + $this->_screen = $screen; + + if ( ! empty( $columns ) ) { + $this->_columns = $columns; + add_filter( 'manage_' . $screen->id . '_columns', array( $this, 'get_columns' ), 0 ); + } + } + + /** + * Gets a list of all, hidden, and sortable columns. + * + * @since 3.1.0 + * + * @return array + */ + protected function get_column_info() { + $columns = get_column_headers( $this->_screen ); + $hidden = get_hidden_columns( $this->_screen ); + $sortable = array(); + $primary = $this->get_default_primary_column_name(); + + return array( $columns, $hidden, $sortable, $primary ); + } + + /** + * Gets a list of columns. + * + * @since 3.1.0 + * + * @return array + */ + public function get_columns() { + return $this->_columns; + } +} diff --git a/wp-admin/includes/class-wp-list-table.php b/wp-admin/includes/class-wp-list-table.php new file mode 100644 index 0000000..b3aebd9 --- /dev/null +++ b/wp-admin/includes/class-wp-list-table.php @@ -0,0 +1,1874 @@ +<?php +/** + * Administration API: WP_List_Table class + * + * @package WordPress + * @subpackage List_Table + * @since 3.1.0 + */ + +/** + * Base class for displaying a list of items in an ajaxified HTML table. + * + * @since 3.1.0 + */ +#[AllowDynamicProperties] +class WP_List_Table { + + /** + * The current list of items. + * + * @since 3.1.0 + * @var array + */ + public $items; + + /** + * Various information about the current table. + * + * @since 3.1.0 + * @var array + */ + protected $_args; + + /** + * Various information needed for displaying the pagination. + * + * @since 3.1.0 + * @var array + */ + protected $_pagination_args = array(); + + /** + * The current screen. + * + * @since 3.1.0 + * @var WP_Screen + */ + protected $screen; + + /** + * Cached bulk actions. + * + * @since 3.1.0 + * @var array + */ + private $_actions; + + /** + * Cached pagination output. + * + * @since 3.1.0 + * @var string + */ + private $_pagination; + + /** + * The view switcher modes. + * + * @since 4.1.0 + * @var array + */ + protected $modes = array(); + + /** + * Stores the value returned by ->get_column_info(). + * + * @since 4.1.0 + * @var array + */ + protected $_column_headers; + + /** + * {@internal Missing Summary} + * + * @var array + */ + protected $compat_fields = array( '_args', '_pagination_args', 'screen', '_actions', '_pagination' ); + + /** + * {@internal Missing Summary} + * + * @var array + */ + protected $compat_methods = array( + 'set_pagination_args', + 'get_views', + 'get_bulk_actions', + 'bulk_actions', + 'row_actions', + 'months_dropdown', + 'view_switcher', + 'comments_bubble', + 'get_items_per_page', + 'pagination', + 'get_sortable_columns', + 'get_column_info', + 'get_table_classes', + 'display_tablenav', + 'extra_tablenav', + 'single_row_columns', + ); + + /** + * Constructor. + * + * The child class should call this constructor from its own constructor to override + * the default $args. + * + * @since 3.1.0 + * + * @param array|string $args { + * Array or string of arguments. + * + * @type string $plural Plural value used for labels and the objects being listed. + * This affects things such as CSS class-names and nonces used + * in the list table, e.g. 'posts'. Default empty. + * @type string $singular Singular label for an object being listed, e.g. 'post'. + * Default empty + * @type bool $ajax Whether the list table supports Ajax. This includes loading + * and sorting data, for example. If true, the class will call + * the _js_vars() method in the footer to provide variables + * to any scripts handling Ajax events. Default false. + * @type string $screen String containing the hook name used to determine the current + * screen. If left null, the current screen will be automatically set. + * Default null. + * } + */ + public function __construct( $args = array() ) { + $args = wp_parse_args( + $args, + array( + 'plural' => '', + 'singular' => '', + 'ajax' => false, + 'screen' => null, + ) + ); + + $this->screen = convert_to_screen( $args['screen'] ); + + add_filter( "manage_{$this->screen->id}_columns", array( $this, 'get_columns' ), 0 ); + + if ( ! $args['plural'] ) { + $args['plural'] = $this->screen->base; + } + + $args['plural'] = sanitize_key( $args['plural'] ); + $args['singular'] = sanitize_key( $args['singular'] ); + + $this->_args = $args; + + if ( $args['ajax'] ) { + // wp_enqueue_script( 'list-table' ); + add_action( 'admin_footer', array( $this, '_js_vars' ) ); + } + + if ( empty( $this->modes ) ) { + $this->modes = array( + 'list' => __( 'Compact view' ), + 'excerpt' => __( 'Extended view' ), + ); + } + } + + /** + * Makes private properties readable for backward compatibility. + * + * @since 4.0.0 + * @since 6.4.0 Getting a dynamic property is deprecated. + * + * @param string $name Property to get. + * @return mixed Property. + */ + public function __get( $name ) { + if ( in_array( $name, $this->compat_fields, true ) ) { + return $this->$name; + } + + wp_trigger_error( + __METHOD__, + "The property `{$name}` is not declared. Getting a dynamic property is " . + 'deprecated since version 6.4.0! Instead, declare the property on the class.', + E_USER_DEPRECATED + ); + return null; + } + + /** + * Makes private properties settable for backward compatibility. + * + * @since 4.0.0 + * @since 6.4.0 Setting a dynamic property is deprecated. + * + * @param string $name Property to check if set. + * @param mixed $value Property value. + */ + public function __set( $name, $value ) { + if ( in_array( $name, $this->compat_fields, true ) ) { + $this->$name = $value; + return; + } + + wp_trigger_error( + __METHOD__, + "The property `{$name}` is not declared. Setting a dynamic property is " . + 'deprecated since version 6.4.0! Instead, declare the property on the class.', + E_USER_DEPRECATED + ); + } + + /** + * Makes private properties checkable for backward compatibility. + * + * @since 4.0.0 + * @since 6.4.0 Checking a dynamic property is deprecated. + * + * @param string $name Property to check if set. + * @return bool Whether the property is a back-compat property and it is set. + */ + public function __isset( $name ) { + if ( in_array( $name, $this->compat_fields, true ) ) { + return isset( $this->$name ); + } + + wp_trigger_error( + __METHOD__, + "The property `{$name}` is not declared. Checking `isset()` on a dynamic property " . + 'is deprecated since version 6.4.0! Instead, declare the property on the class.', + E_USER_DEPRECATED + ); + return false; + } + + /** + * Makes private properties un-settable for backward compatibility. + * + * @since 4.0.0 + * @since 6.4.0 Unsetting a dynamic property is deprecated. + * + * @param string $name Property to unset. + */ + public function __unset( $name ) { + if ( in_array( $name, $this->compat_fields, true ) ) { + unset( $this->$name ); + return; + } + + wp_trigger_error( + __METHOD__, + "A property `{$name}` is not declared. Unsetting a dynamic property is " . + 'deprecated since version 6.4.0! Instead, declare the property on the class.', + E_USER_DEPRECATED + ); + } + + /** + * Makes private/protected methods readable for backward compatibility. + * + * @since 4.0.0 + * + * @param string $name Method to call. + * @param array $arguments Arguments to pass when calling. + * @return mixed|bool Return value of the callback, false otherwise. + */ + public function __call( $name, $arguments ) { + if ( in_array( $name, $this->compat_methods, true ) ) { + return $this->$name( ...$arguments ); + } + return false; + } + + /** + * Checks the current user's permissions + * + * @since 3.1.0 + * @abstract + */ + public function ajax_user_can() { + die( 'function WP_List_Table::ajax_user_can() must be overridden in a subclass.' ); + } + + /** + * Prepares the list of items for displaying. + * + * @uses WP_List_Table::set_pagination_args() + * + * @since 3.1.0 + * @abstract + */ + public function prepare_items() { + die( 'function WP_List_Table::prepare_items() must be overridden in a subclass.' ); + } + + /** + * Sets all the necessary pagination arguments. + * + * @since 3.1.0 + * + * @param array|string $args Array or string of arguments with information about the pagination. + */ + protected function set_pagination_args( $args ) { + $args = wp_parse_args( + $args, + array( + 'total_items' => 0, + 'total_pages' => 0, + 'per_page' => 0, + ) + ); + + if ( ! $args['total_pages'] && $args['per_page'] > 0 ) { + $args['total_pages'] = ceil( $args['total_items'] / $args['per_page'] ); + } + + // Redirect if page number is invalid and headers are not already sent. + if ( ! headers_sent() && ! wp_doing_ajax() && $args['total_pages'] > 0 && $this->get_pagenum() > $args['total_pages'] ) { + wp_redirect( add_query_arg( 'paged', $args['total_pages'] ) ); + exit; + } + + $this->_pagination_args = $args; + } + + /** + * Access the pagination args. + * + * @since 3.1.0 + * + * @param string $key Pagination argument to retrieve. Common values include 'total_items', + * 'total_pages', 'per_page', or 'infinite_scroll'. + * @return int Number of items that correspond to the given pagination argument. + */ + public function get_pagination_arg( $key ) { + if ( 'page' === $key ) { + return $this->get_pagenum(); + } + + if ( isset( $this->_pagination_args[ $key ] ) ) { + return $this->_pagination_args[ $key ]; + } + + return 0; + } + + /** + * Determines whether the table has items to display or not + * + * @since 3.1.0 + * + * @return bool + */ + public function has_items() { + return ! empty( $this->items ); + } + + /** + * Message to be displayed when there are no items + * + * @since 3.1.0 + */ + public function no_items() { + _e( 'No items found.' ); + } + + /** + * Displays the search box. + * + * @since 3.1.0 + * + * @param string $text The 'submit' button label. + * @param string $input_id ID attribute value for the search input field. + */ + public function search_box( $text, $input_id ) { + if ( empty( $_REQUEST['s'] ) && ! $this->has_items() ) { + return; + } + + $input_id = $input_id . '-search-input'; + + if ( ! empty( $_REQUEST['orderby'] ) ) { + echo '<input type="hidden" name="orderby" value="' . esc_attr( $_REQUEST['orderby'] ) . '" />'; + } + if ( ! empty( $_REQUEST['order'] ) ) { + echo '<input type="hidden" name="order" value="' . esc_attr( $_REQUEST['order'] ) . '" />'; + } + if ( ! empty( $_REQUEST['post_mime_type'] ) ) { + echo '<input type="hidden" name="post_mime_type" value="' . esc_attr( $_REQUEST['post_mime_type'] ) . '" />'; + } + if ( ! empty( $_REQUEST['detached'] ) ) { + echo '<input type="hidden" name="detached" value="' . esc_attr( $_REQUEST['detached'] ) . '" />'; + } + ?> +<p class="search-box"> + <label class="screen-reader-text" for="<?php echo esc_attr( $input_id ); ?>"><?php echo $text; ?>:</label> + <input type="search" id="<?php echo esc_attr( $input_id ); ?>" name="s" value="<?php _admin_search_query(); ?>" /> + <?php submit_button( $text, '', '', false, array( 'id' => 'search-submit' ) ); ?> +</p> + <?php + } + + /** + * Generates views links. + * + * @since 6.1.0 + * + * @param array $link_data { + * An array of link data. + * + * @type string $url The link URL. + * @type string $label The link label. + * @type bool $current Optional. Whether this is the currently selected view. + * } + * @return string[] An array of link markup. Keys match the `$link_data` input array. + */ + protected function get_views_links( $link_data = array() ) { + if ( ! is_array( $link_data ) ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %s: The $link_data argument. */ + __( 'The %s argument must be an array.' ), + '<code>$link_data</code>' + ), + '6.1.0' + ); + + return array( '' ); + } + + $views_links = array(); + + foreach ( $link_data as $view => $link ) { + if ( empty( $link['url'] ) || ! is_string( $link['url'] ) || '' === trim( $link['url'] ) ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %1$s: The argument name. %2$s: The view name. */ + __( 'The %1$s argument must be a non-empty string for %2$s.' ), + '<code>url</code>', + '<code>' . esc_html( $view ) . '</code>' + ), + '6.1.0' + ); + + continue; + } + + if ( empty( $link['label'] ) || ! is_string( $link['label'] ) || '' === trim( $link['label'] ) ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %1$s: The argument name. %2$s: The view name. */ + __( 'The %1$s argument must be a non-empty string for %2$s.' ), + '<code>label</code>', + '<code>' . esc_html( $view ) . '</code>' + ), + '6.1.0' + ); + + continue; + } + + $views_links[ $view ] = sprintf( + '<a href="%s"%s>%s</a>', + esc_url( $link['url'] ), + isset( $link['current'] ) && true === $link['current'] ? ' class="current" aria-current="page"' : '', + $link['label'] + ); + } + + return $views_links; + } + + /** + * Gets the list of views available on this table. + * + * The format is an associative array: + * - `'id' => 'link'` + * + * @since 3.1.0 + * + * @return array + */ + protected function get_views() { + return array(); + } + + /** + * Displays the list of views available on this table. + * + * @since 3.1.0 + */ + public function views() { + $views = $this->get_views(); + /** + * Filters the list of available list table views. + * + * The dynamic portion of the hook name, `$this->screen->id`, refers + * to the ID of the current screen. + * + * @since 3.1.0 + * + * @param string[] $views An array of available list table views. + */ + $views = apply_filters( "views_{$this->screen->id}", $views ); + + if ( empty( $views ) ) { + return; + } + + $this->screen->render_screen_reader_content( 'heading_views' ); + + echo "<ul class='subsubsub'>\n"; + foreach ( $views as $class => $view ) { + $views[ $class ] = "\t<li class='$class'>$view"; + } + echo implode( " |</li>\n", $views ) . "</li>\n"; + echo '</ul>'; + } + + /** + * Retrieves the list of bulk actions available for this table. + * + * The format is an associative array where each element represents either a top level option value and label, or + * an array representing an optgroup and its options. + * + * For a standard option, the array element key is the field value and the array element value is the field label. + * + * For an optgroup, the array element key is the label and the array element value is an associative array of + * options as above. + * + * Example: + * + * [ + * 'edit' => 'Edit', + * 'delete' => 'Delete', + * 'Change State' => [ + * 'feature' => 'Featured', + * 'sale' => 'On Sale', + * ] + * ] + * + * @since 3.1.0 + * @since 5.6.0 A bulk action can now contain an array of options in order to create an optgroup. + * + * @return array + */ + protected function get_bulk_actions() { + return array(); + } + + /** + * Displays the bulk actions dropdown. + * + * @since 3.1.0 + * + * @param string $which The location of the bulk actions: 'top' or 'bottom'. + * This is designated as optional for backward compatibility. + */ + protected function bulk_actions( $which = '' ) { + if ( is_null( $this->_actions ) ) { + $this->_actions = $this->get_bulk_actions(); + + /** + * Filters the items in the bulk actions menu of the list table. + * + * The dynamic portion of the hook name, `$this->screen->id`, refers + * to the ID of the current screen. + * + * @since 3.1.0 + * @since 5.6.0 A bulk action can now contain an array of options in order to create an optgroup. + * + * @param array $actions An array of the available bulk actions. + */ + $this->_actions = apply_filters( "bulk_actions-{$this->screen->id}", $this->_actions ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + $two = ''; + } else { + $two = '2'; + } + + if ( empty( $this->_actions ) ) { + return; + } + + echo '<label for="bulk-action-selector-' . esc_attr( $which ) . '" class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Select bulk action' ) . + '</label>'; + echo '<select name="action' . $two . '" id="bulk-action-selector-' . esc_attr( $which ) . "\">\n"; + echo '<option value="-1">' . __( 'Bulk actions' ) . "</option>\n"; + + foreach ( $this->_actions as $key => $value ) { + if ( is_array( $value ) ) { + echo "\t" . '<optgroup label="' . esc_attr( $key ) . '">' . "\n"; + + foreach ( $value as $name => $title ) { + $class = ( 'edit' === $name ) ? ' class="hide-if-no-js"' : ''; + + echo "\t\t" . '<option value="' . esc_attr( $name ) . '"' . $class . '>' . $title . "</option>\n"; + } + echo "\t" . "</optgroup>\n"; + } else { + $class = ( 'edit' === $key ) ? ' class="hide-if-no-js"' : ''; + + echo "\t" . '<option value="' . esc_attr( $key ) . '"' . $class . '>' . $value . "</option>\n"; + } + } + + echo "</select>\n"; + + submit_button( __( 'Apply' ), 'action', '', false, array( 'id' => "doaction$two" ) ); + echo "\n"; + } + + /** + * Gets the current action selected from the bulk actions dropdown. + * + * @since 3.1.0 + * + * @return string|false The action name. False if no action was selected. + */ + public function current_action() { + if ( isset( $_REQUEST['filter_action'] ) && ! empty( $_REQUEST['filter_action'] ) ) { + return false; + } + + if ( isset( $_REQUEST['action'] ) && -1 != $_REQUEST['action'] ) { + return $_REQUEST['action']; + } + + return false; + } + + /** + * Generates the required HTML for a list of row action links. + * + * @since 3.1.0 + * + * @param string[] $actions An array of action links. + * @param bool $always_visible Whether the actions should be always visible. + * @return string The HTML for the row actions. + */ + protected function row_actions( $actions, $always_visible = false ) { + $action_count = count( $actions ); + + if ( ! $action_count ) { + return ''; + } + + $mode = get_user_setting( 'posts_list_mode', 'list' ); + + if ( 'excerpt' === $mode ) { + $always_visible = true; + } + + $output = '<div class="' . ( $always_visible ? 'row-actions visible' : 'row-actions' ) . '">'; + + $i = 0; + + foreach ( $actions as $action => $link ) { + ++$i; + + $separator = ( $i < $action_count ) ? ' | ' : ''; + + $output .= "<span class='$action'>{$link}{$separator}</span>"; + } + + $output .= '</div>'; + + $output .= '<button type="button" class="toggle-row"><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Show more details' ) . + '</span></button>'; + + return $output; + } + + /** + * Displays a dropdown for filtering items in the list table by month. + * + * @since 3.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP_Locale $wp_locale WordPress date and time locale object. + * + * @param string $post_type The post type. + */ + protected function months_dropdown( $post_type ) { + global $wpdb, $wp_locale; + + /** + * Filters whether to remove the 'Months' drop-down from the post list table. + * + * @since 4.2.0 + * + * @param bool $disable Whether to disable the drop-down. Default false. + * @param string $post_type The post type. + */ + if ( apply_filters( 'disable_months_dropdown', false, $post_type ) ) { + return; + } + + /** + * Filters whether to short-circuit performing the months dropdown query. + * + * @since 5.7.0 + * + * @param object[]|false $months 'Months' drop-down results. Default false. + * @param string $post_type The post type. + */ + $months = apply_filters( 'pre_months_dropdown_query', false, $post_type ); + + if ( ! is_array( $months ) ) { + $extra_checks = "AND post_status != 'auto-draft'"; + if ( ! isset( $_GET['post_status'] ) || 'trash' !== $_GET['post_status'] ) { + $extra_checks .= " AND post_status != 'trash'"; + } elseif ( isset( $_GET['post_status'] ) ) { + $extra_checks = $wpdb->prepare( ' AND post_status = %s', $_GET['post_status'] ); + } + + $months = $wpdb->get_results( + $wpdb->prepare( + "SELECT DISTINCT YEAR( post_date ) AS year, MONTH( post_date ) AS month + FROM $wpdb->posts + WHERE post_type = %s + $extra_checks + ORDER BY post_date DESC", + $post_type + ) + ); + } + + /** + * Filters the 'Months' drop-down results. + * + * @since 3.7.0 + * + * @param object[] $months Array of the months drop-down query results. + * @param string $post_type The post type. + */ + $months = apply_filters( 'months_dropdown_results', $months, $post_type ); + + $month_count = count( $months ); + + if ( ! $month_count || ( 1 == $month_count && 0 == $months[0]->month ) ) { + return; + } + + $m = isset( $_GET['m'] ) ? (int) $_GET['m'] : 0; + ?> + <label for="filter-by-date" class="screen-reader-text"><?php echo get_post_type_object( $post_type )->labels->filter_by_date; ?></label> + <select name="m" id="filter-by-date"> + <option<?php selected( $m, 0 ); ?> value="0"><?php _e( 'All dates' ); ?></option> + <?php + foreach ( $months as $arc_row ) { + if ( 0 == $arc_row->year ) { + continue; + } + + $month = zeroise( $arc_row->month, 2 ); + $year = $arc_row->year; + + printf( + "<option %s value='%s'>%s</option>\n", + selected( $m, $year . $month, false ), + esc_attr( $arc_row->year . $month ), + /* translators: 1: Month name, 2: 4-digit year. */ + sprintf( __( '%1$s %2$d' ), $wp_locale->get_month( $month ), $year ) + ); + } + ?> + </select> + <?php + } + + /** + * Displays a view switcher. + * + * @since 3.1.0 + * + * @param string $current_mode + */ + protected function view_switcher( $current_mode ) { + ?> + <input type="hidden" name="mode" value="<?php echo esc_attr( $current_mode ); ?>" /> + <div class="view-switch"> + <?php + foreach ( $this->modes as $mode => $title ) { + $classes = array( 'view-' . $mode ); + $aria_current = ''; + + if ( $current_mode === $mode ) { + $classes[] = 'current'; + $aria_current = ' aria-current="page"'; + } + + printf( + "<a href='%s' class='%s' id='view-switch-$mode'$aria_current>" . + "<span class='screen-reader-text'>%s</span>" . + "</a>\n", + esc_url( remove_query_arg( 'attachment-filter', add_query_arg( 'mode', $mode ) ) ), + implode( ' ', $classes ), + $title + ); + } + ?> + </div> + <?php + } + + /** + * Displays a comment count bubble. + * + * @since 3.1.0 + * + * @param int $post_id The post ID. + * @param int $pending_comments Number of pending comments. + */ + protected function comments_bubble( $post_id, $pending_comments ) { + $approved_comments = get_comments_number(); + + $approved_comments_number = number_format_i18n( $approved_comments ); + $pending_comments_number = number_format_i18n( $pending_comments ); + + $approved_only_phrase = sprintf( + /* translators: %s: Number of comments. */ + _n( '%s comment', '%s comments', $approved_comments ), + $approved_comments_number + ); + + $approved_phrase = sprintf( + /* translators: %s: Number of comments. */ + _n( '%s approved comment', '%s approved comments', $approved_comments ), + $approved_comments_number + ); + + $pending_phrase = sprintf( + /* translators: %s: Number of comments. */ + _n( '%s pending comment', '%s pending comments', $pending_comments ), + $pending_comments_number + ); + + $post_object = get_post( $post_id ); + $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts'; + if ( + current_user_can( $edit_post_cap, $post_id ) || + ( + empty( $post_object->post_password ) && + current_user_can( 'read_post', $post_id ) + ) + ) { + // The user has access to the post and thus can see comments + } else { + return false; + } + + if ( ! $approved_comments && ! $pending_comments ) { + // No comments at all. + printf( + '<span aria-hidden="true">—</span>' . + '<span class="screen-reader-text">%s</span>', + __( 'No comments' ) + ); + } elseif ( $approved_comments && 'trash' === get_post_status( $post_id ) ) { + // Don't link the comment bubble for a trashed post. + printf( + '<span class="post-com-count post-com-count-approved">' . + '<span class="comment-count-approved" aria-hidden="true">%s</span>' . + '<span class="screen-reader-text">%s</span>' . + '</span>', + $approved_comments_number, + $pending_comments ? $approved_phrase : $approved_only_phrase + ); + } elseif ( $approved_comments ) { + // Link the comment bubble to approved comments. + printf( + '<a href="%s" class="post-com-count post-com-count-approved">' . + '<span class="comment-count-approved" aria-hidden="true">%s</span>' . + '<span class="screen-reader-text">%s</span>' . + '</a>', + esc_url( + add_query_arg( + array( + 'p' => $post_id, + 'comment_status' => 'approved', + ), + admin_url( 'edit-comments.php' ) + ) + ), + $approved_comments_number, + $pending_comments ? $approved_phrase : $approved_only_phrase + ); + } else { + // Don't link the comment bubble when there are no approved comments. + printf( + '<span class="post-com-count post-com-count-no-comments">' . + '<span class="comment-count comment-count-no-comments" aria-hidden="true">%s</span>' . + '<span class="screen-reader-text">%s</span>' . + '</span>', + $approved_comments_number, + $pending_comments ? + /* translators: Hidden accessibility text. */ + __( 'No approved comments' ) : + /* translators: Hidden accessibility text. */ + __( 'No comments' ) + ); + } + + if ( $pending_comments ) { + printf( + '<a href="%s" class="post-com-count post-com-count-pending">' . + '<span class="comment-count-pending" aria-hidden="true">%s</span>' . + '<span class="screen-reader-text">%s</span>' . + '</a>', + esc_url( + add_query_arg( + array( + 'p' => $post_id, + 'comment_status' => 'moderated', + ), + admin_url( 'edit-comments.php' ) + ) + ), + $pending_comments_number, + $pending_phrase + ); + } else { + printf( + '<span class="post-com-count post-com-count-pending post-com-count-no-pending">' . + '<span class="comment-count comment-count-no-pending" aria-hidden="true">%s</span>' . + '<span class="screen-reader-text">%s</span>' . + '</span>', + $pending_comments_number, + $approved_comments ? + /* translators: Hidden accessibility text. */ + __( 'No pending comments' ) : + /* translators: Hidden accessibility text. */ + __( 'No comments' ) + ); + } + } + + /** + * Gets the current page number. + * + * @since 3.1.0 + * + * @return int + */ + public function get_pagenum() { + $pagenum = isset( $_REQUEST['paged'] ) ? absint( $_REQUEST['paged'] ) : 0; + + if ( isset( $this->_pagination_args['total_pages'] ) && $pagenum > $this->_pagination_args['total_pages'] ) { + $pagenum = $this->_pagination_args['total_pages']; + } + + return max( 1, $pagenum ); + } + + /** + * Gets the number of items to display on a single page. + * + * @since 3.1.0 + * + * @param string $option User option name. + * @param int $default_value Optional. The number of items to display. Default 20. + * @return int + */ + protected function get_items_per_page( $option, $default_value = 20 ) { + $per_page = (int) get_user_option( $option ); + if ( empty( $per_page ) || $per_page < 1 ) { + $per_page = $default_value; + } + + /** + * Filters the number of items to be displayed on each page of the list table. + * + * The dynamic hook name, `$option`, refers to the `per_page` option depending + * on the type of list table in use. Possible filter names include: + * + * - `edit_comments_per_page` + * - `sites_network_per_page` + * - `site_themes_network_per_page` + * - `themes_network_per_page'` + * - `users_network_per_page` + * - `edit_post_per_page` + * - `edit_page_per_page'` + * - `edit_{$post_type}_per_page` + * - `edit_post_tag_per_page` + * - `edit_category_per_page` + * - `edit_{$taxonomy}_per_page` + * - `site_users_network_per_page` + * - `users_per_page` + * + * @since 2.9.0 + * + * @param int $per_page Number of items to be displayed. Default 20. + */ + return (int) apply_filters( "{$option}", $per_page ); + } + + /** + * Displays the pagination. + * + * @since 3.1.0 + * + * @param string $which + */ + protected function pagination( $which ) { + if ( empty( $this->_pagination_args ) ) { + return; + } + + $total_items = $this->_pagination_args['total_items']; + $total_pages = $this->_pagination_args['total_pages']; + $infinite_scroll = false; + if ( isset( $this->_pagination_args['infinite_scroll'] ) ) { + $infinite_scroll = $this->_pagination_args['infinite_scroll']; + } + + if ( 'top' === $which && $total_pages > 1 ) { + $this->screen->render_screen_reader_content( 'heading_pagination' ); + } + + $output = '<span class="displaying-num">' . sprintf( + /* translators: %s: Number of items. */ + _n( '%s item', '%s items', $total_items ), + number_format_i18n( $total_items ) + ) . '</span>'; + + $current = $this->get_pagenum(); + $removable_query_args = wp_removable_query_args(); + + $current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); + + $current_url = remove_query_arg( $removable_query_args, $current_url ); + + $page_links = array(); + + $total_pages_before = '<span class="paging-input">'; + $total_pages_after = '</span></span>'; + + $disable_first = false; + $disable_last = false; + $disable_prev = false; + $disable_next = false; + + if ( 1 == $current ) { + $disable_first = true; + $disable_prev = true; + } + if ( $total_pages == $current ) { + $disable_last = true; + $disable_next = true; + } + + if ( $disable_first ) { + $page_links[] = '<span class="tablenav-pages-navspan button disabled" aria-hidden="true">«</span>'; + } else { + $page_links[] = sprintf( + "<a class='first-page button' href='%s'>" . + "<span class='screen-reader-text'>%s</span>" . + "<span aria-hidden='true'>%s</span>" . + '</a>', + esc_url( remove_query_arg( 'paged', $current_url ) ), + /* translators: Hidden accessibility text. */ + __( 'First page' ), + '«' + ); + } + + if ( $disable_prev ) { + $page_links[] = '<span class="tablenav-pages-navspan button disabled" aria-hidden="true">‹</span>'; + } else { + $page_links[] = sprintf( + "<a class='prev-page button' href='%s'>" . + "<span class='screen-reader-text'>%s</span>" . + "<span aria-hidden='true'>%s</span>" . + '</a>', + esc_url( add_query_arg( 'paged', max( 1, $current - 1 ), $current_url ) ), + /* translators: Hidden accessibility text. */ + __( 'Previous page' ), + '‹' + ); + } + + if ( 'bottom' === $which ) { + $html_current_page = $current; + $total_pages_before = sprintf( + '<span class="screen-reader-text">%s</span>' . + '<span id="table-paging" class="paging-input">' . + '<span class="tablenav-paging-text">', + /* translators: Hidden accessibility text. */ + __( 'Current Page' ) + ); + } else { + $html_current_page = sprintf( + '<label for="current-page-selector" class="screen-reader-text">%s</label>' . + "<input class='current-page' id='current-page-selector' type='text' + name='paged' value='%s' size='%d' aria-describedby='table-paging' />" . + "<span class='tablenav-paging-text'>", + /* translators: Hidden accessibility text. */ + __( 'Current Page' ), + $current, + strlen( $total_pages ) + ); + } + + $html_total_pages = sprintf( "<span class='total-pages'>%s</span>", number_format_i18n( $total_pages ) ); + + $page_links[] = $total_pages_before . sprintf( + /* translators: 1: Current page, 2: Total pages. */ + _x( '%1$s of %2$s', 'paging' ), + $html_current_page, + $html_total_pages + ) . $total_pages_after; + + if ( $disable_next ) { + $page_links[] = '<span class="tablenav-pages-navspan button disabled" aria-hidden="true">›</span>'; + } else { + $page_links[] = sprintf( + "<a class='next-page button' href='%s'>" . + "<span class='screen-reader-text'>%s</span>" . + "<span aria-hidden='true'>%s</span>" . + '</a>', + esc_url( add_query_arg( 'paged', min( $total_pages, $current + 1 ), $current_url ) ), + /* translators: Hidden accessibility text. */ + __( 'Next page' ), + '›' + ); + } + + if ( $disable_last ) { + $page_links[] = '<span class="tablenav-pages-navspan button disabled" aria-hidden="true">»</span>'; + } else { + $page_links[] = sprintf( + "<a class='last-page button' href='%s'>" . + "<span class='screen-reader-text'>%s</span>" . + "<span aria-hidden='true'>%s</span>" . + '</a>', + esc_url( add_query_arg( 'paged', $total_pages, $current_url ) ), + /* translators: Hidden accessibility text. */ + __( 'Last page' ), + '»' + ); + } + + $pagination_links_class = 'pagination-links'; + if ( ! empty( $infinite_scroll ) ) { + $pagination_links_class .= ' hide-if-js'; + } + $output .= "\n<span class='$pagination_links_class'>" . implode( "\n", $page_links ) . '</span>'; + + if ( $total_pages ) { + $page_class = $total_pages < 2 ? ' one-page' : ''; + } else { + $page_class = ' no-pages'; + } + $this->_pagination = "<div class='tablenav-pages{$page_class}'>$output</div>"; + + echo $this->_pagination; + } + + /** + * Gets a list of columns. + * + * The format is: + * - `'internal-name' => 'Title'` + * + * @since 3.1.0 + * @abstract + * + * @return array + */ + public function get_columns() { + die( 'function WP_List_Table::get_columns() must be overridden in a subclass.' ); + } + + /** + * Gets a list of sortable columns. + * + * The format is: + * - `'internal-name' => 'orderby'` + * - `'internal-name' => array( 'orderby', bool, 'abbr', 'orderby-text', 'initially-sorted-column-order' )` - + * - `'internal-name' => array( 'orderby', 'asc' )` - The second element sets the initial sorting order. + * - `'internal-name' => array( 'orderby', true )` - The second element makes the initial order descending. + * + * In the second format, passing true as second parameter will make the initial + * sorting order be descending. Following parameters add a short column name to + * be used as 'abbr' attribute, a translatable string for the current sorting, + * and the initial order for the initial sorted column, 'asc' or 'desc' (default: false). + * + * @since 3.1.0 + * @since 6.3.0 Added 'abbr', 'orderby-text' and 'initially-sorted-column-order'. + * + * @return array + */ + protected function get_sortable_columns() { + return array(); + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, an empty string. + */ + protected function get_default_primary_column_name() { + $columns = $this->get_columns(); + $column = ''; + + if ( empty( $columns ) ) { + return $column; + } + + /* + * We need a primary defined so responsive views show something, + * so let's fall back to the first non-checkbox column. + */ + foreach ( $columns as $col => $column_name ) { + if ( 'cb' === $col ) { + continue; + } + + $column = $col; + break; + } + + return $column; + } + + /** + * Gets the name of the primary column. + * + * Public wrapper for WP_List_Table::get_default_primary_column_name(). + * + * @since 4.4.0 + * + * @return string Name of the default primary column. + */ + public function get_primary_column() { + return $this->get_primary_column_name(); + } + + /** + * Gets the name of the primary column. + * + * @since 4.3.0 + * + * @return string The name of the primary column. + */ + protected function get_primary_column_name() { + $columns = get_column_headers( $this->screen ); + $default = $this->get_default_primary_column_name(); + + /* + * If the primary column doesn't exist, + * fall back to the first non-checkbox column. + */ + if ( ! isset( $columns[ $default ] ) ) { + $default = self::get_default_primary_column_name(); + } + + /** + * Filters the name of the primary column for the current list table. + * + * @since 4.3.0 + * + * @param string $default Column name default for the specific list table, e.g. 'name'. + * @param string $context Screen ID for specific list table, e.g. 'plugins'. + */ + $column = apply_filters( 'list_table_primary_column', $default, $this->screen->id ); + + if ( empty( $column ) || ! isset( $columns[ $column ] ) ) { + $column = $default; + } + + return $column; + } + + /** + * Gets a list of all, hidden, and sortable columns, with filter applied. + * + * @since 3.1.0 + * + * @return array + */ + protected function get_column_info() { + // $_column_headers is already set / cached. + if ( + isset( $this->_column_headers ) && + is_array( $this->_column_headers ) + ) { + /* + * Backward compatibility for `$_column_headers` format prior to WordPress 4.3. + * + * In WordPress 4.3 the primary column name was added as a fourth item in the + * column headers property. This ensures the primary column name is included + * in plugins setting the property directly in the three item format. + */ + if ( 4 === count( $this->_column_headers ) ) { + return $this->_column_headers; + } + + $column_headers = array( array(), array(), array(), $this->get_primary_column_name() ); + foreach ( $this->_column_headers as $key => $value ) { + $column_headers[ $key ] = $value; + } + + $this->_column_headers = $column_headers; + + return $this->_column_headers; + } + + $columns = get_column_headers( $this->screen ); + $hidden = get_hidden_columns( $this->screen ); + + $sortable_columns = $this->get_sortable_columns(); + /** + * Filters the list table sortable columns for a specific screen. + * + * The dynamic portion of the hook name, `$this->screen->id`, refers + * to the ID of the current screen. + * + * @since 3.1.0 + * + * @param array $sortable_columns An array of sortable columns. + */ + $_sortable = apply_filters( "manage_{$this->screen->id}_sortable_columns", $sortable_columns ); + + $sortable = array(); + foreach ( $_sortable as $id => $data ) { + if ( empty( $data ) ) { + continue; + } + + $data = (array) $data; + // Descending initial sorting. + if ( ! isset( $data[1] ) ) { + $data[1] = false; + } + // Current sorting translatable string. + if ( ! isset( $data[2] ) ) { + $data[2] = ''; + } + // Initial view sorted column and asc/desc order, default: false. + if ( ! isset( $data[3] ) ) { + $data[3] = false; + } + // Initial order for the initial sorted column, default: false. + if ( ! isset( $data[4] ) ) { + $data[4] = false; + } + + $sortable[ $id ] = $data; + } + + $primary = $this->get_primary_column_name(); + $this->_column_headers = array( $columns, $hidden, $sortable, $primary ); + + return $this->_column_headers; + } + + /** + * Returns the number of visible columns. + * + * @since 3.1.0 + * + * @return int + */ + public function get_column_count() { + list ( $columns, $hidden ) = $this->get_column_info(); + $hidden = array_intersect( array_keys( $columns ), array_filter( $hidden ) ); + return count( $columns ) - count( $hidden ); + } + + /** + * Prints column headers, accounting for hidden and sortable columns. + * + * @since 3.1.0 + * + * @param bool $with_id Whether to set the ID attribute or not + */ + public function print_column_headers( $with_id = true ) { + list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info(); + + $current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); + $current_url = remove_query_arg( 'paged', $current_url ); + + // When users click on a column header to sort by other columns. + if ( isset( $_GET['orderby'] ) ) { + $current_orderby = $_GET['orderby']; + // In the initial view there's no orderby parameter. + } else { + $current_orderby = ''; + } + + // Not in the initial view and descending order. + if ( isset( $_GET['order'] ) && 'desc' === $_GET['order'] ) { + $current_order = 'desc'; + } else { + // The initial view is not always 'asc', we'll take care of this below. + $current_order = 'asc'; + } + + if ( ! empty( $columns['cb'] ) ) { + static $cb_counter = 1; + $columns['cb'] = '<input id="cb-select-all-' . $cb_counter . '" type="checkbox" /> + <label for="cb-select-all-' . $cb_counter . '">' . + '<span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Select All' ) . + '</span>' . + '</label>'; + ++$cb_counter; + } + + foreach ( $columns as $column_key => $column_display_name ) { + $class = array( 'manage-column', "column-$column_key" ); + $aria_sort_attr = ''; + $abbr_attr = ''; + $order_text = ''; + + if ( in_array( $column_key, $hidden, true ) ) { + $class[] = 'hidden'; + } + + if ( 'cb' === $column_key ) { + $class[] = 'check-column'; + } elseif ( in_array( $column_key, array( 'posts', 'comments', 'links' ), true ) ) { + $class[] = 'num'; + } + + if ( $column_key === $primary ) { + $class[] = 'column-primary'; + } + + if ( isset( $sortable[ $column_key ] ) ) { + $orderby = isset( $sortable[ $column_key ][0] ) ? $sortable[ $column_key ][0] : ''; + $desc_first = isset( $sortable[ $column_key ][1] ) ? $sortable[ $column_key ][1] : false; + $abbr = isset( $sortable[ $column_key ][2] ) ? $sortable[ $column_key ][2] : ''; + $orderby_text = isset( $sortable[ $column_key ][3] ) ? $sortable[ $column_key ][3] : ''; + $initial_order = isset( $sortable[ $column_key ][4] ) ? $sortable[ $column_key ][4] : ''; + + /* + * We're in the initial view and there's no $_GET['orderby'] then check if the + * initial sorting information is set in the sortable columns and use that. + */ + if ( '' === $current_orderby && $initial_order ) { + // Use the initially sorted column $orderby as current orderby. + $current_orderby = $orderby; + // Use the initially sorted column asc/desc order as initial order. + $current_order = $initial_order; + } + + /* + * True in the initial view when an initial orderby is set via get_sortable_columns() + * and true in the sorted views when the actual $_GET['orderby'] is equal to $orderby. + */ + if ( $current_orderby === $orderby ) { + // The sorted column. The `aria-sort` attribute must be set only on the sorted column. + if ( 'asc' === $current_order ) { + $order = 'desc'; + $aria_sort_attr = ' aria-sort="ascending"'; + } else { + $order = 'asc'; + $aria_sort_attr = ' aria-sort="descending"'; + } + + $class[] = 'sorted'; + $class[] = $current_order; + } else { + // The other sortable columns. + $order = strtolower( $desc_first ); + + if ( ! in_array( $order, array( 'desc', 'asc' ), true ) ) { + $order = $desc_first ? 'desc' : 'asc'; + } + + $class[] = 'sortable'; + $class[] = 'desc' === $order ? 'asc' : 'desc'; + + /* translators: Hidden accessibility text. */ + $asc_text = __( 'Sort ascending.' ); + /* translators: Hidden accessibility text. */ + $desc_text = __( 'Sort descending.' ); + $order_text = 'asc' === $order ? $asc_text : $desc_text; + } + + if ( '' !== $order_text ) { + $order_text = ' <span class="screen-reader-text">' . $order_text . '</span>'; + } + + // Print an 'abbr' attribute if a value is provided via get_sortable_columns(). + $abbr_attr = $abbr ? ' abbr="' . esc_attr( $abbr ) . '"' : ''; + + $column_display_name = sprintf( + '<a href="%1$s">' . + '<span>%2$s</span>' . + '<span class="sorting-indicators">' . + '<span class="sorting-indicator asc" aria-hidden="true"></span>' . + '<span class="sorting-indicator desc" aria-hidden="true"></span>' . + '</span>' . + '%3$s' . + '</a>', + esc_url( add_query_arg( compact( 'orderby', 'order' ), $current_url ) ), + $column_display_name, + $order_text + ); + } + + $tag = ( 'cb' === $column_key ) ? 'td' : 'th'; + $scope = ( 'th' === $tag ) ? 'scope="col"' : ''; + $id = $with_id ? "id='$column_key'" : ''; + + if ( ! empty( $class ) ) { + $class = "class='" . implode( ' ', $class ) . "'"; + } + + echo "<$tag $scope $id $class $aria_sort_attr $abbr_attr>$column_display_name</$tag>"; + } + } + + /** + * Print a table description with information about current sorting and order. + * + * For the table initial view, information about initial orderby and order + * should be provided via get_sortable_columns(). + * + * @since 6.3.0 + * @access public + */ + public function print_table_description() { + list( $columns, $hidden, $sortable ) = $this->get_column_info(); + + if ( empty( $sortable ) ) { + return; + } + + // When users click on a column header to sort by other columns. + if ( isset( $_GET['orderby'] ) ) { + $current_orderby = $_GET['orderby']; + // In the initial view there's no orderby parameter. + } else { + $current_orderby = ''; + } + + // Not in the initial view and descending order. + if ( isset( $_GET['order'] ) && 'desc' === $_GET['order'] ) { + $current_order = 'desc'; + } else { + // The initial view is not always 'asc', we'll take care of this below. + $current_order = 'asc'; + } + + foreach ( array_keys( $columns ) as $column_key ) { + + if ( isset( $sortable[ $column_key ] ) ) { + $orderby = isset( $sortable[ $column_key ][0] ) ? $sortable[ $column_key ][0] : ''; + $desc_first = isset( $sortable[ $column_key ][1] ) ? $sortable[ $column_key ][1] : false; + $abbr = isset( $sortable[ $column_key ][2] ) ? $sortable[ $column_key ][2] : ''; + $orderby_text = isset( $sortable[ $column_key ][3] ) ? $sortable[ $column_key ][3] : ''; + $initial_order = isset( $sortable[ $column_key ][4] ) ? $sortable[ $column_key ][4] : ''; + + if ( ! is_string( $orderby_text ) || '' === $orderby_text ) { + return; + } + /* + * We're in the initial view and there's no $_GET['orderby'] then check if the + * initial sorting information is set in the sortable columns and use that. + */ + if ( '' === $current_orderby && $initial_order ) { + // Use the initially sorted column $orderby as current orderby. + $current_orderby = $orderby; + // Use the initially sorted column asc/desc order as initial order. + $current_order = $initial_order; + } + + /* + * True in the initial view when an initial orderby is set via get_sortable_columns() + * and true in the sorted views when the actual $_GET['orderby'] is equal to $orderby. + */ + if ( $current_orderby === $orderby ) { + /* translators: Hidden accessibility text. */ + $asc_text = __( 'Ascending.' ); + /* translators: Hidden accessibility text. */ + $desc_text = __( 'Descending.' ); + $order_text = 'asc' === $current_order ? $asc_text : $desc_text; + echo '<caption class="screen-reader-text">' . $orderby_text . ' ' . $order_text . '</caption>'; + + return; + } + } + } + } + + /** + * Displays the table. + * + * @since 3.1.0 + */ + public function display() { + $singular = $this->_args['singular']; + + $this->display_tablenav( 'top' ); + + $this->screen->render_screen_reader_content( 'heading_list' ); + ?> +<table class="wp-list-table <?php echo implode( ' ', $this->get_table_classes() ); ?>"> + <?php $this->print_table_description(); ?> + <thead> + <tr> + <?php $this->print_column_headers(); ?> + </tr> + </thead> + + <tbody id="the-list" + <?php + if ( $singular ) { + echo " data-wp-lists='list:$singular'"; + } + ?> + > + <?php $this->display_rows_or_placeholder(); ?> + </tbody> + + <tfoot> + <tr> + <?php $this->print_column_headers( false ); ?> + </tr> + </tfoot> + +</table> + <?php + $this->display_tablenav( 'bottom' ); + } + + /** + * Gets a list of CSS classes for the WP_List_Table table tag. + * + * @since 3.1.0 + * + * @return string[] Array of CSS classes for the table tag. + */ + protected function get_table_classes() { + $mode = get_user_setting( 'posts_list_mode', 'list' ); + + $mode_class = esc_attr( 'table-view-' . $mode ); + + return array( 'widefat', 'fixed', 'striped', $mode_class, $this->_args['plural'] ); + } + + /** + * Generates the table navigation above or below the table + * + * @since 3.1.0 + * @param string $which + */ + protected function display_tablenav( $which ) { + if ( 'top' === $which ) { + wp_nonce_field( 'bulk-' . $this->_args['plural'] ); + } + ?> + <div class="tablenav <?php echo esc_attr( $which ); ?>"> + + <?php if ( $this->has_items() ) : ?> + <div class="alignleft actions bulkactions"> + <?php $this->bulk_actions( $which ); ?> + </div> + <?php + endif; + $this->extra_tablenav( $which ); + $this->pagination( $which ); + ?> + + <br class="clear" /> + </div> + <?php + } + + /** + * Displays extra controls between bulk actions and pagination. + * + * @since 3.1.0 + * + * @param string $which + */ + protected function extra_tablenav( $which ) {} + + /** + * Generates the tbody element for the list table. + * + * @since 3.1.0 + */ + public function display_rows_or_placeholder() { + if ( $this->has_items() ) { + $this->display_rows(); + } else { + echo '<tr class="no-items"><td class="colspanchange" colspan="' . $this->get_column_count() . '">'; + $this->no_items(); + echo '</td></tr>'; + } + } + + /** + * Generates the table rows. + * + * @since 3.1.0 + */ + public function display_rows() { + foreach ( $this->items as $item ) { + $this->single_row( $item ); + } + } + + /** + * Generates content for a single row of the table. + * + * @since 3.1.0 + * + * @param object|array $item The current item + */ + public function single_row( $item ) { + echo '<tr>'; + $this->single_row_columns( $item ); + echo '</tr>'; + } + + /** + * @param object|array $item + * @param string $column_name + */ + protected function column_default( $item, $column_name ) {} + + /** + * @param object|array $item + */ + protected function column_cb( $item ) {} + + /** + * Generates the columns for a single row of the table. + * + * @since 3.1.0 + * + * @param object|array $item The current item. + */ + protected function single_row_columns( $item ) { + list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info(); + + foreach ( $columns as $column_name => $column_display_name ) { + $classes = "$column_name column-$column_name"; + if ( $primary === $column_name ) { + $classes .= ' has-row-actions column-primary'; + } + + if ( in_array( $column_name, $hidden, true ) ) { + $classes .= ' hidden'; + } + + /* + * Comments column uses HTML in the display name with screen reader text. + * Strip tags to get closer to a user-friendly string. + */ + $data = 'data-colname="' . esc_attr( wp_strip_all_tags( $column_display_name ) ) . '"'; + + $attributes = "class='$classes' $data"; + + if ( 'cb' === $column_name ) { + echo '<th scope="row" class="check-column">'; + echo $this->column_cb( $item ); + echo '</th>'; + } elseif ( method_exists( $this, '_column_' . $column_name ) ) { + echo call_user_func( + array( $this, '_column_' . $column_name ), + $item, + $classes, + $data, + $primary + ); + } elseif ( method_exists( $this, 'column_' . $column_name ) ) { + echo "<td $attributes>"; + echo call_user_func( array( $this, 'column_' . $column_name ), $item ); + echo $this->handle_row_actions( $item, $column_name, $primary ); + echo '</td>'; + } else { + echo "<td $attributes>"; + echo $this->column_default( $item, $column_name ); + echo $this->handle_row_actions( $item, $column_name, $primary ); + echo '</td>'; + } + } + } + + /** + * Generates and display row actions links for the list table. + * + * @since 4.3.0 + * + * @param object|array $item The item being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string The row actions HTML, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + return $column_name === $primary ? '<button type="button" class="toggle-row"><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Show more details' ) . + '</span></button>' : ''; + } + + /** + * Handles an incoming ajax request (called from admin-ajax.php) + * + * @since 3.1.0 + */ + public function ajax_response() { + $this->prepare_items(); + + ob_start(); + if ( ! empty( $_REQUEST['no_placeholder'] ) ) { + $this->display_rows(); + } else { + $this->display_rows_or_placeholder(); + } + + $rows = ob_get_clean(); + + $response = array( 'rows' => $rows ); + + if ( isset( $this->_pagination_args['total_items'] ) ) { + $response['total_items_i18n'] = sprintf( + /* translators: Number of items. */ + _n( '%s item', '%s items', $this->_pagination_args['total_items'] ), + number_format_i18n( $this->_pagination_args['total_items'] ) + ); + } + if ( isset( $this->_pagination_args['total_pages'] ) ) { + $response['total_pages'] = $this->_pagination_args['total_pages']; + $response['total_pages_i18n'] = number_format_i18n( $this->_pagination_args['total_pages'] ); + } + + die( wp_json_encode( $response ) ); + } + + /** + * Sends required variables to JavaScript land. + * + * @since 3.1.0 + */ + public function _js_vars() { + $args = array( + 'class' => get_class( $this ), + 'screen' => array( + 'id' => $this->screen->id, + 'base' => $this->screen->base, + ), + ); + + printf( "<script type='text/javascript'>list_args = %s;</script>\n", wp_json_encode( $args ) ); + } +} diff --git a/wp-admin/includes/class-wp-media-list-table.php b/wp-admin/includes/class-wp-media-list-table.php new file mode 100644 index 0000000..02362e3 --- /dev/null +++ b/wp-admin/includes/class-wp-media-list-table.php @@ -0,0 +1,891 @@ +<?php +/** + * List Table API: WP_Media_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying media items in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Media_List_Table extends WP_List_Table { + /** + * Holds the number of pending comments for each post. + * + * @since 4.4.0 + * @var array + */ + protected $comment_pending_count = array(); + + private $detached; + + private $is_trash; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + $this->detached = ( isset( $_REQUEST['attachment-filter'] ) && 'detached' === $_REQUEST['attachment-filter'] ); + + $this->modes = array( + 'list' => __( 'List view' ), + 'grid' => __( 'Grid view' ), + ); + + parent::__construct( + array( + 'plural' => 'media', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'upload_files' ); + } + + /** + * @global string $mode List table view mode. + * @global WP_Query $wp_query WordPress Query object. + * @global array $post_mime_types + * @global array $avail_post_mime_types + */ + public function prepare_items() { + global $mode, $wp_query, $post_mime_types, $avail_post_mime_types; + + $mode = empty( $_REQUEST['mode'] ) ? 'list' : $_REQUEST['mode']; + + /* + * Exclude attachments scheduled for deletion in the next two hours + * if they are for zip packages for interrupted or failed updates. + * See File_Upload_Upgrader class. + */ + $not_in = array(); + + $crons = _get_cron_array(); + + if ( is_array( $crons ) ) { + foreach ( $crons as $cron ) { + if ( isset( $cron['upgrader_scheduled_cleanup'] ) ) { + $details = reset( $cron['upgrader_scheduled_cleanup'] ); + + if ( ! empty( $details['args'][0] ) ) { + $not_in[] = (int) $details['args'][0]; + } + } + } + } + + if ( ! empty( $_REQUEST['post__not_in'] ) && is_array( $_REQUEST['post__not_in'] ) ) { + $not_in = array_merge( array_values( $_REQUEST['post__not_in'] ), $not_in ); + } + + if ( ! empty( $not_in ) ) { + $_REQUEST['post__not_in'] = $not_in; + } + + list( $post_mime_types, $avail_post_mime_types ) = wp_edit_attachments_query( $_REQUEST ); + + $this->is_trash = isset( $_REQUEST['attachment-filter'] ) && 'trash' === $_REQUEST['attachment-filter']; + + $this->set_pagination_args( + array( + 'total_items' => $wp_query->found_posts, + 'total_pages' => $wp_query->max_num_pages, + 'per_page' => $wp_query->query_vars['posts_per_page'], + ) + ); + if ( $wp_query->posts ) { + update_post_thumbnail_cache( $wp_query ); + update_post_parent_caches( $wp_query->posts ); + } + } + + /** + * @global array $post_mime_types + * @global array $avail_post_mime_types + * @return array + */ + protected function get_views() { + global $post_mime_types, $avail_post_mime_types; + + $type_links = array(); + + $filter = empty( $_GET['attachment-filter'] ) ? '' : $_GET['attachment-filter']; + + $type_links['all'] = sprintf( + '<option value=""%s>%s</option>', + selected( $filter, true, false ), + __( 'All media items' ) + ); + + foreach ( $post_mime_types as $mime_type => $label ) { + if ( ! wp_match_mime_types( $mime_type, $avail_post_mime_types ) ) { + continue; + } + + $selected = selected( + $filter && str_starts_with( $filter, 'post_mime_type:' ) && + wp_match_mime_types( $mime_type, str_replace( 'post_mime_type:', '', $filter ) ), + true, + false + ); + + $type_links[ $mime_type ] = sprintf( + '<option value="post_mime_type:%s"%s>%s</option>', + esc_attr( $mime_type ), + $selected, + $label[0] + ); + } + + $type_links['detached'] = '<option value="detached"' . ( $this->detached ? ' selected="selected"' : '' ) . '>' . _x( 'Unattached', 'media items' ) . '</option>'; + + $type_links['mine'] = sprintf( + '<option value="mine"%s>%s</option>', + selected( 'mine' === $filter, true, false ), + _x( 'Mine', 'media items' ) + ); + + if ( $this->is_trash || ( defined( 'MEDIA_TRASH' ) && MEDIA_TRASH ) ) { + $type_links['trash'] = sprintf( + '<option value="trash"%s>%s</option>', + selected( 'trash' === $filter, true, false ), + _x( 'Trash', 'attachment filter' ) + ); + } + + return $type_links; + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + + if ( MEDIA_TRASH ) { + if ( $this->is_trash ) { + $actions['untrash'] = __( 'Restore' ); + $actions['delete'] = __( 'Delete permanently' ); + } else { + $actions['trash'] = __( 'Move to Trash' ); + } + } else { + $actions['delete'] = __( 'Delete permanently' ); + } + + if ( $this->detached ) { + $actions['attach'] = __( 'Attach' ); + } + + return $actions; + } + + /** + * @param string $which + */ + protected function extra_tablenav( $which ) { + if ( 'bar' !== $which ) { + return; + } + ?> + <div class="actions"> + <?php + if ( ! $this->is_trash ) { + $this->months_dropdown( 'attachment' ); + } + + /** This action is documented in wp-admin/includes/class-wp-posts-list-table.php */ + do_action( 'restrict_manage_posts', $this->screen->post_type, $which ); + + submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) ); + + if ( $this->is_trash && $this->has_items() + && current_user_can( 'edit_others_posts' ) + ) { + submit_button( __( 'Empty Trash' ), 'apply', 'delete_all', false ); + } + ?> + </div> + <?php + } + + /** + * @return string + */ + public function current_action() { + if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) { + return 'attach'; + } + + if ( isset( $_REQUEST['parent_post_id'] ) && isset( $_REQUEST['media'] ) ) { + return 'detach'; + } + + if ( isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) { + return 'delete_all'; + } + + return parent::current_action(); + } + + /** + * @return bool + */ + public function has_items() { + return have_posts(); + } + + /** + */ + public function no_items() { + if ( $this->is_trash ) { + _e( 'No media files found in Trash.' ); + } else { + _e( 'No media files found.' ); + } + } + + /** + * Overrides parent views to use the filter bar display. + * + * @global string $mode List table view mode. + */ + public function views() { + global $mode; + + $views = $this->get_views(); + + $this->screen->render_screen_reader_content( 'heading_views' ); + ?> + <div class="wp-filter"> + <div class="filter-items"> + <?php $this->view_switcher( $mode ); ?> + + <label for="attachment-filter" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Filter by type' ); + ?> + </label> + <select class="attachment-filters" name="attachment-filter" id="attachment-filter"> + <?php + if ( ! empty( $views ) ) { + foreach ( $views as $class => $view ) { + echo "\t$view\n"; + } + } + ?> + </select> + + <?php + $this->extra_tablenav( 'bar' ); + + /** This filter is documented in wp-admin/includes/class-wp-list-table.php */ + $views = apply_filters( "views_{$this->screen->id}", array() ); + + // Back compat for pre-4.0 view links. + if ( ! empty( $views ) ) { + echo '<ul class="filter-links">'; + foreach ( $views as $class => $view ) { + echo "<li class='$class'>$view</li>"; + } + echo '</ul>'; + } + ?> + </div> + + <div class="search-form"> + <p class="search-box"> + <label class="screen-reader-text" for="media-search-input"> + <?php + /* translators: Hidden accessibility text. */ + esc_html_e( 'Search Media' ); + ?> + </label> + <input type="search" id="media-search-input" class="search" name="s" value="<?php _admin_search_query(); ?>"> + <input id="search-submit" type="submit" class="button" value="<?php esc_attr_e( 'Search Media' ); ?>"> + </p> + </div> + </div> + <?php + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $posts_columns = array(); + $posts_columns['cb'] = '<input type="checkbox" />'; + /* translators: Column name. */ + $posts_columns['title'] = _x( 'File', 'column name' ); + $posts_columns['author'] = __( 'Author' ); + + $taxonomies = get_taxonomies_for_attachments( 'objects' ); + $taxonomies = wp_filter_object_list( $taxonomies, array( 'show_admin_column' => true ), 'and', 'name' ); + + /** + * Filters the taxonomy columns for attachments in the Media list table. + * + * @since 3.5.0 + * + * @param string[] $taxonomies An array of registered taxonomy names to show for attachments. + * @param string $post_type The post type. Default 'attachment'. + */ + $taxonomies = apply_filters( 'manage_taxonomies_for_attachment_columns', $taxonomies, 'attachment' ); + $taxonomies = array_filter( $taxonomies, 'taxonomy_exists' ); + + foreach ( $taxonomies as $taxonomy ) { + if ( 'category' === $taxonomy ) { + $column_key = 'categories'; + } elseif ( 'post_tag' === $taxonomy ) { + $column_key = 'tags'; + } else { + $column_key = 'taxonomy-' . $taxonomy; + } + + $posts_columns[ $column_key ] = get_taxonomy( $taxonomy )->labels->name; + } + + /* translators: Column name. */ + if ( ! $this->detached ) { + $posts_columns['parent'] = _x( 'Uploaded to', 'column name' ); + + if ( post_type_supports( 'attachment', 'comments' ) ) { + $posts_columns['comments'] = sprintf( + '<span class="vers comment-grey-bubble" title="%1$s" aria-hidden="true"></span><span class="screen-reader-text">%2$s</span>', + esc_attr__( 'Comments' ), + /* translators: Hidden accessibility text. */ + __( 'Comments' ) + ); + } + } + + /* translators: Column name. */ + $posts_columns['date'] = _x( 'Date', 'column name' ); + + /** + * Filters the Media list table columns. + * + * @since 2.5.0 + * + * @param string[] $posts_columns An array of columns displayed in the Media list table. + * @param bool $detached Whether the list table contains media not attached + * to any posts. Default true. + */ + return apply_filters( 'manage_media_columns', $posts_columns, $this->detached ); + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array( + 'title' => array( 'title', false, _x( 'File', 'column name' ), __( 'Table ordered by File Name.' ) ), + 'author' => array( 'author', false, __( 'Author' ), __( 'Table ordered by Author.' ) ), + 'parent' => array( 'parent', false, _x( 'Uploaded to', 'column name' ), __( 'Table ordered by Uploaded To.' ) ), + 'comments' => array( 'comment_count', __( 'Comments' ), false, __( 'Table ordered by Comments.' ) ), + 'date' => array( 'date', true, __( 'Date' ), __( 'Table ordered by Date.' ), 'desc' ), + ); + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item The current WP_Post object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + if ( current_user_can( 'edit_post', $post->ID ) ) { + ?> + <input type="checkbox" name="media[]" id="cb-select-<?php echo $post->ID; ?>" value="<?php echo $post->ID; ?>" /> + <label for="cb-select-<?php echo $post->ID; ?>"> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. %s: Attachment title. */ + printf( __( 'Select %s' ), _draft_or_post_title() ); + ?> + </span> + </label> + <?php + } + } + + /** + * Handles the title column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_title( $post ) { + list( $mime ) = explode( '/', $post->post_mime_type ); + + $attachment_id = $post->ID; + + if ( has_post_thumbnail( $post ) ) { + $thumbnail_id = get_post_thumbnail_id( $post ); + + if ( ! empty( $thumbnail_id ) ) { + $attachment_id = $thumbnail_id; + } + } + + $title = _draft_or_post_title(); + $thumb = wp_get_attachment_image( $attachment_id, array( 60, 60 ), true, array( 'alt' => '' ) ); + $link_start = ''; + $link_end = ''; + + if ( current_user_can( 'edit_post', $post->ID ) && ! $this->is_trash ) { + $link_start = sprintf( + '<a href="%s" aria-label="%s">', + get_edit_post_link( $post->ID ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( '“%s” (Edit)' ), $title ) ) + ); + $link_end = '</a>'; + } + + $class = $thumb ? ' class="has-media-icon"' : ''; + ?> + <strong<?php echo $class; ?>> + <?php + echo $link_start; + + if ( $thumb ) : + ?> + <span class="media-icon <?php echo sanitize_html_class( $mime . '-icon' ); ?>"><?php echo $thumb; ?></span> + <?php + endif; + + echo $title . $link_end; + + _media_states( $post ); + ?> + </strong> + <p class="filename"> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'File name:' ); + ?> + </span> + <?php + $file = get_attached_file( $post->ID ); + echo esc_html( wp_basename( $file ) ); + ?> + </p> + <?php + } + + /** + * Handles the author column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_author( $post ) { + printf( + '<a href="%s">%s</a>', + esc_url( add_query_arg( array( 'author' => get_the_author_meta( 'ID' ) ), 'upload.php' ) ), + get_the_author() + ); + } + + /** + * Handles the description column output. + * + * @since 4.3.0 + * @deprecated 6.2.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_desc( $post ) { + _deprecated_function( __METHOD__, '6.2.0' ); + + echo has_excerpt() ? $post->post_excerpt : ''; + } + + /** + * Handles the date column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_date( $post ) { + if ( '0000-00-00 00:00:00' === $post->post_date ) { + $h_time = __( 'Unpublished' ); + } else { + $time = get_post_timestamp( $post ); + $time_diff = time() - $time; + + if ( $time && $time_diff > 0 && $time_diff < DAY_IN_SECONDS ) { + /* translators: %s: Human-readable time difference. */ + $h_time = sprintf( __( '%s ago' ), human_time_diff( $time ) ); + } else { + $h_time = get_the_time( __( 'Y/m/d' ), $post ); + } + } + + /** + * Filters the published time of an attachment displayed in the Media list table. + * + * @since 6.0.0 + * + * @param string $h_time The published time. + * @param WP_Post $post Attachment object. + * @param string $column_name The column name. + */ + echo apply_filters( 'media_date_column_time', $h_time, $post, 'date' ); + } + + /** + * Handles the parent column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_parent( $post ) { + $user_can_edit = current_user_can( 'edit_post', $post->ID ); + + if ( $post->post_parent > 0 ) { + $parent = get_post( $post->post_parent ); + } else { + $parent = false; + } + + if ( $parent ) { + $title = _draft_or_post_title( $post->post_parent ); + $parent_type = get_post_type_object( $parent->post_type ); + + if ( $parent_type && $parent_type->show_ui && current_user_can( 'edit_post', $post->post_parent ) ) { + printf( '<strong><a href="%s">%s</a></strong>', get_edit_post_link( $post->post_parent ), $title ); + } elseif ( $parent_type && current_user_can( 'read_post', $post->post_parent ) ) { + printf( '<strong>%s</strong>', $title ); + } else { + _e( '(Private post)' ); + } + + if ( $user_can_edit ) : + $detach_url = add_query_arg( + array( + 'parent_post_id' => $post->post_parent, + 'media[]' => $post->ID, + '_wpnonce' => wp_create_nonce( 'bulk-' . $this->_args['plural'] ), + ), + 'upload.php' + ); + printf( + '<br /><a href="%s" class="hide-if-no-js detach-from-parent" aria-label="%s">%s</a>', + $detach_url, + /* translators: %s: Title of the post the attachment is attached to. */ + esc_attr( sprintf( __( 'Detach from “%s”' ), $title ) ), + __( 'Detach' ) + ); + endif; + } else { + _e( '(Unattached)' ); + ?> + <?php + if ( $user_can_edit ) { + $title = _draft_or_post_title( $post->post_parent ); + printf( + '<br /><a href="#the-list" onclick="findPosts.open( \'media[]\', \'%s\' ); return false;" class="hide-if-no-js aria-button-if-js" aria-label="%s">%s</a>', + $post->ID, + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Attach “%s” to existing content' ), $title ) ), + __( 'Attach' ) + ); + } + } + } + + /** + * Handles the comments column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_comments( $post ) { + echo '<div class="post-com-count-wrapper">'; + + if ( isset( $this->comment_pending_count[ $post->ID ] ) ) { + $pending_comments = $this->comment_pending_count[ $post->ID ]; + } else { + $pending_comments = get_pending_comments_num( $post->ID ); + } + + $this->comments_bubble( $post->ID, $pending_comments ); + + echo '</div>'; + } + + /** + * Handles output for the default column. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item The current WP_Post object. + * @param string $column_name Current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + if ( 'categories' === $column_name ) { + $taxonomy = 'category'; + } elseif ( 'tags' === $column_name ) { + $taxonomy = 'post_tag'; + } elseif ( str_starts_with( $column_name, 'taxonomy-' ) ) { + $taxonomy = substr( $column_name, 9 ); + } else { + $taxonomy = false; + } + + if ( $taxonomy ) { + $terms = get_the_terms( $post->ID, $taxonomy ); + + if ( is_array( $terms ) ) { + $output = array(); + + foreach ( $terms as $t ) { + $posts_in_term_qv = array(); + $posts_in_term_qv['taxonomy'] = $taxonomy; + $posts_in_term_qv['term'] = $t->slug; + + $output[] = sprintf( + '<a href="%s">%s</a>', + esc_url( add_query_arg( $posts_in_term_qv, 'upload.php' ) ), + esc_html( sanitize_term_field( 'name', $t->name, $t->term_id, $taxonomy, 'display' ) ) + ); + } + + echo implode( wp_get_list_item_separator(), $output ); + } else { + echo '<span aria-hidden="true">—</span><span class="screen-reader-text">' . get_taxonomy( $taxonomy )->labels->no_terms . '</span>'; + } + + return; + } + + /** + * Fires for each custom column in the Media list table. + * + * Custom columns are registered using the {@see 'manage_media_columns'} filter. + * + * @since 2.5.0 + * + * @param string $column_name Name of the custom column. + * @param int $post_id Attachment ID. + */ + do_action( 'manage_media_custom_column', $column_name, $post->ID ); + } + + /** + * @global WP_Post $post Global post object. + * @global WP_Query $wp_query WordPress Query object. + */ + public function display_rows() { + global $post, $wp_query; + + $post_ids = wp_list_pluck( $wp_query->posts, 'ID' ); + reset( $wp_query->posts ); + + $this->comment_pending_count = get_pending_comments_num( $post_ids ); + + add_filter( 'the_title', 'esc_html' ); + + while ( have_posts() ) : + the_post(); + + if ( $this->is_trash && 'trash' !== $post->post_status + || ! $this->is_trash && 'trash' === $post->post_status + ) { + continue; + } + + $post_owner = ( get_current_user_id() === (int) $post->post_author ) ? 'self' : 'other'; + ?> + <tr id="post-<?php echo $post->ID; ?>" class="<?php echo trim( ' author-' . $post_owner . ' status-' . $post->post_status ); ?>"> + <?php $this->single_row_columns( $post ); ?> + </tr> + <?php + endwhile; + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'title'. + */ + protected function get_default_primary_column_name() { + return 'title'; + } + + /** + * @param WP_Post $post + * @param string $att_title + * @return array + */ + private function _get_row_actions( $post, $att_title ) { + $actions = array(); + + if ( ! $this->is_trash && current_user_can( 'edit_post', $post->ID ) ) { + $actions['edit'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + esc_url( get_edit_post_link( $post->ID ) ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $att_title ) ), + __( 'Edit' ) + ); + } + + if ( current_user_can( 'delete_post', $post->ID ) ) { + if ( $this->is_trash ) { + $actions['untrash'] = sprintf( + '<a href="%s" class="submitdelete aria-button-if-js" aria-label="%s">%s</a>', + esc_url( wp_nonce_url( "post.php?action=untrash&post=$post->ID", 'untrash-post_' . $post->ID ) ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Restore “%s” from the Trash' ), $att_title ) ), + __( 'Restore' ) + ); + } elseif ( EMPTY_TRASH_DAYS && MEDIA_TRASH ) { + $actions['trash'] = sprintf( + '<a href="%s" class="submitdelete aria-button-if-js" aria-label="%s">%s</a>', + esc_url( wp_nonce_url( "post.php?action=trash&post=$post->ID", 'trash-post_' . $post->ID ) ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Move “%s” to the Trash' ), $att_title ) ), + _x( 'Trash', 'verb' ) + ); + } + + if ( $this->is_trash || ! EMPTY_TRASH_DAYS || ! MEDIA_TRASH ) { + $show_confirmation = ( ! $this->is_trash && ! MEDIA_TRASH ) ? " onclick='return showNotice.warn();'" : ''; + + $actions['delete'] = sprintf( + '<a href="%s" class="submitdelete aria-button-if-js"%s aria-label="%s">%s</a>', + esc_url( wp_nonce_url( "post.php?action=delete&post=$post->ID", 'delete-post_' . $post->ID ) ), + $show_confirmation, + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Delete “%s” permanently' ), $att_title ) ), + __( 'Delete Permanently' ) + ); + } + } + + $attachment_url = wp_get_attachment_url( $post->ID ); + + if ( ! $this->is_trash ) { + $permalink = get_permalink( $post->ID ); + + if ( $permalink ) { + $actions['view'] = sprintf( + '<a href="%s" aria-label="%s" rel="bookmark">%s</a>', + esc_url( $permalink ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'View “%s”' ), $att_title ) ), + __( 'View' ) + ); + } + + if ( $attachment_url ) { + $actions['copy'] = sprintf( + '<span class="copy-to-clipboard-container"><button type="button" class="button-link copy-attachment-url media-library" data-clipboard-text="%s" aria-label="%s">%s</button><span class="success hidden" aria-hidden="true">%s</span></span>', + esc_url( $attachment_url ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Copy “%s” URL to clipboard' ), $att_title ) ), + __( 'Copy URL' ), + __( 'Copied!' ) + ); + } + } + + if ( $attachment_url ) { + $actions['download'] = sprintf( + '<a href="%s" aria-label="%s" download>%s</a>', + esc_url( $attachment_url ), + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Download “%s”' ), $att_title ) ), + __( 'Download file' ) + ); + } + + if ( $this->detached && current_user_can( 'edit_post', $post->ID ) ) { + $actions['attach'] = sprintf( + '<a href="#the-list" onclick="findPosts.open( \'media[]\', \'%s\' ); return false;" class="hide-if-no-js aria-button-if-js" aria-label="%s">%s</a>', + $post->ID, + /* translators: %s: Attachment title. */ + esc_attr( sprintf( __( 'Attach “%s” to existing content' ), $att_title ) ), + __( 'Attach' ) + ); + } + + /** + * Filters the action links for each attachment in the Media list table. + * + * @since 2.8.0 + * + * @param string[] $actions An array of action links for each attachment. + * Includes 'Edit', 'Delete Permanently', 'View', + * 'Copy URL' and 'Download file'. + * @param WP_Post $post WP_Post object for the current attachment. + * @param bool $detached Whether the list table contains media not attached + * to any posts. Default true. + */ + return apply_filters( 'media_row_actions', $actions, $post, $this->detached ); + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item Attachment being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for media attachments, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + $att_title = _draft_or_post_title(); + $actions = $this->_get_row_actions( $post, $att_title ); + + return $this->row_actions( $actions ); + } +} diff --git a/wp-admin/includes/class-wp-ms-sites-list-table.php b/wp-admin/includes/class-wp-ms-sites-list-table.php new file mode 100644 index 0000000..ffa2231 --- /dev/null +++ b/wp-admin/includes/class-wp-ms-sites-list-table.php @@ -0,0 +1,861 @@ +<?php +/** + * List Table API: WP_MS_Sites_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying sites in a list table for the network admin. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_MS_Sites_List_Table extends WP_List_Table { + + /** + * Site status list. + * + * @since 4.3.0 + * @var array + */ + public $status_list; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + $this->status_list = array( + 'archived' => array( 'site-archived', __( 'Archived' ) ), + 'spam' => array( 'site-spammed', _x( 'Spam', 'site' ) ), + 'deleted' => array( 'site-deleted', __( 'Deleted' ) ), + 'mature' => array( 'site-mature', __( 'Mature' ) ), + ); + + parent::__construct( + array( + 'plural' => 'sites', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'manage_sites' ); + } + + /** + * Prepares the list of sites for display. + * + * @since 3.1.0 + * + * @global string $mode List table view mode. + * @global string $s + * @global wpdb $wpdb WordPress database abstraction object. + */ + public function prepare_items() { + global $mode, $s, $wpdb; + + if ( ! empty( $_REQUEST['mode'] ) ) { + $mode = 'excerpt' === $_REQUEST['mode'] ? 'excerpt' : 'list'; + set_user_setting( 'sites_list_mode', $mode ); + } else { + $mode = get_user_setting( 'sites_list_mode', 'list' ); + } + + $per_page = $this->get_items_per_page( 'sites_network_per_page' ); + + $pagenum = $this->get_pagenum(); + + $s = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : ''; + $wild = ''; + if ( str_contains( $s, '*' ) ) { + $wild = '*'; + $s = trim( $s, '*' ); + } + + /* + * If the network is large and a search is not being performed, show only + * the latest sites with no paging in order to avoid expensive count queries. + */ + if ( ! $s && wp_is_large_network() ) { + if ( ! isset( $_REQUEST['orderby'] ) ) { + $_GET['orderby'] = ''; + $_REQUEST['orderby'] = ''; + } + if ( ! isset( $_REQUEST['order'] ) ) { + $_GET['order'] = 'DESC'; + $_REQUEST['order'] = 'DESC'; + } + } + + $args = array( + 'number' => (int) $per_page, + 'offset' => (int) ( ( $pagenum - 1 ) * $per_page ), + 'network_id' => get_current_network_id(), + ); + + if ( empty( $s ) ) { + // Nothing to do. + } elseif ( preg_match( '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $s ) + || preg_match( '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.?$/', $s ) + || preg_match( '/^[0-9]{1,3}\.[0-9]{1,3}\.?$/', $s ) + || preg_match( '/^[0-9]{1,3}\.$/', $s ) + ) { + // IPv4 address. + $sql = $wpdb->prepare( + "SELECT blog_id FROM {$wpdb->registration_log} WHERE {$wpdb->registration_log}.IP LIKE %s", + $wpdb->esc_like( $s ) . ( ! empty( $wild ) ? '%' : '' ) + ); + + $reg_blog_ids = $wpdb->get_col( $sql ); + + if ( $reg_blog_ids ) { + $args['site__in'] = $reg_blog_ids; + } + } elseif ( is_numeric( $s ) && empty( $wild ) ) { + $args['ID'] = $s; + } else { + $args['search'] = $s; + + if ( ! is_subdomain_install() ) { + $args['search_columns'] = array( 'path' ); + } + } + + $order_by = isset( $_REQUEST['orderby'] ) ? $_REQUEST['orderby'] : ''; + if ( 'registered' === $order_by ) { + // 'registered' is a valid field name. + } elseif ( 'lastupdated' === $order_by ) { + $order_by = 'last_updated'; + } elseif ( 'blogname' === $order_by ) { + if ( is_subdomain_install() ) { + $order_by = 'domain'; + } else { + $order_by = 'path'; + } + } elseif ( 'blog_id' === $order_by ) { + $order_by = 'id'; + } elseif ( ! $order_by ) { + $order_by = false; + } + + $args['orderby'] = $order_by; + + if ( $order_by ) { + $args['order'] = ( isset( $_REQUEST['order'] ) && 'DESC' === strtoupper( $_REQUEST['order'] ) ) ? 'DESC' : 'ASC'; + } + + if ( wp_is_large_network() ) { + $args['no_found_rows'] = true; + } else { + $args['no_found_rows'] = false; + } + + // Take into account the role the user has selected. + $status = isset( $_REQUEST['status'] ) ? wp_unslash( trim( $_REQUEST['status'] ) ) : ''; + if ( in_array( $status, array( 'public', 'archived', 'mature', 'spam', 'deleted' ), true ) ) { + $args[ $status ] = 1; + } + + /** + * Filters the arguments for the site query in the sites list table. + * + * @since 4.6.0 + * + * @param array $args An array of get_sites() arguments. + */ + $args = apply_filters( 'ms_sites_list_table_query_args', $args ); + + $_sites = get_sites( $args ); + if ( is_array( $_sites ) ) { + update_site_cache( $_sites ); + + $this->items = array_slice( $_sites, 0, $per_page ); + } + + $total_sites = get_sites( + array_merge( + $args, + array( + 'count' => true, + 'offset' => 0, + 'number' => 0, + ) + ) + ); + + $this->set_pagination_args( + array( + 'total_items' => $total_sites, + 'per_page' => $per_page, + ) + ); + } + + /** + */ + public function no_items() { + _e( 'No sites found.' ); + } + + /** + * Gets links to filter sites by status. + * + * @since 5.3.0 + * + * @return array + */ + protected function get_views() { + $counts = wp_count_sites(); + + $statuses = array( + /* translators: %s: Number of sites. */ + 'all' => _nx_noop( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + 'sites' + ), + + /* translators: %s: Number of sites. */ + 'public' => _n_noop( + 'Public <span class="count">(%s)</span>', + 'Public <span class="count">(%s)</span>' + ), + + /* translators: %s: Number of sites. */ + 'archived' => _n_noop( + 'Archived <span class="count">(%s)</span>', + 'Archived <span class="count">(%s)</span>' + ), + + /* translators: %s: Number of sites. */ + 'mature' => _n_noop( + 'Mature <span class="count">(%s)</span>', + 'Mature <span class="count">(%s)</span>' + ), + + /* translators: %s: Number of sites. */ + 'spam' => _nx_noop( + 'Spam <span class="count">(%s)</span>', + 'Spam <span class="count">(%s)</span>', + 'sites' + ), + + /* translators: %s: Number of sites. */ + 'deleted' => _n_noop( + 'Deleted <span class="count">(%s)</span>', + 'Deleted <span class="count">(%s)</span>' + ), + ); + + $view_links = array(); + $requested_status = isset( $_REQUEST['status'] ) ? wp_unslash( trim( $_REQUEST['status'] ) ) : ''; + $url = 'sites.php'; + + foreach ( $statuses as $status => $label_count ) { + if ( (int) $counts[ $status ] > 0 ) { + $label = sprintf( + translate_nooped_plural( $label_count, $counts[ $status ] ), + number_format_i18n( $counts[ $status ] ) + ); + + $full_url = 'all' === $status ? $url : add_query_arg( 'status', $status, $url ); + + $view_links[ $status ] = array( + 'url' => esc_url( $full_url ), + 'label' => $label, + 'current' => $requested_status === $status || ( '' === $requested_status && 'all' === $status ), + ); + } + } + + return $this->get_views_links( $view_links ); + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + if ( current_user_can( 'delete_sites' ) ) { + $actions['delete'] = __( 'Delete' ); + } + $actions['spam'] = _x( 'Mark as spam', 'site' ); + $actions['notspam'] = _x( 'Not spam', 'site' ); + + return $actions; + } + + /** + * @global string $mode List table view mode. + * + * @param string $which The location of the pagination nav markup: 'top' or 'bottom'. + */ + protected function pagination( $which ) { + global $mode; + + parent::pagination( $which ); + + if ( 'top' === $which ) { + $this->view_switcher( $mode ); + } + } + + /** + * Displays extra controls between bulk actions and pagination. + * + * @since 5.3.0 + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + protected function extra_tablenav( $which ) { + ?> + <div class="alignleft actions"> + <?php + if ( 'top' === $which ) { + ob_start(); + + /** + * Fires before the Filter button on the MS sites list table. + * + * @since 5.3.0 + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'restrict_manage_sites', $which ); + + $output = ob_get_clean(); + + if ( ! empty( $output ) ) { + echo $output; + submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'site-query-submit' ) ); + } + } + ?> + </div> + <?php + /** + * Fires immediately following the closing "actions" div in the tablenav for the + * MS sites list table. + * + * @since 5.3.0 + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'manage_sites_extra_tablenav', $which ); + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $sites_columns = array( + 'cb' => '<input type="checkbox" />', + 'blogname' => __( 'URL' ), + 'lastupdated' => __( 'Last Updated' ), + 'registered' => _x( 'Registered', 'site' ), + 'users' => __( 'Users' ), + ); + + if ( has_filter( 'wpmublogsaction' ) ) { + $sites_columns['plugins'] = __( 'Actions' ); + } + + /** + * Filters the displayed site columns in Sites list table. + * + * @since MU (3.0.0) + * + * @param string[] $sites_columns An array of displayed site columns. Default 'cb', + * 'blogname', 'lastupdated', 'registered', 'users'. + */ + return apply_filters( 'wpmu_blogs_columns', $sites_columns ); + } + + /** + * @return array + */ + protected function get_sortable_columns() { + + if ( is_subdomain_install() ) { + $blogname_abbr = __( 'Domain' ); + $blogname_orderby_text = __( 'Table ordered by Site Domain Name.' ); + } else { + $blogname_abbr = __( 'Path' ); + $blogname_orderby_text = __( 'Table ordered by Site Path.' ); + } + + return array( + 'blogname' => array( 'blogname', false, $blogname_abbr, $blogname_orderby_text ), + 'lastupdated' => array( 'lastupdated', true, __( 'Last Updated' ), __( 'Table ordered by Last Updated.' ) ), + 'registered' => array( 'blog_id', true, _x( 'Registered', 'site' ), __( 'Table ordered by Site Registered Date.' ), 'desc' ), + ); + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$blog` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param array $item Current site. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $blog = $item; + + if ( ! is_main_site( $blog['blog_id'] ) ) : + $blogname = untrailingslashit( $blog['domain'] . $blog['path'] ); + ?> + <input type="checkbox" id="blog_<?php echo $blog['blog_id']; ?>" name="allblogs[]" value="<?php echo esc_attr( $blog['blog_id'] ); ?>" /> + <label for="blog_<?php echo $blog['blog_id']; ?>"> + <span class="screen-reader-text"> + <?php + /* translators: %s: Site URL. */ + printf( __( 'Select %s' ), $blogname ); + ?> + </span> + </label> + <?php + endif; + } + + /** + * Handles the ID column output. + * + * @since 4.4.0 + * + * @param array $blog Current site. + */ + public function column_id( $blog ) { + echo $blog['blog_id']; + } + + /** + * Handles the site name column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param array $blog Current site. + */ + public function column_blogname( $blog ) { + global $mode; + + $blogname = untrailingslashit( $blog['domain'] . $blog['path'] ); + + ?> + <strong> + <?php + printf( + '<a href="%1$s" class="edit">%2$s</a>', + esc_url( network_admin_url( 'site-info.php?id=' . $blog['blog_id'] ) ), + $blogname + ); + + $this->site_states( $blog ); + ?> + </strong> + <?php + if ( 'list' !== $mode ) { + switch_to_blog( $blog['blog_id'] ); + echo '<p>'; + printf( + /* translators: 1: Site title, 2: Site tagline. */ + __( '%1$s – %2$s' ), + get_option( 'blogname' ), + '<em>' . get_option( 'blogdescription' ) . '</em>' + ); + echo '</p>'; + restore_current_blog(); + } + } + + /** + * Handles the lastupdated column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param array $blog Current site. + */ + public function column_lastupdated( $blog ) { + global $mode; + + if ( 'list' === $mode ) { + $date = __( 'Y/m/d' ); + } else { + $date = __( 'Y/m/d g:i:s a' ); + } + + if ( '0000-00-00 00:00:00' === $blog['last_updated'] ) { + _e( 'Never' ); + } else { + echo mysql2date( $date, $blog['last_updated'] ); + } + } + + /** + * Handles the registered column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param array $blog Current site. + */ + public function column_registered( $blog ) { + global $mode; + + if ( 'list' === $mode ) { + $date = __( 'Y/m/d' ); + } else { + $date = __( 'Y/m/d g:i:s a' ); + } + + if ( '0000-00-00 00:00:00' === $blog['registered'] ) { + echo '—'; + } else { + echo mysql2date( $date, $blog['registered'] ); + } + } + + /** + * Handles the users column output. + * + * @since 4.3.0 + * + * @param array $blog Current site. + */ + public function column_users( $blog ) { + $user_count = wp_cache_get( $blog['blog_id'] . '_user_count', 'blog-details' ); + if ( ! $user_count ) { + $blog_users = new WP_User_Query( + array( + 'blog_id' => $blog['blog_id'], + 'fields' => 'ID', + 'number' => 1, + 'count_total' => true, + ) + ); + $user_count = $blog_users->get_total(); + wp_cache_set( $blog['blog_id'] . '_user_count', $user_count, 'blog-details', 12 * HOUR_IN_SECONDS ); + } + + printf( + '<a href="%1$s">%2$s</a>', + esc_url( network_admin_url( 'site-users.php?id=' . $blog['blog_id'] ) ), + number_format_i18n( $user_count ) + ); + } + + /** + * Handles the plugins column output. + * + * @since 4.3.0 + * + * @param array $blog Current site. + */ + public function column_plugins( $blog ) { + if ( has_filter( 'wpmublogsaction' ) ) { + /** + * Fires inside the auxiliary 'Actions' column of the Sites list table. + * + * By default this column is hidden unless something is hooked to the action. + * + * @since MU (3.0.0) + * + * @param int $blog_id The site ID. + */ + do_action( 'wpmublogsaction', $blog['blog_id'] ); + } + } + + /** + * Handles output for the default column. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$blog` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param array $item Current site. + * @param string $column_name Current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $blog = $item; + + /** + * Fires for each registered custom column in the Sites list table. + * + * @since 3.1.0 + * + * @param string $column_name The name of the column to display. + * @param int $blog_id The site ID. + */ + do_action( 'manage_sites_custom_column', $column_name, $blog['blog_id'] ); + } + + /** + * @global string $mode List table view mode. + */ + public function display_rows() { + foreach ( $this->items as $blog ) { + $blog = $blog->to_array(); + $class = ''; + reset( $this->status_list ); + + foreach ( $this->status_list as $status => $col ) { + if ( '1' === $blog[ $status ] ) { + $class = " class='{$col[0]}'"; + } + } + + echo "<tr{$class}>"; + + $this->single_row_columns( $blog ); + + echo '</tr>'; + } + } + + /** + * Determines whether to output comma-separated site states. + * + * @since 5.3.0 + * + * @param array $site + */ + protected function site_states( $site ) { + $site_states = array(); + + // $site is still an array, so get the object. + $_site = WP_Site::get_instance( $site['blog_id'] ); + + if ( is_main_site( $_site->id ) ) { + $site_states['main'] = __( 'Main' ); + } + + reset( $this->status_list ); + + $site_status = isset( $_REQUEST['status'] ) ? wp_unslash( trim( $_REQUEST['status'] ) ) : ''; + foreach ( $this->status_list as $status => $col ) { + if ( '1' === $_site->{$status} && $site_status !== $status ) { + $site_states[ $col[0] ] = $col[1]; + } + } + + /** + * Filters the default site display states for items in the Sites list table. + * + * @since 5.3.0 + * + * @param string[] $site_states An array of site states. Default 'Main', + * 'Archived', 'Mature', 'Spam', 'Deleted'. + * @param WP_Site $site The current site object. + */ + $site_states = apply_filters( 'display_site_states', $site_states, $_site ); + + if ( ! empty( $site_states ) ) { + $state_count = count( $site_states ); + + $i = 0; + + echo ' — '; + + foreach ( $site_states as $state ) { + ++$i; + + $separator = ( $i < $state_count ) ? ', ' : ''; + + echo "<span class='post-state'>{$state}{$separator}</span>"; + } + } + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'blogname'. + */ + protected function get_default_primary_column_name() { + return 'blogname'; + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$blog` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param array $item Site being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for sites in Multisite, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $blog = $item; + + $blogname = untrailingslashit( $blog['domain'] . $blog['path'] ); + + // Preordered. + $actions = array( + 'edit' => '', + 'backend' => '', + 'activate' => '', + 'deactivate' => '', + 'archive' => '', + 'unarchive' => '', + 'spam' => '', + 'unspam' => '', + 'delete' => '', + 'visit' => '', + ); + + $actions['edit'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( network_admin_url( 'site-info.php?id=' . $blog['blog_id'] ) ), + __( 'Edit' ) + ); + + $actions['backend'] = sprintf( + '<a href="%1$s" class="edit">%2$s</a>', + esc_url( get_admin_url( $blog['blog_id'] ) ), + __( 'Dashboard' ) + ); + + if ( ! is_main_site( $blog['blog_id'] ) ) { + if ( '1' === $blog['deleted'] ) { + $actions['activate'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=activateblog&id=' . $blog['blog_id'] ), + 'activateblog_' . $blog['blog_id'] + ) + ), + __( 'Activate' ) + ); + } else { + $actions['deactivate'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=deactivateblog&id=' . $blog['blog_id'] ), + 'deactivateblog_' . $blog['blog_id'] + ) + ), + __( 'Deactivate' ) + ); + } + + if ( '1' === $blog['archived'] ) { + $actions['unarchive'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=unarchiveblog&id=' . $blog['blog_id'] ), + 'unarchiveblog_' . $blog['blog_id'] + ) + ), + __( 'Unarchive' ) + ); + } else { + $actions['archive'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=archiveblog&id=' . $blog['blog_id'] ), + 'archiveblog_' . $blog['blog_id'] + ) + ), + _x( 'Archive', 'verb; site' ) + ); + } + + if ( '1' === $blog['spam'] ) { + $actions['unspam'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=unspamblog&id=' . $blog['blog_id'] ), + 'unspamblog_' . $blog['blog_id'] + ) + ), + _x( 'Not Spam', 'site' ) + ); + } else { + $actions['spam'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=spamblog&id=' . $blog['blog_id'] ), + 'spamblog_' . $blog['blog_id'] + ) + ), + _x( 'Spam', 'site' ) + ); + } + + if ( current_user_can( 'delete_site', $blog['blog_id'] ) ) { + $actions['delete'] = sprintf( + '<a href="%1$s">%2$s</a>', + esc_url( + wp_nonce_url( + network_admin_url( 'sites.php?action=confirm&action2=deleteblog&id=' . $blog['blog_id'] ), + 'deleteblog_' . $blog['blog_id'] + ) + ), + __( 'Delete' ) + ); + } + } + + $actions['visit'] = sprintf( + '<a href="%1$s" rel="bookmark">%2$s</a>', + esc_url( get_home_url( $blog['blog_id'], '/' ) ), + __( 'Visit' ) + ); + + /** + * Filters the action links displayed for each site in the Sites list table. + * + * The 'Edit', 'Dashboard', 'Delete', and 'Visit' links are displayed by + * default for each site. The site's status determines whether to show the + * 'Activate' or 'Deactivate' link, 'Unarchive' or 'Archive' links, and + * 'Not Spam' or 'Spam' link for each site. + * + * @since 3.1.0 + * + * @param string[] $actions An array of action links to be displayed. + * @param int $blog_id The site ID. + * @param string $blogname Site path, formatted depending on whether it is a sub-domain + * or subdirectory multisite installation. + */ + $actions = apply_filters( 'manage_sites_action_links', array_filter( $actions ), $blog['blog_id'], $blogname ); + + return $this->row_actions( $actions ); + } +} diff --git a/wp-admin/includes/class-wp-ms-themes-list-table.php b/wp-admin/includes/class-wp-ms-themes-list-table.php new file mode 100644 index 0000000..cc0206e --- /dev/null +++ b/wp-admin/includes/class-wp-ms-themes-list-table.php @@ -0,0 +1,1038 @@ +<?php +/** + * List Table API: WP_MS_Themes_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying themes in a list table for the network admin. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_MS_Themes_List_Table extends WP_List_Table { + + public $site_id; + public $is_site_themes; + + private $has_items; + + /** + * Whether to show the auto-updates UI. + * + * @since 5.5.0 + * + * @var bool True if auto-updates UI is to be shown, false otherwise. + */ + protected $show_autoupdates = true; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @global string $status + * @global int $page + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + global $status, $page; + + parent::__construct( + array( + 'plural' => 'themes', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + + $status = isset( $_REQUEST['theme_status'] ) ? $_REQUEST['theme_status'] : 'all'; + if ( ! in_array( $status, array( 'all', 'enabled', 'disabled', 'upgrade', 'search', 'broken', 'auto-update-enabled', 'auto-update-disabled' ), true ) ) { + $status = 'all'; + } + + $page = $this->get_pagenum(); + + $this->is_site_themes = ( 'site-themes-network' === $this->screen->id ) ? true : false; + + if ( $this->is_site_themes ) { + $this->site_id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; + } + + $this->show_autoupdates = wp_is_auto_update_enabled_for_type( 'theme' ) && + ! $this->is_site_themes && current_user_can( 'update_themes' ); + } + + /** + * @return array + */ + protected function get_table_classes() { + // @todo Remove and add CSS for .themes. + return array( 'widefat', 'plugins' ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + if ( $this->is_site_themes ) { + return current_user_can( 'manage_sites' ); + } else { + return current_user_can( 'manage_network_themes' ); + } + } + + /** + * @global string $status + * @global array $totals + * @global int $page + * @global string $orderby + * @global string $order + * @global string $s + */ + public function prepare_items() { + global $status, $totals, $page, $orderby, $order, $s; + + wp_reset_vars( array( 'orderby', 'order', 's' ) ); + + $themes = array( + /** + * Filters the full array of WP_Theme objects to list in the Multisite + * themes list table. + * + * @since 3.1.0 + * + * @param WP_Theme[] $all Array of WP_Theme objects to display in the list table. + */ + 'all' => apply_filters( 'all_themes', wp_get_themes() ), + 'search' => array(), + 'enabled' => array(), + 'disabled' => array(), + 'upgrade' => array(), + 'broken' => $this->is_site_themes ? array() : wp_get_themes( array( 'errors' => true ) ), + ); + + if ( $this->show_autoupdates ) { + $auto_updates = (array) get_site_option( 'auto_update_themes', array() ); + + $themes['auto-update-enabled'] = array(); + $themes['auto-update-disabled'] = array(); + } + + if ( $this->is_site_themes ) { + $themes_per_page = $this->get_items_per_page( 'site_themes_network_per_page' ); + $allowed_where = 'site'; + } else { + $themes_per_page = $this->get_items_per_page( 'themes_network_per_page' ); + $allowed_where = 'network'; + } + + $current = get_site_transient( 'update_themes' ); + $maybe_update = current_user_can( 'update_themes' ) && ! $this->is_site_themes && $current; + + foreach ( (array) $themes['all'] as $key => $theme ) { + if ( $this->is_site_themes && $theme->is_allowed( 'network' ) ) { + unset( $themes['all'][ $key ] ); + continue; + } + + if ( $maybe_update && isset( $current->response[ $key ] ) ) { + $themes['all'][ $key ]->update = true; + $themes['upgrade'][ $key ] = $themes['all'][ $key ]; + } + + $filter = $theme->is_allowed( $allowed_where, $this->site_id ) ? 'enabled' : 'disabled'; + $themes[ $filter ][ $key ] = $themes['all'][ $key ]; + + $theme_data = array( + 'update_supported' => isset( $theme->update_supported ) ? $theme->update_supported : true, + ); + + // Extra info if known. array_merge() ensures $theme_data has precedence if keys collide. + if ( isset( $current->response[ $key ] ) ) { + $theme_data = array_merge( (array) $current->response[ $key ], $theme_data ); + } elseif ( isset( $current->no_update[ $key ] ) ) { + $theme_data = array_merge( (array) $current->no_update[ $key ], $theme_data ); + } else { + $theme_data['update_supported'] = false; + } + + $theme->update_supported = $theme_data['update_supported']; + + /* + * Create the expected payload for the auto_update_theme filter, this is the same data + * as contained within $updates or $no_updates but used when the Theme is not known. + */ + $filter_payload = array( + 'theme' => $key, + 'new_version' => '', + 'url' => '', + 'package' => '', + 'requires' => '', + 'requires_php' => '', + ); + + $filter_payload = (object) array_merge( $filter_payload, array_intersect_key( $theme_data, $filter_payload ) ); + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'theme', null, $filter_payload ); + + if ( ! is_null( $auto_update_forced ) ) { + $theme->auto_update_forced = $auto_update_forced; + } + + if ( $this->show_autoupdates ) { + $enabled = in_array( $key, $auto_updates, true ) && $theme->update_supported; + if ( isset( $theme->auto_update_forced ) ) { + $enabled = (bool) $theme->auto_update_forced; + } + + if ( $enabled ) { + $themes['auto-update-enabled'][ $key ] = $theme; + } else { + $themes['auto-update-disabled'][ $key ] = $theme; + } + } + } + + if ( $s ) { + $status = 'search'; + $themes['search'] = array_filter( array_merge( $themes['all'], $themes['broken'] ), array( $this, '_search_callback' ) ); + } + + $totals = array(); + $js_themes = array(); + foreach ( $themes as $type => $list ) { + $totals[ $type ] = count( $list ); + $js_themes[ $type ] = array_keys( $list ); + } + + if ( empty( $themes[ $status ] ) && ! in_array( $status, array( 'all', 'search' ), true ) ) { + $status = 'all'; + } + + $this->items = $themes[ $status ]; + WP_Theme::sort_by_name( $this->items ); + + $this->has_items = ! empty( $themes['all'] ); + $total_this_page = $totals[ $status ]; + + wp_localize_script( + 'updates', + '_wpUpdatesItemCounts', + array( + 'themes' => $js_themes, + 'totals' => wp_get_update_data(), + ) + ); + + if ( $orderby ) { + $orderby = ucfirst( $orderby ); + $order = strtoupper( $order ); + + if ( 'Name' === $orderby ) { + if ( 'ASC' === $order ) { + $this->items = array_reverse( $this->items ); + } + } else { + uasort( $this->items, array( $this, '_order_callback' ) ); + } + } + + $start = ( $page - 1 ) * $themes_per_page; + + if ( $total_this_page > $themes_per_page ) { + $this->items = array_slice( $this->items, $start, $themes_per_page, true ); + } + + $this->set_pagination_args( + array( + 'total_items' => $total_this_page, + 'per_page' => $themes_per_page, + ) + ); + } + + /** + * @param WP_Theme $theme + * @return bool + */ + public function _search_callback( $theme ) { + static $term = null; + if ( is_null( $term ) ) { + $term = wp_unslash( $_REQUEST['s'] ); + } + + foreach ( array( 'Name', 'Description', 'Author', 'Author', 'AuthorURI' ) as $field ) { + // Don't mark up; Do translate. + if ( false !== stripos( $theme->display( $field, false, true ), $term ) ) { + return true; + } + } + + if ( false !== stripos( $theme->get_stylesheet(), $term ) ) { + return true; + } + + if ( false !== stripos( $theme->get_template(), $term ) ) { + return true; + } + + return false; + } + + // Not used by any core columns. + /** + * @global string $orderby + * @global string $order + * @param array $theme_a + * @param array $theme_b + * @return int + */ + public function _order_callback( $theme_a, $theme_b ) { + global $orderby, $order; + + $a = $theme_a[ $orderby ]; + $b = $theme_b[ $orderby ]; + + if ( $a === $b ) { + return 0; + } + + if ( 'DESC' === $order ) { + return ( $a < $b ) ? 1 : -1; + } else { + return ( $a < $b ) ? -1 : 1; + } + } + + /** + */ + public function no_items() { + if ( $this->has_items ) { + _e( 'No themes found.' ); + } else { + _e( 'No themes are currently available.' ); + } + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $columns = array( + 'cb' => '<input type="checkbox" />', + 'name' => __( 'Theme' ), + 'description' => __( 'Description' ), + ); + + if ( $this->show_autoupdates ) { + $columns['auto-updates'] = __( 'Automatic Updates' ); + } + + return $columns; + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array( + 'name' => array( 'name', false, __( 'Theme' ), __( 'Table ordered by Theme Name.' ), 'asc' ), + ); + } + + /** + * Gets the name of the primary column. + * + * @since 4.3.0 + * + * @return string Unalterable name of the primary column name, in this case, 'name'. + */ + protected function get_primary_column_name() { + return 'name'; + } + + /** + * @global array $totals + * @global string $status + * @return array + */ + protected function get_views() { + global $totals, $status; + + $status_links = array(); + foreach ( $totals as $type => $count ) { + if ( ! $count ) { + continue; + } + + switch ( $type ) { + case 'all': + /* translators: %s: Number of themes. */ + $text = _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $count, + 'themes' + ); + break; + case 'enabled': + /* translators: %s: Number of themes. */ + $text = _nx( + 'Enabled <span class="count">(%s)</span>', + 'Enabled <span class="count">(%s)</span>', + $count, + 'themes' + ); + break; + case 'disabled': + /* translators: %s: Number of themes. */ + $text = _nx( + 'Disabled <span class="count">(%s)</span>', + 'Disabled <span class="count">(%s)</span>', + $count, + 'themes' + ); + break; + case 'upgrade': + /* translators: %s: Number of themes. */ + $text = _nx( + 'Update Available <span class="count">(%s)</span>', + 'Update Available <span class="count">(%s)</span>', + $count, + 'themes' + ); + break; + case 'broken': + /* translators: %s: Number of themes. */ + $text = _nx( + 'Broken <span class="count">(%s)</span>', + 'Broken <span class="count">(%s)</span>', + $count, + 'themes' + ); + break; + case 'auto-update-enabled': + /* translators: %s: Number of themes. */ + $text = _n( + 'Auto-updates Enabled <span class="count">(%s)</span>', + 'Auto-updates Enabled <span class="count">(%s)</span>', + $count + ); + break; + case 'auto-update-disabled': + /* translators: %s: Number of themes. */ + $text = _n( + 'Auto-updates Disabled <span class="count">(%s)</span>', + 'Auto-updates Disabled <span class="count">(%s)</span>', + $count + ); + break; + } + + if ( $this->is_site_themes ) { + $url = 'site-themes.php?id=' . $this->site_id; + } else { + $url = 'themes.php'; + } + + if ( 'search' !== $type ) { + $status_links[ $type ] = array( + 'url' => esc_url( add_query_arg( 'theme_status', $type, $url ) ), + 'label' => sprintf( $text, number_format_i18n( $count ) ), + 'current' => $type === $status, + ); + } + } + + return $this->get_views_links( $status_links ); + } + + /** + * @global string $status + * + * @return array + */ + protected function get_bulk_actions() { + global $status; + + $actions = array(); + if ( 'enabled' !== $status ) { + $actions['enable-selected'] = $this->is_site_themes ? __( 'Enable' ) : __( 'Network Enable' ); + } + if ( 'disabled' !== $status ) { + $actions['disable-selected'] = $this->is_site_themes ? __( 'Disable' ) : __( 'Network Disable' ); + } + if ( ! $this->is_site_themes ) { + if ( current_user_can( 'update_themes' ) ) { + $actions['update-selected'] = __( 'Update' ); + } + if ( current_user_can( 'delete_themes' ) ) { + $actions['delete-selected'] = __( 'Delete' ); + } + } + + if ( $this->show_autoupdates ) { + if ( 'auto-update-enabled' !== $status ) { + $actions['enable-auto-update-selected'] = __( 'Enable Auto-updates' ); + } + + if ( 'auto-update-disabled' !== $status ) { + $actions['disable-auto-update-selected'] = __( 'Disable Auto-updates' ); + } + } + + return $actions; + } + + /** + */ + public function display_rows() { + foreach ( $this->items as $theme ) { + $this->single_row( $theme ); + } + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$theme` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Theme $item The current WP_Theme object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $theme = $item; + + $checkbox_id = 'checkbox_' . md5( $theme->get( 'Name' ) ); + ?> + <input type="checkbox" name="checked[]" value="<?php echo esc_attr( $theme->get_stylesheet() ); ?>" id="<?php echo $checkbox_id; ?>" /> + <label for="<?php echo $checkbox_id; ?>" > + <span class="screen-reader-text"> + <?php + printf( + /* translators: Hidden accessibility text. %s: Theme name */ + __( 'Select %s' ), + $theme->display( 'Name' ) + ); + ?> + </span> + </label> + <?php + } + + /** + * Handles the name column output. + * + * @since 4.3.0 + * + * @global string $status + * @global int $page + * @global string $s + * + * @param WP_Theme $theme The current WP_Theme object. + */ + public function column_name( $theme ) { + global $status, $page, $s; + + $context = $status; + + if ( $this->is_site_themes ) { + $url = "site-themes.php?id={$this->site_id}&"; + $allowed = $theme->is_allowed( 'site', $this->site_id ); + } else { + $url = 'themes.php?'; + $allowed = $theme->is_allowed( 'network' ); + } + + // Pre-order. + $actions = array( + 'enable' => '', + 'disable' => '', + 'delete' => '', + ); + + $stylesheet = $theme->get_stylesheet(); + $theme_key = urlencode( $stylesheet ); + + if ( ! $allowed ) { + if ( ! $theme->errors() ) { + $url = add_query_arg( + array( + 'action' => 'enable', + 'theme' => $theme_key, + 'paged' => $page, + 's' => $s, + ), + $url + ); + + if ( $this->is_site_themes ) { + /* translators: %s: Theme name. */ + $aria_label = sprintf( __( 'Enable %s' ), $theme->display( 'Name' ) ); + } else { + /* translators: %s: Theme name. */ + $aria_label = sprintf( __( 'Network Enable %s' ), $theme->display( 'Name' ) ); + } + + $actions['enable'] = sprintf( + '<a href="%s" class="edit" aria-label="%s">%s</a>', + esc_url( wp_nonce_url( $url, 'enable-theme_' . $stylesheet ) ), + esc_attr( $aria_label ), + ( $this->is_site_themes ? __( 'Enable' ) : __( 'Network Enable' ) ) + ); + } + } else { + $url = add_query_arg( + array( + 'action' => 'disable', + 'theme' => $theme_key, + 'paged' => $page, + 's' => $s, + ), + $url + ); + + if ( $this->is_site_themes ) { + /* translators: %s: Theme name. */ + $aria_label = sprintf( __( 'Disable %s' ), $theme->display( 'Name' ) ); + } else { + /* translators: %s: Theme name. */ + $aria_label = sprintf( __( 'Network Disable %s' ), $theme->display( 'Name' ) ); + } + + $actions['disable'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + esc_url( wp_nonce_url( $url, 'disable-theme_' . $stylesheet ) ), + esc_attr( $aria_label ), + ( $this->is_site_themes ? __( 'Disable' ) : __( 'Network Disable' ) ) + ); + } + + if ( ! $allowed && ! $this->is_site_themes + && current_user_can( 'delete_themes' ) + && get_option( 'stylesheet' ) !== $stylesheet + && get_option( 'template' ) !== $stylesheet + ) { + $url = add_query_arg( + array( + 'action' => 'delete-selected', + 'checked[]' => $theme_key, + 'theme_status' => $context, + 'paged' => $page, + 's' => $s, + ), + 'themes.php' + ); + + /* translators: %s: Theme name. */ + $aria_label = sprintf( _x( 'Delete %s', 'theme' ), $theme->display( 'Name' ) ); + + $actions['delete'] = sprintf( + '<a href="%s" class="delete" aria-label="%s">%s</a>', + esc_url( wp_nonce_url( $url, 'bulk-themes' ) ), + esc_attr( $aria_label ), + __( 'Delete' ) + ); + } + /** + * Filters the action links displayed for each theme in the Multisite + * themes list table. + * + * The action links displayed are determined by the theme's status, and + * which Multisite themes list table is being displayed - the Network + * themes list table (themes.php), which displays all installed themes, + * or the Site themes list table (site-themes.php), which displays the + * non-network enabled themes when editing a site in the Network admin. + * + * The default action links for the Network themes list table include + * 'Network Enable', 'Network Disable', and 'Delete'. + * + * The default action links for the Site themes list table include + * 'Enable', and 'Disable'. + * + * @since 2.8.0 + * + * @param string[] $actions An array of action links. + * @param WP_Theme $theme The current WP_Theme object. + * @param string $context Status of the theme, one of 'all', 'enabled', or 'disabled'. + */ + $actions = apply_filters( 'theme_action_links', array_filter( $actions ), $theme, $context ); + + /** + * Filters the action links of a specific theme in the Multisite themes + * list table. + * + * The dynamic portion of the hook name, `$stylesheet`, refers to the + * directory name of the theme, which in most cases is synonymous + * with the template name. + * + * @since 3.1.0 + * + * @param string[] $actions An array of action links. + * @param WP_Theme $theme The current WP_Theme object. + * @param string $context Status of the theme, one of 'all', 'enabled', or 'disabled'. + */ + $actions = apply_filters( "theme_action_links_{$stylesheet}", $actions, $theme, $context ); + + echo $this->row_actions( $actions, true ); + } + + /** + * Handles the description column output. + * + * @since 4.3.0 + * + * @global string $status + * @global array $totals + * + * @param WP_Theme $theme The current WP_Theme object. + */ + public function column_description( $theme ) { + global $status, $totals; + + if ( $theme->errors() ) { + $pre = 'broken' === $status ? __( 'Broken Theme:' ) . ' ' : ''; + echo '<p><strong class="error-message">' . $pre . $theme->errors()->get_error_message() . '</strong></p>'; + } + + if ( $this->is_site_themes ) { + $allowed = $theme->is_allowed( 'site', $this->site_id ); + } else { + $allowed = $theme->is_allowed( 'network' ); + } + + $class = ! $allowed ? 'inactive' : 'active'; + if ( ! empty( $totals['upgrade'] ) && ! empty( $theme->update ) ) { + $class .= ' update'; + } + + echo "<div class='theme-description'><p>" . $theme->display( 'Description' ) . "</p></div> + <div class='$class second theme-version-author-uri'>"; + + $stylesheet = $theme->get_stylesheet(); + $theme_meta = array(); + + if ( $theme->get( 'Version' ) ) { + /* translators: %s: Theme version. */ + $theme_meta[] = sprintf( __( 'Version %s' ), $theme->display( 'Version' ) ); + } + + /* translators: %s: Theme author. */ + $theme_meta[] = sprintf( __( 'By %s' ), $theme->display( 'Author' ) ); + + if ( $theme->get( 'ThemeURI' ) ) { + /* translators: %s: Theme name. */ + $aria_label = sprintf( __( 'Visit theme site for %s' ), $theme->display( 'Name' ) ); + + $theme_meta[] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + $theme->display( 'ThemeURI' ), + esc_attr( $aria_label ), + __( 'Visit Theme Site' ) + ); + } + + if ( $theme->parent() ) { + $theme_meta[] = sprintf( + /* translators: %s: Theme name. */ + __( 'Child theme of %s' ), + '<strong>' . $theme->parent()->display( 'Name' ) . '</strong>' + ); + } + + /** + * Filters the array of row meta for each theme in the Multisite themes + * list table. + * + * @since 3.1.0 + * + * @param string[] $theme_meta An array of the theme's metadata, including + * the version, author, and theme URI. + * @param string $stylesheet Directory name of the theme. + * @param WP_Theme $theme WP_Theme object. + * @param string $status Status of the theme. + */ + $theme_meta = apply_filters( 'theme_row_meta', $theme_meta, $stylesheet, $theme, $status ); + + echo implode( ' | ', $theme_meta ); + + echo '</div>'; + } + + /** + * Handles the auto-updates column output. + * + * @since 5.5.0 + * + * @global string $status + * @global int $page + * + * @param WP_Theme $theme The current WP_Theme object. + */ + public function column_autoupdates( $theme ) { + global $status, $page; + + static $auto_updates, $available_updates; + + if ( ! $auto_updates ) { + $auto_updates = (array) get_site_option( 'auto_update_themes', array() ); + } + if ( ! $available_updates ) { + $available_updates = get_site_transient( 'update_themes' ); + } + + $stylesheet = $theme->get_stylesheet(); + + if ( isset( $theme->auto_update_forced ) ) { + if ( $theme->auto_update_forced ) { + // Forced on. + $text = __( 'Auto-updates enabled' ); + } else { + $text = __( 'Auto-updates disabled' ); + } + $action = 'unavailable'; + $time_class = ' hidden'; + } elseif ( empty( $theme->update_supported ) ) { + $text = ''; + $action = 'unavailable'; + $time_class = ' hidden'; + } elseif ( in_array( $stylesheet, $auto_updates, true ) ) { + $text = __( 'Disable auto-updates' ); + $action = 'disable'; + $time_class = ''; + } else { + $text = __( 'Enable auto-updates' ); + $action = 'enable'; + $time_class = ' hidden'; + } + + $query_args = array( + 'action' => "{$action}-auto-update", + 'theme' => $stylesheet, + 'paged' => $page, + 'theme_status' => $status, + ); + + $url = add_query_arg( $query_args, 'themes.php' ); + + if ( 'unavailable' === $action ) { + $html[] = '<span class="label">' . $text . '</span>'; + } else { + $html[] = sprintf( + '<a href="%s" class="toggle-auto-update aria-button-if-js" data-wp-action="%s">', + wp_nonce_url( $url, 'updates' ), + $action + ); + + $html[] = '<span class="dashicons dashicons-update spin hidden" aria-hidden="true"></span>'; + $html[] = '<span class="label">' . $text . '</span>'; + $html[] = '</a>'; + + } + + if ( isset( $available_updates->response[ $stylesheet ] ) ) { + $html[] = sprintf( + '<div class="auto-update-time%s">%s</div>', + $time_class, + wp_get_auto_update_message() + ); + } + + $html = implode( '', $html ); + + /** + * Filters the HTML of the auto-updates setting for each theme in the Themes list table. + * + * @since 5.5.0 + * + * @param string $html The HTML for theme's auto-update setting, including + * toggle auto-update action link and time to next update. + * @param string $stylesheet Directory name of the theme. + * @param WP_Theme $theme WP_Theme object. + */ + echo apply_filters( 'theme_auto_update_setting_html', $html, $stylesheet, $theme ); + + wp_admin_notice( + '', + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'hidden' ), + ) + ); + } + + /** + * Handles default column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$theme` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Theme $item The current WP_Theme object. + * @param string $column_name The current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $theme = $item; + + $stylesheet = $theme->get_stylesheet(); + + /** + * Fires inside each custom column of the Multisite themes list table. + * + * @since 3.1.0 + * + * @param string $column_name Name of the column. + * @param string $stylesheet Directory name of the theme. + * @param WP_Theme $theme Current WP_Theme object. + */ + do_action( 'manage_themes_custom_column', $column_name, $stylesheet, $theme ); + } + + /** + * Handles the output for a single table row. + * + * @since 4.3.0 + * + * @param WP_Theme $item The current WP_Theme object. + */ + public function single_row_columns( $item ) { + list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info(); + + foreach ( $columns as $column_name => $column_display_name ) { + $extra_classes = ''; + if ( in_array( $column_name, $hidden, true ) ) { + $extra_classes .= ' hidden'; + } + + switch ( $column_name ) { + case 'cb': + echo '<th scope="row" class="check-column">'; + + $this->column_cb( $item ); + + echo '</th>'; + break; + + case 'name': + $active_theme_label = ''; + + /* The presence of the site_id property means that this is a subsite view and a label for the active theme needs to be added */ + if ( ! empty( $this->site_id ) ) { + $stylesheet = get_blog_option( $this->site_id, 'stylesheet' ); + $template = get_blog_option( $this->site_id, 'template' ); + + /* Add a label for the active template */ + if ( $item->get_template() === $template ) { + $active_theme_label = ' — ' . __( 'Active Theme' ); + } + + /* In case this is a child theme, label it properly */ + if ( $stylesheet !== $template && $item->get_stylesheet() === $stylesheet ) { + $active_theme_label = ' — ' . __( 'Active Child Theme' ); + } + } + + echo "<td class='theme-title column-primary{$extra_classes}'><strong>" . $item->display( 'Name' ) . $active_theme_label . '</strong>'; + + $this->column_name( $item ); + + echo '</td>'; + break; + + case 'description': + echo "<td class='column-description desc{$extra_classes}'>"; + + $this->column_description( $item ); + + echo '</td>'; + break; + + case 'auto-updates': + echo "<td class='column-auto-updates{$extra_classes}'>"; + + $this->column_autoupdates( $item ); + + echo '</td>'; + break; + default: + echo "<td class='$column_name column-$column_name{$extra_classes}'>"; + + $this->column_default( $item, $column_name ); + + echo '</td>'; + break; + } + } + } + + /** + * @global string $status + * @global array $totals + * + * @param WP_Theme $theme + */ + public function single_row( $theme ) { + global $status, $totals; + + if ( $this->is_site_themes ) { + $allowed = $theme->is_allowed( 'site', $this->site_id ); + } else { + $allowed = $theme->is_allowed( 'network' ); + } + + $stylesheet = $theme->get_stylesheet(); + + $class = ! $allowed ? 'inactive' : 'active'; + if ( ! empty( $totals['upgrade'] ) && ! empty( $theme->update ) ) { + $class .= ' update'; + } + + printf( + '<tr class="%s" data-slug="%s">', + esc_attr( $class ), + esc_attr( $stylesheet ) + ); + + $this->single_row_columns( $theme ); + + echo '</tr>'; + + if ( $this->is_site_themes ) { + remove_action( "after_theme_row_$stylesheet", 'wp_theme_update_row' ); + } + + /** + * Fires after each row in the Multisite themes list table. + * + * @since 3.1.0 + * + * @param string $stylesheet Directory name of the theme. + * @param WP_Theme $theme Current WP_Theme object. + * @param string $status Status of the theme. + */ + do_action( 'after_theme_row', $stylesheet, $theme, $status ); + + /** + * Fires after each specific row in the Multisite themes list table. + * + * The dynamic portion of the hook name, `$stylesheet`, refers to the + * directory name of the theme, most often synonymous with the template + * name of the theme. + * + * @since 3.5.0 + * + * @param string $stylesheet Directory name of the theme. + * @param WP_Theme $theme Current WP_Theme object. + * @param string $status Status of the theme. + */ + do_action( "after_theme_row_{$stylesheet}", $stylesheet, $theme, $status ); + } +} diff --git a/wp-admin/includes/class-wp-ms-users-list-table.php b/wp-admin/includes/class-wp-ms-users-list-table.php new file mode 100644 index 0000000..ec12321 --- /dev/null +++ b/wp-admin/includes/class-wp-ms-users-list-table.php @@ -0,0 +1,546 @@ +<?php +/** + * List Table API: WP_MS_Users_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying users in a list table for the network admin. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_MS_Users_List_Table extends WP_List_Table { + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'manage_network_users' ); + } + + /** + * @global string $mode List table view mode. + * @global string $usersearch + * @global string $role + */ + public function prepare_items() { + global $mode, $usersearch, $role; + + if ( ! empty( $_REQUEST['mode'] ) ) { + $mode = 'excerpt' === $_REQUEST['mode'] ? 'excerpt' : 'list'; + set_user_setting( 'network_users_list_mode', $mode ); + } else { + $mode = get_user_setting( 'network_users_list_mode', 'list' ); + } + + $usersearch = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : ''; + + $users_per_page = $this->get_items_per_page( 'users_network_per_page' ); + + $role = isset( $_REQUEST['role'] ) ? $_REQUEST['role'] : ''; + + $paged = $this->get_pagenum(); + + $args = array( + 'number' => $users_per_page, + 'offset' => ( $paged - 1 ) * $users_per_page, + 'search' => $usersearch, + 'blog_id' => 0, + 'fields' => 'all_with_meta', + ); + + if ( wp_is_large_network( 'users' ) ) { + $args['search'] = ltrim( $args['search'], '*' ); + } elseif ( '' !== $args['search'] ) { + $args['search'] = trim( $args['search'], '*' ); + $args['search'] = '*' . $args['search'] . '*'; + } + + if ( 'super' === $role ) { + $args['login__in'] = get_super_admins(); + } + + /* + * If the network is large and a search is not being performed, + * show only the latest users with no paging in order to avoid + * expensive count queries. + */ + if ( ! $usersearch && wp_is_large_network( 'users' ) ) { + if ( ! isset( $_REQUEST['orderby'] ) ) { + $_GET['orderby'] = 'id'; + $_REQUEST['orderby'] = 'id'; + } + if ( ! isset( $_REQUEST['order'] ) ) { + $_GET['order'] = 'DESC'; + $_REQUEST['order'] = 'DESC'; + } + $args['count_total'] = false; + } + + if ( isset( $_REQUEST['orderby'] ) ) { + $args['orderby'] = $_REQUEST['orderby']; + } + + if ( isset( $_REQUEST['order'] ) ) { + $args['order'] = $_REQUEST['order']; + } + + /** This filter is documented in wp-admin/includes/class-wp-users-list-table.php */ + $args = apply_filters( 'users_list_table_query_args', $args ); + + // Query the user IDs for this page. + $wp_user_search = new WP_User_Query( $args ); + + $this->items = $wp_user_search->get_results(); + + $this->set_pagination_args( + array( + 'total_items' => $wp_user_search->get_total(), + 'per_page' => $users_per_page, + ) + ); + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + if ( current_user_can( 'delete_users' ) ) { + $actions['delete'] = __( 'Delete' ); + } + $actions['spam'] = _x( 'Mark as spam', 'user' ); + $actions['notspam'] = _x( 'Not spam', 'user' ); + + return $actions; + } + + /** + */ + public function no_items() { + _e( 'No users found.' ); + } + + /** + * @global string $role + * @return array + */ + protected function get_views() { + global $role; + + $total_users = get_user_count(); + $super_admins = get_super_admins(); + $total_admins = count( $super_admins ); + + $role_links = array(); + $role_links['all'] = array( + 'url' => network_admin_url( 'users.php' ), + 'label' => sprintf( + /* translators: Number of users. */ + _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $total_users, + 'users' + ), + number_format_i18n( $total_users ) + ), + 'current' => 'super' !== $role, + ); + + $role_links['super'] = array( + 'url' => network_admin_url( 'users.php?role=super' ), + 'label' => sprintf( + /* translators: Number of users. */ + _n( + 'Super Admin <span class="count">(%s)</span>', + 'Super Admins <span class="count">(%s)</span>', + $total_admins + ), + number_format_i18n( $total_admins ) + ), + 'current' => 'super' === $role, + ); + + return $this->get_views_links( $role_links ); + } + + /** + * @global string $mode List table view mode. + * + * @param string $which + */ + protected function pagination( $which ) { + global $mode; + + parent::pagination( $which ); + + if ( 'top' === $which ) { + $this->view_switcher( $mode ); + } + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $users_columns = array( + 'cb' => '<input type="checkbox" />', + 'username' => __( 'Username' ), + 'name' => __( 'Name' ), + 'email' => __( 'Email' ), + 'registered' => _x( 'Registered', 'user' ), + 'blogs' => __( 'Sites' ), + ); + /** + * Filters the columns displayed in the Network Admin Users list table. + * + * @since MU (3.0.0) + * + * @param string[] $users_columns An array of user columns. Default 'cb', 'username', + * 'name', 'email', 'registered', 'blogs'. + */ + return apply_filters( 'wpmu_users_columns', $users_columns ); + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array( + 'username' => array( 'login', false, __( 'Username' ), __( 'Table ordered by Username.' ), 'asc' ), + 'name' => array( 'name', false, __( 'Name' ), __( 'Table ordered by Name.' ) ), + 'email' => array( 'email', false, __( 'E-mail' ), __( 'Table ordered by E-mail.' ) ), + 'registered' => array( 'id', false, _x( 'Registered', 'user' ), __( 'Table ordered by User Registered Date.' ) ), + ); + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$user` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_User $item The current WP_User object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $user = $item; + + if ( is_super_admin( $user->ID ) ) { + return; + } + ?> + <input type="checkbox" id="blog_<?php echo $user->ID; ?>" name="allusers[]" value="<?php echo esc_attr( $user->ID ); ?>" /> + <label for="blog_<?php echo $user->ID; ?>"> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. %s: User login. */ + printf( __( 'Select %s' ), $user->user_login ); + ?> + </span> + </label> + <?php + } + + /** + * Handles the ID column output. + * + * @since 4.4.0 + * + * @param WP_User $user The current WP_User object. + */ + public function column_id( $user ) { + echo $user->ID; + } + + /** + * Handles the username column output. + * + * @since 4.3.0 + * + * @param WP_User $user The current WP_User object. + */ + public function column_username( $user ) { + $super_admins = get_super_admins(); + $avatar = get_avatar( $user->user_email, 32 ); + + echo $avatar; + + if ( current_user_can( 'edit_user', $user->ID ) ) { + $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) ); + $edit = "<a href=\"{$edit_link}\">{$user->user_login}</a>"; + } else { + $edit = $user->user_login; + } + + ?> + <strong> + <?php + echo $edit; + + if ( in_array( $user->user_login, $super_admins, true ) ) { + echo ' — ' . __( 'Super Admin' ); + } + ?> + </strong> + <?php + } + + /** + * Handles the name column output. + * + * @since 4.3.0 + * + * @param WP_User $user The current WP_User object. + */ + public function column_name( $user ) { + if ( $user->first_name && $user->last_name ) { + printf( + /* translators: 1: User's first name, 2: Last name. */ + _x( '%1$s %2$s', 'Display name based on first name and last name' ), + $user->first_name, + $user->last_name + ); + } elseif ( $user->first_name ) { + echo $user->first_name; + } elseif ( $user->last_name ) { + echo $user->last_name; + } else { + echo '<span aria-hidden="true">—</span><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + _x( 'Unknown', 'name' ) . + '</span>'; + } + } + + /** + * Handles the email column output. + * + * @since 4.3.0 + * + * @param WP_User $user The current WP_User object. + */ + public function column_email( $user ) { + echo "<a href='" . esc_url( "mailto:$user->user_email" ) . "'>$user->user_email</a>"; + } + + /** + * Handles the registered date column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param WP_User $user The current WP_User object. + */ + public function column_registered( $user ) { + global $mode; + if ( 'list' === $mode ) { + $date = __( 'Y/m/d' ); + } else { + $date = __( 'Y/m/d g:i:s a' ); + } + echo mysql2date( $date, $user->user_registered ); + } + + /** + * @since 4.3.0 + * + * @param WP_User $user + * @param string $classes + * @param string $data + * @param string $primary + */ + protected function _column_blogs( $user, $classes, $data, $primary ) { + echo '<td class="', $classes, ' has-row-actions" ', $data, '>'; + echo $this->column_blogs( $user ); + echo $this->handle_row_actions( $user, 'blogs', $primary ); + echo '</td>'; + } + + /** + * Handles the sites column output. + * + * @since 4.3.0 + * + * @param WP_User $user The current WP_User object. + */ + public function column_blogs( $user ) { + $blogs = get_blogs_of_user( $user->ID, true ); + if ( ! is_array( $blogs ) ) { + return; + } + + foreach ( $blogs as $site ) { + if ( ! can_edit_network( $site->site_id ) ) { + continue; + } + + $path = ( '/' === $site->path ) ? '' : $site->path; + $site_classes = array( 'site-' . $site->site_id ); + /** + * Filters the span class for a site listing on the mulisite user list table. + * + * @since 5.2.0 + * + * @param string[] $site_classes Array of class names used within the span tag. Default "site-#" with the site's network ID. + * @param int $site_id Site ID. + * @param int $network_id Network ID. + * @param WP_User $user WP_User object. + */ + $site_classes = apply_filters( 'ms_user_list_site_class', $site_classes, $site->userblog_id, $site->site_id, $user ); + if ( is_array( $site_classes ) && ! empty( $site_classes ) ) { + $site_classes = array_map( 'sanitize_html_class', array_unique( $site_classes ) ); + echo '<span class="' . esc_attr( implode( ' ', $site_classes ) ) . '">'; + } else { + echo '<span>'; + } + echo '<a href="' . esc_url( network_admin_url( 'site-info.php?id=' . $site->userblog_id ) ) . '">' . str_replace( '.' . get_network()->domain, '', $site->domain . $path ) . '</a>'; + echo ' <small class="row-actions">'; + $actions = array(); + $actions['edit'] = '<a href="' . esc_url( network_admin_url( 'site-info.php?id=' . $site->userblog_id ) ) . '">' . __( 'Edit' ) . '</a>'; + + $class = ''; + if ( 1 === (int) $site->spam ) { + $class .= 'site-spammed '; + } + if ( 1 === (int) $site->mature ) { + $class .= 'site-mature '; + } + if ( 1 === (int) $site->deleted ) { + $class .= 'site-deleted '; + } + if ( 1 === (int) $site->archived ) { + $class .= 'site-archived '; + } + + $actions['view'] = '<a class="' . $class . '" href="' . esc_url( get_home_url( $site->userblog_id ) ) . '">' . __( 'View' ) . '</a>'; + + /** + * Filters the action links displayed next the sites a user belongs to + * in the Network Admin Users list table. + * + * @since 3.1.0 + * + * @param string[] $actions An array of action links to be displayed. Default 'Edit', 'View'. + * @param int $userblog_id The site ID. + */ + $actions = apply_filters( 'ms_user_list_site_actions', $actions, $site->userblog_id ); + + $action_count = count( $actions ); + + $i = 0; + + foreach ( $actions as $action => $link ) { + ++$i; + + $separator = ( $i < $action_count ) ? ' | ' : ''; + + echo "<span class='$action'>{$link}{$separator}</span>"; + } + + echo '</small></span><br />'; + } + } + + /** + * Handles the default column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$user` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_User $item The current WP_User object. + * @param string $column_name The current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $user = $item; + + /** This filter is documented in wp-admin/includes/class-wp-users-list-table.php */ + echo apply_filters( 'manage_users_custom_column', '', $column_name, $user->ID ); + } + + public function display_rows() { + foreach ( $this->items as $user ) { + $class = ''; + + $status_list = array( + 'spam' => 'site-spammed', + 'deleted' => 'site-deleted', + ); + + foreach ( $status_list as $status => $col ) { + if ( $user->$status ) { + $class .= " $col"; + } + } + + ?> + <tr class="<?php echo trim( $class ); ?>"> + <?php $this->single_row_columns( $user ); ?> + </tr> + <?php + } + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'username'. + */ + protected function get_default_primary_column_name() { + return 'username'; + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$user` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_User $item User being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for users in Multisite, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $user = $item; + + $super_admins = get_super_admins(); + $actions = array(); + + if ( current_user_can( 'edit_user', $user->ID ) ) { + $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) ); + $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; + } + + if ( current_user_can( 'delete_user', $user->ID ) && ! in_array( $user->user_login, $super_admins, true ) ) { + $actions['delete'] = '<a href="' . esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'deleteuser' ) . '&action=deleteuser&id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>'; + } + + /** + * Filters the action links displayed under each user in the Network Admin Users list table. + * + * @since 3.2.0 + * + * @param string[] $actions An array of action links to be displayed. Default 'Edit', 'Delete'. + * @param WP_User $user WP_User object. + */ + $actions = apply_filters( 'ms_user_row_actions', $actions, $user ); + + return $this->row_actions( $actions ); + } +} diff --git a/wp-admin/includes/class-wp-plugin-install-list-table.php b/wp-admin/includes/class-wp-plugin-install-list-table.php new file mode 100644 index 0000000..7823f00 --- /dev/null +++ b/wp-admin/includes/class-wp-plugin-install-list-table.php @@ -0,0 +1,831 @@ +<?php +/** + * List Table API: WP_Plugin_Install_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying plugins to install in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Plugin_Install_List_Table extends WP_List_Table { + + public $order = 'ASC'; + public $orderby = null; + public $groups = array(); + + private $error; + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'install_plugins' ); + } + + /** + * Returns the list of known plugins. + * + * Uses the transient data from the updates API to determine the known + * installed plugins. + * + * @since 4.9.0 + * @access protected + * + * @return array + */ + protected function get_installed_plugins() { + $plugins = array(); + + $plugin_info = get_site_transient( 'update_plugins' ); + if ( isset( $plugin_info->no_update ) ) { + foreach ( $plugin_info->no_update as $plugin ) { + if ( isset( $plugin->slug ) ) { + $plugin->upgrade = false; + $plugins[ $plugin->slug ] = $plugin; + } + } + } + + if ( isset( $plugin_info->response ) ) { + foreach ( $plugin_info->response as $plugin ) { + if ( isset( $plugin->slug ) ) { + $plugin->upgrade = true; + $plugins[ $plugin->slug ] = $plugin; + } + } + } + + return $plugins; + } + + /** + * Returns a list of slugs of installed plugins, if known. + * + * Uses the transient data from the updates API to determine the slugs of + * known installed plugins. This might be better elsewhere, perhaps even + * within get_plugins(). + * + * @since 4.0.0 + * + * @return array + */ + protected function get_installed_plugin_slugs() { + return array_keys( $this->get_installed_plugins() ); + } + + /** + * @global array $tabs + * @global string $tab + * @global int $paged + * @global string $type + * @global string $term + */ + public function prepare_items() { + require_once ABSPATH . 'wp-admin/includes/plugin-install.php'; + + global $tabs, $tab, $paged, $type, $term; + + wp_reset_vars( array( 'tab' ) ); + + $paged = $this->get_pagenum(); + + $per_page = 36; + + // These are the tabs which are shown on the page. + $tabs = array(); + + if ( 'search' === $tab ) { + $tabs['search'] = __( 'Search Results' ); + } + + if ( 'beta' === $tab || str_contains( get_bloginfo( 'version' ), '-' ) ) { + $tabs['beta'] = _x( 'Beta Testing', 'Plugin Installer' ); + } + + $tabs['featured'] = _x( 'Featured', 'Plugin Installer' ); + $tabs['popular'] = _x( 'Popular', 'Plugin Installer' ); + $tabs['recommended'] = _x( 'Recommended', 'Plugin Installer' ); + $tabs['favorites'] = _x( 'Favorites', 'Plugin Installer' ); + + if ( current_user_can( 'upload_plugins' ) ) { + /* + * No longer a real tab. Here for filter compatibility. + * Gets skipped in get_views(). + */ + $tabs['upload'] = __( 'Upload Plugin' ); + } + + $nonmenu_tabs = array( 'plugin-information' ); // Valid actions to perform which do not have a Menu item. + + /** + * Filters the tabs shown on the Add Plugins screen. + * + * @since 2.7.0 + * + * @param string[] $tabs The tabs shown on the Add Plugins screen. Defaults include + * 'featured', 'popular', 'recommended', 'favorites', and 'upload'. + */ + $tabs = apply_filters( 'install_plugins_tabs', $tabs ); + + /** + * Filters tabs not associated with a menu item on the Add Plugins screen. + * + * @since 2.7.0 + * + * @param string[] $nonmenu_tabs The tabs that don't have a menu item on the Add Plugins screen. + */ + $nonmenu_tabs = apply_filters( 'install_plugins_nonmenu_tabs', $nonmenu_tabs ); + + // If a non-valid menu tab has been selected, And it's not a non-menu action. + if ( empty( $tab ) || ( ! isset( $tabs[ $tab ] ) && ! in_array( $tab, (array) $nonmenu_tabs, true ) ) ) { + $tab = key( $tabs ); + } + + $installed_plugins = $this->get_installed_plugins(); + + $args = array( + 'page' => $paged, + 'per_page' => $per_page, + // Send the locale to the API so it can provide context-sensitive results. + 'locale' => get_user_locale(), + ); + + switch ( $tab ) { + case 'search': + $type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term'; + $term = isset( $_REQUEST['s'] ) ? wp_unslash( $_REQUEST['s'] ) : ''; + + switch ( $type ) { + case 'tag': + $args['tag'] = sanitize_title_with_dashes( $term ); + break; + case 'term': + $args['search'] = $term; + break; + case 'author': + $args['author'] = $term; + break; + } + + break; + + case 'featured': + case 'popular': + case 'new': + case 'beta': + $args['browse'] = $tab; + break; + case 'recommended': + $args['browse'] = $tab; + // Include the list of installed plugins so we can get relevant results. + $args['installed_plugins'] = array_keys( $installed_plugins ); + break; + + case 'favorites': + $action = 'save_wporg_username_' . get_current_user_id(); + if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( wp_unslash( $_GET['_wpnonce'] ), $action ) ) { + $user = isset( $_GET['user'] ) ? wp_unslash( $_GET['user'] ) : get_user_option( 'wporg_favorites' ); + + // If the save url parameter is passed with a falsey value, don't save the favorite user. + if ( ! isset( $_GET['save'] ) || $_GET['save'] ) { + update_user_meta( get_current_user_id(), 'wporg_favorites', $user ); + } + } else { + $user = get_user_option( 'wporg_favorites' ); + } + if ( $user ) { + $args['user'] = $user; + } else { + $args = false; + } + + add_action( 'install_plugins_favorites', 'install_plugins_favorites_form', 9, 0 ); + break; + + default: + $args = false; + break; + } + + /** + * Filters API request arguments for each Add Plugins screen tab. + * + * The dynamic portion of the hook name, `$tab`, refers to the plugin install tabs. + * + * Possible hook names include: + * + * - `install_plugins_table_api_args_favorites` + * - `install_plugins_table_api_args_featured` + * - `install_plugins_table_api_args_popular` + * - `install_plugins_table_api_args_recommended` + * - `install_plugins_table_api_args_upload` + * - `install_plugins_table_api_args_search` + * - `install_plugins_table_api_args_beta` + * + * @since 3.7.0 + * + * @param array|false $args Plugin install API arguments. + */ + $args = apply_filters( "install_plugins_table_api_args_{$tab}", $args ); + + if ( ! $args ) { + return; + } + + $api = plugins_api( 'query_plugins', $args ); + + if ( is_wp_error( $api ) ) { + $this->error = $api; + return; + } + + $this->items = $api->plugins; + + if ( $this->orderby ) { + uasort( $this->items, array( $this, 'order_callback' ) ); + } + + $this->set_pagination_args( + array( + 'total_items' => $api->info['results'], + 'per_page' => $args['per_page'], + ) + ); + + if ( isset( $api->info['groups'] ) ) { + $this->groups = $api->info['groups']; + } + + if ( $installed_plugins ) { + $js_plugins = array_fill_keys( + array( 'all', 'search', 'active', 'inactive', 'recently_activated', 'mustuse', 'dropins' ), + array() + ); + + $js_plugins['all'] = array_values( wp_list_pluck( $installed_plugins, 'plugin' ) ); + $upgrade_plugins = wp_filter_object_list( $installed_plugins, array( 'upgrade' => true ), 'and', 'plugin' ); + + if ( $upgrade_plugins ) { + $js_plugins['upgrade'] = array_values( $upgrade_plugins ); + } + + wp_localize_script( + 'updates', + '_wpUpdatesItemCounts', + array( + 'plugins' => $js_plugins, + 'totals' => wp_get_update_data(), + ) + ); + } + } + + /** + */ + public function no_items() { + if ( isset( $this->error ) ) { + $error_message = '<p>' . $this->error->get_error_message() . '</p>'; + $error_message .= '<p class="hide-if-no-js"><button class="button try-again">' . __( 'Try Again' ) . '</button></p>'; + wp_admin_notice( + $error_message, + array( + 'additional_classes' => array( 'inline', 'error' ), + 'paragraph_wrap' => false, + ) + ); + ?> + <?php } else { ?> + <div class="no-plugin-results"><?php _e( 'No plugins found. Try a different search.' ); ?></div> + <?php + } + } + + /** + * @global array $tabs + * @global string $tab + * + * @return array + */ + protected function get_views() { + global $tabs, $tab; + + $display_tabs = array(); + foreach ( (array) $tabs as $action => $text ) { + $display_tabs[ 'plugin-install-' . $action ] = array( + 'url' => self_admin_url( 'plugin-install.php?tab=' . $action ), + 'label' => $text, + 'current' => $action === $tab, + ); + } + // No longer a real tab. + unset( $display_tabs['plugin-install-upload'] ); + + return $this->get_views_links( $display_tabs ); + } + + /** + * Overrides parent views so we can use the filter bar display. + */ + public function views() { + $views = $this->get_views(); + + /** This filter is documented in wp-admin/includes/class-wp-list-table.php */ + $views = apply_filters( "views_{$this->screen->id}", $views ); + + $this->screen->render_screen_reader_content( 'heading_views' ); + ?> +<div class="wp-filter"> + <ul class="filter-links"> + <?php + if ( ! empty( $views ) ) { + foreach ( $views as $class => $view ) { + $views[ $class ] = "\t<li class='$class'>$view"; + } + echo implode( " </li>\n", $views ) . "</li>\n"; + } + ?> + </ul> + + <?php install_search_form(); ?> +</div> + <?php + } + + /** + * Displays the plugin install table. + * + * Overrides the parent display() method to provide a different container. + * + * @since 4.0.0 + */ + public function display() { + $singular = $this->_args['singular']; + + $data_attr = ''; + + if ( $singular ) { + $data_attr = " data-wp-lists='list:$singular'"; + } + + $this->display_tablenav( 'top' ); + + ?> +<div class="wp-list-table <?php echo implode( ' ', $this->get_table_classes() ); ?>"> + <?php + $this->screen->render_screen_reader_content( 'heading_list' ); + ?> + <div id="the-list"<?php echo $data_attr; ?>> + <?php $this->display_rows_or_placeholder(); ?> + </div> +</div> + <?php + $this->display_tablenav( 'bottom' ); + } + + /** + * @global string $tab + * + * @param string $which + */ + protected function display_tablenav( $which ) { + if ( 'featured' === $GLOBALS['tab'] ) { + return; + } + + if ( 'top' === $which ) { + wp_referer_field(); + ?> + <div class="tablenav top"> + <div class="alignleft actions"> + <?php + /** + * Fires before the Plugin Install table header pagination is displayed. + * + * @since 2.7.0 + */ + do_action( 'install_plugins_table_header' ); + ?> + </div> + <?php $this->pagination( $which ); ?> + <br class="clear" /> + </div> + <?php } else { ?> + <div class="tablenav bottom"> + <?php $this->pagination( $which ); ?> + <br class="clear" /> + </div> + <?php + } + } + + /** + * @return array + */ + protected function get_table_classes() { + return array( 'widefat', $this->_args['plural'] ); + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + return array(); + } + + /** + * @param object $plugin_a + * @param object $plugin_b + * @return int + */ + private function order_callback( $plugin_a, $plugin_b ) { + $orderby = $this->orderby; + if ( ! isset( $plugin_a->$orderby, $plugin_b->$orderby ) ) { + return 0; + } + + $a = $plugin_a->$orderby; + $b = $plugin_b->$orderby; + + if ( $a === $b ) { + return 0; + } + + if ( 'DESC' === $this->order ) { + return ( $a < $b ) ? 1 : -1; + } else { + return ( $a < $b ) ? -1 : 1; + } + } + + public function display_rows() { + $plugins_allowedtags = array( + 'a' => array( + 'href' => array(), + 'title' => array(), + 'target' => array(), + ), + 'abbr' => array( 'title' => array() ), + 'acronym' => array( 'title' => array() ), + 'code' => array(), + 'pre' => array(), + 'em' => array(), + 'strong' => array(), + 'ul' => array(), + 'ol' => array(), + 'li' => array(), + 'p' => array(), + 'br' => array(), + ); + + $plugins_group_titles = array( + 'Performance' => _x( 'Performance', 'Plugin installer group title' ), + 'Social' => _x( 'Social', 'Plugin installer group title' ), + 'Tools' => _x( 'Tools', 'Plugin installer group title' ), + ); + + $group = null; + + foreach ( (array) $this->items as $plugin ) { + if ( is_object( $plugin ) ) { + $plugin = (array) $plugin; + } + + // Display the group heading if there is one. + if ( isset( $plugin['group'] ) && $plugin['group'] !== $group ) { + if ( isset( $this->groups[ $plugin['group'] ] ) ) { + $group_name = $this->groups[ $plugin['group'] ]; + if ( isset( $plugins_group_titles[ $group_name ] ) ) { + $group_name = $plugins_group_titles[ $group_name ]; + } + } else { + $group_name = $plugin['group']; + } + + // Starting a new group, close off the divs of the last one. + if ( ! empty( $group ) ) { + echo '</div></div>'; + } + + echo '<div class="plugin-group"><h3>' . esc_html( $group_name ) . '</h3>'; + // Needs an extra wrapping div for nth-child selectors to work. + echo '<div class="plugin-items">'; + + $group = $plugin['group']; + } + + $title = wp_kses( $plugin['name'], $plugins_allowedtags ); + + // Remove any HTML from the description. + $description = strip_tags( $plugin['short_description'] ); + + /** + * Filters the plugin card description on the Add Plugins screen. + * + * @since 6.0.0 + * + * @param string $description Plugin card description. + * @param array $plugin An array of plugin data. See {@see plugins_api()} + * for the list of possible values. + */ + $description = apply_filters( 'plugin_install_description', $description, $plugin ); + + $version = wp_kses( $plugin['version'], $plugins_allowedtags ); + + $name = strip_tags( $title . ' ' . $version ); + + $author = wp_kses( $plugin['author'], $plugins_allowedtags ); + if ( ! empty( $author ) ) { + /* translators: %s: Plugin author. */ + $author = ' <cite>' . sprintf( __( 'By %s' ), $author ) . '</cite>'; + } + + $requires_php = isset( $plugin['requires_php'] ) ? $plugin['requires_php'] : null; + $requires_wp = isset( $plugin['requires'] ) ? $plugin['requires'] : null; + + $compatible_php = is_php_version_compatible( $requires_php ); + $compatible_wp = is_wp_version_compatible( $requires_wp ); + $tested_wp = ( empty( $plugin['tested'] ) || version_compare( get_bloginfo( 'version' ), $plugin['tested'], '<=' ) ); + + $action_links = array(); + + if ( current_user_can( 'install_plugins' ) || current_user_can( 'update_plugins' ) ) { + $status = install_plugin_install_status( $plugin ); + + switch ( $status['status'] ) { + case 'install': + if ( $status['url'] ) { + if ( $compatible_php && $compatible_wp ) { + $action_links[] = sprintf( + '<a class="install-now button" data-slug="%s" href="%s" aria-label="%s" data-name="%s">%s</a>', + esc_attr( $plugin['slug'] ), + esc_url( $status['url'] ), + /* translators: %s: Plugin name and version. */ + esc_attr( sprintf( _x( 'Install %s now', 'plugin' ), $name ) ), + esc_attr( $name ), + __( 'Install Now' ) + ); + } else { + $action_links[] = sprintf( + '<button type="button" class="button button-disabled" disabled="disabled">%s</button>', + _x( 'Cannot Install', 'plugin' ) + ); + } + } + break; + + case 'update_available': + if ( $status['url'] ) { + if ( $compatible_php && $compatible_wp ) { + $action_links[] = sprintf( + '<a class="update-now button aria-button-if-js" data-plugin="%s" data-slug="%s" href="%s" aria-label="%s" data-name="%s">%s</a>', + esc_attr( $status['file'] ), + esc_attr( $plugin['slug'] ), + esc_url( $status['url'] ), + /* translators: %s: Plugin name and version. */ + esc_attr( sprintf( _x( 'Update %s now', 'plugin' ), $name ) ), + esc_attr( $name ), + __( 'Update Now' ) + ); + } else { + $action_links[] = sprintf( + '<button type="button" class="button button-disabled" disabled="disabled">%s</button>', + _x( 'Cannot Update', 'plugin' ) + ); + } + } + break; + + case 'latest_installed': + case 'newer_installed': + if ( is_plugin_active( $status['file'] ) ) { + $action_links[] = sprintf( + '<button type="button" class="button button-disabled" disabled="disabled">%s</button>', + _x( 'Active', 'plugin' ) + ); + } elseif ( current_user_can( 'activate_plugin', $status['file'] ) ) { + if ( $compatible_php && $compatible_wp ) { + $button_text = __( 'Activate' ); + /* translators: %s: Plugin name. */ + $button_label = _x( 'Activate %s', 'plugin' ); + $activate_url = add_query_arg( + array( + '_wpnonce' => wp_create_nonce( 'activate-plugin_' . $status['file'] ), + 'action' => 'activate', + 'plugin' => $status['file'], + ), + network_admin_url( 'plugins.php' ) + ); + + if ( is_network_admin() ) { + $button_text = __( 'Network Activate' ); + /* translators: %s: Plugin name. */ + $button_label = _x( 'Network Activate %s', 'plugin' ); + $activate_url = add_query_arg( array( 'networkwide' => 1 ), $activate_url ); + } + + $action_links[] = sprintf( + '<a href="%1$s" class="button activate-now" aria-label="%2$s">%3$s</a>', + esc_url( $activate_url ), + esc_attr( sprintf( $button_label, $plugin['name'] ) ), + $button_text + ); + } else { + $action_links[] = sprintf( + '<button type="button" class="button button-disabled" disabled="disabled">%s</button>', + _x( 'Cannot Activate', 'plugin' ) + ); + } + } else { + $action_links[] = sprintf( + '<button type="button" class="button button-disabled" disabled="disabled">%s</button>', + _x( 'Installed', 'plugin' ) + ); + } + break; + } + } + + $details_link = self_admin_url( + 'plugin-install.php?tab=plugin-information&plugin=' . $plugin['slug'] . + '&TB_iframe=true&width=600&height=550' + ); + + $action_links[] = sprintf( + '<a href="%s" class="thickbox open-plugin-details-modal" aria-label="%s" data-title="%s">%s</a>', + esc_url( $details_link ), + /* translators: %s: Plugin name and version. */ + esc_attr( sprintf( __( 'More information about %s' ), $name ) ), + esc_attr( $name ), + __( 'More Details' ) + ); + + if ( ! empty( $plugin['icons']['svg'] ) ) { + $plugin_icon_url = $plugin['icons']['svg']; + } elseif ( ! empty( $plugin['icons']['2x'] ) ) { + $plugin_icon_url = $plugin['icons']['2x']; + } elseif ( ! empty( $plugin['icons']['1x'] ) ) { + $plugin_icon_url = $plugin['icons']['1x']; + } else { + $plugin_icon_url = $plugin['icons']['default']; + } + + /** + * Filters the install action links for a plugin. + * + * @since 2.7.0 + * + * @param string[] $action_links An array of plugin action links. + * Defaults are links to Details and Install Now. + * @param array $plugin An array of plugin data. See {@see plugins_api()} + * for the list of possible values. + */ + $action_links = apply_filters( 'plugin_install_action_links', $action_links, $plugin ); + + $last_updated_timestamp = strtotime( $plugin['last_updated'] ); + ?> + <div class="plugin-card plugin-card-<?php echo sanitize_html_class( $plugin['slug'] ); ?>"> + <?php + if ( ! $compatible_php || ! $compatible_wp ) { + $incompatible_notice_message = ''; + if ( ! $compatible_php && ! $compatible_wp ) { + $incompatible_notice_message .= __( 'This plugin does not work with your versions of WordPress and PHP.' ); + if ( current_user_can( 'update_core' ) && current_user_can( 'update_php' ) ) { + $incompatible_notice_message .= sprintf( + /* translators: 1: URL to WordPress Updates screen, 2: URL to Update PHP page. */ + ' ' . __( '<a href="%1$s">Please update WordPress</a>, and then <a href="%2$s">learn more about updating PHP</a>.' ), + self_admin_url( 'update-core.php' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_notice_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } elseif ( current_user_can( 'update_core' ) ) { + $incompatible_notice_message .= sprintf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } elseif ( current_user_can( 'update_php' ) ) { + $incompatible_notice_message .= sprintf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_notice_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } + } elseif ( ! $compatible_wp ) { + $incompatible_notice_message .= __( 'This plugin does not work with your version of WordPress.' ); + if ( current_user_can( 'update_core' ) ) { + $incompatible_notice_message .= printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } + } elseif ( ! $compatible_php ) { + $incompatible_notice_message .= __( 'This plugin does not work with your version of PHP.' ); + if ( current_user_can( 'update_php' ) ) { + $incompatible_notice_message .= sprintf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_notice_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } + } + + wp_admin_notice( + $incompatible_notice_message, + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline' ), + ) + ); + } + ?> + <div class="plugin-card-top"> + <div class="name column-name"> + <h3> + <a href="<?php echo esc_url( $details_link ); ?>" class="thickbox open-plugin-details-modal"> + <?php echo $title; ?> + <img src="<?php echo esc_url( $plugin_icon_url ); ?>" class="plugin-icon" alt="" /> + </a> + </h3> + </div> + <div class="action-links"> + <?php + if ( $action_links ) { + echo '<ul class="plugin-action-buttons"><li>' . implode( '</li><li>', $action_links ) . '</li></ul>'; + } + ?> + </div> + <div class="desc column-description"> + <p><?php echo $description; ?></p> + <p class="authors"><?php echo $author; ?></p> + </div> + </div> + <div class="plugin-card-bottom"> + <div class="vers column-rating"> + <?php + wp_star_rating( + array( + 'rating' => $plugin['rating'], + 'type' => 'percent', + 'number' => $plugin['num_ratings'], + ) + ); + ?> + <span class="num-ratings" aria-hidden="true">(<?php echo number_format_i18n( $plugin['num_ratings'] ); ?>)</span> + </div> + <div class="column-updated"> + <strong><?php _e( 'Last Updated:' ); ?></strong> + <?php + /* translators: %s: Human-readable time difference. */ + printf( __( '%s ago' ), human_time_diff( $last_updated_timestamp ) ); + ?> + </div> + <div class="column-downloaded"> + <?php + if ( $plugin['active_installs'] >= 1000000 ) { + $active_installs_millions = floor( $plugin['active_installs'] / 1000000 ); + $active_installs_text = sprintf( + /* translators: %s: Number of millions. */ + _nx( '%s+ Million', '%s+ Million', $active_installs_millions, 'Active plugin installations' ), + number_format_i18n( $active_installs_millions ) + ); + } elseif ( 0 === $plugin['active_installs'] ) { + $active_installs_text = _x( 'Less Than 10', 'Active plugin installations' ); + } else { + $active_installs_text = number_format_i18n( $plugin['active_installs'] ) . '+'; + } + /* translators: %s: Number of installations. */ + printf( __( '%s Active Installations' ), $active_installs_text ); + ?> + </div> + <div class="column-compatibility"> + <?php + if ( ! $tested_wp ) { + echo '<span class="compatibility-untested">' . __( 'Untested with your version of WordPress' ) . '</span>'; + } elseif ( ! $compatible_wp ) { + echo '<span class="compatibility-incompatible">' . __( '<strong>Incompatible</strong> with your version of WordPress' ) . '</span>'; + } else { + echo '<span class="compatibility-compatible">' . __( '<strong>Compatible</strong> with your version of WordPress' ) . '</span>'; + } + ?> + </div> + </div> + </div> + <?php + } + + // Close off the group divs of the last one. + if ( ! empty( $group ) ) { + echo '</div></div>'; + } + } +} diff --git a/wp-admin/includes/class-wp-plugins-list-table.php b/wp-admin/includes/class-wp-plugins-list-table.php new file mode 100644 index 0000000..5c92fba --- /dev/null +++ b/wp-admin/includes/class-wp-plugins-list-table.php @@ -0,0 +1,1394 @@ +<?php +/** + * List Table API: WP_Plugins_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying installed plugins in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Plugins_List_Table extends WP_List_Table { + /** + * Whether to show the auto-updates UI. + * + * @since 5.5.0 + * + * @var bool True if auto-updates UI is to be shown, false otherwise. + */ + protected $show_autoupdates = true; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @global string $status + * @global int $page + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + global $status, $page; + + parent::__construct( + array( + 'plural' => 'plugins', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + + $allowed_statuses = array( 'active', 'inactive', 'recently_activated', 'upgrade', 'mustuse', 'dropins', 'search', 'paused', 'auto-update-enabled', 'auto-update-disabled' ); + + $status = 'all'; + if ( isset( $_REQUEST['plugin_status'] ) && in_array( $_REQUEST['plugin_status'], $allowed_statuses, true ) ) { + $status = $_REQUEST['plugin_status']; + } + + if ( isset( $_REQUEST['s'] ) ) { + $_SERVER['REQUEST_URI'] = add_query_arg( 's', wp_unslash( $_REQUEST['s'] ) ); + } + + $page = $this->get_pagenum(); + + $this->show_autoupdates = wp_is_auto_update_enabled_for_type( 'plugin' ) + && current_user_can( 'update_plugins' ) + && ( ! is_multisite() || $this->screen->in_admin( 'network' ) ); + } + + /** + * @return array + */ + protected function get_table_classes() { + return array( 'widefat', $this->_args['plural'] ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'activate_plugins' ); + } + + /** + * @global string $status + * @global array $plugins + * @global array $totals + * @global int $page + * @global string $orderby + * @global string $order + * @global string $s + */ + public function prepare_items() { + global $status, $plugins, $totals, $page, $orderby, $order, $s; + + wp_reset_vars( array( 'orderby', 'order' ) ); + + /** + * Filters the full array of plugins to list in the Plugins list table. + * + * @since 3.0.0 + * + * @see get_plugins() + * + * @param array $all_plugins An array of plugins to display in the list table. + */ + $all_plugins = apply_filters( 'all_plugins', get_plugins() ); + + $plugins = array( + 'all' => $all_plugins, + 'search' => array(), + 'active' => array(), + 'inactive' => array(), + 'recently_activated' => array(), + 'upgrade' => array(), + 'mustuse' => array(), + 'dropins' => array(), + 'paused' => array(), + ); + if ( $this->show_autoupdates ) { + $auto_updates = (array) get_site_option( 'auto_update_plugins', array() ); + + $plugins['auto-update-enabled'] = array(); + $plugins['auto-update-disabled'] = array(); + } + + $screen = $this->screen; + + if ( ! is_multisite() || ( $screen->in_admin( 'network' ) && current_user_can( 'manage_network_plugins' ) ) ) { + + /** + * Filters whether to display the advanced plugins list table. + * + * There are two types of advanced plugins - must-use and drop-ins - + * which can be used in a single site or Multisite network. + * + * The $type parameter allows you to differentiate between the type of advanced + * plugins to filter the display of. Contexts include 'mustuse' and 'dropins'. + * + * @since 3.0.0 + * + * @param bool $show Whether to show the advanced plugins for the specified + * plugin type. Default true. + * @param string $type The plugin type. Accepts 'mustuse', 'dropins'. + */ + if ( apply_filters( 'show_advanced_plugins', true, 'mustuse' ) ) { + $plugins['mustuse'] = get_mu_plugins(); + } + + /** This action is documented in wp-admin/includes/class-wp-plugins-list-table.php */ + if ( apply_filters( 'show_advanced_plugins', true, 'dropins' ) ) { + $plugins['dropins'] = get_dropins(); + } + + if ( current_user_can( 'update_plugins' ) ) { + $current = get_site_transient( 'update_plugins' ); + foreach ( (array) $plugins['all'] as $plugin_file => $plugin_data ) { + if ( isset( $current->response[ $plugin_file ] ) ) { + $plugins['all'][ $plugin_file ]['update'] = true; + $plugins['upgrade'][ $plugin_file ] = $plugins['all'][ $plugin_file ]; + } + } + } + } + + if ( ! $screen->in_admin( 'network' ) ) { + $show = current_user_can( 'manage_network_plugins' ); + /** + * Filters whether to display network-active plugins alongside plugins active for the current site. + * + * This also controls the display of inactive network-only plugins (plugins with + * "Network: true" in the plugin header). + * + * Plugins cannot be network-activated or network-deactivated from this screen. + * + * @since 4.4.0 + * + * @param bool $show Whether to show network-active plugins. Default is whether the current + * user can manage network plugins (ie. a Super Admin). + */ + $show_network_active = apply_filters( 'show_network_active_plugins', $show ); + } + + if ( $screen->in_admin( 'network' ) ) { + $recently_activated = get_site_option( 'recently_activated', array() ); + } else { + $recently_activated = get_option( 'recently_activated', array() ); + } + + foreach ( $recently_activated as $key => $time ) { + if ( $time + WEEK_IN_SECONDS < time() ) { + unset( $recently_activated[ $key ] ); + } + } + + if ( $screen->in_admin( 'network' ) ) { + update_site_option( 'recently_activated', $recently_activated ); + } else { + update_option( 'recently_activated', $recently_activated ); + } + + $plugin_info = get_site_transient( 'update_plugins' ); + + foreach ( (array) $plugins['all'] as $plugin_file => $plugin_data ) { + // Extra info if known. array_merge() ensures $plugin_data has precedence if keys collide. + if ( isset( $plugin_info->response[ $plugin_file ] ) ) { + $plugin_data = array_merge( (array) $plugin_info->response[ $plugin_file ], array( 'update-supported' => true ), $plugin_data ); + } elseif ( isset( $plugin_info->no_update[ $plugin_file ] ) ) { + $plugin_data = array_merge( (array) $plugin_info->no_update[ $plugin_file ], array( 'update-supported' => true ), $plugin_data ); + } elseif ( empty( $plugin_data['update-supported'] ) ) { + $plugin_data['update-supported'] = false; + } + + /* + * Create the payload that's used for the auto_update_plugin filter. + * This is the same data contained within $plugin_info->(response|no_update) however + * not all plugins will be contained in those keys, this avoids unexpected warnings. + */ + $filter_payload = array( + 'id' => $plugin_file, + 'slug' => '', + 'plugin' => $plugin_file, + 'new_version' => '', + 'url' => '', + 'package' => '', + 'icons' => array(), + 'banners' => array(), + 'banners_rtl' => array(), + 'tested' => '', + 'requires_php' => '', + 'compatibility' => new stdClass(), + ); + + $filter_payload = (object) wp_parse_args( $plugin_data, $filter_payload ); + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'plugin', null, $filter_payload ); + + if ( ! is_null( $auto_update_forced ) ) { + $plugin_data['auto-update-forced'] = $auto_update_forced; + } + + $plugins['all'][ $plugin_file ] = $plugin_data; + // Make sure that $plugins['upgrade'] also receives the extra info since it is used on ?plugin_status=upgrade. + if ( isset( $plugins['upgrade'][ $plugin_file ] ) ) { + $plugins['upgrade'][ $plugin_file ] = $plugin_data; + } + + // Filter into individual sections. + if ( is_multisite() && ! $screen->in_admin( 'network' ) && is_network_only_plugin( $plugin_file ) && ! is_plugin_active( $plugin_file ) ) { + if ( $show_network_active ) { + // On the non-network screen, show inactive network-only plugins if allowed. + $plugins['inactive'][ $plugin_file ] = $plugin_data; + } else { + // On the non-network screen, filter out network-only plugins as long as they're not individually active. + unset( $plugins['all'][ $plugin_file ] ); + } + } elseif ( ! $screen->in_admin( 'network' ) && is_plugin_active_for_network( $plugin_file ) ) { + if ( $show_network_active ) { + // On the non-network screen, show network-active plugins if allowed. + $plugins['active'][ $plugin_file ] = $plugin_data; + } else { + // On the non-network screen, filter out network-active plugins. + unset( $plugins['all'][ $plugin_file ] ); + } + } elseif ( ( ! $screen->in_admin( 'network' ) && is_plugin_active( $plugin_file ) ) + || ( $screen->in_admin( 'network' ) && is_plugin_active_for_network( $plugin_file ) ) ) { + /* + * On the non-network screen, populate the active list with plugins that are individually activated. + * On the network admin screen, populate the active list with plugins that are network-activated. + */ + $plugins['active'][ $plugin_file ] = $plugin_data; + + if ( ! $screen->in_admin( 'network' ) && is_plugin_paused( $plugin_file ) ) { + $plugins['paused'][ $plugin_file ] = $plugin_data; + } + } else { + if ( isset( $recently_activated[ $plugin_file ] ) ) { + // Populate the recently activated list with plugins that have been recently activated. + $plugins['recently_activated'][ $plugin_file ] = $plugin_data; + } + // Populate the inactive list with plugins that aren't activated. + $plugins['inactive'][ $plugin_file ] = $plugin_data; + } + + if ( $this->show_autoupdates ) { + $enabled = in_array( $plugin_file, $auto_updates, true ) && $plugin_data['update-supported']; + if ( isset( $plugin_data['auto-update-forced'] ) ) { + $enabled = (bool) $plugin_data['auto-update-forced']; + } + + if ( $enabled ) { + $plugins['auto-update-enabled'][ $plugin_file ] = $plugin_data; + } else { + $plugins['auto-update-disabled'][ $plugin_file ] = $plugin_data; + } + } + } + + if ( strlen( $s ) ) { + $status = 'search'; + $plugins['search'] = array_filter( $plugins['all'], array( $this, '_search_callback' ) ); + } + + /** + * Filters the array of plugins for the list table. + * + * @since 6.3.0 + * + * @param array[] $plugins An array of arrays of plugin data, keyed by context. + */ + $plugins = apply_filters( 'plugins_list', $plugins ); + + $totals = array(); + foreach ( $plugins as $type => $list ) { + $totals[ $type ] = count( $list ); + } + + if ( empty( $plugins[ $status ] ) && ! in_array( $status, array( 'all', 'search' ), true ) ) { + $status = 'all'; + } + + $this->items = array(); + foreach ( $plugins[ $status ] as $plugin_file => $plugin_data ) { + // Translate, don't apply markup, sanitize HTML. + $this->items[ $plugin_file ] = _get_plugin_data_markup_translate( $plugin_file, $plugin_data, false, true ); + } + + $total_this_page = $totals[ $status ]; + + $js_plugins = array(); + foreach ( $plugins as $key => $list ) { + $js_plugins[ $key ] = array_keys( $list ); + } + + wp_localize_script( + 'updates', + '_wpUpdatesItemCounts', + array( + 'plugins' => $js_plugins, + 'totals' => wp_get_update_data(), + ) + ); + + if ( ! $orderby ) { + $orderby = 'Name'; + } else { + $orderby = ucfirst( $orderby ); + } + + $order = strtoupper( $order ); + + uasort( $this->items, array( $this, '_order_callback' ) ); + + $plugins_per_page = $this->get_items_per_page( str_replace( '-', '_', $screen->id . '_per_page' ), 999 ); + + $start = ( $page - 1 ) * $plugins_per_page; + + if ( $total_this_page > $plugins_per_page ) { + $this->items = array_slice( $this->items, $start, $plugins_per_page ); + } + + $this->set_pagination_args( + array( + 'total_items' => $total_this_page, + 'per_page' => $plugins_per_page, + ) + ); + } + + /** + * @global string $s URL encoded search term. + * + * @param array $plugin + * @return bool + */ + public function _search_callback( $plugin ) { + global $s; + + foreach ( $plugin as $value ) { + if ( is_string( $value ) && false !== stripos( strip_tags( $value ), urldecode( $s ) ) ) { + return true; + } + } + + return false; + } + + /** + * @global string $orderby + * @global string $order + * @param array $plugin_a + * @param array $plugin_b + * @return int + */ + public function _order_callback( $plugin_a, $plugin_b ) { + global $orderby, $order; + + $a = $plugin_a[ $orderby ]; + $b = $plugin_b[ $orderby ]; + + if ( $a === $b ) { + return 0; + } + + if ( 'DESC' === $order ) { + return strcasecmp( $b, $a ); + } else { + return strcasecmp( $a, $b ); + } + } + + /** + * @global array $plugins + */ + public function no_items() { + global $plugins; + + if ( ! empty( $_REQUEST['s'] ) ) { + $s = esc_html( urldecode( wp_unslash( $_REQUEST['s'] ) ) ); + + /* translators: %s: Plugin search term. */ + printf( __( 'No plugins found for: %s.' ), '<strong>' . $s . '</strong>' ); + + // We assume that somebody who can install plugins in multisite is experienced enough to not need this helper link. + if ( ! is_multisite() && current_user_can( 'install_plugins' ) ) { + echo ' <a href="' . esc_url( admin_url( 'plugin-install.php?tab=search&s=' . urlencode( $s ) ) ) . '">' . __( 'Search for plugins in the WordPress Plugin Directory.' ) . '</a>'; + } + } elseif ( ! empty( $plugins['all'] ) ) { + _e( 'No plugins found.' ); + } else { + _e( 'No plugins are currently available.' ); + } + } + + /** + * Displays the search box. + * + * @since 4.6.0 + * + * @param string $text The 'submit' button label. + * @param string $input_id ID attribute value for the search input field. + */ + public function search_box( $text, $input_id ) { + if ( empty( $_REQUEST['s'] ) && ! $this->has_items() ) { + return; + } + + $input_id = $input_id . '-search-input'; + + if ( ! empty( $_REQUEST['orderby'] ) ) { + echo '<input type="hidden" name="orderby" value="' . esc_attr( $_REQUEST['orderby'] ) . '" />'; + } + if ( ! empty( $_REQUEST['order'] ) ) { + echo '<input type="hidden" name="order" value="' . esc_attr( $_REQUEST['order'] ) . '" />'; + } + ?> + <p class="search-box"> + <label class="screen-reader-text" for="<?php echo esc_attr( $input_id ); ?>"><?php echo $text; ?>:</label> + <input type="search" id="<?php echo esc_attr( $input_id ); ?>" class="wp-filter-search" name="s" value="<?php _admin_search_query(); ?>" placeholder="<?php esc_attr_e( 'Search installed plugins...' ); ?>" /> + <?php submit_button( $text, 'hide-if-js', '', false, array( 'id' => 'search-submit' ) ); ?> + </p> + <?php + } + + /** + * @global string $status + * + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + global $status; + + $columns = array( + 'cb' => ! in_array( $status, array( 'mustuse', 'dropins' ), true ) ? '<input type="checkbox" />' : '', + 'name' => __( 'Plugin' ), + 'description' => __( 'Description' ), + ); + + if ( $this->show_autoupdates && ! in_array( $status, array( 'mustuse', 'dropins' ), true ) ) { + $columns['auto-updates'] = __( 'Automatic Updates' ); + } + + return $columns; + } + + /** + * @return array + */ + protected function get_sortable_columns() { + return array(); + } + + /** + * @global array $totals + * @global string $status + * @return array + */ + protected function get_views() { + global $totals, $status; + + $status_links = array(); + foreach ( $totals as $type => $count ) { + if ( ! $count ) { + continue; + } + + switch ( $type ) { + case 'all': + /* translators: %s: Number of plugins. */ + $text = _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $count, + 'plugins' + ); + break; + case 'active': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Active <span class="count">(%s)</span>', + 'Active <span class="count">(%s)</span>', + $count + ); + break; + case 'recently_activated': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Recently Active <span class="count">(%s)</span>', + 'Recently Active <span class="count">(%s)</span>', + $count + ); + break; + case 'inactive': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Inactive <span class="count">(%s)</span>', + 'Inactive <span class="count">(%s)</span>', + $count + ); + break; + case 'mustuse': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Must-Use <span class="count">(%s)</span>', + 'Must-Use <span class="count">(%s)</span>', + $count + ); + break; + case 'dropins': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Drop-in <span class="count">(%s)</span>', + 'Drop-ins <span class="count">(%s)</span>', + $count + ); + break; + case 'paused': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Paused <span class="count">(%s)</span>', + 'Paused <span class="count">(%s)</span>', + $count + ); + break; + case 'upgrade': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Update Available <span class="count">(%s)</span>', + 'Update Available <span class="count">(%s)</span>', + $count + ); + break; + case 'auto-update-enabled': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Auto-updates Enabled <span class="count">(%s)</span>', + 'Auto-updates Enabled <span class="count">(%s)</span>', + $count + ); + break; + case 'auto-update-disabled': + /* translators: %s: Number of plugins. */ + $text = _n( + 'Auto-updates Disabled <span class="count">(%s)</span>', + 'Auto-updates Disabled <span class="count">(%s)</span>', + $count + ); + break; + } + + if ( 'search' !== $type ) { + $status_links[ $type ] = array( + 'url' => add_query_arg( 'plugin_status', $type, 'plugins.php' ), + 'label' => sprintf( $text, number_format_i18n( $count ) ), + 'current' => $type === $status, + ); + } + } + + return $this->get_views_links( $status_links ); + } + + /** + * @global string $status + * @return array + */ + protected function get_bulk_actions() { + global $status; + + $actions = array(); + + if ( 'active' !== $status ) { + $actions['activate-selected'] = $this->screen->in_admin( 'network' ) ? __( 'Network Activate' ) : __( 'Activate' ); + } + + if ( 'inactive' !== $status && 'recent' !== $status ) { + $actions['deactivate-selected'] = $this->screen->in_admin( 'network' ) ? __( 'Network Deactivate' ) : __( 'Deactivate' ); + } + + if ( ! is_multisite() || $this->screen->in_admin( 'network' ) ) { + if ( current_user_can( 'update_plugins' ) ) { + $actions['update-selected'] = __( 'Update' ); + } + + if ( current_user_can( 'delete_plugins' ) && ( 'active' !== $status ) ) { + $actions['delete-selected'] = __( 'Delete' ); + } + + if ( $this->show_autoupdates ) { + if ( 'auto-update-enabled' !== $status ) { + $actions['enable-auto-update-selected'] = __( 'Enable Auto-updates' ); + } + if ( 'auto-update-disabled' !== $status ) { + $actions['disable-auto-update-selected'] = __( 'Disable Auto-updates' ); + } + } + } + + return $actions; + } + + /** + * @global string $status + * @param string $which + */ + public function bulk_actions( $which = '' ) { + global $status; + + if ( in_array( $status, array( 'mustuse', 'dropins' ), true ) ) { + return; + } + + parent::bulk_actions( $which ); + } + + /** + * @global string $status + * @param string $which + */ + protected function extra_tablenav( $which ) { + global $status; + + if ( ! in_array( $status, array( 'recently_activated', 'mustuse', 'dropins' ), true ) ) { + return; + } + + echo '<div class="alignleft actions">'; + + if ( 'recently_activated' === $status ) { + submit_button( __( 'Clear List' ), '', 'clear-recent-list', false ); + } elseif ( 'top' === $which && 'mustuse' === $status ) { + echo '<p>' . sprintf( + /* translators: %s: mu-plugins directory name. */ + __( 'Files in the %s directory are executed automatically.' ), + '<code>' . str_replace( ABSPATH, '/', WPMU_PLUGIN_DIR ) . '</code>' + ) . '</p>'; + } elseif ( 'top' === $which && 'dropins' === $status ) { + echo '<p>' . sprintf( + /* translators: %s: wp-content directory name. */ + __( 'Drop-ins are single files, found in the %s directory, that replace or enhance WordPress features in ways that are not possible for traditional plugins.' ), + '<code>' . str_replace( ABSPATH, '', WP_CONTENT_DIR ) . '</code>' + ) . '</p>'; + } + echo '</div>'; + } + + /** + * @return string + */ + public function current_action() { + if ( isset( $_POST['clear-recent-list'] ) ) { + return 'clear-recent-list'; + } + + return parent::current_action(); + } + + /** + * @global string $status + */ + public function display_rows() { + global $status; + + if ( is_multisite() && ! $this->screen->in_admin( 'network' ) && in_array( $status, array( 'mustuse', 'dropins' ), true ) ) { + return; + } + + foreach ( $this->items as $plugin_file => $plugin_data ) { + $this->single_row( array( $plugin_file, $plugin_data ) ); + } + } + + /** + * @global string $status + * @global int $page + * @global string $s + * @global array $totals + * + * @param array $item + */ + public function single_row( $item ) { + global $status, $page, $s, $totals; + static $plugin_id_attrs = array(); + + list( $plugin_file, $plugin_data ) = $item; + + $plugin_slug = isset( $plugin_data['slug'] ) ? $plugin_data['slug'] : sanitize_title( $plugin_data['Name'] ); + $plugin_id_attr = $plugin_slug; + + // Ensure the ID attribute is unique. + $suffix = 2; + while ( in_array( $plugin_id_attr, $plugin_id_attrs, true ) ) { + $plugin_id_attr = "$plugin_slug-$suffix"; + ++$suffix; + } + + $plugin_id_attrs[] = $plugin_id_attr; + + $context = $status; + $screen = $this->screen; + + // Pre-order. + $actions = array( + 'deactivate' => '', + 'activate' => '', + 'details' => '', + 'delete' => '', + ); + + // Do not restrict by default. + $restrict_network_active = false; + $restrict_network_only = false; + + $requires_php = isset( $plugin_data['RequiresPHP'] ) ? $plugin_data['RequiresPHP'] : null; + $requires_wp = isset( $plugin_data['RequiresWP'] ) ? $plugin_data['RequiresWP'] : null; + + $compatible_php = is_php_version_compatible( $requires_php ); + $compatible_wp = is_wp_version_compatible( $requires_wp ); + + if ( 'mustuse' === $context ) { + $is_active = true; + } elseif ( 'dropins' === $context ) { + $dropins = _get_dropins(); + $plugin_name = $plugin_file; + + if ( $plugin_file !== $plugin_data['Name'] ) { + $plugin_name .= '<br />' . $plugin_data['Name']; + } + + if ( true === ( $dropins[ $plugin_file ][1] ) ) { // Doesn't require a constant. + $is_active = true; + $description = '<p><strong>' . $dropins[ $plugin_file ][0] . '</strong></p>'; + } elseif ( defined( $dropins[ $plugin_file ][1] ) && constant( $dropins[ $plugin_file ][1] ) ) { // Constant is true. + $is_active = true; + $description = '<p><strong>' . $dropins[ $plugin_file ][0] . '</strong></p>'; + } else { + $is_active = false; + $description = '<p><strong>' . $dropins[ $plugin_file ][0] . ' <span class="error-message">' . __( 'Inactive:' ) . '</span></strong> ' . + sprintf( + /* translators: 1: Drop-in constant name, 2: wp-config.php */ + __( 'Requires %1$s in %2$s file.' ), + "<code>define('" . $dropins[ $plugin_file ][1] . "', true);</code>", + '<code>wp-config.php</code>' + ) . '</p>'; + } + + if ( $plugin_data['Description'] ) { + $description .= '<p>' . $plugin_data['Description'] . '</p>'; + } + } else { + if ( $screen->in_admin( 'network' ) ) { + $is_active = is_plugin_active_for_network( $plugin_file ); + } else { + $is_active = is_plugin_active( $plugin_file ); + $restrict_network_active = ( is_multisite() && is_plugin_active_for_network( $plugin_file ) ); + $restrict_network_only = ( is_multisite() && is_network_only_plugin( $plugin_file ) && ! $is_active ); + } + + if ( $screen->in_admin( 'network' ) ) { + if ( $is_active ) { + if ( current_user_can( 'manage_network_plugins' ) ) { + $actions['deactivate'] = sprintf( + '<a href="%s" id="deactivate-%s" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=deactivate&plugin=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'deactivate-plugin_' . $plugin_file ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Network Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Network Deactivate' ) + ); + } + } else { + if ( current_user_can( 'manage_network_plugins' ) ) { + if ( $compatible_php && $compatible_wp ) { + $actions['activate'] = sprintf( + '<a href="%s" id="activate-%s" class="edit" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&plugin=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'activate-plugin_' . $plugin_file ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Network Activate %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Network Activate' ) + ); + } else { + $actions['activate'] = sprintf( + '<span>%s</span>', + _x( 'Cannot Activate', 'plugin' ) + ); + } + } + + if ( current_user_can( 'delete_plugins' ) && ! is_plugin_active( $plugin_file ) ) { + $actions['delete'] = sprintf( + '<a href="%s" id="delete-%s" class="delete" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=delete-selected&checked[]=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'bulk-plugins' ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Delete' ) + ); + } + } + } else { + if ( $restrict_network_active ) { + $actions = array( + 'network_active' => __( 'Network Active' ), + ); + } elseif ( $restrict_network_only ) { + $actions = array( + 'network_only' => __( 'Network Only' ), + ); + } elseif ( $is_active ) { + if ( current_user_can( 'deactivate_plugin', $plugin_file ) ) { + $actions['deactivate'] = sprintf( + '<a href="%s" id="deactivate-%s" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=deactivate&plugin=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'deactivate-plugin_' . $plugin_file ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Deactivate' ) + ); + } + + if ( current_user_can( 'resume_plugin', $plugin_file ) && is_plugin_paused( $plugin_file ) ) { + $actions['resume'] = sprintf( + '<a href="%s" id="resume-%s" class="resume-link" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=resume&plugin=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'resume-plugin_' . $plugin_file ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Resume %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Resume' ) + ); + } + } else { + if ( current_user_can( 'activate_plugin', $plugin_file ) ) { + if ( $compatible_php && $compatible_wp ) { + $actions['activate'] = sprintf( + '<a href="%s" id="activate-%s" class="edit" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=activate&plugin=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'activate-plugin_' . $plugin_file ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Activate %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Activate' ) + ); + } else { + $actions['activate'] = sprintf( + '<span>%s</span>', + _x( 'Cannot Activate', 'plugin' ) + ); + } + } + + if ( ! is_multisite() && current_user_can( 'delete_plugins' ) ) { + $actions['delete'] = sprintf( + '<a href="%s" id="delete-%s" class="delete" aria-label="%s">%s</a>', + wp_nonce_url( 'plugins.php?action=delete-selected&checked[]=' . urlencode( $plugin_file ) . '&plugin_status=' . $context . '&paged=' . $page . '&s=' . $s, 'bulk-plugins' ), + esc_attr( $plugin_id_attr ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ), + __( 'Delete' ) + ); + } + } // End if $is_active. + } // End if $screen->in_admin( 'network' ). + } // End if $context. + + $actions = array_filter( $actions ); + + if ( $screen->in_admin( 'network' ) ) { + + /** + * Filters the action links displayed for each plugin in the Network Admin Plugins list table. + * + * @since 3.1.0 + * + * @param string[] $actions An array of plugin action links. By default this can include + * 'activate', 'deactivate', and 'delete'. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $context The plugin context. By default this can include 'all', + * 'active', 'inactive', 'recently_activated', 'upgrade', + * 'mustuse', 'dropins', and 'search'. + */ + $actions = apply_filters( 'network_admin_plugin_action_links', $actions, $plugin_file, $plugin_data, $context ); + + /** + * Filters the list of action links displayed for a specific plugin in the Network Admin Plugins list table. + * + * The dynamic portion of the hook name, `$plugin_file`, refers to the path + * to the plugin file, relative to the plugins directory. + * + * @since 3.1.0 + * + * @param string[] $actions An array of plugin action links. By default this can include + * 'activate', 'deactivate', and 'delete'. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $context The plugin context. By default this can include 'all', + * 'active', 'inactive', 'recently_activated', 'upgrade', + * 'mustuse', 'dropins', and 'search'. + */ + $actions = apply_filters( "network_admin_plugin_action_links_{$plugin_file}", $actions, $plugin_file, $plugin_data, $context ); + + } else { + + /** + * Filters the action links displayed for each plugin in the Plugins list table. + * + * @since 2.5.0 + * @since 2.6.0 The `$context` parameter was added. + * @since 4.9.0 The 'Edit' link was removed from the list of action links. + * + * @param string[] $actions An array of plugin action links. By default this can include + * 'activate', 'deactivate', and 'delete'. With Multisite active + * this can also include 'network_active' and 'network_only' items. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $context The plugin context. By default this can include 'all', + * 'active', 'inactive', 'recently_activated', 'upgrade', + * 'mustuse', 'dropins', and 'search'. + */ + $actions = apply_filters( 'plugin_action_links', $actions, $plugin_file, $plugin_data, $context ); + + /** + * Filters the list of action links displayed for a specific plugin in the Plugins list table. + * + * The dynamic portion of the hook name, `$plugin_file`, refers to the path + * to the plugin file, relative to the plugins directory. + * + * @since 2.7.0 + * @since 4.9.0 The 'Edit' link was removed from the list of action links. + * + * @param string[] $actions An array of plugin action links. By default this can include + * 'activate', 'deactivate', and 'delete'. With Multisite active + * this can also include 'network_active' and 'network_only' items. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $context The plugin context. By default this can include 'all', + * 'active', 'inactive', 'recently_activated', 'upgrade', + * 'mustuse', 'dropins', and 'search'. + */ + $actions = apply_filters( "plugin_action_links_{$plugin_file}", $actions, $plugin_file, $plugin_data, $context ); + + } + + $class = $is_active ? 'active' : 'inactive'; + $checkbox_id = 'checkbox_' . md5( $plugin_file ); + + if ( $restrict_network_active || $restrict_network_only || in_array( $status, array( 'mustuse', 'dropins' ), true ) || ! $compatible_php ) { + $checkbox = ''; + } else { + $checkbox = sprintf( + '<input type="checkbox" name="checked[]" value="%1$s" id="%2$s" />' . + '<label for="%2$s"><span class="screen-reader-text">%3$s</span></label>', + esc_attr( $plugin_file ), + $checkbox_id, + /* translators: Hidden accessibility text. %s: Plugin name. */ + sprintf( __( 'Select %s' ), $plugin_data['Name'] ) + ); + } + + if ( 'dropins' !== $context ) { + $description = '<p>' . ( $plugin_data['Description'] ? $plugin_data['Description'] : ' ' ) . '</p>'; + $plugin_name = $plugin_data['Name']; + } + + if ( ! empty( $totals['upgrade'] ) && ! empty( $plugin_data['update'] ) + || ! $compatible_php || ! $compatible_wp + ) { + $class .= ' update'; + } + + $paused = ! $screen->in_admin( 'network' ) && is_plugin_paused( $plugin_file ); + + if ( $paused ) { + $class .= ' paused'; + } + + if ( is_uninstallable_plugin( $plugin_file ) ) { + $class .= ' is-uninstallable'; + } + + printf( + '<tr class="%s" data-slug="%s" data-plugin="%s">', + esc_attr( $class ), + esc_attr( $plugin_slug ), + esc_attr( $plugin_file ) + ); + + list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info(); + + $auto_updates = (array) get_site_option( 'auto_update_plugins', array() ); + + foreach ( $columns as $column_name => $column_display_name ) { + $extra_classes = ''; + if ( in_array( $column_name, $hidden, true ) ) { + $extra_classes = ' hidden'; + } + + switch ( $column_name ) { + case 'cb': + echo "<th scope='row' class='check-column'>$checkbox</th>"; + break; + case 'name': + echo "<td class='plugin-title column-primary'><strong>$plugin_name</strong>"; + echo $this->row_actions( $actions, true ); + echo '</td>'; + break; + case 'description': + $classes = 'column-description desc'; + + echo "<td class='$classes{$extra_classes}'> + <div class='plugin-description'>$description</div> + <div class='$class second plugin-version-author-uri'>"; + + $plugin_meta = array(); + if ( ! empty( $plugin_data['Version'] ) ) { + /* translators: %s: Plugin version number. */ + $plugin_meta[] = sprintf( __( 'Version %s' ), $plugin_data['Version'] ); + } + if ( ! empty( $plugin_data['Author'] ) ) { + $author = $plugin_data['Author']; + if ( ! empty( $plugin_data['AuthorURI'] ) ) { + $author = '<a href="' . $plugin_data['AuthorURI'] . '">' . $plugin_data['Author'] . '</a>'; + } + /* translators: %s: Plugin author name. */ + $plugin_meta[] = sprintf( __( 'By %s' ), $author ); + } + + // Details link using API info, if available. + if ( isset( $plugin_data['slug'] ) && current_user_can( 'install_plugins' ) ) { + $plugin_meta[] = sprintf( + '<a href="%s" class="thickbox open-plugin-details-modal" aria-label="%s" data-title="%s">%s</a>', + esc_url( + network_admin_url( + 'plugin-install.php?tab=plugin-information&plugin=' . $plugin_data['slug'] . + '&TB_iframe=true&width=600&height=550' + ) + ), + /* translators: %s: Plugin name. */ + esc_attr( sprintf( __( 'More information about %s' ), $plugin_name ) ), + esc_attr( $plugin_name ), + __( 'View details' ) + ); + } elseif ( ! empty( $plugin_data['PluginURI'] ) ) { + /* translators: %s: Plugin name. */ + $aria_label = sprintf( __( 'Visit plugin site for %s' ), $plugin_name ); + + $plugin_meta[] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + esc_url( $plugin_data['PluginURI'] ), + esc_attr( $aria_label ), + __( 'Visit plugin site' ) + ); + } + + /** + * Filters the array of row meta for each plugin in the Plugins list table. + * + * @since 2.8.0 + * + * @param string[] $plugin_meta An array of the plugin's metadata, including + * the version, author, author URI, and plugin URI. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data { + * An array of plugin data. + * + * @type string $id Plugin ID, e.g. `w.org/plugins/[plugin-name]`. + * @type string $slug Plugin slug. + * @type string $plugin Plugin basename. + * @type string $new_version New plugin version. + * @type string $url Plugin URL. + * @type string $package Plugin update package URL. + * @type string[] $icons An array of plugin icon URLs. + * @type string[] $banners An array of plugin banner URLs. + * @type string[] $banners_rtl An array of plugin RTL banner URLs. + * @type string $requires The version of WordPress which the plugin requires. + * @type string $tested The version of WordPress the plugin is tested against. + * @type string $requires_php The version of PHP which the plugin requires. + * @type string $upgrade_notice The upgrade notice for the new plugin version. + * @type bool $update-supported Whether the plugin supports updates. + * @type string $Name The human-readable name of the plugin. + * @type string $PluginURI Plugin URI. + * @type string $Version Plugin version. + * @type string $Description Plugin description. + * @type string $Author Plugin author. + * @type string $AuthorURI Plugin author URI. + * @type string $TextDomain Plugin textdomain. + * @type string $DomainPath Relative path to the plugin's .mo file(s). + * @type bool $Network Whether the plugin can only be activated network-wide. + * @type string $RequiresWP The version of WordPress which the plugin requires. + * @type string $RequiresPHP The version of PHP which the plugin requires. + * @type string $UpdateURI ID of the plugin for update purposes, should be a URI. + * @type string $Title The human-readable title of the plugin. + * @type string $AuthorName Plugin author's name. + * @type bool $update Whether there's an available update. Default null. + * } + * @param string $status Status filter currently applied to the plugin list. Possible + * values are: 'all', 'active', 'inactive', 'recently_activated', + * 'upgrade', 'mustuse', 'dropins', 'search', 'paused', + * 'auto-update-enabled', 'auto-update-disabled'. + */ + $plugin_meta = apply_filters( 'plugin_row_meta', $plugin_meta, $plugin_file, $plugin_data, $status ); + + echo implode( ' | ', $plugin_meta ); + + echo '</div>'; + + if ( $paused ) { + $notice_text = __( 'This plugin failed to load properly and is paused during recovery mode.' ); + + printf( '<p><span class="dashicons dashicons-warning"></span> <strong>%s</strong></p>', $notice_text ); + + $error = wp_get_plugin_error( $plugin_file ); + + if ( false !== $error ) { + printf( '<div class="error-display"><p>%s</p></div>', wp_get_extension_error_description( $error ) ); + } + } + + echo '</td>'; + break; + case 'auto-updates': + if ( ! $this->show_autoupdates || in_array( $status, array( 'mustuse', 'dropins' ), true ) ) { + break; + } + + echo "<td class='column-auto-updates{$extra_classes}'>"; + + $html = array(); + + if ( isset( $plugin_data['auto-update-forced'] ) ) { + if ( $plugin_data['auto-update-forced'] ) { + // Forced on. + $text = __( 'Auto-updates enabled' ); + } else { + $text = __( 'Auto-updates disabled' ); + } + $action = 'unavailable'; + $time_class = ' hidden'; + } elseif ( empty( $plugin_data['update-supported'] ) ) { + $text = ''; + $action = 'unavailable'; + $time_class = ' hidden'; + } elseif ( in_array( $plugin_file, $auto_updates, true ) ) { + $text = __( 'Disable auto-updates' ); + $action = 'disable'; + $time_class = ''; + } else { + $text = __( 'Enable auto-updates' ); + $action = 'enable'; + $time_class = ' hidden'; + } + + $query_args = array( + 'action' => "{$action}-auto-update", + 'plugin' => $plugin_file, + 'paged' => $page, + 'plugin_status' => $status, + ); + + $url = add_query_arg( $query_args, 'plugins.php' ); + + if ( 'unavailable' === $action ) { + $html[] = '<span class="label">' . $text . '</span>'; + } else { + $html[] = sprintf( + '<a href="%s" class="toggle-auto-update aria-button-if-js" data-wp-action="%s">', + wp_nonce_url( $url, 'updates' ), + $action + ); + + $html[] = '<span class="dashicons dashicons-update spin hidden" aria-hidden="true"></span>'; + $html[] = '<span class="label">' . $text . '</span>'; + $html[] = '</a>'; + } + + if ( ! empty( $plugin_data['update'] ) ) { + $html[] = sprintf( + '<div class="auto-update-time%s">%s</div>', + $time_class, + wp_get_auto_update_message() + ); + } + + $html = implode( '', $html ); + + /** + * Filters the HTML of the auto-updates setting for each plugin in the Plugins list table. + * + * @since 5.5.0 + * + * @param string $html The HTML of the plugin's auto-update column content, + * including toggle auto-update action links and + * time to next update. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + */ + echo apply_filters( 'plugin_auto_update_setting_html', $html, $plugin_file, $plugin_data ); + + wp_admin_notice( + '', + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'hidden' ), + ) + ); + + echo '</td>'; + + break; + default: + $classes = "$column_name column-$column_name $class"; + + echo "<td class='$classes{$extra_classes}'>"; + + /** + * Fires inside each custom column of the Plugins list table. + * + * @since 3.1.0 + * + * @param string $column_name Name of the column. + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + */ + do_action( 'manage_plugins_custom_column', $column_name, $plugin_file, $plugin_data ); + + echo '</td>'; + } + } + + echo '</tr>'; + + if ( ! $compatible_php || ! $compatible_wp ) { + printf( + '<tr class="plugin-update-tr"><td colspan="%s" class="plugin-update colspanchange">', + esc_attr( $this->get_column_count() ) + ); + + $incompatible_message = ''; + if ( ! $compatible_php && ! $compatible_wp ) { + $incompatible_message .= __( 'This plugin does not work with your versions of WordPress and PHP.' ); + if ( current_user_can( 'update_core' ) && current_user_can( 'update_php' ) ) { + $incompatible_message .= sprintf( + /* translators: 1: URL to WordPress Updates screen, 2: URL to Update PHP page. */ + ' ' . __( '<a href="%1$s">Please update WordPress</a>, and then <a href="%2$s">learn more about updating PHP</a>.' ), + self_admin_url( 'update-core.php' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } elseif ( current_user_can( 'update_core' ) ) { + $incompatible_message .= sprintf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } elseif ( current_user_can( 'update_php' ) ) { + $incompatible_message .= sprintf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } + } elseif ( ! $compatible_wp ) { + $incompatible_message .= __( 'This plugin does not work with your version of WordPress.' ); + if ( current_user_can( 'update_core' ) ) { + $incompatible_message .= sprintf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } + } elseif ( ! $compatible_php ) { + $incompatible_message .= __( 'This plugin does not work with your version of PHP.' ); + if ( current_user_can( 'update_php' ) ) { + $incompatible_message .= sprintf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + $incompatible_message .= wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } + } + + wp_admin_notice( + $incompatible_message, + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'update-message' ), + ) + ); + + echo '</td></tr>'; + } + + /** + * Fires after each row in the Plugins list table. + * + * @since 2.3.0 + * @since 5.5.0 Added 'auto-update-enabled' and 'auto-update-disabled' + * to possible values for `$status`. + * + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $status Status filter currently applied to the plugin list. + * Possible values are: 'all', 'active', 'inactive', + * 'recently_activated', 'upgrade', 'mustuse', 'dropins', + * 'search', 'paused', 'auto-update-enabled', 'auto-update-disabled'. + */ + do_action( 'after_plugin_row', $plugin_file, $plugin_data, $status ); + + /** + * Fires after each specific row in the Plugins list table. + * + * The dynamic portion of the hook name, `$plugin_file`, refers to the path + * to the plugin file, relative to the plugins directory. + * + * @since 2.7.0 + * @since 5.5.0 Added 'auto-update-enabled' and 'auto-update-disabled' + * to possible values for `$status`. + * + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param array $plugin_data An array of plugin data. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param string $status Status filter currently applied to the plugin list. + * Possible values are: 'all', 'active', 'inactive', + * 'recently_activated', 'upgrade', 'mustuse', 'dropins', + * 'search', 'paused', 'auto-update-enabled', 'auto-update-disabled'. + */ + do_action( "after_plugin_row_{$plugin_file}", $plugin_file, $plugin_data, $status ); + } + + /** + * Gets the name of the primary column for this specific list table. + * + * @since 4.3.0 + * + * @return string Unalterable name for the primary column, in this case, 'name'. + */ + protected function get_primary_column_name() { + return 'name'; + } +} diff --git a/wp-admin/includes/class-wp-post-comments-list-table.php b/wp-admin/includes/class-wp-post-comments-list-table.php new file mode 100644 index 0000000..4454a77 --- /dev/null +++ b/wp-admin/includes/class-wp-post-comments-list-table.php @@ -0,0 +1,77 @@ +<?php +/** + * List Table API: WP_Post_Comments_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Core class used to implement displaying post comments in a list table. + * + * @since 3.1.0 + * + * @see WP_Comments_List_Table + */ +class WP_Post_Comments_List_Table extends WP_Comments_List_Table { + + /** + * @return array + */ + protected function get_column_info() { + return array( + array( + 'author' => __( 'Author' ), + 'comment' => _x( 'Comment', 'column name' ), + ), + array(), + array(), + 'comment', + ); + } + + /** + * @return array + */ + protected function get_table_classes() { + $classes = parent::get_table_classes(); + $classes[] = 'wp-list-table'; + $classes[] = 'comments-box'; + return $classes; + } + + /** + * @param bool $output_empty + */ + public function display( $output_empty = false ) { + $singular = $this->_args['singular']; + + wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' ); + ?> +<table class="<?php echo implode( ' ', $this->get_table_classes() ); ?>" style="display:none;"> + <tbody id="the-comment-list" + <?php + if ( $singular ) { + echo " data-wp-lists='list:$singular'"; + } + ?> + > + <?php + if ( ! $output_empty ) { + $this->display_rows_or_placeholder(); + } + ?> + </tbody> +</table> + <?php + } + + /** + * @param bool $comment_status + * @return int + */ + public function get_per_page( $comment_status = false ) { + return 10; + } +} diff --git a/wp-admin/includes/class-wp-posts-list-table.php b/wp-admin/includes/class-wp-posts-list-table.php new file mode 100644 index 0000000..baf3ef6 --- /dev/null +++ b/wp-admin/includes/class-wp-posts-list-table.php @@ -0,0 +1,2119 @@ +<?php +/** + * List Table API: WP_Posts_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying posts in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Posts_List_Table extends WP_List_Table { + + /** + * Whether the items should be displayed hierarchically or linearly. + * + * @since 3.1.0 + * @var bool + */ + protected $hierarchical_display; + + /** + * Holds the number of pending comments for each post. + * + * @since 3.1.0 + * @var array + */ + protected $comment_pending_count; + + /** + * Holds the number of posts for this user. + * + * @since 3.1.0 + * @var int + */ + private $user_posts_count; + + /** + * Holds the number of posts which are sticky. + * + * @since 3.1.0 + * @var int + */ + private $sticky_posts_count = 0; + + private $is_trash; + + /** + * Current level for output. + * + * @since 4.3.0 + * @var int + */ + protected $current_level = 0; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @global WP_Post_Type $post_type_object + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + global $post_type_object, $wpdb; + + parent::__construct( + array( + 'plural' => 'posts', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + + $post_type = $this->screen->post_type; + $post_type_object = get_post_type_object( $post_type ); + + $exclude_states = get_post_stati( + array( + 'show_in_admin_all_list' => false, + ) + ); + + $this->user_posts_count = (int) $wpdb->get_var( + $wpdb->prepare( + "SELECT COUNT( 1 ) + FROM $wpdb->posts + WHERE post_type = %s + AND post_status NOT IN ( '" . implode( "','", $exclude_states ) . "' ) + AND post_author = %d", + $post_type, + get_current_user_id() + ) + ); + + if ( $this->user_posts_count + && ! current_user_can( $post_type_object->cap->edit_others_posts ) + && empty( $_REQUEST['post_status'] ) && empty( $_REQUEST['all_posts'] ) + && empty( $_REQUEST['author'] ) && empty( $_REQUEST['show_sticky'] ) + ) { + $_GET['author'] = get_current_user_id(); + } + + $sticky_posts = get_option( 'sticky_posts' ); + + if ( 'post' === $post_type && $sticky_posts ) { + $sticky_posts = implode( ', ', array_map( 'absint', (array) $sticky_posts ) ); + + $this->sticky_posts_count = (int) $wpdb->get_var( + $wpdb->prepare( + "SELECT COUNT( 1 ) + FROM $wpdb->posts + WHERE post_type = %s + AND post_status NOT IN ('trash', 'auto-draft') + AND ID IN ($sticky_posts)", + $post_type + ) + ); + } + } + + /** + * Sets whether the table layout should be hierarchical or not. + * + * @since 4.2.0 + * + * @param bool $display Whether the table layout should be hierarchical. + */ + public function set_hierarchical_display( $display ) { + $this->hierarchical_display = $display; + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( get_post_type_object( $this->screen->post_type )->cap->edit_posts ); + } + + /** + * @global string $mode List table view mode. + * @global array $avail_post_stati + * @global WP_Query $wp_query WordPress Query object. + * @global int $per_page + */ + public function prepare_items() { + global $mode, $avail_post_stati, $wp_query, $per_page; + + if ( ! empty( $_REQUEST['mode'] ) ) { + $mode = 'excerpt' === $_REQUEST['mode'] ? 'excerpt' : 'list'; + set_user_setting( 'posts_list_mode', $mode ); + } else { + $mode = get_user_setting( 'posts_list_mode', 'list' ); + } + + // Is going to call wp(). + $avail_post_stati = wp_edit_posts_query(); + + $this->set_hierarchical_display( + is_post_type_hierarchical( $this->screen->post_type ) + && 'menu_order title' === $wp_query->query['orderby'] + ); + + $post_type = $this->screen->post_type; + $per_page = $this->get_items_per_page( 'edit_' . $post_type . '_per_page' ); + + /** This filter is documented in wp-admin/includes/post.php */ + $per_page = apply_filters( 'edit_posts_per_page', $per_page, $post_type ); + + if ( $this->hierarchical_display ) { + $total_items = $wp_query->post_count; + } elseif ( $wp_query->found_posts || $this->get_pagenum() === 1 ) { + $total_items = $wp_query->found_posts; + } else { + $post_counts = (array) wp_count_posts( $post_type, 'readable' ); + + if ( isset( $_REQUEST['post_status'] ) && in_array( $_REQUEST['post_status'], $avail_post_stati, true ) ) { + $total_items = $post_counts[ $_REQUEST['post_status'] ]; + } elseif ( isset( $_REQUEST['show_sticky'] ) && $_REQUEST['show_sticky'] ) { + $total_items = $this->sticky_posts_count; + } elseif ( isset( $_GET['author'] ) && get_current_user_id() === (int) $_GET['author'] ) { + $total_items = $this->user_posts_count; + } else { + $total_items = array_sum( $post_counts ); + + // Subtract post types that are not included in the admin all list. + foreach ( get_post_stati( array( 'show_in_admin_all_list' => false ) ) as $state ) { + $total_items -= $post_counts[ $state ]; + } + } + } + + $this->is_trash = isset( $_REQUEST['post_status'] ) && 'trash' === $_REQUEST['post_status']; + + $this->set_pagination_args( + array( + 'total_items' => $total_items, + 'per_page' => $per_page, + ) + ); + } + + /** + * @return bool + */ + public function has_items() { + return have_posts(); + } + + /** + */ + public function no_items() { + if ( isset( $_REQUEST['post_status'] ) && 'trash' === $_REQUEST['post_status'] ) { + echo get_post_type_object( $this->screen->post_type )->labels->not_found_in_trash; + } else { + echo get_post_type_object( $this->screen->post_type )->labels->not_found; + } + } + + /** + * Determines if the current view is the "All" view. + * + * @since 4.2.0 + * + * @return bool Whether the current view is the "All" view. + */ + protected function is_base_request() { + $vars = $_GET; + unset( $vars['paged'] ); + + if ( empty( $vars ) ) { + return true; + } elseif ( 1 === count( $vars ) && ! empty( $vars['post_type'] ) ) { + return $this->screen->post_type === $vars['post_type']; + } + + return 1 === count( $vars ) && ! empty( $vars['mode'] ); + } + + /** + * Creates a link to edit.php with params. + * + * @since 4.4.0 + * + * @param string[] $args Associative array of URL parameters for the link. + * @param string $link_text Link text. + * @param string $css_class Optional. Class attribute. Default empty string. + * @return string The formatted link string. + */ + protected function get_edit_link( $args, $link_text, $css_class = '' ) { + $url = add_query_arg( $args, 'edit.php' ); + + $class_html = ''; + $aria_current = ''; + + if ( ! empty( $css_class ) ) { + $class_html = sprintf( + ' class="%s"', + esc_attr( $css_class ) + ); + + if ( 'current' === $css_class ) { + $aria_current = ' aria-current="page"'; + } + } + + return sprintf( + '<a href="%s"%s%s>%s</a>', + esc_url( $url ), + $class_html, + $aria_current, + $link_text + ); + } + + /** + * @global array $locked_post_status This seems to be deprecated. + * @global array $avail_post_stati + * @return array + */ + protected function get_views() { + global $locked_post_status, $avail_post_stati; + + $post_type = $this->screen->post_type; + + if ( ! empty( $locked_post_status ) ) { + return array(); + } + + $status_links = array(); + $num_posts = wp_count_posts( $post_type, 'readable' ); + $total_posts = array_sum( (array) $num_posts ); + $class = ''; + + $current_user_id = get_current_user_id(); + $all_args = array( 'post_type' => $post_type ); + $mine = ''; + + // Subtract post types that are not included in the admin all list. + foreach ( get_post_stati( array( 'show_in_admin_all_list' => false ) ) as $state ) { + $total_posts -= $num_posts->$state; + } + + if ( $this->user_posts_count && $this->user_posts_count !== $total_posts ) { + if ( isset( $_GET['author'] ) && ( $current_user_id === (int) $_GET['author'] ) ) { + $class = 'current'; + } + + $mine_args = array( + 'post_type' => $post_type, + 'author' => $current_user_id, + ); + + $mine_inner_html = sprintf( + /* translators: %s: Number of posts. */ + _nx( + 'Mine <span class="count">(%s)</span>', + 'Mine <span class="count">(%s)</span>', + $this->user_posts_count, + 'posts' + ), + number_format_i18n( $this->user_posts_count ) + ); + + $mine = array( + 'url' => esc_url( add_query_arg( $mine_args, 'edit.php' ) ), + 'label' => $mine_inner_html, + 'current' => isset( $_GET['author'] ) && ( $current_user_id === (int) $_GET['author'] ), + ); + + $all_args['all_posts'] = 1; + $class = ''; + } + + $all_inner_html = sprintf( + /* translators: %s: Number of posts. */ + _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $total_posts, + 'posts' + ), + number_format_i18n( $total_posts ) + ); + + $status_links['all'] = array( + 'url' => esc_url( add_query_arg( $all_args, 'edit.php' ) ), + 'label' => $all_inner_html, + 'current' => empty( $class ) && ( $this->is_base_request() || isset( $_REQUEST['all_posts'] ) ), + ); + + if ( $mine ) { + $status_links['mine'] = $mine; + } + + foreach ( get_post_stati( array( 'show_in_admin_status_list' => true ), 'objects' ) as $status ) { + $class = ''; + + $status_name = $status->name; + + if ( ! in_array( $status_name, $avail_post_stati, true ) || empty( $num_posts->$status_name ) ) { + continue; + } + + if ( isset( $_REQUEST['post_status'] ) && $status_name === $_REQUEST['post_status'] ) { + $class = 'current'; + } + + $status_args = array( + 'post_status' => $status_name, + 'post_type' => $post_type, + ); + + $status_label = sprintf( + translate_nooped_plural( $status->label_count, $num_posts->$status_name ), + number_format_i18n( $num_posts->$status_name ) + ); + + $status_links[ $status_name ] = array( + 'url' => esc_url( add_query_arg( $status_args, 'edit.php' ) ), + 'label' => $status_label, + 'current' => isset( $_REQUEST['post_status'] ) && $status_name === $_REQUEST['post_status'], + ); + } + + if ( ! empty( $this->sticky_posts_count ) ) { + $class = ! empty( $_REQUEST['show_sticky'] ) ? 'current' : ''; + + $sticky_args = array( + 'post_type' => $post_type, + 'show_sticky' => 1, + ); + + $sticky_inner_html = sprintf( + /* translators: %s: Number of posts. */ + _nx( + 'Sticky <span class="count">(%s)</span>', + 'Sticky <span class="count">(%s)</span>', + $this->sticky_posts_count, + 'posts' + ), + number_format_i18n( $this->sticky_posts_count ) + ); + + $sticky_link = array( + 'sticky' => array( + 'url' => esc_url( add_query_arg( $sticky_args, 'edit.php' ) ), + 'label' => $sticky_inner_html, + 'current' => ! empty( $_REQUEST['show_sticky'] ), + ), + ); + + // Sticky comes after Publish, or if not listed, after All. + $split = 1 + array_search( ( isset( $status_links['publish'] ) ? 'publish' : 'all' ), array_keys( $status_links ), true ); + $status_links = array_merge( array_slice( $status_links, 0, $split ), $sticky_link, array_slice( $status_links, $split ) ); + } + + return $this->get_views_links( $status_links ); + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + $post_type_obj = get_post_type_object( $this->screen->post_type ); + + if ( current_user_can( $post_type_obj->cap->edit_posts ) ) { + if ( $this->is_trash ) { + $actions['untrash'] = __( 'Restore' ); + } else { + $actions['edit'] = __( 'Edit' ); + } + } + + if ( current_user_can( $post_type_obj->cap->delete_posts ) ) { + if ( $this->is_trash || ! EMPTY_TRASH_DAYS ) { + $actions['delete'] = __( 'Delete permanently' ); + } else { + $actions['trash'] = __( 'Move to Trash' ); + } + } + + return $actions; + } + + /** + * Displays a categories drop-down for filtering on the Posts list table. + * + * @since 4.6.0 + * + * @global int $cat Currently selected category. + * + * @param string $post_type Post type slug. + */ + protected function categories_dropdown( $post_type ) { + global $cat; + + /** + * Filters whether to remove the 'Categories' drop-down from the post list table. + * + * @since 4.6.0 + * + * @param bool $disable Whether to disable the categories drop-down. Default false. + * @param string $post_type Post type slug. + */ + if ( false !== apply_filters( 'disable_categories_dropdown', false, $post_type ) ) { + return; + } + + if ( is_object_in_taxonomy( $post_type, 'category' ) ) { + $dropdown_options = array( + 'show_option_all' => get_taxonomy( 'category' )->labels->all_items, + 'hide_empty' => 0, + 'hierarchical' => 1, + 'show_count' => 0, + 'orderby' => 'name', + 'selected' => $cat, + ); + + echo '<label class="screen-reader-text" for="cat">' . get_taxonomy( 'category' )->labels->filter_by_item . '</label>'; + + wp_dropdown_categories( $dropdown_options ); + } + } + + /** + * Displays a formats drop-down for filtering items. + * + * @since 5.2.0 + * @access protected + * + * @param string $post_type Post type slug. + */ + protected function formats_dropdown( $post_type ) { + /** + * Filters whether to remove the 'Formats' drop-down from the post list table. + * + * @since 5.2.0 + * @since 5.5.0 The `$post_type` parameter was added. + * + * @param bool $disable Whether to disable the drop-down. Default false. + * @param string $post_type Post type slug. + */ + if ( apply_filters( 'disable_formats_dropdown', false, $post_type ) ) { + return; + } + + // Return if the post type doesn't have post formats or if we're in the Trash. + if ( ! is_object_in_taxonomy( $post_type, 'post_format' ) || $this->is_trash ) { + return; + } + + // Make sure the dropdown shows only formats with a post count greater than 0. + $used_post_formats = get_terms( + array( + 'taxonomy' => 'post_format', + 'hide_empty' => true, + ) + ); + + // Return if there are no posts using formats. + if ( ! $used_post_formats ) { + return; + } + + $displayed_post_format = isset( $_GET['post_format'] ) ? $_GET['post_format'] : ''; + ?> + <label for="filter-by-format" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Filter by post format' ); + ?> + </label> + <select name="post_format" id="filter-by-format"> + <option<?php selected( $displayed_post_format, '' ); ?> value=""><?php _e( 'All formats' ); ?></option> + <?php + foreach ( $used_post_formats as $used_post_format ) { + // Post format slug. + $slug = str_replace( 'post-format-', '', $used_post_format->slug ); + // Pretty, translated version of the post format slug. + $pretty_name = get_post_format_string( $slug ); + + // Skip the standard post format. + if ( 'standard' === $slug ) { + continue; + } + ?> + <option<?php selected( $displayed_post_format, $slug ); ?> value="<?php echo esc_attr( $slug ); ?>"><?php echo esc_html( $pretty_name ); ?></option> + <?php + } + ?> + </select> + <?php + } + + /** + * @param string $which + */ + protected function extra_tablenav( $which ) { + ?> + <div class="alignleft actions"> + <?php + if ( 'top' === $which ) { + ob_start(); + + $this->months_dropdown( $this->screen->post_type ); + $this->categories_dropdown( $this->screen->post_type ); + $this->formats_dropdown( $this->screen->post_type ); + + /** + * Fires before the Filter button on the Posts and Pages list tables. + * + * The Filter button allows sorting by date and/or category on the + * Posts list table, and sorting by date on the Pages list table. + * + * @since 2.1.0 + * @since 4.4.0 The `$post_type` parameter was added. + * @since 4.6.0 The `$which` parameter was added. + * + * @param string $post_type The post type slug. + * @param string $which The location of the extra table nav markup: + * 'top' or 'bottom' for WP_Posts_List_Table, + * 'bar' for WP_Media_List_Table. + */ + do_action( 'restrict_manage_posts', $this->screen->post_type, $which ); + + $output = ob_get_clean(); + + if ( ! empty( $output ) ) { + echo $output; + submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) ); + } + } + + if ( $this->is_trash && $this->has_items() + && current_user_can( get_post_type_object( $this->screen->post_type )->cap->edit_others_posts ) + ) { + submit_button( __( 'Empty Trash' ), 'apply', 'delete_all', false ); + } + ?> + </div> + <?php + /** + * Fires immediately following the closing "actions" div in the tablenav for the posts + * list table. + * + * @since 4.4.0 + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'manage_posts_extra_tablenav', $which ); + } + + /** + * @return string + */ + public function current_action() { + if ( isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) { + return 'delete_all'; + } + + return parent::current_action(); + } + + /** + * @global string $mode List table view mode. + * + * @return array + */ + protected function get_table_classes() { + global $mode; + + $mode_class = esc_attr( 'table-view-' . $mode ); + + return array( + 'widefat', + 'fixed', + 'striped', + $mode_class, + is_post_type_hierarchical( $this->screen->post_type ) ? 'pages' : 'posts', + ); + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $post_type = $this->screen->post_type; + + $posts_columns = array(); + + $posts_columns['cb'] = '<input type="checkbox" />'; + + /* translators: Posts screen column name. */ + $posts_columns['title'] = _x( 'Title', 'column name' ); + + if ( post_type_supports( $post_type, 'author' ) ) { + $posts_columns['author'] = __( 'Author' ); + } + + $taxonomies = get_object_taxonomies( $post_type, 'objects' ); + $taxonomies = wp_filter_object_list( $taxonomies, array( 'show_admin_column' => true ), 'and', 'name' ); + + /** + * Filters the taxonomy columns in the Posts list table. + * + * The dynamic portion of the hook name, `$post_type`, refers to the post + * type slug. + * + * Possible hook names include: + * + * - `manage_taxonomies_for_post_columns` + * - `manage_taxonomies_for_page_columns` + * + * @since 3.5.0 + * + * @param string[] $taxonomies Array of taxonomy names to show columns for. + * @param string $post_type The post type. + */ + $taxonomies = apply_filters( "manage_taxonomies_for_{$post_type}_columns", $taxonomies, $post_type ); + $taxonomies = array_filter( $taxonomies, 'taxonomy_exists' ); + + foreach ( $taxonomies as $taxonomy ) { + if ( 'category' === $taxonomy ) { + $column_key = 'categories'; + } elseif ( 'post_tag' === $taxonomy ) { + $column_key = 'tags'; + } else { + $column_key = 'taxonomy-' . $taxonomy; + } + + $posts_columns[ $column_key ] = get_taxonomy( $taxonomy )->labels->name; + } + + $post_status = ! empty( $_REQUEST['post_status'] ) ? $_REQUEST['post_status'] : 'all'; + + if ( post_type_supports( $post_type, 'comments' ) + && ! in_array( $post_status, array( 'pending', 'draft', 'future' ), true ) + ) { + $posts_columns['comments'] = sprintf( + '<span class="vers comment-grey-bubble" title="%1$s" aria-hidden="true"></span><span class="screen-reader-text">%2$s</span>', + esc_attr__( 'Comments' ), + /* translators: Hidden accessibility text. */ + __( 'Comments' ) + ); + } + + $posts_columns['date'] = __( 'Date' ); + + if ( 'page' === $post_type ) { + + /** + * Filters the columns displayed in the Pages list table. + * + * @since 2.5.0 + * + * @param string[] $post_columns An associative array of column headings. + */ + $posts_columns = apply_filters( 'manage_pages_columns', $posts_columns ); + } else { + + /** + * Filters the columns displayed in the Posts list table. + * + * @since 1.5.0 + * + * @param string[] $post_columns An associative array of column headings. + * @param string $post_type The post type slug. + */ + $posts_columns = apply_filters( 'manage_posts_columns', $posts_columns, $post_type ); + } + + /** + * Filters the columns displayed in the Posts list table for a specific post type. + * + * The dynamic portion of the hook name, `$post_type`, refers to the post type slug. + * + * Possible hook names include: + * + * - `manage_post_posts_columns` + * - `manage_page_posts_columns` + * + * @since 3.0.0 + * + * @param string[] $post_columns An associative array of column headings. + */ + return apply_filters( "manage_{$post_type}_posts_columns", $posts_columns ); + } + + /** + * @return array + */ + protected function get_sortable_columns() { + + $post_type = $this->screen->post_type; + + if ( 'page' === $post_type ) { + if ( isset( $_GET['orderby'] ) ) { + $title_orderby_text = __( 'Table ordered by Title.' ); + } else { + $title_orderby_text = __( 'Table ordered by Hierarchical Menu Order and Title.' ); + } + + $sortables = array( + 'title' => array( 'title', false, __( 'Title' ), $title_orderby_text, 'asc' ), + 'parent' => array( 'parent', false ), + 'comments' => array( 'comment_count', false, __( 'Comments' ), __( 'Table ordered by Comments.' ) ), + 'date' => array( 'date', true, __( 'Date' ), __( 'Table ordered by Date.' ) ), + ); + } else { + $sortables = array( + 'title' => array( 'title', false, __( 'Title' ), __( 'Table ordered by Title.' ) ), + 'parent' => array( 'parent', false ), + 'comments' => array( 'comment_count', false, __( 'Comments' ), __( 'Table ordered by Comments.' ) ), + 'date' => array( 'date', true, __( 'Date' ), __( 'Table ordered by Date.' ), 'desc' ), + ); + } + // Custom Post Types: there's a filter for that, see get_column_info(). + + return $sortables; + } + + /** + * @global WP_Query $wp_query WordPress Query object. + * @global int $per_page + * @param array $posts + * @param int $level + */ + public function display_rows( $posts = array(), $level = 0 ) { + global $wp_query, $per_page; + + if ( empty( $posts ) ) { + $posts = $wp_query->posts; + } + + add_filter( 'the_title', 'esc_html' ); + + if ( $this->hierarchical_display ) { + $this->_display_rows_hierarchical( $posts, $this->get_pagenum(), $per_page ); + } else { + $this->_display_rows( $posts, $level ); + } + } + + /** + * @param array $posts + * @param int $level + */ + private function _display_rows( $posts, $level = 0 ) { + $post_type = $this->screen->post_type; + + // Create array of post IDs. + $post_ids = array(); + + foreach ( $posts as $a_post ) { + $post_ids[] = $a_post->ID; + } + + if ( post_type_supports( $post_type, 'comments' ) ) { + $this->comment_pending_count = get_pending_comments_num( $post_ids ); + } + update_post_author_caches( $posts ); + + foreach ( $posts as $post ) { + $this->single_row( $post, $level ); + } + } + + /** + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP_Post $post Global post object. + * @param array $pages + * @param int $pagenum + * @param int $per_page + */ + private function _display_rows_hierarchical( $pages, $pagenum = 1, $per_page = 20 ) { + global $wpdb; + + $level = 0; + + if ( ! $pages ) { + $pages = get_pages( array( 'sort_column' => 'menu_order' ) ); + + if ( ! $pages ) { + return; + } + } + + /* + * Arrange pages into two parts: top level pages and children_pages. + * children_pages is two dimensional array. Example: + * children_pages[10][] contains all sub-pages whose parent is 10. + * It only takes O( N ) to arrange this and it takes O( 1 ) for subsequent lookup operations + * If searching, ignore hierarchy and treat everything as top level + */ + if ( empty( $_REQUEST['s'] ) ) { + $top_level_pages = array(); + $children_pages = array(); + + foreach ( $pages as $page ) { + // Catch and repair bad pages. + if ( $page->post_parent === $page->ID ) { + $page->post_parent = 0; + $wpdb->update( $wpdb->posts, array( 'post_parent' => 0 ), array( 'ID' => $page->ID ) ); + clean_post_cache( $page ); + } + + if ( $page->post_parent > 0 ) { + $children_pages[ $page->post_parent ][] = $page; + } else { + $top_level_pages[] = $page; + } + } + + $pages = &$top_level_pages; + } + + $count = 0; + $start = ( $pagenum - 1 ) * $per_page; + $end = $start + $per_page; + $to_display = array(); + + foreach ( $pages as $page ) { + if ( $count >= $end ) { + break; + } + + if ( $count >= $start ) { + $to_display[ $page->ID ] = $level; + } + + ++$count; + + if ( isset( $children_pages ) ) { + $this->_page_rows( $children_pages, $count, $page->ID, $level + 1, $pagenum, $per_page, $to_display ); + } + } + + // If it is the last pagenum and there are orphaned pages, display them with paging as well. + if ( isset( $children_pages ) && $count < $end ) { + foreach ( $children_pages as $orphans ) { + foreach ( $orphans as $op ) { + if ( $count >= $end ) { + break; + } + + if ( $count >= $start ) { + $to_display[ $op->ID ] = 0; + } + + ++$count; + } + } + } + + $ids = array_keys( $to_display ); + _prime_post_caches( $ids ); + $_posts = array_map( 'get_post', $ids ); + update_post_author_caches( $_posts ); + + if ( ! isset( $GLOBALS['post'] ) ) { + $GLOBALS['post'] = reset( $ids ); + } + + foreach ( $to_display as $page_id => $level ) { + echo "\t"; + $this->single_row( $page_id, $level ); + } + } + + /** + * Displays the nested hierarchy of sub-pages together with paging + * support, based on a top level page ID. + * + * @since 3.1.0 (Standalone function exists since 2.6.0) + * @since 4.2.0 Added the `$to_display` parameter. + * + * @param array $children_pages + * @param int $count + * @param int $parent_page + * @param int $level + * @param int $pagenum + * @param int $per_page + * @param array $to_display List of pages to be displayed. Passed by reference. + */ + private function _page_rows( &$children_pages, &$count, $parent_page, $level, $pagenum, $per_page, &$to_display ) { + if ( ! isset( $children_pages[ $parent_page ] ) ) { + return; + } + + $start = ( $pagenum - 1 ) * $per_page; + $end = $start + $per_page; + + foreach ( $children_pages[ $parent_page ] as $page ) { + if ( $count >= $end ) { + break; + } + + // If the page starts in a subtree, print the parents. + if ( $count === $start && $page->post_parent > 0 ) { + $my_parents = array(); + $my_parent = $page->post_parent; + + while ( $my_parent ) { + // Get the ID from the list or the attribute if my_parent is an object. + $parent_id = $my_parent; + + if ( is_object( $my_parent ) ) { + $parent_id = $my_parent->ID; + } + + $my_parent = get_post( $parent_id ); + $my_parents[] = $my_parent; + + if ( ! $my_parent->post_parent ) { + break; + } + + $my_parent = $my_parent->post_parent; + } + + $num_parents = count( $my_parents ); + + while ( $my_parent = array_pop( $my_parents ) ) { + $to_display[ $my_parent->ID ] = $level - $num_parents; + --$num_parents; + } + } + + if ( $count >= $start ) { + $to_display[ $page->ID ] = $level; + } + + ++$count; + + $this->_page_rows( $children_pages, $count, $page->ID, $level + 1, $pagenum, $per_page, $to_display ); + } + + unset( $children_pages[ $parent_page ] ); // Required in order to keep track of orphans. + } + + /** + * Handles the checkbox column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item The current WP_Post object. + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + $show = current_user_can( 'edit_post', $post->ID ); + + /** + * Filters whether to show the bulk edit checkbox for a post in its list table. + * + * By default the checkbox is only shown if the current user can edit the post. + * + * @since 5.7.0 + * + * @param bool $show Whether to show the checkbox. + * @param WP_Post $post The current WP_Post object. + */ + if ( apply_filters( 'wp_list_table_show_post_checkbox', $show, $post ) ) : + ?> + <input id="cb-select-<?php the_ID(); ?>" type="checkbox" name="post[]" value="<?php the_ID(); ?>" /> + <label for="cb-select-<?php the_ID(); ?>"> + <span class="screen-reader-text"> + <?php + /* translators: %s: Post title. */ + printf( __( 'Select %s' ), _draft_or_post_title() ); + ?> + </span> + </label> + <div class="locked-indicator"> + <span class="locked-indicator-icon" aria-hidden="true"></span> + <span class="screen-reader-text"> + <?php + printf( + /* translators: Hidden accessibility text. %s: Post title. */ + __( '“%s” is locked' ), + _draft_or_post_title() + ); + ?> + </span> + </div> + <?php + endif; + } + + /** + * @since 4.3.0 + * + * @param WP_Post $post + * @param string $classes + * @param string $data + * @param string $primary + */ + protected function _column_title( $post, $classes, $data, $primary ) { + echo '<td class="' . $classes . ' page-title" ', $data, '>'; + echo $this->column_title( $post ); + echo $this->handle_row_actions( $post, 'title', $primary ); + echo '</td>'; + } + + /** + * Handles the title column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_title( $post ) { + global $mode; + + if ( $this->hierarchical_display ) { + if ( 0 === $this->current_level && (int) $post->post_parent > 0 ) { + // Sent level 0 by accident, by default, or because we don't know the actual level. + $find_main_page = (int) $post->post_parent; + + while ( $find_main_page > 0 ) { + $parent = get_post( $find_main_page ); + + if ( is_null( $parent ) ) { + break; + } + + ++$this->current_level; + $find_main_page = (int) $parent->post_parent; + + if ( ! isset( $parent_name ) ) { + /** This filter is documented in wp-includes/post-template.php */ + $parent_name = apply_filters( 'the_title', $parent->post_title, $parent->ID ); + } + } + } + } + + $can_edit_post = current_user_can( 'edit_post', $post->ID ); + + if ( $can_edit_post && 'trash' !== $post->post_status ) { + $lock_holder = wp_check_post_lock( $post->ID ); + + if ( $lock_holder ) { + $lock_holder = get_userdata( $lock_holder ); + $locked_avatar = get_avatar( $lock_holder->ID, 18 ); + /* translators: %s: User's display name. */ + $locked_text = esc_html( sprintf( __( '%s is currently editing' ), $lock_holder->display_name ) ); + } else { + $locked_avatar = ''; + $locked_text = ''; + } + + echo '<div class="locked-info"><span class="locked-avatar">' . $locked_avatar . '</span> <span class="locked-text">' . $locked_text . "</span></div>\n"; + } + + $pad = str_repeat( '— ', $this->current_level ); + echo '<strong>'; + + $title = _draft_or_post_title(); + + if ( $can_edit_post && 'trash' !== $post->post_status ) { + printf( + '<a class="row-title" href="%s" aria-label="%s">%s%s</a>', + get_edit_post_link( $post->ID ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( '“%s” (Edit)' ), $title ) ), + $pad, + $title + ); + } else { + printf( + '<span>%s%s</span>', + $pad, + $title + ); + } + _post_states( $post ); + + if ( isset( $parent_name ) ) { + $post_type_object = get_post_type_object( $post->post_type ); + echo ' | ' . $post_type_object->labels->parent_item_colon . ' ' . esc_html( $parent_name ); + } + + echo "</strong>\n"; + + if ( 'excerpt' === $mode + && ! is_post_type_hierarchical( $this->screen->post_type ) + && current_user_can( 'read_post', $post->ID ) + ) { + if ( post_password_required( $post ) ) { + echo '<span class="protected-post-excerpt">' . esc_html( get_the_excerpt() ) . '</span>'; + } else { + echo esc_html( get_the_excerpt() ); + } + } + + /** This filter is documented in wp-admin/includes/class-wp-posts-list-table.php */ + $quick_edit_enabled = apply_filters( 'quick_edit_enabled_for_post_type', true, $post->post_type ); + + if ( $quick_edit_enabled ) { + get_inline_data( $post ); + } + } + + /** + * Handles the post date column output. + * + * @since 4.3.0 + * + * @global string $mode List table view mode. + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_date( $post ) { + global $mode; + + if ( '0000-00-00 00:00:00' === $post->post_date ) { + $t_time = __( 'Unpublished' ); + $time_diff = 0; + } else { + $t_time = sprintf( + /* translators: 1: Post date, 2: Post time. */ + __( '%1$s at %2$s' ), + /* translators: Post date format. See https://www.php.net/manual/datetime.format.php */ + get_the_time( __( 'Y/m/d' ), $post ), + /* translators: Post time format. See https://www.php.net/manual/datetime.format.php */ + get_the_time( __( 'g:i a' ), $post ) + ); + + $time = get_post_timestamp( $post ); + $time_diff = time() - $time; + } + + if ( 'publish' === $post->post_status ) { + $status = __( 'Published' ); + } elseif ( 'future' === $post->post_status ) { + if ( $time_diff > 0 ) { + $status = '<strong class="error-message">' . __( 'Missed schedule' ) . '</strong>'; + } else { + $status = __( 'Scheduled' ); + } + } else { + $status = __( 'Last Modified' ); + } + + /** + * Filters the status text of the post. + * + * @since 4.8.0 + * + * @param string $status The status text. + * @param WP_Post $post Post object. + * @param string $column_name The column name. + * @param string $mode The list display mode ('excerpt' or 'list'). + */ + $status = apply_filters( 'post_date_column_status', $status, $post, 'date', $mode ); + + if ( $status ) { + echo $status . '<br />'; + } + + /** + * Filters the published, scheduled, or unpublished time of the post. + * + * @since 2.5.1 + * @since 5.5.0 Removed the difference between 'excerpt' and 'list' modes. + * The published time and date are both displayed now, + * which is equivalent to the previous 'excerpt' mode. + * + * @param string $t_time The published time. + * @param WP_Post $post Post object. + * @param string $column_name The column name. + * @param string $mode The list display mode ('excerpt' or 'list'). + */ + echo apply_filters( 'post_date_column_time', $t_time, $post, 'date', $mode ); + } + + /** + * Handles the comments column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_comments( $post ) { + ?> + <div class="post-com-count-wrapper"> + <?php + $pending_comments = isset( $this->comment_pending_count[ $post->ID ] ) ? $this->comment_pending_count[ $post->ID ] : 0; + + $this->comments_bubble( $post->ID, $pending_comments ); + ?> + </div> + <?php + } + + /** + * Handles the post author column output. + * + * @since 4.3.0 + * + * @param WP_Post $post The current WP_Post object. + */ + public function column_author( $post ) { + $args = array( + 'post_type' => $post->post_type, + 'author' => get_the_author_meta( 'ID' ), + ); + echo $this->get_edit_link( $args, get_the_author() ); + } + + /** + * Handles the default column output. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item The current WP_Post object. + * @param string $column_name The current column name. + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + if ( 'categories' === $column_name ) { + $taxonomy = 'category'; + } elseif ( 'tags' === $column_name ) { + $taxonomy = 'post_tag'; + } elseif ( str_starts_with( $column_name, 'taxonomy-' ) ) { + $taxonomy = substr( $column_name, 9 ); + } else { + $taxonomy = false; + } + + if ( $taxonomy ) { + $taxonomy_object = get_taxonomy( $taxonomy ); + $terms = get_the_terms( $post->ID, $taxonomy ); + + if ( is_array( $terms ) ) { + $term_links = array(); + + foreach ( $terms as $t ) { + $posts_in_term_qv = array(); + + if ( 'post' !== $post->post_type ) { + $posts_in_term_qv['post_type'] = $post->post_type; + } + + if ( $taxonomy_object->query_var ) { + $posts_in_term_qv[ $taxonomy_object->query_var ] = $t->slug; + } else { + $posts_in_term_qv['taxonomy'] = $taxonomy; + $posts_in_term_qv['term'] = $t->slug; + } + + $label = esc_html( sanitize_term_field( 'name', $t->name, $t->term_id, $taxonomy, 'display' ) ); + + $term_links[] = $this->get_edit_link( $posts_in_term_qv, $label ); + } + + /** + * Filters the links in `$taxonomy` column of edit.php. + * + * @since 5.2.0 + * + * @param string[] $term_links Array of term editing links. + * @param string $taxonomy Taxonomy name. + * @param WP_Term[] $terms Array of term objects appearing in the post row. + */ + $term_links = apply_filters( 'post_column_taxonomy_links', $term_links, $taxonomy, $terms ); + + echo implode( wp_get_list_item_separator(), $term_links ); + } else { + echo '<span aria-hidden="true">—</span><span class="screen-reader-text">' . $taxonomy_object->labels->no_terms . '</span>'; + } + return; + } + + if ( is_post_type_hierarchical( $post->post_type ) ) { + + /** + * Fires in each custom column on the Posts list table. + * + * This hook only fires if the current post type is hierarchical, + * such as pages. + * + * @since 2.5.0 + * + * @param string $column_name The name of the column to display. + * @param int $post_id The current post ID. + */ + do_action( 'manage_pages_custom_column', $column_name, $post->ID ); + } else { + + /** + * Fires in each custom column in the Posts list table. + * + * This hook only fires if the current post type is non-hierarchical, + * such as posts. + * + * @since 1.5.0 + * + * @param string $column_name The name of the column to display. + * @param int $post_id The current post ID. + */ + do_action( 'manage_posts_custom_column', $column_name, $post->ID ); + } + + /** + * Fires for each custom column of a specific post type in the Posts list table. + * + * The dynamic portion of the hook name, `$post->post_type`, refers to the post type. + * + * Possible hook names include: + * + * - `manage_post_posts_custom_column` + * - `manage_page_posts_custom_column` + * + * @since 3.1.0 + * + * @param string $column_name The name of the column to display. + * @param int $post_id The current post ID. + */ + do_action( "manage_{$post->post_type}_posts_custom_column", $column_name, $post->ID ); + } + + /** + * @global WP_Post $post Global post object. + * + * @param int|WP_Post $post + * @param int $level + */ + public function single_row( $post, $level = 0 ) { + $global_post = get_post(); + + $post = get_post( $post ); + $this->current_level = $level; + + $GLOBALS['post'] = $post; + setup_postdata( $post ); + + $classes = 'iedit author-' . ( get_current_user_id() === (int) $post->post_author ? 'self' : 'other' ); + + $lock_holder = wp_check_post_lock( $post->ID ); + + if ( $lock_holder ) { + $classes .= ' wp-locked'; + } + + if ( $post->post_parent ) { + $count = count( get_post_ancestors( $post->ID ) ); + $classes .= ' level-' . $count; + } else { + $classes .= ' level-0'; + } + ?> + <tr id="post-<?php echo $post->ID; ?>" class="<?php echo implode( ' ', get_post_class( $classes, $post->ID ) ); ?>"> + <?php $this->single_row_columns( $post ); ?> + </tr> + <?php + $GLOBALS['post'] = $global_post; + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'title'. + */ + protected function get_default_primary_column_name() { + return 'title'; + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Post $item Post being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for posts, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $post = $item; + + $post_type_object = get_post_type_object( $post->post_type ); + $can_edit_post = current_user_can( 'edit_post', $post->ID ); + $actions = array(); + $title = _draft_or_post_title(); + + if ( $can_edit_post && 'trash' !== $post->post_status ) { + $actions['edit'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + get_edit_post_link( $post->ID ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $title ) ), + __( 'Edit' ) + ); + + /** + * Filters whether Quick Edit should be enabled for the given post type. + * + * @since 6.4.0 + * + * @param bool $enable Whether to enable the Quick Edit functionality. Default true. + * @param string $post_type Post type name. + */ + $quick_edit_enabled = apply_filters( 'quick_edit_enabled_for_post_type', true, $post->post_type ); + + if ( $quick_edit_enabled && 'wp_block' !== $post->post_type ) { + $actions['inline hide-if-no-js'] = sprintf( + '<button type="button" class="button-link editinline" aria-label="%s" aria-expanded="false">%s</button>', + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Quick edit “%s” inline' ), $title ) ), + __( 'Quick Edit' ) + ); + } + } + + if ( current_user_can( 'delete_post', $post->ID ) ) { + if ( 'trash' === $post->post_status ) { + $actions['untrash'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + wp_nonce_url( admin_url( sprintf( $post_type_object->_edit_link . '&action=untrash', $post->ID ) ), 'untrash-post_' . $post->ID ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Restore “%s” from the Trash' ), $title ) ), + __( 'Restore' ) + ); + } elseif ( EMPTY_TRASH_DAYS ) { + $actions['trash'] = sprintf( + '<a href="%s" class="submitdelete" aria-label="%s">%s</a>', + get_delete_post_link( $post->ID ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Move “%s” to the Trash' ), $title ) ), + _x( 'Trash', 'verb' ) + ); + } + + if ( 'trash' === $post->post_status || ! EMPTY_TRASH_DAYS ) { + $actions['delete'] = sprintf( + '<a href="%s" class="submitdelete" aria-label="%s">%s</a>', + get_delete_post_link( $post->ID, '', true ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Delete “%s” permanently' ), $title ) ), + __( 'Delete Permanently' ) + ); + } + } + + if ( is_post_type_viewable( $post_type_object ) ) { + if ( in_array( $post->post_status, array( 'pending', 'draft', 'future' ), true ) ) { + if ( $can_edit_post ) { + $preview_link = get_preview_post_link( $post ); + $actions['view'] = sprintf( + '<a href="%s" rel="bookmark" aria-label="%s">%s</a>', + esc_url( $preview_link ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Preview “%s”' ), $title ) ), + __( 'Preview' ) + ); + } + } elseif ( 'trash' !== $post->post_status ) { + $actions['view'] = sprintf( + '<a href="%s" rel="bookmark" aria-label="%s">%s</a>', + get_permalink( $post->ID ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'View “%s”' ), $title ) ), + __( 'View' ) + ); + } + } + + if ( 'wp_block' === $post->post_type ) { + $actions['export'] = sprintf( + '<button type="button" class="wp-list-reusable-blocks__export button-link" data-id="%s" aria-label="%s">%s</button>', + $post->ID, + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Export “%s” as JSON' ), $title ) ), + __( 'Export as JSON' ) + ); + } + + if ( is_post_type_hierarchical( $post->post_type ) ) { + + /** + * Filters the array of row action links on the Pages list table. + * + * The filter is evaluated only for hierarchical post types. + * + * @since 2.8.0 + * + * @param string[] $actions An array of row action links. Defaults are + * 'Edit', 'Quick Edit', 'Restore', 'Trash', + * 'Delete Permanently', 'Preview', and 'View'. + * @param WP_Post $post The post object. + */ + $actions = apply_filters( 'page_row_actions', $actions, $post ); + } else { + + /** + * Filters the array of row action links on the Posts list table. + * + * The filter is evaluated only for non-hierarchical post types. + * + * @since 2.8.0 + * + * @param string[] $actions An array of row action links. Defaults are + * 'Edit', 'Quick Edit', 'Restore', 'Trash', + * 'Delete Permanently', 'Preview', and 'View'. + * @param WP_Post $post The post object. + */ + $actions = apply_filters( 'post_row_actions', $actions, $post ); + } + + return $this->row_actions( $actions ); + } + + /** + * Outputs the hidden row displayed when inline editing + * + * @since 3.1.0 + * + * @global string $mode List table view mode. + */ + public function inline_edit() { + global $mode; + + $screen = $this->screen; + + $post = get_default_post_to_edit( $screen->post_type ); + $post_type_object = get_post_type_object( $screen->post_type ); + + $taxonomy_names = get_object_taxonomies( $screen->post_type ); + $hierarchical_taxonomies = array(); + $flat_taxonomies = array(); + + foreach ( $taxonomy_names as $taxonomy_name ) { + $taxonomy = get_taxonomy( $taxonomy_name ); + + $show_in_quick_edit = $taxonomy->show_in_quick_edit; + + /** + * Filters whether the current taxonomy should be shown in the Quick Edit panel. + * + * @since 4.2.0 + * + * @param bool $show_in_quick_edit Whether to show the current taxonomy in Quick Edit. + * @param string $taxonomy_name Taxonomy name. + * @param string $post_type Post type of current Quick Edit post. + */ + if ( ! apply_filters( 'quick_edit_show_taxonomy', $show_in_quick_edit, $taxonomy_name, $screen->post_type ) ) { + continue; + } + + if ( $taxonomy->hierarchical ) { + $hierarchical_taxonomies[] = $taxonomy; + } else { + $flat_taxonomies[] = $taxonomy; + } + } + + $m = ( isset( $mode ) && 'excerpt' === $mode ) ? 'excerpt' : 'list'; + $can_publish = current_user_can( $post_type_object->cap->publish_posts ); + $core_columns = array( + 'cb' => true, + 'date' => true, + 'title' => true, + 'categories' => true, + 'tags' => true, + 'comments' => true, + 'author' => true, + ); + ?> + + <form method="get"> + <table style="display: none"><tbody id="inlineedit"> + <?php + $hclass = count( $hierarchical_taxonomies ) ? 'post' : 'page'; + $inline_edit_classes = "inline-edit-row inline-edit-row-$hclass"; + $bulk_edit_classes = "bulk-edit-row bulk-edit-row-$hclass bulk-edit-{$screen->post_type}"; + $quick_edit_classes = "quick-edit-row quick-edit-row-$hclass inline-edit-{$screen->post_type}"; + + $bulk = 0; + + while ( $bulk < 2 ) : + $classes = $inline_edit_classes . ' '; + $classes .= $bulk ? $bulk_edit_classes : $quick_edit_classes; + ?> + <tr id="<?php echo $bulk ? 'bulk-edit' : 'inline-edit'; ?>" class="<?php echo $classes; ?>" style="display: none"> + <td colspan="<?php echo $this->get_column_count(); ?>" class="colspanchange"> + <div class="inline-edit-wrapper" role="region" aria-labelledby="<?php echo $bulk ? 'bulk' : 'quick'; ?>-edit-legend"> + <fieldset class="inline-edit-col-left"> + <legend class="inline-edit-legend" id="<?php echo $bulk ? 'bulk' : 'quick'; ?>-edit-legend"><?php echo $bulk ? __( 'Bulk Edit' ) : __( 'Quick Edit' ); ?></legend> + <div class="inline-edit-col"> + + <?php if ( post_type_supports( $screen->post_type, 'title' ) ) : ?> + + <?php if ( $bulk ) : ?> + + <div id="bulk-title-div"> + <div id="bulk-titles"></div> + </div> + + <?php else : // $bulk ?> + + <label> + <span class="title"><?php _e( 'Title' ); ?></span> + <span class="input-text-wrap"><input type="text" name="post_title" class="ptitle" value="" /></span> + </label> + + <?php if ( is_post_type_viewable( $screen->post_type ) ) : ?> + + <label> + <span class="title"><?php _e( 'Slug' ); ?></span> + <span class="input-text-wrap"><input type="text" name="post_name" value="" autocomplete="off" spellcheck="false" /></span> + </label> + + <?php endif; // is_post_type_viewable() ?> + + <?php endif; // $bulk ?> + + <?php endif; // post_type_supports( ... 'title' ) ?> + + <?php if ( ! $bulk ) : ?> + <fieldset class="inline-edit-date"> + <legend><span class="title"><?php _e( 'Date' ); ?></span></legend> + <?php touch_time( 1, 1, 0, 1 ); ?> + </fieldset> + <br class="clear" /> + <?php endif; // $bulk ?> + + <?php + if ( post_type_supports( $screen->post_type, 'author' ) ) { + $authors_dropdown = ''; + + if ( current_user_can( $post_type_object->cap->edit_others_posts ) ) { + $dropdown_name = 'post_author'; + $dropdown_class = 'authors'; + if ( wp_is_large_user_count() ) { + $authors_dropdown = sprintf( '<select name="%s" class="%s hidden"></select>', esc_attr( $dropdown_name ), esc_attr( $dropdown_class ) ); + } else { + $users_opt = array( + 'hide_if_only_one_author' => false, + 'capability' => array( $post_type_object->cap->edit_posts ), + 'name' => $dropdown_name, + 'class' => $dropdown_class, + 'multi' => 1, + 'echo' => 0, + 'show' => 'display_name_with_login', + ); + + if ( $bulk ) { + $users_opt['show_option_none'] = __( '— No Change —' ); + } + + /** + * Filters the arguments used to generate the Quick Edit authors drop-down. + * + * @since 5.6.0 + * + * @see wp_dropdown_users() + * + * @param array $users_opt An array of arguments passed to wp_dropdown_users(). + * @param bool $bulk A flag to denote if it's a bulk action. + */ + $users_opt = apply_filters( 'quick_edit_dropdown_authors_args', $users_opt, $bulk ); + + $authors = wp_dropdown_users( $users_opt ); + + if ( $authors ) { + $authors_dropdown = '<label class="inline-edit-author">'; + $authors_dropdown .= '<span class="title">' . __( 'Author' ) . '</span>'; + $authors_dropdown .= $authors; + $authors_dropdown .= '</label>'; + } + } + } // current_user_can( 'edit_others_posts' ) + + if ( ! $bulk ) { + echo $authors_dropdown; + } + } // post_type_supports( ... 'author' ) + ?> + + <?php if ( ! $bulk && $can_publish ) : ?> + + <div class="inline-edit-group wp-clearfix"> + <label class="alignleft"> + <span class="title"><?php _e( 'Password' ); ?></span> + <span class="input-text-wrap"><input type="text" name="post_password" class="inline-edit-password-input" value="" /></span> + </label> + + <span class="alignleft inline-edit-or"> + <?php + /* translators: Between password field and private checkbox on post quick edit interface. */ + _e( '–OR–' ); + ?> + </span> + <label class="alignleft inline-edit-private"> + <input type="checkbox" name="keep_private" value="private" /> + <span class="checkbox-title"><?php _e( 'Private' ); ?></span> + </label> + </div> + + <?php endif; ?> + + </div> + </fieldset> + + <?php if ( count( $hierarchical_taxonomies ) && ! $bulk ) : ?> + + <fieldset class="inline-edit-col-center inline-edit-categories"> + <div class="inline-edit-col"> + + <?php foreach ( $hierarchical_taxonomies as $taxonomy ) : ?> + + <span class="title inline-edit-categories-label"><?php echo esc_html( $taxonomy->labels->name ); ?></span> + <input type="hidden" name="<?php echo ( 'category' === $taxonomy->name ) ? 'post_category[]' : 'tax_input[' . esc_attr( $taxonomy->name ) . '][]'; ?>" value="0" /> + <ul class="cat-checklist <?php echo esc_attr( $taxonomy->name ); ?>-checklist"> + <?php wp_terms_checklist( 0, array( 'taxonomy' => $taxonomy->name ) ); ?> + </ul> + + <?php endforeach; // $hierarchical_taxonomies as $taxonomy ?> + + </div> + </fieldset> + + <?php endif; // count( $hierarchical_taxonomies ) && ! $bulk ?> + + <fieldset class="inline-edit-col-right"> + <div class="inline-edit-col"> + + <?php + if ( post_type_supports( $screen->post_type, 'author' ) && $bulk ) { + echo $authors_dropdown; + } + ?> + + <?php if ( post_type_supports( $screen->post_type, 'page-attributes' ) ) : ?> + + <?php if ( $post_type_object->hierarchical ) : ?> + + <label> + <span class="title"><?php _e( 'Parent' ); ?></span> + <?php + $dropdown_args = array( + 'post_type' => $post_type_object->name, + 'selected' => $post->post_parent, + 'name' => 'post_parent', + 'show_option_none' => __( 'Main Page (no parent)' ), + 'option_none_value' => 0, + 'sort_column' => 'menu_order, post_title', + ); + + if ( $bulk ) { + $dropdown_args['show_option_no_change'] = __( '— No Change —' ); + } + + /** + * Filters the arguments used to generate the Quick Edit page-parent drop-down. + * + * @since 2.7.0 + * @since 5.6.0 The `$bulk` parameter was added. + * + * @see wp_dropdown_pages() + * + * @param array $dropdown_args An array of arguments passed to wp_dropdown_pages(). + * @param bool $bulk A flag to denote if it's a bulk action. + */ + $dropdown_args = apply_filters( 'quick_edit_dropdown_pages_args', $dropdown_args, $bulk ); + + wp_dropdown_pages( $dropdown_args ); + ?> + </label> + + <?php endif; // hierarchical ?> + + <?php if ( ! $bulk ) : ?> + + <label> + <span class="title"><?php _e( 'Order' ); ?></span> + <span class="input-text-wrap"><input type="text" name="menu_order" class="inline-edit-menu-order-input" value="<?php echo $post->menu_order; ?>" /></span> + </label> + + <?php endif; // ! $bulk ?> + + <?php endif; // post_type_supports( ... 'page-attributes' ) ?> + + <?php if ( 0 < count( get_page_templates( null, $screen->post_type ) ) ) : ?> + + <label> + <span class="title"><?php _e( 'Template' ); ?></span> + <select name="page_template"> + <?php if ( $bulk ) : ?> + <option value="-1"><?php _e( '— No Change —' ); ?></option> + <?php endif; // $bulk ?> + <?php + /** This filter is documented in wp-admin/includes/meta-boxes.php */ + $default_title = apply_filters( 'default_page_template_title', __( 'Default template' ), 'quick-edit' ); + ?> + <option value="default"><?php echo esc_html( $default_title ); ?></option> + <?php page_template_dropdown( '', $screen->post_type ); ?> + </select> + </label> + + <?php endif; ?> + + <?php if ( count( $flat_taxonomies ) && ! $bulk ) : ?> + + <?php foreach ( $flat_taxonomies as $taxonomy ) : ?> + + <?php if ( current_user_can( $taxonomy->cap->assign_terms ) ) : ?> + <?php $taxonomy_name = esc_attr( $taxonomy->name ); ?> + <div class="inline-edit-tags-wrap"> + <label class="inline-edit-tags"> + <span class="title"><?php echo esc_html( $taxonomy->labels->name ); ?></span> + <textarea data-wp-taxonomy="<?php echo $taxonomy_name; ?>" cols="22" rows="1" name="tax_input[<?php echo esc_attr( $taxonomy->name ); ?>]" class="tax_input_<?php echo esc_attr( $taxonomy->name ); ?>" aria-describedby="inline-edit-<?php echo esc_attr( $taxonomy->name ); ?>-desc"></textarea> + </label> + <p class="howto" id="inline-edit-<?php echo esc_attr( $taxonomy->name ); ?>-desc"><?php echo esc_html( $taxonomy->labels->separate_items_with_commas ); ?></p> + </div> + <?php endif; // current_user_can( 'assign_terms' ) ?> + + <?php endforeach; // $flat_taxonomies as $taxonomy ?> + + <?php endif; // count( $flat_taxonomies ) && ! $bulk ?> + + <?php if ( post_type_supports( $screen->post_type, 'comments' ) || post_type_supports( $screen->post_type, 'trackbacks' ) ) : ?> + + <?php if ( $bulk ) : ?> + + <div class="inline-edit-group wp-clearfix"> + + <?php if ( post_type_supports( $screen->post_type, 'comments' ) ) : ?> + + <label class="alignleft"> + <span class="title"><?php _e( 'Comments' ); ?></span> + <select name="comment_status"> + <option value=""><?php _e( '— No Change —' ); ?></option> + <option value="open"><?php _e( 'Allow' ); ?></option> + <option value="closed"><?php _e( 'Do not allow' ); ?></option> + </select> + </label> + + <?php endif; ?> + + <?php if ( post_type_supports( $screen->post_type, 'trackbacks' ) ) : ?> + + <label class="alignright"> + <span class="title"><?php _e( 'Pings' ); ?></span> + <select name="ping_status"> + <option value=""><?php _e( '— No Change —' ); ?></option> + <option value="open"><?php _e( 'Allow' ); ?></option> + <option value="closed"><?php _e( 'Do not allow' ); ?></option> + </select> + </label> + + <?php endif; ?> + + </div> + + <?php else : // $bulk ?> + + <div class="inline-edit-group wp-clearfix"> + + <?php if ( post_type_supports( $screen->post_type, 'comments' ) ) : ?> + + <label class="alignleft"> + <input type="checkbox" name="comment_status" value="open" /> + <span class="checkbox-title"><?php _e( 'Allow Comments' ); ?></span> + </label> + + <?php endif; ?> + + <?php if ( post_type_supports( $screen->post_type, 'trackbacks' ) ) : ?> + + <label class="alignleft"> + <input type="checkbox" name="ping_status" value="open" /> + <span class="checkbox-title"><?php _e( 'Allow Pings' ); ?></span> + </label> + + <?php endif; ?> + + </div> + + <?php endif; // $bulk ?> + + <?php endif; // post_type_supports( ... comments or pings ) ?> + + <div class="inline-edit-group wp-clearfix"> + + <label class="inline-edit-status alignleft"> + <span class="title"><?php _e( 'Status' ); ?></span> + <select name="_status"> + <?php if ( $bulk ) : ?> + <option value="-1"><?php _e( '— No Change —' ); ?></option> + <?php endif; // $bulk ?> + + <?php if ( $can_publish ) : // Contributors only get "Unpublished" and "Pending Review". ?> + <option value="publish"><?php _e( 'Published' ); ?></option> + <option value="future"><?php _e( 'Scheduled' ); ?></option> + <?php if ( $bulk ) : ?> + <option value="private"><?php _e( 'Private' ); ?></option> + <?php endif; // $bulk ?> + <?php endif; ?> + + <option value="pending"><?php _e( 'Pending Review' ); ?></option> + <option value="draft"><?php _e( 'Draft' ); ?></option> + </select> + </label> + + <?php if ( 'post' === $screen->post_type && $can_publish && current_user_can( $post_type_object->cap->edit_others_posts ) ) : ?> + + <?php if ( $bulk ) : ?> + + <label class="alignright"> + <span class="title"><?php _e( 'Sticky' ); ?></span> + <select name="sticky"> + <option value="-1"><?php _e( '— No Change —' ); ?></option> + <option value="sticky"><?php _e( 'Sticky' ); ?></option> + <option value="unsticky"><?php _e( 'Not Sticky' ); ?></option> + </select> + </label> + + <?php else : // $bulk ?> + + <label class="alignleft"> + <input type="checkbox" name="sticky" value="sticky" /> + <span class="checkbox-title"><?php _e( 'Make this post sticky' ); ?></span> + </label> + + <?php endif; // $bulk ?> + + <?php endif; // 'post' && $can_publish && current_user_can( 'edit_others_posts' ) ?> + + </div> + + <?php if ( $bulk && current_theme_supports( 'post-formats' ) && post_type_supports( $screen->post_type, 'post-formats' ) ) : ?> + <?php $post_formats = get_theme_support( 'post-formats' ); ?> + + <label class="alignleft"> + <span class="title"><?php _ex( 'Format', 'post format' ); ?></span> + <select name="post_format"> + <option value="-1"><?php _e( '— No Change —' ); ?></option> + <option value="0"><?php echo get_post_format_string( 'standard' ); ?></option> + <?php if ( is_array( $post_formats[0] ) ) : ?> + <?php foreach ( $post_formats[0] as $format ) : ?> + <option value="<?php echo esc_attr( $format ); ?>"><?php echo esc_html( get_post_format_string( $format ) ); ?></option> + <?php endforeach; ?> + <?php endif; ?> + </select> + </label> + + <?php endif; ?> + + </div> + </fieldset> + + <?php + list( $columns ) = $this->get_column_info(); + + foreach ( $columns as $column_name => $column_display_name ) { + if ( isset( $core_columns[ $column_name ] ) ) { + continue; + } + + if ( $bulk ) { + + /** + * Fires once for each column in Bulk Edit mode. + * + * @since 2.7.0 + * + * @param string $column_name Name of the column to edit. + * @param string $post_type The post type slug. + */ + do_action( 'bulk_edit_custom_box', $column_name, $screen->post_type ); + } else { + + /** + * Fires once for each column in Quick Edit mode. + * + * @since 2.7.0 + * + * @param string $column_name Name of the column to edit. + * @param string $post_type The post type slug, or current screen name if this is a taxonomy list table. + * @param string $taxonomy The taxonomy name, if any. + */ + do_action( 'quick_edit_custom_box', $column_name, $screen->post_type, '' ); + } + } + ?> + + <div class="submit inline-edit-save"> + <?php if ( ! $bulk ) : ?> + <?php wp_nonce_field( 'inlineeditnonce', '_inline_edit', false ); ?> + <button type="button" class="button button-primary save"><?php _e( 'Update' ); ?></button> + <?php else : ?> + <?php submit_button( __( 'Update' ), 'primary', 'bulk_edit', false ); ?> + <?php endif; ?> + + <button type="button" class="button cancel"><?php _e( 'Cancel' ); ?></button> + + <?php if ( ! $bulk ) : ?> + <span class="spinner"></span> + <?php endif; ?> + + <input type="hidden" name="post_view" value="<?php echo esc_attr( $m ); ?>" /> + <input type="hidden" name="screen" value="<?php echo esc_attr( $screen->id ); ?>" /> + <?php if ( ! $bulk && ! post_type_supports( $screen->post_type, 'author' ) ) : ?> + <input type="hidden" name="post_author" value="<?php echo esc_attr( $post->post_author ); ?>" /> + <?php endif; ?> + + <?php + wp_admin_notice( + '<p class="error"></p>', + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'hidden' ), + 'paragraph_wrap' => false, + ) + ); + ?> + </div> + </div> <!-- end of .inline-edit-wrapper --> + + </td></tr> + + <?php + ++$bulk; + endwhile; + ?> + </tbody></table> + </form> + <?php + } +} diff --git a/wp-admin/includes/class-wp-privacy-data-export-requests-list-table.php b/wp-admin/includes/class-wp-privacy-data-export-requests-list-table.php new file mode 100644 index 0000000..aa68c84 --- /dev/null +++ b/wp-admin/includes/class-wp-privacy-data-export-requests-list-table.php @@ -0,0 +1,160 @@ +<?php +/** + * List Table API: WP_Privacy_Data_Export_Requests_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 4.9.6 + */ + +if ( ! class_exists( 'WP_Privacy_Requests_Table' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-requests-table.php'; +} + +/** + * WP_Privacy_Data_Export_Requests_Table class. + * + * @since 4.9.6 + */ +class WP_Privacy_Data_Export_Requests_List_Table extends WP_Privacy_Requests_Table { + /** + * Action name for the requests this table will work with. + * + * @since 4.9.6 + * + * @var string $request_type Name of action. + */ + protected $request_type = 'export_personal_data'; + + /** + * Post type for the requests. + * + * @since 4.9.6 + * + * @var string $post_type The post type. + */ + protected $post_type = 'user_request'; + + /** + * Actions column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + * @return string Email column markup. + */ + public function column_email( $item ) { + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); + $exporters_count = count( $exporters ); + $status = $item->status; + $request_id = $item->ID; + $nonce = wp_create_nonce( 'wp-privacy-export-personal-data-' . $request_id ); + + $download_data_markup = '<span class="export-personal-data" ' . + 'data-exporters-count="' . esc_attr( $exporters_count ) . '" ' . + 'data-request-id="' . esc_attr( $request_id ) . '" ' . + 'data-nonce="' . esc_attr( $nonce ) . + '">'; + + $download_data_markup .= '<span class="export-personal-data-idle"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data' ) . '</button></span>' . + '<span class="export-personal-data-processing hidden">' . __( 'Downloading data...' ) . ' <span class="export-progress"></span></span>' . + '<span class="export-personal-data-success hidden"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download personal data again' ) . '</button></span>' . + '<span class="export-personal-data-failed hidden">' . __( 'Download failed.' ) . ' <button type="button" class="button-link export-personal-data-handle">' . __( 'Retry' ) . '</button></span>'; + + $download_data_markup .= '</span>'; + + $row_actions['download-data'] = $download_data_markup; + + if ( 'request-completed' !== $status ) { + $complete_request_markup = '<span>'; + $complete_request_markup .= sprintf( + '<a href="%s" class="complete-request" aria-label="%s">%s</a>', + esc_url( + wp_nonce_url( + add_query_arg( + array( + 'action' => 'complete', + 'request_id' => array( $request_id ), + ), + admin_url( 'export-personal-data.php' ) + ), + 'bulk-privacy_requests' + ) + ), + esc_attr( + sprintf( + /* translators: %s: Request email. */ + __( 'Mark export request for “%s” as completed.' ), + $item->email + ) + ), + __( 'Complete request' ) + ); + $complete_request_markup .= '</span>'; + } + + if ( ! empty( $complete_request_markup ) ) { + $row_actions['complete-request'] = $complete_request_markup; + } + + return sprintf( '<a href="%1$s">%2$s</a> %3$s', esc_url( 'mailto:' . $item->email ), $item->email, $this->row_actions( $row_actions ) ); + } + + /** + * Displays the next steps column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + */ + public function column_next_steps( $item ) { + $status = $item->status; + + switch ( $status ) { + case 'request-pending': + esc_html_e( 'Waiting for confirmation' ); + break; + case 'request-confirmed': + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); + $exporters_count = count( $exporters ); + $request_id = $item->ID; + $nonce = wp_create_nonce( 'wp-privacy-export-personal-data-' . $request_id ); + + echo '<div class="export-personal-data" ' . + 'data-send-as-email="1" ' . + 'data-exporters-count="' . esc_attr( $exporters_count ) . '" ' . + 'data-request-id="' . esc_attr( $request_id ) . '" ' . + 'data-nonce="' . esc_attr( $nonce ) . + '">'; + + ?> + <span class="export-personal-data-idle"><button type="button" class="button-link export-personal-data-handle"><?php _e( 'Send export link' ); ?></button></span> + <span class="export-personal-data-processing hidden"><?php _e( 'Sending email...' ); ?> <span class="export-progress"></span></span> + <span class="export-personal-data-success success-message hidden"><?php _e( 'Email sent.' ); ?></span> + <span class="export-personal-data-failed hidden"><?php _e( 'Email could not be sent.' ); ?> <button type="button" class="button-link export-personal-data-handle"><?php _e( 'Retry' ); ?></button></span> + <?php + + echo '</div>'; + break; + case 'request-failed': + echo '<button type="submit" class="button-link" name="privacy_action_email_retry[' . $item->ID . ']" id="privacy_action_email_retry[' . $item->ID . ']">' . __( 'Retry' ) . '</button>'; + break; + case 'request-completed': + echo '<a href="' . esc_url( + wp_nonce_url( + add_query_arg( + array( + 'action' => 'delete', + 'request_id' => array( $item->ID ), + ), + admin_url( 'export-personal-data.php' ) + ), + 'bulk-privacy_requests' + ) + ) . '">' . esc_html__( 'Remove request' ) . '</a>'; + break; + } + } +} diff --git a/wp-admin/includes/class-wp-privacy-data-removal-requests-list-table.php b/wp-admin/includes/class-wp-privacy-data-removal-requests-list-table.php new file mode 100644 index 0000000..7165351 --- /dev/null +++ b/wp-admin/includes/class-wp-privacy-data-removal-requests-list-table.php @@ -0,0 +1,167 @@ +<?php +/** + * List Table API: WP_Privacy_Data_Removal_Requests_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 4.9.6 + */ + +if ( ! class_exists( 'WP_Privacy_Requests_Table' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-requests-table.php'; +} + +/** + * WP_Privacy_Data_Removal_Requests_List_Table class. + * + * @since 4.9.6 + */ +class WP_Privacy_Data_Removal_Requests_List_Table extends WP_Privacy_Requests_Table { + /** + * Action name for the requests this table will work with. + * + * @since 4.9.6 + * + * @var string $request_type Name of action. + */ + protected $request_type = 'remove_personal_data'; + + /** + * Post type for the requests. + * + * @since 4.9.6 + * + * @var string $post_type The post type. + */ + protected $post_type = 'user_request'; + + /** + * Outputs the Actions column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + * @return string Email column markup. + */ + public function column_email( $item ) { + $row_actions = array(); + + // Allow the administrator to "force remove" the personal data even if confirmation has not yet been received. + $status = $item->status; + $request_id = $item->ID; + $row_actions = array(); + if ( 'request-confirmed' !== $status ) { + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $erasers = apply_filters( 'wp_privacy_personal_data_erasers', array() ); + $erasers_count = count( $erasers ); + $nonce = wp_create_nonce( 'wp-privacy-erase-personal-data-' . $request_id ); + + $remove_data_markup = '<span class="remove-personal-data force-remove-personal-data" ' . + 'data-erasers-count="' . esc_attr( $erasers_count ) . '" ' . + 'data-request-id="' . esc_attr( $request_id ) . '" ' . + 'data-nonce="' . esc_attr( $nonce ) . + '">'; + + $remove_data_markup .= '<span class="remove-personal-data-idle"><button type="button" class="button-link remove-personal-data-handle">' . __( 'Force erase personal data' ) . '</button></span>' . + '<span class="remove-personal-data-processing hidden">' . __( 'Erasing data...' ) . ' <span class="erasure-progress"></span></span>' . + '<span class="remove-personal-data-success hidden">' . __( 'Erasure completed.' ) . '</span>' . + '<span class="remove-personal-data-failed hidden">' . __( 'Force erasure has failed.' ) . ' <button type="button" class="button-link remove-personal-data-handle">' . __( 'Retry' ) . '</button></span>'; + + $remove_data_markup .= '</span>'; + + $row_actions['remove-data'] = $remove_data_markup; + } + + if ( 'request-completed' !== $status ) { + $complete_request_markup = '<span>'; + $complete_request_markup .= sprintf( + '<a href="%s" class="complete-request" aria-label="%s">%s</a>', + esc_url( + wp_nonce_url( + add_query_arg( + array( + 'action' => 'complete', + 'request_id' => array( $request_id ), + ), + admin_url( 'erase-personal-data.php' ) + ), + 'bulk-privacy_requests' + ) + ), + esc_attr( + sprintf( + /* translators: %s: Request email. */ + __( 'Mark export request for “%s” as completed.' ), + $item->email + ) + ), + __( 'Complete request' ) + ); + $complete_request_markup .= '</span>'; + } + + if ( ! empty( $complete_request_markup ) ) { + $row_actions['complete-request'] = $complete_request_markup; + } + + return sprintf( '<a href="%1$s">%2$s</a> %3$s', esc_url( 'mailto:' . $item->email ), $item->email, $this->row_actions( $row_actions ) ); + } + + /** + * Outputs the Next steps column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + */ + public function column_next_steps( $item ) { + $status = $item->status; + + switch ( $status ) { + case 'request-pending': + esc_html_e( 'Waiting for confirmation' ); + break; + case 'request-confirmed': + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $erasers = apply_filters( 'wp_privacy_personal_data_erasers', array() ); + $erasers_count = count( $erasers ); + $request_id = $item->ID; + $nonce = wp_create_nonce( 'wp-privacy-erase-personal-data-' . $request_id ); + + echo '<div class="remove-personal-data" ' . + 'data-force-erase="1" ' . + 'data-erasers-count="' . esc_attr( $erasers_count ) . '" ' . + 'data-request-id="' . esc_attr( $request_id ) . '" ' . + 'data-nonce="' . esc_attr( $nonce ) . + '">'; + + ?> + <span class="remove-personal-data-idle"><button type="button" class="button-link remove-personal-data-handle"><?php _e( 'Erase personal data' ); ?></button></span> + <span class="remove-personal-data-processing hidden"><?php _e( 'Erasing data...' ); ?> <span class="erasure-progress"></span></span> + <span class="remove-personal-data-success success-message hidden" ><?php _e( 'Erasure completed.' ); ?></span> + <span class="remove-personal-data-failed hidden"><?php _e( 'Data erasure has failed.' ); ?> <button type="button" class="button-link remove-personal-data-handle"><?php _e( 'Retry' ); ?></button></span> + <?php + + echo '</div>'; + + break; + case 'request-failed': + echo '<button type="submit" class="button-link" name="privacy_action_email_retry[' . $item->ID . ']" id="privacy_action_email_retry[' . $item->ID . ']">' . __( 'Retry' ) . '</button>'; + break; + case 'request-completed': + echo '<a href="' . esc_url( + wp_nonce_url( + add_query_arg( + array( + 'action' => 'delete', + 'request_id' => array( $item->ID ), + ), + admin_url( 'erase-personal-data.php' ) + ), + 'bulk-privacy_requests' + ) + ) . '">' . esc_html__( 'Remove request' ) . '</a>'; + break; + } + } +} diff --git a/wp-admin/includes/class-wp-privacy-policy-content.php b/wp-admin/includes/class-wp-privacy-policy-content.php new file mode 100644 index 0000000..a64d043 --- /dev/null +++ b/wp-admin/includes/class-wp-privacy-policy-content.php @@ -0,0 +1,706 @@ +<?php +/** + * WP_Privacy_Policy_Content class. + * + * @package WordPress + * @subpackage Administration + * @since 4.9.6 + */ + +#[AllowDynamicProperties] +final class WP_Privacy_Policy_Content { + + private static $policy_content = array(); + + /** + * Constructor + * + * @since 4.9.6 + */ + private function __construct() {} + + /** + * Adds content to the postbox shown when editing the privacy policy. + * + * Plugins and themes should suggest text for inclusion in the site's privacy policy. + * The suggested text should contain information about any functionality that affects user privacy, + * and will be shown in the Suggested Privacy Policy Content postbox. + * + * Intended for use from `wp_add_privacy_policy_content()`. + * + * @since 4.9.6 + * + * @param string $plugin_name The name of the plugin or theme that is suggesting content for the site's privacy policy. + * @param string $policy_text The suggested content for inclusion in the policy. + */ + public static function add( $plugin_name, $policy_text ) { + if ( empty( $plugin_name ) || empty( $policy_text ) ) { + return; + } + + $data = array( + 'plugin_name' => $plugin_name, + 'policy_text' => $policy_text, + ); + + if ( ! in_array( $data, self::$policy_content, true ) ) { + self::$policy_content[] = $data; + } + } + + /** + * Performs a quick check to determine whether any privacy info has changed. + * + * @since 4.9.6 + */ + public static function text_change_check() { + + $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); + + // The site doesn't have a privacy policy. + if ( empty( $policy_page_id ) ) { + return false; + } + + if ( ! current_user_can( 'edit_post', $policy_page_id ) ) { + return false; + } + + $old = (array) get_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content' ); + + // Updates are not relevant if the user has not reviewed any suggestions yet. + if ( empty( $old ) ) { + return false; + } + + $cached = get_option( '_wp_suggested_policy_text_has_changed' ); + + /* + * When this function is called before `admin_init`, `self::$policy_content` + * has not been populated yet, so use the cached result from the last + * execution instead. + */ + if ( ! did_action( 'admin_init' ) ) { + return 'changed' === $cached; + } + + $new = self::$policy_content; + + // Remove the extra values added to the meta. + foreach ( $old as $key => $data ) { + if ( ! is_array( $data ) || ! empty( $data['removed'] ) ) { + unset( $old[ $key ] ); + continue; + } + + $old[ $key ] = array( + 'plugin_name' => $data['plugin_name'], + 'policy_text' => $data['policy_text'], + ); + } + + // Normalize the order of texts, to facilitate comparison. + sort( $old ); + sort( $new ); + + /* + * The == operator (equal, not identical) was used intentionally. + * See https://www.php.net/manual/en/language.operators.array.php + */ + if ( $new != $old ) { + /* + * A plugin was activated or deactivated, or some policy text has changed. + * Show a notice on the relevant screens to inform the admin. + */ + add_action( 'admin_notices', array( 'WP_Privacy_Policy_Content', 'policy_text_changed_notice' ) ); + $state = 'changed'; + } else { + $state = 'not-changed'; + } + + // Cache the result for use before `admin_init` (see above). + if ( $cached !== $state ) { + update_option( '_wp_suggested_policy_text_has_changed', $state ); + } + + return 'changed' === $state; + } + + /** + * Outputs a warning when some privacy info has changed. + * + * @since 4.9.6 + */ + public static function policy_text_changed_notice() { + $screen = get_current_screen()->id; + + if ( 'privacy' !== $screen ) { + return; + } + + $privacy_message = sprintf( + /* translators: %s: Privacy Policy Guide URL. */ + __( 'The suggested privacy policy text has changed. Please <a href="%s">review the guide</a> and update your privacy policy.' ), + esc_url( admin_url( 'privacy-policy-guide.php?tab=policyguide' ) ) + ); + + wp_admin_notice( + $privacy_message, + array( + 'type' => 'warning', + 'additional_classes' => array( 'policy-text-updated' ), + 'dismissible' => true, + ) + ); + } + + /** + * Updates the cached policy info when the policy page is updated. + * + * @since 4.9.6 + * @access private + * + * @param int $post_id The ID of the updated post. + */ + public static function _policy_page_updated( $post_id ) { + $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); + + if ( ! $policy_page_id || $policy_page_id !== (int) $post_id ) { + return; + } + + // Remove updated|removed status. + $old = (array) get_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content' ); + $done = array(); + $update_cache = false; + + foreach ( $old as $old_key => $old_data ) { + if ( ! empty( $old_data['removed'] ) ) { + // Remove the old policy text. + $update_cache = true; + continue; + } + + if ( ! empty( $old_data['updated'] ) ) { + // 'updated' is now 'added'. + $done[] = array( + 'plugin_name' => $old_data['plugin_name'], + 'policy_text' => $old_data['policy_text'], + 'added' => $old_data['updated'], + ); + $update_cache = true; + } else { + $done[] = $old_data; + } + } + + if ( $update_cache ) { + delete_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content' ); + // Update the cache. + foreach ( $done as $data ) { + add_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content', $data ); + } + } + } + + /** + * Checks for updated, added or removed privacy policy information from plugins. + * + * Caches the current info in post_meta of the policy page. + * + * @since 4.9.6 + * + * @return array The privacy policy text/information added by core and plugins. + */ + public static function get_suggested_policy_text() { + $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); + $checked = array(); + $time = time(); + $update_cache = false; + $new = self::$policy_content; + $old = array(); + + if ( $policy_page_id ) { + $old = (array) get_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content' ); + } + + // Check for no-changes and updates. + foreach ( $new as $new_key => $new_data ) { + foreach ( $old as $old_key => $old_data ) { + $found = false; + + if ( $new_data['policy_text'] === $old_data['policy_text'] ) { + // Use the new plugin name in case it was changed, translated, etc. + if ( $old_data['plugin_name'] !== $new_data['plugin_name'] ) { + $old_data['plugin_name'] = $new_data['plugin_name']; + $update_cache = true; + } + + // A plugin was re-activated. + if ( ! empty( $old_data['removed'] ) ) { + unset( $old_data['removed'] ); + $old_data['added'] = $time; + $update_cache = true; + } + + $checked[] = $old_data; + $found = true; + } elseif ( $new_data['plugin_name'] === $old_data['plugin_name'] ) { + // The info for the policy was updated. + $checked[] = array( + 'plugin_name' => $new_data['plugin_name'], + 'policy_text' => $new_data['policy_text'], + 'updated' => $time, + ); + $found = true; + $update_cache = true; + } + + if ( $found ) { + unset( $new[ $new_key ], $old[ $old_key ] ); + continue 2; + } + } + } + + if ( ! empty( $new ) ) { + // A plugin was activated. + foreach ( $new as $new_data ) { + if ( ! empty( $new_data['plugin_name'] ) && ! empty( $new_data['policy_text'] ) ) { + $new_data['added'] = $time; + $checked[] = $new_data; + } + } + $update_cache = true; + } + + if ( ! empty( $old ) ) { + // A plugin was deactivated. + foreach ( $old as $old_data ) { + if ( ! empty( $old_data['plugin_name'] ) && ! empty( $old_data['policy_text'] ) ) { + $data = array( + 'plugin_name' => $old_data['plugin_name'], + 'policy_text' => $old_data['policy_text'], + 'removed' => $time, + ); + + $checked[] = $data; + } + } + $update_cache = true; + } + + if ( $update_cache && $policy_page_id ) { + delete_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content' ); + // Update the cache. + foreach ( $checked as $data ) { + add_post_meta( $policy_page_id, '_wp_suggested_privacy_policy_content', $data ); + } + } + + return $checked; + } + + /** + * Adds a notice with a link to the guide when editing the privacy policy page. + * + * @since 4.9.6 + * @since 5.0.0 The `$post` parameter was made optional. + * + * @global WP_Post $post Global post object. + * + * @param WP_Post|null $post The currently edited post. Default null. + */ + public static function notice( $post = null ) { + if ( is_null( $post ) ) { + global $post; + } else { + $post = get_post( $post ); + } + + if ( ! ( $post instanceof WP_Post ) ) { + return; + } + + if ( ! current_user_can( 'manage_privacy_options' ) ) { + return; + } + + $current_screen = get_current_screen(); + $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); + + if ( 'post' !== $current_screen->base || $policy_page_id !== $post->ID ) { + return; + } + + $message = __( 'Need help putting together your new Privacy Policy page? Check out our guide for recommendations on what content to include, along with policies suggested by your plugins and theme.' ); + $url = esc_url( admin_url( 'options-privacy.php?tab=policyguide' ) ); + $label = __( 'View Privacy Policy Guide.' ); + + if ( get_current_screen()->is_block_editor() ) { + wp_enqueue_script( 'wp-notices' ); + $action = array( + 'url' => $url, + 'label' => $label, + ); + wp_add_inline_script( + 'wp-notices', + sprintf( + 'wp.data.dispatch( "core/notices" ).createWarningNotice( "%s", { actions: [ %s ], isDismissible: false } )', + $message, + wp_json_encode( $action ) + ), + 'after' + ); + } else { + $message .= sprintf( + ' <a href="%s" target="_blank">%s <span class="screen-reader-text">%s</span></a>', + $url, + $label, + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + wp_admin_notice( + $message, + array( + 'type' => 'warning', + 'additional_classes' => array( 'inline', 'wp-pp-notice' ), + ) + ); + } + } + + /** + * Outputs the privacy policy guide together with content from the theme and plugins. + * + * @since 4.9.6 + */ + public static function privacy_policy_guide() { + + $content_array = self::get_suggested_policy_text(); + $content = ''; + $date_format = __( 'F j, Y' ); + + foreach ( $content_array as $section ) { + $class = ''; + $meta = ''; + $removed = ''; + + if ( ! empty( $section['removed'] ) ) { + $badge_class = ' red'; + $date = date_i18n( $date_format, $section['removed'] ); + /* translators: %s: Date of plugin deactivation. */ + $badge_title = sprintf( __( 'Removed %s.' ), $date ); + + /* translators: %s: Date of plugin deactivation. */ + $removed = sprintf( __( 'You deactivated this plugin on %s and may no longer need this policy.' ), $date ); + $removed = wp_get_admin_notice( + $removed, + array( + 'type' => 'info', + 'additional_classes' => array( 'inline' ), + ) + ); + } elseif ( ! empty( $section['updated'] ) ) { + $badge_class = ' blue'; + $date = date_i18n( $date_format, $section['updated'] ); + /* translators: %s: Date of privacy policy text update. */ + $badge_title = sprintf( __( 'Updated %s.' ), $date ); + } + + $plugin_name = esc_html( $section['plugin_name'] ); + + $sanitized_policy_name = sanitize_title_with_dashes( $plugin_name ); + ?> + <h4 class="privacy-settings-accordion-heading"> + <button aria-expanded="false" class="privacy-settings-accordion-trigger" aria-controls="privacy-settings-accordion-block-<?php echo $sanitized_policy_name; ?>" type="button"> + <span class="title"><?php echo $plugin_name; ?></span> + <?php if ( ! empty( $section['removed'] ) || ! empty( $section['updated'] ) ) : ?> + <span class="badge <?php echo $badge_class; ?>"> <?php echo $badge_title; ?></span> + <?php endif; ?> + <span class="icon"></span> + </button> + </h4> + <div id="privacy-settings-accordion-block-<?php echo $sanitized_policy_name; ?>" class="privacy-settings-accordion-panel privacy-text-box-body" hidden="hidden"> + <?php + echo $removed; + echo $section['policy_text']; + ?> + <?php if ( empty( $section['removed'] ) ) : ?> + <div class="privacy-settings-accordion-actions"> + <span class="success" aria-hidden="true"><?php _e( 'Copied!' ); ?></span> + <button type="button" class="privacy-text-copy button"> + <span aria-hidden="true"><?php _e( 'Copy suggested policy text to clipboard' ); ?></span> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. %s: Plugin name. */ + printf( __( 'Copy suggested policy text from %s.' ), $plugin_name ); + ?> + </span> + </button> + </div> + <?php endif; ?> + </div> + <?php + } + } + + /** + * Returns the default suggested privacy policy content. + * + * @since 4.9.6 + * @since 5.0.0 Added the `$blocks` parameter. + * + * @param bool $description Whether to include the descriptions under the section headings. Default false. + * @param bool $blocks Whether to format the content for the block editor. Default true. + * @return string The default policy content. + */ + public static function get_default_content( $description = false, $blocks = true ) { + $suggested_text = '<strong class="privacy-policy-tutorial">' . __( 'Suggested text:' ) . ' </strong>'; + $content = ''; + $strings = array(); + + // Start of the suggested privacy policy text. + if ( $description ) { + $strings[] = '<div class="wp-suggested-text">'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Who we are' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should note your site URL, as well as the name of the company, organization, or individual behind it, and some accurate contact information.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'The amount of information you may be required to show will vary depending on your local or national business regulations. You may, for example, be required to display a physical address, a registered address, or your company registration number.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. %s: Site URL. */ + $strings[] = '<p>' . $suggested_text . sprintf( __( 'Our website address is: %s.' ), get_bloginfo( 'url', 'display' ) ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'What personal data we collect and why we collect it' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should note what personal data you collect from users and site visitors. This may include personal data, such as name, email address, personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'You should also note any collection and retention of sensitive personal data, such as data concerning health.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In addition to listing what personal data you collect, you need to note why you collect it. These explanations must note either the legal basis for your data collection and retention or the active consent the user has given.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'Personal data is not just created by a user’s interactions with your site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third party embeds.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'By default WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users. However some of your plugins may collect personal data. You should add the relevant information below.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Comments' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this subsection you should note what information is captured through comments. We have noted the data which WordPress collects by default.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Media' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this subsection you should note what information may be disclosed by users who can upload media files. All uploaded files are usually publicly accessible.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Contact forms' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'By default, WordPress does not include a contact form. If you use a contact form plugin, use this subsection to note what personal data is captured when someone submits a contact form, and how long you keep it. For example, you may note that you keep contact form submissions for a certain period for customer service purposes, but you do not use the information submitted through them for marketing purposes.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Cookies' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this subsection you should list the cookies your web site uses, including those set by your plugins, social media, and analytics. We have provided the cookies which WordPress installs by default.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.' ) . '</p>'; + } + + if ( ! $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Embedded content from other websites' ) . '</h2>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Analytics' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this subsection you should note what analytics package you use, how users can opt out of analytics tracking, and a link to your analytics provider’s privacy policy, if any.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'By default WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data. You may also have installed a WordPress plugin that provides analytics services. In that case, add information from that plugin here.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Who we share your data with' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should name and list all third party providers with whom you share site data, including partners, cloud-based services, payment processors, and third party service providers, and note what data you share with them and why. Link to their own privacy policies if possible.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'By default WordPress does not share any personal data with anyone.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'If you request a password reset, your IP address will be included in the reset email.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'How long we retain your data' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should explain how long you retain personal data collected or processed by the web site. While it is your responsibility to come up with the schedule of how long you keep each dataset for and why you keep it, that information does need to be listed here. For example, you may want to say that you keep contact form entries for six months, analytics records for a year, and customer purchase records for ten years.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.' ) . '</p>'; + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . __( 'For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'What rights you have over your data' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should explain what rights your users have over their data and how they can invoke those rights.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.' ) . '</p>'; + } + + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Where your data is sent' ) . '</h2>'; + + if ( $description ) { + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should list all transfers of your site data outside the European Union and describe the means by which that data is safeguarded to European data protection standards. This could include your web hosting, cloud storage, or other third party services.' ) . '</p>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'European data protection law requires data about European residents which is transferred outside the European Union to be safeguarded to the same standards as if the data was in Europe. So in addition to listing where data goes, you should describe how you ensure that these standards are met either by yourself or by your third party providers, whether that is through an agreement such as Privacy Shield, model clauses in your contracts, or binding corporate rules.' ) . '</p>'; + } else { + /* translators: Default privacy policy text. */ + $strings[] = '<p>' . $suggested_text . __( 'Visitor comments may be checked through an automated spam detection service.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Contact information' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should provide a contact method for privacy-specific concerns. If you are required to have a Data Protection Officer, list their name and full contact details here as well.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Additional information' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'If you use your site for commercial purposes and you engage in more complex collection or processing of personal data, you should note the following information in your privacy policy in addition to the information we have already discussed.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'How we protect your data' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should explain what measures you have taken to protect your users’ data. This could include technical measures such as encryption; security measures such as two factor authentication; and measures such as staff training in data protection. If you have carried out a Privacy Impact Assessment, you can mention it here too.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'What data breach procedures we have in place' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'In this section you should explain what procedures you have in place to deal with data breaches, either potential or real, such as internal reporting systems, contact mechanisms, or bug bounties.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'What third parties we receive data from' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'If your web site receives data about users from third parties, including advertisers, this information must be included within the section of your privacy policy dealing with third party data.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'What automated decision making and/or profiling we do with user data' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'If your web site provides a service which includes automated decision making - for example, allowing customers to apply for credit, or aggregating their data into an advertising profile - you must note that this is taking place, and include information about how that information is used, what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.' ) . '</p>'; + } + + if ( $description ) { + /* translators: Default privacy policy heading. */ + $strings[] = '<h2>' . __( 'Industry regulatory disclosure requirements' ) . '</h2>'; + /* translators: Privacy policy tutorial. */ + $strings[] = '<p class="privacy-policy-tutorial">' . __( 'If you are a member of a regulated industry, or if you are subject to additional privacy laws, you may be required to disclose that information here.' ) . '</p>'; + $strings[] = '</div>'; + } + + if ( $blocks ) { + foreach ( $strings as $key => $string ) { + if ( str_starts_with( $string, '<p>' ) ) { + $strings[ $key ] = '<!-- wp:paragraph -->' . $string . '<!-- /wp:paragraph -->'; + } + + if ( str_starts_with( $string, '<h2>' ) ) { + $strings[ $key ] = '<!-- wp:heading -->' . $string . '<!-- /wp:heading -->'; + } + } + } + + $content = implode( '', $strings ); + // End of the suggested privacy policy text. + + /** + * Filters the default content suggested for inclusion in a privacy policy. + * + * @since 4.9.6 + * @since 5.0.0 Added the `$strings`, `$description`, and `$blocks` parameters. + * @deprecated 5.7.0 Use wp_add_privacy_policy_content() instead. + * + * @param string $content The default policy content. + * @param string[] $strings An array of privacy policy content strings. + * @param bool $description Whether policy descriptions should be included. + * @param bool $blocks Whether the content should be formatted for the block editor. + */ + return apply_filters_deprecated( + 'wp_get_default_privacy_policy_content', + array( $content, $strings, $description, $blocks ), + '5.7.0', + 'wp_add_privacy_policy_content()' + ); + } + + /** + * Adds the suggested privacy policy text to the policy postbox. + * + * @since 4.9.6 + */ + public static function add_suggested_content() { + $content = self::get_default_content( false, false ); + wp_add_privacy_policy_content( __( 'WordPress' ), $content ); + } +} diff --git a/wp-admin/includes/class-wp-privacy-requests-table.php b/wp-admin/includes/class-wp-privacy-requests-table.php new file mode 100644 index 0000000..61a917c --- /dev/null +++ b/wp-admin/includes/class-wp-privacy-requests-table.php @@ -0,0 +1,565 @@ +<?php +/** + * List Table API: WP_Privacy_Requests_Table class + * + * @package WordPress + * @subpackage Administration + * @since 4.9.6 + */ + +abstract class WP_Privacy_Requests_Table extends WP_List_Table { + + /** + * Action name for the requests this table will work with. Classes + * which inherit from WP_Privacy_Requests_Table should define this. + * + * Example: 'export_personal_data'. + * + * @since 4.9.6 + * + * @var string $request_type Name of action. + */ + protected $request_type = 'INVALID'; + + /** + * Post type to be used. + * + * @since 4.9.6 + * + * @var string $post_type The post type. + */ + protected $post_type = 'INVALID'; + + /** + * Gets columns to show in the list table. + * + * @since 4.9.6 + * + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $columns = array( + 'cb' => '<input type="checkbox" />', + 'email' => __( 'Requester' ), + 'status' => __( 'Status' ), + 'created_timestamp' => __( 'Requested' ), + 'next_steps' => __( 'Next steps' ), + ); + return $columns; + } + + /** + * Normalizes the admin URL to the current page (by request_type). + * + * @since 5.3.0 + * + * @return string URL to the current admin page. + */ + protected function get_admin_url() { + $pagenow = str_replace( '_', '-', $this->request_type ); + + if ( 'remove-personal-data' === $pagenow ) { + $pagenow = 'erase-personal-data'; + } + + return admin_url( $pagenow . '.php' ); + } + + /** + * Gets a list of sortable columns. + * + * @since 4.9.6 + * + * @return array Default sortable columns. + */ + protected function get_sortable_columns() { + /* + * The initial sorting is by 'Requested' (post_date) and descending. + * With initial sorting, the first click on 'Requested' should be ascending. + * With 'Requester' sorting active, the next click on 'Requested' should be descending. + */ + $desc_first = isset( $_GET['orderby'] ); + + return array( + 'email' => 'requester', + 'created_timestamp' => array( 'requested', $desc_first ), + ); + } + + /** + * Returns the default primary column. + * + * @since 4.9.6 + * + * @return string Default primary column name. + */ + protected function get_default_primary_column_name() { + return 'email'; + } + + /** + * Counts the number of requests for each status. + * + * @since 4.9.6 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return object Number of posts for each status. + */ + protected function get_request_counts() { + global $wpdb; + + $cache_key = $this->post_type . '-' . $this->request_type; + $counts = wp_cache_get( $cache_key, 'counts' ); + + if ( false !== $counts ) { + return $counts; + } + + $query = " + SELECT post_status, COUNT( * ) AS num_posts + FROM {$wpdb->posts} + WHERE post_type = %s + AND post_name = %s + GROUP BY post_status"; + + $results = (array) $wpdb->get_results( $wpdb->prepare( $query, $this->post_type, $this->request_type ), ARRAY_A ); + $counts = array_fill_keys( get_post_stati(), 0 ); + + foreach ( $results as $row ) { + $counts[ $row['post_status'] ] = $row['num_posts']; + } + + $counts = (object) $counts; + wp_cache_set( $cache_key, $counts, 'counts' ); + + return $counts; + } + + /** + * Gets an associative array ( id => link ) with the list of views available on this table. + * + * @since 4.9.6 + * + * @return string[] An array of HTML links keyed by their view. + */ + protected function get_views() { + $current_status = isset( $_REQUEST['filter-status'] ) ? sanitize_text_field( $_REQUEST['filter-status'] ) : ''; + $statuses = _wp_privacy_statuses(); + $views = array(); + $counts = $this->get_request_counts(); + $total_requests = absint( array_sum( (array) $counts ) ); + + // Normalized admin URL. + $admin_url = $this->get_admin_url(); + + $status_label = sprintf( + /* translators: %s: Number of requests. */ + _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $total_requests, + 'requests' + ), + number_format_i18n( $total_requests ) + ); + + $views['all'] = array( + 'url' => esc_url( $admin_url ), + 'label' => $status_label, + 'current' => empty( $current_status ), + ); + + foreach ( $statuses as $status => $label ) { + $post_status = get_post_status_object( $status ); + if ( ! $post_status ) { + continue; + } + + $total_status_requests = absint( $counts->{$status} ); + + if ( ! $total_status_requests ) { + continue; + } + + $status_label = sprintf( + translate_nooped_plural( $post_status->label_count, $total_status_requests ), + number_format_i18n( $total_status_requests ) + ); + + $status_link = add_query_arg( 'filter-status', $status, $admin_url ); + + $views[ $status ] = array( + 'url' => esc_url( $status_link ), + 'label' => $status_label, + 'current' => $status === $current_status, + ); + } + + return $this->get_views_links( $views ); + } + + /** + * Gets bulk actions. + * + * @since 4.9.6 + * + * @return array Array of bulk action labels keyed by their action. + */ + protected function get_bulk_actions() { + return array( + 'resend' => __( 'Resend confirmation requests' ), + 'complete' => __( 'Mark requests as completed' ), + 'delete' => __( 'Delete requests' ), + ); + } + + /** + * Process bulk actions. + * + * @since 4.9.6 + * @since 5.6.0 Added support for the `complete` action. + */ + public function process_bulk_action() { + $action = $this->current_action(); + $request_ids = isset( $_REQUEST['request_id'] ) ? wp_parse_id_list( wp_unslash( $_REQUEST['request_id'] ) ) : array(); + + if ( empty( $request_ids ) ) { + return; + } + + $count = 0; + $failures = 0; + + check_admin_referer( 'bulk-privacy_requests' ); + + switch ( $action ) { + case 'resend': + foreach ( $request_ids as $request_id ) { + $resend = _wp_privacy_resend_request( $request_id ); + + if ( $resend && ! is_wp_error( $resend ) ) { + ++$count; + } else { + ++$failures; + } + } + + if ( $failures ) { + add_settings_error( + 'bulk_action', + 'bulk_action', + sprintf( + /* translators: %d: Number of requests. */ + _n( + '%d confirmation request failed to resend.', + '%d confirmation requests failed to resend.', + $failures + ), + $failures + ), + 'error' + ); + } + + if ( $count ) { + add_settings_error( + 'bulk_action', + 'bulk_action', + sprintf( + /* translators: %d: Number of requests. */ + _n( + '%d confirmation request re-sent successfully.', + '%d confirmation requests re-sent successfully.', + $count + ), + $count + ), + 'success' + ); + } + + break; + + case 'complete': + foreach ( $request_ids as $request_id ) { + $result = _wp_privacy_completed_request( $request_id ); + + if ( $result && ! is_wp_error( $result ) ) { + ++$count; + } + } + + add_settings_error( + 'bulk_action', + 'bulk_action', + sprintf( + /* translators: %d: Number of requests. */ + _n( + '%d request marked as complete.', + '%d requests marked as complete.', + $count + ), + $count + ), + 'success' + ); + break; + + case 'delete': + foreach ( $request_ids as $request_id ) { + if ( wp_delete_post( $request_id, true ) ) { + ++$count; + } else { + ++$failures; + } + } + + if ( $failures ) { + add_settings_error( + 'bulk_action', + 'bulk_action', + sprintf( + /* translators: %d: Number of requests. */ + _n( + '%d request failed to delete.', + '%d requests failed to delete.', + $failures + ), + $failures + ), + 'error' + ); + } + + if ( $count ) { + add_settings_error( + 'bulk_action', + 'bulk_action', + sprintf( + /* translators: %d: Number of requests. */ + _n( + '%d request deleted successfully.', + '%d requests deleted successfully.', + $count + ), + $count + ), + 'success' + ); + } + + break; + } + } + + /** + * Prepares items to output. + * + * @since 4.9.6 + * @since 5.1.0 Added support for column sorting. + */ + public function prepare_items() { + $this->items = array(); + $posts_per_page = $this->get_items_per_page( $this->request_type . '_requests_per_page' ); + $args = array( + 'post_type' => $this->post_type, + 'post_name__in' => array( $this->request_type ), + 'posts_per_page' => $posts_per_page, + 'offset' => isset( $_REQUEST['paged'] ) ? max( 0, absint( $_REQUEST['paged'] ) - 1 ) * $posts_per_page : 0, + 'post_status' => 'any', + 's' => isset( $_REQUEST['s'] ) ? sanitize_text_field( $_REQUEST['s'] ) : '', + ); + + $orderby_mapping = array( + 'requester' => 'post_title', + 'requested' => 'post_date', + ); + + if ( isset( $_REQUEST['orderby'] ) && isset( $orderby_mapping[ $_REQUEST['orderby'] ] ) ) { + $args['orderby'] = $orderby_mapping[ $_REQUEST['orderby'] ]; + } + + if ( isset( $_REQUEST['order'] ) && in_array( strtoupper( $_REQUEST['order'] ), array( 'ASC', 'DESC' ), true ) ) { + $args['order'] = strtoupper( $_REQUEST['order'] ); + } + + if ( ! empty( $_REQUEST['filter-status'] ) ) { + $filter_status = isset( $_REQUEST['filter-status'] ) ? sanitize_text_field( $_REQUEST['filter-status'] ) : ''; + $args['post_status'] = $filter_status; + } + + $requests_query = new WP_Query( $args ); + $requests = $requests_query->posts; + + foreach ( $requests as $request ) { + $this->items[] = wp_get_user_request( $request->ID ); + } + + $this->items = array_filter( $this->items ); + + $this->set_pagination_args( + array( + 'total_items' => $requests_query->found_posts, + 'per_page' => $posts_per_page, + ) + ); + } + + /** + * Returns the markup for the Checkbox column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + * @return string Checkbox column markup. + */ + public function column_cb( $item ) { + return sprintf( + '<input type="checkbox" name="request_id[]" id="requester_%1$s" value="%1$s" />' . + '<label for="requester_%1$s"><span class="screen-reader-text">%2$s</span></label><span class="spinner"></span>', + esc_attr( $item->ID ), + /* translators: Hidden accessibility text. %s: Email address. */ + sprintf( __( 'Select %s' ), $item->email ) + ); + } + + /** + * Status column. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + * @return string Status column markup. + */ + public function column_status( $item ) { + $status = get_post_status( $item->ID ); + $status_object = get_post_status_object( $status ); + + if ( ! $status_object || empty( $status_object->label ) ) { + return '-'; + } + + $timestamp = false; + + switch ( $status ) { + case 'request-confirmed': + $timestamp = $item->confirmed_timestamp; + break; + case 'request-completed': + $timestamp = $item->completed_timestamp; + break; + } + + echo '<span class="status-label status-' . esc_attr( $status ) . '">'; + echo esc_html( $status_object->label ); + + if ( $timestamp ) { + echo ' (' . $this->get_timestamp_as_date( $timestamp ) . ')'; + } + + echo '</span>'; + } + + /** + * Converts a timestamp for display. + * + * @since 4.9.6 + * + * @param int $timestamp Event timestamp. + * @return string Human readable date. + */ + protected function get_timestamp_as_date( $timestamp ) { + if ( empty( $timestamp ) ) { + return ''; + } + + $time_diff = time() - $timestamp; + + if ( $time_diff >= 0 && $time_diff < DAY_IN_SECONDS ) { + /* translators: %s: Human-readable time difference. */ + return sprintf( __( '%s ago' ), human_time_diff( $timestamp ) ); + } + + return date_i18n( get_option( 'date_format' ), $timestamp ); + } + + /** + * Handles the default column. + * + * @since 4.9.6 + * @since 5.7.0 Added `manage_{$this->screen->id}_custom_column` action. + * + * @param WP_User_Request $item Item being shown. + * @param string $column_name Name of column being shown. + */ + public function column_default( $item, $column_name ) { + /** + * Fires for each custom column of a specific request type in the Requests list table. + * + * Custom columns are registered using the {@see 'manage_export-personal-data_columns'} + * and the {@see 'manage_erase-personal-data_columns'} filters. + * + * @since 5.7.0 + * + * @param string $column_name The name of the column to display. + * @param WP_User_Request $item The item being shown. + */ + do_action( "manage_{$this->screen->id}_custom_column", $column_name, $item ); + } + + /** + * Returns the markup for the Created timestamp column. Overridden by children. + * + * @since 5.7.0 + * + * @param WP_User_Request $item Item being shown. + * @return string Human readable date. + */ + public function column_created_timestamp( $item ) { + return $this->get_timestamp_as_date( $item->created_timestamp ); + } + + /** + * Actions column. Overridden by children. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + * @return string Email column markup. + */ + public function column_email( $item ) { + return sprintf( '<a href="%1$s">%2$s</a> %3$s', esc_url( 'mailto:' . $item->email ), $item->email, $this->row_actions( array() ) ); + } + + /** + * Returns the markup for the next steps column. Overridden by children. + * + * @since 4.9.6 + * + * @param WP_User_Request $item Item being shown. + */ + public function column_next_steps( $item ) {} + + /** + * Generates content for a single row of the table, + * + * @since 4.9.6 + * + * @param WP_User_Request $item The current item. + */ + public function single_row( $item ) { + $status = $item->status; + + echo '<tr id="request-' . esc_attr( $item->ID ) . '" class="status-' . esc_attr( $status ) . '">'; + $this->single_row_columns( $item ); + echo '</tr>'; + } + + /** + * Embeds scripts used to perform actions. Overridden by children. + * + * @since 4.9.6 + */ + public function embed_scripts() {} +} diff --git a/wp-admin/includes/class-wp-screen.php b/wp-admin/includes/class-wp-screen.php new file mode 100644 index 0000000..739a182 --- /dev/null +++ b/wp-admin/includes/class-wp-screen.php @@ -0,0 +1,1359 @@ +<?php +/** + * Screen API: WP_Screen class + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Core class used to implement an admin screen API. + * + * @since 3.3.0 + */ +#[AllowDynamicProperties] +final class WP_Screen { + /** + * Any action associated with the screen. + * + * 'add' for *-add.php and *-new.php screens. Empty otherwise. + * + * @since 3.3.0 + * @var string + */ + public $action; + + /** + * The base type of the screen. + * + * This is typically the same as `$id` but with any post types and taxonomies stripped. + * For example, for an `$id` of 'edit-post' the base is 'edit'. + * + * @since 3.3.0 + * @var string + */ + public $base; + + /** + * The number of columns to display. Access with get_columns(). + * + * @since 3.4.0 + * @var int + */ + private $columns = 0; + + /** + * The unique ID of the screen. + * + * @since 3.3.0 + * @var string + */ + public $id; + + /** + * Which admin the screen is in. network | user | site | false + * + * @since 3.5.0 + * @var string + */ + protected $in_admin; + + /** + * Whether the screen is in the network admin. + * + * Deprecated. Use in_admin() instead. + * + * @since 3.3.0 + * @deprecated 3.5.0 + * @var bool + */ + public $is_network; + + /** + * Whether the screen is in the user admin. + * + * Deprecated. Use in_admin() instead. + * + * @since 3.3.0 + * @deprecated 3.5.0 + * @var bool + */ + public $is_user; + + /** + * The base menu parent. + * + * This is derived from `$parent_file` by removing the query string and any .php extension. + * `$parent_file` values of 'edit.php?post_type=page' and 'edit.php?post_type=post' + * have a `$parent_base` of 'edit'. + * + * @since 3.3.0 + * @var string|null + */ + public $parent_base; + + /** + * The parent_file for the screen per the admin menu system. + * + * Some `$parent_file` values are 'edit.php?post_type=page', 'edit.php', and 'options-general.php'. + * + * @since 3.3.0 + * @var string|null + */ + public $parent_file; + + /** + * The post type associated with the screen, if any. + * + * The 'edit.php?post_type=page' screen has a post type of 'page'. + * The 'edit-tags.php?taxonomy=$taxonomy&post_type=page' screen has a post type of 'page'. + * + * @since 3.3.0 + * @var string + */ + public $post_type; + + /** + * The taxonomy associated with the screen, if any. + * + * The 'edit-tags.php?taxonomy=category' screen has a taxonomy of 'category'. + * + * @since 3.3.0 + * @var string + */ + public $taxonomy; + + /** + * The help tab data associated with the screen, if any. + * + * @since 3.3.0 + * @var array + */ + private $_help_tabs = array(); + + /** + * The help sidebar data associated with screen, if any. + * + * @since 3.3.0 + * @var string + */ + private $_help_sidebar = ''; + + /** + * The accessible hidden headings and text associated with the screen, if any. + * + * @since 4.4.0 + * @var string[] + */ + private $_screen_reader_content = array(); + + /** + * Stores old string-based help. + * + * @var array + */ + private static $_old_compat_help = array(); + + /** + * The screen options associated with screen, if any. + * + * @since 3.3.0 + * @var array + */ + private $_options = array(); + + /** + * The screen object registry. + * + * @since 3.3.0 + * + * @var array + */ + private static $_registry = array(); + + /** + * Stores the result of the public show_screen_options function. + * + * @since 3.3.0 + * @var bool + */ + private $_show_screen_options; + + /** + * Stores the 'screen_settings' section of screen options. + * + * @since 3.3.0 + * @var string + */ + private $_screen_settings; + + /** + * Whether the screen is using the block editor. + * + * @since 5.0.0 + * @var bool + */ + public $is_block_editor = false; + + /** + * Fetches a screen object. + * + * @since 3.3.0 + * + * @global string $hook_suffix + * + * @param string|WP_Screen $hook_name Optional. The hook name (also known as the hook suffix) used to determine the screen. + * Defaults to the current $hook_suffix global. + * @return WP_Screen Screen object. + */ + public static function get( $hook_name = '' ) { + if ( $hook_name instanceof WP_Screen ) { + return $hook_name; + } + + $id = ''; + $post_type = null; + $taxonomy = null; + $in_admin = false; + $action = ''; + $is_block_editor = false; + + if ( $hook_name ) { + $id = $hook_name; + } elseif ( ! empty( $GLOBALS['hook_suffix'] ) ) { + $id = $GLOBALS['hook_suffix']; + } + + // For those pesky meta boxes. + if ( $hook_name && post_type_exists( $hook_name ) ) { + $post_type = $id; + $id = 'post'; // Changes later. Ends up being $base. + } else { + if ( str_ends_with( $id, '.php' ) ) { + $id = substr( $id, 0, -4 ); + } + + if ( in_array( $id, array( 'post-new', 'link-add', 'media-new', 'user-new' ), true ) ) { + $id = substr( $id, 0, -4 ); + $action = 'add'; + } + } + + if ( ! $post_type && $hook_name ) { + if ( str_ends_with( $id, '-network' ) ) { + $id = substr( $id, 0, -8 ); + $in_admin = 'network'; + } elseif ( str_ends_with( $id, '-user' ) ) { + $id = substr( $id, 0, -5 ); + $in_admin = 'user'; + } + + $id = sanitize_key( $id ); + if ( 'edit-comments' !== $id && 'edit-tags' !== $id && str_starts_with( $id, 'edit-' ) ) { + $maybe = substr( $id, 5 ); + if ( taxonomy_exists( $maybe ) ) { + $id = 'edit-tags'; + $taxonomy = $maybe; + } elseif ( post_type_exists( $maybe ) ) { + $id = 'edit'; + $post_type = $maybe; + } + } + + if ( ! $in_admin ) { + $in_admin = 'site'; + } + } else { + if ( defined( 'WP_NETWORK_ADMIN' ) && WP_NETWORK_ADMIN ) { + $in_admin = 'network'; + } elseif ( defined( 'WP_USER_ADMIN' ) && WP_USER_ADMIN ) { + $in_admin = 'user'; + } else { + $in_admin = 'site'; + } + } + + if ( 'index' === $id ) { + $id = 'dashboard'; + } elseif ( 'front' === $id ) { + $in_admin = false; + } + + $base = $id; + + // If this is the current screen, see if we can be more accurate for post types and taxonomies. + if ( ! $hook_name ) { + if ( isset( $_REQUEST['post_type'] ) ) { + $post_type = post_type_exists( $_REQUEST['post_type'] ) ? $_REQUEST['post_type'] : false; + } + if ( isset( $_REQUEST['taxonomy'] ) ) { + $taxonomy = taxonomy_exists( $_REQUEST['taxonomy'] ) ? $_REQUEST['taxonomy'] : false; + } + + switch ( $base ) { + case 'post': + if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] ) { + wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 ); + } elseif ( isset( $_GET['post'] ) ) { + $post_id = (int) $_GET['post']; + } elseif ( isset( $_POST['post_ID'] ) ) { + $post_id = (int) $_POST['post_ID']; + } else { + $post_id = 0; + } + + if ( $post_id ) { + $post = get_post( $post_id ); + if ( $post ) { + $post_type = $post->post_type; + + /** This filter is documented in wp-admin/post.php */ + $replace_editor = apply_filters( 'replace_editor', false, $post ); + + if ( ! $replace_editor ) { + $is_block_editor = use_block_editor_for_post( $post ); + } + } + } + break; + case 'edit-tags': + case 'term': + if ( null === $post_type && is_object_in_taxonomy( 'post', $taxonomy ? $taxonomy : 'post_tag' ) ) { + $post_type = 'post'; + } + break; + case 'upload': + $post_type = 'attachment'; + break; + } + } + + switch ( $base ) { + case 'post': + if ( null === $post_type ) { + $post_type = 'post'; + } + + // When creating a new post, use the default block editor support value for the post type. + if ( empty( $post_id ) ) { + $is_block_editor = use_block_editor_for_post_type( $post_type ); + } + + $id = $post_type; + break; + case 'edit': + if ( null === $post_type ) { + $post_type = 'post'; + } + $id .= '-' . $post_type; + break; + case 'edit-tags': + case 'term': + if ( null === $taxonomy ) { + $taxonomy = 'post_tag'; + } + // The edit-tags ID does not contain the post type. Look for it in the request. + if ( null === $post_type ) { + $post_type = 'post'; + if ( isset( $_REQUEST['post_type'] ) && post_type_exists( $_REQUEST['post_type'] ) ) { + $post_type = $_REQUEST['post_type']; + } + } + + $id = 'edit-' . $taxonomy; + break; + } + + if ( 'network' === $in_admin ) { + $id .= '-network'; + $base .= '-network'; + } elseif ( 'user' === $in_admin ) { + $id .= '-user'; + $base .= '-user'; + } + + if ( isset( self::$_registry[ $id ] ) ) { + $screen = self::$_registry[ $id ]; + if ( get_current_screen() === $screen ) { + return $screen; + } + } else { + $screen = new self(); + $screen->id = $id; + } + + $screen->base = $base; + $screen->action = $action; + $screen->post_type = (string) $post_type; + $screen->taxonomy = (string) $taxonomy; + $screen->is_user = ( 'user' === $in_admin ); + $screen->is_network = ( 'network' === $in_admin ); + $screen->in_admin = $in_admin; + $screen->is_block_editor = $is_block_editor; + + self::$_registry[ $id ] = $screen; + + return $screen; + } + + /** + * Makes the screen object the current screen. + * + * @see set_current_screen() + * @since 3.3.0 + * + * @global WP_Screen $current_screen WordPress current screen object. + * @global string $typenow The post type of the current screen. + * @global string $taxnow The taxonomy of the current screen. + */ + public function set_current_screen() { + global $current_screen, $taxnow, $typenow; + + $current_screen = $this; + $typenow = $this->post_type; + $taxnow = $this->taxonomy; + + /** + * Fires after the current screen has been set. + * + * @since 3.0.0 + * + * @param WP_Screen $current_screen Current WP_Screen object. + */ + do_action( 'current_screen', $current_screen ); + } + + /** + * Constructor + * + * @since 3.3.0 + */ + private function __construct() {} + + /** + * Indicates whether the screen is in a particular admin. + * + * @since 3.5.0 + * + * @param string $admin The admin to check against (network | user | site). + * If empty any of the three admins will result in true. + * @return bool True if the screen is in the indicated admin, false otherwise. + */ + public function in_admin( $admin = null ) { + if ( empty( $admin ) ) { + return (bool) $this->in_admin; + } + + return ( $admin === $this->in_admin ); + } + + /** + * Sets or returns whether the block editor is loading on the current screen. + * + * @since 5.0.0 + * + * @param bool $set Optional. Sets whether the block editor is loading on the current screen or not. + * @return bool True if the block editor is being loaded, false otherwise. + */ + public function is_block_editor( $set = null ) { + if ( null !== $set ) { + $this->is_block_editor = (bool) $set; + } + + return $this->is_block_editor; + } + + /** + * Sets the old string-based contextual help for the screen for backward compatibility. + * + * @since 3.3.0 + * + * @param WP_Screen $screen A screen object. + * @param string $help Help text. + */ + public static function add_old_compat_help( $screen, $help ) { + self::$_old_compat_help[ $screen->id ] = $help; + } + + /** + * Sets the parent information for the screen. + * + * This is called in admin-header.php after the menu parent for the screen has been determined. + * + * @since 3.3.0 + * + * @param string $parent_file The parent file of the screen. Typically the $parent_file global. + */ + public function set_parentage( $parent_file ) { + $this->parent_file = $parent_file; + list( $this->parent_base ) = explode( '?', $parent_file ); + $this->parent_base = str_replace( '.php', '', $this->parent_base ); + } + + /** + * Adds an option for the screen. + * + * Call this in template files after admin.php is loaded and before admin-header.php is loaded + * to add screen options. + * + * @since 3.3.0 + * + * @param string $option Option ID. + * @param mixed $args Option-dependent arguments. + */ + public function add_option( $option, $args = array() ) { + $this->_options[ $option ] = $args; + } + + /** + * Removes an option from the screen. + * + * @since 3.8.0 + * + * @param string $option Option ID. + */ + public function remove_option( $option ) { + unset( $this->_options[ $option ] ); + } + + /** + * Removes all options from the screen. + * + * @since 3.8.0 + */ + public function remove_options() { + $this->_options = array(); + } + + /** + * Gets the options registered for the screen. + * + * @since 3.8.0 + * + * @return array Options with arguments. + */ + public function get_options() { + return $this->_options; + } + + /** + * Gets the arguments for an option for the screen. + * + * @since 3.3.0 + * + * @param string $option Option name. + * @param string|false $key Optional. Specific array key for when the option is an array. + * Default false. + * @return string The option value if set, null otherwise. + */ + public function get_option( $option, $key = false ) { + if ( ! isset( $this->_options[ $option ] ) ) { + return null; + } + if ( $key ) { + if ( isset( $this->_options[ $option ][ $key ] ) ) { + return $this->_options[ $option ][ $key ]; + } + return null; + } + return $this->_options[ $option ]; + } + + /** + * Gets the help tabs registered for the screen. + * + * @since 3.4.0 + * @since 4.4.0 Help tabs are ordered by their priority. + * + * @return array Help tabs with arguments. + */ + public function get_help_tabs() { + $help_tabs = $this->_help_tabs; + + $priorities = array(); + foreach ( $help_tabs as $help_tab ) { + if ( isset( $priorities[ $help_tab['priority'] ] ) ) { + $priorities[ $help_tab['priority'] ][] = $help_tab; + } else { + $priorities[ $help_tab['priority'] ] = array( $help_tab ); + } + } + + ksort( $priorities ); + + $sorted = array(); + foreach ( $priorities as $list ) { + foreach ( $list as $tab ) { + $sorted[ $tab['id'] ] = $tab; + } + } + + return $sorted; + } + + /** + * Gets the arguments for a help tab. + * + * @since 3.4.0 + * + * @param string $id Help Tab ID. + * @return array Help tab arguments. + */ + public function get_help_tab( $id ) { + if ( ! isset( $this->_help_tabs[ $id ] ) ) { + return null; + } + return $this->_help_tabs[ $id ]; + } + + /** + * Adds a help tab to the contextual help for the screen. + * + * Call this on the `load-$pagenow` hook for the relevant screen, + * or fetch the `$current_screen` object, or use get_current_screen() + * and then call the method from the object. + * + * You may need to filter `$current_screen` using an if or switch statement + * to prevent new help tabs from being added to ALL admin screens. + * + * @since 3.3.0 + * @since 4.4.0 The `$priority` argument was added. + * + * @param array $args { + * Array of arguments used to display the help tab. + * + * @type string $title Title for the tab. Default false. + * @type string $id Tab ID. Must be HTML-safe and should be unique for this menu. + * It is NOT allowed to contain any empty spaces. Default false. + * @type string $content Optional. Help tab content in plain text or HTML. Default empty string. + * @type callable $callback Optional. A callback to generate the tab content. Default false. + * @type int $priority Optional. The priority of the tab, used for ordering. Default 10. + * } + */ + public function add_help_tab( $args ) { + $defaults = array( + 'title' => false, + 'id' => false, + 'content' => '', + 'callback' => false, + 'priority' => 10, + ); + $args = wp_parse_args( $args, $defaults ); + + $args['id'] = sanitize_html_class( $args['id'] ); + + // Ensure we have an ID and title. + if ( ! $args['id'] || ! $args['title'] ) { + return; + } + + // Allows for overriding an existing tab with that ID. + $this->_help_tabs[ $args['id'] ] = $args; + } + + /** + * Removes a help tab from the contextual help for the screen. + * + * @since 3.3.0 + * + * @param string $id The help tab ID. + */ + public function remove_help_tab( $id ) { + unset( $this->_help_tabs[ $id ] ); + } + + /** + * Removes all help tabs from the contextual help for the screen. + * + * @since 3.3.0 + */ + public function remove_help_tabs() { + $this->_help_tabs = array(); + } + + /** + * Gets the content from a contextual help sidebar. + * + * @since 3.4.0 + * + * @return string Contents of the help sidebar. + */ + public function get_help_sidebar() { + return $this->_help_sidebar; + } + + /** + * Adds a sidebar to the contextual help for the screen. + * + * Call this in template files after admin.php is loaded and before admin-header.php is loaded + * to add a sidebar to the contextual help. + * + * @since 3.3.0 + * + * @param string $content Sidebar content in plain text or HTML. + */ + public function set_help_sidebar( $content ) { + $this->_help_sidebar = $content; + } + + /** + * Gets the number of layout columns the user has selected. + * + * The layout_columns option controls the max number and default number of + * columns. This method returns the number of columns within that range selected + * by the user via Screen Options. If no selection has been made, the default + * provisioned in layout_columns is returned. If the screen does not support + * selecting the number of layout columns, 0 is returned. + * + * @since 3.4.0 + * + * @return int Number of columns to display. + */ + public function get_columns() { + return $this->columns; + } + + /** + * Gets the accessible hidden headings and text used in the screen. + * + * @since 4.4.0 + * + * @see set_screen_reader_content() For more information on the array format. + * + * @return string[] An associative array of screen reader text strings. + */ + public function get_screen_reader_content() { + return $this->_screen_reader_content; + } + + /** + * Gets a screen reader text string. + * + * @since 4.4.0 + * + * @param string $key Screen reader text array named key. + * @return string Screen reader text string. + */ + public function get_screen_reader_text( $key ) { + if ( ! isset( $this->_screen_reader_content[ $key ] ) ) { + return null; + } + return $this->_screen_reader_content[ $key ]; + } + + /** + * Adds accessible hidden headings and text for the screen. + * + * @since 4.4.0 + * + * @param array $content { + * An associative array of screen reader text strings. + * + * @type string $heading_views Screen reader text for the filter links heading. + * Default 'Filter items list'. + * @type string $heading_pagination Screen reader text for the pagination heading. + * Default 'Items list navigation'. + * @type string $heading_list Screen reader text for the items list heading. + * Default 'Items list'. + * } + */ + public function set_screen_reader_content( $content = array() ) { + $defaults = array( + 'heading_views' => __( 'Filter items list' ), + 'heading_pagination' => __( 'Items list navigation' ), + 'heading_list' => __( 'Items list' ), + ); + $content = wp_parse_args( $content, $defaults ); + + $this->_screen_reader_content = $content; + } + + /** + * Removes all the accessible hidden headings and text for the screen. + * + * @since 4.4.0 + */ + public function remove_screen_reader_content() { + $this->_screen_reader_content = array(); + } + + /** + * Renders the screen's help section. + * + * This will trigger the deprecated filters for backward compatibility. + * + * @since 3.3.0 + * + * @global string $screen_layout_columns + */ + public function render_screen_meta() { + + /** + * Filters the legacy contextual help list. + * + * @since 2.7.0 + * @deprecated 3.3.0 Use {@see get_current_screen()->add_help_tab()} or + * {@see get_current_screen()->remove_help_tab()} instead. + * + * @param array $old_compat_help Old contextual help. + * @param WP_Screen $screen Current WP_Screen instance. + */ + self::$_old_compat_help = apply_filters_deprecated( + 'contextual_help_list', + array( self::$_old_compat_help, $this ), + '3.3.0', + 'get_current_screen()->add_help_tab(), get_current_screen()->remove_help_tab()' + ); + + $old_help = isset( self::$_old_compat_help[ $this->id ] ) ? self::$_old_compat_help[ $this->id ] : ''; + + /** + * Filters the legacy contextual help text. + * + * @since 2.7.0 + * @deprecated 3.3.0 Use {@see get_current_screen()->add_help_tab()} or + * {@see get_current_screen()->remove_help_tab()} instead. + * + * @param string $old_help Help text that appears on the screen. + * @param string $screen_id Screen ID. + * @param WP_Screen $screen Current WP_Screen instance. + */ + $old_help = apply_filters_deprecated( + 'contextual_help', + array( $old_help, $this->id, $this ), + '3.3.0', + 'get_current_screen()->add_help_tab(), get_current_screen()->remove_help_tab()' + ); + + // Default help only if there is no old-style block of text and no new-style help tabs. + if ( empty( $old_help ) && ! $this->get_help_tabs() ) { + + /** + * Filters the default legacy contextual help text. + * + * @since 2.8.0 + * @deprecated 3.3.0 Use {@see get_current_screen()->add_help_tab()} or + * {@see get_current_screen()->remove_help_tab()} instead. + * + * @param string $old_help_default Default contextual help text. + */ + $default_help = apply_filters_deprecated( + 'default_contextual_help', + array( '' ), + '3.3.0', + 'get_current_screen()->add_help_tab(), get_current_screen()->remove_help_tab()' + ); + if ( $default_help ) { + $old_help = '<p>' . $default_help . '</p>'; + } + } + + if ( $old_help ) { + $this->add_help_tab( + array( + 'id' => 'old-contextual-help', + 'title' => __( 'Overview' ), + 'content' => $old_help, + ) + ); + } + + $help_sidebar = $this->get_help_sidebar(); + + $help_class = 'hidden'; + if ( ! $help_sidebar ) { + $help_class .= ' no-sidebar'; + } + + // Time to render! + ?> + <div id="screen-meta" class="metabox-prefs"> + + <div id="contextual-help-wrap" class="<?php echo esc_attr( $help_class ); ?>" tabindex="-1" aria-label="<?php esc_attr_e( 'Contextual Help Tab' ); ?>"> + <div id="contextual-help-back"></div> + <div id="contextual-help-columns"> + <div class="contextual-help-tabs"> + <ul> + <?php + $class = ' class="active"'; + foreach ( $this->get_help_tabs() as $tab ) : + $link_id = "tab-link-{$tab['id']}"; + $panel_id = "tab-panel-{$tab['id']}"; + ?> + + <li id="<?php echo esc_attr( $link_id ); ?>"<?php echo $class; ?>> + <a href="<?php echo esc_url( "#$panel_id" ); ?>" aria-controls="<?php echo esc_attr( $panel_id ); ?>"> + <?php echo esc_html( $tab['title'] ); ?> + </a> + </li> + <?php + $class = ''; + endforeach; + ?> + </ul> + </div> + + <?php if ( $help_sidebar ) : ?> + <div class="contextual-help-sidebar"> + <?php echo $help_sidebar; ?> + </div> + <?php endif; ?> + + <div class="contextual-help-tabs-wrap"> + <?php + $classes = 'help-tab-content active'; + foreach ( $this->get_help_tabs() as $tab ) : + $panel_id = "tab-panel-{$tab['id']}"; + ?> + + <div id="<?php echo esc_attr( $panel_id ); ?>" class="<?php echo $classes; ?>"> + <?php + // Print tab content. + echo $tab['content']; + + // If it exists, fire tab callback. + if ( ! empty( $tab['callback'] ) ) { + call_user_func_array( $tab['callback'], array( $this, $tab ) ); + } + ?> + </div> + <?php + $classes = 'help-tab-content'; + endforeach; + ?> + </div> + </div> + </div> + <?php + // Setup layout columns. + + /** + * Filters the array of screen layout columns. + * + * This hook provides back-compat for plugins using the back-compat + * Filters instead of add_screen_option(). + * + * @since 2.8.0 + * + * @param array $empty_columns Empty array. + * @param string $screen_id Screen ID. + * @param WP_Screen $screen Current WP_Screen instance. + */ + $columns = apply_filters( 'screen_layout_columns', array(), $this->id, $this ); + + if ( ! empty( $columns ) && isset( $columns[ $this->id ] ) ) { + $this->add_option( 'layout_columns', array( 'max' => $columns[ $this->id ] ) ); + } + + if ( $this->get_option( 'layout_columns' ) ) { + $this->columns = (int) get_user_option( "screen_layout_$this->id" ); + + if ( ! $this->columns && $this->get_option( 'layout_columns', 'default' ) ) { + $this->columns = $this->get_option( 'layout_columns', 'default' ); + } + } + $GLOBALS['screen_layout_columns'] = $this->columns; // Set the global for back-compat. + + // Add screen options. + if ( $this->show_screen_options() ) { + $this->render_screen_options(); + } + ?> + </div> + <?php + if ( ! $this->get_help_tabs() && ! $this->show_screen_options() ) { + return; + } + ?> + <div id="screen-meta-links"> + <?php if ( $this->show_screen_options() ) : ?> + <div id="screen-options-link-wrap" class="hide-if-no-js screen-meta-toggle"> + <button type="button" id="show-settings-link" class="button show-settings" aria-controls="screen-options-wrap" aria-expanded="false"><?php _e( 'Screen Options' ); ?></button> + </div> + <?php + endif; + if ( $this->get_help_tabs() ) : + ?> + <div id="contextual-help-link-wrap" class="hide-if-no-js screen-meta-toggle"> + <button type="button" id="contextual-help-link" class="button show-settings" aria-controls="contextual-help-wrap" aria-expanded="false"><?php _e( 'Help' ); ?></button> + </div> + <?php endif; ?> + </div> + <?php + } + + /** + * @global array $wp_meta_boxes + * + * @return bool + */ + public function show_screen_options() { + global $wp_meta_boxes; + + if ( is_bool( $this->_show_screen_options ) ) { + return $this->_show_screen_options; + } + + $columns = get_column_headers( $this ); + + $show_screen = ! empty( $wp_meta_boxes[ $this->id ] ) || $columns || $this->get_option( 'per_page' ); + + $this->_screen_settings = ''; + + if ( 'post' === $this->base ) { + $expand = '<fieldset class="editor-expand hidden"><legend>' . __( 'Additional settings' ) . '</legend><label for="editor-expand-toggle">'; + $expand .= '<input type="checkbox" id="editor-expand-toggle"' . checked( get_user_setting( 'editor_expand', 'on' ), 'on', false ) . ' />'; + $expand .= __( 'Enable full-height editor and distraction-free functionality.' ) . '</label></fieldset>'; + $this->_screen_settings = $expand; + } + + /** + * Filters the screen settings text displayed in the Screen Options tab. + * + * @since 3.0.0 + * + * @param string $screen_settings Screen settings. + * @param WP_Screen $screen WP_Screen object. + */ + $this->_screen_settings = apply_filters( 'screen_settings', $this->_screen_settings, $this ); + + if ( $this->_screen_settings || $this->_options ) { + $show_screen = true; + } + + /** + * Filters whether to show the Screen Options tab. + * + * @since 3.2.0 + * + * @param bool $show_screen Whether to show Screen Options tab. + * Default true. + * @param WP_Screen $screen Current WP_Screen instance. + */ + $this->_show_screen_options = apply_filters( 'screen_options_show_screen', $show_screen, $this ); + return $this->_show_screen_options; + } + + /** + * Renders the screen options tab. + * + * @since 3.3.0 + * + * @param array $options { + * Options for the tab. + * + * @type bool $wrap Whether the screen-options-wrap div will be included. Defaults to true. + * } + */ + public function render_screen_options( $options = array() ) { + $options = wp_parse_args( + $options, + array( + 'wrap' => true, + ) + ); + + $wrapper_start = ''; + $wrapper_end = ''; + $form_start = ''; + $form_end = ''; + + // Output optional wrapper. + if ( $options['wrap'] ) { + $wrapper_start = '<div id="screen-options-wrap" class="hidden" tabindex="-1" aria-label="' . esc_attr__( 'Screen Options Tab' ) . '">'; + $wrapper_end = '</div>'; + } + + // Don't output the form and nonce for the widgets accessibility mode links. + if ( 'widgets' !== $this->base ) { + $form_start = "\n<form id='adv-settings' method='post'>\n"; + $form_end = "\n" . wp_nonce_field( 'screen-options-nonce', 'screenoptionnonce', false, false ) . "\n</form>\n"; + } + + echo $wrapper_start . $form_start; + + $this->render_meta_boxes_preferences(); + $this->render_list_table_columns_preferences(); + $this->render_screen_layout(); + $this->render_per_page_options(); + $this->render_view_mode(); + echo $this->_screen_settings; + + /** + * Filters whether to show the Screen Options submit button. + * + * @since 4.4.0 + * + * @param bool $show_button Whether to show Screen Options submit button. + * Default false. + * @param WP_Screen $screen Current WP_Screen instance. + */ + $show_button = apply_filters( 'screen_options_show_submit', false, $this ); + + if ( $show_button ) { + submit_button( __( 'Apply' ), 'primary', 'screen-options-apply', true ); + } + + echo $form_end . $wrapper_end; + } + + /** + * Renders the meta boxes preferences. + * + * @since 4.4.0 + * + * @global array $wp_meta_boxes + */ + public function render_meta_boxes_preferences() { + global $wp_meta_boxes; + + if ( ! isset( $wp_meta_boxes[ $this->id ] ) ) { + return; + } + ?> + <fieldset class="metabox-prefs"> + <legend><?php _e( 'Screen elements' ); ?></legend> + <p> + <?php _e( 'Some screen elements can be shown or hidden by using the checkboxes.' ); ?> + <?php _e( 'Expand or collapse the elements by clicking on their headings, and arrange them by dragging their headings or by clicking on the up and down arrows.' ); ?> + </p> + <div class="metabox-prefs-container"> + <?php + + meta_box_prefs( $this ); + + if ( 'dashboard' === $this->id && has_action( 'welcome_panel' ) && current_user_can( 'edit_theme_options' ) ) { + if ( isset( $_GET['welcome'] ) ) { + $welcome_checked = empty( $_GET['welcome'] ) ? 0 : 1; + update_user_meta( get_current_user_id(), 'show_welcome_panel', $welcome_checked ); + } else { + $welcome_checked = (int) get_user_meta( get_current_user_id(), 'show_welcome_panel', true ); + if ( 2 === $welcome_checked && wp_get_current_user()->user_email !== get_option( 'admin_email' ) ) { + $welcome_checked = false; + } + } + echo '<label for="wp_welcome_panel-hide">'; + echo '<input type="checkbox" id="wp_welcome_panel-hide"' . checked( (bool) $welcome_checked, true, false ) . ' />'; + echo _x( 'Welcome', 'Welcome panel' ) . "</label>\n"; + } + ?> + </div> + </fieldset> + <?php + } + + /** + * Renders the list table columns preferences. + * + * @since 4.4.0 + */ + public function render_list_table_columns_preferences() { + + $columns = get_column_headers( $this ); + $hidden = get_hidden_columns( $this ); + + if ( ! $columns ) { + return; + } + + $legend = ! empty( $columns['_title'] ) ? $columns['_title'] : __( 'Columns' ); + ?> + <fieldset class="metabox-prefs"> + <legend><?php echo $legend; ?></legend> + <?php + $special = array( '_title', 'cb', 'comment', 'media', 'name', 'title', 'username', 'blogname' ); + + foreach ( $columns as $column => $title ) { + // Can't hide these for they are special. + if ( in_array( $column, $special, true ) ) { + continue; + } + + if ( empty( $title ) ) { + continue; + } + + /* + * The Comments column uses HTML in the display name with some screen + * reader text. Make sure to strip tags from the Comments column + * title and any other custom column title plugins might add. + */ + $title = wp_strip_all_tags( $title ); + + $id = "$column-hide"; + echo '<label>'; + echo '<input class="hide-column-tog" name="' . $id . '" type="checkbox" id="' . $id . '" value="' . $column . '"' . checked( ! in_array( $column, $hidden, true ), true, false ) . ' />'; + echo "$title</label>\n"; + } + ?> + </fieldset> + <?php + } + + /** + * Renders the option for number of columns on the page. + * + * @since 3.3.0 + */ + public function render_screen_layout() { + if ( ! $this->get_option( 'layout_columns' ) ) { + return; + } + + $screen_layout_columns = $this->get_columns(); + $num = $this->get_option( 'layout_columns', 'max' ); + + ?> + <fieldset class='columns-prefs'> + <legend class="screen-layout"><?php _e( 'Layout' ); ?></legend> + <?php for ( $i = 1; $i <= $num; ++$i ) : ?> + <label class="columns-prefs-<?php echo $i; ?>"> + <input type='radio' name='screen_columns' value='<?php echo esc_attr( $i ); ?>' <?php checked( $screen_layout_columns, $i ); ?> /> + <?php + printf( + /* translators: %s: Number of columns on the page. */ + _n( '%s column', '%s columns', $i ), + number_format_i18n( $i ) + ); + ?> + </label> + <?php endfor; ?> + </fieldset> + <?php + } + + /** + * Renders the items per page option. + * + * @since 3.3.0 + */ + public function render_per_page_options() { + if ( null === $this->get_option( 'per_page' ) ) { + return; + } + + $per_page_label = $this->get_option( 'per_page', 'label' ); + if ( null === $per_page_label ) { + $per_page_label = __( 'Number of items per page:' ); + } + + $option = $this->get_option( 'per_page', 'option' ); + if ( ! $option ) { + $option = str_replace( '-', '_', "{$this->id}_per_page" ); + } + + $per_page = (int) get_user_option( $option ); + if ( empty( $per_page ) || $per_page < 1 ) { + $per_page = $this->get_option( 'per_page', 'default' ); + if ( ! $per_page ) { + $per_page = 20; + } + } + + if ( 'edit_comments_per_page' === $option ) { + $comment_status = isset( $_REQUEST['comment_status'] ) ? $_REQUEST['comment_status'] : 'all'; + + /** This filter is documented in wp-admin/includes/class-wp-comments-list-table.php */ + $per_page = apply_filters( 'comments_per_page', $per_page, $comment_status ); + } elseif ( 'categories_per_page' === $option ) { + /** This filter is documented in wp-admin/includes/class-wp-terms-list-table.php */ + $per_page = apply_filters( 'edit_categories_per_page', $per_page ); + } else { + /** This filter is documented in wp-admin/includes/class-wp-list-table.php */ + $per_page = apply_filters( "{$option}", $per_page ); + } + + // Back compat. + if ( isset( $this->post_type ) ) { + /** This filter is documented in wp-admin/includes/post.php */ + $per_page = apply_filters( 'edit_posts_per_page', $per_page, $this->post_type ); + } + + // This needs a submit button. + add_filter( 'screen_options_show_submit', '__return_true' ); + + ?> + <fieldset class="screen-options"> + <legend><?php _e( 'Pagination' ); ?></legend> + <?php if ( $per_page_label ) : ?> + <label for="<?php echo esc_attr( $option ); ?>"><?php echo $per_page_label; ?></label> + <input type="number" step="1" min="1" max="999" class="screen-per-page" name="wp_screen_options[value]" + id="<?php echo esc_attr( $option ); ?>" maxlength="3" + value="<?php echo esc_attr( $per_page ); ?>" /> + <?php endif; ?> + <input type="hidden" name="wp_screen_options[option]" value="<?php echo esc_attr( $option ); ?>" /> + </fieldset> + <?php + } + + /** + * Renders the list table view mode preferences. + * + * @since 4.4.0 + * + * @global string $mode List table view mode. + */ + public function render_view_mode() { + global $mode; + + $screen = get_current_screen(); + + // Currently only enabled for posts and comments lists. + if ( 'edit' !== $screen->base && 'edit-comments' !== $screen->base ) { + return; + } + + $view_mode_post_types = get_post_types( array( 'show_ui' => true ) ); + + /** + * Filters the post types that have different view mode options. + * + * @since 4.4.0 + * + * @param string[] $view_mode_post_types Array of post types that can change view modes. + * Default post types with show_ui on. + */ + $view_mode_post_types = apply_filters( 'view_mode_post_types', $view_mode_post_types ); + + if ( 'edit' === $screen->base && ! in_array( $this->post_type, $view_mode_post_types, true ) ) { + return; + } + + if ( ! isset( $mode ) ) { + $mode = get_user_setting( 'posts_list_mode', 'list' ); + } + + // This needs a submit button. + add_filter( 'screen_options_show_submit', '__return_true' ); + ?> + <fieldset class="metabox-prefs view-mode"> + <legend><?php _e( 'View mode' ); ?></legend> + <label for="list-view-mode"> + <input id="list-view-mode" type="radio" name="mode" value="list" <?php checked( 'list', $mode ); ?> /> + <?php _e( 'Compact view' ); ?> + </label> + <label for="excerpt-view-mode"> + <input id="excerpt-view-mode" type="radio" name="mode" value="excerpt" <?php checked( 'excerpt', $mode ); ?> /> + <?php _e( 'Extended view' ); ?> + </label> + </fieldset> + <?php + } + + /** + * Renders screen reader text. + * + * @since 4.4.0 + * + * @param string $key The screen reader text array named key. + * @param string $tag Optional. The HTML tag to wrap the screen reader text. Default h2. + */ + public function render_screen_reader_content( $key = '', $tag = 'h2' ) { + + if ( ! isset( $this->_screen_reader_content[ $key ] ) ) { + return; + } + echo "<$tag class='screen-reader-text'>" . $this->_screen_reader_content[ $key ] . "</$tag>"; + } +} diff --git a/wp-admin/includes/class-wp-site-health-auto-updates.php b/wp-admin/includes/class-wp-site-health-auto-updates.php new file mode 100644 index 0000000..85decaa --- /dev/null +++ b/wp-admin/includes/class-wp-site-health-auto-updates.php @@ -0,0 +1,458 @@ +<?php +/** + * Class for testing automatic updates in the WordPress code. + * + * @package WordPress + * @subpackage Site_Health + * @since 5.2.0 + */ + +#[AllowDynamicProperties] +class WP_Site_Health_Auto_Updates { + /** + * WP_Site_Health_Auto_Updates constructor. + * + * @since 5.2.0 + */ + public function __construct() { + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + } + + + /** + * Runs tests to determine if auto-updates can run. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function run_tests() { + $tests = array( + $this->test_constants( 'WP_AUTO_UPDATE_CORE', array( true, 'beta', 'rc', 'development', 'branch-development', 'minor' ) ), + $this->test_wp_version_check_attached(), + $this->test_filters_automatic_updater_disabled(), + $this->test_wp_automatic_updates_disabled(), + $this->test_if_failed_update(), + $this->test_vcs_abspath(), + $this->test_check_wp_filesystem_method(), + $this->test_all_files_writable(), + $this->test_accepts_dev_updates(), + $this->test_accepts_minor_updates(), + ); + + $tests = array_filter( $tests ); + $tests = array_map( + static function ( $test ) { + $test = (object) $test; + + if ( empty( $test->severity ) ) { + $test->severity = 'warning'; + } + + return $test; + }, + $tests + ); + + return $tests; + } + + /** + * Tests if auto-updates related constants are set correctly. + * + * @since 5.2.0 + * @since 5.5.1 The `$value` parameter can accept an array. + * + * @param string $constant The name of the constant to check. + * @param bool|string|array $value The value that the constant should be, if set, + * or an array of acceptable values. + * @return array The test results. + */ + public function test_constants( $constant, $value ) { + $acceptable_values = (array) $value; + + if ( defined( $constant ) && ! in_array( constant( $constant ), $acceptable_values, true ) ) { + return array( + 'description' => sprintf( + /* translators: 1: Name of the constant used. 2: Value of the constant used. */ + __( 'The %1$s constant is defined as %2$s' ), + "<code>$constant</code>", + '<code>' . esc_html( var_export( constant( $constant ), true ) ) . '</code>' + ), + 'severity' => 'fail', + ); + } + } + + /** + * Checks if updates are intercepted by a filter. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function test_wp_version_check_attached() { + if ( ( ! is_multisite() || is_main_site() && is_network_admin() ) + && ! has_filter( 'wp_version_check', 'wp_version_check' ) + ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the filter used. */ + __( 'A plugin has prevented updates by disabling %s.' ), + '<code>wp_version_check()</code>' + ), + 'severity' => 'fail', + ); + } + } + + /** + * Checks if automatic updates are disabled by a filter. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function test_filters_automatic_updater_disabled() { + /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */ + if ( apply_filters( 'automatic_updater_disabled', false ) ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the filter used. */ + __( 'The %s filter is enabled.' ), + '<code>automatic_updater_disabled</code>' + ), + 'severity' => 'fail', + ); + } + } + + /** + * Checks if automatic updates are disabled. + * + * @since 5.3.0 + * + * @return array|false The test results. False if auto-updates are enabled. + */ + public function test_wp_automatic_updates_disabled() { + if ( ! class_exists( 'WP_Automatic_Updater' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-automatic-updater.php'; + } + + $auto_updates = new WP_Automatic_Updater(); + + if ( ! $auto_updates->is_disabled() ) { + return false; + } + + return array( + 'description' => __( 'All automatic updates are disabled.' ), + 'severity' => 'fail', + ); + } + + /** + * Checks if automatic updates have tried to run, but failed, previously. + * + * @since 5.2.0 + * + * @return array|false The test results. False if the auto-updates failed. + */ + public function test_if_failed_update() { + $failed = get_site_option( 'auto_core_update_failed' ); + + if ( ! $failed ) { + return false; + } + + if ( ! empty( $failed['critical'] ) ) { + $description = __( 'A previous automatic background update ended with a critical failure, so updates are now disabled.' ); + $description .= ' ' . __( 'You would have received an email because of this.' ); + $description .= ' ' . __( "When you've been able to update using the \"Update now\" button on Dashboard > Updates, this error will be cleared for future update attempts." ); + $description .= ' ' . sprintf( + /* translators: %s: Code of error shown. */ + __( 'The error code was %s.' ), + '<code>' . $failed['error_code'] . '</code>' + ); + return array( + 'description' => $description, + 'severity' => 'warning', + ); + } + + $description = __( 'A previous automatic background update could not occur.' ); + if ( empty( $failed['retry'] ) ) { + $description .= ' ' . __( 'You would have received an email because of this.' ); + } + + $description .= ' ' . __( 'Another attempt will be made with the next release.' ); + $description .= ' ' . sprintf( + /* translators: %s: Code of error shown. */ + __( 'The error code was %s.' ), + '<code>' . $failed['error_code'] . '</code>' + ); + return array( + 'description' => $description, + 'severity' => 'warning', + ); + } + + /** + * Checks if WordPress is controlled by a VCS (Git, Subversion etc). + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function test_vcs_abspath() { + $context_dirs = array( ABSPATH ); + $vcs_dirs = array( '.svn', '.git', '.hg', '.bzr' ); + $check_dirs = array(); + + foreach ( $context_dirs as $context_dir ) { + // Walk up from $context_dir to the root. + do { + $check_dirs[] = $context_dir; + + // Once we've hit '/' or 'C:\', we need to stop. dirname will keep returning the input here. + if ( dirname( $context_dir ) === $context_dir ) { + break; + } + + // Continue one level at a time. + } while ( $context_dir = dirname( $context_dir ) ); + } + + $check_dirs = array_unique( $check_dirs ); + + // Search all directories we've found for evidence of version control. + foreach ( $vcs_dirs as $vcs_dir ) { + foreach ( $check_dirs as $check_dir ) { + // phpcs:ignore Generic.CodeAnalysis.AssignmentInCondition,Squiz.PHP.DisallowMultipleAssignments + if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) { + break 2; + } + } + } + + /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */ + if ( $checkout && ! apply_filters( 'automatic_updates_is_vcs_checkout', true, ABSPATH ) ) { + return array( + 'description' => sprintf( + /* translators: 1: Folder name. 2: Version control directory. 3: Filter name. */ + __( 'The folder %1$s was detected as being under version control (%2$s), but the %3$s filter is allowing updates.' ), + '<code>' . $check_dir . '</code>', + "<code>$vcs_dir</code>", + '<code>automatic_updates_is_vcs_checkout</code>' + ), + 'severity' => 'info', + ); + } + + if ( $checkout ) { + return array( + 'description' => sprintf( + /* translators: 1: Folder name. 2: Version control directory. */ + __( 'The folder %1$s was detected as being under version control (%2$s).' ), + '<code>' . $check_dir . '</code>', + "<code>$vcs_dir</code>" + ), + 'severity' => 'warning', + ); + } + + return array( + 'description' => __( 'No version control systems were detected.' ), + 'severity' => 'pass', + ); + } + + /** + * Checks if we can access files without providing credentials. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function test_check_wp_filesystem_method() { + // Make sure the `request_filesystem_credentials()` function is available during our REST API call. + if ( ! function_exists( 'request_filesystem_credentials' ) ) { + require_once ABSPATH . 'wp-admin/includes/file.php'; + } + + $skin = new Automatic_Upgrader_Skin(); + $success = $skin->request_filesystem_credentials( false, ABSPATH ); + + if ( ! $success ) { + $description = __( 'Your installation of WordPress prompts for FTP credentials to perform updates.' ); + $description .= ' ' . __( '(Your site is performing updates over FTP due to file ownership. Talk to your hosting company.)' ); + + return array( + 'description' => $description, + 'severity' => 'fail', + ); + } + + return array( + 'description' => __( 'Your installation of WordPress does not require FTP credentials to perform updates.' ), + 'severity' => 'pass', + ); + } + + /** + * Checks if core files are writable by the web user/group. + * + * @since 5.2.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @return array|false The test results. False if they're not writeable. + */ + public function test_all_files_writable() { + global $wp_filesystem; + + require ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z + + $skin = new Automatic_Upgrader_Skin(); + $success = $skin->request_filesystem_credentials( false, ABSPATH ); + + if ( ! $success ) { + return false; + } + + WP_Filesystem(); + + if ( 'direct' !== $wp_filesystem->method ) { + return false; + } + + // Make sure the `get_core_checksums()` function is available during our REST API call. + if ( ! function_exists( 'get_core_checksums' ) ) { + require_once ABSPATH . 'wp-admin/includes/update.php'; + } + + $checksums = get_core_checksums( $wp_version, 'en_US' ); + $dev = ( str_contains( $wp_version, '-' ) ); + // Get the last stable version's files and test against that. + if ( ! $checksums && $dev ) { + $checksums = get_core_checksums( (float) $wp_version - 0.1, 'en_US' ); + } + + // There aren't always checksums for development releases, so just skip the test if we still can't find any. + if ( ! $checksums && $dev ) { + return false; + } + + if ( ! $checksums ) { + $description = sprintf( + /* translators: %s: WordPress version. */ + __( "Couldn't retrieve a list of the checksums for WordPress %s." ), + $wp_version + ); + $description .= ' ' . __( 'This could mean that connections are failing to WordPress.org.' ); + return array( + 'description' => $description, + 'severity' => 'warning', + ); + } + + $unwritable_files = array(); + foreach ( array_keys( $checksums ) as $file ) { + if ( str_starts_with( $file, 'wp-content' ) ) { + continue; + } + if ( ! file_exists( ABSPATH . $file ) ) { + continue; + } + if ( ! is_writable( ABSPATH . $file ) ) { + $unwritable_files[] = $file; + } + } + + if ( $unwritable_files ) { + if ( count( $unwritable_files ) > 20 ) { + $unwritable_files = array_slice( $unwritable_files, 0, 20 ); + $unwritable_files[] = '...'; + } + return array( + 'description' => __( 'Some files are not writable by WordPress:' ) . ' <ul><li>' . implode( '</li><li>', $unwritable_files ) . '</li></ul>', + 'severity' => 'fail', + ); + } else { + return array( + 'description' => __( 'All of your WordPress files are writable.' ), + 'severity' => 'pass', + ); + } + } + + /** + * Checks if the install is using a development branch and can use nightly packages. + * + * @since 5.2.0 + * + * @return array|false The test results. False if it isn't a development version. + */ + public function test_accepts_dev_updates() { + require ABSPATH . WPINC . '/version.php'; // $wp_version; // x.y.z + // Only for dev versions. + if ( ! str_contains( $wp_version, '-' ) ) { + return false; + } + + if ( defined( 'WP_AUTO_UPDATE_CORE' ) && ( 'minor' === WP_AUTO_UPDATE_CORE || false === WP_AUTO_UPDATE_CORE ) ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the constant used. */ + __( 'WordPress development updates are blocked by the %s constant.' ), + '<code>WP_AUTO_UPDATE_CORE</code>' + ), + 'severity' => 'fail', + ); + } + + /** This filter is documented in wp-admin/includes/class-core-upgrader.php */ + if ( ! apply_filters( 'allow_dev_auto_core_updates', $wp_version ) ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the filter used. */ + __( 'WordPress development updates are blocked by the %s filter.' ), + '<code>allow_dev_auto_core_updates</code>' + ), + 'severity' => 'fail', + ); + } + } + + /** + * Checks if the site supports automatic minor updates. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function test_accepts_minor_updates() { + if ( defined( 'WP_AUTO_UPDATE_CORE' ) && false === WP_AUTO_UPDATE_CORE ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the constant used. */ + __( 'WordPress security and maintenance releases are blocked by %s.' ), + "<code>define( 'WP_AUTO_UPDATE_CORE', false );</code>" + ), + 'severity' => 'fail', + ); + } + + /** This filter is documented in wp-admin/includes/class-core-upgrader.php */ + if ( ! apply_filters( 'allow_minor_auto_core_updates', true ) ) { + return array( + 'description' => sprintf( + /* translators: %s: Name of the filter used. */ + __( 'WordPress security and maintenance releases are blocked by the %s filter.' ), + '<code>allow_minor_auto_core_updates</code>' + ), + 'severity' => 'fail', + ); + } + } +} diff --git a/wp-admin/includes/class-wp-site-health.php b/wp-admin/includes/class-wp-site-health.php new file mode 100644 index 0000000..b73e1e7 --- /dev/null +++ b/wp-admin/includes/class-wp-site-health.php @@ -0,0 +1,3635 @@ +<?php +/** + * Class for looking up a site's health based on a user's WordPress environment. + * + * @package WordPress + * @subpackage Site_Health + * @since 5.2.0 + */ + +#[AllowDynamicProperties] +class WP_Site_Health { + private static $instance = null; + + private $is_acceptable_mysql_version; + private $is_recommended_mysql_version; + + public $is_mariadb = false; + private $mysql_server_version = ''; + private $mysql_required_version = '5.5'; + private $mysql_recommended_version = '5.7'; + private $mariadb_recommended_version = '10.4'; + + public $php_memory_limit; + + public $schedules; + public $crons; + public $last_missed_cron = null; + public $last_late_cron = null; + private $timeout_missed_cron = null; + private $timeout_late_cron = null; + + /** + * WP_Site_Health constructor. + * + * @since 5.2.0 + */ + public function __construct() { + $this->maybe_create_scheduled_event(); + + // Save memory limit before it's affected by wp_raise_memory_limit( 'admin' ). + $this->php_memory_limit = ini_get( 'memory_limit' ); + + $this->timeout_late_cron = 0; + $this->timeout_missed_cron = - 5 * MINUTE_IN_SECONDS; + + if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) { + $this->timeout_late_cron = - 15 * MINUTE_IN_SECONDS; + $this->timeout_missed_cron = - 1 * HOUR_IN_SECONDS; + } + + add_filter( 'admin_body_class', array( $this, 'admin_body_class' ) ); + + add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) ); + add_action( 'wp_site_health_scheduled_check', array( $this, 'wp_cron_scheduled_check' ) ); + + add_action( 'site_health_tab_content', array( $this, 'show_site_health_tab' ) ); + } + + /** + * Outputs the content of a tab in the Site Health screen. + * + * @since 5.8.0 + * + * @param string $tab Slug of the current tab being displayed. + */ + public function show_site_health_tab( $tab ) { + if ( 'debug' === $tab ) { + require_once ABSPATH . 'wp-admin/site-health-info.php'; + } + } + + /** + * Returns an instance of the WP_Site_Health class, or create one if none exist yet. + * + * @since 5.4.0 + * + * @return WP_Site_Health|null + */ + public static function get_instance() { + if ( null === self::$instance ) { + self::$instance = new WP_Site_Health(); + } + + return self::$instance; + } + + /** + * Enqueues the site health scripts. + * + * @since 5.2.0 + */ + public function enqueue_scripts() { + $screen = get_current_screen(); + if ( 'site-health' !== $screen->id && 'dashboard' !== $screen->id ) { + return; + } + + $health_check_js_variables = array( + 'screen' => $screen->id, + 'nonce' => array( + 'site_status' => wp_create_nonce( 'health-check-site-status' ), + 'site_status_result' => wp_create_nonce( 'health-check-site-status-result' ), + ), + 'site_status' => array( + 'direct' => array(), + 'async' => array(), + 'issues' => array( + 'good' => 0, + 'recommended' => 0, + 'critical' => 0, + ), + ), + ); + + $issue_counts = get_transient( 'health-check-site-status-result' ); + + if ( false !== $issue_counts ) { + $issue_counts = json_decode( $issue_counts ); + + $health_check_js_variables['site_status']['issues'] = $issue_counts; + } + + if ( 'site-health' === $screen->id && ( ! isset( $_GET['tab'] ) || empty( $_GET['tab'] ) ) ) { + $tests = WP_Site_Health::get_tests(); + + // Don't run https test on development environments. + if ( $this->is_development_environment() ) { + unset( $tests['async']['https_status'] ); + } + + foreach ( $tests['direct'] as $test ) { + if ( is_string( $test['test'] ) ) { + $test_function = sprintf( + 'get_test_%s', + $test['test'] + ); + + if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) { + $health_check_js_variables['site_status']['direct'][] = $this->perform_test( array( $this, $test_function ) ); + continue; + } + } + + if ( is_callable( $test['test'] ) ) { + $health_check_js_variables['site_status']['direct'][] = $this->perform_test( $test['test'] ); + } + } + + foreach ( $tests['async'] as $test ) { + if ( is_string( $test['test'] ) ) { + $health_check_js_variables['site_status']['async'][] = array( + 'test' => $test['test'], + 'has_rest' => ( isset( $test['has_rest'] ) ? $test['has_rest'] : false ), + 'completed' => false, + 'headers' => isset( $test['headers'] ) ? $test['headers'] : array(), + ); + } + } + } + + wp_localize_script( 'site-health', 'SiteHealth', $health_check_js_variables ); + } + + /** + * Runs a Site Health test directly. + * + * @since 5.4.0 + * + * @param callable $callback + * @return mixed|void + */ + private function perform_test( $callback ) { + /** + * Filters the output of a finished Site Health test. + * + * @since 5.3.0 + * + * @param array $test_result { + * An associative array of test result data. + * + * @type string $label A label describing the test, and is used as a header in the output. + * @type string $status The status of the test, which can be a value of `good`, `recommended` or `critical`. + * @type array $badge { + * Tests are put into categories which have an associated badge shown, these can be modified and assigned here. + * + * @type string $label The test label, for example `Performance`. + * @type string $color Default `blue`. A string representing a color to use for the label. + * } + * @type string $description A more descriptive explanation of what the test looks for, and why it is important for the end user. + * @type string $actions An action to direct the user to where they can resolve the issue, if one exists. + * @type string $test The name of the test being ran, used as a reference point. + * } + */ + return apply_filters( 'site_status_test_result', call_user_func( $callback ) ); + } + + /** + * Runs the SQL version checks. + * + * These values are used in later tests, but the part of preparing them is more easily managed + * early in the class for ease of access and discovery. + * + * @since 5.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ + private function prepare_sql_data() { + global $wpdb; + + $mysql_server_type = $wpdb->db_server_info(); + + $this->mysql_server_version = $wpdb->get_var( 'SELECT VERSION()' ); + + if ( stristr( $mysql_server_type, 'mariadb' ) ) { + $this->is_mariadb = true; + $this->mysql_recommended_version = $this->mariadb_recommended_version; + } + + $this->is_acceptable_mysql_version = version_compare( $this->mysql_required_version, $this->mysql_server_version, '<=' ); + $this->is_recommended_mysql_version = version_compare( $this->mysql_recommended_version, $this->mysql_server_version, '<=' ); + } + + /** + * Tests whether `wp_version_check` is blocked. + * + * It's possible to block updates with the `wp_version_check` filter, but this can't be checked + * during an Ajax call, as the filter is never introduced then. + * + * This filter overrides a standard page request if it's made by an admin through the Ajax call + * with the right query argument to check for this. + * + * @since 5.2.0 + */ + public function check_wp_version_check_exists() { + if ( ! is_admin() || ! is_user_logged_in() || ! current_user_can( 'update_core' ) || ! isset( $_GET['health-check-test-wp_version_check'] ) ) { + return; + } + + echo ( has_filter( 'wp_version_check', 'wp_version_check' ) ? 'yes' : 'no' ); + + die(); + } + + /** + * Tests for WordPress version and outputs it. + * + * Gives various results depending on what kind of updates are available, if any, to encourage + * the user to install security updates as a priority. + * + * @since 5.2.0 + * + * @return array The test result. + */ + public function get_test_wordpress_version() { + $result = array( + 'label' => '', + 'status' => '', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => '', + 'actions' => '', + 'test' => 'wordpress_version', + ); + + $core_current_version = get_bloginfo( 'version' ); + $core_updates = get_core_updates(); + + if ( ! is_array( $core_updates ) ) { + $result['status'] = 'recommended'; + + $result['label'] = sprintf( + /* translators: %s: Your current version of WordPress. */ + __( 'WordPress version %s' ), + $core_current_version + ); + + $result['description'] = sprintf( + '<p>%s</p>', + __( 'Unable to check if any new versions of WordPress are available.' ) + ); + + $result['actions'] = sprintf( + '<a href="%s">%s</a>', + esc_url( admin_url( 'update-core.php?force-check=1' ) ), + __( 'Check for updates manually' ) + ); + } else { + foreach ( $core_updates as $core => $update ) { + if ( 'upgrade' === $update->response ) { + $current_version = explode( '.', $core_current_version ); + $new_version = explode( '.', $update->version ); + + $current_major = $current_version[0] . '.' . $current_version[1]; + $new_major = $new_version[0] . '.' . $new_version[1]; + + $result['label'] = sprintf( + /* translators: %s: The latest version of WordPress available. */ + __( 'WordPress update available (%s)' ), + $update->version + ); + + $result['actions'] = sprintf( + '<a href="%s">%s</a>', + esc_url( admin_url( 'update-core.php' ) ), + __( 'Install the latest version of WordPress' ) + ); + + if ( $current_major !== $new_major ) { + // This is a major version mismatch. + $result['status'] = 'recommended'; + $result['description'] = sprintf( + '<p>%s</p>', + __( 'A new version of WordPress is available.' ) + ); + } else { + // This is a minor version, sometimes considered more critical. + $result['status'] = 'critical'; + $result['badge']['label'] = __( 'Security' ); + $result['description'] = sprintf( + '<p>%s</p>', + __( 'A new minor update is available for your site. Because minor updates often address security, it’s important to install them.' ) + ); + } + } else { + $result['status'] = 'good'; + $result['label'] = sprintf( + /* translators: %s: The current version of WordPress installed on this site. */ + __( 'Your version of WordPress (%s) is up to date' ), + $core_current_version + ); + + $result['description'] = sprintf( + '<p>%s</p>', + __( 'You are currently running the latest version of WordPress available, keep it up!' ) + ); + } + } + } + + return $result; + } + + /** + * Tests if plugins are outdated, or unnecessary. + * + * The test checks if your plugins are up to date, and encourages you to remove any + * that are not in use. + * + * @since 5.2.0 + * + * @return array The test result. + */ + public function get_test_plugin_version() { + $result = array( + 'label' => __( 'Your plugins are all up to date' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Plugins extend your site’s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it’s vital to keep them up to date.' ) + ), + 'actions' => sprintf( + '<p><a href="%s">%s</a></p>', + esc_url( admin_url( 'plugins.php' ) ), + __( 'Manage your plugins' ) + ), + 'test' => 'plugin_version', + ); + + $plugins = get_plugins(); + $plugin_updates = get_plugin_updates(); + + $plugins_active = 0; + $plugins_total = 0; + $plugins_need_update = 0; + + // Loop over the available plugins and check their versions and active state. + foreach ( $plugins as $plugin_path => $plugin ) { + ++$plugins_total; + + if ( is_plugin_active( $plugin_path ) ) { + ++$plugins_active; + } + + if ( array_key_exists( $plugin_path, $plugin_updates ) ) { + ++$plugins_need_update; + } + } + + // Add a notice if there are outdated plugins. + if ( $plugins_need_update > 0 ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'You have plugins waiting to be updated' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %d: The number of outdated plugins. */ + _n( + 'Your site has %d plugin waiting to be updated.', + 'Your site has %d plugins waiting to be updated.', + $plugins_need_update + ), + $plugins_need_update + ) + ); + + $result['actions'] .= sprintf( + '<p><a href="%s">%s</a></p>', + esc_url( network_admin_url( 'plugins.php?plugin_status=upgrade' ) ), + __( 'Update your plugins' ) + ); + } else { + if ( 1 === $plugins_active ) { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your site has 1 active plugin, and it is up to date.' ) + ); + } elseif ( $plugins_active > 0 ) { + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %d: The number of active plugins. */ + _n( + 'Your site has %d active plugin, and it is up to date.', + 'Your site has %d active plugins, and they are all up to date.', + $plugins_active + ), + $plugins_active + ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your site does not have any active plugins.' ) + ); + } + } + + // Check if there are inactive plugins. + if ( $plugins_total > $plugins_active && ! is_multisite() ) { + $unused_plugins = $plugins_total - $plugins_active; + + $result['status'] = 'recommended'; + + $result['label'] = __( 'You should remove inactive plugins' ); + + $result['description'] .= sprintf( + '<p>%s %s</p>', + sprintf( + /* translators: %d: The number of inactive plugins. */ + _n( + 'Your site has %d inactive plugin.', + 'Your site has %d inactive plugins.', + $unused_plugins + ), + $unused_plugins + ), + __( 'Inactive plugins are tempting targets for attackers. If you are not going to use a plugin, you should consider removing it.' ) + ); + + $result['actions'] .= sprintf( + '<p><a href="%s">%s</a></p>', + esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ), + __( 'Manage inactive plugins' ) + ); + } + + return $result; + } + + /** + * Tests if themes are outdated, or unnecessary. + * + * Checks if your site has a default theme (to fall back on if there is a need), + * if your themes are up to date and, finally, encourages you to remove any themes + * that are not needed. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_theme_version() { + $result = array( + 'label' => __( 'Your themes are all up to date' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Themes add your site’s look and feel. It’s important to keep them up to date, to stay consistent with your brand and keep your site secure.' ) + ), + 'actions' => sprintf( + '<p><a href="%s">%s</a></p>', + esc_url( admin_url( 'themes.php' ) ), + __( 'Manage your themes' ) + ), + 'test' => 'theme_version', + ); + + $theme_updates = get_theme_updates(); + + $themes_total = 0; + $themes_need_updates = 0; + $themes_inactive = 0; + + // This value is changed during processing to determine how many themes are considered a reasonable amount. + $allowed_theme_count = 1; + + $has_default_theme = false; + $has_unused_themes = false; + $show_unused_themes = true; + $using_default_theme = false; + + // Populate a list of all themes available in the install. + $all_themes = wp_get_themes(); + $active_theme = wp_get_theme(); + + // If WP_DEFAULT_THEME doesn't exist, fall back to the latest core default theme. + $default_theme = wp_get_theme( WP_DEFAULT_THEME ); + if ( ! $default_theme->exists() ) { + $default_theme = WP_Theme::get_core_default_theme(); + } + + if ( $default_theme ) { + $has_default_theme = true; + + if ( + $active_theme->get_stylesheet() === $default_theme->get_stylesheet() + || + is_child_theme() && $active_theme->get_template() === $default_theme->get_template() + ) { + $using_default_theme = true; + } + } + + foreach ( $all_themes as $theme_slug => $theme ) { + ++$themes_total; + + if ( array_key_exists( $theme_slug, $theme_updates ) ) { + ++$themes_need_updates; + } + } + + // If this is a child theme, increase the allowed theme count by one, to account for the parent. + if ( is_child_theme() ) { + ++$allowed_theme_count; + } + + // If there's a default theme installed and not in use, we count that as allowed as well. + if ( $has_default_theme && ! $using_default_theme ) { + ++$allowed_theme_count; + } + + if ( $themes_total > $allowed_theme_count ) { + $has_unused_themes = true; + $themes_inactive = ( $themes_total - $allowed_theme_count ); + } + + // Check if any themes need to be updated. + if ( $themes_need_updates > 0 ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'You have themes waiting to be updated' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %d: The number of outdated themes. */ + _n( + 'Your site has %d theme waiting to be updated.', + 'Your site has %d themes waiting to be updated.', + $themes_need_updates + ), + $themes_need_updates + ) + ); + } else { + // Give positive feedback about the site being good about keeping things up to date. + if ( 1 === $themes_total ) { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your site has 1 installed theme, and it is up to date.' ) + ); + } elseif ( $themes_total > 0 ) { + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %d: The number of themes. */ + _n( + 'Your site has %d installed theme, and it is up to date.', + 'Your site has %d installed themes, and they are all up to date.', + $themes_total + ), + $themes_total + ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your site does not have any installed themes.' ) + ); + } + } + + if ( $has_unused_themes && $show_unused_themes && ! is_multisite() ) { + + // This is a child theme, so we want to be a bit more explicit in our messages. + if ( $active_theme->parent() ) { + // Recommend removing inactive themes, except a default theme, your current one, and the parent theme. + $result['status'] = 'recommended'; + + $result['label'] = __( 'You should remove inactive themes' ); + + if ( $using_default_theme ) { + $result['description'] .= sprintf( + '<p>%s %s</p>', + sprintf( + /* translators: %d: The number of inactive themes. */ + _n( + 'Your site has %d inactive theme.', + 'Your site has %d inactive themes.', + $themes_inactive + ), + $themes_inactive + ), + sprintf( + /* translators: 1: The currently active theme. 2: The active theme's parent theme. */ + __( 'To enhance your site’s security, you should consider removing any themes you are not using. You should keep your active theme, %1$s, and %2$s, its parent theme.' ), + $active_theme->name, + $active_theme->parent()->name + ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s %s</p>', + sprintf( + /* translators: %d: The number of inactive themes. */ + _n( + 'Your site has %d inactive theme.', + 'Your site has %d inactive themes.', + $themes_inactive + ), + $themes_inactive + ), + sprintf( + /* translators: 1: The default theme for WordPress. 2: The currently active theme. 3: The active theme's parent theme. */ + __( 'To enhance your site’s security, you should consider removing any themes you are not using. You should keep %1$s, the default WordPress theme, %2$s, your active theme, and %3$s, its parent theme.' ), + $default_theme ? $default_theme->name : WP_DEFAULT_THEME, + $active_theme->name, + $active_theme->parent()->name + ) + ); + } + } else { + // Recommend removing all inactive themes. + $result['status'] = 'recommended'; + + $result['label'] = __( 'You should remove inactive themes' ); + + if ( $using_default_theme ) { + $result['description'] .= sprintf( + '<p>%s %s</p>', + sprintf( + /* translators: 1: The amount of inactive themes. 2: The currently active theme. */ + _n( + 'Your site has %1$d inactive theme, other than %2$s, your active theme.', + 'Your site has %1$d inactive themes, other than %2$s, your active theme.', + $themes_inactive + ), + $themes_inactive, + $active_theme->name + ), + __( 'You should consider removing any unused themes to enhance your site’s security.' ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s %s</p>', + sprintf( + /* translators: 1: The amount of inactive themes. 2: The default theme for WordPress. 3: The currently active theme. */ + _n( + 'Your site has %1$d inactive theme, other than %2$s, the default WordPress theme, and %3$s, your active theme.', + 'Your site has %1$d inactive themes, other than %2$s, the default WordPress theme, and %3$s, your active theme.', + $themes_inactive + ), + $themes_inactive, + $default_theme ? $default_theme->name : WP_DEFAULT_THEME, + $active_theme->name + ), + __( 'You should consider removing any unused themes to enhance your site’s security.' ) + ); + } + } + } + + // If no default Twenty* theme exists. + if ( ! $has_default_theme ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'Have a default theme available' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your chosen theme.' ) + ); + } + + return $result; + } + + /** + * Tests if the supplied PHP version is supported. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_php_version() { + $response = wp_check_php_version(); + + $result = array( + 'label' => sprintf( + /* translators: %s: The current PHP version. */ + __( 'Your site is running the current version of PHP (%s)' ), + PHP_VERSION + ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: The minimum recommended PHP version. */ + __( 'PHP is one of the programming languages used to build WordPress. Newer versions of PHP receive regular security updates and may increase your site’s performance. The minimum recommended version of PHP is %s.' ), + $response ? $response['recommended_version'] : '' + ) + ), + 'actions' => sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + esc_url( wp_get_update_php_url() ), + __( 'Learn more about updating PHP' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + 'test' => 'php_version', + ); + + // PHP is up to date. + if ( ! $response || version_compare( PHP_VERSION, $response['recommended_version'], '>=' ) ) { + return $result; + } + + // The PHP version is older than the recommended version, but still receiving active support. + if ( $response['is_supported'] ) { + $result['label'] = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an older version of PHP (%s)' ), + PHP_VERSION + ); + $result['status'] = 'recommended'; + + return $result; + } + + /* + * The PHP version is still receiving security fixes, but is lower than + * the expected minimum version that will be required by WordPress in the near future. + */ + if ( $response['is_secure'] && $response['is_lower_than_future_minimum'] ) { + // The `is_secure` array key name doesn't actually imply this is a secure version of PHP. It only means it receives security updates. + + $result['label'] = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which soon will not be supported by WordPress.' ), + PHP_VERSION + ); + + $result['status'] = 'critical'; + $result['badge']['label'] = __( 'Requirements' ); + + return $result; + } + + // The PHP version is only receiving security fixes. + if ( $response['is_secure'] ) { + $result['label'] = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an older version of PHP (%s), which should be updated' ), + PHP_VERSION + ); + $result['status'] = 'recommended'; + + return $result; + } + + // No more security updates for the PHP version, and lower than the expected minimum version required by WordPress. + if ( $response['is_lower_than_future_minimum'] ) { + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which does not receive security updates and soon will not be supported by WordPress.' ), + PHP_VERSION + ); + } else { + // No more security updates for the PHP version, must be updated. + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which does not receive security updates. It should be updated.' ), + PHP_VERSION + ); + } + + $result['label'] = $message; + $result['status'] = 'critical'; + + $result['badge']['label'] = __( 'Security' ); + + return $result; + } + + /** + * Checks if the passed extension or function are available. + * + * Make the check for available PHP modules into a simple boolean operator for a cleaner test runner. + * + * @since 5.2.0 + * @since 5.3.0 The `$constant_name` and `$class_name` parameters were added. + * + * @param string $extension_name Optional. The extension name to test. Default null. + * @param string $function_name Optional. The function name to test. Default null. + * @param string $constant_name Optional. The constant name to test for. Default null. + * @param string $class_name Optional. The class name to test for. Default null. + * @return bool Whether or not the extension and function are available. + */ + private function test_php_extension_availability( $extension_name = null, $function_name = null, $constant_name = null, $class_name = null ) { + // If no extension or function is passed, claim to fail testing, as we have nothing to test against. + if ( ! $extension_name && ! $function_name && ! $constant_name && ! $class_name ) { + return false; + } + + if ( $extension_name && ! extension_loaded( $extension_name ) ) { + return false; + } + + if ( $function_name && ! function_exists( $function_name ) ) { + return false; + } + + if ( $constant_name && ! defined( $constant_name ) ) { + return false; + } + + if ( $class_name && ! class_exists( $class_name ) ) { + return false; + } + + return true; + } + + /** + * Tests if required PHP modules are installed on the host. + * + * This test builds on the recommendations made by the WordPress Hosting Team + * as seen at https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions + * + * @since 5.2.0 + * + * @return array + */ + public function get_test_php_extensions() { + $result = array( + 'label' => __( 'Required and recommended modules are installed' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p><p>%s</p>', + __( 'PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.' ), + sprintf( + /* translators: 1: Link to the hosting group page about recommended PHP modules. 2: Additional link attributes. 3: Accessibility text. */ + __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ), + /* translators: Localized team handbook, if one exists. */ + esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ), + 'target="_blank" rel="noopener"', + sprintf( + '<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>', + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ) + ) + ), + 'actions' => '', + 'test' => 'php_extensions', + ); + + $modules = array( + 'curl' => array( + 'function' => 'curl_version', + 'required' => false, + ), + 'dom' => array( + 'class' => 'DOMNode', + 'required' => false, + ), + 'exif' => array( + 'function' => 'exif_read_data', + 'required' => false, + ), + 'fileinfo' => array( + 'function' => 'finfo_file', + 'required' => false, + ), + 'hash' => array( + 'function' => 'hash', + 'required' => false, + ), + 'imagick' => array( + 'extension' => 'imagick', + 'required' => false, + ), + 'json' => array( + 'function' => 'json_last_error', + 'required' => true, + ), + 'mbstring' => array( + 'function' => 'mb_check_encoding', + 'required' => false, + ), + 'mysqli' => array( + 'function' => 'mysqli_connect', + 'required' => false, + ), + 'libsodium' => array( + 'constant' => 'SODIUM_LIBRARY_VERSION', + 'required' => false, + 'php_bundled_version' => '7.2.0', + ), + 'openssl' => array( + 'function' => 'openssl_encrypt', + 'required' => false, + ), + 'pcre' => array( + 'function' => 'preg_match', + 'required' => false, + ), + 'mod_xml' => array( + 'extension' => 'libxml', + 'required' => false, + ), + 'zip' => array( + 'class' => 'ZipArchive', + 'required' => false, + ), + 'filter' => array( + 'function' => 'filter_list', + 'required' => false, + ), + 'gd' => array( + 'extension' => 'gd', + 'required' => false, + 'fallback_for' => 'imagick', + ), + 'iconv' => array( + 'function' => 'iconv', + 'required' => false, + ), + 'intl' => array( + 'extension' => 'intl', + 'required' => false, + ), + 'mcrypt' => array( + 'extension' => 'mcrypt', + 'required' => false, + 'fallback_for' => 'libsodium', + ), + 'simplexml' => array( + 'extension' => 'simplexml', + 'required' => false, + 'fallback_for' => 'mod_xml', + ), + 'xmlreader' => array( + 'extension' => 'xmlreader', + 'required' => false, + 'fallback_for' => 'mod_xml', + ), + 'zlib' => array( + 'extension' => 'zlib', + 'required' => false, + 'fallback_for' => 'zip', + ), + ); + + /** + * Filters the array representing all the modules we wish to test for. + * + * @since 5.2.0 + * @since 5.3.0 The `$constant` and `$class` parameters were added. + * + * @param array $modules { + * An associative array of modules to test for. + * + * @type array ...$0 { + * An associative array of module properties used during testing. + * One of either `$function` or `$extension` must be provided, or they will fail by default. + * + * @type string $function Optional. A function name to test for the existence of. + * @type string $extension Optional. An extension to check if is loaded in PHP. + * @type string $constant Optional. A constant name to check for to verify an extension exists. + * @type string $class Optional. A class name to check for to verify an extension exists. + * @type bool $required Is this a required feature or not. + * @type string $fallback_for Optional. The module this module replaces as a fallback. + * } + * } + */ + $modules = apply_filters( 'site_status_test_php_modules', $modules ); + + $failures = array(); + + foreach ( $modules as $library => $module ) { + $extension_name = ( isset( $module['extension'] ) ? $module['extension'] : null ); + $function_name = ( isset( $module['function'] ) ? $module['function'] : null ); + $constant_name = ( isset( $module['constant'] ) ? $module['constant'] : null ); + $class_name = ( isset( $module['class'] ) ? $module['class'] : null ); + + // If this module is a fallback for another function, check if that other function passed. + if ( isset( $module['fallback_for'] ) ) { + /* + * If that other function has a failure, mark this module as required for usual operations. + * If that other function hasn't failed, skip this test as it's only a fallback. + */ + if ( isset( $failures[ $module['fallback_for'] ] ) ) { + $module['required'] = true; + } else { + continue; + } + } + + if ( ! $this->test_php_extension_availability( $extension_name, $function_name, $constant_name, $class_name ) + && ( ! isset( $module['php_bundled_version'] ) + || version_compare( PHP_VERSION, $module['php_bundled_version'], '<' ) ) + ) { + if ( $module['required'] ) { + $result['status'] = 'critical'; + + $class = 'error'; + /* translators: Hidden accessibility text. */ + $screen_reader = __( 'Error' ); + $message = sprintf( + /* translators: %s: The module name. */ + __( 'The required module, %s, is not installed, or has been disabled.' ), + $library + ); + } else { + $class = 'warning'; + /* translators: Hidden accessibility text. */ + $screen_reader = __( 'Warning' ); + $message = sprintf( + /* translators: %s: The module name. */ + __( 'The optional module, %s, is not installed, or has been disabled.' ), + $library + ); + } + + if ( ! $module['required'] && 'good' === $result['status'] ) { + $result['status'] = 'recommended'; + } + + $failures[ $library ] = "<span class='dashicons $class'><span class='screen-reader-text'>$screen_reader</span></span> $message"; + } + } + + if ( ! empty( $failures ) ) { + $output = '<ul>'; + + foreach ( $failures as $failure ) { + $output .= sprintf( + '<li>%s</li>', + $failure + ); + } + + $output .= '</ul>'; + } + + if ( 'good' !== $result['status'] ) { + if ( 'recommended' === $result['status'] ) { + $result['label'] = __( 'One or more recommended modules are missing' ); + } + if ( 'critical' === $result['status'] ) { + $result['label'] = __( 'One or more required modules are missing' ); + } + + $result['description'] .= $output; + } + + return $result; + } + + /** + * Tests if the PHP default timezone is set to UTC. + * + * @since 5.3.1 + * + * @return array The test results. + */ + public function get_test_php_default_timezone() { + $result = array( + 'label' => __( 'PHP default timezone is valid' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'PHP default timezone was configured by WordPress on loading. This is necessary for correct calculations of dates and times.' ) + ), + 'actions' => '', + 'test' => 'php_default_timezone', + ); + + if ( 'UTC' !== date_default_timezone_get() ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'PHP default timezone is invalid' ); + + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: date_default_timezone_set() */ + __( 'PHP default timezone was changed after WordPress loading by a %s function call. This interferes with correct calculations of dates and times.' ), + '<code>date_default_timezone_set()</code>' + ) + ); + } + + return $result; + } + + /** + * Tests if there's an active PHP session that can affect loopback requests. + * + * @since 5.5.0 + * + * @return array The test results. + */ + public function get_test_php_sessions() { + $result = array( + 'label' => __( 'No PHP sessions detected' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: session_start(), 2: session_write_close() */ + __( 'PHP sessions created by a %1$s function call may interfere with REST API and loopback requests. An active session should be closed by %2$s before making any HTTP requests.' ), + '<code>session_start()</code>', + '<code>session_write_close()</code>' + ) + ), + 'test' => 'php_sessions', + ); + + if ( function_exists( 'session_status' ) && PHP_SESSION_ACTIVE === session_status() ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'An active PHP session was detected' ); + + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: session_start(), 2: session_write_close() */ + __( 'A PHP session was created by a %1$s function call. This interferes with REST API and loopback requests. The session should be closed by %2$s before making any HTTP requests.' ), + '<code>session_start()</code>', + '<code>session_write_close()</code>' + ) + ); + } + + return $result; + } + + /** + * Tests if the SQL server is up to date. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_sql_server() { + if ( ! $this->mysql_server_version ) { + $this->prepare_sql_data(); + } + + $result = array( + 'label' => __( 'SQL server is up to date' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' ) + ), + 'actions' => sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + /* translators: Localized version of WordPress requirements if one exists. */ + esc_url( __( 'https://wordpress.org/about/requirements/' ) ), + __( 'Learn more about what WordPress requires to run.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + 'test' => 'sql_server', + ); + + $db_dropin = file_exists( WP_CONTENT_DIR . '/db.php' ); + + if ( ! $this->is_recommended_mysql_version ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'Outdated SQL server' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server recommended version number. */ + __( 'For optimal performance and security reasons, you should consider running %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), + ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), + $this->mysql_recommended_version + ) + ); + } + + if ( ! $this->is_acceptable_mysql_version ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'Severely outdated SQL server' ); + $result['badge']['label'] = __( 'Security' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: The database engine in use (MySQL or MariaDB). 2: Database server minimum version number. */ + __( 'WordPress requires %1$s version %2$s or higher. Contact your web hosting company to correct this.' ), + ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ), + $this->mysql_required_version + ) + ); + } + + if ( $db_dropin ) { + $result['description'] .= sprintf( + '<p>%s</p>', + wp_kses( + sprintf( + /* translators: 1: The name of the drop-in. 2: The name of the database engine. */ + __( 'You are using a %1$s drop-in which might mean that a %2$s database is not being used.' ), + '<code>wp-content/db.php</code>', + ( $this->is_mariadb ? 'MariaDB' : 'MySQL' ) + ), + array( + 'code' => true, + ) + ) + ); + } + + return $result; + } + + /** + * Tests if the database server is capable of using utf8mb4. + * + * @since 5.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return array The test results. + */ + public function get_test_utf8mb4_support() { + global $wpdb; + + if ( ! $this->mysql_server_version ) { + $this->prepare_sql_data(); + } + + $result = array( + 'label' => __( 'UTF8MB4 is supported' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'UTF8MB4 is the character set WordPress prefers for database storage because it safely supports the widest set of characters and encodings, including Emoji, enabling better support for non-English languages.' ) + ), + 'actions' => '', + 'test' => 'utf8mb4_support', + ); + + if ( ! $this->is_mariadb ) { + if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'utf8mb4 requires a MySQL update' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: Version number. */ + __( 'WordPress’ utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ), + '5.5.3' + ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your MySQL version supports utf8mb4.' ) + ); + } + } else { // MariaDB introduced utf8mb4 support in 5.5.0. + if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'utf8mb4 requires a MariaDB update' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: Version number. */ + __( 'WordPress’ utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ), + '5.5.0' + ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Your MariaDB version supports utf8mb4.' ) + ); + } + } + + // phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info + $mysql_client_version = mysqli_get_client_info(); + + /* + * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server. + * mysqlnd has supported utf8mb4 since 5.0.9. + */ + if ( str_contains( $mysql_client_version, 'mysqlnd' ) ) { + $mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version ); + if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'utf8mb4 requires a newer client library' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: Name of the library, 2: Number of version. */ + __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), + 'mysqlnd', + '5.0.9' + ) + ); + } + } else { + if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'utf8mb4 requires a newer client library' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: Name of the library, 2: Number of version. */ + __( 'WordPress’ utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ), + 'libmysql', + '5.5.3' + ) + ); + } + } + + return $result; + } + + /** + * Tests if the site can communicate with WordPress.org. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_dotorg_communication() { + $result = array( + 'label' => __( 'Can communicate with WordPress.org' ), + 'status' => '', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.' ) + ), + 'actions' => '', + 'test' => 'dotorg_communication', + ); + + $wp_dotorg = wp_remote_get( + 'https://api.wordpress.org', + array( + 'timeout' => 10, + ) + ); + if ( ! is_wp_error( $wp_dotorg ) ) { + $result['status'] = 'good'; + } else { + $result['status'] = 'critical'; + + $result['label'] = __( 'Could not reach WordPress.org' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + '<span class="error"><span class="screen-reader-text">%s</span></span> %s', + /* translators: Hidden accessibility text. */ + __( 'Error' ), + sprintf( + /* translators: 1: The IP address WordPress.org resolves to. 2: The error returned by the lookup. */ + __( 'Your site is unable to reach WordPress.org at %1$s, and returned the error: %2$s' ), + gethostbyname( 'api.wordpress.org' ), + $wp_dotorg->get_error_message() + ) + ) + ); + + $result['actions'] = sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + /* translators: Localized Support reference. */ + esc_url( __( 'https://wordpress.org/support/forums/' ) ), + __( 'Get help resolving this issue.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + } + + return $result; + } + + /** + * Tests if debug information is enabled. + * + * When WP_DEBUG is enabled, errors and information may be disclosed to site visitors, + * or logged to a publicly accessible file. + * + * Debugging is also frequently left enabled after looking for errors on a site, + * as site owners do not understand the implications of this. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_is_in_debug_mode() { + $result = array( + 'label' => __( 'Your site is not set to output debug information' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' ) + ), + 'actions' => sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + /* translators: Documentation explaining debugging in WordPress. */ + esc_url( __( 'https://wordpress.org/documentation/article/debugging-in-wordpress/' ) ), + __( 'Learn more about debugging in WordPress.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + 'test' => 'is_in_debug_mode', + ); + + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) { + $result['label'] = __( 'Your site is set to log errors to a potentially public file' ); + + $result['status'] = str_starts_with( ini_get( 'error_log' ), ABSPATH ) ? 'critical' : 'recommended'; + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: WP_DEBUG_LOG */ + __( 'The value, %s, has been added to this website’s configuration file. This means any errors on the site will be written to a file which is potentially available to all users.' ), + '<code>WP_DEBUG_LOG</code>' + ) + ); + } + + if ( defined( 'WP_DEBUG_DISPLAY' ) && WP_DEBUG_DISPLAY ) { + $result['label'] = __( 'Your site is set to display errors to site visitors' ); + + $result['status'] = 'critical'; + + // On development environments, set the status to recommended. + if ( $this->is_development_environment() ) { + $result['status'] = 'recommended'; + } + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: WP_DEBUG_DISPLAY, 2: WP_DEBUG */ + __( 'The value, %1$s, has either been enabled by %2$s or added to your configuration file. This will make errors display on the front end of your site.' ), + '<code>WP_DEBUG_DISPLAY</code>', + '<code>WP_DEBUG</code>' + ) + ); + } + } + + return $result; + } + + /** + * Tests if the site is serving content over HTTPS. + * + * Many sites have varying degrees of HTTPS support, the most common of which is sites that have it + * enabled, but only if you visit the right site address. + * + * @since 5.2.0 + * @since 5.7.0 Updated to rely on {@see wp_is_using_https()} and {@see wp_is_https_supported()}. + * + * @return array The test results. + */ + public function get_test_https_status() { + /* + * Check HTTPS detection results. + */ + $errors = wp_get_https_detection_errors(); + + $default_update_url = wp_get_default_update_https_url(); + + $result = array( + 'label' => __( 'Your website is using an active HTTPS connection' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' ) + ), + 'actions' => sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + esc_url( $default_update_url ), + __( 'Learn more about why you should use HTTPS' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + 'test' => 'https_status', + ); + + if ( ! wp_is_using_https() ) { + /* + * If the website is not using HTTPS, provide more information + * about whether it is supported and how it can be enabled. + */ + $result['status'] = 'recommended'; + $result['label'] = __( 'Your website does not use HTTPS' ); + + if ( wp_is_site_url_using_https() ) { + if ( is_ssl() ) { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: URL to Settings > General > Site Address. */ + __( 'You are accessing this website using HTTPS, but your <a href="%s">Site Address</a> is not set up to use HTTPS by default.' ), + esc_url( admin_url( 'options-general.php' ) . '#home' ) + ) + ); + } else { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: URL to Settings > General > Site Address. */ + __( 'Your <a href="%s">Site Address</a> is not set up to use HTTPS.' ), + esc_url( admin_url( 'options-general.php' ) . '#home' ) + ) + ); + } + } else { + if ( is_ssl() ) { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: URL to Settings > General > WordPress Address, 2: URL to Settings > General > Site Address. */ + __( 'You are accessing this website using HTTPS, but your <a href="%1$s">WordPress Address</a> and <a href="%2$s">Site Address</a> are not set up to use HTTPS by default.' ), + esc_url( admin_url( 'options-general.php' ) . '#siteurl' ), + esc_url( admin_url( 'options-general.php' ) . '#home' ) + ) + ); + } else { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: URL to Settings > General > WordPress Address, 2: URL to Settings > General > Site Address. */ + __( 'Your <a href="%1$s">WordPress Address</a> and <a href="%2$s">Site Address</a> are not set up to use HTTPS.' ), + esc_url( admin_url( 'options-general.php' ) . '#siteurl' ), + esc_url( admin_url( 'options-general.php' ) . '#home' ) + ) + ); + } + } + + if ( wp_is_https_supported() ) { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'HTTPS is already supported for your website.' ) + ); + + if ( defined( 'WP_HOME' ) || defined( 'WP_SITEURL' ) ) { + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: wp-config.php, 2: WP_HOME, 3: WP_SITEURL */ + __( 'However, your WordPress Address is currently controlled by a PHP constant and therefore cannot be updated. You need to edit your %1$s and remove or update the definitions of %2$s and %3$s.' ), + '<code>wp-config.php</code>', + '<code>WP_HOME</code>', + '<code>WP_SITEURL</code>' + ) + ); + } elseif ( current_user_can( 'update_https' ) ) { + $default_direct_update_url = add_query_arg( 'action', 'update_https', wp_nonce_url( admin_url( 'site-health.php' ), 'wp_update_https' ) ); + $direct_update_url = wp_get_direct_update_https_url(); + + if ( ! empty( $direct_update_url ) ) { + $result['actions'] = sprintf( + '<p class="button-container"><a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s<span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + esc_url( $direct_update_url ), + __( 'Update your site to use HTTPS' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + } else { + $result['actions'] = sprintf( + '<p class="button-container"><a class="button button-primary" href="%1$s">%2$s</a></p>', + esc_url( $default_direct_update_url ), + __( 'Update your site to use HTTPS' ) + ); + } + } + } else { + // If host-specific "Update HTTPS" URL is provided, include a link. + $update_url = wp_get_update_https_url(); + if ( $update_url !== $default_update_url ) { + $result['description'] .= sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + esc_url( $update_url ), + __( 'Talk to your web host about supporting HTTPS for your website.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + } else { + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Talk to your web host about supporting HTTPS for your website.' ) + ); + } + } + } + + return $result; + } + + /** + * Checks if the HTTP API can handle SSL/TLS requests. + * + * @since 5.2.0 + * + * @return array The test result. + */ + public function get_test_ssl_support() { + $result = array( + 'label' => '', + 'status' => '', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Securely communicating between servers are needed for transactions such as fetching files, conducting sales on store sites, and much more.' ) + ), + 'actions' => '', + 'test' => 'ssl_support', + ); + + $supports_https = wp_http_supports( array( 'ssl' ) ); + + if ( $supports_https ) { + $result['status'] = 'good'; + + $result['label'] = __( 'Your site can communicate securely with other services' ); + } else { + $result['status'] = 'critical'; + + $result['label'] = __( 'Your site is unable to communicate securely with other services' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'Talk to your web host about OpenSSL support for PHP.' ) + ); + } + + return $result; + } + + /** + * Tests if scheduled events run as intended. + * + * If scheduled events are not running, this may indicate something with WP_Cron is not working + * as intended, or that there are orphaned events hanging around from older code. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_scheduled_events() { + $result = array( + 'label' => __( 'Scheduled events are running' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Scheduled events are what periodically looks for updates to plugins, themes and WordPress itself. It is also what makes sure scheduled posts are published on time. It may also be used by various plugins to make sure that planned actions are executed.' ) + ), + 'actions' => '', + 'test' => 'scheduled_events', + ); + + $this->wp_schedule_test_init(); + + if ( is_wp_error( $this->has_missed_cron() ) ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'It was not possible to check your scheduled events' ); + + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: The error message returned while from the cron scheduler. */ + __( 'While trying to test your site’s scheduled events, the following error was returned: %s' ), + $this->has_missed_cron()->get_error_message() + ) + ); + } elseif ( $this->has_missed_cron() ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'A scheduled event has failed' ); + + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: The name of the failed cron event. */ + __( 'The scheduled event, %s, failed to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ), + $this->last_missed_cron + ) + ); + } elseif ( $this->has_late_cron() ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'A scheduled event is late' ); + + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: The name of the late cron event. */ + __( 'The scheduled event, %s, is late to run. Your site still works, but this may indicate that scheduling posts or automated updates may not work as intended.' ), + $this->last_late_cron + ) + ); + } + + return $result; + } + + /** + * Tests if WordPress can run automated background updates. + * + * Background updates in WordPress are primarily used for minor releases and security updates. + * It's important to either have these working, or be aware that they are intentionally disabled + * for whatever reason. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_background_updates() { + $result = array( + 'label' => __( 'Background updates are working' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.' ) + ), + 'actions' => '', + 'test' => 'background_updates', + ); + + if ( ! class_exists( 'WP_Site_Health_Auto_Updates' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-site-health-auto-updates.php'; + } + + /* + * Run the auto-update tests in a separate class, + * as there are many considerations to be made. + */ + $automatic_updates = new WP_Site_Health_Auto_Updates(); + $tests = $automatic_updates->run_tests(); + + $output = '<ul>'; + + foreach ( $tests as $test ) { + /* translators: Hidden accessibility text. */ + $severity_string = __( 'Passed' ); + + if ( 'fail' === $test->severity ) { + $result['label'] = __( 'Background updates are not working as expected' ); + + $result['status'] = 'critical'; + + /* translators: Hidden accessibility text. */ + $severity_string = __( 'Error' ); + } + + if ( 'warning' === $test->severity && 'good' === $result['status'] ) { + $result['label'] = __( 'Background updates may not be working properly' ); + + $result['status'] = 'recommended'; + + /* translators: Hidden accessibility text. */ + $severity_string = __( 'Warning' ); + } + + $output .= sprintf( + '<li><span class="dashicons %s"><span class="screen-reader-text">%s</span></span> %s</li>', + esc_attr( $test->severity ), + $severity_string, + $test->description + ); + } + + $output .= '</ul>'; + + if ( 'good' !== $result['status'] ) { + $result['description'] .= $output; + } + + return $result; + } + + /** + * Tests if plugin and theme auto-updates appear to be configured correctly. + * + * @since 5.5.0 + * + * @return array The test results. + */ + public function get_test_plugin_theme_auto_updates() { + $result = array( + 'label' => __( 'Plugin and theme auto-updates appear to be configured correctly' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Plugin and theme auto-updates ensure that the latest versions are always installed.' ) + ), + 'actions' => '', + 'test' => 'plugin_theme_auto_updates', + ); + + $check_plugin_theme_updates = $this->detect_plugin_theme_auto_update_issues(); + + $result['status'] = $check_plugin_theme_updates->status; + + if ( 'good' !== $result['status'] ) { + $result['label'] = __( 'Your site may have problems auto-updating plugins and themes' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + $check_plugin_theme_updates->message + ); + } + + return $result; + } + + /** + * Tests available disk space for updates. + * + * @since 6.3.0 + * + * @return array The test results. + */ + public function get_test_available_updates_disk_space() { + $available_space = function_exists( 'disk_free_space' ) ? @disk_free_space( WP_CONTENT_DIR . '/upgrade/' ) : false; + + $result = array( + 'label' => __( 'Disk space available to safely perform updates' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + /* translators: %s: Available disk space in MB or GB. */ + '<p>' . __( '%s available disk space was detected, update routines can be performed safely.' ) . '</p>', + size_format( $available_space ) + ), + 'actions' => '', + 'test' => 'available_updates_disk_space', + ); + + if ( false === $available_space ) { + $result['description'] = __( 'Could not determine available disk space for updates.' ); + $result['status'] = 'recommended'; + } elseif ( $available_space < 20 * MB_IN_BYTES ) { + $result['description'] = __( 'Available disk space is critically low, less than 20 MB available. Proceed with caution, updates may fail.' ); + $result['status'] = 'critical'; + } elseif ( $available_space < 100 * MB_IN_BYTES ) { + $result['description'] = __( 'Available disk space is low, less than 100 MB available.' ); + $result['status'] = 'recommended'; + } + + return $result; + } + + /** + * Tests if plugin and theme temporary backup directories are writable or can be created. + * + * @since 6.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @return array The test results. + */ + public function get_test_update_temp_backup_writable() { + global $wp_filesystem; + + $result = array( + 'label' => __( 'Plugin and theme temporary backup directory is writable' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + /* translators: %s: wp-content/upgrade-temp-backup */ + '<p>' . __( 'The %s directory used to improve the stability of plugin and theme updates is writable.' ) . '</p>', + '<code>wp-content/upgrade-temp-backup</code>' + ), + 'actions' => '', + 'test' => 'update_temp_backup_writable', + ); + + if ( ! function_exists( 'WP_Filesystem' ) ) { + require_once ABSPATH . '/wp-admin/includes/file.php'; + } + + ob_start(); + $credentials = request_filesystem_credentials( '' ); + ob_end_clean(); + + if ( false === $credentials || ! WP_Filesystem( $credentials ) ) { + $result['status'] = 'recommended'; + $result['label'] = __( 'Could not access filesystem' ); + $result['description'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.' ); + return $result; + } + + $wp_content = $wp_filesystem->wp_content_dir(); + + if ( ! $wp_content ) { + $result['status'] = 'critical'; + $result['label'] = __( 'Unable to locate WordPress content directory' ); + $result['description'] = sprintf( + /* translators: %s: wp-content */ + '<p>' . __( 'The %s directory cannot be located.' ) . '</p>', + '<code>wp-content</code>' + ); + return $result; + } + + $upgrade_dir_exists = $wp_filesystem->is_dir( "$wp_content/upgrade" ); + $upgrade_dir_is_writable = $wp_filesystem->is_writable( "$wp_content/upgrade" ); + $backup_dir_exists = $wp_filesystem->is_dir( "$wp_content/upgrade-temp-backup" ); + $backup_dir_is_writable = $wp_filesystem->is_writable( "$wp_content/upgrade-temp-backup" ); + + $plugins_dir_exists = $wp_filesystem->is_dir( "$wp_content/upgrade-temp-backup/plugins" ); + $plugins_dir_is_writable = $wp_filesystem->is_writable( "$wp_content/upgrade-temp-backup/plugins" ); + $themes_dir_exists = $wp_filesystem->is_dir( "$wp_content/upgrade-temp-backup/themes" ); + $themes_dir_is_writable = $wp_filesystem->is_writable( "$wp_content/upgrade-temp-backup/themes" ); + + if ( $plugins_dir_exists && ! $plugins_dir_is_writable && $themes_dir_exists && ! $themes_dir_is_writable ) { + $result['status'] = 'critical'; + $result['label'] = __( 'Plugin and theme temporary backup directories exist but are not writable' ); + $result['description'] = sprintf( + /* translators: 1: wp-content/upgrade-temp-backup/plugins, 2: wp-content/upgrade-temp-backup/themes. */ + '<p>' . __( 'The %1$s and %2$s directories exist but are not writable. These directories are used to improve the stability of plugin updates. Please make sure the server has write permissions to these directories.' ) . '</p>', + '<code>wp-content/upgrade-temp-backup/plugins</code>', + '<code>wp-content/upgrade-temp-backup/themes</code>' + ); + return $result; + } + + if ( $plugins_dir_exists && ! $plugins_dir_is_writable ) { + $result['status'] = 'critical'; + $result['label'] = __( 'Plugin temporary backup directory exists but is not writable' ); + $result['description'] = sprintf( + /* translators: %s: wp-content/upgrade-temp-backup/plugins */ + '<p>' . __( 'The %s directory exists but is not writable. This directory is used to improve the stability of plugin updates. Please make sure the server has write permissions to this directory.' ) . '</p>', + '<code>wp-content/upgrade-temp-backup/plugins</code>' + ); + return $result; + } + + if ( $themes_dir_exists && ! $themes_dir_is_writable ) { + $result['status'] = 'critical'; + $result['label'] = __( 'Theme temporary backup directory exists but is not writable' ); + $result['description'] = sprintf( + /* translators: %s: wp-content/upgrade-temp-backup/themes */ + '<p>' . __( 'The %s directory exists but is not writable. This directory is used to improve the stability of theme updates. Please make sure the server has write permissions to this directory.' ) . '</p>', + '<code>wp-content/upgrade-temp-backup/themes</code>' + ); + return $result; + } + + if ( ( ! $plugins_dir_exists || ! $themes_dir_exists ) && $backup_dir_exists && ! $backup_dir_is_writable ) { + $result['status'] = 'critical'; + $result['label'] = __( 'The temporary backup directory exists but is not writable' ); + $result['description'] = sprintf( + /* translators: %s: wp-content/upgrade-temp-backup */ + '<p>' . __( 'The %s directory exists but is not writable. This directory is used to improve the stability of plugin and theme updates. Please make sure the server has write permissions to this directory.' ) . '</p>', + '<code>wp-content/upgrade-temp-backup</code>' + ); + return $result; + } + + if ( ! $backup_dir_exists && $upgrade_dir_exists && ! $upgrade_dir_is_writable ) { + $result['status'] = 'critical'; + $result['label'] = __( 'The upgrade directory exists but is not writable' ); + $result['description'] = sprintf( + /* translators: %s: wp-content/upgrade */ + '<p>' . __( 'The %s directory exists but is not writable. This directory is used for plugin and theme updates. Please make sure the server has write permissions to this directory.' ) . '</p>', + '<code>wp-content/upgrade</code>' + ); + return $result; + } + + if ( ! $upgrade_dir_exists && ! $wp_filesystem->is_writable( $wp_content ) ) { + $result['status'] = 'critical'; + $result['label'] = __( 'The upgrade directory cannot be created' ); + $result['description'] = sprintf( + /* translators: 1: wp-content/upgrade, 2: wp-content. */ + '<p>' . __( 'The %1$s directory does not exist, and the server does not have write permissions in %2$s to create it. This directory is used for plugin and theme updates. Please make sure the server has write permissions in %2$s.' ) . '</p>', + '<code>wp-content/upgrade</code>', + '<code>wp-content</code>' + ); + return $result; + } + + return $result; + } + + /** + * Tests if loopbacks work as expected. + * + * A loopback is when WordPress queries itself, for example to start a new WP_Cron instance, + * or when editing a plugin or theme. This has shown itself to be a recurring issue, + * as code can very easily break this interaction. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_loopback_requests() { + $result = array( + 'label' => __( 'Your site can perform loopback requests' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.' ) + ), + 'actions' => '', + 'test' => 'loopback_requests', + ); + + $check_loopback = $this->can_perform_loopback(); + + $result['status'] = $check_loopback->status; + + if ( 'good' !== $result['status'] ) { + $result['label'] = __( 'Your site could not complete a loopback request' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + $check_loopback->message + ); + } + + return $result; + } + + /** + * Tests if HTTP requests are blocked. + * + * It's possible to block all outgoing communication (with the possibility of allowing certain + * hosts) via the HTTP API. This may create problems for users as many features are running as + * services these days. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_http_requests() { + $result = array( + 'label' => __( 'HTTP requests seem to be working as expected' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'It is possible for site maintainers to block all, or some, communication to other sites and services. If set up incorrectly, this may prevent plugins and themes from working as intended.' ) + ), + 'actions' => '', + 'test' => 'http_requests', + ); + + $blocked = false; + $hosts = array(); + + if ( defined( 'WP_HTTP_BLOCK_EXTERNAL' ) && WP_HTTP_BLOCK_EXTERNAL ) { + $blocked = true; + } + + if ( defined( 'WP_ACCESSIBLE_HOSTS' ) ) { + $hosts = explode( ',', WP_ACCESSIBLE_HOSTS ); + } + + if ( $blocked && 0 === count( $hosts ) ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'HTTP requests are blocked' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: Name of the constant used. */ + __( 'HTTP requests have been blocked by the %s constant, with no allowed hosts.' ), + '<code>WP_HTTP_BLOCK_EXTERNAL</code>' + ) + ); + } + + if ( $blocked && 0 < count( $hosts ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'HTTP requests are partially blocked' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: Name of the constant used. 2: List of allowed hostnames. */ + __( 'HTTP requests have been blocked by the %1$s constant, with some allowed hosts: %2$s.' ), + '<code>WP_HTTP_BLOCK_EXTERNAL</code>', + implode( ',', $hosts ) + ) + ); + } + + return $result; + } + + /** + * Tests if the REST API is accessible. + * + * Various security measures may block the REST API from working, or it may have been disabled in general. + * This is required for the new block editor to work, so we explicitly test for this. + * + * @since 5.2.0 + * + * @return array The test results. + */ + public function get_test_rest_availability() { + $result = array( + 'label' => __( 'The REST API is available' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'The REST API is one way that WordPress and other applications communicate with the server. For example, the block editor screen relies on the REST API to display and save your posts and pages.' ) + ), + 'actions' => '', + 'test' => 'rest_availability', + ); + + $cookies = wp_unslash( $_COOKIE ); + $timeout = 10; // 10 seconds. + $headers = array( + 'Cache-Control' => 'no-cache', + 'X-WP-Nonce' => wp_create_nonce( 'wp_rest' ), + ); + /** This filter is documented in wp-includes/class-wp-http-streams.php */ + $sslverify = apply_filters( 'https_local_ssl_verify', false ); + + // Include Basic auth in loopback requests. + if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { + $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); + } + + $url = rest_url( 'wp/v2/types/post' ); + + // The context for this is editing with the new block editor. + $url = add_query_arg( + array( + 'context' => 'edit', + ), + $url + ); + + $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) ); + + if ( is_wp_error( $r ) ) { + $result['status'] = 'critical'; + + $result['label'] = __( 'The REST API encountered an error' ); + + $result['description'] .= sprintf( + '<p>%s</p><p>%s<br>%s</p>', + __( 'When testing the REST API, an error was encountered:' ), + sprintf( + // translators: %s: The REST API URL. + __( 'REST API Endpoint: %s' ), + $url + ), + sprintf( + // translators: 1: The WordPress error code. 2: The WordPress error message. + __( 'REST API Response: (%1$s) %2$s' ), + $r->get_error_code(), + $r->get_error_message() + ) + ); + } elseif ( 200 !== wp_remote_retrieve_response_code( $r ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'The REST API encountered an unexpected result' ); + + $result['description'] .= sprintf( + '<p>%s</p><p>%s<br>%s</p>', + __( 'When testing the REST API, an unexpected result was returned:' ), + sprintf( + // translators: %s: The REST API URL. + __( 'REST API Endpoint: %s' ), + $url + ), + sprintf( + // translators: 1: The WordPress error code. 2: The HTTP status code error message. + __( 'REST API Response: (%1$s) %2$s' ), + wp_remote_retrieve_response_code( $r ), + wp_remote_retrieve_response_message( $r ) + ) + ); + } else { + $json = json_decode( wp_remote_retrieve_body( $r ), true ); + + if ( false !== $json && ! isset( $json['capabilities'] ) ) { + $result['status'] = 'recommended'; + + $result['label'] = __( 'The REST API did not behave correctly' ); + + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: %s: The name of the query parameter being tested. */ + __( 'The REST API did not process the %s query parameter correctly.' ), + '<code>context</code>' + ) + ); + } + } + + return $result; + } + + /** + * Tests if 'file_uploads' directive in PHP.ini is turned off. + * + * @since 5.5.0 + * + * @return array The test results. + */ + public function get_test_file_uploads() { + $result = array( + 'label' => __( 'Files can be uploaded' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: file_uploads, 2: php.ini */ + __( 'The %1$s directive in %2$s determines if uploading files is allowed on your site.' ), + '<code>file_uploads</code>', + '<code>php.ini</code>' + ) + ), + 'actions' => '', + 'test' => 'file_uploads', + ); + + if ( ! function_exists( 'ini_get' ) ) { + $result['status'] = 'critical'; + $result['description'] .= sprintf( + /* translators: %s: ini_get() */ + __( 'The %s function has been disabled, some media settings are unavailable because of this.' ), + '<code>ini_get()</code>' + ); + return $result; + } + + if ( empty( ini_get( 'file_uploads' ) ) ) { + $result['status'] = 'critical'; + $result['description'] .= sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: file_uploads, 2: 0 */ + __( '%1$s is set to %2$s. You won\'t be able to upload files on your site.' ), + '<code>file_uploads</code>', + '<code>0</code>' + ) + ); + return $result; + } + + $post_max_size = ini_get( 'post_max_size' ); + $upload_max_filesize = ini_get( 'upload_max_filesize' ); + + if ( wp_convert_hr_to_bytes( $post_max_size ) < wp_convert_hr_to_bytes( $upload_max_filesize ) ) { + $result['label'] = sprintf( + /* translators: 1: post_max_size, 2: upload_max_filesize */ + __( 'The "%1$s" value is smaller than "%2$s"' ), + 'post_max_size', + 'upload_max_filesize' + ); + $result['status'] = 'recommended'; + + if ( 0 === wp_convert_hr_to_bytes( $post_max_size ) ) { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: post_max_size, 2: upload_max_filesize */ + __( 'The setting for %1$s is currently configured as 0, this could cause some problems when trying to upload files through plugin or theme features that rely on various upload methods. It is recommended to configure this setting to a fixed value, ideally matching the value of %2$s, as some upload methods read the value 0 as either unlimited, or disabled.' ), + '<code>post_max_size</code>', + '<code>upload_max_filesize</code>' + ) + ); + } else { + $result['description'] = sprintf( + '<p>%s</p>', + sprintf( + /* translators: 1: post_max_size, 2: upload_max_filesize */ + __( 'The setting for %1$s is smaller than %2$s, this could cause some problems when trying to upload files.' ), + '<code>post_max_size</code>', + '<code>upload_max_filesize</code>' + ) + ); + } + + return $result; + } + + return $result; + } + + /** + * Tests if the Authorization header has the expected values. + * + * @since 5.6.0 + * + * @return array + */ + public function get_test_authorization_header() { + $result = array( + 'label' => __( 'The Authorization header is working as expected' ), + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Security' ), + 'color' => 'blue', + ), + 'description' => sprintf( + '<p>%s</p>', + __( 'The Authorization header is used by third-party applications you have approved for this site. Without this header, those apps cannot connect to your site.' ) + ), + 'actions' => '', + 'test' => 'authorization_header', + ); + + if ( ! isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) ) { + $result['label'] = __( 'The authorization header is missing' ); + } elseif ( 'user' !== $_SERVER['PHP_AUTH_USER'] || 'pwd' !== $_SERVER['PHP_AUTH_PW'] ) { + $result['label'] = __( 'The authorization header is invalid' ); + } else { + return $result; + } + + $result['status'] = 'recommended'; + $result['description'] .= sprintf( + '<p>%s</p>', + __( 'If you are still seeing this warning after having tried the actions below, you may need to contact your hosting provider for further assistance.' ) + ); + + if ( ! function_exists( 'got_mod_rewrite' ) ) { + require_once ABSPATH . 'wp-admin/includes/misc.php'; + } + + if ( got_mod_rewrite() ) { + $result['actions'] .= sprintf( + '<p><a href="%s">%s</a></p>', + esc_url( admin_url( 'options-permalink.php' ) ), + __( 'Flush permalinks' ) + ); + } else { + $result['actions'] .= sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + __( 'https://developer.wordpress.org/rest-api/frequently-asked-questions/#why-is-authentication-not-working' ), + __( 'Learn how to configure the Authorization header.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + } + + return $result; + } + + /** + * Tests if a full page cache is available. + * + * @since 6.1.0 + * + * @return array The test result. + */ + public function get_test_page_cache() { + $description = '<p>' . __( 'Page cache enhances the speed and performance of your site by saving and serving static pages instead of calling for a page every time a user visits.' ) . '</p>'; + $description .= '<p>' . __( 'Page cache is detected by looking for an active page cache plugin as well as making three requests to the homepage and looking for one or more of the following HTTP client caching response headers:' ) . '</p>'; + $description .= '<code>' . implode( '</code>, <code>', array_keys( $this->get_page_cache_headers() ) ) . '.</code>'; + + $result = array( + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'description' => wp_kses_post( $description ), + 'test' => 'page_cache', + 'status' => 'good', + 'label' => '', + 'actions' => sprintf( + '<p><a href="%1$s" target="_blank" rel="noopener noreferrer">%2$s<span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + __( 'https://wordpress.org/documentation/article/optimization/#Caching' ), + __( 'Learn more about page cache' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + ); + + $page_cache_detail = $this->get_page_cache_detail(); + + if ( is_wp_error( $page_cache_detail ) ) { + $result['label'] = __( 'Unable to detect the presence of page cache' ); + $result['status'] = 'recommended'; + $error_info = sprintf( + /* translators: 1: Error message, 2: Error code. */ + __( 'Unable to detect page cache due to possible loopback request problem. Please verify that the loopback request test is passing. Error: %1$s (Code: %2$s)' ), + $page_cache_detail->get_error_message(), + $page_cache_detail->get_error_code() + ); + $result['description'] = wp_kses_post( "<p>$error_info</p>" ) . $result['description']; + return $result; + } + + $result['status'] = $page_cache_detail['status']; + + switch ( $page_cache_detail['status'] ) { + case 'recommended': + $result['label'] = __( 'Page cache is not detected but the server response time is OK' ); + break; + case 'good': + $result['label'] = __( 'Page cache is detected and the server response time is good' ); + break; + default: + if ( empty( $page_cache_detail['headers'] ) && ! $page_cache_detail['advanced_cache_present'] ) { + $result['label'] = __( 'Page cache is not detected and the server response time is slow' ); + } else { + $result['label'] = __( 'Page cache is detected but the server response time is still slow' ); + } + } + + $page_cache_test_summary = array(); + + if ( empty( $page_cache_detail['response_time'] ) ) { + $page_cache_test_summary[] = '<span class="dashicons dashicons-dismiss"></span> ' . __( 'Server response time could not be determined. Verify that loopback requests are working.' ); + } else { + + $threshold = $this->get_good_response_time_threshold(); + if ( $page_cache_detail['response_time'] < $threshold ) { + $page_cache_test_summary[] = '<span class="dashicons dashicons-yes-alt"></span> ' . sprintf( + /* translators: 1: The response time in milliseconds, 2: The recommended threshold in milliseconds. */ + __( 'Median server response time was %1$s milliseconds. This is less than the recommended %2$s milliseconds threshold.' ), + number_format_i18n( $page_cache_detail['response_time'] ), + number_format_i18n( $threshold ) + ); + } else { + $page_cache_test_summary[] = '<span class="dashicons dashicons-warning"></span> ' . sprintf( + /* translators: 1: The response time in milliseconds, 2: The recommended threshold in milliseconds. */ + __( 'Median server response time was %1$s milliseconds. It should be less than the recommended %2$s milliseconds threshold.' ), + number_format_i18n( $page_cache_detail['response_time'] ), + number_format_i18n( $threshold ) + ); + } + + if ( empty( $page_cache_detail['headers'] ) ) { + $page_cache_test_summary[] = '<span class="dashicons dashicons-warning"></span> ' . __( 'No client caching response headers were detected.' ); + } else { + $headers_summary = '<span class="dashicons dashicons-yes-alt"></span>'; + $headers_summary .= ' ' . sprintf( + /* translators: %d: Number of caching headers. */ + _n( + 'There was %d client caching response header detected:', + 'There were %d client caching response headers detected:', + count( $page_cache_detail['headers'] ) + ), + count( $page_cache_detail['headers'] ) + ); + $headers_summary .= ' <code>' . implode( '</code>, <code>', $page_cache_detail['headers'] ) . '</code>.'; + $page_cache_test_summary[] = $headers_summary; + } + } + + if ( $page_cache_detail['advanced_cache_present'] ) { + $page_cache_test_summary[] = '<span class="dashicons dashicons-yes-alt"></span> ' . __( 'A page cache plugin was detected.' ); + } elseif ( ! ( is_array( $page_cache_detail ) && ! empty( $page_cache_detail['headers'] ) ) ) { + // Note: This message is not shown if client caching response headers were present since an external caching layer may be employed. + $page_cache_test_summary[] = '<span class="dashicons dashicons-warning"></span> ' . __( 'A page cache plugin was not detected.' ); + } + + $result['description'] .= '<ul><li>' . implode( '</li><li>', $page_cache_test_summary ) . '</li></ul>'; + return $result; + } + + /** + * Tests if the site uses persistent object cache and recommends to use it if not. + * + * @since 6.1.0 + * + * @return array The test result. + */ + public function get_test_persistent_object_cache() { + /** + * Filters the action URL for the persistent object cache health check. + * + * @since 6.1.0 + * + * @param string $action_url Learn more link for persistent object cache health check. + */ + $action_url = apply_filters( + 'site_status_persistent_object_cache_url', + /* translators: Localized Support reference. */ + __( 'https://wordpress.org/documentation/article/optimization/#persistent-object-cache' ) + ); + + $result = array( + 'test' => 'persistent_object_cache', + 'status' => 'good', + 'badge' => array( + 'label' => __( 'Performance' ), + 'color' => 'blue', + ), + 'label' => __( 'A persistent object cache is being used' ), + 'description' => sprintf( + '<p>%s</p>', + __( 'A persistent object cache makes your site’s database more efficient, resulting in faster load times because WordPress can retrieve your site’s content and settings much more quickly.' ) + ), + 'actions' => sprintf( + '<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', + esc_url( $action_url ), + __( 'Learn more about persistent object caching.' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ), + ); + + if ( wp_using_ext_object_cache() ) { + return $result; + } + + if ( ! $this->should_suggest_persistent_object_cache() ) { + $result['label'] = __( 'A persistent object cache is not required' ); + + return $result; + } + + $available_services = $this->available_object_cache_services(); + + $notes = __( 'Your hosting provider can tell you if a persistent object cache can be enabled on your site.' ); + + if ( ! empty( $available_services ) ) { + $notes .= ' ' . sprintf( + /* translators: Available object caching services. */ + __( 'Your host appears to support the following object caching services: %s.' ), + implode( ', ', $available_services ) + ); + } + + /** + * Filters the second paragraph of the health check's description + * when suggesting the use of a persistent object cache. + * + * Hosts may want to replace the notes to recommend their preferred object caching solution. + * + * Plugin authors may want to append notes (not replace) on why object caching is recommended for their plugin. + * + * @since 6.1.0 + * + * @param string $notes The notes appended to the health check description. + * @param string[] $available_services The list of available persistent object cache services. + */ + $notes = apply_filters( 'site_status_persistent_object_cache_notes', $notes, $available_services ); + + $result['status'] = 'recommended'; + $result['label'] = __( 'You should use a persistent object cache' ); + $result['description'] .= sprintf( + '<p>%s</p>', + wp_kses( + $notes, + array( + 'a' => array( 'href' => true ), + 'code' => true, + 'em' => true, + 'strong' => true, + ) + ) + ); + + return $result; + } + + /** + * Returns a set of tests that belong to the site status page. + * + * Each site status test is defined here, they may be `direct` tests, that run on page load, or `async` tests + * which will run later down the line via JavaScript calls to improve page performance and hopefully also user + * experiences. + * + * @since 5.2.0 + * @since 5.6.0 Added support for `has_rest` and `permissions`. + * + * @return array The list of tests to run. + */ + public static function get_tests() { + $tests = array( + 'direct' => array( + 'wordpress_version' => array( + 'label' => __( 'WordPress Version' ), + 'test' => 'wordpress_version', + ), + 'plugin_version' => array( + 'label' => __( 'Plugin Versions' ), + 'test' => 'plugin_version', + ), + 'theme_version' => array( + 'label' => __( 'Theme Versions' ), + 'test' => 'theme_version', + ), + 'php_version' => array( + 'label' => __( 'PHP Version' ), + 'test' => 'php_version', + ), + 'php_extensions' => array( + 'label' => __( 'PHP Extensions' ), + 'test' => 'php_extensions', + ), + 'php_default_timezone' => array( + 'label' => __( 'PHP Default Timezone' ), + 'test' => 'php_default_timezone', + ), + 'php_sessions' => array( + 'label' => __( 'PHP Sessions' ), + 'test' => 'php_sessions', + ), + 'sql_server' => array( + 'label' => __( 'Database Server version' ), + 'test' => 'sql_server', + ), + 'utf8mb4_support' => array( + 'label' => __( 'MySQL utf8mb4 support' ), + 'test' => 'utf8mb4_support', + ), + 'ssl_support' => array( + 'label' => __( 'Secure communication' ), + 'test' => 'ssl_support', + ), + 'scheduled_events' => array( + 'label' => __( 'Scheduled events' ), + 'test' => 'scheduled_events', + ), + 'http_requests' => array( + 'label' => __( 'HTTP Requests' ), + 'test' => 'http_requests', + ), + 'rest_availability' => array( + 'label' => __( 'REST API availability' ), + 'test' => 'rest_availability', + 'skip_cron' => true, + ), + 'debug_enabled' => array( + 'label' => __( 'Debugging enabled' ), + 'test' => 'is_in_debug_mode', + ), + 'file_uploads' => array( + 'label' => __( 'File uploads' ), + 'test' => 'file_uploads', + ), + 'plugin_theme_auto_updates' => array( + 'label' => __( 'Plugin and theme auto-updates' ), + 'test' => 'plugin_theme_auto_updates', + ), + 'update_temp_backup_writable' => array( + 'label' => __( 'Plugin and theme temporary backup directory access' ), + 'test' => 'update_temp_backup_writable', + ), + 'available_updates_disk_space' => array( + 'label' => __( 'Available disk space' ), + 'test' => 'available_updates_disk_space', + ), + ), + 'async' => array( + 'dotorg_communication' => array( + 'label' => __( 'Communication with WordPress.org' ), + 'test' => rest_url( 'wp-site-health/v1/tests/dotorg-communication' ), + 'has_rest' => true, + 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_dotorg_communication' ), + ), + 'background_updates' => array( + 'label' => __( 'Background updates' ), + 'test' => rest_url( 'wp-site-health/v1/tests/background-updates' ), + 'has_rest' => true, + 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_background_updates' ), + ), + 'loopback_requests' => array( + 'label' => __( 'Loopback request' ), + 'test' => rest_url( 'wp-site-health/v1/tests/loopback-requests' ), + 'has_rest' => true, + 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_loopback_requests' ), + ), + 'https_status' => array( + 'label' => __( 'HTTPS status' ), + 'test' => rest_url( 'wp-site-health/v1/tests/https-status' ), + 'has_rest' => true, + 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_https_status' ), + ), + ), + ); + + // Conditionally include Authorization header test if the site isn't protected by Basic Auth. + if ( ! wp_is_site_protected_by_basic_auth() ) { + $tests['async']['authorization_header'] = array( + 'label' => __( 'Authorization header' ), + 'test' => rest_url( 'wp-site-health/v1/tests/authorization-header' ), + 'has_rest' => true, + 'headers' => array( 'Authorization' => 'Basic ' . base64_encode( 'user:pwd' ) ), + 'skip_cron' => true, + ); + } + + // Only check for caches in production environments. + if ( 'production' === wp_get_environment_type() ) { + $tests['async']['page_cache'] = array( + 'label' => __( 'Page cache' ), + 'test' => rest_url( 'wp-site-health/v1/tests/page-cache' ), + 'has_rest' => true, + 'async_direct_test' => array( WP_Site_Health::get_instance(), 'get_test_page_cache' ), + ); + + $tests['direct']['persistent_object_cache'] = array( + 'label' => __( 'Persistent object cache' ), + 'test' => 'persistent_object_cache', + ); + } + + /** + * Filters which site status tests are run on a site. + * + * The site health is determined by a set of tests based on best practices from + * both the WordPress Hosting Team and web standards in general. + * + * Some sites may not have the same requirements, for example the automatic update + * checks may be handled by a host, and are therefore disabled in core. + * Or maybe you want to introduce a new test, is caching enabled/disabled/stale for example. + * + * Tests may be added either as direct, or asynchronous ones. Any test that may require some time + * to complete should run asynchronously, to avoid extended loading periods within wp-admin. + * + * @since 5.2.0 + * @since 5.6.0 Added the `async_direct_test` array key for asynchronous tests. + * Added the `skip_cron` array key for all tests. + * + * @param array[] $tests { + * An associative array of direct and asynchronous tests. + * + * @type array[] $direct { + * An array of direct tests. + * + * @type array ...$identifier { + * `$identifier` should be a unique identifier for the test. Plugins and themes are encouraged to + * prefix test identifiers with their slug to avoid collisions between tests. + * + * @type string $label The friendly label to identify the test. + * @type callable $test The callback function that runs the test and returns its result. + * @type bool $skip_cron Whether to skip this test when running as cron. + * } + * } + * @type array[] $async { + * An array of asynchronous tests. + * + * @type array ...$identifier { + * `$identifier` should be a unique identifier for the test. Plugins and themes are encouraged to + * prefix test identifiers with their slug to avoid collisions between tests. + * + * @type string $label The friendly label to identify the test. + * @type string $test An admin-ajax.php action to be called to perform the test, or + * if `$has_rest` is true, a URL to a REST API endpoint to perform + * the test. + * @type bool $has_rest Whether the `$test` property points to a REST API endpoint. + * @type bool $skip_cron Whether to skip this test when running as cron. + * @type callable $async_direct_test A manner of directly calling the test marked as asynchronous, + * as the scheduled event can not authenticate, and endpoints + * may require authentication. + * } + * } + * } + */ + $tests = apply_filters( 'site_status_tests', $tests ); + + // Ensure that the filtered tests contain the required array keys. + $tests = array_merge( + array( + 'direct' => array(), + 'async' => array(), + ), + $tests + ); + + return $tests; + } + + /** + * Adds a class to the body HTML tag. + * + * Filters the body class string for admin pages and adds our own class for easier styling. + * + * @since 5.2.0 + * + * @param string $body_class The body class string. + * @return string The modified body class string. + */ + public function admin_body_class( $body_class ) { + $screen = get_current_screen(); + if ( 'site-health' !== $screen->id ) { + return $body_class; + } + + $body_class .= ' site-health'; + + return $body_class; + } + + /** + * Initiates the WP_Cron schedule test cases. + * + * @since 5.2.0 + */ + private function wp_schedule_test_init() { + $this->schedules = wp_get_schedules(); + $this->get_cron_tasks(); + } + + /** + * Populates the list of cron events and store them to a class-wide variable. + * + * @since 5.2.0 + */ + private function get_cron_tasks() { + $cron_tasks = _get_cron_array(); + + if ( empty( $cron_tasks ) ) { + $this->crons = new WP_Error( 'no_tasks', __( 'No scheduled events exist on this site.' ) ); + return; + } + + $this->crons = array(); + + foreach ( $cron_tasks as $time => $cron ) { + foreach ( $cron as $hook => $dings ) { + foreach ( $dings as $sig => $data ) { + + $this->crons[ "$hook-$sig-$time" ] = (object) array( + 'hook' => $hook, + 'time' => $time, + 'sig' => $sig, + 'args' => $data['args'], + 'schedule' => $data['schedule'], + 'interval' => isset( $data['interval'] ) ? $data['interval'] : null, + ); + + } + } + } + } + + /** + * Checks if any scheduled tasks have been missed. + * + * Returns a boolean value of `true` if a scheduled task has been missed and ends processing. + * + * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value. + * + * @since 5.2.0 + * + * @return bool|WP_Error True if a cron was missed, false if not. WP_Error if the cron is set to that. + */ + public function has_missed_cron() { + if ( is_wp_error( $this->crons ) ) { + return $this->crons; + } + + foreach ( $this->crons as $id => $cron ) { + if ( ( $cron->time - time() ) < $this->timeout_missed_cron ) { + $this->last_missed_cron = $cron->hook; + return true; + } + } + + return false; + } + + /** + * Checks if any scheduled tasks are late. + * + * Returns a boolean value of `true` if a scheduled task is late and ends processing. + * + * If the list of crons is an instance of WP_Error, returns the instance instead of a boolean value. + * + * @since 5.3.0 + * + * @return bool|WP_Error True if a cron is late, false if not. WP_Error if the cron is set to that. + */ + public function has_late_cron() { + if ( is_wp_error( $this->crons ) ) { + return $this->crons; + } + + foreach ( $this->crons as $id => $cron ) { + $cron_offset = $cron->time - time(); + if ( + $cron_offset >= $this->timeout_missed_cron && + $cron_offset < $this->timeout_late_cron + ) { + $this->last_late_cron = $cron->hook; + return true; + } + } + + return false; + } + + /** + * Checks for potential issues with plugin and theme auto-updates. + * + * Though there is no way to 100% determine if plugin and theme auto-updates are configured + * correctly, a few educated guesses could be made to flag any conditions that would + * potentially cause unexpected behaviors. + * + * @since 5.5.0 + * + * @return object The test results. + */ + public function detect_plugin_theme_auto_update_issues() { + $mock_plugin = (object) array( + 'id' => 'w.org/plugins/a-fake-plugin', + 'slug' => 'a-fake-plugin', + 'plugin' => 'a-fake-plugin/a-fake-plugin.php', + 'new_version' => '9.9', + 'url' => 'https://wordpress.org/plugins/a-fake-plugin/', + 'package' => 'https://downloads.wordpress.org/plugin/a-fake-plugin.9.9.zip', + 'icons' => array( + '2x' => 'https://ps.w.org/a-fake-plugin/assets/icon-256x256.png', + '1x' => 'https://ps.w.org/a-fake-plugin/assets/icon-128x128.png', + ), + 'banners' => array( + '2x' => 'https://ps.w.org/a-fake-plugin/assets/banner-1544x500.png', + '1x' => 'https://ps.w.org/a-fake-plugin/assets/banner-772x250.png', + ), + 'banners_rtl' => array(), + 'tested' => '5.5.0', + 'requires_php' => '5.6.20', + 'compatibility' => new stdClass(), + ); + + $mock_theme = (object) array( + 'theme' => 'a-fake-theme', + 'new_version' => '9.9', + 'url' => 'https://wordpress.org/themes/a-fake-theme/', + 'package' => 'https://downloads.wordpress.org/theme/a-fake-theme.9.9.zip', + 'requires' => '5.0.0', + 'requires_php' => '5.6.20', + ); + + $test_plugins_enabled = wp_is_auto_update_forced_for_item( 'plugin', true, $mock_plugin ); + $test_themes_enabled = wp_is_auto_update_forced_for_item( 'theme', true, $mock_theme ); + + $ui_enabled_for_plugins = wp_is_auto_update_enabled_for_type( 'plugin' ); + $ui_enabled_for_themes = wp_is_auto_update_enabled_for_type( 'theme' ); + $plugin_filter_present = has_filter( 'auto_update_plugin' ); + $theme_filter_present = has_filter( 'auto_update_theme' ); + + if ( ( ! $test_plugins_enabled && $ui_enabled_for_plugins ) + || ( ! $test_themes_enabled && $ui_enabled_for_themes ) + ) { + return (object) array( + 'status' => 'critical', + 'message' => __( 'Auto-updates for plugins and/or themes appear to be disabled, but settings are still set to be displayed. This could cause auto-updates to not work as expected.' ), + ); + } + + if ( ( ! $test_plugins_enabled && $plugin_filter_present ) + && ( ! $test_themes_enabled && $theme_filter_present ) + ) { + return (object) array( + 'status' => 'recommended', + 'message' => __( 'Auto-updates for plugins and themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), + ); + } elseif ( ! $test_plugins_enabled && $plugin_filter_present ) { + return (object) array( + 'status' => 'recommended', + 'message' => __( 'Auto-updates for plugins appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), + ); + } elseif ( ! $test_themes_enabled && $theme_filter_present ) { + return (object) array( + 'status' => 'recommended', + 'message' => __( 'Auto-updates for themes appear to be disabled. This will prevent your site from receiving new versions automatically when available.' ), + ); + } + + return (object) array( + 'status' => 'good', + 'message' => __( 'There appear to be no issues with plugin and theme auto-updates.' ), + ); + } + + /** + * Runs a loopback test on the site. + * + * Loopbacks are what WordPress uses to communicate with itself to start up WP_Cron, scheduled posts, + * make sure plugin or theme edits don't cause site failures and similar. + * + * @since 5.2.0 + * + * @return object The test results. + */ + public function can_perform_loopback() { + $body = array( 'site-health' => 'loopback-test' ); + $cookies = wp_unslash( $_COOKIE ); + $timeout = 10; // 10 seconds. + $headers = array( + 'Cache-Control' => 'no-cache', + ); + /** This filter is documented in wp-includes/class-wp-http-streams.php */ + $sslverify = apply_filters( 'https_local_ssl_verify', false ); + + // Include Basic auth in loopback requests. + if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { + $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); + } + + $url = site_url( 'wp-cron.php' ); + + /* + * A post request is used for the wp-cron.php loopback test to cause the file + * to finish early without triggering cron jobs. This has two benefits: + * - cron jobs are not triggered a second time on the site health page, + * - the loopback request finishes sooner providing a quicker result. + * + * Using a POST request causes the loopback to differ slightly to the standard + * GET request WordPress uses for wp-cron.php loopback requests but is close + * enough. See https://core.trac.wordpress.org/ticket/52547 + */ + $r = wp_remote_post( $url, compact( 'body', 'cookies', 'headers', 'timeout', 'sslverify' ) ); + + if ( is_wp_error( $r ) ) { + return (object) array( + 'status' => 'critical', + 'message' => sprintf( + '%s<br>%s', + __( 'The loopback request to your site failed, this means features relying on them are not currently working as expected.' ), + sprintf( + /* translators: 1: The WordPress error message. 2: The WordPress error code. */ + __( 'Error: %1$s (%2$s)' ), + $r->get_error_message(), + $r->get_error_code() + ) + ), + ); + } + + if ( 200 !== wp_remote_retrieve_response_code( $r ) ) { + return (object) array( + 'status' => 'recommended', + 'message' => sprintf( + /* translators: %d: The HTTP response code returned. */ + __( 'The loopback request returned an unexpected http status code, %d, it was not possible to determine if this will prevent features from working as expected.' ), + wp_remote_retrieve_response_code( $r ) + ), + ); + } + + return (object) array( + 'status' => 'good', + 'message' => __( 'The loopback request to your site completed successfully.' ), + ); + } + + /** + * Creates a weekly cron event, if one does not already exist. + * + * @since 5.4.0 + */ + public function maybe_create_scheduled_event() { + if ( ! wp_next_scheduled( 'wp_site_health_scheduled_check' ) && ! wp_installing() ) { + wp_schedule_event( time() + DAY_IN_SECONDS, 'weekly', 'wp_site_health_scheduled_check' ); + } + } + + /** + * Runs the scheduled event to check and update the latest site health status for the website. + * + * @since 5.4.0 + */ + public function wp_cron_scheduled_check() { + // Bootstrap wp-admin, as WP_Cron doesn't do this for us. + require_once trailingslashit( ABSPATH ) . 'wp-admin/includes/admin.php'; + + $tests = WP_Site_Health::get_tests(); + + $results = array(); + + $site_status = array( + 'good' => 0, + 'recommended' => 0, + 'critical' => 0, + ); + + // Don't run https test on development environments. + if ( $this->is_development_environment() ) { + unset( $tests['async']['https_status'] ); + } + + foreach ( $tests['direct'] as $test ) { + if ( ! empty( $test['skip_cron'] ) ) { + continue; + } + + if ( is_string( $test['test'] ) ) { + $test_function = sprintf( + 'get_test_%s', + $test['test'] + ); + + if ( method_exists( $this, $test_function ) && is_callable( array( $this, $test_function ) ) ) { + $results[] = $this->perform_test( array( $this, $test_function ) ); + continue; + } + } + + if ( is_callable( $test['test'] ) ) { + $results[] = $this->perform_test( $test['test'] ); + } + } + + foreach ( $tests['async'] as $test ) { + if ( ! empty( $test['skip_cron'] ) ) { + continue; + } + + // Local endpoints may require authentication, so asynchronous tests can pass a direct test runner as well. + if ( ! empty( $test['async_direct_test'] ) && is_callable( $test['async_direct_test'] ) ) { + // This test is callable, do so and continue to the next asynchronous check. + $results[] = $this->perform_test( $test['async_direct_test'] ); + continue; + } + + if ( is_string( $test['test'] ) ) { + // Check if this test has a REST API endpoint. + if ( isset( $test['has_rest'] ) && $test['has_rest'] ) { + $result_fetch = wp_remote_get( + $test['test'], + array( + 'body' => array( + '_wpnonce' => wp_create_nonce( 'wp_rest' ), + ), + ) + ); + } else { + $result_fetch = wp_remote_post( + admin_url( 'admin-ajax.php' ), + array( + 'body' => array( + 'action' => $test['test'], + '_wpnonce' => wp_create_nonce( 'health-check-site-status' ), + ), + ) + ); + } + + if ( ! is_wp_error( $result_fetch ) && 200 === wp_remote_retrieve_response_code( $result_fetch ) ) { + $result = json_decode( wp_remote_retrieve_body( $result_fetch ), true ); + } else { + $result = false; + } + + if ( is_array( $result ) ) { + $results[] = $result; + } else { + $results[] = array( + 'status' => 'recommended', + 'label' => __( 'A test is unavailable' ), + ); + } + } + } + + foreach ( $results as $result ) { + if ( 'critical' === $result['status'] ) { + ++$site_status['critical']; + } elseif ( 'recommended' === $result['status'] ) { + ++$site_status['recommended']; + } else { + ++$site_status['good']; + } + } + + set_transient( 'health-check-site-status-result', wp_json_encode( $site_status ) ); + } + + /** + * Checks if the current environment type is set to 'development' or 'local'. + * + * @since 5.6.0 + * + * @return bool True if it is a development environment, false if not. + */ + public function is_development_environment() { + return in_array( wp_get_environment_type(), array( 'development', 'local' ), true ); + } + + /** + * Returns a list of headers and its verification callback to verify if page cache is enabled or not. + * + * Note: key is header name and value could be callable function to verify header value. + * Empty value mean existence of header detect page cache is enabled. + * + * @since 6.1.0 + * + * @return array List of client caching headers and their (optional) verification callbacks. + */ + public function get_page_cache_headers() { + + $cache_hit_callback = static function ( $header_value ) { + return str_contains( strtolower( $header_value ), 'hit' ); + }; + + $cache_headers = array( + 'cache-control' => static function ( $header_value ) { + return (bool) preg_match( '/max-age=[1-9]/', $header_value ); + }, + 'expires' => static function ( $header_value ) { + return strtotime( $header_value ) > time(); + }, + 'age' => static function ( $header_value ) { + return is_numeric( $header_value ) && $header_value > 0; + }, + 'last-modified' => '', + 'etag' => '', + 'x-cache-enabled' => static function ( $header_value ) { + return 'true' === strtolower( $header_value ); + }, + 'x-cache-disabled' => static function ( $header_value ) { + return ( 'on' !== strtolower( $header_value ) ); + }, + 'x-srcache-store-status' => $cache_hit_callback, + 'x-srcache-fetch-status' => $cache_hit_callback, + ); + + /** + * Filters the list of cache headers supported by core. + * + * @since 6.1.0 + * + * @param array $cache_headers Array of supported cache headers. + */ + return apply_filters( 'site_status_page_cache_supported_cache_headers', $cache_headers ); + } + + /** + * Checks if site has page cache enabled or not. + * + * @since 6.1.0 + * + * @return WP_Error|array { + * Page cache detection details or else error information. + * + * @type bool $advanced_cache_present Whether a page cache plugin is present. + * @type array[] $page_caching_response_headers Sets of client caching headers for the responses. + * @type float[] $response_timing Response timings. + * } + */ + private function check_for_page_caching() { + + /** This filter is documented in wp-includes/class-wp-http-streams.php */ + $sslverify = apply_filters( 'https_local_ssl_verify', false ); + + $headers = array(); + + /* + * Include basic auth in loopback requests. Note that this will only pass along basic auth when user is + * initiating the test. If a site requires basic auth, the test will fail when it runs in WP Cron as part of + * wp_site_health_scheduled_check. This logic is copied from WP_Site_Health::can_perform_loopback(). + */ + if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { + $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); + } + + $caching_headers = $this->get_page_cache_headers(); + $page_caching_response_headers = array(); + $response_timing = array(); + + for ( $i = 1; $i <= 3; $i++ ) { + $start_time = microtime( true ); + $http_response = wp_remote_get( home_url( '/' ), compact( 'sslverify', 'headers' ) ); + $end_time = microtime( true ); + + if ( is_wp_error( $http_response ) ) { + return $http_response; + } + if ( wp_remote_retrieve_response_code( $http_response ) !== 200 ) { + return new WP_Error( + 'http_' . wp_remote_retrieve_response_code( $http_response ), + wp_remote_retrieve_response_message( $http_response ) + ); + } + + $response_headers = array(); + + foreach ( $caching_headers as $header => $callback ) { + $header_values = wp_remote_retrieve_header( $http_response, $header ); + if ( empty( $header_values ) ) { + continue; + } + $header_values = (array) $header_values; + if ( empty( $callback ) || ( is_callable( $callback ) && count( array_filter( $header_values, $callback ) ) > 0 ) ) { + $response_headers[ $header ] = $header_values; + } + } + + $page_caching_response_headers[] = $response_headers; + $response_timing[] = ( $end_time - $start_time ) * 1000; + } + + return array( + 'advanced_cache_present' => ( + file_exists( WP_CONTENT_DIR . '/advanced-cache.php' ) + && + ( defined( 'WP_CACHE' ) && WP_CACHE ) + && + /** This filter is documented in wp-settings.php */ + apply_filters( 'enable_loading_advanced_cache_dropin', true ) + ), + 'page_caching_response_headers' => $page_caching_response_headers, + 'response_timing' => $response_timing, + ); + } + + /** + * Gets page cache details. + * + * @since 6.1.0 + * + * @return WP_Error|array { + * Page cache detail or else a WP_Error if unable to determine. + * + * @type string $status Page cache status. Good, Recommended or Critical. + * @type bool $advanced_cache_present Whether page cache plugin is available or not. + * @type string[] $headers Client caching response headers detected. + * @type float $response_time Response time of site. + * } + */ + private function get_page_cache_detail() { + $page_cache_detail = $this->check_for_page_caching(); + if ( is_wp_error( $page_cache_detail ) ) { + return $page_cache_detail; + } + + // Use the median server response time. + $response_timings = $page_cache_detail['response_timing']; + rsort( $response_timings ); + $page_speed = $response_timings[ floor( count( $response_timings ) / 2 ) ]; + + // Obtain unique set of all client caching response headers. + $headers = array(); + foreach ( $page_cache_detail['page_caching_response_headers'] as $page_caching_response_headers ) { + $headers = array_merge( $headers, array_keys( $page_caching_response_headers ) ); + } + $headers = array_unique( $headers ); + + // Page cache is detected if there are response headers or a page cache plugin is present. + $has_page_caching = ( count( $headers ) > 0 || $page_cache_detail['advanced_cache_present'] ); + + if ( $page_speed && $page_speed < $this->get_good_response_time_threshold() ) { + $result = $has_page_caching ? 'good' : 'recommended'; + } else { + $result = 'critical'; + } + + return array( + 'status' => $result, + 'advanced_cache_present' => $page_cache_detail['advanced_cache_present'], + 'headers' => $headers, + 'response_time' => $page_speed, + ); + } + + /** + * Gets the threshold below which a response time is considered good. + * + * @since 6.1.0 + * + * @return int Threshold in milliseconds. + */ + private function get_good_response_time_threshold() { + /** + * Filters the threshold below which a response time is considered good. + * + * The default is based on https://web.dev/time-to-first-byte/. + * + * @param int $threshold Threshold in milliseconds. Default 600. + * + * @since 6.1.0 + */ + return (int) apply_filters( 'site_status_good_response_time_threshold', 600 ); + } + + /** + * Determines whether to suggest using a persistent object cache. + * + * @since 6.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return bool Whether to suggest using a persistent object cache. + */ + public function should_suggest_persistent_object_cache() { + global $wpdb; + + /** + * Filters whether to suggest use of a persistent object cache and bypass default threshold checks. + * + * Using this filter allows to override the default logic, effectively short-circuiting the method. + * + * @since 6.1.0 + * + * @param bool|null $suggest Boolean to short-circuit, for whether to suggest using a persistent object cache. + * Default null. + */ + $short_circuit = apply_filters( 'site_status_should_suggest_persistent_object_cache', null ); + if ( is_bool( $short_circuit ) ) { + return $short_circuit; + } + + if ( is_multisite() ) { + return true; + } + + /** + * Filters the thresholds used to determine whether to suggest the use of a persistent object cache. + * + * @since 6.1.0 + * + * @param int[] $thresholds The list of threshold numbers keyed by threshold name. + */ + $thresholds = apply_filters( + 'site_status_persistent_object_cache_thresholds', + array( + 'alloptions_count' => 500, + 'alloptions_bytes' => 100000, + 'comments_count' => 1000, + 'options_count' => 1000, + 'posts_count' => 1000, + 'terms_count' => 1000, + 'users_count' => 1000, + ) + ); + + $alloptions = wp_load_alloptions(); + + if ( $thresholds['alloptions_count'] < count( $alloptions ) ) { + return true; + } + + if ( $thresholds['alloptions_bytes'] < strlen( serialize( $alloptions ) ) ) { + return true; + } + + $table_names = implode( "','", array( $wpdb->comments, $wpdb->options, $wpdb->posts, $wpdb->terms, $wpdb->users ) ); + + // With InnoDB the `TABLE_ROWS` are estimates, which are accurate enough and faster to retrieve than individual `COUNT()` queries. + $results = $wpdb->get_results( + $wpdb->prepare( + // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- This query cannot use interpolation. + "SELECT TABLE_NAME AS 'table', TABLE_ROWS AS 'rows', SUM(data_length + index_length) as 'bytes' FROM information_schema.TABLES WHERE TABLE_SCHEMA = %s AND TABLE_NAME IN ('$table_names') GROUP BY TABLE_NAME;", + DB_NAME + ), + OBJECT_K + ); + + $threshold_map = array( + 'comments_count' => $wpdb->comments, + 'options_count' => $wpdb->options, + 'posts_count' => $wpdb->posts, + 'terms_count' => $wpdb->terms, + 'users_count' => $wpdb->users, + ); + + foreach ( $threshold_map as $threshold => $table ) { + if ( $thresholds[ $threshold ] <= $results[ $table ]->rows ) { + return true; + } + } + + return false; + } + + /** + * Returns a list of available persistent object cache services. + * + * @since 6.1.0 + * + * @return string[] The list of available persistent object cache services. + */ + private function available_object_cache_services() { + $extensions = array_map( + 'extension_loaded', + array( + 'APCu' => 'apcu', + 'Redis' => 'redis', + 'Relay' => 'relay', + 'Memcache' => 'memcache', + 'Memcached' => 'memcached', + ) + ); + + $services = array_keys( array_filter( $extensions ) ); + + /** + * Filters the persistent object cache services available to the user. + * + * This can be useful to hide or add services not included in the defaults. + * + * @since 6.1.0 + * + * @param string[] $services The list of available persistent object cache services. + */ + return apply_filters( 'site_status_available_object_cache_services', $services ); + } +} diff --git a/wp-admin/includes/class-wp-site-icon.php b/wp-admin/includes/class-wp-site-icon.php new file mode 100644 index 0000000..ff41771 --- /dev/null +++ b/wp-admin/includes/class-wp-site-icon.php @@ -0,0 +1,234 @@ +<?php +/** + * Administration API: WP_Site_Icon class + * + * @package WordPress + * @subpackage Administration + * @since 4.3.0 + */ + +/** + * Core class used to implement site icon functionality. + * + * @since 4.3.0 + */ +#[AllowDynamicProperties] +class WP_Site_Icon { + + /** + * The minimum size of the site icon. + * + * @since 4.3.0 + * @var int + */ + public $min_size = 512; + + /** + * The size to which to crop the image so that we can display it in the UI nicely. + * + * @since 4.3.0 + * @var int + */ + public $page_crop = 512; + + /** + * List of site icon sizes. + * + * @since 4.3.0 + * @var int[] + */ + public $site_icon_sizes = array( + /* + * Square, medium sized tiles for IE11+. + * + * See https://msdn.microsoft.com/library/dn455106(v=vs.85).aspx + */ + 270, + + /* + * App icon for Android/Chrome. + * + * @link https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android + * @link https://developer.chrome.com/multidevice/android/installtohomescreen + */ + 192, + + /* + * App icons up to iPhone 6 Plus. + * + * See https://developer.apple.com/library/prerelease/ios/documentation/UserExperience/Conceptual/MobileHIG/IconMatrix.html + */ + 180, + + // Our regular Favicon. + 32, + ); + + /** + * Registers actions and filters. + * + * @since 4.3.0 + */ + public function __construct() { + add_action( 'delete_attachment', array( $this, 'delete_attachment_data' ) ); + add_filter( 'get_post_metadata', array( $this, 'get_post_metadata' ), 10, 4 ); + } + + /** + * Creates an attachment 'object'. + * + * @since 4.3.0 + * + * @param string $cropped Cropped image URL. + * @param int $parent_attachment_id Attachment ID of parent image. + * @return array An array with attachment object data. + */ + public function create_attachment_object( $cropped, $parent_attachment_id ) { + $parent = get_post( $parent_attachment_id ); + $parent_url = wp_get_attachment_url( $parent->ID ); + $url = str_replace( wp_basename( $parent_url ), wp_basename( $cropped ), $parent_url ); + + $size = wp_getimagesize( $cropped ); + $image_type = ( $size ) ? $size['mime'] : 'image/jpeg'; + + $attachment = array( + 'ID' => $parent_attachment_id, + 'post_title' => wp_basename( $cropped ), + 'post_content' => $url, + 'post_mime_type' => $image_type, + 'guid' => $url, + 'context' => 'site-icon', + ); + + return $attachment; + } + + /** + * Inserts an attachment. + * + * @since 4.3.0 + * + * @param array $attachment An array with attachment object data. + * @param string $file File path of the attached image. + * @return int Attachment ID. + */ + public function insert_attachment( $attachment, $file ) { + $attachment_id = wp_insert_attachment( $attachment, $file ); + $metadata = wp_generate_attachment_metadata( $attachment_id, $file ); + + /** + * Filters the site icon attachment metadata. + * + * @since 4.3.0 + * + * @see wp_generate_attachment_metadata() + * + * @param array $metadata Attachment metadata. + */ + $metadata = apply_filters( 'site_icon_attachment_metadata', $metadata ); + wp_update_attachment_metadata( $attachment_id, $metadata ); + + return $attachment_id; + } + + /** + * Adds additional sizes to be made when creating the site icon images. + * + * @since 4.3.0 + * + * @param array[] $sizes Array of arrays containing information for additional sizes. + * @return array[] Array of arrays containing additional image sizes. + */ + public function additional_sizes( $sizes = array() ) { + $only_crop_sizes = array(); + + /** + * Filters the different dimensions that a site icon is saved in. + * + * @since 4.3.0 + * + * @param int[] $site_icon_sizes Array of sizes available for the Site Icon. + */ + $this->site_icon_sizes = apply_filters( 'site_icon_image_sizes', $this->site_icon_sizes ); + + // Use a natural sort of numbers. + natsort( $this->site_icon_sizes ); + $this->site_icon_sizes = array_reverse( $this->site_icon_sizes ); + + // Ensure that we only resize the image into sizes that allow cropping. + foreach ( $sizes as $name => $size_array ) { + if ( isset( $size_array['crop'] ) ) { + $only_crop_sizes[ $name ] = $size_array; + } + } + + foreach ( $this->site_icon_sizes as $size ) { + if ( $size < $this->min_size ) { + $only_crop_sizes[ 'site_icon-' . $size ] = array( + 'width ' => $size, + 'height' => $size, + 'crop' => true, + ); + } + } + + return $only_crop_sizes; + } + + /** + * Adds Site Icon sizes to the array of image sizes on demand. + * + * @since 4.3.0 + * + * @param string[] $sizes Array of image size names. + * @return string[] Array of image size names. + */ + public function intermediate_image_sizes( $sizes = array() ) { + /** This filter is documented in wp-admin/includes/class-wp-site-icon.php */ + $this->site_icon_sizes = apply_filters( 'site_icon_image_sizes', $this->site_icon_sizes ); + foreach ( $this->site_icon_sizes as $size ) { + $sizes[] = 'site_icon-' . $size; + } + + return $sizes; + } + + /** + * Deletes the Site Icon when the image file is deleted. + * + * @since 4.3.0 + * + * @param int $post_id Attachment ID. + */ + public function delete_attachment_data( $post_id ) { + $site_icon_id = (int) get_option( 'site_icon' ); + + if ( $site_icon_id && $post_id === $site_icon_id ) { + delete_option( 'site_icon' ); + } + } + + /** + * Adds custom image sizes when meta data for an image is requested, that happens to be used as Site Icon. + * + * @since 4.3.0 + * + * @param null|array|string $value The value get_metadata() should return a single metadata value, or an + * array of values. + * @param int $post_id Post ID. + * @param string $meta_key Meta key. + * @param bool $single Whether to return only the first value of the specified `$meta_key`. + * @return array|null|string The attachment metadata value, array of values, or null. + */ + public function get_post_metadata( $value, $post_id, $meta_key, $single ) { + if ( $single && '_wp_attachment_backup_sizes' === $meta_key ) { + $site_icon_id = (int) get_option( 'site_icon' ); + + if ( $post_id === $site_icon_id ) { + add_filter( 'intermediate_image_sizes', array( $this, 'intermediate_image_sizes' ) ); + } + } + + return $value; + } +} diff --git a/wp-admin/includes/class-wp-terms-list-table.php b/wp-admin/includes/class-wp-terms-list-table.php new file mode 100644 index 0000000..b3d9ec5 --- /dev/null +++ b/wp-admin/includes/class-wp-terms-list-table.php @@ -0,0 +1,755 @@ +<?php +/** + * List Table API: WP_Terms_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying terms in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Terms_List_Table extends WP_List_Table { + + public $callback_args; + + private $level; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @global string $post_type + * @global string $taxonomy + * @global string $action + * @global object $tax + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + global $post_type, $taxonomy, $action, $tax; + + parent::__construct( + array( + 'plural' => 'tags', + 'singular' => 'tag', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + + $action = $this->screen->action; + $post_type = $this->screen->post_type; + $taxonomy = $this->screen->taxonomy; + + if ( empty( $taxonomy ) ) { + $taxonomy = 'post_tag'; + } + + if ( ! taxonomy_exists( $taxonomy ) ) { + wp_die( __( 'Invalid taxonomy.' ) ); + } + + $tax = get_taxonomy( $taxonomy ); + + // @todo Still needed? Maybe just the show_ui part. + if ( empty( $post_type ) || ! in_array( $post_type, get_post_types( array( 'show_ui' => true ) ), true ) ) { + $post_type = 'post'; + } + } + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( get_taxonomy( $this->screen->taxonomy )->cap->manage_terms ); + } + + /** + */ + public function prepare_items() { + $taxonomy = $this->screen->taxonomy; + + $tags_per_page = $this->get_items_per_page( "edit_{$taxonomy}_per_page" ); + + if ( 'post_tag' === $taxonomy ) { + /** + * Filters the number of terms displayed per page for the Tags list table. + * + * @since 2.8.0 + * + * @param int $tags_per_page Number of tags to be displayed. Default 20. + */ + $tags_per_page = apply_filters( 'edit_tags_per_page', $tags_per_page ); + + /** + * Filters the number of terms displayed per page for the Tags list table. + * + * @since 2.7.0 + * @deprecated 2.8.0 Use {@see 'edit_tags_per_page'} instead. + * + * @param int $tags_per_page Number of tags to be displayed. Default 20. + */ + $tags_per_page = apply_filters_deprecated( 'tagsperpage', array( $tags_per_page ), '2.8.0', 'edit_tags_per_page' ); + } elseif ( 'category' === $taxonomy ) { + /** + * Filters the number of terms displayed per page for the Categories list table. + * + * @since 2.8.0 + * + * @param int $tags_per_page Number of categories to be displayed. Default 20. + */ + $tags_per_page = apply_filters( 'edit_categories_per_page', $tags_per_page ); + } + + $search = ! empty( $_REQUEST['s'] ) ? trim( wp_unslash( $_REQUEST['s'] ) ) : ''; + + $args = array( + 'taxonomy' => $taxonomy, + 'search' => $search, + 'page' => $this->get_pagenum(), + 'number' => $tags_per_page, + 'hide_empty' => 0, + ); + + if ( ! empty( $_REQUEST['orderby'] ) ) { + $args['orderby'] = trim( wp_unslash( $_REQUEST['orderby'] ) ); + } + + if ( ! empty( $_REQUEST['order'] ) ) { + $args['order'] = trim( wp_unslash( $_REQUEST['order'] ) ); + } + + $args['offset'] = ( $args['page'] - 1 ) * $args['number']; + + // Save the values because 'number' and 'offset' can be subsequently overridden. + $this->callback_args = $args; + + if ( is_taxonomy_hierarchical( $taxonomy ) && ! isset( $args['orderby'] ) ) { + // We'll need the full set of terms then. + $args['number'] = 0; + $args['offset'] = $args['number']; + } + + $this->items = get_terms( $args ); + + $this->set_pagination_args( + array( + 'total_items' => wp_count_terms( + array( + 'taxonomy' => $taxonomy, + 'search' => $search, + ) + ), + 'per_page' => $tags_per_page, + ) + ); + } + + /** + */ + public function no_items() { + echo get_taxonomy( $this->screen->taxonomy )->labels->not_found; + } + + /** + * @return array + */ + protected function get_bulk_actions() { + $actions = array(); + + if ( current_user_can( get_taxonomy( $this->screen->taxonomy )->cap->delete_terms ) ) { + $actions['delete'] = __( 'Delete' ); + } + + return $actions; + } + + /** + * @return string + */ + public function current_action() { + if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['delete_tags'] ) && 'delete' === $_REQUEST['action'] ) { + return 'bulk-delete'; + } + + return parent::current_action(); + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $columns = array( + 'cb' => '<input type="checkbox" />', + 'name' => _x( 'Name', 'term name' ), + 'description' => __( 'Description' ), + 'slug' => __( 'Slug' ), + ); + + if ( 'link_category' === $this->screen->taxonomy ) { + $columns['links'] = __( 'Links' ); + } else { + $columns['posts'] = _x( 'Count', 'Number/count of items' ); + } + + return $columns; + } + + /** + * @return array + */ + protected function get_sortable_columns() { + $taxonomy = $this->screen->taxonomy; + + if ( ! isset( $_GET['orderby'] ) && is_taxonomy_hierarchical( $taxonomy ) ) { + $name_orderby_text = __( 'Table ordered hierarchically.' ); + } else { + $name_orderby_text = __( 'Table ordered by Name.' ); + } + + return array( + 'name' => array( 'name', false, _x( 'Name', 'term name' ), $name_orderby_text, 'asc' ), + 'description' => array( 'description', false, __( 'Description' ), __( 'Table ordered by Description.' ) ), + 'slug' => array( 'slug', false, __( 'Slug' ), __( 'Table ordered by Slug.' ) ), + 'posts' => array( 'count', false, _x( 'Count', 'Number/count of items' ), __( 'Table ordered by Posts Count.' ) ), + 'links' => array( 'count', false, __( 'Links' ), __( 'Table ordered by Links.' ) ), + ); + } + + /** + */ + public function display_rows_or_placeholder() { + $taxonomy = $this->screen->taxonomy; + + $number = $this->callback_args['number']; + $offset = $this->callback_args['offset']; + + // Convert it to table rows. + $count = 0; + + if ( empty( $this->items ) || ! is_array( $this->items ) ) { + echo '<tr class="no-items"><td class="colspanchange" colspan="' . $this->get_column_count() . '">'; + $this->no_items(); + echo '</td></tr>'; + return; + } + + if ( is_taxonomy_hierarchical( $taxonomy ) && ! isset( $this->callback_args['orderby'] ) ) { + if ( ! empty( $this->callback_args['search'] ) ) {// Ignore children on searches. + $children = array(); + } else { + $children = _get_term_hierarchy( $taxonomy ); + } + + /* + * Some funky recursion to get the job done (paging & parents mainly) is contained within. + * Skip it for non-hierarchical taxonomies for performance sake. + */ + $this->_rows( $taxonomy, $this->items, $children, $offset, $number, $count ); + } else { + foreach ( $this->items as $term ) { + $this->single_row( $term ); + } + } + } + + /** + * @param string $taxonomy + * @param array $terms + * @param array $children + * @param int $start + * @param int $per_page + * @param int $count + * @param int $parent_term + * @param int $level + */ + private function _rows( $taxonomy, $terms, &$children, $start, $per_page, &$count, $parent_term = 0, $level = 0 ) { + + $end = $start + $per_page; + + foreach ( $terms as $key => $term ) { + + if ( $count >= $end ) { + break; + } + + if ( $term->parent !== $parent_term && empty( $_REQUEST['s'] ) ) { + continue; + } + + // If the page starts in a subtree, print the parents. + if ( $count === $start && $term->parent > 0 && empty( $_REQUEST['s'] ) ) { + $my_parents = array(); + $parent_ids = array(); + $p = $term->parent; + + while ( $p ) { + $my_parent = get_term( $p, $taxonomy ); + $my_parents[] = $my_parent; + $p = $my_parent->parent; + + if ( in_array( $p, $parent_ids, true ) ) { // Prevent parent loops. + break; + } + + $parent_ids[] = $p; + } + + unset( $parent_ids ); + + $num_parents = count( $my_parents ); + + while ( $my_parent = array_pop( $my_parents ) ) { + echo "\t"; + $this->single_row( $my_parent, $level - $num_parents ); + --$num_parents; + } + } + + if ( $count >= $start ) { + echo "\t"; + $this->single_row( $term, $level ); + } + + ++$count; + + unset( $terms[ $key ] ); + + if ( isset( $children[ $term->term_id ] ) && empty( $_REQUEST['s'] ) ) { + $this->_rows( $taxonomy, $terms, $children, $start, $per_page, $count, $term->term_id, $level + 1 ); + } + } + } + + /** + * @global string $taxonomy + * @param WP_Term $tag Term object. + * @param int $level + */ + public function single_row( $tag, $level = 0 ) { + global $taxonomy; + $tag = sanitize_term( $tag, $taxonomy ); + + $this->level = $level; + + if ( $tag->parent ) { + $count = count( get_ancestors( $tag->term_id, $taxonomy, 'taxonomy' ) ); + $level = 'level-' . $count; + } else { + $level = 'level-0'; + } + + echo '<tr id="tag-' . $tag->term_id . '" class="' . $level . '">'; + $this->single_row_columns( $tag ); + echo '</tr>'; + } + + /** + * @since 5.9.0 Renamed `$tag` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Term $item Term object. + * @return string + */ + public function column_cb( $item ) { + // Restores the more descriptive, specific name for use within this method. + $tag = $item; + + if ( current_user_can( 'delete_term', $tag->term_id ) ) { + return sprintf( + '<input type="checkbox" name="delete_tags[]" value="%1$s" id="cb-select-%1$s" />' . + '<label for="cb-select-%1$s"><span class="screen-reader-text">%2$s</span></label>', + $tag->term_id, + /* translators: Hidden accessibility text. %s: Taxonomy term name. */ + sprintf( __( 'Select %s' ), $tag->name ) + ); + } + + return ' '; + } + + /** + * @param WP_Term $tag Term object. + * @return string + */ + public function column_name( $tag ) { + $taxonomy = $this->screen->taxonomy; + + $pad = str_repeat( '— ', max( 0, $this->level ) ); + + /** + * Filters display of the term name in the terms list table. + * + * The default output may include padding due to the term's + * current level in the term hierarchy. + * + * @since 2.5.0 + * + * @see WP_Terms_List_Table::column_name() + * + * @param string $pad_tag_name The term name, padded if not top-level. + * @param WP_Term $tag Term object. + */ + $name = apply_filters( 'term_name', $pad . ' ' . $tag->name, $tag ); + + $qe_data = get_term( $tag->term_id, $taxonomy, OBJECT, 'edit' ); + + $uri = wp_doing_ajax() ? wp_get_referer() : $_SERVER['REQUEST_URI']; + + $edit_link = get_edit_term_link( $tag, $taxonomy, $this->screen->post_type ); + + if ( $edit_link ) { + $edit_link = add_query_arg( + 'wp_http_referer', + urlencode( wp_unslash( $uri ) ), + $edit_link + ); + $name = sprintf( + '<a class="row-title" href="%s" aria-label="%s">%s</a>', + esc_url( $edit_link ), + /* translators: %s: Taxonomy term name. */ + esc_attr( sprintf( __( '“%s” (Edit)' ), $tag->name ) ), + $name + ); + } + + $output = sprintf( + '<strong>%s</strong><br />', + $name + ); + + /** This filter is documented in wp-admin/includes/class-wp-terms-list-table.php */ + $quick_edit_enabled = apply_filters( 'quick_edit_enabled_for_taxonomy', true, $taxonomy ); + + if ( $quick_edit_enabled ) { + $output .= '<div class="hidden" id="inline_' . $qe_data->term_id . '">'; + $output .= '<div class="name">' . $qe_data->name . '</div>'; + + /** This filter is documented in wp-admin/edit-tag-form.php */ + $output .= '<div class="slug">' . apply_filters( 'editable_slug', $qe_data->slug, $qe_data ) . '</div>'; + $output .= '<div class="parent">' . $qe_data->parent . '</div></div>'; + } + + return $output; + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'name'. + */ + protected function get_default_primary_column_name() { + return 'name'; + } + + /** + * Generates and displays row action links. + * + * @since 4.3.0 + * @since 5.9.0 Renamed `$tag` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Term $item Tag being acted upon. + * @param string $column_name Current column name. + * @param string $primary Primary column name. + * @return string Row actions output for terms, or an empty string + * if the current column is not the primary column. + */ + protected function handle_row_actions( $item, $column_name, $primary ) { + if ( $primary !== $column_name ) { + return ''; + } + + // Restores the more descriptive, specific name for use within this method. + $tag = $item; + + $taxonomy = $this->screen->taxonomy; + $uri = wp_doing_ajax() ? wp_get_referer() : $_SERVER['REQUEST_URI']; + + $actions = array(); + + if ( current_user_can( 'edit_term', $tag->term_id ) ) { + $actions['edit'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + esc_url( + add_query_arg( + 'wp_http_referer', + urlencode( wp_unslash( $uri ) ), + get_edit_term_link( $tag, $taxonomy, $this->screen->post_type ) + ) + ), + /* translators: %s: Taxonomy term name. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $tag->name ) ), + __( 'Edit' ) + ); + + /** + * Filters whether Quick Edit should be enabled for the given taxonomy. + * + * @since 6.4.0 + * + * @param bool $enable Whether to enable the Quick Edit functionality. Default true. + * @param string $taxonomy Taxonomy name. + */ + $quick_edit_enabled = apply_filters( 'quick_edit_enabled_for_taxonomy', true, $taxonomy ); + + if ( $quick_edit_enabled ) { + $actions['inline hide-if-no-js'] = sprintf( + '<button type="button" class="button-link editinline" aria-label="%s" aria-expanded="false">%s</button>', + /* translators: %s: Taxonomy term name. */ + esc_attr( sprintf( __( 'Quick edit “%s” inline' ), $tag->name ) ), + __( 'Quick Edit' ) + ); + } + } + + if ( current_user_can( 'delete_term', $tag->term_id ) ) { + $actions['delete'] = sprintf( + '<a href="%s" class="delete-tag aria-button-if-js" aria-label="%s">%s</a>', + wp_nonce_url( "edit-tags.php?action=delete&taxonomy=$taxonomy&tag_ID=$tag->term_id", 'delete-tag_' . $tag->term_id ), + /* translators: %s: Taxonomy term name. */ + esc_attr( sprintf( __( 'Delete “%s”' ), $tag->name ) ), + __( 'Delete' ) + ); + } + + if ( is_term_publicly_viewable( $tag ) ) { + $actions['view'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + get_term_link( $tag ), + /* translators: %s: Taxonomy term name. */ + esc_attr( sprintf( __( 'View “%s” archive' ), $tag->name ) ), + __( 'View' ) + ); + } + + /** + * Filters the action links displayed for each term in the Tags list table. + * + * @since 2.8.0 + * @since 3.0.0 Deprecated in favor of {@see '{$taxonomy}_row_actions'} filter. + * @since 5.4.2 Restored (un-deprecated). + * + * @param string[] $actions An array of action links to be displayed. Default + * 'Edit', 'Quick Edit', 'Delete', and 'View'. + * @param WP_Term $tag Term object. + */ + $actions = apply_filters( 'tag_row_actions', $actions, $tag ); + + /** + * Filters the action links displayed for each term in the terms list table. + * + * The dynamic portion of the hook name, `$taxonomy`, refers to the taxonomy slug. + * + * Possible hook names include: + * + * - `category_row_actions` + * - `post_tag_row_actions` + * + * @since 3.0.0 + * + * @param string[] $actions An array of action links to be displayed. Default + * 'Edit', 'Quick Edit', 'Delete', and 'View'. + * @param WP_Term $tag Term object. + */ + $actions = apply_filters( "{$taxonomy}_row_actions", $actions, $tag ); + + return $this->row_actions( $actions ); + } + + /** + * @param WP_Term $tag Term object. + * @return string + */ + public function column_description( $tag ) { + if ( $tag->description ) { + return $tag->description; + } else { + return '<span aria-hidden="true">—</span><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'No description' ) . + '</span>'; + } + } + + /** + * @param WP_Term $tag Term object. + * @return string + */ + public function column_slug( $tag ) { + /** This filter is documented in wp-admin/edit-tag-form.php */ + return apply_filters( 'editable_slug', $tag->slug, $tag ); + } + + /** + * @param WP_Term $tag Term object. + * @return string + */ + public function column_posts( $tag ) { + $count = number_format_i18n( $tag->count ); + + $tax = get_taxonomy( $this->screen->taxonomy ); + + $ptype_object = get_post_type_object( $this->screen->post_type ); + if ( ! $ptype_object->show_ui ) { + return $count; + } + + if ( $tax->query_var ) { + $args = array( $tax->query_var => $tag->slug ); + } else { + $args = array( + 'taxonomy' => $tax->name, + 'term' => $tag->slug, + ); + } + + if ( 'post' !== $this->screen->post_type ) { + $args['post_type'] = $this->screen->post_type; + } + + if ( 'attachment' === $this->screen->post_type ) { + return "<a href='" . esc_url( add_query_arg( $args, 'upload.php' ) ) . "'>$count</a>"; + } + + return "<a href='" . esc_url( add_query_arg( $args, 'edit.php' ) ) . "'>$count</a>"; + } + + /** + * @param WP_Term $tag Term object. + * @return string + */ + public function column_links( $tag ) { + $count = number_format_i18n( $tag->count ); + + if ( $count ) { + $count = "<a href='link-manager.php?cat_id=$tag->term_id'>$count</a>"; + } + + return $count; + } + + /** + * @since 5.9.0 Renamed `$tag` to `$item` to match parent class for PHP 8 named parameter support. + * + * @param WP_Term $item Term object. + * @param string $column_name Name of the column. + * @return string + */ + public function column_default( $item, $column_name ) { + // Restores the more descriptive, specific name for use within this method. + $tag = $item; + + /** + * Filters the displayed columns in the terms list table. + * + * The dynamic portion of the hook name, `$this->screen->taxonomy`, + * refers to the slug of the current taxonomy. + * + * Possible hook names include: + * + * - `manage_category_custom_column` + * - `manage_post_tag_custom_column` + * + * @since 2.8.0 + * + * @param string $string Custom column output. Default empty. + * @param string $column_name Name of the column. + * @param int $term_id Term ID. + */ + return apply_filters( "manage_{$this->screen->taxonomy}_custom_column", '', $column_name, $tag->term_id ); + } + + /** + * Outputs the hidden row displayed when inline editing + * + * @since 3.1.0 + */ + public function inline_edit() { + $tax = get_taxonomy( $this->screen->taxonomy ); + + if ( ! current_user_can( $tax->cap->edit_terms ) ) { + return; + } + ?> + + <form method="get"> + <table style="display: none"><tbody id="inlineedit"> + + <tr id="inline-edit" class="inline-edit-row" style="display: none"> + <td colspan="<?php echo $this->get_column_count(); ?>" class="colspanchange"> + <div class="inline-edit-wrapper"> + + <fieldset> + <legend class="inline-edit-legend"><?php _e( 'Quick Edit' ); ?></legend> + <div class="inline-edit-col"> + <label> + <span class="title"><?php _ex( 'Name', 'term name' ); ?></span> + <span class="input-text-wrap"><input type="text" name="name" class="ptitle" value="" /></span> + </label> + + <label> + <span class="title"><?php _e( 'Slug' ); ?></span> + <span class="input-text-wrap"><input type="text" name="slug" class="ptitle" value="" /></span> + </label> + </div> + </fieldset> + + <?php + $core_columns = array( + 'cb' => true, + 'description' => true, + 'name' => true, + 'slug' => true, + 'posts' => true, + ); + + list( $columns ) = $this->get_column_info(); + + foreach ( $columns as $column_name => $column_display_name ) { + if ( isset( $core_columns[ $column_name ] ) ) { + continue; + } + + /** This action is documented in wp-admin/includes/class-wp-posts-list-table.php */ + do_action( 'quick_edit_custom_box', $column_name, 'edit-tags', $this->screen->taxonomy ); + } + ?> + + <div class="inline-edit-save submit"> + <button type="button" class="save button button-primary"><?php echo $tax->labels->update_item; ?></button> + <button type="button" class="cancel button"><?php _e( 'Cancel' ); ?></button> + <span class="spinner"></span> + + <?php wp_nonce_field( 'taxinlineeditnonce', '_inline_edit', false ); ?> + <input type="hidden" name="taxonomy" value="<?php echo esc_attr( $this->screen->taxonomy ); ?>" /> + <input type="hidden" name="post_type" value="<?php echo esc_attr( $this->screen->post_type ); ?>" /> + + <?php + wp_admin_notice( + '<p class="error"></p>', + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'hidden' ), + 'paragraph_wrap' => false, + ) + ); + ?> + </div> + </div> + + </td></tr> + + </tbody></table> + </form> + <?php + } +} diff --git a/wp-admin/includes/class-wp-theme-install-list-table.php b/wp-admin/includes/class-wp-theme-install-list-table.php new file mode 100644 index 0000000..318d8d8 --- /dev/null +++ b/wp-admin/includes/class-wp-theme-install-list-table.php @@ -0,0 +1,570 @@ +<?php +/** + * List Table API: WP_Theme_Install_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying themes to install in a list table. + * + * @since 3.1.0 + * + * @see WP_Themes_List_Table + */ +class WP_Theme_Install_List_Table extends WP_Themes_List_Table { + + public $features = array(); + + /** + * @return bool + */ + public function ajax_user_can() { + return current_user_can( 'install_themes' ); + } + + /** + * @global array $tabs + * @global string $tab + * @global int $paged + * @global string $type + * @global array $theme_field_defaults + */ + public function prepare_items() { + require ABSPATH . 'wp-admin/includes/theme-install.php'; + + global $tabs, $tab, $paged, $type, $theme_field_defaults; + wp_reset_vars( array( 'tab' ) ); + + $search_terms = array(); + $search_string = ''; + if ( ! empty( $_REQUEST['s'] ) ) { + $search_string = strtolower( wp_unslash( $_REQUEST['s'] ) ); + $search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', $search_string ) ) ) ); + } + + if ( ! empty( $_REQUEST['features'] ) ) { + $this->features = $_REQUEST['features']; + } + + $paged = $this->get_pagenum(); + + $per_page = 36; + + // These are the tabs which are shown on the page, + $tabs = array(); + $tabs['dashboard'] = __( 'Search' ); + if ( 'search' === $tab ) { + $tabs['search'] = __( 'Search Results' ); + } + $tabs['upload'] = __( 'Upload' ); + $tabs['featured'] = _x( 'Featured', 'themes' ); + //$tabs['popular'] = _x( 'Popular', 'themes' ); + $tabs['new'] = _x( 'Latest', 'themes' ); + $tabs['updated'] = _x( 'Recently Updated', 'themes' ); + + $nonmenu_tabs = array( 'theme-information' ); // Valid actions to perform which do not have a Menu item. + + /** This filter is documented in wp-admin/theme-install.php */ + $tabs = apply_filters( 'install_themes_tabs', $tabs ); + + /** + * Filters tabs not associated with a menu item on the Install Themes screen. + * + * @since 2.8.0 + * + * @param string[] $nonmenu_tabs The tabs that don't have a menu item on + * the Install Themes screen. + */ + $nonmenu_tabs = apply_filters( 'install_themes_nonmenu_tabs', $nonmenu_tabs ); + + // If a non-valid menu tab has been selected, And it's not a non-menu action. + if ( empty( $tab ) || ( ! isset( $tabs[ $tab ] ) && ! in_array( $tab, (array) $nonmenu_tabs, true ) ) ) { + $tab = key( $tabs ); + } + + $args = array( + 'page' => $paged, + 'per_page' => $per_page, + 'fields' => $theme_field_defaults, + ); + + switch ( $tab ) { + case 'search': + $type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term'; + switch ( $type ) { + case 'tag': + $args['tag'] = array_map( 'sanitize_key', $search_terms ); + break; + case 'term': + $args['search'] = $search_string; + break; + case 'author': + $args['author'] = $search_string; + break; + } + + if ( ! empty( $this->features ) ) { + $args['tag'] = $this->features; + $_REQUEST['s'] = implode( ',', $this->features ); + $_REQUEST['type'] = 'tag'; + } + + add_action( 'install_themes_table_header', 'install_theme_search_form', 10, 0 ); + break; + + case 'featured': + // case 'popular': + case 'new': + case 'updated': + $args['browse'] = $tab; + break; + + default: + $args = false; + break; + } + + /** + * Filters API request arguments for each Install Themes screen tab. + * + * The dynamic portion of the hook name, `$tab`, refers to the theme install + * tab. + * + * Possible hook names include: + * + * - `install_themes_table_api_args_dashboard` + * - `install_themes_table_api_args_featured` + * - `install_themes_table_api_args_new` + * - `install_themes_table_api_args_search` + * - `install_themes_table_api_args_updated` + * - `install_themes_table_api_args_upload` + * + * @since 3.7.0 + * + * @param array|false $args Theme install API arguments. + */ + $args = apply_filters( "install_themes_table_api_args_{$tab}", $args ); + + if ( ! $args ) { + return; + } + + $api = themes_api( 'query_themes', $args ); + + if ( is_wp_error( $api ) ) { + wp_die( '<p>' . $api->get_error_message() . '</p> <p><a href="#" onclick="document.location.reload(); return false;">' . __( 'Try Again' ) . '</a></p>' ); + } + + $this->items = $api->themes; + + $this->set_pagination_args( + array( + 'total_items' => $api->info['results'], + 'per_page' => $args['per_page'], + 'infinite_scroll' => true, + ) + ); + } + + /** + */ + public function no_items() { + _e( 'No themes match your request.' ); + } + + /** + * @global array $tabs + * @global string $tab + * @return array + */ + protected function get_views() { + global $tabs, $tab; + + $display_tabs = array(); + foreach ( (array) $tabs as $action => $text ) { + $display_tabs[ 'theme-install-' . $action ] = array( + 'url' => self_admin_url( 'theme-install.php?tab=' . $action ), + 'label' => $text, + 'current' => $action === $tab, + ); + } + + return $this->get_views_links( $display_tabs ); + } + + /** + * Displays the theme install table. + * + * Overrides the parent display() method to provide a different container. + * + * @since 3.1.0 + */ + public function display() { + wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' ); + ?> + <div class="tablenav top themes"> + <div class="alignleft actions"> + <?php + /** + * Fires in the Install Themes list table header. + * + * @since 2.8.0 + */ + do_action( 'install_themes_table_header' ); + ?> + </div> + <?php $this->pagination( 'top' ); ?> + <br class="clear" /> + </div> + + <div id="availablethemes"> + <?php $this->display_rows_or_placeholder(); ?> + </div> + + <?php + $this->tablenav( 'bottom' ); + } + + /** + */ + public function display_rows() { + $themes = $this->items; + foreach ( $themes as $theme ) { + ?> + <div class="available-theme installable-theme"> + <?php + $this->single_row( $theme ); + ?> + </div> + <?php + } // End foreach $theme_names. + + $this->theme_installer(); + } + + /** + * Prints a theme from the WordPress.org API. + * + * @since 3.1.0 + * + * @global array $themes_allowedtags + * + * @param stdClass $theme { + * An object that contains theme data returned by the WordPress.org API. + * + * @type string $name Theme name, e.g. 'Twenty Twenty-One'. + * @type string $slug Theme slug, e.g. 'twentytwentyone'. + * @type string $version Theme version, e.g. '1.1'. + * @type string $author Theme author username, e.g. 'melchoyce'. + * @type string $preview_url Preview URL, e.g. 'https://2021.wordpress.net/'. + * @type string $screenshot_url Screenshot URL, e.g. 'https://wordpress.org/themes/twentytwentyone/'. + * @type float $rating Rating score. + * @type int $num_ratings The number of ratings. + * @type string $homepage Theme homepage, e.g. 'https://wordpress.org/themes/twentytwentyone/'. + * @type string $description Theme description. + * @type string $download_link Theme ZIP download URL. + * } + */ + public function single_row( $theme ) { + global $themes_allowedtags; + + if ( empty( $theme ) ) { + return; + } + + $name = wp_kses( $theme->name, $themes_allowedtags ); + $author = wp_kses( $theme->author, $themes_allowedtags ); + + /* translators: %s: Theme name. */ + $preview_title = sprintf( __( 'Preview “%s”' ), $name ); + $preview_url = add_query_arg( + array( + 'tab' => 'theme-information', + 'theme' => $theme->slug, + ), + self_admin_url( 'theme-install.php' ) + ); + + $actions = array(); + + $install_url = add_query_arg( + array( + 'action' => 'install-theme', + 'theme' => $theme->slug, + ), + self_admin_url( 'update.php' ) + ); + + $update_url = add_query_arg( + array( + 'action' => 'upgrade-theme', + 'theme' => $theme->slug, + ), + self_admin_url( 'update.php' ) + ); + + $status = $this->_get_theme_status( $theme ); + + switch ( $status ) { + case 'update_available': + $actions[] = sprintf( + '<a class="install-now" href="%s" title="%s">%s</a>', + esc_url( wp_nonce_url( $update_url, 'upgrade-theme_' . $theme->slug ) ), + /* translators: %s: Theme version. */ + esc_attr( sprintf( __( 'Update to version %s' ), $theme->version ) ), + __( 'Update' ) + ); + break; + case 'newer_installed': + case 'latest_installed': + $actions[] = sprintf( + '<span class="install-now" title="%s">%s</span>', + esc_attr__( 'This theme is already installed and is up to date' ), + _x( 'Installed', 'theme' ) + ); + break; + case 'install': + default: + $actions[] = sprintf( + '<a class="install-now" href="%s" title="%s">%s</a>', + esc_url( wp_nonce_url( $install_url, 'install-theme_' . $theme->slug ) ), + /* translators: %s: Theme name. */ + esc_attr( sprintf( _x( 'Install %s', 'theme' ), $name ) ), + __( 'Install Now' ) + ); + break; + } + + $actions[] = sprintf( + '<a class="install-theme-preview" href="%s" title="%s">%s</a>', + esc_url( $preview_url ), + /* translators: %s: Theme name. */ + esc_attr( sprintf( __( 'Preview %s' ), $name ) ), + __( 'Preview' ) + ); + + /** + * Filters the install action links for a theme in the Install Themes list table. + * + * @since 3.4.0 + * + * @param string[] $actions An array of theme action links. Defaults are + * links to Install Now, Preview, and Details. + * @param stdClass $theme An object that contains theme data returned by the + * WordPress.org API. + */ + $actions = apply_filters( 'theme_install_actions', $actions, $theme ); + + ?> + <a class="screenshot install-theme-preview" href="<?php echo esc_url( $preview_url ); ?>" title="<?php echo esc_attr( $preview_title ); ?>"> + <img src="<?php echo esc_url( $theme->screenshot_url . '?ver=' . $theme->version ); ?>" width="150" alt="" /> + </a> + + <h3><?php echo $name; ?></h3> + <div class="theme-author"> + <?php + /* translators: %s: Theme author. */ + printf( __( 'By %s' ), $author ); + ?> + </div> + + <div class="action-links"> + <ul> + <?php foreach ( $actions as $action ) : ?> + <li><?php echo $action; ?></li> + <?php endforeach; ?> + <li class="hide-if-no-js"><a href="#" class="theme-detail"><?php _e( 'Details' ); ?></a></li> + </ul> + </div> + + <?php + $this->install_theme_info( $theme ); + } + + /** + * Prints the wrapper for the theme installer. + */ + public function theme_installer() { + ?> + <div id="theme-installer" class="wp-full-overlay expanded"> + <div class="wp-full-overlay-sidebar"> + <div class="wp-full-overlay-header"> + <a href="#" class="close-full-overlay button"><?php _e( 'Close' ); ?></a> + <span class="theme-install"></span> + </div> + <div class="wp-full-overlay-sidebar-content"> + <div class="install-theme-info"></div> + </div> + <div class="wp-full-overlay-footer"> + <button type="button" class="collapse-sidebar button" aria-expanded="true" aria-label="<?php esc_attr_e( 'Collapse Sidebar' ); ?>"> + <span class="collapse-sidebar-arrow"></span> + <span class="collapse-sidebar-label"><?php _e( 'Collapse' ); ?></span> + </button> + </div> + </div> + <div class="wp-full-overlay-main"></div> + </div> + <?php + } + + /** + * Prints the wrapper for the theme installer with a provided theme's data. + * Used to make the theme installer work for no-js. + * + * @param stdClass $theme A WordPress.org Theme API object. + */ + public function theme_installer_single( $theme ) { + ?> + <div id="theme-installer" class="wp-full-overlay single-theme"> + <div class="wp-full-overlay-sidebar"> + <?php $this->install_theme_info( $theme ); ?> + </div> + <div class="wp-full-overlay-main"> + <iframe src="<?php echo esc_url( $theme->preview_url ); ?>"></iframe> + </div> + </div> + <?php + } + + /** + * Prints the info for a theme (to be used in the theme installer modal). + * + * @global array $themes_allowedtags + * + * @param stdClass $theme A WordPress.org Theme API object. + */ + public function install_theme_info( $theme ) { + global $themes_allowedtags; + + if ( empty( $theme ) ) { + return; + } + + $name = wp_kses( $theme->name, $themes_allowedtags ); + $author = wp_kses( $theme->author, $themes_allowedtags ); + + $install_url = add_query_arg( + array( + 'action' => 'install-theme', + 'theme' => $theme->slug, + ), + self_admin_url( 'update.php' ) + ); + + $update_url = add_query_arg( + array( + 'action' => 'upgrade-theme', + 'theme' => $theme->slug, + ), + self_admin_url( 'update.php' ) + ); + + $status = $this->_get_theme_status( $theme ); + + ?> + <div class="install-theme-info"> + <?php + switch ( $status ) { + case 'update_available': + printf( + '<a class="theme-install button button-primary" href="%s" title="%s">%s</a>', + esc_url( wp_nonce_url( $update_url, 'upgrade-theme_' . $theme->slug ) ), + /* translators: %s: Theme version. */ + esc_attr( sprintf( __( 'Update to version %s' ), $theme->version ) ), + __( 'Update' ) + ); + break; + case 'newer_installed': + case 'latest_installed': + printf( + '<span class="theme-install" title="%s">%s</span>', + esc_attr__( 'This theme is already installed and is up to date' ), + _x( 'Installed', 'theme' ) + ); + break; + case 'install': + default: + printf( + '<a class="theme-install button button-primary" href="%s">%s</a>', + esc_url( wp_nonce_url( $install_url, 'install-theme_' . $theme->slug ) ), + __( 'Install' ) + ); + break; + } + ?> + <h3 class="theme-name"><?php echo $name; ?></h3> + <span class="theme-by"> + <?php + /* translators: %s: Theme author. */ + printf( __( 'By %s' ), $author ); + ?> + </span> + <?php if ( isset( $theme->screenshot_url ) ) : ?> + <img class="theme-screenshot" src="<?php echo esc_url( $theme->screenshot_url . '?ver=' . $theme->version ); ?>" alt="" /> + <?php endif; ?> + <div class="theme-details"> + <?php + wp_star_rating( + array( + 'rating' => $theme->rating, + 'type' => 'percent', + 'number' => $theme->num_ratings, + ) + ); + ?> + <div class="theme-version"> + <strong><?php _e( 'Version:' ); ?> </strong> + <?php echo wp_kses( $theme->version, $themes_allowedtags ); ?> + </div> + <div class="theme-description"> + <?php echo wp_kses( $theme->description, $themes_allowedtags ); ?> + </div> + </div> + <input class="theme-preview-url" type="hidden" value="<?php echo esc_url( $theme->preview_url ); ?>" /> + </div> + <?php + } + + /** + * Send required variables to JavaScript land + * + * @since 3.4.0 + * + * @global string $tab Current tab within Themes->Install screen + * @global string $type Type of search. + * + * @param array $extra_args Unused. + */ + public function _js_vars( $extra_args = array() ) { + global $tab, $type; + parent::_js_vars( compact( 'tab', 'type' ) ); + } + + /** + * Checks to see if the theme is already installed. + * + * @since 3.4.0 + * + * @param stdClass $theme A WordPress.org Theme API object. + * @return string Theme status. + */ + private function _get_theme_status( $theme ) { + $status = 'install'; + + $installed_theme = wp_get_theme( $theme->slug ); + if ( $installed_theme->exists() ) { + if ( version_compare( $installed_theme->get( 'Version' ), $theme->version, '=' ) ) { + $status = 'latest_installed'; + } elseif ( version_compare( $installed_theme->get( 'Version' ), $theme->version, '>' ) ) { + $status = 'newer_installed'; + } else { + $status = 'update_available'; + } + } + + return $status; + } +} diff --git a/wp-admin/includes/class-wp-themes-list-table.php b/wp-admin/includes/class-wp-themes-list-table.php new file mode 100644 index 0000000..8d385f9 --- /dev/null +++ b/wp-admin/includes/class-wp-themes-list-table.php @@ -0,0 +1,360 @@ +<?php +/** + * List Table API: WP_Themes_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying installed themes in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Themes_List_Table extends WP_List_Table { + + protected $search_terms = array(); + public $features = array(); + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + parent::__construct( + array( + 'ajax' => true, + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + } + + /** + * @return bool + */ + public function ajax_user_can() { + // Do not check edit_theme_options here. Ajax calls for available themes require switch_themes. + return current_user_can( 'switch_themes' ); + } + + /** + */ + public function prepare_items() { + $themes = wp_get_themes( array( 'allowed' => true ) ); + + if ( ! empty( $_REQUEST['s'] ) ) { + $this->search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', strtolower( wp_unslash( $_REQUEST['s'] ) ) ) ) ) ); + } + + if ( ! empty( $_REQUEST['features'] ) ) { + $this->features = $_REQUEST['features']; + } + + if ( $this->search_terms || $this->features ) { + foreach ( $themes as $key => $theme ) { + if ( ! $this->search_theme( $theme ) ) { + unset( $themes[ $key ] ); + } + } + } + + unset( $themes[ get_option( 'stylesheet' ) ] ); + WP_Theme::sort_by_name( $themes ); + + $per_page = 36; + $page = $this->get_pagenum(); + + $start = ( $page - 1 ) * $per_page; + + $this->items = array_slice( $themes, $start, $per_page, true ); + + $this->set_pagination_args( + array( + 'total_items' => count( $themes ), + 'per_page' => $per_page, + 'infinite_scroll' => true, + ) + ); + } + + /** + */ + public function no_items() { + if ( $this->search_terms || $this->features ) { + _e( 'No items found.' ); + return; + } + + $blog_id = get_current_blog_id(); + if ( is_multisite() ) { + if ( current_user_can( 'install_themes' ) && current_user_can( 'manage_network_themes' ) ) { + printf( + /* translators: 1: URL to Themes tab on Edit Site screen, 2: URL to Add Themes screen. */ + __( 'You only have one theme enabled for this site right now. Visit the Network Admin to <a href="%1$s">enable</a> or <a href="%2$s">install</a> more themes.' ), + network_admin_url( 'site-themes.php?id=' . $blog_id ), + network_admin_url( 'theme-install.php' ) + ); + + return; + } elseif ( current_user_can( 'manage_network_themes' ) ) { + printf( + /* translators: %s: URL to Themes tab on Edit Site screen. */ + __( 'You only have one theme enabled for this site right now. Visit the Network Admin to <a href="%s">enable</a> more themes.' ), + network_admin_url( 'site-themes.php?id=' . $blog_id ) + ); + + return; + } + // Else, fallthrough. install_themes doesn't help if you can't enable it. + } else { + if ( current_user_can( 'install_themes' ) ) { + printf( + /* translators: %s: URL to Add Themes screen. */ + __( 'You only have one theme installed right now. Live a little! You can choose from over 1,000 free themes in the WordPress Theme Directory at any time: just click on the <a href="%s">Install Themes</a> tab above.' ), + admin_url( 'theme-install.php' ) + ); + + return; + } + } + // Fallthrough. + printf( + /* translators: %s: Network title. */ + __( 'Only the active theme is available to you. Contact the %s administrator for information about accessing additional themes.' ), + get_site_option( 'site_name' ) + ); + } + + /** + * @param string $which + */ + public function tablenav( $which = 'top' ) { + if ( $this->get_pagination_arg( 'total_pages' ) <= 1 ) { + return; + } + ?> + <div class="tablenav themes <?php echo $which; ?>"> + <?php $this->pagination( $which ); ?> + <span class="spinner"></span> + <br class="clear" /> + </div> + <?php + } + + /** + * Displays the themes table. + * + * Overrides the parent display() method to provide a different container. + * + * @since 3.1.0 + */ + public function display() { + wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' ); + ?> + <?php $this->tablenav( 'top' ); ?> + + <div id="availablethemes"> + <?php $this->display_rows_or_placeholder(); ?> + </div> + + <?php $this->tablenav( 'bottom' ); ?> + <?php + } + + /** + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + return array(); + } + + /** + */ + public function display_rows_or_placeholder() { + if ( $this->has_items() ) { + $this->display_rows(); + } else { + echo '<div class="no-items">'; + $this->no_items(); + echo '</div>'; + } + } + + /** + */ + public function display_rows() { + $themes = $this->items; + + foreach ( $themes as $theme ) : + ?> + <div class="available-theme"> + <?php + + $template = $theme->get_template(); + $stylesheet = $theme->get_stylesheet(); + $title = $theme->display( 'Name' ); + $version = $theme->display( 'Version' ); + $author = $theme->display( 'Author' ); + + $activate_link = wp_nonce_url( 'themes.php?action=activate&template=' . urlencode( $template ) . '&stylesheet=' . urlencode( $stylesheet ), 'switch-theme_' . $stylesheet ); + + $actions = array(); + $actions['activate'] = sprintf( + '<a href="%s" class="activatelink" title="%s">%s</a>', + $activate_link, + /* translators: %s: Theme name. */ + esc_attr( sprintf( _x( 'Activate “%s”', 'theme' ), $title ) ), + __( 'Activate' ) + ); + + if ( current_user_can( 'edit_theme_options' ) && current_user_can( 'customize' ) ) { + $actions['preview'] .= sprintf( + '<a href="%s" class="load-customize hide-if-no-customize">%s</a>', + wp_customize_url( $stylesheet ), + __( 'Live Preview' ) + ); + } + + if ( ! is_multisite() && current_user_can( 'delete_themes' ) ) { + $actions['delete'] = sprintf( + '<a class="submitdelete deletion" href="%s" onclick="return confirm( \'%s\' );">%s</a>', + wp_nonce_url( 'themes.php?action=delete&stylesheet=' . urlencode( $stylesheet ), 'delete-theme_' . $stylesheet ), + /* translators: %s: Theme name. */ + esc_js( sprintf( __( "You are about to delete this theme '%s'\n 'Cancel' to stop, 'OK' to delete." ), $title ) ), + __( 'Delete' ) + ); + } + + /** This filter is documented in wp-admin/includes/class-wp-ms-themes-list-table.php */ + $actions = apply_filters( 'theme_action_links', $actions, $theme, 'all' ); + + /** This filter is documented in wp-admin/includes/class-wp-ms-themes-list-table.php */ + $actions = apply_filters( "theme_action_links_{$stylesheet}", $actions, $theme, 'all' ); + $delete_action = isset( $actions['delete'] ) ? '<div class="delete-theme">' . $actions['delete'] . '</div>' : ''; + unset( $actions['delete'] ); + + $screenshot = $theme->get_screenshot(); + ?> + + <span class="screenshot hide-if-customize"> + <?php if ( $screenshot ) : ?> + <img src="<?php echo esc_url( $screenshot . '?ver=' . $theme->version ); ?>" alt="" /> + <?php endif; ?> + </span> + <a href="<?php echo wp_customize_url( $stylesheet ); ?>" class="screenshot load-customize hide-if-no-customize"> + <?php if ( $screenshot ) : ?> + <img src="<?php echo esc_url( $screenshot . '?ver=' . $theme->version ); ?>" alt="" /> + <?php endif; ?> + </a> + + <h3><?php echo $title; ?></h3> + <div class="theme-author"> + <?php + /* translators: %s: Theme author. */ + printf( __( 'By %s' ), $author ); + ?> + </div> + <div class="action-links"> + <ul> + <?php foreach ( $actions as $action ) : ?> + <li><?php echo $action; ?></li> + <?php endforeach; ?> + <li class="hide-if-no-js"><a href="#" class="theme-detail"><?php _e( 'Details' ); ?></a></li> + </ul> + <?php echo $delete_action; ?> + + <?php theme_update_available( $theme ); ?> + </div> + + <div class="themedetaildiv hide-if-js"> + <p><strong><?php _e( 'Version:' ); ?></strong> <?php echo $version; ?></p> + <p><?php echo $theme->display( 'Description' ); ?></p> + <?php + if ( $theme->parent() ) { + printf( + /* translators: 1: Link to documentation on child themes, 2: Name of parent theme. */ + ' <p class="howto">' . __( 'This <a href="%1$s">child theme</a> requires its parent theme, %2$s.' ) . '</p>', + __( 'https://developer.wordpress.org/themes/advanced-topics/child-themes/' ), + $theme->parent()->display( 'Name' ) + ); + } + ?> + </div> + + </div> + <?php + endforeach; + } + + /** + * @param WP_Theme $theme + * @return bool + */ + public function search_theme( $theme ) { + // Search the features. + foreach ( $this->features as $word ) { + if ( ! in_array( $word, $theme->get( 'Tags' ), true ) ) { + return false; + } + } + + // Match all phrases. + foreach ( $this->search_terms as $word ) { + if ( in_array( $word, $theme->get( 'Tags' ), true ) ) { + continue; + } + + foreach ( array( 'Name', 'Description', 'Author', 'AuthorURI' ) as $header ) { + // Don't mark up; Do translate. + if ( false !== stripos( strip_tags( $theme->display( $header, false, true ) ), $word ) ) { + continue 2; + } + } + + if ( false !== stripos( $theme->get_stylesheet(), $word ) ) { + continue; + } + + if ( false !== stripos( $theme->get_template(), $word ) ) { + continue; + } + + return false; + } + + return true; + } + + /** + * Send required variables to JavaScript land + * + * @since 3.4.0 + * + * @param array $extra_args + */ + public function _js_vars( $extra_args = array() ) { + $search_string = isset( $_REQUEST['s'] ) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : ''; + + $args = array( + 'search' => $search_string, + 'features' => $this->features, + 'paged' => $this->get_pagenum(), + 'total_pages' => ! empty( $this->_pagination_args['total_pages'] ) ? $this->_pagination_args['total_pages'] : 1, + ); + + if ( is_array( $extra_args ) ) { + $args = array_merge( $args, $extra_args ); + } + + printf( "<script type='text/javascript'>var theme_list_args = %s;</script>\n", wp_json_encode( $args ) ); + parent::_js_vars(); + } +} diff --git a/wp-admin/includes/class-wp-upgrader-skin.php b/wp-admin/includes/class-wp-upgrader-skin.php new file mode 100644 index 0000000..598724f --- /dev/null +++ b/wp-admin/includes/class-wp-upgrader-skin.php @@ -0,0 +1,278 @@ +<?php +/** + * Upgrader API: WP_Upgrader_Skin class + * + * @package WordPress + * @subpackage Upgrader + * @since 4.6.0 + */ + +/** + * Generic Skin for the WordPress Upgrader classes. This skin is designed to be extended for specific purposes. + * + * @since 2.8.0 + * @since 4.6.0 Moved to its own file from wp-admin/includes/class-wp-upgrader-skins.php. + */ +#[AllowDynamicProperties] +class WP_Upgrader_Skin { + + /** + * Holds the upgrader data. + * + * @since 2.8.0 + * + * @var WP_Upgrader + */ + public $upgrader; + + /** + * Whether header is done. + * + * @since 2.8.0 + * + * @var bool + */ + public $done_header = false; + + /** + * Whether footer is done. + * + * @since 2.8.0 + * + * @var bool + */ + public $done_footer = false; + + /** + * Holds the result of an upgrade. + * + * @since 2.8.0 + * + * @var string|bool|WP_Error + */ + public $result = false; + + /** + * Holds the options of an upgrade. + * + * @since 2.8.0 + * + * @var array + */ + public $options = array(); + + /** + * Constructor. + * + * Sets up the generic skin for the WordPress Upgrader classes. + * + * @since 2.8.0 + * + * @param array $args Optional. The WordPress upgrader skin arguments to + * override default options. Default empty array. + */ + public function __construct( $args = array() ) { + $defaults = array( + 'url' => '', + 'nonce' => '', + 'title' => '', + 'context' => false, + ); + $this->options = wp_parse_args( $args, $defaults ); + } + + /** + * @since 2.8.0 + * + * @param WP_Upgrader $upgrader + */ + public function set_upgrader( &$upgrader ) { + if ( is_object( $upgrader ) ) { + $this->upgrader =& $upgrader; + } + $this->add_strings(); + } + + /** + * @since 3.0.0 + */ + public function add_strings() { + } + + /** + * Sets the result of an upgrade. + * + * @since 2.8.0 + * + * @param string|bool|WP_Error $result The result of an upgrade. + */ + public function set_result( $result ) { + $this->result = $result; + } + + /** + * Displays a form to the user to request for their FTP/SSH details in order + * to connect to the filesystem. + * + * @since 2.8.0 + * @since 4.6.0 The `$context` parameter default changed from `false` to an empty string. + * + * @see request_filesystem_credentials() + * + * @param bool|WP_Error $error Optional. Whether the current request has failed to connect, + * or an error object. Default false. + * @param string $context Optional. Full path to the directory that is tested + * for being writable. Default empty. + * @param bool $allow_relaxed_file_ownership Optional. Whether to allow Group/World writable. Default false. + * @return bool True on success, false on failure. + */ + public function request_filesystem_credentials( $error = false, $context = '', $allow_relaxed_file_ownership = false ) { + $url = $this->options['url']; + if ( ! $context ) { + $context = $this->options['context']; + } + if ( ! empty( $this->options['nonce'] ) ) { + $url = wp_nonce_url( $url, $this->options['nonce'] ); + } + + $extra_fields = array(); + + return request_filesystem_credentials( $url, '', $error, $context, $extra_fields, $allow_relaxed_file_ownership ); + } + + /** + * @since 2.8.0 + */ + public function header() { + if ( $this->done_header ) { + return; + } + $this->done_header = true; + echo '<div class="wrap">'; + echo '<h1>' . $this->options['title'] . '</h1>'; + } + + /** + * @since 2.8.0 + */ + public function footer() { + if ( $this->done_footer ) { + return; + } + $this->done_footer = true; + echo '</div>'; + } + + /** + * @since 2.8.0 + * + * @param string|WP_Error $errors Errors. + */ + public function error( $errors ) { + if ( ! $this->done_header ) { + $this->header(); + } + if ( is_string( $errors ) ) { + $this->feedback( $errors ); + } elseif ( is_wp_error( $errors ) && $errors->has_errors() ) { + foreach ( $errors->get_error_messages() as $message ) { + if ( $errors->get_error_data() && is_string( $errors->get_error_data() ) ) { + $this->feedback( $message . ' ' . esc_html( strip_tags( $errors->get_error_data() ) ) ); + } else { + $this->feedback( $message ); + } + } + } + } + + /** + * @since 2.8.0 + * @since 5.9.0 Renamed `$string` (a PHP reserved keyword) to `$feedback` for PHP 8 named parameter support. + * + * @param string $feedback Message data. + * @param mixed ...$args Optional text replacements. + */ + public function feedback( $feedback, ...$args ) { + if ( isset( $this->upgrader->strings[ $feedback ] ) ) { + $feedback = $this->upgrader->strings[ $feedback ]; + } + + if ( str_contains( $feedback, '%' ) ) { + if ( $args ) { + $args = array_map( 'strip_tags', $args ); + $args = array_map( 'esc_html', $args ); + $feedback = vsprintf( $feedback, $args ); + } + } + if ( empty( $feedback ) ) { + return; + } + show_message( $feedback ); + } + + /** + * Performs an action before an update. + * + * @since 2.8.0 + */ + public function before() {} + + /** + * Performs and action following an update. + * + * @since 2.8.0 + */ + public function after() {} + + /** + * Outputs JavaScript that calls function to decrement the update counts. + * + * @since 3.9.0 + * + * @param string $type Type of update count to decrement. Likely values include 'plugin', + * 'theme', 'translation', etc. + */ + protected function decrement_update_count( $type ) { + if ( ! $this->result || is_wp_error( $this->result ) || 'up_to_date' === $this->result ) { + return; + } + + if ( defined( 'IFRAME_REQUEST' ) ) { + echo '<script type="text/javascript"> + if ( window.postMessage && JSON ) { + window.parent.postMessage( JSON.stringify( { action: "decrementUpdateCount", upgradeType: "' . $type . '" } ), window.location.protocol + "//" + window.location.hostname ); + } + </script>'; + } else { + echo '<script type="text/javascript"> + (function( wp ) { + if ( wp && wp.updates && wp.updates.decrementCount ) { + wp.updates.decrementCount( "' . $type . '" ); + } + })( window.wp ); + </script>'; + } + } + + /** + * @since 3.0.0 + */ + public function bulk_header() {} + + /** + * @since 3.0.0 + */ + public function bulk_footer() {} + + /** + * Hides the `process_failed` error message when updating by uploading a zip file. + * + * @since 5.5.0 + * + * @param WP_Error $wp_error WP_Error object. + * @return bool True if the error should be hidden, false otherwise. + */ + public function hide_process_failed( $wp_error ) { + return false; + } +} diff --git a/wp-admin/includes/class-wp-upgrader-skins.php b/wp-admin/includes/class-wp-upgrader-skins.php new file mode 100644 index 0000000..636ce18 --- /dev/null +++ b/wp-admin/includes/class-wp-upgrader-skins.php @@ -0,0 +1,44 @@ +<?php +/** + * The User Interface "Skins" for the WordPress File Upgrader + * + * @package WordPress + * @subpackage Upgrader + * @since 2.8.0 + * @deprecated 4.7.0 + */ + +_deprecated_file( basename( __FILE__ ), '4.7.0', 'class-wp-upgrader.php' ); + +/** WP_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader-skin.php'; + +/** Plugin_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-plugin-upgrader-skin.php'; + +/** Theme_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-theme-upgrader-skin.php'; + +/** Bulk_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-upgrader-skin.php'; + +/** Bulk_Plugin_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-plugin-upgrader-skin.php'; + +/** Bulk_Theme_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-theme-upgrader-skin.php'; + +/** Plugin_Installer_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-plugin-installer-skin.php'; + +/** Theme_Installer_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-theme-installer-skin.php'; + +/** Language_Pack_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-language-pack-upgrader-skin.php'; + +/** Automatic_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-automatic-upgrader-skin.php'; + +/** WP_Ajax_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-ajax-upgrader-skin.php'; diff --git a/wp-admin/includes/class-wp-upgrader.php b/wp-admin/includes/class-wp-upgrader.php new file mode 100644 index 0000000..1fbfa99 --- /dev/null +++ b/wp-admin/includes/class-wp-upgrader.php @@ -0,0 +1,1236 @@ +<?php +/** + * Upgrade API: WP_Upgrader class + * + * Requires skin classes and WP_Upgrader subclasses for backward compatibility. + * + * @package WordPress + * @subpackage Upgrader + * @since 2.8.0 + */ + +/** WP_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader-skin.php'; + +/** Plugin_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-plugin-upgrader-skin.php'; + +/** Theme_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-theme-upgrader-skin.php'; + +/** Bulk_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-upgrader-skin.php'; + +/** Bulk_Plugin_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-plugin-upgrader-skin.php'; + +/** Bulk_Theme_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-bulk-theme-upgrader-skin.php'; + +/** Plugin_Installer_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-plugin-installer-skin.php'; + +/** Theme_Installer_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-theme-installer-skin.php'; + +/** Language_Pack_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-language-pack-upgrader-skin.php'; + +/** Automatic_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-automatic-upgrader-skin.php'; + +/** WP_Ajax_Upgrader_Skin class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-ajax-upgrader-skin.php'; + +/** + * Core class used for upgrading/installing a local set of files via + * the Filesystem Abstraction classes from a Zip file. + * + * @since 2.8.0 + */ +#[AllowDynamicProperties] +class WP_Upgrader { + + /** + * The error/notification strings used to update the user on the progress. + * + * @since 2.8.0 + * @var array $strings + */ + public $strings = array(); + + /** + * The upgrader skin being used. + * + * @since 2.8.0 + * @var Automatic_Upgrader_Skin|WP_Upgrader_Skin $skin + */ + public $skin = null; + + /** + * The result of the installation. + * + * This is set by WP_Upgrader::install_package(), only when the package is installed + * successfully. It will then be an array, unless a WP_Error is returned by the + * {@see 'upgrader_post_install'} filter. In that case, the WP_Error will be assigned to + * it. + * + * @since 2.8.0 + * + * @var array|WP_Error $result { + * @type string $source The full path to the source the files were installed from. + * @type string $source_files List of all the files in the source directory. + * @type string $destination The full path to the installation destination folder. + * @type string $destination_name The name of the destination folder, or empty if `$destination` + * and `$local_destination` are the same. + * @type string $local_destination The full local path to the destination folder. This is usually + * the same as `$destination`. + * @type string $remote_destination The full remote path to the destination folder + * (i.e., from `$wp_filesystem`). + * @type bool $clear_destination Whether the destination folder was cleared. + * } + */ + public $result = array(); + + /** + * The total number of updates being performed. + * + * Set by the bulk update methods. + * + * @since 3.0.0 + * @var int $update_count + */ + public $update_count = 0; + + /** + * The current update if multiple updates are being performed. + * + * Used by the bulk update methods, and incremented for each update. + * + * @since 3.0.0 + * @var int + */ + public $update_current = 0; + + /** + * Stores the list of plugins or themes added to temporary backup directory. + * + * Used by the rollback functions. + * + * @since 6.3.0 + * @var array + */ + private $temp_backups = array(); + + /** + * Stores the list of plugins or themes to be restored from temporary backup directory. + * + * Used by the rollback functions. + * + * @since 6.3.0 + * @var array + */ + private $temp_restores = array(); + + /** + * Construct the upgrader with a skin. + * + * @since 2.8.0 + * + * @param WP_Upgrader_Skin $skin The upgrader skin to use. Default is a WP_Upgrader_Skin + * instance. + */ + public function __construct( $skin = null ) { + if ( null === $skin ) { + $this->skin = new WP_Upgrader_Skin(); + } else { + $this->skin = $skin; + } + } + + /** + * Initializes the upgrader. + * + * This will set the relationship between the skin being used and this upgrader, + * and also add the generic strings to `WP_Upgrader::$strings`. + * + * Additionally, it will schedule a weekly task to clean up the temporary backup directory. + * + * @since 2.8.0 + * @since 6.3.0 Added the `schedule_temp_backup_cleanup()` task. + */ + public function init() { + $this->skin->set_upgrader( $this ); + $this->generic_strings(); + + if ( ! wp_installing() ) { + $this->schedule_temp_backup_cleanup(); + } + } + + /** + * Schedules the cleanup of the temporary backup directory. + * + * @since 6.3.0 + */ + protected function schedule_temp_backup_cleanup() { + if ( false === wp_next_scheduled( 'wp_delete_temp_updater_backups' ) ) { + wp_schedule_event( time(), 'weekly', 'wp_delete_temp_updater_backups' ); + } + } + + /** + * Adds the generic strings to WP_Upgrader::$strings. + * + * @since 2.8.0 + */ + public function generic_strings() { + $this->strings['bad_request'] = __( 'Invalid data provided.' ); + $this->strings['fs_unavailable'] = __( 'Could not access filesystem.' ); + $this->strings['fs_error'] = __( 'Filesystem error.' ); + $this->strings['fs_no_root_dir'] = __( 'Unable to locate WordPress root directory.' ); + /* translators: %s: Directory name. */ + $this->strings['fs_no_content_dir'] = sprintf( __( 'Unable to locate WordPress content directory (%s).' ), 'wp-content' ); + $this->strings['fs_no_plugins_dir'] = __( 'Unable to locate WordPress plugin directory.' ); + $this->strings['fs_no_themes_dir'] = __( 'Unable to locate WordPress theme directory.' ); + /* translators: %s: Directory name. */ + $this->strings['fs_no_folder'] = __( 'Unable to locate needed folder (%s).' ); + + $this->strings['download_failed'] = __( 'Download failed.' ); + $this->strings['installing_package'] = __( 'Installing the latest version…' ); + $this->strings['no_files'] = __( 'The package contains no files.' ); + $this->strings['folder_exists'] = __( 'Destination folder already exists.' ); + $this->strings['mkdir_failed'] = __( 'Could not create directory.' ); + $this->strings['incompatible_archive'] = __( 'The package could not be installed.' ); + $this->strings['files_not_writable'] = __( 'The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.' ); + + $this->strings['maintenance_start'] = __( 'Enabling Maintenance mode…' ); + $this->strings['maintenance_end'] = __( 'Disabling Maintenance mode…' ); + + /* translators: %s: upgrade-temp-backup */ + $this->strings['temp_backup_mkdir_failed'] = sprintf( __( 'Could not create the %s directory.' ), 'upgrade-temp-backup' ); + /* translators: %s: upgrade-temp-backup */ + $this->strings['temp_backup_move_failed'] = sprintf( __( 'Could not move the old version to the %s directory.' ), 'upgrade-temp-backup' ); + /* translators: %s: The plugin or theme slug. */ + $this->strings['temp_backup_restore_failed'] = __( 'Could not restore the original version of %s.' ); + /* translators: %s: The plugin or theme slug. */ + $this->strings['temp_backup_delete_failed'] = __( 'Could not delete the temporary backup directory for %s.' ); + } + + /** + * Connects to the filesystem. + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string[] $directories Optional. Array of directories. If any of these do + * not exist, a WP_Error object will be returned. + * Default empty array. + * @param bool $allow_relaxed_file_ownership Whether to allow relaxed file ownership. + * Default false. + * @return bool|WP_Error True if able to connect, false or a WP_Error otherwise. + */ + public function fs_connect( $directories = array(), $allow_relaxed_file_ownership = false ) { + global $wp_filesystem; + + $credentials = $this->skin->request_filesystem_credentials( false, $directories[0], $allow_relaxed_file_ownership ); + if ( false === $credentials ) { + return false; + } + + if ( ! WP_Filesystem( $credentials, $directories[0], $allow_relaxed_file_ownership ) ) { + $error = true; + if ( is_object( $wp_filesystem ) && $wp_filesystem->errors->has_errors() ) { + $error = $wp_filesystem->errors; + } + // Failed to connect. Error and request again. + $this->skin->request_filesystem_credentials( $error, $directories[0], $allow_relaxed_file_ownership ); + return false; + } + + if ( ! is_object( $wp_filesystem ) ) { + return new WP_Error( 'fs_unavailable', $this->strings['fs_unavailable'] ); + } + + if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + return new WP_Error( 'fs_error', $this->strings['fs_error'], $wp_filesystem->errors ); + } + + foreach ( (array) $directories as $dir ) { + switch ( $dir ) { + case ABSPATH: + if ( ! $wp_filesystem->abspath() ) { + return new WP_Error( 'fs_no_root_dir', $this->strings['fs_no_root_dir'] ); + } + break; + case WP_CONTENT_DIR: + if ( ! $wp_filesystem->wp_content_dir() ) { + return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] ); + } + break; + case WP_PLUGIN_DIR: + if ( ! $wp_filesystem->wp_plugins_dir() ) { + return new WP_Error( 'fs_no_plugins_dir', $this->strings['fs_no_plugins_dir'] ); + } + break; + case get_theme_root(): + if ( ! $wp_filesystem->wp_themes_dir() ) { + return new WP_Error( 'fs_no_themes_dir', $this->strings['fs_no_themes_dir'] ); + } + break; + default: + if ( ! $wp_filesystem->find_folder( $dir ) ) { + return new WP_Error( 'fs_no_folder', sprintf( $this->strings['fs_no_folder'], esc_html( basename( $dir ) ) ) ); + } + break; + } + } + return true; + } + + /** + * Downloads a package. + * + * @since 2.8.0 + * @since 5.2.0 Added the `$check_signatures` parameter. + * @since 5.5.0 Added the `$hook_extra` parameter. + * + * @param string $package The URI of the package. If this is the full path to an + * existing local file, it will be returned untouched. + * @param bool $check_signatures Whether to validate file signatures. Default false. + * @param array $hook_extra Extra arguments to pass to the filter hooks. Default empty array. + * @return string|WP_Error The full path to the downloaded package file, or a WP_Error object. + */ + public function download_package( $package, $check_signatures = false, $hook_extra = array() ) { + /** + * Filters whether to return the package. + * + * @since 3.7.0 + * @since 5.5.0 Added the `$hook_extra` parameter. + * + * @param bool $reply Whether to bail without returning the package. + * Default false. + * @param string $package The package file name. + * @param WP_Upgrader $upgrader The WP_Upgrader instance. + * @param array $hook_extra Extra arguments passed to hooked filters. + */ + $reply = apply_filters( 'upgrader_pre_download', false, $package, $this, $hook_extra ); + if ( false !== $reply ) { + return $reply; + } + + if ( ! preg_match( '!^(http|https|ftp)://!i', $package ) && file_exists( $package ) ) { // Local file or remote? + return $package; // Must be a local file. + } + + if ( empty( $package ) ) { + return new WP_Error( 'no_package', $this->strings['no_package'] ); + } + + $this->skin->feedback( 'downloading_package', $package ); + + $download_file = download_url( $package, 300, $check_signatures ); + + if ( is_wp_error( $download_file ) && ! $download_file->get_error_data( 'softfail-filename' ) ) { + return new WP_Error( 'download_failed', $this->strings['download_failed'], $download_file->get_error_message() ); + } + + return $download_file; + } + + /** + * Unpacks a compressed package file. + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $package Full path to the package file. + * @param bool $delete_package Optional. Whether to delete the package file after attempting + * to unpack it. Default true. + * @return string|WP_Error The path to the unpacked contents, or a WP_Error on failure. + */ + public function unpack_package( $package, $delete_package = true ) { + global $wp_filesystem; + + $this->skin->feedback( 'unpack_package' ); + + if ( ! $wp_filesystem->wp_content_dir() ) { + return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] ); + } + + $upgrade_folder = $wp_filesystem->wp_content_dir() . 'upgrade/'; + + // Clean up contents of upgrade directory beforehand. + $upgrade_files = $wp_filesystem->dirlist( $upgrade_folder ); + if ( ! empty( $upgrade_files ) ) { + foreach ( $upgrade_files as $file ) { + $wp_filesystem->delete( $upgrade_folder . $file['name'], true ); + } + } + + // We need a working directory - strip off any .tmp or .zip suffixes. + $working_dir = $upgrade_folder . basename( basename( $package, '.tmp' ), '.zip' ); + + // Clean up working directory. + if ( $wp_filesystem->is_dir( $working_dir ) ) { + $wp_filesystem->delete( $working_dir, true ); + } + + // Unzip package to working directory. + $result = unzip_file( $package, $working_dir ); + + // Once extracted, delete the package if required. + if ( $delete_package ) { + unlink( $package ); + } + + if ( is_wp_error( $result ) ) { + $wp_filesystem->delete( $working_dir, true ); + if ( 'incompatible_archive' === $result->get_error_code() ) { + return new WP_Error( 'incompatible_archive', $this->strings['incompatible_archive'], $result->get_error_data() ); + } + return $result; + } + + return $working_dir; + } + + /** + * Flattens the results of WP_Filesystem_Base::dirlist() for iterating over. + * + * @since 4.9.0 + * @access protected + * + * @param array $nested_files Array of files as returned by WP_Filesystem_Base::dirlist(). + * @param string $path Relative path to prepend to child nodes. Optional. + * @return array A flattened array of the $nested_files specified. + */ + protected function flatten_dirlist( $nested_files, $path = '' ) { + $files = array(); + + foreach ( $nested_files as $name => $details ) { + $files[ $path . $name ] = $details; + + // Append children recursively. + if ( ! empty( $details['files'] ) ) { + $children = $this->flatten_dirlist( $details['files'], $path . $name . '/' ); + + // Merge keeping possible numeric keys, which array_merge() will reindex from 0..n. + $files = $files + $children; + } + } + + return $files; + } + + /** + * Clears the directory where this item is going to be installed into. + * + * @since 4.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $remote_destination The location on the remote filesystem to be cleared. + * @return true|WP_Error True upon success, WP_Error on failure. + */ + public function clear_destination( $remote_destination ) { + global $wp_filesystem; + + $files = $wp_filesystem->dirlist( $remote_destination, true, true ); + + // False indicates that the $remote_destination doesn't exist. + if ( false === $files ) { + return true; + } + + // Flatten the file list to iterate over. + $files = $this->flatten_dirlist( $files ); + + // Check all files are writable before attempting to clear the destination. + $unwritable_files = array(); + + // Check writability. + foreach ( $files as $filename => $file_details ) { + if ( ! $wp_filesystem->is_writable( $remote_destination . $filename ) ) { + // Attempt to alter permissions to allow writes and try again. + $wp_filesystem->chmod( $remote_destination . $filename, ( 'd' === $file_details['type'] ? FS_CHMOD_DIR : FS_CHMOD_FILE ) ); + if ( ! $wp_filesystem->is_writable( $remote_destination . $filename ) ) { + $unwritable_files[] = $filename; + } + } + } + + if ( ! empty( $unwritable_files ) ) { + return new WP_Error( 'files_not_writable', $this->strings['files_not_writable'], implode( ', ', $unwritable_files ) ); + } + + if ( ! $wp_filesystem->delete( $remote_destination, true ) ) { + return new WP_Error( 'remove_old_failed', $this->strings['remove_old_failed'] ); + } + + return true; + } + + /** + * Install a package. + * + * Copies the contents of a package from a source directory, and installs them in + * a destination directory. Optionally removes the source. It can also optionally + * clear out the destination folder if it already exists. + * + * @since 2.8.0 + * @since 6.2.0 Use move_dir() instead of copy_dir() when possible. + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global array $wp_theme_directories + * + * @param array|string $args { + * Optional. Array or string of arguments for installing a package. Default empty array. + * + * @type string $source Required path to the package source. Default empty. + * @type string $destination Required path to a folder to install the package in. + * Default empty. + * @type bool $clear_destination Whether to delete any files already in the destination + * folder. Default false. + * @type bool $clear_working Whether to delete the files from the working directory + * after copying them to the destination. Default false. + * @type bool $abort_if_destination_exists Whether to abort the installation if + * the destination folder already exists. Default true. + * @type array $hook_extra Extra arguments to pass to the filter hooks called by + * WP_Upgrader::install_package(). Default empty array. + * } + * + * @return array|WP_Error The result (also stored in `WP_Upgrader::$result`), or a WP_Error on failure. + */ + public function install_package( $args = array() ) { + global $wp_filesystem, $wp_theme_directories; + + $defaults = array( + 'source' => '', // Please always pass this. + 'destination' => '', // ...and this. + 'clear_destination' => false, + 'clear_working' => false, + 'abort_if_destination_exists' => true, + 'hook_extra' => array(), + ); + + $args = wp_parse_args( $args, $defaults ); + + // These were previously extract()'d. + $source = $args['source']; + $destination = $args['destination']; + $clear_destination = $args['clear_destination']; + + if ( function_exists( 'set_time_limit' ) ) { + set_time_limit( 300 ); + } + + if ( empty( $source ) || empty( $destination ) ) { + return new WP_Error( 'bad_request', $this->strings['bad_request'] ); + } + $this->skin->feedback( 'installing_package' ); + + /** + * Filters the installation response before the installation has started. + * + * Returning a value that could be evaluated as a `WP_Error` will effectively + * short-circuit the installation, returning that value instead. + * + * @since 2.8.0 + * + * @param bool|WP_Error $response Installation response. + * @param array $hook_extra Extra arguments passed to hooked filters. + */ + $res = apply_filters( 'upgrader_pre_install', true, $args['hook_extra'] ); + + if ( is_wp_error( $res ) ) { + return $res; + } + + // Retain the original source and destinations. + $remote_source = $args['source']; + $local_destination = $destination; + + $source_files = array_keys( $wp_filesystem->dirlist( $remote_source ) ); + $remote_destination = $wp_filesystem->find_folder( $local_destination ); + + // Locate which directory to copy to the new folder. This is based on the actual folder holding the files. + if ( 1 === count( $source_files ) && $wp_filesystem->is_dir( trailingslashit( $args['source'] ) . $source_files[0] . '/' ) ) { + // Only one folder? Then we want its contents. + $source = trailingslashit( $args['source'] ) . trailingslashit( $source_files[0] ); + } elseif ( 0 === count( $source_files ) ) { + // There are no files? + return new WP_Error( 'incompatible_archive_empty', $this->strings['incompatible_archive'], $this->strings['no_files'] ); + } else { + /* + * It's only a single file, the upgrader will use the folder name of this file as the destination folder. + * Folder name is based on zip filename. + */ + $source = trailingslashit( $args['source'] ); + } + + /** + * Filters the source file location for the upgrade package. + * + * @since 2.8.0 + * @since 4.4.0 The $hook_extra parameter became available. + * + * @param string $source File source location. + * @param string $remote_source Remote file source location. + * @param WP_Upgrader $upgrader WP_Upgrader instance. + * @param array $hook_extra Extra arguments passed to hooked filters. + */ + $source = apply_filters( 'upgrader_source_selection', $source, $remote_source, $this, $args['hook_extra'] ); + + if ( is_wp_error( $source ) ) { + return $source; + } + + if ( ! empty( $args['hook_extra']['temp_backup'] ) ) { + $temp_backup = $this->move_to_temp_backup_dir( $args['hook_extra']['temp_backup'] ); + + if ( is_wp_error( $temp_backup ) ) { + return $temp_backup; + } + + $this->temp_backups[] = $args['hook_extra']['temp_backup']; + } + + // Has the source location changed? If so, we need a new source_files list. + if ( $source !== $remote_source ) { + $source_files = array_keys( $wp_filesystem->dirlist( $source ) ); + } + + /* + * Protection against deleting files in any important base directories. + * Theme_Upgrader & Plugin_Upgrader also trigger this, as they pass the + * destination directory (WP_PLUGIN_DIR / wp-content/themes) intending + * to copy the directory into the directory, whilst they pass the source + * as the actual files to copy. + */ + $protected_directories = array( ABSPATH, WP_CONTENT_DIR, WP_PLUGIN_DIR, WP_CONTENT_DIR . '/themes' ); + + if ( is_array( $wp_theme_directories ) ) { + $protected_directories = array_merge( $protected_directories, $wp_theme_directories ); + } + + if ( in_array( $destination, $protected_directories, true ) ) { + $remote_destination = trailingslashit( $remote_destination ) . trailingslashit( basename( $source ) ); + $destination = trailingslashit( $destination ) . trailingslashit( basename( $source ) ); + } + + if ( $clear_destination ) { + // We're going to clear the destination if there's something there. + $this->skin->feedback( 'remove_old' ); + + $removed = $this->clear_destination( $remote_destination ); + + /** + * Filters whether the upgrader cleared the destination. + * + * @since 2.8.0 + * + * @param true|WP_Error $removed Whether the destination was cleared. + * True upon success, WP_Error on failure. + * @param string $local_destination The local package destination. + * @param string $remote_destination The remote package destination. + * @param array $hook_extra Extra arguments passed to hooked filters. + */ + $removed = apply_filters( 'upgrader_clear_destination', $removed, $local_destination, $remote_destination, $args['hook_extra'] ); + + if ( is_wp_error( $removed ) ) { + return $removed; + } + } elseif ( $args['abort_if_destination_exists'] && $wp_filesystem->exists( $remote_destination ) ) { + /* + * If we're not clearing the destination folder and something exists there already, bail. + * But first check to see if there are actually any files in the folder. + */ + $_files = $wp_filesystem->dirlist( $remote_destination ); + if ( ! empty( $_files ) ) { + $wp_filesystem->delete( $remote_source, true ); // Clear out the source files. + return new WP_Error( 'folder_exists', $this->strings['folder_exists'], $remote_destination ); + } + } + + /* + * If 'clear_working' is false, the source should not be removed, so use copy_dir() instead. + * + * Partial updates, like language packs, may want to retain the destination. + * If the destination exists or has contents, this may be a partial update, + * and the destination should not be removed, so use copy_dir() instead. + */ + if ( $args['clear_working'] + && ( + // Destination does not exist or has no contents. + ! $wp_filesystem->exists( $remote_destination ) + || empty( $wp_filesystem->dirlist( $remote_destination ) ) + ) + ) { + $result = move_dir( $source, $remote_destination, true ); + } else { + // Create destination if needed. + if ( ! $wp_filesystem->exists( $remote_destination ) ) { + if ( ! $wp_filesystem->mkdir( $remote_destination, FS_CHMOD_DIR ) ) { + return new WP_Error( 'mkdir_failed_destination', $this->strings['mkdir_failed'], $remote_destination ); + } + } + $result = copy_dir( $source, $remote_destination ); + } + + // Clear the working directory? + if ( $args['clear_working'] ) { + $wp_filesystem->delete( $remote_source, true ); + } + + if ( is_wp_error( $result ) ) { + return $result; + } + + $destination_name = basename( str_replace( $local_destination, '', $destination ) ); + if ( '.' === $destination_name ) { + $destination_name = ''; + } + + $this->result = compact( 'source', 'source_files', 'destination', 'destination_name', 'local_destination', 'remote_destination', 'clear_destination' ); + + /** + * Filters the installation response after the installation has finished. + * + * @since 2.8.0 + * + * @param bool $response Installation response. + * @param array $hook_extra Extra arguments passed to hooked filters. + * @param array $result Installation result data. + */ + $res = apply_filters( 'upgrader_post_install', true, $args['hook_extra'], $this->result ); + + if ( is_wp_error( $res ) ) { + $this->result = $res; + return $res; + } + + // Bombard the calling function will all the info which we've just used. + return $this->result; + } + + /** + * Runs an upgrade/installation. + * + * Attempts to download the package (if it is not a local file), unpack it, and + * install it in the destination folder. + * + * @since 2.8.0 + * + * @param array $options { + * Array or string of arguments for upgrading/installing a package. + * + * @type string $package The full path or URI of the package to install. + * Default empty. + * @type string $destination The full path to the destination folder. + * Default empty. + * @type bool $clear_destination Whether to delete any files already in the + * destination folder. Default false. + * @type bool $clear_working Whether to delete the files from the working + * directory after copying them to the destination. + * Default true. + * @type bool $abort_if_destination_exists Whether to abort the installation if the destination + * folder already exists. When true, `$clear_destination` + * should be false. Default true. + * @type bool $is_multi Whether this run is one of multiple upgrade/installation + * actions being performed in bulk. When true, the skin + * WP_Upgrader::header() and WP_Upgrader::footer() + * aren't called. Default false. + * @type array $hook_extra Extra arguments to pass to the filter hooks called by + * WP_Upgrader::run(). + * } + * @return array|false|WP_Error The result from self::install_package() on success, otherwise a WP_Error, + * or false if unable to connect to the filesystem. + */ + public function run( $options ) { + + $defaults = array( + 'package' => '', // Please always pass this. + 'destination' => '', // ...and this. + 'clear_destination' => false, + 'clear_working' => true, + 'abort_if_destination_exists' => true, // Abort if the destination directory exists. Pass clear_destination as false please. + 'is_multi' => false, + 'hook_extra' => array(), // Pass any extra $hook_extra args here, this will be passed to any hooked filters. + ); + + $options = wp_parse_args( $options, $defaults ); + + /** + * Filters the package options before running an update. + * + * See also {@see 'upgrader_process_complete'}. + * + * @since 4.3.0 + * + * @param array $options { + * Options used by the upgrader. + * + * @type string $package Package for update. + * @type string $destination Update location. + * @type bool $clear_destination Clear the destination resource. + * @type bool $clear_working Clear the working resource. + * @type bool $abort_if_destination_exists Abort if the Destination directory exists. + * @type bool $is_multi Whether the upgrader is running multiple times. + * @type array $hook_extra { + * Extra hook arguments. + * + * @type string $action Type of action. Default 'update'. + * @type string $type Type of update process. Accepts 'plugin', 'theme', or 'core'. + * @type bool $bulk Whether the update process is a bulk update. Default true. + * @type string $plugin Path to the plugin file relative to the plugins directory. + * @type string $theme The stylesheet or template name of the theme. + * @type string $language_update_type The language pack update type. Accepts 'plugin', 'theme', + * or 'core'. + * @type object $language_update The language pack update offer. + * } + * } + */ + $options = apply_filters( 'upgrader_package_options', $options ); + + if ( ! $options['is_multi'] ) { // Call $this->header separately if running multiple times. + $this->skin->header(); + } + + // Connect to the filesystem first. + $res = $this->fs_connect( array( WP_CONTENT_DIR, $options['destination'] ) ); + // Mainly for non-connected filesystem. + if ( ! $res ) { + if ( ! $options['is_multi'] ) { + $this->skin->footer(); + } + return false; + } + + $this->skin->before(); + + if ( is_wp_error( $res ) ) { + $this->skin->error( $res ); + $this->skin->after(); + if ( ! $options['is_multi'] ) { + $this->skin->footer(); + } + return $res; + } + + /* + * Download the package. Note: If the package is the full path + * to an existing local file, it will be returned untouched. + */ + $download = $this->download_package( $options['package'], true, $options['hook_extra'] ); + + /* + * Allow for signature soft-fail. + * WARNING: This may be removed in the future. + */ + if ( is_wp_error( $download ) && $download->get_error_data( 'softfail-filename' ) ) { + + // Don't output the 'no signature could be found' failure message for now. + if ( 'signature_verification_no_signature' !== $download->get_error_code() || WP_DEBUG ) { + // Output the failure error as a normal feedback, and not as an error. + $this->skin->feedback( $download->get_error_message() ); + + // Report this failure back to WordPress.org for debugging purposes. + wp_version_check( + array( + 'signature_failure_code' => $download->get_error_code(), + 'signature_failure_data' => $download->get_error_data(), + ) + ); + } + + // Pretend this error didn't happen. + $download = $download->get_error_data( 'softfail-filename' ); + } + + if ( is_wp_error( $download ) ) { + $this->skin->error( $download ); + $this->skin->after(); + if ( ! $options['is_multi'] ) { + $this->skin->footer(); + } + return $download; + } + + $delete_package = ( $download !== $options['package'] ); // Do not delete a "local" file. + + // Unzips the file into a temporary directory. + $working_dir = $this->unpack_package( $download, $delete_package ); + if ( is_wp_error( $working_dir ) ) { + $this->skin->error( $working_dir ); + $this->skin->after(); + if ( ! $options['is_multi'] ) { + $this->skin->footer(); + } + return $working_dir; + } + + // With the given options, this installs it to the destination directory. + $result = $this->install_package( + array( + 'source' => $working_dir, + 'destination' => $options['destination'], + 'clear_destination' => $options['clear_destination'], + 'abort_if_destination_exists' => $options['abort_if_destination_exists'], + 'clear_working' => $options['clear_working'], + 'hook_extra' => $options['hook_extra'], + ) + ); + + /** + * Filters the result of WP_Upgrader::install_package(). + * + * @since 5.7.0 + * + * @param array|WP_Error $result Result from WP_Upgrader::install_package(). + * @param array $hook_extra Extra arguments passed to hooked filters. + */ + $result = apply_filters( 'upgrader_install_package_result', $result, $options['hook_extra'] ); + + $this->skin->set_result( $result ); + + if ( is_wp_error( $result ) ) { + if ( ! empty( $options['hook_extra']['temp_backup'] ) ) { + $this->temp_restores[] = $options['hook_extra']['temp_backup']; + + /* + * Restore the backup on shutdown. + * Actions running on `shutdown` are immune to PHP timeouts, + * so in case the failure was due to a PHP timeout, + * it will still be able to properly restore the previous version. + */ + add_action( 'shutdown', array( $this, 'restore_temp_backup' ) ); + } + $this->skin->error( $result ); + + if ( ! method_exists( $this->skin, 'hide_process_failed' ) || ! $this->skin->hide_process_failed( $result ) ) { + $this->skin->feedback( 'process_failed' ); + } + } else { + // Installation succeeded. + $this->skin->feedback( 'process_success' ); + } + + $this->skin->after(); + + // Clean up the backup kept in the temporary backup directory. + if ( ! empty( $options['hook_extra']['temp_backup'] ) ) { + // Delete the backup on `shutdown` to avoid a PHP timeout. + add_action( 'shutdown', array( $this, 'delete_temp_backup' ), 100, 0 ); + } + + if ( ! $options['is_multi'] ) { + + /** + * Fires when the upgrader process is complete. + * + * See also {@see 'upgrader_package_options'}. + * + * @since 3.6.0 + * @since 3.7.0 Added to WP_Upgrader::run(). + * @since 4.6.0 `$translations` was added as a possible argument to `$hook_extra`. + * + * @param WP_Upgrader $upgrader WP_Upgrader instance. In other contexts this might be a + * Theme_Upgrader, Plugin_Upgrader, Core_Upgrade, or Language_Pack_Upgrader instance. + * @param array $hook_extra { + * Array of bulk item update data. + * + * @type string $action Type of action. Default 'update'. + * @type string $type Type of update process. Accepts 'plugin', 'theme', 'translation', or 'core'. + * @type bool $bulk Whether the update process is a bulk update. Default true. + * @type array $plugins Array of the basename paths of the plugins' main files. + * @type array $themes The theme slugs. + * @type array $translations { + * Array of translations update data. + * + * @type string $language The locale the translation is for. + * @type string $type Type of translation. Accepts 'plugin', 'theme', or 'core'. + * @type string $slug Text domain the translation is for. The slug of a theme/plugin or + * 'default' for core translations. + * @type string $version The version of a theme, plugin, or core. + * } + * } + */ + do_action( 'upgrader_process_complete', $this, $options['hook_extra'] ); + + $this->skin->footer(); + } + + return $result; + } + + /** + * Toggles maintenance mode for the site. + * + * Creates/deletes the maintenance file to enable/disable maintenance mode. + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param bool $enable True to enable maintenance mode, false to disable. + */ + public function maintenance_mode( $enable = false ) { + global $wp_filesystem; + $file = $wp_filesystem->abspath() . '.maintenance'; + if ( $enable ) { + $this->skin->feedback( 'maintenance_start' ); + // Create maintenance file to signal that we are upgrading. + $maintenance_string = '<?php $upgrading = ' . time() . '; ?>'; + $wp_filesystem->delete( $file ); + $wp_filesystem->put_contents( $file, $maintenance_string, FS_CHMOD_FILE ); + } elseif ( ! $enable && $wp_filesystem->exists( $file ) ) { + $this->skin->feedback( 'maintenance_end' ); + $wp_filesystem->delete( $file ); + } + } + + /** + * Creates a lock using WordPress options. + * + * @since 4.5.0 + * + * @global wpdb $wpdb The WordPress database abstraction object. + * + * @param string $lock_name The name of this unique lock. + * @param int $release_timeout Optional. The duration in seconds to respect an existing lock. + * Default: 1 hour. + * @return bool False if a lock couldn't be created or if the lock is still valid. True otherwise. + */ + public static function create_lock( $lock_name, $release_timeout = null ) { + global $wpdb; + if ( ! $release_timeout ) { + $release_timeout = HOUR_IN_SECONDS; + } + $lock_option = $lock_name . '.lock'; + + // Try to lock. + $lock_result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, 'no') /* LOCK */", $lock_option, time() ) ); + + if ( ! $lock_result ) { + $lock_result = get_option( $lock_option ); + + // If a lock couldn't be created, and there isn't a lock, bail. + if ( ! $lock_result ) { + return false; + } + + // Check to see if the lock is still valid. If it is, bail. + if ( $lock_result > ( time() - $release_timeout ) ) { + return false; + } + + // There must exist an expired lock, clear it and re-gain it. + WP_Upgrader::release_lock( $lock_name ); + + return WP_Upgrader::create_lock( $lock_name, $release_timeout ); + } + + // Update the lock, as by this point we've definitely got a lock, just need to fire the actions. + update_option( $lock_option, time() ); + + return true; + } + + /** + * Releases an upgrader lock. + * + * @since 4.5.0 + * + * @see WP_Upgrader::create_lock() + * + * @param string $lock_name The name of this unique lock. + * @return bool True if the lock was successfully released. False on failure. + */ + public static function release_lock( $lock_name ) { + return delete_option( $lock_name . '.lock' ); + } + + /** + * Moves the plugin or theme being updated into a temporary backup directory. + * + * @since 6.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string[] $args { + * Array of data for the temporary backup. + * + * @type string $slug Plugin or theme slug. + * @type string $src Path to the root directory for plugins or themes. + * @type string $dir Destination subdirectory name. Accepts 'plugins' or 'themes'. + * } + * + * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error. + */ + public function move_to_temp_backup_dir( $args ) { + global $wp_filesystem; + + if ( empty( $args['slug'] ) || empty( $args['src'] ) || empty( $args['dir'] ) ) { + return false; + } + + /* + * Skip any plugin that has "." as its slug. + * A slug of "." will result in a `$src` value ending in a period. + * + * On Windows, this will cause the 'plugins' folder to be moved, + * and will cause a failure when attempting to call `mkdir()`. + */ + if ( '.' === $args['slug'] ) { + return false; + } + + if ( ! $wp_filesystem->wp_content_dir() ) { + return new WP_Error( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] ); + } + + $dest_dir = $wp_filesystem->wp_content_dir() . 'upgrade-temp-backup/'; + $sub_dir = $dest_dir . $args['dir'] . '/'; + + // Create the temporary backup directory if it does not exist. + if ( ! $wp_filesystem->is_dir( $sub_dir ) ) { + if ( ! $wp_filesystem->is_dir( $dest_dir ) ) { + $wp_filesystem->mkdir( $dest_dir, FS_CHMOD_DIR ); + } + + if ( ! $wp_filesystem->mkdir( $sub_dir, FS_CHMOD_DIR ) ) { + // Could not create the backup directory. + return new WP_Error( 'fs_temp_backup_mkdir', $this->strings['temp_backup_mkdir_failed'] ); + } + } + + $src_dir = $wp_filesystem->find_folder( $args['src'] ); + $src = trailingslashit( $src_dir ) . $args['slug']; + $dest = $dest_dir . trailingslashit( $args['dir'] ) . $args['slug']; + + // Delete the temporary backup directory if it already exists. + if ( $wp_filesystem->is_dir( $dest ) ) { + $wp_filesystem->delete( $dest, true ); + } + + // Move to the temporary backup directory. + $result = move_dir( $src, $dest, true ); + if ( is_wp_error( $result ) ) { + return new WP_Error( 'fs_temp_backup_move', $this->strings['temp_backup_move_failed'] ); + } + + return true; + } + + /** + * Restores the plugin or theme from temporary backup. + * + * @since 6.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error. + */ + public function restore_temp_backup() { + global $wp_filesystem; + + $errors = new WP_Error(); + + foreach ( $this->temp_restores as $args ) { + if ( empty( $args['slug'] ) || empty( $args['src'] ) || empty( $args['dir'] ) ) { + return false; + } + + if ( ! $wp_filesystem->wp_content_dir() ) { + $errors->add( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] ); + return $errors; + } + + $src = $wp_filesystem->wp_content_dir() . 'upgrade-temp-backup/' . $args['dir'] . '/' . $args['slug']; + $dest_dir = $wp_filesystem->find_folder( $args['src'] ); + $dest = trailingslashit( $dest_dir ) . $args['slug']; + + if ( $wp_filesystem->is_dir( $src ) ) { + // Cleanup. + if ( $wp_filesystem->is_dir( $dest ) && ! $wp_filesystem->delete( $dest, true ) ) { + $errors->add( + 'fs_temp_backup_delete', + sprintf( $this->strings['temp_backup_restore_failed'], $args['slug'] ) + ); + continue; + } + + // Move it. + $result = move_dir( $src, $dest, true ); + if ( is_wp_error( $result ) ) { + $errors->add( + 'fs_temp_backup_delete', + sprintf( $this->strings['temp_backup_restore_failed'], $args['slug'] ) + ); + continue; + } + } + } + + return $errors->has_errors() ? $errors : true; + } + + /** + * Deletes a temporary backup. + * + * @since 6.3.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error. + */ + public function delete_temp_backup() { + global $wp_filesystem; + + $errors = new WP_Error(); + + foreach ( $this->temp_backups as $args ) { + if ( empty( $args['slug'] ) || empty( $args['dir'] ) ) { + return false; + } + + if ( ! $wp_filesystem->wp_content_dir() ) { + $errors->add( 'fs_no_content_dir', $this->strings['fs_no_content_dir'] ); + return $errors; + } + + $temp_backup_dir = $wp_filesystem->wp_content_dir() . "upgrade-temp-backup/{$args['dir']}/{$args['slug']}"; + + if ( ! $wp_filesystem->delete( $temp_backup_dir, true ) ) { + $errors->add( + 'temp_backup_delete_failed', + sprintf( $this->strings['temp_backup_delete_failed'], $args['slug'] ) + ); + continue; + } + } + + return $errors->has_errors() ? $errors : true; + } +} + +/** Plugin_Upgrader class */ +require_once ABSPATH . 'wp-admin/includes/class-plugin-upgrader.php'; + +/** Theme_Upgrader class */ +require_once ABSPATH . 'wp-admin/includes/class-theme-upgrader.php'; + +/** Language_Pack_Upgrader class */ +require_once ABSPATH . 'wp-admin/includes/class-language-pack-upgrader.php'; + +/** Core_Upgrader class */ +require_once ABSPATH . 'wp-admin/includes/class-core-upgrader.php'; + +/** File_Upload_Upgrader class */ +require_once ABSPATH . 'wp-admin/includes/class-file-upload-upgrader.php'; + +/** WP_Automatic_Updater class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-automatic-updater.php'; diff --git a/wp-admin/includes/class-wp-users-list-table.php b/wp-admin/includes/class-wp-users-list-table.php new file mode 100644 index 0000000..ecb8eb4 --- /dev/null +++ b/wp-admin/includes/class-wp-users-list-table.php @@ -0,0 +1,683 @@ +<?php +/** + * List Table API: WP_Users_List_Table class + * + * @package WordPress + * @subpackage Administration + * @since 3.1.0 + */ + +/** + * Core class used to implement displaying users in a list table. + * + * @since 3.1.0 + * + * @see WP_List_Table + */ +class WP_Users_List_Table extends WP_List_Table { + + /** + * Site ID to generate the Users list table for. + * + * @since 3.1.0 + * @var int + */ + public $site_id; + + /** + * Whether or not the current Users list table is for Multisite. + * + * @since 3.1.0 + * @var bool + */ + public $is_site_users; + + /** + * Constructor. + * + * @since 3.1.0 + * + * @see WP_List_Table::__construct() for more information on default arguments. + * + * @param array $args An associative array of arguments. + */ + public function __construct( $args = array() ) { + parent::__construct( + array( + 'singular' => 'user', + 'plural' => 'users', + 'screen' => isset( $args['screen'] ) ? $args['screen'] : null, + ) + ); + + $this->is_site_users = 'site-users-network' === $this->screen->id; + + if ( $this->is_site_users ) { + $this->site_id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; + } + } + + /** + * Checks the current user's permissions. + * + * @since 3.1.0 + * + * @return bool + */ + public function ajax_user_can() { + if ( $this->is_site_users ) { + return current_user_can( 'manage_sites' ); + } else { + return current_user_can( 'list_users' ); + } + } + + /** + * Prepares the users list for display. + * + * @since 3.1.0 + * + * @global string $role + * @global string $usersearch + */ + public function prepare_items() { + global $role, $usersearch; + + $usersearch = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : ''; + + $role = isset( $_REQUEST['role'] ) ? $_REQUEST['role'] : ''; + + $per_page = ( $this->is_site_users ) ? 'site_users_network_per_page' : 'users_per_page'; + $users_per_page = $this->get_items_per_page( $per_page ); + + $paged = $this->get_pagenum(); + + if ( 'none' === $role ) { + $args = array( + 'number' => $users_per_page, + 'offset' => ( $paged - 1 ) * $users_per_page, + 'include' => wp_get_users_with_no_role( $this->site_id ), + 'search' => $usersearch, + 'fields' => 'all_with_meta', + ); + } else { + $args = array( + 'number' => $users_per_page, + 'offset' => ( $paged - 1 ) * $users_per_page, + 'role' => $role, + 'search' => $usersearch, + 'fields' => 'all_with_meta', + ); + } + + if ( '' !== $args['search'] ) { + $args['search'] = '*' . $args['search'] . '*'; + } + + if ( $this->is_site_users ) { + $args['blog_id'] = $this->site_id; + } + + if ( isset( $_REQUEST['orderby'] ) ) { + $args['orderby'] = $_REQUEST['orderby']; + } + + if ( isset( $_REQUEST['order'] ) ) { + $args['order'] = $_REQUEST['order']; + } + + /** + * Filters the query arguments used to retrieve users for the current users list table. + * + * @since 4.4.0 + * + * @param array $args Arguments passed to WP_User_Query to retrieve items for the current + * users list table. + */ + $args = apply_filters( 'users_list_table_query_args', $args ); + + // Query the user IDs for this page. + $wp_user_search = new WP_User_Query( $args ); + + $this->items = $wp_user_search->get_results(); + + $this->set_pagination_args( + array( + 'total_items' => $wp_user_search->get_total(), + 'per_page' => $users_per_page, + ) + ); + } + + /** + * Outputs 'no users' message. + * + * @since 3.1.0 + */ + public function no_items() { + _e( 'No users found.' ); + } + + /** + * Returns an associative array listing all the views that can be used + * with this table. + * + * Provides a list of roles and user count for that role for easy + * Filtersing of the user table. + * + * @since 3.1.0 + * + * @global string $role + * + * @return string[] An array of HTML links keyed by their view. + */ + protected function get_views() { + global $role; + + $wp_roles = wp_roles(); + + $count_users = ! wp_is_large_user_count(); + + if ( $this->is_site_users ) { + $url = 'site-users.php?id=' . $this->site_id; + } else { + $url = 'users.php'; + } + + $role_links = array(); + $avail_roles = array(); + $all_text = __( 'All' ); + + if ( $count_users ) { + if ( $this->is_site_users ) { + switch_to_blog( $this->site_id ); + $users_of_blog = count_users( 'time', $this->site_id ); + restore_current_blog(); + } else { + $users_of_blog = count_users(); + } + + $total_users = $users_of_blog['total_users']; + $avail_roles =& $users_of_blog['avail_roles']; + unset( $users_of_blog ); + + $all_text = sprintf( + /* translators: %s: Number of users. */ + _nx( + 'All <span class="count">(%s)</span>', + 'All <span class="count">(%s)</span>', + $total_users, + 'users' + ), + number_format_i18n( $total_users ) + ); + } + + $role_links['all'] = array( + 'url' => $url, + 'label' => $all_text, + 'current' => empty( $role ), + ); + + foreach ( $wp_roles->get_names() as $this_role => $name ) { + if ( $count_users && ! isset( $avail_roles[ $this_role ] ) ) { + continue; + } + + $name = translate_user_role( $name ); + if ( $count_users ) { + $name = sprintf( + /* translators: 1: User role name, 2: Number of users. */ + __( '%1$s <span class="count">(%2$s)</span>' ), + $name, + number_format_i18n( $avail_roles[ $this_role ] ) + ); + } + + $role_links[ $this_role ] = array( + 'url' => esc_url( add_query_arg( 'role', $this_role, $url ) ), + 'label' => $name, + 'current' => $this_role === $role, + ); + } + + if ( ! empty( $avail_roles['none'] ) ) { + + $name = __( 'No role' ); + $name = sprintf( + /* translators: 1: User role name, 2: Number of users. */ + __( '%1$s <span class="count">(%2$s)</span>' ), + $name, + number_format_i18n( $avail_roles['none'] ) + ); + + $role_links['none'] = array( + 'url' => esc_url( add_query_arg( 'role', 'none', $url ) ), + 'label' => $name, + 'current' => 'none' === $role, + ); + } + + return $this->get_views_links( $role_links ); + } + + /** + * Retrieves an associative array of bulk actions available on this table. + * + * @since 3.1.0 + * + * @return array Array of bulk action labels keyed by their action. + */ + protected function get_bulk_actions() { + $actions = array(); + + if ( is_multisite() ) { + if ( current_user_can( 'remove_users' ) ) { + $actions['remove'] = __( 'Remove' ); + } + } else { + if ( current_user_can( 'delete_users' ) ) { + $actions['delete'] = __( 'Delete' ); + } + } + + // Add a password reset link to the bulk actions dropdown. + if ( current_user_can( 'edit_users' ) ) { + $actions['resetpassword'] = __( 'Send password reset' ); + } + + return $actions; + } + + /** + * Outputs the controls to allow user roles to be changed in bulk. + * + * @since 3.1.0 + * + * @param string $which Whether this is being invoked above ("top") + * or below the table ("bottom"). + */ + protected function extra_tablenav( $which ) { + $id = 'bottom' === $which ? 'new_role2' : 'new_role'; + $button_id = 'bottom' === $which ? 'changeit2' : 'changeit'; + ?> + <div class="alignleft actions"> + <?php if ( current_user_can( 'promote_users' ) && $this->has_items() ) : ?> + <label class="screen-reader-text" for="<?php echo $id; ?>"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Change role to…' ); + ?> + </label> + <select name="<?php echo $id; ?>" id="<?php echo $id; ?>"> + <option value=""><?php _e( 'Change role to…' ); ?></option> + <?php wp_dropdown_roles(); ?> + <option value="none"><?php _e( '— No role for this site —' ); ?></option> + </select> + <?php + submit_button( __( 'Change' ), '', $button_id, false ); + endif; + + /** + * Fires just before the closing div containing the bulk role-change controls + * in the Users list table. + * + * @since 3.5.0 + * @since 4.6.0 The `$which` parameter was added. + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'restrict_manage_users', $which ); + ?> + </div> + <?php + /** + * Fires immediately following the closing "actions" div in the tablenav for the users + * list table. + * + * @since 4.9.0 + * + * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. + */ + do_action( 'manage_users_extra_tablenav', $which ); + } + + /** + * Captures the bulk action required, and return it. + * + * Overridden from the base class implementation to capture + * the role change drop-down. + * + * @since 3.1.0 + * + * @return string The bulk action required. + */ + public function current_action() { + if ( isset( $_REQUEST['changeit'] ) ) { + return 'promote'; + } + + return parent::current_action(); + } + + /** + * Gets a list of columns for the list table. + * + * @since 3.1.0 + * + * @return string[] Array of column titles keyed by their column name. + */ + public function get_columns() { + $columns = array( + 'cb' => '<input type="checkbox" />', + 'username' => __( 'Username' ), + 'name' => __( 'Name' ), + 'email' => __( 'Email' ), + 'role' => __( 'Role' ), + 'posts' => _x( 'Posts', 'post type general name' ), + ); + + if ( $this->is_site_users ) { + unset( $columns['posts'] ); + } + + return $columns; + } + + /** + * Gets a list of sortable columns for the list table. + * + * @since 3.1.0 + * + * @return array Array of sortable columns. + */ + protected function get_sortable_columns() { + $columns = array( + 'username' => array( 'login', false, __( 'Username' ), __( 'Table ordered by Username.' ), 'asc' ), + 'email' => array( 'email', false, __( 'E-mail' ), __( 'Table ordered by E-mail.' ) ), + ); + + return $columns; + } + + /** + * Generates the list table rows. + * + * @since 3.1.0 + */ + public function display_rows() { + // Query the post counts for this page. + if ( ! $this->is_site_users ) { + $post_counts = count_many_users_posts( array_keys( $this->items ) ); + } + + foreach ( $this->items as $userid => $user_object ) { + echo "\n\t" . $this->single_row( $user_object, '', '', isset( $post_counts ) ? $post_counts[ $userid ] : 0 ); + } + } + + /** + * Generates HTML for a single row on the users.php admin panel. + * + * @since 3.1.0 + * @since 4.2.0 The `$style` parameter was deprecated. + * @since 4.4.0 The `$role` parameter was deprecated. + * + * @param WP_User $user_object The current user object. + * @param string $style Deprecated. Not used. + * @param string $role Deprecated. Not used. + * @param int $numposts Optional. Post count to display for this user. Defaults + * to zero, as in, a new user has made zero posts. + * @return string Output for a single row. + */ + public function single_row( $user_object, $style = '', $role = '', $numposts = 0 ) { + if ( ! ( $user_object instanceof WP_User ) ) { + $user_object = get_userdata( (int) $user_object ); + } + $user_object->filter = 'display'; + $email = $user_object->user_email; + + if ( $this->is_site_users ) { + $url = "site-users.php?id={$this->site_id}&"; + } else { + $url = 'users.php?'; + } + + $user_roles = $this->get_role_list( $user_object ); + + // Set up the hover actions for this user. + $actions = array(); + $checkbox = ''; + $super_admin = ''; + + if ( is_multisite() && current_user_can( 'manage_network_users' ) ) { + if ( in_array( $user_object->user_login, get_super_admins(), true ) ) { + $super_admin = ' — ' . __( 'Super Admin' ); + } + } + + // Check if the user for this row is editable. + if ( current_user_can( 'list_users' ) ) { + // Set up the user editing link. + $edit_link = esc_url( + add_query_arg( + 'wp_http_referer', + urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), + get_edit_user_link( $user_object->ID ) + ) + ); + + if ( current_user_can( 'edit_user', $user_object->ID ) ) { + $edit = "<strong><a href=\"{$edit_link}\">{$user_object->user_login}</a>{$super_admin}</strong><br />"; + $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; + } else { + $edit = "<strong>{$user_object->user_login}{$super_admin}</strong><br />"; + } + + if ( ! is_multisite() + && get_current_user_id() !== $user_object->ID + && current_user_can( 'delete_user', $user_object->ID ) + ) { + $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url( "users.php?action=delete&user=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Delete' ) . '</a>'; + } + + if ( is_multisite() + && current_user_can( 'remove_user', $user_object->ID ) + ) { + $actions['remove'] = "<a class='submitdelete' href='" . wp_nonce_url( $url . "action=remove&user=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Remove' ) . '</a>'; + } + + // Add a link to the user's author archive, if not empty. + $author_posts_url = get_author_posts_url( $user_object->ID ); + if ( $author_posts_url ) { + $actions['view'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + esc_url( $author_posts_url ), + /* translators: %s: Author's display name. */ + esc_attr( sprintf( __( 'View posts by %s' ), $user_object->display_name ) ), + __( 'View' ) + ); + } + + // Add a link to send the user a reset password link by email. + if ( get_current_user_id() !== $user_object->ID + && current_user_can( 'edit_user', $user_object->ID ) + && true === wp_is_password_reset_allowed_for_user( $user_object ) + ) { + $actions['resetpassword'] = "<a class='resetpassword' href='" . wp_nonce_url( "users.php?action=resetpassword&users=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Send password reset' ) . '</a>'; + } + + /** + * Filters the action links displayed under each user in the Users list table. + * + * @since 2.8.0 + * + * @param string[] $actions An array of action links to be displayed. + * Default 'Edit', 'Delete' for single site, and + * 'Edit', 'Remove' for Multisite. + * @param WP_User $user_object WP_User object for the currently listed user. + */ + $actions = apply_filters( 'user_row_actions', $actions, $user_object ); + + // Role classes. + $role_classes = esc_attr( implode( ' ', array_keys( $user_roles ) ) ); + + // Set up the checkbox (because the user is editable, otherwise it's empty). + $checkbox = sprintf( + '<input type="checkbox" name="users[]" id="user_%1$s" class="%2$s" value="%1$s" />' . + '<label for="user_%1$s"><span class="screen-reader-text">%3$s</span></label>', + $user_object->ID, + $role_classes, + /* translators: Hidden accessibility text. %s: User login. */ + sprintf( __( 'Select %s' ), $user_object->user_login ) + ); + + } else { + $edit = "<strong>{$user_object->user_login}{$super_admin}</strong>"; + } + + $avatar = get_avatar( $user_object->ID, 32 ); + + // Comma-separated list of user roles. + $roles_list = implode( ', ', $user_roles ); + + $row = "<tr id='user-$user_object->ID'>"; + + list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info(); + + foreach ( $columns as $column_name => $column_display_name ) { + $classes = "$column_name column-$column_name"; + if ( $primary === $column_name ) { + $classes .= ' has-row-actions column-primary'; + } + if ( 'posts' === $column_name ) { + $classes .= ' num'; // Special case for that column. + } + + if ( in_array( $column_name, $hidden, true ) ) { + $classes .= ' hidden'; + } + + $data = 'data-colname="' . esc_attr( wp_strip_all_tags( $column_display_name ) ) . '"'; + + $attributes = "class='$classes' $data"; + + if ( 'cb' === $column_name ) { + $row .= "<th scope='row' class='check-column'>$checkbox</th>"; + } else { + $row .= "<td $attributes>"; + switch ( $column_name ) { + case 'username': + $row .= "$avatar $edit"; + break; + case 'name': + if ( $user_object->first_name && $user_object->last_name ) { + $row .= sprintf( + /* translators: 1: User's first name, 2: Last name. */ + _x( '%1$s %2$s', 'Display name based on first name and last name' ), + $user_object->first_name, + $user_object->last_name + ); + } elseif ( $user_object->first_name ) { + $row .= $user_object->first_name; + } elseif ( $user_object->last_name ) { + $row .= $user_object->last_name; + } else { + $row .= sprintf( + '<span aria-hidden="true">—</span><span class="screen-reader-text">%s</span>', + /* translators: Hidden accessibility text. */ + _x( 'Unknown', 'name' ) + ); + } + break; + case 'email': + $row .= "<a href='" . esc_url( "mailto:$email" ) . "'>$email</a>"; + break; + case 'role': + $row .= esc_html( $roles_list ); + break; + case 'posts': + if ( $numposts > 0 ) { + $row .= sprintf( + '<a href="%s" class="edit"><span aria-hidden="true">%s</span><span class="screen-reader-text">%s</span></a>', + "edit.php?author={$user_object->ID}", + $numposts, + sprintf( + /* translators: Hidden accessibility text. %s: Number of posts. */ + _n( '%s post by this author', '%s posts by this author', $numposts ), + number_format_i18n( $numposts ) + ) + ); + } else { + $row .= 0; + } + break; + default: + /** + * Filters the display output of custom columns in the Users list table. + * + * @since 2.8.0 + * + * @param string $output Custom column output. Default empty. + * @param string $column_name Column name. + * @param int $user_id ID of the currently-listed user. + */ + $row .= apply_filters( 'manage_users_custom_column', '', $column_name, $user_object->ID ); + } + + if ( $primary === $column_name ) { + $row .= $this->row_actions( $actions ); + } + $row .= '</td>'; + } + } + $row .= '</tr>'; + + return $row; + } + + /** + * Gets the name of the default primary column. + * + * @since 4.3.0 + * + * @return string Name of the default primary column, in this case, 'username'. + */ + protected function get_default_primary_column_name() { + return 'username'; + } + + /** + * Returns an array of translated user role names for a given user object. + * + * @since 4.4.0 + * + * @param WP_User $user_object The WP_User object. + * @return string[] An array of user role names keyed by role. + */ + protected function get_role_list( $user_object ) { + $wp_roles = wp_roles(); + + $role_list = array(); + + foreach ( $user_object->roles as $role ) { + if ( isset( $wp_roles->role_names[ $role ] ) ) { + $role_list[ $role ] = translate_user_role( $wp_roles->role_names[ $role ] ); + } + } + + if ( empty( $role_list ) ) { + $role_list['none'] = _x( 'None', 'no user roles' ); + } + + /** + * Filters the returned array of translated role names for a user. + * + * @since 4.4.0 + * + * @param string[] $role_list An array of translated user role names keyed by role. + * @param WP_User $user_object A WP_User object. + */ + return apply_filters( 'get_role_list', $role_list, $user_object ); + } +} diff --git a/wp-admin/includes/comment.php b/wp-admin/includes/comment.php new file mode 100644 index 0000000..ffec90c --- /dev/null +++ b/wp-admin/includes/comment.php @@ -0,0 +1,219 @@ +<?php +/** + * WordPress Comment Administration API. + * + * @package WordPress + * @subpackage Administration + * @since 2.3.0 + */ + +/** + * Determines if a comment exists based on author and date. + * + * For best performance, use `$timezone = 'gmt'`, which queries a field that is properly indexed. The default value + * for `$timezone` is 'blog' for legacy reasons. + * + * @since 2.0.0 + * @since 4.4.0 Added the `$timezone` parameter. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $comment_author Author of the comment. + * @param string $comment_date Date of the comment. + * @param string $timezone Timezone. Accepts 'blog' or 'gmt'. Default 'blog'. + * @return string|null Comment post ID on success. + */ +function comment_exists( $comment_author, $comment_date, $timezone = 'blog' ) { + global $wpdb; + + $date_field = 'comment_date'; + if ( 'gmt' === $timezone ) { + $date_field = 'comment_date_gmt'; + } + + return $wpdb->get_var( + $wpdb->prepare( + "SELECT comment_post_ID FROM $wpdb->comments + WHERE comment_author = %s AND $date_field = %s", + stripslashes( $comment_author ), + stripslashes( $comment_date ) + ) + ); +} + +/** + * Updates a comment with values provided in $_POST. + * + * @since 2.0.0 + * @since 5.5.0 A return value was added. + * + * @return int|WP_Error The value 1 if the comment was updated, 0 if not updated. + * A WP_Error object on failure. + */ +function edit_comment() { + if ( ! current_user_can( 'edit_comment', (int) $_POST['comment_ID'] ) ) { + wp_die( __( 'Sorry, you are not allowed to edit comments on this post.' ) ); + } + + if ( isset( $_POST['newcomment_author'] ) ) { + $_POST['comment_author'] = $_POST['newcomment_author']; + } + if ( isset( $_POST['newcomment_author_email'] ) ) { + $_POST['comment_author_email'] = $_POST['newcomment_author_email']; + } + if ( isset( $_POST['newcomment_author_url'] ) ) { + $_POST['comment_author_url'] = $_POST['newcomment_author_url']; + } + if ( isset( $_POST['comment_status'] ) ) { + $_POST['comment_approved'] = $_POST['comment_status']; + } + if ( isset( $_POST['content'] ) ) { + $_POST['comment_content'] = $_POST['content']; + } + if ( isset( $_POST['comment_ID'] ) ) { + $_POST['comment_ID'] = (int) $_POST['comment_ID']; + } + + foreach ( array( 'aa', 'mm', 'jj', 'hh', 'mn' ) as $timeunit ) { + if ( ! empty( $_POST[ 'hidden_' . $timeunit ] ) && $_POST[ 'hidden_' . $timeunit ] !== $_POST[ $timeunit ] ) { + $_POST['edit_date'] = '1'; + break; + } + } + + if ( ! empty( $_POST['edit_date'] ) ) { + $aa = $_POST['aa']; + $mm = $_POST['mm']; + $jj = $_POST['jj']; + $hh = $_POST['hh']; + $mn = $_POST['mn']; + $ss = $_POST['ss']; + $jj = ( $jj > 31 ) ? 31 : $jj; + $hh = ( $hh > 23 ) ? $hh - 24 : $hh; + $mn = ( $mn > 59 ) ? $mn - 60 : $mn; + $ss = ( $ss > 59 ) ? $ss - 60 : $ss; + + $_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss"; + } + + return wp_update_comment( $_POST, true ); +} + +/** + * Returns a WP_Comment object based on comment ID. + * + * @since 2.0.0 + * + * @param int $id ID of comment to retrieve. + * @return WP_Comment|false Comment if found. False on failure. + */ +function get_comment_to_edit( $id ) { + $comment = get_comment( $id ); + if ( ! $comment ) { + return false; + } + + $comment->comment_ID = (int) $comment->comment_ID; + $comment->comment_post_ID = (int) $comment->comment_post_ID; + + $comment->comment_content = format_to_edit( $comment->comment_content ); + /** + * Filters the comment content before editing. + * + * @since 2.0.0 + * + * @param string $comment_content Comment content. + */ + $comment->comment_content = apply_filters( 'comment_edit_pre', $comment->comment_content ); + + $comment->comment_author = format_to_edit( $comment->comment_author ); + $comment->comment_author_email = format_to_edit( $comment->comment_author_email ); + $comment->comment_author_url = format_to_edit( $comment->comment_author_url ); + $comment->comment_author_url = esc_url( $comment->comment_author_url ); + + return $comment; +} + +/** + * Gets the number of pending comments on a post or posts. + * + * @since 2.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int|int[] $post_id Either a single Post ID or an array of Post IDs + * @return int|int[] Either a single Posts pending comments as an int or an array of ints keyed on the Post IDs + */ +function get_pending_comments_num( $post_id ) { + global $wpdb; + + $single = false; + if ( ! is_array( $post_id ) ) { + $post_id_array = (array) $post_id; + $single = true; + } else { + $post_id_array = $post_id; + } + $post_id_array = array_map( 'intval', $post_id_array ); + $post_id_in = "'" . implode( "', '", $post_id_array ) . "'"; + + $pending = $wpdb->get_results( "SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN ( $post_id_in ) AND comment_approved = '0' GROUP BY comment_post_ID", ARRAY_A ); + + if ( $single ) { + if ( empty( $pending ) ) { + return 0; + } else { + return absint( $pending[0]['num_comments'] ); + } + } + + $pending_keyed = array(); + + // Default to zero pending for all posts in request. + foreach ( $post_id_array as $id ) { + $pending_keyed[ $id ] = 0; + } + + if ( ! empty( $pending ) ) { + foreach ( $pending as $pend ) { + $pending_keyed[ $pend['comment_post_ID'] ] = absint( $pend['num_comments'] ); + } + } + + return $pending_keyed; +} + +/** + * Adds avatars to relevant places in admin. + * + * @since 2.5.0 + * + * @param string $name User name. + * @return string Avatar with the user name. + */ +function floated_admin_avatar( $name ) { + $avatar = get_avatar( get_comment(), 32, 'mystery' ); + return "$avatar $name"; +} + +/** + * Enqueues comment shortcuts jQuery script. + * + * @since 2.7.0 + */ +function enqueue_comment_hotkeys_js() { + if ( 'true' === get_user_option( 'comment_shortcuts' ) ) { + wp_enqueue_script( 'jquery-table-hotkeys' ); + } +} + +/** + * Displays error message at bottom of comments. + * + * @param string $msg Error Message. Assumed to contain HTML and be sanitized. + */ +function comment_footer_die( $msg ) { + echo "<div class='wrap'><p>$msg</p></div>"; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + die; +} diff --git a/wp-admin/includes/continents-cities.php b/wp-admin/includes/continents-cities.php new file mode 100644 index 0000000..cb8e033 --- /dev/null +++ b/wp-admin/includes/continents-cities.php @@ -0,0 +1,549 @@ +<?php +/** + * Translation API: Continent and city translations for timezone selection + * + * This file is not included anywhere. It exists solely for use by xgettext. + * + * @package WordPress + * @subpackage i18n + * @since 2.8.0 + */ + +__( 'Africa', 'continents-cities' ); +__( 'Abidjan', 'continents-cities' ); +__( 'Accra', 'continents-cities' ); +__( 'Addis Ababa', 'continents-cities' ); +__( 'Algiers', 'continents-cities' ); +__( 'Asmara', 'continents-cities' ); +__( 'Asmera', 'continents-cities' ); +__( 'Bamako', 'continents-cities' ); +__( 'Bangui', 'continents-cities' ); +__( 'Banjul', 'continents-cities' ); +__( 'Bissau', 'continents-cities' ); +__( 'Blantyre', 'continents-cities' ); +__( 'Brazzaville', 'continents-cities' ); +__( 'Bujumbura', 'continents-cities' ); +__( 'Cairo', 'continents-cities' ); +__( 'Casablanca', 'continents-cities' ); +__( 'Ceuta', 'continents-cities' ); +__( 'Conakry', 'continents-cities' ); +__( 'Dakar', 'continents-cities' ); +__( 'Dar es Salaam', 'continents-cities' ); +__( 'Djibouti', 'continents-cities' ); +__( 'Douala', 'continents-cities' ); +__( 'El Aaiun', 'continents-cities' ); +__( 'Freetown', 'continents-cities' ); +__( 'Gaborone', 'continents-cities' ); +__( 'Harare', 'continents-cities' ); +__( 'Johannesburg', 'continents-cities' ); +__( 'Juba', 'continents-cities' ); +__( 'Kampala', 'continents-cities' ); +__( 'Khartoum', 'continents-cities' ); +__( 'Kigali', 'continents-cities' ); +__( 'Kinshasa', 'continents-cities' ); +__( 'Lagos', 'continents-cities' ); +__( 'Libreville', 'continents-cities' ); +__( 'Lome', 'continents-cities' ); +__( 'Luanda', 'continents-cities' ); +__( 'Lubumbashi', 'continents-cities' ); +__( 'Lusaka', 'continents-cities' ); +__( 'Malabo', 'continents-cities' ); +__( 'Maputo', 'continents-cities' ); +__( 'Maseru', 'continents-cities' ); +__( 'Mbabane', 'continents-cities' ); +__( 'Mogadishu', 'continents-cities' ); +__( 'Monrovia', 'continents-cities' ); +__( 'Nairobi', 'continents-cities' ); +__( 'Ndjamena', 'continents-cities' ); +__( 'Niamey', 'continents-cities' ); +__( 'Nouakchott', 'continents-cities' ); +__( 'Ouagadougou', 'continents-cities' ); +__( 'Porto-Novo', 'continents-cities' ); +__( 'Sao Tome', 'continents-cities' ); +__( 'Timbuktu', 'continents-cities' ); +__( 'Tripoli', 'continents-cities' ); +__( 'Tunis', 'continents-cities' ); +__( 'Windhoek', 'continents-cities' ); + +__( 'America', 'continents-cities' ); +__( 'Adak', 'continents-cities' ); +__( 'Anchorage', 'continents-cities' ); +__( 'Anguilla', 'continents-cities' ); +__( 'Antigua', 'continents-cities' ); +__( 'Araguaina', 'continents-cities' ); +__( 'Argentina', 'continents-cities' ); +__( 'Buenos Aires', 'continents-cities' ); +__( 'Catamarca', 'continents-cities' ); +__( 'ComodRivadavia', 'continents-cities' ); +__( 'Cordoba', 'continents-cities' ); +__( 'Jujuy', 'continents-cities' ); +__( 'La Rioja', 'continents-cities' ); +__( 'Mendoza', 'continents-cities' ); +__( 'Rio Gallegos', 'continents-cities' ); +__( 'Salta', 'continents-cities' ); +__( 'San Juan', 'continents-cities' ); +__( 'San Luis', 'continents-cities' ); +__( 'Tucuman', 'continents-cities' ); +__( 'Ushuaia', 'continents-cities' ); +__( 'Aruba', 'continents-cities' ); +__( 'Asuncion', 'continents-cities' ); +__( 'Atikokan', 'continents-cities' ); +__( 'Atka', 'continents-cities' ); +__( 'Bahia', 'continents-cities' ); +__( 'Bahia Banderas', 'continents-cities' ); +__( 'Barbados', 'continents-cities' ); +__( 'Belem', 'continents-cities' ); +__( 'Belize', 'continents-cities' ); +__( 'Blanc-Sablon', 'continents-cities' ); +__( 'Boa Vista', 'continents-cities' ); +__( 'Bogota', 'continents-cities' ); +__( 'Boise', 'continents-cities' ); +__( 'Cambridge Bay', 'continents-cities' ); +__( 'Campo Grande', 'continents-cities' ); +__( 'Cancun', 'continents-cities' ); +__( 'Caracas', 'continents-cities' ); +__( 'Cayenne', 'continents-cities' ); +__( 'Cayman', 'continents-cities' ); +__( 'Chicago', 'continents-cities' ); +__( 'Chihuahua', 'continents-cities' ); +__( 'Coral Harbour', 'continents-cities' ); +__( 'Costa Rica', 'continents-cities' ); +__( 'Creston', 'continents-cities' ); +__( 'Cuiaba', 'continents-cities' ); +__( 'Curacao', 'continents-cities' ); +__( 'Danmarkshavn', 'continents-cities' ); +__( 'Dawson', 'continents-cities' ); +__( 'Dawson Creek', 'continents-cities' ); +__( 'Denver', 'continents-cities' ); +__( 'Detroit', 'continents-cities' ); +__( 'Dominica', 'continents-cities' ); +__( 'Edmonton', 'continents-cities' ); +__( 'Eirunepe', 'continents-cities' ); +__( 'El Salvador', 'continents-cities' ); +__( 'Ensenada', 'continents-cities' ); +__( 'Fort Nelson', 'continents-cities' ); +__( 'Fort Wayne', 'continents-cities' ); +__( 'Fortaleza', 'continents-cities' ); +__( 'Glace Bay', 'continents-cities' ); +__( 'Godthab', 'continents-cities' ); +__( 'Goose Bay', 'continents-cities' ); +__( 'Grand Turk', 'continents-cities' ); +__( 'Grenada', 'continents-cities' ); +__( 'Guadeloupe', 'continents-cities' ); +__( 'Guatemala', 'continents-cities' ); +__( 'Guayaquil', 'continents-cities' ); +__( 'Guyana', 'continents-cities' ); +__( 'Halifax', 'continents-cities' ); +__( 'Havana', 'continents-cities' ); +__( 'Hermosillo', 'continents-cities' ); +__( 'Indiana', 'continents-cities' ); +__( 'Indianapolis', 'continents-cities' ); +__( 'Knox', 'continents-cities' ); +__( 'Marengo', 'continents-cities' ); +__( 'Petersburg', 'continents-cities' ); +__( 'Tell City', 'continents-cities' ); +__( 'Vevay', 'continents-cities' ); +__( 'Vincennes', 'continents-cities' ); +__( 'Winamac', 'continents-cities' ); +__( 'Inuvik', 'continents-cities' ); +__( 'Iqaluit', 'continents-cities' ); +__( 'Jamaica', 'continents-cities' ); +__( 'Juneau', 'continents-cities' ); +__( 'Kentucky', 'continents-cities' ); +__( 'Louisville', 'continents-cities' ); +__( 'Monticello', 'continents-cities' ); +__( 'Knox IN', 'continents-cities' ); +__( 'Kralendijk', 'continents-cities' ); +__( 'La Paz', 'continents-cities' ); +__( 'Lima', 'continents-cities' ); +__( 'Los Angeles', 'continents-cities' ); +__( 'Lower Princes', 'continents-cities' ); +__( 'Maceio', 'continents-cities' ); +__( 'Managua', 'continents-cities' ); +__( 'Manaus', 'continents-cities' ); +__( 'Marigot', 'continents-cities' ); +__( 'Martinique', 'continents-cities' ); +__( 'Matamoros', 'continents-cities' ); +__( 'Mazatlan', 'continents-cities' ); +__( 'Menominee', 'continents-cities' ); +__( 'Merida', 'continents-cities' ); +__( 'Metlakatla', 'continents-cities' ); +__( 'Mexico City', 'continents-cities' ); +__( 'Miquelon', 'continents-cities' ); +__( 'Moncton', 'continents-cities' ); +__( 'Monterrey', 'continents-cities' ); +__( 'Montevideo', 'continents-cities' ); +__( 'Montreal', 'continents-cities' ); +__( 'Montserrat', 'continents-cities' ); +__( 'Nassau', 'continents-cities' ); +__( 'New York', 'continents-cities' ); +__( 'Nipigon', 'continents-cities' ); +__( 'Nome', 'continents-cities' ); +__( 'Noronha', 'continents-cities' ); +__( 'North Dakota', 'continents-cities' ); +__( 'Beulah', 'continents-cities' ); +__( 'Center', 'continents-cities' ); +__( 'New Salem', 'continents-cities' ); +__( 'Nuuk', 'continents-cities' ); +__( 'Ojinaga', 'continents-cities' ); +__( 'Panama', 'continents-cities' ); +__( 'Pangnirtung', 'continents-cities' ); +__( 'Paramaribo', 'continents-cities' ); +__( 'Phoenix', 'continents-cities' ); +__( 'Port-au-Prince', 'continents-cities' ); +__( 'Port of Spain', 'continents-cities' ); +__( 'Porto Acre', 'continents-cities' ); +__( 'Porto Velho', 'continents-cities' ); +__( 'Puerto Rico', 'continents-cities' ); +__( 'Punta Arenas', 'continents-cities' ); +__( 'Rainy River', 'continents-cities' ); +__( 'Rankin Inlet', 'continents-cities' ); +__( 'Recife', 'continents-cities' ); +__( 'Regina', 'continents-cities' ); +__( 'Resolute', 'continents-cities' ); +__( 'Rio Branco', 'continents-cities' ); +__( 'Rosario', 'continents-cities' ); +__( 'Santa Isabel', 'continents-cities' ); +__( 'Santarem', 'continents-cities' ); +__( 'Santiago', 'continents-cities' ); +__( 'Santo Domingo', 'continents-cities' ); +__( 'Sao Paulo', 'continents-cities' ); +__( 'Scoresbysund', 'continents-cities' ); +__( 'Shiprock', 'continents-cities' ); +__( 'Sitka', 'continents-cities' ); +__( 'St Barthelemy', 'continents-cities' ); +__( 'St Johns', 'continents-cities' ); +__( 'St Kitts', 'continents-cities' ); +__( 'St Lucia', 'continents-cities' ); +__( 'St Thomas', 'continents-cities' ); +__( 'St Vincent', 'continents-cities' ); +__( 'Swift Current', 'continents-cities' ); +__( 'Tegucigalpa', 'continents-cities' ); +__( 'Thule', 'continents-cities' ); +__( 'Thunder Bay', 'continents-cities' ); +__( 'Tijuana', 'continents-cities' ); +__( 'Toronto', 'continents-cities' ); +__( 'Tortola', 'continents-cities' ); +__( 'Vancouver', 'continents-cities' ); +__( 'Virgin', 'continents-cities' ); +__( 'Whitehorse', 'continents-cities' ); +__( 'Winnipeg', 'continents-cities' ); +__( 'Yakutat', 'continents-cities' ); +__( 'Yellowknife', 'continents-cities' ); + +__( 'Antarctica', 'continents-cities' ); +__( 'Casey', 'continents-cities' ); +__( 'Davis', 'continents-cities' ); +__( 'DumontDUrville', 'continents-cities' ); +__( 'Macquarie', 'continents-cities' ); +__( 'Mawson', 'continents-cities' ); +__( 'McMurdo', 'continents-cities' ); +__( 'Palmer', 'continents-cities' ); +__( 'Rothera', 'continents-cities' ); +__( 'South Pole', 'continents-cities' ); +__( 'Syowa', 'continents-cities' ); +__( 'Troll', 'continents-cities' ); +__( 'Vostok', 'continents-cities' ); + +__( 'Arctic', 'continents-cities' ); +__( 'Longyearbyen', 'continents-cities' ); + +__( 'Asia', 'continents-cities' ); +__( 'Aden', 'continents-cities' ); +__( 'Almaty', 'continents-cities' ); +__( 'Amman', 'continents-cities' ); +__( 'Anadyr', 'continents-cities' ); +__( 'Aqtau', 'continents-cities' ); +__( 'Aqtobe', 'continents-cities' ); +__( 'Ashgabat', 'continents-cities' ); +__( 'Ashkhabad', 'continents-cities' ); +__( 'Atyrau', 'continents-cities' ); +__( 'Baghdad', 'continents-cities' ); +__( 'Bahrain', 'continents-cities' ); +__( 'Baku', 'continents-cities' ); +__( 'Bangkok', 'continents-cities' ); +__( 'Barnaul', 'continents-cities' ); +__( 'Beirut', 'continents-cities' ); +__( 'Bishkek', 'continents-cities' ); +__( 'Brunei', 'continents-cities' ); +__( 'Calcutta', 'continents-cities' ); +__( 'Chita', 'continents-cities' ); +__( 'Choibalsan', 'continents-cities' ); +__( 'Chongqing', 'continents-cities' ); +__( 'Chungking', 'continents-cities' ); +__( 'Colombo', 'continents-cities' ); +__( 'Dacca', 'continents-cities' ); +__( 'Damascus', 'continents-cities' ); +__( 'Dhaka', 'continents-cities' ); +__( 'Dili', 'continents-cities' ); +__( 'Dubai', 'continents-cities' ); +__( 'Dushanbe', 'continents-cities' ); +__( 'Famagusta', 'continents-cities' ); +__( 'Gaza', 'continents-cities' ); +__( 'Harbin', 'continents-cities' ); +__( 'Hebron', 'continents-cities' ); +__( 'Ho Chi Minh', 'continents-cities' ); +__( 'Hong Kong', 'continents-cities' ); +__( 'Hovd', 'continents-cities' ); +__( 'Irkutsk', 'continents-cities' ); +__( 'Jakarta', 'continents-cities' ); +__( 'Jayapura', 'continents-cities' ); +__( 'Jerusalem', 'continents-cities' ); +__( 'Kabul', 'continents-cities' ); +__( 'Kamchatka', 'continents-cities' ); +__( 'Karachi', 'continents-cities' ); +__( 'Kashgar', 'continents-cities' ); +__( 'Kathmandu', 'continents-cities' ); +__( 'Katmandu', 'continents-cities' ); +__( 'Khandyga', 'continents-cities' ); +__( 'Kolkata', 'continents-cities' ); +__( 'Krasnoyarsk', 'continents-cities' ); +__( 'Kuala Lumpur', 'continents-cities' ); +__( 'Kuching', 'continents-cities' ); +__( 'Kuwait', 'continents-cities' ); +__( 'Macao', 'continents-cities' ); +__( 'Macau', 'continents-cities' ); +__( 'Magadan', 'continents-cities' ); +__( 'Makassar', 'continents-cities' ); +__( 'Manila', 'continents-cities' ); +__( 'Muscat', 'continents-cities' ); +__( 'Nicosia', 'continents-cities' ); +__( 'Novokuznetsk', 'continents-cities' ); +__( 'Novosibirsk', 'continents-cities' ); +__( 'Omsk', 'continents-cities' ); +__( 'Oral', 'continents-cities' ); +__( 'Phnom Penh', 'continents-cities' ); +__( 'Pontianak', 'continents-cities' ); +__( 'Pyongyang', 'continents-cities' ); +__( 'Qatar', 'continents-cities' ); +__( 'Qostanay', 'continents-cities' ); +__( 'Qyzylorda', 'continents-cities' ); +__( 'Rangoon', 'continents-cities' ); +__( 'Riyadh', 'continents-cities' ); +__( 'Saigon', 'continents-cities' ); +__( 'Sakhalin', 'continents-cities' ); +__( 'Samarkand', 'continents-cities' ); +__( 'Seoul', 'continents-cities' ); +__( 'Shanghai', 'continents-cities' ); +__( 'Singapore', 'continents-cities' ); +__( 'Srednekolymsk', 'continents-cities' ); +__( 'Taipei', 'continents-cities' ); +__( 'Tashkent', 'continents-cities' ); +__( 'Tbilisi', 'continents-cities' ); +__( 'Tehran', 'continents-cities' ); +__( 'Tel Aviv', 'continents-cities' ); +__( 'Thimbu', 'continents-cities' ); +__( 'Thimphu', 'continents-cities' ); +__( 'Tokyo', 'continents-cities' ); +__( 'Tomsk', 'continents-cities' ); +__( 'Ujung Pandang', 'continents-cities' ); +__( 'Ulaanbaatar', 'continents-cities' ); +__( 'Ulan Bator', 'continents-cities' ); +__( 'Urumqi', 'continents-cities' ); +__( 'Ust-Nera', 'continents-cities' ); +__( 'Vientiane', 'continents-cities' ); +__( 'Vladivostok', 'continents-cities' ); +__( 'Yakutsk', 'continents-cities' ); +__( 'Yangon', 'continents-cities' ); +__( 'Yekaterinburg', 'continents-cities' ); +__( 'Yerevan', 'continents-cities' ); + +__( 'Atlantic', 'continents-cities' ); +__( 'Azores', 'continents-cities' ); +__( 'Bermuda', 'continents-cities' ); +__( 'Canary', 'continents-cities' ); +__( 'Cape Verde', 'continents-cities' ); +__( 'Faeroe', 'continents-cities' ); +__( 'Faroe', 'continents-cities' ); +__( 'Jan Mayen', 'continents-cities' ); +__( 'Madeira', 'continents-cities' ); +__( 'Reykjavik', 'continents-cities' ); +__( 'South Georgia', 'continents-cities' ); +__( 'St Helena', 'continents-cities' ); +__( 'Stanley', 'continents-cities' ); + +__( 'Australia', 'continents-cities' ); +__( 'ACT', 'continents-cities' ); +__( 'Adelaide', 'continents-cities' ); +__( 'Brisbane', 'continents-cities' ); +__( 'Broken Hill', 'continents-cities' ); +__( 'Canberra', 'continents-cities' ); +__( 'Currie', 'continents-cities' ); +__( 'Darwin', 'continents-cities' ); +__( 'Eucla', 'continents-cities' ); +__( 'Hobart', 'continents-cities' ); +__( 'LHI', 'continents-cities' ); +__( 'Lindeman', 'continents-cities' ); +__( 'Lord Howe', 'continents-cities' ); +__( 'Melbourne', 'continents-cities' ); +__( 'NSW', 'continents-cities' ); +__( 'North', 'continents-cities' ); +__( 'Perth', 'continents-cities' ); +__( 'Queensland', 'continents-cities' ); +__( 'South', 'continents-cities' ); +__( 'Sydney', 'continents-cities' ); +__( 'Tasmania', 'continents-cities' ); +__( 'Victoria', 'continents-cities' ); +__( 'West', 'continents-cities' ); +__( 'Yancowinna', 'continents-cities' ); + +__( 'Etc', 'continents-cities' ); +__( 'GMT', 'continents-cities' ); +__( 'GMT+0', 'continents-cities' ); +__( 'GMT+1', 'continents-cities' ); +__( 'GMT+10', 'continents-cities' ); +__( 'GMT+11', 'continents-cities' ); +__( 'GMT+12', 'continents-cities' ); +__( 'GMT+2', 'continents-cities' ); +__( 'GMT+3', 'continents-cities' ); +__( 'GMT+4', 'continents-cities' ); +__( 'GMT+5', 'continents-cities' ); +__( 'GMT+6', 'continents-cities' ); +__( 'GMT+7', 'continents-cities' ); +__( 'GMT+8', 'continents-cities' ); +__( 'GMT+9', 'continents-cities' ); +__( 'GMT-0', 'continents-cities' ); +__( 'GMT-1', 'continents-cities' ); +__( 'GMT-10', 'continents-cities' ); +__( 'GMT-11', 'continents-cities' ); +__( 'GMT-12', 'continents-cities' ); +__( 'GMT-13', 'continents-cities' ); +__( 'GMT-14', 'continents-cities' ); +__( 'GMT-2', 'continents-cities' ); +__( 'GMT-3', 'continents-cities' ); +__( 'GMT-4', 'continents-cities' ); +__( 'GMT-5', 'continents-cities' ); +__( 'GMT-6', 'continents-cities' ); +__( 'GMT-7', 'continents-cities' ); +__( 'GMT-8', 'continents-cities' ); +__( 'GMT-9', 'continents-cities' ); +__( 'GMT0', 'continents-cities' ); +__( 'Greenwich', 'continents-cities' ); +__( 'UCT', 'continents-cities' ); +__( 'UTC', 'continents-cities' ); +__( 'Universal', 'continents-cities' ); +__( 'Zulu', 'continents-cities' ); + +__( 'Europe', 'continents-cities' ); +__( 'Amsterdam', 'continents-cities' ); +__( 'Andorra', 'continents-cities' ); +__( 'Astrakhan', 'continents-cities' ); +__( 'Athens', 'continents-cities' ); +__( 'Belfast', 'continents-cities' ); +__( 'Belgrade', 'continents-cities' ); +__( 'Berlin', 'continents-cities' ); +__( 'Bratislava', 'continents-cities' ); +__( 'Brussels', 'continents-cities' ); +__( 'Bucharest', 'continents-cities' ); +__( 'Budapest', 'continents-cities' ); +__( 'Busingen', 'continents-cities' ); +__( 'Chisinau', 'continents-cities' ); +__( 'Copenhagen', 'continents-cities' ); +__( 'Dublin', 'continents-cities' ); +__( 'Gibraltar', 'continents-cities' ); +__( 'Guernsey', 'continents-cities' ); +__( 'Helsinki', 'continents-cities' ); +__( 'Isle of Man', 'continents-cities' ); +__( 'Istanbul', 'continents-cities' ); +__( 'Jersey', 'continents-cities' ); +__( 'Kaliningrad', 'continents-cities' ); +__( 'Kiev', 'continents-cities' ); +__( 'Kyiv', 'continents-cities' ); +__( 'Kirov', 'continents-cities' ); +__( 'Lisbon', 'continents-cities' ); +__( 'Ljubljana', 'continents-cities' ); +__( 'London', 'continents-cities' ); +__( 'Luxembourg', 'continents-cities' ); +__( 'Madrid', 'continents-cities' ); +__( 'Malta', 'continents-cities' ); +__( 'Mariehamn', 'continents-cities' ); +__( 'Minsk', 'continents-cities' ); +__( 'Monaco', 'continents-cities' ); +__( 'Moscow', 'continents-cities' ); +__( 'Oslo', 'continents-cities' ); +__( 'Paris', 'continents-cities' ); +__( 'Podgorica', 'continents-cities' ); +__( 'Prague', 'continents-cities' ); +__( 'Riga', 'continents-cities' ); +__( 'Rome', 'continents-cities' ); +__( 'Samara', 'continents-cities' ); +__( 'San Marino', 'continents-cities' ); +__( 'Sarajevo', 'continents-cities' ); +__( 'Saratov', 'continents-cities' ); +__( 'Simferopol', 'continents-cities' ); +__( 'Skopje', 'continents-cities' ); +__( 'Sofia', 'continents-cities' ); +__( 'Stockholm', 'continents-cities' ); +__( 'Tallinn', 'continents-cities' ); +__( 'Tirane', 'continents-cities' ); +__( 'Tiraspol', 'continents-cities' ); +__( 'Ulyanovsk', 'continents-cities' ); +__( 'Uzhgorod', 'continents-cities' ); +__( 'Vaduz', 'continents-cities' ); +__( 'Vatican', 'continents-cities' ); +__( 'Vienna', 'continents-cities' ); +__( 'Vilnius', 'continents-cities' ); +__( 'Volgograd', 'continents-cities' ); +__( 'Warsaw', 'continents-cities' ); +__( 'Zagreb', 'continents-cities' ); +__( 'Zaporozhye', 'continents-cities' ); +__( 'Zurich', 'continents-cities' ); + +__( 'Indian', 'continents-cities' ); +__( 'Antananarivo', 'continents-cities' ); +__( 'Chagos', 'continents-cities' ); +__( 'Christmas', 'continents-cities' ); +__( 'Cocos', 'continents-cities' ); +__( 'Comoro', 'continents-cities' ); +__( 'Kerguelen', 'continents-cities' ); +__( 'Mahe', 'continents-cities' ); +__( 'Maldives', 'continents-cities' ); +__( 'Mauritius', 'continents-cities' ); +__( 'Mayotte', 'continents-cities' ); +__( 'Reunion', 'continents-cities' ); + +__( 'Pacific', 'continents-cities' ); +__( 'Apia', 'continents-cities' ); +__( 'Auckland', 'continents-cities' ); +__( 'Bougainville', 'continents-cities' ); +__( 'Chatham', 'continents-cities' ); +__( 'Chuuk', 'continents-cities' ); +__( 'Easter', 'continents-cities' ); +__( 'Efate', 'continents-cities' ); +__( 'Enderbury', 'continents-cities' ); +__( 'Fakaofo', 'continents-cities' ); +__( 'Fiji', 'continents-cities' ); +__( 'Funafuti', 'continents-cities' ); +__( 'Galapagos', 'continents-cities' ); +__( 'Gambier', 'continents-cities' ); +__( 'Guadalcanal', 'continents-cities' ); +__( 'Guam', 'continents-cities' ); +__( 'Honolulu', 'continents-cities' ); +__( 'Johnston', 'continents-cities' ); +__( 'Kanton', 'continents-cities' ); +__( 'Kiritimati', 'continents-cities' ); +__( 'Kosrae', 'continents-cities' ); +__( 'Kwajalein', 'continents-cities' ); +__( 'Majuro', 'continents-cities' ); +__( 'Marquesas', 'continents-cities' ); +__( 'Midway', 'continents-cities' ); +__( 'Nauru', 'continents-cities' ); +__( 'Niue', 'continents-cities' ); +__( 'Norfolk', 'continents-cities' ); +__( 'Noumea', 'continents-cities' ); +__( 'Pago Pago', 'continents-cities' ); +__( 'Palau', 'continents-cities' ); +__( 'Pitcairn', 'continents-cities' ); +__( 'Pohnpei', 'continents-cities' ); +__( 'Ponape', 'continents-cities' ); +__( 'Port Moresby', 'continents-cities' ); +__( 'Rarotonga', 'continents-cities' ); +__( 'Saipan', 'continents-cities' ); +__( 'Samoa', 'continents-cities' ); +__( 'Tahiti', 'continents-cities' ); +__( 'Tarawa', 'continents-cities' ); +__( 'Tongatapu', 'continents-cities' ); +__( 'Truk', 'continents-cities' ); +__( 'Wake', 'continents-cities' ); +__( 'Wallis', 'continents-cities' ); +__( 'Yap', 'continents-cities' ); diff --git a/wp-admin/includes/credits.php b/wp-admin/includes/credits.php new file mode 100644 index 0000000..907ee93 --- /dev/null +++ b/wp-admin/includes/credits.php @@ -0,0 +1,166 @@ +<?php +/** + * WordPress Credits Administration API. + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Retrieves the contributor credits. + * + * @since 3.2.0 + * @since 5.6.0 Added the `$version` and `$locale` parameters. + * + * @param string $version WordPress version. Defaults to the current version. + * @param string $locale WordPress locale. Defaults to the current user's locale. + * @return array|false A list of all of the contributors, or false on error. + */ +function wp_credits( $version = '', $locale = '' ) { + if ( ! $version ) { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $version = $wp_version; + } + + if ( ! $locale ) { + $locale = get_user_locale(); + } + + $results = get_site_transient( 'wordpress_credits_' . $locale ); + + if ( ! is_array( $results ) + || str_contains( $version, '-' ) + || ( isset( $results['data']['version'] ) && ! str_starts_with( $version, $results['data']['version'] ) ) + ) { + $url = "http://api.wordpress.org/core/credits/1.1/?version={$version}&locale={$locale}"; + $options = array( 'user-agent' => 'WordPress/' . $version . '; ' . home_url( '/' ) ); + + if ( wp_http_supports( array( 'ssl' ) ) ) { + $url = set_url_scheme( $url, 'https' ); + } + + $response = wp_remote_get( $url, $options ); + + if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { + return false; + } + + $results = json_decode( wp_remote_retrieve_body( $response ), true ); + + if ( ! is_array( $results ) ) { + return false; + } + + set_site_transient( 'wordpress_credits_' . $locale, $results, DAY_IN_SECONDS ); + } + + return $results; +} + +/** + * Retrieves the link to a contributor's WordPress.org profile page. + * + * @access private + * @since 3.2.0 + * + * @param string $display_name The contributor's display name (passed by reference). + * @param string $username The contributor's username. + * @param string $profiles URL to the contributor's WordPress.org profile page. + */ +function _wp_credits_add_profile_link( &$display_name, $username, $profiles ) { + $display_name = '<a href="' . esc_url( sprintf( $profiles, $username ) ) . '">' . esc_html( $display_name ) . '</a>'; +} + +/** + * Retrieves the link to an external library used in WordPress. + * + * @access private + * @since 3.2.0 + * + * @param string $data External library data (passed by reference). + */ +function _wp_credits_build_object_link( &$data ) { + $data = '<a href="' . esc_url( $data[1] ) . '">' . esc_html( $data[0] ) . '</a>'; +} + +/** + * Displays the title for a given group of contributors. + * + * @since 5.3.0 + * + * @param array $group_data The current contributor group. + */ +function wp_credits_section_title( $group_data = array() ) { + if ( ! count( $group_data ) ) { + return; + } + + if ( $group_data['name'] ) { + if ( 'Translators' === $group_data['name'] ) { + // Considered a special slug in the API response. (Also, will never be returned for en_US.) + $title = _x( 'Translators', 'Translate this to be the equivalent of English Translators in your language for the credits page Translators section' ); + } elseif ( isset( $group_data['placeholders'] ) ) { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText + $title = vsprintf( translate( $group_data['name'] ), $group_data['placeholders'] ); + } else { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText + $title = translate( $group_data['name'] ); + } + + echo '<h2 class="wp-people-group-title">' . esc_html( $title ) . "</h2>\n"; + } +} + +/** + * Displays a list of contributors for a given group. + * + * @since 5.3.0 + * + * @param array $credits The credits groups returned from the API. + * @param string $slug The current group to display. + */ +function wp_credits_section_list( $credits = array(), $slug = '' ) { + $group_data = isset( $credits['groups'][ $slug ] ) ? $credits['groups'][ $slug ] : array(); + $credits_data = $credits['data']; + if ( ! count( $group_data ) ) { + return; + } + + if ( ! empty( $group_data['shuffle'] ) ) { + shuffle( $group_data['data'] ); // We were going to sort by ability to pronounce "hierarchical," but that wouldn't be fair to Matt. + } + + switch ( $group_data['type'] ) { + case 'list': + array_walk( $group_data['data'], '_wp_credits_add_profile_link', $credits_data['profiles'] ); + echo '<p class="wp-credits-list">' . wp_sprintf( '%l.', $group_data['data'] ) . "</p>\n\n"; + break; + case 'libraries': + array_walk( $group_data['data'], '_wp_credits_build_object_link' ); + echo '<p class="wp-credits-list">' . wp_sprintf( '%l.', $group_data['data'] ) . "</p>\n\n"; + break; + default: + $compact = 'compact' === $group_data['type']; + $classes = 'wp-people-group ' . ( $compact ? 'compact' : '' ); + echo '<ul class="' . $classes . '" id="wp-people-group-' . $slug . '">' . "\n"; + foreach ( $group_data['data'] as $person_data ) { + echo '<li class="wp-person" id="wp-person-' . esc_attr( $person_data[2] ) . '">' . "\n\t"; + echo '<a href="' . esc_url( sprintf( $credits_data['profiles'], $person_data[2] ) ) . '" class="web">'; + $size = $compact ? 80 : 160; + $data = get_avatar_data( $person_data[1] . '@md5.gravatar.com', array( 'size' => $size ) ); + $data2x = get_avatar_data( $person_data[1] . '@md5.gravatar.com', array( 'size' => $size * 2 ) ); + echo '<span class="wp-person-avatar"><img src="' . esc_url( $data['url'] ) . '" srcset="' . esc_url( $data2x['url'] ) . ' 2x" class="gravatar" alt="" /></span>' . "\n"; + echo esc_html( $person_data[0] ) . "</a>\n\t"; + if ( ! $compact && ! empty( $person_data[3] ) ) { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText + echo '<span class="title">' . translate( $person_data[3] ) . "</span>\n"; + } + echo "</li>\n"; + } + echo "</ul>\n"; + break; + } +} diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php new file mode 100644 index 0000000..5b50423 --- /dev/null +++ b/wp-admin/includes/dashboard.php @@ -0,0 +1,2137 @@ +<?php +/** + * WordPress Dashboard Widget Administration Screen API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Registers dashboard widgets. + * + * Handles POST data, sets up filters. + * + * @since 2.5.0 + * + * @global array $wp_registered_widgets + * @global array $wp_registered_widget_controls + * @global callable[] $wp_dashboard_control_callbacks + */ +function wp_dashboard_setup() { + global $wp_registered_widgets, $wp_registered_widget_controls, $wp_dashboard_control_callbacks; + + $screen = get_current_screen(); + + /* Register Widgets and Controls */ + $wp_dashboard_control_callbacks = array(); + + // Browser version + $check_browser = wp_check_browser_version(); + + if ( $check_browser && $check_browser['upgrade'] ) { + add_filter( 'postbox_classes_dashboard_dashboard_browser_nag', 'dashboard_browser_nag_class' ); + + if ( $check_browser['insecure'] ) { + wp_add_dashboard_widget( 'dashboard_browser_nag', __( 'You are using an insecure browser!' ), 'wp_dashboard_browser_nag' ); + } else { + wp_add_dashboard_widget( 'dashboard_browser_nag', __( 'Your browser is out of date!' ), 'wp_dashboard_browser_nag' ); + } + } + + // PHP Version. + $check_php = wp_check_php_version(); + + if ( $check_php && current_user_can( 'update_php' ) ) { + // If "not acceptable" the widget will be shown. + if ( isset( $check_php['is_acceptable'] ) && ! $check_php['is_acceptable'] ) { + add_filter( 'postbox_classes_dashboard_dashboard_php_nag', 'dashboard_php_nag_class' ); + + if ( $check_php['is_lower_than_future_minimum'] ) { + wp_add_dashboard_widget( 'dashboard_php_nag', __( 'PHP Update Required' ), 'wp_dashboard_php_nag' ); + } else { + wp_add_dashboard_widget( 'dashboard_php_nag', __( 'PHP Update Recommended' ), 'wp_dashboard_php_nag' ); + } + } + } + + // Site Health. + if ( current_user_can( 'view_site_health_checks' ) && ! is_network_admin() ) { + if ( ! class_exists( 'WP_Site_Health' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-site-health.php'; + } + + WP_Site_Health::get_instance(); + + wp_enqueue_style( 'site-health' ); + wp_enqueue_script( 'site-health' ); + + wp_add_dashboard_widget( 'dashboard_site_health', __( 'Site Health Status' ), 'wp_dashboard_site_health' ); + } + + // Right Now. + if ( is_blog_admin() && current_user_can( 'edit_posts' ) ) { + wp_add_dashboard_widget( 'dashboard_right_now', __( 'At a Glance' ), 'wp_dashboard_right_now' ); + } + + if ( is_network_admin() ) { + wp_add_dashboard_widget( 'network_dashboard_right_now', __( 'Right Now' ), 'wp_network_dashboard_right_now' ); + } + + // Activity Widget. + if ( is_blog_admin() ) { + wp_add_dashboard_widget( 'dashboard_activity', __( 'Activity' ), 'wp_dashboard_site_activity' ); + } + + // QuickPress Widget. + if ( is_blog_admin() && current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) { + $quick_draft_title = sprintf( '<span class="hide-if-no-js">%1$s</span> <span class="hide-if-js">%2$s</span>', __( 'Quick Draft' ), __( 'Your Recent Drafts' ) ); + wp_add_dashboard_widget( 'dashboard_quick_press', $quick_draft_title, 'wp_dashboard_quick_press' ); + } + + // WordPress Events and News. + wp_add_dashboard_widget( 'dashboard_primary', __( 'WordPress Events and News' ), 'wp_dashboard_events_news' ); + + if ( is_network_admin() ) { + + /** + * Fires after core widgets for the Network Admin dashboard have been registered. + * + * @since 3.1.0 + */ + do_action( 'wp_network_dashboard_setup' ); + + /** + * Filters the list of widgets to load for the Network Admin dashboard. + * + * @since 3.1.0 + * + * @param string[] $dashboard_widgets An array of dashboard widget IDs. + */ + $dashboard_widgets = apply_filters( 'wp_network_dashboard_widgets', array() ); + } elseif ( is_user_admin() ) { + + /** + * Fires after core widgets for the User Admin dashboard have been registered. + * + * @since 3.1.0 + */ + do_action( 'wp_user_dashboard_setup' ); + + /** + * Filters the list of widgets to load for the User Admin dashboard. + * + * @since 3.1.0 + * + * @param string[] $dashboard_widgets An array of dashboard widget IDs. + */ + $dashboard_widgets = apply_filters( 'wp_user_dashboard_widgets', array() ); + } else { + + /** + * Fires after core widgets for the admin dashboard have been registered. + * + * @since 2.5.0 + */ + do_action( 'wp_dashboard_setup' ); + + /** + * Filters the list of widgets to load for the admin dashboard. + * + * @since 2.5.0 + * + * @param string[] $dashboard_widgets An array of dashboard widget IDs. + */ + $dashboard_widgets = apply_filters( 'wp_dashboard_widgets', array() ); + } + + foreach ( $dashboard_widgets as $widget_id ) { + $name = empty( $wp_registered_widgets[ $widget_id ]['all_link'] ) ? $wp_registered_widgets[ $widget_id ]['name'] : $wp_registered_widgets[ $widget_id ]['name'] . " <a href='{$wp_registered_widgets[$widget_id]['all_link']}' class='edit-box open-box'>" . __( 'View all' ) . '</a>'; + wp_add_dashboard_widget( $widget_id, $name, $wp_registered_widgets[ $widget_id ]['callback'], $wp_registered_widget_controls[ $widget_id ]['callback'] ); + } + + if ( 'POST' === $_SERVER['REQUEST_METHOD'] && isset( $_POST['widget_id'] ) ) { + check_admin_referer( 'edit-dashboard-widget_' . $_POST['widget_id'], 'dashboard-widget-nonce' ); + ob_start(); // Hack - but the same hack wp-admin/widgets.php uses. + wp_dashboard_trigger_widget_control( $_POST['widget_id'] ); + ob_end_clean(); + wp_redirect( remove_query_arg( 'edit' ) ); + exit; + } + + /** This action is documented in wp-admin/includes/meta-boxes.php */ + do_action( 'do_meta_boxes', $screen->id, 'normal', '' ); + + /** This action is documented in wp-admin/includes/meta-boxes.php */ + do_action( 'do_meta_boxes', $screen->id, 'side', '' ); +} + +/** + * Adds a new dashboard widget. + * + * @since 2.7.0 + * @since 5.6.0 The `$context` and `$priority` parameters were added. + * + * @global callable[] $wp_dashboard_control_callbacks + * + * @param string $widget_id Widget ID (used in the 'id' attribute for the widget). + * @param string $widget_name Title of the widget. + * @param callable $callback Function that fills the widget with the desired content. + * The function should echo its output. + * @param callable $control_callback Optional. Function that outputs controls for the widget. Default null. + * @param array $callback_args Optional. Data that should be set as the $args property of the widget array + * (which is the second parameter passed to your callback). Default null. + * @param string $context Optional. The context within the screen where the box should display. + * Accepts 'normal', 'side', 'column3', or 'column4'. Default 'normal'. + * @param string $priority Optional. The priority within the context where the box should show. + * Accepts 'high', 'core', 'default', or 'low'. Default 'core'. + */ +function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_callback = null, $callback_args = null, $context = 'normal', $priority = 'core' ) { + global $wp_dashboard_control_callbacks; + + $screen = get_current_screen(); + + $private_callback_args = array( '__widget_basename' => $widget_name ); + + if ( is_null( $callback_args ) ) { + $callback_args = $private_callback_args; + } elseif ( is_array( $callback_args ) ) { + $callback_args = array_merge( $callback_args, $private_callback_args ); + } + + if ( $control_callback && is_callable( $control_callback ) && current_user_can( 'edit_dashboard' ) ) { + $wp_dashboard_control_callbacks[ $widget_id ] = $control_callback; + + if ( isset( $_GET['edit'] ) && $widget_id === $_GET['edit'] ) { + list($url) = explode( '#', add_query_arg( 'edit', false ), 2 ); + $widget_name .= ' <span class="postbox-title-action"><a href="' . esc_url( $url ) . '">' . __( 'Cancel' ) . '</a></span>'; + $callback = '_wp_dashboard_control_callback'; + } else { + list($url) = explode( '#', add_query_arg( 'edit', $widget_id ), 2 ); + $widget_name .= ' <span class="postbox-title-action"><a href="' . esc_url( "$url#$widget_id" ) . '" class="edit-box open-box">' . __( 'Configure' ) . '</a></span>'; + } + } + + $side_widgets = array( 'dashboard_quick_press', 'dashboard_primary' ); + + if ( in_array( $widget_id, $side_widgets, true ) ) { + $context = 'side'; + } + + $high_priority_widgets = array( 'dashboard_browser_nag', 'dashboard_php_nag' ); + + if ( in_array( $widget_id, $high_priority_widgets, true ) ) { + $priority = 'high'; + } + + if ( empty( $context ) ) { + $context = 'normal'; + } + + if ( empty( $priority ) ) { + $priority = 'core'; + } + + add_meta_box( $widget_id, $widget_name, $callback, $screen, $context, $priority, $callback_args ); +} + +/** + * Outputs controls for the current dashboard widget. + * + * @access private + * @since 2.7.0 + * + * @param mixed $dashboard + * @param array $meta_box + */ +function _wp_dashboard_control_callback( $dashboard, $meta_box ) { + echo '<form method="post" class="dashboard-widget-control-form wp-clearfix">'; + wp_dashboard_trigger_widget_control( $meta_box['id'] ); + wp_nonce_field( 'edit-dashboard-widget_' . $meta_box['id'], 'dashboard-widget-nonce' ); + echo '<input type="hidden" name="widget_id" value="' . esc_attr( $meta_box['id'] ) . '" />'; + submit_button( __( 'Save Changes' ) ); + echo '</form>'; +} + +/** + * Displays the dashboard. + * + * @since 2.5.0 + */ +function wp_dashboard() { + $screen = get_current_screen(); + $columns = absint( $screen->get_columns() ); + $columns_css = ''; + + if ( $columns ) { + $columns_css = " columns-$columns"; + } + ?> +<div id="dashboard-widgets" class="metabox-holder<?php echo $columns_css; ?>"> + <div id="postbox-container-1" class="postbox-container"> + <?php do_meta_boxes( $screen->id, 'normal', '' ); ?> + </div> + <div id="postbox-container-2" class="postbox-container"> + <?php do_meta_boxes( $screen->id, 'side', '' ); ?> + </div> + <div id="postbox-container-3" class="postbox-container"> + <?php do_meta_boxes( $screen->id, 'column3', '' ); ?> + </div> + <div id="postbox-container-4" class="postbox-container"> + <?php do_meta_boxes( $screen->id, 'column4', '' ); ?> + </div> +</div> + + <?php + wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false ); + wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false ); +} + +// +// Dashboard Widgets. +// + +/** + * Dashboard widget that displays some basic stats about the site. + * + * Formerly 'Right Now'. A streamlined 'At a Glance' as of 3.8. + * + * @since 2.7.0 + */ +function wp_dashboard_right_now() { + ?> + <div class="main"> + <ul> + <?php + // Posts and Pages. + foreach ( array( 'post', 'page' ) as $post_type ) { + $num_posts = wp_count_posts( $post_type ); + + if ( $num_posts && $num_posts->publish ) { + if ( 'post' === $post_type ) { + /* translators: %s: Number of posts. */ + $text = _n( '%s Post', '%s Posts', $num_posts->publish ); + } else { + /* translators: %s: Number of pages. */ + $text = _n( '%s Page', '%s Pages', $num_posts->publish ); + } + + $text = sprintf( $text, number_format_i18n( $num_posts->publish ) ); + $post_type_object = get_post_type_object( $post_type ); + + if ( $post_type_object && current_user_can( $post_type_object->cap->edit_posts ) ) { + printf( '<li class="%1$s-count"><a href="edit.php?post_type=%1$s">%2$s</a></li>', $post_type, $text ); + } else { + printf( '<li class="%1$s-count"><span>%2$s</span></li>', $post_type, $text ); + } + } + } + + // Comments. + $num_comm = wp_count_comments(); + + if ( $num_comm && ( $num_comm->approved || $num_comm->moderated ) ) { + /* translators: %s: Number of comments. */ + $text = sprintf( _n( '%s Comment', '%s Comments', $num_comm->approved ), number_format_i18n( $num_comm->approved ) ); + ?> + <li class="comment-count"> + <a href="edit-comments.php"><?php echo $text; ?></a> + </li> + <?php + $moderated_comments_count_i18n = number_format_i18n( $num_comm->moderated ); + /* translators: %s: Number of comments. */ + $text = sprintf( _n( '%s Comment in moderation', '%s Comments in moderation', $num_comm->moderated ), $moderated_comments_count_i18n ); + ?> + <li class="comment-mod-count<?php echo ! $num_comm->moderated ? ' hidden' : ''; ?>"> + <a href="edit-comments.php?comment_status=moderated" class="comments-in-moderation-text"><?php echo $text; ?></a> + </li> + <?php + } + + /** + * Filters the array of extra elements to list in the 'At a Glance' + * dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. Each element + * is wrapped in list-item tags on output. + * + * @since 3.8.0 + * + * @param string[] $items Array of extra 'At a Glance' widget items. + */ + $elements = apply_filters( 'dashboard_glance_items', array() ); + + if ( $elements ) { + echo '<li>' . implode( "</li>\n<li>", $elements ) . "</li>\n"; + } + + ?> + </ul> + <?php + update_right_now_message(); + + // Check if search engines are asked not to index this site. + if ( ! is_network_admin() && ! is_user_admin() + && current_user_can( 'manage_options' ) && ! get_option( 'blog_public' ) + ) { + + /** + * Filters the link title attribute for the 'Search engines discouraged' + * message displayed in the 'At a Glance' dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. + * + * @since 3.0.0 + * @since 4.5.0 The default for `$title` was updated to an empty string. + * + * @param string $title Default attribute text. + */ + $title = apply_filters( 'privacy_on_link_title', '' ); + + /** + * Filters the link label for the 'Search engines discouraged' message + * displayed in the 'At a Glance' dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. + * + * @since 3.0.0 + * + * @param string $content Default text. + */ + $content = apply_filters( 'privacy_on_link_text', __( 'Search engines discouraged' ) ); + + $title_attr = '' === $title ? '' : " title='$title'"; + + echo "<p class='search-engines-info'><a href='options-reading.php'$title_attr>$content</a></p>"; + } + ?> + </div> + <?php + /* + * activity_box_end has a core action, but only prints content when multisite. + * Using an output buffer is the only way to really check if anything's displayed here. + */ + ob_start(); + + /** + * Fires at the end of the 'At a Glance' dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. + * + * @since 2.5.0 + */ + do_action( 'rightnow_end' ); + + /** + * Fires at the end of the 'At a Glance' dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. + * + * @since 2.0.0 + */ + do_action( 'activity_box_end' ); + + $actions = ob_get_clean(); + + if ( ! empty( $actions ) ) : + ?> + <div class="sub"> + <?php echo $actions; ?> + </div> + <?php + endif; +} + +/** + * @since 3.1.0 + */ +function wp_network_dashboard_right_now() { + $actions = array(); + + if ( current_user_can( 'create_sites' ) ) { + $actions['create-site'] = '<a href="' . network_admin_url( 'site-new.php' ) . '">' . __( 'Create a New Site' ) . '</a>'; + } + if ( current_user_can( 'create_users' ) ) { + $actions['create-user'] = '<a href="' . network_admin_url( 'user-new.php' ) . '">' . __( 'Create a New User' ) . '</a>'; + } + + $c_users = get_user_count(); + $c_blogs = get_blog_count(); + + /* translators: %s: Number of users on the network. */ + $user_text = sprintf( _n( '%s user', '%s users', $c_users ), number_format_i18n( $c_users ) ); + /* translators: %s: Number of sites on the network. */ + $blog_text = sprintf( _n( '%s site', '%s sites', $c_blogs ), number_format_i18n( $c_blogs ) ); + + /* translators: 1: Text indicating the number of sites on the network, 2: Text indicating the number of users on the network. */ + $sentence = sprintf( __( 'You have %1$s and %2$s.' ), $blog_text, $user_text ); + + if ( $actions ) { + echo '<ul class="subsubsub">'; + foreach ( $actions as $class => $action ) { + $actions[ $class ] = "\t<li class='$class'>$action"; + } + echo implode( " |</li>\n", $actions ) . "</li>\n"; + echo '</ul>'; + } + ?> + <br class="clear" /> + + <p class="youhave"><?php echo $sentence; ?></p> + + + <?php + /** + * Fires in the Network Admin 'Right Now' dashboard widget + * just before the user and site search form fields. + * + * @since MU (3.0.0) + */ + do_action( 'wpmuadminresult' ); + ?> + + <form action="<?php echo esc_url( network_admin_url( 'users.php' ) ); ?>" method="get"> + <p> + <label class="screen-reader-text" for="search-users"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search Users' ); + ?> + </label> + <input type="search" name="s" value="" size="30" autocomplete="off" id="search-users" /> + <?php submit_button( __( 'Search Users' ), '', false, false, array( 'id' => 'submit_users' ) ); ?> + </p> + </form> + + <form action="<?php echo esc_url( network_admin_url( 'sites.php' ) ); ?>" method="get"> + <p> + <label class="screen-reader-text" for="search-sites"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search Sites' ); + ?> + </label> + <input type="search" name="s" value="" size="30" autocomplete="off" id="search-sites" /> + <?php submit_button( __( 'Search Sites' ), '', false, false, array( 'id' => 'submit_sites' ) ); ?> + </p> + </form> + <?php + /** + * Fires at the end of the 'Right Now' widget in the Network Admin dashboard. + * + * @since MU (3.0.0) + */ + do_action( 'mu_rightnow_end' ); + + /** + * Fires at the end of the 'Right Now' widget in the Network Admin dashboard. + * + * @since MU (3.0.0) + */ + do_action( 'mu_activity_box_end' ); +} + +/** + * Displays the Quick Draft widget. + * + * @since 3.8.0 + * + * @global int $post_ID + * + * @param string|false $error_msg Optional. Error message. Default false. + */ +function wp_dashboard_quick_press( $error_msg = false ) { + global $post_ID; + + if ( ! current_user_can( 'edit_posts' ) ) { + return; + } + + // Check if a new auto-draft (= no new post_ID) is needed or if the old can be used. + $last_post_id = (int) get_user_option( 'dashboard_quick_press_last_post_id' ); // Get the last post_ID. + + if ( $last_post_id ) { + $post = get_post( $last_post_id ); + + if ( empty( $post ) || 'auto-draft' !== $post->post_status ) { // auto-draft doesn't exist anymore. + $post = get_default_post_to_edit( 'post', true ); + update_user_option( get_current_user_id(), 'dashboard_quick_press_last_post_id', (int) $post->ID ); // Save post_ID. + } else { + $post->post_title = ''; // Remove the auto draft title. + } + } else { + $post = get_default_post_to_edit( 'post', true ); + $user_id = get_current_user_id(); + + // Don't create an option if this is a super admin who does not belong to this site. + if ( in_array( get_current_blog_id(), array_keys( get_blogs_of_user( $user_id ) ), true ) ) { + update_user_option( $user_id, 'dashboard_quick_press_last_post_id', (int) $post->ID ); // Save post_ID. + } + } + + $post_ID = (int) $post->ID; + ?> + + <form name="post" action="<?php echo esc_url( admin_url( 'post.php' ) ); ?>" method="post" id="quick-press" class="initial-form hide-if-no-js"> + + <?php + if ( $error_msg ) { + wp_admin_notice( + $error_msg, + array( + 'additional_classes' => array( 'error' ), + ) + ); + } + ?> + + <div class="input-text-wrap" id="title-wrap"> + <label for="title"> + <?php + /** This filter is documented in wp-admin/edit-form-advanced.php */ + echo apply_filters( 'enter_title_here', __( 'Title' ), $post ); + ?> + </label> + <input type="text" name="post_title" id="title" autocomplete="off" /> + </div> + + <div class="textarea-wrap" id="description-wrap"> + <label for="content"><?php _e( 'Content' ); ?></label> + <textarea name="content" id="content" placeholder="<?php esc_attr_e( 'What’s on your mind?' ); ?>" class="mceEditor" rows="3" cols="15" autocomplete="off"></textarea> + </div> + + <p class="submit"> + <input type="hidden" name="action" id="quickpost-action" value="post-quickdraft-save" /> + <input type="hidden" name="post_ID" value="<?php echo $post_ID; ?>" /> + <input type="hidden" name="post_type" value="post" /> + <?php wp_nonce_field( 'add-post' ); ?> + <?php submit_button( __( 'Save Draft' ), 'primary', 'save', false, array( 'id' => 'save-post' ) ); ?> + <br class="clear" /> + </p> + + </form> + <?php + wp_dashboard_recent_drafts(); +} + +/** + * Show recent drafts of the user on the dashboard. + * + * @since 2.7.0 + * + * @param WP_Post[]|false $drafts Optional. Array of posts to display. Default false. + */ +function wp_dashboard_recent_drafts( $drafts = false ) { + if ( ! $drafts ) { + $query_args = array( + 'post_type' => 'post', + 'post_status' => 'draft', + 'author' => get_current_user_id(), + 'posts_per_page' => 4, + 'orderby' => 'modified', + 'order' => 'DESC', + ); + + /** + * Filters the post query arguments for the 'Recent Drafts' dashboard widget. + * + * @since 4.4.0 + * + * @param array $query_args The query arguments for the 'Recent Drafts' dashboard widget. + */ + $query_args = apply_filters( 'dashboard_recent_drafts_query_args', $query_args ); + + $drafts = get_posts( $query_args ); + if ( ! $drafts ) { + return; + } + } + + echo '<div class="drafts">'; + + if ( count( $drafts ) > 3 ) { + printf( + '<p class="view-all"><a href="%s">%s</a></p>' . "\n", + esc_url( admin_url( 'edit.php?post_status=draft' ) ), + __( 'View all drafts' ) + ); + } + + echo '<h2 class="hide-if-no-js">' . __( 'Your Recent Drafts' ) . "</h2>\n"; + echo '<ul>'; + + /* translators: Maximum number of words used in a preview of a draft on the dashboard. */ + $draft_length = (int) _x( '10', 'draft_length' ); + + $drafts = array_slice( $drafts, 0, 3 ); + foreach ( $drafts as $draft ) { + $url = get_edit_post_link( $draft->ID ); + $title = _draft_or_post_title( $draft->ID ); + + echo "<li>\n"; + printf( + '<div class="draft-title"><a href="%s" aria-label="%s">%s</a><time datetime="%s">%s</time></div>', + esc_url( $url ), + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $title ) ), + esc_html( $title ), + get_the_time( 'c', $draft ), + get_the_time( __( 'F j, Y' ), $draft ) + ); + + $the_content = wp_trim_words( $draft->post_content, $draft_length ); + + if ( $the_content ) { + echo '<p>' . $the_content . '</p>'; + } + echo "</li>\n"; + } + + echo "</ul>\n"; + echo '</div>'; +} + +/** + * Outputs a row for the Recent Comments widget. + * + * @access private + * @since 2.7.0 + * + * @global WP_Comment $comment Global comment object. + * + * @param WP_Comment $comment The current comment. + * @param bool $show_date Optional. Whether to display the date. + */ +function _wp_dashboard_recent_comments_row( &$comment, $show_date = true ) { + $GLOBALS['comment'] = clone $comment; + + if ( $comment->comment_post_ID > 0 ) { + $comment_post_title = _draft_or_post_title( $comment->comment_post_ID ); + $comment_post_url = get_the_permalink( $comment->comment_post_ID ); + $comment_post_link = '<a href="' . esc_url( $comment_post_url ) . '">' . $comment_post_title . '</a>'; + } else { + $comment_post_link = ''; + } + + $actions_string = ''; + if ( current_user_can( 'edit_comment', $comment->comment_ID ) ) { + // Pre-order it: Approve | Reply | Edit | Spam | Trash. + $actions = array( + 'approve' => '', + 'unapprove' => '', + 'reply' => '', + 'edit' => '', + 'spam' => '', + 'trash' => '', + 'delete' => '', + 'view' => '', + ); + + $del_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "delete-comment_$comment->comment_ID" ) ); + $approve_nonce = esc_html( '_wpnonce=' . wp_create_nonce( "approve-comment_$comment->comment_ID" ) ); + + $approve_url = esc_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$comment->comment_ID&$approve_nonce" ); + $unapprove_url = esc_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$comment->comment_ID&$approve_nonce" ); + $spam_url = esc_url( "comment.php?action=spamcomment&p=$comment->comment_post_ID&c=$comment->comment_ID&$del_nonce" ); + $trash_url = esc_url( "comment.php?action=trashcomment&p=$comment->comment_post_ID&c=$comment->comment_ID&$del_nonce" ); + $delete_url = esc_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID&$del_nonce" ); + + $actions['approve'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-a aria-button-if-js" aria-label="%s">%s</a>', + $approve_url, + "dim:the-comment-list:comment-{$comment->comment_ID}:unapproved:e7e7d3:e7e7d3:new=approved", + esc_attr__( 'Approve this comment' ), + __( 'Approve' ) + ); + + $actions['unapprove'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-u aria-button-if-js" aria-label="%s">%s</a>', + $unapprove_url, + "dim:the-comment-list:comment-{$comment->comment_ID}:unapproved:e7e7d3:e7e7d3:new=unapproved", + esc_attr__( 'Unapprove this comment' ), + __( 'Unapprove' ) + ); + + $actions['edit'] = sprintf( + '<a href="%s" aria-label="%s">%s</a>', + "comment.php?action=editcomment&c={$comment->comment_ID}", + esc_attr__( 'Edit this comment' ), + __( 'Edit' ) + ); + + $actions['reply'] = sprintf( + '<button type="button" onclick="window.commentReply && commentReply.open(\'%s\',\'%s\');" class="vim-r button-link hide-if-no-js" aria-label="%s">%s</button>', + $comment->comment_ID, + $comment->comment_post_ID, + esc_attr__( 'Reply to this comment' ), + __( 'Reply' ) + ); + + $actions['spam'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="vim-s vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $spam_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::spam=1", + esc_attr__( 'Mark this comment as spam' ), + /* translators: "Mark as spam" link. */ + _x( 'Spam', 'verb' ) + ); + + if ( ! EMPTY_TRASH_DAYS ) { + $actions['delete'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="delete vim-d vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $delete_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::trash=1", + esc_attr__( 'Delete this comment permanently' ), + __( 'Delete Permanently' ) + ); + } else { + $actions['trash'] = sprintf( + '<a href="%s" data-wp-lists="%s" class="delete vim-d vim-destructive aria-button-if-js" aria-label="%s">%s</a>', + $trash_url, + "delete:the-comment-list:comment-{$comment->comment_ID}::trash=1", + esc_attr__( 'Move this comment to the Trash' ), + _x( 'Trash', 'verb' ) + ); + } + + $actions['view'] = sprintf( + '<a class="comment-link" href="%s" aria-label="%s">%s</a>', + esc_url( get_comment_link( $comment ) ), + esc_attr__( 'View this comment' ), + __( 'View' ) + ); + + /** + * Filters the action links displayed for each comment in the 'Recent Comments' + * dashboard widget. + * + * @since 2.6.0 + * + * @param string[] $actions An array of comment actions. Default actions include: + * 'Approve', 'Unapprove', 'Edit', 'Reply', 'Spam', + * 'Delete', and 'Trash'. + * @param WP_Comment $comment The comment object. + */ + $actions = apply_filters( 'comment_row_actions', array_filter( $actions ), $comment ); + + $i = 0; + + foreach ( $actions as $action => $link ) { + ++$i; + + if ( ( ( 'approve' === $action || 'unapprove' === $action ) && 2 === $i ) + || 1 === $i + ) { + $separator = ''; + } else { + $separator = ' | '; + } + + // Reply and quickedit need a hide-if-no-js span. + if ( 'reply' === $action || 'quickedit' === $action ) { + $action .= ' hide-if-no-js'; + } + + if ( 'view' === $action && '1' !== $comment->comment_approved ) { + $action .= ' hidden'; + } + + $actions_string .= "<span class='$action'>{$separator}{$link}</span>"; + } + } + ?> + + <li id="comment-<?php echo $comment->comment_ID; ?>" <?php comment_class( array( 'comment-item', wp_get_comment_status( $comment ) ), $comment ); ?>> + + <?php + $comment_row_class = ''; + + if ( get_option( 'show_avatars' ) ) { + echo get_avatar( $comment, 50, 'mystery' ); + $comment_row_class .= ' has-avatar'; + } + ?> + + <?php if ( ! $comment->comment_type || 'comment' === $comment->comment_type ) : ?> + + <div class="dashboard-comment-wrap has-row-actions <?php echo $comment_row_class; ?>"> + <p class="comment-meta"> + <?php + // Comments might not have a post they relate to, e.g. programmatically created ones. + if ( $comment_post_link ) { + printf( + /* translators: 1: Comment author, 2: Post link, 3: Notification if the comment is pending. */ + __( 'From %1$s on %2$s %3$s' ), + '<cite class="comment-author">' . get_comment_author_link( $comment ) . '</cite>', + $comment_post_link, + '<span class="approve">' . __( '[Pending]' ) . '</span>' + ); + } else { + printf( + /* translators: 1: Comment author, 2: Notification if the comment is pending. */ + __( 'From %1$s %2$s' ), + '<cite class="comment-author">' . get_comment_author_link( $comment ) . '</cite>', + '<span class="approve">' . __( '[Pending]' ) . '</span>' + ); + } + ?> + </p> + + <?php + else : + switch ( $comment->comment_type ) { + case 'pingback': + $type = __( 'Pingback' ); + break; + case 'trackback': + $type = __( 'Trackback' ); + break; + default: + $type = ucwords( $comment->comment_type ); + } + $type = esc_html( $type ); + ?> + <div class="dashboard-comment-wrap has-row-actions"> + <p class="comment-meta"> + <?php + // Pingbacks, Trackbacks or custom comment types might not have a post they relate to, e.g. programmatically created ones. + if ( $comment_post_link ) { + printf( + /* translators: 1: Type of comment, 2: Post link, 3: Notification if the comment is pending. */ + _x( '%1$s on %2$s %3$s', 'dashboard' ), + "<strong>$type</strong>", + $comment_post_link, + '<span class="approve">' . __( '[Pending]' ) . '</span>' + ); + } else { + printf( + /* translators: 1: Type of comment, 2: Notification if the comment is pending. */ + _x( '%1$s %2$s', 'dashboard' ), + "<strong>$type</strong>", + '<span class="approve">' . __( '[Pending]' ) . '</span>' + ); + } + ?> + </p> + <p class="comment-author"><?php comment_author_link( $comment ); ?></p> + + <?php endif; // comment_type ?> + <blockquote><p><?php comment_excerpt( $comment ); ?></p></blockquote> + <?php if ( $actions_string ) : ?> + <p class="row-actions"><?php echo $actions_string; ?></p> + <?php endif; ?> + </div> + </li> + <?php + $GLOBALS['comment'] = null; +} + +/** + * Outputs the Activity widget. + * + * Callback function for {@see 'dashboard_activity'}. + * + * @since 3.8.0 + */ +function wp_dashboard_site_activity() { + + echo '<div id="activity-widget">'; + + $future_posts = wp_dashboard_recent_posts( + array( + 'max' => 5, + 'status' => 'future', + 'order' => 'ASC', + 'title' => __( 'Publishing Soon' ), + 'id' => 'future-posts', + ) + ); + $recent_posts = wp_dashboard_recent_posts( + array( + 'max' => 5, + 'status' => 'publish', + 'order' => 'DESC', + 'title' => __( 'Recently Published' ), + 'id' => 'published-posts', + ) + ); + + $recent_comments = wp_dashboard_recent_comments(); + + if ( ! $future_posts && ! $recent_posts && ! $recent_comments ) { + echo '<div class="no-activity">'; + echo '<p>' . __( 'No activity yet!' ) . '</p>'; + echo '</div>'; + } + + echo '</div>'; +} + +/** + * Generates Publishing Soon and Recently Published sections. + * + * @since 3.8.0 + * + * @param array $args { + * An array of query and display arguments. + * + * @type int $max Number of posts to display. + * @type string $status Post status. + * @type string $order Designates ascending ('ASC') or descending ('DESC') order. + * @type string $title Section title. + * @type string $id The container id. + * } + * @return bool False if no posts were found. True otherwise. + */ +function wp_dashboard_recent_posts( $args ) { + $query_args = array( + 'post_type' => 'post', + 'post_status' => $args['status'], + 'orderby' => 'date', + 'order' => $args['order'], + 'posts_per_page' => (int) $args['max'], + 'no_found_rows' => true, + 'cache_results' => true, + 'perm' => ( 'future' === $args['status'] ) ? 'editable' : 'readable', + ); + + /** + * Filters the query arguments used for the Recent Posts widget. + * + * @since 4.2.0 + * + * @param array $query_args The arguments passed to WP_Query to produce the list of posts. + */ + $query_args = apply_filters( 'dashboard_recent_posts_query_args', $query_args ); + + $posts = new WP_Query( $query_args ); + + if ( $posts->have_posts() ) { + + echo '<div id="' . $args['id'] . '" class="activity-block">'; + + echo '<h3>' . $args['title'] . '</h3>'; + + echo '<ul>'; + + $today = current_time( 'Y-m-d' ); + $tomorrow = current_datetime()->modify( '+1 day' )->format( 'Y-m-d' ); + $year = current_time( 'Y' ); + + while ( $posts->have_posts() ) { + $posts->the_post(); + + $time = get_the_time( 'U' ); + + if ( gmdate( 'Y-m-d', $time ) === $today ) { + $relative = __( 'Today' ); + } elseif ( gmdate( 'Y-m-d', $time ) === $tomorrow ) { + $relative = __( 'Tomorrow' ); + } elseif ( gmdate( 'Y', $time ) !== $year ) { + /* translators: Date and time format for recent posts on the dashboard, from a different calendar year, see https://www.php.net/manual/datetime.format.php */ + $relative = date_i18n( __( 'M jS Y' ), $time ); + } else { + /* translators: Date and time format for recent posts on the dashboard, see https://www.php.net/manual/datetime.format.php */ + $relative = date_i18n( __( 'M jS' ), $time ); + } + + // Use the post edit link for those who can edit, the permalink otherwise. + $recent_post_link = current_user_can( 'edit_post', get_the_ID() ) ? get_edit_post_link() : get_permalink(); + + $draft_or_post_title = _draft_or_post_title(); + printf( + '<li><span>%1$s</span> <a href="%2$s" aria-label="%3$s">%4$s</a></li>', + /* translators: 1: Relative date, 2: Time. */ + sprintf( _x( '%1$s, %2$s', 'dashboard' ), $relative, get_the_time() ), + $recent_post_link, + /* translators: %s: Post title. */ + esc_attr( sprintf( __( 'Edit “%s”' ), $draft_or_post_title ) ), + $draft_or_post_title + ); + } + + echo '</ul>'; + echo '</div>'; + + } else { + return false; + } + + wp_reset_postdata(); + + return true; +} + +/** + * Show Comments section. + * + * @since 3.8.0 + * + * @param int $total_items Optional. Number of comments to query. Default 5. + * @return bool False if no comments were found. True otherwise. + */ +function wp_dashboard_recent_comments( $total_items = 5 ) { + // Select all comment types and filter out spam later for better query performance. + $comments = array(); + + $comments_query = array( + 'number' => $total_items * 5, + 'offset' => 0, + ); + + if ( ! current_user_can( 'edit_posts' ) ) { + $comments_query['status'] = 'approve'; + } + + while ( count( $comments ) < $total_items && $possible = get_comments( $comments_query ) ) { + if ( ! is_array( $possible ) ) { + break; + } + + foreach ( $possible as $comment ) { + if ( ! current_user_can( 'read_post', $comment->comment_post_ID ) ) { + continue; + } + + $comments[] = $comment; + + if ( count( $comments ) === $total_items ) { + break 2; + } + } + + $comments_query['offset'] += $comments_query['number']; + $comments_query['number'] = $total_items * 10; + } + + if ( $comments ) { + echo '<div id="latest-comments" class="activity-block table-view-list">'; + echo '<h3>' . __( 'Recent Comments' ) . '</h3>'; + + echo '<ul id="the-comment-list" data-wp-lists="list:comment">'; + foreach ( $comments as $comment ) { + $comment_post = get_post( $comment->comment_post_ID ); + if ( + current_user_can( 'edit_post', $comment->comment_post_ID ) || + ( + empty( $comment_post->post_password ) && + current_user_can( 'read_post', $comment->comment_post_ID ) + ) + ) { + _wp_dashboard_recent_comments_row( $comment ); + } + } + echo '</ul>'; + + if ( current_user_can( 'edit_posts' ) ) { + echo '<h3 class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'View more comments' ) . + '</h3>'; + _get_list_table( 'WP_Comments_List_Table' )->views(); + } + + wp_comment_reply( -1, false, 'dashboard', false ); + wp_comment_trashnotice(); + + echo '</div>'; + } else { + return false; + } + return true; +} + +/** + * Display generic dashboard RSS widget feed. + * + * @since 2.5.0 + * + * @param string $widget_id + */ +function wp_dashboard_rss_output( $widget_id ) { + $widgets = get_option( 'dashboard_widget_options' ); + echo '<div class="rss-widget">'; + wp_widget_rss_output( $widgets[ $widget_id ] ); + echo '</div>'; +} + +/** + * Checks to see if all of the feed url in $check_urls are cached. + * + * If $check_urls is empty, look for the rss feed url found in the dashboard + * widget options of $widget_id. If cached, call $callback, a function that + * echoes out output for this widget. If not cache, echo a "Loading..." stub + * which is later replaced by Ajax call (see top of /wp-admin/index.php) + * + * @since 2.5.0 + * @since 5.3.0 Formalized the existing and already documented `...$args` parameter + * by adding it to the function signature. + * + * @param string $widget_id The widget ID. + * @param callable $callback The callback function used to display each feed. + * @param array $check_urls RSS feeds. + * @param mixed ...$args Optional additional parameters to pass to the callback function. + * @return bool True on success, false on failure. + */ +function wp_dashboard_cached_rss_widget( $widget_id, $callback, $check_urls = array(), ...$args ) { + $doing_ajax = wp_doing_ajax(); + $loading = '<p class="widget-loading hide-if-no-js">' . __( 'Loading…' ) . '</p>'; + $loading .= wp_get_admin_notice( + __( 'This widget requires JavaScript.' ), + array( + 'type' => 'error', + 'additional_classes' => array( 'inline', 'hide-if-js' ), + ) + ); + + if ( empty( $check_urls ) ) { + $widgets = get_option( 'dashboard_widget_options' ); + + if ( empty( $widgets[ $widget_id ]['url'] ) && ! $doing_ajax ) { + echo $loading; + return false; + } + + $check_urls = array( $widgets[ $widget_id ]['url'] ); + } + + $locale = get_user_locale(); + $cache_key = 'dash_v2_' . md5( $widget_id . '_' . $locale ); + $output = get_transient( $cache_key ); + + if ( false !== $output ) { + echo $output; + return true; + } + + if ( ! $doing_ajax ) { + echo $loading; + return false; + } + + if ( $callback && is_callable( $callback ) ) { + array_unshift( $args, $widget_id, $check_urls ); + ob_start(); + call_user_func_array( $callback, $args ); + // Default lifetime in cache of 12 hours (same as the feeds). + set_transient( $cache_key, ob_get_flush(), 12 * HOUR_IN_SECONDS ); + } + + return true; +} + +// +// Dashboard Widgets Controls. +// + +/** + * Calls widget control callback. + * + * @since 2.5.0 + * + * @global callable[] $wp_dashboard_control_callbacks + * + * @param int|false $widget_control_id Optional. Registered widget ID. Default false. + */ +function wp_dashboard_trigger_widget_control( $widget_control_id = false ) { + global $wp_dashboard_control_callbacks; + + if ( is_scalar( $widget_control_id ) && $widget_control_id + && isset( $wp_dashboard_control_callbacks[ $widget_control_id ] ) + && is_callable( $wp_dashboard_control_callbacks[ $widget_control_id ] ) + ) { + call_user_func( + $wp_dashboard_control_callbacks[ $widget_control_id ], + '', + array( + 'id' => $widget_control_id, + 'callback' => $wp_dashboard_control_callbacks[ $widget_control_id ], + ) + ); + } +} + +/** + * Sets up the RSS dashboard widget control and $args to be used as input to wp_widget_rss_form(). + * + * Handles POST data from RSS-type widgets. + * + * @since 2.5.0 + * + * @param string $widget_id + * @param array $form_inputs + */ +function wp_dashboard_rss_control( $widget_id, $form_inputs = array() ) { + $widget_options = get_option( 'dashboard_widget_options' ); + + if ( ! $widget_options ) { + $widget_options = array(); + } + + if ( ! isset( $widget_options[ $widget_id ] ) ) { + $widget_options[ $widget_id ] = array(); + } + + $number = 1; // Hack to use wp_widget_rss_form(). + + $widget_options[ $widget_id ]['number'] = $number; + + if ( 'POST' === $_SERVER['REQUEST_METHOD'] && isset( $_POST['widget-rss'][ $number ] ) ) { + $_POST['widget-rss'][ $number ] = wp_unslash( $_POST['widget-rss'][ $number ] ); + $widget_options[ $widget_id ] = wp_widget_rss_process( $_POST['widget-rss'][ $number ] ); + $widget_options[ $widget_id ]['number'] = $number; + + // Title is optional. If black, fill it if possible. + if ( ! $widget_options[ $widget_id ]['title'] && isset( $_POST['widget-rss'][ $number ]['title'] ) ) { + $rss = fetch_feed( $widget_options[ $widget_id ]['url'] ); + if ( is_wp_error( $rss ) ) { + $widget_options[ $widget_id ]['title'] = htmlentities( __( 'Unknown Feed' ) ); + } else { + $widget_options[ $widget_id ]['title'] = htmlentities( strip_tags( $rss->get_title() ) ); + $rss->__destruct(); + unset( $rss ); + } + } + + update_option( 'dashboard_widget_options', $widget_options ); + + $locale = get_user_locale(); + $cache_key = 'dash_v2_' . md5( $widget_id . '_' . $locale ); + delete_transient( $cache_key ); + } + + wp_widget_rss_form( $widget_options[ $widget_id ], $form_inputs ); +} + + +/** + * Renders the Events and News dashboard widget. + * + * @since 4.8.0 + */ +function wp_dashboard_events_news() { + wp_print_community_events_markup(); + + ?> + + <div class="wordpress-news hide-if-no-js"> + <?php wp_dashboard_primary(); ?> + </div> + + <p class="community-events-footer"> + <?php + printf( + '<a href="%1$s" target="_blank">%2$s <span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', + 'https://make.wordpress.org/community/meetups-landing-page', + __( 'Meetups' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + + | + + <?php + printf( + '<a href="%1$s" target="_blank">%2$s <span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', + 'https://central.wordcamp.org/schedule/', + __( 'WordCamps' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + + | + + <?php + printf( + '<a href="%1$s" target="_blank">%2$s <span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', + /* translators: If a Rosetta site exists (e.g. https://es.wordpress.org/news/), then use that. Otherwise, leave untranslated. */ + esc_url( _x( 'https://wordpress.org/news/', 'Events and News dashboard widget' ) ), + __( 'News' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + </p> + + <?php +} + +/** + * Prints the markup for the Community Events section of the Events and News Dashboard widget. + * + * @since 4.8.0 + */ +function wp_print_community_events_markup() { + $community_events_notice = '<p class="hide-if-js">' . ( 'This widget requires JavaScript.' ) . '</p>'; + $community_events_notice .= '<p class="community-events-error-occurred" aria-hidden="true">' . __( 'An error occurred. Please try again.' ) . '</p>'; + $community_events_notice .= '<p class="community-events-could-not-locate" aria-hidden="true"></p>'; + + wp_admin_notice( + $community_events_notice, + array( + 'type' => 'error', + 'additional_classes' => array( 'community-events-errors', 'inline', 'hide-if-js' ), + 'paragraph_wrap' => false, + ) + ); + + /* + * Hide the main element when the page first loads, because the content + * won't be ready until wp.communityEvents.renderEventsTemplate() has run. + */ + ?> + <div id="community-events" class="community-events" aria-hidden="true"> + <div class="activity-block"> + <p> + <span id="community-events-location-message"></span> + + <button class="button-link community-events-toggle-location" aria-expanded="false"> + <span class="dashicons dashicons-location" aria-hidden="true"></span> + <span class="community-events-location-edit"><?php _e( 'Select location' ); ?></span> + </button> + </p> + + <form class="community-events-form" aria-hidden="true" action="<?php echo esc_url( admin_url( 'admin-ajax.php' ) ); ?>" method="post"> + <label for="community-events-location"> + <?php _e( 'City:' ); ?> + </label> + <?php + /* translators: Replace with a city related to your locale. + * Test that it matches the expected location and has upcoming + * events before including it. If no cities related to your + * locale have events, then use a city related to your locale + * that would be recognizable to most users. Use only the city + * name itself, without any region or country. Use the endonym + * (native locale name) instead of the English name if possible. + */ + ?> + <input id="community-events-location" class="regular-text" type="text" name="community-events-location" placeholder="<?php esc_attr_e( 'Cincinnati' ); ?>" /> + + <?php submit_button( __( 'Submit' ), 'secondary', 'community-events-submit', false ); ?> + + <button class="community-events-cancel button-link" type="button" aria-expanded="false"> + <?php _e( 'Cancel' ); ?> + </button> + + <span class="spinner"></span> + </form> + </div> + + <ul class="community-events-results activity-block last"></ul> + </div> + + <?php +} + +/** + * Renders the events templates for the Event and News widget. + * + * @since 4.8.0 + */ +function wp_print_community_events_templates() { + ?> + + <script id="tmpl-community-events-attend-event-near" type="text/template"> + <?php + printf( + /* translators: %s: The name of a city. */ + __( 'Attend an upcoming event near %s.' ), + '<strong>{{ data.location.description }}</strong>' + ); + ?> + </script> + + <script id="tmpl-community-events-could-not-locate" type="text/template"> + <?php + printf( + /* translators: %s is the name of the city we couldn't locate. + * Replace the examples with cities in your locale, but test + * that they match the expected location before including them. + * Use endonyms (native locale names) whenever possible. + */ + __( '%s could not be located. Please try another nearby city. For example: Kansas City; Springfield; Portland.' ), + '<em>{{data.unknownCity}}</em>' + ); + ?> + </script> + + <script id="tmpl-community-events-event-list" type="text/template"> + <# _.each( data.events, function( event ) { #> + <li class="event event-{{ event.type }} wp-clearfix"> + <div class="event-info"> + <div class="dashicons event-icon" aria-hidden="true"></div> + <div class="event-info-inner"> + <a class="event-title" href="{{ event.url }}">{{ event.title }}</a> + <# if ( event.type ) { + const titleCaseEventType = event.type.replace( + /\w\S*/g, + function ( type ) { return type.charAt(0).toUpperCase() + type.substr(1).toLowerCase(); } + ); + #> + {{ 'wordcamp' === event.type ? 'WordCamp' : titleCaseEventType }} + <span class="ce-separator"></span> + <# } #> + <span class="event-city">{{ event.location.location }}</span> + </div> + </div> + + <div class="event-date-time"> + <span class="event-date">{{ event.user_formatted_date }}</span> + <# if ( 'meetup' === event.type ) { #> + <span class="event-time"> + {{ event.user_formatted_time }} {{ event.timeZoneAbbreviation }} + </span> + <# } #> + </div> + </li> + <# } ) #> + + <# if ( data.events.length <= 2 ) { #> + <li class="event-none"> + <?php + printf( + /* translators: %s: Localized meetup organization documentation URL. */ + __( 'Want more events? <a href="%s">Help organize the next one</a>!' ), + __( 'https://make.wordpress.org/community/organize-event-landing-page/' ) + ); + ?> + </li> + <# } #> + + </script> + + <script id="tmpl-community-events-no-upcoming-events" type="text/template"> + <li class="event-none"> + <# if ( data.location.description ) { #> + <?php + printf( + /* translators: 1: The city the user searched for, 2: Meetup organization documentation URL. */ + __( 'There are no events scheduled near %1$s at the moment. Would you like to <a href="%2$s">organize a WordPress event</a>?' ), + '{{ data.location.description }}', + __( 'https://make.wordpress.org/community/handbook/meetup-organizer/welcome/' ) + ); + ?> + + <# } else { #> + <?php + printf( + /* translators: %s: Meetup organization documentation URL. */ + __( 'There are no events scheduled near you at the moment. Would you like to <a href="%s">organize a WordPress event</a>?' ), + __( 'https://make.wordpress.org/community/handbook/meetup-organizer/welcome/' ) + ); + ?> + <# } #> + </li> + </script> + <?php +} + +/** + * 'WordPress Events and News' dashboard widget. + * + * @since 2.7.0 + * @since 4.8.0 Removed popular plugins feed. + */ +function wp_dashboard_primary() { + $feeds = array( + 'news' => array( + + /** + * Filters the primary link URL for the 'WordPress Events and News' dashboard widget. + * + * @since 2.5.0 + * + * @param string $link The widget's primary link URL. + */ + 'link' => apply_filters( 'dashboard_primary_link', __( 'https://wordpress.org/news/' ) ), + + /** + * Filters the primary feed URL for the 'WordPress Events and News' dashboard widget. + * + * @since 2.3.0 + * + * @param string $url The widget's primary feed URL. + */ + 'url' => apply_filters( 'dashboard_primary_feed', __( 'https://wordpress.org/news/feed/' ) ), + + /** + * Filters the primary link title for the 'WordPress Events and News' dashboard widget. + * + * @since 2.3.0 + * + * @param string $title Title attribute for the widget's primary link. + */ + 'title' => apply_filters( 'dashboard_primary_title', __( 'WordPress Blog' ) ), + 'items' => 2, + 'show_summary' => 0, + 'show_author' => 0, + 'show_date' => 0, + ), + 'planet' => array( + + /** + * Filters the secondary link URL for the 'WordPress Events and News' dashboard widget. + * + * @since 2.3.0 + * + * @param string $link The widget's secondary link URL. + */ + 'link' => apply_filters( 'dashboard_secondary_link', __( 'https://planet.wordpress.org/' ) ), + + /** + * Filters the secondary feed URL for the 'WordPress Events and News' dashboard widget. + * + * @since 2.3.0 + * + * @param string $url The widget's secondary feed URL. + */ + 'url' => apply_filters( 'dashboard_secondary_feed', __( 'https://planet.wordpress.org/feed/' ) ), + + /** + * Filters the secondary link title for the 'WordPress Events and News' dashboard widget. + * + * @since 2.3.0 + * + * @param string $title Title attribute for the widget's secondary link. + */ + 'title' => apply_filters( 'dashboard_secondary_title', __( 'Other WordPress News' ) ), + + /** + * Filters the number of secondary link items for the 'WordPress Events and News' dashboard widget. + * + * @since 4.4.0 + * + * @param string $items How many items to show in the secondary feed. + */ + 'items' => apply_filters( 'dashboard_secondary_items', 3 ), + 'show_summary' => 0, + 'show_author' => 0, + 'show_date' => 0, + ), + ); + + wp_dashboard_cached_rss_widget( 'dashboard_primary', 'wp_dashboard_primary_output', $feeds ); +} + +/** + * Displays the WordPress events and news feeds. + * + * @since 3.8.0 + * @since 4.8.0 Removed popular plugins feed. + * + * @param string $widget_id Widget ID. + * @param array $feeds Array of RSS feeds. + */ +function wp_dashboard_primary_output( $widget_id, $feeds ) { + foreach ( $feeds as $type => $args ) { + $args['type'] = $type; + echo '<div class="rss-widget">'; + wp_widget_rss_output( $args['url'], $args ); + echo '</div>'; + } +} + +/** + * Displays file upload quota on dashboard. + * + * Runs on the {@see 'activity_box_end'} hook in wp_dashboard_right_now(). + * + * @since 3.0.0 + * + * @return true|void True if not multisite, user can't upload files, or the space check option is disabled. + */ +function wp_dashboard_quota() { + if ( ! is_multisite() || ! current_user_can( 'upload_files' ) + || get_site_option( 'upload_space_check_disabled' ) + ) { + return true; + } + + $quota = get_space_allowed(); + $used = get_space_used(); + + if ( $used > $quota ) { + $percentused = '100'; + } else { + $percentused = ( $used / $quota ) * 100; + } + + $used_class = ( $percentused >= 70 ) ? ' warning' : ''; + $used = round( $used, 2 ); + $percentused = number_format( $percentused ); + + ?> + <h3 class="mu-storage"><?php _e( 'Storage Space' ); ?></h3> + <div class="mu-storage"> + <ul> + <li class="storage-count"> + <?php + $text = sprintf( + /* translators: %s: Number of megabytes. */ + __( '%s MB Space Allowed' ), + number_format_i18n( $quota ) + ); + printf( + '<a href="%1$s">%2$s<span class="screen-reader-text"> (%3$s)</span></a>', + esc_url( admin_url( 'upload.php' ) ), + $text, + /* translators: Hidden accessibility text. */ + __( 'Manage Uploads' ) + ); + ?> + </li><li class="storage-count <?php echo $used_class; ?>"> + <?php + $text = sprintf( + /* translators: 1: Number of megabytes, 2: Percentage. */ + __( '%1$s MB (%2$s%%) Space Used' ), + number_format_i18n( $used, 2 ), + $percentused + ); + printf( + '<a href="%1$s" class="musublink">%2$s<span class="screen-reader-text"> (%3$s)</span></a>', + esc_url( admin_url( 'upload.php' ) ), + $text, + /* translators: Hidden accessibility text. */ + __( 'Manage Uploads' ) + ); + ?> + </li> + </ul> + </div> + <?php +} + +/** + * Displays the browser update nag. + * + * @since 3.2.0 + * @since 5.8.0 Added a special message for Internet Explorer users. + * + * @global bool $is_IE + */ +function wp_dashboard_browser_nag() { + global $is_IE; + + $notice = ''; + $response = wp_check_browser_version(); + + if ( $response ) { + if ( $is_IE ) { + $msg = __( 'Internet Explorer does not give you the best WordPress experience. Switch to Microsoft Edge, or another more modern browser to get the most from your site.' ); + } elseif ( $response['insecure'] ) { + $msg = sprintf( + /* translators: %s: Browser name and link. */ + __( "It looks like you're using an insecure version of %s. Using an outdated browser makes your computer unsafe. For the best WordPress experience, please update your browser." ), + sprintf( '<a href="%s">%s</a>', esc_url( $response['update_url'] ), esc_html( $response['name'] ) ) + ); + } else { + $msg = sprintf( + /* translators: %s: Browser name and link. */ + __( "It looks like you're using an old version of %s. For the best WordPress experience, please update your browser." ), + sprintf( '<a href="%s">%s</a>', esc_url( $response['update_url'] ), esc_html( $response['name'] ) ) + ); + } + + $browser_nag_class = ''; + if ( ! empty( $response['img_src'] ) ) { + $img_src = ( is_ssl() && ! empty( $response['img_src_ssl'] ) ) ? $response['img_src_ssl'] : $response['img_src']; + + $notice .= '<div class="alignright browser-icon"><img src="' . esc_url( $img_src ) . '" alt="" /></div>'; + $browser_nag_class = ' has-browser-icon'; + } + $notice .= "<p class='browser-update-nag{$browser_nag_class}'>{$msg}</p>"; + + $browsehappy = 'https://browsehappy.com/'; + $locale = get_user_locale(); + if ( 'en_US' !== $locale ) { + $browsehappy = add_query_arg( 'locale', $locale, $browsehappy ); + } + + if ( $is_IE ) { + $msg_browsehappy = sprintf( + /* translators: %s: Browse Happy URL. */ + __( 'Learn how to <a href="%s" class="update-browser-link">browse happy</a>' ), + esc_url( $browsehappy ) + ); + } else { + $msg_browsehappy = sprintf( + /* translators: 1: Browser update URL, 2: Browser name, 3: Browse Happy URL. */ + __( '<a href="%1$s" class="update-browser-link">Update %2$s</a> or learn how to <a href="%3$s" class="browse-happy-link">browse happy</a>' ), + esc_attr( $response['update_url'] ), + esc_html( $response['name'] ), + esc_url( $browsehappy ) + ); + } + + $notice .= '<p>' . $msg_browsehappy . '</p>'; + $notice .= '<p class="hide-if-no-js"><a href="" class="dismiss" aria-label="' . esc_attr__( 'Dismiss the browser warning panel' ) . '">' . __( 'Dismiss' ) . '</a></p>'; + $notice .= '<div class="clear"></div>'; + } + + /** + * Filters the notice output for the 'Browse Happy' nag meta box. + * + * @since 3.2.0 + * + * @param string $notice The notice content. + * @param array|false $response An array containing web browser information, or + * false on failure. See wp_check_browser_version(). + */ + echo apply_filters( 'browse-happy-notice', $notice, $response ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores +} + +/** + * Adds an additional class to the browser nag if the current version is insecure. + * + * @since 3.2.0 + * + * @param string[] $classes Array of meta box classes. + * @return string[] Modified array of meta box classes. + */ +function dashboard_browser_nag_class( $classes ) { + $response = wp_check_browser_version(); + + if ( $response && $response['insecure'] ) { + $classes[] = 'browser-insecure'; + } + + return $classes; +} + +/** + * Checks if the user needs a browser update. + * + * @since 3.2.0 + * + * @return array|false Array of browser data on success, false on failure. + */ +function wp_check_browser_version() { + if ( empty( $_SERVER['HTTP_USER_AGENT'] ) ) { + return false; + } + + $key = md5( $_SERVER['HTTP_USER_AGENT'] ); + + $response = get_site_transient( 'browser_' . $key ); + + if ( false === $response ) { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $url = 'http://api.wordpress.org/core/browse-happy/1.1/'; + $options = array( + 'body' => array( 'useragent' => $_SERVER['HTTP_USER_AGENT'] ), + 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), + ); + + if ( wp_http_supports( array( 'ssl' ) ) ) { + $url = set_url_scheme( $url, 'https' ); + } + + $response = wp_remote_post( $url, $options ); + + if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { + return false; + } + + /** + * Response should be an array with: + * 'platform' - string - A user-friendly platform name, if it can be determined + * 'name' - string - A user-friendly browser name + * 'version' - string - The version of the browser the user is using + * 'current_version' - string - The most recent version of the browser + * 'upgrade' - boolean - Whether the browser needs an upgrade + * 'insecure' - boolean - Whether the browser is deemed insecure + * 'update_url' - string - The url to visit to upgrade + * 'img_src' - string - An image representing the browser + * 'img_src_ssl' - string - An image (over SSL) representing the browser + */ + $response = json_decode( wp_remote_retrieve_body( $response ), true ); + + if ( ! is_array( $response ) ) { + return false; + } + + set_site_transient( 'browser_' . $key, $response, WEEK_IN_SECONDS ); + } + + return $response; +} + +/** + * Displays the PHP update nag. + * + * @since 5.1.0 + */ +function wp_dashboard_php_nag() { + $response = wp_check_php_version(); + + if ( ! $response ) { + return; + } + + if ( isset( $response['is_secure'] ) && ! $response['is_secure'] ) { + // The `is_secure` array key name doesn't actually imply this is a secure version of PHP. It only means it receives security updates. + + if ( $response['is_lower_than_future_minimum'] ) { + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which does not receive security updates and soon will not be supported by WordPress. Ensure that PHP is updated on your server as soon as possible. Otherwise you will not be able to upgrade WordPress.' ), + PHP_VERSION + ); + } else { + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which does not receive security updates. It should be updated.' ), + PHP_VERSION + ); + } + } elseif ( $response['is_lower_than_future_minimum'] ) { + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which soon will not be supported by WordPress. Ensure that PHP is updated on your server as soon as possible. Otherwise you will not be able to upgrade WordPress.' ), + PHP_VERSION + ); + } else { + $message = sprintf( + /* translators: %s: The server PHP version. */ + __( 'Your site is running on an outdated version of PHP (%s), which should be updated.' ), + PHP_VERSION + ); + } + ?> + <p class="bigger-bolder-text"><?php echo $message; ?></p> + + <p><?php _e( 'What is PHP and how does it affect my site?' ); ?></p> + <p> + <?php _e( 'PHP is one of the programming languages used to build WordPress. Newer versions of PHP receive regular security updates and may increase your site’s performance.' ); ?> + <?php + if ( ! empty( $response['recommended_version'] ) ) { + printf( + /* translators: %s: The minimum recommended PHP version. */ + __( 'The minimum recommended version of PHP is %s.' ), + $response['recommended_version'] + ); + } + ?> + </p> + + <p class="button-container"> + <?php + printf( + '<a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s<span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', + esc_url( wp_get_update_php_url() ), + __( 'Learn more about updating PHP' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + </p> + <?php + + wp_update_php_annotation(); + wp_direct_php_update_button(); +} + +/** + * Adds an additional class to the PHP nag if the current version is insecure. + * + * @since 5.1.0 + * + * @param string[] $classes Array of meta box classes. + * @return string[] Modified array of meta box classes. + */ +function dashboard_php_nag_class( $classes ) { + $response = wp_check_php_version(); + + if ( ! $response ) { + return $classes; + } + + if ( isset( $response['is_secure'] ) && ! $response['is_secure'] ) { + $classes[] = 'php-no-security-updates'; + } elseif ( $response['is_lower_than_future_minimum'] ) { + $classes[] = 'php-version-lower-than-future-minimum'; + } + + return $classes; +} + +/** + * Displays the Site Health Status widget. + * + * @since 5.4.0 + */ +function wp_dashboard_site_health() { + $get_issues = get_transient( 'health-check-site-status-result' ); + + $issue_counts = array(); + + if ( false !== $get_issues ) { + $issue_counts = json_decode( $get_issues, true ); + } + + if ( ! is_array( $issue_counts ) || ! $issue_counts ) { + $issue_counts = array( + 'good' => 0, + 'recommended' => 0, + 'critical' => 0, + ); + } + + $issues_total = $issue_counts['recommended'] + $issue_counts['critical']; + ?> + <div class="health-check-widget"> + <div class="health-check-widget-title-section site-health-progress-wrapper loading hide-if-no-js"> + <div class="site-health-progress"> + <svg aria-hidden="true" focusable="false" width="100%" height="100%" viewBox="0 0 200 200" version="1.1" xmlns="http://www.w3.org/2000/svg"> + <circle r="90" cx="100" cy="100" fill="transparent" stroke-dasharray="565.48" stroke-dashoffset="0"></circle> + <circle id="bar" r="90" cx="100" cy="100" fill="transparent" stroke-dasharray="565.48" stroke-dashoffset="0"></circle> + </svg> + </div> + <div class="site-health-progress-label"> + <?php if ( false === $get_issues ) : ?> + <?php _e( 'No information yet…' ); ?> + <?php else : ?> + <?php _e( 'Results are still loading…' ); ?> + <?php endif; ?> + </div> + </div> + + <div class="site-health-details"> + <?php if ( false === $get_issues ) : ?> + <p> + <?php + printf( + /* translators: %s: URL to Site Health screen. */ + __( 'Site health checks will automatically run periodically to gather information about your site. You can also <a href="%s">visit the Site Health screen</a> to gather information about your site now.' ), + esc_url( admin_url( 'site-health.php' ) ) + ); + ?> + </p> + <?php else : ?> + <p> + <?php if ( $issues_total <= 0 ) : ?> + <?php _e( 'Great job! Your site currently passes all site health checks.' ); ?> + <?php elseif ( 1 === (int) $issue_counts['critical'] ) : ?> + <?php _e( 'Your site has a critical issue that should be addressed as soon as possible to improve its performance and security.' ); ?> + <?php elseif ( $issue_counts['critical'] > 1 ) : ?> + <?php _e( 'Your site has critical issues that should be addressed as soon as possible to improve its performance and security.' ); ?> + <?php elseif ( 1 === (int) $issue_counts['recommended'] ) : ?> + <?php _e( 'Your site’s health is looking good, but there is still one thing you can do to improve its performance and security.' ); ?> + <?php else : ?> + <?php _e( 'Your site’s health is looking good, but there are still some things you can do to improve its performance and security.' ); ?> + <?php endif; ?> + </p> + <?php endif; ?> + + <?php if ( $issues_total > 0 && false !== $get_issues ) : ?> + <p> + <?php + printf( + /* translators: 1: Number of issues. 2: URL to Site Health screen. */ + _n( + 'Take a look at the <strong>%1$d item</strong> on the <a href="%2$s">Site Health screen</a>.', + 'Take a look at the <strong>%1$d items</strong> on the <a href="%2$s">Site Health screen</a>.', + $issues_total + ), + $issues_total, + esc_url( admin_url( 'site-health.php' ) ) + ); + ?> + </p> + <?php endif; ?> + </div> + </div> + + <?php +} + +/** + * Outputs empty dashboard widget to be populated by JS later. + * + * Usable by plugins. + * + * @since 2.5.0 + */ +function wp_dashboard_empty() {} + +/** + * Displays a welcome panel to introduce users to WordPress. + * + * @since 3.3.0 + * @since 5.9.0 Send users to the Site Editor if the active theme is block-based. + */ +function wp_welcome_panel() { + list( $display_version ) = explode( '-', get_bloginfo( 'version' ) ); + $can_customize = current_user_can( 'customize' ); + $is_block_theme = wp_is_block_theme(); + ?> + <div class="welcome-panel-content"> + <div class="welcome-panel-header"> + <div class="welcome-panel-header-image"> + <?php echo file_get_contents( dirname( __DIR__ ) . '/images/dashboard-background.svg' ); ?> + </div> + <h2><?php _e( 'Welcome to WordPress!' ); ?></h2> + <p> + <a href="<?php echo esc_url( admin_url( 'about.php' ) ); ?>"> + <?php + /* translators: %s: Current WordPress version. */ + printf( __( 'Learn more about the %s version.' ), $display_version ); + ?> + </a> + </p> + </div> + <div class="welcome-panel-column-container"> + <div class="welcome-panel-column"> + <svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false"> + <rect width="48" height="48" rx="4" fill="#1E1E1E"/> + <path fill-rule="evenodd" clip-rule="evenodd" d="M32.0668 17.0854L28.8221 13.9454L18.2008 24.671L16.8983 29.0827L21.4257 27.8309L32.0668 17.0854ZM16 32.75H24V31.25H16V32.75Z" fill="white"/> + </svg> + <div class="welcome-panel-column-content"> + <h3><?php _e( 'Author rich content with blocks and patterns' ); ?></h3> + <p><?php _e( 'Block patterns are pre-configured block layouts. Use them to get inspired or create new pages in a flash.' ); ?></p> + <a href="<?php echo esc_url( admin_url( 'post-new.php?post_type=page' ) ); ?>"><?php _e( 'Add a new page' ); ?></a> + </div> + </div> + <div class="welcome-panel-column"> + <svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false"> + <rect width="48" height="48" rx="4" fill="#1E1E1E"/> + <path fill-rule="evenodd" clip-rule="evenodd" d="M18 16h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H18a2 2 0 0 1-2-2V18a2 2 0 0 1 2-2zm12 1.5H18a.5.5 0 0 0-.5.5v3h13v-3a.5.5 0 0 0-.5-.5zm.5 5H22v8h8a.5.5 0 0 0 .5-.5v-7.5zm-10 0h-3V30a.5.5 0 0 0 .5.5h2.5v-8z" fill="#fff"/> + </svg> + <div class="welcome-panel-column-content"> + <?php if ( $is_block_theme ) : ?> + <h3><?php _e( 'Customize your entire site with block themes' ); ?></h3> + <p><?php _e( 'Design everything on your site — from the header down to the footer, all using blocks and patterns.' ); ?></p> + <a href="<?php echo esc_url( admin_url( 'site-editor.php' ) ); ?>"><?php _e( 'Open site editor' ); ?></a> + <?php else : ?> + <h3><?php _e( 'Start Customizing' ); ?></h3> + <p><?php _e( 'Configure your site’s logo, header, menus, and more in the Customizer.' ); ?></p> + <?php if ( $can_customize ) : ?> + <a class="load-customize hide-if-no-customize" href="<?php echo wp_customize_url(); ?>"><?php _e( 'Open the Customizer' ); ?></a> + <?php endif; ?> + <?php endif; ?> + </div> + </div> + <div class="welcome-panel-column"> + <svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false"> + <rect width="48" height="48" rx="4" fill="#1E1E1E"/> + <path fill-rule="evenodd" clip-rule="evenodd" d="M31 24a7 7 0 0 1-7 7V17a7 7 0 0 1 7 7zm-7-8a8 8 0 1 1 0 16 8 8 0 0 1 0-16z" fill="#fff"/> + </svg> + <div class="welcome-panel-column-content"> + <?php if ( $is_block_theme ) : ?> + <h3><?php _e( 'Switch up your site’s look & feel with Styles' ); ?></h3> + <p><?php _e( 'Tweak your site, or give it a whole new look! Get creative — how about a new color palette or font?' ); ?></p> + <a href="<?php echo esc_url( admin_url( '/site-editor.php?path=%2Fwp_global_styles' ) ); ?>"><?php _e( 'Edit styles' ); ?></a> + <?php else : ?> + <h3><?php _e( 'Discover a new way to build your site.' ); ?></h3> + <p><?php _e( 'There is a new kind of WordPress theme, called a block theme, that lets you build the site you’ve always wanted — with blocks and styles.' ); ?></p> + <a href="<?php echo esc_url( __( 'https://wordpress.org/documentation/article/block-themes/' ) ); ?>"><?php _e( 'Learn about block themes' ); ?></a> + <?php endif; ?> + </div> + </div> + </div> + </div> + <?php +} diff --git a/wp-admin/includes/deprecated.php b/wp-admin/includes/deprecated.php new file mode 100644 index 0000000..d588ad4 --- /dev/null +++ b/wp-admin/includes/deprecated.php @@ -0,0 +1,1591 @@ +<?php +/** + * Deprecated admin functions from past WordPress versions. You shouldn't use these + * functions and look for the alternatives instead. The functions will be removed + * in a later version. + * + * @package WordPress + * @subpackage Deprecated + */ + +/* + * Deprecated functions come here to die. + */ + +/** + * @since 2.1.0 + * @deprecated 2.1.0 Use wp_editor() + * @see wp_editor() + */ +function tinymce_include() { + _deprecated_function( __FUNCTION__, '2.1.0', 'wp_editor()' ); + + wp_tiny_mce(); +} + +/** + * Unused Admin function. + * + * @since 2.0.0 + * @deprecated 2.5.0 + * + */ +function documentation_link() { + _deprecated_function( __FUNCTION__, '2.5.0' ); +} + +/** + * Calculates the new dimensions for a downsampled image. + * + * @since 2.0.0 + * @deprecated 3.0.0 Use wp_constrain_dimensions() + * @see wp_constrain_dimensions() + * + * @param int $width Current width of the image + * @param int $height Current height of the image + * @param int $wmax Maximum wanted width + * @param int $hmax Maximum wanted height + * @return array Shrunk dimensions (width, height). + */ +function wp_shrink_dimensions( $width, $height, $wmax = 128, $hmax = 96 ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'wp_constrain_dimensions()' ); + return wp_constrain_dimensions( $width, $height, $wmax, $hmax ); +} + +/** + * Calculated the new dimensions for a downsampled image. + * + * @since 2.0.0 + * @deprecated 3.5.0 Use wp_constrain_dimensions() + * @see wp_constrain_dimensions() + * + * @param int $width Current width of the image + * @param int $height Current height of the image + * @return array Shrunk dimensions (width, height). + */ +function get_udims( $width, $height ) { + _deprecated_function( __FUNCTION__, '3.5.0', 'wp_constrain_dimensions()' ); + return wp_constrain_dimensions( $width, $height, 128, 96 ); +} + +/** + * Legacy function used to generate the categories checklist control. + * + * @since 0.71 + * @deprecated 2.6.0 Use wp_category_checklist() + * @see wp_category_checklist() + * + * @global int $post_ID + * + * @param int $default_category Unused. + * @param int $category_parent Unused. + * @param array $popular_ids Unused. + */ +function dropdown_categories( $default_category = 0, $category_parent = 0, $popular_ids = array() ) { + _deprecated_function( __FUNCTION__, '2.6.0', 'wp_category_checklist()' ); + global $post_ID; + wp_category_checklist( $post_ID ); +} + +/** + * Legacy function used to generate a link categories checklist control. + * + * @since 2.1.0 + * @deprecated 2.6.0 Use wp_link_category_checklist() + * @see wp_link_category_checklist() + * + * @global int $link_id + * + * @param int $default_link_category Unused. + */ +function dropdown_link_categories( $default_link_category = 0 ) { + _deprecated_function( __FUNCTION__, '2.6.0', 'wp_link_category_checklist()' ); + global $link_id; + wp_link_category_checklist( $link_id ); +} + +/** + * Get the real filesystem path to a file to edit within the admin. + * + * @since 1.5.0 + * @deprecated 2.9.0 + * @uses WP_CONTENT_DIR Full filesystem path to the wp-content directory. + * + * @param string $file Filesystem path relative to the wp-content directory. + * @return string Full filesystem path to edit. + */ +function get_real_file_to_edit( $file ) { + _deprecated_function( __FUNCTION__, '2.9.0' ); + + return WP_CONTENT_DIR . $file; +} + +/** + * Legacy function used for generating a categories drop-down control. + * + * @since 1.2.0 + * @deprecated 3.0.0 Use wp_dropdown_categories() + * @see wp_dropdown_categories() + * + * @param int $current_cat Optional. ID of the current category. Default 0. + * @param int $current_parent Optional. Current parent category ID. Default 0. + * @param int $category_parent Optional. Parent ID to retrieve categories for. Default 0. + * @param int $level Optional. Number of levels deep to display. Default 0. + * @param array $categories Optional. Categories to include in the control. Default 0. + * @return void|false Void on success, false if no categories were found. + */ +function wp_dropdown_cats( $current_cat = 0, $current_parent = 0, $category_parent = 0, $level = 0, $categories = 0 ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'wp_dropdown_categories()' ); + if (!$categories ) + $categories = get_categories( array('hide_empty' => 0) ); + + if ( $categories ) { + foreach ( $categories as $category ) { + if ( $current_cat != $category->term_id && $category_parent == $category->parent) { + $pad = str_repeat( '– ', $level ); + $category->name = esc_html( $category->name ); + echo "\n\t<option value='$category->term_id'"; + if ( $current_parent == $category->term_id ) + echo " selected='selected'"; + echo ">$pad$category->name</option>"; + wp_dropdown_cats( $current_cat, $current_parent, $category->term_id, $level +1, $categories ); + } + } + } else { + return false; + } +} + +/** + * Register a setting and its sanitization callback + * + * @since 2.7.0 + * @deprecated 3.0.0 Use register_setting() + * @see register_setting() + * + * @param string $option_group A settings group name. Should correspond to an allowed option key name. + * Default allowed option key names include 'general', 'discussion', 'media', + * 'reading', 'writing', and 'options'. + * @param string $option_name The name of an option to sanitize and save. + * @param callable $sanitize_callback Optional. A callback function that sanitizes the option's value. + */ +function add_option_update_handler( $option_group, $option_name, $sanitize_callback = '' ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'register_setting()' ); + register_setting( $option_group, $option_name, $sanitize_callback ); +} + +/** + * Unregister a setting + * + * @since 2.7.0 + * @deprecated 3.0.0 Use unregister_setting() + * @see unregister_setting() + * + * @param string $option_group The settings group name used during registration. + * @param string $option_name The name of the option to unregister. + * @param callable $sanitize_callback Optional. Deprecated. + */ +function remove_option_update_handler( $option_group, $option_name, $sanitize_callback = '' ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'unregister_setting()' ); + unregister_setting( $option_group, $option_name, $sanitize_callback ); +} + +/** + * Determines the language to use for CodePress syntax highlighting. + * + * @since 2.8.0 + * @deprecated 3.0.0 + * + * @param string $filename + */ +function codepress_get_lang( $filename ) { + _deprecated_function( __FUNCTION__, '3.0.0' ); +} + +/** + * Adds JavaScript required to make CodePress work on the theme/plugin file editors. + * + * @since 2.8.0 + * @deprecated 3.0.0 + */ +function codepress_footer_js() { + _deprecated_function( __FUNCTION__, '3.0.0' ); +} + +/** + * Determine whether to use CodePress. + * + * @since 2.8.0 + * @deprecated 3.0.0 + */ +function use_codepress() { + _deprecated_function( __FUNCTION__, '3.0.0' ); +} + +/** + * Get all user IDs. + * + * @deprecated 3.1.0 Use get_users() + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return array List of user IDs. + */ +function get_author_user_ids() { + _deprecated_function( __FUNCTION__, '3.1.0', 'get_users()' ); + + global $wpdb; + if ( !is_multisite() ) + $level_key = $wpdb->get_blog_prefix() . 'user_level'; + else + $level_key = $wpdb->get_blog_prefix() . 'capabilities'; // WPMU site admins don't have user_levels. + + return $wpdb->get_col( $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value != '0'", $level_key) ); +} + +/** + * Gets author users who can edit posts. + * + * @deprecated 3.1.0 Use get_users() + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id User ID. + * @return array|false List of editable authors. False if no editable users. + */ +function get_editable_authors( $user_id ) { + _deprecated_function( __FUNCTION__, '3.1.0', 'get_users()' ); + + global $wpdb; + + $editable = get_editable_user_ids( $user_id ); + + if ( !$editable ) { + return false; + } else { + $editable = join(',', $editable); + $authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable) ORDER BY display_name" ); + } + + return apply_filters('get_editable_authors', $authors); +} + +/** + * Gets the IDs of any users who can edit posts. + * + * @deprecated 3.1.0 Use get_users() + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id User ID. + * @param bool $exclude_zeros Optional. Whether to exclude zeroes. Default true. + * @return array Array of editable user IDs, empty array otherwise. + */ +function get_editable_user_ids( $user_id, $exclude_zeros = true, $post_type = 'post' ) { + _deprecated_function( __FUNCTION__, '3.1.0', 'get_users()' ); + + global $wpdb; + + if ( ! $user = get_userdata( $user_id ) ) + return array(); + $post_type_obj = get_post_type_object($post_type); + + if ( ! $user->has_cap($post_type_obj->cap->edit_others_posts) ) { + if ( $user->has_cap($post_type_obj->cap->edit_posts) || ! $exclude_zeros ) + return array($user->ID); + else + return array(); + } + + if ( !is_multisite() ) + $level_key = $wpdb->get_blog_prefix() . 'user_level'; + else + $level_key = $wpdb->get_blog_prefix() . 'capabilities'; // WPMU site admins don't have user_levels. + + $query = $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s", $level_key); + if ( $exclude_zeros ) + $query .= " AND meta_value != '0'"; + + return $wpdb->get_col( $query ); +} + +/** + * Gets all users who are not authors. + * + * @deprecated 3.1.0 Use get_users() + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function get_nonauthor_user_ids() { + _deprecated_function( __FUNCTION__, '3.1.0', 'get_users()' ); + + global $wpdb; + + if ( !is_multisite() ) + $level_key = $wpdb->get_blog_prefix() . 'user_level'; + else + $level_key = $wpdb->get_blog_prefix() . 'capabilities'; // WPMU site admins don't have user_levels. + + return $wpdb->get_col( $wpdb->prepare("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value = '0'", $level_key) ); +} + +if ( ! class_exists( 'WP_User_Search', false ) ) : +/** + * WordPress User Search class. + * + * @since 2.1.0 + * @deprecated 3.1.0 Use WP_User_Query + */ +class WP_User_Search { + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var mixed + */ + var $results; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var string + */ + var $search_term; + + /** + * Page number. + * + * @since 2.1.0 + * @access private + * @var int + */ + var $page; + + /** + * Role name that users have. + * + * @since 2.5.0 + * @access private + * @var string + */ + var $role; + + /** + * Raw page number. + * + * @since 2.1.0 + * @access private + * @var int|bool + */ + var $raw_page; + + /** + * Amount of users to display per page. + * + * @since 2.1.0 + * @access public + * @var int + */ + var $users_per_page = 50; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var int + */ + var $first_user; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var int + */ + var $last_user; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var string + */ + var $query_limit; + + /** + * {@internal Missing Description}} + * + * @since 3.0.0 + * @access private + * @var string + */ + var $query_orderby; + + /** + * {@internal Missing Description}} + * + * @since 3.0.0 + * @access private + * @var string + */ + var $query_from; + + /** + * {@internal Missing Description}} + * + * @since 3.0.0 + * @access private + * @var string + */ + var $query_where; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var int + */ + var $total_users_for_query = 0; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var bool + */ + var $too_many_total_users = false; + + /** + * {@internal Missing Description}} + * + * @since 2.1.0 + * @access private + * @var WP_Error + */ + var $search_errors; + + /** + * {@internal Missing Description}} + * + * @since 2.7.0 + * @access private + * @var string + */ + var $paging_text; + + /** + * PHP5 Constructor - Sets up the object properties. + * + * @since 2.1.0 + * + * @param string $search_term Search terms string. + * @param int $page Optional. Page ID. + * @param string $role Role name. + * @return WP_User_Search + */ + function __construct( $search_term = '', $page = '', $role = '' ) { + _deprecated_class( 'WP_User_Search', '3.1.0', 'WP_User_Query' ); + + $this->search_term = wp_unslash( $search_term ); + $this->raw_page = ( '' == $page ) ? false : (int) $page; + $this->page = ( '' == $page ) ? 1 : (int) $page; + $this->role = $role; + + $this->prepare_query(); + $this->query(); + $this->do_paging(); + } + + /** + * PHP4 Constructor - Sets up the object properties. + * + * @since 2.1.0 + * + * @param string $search_term Search terms string. + * @param int $page Optional. Page ID. + * @param string $role Role name. + * @return WP_User_Search + */ + public function WP_User_Search( $search_term = '', $page = '', $role = '' ) { + _deprecated_constructor( 'WP_User_Search', '3.1.0', get_class( $this ) ); + self::__construct( $search_term, $page, $role ); + } + + /** + * Prepares the user search query (legacy). + * + * @since 2.1.0 + * @access public + * + * @global wpdb $wpdb WordPress database abstraction object. + */ + public function prepare_query() { + global $wpdb; + $this->first_user = ($this->page - 1) * $this->users_per_page; + + $this->query_limit = $wpdb->prepare(" LIMIT %d, %d", $this->first_user, $this->users_per_page); + $this->query_orderby = ' ORDER BY user_login'; + + $search_sql = ''; + if ( $this->search_term ) { + $searches = array(); + $search_sql = 'AND ('; + foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col ) + $searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' ); + $search_sql .= implode(' OR ', $searches); + $search_sql .= ')'; + } + + $this->query_from = " FROM $wpdb->users"; + $this->query_where = " WHERE 1=1 $search_sql"; + + if ( $this->role ) { + $this->query_from .= " INNER JOIN $wpdb->usermeta ON $wpdb->users.ID = $wpdb->usermeta.user_id"; + $this->query_where .= $wpdb->prepare(" AND $wpdb->usermeta.meta_key = '{$wpdb->prefix}capabilities' AND $wpdb->usermeta.meta_value LIKE %s", '%' . $this->role . '%'); + } elseif ( is_multisite() ) { + $level_key = $wpdb->prefix . 'capabilities'; // WPMU site admins don't have user_levels. + $this->query_from .= ", $wpdb->usermeta"; + $this->query_where .= " AND $wpdb->users.ID = $wpdb->usermeta.user_id AND meta_key = '{$level_key}'"; + } + + do_action_ref_array( 'pre_user_search', array( &$this ) ); + } + + /** + * Executes the user search query. + * + * @since 2.1.0 + * @access public + * + * @global wpdb $wpdb WordPress database abstraction object. + */ + public function query() { + global $wpdb; + + $this->results = $wpdb->get_col("SELECT DISTINCT($wpdb->users.ID)" . $this->query_from . $this->query_where . $this->query_orderby . $this->query_limit); + + if ( $this->results ) + $this->total_users_for_query = $wpdb->get_var("SELECT COUNT(DISTINCT($wpdb->users.ID))" . $this->query_from . $this->query_where); // No limit. + else + $this->search_errors = new WP_Error('no_matching_users_found', __('No users found.')); + } + + /** + * Prepares variables for use in templates. + * + * @since 2.1.0 + * @access public + */ + function prepare_vars_for_template_usage() {} + + /** + * Handles paging for the user search query. + * + * @since 2.1.0 + * @access public + */ + public function do_paging() { + if ( $this->total_users_for_query > $this->users_per_page ) { // Have to page the results. + $args = array(); + if ( ! empty($this->search_term) ) + $args['usersearch'] = urlencode($this->search_term); + if ( ! empty($this->role) ) + $args['role'] = urlencode($this->role); + + $this->paging_text = paginate_links( array( + 'total' => ceil($this->total_users_for_query / $this->users_per_page), + 'current' => $this->page, + 'base' => 'users.php?%_%', + 'format' => 'userspage=%#%', + 'add_args' => $args + ) ); + if ( $this->paging_text ) { + $this->paging_text = sprintf( + /* translators: 1: Starting number of users on the current page, 2: Ending number of users, 3: Total number of users. */ + '<span class="displaying-num">' . __( 'Displaying %1$s–%2$s of %3$s' ) . '</span>%s', + number_format_i18n( ( $this->page - 1 ) * $this->users_per_page + 1 ), + number_format_i18n( min( $this->page * $this->users_per_page, $this->total_users_for_query ) ), + number_format_i18n( $this->total_users_for_query ), + $this->paging_text + ); + } + } + } + + /** + * Retrieves the user search query results. + * + * @since 2.1.0 + * @access public + * + * @return array + */ + public function get_results() { + return (array) $this->results; + } + + /** + * Displaying paging text. + * + * @see do_paging() Builds paging text. + * + * @since 2.1.0 + * @access public + */ + function page_links() { + echo $this->paging_text; + } + + /** + * Whether paging is enabled. + * + * @see do_paging() Builds paging text. + * + * @since 2.1.0 + * @access public + * + * @return bool + */ + function results_are_paged() { + if ( $this->paging_text ) + return true; + return false; + } + + /** + * Whether there are search terms. + * + * @since 2.1.0 + * @access public + * + * @return bool + */ + function is_search() { + if ( $this->search_term ) + return true; + return false; + } +} +endif; + +/** + * Retrieves editable posts from other users. + * + * @since 2.3.0 + * @deprecated 3.1.0 Use get_posts() + * @see get_posts() + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id User ID to not retrieve posts from. + * @param string $type Optional. Post type to retrieve. Accepts 'draft', 'pending' or 'any' (all). + * Default 'any'. + * @return array List of posts from others. + */ +function get_others_unpublished_posts( $user_id, $type = 'any' ) { + _deprecated_function( __FUNCTION__, '3.1.0' ); + + global $wpdb; + + $editable = get_editable_user_ids( $user_id ); + + if ( in_array($type, array('draft', 'pending')) ) + $type_sql = " post_status = '$type' "; + else + $type_sql = " ( post_status = 'draft' OR post_status = 'pending' ) "; + + $dir = ( 'pending' == $type ) ? 'ASC' : 'DESC'; + + if ( !$editable ) { + $other_unpubs = ''; + } else { + $editable = join(',', $editable); + $other_unpubs = $wpdb->get_results( $wpdb->prepare("SELECT ID, post_title, post_author FROM $wpdb->posts WHERE post_type = 'post' AND $type_sql AND post_author IN ($editable) AND post_author != %d ORDER BY post_modified $dir", $user_id) ); + } + + return apply_filters('get_others_drafts', $other_unpubs); +} + +/** + * Retrieve drafts from other users. + * + * @deprecated 3.1.0 Use get_posts() + * @see get_posts() + * + * @param int $user_id User ID. + * @return array List of drafts from other users. + */ +function get_others_drafts($user_id) { + _deprecated_function( __FUNCTION__, '3.1.0' ); + + return get_others_unpublished_posts($user_id, 'draft'); +} + +/** + * Retrieve pending review posts from other users. + * + * @deprecated 3.1.0 Use get_posts() + * @see get_posts() + * + * @param int $user_id User ID. + * @return array List of posts with pending review post type from other users. + */ +function get_others_pending($user_id) { + _deprecated_function( __FUNCTION__, '3.1.0' ); + + return get_others_unpublished_posts($user_id, 'pending'); +} + +/** + * Output the QuickPress dashboard widget. + * + * @since 3.0.0 + * @deprecated 3.2.0 Use wp_dashboard_quick_press() + * @see wp_dashboard_quick_press() + */ +function wp_dashboard_quick_press_output() { + _deprecated_function( __FUNCTION__, '3.2.0', 'wp_dashboard_quick_press()' ); + wp_dashboard_quick_press(); +} + +/** + * Outputs the TinyMCE editor. + * + * @since 2.7.0 + * @deprecated 3.3.0 Use wp_editor() + * @see wp_editor() + */ +function wp_tiny_mce( $teeny = false, $settings = false ) { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_editor()' ); + + static $num = 1; + + if ( ! class_exists( '_WP_Editors', false ) ) + require_once ABSPATH . WPINC . '/class-wp-editor.php'; + + $editor_id = 'content' . $num++; + + $set = array( + 'teeny' => $teeny, + 'tinymce' => $settings ? $settings : true, + 'quicktags' => false + ); + + $set = _WP_Editors::parse_settings($editor_id, $set); + _WP_Editors::editor_settings($editor_id, $set); +} + +/** + * Preloads TinyMCE dialogs. + * + * @deprecated 3.3.0 Use wp_editor() + * @see wp_editor() + */ +function wp_preload_dialogs() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_editor()' ); +} + +/** + * Prints TinyMCE editor JS. + * + * @deprecated 3.3.0 Use wp_editor() + * @see wp_editor() + */ +function wp_print_editor_js() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_editor()' ); +} + +/** + * Handles quicktags. + * + * @deprecated 3.3.0 Use wp_editor() + * @see wp_editor() + */ +function wp_quicktags() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_editor()' ); +} + +/** + * Returns the screen layout options. + * + * @since 2.8.0 + * @deprecated 3.3.0 WP_Screen::render_screen_layout() + * @see WP_Screen::render_screen_layout() + */ +function screen_layout( $screen ) { + _deprecated_function( __FUNCTION__, '3.3.0', '$current_screen->render_screen_layout()' ); + + $current_screen = get_current_screen(); + + if ( ! $current_screen ) + return ''; + + ob_start(); + $current_screen->render_screen_layout(); + return ob_get_clean(); +} + +/** + * Returns the screen's per-page options. + * + * @since 2.8.0 + * @deprecated 3.3.0 Use WP_Screen::render_per_page_options() + * @see WP_Screen::render_per_page_options() + */ +function screen_options( $screen ) { + _deprecated_function( __FUNCTION__, '3.3.0', '$current_screen->render_per_page_options()' ); + + $current_screen = get_current_screen(); + + if ( ! $current_screen ) + return ''; + + ob_start(); + $current_screen->render_per_page_options(); + return ob_get_clean(); +} + +/** + * Renders the screen's help. + * + * @since 2.7.0 + * @deprecated 3.3.0 Use WP_Screen::render_screen_meta() + * @see WP_Screen::render_screen_meta() + */ +function screen_meta( $screen ) { + $current_screen = get_current_screen(); + $current_screen->render_screen_meta(); +} + +/** + * Favorite actions were deprecated in version 3.2. Use the admin bar instead. + * + * @since 2.7.0 + * @deprecated 3.2.0 Use WP_Admin_Bar + * @see WP_Admin_Bar + */ +function favorite_actions() { + _deprecated_function( __FUNCTION__, '3.2.0', 'WP_Admin_Bar' ); +} + +/** + * Handles uploading an image. + * + * @deprecated 3.3.0 Use wp_media_upload_handler() + * @see wp_media_upload_handler() + * + * @return null|string + */ +function media_upload_image() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_media_upload_handler()' ); + return wp_media_upload_handler(); +} + +/** + * Handles uploading an audio file. + * + * @deprecated 3.3.0 Use wp_media_upload_handler() + * @see wp_media_upload_handler() + * + * @return null|string + */ +function media_upload_audio() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_media_upload_handler()' ); + return wp_media_upload_handler(); +} + +/** + * Handles uploading a video file. + * + * @deprecated 3.3.0 Use wp_media_upload_handler() + * @see wp_media_upload_handler() + * + * @return null|string + */ +function media_upload_video() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_media_upload_handler()' ); + return wp_media_upload_handler(); +} + +/** + * Handles uploading a generic file. + * + * @deprecated 3.3.0 Use wp_media_upload_handler() + * @see wp_media_upload_handler() + * + * @return null|string + */ +function media_upload_file() { + _deprecated_function( __FUNCTION__, '3.3.0', 'wp_media_upload_handler()' ); + return wp_media_upload_handler(); +} + +/** + * Handles retrieving the insert-from-URL form for an image. + * + * @deprecated 3.3.0 Use wp_media_insert_url_form() + * @see wp_media_insert_url_form() + * + * @return string + */ +function type_url_form_image() { + _deprecated_function( __FUNCTION__, '3.3.0', "wp_media_insert_url_form('image')" ); + return wp_media_insert_url_form( 'image' ); +} + +/** + * Handles retrieving the insert-from-URL form for an audio file. + * + * @deprecated 3.3.0 Use wp_media_insert_url_form() + * @see wp_media_insert_url_form() + * + * @return string + */ +function type_url_form_audio() { + _deprecated_function( __FUNCTION__, '3.3.0', "wp_media_insert_url_form('audio')" ); + return wp_media_insert_url_form( 'audio' ); +} + +/** + * Handles retrieving the insert-from-URL form for a video file. + * + * @deprecated 3.3.0 Use wp_media_insert_url_form() + * @see wp_media_insert_url_form() + * + * @return string + */ +function type_url_form_video() { + _deprecated_function( __FUNCTION__, '3.3.0', "wp_media_insert_url_form('video')" ); + return wp_media_insert_url_form( 'video' ); +} + +/** + * Handles retrieving the insert-from-URL form for a generic file. + * + * @deprecated 3.3.0 Use wp_media_insert_url_form() + * @see wp_media_insert_url_form() + * + * @return string + */ +function type_url_form_file() { + _deprecated_function( __FUNCTION__, '3.3.0', "wp_media_insert_url_form('file')" ); + return wp_media_insert_url_form( 'file' ); +} + +/** + * Add contextual help text for a page. + * + * Creates an 'Overview' help tab. + * + * @since 2.7.0 + * @deprecated 3.3.0 Use WP_Screen::add_help_tab() + * @see WP_Screen::add_help_tab() + * + * @param string $screen The handle for the screen to add help to. This is usually + * the hook name returned by the `add_*_page()` functions. + * @param string $help The content of an 'Overview' help tab. + */ +function add_contextual_help( $screen, $help ) { + _deprecated_function( __FUNCTION__, '3.3.0', 'get_current_screen()->add_help_tab()' ); + + if ( is_string( $screen ) ) + $screen = convert_to_screen( $screen ); + + WP_Screen::add_old_compat_help( $screen, $help ); +} + +/** + * Get the allowed themes for the current site. + * + * @since 3.0.0 + * @deprecated 3.4.0 Use wp_get_themes() + * @see wp_get_themes() + * + * @return WP_Theme[] Array of WP_Theme objects keyed by their name. + */ +function get_allowed_themes() { + _deprecated_function( __FUNCTION__, '3.4.0', "wp_get_themes( array( 'allowed' => true ) )" ); + + $themes = wp_get_themes( array( 'allowed' => true ) ); + + $wp_themes = array(); + foreach ( $themes as $theme ) { + $wp_themes[ $theme->get('Name') ] = $theme; + } + + return $wp_themes; +} + +/** + * Retrieves a list of broken themes. + * + * @since 1.5.0 + * @deprecated 3.4.0 Use wp_get_themes() + * @see wp_get_themes() + * + * @return array + */ +function get_broken_themes() { + _deprecated_function( __FUNCTION__, '3.4.0', "wp_get_themes( array( 'errors' => true )" ); + + $themes = wp_get_themes( array( 'errors' => true ) ); + $broken = array(); + foreach ( $themes as $theme ) { + $name = $theme->get('Name'); + $broken[ $name ] = array( + 'Name' => $name, + 'Title' => $name, + 'Description' => $theme->errors()->get_error_message(), + ); + } + return $broken; +} + +/** + * Retrieves information on the current active theme. + * + * @since 2.0.0 + * @deprecated 3.4.0 Use wp_get_theme() + * @see wp_get_theme() + * + * @return WP_Theme + */ +function current_theme_info() { + _deprecated_function( __FUNCTION__, '3.4.0', 'wp_get_theme()' ); + + return wp_get_theme(); +} + +/** + * This was once used to display an 'Insert into Post' button. + * + * Now it is deprecated and stubbed. + * + * @deprecated 3.5.0 + */ +function _insert_into_post_button( $type ) { + _deprecated_function( __FUNCTION__, '3.5.0' ); +} + +/** + * This was once used to display a media button. + * + * Now it is deprecated and stubbed. + * + * @deprecated 3.5.0 + */ +function _media_button($title, $icon, $type, $id) { + _deprecated_function( __FUNCTION__, '3.5.0' ); +} + +/** + * Gets an existing post and format it for editing. + * + * @since 2.0.0 + * @deprecated 3.5.0 Use get_post() + * @see get_post() + * + * @param int $id + * @return WP_Post + */ +function get_post_to_edit( $id ) { + _deprecated_function( __FUNCTION__, '3.5.0', 'get_post()' ); + + return get_post( $id, OBJECT, 'edit' ); +} + +/** + * Gets the default page information to use. + * + * @since 2.5.0 + * @deprecated 3.5.0 Use get_default_post_to_edit() + * @see get_default_post_to_edit() + * + * @return WP_Post Post object containing all the default post data as attributes + */ +function get_default_page_to_edit() { + _deprecated_function( __FUNCTION__, '3.5.0', "get_default_post_to_edit( 'page' )" ); + + $page = get_default_post_to_edit(); + $page->post_type = 'page'; + return $page; +} + +/** + * This was once used to create a thumbnail from an Image given a maximum side size. + * + * @since 1.2.0 + * @deprecated 3.5.0 Use image_resize() + * @see image_resize() + * + * @param mixed $file Filename of the original image, Or attachment ID. + * @param int $max_side Maximum length of a single side for the thumbnail. + * @param mixed $deprecated Never used. + * @return string Thumbnail path on success, Error string on failure. + */ +function wp_create_thumbnail( $file, $max_side, $deprecated = '' ) { + _deprecated_function( __FUNCTION__, '3.5.0', 'image_resize()' ); + return apply_filters( 'wp_create_thumbnail', image_resize( $file, $max_side, $max_side ) ); +} + +/** + * This was once used to display a meta box for the nav menu theme locations. + * + * Deprecated in favor of a 'Manage Locations' tab added to nav menus management screen. + * + * @since 3.0.0 + * @deprecated 3.6.0 + */ +function wp_nav_menu_locations_meta_box() { + _deprecated_function( __FUNCTION__, '3.6.0' ); +} + +/** + * This was once used to kick-off the Core Updater. + * + * Deprecated in favor of instantating a Core_Upgrader instance directly, + * and calling the 'upgrade' method. + * + * @since 2.7.0 + * @deprecated 3.7.0 Use Core_Upgrader + * @see Core_Upgrader + */ +function wp_update_core($current, $feedback = '') { + _deprecated_function( __FUNCTION__, '3.7.0', 'new Core_Upgrader();' ); + + if ( !empty($feedback) ) + add_filter('update_feedback', $feedback); + + require ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + $upgrader = new Core_Upgrader(); + return $upgrader->upgrade($current); + +} + +/** + * This was once used to kick-off the Plugin Updater. + * + * Deprecated in favor of instantating a Plugin_Upgrader instance directly, + * and calling the 'upgrade' method. + * Unused since 2.8.0. + * + * @since 2.5.0 + * @deprecated 3.7.0 Use Plugin_Upgrader + * @see Plugin_Upgrader + */ +function wp_update_plugin($plugin, $feedback = '') { + _deprecated_function( __FUNCTION__, '3.7.0', 'new Plugin_Upgrader();' ); + + if ( !empty($feedback) ) + add_filter('update_feedback', $feedback); + + require ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + $upgrader = new Plugin_Upgrader(); + return $upgrader->upgrade($plugin); +} + +/** + * This was once used to kick-off the Theme Updater. + * + * Deprecated in favor of instantiating a Theme_Upgrader instance directly, + * and calling the 'upgrade' method. + * Unused since 2.8.0. + * + * @since 2.7.0 + * @deprecated 3.7.0 Use Theme_Upgrader + * @see Theme_Upgrader + */ +function wp_update_theme($theme, $feedback = '') { + _deprecated_function( __FUNCTION__, '3.7.0', 'new Theme_Upgrader();' ); + + if ( !empty($feedback) ) + add_filter('update_feedback', $feedback); + + require ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + $upgrader = new Theme_Upgrader(); + return $upgrader->upgrade($theme); +} + +/** + * This was once used to display attachment links. Now it is deprecated and stubbed. + * + * @since 2.0.0 + * @deprecated 3.7.0 + * + * @param int|bool $id + */ +function the_attachment_links( $id = false ) { + _deprecated_function( __FUNCTION__, '3.7.0' ); +} + +/** + * Displays a screen icon. + * + * @since 2.7.0 + * @deprecated 3.8.0 + */ +function screen_icon() { + _deprecated_function( __FUNCTION__, '3.8.0' ); + echo get_screen_icon(); +} + +/** + * Retrieves the screen icon (no longer used in 3.8+). + * + * @since 3.2.0 + * @deprecated 3.8.0 + * + * @return string An HTML comment explaining that icons are no longer used. + */ +function get_screen_icon() { + _deprecated_function( __FUNCTION__, '3.8.0' ); + return '<!-- Screen icons are no longer used as of WordPress 3.8. -->'; +} + +/** + * Deprecated dashboard widget controls. + * + * @since 2.5.0 + * @deprecated 3.8.0 + */ +function wp_dashboard_incoming_links_output() {} + +/** + * Deprecated dashboard secondary output. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_secondary_output() {} + +/** + * Deprecated dashboard widget controls. + * + * @since 2.7.0 + * @deprecated 3.8.0 + */ +function wp_dashboard_incoming_links() {} + +/** + * Deprecated dashboard incoming links control. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_incoming_links_control() {} + +/** + * Deprecated dashboard plugins control. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_plugins() {} + +/** + * Deprecated dashboard primary control. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_primary_control() {} + +/** + * Deprecated dashboard recent comments control. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_recent_comments_control() {} + +/** + * Deprecated dashboard secondary section. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_secondary() {} + +/** + * Deprecated dashboard secondary control. + * + * @deprecated 3.8.0 + */ +function wp_dashboard_secondary_control() {} + +/** + * Display plugins text for the WordPress news widget. + * + * @since 2.5.0 + * @deprecated 4.8.0 + * + * @param string $rss The RSS feed URL. + * @param array $args Array of arguments for this RSS feed. + */ +function wp_dashboard_plugins_output( $rss, $args = array() ) { + _deprecated_function( __FUNCTION__, '4.8.0' ); + + // Plugin feeds plus link to install them. + $popular = fetch_feed( $args['url']['popular'] ); + + if ( false === $plugin_slugs = get_transient( 'plugin_slugs' ) ) { + $plugin_slugs = array_keys( get_plugins() ); + set_transient( 'plugin_slugs', $plugin_slugs, DAY_IN_SECONDS ); + } + + echo '<ul>'; + + foreach ( array( $popular ) as $feed ) { + if ( is_wp_error( $feed ) || ! $feed->get_item_quantity() ) + continue; + + $items = $feed->get_items(0, 5); + + // Pick a random, non-installed plugin. + while ( true ) { + // Abort this foreach loop iteration if there's no plugins left of this type. + if ( 0 === count($items) ) + continue 2; + + $item_key = array_rand($items); + $item = $items[$item_key]; + + list($link, $frag) = explode( '#', $item->get_link() ); + + $link = esc_url($link); + if ( preg_match( '|/([^/]+?)/?$|', $link, $matches ) ) + $slug = $matches[1]; + else { + unset( $items[$item_key] ); + continue; + } + + // Is this random plugin's slug already installed? If so, try again. + reset( $plugin_slugs ); + foreach ( $plugin_slugs as $plugin_slug ) { + if ( str_starts_with( $plugin_slug, $slug ) ) { + unset( $items[$item_key] ); + continue 2; + } + } + + // If we get to this point, then the random plugin isn't installed and we can stop the while(). + break; + } + + // Eliminate some common badly formed plugin descriptions. + while ( ( null !== $item_key = array_rand($items) ) && str_contains( $items[$item_key]->get_description(), 'Plugin Name:' ) ) + unset($items[$item_key]); + + if ( !isset($items[$item_key]) ) + continue; + + $raw_title = $item->get_title(); + + $ilink = wp_nonce_url('plugin-install.php?tab=plugin-information&plugin=' . $slug, 'install-plugin_' . $slug) . '&TB_iframe=true&width=600&height=800'; + echo '<li class="dashboard-news-plugin"><span>' . __( 'Popular Plugin' ) . ':</span> ' . esc_html( $raw_title ) . + ' <a href="' . $ilink . '" class="thickbox open-plugin-details-modal" aria-label="' . + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Install %s', 'plugin' ), $raw_title ) ) . '">(' . __( 'Install' ) . ')</a></li>'; + + $feed->__destruct(); + unset( $feed ); + } + + echo '</ul>'; +} + +/** + * This was once used to move child posts to a new parent. + * + * @since 2.3.0 + * @deprecated 3.9.0 + * @access private + * + * @param int $old_ID + * @param int $new_ID + */ +function _relocate_children( $old_ID, $new_ID ) { + _deprecated_function( __FUNCTION__, '3.9.0' ); +} + +/** + * Add a top-level menu page in the 'objects' section. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * + * @deprecated 4.5.0 Use add_menu_page() + * @see add_menu_page() + * @global int $_wp_last_object_menu + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param string $icon_url Optional. The URL to the icon to be used for this menu. + * @return string The resulting page's hook_suffix. + */ +function add_object_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $icon_url = '') { + _deprecated_function( __FUNCTION__, '4.5.0', 'add_menu_page()' ); + + global $_wp_last_object_menu; + + $_wp_last_object_menu++; + + return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $callback, $icon_url, $_wp_last_object_menu); +} + +/** + * Add a top-level menu page in the 'utility' section. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * + * @deprecated 4.5.0 Use add_menu_page() + * @see add_menu_page() + * @global int $_wp_last_utility_menu + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param string $icon_url Optional. The URL to the icon to be used for this menu. + * @return string The resulting page's hook_suffix. + */ +function add_utility_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $icon_url = '') { + _deprecated_function( __FUNCTION__, '4.5.0', 'add_menu_page()' ); + + global $_wp_last_utility_menu; + + $_wp_last_utility_menu++; + + return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $callback, $icon_url, $_wp_last_utility_menu); +} + +/** + * Disables autocomplete on the 'post' form (Add/Edit Post screens) for WebKit browsers, + * as they disregard the autocomplete setting on the editor textarea. That can break the editor + * when the user navigates to it with the browser's Back button. See #28037 + * + * Replaced with wp_page_reload_on_back_button_js() that also fixes this problem. + * + * @since 4.0.0 + * @deprecated 4.6.0 + * + * @link https://core.trac.wordpress.org/ticket/35852 + * + * @global bool $is_safari + * @global bool $is_chrome + */ +function post_form_autocomplete_off() { + global $is_safari, $is_chrome; + + _deprecated_function( __FUNCTION__, '4.6.0' ); + + if ( $is_safari || $is_chrome ) { + echo ' autocomplete="off"'; + } +} + +/** + * Display JavaScript on the page. + * + * @since 3.5.0 + * @deprecated 4.9.0 + */ +function options_permalink_add_js() { + ?> + <script type="text/javascript"> + jQuery( function() { + jQuery('.permalink-structure input:radio').change(function() { + if ( 'custom' == this.value ) + return; + jQuery('#permalink_structure').val( this.value ); + }); + jQuery( '#permalink_structure' ).on( 'click input', function() { + jQuery( '#custom_selection' ).prop( 'checked', true ); + }); + } ); + </script> + <?php +} + +/** + * Previous class for list table for privacy data export requests. + * + * @since 4.9.6 + * @deprecated 5.3.0 + */ +class WP_Privacy_Data_Export_Requests_Table extends WP_Privacy_Data_Export_Requests_List_Table { + function __construct( $args ) { + _deprecated_function( __CLASS__, '5.3.0', 'WP_Privacy_Data_Export_Requests_List_Table' ); + + if ( ! isset( $args['screen'] ) || $args['screen'] === 'export_personal_data' ) { + $args['screen'] = 'export-personal-data'; + } + + parent::__construct( $args ); + } +} + +/** + * Previous class for list table for privacy data erasure requests. + * + * @since 4.9.6 + * @deprecated 5.3.0 + */ +class WP_Privacy_Data_Removal_Requests_Table extends WP_Privacy_Data_Removal_Requests_List_Table { + function __construct( $args ) { + _deprecated_function( __CLASS__, '5.3.0', 'WP_Privacy_Data_Removal_Requests_List_Table' ); + + if ( ! isset( $args['screen'] ) || $args['screen'] === 'remove_personal_data' ) { + $args['screen'] = 'erase-personal-data'; + } + + parent::__construct( $args ); + } +} + +/** + * Was used to add options for the privacy requests screens before they were separate files. + * + * @since 4.9.8 + * @access private + * @deprecated 5.3.0 + */ +function _wp_privacy_requests_screen_options() { + _deprecated_function( __FUNCTION__, '5.3.0' ); +} + +/** + * Was used to filter input from media_upload_form_handler() and to assign a default + * post_title from the file name if none supplied. + * + * @since 2.5.0 + * @deprecated 6.0.0 + * + * @param array $post The WP_Post attachment object converted to an array. + * @param array $attachment An array of attachment metadata. + * @return array Attachment post object converted to an array. + */ +function image_attachment_fields_to_save( $post, $attachment ) { + _deprecated_function( __FUNCTION__, '6.0.0' ); + + return $post; +} diff --git a/wp-admin/includes/edit-tag-messages.php b/wp-admin/includes/edit-tag-messages.php new file mode 100644 index 0000000..10dd9b2 --- /dev/null +++ b/wp-admin/includes/edit-tag-messages.php @@ -0,0 +1,59 @@ +<?php +/** + * Edit Tags Administration: Messages + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +$messages = array(); +// 0 = unused. Messages start at index 1. +$messages['_item'] = array( + 0 => '', + 1 => __( 'Item added.' ), + 2 => __( 'Item deleted.' ), + 3 => __( 'Item updated.' ), + 4 => __( 'Item not added.' ), + 5 => __( 'Item not updated.' ), + 6 => __( 'Items deleted.' ), +); + +$messages['category'] = array( + 0 => '', + 1 => __( 'Category added.' ), + 2 => __( 'Category deleted.' ), + 3 => __( 'Category updated.' ), + 4 => __( 'Category not added.' ), + 5 => __( 'Category not updated.' ), + 6 => __( 'Categories deleted.' ), +); + +$messages['post_tag'] = array( + 0 => '', + 1 => __( 'Tag added.' ), + 2 => __( 'Tag deleted.' ), + 3 => __( 'Tag updated.' ), + 4 => __( 'Tag not added.' ), + 5 => __( 'Tag not updated.' ), + 6 => __( 'Tags deleted.' ), +); + +/** + * Filters the messages displayed when a tag is updated. + * + * @since 3.7.0 + * + * @param array[] $messages Array of arrays of messages to be displayed, keyed by taxonomy name. + */ +$messages = apply_filters( 'term_updated_messages', $messages ); + +$message = false; +if ( isset( $_REQUEST['message'] ) && (int) $_REQUEST['message'] ) { + $msg = (int) $_REQUEST['message']; + if ( isset( $messages[ $taxonomy ][ $msg ] ) ) { + $message = $messages[ $taxonomy ][ $msg ]; + } elseif ( ! isset( $messages[ $taxonomy ] ) && isset( $messages['_item'][ $msg ] ) ) { + $message = $messages['_item'][ $msg ]; + } +} diff --git a/wp-admin/includes/export.php b/wp-admin/includes/export.php new file mode 100644 index 0000000..9610ac8 --- /dev/null +++ b/wp-admin/includes/export.php @@ -0,0 +1,686 @@ +<?php +/** + * WordPress Export Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Version number for the export format. + * + * Bump this when something changes that might affect compatibility. + * + * @since 2.5.0 + */ +define( 'WXR_VERSION', '1.2' ); + +/** + * Generates the WXR export file for download. + * + * Default behavior is to export all content, however, note that post content will only + * be exported for post types with the `can_export` argument enabled. Any posts with the + * 'auto-draft' status will be skipped. + * + * @since 2.1.0 + * @since 5.7.0 Added the `post_modified` and `post_modified_gmt` fields to the export file. + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP_Post $post Global post object. + * + * @param array $args { + * Optional. Arguments for generating the WXR export file for download. Default empty array. + * + * @type string $content Type of content to export. If set, only the post content of this post type + * will be exported. Accepts 'all', 'post', 'page', 'attachment', or a defined + * custom post. If an invalid custom post type is supplied, every post type for + * which `can_export` is enabled will be exported instead. If a valid custom post + * type is supplied but `can_export` is disabled, then 'posts' will be exported + * instead. When 'all' is supplied, only post types with `can_export` enabled will + * be exported. Default 'all'. + * @type string $author Author to export content for. Only used when `$content` is 'post', 'page', or + * 'attachment'. Accepts false (all) or a specific author ID. Default false (all). + * @type string $category Category (slug) to export content for. Used only when `$content` is 'post'. If + * set, only post content assigned to `$category` will be exported. Accepts false + * or a specific category slug. Default is false (all categories). + * @type string $start_date Start date to export content from. Expected date format is 'Y-m-d'. Used only + * when `$content` is 'post', 'page' or 'attachment'. Default false (since the + * beginning of time). + * @type string $end_date End date to export content to. Expected date format is 'Y-m-d'. Used only when + * `$content` is 'post', 'page' or 'attachment'. Default false (latest publish date). + * @type string $status Post status to export posts for. Used only when `$content` is 'post' or 'page'. + * Accepts false (all statuses except 'auto-draft'), or a specific status, i.e. + * 'publish', 'pending', 'draft', 'auto-draft', 'future', 'private', 'inherit', or + * 'trash'. Default false (all statuses except 'auto-draft'). + * } + */ +function export_wp( $args = array() ) { + global $wpdb, $post; + + $defaults = array( + 'content' => 'all', + 'author' => false, + 'category' => false, + 'start_date' => false, + 'end_date' => false, + 'status' => false, + ); + $args = wp_parse_args( $args, $defaults ); + + /** + * Fires at the beginning of an export, before any headers are sent. + * + * @since 2.3.0 + * + * @param array $args An array of export arguments. + */ + do_action( 'export_wp', $args ); + + $sitename = sanitize_key( get_bloginfo( 'name' ) ); + if ( ! empty( $sitename ) ) { + $sitename .= '.'; + } + $date = gmdate( 'Y-m-d' ); + $wp_filename = $sitename . 'WordPress.' . $date . '.xml'; + /** + * Filters the export filename. + * + * @since 4.4.0 + * + * @param string $wp_filename The name of the file for download. + * @param string $sitename The site name. + * @param string $date Today's date, formatted. + */ + $filename = apply_filters( 'export_wp_filename', $wp_filename, $sitename, $date ); + + header( 'Content-Description: File Transfer' ); + header( 'Content-Disposition: attachment; filename=' . $filename ); + header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ), true ); + + if ( 'all' !== $args['content'] && post_type_exists( $args['content'] ) ) { + $ptype = get_post_type_object( $args['content'] ); + if ( ! $ptype->can_export ) { + $args['content'] = 'post'; + } + + $where = $wpdb->prepare( "{$wpdb->posts}.post_type = %s", $args['content'] ); + } else { + $post_types = get_post_types( array( 'can_export' => true ) ); + $esses = array_fill( 0, count( $post_types ), '%s' ); + + // phpcs:ignore WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare + $where = $wpdb->prepare( "{$wpdb->posts}.post_type IN (" . implode( ',', $esses ) . ')', $post_types ); + } + + if ( $args['status'] && ( 'post' === $args['content'] || 'page' === $args['content'] ) ) { + $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_status = %s", $args['status'] ); + } else { + $where .= " AND {$wpdb->posts}.post_status != 'auto-draft'"; + } + + $join = ''; + if ( $args['category'] && 'post' === $args['content'] ) { + $term = term_exists( $args['category'], 'category' ); + if ( $term ) { + $join = "INNER JOIN {$wpdb->term_relationships} ON ({$wpdb->posts}.ID = {$wpdb->term_relationships}.object_id)"; + $where .= $wpdb->prepare( " AND {$wpdb->term_relationships}.term_taxonomy_id = %d", $term['term_taxonomy_id'] ); + } + } + + if ( in_array( $args['content'], array( 'post', 'page', 'attachment' ), true ) ) { + if ( $args['author'] ) { + $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_author = %d", $args['author'] ); + } + + if ( $args['start_date'] ) { + $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_date >= %s", gmdate( 'Y-m-d', strtotime( $args['start_date'] ) ) ); + } + + if ( $args['end_date'] ) { + $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_date < %s", gmdate( 'Y-m-d', strtotime( '+1 month', strtotime( $args['end_date'] ) ) ) ); + } + } + + // Grab a snapshot of post IDs, just in case it changes during the export. + $post_ids = $wpdb->get_col( "SELECT ID FROM {$wpdb->posts} $join WHERE $where" ); + + /* + * Get the requested terms ready, empty unless posts filtered by category + * or all content. + */ + $cats = array(); + $tags = array(); + $terms = array(); + if ( isset( $term ) && $term ) { + $cat = get_term( $term['term_id'], 'category' ); + $cats = array( $cat->term_id => $cat ); + unset( $term, $cat ); + } elseif ( 'all' === $args['content'] ) { + $categories = (array) get_categories( array( 'get' => 'all' ) ); + $tags = (array) get_tags( array( 'get' => 'all' ) ); + + $custom_taxonomies = get_taxonomies( array( '_builtin' => false ) ); + $custom_terms = (array) get_terms( + array( + 'taxonomy' => $custom_taxonomies, + 'get' => 'all', + ) + ); + + // Put categories in order with no child going before its parent. + while ( $cat = array_shift( $categories ) ) { + if ( ! $cat->parent || isset( $cats[ $cat->parent ] ) ) { + $cats[ $cat->term_id ] = $cat; + } else { + $categories[] = $cat; + } + } + + // Put terms in order with no child going before its parent. + while ( $t = array_shift( $custom_terms ) ) { + if ( ! $t->parent || isset( $terms[ $t->parent ] ) ) { + $terms[ $t->term_id ] = $t; + } else { + $custom_terms[] = $t; + } + } + + unset( $categories, $custom_taxonomies, $custom_terms ); + } + + /** + * Wraps given string in XML CDATA tag. + * + * @since 2.1.0 + * + * @param string $str String to wrap in XML CDATA tag. + * @return string + */ + function wxr_cdata( $str ) { + if ( ! seems_utf8( $str ) ) { + $str = utf8_encode( $str ); + } + // $str = ent2ncr(esc_html($str)); + $str = '<![CDATA[' . str_replace( ']]>', ']]]]><![CDATA[>', $str ) . ']]>'; + + return $str; + } + + /** + * Returns the URL of the site. + * + * @since 2.5.0 + * + * @return string Site URL. + */ + function wxr_site_url() { + if ( is_multisite() ) { + // Multisite: the base URL. + return network_home_url(); + } else { + // WordPress (single site): the site URL. + return get_bloginfo_rss( 'url' ); + } + } + + /** + * Outputs a cat_name XML tag from a given category object. + * + * @since 2.1.0 + * + * @param WP_Term $category Category Object. + */ + function wxr_cat_name( $category ) { + if ( empty( $category->name ) ) { + return; + } + + echo '<wp:cat_name>' . wxr_cdata( $category->name ) . "</wp:cat_name>\n"; + } + + /** + * Outputs a category_description XML tag from a given category object. + * + * @since 2.1.0 + * + * @param WP_Term $category Category Object. + */ + function wxr_category_description( $category ) { + if ( empty( $category->description ) ) { + return; + } + + echo '<wp:category_description>' . wxr_cdata( $category->description ) . "</wp:category_description>\n"; + } + + /** + * Outputs a tag_name XML tag from a given tag object. + * + * @since 2.3.0 + * + * @param WP_Term $tag Tag Object. + */ + function wxr_tag_name( $tag ) { + if ( empty( $tag->name ) ) { + return; + } + + echo '<wp:tag_name>' . wxr_cdata( $tag->name ) . "</wp:tag_name>\n"; + } + + /** + * Outputs a tag_description XML tag from a given tag object. + * + * @since 2.3.0 + * + * @param WP_Term $tag Tag Object. + */ + function wxr_tag_description( $tag ) { + if ( empty( $tag->description ) ) { + return; + } + + echo '<wp:tag_description>' . wxr_cdata( $tag->description ) . "</wp:tag_description>\n"; + } + + /** + * Outputs a term_name XML tag from a given term object. + * + * @since 2.9.0 + * + * @param WP_Term $term Term Object. + */ + function wxr_term_name( $term ) { + if ( empty( $term->name ) ) { + return; + } + + echo '<wp:term_name>' . wxr_cdata( $term->name ) . "</wp:term_name>\n"; + } + + /** + * Outputs a term_description XML tag from a given term object. + * + * @since 2.9.0 + * + * @param WP_Term $term Term Object. + */ + function wxr_term_description( $term ) { + if ( empty( $term->description ) ) { + return; + } + + echo "\t\t<wp:term_description>" . wxr_cdata( $term->description ) . "</wp:term_description>\n"; + } + + /** + * Outputs term meta XML tags for a given term object. + * + * @since 4.6.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param WP_Term $term Term object. + */ + function wxr_term_meta( $term ) { + global $wpdb; + + $termmeta = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->termmeta WHERE term_id = %d", $term->term_id ) ); + + foreach ( $termmeta as $meta ) { + /** + * Filters whether to selectively skip term meta used for WXR exports. + * + * Returning a truthy value from the filter will skip the current meta + * object from being exported. + * + * @since 4.6.0 + * + * @param bool $skip Whether to skip the current piece of term meta. Default false. + * @param string $meta_key Current meta key. + * @param object $meta Current meta object. + */ + if ( ! apply_filters( 'wxr_export_skip_termmeta', false, $meta->meta_key, $meta ) ) { + printf( "\t\t<wp:termmeta>\n\t\t\t<wp:meta_key>%s</wp:meta_key>\n\t\t\t<wp:meta_value>%s</wp:meta_value>\n\t\t</wp:termmeta>\n", wxr_cdata( $meta->meta_key ), wxr_cdata( $meta->meta_value ) ); + } + } + } + + /** + * Outputs list of authors with posts. + * + * @since 3.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int[] $post_ids Optional. Array of post IDs to filter the query by. + */ + function wxr_authors_list( array $post_ids = null ) { + global $wpdb; + + if ( ! empty( $post_ids ) ) { + $post_ids = array_map( 'absint', $post_ids ); + $and = 'AND ID IN ( ' . implode( ', ', $post_ids ) . ')'; + } else { + $and = ''; + } + + $authors = array(); + $results = $wpdb->get_results( "SELECT DISTINCT post_author FROM $wpdb->posts WHERE post_status != 'auto-draft' $and" ); + foreach ( (array) $results as $result ) { + $authors[] = get_userdata( $result->post_author ); + } + + $authors = array_filter( $authors ); + + foreach ( $authors as $author ) { + echo "\t<wp:author>"; + echo '<wp:author_id>' . (int) $author->ID . '</wp:author_id>'; + echo '<wp:author_login>' . wxr_cdata( $author->user_login ) . '</wp:author_login>'; + echo '<wp:author_email>' . wxr_cdata( $author->user_email ) . '</wp:author_email>'; + echo '<wp:author_display_name>' . wxr_cdata( $author->display_name ) . '</wp:author_display_name>'; + echo '<wp:author_first_name>' . wxr_cdata( $author->first_name ) . '</wp:author_first_name>'; + echo '<wp:author_last_name>' . wxr_cdata( $author->last_name ) . '</wp:author_last_name>'; + echo "</wp:author>\n"; + } + } + + /** + * Outputs all navigation menu terms. + * + * @since 3.1.0 + */ + function wxr_nav_menu_terms() { + $nav_menus = wp_get_nav_menus(); + if ( empty( $nav_menus ) || ! is_array( $nav_menus ) ) { + return; + } + + foreach ( $nav_menus as $menu ) { + echo "\t<wp:term>"; + echo '<wp:term_id>' . (int) $menu->term_id . '</wp:term_id>'; + echo '<wp:term_taxonomy>nav_menu</wp:term_taxonomy>'; + echo '<wp:term_slug>' . wxr_cdata( $menu->slug ) . '</wp:term_slug>'; + wxr_term_name( $menu ); + echo "</wp:term>\n"; + } + } + + /** + * Outputs list of taxonomy terms, in XML tag format, associated with a post. + * + * @since 2.3.0 + */ + function wxr_post_taxonomy() { + $post = get_post(); + + $taxonomies = get_object_taxonomies( $post->post_type ); + if ( empty( $taxonomies ) ) { + return; + } + $terms = wp_get_object_terms( $post->ID, $taxonomies ); + + foreach ( (array) $terms as $term ) { + echo "\t\t<category domain=\"{$term->taxonomy}\" nicename=\"{$term->slug}\">" . wxr_cdata( $term->name ) . "</category>\n"; + } + } + + /** + * Determines whether to selectively skip post meta used for WXR exports. + * + * @since 3.3.0 + * + * @param bool $return_me Whether to skip the current post meta. Default false. + * @param string $meta_key Meta key. + * @return bool + */ + function wxr_filter_postmeta( $return_me, $meta_key ) { + if ( '_edit_lock' === $meta_key ) { + $return_me = true; + } + return $return_me; + } + add_filter( 'wxr_export_skip_postmeta', 'wxr_filter_postmeta', 10, 2 ); + + echo '<?xml version="1.0" encoding="' . get_bloginfo( 'charset' ) . "\" ?>\n"; + + ?> +<!-- This is a WordPress eXtended RSS file generated by WordPress as an export of your site. --> +<!-- It contains information about your site's posts, pages, comments, categories, and other content. --> +<!-- You may use this file to transfer that content from one site to another. --> +<!-- This file is not intended to serve as a complete backup of your site. --> + +<!-- To import this information into a WordPress site follow these steps: --> +<!-- 1. Log in to that site as an administrator. --> +<!-- 2. Go to Tools: Import in the WordPress admin panel. --> +<!-- 3. Install the "WordPress" importer from the list. --> +<!-- 4. Activate & Run Importer. --> +<!-- 5. Upload this file using the form provided on that page. --> +<!-- 6. You will first be asked to map the authors in this export file to users --> +<!-- on the site. For each author, you may choose to map to an --> +<!-- existing user on the site or to create a new user. --> +<!-- 7. WordPress will then import each of the posts, pages, comments, categories, etc. --> +<!-- contained in this file into your site. --> + + <?php the_generator( 'export' ); ?> +<rss version="2.0" + xmlns:excerpt="http://wordpress.org/export/<?php echo WXR_VERSION; ?>/excerpt/" + xmlns:content="http://purl.org/rss/1.0/modules/content/" + xmlns:wfw="http://wellformedweb.org/CommentAPI/" + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:wp="http://wordpress.org/export/<?php echo WXR_VERSION; ?>/" +> + +<channel> + <title><?php bloginfo_rss( 'name' ); ?></title> + <link><?php bloginfo_rss( 'url' ); ?></link> + <description><?php bloginfo_rss( 'description' ); ?></description> + <pubDate><?php echo gmdate( 'D, d M Y H:i:s +0000' ); ?></pubDate> + <language><?php bloginfo_rss( 'language' ); ?></language> + <wp:wxr_version><?php echo WXR_VERSION; ?></wp:wxr_version> + <wp:base_site_url><?php echo wxr_site_url(); ?></wp:base_site_url> + <wp:base_blog_url><?php bloginfo_rss( 'url' ); ?></wp:base_blog_url> + + <?php wxr_authors_list( $post_ids ); ?> + + <?php foreach ( $cats as $c ) : ?> + <wp:category> + <wp:term_id><?php echo (int) $c->term_id; ?></wp:term_id> + <wp:category_nicename><?php echo wxr_cdata( $c->slug ); ?></wp:category_nicename> + <wp:category_parent><?php echo wxr_cdata( $c->parent ? $cats[ $c->parent ]->slug : '' ); ?></wp:category_parent> + <?php + wxr_cat_name( $c ); + wxr_category_description( $c ); + wxr_term_meta( $c ); + ?> + </wp:category> + <?php endforeach; ?> + <?php foreach ( $tags as $t ) : ?> + <wp:tag> + <wp:term_id><?php echo (int) $t->term_id; ?></wp:term_id> + <wp:tag_slug><?php echo wxr_cdata( $t->slug ); ?></wp:tag_slug> + <?php + wxr_tag_name( $t ); + wxr_tag_description( $t ); + wxr_term_meta( $t ); + ?> + </wp:tag> + <?php endforeach; ?> + <?php foreach ( $terms as $t ) : ?> + <wp:term> + <wp:term_id><?php echo (int) $t->term_id; ?></wp:term_id> + <wp:term_taxonomy><?php echo wxr_cdata( $t->taxonomy ); ?></wp:term_taxonomy> + <wp:term_slug><?php echo wxr_cdata( $t->slug ); ?></wp:term_slug> + <wp:term_parent><?php echo wxr_cdata( $t->parent ? $terms[ $t->parent ]->slug : '' ); ?></wp:term_parent> + <?php + wxr_term_name( $t ); + wxr_term_description( $t ); + wxr_term_meta( $t ); + ?> + </wp:term> + <?php endforeach; ?> + <?php + if ( 'all' === $args['content'] ) { + wxr_nav_menu_terms(); + } + ?> + + <?php + /** This action is documented in wp-includes/feed-rss2.php */ + do_action( 'rss2_head' ); + ?> + + <?php + if ( $post_ids ) { + /** + * @global WP_Query $wp_query WordPress Query object. + */ + global $wp_query; + + // Fake being in the loop. + $wp_query->in_the_loop = true; + + // Fetch 20 posts at a time rather than loading the entire table into memory. + while ( $next_posts = array_splice( $post_ids, 0, 20 ) ) { + $where = 'WHERE ID IN (' . implode( ',', $next_posts ) . ')'; + $posts = $wpdb->get_results( "SELECT * FROM {$wpdb->posts} $where" ); + + // Begin Loop. + foreach ( $posts as $post ) { + setup_postdata( $post ); + + /** + * Filters the post title used for WXR exports. + * + * @since 5.7.0 + * + * @param string $post_title Title of the current post. + */ + $title = wxr_cdata( apply_filters( 'the_title_export', $post->post_title ) ); + + /** + * Filters the post content used for WXR exports. + * + * @since 2.5.0 + * + * @param string $post_content Content of the current post. + */ + $content = wxr_cdata( apply_filters( 'the_content_export', $post->post_content ) ); + + /** + * Filters the post excerpt used for WXR exports. + * + * @since 2.6.0 + * + * @param string $post_excerpt Excerpt for the current post. + */ + $excerpt = wxr_cdata( apply_filters( 'the_excerpt_export', $post->post_excerpt ) ); + + $is_sticky = is_sticky( $post->ID ) ? 1 : 0; + ?> + <item> + <title><?php echo $title; ?></title> + <link><?php the_permalink_rss(); ?></link> + <pubDate><?php echo mysql2date( 'D, d M Y H:i:s +0000', get_post_time( 'Y-m-d H:i:s', true ), false ); ?></pubDate> + <dc:creator><?php echo wxr_cdata( get_the_author_meta( 'login' ) ); ?></dc:creator> + <guid isPermaLink="false"><?php the_guid(); ?></guid> + <description></description> + <content:encoded><?php echo $content; ?></content:encoded> + <excerpt:encoded><?php echo $excerpt; ?></excerpt:encoded> + <wp:post_id><?php echo (int) $post->ID; ?></wp:post_id> + <wp:post_date><?php echo wxr_cdata( $post->post_date ); ?></wp:post_date> + <wp:post_date_gmt><?php echo wxr_cdata( $post->post_date_gmt ); ?></wp:post_date_gmt> + <wp:post_modified><?php echo wxr_cdata( $post->post_modified ); ?></wp:post_modified> + <wp:post_modified_gmt><?php echo wxr_cdata( $post->post_modified_gmt ); ?></wp:post_modified_gmt> + <wp:comment_status><?php echo wxr_cdata( $post->comment_status ); ?></wp:comment_status> + <wp:ping_status><?php echo wxr_cdata( $post->ping_status ); ?></wp:ping_status> + <wp:post_name><?php echo wxr_cdata( $post->post_name ); ?></wp:post_name> + <wp:status><?php echo wxr_cdata( $post->post_status ); ?></wp:status> + <wp:post_parent><?php echo (int) $post->post_parent; ?></wp:post_parent> + <wp:menu_order><?php echo (int) $post->menu_order; ?></wp:menu_order> + <wp:post_type><?php echo wxr_cdata( $post->post_type ); ?></wp:post_type> + <wp:post_password><?php echo wxr_cdata( $post->post_password ); ?></wp:post_password> + <wp:is_sticky><?php echo (int) $is_sticky; ?></wp:is_sticky> + <?php if ( 'attachment' === $post->post_type ) : ?> + <wp:attachment_url><?php echo wxr_cdata( wp_get_attachment_url( $post->ID ) ); ?></wp:attachment_url> + <?php endif; ?> + <?php wxr_post_taxonomy(); ?> + <?php + $postmeta = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->postmeta WHERE post_id = %d", $post->ID ) ); + foreach ( $postmeta as $meta ) : + /** + * Filters whether to selectively skip post meta used for WXR exports. + * + * Returning a truthy value from the filter will skip the current meta + * object from being exported. + * + * @since 3.3.0 + * + * @param bool $skip Whether to skip the current post meta. Default false. + * @param string $meta_key Current meta key. + * @param object $meta Current meta object. + */ + if ( apply_filters( 'wxr_export_skip_postmeta', false, $meta->meta_key, $meta ) ) { + continue; + } + ?> + <wp:postmeta> + <wp:meta_key><?php echo wxr_cdata( $meta->meta_key ); ?></wp:meta_key> + <wp:meta_value><?php echo wxr_cdata( $meta->meta_value ); ?></wp:meta_value> + </wp:postmeta> + <?php + endforeach; + + $_comments = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved <> 'spam'", $post->ID ) ); + $comments = array_map( 'get_comment', $_comments ); + foreach ( $comments as $c ) : + ?> + <wp:comment> + <wp:comment_id><?php echo (int) $c->comment_ID; ?></wp:comment_id> + <wp:comment_author><?php echo wxr_cdata( $c->comment_author ); ?></wp:comment_author> + <wp:comment_author_email><?php echo wxr_cdata( $c->comment_author_email ); ?></wp:comment_author_email> + <wp:comment_author_url><?php echo sanitize_url( $c->comment_author_url ); ?></wp:comment_author_url> + <wp:comment_author_IP><?php echo wxr_cdata( $c->comment_author_IP ); ?></wp:comment_author_IP> + <wp:comment_date><?php echo wxr_cdata( $c->comment_date ); ?></wp:comment_date> + <wp:comment_date_gmt><?php echo wxr_cdata( $c->comment_date_gmt ); ?></wp:comment_date_gmt> + <wp:comment_content><?php echo wxr_cdata( $c->comment_content ); ?></wp:comment_content> + <wp:comment_approved><?php echo wxr_cdata( $c->comment_approved ); ?></wp:comment_approved> + <wp:comment_type><?php echo wxr_cdata( $c->comment_type ); ?></wp:comment_type> + <wp:comment_parent><?php echo (int) $c->comment_parent; ?></wp:comment_parent> + <wp:comment_user_id><?php echo (int) $c->user_id; ?></wp:comment_user_id> + <?php + $c_meta = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->commentmeta WHERE comment_id = %d", $c->comment_ID ) ); + foreach ( $c_meta as $meta ) : + /** + * Filters whether to selectively skip comment meta used for WXR exports. + * + * Returning a truthy value from the filter will skip the current meta + * object from being exported. + * + * @since 4.0.0 + * + * @param bool $skip Whether to skip the current comment meta. Default false. + * @param string $meta_key Current meta key. + * @param object $meta Current meta object. + */ + if ( apply_filters( 'wxr_export_skip_commentmeta', false, $meta->meta_key, $meta ) ) { + continue; + } + ?> + <wp:commentmeta> + <wp:meta_key><?php echo wxr_cdata( $meta->meta_key ); ?></wp:meta_key> + <wp:meta_value><?php echo wxr_cdata( $meta->meta_value ); ?></wp:meta_value> + </wp:commentmeta> + <?php endforeach; ?> + </wp:comment> + <?php endforeach; ?> + </item> + <?php + } + } + } + ?> +</channel> +</rss> + <?php +} diff --git a/wp-admin/includes/file.php b/wp-admin/includes/file.php new file mode 100644 index 0000000..600ddc2 --- /dev/null +++ b/wp-admin/includes/file.php @@ -0,0 +1,2804 @@ +<?php +/** + * Filesystem API: Top-level functionality + * + * Functions for reading, writing, modifying, and deleting files on the file system. + * Includes functionality for theme-specific files as well as operations for uploading, + * archiving, and rendering output when necessary. + * + * @package WordPress + * @subpackage Filesystem + * @since 2.3.0 + */ + +/** The descriptions for theme files. */ +$wp_file_descriptions = array( + 'functions.php' => __( 'Theme Functions' ), + 'header.php' => __( 'Theme Header' ), + 'footer.php' => __( 'Theme Footer' ), + 'sidebar.php' => __( 'Sidebar' ), + 'comments.php' => __( 'Comments' ), + 'searchform.php' => __( 'Search Form' ), + '404.php' => __( '404 Template' ), + 'link.php' => __( 'Links Template' ), + 'theme.json' => __( 'Theme Styles & Block Settings' ), + // Archives. + 'index.php' => __( 'Main Index Template' ), + 'archive.php' => __( 'Archives' ), + 'author.php' => __( 'Author Template' ), + 'taxonomy.php' => __( 'Taxonomy Template' ), + 'category.php' => __( 'Category Template' ), + 'tag.php' => __( 'Tag Template' ), + 'home.php' => __( 'Posts Page' ), + 'search.php' => __( 'Search Results' ), + 'date.php' => __( 'Date Template' ), + // Content. + 'singular.php' => __( 'Singular Template' ), + 'single.php' => __( 'Single Post' ), + 'page.php' => __( 'Single Page' ), + 'front-page.php' => __( 'Homepage' ), + 'privacy-policy.php' => __( 'Privacy Policy Page' ), + // Attachments. + 'attachment.php' => __( 'Attachment Template' ), + 'image.php' => __( 'Image Attachment Template' ), + 'video.php' => __( 'Video Attachment Template' ), + 'audio.php' => __( 'Audio Attachment Template' ), + 'application.php' => __( 'Application Attachment Template' ), + // Embeds. + 'embed.php' => __( 'Embed Template' ), + 'embed-404.php' => __( 'Embed 404 Template' ), + 'embed-content.php' => __( 'Embed Content Template' ), + 'header-embed.php' => __( 'Embed Header Template' ), + 'footer-embed.php' => __( 'Embed Footer Template' ), + // Stylesheets. + 'style.css' => __( 'Stylesheet' ), + 'editor-style.css' => __( 'Visual Editor Stylesheet' ), + 'editor-style-rtl.css' => __( 'Visual Editor RTL Stylesheet' ), + 'rtl.css' => __( 'RTL Stylesheet' ), + // Other. + 'my-hacks.php' => __( 'my-hacks.php (legacy hacks support)' ), + '.htaccess' => __( '.htaccess (for rewrite rules )' ), + // Deprecated files. + 'wp-layout.css' => __( 'Stylesheet' ), + 'wp-comments.php' => __( 'Comments Template' ), + 'wp-comments-popup.php' => __( 'Popup Comments Template' ), + 'comments-popup.php' => __( 'Popup Comments' ), +); + +/** + * Gets the description for standard WordPress theme files. + * + * @since 1.5.0 + * + * @global array $wp_file_descriptions Theme file descriptions. + * @global array $allowed_files List of allowed files. + * + * @param string $file Filesystem path or filename. + * @return string Description of file from $wp_file_descriptions or basename of $file if description doesn't exist. + * Appends 'Page Template' to basename of $file if the file is a page template. + */ +function get_file_description( $file ) { + global $wp_file_descriptions, $allowed_files; + + $dirname = pathinfo( $file, PATHINFO_DIRNAME ); + $file_path = $allowed_files[ $file ]; + + if ( isset( $wp_file_descriptions[ basename( $file ) ] ) && '.' === $dirname ) { + return $wp_file_descriptions[ basename( $file ) ]; + } elseif ( file_exists( $file_path ) && is_file( $file_path ) ) { + $template_data = implode( '', file( $file_path ) ); + + if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ) ) { + /* translators: %s: Template name. */ + return sprintf( __( '%s Page Template' ), _cleanup_header_comment( $name[1] ) ); + } + } + + return trim( basename( $file ) ); +} + +/** + * Gets the absolute filesystem path to the root of the WordPress installation. + * + * @since 1.5.0 + * + * @return string Full filesystem path to the root of the WordPress installation. + */ +function get_home_path() { + $home = set_url_scheme( get_option( 'home' ), 'http' ); + $siteurl = set_url_scheme( get_option( 'siteurl' ), 'http' ); + + if ( ! empty( $home ) && 0 !== strcasecmp( $home, $siteurl ) ) { + $wp_path_rel_to_home = str_ireplace( $home, '', $siteurl ); /* $siteurl - $home */ + $pos = strripos( str_replace( '\\', '/', $_SERVER['SCRIPT_FILENAME'] ), trailingslashit( $wp_path_rel_to_home ) ); + $home_path = substr( $_SERVER['SCRIPT_FILENAME'], 0, $pos ); + $home_path = trailingslashit( $home_path ); + } else { + $home_path = ABSPATH; + } + + return str_replace( '\\', '/', $home_path ); +} + +/** + * Returns a listing of all files in the specified folder and all subdirectories up to 100 levels deep. + * + * The depth of the recursiveness can be controlled by the $levels param. + * + * @since 2.6.0 + * @since 4.9.0 Added the `$exclusions` parameter. + * @since 6.3.0 Added the `$include_hidden` parameter. + * + * @param string $folder Optional. Full path to folder. Default empty. + * @param int $levels Optional. Levels of folders to follow, Default 100 (PHP Loop limit). + * @param string[] $exclusions Optional. List of folders and files to skip. + * @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files. + * Default false. + * @return string[]|false Array of files on success, false on failure. + */ +function list_files( $folder = '', $levels = 100, $exclusions = array(), $include_hidden = false ) { + if ( empty( $folder ) ) { + return false; + } + + $folder = trailingslashit( $folder ); + + if ( ! $levels ) { + return false; + } + + $files = array(); + + $dir = @opendir( $folder ); + + if ( $dir ) { + while ( ( $file = readdir( $dir ) ) !== false ) { + // Skip current and parent folder links. + if ( in_array( $file, array( '.', '..' ), true ) ) { + continue; + } + + // Skip hidden and excluded files. + if ( ( ! $include_hidden && '.' === $file[0] ) || in_array( $file, $exclusions, true ) ) { + continue; + } + + if ( is_dir( $folder . $file ) ) { + $files2 = list_files( $folder . $file, $levels - 1, array(), $include_hidden ); + if ( $files2 ) { + $files = array_merge( $files, $files2 ); + } else { + $files[] = $folder . $file . '/'; + } + } else { + $files[] = $folder . $file; + } + } + + closedir( $dir ); + } + + return $files; +} + +/** + * Gets the list of file extensions that are editable in plugins. + * + * @since 4.9.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return string[] Array of editable file extensions. + */ +function wp_get_plugin_file_editable_extensions( $plugin ) { + + $default_types = array( + 'bash', + 'conf', + 'css', + 'diff', + 'htm', + 'html', + 'http', + 'inc', + 'include', + 'js', + 'json', + 'jsx', + 'less', + 'md', + 'patch', + 'php', + 'php3', + 'php4', + 'php5', + 'php7', + 'phps', + 'phtml', + 'sass', + 'scss', + 'sh', + 'sql', + 'svg', + 'text', + 'txt', + 'xml', + 'yaml', + 'yml', + ); + + /** + * Filters the list of file types allowed for editing in the plugin file editor. + * + * @since 2.8.0 + * @since 4.9.0 Added the `$plugin` parameter. + * + * @param string[] $default_types An array of editable plugin file extensions. + * @param string $plugin Path to the plugin file relative to the plugins directory. + */ + $file_types = (array) apply_filters( 'editable_extensions', $default_types, $plugin ); + + return $file_types; +} + +/** + * Gets the list of file extensions that are editable for a given theme. + * + * @since 4.9.0 + * + * @param WP_Theme $theme Theme object. + * @return string[] Array of editable file extensions. + */ +function wp_get_theme_file_editable_extensions( $theme ) { + + $default_types = array( + 'bash', + 'conf', + 'css', + 'diff', + 'htm', + 'html', + 'http', + 'inc', + 'include', + 'js', + 'json', + 'jsx', + 'less', + 'md', + 'patch', + 'php', + 'php3', + 'php4', + 'php5', + 'php7', + 'phps', + 'phtml', + 'sass', + 'scss', + 'sh', + 'sql', + 'svg', + 'text', + 'txt', + 'xml', + 'yaml', + 'yml', + ); + + /** + * Filters the list of file types allowed for editing in the theme file editor. + * + * @since 4.4.0 + * + * @param string[] $default_types An array of editable theme file extensions. + * @param WP_Theme $theme The active theme object. + */ + $file_types = apply_filters( 'wp_theme_editor_filetypes', $default_types, $theme ); + + // Ensure that default types are still there. + return array_unique( array_merge( $file_types, $default_types ) ); +} + +/** + * Prints file editor templates (for plugins and themes). + * + * @since 4.9.0 + */ +function wp_print_file_editor_templates() { + ?> + <script type="text/html" id="tmpl-wp-file-editor-notice"> + <div class="notice inline notice-{{ data.type || 'info' }} {{ data.alt ? 'notice-alt' : '' }} {{ data.dismissible ? 'is-dismissible' : '' }} {{ data.classes || '' }}"> + <# if ( 'php_error' === data.code ) { #> + <p> + <?php + printf( + /* translators: 1: Line number, 2: File path. */ + __( 'Your PHP code changes were not applied due to an error on line %1$s of file %2$s. Please fix and try saving again.' ), + '{{ data.line }}', + '{{ data.file }}' + ); + ?> + </p> + <pre>{{ data.message }}</pre> + <# } else if ( 'file_not_writable' === data.code ) { #> + <p> + <?php + printf( + /* translators: %s: Documentation URL. */ + __( 'You need to make this file writable before you can save your changes. See <a href="%s">Changing File Permissions</a> for more information.' ), + __( 'https://wordpress.org/documentation/article/changing-file-permissions/' ) + ); + ?> + </p> + <# } else { #> + <p>{{ data.message || data.code }}</p> + + <# if ( 'lint_errors' === data.code ) { #> + <p> + <# var elementId = 'el-' + String( Math.random() ); #> + <input id="{{ elementId }}" type="checkbox"> + <label for="{{ elementId }}"><?php _e( 'Update anyway, even though it might break your site?' ); ?></label> + </p> + <# } #> + <# } #> + <# if ( data.dismissible ) { #> + <button type="button" class="notice-dismiss"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Dismiss' ); + ?> + </span></button> + <# } #> + </div> + </script> + <?php +} + +/** + * Attempts to edit a file for a theme or plugin. + * + * When editing a PHP file, loopback requests will be made to the admin and the homepage + * to attempt to see if there is a fatal error introduced. If so, the PHP change will be + * reverted. + * + * @since 4.9.0 + * + * @param string[] $args { + * Args. Note that all of the arg values are already unslashed. They are, however, + * coming straight from `$_POST` and are not validated or sanitized in any way. + * + * @type string $file Relative path to file. + * @type string $plugin Path to the plugin file relative to the plugins directory. + * @type string $theme Theme being edited. + * @type string $newcontent New content for the file. + * @type string $nonce Nonce. + * } + * @return true|WP_Error True on success or `WP_Error` on failure. + */ +function wp_edit_theme_plugin_file( $args ) { + if ( empty( $args['file'] ) ) { + return new WP_Error( 'missing_file' ); + } + + if ( 0 !== validate_file( $args['file'] ) ) { + return new WP_Error( 'bad_file' ); + } + + if ( ! isset( $args['newcontent'] ) ) { + return new WP_Error( 'missing_content' ); + } + + if ( ! isset( $args['nonce'] ) ) { + return new WP_Error( 'missing_nonce' ); + } + + $file = $args['file']; + $content = $args['newcontent']; + + $plugin = null; + $theme = null; + $real_file = null; + + if ( ! empty( $args['plugin'] ) ) { + $plugin = $args['plugin']; + + if ( ! current_user_can( 'edit_plugins' ) ) { + return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit plugins for this site.' ) ); + } + + if ( ! wp_verify_nonce( $args['nonce'], 'edit-plugin_' . $file ) ) { + return new WP_Error( 'nonce_failure' ); + } + + if ( ! array_key_exists( $plugin, get_plugins() ) ) { + return new WP_Error( 'invalid_plugin' ); + } + + if ( 0 !== validate_file( $file, get_plugin_files( $plugin ) ) ) { + return new WP_Error( 'bad_plugin_file_path', __( 'Sorry, that file cannot be edited.' ) ); + } + + $editable_extensions = wp_get_plugin_file_editable_extensions( $plugin ); + + $real_file = WP_PLUGIN_DIR . '/' . $file; + + $is_active = in_array( + $plugin, + (array) get_option( 'active_plugins', array() ), + true + ); + + } elseif ( ! empty( $args['theme'] ) ) { + $stylesheet = $args['theme']; + + if ( 0 !== validate_file( $stylesheet ) ) { + return new WP_Error( 'bad_theme_path' ); + } + + if ( ! current_user_can( 'edit_themes' ) ) { + return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit templates for this site.' ) ); + } + + $theme = wp_get_theme( $stylesheet ); + if ( ! $theme->exists() ) { + return new WP_Error( 'non_existent_theme', __( 'The requested theme does not exist.' ) ); + } + + if ( ! wp_verify_nonce( $args['nonce'], 'edit-theme_' . $stylesheet . '_' . $file ) ) { + return new WP_Error( 'nonce_failure' ); + } + + if ( $theme->errors() && 'theme_no_stylesheet' === $theme->errors()->get_error_code() ) { + return new WP_Error( + 'theme_no_stylesheet', + __( 'The requested theme does not exist.' ) . ' ' . $theme->errors()->get_error_message() + ); + } + + $editable_extensions = wp_get_theme_file_editable_extensions( $theme ); + + $allowed_files = array(); + foreach ( $editable_extensions as $type ) { + switch ( $type ) { + case 'php': + $allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', -1 ) ); + break; + case 'css': + $style_files = $theme->get_files( 'css', -1 ); + $allowed_files['style.css'] = $style_files['style.css']; + $allowed_files = array_merge( $allowed_files, $style_files ); + break; + default: + $allowed_files = array_merge( $allowed_files, $theme->get_files( $type, -1 ) ); + break; + } + } + + // Compare based on relative paths. + if ( 0 !== validate_file( $file, array_keys( $allowed_files ) ) ) { + return new WP_Error( 'disallowed_theme_file', __( 'Sorry, that file cannot be edited.' ) ); + } + + $real_file = $theme->get_stylesheet_directory() . '/' . $file; + + $is_active = ( get_stylesheet() === $stylesheet || get_template() === $stylesheet ); + + } else { + return new WP_Error( 'missing_theme_or_plugin' ); + } + + // Ensure file is real. + if ( ! is_file( $real_file ) ) { + return new WP_Error( 'file_does_not_exist', __( 'File does not exist! Please double check the name and try again.' ) ); + } + + // Ensure file extension is allowed. + $extension = null; + if ( preg_match( '/\.([^.]+)$/', $real_file, $matches ) ) { + $extension = strtolower( $matches[1] ); + if ( ! in_array( $extension, $editable_extensions, true ) ) { + return new WP_Error( 'illegal_file_type', __( 'Files of this type are not editable.' ) ); + } + } + + $previous_content = file_get_contents( $real_file ); + + if ( ! is_writable( $real_file ) ) { + return new WP_Error( 'file_not_writable' ); + } + + $f = fopen( $real_file, 'w+' ); + + if ( false === $f ) { + return new WP_Error( 'file_not_writable' ); + } + + $written = fwrite( $f, $content ); + fclose( $f ); + + if ( false === $written ) { + return new WP_Error( 'unable_to_write', __( 'Unable to write to file.' ) ); + } + + wp_opcache_invalidate( $real_file, true ); + + if ( $is_active && 'php' === $extension ) { + + $scrape_key = md5( rand() ); + $transient = 'scrape_key_' . $scrape_key; + $scrape_nonce = (string) rand(); + // It shouldn't take more than 60 seconds to make the two loopback requests. + set_transient( $transient, $scrape_nonce, 60 ); + + $cookies = wp_unslash( $_COOKIE ); + $scrape_params = array( + 'wp_scrape_key' => $scrape_key, + 'wp_scrape_nonce' => $scrape_nonce, + ); + $headers = array( + 'Cache-Control' => 'no-cache', + ); + + /** This filter is documented in wp-includes/class-wp-http-streams.php */ + $sslverify = apply_filters( 'https_local_ssl_verify', false ); + + // Include Basic auth in loopback requests. + if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) { + $headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) ); + } + + // Make sure PHP process doesn't die before loopback requests complete. + if ( function_exists( 'set_time_limit' ) ) { + set_time_limit( 5 * MINUTE_IN_SECONDS ); + } + + // Time to wait for loopback requests to finish. + $timeout = 100; // 100 seconds. + + $needle_start = "###### wp_scraping_result_start:$scrape_key ######"; + $needle_end = "###### wp_scraping_result_end:$scrape_key ######"; + + // Attempt loopback request to editor to see if user just whitescreened themselves. + if ( $plugin ) { + $url = add_query_arg( compact( 'plugin', 'file' ), admin_url( 'plugin-editor.php' ) ); + } elseif ( isset( $stylesheet ) ) { + $url = add_query_arg( + array( + 'theme' => $stylesheet, + 'file' => $file, + ), + admin_url( 'theme-editor.php' ) + ); + } else { + $url = admin_url(); + } + + if ( function_exists( 'session_status' ) && PHP_SESSION_ACTIVE === session_status() ) { + /* + * Close any active session to prevent HTTP requests from timing out + * when attempting to connect back to the site. + */ + session_write_close(); + } + + $url = add_query_arg( $scrape_params, $url ); + $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) ); + $body = wp_remote_retrieve_body( $r ); + $scrape_result_position = strpos( $body, $needle_start ); + + $loopback_request_failure = array( + 'code' => 'loopback_request_failed', + 'message' => __( 'Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.' ), + ); + $json_parse_failure = array( + 'code' => 'json_parse_error', + ); + + $result = null; + + if ( false === $scrape_result_position ) { + $result = $loopback_request_failure; + } else { + $error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) ); + $error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) ); + $result = json_decode( trim( $error_output ), true ); + if ( empty( $result ) ) { + $result = $json_parse_failure; + } + } + + // Try making request to homepage as well to see if visitors have been whitescreened. + if ( true === $result ) { + $url = home_url( '/' ); + $url = add_query_arg( $scrape_params, $url ); + $r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) ); + $body = wp_remote_retrieve_body( $r ); + $scrape_result_position = strpos( $body, $needle_start ); + + if ( false === $scrape_result_position ) { + $result = $loopback_request_failure; + } else { + $error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) ); + $error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) ); + $result = json_decode( trim( $error_output ), true ); + if ( empty( $result ) ) { + $result = $json_parse_failure; + } + } + } + + delete_transient( $transient ); + + if ( true !== $result ) { + // Roll-back file change. + file_put_contents( $real_file, $previous_content ); + wp_opcache_invalidate( $real_file, true ); + + if ( ! isset( $result['message'] ) ) { + $message = __( 'Something went wrong.' ); + } else { + $message = $result['message']; + unset( $result['message'] ); + } + + return new WP_Error( 'php_error', $message, $result ); + } + } + + if ( $theme instanceof WP_Theme ) { + $theme->cache_delete(); + } + + return true; +} + + +/** + * Returns a filename of a temporary unique file. + * + * Please note that the calling function must unlink() this itself. + * + * The filename is based off the passed parameter or defaults to the current unix timestamp, + * while the directory can either be passed as well, or by leaving it blank, default to a writable + * temporary directory. + * + * @since 2.6.0 + * + * @param string $filename Optional. Filename to base the Unique file off. Default empty. + * @param string $dir Optional. Directory to store the file in. Default empty. + * @return string A writable filename. + */ +function wp_tempnam( $filename = '', $dir = '' ) { + if ( empty( $dir ) ) { + $dir = get_temp_dir(); + } + + if ( empty( $filename ) || in_array( $filename, array( '.', '/', '\\' ), true ) ) { + $filename = uniqid(); + } + + // Use the basename of the given file without the extension as the name for the temporary directory. + $temp_filename = basename( $filename ); + $temp_filename = preg_replace( '|\.[^.]*$|', '', $temp_filename ); + + // If the folder is falsey, use its parent directory name instead. + if ( ! $temp_filename ) { + return wp_tempnam( dirname( $filename ), $dir ); + } + + // Suffix some random data to avoid filename conflicts. + $temp_filename .= '-' . wp_generate_password( 6, false ); + $temp_filename .= '.tmp'; + $temp_filename = wp_unique_filename( $dir, $temp_filename ); + + /* + * Filesystems typically have a limit of 255 characters for a filename. + * + * If the generated unique filename exceeds this, truncate the initial + * filename and try again. + * + * As it's possible that the truncated filename may exist, producing a + * suffix of "-1" or "-10" which could exceed the limit again, truncate + * it to 252 instead. + */ + $characters_over_limit = strlen( $temp_filename ) - 252; + if ( $characters_over_limit > 0 ) { + $filename = substr( $filename, 0, -$characters_over_limit ); + return wp_tempnam( $filename, $dir ); + } + + $temp_filename = $dir . $temp_filename; + + $fp = @fopen( $temp_filename, 'x' ); + + if ( ! $fp && is_writable( $dir ) && file_exists( $temp_filename ) ) { + return wp_tempnam( $filename, $dir ); + } + + if ( $fp ) { + fclose( $fp ); + } + + return $temp_filename; +} + +/** + * Makes sure that the file that was requested to be edited is allowed to be edited. + * + * Function will die if you are not allowed to edit the file. + * + * @since 1.5.0 + * + * @param string $file File the user is attempting to edit. + * @param string[] $allowed_files Optional. Array of allowed files to edit. + * `$file` must match an entry exactly. + * @return string|void Returns the file name on success, dies on failure. + */ +function validate_file_to_edit( $file, $allowed_files = array() ) { + $code = validate_file( $file, $allowed_files ); + + if ( ! $code ) { + return $file; + } + + switch ( $code ) { + case 1: + wp_die( __( 'Sorry, that file cannot be edited.' ) ); + + // case 2 : + // wp_die( __('Sorry, cannot call files with their real path.' )); + + case 3: + wp_die( __( 'Sorry, that file cannot be edited.' ) ); + } +} + +/** + * Handles PHP uploads in WordPress. + * + * Sanitizes file names, checks extensions for mime type, and moves the file + * to the appropriate directory within the uploads directory. + * + * @access private + * @since 4.0.0 + * + * @see wp_handle_upload_error + * + * @param array $file { + * Reference to a single element from `$_FILES`. Call the function once for each uploaded file. + * + * @type string $name The original name of the file on the client machine. + * @type string $type The mime type of the file, if the browser provided this information. + * @type string $tmp_name The temporary filename of the file in which the uploaded file was stored on the server. + * @type int $size The size, in bytes, of the uploaded file. + * @type int $error The error code associated with this file upload. + * } + * @param array|false $overrides { + * An array of override parameters for this file, or boolean false if none are provided. + * + * @type callable $upload_error_handler Function to call when there is an error during the upload process. + * See {@see wp_handle_upload_error()}. + * @type callable $unique_filename_callback Function to call when determining a unique file name for the file. + * See {@see wp_unique_filename()}. + * @type string[] $upload_error_strings The strings that describe the error indicated in + * `$_FILES[{form field}]['error']`. + * @type bool $test_form Whether to test that the `$_POST['action']` parameter is as expected. + * @type bool $test_size Whether to test that the file size is greater than zero bytes. + * @type bool $test_type Whether to test that the mime type of the file is as expected. + * @type string[] $mimes Array of allowed mime types keyed by their file extension regex. + * } + * @param string $time Time formatted in 'yyyy/mm'. + * @param string $action Expected value for `$_POST['action']`. + * @return array { + * On success, returns an associative array of file attributes. + * On failure, returns `$overrides['upload_error_handler']( &$file, $message )` + * or `array( 'error' => $message )`. + * + * @type string $file Filename of the newly-uploaded file. + * @type string $url URL of the newly-uploaded file. + * @type string $type Mime type of the newly-uploaded file. + * } + */ +function _wp_handle_upload( &$file, $overrides, $time, $action ) { + // The default error handler. + if ( ! function_exists( 'wp_handle_upload_error' ) ) { + function wp_handle_upload_error( &$file, $message ) { + return array( 'error' => $message ); + } + } + + /** + * Filters the data for a file before it is uploaded to WordPress. + * + * The dynamic portion of the hook name, `$action`, refers to the post action. + * + * Possible hook names include: + * + * - `wp_handle_sideload_prefilter` + * - `wp_handle_upload_prefilter` + * + * @since 2.9.0 as 'wp_handle_upload_prefilter'. + * @since 4.0.0 Converted to a dynamic hook with `$action`. + * + * @param array $file { + * Reference to a single element from `$_FILES`. + * + * @type string $name The original name of the file on the client machine. + * @type string $type The mime type of the file, if the browser provided this information. + * @type string $tmp_name The temporary filename of the file in which the uploaded file was stored on the server. + * @type int $size The size, in bytes, of the uploaded file. + * @type int $error The error code associated with this file upload. + * } + */ + $file = apply_filters( "{$action}_prefilter", $file ); + + /** + * Filters the override parameters for a file before it is uploaded to WordPress. + * + * The dynamic portion of the hook name, `$action`, refers to the post action. + * + * Possible hook names include: + * + * - `wp_handle_sideload_overrides` + * - `wp_handle_upload_overrides` + * + * @since 5.7.0 + * + * @param array|false $overrides An array of override parameters for this file. Boolean false if none are + * provided. See {@see _wp_handle_upload()}. + * @param array $file { + * Reference to a single element from `$_FILES`. + * + * @type string $name The original name of the file on the client machine. + * @type string $type The mime type of the file, if the browser provided this information. + * @type string $tmp_name The temporary filename of the file in which the uploaded file was stored on the server. + * @type int $size The size, in bytes, of the uploaded file. + * @type int $error The error code associated with this file upload. + * } + */ + $overrides = apply_filters( "{$action}_overrides", $overrides, $file ); + + // You may define your own function and pass the name in $overrides['upload_error_handler']. + $upload_error_handler = 'wp_handle_upload_error'; + if ( isset( $overrides['upload_error_handler'] ) ) { + $upload_error_handler = $overrides['upload_error_handler']; + } + + // You may have had one or more 'wp_handle_upload_prefilter' functions error out the file. Handle that gracefully. + if ( isset( $file['error'] ) && ! is_numeric( $file['error'] ) && $file['error'] ) { + return call_user_func_array( $upload_error_handler, array( &$file, $file['error'] ) ); + } + + // Install user overrides. Did we mention that this voids your warranty? + + // You may define your own function and pass the name in $overrides['unique_filename_callback']. + $unique_filename_callback = null; + if ( isset( $overrides['unique_filename_callback'] ) ) { + $unique_filename_callback = $overrides['unique_filename_callback']; + } + + /* + * This may not have originally been intended to be overridable, + * but historically has been. + */ + if ( isset( $overrides['upload_error_strings'] ) ) { + $upload_error_strings = $overrides['upload_error_strings']; + } else { + // Courtesy of php.net, the strings that describe the error indicated in $_FILES[{form field}]['error']. + $upload_error_strings = array( + false, + sprintf( + /* translators: 1: upload_max_filesize, 2: php.ini */ + __( 'The uploaded file exceeds the %1$s directive in %2$s.' ), + 'upload_max_filesize', + 'php.ini' + ), + sprintf( + /* translators: %s: MAX_FILE_SIZE */ + __( 'The uploaded file exceeds the %s directive that was specified in the HTML form.' ), + 'MAX_FILE_SIZE' + ), + __( 'The uploaded file was only partially uploaded.' ), + __( 'No file was uploaded.' ), + '', + __( 'Missing a temporary folder.' ), + __( 'Failed to write file to disk.' ), + __( 'File upload stopped by extension.' ), + ); + } + + // All tests are on by default. Most can be turned off by $overrides[{test_name}] = false; + $test_form = isset( $overrides['test_form'] ) ? $overrides['test_form'] : true; + $test_size = isset( $overrides['test_size'] ) ? $overrides['test_size'] : true; + + // If you override this, you must provide $ext and $type!! + $test_type = isset( $overrides['test_type'] ) ? $overrides['test_type'] : true; + $mimes = isset( $overrides['mimes'] ) ? $overrides['mimes'] : null; + + // A correct form post will pass this test. + if ( $test_form && ( ! isset( $_POST['action'] ) || $_POST['action'] !== $action ) ) { + return call_user_func_array( $upload_error_handler, array( &$file, __( 'Invalid form submission.' ) ) ); + } + + // A successful upload will pass this test. It makes no sense to override this one. + if ( isset( $file['error'] ) && $file['error'] > 0 ) { + return call_user_func_array( $upload_error_handler, array( &$file, $upload_error_strings[ $file['error'] ] ) ); + } + + // A properly uploaded file will pass this test. There should be no reason to override this one. + $test_uploaded_file = 'wp_handle_upload' === $action ? is_uploaded_file( $file['tmp_name'] ) : @is_readable( $file['tmp_name'] ); + if ( ! $test_uploaded_file ) { + return call_user_func_array( $upload_error_handler, array( &$file, __( 'Specified file failed upload test.' ) ) ); + } + + $test_file_size = 'wp_handle_upload' === $action ? $file['size'] : filesize( $file['tmp_name'] ); + // A non-empty file will pass this test. + if ( $test_size && ! ( $test_file_size > 0 ) ) { + if ( is_multisite() ) { + $error_msg = __( 'File is empty. Please upload something more substantial.' ); + } else { + $error_msg = sprintf( + /* translators: 1: php.ini, 2: post_max_size, 3: upload_max_filesize */ + __( 'File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your %1$s file or by %2$s being defined as smaller than %3$s in %1$s.' ), + 'php.ini', + 'post_max_size', + 'upload_max_filesize' + ); + } + + return call_user_func_array( $upload_error_handler, array( &$file, $error_msg ) ); + } + + // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter. + if ( $test_type ) { + $wp_filetype = wp_check_filetype_and_ext( $file['tmp_name'], $file['name'], $mimes ); + $ext = empty( $wp_filetype['ext'] ) ? '' : $wp_filetype['ext']; + $type = empty( $wp_filetype['type'] ) ? '' : $wp_filetype['type']; + $proper_filename = empty( $wp_filetype['proper_filename'] ) ? '' : $wp_filetype['proper_filename']; + + // Check to see if wp_check_filetype_and_ext() determined the filename was incorrect. + if ( $proper_filename ) { + $file['name'] = $proper_filename; + } + + if ( ( ! $type || ! $ext ) && ! current_user_can( 'unfiltered_upload' ) ) { + return call_user_func_array( $upload_error_handler, array( &$file, __( 'Sorry, you are not allowed to upload this file type.' ) ) ); + } + + if ( ! $type ) { + $type = $file['type']; + } + } else { + $type = ''; + } + + /* + * A writable uploads dir will pass this test. Again, there's no point + * overriding this one. + */ + $uploads = wp_upload_dir( $time ); + if ( ! ( $uploads && false === $uploads['error'] ) ) { + return call_user_func_array( $upload_error_handler, array( &$file, $uploads['error'] ) ); + } + + $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback ); + + // Move the file to the uploads dir. + $new_file = $uploads['path'] . "/$filename"; + + /** + * Filters whether to short-circuit moving the uploaded file after passing all checks. + * + * If a non-null value is returned from the filter, moving the file and any related + * error reporting will be completely skipped. + * + * @since 4.9.0 + * + * @param mixed $move_new_file If null (default) move the file after the upload. + * @param array $file { + * Reference to a single element from `$_FILES`. + * + * @type string $name The original name of the file on the client machine. + * @type string $type The mime type of the file, if the browser provided this information. + * @type string $tmp_name The temporary filename of the file in which the uploaded file was stored on the server. + * @type int $size The size, in bytes, of the uploaded file. + * @type int $error The error code associated with this file upload. + * } + * @param string $new_file Filename of the newly-uploaded file. + * @param string $type Mime type of the newly-uploaded file. + */ + $move_new_file = apply_filters( 'pre_move_uploaded_file', null, $file, $new_file, $type ); + + if ( null === $move_new_file ) { + if ( 'wp_handle_upload' === $action ) { + $move_new_file = @move_uploaded_file( $file['tmp_name'], $new_file ); + } else { + // Use copy and unlink because rename breaks streams. + // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged + $move_new_file = @copy( $file['tmp_name'], $new_file ); + unlink( $file['tmp_name'] ); + } + + if ( false === $move_new_file ) { + if ( str_starts_with( $uploads['basedir'], ABSPATH ) ) { + $error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir']; + } else { + $error_path = basename( $uploads['basedir'] ) . $uploads['subdir']; + } + + return $upload_error_handler( + $file, + sprintf( + /* translators: %s: Destination file path. */ + __( 'The uploaded file could not be moved to %s.' ), + $error_path + ) + ); + } + } + + // Set correct file permissions. + $stat = stat( dirname( $new_file ) ); + $perms = $stat['mode'] & 0000666; + chmod( $new_file, $perms ); + + // Compute the URL. + $url = $uploads['url'] . "/$filename"; + + if ( is_multisite() ) { + clean_dirsize_cache( $new_file ); + } + + /** + * Filters the data array for the uploaded file. + * + * @since 2.1.0 + * + * @param array $upload { + * Array of upload data. + * + * @type string $file Filename of the newly-uploaded file. + * @type string $url URL of the newly-uploaded file. + * @type string $type Mime type of the newly-uploaded file. + * } + * @param string $context The type of upload action. Values include 'upload' or 'sideload'. + */ + return apply_filters( + 'wp_handle_upload', + array( + 'file' => $new_file, + 'url' => $url, + 'type' => $type, + ), + 'wp_handle_sideload' === $action ? 'sideload' : 'upload' + ); +} + +/** + * Wrapper for _wp_handle_upload(). + * + * Passes the {@see 'wp_handle_upload'} action. + * + * @since 2.0.0 + * + * @see _wp_handle_upload() + * + * @param array $file Reference to a single element of `$_FILES`. + * Call the function once for each uploaded file. + * See _wp_handle_upload() for accepted values. + * @param array|false $overrides Optional. An associative array of names => values + * to override default variables. Default false. + * See _wp_handle_upload() for accepted values. + * @param string $time Optional. Time formatted in 'yyyy/mm'. Default null. + * @return array See _wp_handle_upload() for return value. + */ +function wp_handle_upload( &$file, $overrides = false, $time = null ) { + /* + * $_POST['action'] must be set and its value must equal $overrides['action'] + * or this: + */ + $action = 'wp_handle_upload'; + if ( isset( $overrides['action'] ) ) { + $action = $overrides['action']; + } + + return _wp_handle_upload( $file, $overrides, $time, $action ); +} + +/** + * Wrapper for _wp_handle_upload(). + * + * Passes the {@see 'wp_handle_sideload'} action. + * + * @since 2.6.0 + * + * @see _wp_handle_upload() + * + * @param array $file Reference to a single element of `$_FILES`. + * Call the function once for each uploaded file. + * See _wp_handle_upload() for accepted values. + * @param array|false $overrides Optional. An associative array of names => values + * to override default variables. Default false. + * See _wp_handle_upload() for accepted values. + * @param string $time Optional. Time formatted in 'yyyy/mm'. Default null. + * @return array See _wp_handle_upload() for return value. + */ +function wp_handle_sideload( &$file, $overrides = false, $time = null ) { + /* + * $_POST['action'] must be set and its value must equal $overrides['action'] + * or this: + */ + $action = 'wp_handle_sideload'; + if ( isset( $overrides['action'] ) ) { + $action = $overrides['action']; + } + + return _wp_handle_upload( $file, $overrides, $time, $action ); +} + +/** + * Downloads a URL to a local temporary file using the WordPress HTTP API. + * + * Please note that the calling function must unlink() the file. + * + * @since 2.5.0 + * @since 5.2.0 Signature Verification with SoftFail was added. + * @since 5.9.0 Support for Content-Disposition filename was added. + * + * @param string $url The URL of the file to download. + * @param int $timeout The timeout for the request to download the file. + * Default 300 seconds. + * @param bool $signature_verification Whether to perform Signature Verification. + * Default false. + * @return string|WP_Error Filename on success, WP_Error on failure. + */ +function download_url( $url, $timeout = 300, $signature_verification = false ) { + // WARNING: The file is not automatically deleted, the script must unlink() the file. + if ( ! $url ) { + return new WP_Error( 'http_no_url', __( 'Invalid URL Provided.' ) ); + } + + $url_path = parse_url( $url, PHP_URL_PATH ); + $url_filename = ''; + if ( is_string( $url_path ) && '' !== $url_path ) { + $url_filename = basename( $url_path ); + } + + $tmpfname = wp_tempnam( $url_filename ); + if ( ! $tmpfname ) { + return new WP_Error( 'http_no_file', __( 'Could not create temporary file.' ) ); + } + + $response = wp_safe_remote_get( + $url, + array( + 'timeout' => $timeout, + 'stream' => true, + 'filename' => $tmpfname, + ) + ); + + if ( is_wp_error( $response ) ) { + unlink( $tmpfname ); + return $response; + } + + $response_code = wp_remote_retrieve_response_code( $response ); + + if ( 200 !== $response_code ) { + $data = array( + 'code' => $response_code, + ); + + // Retrieve a sample of the response body for debugging purposes. + $tmpf = fopen( $tmpfname, 'rb' ); + + if ( $tmpf ) { + /** + * Filters the maximum error response body size in `download_url()`. + * + * @since 5.1.0 + * + * @see download_url() + * + * @param int $size The maximum error response body size. Default 1 KB. + */ + $response_size = apply_filters( 'download_url_error_max_body_size', KB_IN_BYTES ); + + $data['body'] = fread( $tmpf, $response_size ); + fclose( $tmpf ); + } + + unlink( $tmpfname ); + + return new WP_Error( 'http_404', trim( wp_remote_retrieve_response_message( $response ) ), $data ); + } + + $content_disposition = wp_remote_retrieve_header( $response, 'Content-Disposition' ); + + if ( $content_disposition ) { + $content_disposition = strtolower( $content_disposition ); + + if ( str_starts_with( $content_disposition, 'attachment; filename=' ) ) { + $tmpfname_disposition = sanitize_file_name( substr( $content_disposition, 21 ) ); + } else { + $tmpfname_disposition = ''; + } + + // Potential file name must be valid string. + if ( $tmpfname_disposition && is_string( $tmpfname_disposition ) + && ( 0 === validate_file( $tmpfname_disposition ) ) + ) { + $tmpfname_disposition = dirname( $tmpfname ) . '/' . $tmpfname_disposition; + + if ( rename( $tmpfname, $tmpfname_disposition ) ) { + $tmpfname = $tmpfname_disposition; + } + + if ( ( $tmpfname !== $tmpfname_disposition ) && file_exists( $tmpfname_disposition ) ) { + unlink( $tmpfname_disposition ); + } + } + } + + $content_md5 = wp_remote_retrieve_header( $response, 'Content-MD5' ); + + if ( $content_md5 ) { + $md5_check = verify_file_md5( $tmpfname, $content_md5 ); + + if ( is_wp_error( $md5_check ) ) { + unlink( $tmpfname ); + return $md5_check; + } + } + + // If the caller expects signature verification to occur, check to see if this URL supports it. + if ( $signature_verification ) { + /** + * Filters the list of hosts which should have Signature Verification attempted on. + * + * @since 5.2.0 + * + * @param string[] $hostnames List of hostnames. + */ + $signed_hostnames = apply_filters( 'wp_signature_hosts', array( 'wordpress.org', 'downloads.wordpress.org', 's.w.org' ) ); + + $signature_verification = in_array( parse_url( $url, PHP_URL_HOST ), $signed_hostnames, true ); + } + + // Perform signature validation if supported. + if ( $signature_verification ) { + $signature = wp_remote_retrieve_header( $response, 'X-Content-Signature' ); + + if ( ! $signature ) { + /* + * Retrieve signatures from a file if the header wasn't included. + * WordPress.org stores signatures at $package_url.sig. + */ + + $signature_url = false; + + if ( is_string( $url_path ) && ( str_ends_with( $url_path, '.zip' ) || str_ends_with( $url_path, '.tar.gz' ) ) ) { + $signature_url = str_replace( $url_path, $url_path . '.sig', $url ); + } + + /** + * Filters the URL where the signature for a file is located. + * + * @since 5.2.0 + * + * @param false|string $signature_url The URL where signatures can be found for a file, or false if none are known. + * @param string $url The URL being verified. + */ + $signature_url = apply_filters( 'wp_signature_url', $signature_url, $url ); + + if ( $signature_url ) { + $signature_request = wp_safe_remote_get( + $signature_url, + array( + 'limit_response_size' => 10 * KB_IN_BYTES, // 10KB should be large enough for quite a few signatures. + ) + ); + + if ( ! is_wp_error( $signature_request ) && 200 === wp_remote_retrieve_response_code( $signature_request ) ) { + $signature = explode( "\n", wp_remote_retrieve_body( $signature_request ) ); + } + } + } + + // Perform the checks. + $signature_verification = verify_file_signature( $tmpfname, $signature, $url_filename ); + } + + if ( is_wp_error( $signature_verification ) ) { + if ( + /** + * Filters whether Signature Verification failures should be allowed to soft fail. + * + * WARNING: This may be removed from a future release. + * + * @since 5.2.0 + * + * @param bool $signature_softfail If a softfail is allowed. + * @param string $url The url being accessed. + */ + apply_filters( 'wp_signature_softfail', true, $url ) + ) { + $signature_verification->add_data( $tmpfname, 'softfail-filename' ); + } else { + // Hard-fail. + unlink( $tmpfname ); + } + + return $signature_verification; + } + + return $tmpfname; +} + +/** + * Calculates and compares the MD5 of a file to its expected value. + * + * @since 3.7.0 + * + * @param string $filename The filename to check the MD5 of. + * @param string $expected_md5 The expected MD5 of the file, either a base64-encoded raw md5, + * or a hex-encoded md5. + * @return bool|WP_Error True on success, false when the MD5 format is unknown/unexpected, + * WP_Error on failure. + */ +function verify_file_md5( $filename, $expected_md5 ) { + if ( 32 === strlen( $expected_md5 ) ) { + $expected_raw_md5 = pack( 'H*', $expected_md5 ); + } elseif ( 24 === strlen( $expected_md5 ) ) { + $expected_raw_md5 = base64_decode( $expected_md5 ); + } else { + return false; // Unknown format. + } + + $file_md5 = md5_file( $filename, true ); + + if ( $file_md5 === $expected_raw_md5 ) { + return true; + } + + return new WP_Error( + 'md5_mismatch', + sprintf( + /* translators: 1: File checksum, 2: Expected checksum value. */ + __( 'The checksum of the file (%1$s) does not match the expected checksum value (%2$s).' ), + bin2hex( $file_md5 ), + bin2hex( $expected_raw_md5 ) + ) + ); +} + +/** + * Verifies the contents of a file against its ED25519 signature. + * + * @since 5.2.0 + * + * @param string $filename The file to validate. + * @param string|array $signatures A Signature provided for the file. + * @param string|false $filename_for_errors Optional. A friendly filename for errors. + * @return bool|WP_Error True on success, false if verification not attempted, + * or WP_Error describing an error condition. + */ +function verify_file_signature( $filename, $signatures, $filename_for_errors = false ) { + if ( ! $filename_for_errors ) { + $filename_for_errors = wp_basename( $filename ); + } + + // Check we can process signatures. + if ( ! function_exists( 'sodium_crypto_sign_verify_detached' ) || ! in_array( 'sha384', array_map( 'strtolower', hash_algos() ), true ) ) { + return new WP_Error( + 'signature_verification_unsupported', + sprintf( + /* translators: %s: The filename of the package. */ + __( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ), + '<span class="code">' . esc_html( $filename_for_errors ) . '</span>' + ), + ( ! function_exists( 'sodium_crypto_sign_verify_detached' ) ? 'sodium_crypto_sign_verify_detached' : 'sha384' ) + ); + } + + // Check for an edge-case affecting PHP Maths abilities. + if ( + ! extension_loaded( 'sodium' ) && + in_array( PHP_VERSION_ID, array( 70200, 70201, 70202 ), true ) && + extension_loaded( 'opcache' ) + ) { + /* + * Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail. + * https://bugs.php.net/bug.php?id=75938 + */ + return new WP_Error( + 'signature_verification_unsupported', + sprintf( + /* translators: %s: The filename of the package. */ + __( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ), + '<span class="code">' . esc_html( $filename_for_errors ) . '</span>' + ), + array( + 'php' => PHP_VERSION, + 'sodium' => defined( 'SODIUM_LIBRARY_VERSION' ) ? SODIUM_LIBRARY_VERSION : ( defined( 'ParagonIE_Sodium_Compat::VERSION_STRING' ) ? ParagonIE_Sodium_Compat::VERSION_STRING : false ), + ) + ); + } + + // Verify runtime speed of Sodium_Compat is acceptable. + if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) { + $sodium_compat_is_fast = false; + + // Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one. + if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) { + /* + * Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode, + * as that's what WordPress utilizes during signing verifications. + */ + // phpcs:disable WordPress.NamingConventions.ValidVariableName + $old_fastMult = ParagonIE_Sodium_Compat::$fastMult; + ParagonIE_Sodium_Compat::$fastMult = true; + $sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 ); + ParagonIE_Sodium_Compat::$fastMult = $old_fastMult; + // phpcs:enable + } + + /* + * This cannot be performed in a reasonable amount of time. + * https://github.com/paragonie/sodium_compat#help-sodium_compat-is-slow-how-can-i-make-it-fast + */ + if ( ! $sodium_compat_is_fast ) { + return new WP_Error( + 'signature_verification_unsupported', + sprintf( + /* translators: %s: The filename of the package. */ + __( 'The authenticity of %s could not be verified as signature verification is unavailable on this system.' ), + '<span class="code">' . esc_html( $filename_for_errors ) . '</span>' + ), + array( + 'php' => PHP_VERSION, + 'sodium' => defined( 'SODIUM_LIBRARY_VERSION' ) ? SODIUM_LIBRARY_VERSION : ( defined( 'ParagonIE_Sodium_Compat::VERSION_STRING' ) ? ParagonIE_Sodium_Compat::VERSION_STRING : false ), + 'polyfill_is_fast' => false, + 'max_execution_time' => ini_get( 'max_execution_time' ), + ) + ); + } + } + + if ( ! $signatures ) { + return new WP_Error( + 'signature_verification_no_signature', + sprintf( + /* translators: %s: The filename of the package. */ + __( 'The authenticity of %s could not be verified as no signature was found.' ), + '<span class="code">' . esc_html( $filename_for_errors ) . '</span>' + ), + array( + 'filename' => $filename_for_errors, + ) + ); + } + + $trusted_keys = wp_trusted_keys(); + $file_hash = hash_file( 'sha384', $filename, true ); + + mbstring_binary_safe_encoding(); + + $skipped_key = 0; + $skipped_signature = 0; + + foreach ( (array) $signatures as $signature ) { + $signature_raw = base64_decode( $signature ); + + // Ensure only valid-length signatures are considered. + if ( SODIUM_CRYPTO_SIGN_BYTES !== strlen( $signature_raw ) ) { + ++$skipped_signature; + continue; + } + + foreach ( (array) $trusted_keys as $key ) { + $key_raw = base64_decode( $key ); + + // Only pass valid public keys through. + if ( SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES !== strlen( $key_raw ) ) { + ++$skipped_key; + continue; + } + + if ( sodium_crypto_sign_verify_detached( $signature_raw, $file_hash, $key_raw ) ) { + reset_mbstring_encoding(); + return true; + } + } + } + + reset_mbstring_encoding(); + + return new WP_Error( + 'signature_verification_failed', + sprintf( + /* translators: %s: The filename of the package. */ + __( 'The authenticity of %s could not be verified.' ), + '<span class="code">' . esc_html( $filename_for_errors ) . '</span>' + ), + // Error data helpful for debugging: + array( + 'filename' => $filename_for_errors, + 'keys' => $trusted_keys, + 'signatures' => $signatures, + 'hash' => bin2hex( $file_hash ), + 'skipped_key' => $skipped_key, + 'skipped_sig' => $skipped_signature, + 'php' => PHP_VERSION, + 'sodium' => defined( 'SODIUM_LIBRARY_VERSION' ) ? SODIUM_LIBRARY_VERSION : ( defined( 'ParagonIE_Sodium_Compat::VERSION_STRING' ) ? ParagonIE_Sodium_Compat::VERSION_STRING : false ), + ) + ); +} + +/** + * Retrieves the list of signing keys trusted by WordPress. + * + * @since 5.2.0 + * + * @return string[] Array of base64-encoded signing keys. + */ +function wp_trusted_keys() { + $trusted_keys = array(); + + if ( time() < 1617235200 ) { + // WordPress.org Key #1 - This key is only valid before April 1st, 2021. + $trusted_keys[] = 'fRPyrxb/MvVLbdsYi+OOEv4xc+Eqpsj+kkAS6gNOkI0='; + } + + // TODO: Add key #2 with longer expiration. + + /** + * Filters the valid signing keys used to verify the contents of files. + * + * @since 5.2.0 + * + * @param string[] $trusted_keys The trusted keys that may sign packages. + */ + return apply_filters( 'wp_trusted_keys', $trusted_keys ); +} + +/** + * Unzips a specified ZIP file to a location on the filesystem via the WordPress + * Filesystem Abstraction. + * + * Assumes that WP_Filesystem() has already been called and set up. Does not extract + * a root-level __MACOSX directory, if present. + * + * Attempts to increase the PHP memory limit to 256M before uncompressing. However, + * the most memory required shouldn't be much larger than the archive itself. + * + * @since 2.5.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $file Full path and filename of ZIP archive. + * @param string $to Full path on the filesystem to extract archive to. + * @return true|WP_Error True on success, WP_Error on failure. + */ +function unzip_file( $file, $to ) { + global $wp_filesystem; + + if ( ! $wp_filesystem || ! is_object( $wp_filesystem ) ) { + return new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) ); + } + + // Unzip can use a lot of memory, but not this much hopefully. + wp_raise_memory_limit( 'admin' ); + + $needed_dirs = array(); + $to = trailingslashit( $to ); + + // Determine any parent directories needed (of the upgrade directory). + if ( ! $wp_filesystem->is_dir( $to ) ) { // Only do parents if no children exist. + $path = preg_split( '![/\\\]!', untrailingslashit( $to ) ); + for ( $i = count( $path ); $i >= 0; $i-- ) { + if ( empty( $path[ $i ] ) ) { + continue; + } + + $dir = implode( '/', array_slice( $path, 0, $i + 1 ) ); + if ( preg_match( '!^[a-z]:$!i', $dir ) ) { // Skip it if it looks like a Windows Drive letter. + continue; + } + + if ( ! $wp_filesystem->is_dir( $dir ) ) { + $needed_dirs[] = $dir; + } else { + break; // A folder exists, therefore we don't need to check the levels below this. + } + } + } + + /** + * Filters whether to use ZipArchive to unzip archives. + * + * @since 3.0.0 + * + * @param bool $ziparchive Whether to use ZipArchive. Default true. + */ + if ( class_exists( 'ZipArchive', false ) && apply_filters( 'unzip_file_use_ziparchive', true ) ) { + $result = _unzip_file_ziparchive( $file, $to, $needed_dirs ); + if ( true === $result ) { + return $result; + } elseif ( is_wp_error( $result ) ) { + if ( 'incompatible_archive' !== $result->get_error_code() ) { + return $result; + } + } + } + // Fall through to PclZip if ZipArchive is not available, or encountered an error opening the file. + return _unzip_file_pclzip( $file, $to, $needed_dirs ); +} + +/** + * Attempts to unzip an archive using the ZipArchive class. + * + * This function should not be called directly, use `unzip_file()` instead. + * + * Assumes that WP_Filesystem() has already been called and set up. + * + * @since 3.0.0 + * @access private + * + * @see unzip_file() + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $file Full path and filename of ZIP archive. + * @param string $to Full path on the filesystem to extract archive to. + * @param string[] $needed_dirs A partial list of required folders needed to be created. + * @return true|WP_Error True on success, WP_Error on failure. + */ +function _unzip_file_ziparchive( $file, $to, $needed_dirs = array() ) { + global $wp_filesystem; + + $z = new ZipArchive(); + + $zopen = $z->open( $file, ZIPARCHIVE::CHECKCONS ); + + if ( true !== $zopen ) { + return new WP_Error( 'incompatible_archive', __( 'Incompatible Archive.' ), array( 'ziparchive_error' => $zopen ) ); + } + + $uncompressed_size = 0; + + for ( $i = 0; $i < $z->numFiles; $i++ ) { + $info = $z->statIndex( $i ); + + if ( ! $info ) { + $z->close(); + return new WP_Error( 'stat_failed_ziparchive', __( 'Could not retrieve file from archive.' ) ); + } + + if ( str_starts_with( $info['name'], '__MACOSX/' ) ) { // Skip the OS X-created __MACOSX directory. + continue; + } + + // Don't extract invalid files: + if ( 0 !== validate_file( $info['name'] ) ) { + continue; + } + + $uncompressed_size += $info['size']; + + $dirname = dirname( $info['name'] ); + + if ( str_ends_with( $info['name'], '/' ) ) { + // Directory. + $needed_dirs[] = $to . untrailingslashit( $info['name'] ); + } elseif ( '.' !== $dirname ) { + // Path to a file. + $needed_dirs[] = $to . untrailingslashit( $dirname ); + } + } + + // Enough space to unzip the file and copy its contents, with a 10% buffer. + $required_space = $uncompressed_size * 2.1; + + /* + * disk_free_space() could return false. Assume that any falsey value is an error. + * A disk that has zero free bytes has bigger problems. + * Require we have enough space to unzip the file and copy its contents, with a 10% buffer. + */ + if ( wp_doing_cron() ) { + $available_space = function_exists( 'disk_free_space' ) ? @disk_free_space( WP_CONTENT_DIR ) : false; + + if ( $available_space && ( $required_space > $available_space ) ) { + $z->close(); + return new WP_Error( + 'disk_full_unzip_file', + __( 'Could not copy files. You may have run out of disk space.' ), + compact( 'uncompressed_size', 'available_space' ) + ); + } + } + + $needed_dirs = array_unique( $needed_dirs ); + + foreach ( $needed_dirs as $dir ) { + // Check the parent folders of the folders all exist within the creation array. + if ( untrailingslashit( $to ) === $dir ) { // Skip over the working directory, we know this exists (or will exist). + continue; + } + + if ( ! str_contains( $dir, $to ) ) { // If the directory is not within the working directory, skip it. + continue; + } + + $parent_folder = dirname( $dir ); + + while ( ! empty( $parent_folder ) + && untrailingslashit( $to ) !== $parent_folder + && ! in_array( $parent_folder, $needed_dirs, true ) + ) { + $needed_dirs[] = $parent_folder; + $parent_folder = dirname( $parent_folder ); + } + } + + asort( $needed_dirs ); + + // Create those directories if need be: + foreach ( $needed_dirs as $_dir ) { + // Only check to see if the Dir exists upon creation failure. Less I/O this way. + if ( ! $wp_filesystem->mkdir( $_dir, FS_CHMOD_DIR ) && ! $wp_filesystem->is_dir( $_dir ) ) { + $z->close(); + return new WP_Error( 'mkdir_failed_ziparchive', __( 'Could not create directory.' ), $_dir ); + } + } + + /** + * Filters archive unzipping to override with a custom process. + * + * @since 6.4.0 + * + * @param null|true|WP_Error $result The result of the override. True on success, otherwise WP Error. Default null. + * @param string $file Full path and filename of ZIP archive. + * @param string $to Full path on the filesystem to extract archive to. + * @param string[] $needed_dirs A full list of required folders that need to be created. + * @param float $required_space The space required to unzip the file and copy its contents, with a 10% buffer. + */ + $pre = apply_filters( 'pre_unzip_file', null, $file, $to, $needed_dirs, $required_space ); + + if ( null !== $pre ) { + // Ensure the ZIP file archive has been closed. + $z->close(); + + return $pre; + } + + for ( $i = 0; $i < $z->numFiles; $i++ ) { + $info = $z->statIndex( $i ); + + if ( ! $info ) { + $z->close(); + return new WP_Error( 'stat_failed_ziparchive', __( 'Could not retrieve file from archive.' ) ); + } + + if ( str_ends_with( $info['name'], '/' ) ) { // Directory. + continue; + } + + if ( str_starts_with( $info['name'], '__MACOSX/' ) ) { // Don't extract the OS X-created __MACOSX directory files. + continue; + } + + // Don't extract invalid files: + if ( 0 !== validate_file( $info['name'] ) ) { + continue; + } + + $contents = $z->getFromIndex( $i ); + + if ( false === $contents ) { + $z->close(); + return new WP_Error( 'extract_failed_ziparchive', __( 'Could not extract file from archive.' ), $info['name'] ); + } + + if ( ! $wp_filesystem->put_contents( $to . $info['name'], $contents, FS_CHMOD_FILE ) ) { + $z->close(); + return new WP_Error( 'copy_failed_ziparchive', __( 'Could not copy file.' ), $info['name'] ); + } + } + + $z->close(); + + /** + * Filters the result of unzipping an archive. + * + * @since 6.4.0 + * + * @param true|WP_Error $result The result of unzipping the archive. True on success, otherwise WP_Error. Default true. + * @param string $file Full path and filename of ZIP archive. + * @param string $to Full path on the filesystem the archive was extracted to. + * @param string[] $needed_dirs A full list of required folders that were created. + * @param float $required_space The space required to unzip the file and copy its contents, with a 10% buffer. + */ + $result = apply_filters( 'unzip_file', true, $file, $to, $needed_dirs, $required_space ); + + unset( $needed_dirs ); + + return $result; +} + +/** + * Attempts to unzip an archive using the PclZip library. + * + * This function should not be called directly, use `unzip_file()` instead. + * + * Assumes that WP_Filesystem() has already been called and set up. + * + * @since 3.0.0 + * @access private + * + * @see unzip_file() + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $file Full path and filename of ZIP archive. + * @param string $to Full path on the filesystem to extract archive to. + * @param string[] $needed_dirs A partial list of required folders needed to be created. + * @return true|WP_Error True on success, WP_Error on failure. + */ +function _unzip_file_pclzip( $file, $to, $needed_dirs = array() ) { + global $wp_filesystem; + + mbstring_binary_safe_encoding(); + + require_once ABSPATH . 'wp-admin/includes/class-pclzip.php'; + + $archive = new PclZip( $file ); + + $archive_files = $archive->extract( PCLZIP_OPT_EXTRACT_AS_STRING ); + + reset_mbstring_encoding(); + + // Is the archive valid? + if ( ! is_array( $archive_files ) ) { + return new WP_Error( 'incompatible_archive', __( 'Incompatible Archive.' ), $archive->errorInfo( true ) ); + } + + if ( 0 === count( $archive_files ) ) { + return new WP_Error( 'empty_archive_pclzip', __( 'Empty archive.' ) ); + } + + $uncompressed_size = 0; + + // Determine any children directories needed (From within the archive). + foreach ( $archive_files as $file ) { + if ( str_starts_with( $file['filename'], '__MACOSX/' ) ) { // Skip the OS X-created __MACOSX directory. + continue; + } + + $uncompressed_size += $file['size']; + + $needed_dirs[] = $to . untrailingslashit( $file['folder'] ? $file['filename'] : dirname( $file['filename'] ) ); + } + + // Enough space to unzip the file and copy its contents, with a 10% buffer. + $required_space = $uncompressed_size * 2.1; + + /* + * disk_free_space() could return false. Assume that any falsey value is an error. + * A disk that has zero free bytes has bigger problems. + * Require we have enough space to unzip the file and copy its contents, with a 10% buffer. + */ + if ( wp_doing_cron() ) { + $available_space = function_exists( 'disk_free_space' ) ? @disk_free_space( WP_CONTENT_DIR ) : false; + + if ( $available_space && ( $required_space > $available_space ) ) { + return new WP_Error( + 'disk_full_unzip_file', + __( 'Could not copy files. You may have run out of disk space.' ), + compact( 'uncompressed_size', 'available_space' ) + ); + } + } + + $needed_dirs = array_unique( $needed_dirs ); + + foreach ( $needed_dirs as $dir ) { + // Check the parent folders of the folders all exist within the creation array. + if ( untrailingslashit( $to ) === $dir ) { // Skip over the working directory, we know this exists (or will exist). + continue; + } + + if ( ! str_contains( $dir, $to ) ) { // If the directory is not within the working directory, skip it. + continue; + } + + $parent_folder = dirname( $dir ); + + while ( ! empty( $parent_folder ) + && untrailingslashit( $to ) !== $parent_folder + && ! in_array( $parent_folder, $needed_dirs, true ) + ) { + $needed_dirs[] = $parent_folder; + $parent_folder = dirname( $parent_folder ); + } + } + + asort( $needed_dirs ); + + // Create those directories if need be: + foreach ( $needed_dirs as $_dir ) { + // Only check to see if the dir exists upon creation failure. Less I/O this way. + if ( ! $wp_filesystem->mkdir( $_dir, FS_CHMOD_DIR ) && ! $wp_filesystem->is_dir( $_dir ) ) { + return new WP_Error( 'mkdir_failed_pclzip', __( 'Could not create directory.' ), $_dir ); + } + } + + /** This filter is documented in src/wp-admin/includes/file.php */ + $pre = apply_filters( 'pre_unzip_file', null, $file, $to, $needed_dirs, $required_space ); + + if ( null !== $pre ) { + return $pre; + } + + // Extract the files from the zip. + foreach ( $archive_files as $file ) { + if ( $file['folder'] ) { + continue; + } + + if ( str_starts_with( $file['filename'], '__MACOSX/' ) ) { // Don't extract the OS X-created __MACOSX directory files. + continue; + } + + // Don't extract invalid files: + if ( 0 !== validate_file( $file['filename'] ) ) { + continue; + } + + if ( ! $wp_filesystem->put_contents( $to . $file['filename'], $file['content'], FS_CHMOD_FILE ) ) { + return new WP_Error( 'copy_failed_pclzip', __( 'Could not copy file.' ), $file['filename'] ); + } + } + + /** This action is documented in src/wp-admin/includes/file.php */ + $result = apply_filters( 'unzip_file', true, $file, $to, $needed_dirs, $required_space ); + + unset( $needed_dirs ); + + return $result; +} + +/** + * Copies a directory from one location to another via the WordPress Filesystem + * Abstraction. + * + * Assumes that WP_Filesystem() has already been called and setup. + * + * @since 2.5.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $from Source directory. + * @param string $to Destination directory. + * @param string[] $skip_list An array of files/folders to skip copying. + * @return true|WP_Error True on success, WP_Error on failure. + */ +function copy_dir( $from, $to, $skip_list = array() ) { + global $wp_filesystem; + + $dirlist = $wp_filesystem->dirlist( $from ); + + if ( false === $dirlist ) { + return new WP_Error( 'dirlist_failed_copy_dir', __( 'Directory listing failed.' ), basename( $from ) ); + } + + $from = trailingslashit( $from ); + $to = trailingslashit( $to ); + + if ( ! $wp_filesystem->exists( $to ) && ! $wp_filesystem->mkdir( $to ) ) { + return new WP_Error( + 'mkdir_destination_failed_copy_dir', + __( 'Could not create the destination directory.' ), + basename( $to ) + ); + } + + foreach ( (array) $dirlist as $filename => $fileinfo ) { + if ( in_array( $filename, $skip_list, true ) ) { + continue; + } + + if ( 'f' === $fileinfo['type'] ) { + if ( ! $wp_filesystem->copy( $from . $filename, $to . $filename, true, FS_CHMOD_FILE ) ) { + // If copy failed, chmod file to 0644 and try again. + $wp_filesystem->chmod( $to . $filename, FS_CHMOD_FILE ); + + if ( ! $wp_filesystem->copy( $from . $filename, $to . $filename, true, FS_CHMOD_FILE ) ) { + return new WP_Error( 'copy_failed_copy_dir', __( 'Could not copy file.' ), $to . $filename ); + } + } + + wp_opcache_invalidate( $to . $filename ); + } elseif ( 'd' === $fileinfo['type'] ) { + if ( ! $wp_filesystem->is_dir( $to . $filename ) ) { + if ( ! $wp_filesystem->mkdir( $to . $filename, FS_CHMOD_DIR ) ) { + return new WP_Error( 'mkdir_failed_copy_dir', __( 'Could not create directory.' ), $to . $filename ); + } + } + + // Generate the $sub_skip_list for the subdirectory as a sub-set of the existing $skip_list. + $sub_skip_list = array(); + + foreach ( $skip_list as $skip_item ) { + if ( str_starts_with( $skip_item, $filename . '/' ) ) { + $sub_skip_list[] = preg_replace( '!^' . preg_quote( $filename, '!' ) . '/!i', '', $skip_item ); + } + } + + $result = copy_dir( $from . $filename, $to . $filename, $sub_skip_list ); + + if ( is_wp_error( $result ) ) { + return $result; + } + } + } + + return true; +} + +/** + * Moves a directory from one location to another. + * + * Recursively invalidates OPcache on success. + * + * If the renaming failed, falls back to copy_dir(). + * + * Assumes that WP_Filesystem() has already been called and setup. + * + * This function is not designed to merge directories, copy_dir() should be used instead. + * + * @since 6.2.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $from Source directory. + * @param string $to Destination directory. + * @param bool $overwrite Optional. Whether to overwrite the destination directory if it exists. + * Default false. + * @return true|WP_Error True on success, WP_Error on failure. + */ +function move_dir( $from, $to, $overwrite = false ) { + global $wp_filesystem; + + if ( trailingslashit( strtolower( $from ) ) === trailingslashit( strtolower( $to ) ) ) { + return new WP_Error( 'source_destination_same_move_dir', __( 'The source and destination are the same.' ) ); + } + + if ( $wp_filesystem->exists( $to ) ) { + if ( ! $overwrite ) { + return new WP_Error( 'destination_already_exists_move_dir', __( 'The destination folder already exists.' ), $to ); + } elseif ( ! $wp_filesystem->delete( $to, true ) ) { + // Can't overwrite if the destination couldn't be deleted. + return new WP_Error( 'destination_not_deleted_move_dir', __( 'The destination directory already exists and could not be removed.' ) ); + } + } + + if ( $wp_filesystem->move( $from, $to ) ) { + /* + * When using an environment with shared folders, + * there is a delay in updating the filesystem's cache. + * + * This is a known issue in environments with a VirtualBox provider. + * + * A 200ms delay gives time for the filesystem to update its cache, + * prevents "Operation not permitted", and "No such file or directory" warnings. + * + * This delay is used in other projects, including Composer. + * @link https://github.com/composer/composer/blob/2.5.1/src/Composer/Util/Platform.php#L228-L233 + */ + usleep( 200000 ); + wp_opcache_invalidate_directory( $to ); + + return true; + } + + // Fall back to a recursive copy. + if ( ! $wp_filesystem->is_dir( $to ) ) { + if ( ! $wp_filesystem->mkdir( $to, FS_CHMOD_DIR ) ) { + return new WP_Error( 'mkdir_failed_move_dir', __( 'Could not create directory.' ), $to ); + } + } + + $result = copy_dir( $from, $to, array( basename( $to ) ) ); + + // Clear the source directory. + if ( true === $result ) { + $wp_filesystem->delete( $from, true ); + } + + return $result; +} + +/** + * Initializes and connects the WordPress Filesystem Abstraction classes. + * + * This function will include the chosen transport and attempt connecting. + * + * Plugins may add extra transports, And force WordPress to use them by returning + * the filename via the {@see 'filesystem_method_file'} filter. + * + * @since 2.5.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param array|false $args Optional. Connection args, These are passed + * directly to the `WP_Filesystem_*()` classes. + * Default false. + * @param string|false $context Optional. Context for get_filesystem_method(). + * Default false. + * @param bool $allow_relaxed_file_ownership Optional. Whether to allow Group/World writable. + * Default false. + * @return bool|null True on success, false on failure, + * null if the filesystem method class file does not exist. + */ +function WP_Filesystem( $args = false, $context = false, $allow_relaxed_file_ownership = false ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid + global $wp_filesystem; + + require_once ABSPATH . 'wp-admin/includes/class-wp-filesystem-base.php'; + + $method = get_filesystem_method( $args, $context, $allow_relaxed_file_ownership ); + + if ( ! $method ) { + return false; + } + + if ( ! class_exists( "WP_Filesystem_$method" ) ) { + + /** + * Filters the path for a specific filesystem method class file. + * + * @since 2.6.0 + * + * @see get_filesystem_method() + * + * @param string $path Path to the specific filesystem method class file. + * @param string $method The filesystem method to use. + */ + $abstraction_file = apply_filters( 'filesystem_method_file', ABSPATH . 'wp-admin/includes/class-wp-filesystem-' . $method . '.php', $method ); + + if ( ! file_exists( $abstraction_file ) ) { + return; + } + + require_once $abstraction_file; + } + $method = "WP_Filesystem_$method"; + + $wp_filesystem = new $method( $args ); + + /* + * Define the timeouts for the connections. Only available after the constructor is called + * to allow for per-transport overriding of the default. + */ + if ( ! defined( 'FS_CONNECT_TIMEOUT' ) ) { + define( 'FS_CONNECT_TIMEOUT', 30 ); // 30 seconds. + } + if ( ! defined( 'FS_TIMEOUT' ) ) { + define( 'FS_TIMEOUT', 30 ); // 30 seconds. + } + + if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + return false; + } + + if ( ! $wp_filesystem->connect() ) { + return false; // There was an error connecting to the server. + } + + // Set the permission constants if not already set. + if ( ! defined( 'FS_CHMOD_DIR' ) ) { + define( 'FS_CHMOD_DIR', ( fileperms( ABSPATH ) & 0777 | 0755 ) ); + } + if ( ! defined( 'FS_CHMOD_FILE' ) ) { + define( 'FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0644 ) ); + } + + return true; +} + +/** + * Determines which method to use for reading, writing, modifying, or deleting + * files on the filesystem. + * + * The priority of the transports are: Direct, SSH2, FTP PHP Extension, FTP Sockets + * (Via Sockets class, or `fsockopen()`). Valid values for these are: 'direct', 'ssh2', + * 'ftpext' or 'ftpsockets'. + * + * The return value can be overridden by defining the `FS_METHOD` constant in `wp-config.php`, + * or filtering via {@see 'filesystem_method'}. + * + * @link https://wordpress.org/documentation/article/editing-wp-config-php/#wordpress-upgrade-constants + * + * Plugins may define a custom transport handler, See WP_Filesystem(). + * + * @since 2.5.0 + * + * @global callable $_wp_filesystem_direct_method + * + * @param array $args Optional. Connection details. Default empty array. + * @param string $context Optional. Full path to the directory that is tested + * for being writable. Default empty. + * @param bool $allow_relaxed_file_ownership Optional. Whether to allow Group/World writable. + * Default false. + * @return string The transport to use, see description for valid return values. + */ +function get_filesystem_method( $args = array(), $context = '', $allow_relaxed_file_ownership = false ) { + // Please ensure that this is either 'direct', 'ssh2', 'ftpext', or 'ftpsockets'. + $method = defined( 'FS_METHOD' ) ? FS_METHOD : false; + + if ( ! $context ) { + $context = WP_CONTENT_DIR; + } + + // If the directory doesn't exist (wp-content/languages) then use the parent directory as we'll create it. + if ( WP_LANG_DIR === $context && ! is_dir( $context ) ) { + $context = dirname( $context ); + } + + $context = trailingslashit( $context ); + + if ( ! $method ) { + + $temp_file_name = $context . 'temp-write-test-' . str_replace( '.', '-', uniqid( '', true ) ); + $temp_handle = @fopen( $temp_file_name, 'w' ); + if ( $temp_handle ) { + + // Attempt to determine the file owner of the WordPress files, and that of newly created files. + $wp_file_owner = false; + $temp_file_owner = false; + if ( function_exists( 'fileowner' ) ) { + $wp_file_owner = @fileowner( __FILE__ ); + $temp_file_owner = @fileowner( $temp_file_name ); + } + + if ( false !== $wp_file_owner && $wp_file_owner === $temp_file_owner ) { + /* + * WordPress is creating files as the same owner as the WordPress files, + * this means it's safe to modify & create new files via PHP. + */ + $method = 'direct'; + $GLOBALS['_wp_filesystem_direct_method'] = 'file_owner'; + } elseif ( $allow_relaxed_file_ownership ) { + /* + * The $context directory is writable, and $allow_relaxed_file_ownership is set, + * this means we can modify files safely in this directory. + * This mode doesn't create new files, only alter existing ones. + */ + $method = 'direct'; + $GLOBALS['_wp_filesystem_direct_method'] = 'relaxed_ownership'; + } + + fclose( $temp_handle ); + @unlink( $temp_file_name ); + } + } + + if ( ! $method && isset( $args['connection_type'] ) && 'ssh' === $args['connection_type'] && extension_loaded( 'ssh2' ) ) { + $method = 'ssh2'; + } + if ( ! $method && extension_loaded( 'ftp' ) ) { + $method = 'ftpext'; + } + if ( ! $method && ( extension_loaded( 'sockets' ) || function_exists( 'fsockopen' ) ) ) { + $method = 'ftpsockets'; // Sockets: Socket extension; PHP Mode: FSockopen / fwrite / fread. + } + + /** + * Filters the filesystem method to use. + * + * @since 2.6.0 + * + * @param string $method Filesystem method to return. + * @param array $args An array of connection details for the method. + * @param string $context Full path to the directory that is tested for being writable. + * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. + */ + return apply_filters( 'filesystem_method', $method, $args, $context, $allow_relaxed_file_ownership ); +} + +/** + * Displays a form to the user to request for their FTP/SSH details in order + * to connect to the filesystem. + * + * All chosen/entered details are saved, excluding the password. + * + * Hostnames may be in the form of hostname:portnumber (eg: wordpress.org:2467) + * to specify an alternate FTP/SSH port. + * + * Plugins may override this form by returning true|false via the {@see 'request_filesystem_credentials'} filter. + * + * @since 2.5.0 + * @since 4.6.0 The `$context` parameter default changed from `false` to an empty string. + * + * @global string $pagenow The filename of the current screen. + * + * @param string $form_post The URL to post the form to. + * @param string $type Optional. Chosen type of filesystem. Default empty. + * @param bool|WP_Error $error Optional. Whether the current request has failed + * to connect, or an error object. Default false. + * @param string $context Optional. Full path to the directory that is tested + * for being writable. Default empty. + * @param array $extra_fields Optional. Extra `POST` fields to be checked + * for inclusion in the post. Default null. + * @param bool $allow_relaxed_file_ownership Optional. Whether to allow Group/World writable. + * Default false. + * @return bool|array True if no filesystem credentials are required, + * false if they are required but have not been provided, + * array of credentials if they are required and have been provided. + */ +function request_filesystem_credentials( $form_post, $type = '', $error = false, $context = '', $extra_fields = null, $allow_relaxed_file_ownership = false ) { + global $pagenow; + + /** + * Filters the filesystem credentials. + * + * Returning anything other than an empty string will effectively short-circuit + * output of the filesystem credentials form, returning that value instead. + * + * A filter should return true if no filesystem credentials are required, false if they are required but have not been + * provided, or an array of credentials if they are required and have been provided. + * + * @since 2.5.0 + * @since 4.6.0 The `$context` parameter default changed from `false` to an empty string. + * + * @param mixed $credentials Credentials to return instead. Default empty string. + * @param string $form_post The URL to post the form to. + * @param string $type Chosen type of filesystem. + * @param bool|WP_Error $error Whether the current request has failed to connect, + * or an error object. + * @param string $context Full path to the directory that is tested for + * being writable. + * @param array $extra_fields Extra POST fields. + * @param bool $allow_relaxed_file_ownership Whether to allow Group/World writable. + */ + $req_cred = apply_filters( 'request_filesystem_credentials', '', $form_post, $type, $error, $context, $extra_fields, $allow_relaxed_file_ownership ); + + if ( '' !== $req_cred ) { + return $req_cred; + } + + if ( empty( $type ) ) { + $type = get_filesystem_method( array(), $context, $allow_relaxed_file_ownership ); + } + + if ( 'direct' === $type ) { + return true; + } + + if ( is_null( $extra_fields ) ) { + $extra_fields = array( 'version', 'locale' ); + } + + $credentials = get_option( + 'ftp_credentials', + array( + 'hostname' => '', + 'username' => '', + ) + ); + + $submitted_form = wp_unslash( $_POST ); + + // Verify nonce, or unset submitted form field values on failure. + if ( ! isset( $_POST['_fs_nonce'] ) || ! wp_verify_nonce( $_POST['_fs_nonce'], 'filesystem-credentials' ) ) { + unset( + $submitted_form['hostname'], + $submitted_form['username'], + $submitted_form['password'], + $submitted_form['public_key'], + $submitted_form['private_key'], + $submitted_form['connection_type'] + ); + } + + $ftp_constants = array( + 'hostname' => 'FTP_HOST', + 'username' => 'FTP_USER', + 'password' => 'FTP_PASS', + 'public_key' => 'FTP_PUBKEY', + 'private_key' => 'FTP_PRIKEY', + ); + + /* + * If defined, set it to that. Else, if POST'd, set it to that. If not, set it to an empty string. + * Otherwise, keep it as it previously was (saved details in option). + */ + foreach ( $ftp_constants as $key => $constant ) { + if ( defined( $constant ) ) { + $credentials[ $key ] = constant( $constant ); + } elseif ( ! empty( $submitted_form[ $key ] ) ) { + $credentials[ $key ] = $submitted_form[ $key ]; + } elseif ( ! isset( $credentials[ $key ] ) ) { + $credentials[ $key ] = ''; + } + } + + // Sanitize the hostname, some people might pass in odd data. + $credentials['hostname'] = preg_replace( '|\w+://|', '', $credentials['hostname'] ); // Strip any schemes off. + + if ( strpos( $credentials['hostname'], ':' ) ) { + list( $credentials['hostname'], $credentials['port'] ) = explode( ':', $credentials['hostname'], 2 ); + if ( ! is_numeric( $credentials['port'] ) ) { + unset( $credentials['port'] ); + } + } else { + unset( $credentials['port'] ); + } + + if ( ( defined( 'FTP_SSH' ) && FTP_SSH ) || ( defined( 'FS_METHOD' ) && 'ssh2' === FS_METHOD ) ) { + $credentials['connection_type'] = 'ssh'; + } elseif ( ( defined( 'FTP_SSL' ) && FTP_SSL ) && 'ftpext' === $type ) { // Only the FTP Extension understands SSL. + $credentials['connection_type'] = 'ftps'; + } elseif ( ! empty( $submitted_form['connection_type'] ) ) { + $credentials['connection_type'] = $submitted_form['connection_type']; + } elseif ( ! isset( $credentials['connection_type'] ) ) { // All else fails (and it's not defaulted to something else saved), default to FTP. + $credentials['connection_type'] = 'ftp'; + } + + if ( ! $error + && ( ! empty( $credentials['hostname'] ) && ! empty( $credentials['username'] ) && ! empty( $credentials['password'] ) + || 'ssh' === $credentials['connection_type'] && ! empty( $credentials['public_key'] ) && ! empty( $credentials['private_key'] ) + ) + ) { + $stored_credentials = $credentials; + + if ( ! empty( $stored_credentials['port'] ) ) { // Save port as part of hostname to simplify above code. + $stored_credentials['hostname'] .= ':' . $stored_credentials['port']; + } + + unset( + $stored_credentials['password'], + $stored_credentials['port'], + $stored_credentials['private_key'], + $stored_credentials['public_key'] + ); + + if ( ! wp_installing() ) { + update_option( 'ftp_credentials', $stored_credentials ); + } + + return $credentials; + } + + $hostname = isset( $credentials['hostname'] ) ? $credentials['hostname'] : ''; + $username = isset( $credentials['username'] ) ? $credentials['username'] : ''; + $public_key = isset( $credentials['public_key'] ) ? $credentials['public_key'] : ''; + $private_key = isset( $credentials['private_key'] ) ? $credentials['private_key'] : ''; + $port = isset( $credentials['port'] ) ? $credentials['port'] : ''; + $connection_type = isset( $credentials['connection_type'] ) ? $credentials['connection_type'] : ''; + + if ( $error ) { + $error_string = __( '<strong>Error:</strong> Could not connect to the server. Please verify the settings are correct.' ); + if ( is_wp_error( $error ) ) { + $error_string = esc_html( $error->get_error_message() ); + } + wp_admin_notice( + $error_string, + array( + 'id' => 'message', + 'additional_classes' => array( 'error' ), + ) + ); + } + + $types = array(); + if ( extension_loaded( 'ftp' ) || extension_loaded( 'sockets' ) || function_exists( 'fsockopen' ) ) { + $types['ftp'] = __( 'FTP' ); + } + if ( extension_loaded( 'ftp' ) ) { // Only this supports FTPS. + $types['ftps'] = __( 'FTPS (SSL)' ); + } + if ( extension_loaded( 'ssh2' ) ) { + $types['ssh'] = __( 'SSH2' ); + } + + /** + * Filters the connection types to output to the filesystem credentials form. + * + * @since 2.9.0 + * @since 4.6.0 The `$context` parameter default changed from `false` to an empty string. + * + * @param string[] $types Types of connections. + * @param array $credentials Credentials to connect with. + * @param string $type Chosen filesystem method. + * @param bool|WP_Error $error Whether the current request has failed to connect, + * or an error object. + * @param string $context Full path to the directory that is tested for being writable. + */ + $types = apply_filters( 'fs_ftp_connection_types', $types, $credentials, $type, $error, $context ); + ?> +<form action="<?php echo esc_url( $form_post ); ?>" method="post"> +<div id="request-filesystem-credentials-form" class="request-filesystem-credentials-form"> + <?php + // Print a H1 heading in the FTP credentials modal dialog, default is a H2. + $heading_tag = 'h2'; + if ( 'plugins.php' === $pagenow || 'plugin-install.php' === $pagenow ) { + $heading_tag = 'h1'; + } + echo "<$heading_tag id='request-filesystem-credentials-title'>" . __( 'Connection Information' ) . "</$heading_tag>"; + ?> +<p id="request-filesystem-credentials-desc"> + <?php + $label_user = __( 'Username' ); + $label_pass = __( 'Password' ); + _e( 'To perform the requested action, WordPress needs to access your web server.' ); + echo ' '; + if ( ( isset( $types['ftp'] ) || isset( $types['ftps'] ) ) ) { + if ( isset( $types['ssh'] ) ) { + _e( 'Please enter your FTP or SSH credentials to proceed.' ); + $label_user = __( 'FTP/SSH Username' ); + $label_pass = __( 'FTP/SSH Password' ); + } else { + _e( 'Please enter your FTP credentials to proceed.' ); + $label_user = __( 'FTP Username' ); + $label_pass = __( 'FTP Password' ); + } + echo ' '; + } + _e( 'If you do not remember your credentials, you should contact your web host.' ); + + $hostname_value = esc_attr( $hostname ); + if ( ! empty( $port ) ) { + $hostname_value .= ":$port"; + } + + $password_value = ''; + if ( defined( 'FTP_PASS' ) ) { + $password_value = '*****'; + } + ?> +</p> +<label for="hostname"> + <span class="field-title"><?php _e( 'Hostname' ); ?></span> + <input name="hostname" type="text" id="hostname" aria-describedby="request-filesystem-credentials-desc" class="code" placeholder="<?php esc_attr_e( 'example: www.wordpress.org' ); ?>" value="<?php echo $hostname_value; ?>"<?php disabled( defined( 'FTP_HOST' ) ); ?> /> +</label> +<div class="ftp-username"> + <label for="username"> + <span class="field-title"><?php echo $label_user; ?></span> + <input name="username" type="text" id="username" value="<?php echo esc_attr( $username ); ?>"<?php disabled( defined( 'FTP_USER' ) ); ?> /> + </label> +</div> +<div class="ftp-password"> + <label for="password"> + <span class="field-title"><?php echo $label_pass; ?></span> + <input name="password" type="password" id="password" value="<?php echo $password_value; ?>"<?php disabled( defined( 'FTP_PASS' ) ); ?> spellcheck="false" /> + <?php + if ( ! defined( 'FTP_PASS' ) ) { + _e( 'This password will not be stored on the server.' ); + } + ?> + </label> +</div> +<fieldset> +<legend><?php _e( 'Connection Type' ); ?></legend> + <?php + $disabled = disabled( ( defined( 'FTP_SSL' ) && FTP_SSL ) || ( defined( 'FTP_SSH' ) && FTP_SSH ), true, false ); + foreach ( $types as $name => $text ) : + ?> + <label for="<?php echo esc_attr( $name ); ?>"> + <input type="radio" name="connection_type" id="<?php echo esc_attr( $name ); ?>" value="<?php echo esc_attr( $name ); ?>" <?php checked( $name, $connection_type ); ?> <?php echo $disabled; ?> /> + <?php echo $text; ?> + </label> + <?php + endforeach; + ?> +</fieldset> + <?php + if ( isset( $types['ssh'] ) ) { + $hidden_class = ''; + if ( 'ssh' !== $connection_type || empty( $connection_type ) ) { + $hidden_class = ' class="hidden"'; + } + ?> +<fieldset id="ssh-keys"<?php echo $hidden_class; ?>> +<legend><?php _e( 'Authentication Keys' ); ?></legend> +<label for="public_key"> + <span class="field-title"><?php _e( 'Public Key:' ); ?></span> + <input name="public_key" type="text" id="public_key" aria-describedby="auth-keys-desc" value="<?php echo esc_attr( $public_key ); ?>"<?php disabled( defined( 'FTP_PUBKEY' ) ); ?> /> +</label> +<label for="private_key"> + <span class="field-title"><?php _e( 'Private Key:' ); ?></span> + <input name="private_key" type="text" id="private_key" value="<?php echo esc_attr( $private_key ); ?>"<?php disabled( defined( 'FTP_PRIKEY' ) ); ?> /> +</label> +<p id="auth-keys-desc"><?php _e( 'Enter the location on the server where the public and private keys are located. If a passphrase is needed, enter that in the password field above.' ); ?></p> +</fieldset> + <?php + } + + foreach ( (array) $extra_fields as $field ) { + if ( isset( $submitted_form[ $field ] ) ) { + echo '<input type="hidden" name="' . esc_attr( $field ) . '" value="' . esc_attr( $submitted_form[ $field ] ) . '" />'; + } + } + + /* + * Make sure the `submit_button()` function is available during the REST API call + * from WP_Site_Health_Auto_Updates::test_check_wp_filesystem_method(). + */ + if ( ! function_exists( 'submit_button' ) ) { + require_once ABSPATH . 'wp-admin/includes/template.php'; + } + ?> + <p class="request-filesystem-credentials-action-buttons"> + <?php wp_nonce_field( 'filesystem-credentials', '_fs_nonce', false, true ); ?> + <button class="button cancel-button" data-js-action="close" type="button"><?php _e( 'Cancel' ); ?></button> + <?php submit_button( __( 'Proceed' ), '', 'upgrade', false ); ?> + </p> +</div> +</form> + <?php + return false; +} + +/** + * Prints the filesystem credentials modal when needed. + * + * @since 4.2.0 + */ +function wp_print_request_filesystem_credentials_modal() { + $filesystem_method = get_filesystem_method(); + + ob_start(); + $filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() ); + ob_end_clean(); + + $request_filesystem_credentials = ( 'direct' !== $filesystem_method && ! $filesystem_credentials_are_stored ); + if ( ! $request_filesystem_credentials ) { + return; + } + ?> + <div id="request-filesystem-credentials-dialog" class="notification-dialog-wrap request-filesystem-credentials-dialog"> + <div class="notification-dialog-background"></div> + <div class="notification-dialog" role="dialog" aria-labelledby="request-filesystem-credentials-title" tabindex="0"> + <div class="request-filesystem-credentials-dialog-content"> + <?php request_filesystem_credentials( site_url() ); ?> + </div> + </div> + </div> + <?php +} + +/** + * Attempts to clear the opcode cache for an individual PHP file. + * + * This function can be called safely without having to check the file extension + * or availability of the OPcache extension. + * + * Whether or not invalidation is possible is cached to improve performance. + * + * @since 5.5.0 + * + * @link https://www.php.net/manual/en/function.opcache-invalidate.php + * + * @param string $filepath Path to the file, including extension, for which the opcode cache is to be cleared. + * @param bool $force Invalidate even if the modification time is not newer than the file in cache. + * Default false. + * @return bool True if opcache was invalidated for `$filepath`, or there was nothing to invalidate. + * False if opcache invalidation is not available, or is disabled via filter. + */ +function wp_opcache_invalidate( $filepath, $force = false ) { + static $can_invalidate = null; + + /* + * Check to see if WordPress is able to run `opcache_invalidate()` or not, and cache the value. + * + * First, check to see if the function is available to call, then if the host has restricted + * the ability to run the function to avoid a PHP warning. + * + * `opcache.restrict_api` can specify the path for files allowed to call `opcache_invalidate()`. + * + * If the host has this set, check whether the path in `opcache.restrict_api` matches + * the beginning of the path of the origin file. + * + * `$_SERVER['SCRIPT_FILENAME']` approximates the origin file's path, but `realpath()` + * is necessary because `SCRIPT_FILENAME` can be a relative path when run from CLI. + * + * For more details, see: + * - https://www.php.net/manual/en/opcache.configuration.php + * - https://www.php.net/manual/en/reserved.variables.server.php + * - https://core.trac.wordpress.org/ticket/36455 + */ + if ( null === $can_invalidate + && function_exists( 'opcache_invalidate' ) + && ( ! ini_get( 'opcache.restrict_api' ) + || stripos( realpath( $_SERVER['SCRIPT_FILENAME'] ), ini_get( 'opcache.restrict_api' ) ) === 0 ) + ) { + $can_invalidate = true; + } + + // If invalidation is not available, return early. + if ( ! $can_invalidate ) { + return false; + } + + // Verify that file to be invalidated has a PHP extension. + if ( '.php' !== strtolower( substr( $filepath, -4 ) ) ) { + return false; + } + + /** + * Filters whether to invalidate a file from the opcode cache. + * + * @since 5.5.0 + * + * @param bool $will_invalidate Whether WordPress will invalidate `$filepath`. Default true. + * @param string $filepath The path to the PHP file to invalidate. + */ + if ( apply_filters( 'wp_opcache_invalidate_file', true, $filepath ) ) { + return opcache_invalidate( $filepath, $force ); + } + + return false; +} + +/** + * Attempts to clear the opcode cache for a directory of files. + * + * @since 6.2.0 + * + * @see wp_opcache_invalidate() + * @link https://www.php.net/manual/en/function.opcache-invalidate.php + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $dir The path to the directory for which the opcode cache is to be cleared. + */ +function wp_opcache_invalidate_directory( $dir ) { + global $wp_filesystem; + + if ( ! is_string( $dir ) || '' === trim( $dir ) ) { + if ( WP_DEBUG ) { + $error_message = sprintf( + /* translators: %s: The function name. */ + __( '%s expects a non-empty string.' ), + '<code>wp_opcache_invalidate_directory()</code>' + ); + trigger_error( $error_message ); + } + return; + } + + $dirlist = $wp_filesystem->dirlist( $dir, false, true ); + + if ( empty( $dirlist ) ) { + return; + } + + /* + * Recursively invalidate opcache of files in a directory. + * + * WP_Filesystem_*::dirlist() returns an array of file and directory information. + * + * This does not include a path to the file or directory. + * To invalidate files within sub-directories, recursion is needed + * to prepend an absolute path containing the sub-directory's name. + * + * @param array $dirlist Array of file/directory information from WP_Filesystem_Base::dirlist(), + * with sub-directories represented as nested arrays. + * @param string $path Absolute path to the directory. + */ + $invalidate_directory = static function ( $dirlist, $path ) use ( &$invalidate_directory ) { + $path = trailingslashit( $path ); + + foreach ( $dirlist as $name => $details ) { + if ( 'f' === $details['type'] ) { + wp_opcache_invalidate( $path . $name, true ); + } elseif ( is_array( $details['files'] ) && ! empty( $details['files'] ) ) { + $invalidate_directory( $details['files'], $path . $name ); + } + } + }; + + $invalidate_directory( $dirlist, $dir ); +} diff --git a/wp-admin/includes/image-edit.php b/wp-admin/includes/image-edit.php new file mode 100644 index 0000000..739b09f --- /dev/null +++ b/wp-admin/includes/image-edit.php @@ -0,0 +1,1132 @@ +<?php +/** + * WordPress Image Editor + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Loads the WP image-editing interface. + * + * @since 2.9.0 + * + * @param int $post_id Attachment post ID. + * @param false|object $msg Optional. Message to display for image editor updates or errors. + * Default false. + */ +function wp_image_editor( $post_id, $msg = false ) { + $nonce = wp_create_nonce( "image_editor-$post_id" ); + $meta = wp_get_attachment_metadata( $post_id ); + $thumb = image_get_intermediate_size( $post_id, 'thumbnail' ); + $sub_sizes = isset( $meta['sizes'] ) && is_array( $meta['sizes'] ); + $note = ''; + + if ( isset( $meta['width'], $meta['height'] ) ) { + $big = max( $meta['width'], $meta['height'] ); + } else { + die( __( 'Image data does not exist. Please re-upload the image.' ) ); + } + + $sizer = $big > 600 ? 600 / $big : 1; + + $backup_sizes = get_post_meta( $post_id, '_wp_attachment_backup_sizes', true ); + $can_restore = false; + + if ( ! empty( $backup_sizes ) && isset( $backup_sizes['full-orig'], $meta['file'] ) ) { + $can_restore = wp_basename( $meta['file'] ) !== $backup_sizes['full-orig']['file']; + } + + if ( $msg ) { + if ( isset( $msg->error ) ) { + $note = "<div class='notice notice-error' role='alert'><p>$msg->error</p></div>"; + } elseif ( isset( $msg->msg ) ) { + $note = "<div class='notice notice-success' role='alert'><p>$msg->msg</p></div>"; + } + } + + /** + * Shows the settings in the Image Editor that allow selecting to edit only the thumbnail of an image. + * + * @since 6.3.0 + * + * @param bool $show Whether to show the settings in the Image Editor. Default false. + */ + $edit_thumbnails_separately = (bool) apply_filters( 'image_edit_thumbnails_separately', false ); + + ?> + <div class="imgedit-wrap wp-clearfix"> + <div id="imgedit-panel-<?php echo $post_id; ?>"> + <?php echo $note; ?> + <div class="imgedit-panel-content imgedit-panel-tools wp-clearfix"> + <div class="imgedit-menu wp-clearfix"> + <button type="button" onclick="imageEdit.toggleCropTool( <?php echo "$post_id, '$nonce'"; ?>, this );" aria-expanded="false" aria-controls="imgedit-crop" class="imgedit-crop button disabled" disabled><?php esc_html_e( 'Crop' ); ?></button> + <button type="button" class="imgedit-scale button" onclick="imageEdit.toggleControls(this);" aria-expanded="false" aria-controls="imgedit-scale"><?php esc_html_e( 'Scale' ); ?></button> + <div class="imgedit-rotate-menu-container"> + <button type="button" aria-controls="imgedit-rotate-menu" class="imgedit-rotate button" aria-expanded="false" onclick="imageEdit.togglePopup(this)" onblur="imageEdit.monitorPopup()"><?php esc_html_e( 'Image Rotation' ); ?></button> + <div id="imgedit-rotate-menu" class="imgedit-popup-menu"> + <?php + // On some setups GD library does not provide imagerotate() - Ticket #11536. + if ( wp_image_editor_supports( + array( + 'mime_type' => get_post_mime_type( $post_id ), + 'methods' => array( 'rotate' ), + ) + ) ) { + $note_no_rotate = ''; + ?> + <button type="button" class="imgedit-rleft button" onkeyup="imageEdit.browsePopup(this)" onclick="imageEdit.rotate( 90, <?php echo "$post_id, '$nonce'"; ?>, this)" onblur="imageEdit.monitorPopup()"><?php esc_html_e( 'Rotate 90° left' ); ?></button> + <button type="button" class="imgedit-rright button" onkeyup="imageEdit.browsePopup(this)" onclick="imageEdit.rotate(-90, <?php echo "$post_id, '$nonce'"; ?>, this)" onblur="imageEdit.monitorPopup()"><?php esc_html_e( 'Rotate 90° right' ); ?></button> + <button type="button" class="imgedit-rfull button" onkeyup="imageEdit.browsePopup(this)" onclick="imageEdit.rotate(180, <?php echo "$post_id, '$nonce'"; ?>, this)" onblur="imageEdit.monitorPopup()"><?php esc_html_e( 'Rotate 180°' ); ?></button> + <?php + } else { + $note_no_rotate = '<p class="note-no-rotate"><em>' . __( 'Image rotation is not supported by your web host.' ) . '</em></p>'; + ?> + <button type="button" class="imgedit-rleft button disabled" disabled></button> + <button type="button" class="imgedit-rright button disabled" disabled></button> + <?php + } + ?> + <hr /> + <button type="button" onkeyup="imageEdit.browsePopup(this)" onclick="imageEdit.flip(1, <?php echo "$post_id, '$nonce'"; ?>, this)" onblur="imageEdit.monitorPopup()" class="imgedit-flipv button"><?php esc_html_e( 'Flip vertical' ); ?></button> + <button type="button" onkeyup="imageEdit.browsePopup(this)" onclick="imageEdit.flip(2, <?php echo "$post_id, '$nonce'"; ?>, this)" onblur="imageEdit.monitorPopup()" class="imgedit-fliph button"><?php esc_html_e( 'Flip horizontal' ); ?></button> + <?php echo $note_no_rotate; ?> + </div> + </div> + </div> + <div class="imgedit-submit imgedit-menu"> + <button type="button" id="image-undo-<?php echo $post_id; ?>" onclick="imageEdit.undo(<?php echo "$post_id, '$nonce'"; ?>, this)" class="imgedit-undo button disabled" disabled><?php esc_html_e( 'Undo' ); ?></button> + <button type="button" id="image-redo-<?php echo $post_id; ?>" onclick="imageEdit.redo(<?php echo "$post_id, '$nonce'"; ?>, this)" class="imgedit-redo button disabled" disabled><?php esc_html_e( 'Redo' ); ?></button> + <button type="button" onclick="imageEdit.close(<?php echo $post_id; ?>, 1)" class="button imgedit-cancel-btn"><?php esc_html_e( 'Cancel Editing' ); ?></button> + <button type="button" onclick="imageEdit.save(<?php echo "$post_id, '$nonce'"; ?>)" disabled="disabled" class="button button-primary imgedit-submit-btn"><?php esc_html_e( 'Save Edits' ); ?></button> + </div> + </div> + + <div class="imgedit-panel-content wp-clearfix"> + <div class="imgedit-tools"> + <input type="hidden" id="imgedit-nonce-<?php echo $post_id; ?>" value="<?php echo $nonce; ?>" /> + <input type="hidden" id="imgedit-sizer-<?php echo $post_id; ?>" value="<?php echo $sizer; ?>" /> + <input type="hidden" id="imgedit-history-<?php echo $post_id; ?>" value="" /> + <input type="hidden" id="imgedit-undone-<?php echo $post_id; ?>" value="0" /> + <input type="hidden" id="imgedit-selection-<?php echo $post_id; ?>" value="" /> + <input type="hidden" id="imgedit-x-<?php echo $post_id; ?>" value="<?php echo isset( $meta['width'] ) ? $meta['width'] : 0; ?>" /> + <input type="hidden" id="imgedit-y-<?php echo $post_id; ?>" value="<?php echo isset( $meta['height'] ) ? $meta['height'] : 0; ?>" /> + + <div id="imgedit-crop-<?php echo $post_id; ?>" class="imgedit-crop-wrap"> + <div class="imgedit-crop-grid"></div> + <img id="image-preview-<?php echo $post_id; ?>" onload="imageEdit.imgLoaded('<?php echo $post_id; ?>')" + src="<?php echo esc_url( admin_url( 'admin-ajax.php', 'relative' ) ) . '?action=imgedit-preview&_ajax_nonce=' . $nonce . '&postid=' . $post_id . '&rand=' . rand( 1, 99999 ); ?>" alt="" /> + </div> + </div> + <div class="imgedit-settings"> + <div class="imgedit-tool-active"> + <div class="imgedit-group"> + <div id="imgedit-scale" tabindex="-1" class="imgedit-group-controls"> + <div class="imgedit-group-top"> + <h2><?php _e( 'Scale Image' ); ?></h2> + <button type="button" class="dashicons dashicons-editor-help imgedit-help-toggle" onclick="imageEdit.toggleHelp(this);" aria-expanded="false"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + esc_html_e( 'Scale Image Help' ); + ?> + </span></button> + <div class="imgedit-help"> + <p><?php _e( 'You can proportionally scale the original image. For best results, scaling should be done before you crop, flip, or rotate. Images can only be scaled down, not up.' ); ?></p> + </div> + <?php if ( isset( $meta['width'], $meta['height'] ) ) : ?> + <p> + <?php + printf( + /* translators: %s: Image width and height in pixels. */ + __( 'Original dimensions %s' ), + '<span class="imgedit-original-dimensions">' . $meta['width'] . ' × ' . $meta['height'] . '</span>' + ); + ?> + </p> + <?php endif; ?> + <div class="imgedit-submit"> + <fieldset class="imgedit-scale-controls"> + <legend><?php _e( 'New dimensions:' ); ?></legend> + <div class="nowrap"> + <label for="imgedit-scale-width-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'scale height' ); + ?> + </label> + <input type="number" step="1" min="0" max="<?php echo isset( $meta['width'] ) ? $meta['width'] : ''; ?>" aria-describedby="imgedit-scale-warn-<?php echo $post_id; ?>" id="imgedit-scale-width-<?php echo $post_id; ?>" onkeyup="imageEdit.scaleChanged(<?php echo $post_id; ?>, 1, this)" onblur="imageEdit.scaleChanged(<?php echo $post_id; ?>, 1, this)" value="<?php echo isset( $meta['width'] ) ? $meta['width'] : 0; ?>" /> + <span class="imgedit-separator" aria-hidden="true">×</span> + <label for="imgedit-scale-height-<?php echo $post_id; ?>" class="screen-reader-text"><?php _e( 'scale height' ); ?></label> + <input type="number" step="1" min="0" max="<?php echo isset( $meta['height'] ) ? $meta['height'] : ''; ?>" aria-describedby="imgedit-scale-warn-<?php echo $post_id; ?>" id="imgedit-scale-height-<?php echo $post_id; ?>" onkeyup="imageEdit.scaleChanged(<?php echo $post_id; ?>, 0, this)" onblur="imageEdit.scaleChanged(<?php echo $post_id; ?>, 0, this)" value="<?php echo isset( $meta['height'] ) ? $meta['height'] : 0; ?>" /> + <button id="imgedit-scale-button" type="button" onclick="imageEdit.action(<?php echo "$post_id, '$nonce'"; ?>, 'scale')" class="button button-primary"><?php esc_html_e( 'Scale' ); ?></button> + <span class="imgedit-scale-warn" id="imgedit-scale-warn-<?php echo $post_id; ?>"><span class="dashicons dashicons-warning" aria-hidden="true"></span><?php esc_html_e( 'Images cannot be scaled to a size larger than the original.' ); ?></span> + </div> + </fieldset> + </div> + </div> + </div> + </div> + + <?php if ( $can_restore ) { ?> + <div class="imgedit-group"> + <div class="imgedit-group-top"> + <h2><button type="button" onclick="imageEdit.toggleHelp(this);" class="button-link" aria-expanded="false"><?php _e( 'Restore original image' ); ?> <span class="dashicons dashicons-arrow-down imgedit-help-toggle"></span></button></h2> + <div class="imgedit-help imgedit-restore"> + <p> + <?php + _e( 'Discard any changes and restore the original image.' ); + if ( ! defined( 'IMAGE_EDIT_OVERWRITE' ) || ! IMAGE_EDIT_OVERWRITE ) { + echo ' ' . __( 'Previously edited copies of the image will not be deleted.' ); + } + ?> + </p> + <div class="imgedit-submit"> + <input type="button" onclick="imageEdit.action(<?php echo "$post_id, '$nonce'"; ?>, 'restore')" class="button button-primary" value="<?php esc_attr_e( 'Restore image' ); ?>" <?php echo $can_restore; ?> /> + </div> + </div> + </div> + </div> + <?php } ?> + <div class="imgedit-group"> + <div id="imgedit-crop" tabindex="-1" class="imgedit-group-controls"> + <div class="imgedit-group-top"> + <h2><?php _e( 'Crop Image' ); ?></h2> + <button type="button" class="dashicons dashicons-editor-help imgedit-help-toggle" onclick="imageEdit.toggleHelp(this);" aria-expanded="false"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Image Crop Help' ); + ?> + </span></button> + <div class="imgedit-help"> + <p><?php _e( 'To crop the image, click on it and drag to make your selection.' ); ?></p> + <p><strong><?php _e( 'Crop Aspect Ratio' ); ?></strong><br /> + <?php _e( 'The aspect ratio is the relationship between the width and height. You can preserve the aspect ratio by holding down the shift key while resizing your selection. Use the input box to specify the aspect ratio, e.g. 1:1 (square), 4:3, 16:9, etc.' ); ?></p> + + <p><strong><?php _e( 'Crop Selection' ); ?></strong><br /> + <?php _e( 'Once you have made your selection, you can adjust it by entering the size in pixels. The minimum selection size is the thumbnail size as set in the Media settings.' ); ?></p> + </div> + </div> + <fieldset class="imgedit-crop-ratio"> + <legend><?php _e( 'Aspect ratio:' ); ?></legend> + <div class="nowrap"> + <label for="imgedit-crop-width-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'crop ratio width' ); + ?> + </label> + <input type="number" step="1" min="1" id="imgedit-crop-width-<?php echo $post_id; ?>" onkeyup="imageEdit.setRatioSelection(<?php echo $post_id; ?>, 0, this)" onblur="imageEdit.setRatioSelection(<?php echo $post_id; ?>, 0, this)" /> + <span class="imgedit-separator" aria-hidden="true">:</span> + <label for="imgedit-crop-height-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'crop ratio height' ); + ?> + </label> + <input type="number" step="1" min="0" id="imgedit-crop-height-<?php echo $post_id; ?>" onkeyup="imageEdit.setRatioSelection(<?php echo $post_id; ?>, 1, this)" onblur="imageEdit.setRatioSelection(<?php echo $post_id; ?>, 1, this)" /> + </div> + </fieldset> + <fieldset id="imgedit-crop-sel-<?php echo $post_id; ?>" class="imgedit-crop-sel"> + <legend><?php _e( 'Selection:' ); ?></legend> + <div class="nowrap"> + <label for="imgedit-sel-width-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'selection width' ); + ?> + </label> + <input type="number" step="1" min="0" id="imgedit-sel-width-<?php echo $post_id; ?>" onkeyup="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" onblur="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" /> + <span class="imgedit-separator" aria-hidden="true">×</span> + <label for="imgedit-sel-height-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'selection height' ); + ?> + </label> + <input type="number" step="1" min="0" id="imgedit-sel-height-<?php echo $post_id; ?>" onkeyup="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" onblur="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" /> + </div> + </fieldset> + <fieldset id="imgedit-crop-sel-<?php echo $post_id; ?>" class="imgedit-crop-sel"> + <legend><?php _e( 'Starting Coordinates:' ); ?></legend> + <div class="nowrap"> + <label for="imgedit-start-x-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'horizontal start position' ); + ?> + </label> + <input type="number" step="1" min="0" id="imgedit-start-x-<?php echo $post_id; ?>" onkeyup="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" onblur="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" value="0" /> + <span class="imgedit-separator" aria-hidden="true">×</span> + <label for="imgedit-start-y-<?php echo $post_id; ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'vertical start position' ); + ?> + </label> + <input type="number" step="1" min="0" id="imgedit-start-y-<?php echo $post_id; ?>" onkeyup="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" onblur="imageEdit.setNumSelection(<?php echo $post_id; ?>, this)" value="0" /> + </div> + </fieldset> + <div class="imgedit-crop-apply imgedit-menu container"> + <button class="button-primary" type="button" onclick="imageEdit.handleCropToolClick( <?php echo "$post_id, '$nonce'"; ?>, this );" class="imgedit-crop-apply button"><?php esc_html_e( 'Apply Crop' ); ?></button> <button type="button" onclick="imageEdit.handleCropToolClick( <?php echo "$post_id, '$nonce'"; ?>, this );" class="imgedit-crop-clear button" disabled="disabled"><?php esc_html_e( 'Clear Crop' ); ?></button> + </div> + </div> + </div> + </div> + + <?php + if ( $edit_thumbnails_separately && $thumb && $sub_sizes ) { + $thumb_img = wp_constrain_dimensions( $thumb['width'], $thumb['height'], 160, 120 ); + ?> + + <div class="imgedit-group imgedit-applyto"> + <div class="imgedit-group-top"> + <h2><?php _e( 'Thumbnail Settings' ); ?></h2> + <button type="button" class="dashicons dashicons-editor-help imgedit-help-toggle" onclick="imageEdit.toggleHelp(this);" aria-expanded="false"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + esc_html_e( 'Thumbnail Settings Help' ); + ?> + </span></button> + <div class="imgedit-help"> + <p><?php _e( 'You can edit the image while preserving the thumbnail. For example, you may wish to have a square thumbnail that displays just a section of the image.' ); ?></p> + </div> + </div> + <div class="imgedit-thumbnail-preview-group"> + <figure class="imgedit-thumbnail-preview"> + <img src="<?php echo $thumb['url']; ?>" width="<?php echo $thumb_img[0]; ?>" height="<?php echo $thumb_img[1]; ?>" class="imgedit-size-preview" alt="" draggable="false" /> + <figcaption class="imgedit-thumbnail-preview-caption"><?php _e( 'Current thumbnail' ); ?></figcaption> + </figure> + <div id="imgedit-save-target-<?php echo $post_id; ?>" class="imgedit-save-target"> + <fieldset> + <legend><?php _e( 'Apply changes to:' ); ?></legend> + + <span class="imgedit-label"> + <input type="radio" id="imgedit-target-all" name="imgedit-target-<?php echo $post_id; ?>" value="all" checked="checked" /> + <label for="imgedit-target-all"><?php _e( 'All image sizes' ); ?></label> + </span> + + <span class="imgedit-label"> + <input type="radio" id="imgedit-target-thumbnail" name="imgedit-target-<?php echo $post_id; ?>" value="thumbnail" /> + <label for="imgedit-target-thumbnail"><?php _e( 'Thumbnail' ); ?></label> + </span> + + <span class="imgedit-label"> + <input type="radio" id="imgedit-target-nothumb" name="imgedit-target-<?php echo $post_id; ?>" value="nothumb" /> + <label for="imgedit-target-nothumb"><?php _e( 'All sizes except thumbnail' ); ?></label> + </span> + + </fieldset> + </div> + </div> + </div> + <?php } ?> + </div> + </div> + + </div> + + <div class="imgedit-wait" id="imgedit-wait-<?php echo $post_id; ?>"></div> + <div class="hidden" id="imgedit-leaving-<?php echo $post_id; ?>"><?php _e( "There are unsaved changes that will be lost. 'OK' to continue, 'Cancel' to return to the Image Editor." ); ?></div> + </div> + <?php +} + +/** + * Streams image in WP_Image_Editor to browser. + * + * @since 2.9.0 + * + * @param WP_Image_Editor $image The image editor instance. + * @param string $mime_type The mime type of the image. + * @param int $attachment_id The image's attachment post ID. + * @return bool True on success, false on failure. + */ +function wp_stream_image( $image, $mime_type, $attachment_id ) { + if ( $image instanceof WP_Image_Editor ) { + + /** + * Filters the WP_Image_Editor instance for the image to be streamed to the browser. + * + * @since 3.5.0 + * + * @param WP_Image_Editor $image The image editor instance. + * @param int $attachment_id The attachment post ID. + */ + $image = apply_filters( 'image_editor_save_pre', $image, $attachment_id ); + + if ( is_wp_error( $image->stream( $mime_type ) ) ) { + return false; + } + + return true; + } else { + /* translators: 1: $image, 2: WP_Image_Editor */ + _deprecated_argument( __FUNCTION__, '3.5.0', sprintf( __( '%1$s needs to be a %2$s object.' ), '$image', 'WP_Image_Editor' ) ); + + /** + * Filters the GD image resource to be streamed to the browser. + * + * @since 2.9.0 + * @deprecated 3.5.0 Use {@see 'image_editor_save_pre'} instead. + * + * @param resource|GdImage $image Image resource to be streamed. + * @param int $attachment_id The attachment post ID. + */ + $image = apply_filters_deprecated( 'image_save_pre', array( $image, $attachment_id ), '3.5.0', 'image_editor_save_pre' ); + + switch ( $mime_type ) { + case 'image/jpeg': + header( 'Content-Type: image/jpeg' ); + return imagejpeg( $image, null, 90 ); + case 'image/png': + header( 'Content-Type: image/png' ); + return imagepng( $image ); + case 'image/gif': + header( 'Content-Type: image/gif' ); + return imagegif( $image ); + case 'image/webp': + if ( function_exists( 'imagewebp' ) ) { + header( 'Content-Type: image/webp' ); + return imagewebp( $image, null, 90 ); + } + return false; + default: + return false; + } + } +} + +/** + * Saves image to file. + * + * @since 2.9.0 + * @since 3.5.0 The `$image` parameter expects a `WP_Image_Editor` instance. + * @since 6.0.0 The `$filesize` value was added to the returned array. + * + * @param string $filename Name of the file to be saved. + * @param WP_Image_Editor $image The image editor instance. + * @param string $mime_type The mime type of the image. + * @param int $post_id Attachment post ID. + * @return array|WP_Error|bool { + * Array on success or WP_Error if the file failed to save. + * When called with a deprecated value for the `$image` parameter, + * i.e. a non-`WP_Image_Editor` image resource or `GdImage` instance, + * the function will return true on success, false on failure. + * + * @type string $path Path to the image file. + * @type string $file Name of the image file. + * @type int $width Image width. + * @type int $height Image height. + * @type string $mime-type The mime type of the image. + * @type int $filesize File size of the image. + * } + */ +function wp_save_image_file( $filename, $image, $mime_type, $post_id ) { + if ( $image instanceof WP_Image_Editor ) { + + /** This filter is documented in wp-admin/includes/image-edit.php */ + $image = apply_filters( 'image_editor_save_pre', $image, $post_id ); + + /** + * Filters whether to skip saving the image file. + * + * Returning a non-null value will short-circuit the save method, + * returning that value instead. + * + * @since 3.5.0 + * + * @param bool|null $override Value to return instead of saving. Default null. + * @param string $filename Name of the file to be saved. + * @param WP_Image_Editor $image The image editor instance. + * @param string $mime_type The mime type of the image. + * @param int $post_id Attachment post ID. + */ + $saved = apply_filters( 'wp_save_image_editor_file', null, $filename, $image, $mime_type, $post_id ); + + if ( null !== $saved ) { + return $saved; + } + + return $image->save( $filename, $mime_type ); + } else { + /* translators: 1: $image, 2: WP_Image_Editor */ + _deprecated_argument( __FUNCTION__, '3.5.0', sprintf( __( '%1$s needs to be a %2$s object.' ), '$image', 'WP_Image_Editor' ) ); + + /** This filter is documented in wp-admin/includes/image-edit.php */ + $image = apply_filters_deprecated( 'image_save_pre', array( $image, $post_id ), '3.5.0', 'image_editor_save_pre' ); + + /** + * Filters whether to skip saving the image file. + * + * Returning a non-null value will short-circuit the save method, + * returning that value instead. + * + * @since 2.9.0 + * @deprecated 3.5.0 Use {@see 'wp_save_image_editor_file'} instead. + * + * @param bool|null $override Value to return instead of saving. Default null. + * @param string $filename Name of the file to be saved. + * @param resource|GdImage $image Image resource or GdImage instance. + * @param string $mime_type The mime type of the image. + * @param int $post_id Attachment post ID. + */ + $saved = apply_filters_deprecated( + 'wp_save_image_file', + array( null, $filename, $image, $mime_type, $post_id ), + '3.5.0', + 'wp_save_image_editor_file' + ); + + if ( null !== $saved ) { + return $saved; + } + + switch ( $mime_type ) { + case 'image/jpeg': + /** This filter is documented in wp-includes/class-wp-image-editor.php */ + return imagejpeg( $image, $filename, apply_filters( 'jpeg_quality', 90, 'edit_image' ) ); + case 'image/png': + return imagepng( $image, $filename ); + case 'image/gif': + return imagegif( $image, $filename ); + case 'image/webp': + if ( function_exists( 'imagewebp' ) ) { + return imagewebp( $image, $filename ); + } + return false; + default: + return false; + } + } +} + +/** + * Image preview ratio. Internal use only. + * + * @since 2.9.0 + * + * @ignore + * @param int $w Image width in pixels. + * @param int $h Image height in pixels. + * @return float|int Image preview ratio. + */ +function _image_get_preview_ratio( $w, $h ) { + $max = max( $w, $h ); + return $max > 600 ? ( 600 / $max ) : 1; +} + +/** + * Returns an image resource. Internal use only. + * + * @since 2.9.0 + * @deprecated 3.5.0 Use WP_Image_Editor::rotate() + * @see WP_Image_Editor::rotate() + * + * @ignore + * @param resource|GdImage $img Image resource. + * @param float|int $angle Image rotation angle, in degrees. + * @return resource|GdImage|false GD image resource or GdImage instance, false otherwise. + */ +function _rotate_image_resource( $img, $angle ) { + _deprecated_function( __FUNCTION__, '3.5.0', 'WP_Image_Editor::rotate()' ); + + if ( function_exists( 'imagerotate' ) ) { + $rotated = imagerotate( $img, $angle, 0 ); + + if ( is_gd_image( $rotated ) ) { + imagedestroy( $img ); + $img = $rotated; + } + } + + return $img; +} + +/** + * Flips an image resource. Internal use only. + * + * @since 2.9.0 + * @deprecated 3.5.0 Use WP_Image_Editor::flip() + * @see WP_Image_Editor::flip() + * + * @ignore + * @param resource|GdImage $img Image resource or GdImage instance. + * @param bool $horz Whether to flip horizontally. + * @param bool $vert Whether to flip vertically. + * @return resource|GdImage (maybe) flipped image resource or GdImage instance. + */ +function _flip_image_resource( $img, $horz, $vert ) { + _deprecated_function( __FUNCTION__, '3.5.0', 'WP_Image_Editor::flip()' ); + + $w = imagesx( $img ); + $h = imagesy( $img ); + $dst = wp_imagecreatetruecolor( $w, $h ); + + if ( is_gd_image( $dst ) ) { + $sx = $vert ? ( $w - 1 ) : 0; + $sy = $horz ? ( $h - 1 ) : 0; + $sw = $vert ? -$w : $w; + $sh = $horz ? -$h : $h; + + if ( imagecopyresampled( $dst, $img, 0, 0, $sx, $sy, $w, $h, $sw, $sh ) ) { + imagedestroy( $img ); + $img = $dst; + } + } + + return $img; +} + +/** + * Crops an image resource. Internal use only. + * + * @since 2.9.0 + * + * @ignore + * @param resource|GdImage $img Image resource or GdImage instance. + * @param float $x Source point x-coordinate. + * @param float $y Source point y-coordinate. + * @param float $w Source width. + * @param float $h Source height. + * @return resource|GdImage (maybe) cropped image resource or GdImage instance. + */ +function _crop_image_resource( $img, $x, $y, $w, $h ) { + $dst = wp_imagecreatetruecolor( $w, $h ); + + if ( is_gd_image( $dst ) ) { + if ( imagecopy( $dst, $img, 0, 0, $x, $y, $w, $h ) ) { + imagedestroy( $img ); + $img = $dst; + } + } + + return $img; +} + +/** + * Performs group of changes on Editor specified. + * + * @since 2.9.0 + * + * @param WP_Image_Editor $image WP_Image_Editor instance. + * @param array $changes Array of change operations. + * @return WP_Image_Editor WP_Image_Editor instance with changes applied. + */ +function image_edit_apply_changes( $image, $changes ) { + if ( is_gd_image( $image ) ) { + /* translators: 1: $image, 2: WP_Image_Editor */ + _deprecated_argument( __FUNCTION__, '3.5.0', sprintf( __( '%1$s needs to be a %2$s object.' ), '$image', 'WP_Image_Editor' ) ); + } + + if ( ! is_array( $changes ) ) { + return $image; + } + + // Expand change operations. + foreach ( $changes as $key => $obj ) { + if ( isset( $obj->r ) ) { + $obj->type = 'rotate'; + $obj->angle = $obj->r; + unset( $obj->r ); + } elseif ( isset( $obj->f ) ) { + $obj->type = 'flip'; + $obj->axis = $obj->f; + unset( $obj->f ); + } elseif ( isset( $obj->c ) ) { + $obj->type = 'crop'; + $obj->sel = $obj->c; + unset( $obj->c ); + } + + $changes[ $key ] = $obj; + } + + // Combine operations. + if ( count( $changes ) > 1 ) { + $filtered = array( $changes[0] ); + + for ( $i = 0, $j = 1, $c = count( $changes ); $j < $c; $j++ ) { + $combined = false; + + if ( $filtered[ $i ]->type === $changes[ $j ]->type ) { + switch ( $filtered[ $i ]->type ) { + case 'rotate': + $filtered[ $i ]->angle += $changes[ $j ]->angle; + $combined = true; + break; + case 'flip': + $filtered[ $i ]->axis ^= $changes[ $j ]->axis; + $combined = true; + break; + } + } + + if ( ! $combined ) { + $filtered[ ++$i ] = $changes[ $j ]; + } + } + + $changes = $filtered; + unset( $filtered ); + } + + // Image resource before applying the changes. + if ( $image instanceof WP_Image_Editor ) { + + /** + * Filters the WP_Image_Editor instance before applying changes to the image. + * + * @since 3.5.0 + * + * @param WP_Image_Editor $image WP_Image_Editor instance. + * @param array $changes Array of change operations. + */ + $image = apply_filters( 'wp_image_editor_before_change', $image, $changes ); + } elseif ( is_gd_image( $image ) ) { + + /** + * Filters the GD image resource before applying changes to the image. + * + * @since 2.9.0 + * @deprecated 3.5.0 Use {@see 'wp_image_editor_before_change'} instead. + * + * @param resource|GdImage $image GD image resource or GdImage instance. + * @param array $changes Array of change operations. + */ + $image = apply_filters_deprecated( 'image_edit_before_change', array( $image, $changes ), '3.5.0', 'wp_image_editor_before_change' ); + } + + foreach ( $changes as $operation ) { + switch ( $operation->type ) { + case 'rotate': + if ( 0 !== $operation->angle ) { + if ( $image instanceof WP_Image_Editor ) { + $image->rotate( $operation->angle ); + } else { + $image = _rotate_image_resource( $image, $operation->angle ); + } + } + break; + case 'flip': + if ( 0 !== $operation->axis ) { + if ( $image instanceof WP_Image_Editor ) { + $image->flip( ( $operation->axis & 1 ) !== 0, ( $operation->axis & 2 ) !== 0 ); + } else { + $image = _flip_image_resource( $image, ( $operation->axis & 1 ) !== 0, ( $operation->axis & 2 ) !== 0 ); + } + } + break; + case 'crop': + $sel = $operation->sel; + + if ( $image instanceof WP_Image_Editor ) { + $size = $image->get_size(); + $w = $size['width']; + $h = $size['height']; + + $scale = 1 / _image_get_preview_ratio( $w, $h ); // Discard preview scaling. + $image->crop( $sel->x * $scale, $sel->y * $scale, $sel->w * $scale, $sel->h * $scale ); + } else { + $scale = 1 / _image_get_preview_ratio( imagesx( $image ), imagesy( $image ) ); // Discard preview scaling. + $image = _crop_image_resource( $image, $sel->x * $scale, $sel->y * $scale, $sel->w * $scale, $sel->h * $scale ); + } + break; + } + } + + return $image; +} + + +/** + * Streams image in post to browser, along with enqueued changes + * in `$_REQUEST['history']`. + * + * @since 2.9.0 + * + * @param int $post_id Attachment post ID. + * @return bool True on success, false on failure. + */ +function stream_preview_image( $post_id ) { + $post = get_post( $post_id ); + + wp_raise_memory_limit( 'admin' ); + + $img = wp_get_image_editor( _load_image_to_edit_path( $post_id ) ); + + if ( is_wp_error( $img ) ) { + return false; + } + + $changes = ! empty( $_REQUEST['history'] ) ? json_decode( wp_unslash( $_REQUEST['history'] ) ) : null; + if ( $changes ) { + $img = image_edit_apply_changes( $img, $changes ); + } + + // Scale the image. + $size = $img->get_size(); + $w = $size['width']; + $h = $size['height']; + + $ratio = _image_get_preview_ratio( $w, $h ); + $w2 = max( 1, $w * $ratio ); + $h2 = max( 1, $h * $ratio ); + + if ( is_wp_error( $img->resize( $w2, $h2 ) ) ) { + return false; + } + + return wp_stream_image( $img, $post->post_mime_type, $post_id ); +} + +/** + * Restores the metadata for a given attachment. + * + * @since 2.9.0 + * + * @param int $post_id Attachment post ID. + * @return stdClass Image restoration message object. + */ +function wp_restore_image( $post_id ) { + $meta = wp_get_attachment_metadata( $post_id ); + $file = get_attached_file( $post_id ); + $backup_sizes = get_post_meta( $post_id, '_wp_attachment_backup_sizes', true ); + $old_backup_sizes = $backup_sizes; + $restored = false; + $msg = new stdClass(); + + if ( ! is_array( $backup_sizes ) ) { + $msg->error = __( 'Cannot load image metadata.' ); + return $msg; + } + + $parts = pathinfo( $file ); + $suffix = time() . rand( 100, 999 ); + $default_sizes = get_intermediate_image_sizes(); + + if ( isset( $backup_sizes['full-orig'] ) && is_array( $backup_sizes['full-orig'] ) ) { + $data = $backup_sizes['full-orig']; + + if ( $parts['basename'] !== $data['file'] ) { + if ( defined( 'IMAGE_EDIT_OVERWRITE' ) && IMAGE_EDIT_OVERWRITE ) { + // Delete only if it's an edited image. + if ( preg_match( '/-e[0-9]{13}\./', $parts['basename'] ) ) { + wp_delete_file( $file ); + } + } elseif ( isset( $meta['width'], $meta['height'] ) ) { + $backup_sizes[ "full-$suffix" ] = array( + 'width' => $meta['width'], + 'height' => $meta['height'], + 'file' => $parts['basename'], + ); + } + } + + $restored_file = path_join( $parts['dirname'], $data['file'] ); + $restored = update_attached_file( $post_id, $restored_file ); + + $meta['file'] = _wp_relative_upload_path( $restored_file ); + $meta['width'] = $data['width']; + $meta['height'] = $data['height']; + } + + foreach ( $default_sizes as $default_size ) { + if ( isset( $backup_sizes[ "$default_size-orig" ] ) ) { + $data = $backup_sizes[ "$default_size-orig" ]; + + if ( isset( $meta['sizes'][ $default_size ] ) && $meta['sizes'][ $default_size ]['file'] !== $data['file'] ) { + if ( defined( 'IMAGE_EDIT_OVERWRITE' ) && IMAGE_EDIT_OVERWRITE ) { + // Delete only if it's an edited image. + if ( preg_match( '/-e[0-9]{13}-/', $meta['sizes'][ $default_size ]['file'] ) ) { + $delete_file = path_join( $parts['dirname'], $meta['sizes'][ $default_size ]['file'] ); + wp_delete_file( $delete_file ); + } + } else { + $backup_sizes[ "$default_size-{$suffix}" ] = $meta['sizes'][ $default_size ]; + } + } + + $meta['sizes'][ $default_size ] = $data; + } else { + unset( $meta['sizes'][ $default_size ] ); + } + } + + if ( ! wp_update_attachment_metadata( $post_id, $meta ) + || ( $old_backup_sizes !== $backup_sizes && ! update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes ) ) + ) { + $msg->error = __( 'Cannot save image metadata.' ); + return $msg; + } + + if ( ! $restored ) { + $msg->error = __( 'Image metadata is inconsistent.' ); + } else { + $msg->msg = __( 'Image restored successfully.' ); + + if ( defined( 'IMAGE_EDIT_OVERWRITE' ) && IMAGE_EDIT_OVERWRITE ) { + delete_post_meta( $post_id, '_wp_attachment_backup_sizes' ); + } + } + + return $msg; +} + +/** + * Saves image to post, along with enqueued changes + * in `$_REQUEST['history']`. + * + * @since 2.9.0 + * + * @param int $post_id Attachment post ID. + * @return stdClass + */ +function wp_save_image( $post_id ) { + $_wp_additional_image_sizes = wp_get_additional_image_sizes(); + + $return = new stdClass(); + $success = false; + $delete = false; + $scaled = false; + $nocrop = false; + $post = get_post( $post_id ); + + $img = wp_get_image_editor( _load_image_to_edit_path( $post_id, 'full' ) ); + + if ( is_wp_error( $img ) ) { + $return->error = esc_js( __( 'Unable to create new image.' ) ); + return $return; + } + + $full_width = ! empty( $_REQUEST['fwidth'] ) ? (int) $_REQUEST['fwidth'] : 0; + $full_height = ! empty( $_REQUEST['fheight'] ) ? (int) $_REQUEST['fheight'] : 0; + $target = ! empty( $_REQUEST['target'] ) ? preg_replace( '/[^a-z0-9_-]+/i', '', $_REQUEST['target'] ) : ''; + $scale = ! empty( $_REQUEST['do'] ) && 'scale' === $_REQUEST['do']; + + /** This filter is documented in wp-admin/includes/image-edit.php */ + $edit_thumbnails_separately = (bool) apply_filters( 'image_edit_thumbnails_separately', false ); + + if ( $scale ) { + $size = $img->get_size(); + $original_width = $size['width']; + $original_height = $size['height']; + + if ( $full_width > $original_width || $full_height > $original_height ) { + $return->error = esc_js( __( 'Images cannot be scaled to a size larger than the original.' ) ); + return $return; + } + + if ( $full_width > 0 && $full_height > 0 ) { + // Check if it has roughly the same w / h ratio. + $diff = round( $original_width / $original_height, 2 ) - round( $full_width / $full_height, 2 ); + if ( -0.1 < $diff && $diff < 0.1 ) { + // Scale the full size image. + if ( $img->resize( $full_width, $full_height ) ) { + $scaled = true; + } + } + + if ( ! $scaled ) { + $return->error = esc_js( __( 'Error while saving the scaled image. Please reload the page and try again.' ) ); + return $return; + } + } + } elseif ( ! empty( $_REQUEST['history'] ) ) { + $changes = json_decode( wp_unslash( $_REQUEST['history'] ) ); + if ( $changes ) { + $img = image_edit_apply_changes( $img, $changes ); + } + } else { + $return->error = esc_js( __( 'Nothing to save, the image has not changed.' ) ); + return $return; + } + + $meta = wp_get_attachment_metadata( $post_id ); + $backup_sizes = get_post_meta( $post->ID, '_wp_attachment_backup_sizes', true ); + + if ( ! is_array( $meta ) ) { + $return->error = esc_js( __( 'Image data does not exist. Please re-upload the image.' ) ); + return $return; + } + + if ( ! is_array( $backup_sizes ) ) { + $backup_sizes = array(); + } + + // Generate new filename. + $path = get_attached_file( $post_id ); + + $basename = pathinfo( $path, PATHINFO_BASENAME ); + $dirname = pathinfo( $path, PATHINFO_DIRNAME ); + $ext = pathinfo( $path, PATHINFO_EXTENSION ); + $filename = pathinfo( $path, PATHINFO_FILENAME ); + $suffix = time() . rand( 100, 999 ); + + if ( defined( 'IMAGE_EDIT_OVERWRITE' ) && IMAGE_EDIT_OVERWRITE + && isset( $backup_sizes['full-orig'] ) && $backup_sizes['full-orig']['file'] !== $basename + ) { + + if ( $edit_thumbnails_separately && 'thumbnail' === $target ) { + $new_path = "{$dirname}/{$filename}-temp.{$ext}"; + } else { + $new_path = $path; + } + } else { + while ( true ) { + $filename = preg_replace( '/-e([0-9]+)$/', '', $filename ); + $filename .= "-e{$suffix}"; + $new_filename = "{$filename}.{$ext}"; + $new_path = "{$dirname}/$new_filename"; + + if ( file_exists( $new_path ) ) { + ++$suffix; + } else { + break; + } + } + } + + // Save the full-size file, also needed to create sub-sizes. + if ( ! wp_save_image_file( $new_path, $img, $post->post_mime_type, $post_id ) ) { + $return->error = esc_js( __( 'Unable to save the image.' ) ); + return $return; + } + + if ( 'nothumb' === $target || 'all' === $target || 'full' === $target || $scaled ) { + $tag = false; + + if ( isset( $backup_sizes['full-orig'] ) ) { + if ( ( ! defined( 'IMAGE_EDIT_OVERWRITE' ) || ! IMAGE_EDIT_OVERWRITE ) + && $backup_sizes['full-orig']['file'] !== $basename + ) { + $tag = "full-$suffix"; + } + } else { + $tag = 'full-orig'; + } + + if ( $tag ) { + $backup_sizes[ $tag ] = array( + 'width' => $meta['width'], + 'height' => $meta['height'], + 'file' => $basename, + ); + } + + $success = ( $path === $new_path ) || update_attached_file( $post_id, $new_path ); + + $meta['file'] = _wp_relative_upload_path( $new_path ); + + $size = $img->get_size(); + $meta['width'] = $size['width']; + $meta['height'] = $size['height']; + + if ( $success && ( 'nothumb' === $target || 'all' === $target ) ) { + $sizes = get_intermediate_image_sizes(); + + if ( $edit_thumbnails_separately && 'nothumb' === $target ) { + $sizes = array_diff( $sizes, array( 'thumbnail' ) ); + } + } + + $return->fw = $meta['width']; + $return->fh = $meta['height']; + } elseif ( $edit_thumbnails_separately && 'thumbnail' === $target ) { + $sizes = array( 'thumbnail' ); + $success = true; + $delete = true; + $nocrop = true; + } + + /* + * We need to remove any existing resized image files because + * a new crop or rotate could generate different sizes (and hence, filenames), + * keeping the new resized images from overwriting the existing image files. + * https://core.trac.wordpress.org/ticket/32171 + */ + if ( defined( 'IMAGE_EDIT_OVERWRITE' ) && IMAGE_EDIT_OVERWRITE && ! empty( $meta['sizes'] ) ) { + foreach ( $meta['sizes'] as $size ) { + if ( ! empty( $size['file'] ) && preg_match( '/-e[0-9]{13}-/', $size['file'] ) ) { + $delete_file = path_join( $dirname, $size['file'] ); + wp_delete_file( $delete_file ); + } + } + } + + if ( isset( $sizes ) ) { + $_sizes = array(); + + foreach ( $sizes as $size ) { + $tag = false; + + if ( isset( $meta['sizes'][ $size ] ) ) { + if ( isset( $backup_sizes[ "$size-orig" ] ) ) { + if ( ( ! defined( 'IMAGE_EDIT_OVERWRITE' ) || ! IMAGE_EDIT_OVERWRITE ) + && $backup_sizes[ "$size-orig" ]['file'] !== $meta['sizes'][ $size ]['file'] + ) { + $tag = "$size-$suffix"; + } + } else { + $tag = "$size-orig"; + } + + if ( $tag ) { + $backup_sizes[ $tag ] = $meta['sizes'][ $size ]; + } + } + + if ( isset( $_wp_additional_image_sizes[ $size ] ) ) { + $width = (int) $_wp_additional_image_sizes[ $size ]['width']; + $height = (int) $_wp_additional_image_sizes[ $size ]['height']; + $crop = ( $nocrop ) ? false : $_wp_additional_image_sizes[ $size ]['crop']; + } else { + $height = get_option( "{$size}_size_h" ); + $width = get_option( "{$size}_size_w" ); + $crop = ( $nocrop ) ? false : get_option( "{$size}_crop" ); + } + + $_sizes[ $size ] = array( + 'width' => $width, + 'height' => $height, + 'crop' => $crop, + ); + } + + $meta['sizes'] = array_merge( $meta['sizes'], $img->multi_resize( $_sizes ) ); + } + + unset( $img ); + + if ( $success ) { + wp_update_attachment_metadata( $post_id, $meta ); + update_post_meta( $post_id, '_wp_attachment_backup_sizes', $backup_sizes ); + + if ( 'thumbnail' === $target || 'all' === $target || 'full' === $target ) { + // Check if it's an image edit from attachment edit screen. + if ( ! empty( $_REQUEST['context'] ) && 'edit-attachment' === $_REQUEST['context'] ) { + $thumb_url = wp_get_attachment_image_src( $post_id, array( 900, 600 ), true ); + + $return->thumbnail = $thumb_url[0]; + } else { + $file_url = wp_get_attachment_url( $post_id ); + + if ( ! empty( $meta['sizes']['thumbnail'] ) ) { + $thumb = $meta['sizes']['thumbnail']; + $return->thumbnail = path_join( dirname( $file_url ), $thumb['file'] ); + } else { + $return->thumbnail = "$file_url?w=128&h=128"; + } + } + } + } else { + $delete = true; + } + + if ( $delete ) { + wp_delete_file( $new_path ); + } + + $return->msg = esc_js( __( 'Image saved' ) ); + + return $return; +} diff --git a/wp-admin/includes/image.php b/wp-admin/includes/image.php new file mode 100644 index 0000000..2bdcc50 --- /dev/null +++ b/wp-admin/includes/image.php @@ -0,0 +1,1166 @@ +<?php +/** + * File contains all the administration image manipulation functions. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Crops an image to a given size. + * + * @since 2.1.0 + * + * @param string|int $src The source file or Attachment ID. + * @param int $src_x The start x position to crop from. + * @param int $src_y The start y position to crop from. + * @param int $src_w The width to crop. + * @param int $src_h The height to crop. + * @param int $dst_w The destination width. + * @param int $dst_h The destination height. + * @param bool|false $src_abs Optional. If the source crop points are absolute. + * @param string|false $dst_file Optional. The destination file to write to. + * @return string|WP_Error New filepath on success, WP_Error on failure. + */ +function wp_crop_image( $src, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_h, $src_abs = false, $dst_file = false ) { + $src_file = $src; + if ( is_numeric( $src ) ) { // Handle int as attachment ID. + $src_file = get_attached_file( $src ); + + if ( ! file_exists( $src_file ) ) { + /* + * If the file doesn't exist, attempt a URL fopen on the src link. + * This can occur with certain file replication plugins. + */ + $src = _load_image_to_edit_path( $src, 'full' ); + } else { + $src = $src_file; + } + } + + $editor = wp_get_image_editor( $src ); + if ( is_wp_error( $editor ) ) { + return $editor; + } + + $src = $editor->crop( $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_h, $src_abs ); + if ( is_wp_error( $src ) ) { + return $src; + } + + if ( ! $dst_file ) { + $dst_file = str_replace( wp_basename( $src_file ), 'cropped-' . wp_basename( $src_file ), $src_file ); + } + + /* + * The directory containing the original file may no longer exist when + * using a replication plugin. + */ + wp_mkdir_p( dirname( $dst_file ) ); + + $dst_file = dirname( $dst_file ) . '/' . wp_unique_filename( dirname( $dst_file ), wp_basename( $dst_file ) ); + + $result = $editor->save( $dst_file ); + if ( is_wp_error( $result ) ) { + return $result; + } + + if ( ! empty( $result['path'] ) ) { + return $result['path']; + } + + return $dst_file; +} + +/** + * Compare the existing image sub-sizes (as saved in the attachment meta) + * to the currently registered image sub-sizes, and return the difference. + * + * Registered sub-sizes that are larger than the image are skipped. + * + * @since 5.3.0 + * + * @param int $attachment_id The image attachment post ID. + * @return array[] Associative array of arrays of image sub-size information for + * missing image sizes, keyed by image size name. + */ +function wp_get_missing_image_subsizes( $attachment_id ) { + if ( ! wp_attachment_is_image( $attachment_id ) ) { + return array(); + } + + $registered_sizes = wp_get_registered_image_subsizes(); + $image_meta = wp_get_attachment_metadata( $attachment_id ); + + // Meta error? + if ( empty( $image_meta ) ) { + return $registered_sizes; + } + + // Use the originally uploaded image dimensions as full_width and full_height. + if ( ! empty( $image_meta['original_image'] ) ) { + $image_file = wp_get_original_image_path( $attachment_id ); + $imagesize = wp_getimagesize( $image_file ); + } + + if ( ! empty( $imagesize ) ) { + $full_width = $imagesize[0]; + $full_height = $imagesize[1]; + } else { + $full_width = (int) $image_meta['width']; + $full_height = (int) $image_meta['height']; + } + + $possible_sizes = array(); + + // Skip registered sizes that are too large for the uploaded image. + foreach ( $registered_sizes as $size_name => $size_data ) { + if ( image_resize_dimensions( $full_width, $full_height, $size_data['width'], $size_data['height'], $size_data['crop'] ) ) { + $possible_sizes[ $size_name ] = $size_data; + } + } + + if ( empty( $image_meta['sizes'] ) ) { + $image_meta['sizes'] = array(); + } + + /* + * Remove sizes that already exist. Only checks for matching "size names". + * It is possible that the dimensions for a particular size name have changed. + * For example the user has changed the values on the Settings -> Media screen. + * However we keep the old sub-sizes with the previous dimensions + * as the image may have been used in an older post. + */ + $missing_sizes = array_diff_key( $possible_sizes, $image_meta['sizes'] ); + + /** + * Filters the array of missing image sub-sizes for an uploaded image. + * + * @since 5.3.0 + * + * @param array[] $missing_sizes Associative array of arrays of image sub-size information for + * missing image sizes, keyed by image size name. + * @param array $image_meta The image meta data. + * @param int $attachment_id The image attachment post ID. + */ + return apply_filters( 'wp_get_missing_image_subsizes', $missing_sizes, $image_meta, $attachment_id ); +} + +/** + * If any of the currently registered image sub-sizes are missing, + * create them and update the image meta data. + * + * @since 5.3.0 + * + * @param int $attachment_id The image attachment post ID. + * @return array|WP_Error The updated image meta data array or WP_Error object + * if both the image meta and the attached file are missing. + */ +function wp_update_image_subsizes( $attachment_id ) { + $image_meta = wp_get_attachment_metadata( $attachment_id ); + $image_file = wp_get_original_image_path( $attachment_id ); + + if ( empty( $image_meta ) || ! is_array( $image_meta ) ) { + /* + * Previously failed upload? + * If there is an uploaded file, make all sub-sizes and generate all of the attachment meta. + */ + if ( ! empty( $image_file ) ) { + $image_meta = wp_create_image_subsizes( $image_file, $attachment_id ); + } else { + return new WP_Error( 'invalid_attachment', __( 'The attached file cannot be found.' ) ); + } + } else { + $missing_sizes = wp_get_missing_image_subsizes( $attachment_id ); + + if ( empty( $missing_sizes ) ) { + return $image_meta; + } + + // This also updates the image meta. + $image_meta = _wp_make_subsizes( $missing_sizes, $image_file, $image_meta, $attachment_id ); + } + + /** This filter is documented in wp-admin/includes/image.php */ + $image_meta = apply_filters( 'wp_generate_attachment_metadata', $image_meta, $attachment_id, 'update' ); + + // Save the updated metadata. + wp_update_attachment_metadata( $attachment_id, $image_meta ); + + return $image_meta; +} + +/** + * Updates the attached file and image meta data when the original image was edited. + * + * @since 5.3.0 + * @since 6.0.0 The `$filesize` value was added to the returned array. + * @access private + * + * @param array $saved_data The data returned from WP_Image_Editor after successfully saving an image. + * @param string $original_file Path to the original file. + * @param array $image_meta The image meta data. + * @param int $attachment_id The attachment post ID. + * @return array The updated image meta data. + */ +function _wp_image_meta_replace_original( $saved_data, $original_file, $image_meta, $attachment_id ) { + $new_file = $saved_data['path']; + + // Update the attached file meta. + update_attached_file( $attachment_id, $new_file ); + + // Width and height of the new image. + $image_meta['width'] = $saved_data['width']; + $image_meta['height'] = $saved_data['height']; + + // Make the file path relative to the upload dir. + $image_meta['file'] = _wp_relative_upload_path( $new_file ); + + // Add image file size. + $image_meta['filesize'] = wp_filesize( $new_file ); + + // Store the original image file name in image_meta. + $image_meta['original_image'] = wp_basename( $original_file ); + + return $image_meta; +} + +/** + * Creates image sub-sizes, adds the new data to the image meta `sizes` array, and updates the image metadata. + * + * Intended for use after an image is uploaded. Saves/updates the image metadata after each + * sub-size is created. If there was an error, it is added to the returned image metadata array. + * + * @since 5.3.0 + * + * @param string $file Full path to the image file. + * @param int $attachment_id Attachment ID to process. + * @return array The image attachment meta data. + */ +function wp_create_image_subsizes( $file, $attachment_id ) { + $imagesize = wp_getimagesize( $file ); + + if ( empty( $imagesize ) ) { + // File is not an image. + return array(); + } + + // Default image meta. + $image_meta = array( + 'width' => $imagesize[0], + 'height' => $imagesize[1], + 'file' => _wp_relative_upload_path( $file ), + 'filesize' => wp_filesize( $file ), + 'sizes' => array(), + ); + + // Fetch additional metadata from EXIF/IPTC. + $exif_meta = wp_read_image_metadata( $file ); + + if ( $exif_meta ) { + $image_meta['image_meta'] = $exif_meta; + } + + // Do not scale (large) PNG images. May result in sub-sizes that have greater file size than the original. See #48736. + if ( 'image/png' !== $imagesize['mime'] ) { + + /** + * Filters the "BIG image" threshold value. + * + * If the original image width or height is above the threshold, it will be scaled down. The threshold is + * used as max width and max height. The scaled down image will be used as the largest available size, including + * the `_wp_attached_file` post meta value. + * + * Returning `false` from the filter callback will disable the scaling. + * + * @since 5.3.0 + * + * @param int $threshold The threshold value in pixels. Default 2560. + * @param array $imagesize { + * Indexed array of the image width and height in pixels. + * + * @type int $0 The image width. + * @type int $1 The image height. + * } + * @param string $file Full path to the uploaded image file. + * @param int $attachment_id Attachment post ID. + */ + $threshold = (int) apply_filters( 'big_image_size_threshold', 2560, $imagesize, $file, $attachment_id ); + + /* + * If the original image's dimensions are over the threshold, + * scale the image and use it as the "full" size. + */ + if ( $threshold && ( $image_meta['width'] > $threshold || $image_meta['height'] > $threshold ) ) { + $editor = wp_get_image_editor( $file ); + + if ( is_wp_error( $editor ) ) { + // This image cannot be edited. + return $image_meta; + } + + // Resize the image. + $resized = $editor->resize( $threshold, $threshold ); + $rotated = null; + + // If there is EXIF data, rotate according to EXIF Orientation. + if ( ! is_wp_error( $resized ) && is_array( $exif_meta ) ) { + $resized = $editor->maybe_exif_rotate(); + $rotated = $resized; + } + + if ( ! is_wp_error( $resized ) ) { + /* + * Append "-scaled" to the image file name. It will look like "my_image-scaled.jpg". + * This doesn't affect the sub-sizes names as they are generated from the original image (for best quality). + */ + $saved = $editor->save( $editor->generate_filename( 'scaled' ) ); + + if ( ! is_wp_error( $saved ) ) { + $image_meta = _wp_image_meta_replace_original( $saved, $file, $image_meta, $attachment_id ); + + // If the image was rotated update the stored EXIF data. + if ( true === $rotated && ! empty( $image_meta['image_meta']['orientation'] ) ) { + $image_meta['image_meta']['orientation'] = 1; + } + } else { + // TODO: Log errors. + } + } else { + // TODO: Log errors. + } + } elseif ( ! empty( $exif_meta['orientation'] ) && 1 !== (int) $exif_meta['orientation'] ) { + // Rotate the whole original image if there is EXIF data and "orientation" is not 1. + + $editor = wp_get_image_editor( $file ); + + if ( is_wp_error( $editor ) ) { + // This image cannot be edited. + return $image_meta; + } + + // Rotate the image. + $rotated = $editor->maybe_exif_rotate(); + + if ( true === $rotated ) { + // Append `-rotated` to the image file name. + $saved = $editor->save( $editor->generate_filename( 'rotated' ) ); + + if ( ! is_wp_error( $saved ) ) { + $image_meta = _wp_image_meta_replace_original( $saved, $file, $image_meta, $attachment_id ); + + // Update the stored EXIF data. + if ( ! empty( $image_meta['image_meta']['orientation'] ) ) { + $image_meta['image_meta']['orientation'] = 1; + } + } else { + // TODO: Log errors. + } + } + } + } + + /* + * Initial save of the new metadata. + * At this point the file was uploaded and moved to the uploads directory + * but the image sub-sizes haven't been created yet and the `sizes` array is empty. + */ + wp_update_attachment_metadata( $attachment_id, $image_meta ); + + $new_sizes = wp_get_registered_image_subsizes(); + + /** + * Filters the image sizes automatically generated when uploading an image. + * + * @since 2.9.0 + * @since 4.4.0 Added the `$image_meta` argument. + * @since 5.3.0 Added the `$attachment_id` argument. + * + * @param array $new_sizes Associative array of image sizes to be created. + * @param array $image_meta The image meta data: width, height, file, sizes, etc. + * @param int $attachment_id The attachment post ID for the image. + */ + $new_sizes = apply_filters( 'intermediate_image_sizes_advanced', $new_sizes, $image_meta, $attachment_id ); + + return _wp_make_subsizes( $new_sizes, $file, $image_meta, $attachment_id ); +} + +/** + * Low-level function to create image sub-sizes. + * + * Updates the image meta after each sub-size is created. + * Errors are stored in the returned image metadata array. + * + * @since 5.3.0 + * @access private + * + * @param array $new_sizes Array defining what sizes to create. + * @param string $file Full path to the image file. + * @param array $image_meta The attachment meta data array. + * @param int $attachment_id Attachment ID to process. + * @return array The attachment meta data with updated `sizes` array. Includes an array of errors encountered while resizing. + */ +function _wp_make_subsizes( $new_sizes, $file, $image_meta, $attachment_id ) { + if ( empty( $image_meta ) || ! is_array( $image_meta ) ) { + // Not an image attachment. + return array(); + } + + // Check if any of the new sizes already exist. + if ( isset( $image_meta['sizes'] ) && is_array( $image_meta['sizes'] ) ) { + foreach ( $image_meta['sizes'] as $size_name => $size_meta ) { + /* + * Only checks "size name" so we don't override existing images even if the dimensions + * don't match the currently defined size with the same name. + * To change the behavior, unset changed/mismatched sizes in the `sizes` array in image meta. + */ + if ( array_key_exists( $size_name, $new_sizes ) ) { + unset( $new_sizes[ $size_name ] ); + } + } + } else { + $image_meta['sizes'] = array(); + } + + if ( empty( $new_sizes ) ) { + // Nothing to do... + return $image_meta; + } + + /* + * Sort the image sub-sizes in order of priority when creating them. + * This ensures there is an appropriate sub-size the user can access immediately + * even when there was an error and not all sub-sizes were created. + */ + $priority = array( + 'medium' => null, + 'large' => null, + 'thumbnail' => null, + 'medium_large' => null, + ); + + $new_sizes = array_filter( array_merge( $priority, $new_sizes ) ); + + $editor = wp_get_image_editor( $file ); + + if ( is_wp_error( $editor ) ) { + // The image cannot be edited. + return $image_meta; + } + + // If stored EXIF data exists, rotate the source image before creating sub-sizes. + if ( ! empty( $image_meta['image_meta'] ) ) { + $rotated = $editor->maybe_exif_rotate(); + + if ( is_wp_error( $rotated ) ) { + // TODO: Log errors. + } + } + + if ( method_exists( $editor, 'make_subsize' ) ) { + foreach ( $new_sizes as $new_size_name => $new_size_data ) { + $new_size_meta = $editor->make_subsize( $new_size_data ); + + if ( is_wp_error( $new_size_meta ) ) { + // TODO: Log errors. + } else { + // Save the size meta value. + $image_meta['sizes'][ $new_size_name ] = $new_size_meta; + wp_update_attachment_metadata( $attachment_id, $image_meta ); + } + } + } else { + // Fall back to `$editor->multi_resize()`. + $created_sizes = $editor->multi_resize( $new_sizes ); + + if ( ! empty( $created_sizes ) ) { + $image_meta['sizes'] = array_merge( $image_meta['sizes'], $created_sizes ); + wp_update_attachment_metadata( $attachment_id, $image_meta ); + } + } + + return $image_meta; +} + +/** + * Generates attachment meta data and create image sub-sizes for images. + * + * @since 2.1.0 + * @since 6.0.0 The `$filesize` value was added to the returned array. + * + * @param int $attachment_id Attachment ID to process. + * @param string $file Filepath of the attached image. + * @return array Metadata for attachment. + */ +function wp_generate_attachment_metadata( $attachment_id, $file ) { + $attachment = get_post( $attachment_id ); + + $metadata = array(); + $support = false; + $mime_type = get_post_mime_type( $attachment ); + + if ( preg_match( '!^image/!', $mime_type ) && file_is_displayable_image( $file ) ) { + // Make thumbnails and other intermediate sizes. + $metadata = wp_create_image_subsizes( $file, $attachment_id ); + } elseif ( wp_attachment_is( 'video', $attachment ) ) { + $metadata = wp_read_video_metadata( $file ); + $support = current_theme_supports( 'post-thumbnails', 'attachment:video' ) || post_type_supports( 'attachment:video', 'thumbnail' ); + } elseif ( wp_attachment_is( 'audio', $attachment ) ) { + $metadata = wp_read_audio_metadata( $file ); + $support = current_theme_supports( 'post-thumbnails', 'attachment:audio' ) || post_type_supports( 'attachment:audio', 'thumbnail' ); + } + + /* + * wp_read_video_metadata() and wp_read_audio_metadata() return `false` + * if the attachment does not exist in the local filesystem, + * so make sure to convert the value to an array. + */ + if ( ! is_array( $metadata ) ) { + $metadata = array(); + } + + if ( $support && ! empty( $metadata['image']['data'] ) ) { + // Check for existing cover. + $hash = md5( $metadata['image']['data'] ); + $posts = get_posts( + array( + 'fields' => 'ids', + 'post_type' => 'attachment', + 'post_mime_type' => $metadata['image']['mime'], + 'post_status' => 'inherit', + 'posts_per_page' => 1, + 'meta_key' => '_cover_hash', + 'meta_value' => $hash, + ) + ); + $exists = reset( $posts ); + + if ( ! empty( $exists ) ) { + update_post_meta( $attachment_id, '_thumbnail_id', $exists ); + } else { + $ext = '.jpg'; + switch ( $metadata['image']['mime'] ) { + case 'image/gif': + $ext = '.gif'; + break; + case 'image/png': + $ext = '.png'; + break; + case 'image/webp': + $ext = '.webp'; + break; + } + $basename = str_replace( '.', '-', wp_basename( $file ) ) . '-image' . $ext; + $uploaded = wp_upload_bits( $basename, '', $metadata['image']['data'] ); + if ( false === $uploaded['error'] ) { + $image_attachment = array( + 'post_mime_type' => $metadata['image']['mime'], + 'post_type' => 'attachment', + 'post_content' => '', + ); + /** + * Filters the parameters for the attachment thumbnail creation. + * + * @since 3.9.0 + * + * @param array $image_attachment An array of parameters to create the thumbnail. + * @param array $metadata Current attachment metadata. + * @param array $uploaded { + * Information about the newly-uploaded file. + * + * @type string $file Filename of the newly-uploaded file. + * @type string $url URL of the uploaded file. + * @type string $type File type. + * } + */ + $image_attachment = apply_filters( 'attachment_thumbnail_args', $image_attachment, $metadata, $uploaded ); + + $sub_attachment_id = wp_insert_attachment( $image_attachment, $uploaded['file'] ); + add_post_meta( $sub_attachment_id, '_cover_hash', $hash ); + $attach_data = wp_generate_attachment_metadata( $sub_attachment_id, $uploaded['file'] ); + wp_update_attachment_metadata( $sub_attachment_id, $attach_data ); + update_post_meta( $attachment_id, '_thumbnail_id', $sub_attachment_id ); + } + } + } elseif ( 'application/pdf' === $mime_type ) { + // Try to create image thumbnails for PDFs. + + $fallback_sizes = array( + 'thumbnail', + 'medium', + 'large', + ); + + /** + * Filters the image sizes generated for non-image mime types. + * + * @since 4.7.0 + * + * @param string[] $fallback_sizes An array of image size names. + * @param array $metadata Current attachment metadata. + */ + $fallback_sizes = apply_filters( 'fallback_intermediate_image_sizes', $fallback_sizes, $metadata ); + + $registered_sizes = wp_get_registered_image_subsizes(); + $merged_sizes = array_intersect_key( $registered_sizes, array_flip( $fallback_sizes ) ); + + // Force thumbnails to be soft crops. + if ( isset( $merged_sizes['thumbnail'] ) && is_array( $merged_sizes['thumbnail'] ) ) { + $merged_sizes['thumbnail']['crop'] = false; + } + + // Only load PDFs in an image editor if we're processing sizes. + if ( ! empty( $merged_sizes ) ) { + $editor = wp_get_image_editor( $file ); + + if ( ! is_wp_error( $editor ) ) { // No support for this type of file. + /* + * PDFs may have the same file filename as JPEGs. + * Ensure the PDF preview image does not overwrite any JPEG images that already exist. + */ + $dirname = dirname( $file ) . '/'; + $ext = '.' . pathinfo( $file, PATHINFO_EXTENSION ); + $preview_file = $dirname . wp_unique_filename( $dirname, wp_basename( $file, $ext ) . '-pdf.jpg' ); + + $uploaded = $editor->save( $preview_file, 'image/jpeg' ); + unset( $editor ); + + // Resize based on the full size image, rather than the source. + if ( ! is_wp_error( $uploaded ) ) { + $image_file = $uploaded['path']; + unset( $uploaded['path'] ); + + $metadata['sizes'] = array( + 'full' => $uploaded, + ); + + // Save the meta data before any image post-processing errors could happen. + wp_update_attachment_metadata( $attachment_id, $metadata ); + + // Create sub-sizes saving the image meta after each. + $metadata = _wp_make_subsizes( $merged_sizes, $image_file, $metadata, $attachment_id ); + } + } + } + } + + // Remove the blob of binary data from the array. + unset( $metadata['image']['data'] ); + + // Capture file size for cases where it has not been captured yet, such as PDFs. + if ( ! isset( $metadata['filesize'] ) && file_exists( $file ) ) { + $metadata['filesize'] = wp_filesize( $file ); + } + + /** + * Filters the generated attachment meta data. + * + * @since 2.1.0 + * @since 5.3.0 The `$context` parameter was added. + * + * @param array $metadata An array of attachment meta data. + * @param int $attachment_id Current attachment ID. + * @param string $context Additional context. Can be 'create' when metadata was initially created for new attachment + * or 'update' when the metadata was updated. + */ + return apply_filters( 'wp_generate_attachment_metadata', $metadata, $attachment_id, 'create' ); +} + +/** + * Converts a fraction string to a decimal. + * + * @since 2.5.0 + * + * @param string $str Fraction string. + * @return int|float Returns calculated fraction or integer 0 on invalid input. + */ +function wp_exif_frac2dec( $str ) { + if ( ! is_scalar( $str ) || is_bool( $str ) ) { + return 0; + } + + if ( ! is_string( $str ) ) { + return $str; // This can only be an integer or float, so this is fine. + } + + // Fractions passed as a string must contain a single `/`. + if ( substr_count( $str, '/' ) !== 1 ) { + if ( is_numeric( $str ) ) { + return (float) $str; + } + + return 0; + } + + list( $numerator, $denominator ) = explode( '/', $str ); + + // Both the numerator and the denominator must be numbers. + if ( ! is_numeric( $numerator ) || ! is_numeric( $denominator ) ) { + return 0; + } + + // The denominator must not be zero. + if ( 0 == $denominator ) { // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual -- Deliberate loose comparison. + return 0; + } + + return $numerator / $denominator; +} + +/** + * Converts the exif date format to a unix timestamp. + * + * @since 2.5.0 + * + * @param string $str A date string expected to be in Exif format (Y:m:d H:i:s). + * @return int|false The unix timestamp, or false on failure. + */ +function wp_exif_date2ts( $str ) { + list( $date, $time ) = explode( ' ', trim( $str ) ); + list( $y, $m, $d ) = explode( ':', $date ); + + return strtotime( "{$y}-{$m}-{$d} {$time}" ); +} + +/** + * Gets extended image metadata, exif or iptc as available. + * + * Retrieves the EXIF metadata aperture, credit, camera, caption, copyright, iso + * created_timestamp, focal_length, shutter_speed, and title. + * + * The IPTC metadata that is retrieved is APP13, credit, byline, created date + * and time, caption, copyright, and title. Also includes FNumber, Model, + * DateTimeDigitized, FocalLength, ISOSpeedRatings, and ExposureTime. + * + * @todo Try other exif libraries if available. + * @since 2.5.0 + * + * @param string $file + * @return array|false Image metadata array on success, false on failure. + */ +function wp_read_image_metadata( $file ) { + if ( ! file_exists( $file ) ) { + return false; + } + + list( , , $image_type ) = wp_getimagesize( $file ); + + /* + * EXIF contains a bunch of data we'll probably never need formatted in ways + * that are difficult to use. We'll normalize it and just extract the fields + * that are likely to be useful. Fractions and numbers are converted to + * floats, dates to unix timestamps, and everything else to strings. + */ + $meta = array( + 'aperture' => 0, + 'credit' => '', + 'camera' => '', + 'caption' => '', + 'created_timestamp' => 0, + 'copyright' => '', + 'focal_length' => 0, + 'iso' => 0, + 'shutter_speed' => 0, + 'title' => '', + 'orientation' => 0, + 'keywords' => array(), + ); + + $iptc = array(); + $info = array(); + /* + * Read IPTC first, since it might contain data not available in exif such + * as caption, description etc. + */ + if ( is_callable( 'iptcparse' ) ) { + wp_getimagesize( $file, $info ); + + if ( ! empty( $info['APP13'] ) ) { + // Don't silence errors when in debug mode, unless running unit tests. + if ( defined( 'WP_DEBUG' ) && WP_DEBUG + && ! defined( 'WP_RUN_CORE_TESTS' ) + ) { + $iptc = iptcparse( $info['APP13'] ); + } else { + // Silencing notice and warning is intentional. See https://core.trac.wordpress.org/ticket/42480 + $iptc = @iptcparse( $info['APP13'] ); + } + + if ( ! is_array( $iptc ) ) { + $iptc = array(); + } + + // Headline, "A brief synopsis of the caption". + if ( ! empty( $iptc['2#105'][0] ) ) { + $meta['title'] = trim( $iptc['2#105'][0] ); + /* + * Title, "Many use the Title field to store the filename of the image, + * though the field may be used in many ways". + */ + } elseif ( ! empty( $iptc['2#005'][0] ) ) { + $meta['title'] = trim( $iptc['2#005'][0] ); + } + + if ( ! empty( $iptc['2#120'][0] ) ) { // Description / legacy caption. + $caption = trim( $iptc['2#120'][0] ); + + mbstring_binary_safe_encoding(); + $caption_length = strlen( $caption ); + reset_mbstring_encoding(); + + if ( empty( $meta['title'] ) && $caption_length < 80 ) { + // Assume the title is stored in 2:120 if it's short. + $meta['title'] = $caption; + } + + $meta['caption'] = $caption; + } + + if ( ! empty( $iptc['2#110'][0] ) ) { // Credit. + $meta['credit'] = trim( $iptc['2#110'][0] ); + } elseif ( ! empty( $iptc['2#080'][0] ) ) { // Creator / legacy byline. + $meta['credit'] = trim( $iptc['2#080'][0] ); + } + + if ( ! empty( $iptc['2#055'][0] ) && ! empty( $iptc['2#060'][0] ) ) { // Created date and time. + $meta['created_timestamp'] = strtotime( $iptc['2#055'][0] . ' ' . $iptc['2#060'][0] ); + } + + if ( ! empty( $iptc['2#116'][0] ) ) { // Copyright. + $meta['copyright'] = trim( $iptc['2#116'][0] ); + } + + if ( ! empty( $iptc['2#025'][0] ) ) { // Keywords array. + $meta['keywords'] = array_values( $iptc['2#025'] ); + } + } + } + + $exif = array(); + + /** + * Filters the image types to check for exif data. + * + * @since 2.5.0 + * + * @param int[] $image_types Array of image types to check for exif data. Each value + * is usually one of the `IMAGETYPE_*` constants. + */ + $exif_image_types = apply_filters( 'wp_read_image_metadata_types', array( IMAGETYPE_JPEG, IMAGETYPE_TIFF_II, IMAGETYPE_TIFF_MM ) ); + + if ( is_callable( 'exif_read_data' ) && in_array( $image_type, $exif_image_types, true ) ) { + // Don't silence errors when in debug mode, unless running unit tests. + if ( defined( 'WP_DEBUG' ) && WP_DEBUG + && ! defined( 'WP_RUN_CORE_TESTS' ) + ) { + $exif = exif_read_data( $file ); + } else { + // Silencing notice and warning is intentional. See https://core.trac.wordpress.org/ticket/42480 + $exif = @exif_read_data( $file ); + } + + if ( ! is_array( $exif ) ) { + $exif = array(); + } + + if ( ! empty( $exif['ImageDescription'] ) ) { + mbstring_binary_safe_encoding(); + $description_length = strlen( $exif['ImageDescription'] ); + reset_mbstring_encoding(); + + if ( empty( $meta['title'] ) && $description_length < 80 ) { + // Assume the title is stored in ImageDescription. + $meta['title'] = trim( $exif['ImageDescription'] ); + } + + if ( empty( $meta['caption'] ) && ! empty( $exif['COMPUTED']['UserComment'] ) ) { + $meta['caption'] = trim( $exif['COMPUTED']['UserComment'] ); + } + + if ( empty( $meta['caption'] ) ) { + $meta['caption'] = trim( $exif['ImageDescription'] ); + } + } elseif ( empty( $meta['caption'] ) && ! empty( $exif['Comments'] ) ) { + $meta['caption'] = trim( $exif['Comments'] ); + } + + if ( empty( $meta['credit'] ) ) { + if ( ! empty( $exif['Artist'] ) ) { + $meta['credit'] = trim( $exif['Artist'] ); + } elseif ( ! empty( $exif['Author'] ) ) { + $meta['credit'] = trim( $exif['Author'] ); + } + } + + if ( empty( $meta['copyright'] ) && ! empty( $exif['Copyright'] ) ) { + $meta['copyright'] = trim( $exif['Copyright'] ); + } + if ( ! empty( $exif['FNumber'] ) && is_scalar( $exif['FNumber'] ) ) { + $meta['aperture'] = round( wp_exif_frac2dec( $exif['FNumber'] ), 2 ); + } + if ( ! empty( $exif['Model'] ) ) { + $meta['camera'] = trim( $exif['Model'] ); + } + if ( empty( $meta['created_timestamp'] ) && ! empty( $exif['DateTimeDigitized'] ) ) { + $meta['created_timestamp'] = wp_exif_date2ts( $exif['DateTimeDigitized'] ); + } + if ( ! empty( $exif['FocalLength'] ) ) { + $meta['focal_length'] = (string) $exif['FocalLength']; + if ( is_scalar( $exif['FocalLength'] ) ) { + $meta['focal_length'] = (string) wp_exif_frac2dec( $exif['FocalLength'] ); + } + } + if ( ! empty( $exif['ISOSpeedRatings'] ) ) { + $meta['iso'] = is_array( $exif['ISOSpeedRatings'] ) ? reset( $exif['ISOSpeedRatings'] ) : $exif['ISOSpeedRatings']; + $meta['iso'] = trim( $meta['iso'] ); + } + if ( ! empty( $exif['ExposureTime'] ) ) { + $meta['shutter_speed'] = (string) $exif['ExposureTime']; + if ( is_scalar( $exif['ExposureTime'] ) ) { + $meta['shutter_speed'] = (string) wp_exif_frac2dec( $exif['ExposureTime'] ); + } + } + if ( ! empty( $exif['Orientation'] ) ) { + $meta['orientation'] = $exif['Orientation']; + } + } + + foreach ( array( 'title', 'caption', 'credit', 'copyright', 'camera', 'iso' ) as $key ) { + if ( $meta[ $key ] && ! seems_utf8( $meta[ $key ] ) ) { + $meta[ $key ] = utf8_encode( $meta[ $key ] ); + } + } + + foreach ( $meta['keywords'] as $key => $keyword ) { + if ( ! seems_utf8( $keyword ) ) { + $meta['keywords'][ $key ] = utf8_encode( $keyword ); + } + } + + $meta = wp_kses_post_deep( $meta ); + + /** + * Filters the array of meta data read from an image's exif data. + * + * @since 2.5.0 + * @since 4.4.0 The `$iptc` parameter was added. + * @since 5.0.0 The `$exif` parameter was added. + * + * @param array $meta Image meta data. + * @param string $file Path to image file. + * @param int $image_type Type of image, one of the `IMAGETYPE_XXX` constants. + * @param array $iptc IPTC data. + * @param array $exif EXIF data. + */ + return apply_filters( 'wp_read_image_metadata', $meta, $file, $image_type, $iptc, $exif ); +} + +/** + * Validates that file is an image. + * + * @since 2.5.0 + * + * @param string $path File path to test if valid image. + * @return bool True if valid image, false if not valid image. + */ +function file_is_valid_image( $path ) { + $size = wp_getimagesize( $path ); + return ! empty( $size ); +} + +/** + * Validates that file is suitable for displaying within a web page. + * + * @since 2.5.0 + * + * @param string $path File path to test. + * @return bool True if suitable, false if not suitable. + */ +function file_is_displayable_image( $path ) { + $displayable_image_types = array( IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG, IMAGETYPE_BMP, IMAGETYPE_ICO, IMAGETYPE_WEBP ); + + $info = wp_getimagesize( $path ); + if ( empty( $info ) ) { + $result = false; + } elseif ( ! in_array( $info[2], $displayable_image_types, true ) ) { + $result = false; + } else { + $result = true; + } + + /** + * Filters whether the current image is displayable in the browser. + * + * @since 2.5.0 + * + * @param bool $result Whether the image can be displayed. Default true. + * @param string $path Path to the image. + */ + return apply_filters( 'file_is_displayable_image', $result, $path ); +} + +/** + * Loads an image resource for editing. + * + * @since 2.9.0 + * + * @param int $attachment_id Attachment ID. + * @param string $mime_type Image mime type. + * @param string|int[] $size Optional. Image size. Accepts any registered image size name, or an array + * of width and height values in pixels (in that order). Default 'full'. + * @return resource|GdImage|false The resulting image resource or GdImage instance on success, + * false on failure. + */ +function load_image_to_edit( $attachment_id, $mime_type, $size = 'full' ) { + $filepath = _load_image_to_edit_path( $attachment_id, $size ); + if ( empty( $filepath ) ) { + return false; + } + + switch ( $mime_type ) { + case 'image/jpeg': + $image = imagecreatefromjpeg( $filepath ); + break; + case 'image/png': + $image = imagecreatefrompng( $filepath ); + break; + case 'image/gif': + $image = imagecreatefromgif( $filepath ); + break; + case 'image/webp': + $image = false; + if ( function_exists( 'imagecreatefromwebp' ) ) { + $image = imagecreatefromwebp( $filepath ); + } + break; + default: + $image = false; + break; + } + + if ( is_gd_image( $image ) ) { + /** + * Filters the current image being loaded for editing. + * + * @since 2.9.0 + * + * @param resource|GdImage $image Current image. + * @param int $attachment_id Attachment ID. + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + */ + $image = apply_filters( 'load_image_to_edit', $image, $attachment_id, $size ); + + if ( function_exists( 'imagealphablending' ) && function_exists( 'imagesavealpha' ) ) { + imagealphablending( $image, false ); + imagesavealpha( $image, true ); + } + } + + return $image; +} + +/** + * Retrieves the path or URL of an attachment's attached file. + * + * If the attached file is not present on the local filesystem (usually due to replication plugins), + * then the URL of the file is returned if `allow_url_fopen` is supported. + * + * @since 3.4.0 + * @access private + * + * @param int $attachment_id Attachment ID. + * @param string|int[] $size Optional. Image size. Accepts any registered image size name, or an array + * of width and height values in pixels (in that order). Default 'full'. + * @return string|false File path or URL on success, false on failure. + */ +function _load_image_to_edit_path( $attachment_id, $size = 'full' ) { + $filepath = get_attached_file( $attachment_id ); + + if ( $filepath && file_exists( $filepath ) ) { + if ( 'full' !== $size ) { + $data = image_get_intermediate_size( $attachment_id, $size ); + + if ( $data ) { + $filepath = path_join( dirname( $filepath ), $data['file'] ); + + /** + * Filters the path to an attachment's file when editing the image. + * + * The filter is evaluated for all image sizes except 'full'. + * + * @since 3.1.0 + * + * @param string $path Path to the current image. + * @param int $attachment_id Attachment ID. + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + */ + $filepath = apply_filters( 'load_image_to_edit_filesystempath', $filepath, $attachment_id, $size ); + } + } + } elseif ( function_exists( 'fopen' ) && ini_get( 'allow_url_fopen' ) ) { + /** + * Filters the path to an attachment's URL when editing the image. + * + * The filter is only evaluated if the file isn't stored locally and `allow_url_fopen` is enabled on the server. + * + * @since 3.1.0 + * + * @param string|false $image_url Current image URL. + * @param int $attachment_id Attachment ID. + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + */ + $filepath = apply_filters( 'load_image_to_edit_attachmenturl', wp_get_attachment_url( $attachment_id ), $attachment_id, $size ); + } + + /** + * Filters the returned path or URL of the current image. + * + * @since 2.9.0 + * + * @param string|false $filepath File path or URL to current image, or false. + * @param int $attachment_id Attachment ID. + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + */ + return apply_filters( 'load_image_to_edit_path', $filepath, $attachment_id, $size ); +} + +/** + * Copies an existing image file. + * + * @since 3.4.0 + * @access private + * + * @param int $attachment_id Attachment ID. + * @return string|false New file path on success, false on failure. + */ +function _copy_image_file( $attachment_id ) { + $dst_file = get_attached_file( $attachment_id ); + $src_file = $dst_file; + + if ( ! file_exists( $src_file ) ) { + $src_file = _load_image_to_edit_path( $attachment_id ); + } + + if ( $src_file ) { + $dst_file = str_replace( wp_basename( $dst_file ), 'copy-' . wp_basename( $dst_file ), $dst_file ); + $dst_file = dirname( $dst_file ) . '/' . wp_unique_filename( dirname( $dst_file ), wp_basename( $dst_file ) ); + + /* + * The directory containing the original file may no longer + * exist when using a replication plugin. + */ + wp_mkdir_p( dirname( $dst_file ) ); + + if ( ! copy( $src_file, $dst_file ) ) { + $dst_file = false; + } + } else { + $dst_file = false; + } + + return $dst_file; +} diff --git a/wp-admin/includes/import.php b/wp-admin/includes/import.php new file mode 100644 index 0000000..87ee00e --- /dev/null +++ b/wp-admin/includes/import.php @@ -0,0 +1,232 @@ +<?php +/** + * WordPress Administration Importer API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Retrieves the list of importers. + * + * @since 2.0.0 + * + * @global array $wp_importers + * @return array + */ +function get_importers() { + global $wp_importers; + if ( is_array( $wp_importers ) ) { + uasort( $wp_importers, '_usort_by_first_member' ); + } + return $wp_importers; +} + +/** + * Sorts a multidimensional array by first member of each top level member. + * + * Used by uasort() as a callback, should not be used directly. + * + * @since 2.9.0 + * @access private + * + * @param array $a + * @param array $b + * @return int + */ +function _usort_by_first_member( $a, $b ) { + return strnatcasecmp( $a[0], $b[0] ); +} + +/** + * Registers importer for WordPress. + * + * @since 2.0.0 + * + * @global array $wp_importers + * + * @param string $id Importer tag. Used to uniquely identify importer. + * @param string $name Importer name and title. + * @param string $description Importer description. + * @param callable $callback Callback to run. + * @return void|WP_Error Void on success. WP_Error when $callback is WP_Error. + */ +function register_importer( $id, $name, $description, $callback ) { + global $wp_importers; + if ( is_wp_error( $callback ) ) { + return $callback; + } + $wp_importers[ $id ] = array( $name, $description, $callback ); +} + +/** + * Cleanup importer. + * + * Removes attachment based on ID. + * + * @since 2.0.0 + * + * @param string $id Importer ID. + */ +function wp_import_cleanup( $id ) { + wp_delete_attachment( $id ); +} + +/** + * Handles importer uploading and adds attachment. + * + * @since 2.0.0 + * + * @return array Uploaded file's details on success, error message on failure. + */ +function wp_import_handle_upload() { + if ( ! isset( $_FILES['import'] ) ) { + return array( + 'error' => sprintf( + /* translators: 1: php.ini, 2: post_max_size, 3: upload_max_filesize */ + __( 'File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your %1$s file or by %2$s being defined as smaller than %3$s in %1$s.' ), + 'php.ini', + 'post_max_size', + 'upload_max_filesize' + ), + ); + } + + $overrides = array( + 'test_form' => false, + 'test_type' => false, + ); + $_FILES['import']['name'] .= '.txt'; + $upload = wp_handle_upload( $_FILES['import'], $overrides ); + + if ( isset( $upload['error'] ) ) { + return $upload; + } + + // Construct the attachment array. + $attachment = array( + 'post_title' => wp_basename( $upload['file'] ), + 'post_content' => $upload['url'], + 'post_mime_type' => $upload['type'], + 'guid' => $upload['url'], + 'context' => 'import', + 'post_status' => 'private', + ); + + // Save the data. + $id = wp_insert_attachment( $attachment, $upload['file'] ); + + /* + * Schedule a cleanup for one day from now in case of failed + * import or missing wp_import_cleanup() call. + */ + wp_schedule_single_event( time() + DAY_IN_SECONDS, 'importer_scheduled_cleanup', array( $id ) ); + + return array( + 'file' => $upload['file'], + 'id' => $id, + ); +} + +/** + * Returns a list from WordPress.org of popular importer plugins. + * + * @since 3.5.0 + * + * @return array Importers with metadata for each. + */ +function wp_get_popular_importers() { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $locale = get_user_locale(); + $cache_key = 'popular_importers_' . md5( $locale . $wp_version ); + $popular_importers = get_site_transient( $cache_key ); + + if ( ! $popular_importers ) { + $url = add_query_arg( + array( + 'locale' => $locale, + 'version' => $wp_version, + ), + 'http://api.wordpress.org/core/importers/1.1/' + ); + $options = array( 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ) ); + + if ( wp_http_supports( array( 'ssl' ) ) ) { + $url = set_url_scheme( $url, 'https' ); + } + + $response = wp_remote_get( $url, $options ); + $popular_importers = json_decode( wp_remote_retrieve_body( $response ), true ); + + if ( is_array( $popular_importers ) ) { + set_site_transient( $cache_key, $popular_importers, 2 * DAY_IN_SECONDS ); + } else { + $popular_importers = false; + } + } + + if ( is_array( $popular_importers ) ) { + // If the data was received as translated, return it as-is. + if ( $popular_importers['translated'] ) { + return $popular_importers['importers']; + } + + foreach ( $popular_importers['importers'] as &$importer ) { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText + $importer['description'] = translate( $importer['description'] ); + if ( 'WordPress' !== $importer['name'] ) { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText + $importer['name'] = translate( $importer['name'] ); + } + } + return $popular_importers['importers']; + } + + return array( + // slug => name, description, plugin slug, and register_importer() slug. + 'blogger' => array( + 'name' => __( 'Blogger' ), + 'description' => __( 'Import posts, comments, and users from a Blogger blog.' ), + 'plugin-slug' => 'blogger-importer', + 'importer-id' => 'blogger', + ), + 'wpcat2tag' => array( + 'name' => __( 'Categories and Tags Converter' ), + 'description' => __( 'Convert existing categories to tags or tags to categories, selectively.' ), + 'plugin-slug' => 'wpcat2tag-importer', + 'importer-id' => 'wp-cat2tag', + ), + 'livejournal' => array( + 'name' => __( 'LiveJournal' ), + 'description' => __( 'Import posts from LiveJournal using their API.' ), + 'plugin-slug' => 'livejournal-importer', + 'importer-id' => 'livejournal', + ), + 'movabletype' => array( + 'name' => __( 'Movable Type and TypePad' ), + 'description' => __( 'Import posts and comments from a Movable Type or TypePad blog.' ), + 'plugin-slug' => 'movabletype-importer', + 'importer-id' => 'mt', + ), + 'rss' => array( + 'name' => __( 'RSS' ), + 'description' => __( 'Import posts from an RSS feed.' ), + 'plugin-slug' => 'rss-importer', + 'importer-id' => 'rss', + ), + 'tumblr' => array( + 'name' => __( 'Tumblr' ), + 'description' => __( 'Import posts & media from Tumblr using their API.' ), + 'plugin-slug' => 'tumblr-importer', + 'importer-id' => 'tumblr', + ), + 'wordpress' => array( + 'name' => 'WordPress', + 'description' => __( 'Import posts, pages, comments, custom fields, categories, and tags from a WordPress export file.' ), + 'plugin-slug' => 'wordpress-importer', + 'importer-id' => 'wordpress', + ), + ); +} diff --git a/wp-admin/includes/list-table.php b/wp-admin/includes/list-table.php new file mode 100644 index 0000000..1e2c190 --- /dev/null +++ b/wp-admin/includes/list-table.php @@ -0,0 +1,108 @@ +<?php +/** + * Helper functions for displaying a list of items in an ajaxified HTML table. + * + * @package WordPress + * @subpackage List_Table + * @since 3.1.0 + */ + +/** + * Fetches an instance of a WP_List_Table class. + * + * @since 3.1.0 + * + * @global string $hook_suffix + * + * @param string $class_name The type of the list table, which is the class name. + * @param array $args Optional. Arguments to pass to the class. Accepts 'screen'. + * @return WP_List_Table|false List table object on success, false if the class does not exist. + */ +function _get_list_table( $class_name, $args = array() ) { + $core_classes = array( + // Site Admin. + 'WP_Posts_List_Table' => 'posts', + 'WP_Media_List_Table' => 'media', + 'WP_Terms_List_Table' => 'terms', + 'WP_Users_List_Table' => 'users', + 'WP_Comments_List_Table' => 'comments', + 'WP_Post_Comments_List_Table' => array( 'comments', 'post-comments' ), + 'WP_Links_List_Table' => 'links', + 'WP_Plugin_Install_List_Table' => 'plugin-install', + 'WP_Themes_List_Table' => 'themes', + 'WP_Theme_Install_List_Table' => array( 'themes', 'theme-install' ), + 'WP_Plugins_List_Table' => 'plugins', + 'WP_Application_Passwords_List_Table' => 'application-passwords', + + // Network Admin. + 'WP_MS_Sites_List_Table' => 'ms-sites', + 'WP_MS_Users_List_Table' => 'ms-users', + 'WP_MS_Themes_List_Table' => 'ms-themes', + + // Privacy requests tables. + 'WP_Privacy_Data_Export_Requests_List_Table' => 'privacy-data-export-requests', + 'WP_Privacy_Data_Removal_Requests_List_Table' => 'privacy-data-removal-requests', + ); + + if ( isset( $core_classes[ $class_name ] ) ) { + foreach ( (array) $core_classes[ $class_name ] as $required ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-' . $required . '-list-table.php'; + } + + if ( isset( $args['screen'] ) ) { + $args['screen'] = convert_to_screen( $args['screen'] ); + } elseif ( isset( $GLOBALS['hook_suffix'] ) ) { + $args['screen'] = get_current_screen(); + } else { + $args['screen'] = null; + } + + /** + * Filters the list table class to instantiate. + * + * @since 6.1.0 + * + * @param string $class_name The list table class to use. + * @param array $args An array containing _get_list_table() arguments. + */ + $custom_class_name = apply_filters( 'wp_list_table_class_name', $class_name, $args ); + + if ( is_string( $custom_class_name ) && class_exists( $custom_class_name ) ) { + $class_name = $custom_class_name; + } + + return new $class_name( $args ); + } + + return false; +} + +/** + * Register column headers for a particular screen. + * + * @see get_column_headers(), print_column_headers(), get_hidden_columns() + * + * @since 2.7.0 + * + * @param string $screen The handle for the screen to register column headers for. This is + * usually the hook name returned by the `add_*_page()` functions. + * @param string[] $columns An array of columns with column IDs as the keys and translated + * column names as the values. + */ +function register_column_headers( $screen, $columns ) { + new _WP_List_Table_Compat( $screen, $columns ); +} + +/** + * Prints column headers for a particular screen. + * + * @since 2.7.0 + * + * @param string|WP_Screen $screen The screen hook name or screen object. + * @param bool $with_id Whether to set the ID attribute or not. + */ +function print_column_headers( $screen, $with_id = true ) { + $wp_list_table = new _WP_List_Table_Compat( $screen ); + + $wp_list_table->print_column_headers( $with_id ); +} diff --git a/wp-admin/includes/media.php b/wp-admin/includes/media.php new file mode 100644 index 0000000..e7b4c10 --- /dev/null +++ b/wp-admin/includes/media.php @@ -0,0 +1,3866 @@ +<?php +/** + * WordPress Administration Media API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Defines the default media upload tabs. + * + * @since 2.5.0 + * + * @return string[] Default tabs. + */ +function media_upload_tabs() { + $_default_tabs = array( + 'type' => __( 'From Computer' ), // Handler action suffix => tab text. + 'type_url' => __( 'From URL' ), + 'gallery' => __( 'Gallery' ), + 'library' => __( 'Media Library' ), + ); + + /** + * Filters the available tabs in the legacy (pre-3.5.0) media popup. + * + * @since 2.5.0 + * + * @param string[] $_default_tabs An array of media tabs. + */ + return apply_filters( 'media_upload_tabs', $_default_tabs ); +} + +/** + * Adds the gallery tab back to the tabs array if post has image attachments. + * + * @since 2.5.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param array $tabs + * @return array $tabs with gallery if post has image attachment + */ +function update_gallery_tab( $tabs ) { + global $wpdb; + + if ( ! isset( $_REQUEST['post_id'] ) ) { + unset( $tabs['gallery'] ); + return $tabs; + } + + $post_id = (int) $_REQUEST['post_id']; + + if ( $post_id ) { + $attachments = (int) $wpdb->get_var( $wpdb->prepare( "SELECT count(*) FROM $wpdb->posts WHERE post_type = 'attachment' AND post_status != 'trash' AND post_parent = %d", $post_id ) ); + } + + if ( empty( $attachments ) ) { + unset( $tabs['gallery'] ); + return $tabs; + } + + /* translators: %s: Number of attachments. */ + $tabs['gallery'] = sprintf( __( 'Gallery (%s)' ), "<span id='attachments-count'>$attachments</span>" ); + + return $tabs; +} + +/** + * Outputs the legacy media upload tabs UI. + * + * @since 2.5.0 + * + * @global string $redir_tab + */ +function the_media_upload_tabs() { + global $redir_tab; + $tabs = media_upload_tabs(); + $default = 'type'; + + if ( ! empty( $tabs ) ) { + echo "<ul id='sidemenu'>\n"; + + if ( isset( $redir_tab ) && array_key_exists( $redir_tab, $tabs ) ) { + $current = $redir_tab; + } elseif ( isset( $_GET['tab'] ) && array_key_exists( $_GET['tab'], $tabs ) ) { + $current = $_GET['tab']; + } else { + /** This filter is documented in wp-admin/media-upload.php */ + $current = apply_filters( 'media_upload_default_tab', $default ); + } + + foreach ( $tabs as $callback => $text ) { + $class = ''; + + if ( $current == $callback ) { + $class = " class='current'"; + } + + $href = add_query_arg( + array( + 'tab' => $callback, + 's' => false, + 'paged' => false, + 'post_mime_type' => false, + 'm' => false, + ) + ); + $link = "<a href='" . esc_url( $href ) . "'$class>$text</a>"; + echo "\t<li id='" . esc_attr( "tab-$callback" ) . "'>$link</li>\n"; + } + + echo "</ul>\n"; + } +} + +/** + * Retrieves the image HTML to send to the editor. + * + * @since 2.5.0 + * + * @param int $id Image attachment ID. + * @param string $caption Image caption. + * @param string $title Image title attribute. + * @param string $align Image CSS alignment property. + * @param string $url Optional. Image src URL. Default empty. + * @param bool|string $rel Optional. Value for rel attribute or whether to add a default value. Default false. + * @param string|int[] $size Optional. Image size. Accepts any registered image size name, or an array of + * width and height values in pixels (in that order). Default 'medium'. + * @param string $alt Optional. Image alt attribute. Default empty. + * @return string The HTML output to insert into the editor. + */ +function get_image_send_to_editor( $id, $caption, $title, $align, $url = '', $rel = false, $size = 'medium', $alt = '' ) { + + $html = get_image_tag( $id, $alt, '', $align, $size ); + + if ( $rel ) { + if ( is_string( $rel ) ) { + $rel = ' rel="' . esc_attr( $rel ) . '"'; + } else { + $rel = ' rel="attachment wp-att-' . (int) $id . '"'; + } + } else { + $rel = ''; + } + + if ( $url ) { + $html = '<a href="' . esc_url( $url ) . '"' . $rel . '>' . $html . '</a>'; + } + + /** + * Filters the image HTML markup to send to the editor when inserting an image. + * + * @since 2.5.0 + * @since 5.6.0 The `$rel` parameter was added. + * + * @param string $html The image HTML markup to send. + * @param int $id The attachment ID. + * @param string $caption The image caption. + * @param string $title The image title. + * @param string $align The image alignment. + * @param string $url The image source URL. + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + * @param string $alt The image alternative, or alt, text. + * @param string $rel The image rel attribute. + */ + $html = apply_filters( 'image_send_to_editor', $html, $id, $caption, $title, $align, $url, $size, $alt, $rel ); + + return $html; +} + +/** + * Adds image shortcode with caption to editor. + * + * @since 2.6.0 + * + * @param string $html The image HTML markup to send. + * @param int $id Image attachment ID. + * @param string $caption Image caption. + * @param string $title Image title attribute (not used). + * @param string $align Image CSS alignment property. + * @param string $url Image source URL (not used). + * @param string $size Image size (not used). + * @param string $alt Image `alt` attribute (not used). + * @return string The image HTML markup with caption shortcode. + */ +function image_add_caption( $html, $id, $caption, $title, $align, $url, $size, $alt = '' ) { + + /** + * Filters the caption text. + * + * Note: If the caption text is empty, the caption shortcode will not be appended + * to the image HTML when inserted into the editor. + * + * Passing an empty value also prevents the {@see 'image_add_caption_shortcode'} + * Filters from being evaluated at the end of image_add_caption(). + * + * @since 4.1.0 + * + * @param string $caption The original caption text. + * @param int $id The attachment ID. + */ + $caption = apply_filters( 'image_add_caption_text', $caption, $id ); + + /** + * Filters whether to disable captions. + * + * Prevents image captions from being appended to image HTML when inserted into the editor. + * + * @since 2.6.0 + * + * @param bool $bool Whether to disable appending captions. Returning true from the filter + * will disable captions. Default empty string. + */ + if ( empty( $caption ) || apply_filters( 'disable_captions', '' ) ) { + return $html; + } + + $id = ( 0 < (int) $id ) ? 'attachment_' . $id : ''; + + if ( ! preg_match( '/width=["\']([0-9]+)/', $html, $matches ) ) { + return $html; + } + + $width = $matches[1]; + + $caption = str_replace( array( "\r\n", "\r" ), "\n", $caption ); + $caption = preg_replace_callback( '/<[a-zA-Z0-9]+(?: [^<>]+>)*/', '_cleanup_image_add_caption', $caption ); + + // Convert any remaining line breaks to <br />. + $caption = preg_replace( '/[ \n\t]*\n[ \t]*/', '<br />', $caption ); + + $html = preg_replace( '/(class=["\'][^\'"]*)align(none|left|right|center)\s?/', '$1', $html ); + if ( empty( $align ) ) { + $align = 'none'; + } + + $shcode = '[caption id="' . $id . '" align="align' . $align . '" width="' . $width . '"]' . $html . ' ' . $caption . '[/caption]'; + + /** + * Filters the image HTML markup including the caption shortcode. + * + * @since 2.6.0 + * + * @param string $shcode The image HTML markup with caption shortcode. + * @param string $html The image HTML markup. + */ + return apply_filters( 'image_add_caption_shortcode', $shcode, $html ); +} + +/** + * Private preg_replace callback used in image_add_caption(). + * + * @access private + * @since 3.4.0 + * + * @param array $matches Single regex match. + * @return string Cleaned up HTML for caption. + */ +function _cleanup_image_add_caption( $matches ) { + // Remove any line breaks from inside the tags. + return preg_replace( '/[\r\n\t]+/', ' ', $matches[0] ); +} + +/** + * Adds image HTML to editor. + * + * @since 2.5.0 + * + * @param string $html + */ +function media_send_to_editor( $html ) { + ?> + <script type="text/javascript"> + var win = window.dialogArguments || opener || parent || top; + win.send_to_editor( <?php echo wp_json_encode( $html ); ?> ); + </script> + <?php + exit; +} + +/** + * Saves a file submitted from a POST request and create an attachment post for it. + * + * @since 2.5.0 + * + * @param string $file_id Index of the `$_FILES` array that the file was sent. + * @param int $post_id The post ID of a post to attach the media item to. Required, but can + * be set to 0, creating a media item that has no relationship to a post. + * @param array $post_data Optional. Overwrite some of the attachment. + * @param array $overrides Optional. Override the wp_handle_upload() behavior. + * @return int|WP_Error ID of the attachment or a WP_Error object on failure. + */ +function media_handle_upload( $file_id, $post_id, $post_data = array(), $overrides = array( 'test_form' => false ) ) { + $time = current_time( 'mysql' ); + $post = get_post( $post_id ); + + if ( $post ) { + // The post date doesn't usually matter for pages, so don't backdate this upload. + if ( 'page' !== $post->post_type && substr( $post->post_date, 0, 4 ) > 0 ) { + $time = $post->post_date; + } + } + + $file = wp_handle_upload( $_FILES[ $file_id ], $overrides, $time ); + + if ( isset( $file['error'] ) ) { + return new WP_Error( 'upload_error', $file['error'] ); + } + + $name = $_FILES[ $file_id ]['name']; + $ext = pathinfo( $name, PATHINFO_EXTENSION ); + $name = wp_basename( $name, ".$ext" ); + + $url = $file['url']; + $type = $file['type']; + $file = $file['file']; + $title = sanitize_text_field( $name ); + $content = ''; + $excerpt = ''; + + if ( preg_match( '#^audio#', $type ) ) { + $meta = wp_read_audio_metadata( $file ); + + if ( ! empty( $meta['title'] ) ) { + $title = $meta['title']; + } + + if ( ! empty( $title ) ) { + + if ( ! empty( $meta['album'] ) && ! empty( $meta['artist'] ) ) { + /* translators: 1: Audio track title, 2: Album title, 3: Artist name. */ + $content .= sprintf( __( '"%1$s" from %2$s by %3$s.' ), $title, $meta['album'], $meta['artist'] ); + } elseif ( ! empty( $meta['album'] ) ) { + /* translators: 1: Audio track title, 2: Album title. */ + $content .= sprintf( __( '"%1$s" from %2$s.' ), $title, $meta['album'] ); + } elseif ( ! empty( $meta['artist'] ) ) { + /* translators: 1: Audio track title, 2: Artist name. */ + $content .= sprintf( __( '"%1$s" by %2$s.' ), $title, $meta['artist'] ); + } else { + /* translators: %s: Audio track title. */ + $content .= sprintf( __( '"%s".' ), $title ); + } + } elseif ( ! empty( $meta['album'] ) ) { + + if ( ! empty( $meta['artist'] ) ) { + /* translators: 1: Audio album title, 2: Artist name. */ + $content .= sprintf( __( '%1$s by %2$s.' ), $meta['album'], $meta['artist'] ); + } else { + $content .= $meta['album'] . '.'; + } + } elseif ( ! empty( $meta['artist'] ) ) { + + $content .= $meta['artist'] . '.'; + + } + + if ( ! empty( $meta['year'] ) ) { + /* translators: Audio file track information. %d: Year of audio track release. */ + $content .= ' ' . sprintf( __( 'Released: %d.' ), $meta['year'] ); + } + + if ( ! empty( $meta['track_number'] ) ) { + $track_number = explode( '/', $meta['track_number'] ); + + if ( is_numeric( $track_number[0] ) ) { + if ( isset( $track_number[1] ) && is_numeric( $track_number[1] ) ) { + $content .= ' ' . sprintf( + /* translators: Audio file track information. 1: Audio track number, 2: Total audio tracks. */ + __( 'Track %1$s of %2$s.' ), + number_format_i18n( $track_number[0] ), + number_format_i18n( $track_number[1] ) + ); + } else { + $content .= ' ' . sprintf( + /* translators: Audio file track information. %s: Audio track number. */ + __( 'Track %s.' ), + number_format_i18n( $track_number[0] ) + ); + } + } + } + + if ( ! empty( $meta['genre'] ) ) { + /* translators: Audio file genre information. %s: Audio genre name. */ + $content .= ' ' . sprintf( __( 'Genre: %s.' ), $meta['genre'] ); + } + + // Use image exif/iptc data for title and caption defaults if possible. + } elseif ( str_starts_with( $type, 'image/' ) ) { + $image_meta = wp_read_image_metadata( $file ); + + if ( $image_meta ) { + if ( trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) ) { + $title = $image_meta['title']; + } + + if ( trim( $image_meta['caption'] ) ) { + $excerpt = $image_meta['caption']; + } + } + } + + // Construct the attachment array. + $attachment = array_merge( + array( + 'post_mime_type' => $type, + 'guid' => $url, + 'post_parent' => $post_id, + 'post_title' => $title, + 'post_content' => $content, + 'post_excerpt' => $excerpt, + ), + $post_data + ); + + // This should never be set as it would then overwrite an existing attachment. + unset( $attachment['ID'] ); + + // Save the data. + $attachment_id = wp_insert_attachment( $attachment, $file, $post_id, true ); + + if ( ! is_wp_error( $attachment_id ) ) { + /* + * Set a custom header with the attachment_id. + * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. + */ + if ( ! headers_sent() ) { + header( 'X-WP-Upload-Attachment-ID: ' . $attachment_id ); + } + + /* + * The image sub-sizes are created during wp_generate_attachment_metadata(). + * This is generally slow and may cause timeouts or out of memory errors. + */ + wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); + } + + return $attachment_id; +} + +/** + * Handles a side-loaded file in the same way as an uploaded file is handled by media_handle_upload(). + * + * @since 2.6.0 + * @since 5.3.0 The `$post_id` parameter was made optional. + * + * @param string[] $file_array Array that represents a `$_FILES` upload array. + * @param int $post_id Optional. The post ID the media is associated with. + * @param string $desc Optional. Description of the side-loaded file. Default null. + * @param array $post_data Optional. Post data to override. Default empty array. + * @return int|WP_Error The ID of the attachment or a WP_Error on failure. + */ +function media_handle_sideload( $file_array, $post_id = 0, $desc = null, $post_data = array() ) { + $overrides = array( 'test_form' => false ); + + if ( isset( $post_data['post_date'] ) && substr( $post_data['post_date'], 0, 4 ) > 0 ) { + $time = $post_data['post_date']; + } else { + $post = get_post( $post_id ); + if ( $post && substr( $post->post_date, 0, 4 ) > 0 ) { + $time = $post->post_date; + } else { + $time = current_time( 'mysql' ); + } + } + + $file = wp_handle_sideload( $file_array, $overrides, $time ); + + if ( isset( $file['error'] ) ) { + return new WP_Error( 'upload_error', $file['error'] ); + } + + $url = $file['url']; + $type = $file['type']; + $file = $file['file']; + $title = preg_replace( '/\.[^.]+$/', '', wp_basename( $file ) ); + $content = ''; + + // Use image exif/iptc data for title and caption defaults if possible. + $image_meta = wp_read_image_metadata( $file ); + + if ( $image_meta ) { + if ( trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) ) { + $title = $image_meta['title']; + } + + if ( trim( $image_meta['caption'] ) ) { + $content = $image_meta['caption']; + } + } + + if ( isset( $desc ) ) { + $title = $desc; + } + + // Construct the attachment array. + $attachment = array_merge( + array( + 'post_mime_type' => $type, + 'guid' => $url, + 'post_parent' => $post_id, + 'post_title' => $title, + 'post_content' => $content, + ), + $post_data + ); + + // This should never be set as it would then overwrite an existing attachment. + unset( $attachment['ID'] ); + + // Save the attachment metadata. + $attachment_id = wp_insert_attachment( $attachment, $file, $post_id, true ); + + if ( ! is_wp_error( $attachment_id ) ) { + wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); + } + + return $attachment_id; +} + +/** + * Outputs the iframe to display the media upload page. + * + * @since 2.5.0 + * @since 5.3.0 Formalized the existing and already documented `...$args` parameter + * by adding it to the function signature. + * + * @global int $body_id + * + * @param callable $content_func Function that outputs the content. + * @param mixed ...$args Optional additional parameters to pass to the callback function when it's called. + */ +function wp_iframe( $content_func, ...$args ) { + _wp_admin_html_begin(); + ?> + <title><?php bloginfo( 'name' ); ?> › <?php _e( 'Uploads' ); ?> — <?php _e( 'WordPress' ); ?></title> + <?php + + wp_enqueue_style( 'colors' ); + // Check callback name for 'media'. + if ( + ( is_array( $content_func ) && ! empty( $content_func[1] ) && str_starts_with( (string) $content_func[1], 'media' ) ) || + ( ! is_array( $content_func ) && str_starts_with( $content_func, 'media' ) ) + ) { + wp_enqueue_style( 'deprecated-media' ); + } + + ?> + <script type="text/javascript"> + addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(function(){func();});else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; + var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup', + isRtl = <?php echo (int) is_rtl(); ?>; + </script> + <?php + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_enqueue_scripts', 'media-upload-popup' ); + + /** + * Fires when admin styles enqueued for the legacy (pre-3.5.0) media upload popup are printed. + * + * @since 2.9.0 + */ + do_action( 'admin_print_styles-media-upload-popup' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_print_styles' ); + + /** + * Fires when admin scripts enqueued for the legacy (pre-3.5.0) media upload popup are printed. + * + * @since 2.9.0 + */ + do_action( 'admin_print_scripts-media-upload-popup' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_print_scripts' ); + + /** + * Fires when scripts enqueued for the admin header for the legacy (pre-3.5.0) + * media upload popup are printed. + * + * @since 2.9.0 + */ + do_action( 'admin_head-media-upload-popup' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_head' ); + + if ( is_string( $content_func ) ) { + /** + * Fires in the admin header for each specific form tab in the legacy + * (pre-3.5.0) media upload popup. + * + * The dynamic portion of the hook name, `$content_func`, refers to the form + * callback for the media upload type. + * + * @since 2.5.0 + */ + do_action( "admin_head_{$content_func}" ); + } + + $body_id_attr = ''; + + if ( isset( $GLOBALS['body_id'] ) ) { + $body_id_attr = ' id="' . $GLOBALS['body_id'] . '"'; + } + + ?> + </head> + <body<?php echo $body_id_attr; ?> class="wp-core-ui no-js"> + <script type="text/javascript"> + document.body.className = document.body.className.replace('no-js', 'js'); + </script> + <?php + + call_user_func_array( $content_func, $args ); + + /** This action is documented in wp-admin/admin-footer.php */ + do_action( 'admin_print_footer_scripts' ); + + ?> + <script type="text/javascript">if(typeof wpOnload==='function')wpOnload();</script> + </body> + </html> + <?php +} + +/** + * Adds the media button to the editor. + * + * @since 2.5.0 + * + * @global int $post_ID + * + * @param string $editor_id + */ +function media_buttons( $editor_id = 'content' ) { + static $instance = 0; + ++$instance; + + $post = get_post(); + + if ( ! $post && ! empty( $GLOBALS['post_ID'] ) ) { + $post = $GLOBALS['post_ID']; + } + + wp_enqueue_media( array( 'post' => $post ) ); + + $img = '<span class="wp-media-buttons-icon"></span> '; + + $id_attribute = 1 === $instance ? ' id="insert-media-button"' : ''; + + printf( + '<button type="button"%s class="button insert-media add_media" data-editor="%s">%s</button>', + $id_attribute, + esc_attr( $editor_id ), + $img . __( 'Add Media' ) + ); + + /** + * Filters the legacy (pre-3.5.0) media buttons. + * + * Use {@see 'media_buttons'} action instead. + * + * @since 2.5.0 + * @deprecated 3.5.0 Use {@see 'media_buttons'} action instead. + * + * @param string $string Media buttons context. Default empty. + */ + $legacy_filter = apply_filters_deprecated( 'media_buttons_context', array( '' ), '3.5.0', 'media_buttons' ); + + if ( $legacy_filter ) { + // #WP22559. Close <a> if a plugin started by closing <a> to open their own <a> tag. + if ( 0 === stripos( trim( $legacy_filter ), '</a>' ) ) { + $legacy_filter .= '</a>'; + } + echo $legacy_filter; + } +} + +/** + * Retrieves the upload iframe source URL. + * + * @since 3.0.0 + * + * @global int $post_ID + * + * @param string $type Media type. + * @param int $post_id Post ID. + * @param string $tab Media upload tab. + * @return string Upload iframe source URL. + */ +function get_upload_iframe_src( $type = null, $post_id = null, $tab = null ) { + global $post_ID; + + if ( empty( $post_id ) ) { + $post_id = $post_ID; + } + + $upload_iframe_src = add_query_arg( 'post_id', (int) $post_id, admin_url( 'media-upload.php' ) ); + + if ( $type && 'media' !== $type ) { + $upload_iframe_src = add_query_arg( 'type', $type, $upload_iframe_src ); + } + + if ( ! empty( $tab ) ) { + $upload_iframe_src = add_query_arg( 'tab', $tab, $upload_iframe_src ); + } + + /** + * Filters the upload iframe source URL for a specific media type. + * + * The dynamic portion of the hook name, `$type`, refers to the type + * of media uploaded. + * + * Possible hook names include: + * + * - `image_upload_iframe_src` + * - `media_upload_iframe_src` + * + * @since 3.0.0 + * + * @param string $upload_iframe_src The upload iframe source URL. + */ + $upload_iframe_src = apply_filters( "{$type}_upload_iframe_src", $upload_iframe_src ); + + return add_query_arg( 'TB_iframe', true, $upload_iframe_src ); +} + +/** + * Handles form submissions for the legacy media uploader. + * + * @since 2.5.0 + * + * @return null|array|void Array of error messages keyed by attachment ID, null or void on success. + */ +function media_upload_form_handler() { + check_admin_referer( 'media-form' ); + + $errors = null; + + if ( isset( $_POST['send'] ) ) { + $keys = array_keys( $_POST['send'] ); + $send_id = (int) reset( $keys ); + } + + if ( ! empty( $_POST['attachments'] ) ) { + foreach ( $_POST['attachments'] as $attachment_id => $attachment ) { + $post = get_post( $attachment_id, ARRAY_A ); + $_post = $post; + + if ( ! current_user_can( 'edit_post', $attachment_id ) ) { + continue; + } + + if ( isset( $attachment['post_content'] ) ) { + $post['post_content'] = $attachment['post_content']; + } + + if ( isset( $attachment['post_title'] ) ) { + $post['post_title'] = $attachment['post_title']; + } + + if ( isset( $attachment['post_excerpt'] ) ) { + $post['post_excerpt'] = $attachment['post_excerpt']; + } + + if ( isset( $attachment['menu_order'] ) ) { + $post['menu_order'] = $attachment['menu_order']; + } + + if ( isset( $send_id ) && $attachment_id == $send_id ) { + if ( isset( $attachment['post_parent'] ) ) { + $post['post_parent'] = $attachment['post_parent']; + } + } + + /** + * Filters the attachment fields to be saved. + * + * @since 2.5.0 + * + * @see wp_get_attachment_metadata() + * + * @param array $post An array of post data. + * @param array $attachment An array of attachment metadata. + */ + $post = apply_filters( 'attachment_fields_to_save', $post, $attachment ); + + if ( isset( $attachment['image_alt'] ) ) { + $image_alt = wp_unslash( $attachment['image_alt'] ); + + if ( get_post_meta( $attachment_id, '_wp_attachment_image_alt', true ) !== $image_alt ) { + $image_alt = wp_strip_all_tags( $image_alt, true ); + + // update_post_meta() expects slashed. + update_post_meta( $attachment_id, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); + } + } + + if ( isset( $post['errors'] ) ) { + $errors[ $attachment_id ] = $post['errors']; + unset( $post['errors'] ); + } + + if ( $post != $_post ) { + wp_update_post( $post ); + } + + foreach ( get_attachment_taxonomies( $post ) as $t ) { + if ( isset( $attachment[ $t ] ) ) { + wp_set_object_terms( $attachment_id, array_map( 'trim', preg_split( '/,+/', $attachment[ $t ] ) ), $t, false ); + } + } + } + } + + if ( isset( $_POST['insert-gallery'] ) || isset( $_POST['update-gallery'] ) ) { + ?> + <script type="text/javascript"> + var win = window.dialogArguments || opener || parent || top; + win.tb_remove(); + </script> + <?php + + exit; + } + + if ( isset( $send_id ) ) { + $attachment = wp_unslash( $_POST['attachments'][ $send_id ] ); + $html = isset( $attachment['post_title'] ) ? $attachment['post_title'] : ''; + + if ( ! empty( $attachment['url'] ) ) { + $rel = ''; + + if ( str_contains( $attachment['url'], 'attachment_id' ) || get_attachment_link( $send_id ) === $attachment['url'] ) { + $rel = " rel='attachment wp-att-" . esc_attr( $send_id ) . "'"; + } + + $html = "<a href='{$attachment['url']}'$rel>$html</a>"; + } + + /** + * Filters the HTML markup for a media item sent to the editor. + * + * @since 2.5.0 + * + * @see wp_get_attachment_metadata() + * + * @param string $html HTML markup for a media item sent to the editor. + * @param int $send_id The first key from the $_POST['send'] data. + * @param array $attachment Array of attachment metadata. + */ + $html = apply_filters( 'media_send_to_editor', $html, $send_id, $attachment ); + + return media_send_to_editor( $html ); + } + + return $errors; +} + +/** + * Handles the process of uploading media. + * + * @since 2.5.0 + * + * @return null|string + */ +function wp_media_upload_handler() { + $errors = array(); + $id = 0; + + if ( isset( $_POST['html-upload'] ) && ! empty( $_FILES ) ) { + check_admin_referer( 'media-form' ); + // Upload File button was clicked. + $id = media_handle_upload( 'async-upload', $_REQUEST['post_id'] ); + unset( $_FILES ); + + if ( is_wp_error( $id ) ) { + $errors['upload_error'] = $id; + $id = false; + } + } + + if ( ! empty( $_POST['insertonlybutton'] ) ) { + $src = $_POST['src']; + + if ( ! empty( $src ) && ! strpos( $src, '://' ) ) { + $src = "http://$src"; + } + + if ( isset( $_POST['media_type'] ) && 'image' !== $_POST['media_type'] ) { + $title = esc_html( wp_unslash( $_POST['title'] ) ); + if ( empty( $title ) ) { + $title = esc_html( wp_basename( $src ) ); + } + + if ( $title && $src ) { + $html = "<a href='" . esc_url( $src ) . "'>$title</a>"; + } + + $type = 'file'; + $ext = preg_replace( '/^.+?\.([^.]+)$/', '$1', $src ); + + if ( $ext ) { + $ext_type = wp_ext2type( $ext ); + if ( 'audio' === $ext_type || 'video' === $ext_type ) { + $type = $ext_type; + } + } + + /** + * Filters the URL sent to the editor for a specific media type. + * + * The dynamic portion of the hook name, `$type`, refers to the type + * of media being sent. + * + * Possible hook names include: + * + * - `audio_send_to_editor_url` + * - `file_send_to_editor_url` + * - `video_send_to_editor_url` + * + * @since 3.3.0 + * + * @param string $html HTML markup sent to the editor. + * @param string $src Media source URL. + * @param string $title Media title. + */ + $html = apply_filters( "{$type}_send_to_editor_url", $html, sanitize_url( $src ), $title ); + } else { + $align = ''; + $alt = esc_attr( wp_unslash( $_POST['alt'] ) ); + + if ( isset( $_POST['align'] ) ) { + $align = esc_attr( wp_unslash( $_POST['align'] ) ); + $class = " class='align$align'"; + } + + if ( ! empty( $src ) ) { + $html = "<img src='" . esc_url( $src ) . "' alt='$alt'$class />"; + } + + /** + * Filters the image URL sent to the editor. + * + * @since 2.8.0 + * + * @param string $html HTML markup sent to the editor for an image. + * @param string $src Image source URL. + * @param string $alt Image alternate, or alt, text. + * @param string $align The image alignment. Default 'alignnone'. Possible values include + * 'alignleft', 'aligncenter', 'alignright', 'alignnone'. + */ + $html = apply_filters( 'image_send_to_editor_url', $html, sanitize_url( $src ), $alt, $align ); + } + + return media_send_to_editor( $html ); + } + + if ( isset( $_POST['save'] ) ) { + $errors['upload_notice'] = __( 'Saved.' ); + wp_enqueue_script( 'admin-gallery' ); + + return wp_iframe( 'media_upload_gallery_form', $errors ); + + } elseif ( ! empty( $_POST ) ) { + $return = media_upload_form_handler(); + + if ( is_string( $return ) ) { + return $return; + } + + if ( is_array( $return ) ) { + $errors = $return; + } + } + + if ( isset( $_GET['tab'] ) && 'type_url' === $_GET['tab'] ) { + $type = 'image'; + + if ( isset( $_GET['type'] ) && in_array( $_GET['type'], array( 'video', 'audio', 'file' ), true ) ) { + $type = $_GET['type']; + } + + return wp_iframe( 'media_upload_type_url_form', $type, $errors, $id ); + } + + return wp_iframe( 'media_upload_type_form', 'image', $errors, $id ); +} + +/** + * Downloads an image from the specified URL, saves it as an attachment, and optionally attaches it to a post. + * + * @since 2.6.0 + * @since 4.2.0 Introduced the `$return_type` parameter. + * @since 4.8.0 Introduced the 'id' option for the `$return_type` parameter. + * @since 5.3.0 The `$post_id` parameter was made optional. + * @since 5.4.0 The original URL of the attachment is stored in the `_source_url` + * post meta value. + * @since 5.8.0 Added 'webp' to the default list of allowed file extensions. + * + * @param string $file The URL of the image to download. + * @param int $post_id Optional. The post ID the media is to be associated with. + * @param string $desc Optional. Description of the image. + * @param string $return_type Optional. Accepts 'html' (image tag html) or 'src' (URL), + * or 'id' (attachment ID). Default 'html'. + * @return string|int|WP_Error Populated HTML img tag, attachment ID, or attachment source + * on success, WP_Error object otherwise. + */ +function media_sideload_image( $file, $post_id = 0, $desc = null, $return_type = 'html' ) { + if ( ! empty( $file ) ) { + + $allowed_extensions = array( 'jpg', 'jpeg', 'jpe', 'png', 'gif', 'webp' ); + + /** + * Filters the list of allowed file extensions when sideloading an image from a URL. + * + * The default allowed extensions are: + * + * - `jpg` + * - `jpeg` + * - `jpe` + * - `png` + * - `gif` + * - `webp` + * + * @since 5.6.0 + * @since 5.8.0 Added 'webp' to the default list of allowed file extensions. + * + * @param string[] $allowed_extensions Array of allowed file extensions. + * @param string $file The URL of the image to download. + */ + $allowed_extensions = apply_filters( 'image_sideload_extensions', $allowed_extensions, $file ); + $allowed_extensions = array_map( 'preg_quote', $allowed_extensions ); + + // Set variables for storage, fix file filename for query strings. + preg_match( '/[^\?]+\.(' . implode( '|', $allowed_extensions ) . ')\b/i', $file, $matches ); + + if ( ! $matches ) { + return new WP_Error( 'image_sideload_failed', __( 'Invalid image URL.' ) ); + } + + $file_array = array(); + $file_array['name'] = wp_basename( $matches[0] ); + + // Download file to temp location. + $file_array['tmp_name'] = download_url( $file ); + + // If error storing temporarily, return the error. + if ( is_wp_error( $file_array['tmp_name'] ) ) { + return $file_array['tmp_name']; + } + + // Do the validation and storage stuff. + $id = media_handle_sideload( $file_array, $post_id, $desc ); + + // If error storing permanently, unlink. + if ( is_wp_error( $id ) ) { + @unlink( $file_array['tmp_name'] ); + return $id; + } + + // Store the original attachment source in meta. + add_post_meta( $id, '_source_url', $file ); + + // If attachment ID was requested, return it. + if ( 'id' === $return_type ) { + return $id; + } + + $src = wp_get_attachment_url( $id ); + } + + // Finally, check to make sure the file has been saved, then return the HTML. + if ( ! empty( $src ) ) { + if ( 'src' === $return_type ) { + return $src; + } + + $alt = isset( $desc ) ? esc_attr( $desc ) : ''; + $html = "<img src='$src' alt='$alt' />"; + + return $html; + } else { + return new WP_Error( 'image_sideload_failed' ); + } +} + +/** + * Retrieves the legacy media uploader form in an iframe. + * + * @since 2.5.0 + * + * @return string|null + */ +function media_upload_gallery() { + $errors = array(); + + if ( ! empty( $_POST ) ) { + $return = media_upload_form_handler(); + + if ( is_string( $return ) ) { + return $return; + } + + if ( is_array( $return ) ) { + $errors = $return; + } + } + + wp_enqueue_script( 'admin-gallery' ); + return wp_iframe( 'media_upload_gallery_form', $errors ); +} + +/** + * Retrieves the legacy media library form in an iframe. + * + * @since 2.5.0 + * + * @return string|null + */ +function media_upload_library() { + $errors = array(); + + if ( ! empty( $_POST ) ) { + $return = media_upload_form_handler(); + + if ( is_string( $return ) ) { + return $return; + } + if ( is_array( $return ) ) { + $errors = $return; + } + } + + return wp_iframe( 'media_upload_library_form', $errors ); +} + +/** + * Retrieves HTML for the image alignment radio buttons with the specified one checked. + * + * @since 2.7.0 + * + * @param WP_Post $post + * @param string $checked + * @return string + */ +function image_align_input_fields( $post, $checked = '' ) { + + if ( empty( $checked ) ) { + $checked = get_user_setting( 'align', 'none' ); + } + + $alignments = array( + 'none' => __( 'None' ), + 'left' => __( 'Left' ), + 'center' => __( 'Center' ), + 'right' => __( 'Right' ), + ); + + if ( ! array_key_exists( (string) $checked, $alignments ) ) { + $checked = 'none'; + } + + $output = array(); + + foreach ( $alignments as $name => $label ) { + $name = esc_attr( $name ); + $output[] = "<input type='radio' name='attachments[{$post->ID}][align]' id='image-align-{$name}-{$post->ID}' value='$name'" . + ( $checked == $name ? " checked='checked'" : '' ) . + " /><label for='image-align-{$name}-{$post->ID}' class='align image-align-{$name}-label'>$label</label>"; + } + + return implode( "\n", $output ); +} + +/** + * Retrieves HTML for the size radio buttons with the specified one checked. + * + * @since 2.7.0 + * + * @param WP_Post $post + * @param bool|string $check + * @return array + */ +function image_size_input_fields( $post, $check = '' ) { + /** + * Filters the names and labels of the default image sizes. + * + * @since 3.3.0 + * + * @param string[] $size_names Array of image size labels keyed by their name. Default values + * include 'Thumbnail', 'Medium', 'Large', and 'Full Size'. + */ + $size_names = apply_filters( + 'image_size_names_choose', + array( + 'thumbnail' => __( 'Thumbnail' ), + 'medium' => __( 'Medium' ), + 'large' => __( 'Large' ), + 'full' => __( 'Full Size' ), + ) + ); + + if ( empty( $check ) ) { + $check = get_user_setting( 'imgsize', 'medium' ); + } + + $output = array(); + + foreach ( $size_names as $size => $label ) { + $downsize = image_downsize( $post->ID, $size ); + $checked = ''; + + // Is this size selectable? + $enabled = ( $downsize[3] || 'full' === $size ); + $css_id = "image-size-{$size}-{$post->ID}"; + + // If this size is the default but that's not available, don't select it. + if ( $size == $check ) { + if ( $enabled ) { + $checked = " checked='checked'"; + } else { + $check = ''; + } + } elseif ( ! $check && $enabled && 'thumbnail' !== $size ) { + /* + * If $check is not enabled, default to the first available size + * that's bigger than a thumbnail. + */ + $check = $size; + $checked = " checked='checked'"; + } + + $html = "<div class='image-size-item'><input type='radio' " . disabled( $enabled, false, false ) . "name='attachments[$post->ID][image-size]' id='{$css_id}' value='{$size}'$checked />"; + + $html .= "<label for='{$css_id}'>$label</label>"; + + // Only show the dimensions if that choice is available. + if ( $enabled ) { + $html .= " <label for='{$css_id}' class='help'>" . sprintf( '(%d × %d)', $downsize[1], $downsize[2] ) . '</label>'; + } + $html .= '</div>'; + + $output[] = $html; + } + + return array( + 'label' => __( 'Size' ), + 'input' => 'html', + 'html' => implode( "\n", $output ), + ); +} + +/** + * Retrieves HTML for the Link URL buttons with the default link type as specified. + * + * @since 2.7.0 + * + * @param WP_Post $post + * @param string $url_type + * @return string + */ +function image_link_input_fields( $post, $url_type = '' ) { + + $file = wp_get_attachment_url( $post->ID ); + $link = get_attachment_link( $post->ID ); + + if ( empty( $url_type ) ) { + $url_type = get_user_setting( 'urlbutton', 'post' ); + } + + $url = ''; + + if ( 'file' === $url_type ) { + $url = $file; + } elseif ( 'post' === $url_type ) { + $url = $link; + } + + return " + <input type='text' class='text urlfield' name='attachments[$post->ID][url]' value='" . esc_attr( $url ) . "' /><br /> + <button type='button' class='button urlnone' data-link-url=''>" . __( 'None' ) . "</button> + <button type='button' class='button urlfile' data-link-url='" . esc_url( $file ) . "'>" . __( 'File URL' ) . "</button> + <button type='button' class='button urlpost' data-link-url='" . esc_url( $link ) . "'>" . __( 'Attachment Post URL' ) . '</button> +'; +} + +/** + * Outputs a textarea element for inputting an attachment caption. + * + * @since 3.4.0 + * + * @param WP_Post $edit_post Attachment WP_Post object. + * @return string HTML markup for the textarea element. + */ +function wp_caption_input_textarea( $edit_post ) { + // Post data is already escaped. + $name = "attachments[{$edit_post->ID}][post_excerpt]"; + + return '<textarea name="' . $name . '" id="' . $name . '">' . $edit_post->post_excerpt . '</textarea>'; +} + +/** + * Retrieves the image attachment fields to edit form fields. + * + * @since 2.5.0 + * + * @param array $form_fields + * @param object $post + * @return array + */ +function image_attachment_fields_to_edit( $form_fields, $post ) { + return $form_fields; +} + +/** + * Retrieves the single non-image attachment fields to edit form fields. + * + * @since 2.5.0 + * + * @param array $form_fields An array of attachment form fields. + * @param WP_Post $post The WP_Post attachment object. + * @return array Filtered attachment form fields. + */ +function media_single_attachment_fields_to_edit( $form_fields, $post ) { + unset( $form_fields['url'], $form_fields['align'], $form_fields['image-size'] ); + return $form_fields; +} + +/** + * Retrieves the post non-image attachment fields to edit form fields. + * + * @since 2.8.0 + * + * @param array $form_fields An array of attachment form fields. + * @param WP_Post $post The WP_Post attachment object. + * @return array Filtered attachment form fields. + */ +function media_post_single_attachment_fields_to_edit( $form_fields, $post ) { + unset( $form_fields['image_url'] ); + return $form_fields; +} + +/** + * Retrieves the media element HTML to send to the editor. + * + * @since 2.5.0 + * + * @param string $html + * @param int $attachment_id + * @param array $attachment + * @return string + */ +function image_media_send_to_editor( $html, $attachment_id, $attachment ) { + $post = get_post( $attachment_id ); + + if ( str_starts_with( $post->post_mime_type, 'image' ) ) { + $url = $attachment['url']; + $align = ! empty( $attachment['align'] ) ? $attachment['align'] : 'none'; + $size = ! empty( $attachment['image-size'] ) ? $attachment['image-size'] : 'medium'; + $alt = ! empty( $attachment['image_alt'] ) ? $attachment['image_alt'] : ''; + $rel = ( str_contains( $url, 'attachment_id' ) || get_attachment_link( $attachment_id ) === $url ); + + return get_image_send_to_editor( $attachment_id, $attachment['post_excerpt'], $attachment['post_title'], $align, $url, $rel, $size, $alt ); + } + + return $html; +} + +/** + * Retrieves the attachment fields to edit form fields. + * + * @since 2.5.0 + * + * @param WP_Post $post + * @param array $errors + * @return array + */ +function get_attachment_fields_to_edit( $post, $errors = null ) { + if ( is_int( $post ) ) { + $post = get_post( $post ); + } + + if ( is_array( $post ) ) { + $post = new WP_Post( (object) $post ); + } + + $image_url = wp_get_attachment_url( $post->ID ); + + $edit_post = sanitize_post( $post, 'edit' ); + + $form_fields = array( + 'post_title' => array( + 'label' => __( 'Title' ), + 'value' => $edit_post->post_title, + ), + 'image_alt' => array(), + 'post_excerpt' => array( + 'label' => __( 'Caption' ), + 'input' => 'html', + 'html' => wp_caption_input_textarea( $edit_post ), + ), + 'post_content' => array( + 'label' => __( 'Description' ), + 'value' => $edit_post->post_content, + 'input' => 'textarea', + ), + 'url' => array( + 'label' => __( 'Link URL' ), + 'input' => 'html', + 'html' => image_link_input_fields( $post, get_option( 'image_default_link_type' ) ), + 'helps' => __( 'Enter a link URL or click above for presets.' ), + ), + 'menu_order' => array( + 'label' => __( 'Order' ), + 'value' => $edit_post->menu_order, + ), + 'image_url' => array( + 'label' => __( 'File URL' ), + 'input' => 'html', + 'html' => "<input type='text' class='text urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . esc_attr( $image_url ) . "' /><br />", + 'value' => wp_get_attachment_url( $post->ID ), + 'helps' => __( 'Location of the uploaded file.' ), + ), + ); + + foreach ( get_attachment_taxonomies( $post ) as $taxonomy ) { + $t = (array) get_taxonomy( $taxonomy ); + + if ( ! $t['public'] || ! $t['show_ui'] ) { + continue; + } + + if ( empty( $t['label'] ) ) { + $t['label'] = $taxonomy; + } + + if ( empty( $t['args'] ) ) { + $t['args'] = array(); + } + + $terms = get_object_term_cache( $post->ID, $taxonomy ); + + if ( false === $terms ) { + $terms = wp_get_object_terms( $post->ID, $taxonomy, $t['args'] ); + } + + $values = array(); + + foreach ( $terms as $term ) { + $values[] = $term->slug; + } + + $t['value'] = implode( ', ', $values ); + + $form_fields[ $taxonomy ] = $t; + } + + /* + * Merge default fields with their errors, so any key passed with the error + * (e.g. 'error', 'helps', 'value') will replace the default. + * The recursive merge is easily traversed with array casting: + * foreach ( (array) $things as $thing ) + */ + $form_fields = array_merge_recursive( $form_fields, (array) $errors ); + + // This was formerly in image_attachment_fields_to_edit(). + if ( str_starts_with( $post->post_mime_type, 'image' ) ) { + $alt = get_post_meta( $post->ID, '_wp_attachment_image_alt', true ); + + if ( empty( $alt ) ) { + $alt = ''; + } + + $form_fields['post_title']['required'] = true; + + $form_fields['image_alt'] = array( + 'value' => $alt, + 'label' => __( 'Alternative Text' ), + 'helps' => __( 'Alt text for the image, e.g. “The Mona Lisa”' ), + ); + + $form_fields['align'] = array( + 'label' => __( 'Alignment' ), + 'input' => 'html', + 'html' => image_align_input_fields( $post, get_option( 'image_default_align' ) ), + ); + + $form_fields['image-size'] = image_size_input_fields( $post, get_option( 'image_default_size', 'medium' ) ); + + } else { + unset( $form_fields['image_alt'] ); + } + + /** + * Filters the attachment fields to edit. + * + * @since 2.5.0 + * + * @param array $form_fields An array of attachment form fields. + * @param WP_Post $post The WP_Post attachment object. + */ + $form_fields = apply_filters( 'attachment_fields_to_edit', $form_fields, $post ); + + return $form_fields; +} + +/** + * Retrieves HTML for media items of post gallery. + * + * The HTML markup retrieved will be created for the progress of SWF Upload + * component. Will also create link for showing and hiding the form to modify + * the image attachment. + * + * @since 2.5.0 + * + * @global WP_Query $wp_the_query WordPress Query object. + * + * @param int $post_id Post ID. + * @param array $errors Errors for attachment, if any. + * @return string HTML content for media items of post gallery. + */ +function get_media_items( $post_id, $errors ) { + $attachments = array(); + + if ( $post_id ) { + $post = get_post( $post_id ); + + if ( $post && 'attachment' === $post->post_type ) { + $attachments = array( $post->ID => $post ); + } else { + $attachments = get_children( + array( + 'post_parent' => $post_id, + 'post_type' => 'attachment', + 'orderby' => 'menu_order ASC, ID', + 'order' => 'DESC', + ) + ); + } + } else { + if ( is_array( $GLOBALS['wp_the_query']->posts ) ) { + foreach ( $GLOBALS['wp_the_query']->posts as $attachment ) { + $attachments[ $attachment->ID ] = $attachment; + } + } + } + + $output = ''; + foreach ( (array) $attachments as $id => $attachment ) { + if ( 'trash' === $attachment->post_status ) { + continue; + } + + $item = get_media_item( $id, array( 'errors' => isset( $errors[ $id ] ) ? $errors[ $id ] : null ) ); + + if ( $item ) { + $output .= "\n<div id='media-item-$id' class='media-item child-of-$attachment->post_parent preloaded'><div class='progress hidden'><div class='bar'></div></div><div id='media-upload-error-$id' class='hidden'></div><div class='filename hidden'></div>$item\n</div>"; + } + } + + return $output; +} + +/** + * Retrieves HTML form for modifying the image attachment. + * + * @since 2.5.0 + * + * @global string $redir_tab + * + * @param int $attachment_id Attachment ID for modification. + * @param string|array $args Optional. Override defaults. + * @return string HTML form for attachment. + */ +function get_media_item( $attachment_id, $args = null ) { + global $redir_tab; + + $thumb_url = false; + $attachment_id = (int) $attachment_id; + + if ( $attachment_id ) { + $thumb_url = wp_get_attachment_image_src( $attachment_id, 'thumbnail', true ); + + if ( $thumb_url ) { + $thumb_url = $thumb_url[0]; + } + } + + $post = get_post( $attachment_id ); + $current_post_id = ! empty( $_GET['post_id'] ) ? (int) $_GET['post_id'] : 0; + + $default_args = array( + 'errors' => null, + 'send' => $current_post_id ? post_type_supports( get_post_type( $current_post_id ), 'editor' ) : true, + 'delete' => true, + 'toggle' => true, + 'show_title' => true, + ); + + $parsed_args = wp_parse_args( $args, $default_args ); + + /** + * Filters the arguments used to retrieve an image for the edit image form. + * + * @since 3.1.0 + * + * @see get_media_item + * + * @param array $parsed_args An array of arguments. + */ + $parsed_args = apply_filters( 'get_media_item_args', $parsed_args ); + + $toggle_on = __( 'Show' ); + $toggle_off = __( 'Hide' ); + + $file = get_attached_file( $post->ID ); + $filename = esc_html( wp_basename( $file ) ); + $title = esc_attr( $post->post_title ); + + $post_mime_types = get_post_mime_types(); + $keys = array_keys( wp_match_mime_types( array_keys( $post_mime_types ), $post->post_mime_type ) ); + $type = reset( $keys ); + $type_html = "<input type='hidden' id='type-of-$attachment_id' value='" . esc_attr( $type ) . "' />"; + + $form_fields = get_attachment_fields_to_edit( $post, $parsed_args['errors'] ); + + if ( $parsed_args['toggle'] ) { + $class = empty( $parsed_args['errors'] ) ? 'startclosed' : 'startopen'; + $toggle_links = " + <a class='toggle describe-toggle-on' href='#'>$toggle_on</a> + <a class='toggle describe-toggle-off' href='#'>$toggle_off</a>"; + } else { + $class = ''; + $toggle_links = ''; + } + + $display_title = ( ! empty( $title ) ) ? $title : $filename; // $title shouldn't ever be empty, but just in case. + $display_title = $parsed_args['show_title'] ? "<div class='filename new'><span class='title'>" . wp_html_excerpt( $display_title, 60, '…' ) . '</span></div>' : ''; + + $gallery = ( ( isset( $_REQUEST['tab'] ) && 'gallery' === $_REQUEST['tab'] ) || ( isset( $redir_tab ) && 'gallery' === $redir_tab ) ); + $order = ''; + + foreach ( $form_fields as $key => $val ) { + if ( 'menu_order' === $key ) { + if ( $gallery ) { + $order = "<div class='menu_order'> <input class='menu_order_input' type='text' id='attachments[$attachment_id][menu_order]' name='attachments[$attachment_id][menu_order]' value='" . esc_attr( $val['value'] ) . "' /></div>"; + } else { + $order = "<input type='hidden' name='attachments[$attachment_id][menu_order]' value='" . esc_attr( $val['value'] ) . "' />"; + } + + unset( $form_fields['menu_order'] ); + break; + } + } + + $media_dims = ''; + $meta = wp_get_attachment_metadata( $post->ID ); + + if ( isset( $meta['width'], $meta['height'] ) ) { + $media_dims .= "<span id='media-dims-$post->ID'>{$meta['width']} × {$meta['height']}</span> "; + } + + /** + * Filters the media metadata. + * + * @since 2.5.0 + * + * @param string $media_dims The HTML markup containing the media dimensions. + * @param WP_Post $post The WP_Post attachment object. + */ + $media_dims = apply_filters( 'media_meta', $media_dims, $post ); + + $image_edit_button = ''; + + if ( wp_attachment_is_image( $post->ID ) && wp_image_editor_supports( array( 'mime_type' => $post->post_mime_type ) ) ) { + $nonce = wp_create_nonce( "image_editor-$post->ID" ); + $image_edit_button = "<input type='button' id='imgedit-open-btn-$post->ID' onclick='imageEdit.open( $post->ID, \"$nonce\" )' class='button' value='" . esc_attr__( 'Edit Image' ) . "' /> <span class='spinner'></span>"; + } + + $attachment_url = get_permalink( $attachment_id ); + + $item = " + $type_html + $toggle_links + $order + $display_title + <table class='slidetoggle describe $class'> + <thead class='media-item-info' id='media-head-$post->ID'> + <tr> + <td class='A1B1' id='thumbnail-head-$post->ID'> + <p><a href='$attachment_url' target='_blank'><img class='thumbnail' src='$thumb_url' alt='' /></a></p> + <p>$image_edit_button</p> + </td> + <td> + <p><strong>" . __( 'File name:' ) . "</strong> $filename</p> + <p><strong>" . __( 'File type:' ) . "</strong> $post->post_mime_type</p> + <p><strong>" . __( 'Upload date:' ) . '</strong> ' . mysql2date( __( 'F j, Y' ), $post->post_date ) . '</p>'; + + if ( ! empty( $media_dims ) ) { + $item .= '<p><strong>' . __( 'Dimensions:' ) . "</strong> $media_dims</p>\n"; + } + + $item .= "</td></tr>\n"; + + $item .= " + </thead> + <tbody> + <tr><td colspan='2' class='imgedit-response' id='imgedit-response-$post->ID'></td></tr>\n + <tr><td style='display:none' colspan='2' class='image-editor' id='image-editor-$post->ID'></td></tr>\n + <tr><td colspan='2'><p class='media-types media-types-required-info'>" . + wp_required_field_message() . + "</p></td></tr>\n"; + + $defaults = array( + 'input' => 'text', + 'required' => false, + 'value' => '', + 'extra_rows' => array(), + ); + + if ( $parsed_args['send'] ) { + $parsed_args['send'] = get_submit_button( __( 'Insert into Post' ), '', "send[$attachment_id]", false ); + } + + $delete = empty( $parsed_args['delete'] ) ? '' : $parsed_args['delete']; + if ( $delete && current_user_can( 'delete_post', $attachment_id ) ) { + if ( ! EMPTY_TRASH_DAYS ) { + $delete = "<a href='" . wp_nonce_url( "post.php?action=delete&post=$attachment_id", 'delete-post_' . $attachment_id ) . "' id='del[$attachment_id]' class='delete-permanently'>" . __( 'Delete Permanently' ) . '</a>'; + } elseif ( ! MEDIA_TRASH ) { + $delete = "<a href='#' class='del-link' onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __( 'Delete' ) . "</a> + <div id='del_attachment_$attachment_id' class='del-attachment' style='display:none;'>" . + /* translators: %s: File name. */ + '<p>' . sprintf( __( 'You are about to delete %s.' ), '<strong>' . $filename . '</strong>' ) . "</p> + <a href='" . wp_nonce_url( "post.php?action=delete&post=$attachment_id", 'delete-post_' . $attachment_id ) . "' id='del[$attachment_id]' class='button'>" . __( 'Continue' ) . "</a> + <a href='#' class='button' onclick=\"this.parentNode.style.display='none';return false;\">" . __( 'Cancel' ) . '</a> + </div>'; + } else { + $delete = "<a href='" . wp_nonce_url( "post.php?action=trash&post=$attachment_id", 'trash-post_' . $attachment_id ) . "' id='del[$attachment_id]' class='delete'>" . __( 'Move to Trash' ) . "</a> + <a href='" . wp_nonce_url( "post.php?action=untrash&post=$attachment_id", 'untrash-post_' . $attachment_id ) . "' id='undo[$attachment_id]' class='undo hidden'>" . __( 'Undo' ) . '</a>'; + } + } else { + $delete = ''; + } + + $thumbnail = ''; + $calling_post_id = 0; + + if ( isset( $_GET['post_id'] ) ) { + $calling_post_id = absint( $_GET['post_id'] ); + } elseif ( isset( $_POST ) && count( $_POST ) ) {// Like for async-upload where $_GET['post_id'] isn't set. + $calling_post_id = $post->post_parent; + } + + if ( 'image' === $type && $calling_post_id + && current_theme_supports( 'post-thumbnails', get_post_type( $calling_post_id ) ) + && post_type_supports( get_post_type( $calling_post_id ), 'thumbnail' ) + && get_post_thumbnail_id( $calling_post_id ) != $attachment_id + ) { + + $calling_post = get_post( $calling_post_id ); + $calling_post_type_object = get_post_type_object( $calling_post->post_type ); + + $ajax_nonce = wp_create_nonce( "set_post_thumbnail-$calling_post_id" ); + $thumbnail = "<a class='wp-post-thumbnail' id='wp-post-thumbnail-" . $attachment_id . "' href='#' onclick='WPSetAsThumbnail(\"$attachment_id\", \"$ajax_nonce\");return false;'>" . esc_html( $calling_post_type_object->labels->use_featured_image ) . '</a>'; + } + + if ( ( $parsed_args['send'] || $thumbnail || $delete ) && ! isset( $form_fields['buttons'] ) ) { + $form_fields['buttons'] = array( 'tr' => "\t\t<tr class='submit'><td></td><td class='savesend'>" . $parsed_args['send'] . " $thumbnail $delete</td></tr>\n" ); + } + + $hidden_fields = array(); + + foreach ( $form_fields as $id => $field ) { + if ( '_' === $id[0] ) { + continue; + } + + if ( ! empty( $field['tr'] ) ) { + $item .= $field['tr']; + continue; + } + + $field = array_merge( $defaults, $field ); + $name = "attachments[$attachment_id][$id]"; + + if ( 'hidden' === $field['input'] ) { + $hidden_fields[ $name ] = $field['value']; + continue; + } + + $required = $field['required'] ? ' ' . wp_required_field_indicator() : ''; + $required_attr = $field['required'] ? ' required' : ''; + $class = $id; + $class .= $field['required'] ? ' form-required' : ''; + + $item .= "\t\t<tr class='$class'>\n\t\t\t<th scope='row' class='label'><label for='$name'><span class='alignleft'>{$field['label']}{$required}</span><br class='clear' /></label></th>\n\t\t\t<td class='field'>"; + + if ( ! empty( $field[ $field['input'] ] ) ) { + $item .= $field[ $field['input'] ]; + } elseif ( 'textarea' === $field['input'] ) { + if ( 'post_content' === $id && user_can_richedit() ) { + // Sanitize_post() skips the post_content when user_can_richedit. + $field['value'] = htmlspecialchars( $field['value'], ENT_QUOTES ); + } + // Post_excerpt is already escaped by sanitize_post() in get_attachment_fields_to_edit(). + $item .= "<textarea id='$name' name='$name'{$required_attr}>" . $field['value'] . '</textarea>'; + } else { + $item .= "<input type='text' class='text' id='$name' name='$name' value='" . esc_attr( $field['value'] ) . "'{$required_attr} />"; + } + + if ( ! empty( $field['helps'] ) ) { + $item .= "<p class='help'>" . implode( "</p>\n<p class='help'>", array_unique( (array) $field['helps'] ) ) . '</p>'; + } + $item .= "</td>\n\t\t</tr>\n"; + + $extra_rows = array(); + + if ( ! empty( $field['errors'] ) ) { + foreach ( array_unique( (array) $field['errors'] ) as $error ) { + $extra_rows['error'][] = $error; + } + } + + if ( ! empty( $field['extra_rows'] ) ) { + foreach ( $field['extra_rows'] as $class => $rows ) { + foreach ( (array) $rows as $html ) { + $extra_rows[ $class ][] = $html; + } + } + } + + foreach ( $extra_rows as $class => $rows ) { + foreach ( $rows as $html ) { + $item .= "\t\t<tr><td></td><td class='$class'>$html</td></tr>\n"; + } + } + } + + if ( ! empty( $form_fields['_final'] ) ) { + $item .= "\t\t<tr class='final'><td colspan='2'>{$form_fields['_final']}</td></tr>\n"; + } + + $item .= "\t</tbody>\n"; + $item .= "\t</table>\n"; + + foreach ( $hidden_fields as $name => $value ) { + $item .= "\t<input type='hidden' name='$name' id='$name' value='" . esc_attr( $value ) . "' />\n"; + } + + if ( $post->post_parent < 1 && isset( $_REQUEST['post_id'] ) ) { + $parent = (int) $_REQUEST['post_id']; + $parent_name = "attachments[$attachment_id][post_parent]"; + $item .= "\t<input type='hidden' name='$parent_name' id='$parent_name' value='$parent' />\n"; + } + + return $item; +} + +/** + * @since 3.5.0 + * + * @param int $attachment_id + * @param array $args + * @return array + */ +function get_compat_media_markup( $attachment_id, $args = null ) { + $post = get_post( $attachment_id ); + + $default_args = array( + 'errors' => null, + 'in_modal' => false, + ); + + $user_can_edit = current_user_can( 'edit_post', $attachment_id ); + + $args = wp_parse_args( $args, $default_args ); + + /** This filter is documented in wp-admin/includes/media.php */ + $args = apply_filters( 'get_media_item_args', $args ); + + $form_fields = array(); + + if ( $args['in_modal'] ) { + foreach ( get_attachment_taxonomies( $post ) as $taxonomy ) { + $t = (array) get_taxonomy( $taxonomy ); + + if ( ! $t['public'] || ! $t['show_ui'] ) { + continue; + } + + if ( empty( $t['label'] ) ) { + $t['label'] = $taxonomy; + } + + if ( empty( $t['args'] ) ) { + $t['args'] = array(); + } + + $terms = get_object_term_cache( $post->ID, $taxonomy ); + + if ( false === $terms ) { + $terms = wp_get_object_terms( $post->ID, $taxonomy, $t['args'] ); + } + + $values = array(); + + foreach ( $terms as $term ) { + $values[] = $term->slug; + } + + $t['value'] = implode( ', ', $values ); + $t['taxonomy'] = true; + + $form_fields[ $taxonomy ] = $t; + } + } + + /* + * Merge default fields with their errors, so any key passed with the error + * (e.g. 'error', 'helps', 'value') will replace the default. + * The recursive merge is easily traversed with array casting: + * foreach ( (array) $things as $thing ) + */ + $form_fields = array_merge_recursive( $form_fields, (array) $args['errors'] ); + + /** This filter is documented in wp-admin/includes/media.php */ + $form_fields = apply_filters( 'attachment_fields_to_edit', $form_fields, $post ); + + unset( + $form_fields['image-size'], + $form_fields['align'], + $form_fields['image_alt'], + $form_fields['post_title'], + $form_fields['post_excerpt'], + $form_fields['post_content'], + $form_fields['url'], + $form_fields['menu_order'], + $form_fields['image_url'] + ); + + /** This filter is documented in wp-admin/includes/media.php */ + $media_meta = apply_filters( 'media_meta', '', $post ); + + $defaults = array( + 'input' => 'text', + 'required' => false, + 'value' => '', + 'extra_rows' => array(), + 'show_in_edit' => true, + 'show_in_modal' => true, + ); + + $hidden_fields = array(); + + $item = ''; + + foreach ( $form_fields as $id => $field ) { + if ( '_' === $id[0] ) { + continue; + } + + $name = "attachments[$attachment_id][$id]"; + $id_attr = "attachments-$attachment_id-$id"; + + if ( ! empty( $field['tr'] ) ) { + $item .= $field['tr']; + continue; + } + + $field = array_merge( $defaults, $field ); + + if ( ( ! $field['show_in_edit'] && ! $args['in_modal'] ) || ( ! $field['show_in_modal'] && $args['in_modal'] ) ) { + continue; + } + + if ( 'hidden' === $field['input'] ) { + $hidden_fields[ $name ] = $field['value']; + continue; + } + + $readonly = ! $user_can_edit && ! empty( $field['taxonomy'] ) ? " readonly='readonly' " : ''; + $required = $field['required'] ? ' ' . wp_required_field_indicator() : ''; + $required_attr = $field['required'] ? ' required' : ''; + $class = 'compat-field-' . $id; + $class .= $field['required'] ? ' form-required' : ''; + + $item .= "\t\t<tr class='$class'>"; + $item .= "\t\t\t<th scope='row' class='label'><label for='$id_attr'><span class='alignleft'>{$field['label']}</span>$required<br class='clear' /></label>"; + $item .= "</th>\n\t\t\t<td class='field'>"; + + if ( ! empty( $field[ $field['input'] ] ) ) { + $item .= $field[ $field['input'] ]; + } elseif ( 'textarea' === $field['input'] ) { + if ( 'post_content' === $id && user_can_richedit() ) { + // sanitize_post() skips the post_content when user_can_richedit. + $field['value'] = htmlspecialchars( $field['value'], ENT_QUOTES ); + } + $item .= "<textarea id='$id_attr' name='$name'{$required_attr}>" . $field['value'] . '</textarea>'; + } else { + $item .= "<input type='text' class='text' id='$id_attr' name='$name' value='" . esc_attr( $field['value'] ) . "' $readonly{$required_attr} />"; + } + + if ( ! empty( $field['helps'] ) ) { + $item .= "<p class='help'>" . implode( "</p>\n<p class='help'>", array_unique( (array) $field['helps'] ) ) . '</p>'; + } + + $item .= "</td>\n\t\t</tr>\n"; + + $extra_rows = array(); + + if ( ! empty( $field['errors'] ) ) { + foreach ( array_unique( (array) $field['errors'] ) as $error ) { + $extra_rows['error'][] = $error; + } + } + + if ( ! empty( $field['extra_rows'] ) ) { + foreach ( $field['extra_rows'] as $class => $rows ) { + foreach ( (array) $rows as $html ) { + $extra_rows[ $class ][] = $html; + } + } + } + + foreach ( $extra_rows as $class => $rows ) { + foreach ( $rows as $html ) { + $item .= "\t\t<tr><td></td><td class='$class'>$html</td></tr>\n"; + } + } + } + + if ( ! empty( $form_fields['_final'] ) ) { + $item .= "\t\t<tr class='final'><td colspan='2'>{$form_fields['_final']}</td></tr>\n"; + } + + if ( $item ) { + $item = '<p class="media-types media-types-required-info">' . + wp_required_field_message() . + '</p>' . + '<table class="compat-attachment-fields">' . $item . '</table>'; + } + + foreach ( $hidden_fields as $hidden_field => $value ) { + $item .= '<input type="hidden" name="' . esc_attr( $hidden_field ) . '" value="' . esc_attr( $value ) . '" />' . "\n"; + } + + if ( $item ) { + $item = '<input type="hidden" name="attachments[' . $attachment_id . '][menu_order]" value="' . esc_attr( $post->menu_order ) . '" />' . $item; + } + + return array( + 'item' => $item, + 'meta' => $media_meta, + ); +} + +/** + * Outputs the legacy media upload header. + * + * @since 2.5.0 + */ +function media_upload_header() { + $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : 0; + + echo '<script type="text/javascript">post_id = ' . $post_id . ';</script>'; + + if ( empty( $_GET['chromeless'] ) ) { + echo '<div id="media-upload-header">'; + the_media_upload_tabs(); + echo '</div>'; + } +} + +/** + * Outputs the legacy media upload form. + * + * @since 2.5.0 + * + * @global string $type + * @global string $tab + * + * @param array $errors + */ +function media_upload_form( $errors = null ) { + global $type, $tab; + + if ( ! _device_can_upload() ) { + echo '<p>' . sprintf( + /* translators: %s: https://apps.wordpress.org/ */ + __( 'The web browser on your device cannot be used to upload files. You may be able to use the <a href="%s">native app for your device</a> instead.' ), + 'https://apps.wordpress.org/' + ) . '</p>'; + return; + } + + $upload_action_url = admin_url( 'async-upload.php' ); + $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : 0; + $_type = isset( $type ) ? $type : ''; + $_tab = isset( $tab ) ? $tab : ''; + + $max_upload_size = wp_max_upload_size(); + if ( ! $max_upload_size ) { + $max_upload_size = 0; + } + + ?> + <div id="media-upload-notice"> + <?php + + if ( isset( $errors['upload_notice'] ) ) { + echo $errors['upload_notice']; + } + + ?> + </div> + <div id="media-upload-error"> + <?php + + if ( isset( $errors['upload_error'] ) && is_wp_error( $errors['upload_error'] ) ) { + echo $errors['upload_error']->get_error_message(); + } + + ?> + </div> + <?php + + if ( is_multisite() && ! is_upload_space_available() ) { + /** + * Fires when an upload will exceed the defined upload space quota for a network site. + * + * @since 3.5.0 + */ + do_action( 'upload_ui_over_quota' ); + return; + } + + /** + * Fires just before the legacy (pre-3.5.0) upload interface is loaded. + * + * @since 2.6.0 + */ + do_action( 'pre-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + $post_params = array( + 'post_id' => $post_id, + '_wpnonce' => wp_create_nonce( 'media-form' ), + 'type' => $_type, + 'tab' => $_tab, + 'short' => '1', + ); + + /** + * Filters the media upload post parameters. + * + * @since 3.1.0 As 'swfupload_post_params' + * @since 3.3.0 + * + * @param array $post_params An array of media upload parameters used by Plupload. + */ + $post_params = apply_filters( 'upload_post_params', $post_params ); + + /* + * Since 4.9 the `runtimes` setting is hardcoded in our version of Plupload to `html5,html4`, + * and the `flash_swf_url` and `silverlight_xap_url` are not used. + */ + $plupload_init = array( + 'browse_button' => 'plupload-browse-button', + 'container' => 'plupload-upload-ui', + 'drop_element' => 'drag-drop-area', + 'file_data_name' => 'async-upload', + 'url' => $upload_action_url, + 'filters' => array( 'max_file_size' => $max_upload_size . 'b' ), + 'multipart_params' => $post_params, + ); + + /* + * Currently only iOS Safari supports multiple files uploading, + * but iOS 7.x has a bug that prevents uploading of videos when enabled. + * See #29602. + */ + if ( + wp_is_mobile() && + str_contains( $_SERVER['HTTP_USER_AGENT'], 'OS 7_' ) && + str_contains( $_SERVER['HTTP_USER_AGENT'], 'like Mac OS X' ) + ) { + $plupload_init['multi_selection'] = false; + } + + // Check if WebP images can be edited. + if ( ! wp_image_editor_supports( array( 'mime_type' => 'image/webp' ) ) ) { + $plupload_init['webp_upload_error'] = true; + } + + /** + * Filters the default Plupload settings. + * + * @since 3.3.0 + * + * @param array $plupload_init An array of default settings used by Plupload. + */ + $plupload_init = apply_filters( 'plupload_init', $plupload_init ); + + ?> + <script type="text/javascript"> + <?php + // Verify size is an int. If not return default value. + $large_size_h = absint( get_option( 'large_size_h' ) ); + + if ( ! $large_size_h ) { + $large_size_h = 1024; + } + + $large_size_w = absint( get_option( 'large_size_w' ) ); + + if ( ! $large_size_w ) { + $large_size_w = 1024; + } + + ?> + var resize_height = <?php echo $large_size_h; ?>, resize_width = <?php echo $large_size_w; ?>, + wpUploaderInit = <?php echo wp_json_encode( $plupload_init ); ?>; + </script> + + <div id="plupload-upload-ui" class="hide-if-no-js"> + <?php + /** + * Fires before the upload interface loads. + * + * @since 2.6.0 As 'pre-flash-upload-ui' + * @since 3.3.0 + */ + do_action( 'pre-plupload-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + ?> + <div id="drag-drop-area"> + <div class="drag-drop-inside"> + <p class="drag-drop-info"><?php _e( 'Drop files to upload' ); ?></p> + <p><?php _ex( 'or', 'Uploader: Drop files here - or - Select Files' ); ?></p> + <p class="drag-drop-buttons"><input id="plupload-browse-button" type="button" value="<?php esc_attr_e( 'Select Files' ); ?>" class="button" /></p> + </div> + </div> + <?php + /** + * Fires after the upload interface loads. + * + * @since 2.6.0 As 'post-flash-upload-ui' + * @since 3.3.0 + */ + do_action( 'post-plupload-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + ?> + </div> + + <div id="html-upload-ui" class="hide-if-js"> + <?php + /** + * Fires before the upload button in the media upload interface. + * + * @since 2.6.0 + */ + do_action( 'pre-html-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + ?> + <p id="async-upload-wrap"> + <label class="screen-reader-text" for="async-upload"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Upload' ); + ?> + </label> + <input type="file" name="async-upload" id="async-upload" /> + <?php submit_button( __( 'Upload' ), 'primary', 'html-upload', false ); ?> + <a href="#" onclick="try{top.tb_remove();}catch(e){}; return false;"><?php _e( 'Cancel' ); ?></a> + </p> + <div class="clear"></div> + <?php + /** + * Fires after the upload button in the media upload interface. + * + * @since 2.6.0 + */ + do_action( 'post-html-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + ?> + </div> + +<p class="max-upload-size"> + <?php + /* translators: %s: Maximum allowed file size. */ + printf( __( 'Maximum upload file size: %s.' ), esc_html( size_format( $max_upload_size ) ) ); + ?> +</p> + <?php + + /** + * Fires on the post upload UI screen. + * + * Legacy (pre-3.5.0) media workflow hook. + * + * @since 2.6.0 + */ + do_action( 'post-upload-ui' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores +} + +/** + * Outputs the legacy media upload form for a given media type. + * + * @since 2.5.0 + * + * @param string $type + * @param array $errors + * @param int|WP_Error $id + */ +function media_upload_type_form( $type = 'file', $errors = null, $id = null ) { + + media_upload_header(); + + $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : 0; + + $form_action_url = admin_url( "media-upload.php?type=$type&tab=type&post_id=$post_id" ); + + /** + * Filters the media upload form action URL. + * + * @since 2.6.0 + * + * @param string $form_action_url The media upload form action URL. + * @param string $type The type of media. Default 'file'. + */ + $form_action_url = apply_filters( 'media_upload_form_url', $form_action_url, $type ); + $form_class = 'media-upload-form type-form validate'; + + if ( get_user_setting( 'uploader' ) ) { + $form_class .= ' html-uploader'; + } + + ?> + <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="<?php echo $type; ?>-form"> + <?php submit_button( '', 'hidden', 'save', false ); ?> + <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> + <?php wp_nonce_field( 'media-form' ); ?> + + <h3 class="media-title"><?php _e( 'Add media files from your computer' ); ?></h3> + + <?php media_upload_form( $errors ); ?> + + <script type="text/javascript"> + jQuery(function($){ + var preloaded = $(".media-item.preloaded"); + if ( preloaded.length > 0 ) { + preloaded.each(function(){prepareMediaItem({id:this.id.replace(/[^0-9]/g, '')},'');}); + } + updateMediaForm(); + }); + </script> + <div id="media-items"> + <?php + + if ( $id ) { + if ( ! is_wp_error( $id ) ) { + add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 ); + echo get_media_items( $id, $errors ); + } else { + echo '<div id="media-upload-error">' . esc_html( $id->get_error_message() ) . '</div></div>'; + exit; + } + } + + ?> + </div> + + <p class="savebutton ml-submit"> + <?php submit_button( __( 'Save all changes' ), '', 'save', false ); ?> + </p> + </form> + <?php +} + +/** + * Outputs the legacy media upload form for external media. + * + * @since 2.7.0 + * + * @param string $type + * @param object $errors + * @param int $id + */ +function media_upload_type_url_form( $type = null, $errors = null, $id = null ) { + if ( null === $type ) { + $type = 'image'; + } + + media_upload_header(); + + $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : 0; + + $form_action_url = admin_url( "media-upload.php?type=$type&tab=type&post_id=$post_id" ); + /** This filter is documented in wp-admin/includes/media.php */ + $form_action_url = apply_filters( 'media_upload_form_url', $form_action_url, $type ); + $form_class = 'media-upload-form type-form validate'; + + if ( get_user_setting( 'uploader' ) ) { + $form_class .= ' html-uploader'; + } + + ?> + <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="<?php echo $type; ?>-form"> + <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> + <?php wp_nonce_field( 'media-form' ); ?> + + <h3 class="media-title"><?php _e( 'Insert media from another website' ); ?></h3> + + <script type="text/javascript"> + var addExtImage = { + + width : '', + height : '', + align : 'alignnone', + + insert : function() { + var t = this, html, f = document.forms[0], cls, title = '', alt = '', caption = ''; + + if ( '' === f.src.value || '' === t.width ) + return false; + + if ( f.alt.value ) + alt = f.alt.value.replace(/'/g, ''').replace(/"/g, '"').replace(/</g, '<').replace(/>/g, '>'); + + <?php + /** This filter is documented in wp-admin/includes/media.php */ + if ( ! apply_filters( 'disable_captions', '' ) ) { + ?> + if ( f.caption.value ) { + caption = f.caption.value.replace(/\r\n|\r/g, '\n'); + caption = caption.replace(/<[a-zA-Z0-9]+( [^<>]+)?>/g, function(a){ + return a.replace(/[\r\n\t]+/, ' '); + }); + + caption = caption.replace(/\s*\n\s*/g, '<br />'); + } + <?php + } + + ?> + cls = caption ? '' : ' class="'+t.align+'"'; + + html = '<img alt="'+alt+'" src="'+f.src.value+'"'+cls+' width="'+t.width+'" height="'+t.height+'" />'; + + if ( f.url.value ) { + url = f.url.value.replace(/'/g, ''').replace(/"/g, '"').replace(/</g, '<').replace(/>/g, '>'); + html = '<a href="'+url+'">'+html+'</a>'; + } + + if ( caption ) + html = '[caption id="" align="'+t.align+'" width="'+t.width+'"]'+html+caption+'[/caption]'; + + var win = window.dialogArguments || opener || parent || top; + win.send_to_editor(html); + return false; + }, + + resetImageData : function() { + var t = addExtImage; + + t.width = t.height = ''; + document.getElementById('go_button').style.color = '#bbb'; + if ( ! document.forms[0].src.value ) + document.getElementById('status_img').innerHTML = ''; + else document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/no.png' ) ); ?>" alt="" />'; + }, + + updateImageData : function() { + var t = addExtImage; + + t.width = t.preloadImg.width; + t.height = t.preloadImg.height; + document.getElementById('go_button').style.color = '#333'; + document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/yes.png' ) ); ?>" alt="" />'; + }, + + getImageData : function() { + if ( jQuery('table.describe').hasClass('not-image') ) + return; + + var t = addExtImage, src = document.forms[0].src.value; + + if ( ! src ) { + t.resetImageData(); + return false; + } + + document.getElementById('status_img').innerHTML = '<img src="<?php echo esc_url( admin_url( 'images/spinner-2x.gif' ) ); ?>" alt="" width="16" height="16" />'; + t.preloadImg = new Image(); + t.preloadImg.onload = t.updateImageData; + t.preloadImg.onerror = t.resetImageData; + t.preloadImg.src = src; + } + }; + + jQuery( function($) { + $('.media-types input').click( function() { + $('table.describe').toggleClass('not-image', $('#not-image').prop('checked') ); + }); + } ); + </script> + + <div id="media-items"> + <div class="media-item media-blank"> + <?php + /** + * Filters the insert media from URL form HTML. + * + * @since 3.3.0 + * + * @param string $form_html The insert from URL form HTML. + */ + echo apply_filters( 'type_url_form_media', wp_media_insert_url_form( $type ) ); + + ?> + </div> + </div> + </form> + <?php +} + +/** + * Adds gallery form to upload iframe. + * + * @since 2.5.0 + * + * @global string $redir_tab + * @global string $type + * @global string $tab + * + * @param array $errors + */ +function media_upload_gallery_form( $errors ) { + global $redir_tab, $type; + + $redir_tab = 'gallery'; + media_upload_header(); + + $post_id = (int) $_REQUEST['post_id']; + $form_action_url = admin_url( "media-upload.php?type=$type&tab=gallery&post_id=$post_id" ); + /** This filter is documented in wp-admin/includes/media.php */ + $form_action_url = apply_filters( 'media_upload_form_url', $form_action_url, $type ); + $form_class = 'media-upload-form validate'; + + if ( get_user_setting( 'uploader' ) ) { + $form_class .= ' html-uploader'; + } + + ?> + <script type="text/javascript"> + jQuery(function($){ + var preloaded = $(".media-item.preloaded"); + if ( preloaded.length > 0 ) { + preloaded.each(function(){prepareMediaItem({id:this.id.replace(/[^0-9]/g, '')},'');}); + updateMediaForm(); + } + }); + </script> + <div id="sort-buttons" class="hide-if-no-js"> + <span> + <?php _e( 'All Tabs:' ); ?> + <a href="#" id="showall"><?php _e( 'Show' ); ?></a> + <a href="#" id="hideall" style="display:none;"><?php _e( 'Hide' ); ?></a> + </span> + <?php _e( 'Sort Order:' ); ?> + <a href="#" id="asc"><?php _e( 'Ascending' ); ?></a> | + <a href="#" id="desc"><?php _e( 'Descending' ); ?></a> | + <a href="#" id="clear"><?php _ex( 'Clear', 'verb' ); ?></a> + </div> + <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="gallery-form"> + <?php wp_nonce_field( 'media-form' ); ?> + <table class="widefat"> + <thead><tr> + <th><?php _e( 'Media' ); ?></th> + <th class="order-head"><?php _e( 'Order' ); ?></th> + <th class="actions-head"><?php _e( 'Actions' ); ?></th> + </tr></thead> + </table> + <div id="media-items"> + <?php add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 ); ?> + <?php echo get_media_items( $post_id, $errors ); ?> + </div> + + <p class="ml-submit"> + <?php + submit_button( + __( 'Save all changes' ), + 'savebutton', + 'save', + false, + array( + 'id' => 'save-all', + 'style' => 'display: none;', + ) + ); + ?> + <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> + <input type="hidden" name="type" value="<?php echo esc_attr( $GLOBALS['type'] ); ?>" /> + <input type="hidden" name="tab" value="<?php echo esc_attr( $GLOBALS['tab'] ); ?>" /> + </p> + + <div id="gallery-settings" style="display:none;"> + <div class="title"><?php _e( 'Gallery Settings' ); ?></div> + <table id="basic" class="describe"><tbody> + <tr> + <th scope="row" class="label"> + <label> + <span class="alignleft"><?php _e( 'Link thumbnails to:' ); ?></span> + </label> + </th> + <td class="field"> + <input type="radio" name="linkto" id="linkto-file" value="file" /> + <label for="linkto-file" class="radio"><?php _e( 'Image File' ); ?></label> + + <input type="radio" checked="checked" name="linkto" id="linkto-post" value="post" /> + <label for="linkto-post" class="radio"><?php _e( 'Attachment Page' ); ?></label> + </td> + </tr> + + <tr> + <th scope="row" class="label"> + <label> + <span class="alignleft"><?php _e( 'Order images by:' ); ?></span> + </label> + </th> + <td class="field"> + <select id="orderby" name="orderby"> + <option value="menu_order" selected="selected"><?php _e( 'Menu order' ); ?></option> + <option value="title"><?php _e( 'Title' ); ?></option> + <option value="post_date"><?php _e( 'Date/Time' ); ?></option> + <option value="rand"><?php _e( 'Random' ); ?></option> + </select> + </td> + </tr> + + <tr> + <th scope="row" class="label"> + <label> + <span class="alignleft"><?php _e( 'Order:' ); ?></span> + </label> + </th> + <td class="field"> + <input type="radio" checked="checked" name="order" id="order-asc" value="asc" /> + <label for="order-asc" class="radio"><?php _e( 'Ascending' ); ?></label> + + <input type="radio" name="order" id="order-desc" value="desc" /> + <label for="order-desc" class="radio"><?php _e( 'Descending' ); ?></label> + </td> + </tr> + + <tr> + <th scope="row" class="label"> + <label> + <span class="alignleft"><?php _e( 'Gallery columns:' ); ?></span> + </label> + </th> + <td class="field"> + <select id="columns" name="columns"> + <option value="1">1</option> + <option value="2">2</option> + <option value="3" selected="selected">3</option> + <option value="4">4</option> + <option value="5">5</option> + <option value="6">6</option> + <option value="7">7</option> + <option value="8">8</option> + <option value="9">9</option> + </select> + </td> + </tr> + </tbody></table> + + <p class="ml-submit"> + <input type="button" class="button" style="display:none;" onMouseDown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php esc_attr_e( 'Insert gallery' ); ?>" /> + <input type="button" class="button" style="display:none;" onMouseDown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php esc_attr_e( 'Update gallery settings' ); ?>" /> + </p> + </div> + </form> + <?php +} + +/** + * Outputs the legacy media upload form for the media library. + * + * @since 2.5.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP_Query $wp_query WordPress Query object. + * @global WP_Locale $wp_locale WordPress date and time locale object. + * @global string $type + * @global string $tab + * @global array $post_mime_types + * + * @param array $errors + */ +function media_upload_library_form( $errors ) { + global $wpdb, $wp_query, $wp_locale, $type, $tab, $post_mime_types; + + media_upload_header(); + + $post_id = isset( $_REQUEST['post_id'] ) ? (int) $_REQUEST['post_id'] : 0; + + $form_action_url = admin_url( "media-upload.php?type=$type&tab=library&post_id=$post_id" ); + /** This filter is documented in wp-admin/includes/media.php */ + $form_action_url = apply_filters( 'media_upload_form_url', $form_action_url, $type ); + $form_class = 'media-upload-form validate'; + + if ( get_user_setting( 'uploader' ) ) { + $form_class .= ' html-uploader'; + } + + $q = $_GET; + $q['posts_per_page'] = 10; + $q['paged'] = isset( $q['paged'] ) ? (int) $q['paged'] : 0; + if ( $q['paged'] < 1 ) { + $q['paged'] = 1; + } + $q['offset'] = ( $q['paged'] - 1 ) * 10; + if ( $q['offset'] < 1 ) { + $q['offset'] = 0; + } + + list($post_mime_types, $avail_post_mime_types) = wp_edit_attachments_query( $q ); + + ?> + <form id="filter" method="get"> + <input type="hidden" name="type" value="<?php echo esc_attr( $type ); ?>" /> + <input type="hidden" name="tab" value="<?php echo esc_attr( $tab ); ?>" /> + <input type="hidden" name="post_id" value="<?php echo (int) $post_id; ?>" /> + <input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? esc_attr( $_GET['post_mime_type'] ) : ''; ?>" /> + <input type="hidden" name="context" value="<?php echo isset( $_GET['context'] ) ? esc_attr( $_GET['context'] ) : ''; ?>" /> + + <p id="media-search" class="search-box"> + <label class="screen-reader-text" for="media-search-input"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search Media:' ); + ?> + </label> + <input type="search" id="media-search-input" name="s" value="<?php the_search_query(); ?>" /> + <?php submit_button( __( 'Search Media' ), '', '', false ); ?> + </p> + + <ul class="subsubsub"> + <?php + $type_links = array(); + $_num_posts = (array) wp_count_attachments(); + $matches = wp_match_mime_types( array_keys( $post_mime_types ), array_keys( $_num_posts ) ); + foreach ( $matches as $_type => $reals ) { + foreach ( $reals as $real ) { + if ( isset( $num_posts[ $_type ] ) ) { + $num_posts[ $_type ] += $_num_posts[ $real ]; + } else { + $num_posts[ $_type ] = $_num_posts[ $real ]; + } + } + } + // If available type specified by media button clicked, filter by that type. + if ( empty( $_GET['post_mime_type'] ) && ! empty( $num_posts[ $type ] ) ) { + $_GET['post_mime_type'] = $type; + list($post_mime_types, $avail_post_mime_types) = wp_edit_attachments_query(); + } + if ( empty( $_GET['post_mime_type'] ) || 'all' === $_GET['post_mime_type'] ) { + $class = ' class="current"'; + } else { + $class = ''; + } + $type_links[] = '<li><a href="' . esc_url( + add_query_arg( + array( + 'post_mime_type' => 'all', + 'paged' => false, + 'm' => false, + ) + ) + ) . '"' . $class . '>' . __( 'All Types' ) . '</a>'; + foreach ( $post_mime_types as $mime_type => $label ) { + $class = ''; + + if ( ! wp_match_mime_types( $mime_type, $avail_post_mime_types ) ) { + continue; + } + + if ( isset( $_GET['post_mime_type'] ) && wp_match_mime_types( $mime_type, $_GET['post_mime_type'] ) ) { + $class = ' class="current"'; + } + + $type_links[] = '<li><a href="' . esc_url( + add_query_arg( + array( + 'post_mime_type' => $mime_type, + 'paged' => false, + ) + ) + ) . '"' . $class . '>' . sprintf( translate_nooped_plural( $label[2], $num_posts[ $mime_type ] ), '<span id="' . $mime_type . '-counter">' . number_format_i18n( $num_posts[ $mime_type ] ) . '</span>' ) . '</a>'; + } + /** + * Filters the media upload mime type list items. + * + * Returned values should begin with an `<li>` tag. + * + * @since 3.1.0 + * + * @param string[] $type_links An array of list items containing mime type link HTML. + */ + echo implode( ' | </li>', apply_filters( 'media_upload_mime_type_links', $type_links ) ) . '</li>'; + unset( $type_links ); + ?> + </ul> + + <div class="tablenav"> + + <?php + $page_links = paginate_links( + array( + 'base' => add_query_arg( 'paged', '%#%' ), + 'format' => '', + 'prev_text' => __( '«' ), + 'next_text' => __( '»' ), + 'total' => ceil( $wp_query->found_posts / 10 ), + 'current' => $q['paged'], + ) + ); + + if ( $page_links ) { + echo "<div class='tablenav-pages'>$page_links</div>"; + } + ?> + + <div class="alignleft actions"> + <?php + + $arc_query = "SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_type = 'attachment' ORDER BY post_date DESC"; + + $arc_result = $wpdb->get_results( $arc_query ); + + $month_count = count( $arc_result ); + $selected_month = isset( $_GET['m'] ) ? $_GET['m'] : 0; + + if ( $month_count && ! ( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) { + ?> + <select name='m'> + <option<?php selected( $selected_month, 0 ); ?> value='0'><?php _e( 'All dates' ); ?></option> + <?php + + foreach ( $arc_result as $arc_row ) { + if ( 0 == $arc_row->yyear ) { + continue; + } + + $arc_row->mmonth = zeroise( $arc_row->mmonth, 2 ); + + if ( $arc_row->yyear . $arc_row->mmonth == $selected_month ) { + $default = ' selected="selected"'; + } else { + $default = ''; + } + + echo "<option$default value='" . esc_attr( $arc_row->yyear . $arc_row->mmonth ) . "'>"; + echo esc_html( $wp_locale->get_month( $arc_row->mmonth ) . " $arc_row->yyear" ); + echo "</option>\n"; + } + + ?> + </select> + <?php } ?> + + <?php submit_button( __( 'Filter »' ), '', 'post-query-submit', false ); ?> + + </div> + + <br class="clear" /> + </div> + </form> + + <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="library-form"> + <?php wp_nonce_field( 'media-form' ); ?> + + <script type="text/javascript"> + jQuery(function($){ + var preloaded = $(".media-item.preloaded"); + if ( preloaded.length > 0 ) { + preloaded.each(function(){prepareMediaItem({id:this.id.replace(/[^0-9]/g, '')},'');}); + updateMediaForm(); + } + }); + </script> + + <div id="media-items"> + <?php add_filter( 'attachment_fields_to_edit', 'media_post_single_attachment_fields_to_edit', 10, 2 ); ?> + <?php echo get_media_items( null, $errors ); ?> + </div> + <p class="ml-submit"> + <?php submit_button( __( 'Save all changes' ), 'savebutton', 'save', false ); ?> + <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> + </p> + </form> + <?php +} + +/** + * Creates the form for external url. + * + * @since 2.7.0 + * + * @param string $default_view + * @return string HTML content of the form. + */ +function wp_media_insert_url_form( $default_view = 'image' ) { + /** This filter is documented in wp-admin/includes/media.php */ + if ( ! apply_filters( 'disable_captions', '' ) ) { + $caption = ' + <tr class="image-only"> + <th scope="row" class="label"> + <label for="caption"><span class="alignleft">' . __( 'Image Caption' ) . '</span></label> + </th> + <td class="field"><textarea id="caption" name="caption"></textarea></td> + </tr>'; + } else { + $caption = ''; + } + + $default_align = get_option( 'image_default_align' ); + + if ( empty( $default_align ) ) { + $default_align = 'none'; + } + + if ( 'image' === $default_view ) { + $view = 'image-only'; + $table_class = ''; + } else { + $view = 'not-image'; + $table_class = $view; + } + + return ' + <p class="media-types"><label><input type="radio" name="media_type" value="image" id="image-only"' . checked( 'image-only', $view, false ) . ' /> ' . __( 'Image' ) . '</label> <label><input type="radio" name="media_type" value="generic" id="not-image"' . checked( 'not-image', $view, false ) . ' /> ' . __( 'Audio, Video, or Other File' ) . '</label></p> + <p class="media-types media-types-required-info">' . + wp_required_field_message() . + '</p> + <table class="describe ' . $table_class . '"><tbody> + <tr> + <th scope="row" class="label" style="width:130px;"> + <label for="src"><span class="alignleft">' . __( 'URL' ) . '</span> ' . wp_required_field_indicator() . '</label> + <span class="alignright" id="status_img"></span> + </th> + <td class="field"><input id="src" name="src" value="" type="text" required onblur="addExtImage.getImageData()" /></td> + </tr> + + <tr> + <th scope="row" class="label"> + <label for="title"><span class="alignleft">' . __( 'Title' ) . '</span> ' . wp_required_field_indicator() . '</label> + </th> + <td class="field"><input id="title" name="title" value="" type="text" required /></td> + </tr> + + <tr class="not-image"><td></td><td><p class="help">' . __( 'Link text, e.g. “Ransom Demands (PDF)”' ) . '</p></td></tr> + + <tr class="image-only"> + <th scope="row" class="label"> + <label for="alt"><span class="alignleft">' . __( 'Alternative Text' ) . '</span> ' . wp_required_field_indicator() . '</label> + </th> + <td class="field"><input id="alt" name="alt" value="" type="text" required /> + <p class="help">' . __( 'Alt text for the image, e.g. “The Mona Lisa”' ) . '</p></td> + </tr> + ' . $caption . ' + <tr class="align image-only"> + <th scope="row" class="label"><p><label for="align">' . __( 'Alignment' ) . '</label></p></th> + <td class="field"> + <input name="align" id="align-none" value="none" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ( 'none' === $default_align ? ' checked="checked"' : '' ) . ' /> + <label for="align-none" class="align image-align-none-label">' . __( 'None' ) . '</label> + <input name="align" id="align-left" value="left" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ( 'left' === $default_align ? ' checked="checked"' : '' ) . ' /> + <label for="align-left" class="align image-align-left-label">' . __( 'Left' ) . '</label> + <input name="align" id="align-center" value="center" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ( 'center' === $default_align ? ' checked="checked"' : '' ) . ' /> + <label for="align-center" class="align image-align-center-label">' . __( 'Center' ) . '</label> + <input name="align" id="align-right" value="right" onclick="addExtImage.align=\'align\'+this.value" type="radio"' . ( 'right' === $default_align ? ' checked="checked"' : '' ) . ' /> + <label for="align-right" class="align image-align-right-label">' . __( 'Right' ) . '</label> + </td> + </tr> + + <tr class="image-only"> + <th scope="row" class="label"> + <label for="url"><span class="alignleft">' . __( 'Link Image To:' ) . '</span></label> + </th> + <td class="field"><input id="url" name="url" value="" type="text" /><br /> + + <button type="button" class="button" value="" onclick="document.forms[0].url.value=null">' . __( 'None' ) . '</button> + <button type="button" class="button" value="" onclick="document.forms[0].url.value=document.forms[0].src.value">' . __( 'Link to image' ) . '</button> + <p class="help">' . __( 'Enter a link URL or click above for presets.' ) . '</p></td> + </tr> + <tr class="image-only"> + <td></td> + <td> + <input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . esc_attr__( 'Insert into Post' ) . '" /> + </td> + </tr> + <tr class="not-image"> + <td></td> + <td> + ' . get_submit_button( __( 'Insert into Post' ), '', 'insertonlybutton', false ) . ' + </td> + </tr> + </tbody></table>'; +} + +/** + * Displays the multi-file uploader message. + * + * @since 2.6.0 + * + * @global int $post_ID + */ +function media_upload_flash_bypass() { + $browser_uploader = admin_url( 'media-new.php?browser-uploader' ); + + $post = get_post(); + if ( $post ) { + $browser_uploader .= '&post_id=' . (int) $post->ID; + } elseif ( ! empty( $GLOBALS['post_ID'] ) ) { + $browser_uploader .= '&post_id=' . (int) $GLOBALS['post_ID']; + } + + ?> + <p class="upload-flash-bypass"> + <?php + printf( + /* translators: 1: URL to browser uploader, 2: Additional link attributes. */ + __( 'You are using the multi-file uploader. Problems? Try the <a href="%1$s" %2$s>browser uploader</a> instead.' ), + $browser_uploader, + 'target="_blank"' + ); + ?> + </p> + <?php +} + +/** + * Displays the browser's built-in uploader message. + * + * @since 2.6.0 + */ +function media_upload_html_bypass() { + ?> + <p class="upload-html-bypass hide-if-no-js"> + <?php _e( 'You are using the browser’s built-in file uploader. The WordPress uploader includes multiple file selection and drag and drop capability. <a href="#">Switch to the multi-file uploader</a>.' ); ?> + </p> + <?php +} + +/** + * Used to display a "After a file has been uploaded..." help message. + * + * @since 3.3.0 + */ +function media_upload_text_after() {} + +/** + * Displays the checkbox to scale images. + * + * @since 3.3.0 + */ +function media_upload_max_image_resize() { + $checked = get_user_setting( 'upload_resize' ) ? ' checked="true"' : ''; + $a = ''; + $end = ''; + + if ( current_user_can( 'manage_options' ) ) { + $a = '<a href="' . esc_url( admin_url( 'options-media.php' ) ) . '" target="_blank">'; + $end = '</a>'; + } + + ?> + <p class="hide-if-no-js"><label> + <input name="image_resize" type="checkbox" id="image_resize" value="true"<?php echo $checked; ?> /> + <?php + /* translators: 1: Link start tag, 2: Link end tag, 3: Width, 4: Height. */ + printf( __( 'Scale images to match the large size selected in %1$simage options%2$s (%3$d × %4$d).' ), $a, $end, (int) get_option( 'large_size_w', '1024' ), (int) get_option( 'large_size_h', '1024' ) ); + + ?> + </label></p> + <?php +} + +/** + * Displays the out of storage quota message in Multisite. + * + * @since 3.5.0 + */ +function multisite_over_quota_message() { + echo '<p>' . sprintf( + /* translators: %s: Allowed space allocation. */ + __( 'Sorry, you have used your space allocation of %s. Please delete some files to upload more files.' ), + size_format( get_space_allowed() * MB_IN_BYTES ) + ) . '</p>'; +} + +/** + * Displays the image and editor in the post editor + * + * @since 3.5.0 + * + * @param WP_Post $post A post object. + */ +function edit_form_image_editor( $post ) { + $open = isset( $_GET['image-editor'] ); + + if ( $open ) { + require_once ABSPATH . 'wp-admin/includes/image-edit.php'; + } + + $thumb_url = false; + $attachment_id = (int) $post->ID; + + if ( $attachment_id ) { + $thumb_url = wp_get_attachment_image_src( $attachment_id, array( 900, 450 ), true ); + } + + $alt_text = get_post_meta( $post->ID, '_wp_attachment_image_alt', true ); + + $att_url = wp_get_attachment_url( $post->ID ); + ?> + <div class="wp_attachment_holder wp-clearfix"> + <?php + + if ( wp_attachment_is_image( $post->ID ) ) : + $image_edit_button = ''; + if ( wp_image_editor_supports( array( 'mime_type' => $post->post_mime_type ) ) ) { + $nonce = wp_create_nonce( "image_editor-$post->ID" ); + $image_edit_button = "<input type='button' id='imgedit-open-btn-$post->ID' onclick='imageEdit.open( $post->ID, \"$nonce\" )' class='button' value='" . esc_attr__( 'Edit Image' ) . "' /> <span class='spinner'></span>"; + } + + $open_style = ''; + $not_open_style = ''; + + if ( $open ) { + $open_style = ' style="display:none"'; + } else { + $not_open_style = ' style="display:none"'; + } + + ?> + <div class="imgedit-response" id="imgedit-response-<?php echo $attachment_id; ?>"></div> + + <div<?php echo $open_style; ?> class="wp_attachment_image wp-clearfix" id="media-head-<?php echo $attachment_id; ?>"> + <p id="thumbnail-head-<?php echo $attachment_id; ?>"><img class="thumbnail" src="<?php echo set_url_scheme( $thumb_url[0] ); ?>" style="max-width:100%" alt="" /></p> + <p><?php echo $image_edit_button; ?></p> + </div> + <div<?php echo $not_open_style; ?> class="image-editor" id="image-editor-<?php echo $attachment_id; ?>"> + <?php + + if ( $open ) { + wp_image_editor( $attachment_id ); + } + + ?> + </div> + <?php + elseif ( $attachment_id && wp_attachment_is( 'audio', $post ) ) : + + wp_maybe_generate_attachment_metadata( $post ); + + echo wp_audio_shortcode( array( 'src' => $att_url ) ); + + elseif ( $attachment_id && wp_attachment_is( 'video', $post ) ) : + + wp_maybe_generate_attachment_metadata( $post ); + + $meta = wp_get_attachment_metadata( $attachment_id ); + $w = ! empty( $meta['width'] ) ? min( $meta['width'], 640 ) : 0; + $h = ! empty( $meta['height'] ) ? $meta['height'] : 0; + + if ( $h && $w < $meta['width'] ) { + $h = round( ( $meta['height'] * $w ) / $meta['width'] ); + } + + $attr = array( 'src' => $att_url ); + + if ( ! empty( $w ) && ! empty( $h ) ) { + $attr['width'] = $w; + $attr['height'] = $h; + } + + $thumb_id = get_post_thumbnail_id( $attachment_id ); + + if ( ! empty( $thumb_id ) ) { + $attr['poster'] = wp_get_attachment_url( $thumb_id ); + } + + echo wp_video_shortcode( $attr ); + + elseif ( isset( $thumb_url[0] ) ) : + ?> + <div class="wp_attachment_image wp-clearfix" id="media-head-<?php echo $attachment_id; ?>"> + <p id="thumbnail-head-<?php echo $attachment_id; ?>"> + <img class="thumbnail" src="<?php echo set_url_scheme( $thumb_url[0] ); ?>" style="max-width:100%" alt="" /> + </p> + </div> + <?php + + else : + + /** + * Fires when an attachment type can't be rendered in the edit form. + * + * @since 4.6.0 + * + * @param WP_Post $post A post object. + */ + do_action( 'wp_edit_form_attachment_display', $post ); + + endif; + + ?> + </div> + <div class="wp_attachment_details edit-form-section"> + <?php if ( str_starts_with( $post->post_mime_type, 'image' ) ) : ?> + <p class="attachment-alt-text"> + <label for="attachment_alt"><strong><?php _e( 'Alternative Text' ); ?></strong></label><br /> + <textarea class="widefat" name="_wp_attachment_image_alt" id="attachment_alt" aria-describedby="alt-text-description"><?php echo esc_attr( $alt_text ); ?></textarea> + </p> + <p class="attachment-alt-text-description" id="alt-text-description"> + <?php + + printf( + /* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */ + __( '<a href="%1$s" %2$s>Learn how to describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ), + esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ), + 'target="_blank" rel="noopener"', + sprintf( + '<span class="screen-reader-text"> %s</span>', + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ) + ); + + ?> + </p> + <?php endif; ?> + + <p> + <label for="attachment_caption"><strong><?php _e( 'Caption' ); ?></strong></label><br /> + <textarea class="widefat" name="excerpt" id="attachment_caption"><?php echo $post->post_excerpt; ?></textarea> + </p> + + <?php + + $quicktags_settings = array( 'buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,close' ); + $editor_args = array( + 'textarea_name' => 'content', + 'textarea_rows' => 5, + 'media_buttons' => false, + 'tinymce' => false, + 'quicktags' => $quicktags_settings, + ); + + ?> + + <label for="attachment_content" class="attachment-content-description"><strong><?php _e( 'Description' ); ?></strong> + <?php + + if ( preg_match( '#^(audio|video)/#', $post->post_mime_type ) ) { + echo ': ' . __( 'Displayed on attachment pages.' ); + } + + ?> + </label> + <?php wp_editor( format_to_edit( $post->post_content ), 'attachment_content', $editor_args ); ?> + + </div> + <?php + + $extras = get_compat_media_markup( $post->ID ); + echo $extras['item']; + echo '<input type="hidden" id="image-edit-context" value="edit-attachment" />' . "\n"; +} + +/** + * Displays non-editable attachment metadata in the publish meta box. + * + * @since 3.5.0 + */ +function attachment_submitbox_metadata() { + $post = get_post(); + $attachment_id = $post->ID; + + $file = get_attached_file( $attachment_id ); + $filename = esc_html( wp_basename( $file ) ); + + $media_dims = ''; + $meta = wp_get_attachment_metadata( $attachment_id ); + + if ( isset( $meta['width'], $meta['height'] ) ) { + $media_dims .= "<span id='media-dims-$attachment_id'>{$meta['width']} × {$meta['height']}</span> "; + } + /** This filter is documented in wp-admin/includes/media.php */ + $media_dims = apply_filters( 'media_meta', $media_dims, $post ); + + $att_url = wp_get_attachment_url( $attachment_id ); + + $author = new WP_User( $post->post_author ); + + $uploaded_by_name = __( '(no author)' ); + $uploaded_by_link = ''; + + if ( $author->exists() ) { + $uploaded_by_name = $author->display_name ? $author->display_name : $author->nickname; + $uploaded_by_link = get_edit_user_link( $author->ID ); + } + ?> + <div class="misc-pub-section misc-pub-uploadedby"> + <?php if ( $uploaded_by_link ) { ?> + <?php _e( 'Uploaded by:' ); ?> <a href="<?php echo $uploaded_by_link; ?>"><strong><?php echo $uploaded_by_name; ?></strong></a> + <?php } else { ?> + <?php _e( 'Uploaded by:' ); ?> <strong><?php echo $uploaded_by_name; ?></strong> + <?php } ?> + </div> + + <?php + if ( $post->post_parent ) { + $post_parent = get_post( $post->post_parent ); + if ( $post_parent ) { + $uploaded_to_title = $post_parent->post_title ? $post_parent->post_title : __( '(no title)' ); + $uploaded_to_link = get_edit_post_link( $post->post_parent, 'raw' ); + ?> + <div class="misc-pub-section misc-pub-uploadedto"> + <?php if ( $uploaded_to_link ) { ?> + <?php _e( 'Uploaded to:' ); ?> <a href="<?php echo $uploaded_to_link; ?>"><strong><?php echo $uploaded_to_title; ?></strong></a> + <?php } else { ?> + <?php _e( 'Uploaded to:' ); ?> <strong><?php echo $uploaded_to_title; ?></strong> + <?php } ?> + </div> + <?php + } + } + ?> + + <div class="misc-pub-section misc-pub-attachment"> + <label for="attachment_url"><?php _e( 'File URL:' ); ?></label> + <input type="text" class="widefat urlfield" readonly="readonly" name="attachment_url" id="attachment_url" value="<?php echo esc_attr( $att_url ); ?>" /> + <span class="copy-to-clipboard-container"> + <button type="button" class="button copy-attachment-url edit-media" data-clipboard-target="#attachment_url"><?php _e( 'Copy URL to clipboard' ); ?></button> + <span class="success hidden" aria-hidden="true"><?php _e( 'Copied!' ); ?></span> + </span> + </div> + <div class="misc-pub-section misc-pub-download"> + <a href="<?php echo esc_attr( $att_url ); ?>" download><?php _e( 'Download file' ); ?></a> + </div> + <div class="misc-pub-section misc-pub-filename"> + <?php _e( 'File name:' ); ?> <strong><?php echo $filename; ?></strong> + </div> + <div class="misc-pub-section misc-pub-filetype"> + <?php _e( 'File type:' ); ?> + <strong> + <?php + + if ( preg_match( '/^.*?\.(\w+)$/', get_attached_file( $post->ID ), $matches ) ) { + echo esc_html( strtoupper( $matches[1] ) ); + list( $mime_type ) = explode( '/', $post->post_mime_type ); + if ( 'image' !== $mime_type && ! empty( $meta['mime_type'] ) ) { + if ( "$mime_type/" . strtolower( $matches[1] ) !== $meta['mime_type'] ) { + echo ' (' . $meta['mime_type'] . ')'; + } + } + } else { + echo strtoupper( str_replace( 'image/', '', $post->post_mime_type ) ); + } + + ?> + </strong> + </div> + + <?php + + $file_size = false; + + if ( isset( $meta['filesize'] ) ) { + $file_size = $meta['filesize']; + } elseif ( file_exists( $file ) ) { + $file_size = wp_filesize( $file ); + } + + if ( ! empty( $file_size ) ) { + ?> + <div class="misc-pub-section misc-pub-filesize"> + <?php _e( 'File size:' ); ?> <strong><?php echo size_format( $file_size ); ?></strong> + </div> + <?php + } + + if ( preg_match( '#^(audio|video)/#', $post->post_mime_type ) ) { + $fields = array( + 'length_formatted' => __( 'Length:' ), + 'bitrate' => __( 'Bitrate:' ), + ); + + /** + * Filters the audio and video metadata fields to be shown in the publish meta box. + * + * The key for each item in the array should correspond to an attachment + * metadata key, and the value should be the desired label. + * + * @since 3.7.0 + * @since 4.9.0 Added the `$post` parameter. + * + * @param array $fields An array of the attachment metadata keys and labels. + * @param WP_Post $post WP_Post object for the current attachment. + */ + $fields = apply_filters( 'media_submitbox_misc_sections', $fields, $post ); + + foreach ( $fields as $key => $label ) { + if ( empty( $meta[ $key ] ) ) { + continue; + } + + ?> + <div class="misc-pub-section misc-pub-mime-meta misc-pub-<?php echo sanitize_html_class( $key ); ?>"> + <?php echo $label; ?> + <strong> + <?php + + switch ( $key ) { + case 'bitrate': + echo round( $meta['bitrate'] / 1000 ) . 'kb/s'; + if ( ! empty( $meta['bitrate_mode'] ) ) { + echo ' ' . strtoupper( esc_html( $meta['bitrate_mode'] ) ); + } + break; + default: + echo esc_html( $meta[ $key ] ); + break; + } + + ?> + </strong> + </div> + <?php + } + + $fields = array( + 'dataformat' => __( 'Audio Format:' ), + 'codec' => __( 'Audio Codec:' ), + ); + + /** + * Filters the audio attachment metadata fields to be shown in the publish meta box. + * + * The key for each item in the array should correspond to an attachment + * metadata key, and the value should be the desired label. + * + * @since 3.7.0 + * @since 4.9.0 Added the `$post` parameter. + * + * @param array $fields An array of the attachment metadata keys and labels. + * @param WP_Post $post WP_Post object for the current attachment. + */ + $audio_fields = apply_filters( 'audio_submitbox_misc_sections', $fields, $post ); + + foreach ( $audio_fields as $key => $label ) { + if ( empty( $meta['audio'][ $key ] ) ) { + continue; + } + + ?> + <div class="misc-pub-section misc-pub-audio misc-pub-<?php echo sanitize_html_class( $key ); ?>"> + <?php echo $label; ?> <strong><?php echo esc_html( $meta['audio'][ $key ] ); ?></strong> + </div> + <?php + } + } + + if ( $media_dims ) { + ?> + <div class="misc-pub-section misc-pub-dimensions"> + <?php _e( 'Dimensions:' ); ?> <strong><?php echo $media_dims; ?></strong> + </div> + <?php + } + + if ( ! empty( $meta['original_image'] ) ) { + ?> + <div class="misc-pub-section misc-pub-original-image word-wrap-break-word"> + <?php _e( 'Original image:' ); ?> + <a href="<?php echo esc_url( wp_get_original_image_url( $attachment_id ) ); ?>"> + <strong><?php echo esc_html( wp_basename( wp_get_original_image_path( $attachment_id ) ) ); ?></strong> + </a> + </div> + <?php + } +} + +/** + * Parses ID3v2, ID3v1, and getID3 comments to extract usable data. + * + * @since 3.6.0 + * + * @param array $metadata An existing array with data. + * @param array $data Data supplied by ID3 tags. + */ +function wp_add_id3_tag_data( &$metadata, $data ) { + foreach ( array( 'id3v2', 'id3v1' ) as $version ) { + if ( ! empty( $data[ $version ]['comments'] ) ) { + foreach ( $data[ $version ]['comments'] as $key => $list ) { + if ( 'length' !== $key && ! empty( $list ) ) { + $metadata[ $key ] = wp_kses_post( reset( $list ) ); + // Fix bug in byte stream analysis. + if ( 'terms_of_use' === $key && str_starts_with( $metadata[ $key ], 'yright notice.' ) ) { + $metadata[ $key ] = 'Cop' . $metadata[ $key ]; + } + } + } + break; + } + } + + if ( ! empty( $data['id3v2']['APIC'] ) ) { + $image = reset( $data['id3v2']['APIC'] ); + if ( ! empty( $image['data'] ) ) { + $metadata['image'] = array( + 'data' => $image['data'], + 'mime' => $image['image_mime'], + 'width' => $image['image_width'], + 'height' => $image['image_height'], + ); + } + } elseif ( ! empty( $data['comments']['picture'] ) ) { + $image = reset( $data['comments']['picture'] ); + if ( ! empty( $image['data'] ) ) { + $metadata['image'] = array( + 'data' => $image['data'], + 'mime' => $image['image_mime'], + ); + } + } +} + +/** + * Retrieves metadata from a video file's ID3 tags. + * + * @since 3.6.0 + * + * @param string $file Path to file. + * @return array|false Returns array of metadata, if found. + */ +function wp_read_video_metadata( $file ) { + if ( ! file_exists( $file ) ) { + return false; + } + + $metadata = array(); + + if ( ! defined( 'GETID3_TEMP_DIR' ) ) { + define( 'GETID3_TEMP_DIR', get_temp_dir() ); + } + + if ( ! class_exists( 'getID3', false ) ) { + require ABSPATH . WPINC . '/ID3/getid3.php'; + } + + $id3 = new getID3(); + // Required to get the `created_timestamp` value. + $id3->options_audiovideo_quicktime_ReturnAtomData = true; // phpcs:ignore WordPress.NamingConventions.ValidVariableName + + $data = $id3->analyze( $file ); + + if ( isset( $data['video']['lossless'] ) ) { + $metadata['lossless'] = $data['video']['lossless']; + } + + if ( ! empty( $data['video']['bitrate'] ) ) { + $metadata['bitrate'] = (int) $data['video']['bitrate']; + } + + if ( ! empty( $data['video']['bitrate_mode'] ) ) { + $metadata['bitrate_mode'] = $data['video']['bitrate_mode']; + } + + if ( ! empty( $data['filesize'] ) ) { + $metadata['filesize'] = (int) $data['filesize']; + } + + if ( ! empty( $data['mime_type'] ) ) { + $metadata['mime_type'] = $data['mime_type']; + } + + if ( ! empty( $data['playtime_seconds'] ) ) { + $metadata['length'] = (int) round( $data['playtime_seconds'] ); + } + + if ( ! empty( $data['playtime_string'] ) ) { + $metadata['length_formatted'] = $data['playtime_string']; + } + + if ( ! empty( $data['video']['resolution_x'] ) ) { + $metadata['width'] = (int) $data['video']['resolution_x']; + } + + if ( ! empty( $data['video']['resolution_y'] ) ) { + $metadata['height'] = (int) $data['video']['resolution_y']; + } + + if ( ! empty( $data['fileformat'] ) ) { + $metadata['fileformat'] = $data['fileformat']; + } + + if ( ! empty( $data['video']['dataformat'] ) ) { + $metadata['dataformat'] = $data['video']['dataformat']; + } + + if ( ! empty( $data['video']['encoder'] ) ) { + $metadata['encoder'] = $data['video']['encoder']; + } + + if ( ! empty( $data['video']['codec'] ) ) { + $metadata['codec'] = $data['video']['codec']; + } + + if ( ! empty( $data['audio'] ) ) { + unset( $data['audio']['streams'] ); + $metadata['audio'] = $data['audio']; + } + + if ( empty( $metadata['created_timestamp'] ) ) { + $created_timestamp = wp_get_media_creation_timestamp( $data ); + + if ( false !== $created_timestamp ) { + $metadata['created_timestamp'] = $created_timestamp; + } + } + + wp_add_id3_tag_data( $metadata, $data ); + + $file_format = isset( $metadata['fileformat'] ) ? $metadata['fileformat'] : null; + + /** + * Filters the array of metadata retrieved from a video. + * + * In core, usually this selection is what is stored. + * More complete data can be parsed from the `$data` parameter. + * + * @since 4.9.0 + * + * @param array $metadata Filtered video metadata. + * @param string $file Path to video file. + * @param string|null $file_format File format of video, as analyzed by getID3. + * Null if unknown. + * @param array $data Raw metadata from getID3. + */ + return apply_filters( 'wp_read_video_metadata', $metadata, $file, $file_format, $data ); +} + +/** + * Retrieves metadata from an audio file's ID3 tags. + * + * @since 3.6.0 + * + * @param string $file Path to file. + * @return array|false Returns array of metadata, if found. + */ +function wp_read_audio_metadata( $file ) { + if ( ! file_exists( $file ) ) { + return false; + } + + $metadata = array(); + + if ( ! defined( 'GETID3_TEMP_DIR' ) ) { + define( 'GETID3_TEMP_DIR', get_temp_dir() ); + } + + if ( ! class_exists( 'getID3', false ) ) { + require ABSPATH . WPINC . '/ID3/getid3.php'; + } + + $id3 = new getID3(); + // Required to get the `created_timestamp` value. + $id3->options_audiovideo_quicktime_ReturnAtomData = true; // phpcs:ignore WordPress.NamingConventions.ValidVariableName + + $data = $id3->analyze( $file ); + + if ( ! empty( $data['audio'] ) ) { + unset( $data['audio']['streams'] ); + $metadata = $data['audio']; + } + + if ( ! empty( $data['fileformat'] ) ) { + $metadata['fileformat'] = $data['fileformat']; + } + + if ( ! empty( $data['filesize'] ) ) { + $metadata['filesize'] = (int) $data['filesize']; + } + + if ( ! empty( $data['mime_type'] ) ) { + $metadata['mime_type'] = $data['mime_type']; + } + + if ( ! empty( $data['playtime_seconds'] ) ) { + $metadata['length'] = (int) round( $data['playtime_seconds'] ); + } + + if ( ! empty( $data['playtime_string'] ) ) { + $metadata['length_formatted'] = $data['playtime_string']; + } + + if ( empty( $metadata['created_timestamp'] ) ) { + $created_timestamp = wp_get_media_creation_timestamp( $data ); + + if ( false !== $created_timestamp ) { + $metadata['created_timestamp'] = $created_timestamp; + } + } + + wp_add_id3_tag_data( $metadata, $data ); + + $file_format = isset( $metadata['fileformat'] ) ? $metadata['fileformat'] : null; + + /** + * Filters the array of metadata retrieved from an audio file. + * + * In core, usually this selection is what is stored. + * More complete data can be parsed from the `$data` parameter. + * + * @since 6.1.0 + * + * @param array $metadata Filtered audio metadata. + * @param string $file Path to audio file. + * @param string|null $file_format File format of audio, as analyzed by getID3. + * Null if unknown. + * @param array $data Raw metadata from getID3. + */ + return apply_filters( 'wp_read_audio_metadata', $metadata, $file, $file_format, $data ); +} + +/** + * Parses creation date from media metadata. + * + * The getID3 library doesn't have a standard method for getting creation dates, + * so the location of this data can vary based on the MIME type. + * + * @since 4.9.0 + * + * @link https://github.com/JamesHeinrich/getID3/blob/master/structure.txt + * + * @param array $metadata The metadata returned by getID3::analyze(). + * @return int|false A UNIX timestamp for the media's creation date if available + * or a boolean FALSE if a timestamp could not be determined. + */ +function wp_get_media_creation_timestamp( $metadata ) { + $creation_date = false; + + if ( empty( $metadata['fileformat'] ) ) { + return $creation_date; + } + + switch ( $metadata['fileformat'] ) { + case 'asf': + if ( isset( $metadata['asf']['file_properties_object']['creation_date_unix'] ) ) { + $creation_date = (int) $metadata['asf']['file_properties_object']['creation_date_unix']; + } + break; + + case 'matroska': + case 'webm': + if ( isset( $metadata['matroska']['comments']['creation_time'][0] ) ) { + $creation_date = strtotime( $metadata['matroska']['comments']['creation_time'][0] ); + } elseif ( isset( $metadata['matroska']['info'][0]['DateUTC_unix'] ) ) { + $creation_date = (int) $metadata['matroska']['info'][0]['DateUTC_unix']; + } + break; + + case 'quicktime': + case 'mp4': + if ( isset( $metadata['quicktime']['moov']['subatoms'][0]['creation_time_unix'] ) ) { + $creation_date = (int) $metadata['quicktime']['moov']['subatoms'][0]['creation_time_unix']; + } + break; + } + + return $creation_date; +} + +/** + * Encapsulates the logic for Attach/Detach actions. + * + * @since 4.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $parent_id Attachment parent ID. + * @param string $action Optional. Attach/detach action. Accepts 'attach' or 'detach'. + * Default 'attach'. + */ +function wp_media_attach_action( $parent_id, $action = 'attach' ) { + global $wpdb; + + if ( ! $parent_id ) { + return; + } + + if ( ! current_user_can( 'edit_post', $parent_id ) ) { + wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); + } + + $ids = array(); + + foreach ( (array) $_REQUEST['media'] as $attachment_id ) { + $attachment_id = (int) $attachment_id; + + if ( ! current_user_can( 'edit_post', $attachment_id ) ) { + continue; + } + + $ids[] = $attachment_id; + } + + if ( ! empty( $ids ) ) { + $ids_string = implode( ',', $ids ); + + if ( 'attach' === $action ) { + $result = $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_parent = %d WHERE post_type = 'attachment' AND ID IN ( $ids_string )", $parent_id ) ); + } else { + $result = $wpdb->query( "UPDATE $wpdb->posts SET post_parent = 0 WHERE post_type = 'attachment' AND ID IN ( $ids_string )" ); + } + } + + if ( isset( $result ) ) { + foreach ( $ids as $attachment_id ) { + /** + * Fires when media is attached or detached from a post. + * + * @since 5.5.0 + * + * @param string $action Attach/detach action. Accepts 'attach' or 'detach'. + * @param int $attachment_id The attachment ID. + * @param int $parent_id Attachment parent ID. + */ + do_action( 'wp_media_attach_action', $action, $attachment_id, $parent_id ); + + clean_attachment_cache( $attachment_id ); + } + + $location = 'upload.php'; + $referer = wp_get_referer(); + + if ( $referer ) { + if ( str_contains( $referer, 'upload.php' ) ) { + $location = remove_query_arg( array( 'attached', 'detach' ), $referer ); + } + } + + $key = 'attach' === $action ? 'attached' : 'detach'; + $location = add_query_arg( array( $key => $result ), $location ); + + wp_redirect( $location ); + exit; + } +} diff --git a/wp-admin/includes/menu.php b/wp-admin/includes/menu.php new file mode 100644 index 0000000..da1b2eb --- /dev/null +++ b/wp-admin/includes/menu.php @@ -0,0 +1,383 @@ +<?php +/** + * Build Administration Menu. + * + * @package WordPress + * @subpackage Administration + */ + +if ( is_network_admin() ) { + + /** + * Fires before the administration menu loads in the Network Admin. + * + * The hook fires before menus and sub-menus are removed based on user privileges. + * + * @private + * @since 3.1.0 + */ + do_action( '_network_admin_menu' ); +} elseif ( is_user_admin() ) { + + /** + * Fires before the administration menu loads in the User Admin. + * + * The hook fires before menus and sub-menus are removed based on user privileges. + * + * @private + * @since 3.1.0 + */ + do_action( '_user_admin_menu' ); +} else { + + /** + * Fires before the administration menu loads in the admin. + * + * The hook fires before menus and sub-menus are removed based on user privileges. + * + * @private + * @since 2.2.0 + */ + do_action( '_admin_menu' ); +} + +// Create list of page plugin hook names. +foreach ( $menu as $menu_page ) { + $pos = strpos( $menu_page[2], '?' ); + + if ( false !== $pos ) { + // Handle post_type=post|page|foo pages. + $hook_name = substr( $menu_page[2], 0, $pos ); + $hook_args = substr( $menu_page[2], $pos + 1 ); + wp_parse_str( $hook_args, $hook_args ); + + // Set the hook name to be the post type. + if ( isset( $hook_args['post_type'] ) ) { + $hook_name = $hook_args['post_type']; + } else { + $hook_name = basename( $hook_name, '.php' ); + } + unset( $hook_args ); + } else { + $hook_name = basename( $menu_page[2], '.php' ); + } + + $hook_name = sanitize_title( $hook_name ); + + if ( isset( $compat[ $hook_name ] ) ) { + $hook_name = $compat[ $hook_name ]; + } elseif ( ! $hook_name ) { + continue; + } + + $admin_page_hooks[ $menu_page[2] ] = $hook_name; +} +unset( $menu_page, $compat ); + +$_wp_submenu_nopriv = array(); +$_wp_menu_nopriv = array(); +// Loop over submenus and remove pages for which the user does not have privs. +foreach ( $submenu as $parent => $sub ) { + foreach ( $sub as $index => $data ) { + if ( ! current_user_can( $data[1] ) ) { + unset( $submenu[ $parent ][ $index ] ); + $_wp_submenu_nopriv[ $parent ][ $data[2] ] = true; + } + } + unset( $index, $data ); + + if ( empty( $submenu[ $parent ] ) ) { + unset( $submenu[ $parent ] ); + } +} +unset( $sub, $parent ); + +/* + * Loop over the top-level menu. + * Menus for which the original parent is not accessible due to lack of privileges + * will have the next submenu in line be assigned as the new menu parent. + */ +foreach ( $menu as $id => $data ) { + if ( empty( $submenu[ $data[2] ] ) ) { + continue; + } + + $subs = $submenu[ $data[2] ]; + $first_sub = reset( $subs ); + $old_parent = $data[2]; + $new_parent = $first_sub[2]; + + /* + * If the first submenu is not the same as the assigned parent, + * make the first submenu the new parent. + */ + if ( $new_parent !== $old_parent ) { + $_wp_real_parent_file[ $old_parent ] = $new_parent; + + $menu[ $id ][2] = $new_parent; + + foreach ( $submenu[ $old_parent ] as $index => $data ) { + $submenu[ $new_parent ][ $index ] = $submenu[ $old_parent ][ $index ]; + unset( $submenu[ $old_parent ][ $index ] ); + } + unset( $submenu[ $old_parent ], $index ); + + if ( isset( $_wp_submenu_nopriv[ $old_parent ] ) ) { + $_wp_submenu_nopriv[ $new_parent ] = $_wp_submenu_nopriv[ $old_parent ]; + } + } +} +unset( $id, $data, $subs, $first_sub, $old_parent, $new_parent ); + +if ( is_network_admin() ) { + + /** + * Fires before the administration menu loads in the Network Admin. + * + * @since 3.1.0 + * + * @param string $context Empty context. + */ + do_action( 'network_admin_menu', '' ); +} elseif ( is_user_admin() ) { + + /** + * Fires before the administration menu loads in the User Admin. + * + * @since 3.1.0 + * + * @param string $context Empty context. + */ + do_action( 'user_admin_menu', '' ); +} else { + + /** + * Fires before the administration menu loads in the admin. + * + * @since 1.5.0 + * + * @param string $context Empty context. + */ + do_action( 'admin_menu', '' ); +} + +/* + * Remove menus that have no accessible submenus and require privileges + * that the user does not have. Run re-parent loop again. + */ +foreach ( $menu as $id => $data ) { + if ( ! current_user_can( $data[1] ) ) { + $_wp_menu_nopriv[ $data[2] ] = true; + } + + /* + * If there is only one submenu and it is has same destination as the parent, + * remove the submenu. + */ + if ( ! empty( $submenu[ $data[2] ] ) && 1 === count( $submenu[ $data[2] ] ) ) { + $subs = $submenu[ $data[2] ]; + $first_sub = reset( $subs ); + + if ( $data[2] === $first_sub[2] ) { + unset( $submenu[ $data[2] ] ); + } + } + + // If submenu is empty... + if ( empty( $submenu[ $data[2] ] ) ) { + // And user doesn't have privs, remove menu. + if ( isset( $_wp_menu_nopriv[ $data[2] ] ) ) { + unset( $menu[ $id ] ); + } + } +} +unset( $id, $data, $subs, $first_sub ); + +/** + * Adds a CSS class to a string. + * + * @since 2.7.0 + * + * @param string $class_to_add The CSS class to add. + * @param string $classes The string to add the CSS class to. + * @return string The string with the CSS class added. + */ +function add_cssclass( $class_to_add, $classes ) { + if ( empty( $classes ) ) { + return $class_to_add; + } + + return $classes . ' ' . $class_to_add; +} + +/** + * Adds CSS classes for top-level administration menu items. + * + * The list of added classes includes `.menu-top-first` and `.menu-top-last`. + * + * @since 2.7.0 + * + * @param array $menu The array of administration menu items. + * @return array The array of administration menu items with the CSS classes added. + */ +function add_menu_classes( $menu ) { + $first_item = false; + $last_order = false; + $items_count = count( $menu ); + + $i = 0; + + foreach ( $menu as $order => $top ) { + ++$i; + + if ( 0 === $order ) { // Dashboard is always shown/single. + $menu[0][4] = add_cssclass( 'menu-top-first', $top[4] ); + $last_order = 0; + continue; + } + + if ( str_starts_with( $top[2], 'separator' ) && false !== $last_order ) { // If separator. + $first_item = true; + $classes = $menu[ $last_order ][4]; + + $menu[ $last_order ][4] = add_cssclass( 'menu-top-last', $classes ); + continue; + } + + if ( $first_item ) { + $first_item = false; + $classes = $menu[ $order ][4]; + + $menu[ $order ][4] = add_cssclass( 'menu-top-first', $classes ); + } + + if ( $i === $items_count ) { // Last item. + $classes = $menu[ $order ][4]; + + $menu[ $order ][4] = add_cssclass( 'menu-top-last', $classes ); + } + + $last_order = $order; + } + + /** + * Filters administration menu array with classes added for top-level items. + * + * @since 2.7.0 + * + * @param array $menu Associative array of administration menu items. + */ + return apply_filters( 'add_menu_classes', $menu ); +} + +uksort( $menu, 'strnatcasecmp' ); // Make it all pretty. + +/** + * Filters whether to enable custom ordering of the administration menu. + * + * See the {@see 'menu_order'} filter for reordering menu items. + * + * @since 2.8.0 + * + * @param bool $custom Whether custom ordering is enabled. Default false. + */ +if ( apply_filters( 'custom_menu_order', false ) ) { + $menu_order = array(); + + foreach ( $menu as $menu_item ) { + $menu_order[] = $menu_item[2]; + } + unset( $menu_item ); + + $default_menu_order = $menu_order; + + /** + * Filters the order of administration menu items. + * + * A truthy value must first be passed to the {@see 'custom_menu_order'} filter + * for this filter to work. Use the following to enable custom menu ordering: + * + * add_filter( 'custom_menu_order', '__return_true' ); + * + * @since 2.8.0 + * + * @param array $menu_order An ordered array of menu items. + */ + $menu_order = apply_filters( 'menu_order', $menu_order ); + $menu_order = array_flip( $menu_order ); + + $default_menu_order = array_flip( $default_menu_order ); + + /** + * @global array $menu_order + * @global array $default_menu_order + * + * @param array $a + * @param array $b + * @return int + */ + function sort_menu( $a, $b ) { + global $menu_order, $default_menu_order; + + $a = $a[2]; + $b = $b[2]; + + if ( isset( $menu_order[ $a ] ) && ! isset( $menu_order[ $b ] ) ) { + return -1; + } elseif ( ! isset( $menu_order[ $a ] ) && isset( $menu_order[ $b ] ) ) { + return 1; + } elseif ( isset( $menu_order[ $a ] ) && isset( $menu_order[ $b ] ) ) { + if ( $menu_order[ $a ] === $menu_order[ $b ] ) { + return 0; + } + return ( $menu_order[ $a ] < $menu_order[ $b ] ) ? -1 : 1; + } else { + return ( $default_menu_order[ $a ] <= $default_menu_order[ $b ] ) ? -1 : 1; + } + } + + usort( $menu, 'sort_menu' ); + unset( $menu_order, $default_menu_order ); +} + +// Prevent adjacent separators. +$prev_menu_was_separator = false; +foreach ( $menu as $id => $data ) { + if ( false === stristr( $data[4], 'wp-menu-separator' ) ) { + + // This item is not a separator, so falsey the toggler and do nothing. + $prev_menu_was_separator = false; + } else { + + // The previous item was a separator, so unset this one. + if ( true === $prev_menu_was_separator ) { + unset( $menu[ $id ] ); + } + + // This item is a separator, so truthy the toggler and move on. + $prev_menu_was_separator = true; + } +} +unset( $id, $data, $prev_menu_was_separator ); + +// Remove the last menu item if it is a separator. +$last_menu_key = array_keys( $menu ); +$last_menu_key = array_pop( $last_menu_key ); +if ( ! empty( $menu ) && 'wp-menu-separator' === $menu[ $last_menu_key ][4] ) { + unset( $menu[ $last_menu_key ] ); +} +unset( $last_menu_key ); + +if ( ! user_can_access_admin_page() ) { + + /** + * Fires when access to an admin page is denied. + * + * @since 2.5.0 + */ + do_action( 'admin_page_access_denied' ); + + wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); +} + +$menu = add_menu_classes( $menu ); diff --git a/wp-admin/includes/meta-boxes.php b/wp-admin/includes/meta-boxes.php new file mode 100644 index 0000000..5228076 --- /dev/null +++ b/wp-admin/includes/meta-boxes.php @@ -0,0 +1,1751 @@ +<?php +/** + * WordPress Administration Meta Boxes API. + * + * @package WordPress + * @subpackage Administration + */ + +// +// Post-related Meta Boxes. +// + +/** + * Displays post submit form fields. + * + * @since 2.7.0 + * + * @global string $action + * + * @param WP_Post $post Current post object. + * @param array $args { + * Array of arguments for building the post submit meta box. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type array $args Extra meta box arguments. + * } + */ +function post_submit_meta_box( $post, $args = array() ) { + global $action; + + $post_id = (int) $post->ID; + $post_type = $post->post_type; + $post_type_object = get_post_type_object( $post_type ); + $can_publish = current_user_can( $post_type_object->cap->publish_posts ); + ?> +<div class="submitbox" id="submitpost"> + +<div id="minor-publishing"> + + <?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key. ?> + <div style="display:none;"> + <?php submit_button( __( 'Save' ), '', 'save' ); ?> + </div> + + <div id="minor-publishing-actions"> + <div id="save-action"> + <?php + if ( ! in_array( $post->post_status, array( 'publish', 'future', 'pending' ), true ) ) { + $private_style = ''; + if ( 'private' === $post->post_status ) { + $private_style = 'style="display:none"'; + } + ?> + <input <?php echo $private_style; ?> type="submit" name="save" id="save-post" value="<?php esc_attr_e( 'Save Draft' ); ?>" class="button" /> + <span class="spinner"></span> + <?php } elseif ( 'pending' === $post->post_status && $can_publish ) { ?> + <input type="submit" name="save" id="save-post" value="<?php esc_attr_e( 'Save as Pending' ); ?>" class="button" /> + <span class="spinner"></span> + <?php } ?> + </div> + + <?php + if ( is_post_type_viewable( $post_type_object ) ) : + ?> + <div id="preview-action"> + <?php + $preview_link = esc_url( get_preview_post_link( $post ) ); + if ( 'publish' === $post->post_status ) { + $preview_button_text = __( 'Preview Changes' ); + } else { + $preview_button_text = __( 'Preview' ); + } + + $preview_button = sprintf( + '%1$s<span class="screen-reader-text"> %2$s</span>', + $preview_button_text, + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + <a class="preview button" href="<?php echo $preview_link; ?>" target="wp-preview-<?php echo $post_id; ?>" id="post-preview"><?php echo $preview_button; ?></a> + <input type="hidden" name="wp-preview" id="wp-preview" value="" /> + </div> + <?php + endif; + + /** + * Fires after the Save Draft (or Save as Pending) and Preview (or Preview Changes) buttons + * in the Publish meta box. + * + * @since 4.4.0 + * + * @param WP_Post $post WP_Post object for the current post. + */ + do_action( 'post_submitbox_minor_actions', $post ); + ?> + <div class="clear"></div> + </div> + + <div id="misc-publishing-actions"> + <div class="misc-pub-section misc-pub-post-status"> + <?php _e( 'Status:' ); ?> + <span id="post-status-display"> + <?php + switch ( $post->post_status ) { + case 'private': + _e( 'Privately Published' ); + break; + case 'publish': + _e( 'Published' ); + break; + case 'future': + _e( 'Scheduled' ); + break; + case 'pending': + _e( 'Pending Review' ); + break; + case 'draft': + case 'auto-draft': + _e( 'Draft' ); + break; + } + ?> + </span> + + <?php + if ( 'publish' === $post->post_status || 'private' === $post->post_status || $can_publish ) { + $private_style = ''; + if ( 'private' === $post->post_status ) { + $private_style = 'style="display:none"'; + } + ?> + <a href="#post_status" <?php echo $private_style; ?> class="edit-post-status hide-if-no-js" role="button"><span aria-hidden="true"><?php _e( 'Edit' ); ?></span> <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Edit status' ); + ?> + </span></a> + + <div id="post-status-select" class="hide-if-js"> + <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo esc_attr( ( 'auto-draft' === $post->post_status ) ? 'draft' : $post->post_status ); ?>" /> + <label for="post_status" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Set status' ); + ?> + </label> + <select name="post_status" id="post_status"> + <?php if ( 'publish' === $post->post_status ) : ?> + <option<?php selected( $post->post_status, 'publish' ); ?> value='publish'><?php _e( 'Published' ); ?></option> + <?php elseif ( 'private' === $post->post_status ) : ?> + <option<?php selected( $post->post_status, 'private' ); ?> value='publish'><?php _e( 'Privately Published' ); ?></option> + <?php elseif ( 'future' === $post->post_status ) : ?> + <option<?php selected( $post->post_status, 'future' ); ?> value='future'><?php _e( 'Scheduled' ); ?></option> + <?php endif; ?> + <option<?php selected( $post->post_status, 'pending' ); ?> value='pending'><?php _e( 'Pending Review' ); ?></option> + <?php if ( 'auto-draft' === $post->post_status ) : ?> + <option<?php selected( $post->post_status, 'auto-draft' ); ?> value='draft'><?php _e( 'Draft' ); ?></option> + <?php else : ?> + <option<?php selected( $post->post_status, 'draft' ); ?> value='draft'><?php _e( 'Draft' ); ?></option> + <?php endif; ?> + </select> + <a href="#post_status" class="save-post-status hide-if-no-js button"><?php _e( 'OK' ); ?></a> + <a href="#post_status" class="cancel-post-status hide-if-no-js button-cancel"><?php _e( 'Cancel' ); ?></a> + </div> + <?php + } + ?> + </div> + + <div class="misc-pub-section misc-pub-visibility" id="visibility"> + <?php _e( 'Visibility:' ); ?> + <span id="post-visibility-display"> + <?php + if ( 'private' === $post->post_status ) { + $post->post_password = ''; + $visibility = 'private'; + $visibility_trans = __( 'Private' ); + } elseif ( ! empty( $post->post_password ) ) { + $visibility = 'password'; + $visibility_trans = __( 'Password protected' ); + } elseif ( 'post' === $post_type && is_sticky( $post_id ) ) { + $visibility = 'public'; + $visibility_trans = __( 'Public, Sticky' ); + } else { + $visibility = 'public'; + $visibility_trans = __( 'Public' ); + } + + echo esc_html( $visibility_trans ); + ?> + </span> + + <?php if ( $can_publish ) { ?> + <a href="#visibility" class="edit-visibility hide-if-no-js" role="button"><span aria-hidden="true"><?php _e( 'Edit' ); ?></span> <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Edit visibility' ); + ?> + </span></a> + + <div id="post-visibility-select" class="hide-if-js"> + <input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo esc_attr( $post->post_password ); ?>" /> + <?php if ( 'post' === $post_type ) : ?> + <input type="checkbox" style="display:none" name="hidden_post_sticky" id="hidden-post-sticky" value="sticky" <?php checked( is_sticky( $post_id ) ); ?> /> + <?php endif; ?> + + <input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo esc_attr( $visibility ); ?>" /> + <input type="radio" name="visibility" id="visibility-radio-public" value="public" <?php checked( $visibility, 'public' ); ?> /> <label for="visibility-radio-public" class="selectit"><?php _e( 'Public' ); ?></label><br /> + + <?php if ( 'post' === $post_type && current_user_can( 'edit_others_posts' ) ) : ?> + <span id="sticky-span"><input id="sticky" name="sticky" type="checkbox" value="sticky" <?php checked( is_sticky( $post_id ) ); ?> /> <label for="sticky" class="selectit"><?php _e( 'Stick this post to the front page' ); ?></label><br /></span> + <?php endif; ?> + + <input type="radio" name="visibility" id="visibility-radio-password" value="password" <?php checked( $visibility, 'password' ); ?> /> <label for="visibility-radio-password" class="selectit"><?php _e( 'Password protected' ); ?></label><br /> + <span id="password-span"><label for="post_password"><?php _e( 'Password:' ); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo esc_attr( $post->post_password ); ?>" maxlength="255" /><br /></span> + + <input type="radio" name="visibility" id="visibility-radio-private" value="private" <?php checked( $visibility, 'private' ); ?> /> <label for="visibility-radio-private" class="selectit"><?php _e( 'Private' ); ?></label><br /> + + <p> + <a href="#visibility" class="save-post-visibility hide-if-no-js button"><?php _e( 'OK' ); ?></a> + <a href="#visibility" class="cancel-post-visibility hide-if-no-js button-cancel"><?php _e( 'Cancel' ); ?></a> + </p> + </div> + <?php } ?> + </div> + + <?php + /* translators: Publish box date string. 1: Date, 2: Time. See https://www.php.net/manual/datetime.format.php */ + $date_string = __( '%1$s at %2$s' ); + /* translators: Publish box date format, see https://www.php.net/manual/datetime.format.php */ + $date_format = _x( 'M j, Y', 'publish box date format' ); + /* translators: Publish box time format, see https://www.php.net/manual/datetime.format.php */ + $time_format = _x( 'H:i', 'publish box time format' ); + + if ( 0 !== $post_id ) { + if ( 'future' === $post->post_status ) { // Scheduled for publishing at a future date. + /* translators: Post date information. %s: Date on which the post is currently scheduled to be published. */ + $stamp = __( 'Scheduled for: %s' ); + } elseif ( 'publish' === $post->post_status || 'private' === $post->post_status ) { // Already published. + /* translators: Post date information. %s: Date on which the post was published. */ + $stamp = __( 'Published on: %s' ); + } elseif ( '0000-00-00 00:00:00' === $post->post_date_gmt ) { // Draft, 1 or more saves, no date specified. + $stamp = __( 'Publish <b>immediately</b>' ); + } elseif ( time() < strtotime( $post->post_date_gmt . ' +0000' ) ) { // Draft, 1 or more saves, future date specified. + /* translators: Post date information. %s: Date on which the post is to be published. */ + $stamp = __( 'Schedule for: %s' ); + } else { // Draft, 1 or more saves, date specified. + /* translators: Post date information. %s: Date on which the post is to be published. */ + $stamp = __( 'Publish on: %s' ); + } + $date = sprintf( + $date_string, + date_i18n( $date_format, strtotime( $post->post_date ) ), + date_i18n( $time_format, strtotime( $post->post_date ) ) + ); + } else { // Draft (no saves, and thus no date specified). + $stamp = __( 'Publish <b>immediately</b>' ); + $date = sprintf( + $date_string, + date_i18n( $date_format, strtotime( current_time( 'mysql' ) ) ), + date_i18n( $time_format, strtotime( current_time( 'mysql' ) ) ) + ); + } + + if ( ! empty( $args['args']['revisions_count'] ) ) : + ?> + <div class="misc-pub-section misc-pub-revisions"> + <?php + /* translators: Post revisions heading. %s: The number of available revisions. */ + printf( __( 'Revisions: %s' ), '<b>' . number_format_i18n( $args['args']['revisions_count'] ) . '</b>' ); + ?> + <a class="hide-if-no-js" href="<?php echo esc_url( get_edit_post_link( $args['args']['revision_id'] ) ); ?>"><span aria-hidden="true"><?php _ex( 'Browse', 'revisions' ); ?></span> <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Browse revisions' ); + ?> + </span></a> + </div> + <?php + endif; + + if ( $can_publish ) : // Contributors don't get to choose the date of publish. + ?> + <div class="misc-pub-section curtime misc-pub-curtime"> + <span id="timestamp"> + <?php printf( $stamp, '<b>' . $date . '</b>' ); ?> + </span> + <a href="#edit_timestamp" class="edit-timestamp hide-if-no-js" role="button"> + <span aria-hidden="true"><?php _e( 'Edit' ); ?></span> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Edit date and time' ); + ?> + </span> + </a> + <fieldset id="timestampdiv" class="hide-if-js"> + <legend class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Date and time' ); + ?> + </legend> + <?php touch_time( ( 'edit' === $action ), 1 ); ?> + </fieldset> + </div> + <?php + endif; + + if ( 'draft' === $post->post_status && get_post_meta( $post_id, '_customize_changeset_uuid', true ) ) : + $message = sprintf( + /* translators: %s: URL to the Customizer. */ + __( 'This draft comes from your <a href="%s">unpublished customization changes</a>. You can edit, but there is no need to publish now. It will be published automatically with those changes.' ), + esc_url( + add_query_arg( + 'changeset_uuid', + rawurlencode( get_post_meta( $post_id, '_customize_changeset_uuid', true ) ), + admin_url( 'customize.php' ) + ) + ) + ); + wp_admin_notice( + $message, + array( + 'type' => 'info', + 'additional_classes' => array( 'notice-alt', 'inline' ), + ) + ); + endif; + + /** + * Fires after the post time/date setting in the Publish meta box. + * + * @since 2.9.0 + * @since 4.4.0 Added the `$post` parameter. + * + * @param WP_Post $post WP_Post object for the current post. + */ + do_action( 'post_submitbox_misc_actions', $post ); + ?> + </div> + <div class="clear"></div> +</div> + +<div id="major-publishing-actions"> + <?php + /** + * Fires at the beginning of the publishing actions section of the Publish meta box. + * + * @since 2.7.0 + * @since 4.9.0 Added the `$post` parameter. + * + * @param WP_Post|null $post WP_Post object for the current post on Edit Post screen, + * null on Edit Link screen. + */ + do_action( 'post_submitbox_start', $post ); + ?> + <div id="delete-action"> + <?php + if ( current_user_can( 'delete_post', $post_id ) ) { + if ( ! EMPTY_TRASH_DAYS ) { + $delete_text = __( 'Delete permanently' ); + } else { + $delete_text = __( 'Move to Trash' ); + } + ?> + <a class="submitdelete deletion" href="<?php echo get_delete_post_link( $post_id ); ?>"><?php echo $delete_text; ?></a> + <?php + } + ?> + </div> + + <div id="publishing-action"> + <span class="spinner"></span> + <?php + if ( ! in_array( $post->post_status, array( 'publish', 'future', 'private' ), true ) || 0 === $post_id ) { + if ( $can_publish ) : + if ( ! empty( $post->post_date_gmt ) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : + ?> + <input name="original_publish" type="hidden" id="original_publish" value="<?php echo esc_attr_x( 'Schedule', 'post action/button label' ); ?>" /> + <?php submit_button( _x( 'Schedule', 'post action/button label' ), 'primary large', 'publish', false ); ?> + <?php + else : + ?> + <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e( 'Publish' ); ?>" /> + <?php submit_button( __( 'Publish' ), 'primary large', 'publish', false ); ?> + <?php + endif; + else : + ?> + <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e( 'Submit for Review' ); ?>" /> + <?php submit_button( __( 'Submit for Review' ), 'primary large', 'publish', false ); ?> + <?php + endif; + } else { + ?> + <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e( 'Update' ); ?>" /> + <?php submit_button( __( 'Update' ), 'primary large', 'save', false, array( 'id' => 'publish' ) ); ?> + <?php + } + ?> + </div> + <div class="clear"></div> +</div> + +</div> + <?php +} + +/** + * Displays attachment submit form fields. + * + * @since 3.5.0 + * + * @param WP_Post $post Current post object. + */ +function attachment_submit_meta_box( $post ) { + ?> +<div class="submitbox" id="submitpost"> + +<div id="minor-publishing"> + + <?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key. ?> +<div style="display:none;"> + <?php submit_button( __( 'Save' ), '', 'save' ); ?> +</div> + + +<div id="misc-publishing-actions"> + <div class="misc-pub-section curtime misc-pub-curtime"> + <span id="timestamp"> + <?php + $uploaded_on = sprintf( + /* translators: Publish box date string. 1: Date, 2: Time. See https://www.php.net/manual/datetime.format.php */ + __( '%1$s at %2$s' ), + /* translators: Publish box date format, see https://www.php.net/manual/datetime.format.php */ + date_i18n( _x( 'M j, Y', 'publish box date format' ), strtotime( $post->post_date ) ), + /* translators: Publish box time format, see https://www.php.net/manual/datetime.format.php */ + date_i18n( _x( 'H:i', 'publish box time format' ), strtotime( $post->post_date ) ) + ); + /* translators: Attachment information. %s: Date the attachment was uploaded. */ + printf( __( 'Uploaded on: %s' ), '<b>' . $uploaded_on . '</b>' ); + ?> + </span> + </div><!-- .misc-pub-section --> + + <?php + /** + * Fires after the 'Uploaded on' section of the Save meta box + * in the attachment editing screen. + * + * @since 3.5.0 + * @since 4.9.0 Added the `$post` parameter. + * + * @param WP_Post $post WP_Post object for the current attachment. + */ + do_action( 'attachment_submitbox_misc_actions', $post ); + ?> +</div><!-- #misc-publishing-actions --> +<div class="clear"></div> +</div><!-- #minor-publishing --> + +<div id="major-publishing-actions"> + <div id="delete-action"> + <?php + if ( current_user_can( 'delete_post', $post->ID ) ) { + if ( EMPTY_TRASH_DAYS && MEDIA_TRASH ) { + printf( + '<a class="submitdelete deletion" href="%1$s">%2$s</a>', + get_delete_post_link( $post->ID ), + __( 'Move to Trash' ) + ); + } else { + $show_confirmation = ! MEDIA_TRASH ? " onclick='return showNotice.warn();'" : ''; + + printf( + '<a class="submitdelete deletion"%1$s href="%2$s">%3$s</a>', + $show_confirmation, + get_delete_post_link( $post->ID, '', true ), + __( 'Delete permanently' ) + ); + } + } + ?> + </div> + + <div id="publishing-action"> + <span class="spinner"></span> + <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e( 'Update' ); ?>" /> + <input name="save" type="submit" class="button button-primary button-large" id="publish" value="<?php esc_attr_e( 'Update' ); ?>" /> + </div> + <div class="clear"></div> +</div><!-- #major-publishing-actions --> + +</div> + + <?php +} + +/** + * Displays post format form elements. + * + * @since 3.1.0 + * + * @param WP_Post $post Current post object. + * @param array $box { + * Post formats meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type array $args Extra meta box arguments. + * } + */ +function post_format_meta_box( $post, $box ) { + if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) ) : + $post_formats = get_theme_support( 'post-formats' ); + + if ( is_array( $post_formats[0] ) ) : + $post_format = get_post_format( $post->ID ); + if ( ! $post_format ) { + $post_format = '0'; + } + // Add in the current one if it isn't there yet, in case the active theme doesn't support it. + if ( $post_format && ! in_array( $post_format, $post_formats[0], true ) ) { + $post_formats[0][] = $post_format; + } + ?> + <div id="post-formats-select"> + <fieldset> + <legend class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Post Formats' ); + ?> + </legend> + <input type="radio" name="post_format" class="post-format" id="post-format-0" value="0" <?php checked( $post_format, '0' ); ?> /> <label for="post-format-0" class="post-format-icon post-format-standard"><?php echo get_post_format_string( 'standard' ); ?></label> + <?php foreach ( $post_formats[0] as $format ) : ?> + <br /><input type="radio" name="post_format" class="post-format" id="post-format-<?php echo esc_attr( $format ); ?>" value="<?php echo esc_attr( $format ); ?>" <?php checked( $post_format, $format ); ?> /> <label for="post-format-<?php echo esc_attr( $format ); ?>" class="post-format-icon post-format-<?php echo esc_attr( $format ); ?>"><?php echo esc_html( get_post_format_string( $format ) ); ?></label> + <?php endforeach; ?> + </fieldset> + </div> + <?php + endif; +endif; +} + +/** + * Displays post tags form fields. + * + * @since 2.6.0 + * + * @todo Create taxonomy-agnostic wrapper for this. + * + * @param WP_Post $post Current post object. + * @param array $box { + * Tags meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type array $args { + * Extra meta box arguments. + * + * @type string $taxonomy Taxonomy. Default 'post_tag'. + * } + * } + */ +function post_tags_meta_box( $post, $box ) { + $defaults = array( 'taxonomy' => 'post_tag' ); + if ( ! isset( $box['args'] ) || ! is_array( $box['args'] ) ) { + $args = array(); + } else { + $args = $box['args']; + } + $parsed_args = wp_parse_args( $args, $defaults ); + $tax_name = esc_attr( $parsed_args['taxonomy'] ); + $taxonomy = get_taxonomy( $parsed_args['taxonomy'] ); + $user_can_assign_terms = current_user_can( $taxonomy->cap->assign_terms ); + $comma = _x( ',', 'tag delimiter' ); + $terms_to_edit = get_terms_to_edit( $post->ID, $tax_name ); + if ( ! is_string( $terms_to_edit ) ) { + $terms_to_edit = ''; + } + ?> +<div class="tagsdiv" id="<?php echo $tax_name; ?>"> + <div class="jaxtag"> + <div class="nojs-tags hide-if-js"> + <label for="tax-input-<?php echo $tax_name; ?>"><?php echo $taxonomy->labels->add_or_remove_items; ?></label> + <p><textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php disabled( ! $user_can_assign_terms ); ?> aria-describedby="new-tag-<?php echo $tax_name; ?>-desc"><?php echo str_replace( ',', $comma . ' ', $terms_to_edit ); // textarea_escaped by esc_attr() ?></textarea></p> + </div> + <?php if ( $user_can_assign_terms ) : ?> + <div class="ajaxtag hide-if-no-js"> + <label class="screen-reader-text" for="new-tag-<?php echo $tax_name; ?>"><?php echo $taxonomy->labels->add_new_item; ?></label> + <input data-wp-taxonomy="<?php echo $tax_name; ?>" type="text" id="new-tag-<?php echo $tax_name; ?>" name="newtag[<?php echo $tax_name; ?>]" class="newtag form-input-tip" size="16" autocomplete="off" aria-describedby="new-tag-<?php echo $tax_name; ?>-desc" value="" /> + <input type="button" class="button tagadd" value="<?php esc_attr_e( 'Add' ); ?>" /> + </div> + <p class="howto" id="new-tag-<?php echo $tax_name; ?>-desc"><?php echo $taxonomy->labels->separate_items_with_commas; ?></p> + <?php elseif ( empty( $terms_to_edit ) ) : ?> + <p><?php echo $taxonomy->labels->no_terms; ?></p> + <?php endif; ?> + </div> + <ul class="tagchecklist" role="list"></ul> +</div> + <?php if ( $user_can_assign_terms ) : ?> +<p class="hide-if-no-js"><button type="button" class="button-link tagcloud-link" id="link-<?php echo $tax_name; ?>" aria-expanded="false"><?php echo $taxonomy->labels->choose_from_most_used; ?></button></p> +<?php endif; ?> + <?php +} + +/** + * Displays post categories form fields. + * + * @since 2.6.0 + * + * @todo Create taxonomy-agnostic wrapper for this. + * + * @param WP_Post $post Current post object. + * @param array $box { + * Categories meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type array $args { + * Extra meta box arguments. + * + * @type string $taxonomy Taxonomy. Default 'category'. + * } + * } + */ +function post_categories_meta_box( $post, $box ) { + $defaults = array( 'taxonomy' => 'category' ); + if ( ! isset( $box['args'] ) || ! is_array( $box['args'] ) ) { + $args = array(); + } else { + $args = $box['args']; + } + $parsed_args = wp_parse_args( $args, $defaults ); + $tax_name = esc_attr( $parsed_args['taxonomy'] ); + $taxonomy = get_taxonomy( $parsed_args['taxonomy'] ); + ?> + <div id="taxonomy-<?php echo $tax_name; ?>" class="categorydiv"> + <ul id="<?php echo $tax_name; ?>-tabs" class="category-tabs"> + <li class="tabs"><a href="#<?php echo $tax_name; ?>-all"><?php echo $taxonomy->labels->all_items; ?></a></li> + <li class="hide-if-no-js"><a href="#<?php echo $tax_name; ?>-pop"><?php echo esc_html( $taxonomy->labels->most_used ); ?></a></li> + </ul> + + <div id="<?php echo $tax_name; ?>-pop" class="tabs-panel" style="display: none;"> + <ul id="<?php echo $tax_name; ?>checklist-pop" class="categorychecklist form-no-clear" > + <?php $popular_ids = wp_popular_terms_checklist( $tax_name ); ?> + </ul> + </div> + + <div id="<?php echo $tax_name; ?>-all" class="tabs-panel"> + <?php + $name = ( 'category' === $tax_name ) ? 'post_category' : 'tax_input[' . $tax_name . ']'; + // Allows for an empty term set to be sent. 0 is an invalid term ID and will be ignored by empty() checks. + echo "<input type='hidden' name='{$name}[]' value='0' />"; + ?> + <ul id="<?php echo $tax_name; ?>checklist" data-wp-lists="list:<?php echo $tax_name; ?>" class="categorychecklist form-no-clear"> + <?php + wp_terms_checklist( + $post->ID, + array( + 'taxonomy' => $tax_name, + 'popular_cats' => $popular_ids, + ) + ); + ?> + </ul> + </div> + <?php if ( current_user_can( $taxonomy->cap->edit_terms ) ) : ?> + <div id="<?php echo $tax_name; ?>-adder" class="wp-hidden-children"> + <a id="<?php echo $tax_name; ?>-add-toggle" href="#<?php echo $tax_name; ?>-add" class="hide-if-no-js taxonomy-add-new"> + <?php + /* translators: %s: Add New taxonomy label. */ + printf( __( '+ %s' ), $taxonomy->labels->add_new_item ); + ?> + </a> + <p id="<?php echo $tax_name; ?>-add" class="category-add wp-hidden-child"> + <label class="screen-reader-text" for="new<?php echo $tax_name; ?>"><?php echo $taxonomy->labels->add_new_item; ?></label> + <input type="text" name="new<?php echo $tax_name; ?>" id="new<?php echo $tax_name; ?>" class="form-required form-input-tip" value="<?php echo esc_attr( $taxonomy->labels->new_item_name ); ?>" aria-required="true" /> + <label class="screen-reader-text" for="new<?php echo $tax_name; ?>_parent"> + <?php echo $taxonomy->labels->parent_item_colon; ?> + </label> + <?php + $parent_dropdown_args = array( + 'taxonomy' => $tax_name, + 'hide_empty' => 0, + 'name' => 'new' . $tax_name . '_parent', + 'orderby' => 'name', + 'hierarchical' => 1, + 'show_option_none' => '— ' . $taxonomy->labels->parent_item . ' —', + ); + + /** + * Filters the arguments for the taxonomy parent dropdown on the Post Edit page. + * + * @since 4.4.0 + * + * @param array $parent_dropdown_args { + * Optional. Array of arguments to generate parent dropdown. + * + * @type string $taxonomy Name of the taxonomy to retrieve. + * @type bool $hide_if_empty True to skip generating markup if no + * categories are found. Default 0. + * @type string $name Value for the 'name' attribute + * of the select element. + * Default "new{$tax_name}_parent". + * @type string $orderby Which column to use for ordering + * terms. Default 'name'. + * @type bool|int $hierarchical Whether to traverse the taxonomy + * hierarchy. Default 1. + * @type string $show_option_none Text to display for the "none" option. + * Default "— {$parent} —", + * where `$parent` is 'parent_item' + * taxonomy label. + * } + */ + $parent_dropdown_args = apply_filters( 'post_edit_category_parent_dropdown_args', $parent_dropdown_args ); + + wp_dropdown_categories( $parent_dropdown_args ); + ?> + <input type="button" id="<?php echo $tax_name; ?>-add-submit" data-wp-lists="add:<?php echo $tax_name; ?>checklist:<?php echo $tax_name; ?>-add" class="button category-add-submit" value="<?php echo esc_attr( $taxonomy->labels->add_new_item ); ?>" /> + <?php wp_nonce_field( 'add-' . $tax_name, '_ajax_nonce-add-' . $tax_name, false ); ?> + <span id="<?php echo $tax_name; ?>-ajax-response"></span> + </p> + </div> + <?php endif; ?> + </div> + <?php +} + +/** + * Displays post excerpt form fields. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_excerpt_meta_box( $post ) { + ?> +<label class="screen-reader-text" for="excerpt"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Excerpt' ); + ?> +</label><textarea rows="1" cols="40" name="excerpt" id="excerpt"><?php echo $post->post_excerpt; // textarea_escaped ?></textarea> +<p> + <?php + printf( + /* translators: %s: Documentation URL. */ + __( 'Excerpts are optional hand-crafted summaries of your content that can be used in your theme. <a href="%s">Learn more about manual excerpts</a>.' ), + __( 'https://wordpress.org/documentation/article/what-is-an-excerpt-classic-editor/' ) + ); + ?> +</p> + <?php +} + +/** + * Displays trackback links form fields. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_trackback_meta_box( $post ) { + $form_trackback = '<input type="text" name="trackback_url" id="trackback_url" class="code" value="' . + esc_attr( str_replace( "\n", ' ', $post->to_ping ) ) . '" aria-describedby="trackback-url-desc" />'; + + if ( '' !== $post->pinged ) { + $pings = '<p>' . __( 'Already pinged:' ) . '</p><ul>'; + $already_pinged = explode( "\n", trim( $post->pinged ) ); + foreach ( $already_pinged as $pinged_url ) { + $pings .= "\n\t<li>" . esc_html( $pinged_url ) . '</li>'; + } + $pings .= '</ul>'; + } + + ?> +<p> + <label for="trackback_url"><?php _e( 'Send trackbacks to:' ); ?></label> + <?php echo $form_trackback; ?> +</p> +<p id="trackback-url-desc" class="howto"><?php _e( 'Separate multiple URLs with spaces' ); ?></p> +<p> + <?php + printf( + /* translators: %s: Documentation URL. */ + __( 'Trackbacks are a way to notify legacy blog systems that you’ve linked to them. If you link other WordPress sites, they’ll be notified automatically using <a href="%s">pingbacks</a>, no other action necessary.' ), + __( 'https://wordpress.org/documentation/article/introduction-to-blogging/#comments' ) + ); + ?> +</p> + <?php + if ( ! empty( $pings ) ) { + echo $pings; + } +} + +/** + * Displays custom fields form fields. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_custom_meta_box( $post ) { + ?> +<div id="postcustomstuff"> +<div id="ajax-response"></div> + <?php + $metadata = has_meta( $post->ID ); + foreach ( $metadata as $key => $value ) { + if ( is_protected_meta( $metadata[ $key ]['meta_key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post->ID, $metadata[ $key ]['meta_key'] ) ) { + unset( $metadata[ $key ] ); + } + } + list_meta( $metadata ); + meta_form( $post ); + ?> +</div> +<p> + <?php + printf( + /* translators: %s: Documentation URL. */ + __( 'Custom fields can be used to add extra metadata to a post that you can <a href="%s">use in your theme</a>.' ), + __( 'https://wordpress.org/documentation/article/assign-custom-fields/' ) + ); + ?> +</p> + <?php +} + +/** + * Displays comments status form fields. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_comment_status_meta_box( $post ) { + ?> +<input name="advanced_view" type="hidden" value="1" /> +<p class="meta-options"> + <label for="comment_status" class="selectit"><input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked( $post->comment_status, 'open' ); ?> /> <?php _e( 'Allow comments' ); ?></label><br /> + <label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked( $post->ping_status, 'open' ); ?> /> + <?php + printf( + /* translators: %s: Documentation URL. */ + __( 'Allow <a href="%s">trackbacks and pingbacks</a>' ), + __( 'https://wordpress.org/documentation/article/introduction-to-blogging/#managing-comments' ) + ); + ?> + </label> + <?php + /** + * Fires at the end of the Discussion meta box on the post editing screen. + * + * @since 3.1.0 + * + * @param WP_Post $post WP_Post object for the current post. + */ + do_action( 'post_comment_status_meta_box-options', $post ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + ?> +</p> + <?php +} + +/** + * Displays comments for post table header + * + * @since 3.0.0 + * + * @param array $result Table header rows. + * @return array + */ +function post_comment_meta_box_thead( $result ) { + unset( $result['cb'], $result['response'] ); + return $result; +} + +/** + * Displays comments for post. + * + * @since 2.8.0 + * + * @param WP_Post $post Current post object. + */ +function post_comment_meta_box( $post ) { + wp_nonce_field( 'get-comments', 'add_comment_nonce', false ); + ?> + <p class="hide-if-no-js" id="add-new-comment"><button type="button" class="button" onclick="window.commentReply && commentReply.addcomment(<?php echo $post->ID; ?>);"><?php _e( 'Add Comment' ); ?></button></p> + <?php + + $total = get_comments( + array( + 'post_id' => $post->ID, + 'count' => true, + 'orderby' => 'none', + ) + ); + $wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table' ); + $wp_list_table->display( true ); + + if ( 1 > $total ) { + echo '<p id="no-comments">' . __( 'No comments yet.' ) . '</p>'; + } else { + $hidden = get_hidden_meta_boxes( get_current_screen() ); + if ( ! in_array( 'commentsdiv', $hidden, true ) ) { + ?> + <script type="text/javascript">jQuery(function(){commentsBox.get(<?php echo $total; ?>, 10);});</script> + <?php + } + + ?> + <p class="hide-if-no-js" id="show-comments"><a href="#commentstatusdiv" onclick="commentsBox.load(<?php echo $total; ?>);return false;"><?php _e( 'Show comments' ); ?></a> <span class="spinner"></span></p> + <?php + } + + wp_comment_trashnotice(); +} + +/** + * Displays slug form fields. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_slug_meta_box( $post ) { + /** This filter is documented in wp-admin/edit-tag-form.php */ + $editable_slug = apply_filters( 'editable_slug', $post->post_name, $post ); + ?> +<label class="screen-reader-text" for="post_name"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Slug' ); + ?> +</label><input name="post_name" type="text" class="large-text" id="post_name" value="<?php echo esc_attr( $editable_slug ); ?>" /> + <?php +} + +/** + * Displays form field with list of authors. + * + * @since 2.6.0 + * + * @global int $user_ID + * + * @param WP_Post $post Current post object. + */ +function post_author_meta_box( $post ) { + global $user_ID; + + $post_type_object = get_post_type_object( $post->post_type ); + ?> +<label class="screen-reader-text" for="post_author_override"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Author' ); + ?> +</label> + <?php + wp_dropdown_users( + array( + 'capability' => array( $post_type_object->cap->edit_posts ), + 'name' => 'post_author_override', + 'selected' => empty( $post->ID ) ? $user_ID : $post->post_author, + 'include_selected' => true, + 'show' => 'display_name_with_login', + ) + ); +} + +/** + * Displays list of revisions. + * + * @since 2.6.0 + * + * @param WP_Post $post Current post object. + */ +function post_revisions_meta_box( $post ) { + wp_list_post_revisions( $post ); +} + +// +// Page-related Meta Boxes. +// + +/** + * Displays page attributes form fields. + * + * @since 2.7.0 + * + * @param WP_Post $post Current post object. + */ +function page_attributes_meta_box( $post ) { + if ( is_post_type_hierarchical( $post->post_type ) ) : + $dropdown_args = array( + 'post_type' => $post->post_type, + 'exclude_tree' => $post->ID, + 'selected' => $post->post_parent, + 'name' => 'parent_id', + 'show_option_none' => __( '(no parent)' ), + 'sort_column' => 'menu_order, post_title', + 'echo' => 0, + ); + + /** + * Filters the arguments used to generate a Pages drop-down element. + * + * @since 3.3.0 + * + * @see wp_dropdown_pages() + * + * @param array $dropdown_args Array of arguments used to generate the pages drop-down. + * @param WP_Post $post The current post. + */ + $dropdown_args = apply_filters( 'page_attributes_dropdown_pages_args', $dropdown_args, $post ); + $pages = wp_dropdown_pages( $dropdown_args ); + if ( ! empty( $pages ) ) : + ?> +<p class="post-attributes-label-wrapper parent-id-label-wrapper"><label class="post-attributes-label" for="parent_id"><?php _e( 'Parent' ); ?></label></p> + <?php echo $pages; ?> + <?php + endif; // End empty pages check. + endif; // End hierarchical check. + + if ( count( get_page_templates( $post ) ) > 0 && (int) get_option( 'page_for_posts' ) !== $post->ID ) : + $template = ! empty( $post->page_template ) ? $post->page_template : false; + ?> +<p class="post-attributes-label-wrapper page-template-label-wrapper"><label class="post-attributes-label" for="page_template"><?php _e( 'Template' ); ?></label> + <?php + /** + * Fires immediately after the label inside the 'Template' section + * of the 'Page Attributes' meta box. + * + * @since 4.4.0 + * + * @param string|false $template The template used for the current post. + * @param WP_Post $post The current post. + */ + do_action( 'page_attributes_meta_box_template', $template, $post ); + ?> +</p> +<select name="page_template" id="page_template"> + <?php + /** + * Filters the title of the default page template displayed in the drop-down. + * + * @since 4.1.0 + * + * @param string $label The display value for the default page template title. + * @param string $context Where the option label is displayed. Possible values + * include 'meta-box' or 'quick-edit'. + */ + $default_title = apply_filters( 'default_page_template_title', __( 'Default template' ), 'meta-box' ); + ?> +<option value="default"><?php echo esc_html( $default_title ); ?></option> + <?php page_template_dropdown( $template, $post->post_type ); ?> +</select> +<?php endif; ?> + <?php if ( post_type_supports( $post->post_type, 'page-attributes' ) ) : ?> +<p class="post-attributes-label-wrapper menu-order-label-wrapper"><label class="post-attributes-label" for="menu_order"><?php _e( 'Order' ); ?></label></p> +<input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo esc_attr( $post->menu_order ); ?>" /> + <?php + /** + * Fires before the help hint text in the 'Page Attributes' meta box. + * + * @since 4.9.0 + * + * @param WP_Post $post The current post. + */ + do_action( 'page_attributes_misc_attributes', $post ); + ?> + <?php if ( 'page' === $post->post_type && get_current_screen()->get_help_tabs() ) : ?> +<p class="post-attributes-help-text"><?php _e( 'Need help? Use the Help tab above the screen title.' ); ?></p> + <?php + endif; + endif; +} + +// +// Link-related Meta Boxes. +// + +/** + * Displays link create form fields. + * + * @since 2.7.0 + * + * @param object $link Current link object. + */ +function link_submit_meta_box( $link ) { + ?> +<div class="submitbox" id="submitlink"> + +<div id="minor-publishing"> + + <?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key. ?> +<div style="display:none;"> + <?php submit_button( __( 'Save' ), '', 'save', false ); ?> +</div> + +<div id="minor-publishing-actions"> +<div id="preview-action"> + <?php if ( ! empty( $link->link_id ) ) { ?> + <a class="preview button" href="<?php echo $link->link_url; ?>" target="_blank"><?php _e( 'Visit Link' ); ?></a> +<?php } ?> +</div> +<div class="clear"></div> +</div> + +<div id="misc-publishing-actions"> +<div class="misc-pub-section misc-pub-private"> + <label for="link_private" class="selectit"><input id="link_private" name="link_visible" type="checkbox" value="N" <?php checked( $link->link_visible, 'N' ); ?> /> <?php _e( 'Keep this link private' ); ?></label> +</div> +</div> + +</div> + +<div id="major-publishing-actions"> + <?php + /** This action is documented in wp-admin/includes/meta-boxes.php */ + do_action( 'post_submitbox_start', null ); + ?> +<div id="delete-action"> + <?php + if ( ! empty( $_GET['action'] ) && 'edit' === $_GET['action'] && current_user_can( 'manage_links' ) ) { + printf( + '<a class="submitdelete deletion" href="%s" onclick="return confirm( \'%s\' );">%s</a>', + wp_nonce_url( "link.php?action=delete&link_id=$link->link_id", 'delete-bookmark_' . $link->link_id ), + /* translators: %s: Link name. */ + esc_js( sprintf( __( "You are about to delete this link '%s'\n 'Cancel' to stop, 'OK' to delete." ), $link->link_name ) ), + __( 'Delete' ) + ); + } + ?> +</div> + +<div id="publishing-action"> + <?php if ( ! empty( $link->link_id ) ) { ?> + <input name="save" type="submit" class="button button-primary button-large" id="publish" value="<?php esc_attr_e( 'Update Link' ); ?>" /> +<?php } else { ?> + <input name="save" type="submit" class="button button-primary button-large" id="publish" value="<?php esc_attr_e( 'Add Link' ); ?>" /> +<?php } ?> +</div> +<div class="clear"></div> +</div> + <?php + /** + * Fires at the end of the Publish box in the Link editing screen. + * + * @since 2.5.0 + */ + do_action( 'submitlink_box' ); + ?> +<div class="clear"></div> +</div> + <?php +} + +/** + * Displays link categories form fields. + * + * @since 2.6.0 + * + * @param object $link Current link object. + */ +function link_categories_meta_box( $link ) { + ?> +<div id="taxonomy-linkcategory" class="categorydiv"> + <ul id="category-tabs" class="category-tabs"> + <li class="tabs"><a href="#categories-all"><?php _e( 'All categories' ); ?></a></li> + <li class="hide-if-no-js"><a href="#categories-pop"><?php _ex( 'Most Used', 'categories' ); ?></a></li> + </ul> + + <div id="categories-all" class="tabs-panel"> + <ul id="categorychecklist" data-wp-lists="list:category" class="categorychecklist form-no-clear"> + <?php + if ( isset( $link->link_id ) ) { + wp_link_category_checklist( $link->link_id ); + } else { + wp_link_category_checklist(); + } + ?> + </ul> + </div> + + <div id="categories-pop" class="tabs-panel" style="display: none;"> + <ul id="categorychecklist-pop" class="categorychecklist form-no-clear"> + <?php wp_popular_terms_checklist( 'link_category' ); ?> + </ul> + </div> + + <div id="category-adder" class="wp-hidden-children"> + <a id="category-add-toggle" href="#category-add" class="taxonomy-add-new"><?php _e( '+ Add New Category' ); ?></a> + <p id="link-category-add" class="wp-hidden-child"> + <label class="screen-reader-text" for="newcat"> + <?php + /* translators: Hidden accessibility text. */ + _e( '+ Add New Category' ); + ?> + </label> + <input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php esc_attr_e( 'New category name' ); ?>" aria-required="true" /> + <input type="button" id="link-category-add-submit" data-wp-lists="add:categorychecklist:link-category-add" class="button" value="<?php esc_attr_e( 'Add' ); ?>" /> + <?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?> + <span id="category-ajax-response"></span> + </p> + </div> +</div> + <?php +} + +/** + * Displays form fields for changing link target. + * + * @since 2.6.0 + * + * @param object $link Current link object. + */ +function link_target_meta_box( $link ) { + + ?> +<fieldset><legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Target' ); + ?> +</span></legend> +<p><label for="link_target_blank" class="selectit"> +<input id="link_target_blank" type="radio" name="link_target" value="_blank" <?php echo ( isset( $link->link_target ) && ( '_blank' === $link->link_target ) ? 'checked="checked"' : '' ); ?> /> + <?php _e( '<code>_blank</code> — new window or tab.' ); ?></label></p> +<p><label for="link_target_top" class="selectit"> +<input id="link_target_top" type="radio" name="link_target" value="_top" <?php echo ( isset( $link->link_target ) && ( '_top' === $link->link_target ) ? 'checked="checked"' : '' ); ?> /> + <?php _e( '<code>_top</code> — current window or tab, with no frames.' ); ?></label></p> +<p><label for="link_target_none" class="selectit"> +<input id="link_target_none" type="radio" name="link_target" value="" <?php echo ( isset( $link->link_target ) && ( '' === $link->link_target ) ? 'checked="checked"' : '' ); ?> /> + <?php _e( '<code>_none</code> — same window or tab.' ); ?></label></p> +</fieldset> +<p><?php _e( 'Choose the target frame for your link.' ); ?></p> + <?php +} + +/** + * Displays 'checked' checkboxes attribute for XFN microformat options. + * + * @since 1.0.1 + * + * @global object $link Current link object. + * + * @param string $xfn_relationship XFN relationship category. Possible values are: + * 'friendship', 'physical', 'professional', + * 'geographical', 'family', 'romantic', 'identity'. + * @param string $xfn_value Optional. The XFN value to mark as checked + * if it matches the current link's relationship. + * Default empty string. + * @param mixed $deprecated Deprecated. Not used. + */ +function xfn_check( $xfn_relationship, $xfn_value = '', $deprecated = '' ) { + global $link; + + if ( ! empty( $deprecated ) ) { + _deprecated_argument( __FUNCTION__, '2.5.0' ); // Never implemented. + } + + $link_rel = isset( $link->link_rel ) ? $link->link_rel : ''; // In PHP 5.3: $link_rel = $link->link_rel ?: ''; + $link_rels = preg_split( '/\s+/', $link_rel ); + + // Mark the specified value as checked if it matches the current link's relationship. + if ( '' !== $xfn_value && in_array( $xfn_value, $link_rels, true ) ) { + echo ' checked="checked"'; + } + + if ( '' === $xfn_value ) { + // Mark the 'none' value as checked if the current link does not match the specified relationship. + if ( 'family' === $xfn_relationship + && ! array_intersect( $link_rels, array( 'child', 'parent', 'sibling', 'spouse', 'kin' ) ) + ) { + echo ' checked="checked"'; + } + + if ( 'friendship' === $xfn_relationship + && ! array_intersect( $link_rels, array( 'friend', 'acquaintance', 'contact' ) ) + ) { + echo ' checked="checked"'; + } + + if ( 'geographical' === $xfn_relationship + && ! array_intersect( $link_rels, array( 'co-resident', 'neighbor' ) ) + ) { + echo ' checked="checked"'; + } + + // Mark the 'me' value as checked if it matches the current link's relationship. + if ( 'identity' === $xfn_relationship + && in_array( 'me', $link_rels, true ) + ) { + echo ' checked="checked"'; + } + } +} + +/** + * Displays XFN form fields. + * + * @since 2.6.0 + * + * @param object $link Current link object. + */ +function link_xfn_meta_box( $link ) { + ?> +<table class="links-table"> + <tr> + <th scope="row"><label for="link_rel"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'rel:' ); ?></label></th> + <td><input type="text" name="link_rel" id="link_rel" value="<?php echo ( isset( $link->link_rel ) ? esc_attr( $link->link_rel ) : '' ); ?>" /></td> + </tr> + <tr> + <th scope="row"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'identity' ); ?></th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'identity' ); + ?> + </span></legend> + <label for="me"> + <input type="checkbox" name="identity" value="me" id="me" <?php xfn_check( 'identity', 'me' ); ?> /> + <?php _e( 'another web address of mine' ); ?></label> + </fieldset></td> + </tr> + <tr> + <th scope="row"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'friendship' ); ?></th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'friendship' ); + ?> + </span></legend> + <label for="contact"> + <input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check( 'friendship', 'contact' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'contact' ); ?> + </label> + <label for="acquaintance"> + <input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check( 'friendship', 'acquaintance' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'acquaintance' ); ?> + </label> + <label for="friend"> + <input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check( 'friendship', 'friend' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'friend' ); ?> + </label> + <label for="friendship"> + <input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check( 'friendship' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'none' ); ?> + </label> + </fieldset></td> + </tr> + <tr> + <th scope="row"> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'physical' ); ?> </th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'physical' ); + ?> + </span></legend> + <label for="met"> + <input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check( 'physical', 'met' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'met' ); ?> + </label> + </fieldset></td> + </tr> + <tr> + <th scope="row"> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'professional' ); ?> </th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'professional' ); + ?> + </span></legend> + <label for="co-worker"> + <input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check( 'professional', 'co-worker' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'co-worker' ); ?> + </label> + <label for="colleague"> + <input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check( 'professional', 'colleague' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'colleague' ); ?> + </label> + </fieldset></td> + </tr> + <tr> + <th scope="row"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'geographical' ); ?></th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'geographical' ); + ?> + </span></legend> + <label for="co-resident"> + <input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check( 'geographical', 'co-resident' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'co-resident' ); ?> + </label> + <label for="neighbor"> + <input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check( 'geographical', 'neighbor' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'neighbor' ); ?> + </label> + <label for="geographical"> + <input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check( 'geographical' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'none' ); ?> + </label> + </fieldset></td> + </tr> + <tr> + <th scope="row"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'family' ); ?></th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'family' ); + ?> + </span></legend> + <label for="child"> + <input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check( 'family', 'child' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'child' ); ?> + </label> + <label for="kin"> + <input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check( 'family', 'kin' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'kin' ); ?> + </label> + <label for="parent"> + <input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check( 'family', 'parent' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'parent' ); ?> + </label> + <label for="sibling"> + <input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check( 'family', 'sibling' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'sibling' ); ?> + </label> + <label for="spouse"> + <input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check( 'family', 'spouse' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'spouse' ); ?> + </label> + <label for="family"> + <input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check( 'family' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'none' ); ?> + </label> + </fieldset></td> + </tr> + <tr> + <th scope="row"><?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'romantic' ); ?></th> + <td><fieldset> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. xfn: https://gmpg.org/xfn/ */ + _e( 'romantic' ); + ?> + </span></legend> + <label for="muse"> + <input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check( 'romantic', 'muse' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'muse' ); ?> + </label> + <label for="crush"> + <input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check( 'romantic', 'crush' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'crush' ); ?> + </label> + <label for="date"> + <input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check( 'romantic', 'date' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'date' ); ?> + </label> + <label for="romantic"> + <input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check( 'romantic', 'sweetheart' ); ?> /> <?php /* translators: xfn: https://gmpg.org/xfn/ */ _e( 'sweetheart' ); ?> + </label> + </fieldset></td> + </tr> + +</table> +<p><?php _e( 'If the link is to a person, you can specify your relationship with them using the above form. If you would like to learn more about the idea check out <a href="https://gmpg.org/xfn/">XFN</a>.' ); ?></p> + <?php +} + +/** + * Displays advanced link options form fields. + * + * @since 2.6.0 + * + * @param object $link Current link object. + */ +function link_advanced_meta_box( $link ) { + ?> +<table class="links-table" cellpadding="0"> + <tr> + <th scope="row"><label for="link_image"><?php _e( 'Image Address' ); ?></label></th> + <td><input type="text" name="link_image" class="code" id="link_image" maxlength="255" value="<?php echo ( isset( $link->link_image ) ? esc_attr( $link->link_image ) : '' ); ?>" /></td> + </tr> + <tr> + <th scope="row"><label for="rss_uri"><?php _e( 'RSS Address' ); ?></label></th> + <td><input name="link_rss" class="code" type="text" id="rss_uri" maxlength="255" value="<?php echo ( isset( $link->link_rss ) ? esc_attr( $link->link_rss ) : '' ); ?>" /></td> + </tr> + <tr> + <th scope="row"><label for="link_notes"><?php _e( 'Notes' ); ?></label></th> + <td><textarea name="link_notes" id="link_notes" rows="10"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : '' ); // textarea_escaped ?></textarea></td> + </tr> + <tr> + <th scope="row"><label for="link_rating"><?php _e( 'Rating' ); ?></label></th> + <td><select name="link_rating" id="link_rating" size="1"> + <?php + for ( $rating = 0; $rating <= 10; $rating++ ) { + echo '<option value="' . $rating . '"'; + if ( isset( $link->link_rating ) && $link->link_rating === $rating ) { + echo ' selected="selected"'; + } + echo '>' . $rating . '</option>'; + } + ?> + </select> <?php _e( '(Leave at 0 for no rating.)' ); ?> + </td> + </tr> +</table> + <?php +} + +/** + * Displays post thumbnail meta box. + * + * @since 2.9.0 + * + * @param WP_Post $post Current post object. + */ +function post_thumbnail_meta_box( $post ) { + $thumbnail_id = get_post_meta( $post->ID, '_thumbnail_id', true ); + echo _wp_post_thumbnail_html( $thumbnail_id, $post->ID ); +} + +/** + * Displays fields for ID3 data. + * + * @since 3.9.0 + * + * @param WP_Post $post Current post object. + */ +function attachment_id3_data_meta_box( $post ) { + $meta = array(); + if ( ! empty( $post->ID ) ) { + $meta = wp_get_attachment_metadata( $post->ID ); + } + + foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) : + $value = ''; + if ( ! empty( $meta[ $key ] ) ) { + $value = $meta[ $key ]; + } + ?> + <p> + <label for="title"><?php echo $label; ?></label><br /> + <input type="text" name="id3_<?php echo esc_attr( $key ); ?>" id="id3_<?php echo esc_attr( $key ); ?>" class="large-text" value="<?php echo esc_attr( $value ); ?>" /> + </p> + <?php + endforeach; +} + +/** + * Registers the default post meta boxes, and runs the `do_meta_boxes` actions. + * + * @since 5.0.0 + * + * @param WP_Post $post The post object that these meta boxes are being generated for. + */ +function register_and_do_post_meta_boxes( $post ) { + $post_type = $post->post_type; + $post_type_object = get_post_type_object( $post_type ); + + $thumbnail_support = current_theme_supports( 'post-thumbnails', $post_type ) && post_type_supports( $post_type, 'thumbnail' ); + if ( ! $thumbnail_support && 'attachment' === $post_type && $post->post_mime_type ) { + if ( wp_attachment_is( 'audio', $post ) ) { + $thumbnail_support = post_type_supports( 'attachment:audio', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:audio' ); + } elseif ( wp_attachment_is( 'video', $post ) ) { + $thumbnail_support = post_type_supports( 'attachment:video', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:video' ); + } + } + + $publish_callback_args = array( '__back_compat_meta_box' => true ); + + if ( post_type_supports( $post_type, 'revisions' ) && 'auto-draft' !== $post->post_status ) { + $revisions = wp_get_latest_revision_id_and_total_count( $post->ID ); + + // We should aim to show the revisions meta box only when there are revisions. + if ( ! is_wp_error( $revisions ) && $revisions['count'] > 1 ) { + $publish_callback_args = array( + 'revisions_count' => $revisions['count'], + 'revision_id' => $revisions['latest_id'], + '__back_compat_meta_box' => true, + ); + + add_meta_box( 'revisionsdiv', __( 'Revisions' ), 'post_revisions_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + } + + if ( 'attachment' === $post_type ) { + wp_enqueue_script( 'image-edit' ); + wp_enqueue_style( 'imgareaselect' ); + add_meta_box( 'submitdiv', __( 'Save' ), 'attachment_submit_meta_box', null, 'side', 'core', array( '__back_compat_meta_box' => true ) ); + add_action( 'edit_form_after_title', 'edit_form_image_editor' ); + + if ( wp_attachment_is( 'audio', $post ) ) { + add_meta_box( 'attachment-id3', __( 'Metadata' ), 'attachment_id3_data_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + } else { + add_meta_box( 'submitdiv', __( 'Publish' ), 'post_submit_meta_box', null, 'side', 'core', $publish_callback_args ); + } + + if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post_type, 'post-formats' ) ) { + add_meta_box( 'formatdiv', _x( 'Format', 'post format' ), 'post_format_meta_box', null, 'side', 'core', array( '__back_compat_meta_box' => true ) ); + } + + // All taxonomies. + foreach ( get_object_taxonomies( $post ) as $tax_name ) { + $taxonomy = get_taxonomy( $tax_name ); + if ( ! $taxonomy->show_ui || false === $taxonomy->meta_box_cb ) { + continue; + } + + $label = $taxonomy->labels->name; + + if ( ! is_taxonomy_hierarchical( $tax_name ) ) { + $tax_meta_box_id = 'tagsdiv-' . $tax_name; + } else { + $tax_meta_box_id = $tax_name . 'div'; + } + + add_meta_box( + $tax_meta_box_id, + $label, + $taxonomy->meta_box_cb, + null, + 'side', + 'core', + array( + 'taxonomy' => $tax_name, + '__back_compat_meta_box' => true, + ) + ); + } + + if ( post_type_supports( $post_type, 'page-attributes' ) || count( get_page_templates( $post ) ) > 0 ) { + add_meta_box( 'pageparentdiv', $post_type_object->labels->attributes, 'page_attributes_meta_box', null, 'side', 'core', array( '__back_compat_meta_box' => true ) ); + } + + if ( $thumbnail_support && current_user_can( 'upload_files' ) ) { + add_meta_box( 'postimagediv', esc_html( $post_type_object->labels->featured_image ), 'post_thumbnail_meta_box', null, 'side', 'low', array( '__back_compat_meta_box' => true ) ); + } + + if ( post_type_supports( $post_type, 'excerpt' ) ) { + add_meta_box( 'postexcerpt', __( 'Excerpt' ), 'post_excerpt_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + + if ( post_type_supports( $post_type, 'trackbacks' ) ) { + add_meta_box( 'trackbacksdiv', __( 'Send Trackbacks' ), 'post_trackback_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + + if ( post_type_supports( $post_type, 'custom-fields' ) ) { + add_meta_box( + 'postcustom', + __( 'Custom Fields' ), + 'post_custom_meta_box', + null, + 'normal', + 'core', + array( + '__back_compat_meta_box' => ! (bool) get_user_meta( get_current_user_id(), 'enable_custom_fields', true ), + '__block_editor_compatible_meta_box' => true, + ) + ); + } + + /** + * Fires in the middle of built-in meta box registration. + * + * @since 2.1.0 + * @deprecated 3.7.0 Use {@see 'add_meta_boxes'} instead. + * + * @param WP_Post $post Post object. + */ + do_action_deprecated( 'dbx_post_advanced', array( $post ), '3.7.0', 'add_meta_boxes' ); + + /* + * Allow the Discussion meta box to show up if the post type supports comments, + * or if comments or pings are open. + */ + if ( comments_open( $post ) || pings_open( $post ) || post_type_supports( $post_type, 'comments' ) ) { + add_meta_box( 'commentstatusdiv', __( 'Discussion' ), 'post_comment_status_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + + $stati = get_post_stati( array( 'public' => true ) ); + if ( empty( $stati ) ) { + $stati = array( 'publish' ); + } + $stati[] = 'private'; + + if ( in_array( get_post_status( $post ), $stati, true ) ) { + /* + * If the post type support comments, or the post has comments, + * allow the Comments meta box. + */ + if ( comments_open( $post ) || pings_open( $post ) || $post->comment_count > 0 || post_type_supports( $post_type, 'comments' ) ) { + add_meta_box( 'commentsdiv', __( 'Comments' ), 'post_comment_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + } + + if ( ! ( 'pending' === get_post_status( $post ) && ! current_user_can( $post_type_object->cap->publish_posts ) ) ) { + add_meta_box( 'slugdiv', __( 'Slug' ), 'post_slug_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + + if ( post_type_supports( $post_type, 'author' ) && current_user_can( $post_type_object->cap->edit_others_posts ) ) { + add_meta_box( 'authordiv', __( 'Author' ), 'post_author_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) ); + } + + /** + * Fires after all built-in meta boxes have been added. + * + * @since 3.0.0 + * + * @param string $post_type Post type. + * @param WP_Post $post Post object. + */ + do_action( 'add_meta_boxes', $post_type, $post ); + + /** + * Fires after all built-in meta boxes have been added, contextually for the given post type. + * + * The dynamic portion of the hook name, `$post_type`, refers to the post type of the post. + * + * Possible hook names include: + * + * - `add_meta_boxes_post` + * - `add_meta_boxes_page` + * - `add_meta_boxes_attachment` + * + * @since 3.0.0 + * + * @param WP_Post $post Post object. + */ + do_action( "add_meta_boxes_{$post_type}", $post ); + + /** + * Fires after meta boxes have been added. + * + * Fires once for each of the default meta box contexts: normal, advanced, and side. + * + * @since 3.0.0 + * + * @param string $post_type Post type of the post on Edit Post screen, 'link' on Edit Link screen, + * 'dashboard' on Dashboard screen. + * @param string $context Meta box context. Possible values include 'normal', 'advanced', 'side'. + * @param WP_Post|object|string $post Post object on Edit Post screen, link object on Edit Link screen, + * an empty string on Dashboard screen. + */ + do_action( 'do_meta_boxes', $post_type, 'normal', $post ); + /** This action is documented in wp-admin/includes/meta-boxes.php */ + do_action( 'do_meta_boxes', $post_type, 'advanced', $post ); + /** This action is documented in wp-admin/includes/meta-boxes.php */ + do_action( 'do_meta_boxes', $post_type, 'side', $post ); +} diff --git a/wp-admin/includes/misc.php b/wp-admin/includes/misc.php new file mode 100644 index 0000000..0902820 --- /dev/null +++ b/wp-admin/includes/misc.php @@ -0,0 +1,1644 @@ +<?php +/** + * Misc WordPress Administration API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Returns whether the server is running Apache with the mod_rewrite module loaded. + * + * @since 2.0.0 + * + * @return bool Whether the server is running Apache with the mod_rewrite module loaded. + */ +function got_mod_rewrite() { + $got_rewrite = apache_mod_loaded( 'mod_rewrite', true ); + + /** + * Filters whether Apache and mod_rewrite are present. + * + * This filter was previously used to force URL rewriting for other servers, + * like nginx. Use the {@see 'got_url_rewrite'} filter in got_url_rewrite() instead. + * + * @since 2.5.0 + * + * @see got_url_rewrite() + * + * @param bool $got_rewrite Whether Apache and mod_rewrite are present. + */ + return apply_filters( 'got_rewrite', $got_rewrite ); +} + +/** + * Returns whether the server supports URL rewriting. + * + * Detects Apache's mod_rewrite, IIS 7.0+ permalink support, and nginx. + * + * @since 3.7.0 + * + * @global bool $is_nginx + * + * @return bool Whether the server supports URL rewriting. + */ +function got_url_rewrite() { + $got_url_rewrite = ( got_mod_rewrite() || $GLOBALS['is_nginx'] || iis7_supports_permalinks() ); + + /** + * Filters whether URL rewriting is available. + * + * @since 3.7.0 + * + * @param bool $got_url_rewrite Whether URL rewriting is available. + */ + return apply_filters( 'got_url_rewrite', $got_url_rewrite ); +} + +/** + * Extracts strings from between the BEGIN and END markers in the .htaccess file. + * + * @since 1.5.0 + * + * @param string $filename Filename to extract the strings from. + * @param string $marker The marker to extract the strings from. + * @return string[] An array of strings from a file (.htaccess) from between BEGIN and END markers. + */ +function extract_from_markers( $filename, $marker ) { + $result = array(); + + if ( ! file_exists( $filename ) ) { + return $result; + } + + $markerdata = explode( "\n", implode( '', file( $filename ) ) ); + + $state = false; + + foreach ( $markerdata as $markerline ) { + if ( str_contains( $markerline, '# END ' . $marker ) ) { + $state = false; + } + + if ( $state ) { + if ( str_starts_with( $markerline, '#' ) ) { + continue; + } + + $result[] = $markerline; + } + + if ( str_contains( $markerline, '# BEGIN ' . $marker ) ) { + $state = true; + } + } + + return $result; +} + +/** + * Inserts an array of strings into a file (.htaccess), placing it between + * BEGIN and END markers. + * + * Replaces existing marked info. Retains surrounding + * data. Creates file if none exists. + * + * @since 1.5.0 + * + * @param string $filename Filename to alter. + * @param string $marker The marker to alter. + * @param array|string $insertion The new content to insert. + * @return bool True on write success, false on failure. + */ +function insert_with_markers( $filename, $marker, $insertion ) { + if ( ! file_exists( $filename ) ) { + if ( ! is_writable( dirname( $filename ) ) ) { + return false; + } + + if ( ! touch( $filename ) ) { + return false; + } + + // Make sure the file is created with a minimum set of permissions. + $perms = fileperms( $filename ); + + if ( $perms ) { + chmod( $filename, $perms | 0644 ); + } + } elseif ( ! is_writable( $filename ) ) { + return false; + } + + if ( ! is_array( $insertion ) ) { + $insertion = explode( "\n", $insertion ); + } + + $switched_locale = switch_to_locale( get_locale() ); + + $instructions = sprintf( + /* translators: 1: Marker. */ + __( + 'The directives (lines) between "BEGIN %1$s" and "END %1$s" are +dynamically generated, and should only be modified via WordPress filters. +Any changes to the directives between these markers will be overwritten.' + ), + $marker + ); + + $instructions = explode( "\n", $instructions ); + + foreach ( $instructions as $line => $text ) { + $instructions[ $line ] = '# ' . $text; + } + + /** + * Filters the inline instructions inserted before the dynamically generated content. + * + * @since 5.3.0 + * + * @param string[] $instructions Array of lines with inline instructions. + * @param string $marker The marker being inserted. + */ + $instructions = apply_filters( 'insert_with_markers_inline_instructions', $instructions, $marker ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + $insertion = array_merge( $instructions, $insertion ); + + $start_marker = "# BEGIN {$marker}"; + $end_marker = "# END {$marker}"; + + $fp = fopen( $filename, 'r+' ); + + if ( ! $fp ) { + return false; + } + + // Attempt to get a lock. If the filesystem supports locking, this will block until the lock is acquired. + flock( $fp, LOCK_EX ); + + $lines = array(); + + while ( ! feof( $fp ) ) { + $lines[] = rtrim( fgets( $fp ), "\r\n" ); + } + + // Split out the existing file into the preceding lines, and those that appear after the marker. + $pre_lines = array(); + $post_lines = array(); + $existing_lines = array(); + $found_marker = false; + $found_end_marker = false; + + foreach ( $lines as $line ) { + if ( ! $found_marker && str_contains( $line, $start_marker ) ) { + $found_marker = true; + continue; + } elseif ( ! $found_end_marker && str_contains( $line, $end_marker ) ) { + $found_end_marker = true; + continue; + } + + if ( ! $found_marker ) { + $pre_lines[] = $line; + } elseif ( $found_marker && $found_end_marker ) { + $post_lines[] = $line; + } else { + $existing_lines[] = $line; + } + } + + // Check to see if there was a change. + if ( $existing_lines === $insertion ) { + flock( $fp, LOCK_UN ); + fclose( $fp ); + + return true; + } + + // Generate the new file data. + $new_file_data = implode( + "\n", + array_merge( + $pre_lines, + array( $start_marker ), + $insertion, + array( $end_marker ), + $post_lines + ) + ); + + // Write to the start of the file, and truncate it to that length. + fseek( $fp, 0 ); + $bytes = fwrite( $fp, $new_file_data ); + + if ( $bytes ) { + ftruncate( $fp, ftell( $fp ) ); + } + + fflush( $fp ); + flock( $fp, LOCK_UN ); + fclose( $fp ); + + return (bool) $bytes; +} + +/** + * Updates the htaccess file with the current rules if it is writable. + * + * Always writes to the file if it exists and is writable to ensure that we + * blank out old rules. + * + * @since 1.5.0 + * + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * + * @return bool|null True on write success, false on failure. Null in multisite. + */ +function save_mod_rewrite_rules() { + global $wp_rewrite; + + if ( is_multisite() ) { + return; + } + + // Ensure get_home_path() is declared. + require_once ABSPATH . 'wp-admin/includes/file.php'; + + $home_path = get_home_path(); + $htaccess_file = $home_path . '.htaccess'; + + /* + * If the file doesn't already exist check for write access to the directory + * and whether we have some rules. Else check for write access to the file. + */ + if ( ! file_exists( $htaccess_file ) && is_writable( $home_path ) && $wp_rewrite->using_mod_rewrite_permalinks() + || is_writable( $htaccess_file ) + ) { + if ( got_mod_rewrite() ) { + $rules = explode( "\n", $wp_rewrite->mod_rewrite_rules() ); + + return insert_with_markers( $htaccess_file, 'WordPress', $rules ); + } + } + + return false; +} + +/** + * Updates the IIS web.config file with the current rules if it is writable. + * If the permalinks do not require rewrite rules then the rules are deleted from the web.config file. + * + * @since 2.8.0 + * + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * + * @return bool|null True on write success, false on failure. Null in multisite. + */ +function iis7_save_url_rewrite_rules() { + global $wp_rewrite; + + if ( is_multisite() ) { + return; + } + + // Ensure get_home_path() is declared. + require_once ABSPATH . 'wp-admin/includes/file.php'; + + $home_path = get_home_path(); + $web_config_file = $home_path . 'web.config'; + + // Using win_is_writable() instead of is_writable() because of a bug in Windows PHP. + if ( iis7_supports_permalinks() + && ( ! file_exists( $web_config_file ) && win_is_writable( $home_path ) && $wp_rewrite->using_mod_rewrite_permalinks() + || win_is_writable( $web_config_file ) ) + ) { + $rule = $wp_rewrite->iis7_url_rewrite_rules( false ); + + if ( ! empty( $rule ) ) { + return iis7_add_rewrite_rule( $web_config_file, $rule ); + } else { + return iis7_delete_rewrite_rule( $web_config_file ); + } + } + + return false; +} + +/** + * Updates the "recently-edited" file for the plugin or theme file editor. + * + * @since 1.5.0 + * + * @param string $file + */ +function update_recently_edited( $file ) { + $oldfiles = (array) get_option( 'recently_edited' ); + + if ( $oldfiles ) { + $oldfiles = array_reverse( $oldfiles ); + $oldfiles[] = $file; + $oldfiles = array_reverse( $oldfiles ); + $oldfiles = array_unique( $oldfiles ); + + if ( 5 < count( $oldfiles ) ) { + array_pop( $oldfiles ); + } + } else { + $oldfiles[] = $file; + } + + update_option( 'recently_edited', $oldfiles ); +} + +/** + * Makes a tree structure for the theme file editor's file list. + * + * @since 4.9.0 + * @access private + * + * @param array $allowed_files List of theme file paths. + * @return array Tree structure for listing theme files. + */ +function wp_make_theme_file_tree( $allowed_files ) { + $tree_list = array(); + + foreach ( $allowed_files as $file_name => $absolute_filename ) { + $list = explode( '/', $file_name ); + $last_dir = &$tree_list; + + foreach ( $list as $dir ) { + $last_dir =& $last_dir[ $dir ]; + } + + $last_dir = $file_name; + } + + return $tree_list; +} + +/** + * Outputs the formatted file list for the theme file editor. + * + * @since 4.9.0 + * @access private + * + * @global string $relative_file Name of the file being edited relative to the + * theme directory. + * @global string $stylesheet The stylesheet name of the theme being edited. + * + * @param array|string $tree List of file/folder paths, or filename. + * @param int $level The aria-level for the current iteration. + * @param int $size The aria-setsize for the current iteration. + * @param int $index The aria-posinset for the current iteration. + */ +function wp_print_theme_file_tree( $tree, $level = 2, $size = 1, $index = 1 ) { + global $relative_file, $stylesheet; + + if ( is_array( $tree ) ) { + $index = 0; + $size = count( $tree ); + + foreach ( $tree as $label => $theme_file ) : + ++$index; + + if ( ! is_array( $theme_file ) ) { + wp_print_theme_file_tree( $theme_file, $level, $index, $size ); + continue; + } + ?> + <li role="treeitem" aria-expanded="true" tabindex="-1" + aria-level="<?php echo esc_attr( $level ); ?>" + aria-setsize="<?php echo esc_attr( $size ); ?>" + aria-posinset="<?php echo esc_attr( $index ); ?>"> + <span class="folder-label"><?php echo esc_html( $label ); ?> <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'folder' ); + ?> + </span><span aria-hidden="true" class="icon"></span></span> + <ul role="group" class="tree-folder"><?php wp_print_theme_file_tree( $theme_file, $level + 1, $index, $size ); ?></ul> + </li> + <?php + endforeach; + } else { + $filename = $tree; + $url = add_query_arg( + array( + 'file' => rawurlencode( $tree ), + 'theme' => rawurlencode( $stylesheet ), + ), + self_admin_url( 'theme-editor.php' ) + ); + ?> + <li role="none" class="<?php echo esc_attr( $relative_file === $filename ? 'current-file' : '' ); ?>"> + <a role="treeitem" tabindex="<?php echo esc_attr( $relative_file === $filename ? '0' : '-1' ); ?>" + href="<?php echo esc_url( $url ); ?>" + aria-level="<?php echo esc_attr( $level ); ?>" + aria-setsize="<?php echo esc_attr( $size ); ?>" + aria-posinset="<?php echo esc_attr( $index ); ?>"> + <?php + $file_description = esc_html( get_file_description( $filename ) ); + + if ( $file_description !== $filename && wp_basename( $filename ) !== $file_description ) { + $file_description .= '<br /><span class="nonessential">(' . esc_html( $filename ) . ')</span>'; + } + + if ( $relative_file === $filename ) { + echo '<span class="notice notice-info">' . $file_description . '</span>'; + } else { + echo $file_description; + } + ?> + </a> + </li> + <?php + } +} + +/** + * Makes a tree structure for the plugin file editor's file list. + * + * @since 4.9.0 + * @access private + * + * @param array $plugin_editable_files List of plugin file paths. + * @return array Tree structure for listing plugin files. + */ +function wp_make_plugin_file_tree( $plugin_editable_files ) { + $tree_list = array(); + + foreach ( $plugin_editable_files as $plugin_file ) { + $list = explode( '/', preg_replace( '#^.+?/#', '', $plugin_file ) ); + $last_dir = &$tree_list; + + foreach ( $list as $dir ) { + $last_dir =& $last_dir[ $dir ]; + } + + $last_dir = $plugin_file; + } + + return $tree_list; +} + +/** + * Outputs the formatted file list for the plugin file editor. + * + * @since 4.9.0 + * @access private + * + * @param array|string $tree List of file/folder paths, or filename. + * @param string $label Name of file or folder to print. + * @param int $level The aria-level for the current iteration. + * @param int $size The aria-setsize for the current iteration. + * @param int $index The aria-posinset for the current iteration. + */ +function wp_print_plugin_file_tree( $tree, $label = '', $level = 2, $size = 1, $index = 1 ) { + global $file, $plugin; + + if ( is_array( $tree ) ) { + $index = 0; + $size = count( $tree ); + + foreach ( $tree as $label => $plugin_file ) : + ++$index; + + if ( ! is_array( $plugin_file ) ) { + wp_print_plugin_file_tree( $plugin_file, $label, $level, $index, $size ); + continue; + } + ?> + <li role="treeitem" aria-expanded="true" tabindex="-1" + aria-level="<?php echo esc_attr( $level ); ?>" + aria-setsize="<?php echo esc_attr( $size ); ?>" + aria-posinset="<?php echo esc_attr( $index ); ?>"> + <span class="folder-label"><?php echo esc_html( $label ); ?> <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'folder' ); + ?> + </span><span aria-hidden="true" class="icon"></span></span> + <ul role="group" class="tree-folder"><?php wp_print_plugin_file_tree( $plugin_file, '', $level + 1, $index, $size ); ?></ul> + </li> + <?php + endforeach; + } else { + $url = add_query_arg( + array( + 'file' => rawurlencode( $tree ), + 'plugin' => rawurlencode( $plugin ), + ), + self_admin_url( 'plugin-editor.php' ) + ); + ?> + <li role="none" class="<?php echo esc_attr( $file === $tree ? 'current-file' : '' ); ?>"> + <a role="treeitem" tabindex="<?php echo esc_attr( $file === $tree ? '0' : '-1' ); ?>" + href="<?php echo esc_url( $url ); ?>" + aria-level="<?php echo esc_attr( $level ); ?>" + aria-setsize="<?php echo esc_attr( $size ); ?>" + aria-posinset="<?php echo esc_attr( $index ); ?>"> + <?php + if ( $file === $tree ) { + echo '<span class="notice notice-info">' . esc_html( $label ) . '</span>'; + } else { + echo esc_html( $label ); + } + ?> + </a> + </li> + <?php + } +} + +/** + * Flushes rewrite rules if siteurl, home or page_on_front changed. + * + * @since 2.1.0 + * + * @param string $old_value + * @param string $value + */ +function update_home_siteurl( $old_value, $value ) { + if ( wp_installing() ) { + return; + } + + if ( is_multisite() && ms_is_switched() ) { + delete_option( 'rewrite_rules' ); + } else { + flush_rewrite_rules(); + } +} + + +/** + * Resets global variables based on $_GET and $_POST. + * + * This function resets global variables based on the names passed + * in the $vars array to the value of $_POST[$var] or $_GET[$var] or '' + * if neither is defined. + * + * @since 2.0.0 + * + * @param array $vars An array of globals to reset. + */ +function wp_reset_vars( $vars ) { + foreach ( $vars as $var ) { + if ( empty( $_POST[ $var ] ) ) { + if ( empty( $_GET[ $var ] ) ) { + $GLOBALS[ $var ] = ''; + } else { + $GLOBALS[ $var ] = $_GET[ $var ]; + } + } else { + $GLOBALS[ $var ] = $_POST[ $var ]; + } + } +} + +/** + * Displays the given administration message. + * + * @since 2.1.0 + * + * @param string|WP_Error $message + */ +function show_message( $message ) { + if ( is_wp_error( $message ) ) { + if ( $message->get_error_data() && is_string( $message->get_error_data() ) ) { + $message = $message->get_error_message() . ': ' . $message->get_error_data(); + } else { + $message = $message->get_error_message(); + } + } + + echo "<p>$message</p>\n"; + wp_ob_end_flush_all(); + flush(); +} + +/** + * @since 2.8.0 + * + * @param string $content + * @return array + */ +function wp_doc_link_parse( $content ) { + if ( ! is_string( $content ) || empty( $content ) ) { + return array(); + } + + if ( ! function_exists( 'token_get_all' ) ) { + return array(); + } + + $tokens = token_get_all( $content ); + $count = count( $tokens ); + $functions = array(); + $ignore_functions = array(); + + for ( $t = 0; $t < $count - 2; $t++ ) { + if ( ! is_array( $tokens[ $t ] ) ) { + continue; + } + + if ( T_STRING === $tokens[ $t ][0] && ( '(' === $tokens[ $t + 1 ] || '(' === $tokens[ $t + 2 ] ) ) { + // If it's a function or class defined locally, there's not going to be any docs available. + if ( ( isset( $tokens[ $t - 2 ][1] ) && in_array( $tokens[ $t - 2 ][1], array( 'function', 'class' ), true ) ) + || ( isset( $tokens[ $t - 2 ][0] ) && T_OBJECT_OPERATOR === $tokens[ $t - 1 ][0] ) + ) { + $ignore_functions[] = $tokens[ $t ][1]; + } + + // Add this to our stack of unique references. + $functions[] = $tokens[ $t ][1]; + } + } + + $functions = array_unique( $functions ); + sort( $functions ); + + /** + * Filters the list of functions and classes to be ignored from the documentation lookup. + * + * @since 2.8.0 + * + * @param string[] $ignore_functions Array of names of functions and classes to be ignored. + */ + $ignore_functions = apply_filters( 'documentation_ignore_functions', $ignore_functions ); + + $ignore_functions = array_unique( $ignore_functions ); + + $output = array(); + + foreach ( $functions as $function ) { + if ( in_array( $function, $ignore_functions, true ) ) { + continue; + } + + $output[] = $function; + } + + return $output; +} + +/** + * Saves option for number of rows when listing posts, pages, comments, etc. + * + * @since 2.8.0 + */ +function set_screen_options() { + if ( ! isset( $_POST['wp_screen_options'] ) || ! is_array( $_POST['wp_screen_options'] ) ) { + return; + } + + check_admin_referer( 'screen-options-nonce', 'screenoptionnonce' ); + + $user = wp_get_current_user(); + + if ( ! $user ) { + return; + } + + $option = $_POST['wp_screen_options']['option']; + $value = $_POST['wp_screen_options']['value']; + + if ( sanitize_key( $option ) !== $option ) { + return; + } + + $map_option = $option; + $type = str_replace( 'edit_', '', $map_option ); + $type = str_replace( '_per_page', '', $type ); + + if ( in_array( $type, get_taxonomies(), true ) ) { + $map_option = 'edit_tags_per_page'; + } elseif ( in_array( $type, get_post_types(), true ) ) { + $map_option = 'edit_per_page'; + } else { + $option = str_replace( '-', '_', $option ); + } + + switch ( $map_option ) { + case 'edit_per_page': + case 'users_per_page': + case 'edit_comments_per_page': + case 'upload_per_page': + case 'edit_tags_per_page': + case 'plugins_per_page': + case 'export_personal_data_requests_per_page': + case 'remove_personal_data_requests_per_page': + // Network admin. + case 'sites_network_per_page': + case 'users_network_per_page': + case 'site_users_network_per_page': + case 'plugins_network_per_page': + case 'themes_network_per_page': + case 'site_themes_network_per_page': + $value = (int) $value; + + if ( $value < 1 || $value > 999 ) { + return; + } + + break; + + default: + $screen_option = false; + + if ( str_ends_with( $option, '_page' ) || 'layout_columns' === $option ) { + /** + * Filters a screen option value before it is set. + * + * The filter can also be used to modify non-standard [items]_per_page + * settings. See the parent function for a full list of standard options. + * + * Returning false from the filter will skip saving the current option. + * + * @since 2.8.0 + * @since 5.4.2 Only applied to options ending with '_page', + * or the 'layout_columns' option. + * + * @see set_screen_options() + * + * @param mixed $screen_option The value to save instead of the option value. + * Default false (to skip saving the current option). + * @param string $option The option name. + * @param int $value The option value. + */ + $screen_option = apply_filters( 'set-screen-option', $screen_option, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + } + + /** + * Filters a screen option value before it is set. + * + * The dynamic portion of the hook name, `$option`, refers to the option name. + * + * Returning false from the filter will skip saving the current option. + * + * @since 5.4.2 + * + * @see set_screen_options() + * + * @param mixed $screen_option The value to save instead of the option value. + * Default false (to skip saving the current option). + * @param string $option The option name. + * @param int $value The option value. + */ + $value = apply_filters( "set_screen_option_{$option}", $screen_option, $option, $value ); + + if ( false === $value ) { + return; + } + + break; + } + + update_user_meta( $user->ID, $option, $value ); + + $url = remove_query_arg( array( 'pagenum', 'apage', 'paged' ), wp_get_referer() ); + + if ( isset( $_POST['mode'] ) ) { + $url = add_query_arg( array( 'mode' => $_POST['mode'] ), $url ); + } + + wp_safe_redirect( $url ); + exit; +} + +/** + * Checks if rewrite rule for WordPress already exists in the IIS 7+ configuration file. + * + * @since 2.8.0 + * + * @param string $filename The file path to the configuration file. + * @return bool + */ +function iis7_rewrite_rule_exists( $filename ) { + if ( ! file_exists( $filename ) ) { + return false; + } + + if ( ! class_exists( 'DOMDocument', false ) ) { + return false; + } + + $doc = new DOMDocument(); + + if ( $doc->load( $filename ) === false ) { + return false; + } + + $xpath = new DOMXPath( $doc ); + $rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' ); + + if ( 0 === $rules->length ) { + return false; + } + + return true; +} + +/** + * Deletes WordPress rewrite rule from web.config file if it exists there. + * + * @since 2.8.0 + * + * @param string $filename Name of the configuration file. + * @return bool + */ +function iis7_delete_rewrite_rule( $filename ) { + // If configuration file does not exist then rules also do not exist, so there is nothing to delete. + if ( ! file_exists( $filename ) ) { + return true; + } + + if ( ! class_exists( 'DOMDocument', false ) ) { + return false; + } + + $doc = new DOMDocument(); + $doc->preserveWhiteSpace = false; + + if ( $doc->load( $filename ) === false ) { + return false; + } + + $xpath = new DOMXPath( $doc ); + $rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' ); + + if ( $rules->length > 0 ) { + $child = $rules->item( 0 ); + $parent = $child->parentNode; + $parent->removeChild( $child ); + $doc->formatOutput = true; + saveDomDocument( $doc, $filename ); + } + + return true; +} + +/** + * Adds WordPress rewrite rule to the IIS 7+ configuration file. + * + * @since 2.8.0 + * + * @param string $filename The file path to the configuration file. + * @param string $rewrite_rule The XML fragment with URL Rewrite rule. + * @return bool + */ +function iis7_add_rewrite_rule( $filename, $rewrite_rule ) { + if ( ! class_exists( 'DOMDocument', false ) ) { + return false; + } + + // If configuration file does not exist then we create one. + if ( ! file_exists( $filename ) ) { + $fp = fopen( $filename, 'w' ); + fwrite( $fp, '<configuration/>' ); + fclose( $fp ); + } + + $doc = new DOMDocument(); + $doc->preserveWhiteSpace = false; + + if ( $doc->load( $filename ) === false ) { + return false; + } + + $xpath = new DOMXPath( $doc ); + + // First check if the rule already exists as in that case there is no need to re-add it. + $wordpress_rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' ); + + if ( $wordpress_rules->length > 0 ) { + return true; + } + + // Check the XPath to the rewrite rule and create XML nodes if they do not exist. + $xml_nodes = $xpath->query( '/configuration/system.webServer/rewrite/rules' ); + + if ( $xml_nodes->length > 0 ) { + $rules_node = $xml_nodes->item( 0 ); + } else { + $rules_node = $doc->createElement( 'rules' ); + + $xml_nodes = $xpath->query( '/configuration/system.webServer/rewrite' ); + + if ( $xml_nodes->length > 0 ) { + $rewrite_node = $xml_nodes->item( 0 ); + $rewrite_node->appendChild( $rules_node ); + } else { + $rewrite_node = $doc->createElement( 'rewrite' ); + $rewrite_node->appendChild( $rules_node ); + + $xml_nodes = $xpath->query( '/configuration/system.webServer' ); + + if ( $xml_nodes->length > 0 ) { + $system_web_server_node = $xml_nodes->item( 0 ); + $system_web_server_node->appendChild( $rewrite_node ); + } else { + $system_web_server_node = $doc->createElement( 'system.webServer' ); + $system_web_server_node->appendChild( $rewrite_node ); + + $xml_nodes = $xpath->query( '/configuration' ); + + if ( $xml_nodes->length > 0 ) { + $config_node = $xml_nodes->item( 0 ); + $config_node->appendChild( $system_web_server_node ); + } else { + $config_node = $doc->createElement( 'configuration' ); + $doc->appendChild( $config_node ); + $config_node->appendChild( $system_web_server_node ); + } + } + } + } + + $rule_fragment = $doc->createDocumentFragment(); + $rule_fragment->appendXML( $rewrite_rule ); + $rules_node->appendChild( $rule_fragment ); + + $doc->encoding = 'UTF-8'; + $doc->formatOutput = true; + saveDomDocument( $doc, $filename ); + + return true; +} + +/** + * Saves the XML document into a file. + * + * @since 2.8.0 + * + * @param DOMDocument $doc + * @param string $filename + */ +function saveDomDocument( $doc, $filename ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid + $config = $doc->saveXML(); + $config = preg_replace( "/([^\r])\n/", "$1\r\n", $config ); + + $fp = fopen( $filename, 'w' ); + fwrite( $fp, $config ); + fclose( $fp ); +} + +/** + * Displays the default admin color scheme picker (Used in user-edit.php). + * + * @since 3.0.0 + * + * @global array $_wp_admin_css_colors + * + * @param int $user_id User ID. + */ +function admin_color_scheme_picker( $user_id ) { + global $_wp_admin_css_colors; + + ksort( $_wp_admin_css_colors ); + + if ( isset( $_wp_admin_css_colors['fresh'] ) ) { + // Set Default ('fresh') and Light should go first. + $_wp_admin_css_colors = array_filter( + array_merge( + array( + 'fresh' => '', + 'light' => '', + 'modern' => '', + ), + $_wp_admin_css_colors + ) + ); + } + + $current_color = get_user_option( 'admin_color', $user_id ); + + if ( empty( $current_color ) || ! isset( $_wp_admin_css_colors[ $current_color ] ) ) { + $current_color = 'fresh'; + } + ?> + <fieldset id="color-picker" class="scheme-list"> + <legend class="screen-reader-text"><span> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Admin Color Scheme' ); + ?> + </span></legend> + <?php + wp_nonce_field( 'save-color-scheme', 'color-nonce', false ); + foreach ( $_wp_admin_css_colors as $color => $color_info ) : + + ?> + <div class="color-option <?php echo ( $color === $current_color ) ? 'selected' : ''; ?>"> + <input name="admin_color" id="admin_color_<?php echo esc_attr( $color ); ?>" type="radio" value="<?php echo esc_attr( $color ); ?>" class="tog" <?php checked( $color, $current_color ); ?> /> + <input type="hidden" class="css_url" value="<?php echo esc_url( $color_info->url ); ?>" /> + <input type="hidden" class="icon_colors" value="<?php echo esc_attr( wp_json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" /> + <label for="admin_color_<?php echo esc_attr( $color ); ?>"><?php echo esc_html( $color_info->name ); ?></label> + <table class="color-palette"> + <tr> + <?php + foreach ( $color_info->colors as $html_color ) { + ?> + <td style="background-color: <?php echo esc_attr( $html_color ); ?>"> </td> + <?php + } + ?> + </tr> + </table> + </div> + <?php + + endforeach; + ?> + </fieldset> + <?php +} + +/** + * + * @global array $_wp_admin_css_colors + */ +function wp_color_scheme_settings() { + global $_wp_admin_css_colors; + + $color_scheme = get_user_option( 'admin_color' ); + + // It's possible to have a color scheme set that is no longer registered. + if ( empty( $_wp_admin_css_colors[ $color_scheme ] ) ) { + $color_scheme = 'fresh'; + } + + if ( ! empty( $_wp_admin_css_colors[ $color_scheme ]->icon_colors ) ) { + $icon_colors = $_wp_admin_css_colors[ $color_scheme ]->icon_colors; + } elseif ( ! empty( $_wp_admin_css_colors['fresh']->icon_colors ) ) { + $icon_colors = $_wp_admin_css_colors['fresh']->icon_colors; + } else { + // Fall back to the default set of icon colors if the default scheme is missing. + $icon_colors = array( + 'base' => '#a7aaad', + 'focus' => '#72aee6', + 'current' => '#fff', + ); + } + + echo '<script type="text/javascript">var _wpColorScheme = ' . wp_json_encode( array( 'icons' => $icon_colors ) ) . ";</script>\n"; +} + +/** + * Displays the viewport meta in the admin. + * + * @since 5.5.0 + */ +function wp_admin_viewport_meta() { + /** + * Filters the viewport meta in the admin. + * + * @since 5.5.0 + * + * @param string $viewport_meta The viewport meta. + */ + $viewport_meta = apply_filters( 'admin_viewport_meta', 'width=device-width,initial-scale=1.0' ); + + if ( empty( $viewport_meta ) ) { + return; + } + + echo '<meta name="viewport" content="' . esc_attr( $viewport_meta ) . '">'; +} + +/** + * Adds viewport meta for mobile in Customizer. + * + * Hooked to the {@see 'admin_viewport_meta'} filter. + * + * @since 5.5.0 + * + * @param string $viewport_meta The viewport meta. + * @return string Filtered viewport meta. + */ +function _customizer_mobile_viewport_meta( $viewport_meta ) { + return trim( $viewport_meta, ',' ) . ',minimum-scale=0.5,maximum-scale=1.2'; +} + +/** + * Checks lock status for posts displayed on the Posts screen. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + * @return array The Heartbeat response. + */ +function wp_check_locked_posts( $response, $data, $screen_id ) { + $checked = array(); + + if ( array_key_exists( 'wp-check-locked-posts', $data ) && is_array( $data['wp-check-locked-posts'] ) ) { + foreach ( $data['wp-check-locked-posts'] as $key ) { + $post_id = absint( substr( $key, 5 ) ); + + if ( ! $post_id ) { + continue; + } + + $user_id = wp_check_post_lock( $post_id ); + + if ( $user_id ) { + $user = get_userdata( $user_id ); + + if ( $user && current_user_can( 'edit_post', $post_id ) ) { + $send = array( + 'name' => $user->display_name, + /* translators: %s: User's display name. */ + 'text' => sprintf( __( '%s is currently editing' ), $user->display_name ), + ); + + if ( get_option( 'show_avatars' ) ) { + $send['avatar_src'] = get_avatar_url( $user->ID, array( 'size' => 18 ) ); + $send['avatar_src_2x'] = get_avatar_url( $user->ID, array( 'size' => 36 ) ); + } + + $checked[ $key ] = $send; + } + } + } + } + + if ( ! empty( $checked ) ) { + $response['wp-check-locked-posts'] = $checked; + } + + return $response; +} + +/** + * Checks lock status on the New/Edit Post screen and refresh the lock. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + * @return array The Heartbeat response. + */ +function wp_refresh_post_lock( $response, $data, $screen_id ) { + if ( array_key_exists( 'wp-refresh-post-lock', $data ) ) { + $received = $data['wp-refresh-post-lock']; + $send = array(); + + $post_id = absint( $received['post_id'] ); + + if ( ! $post_id ) { + return $response; + } + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + return $response; + } + + $user_id = wp_check_post_lock( $post_id ); + $user = get_userdata( $user_id ); + + if ( $user ) { + $error = array( + 'name' => $user->display_name, + /* translators: %s: User's display name. */ + 'text' => sprintf( __( '%s has taken over and is currently editing.' ), $user->display_name ), + ); + + if ( get_option( 'show_avatars' ) ) { + $error['avatar_src'] = get_avatar_url( $user->ID, array( 'size' => 64 ) ); + $error['avatar_src_2x'] = get_avatar_url( $user->ID, array( 'size' => 128 ) ); + } + + $send['lock_error'] = $error; + } else { + $new_lock = wp_set_post_lock( $post_id ); + + if ( $new_lock ) { + $send['new_lock'] = implode( ':', $new_lock ); + } + } + + $response['wp-refresh-post-lock'] = $send; + } + + return $response; +} + +/** + * Checks nonce expiration on the New/Edit Post screen and refresh if needed. + * + * @since 3.6.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @param string $screen_id The screen ID. + * @return array The Heartbeat response. + */ +function wp_refresh_post_nonces( $response, $data, $screen_id ) { + if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) { + $received = $data['wp-refresh-post-nonces']; + + $response['wp-refresh-post-nonces'] = array( 'check' => 1 ); + + $post_id = absint( $received['post_id'] ); + + if ( ! $post_id ) { + return $response; + } + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + return $response; + } + + $response['wp-refresh-post-nonces'] = array( + 'replace' => array( + 'getpermalinknonce' => wp_create_nonce( 'getpermalink' ), + 'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ), + 'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ), + '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), + '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), + ), + ); + } + + return $response; +} + +/** + * Refresh nonces used with meta boxes in the block editor. + * + * @since 6.1.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @return array The Heartbeat response. + */ +function wp_refresh_metabox_loader_nonces( $response, $data ) { + if ( empty( $data['wp-refresh-metabox-loader-nonces'] ) ) { + return $response; + } + + $received = $data['wp-refresh-metabox-loader-nonces']; + $post_id = (int) $received['post_id']; + + if ( ! $post_id ) { + return $response; + } + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + return $response; + } + + $response['wp-refresh-metabox-loader-nonces'] = array( + 'replace' => array( + 'metabox_loader_nonce' => wp_create_nonce( 'meta-box-loader' ), + '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), + ), + ); + + return $response; +} + +/** + * Adds the latest Heartbeat and REST-API nonce to the Heartbeat response. + * + * @since 5.0.0 + * + * @param array $response The Heartbeat response. + * @return array The Heartbeat response. + */ +function wp_refresh_heartbeat_nonces( $response ) { + // Refresh the Rest API nonce. + $response['rest_nonce'] = wp_create_nonce( 'wp_rest' ); + + // Refresh the Heartbeat nonce. + $response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' ); + + return $response; +} + +/** + * Disables suspension of Heartbeat on the Add/Edit Post screens. + * + * @since 3.8.0 + * + * @global string $pagenow The filename of the current screen. + * + * @param array $settings An array of Heartbeat settings. + * @return array Filtered Heartbeat settings. + */ +function wp_heartbeat_set_suspension( $settings ) { + global $pagenow; + + if ( 'post.php' === $pagenow || 'post-new.php' === $pagenow ) { + $settings['suspension'] = 'disable'; + } + + return $settings; +} + +/** + * Performs autosave with heartbeat. + * + * @since 3.9.0 + * + * @param array $response The Heartbeat response. + * @param array $data The $_POST data sent. + * @return array The Heartbeat response. + */ +function heartbeat_autosave( $response, $data ) { + if ( ! empty( $data['wp_autosave'] ) ) { + $saved = wp_autosave( $data['wp_autosave'] ); + + if ( is_wp_error( $saved ) ) { + $response['wp_autosave'] = array( + 'success' => false, + 'message' => $saved->get_error_message(), + ); + } elseif ( empty( $saved ) ) { + $response['wp_autosave'] = array( + 'success' => false, + 'message' => __( 'Error while saving.' ), + ); + } else { + /* translators: Draft saved date format, see https://www.php.net/manual/datetime.format.php */ + $draft_saved_date_format = __( 'g:i:s a' ); + $response['wp_autosave'] = array( + 'success' => true, + /* translators: %s: Date and time. */ + 'message' => sprintf( __( 'Draft saved at %s.' ), date_i18n( $draft_saved_date_format ) ), + ); + } + } + + return $response; +} + +/** + * Removes single-use URL parameters and create canonical link based on new URL. + * + * Removes specific query string parameters from a URL, create the canonical link, + * put it in the admin header, and change the current URL to match. + * + * @since 4.2.0 + */ +function wp_admin_canonical_url() { + $removable_query_args = wp_removable_query_args(); + + if ( empty( $removable_query_args ) ) { + return; + } + + // Ensure we're using an absolute URL. + $current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); + $filtered_url = remove_query_arg( $removable_query_args, $current_url ); + ?> + <link id="wp-admin-canonical" rel="canonical" href="<?php echo esc_url( $filtered_url ); ?>" /> + <script> + if ( window.history.replaceState ) { + window.history.replaceState( null, null, document.getElementById( 'wp-admin-canonical' ).href + window.location.hash ); + } + </script> + <?php +} + +/** + * Sends a referrer policy header so referrers are not sent externally from administration screens. + * + * @since 4.9.0 + */ +function wp_admin_headers() { + $policy = 'strict-origin-when-cross-origin'; + + /** + * Filters the admin referrer policy header value. + * + * @since 4.9.0 + * @since 4.9.5 The default value was changed to 'strict-origin-when-cross-origin'. + * + * @link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy + * + * @param string $policy The admin referrer policy header value. Default 'strict-origin-when-cross-origin'. + */ + $policy = apply_filters( 'admin_referrer_policy', $policy ); + + header( sprintf( 'Referrer-Policy: %s', $policy ) ); +} + +/** + * Outputs JS that reloads the page if the user navigated to it with the Back or Forward button. + * + * Used on the Edit Post and Add New Post screens. Needed to ensure the page is not loaded from browser cache, + * so the post title and editor content are the last saved versions. Ideally this script should run first in the head. + * + * @since 4.6.0 + */ +function wp_page_reload_on_back_button_js() { + ?> + <script> + if ( typeof performance !== 'undefined' && performance.navigation && performance.navigation.type === 2 ) { + document.location.reload( true ); + } + </script> + <?php +} + +/** + * Sends a confirmation request email when a change of site admin email address is attempted. + * + * The new site admin address will not become active until confirmed. + * + * @since 3.0.0 + * @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific. + * + * @param string $old_value The old site admin email address. + * @param string $value The proposed new site admin email address. + */ +function update_option_new_admin_email( $old_value, $value ) { + if ( get_option( 'admin_email' ) === $value || ! is_email( $value ) ) { + return; + } + + $hash = md5( $value . time() . wp_rand() ); + $new_admin_email = array( + 'hash' => $hash, + 'newemail' => $value, + ); + update_option( 'adminhash', $new_admin_email ); + + $switched_locale = switch_to_user_locale( get_current_user_id() ); + + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( + 'Howdy ###USERNAME###, + +Someone with administrator capabilities recently requested to have the +administration email address changed on this site: +###SITEURL### + +To confirm this change, please click on the following link: +###ADMIN_URL### + +You can safely ignore and delete this email if you do not want to +take this action. + +This email has been sent to ###EMAIL### + +Regards, +All at ###SITENAME### +###SITEURL###' + ); + + /** + * Filters the text of the email sent when a change of site admin email address is attempted. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The proposed new site admin email address. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since MU (3.0.0) + * @since 4.9.0 This filter is no longer Multisite specific. + * + * @param string $email_text Text in the email. + * @param array $new_admin_email { + * Data relating to the new site admin email address. + * + * @type string $hash The secure hash used in the confirmation link URL. + * @type string $newemail The proposed new site admin email address. + * } + */ + $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); + + $current_user = wp_get_current_user(); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); + $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash=' . $hash ) ), $content ); + $content = str_replace( '###EMAIL###', $value, $content ); + $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), $content ); + $content = str_replace( '###SITEURL###', home_url(), $content ); + + if ( '' !== get_option( 'blogname' ) ) { + $site_title = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); + } else { + $site_title = parse_url( home_url(), PHP_URL_HOST ); + } + + wp_mail( + $value, + sprintf( + /* translators: New admin email address notification email subject. %s: Site title. */ + __( '[%s] New Admin Email Address' ), + $site_title + ), + $content + ); + + if ( $switched_locale ) { + restore_previous_locale(); + } +} + +/** + * Appends '(Draft)' to draft page titles in the privacy page dropdown + * so that unpublished content is obvious. + * + * @since 4.9.8 + * @access private + * + * @param string $title Page title. + * @param WP_Post $page Page data object. + * @return string Page title. + */ +function _wp_privacy_settings_filter_draft_page_titles( $title, $page ) { + if ( 'draft' === $page->post_status && 'privacy' === get_current_screen()->id ) { + /* translators: %s: Page title. */ + $title = sprintf( __( '%s (Draft)' ), $title ); + } + + return $title; +} + +/** + * Checks if the user needs to update PHP. + * + * @since 5.1.0 + * @since 5.1.1 Added the {@see 'wp_is_php_version_acceptable'} filter. + * + * @return array|false { + * Array of PHP version data. False on failure. + * + * @type string $recommended_version The PHP version recommended by WordPress. + * @type string $minimum_version The minimum required PHP version. + * @type bool $is_supported Whether the PHP version is actively supported. + * @type bool $is_secure Whether the PHP version receives security updates. + * @type bool $is_acceptable Whether the PHP version is still acceptable or warnings + * should be shown and an update recommended. + * } + */ +function wp_check_php_version() { + $version = PHP_VERSION; + $key = md5( $version ); + + $response = get_site_transient( 'php_check_' . $key ); + + if ( false === $response ) { + $url = 'http://api.wordpress.org/core/serve-happy/1.0/'; + + if ( wp_http_supports( array( 'ssl' ) ) ) { + $url = set_url_scheme( $url, 'https' ); + } + + $url = add_query_arg( 'php_version', $version, $url ); + + $response = wp_remote_get( $url ); + + if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { + return false; + } + + $response = json_decode( wp_remote_retrieve_body( $response ), true ); + + if ( ! is_array( $response ) ) { + return false; + } + + set_site_transient( 'php_check_' . $key, $response, WEEK_IN_SECONDS ); + } + + if ( isset( $response['is_acceptable'] ) && $response['is_acceptable'] ) { + /** + * Filters whether the active PHP version is considered acceptable by WordPress. + * + * Returning false will trigger a PHP version warning to show up in the admin dashboard to administrators. + * + * This filter is only run if the wordpress.org Serve Happy API considers the PHP version acceptable, ensuring + * that this filter can only make this check stricter, but not loosen it. + * + * @since 5.1.1 + * + * @param bool $is_acceptable Whether the PHP version is considered acceptable. Default true. + * @param string $version PHP version checked. + */ + $response['is_acceptable'] = (bool) apply_filters( 'wp_is_php_version_acceptable', true, $version ); + } + + $response['is_lower_than_future_minimum'] = false; + + // The minimum supported PHP version will be updated to 7.2. Check if the current version is lower. + if ( version_compare( $version, '7.2', '<' ) ) { + $response['is_lower_than_future_minimum'] = true; + + // Force showing of warnings. + $response['is_acceptable'] = false; + } + + return $response; +} diff --git a/wp-admin/includes/ms-admin-filters.php b/wp-admin/includes/ms-admin-filters.php new file mode 100644 index 0000000..b1d7382 --- /dev/null +++ b/wp-admin/includes/ms-admin-filters.php @@ -0,0 +1,41 @@ +<?php +/** + * Multisite Administration hooks + * + * @package WordPress + * @subpackage Administration + * @since 4.3.0 + */ + +// Media hooks. +add_filter( 'wp_handle_upload_prefilter', 'check_upload_size' ); + +// User hooks. +add_action( 'user_admin_notices', 'new_user_email_admin_notice' ); +add_action( 'network_admin_notices', 'new_user_email_admin_notice' ); + +add_action( 'admin_page_access_denied', '_access_denied_splash', 99 ); + +// Site hooks. +add_action( 'wpmueditblogaction', 'upload_space_setting' ); + +// Network hooks. +add_action( 'update_site_option_admin_email', 'wp_network_admin_email_change_notification', 10, 4 ); + +// Post hooks. +add_filter( 'wp_insert_post_data', 'avoid_blog_page_permalink_collision', 10, 2 ); + +// Tools hooks. +add_filter( 'import_allow_create_users', 'check_import_new_users' ); + +// Notices hooks. +add_action( 'admin_notices', 'site_admin_notice' ); +add_action( 'network_admin_notices', 'site_admin_notice' ); + +// Update hooks. +add_action( 'network_admin_notices', 'update_nag', 3 ); +add_action( 'network_admin_notices', 'maintenance_nag', 10 ); + +// Network Admin hooks. +add_action( 'add_site_option_new_admin_email', 'update_network_option_new_admin_email', 10, 2 ); +add_action( 'update_site_option_new_admin_email', 'update_network_option_new_admin_email', 10, 2 ); diff --git a/wp-admin/includes/ms-deprecated.php b/wp-admin/includes/ms-deprecated.php new file mode 100644 index 0000000..519159b --- /dev/null +++ b/wp-admin/includes/ms-deprecated.php @@ -0,0 +1,140 @@ +<?php +/** + * Multisite: Deprecated admin functions from past versions and WordPress MU + * + * These functions should not be used and will be removed in a later version. + * It is suggested to use for the alternatives instead when available. + * + * @package WordPress + * @subpackage Deprecated + * @since 3.0.0 + */ + +/** + * Outputs the WPMU menu. + * + * @deprecated 3.0.0 + */ +function wpmu_menu() { + _deprecated_function( __FUNCTION__, '3.0.0' ); + // Deprecated. See #11763. +} + +/** + * Determines if the available space defined by the admin has been exceeded by the user. + * + * @deprecated 3.0.0 Use is_upload_space_available() + * @see is_upload_space_available() + */ +function wpmu_checkAvailableSpace() { + _deprecated_function( __FUNCTION__, '3.0.0', 'is_upload_space_available()' ); + + if ( ! is_upload_space_available() ) { + wp_die( sprintf( + /* translators: %s: Allowed space allocation. */ + __( 'Sorry, you have used your space allocation of %s. Please delete some files to upload more files.' ), + size_format( get_space_allowed() * MB_IN_BYTES ) + ) ); + } +} + +/** + * WPMU options. + * + * @deprecated 3.0.0 + */ +function mu_options( $options ) { + _deprecated_function( __FUNCTION__, '3.0.0' ); + return $options; +} + +/** + * Deprecated functionality for activating a network-only plugin. + * + * @deprecated 3.0.0 Use activate_plugin() + * @see activate_plugin() + */ +function activate_sitewide_plugin() { + _deprecated_function( __FUNCTION__, '3.0.0', 'activate_plugin()' ); + return false; +} + +/** + * Deprecated functionality for deactivating a network-only plugin. + * + * @deprecated 3.0.0 Use deactivate_plugin() + * @see deactivate_plugin() + */ +function deactivate_sitewide_plugin( $plugin = false ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'deactivate_plugin()' ); +} + +/** + * Deprecated functionality for determining if the current plugin is network-only. + * + * @deprecated 3.0.0 Use is_network_only_plugin() + * @see is_network_only_plugin() + */ +function is_wpmu_sitewide_plugin( $file ) { + _deprecated_function( __FUNCTION__, '3.0.0', 'is_network_only_plugin()' ); + return is_network_only_plugin( $file ); +} + +/** + * Deprecated functionality for getting themes network-enabled themes. + * + * @deprecated 3.4.0 Use WP_Theme::get_allowed_on_network() + * @see WP_Theme::get_allowed_on_network() + */ +function get_site_allowed_themes() { + _deprecated_function( __FUNCTION__, '3.4.0', 'WP_Theme::get_allowed_on_network()' ); + return array_map( 'intval', WP_Theme::get_allowed_on_network() ); +} + +/** + * Deprecated functionality for getting themes allowed on a specific site. + * + * @deprecated 3.4.0 Use WP_Theme::get_allowed_on_site() + * @see WP_Theme::get_allowed_on_site() + */ +function wpmu_get_blog_allowedthemes( $blog_id = 0 ) { + _deprecated_function( __FUNCTION__, '3.4.0', 'WP_Theme::get_allowed_on_site()' ); + return array_map( 'intval', WP_Theme::get_allowed_on_site( $blog_id ) ); +} + +/** + * Deprecated functionality for determining whether a file is deprecated. + * + * @deprecated 3.5.0 + */ +function ms_deprecated_blogs_file() {} + +if ( ! function_exists( 'install_global_terms' ) ) : + /** + * Install global terms. + * + * @since 3.0.0 + * @since 6.1.0 This function no longer does anything. + * @deprecated 6.1.0 + */ + function install_global_terms() { + _deprecated_function( __FUNCTION__, '6.1.0' ); + } +endif; + +/** + * Synchronizes category and post tag slugs when global terms are enabled. + * + * @since 3.0.0 + * @since 6.1.0 This function no longer does anything. + * @deprecated 6.1.0 + * + * @param WP_Term|array $term The term. + * @param string $taxonomy The taxonomy for `$term`. + * @return WP_Term|array Always returns `$term`. + */ +function sync_category_tag_slugs( $term, $taxonomy ) { + _deprecated_function( __FUNCTION__, '6.1.0' ); + + return $term; +} diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php new file mode 100644 index 0000000..0d04666 --- /dev/null +++ b/wp-admin/includes/ms.php @@ -0,0 +1,1172 @@ +<?php +/** + * Multisite administration functions. + * + * @package WordPress + * @subpackage Multisite + * @since 3.0.0 + */ + +/** + * Determines whether uploaded file exceeds space quota. + * + * @since 3.0.0 + * + * @param array $file An element from the `$_FILES` array for a given file. + * @return array The `$_FILES` array element with 'error' key set if file exceeds quota. 'error' is empty otherwise. + */ +function check_upload_size( $file ) { + if ( get_site_option( 'upload_space_check_disabled' ) ) { + return $file; + } + + if ( $file['error'] > 0 ) { // There's already an error. + return $file; + } + + if ( defined( 'WP_IMPORTING' ) ) { + return $file; + } + + $space_left = get_upload_space_available(); + + $file_size = filesize( $file['tmp_name'] ); + if ( $space_left < $file_size ) { + /* translators: %s: Required disk space in kilobytes. */ + $file['error'] = sprintf( __( 'Not enough space to upload. %s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ); + } + + if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { + /* translators: %s: Maximum allowed file size in kilobytes. */ + $file['error'] = sprintf( __( 'This file is too big. Files must be less than %s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ); + } + + if ( upload_is_user_over_quota( false ) ) { + $file['error'] = __( 'You have used your space quota. Please delete files before uploading.' ); + } + + if ( $file['error'] > 0 && ! isset( $_POST['html-upload'] ) && ! wp_doing_ajax() ) { + wp_die( $file['error'] . ' <a href="javascript:history.go(-1)">' . __( 'Back' ) . '</a>' ); + } + + return $file; +} + +/** + * Deletes a site. + * + * @since 3.0.0 + * @since 5.1.0 Use wp_delete_site() internally to delete the site row from the database. + * + * @param int $blog_id Site ID. + * @param bool $drop True if site's database tables should be dropped. Default false. + */ +function wpmu_delete_blog( $blog_id, $drop = false ) { + $blog_id = (int) $blog_id; + + $switch = false; + if ( get_current_blog_id() !== $blog_id ) { + $switch = true; + switch_to_blog( $blog_id ); + } + + $blog = get_site( $blog_id ); + + $current_network = get_network(); + + // If a full blog object is not available, do not destroy anything. + if ( $drop && ! $blog ) { + $drop = false; + } + + // Don't destroy the initial, main, or root blog. + if ( $drop + && ( 1 === $blog_id || is_main_site( $blog_id ) + || ( $blog->path === $current_network->path && $blog->domain === $current_network->domain ) ) + ) { + $drop = false; + } + + $upload_path = trim( get_option( 'upload_path' ) ); + + // If ms_files_rewriting is enabled and upload_path is empty, wp_upload_dir is not reliable. + if ( $drop && get_site_option( 'ms_files_rewriting' ) && empty( $upload_path ) ) { + $drop = false; + } + + if ( $drop ) { + wp_delete_site( $blog_id ); + } else { + /** This action is documented in wp-includes/ms-blogs.php */ + do_action_deprecated( 'delete_blog', array( $blog_id, false ), '5.1.0' ); + + $users = get_users( + array( + 'blog_id' => $blog_id, + 'fields' => 'ids', + ) + ); + + // Remove users from this blog. + if ( ! empty( $users ) ) { + foreach ( $users as $user_id ) { + remove_user_from_blog( $user_id, $blog_id ); + } + } + + update_blog_status( $blog_id, 'deleted', 1 ); + + /** This action is documented in wp-includes/ms-blogs.php */ + do_action_deprecated( 'deleted_blog', array( $blog_id, false ), '5.1.0' ); + } + + if ( $switch ) { + restore_current_blog(); + } +} + +/** + * Deletes a user and all of their posts from the network. + * + * This function: + * + * - Deletes all posts (of all post types) authored by the user on all sites on the network + * - Deletes all links owned by the user on all sites on the network + * - Removes the user from all sites on the network + * - Deletes the user from the database + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $id The user ID. + * @return bool True if the user was deleted, false otherwise. + */ +function wpmu_delete_user( $id ) { + global $wpdb; + + if ( ! is_numeric( $id ) ) { + return false; + } + + $id = (int) $id; + $user = new WP_User( $id ); + + if ( ! $user->exists() ) { + return false; + } + + // Global super-administrators are protected, and cannot be deleted. + $_super_admins = get_super_admins(); + if ( in_array( $user->user_login, $_super_admins, true ) ) { + return false; + } + + /** + * Fires before a user is deleted from the network. + * + * @since MU (3.0.0) + * @since 5.5.0 Added the `$user` parameter. + * + * @param int $id ID of the user about to be deleted from the network. + * @param WP_User $user WP_User object of the user about to be deleted from the network. + */ + do_action( 'wpmu_delete_user', $id, $user ); + + $blogs = get_blogs_of_user( $id ); + + if ( ! empty( $blogs ) ) { + foreach ( $blogs as $blog ) { + switch_to_blog( $blog->userblog_id ); + remove_user_from_blog( $id, $blog->userblog_id ); + + $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d", $id ) ); + foreach ( (array) $post_ids as $post_id ) { + wp_delete_post( $post_id ); + } + + // Clean links. + $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) ); + + if ( $link_ids ) { + foreach ( $link_ids as $link_id ) { + wp_delete_link( $link_id ); + } + } + + restore_current_blog(); + } + } + + $meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + foreach ( $meta as $mid ) { + delete_metadata_by_mid( 'user', $mid ); + } + + $wpdb->delete( $wpdb->users, array( 'ID' => $id ) ); + + clean_user_cache( $user ); + + /** This action is documented in wp-admin/includes/user.php */ + do_action( 'deleted_user', $id, null, $user ); + + return true; +} + +/** + * Checks whether a site has used its allotted upload space. + * + * @since MU (3.0.0) + * + * @param bool $display_message Optional. If set to true and the quota is exceeded, + * a warning message is displayed. Default true. + * @return bool True if user is over upload space quota, otherwise false. + */ +function upload_is_user_over_quota( $display_message = true ) { + if ( get_site_option( 'upload_space_check_disabled' ) ) { + return false; + } + + $space_allowed = get_space_allowed(); + if ( ! is_numeric( $space_allowed ) ) { + $space_allowed = 10; // Default space allowed is 10 MB. + } + $space_used = get_space_used(); + + if ( ( $space_allowed - $space_used ) < 0 ) { + if ( $display_message ) { + printf( + /* translators: %s: Allowed space allocation. */ + __( 'Sorry, you have used your space allocation of %s. Please delete some files to upload more files.' ), + size_format( $space_allowed * MB_IN_BYTES ) + ); + } + return true; + } else { + return false; + } +} + +/** + * Displays the amount of disk space used by the current site. Not used in core. + * + * @since MU (3.0.0) + */ +function display_space_usage() { + $space_allowed = get_space_allowed(); + $space_used = get_space_used(); + + $percent_used = ( $space_used / $space_allowed ) * 100; + + $space = size_format( $space_allowed * MB_IN_BYTES ); + ?> + <strong> + <?php + /* translators: Storage space that's been used. 1: Percentage of used space, 2: Total space allowed in megabytes or gigabytes. */ + printf( __( 'Used: %1$s%% of %2$s' ), number_format( $percent_used ), $space ); + ?> + </strong> + <?php +} + +/** + * Gets the remaining upload space for this site. + * + * @since MU (3.0.0) + * + * @param int $size Current max size in bytes. + * @return int Max size in bytes. + */ +function fix_import_form_size( $size ) { + if ( upload_is_user_over_quota( false ) ) { + return 0; + } + $available = get_upload_space_available(); + return min( $size, $available ); +} + +/** + * Displays the site upload space quota setting form on the Edit Site Settings screen. + * + * @since 3.0.0 + * + * @param int $id The ID of the site to display the setting for. + */ +function upload_space_setting( $id ) { + switch_to_blog( $id ); + $quota = get_option( 'blog_upload_space' ); + restore_current_blog(); + + if ( ! $quota ) { + $quota = ''; + } + + ?> + <tr> + <th><label for="blog-upload-space-number"><?php _e( 'Site Upload Space Quota' ); ?></label></th> + <td> + <input type="number" step="1" min="0" style="width: 100px" name="option[blog_upload_space]" id="blog-upload-space-number" aria-describedby="blog-upload-space-desc" value="<?php echo $quota; ?>" /> + <span id="blog-upload-space-desc"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Size in megabytes' ); + ?> + </span> <?php _e( 'MB (Leave blank for network default)' ); ?></span> + </td> + </tr> + <?php +} + +/** + * Cleans the user cache for a specific user. + * + * @since 3.0.0 + * + * @param int $id The user ID. + * @return int|false The ID of the refreshed user or false if the user does not exist. + */ +function refresh_user_details( $id ) { + $id = (int) $id; + + $user = get_userdata( $id ); + if ( ! $user ) { + return false; + } + + clean_user_cache( $user ); + + return $id; +} + +/** + * Returns the language for a language code. + * + * @since 3.0.0 + * + * @param string $code Optional. The two-letter language code. Default empty. + * @return string The language corresponding to $code if it exists. If it does not exist, + * then the first two letters of $code is returned. + */ +function format_code_lang( $code = '' ) { + $code = strtolower( substr( $code, 0, 2 ) ); + $lang_codes = array( + 'aa' => 'Afar', + 'ab' => 'Abkhazian', + 'af' => 'Afrikaans', + 'ak' => 'Akan', + 'sq' => 'Albanian', + 'am' => 'Amharic', + 'ar' => 'Arabic', + 'an' => 'Aragonese', + 'hy' => 'Armenian', + 'as' => 'Assamese', + 'av' => 'Avaric', + 'ae' => 'Avestan', + 'ay' => 'Aymara', + 'az' => 'Azerbaijani', + 'ba' => 'Bashkir', + 'bm' => 'Bambara', + 'eu' => 'Basque', + 'be' => 'Belarusian', + 'bn' => 'Bengali', + 'bh' => 'Bihari', + 'bi' => 'Bislama', + 'bs' => 'Bosnian', + 'br' => 'Breton', + 'bg' => 'Bulgarian', + 'my' => 'Burmese', + 'ca' => 'Catalan; Valencian', + 'ch' => 'Chamorro', + 'ce' => 'Chechen', + 'zh' => 'Chinese', + 'cu' => 'Church Slavic; Old Slavonic; Church Slavonic; Old Bulgarian; Old Church Slavonic', + 'cv' => 'Chuvash', + 'kw' => 'Cornish', + 'co' => 'Corsican', + 'cr' => 'Cree', + 'cs' => 'Czech', + 'da' => 'Danish', + 'dv' => 'Divehi; Dhivehi; Maldivian', + 'nl' => 'Dutch; Flemish', + 'dz' => 'Dzongkha', + 'en' => 'English', + 'eo' => 'Esperanto', + 'et' => 'Estonian', + 'ee' => 'Ewe', + 'fo' => 'Faroese', + 'fj' => 'Fijjian', + 'fi' => 'Finnish', + 'fr' => 'French', + 'fy' => 'Western Frisian', + 'ff' => 'Fulah', + 'ka' => 'Georgian', + 'de' => 'German', + 'gd' => 'Gaelic; Scottish Gaelic', + 'ga' => 'Irish', + 'gl' => 'Galician', + 'gv' => 'Manx', + 'el' => 'Greek, Modern', + 'gn' => 'Guarani', + 'gu' => 'Gujarati', + 'ht' => 'Haitian; Haitian Creole', + 'ha' => 'Hausa', + 'he' => 'Hebrew', + 'hz' => 'Herero', + 'hi' => 'Hindi', + 'ho' => 'Hiri Motu', + 'hu' => 'Hungarian', + 'ig' => 'Igbo', + 'is' => 'Icelandic', + 'io' => 'Ido', + 'ii' => 'Sichuan Yi', + 'iu' => 'Inuktitut', + 'ie' => 'Interlingue', + 'ia' => 'Interlingua (International Auxiliary Language Association)', + 'id' => 'Indonesian', + 'ik' => 'Inupiaq', + 'it' => 'Italian', + 'jv' => 'Javanese', + 'ja' => 'Japanese', + 'kl' => 'Kalaallisut; Greenlandic', + 'kn' => 'Kannada', + 'ks' => 'Kashmiri', + 'kr' => 'Kanuri', + 'kk' => 'Kazakh', + 'km' => 'Central Khmer', + 'ki' => 'Kikuyu; Gikuyu', + 'rw' => 'Kinyarwanda', + 'ky' => 'Kirghiz; Kyrgyz', + 'kv' => 'Komi', + 'kg' => 'Kongo', + 'ko' => 'Korean', + 'kj' => 'Kuanyama; Kwanyama', + 'ku' => 'Kurdish', + 'lo' => 'Lao', + 'la' => 'Latin', + 'lv' => 'Latvian', + 'li' => 'Limburgan; Limburger; Limburgish', + 'ln' => 'Lingala', + 'lt' => 'Lithuanian', + 'lb' => 'Luxembourgish; Letzeburgesch', + 'lu' => 'Luba-Katanga', + 'lg' => 'Ganda', + 'mk' => 'Macedonian', + 'mh' => 'Marshallese', + 'ml' => 'Malayalam', + 'mi' => 'Maori', + 'mr' => 'Marathi', + 'ms' => 'Malay', + 'mg' => 'Malagasy', + 'mt' => 'Maltese', + 'mo' => 'Moldavian', + 'mn' => 'Mongolian', + 'na' => 'Nauru', + 'nv' => 'Navajo; Navaho', + 'nr' => 'Ndebele, South; South Ndebele', + 'nd' => 'Ndebele, North; North Ndebele', + 'ng' => 'Ndonga', + 'ne' => 'Nepali', + 'nn' => 'Norwegian Nynorsk; Nynorsk, Norwegian', + 'nb' => 'BokmÃ¥l, Norwegian, Norwegian BokmÃ¥l', + 'no' => 'Norwegian', + 'ny' => 'Chichewa; Chewa; Nyanja', + 'oc' => 'Occitan, Provençal', + 'oj' => 'Ojibwa', + 'or' => 'Oriya', + 'om' => 'Oromo', + 'os' => 'Ossetian; Ossetic', + 'pa' => 'Panjabi; Punjabi', + 'fa' => 'Persian', + 'pi' => 'Pali', + 'pl' => 'Polish', + 'pt' => 'Portuguese', + 'ps' => 'Pushto', + 'qu' => 'Quechua', + 'rm' => 'Romansh', + 'ro' => 'Romanian', + 'rn' => 'Rundi', + 'ru' => 'Russian', + 'sg' => 'Sango', + 'sa' => 'Sanskrit', + 'sr' => 'Serbian', + 'hr' => 'Croatian', + 'si' => 'Sinhala; Sinhalese', + 'sk' => 'Slovak', + 'sl' => 'Slovenian', + 'se' => 'Northern Sami', + 'sm' => 'Samoan', + 'sn' => 'Shona', + 'sd' => 'Sindhi', + 'so' => 'Somali', + 'st' => 'Sotho, Southern', + 'es' => 'Spanish; Castilian', + 'sc' => 'Sardinian', + 'ss' => 'Swati', + 'su' => 'Sundanese', + 'sw' => 'Swahili', + 'sv' => 'Swedish', + 'ty' => 'Tahitian', + 'ta' => 'Tamil', + 'tt' => 'Tatar', + 'te' => 'Telugu', + 'tg' => 'Tajik', + 'tl' => 'Tagalog', + 'th' => 'Thai', + 'bo' => 'Tibetan', + 'ti' => 'Tigrinya', + 'to' => 'Tonga (Tonga Islands)', + 'tn' => 'Tswana', + 'ts' => 'Tsonga', + 'tk' => 'Turkmen', + 'tr' => 'Turkish', + 'tw' => 'Twi', + 'ug' => 'Uighur; Uyghur', + 'uk' => 'Ukrainian', + 'ur' => 'Urdu', + 'uz' => 'Uzbek', + 've' => 'Venda', + 'vi' => 'Vietnamese', + 'vo' => 'Volapük', + 'cy' => 'Welsh', + 'wa' => 'Walloon', + 'wo' => 'Wolof', + 'xh' => 'Xhosa', + 'yi' => 'Yiddish', + 'yo' => 'Yoruba', + 'za' => 'Zhuang; Chuang', + 'zu' => 'Zulu', + ); + + /** + * Filters the language codes. + * + * @since MU (3.0.0) + * + * @param string[] $lang_codes Array of key/value pairs of language codes where key is the short version. + * @param string $code A two-letter designation of the language. + */ + $lang_codes = apply_filters( 'lang_codes', $lang_codes, $code ); + return strtr( $code, $lang_codes ); +} + +/** + * Displays an access denied message when a user tries to view a site's dashboard they + * do not have access to. + * + * @since 3.2.0 + * @access private + */ +function _access_denied_splash() { + if ( ! is_user_logged_in() || is_network_admin() ) { + return; + } + + $blogs = get_blogs_of_user( get_current_user_id() ); + + if ( wp_list_filter( $blogs, array( 'userblog_id' => get_current_blog_id() ) ) ) { + return; + } + + $blog_name = get_bloginfo( 'name' ); + + if ( empty( $blogs ) ) { + wp_die( + sprintf( + /* translators: 1: Site title. */ + __( 'You attempted to access the "%1$s" dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the "%1$s" dashboard, please contact your network administrator.' ), + $blog_name + ), + 403 + ); + } + + $output = '<p>' . sprintf( + /* translators: 1: Site title. */ + __( 'You attempted to access the "%1$s" dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the "%1$s" dashboard, please contact your network administrator.' ), + $blog_name + ) . '</p>'; + $output .= '<p>' . __( 'If you reached this screen by accident and meant to visit one of your own sites, here are some shortcuts to help you find your way.' ) . '</p>'; + + $output .= '<h3>' . __( 'Your Sites' ) . '</h3>'; + $output .= '<table>'; + + foreach ( $blogs as $blog ) { + $output .= '<tr>'; + $output .= "<td>{$blog->blogname}</td>"; + $output .= '<td><a href="' . esc_url( get_admin_url( $blog->userblog_id ) ) . '">' . __( 'Visit Dashboard' ) . '</a> | ' . + '<a href="' . esc_url( get_home_url( $blog->userblog_id ) ) . '">' . __( 'View Site' ) . '</a></td>'; + $output .= '</tr>'; + } + + $output .= '</table>'; + + wp_die( $output, 403 ); +} + +/** + * Checks if the current user has permissions to import new users. + * + * @since 3.0.0 + * + * @param string $permission A permission to be checked. Currently not used. + * @return bool True if the user has proper permissions, false if they do not. + */ +function check_import_new_users( $permission ) { + if ( ! current_user_can( 'manage_network_users' ) ) { + return false; + } + + return true; +} +// See "import_allow_fetch_attachments" and "import_attachment_size_limit" filters too. + +/** + * Generates and displays a drop-down of available languages. + * + * @since 3.0.0 + * + * @param string[] $lang_files Optional. An array of the language files. Default empty array. + * @param string $current Optional. The current language code. Default empty. + */ +function mu_dropdown_languages( $lang_files = array(), $current = '' ) { + $flag = false; + $output = array(); + + foreach ( (array) $lang_files as $val ) { + $code_lang = basename( $val, '.mo' ); + + if ( 'en_US' === $code_lang ) { // American English. + $flag = true; + $ae = __( 'American English' ); + $output[ $ae ] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . $ae . '</option>'; + } elseif ( 'en_GB' === $code_lang ) { // British English. + $flag = true; + $be = __( 'British English' ); + $output[ $be ] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . $be . '</option>'; + } else { + $translated = format_code_lang( $code_lang ); + $output[ $translated ] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . esc_html( $translated ) . '</option>'; + } + } + + if ( false === $flag ) { // WordPress English. + $output[] = '<option value=""' . selected( $current, '', false ) . '>' . __( 'English' ) . '</option>'; + } + + // Order by name. + uksort( $output, 'strnatcasecmp' ); + + /** + * Filters the languages available in the dropdown. + * + * @since MU (3.0.0) + * + * @param string[] $output Array of HTML output for the dropdown. + * @param string[] $lang_files Array of available language files. + * @param string $current The current language code. + */ + $output = apply_filters( 'mu_dropdown_languages', $output, $lang_files, $current ); + + echo implode( "\n\t", $output ); +} + +/** + * Displays an admin notice to upgrade all sites after a core upgrade. + * + * @since 3.0.0 + * + * @global int $wp_db_version WordPress database version. + * @global string $pagenow The filename of the current screen. + * + * @return void|false Void on success. False if the current user is not a super admin. + */ +function site_admin_notice() { + global $wp_db_version, $pagenow; + + if ( ! current_user_can( 'upgrade_network' ) ) { + return false; + } + + if ( 'upgrade.php' === $pagenow ) { + return; + } + + if ( (int) get_site_option( 'wpmu_upgrade_site' ) !== $wp_db_version ) { + $upgrade_network_message = sprintf( + /* translators: %s: URL to Upgrade Network screen. */ + __( 'Thank you for Updating! Please visit the <a href="%s">Upgrade Network</a> page to update all your sites.' ), + esc_url( network_admin_url( 'upgrade.php' ) ) + ); + + wp_admin_notice( + $upgrade_network_message, + array( + 'type' => 'warning', + 'additional_classes' => array( 'update-nag', 'inline' ), + 'paragraph_wrap' => false, + ) + ); + } +} + +/** + * Avoids a collision between a site slug and a permalink slug. + * + * In a subdirectory installation this will make sure that a site and a post do not use the + * same subdirectory by checking for a site with the same name as a new post. + * + * @since 3.0.0 + * + * @param array $data An array of post data. + * @param array $postarr An array of posts. Not currently used. + * @return array The new array of post data after checking for collisions. + */ +function avoid_blog_page_permalink_collision( $data, $postarr ) { + if ( is_subdomain_install() ) { + return $data; + } + if ( 'page' !== $data['post_type'] ) { + return $data; + } + if ( ! isset( $data['post_name'] ) || '' === $data['post_name'] ) { + return $data; + } + if ( ! is_main_site() ) { + return $data; + } + if ( isset( $data['post_parent'] ) && $data['post_parent'] ) { + return $data; + } + + $post_name = $data['post_name']; + $c = 0; + + while ( $c < 10 && get_id_from_blogname( $post_name ) ) { + $post_name .= mt_rand( 1, 10 ); + ++$c; + } + + if ( $post_name !== $data['post_name'] ) { + $data['post_name'] = $post_name; + } + + return $data; +} + +/** + * Handles the display of choosing a user's primary site. + * + * This displays the user's primary site and allows the user to choose + * which site is primary. + * + * @since 3.0.0 + */ +function choose_primary_blog() { + ?> + <table class="form-table" role="presentation"> + <tr> + <?php /* translators: My Sites label. */ ?> + <th scope="row"><label for="primary_blog"><?php _e( 'Primary Site' ); ?></label></th> + <td> + <?php + $all_blogs = get_blogs_of_user( get_current_user_id() ); + $primary_blog = (int) get_user_meta( get_current_user_id(), 'primary_blog', true ); + if ( count( $all_blogs ) > 1 ) { + $found = false; + ?> + <select name="primary_blog" id="primary_blog"> + <?php + foreach ( (array) $all_blogs as $blog ) { + if ( $blog->userblog_id === $primary_blog ) { + $found = true; + } + ?> + <option value="<?php echo $blog->userblog_id; ?>"<?php selected( $primary_blog, $blog->userblog_id ); ?>><?php echo esc_url( get_home_url( $blog->userblog_id ) ); ?></option> + <?php + } + ?> + </select> + <?php + if ( ! $found ) { + $blog = reset( $all_blogs ); + update_user_meta( get_current_user_id(), 'primary_blog', $blog->userblog_id ); + } + } elseif ( 1 === count( $all_blogs ) ) { + $blog = reset( $all_blogs ); + echo esc_url( get_home_url( $blog->userblog_id ) ); + if ( $blog->userblog_id !== $primary_blog ) { // Set the primary blog again if it's out of sync with blog list. + update_user_meta( get_current_user_id(), 'primary_blog', $blog->userblog_id ); + } + } else { + _e( 'Not available' ); + } + ?> + </td> + </tr> + </table> + <?php +} + +/** + * Determines whether or not this network from this page can be edited. + * + * By default editing of network is restricted to the Network Admin for that `$network_id`. + * This function allows for this to be overridden. + * + * @since 3.1.0 + * + * @param int $network_id The network ID to check. + * @return bool True if network can be edited, false otherwise. + */ +function can_edit_network( $network_id ) { + if ( get_current_network_id() === (int) $network_id ) { + $result = true; + } else { + $result = false; + } + + /** + * Filters whether this network can be edited from this page. + * + * @since 3.1.0 + * + * @param bool $result Whether the network can be edited from this page. + * @param int $network_id The network ID to check. + */ + return apply_filters( 'can_edit_network', $result, $network_id ); +} + +/** + * Prints thickbox image paths for Network Admin. + * + * @since 3.1.0 + * + * @access private + */ +function _thickbox_path_admin_subfolder() { + ?> +<script type="text/javascript"> +var tb_pathToImage = "<?php echo esc_js( includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ) ); ?>"; +</script> + <?php +} + +/** + * @param array $users + * @return bool + */ +function confirm_delete_users( $users ) { + $current_user = wp_get_current_user(); + if ( ! is_array( $users ) || empty( $users ) ) { + return false; + } + ?> + <h1><?php esc_html_e( 'Users' ); ?></h1> + + <?php if ( 1 === count( $users ) ) : ?> + <p><?php _e( 'You have chosen to delete the user from all networks and sites.' ); ?></p> + <?php else : ?> + <p><?php _e( 'You have chosen to delete the following users from all networks and sites.' ); ?></p> + <?php endif; ?> + + <form action="users.php?action=dodelete" method="post"> + <input type="hidden" name="dodelete" /> + <?php + wp_nonce_field( 'ms-users-delete' ); + $site_admins = get_super_admins(); + $admin_out = '<option value="' . esc_attr( $current_user->ID ) . '">' . $current_user->user_login . '</option>'; + ?> + <table class="form-table" role="presentation"> + <?php + $allusers = (array) $_POST['allusers']; + foreach ( $allusers as $user_id ) { + if ( '' !== $user_id && '0' !== $user_id ) { + $delete_user = get_userdata( $user_id ); + + if ( ! current_user_can( 'delete_user', $delete_user->ID ) ) { + wp_die( + sprintf( + /* translators: %s: User login. */ + __( 'Warning! User %s cannot be deleted.' ), + $delete_user->user_login + ) + ); + } + + if ( in_array( $delete_user->user_login, $site_admins, true ) ) { + wp_die( + sprintf( + /* translators: %s: User login. */ + __( 'Warning! User cannot be deleted. The user %s is a network administrator.' ), + '<em>' . $delete_user->user_login . '</em>' + ) + ); + } + ?> + <tr> + <th scope="row"><?php echo $delete_user->user_login; ?> + <?php echo '<input type="hidden" name="user[]" value="' . esc_attr( $user_id ) . '" />' . "\n"; ?> + </th> + <?php + $blogs = get_blogs_of_user( $user_id, true ); + + if ( ! empty( $blogs ) ) { + ?> + <td><fieldset><p><legend> + <?php + printf( + /* translators: %s: User login. */ + __( 'What should be done with content owned by %s?' ), + '<em>' . $delete_user->user_login . '</em>' + ); + ?> + </legend></p> + <?php + foreach ( (array) $blogs as $key => $details ) { + $blog_users = get_users( + array( + 'blog_id' => $details->userblog_id, + 'fields' => array( 'ID', 'user_login' ), + ) + ); + + if ( is_array( $blog_users ) && ! empty( $blog_users ) ) { + $user_site = "<a href='" . esc_url( get_home_url( $details->userblog_id ) ) . "'>{$details->blogname}</a>"; + $user_dropdown = '<label for="reassign_user" class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Select a user' ) . + '</label>'; + $user_dropdown .= "<select name='blog[$user_id][$key]' id='reassign_user'>"; + $user_list = ''; + + foreach ( $blog_users as $user ) { + if ( ! in_array( (int) $user->ID, $allusers, true ) ) { + $user_list .= "<option value='{$user->ID}'>{$user->user_login}</option>"; + } + } + + if ( '' === $user_list ) { + $user_list = $admin_out; + } + + $user_dropdown .= $user_list; + $user_dropdown .= "</select>\n"; + ?> + <ul style="list-style:none;"> + <li> + <?php + /* translators: %s: Link to user's site. */ + printf( __( 'Site: %s' ), $user_site ); + ?> + </li> + <li><label><input type="radio" id="delete_option0" name="delete[<?php echo $details->userblog_id . '][' . $delete_user->ID; ?>]" value="delete" checked="checked" /> + <?php _e( 'Delete all content.' ); ?></label></li> + <li><label><input type="radio" id="delete_option1" name="delete[<?php echo $details->userblog_id . '][' . $delete_user->ID; ?>]" value="reassign" /> + <?php _e( 'Attribute all content to:' ); ?></label> + <?php echo $user_dropdown; ?></li> + </ul> + <?php + } + } + echo '</fieldset></td></tr>'; + } else { + ?> + <td><p><?php _e( 'User has no sites or content and will be deleted.' ); ?></p></td> + <?php } ?> + </tr> + <?php + } + } + + ?> + </table> + <?php + /** This action is documented in wp-admin/users.php */ + do_action( 'delete_user_form', $current_user, $allusers ); + + if ( 1 === count( $users ) ) : + ?> + <p><?php _e( 'Once you hit “Confirm Deletion”, the user will be permanently removed.' ); ?></p> + <?php else : ?> + <p><?php _e( 'Once you hit “Confirm Deletion”, these users will be permanently removed.' ); ?></p> + <?php + endif; + + submit_button( __( 'Confirm Deletion' ), 'primary' ); + ?> + </form> + <?php + return true; +} + +/** + * Prints JavaScript in the header on the Network Settings screen. + * + * @since 4.1.0 + */ +function network_settings_add_js() { + ?> +<script type="text/javascript"> +jQuery( function($) { + var languageSelect = $( '#WPLANG' ); + $( 'form' ).on( 'submit', function() { + /* + * Don't show a spinner for English and installed languages, + * as there is nothing to download. + */ + if ( ! languageSelect.find( 'option:selected' ).data( 'installed' ) ) { + $( '#submit', this ).after( '<span class="spinner language-install-spinner is-active" />' ); + } + }); +} ); +</script> + <?php +} + +/** + * Outputs the HTML for a network's "Edit Site" tabular interface. + * + * @since 4.6.0 + * + * @global string $pagenow The filename of the current screen. + * + * @param array $args { + * Optional. Array or string of Query parameters. Default empty array. + * + * @type int $blog_id The site ID. Default is the current site. + * @type array $links The tabs to include with (label|url|cap) keys. + * @type string $selected The ID of the selected link. + * } + */ +function network_edit_site_nav( $args = array() ) { + + /** + * Filters the links that appear on site-editing network pages. + * + * Default links: 'site-info', 'site-users', 'site-themes', and 'site-settings'. + * + * @since 4.6.0 + * + * @param array $links { + * An array of link data representing individual network admin pages. + * + * @type array $link_slug { + * An array of information about the individual link to a page. + * + * $type string $label Label to use for the link. + * $type string $url URL, relative to `network_admin_url()` to use for the link. + * $type string $cap Capability required to see the link. + * } + * } + */ + $links = apply_filters( + 'network_edit_site_nav_links', + array( + 'site-info' => array( + 'label' => __( 'Info' ), + 'url' => 'site-info.php', + 'cap' => 'manage_sites', + ), + 'site-users' => array( + 'label' => __( 'Users' ), + 'url' => 'site-users.php', + 'cap' => 'manage_sites', + ), + 'site-themes' => array( + 'label' => __( 'Themes' ), + 'url' => 'site-themes.php', + 'cap' => 'manage_sites', + ), + 'site-settings' => array( + 'label' => __( 'Settings' ), + 'url' => 'site-settings.php', + 'cap' => 'manage_sites', + ), + ) + ); + + // Parse arguments. + $parsed_args = wp_parse_args( + $args, + array( + 'blog_id' => isset( $_GET['blog_id'] ) ? (int) $_GET['blog_id'] : 0, + 'links' => $links, + 'selected' => 'site-info', + ) + ); + + // Setup the links array. + $screen_links = array(); + + // Loop through tabs. + foreach ( $parsed_args['links'] as $link_id => $link ) { + + // Skip link if user can't access. + if ( ! current_user_can( $link['cap'], $parsed_args['blog_id'] ) ) { + continue; + } + + // Link classes. + $classes = array( 'nav-tab' ); + + // Aria-current attribute. + $aria_current = ''; + + // Selected is set by the parent OR assumed by the $pagenow global. + if ( $parsed_args['selected'] === $link_id || $link['url'] === $GLOBALS['pagenow'] ) { + $classes[] = 'nav-tab-active'; + $aria_current = ' aria-current="page"'; + } + + // Escape each class. + $esc_classes = implode( ' ', $classes ); + + // Get the URL for this link. + $url = add_query_arg( array( 'id' => $parsed_args['blog_id'] ), network_admin_url( $link['url'] ) ); + + // Add link to nav links. + $screen_links[ $link_id ] = '<a href="' . esc_url( $url ) . '" id="' . esc_attr( $link_id ) . '" class="' . $esc_classes . '"' . $aria_current . '>' . esc_html( $link['label'] ) . '</a>'; + } + + // All done! + echo '<nav class="nav-tab-wrapper wp-clearfix" aria-label="' . esc_attr__( 'Secondary menu' ) . '">'; + echo implode( '', $screen_links ); + echo '</nav>'; +} + +/** + * Returns the arguments for the help tab on the Edit Site screens. + * + * @since 4.9.0 + * + * @return array Help tab arguments. + */ +function get_site_screen_help_tab_args() { + return array( + 'id' => 'overview', + 'title' => __( 'Overview' ), + 'content' => + '<p>' . __( 'The menu is for editing information specific to individual sites, particularly if the admin area of a site is unavailable.' ) . '</p>' . + '<p>' . __( '<strong>Info</strong> — The site URL is rarely edited as this can cause the site to not work properly. The Registered date and Last Updated date are displayed. Network admins can mark a site as archived, spam, deleted and mature, to remove from public listings or disable.' ) . '</p>' . + '<p>' . __( '<strong>Users</strong> — This displays the users associated with this site. You can also change their role, reset their password, or remove them from the site. Removing the user from the site does not remove the user from the network.' ) . '</p>' . + '<p>' . sprintf( + /* translators: %s: URL to Network Themes screen. */ + __( '<strong>Themes</strong> — This area shows themes that are not already enabled across the network. Enabling a theme in this menu makes it accessible to this site. It does not activate the theme, but allows it to show in the site’s Appearance menu. To enable a theme for the entire network, see the <a href="%s">Network Themes</a> screen.' ), + network_admin_url( 'themes.php' ) + ) . '</p>' . + '<p>' . __( '<strong>Settings</strong> — This page shows a list of all settings associated with this site. Some are created by WordPress and others are created by plugins you activate. Note that some fields are grayed out and say Serialized Data. You cannot modify these values due to the way the setting is stored in the database.' ) . '</p>', + ); +} + +/** + * Returns the content for the help sidebar on the Edit Site screens. + * + * @since 4.9.0 + * + * @return string Help sidebar content. + */ +function get_site_screen_help_sidebar_content() { + return '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . + '<p>' . __( '<a href="https://wordpress.org/documentation/article/network-admin-sites-screen/">Documentation on Site Management</a>' ) . '</p>' . + '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>'; +} diff --git a/wp-admin/includes/nav-menu.php b/wp-admin/includes/nav-menu.php new file mode 100644 index 0000000..704f031 --- /dev/null +++ b/wp-admin/includes/nav-menu.php @@ -0,0 +1,1552 @@ +<?php +/** + * Core Navigation Menu API + * + * @package WordPress + * @subpackage Nav_Menus + * @since 3.0.0 + */ + +/** Walker_Nav_Menu_Edit class */ +require_once ABSPATH . 'wp-admin/includes/class-walker-nav-menu-edit.php'; + +/** Walker_Nav_Menu_Checklist class */ +require_once ABSPATH . 'wp-admin/includes/class-walker-nav-menu-checklist.php'; + +/** + * Prints the appropriate response to a menu quick search. + * + * @since 3.0.0 + * + * @param array $request The unsanitized request values. + */ +function _wp_ajax_menu_quick_search( $request = array() ) { + $args = array(); + $type = isset( $request['type'] ) ? $request['type'] : ''; + $object_type = isset( $request['object_type'] ) ? $request['object_type'] : ''; + $query = isset( $request['q'] ) ? $request['q'] : ''; + $response_format = isset( $request['response-format'] ) ? $request['response-format'] : ''; + + if ( ! $response_format || ! in_array( $response_format, array( 'json', 'markup' ), true ) ) { + $response_format = 'json'; + } + + if ( 'markup' === $response_format ) { + $args['walker'] = new Walker_Nav_Menu_Checklist(); + } + + if ( 'get-post-item' === $type ) { + if ( post_type_exists( $object_type ) ) { + if ( isset( $request['ID'] ) ) { + $object_id = (int) $request['ID']; + + if ( 'markup' === $response_format ) { + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', array( get_post( $object_id ) ) ), + 0, + (object) $args + ); + } elseif ( 'json' === $response_format ) { + echo wp_json_encode( + array( + 'ID' => $object_id, + 'post_title' => get_the_title( $object_id ), + 'post_type' => get_post_type( $object_id ), + ) + ); + echo "\n"; + } + } + } elseif ( taxonomy_exists( $object_type ) ) { + if ( isset( $request['ID'] ) ) { + $object_id = (int) $request['ID']; + + if ( 'markup' === $response_format ) { + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', array( get_term( $object_id, $object_type ) ) ), + 0, + (object) $args + ); + } elseif ( 'json' === $response_format ) { + $post_obj = get_term( $object_id, $object_type ); + echo wp_json_encode( + array( + 'ID' => $object_id, + 'post_title' => $post_obj->name, + 'post_type' => $object_type, + ) + ); + echo "\n"; + } + } + } + } elseif ( preg_match( '/quick-search-(posttype|taxonomy)-([a-zA-Z_-]*\b)/', $type, $matches ) ) { + if ( 'posttype' === $matches[1] && get_post_type_object( $matches[2] ) ) { + $post_type_obj = _wp_nav_menu_meta_box_object( get_post_type_object( $matches[2] ) ); + $args = array_merge( + $args, + array( + 'no_found_rows' => true, + 'update_post_meta_cache' => false, + 'update_post_term_cache' => false, + 'posts_per_page' => 10, + 'post_type' => $matches[2], + 's' => $query, + ) + ); + + if ( isset( $post_type_obj->_default_query ) ) { + $args = array_merge( $args, (array) $post_type_obj->_default_query ); + } + + $search_results_query = new WP_Query( $args ); + if ( ! $search_results_query->have_posts() ) { + return; + } + + while ( $search_results_query->have_posts() ) { + $post = $search_results_query->next_post(); + + if ( 'markup' === $response_format ) { + $var_by_ref = $post->ID; + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', array( get_post( $var_by_ref ) ) ), + 0, + (object) $args + ); + } elseif ( 'json' === $response_format ) { + echo wp_json_encode( + array( + 'ID' => $post->ID, + 'post_title' => get_the_title( $post->ID ), + 'post_type' => $matches[2], + ) + ); + echo "\n"; + } + } + } elseif ( 'taxonomy' === $matches[1] ) { + $terms = get_terms( + array( + 'taxonomy' => $matches[2], + 'name__like' => $query, + 'number' => 10, + 'hide_empty' => false, + ) + ); + + if ( empty( $terms ) || is_wp_error( $terms ) ) { + return; + } + + foreach ( (array) $terms as $term ) { + if ( 'markup' === $response_format ) { + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', array( $term ) ), + 0, + (object) $args + ); + } elseif ( 'json' === $response_format ) { + echo wp_json_encode( + array( + 'ID' => $term->term_id, + 'post_title' => $term->name, + 'post_type' => $matches[2], + ) + ); + echo "\n"; + } + } + } + } +} + +/** + * Register nav menu meta boxes and advanced menu items. + * + * @since 3.0.0 + */ +function wp_nav_menu_setup() { + // Register meta boxes. + wp_nav_menu_post_type_meta_boxes(); + add_meta_box( + 'add-custom-links', + __( 'Custom Links' ), + 'wp_nav_menu_item_link_meta_box', + 'nav-menus', + 'side', + 'default' + ); + wp_nav_menu_taxonomy_meta_boxes(); + + // Register advanced menu items (columns). + add_filter( 'manage_nav-menus_columns', 'wp_nav_menu_manage_columns' ); + + // If first time editing, disable advanced items by default. + if ( false === get_user_option( 'managenav-menuscolumnshidden' ) ) { + $user = wp_get_current_user(); + update_user_meta( + $user->ID, + 'managenav-menuscolumnshidden', + array( + 0 => 'link-target', + 1 => 'css-classes', + 2 => 'xfn', + 3 => 'description', + 4 => 'title-attribute', + ) + ); + } +} + +/** + * Limit the amount of meta boxes to pages, posts, links, and categories for first time users. + * + * @since 3.0.0 + * + * @global array $wp_meta_boxes + */ +function wp_initial_nav_menu_meta_boxes() { + global $wp_meta_boxes; + + if ( get_user_option( 'metaboxhidden_nav-menus' ) !== false || ! is_array( $wp_meta_boxes ) ) { + return; + } + + $initial_meta_boxes = array( 'add-post-type-page', 'add-post-type-post', 'add-custom-links', 'add-category' ); + $hidden_meta_boxes = array(); + + foreach ( array_keys( $wp_meta_boxes['nav-menus'] ) as $context ) { + foreach ( array_keys( $wp_meta_boxes['nav-menus'][ $context ] ) as $priority ) { + foreach ( $wp_meta_boxes['nav-menus'][ $context ][ $priority ] as $box ) { + if ( in_array( $box['id'], $initial_meta_boxes, true ) ) { + unset( $box['id'] ); + } else { + $hidden_meta_boxes[] = $box['id']; + } + } + } + } + + $user = wp_get_current_user(); + update_user_meta( $user->ID, 'metaboxhidden_nav-menus', $hidden_meta_boxes ); +} + +/** + * Creates meta boxes for any post type menu item.. + * + * @since 3.0.0 + */ +function wp_nav_menu_post_type_meta_boxes() { + $post_types = get_post_types( array( 'show_in_nav_menus' => true ), 'object' ); + + if ( ! $post_types ) { + return; + } + + foreach ( $post_types as $post_type ) { + /** + * Filters whether a menu items meta box will be added for the current + * object type. + * + * If a falsey value is returned instead of an object, the menu items + * meta box for the current meta box object will not be added. + * + * @since 3.0.0 + * + * @param WP_Post_Type|false $post_type The current object to add a menu items + * meta box for. + */ + $post_type = apply_filters( 'nav_menu_meta_box_object', $post_type ); + + if ( $post_type ) { + $id = $post_type->name; + // Give pages a higher priority. + $priority = ( 'page' === $post_type->name ? 'core' : 'default' ); + add_meta_box( + "add-post-type-{$id}", + $post_type->labels->name, + 'wp_nav_menu_item_post_type_meta_box', + 'nav-menus', + 'side', + $priority, + $post_type + ); + } + } +} + +/** + * Creates meta boxes for any taxonomy menu item. + * + * @since 3.0.0 + */ +function wp_nav_menu_taxonomy_meta_boxes() { + $taxonomies = get_taxonomies( array( 'show_in_nav_menus' => true ), 'object' ); + + if ( ! $taxonomies ) { + return; + } + + foreach ( $taxonomies as $tax ) { + /** This filter is documented in wp-admin/includes/nav-menu.php */ + $tax = apply_filters( 'nav_menu_meta_box_object', $tax ); + + if ( $tax ) { + $id = $tax->name; + add_meta_box( + "add-{$id}", + $tax->labels->name, + 'wp_nav_menu_item_taxonomy_meta_box', + 'nav-menus', + 'side', + 'default', + $tax + ); + } + } +} + +/** + * Check whether to disable the Menu Locations meta box submit button and inputs. + * + * @since 3.6.0 + * @since 5.3.1 The `$display` parameter was added. + * + * @global bool $one_theme_location_no_menus to determine if no menus exist + * + * @param int|string $nav_menu_selected_id ID, name, or slug of the currently selected menu. + * @param bool $display Whether to display or just return the string. + * @return string|false Disabled attribute if at least one menu exists, false if not. + */ +function wp_nav_menu_disabled_check( $nav_menu_selected_id, $display = true ) { + global $one_theme_location_no_menus; + + if ( $one_theme_location_no_menus ) { + return false; + } + + return disabled( $nav_menu_selected_id, 0, $display ); +} + +/** + * Displays a meta box for the custom links menu item. + * + * @since 3.0.0 + * + * @global int $_nav_menu_placeholder + * @global int|string $nav_menu_selected_id + */ +function wp_nav_menu_item_link_meta_box() { + global $_nav_menu_placeholder, $nav_menu_selected_id; + + $_nav_menu_placeholder = 0 > $_nav_menu_placeholder ? $_nav_menu_placeholder - 1 : -1; + + ?> + <div class="customlinkdiv" id="customlinkdiv"> + <input type="hidden" value="custom" name="menu-item[<?php echo $_nav_menu_placeholder; ?>][menu-item-type]" /> + <p id="menu-item-url-wrap" class="wp-clearfix"> + <label class="howto" for="custom-menu-item-url"><?php _e( 'URL' ); ?></label> + <input id="custom-menu-item-url" name="menu-item[<?php echo $_nav_menu_placeholder; ?>][menu-item-url]" + type="text"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="code menu-item-textbox form-required" placeholder="https://" + /> + </p> + + <p id="menu-item-name-wrap" class="wp-clearfix"> + <label class="howto" for="custom-menu-item-name"><?php _e( 'Link Text' ); ?></label> + <input id="custom-menu-item-name" name="menu-item[<?php echo $_nav_menu_placeholder; ?>][menu-item-title]" + type="text"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="regular-text menu-item-textbox" + /> + </p> + + <p class="button-controls wp-clearfix"> + <span class="add-to-menu"> + <input id="submit-customlinkdiv" name="add-custom-menu-item" + type="submit"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="button submit-add-to-menu right" value="<?php esc_attr_e( 'Add to Menu' ); ?>" + /> + <span class="spinner"></span> + </span> + </p> + + </div><!-- /.customlinkdiv --> + <?php +} + +/** + * Displays a meta box for a post type menu item. + * + * @since 3.0.0 + * + * @global int $_nav_menu_placeholder + * @global int|string $nav_menu_selected_id + * + * @param string $data_object Not used. + * @param array $box { + * Post type menu item meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type WP_Post_Type $args Extra meta box arguments (the post type object for this meta box). + * } + */ +function wp_nav_menu_item_post_type_meta_box( $data_object, $box ) { + global $_nav_menu_placeholder, $nav_menu_selected_id; + + $post_type_name = $box['args']->name; + $post_type = get_post_type_object( $post_type_name ); + $tab_name = $post_type_name . '-tab'; + + // Paginate browsing for large numbers of post objects. + $per_page = 50; + $pagenum = isset( $_REQUEST[ $tab_name ] ) && isset( $_REQUEST['paged'] ) ? absint( $_REQUEST['paged'] ) : 1; + $offset = 0 < $pagenum ? $per_page * ( $pagenum - 1 ) : 0; + + $args = array( + 'offset' => $offset, + 'order' => 'ASC', + 'orderby' => 'title', + 'posts_per_page' => $per_page, + 'post_type' => $post_type_name, + 'suppress_filters' => true, + 'update_post_term_cache' => false, + 'update_post_meta_cache' => false, + ); + + if ( isset( $box['args']->_default_query ) ) { + $args = array_merge( $args, (array) $box['args']->_default_query ); + } + + /* + * If we're dealing with pages, let's prioritize the Front Page, + * Posts Page and Privacy Policy Page at the top of the list. + */ + $important_pages = array(); + if ( 'page' === $post_type_name ) { + $suppress_page_ids = array(); + + // Insert Front Page or custom Home link. + $front_page = 'page' === get_option( 'show_on_front' ) ? (int) get_option( 'page_on_front' ) : 0; + + $front_page_obj = null; + + if ( ! empty( $front_page ) ) { + $front_page_obj = get_post( $front_page ); + } + + if ( $front_page_obj ) { + $front_page_obj->front_or_home = true; + + $important_pages[] = $front_page_obj; + $suppress_page_ids[] = $front_page_obj->ID; + } else { + $_nav_menu_placeholder = ( 0 > $_nav_menu_placeholder ) ? (int) $_nav_menu_placeholder - 1 : -1; + $front_page_obj = (object) array( + 'front_or_home' => true, + 'ID' => 0, + 'object_id' => $_nav_menu_placeholder, + 'post_content' => '', + 'post_excerpt' => '', + 'post_parent' => '', + 'post_title' => _x( 'Home', 'nav menu home label' ), + 'post_type' => 'nav_menu_item', + 'type' => 'custom', + 'url' => home_url( '/' ), + ); + + $important_pages[] = $front_page_obj; + } + + // Insert Posts Page. + $posts_page = 'page' === get_option( 'show_on_front' ) ? (int) get_option( 'page_for_posts' ) : 0; + + if ( ! empty( $posts_page ) ) { + $posts_page_obj = get_post( $posts_page ); + + if ( $posts_page_obj ) { + $front_page_obj->posts_page = true; + + $important_pages[] = $posts_page_obj; + $suppress_page_ids[] = $posts_page_obj->ID; + } + } + + // Insert Privacy Policy Page. + $privacy_policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); + + if ( ! empty( $privacy_policy_page_id ) ) { + $privacy_policy_page = get_post( $privacy_policy_page_id ); + + if ( $privacy_policy_page instanceof WP_Post && 'publish' === $privacy_policy_page->post_status ) { + $privacy_policy_page->privacy_policy_page = true; + + $important_pages[] = $privacy_policy_page; + $suppress_page_ids[] = $privacy_policy_page->ID; + } + } + + // Add suppression array to arguments for WP_Query. + if ( ! empty( $suppress_page_ids ) ) { + $args['post__not_in'] = $suppress_page_ids; + } + } + + // @todo Transient caching of these results with proper invalidation on updating of a post of this type. + $get_posts = new WP_Query(); + $posts = $get_posts->query( $args ); + + // Only suppress and insert when more than just suppression pages available. + if ( ! $get_posts->post_count ) { + if ( ! empty( $suppress_page_ids ) ) { + unset( $args['post__not_in'] ); + $get_posts = new WP_Query(); + $posts = $get_posts->query( $args ); + } else { + echo '<p>' . __( 'No items.' ) . '</p>'; + return; + } + } elseif ( ! empty( $important_pages ) ) { + $posts = array_merge( $important_pages, $posts ); + } + + $num_pages = $get_posts->max_num_pages; + + $page_links = paginate_links( + array( + 'base' => add_query_arg( + array( + $tab_name => 'all', + 'paged' => '%#%', + 'item-type' => 'post_type', + 'item-object' => $post_type_name, + ) + ), + 'format' => '', + 'prev_text' => '<span aria-label="' . esc_attr__( 'Previous page' ) . '">' . __( '«' ) . '</span>', + 'next_text' => '<span aria-label="' . esc_attr__( 'Next page' ) . '">' . __( '»' ) . '</span>', + /* translators: Hidden accessibility text. */ + 'before_page_number' => '<span class="screen-reader-text">' . __( 'Page' ) . '</span> ', + 'total' => $num_pages, + 'current' => $pagenum, + ) + ); + + $db_fields = false; + if ( is_post_type_hierarchical( $post_type_name ) ) { + $db_fields = array( + 'parent' => 'post_parent', + 'id' => 'ID', + ); + } + + $walker = new Walker_Nav_Menu_Checklist( $db_fields ); + + $current_tab = 'most-recent'; + + if ( isset( $_REQUEST[ $tab_name ] ) && in_array( $_REQUEST[ $tab_name ], array( 'all', 'search' ), true ) ) { + $current_tab = $_REQUEST[ $tab_name ]; + } + + if ( ! empty( $_REQUEST[ "quick-search-posttype-{$post_type_name}" ] ) ) { + $current_tab = 'search'; + } + + $removed_args = array( + 'action', + 'customlink-tab', + 'edit-menu-item', + 'menu-item', + 'page-tab', + '_wpnonce', + ); + + $most_recent_url = ''; + $view_all_url = ''; + $search_url = ''; + + if ( $nav_menu_selected_id ) { + $most_recent_url = add_query_arg( $tab_name, 'most-recent', remove_query_arg( $removed_args ) ); + $view_all_url = add_query_arg( $tab_name, 'all', remove_query_arg( $removed_args ) ); + $search_url = add_query_arg( $tab_name, 'search', remove_query_arg( $removed_args ) ); + } + ?> + <div id="<?php echo esc_attr( "posttype-{$post_type_name}" ); ?>" class="posttypediv"> + <ul id="<?php echo esc_attr( "posttype-{$post_type_name}-tabs" ); ?>" class="posttype-tabs add-menu-item-tabs"> + <li <?php echo ( 'most-recent' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "tabs-panel-posttype-{$post_type_name}-most-recent" ); ?>" + href="<?php echo esc_url( $most_recent_url . "#tabs-panel-posttype-{$post_type_name}-most-recent" ); ?>" + > + <?php _e( 'Most Recent' ); ?> + </a> + </li> + <li <?php echo ( 'all' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "{$post_type_name}-all" ); ?>" + href="<?php echo esc_url( $view_all_url . "#{$post_type_name}-all" ); ?>" + > + <?php _e( 'View All' ); ?> + </a> + </li> + <li <?php echo ( 'search' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "tabs-panel-posttype-{$post_type_name}-search" ); ?>" + href="<?php echo esc_url( $search_url . "#tabs-panel-posttype-{$post_type_name}-search" ); ?>" + > + <?php _e( 'Search' ); ?> + </a> + </li> + </ul><!-- .posttype-tabs --> + + <div id="<?php echo esc_attr( "tabs-panel-posttype-{$post_type_name}-most-recent" ); ?>" + class="tabs-panel <?php echo ( 'most-recent' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php esc_attr_e( 'Most Recent' ); ?>" tabindex="0" + > + <ul id="<?php echo esc_attr( "{$post_type_name}checklist-most-recent" ); ?>" + class="categorychecklist form-no-clear" + > + <?php + $recent_args = array_merge( + $args, + array( + 'orderby' => 'post_date', + 'order' => 'DESC', + 'posts_per_page' => 15, + ) + ); + $most_recent = $get_posts->query( $recent_args ); + + $args['walker'] = $walker; + + /** + * Filters the posts displayed in the 'Most Recent' tab of the current + * post type's menu items meta box. + * + * The dynamic portion of the hook name, `$post_type_name`, refers to the post type name. + * + * Possible hook names include: + * + * - `nav_menu_items_post_recent` + * - `nav_menu_items_page_recent` + * + * @since 4.3.0 + * @since 4.9.0 Added the `$recent_args` parameter. + * + * @param WP_Post[] $most_recent An array of post objects being listed. + * @param array $args An array of `WP_Query` arguments for the meta box. + * @param array $box Arguments passed to `wp_nav_menu_item_post_type_meta_box()`. + * @param array $recent_args An array of `WP_Query` arguments for 'Most Recent' tab. + */ + $most_recent = apply_filters( + "nav_menu_items_{$post_type_name}_recent", + $most_recent, + $args, + $box, + $recent_args + ); + + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $most_recent ), + 0, + (object) $args + ); + ?> + </ul> + </div><!-- /.tabs-panel --> + + <div id="<?php echo esc_attr( "tabs-panel-posttype-{$post_type_name}-search" ); ?>" + class="tabs-panel <?php echo ( 'search' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php echo esc_attr( $post_type->labels->search_items ); ?>" tabindex="0" + > + <?php + if ( isset( $_REQUEST[ "quick-search-posttype-{$post_type_name}" ] ) ) { + $searched = esc_attr( $_REQUEST[ "quick-search-posttype-{$post_type_name}" ] ); + $search_results = get_posts( + array( + 's' => $searched, + 'post_type' => $post_type_name, + 'fields' => 'all', + 'order' => 'DESC', + ) + ); + } else { + $searched = ''; + $search_results = array(); + } + ?> + <p class="quick-search-wrap"> + <label for="<?php echo esc_attr( "quick-search-posttype-{$post_type_name}" ); ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search' ); + ?> + </label> + <input type="search"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="quick-search" value="<?php echo $searched; ?>" + name="<?php echo esc_attr( "quick-search-posttype-{$post_type_name}" ); ?>" + id="<?php echo esc_attr( "quick-search-posttype-{$post_type_name}" ); ?>" + /> + <span class="spinner"></span> + <?php + submit_button( + __( 'Search' ), + 'small quick-search-submit hide-if-js', + 'submit', + false, + array( 'id' => "submit-quick-search-posttype-{$post_type_name}" ) + ); + ?> + </p> + + <ul id="<?php echo esc_attr( "{$post_type_name}-search-checklist" ); ?>" + data-wp-lists="<?php echo esc_attr( "list:{$post_type_name}" ); ?>" + class="categorychecklist form-no-clear" + > + <?php if ( ! empty( $search_results ) && ! is_wp_error( $search_results ) ) : ?> + <?php + $args['walker'] = $walker; + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $search_results ), + 0, + (object) $args + ); + ?> + <?php elseif ( is_wp_error( $search_results ) ) : ?> + <li><?php echo $search_results->get_error_message(); ?></li> + <?php elseif ( ! empty( $searched ) ) : ?> + <li><?php _e( 'No results found.' ); ?></li> + <?php endif; ?> + </ul> + </div><!-- /.tabs-panel --> + + <div id="<?php echo esc_attr( "{$post_type_name}-all" ); ?>" + class="tabs-panel tabs-panel-view-all <?php echo ( 'all' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php echo esc_attr( $post_type->labels->all_items ); ?>" tabindex="0" + > + <?php if ( ! empty( $page_links ) ) : ?> + <div class="add-menu-item-pagelinks"> + <?php echo $page_links; ?> + </div> + <?php endif; ?> + + <ul id="<?php echo esc_attr( "{$post_type_name}checklist" ); ?>" + data-wp-lists="<?php echo esc_attr( "list:{$post_type_name}" ); ?>" + class="categorychecklist form-no-clear" + > + <?php + $args['walker'] = $walker; + + if ( $post_type->has_archive ) { + $_nav_menu_placeholder = ( 0 > $_nav_menu_placeholder ) ? (int) $_nav_menu_placeholder - 1 : -1; + array_unshift( + $posts, + (object) array( + 'ID' => 0, + 'object_id' => $_nav_menu_placeholder, + 'object' => $post_type_name, + 'post_content' => '', + 'post_excerpt' => '', + 'post_title' => $post_type->labels->archives, + 'post_type' => 'nav_menu_item', + 'type' => 'post_type_archive', + 'url' => get_post_type_archive_link( $post_type_name ), + ) + ); + } + + /** + * Filters the posts displayed in the 'View All' tab of the current + * post type's menu items meta box. + * + * The dynamic portion of the hook name, `$post_type_name`, refers + * to the slug of the current post type. + * + * Possible hook names include: + * + * - `nav_menu_items_post` + * - `nav_menu_items_page` + * + * @since 3.2.0 + * @since 4.6.0 Converted the `$post_type` parameter to accept a WP_Post_Type object. + * + * @see WP_Query::query() + * + * @param object[] $posts The posts for the current post type. Mostly `WP_Post` objects, but + * can also contain "fake" post objects to represent other menu items. + * @param array $args An array of `WP_Query` arguments. + * @param WP_Post_Type $post_type The current post type object for this menu item meta box. + */ + $posts = apply_filters( + "nav_menu_items_{$post_type_name}", + $posts, + $args, + $post_type + ); + + $checkbox_items = walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $posts ), + 0, + (object) $args + ); + + echo $checkbox_items; + ?> + </ul> + + <?php if ( ! empty( $page_links ) ) : ?> + <div class="add-menu-item-pagelinks"> + <?php echo $page_links; ?> + </div> + <?php endif; ?> + </div><!-- /.tabs-panel --> + + <p class="button-controls wp-clearfix" data-items-type="<?php echo esc_attr( "posttype-{$post_type_name}" ); ?>"> + <span class="list-controls hide-if-no-js"> + <input type="checkbox"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + id="<?php echo esc_attr( $tab_name ); ?>" class="select-all" + /> + <label for="<?php echo esc_attr( $tab_name ); ?>"><?php _e( 'Select All' ); ?></label> + </span> + + <span class="add-to-menu"> + <input type="submit"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="button submit-add-to-menu right" value="<?php esc_attr_e( 'Add to Menu' ); ?>" + name="add-post-type-menu-item" id="<?php echo esc_attr( "submit-posttype-{$post_type_name}" ); ?>" + /> + <span class="spinner"></span> + </span> + </p> + + </div><!-- /.posttypediv --> + <?php +} + +/** + * Displays a meta box for a taxonomy menu item. + * + * @since 3.0.0 + * + * @global int|string $nav_menu_selected_id + * + * @param string $data_object Not used. + * @param array $box { + * Taxonomy menu item meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $callback Meta box display callback. + * @type object $args Extra meta box arguments (the taxonomy object for this meta box). + * } + */ +function wp_nav_menu_item_taxonomy_meta_box( $data_object, $box ) { + global $nav_menu_selected_id; + + $taxonomy_name = $box['args']->name; + $taxonomy = get_taxonomy( $taxonomy_name ); + $tab_name = $taxonomy_name . '-tab'; + + // Paginate browsing for large numbers of objects. + $per_page = 50; + $pagenum = isset( $_REQUEST[ $tab_name ] ) && isset( $_REQUEST['paged'] ) ? absint( $_REQUEST['paged'] ) : 1; + $offset = 0 < $pagenum ? $per_page * ( $pagenum - 1 ) : 0; + + $args = array( + 'taxonomy' => $taxonomy_name, + 'child_of' => 0, + 'exclude' => '', + 'hide_empty' => false, + 'hierarchical' => 1, + 'include' => '', + 'number' => $per_page, + 'offset' => $offset, + 'order' => 'ASC', + 'orderby' => 'name', + 'pad_counts' => false, + ); + + $terms = get_terms( $args ); + + if ( ! $terms || is_wp_error( $terms ) ) { + echo '<p>' . __( 'No items.' ) . '</p>'; + return; + } + + $num_pages = ceil( + wp_count_terms( + array_merge( + $args, + array( + 'number' => '', + 'offset' => '', + ) + ) + ) / $per_page + ); + + $page_links = paginate_links( + array( + 'base' => add_query_arg( + array( + $tab_name => 'all', + 'paged' => '%#%', + 'item-type' => 'taxonomy', + 'item-object' => $taxonomy_name, + ) + ), + 'format' => '', + 'prev_text' => '<span aria-label="' . esc_attr__( 'Previous page' ) . '">' . __( '«' ) . '</span>', + 'next_text' => '<span aria-label="' . esc_attr__( 'Next page' ) . '">' . __( '»' ) . '</span>', + /* translators: Hidden accessibility text. */ + 'before_page_number' => '<span class="screen-reader-text">' . __( 'Page' ) . '</span> ', + 'total' => $num_pages, + 'current' => $pagenum, + ) + ); + + $db_fields = false; + if ( is_taxonomy_hierarchical( $taxonomy_name ) ) { + $db_fields = array( + 'parent' => 'parent', + 'id' => 'term_id', + ); + } + + $walker = new Walker_Nav_Menu_Checklist( $db_fields ); + + $current_tab = 'most-used'; + + if ( isset( $_REQUEST[ $tab_name ] ) && in_array( $_REQUEST[ $tab_name ], array( 'all', 'most-used', 'search' ), true ) ) { + $current_tab = $_REQUEST[ $tab_name ]; + } + + if ( ! empty( $_REQUEST[ "quick-search-taxonomy-{$taxonomy_name}" ] ) ) { + $current_tab = 'search'; + } + + $removed_args = array( + 'action', + 'customlink-tab', + 'edit-menu-item', + 'menu-item', + 'page-tab', + '_wpnonce', + ); + + $most_used_url = ''; + $view_all_url = ''; + $search_url = ''; + + if ( $nav_menu_selected_id ) { + $most_used_url = add_query_arg( $tab_name, 'most-used', remove_query_arg( $removed_args ) ); + $view_all_url = add_query_arg( $tab_name, 'all', remove_query_arg( $removed_args ) ); + $search_url = add_query_arg( $tab_name, 'search', remove_query_arg( $removed_args ) ); + } + ?> + <div id="<?php echo esc_attr( "taxonomy-{$taxonomy_name}" ); ?>" class="taxonomydiv"> + <ul id="<?php echo esc_attr( "taxonomy-{$taxonomy_name}-tabs" ); ?>" class="taxonomy-tabs add-menu-item-tabs"> + <li <?php echo ( 'most-used' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "tabs-panel-{$taxonomy_name}-pop" ); ?>" + href="<?php echo esc_url( $most_used_url . "#tabs-panel-{$taxonomy_name}-pop" ); ?>" + > + <?php echo esc_html( $taxonomy->labels->most_used ); ?> + </a> + </li> + <li <?php echo ( 'all' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "tabs-panel-{$taxonomy_name}-all" ); ?>" + href="<?php echo esc_url( $view_all_url . "#tabs-panel-{$taxonomy_name}-all" ); ?>" + > + <?php _e( 'View All' ); ?> + </a> + </li> + <li <?php echo ( 'search' === $current_tab ? ' class="tabs"' : '' ); ?>> + <a class="nav-tab-link" + data-type="<?php echo esc_attr( "tabs-panel-search-taxonomy-{$taxonomy_name}" ); ?>" + href="<?php echo esc_url( $search_url . "#tabs-panel-search-taxonomy-{$taxonomy_name}" ); ?>" + > + <?php _e( 'Search' ); ?> + </a> + </li> + </ul><!-- .taxonomy-tabs --> + + <div id="<?php echo esc_attr( "tabs-panel-{$taxonomy_name}-pop" ); ?>" + class="tabs-panel <?php echo ( 'most-used' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php echo esc_attr( $taxonomy->labels->most_used ); ?>" tabindex="0" + > + <ul id="<?php echo esc_attr( "{$taxonomy_name}checklist-pop" ); ?>" + class="categorychecklist form-no-clear" + > + <?php + $popular_terms = get_terms( + array( + 'taxonomy' => $taxonomy_name, + 'orderby' => 'count', + 'order' => 'DESC', + 'number' => 10, + 'hierarchical' => false, + ) + ); + + $args['walker'] = $walker; + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $popular_terms ), + 0, + (object) $args + ); + ?> + </ul> + </div><!-- /.tabs-panel --> + + <div id="<?php echo esc_attr( "tabs-panel-{$taxonomy_name}-all" ); ?>" + class="tabs-panel tabs-panel-view-all <?php echo ( 'all' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php echo esc_attr( $taxonomy->labels->all_items ); ?>" tabindex="0" + > + <?php if ( ! empty( $page_links ) ) : ?> + <div class="add-menu-item-pagelinks"> + <?php echo $page_links; ?> + </div> + <?php endif; ?> + + <ul id="<?php echo esc_attr( "{$taxonomy_name}checklist" ); ?>" + data-wp-lists="<?php echo esc_attr( "list:{$taxonomy_name}" ); ?>" + class="categorychecklist form-no-clear" + > + <?php + $args['walker'] = $walker; + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $terms ), + 0, + (object) $args + ); + ?> + </ul> + + <?php if ( ! empty( $page_links ) ) : ?> + <div class="add-menu-item-pagelinks"> + <?php echo $page_links; ?> + </div> + <?php endif; ?> + </div><!-- /.tabs-panel --> + + <div id="<?php echo esc_attr( "tabs-panel-search-taxonomy-{$taxonomy_name}" ); ?>" + class="tabs-panel <?php echo ( 'search' === $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive' ); ?>" + role="region" aria-label="<?php echo esc_attr( $taxonomy->labels->search_items ); ?>" tabindex="0"> + <?php + if ( isset( $_REQUEST[ "quick-search-taxonomy-{$taxonomy_name}" ] ) ) { + $searched = esc_attr( $_REQUEST[ "quick-search-taxonomy-{$taxonomy_name}" ] ); + $search_results = get_terms( + array( + 'taxonomy' => $taxonomy_name, + 'name__like' => $searched, + 'fields' => 'all', + 'orderby' => 'count', + 'order' => 'DESC', + 'hierarchical' => false, + ) + ); + } else { + $searched = ''; + $search_results = array(); + } + ?> + <p class="quick-search-wrap"> + <label for="<?php echo esc_attr( "quick-search-taxonomy-{$taxonomy_name}" ); ?>" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search' ); + ?> + </label> + <input type="search" + class="quick-search" value="<?php echo $searched; ?>" + name="<?php echo esc_attr( "quick-search-taxonomy-{$taxonomy_name}" ); ?>" + id="<?php echo esc_attr( "quick-search-taxonomy-{$taxonomy_name}" ); ?>" + /> + <span class="spinner"></span> + <?php + submit_button( + __( 'Search' ), + 'small quick-search-submit hide-if-js', + 'submit', + false, + array( 'id' => "submit-quick-search-taxonomy-{$taxonomy_name}" ) + ); + ?> + </p> + + <ul id="<?php echo esc_attr( "{$taxonomy_name}-search-checklist" ); ?>" + data-wp-lists="<?php echo esc_attr( "list:{$taxonomy_name}" ); ?>" + class="categorychecklist form-no-clear" + > + <?php if ( ! empty( $search_results ) && ! is_wp_error( $search_results ) ) : ?> + <?php + $args['walker'] = $walker; + echo walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $search_results ), + 0, + (object) $args + ); + ?> + <?php elseif ( is_wp_error( $search_results ) ) : ?> + <li><?php echo $search_results->get_error_message(); ?></li> + <?php elseif ( ! empty( $searched ) ) : ?> + <li><?php _e( 'No results found.' ); ?></li> + <?php endif; ?> + </ul> + </div><!-- /.tabs-panel --> + + <p class="button-controls wp-clearfix" data-items-type="<?php echo esc_attr( "taxonomy-{$taxonomy_name}" ); ?>"> + <span class="list-controls hide-if-no-js"> + <input type="checkbox"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + id="<?php echo esc_attr( $tab_name ); ?>" class="select-all" + /> + <label for="<?php echo esc_attr( $tab_name ); ?>"><?php _e( 'Select All' ); ?></label> + </span> + + <span class="add-to-menu"> + <input type="submit"<?php wp_nav_menu_disabled_check( $nav_menu_selected_id ); ?> + class="button submit-add-to-menu right" value="<?php esc_attr_e( 'Add to Menu' ); ?>" + name="add-taxonomy-menu-item" id="<?php echo esc_attr( "submit-taxonomy-{$taxonomy_name}" ); ?>" + /> + <span class="spinner"></span> + </span> + </p> + + </div><!-- /.taxonomydiv --> + <?php +} + +/** + * Save posted nav menu item data. + * + * @since 3.0.0 + * + * @param int $menu_id The menu ID for which to save this item. Value of 0 makes a draft, orphaned menu item. Default 0. + * @param array[] $menu_data The unsanitized POSTed menu item data. + * @return int[] The database IDs of the items saved + */ +function wp_save_nav_menu_items( $menu_id = 0, $menu_data = array() ) { + $menu_id = (int) $menu_id; + $items_saved = array(); + + if ( 0 === $menu_id || is_nav_menu( $menu_id ) ) { + + // Loop through all the menu items' POST values. + foreach ( (array) $menu_data as $_possible_db_id => $_item_object_data ) { + if ( + // Checkbox is not checked. + empty( $_item_object_data['menu-item-object-id'] ) && + ( + // And item type either isn't set. + ! isset( $_item_object_data['menu-item-type'] ) || + // Or URL is the default. + in_array( $_item_object_data['menu-item-url'], array( 'https://', 'http://', '' ), true ) || + // Or it's not a custom menu item (but not the custom home page). + ! ( 'custom' === $_item_object_data['menu-item-type'] && ! isset( $_item_object_data['menu-item-db-id'] ) ) || + // Or it *is* a custom menu item that already exists. + ! empty( $_item_object_data['menu-item-db-id'] ) + ) + ) { + // Then this potential menu item is not getting added to this menu. + continue; + } + + // If this possible menu item doesn't actually have a menu database ID yet. + if ( + empty( $_item_object_data['menu-item-db-id'] ) || + ( 0 > $_possible_db_id ) || + $_possible_db_id !== (int) $_item_object_data['menu-item-db-id'] + ) { + $_actual_db_id = 0; + } else { + $_actual_db_id = (int) $_item_object_data['menu-item-db-id']; + } + + $args = array( + 'menu-item-db-id' => ( isset( $_item_object_data['menu-item-db-id'] ) ? $_item_object_data['menu-item-db-id'] : '' ), + 'menu-item-object-id' => ( isset( $_item_object_data['menu-item-object-id'] ) ? $_item_object_data['menu-item-object-id'] : '' ), + 'menu-item-object' => ( isset( $_item_object_data['menu-item-object'] ) ? $_item_object_data['menu-item-object'] : '' ), + 'menu-item-parent-id' => ( isset( $_item_object_data['menu-item-parent-id'] ) ? $_item_object_data['menu-item-parent-id'] : '' ), + 'menu-item-position' => ( isset( $_item_object_data['menu-item-position'] ) ? $_item_object_data['menu-item-position'] : '' ), + 'menu-item-type' => ( isset( $_item_object_data['menu-item-type'] ) ? $_item_object_data['menu-item-type'] : '' ), + 'menu-item-title' => ( isset( $_item_object_data['menu-item-title'] ) ? $_item_object_data['menu-item-title'] : '' ), + 'menu-item-url' => ( isset( $_item_object_data['menu-item-url'] ) ? $_item_object_data['menu-item-url'] : '' ), + 'menu-item-description' => ( isset( $_item_object_data['menu-item-description'] ) ? $_item_object_data['menu-item-description'] : '' ), + 'menu-item-attr-title' => ( isset( $_item_object_data['menu-item-attr-title'] ) ? $_item_object_data['menu-item-attr-title'] : '' ), + 'menu-item-target' => ( isset( $_item_object_data['menu-item-target'] ) ? $_item_object_data['menu-item-target'] : '' ), + 'menu-item-classes' => ( isset( $_item_object_data['menu-item-classes'] ) ? $_item_object_data['menu-item-classes'] : '' ), + 'menu-item-xfn' => ( isset( $_item_object_data['menu-item-xfn'] ) ? $_item_object_data['menu-item-xfn'] : '' ), + ); + + $items_saved[] = wp_update_nav_menu_item( $menu_id, $_actual_db_id, $args ); + + } + } + + return $items_saved; +} + +/** + * Adds custom arguments to some of the meta box object types. + * + * @since 3.0.0 + * + * @access private + * + * @param object $data_object The post type or taxonomy meta-object. + * @return object The post type or taxonomy object. + */ +function _wp_nav_menu_meta_box_object( $data_object = null ) { + if ( isset( $data_object->name ) ) { + + if ( 'page' === $data_object->name ) { + $data_object->_default_query = array( + 'orderby' => 'menu_order title', + 'post_status' => 'publish', + ); + + // Posts should show only published items. + } elseif ( 'post' === $data_object->name ) { + $data_object->_default_query = array( + 'post_status' => 'publish', + ); + + // Categories should be in reverse chronological order. + } elseif ( 'category' === $data_object->name ) { + $data_object->_default_query = array( + 'orderby' => 'id', + 'order' => 'DESC', + ); + + // Custom post types should show only published items. + } else { + $data_object->_default_query = array( + 'post_status' => 'publish', + ); + } + } + + return $data_object; +} + +/** + * Returns the menu formatted to edit. + * + * @since 3.0.0 + * + * @param int $menu_id Optional. The ID of the menu to format. Default 0. + * @return string|WP_Error The menu formatted to edit or error object on failure. + */ +function wp_get_nav_menu_to_edit( $menu_id = 0 ) { + $menu = wp_get_nav_menu_object( $menu_id ); + + // If the menu exists, get its items. + if ( is_nav_menu( $menu ) ) { + $menu_items = wp_get_nav_menu_items( $menu->term_id, array( 'post_status' => 'any' ) ); + $result = '<div id="menu-instructions" class="post-body-plain'; + $result .= ( ! empty( $menu_items ) ) ? ' menu-instructions-inactive">' : '">'; + $result .= '<p>' . __( 'Add menu items from the column on the left.' ) . '</p>'; + $result .= '</div>'; + + if ( empty( $menu_items ) ) { + return $result . ' <ul class="menu" id="menu-to-edit"> </ul>'; + } + + /** + * Filters the Walker class used when adding nav menu items. + * + * @since 3.0.0 + * + * @param string $class The walker class to use. Default 'Walker_Nav_Menu_Edit'. + * @param int $menu_id ID of the menu being rendered. + */ + $walker_class_name = apply_filters( 'wp_edit_nav_menu_walker', 'Walker_Nav_Menu_Edit', $menu_id ); + + if ( class_exists( $walker_class_name ) ) { + $walker = new $walker_class_name(); + } else { + return new WP_Error( + 'menu_walker_not_exist', + sprintf( + /* translators: %s: Walker class name. */ + __( 'The Walker class named %s does not exist.' ), + '<strong>' . $walker_class_name . '</strong>' + ) + ); + } + + $some_pending_menu_items = false; + $some_invalid_menu_items = false; + + foreach ( (array) $menu_items as $menu_item ) { + if ( isset( $menu_item->post_status ) && 'draft' === $menu_item->post_status ) { + $some_pending_menu_items = true; + } + if ( ! empty( $menu_item->_invalid ) ) { + $some_invalid_menu_items = true; + } + } + + if ( $some_pending_menu_items ) { + $message = __( 'Click Save Menu to make pending menu items public.' ); + $notice_args = array( + 'type' => 'info', + 'additional_classes' => array( 'notice-alt', 'inline' ), + ); + $result .= wp_get_admin_notice( $message, $notice_args ); + } + + if ( $some_invalid_menu_items ) { + $message = __( 'There are some invalid menu items. Please check or delete them.' ); + $notice_args = array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline' ), + ); + $result .= wp_get_admin_notice( $message, $notice_args ); + } + + $result .= '<ul class="menu" id="menu-to-edit"> '; + $result .= walk_nav_menu_tree( + array_map( 'wp_setup_nav_menu_item', $menu_items ), + 0, + (object) array( 'walker' => $walker ) + ); + $result .= ' </ul> '; + + return $result; + } elseif ( is_wp_error( $menu ) ) { + return $menu; + } +} + +/** + * Returns the columns for the nav menus page. + * + * @since 3.0.0 + * + * @return string[] Array of column titles keyed by their column name. + */ +function wp_nav_menu_manage_columns() { + return array( + '_title' => __( 'Show advanced menu properties' ), + 'cb' => '<input type="checkbox" />', + 'link-target' => __( 'Link Target' ), + 'title-attribute' => __( 'Title Attribute' ), + 'css-classes' => __( 'CSS Classes' ), + 'xfn' => __( 'Link Relationship (XFN)' ), + 'description' => __( 'Description' ), + ); +} + +/** + * Deletes orphaned draft menu items + * + * @access private + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function _wp_delete_orphaned_draft_menu_items() { + global $wpdb; + + $delete_timestamp = time() - ( DAY_IN_SECONDS * EMPTY_TRASH_DAYS ); + + // Delete orphaned draft menu items. + $menu_items_to_delete = $wpdb->get_col( + $wpdb->prepare( + "SELECT ID FROM $wpdb->posts AS p + LEFT JOIN $wpdb->postmeta AS m ON p.ID = m.post_id + WHERE post_type = 'nav_menu_item' AND post_status = 'draft' + AND meta_key = '_menu_item_orphaned' AND meta_value < %d", + $delete_timestamp + ) + ); + + foreach ( (array) $menu_items_to_delete as $menu_item_id ) { + wp_delete_post( $menu_item_id, true ); + } +} + +/** + * Saves nav menu items. + * + * @since 3.6.0 + * + * @param int|string $nav_menu_selected_id ID, slug, or name of the currently-selected menu. + * @param string $nav_menu_selected_title Title of the currently-selected menu. + * @return string[] The menu updated messages. + */ +function wp_nav_menu_update_menu_items( $nav_menu_selected_id, $nav_menu_selected_title ) { + $unsorted_menu_items = wp_get_nav_menu_items( + $nav_menu_selected_id, + array( + 'orderby' => 'ID', + 'output' => ARRAY_A, + 'output_key' => 'ID', + 'post_status' => 'draft,publish', + ) + ); + + $messages = array(); + $menu_items = array(); + + // Index menu items by DB ID. + foreach ( $unsorted_menu_items as $_item ) { + $menu_items[ $_item->db_id ] = $_item; + } + + $post_fields = array( + 'menu-item-db-id', + 'menu-item-object-id', + 'menu-item-object', + 'menu-item-parent-id', + 'menu-item-position', + 'menu-item-type', + 'menu-item-title', + 'menu-item-url', + 'menu-item-description', + 'menu-item-attr-title', + 'menu-item-target', + 'menu-item-classes', + 'menu-item-xfn', + ); + + wp_defer_term_counting( true ); + + // Loop through all the menu items' POST variables. + if ( ! empty( $_POST['menu-item-db-id'] ) ) { + foreach ( (array) $_POST['menu-item-db-id'] as $_key => $k ) { + + // Menu item title can't be blank. + if ( ! isset( $_POST['menu-item-title'][ $_key ] ) || '' === $_POST['menu-item-title'][ $_key ] ) { + continue; + } + + $args = array(); + foreach ( $post_fields as $field ) { + $args[ $field ] = isset( $_POST[ $field ][ $_key ] ) ? $_POST[ $field ][ $_key ] : ''; + } + + $menu_item_db_id = wp_update_nav_menu_item( + $nav_menu_selected_id, + ( (int) $_POST['menu-item-db-id'][ $_key ] !== $_key ? 0 : $_key ), + $args + ); + + if ( is_wp_error( $menu_item_db_id ) ) { + $messages[] = wp_get_admin_notice( + $menu_item_db_id->get_error_message(), + array( + 'id' => 'message', + 'additional_classes' => array( 'error' ), + ) + ); + } else { + unset( $menu_items[ $menu_item_db_id ] ); + } + } + } + + // Remove menu items from the menu that weren't in $_POST. + if ( ! empty( $menu_items ) ) { + foreach ( array_keys( $menu_items ) as $menu_item_id ) { + if ( is_nav_menu_item( $menu_item_id ) ) { + wp_delete_post( $menu_item_id ); + } + } + } + + // Store 'auto-add' pages. + $auto_add = ! empty( $_POST['auto-add-pages'] ); + $nav_menu_option = (array) get_option( 'nav_menu_options' ); + + if ( ! isset( $nav_menu_option['auto_add'] ) ) { + $nav_menu_option['auto_add'] = array(); + } + + if ( $auto_add ) { + if ( ! in_array( $nav_menu_selected_id, $nav_menu_option['auto_add'], true ) ) { + $nav_menu_option['auto_add'][] = $nav_menu_selected_id; + } + } else { + $key = array_search( $nav_menu_selected_id, $nav_menu_option['auto_add'], true ); + if ( false !== $key ) { + unset( $nav_menu_option['auto_add'][ $key ] ); + } + } + + // Remove non-existent/deleted menus. + $nav_menu_option['auto_add'] = array_intersect( + $nav_menu_option['auto_add'], + wp_get_nav_menus( array( 'fields' => 'ids' ) ) + ); + + update_option( 'nav_menu_options', $nav_menu_option ); + + wp_defer_term_counting( false ); + + /** This action is documented in wp-includes/nav-menu.php */ + do_action( 'wp_update_nav_menu', $nav_menu_selected_id ); + + /* translators: %s: Nav menu title. */ + $message = sprintf( __( '%s has been updated.' ), '<strong>' . $nav_menu_selected_title . '</strong>' ); + $notice_args = array( + 'id' => 'message', + 'dismissible' => true, + 'additional_classes' => array( 'updated' ), + ); + + $messages[] = wp_get_admin_notice( $message, $notice_args ); + + unset( $menu_items, $unsorted_menu_items ); + + return $messages; +} + +/** + * If a JSON blob of navigation menu data is in POST data, expand it and inject + * it into `$_POST` to avoid PHP `max_input_vars` limitations. See #14134. + * + * @ignore + * @since 4.5.3 + * @access private + */ +function _wp_expand_nav_menu_post_data() { + if ( ! isset( $_POST['nav-menu-data'] ) ) { + return; + } + + $data = json_decode( stripslashes( $_POST['nav-menu-data'] ) ); + + if ( ! is_null( $data ) && $data ) { + foreach ( $data as $post_input_data ) { + /* + * For input names that are arrays (e.g. `menu-item-db-id[3][4][5]`), + * derive the array path keys via regex and set the value in $_POST. + */ + preg_match( '#([^\[]*)(\[(.+)\])?#', $post_input_data->name, $matches ); + + $array_bits = array( $matches[1] ); + + if ( isset( $matches[3] ) ) { + $array_bits = array_merge( $array_bits, explode( '][', $matches[3] ) ); + } + + $new_post_data = array(); + + // Build the new array value from leaf to trunk. + for ( $i = count( $array_bits ) - 1; $i >= 0; $i-- ) { + if ( count( $array_bits ) - 1 === $i ) { + $new_post_data[ $array_bits[ $i ] ] = wp_slash( $post_input_data->value ); + } else { + $new_post_data = array( $array_bits[ $i ] => $new_post_data ); + } + } + + $_POST = array_replace_recursive( $_POST, $new_post_data ); + } + } +} diff --git a/wp-admin/includes/network.php b/wp-admin/includes/network.php new file mode 100644 index 0000000..6a85b6f --- /dev/null +++ b/wp-admin/includes/network.php @@ -0,0 +1,760 @@ +<?php +/** + * WordPress Network Administration API. + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Check for an existing network. + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return string|false Base domain if network exists, otherwise false. + */ +function network_domain_check() { + global $wpdb; + + $sql = $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $wpdb->site ) ); + if ( $wpdb->get_var( $sql ) ) { + return $wpdb->get_var( "SELECT domain FROM $wpdb->site ORDER BY id ASC LIMIT 1" ); + } + return false; +} + +/** + * Allow subdomain installation + * + * @since 3.0.0 + * @return bool Whether subdomain installation is allowed + */ +function allow_subdomain_install() { + $domain = preg_replace( '|https?://([^/]+)|', '$1', get_option( 'home' ) ); + if ( parse_url( get_option( 'home' ), PHP_URL_PATH ) || 'localhost' === $domain || preg_match( '|^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$|', $domain ) ) { + return false; + } + + return true; +} + +/** + * Allow subdirectory installation. + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return bool Whether subdirectory installation is allowed + */ +function allow_subdirectory_install() { + global $wpdb; + + /** + * Filters whether to enable the subdirectory installation feature in Multisite. + * + * @since 3.0.0 + * + * @param bool $allow Whether to enable the subdirectory installation feature in Multisite. + * Default false. + */ + if ( apply_filters( 'allow_subdirectory_install', false ) ) { + return true; + } + + if ( defined( 'ALLOW_SUBDIRECTORY_INSTALL' ) && ALLOW_SUBDIRECTORY_INSTALL ) { + return true; + } + + $post = $wpdb->get_row( "SELECT ID FROM $wpdb->posts WHERE post_date < DATE_SUB(NOW(), INTERVAL 1 MONTH) AND post_status = 'publish'" ); + if ( empty( $post ) ) { + return true; + } + + return false; +} + +/** + * Get base domain of network. + * + * @since 3.0.0 + * @return string Base domain. + */ +function get_clean_basedomain() { + $existing_domain = network_domain_check(); + if ( $existing_domain ) { + return $existing_domain; + } + $domain = preg_replace( '|https?://|', '', get_option( 'siteurl' ) ); + $slash = strpos( $domain, '/' ); + if ( $slash ) { + $domain = substr( $domain, 0, $slash ); + } + return $domain; +} + +/** + * Prints step 1 for Network installation process. + * + * @todo Realistically, step 1 should be a welcome screen explaining what a Network is and such. + * Navigating to Tools > Network should not be a sudden "Welcome to a new install process! + * Fill this out and click here." See also contextual help todo. + * + * @since 3.0.0 + * + * @global bool $is_apache + * + * @param false|WP_Error $errors Optional. Error object. Default false. + */ +function network_step1( $errors = false ) { + global $is_apache; + + if ( defined( 'DO_NOT_UPGRADE_GLOBAL_TABLES' ) ) { + $cannot_define_constant_message = '<strong>' . __( 'Error:' ) . '</strong> '; + $cannot_define_constant_message .= sprintf( + /* translators: %s: DO_NOT_UPGRADE_GLOBAL_TABLES */ + __( 'The constant %s cannot be defined when creating a network.' ), + '<code>DO_NOT_UPGRADE_GLOBAL_TABLES</code>' + ); + + wp_admin_notice( + $cannot_define_constant_message, + array( + 'additional_classes' => array( 'error' ), + ) + ); + + echo '</div>'; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + die(); + } + + $active_plugins = get_option( 'active_plugins' ); + if ( ! empty( $active_plugins ) ) { + wp_admin_notice( + '<strong>' . __( 'Warning:' ) . '</strong> ' . sprintf( + /* translators: %s: URL to Plugins screen. */ + __( 'Please <a href="%s">deactivate your plugins</a> before enabling the Network feature.' ), + admin_url( 'plugins.php?plugin_status=active' ) + ), + array( 'type' => 'warning' ) + ); + echo '<p>' . __( 'Once the network is created, you may reactivate your plugins.' ) . '</p>'; + echo '</div>'; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + die(); + } + + $hostname = get_clean_basedomain(); + $has_ports = strstr( $hostname, ':' ); + if ( ( false !== $has_ports && ! in_array( $has_ports, array( ':80', ':443' ), true ) ) ) { + wp_admin_notice( + '<strong>' . __( 'Error:' ) . '</strong> ' . __( 'You cannot install a network of sites with your server address.' ), + array( + 'additional_classes' => array( 'error' ), + ) + ); + + echo '<p>' . sprintf( + /* translators: %s: Port number. */ + __( 'You cannot use port numbers such as %s.' ), + '<code>' . $has_ports . '</code>' + ) . '</p>'; + echo '<a href="' . esc_url( admin_url() ) . '">' . __( 'Go to Dashboard' ) . '</a>'; + echo '</div>'; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + die(); + } + + echo '<form method="post">'; + + wp_nonce_field( 'install-network-1' ); + + $error_codes = array(); + if ( is_wp_error( $errors ) ) { + $network_created_error_message = '<p><strong>' . __( 'Error: The network could not be created.' ) . '</strong></p>'; + foreach ( $errors->get_error_messages() as $error ) { + $network_created_error_message .= "<p>$error</p>"; + } + wp_admin_notice( + $network_created_error_message, + array( + 'additional_classes' => array( 'error' ), + 'paragraph_wrap' => false, + ) + ); + $error_codes = $errors->get_error_codes(); + } + + if ( ! empty( $_POST['sitename'] ) && ! in_array( 'empty_sitename', $error_codes, true ) ) { + $site_name = $_POST['sitename']; + } else { + /* translators: %s: Default network title. */ + $site_name = sprintf( __( '%s Sites' ), get_option( 'blogname' ) ); + } + + if ( ! empty( $_POST['email'] ) && ! in_array( 'invalid_email', $error_codes, true ) ) { + $admin_email = $_POST['email']; + } else { + $admin_email = get_option( 'admin_email' ); + } + ?> + <p><?php _e( 'Welcome to the Network installation process!' ); ?></p> + <p><?php _e( 'Fill in the information below and you’ll be on your way to creating a network of WordPress sites. Configuration files will be created in the next step.' ); ?></p> + <?php + + if ( isset( $_POST['subdomain_install'] ) ) { + $subdomain_install = (bool) $_POST['subdomain_install']; + } elseif ( apache_mod_loaded( 'mod_rewrite' ) ) { // Assume nothing. + $subdomain_install = true; + } elseif ( ! allow_subdirectory_install() ) { + $subdomain_install = true; + } else { + $subdomain_install = false; + $got_mod_rewrite = got_mod_rewrite(); + if ( $got_mod_rewrite ) { // Dangerous assumptions. + $message_class = 'updated'; + $message = '<p><strong>' . __( 'Warning:' ) . '</strong> '; + $message .= '<p>' . sprintf( + /* translators: %s: mod_rewrite */ + __( 'Please make sure the Apache %s module is installed as it will be used at the end of this installation.' ), + '<code>mod_rewrite</code>' + ) . '</p>'; + } elseif ( $is_apache ) { + $message_class = 'error'; + $message = '<p><strong>' . __( 'Warning:' ) . '</strong> '; + $message .= sprintf( + /* translators: %s: mod_rewrite */ + __( 'It looks like the Apache %s module is not installed.' ), + '<code>mod_rewrite</code>' + ) . '</p>'; + } + + if ( $got_mod_rewrite || $is_apache ) { // Protect against mod_rewrite mimicry (but ! Apache). + $message .= '<p>' . sprintf( + /* translators: 1: mod_rewrite, 2: mod_rewrite documentation URL, 3: Google search for mod_rewrite. */ + __( 'If %1$s is disabled, ask your administrator to enable that module, or look at the <a href="%2$s">Apache documentation</a> or <a href="%3$s">elsewhere</a> for help setting it up.' ), + '<code>mod_rewrite</code>', + 'https://httpd.apache.org/docs/mod/mod_rewrite.html', + 'https://www.google.com/search?q=apache+mod_rewrite' + ) . '</p>'; + + wp_admin_notice( + $message, + array( + 'additional_classes' => array( $message_class, 'inline' ), + 'paragraph_wrap' => false, + ) + ); + } + } + + if ( allow_subdomain_install() && allow_subdirectory_install() ) : + ?> + <h3><?php esc_html_e( 'Addresses of Sites in your Network' ); ?></h3> + <p><?php _e( 'Please choose whether you would like sites in your WordPress network to use sub-domains or sub-directories.' ); ?> + <strong><?php _e( 'You cannot change this later.' ); ?></strong></p> + <p><?php _e( 'You will need a wildcard DNS record if you are going to use the virtual host (sub-domain) functionality.' ); ?></p> + <?php // @todo Link to an MS readme? ?> + <table class="form-table" role="presentation"> + <tr> + <th><label><input type="radio" name="subdomain_install" value="1"<?php checked( $subdomain_install ); ?> /> <?php _e( 'Sub-domains' ); ?></label></th> + <td> + <?php + printf( + /* translators: 1: Host name. */ + _x( 'like <code>site1.%1$s</code> and <code>site2.%1$s</code>', 'subdomain examples' ), + $hostname + ); + ?> + </td> + </tr> + <tr> + <th><label><input type="radio" name="subdomain_install" value="0"<?php checked( ! $subdomain_install ); ?> /> <?php _e( 'Sub-directories' ); ?></label></th> + <td> + <?php + printf( + /* translators: 1: Host name. */ + _x( 'like <code>%1$s/site1</code> and <code>%1$s/site2</code>', 'subdirectory examples' ), + $hostname + ); + ?> + </td> + </tr> + </table> + + <?php + endif; + + if ( WP_CONTENT_DIR !== ABSPATH . 'wp-content' && ( allow_subdirectory_install() || ! allow_subdomain_install() ) ) { + $subdirectory_warning_message = '<strong>' . __( 'Warning:' ) . '</strong> '; + $subdirectory_warning_message .= __( 'Subdirectory networks may not be fully compatible with custom wp-content directories.' ); + wp_admin_notice( + $subdirectory_warning_message, + array( + 'additional_classes' => array( 'error', 'inline' ), + ) + ); + } + + $is_www = str_starts_with( $hostname, 'www.' ); + if ( $is_www ) : + ?> + <h3><?php esc_html_e( 'Server Address' ); ?></h3> + <p> + <?php + printf( + /* translators: 1: Site URL, 2: Host name, 3: www. */ + __( 'You should consider changing your site domain to %1$s before enabling the network feature. It will still be possible to visit your site using the %3$s prefix with an address like %2$s but any links will not have the %3$s prefix.' ), + '<code>' . substr( $hostname, 4 ) . '</code>', + '<code>' . $hostname . '</code>', + '<code>www</code>' + ); + ?> + </p> + <table class="form-table" role="presentation"> + <tr> + <th scope='row'><?php esc_html_e( 'Server Address' ); ?></th> + <td> + <?php + printf( + /* translators: %s: Host name. */ + __( 'The internet address of your network will be %s.' ), + '<code>' . $hostname . '</code>' + ); + ?> + </td> + </tr> + </table> + <?php endif; ?> + + <h3><?php esc_html_e( 'Network Details' ); ?></h3> + <table class="form-table" role="presentation"> + <?php if ( 'localhost' === $hostname ) : ?> + <tr> + <th scope="row"><?php esc_html_e( 'Sub-directory Installation' ); ?></th> + <td> + <?php + printf( + /* translators: 1: localhost, 2: localhost.localdomain */ + __( 'Because you are using %1$s, the sites in your WordPress network must use sub-directories. Consider using %2$s if you wish to use sub-domains.' ), + '<code>localhost</code>', + '<code>localhost.localdomain</code>' + ); + // Uh oh: + if ( ! allow_subdirectory_install() ) { + echo ' <strong>' . __( 'Warning:' ) . ' ' . __( 'The main site in a sub-directory installation will need to use a modified permalink structure, potentially breaking existing links.' ) . '</strong>'; + } + ?> + </td> + </tr> + <?php elseif ( ! allow_subdomain_install() ) : ?> + <tr> + <th scope="row"><?php esc_html_e( 'Sub-directory Installation' ); ?></th> + <td> + <?php + _e( 'Because your installation is in a directory, the sites in your WordPress network must use sub-directories.' ); + // Uh oh: + if ( ! allow_subdirectory_install() ) { + echo ' <strong>' . __( 'Warning:' ) . ' ' . __( 'The main site in a sub-directory installation will need to use a modified permalink structure, potentially breaking existing links.' ) . '</strong>'; + } + ?> + </td> + </tr> + <?php elseif ( ! allow_subdirectory_install() ) : ?> + <tr> + <th scope="row"><?php esc_html_e( 'Sub-domain Installation' ); ?></th> + <td> + <?php + _e( 'Because your installation is not new, the sites in your WordPress network must use sub-domains.' ); + echo ' <strong>' . __( 'The main site in a sub-directory installation will need to use a modified permalink structure, potentially breaking existing links.' ) . '</strong>'; + ?> + </td> + </tr> + <?php endif; ?> + <?php if ( ! $is_www ) : ?> + <tr> + <th scope='row'><?php esc_html_e( 'Server Address' ); ?></th> + <td> + <?php + printf( + /* translators: %s: Host name. */ + __( 'The internet address of your network will be %s.' ), + '<code>' . $hostname . '</code>' + ); + ?> + </td> + </tr> + <?php endif; ?> + <tr> + <th scope='row'><label for="sitename"><?php esc_html_e( 'Network Title' ); ?></label></th> + <td> + <input name='sitename' id='sitename' type='text' size='45' value='<?php echo esc_attr( $site_name ); ?>' /> + <p class="description"> + <?php _e( 'What would you like to call your network?' ); ?> + </p> + </td> + </tr> + <tr> + <th scope='row'><label for="email"><?php esc_html_e( 'Network Admin Email' ); ?></label></th> + <td> + <input name='email' id='email' type='text' size='45' value='<?php echo esc_attr( $admin_email ); ?>' /> + <p class="description"> + <?php _e( 'Your email address.' ); ?> + </p> + </td> + </tr> + </table> + <?php submit_button( __( 'Install' ), 'primary', 'submit' ); ?> + </form> + <?php +} + +/** + * Prints step 2 for Network installation process. + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global bool $is_nginx Whether the server software is Nginx or something else. + * + * @param false|WP_Error $errors Optional. Error object. Default false. + */ +function network_step2( $errors = false ) { + global $wpdb, $is_nginx; + + $hostname = get_clean_basedomain(); + $slashed_home = trailingslashit( get_option( 'home' ) ); + $base = parse_url( $slashed_home, PHP_URL_PATH ); + $document_root_fix = str_replace( '\\', '/', realpath( $_SERVER['DOCUMENT_ROOT'] ) ); + $abspath_fix = str_replace( '\\', '/', ABSPATH ); + $home_path = str_starts_with( $abspath_fix, $document_root_fix ) ? $document_root_fix . $base : get_home_path(); + $wp_siteurl_subdir = preg_replace( '#^' . preg_quote( $home_path, '#' ) . '#', '', $abspath_fix ); + $rewrite_base = ! empty( $wp_siteurl_subdir ) ? ltrim( trailingslashit( $wp_siteurl_subdir ), '/' ) : ''; + + $location_of_wp_config = $abspath_fix; + if ( ! file_exists( ABSPATH . 'wp-config.php' ) && file_exists( dirname( ABSPATH ) . '/wp-config.php' ) ) { + $location_of_wp_config = dirname( $abspath_fix ); + } + $location_of_wp_config = trailingslashit( $location_of_wp_config ); + + // Wildcard DNS message. + if ( is_wp_error( $errors ) ) { + wp_admin_notice( + $errors->get_error_message(), + array( + 'additional_classes' => array( 'error' ), + ) + ); + } + + if ( $_POST ) { + if ( allow_subdomain_install() ) { + $subdomain_install = allow_subdirectory_install() ? ! empty( $_POST['subdomain_install'] ) : true; + } else { + $subdomain_install = false; + } + } else { + if ( is_multisite() ) { + $subdomain_install = is_subdomain_install(); + ?> + <p><?php _e( 'The original configuration steps are shown here for reference.' ); ?></p> + <?php + } else { + $subdomain_install = (bool) $wpdb->get_var( "SELECT meta_value FROM $wpdb->sitemeta WHERE site_id = 1 AND meta_key = 'subdomain_install'" ); + + wp_admin_notice( + '<strong>' . __( 'Warning:' ) . '</strong> ' . __( 'An existing WordPress network was detected.' ), + array( + 'additional_classes' => array( 'error' ), + ) + ); + ?> + <p><?php _e( 'Please complete the configuration steps. To create a new network, you will need to empty or remove the network database tables.' ); ?></p> + <?php + } + } + + $subdir_match = $subdomain_install ? '' : '([_0-9a-zA-Z-]+/)?'; + $subdir_replacement_01 = $subdomain_install ? '' : '$1'; + $subdir_replacement_12 = $subdomain_install ? '$1' : '$2'; + + if ( $_POST || ! is_multisite() ) { + ?> + <h3><?php esc_html_e( 'Enabling the Network' ); ?></h3> + <p><?php _e( 'Complete the following steps to enable the features for creating a network of sites.' ); ?></p> + <?php + $notice_message = '<strong>' . __( 'Caution:' ) . '</strong> '; + $notice_args = array( + 'type' => 'warning', + 'additional_classes' => array( 'inline' ), + ); + + if ( file_exists( $home_path . '.htaccess' ) ) { + $notice_message .= sprintf( + /* translators: 1: wp-config.php, 2: .htaccess */ + __( 'You should back up your existing %1$s and %2$s files.' ), + '<code>wp-config.php</code>', + '<code>.htaccess</code>' + ); + } elseif ( file_exists( $home_path . 'web.config' ) ) { + $notice_message .= sprintf( + /* translators: 1: wp-config.php, 2: web.config */ + __( 'You should back up your existing %1$s and %2$s files.' ), + '<code>wp-config.php</code>', + '<code>web.config</code>' + ); + } else { + $notice_message .= sprintf( + /* translators: %s: wp-config.php */ + __( 'You should back up your existing %s file.' ), + '<code>wp-config.php</code>' + ); + } + + wp_admin_notice( $notice_message, $notice_args ); + } + ?> + <ol> + <li><p id="network-wpconfig-rules-description"> + <?php + printf( + /* translators: 1: wp-config.php, 2: Location of wp-config file, 3: Translated version of "That's all, stop editing! Happy publishing." */ + __( 'Add the following to your %1$s file in %2$s <strong>above</strong> the line reading %3$s:' ), + '<code>wp-config.php</code>', + '<code>' . $location_of_wp_config . '</code>', + /* + * translators: This string should only be translated if wp-config-sample.php is localized. + * You can check the localized release package or + * https://i18n.svn.wordpress.org/<locale code>/branches/<wp version>/dist/wp-config-sample.php + */ + '<code>/* ' . __( 'That’s all, stop editing! Happy publishing.' ) . ' */</code>' + ); + ?> + </p> + <p class="configuration-rules-label"><label for="network-wpconfig-rules"> + <?php + printf( + /* translators: %s: File name (wp-config.php, .htaccess or web.config). */ + __( 'Network configuration rules for %s' ), + '<code>wp-config.php</code>' + ); + ?> + </label></p> + <textarea id="network-wpconfig-rules" class="code" readonly="readonly" cols="100" rows="7" aria-describedby="network-wpconfig-rules-description"> +define( 'MULTISITE', true ); +define( 'SUBDOMAIN_INSTALL', <?php echo $subdomain_install ? 'true' : 'false'; ?> ); +define( 'DOMAIN_CURRENT_SITE', '<?php echo $hostname; ?>' ); +define( 'PATH_CURRENT_SITE', '<?php echo $base; ?>' ); +define( 'SITE_ID_CURRENT_SITE', 1 ); +define( 'BLOG_ID_CURRENT_SITE', 1 ); +</textarea> + <?php + $keys_salts = array( + 'AUTH_KEY' => '', + 'SECURE_AUTH_KEY' => '', + 'LOGGED_IN_KEY' => '', + 'NONCE_KEY' => '', + 'AUTH_SALT' => '', + 'SECURE_AUTH_SALT' => '', + 'LOGGED_IN_SALT' => '', + 'NONCE_SALT' => '', + ); + foreach ( $keys_salts as $c => $v ) { + if ( defined( $c ) ) { + unset( $keys_salts[ $c ] ); + } + } + + if ( ! empty( $keys_salts ) ) { + $keys_salts_str = ''; + $from_api = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' ); + if ( is_wp_error( $from_api ) ) { + foreach ( $keys_salts as $c => $v ) { + $keys_salts_str .= "\ndefine( '$c', '" . wp_generate_password( 64, true, true ) . "' );"; + } + } else { + $from_api = explode( "\n", wp_remote_retrieve_body( $from_api ) ); + foreach ( $keys_salts as $c => $v ) { + $keys_salts_str .= "\ndefine( '$c', '" . substr( array_shift( $from_api ), 28, 64 ) . "' );"; + } + } + $num_keys_salts = count( $keys_salts ); + ?> + <p id="network-wpconfig-authentication-description"> + <?php + if ( 1 === $num_keys_salts ) { + printf( + /* translators: %s: wp-config.php */ + __( 'This unique authentication key is also missing from your %s file.' ), + '<code>wp-config.php</code>' + ); + } else { + printf( + /* translators: %s: wp-config.php */ + __( 'These unique authentication keys are also missing from your %s file.' ), + '<code>wp-config.php</code>' + ); + } + ?> + <?php _e( 'To make your installation more secure, you should also add:' ); ?> + </p> + <p class="configuration-rules-label"><label for="network-wpconfig-authentication"><?php _e( 'Network configuration authentication keys' ); ?></label></p> + <textarea id="network-wpconfig-authentication" class="code" readonly="readonly" cols="100" rows="<?php echo $num_keys_salts; ?>" aria-describedby="network-wpconfig-authentication-description"><?php echo esc_textarea( $keys_salts_str ); ?></textarea> + <?php + } + ?> + </li> + <?php + if ( iis7_supports_permalinks() ) : + // IIS doesn't support RewriteBase, all your RewriteBase are belong to us. + $iis_subdir_match = ltrim( $base, '/' ) . $subdir_match; + $iis_rewrite_base = ltrim( $base, '/' ) . $rewrite_base; + $iis_subdir_replacement = $subdomain_install ? '' : '{R:1}'; + + $web_config_file = '<?xml version="1.0" encoding="UTF-8"?> +<configuration> + <system.webServer> + <rewrite> + <rules> + <rule name="WordPress Rule 1" stopProcessing="true"> + <match url="^index\.php$" ignoreCase="false" /> + <action type="None" /> + </rule>'; + if ( is_multisite() && get_site_option( 'ms_files_rewriting' ) ) { + $web_config_file .= ' + <rule name="WordPress Rule for Files" stopProcessing="true"> + <match url="^' . $iis_subdir_match . 'files/(.+)" ignoreCase="false" /> + <action type="Rewrite" url="' . $iis_rewrite_base . WPINC . '/ms-files.php?file={R:1}" appendQueryString="false" /> + </rule>'; + } + $web_config_file .= ' + <rule name="WordPress Rule 2" stopProcessing="true"> + <match url="^' . $iis_subdir_match . 'wp-admin$" ignoreCase="false" /> + <action type="Redirect" url="' . $iis_subdir_replacement . 'wp-admin/" redirectType="Permanent" /> + </rule> + <rule name="WordPress Rule 3" stopProcessing="true"> + <match url="^" ignoreCase="false" /> + <conditions logicalGrouping="MatchAny"> + <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" /> + <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" /> + </conditions> + <action type="None" /> + </rule> + <rule name="WordPress Rule 4" stopProcessing="true"> + <match url="^' . $iis_subdir_match . '(wp-(content|admin|includes).*)" ignoreCase="false" /> + <action type="Rewrite" url="' . $iis_rewrite_base . '{R:1}" /> + </rule> + <rule name="WordPress Rule 5" stopProcessing="true"> + <match url="^' . $iis_subdir_match . '([_0-9a-zA-Z-]+/)?(.*\.php)$" ignoreCase="false" /> + <action type="Rewrite" url="' . $iis_rewrite_base . '{R:2}" /> + </rule> + <rule name="WordPress Rule 6" stopProcessing="true"> + <match url="." ignoreCase="false" /> + <action type="Rewrite" url="index.php" /> + </rule> + </rules> + </rewrite> + </system.webServer> +</configuration> +'; + + echo '<li><p id="network-webconfig-rules-description">'; + printf( + /* translators: 1: File name (.htaccess or web.config), 2: File path. */ + __( 'Add the following to your %1$s file in %2$s, <strong>replacing</strong> other WordPress rules:' ), + '<code>web.config</code>', + '<code>' . $home_path . '</code>' + ); + echo '</p>'; + if ( ! $subdomain_install && WP_CONTENT_DIR !== ABSPATH . 'wp-content' ) { + echo '<p><strong>' . __( 'Warning:' ) . ' ' . __( 'Subdirectory networks may not be fully compatible with custom wp-content directories.' ) . '</strong></p>'; + } + ?> + <p class="configuration-rules-label"><label for="network-webconfig-rules"> + <?php + printf( + /* translators: %s: File name (wp-config.php, .htaccess or web.config). */ + __( 'Network configuration rules for %s' ), + '<code>web.config</code>' + ); + ?> + </label></p> + <textarea id="network-webconfig-rules" class="code" readonly="readonly" cols="100" rows="20" aria-describedby="network-webconfig-rules-description"><?php echo esc_textarea( $web_config_file ); ?></textarea> + </li> + </ol> + + <?php + elseif ( $is_nginx ) : // End iis7_supports_permalinks(). Link to Nginx documentation instead: + + echo '<li><p>'; + printf( + /* translators: %s: Documentation URL. */ + __( 'It seems your network is running with Nginx web server. <a href="%s">Learn more about further configuration</a>.' ), + __( 'https://wordpress.org/documentation/article/nginx/' ) + ); + echo '</p></li>'; + + else : // End $is_nginx. Construct an .htaccess file instead: + + $ms_files_rewriting = ''; + if ( is_multisite() && get_site_option( 'ms_files_rewriting' ) ) { + $ms_files_rewriting = "\n# uploaded files\nRewriteRule ^"; + $ms_files_rewriting .= $subdir_match . "files/(.+) {$rewrite_base}" . WPINC . "/ms-files.php?file={$subdir_replacement_12} [L]" . "\n"; + } + + $htaccess_file = <<<EOF +RewriteEngine On +RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] +RewriteBase {$base} +RewriteRule ^index\.php$ - [L] +{$ms_files_rewriting} +# add a trailing slash to /wp-admin +RewriteRule ^{$subdir_match}wp-admin$ {$subdir_replacement_01}wp-admin/ [R=301,L] + +RewriteCond %{REQUEST_FILENAME} -f [OR] +RewriteCond %{REQUEST_FILENAME} -d +RewriteRule ^ - [L] +RewriteRule ^{$subdir_match}(wp-(content|admin|includes).*) {$rewrite_base}{$subdir_replacement_12} [L] +RewriteRule ^{$subdir_match}(.*\.php)$ {$rewrite_base}$subdir_replacement_12 [L] +RewriteRule . index.php [L] + +EOF; + + echo '<li><p id="network-htaccess-rules-description">'; + printf( + /* translators: 1: File name (.htaccess or web.config), 2: File path. */ + __( 'Add the following to your %1$s file in %2$s, <strong>replacing</strong> other WordPress rules:' ), + '<code>.htaccess</code>', + '<code>' . $home_path . '</code>' + ); + echo '</p>'; + if ( ! $subdomain_install && WP_CONTENT_DIR !== ABSPATH . 'wp-content' ) { + echo '<p><strong>' . __( 'Warning:' ) . ' ' . __( 'Subdirectory networks may not be fully compatible with custom wp-content directories.' ) . '</strong></p>'; + } + ?> + <p class="configuration-rules-label"><label for="network-htaccess-rules"> + <?php + printf( + /* translators: %s: File name (wp-config.php, .htaccess or web.config). */ + __( 'Network configuration rules for %s' ), + '<code>.htaccess</code>' + ); + ?> + </label></p> + <textarea id="network-htaccess-rules" class="code" readonly="readonly" cols="100" rows="<?php echo substr_count( $htaccess_file, "\n" ) + 1; ?>" aria-describedby="network-htaccess-rules-description"><?php echo esc_textarea( $htaccess_file ); ?></textarea> + </li> + </ol> + + <?php + endif; // End IIS/Nginx/Apache code branches. + + if ( ! is_multisite() ) { + ?> + <p><?php _e( 'Once you complete these steps, your network is enabled and configured. You will have to log in again.' ); ?> <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log In' ); ?></a></p> + <?php + } +} diff --git a/wp-admin/includes/noop.php b/wp-admin/includes/noop.php new file mode 100644 index 0000000..39dc970 --- /dev/null +++ b/wp-admin/includes/noop.php @@ -0,0 +1,113 @@ +<?php +/** + * Noop functions for load-scripts.php and load-styles.php. + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * @ignore + */ +function __() {} + +/** + * @ignore + */ +function _x() {} + +/** + * @ignore + */ +function add_filter() {} + +/** + * @ignore + */ +function has_filter() { + return false; +} + +/** + * @ignore + */ +function esc_attr() {} + +/** + * @ignore + */ +function apply_filters() {} + +/** + * @ignore + */ +function get_option() {} + +/** + * @ignore + */ +function is_lighttpd_before_150() {} + +/** + * @ignore + */ +function add_action() {} + +/** + * @ignore + */ +function did_action() {} + +/** + * @ignore + */ +function do_action_ref_array() {} + +/** + * @ignore + */ +function get_bloginfo() {} + +/** + * @ignore + */ +function is_admin() { + return true; +} + +/** + * @ignore + */ +function site_url() {} + +/** + * @ignore + */ +function admin_url() {} + +/** + * @ignore + */ +function home_url() {} + +/** + * @ignore + */ +function includes_url() {} + +/** + * @ignore + */ +function wp_guess_url() {} + +function get_file( $path ) { + + $path = realpath( $path ); + + if ( ! $path || ! @is_file( $path ) ) { + return ''; + } + + return @file_get_contents( $path ); +} diff --git a/wp-admin/includes/options.php b/wp-admin/includes/options.php new file mode 100644 index 0000000..816313c --- /dev/null +++ b/wp-admin/includes/options.php @@ -0,0 +1,136 @@ +<?php +/** + * WordPress Options Administration API. + * + * @package WordPress + * @subpackage Administration + * @since 4.4.0 + */ + +/** + * Output JavaScript to toggle display of additional settings if avatars are disabled. + * + * @since 4.2.0 + */ +function options_discussion_add_js() { + ?> + <script> + (function($){ + var parent = $( '#show_avatars' ), + children = $( '.avatar-settings' ); + parent.on( 'change', function(){ + children.toggleClass( 'hide-if-js', ! this.checked ); + }); + })(jQuery); + </script> + <?php +} + +/** + * Display JavaScript on the page. + * + * @since 3.5.0 + */ +function options_general_add_js() { + ?> +<script type="text/javascript"> + jQuery( function($) { + var $siteName = $( '#wp-admin-bar-site-name' ).children( 'a' ).first(), + homeURL = ( <?php echo wp_json_encode( get_home_url() ); ?> || '' ).replace( /^(https?:\/\/)?(www\.)?/, '' ); + + $( '#blogname' ).on( 'input', function() { + var title = $.trim( $( this ).val() ) || homeURL; + + // Truncate to 40 characters. + if ( 40 < title.length ) { + title = title.substring( 0, 40 ) + '\u2026'; + } + + $siteName.text( title ); + }); + + $( 'input[name="date_format"]' ).on( 'click', function() { + if ( 'date_format_custom_radio' !== $(this).attr( 'id' ) ) + $( 'input[name="date_format_custom"]' ).val( $( this ).val() ).closest( 'fieldset' ).find( '.example' ).text( $( this ).parent( 'label' ).children( '.format-i18n' ).text() ); + }); + + $( 'input[name="date_format_custom"]' ).on( 'click input', function() { + $( '#date_format_custom_radio' ).prop( 'checked', true ); + }); + + $( 'input[name="time_format"]' ).on( 'click', function() { + if ( 'time_format_custom_radio' !== $(this).attr( 'id' ) ) + $( 'input[name="time_format_custom"]' ).val( $( this ).val() ).closest( 'fieldset' ).find( '.example' ).text( $( this ).parent( 'label' ).children( '.format-i18n' ).text() ); + }); + + $( 'input[name="time_format_custom"]' ).on( 'click input', function() { + $( '#time_format_custom_radio' ).prop( 'checked', true ); + }); + + $( 'input[name="date_format_custom"], input[name="time_format_custom"]' ).on( 'input', function() { + var format = $( this ), + fieldset = format.closest( 'fieldset' ), + example = fieldset.find( '.example' ), + spinner = fieldset.find( '.spinner' ); + + // Debounce the event callback while users are typing. + clearTimeout( $.data( this, 'timer' ) ); + $( this ).data( 'timer', setTimeout( function() { + // If custom date is not empty. + if ( format.val() ) { + spinner.addClass( 'is-active' ); + + $.post( ajaxurl, { + action: 'date_format_custom' === format.attr( 'name' ) ? 'date_format' : 'time_format', + date : format.val() + }, function( d ) { spinner.removeClass( 'is-active' ); example.text( d ); } ); + } + }, 500 ) ); + } ); + + var languageSelect = $( '#WPLANG' ); + $( 'form' ).on( 'submit', function() { + /* + * Don't show a spinner for English and installed languages, + * as there is nothing to download. + */ + if ( ! languageSelect.find( 'option:selected' ).data( 'installed' ) ) { + $( '#submit', this ).after( '<span class="spinner language-install-spinner is-active" />' ); + } + }); + } ); +</script> + <?php +} + +/** + * Display JavaScript on the page. + * + * @since 3.5.0 + */ +function options_reading_add_js() { + ?> +<script type="text/javascript"> + jQuery( function($) { + var section = $('#front-static-pages'), + staticPage = section.find('input:radio[value="page"]'), + selects = section.find('select'), + check_disabled = function(){ + selects.prop( 'disabled', ! staticPage.prop('checked') ); + }; + check_disabled(); + section.find( 'input:radio' ).on( 'change', check_disabled ); + } ); +</script> + <?php +} + +/** + * Render the site charset setting. + * + * @since 3.5.0 + */ +function options_reading_blog_charset() { + echo '<input name="blog_charset" type="text" id="blog_charset" value="' . esc_attr( get_option( 'blog_charset' ) ) . '" class="regular-text" />'; + echo '<p class="description">' . __( 'The <a href="https://wordpress.org/documentation/article/wordpress-glossary/#character-set">character encoding</a> of your site (UTF-8 is recommended)' ) . '</p>'; +} diff --git a/wp-admin/includes/plugin-install.php b/wp-admin/includes/plugin-install.php new file mode 100644 index 0000000..7662076 --- /dev/null +++ b/wp-admin/includes/plugin-install.php @@ -0,0 +1,926 @@ +<?php +/** + * WordPress Plugin Install Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Retrieves plugin installer pages from the WordPress.org Plugins API. + * + * It is possible for a plugin to override the Plugin API result with three + * filters. Assume this is for plugins, which can extend on the Plugin Info to + * offer more choices. This is very powerful and must be used with care when + * overriding the filters. + * + * The first filter, {@see 'plugins_api_args'}, is for the args and gives the action + * as the second parameter. The hook for {@see 'plugins_api_args'} must ensure that + * an object is returned. + * + * The second filter, {@see 'plugins_api'}, allows a plugin to override the WordPress.org + * Plugin Installation API entirely. If `$action` is 'query_plugins' or 'plugin_information', + * an object MUST be passed. If `$action` is 'hot_tags' or 'hot_categories', an array MUST + * be passed. + * + * Finally, the third filter, {@see 'plugins_api_result'}, makes it possible to filter the + * response object or array, depending on the `$action` type. + * + * Supported arguments per action: + * + * | Argument Name | query_plugins | plugin_information | hot_tags | hot_categories | + * | -------------------- | :-----------: | :----------------: | :------: | :------------: | + * | `$slug` | No | Yes | No | No | + * | `$per_page` | Yes | No | No | No | + * | `$page` | Yes | No | No | No | + * | `$number` | No | No | Yes | Yes | + * | `$search` | Yes | No | No | No | + * | `$tag` | Yes | No | No | No | + * | `$author` | Yes | No | No | No | + * | `$user` | Yes | No | No | No | + * | `$browse` | Yes | No | No | No | + * | `$locale` | Yes | Yes | No | No | + * | `$installed_plugins` | Yes | No | No | No | + * | `$is_ssl` | Yes | Yes | No | No | + * | `$fields` | Yes | Yes | No | No | + * + * @since 2.7.0 + * + * @param string $action API action to perform: 'query_plugins', 'plugin_information', + * 'hot_tags' or 'hot_categories'. + * @param array|object $args { + * Optional. Array or object of arguments to serialize for the Plugin Info API. + * + * @type string $slug The plugin slug. Default empty. + * @type int $per_page Number of plugins per page. Default 24. + * @type int $page Number of current page. Default 1. + * @type int $number Number of tags or categories to be queried. + * @type string $search A search term. Default empty. + * @type string $tag Tag to filter plugins. Default empty. + * @type string $author Username of an plugin author to filter plugins. Default empty. + * @type string $user Username to query for their favorites. Default empty. + * @type string $browse Browse view: 'popular', 'new', 'beta', 'recommended'. + * @type string $locale Locale to provide context-sensitive results. Default is the value + * of get_locale(). + * @type string $installed_plugins Installed plugins to provide context-sensitive results. + * @type bool $is_ssl Whether links should be returned with https or not. Default false. + * @type array $fields { + * Array of fields which should or should not be returned. + * + * @type bool $short_description Whether to return the plugin short description. Default true. + * @type bool $description Whether to return the plugin full description. Default false. + * @type bool $sections Whether to return the plugin readme sections: description, installation, + * FAQ, screenshots, other notes, and changelog. Default false. + * @type bool $tested Whether to return the 'Compatible up to' value. Default true. + * @type bool $requires Whether to return the required WordPress version. Default true. + * @type bool $requires_php Whether to return the required PHP version. Default true. + * @type bool $rating Whether to return the rating in percent and total number of ratings. + * Default true. + * @type bool $ratings Whether to return the number of rating for each star (1-5). Default true. + * @type bool $downloaded Whether to return the download count. Default true. + * @type bool $downloadlink Whether to return the download link for the package. Default true. + * @type bool $last_updated Whether to return the date of the last update. Default true. + * @type bool $added Whether to return the date when the plugin was added to the wordpress.org + * repository. Default true. + * @type bool $tags Whether to return the assigned tags. Default true. + * @type bool $compatibility Whether to return the WordPress compatibility list. Default true. + * @type bool $homepage Whether to return the plugin homepage link. Default true. + * @type bool $versions Whether to return the list of all available versions. Default false. + * @type bool $donate_link Whether to return the donation link. Default true. + * @type bool $reviews Whether to return the plugin reviews. Default false. + * @type bool $banners Whether to return the banner images links. Default false. + * @type bool $icons Whether to return the icon links. Default false. + * @type bool $active_installs Whether to return the number of active installations. Default false. + * @type bool $group Whether to return the assigned group. Default false. + * @type bool $contributors Whether to return the list of contributors. Default false. + * } + * } + * @return object|array|WP_Error Response object or array on success, WP_Error on failure. See the + * {@link https://developer.wordpress.org/reference/functions/plugins_api/ function reference article} + * for more information on the make-up of possible return values depending on the value of `$action`. + */ +function plugins_api( $action, $args = array() ) { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + if ( is_array( $args ) ) { + $args = (object) $args; + } + + if ( 'query_plugins' === $action ) { + if ( ! isset( $args->per_page ) ) { + $args->per_page = 24; + } + } + + if ( ! isset( $args->locale ) ) { + $args->locale = get_user_locale(); + } + + if ( ! isset( $args->wp_version ) ) { + $args->wp_version = substr( $wp_version, 0, 3 ); // x.y + } + + /** + * Filters the WordPress.org Plugin Installation API arguments. + * + * Important: An object MUST be returned to this filter. + * + * @since 2.7.0 + * + * @param object $args Plugin API arguments. + * @param string $action The type of information being requested from the Plugin Installation API. + */ + $args = apply_filters( 'plugins_api_args', $args, $action ); + + /** + * Filters the response for the current WordPress.org Plugin Installation API request. + * + * Returning a non-false value will effectively short-circuit the WordPress.org API request. + * + * If `$action` is 'query_plugins' or 'plugin_information', an object MUST be passed. + * If `$action` is 'hot_tags' or 'hot_categories', an array should be passed. + * + * @since 2.7.0 + * + * @param false|object|array $result The result object or array. Default false. + * @param string $action The type of information being requested from the Plugin Installation API. + * @param object $args Plugin API arguments. + */ + $res = apply_filters( 'plugins_api', false, $action, $args ); + + if ( false === $res ) { + + $url = 'http://api.wordpress.org/plugins/info/1.2/'; + $url = add_query_arg( + array( + 'action' => $action, + 'request' => $args, + ), + $url + ); + + $http_url = $url; + $ssl = wp_http_supports( array( 'ssl' ) ); + if ( $ssl ) { + $url = set_url_scheme( $url, 'https' ); + } + + $http_args = array( + 'timeout' => 15, + 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), + ); + $request = wp_remote_get( $url, $http_args ); + + if ( $ssl && is_wp_error( $request ) ) { + if ( ! wp_is_json_request() ) { + trigger_error( + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), + headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE + ); + } + + $request = wp_remote_get( $http_url, $http_args ); + } + + if ( is_wp_error( $request ) ) { + $res = new WP_Error( + 'plugins_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + $request->get_error_message() + ); + } else { + $res = json_decode( wp_remote_retrieve_body( $request ), true ); + if ( is_array( $res ) ) { + // Object casting is required in order to match the info/1.0 format. + $res = (object) $res; + } elseif ( null === $res ) { + $res = new WP_Error( + 'plugins_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + wp_remote_retrieve_body( $request ) + ); + } + + if ( isset( $res->error ) ) { + $res = new WP_Error( 'plugins_api_failed', $res->error ); + } + } + } elseif ( ! is_wp_error( $res ) ) { + $res->external = true; + } + + /** + * Filters the Plugin Installation API response results. + * + * @since 2.7.0 + * + * @param object|WP_Error $res Response object or WP_Error. + * @param string $action The type of information being requested from the Plugin Installation API. + * @param object $args Plugin API arguments. + */ + return apply_filters( 'plugins_api_result', $res, $action, $args ); +} + +/** + * Retrieves popular WordPress plugin tags. + * + * @since 2.7.0 + * + * @param array $args + * @return array|WP_Error + */ +function install_popular_tags( $args = array() ) { + $key = md5( serialize( $args ) ); + $tags = get_site_transient( 'poptags_' . $key ); + if ( false !== $tags ) { + return $tags; + } + + $tags = plugins_api( 'hot_tags', $args ); + + if ( is_wp_error( $tags ) ) { + return $tags; + } + + set_site_transient( 'poptags_' . $key, $tags, 3 * HOUR_IN_SECONDS ); + + return $tags; +} + +/** + * Displays the Featured tab of Add Plugins screen. + * + * @since 2.7.0 + */ +function install_dashboard() { + display_plugins_table(); + ?> + + <div class="plugins-popular-tags-wrapper"> + <h2><?php _e( 'Popular tags' ); ?></h2> + <p><?php _e( 'You may also browse based on the most popular tags in the Plugin Directory:' ); ?></p> + <?php + + $api_tags = install_popular_tags(); + + echo '<p class="popular-tags">'; + if ( is_wp_error( $api_tags ) ) { + echo $api_tags->get_error_message(); + } else { + // Set up the tags in a way which can be interpreted by wp_generate_tag_cloud(). + $tags = array(); + foreach ( (array) $api_tags as $tag ) { + $url = self_admin_url( 'plugin-install.php?tab=search&type=tag&s=' . urlencode( $tag['name'] ) ); + $data = array( + 'link' => esc_url( $url ), + 'name' => $tag['name'], + 'slug' => $tag['slug'], + 'id' => sanitize_title_with_dashes( $tag['name'] ), + 'count' => $tag['count'], + ); + $tags[ $tag['name'] ] = (object) $data; + } + echo wp_generate_tag_cloud( + $tags, + array( + /* translators: %s: Number of plugins. */ + 'single_text' => __( '%s plugin' ), + /* translators: %s: Number of plugins. */ + 'multiple_text' => __( '%s plugins' ), + ) + ); + } + echo '</p><br class="clear" /></div>'; +} + +/** + * Displays a search form for searching plugins. + * + * @since 2.7.0 + * @since 4.6.0 The `$type_selector` parameter was deprecated. + * + * @param bool $deprecated Not used. + */ +function install_search_form( $deprecated = true ) { + $type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term'; + $term = isset( $_REQUEST['s'] ) ? urldecode( wp_unslash( $_REQUEST['s'] ) ) : ''; + ?> + <form class="search-form search-plugins" method="get"> + <input type="hidden" name="tab" value="search" /> + <label class="screen-reader-text" for="typeselector"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search plugins by:' ); + ?> + </label> + <select name="type" id="typeselector"> + <option value="term"<?php selected( 'term', $type ); ?>><?php _e( 'Keyword' ); ?></option> + <option value="author"<?php selected( 'author', $type ); ?>><?php _e( 'Author' ); ?></option> + <option value="tag"<?php selected( 'tag', $type ); ?>><?php _ex( 'Tag', 'Plugin Installer' ); ?></option> + </select> + <label class="screen-reader-text" for="search-plugins"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search Plugins' ); + ?> + </label> + <input type="search" name="s" id="search-plugins" value="<?php echo esc_attr( $term ); ?>" class="wp-filter-search" placeholder="<?php esc_attr_e( 'Search plugins...' ); ?>" /> + <?php submit_button( __( 'Search Plugins' ), 'hide-if-js', false, false, array( 'id' => 'search-submit' ) ); ?> + </form> + <?php +} + +/** + * Displays a form to upload plugins from zip files. + * + * @since 2.8.0 + */ +function install_plugins_upload() { + ?> +<div class="upload-plugin"> + <p class="install-help"><?php _e( 'If you have a plugin in a .zip format, you may install or update it by uploading it here.' ); ?></p> + <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo esc_url( self_admin_url( 'update.php?action=upload-plugin' ) ); ?>"> + <?php wp_nonce_field( 'plugin-upload' ); ?> + <label class="screen-reader-text" for="pluginzip"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Plugin zip file' ); + ?> + </label> + <input type="file" id="pluginzip" name="pluginzip" accept=".zip" /> + <?php submit_button( __( 'Install Now' ), '', 'install-plugin-submit', false ); ?> + </form> +</div> + <?php +} + +/** + * Shows a username form for the favorites page. + * + * @since 3.5.0 + */ +function install_plugins_favorites_form() { + $user = get_user_option( 'wporg_favorites' ); + $action = 'save_wporg_username_' . get_current_user_id(); + ?> + <p><?php _e( 'If you have marked plugins as favorites on WordPress.org, you can browse them here.' ); ?></p> + <form method="get"> + <input type="hidden" name="tab" value="favorites" /> + <p> + <label for="user"><?php _e( 'Your WordPress.org username:' ); ?></label> + <input type="search" id="user" name="user" value="<?php echo esc_attr( $user ); ?>" /> + <input type="submit" class="button" value="<?php esc_attr_e( 'Get Favorites' ); ?>" /> + <input type="hidden" id="wporg-username-nonce" name="_wpnonce" value="<?php echo esc_attr( wp_create_nonce( $action ) ); ?>" /> + </p> + </form> + <?php +} + +/** + * Displays plugin content based on plugin list. + * + * @since 2.7.0 + * + * @global WP_List_Table $wp_list_table + */ +function display_plugins_table() { + global $wp_list_table; + + switch ( current_filter() ) { + case 'install_plugins_beta': + printf( + /* translators: %s: URL to "Features as Plugins" page. */ + '<p>' . __( 'You are using a development version of WordPress. These feature plugins are also under development. <a href="%s">Learn more</a>.' ) . '</p>', + 'https://make.wordpress.org/core/handbook/about/release-cycle/features-as-plugins/' + ); + break; + case 'install_plugins_featured': + printf( + /* translators: %s: https://wordpress.org/plugins/ */ + '<p>' . __( 'Plugins extend and expand the functionality of WordPress. You may install plugins in the <a href="%s">WordPress Plugin Directory</a> right from here, or upload a plugin in .zip format by clicking the button at the top of this page.' ) . '</p>', + __( 'https://wordpress.org/plugins/' ) + ); + break; + case 'install_plugins_recommended': + echo '<p>' . __( 'These suggestions are based on the plugins you and other users have installed.' ) . '</p>'; + break; + case 'install_plugins_favorites': + if ( empty( $_GET['user'] ) && ! get_user_option( 'wporg_favorites' ) ) { + return; + } + break; + } + ?> + <form id="plugin-filter" method="post"> + <?php $wp_list_table->display(); ?> + </form> + <?php +} + +/** + * Determines the status we can perform on a plugin. + * + * @since 3.0.0 + * + * @param array|object $api Data about the plugin retrieved from the API. + * @param bool $loop Optional. Disable further loops. Default false. + * @return array { + * Plugin installation status data. + * + * @type string $status Status of a plugin. Could be one of 'install', 'update_available', 'latest_installed' or 'newer_installed'. + * @type string $url Plugin installation URL. + * @type string $version The most recent version of the plugin. + * @type string $file Plugin filename relative to the plugins directory. + * } + */ +function install_plugin_install_status( $api, $loop = false ) { + // This function is called recursively, $loop prevents further loops. + if ( is_array( $api ) ) { + $api = (object) $api; + } + + // Default to a "new" plugin. + $status = 'install'; + $url = false; + $update_file = false; + $version = ''; + + /* + * Check to see if this plugin is known to be installed, + * and has an update awaiting it. + */ + $update_plugins = get_site_transient( 'update_plugins' ); + if ( isset( $update_plugins->response ) ) { + foreach ( (array) $update_plugins->response as $file => $plugin ) { + if ( $plugin->slug === $api->slug ) { + $status = 'update_available'; + $update_file = $file; + $version = $plugin->new_version; + if ( current_user_can( 'update_plugins' ) ) { + $url = wp_nonce_url( self_admin_url( 'update.php?action=upgrade-plugin&plugin=' . $update_file ), 'upgrade-plugin_' . $update_file ); + } + break; + } + } + } + + if ( 'install' === $status ) { + if ( is_dir( WP_PLUGIN_DIR . '/' . $api->slug ) ) { + $installed_plugin = get_plugins( '/' . $api->slug ); + if ( empty( $installed_plugin ) ) { + if ( current_user_can( 'install_plugins' ) ) { + $url = wp_nonce_url( self_admin_url( 'update.php?action=install-plugin&plugin=' . $api->slug ), 'install-plugin_' . $api->slug ); + } + } else { + $key = array_keys( $installed_plugin ); + /* + * Use the first plugin regardless of the name. + * Could have issues for multiple plugins in one directory if they share different version numbers. + */ + $key = reset( $key ); + + $update_file = $api->slug . '/' . $key; + if ( version_compare( $api->version, $installed_plugin[ $key ]['Version'], '=' ) ) { + $status = 'latest_installed'; + } elseif ( version_compare( $api->version, $installed_plugin[ $key ]['Version'], '<' ) ) { + $status = 'newer_installed'; + $version = $installed_plugin[ $key ]['Version']; + } else { + // If the above update check failed, then that probably means that the update checker has out-of-date information, force a refresh. + if ( ! $loop ) { + delete_site_transient( 'update_plugins' ); + wp_update_plugins(); + return install_plugin_install_status( $api, true ); + } + } + } + } else { + // "install" & no directory with that slug. + if ( current_user_can( 'install_plugins' ) ) { + $url = wp_nonce_url( self_admin_url( 'update.php?action=install-plugin&plugin=' . $api->slug ), 'install-plugin_' . $api->slug ); + } + } + } + if ( isset( $_GET['from'] ) ) { + $url .= '&from=' . urlencode( wp_unslash( $_GET['from'] ) ); + } + + $file = $update_file; + return compact( 'status', 'url', 'version', 'file' ); +} + +/** + * Displays plugin information in dialog box form. + * + * @since 2.7.0 + * + * @global string $tab + */ +function install_plugin_information() { + global $tab; + + if ( empty( $_REQUEST['plugin'] ) ) { + return; + } + + $api = plugins_api( + 'plugin_information', + array( + 'slug' => wp_unslash( $_REQUEST['plugin'] ), + ) + ); + + if ( is_wp_error( $api ) ) { + wp_die( $api ); + } + + $plugins_allowedtags = array( + 'a' => array( + 'href' => array(), + 'title' => array(), + 'target' => array(), + ), + 'abbr' => array( 'title' => array() ), + 'acronym' => array( 'title' => array() ), + 'code' => array(), + 'pre' => array(), + 'em' => array(), + 'strong' => array(), + 'div' => array( 'class' => array() ), + 'span' => array( 'class' => array() ), + 'p' => array(), + 'br' => array(), + 'ul' => array(), + 'ol' => array(), + 'li' => array(), + 'h1' => array(), + 'h2' => array(), + 'h3' => array(), + 'h4' => array(), + 'h5' => array(), + 'h6' => array(), + 'img' => array( + 'src' => array(), + 'class' => array(), + 'alt' => array(), + ), + 'blockquote' => array( 'cite' => true ), + ); + + $plugins_section_titles = array( + 'description' => _x( 'Description', 'Plugin installer section title' ), + 'installation' => _x( 'Installation', 'Plugin installer section title' ), + 'faq' => _x( 'FAQ', 'Plugin installer section title' ), + 'screenshots' => _x( 'Screenshots', 'Plugin installer section title' ), + 'changelog' => _x( 'Changelog', 'Plugin installer section title' ), + 'reviews' => _x( 'Reviews', 'Plugin installer section title' ), + 'other_notes' => _x( 'Other Notes', 'Plugin installer section title' ), + ); + + // Sanitize HTML. + foreach ( (array) $api->sections as $section_name => $content ) { + $api->sections[ $section_name ] = wp_kses( $content, $plugins_allowedtags ); + } + + foreach ( array( 'version', 'author', 'requires', 'tested', 'homepage', 'downloaded', 'slug' ) as $key ) { + if ( isset( $api->$key ) ) { + $api->$key = wp_kses( $api->$key, $plugins_allowedtags ); + } + } + + $_tab = esc_attr( $tab ); + + // Default to the Description tab, Do not translate, API returns English. + $section = isset( $_REQUEST['section'] ) ? wp_unslash( $_REQUEST['section'] ) : 'description'; + if ( empty( $section ) || ! isset( $api->sections[ $section ] ) ) { + $section_titles = array_keys( (array) $api->sections ); + $section = reset( $section_titles ); + } + + iframe_header( __( 'Plugin Installation' ) ); + + $_with_banner = ''; + + if ( ! empty( $api->banners ) && ( ! empty( $api->banners['low'] ) || ! empty( $api->banners['high'] ) ) ) { + $_with_banner = 'with-banner'; + $low = empty( $api->banners['low'] ) ? $api->banners['high'] : $api->banners['low']; + $high = empty( $api->banners['high'] ) ? $api->banners['low'] : $api->banners['high']; + ?> + <style type="text/css"> + #plugin-information-title.with-banner { + background-image: url( <?php echo esc_url( $low ); ?> ); + } + @media only screen and ( -webkit-min-device-pixel-ratio: 1.5 ) { + #plugin-information-title.with-banner { + background-image: url( <?php echo esc_url( $high ); ?> ); + } + } + </style> + <?php + } + + echo '<div id="plugin-information-scrollable">'; + echo "<div id='{$_tab}-title' class='{$_with_banner}'><div class='vignette'></div><h2>{$api->name}</h2></div>"; + echo "<div id='{$_tab}-tabs' class='{$_with_banner}'>\n"; + + foreach ( (array) $api->sections as $section_name => $content ) { + if ( 'reviews' === $section_name && ( empty( $api->ratings ) || 0 === array_sum( (array) $api->ratings ) ) ) { + continue; + } + + if ( isset( $plugins_section_titles[ $section_name ] ) ) { + $title = $plugins_section_titles[ $section_name ]; + } else { + $title = ucwords( str_replace( '_', ' ', $section_name ) ); + } + + $class = ( $section_name === $section ) ? ' class="current"' : ''; + $href = add_query_arg( + array( + 'tab' => $tab, + 'section' => $section_name, + ) + ); + $href = esc_url( $href ); + $san_section = esc_attr( $section_name ); + echo "\t<a name='$san_section' href='$href' $class>$title</a>\n"; + } + + echo "</div>\n"; + + ?> +<div id="<?php echo $_tab; ?>-content" class='<?php echo $_with_banner; ?>'> + <div class="fyi"> + <ul> + <?php if ( ! empty( $api->version ) ) { ?> + <li><strong><?php _e( 'Version:' ); ?></strong> <?php echo $api->version; ?></li> + <?php } if ( ! empty( $api->author ) ) { ?> + <li><strong><?php _e( 'Author:' ); ?></strong> <?php echo links_add_target( $api->author, '_blank' ); ?></li> + <?php } if ( ! empty( $api->last_updated ) ) { ?> + <li><strong><?php _e( 'Last Updated:' ); ?></strong> + <?php + /* translators: %s: Human-readable time difference. */ + printf( __( '%s ago' ), human_time_diff( strtotime( $api->last_updated ) ) ); + ?> + </li> + <?php } if ( ! empty( $api->requires ) ) { ?> + <li> + <strong><?php _e( 'Requires WordPress Version:' ); ?></strong> + <?php + /* translators: %s: Version number. */ + printf( __( '%s or higher' ), $api->requires ); + ?> + </li> + <?php } if ( ! empty( $api->tested ) ) { ?> + <li><strong><?php _e( 'Compatible up to:' ); ?></strong> <?php echo $api->tested; ?></li> + <?php } if ( ! empty( $api->requires_php ) ) { ?> + <li> + <strong><?php _e( 'Requires PHP Version:' ); ?></strong> + <?php + /* translators: %s: Version number. */ + printf( __( '%s or higher' ), $api->requires_php ); + ?> + </li> + <?php } if ( isset( $api->active_installs ) ) { ?> + <li><strong><?php _e( 'Active Installations:' ); ?></strong> + <?php + if ( $api->active_installs >= 1000000 ) { + $active_installs_millions = floor( $api->active_installs / 1000000 ); + printf( + /* translators: %s: Number of millions. */ + _nx( '%s+ Million', '%s+ Million', $active_installs_millions, 'Active plugin installations' ), + number_format_i18n( $active_installs_millions ) + ); + } elseif ( $api->active_installs < 10 ) { + _ex( 'Less Than 10', 'Active plugin installations' ); + } else { + echo number_format_i18n( $api->active_installs ) . '+'; + } + ?> + </li> + <?php } if ( ! empty( $api->slug ) && empty( $api->external ) ) { ?> + <li><a target="_blank" href="<?php echo esc_url( __( 'https://wordpress.org/plugins/' ) . $api->slug ); ?>/"><?php _e( 'WordPress.org Plugin Page »' ); ?></a></li> + <?php } if ( ! empty( $api->homepage ) ) { ?> + <li><a target="_blank" href="<?php echo esc_url( $api->homepage ); ?>"><?php _e( 'Plugin Homepage »' ); ?></a></li> + <?php } if ( ! empty( $api->donate_link ) && empty( $api->contributors ) ) { ?> + <li><a target="_blank" href="<?php echo esc_url( $api->donate_link ); ?>"><?php _e( 'Donate to this plugin »' ); ?></a></li> + <?php } ?> + </ul> + <?php if ( ! empty( $api->rating ) ) { ?> + <h3><?php _e( 'Average Rating' ); ?></h3> + <?php + wp_star_rating( + array( + 'rating' => $api->rating, + 'type' => 'percent', + 'number' => $api->num_ratings, + ) + ); + ?> + <p aria-hidden="true" class="fyi-description"> + <?php + printf( + /* translators: %s: Number of ratings. */ + _n( '(based on %s rating)', '(based on %s ratings)', $api->num_ratings ), + number_format_i18n( $api->num_ratings ) + ); + ?> + </p> + <?php + } + + if ( ! empty( $api->ratings ) && array_sum( (array) $api->ratings ) > 0 ) { + ?> + <h3><?php _e( 'Reviews' ); ?></h3> + <p class="fyi-description"><?php _e( 'Read all reviews on WordPress.org or write your own!' ); ?></p> + <?php + foreach ( $api->ratings as $key => $ratecount ) { + // Avoid div-by-zero. + $_rating = $api->num_ratings ? ( $ratecount / $api->num_ratings ) : 0; + $aria_label = esc_attr( + sprintf( + /* translators: 1: Number of stars (used to determine singular/plural), 2: Number of reviews. */ + _n( + 'Reviews with %1$d star: %2$s. Opens in a new tab.', + 'Reviews with %1$d stars: %2$s. Opens in a new tab.', + $key + ), + $key, + number_format_i18n( $ratecount ) + ) + ); + ?> + <div class="counter-container"> + <span class="counter-label"> + <?php + printf( + '<a href="%s" target="_blank" aria-label="%s">%s</a>', + "https://wordpress.org/support/plugin/{$api->slug}/reviews/?filter={$key}", + $aria_label, + /* translators: %s: Number of stars. */ + sprintf( _n( '%d star', '%d stars', $key ), $key ) + ); + ?> + </span> + <span class="counter-back"> + <span class="counter-bar" style="width: <?php echo 92 * $_rating; ?>px;"></span> + </span> + <span class="counter-count" aria-hidden="true"><?php echo number_format_i18n( $ratecount ); ?></span> + </div> + <?php + } + } + if ( ! empty( $api->contributors ) ) { + ?> + <h3><?php _e( 'Contributors' ); ?></h3> + <ul class="contributors"> + <?php + foreach ( (array) $api->contributors as $contrib_username => $contrib_details ) { + $contrib_name = $contrib_details['display_name']; + if ( ! $contrib_name ) { + $contrib_name = $contrib_username; + } + $contrib_name = esc_html( $contrib_name ); + + $contrib_profile = esc_url( $contrib_details['profile'] ); + $contrib_avatar = esc_url( add_query_arg( 's', '36', $contrib_details['avatar'] ) ); + + echo "<li><a href='{$contrib_profile}' target='_blank'><img src='{$contrib_avatar}' width='18' height='18' alt='' />{$contrib_name}</a></li>"; + } + ?> + </ul> + <?php if ( ! empty( $api->donate_link ) ) { ?> + <a target="_blank" href="<?php echo esc_url( $api->donate_link ); ?>"><?php _e( 'Donate to this plugin »' ); ?></a> + <?php } ?> + <?php } ?> + </div> + <div id="section-holder"> + <?php + $requires_php = isset( $api->requires_php ) ? $api->requires_php : null; + $requires_wp = isset( $api->requires ) ? $api->requires : null; + + $compatible_php = is_php_version_compatible( $requires_php ); + $compatible_wp = is_wp_version_compatible( $requires_wp ); + $tested_wp = ( empty( $api->tested ) || version_compare( get_bloginfo( 'version' ), $api->tested, '<=' ) ); + + if ( ! $compatible_php ) { + $compatible_php_notice_message = '<p>'; + $compatible_php_notice_message .= __( '<strong>Error:</strong> This plugin <strong>requires a newer version of PHP</strong>.' ); + + if ( current_user_can( 'update_php' ) ) { + $compatible_php_notice_message .= sprintf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s" target="_blank">Click here to learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ) . wp_update_php_annotation( '</p><p><em>', '</em>', false ); + } else { + $compatible_php_notice_message .= '</p>'; + } + + wp_admin_notice( + $compatible_php_notice_message, + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt' ), + 'paragraph_wrap' => false, + ) + ); + } + + if ( ! $tested_wp ) { + wp_admin_notice( + __( '<strong>Warning:</strong> This plugin <strong>has not been tested</strong> with your current version of WordPress.' ), + array( + 'type' => 'warning', + 'additional_classes' => array( 'notice-alt' ), + ) + ); + } elseif ( ! $compatible_wp ) { + $compatible_wp_notice_message = __( '<strong>Error:</strong> This plugin <strong>requires a newer version of WordPress</strong>.' ); + if ( current_user_can( 'update_core' ) ) { + $compatible_wp_notice_message .= sprintf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s" target="_parent">Click here to update WordPress</a>.' ), + esc_url( self_admin_url( 'update-core.php' ) ) + ); + } + + wp_admin_notice( + $compatible_wp_notice_message, + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt' ), + ) + ); + } + + foreach ( (array) $api->sections as $section_name => $content ) { + $content = links_add_base_url( $content, 'https://wordpress.org/plugins/' . $api->slug . '/' ); + $content = links_add_target( $content, '_blank' ); + + $san_section = esc_attr( $section_name ); + + $display = ( $section_name === $section ) ? 'block' : 'none'; + + echo "\t<div id='section-{$san_section}' class='section' style='display: {$display};'>\n"; + echo $content; + echo "\t</div>\n"; + } + echo "</div>\n"; + echo "</div>\n"; + echo "</div>\n"; // #plugin-information-scrollable + echo "<div id='$tab-footer'>\n"; + if ( ! empty( $api->download_link ) && ( current_user_can( 'install_plugins' ) || current_user_can( 'update_plugins' ) ) ) { + $status = install_plugin_install_status( $api ); + switch ( $status['status'] ) { + case 'install': + if ( $status['url'] ) { + if ( $compatible_php && $compatible_wp ) { + echo '<a data-slug="' . esc_attr( $api->slug ) . '" id="plugin_install_from_iframe" class="button button-primary right" href="' . $status['url'] . '" target="_parent">' . __( 'Install Now' ) . '</a>'; + } else { + printf( + '<button type="button" class="button button-primary button-disabled right" disabled="disabled">%s</button>', + _x( 'Cannot Install', 'plugin' ) + ); + } + } + break; + case 'update_available': + if ( $status['url'] ) { + if ( $compatible_php ) { + echo '<a data-slug="' . esc_attr( $api->slug ) . '" data-plugin="' . esc_attr( $status['file'] ) . '" id="plugin_update_from_iframe" class="button button-primary right" href="' . $status['url'] . '" target="_parent">' . __( 'Install Update Now' ) . '</a>'; + } else { + printf( + '<button type="button" class="button button-primary button-disabled right" disabled="disabled">%s</button>', + _x( 'Cannot Update', 'plugin' ) + ); + } + } + break; + case 'newer_installed': + /* translators: %s: Plugin version. */ + echo '<a class="button button-primary right disabled">' . sprintf( __( 'Newer Version (%s) Installed' ), esc_html( $status['version'] ) ) . '</a>'; + break; + case 'latest_installed': + echo '<a class="button button-primary right disabled">' . __( 'Latest Version Installed' ) . '</a>'; + break; + } + } + echo "</div>\n"; + + iframe_footer(); + exit; +} diff --git a/wp-admin/includes/plugin.php b/wp-admin/includes/plugin.php new file mode 100644 index 0000000..f55bbd8 --- /dev/null +++ b/wp-admin/includes/plugin.php @@ -0,0 +1,2597 @@ +<?php +/** + * WordPress Plugin Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Parses the plugin contents to retrieve plugin's metadata. + * + * All plugin headers must be on their own line. Plugin description must not have + * any newlines, otherwise only parts of the description will be displayed. + * The below is formatted for printing. + * + * /* + * Plugin Name: Name of the plugin. + * Plugin URI: The home page of the plugin. + * Description: Plugin description. + * Author: Plugin author's name. + * Author URI: Link to the author's website. + * Version: Plugin version. + * Text Domain: Optional. Unique identifier, should be same as the one used in + * load_plugin_textdomain(). + * Domain Path: Optional. Only useful if the translations are located in a + * folder above the plugin's base path. For example, if .mo files are + * located in the locale folder then Domain Path will be "/locale/" and + * must have the first slash. Defaults to the base folder the plugin is + * located in. + * Network: Optional. Specify "Network: true" to require that a plugin is activated + * across all sites in an installation. This will prevent a plugin from being + * activated on a single site when Multisite is enabled. + * Requires at least: Optional. Specify the minimum required WordPress version. + * Requires PHP: Optional. Specify the minimum required PHP version. + * * / # Remove the space to close comment. + * + * The first 8 KB of the file will be pulled in and if the plugin data is not + * within that first 8 KB, then the plugin author should correct their plugin + * and move the plugin data headers to the top. + * + * The plugin file is assumed to have permissions to allow for scripts to read + * the file. This is not checked however and the file is only opened for + * reading. + * + * @since 1.5.0 + * @since 5.3.0 Added support for `Requires at least` and `Requires PHP` headers. + * @since 5.8.0 Added support for `Update URI` header. + * + * @param string $plugin_file Absolute path to the main plugin file. + * @param bool $markup Optional. If the returned data should have HTML markup applied. + * Default true. + * @param bool $translate Optional. If the returned data should be translated. Default true. + * @return array { + * Plugin data. Values will be empty if not supplied by the plugin. + * + * @type string $Name Name of the plugin. Should be unique. + * @type string $PluginURI Plugin URI. + * @type string $Version Plugin version. + * @type string $Description Plugin description. + * @type string $Author Plugin author's name. + * @type string $AuthorURI Plugin author's website address (if set). + * @type string $TextDomain Plugin textdomain. + * @type string $DomainPath Plugin's relative directory path to .mo files. + * @type bool $Network Whether the plugin can only be activated network-wide. + * @type string $RequiresWP Minimum required version of WordPress. + * @type string $RequiresPHP Minimum required version of PHP. + * @type string $UpdateURI ID of the plugin for update purposes, should be a URI. + * @type string $Title Title of the plugin and link to the plugin's site (if set). + * @type string $AuthorName Plugin author's name. + * } + */ +function get_plugin_data( $plugin_file, $markup = true, $translate = true ) { + + $default_headers = array( + 'Name' => 'Plugin Name', + 'PluginURI' => 'Plugin URI', + 'Version' => 'Version', + 'Description' => 'Description', + 'Author' => 'Author', + 'AuthorURI' => 'Author URI', + 'TextDomain' => 'Text Domain', + 'DomainPath' => 'Domain Path', + 'Network' => 'Network', + 'RequiresWP' => 'Requires at least', + 'RequiresPHP' => 'Requires PHP', + 'UpdateURI' => 'Update URI', + // Site Wide Only is deprecated in favor of Network. + '_sitewide' => 'Site Wide Only', + ); + + $plugin_data = get_file_data( $plugin_file, $default_headers, 'plugin' ); + + // Site Wide Only is the old header for Network. + if ( ! $plugin_data['Network'] && $plugin_data['_sitewide'] ) { + /* translators: 1: Site Wide Only: true, 2: Network: true */ + _deprecated_argument( __FUNCTION__, '3.0.0', sprintf( __( 'The %1$s plugin header is deprecated. Use %2$s instead.' ), '<code>Site Wide Only: true</code>', '<code>Network: true</code>' ) ); + $plugin_data['Network'] = $plugin_data['_sitewide']; + } + $plugin_data['Network'] = ( 'true' === strtolower( $plugin_data['Network'] ) ); + unset( $plugin_data['_sitewide'] ); + + // If no text domain is defined fall back to the plugin slug. + if ( ! $plugin_data['TextDomain'] ) { + $plugin_slug = dirname( plugin_basename( $plugin_file ) ); + if ( '.' !== $plugin_slug && ! str_contains( $plugin_slug, '/' ) ) { + $plugin_data['TextDomain'] = $plugin_slug; + } + } + + if ( $markup || $translate ) { + $plugin_data = _get_plugin_data_markup_translate( $plugin_file, $plugin_data, $markup, $translate ); + } else { + $plugin_data['Title'] = $plugin_data['Name']; + $plugin_data['AuthorName'] = $plugin_data['Author']; + } + + return $plugin_data; +} + +/** + * Sanitizes plugin data, optionally adds markup, optionally translates. + * + * @since 2.7.0 + * + * @see get_plugin_data() + * + * @access private + * + * @param string $plugin_file Path to the main plugin file. + * @param array $plugin_data An array of plugin data. See get_plugin_data(). + * @param bool $markup Optional. If the returned data should have HTML markup applied. + * Default true. + * @param bool $translate Optional. If the returned data should be translated. Default true. + * @return array Plugin data. Values will be empty if not supplied by the plugin. + * See get_plugin_data() for the list of possible values. + */ +function _get_plugin_data_markup_translate( $plugin_file, $plugin_data, $markup = true, $translate = true ) { + + // Sanitize the plugin filename to a WP_PLUGIN_DIR relative path. + $plugin_file = plugin_basename( $plugin_file ); + + // Translate fields. + if ( $translate ) { + $textdomain = $plugin_data['TextDomain']; + if ( $textdomain ) { + if ( ! is_textdomain_loaded( $textdomain ) ) { + if ( $plugin_data['DomainPath'] ) { + load_plugin_textdomain( $textdomain, false, dirname( $plugin_file ) . $plugin_data['DomainPath'] ); + } else { + load_plugin_textdomain( $textdomain, false, dirname( $plugin_file ) ); + } + } + } elseif ( 'hello.php' === basename( $plugin_file ) ) { + $textdomain = 'default'; + } + if ( $textdomain ) { + foreach ( array( 'Name', 'PluginURI', 'Description', 'Author', 'AuthorURI', 'Version' ) as $field ) { + if ( ! empty( $plugin_data[ $field ] ) ) { + // phpcs:ignore WordPress.WP.I18n.LowLevelTranslationFunction,WordPress.WP.I18n.NonSingularStringLiteralText,WordPress.WP.I18n.NonSingularStringLiteralDomain + $plugin_data[ $field ] = translate( $plugin_data[ $field ], $textdomain ); + } + } + } + } + + // Sanitize fields. + $allowed_tags_in_links = array( + 'abbr' => array( 'title' => true ), + 'acronym' => array( 'title' => true ), + 'code' => true, + 'em' => true, + 'strong' => true, + ); + + $allowed_tags = $allowed_tags_in_links; + $allowed_tags['a'] = array( + 'href' => true, + 'title' => true, + ); + + /* + * Name is marked up inside <a> tags. Don't allow these. + * Author is too, but some plugins have used <a> here (omitting Author URI). + */ + $plugin_data['Name'] = wp_kses( $plugin_data['Name'], $allowed_tags_in_links ); + $plugin_data['Author'] = wp_kses( $plugin_data['Author'], $allowed_tags ); + + $plugin_data['Description'] = wp_kses( $plugin_data['Description'], $allowed_tags ); + $plugin_data['Version'] = wp_kses( $plugin_data['Version'], $allowed_tags ); + + $plugin_data['PluginURI'] = esc_url( $plugin_data['PluginURI'] ); + $plugin_data['AuthorURI'] = esc_url( $plugin_data['AuthorURI'] ); + + $plugin_data['Title'] = $plugin_data['Name']; + $plugin_data['AuthorName'] = $plugin_data['Author']; + + // Apply markup. + if ( $markup ) { + if ( $plugin_data['PluginURI'] && $plugin_data['Name'] ) { + $plugin_data['Title'] = '<a href="' . $plugin_data['PluginURI'] . '">' . $plugin_data['Name'] . '</a>'; + } + + if ( $plugin_data['AuthorURI'] && $plugin_data['Author'] ) { + $plugin_data['Author'] = '<a href="' . $plugin_data['AuthorURI'] . '">' . $plugin_data['Author'] . '</a>'; + } + + $plugin_data['Description'] = wptexturize( $plugin_data['Description'] ); + + if ( $plugin_data['Author'] ) { + $plugin_data['Description'] .= sprintf( + /* translators: %s: Plugin author. */ + ' <cite>' . __( 'By %s.' ) . '</cite>', + $plugin_data['Author'] + ); + } + } + + return $plugin_data; +} + +/** + * Gets a list of a plugin's files. + * + * @since 2.8.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return string[] Array of file names relative to the plugin root. + */ +function get_plugin_files( $plugin ) { + $plugin_file = WP_PLUGIN_DIR . '/' . $plugin; + $dir = dirname( $plugin_file ); + + $plugin_files = array( plugin_basename( $plugin_file ) ); + + if ( is_dir( $dir ) && WP_PLUGIN_DIR !== $dir ) { + + /** + * Filters the array of excluded directories and files while scanning the folder. + * + * @since 4.9.0 + * + * @param string[] $exclusions Array of excluded directories and files. + */ + $exclusions = (array) apply_filters( 'plugin_files_exclusions', array( 'CVS', 'node_modules', 'vendor', 'bower_components' ) ); + + $list_files = list_files( $dir, 100, $exclusions ); + $list_files = array_map( 'plugin_basename', $list_files ); + + $plugin_files = array_merge( $plugin_files, $list_files ); + $plugin_files = array_values( array_unique( $plugin_files ) ); + } + + return $plugin_files; +} + +/** + * Checks the plugins directory and retrieve all plugin files with plugin data. + * + * WordPress only supports plugin files in the base plugins directory + * (wp-content/plugins) and in one directory above the plugins directory + * (wp-content/plugins/my-plugin). The file it looks for has the plugin data + * and must be found in those two locations. It is recommended to keep your + * plugin files in their own directories. + * + * The file with the plugin data is the file that will be included and therefore + * needs to have the main execution for the plugin. This does not mean + * everything must be contained in the file and it is recommended that the file + * be split for maintainability. Keep everything in one file for extreme + * optimization purposes. + * + * @since 1.5.0 + * + * @param string $plugin_folder Optional. Relative path to single plugin folder. + * @return array[] Array of arrays of plugin data, keyed by plugin file name. See get_plugin_data(). + */ +function get_plugins( $plugin_folder = '' ) { + + $cache_plugins = wp_cache_get( 'plugins', 'plugins' ); + if ( ! $cache_plugins ) { + $cache_plugins = array(); + } + + if ( isset( $cache_plugins[ $plugin_folder ] ) ) { + return $cache_plugins[ $plugin_folder ]; + } + + $wp_plugins = array(); + $plugin_root = WP_PLUGIN_DIR; + if ( ! empty( $plugin_folder ) ) { + $plugin_root .= $plugin_folder; + } + + // Files in wp-content/plugins directory. + $plugins_dir = @opendir( $plugin_root ); + $plugin_files = array(); + + if ( $plugins_dir ) { + while ( ( $file = readdir( $plugins_dir ) ) !== false ) { + if ( str_starts_with( $file, '.' ) ) { + continue; + } + + if ( is_dir( $plugin_root . '/' . $file ) ) { + $plugins_subdir = @opendir( $plugin_root . '/' . $file ); + + if ( $plugins_subdir ) { + while ( ( $subfile = readdir( $plugins_subdir ) ) !== false ) { + if ( str_starts_with( $subfile, '.' ) ) { + continue; + } + + if ( str_ends_with( $subfile, '.php' ) ) { + $plugin_files[] = "$file/$subfile"; + } + } + + closedir( $plugins_subdir ); + } + } else { + if ( str_ends_with( $file, '.php' ) ) { + $plugin_files[] = $file; + } + } + } + + closedir( $plugins_dir ); + } + + if ( empty( $plugin_files ) ) { + return $wp_plugins; + } + + foreach ( $plugin_files as $plugin_file ) { + if ( ! is_readable( "$plugin_root/$plugin_file" ) ) { + continue; + } + + // Do not apply markup/translate as it will be cached. + $plugin_data = get_plugin_data( "$plugin_root/$plugin_file", false, false ); + + if ( empty( $plugin_data['Name'] ) ) { + continue; + } + + $wp_plugins[ plugin_basename( $plugin_file ) ] = $plugin_data; + } + + uasort( $wp_plugins, '_sort_uname_callback' ); + + $cache_plugins[ $plugin_folder ] = $wp_plugins; + wp_cache_set( 'plugins', $cache_plugins, 'plugins' ); + + return $wp_plugins; +} + +/** + * Checks the mu-plugins directory and retrieve all mu-plugin files with any plugin data. + * + * WordPress only includes mu-plugin files in the base mu-plugins directory (wp-content/mu-plugins). + * + * @since 3.0.0 + * @return array[] Array of arrays of mu-plugin data, keyed by plugin file name. See get_plugin_data(). + */ +function get_mu_plugins() { + $wp_plugins = array(); + $plugin_files = array(); + + if ( ! is_dir( WPMU_PLUGIN_DIR ) ) { + return $wp_plugins; + } + + // Files in wp-content/mu-plugins directory. + $plugins_dir = @opendir( WPMU_PLUGIN_DIR ); + if ( $plugins_dir ) { + while ( ( $file = readdir( $plugins_dir ) ) !== false ) { + if ( str_ends_with( $file, '.php' ) ) { + $plugin_files[] = $file; + } + } + } else { + return $wp_plugins; + } + + closedir( $plugins_dir ); + + if ( empty( $plugin_files ) ) { + return $wp_plugins; + } + + foreach ( $plugin_files as $plugin_file ) { + if ( ! is_readable( WPMU_PLUGIN_DIR . "/$plugin_file" ) ) { + continue; + } + + // Do not apply markup/translate as it will be cached. + $plugin_data = get_plugin_data( WPMU_PLUGIN_DIR . "/$plugin_file", false, false ); + + if ( empty( $plugin_data['Name'] ) ) { + $plugin_data['Name'] = $plugin_file; + } + + $wp_plugins[ $plugin_file ] = $plugin_data; + } + + if ( isset( $wp_plugins['index.php'] ) && filesize( WPMU_PLUGIN_DIR . '/index.php' ) <= 30 ) { + // Silence is golden. + unset( $wp_plugins['index.php'] ); + } + + uasort( $wp_plugins, '_sort_uname_callback' ); + + return $wp_plugins; +} + +/** + * Declares a callback to sort array by a 'Name' key. + * + * @since 3.1.0 + * + * @access private + * + * @param array $a array with 'Name' key. + * @param array $b array with 'Name' key. + * @return int Return 0 or 1 based on two string comparison. + */ +function _sort_uname_callback( $a, $b ) { + return strnatcasecmp( $a['Name'], $b['Name'] ); +} + +/** + * Checks the wp-content directory and retrieve all drop-ins with any plugin data. + * + * @since 3.0.0 + * @return array[] Array of arrays of dropin plugin data, keyed by plugin file name. See get_plugin_data(). + */ +function get_dropins() { + $dropins = array(); + $plugin_files = array(); + + $_dropins = _get_dropins(); + + // Files in wp-content directory. + $plugins_dir = @opendir( WP_CONTENT_DIR ); + if ( $plugins_dir ) { + while ( ( $file = readdir( $plugins_dir ) ) !== false ) { + if ( isset( $_dropins[ $file ] ) ) { + $plugin_files[] = $file; + } + } + } else { + return $dropins; + } + + closedir( $plugins_dir ); + + if ( empty( $plugin_files ) ) { + return $dropins; + } + + foreach ( $plugin_files as $plugin_file ) { + if ( ! is_readable( WP_CONTENT_DIR . "/$plugin_file" ) ) { + continue; + } + + // Do not apply markup/translate as it will be cached. + $plugin_data = get_plugin_data( WP_CONTENT_DIR . "/$plugin_file", false, false ); + + if ( empty( $plugin_data['Name'] ) ) { + $plugin_data['Name'] = $plugin_file; + } + + $dropins[ $plugin_file ] = $plugin_data; + } + + uksort( $dropins, 'strnatcasecmp' ); + + return $dropins; +} + +/** + * Returns drop-ins that WordPress uses. + * + * Includes Multisite drop-ins only when is_multisite() + * + * @since 3.0.0 + * @return array[] Key is file name. The value is an array, with the first value the + * purpose of the drop-in and the second value the name of the constant that must be + * true for the drop-in to be used, or true if no constant is required. + */ +function _get_dropins() { + $dropins = array( + 'advanced-cache.php' => array( __( 'Advanced caching plugin.' ), 'WP_CACHE' ), // WP_CACHE + 'db.php' => array( __( 'Custom database class.' ), true ), // Auto on load. + 'db-error.php' => array( __( 'Custom database error message.' ), true ), // Auto on error. + 'install.php' => array( __( 'Custom installation script.' ), true ), // Auto on installation. + 'maintenance.php' => array( __( 'Custom maintenance message.' ), true ), // Auto on maintenance. + 'object-cache.php' => array( __( 'External object cache.' ), true ), // Auto on load. + 'php-error.php' => array( __( 'Custom PHP error message.' ), true ), // Auto on error. + 'fatal-error-handler.php' => array( __( 'Custom PHP fatal error handler.' ), true ), // Auto on error. + ); + + if ( is_multisite() ) { + $dropins['sunrise.php'] = array( __( 'Executed before Multisite is loaded.' ), 'SUNRISE' ); // SUNRISE + $dropins['blog-deleted.php'] = array( __( 'Custom site deleted message.' ), true ); // Auto on deleted blog. + $dropins['blog-inactive.php'] = array( __( 'Custom site inactive message.' ), true ); // Auto on inactive blog. + $dropins['blog-suspended.php'] = array( __( 'Custom site suspended message.' ), true ); // Auto on archived or spammed blog. + } + + return $dropins; +} + +/** + * Determines whether a plugin is active. + * + * Only plugins installed in the plugins/ folder can be active. + * + * Plugins in the mu-plugins/ folder can't be "activated," so this function will + * return false for those plugins. + * + * For more information on this and similar theme functions, check out + * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ + * Conditional Tags} article in the Theme Developer Handbook. + * + * @since 2.5.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool True, if in the active plugins list. False, not in the list. + */ +function is_plugin_active( $plugin ) { + return in_array( $plugin, (array) get_option( 'active_plugins', array() ), true ) || is_plugin_active_for_network( $plugin ); +} + +/** + * Determines whether the plugin is inactive. + * + * Reverse of is_plugin_active(). Used as a callback. + * + * For more information on this and similar theme functions, check out + * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ + * Conditional Tags} article in the Theme Developer Handbook. + * + * @since 3.1.0 + * + * @see is_plugin_active() + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool True if inactive. False if active. + */ +function is_plugin_inactive( $plugin ) { + return ! is_plugin_active( $plugin ); +} + +/** + * Determines whether the plugin is active for the entire network. + * + * Only plugins installed in the plugins/ folder can be active. + * + * Plugins in the mu-plugins/ folder can't be "activated," so this function will + * return false for those plugins. + * + * For more information on this and similar theme functions, check out + * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ + * Conditional Tags} article in the Theme Developer Handbook. + * + * @since 3.0.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool True if active for the network, otherwise false. + */ +function is_plugin_active_for_network( $plugin ) { + if ( ! is_multisite() ) { + return false; + } + + $plugins = get_site_option( 'active_sitewide_plugins' ); + if ( isset( $plugins[ $plugin ] ) ) { + return true; + } + + return false; +} + +/** + * Checks for "Network: true" in the plugin header to see if this should + * be activated only as a network wide plugin. The plugin would also work + * when Multisite is not enabled. + * + * Checks for "Site Wide Only: true" for backward compatibility. + * + * @since 3.0.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool True if plugin is network only, false otherwise. + */ +function is_network_only_plugin( $plugin ) { + $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin ); + if ( $plugin_data ) { + return $plugin_data['Network']; + } + return false; +} + +/** + * Attempts activation of plugin in a "sandbox" and redirects on success. + * + * A plugin that is already activated will not attempt to be activated again. + * + * The way it works is by setting the redirection to the error before trying to + * include the plugin file. If the plugin fails, then the redirection will not + * be overwritten with the success message. Also, the options will not be + * updated and the activation hook will not be called on plugin error. + * + * It should be noted that in no way the below code will actually prevent errors + * within the file. The code should not be used elsewhere to replicate the + * "sandbox", which uses redirection to work. + * {@source 13 1} + * + * If any errors are found or text is outputted, then it will be captured to + * ensure that the success redirection will update the error redirection. + * + * @since 2.5.0 + * @since 5.2.0 Test for WordPress version and PHP version compatibility. + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param string $redirect Optional. URL to redirect to. + * @param bool $network_wide Optional. Whether to enable the plugin for all sites in the network + * or just the current site. Multisite only. Default false. + * @param bool $silent Optional. Whether to prevent calling activation hooks. Default false. + * @return null|WP_Error Null on success, WP_Error on invalid file. + */ +function activate_plugin( $plugin, $redirect = '', $network_wide = false, $silent = false ) { + $plugin = plugin_basename( trim( $plugin ) ); + + if ( is_multisite() && ( $network_wide || is_network_only_plugin( $plugin ) ) ) { + $network_wide = true; + $current = get_site_option( 'active_sitewide_plugins', array() ); + $_GET['networkwide'] = 1; // Back compat for plugins looking for this value. + } else { + $current = get_option( 'active_plugins', array() ); + } + + $valid = validate_plugin( $plugin ); + if ( is_wp_error( $valid ) ) { + return $valid; + } + + $requirements = validate_plugin_requirements( $plugin ); + if ( is_wp_error( $requirements ) ) { + return $requirements; + } + + if ( $network_wide && ! isset( $current[ $plugin ] ) + || ! $network_wide && ! in_array( $plugin, $current, true ) + ) { + if ( ! empty( $redirect ) ) { + // We'll override this later if the plugin can be included without fatal error. + wp_redirect( add_query_arg( '_error_nonce', wp_create_nonce( 'plugin-activation-error_' . $plugin ), $redirect ) ); + } + + ob_start(); + + // Load the plugin to test whether it throws any errors. + plugin_sandbox_scrape( $plugin ); + + if ( ! $silent ) { + /** + * Fires before a plugin is activated. + * + * If a plugin is silently activated (such as during an update), + * this hook does not fire. + * + * @since 2.9.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param bool $network_wide Whether to enable the plugin for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( 'activate_plugin', $plugin, $network_wide ); + + /** + * Fires as a specific plugin is being activated. + * + * This hook is the "activation" hook used internally by register_activation_hook(). + * The dynamic portion of the hook name, `$plugin`, refers to the plugin basename. + * + * If a plugin is silently activated (such as during an update), this hook does not fire. + * + * @since 2.0.0 + * + * @param bool $network_wide Whether to enable the plugin for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( "activate_{$plugin}", $network_wide ); + } + + if ( $network_wide ) { + $current = get_site_option( 'active_sitewide_plugins', array() ); + $current[ $plugin ] = time(); + update_site_option( 'active_sitewide_plugins', $current ); + } else { + $current = get_option( 'active_plugins', array() ); + $current[] = $plugin; + sort( $current ); + update_option( 'active_plugins', $current ); + } + + if ( ! $silent ) { + /** + * Fires after a plugin has been activated. + * + * If a plugin is silently activated (such as during an update), + * this hook does not fire. + * + * @since 2.9.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param bool $network_wide Whether to enable the plugin for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( 'activated_plugin', $plugin, $network_wide ); + } + + if ( ob_get_length() > 0 ) { + $output = ob_get_clean(); + return new WP_Error( 'unexpected_output', __( 'The plugin generated unexpected output.' ), $output ); + } + + ob_end_clean(); + } + + return null; +} + +/** + * Deactivates a single plugin or multiple plugins. + * + * The deactivation hook is disabled by the plugin upgrader by using the $silent + * parameter. + * + * @since 2.5.0 + * + * @param string|string[] $plugins Single plugin or list of plugins to deactivate. + * @param bool $silent Prevent calling deactivation hooks. Default false. + * @param bool|null $network_wide Whether to deactivate the plugin for all sites in the network. + * A value of null will deactivate plugins for both the network + * and the current site. Multisite only. Default null. + */ +function deactivate_plugins( $plugins, $silent = false, $network_wide = null ) { + if ( is_multisite() ) { + $network_current = get_site_option( 'active_sitewide_plugins', array() ); + } + $current = get_option( 'active_plugins', array() ); + $do_blog = false; + $do_network = false; + + foreach ( (array) $plugins as $plugin ) { + $plugin = plugin_basename( trim( $plugin ) ); + if ( ! is_plugin_active( $plugin ) ) { + continue; + } + + $network_deactivating = ( false !== $network_wide ) && is_plugin_active_for_network( $plugin ); + + if ( ! $silent ) { + /** + * Fires before a plugin is deactivated. + * + * If a plugin is silently deactivated (such as during an update), + * this hook does not fire. + * + * @since 2.9.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param bool $network_deactivating Whether the plugin is deactivated for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( 'deactivate_plugin', $plugin, $network_deactivating ); + } + + if ( false !== $network_wide ) { + if ( is_plugin_active_for_network( $plugin ) ) { + $do_network = true; + unset( $network_current[ $plugin ] ); + } elseif ( $network_wide ) { + continue; + } + } + + if ( true !== $network_wide ) { + $key = array_search( $plugin, $current, true ); + if ( false !== $key ) { + $do_blog = true; + unset( $current[ $key ] ); + } + } + + if ( $do_blog && wp_is_recovery_mode() ) { + list( $extension ) = explode( '/', $plugin ); + wp_paused_plugins()->delete( $extension ); + } + + if ( ! $silent ) { + /** + * Fires as a specific plugin is being deactivated. + * + * This hook is the "deactivation" hook used internally by register_deactivation_hook(). + * The dynamic portion of the hook name, `$plugin`, refers to the plugin basename. + * + * If a plugin is silently deactivated (such as during an update), this hook does not fire. + * + * @since 2.0.0 + * + * @param bool $network_deactivating Whether the plugin is deactivated for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( "deactivate_{$plugin}", $network_deactivating ); + + /** + * Fires after a plugin is deactivated. + * + * If a plugin is silently deactivated (such as during an update), + * this hook does not fire. + * + * @since 2.9.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param bool $network_deactivating Whether the plugin is deactivated for all sites in the network + * or just the current site. Multisite only. Default false. + */ + do_action( 'deactivated_plugin', $plugin, $network_deactivating ); + } + } + + if ( $do_blog ) { + update_option( 'active_plugins', $current ); + } + if ( $do_network ) { + update_site_option( 'active_sitewide_plugins', $network_current ); + } +} + +/** + * Activates multiple plugins. + * + * When WP_Error is returned, it does not mean that one of the plugins had + * errors. It means that one or more of the plugin file paths were invalid. + * + * The execution will be halted as soon as one of the plugins has an error. + * + * @since 2.6.0 + * + * @param string|string[] $plugins Single plugin or list of plugins to activate. + * @param string $redirect Redirect to page after successful activation. + * @param bool $network_wide Whether to enable the plugin for all sites in the network. + * Default false. + * @param bool $silent Prevent calling activation hooks. Default false. + * @return true|WP_Error True when finished or WP_Error if there were errors during a plugin activation. + */ +function activate_plugins( $plugins, $redirect = '', $network_wide = false, $silent = false ) { + if ( ! is_array( $plugins ) ) { + $plugins = array( $plugins ); + } + + $errors = array(); + foreach ( $plugins as $plugin ) { + if ( ! empty( $redirect ) ) { + $redirect = add_query_arg( 'plugin', $plugin, $redirect ); + } + $result = activate_plugin( $plugin, $redirect, $network_wide, $silent ); + if ( is_wp_error( $result ) ) { + $errors[ $plugin ] = $result; + } + } + + if ( ! empty( $errors ) ) { + return new WP_Error( 'plugins_invalid', __( 'One of the plugins is invalid.' ), $errors ); + } + + return true; +} + +/** + * Removes directory and files of a plugin for a list of plugins. + * + * @since 2.6.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string[] $plugins List of plugin paths to delete, relative to the plugins directory. + * @param string $deprecated Not used. + * @return bool|null|WP_Error True on success, false if `$plugins` is empty, `WP_Error` on failure. + * `null` if filesystem credentials are required to proceed. + */ +function delete_plugins( $plugins, $deprecated = '' ) { + global $wp_filesystem; + + if ( empty( $plugins ) ) { + return false; + } + + $checked = array(); + foreach ( $plugins as $plugin ) { + $checked[] = 'checked[]=' . $plugin; + } + + $url = wp_nonce_url( 'plugins.php?action=delete-selected&verify-delete=1&' . implode( '&', $checked ), 'bulk-plugins' ); + + ob_start(); + $credentials = request_filesystem_credentials( $url ); + $data = ob_get_clean(); + + if ( false === $credentials ) { + if ( ! empty( $data ) ) { + require_once ABSPATH . 'wp-admin/admin-header.php'; + echo $data; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + exit; + } + return; + } + + if ( ! WP_Filesystem( $credentials ) ) { + ob_start(); + // Failed to connect. Error and request again. + request_filesystem_credentials( $url, '', true ); + $data = ob_get_clean(); + + if ( ! empty( $data ) ) { + require_once ABSPATH . 'wp-admin/admin-header.php'; + echo $data; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + exit; + } + return; + } + + if ( ! is_object( $wp_filesystem ) ) { + return new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) ); + } + + if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + return new WP_Error( 'fs_error', __( 'Filesystem error.' ), $wp_filesystem->errors ); + } + + // Get the base plugin folder. + $plugins_dir = $wp_filesystem->wp_plugins_dir(); + if ( empty( $plugins_dir ) ) { + return new WP_Error( 'fs_no_plugins_dir', __( 'Unable to locate WordPress plugin directory.' ) ); + } + + $plugins_dir = trailingslashit( $plugins_dir ); + + $plugin_translations = wp_get_installed_translations( 'plugins' ); + + $errors = array(); + + foreach ( $plugins as $plugin_file ) { + // Run Uninstall hook. + if ( is_uninstallable_plugin( $plugin_file ) ) { + uninstall_plugin( $plugin_file ); + } + + /** + * Fires immediately before a plugin deletion attempt. + * + * @since 4.4.0 + * + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + */ + do_action( 'delete_plugin', $plugin_file ); + + $this_plugin_dir = trailingslashit( dirname( $plugins_dir . $plugin_file ) ); + + /* + * If plugin is in its own directory, recursively delete the directory. + * Base check on if plugin includes directory separator AND that it's not the root plugin folder. + */ + if ( strpos( $plugin_file, '/' ) && $this_plugin_dir !== $plugins_dir ) { + $deleted = $wp_filesystem->delete( $this_plugin_dir, true ); + } else { + $deleted = $wp_filesystem->delete( $plugins_dir . $plugin_file ); + } + + /** + * Fires immediately after a plugin deletion attempt. + * + * @since 4.4.0 + * + * @param string $plugin_file Path to the plugin file relative to the plugins directory. + * @param bool $deleted Whether the plugin deletion was successful. + */ + do_action( 'deleted_plugin', $plugin_file, $deleted ); + + if ( ! $deleted ) { + $errors[] = $plugin_file; + continue; + } + + $plugin_slug = dirname( $plugin_file ); + + if ( 'hello.php' === $plugin_file ) { + $plugin_slug = 'hello-dolly'; + } + + // Remove language files, silently. + if ( '.' !== $plugin_slug && ! empty( $plugin_translations[ $plugin_slug ] ) ) { + $translations = $plugin_translations[ $plugin_slug ]; + + foreach ( $translations as $translation => $data ) { + $wp_filesystem->delete( WP_LANG_DIR . '/plugins/' . $plugin_slug . '-' . $translation . '.po' ); + $wp_filesystem->delete( WP_LANG_DIR . '/plugins/' . $plugin_slug . '-' . $translation . '.mo' ); + + $json_translation_files = glob( WP_LANG_DIR . '/plugins/' . $plugin_slug . '-' . $translation . '-*.json' ); + if ( $json_translation_files ) { + array_map( array( $wp_filesystem, 'delete' ), $json_translation_files ); + } + } + } + } + + // Remove deleted plugins from the plugin updates list. + $current = get_site_transient( 'update_plugins' ); + if ( $current ) { + // Don't remove the plugins that weren't deleted. + $deleted = array_diff( $plugins, $errors ); + + foreach ( $deleted as $plugin_file ) { + unset( $current->response[ $plugin_file ] ); + } + + set_site_transient( 'update_plugins', $current ); + } + + if ( ! empty( $errors ) ) { + if ( 1 === count( $errors ) ) { + /* translators: %s: Plugin filename. */ + $message = __( 'Could not fully remove the plugin %s.' ); + } else { + /* translators: %s: Comma-separated list of plugin filenames. */ + $message = __( 'Could not fully remove the plugins %s.' ); + } + + return new WP_Error( 'could_not_remove_plugin', sprintf( $message, implode( ', ', $errors ) ) ); + } + + return true; +} + +/** + * Validates active plugins. + * + * Validate all active plugins, deactivates invalid and + * returns an array of deactivated ones. + * + * @since 2.5.0 + * @return WP_Error[] Array of plugin errors keyed by plugin file name. + */ +function validate_active_plugins() { + $plugins = get_option( 'active_plugins', array() ); + // Validate vartype: array. + if ( ! is_array( $plugins ) ) { + update_option( 'active_plugins', array() ); + $plugins = array(); + } + + if ( is_multisite() && current_user_can( 'manage_network_plugins' ) ) { + $network_plugins = (array) get_site_option( 'active_sitewide_plugins', array() ); + $plugins = array_merge( $plugins, array_keys( $network_plugins ) ); + } + + if ( empty( $plugins ) ) { + return array(); + } + + $invalid = array(); + + // Invalid plugins get deactivated. + foreach ( $plugins as $plugin ) { + $result = validate_plugin( $plugin ); + if ( is_wp_error( $result ) ) { + $invalid[ $plugin ] = $result; + deactivate_plugins( $plugin, true ); + } + } + return $invalid; +} + +/** + * Validates the plugin path. + * + * Checks that the main plugin file exists and is a valid plugin. See validate_file(). + * + * @since 2.5.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return int|WP_Error 0 on success, WP_Error on failure. + */ +function validate_plugin( $plugin ) { + if ( validate_file( $plugin ) ) { + return new WP_Error( 'plugin_invalid', __( 'Invalid plugin path.' ) ); + } + if ( ! file_exists( WP_PLUGIN_DIR . '/' . $plugin ) ) { + return new WP_Error( 'plugin_not_found', __( 'Plugin file does not exist.' ) ); + } + + $installed_plugins = get_plugins(); + if ( ! isset( $installed_plugins[ $plugin ] ) ) { + return new WP_Error( 'no_plugin_header', __( 'The plugin does not have a valid header.' ) ); + } + return 0; +} + +/** + * Validates the plugin requirements for WordPress version and PHP version. + * + * Uses the information from `Requires at least` and `Requires PHP` headers + * defined in the plugin's main PHP file. + * + * @since 5.2.0 + * @since 5.3.0 Added support for reading the headers from the plugin's + * main PHP file, with `readme.txt` as a fallback. + * @since 5.8.0 Removed support for using `readme.txt` as a fallback. + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return true|WP_Error True if requirements are met, WP_Error on failure. + */ +function validate_plugin_requirements( $plugin ) { + $plugin_headers = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin ); + + $requirements = array( + 'requires' => ! empty( $plugin_headers['RequiresWP'] ) ? $plugin_headers['RequiresWP'] : '', + 'requires_php' => ! empty( $plugin_headers['RequiresPHP'] ) ? $plugin_headers['RequiresPHP'] : '', + ); + + $compatible_wp = is_wp_version_compatible( $requirements['requires'] ); + $compatible_php = is_php_version_compatible( $requirements['requires_php'] ); + + $php_update_message = '</p><p>' . sprintf( + /* translators: %s: URL to Update PHP page. */ + __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + + $annotation = wp_get_update_php_annotation(); + + if ( $annotation ) { + $php_update_message .= '</p><p><em>' . $annotation . '</em>'; + } + + if ( ! $compatible_wp && ! $compatible_php ) { + return new WP_Error( + 'plugin_wp_php_incompatible', + '<p>' . sprintf( + /* translators: 1: Current WordPress version, 2: Current PHP version, 3: Plugin name, 4: Required WordPress version, 5: Required PHP version. */ + _x( '<strong>Error:</strong> Current versions of WordPress (%1$s) and PHP (%2$s) do not meet minimum requirements for %3$s. The plugin requires WordPress %4$s and PHP %5$s.', 'plugin' ), + get_bloginfo( 'version' ), + PHP_VERSION, + $plugin_headers['Name'], + $requirements['requires'], + $requirements['requires_php'] + ) . $php_update_message . '</p>' + ); + } elseif ( ! $compatible_php ) { + return new WP_Error( + 'plugin_php_incompatible', + '<p>' . sprintf( + /* translators: 1: Current PHP version, 2: Plugin name, 3: Required PHP version. */ + _x( '<strong>Error:</strong> Current PHP version (%1$s) does not meet minimum requirements for %2$s. The plugin requires PHP %3$s.', 'plugin' ), + PHP_VERSION, + $plugin_headers['Name'], + $requirements['requires_php'] + ) . $php_update_message . '</p>' + ); + } elseif ( ! $compatible_wp ) { + return new WP_Error( + 'plugin_wp_incompatible', + '<p>' . sprintf( + /* translators: 1: Current WordPress version, 2: Plugin name, 3: Required WordPress version. */ + _x( '<strong>Error:</strong> Current WordPress version (%1$s) does not meet minimum requirements for %2$s. The plugin requires WordPress %3$s.', 'plugin' ), + get_bloginfo( 'version' ), + $plugin_headers['Name'], + $requirements['requires'] + ) . '</p>' + ); + } + + return true; +} + +/** + * Determines whether the plugin can be uninstalled. + * + * @since 2.7.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool Whether plugin can be uninstalled. + */ +function is_uninstallable_plugin( $plugin ) { + $file = plugin_basename( $plugin ); + + $uninstallable_plugins = (array) get_option( 'uninstall_plugins' ); + if ( isset( $uninstallable_plugins[ $file ] ) || file_exists( WP_PLUGIN_DIR . '/' . dirname( $file ) . '/uninstall.php' ) ) { + return true; + } + + return false; +} + +/** + * Uninstalls a single plugin. + * + * Calls the uninstall hook, if it is available. + * + * @since 2.7.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return true|void True if a plugin's uninstall.php file has been found and included. + * Void otherwise. + */ +function uninstall_plugin( $plugin ) { + $file = plugin_basename( $plugin ); + + $uninstallable_plugins = (array) get_option( 'uninstall_plugins' ); + + /** + * Fires in uninstall_plugin() immediately before the plugin is uninstalled. + * + * @since 4.5.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @param array $uninstallable_plugins Uninstallable plugins. + */ + do_action( 'pre_uninstall_plugin', $plugin, $uninstallable_plugins ); + + if ( file_exists( WP_PLUGIN_DIR . '/' . dirname( $file ) . '/uninstall.php' ) ) { + if ( isset( $uninstallable_plugins[ $file ] ) ) { + unset( $uninstallable_plugins[ $file ] ); + update_option( 'uninstall_plugins', $uninstallable_plugins ); + } + unset( $uninstallable_plugins ); + + define( 'WP_UNINSTALL_PLUGIN', $file ); + + wp_register_plugin_realpath( WP_PLUGIN_DIR . '/' . $file ); + include_once WP_PLUGIN_DIR . '/' . dirname( $file ) . '/uninstall.php'; + + return true; + } + + if ( isset( $uninstallable_plugins[ $file ] ) ) { + $callable = $uninstallable_plugins[ $file ]; + unset( $uninstallable_plugins[ $file ] ); + update_option( 'uninstall_plugins', $uninstallable_plugins ); + unset( $uninstallable_plugins ); + + wp_register_plugin_realpath( WP_PLUGIN_DIR . '/' . $file ); + include_once WP_PLUGIN_DIR . '/' . $file; + + add_action( "uninstall_{$file}", $callable ); + + /** + * Fires in uninstall_plugin() once the plugin has been uninstalled. + * + * The action concatenates the 'uninstall_' prefix with the basename of the + * plugin passed to uninstall_plugin() to create a dynamically-named action. + * + * @since 2.7.0 + */ + do_action( "uninstall_{$file}" ); + } +} + +// +// Menu. +// + +/** + * Adds a top-level menu page. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 1.5.0 + * + * @global array $menu + * @global array $admin_page_hooks + * @global array $_registered_pages + * @global array $_parent_pages + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by. Should be unique for this menu page and only + * include lowercase alphanumeric, dashes, and underscores characters to be compatible + * with sanitize_key(). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param string $icon_url Optional. The URL to the icon to be used for this menu. + * * Pass a base64-encoded SVG using a data URI, which will be colored to match + * the color scheme. This should begin with 'data:image/svg+xml;base64,'. + * * Pass the name of a Dashicons helper class to use a font icon, + * e.g. 'dashicons-chart-pie'. + * * Pass 'none' to leave div.wp-menu-image empty so an icon can be added via CSS. + * @param int|float $position Optional. The position in the menu order this item should appear. + * @return string The resulting page's hook_suffix. + */ +function add_menu_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $icon_url = '', $position = null ) { + global $menu, $admin_page_hooks, $_registered_pages, $_parent_pages; + + $menu_slug = plugin_basename( $menu_slug ); + + $admin_page_hooks[ $menu_slug ] = sanitize_title( $menu_title ); + + $hookname = get_plugin_page_hookname( $menu_slug, '' ); + + if ( ! empty( $callback ) && ! empty( $hookname ) && current_user_can( $capability ) ) { + add_action( $hookname, $callback ); + } + + if ( empty( $icon_url ) ) { + $icon_url = 'dashicons-admin-generic'; + $icon_class = 'menu-icon-generic '; + } else { + $icon_url = set_url_scheme( $icon_url ); + $icon_class = ''; + } + + $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $icon_class . $hookname, $hookname, $icon_url ); + + if ( null !== $position && ! is_numeric( $position ) ) { + _doing_it_wrong( + __FUNCTION__, + sprintf( + /* translators: %s: add_menu_page() */ + __( 'The seventh parameter passed to %s should be numeric representing menu position.' ), + '<code>add_menu_page()</code>' + ), + '6.0.0' + ); + $position = null; + } + + if ( null === $position || ! is_numeric( $position ) ) { + $menu[] = $new_menu; + } elseif ( isset( $menu[ (string) $position ] ) ) { + $collision_avoider = base_convert( substr( md5( $menu_slug . $menu_title ), -4 ), 16, 10 ) * 0.00001; + $position = (string) ( $position + $collision_avoider ); + $menu[ $position ] = $new_menu; + } else { + /* + * Cast menu position to a string. + * + * This allows for floats to be passed as the position. PHP will normally cast a float to an + * integer value, this ensures the float retains its mantissa (positive fractional part). + * + * A string containing an integer value, eg "10", is treated as a numeric index. + */ + $position = (string) $position; + $menu[ $position ] = $new_menu; + } + + $_registered_pages[ $hookname ] = true; + + // No parent as top level. + $_parent_pages[ $menu_slug ] = false; + + return $hookname; +} + +/** + * Adds a submenu page. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 1.5.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @global array $submenu + * @global array $menu + * @global array $_wp_real_parent_file + * @global bool $_wp_submenu_nopriv + * @global array $_registered_pages + * @global array $_parent_pages + * + * @param string $parent_slug The slug name for the parent menu (or the file name of a standard + * WordPress admin page). + * @param string $page_title The text to be displayed in the title tags of the page when the menu + * is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by. Should be unique for this menu + * and only include lowercase alphanumeric, dashes, and underscores characters + * to be compatible with sanitize_key(). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int|float $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_submenu_page( $parent_slug, $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + global $submenu, $menu, $_wp_real_parent_file, $_wp_submenu_nopriv, + $_registered_pages, $_parent_pages; + + $menu_slug = plugin_basename( $menu_slug ); + $parent_slug = plugin_basename( $parent_slug ); + + if ( isset( $_wp_real_parent_file[ $parent_slug ] ) ) { + $parent_slug = $_wp_real_parent_file[ $parent_slug ]; + } + + if ( ! current_user_can( $capability ) ) { + $_wp_submenu_nopriv[ $parent_slug ][ $menu_slug ] = true; + return false; + } + + /* + * If the parent doesn't already have a submenu, add a link to the parent + * as the first item in the submenu. If the submenu file is the same as the + * parent file someone is trying to link back to the parent manually. In + * this case, don't automatically add a link back to avoid duplication. + */ + if ( ! isset( $submenu[ $parent_slug ] ) && $menu_slug !== $parent_slug ) { + foreach ( (array) $menu as $parent_menu ) { + if ( $parent_menu[2] === $parent_slug && current_user_can( $parent_menu[1] ) ) { + $submenu[ $parent_slug ][] = array_slice( $parent_menu, 0, 4 ); + } + } + } + + $new_sub_menu = array( $menu_title, $capability, $menu_slug, $page_title ); + + if ( null !== $position && ! is_numeric( $position ) ) { + _doing_it_wrong( + __FUNCTION__, + sprintf( + /* translators: %s: add_submenu_page() */ + __( 'The seventh parameter passed to %s should be numeric representing menu position.' ), + '<code>add_submenu_page()</code>' + ), + '5.3.0' + ); + $position = null; + } + + if ( + null === $position || + ( ! isset( $submenu[ $parent_slug ] ) || $position >= count( $submenu[ $parent_slug ] ) ) + ) { + $submenu[ $parent_slug ][] = $new_sub_menu; + } else { + // Test for a negative position. + $position = max( $position, 0 ); + if ( 0 === $position ) { + // For negative or `0` positions, prepend the submenu. + array_unshift( $submenu[ $parent_slug ], $new_sub_menu ); + } else { + $position = absint( $position ); + // Grab all of the items before the insertion point. + $before_items = array_slice( $submenu[ $parent_slug ], 0, $position, true ); + // Grab all of the items after the insertion point. + $after_items = array_slice( $submenu[ $parent_slug ], $position, null, true ); + // Add the new item. + $before_items[] = $new_sub_menu; + // Merge the items. + $submenu[ $parent_slug ] = array_merge( $before_items, $after_items ); + } + } + + // Sort the parent array. + ksort( $submenu[ $parent_slug ] ); + + $hookname = get_plugin_page_hookname( $menu_slug, $parent_slug ); + if ( ! empty( $callback ) && ! empty( $hookname ) ) { + add_action( $hookname, $callback ); + } + + $_registered_pages[ $hookname ] = true; + + /* + * Backward-compatibility for plugins using add_management_page(). + * See wp-admin/admin.php for redirect from edit.php to tools.php. + */ + if ( 'tools.php' === $parent_slug ) { + $_registered_pages[ get_plugin_page_hookname( $menu_slug, 'edit.php' ) ] = true; + } + + // No parent as top level. + $_parent_pages[ $menu_slug ] = $parent_slug; + + return $hookname; +} + +/** + * Adds a submenu page to the Tools main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 1.5.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_management_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'tools.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Settings main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 1.5.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_options_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'options-general.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Appearance main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.0.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_theme_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'themes.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Plugins main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 3.0.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_plugins_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'plugins.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Users/Profile main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.1.3 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_users_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + if ( current_user_can( 'edit_users' ) ) { + $parent = 'users.php'; + } else { + $parent = 'profile.php'; + } + return add_submenu_page( $parent, $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Dashboard main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_dashboard_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'index.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Posts main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_posts_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'edit.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Media main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_media_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'upload.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Links main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_links_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'link-manager.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Pages main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_pages_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'edit.php?post_type=page', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Adds a submenu page to the Comments main menu. + * + * This function takes a capability which will be used to determine whether + * or not a page is included in the menu. + * + * The function which is hooked in to handle the output of the page must check + * that the user has the required capability as well. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$position` parameter. + * + * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected. + * @param string $menu_title The text to be used for the menu. + * @param string $capability The capability required for this menu to be displayed to the user. + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param callable $callback Optional. The function to be called to output the content for this page. + * @param int $position Optional. The position in the menu order this item should appear. + * @return string|false The resulting page's hook_suffix, or false if the user does not have the capability required. + */ +function add_comments_page( $page_title, $menu_title, $capability, $menu_slug, $callback = '', $position = null ) { + return add_submenu_page( 'edit-comments.php', $page_title, $menu_title, $capability, $menu_slug, $callback, $position ); +} + +/** + * Removes a top-level admin menu. + * + * Example usage: + * + * - `remove_menu_page( 'tools.php' )` + * - `remove_menu_page( 'plugin_menu_slug' )` + * + * @since 3.1.0 + * + * @global array $menu + * + * @param string $menu_slug The slug of the menu. + * @return array|false The removed menu on success, false if not found. + */ +function remove_menu_page( $menu_slug ) { + global $menu; + + foreach ( $menu as $i => $item ) { + if ( $menu_slug === $item[2] ) { + unset( $menu[ $i ] ); + return $item; + } + } + + return false; +} + +/** + * Removes an admin submenu. + * + * Example usage: + * + * - `remove_submenu_page( 'themes.php', 'nav-menus.php' )` + * - `remove_submenu_page( 'tools.php', 'plugin_submenu_slug' )` + * - `remove_submenu_page( 'plugin_menu_slug', 'plugin_submenu_slug' )` + * + * @since 3.1.0 + * + * @global array $submenu + * + * @param string $menu_slug The slug for the parent menu. + * @param string $submenu_slug The slug of the submenu. + * @return array|false The removed submenu on success, false if not found. + */ +function remove_submenu_page( $menu_slug, $submenu_slug ) { + global $submenu; + + if ( ! isset( $submenu[ $menu_slug ] ) ) { + return false; + } + + foreach ( $submenu[ $menu_slug ] as $i => $item ) { + if ( $submenu_slug === $item[2] ) { + unset( $submenu[ $menu_slug ][ $i ] ); + return $item; + } + } + + return false; +} + +/** + * Gets the URL to access a particular menu page based on the slug it was registered with. + * + * If the slug hasn't been registered properly, no URL will be returned. + * + * @since 3.0.0 + * + * @global array $_parent_pages + * + * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu). + * @param bool $display Optional. Whether or not to display the URL. Default true. + * @return string The menu page URL. + */ +function menu_page_url( $menu_slug, $display = true ) { + global $_parent_pages; + + if ( isset( $_parent_pages[ $menu_slug ] ) ) { + $parent_slug = $_parent_pages[ $menu_slug ]; + + if ( $parent_slug && ! isset( $_parent_pages[ $parent_slug ] ) ) { + $url = admin_url( add_query_arg( 'page', $menu_slug, $parent_slug ) ); + } else { + $url = admin_url( 'admin.php?page=' . $menu_slug ); + } + } else { + $url = ''; + } + + $url = esc_url( $url ); + + if ( $display ) { + echo $url; + } + + return $url; +} + +// +// Pluggable Menu Support -- Private. +// +/** + * Gets the parent file of the current admin page. + * + * @since 1.5.0 + * + * @global string $parent_file + * @global array $menu + * @global array $submenu + * @global string $pagenow The filename of the current screen. + * @global string $typenow The post type of the current screen. + * @global string $plugin_page + * @global array $_wp_real_parent_file + * @global array $_wp_menu_nopriv + * @global array $_wp_submenu_nopriv + * + * @param string $parent_page Optional. The slug name for the parent menu (or the file name + * of a standard WordPress admin page). Default empty string. + * @return string The parent file of the current admin page. + */ +function get_admin_page_parent( $parent_page = '' ) { + global $parent_file, $menu, $submenu, $pagenow, $typenow, + $plugin_page, $_wp_real_parent_file, $_wp_menu_nopriv, $_wp_submenu_nopriv; + + if ( ! empty( $parent_page ) && 'admin.php' !== $parent_page ) { + if ( isset( $_wp_real_parent_file[ $parent_page ] ) ) { + $parent_page = $_wp_real_parent_file[ $parent_page ]; + } + + return $parent_page; + } + + if ( 'admin.php' === $pagenow && isset( $plugin_page ) ) { + foreach ( (array) $menu as $parent_menu ) { + if ( $parent_menu[2] === $plugin_page ) { + $parent_file = $plugin_page; + + if ( isset( $_wp_real_parent_file[ $parent_file ] ) ) { + $parent_file = $_wp_real_parent_file[ $parent_file ]; + } + + return $parent_file; + } + } + if ( isset( $_wp_menu_nopriv[ $plugin_page ] ) ) { + $parent_file = $plugin_page; + + if ( isset( $_wp_real_parent_file[ $parent_file ] ) ) { + $parent_file = $_wp_real_parent_file[ $parent_file ]; + } + + return $parent_file; + } + } + + if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[ $pagenow ][ $plugin_page ] ) ) { + $parent_file = $pagenow; + + if ( isset( $_wp_real_parent_file[ $parent_file ] ) ) { + $parent_file = $_wp_real_parent_file[ $parent_file ]; + } + + return $parent_file; + } + + foreach ( array_keys( (array) $submenu ) as $parent_page ) { + foreach ( $submenu[ $parent_page ] as $submenu_array ) { + if ( isset( $_wp_real_parent_file[ $parent_page ] ) ) { + $parent_page = $_wp_real_parent_file[ $parent_page ]; + } + + if ( ! empty( $typenow ) && "$pagenow?post_type=$typenow" === $submenu_array[2] ) { + $parent_file = $parent_page; + return $parent_page; + } elseif ( empty( $typenow ) && $pagenow === $submenu_array[2] + && ( empty( $parent_file ) || ! str_contains( $parent_file, '?' ) ) + ) { + $parent_file = $parent_page; + return $parent_page; + } elseif ( isset( $plugin_page ) && $plugin_page === $submenu_array[2] ) { + $parent_file = $parent_page; + return $parent_page; + } + } + } + + if ( empty( $parent_file ) ) { + $parent_file = ''; + } + return ''; +} + +/** + * Gets the title of the current admin page. + * + * @since 1.5.0 + * + * @global string $title + * @global array $menu + * @global array $submenu + * @global string $pagenow The filename of the current screen. + * @global string $typenow The post type of the current screen. + * @global string $plugin_page + * + * @return string The title of the current admin page. + */ +function get_admin_page_title() { + global $title, $menu, $submenu, $pagenow, $typenow, $plugin_page; + + if ( ! empty( $title ) ) { + return $title; + } + + $hook = get_plugin_page_hook( $plugin_page, $pagenow ); + + $parent = get_admin_page_parent(); + $parent1 = $parent; + + if ( empty( $parent ) ) { + foreach ( (array) $menu as $menu_array ) { + if ( isset( $menu_array[3] ) ) { + if ( $menu_array[2] === $pagenow ) { + $title = $menu_array[3]; + return $menu_array[3]; + } elseif ( isset( $plugin_page ) && $plugin_page === $menu_array[2] && $hook === $menu_array[5] ) { + $title = $menu_array[3]; + return $menu_array[3]; + } + } else { + $title = $menu_array[0]; + return $title; + } + } + } else { + foreach ( array_keys( $submenu ) as $parent ) { + foreach ( $submenu[ $parent ] as $submenu_array ) { + if ( isset( $plugin_page ) + && $plugin_page === $submenu_array[2] + && ( $pagenow === $parent + || $plugin_page === $parent + || $plugin_page === $hook + || 'admin.php' === $pagenow && $parent1 !== $submenu_array[2] + || ! empty( $typenow ) && "$pagenow?post_type=$typenow" === $parent ) + ) { + $title = $submenu_array[3]; + return $submenu_array[3]; + } + + if ( $submenu_array[2] !== $pagenow || isset( $_GET['page'] ) ) { // Not the current page. + continue; + } + + if ( isset( $submenu_array[3] ) ) { + $title = $submenu_array[3]; + return $submenu_array[3]; + } else { + $title = $submenu_array[0]; + return $title; + } + } + } + if ( empty( $title ) ) { + foreach ( $menu as $menu_array ) { + if ( isset( $plugin_page ) + && $plugin_page === $menu_array[2] + && 'admin.php' === $pagenow + && $parent1 === $menu_array[2] + ) { + $title = $menu_array[3]; + return $menu_array[3]; + } + } + } + } + + return $title; +} + +/** + * Gets the hook attached to the administrative page of a plugin. + * + * @since 1.5.0 + * + * @param string $plugin_page The slug name of the plugin page. + * @param string $parent_page The slug name for the parent menu (or the file name of a standard + * WordPress admin page). + * @return string|null Hook attached to the plugin page, null otherwise. + */ +function get_plugin_page_hook( $plugin_page, $parent_page ) { + $hook = get_plugin_page_hookname( $plugin_page, $parent_page ); + if ( has_action( $hook ) ) { + return $hook; + } else { + return null; + } +} + +/** + * Gets the hook name for the administrative page of a plugin. + * + * @since 1.5.0 + * + * @global array $admin_page_hooks + * + * @param string $plugin_page The slug name of the plugin page. + * @param string $parent_page The slug name for the parent menu (or the file name of a standard + * WordPress admin page). + * @return string Hook name for the plugin page. + */ +function get_plugin_page_hookname( $plugin_page, $parent_page ) { + global $admin_page_hooks; + + $parent = get_admin_page_parent( $parent_page ); + + $page_type = 'admin'; + if ( empty( $parent_page ) || 'admin.php' === $parent_page || isset( $admin_page_hooks[ $plugin_page ] ) ) { + if ( isset( $admin_page_hooks[ $plugin_page ] ) ) { + $page_type = 'toplevel'; + } elseif ( isset( $admin_page_hooks[ $parent ] ) ) { + $page_type = $admin_page_hooks[ $parent ]; + } + } elseif ( isset( $admin_page_hooks[ $parent ] ) ) { + $page_type = $admin_page_hooks[ $parent ]; + } + + $plugin_name = preg_replace( '!\.php!', '', $plugin_page ); + + return $page_type . '_page_' . $plugin_name; +} + +/** + * Determines whether the current user can access the current admin page. + * + * @since 1.5.0 + * + * @global string $pagenow The filename of the current screen. + * @global array $menu + * @global array $submenu + * @global array $_wp_menu_nopriv + * @global array $_wp_submenu_nopriv + * @global string $plugin_page + * @global array $_registered_pages + * + * @return bool True if the current user can access the admin page, false otherwise. + */ +function user_can_access_admin_page() { + global $pagenow, $menu, $submenu, $_wp_menu_nopriv, $_wp_submenu_nopriv, + $plugin_page, $_registered_pages; + + $parent = get_admin_page_parent(); + + if ( ! isset( $plugin_page ) && isset( $_wp_submenu_nopriv[ $parent ][ $pagenow ] ) ) { + return false; + } + + if ( isset( $plugin_page ) ) { + if ( isset( $_wp_submenu_nopriv[ $parent ][ $plugin_page ] ) ) { + return false; + } + + $hookname = get_plugin_page_hookname( $plugin_page, $parent ); + + if ( ! isset( $_registered_pages[ $hookname ] ) ) { + return false; + } + } + + if ( empty( $parent ) ) { + if ( isset( $_wp_menu_nopriv[ $pagenow ] ) ) { + return false; + } + if ( isset( $_wp_submenu_nopriv[ $pagenow ][ $pagenow ] ) ) { + return false; + } + if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[ $pagenow ][ $plugin_page ] ) ) { + return false; + } + if ( isset( $plugin_page ) && isset( $_wp_menu_nopriv[ $plugin_page ] ) ) { + return false; + } + + foreach ( array_keys( $_wp_submenu_nopriv ) as $key ) { + if ( isset( $_wp_submenu_nopriv[ $key ][ $pagenow ] ) ) { + return false; + } + if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[ $key ][ $plugin_page ] ) ) { + return false; + } + } + + return true; + } + + if ( isset( $plugin_page ) && $plugin_page === $parent && isset( $_wp_menu_nopriv[ $plugin_page ] ) ) { + return false; + } + + if ( isset( $submenu[ $parent ] ) ) { + foreach ( $submenu[ $parent ] as $submenu_array ) { + if ( isset( $plugin_page ) && $submenu_array[2] === $plugin_page ) { + return current_user_can( $submenu_array[1] ); + } elseif ( $submenu_array[2] === $pagenow ) { + return current_user_can( $submenu_array[1] ); + } + } + } + + foreach ( $menu as $menu_array ) { + if ( $menu_array[2] === $parent ) { + return current_user_can( $menu_array[1] ); + } + } + + return true; +} + +/* Allowed list functions */ + +/** + * Refreshes the value of the allowed options list available via the 'allowed_options' hook. + * + * See the {@see 'allowed_options'} filter. + * + * @since 2.7.0 + * @since 5.5.0 `$new_whitelist_options` was renamed to `$new_allowed_options`. + * Please consider writing more inclusive code. + * + * @global array $new_allowed_options + * + * @param array $options + * @return array + */ +function option_update_filter( $options ) { + global $new_allowed_options; + + if ( is_array( $new_allowed_options ) ) { + $options = add_allowed_options( $new_allowed_options, $options ); + } + + return $options; +} + +/** + * Adds an array of options to the list of allowed options. + * + * @since 5.5.0 + * + * @global array $allowed_options + * + * @param array $new_options + * @param string|array $options + * @return array + */ +function add_allowed_options( $new_options, $options = '' ) { + if ( '' === $options ) { + global $allowed_options; + } else { + $allowed_options = $options; + } + + foreach ( $new_options as $page => $keys ) { + foreach ( $keys as $key ) { + if ( ! isset( $allowed_options[ $page ] ) || ! is_array( $allowed_options[ $page ] ) ) { + $allowed_options[ $page ] = array(); + $allowed_options[ $page ][] = $key; + } else { + $pos = array_search( $key, $allowed_options[ $page ], true ); + if ( false === $pos ) { + $allowed_options[ $page ][] = $key; + } + } + } + } + + return $allowed_options; +} + +/** + * Removes a list of options from the allowed options list. + * + * @since 5.5.0 + * + * @global array $allowed_options + * + * @param array $del_options + * @param string|array $options + * @return array + */ +function remove_allowed_options( $del_options, $options = '' ) { + if ( '' === $options ) { + global $allowed_options; + } else { + $allowed_options = $options; + } + + foreach ( $del_options as $page => $keys ) { + foreach ( $keys as $key ) { + if ( isset( $allowed_options[ $page ] ) && is_array( $allowed_options[ $page ] ) ) { + $pos = array_search( $key, $allowed_options[ $page ], true ); + if ( false !== $pos ) { + unset( $allowed_options[ $page ][ $pos ] ); + } + } + } + } + + return $allowed_options; +} + +/** + * Outputs nonce, action, and option_page fields for a settings page. + * + * @since 2.7.0 + * + * @param string $option_group A settings group name. This should match the group name + * used in register_setting(). + */ +function settings_fields( $option_group ) { + echo "<input type='hidden' name='option_page' value='" . esc_attr( $option_group ) . "' />"; + echo '<input type="hidden" name="action" value="update" />'; + wp_nonce_field( "$option_group-options" ); +} + +/** + * Clears the plugins cache used by get_plugins() and by default, the plugin updates cache. + * + * @since 3.7.0 + * + * @param bool $clear_update_cache Whether to clear the plugin updates cache. Default true. + */ +function wp_clean_plugins_cache( $clear_update_cache = true ) { + if ( $clear_update_cache ) { + delete_site_transient( 'update_plugins' ); + } + wp_cache_delete( 'plugins', 'plugins' ); +} + +/** + * Loads a given plugin attempt to generate errors. + * + * @since 3.0.0 + * @since 4.4.0 Function was moved into the `wp-admin/includes/plugin.php` file. + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + */ +function plugin_sandbox_scrape( $plugin ) { + if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) { + define( 'WP_SANDBOX_SCRAPING', true ); + } + + wp_register_plugin_realpath( WP_PLUGIN_DIR . '/' . $plugin ); + include_once WP_PLUGIN_DIR . '/' . $plugin; +} + +/** + * Declares a helper function for adding content to the Privacy Policy Guide. + * + * Plugins and themes should suggest text for inclusion in the site's privacy policy. + * The suggested text should contain information about any functionality that affects user privacy, + * and will be shown on the Privacy Policy Guide screen. + * + * A plugin or theme can use this function multiple times as long as it will help to better present + * the suggested policy content. For example modular plugins such as WooCommerse or Jetpack + * can add or remove suggested content depending on the modules/extensions that are enabled. + * For more information see the Plugin Handbook: + * https://developer.wordpress.org/plugins/privacy/suggesting-text-for-the-site-privacy-policy/. + * + * The HTML contents of the `$policy_text` supports use of a specialized `.privacy-policy-tutorial` + * CSS class which can be used to provide supplemental information. Any content contained within + * HTML elements that have the `.privacy-policy-tutorial` CSS class applied will be omitted + * from the clipboard when the section content is copied. + * + * Intended for use with the `'admin_init'` action. + * + * @since 4.9.6 + * + * @param string $plugin_name The name of the plugin or theme that is suggesting content + * for the site's privacy policy. + * @param string $policy_text The suggested content for inclusion in the policy. + */ +function wp_add_privacy_policy_content( $plugin_name, $policy_text ) { + if ( ! is_admin() ) { + _doing_it_wrong( + __FUNCTION__, + sprintf( + /* translators: %s: admin_init */ + __( 'The suggested privacy policy content should be added only in wp-admin by using the %s (or later) action.' ), + '<code>admin_init</code>' + ), + '4.9.7' + ); + return; + } elseif ( ! doing_action( 'admin_init' ) && ! did_action( 'admin_init' ) ) { + _doing_it_wrong( + __FUNCTION__, + sprintf( + /* translators: %s: admin_init */ + __( 'The suggested privacy policy content should be added by using the %s (or later) action. Please see the inline documentation.' ), + '<code>admin_init</code>' + ), + '4.9.7' + ); + return; + } + + if ( ! class_exists( 'WP_Privacy_Policy_Content' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-policy-content.php'; + } + + WP_Privacy_Policy_Content::add( $plugin_name, $policy_text ); +} + +/** + * Determines whether a plugin is technically active but was paused while + * loading. + * + * For more information on this and similar theme functions, check out + * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ + * Conditional Tags} article in the Theme Developer Handbook. + * + * @since 5.2.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return bool True, if in the list of paused plugins. False, if not in the list. + */ +function is_plugin_paused( $plugin ) { + if ( ! isset( $GLOBALS['_paused_plugins'] ) ) { + return false; + } + + if ( ! is_plugin_active( $plugin ) ) { + return false; + } + + list( $plugin ) = explode( '/', $plugin ); + + return array_key_exists( $plugin, $GLOBALS['_paused_plugins'] ); +} + +/** + * Gets the error that was recorded for a paused plugin. + * + * @since 5.2.0 + * + * @param string $plugin Path to the plugin file relative to the plugins directory. + * @return array|false Array of error information as returned by `error_get_last()`, + * or false if none was recorded. + */ +function wp_get_plugin_error( $plugin ) { + if ( ! isset( $GLOBALS['_paused_plugins'] ) ) { + return false; + } + + list( $plugin ) = explode( '/', $plugin ); + + if ( ! array_key_exists( $plugin, $GLOBALS['_paused_plugins'] ) ) { + return false; + } + + return $GLOBALS['_paused_plugins'][ $plugin ]; +} + +/** + * Tries to resume a single plugin. + * + * If a redirect was provided, we first ensure the plugin does not throw fatal + * errors anymore. + * + * The way it works is by setting the redirection to the error before trying to + * include the plugin file. If the plugin fails, then the redirection will not + * be overwritten with the success message and the plugin will not be resumed. + * + * @since 5.2.0 + * + * @param string $plugin Single plugin to resume. + * @param string $redirect Optional. URL to redirect to. Default empty string. + * @return true|WP_Error True on success, false if `$plugin` was not paused, + * `WP_Error` on failure. + */ +function resume_plugin( $plugin, $redirect = '' ) { + /* + * We'll override this later if the plugin could be resumed without + * creating a fatal error. + */ + if ( ! empty( $redirect ) ) { + wp_redirect( + add_query_arg( + '_error_nonce', + wp_create_nonce( 'plugin-resume-error_' . $plugin ), + $redirect + ) + ); + + // Load the plugin to test whether it throws a fatal error. + ob_start(); + plugin_sandbox_scrape( $plugin ); + ob_clean(); + } + + list( $extension ) = explode( '/', $plugin ); + + $result = wp_paused_plugins()->delete( $extension ); + + if ( ! $result ) { + return new WP_Error( + 'could_not_resume_plugin', + __( 'Could not resume the plugin.' ) + ); + } + + return true; +} + +/** + * Renders an admin notice in case some plugins have been paused due to errors. + * + * @since 5.2.0 + * + * @global string $pagenow The filename of the current screen. + */ +function paused_plugins_notice() { + if ( 'plugins.php' === $GLOBALS['pagenow'] ) { + return; + } + + if ( ! current_user_can( 'resume_plugins' ) ) { + return; + } + + if ( ! isset( $GLOBALS['_paused_plugins'] ) || empty( $GLOBALS['_paused_plugins'] ) ) { + return; + } + + $message = sprintf( + '<strong>%s</strong><br>%s</p><p><a href="%s">%s</a>', + __( 'One or more plugins failed to load properly.' ), + __( 'You can find more details and make changes on the Plugins screen.' ), + esc_url( admin_url( 'plugins.php?plugin_status=paused' ) ), + __( 'Go to the Plugins screen' ) + ); + wp_admin_notice( + $message, + array( 'type' => 'error' ) + ); +} + +/** + * Renders an admin notice when a plugin was deactivated during an update. + * + * Displays an admin notice in case a plugin has been deactivated during an + * upgrade due to incompatibility with the current version of WordPress. + * + * @since 5.8.0 + * @access private + * + * @global string $pagenow The filename of the current screen. + * @global string $wp_version The WordPress version string. + */ +function deactivated_plugins_notice() { + if ( 'plugins.php' === $GLOBALS['pagenow'] ) { + return; + } + + if ( ! current_user_can( 'activate_plugins' ) ) { + return; + } + + $blog_deactivated_plugins = get_option( 'wp_force_deactivated_plugins' ); + $site_deactivated_plugins = array(); + + if ( false === $blog_deactivated_plugins ) { + // Option not in database, add an empty array to avoid extra DB queries on subsequent loads. + update_option( 'wp_force_deactivated_plugins', array() ); + } + + if ( is_multisite() ) { + $site_deactivated_plugins = get_site_option( 'wp_force_deactivated_plugins' ); + if ( false === $site_deactivated_plugins ) { + // Option not in database, add an empty array to avoid extra DB queries on subsequent loads. + update_site_option( 'wp_force_deactivated_plugins', array() ); + } + } + + if ( empty( $blog_deactivated_plugins ) && empty( $site_deactivated_plugins ) ) { + // No deactivated plugins. + return; + } + + $deactivated_plugins = array_merge( $blog_deactivated_plugins, $site_deactivated_plugins ); + + foreach ( $deactivated_plugins as $plugin ) { + if ( ! empty( $plugin['version_compatible'] ) && ! empty( $plugin['version_deactivated'] ) ) { + $explanation = sprintf( + /* translators: 1: Name of deactivated plugin, 2: Plugin version deactivated, 3: Current WP version, 4: Compatible plugin version. */ + __( '%1$s %2$s was deactivated due to incompatibility with WordPress %3$s, please upgrade to %1$s %4$s or later.' ), + $plugin['plugin_name'], + $plugin['version_deactivated'], + $GLOBALS['wp_version'], + $plugin['version_compatible'] + ); + } else { + $explanation = sprintf( + /* translators: 1: Name of deactivated plugin, 2: Plugin version deactivated, 3: Current WP version. */ + __( '%1$s %2$s was deactivated due to incompatibility with WordPress %3$s.' ), + $plugin['plugin_name'], + ! empty( $plugin['version_deactivated'] ) ? $plugin['version_deactivated'] : '', + $GLOBALS['wp_version'], + $plugin['version_compatible'] + ); + } + + $message = sprintf( + '<strong>%s</strong><br>%s</p><p><a href="%s">%s</a>', + sprintf( + /* translators: %s: Name of deactivated plugin. */ + __( '%s plugin deactivated during WordPress upgrade.' ), + $plugin['plugin_name'] + ), + $explanation, + esc_url( admin_url( 'plugins.php?plugin_status=inactive' ) ), + __( 'Go to the Plugins screen' ) + ); + wp_admin_notice( $message, array( 'type' => 'warning' ) ); + } + + // Empty the options. + update_option( 'wp_force_deactivated_plugins', array() ); + if ( is_multisite() ) { + update_site_option( 'wp_force_deactivated_plugins', array() ); + } +} diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php new file mode 100644 index 0000000..b9986d1 --- /dev/null +++ b/wp-admin/includes/post.php @@ -0,0 +1,2637 @@ +<?php +/** + * WordPress Post Administration API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Renames `$_POST` data from form names to DB post columns. + * + * Manipulates `$_POST` directly. + * + * @since 2.6.0 + * + * @param bool $update Whether the post already exists. + * @param array|null $post_data Optional. The array of post data to process. + * Defaults to the `$_POST` superglobal. + * @return array|WP_Error Array of post data on success, WP_Error on failure. + */ +function _wp_translate_postdata( $update = false, $post_data = null ) { + + if ( empty( $post_data ) ) { + $post_data = &$_POST; + } + + if ( $update ) { + $post_data['ID'] = (int) $post_data['post_ID']; + } + + $ptype = get_post_type_object( $post_data['post_type'] ); + + if ( $update && ! current_user_can( 'edit_post', $post_data['ID'] ) ) { + if ( 'page' === $post_data['post_type'] ) { + return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) ); + } else { + return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) ); + } + } elseif ( ! $update && ! current_user_can( $ptype->cap->create_posts ) ) { + if ( 'page' === $post_data['post_type'] ) { + return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) ); + } else { + return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) ); + } + } + + if ( isset( $post_data['content'] ) ) { + $post_data['post_content'] = $post_data['content']; + } + + if ( isset( $post_data['excerpt'] ) ) { + $post_data['post_excerpt'] = $post_data['excerpt']; + } + + if ( isset( $post_data['parent_id'] ) ) { + $post_data['post_parent'] = (int) $post_data['parent_id']; + } + + if ( isset( $post_data['trackback_url'] ) ) { + $post_data['to_ping'] = $post_data['trackback_url']; + } + + $post_data['user_ID'] = get_current_user_id(); + + if ( ! empty( $post_data['post_author_override'] ) ) { + $post_data['post_author'] = (int) $post_data['post_author_override']; + } else { + if ( ! empty( $post_data['post_author'] ) ) { + $post_data['post_author'] = (int) $post_data['post_author']; + } else { + $post_data['post_author'] = (int) $post_data['user_ID']; + } + } + + if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] ) + && ! current_user_can( $ptype->cap->edit_others_posts ) ) { + + if ( $update ) { + if ( 'page' === $post_data['post_type'] ) { + return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) ); + } else { + return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) ); + } + } else { + if ( 'page' === $post_data['post_type'] ) { + return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) ); + } else { + return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) ); + } + } + } + + if ( ! empty( $post_data['post_status'] ) ) { + $post_data['post_status'] = sanitize_key( $post_data['post_status'] ); + + // No longer an auto-draft. + if ( 'auto-draft' === $post_data['post_status'] ) { + $post_data['post_status'] = 'draft'; + } + + if ( ! get_post_status_object( $post_data['post_status'] ) ) { + unset( $post_data['post_status'] ); + } + } + + // What to do based on which button they pressed. + if ( isset( $post_data['saveasdraft'] ) && '' !== $post_data['saveasdraft'] ) { + $post_data['post_status'] = 'draft'; + } + if ( isset( $post_data['saveasprivate'] ) && '' !== $post_data['saveasprivate'] ) { + $post_data['post_status'] = 'private'; + } + if ( isset( $post_data['publish'] ) && ( '' !== $post_data['publish'] ) + && ( ! isset( $post_data['post_status'] ) || 'private' !== $post_data['post_status'] ) + ) { + $post_data['post_status'] = 'publish'; + } + if ( isset( $post_data['advanced'] ) && '' !== $post_data['advanced'] ) { + $post_data['post_status'] = 'draft'; + } + if ( isset( $post_data['pending'] ) && '' !== $post_data['pending'] ) { + $post_data['post_status'] = 'pending'; + } + + if ( isset( $post_data['ID'] ) ) { + $post_id = $post_data['ID']; + } else { + $post_id = false; + } + $previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false; + + if ( isset( $post_data['post_status'] ) && 'private' === $post_data['post_status'] && ! current_user_can( $ptype->cap->publish_posts ) ) { + $post_data['post_status'] = $previous_status ? $previous_status : 'pending'; + } + + $published_statuses = array( 'publish', 'future' ); + + /* + * Posts 'submitted for approval' are submitted to $_POST the same as if they were being published. + * Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts. + */ + if ( isset( $post_data['post_status'] ) + && ( in_array( $post_data['post_status'], $published_statuses, true ) + && ! current_user_can( $ptype->cap->publish_posts ) ) + ) { + if ( ! in_array( $previous_status, $published_statuses, true ) || ! current_user_can( 'edit_post', $post_id ) ) { + $post_data['post_status'] = 'pending'; + } + } + + if ( ! isset( $post_data['post_status'] ) ) { + $post_data['post_status'] = 'auto-draft' === $previous_status ? 'draft' : $previous_status; + } + + if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) { + unset( $post_data['post_password'] ); + } + + if ( ! isset( $post_data['comment_status'] ) ) { + $post_data['comment_status'] = 'closed'; + } + + if ( ! isset( $post_data['ping_status'] ) ) { + $post_data['ping_status'] = 'closed'; + } + + foreach ( array( 'aa', 'mm', 'jj', 'hh', 'mn' ) as $timeunit ) { + if ( ! empty( $post_data[ 'hidden_' . $timeunit ] ) && $post_data[ 'hidden_' . $timeunit ] != $post_data[ $timeunit ] ) { + $post_data['edit_date'] = '1'; + break; + } + } + + if ( ! empty( $post_data['edit_date'] ) ) { + $aa = $post_data['aa']; + $mm = $post_data['mm']; + $jj = $post_data['jj']; + $hh = $post_data['hh']; + $mn = $post_data['mn']; + $ss = $post_data['ss']; + $aa = ( $aa <= 0 ) ? gmdate( 'Y' ) : $aa; + $mm = ( $mm <= 0 ) ? gmdate( 'n' ) : $mm; + $jj = ( $jj > 31 ) ? 31 : $jj; + $jj = ( $jj <= 0 ) ? gmdate( 'j' ) : $jj; + $hh = ( $hh > 23 ) ? $hh - 24 : $hh; + $mn = ( $mn > 59 ) ? $mn - 60 : $mn; + $ss = ( $ss > 59 ) ? $ss - 60 : $ss; + + $post_data['post_date'] = sprintf( '%04d-%02d-%02d %02d:%02d:%02d', $aa, $mm, $jj, $hh, $mn, $ss ); + + $valid_date = wp_checkdate( $mm, $jj, $aa, $post_data['post_date'] ); + if ( ! $valid_date ) { + return new WP_Error( 'invalid_date', __( 'Invalid date.' ) ); + } + + /* + * Only assign a post date if the user has explicitly set a new value. + * See #59125 and #19907. + */ + $previous_date = $post_id ? get_post_field( 'post_date', $post_id ) : false; + if ( $previous_date && $previous_date !== $post_data['post_date'] ) { + $post_data['edit_date'] = true; + $post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] ); + } else { + $post_data['edit_date'] = false; + unset( $post_data['post_date'] ); + unset( $post_data['post_date_gmt'] ); + } + } + + if ( isset( $post_data['post_category'] ) ) { + $category_object = get_taxonomy( 'category' ); + if ( ! current_user_can( $category_object->cap->assign_terms ) ) { + unset( $post_data['post_category'] ); + } + } + + return $post_data; +} + +/** + * Returns only allowed post data fields. + * + * @since 5.0.1 + * + * @param array|WP_Error|null $post_data The array of post data to process, or an error object. + * Defaults to the `$_POST` superglobal. + * @return array|WP_Error Array of post data on success, WP_Error on failure. + */ +function _wp_get_allowed_postdata( $post_data = null ) { + if ( empty( $post_data ) ) { + $post_data = $_POST; + } + + // Pass through errors. + if ( is_wp_error( $post_data ) ) { + return $post_data; + } + + return array_diff_key( $post_data, array_flip( array( 'meta_input', 'file', 'guid' ) ) ); +} + +/** + * Updates an existing post with values provided in `$_POST`. + * + * If post data is passed as an argument, it is treated as an array of data + * keyed appropriately for turning into a post object. + * + * If post data is not passed, the `$_POST` global variable is used instead. + * + * @since 1.5.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param array|null $post_data Optional. The array of post data to process. + * Defaults to the `$_POST` superglobal. + * @return int Post ID. + */ +function edit_post( $post_data = null ) { + global $wpdb; + + if ( empty( $post_data ) ) { + $post_data = &$_POST; + } + + // Clear out any data in internal vars. + unset( $post_data['filter'] ); + + $post_id = (int) $post_data['post_ID']; + $post = get_post( $post_id ); + + $post_data['post_type'] = $post->post_type; + $post_data['post_mime_type'] = $post->post_mime_type; + + if ( ! empty( $post_data['post_status'] ) ) { + $post_data['post_status'] = sanitize_key( $post_data['post_status'] ); + + if ( 'inherit' === $post_data['post_status'] ) { + unset( $post_data['post_status'] ); + } + } + + $ptype = get_post_type_object( $post_data['post_type'] ); + if ( ! current_user_can( 'edit_post', $post_id ) ) { + if ( 'page' === $post_data['post_type'] ) { + wp_die( __( 'Sorry, you are not allowed to edit this page.' ) ); + } else { + wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); + } + } + + if ( post_type_supports( $ptype->name, 'revisions' ) ) { + $revisions = wp_get_post_revisions( + $post_id, + array( + 'order' => 'ASC', + 'posts_per_page' => 1, + ) + ); + $revision = current( $revisions ); + + // Check if the revisions have been upgraded. + if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 ) { + _wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_id ) ); + } + } + + if ( isset( $post_data['visibility'] ) ) { + switch ( $post_data['visibility'] ) { + case 'public': + $post_data['post_password'] = ''; + break; + case 'password': + unset( $post_data['sticky'] ); + break; + case 'private': + $post_data['post_status'] = 'private'; + $post_data['post_password'] = ''; + unset( $post_data['sticky'] ); + break; + } + } + + $post_data = _wp_translate_postdata( true, $post_data ); + if ( is_wp_error( $post_data ) ) { + wp_die( $post_data->get_error_message() ); + } + $translated = _wp_get_allowed_postdata( $post_data ); + + // Post formats. + if ( isset( $post_data['post_format'] ) ) { + set_post_format( $post_id, $post_data['post_format'] ); + } + + $format_meta_urls = array( 'url', 'link_url', 'quote_source_url' ); + foreach ( $format_meta_urls as $format_meta_url ) { + $keyed = '_format_' . $format_meta_url; + if ( isset( $post_data[ $keyed ] ) ) { + update_post_meta( $post_id, $keyed, wp_slash( sanitize_url( wp_unslash( $post_data[ $keyed ] ) ) ) ); + } + } + + $format_keys = array( 'quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed' ); + + foreach ( $format_keys as $key ) { + $keyed = '_format_' . $key; + if ( isset( $post_data[ $keyed ] ) ) { + if ( current_user_can( 'unfiltered_html' ) ) { + update_post_meta( $post_id, $keyed, $post_data[ $keyed ] ); + } else { + update_post_meta( $post_id, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) ); + } + } + } + + if ( 'attachment' === $post_data['post_type'] && preg_match( '#^(audio|video)/#', $post_data['post_mime_type'] ) ) { + $id3data = wp_get_attachment_metadata( $post_id ); + if ( ! is_array( $id3data ) ) { + $id3data = array(); + } + + foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) { + if ( isset( $post_data[ 'id3_' . $key ] ) ) { + $id3data[ $key ] = sanitize_text_field( wp_unslash( $post_data[ 'id3_' . $key ] ) ); + } + } + wp_update_attachment_metadata( $post_id, $id3data ); + } + + // Meta stuff. + if ( isset( $post_data['meta'] ) && $post_data['meta'] ) { + foreach ( $post_data['meta'] as $key => $value ) { + $meta = get_post_meta_by_id( $key ); + if ( ! $meta ) { + continue; + } + + if ( $meta->post_id != $post_id ) { + continue; + } + + if ( is_protected_meta( $meta->meta_key, 'post' ) + || ! current_user_can( 'edit_post_meta', $post_id, $meta->meta_key ) + ) { + continue; + } + + if ( is_protected_meta( $value['key'], 'post' ) + || ! current_user_can( 'edit_post_meta', $post_id, $value['key'] ) + ) { + continue; + } + + update_meta( $key, $value['key'], $value['value'] ); + } + } + + if ( isset( $post_data['deletemeta'] ) && $post_data['deletemeta'] ) { + foreach ( $post_data['deletemeta'] as $key => $value ) { + $meta = get_post_meta_by_id( $key ); + if ( ! $meta ) { + continue; + } + + if ( $meta->post_id != $post_id ) { + continue; + } + + if ( is_protected_meta( $meta->meta_key, 'post' ) + || ! current_user_can( 'delete_post_meta', $post_id, $meta->meta_key ) + ) { + continue; + } + + delete_meta( $key ); + } + } + + // Attachment stuff. + if ( 'attachment' === $post_data['post_type'] ) { + if ( isset( $post_data['_wp_attachment_image_alt'] ) ) { + $image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] ); + + if ( get_post_meta( $post_id, '_wp_attachment_image_alt', true ) !== $image_alt ) { + $image_alt = wp_strip_all_tags( $image_alt, true ); + + // update_post_meta() expects slashed. + update_post_meta( $post_id, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); + } + } + + $attachment_data = isset( $post_data['attachments'][ $post_id ] ) ? $post_data['attachments'][ $post_id ] : array(); + + /** This filter is documented in wp-admin/includes/media.php */ + $translated = apply_filters( 'attachment_fields_to_save', $translated, $attachment_data ); + } + + // Convert taxonomy input to term IDs, to avoid ambiguity. + if ( isset( $post_data['tax_input'] ) ) { + foreach ( (array) $post_data['tax_input'] as $taxonomy => $terms ) { + $tax_object = get_taxonomy( $taxonomy ); + + if ( $tax_object && isset( $tax_object->meta_box_sanitize_cb ) ) { + $translated['tax_input'][ $taxonomy ] = call_user_func_array( $tax_object->meta_box_sanitize_cb, array( $taxonomy, $terms ) ); + } + } + } + + add_meta( $post_id ); + + update_post_meta( $post_id, '_edit_last', get_current_user_id() ); + + $success = wp_update_post( $translated ); + + // If the save failed, see if we can sanity check the main fields and try again. + if ( ! $success && is_callable( array( $wpdb, 'strip_invalid_text_for_column' ) ) ) { + $fields = array( 'post_title', 'post_content', 'post_excerpt' ); + + foreach ( $fields as $field ) { + if ( isset( $translated[ $field ] ) ) { + $translated[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->posts, $field, $translated[ $field ] ); + } + } + + wp_update_post( $translated ); + } + + // Now that we have an ID we can fix any attachment anchor hrefs. + _fix_attachment_links( $post_id ); + + wp_set_post_lock( $post_id ); + + if ( current_user_can( $ptype->cap->edit_others_posts ) && current_user_can( $ptype->cap->publish_posts ) ) { + if ( ! empty( $post_data['sticky'] ) ) { + stick_post( $post_id ); + } else { + unstick_post( $post_id ); + } + } + + return $post_id; +} + +/** + * Processes the post data for the bulk editing of posts. + * + * Updates all bulk edited posts/pages, adding (but not removing) tags and + * categories. Skips pages when they would be their own parent or child. + * + * @since 2.7.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param array|null $post_data Optional. The array of post data to process. + * Defaults to the `$_POST` superglobal. + * @return array + */ +function bulk_edit_posts( $post_data = null ) { + global $wpdb; + + if ( empty( $post_data ) ) { + $post_data = &$_POST; + } + + if ( isset( $post_data['post_type'] ) ) { + $ptype = get_post_type_object( $post_data['post_type'] ); + } else { + $ptype = get_post_type_object( 'post' ); + } + + if ( ! current_user_can( $ptype->cap->edit_posts ) ) { + if ( 'page' === $ptype->name ) { + wp_die( __( 'Sorry, you are not allowed to edit pages.' ) ); + } else { + wp_die( __( 'Sorry, you are not allowed to edit posts.' ) ); + } + } + + if ( -1 == $post_data['_status'] ) { + $post_data['post_status'] = null; + unset( $post_data['post_status'] ); + } else { + $post_data['post_status'] = $post_data['_status']; + } + unset( $post_data['_status'] ); + + if ( ! empty( $post_data['post_status'] ) ) { + $post_data['post_status'] = sanitize_key( $post_data['post_status'] ); + + if ( 'inherit' === $post_data['post_status'] ) { + unset( $post_data['post_status'] ); + } + } + + $post_ids = array_map( 'intval', (array) $post_data['post'] ); + + $reset = array( + 'post_author', + 'post_status', + 'post_password', + 'post_parent', + 'page_template', + 'comment_status', + 'ping_status', + 'keep_private', + 'tax_input', + 'post_category', + 'sticky', + 'post_format', + ); + + foreach ( $reset as $field ) { + if ( isset( $post_data[ $field ] ) && ( '' === $post_data[ $field ] || -1 == $post_data[ $field ] ) ) { + unset( $post_data[ $field ] ); + } + } + + if ( isset( $post_data['post_category'] ) ) { + if ( is_array( $post_data['post_category'] ) && ! empty( $post_data['post_category'] ) ) { + $new_cats = array_map( 'absint', $post_data['post_category'] ); + } else { + unset( $post_data['post_category'] ); + } + } + + $tax_input = array(); + if ( isset( $post_data['tax_input'] ) ) { + foreach ( $post_data['tax_input'] as $tax_name => $terms ) { + if ( empty( $terms ) ) { + continue; + } + + if ( is_taxonomy_hierarchical( $tax_name ) ) { + $tax_input[ $tax_name ] = array_map( 'absint', $terms ); + } else { + $comma = _x( ',', 'tag delimiter' ); + if ( ',' !== $comma ) { + $terms = str_replace( $comma, ',', $terms ); + } + $tax_input[ $tax_name ] = explode( ',', trim( $terms, " \n\t\r\0\x0B," ) ); + } + } + } + + if ( isset( $post_data['post_parent'] ) && (int) $post_data['post_parent'] ) { + $parent = (int) $post_data['post_parent']; + $pages = $wpdb->get_results( "SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'page'" ); + $children = array(); + + for ( $i = 0; $i < 50 && $parent > 0; $i++ ) { + $children[] = $parent; + + foreach ( $pages as $page ) { + if ( (int) $page->ID === $parent ) { + $parent = (int) $page->post_parent; + break; + } + } + } + } + + $updated = array(); + $skipped = array(); + $locked = array(); + $shared_post_data = $post_data; + + foreach ( $post_ids as $post_id ) { + // Start with fresh post data with each iteration. + $post_data = $shared_post_data; + + $post_type_object = get_post_type_object( get_post_type( $post_id ) ); + + if ( ! isset( $post_type_object ) + || ( isset( $children ) && in_array( $post_id, $children, true ) ) + || ! current_user_can( 'edit_post', $post_id ) + ) { + $skipped[] = $post_id; + continue; + } + + if ( wp_check_post_lock( $post_id ) ) { + $locked[] = $post_id; + continue; + } + + $post = get_post( $post_id ); + $tax_names = get_object_taxonomies( $post ); + + foreach ( $tax_names as $tax_name ) { + $taxonomy_obj = get_taxonomy( $tax_name ); + + if ( ! $taxonomy_obj->show_in_quick_edit ) { + continue; + } + + if ( isset( $tax_input[ $tax_name ] ) && current_user_can( $taxonomy_obj->cap->assign_terms ) ) { + $new_terms = $tax_input[ $tax_name ]; + } else { + $new_terms = array(); + } + + if ( $taxonomy_obj->hierarchical ) { + $current_terms = (array) wp_get_object_terms( $post_id, $tax_name, array( 'fields' => 'ids' ) ); + } else { + $current_terms = (array) wp_get_object_terms( $post_id, $tax_name, array( 'fields' => 'names' ) ); + } + + $post_data['tax_input'][ $tax_name ] = array_merge( $current_terms, $new_terms ); + } + + if ( isset( $new_cats ) && in_array( 'category', $tax_names, true ) ) { + $cats = (array) wp_get_post_categories( $post_id ); + $post_data['post_category'] = array_unique( array_merge( $cats, $new_cats ) ); + unset( $post_data['tax_input']['category'] ); + } + + $post_data['post_ID'] = $post_id; + $post_data['post_type'] = $post->post_type; + $post_data['post_mime_type'] = $post->post_mime_type; + + foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) { + if ( ! isset( $post_data[ $field ] ) ) { + $post_data[ $field ] = $post->$field; + } + } + + $post_data = _wp_translate_postdata( true, $post_data ); + if ( is_wp_error( $post_data ) ) { + $skipped[] = $post_id; + continue; + } + $post_data = _wp_get_allowed_postdata( $post_data ); + + if ( isset( $shared_post_data['post_format'] ) ) { + set_post_format( $post_id, $shared_post_data['post_format'] ); + } + + // Prevent wp_insert_post() from overwriting post format with the old data. + unset( $post_data['tax_input']['post_format'] ); + + // Reset post date of scheduled post to be published. + if ( + in_array( $post->post_status, array( 'future', 'draft' ), true ) && + 'publish' === $post_data['post_status'] + ) { + $post_data['post_date'] = current_time( 'mysql' ); + $post_data['post_date_gmt'] = ''; + } + + $post_id = wp_update_post( $post_data ); + update_post_meta( $post_id, '_edit_last', get_current_user_id() ); + $updated[] = $post_id; + + if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) { + if ( 'sticky' === $post_data['sticky'] ) { + stick_post( $post_id ); + } else { + unstick_post( $post_id ); + } + } + } + + /** + * Fires after processing the post data for bulk edit. + * + * @since 6.3.0 + * + * @param int[] $updated An array of updated post IDs. + * @param array $shared_post_data Associative array containing the post data. + */ + do_action( 'bulk_edit_posts', $updated, $shared_post_data ); + + return array( + 'updated' => $updated, + 'skipped' => $skipped, + 'locked' => $locked, + ); +} + +/** + * Returns default post information to use when populating the "Write Post" form. + * + * @since 2.0.0 + * + * @param string $post_type Optional. A post type string. Default 'post'. + * @param bool $create_in_db Optional. Whether to insert the post into database. Default false. + * @return WP_Post Post object containing all the default post data as attributes + */ +function get_default_post_to_edit( $post_type = 'post', $create_in_db = false ) { + $post_title = ''; + if ( ! empty( $_REQUEST['post_title'] ) ) { + $post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ) ); + } + + $post_content = ''; + if ( ! empty( $_REQUEST['content'] ) ) { + $post_content = esc_html( wp_unslash( $_REQUEST['content'] ) ); + } + + $post_excerpt = ''; + if ( ! empty( $_REQUEST['excerpt'] ) ) { + $post_excerpt = esc_html( wp_unslash( $_REQUEST['excerpt'] ) ); + } + + if ( $create_in_db ) { + $post_id = wp_insert_post( + array( + 'post_title' => __( 'Auto Draft' ), + 'post_type' => $post_type, + 'post_status' => 'auto-draft', + ), + false, + false + ); + $post = get_post( $post_id ); + if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) && get_option( 'default_post_format' ) ) { + set_post_format( $post, get_option( 'default_post_format' ) ); + } + wp_after_insert_post( $post, false, null ); + + // Schedule auto-draft cleanup. + if ( ! wp_next_scheduled( 'wp_scheduled_auto_draft_delete' ) ) { + wp_schedule_event( time(), 'daily', 'wp_scheduled_auto_draft_delete' ); + } + } else { + $post = new stdClass(); + $post->ID = 0; + $post->post_author = ''; + $post->post_date = ''; + $post->post_date_gmt = ''; + $post->post_password = ''; + $post->post_name = ''; + $post->post_type = $post_type; + $post->post_status = 'draft'; + $post->to_ping = ''; + $post->pinged = ''; + $post->comment_status = get_default_comment_status( $post_type ); + $post->ping_status = get_default_comment_status( $post_type, 'pingback' ); + $post->post_pingback = get_option( 'default_pingback_flag' ); + $post->post_category = get_option( 'default_category' ); + $post->page_template = 'default'; + $post->post_parent = 0; + $post->menu_order = 0; + $post = new WP_Post( $post ); + } + + /** + * Filters the default post content initially used in the "Write Post" form. + * + * @since 1.5.0 + * + * @param string $post_content Default post content. + * @param WP_Post $post Post object. + */ + $post->post_content = (string) apply_filters( 'default_content', $post_content, $post ); + + /** + * Filters the default post title initially used in the "Write Post" form. + * + * @since 1.5.0 + * + * @param string $post_title Default post title. + * @param WP_Post $post Post object. + */ + $post->post_title = (string) apply_filters( 'default_title', $post_title, $post ); + + /** + * Filters the default post excerpt initially used in the "Write Post" form. + * + * @since 1.5.0 + * + * @param string $post_excerpt Default post excerpt. + * @param WP_Post $post Post object. + */ + $post->post_excerpt = (string) apply_filters( 'default_excerpt', $post_excerpt, $post ); + + return $post; +} + +/** + * Determines if a post exists based on title, content, date and type. + * + * @since 2.0.0 + * @since 5.2.0 Added the `$type` parameter. + * @since 5.8.0 Added the `$status` parameter. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $title Post title. + * @param string $content Optional. Post content. + * @param string $date Optional. Post date. + * @param string $type Optional. Post type. + * @param string $status Optional. Post status. + * @return int Post ID if post exists, 0 otherwise. + */ +function post_exists( $title, $content = '', $date = '', $type = '', $status = '' ) { + global $wpdb; + + $post_title = wp_unslash( sanitize_post_field( 'post_title', $title, 0, 'db' ) ); + $post_content = wp_unslash( sanitize_post_field( 'post_content', $content, 0, 'db' ) ); + $post_date = wp_unslash( sanitize_post_field( 'post_date', $date, 0, 'db' ) ); + $post_type = wp_unslash( sanitize_post_field( 'post_type', $type, 0, 'db' ) ); + $post_status = wp_unslash( sanitize_post_field( 'post_status', $status, 0, 'db' ) ); + + $query = "SELECT ID FROM $wpdb->posts WHERE 1=1"; + $args = array(); + + if ( ! empty( $date ) ) { + $query .= ' AND post_date = %s'; + $args[] = $post_date; + } + + if ( ! empty( $title ) ) { + $query .= ' AND post_title = %s'; + $args[] = $post_title; + } + + if ( ! empty( $content ) ) { + $query .= ' AND post_content = %s'; + $args[] = $post_content; + } + + if ( ! empty( $type ) ) { + $query .= ' AND post_type = %s'; + $args[] = $post_type; + } + + if ( ! empty( $status ) ) { + $query .= ' AND post_status = %s'; + $args[] = $post_status; + } + + if ( ! empty( $args ) ) { + return (int) $wpdb->get_var( $wpdb->prepare( $query, $args ) ); + } + + return 0; +} + +/** + * Creates a new post from the "Write Post" form using `$_POST` information. + * + * @since 2.1.0 + * + * @global WP_User $current_user + * + * @return int|WP_Error Post ID on success, WP_Error on failure. + */ +function wp_write_post() { + if ( isset( $_POST['post_type'] ) ) { + $ptype = get_post_type_object( $_POST['post_type'] ); + } else { + $ptype = get_post_type_object( 'post' ); + } + + if ( ! current_user_can( $ptype->cap->edit_posts ) ) { + if ( 'page' === $ptype->name ) { + return new WP_Error( 'edit_pages', __( 'Sorry, you are not allowed to create pages on this site.' ) ); + } else { + return new WP_Error( 'edit_posts', __( 'Sorry, you are not allowed to create posts or drafts on this site.' ) ); + } + } + + $_POST['post_mime_type'] = ''; + + // Clear out any data in internal vars. + unset( $_POST['filter'] ); + + // Edit, don't write, if we have a post ID. + if ( isset( $_POST['post_ID'] ) ) { + return edit_post(); + } + + if ( isset( $_POST['visibility'] ) ) { + switch ( $_POST['visibility'] ) { + case 'public': + $_POST['post_password'] = ''; + break; + case 'password': + unset( $_POST['sticky'] ); + break; + case 'private': + $_POST['post_status'] = 'private'; + $_POST['post_password'] = ''; + unset( $_POST['sticky'] ); + break; + } + } + + $translated = _wp_translate_postdata( false ); + if ( is_wp_error( $translated ) ) { + return $translated; + } + $translated = _wp_get_allowed_postdata( $translated ); + + // Create the post. + $post_id = wp_insert_post( $translated ); + if ( is_wp_error( $post_id ) ) { + return $post_id; + } + + if ( empty( $post_id ) ) { + return 0; + } + + add_meta( $post_id ); + + add_post_meta( $post_id, '_edit_last', $GLOBALS['current_user']->ID ); + + // Now that we have an ID we can fix any attachment anchor hrefs. + _fix_attachment_links( $post_id ); + + wp_set_post_lock( $post_id ); + + return $post_id; +} + +/** + * Calls wp_write_post() and handles the errors. + * + * @since 2.0.0 + * + * @return int|void Post ID on success, void on failure. + */ +function write_post() { + $result = wp_write_post(); + if ( is_wp_error( $result ) ) { + wp_die( $result->get_error_message() ); + } else { + return $result; + } +} + +// +// Post Meta. +// + +/** + * Adds post meta data defined in the `$_POST` superglobal for a post with given ID. + * + * @since 1.2.0 + * + * @param int $post_id + * @return int|bool + */ +function add_meta( $post_id ) { + $post_id = (int) $post_id; + + $metakeyselect = isset( $_POST['metakeyselect'] ) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : ''; + $metakeyinput = isset( $_POST['metakeyinput'] ) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : ''; + $metavalue = isset( $_POST['metavalue'] ) ? $_POST['metavalue'] : ''; + if ( is_string( $metavalue ) ) { + $metavalue = trim( $metavalue ); + } + + if ( ( ( '#NONE#' !== $metakeyselect ) && ! empty( $metakeyselect ) ) || ! empty( $metakeyinput ) ) { + /* + * We have a key/value pair. If both the select and the input + * for the key have data, the input takes precedence. + */ + if ( '#NONE#' !== $metakeyselect ) { + $metakey = $metakeyselect; + } + + if ( $metakeyinput ) { + $metakey = $metakeyinput; // Default. + } + + if ( is_protected_meta( $metakey, 'post' ) || ! current_user_can( 'add_post_meta', $post_id, $metakey ) ) { + return false; + } + + $metakey = wp_slash( $metakey ); + + return add_post_meta( $post_id, $metakey, $metavalue ); + } + + return false; +} + +/** + * Deletes post meta data by meta ID. + * + * @since 1.2.0 + * + * @param int $mid + * @return bool + */ +function delete_meta( $mid ) { + return delete_metadata_by_mid( 'post', $mid ); +} + +/** + * Returns a list of previously defined keys. + * + * @since 1.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return string[] Array of meta key names. + */ +function get_meta_keys() { + global $wpdb; + + $keys = $wpdb->get_col( + "SELECT meta_key + FROM $wpdb->postmeta + GROUP BY meta_key + ORDER BY meta_key" + ); + + return $keys; +} + +/** + * Returns post meta data by meta ID. + * + * @since 2.1.0 + * + * @param int $mid + * @return object|bool + */ +function get_post_meta_by_id( $mid ) { + return get_metadata_by_mid( 'post', $mid ); +} + +/** + * Returns meta data for the given post ID. + * + * @since 1.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $postid A post ID. + * @return array[] { + * Array of meta data arrays for the given post ID. + * + * @type array ...$0 { + * Associative array of meta data. + * + * @type string $meta_key Meta key. + * @type mixed $meta_value Meta value. + * @type string $meta_id Meta ID as a numeric string. + * @type string $post_id Post ID as a numeric string. + * } + * } + */ +function has_meta( $postid ) { + global $wpdb; + + return $wpdb->get_results( + $wpdb->prepare( + "SELECT meta_key, meta_value, meta_id, post_id + FROM $wpdb->postmeta WHERE post_id = %d + ORDER BY meta_key,meta_id", + $postid + ), + ARRAY_A + ); +} + +/** + * Updates post meta data by meta ID. + * + * @since 1.2.0 + * + * @param int $meta_id Meta ID. + * @param string $meta_key Meta key. Expect slashed. + * @param string $meta_value Meta value. Expect slashed. + * @return bool + */ +function update_meta( $meta_id, $meta_key, $meta_value ) { + $meta_key = wp_unslash( $meta_key ); + $meta_value = wp_unslash( $meta_value ); + + return update_metadata_by_mid( 'post', $meta_id, $meta_value, $meta_key ); +} + +// +// Private. +// + +/** + * Replaces hrefs of attachment anchors with up-to-date permalinks. + * + * @since 2.3.0 + * @access private + * + * @param int|object $post Post ID or post object. + * @return void|int|WP_Error Void if nothing fixed. 0 or WP_Error on update failure. The post ID on update success. + */ +function _fix_attachment_links( $post ) { + $post = get_post( $post, ARRAY_A ); + $content = $post['post_content']; + + // Don't run if no pretty permalinks or post is not published, scheduled, or privately published. + if ( ! get_option( 'permalink_structure' ) || ! in_array( $post['post_status'], array( 'publish', 'future', 'private' ), true ) ) { + return; + } + + // Short if there aren't any links or no '?attachment_id=' strings (strpos cannot be zero). + if ( ! strpos( $content, '?attachment_id=' ) || ! preg_match_all( '/<a ([^>]+)>[\s\S]+?<\/a>/', $content, $link_matches ) ) { + return; + } + + $site_url = get_bloginfo( 'url' ); + $site_url = substr( $site_url, (int) strpos( $site_url, '://' ) ); // Remove the http(s). + $replace = ''; + + foreach ( $link_matches[1] as $key => $value ) { + if ( ! strpos( $value, '?attachment_id=' ) || ! strpos( $value, 'wp-att-' ) + || ! preg_match( '/href=(["\'])[^"\']*\?attachment_id=(\d+)[^"\']*\\1/', $value, $url_match ) + || ! preg_match( '/rel=["\'][^"\']*wp-att-(\d+)/', $value, $rel_match ) ) { + continue; + } + + $quote = $url_match[1]; // The quote (single or double). + $url_id = (int) $url_match[2]; + $rel_id = (int) $rel_match[1]; + + if ( ! $url_id || ! $rel_id || $url_id != $rel_id || ! str_contains( $url_match[0], $site_url ) ) { + continue; + } + + $link = $link_matches[0][ $key ]; + $replace = str_replace( $url_match[0], 'href=' . $quote . get_attachment_link( $url_id ) . $quote, $link ); + + $content = str_replace( $link, $replace, $content ); + } + + if ( $replace ) { + $post['post_content'] = $content; + // Escape data pulled from DB. + $post = add_magic_quotes( $post ); + + return wp_update_post( $post ); + } +} + +/** + * Returns all the possible statuses for a post type. + * + * @since 2.5.0 + * + * @param string $type The post_type you want the statuses for. Default 'post'. + * @return string[] An array of all the statuses for the supplied post type. + */ +function get_available_post_statuses( $type = 'post' ) { + $stati = wp_count_posts( $type ); + + return array_keys( get_object_vars( $stati ) ); +} + +/** + * Runs the query to fetch the posts for listing on the edit posts page. + * + * @since 2.5.0 + * + * @param array|false $q Optional. Array of query variables to use to build the query. + * Defaults to the `$_GET` superglobal. + * @return array + */ +function wp_edit_posts_query( $q = false ) { + if ( false === $q ) { + $q = $_GET; + } + $q['m'] = isset( $q['m'] ) ? (int) $q['m'] : 0; + $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0; + $post_stati = get_post_stati(); + + if ( isset( $q['post_type'] ) && in_array( $q['post_type'], get_post_types(), true ) ) { + $post_type = $q['post_type']; + } else { + $post_type = 'post'; + } + + $avail_post_stati = get_available_post_statuses( $post_type ); + $post_status = ''; + $perm = ''; + + if ( isset( $q['post_status'] ) && in_array( $q['post_status'], $post_stati, true ) ) { + $post_status = $q['post_status']; + $perm = 'readable'; + } + + $orderby = ''; + + if ( isset( $q['orderby'] ) ) { + $orderby = $q['orderby']; + } elseif ( isset( $q['post_status'] ) && in_array( $q['post_status'], array( 'pending', 'draft' ), true ) ) { + $orderby = 'modified'; + } + + $order = ''; + + if ( isset( $q['order'] ) ) { + $order = $q['order']; + } elseif ( isset( $q['post_status'] ) && 'pending' === $q['post_status'] ) { + $order = 'ASC'; + } + + $per_page = "edit_{$post_type}_per_page"; + $posts_per_page = (int) get_user_option( $per_page ); + if ( empty( $posts_per_page ) || $posts_per_page < 1 ) { + $posts_per_page = 20; + } + + /** + * Filters the number of items per page to show for a specific 'per_page' type. + * + * The dynamic portion of the hook name, `$post_type`, refers to the post type. + * + * Possible hook names include: + * + * - `edit_post_per_page` + * - `edit_page_per_page` + * - `edit_attachment_per_page` + * + * @since 3.0.0 + * + * @param int $posts_per_page Number of posts to display per page for the given post + * type. Default 20. + */ + $posts_per_page = apply_filters( "edit_{$post_type}_per_page", $posts_per_page ); + + /** + * Filters the number of posts displayed per page when specifically listing "posts". + * + * @since 2.8.0 + * + * @param int $posts_per_page Number of posts to be displayed. Default 20. + * @param string $post_type The post type. + */ + $posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type ); + + $query = compact( 'post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page' ); + + // Hierarchical types require special args. + if ( is_post_type_hierarchical( $post_type ) && empty( $orderby ) ) { + $query['orderby'] = 'menu_order title'; + $query['order'] = 'asc'; + $query['posts_per_page'] = -1; + $query['posts_per_archive_page'] = -1; + $query['fields'] = 'id=>parent'; + } + + if ( ! empty( $q['show_sticky'] ) ) { + $query['post__in'] = (array) get_option( 'sticky_posts' ); + } + + wp( $query ); + + return $avail_post_stati; +} + +/** + * Returns the query variables for the current attachments request. + * + * @since 4.2.0 + * + * @param array|false $q Optional. Array of query variables to use to build the query. + * Defaults to the `$_GET` superglobal. + * @return array The parsed query vars. + */ +function wp_edit_attachments_query_vars( $q = false ) { + if ( false === $q ) { + $q = $_GET; + } + $q['m'] = isset( $q['m'] ) ? (int) $q['m'] : 0; + $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0; + $q['post_type'] = 'attachment'; + $post_type = get_post_type_object( 'attachment' ); + $states = 'inherit'; + if ( current_user_can( $post_type->cap->read_private_posts ) ) { + $states .= ',private'; + } + + $q['post_status'] = isset( $q['status'] ) && 'trash' === $q['status'] ? 'trash' : $states; + $q['post_status'] = isset( $q['attachment-filter'] ) && 'trash' === $q['attachment-filter'] ? 'trash' : $states; + + $media_per_page = (int) get_user_option( 'upload_per_page' ); + if ( empty( $media_per_page ) || $media_per_page < 1 ) { + $media_per_page = 20; + } + + /** + * Filters the number of items to list per page when listing media items. + * + * @since 2.9.0 + * + * @param int $media_per_page Number of media to list. Default 20. + */ + $q['posts_per_page'] = apply_filters( 'upload_per_page', $media_per_page ); + + $post_mime_types = get_post_mime_types(); + if ( isset( $q['post_mime_type'] ) && ! array_intersect( (array) $q['post_mime_type'], array_keys( $post_mime_types ) ) ) { + unset( $q['post_mime_type'] ); + } + + foreach ( array_keys( $post_mime_types ) as $type ) { + if ( isset( $q['attachment-filter'] ) && "post_mime_type:$type" === $q['attachment-filter'] ) { + $q['post_mime_type'] = $type; + break; + } + } + + if ( isset( $q['detached'] ) || ( isset( $q['attachment-filter'] ) && 'detached' === $q['attachment-filter'] ) ) { + $q['post_parent'] = 0; + } + + if ( isset( $q['mine'] ) || ( isset( $q['attachment-filter'] ) && 'mine' === $q['attachment-filter'] ) ) { + $q['author'] = get_current_user_id(); + } + + // Filter query clauses to include filenames. + if ( isset( $q['s'] ) ) { + add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); + } + + return $q; +} + +/** + * Executes a query for attachments. An array of WP_Query arguments + * can be passed in, which will override the arguments set by this function. + * + * @since 2.5.0 + * + * @param array|false $q Optional. Array of query variables to use to build the query. + * Defaults to the `$_GET` superglobal. + * @return array + */ +function wp_edit_attachments_query( $q = false ) { + wp( wp_edit_attachments_query_vars( $q ) ); + + $post_mime_types = get_post_mime_types(); + $avail_post_mime_types = get_available_post_mime_types( 'attachment' ); + + return array( $post_mime_types, $avail_post_mime_types ); +} + +/** + * Returns the list of classes to be used by a meta box. + * + * @since 2.5.0 + * + * @param string $box_id Meta box ID (used in the 'id' attribute for the meta box). + * @param string $screen_id The screen on which the meta box is shown. + * @return string Space-separated string of class names. + */ +function postbox_classes( $box_id, $screen_id ) { + if ( isset( $_GET['edit'] ) && $_GET['edit'] == $box_id ) { + $classes = array( '' ); + } elseif ( get_user_option( 'closedpostboxes_' . $screen_id ) ) { + $closed = get_user_option( 'closedpostboxes_' . $screen_id ); + if ( ! is_array( $closed ) ) { + $classes = array( '' ); + } else { + $classes = in_array( $box_id, $closed, true ) ? array( 'closed' ) : array( '' ); + } + } else { + $classes = array( '' ); + } + + /** + * Filters the postbox classes for a specific screen and box ID combo. + * + * The dynamic portions of the hook name, `$screen_id` and `$box_id`, refer to + * the screen ID and meta box ID, respectively. + * + * @since 3.2.0 + * + * @param string[] $classes An array of postbox classes. + */ + $classes = apply_filters( "postbox_classes_{$screen_id}_{$box_id}", $classes ); + + return implode( ' ', $classes ); +} + +/** + * Returns a sample permalink based on the post name. + * + * @since 2.5.0 + * + * @param int|WP_Post $post Post ID or post object. + * @param string|null $title Optional. Title to override the post's current title + * when generating the post name. Default null. + * @param string|null $name Optional. Name to override the post name. Default null. + * @return array { + * Array containing the sample permalink with placeholder for the post name, and the post name. + * + * @type string $0 The permalink with placeholder for the post name. + * @type string $1 The post name. + * } + */ +function get_sample_permalink( $post, $title = null, $name = null ) { + $post = get_post( $post ); + + if ( ! $post ) { + return array( '', '' ); + } + + $ptype = get_post_type_object( $post->post_type ); + + $original_status = $post->post_status; + $original_date = $post->post_date; + $original_name = $post->post_name; + $original_filter = $post->filter; + + // Hack: get_permalink() would return plain permalink for drafts, so we will fake that our post is published. + if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ), true ) ) { + $post->post_status = 'publish'; + $post->post_name = sanitize_title( $post->post_name ? $post->post_name : $post->post_title, $post->ID ); + } + + /* + * If the user wants to set a new name -- override the current one. + * Note: if empty name is supplied -- use the title instead, see #6072. + */ + if ( ! is_null( $name ) ) { + $post->post_name = sanitize_title( $name ? $name : $title, $post->ID ); + } + + $post->post_name = wp_unique_post_slug( $post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent ); + + $post->filter = 'sample'; + + $permalink = get_permalink( $post, true ); + + // Replace custom post_type token with generic pagename token for ease of use. + $permalink = str_replace( "%$post->post_type%", '%pagename%', $permalink ); + + // Handle page hierarchy. + if ( $ptype->hierarchical ) { + $uri = get_page_uri( $post ); + if ( $uri ) { + $uri = untrailingslashit( $uri ); + $uri = strrev( stristr( strrev( $uri ), '/' ) ); + $uri = untrailingslashit( $uri ); + } + + /** This filter is documented in wp-admin/edit-tag-form.php */ + $uri = apply_filters( 'editable_slug', $uri, $post ); + if ( ! empty( $uri ) ) { + $uri .= '/'; + } + $permalink = str_replace( '%pagename%', "{$uri}%pagename%", $permalink ); + } + + /** This filter is documented in wp-admin/edit-tag-form.php */ + $permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name, $post ) ); + $post->post_status = $original_status; + $post->post_date = $original_date; + $post->post_name = $original_name; + $post->filter = $original_filter; + + /** + * Filters the sample permalink. + * + * @since 4.4.0 + * + * @param array $permalink { + * Array containing the sample permalink with placeholder for the post name, and the post name. + * + * @type string $0 The permalink with placeholder for the post name. + * @type string $1 The post name. + * } + * @param int $post_id Post ID. + * @param string $title Post title. + * @param string $name Post name (slug). + * @param WP_Post $post Post object. + */ + return apply_filters( 'get_sample_permalink', $permalink, $post->ID, $title, $name, $post ); +} + +/** + * Returns the HTML of the sample permalink slug editor. + * + * @since 2.5.0 + * + * @param int|WP_Post $post Post ID or post object. + * @param string|null $new_title Optional. New title. Default null. + * @param string|null $new_slug Optional. New slug. Default null. + * @return string The HTML of the sample permalink slug editor. + */ +function get_sample_permalink_html( $post, $new_title = null, $new_slug = null ) { + $post = get_post( $post ); + + if ( ! $post ) { + return ''; + } + + list($permalink, $post_name) = get_sample_permalink( $post->ID, $new_title, $new_slug ); + + $view_link = false; + $preview_target = ''; + + if ( current_user_can( 'read_post', $post->ID ) ) { + if ( 'draft' === $post->post_status || empty( $post->post_name ) ) { + $view_link = get_preview_post_link( $post ); + $preview_target = " target='wp-preview-{$post->ID}'"; + } else { + if ( 'publish' === $post->post_status || 'attachment' === $post->post_type ) { + $view_link = get_permalink( $post ); + } else { + // Allow non-published (private, future) to be viewed at a pretty permalink, in case $post->post_name is set. + $view_link = str_replace( array( '%pagename%', '%postname%' ), $post->post_name, $permalink ); + } + } + } + + // Permalinks without a post/page name placeholder don't have anything to edit. + if ( ! str_contains( $permalink, '%postname%' ) && ! str_contains( $permalink, '%pagename%' ) ) { + $return = '<strong>' . __( 'Permalink:' ) . "</strong>\n"; + + if ( false !== $view_link ) { + $display_link = urldecode( $view_link ); + $return .= '<a id="sample-permalink" href="' . esc_url( $view_link ) . '"' . $preview_target . '>' . esc_html( $display_link ) . "</a>\n"; + } else { + $return .= '<span id="sample-permalink">' . $permalink . "</span>\n"; + } + + // Encourage a pretty permalink setting. + if ( ! get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) + && ! ( 'page' === get_option( 'show_on_front' ) && get_option( 'page_on_front' ) == $post->ID ) + ) { + $return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small">' . __( 'Change Permalink Structure' ) . "</a></span>\n"; + } + } else { + if ( mb_strlen( $post_name ) > 34 ) { + $post_name_abridged = mb_substr( $post_name, 0, 16 ) . '…' . mb_substr( $post_name, -16 ); + } else { + $post_name_abridged = $post_name; + } + + $post_name_html = '<span id="editable-post-name">' . esc_html( $post_name_abridged ) . '</span>'; + $display_link = str_replace( array( '%pagename%', '%postname%' ), $post_name_html, esc_html( urldecode( $permalink ) ) ); + + $return = '<strong>' . __( 'Permalink:' ) . "</strong>\n"; + $return .= '<span id="sample-permalink"><a href="' . esc_url( $view_link ) . '"' . $preview_target . '>' . $display_link . "</a></span>\n"; + $return .= '‎'; // Fix bi-directional text display defect in RTL languages. + $return .= '<span id="edit-slug-buttons"><button type="button" class="edit-slug button button-small hide-if-no-js" aria-label="' . __( 'Edit permalink' ) . '">' . __( 'Edit' ) . "</button></span>\n"; + $return .= '<span id="editable-post-name-full">' . esc_html( $post_name ) . "</span>\n"; + } + + /** + * Filters the sample permalink HTML markup. + * + * @since 2.9.0 + * @since 4.4.0 Added `$post` parameter. + * + * @param string $return Sample permalink HTML markup. + * @param int $post_id Post ID. + * @param string|null $new_title New sample permalink title. + * @param string|null $new_slug New sample permalink slug. + * @param WP_Post $post Post object. + */ + $return = apply_filters( 'get_sample_permalink_html', $return, $post->ID, $new_title, $new_slug, $post ); + + return $return; +} + +/** + * Returns HTML for the post thumbnail meta box. + * + * @since 2.9.0 + * + * @param int|null $thumbnail_id Optional. Thumbnail attachment ID. Default null. + * @param int|WP_Post|null $post Optional. The post ID or object associated + * with the thumbnail. Defaults to global $post. + * @return string The post thumbnail HTML. + */ +function _wp_post_thumbnail_html( $thumbnail_id = null, $post = null ) { + $_wp_additional_image_sizes = wp_get_additional_image_sizes(); + + $post = get_post( $post ); + $post_type_object = get_post_type_object( $post->post_type ); + $set_thumbnail_link = '<p class="hide-if-no-js"><a href="%s" id="set-post-thumbnail"%s class="thickbox">%s</a></p>'; + $upload_iframe_src = get_upload_iframe_src( 'image', $post->ID ); + + $content = sprintf( + $set_thumbnail_link, + esc_url( $upload_iframe_src ), + '', // Empty when there's no featured image set, `aria-describedby` attribute otherwise. + esc_html( $post_type_object->labels->set_featured_image ) + ); + + if ( $thumbnail_id && get_post( $thumbnail_id ) ) { + $size = isset( $_wp_additional_image_sizes['post-thumbnail'] ) ? 'post-thumbnail' : array( 266, 266 ); + + /** + * Filters the size used to display the post thumbnail image in the 'Featured image' meta box. + * + * Note: When a theme adds 'post-thumbnail' support, a special 'post-thumbnail' + * image size is registered, which differs from the 'thumbnail' image size + * managed via the Settings > Media screen. + * + * @since 4.4.0 + * + * @param string|int[] $size Requested image size. Can be any registered image size name, or + * an array of width and height values in pixels (in that order). + * @param int $thumbnail_id Post thumbnail attachment ID. + * @param WP_Post $post The post object associated with the thumbnail. + */ + $size = apply_filters( 'admin_post_thumbnail_size', $size, $thumbnail_id, $post ); + + $thumbnail_html = wp_get_attachment_image( $thumbnail_id, $size ); + + if ( ! empty( $thumbnail_html ) ) { + $content = sprintf( + $set_thumbnail_link, + esc_url( $upload_iframe_src ), + ' aria-describedby="set-post-thumbnail-desc"', + $thumbnail_html + ); + $content .= '<p class="hide-if-no-js howto" id="set-post-thumbnail-desc">' . __( 'Click the image to edit or update' ) . '</p>'; + $content .= '<p class="hide-if-no-js"><a href="#" id="remove-post-thumbnail">' . esc_html( $post_type_object->labels->remove_featured_image ) . '</a></p>'; + } + } + + $content .= '<input type="hidden" id="_thumbnail_id" name="_thumbnail_id" value="' . esc_attr( $thumbnail_id ? $thumbnail_id : '-1' ) . '" />'; + + /** + * Filters the admin post thumbnail HTML markup to return. + * + * @since 2.9.0 + * @since 3.5.0 Added the `$post_id` parameter. + * @since 4.6.0 Added the `$thumbnail_id` parameter. + * + * @param string $content Admin post thumbnail HTML markup. + * @param int $post_id Post ID. + * @param int|null $thumbnail_id Thumbnail attachment ID, or null if there isn't one. + */ + return apply_filters( 'admin_post_thumbnail_html', $content, $post->ID, $thumbnail_id ); +} + +/** + * Determines whether the post is currently being edited by another user. + * + * @since 2.5.0 + * + * @param int|WP_Post $post ID or object of the post to check for editing. + * @return int|false ID of the user with lock. False if the post does not exist, post is not locked, + * the user with lock does not exist, or the post is locked by current user. + */ +function wp_check_post_lock( $post ) { + $post = get_post( $post ); + + if ( ! $post ) { + return false; + } + + $lock = get_post_meta( $post->ID, '_edit_lock', true ); + + if ( ! $lock ) { + return false; + } + + $lock = explode( ':', $lock ); + $time = $lock[0]; + $user = isset( $lock[1] ) ? $lock[1] : get_post_meta( $post->ID, '_edit_last', true ); + + if ( ! get_userdata( $user ) ) { + return false; + } + + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $time_window = apply_filters( 'wp_check_post_lock_window', 150 ); + + if ( $time && $time > time() - $time_window && get_current_user_id() != $user ) { + return $user; + } + + return false; +} + +/** + * Marks the post as currently being edited by the current user. + * + * @since 2.5.0 + * + * @param int|WP_Post $post ID or object of the post being edited. + * @return array|false { + * Array of the lock time and user ID. False if the post does not exist, or there + * is no current user. + * + * @type int $0 The current time as a Unix timestamp. + * @type int $1 The ID of the current user. + * } + */ +function wp_set_post_lock( $post ) { + $post = get_post( $post ); + + if ( ! $post ) { + return false; + } + + $user_id = get_current_user_id(); + + if ( 0 == $user_id ) { + return false; + } + + $now = time(); + $lock = "$now:$user_id"; + + update_post_meta( $post->ID, '_edit_lock', $lock ); + + return array( $now, $user_id ); +} + +/** + * Outputs the HTML for the notice to say that someone else is editing or has taken over editing of this post. + * + * @since 2.8.5 + */ +function _admin_notice_post_locked() { + $post = get_post(); + + if ( ! $post ) { + return; + } + + $user = null; + $user_id = wp_check_post_lock( $post->ID ); + + if ( $user_id ) { + $user = get_userdata( $user_id ); + } + + if ( $user ) { + /** + * Filters whether to show the post locked dialog. + * + * Returning false from the filter will prevent the dialog from being displayed. + * + * @since 3.6.0 + * + * @param bool $display Whether to display the dialog. Default true. + * @param WP_Post $post Post object. + * @param WP_User $user The user with the lock for the post. + */ + if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) ) { + return; + } + + $locked = true; + } else { + $locked = false; + } + + $sendback = wp_get_referer(); + if ( $locked && $sendback && ! str_contains( $sendback, 'post.php' ) && ! str_contains( $sendback, 'post-new.php' ) ) { + + $sendback_text = __( 'Go back' ); + } else { + $sendback = admin_url( 'edit.php' ); + + if ( 'post' !== $post->post_type ) { + $sendback = add_query_arg( 'post_type', $post->post_type, $sendback ); + } + + $sendback_text = get_post_type_object( $post->post_type )->labels->all_items; + } + + $hidden = $locked ? '' : ' hidden'; + + ?> + <div id="post-lock-dialog" class="notification-dialog-wrap<?php echo $hidden; ?>"> + <div class="notification-dialog-background"></div> + <div class="notification-dialog"> + <?php + + if ( $locked ) { + $query_args = array(); + if ( get_post_type_object( $post->post_type )->public ) { + if ( 'publish' === $post->post_status || $user->ID != $post->post_author ) { + // Latest content is in autosave. + $nonce = wp_create_nonce( 'post_preview_' . $post->ID ); + $query_args['preview_id'] = $post->ID; + $query_args['preview_nonce'] = $nonce; + } + } + + $preview_link = get_preview_post_link( $post->ID, $query_args ); + + /** + * Filters whether to allow the post lock to be overridden. + * + * Returning false from the filter will disable the ability + * to override the post lock. + * + * @since 3.6.0 + * + * @param bool $override Whether to allow the post lock to be overridden. Default true. + * @param WP_Post $post Post object. + * @param WP_User $user The user with the lock for the post. + */ + $override = apply_filters( 'override_post_lock', true, $post, $user ); + $tab_last = $override ? '' : ' wp-tab-last'; + + ?> + <div class="post-locked-message"> + <div class="post-locked-avatar"><?php echo get_avatar( $user->ID, 64 ); ?></div> + <p class="currently-editing wp-tab-first" tabindex="0"> + <?php + if ( $override ) { + /* translators: %s: User's display name. */ + printf( __( '%s is currently editing this post. Do you want to take over?' ), esc_html( $user->display_name ) ); + } else { + /* translators: %s: User's display name. */ + printf( __( '%s is currently editing this post.' ), esc_html( $user->display_name ) ); + } + ?> + </p> + <?php + /** + * Fires inside the post locked dialog before the buttons are displayed. + * + * @since 3.6.0 + * @since 5.4.0 The $user parameter was added. + * + * @param WP_Post $post Post object. + * @param WP_User $user The user with the lock for the post. + */ + do_action( 'post_locked_dialog', $post, $user ); + ?> + <p> + <a class="button" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a> + <?php if ( $preview_link ) { ?> + <a class="button<?php echo $tab_last; ?>" href="<?php echo esc_url( $preview_link ); ?>"><?php _e( 'Preview' ); ?></a> + <?php + } + + // Allow plugins to prevent some users overriding the post lock. + if ( $override ) { + ?> + <a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', wp_nonce_url( get_edit_post_link( $post->ID, 'url' ), 'lock-post_' . $post->ID ) ) ); ?>"><?php _e( 'Take over' ); ?></a> + <?php + } + + ?> + </p> + </div> + <?php + } else { + ?> + <div class="post-taken-over"> + <div class="post-locked-avatar"></div> + <p class="wp-tab-first" tabindex="0"> + <span class="currently-editing"></span><br /> + <span class="locked-saving hidden"><img src="<?php echo esc_url( admin_url( 'images/spinner-2x.gif' ) ); ?>" width="16" height="16" alt="" /> <?php _e( 'Saving revision…' ); ?></span> + <span class="locked-saved hidden"><?php _e( 'Your latest changes were saved as a revision.' ); ?></span> + </p> + <?php + /** + * Fires inside the dialog displayed when a user has lost the post lock. + * + * @since 3.6.0 + * + * @param WP_Post $post Post object. + */ + do_action( 'post_lock_lost_dialog', $post ); + ?> + <p><a class="button button-primary wp-tab-last" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a></p> + </div> + <?php + } + + ?> + </div> + </div> + <?php +} + +/** + * Creates autosave data for the specified post from `$_POST` data. + * + * @since 2.6.0 + * + * @param array|int $post_data Associative array containing the post data, or integer post ID. + * If a numeric post ID is provided, will use the `$_POST` superglobal. + * @return int|WP_Error The autosave revision ID. WP_Error or 0 on error. + */ +function wp_create_post_autosave( $post_data ) { + if ( is_numeric( $post_data ) ) { + $post_id = $post_data; + $post_data = $_POST; + } else { + $post_id = (int) $post_data['post_ID']; + } + + $post_data = _wp_translate_postdata( true, $post_data ); + if ( is_wp_error( $post_data ) ) { + return $post_data; + } + $post_data = _wp_get_allowed_postdata( $post_data ); + + $post_author = get_current_user_id(); + + // Store one autosave per author. If there is already an autosave, overwrite it. + $old_autosave = wp_get_post_autosave( $post_id, $post_author ); + if ( $old_autosave ) { + $new_autosave = _wp_post_revision_data( $post_data, true ); + $new_autosave['ID'] = $old_autosave->ID; + $new_autosave['post_author'] = $post_author; + + $post = get_post( $post_id ); + + // If the new autosave has the same content as the post, delete the autosave. + $autosave_is_different = false; + foreach ( array_intersect( array_keys( $new_autosave ), array_keys( _wp_post_revision_fields( $post ) ) ) as $field ) { + if ( normalize_whitespace( $new_autosave[ $field ] ) !== normalize_whitespace( $post->$field ) ) { + $autosave_is_different = true; + break; + } + } + + if ( ! $autosave_is_different ) { + wp_delete_post_revision( $old_autosave->ID ); + return 0; + } + + /** + * Fires before an autosave is stored. + * + * @since 4.1.0 + * @since 6.4.0 The `$is_update` parameter was added to indicate if the autosave is being updated or was newly created. + * + * @param array $new_autosave Post array - the autosave that is about to be saved. + * @param bool $is_update Whether this is an existing autosave. + */ + do_action( 'wp_creating_autosave', $new_autosave, true ); + return wp_update_post( $new_autosave ); + } + + // _wp_put_post_revision() expects unescaped. + $post_data = wp_unslash( $post_data ); + + // Otherwise create the new autosave as a special post revision. + $revision = _wp_put_post_revision( $post_data, true ); + + if ( ! is_wp_error( $revision ) && 0 !== $revision ) { + + /** This action is documented in wp-admin/includes/post.php */ + do_action( 'wp_creating_autosave', get_post( $revision, ARRAY_A ), false ); + } + + return $revision; +} + +/** + * Autosave the revisioned meta fields. + * + * Iterates through the revisioned meta fields and checks each to see if they are set, + * and have a changed value. If so, the meta value is saved and attached to the autosave. + * + * @since 6.4.0 + * + * @param array $new_autosave The new post data being autosaved. + */ +function wp_autosave_post_revisioned_meta_fields( $new_autosave ) { + /* + * The post data arrives as either $_POST['data']['wp_autosave'] or the $_POST + * itself. This sets $posted_data to the correct variable. + * + * Ignoring sanitization to avoid altering meta. Ignoring the nonce check because + * this is hooked on inner core hooks where a valid nonce was already checked. + */ + $posted_data = isset( $_POST['data']['wp_autosave'] ) ? $_POST['data']['wp_autosave'] : $_POST; + + $post_type = get_post_type( $new_autosave['post_parent'] ); + + /* + * Go thru the revisioned meta keys and save them as part of the autosave, if + * the meta key is part of the posted data, the meta value is not blank and + * the the meta value has changes from the last autosaved value. + */ + foreach ( wp_post_revision_meta_keys( $post_type ) as $meta_key ) { + + if ( + isset( $posted_data[ $meta_key ] ) && + get_post_meta( $new_autosave['ID'], $meta_key, true ) !== wp_unslash( $posted_data[ $meta_key ] ) + ) { + /* + * Use the underlying delete_metadata() and add_metadata() functions + * vs delete_post_meta() and add_post_meta() to make sure we're working + * with the actual revision meta. + */ + delete_metadata( 'post', $new_autosave['ID'], $meta_key ); + + /* + * One last check to ensure meta value not empty(). + */ + if ( ! empty( $posted_data[ $meta_key ] ) ) { + /* + * Add the revisions meta data to the autosave. + */ + add_metadata( 'post', $new_autosave['ID'], $meta_key, $posted_data[ $meta_key ] ); + } + } + } +} + +/** + * Saves a draft or manually autosaves for the purpose of showing a post preview. + * + * @since 2.7.0 + * + * @return string URL to redirect to show the preview. + */ +function post_preview() { + + $post_id = (int) $_POST['post_ID']; + $_POST['ID'] = $post_id; + + $post = get_post( $post_id ); + + if ( ! $post ) { + wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); + } + + if ( ! current_user_can( 'edit_post', $post->ID ) ) { + wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); + } + + $is_autosave = false; + + if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author + && ( 'draft' === $post->post_status || 'auto-draft' === $post->post_status ) + ) { + $saved_post_id = edit_post(); + } else { + $is_autosave = true; + + if ( isset( $_POST['post_status'] ) && 'auto-draft' === $_POST['post_status'] ) { + $_POST['post_status'] = 'draft'; + } + + $saved_post_id = wp_create_post_autosave( $post->ID ); + } + + if ( is_wp_error( $saved_post_id ) ) { + wp_die( $saved_post_id->get_error_message() ); + } + + $query_args = array(); + + if ( $is_autosave && $saved_post_id ) { + $query_args['preview_id'] = $post->ID; + $query_args['preview_nonce'] = wp_create_nonce( 'post_preview_' . $post->ID ); + + if ( isset( $_POST['post_format'] ) ) { + $query_args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] ); + } + + if ( isset( $_POST['_thumbnail_id'] ) ) { + $query_args['_thumbnail_id'] = ( (int) $_POST['_thumbnail_id'] <= 0 ) ? '-1' : (int) $_POST['_thumbnail_id']; + } + } + + return get_preview_post_link( $post, $query_args ); +} + +/** + * Saves a post submitted with XHR. + * + * Intended for use with heartbeat and autosave.js + * + * @since 3.9.0 + * + * @param array $post_data Associative array of the submitted post data. + * @return mixed The value 0 or WP_Error on failure. The saved post ID on success. + * The ID can be the draft post_id or the autosave revision post_id. + */ +function wp_autosave( $post_data ) { + // Back-compat. + if ( ! defined( 'DOING_AUTOSAVE' ) ) { + define( 'DOING_AUTOSAVE', true ); + } + + $post_id = (int) $post_data['post_id']; + $post_data['ID'] = $post_id; + $post_data['post_ID'] = $post_id; + + if ( false === wp_verify_nonce( $post_data['_wpnonce'], 'update-post_' . $post_id ) ) { + return new WP_Error( 'invalid_nonce', __( 'Error while saving.' ) ); + } + + $post = get_post( $post_id ); + + if ( ! current_user_can( 'edit_post', $post->ID ) ) { + return new WP_Error( 'edit_posts', __( 'Sorry, you are not allowed to edit this item.' ) ); + } + + if ( 'auto-draft' === $post->post_status ) { + $post_data['post_status'] = 'draft'; + } + + if ( 'page' !== $post_data['post_type'] && ! empty( $post_data['catslist'] ) ) { + $post_data['post_category'] = explode( ',', $post_data['catslist'] ); + } + + if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author + && ( 'auto-draft' === $post->post_status || 'draft' === $post->post_status ) + ) { + // Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked. + return edit_post( wp_slash( $post_data ) ); + } else { + /* + * Non-drafts or other users' drafts are not overwritten. + * The autosave is stored in a special post revision for each user. + */ + return wp_create_post_autosave( wp_slash( $post_data ) ); + } +} + +/** + * Redirects to previous page. + * + * @since 2.7.0 + * + * @param int $post_id Optional. Post ID. + */ +function redirect_post( $post_id = '' ) { + if ( isset( $_POST['save'] ) || isset( $_POST['publish'] ) ) { + $status = get_post_status( $post_id ); + + if ( isset( $_POST['publish'] ) ) { + switch ( $status ) { + case 'pending': + $message = 8; + break; + case 'future': + $message = 9; + break; + default: + $message = 6; + } + } else { + $message = 'draft' === $status ? 10 : 1; + } + + $location = add_query_arg( 'message', $message, get_edit_post_link( $post_id, 'url' ) ); + } elseif ( isset( $_POST['addmeta'] ) && $_POST['addmeta'] ) { + $location = add_query_arg( 'message', 2, wp_get_referer() ); + $location = explode( '#', $location ); + $location = $location[0] . '#postcustom'; + } elseif ( isset( $_POST['deletemeta'] ) && $_POST['deletemeta'] ) { + $location = add_query_arg( 'message', 3, wp_get_referer() ); + $location = explode( '#', $location ); + $location = $location[0] . '#postcustom'; + } else { + $location = add_query_arg( 'message', 4, get_edit_post_link( $post_id, 'url' ) ); + } + + /** + * Filters the post redirect destination URL. + * + * @since 2.9.0 + * + * @param string $location The destination URL. + * @param int $post_id The post ID. + */ + wp_redirect( apply_filters( 'redirect_post_location', $location, $post_id ) ); + exit; +} + +/** + * Sanitizes POST values from a checkbox taxonomy metabox. + * + * @since 5.1.0 + * + * @param string $taxonomy The taxonomy name. + * @param array $terms Raw term data from the 'tax_input' field. + * @return int[] Array of sanitized term IDs. + */ +function taxonomy_meta_box_sanitize_cb_checkboxes( $taxonomy, $terms ) { + return array_map( 'intval', $terms ); +} + +/** + * Sanitizes POST values from an input taxonomy metabox. + * + * @since 5.1.0 + * + * @param string $taxonomy The taxonomy name. + * @param array|string $terms Raw term data from the 'tax_input' field. + * @return array + */ +function taxonomy_meta_box_sanitize_cb_input( $taxonomy, $terms ) { + /* + * Assume that a 'tax_input' string is a comma-separated list of term names. + * Some languages may use a character other than a comma as a delimiter, so we standardize on + * commas before parsing the list. + */ + if ( ! is_array( $terms ) ) { + $comma = _x( ',', 'tag delimiter' ); + if ( ',' !== $comma ) { + $terms = str_replace( $comma, ',', $terms ); + } + $terms = explode( ',', trim( $terms, " \n\t\r\0\x0B," ) ); + } + + $clean_terms = array(); + foreach ( $terms as $term ) { + // Empty terms are invalid input. + if ( empty( $term ) ) { + continue; + } + + $_term = get_terms( + array( + 'taxonomy' => $taxonomy, + 'name' => $term, + 'fields' => 'ids', + 'hide_empty' => false, + ) + ); + + if ( ! empty( $_term ) ) { + $clean_terms[] = (int) $_term[0]; + } else { + // No existing term was found, so pass the string. A new term will be created. + $clean_terms[] = $term; + } + } + + return $clean_terms; +} + +/** + * Prepares server-registered blocks for the block editor. + * + * Returns an associative array of registered block data keyed by block name. Data includes properties + * of a block relevant for client registration. + * + * @since 5.0.0 + * @since 6.3.0 Added `selectors` field. + * @since 6.4.0 Added `block_hooks` field. + * + * @return array An associative array of registered block data. + */ +function get_block_editor_server_block_settings() { + $block_registry = WP_Block_Type_Registry::get_instance(); + $blocks = array(); + $fields_to_pick = array( + 'api_version' => 'apiVersion', + 'title' => 'title', + 'description' => 'description', + 'icon' => 'icon', + 'attributes' => 'attributes', + 'provides_context' => 'providesContext', + 'uses_context' => 'usesContext', + 'block_hooks' => 'blockHooks', + 'selectors' => 'selectors', + 'supports' => 'supports', + 'category' => 'category', + 'styles' => 'styles', + 'textdomain' => 'textdomain', + 'parent' => 'parent', + 'ancestor' => 'ancestor', + 'keywords' => 'keywords', + 'example' => 'example', + 'variations' => 'variations', + ); + + foreach ( $block_registry->get_all_registered() as $block_name => $block_type ) { + foreach ( $fields_to_pick as $field => $key ) { + if ( ! isset( $block_type->{ $field } ) ) { + continue; + } + + if ( ! isset( $blocks[ $block_name ] ) ) { + $blocks[ $block_name ] = array(); + } + + $blocks[ $block_name ][ $key ] = $block_type->{ $field }; + } + } + + return $blocks; +} + +/** + * Renders the meta boxes forms. + * + * @since 5.0.0 + * + * @global WP_Post $post Global post object. + * @global WP_Screen $current_screen WordPress current screen object. + * @global array $wp_meta_boxes + */ +function the_block_editor_meta_boxes() { + global $post, $current_screen, $wp_meta_boxes; + + // Handle meta box state. + $_original_meta_boxes = $wp_meta_boxes; + + /** + * Fires right before the meta boxes are rendered. + * + * This allows for the filtering of meta box data, that should already be + * present by this point. Do not use as a means of adding meta box data. + * + * @since 5.0.0 + * + * @param array $wp_meta_boxes Global meta box state. + */ + $wp_meta_boxes = apply_filters( 'filter_block_editor_meta_boxes', $wp_meta_boxes ); + $locations = array( 'side', 'normal', 'advanced' ); + $priorities = array( 'high', 'sorted', 'core', 'default', 'low' ); + + // Render meta boxes. + ?> + <form class="metabox-base-form"> + <?php the_block_editor_meta_box_post_form_hidden_fields( $post ); ?> + </form> + <form id="toggle-custom-fields-form" method="post" action="<?php echo esc_url( admin_url( 'post.php' ) ); ?>"> + <?php wp_nonce_field( 'toggle-custom-fields', 'toggle-custom-fields-nonce' ); ?> + <input type="hidden" name="action" value="toggle-custom-fields" /> + </form> + <?php foreach ( $locations as $location ) : ?> + <form class="metabox-location-<?php echo esc_attr( $location ); ?>" onsubmit="return false;"> + <div id="poststuff" class="sidebar-open"> + <div id="postbox-container-2" class="postbox-container"> + <?php + do_meta_boxes( + $current_screen, + $location, + $post + ); + ?> + </div> + </div> + </form> + <?php endforeach; ?> + <?php + + $meta_boxes_per_location = array(); + foreach ( $locations as $location ) { + $meta_boxes_per_location[ $location ] = array(); + + if ( ! isset( $wp_meta_boxes[ $current_screen->id ][ $location ] ) ) { + continue; + } + + foreach ( $priorities as $priority ) { + if ( ! isset( $wp_meta_boxes[ $current_screen->id ][ $location ][ $priority ] ) ) { + continue; + } + + $meta_boxes = (array) $wp_meta_boxes[ $current_screen->id ][ $location ][ $priority ]; + foreach ( $meta_boxes as $meta_box ) { + if ( false == $meta_box || ! $meta_box['title'] ) { + continue; + } + + // If a meta box is just here for back compat, don't show it in the block editor. + if ( isset( $meta_box['args']['__back_compat_meta_box'] ) && $meta_box['args']['__back_compat_meta_box'] ) { + continue; + } + + $meta_boxes_per_location[ $location ][] = array( + 'id' => $meta_box['id'], + 'title' => $meta_box['title'], + ); + } + } + } + + /* + * Sadly we probably cannot add this data directly into editor settings. + * + * Some meta boxes need `admin_head` to fire for meta box registry. + * `admin_head` fires after `admin_enqueue_scripts`, which is where we create + * our editor instance. + */ + $script = 'window._wpLoadBlockEditor.then( function() { + wp.data.dispatch( \'core/edit-post\' ).setAvailableMetaBoxesPerLocation( ' . wp_json_encode( $meta_boxes_per_location ) . ' ); + } );'; + + wp_add_inline_script( 'wp-edit-post', $script ); + + /* + * When `wp-edit-post` is output in the `<head>`, the inline script needs to be manually printed. + * Otherwise, meta boxes will not display because inline scripts for `wp-edit-post` + * will not be printed again after this point. + */ + if ( wp_script_is( 'wp-edit-post', 'done' ) ) { + printf( "<script type='text/javascript'>\n%s\n</script>\n", trim( $script ) ); + } + + /* + * If the 'postcustom' meta box is enabled, then we need to perform + * some extra initialization on it. + */ + $enable_custom_fields = (bool) get_user_meta( get_current_user_id(), 'enable_custom_fields', true ); + + if ( $enable_custom_fields ) { + $script = "( function( $ ) { + if ( $('#postcustom').length ) { + $( '#the-list' ).wpList( { + addBefore: function( s ) { + s.data += '&post_id=$post->ID'; + return s; + }, + addAfter: function() { + $('table#list-table').show(); + } + }); + } + } )( jQuery );"; + wp_enqueue_script( 'wp-lists' ); + wp_add_inline_script( 'wp-lists', $script ); + } + + /* + * Refresh nonces used by the meta box loader. + * + * The logic is very similar to that provided by post.js for the classic editor. + */ + $script = "( function( $ ) { + var check, timeout; + + function schedule() { + check = false; + window.clearTimeout( timeout ); + timeout = window.setTimeout( function() { check = true; }, 300000 ); + } + + $( document ).on( 'heartbeat-send.wp-refresh-nonces', function( e, data ) { + var post_id, \$authCheck = $( '#wp-auth-check-wrap' ); + + if ( check || ( \$authCheck.length && ! \$authCheck.hasClass( 'hidden' ) ) ) { + if ( ( post_id = $( '#post_ID' ).val() ) && $( '#_wpnonce' ).val() ) { + data['wp-refresh-metabox-loader-nonces'] = { + post_id: post_id + }; + } + } + }).on( 'heartbeat-tick.wp-refresh-nonces', function( e, data ) { + var nonces = data['wp-refresh-metabox-loader-nonces']; + + if ( nonces ) { + if ( nonces.replace ) { + if ( nonces.replace.metabox_loader_nonce && window._wpMetaBoxUrl && wp.url ) { + window._wpMetaBoxUrl= wp.url.addQueryArgs( window._wpMetaBoxUrl, { 'meta-box-loader-nonce': nonces.replace.metabox_loader_nonce } ); + } + + if ( nonces.replace._wpnonce ) { + $( '#_wpnonce' ).val( nonces.replace._wpnonce ); + } + } + } + }).ready( function() { + schedule(); + }); + } )( jQuery );"; + wp_add_inline_script( 'heartbeat', $script ); + + // Reset meta box data. + $wp_meta_boxes = $_original_meta_boxes; +} + +/** + * Renders the hidden form required for the meta boxes form. + * + * @since 5.0.0 + * + * @param WP_Post $post Current post object. + */ +function the_block_editor_meta_box_post_form_hidden_fields( $post ) { + $form_extra = ''; + if ( 'auto-draft' === $post->post_status ) { + $form_extra .= "<input type='hidden' id='auto_draft' name='auto_draft' value='1' />"; + } + $form_action = 'editpost'; + $nonce_action = 'update-post_' . $post->ID; + $form_extra .= "<input type='hidden' id='post_ID' name='post_ID' value='" . esc_attr( $post->ID ) . "' />"; + $referer = wp_get_referer(); + $current_user = wp_get_current_user(); + $user_id = $current_user->ID; + wp_nonce_field( $nonce_action ); + + /* + * Some meta boxes hook into these actions to add hidden input fields in the classic post form. + * For backward compatibility, we can capture the output from these actions, + * and extract the hidden input fields. + */ + ob_start(); + /** This filter is documented in wp-admin/edit-form-advanced.php */ + do_action( 'edit_form_after_title', $post ); + /** This filter is documented in wp-admin/edit-form-advanced.php */ + do_action( 'edit_form_advanced', $post ); + $classic_output = ob_get_clean(); + + $classic_elements = wp_html_split( $classic_output ); + $hidden_inputs = ''; + foreach ( $classic_elements as $element ) { + if ( ! str_starts_with( $element, '<input ' ) ) { + continue; + } + + if ( preg_match( '/\stype=[\'"]hidden[\'"]\s/', $element ) ) { + echo $element; + } + } + ?> + <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_id; ?>" /> + <input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr( $form_action ); ?>" /> + <input type="hidden" id="originalaction" name="originalaction" value="<?php echo esc_attr( $form_action ); ?>" /> + <input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr( $post->post_type ); ?>" /> + <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr( $post->post_status ); ?>" /> + <input type="hidden" id="referredby" name="referredby" value="<?php echo $referer ? esc_url( $referer ) : ''; ?>" /> + + <?php + if ( 'draft' !== get_post_status( $post ) ) { + wp_original_referer_field( true, 'previous' ); + } + echo $form_extra; + wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false ); + wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false ); + // Permalink title nonce. + wp_nonce_field( 'samplepermalink', 'samplepermalinknonce', false ); + + /** + * Adds hidden input fields to the meta box save form. + * + * Hook into this action to print `<input type="hidden" ... />` fields, which will be POSTed back to + * the server when meta boxes are saved. + * + * @since 5.0.0 + * + * @param WP_Post $post The post that is being edited. + */ + do_action( 'block_editor_meta_box_hidden_fields', $post ); +} + +/** + * Disables block editor for wp_navigation type posts so they can be managed via the UI. + * + * @since 5.9.0 + * @access private + * + * @param bool $value Whether the CPT supports block editor or not. + * @param string $post_type Post type. + * @return bool Whether the block editor should be disabled or not. + */ +function _disable_block_editor_for_navigation_post_type( $value, $post_type ) { + if ( 'wp_navigation' === $post_type ) { + return false; + } + + return $value; +} + +/** + * This callback disables the content editor for wp_navigation type posts. + * Content editor cannot handle wp_navigation type posts correctly. + * We cannot disable the "editor" feature in the wp_navigation's CPT definition + * because it disables the ability to save navigation blocks via REST API. + * + * @since 5.9.0 + * @access private + * + * @param WP_Post $post An instance of WP_Post class. + */ +function _disable_content_editor_for_navigation_post_type( $post ) { + $post_type = get_post_type( $post ); + if ( 'wp_navigation' !== $post_type ) { + return; + } + + remove_post_type_support( $post_type, 'editor' ); +} + +/** + * This callback enables content editor for wp_navigation type posts. + * We need to enable it back because we disable it to hide + * the content editor for wp_navigation type posts. + * + * @since 5.9.0 + * @access private + * + * @see _disable_content_editor_for_navigation_post_type + * + * @param WP_Post $post An instance of WP_Post class. + */ +function _enable_content_editor_for_navigation_post_type( $post ) { + $post_type = get_post_type( $post ); + if ( 'wp_navigation' !== $post_type ) { + return; + } + + add_post_type_support( $post_type, 'editor' ); +} diff --git a/wp-admin/includes/privacy-tools.php b/wp-admin/includes/privacy-tools.php new file mode 100644 index 0000000..c5d7c9a --- /dev/null +++ b/wp-admin/includes/privacy-tools.php @@ -0,0 +1,968 @@ +<?php +/** + * WordPress Administration Privacy Tools API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Resend an existing request and return the result. + * + * @since 4.9.6 + * @access private + * + * @param int $request_id Request ID. + * @return true|WP_Error Returns true if sending the email was successful, or a WP_Error object. + */ +function _wp_privacy_resend_request( $request_id ) { + $request_id = absint( $request_id ); + $request = get_post( $request_id ); + + if ( ! $request || 'user_request' !== $request->post_type ) { + return new WP_Error( 'privacy_request_error', __( 'Invalid personal data request.' ) ); + } + + $result = wp_send_user_request( $request_id ); + + if ( is_wp_error( $result ) ) { + return $result; + } elseif ( ! $result ) { + return new WP_Error( 'privacy_request_error', __( 'Unable to initiate confirmation for personal data request.' ) ); + } + + return true; +} + +/** + * Marks a request as completed by the admin and logs the current timestamp. + * + * @since 4.9.6 + * @access private + * + * @param int $request_id Request ID. + * @return int|WP_Error Request ID on success, or a WP_Error on failure. + */ +function _wp_privacy_completed_request( $request_id ) { + // Get the request. + $request_id = absint( $request_id ); + $request = wp_get_user_request( $request_id ); + + if ( ! $request ) { + return new WP_Error( 'privacy_request_error', __( 'Invalid personal data request.' ) ); + } + + update_post_meta( $request_id, '_wp_user_request_completed_timestamp', time() ); + + $result = wp_update_post( + array( + 'ID' => $request_id, + 'post_status' => 'request-completed', + ) + ); + + return $result; +} + +/** + * Handle list table actions. + * + * @since 4.9.6 + * @access private + */ +function _wp_personal_data_handle_actions() { + if ( isset( $_POST['privacy_action_email_retry'] ) ) { + check_admin_referer( 'bulk-privacy_requests' ); + + $request_id = absint( current( array_keys( (array) wp_unslash( $_POST['privacy_action_email_retry'] ) ) ) ); + $result = _wp_privacy_resend_request( $request_id ); + + if ( is_wp_error( $result ) ) { + add_settings_error( + 'privacy_action_email_retry', + 'privacy_action_email_retry', + $result->get_error_message(), + 'error' + ); + } else { + add_settings_error( + 'privacy_action_email_retry', + 'privacy_action_email_retry', + __( 'Confirmation request sent again successfully.' ), + 'success' + ); + } + } elseif ( isset( $_POST['action'] ) ) { + $action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : ''; + + switch ( $action ) { + case 'add_export_personal_data_request': + case 'add_remove_personal_data_request': + check_admin_referer( 'personal-data-request' ); + + if ( ! isset( $_POST['type_of_action'], $_POST['username_or_email_for_privacy_request'] ) ) { + add_settings_error( + 'action_type', + 'action_type', + __( 'Invalid personal data action.' ), + 'error' + ); + } + $action_type = sanitize_text_field( wp_unslash( $_POST['type_of_action'] ) ); + $username_or_email_address = sanitize_text_field( wp_unslash( $_POST['username_or_email_for_privacy_request'] ) ); + $email_address = ''; + $status = 'pending'; + + if ( ! isset( $_POST['send_confirmation_email'] ) ) { + $status = 'confirmed'; + } + + if ( ! in_array( $action_type, _wp_privacy_action_request_types(), true ) ) { + add_settings_error( + 'action_type', + 'action_type', + __( 'Invalid personal data action.' ), + 'error' + ); + } + + if ( ! is_email( $username_or_email_address ) ) { + $user = get_user_by( 'login', $username_or_email_address ); + if ( ! $user instanceof WP_User ) { + add_settings_error( + 'username_or_email_for_privacy_request', + 'username_or_email_for_privacy_request', + __( 'Unable to add this request. A valid email address or username must be supplied.' ), + 'error' + ); + } else { + $email_address = $user->user_email; + } + } else { + $email_address = $username_or_email_address; + } + + if ( empty( $email_address ) ) { + break; + } + + $request_id = wp_create_user_request( $email_address, $action_type, array(), $status ); + $message = ''; + + if ( is_wp_error( $request_id ) ) { + $message = $request_id->get_error_message(); + } elseif ( ! $request_id ) { + $message = __( 'Unable to initiate confirmation request.' ); + } + + if ( $message ) { + add_settings_error( + 'username_or_email_for_privacy_request', + 'username_or_email_for_privacy_request', + $message, + 'error' + ); + break; + } + + if ( 'pending' === $status ) { + wp_send_user_request( $request_id ); + + $message = __( 'Confirmation request initiated successfully.' ); + } elseif ( 'confirmed' === $status ) { + $message = __( 'Request added successfully.' ); + } + + if ( $message ) { + add_settings_error( + 'username_or_email_for_privacy_request', + 'username_or_email_for_privacy_request', + $message, + 'success' + ); + break; + } + } + } +} + +/** + * Cleans up failed and expired requests before displaying the list table. + * + * @since 4.9.6 + * @access private + */ +function _wp_personal_data_cleanup_requests() { + /** This filter is documented in wp-includes/user.php */ + $expires = (int) apply_filters( 'user_request_key_expiration', DAY_IN_SECONDS ); + + $requests_query = new WP_Query( + array( + 'post_type' => 'user_request', + 'posts_per_page' => -1, + 'post_status' => 'request-pending', + 'fields' => 'ids', + 'date_query' => array( + array( + 'column' => 'post_modified_gmt', + 'before' => $expires . ' seconds ago', + ), + ), + ) + ); + + $request_ids = $requests_query->posts; + + foreach ( $request_ids as $request_id ) { + wp_update_post( + array( + 'ID' => $request_id, + 'post_status' => 'request-failed', + 'post_password' => '', + ) + ); + } +} + +/** + * Generate a single group for the personal data export report. + * + * @since 4.9.6 + * @since 5.4.0 Added the `$group_id` and `$groups_count` parameters. + * + * @param array $group_data { + * The group data to render. + * + * @type string $group_label The user-facing heading for the group, e.g. 'Comments'. + * @type array $items { + * An array of group items. + * + * @type array $group_item_data { + * An array of name-value pairs for the item. + * + * @type string $name The user-facing name of an item name-value pair, e.g. 'IP Address'. + * @type string $value The user-facing value of an item data pair, e.g. '50.60.70.0'. + * } + * } + * } + * @param string $group_id The group identifier. + * @param int $groups_count The number of all groups + * @return string The HTML for this group and its items. + */ +function wp_privacy_generate_personal_data_export_group_html( $group_data, $group_id = '', $groups_count = 1 ) { + $group_id_attr = sanitize_title_with_dashes( $group_data['group_label'] . '-' . $group_id ); + + $group_html = '<h2 id="' . esc_attr( $group_id_attr ) . '">'; + $group_html .= esc_html( $group_data['group_label'] ); + + $items_count = count( (array) $group_data['items'] ); + if ( $items_count > 1 ) { + $group_html .= sprintf( ' <span class="count">(%d)</span>', $items_count ); + } + + $group_html .= '</h2>'; + + if ( ! empty( $group_data['group_description'] ) ) { + $group_html .= '<p>' . esc_html( $group_data['group_description'] ) . '</p>'; + } + + $group_html .= '<div>'; + + foreach ( (array) $group_data['items'] as $group_item_id => $group_item_data ) { + $group_html .= '<table>'; + $group_html .= '<tbody>'; + + foreach ( (array) $group_item_data as $group_item_datum ) { + $value = $group_item_datum['value']; + // If it looks like a link, make it a link. + if ( ! str_contains( $value, ' ' ) && ( str_starts_with( $value, 'http://' ) || str_starts_with( $value, 'https://' ) ) ) { + $value = '<a href="' . esc_url( $value ) . '">' . esc_html( $value ) . '</a>'; + } + + $group_html .= '<tr>'; + $group_html .= '<th>' . esc_html( $group_item_datum['name'] ) . '</th>'; + $group_html .= '<td>' . wp_kses( $value, 'personal_data_export' ) . '</td>'; + $group_html .= '</tr>'; + } + + $group_html .= '</tbody>'; + $group_html .= '</table>'; + } + + if ( $groups_count > 1 ) { + $group_html .= '<div class="return-to-top">'; + $group_html .= '<a href="#top"><span aria-hidden="true">↑ </span> ' . esc_html__( 'Go to top' ) . '</a>'; + $group_html .= '</div>'; + } + + $group_html .= '</div>'; + + return $group_html; +} + +/** + * Generate the personal data export file. + * + * @since 4.9.6 + * + * @param int $request_id The export request ID. + */ +function wp_privacy_generate_personal_data_export_file( $request_id ) { + if ( ! class_exists( 'ZipArchive' ) ) { + wp_send_json_error( __( 'Unable to generate personal data export file. ZipArchive not available.' ) ); + } + + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'export_personal_data' !== $request->action_name ) { + wp_send_json_error( __( 'Invalid request ID when generating personal data export file.' ) ); + } + + $email_address = $request->email; + + if ( ! is_email( $email_address ) ) { + wp_send_json_error( __( 'Invalid email address when generating personal data export file.' ) ); + } + + // Create the exports folder if needed. + $exports_dir = wp_privacy_exports_dir(); + $exports_url = wp_privacy_exports_url(); + + if ( ! wp_mkdir_p( $exports_dir ) ) { + wp_send_json_error( __( 'Unable to create personal data export folder.' ) ); + } + + // Protect export folder from browsing. + $index_pathname = $exports_dir . 'index.php'; + if ( ! file_exists( $index_pathname ) ) { + $file = fopen( $index_pathname, 'w' ); + if ( false === $file ) { + wp_send_json_error( __( 'Unable to protect personal data export folder from browsing.' ) ); + } + fwrite( $file, "<?php\n// Silence is golden.\n" ); + fclose( $file ); + } + + $obscura = wp_generate_password( 32, false, false ); + $file_basename = 'wp-personal-data-file-' . $obscura; + $html_report_filename = wp_unique_filename( $exports_dir, $file_basename . '.html' ); + $html_report_pathname = wp_normalize_path( $exports_dir . $html_report_filename ); + $json_report_filename = $file_basename . '.json'; + $json_report_pathname = wp_normalize_path( $exports_dir . $json_report_filename ); + + /* + * Gather general data needed. + */ + + // Title. + $title = sprintf( + /* translators: %s: User's email address. */ + __( 'Personal Data Export for %s' ), + $email_address + ); + + // First, build an "About" group on the fly for this report. + $about_group = array( + /* translators: Header for the About section in a personal data export. */ + 'group_label' => _x( 'About', 'personal data group label' ), + /* translators: Description for the About section in a personal data export. */ + 'group_description' => _x( 'Overview of export report.', 'personal data group description' ), + 'items' => array( + 'about-1' => array( + array( + 'name' => _x( 'Report generated for', 'email address' ), + 'value' => $email_address, + ), + array( + 'name' => _x( 'For site', 'website name' ), + 'value' => get_bloginfo( 'name' ), + ), + array( + 'name' => _x( 'At URL', 'website URL' ), + 'value' => get_bloginfo( 'url' ), + ), + array( + 'name' => _x( 'On', 'date/time' ), + 'value' => current_time( 'mysql' ), + ), + ), + ), + ); + + // And now, all the Groups. + $groups = get_post_meta( $request_id, '_export_data_grouped', true ); + if ( is_array( $groups ) ) { + // Merge in the special "About" group. + $groups = array_merge( array( 'about' => $about_group ), $groups ); + $groups_count = count( $groups ); + } else { + if ( false !== $groups ) { + _doing_it_wrong( + __FUNCTION__, + /* translators: %s: Post meta key. */ + sprintf( __( 'The %s post meta must be an array.' ), '<code>_export_data_grouped</code>' ), + '5.8.0' + ); + } + + $groups = null; + $groups_count = 0; + } + + // Convert the groups to JSON format. + $groups_json = wp_json_encode( $groups ); + + if ( false === $groups_json ) { + $error_message = sprintf( + /* translators: %s: Error message. */ + __( 'Unable to encode the personal data for export. Error: %s' ), + json_last_error_msg() + ); + + wp_send_json_error( $error_message ); + } + + /* + * Handle the JSON export. + */ + $file = fopen( $json_report_pathname, 'w' ); + + if ( false === $file ) { + wp_send_json_error( __( 'Unable to open personal data export file (JSON report) for writing.' ) ); + } + + fwrite( $file, '{' ); + fwrite( $file, '"' . $title . '":' ); + fwrite( $file, $groups_json ); + fwrite( $file, '}' ); + fclose( $file ); + + /* + * Handle the HTML export. + */ + $file = fopen( $html_report_pathname, 'w' ); + + if ( false === $file ) { + wp_send_json_error( __( 'Unable to open personal data export (HTML report) for writing.' ) ); + } + + fwrite( $file, "<!DOCTYPE html>\n" ); + fwrite( $file, "<html>\n" ); + fwrite( $file, "<head>\n" ); + fwrite( $file, "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />\n" ); + fwrite( $file, "<style type='text/css'>" ); + fwrite( $file, 'body { color: black; font-family: Arial, sans-serif; font-size: 11pt; margin: 15px auto; width: 860px; }' ); + fwrite( $file, 'table { background: #f0f0f0; border: 1px solid #ddd; margin-bottom: 20px; width: 100%; }' ); + fwrite( $file, 'th { padding: 5px; text-align: left; width: 20%; }' ); + fwrite( $file, 'td { padding: 5px; }' ); + fwrite( $file, 'tr:nth-child(odd) { background-color: #fafafa; }' ); + fwrite( $file, '.return-to-top { text-align: right; }' ); + fwrite( $file, '</style>' ); + fwrite( $file, '<title>' ); + fwrite( $file, esc_html( $title ) ); + fwrite( $file, '</title>' ); + fwrite( $file, "</head>\n" ); + fwrite( $file, "<body>\n" ); + fwrite( $file, '<h1 id="top">' . esc_html__( 'Personal Data Export' ) . '</h1>' ); + + // Create TOC. + if ( $groups_count > 1 ) { + fwrite( $file, '<div id="table_of_contents">' ); + fwrite( $file, '<h2>' . esc_html__( 'Table of Contents' ) . '</h2>' ); + fwrite( $file, '<ul>' ); + foreach ( (array) $groups as $group_id => $group_data ) { + $group_label = esc_html( $group_data['group_label'] ); + $group_id_attr = sanitize_title_with_dashes( $group_data['group_label'] . '-' . $group_id ); + $group_items_count = count( (array) $group_data['items'] ); + if ( $group_items_count > 1 ) { + $group_label .= sprintf( ' <span class="count">(%d)</span>', $group_items_count ); + } + fwrite( $file, '<li>' ); + fwrite( $file, '<a href="#' . esc_attr( $group_id_attr ) . '">' . $group_label . '</a>' ); + fwrite( $file, '</li>' ); + } + fwrite( $file, '</ul>' ); + fwrite( $file, '</div>' ); + } + + // Now, iterate over every group in $groups and have the formatter render it in HTML. + foreach ( (array) $groups as $group_id => $group_data ) { + fwrite( $file, wp_privacy_generate_personal_data_export_group_html( $group_data, $group_id, $groups_count ) ); + } + + fwrite( $file, "</body>\n" ); + fwrite( $file, "</html>\n" ); + fclose( $file ); + + /* + * Now, generate the ZIP. + * + * If an archive has already been generated, then remove it and reuse the filename, + * to avoid breaking any URLs that may have been previously sent via email. + */ + $error = false; + + // This meta value is used from version 5.5. + $archive_filename = get_post_meta( $request_id, '_export_file_name', true ); + + // This one stored an absolute path and is used for backward compatibility. + $archive_pathname = get_post_meta( $request_id, '_export_file_path', true ); + + // If a filename meta exists, use it. + if ( ! empty( $archive_filename ) ) { + $archive_pathname = $exports_dir . $archive_filename; + } elseif ( ! empty( $archive_pathname ) ) { + // If a full path meta exists, use it and create the new meta value. + $archive_filename = basename( $archive_pathname ); + + update_post_meta( $request_id, '_export_file_name', $archive_filename ); + + // Remove the back-compat meta values. + delete_post_meta( $request_id, '_export_file_url' ); + delete_post_meta( $request_id, '_export_file_path' ); + } else { + // If there's no filename or full path stored, create a new file. + $archive_filename = $file_basename . '.zip'; + $archive_pathname = $exports_dir . $archive_filename; + + update_post_meta( $request_id, '_export_file_name', $archive_filename ); + } + + $archive_url = $exports_url . $archive_filename; + + if ( ! empty( $archive_pathname ) && file_exists( $archive_pathname ) ) { + wp_delete_file( $archive_pathname ); + } + + $zip = new ZipArchive(); + if ( true === $zip->open( $archive_pathname, ZipArchive::CREATE ) ) { + if ( ! $zip->addFile( $json_report_pathname, 'export.json' ) ) { + $error = __( 'Unable to archive the personal data export file (JSON format).' ); + } + + if ( ! $zip->addFile( $html_report_pathname, 'index.html' ) ) { + $error = __( 'Unable to archive the personal data export file (HTML format).' ); + } + + $zip->close(); + + if ( ! $error ) { + /** + * Fires right after all personal data has been written to the export file. + * + * @since 4.9.6 + * @since 5.4.0 Added the `$json_report_pathname` parameter. + * + * @param string $archive_pathname The full path to the export file on the filesystem. + * @param string $archive_url The URL of the archive file. + * @param string $html_report_pathname The full path to the HTML personal data report on the filesystem. + * @param int $request_id The export request ID. + * @param string $json_report_pathname The full path to the JSON personal data report on the filesystem. + */ + do_action( 'wp_privacy_personal_data_export_file_created', $archive_pathname, $archive_url, $html_report_pathname, $request_id, $json_report_pathname ); + } + } else { + $error = __( 'Unable to open personal data export file (archive) for writing.' ); + } + + // Remove the JSON file. + unlink( $json_report_pathname ); + + // Remove the HTML file. + unlink( $html_report_pathname ); + + if ( $error ) { + wp_send_json_error( $error ); + } +} + +/** + * Send an email to the user with a link to the personal data export file + * + * @since 4.9.6 + * + * @param int $request_id The request ID for this personal data export. + * @return true|WP_Error True on success or `WP_Error` on failure. + */ +function wp_privacy_send_personal_data_export_email( $request_id ) { + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'export_personal_data' !== $request->action_name ) { + return new WP_Error( 'invalid_request', __( 'Invalid request ID when sending personal data export email.' ) ); + } + + // Localize message content for user; fallback to site default for visitors. + if ( ! empty( $request->user_id ) ) { + $switched_locale = switch_to_user_locale( $request->user_id ); + } else { + $switched_locale = switch_to_locale( get_locale() ); + } + + /** This filter is documented in wp-includes/functions.php */ + $expiration = apply_filters( 'wp_privacy_export_expiration', 3 * DAY_IN_SECONDS ); + $expiration_date = date_i18n( get_option( 'date_format' ), time() + $expiration ); + + $exports_url = wp_privacy_exports_url(); + $export_file_name = get_post_meta( $request_id, '_export_file_name', true ); + $export_file_url = $exports_url . $export_file_name; + + $site_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); + $site_url = home_url(); + + /** + * Filters the recipient of the personal data export email notification. + * Should be used with great caution to avoid sending the data export link to wrong emails. + * + * @since 5.3.0 + * + * @param string $request_email The email address of the notification recipient. + * @param WP_User_Request $request The request that is initiating the notification. + */ + $request_email = apply_filters( 'wp_privacy_personal_data_email_to', $request->email, $request ); + + $email_data = array( + 'request' => $request, + 'expiration' => $expiration, + 'expiration_date' => $expiration_date, + 'message_recipient' => $request_email, + 'export_file_url' => $export_file_url, + 'sitename' => $site_name, + 'siteurl' => $site_url, + ); + + /* translators: Personal data export notification email subject. %s: Site title. */ + $subject = sprintf( __( '[%s] Personal Data Export' ), $site_name ); + + /** + * Filters the subject of the email sent when an export request is completed. + * + * @since 5.3.0 + * + * @param string $subject The email subject. + * @param string $sitename The name of the site. + * @param array $email_data { + * Data relating to the account action email. + * + * @type WP_User_Request $request User request object. + * @type int $expiration The time in seconds until the export file expires. + * @type string $expiration_date The localized date and time when the export file expires. + * @type string $message_recipient The address that the email will be sent to. Defaults + * to the value of `$request->email`, but can be changed + * by the `wp_privacy_personal_data_email_to` filter. + * @type string $export_file_url The export file URL. + * @type string $sitename The site name sending the mail. + * @type string $siteurl The site URL sending the mail. + * } + */ + $subject = apply_filters( 'wp_privacy_personal_data_email_subject', $subject, $site_name, $email_data ); + + /* translators: Do not translate EXPIRATION, LINK, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( + 'Howdy, + +Your request for an export of personal data has been completed. You may +download your personal data by clicking on the link below. For privacy +and security, we will automatically delete the file on ###EXPIRATION###, +so please download it before then. + +###LINK### + +Regards, +All at ###SITENAME### +###SITEURL###' + ); + + /** + * Filters the text of the email sent with a personal data export file. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###EXPIRATION### The date when the URL will be automatically deleted. + * ###LINK### URL of the personal data export file for the user. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since 4.9.6 + * @since 5.3.0 Introduced the `$email_data` array. + * + * @param string $email_text Text in the email. + * @param int $request_id The request ID for this personal data export. + * @param array $email_data { + * Data relating to the account action email. + * + * @type WP_User_Request $request User request object. + * @type int $expiration The time in seconds until the export file expires. + * @type string $expiration_date The localized date and time when the export file expires. + * @type string $message_recipient The address that the email will be sent to. Defaults + * to the value of `$request->email`, but can be changed + * by the `wp_privacy_personal_data_email_to` filter. + * @type string $export_file_url The export file URL. + * @type string $sitename The site name sending the mail. + * @type string $siteurl The site URL sending the mail. + */ + $content = apply_filters( 'wp_privacy_personal_data_email_content', $email_text, $request_id, $email_data ); + + $content = str_replace( '###EXPIRATION###', $expiration_date, $content ); + $content = str_replace( '###LINK###', sanitize_url( $export_file_url ), $content ); + $content = str_replace( '###EMAIL###', $request_email, $content ); + $content = str_replace( '###SITENAME###', $site_name, $content ); + $content = str_replace( '###SITEURL###', sanitize_url( $site_url ), $content ); + + $headers = ''; + + /** + * Filters the headers of the email sent with a personal data export file. + * + * @since 5.4.0 + * + * @param string|array $headers The email headers. + * @param string $subject The email subject. + * @param string $content The email content. + * @param int $request_id The request ID. + * @param array $email_data { + * Data relating to the account action email. + * + * @type WP_User_Request $request User request object. + * @type int $expiration The time in seconds until the export file expires. + * @type string $expiration_date The localized date and time when the export file expires. + * @type string $message_recipient The address that the email will be sent to. Defaults + * to the value of `$request->email`, but can be changed + * by the `wp_privacy_personal_data_email_to` filter. + * @type string $export_file_url The export file URL. + * @type string $sitename The site name sending the mail. + * @type string $siteurl The site URL sending the mail. + * } + */ + $headers = apply_filters( 'wp_privacy_personal_data_email_headers', $headers, $subject, $content, $request_id, $email_data ); + + $mail_success = wp_mail( $request_email, $subject, $content, $headers ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + if ( ! $mail_success ) { + return new WP_Error( 'privacy_email_error', __( 'Unable to send personal data export email.' ) ); + } + + return true; +} + +/** + * Intercept personal data exporter page Ajax responses in order to assemble the personal data export file. + * + * @since 4.9.6 + * + * @see 'wp_privacy_personal_data_export_page' + * + * @param array $response The response from the personal data exporter for the given page. + * @param int $exporter_index The index of the personal data exporter. Begins at 1. + * @param string $email_address The email address of the user whose personal data this is. + * @param int $page The page of personal data for this exporter. Begins at 1. + * @param int $request_id The request ID for this personal data export. + * @param bool $send_as_email Whether the final results of the export should be emailed to the user. + * @param string $exporter_key The slug (key) of the exporter. + * @return array The filtered response. + */ +function wp_privacy_process_personal_data_export_page( $response, $exporter_index, $email_address, $page, $request_id, $send_as_email, $exporter_key ) { + /* Do some simple checks on the shape of the response from the exporter. + * If the exporter response is malformed, don't attempt to consume it - let it + * pass through to generate a warning to the user by default Ajax processing. + */ + if ( ! is_array( $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'done', $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'data', $response ) ) { + return $response; + } + + if ( ! is_array( $response['data'] ) ) { + return $response; + } + + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'export_personal_data' !== $request->action_name ) { + wp_send_json_error( __( 'Invalid request ID when merging personal data to export.' ) ); + } + + $export_data = array(); + + // First exporter, first page? Reset the report data accumulation array. + if ( 1 === $exporter_index && 1 === $page ) { + update_post_meta( $request_id, '_export_data_raw', $export_data ); + } else { + $accumulated_data = get_post_meta( $request_id, '_export_data_raw', true ); + + if ( $accumulated_data ) { + $export_data = $accumulated_data; + } + } + + // Now, merge the data from the exporter response into the data we have accumulated already. + $export_data = array_merge( $export_data, $response['data'] ); + update_post_meta( $request_id, '_export_data_raw', $export_data ); + + // If we are not yet on the last page of the last exporter, return now. + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); + $is_last_exporter = count( $exporters ) === $exporter_index; + $exporter_done = $response['done']; + if ( ! $is_last_exporter || ! $exporter_done ) { + return $response; + } + + // Last exporter, last page - let's prepare the export file. + + // First we need to re-organize the raw data hierarchically in groups and items. + $groups = array(); + foreach ( (array) $export_data as $export_datum ) { + $group_id = $export_datum['group_id']; + $group_label = $export_datum['group_label']; + + $group_description = ''; + if ( ! empty( $export_datum['group_description'] ) ) { + $group_description = $export_datum['group_description']; + } + + if ( ! array_key_exists( $group_id, $groups ) ) { + $groups[ $group_id ] = array( + 'group_label' => $group_label, + 'group_description' => $group_description, + 'items' => array(), + ); + } + + $item_id = $export_datum['item_id']; + if ( ! array_key_exists( $item_id, $groups[ $group_id ]['items'] ) ) { + $groups[ $group_id ]['items'][ $item_id ] = array(); + } + + $old_item_data = $groups[ $group_id ]['items'][ $item_id ]; + $merged_item_data = array_merge( $export_datum['data'], $old_item_data ); + $groups[ $group_id ]['items'][ $item_id ] = $merged_item_data; + } + + // Then save the grouped data into the request. + delete_post_meta( $request_id, '_export_data_raw' ); + update_post_meta( $request_id, '_export_data_grouped', $groups ); + + /** + * Generate the export file from the collected, grouped personal data. + * + * @since 4.9.6 + * + * @param int $request_id The export request ID. + */ + do_action( 'wp_privacy_personal_data_export_file', $request_id ); + + // Clear the grouped data now that it is no longer needed. + delete_post_meta( $request_id, '_export_data_grouped' ); + + // If the destination is email, send it now. + if ( $send_as_email ) { + $mail_success = wp_privacy_send_personal_data_export_email( $request_id ); + if ( is_wp_error( $mail_success ) ) { + wp_send_json_error( $mail_success->get_error_message() ); + } + + // Update the request to completed state when the export email is sent. + _wp_privacy_completed_request( $request_id ); + } else { + // Modify the response to include the URL of the export file so the browser can fetch it. + $exports_url = wp_privacy_exports_url(); + $export_file_name = get_post_meta( $request_id, '_export_file_name', true ); + $export_file_url = $exports_url . $export_file_name; + + if ( ! empty( $export_file_url ) ) { + $response['url'] = $export_file_url; + } + } + + return $response; +} + +/** + * Mark erasure requests as completed after processing is finished. + * + * This intercepts the Ajax responses to personal data eraser page requests, and + * monitors the status of a request. Once all of the processing has finished, the + * request is marked as completed. + * + * @since 4.9.6 + * + * @see 'wp_privacy_personal_data_erasure_page' + * + * @param array $response The response from the personal data eraser for + * the given page. + * @param int $eraser_index The index of the personal data eraser. Begins + * at 1. + * @param string $email_address The email address of the user whose personal + * data this is. + * @param int $page The page of personal data for this eraser. + * Begins at 1. + * @param int $request_id The request ID for this personal data erasure. + * @return array The filtered response. + */ +function wp_privacy_process_personal_data_erasure_page( $response, $eraser_index, $email_address, $page, $request_id ) { + /* + * If the eraser response is malformed, don't attempt to consume it; let it + * pass through, so that the default Ajax processing will generate a warning + * to the user. + */ + if ( ! is_array( $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'done', $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'items_removed', $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'items_retained', $response ) ) { + return $response; + } + + if ( ! array_key_exists( 'messages', $response ) ) { + return $response; + } + + // Get the request. + $request = wp_get_user_request( $request_id ); + + if ( ! $request || 'remove_personal_data' !== $request->action_name ) { + wp_send_json_error( __( 'Invalid request ID when processing personal data to erase.' ) ); + } + + /** This filter is documented in wp-admin/includes/ajax-actions.php */ + $erasers = apply_filters( 'wp_privacy_personal_data_erasers', array() ); + $is_last_eraser = count( $erasers ) === $eraser_index; + $eraser_done = $response['done']; + + if ( ! $is_last_eraser || ! $eraser_done ) { + return $response; + } + + _wp_privacy_completed_request( $request_id ); + + /** + * Fires immediately after a personal data erasure request has been marked completed. + * + * @since 4.9.6 + * + * @param int $request_id The privacy request post ID associated with this request. + */ + do_action( 'wp_privacy_personal_data_erased', $request_id ); + + return $response; +} diff --git a/wp-admin/includes/revision.php b/wp-admin/includes/revision.php new file mode 100644 index 0000000..8ed45fd --- /dev/null +++ b/wp-admin/includes/revision.php @@ -0,0 +1,473 @@ +<?php +/** + * WordPress Administration Revisions API + * + * @package WordPress + * @subpackage Administration + * @since 3.6.0 + */ + +/** + * Get the revision UI diff. + * + * @since 3.6.0 + * + * @param WP_Post|int $post The post object or post ID. + * @param int $compare_from The revision ID to compare from. + * @param int $compare_to The revision ID to come to. + * @return array|false Associative array of a post's revisioned fields and their diffs. + * Or, false on failure. + */ +function wp_get_revision_ui_diff( $post, $compare_from, $compare_to ) { + $post = get_post( $post ); + if ( ! $post ) { + return false; + } + + if ( $compare_from ) { + $compare_from = get_post( $compare_from ); + if ( ! $compare_from ) { + return false; + } + } else { + // If we're dealing with the first revision... + $compare_from = false; + } + + $compare_to = get_post( $compare_to ); + if ( ! $compare_to ) { + return false; + } + + /* + * If comparing revisions, make sure we are dealing with the right post parent. + * The parent post may be a 'revision' when revisions are disabled and we're looking at autosaves. + */ + if ( $compare_from && $compare_from->post_parent !== $post->ID && $compare_from->ID !== $post->ID ) { + return false; + } + if ( $compare_to->post_parent !== $post->ID && $compare_to->ID !== $post->ID ) { + return false; + } + + if ( $compare_from && strtotime( $compare_from->post_date_gmt ) > strtotime( $compare_to->post_date_gmt ) ) { + $temp = $compare_from; + $compare_from = $compare_to; + $compare_to = $temp; + } + + // Add default title if title field is empty. + if ( $compare_from && empty( $compare_from->post_title ) ) { + $compare_from->post_title = __( '(no title)' ); + } + if ( empty( $compare_to->post_title ) ) { + $compare_to->post_title = __( '(no title)' ); + } + + $return = array(); + + foreach ( _wp_post_revision_fields( $post ) as $field => $name ) { + /** + * Contextually filter a post revision field. + * + * The dynamic portion of the hook name, `$field`, corresponds to a name of a + * field of the revision object. + * + * Possible hook names include: + * + * - `_wp_post_revision_field_post_title` + * - `_wp_post_revision_field_post_content` + * - `_wp_post_revision_field_post_excerpt` + * + * @since 3.6.0 + * + * @param string $revision_field The current revision field to compare to or from. + * @param string $field The current revision field. + * @param WP_Post $compare_from The revision post object to compare to or from. + * @param string $context The context of whether the current revision is the old + * or the new one. Values are 'to' or 'from'. + */ + $content_from = $compare_from ? apply_filters( "_wp_post_revision_field_{$field}", $compare_from->$field, $field, $compare_from, 'from' ) : ''; + + /** This filter is documented in wp-admin/includes/revision.php */ + $content_to = apply_filters( "_wp_post_revision_field_{$field}", $compare_to->$field, $field, $compare_to, 'to' ); + + $args = array( + 'show_split_view' => true, + 'title_left' => __( 'Removed' ), + 'title_right' => __( 'Added' ), + ); + + /** + * Filters revisions text diff options. + * + * Filters the options passed to wp_text_diff() when viewing a post revision. + * + * @since 4.1.0 + * + * @param array $args { + * Associative array of options to pass to wp_text_diff(). + * + * @type bool $show_split_view True for split view (two columns), false for + * un-split view (single column). Default true. + * } + * @param string $field The current revision field. + * @param WP_Post $compare_from The revision post to compare from. + * @param WP_Post $compare_to The revision post to compare to. + */ + $args = apply_filters( 'revision_text_diff_options', $args, $field, $compare_from, $compare_to ); + + $diff = wp_text_diff( $content_from, $content_to, $args ); + + if ( ! $diff && 'post_title' === $field ) { + /* + * It's a better user experience to still show the Title, even if it didn't change. + * No, you didn't see this. + */ + $diff = '<table class="diff"><colgroup><col class="content diffsplit left"><col class="content diffsplit middle"><col class="content diffsplit right"></colgroup><tbody><tr>'; + + // In split screen mode, show the title before/after side by side. + if ( true === $args['show_split_view'] ) { + $diff .= '<td>' . esc_html( $compare_from->post_title ) . '</td><td></td><td>' . esc_html( $compare_to->post_title ) . '</td>'; + } else { + $diff .= '<td>' . esc_html( $compare_from->post_title ) . '</td>'; + + // In single column mode, only show the title once if unchanged. + if ( $compare_from->post_title !== $compare_to->post_title ) { + $diff .= '</tr><tr><td>' . esc_html( $compare_to->post_title ) . '</td>'; + } + } + + $diff .= '</tr></tbody>'; + $diff .= '</table>'; + } + + if ( $diff ) { + $return[] = array( + 'id' => $field, + 'name' => $name, + 'diff' => $diff, + ); + } + } + + /** + * Filters the fields displayed in the post revision diff UI. + * + * @since 4.1.0 + * + * @param array[] $return Array of revision UI fields. Each item is an array of id, name, and diff. + * @param WP_Post $compare_from The revision post to compare from. + * @param WP_Post $compare_to The revision post to compare to. + */ + return apply_filters( 'wp_get_revision_ui_diff', $return, $compare_from, $compare_to ); +} + +/** + * Prepare revisions for JavaScript. + * + * @since 3.6.0 + * + * @param WP_Post|int $post The post object or post ID. + * @param int $selected_revision_id The selected revision ID. + * @param int $from Optional. The revision ID to compare from. + * @return array An associative array of revision data and related settings. + */ +function wp_prepare_revisions_for_js( $post, $selected_revision_id, $from = null ) { + $post = get_post( $post ); + $authors = array(); + $now_gmt = time(); + + $revisions = wp_get_post_revisions( + $post->ID, + array( + 'order' => 'ASC', + 'check_enabled' => false, + ) + ); + // If revisions are disabled, we only want autosaves and the current post. + if ( ! wp_revisions_enabled( $post ) ) { + foreach ( $revisions as $revision_id => $revision ) { + if ( ! wp_is_post_autosave( $revision ) ) { + unset( $revisions[ $revision_id ] ); + } + } + $revisions = array( $post->ID => $post ) + $revisions; + } + + $show_avatars = get_option( 'show_avatars' ); + + update_post_author_caches( $revisions ); + + $can_restore = current_user_can( 'edit_post', $post->ID ); + $current_id = false; + + foreach ( $revisions as $revision ) { + $modified = strtotime( $revision->post_modified ); + $modified_gmt = strtotime( $revision->post_modified_gmt . ' +0000' ); + if ( $can_restore ) { + $restore_link = str_replace( + '&', + '&', + wp_nonce_url( + add_query_arg( + array( + 'revision' => $revision->ID, + 'action' => 'restore', + ), + admin_url( 'revision.php' ) + ), + "restore-post_{$revision->ID}" + ) + ); + } + + if ( ! isset( $authors[ $revision->post_author ] ) ) { + $authors[ $revision->post_author ] = array( + 'id' => (int) $revision->post_author, + 'avatar' => $show_avatars ? get_avatar( $revision->post_author, 32 ) : '', + 'name' => get_the_author_meta( 'display_name', $revision->post_author ), + ); + } + + $autosave = (bool) wp_is_post_autosave( $revision ); + $current = ! $autosave && $revision->post_modified_gmt === $post->post_modified_gmt; + if ( $current && ! empty( $current_id ) ) { + // If multiple revisions have the same post_modified_gmt, highest ID is current. + if ( $current_id < $revision->ID ) { + $revisions[ $current_id ]['current'] = false; + $current_id = $revision->ID; + } else { + $current = false; + } + } elseif ( $current ) { + $current_id = $revision->ID; + } + + $revisions_data = array( + 'id' => $revision->ID, + 'title' => get_the_title( $post->ID ), + 'author' => $authors[ $revision->post_author ], + 'date' => date_i18n( __( 'M j, Y @ H:i' ), $modified ), + 'dateShort' => date_i18n( _x( 'j M @ H:i', 'revision date short format' ), $modified ), + /* translators: %s: Human-readable time difference. */ + 'timeAgo' => sprintf( __( '%s ago' ), human_time_diff( $modified_gmt, $now_gmt ) ), + 'autosave' => $autosave, + 'current' => $current, + 'restoreUrl' => $can_restore ? $restore_link : false, + ); + + /** + * Filters the array of revisions used on the revisions screen. + * + * @since 4.4.0 + * + * @param array $revisions_data { + * The bootstrapped data for the revisions screen. + * + * @type int $id Revision ID. + * @type string $title Title for the revision's parent WP_Post object. + * @type int $author Revision post author ID. + * @type string $date Date the revision was modified. + * @type string $dateShort Short-form version of the date the revision was modified. + * @type string $timeAgo GMT-aware amount of time ago the revision was modified. + * @type bool $autosave Whether the revision is an autosave. + * @type bool $current Whether the revision is both not an autosave and the post + * modified date matches the revision modified date (GMT-aware). + * @type bool|false $restoreUrl URL if the revision can be restored, false otherwise. + * } + * @param WP_Post $revision The revision's WP_Post object. + * @param WP_Post $post The revision's parent WP_Post object. + */ + $revisions[ $revision->ID ] = apply_filters( 'wp_prepare_revision_for_js', $revisions_data, $revision, $post ); + } + + /* + * If we only have one revision, the initial revision is missing. This happens + * when we have an autosave and the user has clicked 'View the Autosave'. + */ + if ( 1 === count( $revisions ) ) { + $revisions[ $post->ID ] = array( + 'id' => $post->ID, + 'title' => get_the_title( $post->ID ), + 'author' => $authors[ $revision->post_author ], + 'date' => date_i18n( __( 'M j, Y @ H:i' ), strtotime( $post->post_modified ) ), + 'dateShort' => date_i18n( _x( 'j M @ H:i', 'revision date short format' ), strtotime( $post->post_modified ) ), + /* translators: %s: Human-readable time difference. */ + 'timeAgo' => sprintf( __( '%s ago' ), human_time_diff( strtotime( $post->post_modified_gmt ), $now_gmt ) ), + 'autosave' => false, + 'current' => true, + 'restoreUrl' => false, + ); + $current_id = $post->ID; + } + + /* + * If a post has been saved since the latest revision (no revisioned fields + * were changed), we may not have a "current" revision. Mark the latest + * revision as "current". + */ + if ( empty( $current_id ) ) { + if ( $revisions[ $revision->ID ]['autosave'] ) { + $revision = end( $revisions ); + while ( $revision['autosave'] ) { + $revision = prev( $revisions ); + } + $current_id = $revision['id']; + } else { + $current_id = $revision->ID; + } + $revisions[ $current_id ]['current'] = true; + } + + // Now, grab the initial diff. + $compare_two_mode = is_numeric( $from ); + if ( ! $compare_two_mode ) { + $found = array_search( $selected_revision_id, array_keys( $revisions ), true ); + if ( $found ) { + $from = array_keys( array_slice( $revisions, $found - 1, 1, true ) ); + $from = reset( $from ); + } else { + $from = 0; + } + } + + $from = absint( $from ); + + $diffs = array( + array( + 'id' => $from . ':' . $selected_revision_id, + 'fields' => wp_get_revision_ui_diff( $post->ID, $from, $selected_revision_id ), + ), + ); + + return array( + 'postId' => $post->ID, + 'nonce' => wp_create_nonce( 'revisions-ajax-nonce' ), + 'revisionData' => array_values( $revisions ), + 'to' => $selected_revision_id, + 'from' => $from, + 'diffData' => $diffs, + 'baseUrl' => parse_url( admin_url( 'revision.php' ), PHP_URL_PATH ), + 'compareTwoMode' => absint( $compare_two_mode ), // Apparently booleans are not allowed. + 'revisionIds' => array_keys( $revisions ), + ); +} + +/** + * Print JavaScript templates required for the revisions experience. + * + * @since 4.1.0 + * + * @global WP_Post $post Global post object. + */ +function wp_print_revision_templates() { + global $post; + ?><script id="tmpl-revisions-frame" type="text/html"> + <div class="revisions-control-frame"></div> + <div class="revisions-diff-frame"></div> + </script> + + <script id="tmpl-revisions-buttons" type="text/html"> + <div class="revisions-previous"> + <input class="button" type="button" value="<?php echo esc_attr_x( 'Previous', 'Button label for a previous revision' ); ?>" /> + </div> + + <div class="revisions-next"> + <input class="button" type="button" value="<?php echo esc_attr_x( 'Next', 'Button label for a next revision' ); ?>" /> + </div> + </script> + + <script id="tmpl-revisions-checkbox" type="text/html"> + <div class="revision-toggle-compare-mode"> + <label> + <input type="checkbox" class="compare-two-revisions" + <# + if ( 'undefined' !== typeof data && data.model.attributes.compareTwoMode ) { + #> checked="checked"<# + } + #> + /> + <?php esc_html_e( 'Compare any two revisions' ); ?> + </label> + </div> + </script> + + <script id="tmpl-revisions-meta" type="text/html"> + <# if ( ! _.isUndefined( data.attributes ) ) { #> + <div class="diff-title"> + <# if ( 'from' === data.type ) { #> + <strong><?php _ex( 'From:', 'Followed by post revision info' ); ?></strong> + <# } else if ( 'to' === data.type ) { #> + <strong><?php _ex( 'To:', 'Followed by post revision info' ); ?></strong> + <# } #> + <div class="author-card<# if ( data.attributes.autosave ) { #> autosave<# } #>"> + {{{ data.attributes.author.avatar }}} + <div class="author-info"> + <# if ( data.attributes.autosave ) { #> + <span class="byline"> + <?php + printf( + /* translators: %s: User's display name. */ + __( 'Autosave by %s' ), + '<span class="author-name">{{ data.attributes.author.name }}</span>' + ); + ?> + </span> + <# } else if ( data.attributes.current ) { #> + <span class="byline"> + <?php + printf( + /* translators: %s: User's display name. */ + __( 'Current Revision by %s' ), + '<span class="author-name">{{ data.attributes.author.name }}</span>' + ); + ?> + </span> + <# } else { #> + <span class="byline"> + <?php + printf( + /* translators: %s: User's display name. */ + __( 'Revision by %s' ), + '<span class="author-name">{{ data.attributes.author.name }}</span>' + ); + ?> + </span> + <# } #> + <span class="time-ago">{{ data.attributes.timeAgo }}</span> + <span class="date">({{ data.attributes.dateShort }})</span> + </div> + <# if ( 'to' === data.type && data.attributes.restoreUrl ) { #> + <input <?php if ( wp_check_post_lock( $post->ID ) ) { ?> + disabled="disabled" + <?php } else { ?> + <# if ( data.attributes.current ) { #> + disabled="disabled" + <# } #> + <?php } ?> + <# if ( data.attributes.autosave ) { #> + type="button" class="restore-revision button button-primary" value="<?php esc_attr_e( 'Restore This Autosave' ); ?>" /> + <# } else { #> + type="button" class="restore-revision button button-primary" value="<?php esc_attr_e( 'Restore This Revision' ); ?>" /> + <# } #> + <# } #> + </div> + <# if ( 'tooltip' === data.type ) { #> + <div class="revisions-tooltip-arrow"><span></span></div> + <# } #> + <# } #> + </script> + + <script id="tmpl-revisions-diff" type="text/html"> + <div class="loading-indicator"><span class="spinner"></span></div> + <div class="diff-error"><?php _e( 'Sorry, something went wrong. The requested comparison could not be loaded.' ); ?></div> + <div class="diff"> + <# _.each( data.fields, function( field ) { #> + <h3>{{ field.name }}</h3> + {{{ field.diff }}} + <# }); #> + </div> + </script> + <?php +} diff --git a/wp-admin/includes/schema.php b/wp-admin/includes/schema.php new file mode 100644 index 0000000..20648d7 --- /dev/null +++ b/wp-admin/includes/schema.php @@ -0,0 +1,1382 @@ +<?php +/** + * WordPress Administration Scheme API + * + * Here we keep the DB structure and option values. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Declare these as global in case schema.php is included from a function. + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global array $wp_queries + * @global string $charset_collate + */ +global $wpdb, $wp_queries, $charset_collate; + +/** + * The database character collate. + */ +$charset_collate = $wpdb->get_charset_collate(); + +/** + * Retrieve the SQL for creating database tables. + * + * @since 3.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $scope Optional. The tables for which to retrieve SQL. Can be all, global, ms_global, or blog tables. Defaults to all. + * @param int $blog_id Optional. The site ID for which to retrieve SQL. Default is the current site ID. + * @return string The SQL needed to create the requested tables. + */ +function wp_get_db_schema( $scope = 'all', $blog_id = null ) { + global $wpdb; + + $charset_collate = $wpdb->get_charset_collate(); + + if ( $blog_id && (int) $blog_id !== $wpdb->blogid ) { + $old_blog_id = $wpdb->set_blog_id( $blog_id ); + } + + // Engage multisite if in the middle of turning it on from network.php. + $is_multisite = is_multisite() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK ); + + /* + * Indexes have a maximum size of 767 bytes. Historically, we haven't need to be concerned about that. + * As of 4.2, however, we moved to utf8mb4, which uses 4 bytes per character. This means that an index which + * used to have room for floor(767/3) = 255 characters, now only has room for floor(767/4) = 191 characters. + */ + $max_index_length = 191; + + // Blog-specific tables. + $blog_tables = "CREATE TABLE $wpdb->termmeta ( + meta_id bigint(20) unsigned NOT NULL auto_increment, + term_id bigint(20) unsigned NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (meta_id), + KEY term_id (term_id), + KEY meta_key (meta_key($max_index_length)) +) $charset_collate; +CREATE TABLE $wpdb->terms ( + term_id bigint(20) unsigned NOT NULL auto_increment, + name varchar(200) NOT NULL default '', + slug varchar(200) NOT NULL default '', + term_group bigint(10) NOT NULL default 0, + PRIMARY KEY (term_id), + KEY slug (slug($max_index_length)), + KEY name (name($max_index_length)) +) $charset_collate; +CREATE TABLE $wpdb->term_taxonomy ( + term_taxonomy_id bigint(20) unsigned NOT NULL auto_increment, + term_id bigint(20) unsigned NOT NULL default 0, + taxonomy varchar(32) NOT NULL default '', + description longtext NOT NULL, + parent bigint(20) unsigned NOT NULL default 0, + count bigint(20) NOT NULL default 0, + PRIMARY KEY (term_taxonomy_id), + UNIQUE KEY term_id_taxonomy (term_id,taxonomy), + KEY taxonomy (taxonomy) +) $charset_collate; +CREATE TABLE $wpdb->term_relationships ( + object_id bigint(20) unsigned NOT NULL default 0, + term_taxonomy_id bigint(20) unsigned NOT NULL default 0, + term_order int(11) NOT NULL default 0, + PRIMARY KEY (object_id,term_taxonomy_id), + KEY term_taxonomy_id (term_taxonomy_id) +) $charset_collate; +CREATE TABLE $wpdb->commentmeta ( + meta_id bigint(20) unsigned NOT NULL auto_increment, + comment_id bigint(20) unsigned NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (meta_id), + KEY comment_id (comment_id), + KEY meta_key (meta_key($max_index_length)) +) $charset_collate; +CREATE TABLE $wpdb->comments ( + comment_ID bigint(20) unsigned NOT NULL auto_increment, + comment_post_ID bigint(20) unsigned NOT NULL default '0', + comment_author tinytext NOT NULL, + comment_author_email varchar(100) NOT NULL default '', + comment_author_url varchar(200) NOT NULL default '', + comment_author_IP varchar(100) NOT NULL default '', + comment_date datetime NOT NULL default '0000-00-00 00:00:00', + comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00', + comment_content text NOT NULL, + comment_karma int(11) NOT NULL default '0', + comment_approved varchar(20) NOT NULL default '1', + comment_agent varchar(255) NOT NULL default '', + comment_type varchar(20) NOT NULL default 'comment', + comment_parent bigint(20) unsigned NOT NULL default '0', + user_id bigint(20) unsigned NOT NULL default '0', + PRIMARY KEY (comment_ID), + KEY comment_post_ID (comment_post_ID), + KEY comment_approved_date_gmt (comment_approved,comment_date_gmt), + KEY comment_date_gmt (comment_date_gmt), + KEY comment_parent (comment_parent), + KEY comment_author_email (comment_author_email(10)) +) $charset_collate; +CREATE TABLE $wpdb->links ( + link_id bigint(20) unsigned NOT NULL auto_increment, + link_url varchar(255) NOT NULL default '', + link_name varchar(255) NOT NULL default '', + link_image varchar(255) NOT NULL default '', + link_target varchar(25) NOT NULL default '', + link_description varchar(255) NOT NULL default '', + link_visible varchar(20) NOT NULL default 'Y', + link_owner bigint(20) unsigned NOT NULL default '1', + link_rating int(11) NOT NULL default '0', + link_updated datetime NOT NULL default '0000-00-00 00:00:00', + link_rel varchar(255) NOT NULL default '', + link_notes mediumtext NOT NULL, + link_rss varchar(255) NOT NULL default '', + PRIMARY KEY (link_id), + KEY link_visible (link_visible) +) $charset_collate; +CREATE TABLE $wpdb->options ( + option_id bigint(20) unsigned NOT NULL auto_increment, + option_name varchar(191) NOT NULL default '', + option_value longtext NOT NULL, + autoload varchar(20) NOT NULL default 'yes', + PRIMARY KEY (option_id), + UNIQUE KEY option_name (option_name), + KEY autoload (autoload) +) $charset_collate; +CREATE TABLE $wpdb->postmeta ( + meta_id bigint(20) unsigned NOT NULL auto_increment, + post_id bigint(20) unsigned NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (meta_id), + KEY post_id (post_id), + KEY meta_key (meta_key($max_index_length)) +) $charset_collate; +CREATE TABLE $wpdb->posts ( + ID bigint(20) unsigned NOT NULL auto_increment, + post_author bigint(20) unsigned NOT NULL default '0', + post_date datetime NOT NULL default '0000-00-00 00:00:00', + post_date_gmt datetime NOT NULL default '0000-00-00 00:00:00', + post_content longtext NOT NULL, + post_title text NOT NULL, + post_excerpt text NOT NULL, + post_status varchar(20) NOT NULL default 'publish', + comment_status varchar(20) NOT NULL default 'open', + ping_status varchar(20) NOT NULL default 'open', + post_password varchar(255) NOT NULL default '', + post_name varchar(200) NOT NULL default '', + to_ping text NOT NULL, + pinged text NOT NULL, + post_modified datetime NOT NULL default '0000-00-00 00:00:00', + post_modified_gmt datetime NOT NULL default '0000-00-00 00:00:00', + post_content_filtered longtext NOT NULL, + post_parent bigint(20) unsigned NOT NULL default '0', + guid varchar(255) NOT NULL default '', + menu_order int(11) NOT NULL default '0', + post_type varchar(20) NOT NULL default 'post', + post_mime_type varchar(100) NOT NULL default '', + comment_count bigint(20) NOT NULL default '0', + PRIMARY KEY (ID), + KEY post_name (post_name($max_index_length)), + KEY type_status_date (post_type,post_status,post_date,ID), + KEY post_parent (post_parent), + KEY post_author (post_author) +) $charset_collate;\n"; + + // Single site users table. The multisite flavor of the users table is handled below. + $users_single_table = "CREATE TABLE $wpdb->users ( + ID bigint(20) unsigned NOT NULL auto_increment, + user_login varchar(60) NOT NULL default '', + user_pass varchar(255) NOT NULL default '', + user_nicename varchar(50) NOT NULL default '', + user_email varchar(100) NOT NULL default '', + user_url varchar(100) NOT NULL default '', + user_registered datetime NOT NULL default '0000-00-00 00:00:00', + user_activation_key varchar(255) NOT NULL default '', + user_status int(11) NOT NULL default '0', + display_name varchar(250) NOT NULL default '', + PRIMARY KEY (ID), + KEY user_login_key (user_login), + KEY user_nicename (user_nicename), + KEY user_email (user_email) +) $charset_collate;\n"; + + // Multisite users table. + $users_multi_table = "CREATE TABLE $wpdb->users ( + ID bigint(20) unsigned NOT NULL auto_increment, + user_login varchar(60) NOT NULL default '', + user_pass varchar(255) NOT NULL default '', + user_nicename varchar(50) NOT NULL default '', + user_email varchar(100) NOT NULL default '', + user_url varchar(100) NOT NULL default '', + user_registered datetime NOT NULL default '0000-00-00 00:00:00', + user_activation_key varchar(255) NOT NULL default '', + user_status int(11) NOT NULL default '0', + display_name varchar(250) NOT NULL default '', + spam tinyint(2) NOT NULL default '0', + deleted tinyint(2) NOT NULL default '0', + PRIMARY KEY (ID), + KEY user_login_key (user_login), + KEY user_nicename (user_nicename), + KEY user_email (user_email) +) $charset_collate;\n"; + + // Usermeta. + $usermeta_table = "CREATE TABLE $wpdb->usermeta ( + umeta_id bigint(20) unsigned NOT NULL auto_increment, + user_id bigint(20) unsigned NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (umeta_id), + KEY user_id (user_id), + KEY meta_key (meta_key($max_index_length)) +) $charset_collate;\n"; + + // Global tables. + if ( $is_multisite ) { + $global_tables = $users_multi_table . $usermeta_table; + } else { + $global_tables = $users_single_table . $usermeta_table; + } + + // Multisite global tables. + $ms_global_tables = "CREATE TABLE $wpdb->blogs ( + blog_id bigint(20) NOT NULL auto_increment, + site_id bigint(20) NOT NULL default '0', + domain varchar(200) NOT NULL default '', + path varchar(100) NOT NULL default '', + registered datetime NOT NULL default '0000-00-00 00:00:00', + last_updated datetime NOT NULL default '0000-00-00 00:00:00', + public tinyint(2) NOT NULL default '1', + archived tinyint(2) NOT NULL default '0', + mature tinyint(2) NOT NULL default '0', + spam tinyint(2) NOT NULL default '0', + deleted tinyint(2) NOT NULL default '0', + lang_id int(11) NOT NULL default '0', + PRIMARY KEY (blog_id), + KEY domain (domain(50),path(5)), + KEY lang_id (lang_id) +) $charset_collate; +CREATE TABLE $wpdb->blogmeta ( + meta_id bigint(20) unsigned NOT NULL auto_increment, + blog_id bigint(20) NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (meta_id), + KEY meta_key (meta_key($max_index_length)), + KEY blog_id (blog_id) +) $charset_collate; +CREATE TABLE $wpdb->registration_log ( + ID bigint(20) NOT NULL auto_increment, + email varchar(255) NOT NULL default '', + IP varchar(30) NOT NULL default '', + blog_id bigint(20) NOT NULL default '0', + date_registered datetime NOT NULL default '0000-00-00 00:00:00', + PRIMARY KEY (ID), + KEY IP (IP) +) $charset_collate; +CREATE TABLE $wpdb->site ( + id bigint(20) NOT NULL auto_increment, + domain varchar(200) NOT NULL default '', + path varchar(100) NOT NULL default '', + PRIMARY KEY (id), + KEY domain (domain(140),path(51)) +) $charset_collate; +CREATE TABLE $wpdb->sitemeta ( + meta_id bigint(20) NOT NULL auto_increment, + site_id bigint(20) NOT NULL default '0', + meta_key varchar(255) default NULL, + meta_value longtext, + PRIMARY KEY (meta_id), + KEY meta_key (meta_key($max_index_length)), + KEY site_id (site_id) +) $charset_collate; +CREATE TABLE $wpdb->signups ( + signup_id bigint(20) NOT NULL auto_increment, + domain varchar(200) NOT NULL default '', + path varchar(100) NOT NULL default '', + title longtext NOT NULL, + user_login varchar(60) NOT NULL default '', + user_email varchar(100) NOT NULL default '', + registered datetime NOT NULL default '0000-00-00 00:00:00', + activated datetime NOT NULL default '0000-00-00 00:00:00', + active tinyint(1) NOT NULL default '0', + activation_key varchar(50) NOT NULL default '', + meta longtext, + PRIMARY KEY (signup_id), + KEY activation_key (activation_key), + KEY user_email (user_email), + KEY user_login_email (user_login,user_email), + KEY domain_path (domain(140),path(51)) +) $charset_collate;"; + + switch ( $scope ) { + case 'blog': + $queries = $blog_tables; + break; + case 'global': + $queries = $global_tables; + if ( $is_multisite ) { + $queries .= $ms_global_tables; + } + break; + case 'ms_global': + $queries = $ms_global_tables; + break; + case 'all': + default: + $queries = $global_tables . $blog_tables; + if ( $is_multisite ) { + $queries .= $ms_global_tables; + } + break; + } + + if ( isset( $old_blog_id ) ) { + $wpdb->set_blog_id( $old_blog_id ); + } + + return $queries; +} + +// Populate for back compat. +$wp_queries = wp_get_db_schema( 'all' ); + +/** + * Create WordPress options and set the default values. + * + * @since 1.5.0 + * @since 5.1.0 The $options parameter has been added. + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global int $wp_db_version WordPress database version. + * @global int $wp_current_db_version The old (current) database version. + * + * @param array $options Optional. Custom option $key => $value pairs to use. Default empty array. + */ +function populate_options( array $options = array() ) { + global $wpdb, $wp_db_version, $wp_current_db_version; + + $guessurl = wp_guess_url(); + /** + * Fires before creating WordPress options and populating their default values. + * + * @since 2.6.0 + */ + do_action( 'populate_options' ); + + // If WP_DEFAULT_THEME doesn't exist, fall back to the latest core default theme. + $stylesheet = WP_DEFAULT_THEME; + $template = WP_DEFAULT_THEME; + $theme = wp_get_theme( WP_DEFAULT_THEME ); + if ( ! $theme->exists() ) { + $theme = WP_Theme::get_core_default_theme(); + } + + // If we can't find a core default theme, WP_DEFAULT_THEME is the best we can do. + if ( $theme ) { + $stylesheet = $theme->get_stylesheet(); + $template = $theme->get_template(); + } + + $timezone_string = ''; + $gmt_offset = 0; + /* + * translators: default GMT offset or timezone string. Must be either a valid offset (-12 to 14) + * or a valid timezone string (America/New_York). See https://www.php.net/manual/en/timezones.php + * for all timezone strings currently supported by PHP. + * + * Important: When a previous timezone string, like `Europe/Kiev`, has been superseded by an + * updated one, like `Europe/Kyiv`, as a rule of thumb, the **old** timezone name should be used + * in the "translation" to allow for the default timezone setting to be PHP cross-version compatible, + * as old timezone names will be recognized in new PHP versions, while new timezone names cannot + * be recognized in old PHP versions. + * + * To verify which timezone strings are available in the _oldest_ PHP version supported, you can + * use https://3v4l.org/6YQAt#v5.6.20 and replace the "BR" (Brazil) in the code line with the + * country code for which you want to look up the supported timezone names. + */ + $offset_or_tz = _x( '0', 'default GMT offset or timezone string' ); + if ( is_numeric( $offset_or_tz ) ) { + $gmt_offset = $offset_or_tz; + } elseif ( $offset_or_tz && in_array( $offset_or_tz, timezone_identifiers_list( DateTimeZone::ALL_WITH_BC ), true ) ) { + $timezone_string = $offset_or_tz; + } + + $defaults = array( + 'siteurl' => $guessurl, + 'home' => $guessurl, + 'blogname' => __( 'My Site' ), + 'blogdescription' => '', + 'users_can_register' => 0, + 'admin_email' => 'you@example.com', + /* translators: Default start of the week. 0 = Sunday, 1 = Monday. */ + 'start_of_week' => _x( '1', 'start of week' ), + 'use_balanceTags' => 0, + 'use_smilies' => 1, + 'require_name_email' => 1, + 'comments_notify' => 1, + 'posts_per_rss' => 10, + 'rss_use_excerpt' => 0, + 'mailserver_url' => 'mail.example.com', + 'mailserver_login' => 'login@example.com', + 'mailserver_pass' => 'password', + 'mailserver_port' => 110, + 'default_category' => 1, + 'default_comment_status' => 'open', + 'default_ping_status' => 'open', + 'default_pingback_flag' => 1, + 'posts_per_page' => 10, + /* translators: Default date format, see https://www.php.net/manual/datetime.format.php */ + 'date_format' => __( 'F j, Y' ), + /* translators: Default time format, see https://www.php.net/manual/datetime.format.php */ + 'time_format' => __( 'g:i a' ), + /* translators: Links last updated date format, see https://www.php.net/manual/datetime.format.php */ + 'links_updated_date_format' => __( 'F j, Y g:i a' ), + 'comment_moderation' => 0, + 'moderation_notify' => 1, + 'permalink_structure' => '', + 'rewrite_rules' => '', + 'hack_file' => 0, + 'blog_charset' => 'UTF-8', + 'moderation_keys' => '', + 'active_plugins' => array(), + 'category_base' => '', + 'ping_sites' => 'http://rpc.pingomatic.com/', + 'comment_max_links' => 2, + 'gmt_offset' => $gmt_offset, + + // 1.5.0 + 'default_email_category' => 1, + 'recently_edited' => '', + 'template' => $template, + 'stylesheet' => $stylesheet, + 'comment_registration' => 0, + 'html_type' => 'text/html', + + // 1.5.1 + 'use_trackback' => 0, + + // 2.0.0 + 'default_role' => 'subscriber', + 'db_version' => $wp_db_version, + + // 2.0.1 + 'uploads_use_yearmonth_folders' => 1, + 'upload_path' => '', + + // 2.1.0 + 'blog_public' => '1', + 'default_link_category' => 2, + 'show_on_front' => 'posts', + + // 2.2.0 + 'tag_base' => '', + + // 2.5.0 + 'show_avatars' => '1', + 'avatar_rating' => 'G', + 'upload_url_path' => '', + 'thumbnail_size_w' => 150, + 'thumbnail_size_h' => 150, + 'thumbnail_crop' => 1, + 'medium_size_w' => 300, + 'medium_size_h' => 300, + + // 2.6.0 + 'avatar_default' => 'mystery', + + // 2.7.0 + 'large_size_w' => 1024, + 'large_size_h' => 1024, + 'image_default_link_type' => 'none', + 'image_default_size' => '', + 'image_default_align' => '', + 'close_comments_for_old_posts' => 0, + 'close_comments_days_old' => 14, + 'thread_comments' => 1, + 'thread_comments_depth' => 5, + 'page_comments' => 0, + 'comments_per_page' => 50, + 'default_comments_page' => 'newest', + 'comment_order' => 'asc', + 'sticky_posts' => array(), + 'widget_categories' => array(), + 'widget_text' => array(), + 'widget_rss' => array(), + 'uninstall_plugins' => array(), + + // 2.8.0 + 'timezone_string' => $timezone_string, + + // 3.0.0 + 'page_for_posts' => 0, + 'page_on_front' => 0, + + // 3.1.0 + 'default_post_format' => 0, + + // 3.5.0 + 'link_manager_enabled' => 0, + + // 4.3.0 + 'finished_splitting_shared_terms' => 1, + 'site_icon' => 0, + + // 4.4.0 + 'medium_large_size_w' => 768, + 'medium_large_size_h' => 0, + + // 4.9.6 + 'wp_page_for_privacy_policy' => 0, + + // 4.9.8 + 'show_comments_cookies_opt_in' => 1, + + // 5.3.0 + 'admin_email_lifespan' => ( time() + 6 * MONTH_IN_SECONDS ), + + // 5.5.0 + 'disallowed_keys' => '', + 'comment_previously_approved' => 1, + 'auto_plugin_theme_update_emails' => array(), + + // 5.6.0 + 'auto_update_core_dev' => 'enabled', + 'auto_update_core_minor' => 'enabled', + /* + * Default to enabled for new installs. + * See https://core.trac.wordpress.org/ticket/51742. + */ + 'auto_update_core_major' => 'enabled', + + // 5.8.0 + 'wp_force_deactivated_plugins' => array(), + + // 6.4.0 + 'wp_attachment_pages_enabled' => 0, + ); + + // 3.3.0 + if ( ! is_multisite() ) { + $defaults['initial_db_version'] = ! empty( $wp_current_db_version ) && $wp_current_db_version < $wp_db_version + ? $wp_current_db_version : $wp_db_version; + } + + // 3.0.0 multisite. + if ( is_multisite() ) { + $defaults['permalink_structure'] = '/%year%/%monthnum%/%day%/%postname%/'; + } + + $options = wp_parse_args( $options, $defaults ); + + // Set autoload to no for these options. + $fat_options = array( + 'moderation_keys', + 'recently_edited', + 'disallowed_keys', + 'uninstall_plugins', + 'auto_plugin_theme_update_emails', + ); + + $keys = "'" . implode( "', '", array_keys( $options ) ) . "'"; + $existing_options = $wpdb->get_col( "SELECT option_name FROM $wpdb->options WHERE option_name in ( $keys )" ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + + $insert = ''; + + foreach ( $options as $option => $value ) { + if ( in_array( $option, $existing_options, true ) ) { + continue; + } + + if ( in_array( $option, $fat_options, true ) ) { + $autoload = 'no'; + } else { + $autoload = 'yes'; + } + + if ( ! empty( $insert ) ) { + $insert .= ', '; + } + + $value = maybe_serialize( sanitize_option( $option, $value ) ); + + $insert .= $wpdb->prepare( '(%s, %s, %s)', $option, $value, $autoload ); + } + + if ( ! empty( $insert ) ) { + $wpdb->query( "INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES " . $insert ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + } + + // In case it is set, but blank, update "home". + if ( ! __get_option( 'home' ) ) { + update_option( 'home', $guessurl ); + } + + // Delete unused options. + $unusedoptions = array( + 'blodotgsping_url', + 'bodyterminator', + 'emailtestonly', + 'phoneemail_separator', + 'smilies_directory', + 'subjectprefix', + 'use_bbcode', + 'use_blodotgsping', + 'use_phoneemail', + 'use_quicktags', + 'use_weblogsping', + 'weblogs_cache_file', + 'use_preview', + 'use_htmltrans', + 'smilies_directory', + 'fileupload_allowedusers', + 'use_phoneemail', + 'default_post_status', + 'default_post_category', + 'archive_mode', + 'time_difference', + 'links_minadminlevel', + 'links_use_adminlevels', + 'links_rating_type', + 'links_rating_char', + 'links_rating_ignore_zero', + 'links_rating_single_image', + 'links_rating_image0', + 'links_rating_image1', + 'links_rating_image2', + 'links_rating_image3', + 'links_rating_image4', + 'links_rating_image5', + 'links_rating_image6', + 'links_rating_image7', + 'links_rating_image8', + 'links_rating_image9', + 'links_recently_updated_time', + 'links_recently_updated_prepend', + 'links_recently_updated_append', + 'weblogs_cacheminutes', + 'comment_allowed_tags', + 'search_engine_friendly_urls', + 'default_geourl_lat', + 'default_geourl_lon', + 'use_default_geourl', + 'weblogs_xml_url', + 'new_users_can_blog', + '_wpnonce', + '_wp_http_referer', + 'Update', + 'action', + 'rich_editing', + 'autosave_interval', + 'deactivated_plugins', + 'can_compress_scripts', + 'page_uris', + 'update_core', + 'update_plugins', + 'update_themes', + 'doing_cron', + 'random_seed', + 'rss_excerpt_length', + 'secret', + 'use_linksupdate', + 'default_comment_status_page', + 'wporg_popular_tags', + 'what_to_show', + 'rss_language', + 'language', + 'enable_xmlrpc', + 'enable_app', + 'embed_autourls', + 'default_post_edit_rows', + 'gzipcompression', + 'advanced_edit', + ); + foreach ( $unusedoptions as $option ) { + delete_option( $option ); + } + + // Delete obsolete magpie stuff. + $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name REGEXP '^rss_[0-9a-f]{32}(_ts)?$'" ); + + // Clear expired transients. + delete_expired_transients( true ); +} + +/** + * Execute WordPress role creation for the various WordPress versions. + * + * @since 2.0.0 + */ +function populate_roles() { + populate_roles_160(); + populate_roles_210(); + populate_roles_230(); + populate_roles_250(); + populate_roles_260(); + populate_roles_270(); + populate_roles_280(); + populate_roles_300(); +} + +/** + * Create the roles for WordPress 2.0 + * + * @since 2.0.0 + */ +function populate_roles_160() { + // Add roles. + add_role( 'administrator', 'Administrator' ); + add_role( 'editor', 'Editor' ); + add_role( 'author', 'Author' ); + add_role( 'contributor', 'Contributor' ); + add_role( 'subscriber', 'Subscriber' ); + + // Add caps for Administrator role. + $role = get_role( 'administrator' ); + $role->add_cap( 'switch_themes' ); + $role->add_cap( 'edit_themes' ); + $role->add_cap( 'activate_plugins' ); + $role->add_cap( 'edit_plugins' ); + $role->add_cap( 'edit_users' ); + $role->add_cap( 'edit_files' ); + $role->add_cap( 'manage_options' ); + $role->add_cap( 'moderate_comments' ); + $role->add_cap( 'manage_categories' ); + $role->add_cap( 'manage_links' ); + $role->add_cap( 'upload_files' ); + $role->add_cap( 'import' ); + $role->add_cap( 'unfiltered_html' ); + $role->add_cap( 'edit_posts' ); + $role->add_cap( 'edit_others_posts' ); + $role->add_cap( 'edit_published_posts' ); + $role->add_cap( 'publish_posts' ); + $role->add_cap( 'edit_pages' ); + $role->add_cap( 'read' ); + $role->add_cap( 'level_10' ); + $role->add_cap( 'level_9' ); + $role->add_cap( 'level_8' ); + $role->add_cap( 'level_7' ); + $role->add_cap( 'level_6' ); + $role->add_cap( 'level_5' ); + $role->add_cap( 'level_4' ); + $role->add_cap( 'level_3' ); + $role->add_cap( 'level_2' ); + $role->add_cap( 'level_1' ); + $role->add_cap( 'level_0' ); + + // Add caps for Editor role. + $role = get_role( 'editor' ); + $role->add_cap( 'moderate_comments' ); + $role->add_cap( 'manage_categories' ); + $role->add_cap( 'manage_links' ); + $role->add_cap( 'upload_files' ); + $role->add_cap( 'unfiltered_html' ); + $role->add_cap( 'edit_posts' ); + $role->add_cap( 'edit_others_posts' ); + $role->add_cap( 'edit_published_posts' ); + $role->add_cap( 'publish_posts' ); + $role->add_cap( 'edit_pages' ); + $role->add_cap( 'read' ); + $role->add_cap( 'level_7' ); + $role->add_cap( 'level_6' ); + $role->add_cap( 'level_5' ); + $role->add_cap( 'level_4' ); + $role->add_cap( 'level_3' ); + $role->add_cap( 'level_2' ); + $role->add_cap( 'level_1' ); + $role->add_cap( 'level_0' ); + + // Add caps for Author role. + $role = get_role( 'author' ); + $role->add_cap( 'upload_files' ); + $role->add_cap( 'edit_posts' ); + $role->add_cap( 'edit_published_posts' ); + $role->add_cap( 'publish_posts' ); + $role->add_cap( 'read' ); + $role->add_cap( 'level_2' ); + $role->add_cap( 'level_1' ); + $role->add_cap( 'level_0' ); + + // Add caps for Contributor role. + $role = get_role( 'contributor' ); + $role->add_cap( 'edit_posts' ); + $role->add_cap( 'read' ); + $role->add_cap( 'level_1' ); + $role->add_cap( 'level_0' ); + + // Add caps for Subscriber role. + $role = get_role( 'subscriber' ); + $role->add_cap( 'read' ); + $role->add_cap( 'level_0' ); +} + +/** + * Create and modify WordPress roles for WordPress 2.1. + * + * @since 2.1.0 + */ +function populate_roles_210() { + $roles = array( 'administrator', 'editor' ); + foreach ( $roles as $role ) { + $role = get_role( $role ); + if ( empty( $role ) ) { + continue; + } + + $role->add_cap( 'edit_others_pages' ); + $role->add_cap( 'edit_published_pages' ); + $role->add_cap( 'publish_pages' ); + $role->add_cap( 'delete_pages' ); + $role->add_cap( 'delete_others_pages' ); + $role->add_cap( 'delete_published_pages' ); + $role->add_cap( 'delete_posts' ); + $role->add_cap( 'delete_others_posts' ); + $role->add_cap( 'delete_published_posts' ); + $role->add_cap( 'delete_private_posts' ); + $role->add_cap( 'edit_private_posts' ); + $role->add_cap( 'read_private_posts' ); + $role->add_cap( 'delete_private_pages' ); + $role->add_cap( 'edit_private_pages' ); + $role->add_cap( 'read_private_pages' ); + } + + $role = get_role( 'administrator' ); + if ( ! empty( $role ) ) { + $role->add_cap( 'delete_users' ); + $role->add_cap( 'create_users' ); + } + + $role = get_role( 'author' ); + if ( ! empty( $role ) ) { + $role->add_cap( 'delete_posts' ); + $role->add_cap( 'delete_published_posts' ); + } + + $role = get_role( 'contributor' ); + if ( ! empty( $role ) ) { + $role->add_cap( 'delete_posts' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 2.3. + * + * @since 2.3.0 + */ +function populate_roles_230() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'unfiltered_upload' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 2.5. + * + * @since 2.5.0 + */ +function populate_roles_250() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'edit_dashboard' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 2.6. + * + * @since 2.6.0 + */ +function populate_roles_260() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'update_plugins' ); + $role->add_cap( 'delete_plugins' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 2.7. + * + * @since 2.7.0 + */ +function populate_roles_270() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'install_plugins' ); + $role->add_cap( 'update_themes' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 2.8. + * + * @since 2.8.0 + */ +function populate_roles_280() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'install_themes' ); + } +} + +/** + * Create and modify WordPress roles for WordPress 3.0. + * + * @since 3.0.0 + */ +function populate_roles_300() { + $role = get_role( 'administrator' ); + + if ( ! empty( $role ) ) { + $role->add_cap( 'update_core' ); + $role->add_cap( 'list_users' ); + $role->add_cap( 'remove_users' ); + $role->add_cap( 'promote_users' ); + $role->add_cap( 'edit_theme_options' ); + $role->add_cap( 'delete_themes' ); + $role->add_cap( 'export' ); + } +} + +if ( ! function_exists( 'install_network' ) ) : + /** + * Install Network. + * + * @since 3.0.0 + */ + function install_network() { + if ( ! defined( 'WP_INSTALLING_NETWORK' ) ) { + define( 'WP_INSTALLING_NETWORK', true ); + } + + dbDelta( wp_get_db_schema( 'global' ) ); + } +endif; + +/** + * Populate network settings. + * + * @since 3.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global object $current_site + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * + * @param int $network_id ID of network to populate. + * @param string $domain The domain name for the network. Example: "example.com". + * @param string $email Email address for the network administrator. + * @param string $site_name The name of the network. + * @param string $path Optional. The path to append to the network's domain name. Default '/'. + * @param bool $subdomain_install Optional. Whether the network is a subdomain installation or a subdirectory installation. + * Default false, meaning the network is a subdirectory installation. + * @return true|WP_Error True on success, or WP_Error on warning (with the installation otherwise successful, + * so the error code must be checked) or failure. + */ +function populate_network( $network_id = 1, $domain = '', $email = '', $site_name = '', $path = '/', $subdomain_install = false ) { + global $wpdb, $current_site, $wp_rewrite; + + $network_id = (int) $network_id; + + $errors = new WP_Error(); + if ( '' === $domain ) { + $errors->add( 'empty_domain', __( 'You must provide a domain name.' ) ); + } + if ( '' === $site_name ) { + $errors->add( 'empty_sitename', __( 'You must provide a name for your network of sites.' ) ); + } + + // Check for network collision. + $network_exists = false; + if ( is_multisite() ) { + if ( get_network( $network_id ) ) { + $errors->add( 'siteid_exists', __( 'The network already exists.' ) ); + } + } else { + if ( $network_id === (int) $wpdb->get_var( + $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE id = %d", $network_id ) + ) ) { + $errors->add( 'siteid_exists', __( 'The network already exists.' ) ); + } + } + + if ( ! is_email( $email ) ) { + $errors->add( 'invalid_email', __( 'You must provide a valid email address.' ) ); + } + + if ( $errors->has_errors() ) { + return $errors; + } + + if ( 1 === $network_id ) { + $wpdb->insert( + $wpdb->site, + array( + 'domain' => $domain, + 'path' => $path, + ) + ); + $network_id = $wpdb->insert_id; + } else { + $wpdb->insert( + $wpdb->site, + array( + 'domain' => $domain, + 'path' => $path, + 'id' => $network_id, + ) + ); + } + + populate_network_meta( + $network_id, + array( + 'admin_email' => $email, + 'site_name' => $site_name, + 'subdomain_install' => $subdomain_install, + ) + ); + + /* + * When upgrading from single to multisite, assume the current site will + * become the main site of the network. When using populate_network() + * to create another network in an existing multisite environment, skip + * these steps since the main site of the new network has not yet been + * created. + */ + if ( ! is_multisite() ) { + $current_site = new stdClass(); + $current_site->domain = $domain; + $current_site->path = $path; + $current_site->site_name = ucfirst( $domain ); + $wpdb->insert( + $wpdb->blogs, + array( + 'site_id' => $network_id, + 'blog_id' => 1, + 'domain' => $domain, + 'path' => $path, + 'registered' => current_time( 'mysql' ), + ) + ); + $current_site->blog_id = $wpdb->insert_id; + + $site_user_id = (int) $wpdb->get_var( + $wpdb->prepare( + "SELECT meta_value + FROM $wpdb->sitemeta + WHERE meta_key = %s AND site_id = %d", + 'admin_user_id', + $network_id + ) + ); + + update_user_meta( $site_user_id, 'source_domain', $domain ); + update_user_meta( $site_user_id, 'primary_blog', $current_site->blog_id ); + + // Unable to use update_network_option() while populating the network. + $wpdb->insert( + $wpdb->sitemeta, + array( + 'site_id' => $network_id, + 'meta_key' => 'main_site', + 'meta_value' => $current_site->blog_id, + ) + ); + + if ( $subdomain_install ) { + $wp_rewrite->set_permalink_structure( '/%year%/%monthnum%/%day%/%postname%/' ); + } else { + $wp_rewrite->set_permalink_structure( '/blog/%year%/%monthnum%/%day%/%postname%/' ); + } + + flush_rewrite_rules(); + + if ( ! $subdomain_install ) { + return true; + } + + $vhost_ok = false; + $errstr = ''; + $hostname = substr( md5( time() ), 0, 6 ) . '.' . $domain; // Very random hostname! + $page = wp_remote_get( + 'http://' . $hostname, + array( + 'timeout' => 5, + 'httpversion' => '1.1', + ) + ); + if ( is_wp_error( $page ) ) { + $errstr = $page->get_error_message(); + } elseif ( 200 === wp_remote_retrieve_response_code( $page ) ) { + $vhost_ok = true; + } + + if ( ! $vhost_ok ) { + $msg = '<p><strong>' . __( 'Warning! Wildcard DNS may not be configured correctly!' ) . '</strong></p>'; + + $msg .= '<p>' . sprintf( + /* translators: %s: Host name. */ + __( 'The installer attempted to contact a random hostname (%s) on your domain.' ), + '<code>' . $hostname . '</code>' + ); + if ( ! empty( $errstr ) ) { + /* translators: %s: Error message. */ + $msg .= ' ' . sprintf( __( 'This resulted in an error message: %s' ), '<code>' . $errstr . '</code>' ); + } + $msg .= '</p>'; + + $msg .= '<p>' . sprintf( + /* translators: %s: Asterisk symbol (*). */ + __( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a %s hostname record pointing at your web server in your DNS configuration tool.' ), + '<code>*</code>' + ) . '</p>'; + + $msg .= '<p>' . __( 'You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.' ) . '</p>'; + + return new WP_Error( 'no_wildcard_dns', $msg ); + } + } + + return true; +} + +/** + * Creates WordPress network meta and sets the default values. + * + * @since 5.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global int $wp_db_version WordPress database version. + * + * @param int $network_id Network ID to populate meta for. + * @param array $meta Optional. Custom meta $key => $value pairs to use. Default empty array. + */ +function populate_network_meta( $network_id, array $meta = array() ) { + global $wpdb, $wp_db_version; + + $network_id = (int) $network_id; + + $email = ! empty( $meta['admin_email'] ) ? $meta['admin_email'] : ''; + $subdomain_install = isset( $meta['subdomain_install'] ) ? (int) $meta['subdomain_install'] : 0; + + // If a user with the provided email does not exist, default to the current user as the new network admin. + $site_user = ! empty( $email ) ? get_user_by( 'email', $email ) : false; + if ( false === $site_user ) { + $site_user = wp_get_current_user(); + } + + if ( empty( $email ) ) { + $email = $site_user->user_email; + } + + $template = get_option( 'template' ); + $stylesheet = get_option( 'stylesheet' ); + $allowed_themes = array( $stylesheet => true ); + + if ( $template !== $stylesheet ) { + $allowed_themes[ $template ] = true; + } + + if ( WP_DEFAULT_THEME !== $stylesheet && WP_DEFAULT_THEME !== $template ) { + $allowed_themes[ WP_DEFAULT_THEME ] = true; + } + + // If WP_DEFAULT_THEME doesn't exist, also include the latest core default theme. + if ( ! wp_get_theme( WP_DEFAULT_THEME )->exists() ) { + $core_default = WP_Theme::get_core_default_theme(); + if ( $core_default ) { + $allowed_themes[ $core_default->get_stylesheet() ] = true; + } + } + + if ( function_exists( 'clean_network_cache' ) ) { + clean_network_cache( $network_id ); + } else { + wp_cache_delete( $network_id, 'networks' ); + } + + if ( ! is_multisite() ) { + $site_admins = array( $site_user->user_login ); + $users = get_users( + array( + 'fields' => array( 'user_login' ), + 'role' => 'administrator', + ) + ); + if ( $users ) { + foreach ( $users as $user ) { + $site_admins[] = $user->user_login; + } + + $site_admins = array_unique( $site_admins ); + } + } else { + $site_admins = get_site_option( 'site_admins' ); + } + + /* translators: Do not translate USERNAME, SITE_NAME, BLOG_URL, PASSWORD: those are placeholders. */ + $welcome_email = __( + 'Howdy USERNAME, + +Your new SITE_NAME site has been successfully set up at: +BLOG_URL + +You can log in to the administrator account with the following information: + +Username: USERNAME +Password: PASSWORD +Log in here: BLOG_URLwp-login.php + +We hope you enjoy your new site. Thanks! + +--The Team @ SITE_NAME' + ); + + $misc_exts = array( + // Images. + 'jpg', + 'jpeg', + 'png', + 'gif', + 'webp', + // Video. + 'mov', + 'avi', + 'mpg', + '3gp', + '3g2', + // "audio". + 'midi', + 'mid', + // Miscellaneous. + 'pdf', + 'doc', + 'ppt', + 'odt', + 'pptx', + 'docx', + 'pps', + 'ppsx', + 'xls', + 'xlsx', + 'key', + ); + $audio_exts = wp_get_audio_extensions(); + $video_exts = wp_get_video_extensions(); + $upload_filetypes = array_unique( array_merge( $misc_exts, $audio_exts, $video_exts ) ); + + $sitemeta = array( + 'site_name' => __( 'My Network' ), + 'admin_email' => $email, + 'admin_user_id' => $site_user->ID, + 'registration' => 'none', + 'upload_filetypes' => implode( ' ', $upload_filetypes ), + 'blog_upload_space' => 100, + 'fileupload_maxk' => 1500, + 'site_admins' => $site_admins, + 'allowedthemes' => $allowed_themes, + 'illegal_names' => array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', 'files' ), + 'wpmu_upgrade_site' => $wp_db_version, + 'welcome_email' => $welcome_email, + /* translators: %s: Site link. */ + 'first_post' => __( 'Welcome to %s. This is your first post. Edit or delete it, then start writing!' ), + // @todo - Network admins should have a method of editing the network siteurl (used for cookie hash). + 'siteurl' => get_option( 'siteurl' ) . '/', + 'add_new_users' => '0', + 'upload_space_check_disabled' => is_multisite() ? get_site_option( 'upload_space_check_disabled' ) : '1', + 'subdomain_install' => $subdomain_install, + 'ms_files_rewriting' => is_multisite() ? get_site_option( 'ms_files_rewriting' ) : '0', + 'user_count' => get_site_option( 'user_count' ), + 'initial_db_version' => get_option( 'initial_db_version' ), + 'active_sitewide_plugins' => array(), + 'WPLANG' => get_locale(), + ); + if ( ! $subdomain_install ) { + $sitemeta['illegal_names'][] = 'blog'; + } + + $sitemeta = wp_parse_args( $meta, $sitemeta ); + + /** + * Filters meta for a network on creation. + * + * @since 3.7.0 + * + * @param array $sitemeta Associative array of network meta keys and values to be inserted. + * @param int $network_id ID of network to populate. + */ + $sitemeta = apply_filters( 'populate_network_meta', $sitemeta, $network_id ); + + $insert = ''; + foreach ( $sitemeta as $meta_key => $meta_value ) { + if ( is_array( $meta_value ) ) { + $meta_value = serialize( $meta_value ); + } + if ( ! empty( $insert ) ) { + $insert .= ', '; + } + $insert .= $wpdb->prepare( '( %d, %s, %s)', $network_id, $meta_key, $meta_value ); + } + $wpdb->query( "INSERT INTO $wpdb->sitemeta ( site_id, meta_key, meta_value ) VALUES " . $insert ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared +} + +/** + * Creates WordPress site meta and sets the default values. + * + * @since 5.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $site_id Site ID to populate meta for. + * @param array $meta Optional. Custom meta $key => $value pairs to use. Default empty array. + */ +function populate_site_meta( $site_id, array $meta = array() ) { + global $wpdb; + + $site_id = (int) $site_id; + + if ( ! is_site_meta_supported() ) { + return; + } + + if ( empty( $meta ) ) { + return; + } + + /** + * Filters meta for a site on creation. + * + * @since 5.2.0 + * + * @param array $meta Associative array of site meta keys and values to be inserted. + * @param int $site_id ID of site to populate. + */ + $site_meta = apply_filters( 'populate_site_meta', $meta, $site_id ); + + $insert = ''; + foreach ( $site_meta as $meta_key => $meta_value ) { + if ( is_array( $meta_value ) ) { + $meta_value = serialize( $meta_value ); + } + if ( ! empty( $insert ) ) { + $insert .= ', '; + } + $insert .= $wpdb->prepare( '( %d, %s, %s)', $site_id, $meta_key, $meta_value ); + } + + $wpdb->query( "INSERT INTO $wpdb->blogmeta ( blog_id, meta_key, meta_value ) VALUES " . $insert ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + + wp_cache_delete( $site_id, 'blog_meta' ); + wp_cache_set_sites_last_changed(); +} diff --git a/wp-admin/includes/screen.php b/wp-admin/includes/screen.php new file mode 100644 index 0000000..bf5aefc --- /dev/null +++ b/wp-admin/includes/screen.php @@ -0,0 +1,244 @@ +<?php +/** + * WordPress Administration Screen API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Get the column headers for a screen + * + * @since 2.7.0 + * + * @param string|WP_Screen $screen The screen you want the headers for + * @return string[] The column header labels keyed by column ID. + */ +function get_column_headers( $screen ) { + static $column_headers = array(); + + if ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + if ( ! isset( $column_headers[ $screen->id ] ) ) { + /** + * Filters the column headers for a list table on a specific screen. + * + * The dynamic portion of the hook name, `$screen->id`, refers to the + * ID of a specific screen. For example, the screen ID for the Posts + * list table is edit-post, so the filter for that screen would be + * manage_edit-post_columns. + * + * @since 3.0.0 + * + * @param string[] $columns The column header labels keyed by column ID. + */ + $column_headers[ $screen->id ] = apply_filters( "manage_{$screen->id}_columns", array() ); + } + + return $column_headers[ $screen->id ]; +} + +/** + * Get a list of hidden columns. + * + * @since 2.7.0 + * + * @param string|WP_Screen $screen The screen you want the hidden columns for + * @return string[] Array of IDs of hidden columns. + */ +function get_hidden_columns( $screen ) { + if ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + $hidden = get_user_option( 'manage' . $screen->id . 'columnshidden' ); + + $use_defaults = ! is_array( $hidden ); + + if ( $use_defaults ) { + $hidden = array(); + + /** + * Filters the default list of hidden columns. + * + * @since 4.4.0 + * + * @param string[] $hidden Array of IDs of columns hidden by default. + * @param WP_Screen $screen WP_Screen object of the current screen. + */ + $hidden = apply_filters( 'default_hidden_columns', $hidden, $screen ); + } + + /** + * Filters the list of hidden columns. + * + * @since 4.4.0 + * @since 4.4.1 Added the `use_defaults` parameter. + * + * @param string[] $hidden Array of IDs of hidden columns. + * @param WP_Screen $screen WP_Screen object of the current screen. + * @param bool $use_defaults Whether to show the default columns. + */ + return apply_filters( 'hidden_columns', $hidden, $screen, $use_defaults ); +} + +/** + * Prints the meta box preferences for screen meta. + * + * @since 2.7.0 + * + * @global array $wp_meta_boxes + * + * @param WP_Screen $screen + */ +function meta_box_prefs( $screen ) { + global $wp_meta_boxes; + + if ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + if ( empty( $wp_meta_boxes[ $screen->id ] ) ) { + return; + } + + $hidden = get_hidden_meta_boxes( $screen ); + + foreach ( array_keys( $wp_meta_boxes[ $screen->id ] ) as $context ) { + foreach ( array( 'high', 'core', 'default', 'low' ) as $priority ) { + if ( ! isset( $wp_meta_boxes[ $screen->id ][ $context ][ $priority ] ) ) { + continue; + } + + foreach ( $wp_meta_boxes[ $screen->id ][ $context ][ $priority ] as $box ) { + if ( false === $box || ! $box['title'] ) { + continue; + } + + // Submit box cannot be hidden. + if ( 'submitdiv' === $box['id'] || 'linksubmitdiv' === $box['id'] ) { + continue; + } + + $widget_title = $box['title']; + + if ( is_array( $box['args'] ) && isset( $box['args']['__widget_basename'] ) ) { + $widget_title = $box['args']['__widget_basename']; + } + + $is_hidden = in_array( $box['id'], $hidden, true ); + + printf( + '<label for="%1$s-hide"><input class="hide-postbox-tog" name="%1$s-hide" type="checkbox" id="%1$s-hide" value="%1$s" %2$s />%3$s</label>', + esc_attr( $box['id'] ), + checked( $is_hidden, false, false ), + $widget_title + ); + } + } + } +} + +/** + * Gets an array of IDs of hidden meta boxes. + * + * @since 2.7.0 + * + * @param string|WP_Screen $screen Screen identifier + * @return string[] IDs of hidden meta boxes. + */ +function get_hidden_meta_boxes( $screen ) { + if ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + $hidden = get_user_option( "metaboxhidden_{$screen->id}" ); + + $use_defaults = ! is_array( $hidden ); + + // Hide slug boxes by default. + if ( $use_defaults ) { + $hidden = array(); + + if ( 'post' === $screen->base ) { + if ( in_array( $screen->post_type, array( 'post', 'page', 'attachment' ), true ) ) { + $hidden = array( 'slugdiv', 'trackbacksdiv', 'postcustom', 'postexcerpt', 'commentstatusdiv', 'commentsdiv', 'authordiv', 'revisionsdiv' ); + } else { + $hidden = array( 'slugdiv' ); + } + } + + /** + * Filters the default list of hidden meta boxes. + * + * @since 3.1.0 + * + * @param string[] $hidden An array of IDs of meta boxes hidden by default. + * @param WP_Screen $screen WP_Screen object of the current screen. + */ + $hidden = apply_filters( 'default_hidden_meta_boxes', $hidden, $screen ); + } + + /** + * Filters the list of hidden meta boxes. + * + * @since 3.3.0 + * + * @param string[] $hidden An array of IDs of hidden meta boxes. + * @param WP_Screen $screen WP_Screen object of the current screen. + * @param bool $use_defaults Whether to show the default meta boxes. + * Default true. + */ + return apply_filters( 'hidden_meta_boxes', $hidden, $screen, $use_defaults ); +} + +/** + * Register and configure an admin screen option + * + * @since 3.1.0 + * + * @param string $option An option name. + * @param mixed $args Option-dependent arguments. + */ +function add_screen_option( $option, $args = array() ) { + $current_screen = get_current_screen(); + + if ( ! $current_screen ) { + return; + } + + $current_screen->add_option( $option, $args ); +} + +/** + * Get the current screen object + * + * @since 3.1.0 + * + * @global WP_Screen $current_screen WordPress current screen object. + * + * @return WP_Screen|null Current screen object or null when screen not defined. + */ +function get_current_screen() { + global $current_screen; + + if ( ! isset( $current_screen ) ) { + return null; + } + + return $current_screen; +} + +/** + * Set the current screen object + * + * @since 3.0.0 + * + * @param string|WP_Screen $hook_name Optional. The hook name (also known as the hook suffix) used to determine the screen, + * or an existing screen object. + */ +function set_current_screen( $hook_name = '' ) { + WP_Screen::get( $hook_name )->set_current_screen(); +} diff --git a/wp-admin/includes/taxonomy.php b/wp-admin/includes/taxonomy.php new file mode 100644 index 0000000..7765084 --- /dev/null +++ b/wp-admin/includes/taxonomy.php @@ -0,0 +1,316 @@ +<?php +/** + * WordPress Taxonomy Administration API. + * + * @package WordPress + * @subpackage Administration + */ + +// +// Category. +// + +/** + * Checks whether a category exists. + * + * @since 2.0.0 + * + * @see term_exists() + * + * @param int|string $cat_name Category name. + * @param int $category_parent Optional. ID of parent category. + * @return string|null Returns the category ID as a numeric string if the pairing exists, null if not. + */ +function category_exists( $cat_name, $category_parent = null ) { + $id = term_exists( $cat_name, 'category', $category_parent ); + if ( is_array( $id ) ) { + $id = $id['term_id']; + } + return $id; +} + +/** + * Gets category object for given ID and 'edit' filter context. + * + * @since 2.0.0 + * + * @param int $id + * @return object + */ +function get_category_to_edit( $id ) { + $category = get_term( $id, 'category', OBJECT, 'edit' ); + _make_cat_compat( $category ); + return $category; +} + +/** + * Adds a new category to the database if it does not already exist. + * + * @since 2.0.0 + * + * @param int|string $cat_name Category name. + * @param int $category_parent Optional. ID of parent category. + * @return int|WP_Error + */ +function wp_create_category( $cat_name, $category_parent = 0 ) { + $id = category_exists( $cat_name, $category_parent ); + if ( $id ) { + return $id; + } + + return wp_insert_category( + array( + 'cat_name' => $cat_name, + 'category_parent' => $category_parent, + ) + ); +} + +/** + * Creates categories for the given post. + * + * @since 2.0.0 + * + * @param string[] $categories Array of category names to create. + * @param int $post_id Optional. The post ID. Default empty. + * @return int[] Array of IDs of categories assigned to the given post. + */ +function wp_create_categories( $categories, $post_id = '' ) { + $cat_ids = array(); + foreach ( $categories as $category ) { + $id = category_exists( $category ); + if ( $id ) { + $cat_ids[] = $id; + } else { + $id = wp_create_category( $category ); + if ( $id ) { + $cat_ids[] = $id; + } + } + } + + if ( $post_id ) { + wp_set_post_categories( $post_id, $cat_ids ); + } + + return $cat_ids; +} + +/** + * Updates an existing Category or creates a new Category. + * + * @since 2.0.0 + * @since 2.5.0 $wp_error parameter was added. + * @since 3.0.0 The 'taxonomy' argument was added. + * + * @param array $catarr { + * Array of arguments for inserting a new category. + * + * @type int $cat_ID Category ID. A non-zero value updates an existing category. + * Default 0. + * @type string $taxonomy Taxonomy slug. Default 'category'. + * @type string $cat_name Category name. Default empty. + * @type string $category_description Category description. Default empty. + * @type string $category_nicename Category nice (display) name. Default empty. + * @type int|string $category_parent Category parent ID. Default empty. + * } + * @param bool $wp_error Optional. Default false. + * @return int|WP_Error The ID number of the new or updated Category on success. Zero or a WP_Error on failure, + * depending on param `$wp_error`. + */ +function wp_insert_category( $catarr, $wp_error = false ) { + $cat_defaults = array( + 'cat_ID' => 0, + 'taxonomy' => 'category', + 'cat_name' => '', + 'category_description' => '', + 'category_nicename' => '', + 'category_parent' => '', + ); + $catarr = wp_parse_args( $catarr, $cat_defaults ); + + if ( '' === trim( $catarr['cat_name'] ) ) { + if ( ! $wp_error ) { + return 0; + } else { + return new WP_Error( 'cat_name', __( 'You did not enter a category name.' ) ); + } + } + + $catarr['cat_ID'] = (int) $catarr['cat_ID']; + + // Are we updating or creating? + $update = ! empty( $catarr['cat_ID'] ); + + $name = $catarr['cat_name']; + $description = $catarr['category_description']; + $slug = $catarr['category_nicename']; + $parent = (int) $catarr['category_parent']; + if ( $parent < 0 ) { + $parent = 0; + } + + if ( empty( $parent ) + || ! term_exists( $parent, $catarr['taxonomy'] ) + || ( $catarr['cat_ID'] && term_is_ancestor_of( $catarr['cat_ID'], $parent, $catarr['taxonomy'] ) ) ) { + $parent = 0; + } + + $args = compact( 'name', 'slug', 'parent', 'description' ); + + if ( $update ) { + $catarr['cat_ID'] = wp_update_term( $catarr['cat_ID'], $catarr['taxonomy'], $args ); + } else { + $catarr['cat_ID'] = wp_insert_term( $catarr['cat_name'], $catarr['taxonomy'], $args ); + } + + if ( is_wp_error( $catarr['cat_ID'] ) ) { + if ( $wp_error ) { + return $catarr['cat_ID']; + } else { + return 0; + } + } + return $catarr['cat_ID']['term_id']; +} + +/** + * Aliases wp_insert_category() with minimal args. + * + * If you want to update only some fields of an existing category, call this + * function with only the new values set inside $catarr. + * + * @since 2.0.0 + * + * @param array $catarr The 'cat_ID' value is required. All other keys are optional. + * @return int|false The ID number of the new or updated Category on success. Zero or FALSE on failure. + */ +function wp_update_category( $catarr ) { + $cat_id = (int) $catarr['cat_ID']; + + if ( isset( $catarr['category_parent'] ) && ( $cat_id === (int) $catarr['category_parent'] ) ) { + return false; + } + + // First, get all of the original fields. + $category = get_term( $cat_id, 'category', ARRAY_A ); + _make_cat_compat( $category ); + + // Escape data pulled from DB. + $category = wp_slash( $category ); + + // Merge old and new fields with new fields overwriting old ones. + $catarr = array_merge( $category, $catarr ); + + return wp_insert_category( $catarr ); +} + +// +// Tags. +// + +/** + * Checks whether a post tag with a given name exists. + * + * @since 2.3.0 + * + * @param int|string $tag_name + * @return mixed Returns null if the term does not exist. + * Returns an array of the term ID and the term taxonomy ID if the pairing exists. + * Returns 0 if term ID 0 is passed to the function. + */ +function tag_exists( $tag_name ) { + return term_exists( $tag_name, 'post_tag' ); +} + +/** + * Adds a new tag to the database if it does not already exist. + * + * @since 2.3.0 + * + * @param int|string $tag_name + * @return array|WP_Error + */ +function wp_create_tag( $tag_name ) { + return wp_create_term( $tag_name, 'post_tag' ); +} + +/** + * Gets comma-separated list of tags available to edit. + * + * @since 2.3.0 + * + * @param int $post_id + * @param string $taxonomy Optional. The taxonomy for which to retrieve terms. Default 'post_tag'. + * @return string|false|WP_Error + */ +function get_tags_to_edit( $post_id, $taxonomy = 'post_tag' ) { + return get_terms_to_edit( $post_id, $taxonomy ); +} + +/** + * Gets comma-separated list of terms available to edit for the given post ID. + * + * @since 2.8.0 + * + * @param int $post_id + * @param string $taxonomy Optional. The taxonomy for which to retrieve terms. Default 'post_tag'. + * @return string|false|WP_Error + */ +function get_terms_to_edit( $post_id, $taxonomy = 'post_tag' ) { + $post_id = (int) $post_id; + if ( ! $post_id ) { + return false; + } + + $terms = get_object_term_cache( $post_id, $taxonomy ); + if ( false === $terms ) { + $terms = wp_get_object_terms( $post_id, $taxonomy ); + wp_cache_add( $post_id, wp_list_pluck( $terms, 'term_id' ), $taxonomy . '_relationships' ); + } + + if ( ! $terms ) { + return false; + } + if ( is_wp_error( $terms ) ) { + return $terms; + } + $term_names = array(); + foreach ( $terms as $term ) { + $term_names[] = $term->name; + } + + $terms_to_edit = esc_attr( implode( ',', $term_names ) ); + + /** + * Filters the comma-separated list of terms available to edit. + * + * @since 2.8.0 + * + * @see get_terms_to_edit() + * + * @param string $terms_to_edit A comma-separated list of term names. + * @param string $taxonomy The taxonomy name for which to retrieve terms. + */ + $terms_to_edit = apply_filters( 'terms_to_edit', $terms_to_edit, $taxonomy ); + + return $terms_to_edit; +} + +/** + * Adds a new term to the database if it does not already exist. + * + * @since 2.8.0 + * + * @param string $tag_name The term name. + * @param string $taxonomy Optional. The taxonomy within which to create the term. Default 'post_tag'. + * @return array|WP_Error + */ +function wp_create_term( $tag_name, $taxonomy = 'post_tag' ) { + $id = term_exists( $tag_name, $taxonomy ); + if ( $id ) { + return $id; + } + + return wp_insert_term( $tag_name, $taxonomy ); +} diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php new file mode 100644 index 0000000..1d4a8e8 --- /dev/null +++ b/wp-admin/includes/template.php @@ -0,0 +1,2821 @@ +<?php +/** + * Template WordPress Administration API. + * + * A Big Mess. Also some neat functions that are nicely written. + * + * @package WordPress + * @subpackage Administration + */ + +/** Walker_Category_Checklist class */ +require_once ABSPATH . 'wp-admin/includes/class-walker-category-checklist.php'; + +/** WP_Internal_Pointers class */ +require_once ABSPATH . 'wp-admin/includes/class-wp-internal-pointers.php'; + +// +// Category Checklists. +// + +/** + * Outputs an unordered list of checkbox input elements labeled with category names. + * + * @since 2.5.1 + * + * @see wp_terms_checklist() + * + * @param int $post_id Optional. Post to generate a categories checklist for. Default 0. + * $selected_cats must not be an array. Default 0. + * @param int $descendants_and_self Optional. ID of the category to output along with its descendants. + * Default 0. + * @param int[]|false $selected_cats Optional. Array of category IDs to mark as checked. Default false. + * @param int[]|false $popular_cats Optional. Array of category IDs to receive the "popular-category" class. + * Default false. + * @param Walker $walker Optional. Walker object to use to build the output. + * Default is a Walker_Category_Checklist instance. + * @param bool $checked_ontop Optional. Whether to move checked items out of the hierarchy and to + * the top of the list. Default true. + */ +function wp_category_checklist( $post_id = 0, $descendants_and_self = 0, $selected_cats = false, $popular_cats = false, $walker = null, $checked_ontop = true ) { + wp_terms_checklist( + $post_id, + array( + 'taxonomy' => 'category', + 'descendants_and_self' => $descendants_and_self, + 'selected_cats' => $selected_cats, + 'popular_cats' => $popular_cats, + 'walker' => $walker, + 'checked_ontop' => $checked_ontop, + ) + ); +} + +/** + * Outputs an unordered list of checkbox input elements labelled with term names. + * + * Taxonomy-independent version of wp_category_checklist(). + * + * @since 3.0.0 + * @since 4.4.0 Introduced the `$echo` argument. + * + * @param int $post_id Optional. Post ID. Default 0. + * @param array|string $args { + * Optional. Array or string of arguments for generating a terms checklist. Default empty array. + * + * @type int $descendants_and_self ID of the category to output along with its descendants. + * Default 0. + * @type int[] $selected_cats Array of category IDs to mark as checked. Default false. + * @type int[] $popular_cats Array of category IDs to receive the "popular-category" class. + * Default false. + * @type Walker $walker Walker object to use to build the output. Default empty which + * results in a Walker_Category_Checklist instance being used. + * @type string $taxonomy Taxonomy to generate the checklist for. Default 'category'. + * @type bool $checked_ontop Whether to move checked items out of the hierarchy and to + * the top of the list. Default true. + * @type bool $echo Whether to echo the generated markup. False to return the markup instead + * of echoing it. Default true. + * } + * @return string HTML list of input elements. + */ +function wp_terms_checklist( $post_id = 0, $args = array() ) { + $defaults = array( + 'descendants_and_self' => 0, + 'selected_cats' => false, + 'popular_cats' => false, + 'walker' => null, + 'taxonomy' => 'category', + 'checked_ontop' => true, + 'echo' => true, + ); + + /** + * Filters the taxonomy terms checklist arguments. + * + * @since 3.4.0 + * + * @see wp_terms_checklist() + * + * @param array|string $args An array or string of arguments. + * @param int $post_id The post ID. + */ + $params = apply_filters( 'wp_terms_checklist_args', $args, $post_id ); + + $parsed_args = wp_parse_args( $params, $defaults ); + + if ( empty( $parsed_args['walker'] ) || ! ( $parsed_args['walker'] instanceof Walker ) ) { + $walker = new Walker_Category_Checklist(); + } else { + $walker = $parsed_args['walker']; + } + + $taxonomy = $parsed_args['taxonomy']; + $descendants_and_self = (int) $parsed_args['descendants_and_self']; + + $args = array( 'taxonomy' => $taxonomy ); + + $tax = get_taxonomy( $taxonomy ); + $args['disabled'] = ! current_user_can( $tax->cap->assign_terms ); + + $args['list_only'] = ! empty( $parsed_args['list_only'] ); + + if ( is_array( $parsed_args['selected_cats'] ) ) { + $args['selected_cats'] = array_map( 'intval', $parsed_args['selected_cats'] ); + } elseif ( $post_id ) { + $args['selected_cats'] = wp_get_object_terms( $post_id, $taxonomy, array_merge( $args, array( 'fields' => 'ids' ) ) ); + } else { + $args['selected_cats'] = array(); + } + + if ( is_array( $parsed_args['popular_cats'] ) ) { + $args['popular_cats'] = array_map( 'intval', $parsed_args['popular_cats'] ); + } else { + $args['popular_cats'] = get_terms( + array( + 'taxonomy' => $taxonomy, + 'fields' => 'ids', + 'orderby' => 'count', + 'order' => 'DESC', + 'number' => 10, + 'hierarchical' => false, + ) + ); + } + + if ( $descendants_and_self ) { + $categories = (array) get_terms( + array( + 'taxonomy' => $taxonomy, + 'child_of' => $descendants_and_self, + 'hierarchical' => 0, + 'hide_empty' => 0, + ) + ); + $self = get_term( $descendants_and_self, $taxonomy ); + array_unshift( $categories, $self ); + } else { + $categories = (array) get_terms( + array( + 'taxonomy' => $taxonomy, + 'get' => 'all', + ) + ); + } + + $output = ''; + + if ( $parsed_args['checked_ontop'] ) { + /* + * Post-process $categories rather than adding an exclude to the get_terms() query + * to keep the query the same across all posts (for any query cache). + */ + $checked_categories = array(); + $keys = array_keys( $categories ); + + foreach ( $keys as $k ) { + if ( in_array( $categories[ $k ]->term_id, $args['selected_cats'], true ) ) { + $checked_categories[] = $categories[ $k ]; + unset( $categories[ $k ] ); + } + } + + // Put checked categories on top. + $output .= $walker->walk( $checked_categories, 0, $args ); + } + // Then the rest of them. + $output .= $walker->walk( $categories, 0, $args ); + + if ( $parsed_args['echo'] ) { + echo $output; + } + + return $output; +} + +/** + * Retrieves a list of the most popular terms from the specified taxonomy. + * + * If the `$display` argument is true then the elements for a list of checkbox + * `<input>` elements labelled with the names of the selected terms is output. + * If the `$post_ID` global is not empty then the terms associated with that + * post will be marked as checked. + * + * @since 2.5.0 + * + * @param string $taxonomy Taxonomy to retrieve terms from. + * @param int $default_term Optional. Not used. + * @param int $number Optional. Number of terms to retrieve. Default 10. + * @param bool $display Optional. Whether to display the list as well. Default true. + * @return int[] Array of popular term IDs. + */ +function wp_popular_terms_checklist( $taxonomy, $default_term = 0, $number = 10, $display = true ) { + $post = get_post(); + + if ( $post && $post->ID ) { + $checked_terms = wp_get_object_terms( $post->ID, $taxonomy, array( 'fields' => 'ids' ) ); + } else { + $checked_terms = array(); + } + + $terms = get_terms( + array( + 'taxonomy' => $taxonomy, + 'orderby' => 'count', + 'order' => 'DESC', + 'number' => $number, + 'hierarchical' => false, + ) + ); + + $tax = get_taxonomy( $taxonomy ); + + $popular_ids = array(); + + foreach ( (array) $terms as $term ) { + $popular_ids[] = $term->term_id; + + if ( ! $display ) { // Hack for Ajax use. + continue; + } + + $id = "popular-$taxonomy-$term->term_id"; + $checked = in_array( $term->term_id, $checked_terms, true ) ? 'checked="checked"' : ''; + ?> + + <li id="<?php echo $id; ?>" class="popular-category"> + <label class="selectit"> + <input id="in-<?php echo $id; ?>" type="checkbox" <?php echo $checked; ?> value="<?php echo (int) $term->term_id; ?>" <?php disabled( ! current_user_can( $tax->cap->assign_terms ) ); ?> /> + <?php + /** This filter is documented in wp-includes/category-template.php */ + echo esc_html( apply_filters( 'the_category', $term->name, '', '' ) ); + ?> + </label> + </li> + + <?php + } + return $popular_ids; +} + +/** + * Outputs a link category checklist element. + * + * @since 2.5.1 + * + * @param int $link_id Optional. The link ID. Default 0. + */ +function wp_link_category_checklist( $link_id = 0 ) { + $default = 1; + + $checked_categories = array(); + + if ( $link_id ) { + $checked_categories = wp_get_link_cats( $link_id ); + // No selected categories, strange. + if ( ! count( $checked_categories ) ) { + $checked_categories[] = $default; + } + } else { + $checked_categories[] = $default; + } + + $categories = get_terms( + array( + 'taxonomy' => 'link_category', + 'orderby' => 'name', + 'hide_empty' => 0, + ) + ); + + if ( empty( $categories ) ) { + return; + } + + foreach ( $categories as $category ) { + $cat_id = $category->term_id; + + /** This filter is documented in wp-includes/category-template.php */ + $name = esc_html( apply_filters( 'the_category', $category->name, '', '' ) ); + $checked = in_array( $cat_id, $checked_categories, true ) ? ' checked="checked"' : ''; + echo '<li id="link-category-', $cat_id, '"><label for="in-link-category-', $cat_id, '" class="selectit"><input value="', $cat_id, '" type="checkbox" name="link_category[]" id="in-link-category-', $cat_id, '"', $checked, '/> ', $name, '</label></li>'; + } +} + +/** + * Adds hidden fields with the data for use in the inline editor for posts and pages. + * + * @since 2.7.0 + * + * @param WP_Post $post Post object. + */ +function get_inline_data( $post ) { + $post_type_object = get_post_type_object( $post->post_type ); + if ( ! current_user_can( 'edit_post', $post->ID ) ) { + return; + } + + $title = esc_textarea( trim( $post->post_title ) ); + + echo ' +<div class="hidden" id="inline_' . $post->ID . '"> + <div class="post_title">' . $title . '</div>' . + /** This filter is documented in wp-admin/edit-tag-form.php */ + '<div class="post_name">' . apply_filters( 'editable_slug', $post->post_name, $post ) . '</div> + <div class="post_author">' . $post->post_author . '</div> + <div class="comment_status">' . esc_html( $post->comment_status ) . '</div> + <div class="ping_status">' . esc_html( $post->ping_status ) . '</div> + <div class="_status">' . esc_html( $post->post_status ) . '</div> + <div class="jj">' . mysql2date( 'd', $post->post_date, false ) . '</div> + <div class="mm">' . mysql2date( 'm', $post->post_date, false ) . '</div> + <div class="aa">' . mysql2date( 'Y', $post->post_date, false ) . '</div> + <div class="hh">' . mysql2date( 'H', $post->post_date, false ) . '</div> + <div class="mn">' . mysql2date( 'i', $post->post_date, false ) . '</div> + <div class="ss">' . mysql2date( 's', $post->post_date, false ) . '</div> + <div class="post_password">' . esc_html( $post->post_password ) . '</div>'; + + if ( $post_type_object->hierarchical ) { + echo '<div class="post_parent">' . $post->post_parent . '</div>'; + } + + echo '<div class="page_template">' . ( $post->page_template ? esc_html( $post->page_template ) : 'default' ) . '</div>'; + + if ( post_type_supports( $post->post_type, 'page-attributes' ) ) { + echo '<div class="menu_order">' . $post->menu_order . '</div>'; + } + + $taxonomy_names = get_object_taxonomies( $post->post_type ); + + foreach ( $taxonomy_names as $taxonomy_name ) { + $taxonomy = get_taxonomy( $taxonomy_name ); + + if ( ! $taxonomy->show_in_quick_edit ) { + continue; + } + + if ( $taxonomy->hierarchical ) { + + $terms = get_object_term_cache( $post->ID, $taxonomy_name ); + if ( false === $terms ) { + $terms = wp_get_object_terms( $post->ID, $taxonomy_name ); + wp_cache_add( $post->ID, wp_list_pluck( $terms, 'term_id' ), $taxonomy_name . '_relationships' ); + } + $term_ids = empty( $terms ) ? array() : wp_list_pluck( $terms, 'term_id' ); + + echo '<div class="post_category" id="' . $taxonomy_name . '_' . $post->ID . '">' . implode( ',', $term_ids ) . '</div>'; + + } else { + + $terms_to_edit = get_terms_to_edit( $post->ID, $taxonomy_name ); + if ( ! is_string( $terms_to_edit ) ) { + $terms_to_edit = ''; + } + + echo '<div class="tags_input" id="' . $taxonomy_name . '_' . $post->ID . '">' + . esc_html( str_replace( ',', ', ', $terms_to_edit ) ) . '</div>'; + + } + } + + if ( ! $post_type_object->hierarchical ) { + echo '<div class="sticky">' . ( is_sticky( $post->ID ) ? 'sticky' : '' ) . '</div>'; + } + + if ( post_type_supports( $post->post_type, 'post-formats' ) ) { + echo '<div class="post_format">' . esc_html( get_post_format( $post->ID ) ) . '</div>'; + } + + /** + * Fires after outputting the fields for the inline editor for posts and pages. + * + * @since 4.9.8 + * + * @param WP_Post $post The current post object. + * @param WP_Post_Type $post_type_object The current post's post type object. + */ + do_action( 'add_inline_data', $post, $post_type_object ); + + echo '</div>'; +} + +/** + * Outputs the in-line comment reply-to form in the Comments list table. + * + * @since 2.7.0 + * + * @global WP_List_Table $wp_list_table + * + * @param int $position Optional. The value of the 'position' input field. Default 1. + * @param bool $checkbox Optional. The value of the 'checkbox' input field. Default false. + * @param string $mode Optional. If set to 'single', will use WP_Post_Comments_List_Table, + * otherwise WP_Comments_List_Table. Default 'single'. + * @param bool $table_row Optional. Whether to use a table instead of a div element. Default true. + */ +function wp_comment_reply( $position = 1, $checkbox = false, $mode = 'single', $table_row = true ) { + global $wp_list_table; + /** + * Filters the in-line comment reply-to form output in the Comments + * list table. + * + * Returning a non-empty value here will short-circuit display + * of the in-line comment-reply form in the Comments list table, + * echoing the returned value instead. + * + * @since 2.7.0 + * + * @see wp_comment_reply() + * + * @param string $content The reply-to form content. + * @param array $args An array of default args. + */ + $content = apply_filters( + 'wp_comment_reply', + '', + array( + 'position' => $position, + 'checkbox' => $checkbox, + 'mode' => $mode, + ) + ); + + if ( ! empty( $content ) ) { + echo $content; + return; + } + + if ( ! $wp_list_table ) { + if ( 'single' === $mode ) { + $wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table' ); + } else { + $wp_list_table = _get_list_table( 'WP_Comments_List_Table' ); + } + } + + ?> +<form method="get"> + <?php if ( $table_row ) : ?> +<table style="display:none;"><tbody id="com-reply"><tr id="replyrow" class="inline-edit-row" style="display:none;"><td colspan="<?php echo $wp_list_table->get_column_count(); ?>" class="colspanchange"> +<?php else : ?> +<div id="com-reply" style="display:none;"><div id="replyrow" style="display:none;"> +<?php endif; ?> + <fieldset class="comment-reply"> + <legend> + <span class="hidden" id="editlegend"><?php _e( 'Edit Comment' ); ?></span> + <span class="hidden" id="replyhead"><?php _e( 'Reply to Comment' ); ?></span> + <span class="hidden" id="addhead"><?php _e( 'Add New Comment' ); ?></span> + </legend> + + <div id="replycontainer"> + <label for="replycontent" class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Comment' ); + ?> + </label> + <?php + $quicktags_settings = array( 'buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,close' ); + wp_editor( + '', + 'replycontent', + array( + 'media_buttons' => false, + 'tinymce' => false, + 'quicktags' => $quicktags_settings, + ) + ); + ?> + </div> + + <div id="edithead" style="display:none;"> + <div class="inside"> + <label for="author-name"><?php _e( 'Name' ); ?></label> + <input type="text" name="newcomment_author" size="50" value="" id="author-name" /> + </div> + + <div class="inside"> + <label for="author-email"><?php _e( 'Email' ); ?></label> + <input type="text" name="newcomment_author_email" size="50" value="" id="author-email" /> + </div> + + <div class="inside"> + <label for="author-url"><?php _e( 'URL' ); ?></label> + <input type="text" id="author-url" name="newcomment_author_url" class="code" size="103" value="" /> + </div> + </div> + + <div id="replysubmit" class="submit"> + <p class="reply-submit-buttons"> + <button type="button" class="save button button-primary"> + <span id="addbtn" style="display: none;"><?php _e( 'Add Comment' ); ?></span> + <span id="savebtn" style="display: none;"><?php _e( 'Update Comment' ); ?></span> + <span id="replybtn" style="display: none;"><?php _e( 'Submit Reply' ); ?></span> + </button> + <button type="button" class="cancel button"><?php _e( 'Cancel' ); ?></button> + <span class="waiting spinner"></span> + </p> + <?php + wp_admin_notice( + '<p class="error"></p>', + array( + 'type' => 'error', + 'additional_classes' => array( 'notice-alt', 'inline', 'hidden' ), + 'paragraph_wrap' => false, + ) + ); + ?> + </div> + + <input type="hidden" name="action" id="action" value="" /> + <input type="hidden" name="comment_ID" id="comment_ID" value="" /> + <input type="hidden" name="comment_post_ID" id="comment_post_ID" value="" /> + <input type="hidden" name="status" id="status" value="" /> + <input type="hidden" name="position" id="position" value="<?php echo $position; ?>" /> + <input type="hidden" name="checkbox" id="checkbox" value="<?php echo $checkbox ? 1 : 0; ?>" /> + <input type="hidden" name="mode" id="mode" value="<?php echo esc_attr( $mode ); ?>" /> + <?php + wp_nonce_field( 'replyto-comment', '_ajax_nonce-replyto-comment', false ); + if ( current_user_can( 'unfiltered_html' ) ) { + wp_nonce_field( 'unfiltered-html-comment', '_wp_unfiltered_html_comment', false ); + } + ?> + </fieldset> + <?php if ( $table_row ) : ?> +</td></tr></tbody></table> + <?php else : ?> +</div></div> + <?php endif; ?> +</form> + <?php +} + +/** + * Outputs 'undo move to Trash' text for comments. + * + * @since 2.9.0 + */ +function wp_comment_trashnotice() { + ?> +<div class="hidden" id="trash-undo-holder"> + <div class="trash-undo-inside"> + <?php + /* translators: %s: Comment author, filled by Ajax. */ + printf( __( 'Comment by %s moved to the Trash.' ), '<strong></strong>' ); + ?> + <span class="undo untrash"><a href="#"><?php _e( 'Undo' ); ?></a></span> + </div> +</div> +<div class="hidden" id="spam-undo-holder"> + <div class="spam-undo-inside"> + <?php + /* translators: %s: Comment author, filled by Ajax. */ + printf( __( 'Comment by %s marked as spam.' ), '<strong></strong>' ); + ?> + <span class="undo unspam"><a href="#"><?php _e( 'Undo' ); ?></a></span> + </div> +</div> + <?php +} + +/** + * Outputs a post's public meta data in the Custom Fields meta box. + * + * @since 1.2.0 + * + * @param array[] $meta An array of meta data arrays keyed on 'meta_key' and 'meta_value'. + */ +function list_meta( $meta ) { + // Exit if no meta. + if ( ! $meta ) { + echo ' +<table id="list-table" style="display: none;"> + <thead> + <tr> + <th class="left">' . _x( 'Name', 'meta name' ) . '</th> + <th>' . __( 'Value' ) . '</th> + </tr> + </thead> + <tbody id="the-list" data-wp-lists="list:meta"> + <tr><td></td></tr> + </tbody> +</table>'; // TBODY needed for list-manipulation JS. + return; + } + $count = 0; + ?> +<table id="list-table"> + <thead> + <tr> + <th class="left"><?php _ex( 'Name', 'meta name' ); ?></th> + <th><?php _e( 'Value' ); ?></th> + </tr> + </thead> + <tbody id='the-list' data-wp-lists='list:meta'> + <?php + foreach ( $meta as $entry ) { + echo _list_meta_row( $entry, $count ); + } + ?> + </tbody> +</table> + <?php +} + +/** + * Outputs a single row of public meta data in the Custom Fields meta box. + * + * @since 2.5.0 + * + * @param array $entry An array of meta data keyed on 'meta_key' and 'meta_value'. + * @param int $count Reference to the row number. + * @return string A single row of public meta data. + */ +function _list_meta_row( $entry, &$count ) { + static $update_nonce = ''; + + if ( is_protected_meta( $entry['meta_key'], 'post' ) ) { + return ''; + } + + if ( ! $update_nonce ) { + $update_nonce = wp_create_nonce( 'add-meta' ); + } + + $r = ''; + ++$count; + + if ( is_serialized( $entry['meta_value'] ) ) { + if ( is_serialized_string( $entry['meta_value'] ) ) { + // This is a serialized string, so we should display it. + $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); + } else { + // This is a serialized array/object so we should NOT display it. + --$count; + return ''; + } + } + + $entry['meta_key'] = esc_attr( $entry['meta_key'] ); + $entry['meta_value'] = esc_textarea( $entry['meta_value'] ); // Using a <textarea />. + $entry['meta_id'] = (int) $entry['meta_id']; + + $delete_nonce = wp_create_nonce( 'delete-meta_' . $entry['meta_id'] ); + + $r .= "\n\t<tr id='meta-{$entry['meta_id']}'>"; + $r .= "\n\t\t<td class='left'><label class='screen-reader-text' for='meta-{$entry['meta_id']}-key'>" . + /* translators: Hidden accessibility text. */ + __( 'Key' ) . + "</label><input name='meta[{$entry['meta_id']}][key]' id='meta-{$entry['meta_id']}-key' type='text' size='20' value='{$entry['meta_key']}' />"; + + $r .= "\n\t\t<div class='submit'>"; + $r .= get_submit_button( __( 'Delete' ), 'deletemeta small', "deletemeta[{$entry['meta_id']}]", false, array( 'data-wp-lists' => "delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce" ) ); + $r .= "\n\t\t"; + $r .= get_submit_button( __( 'Update' ), 'updatemeta small', "meta-{$entry['meta_id']}-submit", false, array( 'data-wp-lists' => "add:the-list:meta-{$entry['meta_id']}::_ajax_nonce-add-meta=$update_nonce" ) ); + $r .= '</div>'; + $r .= wp_nonce_field( 'change-meta', '_ajax_nonce', false, false ); + $r .= '</td>'; + + $r .= "\n\t\t<td><label class='screen-reader-text' for='meta-{$entry['meta_id']}-value'>" . + /* translators: Hidden accessibility text. */ + __( 'Value' ) . + "</label><textarea name='meta[{$entry['meta_id']}][value]' id='meta-{$entry['meta_id']}-value' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>\n\t</tr>"; + return $r; +} + +/** + * Prints the form in the Custom Fields meta box. + * + * @since 1.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param WP_Post $post Optional. The post being edited. + */ +function meta_form( $post = null ) { + global $wpdb; + $post = get_post( $post ); + + /** + * Filters values for the meta key dropdown in the Custom Fields meta box. + * + * Returning a non-null value will effectively short-circuit and avoid a + * potentially expensive query against postmeta. + * + * @since 4.4.0 + * + * @param array|null $keys Pre-defined meta keys to be used in place of a postmeta query. Default null. + * @param WP_Post $post The current post object. + */ + $keys = apply_filters( 'postmeta_form_keys', null, $post ); + + if ( null === $keys ) { + /** + * Filters the number of custom fields to retrieve for the drop-down + * in the Custom Fields meta box. + * + * @since 2.1.0 + * + * @param int $limit Number of custom fields to retrieve. Default 30. + */ + $limit = apply_filters( 'postmeta_form_limit', 30 ); + + $keys = $wpdb->get_col( + $wpdb->prepare( + "SELECT DISTINCT meta_key + FROM $wpdb->postmeta + WHERE meta_key NOT BETWEEN '_' AND '_z' + HAVING meta_key NOT LIKE %s + ORDER BY meta_key + LIMIT %d", + $wpdb->esc_like( '_' ) . '%', + $limit + ) + ); + } + + if ( $keys ) { + natcasesort( $keys ); + } + ?> +<p><strong><?php _e( 'Add New Custom Field:' ); ?></strong></p> +<table id="newmeta"> +<thead> +<tr> +<th class="left"><label for="metakeyselect"><?php _ex( 'Name', 'meta name' ); ?></label></th> +<th><label for="metavalue"><?php _e( 'Value' ); ?></label></th> +</tr> +</thead> + +<tbody> +<tr> +<td id="newmetaleft" class="left"> + <?php if ( $keys ) { ?> +<select id="metakeyselect" name="metakeyselect"> +<option value="#NONE#"><?php _e( '— Select —' ); ?></option> + <?php + foreach ( $keys as $key ) { + if ( is_protected_meta( $key, 'post' ) || ! current_user_can( 'add_post_meta', $post->ID, $key ) ) { + continue; + } + echo "\n<option value='" . esc_attr( $key ) . "'>" . esc_html( $key ) . '</option>'; + } + ?> +</select> +<input class="hidden" type="text" id="metakeyinput" name="metakeyinput" value="" aria-label="<?php _e( 'New custom field name' ); ?>" /> +<button type="button" id="newmeta-button" class="button button-small hide-if-no-js" onclick="jQuery('#metakeyinput, #metakeyselect, #enternew, #cancelnew').toggleClass('hidden');jQuery('#metakeyinput, #metakeyselect').filter(':visible').trigger('focus');"> +<span id="enternew"><?php _e( 'Enter new' ); ?></span> +<span id="cancelnew" class="hidden"><?php _e( 'Cancel' ); ?></span></button> +<?php } else { ?> +<input type="text" id="metakeyinput" name="metakeyinput" value="" /> +<?php } ?> +</td> +<td><textarea id="metavalue" name="metavalue" rows="2" cols="25"></textarea> + <?php wp_nonce_field( 'add-meta', '_ajax_nonce-add-meta', false ); ?> +</td> +</tr> +</tbody> +</table> +<div class="submit add-custom-field"> + <?php + submit_button( + __( 'Add Custom Field' ), + '', + 'addmeta', + false, + array( + 'id' => 'newmeta-submit', + 'data-wp-lists' => 'add:the-list:newmeta', + ) + ); + ?> +</div> + <?php +} + +/** + * Prints out HTML form date elements for editing post or comment publish date. + * + * @since 0.71 + * @since 4.4.0 Converted to use get_comment() instead of the global `$comment`. + * + * @global WP_Locale $wp_locale WordPress date and time locale object. + * + * @param int|bool $edit Accepts 1|true for editing the date, 0|false for adding the date. + * @param int|bool $for_post Accepts 1|true for applying the date to a post, 0|false for a comment. + * @param int $tab_index The tabindex attribute to add. Default 0. + * @param int|bool $multi Optional. Whether the additional fields and buttons should be added. + * Default 0|false. + */ +function touch_time( $edit = 1, $for_post = 1, $tab_index = 0, $multi = 0 ) { + global $wp_locale; + $post = get_post(); + + if ( $for_post ) { + $edit = ! ( in_array( $post->post_status, array( 'draft', 'pending' ), true ) && ( ! $post->post_date_gmt || '0000-00-00 00:00:00' === $post->post_date_gmt ) ); + } + + $tab_index_attribute = ''; + if ( (int) $tab_index > 0 ) { + $tab_index_attribute = " tabindex=\"$tab_index\""; + } + + // @todo Remove this? + // echo '<label for="timestamp" style="display: block;"><input type="checkbox" class="checkbox" name="edit_date" value="1" id="timestamp"'.$tab_index_attribute.' /> '.__( 'Edit timestamp' ).'</label><br />'; + + $post_date = ( $for_post ) ? $post->post_date : get_comment()->comment_date; + $jj = ( $edit ) ? mysql2date( 'd', $post_date, false ) : current_time( 'd' ); + $mm = ( $edit ) ? mysql2date( 'm', $post_date, false ) : current_time( 'm' ); + $aa = ( $edit ) ? mysql2date( 'Y', $post_date, false ) : current_time( 'Y' ); + $hh = ( $edit ) ? mysql2date( 'H', $post_date, false ) : current_time( 'H' ); + $mn = ( $edit ) ? mysql2date( 'i', $post_date, false ) : current_time( 'i' ); + $ss = ( $edit ) ? mysql2date( 's', $post_date, false ) : current_time( 's' ); + + $cur_jj = current_time( 'd' ); + $cur_mm = current_time( 'm' ); + $cur_aa = current_time( 'Y' ); + $cur_hh = current_time( 'H' ); + $cur_mn = current_time( 'i' ); + + $month = '<label><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Month' ) . + '</span><select class="form-required" ' . ( $multi ? '' : 'id="mm" ' ) . 'name="mm"' . $tab_index_attribute . ">\n"; + for ( $i = 1; $i < 13; $i = $i + 1 ) { + $monthnum = zeroise( $i, 2 ); + $monthtext = $wp_locale->get_month_abbrev( $wp_locale->get_month( $i ) ); + $month .= "\t\t\t" . '<option value="' . $monthnum . '" data-text="' . $monthtext . '" ' . selected( $monthnum, $mm, false ) . '>'; + /* translators: 1: Month number (01, 02, etc.), 2: Month abbreviation. */ + $month .= sprintf( __( '%1$s-%2$s' ), $monthnum, $monthtext ) . "</option>\n"; + } + $month .= '</select></label>'; + + $day = '<label><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Day' ) . + '</span><input type="text" ' . ( $multi ? '' : 'id="jj" ' ) . 'name="jj" value="' . $jj . '" size="2" maxlength="2"' . $tab_index_attribute . ' autocomplete="off" class="form-required" /></label>'; + $year = '<label><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Year' ) . + '</span><input type="text" ' . ( $multi ? '' : 'id="aa" ' ) . 'name="aa" value="' . $aa . '" size="4" maxlength="4"' . $tab_index_attribute . ' autocomplete="off" class="form-required" /></label>'; + $hour = '<label><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Hour' ) . + '</span><input type="text" ' . ( $multi ? '' : 'id="hh" ' ) . 'name="hh" value="' . $hh . '" size="2" maxlength="2"' . $tab_index_attribute . ' autocomplete="off" class="form-required" /></label>'; + $minute = '<label><span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Minute' ) . + '</span><input type="text" ' . ( $multi ? '' : 'id="mn" ' ) . 'name="mn" value="' . $mn . '" size="2" maxlength="2"' . $tab_index_attribute . ' autocomplete="off" class="form-required" /></label>'; + + echo '<div class="timestamp-wrap">'; + /* translators: 1: Month, 2: Day, 3: Year, 4: Hour, 5: Minute. */ + printf( __( '%1$s %2$s, %3$s at %4$s:%5$s' ), $month, $day, $year, $hour, $minute ); + + echo '</div><input type="hidden" id="ss" name="ss" value="' . $ss . '" />'; + + if ( $multi ) { + return; + } + + echo "\n\n"; + + $map = array( + 'mm' => array( $mm, $cur_mm ), + 'jj' => array( $jj, $cur_jj ), + 'aa' => array( $aa, $cur_aa ), + 'hh' => array( $hh, $cur_hh ), + 'mn' => array( $mn, $cur_mn ), + ); + + foreach ( $map as $timeunit => $value ) { + list( $unit, $curr ) = $value; + + echo '<input type="hidden" id="hidden_' . $timeunit . '" name="hidden_' . $timeunit . '" value="' . $unit . '" />' . "\n"; + $cur_timeunit = 'cur_' . $timeunit; + echo '<input type="hidden" id="' . $cur_timeunit . '" name="' . $cur_timeunit . '" value="' . $curr . '" />' . "\n"; + } + ?> + +<p> +<a href="#edit_timestamp" class="save-timestamp hide-if-no-js button"><?php _e( 'OK' ); ?></a> +<a href="#edit_timestamp" class="cancel-timestamp hide-if-no-js button-cancel"><?php _e( 'Cancel' ); ?></a> +</p> + <?php +} + +/** + * Prints out option HTML elements for the page templates drop-down. + * + * @since 1.5.0 + * @since 4.7.0 Added the `$post_type` parameter. + * + * @param string $default_template Optional. The template file name. Default empty. + * @param string $post_type Optional. Post type to get templates for. Default 'page'. + */ +function page_template_dropdown( $default_template = '', $post_type = 'page' ) { + $templates = get_page_templates( null, $post_type ); + + ksort( $templates ); + + foreach ( array_keys( $templates ) as $template ) { + $selected = selected( $default_template, $templates[ $template ], false ); + echo "\n\t<option value='" . esc_attr( $templates[ $template ] ) . "' $selected>" . esc_html( $template ) . '</option>'; + } +} + +/** + * Prints out option HTML elements for the page parents drop-down. + * + * @since 1.5.0 + * @since 4.4.0 `$post` argument was added. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $default_page Optional. The default page ID to be pre-selected. Default 0. + * @param int $parent_page Optional. The parent page ID. Default 0. + * @param int $level Optional. Page depth level. Default 0. + * @param int|WP_Post $post Post ID or WP_Post object. + * @return void|false Void on success, false if the page has no children. + */ +function parent_dropdown( $default_page = 0, $parent_page = 0, $level = 0, $post = null ) { + global $wpdb; + + $post = get_post( $post ); + $items = $wpdb->get_results( + $wpdb->prepare( + "SELECT ID, post_parent, post_title + FROM $wpdb->posts + WHERE post_parent = %d AND post_type = 'page' + ORDER BY menu_order", + $parent_page + ) + ); + + if ( $items ) { + foreach ( $items as $item ) { + // A page cannot be its own parent. + if ( $post && $post->ID && (int) $item->ID === $post->ID ) { + continue; + } + + $pad = str_repeat( ' ', $level * 3 ); + $selected = selected( $default_page, $item->ID, false ); + + echo "\n\t<option class='level-$level' value='$item->ID' $selected>$pad " . esc_html( $item->post_title ) . '</option>'; + parent_dropdown( $default_page, $item->ID, $level + 1 ); + } + } else { + return false; + } +} + +/** + * Prints out option HTML elements for role selectors. + * + * @since 2.1.0 + * + * @param string $selected Slug for the role that should be already selected. + */ +function wp_dropdown_roles( $selected = '' ) { + $r = ''; + + $editable_roles = array_reverse( get_editable_roles() ); + + foreach ( $editable_roles as $role => $details ) { + $name = translate_user_role( $details['name'] ); + // Preselect specified role. + if ( $selected === $role ) { + $r .= "\n\t<option selected='selected' value='" . esc_attr( $role ) . "'>$name</option>"; + } else { + $r .= "\n\t<option value='" . esc_attr( $role ) . "'>$name</option>"; + } + } + + echo $r; +} + +/** + * Outputs the form used by the importers to accept the data to be imported. + * + * @since 2.0.0 + * + * @param string $action The action attribute for the form. + */ +function wp_import_upload_form( $action ) { + + /** + * Filters the maximum allowed upload size for import files. + * + * @since 2.3.0 + * + * @see wp_max_upload_size() + * + * @param int $max_upload_size Allowed upload size. Default 1 MB. + */ + $bytes = apply_filters( 'import_upload_size_limit', wp_max_upload_size() ); + $size = size_format( $bytes ); + $upload_dir = wp_upload_dir(); + if ( ! empty( $upload_dir['error'] ) ) : + $upload_directory_error = '<p>' . __( 'Before you can upload your import file, you will need to fix the following error:' ) . '</p>'; + $upload_directory_error .= '<p><strong>' . $upload_dir['error'] . '</strong></p>'; + wp_admin_notice( + $upload_directory_error, + array( + 'additional_classes' => array( 'error' ), + 'paragraph_wrap' => false, + ) + ); + else : + ?> +<form enctype="multipart/form-data" id="import-upload-form" method="post" class="wp-upload-form" action="<?php echo esc_url( wp_nonce_url( $action, 'import-upload' ) ); ?>"> +<p> + <?php + printf( + '<label for="upload">%s</label> (%s)', + __( 'Choose a file from your computer:' ), + /* translators: %s: Maximum allowed file size. */ + sprintf( __( 'Maximum size: %s' ), $size ) + ); + ?> +<input type="file" id="upload" name="import" size="25" /> +<input type="hidden" name="action" value="save" /> +<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" /> +</p> + <?php submit_button( __( 'Upload file and import' ), 'primary' ); ?> +</form> + <?php + endif; +} + +/** + * Adds a meta box to one or more screens. + * + * @since 2.5.0 + * @since 4.4.0 The `$screen` parameter now accepts an array of screen IDs. + * + * @global array $wp_meta_boxes + * + * @param string $id Meta box ID (used in the 'id' attribute for the meta box). + * @param string $title Title of the meta box. + * @param callable $callback Function that fills the box with the desired content. + * The function should echo its output. + * @param string|array|WP_Screen $screen Optional. The screen or screens on which to show the box + * (such as a post type, 'link', or 'comment'). Accepts a single + * screen ID, WP_Screen object, or array of screen IDs. Default + * is the current screen. If you have used add_menu_page() or + * add_submenu_page() to create a new screen (and hence screen_id), + * make sure your menu slug conforms to the limits of sanitize_key() + * otherwise the 'screen' menu may not correctly render on your page. + * @param string $context Optional. The context within the screen where the box + * should display. Available contexts vary from screen to + * screen. Post edit screen contexts include 'normal', 'side', + * and 'advanced'. Comments screen contexts include 'normal' + * and 'side'. Menus meta boxes (accordion sections) all use + * the 'side' context. Global default is 'advanced'. + * @param string $priority Optional. The priority within the context where the box should show. + * Accepts 'high', 'core', 'default', or 'low'. Default 'default'. + * @param array $callback_args Optional. Data that should be set as the $args property + * of the box array (which is the second parameter passed + * to your callback). Default null. + */ +function add_meta_box( $id, $title, $callback, $screen = null, $context = 'advanced', $priority = 'default', $callback_args = null ) { + global $wp_meta_boxes; + + if ( empty( $screen ) ) { + $screen = get_current_screen(); + } elseif ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } elseif ( is_array( $screen ) ) { + foreach ( $screen as $single_screen ) { + add_meta_box( $id, $title, $callback, $single_screen, $context, $priority, $callback_args ); + } + } + + if ( ! isset( $screen->id ) ) { + return; + } + + $page = $screen->id; + + if ( ! isset( $wp_meta_boxes ) ) { + $wp_meta_boxes = array(); + } + if ( ! isset( $wp_meta_boxes[ $page ] ) ) { + $wp_meta_boxes[ $page ] = array(); + } + if ( ! isset( $wp_meta_boxes[ $page ][ $context ] ) ) { + $wp_meta_boxes[ $page ][ $context ] = array(); + } + + foreach ( array_keys( $wp_meta_boxes[ $page ] ) as $a_context ) { + foreach ( array( 'high', 'core', 'default', 'low' ) as $a_priority ) { + if ( ! isset( $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ] ) ) { + continue; + } + + // If a core box was previously removed, don't add. + if ( ( 'core' === $priority || 'sorted' === $priority ) + && false === $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ] + ) { + return; + } + + // If a core box was previously added by a plugin, don't add. + if ( 'core' === $priority ) { + /* + * If the box was added with default priority, give it core priority + * to maintain sort order. + */ + if ( 'default' === $a_priority ) { + $wp_meta_boxes[ $page ][ $a_context ]['core'][ $id ] = $wp_meta_boxes[ $page ][ $a_context ]['default'][ $id ]; + unset( $wp_meta_boxes[ $page ][ $a_context ]['default'][ $id ] ); + } + return; + } + + // If no priority given and ID already present, use existing priority. + if ( empty( $priority ) ) { + $priority = $a_priority; + /* + * Else, if we're adding to the sorted priority, we don't know the title + * or callback. Grab them from the previously added context/priority. + */ + } elseif ( 'sorted' === $priority ) { + $title = $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ]['title']; + $callback = $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ]['callback']; + $callback_args = $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ]['args']; + } + + // An ID can be in only one priority and one context. + if ( $priority !== $a_priority || $context !== $a_context ) { + unset( $wp_meta_boxes[ $page ][ $a_context ][ $a_priority ][ $id ] ); + } + } + } + + if ( empty( $priority ) ) { + $priority = 'low'; + } + + if ( ! isset( $wp_meta_boxes[ $page ][ $context ][ $priority ] ) ) { + $wp_meta_boxes[ $page ][ $context ][ $priority ] = array(); + } + + $wp_meta_boxes[ $page ][ $context ][ $priority ][ $id ] = array( + 'id' => $id, + 'title' => $title, + 'callback' => $callback, + 'args' => $callback_args, + ); +} + + +/** + * Renders a "fake" meta box with an information message, + * shown on the block editor, when an incompatible meta box is found. + * + * @since 5.0.0 + * + * @param mixed $data_object The data object being rendered on this screen. + * @param array $box { + * Custom formats meta box arguments. + * + * @type string $id Meta box 'id' attribute. + * @type string $title Meta box title. + * @type callable $old_callback The original callback for this meta box. + * @type array $args Extra meta box arguments. + * } + */ +function do_block_editor_incompatible_meta_box( $data_object, $box ) { + $plugin = _get_plugin_from_callback( $box['old_callback'] ); + $plugins = get_plugins(); + echo '<p>'; + if ( $plugin ) { + /* translators: %s: The name of the plugin that generated this meta box. */ + printf( __( 'This meta box, from the %s plugin, is not compatible with the block editor.' ), "<strong>{$plugin['Name']}</strong>" ); + } else { + _e( 'This meta box is not compatible with the block editor.' ); + } + echo '</p>'; + + if ( empty( $plugins['classic-editor/classic-editor.php'] ) ) { + if ( current_user_can( 'install_plugins' ) ) { + $install_url = wp_nonce_url( + self_admin_url( 'plugin-install.php?tab=favorites&user=wordpressdotorg&save=0' ), + 'save_wporg_username_' . get_current_user_id() + ); + + echo '<p>'; + /* translators: %s: A link to install the Classic Editor plugin. */ + printf( __( 'Please install the <a href="%s">Classic Editor plugin</a> to use this meta box.' ), esc_url( $install_url ) ); + echo '</p>'; + } + } elseif ( is_plugin_inactive( 'classic-editor/classic-editor.php' ) ) { + if ( current_user_can( 'activate_plugins' ) ) { + $activate_url = wp_nonce_url( + self_admin_url( 'plugins.php?action=activate&plugin=classic-editor/classic-editor.php' ), + 'activate-plugin_classic-editor/classic-editor.php' + ); + + echo '<p>'; + /* translators: %s: A link to activate the Classic Editor plugin. */ + printf( __( 'Please activate the <a href="%s">Classic Editor plugin</a> to use this meta box.' ), esc_url( $activate_url ) ); + echo '</p>'; + } + } elseif ( $data_object instanceof WP_Post ) { + $edit_url = add_query_arg( + array( + 'classic-editor' => '', + 'classic-editor__forget' => '', + ), + get_edit_post_link( $data_object ) + ); + echo '<p>'; + /* translators: %s: A link to use the Classic Editor plugin. */ + printf( __( 'Please open the <a href="%s">classic editor</a> to use this meta box.' ), esc_url( $edit_url ) ); + echo '</p>'; + } +} + +/** + * Internal helper function to find the plugin from a meta box callback. + * + * @since 5.0.0 + * + * @access private + * + * @param callable $callback The callback function to check. + * @return array|null The plugin that the callback belongs to, or null if it doesn't belong to a plugin. + */ +function _get_plugin_from_callback( $callback ) { + try { + if ( is_array( $callback ) ) { + $reflection = new ReflectionMethod( $callback[0], $callback[1] ); + } elseif ( is_string( $callback ) && str_contains( $callback, '::' ) ) { + $reflection = new ReflectionMethod( $callback ); + } else { + $reflection = new ReflectionFunction( $callback ); + } + } catch ( ReflectionException $exception ) { + // We could not properly reflect on the callable, so we abort here. + return null; + } + + // Don't show an error if it's an internal PHP function. + if ( ! $reflection->isInternal() ) { + + // Only show errors if the meta box was registered by a plugin. + $filename = wp_normalize_path( $reflection->getFileName() ); + $plugin_dir = wp_normalize_path( WP_PLUGIN_DIR ); + + if ( str_starts_with( $filename, $plugin_dir ) ) { + $filename = str_replace( $plugin_dir, '', $filename ); + $filename = preg_replace( '|^/([^/]*/).*$|', '\\1', $filename ); + + $plugins = get_plugins(); + + foreach ( $plugins as $name => $plugin ) { + if ( str_starts_with( $name, $filename ) ) { + return $plugin; + } + } + } + } + + return null; +} + +/** + * Meta-Box template function. + * + * @since 2.5.0 + * + * @global array $wp_meta_boxes + * + * @param string|WP_Screen $screen The screen identifier. If you have used add_menu_page() or + * add_submenu_page() to create a new screen (and hence screen_id) + * make sure your menu slug conforms to the limits of sanitize_key() + * otherwise the 'screen' menu may not correctly render on your page. + * @param string $context The screen context for which to display meta boxes. + * @param mixed $data_object Gets passed to the meta box callback function as the first parameter. + * Often this is the object that's the focus of the current screen, + * for example a `WP_Post` or `WP_Comment` object. + * @return int Number of meta_boxes. + */ +function do_meta_boxes( $screen, $context, $data_object ) { + global $wp_meta_boxes; + static $already_sorted = false; + + if ( empty( $screen ) ) { + $screen = get_current_screen(); + } elseif ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + $page = $screen->id; + + $hidden = get_hidden_meta_boxes( $screen ); + + printf( '<div id="%s-sortables" class="meta-box-sortables">', esc_attr( $context ) ); + + /* + * Grab the ones the user has manually sorted. + * Pull them out of their previous context/priority and into the one the user chose. + */ + $sorted = get_user_option( "meta-box-order_$page" ); + + if ( ! $already_sorted && $sorted ) { + foreach ( $sorted as $box_context => $ids ) { + foreach ( explode( ',', $ids ) as $id ) { + if ( $id && 'dashboard_browser_nag' !== $id ) { + add_meta_box( $id, null, null, $screen, $box_context, 'sorted' ); + } + } + } + } + + $already_sorted = true; + + $i = 0; + + if ( isset( $wp_meta_boxes[ $page ][ $context ] ) ) { + foreach ( array( 'high', 'sorted', 'core', 'default', 'low' ) as $priority ) { + if ( isset( $wp_meta_boxes[ $page ][ $context ][ $priority ] ) ) { + foreach ( (array) $wp_meta_boxes[ $page ][ $context ][ $priority ] as $box ) { + if ( false === $box || ! $box['title'] ) { + continue; + } + + $block_compatible = true; + if ( is_array( $box['args'] ) ) { + // If a meta box is just here for back compat, don't show it in the block editor. + if ( $screen->is_block_editor() && isset( $box['args']['__back_compat_meta_box'] ) && $box['args']['__back_compat_meta_box'] ) { + continue; + } + + if ( isset( $box['args']['__block_editor_compatible_meta_box'] ) ) { + $block_compatible = (bool) $box['args']['__block_editor_compatible_meta_box']; + unset( $box['args']['__block_editor_compatible_meta_box'] ); + } + + // If the meta box is declared as incompatible with the block editor, override the callback function. + if ( ! $block_compatible && $screen->is_block_editor() ) { + $box['old_callback'] = $box['callback']; + $box['callback'] = 'do_block_editor_incompatible_meta_box'; + } + + if ( isset( $box['args']['__back_compat_meta_box'] ) ) { + $block_compatible = $block_compatible || (bool) $box['args']['__back_compat_meta_box']; + unset( $box['args']['__back_compat_meta_box'] ); + } + } + + ++$i; + // get_hidden_meta_boxes() doesn't apply in the block editor. + $hidden_class = ( ! $screen->is_block_editor() && in_array( $box['id'], $hidden, true ) ) ? ' hide-if-js' : ''; + echo '<div id="' . $box['id'] . '" class="postbox ' . postbox_classes( $box['id'], $page ) . $hidden_class . '" ' . '>' . "\n"; + + echo '<div class="postbox-header">'; + echo '<h2 class="hndle">'; + if ( 'dashboard_php_nag' === $box['id'] ) { + echo '<span aria-hidden="true" class="dashicons dashicons-warning"></span>'; + echo '<span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Warning:' ) . + ' </span>'; + } + echo $box['title']; + echo "</h2>\n"; + + if ( 'dashboard_browser_nag' !== $box['id'] ) { + $widget_title = $box['title']; + + if ( is_array( $box['args'] ) && isset( $box['args']['__widget_basename'] ) ) { + $widget_title = $box['args']['__widget_basename']; + // Do not pass this parameter to the user callback function. + unset( $box['args']['__widget_basename'] ); + } + + echo '<div class="handle-actions hide-if-no-js">'; + + echo '<button type="button" class="handle-order-higher" aria-disabled="false" aria-describedby="' . $box['id'] . '-handle-order-higher-description">'; + echo '<span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Move up' ) . + '</span>'; + echo '<span class="order-higher-indicator" aria-hidden="true"></span>'; + echo '</button>'; + echo '<span class="hidden" id="' . $box['id'] . '-handle-order-higher-description">' . sprintf( + /* translators: %s: Meta box title. */ + __( 'Move %s box up' ), + $widget_title + ) . '</span>'; + + echo '<button type="button" class="handle-order-lower" aria-disabled="false" aria-describedby="' . $box['id'] . '-handle-order-lower-description">'; + echo '<span class="screen-reader-text">' . + /* translators: Hidden accessibility text. */ + __( 'Move down' ) . + '</span>'; + echo '<span class="order-lower-indicator" aria-hidden="true"></span>'; + echo '</button>'; + echo '<span class="hidden" id="' . $box['id'] . '-handle-order-lower-description">' . sprintf( + /* translators: %s: Meta box title. */ + __( 'Move %s box down' ), + $widget_title + ) . '</span>'; + + echo '<button type="button" class="handlediv" aria-expanded="true">'; + echo '<span class="screen-reader-text">' . sprintf( + /* translators: %s: Hidden accessibility text. Meta box title. */ + __( 'Toggle panel: %s' ), + $widget_title + ) . '</span>'; + echo '<span class="toggle-indicator" aria-hidden="true"></span>'; + echo '</button>'; + + echo '</div>'; + } + echo '</div>'; + + echo '<div class="inside">' . "\n"; + + if ( WP_DEBUG && ! $block_compatible && 'edit' === $screen->parent_base && ! $screen->is_block_editor() && ! isset( $_GET['meta-box-loader'] ) ) { + $plugin = _get_plugin_from_callback( $box['callback'] ); + if ( $plugin ) { + $meta_box_not_compatible_message = sprintf( + /* translators: %s: The name of the plugin that generated this meta box. */ + __( 'This meta box, from the %s plugin, is not compatible with the block editor.' ), + "<strong>{$plugin['Name']}</strong>" + ); + wp_admin_notice( + $meta_box_not_compatible_message, + array( + 'additional_classes' => array( 'error', 'inline' ), + ) + ); + } + } + + call_user_func( $box['callback'], $data_object, $box ); + echo "</div>\n"; + echo "</div>\n"; + } + } + } + } + + echo '</div>'; + + return $i; +} + +/** + * Removes a meta box from one or more screens. + * + * @since 2.6.0 + * @since 4.4.0 The `$screen` parameter now accepts an array of screen IDs. + * + * @global array $wp_meta_boxes + * + * @param string $id Meta box ID (used in the 'id' attribute for the meta box). + * @param string|array|WP_Screen $screen The screen or screens on which the meta box is shown (such as a + * post type, 'link', or 'comment'). Accepts a single screen ID, + * WP_Screen object, or array of screen IDs. + * @param string $context The context within the screen where the box is set to display. + * Contexts vary from screen to screen. Post edit screen contexts + * include 'normal', 'side', and 'advanced'. Comments screen contexts + * include 'normal' and 'side'. Menus meta boxes (accordion sections) + * all use the 'side' context. + */ +function remove_meta_box( $id, $screen, $context ) { + global $wp_meta_boxes; + + if ( empty( $screen ) ) { + $screen = get_current_screen(); + } elseif ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } elseif ( is_array( $screen ) ) { + foreach ( $screen as $single_screen ) { + remove_meta_box( $id, $single_screen, $context ); + } + } + + if ( ! isset( $screen->id ) ) { + return; + } + + $page = $screen->id; + + if ( ! isset( $wp_meta_boxes ) ) { + $wp_meta_boxes = array(); + } + if ( ! isset( $wp_meta_boxes[ $page ] ) ) { + $wp_meta_boxes[ $page ] = array(); + } + if ( ! isset( $wp_meta_boxes[ $page ][ $context ] ) ) { + $wp_meta_boxes[ $page ][ $context ] = array(); + } + + foreach ( array( 'high', 'core', 'default', 'low' ) as $priority ) { + $wp_meta_boxes[ $page ][ $context ][ $priority ][ $id ] = false; + } +} + +/** + * Meta Box Accordion Template Function. + * + * Largely made up of abstracted code from do_meta_boxes(), this + * function serves to build meta boxes as list items for display as + * a collapsible accordion. + * + * @since 3.6.0 + * + * @uses global $wp_meta_boxes Used to retrieve registered meta boxes. + * + * @param string|object $screen The screen identifier. + * @param string $context The screen context for which to display accordion sections. + * @param mixed $data_object Gets passed to the section callback function as the first parameter. + * @return int Number of meta boxes as accordion sections. + */ +function do_accordion_sections( $screen, $context, $data_object ) { + global $wp_meta_boxes; + + wp_enqueue_script( 'accordion' ); + + if ( empty( $screen ) ) { + $screen = get_current_screen(); + } elseif ( is_string( $screen ) ) { + $screen = convert_to_screen( $screen ); + } + + $page = $screen->id; + + $hidden = get_hidden_meta_boxes( $screen ); + ?> + <div id="side-sortables" class="accordion-container"> + <ul class="outer-border"> + <?php + $i = 0; + $first_open = false; + + if ( isset( $wp_meta_boxes[ $page ][ $context ] ) ) { + foreach ( array( 'high', 'core', 'default', 'low' ) as $priority ) { + if ( isset( $wp_meta_boxes[ $page ][ $context ][ $priority ] ) ) { + foreach ( $wp_meta_boxes[ $page ][ $context ][ $priority ] as $box ) { + if ( false === $box || ! $box['title'] ) { + continue; + } + + ++$i; + $hidden_class = in_array( $box['id'], $hidden, true ) ? 'hide-if-js' : ''; + + $open_class = ''; + if ( ! $first_open && empty( $hidden_class ) ) { + $first_open = true; + $open_class = 'open'; + } + ?> + <li class="control-section accordion-section <?php echo $hidden_class; ?> <?php echo $open_class; ?> <?php echo esc_attr( $box['id'] ); ?>" id="<?php echo esc_attr( $box['id'] ); ?>"> + <h3 class="accordion-section-title hndle" tabindex="0"> + <?php echo esc_html( $box['title'] ); ?> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Press return or enter to open this section' ); + ?> + </span> + </h3> + <div class="accordion-section-content <?php postbox_classes( $box['id'], $page ); ?>"> + <div class="inside"> + <?php call_user_func( $box['callback'], $data_object, $box ); ?> + </div><!-- .inside --> + </div><!-- .accordion-section-content --> + </li><!-- .accordion-section --> + <?php + } + } + } + } + ?> + </ul><!-- .outer-border --> + </div><!-- .accordion-container --> + <?php + return $i; +} + +/** + * Adds a new section to a settings page. + * + * Part of the Settings API. Use this to define new settings sections for an admin page. + * Show settings sections in your admin page callback function with do_settings_sections(). + * Add settings fields to your section with add_settings_field(). + * + * The $callback argument should be the name of a function that echoes out any + * content you want to show at the top of the settings section before the actual + * fields. It can output nothing if you want. + * + * @since 2.7.0 + * @since 6.1.0 Added an `$args` parameter for the section's HTML wrapper and class name. + * + * @global array $wp_settings_sections Storage array of all settings sections added to admin pages. + * + * @param string $id Slug-name to identify the section. Used in the 'id' attribute of tags. + * @param string $title Formatted title of the section. Shown as the heading for the section. + * @param callable $callback Function that echos out any content at the top of the section (between heading and fields). + * @param string $page The slug-name of the settings page on which to show the section. Built-in pages include + * 'general', 'reading', 'writing', 'discussion', 'media', etc. Create your own using + * add_options_page(); + * @param array $args { + * Arguments used to create the settings section. + * + * @type string $before_section HTML content to prepend to the section's HTML output. + * Receives the section's class name as `%s`. Default empty. + * @type string $after_section HTML content to append to the section's HTML output. Default empty. + * @type string $section_class The class name to use for the section. Default empty. + * } + */ +function add_settings_section( $id, $title, $callback, $page, $args = array() ) { + global $wp_settings_sections; + + $defaults = array( + 'id' => $id, + 'title' => $title, + 'callback' => $callback, + 'before_section' => '', + 'after_section' => '', + 'section_class' => '', + ); + + $section = wp_parse_args( $args, $defaults ); + + if ( 'misc' === $page ) { + _deprecated_argument( + __FUNCTION__, + '3.0.0', + sprintf( + /* translators: %s: misc */ + __( 'The "%s" options group has been removed. Use another settings group.' ), + 'misc' + ) + ); + $page = 'general'; + } + + if ( 'privacy' === $page ) { + _deprecated_argument( + __FUNCTION__, + '3.5.0', + sprintf( + /* translators: %s: privacy */ + __( 'The "%s" options group has been removed. Use another settings group.' ), + 'privacy' + ) + ); + $page = 'reading'; + } + + $wp_settings_sections[ $page ][ $id ] = $section; +} + +/** + * Adds a new field to a section of a settings page. + * + * Part of the Settings API. Use this to define a settings field that will show + * as part of a settings section inside a settings page. The fields are shown using + * do_settings_fields() in do_settings_sections(). + * + * The $callback argument should be the name of a function that echoes out the + * HTML input tags for this setting field. Use get_option() to retrieve existing + * values to show. + * + * @since 2.7.0 + * @since 4.2.0 The `$class` argument was added. + * + * @global array $wp_settings_fields Storage array of settings fields and info about their pages/sections. + * + * @param string $id Slug-name to identify the field. Used in the 'id' attribute of tags. + * @param string $title Formatted title of the field. Shown as the label for the field + * during output. + * @param callable $callback Function that fills the field with the desired form inputs. The + * function should echo its output. + * @param string $page The slug-name of the settings page on which to show the section + * (general, reading, writing, ...). + * @param string $section Optional. The slug-name of the section of the settings page + * in which to show the box. Default 'default'. + * @param array $args { + * Optional. Extra arguments that get passed to the callback function. + * + * @type string $label_for When supplied, the setting title will be wrapped + * in a `<label>` element, its `for` attribute populated + * with this value. + * @type string $class CSS Class to be added to the `<tr>` element when the + * field is output. + * } + */ +function add_settings_field( $id, $title, $callback, $page, $section = 'default', $args = array() ) { + global $wp_settings_fields; + + if ( 'misc' === $page ) { + _deprecated_argument( + __FUNCTION__, + '3.0.0', + sprintf( + /* translators: %s: misc */ + __( 'The "%s" options group has been removed. Use another settings group.' ), + 'misc' + ) + ); + $page = 'general'; + } + + if ( 'privacy' === $page ) { + _deprecated_argument( + __FUNCTION__, + '3.5.0', + sprintf( + /* translators: %s: privacy */ + __( 'The "%s" options group has been removed. Use another settings group.' ), + 'privacy' + ) + ); + $page = 'reading'; + } + + $wp_settings_fields[ $page ][ $section ][ $id ] = array( + 'id' => $id, + 'title' => $title, + 'callback' => $callback, + 'args' => $args, + ); +} + +/** + * Prints out all settings sections added to a particular settings page. + * + * Part of the Settings API. Use this in a settings page callback function + * to output all the sections and fields that were added to that $page with + * add_settings_section() and add_settings_field() + * + * @global array $wp_settings_sections Storage array of all settings sections added to admin pages. + * @global array $wp_settings_fields Storage array of settings fields and info about their pages/sections. + * @since 2.7.0 + * + * @param string $page The slug name of the page whose settings sections you want to output. + */ +function do_settings_sections( $page ) { + global $wp_settings_sections, $wp_settings_fields; + + if ( ! isset( $wp_settings_sections[ $page ] ) ) { + return; + } + + foreach ( (array) $wp_settings_sections[ $page ] as $section ) { + if ( '' !== $section['before_section'] ) { + if ( '' !== $section['section_class'] ) { + echo wp_kses_post( sprintf( $section['before_section'], esc_attr( $section['section_class'] ) ) ); + } else { + echo wp_kses_post( $section['before_section'] ); + } + } + + if ( $section['title'] ) { + echo "<h2>{$section['title']}</h2>\n"; + } + + if ( $section['callback'] ) { + call_user_func( $section['callback'], $section ); + } + + if ( ! isset( $wp_settings_fields ) || ! isset( $wp_settings_fields[ $page ] ) || ! isset( $wp_settings_fields[ $page ][ $section['id'] ] ) ) { + continue; + } + echo '<table class="form-table" role="presentation">'; + do_settings_fields( $page, $section['id'] ); + echo '</table>'; + + if ( '' !== $section['after_section'] ) { + echo wp_kses_post( $section['after_section'] ); + } + } +} + +/** + * Prints out the settings fields for a particular settings section. + * + * Part of the Settings API. Use this in a settings page to output + * a specific section. Should normally be called by do_settings_sections() + * rather than directly. + * + * @global array $wp_settings_fields Storage array of settings fields and their pages/sections. + * + * @since 2.7.0 + * + * @param string $page Slug title of the admin page whose settings fields you want to show. + * @param string $section Slug title of the settings section whose fields you want to show. + */ +function do_settings_fields( $page, $section ) { + global $wp_settings_fields; + + if ( ! isset( $wp_settings_fields[ $page ][ $section ] ) ) { + return; + } + + foreach ( (array) $wp_settings_fields[ $page ][ $section ] as $field ) { + $class = ''; + + if ( ! empty( $field['args']['class'] ) ) { + $class = ' class="' . esc_attr( $field['args']['class'] ) . '"'; + } + + echo "<tr{$class}>"; + + if ( ! empty( $field['args']['label_for'] ) ) { + echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . $field['title'] . '</label></th>'; + } else { + echo '<th scope="row">' . $field['title'] . '</th>'; + } + + echo '<td>'; + call_user_func( $field['callback'], $field['args'] ); + echo '</td>'; + echo '</tr>'; + } +} + +/** + * Registers a settings error to be displayed to the user. + * + * Part of the Settings API. Use this to show messages to users about settings validation + * problems, missing settings or anything else. + * + * Settings errors should be added inside the $sanitize_callback function defined in + * register_setting() for a given setting to give feedback about the submission. + * + * By default messages will show immediately after the submission that generated the error. + * Additional calls to settings_errors() can be used to show errors even when the settings + * page is first accessed. + * + * @since 3.0.0 + * @since 5.3.0 Added `warning` and `info` as possible values for `$type`. + * + * @global array[] $wp_settings_errors Storage array of errors registered during this pageload + * + * @param string $setting Slug title of the setting to which this error applies. + * @param string $code Slug-name to identify the error. Used as part of 'id' attribute in HTML output. + * @param string $message The formatted message text to display to the user (will be shown inside styled + * `<div>` and `<p>` tags). + * @param string $type Optional. Message type, controls HTML class. Possible values include 'error', + * 'success', 'warning', 'info'. Default 'error'. + */ +function add_settings_error( $setting, $code, $message, $type = 'error' ) { + global $wp_settings_errors; + + $wp_settings_errors[] = array( + 'setting' => $setting, + 'code' => $code, + 'message' => $message, + 'type' => $type, + ); +} + +/** + * Fetches settings errors registered by add_settings_error(). + * + * Checks the $wp_settings_errors array for any errors declared during the current + * pageload and returns them. + * + * If changes were just submitted ($_GET['settings-updated']) and settings errors were saved + * to the 'settings_errors' transient then those errors will be returned instead. This + * is used to pass errors back across pageloads. + * + * Use the $sanitize argument to manually re-sanitize the option before returning errors. + * This is useful if you have errors or notices you want to show even when the user + * hasn't submitted data (i.e. when they first load an options page, or in the {@see 'admin_notices'} + * action hook). + * + * @since 3.0.0 + * + * @global array[] $wp_settings_errors Storage array of errors registered during this pageload + * + * @param string $setting Optional. Slug title of a specific setting whose errors you want. + * @param bool $sanitize Optional. Whether to re-sanitize the setting value before returning errors. + * @return array[] { + * Array of settings error arrays. + * + * @type array ...$0 { + * Associative array of setting error data. + * + * @type string $setting Slug title of the setting to which this error applies. + * @type string $code Slug-name to identify the error. Used as part of 'id' attribute in HTML output. + * @type string $message The formatted message text to display to the user (will be shown inside styled + * `<div>` and `<p>` tags). + * @type string $type Optional. Message type, controls HTML class. Possible values include 'error', + * 'success', 'warning', 'info'. Default 'error'. + * } + * } + */ +function get_settings_errors( $setting = '', $sanitize = false ) { + global $wp_settings_errors; + + /* + * If $sanitize is true, manually re-run the sanitization for this option + * This allows the $sanitize_callback from register_setting() to run, adding + * any settings errors you want to show by default. + */ + if ( $sanitize ) { + sanitize_option( $setting, get_option( $setting ) ); + } + + // If settings were passed back from options.php then use them. + if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] && get_transient( 'settings_errors' ) ) { + $wp_settings_errors = array_merge( (array) $wp_settings_errors, get_transient( 'settings_errors' ) ); + delete_transient( 'settings_errors' ); + } + + // Check global in case errors have been added on this pageload. + if ( empty( $wp_settings_errors ) ) { + return array(); + } + + // Filter the results to those of a specific setting if one was set. + if ( $setting ) { + $setting_errors = array(); + + foreach ( (array) $wp_settings_errors as $key => $details ) { + if ( $setting === $details['setting'] ) { + $setting_errors[] = $wp_settings_errors[ $key ]; + } + } + + return $setting_errors; + } + + return $wp_settings_errors; +} + +/** + * Displays settings errors registered by add_settings_error(). + * + * Part of the Settings API. Outputs a div for each error retrieved by + * get_settings_errors(). + * + * This is called automatically after a settings page based on the + * Settings API is submitted. Errors should be added during the validation + * callback function for a setting defined in register_setting(). + * + * The $sanitize option is passed into get_settings_errors() and will + * re-run the setting sanitization + * on its current value. + * + * The $hide_on_update option will cause errors to only show when the settings + * page is first loaded. if the user has already saved new values it will be + * hidden to avoid repeating messages already shown in the default error + * reporting after submission. This is useful to show general errors like + * missing settings when the user arrives at the settings page. + * + * @since 3.0.0 + * @since 5.3.0 Legacy `error` and `updated` CSS classes are mapped to + * `notice-error` and `notice-success`. + * + * @param string $setting Optional slug title of a specific setting whose errors you want. + * @param bool $sanitize Whether to re-sanitize the setting value before returning errors. + * @param bool $hide_on_update If set to true errors will not be shown if the settings page has + * already been submitted. + */ +function settings_errors( $setting = '', $sanitize = false, $hide_on_update = false ) { + + if ( $hide_on_update && ! empty( $_GET['settings-updated'] ) ) { + return; + } + + $settings_errors = get_settings_errors( $setting, $sanitize ); + + if ( empty( $settings_errors ) ) { + return; + } + + $output = ''; + + foreach ( $settings_errors as $key => $details ) { + if ( 'updated' === $details['type'] ) { + $details['type'] = 'success'; + } + + if ( in_array( $details['type'], array( 'error', 'success', 'warning', 'info' ), true ) ) { + $details['type'] = 'notice-' . $details['type']; + } + + $css_id = sprintf( + 'setting-error-%s', + esc_attr( $details['code'] ) + ); + $css_class = sprintf( + 'notice %s settings-error is-dismissible', + esc_attr( $details['type'] ) + ); + + $output .= "<div id='$css_id' class='$css_class'> \n"; + $output .= "<p><strong>{$details['message']}</strong></p>"; + $output .= "</div> \n"; + } + + echo $output; +} + +/** + * Outputs the modal window used for attaching media to posts or pages in the media-listing screen. + * + * @since 2.7.0 + * + * @param string $found_action Optional. The value of the 'found_action' input field. Default empty string. + */ +function find_posts_div( $found_action = '' ) { + ?> + <div id="find-posts" class="find-box" style="display: none;"> + <div id="find-posts-head" class="find-box-head"> + <?php _e( 'Attach to existing content' ); ?> + <button type="button" id="find-posts-close"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Close media attachment panel' ); + ?> + </span></button> + </div> + <div class="find-box-inside"> + <div class="find-box-search"> + <?php if ( $found_action ) { ?> + <input type="hidden" name="found_action" value="<?php echo esc_attr( $found_action ); ?>" /> + <?php } ?> + <input type="hidden" name="affected" id="affected" value="" /> + <?php wp_nonce_field( 'find-posts', '_ajax_nonce', false ); ?> + <label class="screen-reader-text" for="find-posts-input"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search' ); + ?> + </label> + <input type="text" id="find-posts-input" name="ps" value="" /> + <span class="spinner"></span> + <input type="button" id="find-posts-search" value="<?php esc_attr_e( 'Search' ); ?>" class="button" /> + <div class="clear"></div> + </div> + <div id="find-posts-response"></div> + </div> + <div class="find-box-buttons"> + <?php submit_button( __( 'Select' ), 'primary alignright', 'find-posts-submit', false ); ?> + <div class="clear"></div> + </div> + </div> + <?php +} + +/** + * Displays the post password. + * + * The password is passed through esc_attr() to ensure that it is safe for placing in an HTML attribute. + * + * @since 2.7.0 + */ +function the_post_password() { + $post = get_post(); + if ( isset( $post->post_password ) ) { + echo esc_attr( $post->post_password ); + } +} + +/** + * Gets the post title. + * + * The post title is fetched and if it is blank then a default string is + * returned. + * + * @since 2.7.0 + * + * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global $post. + * @return string The post title if set. + */ +function _draft_or_post_title( $post = 0 ) { + $title = get_the_title( $post ); + if ( empty( $title ) ) { + $title = __( '(no title)' ); + } + return esc_html( $title ); +} + +/** + * Displays the search query. + * + * A simple wrapper to display the "s" parameter in a `GET` URI. This function + * should only be used when the_search_query() cannot. + * + * @since 2.7.0 + */ +function _admin_search_query() { + echo isset( $_REQUEST['s'] ) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : ''; +} + +/** + * Generic Iframe header for use with Thickbox. + * + * @since 2.7.0 + * + * @global string $hook_suffix + * @global string $admin_body_class + * @global WP_Locale $wp_locale WordPress date and time locale object. + * + * @param string $title Optional. Title of the Iframe page. Default empty. + * @param bool $deprecated Not used. + */ +function iframe_header( $title = '', $deprecated = false ) { + show_admin_bar( false ); + global $hook_suffix, $admin_body_class, $wp_locale; + $admin_body_class = preg_replace( '/[^a-z0-9_-]+/i', '-', $hook_suffix ); + + $current_screen = get_current_screen(); + + header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); + _wp_admin_html_begin(); + ?> +<title><?php bloginfo( 'name' ); ?> › <?php echo $title; ?> — <?php _e( 'WordPress' ); ?></title> + <?php + wp_enqueue_style( 'colors' ); + ?> +<script type="text/javascript"> +addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(function(){func();});else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; +function tb_close(){var win=window.dialogArguments||opener||parent||top;win.tb_remove();} +var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', + pagenow = '<?php echo esc_js( $current_screen->id ); ?>', + typenow = '<?php echo esc_js( $current_screen->post_type ); ?>', + adminpage = '<?php echo esc_js( $admin_body_class ); ?>', + thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>', + decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>', + isRtl = <?php echo (int) is_rtl(); ?>; +</script> + <?php + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_enqueue_scripts', $hook_suffix ); + + /** This action is documented in wp-admin/admin-header.php */ + do_action( "admin_print_styles-{$hook_suffix}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_print_styles' ); + + /** This action is documented in wp-admin/admin-header.php */ + do_action( "admin_print_scripts-{$hook_suffix}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_print_scripts' ); + + /** This action is documented in wp-admin/admin-header.php */ + do_action( "admin_head-{$hook_suffix}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-header.php */ + do_action( 'admin_head' ); + + $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_user_locale() ) ) ); + + if ( is_rtl() ) { + $admin_body_class .= ' rtl'; + } + + ?> +</head> + <?php + /** + * @global string $body_id + */ + $admin_body_id = isset( $GLOBALS['body_id'] ) ? 'id="' . $GLOBALS['body_id'] . '" ' : ''; + + /** This filter is documented in wp-admin/admin-header.php */ + $admin_body_classes = apply_filters( 'admin_body_class', '' ); + $admin_body_classes = ltrim( $admin_body_classes . ' ' . $admin_body_class ); + ?> +<body <?php echo $admin_body_id; ?>class="wp-admin wp-core-ui no-js iframe <?php echo esc_attr( $admin_body_classes ); ?>"> +<script type="text/javascript"> +(function(){ +var c = document.body.className; +c = c.replace(/no-js/, 'js'); +document.body.className = c; +})(); +</script> + <?php +} + +/** + * Generic Iframe footer for use with Thickbox. + * + * @since 2.7.0 + */ +function iframe_footer() { + /* + * We're going to hide any footer output on iFrame pages, + * but run the hooks anyway since they output JavaScript + * or other needed content. + */ + + /** + * @global string $hook_suffix + */ + global $hook_suffix; + ?> + <div class="hidden"> + <?php + /** This action is documented in wp-admin/admin-footer.php */ + do_action( 'admin_footer', $hook_suffix ); + + /** This action is documented in wp-admin/admin-footer.php */ + do_action( "admin_print_footer_scripts-{$hook_suffix}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + /** This action is documented in wp-admin/admin-footer.php */ + do_action( 'admin_print_footer_scripts' ); + ?> + </div> +<script type="text/javascript">if(typeof wpOnload==='function')wpOnload();</script> +</body> +</html> + <?php +} + +/** + * Echoes or returns the post states as HTML. + * + * @since 2.7.0 + * @since 5.3.0 Added the `$display` parameter and a return value. + * + * @see get_post_states() + * + * @param WP_Post $post The post to retrieve states for. + * @param bool $display Optional. Whether to display the post states as an HTML string. + * Default true. + * @return string Post states string. + */ +function _post_states( $post, $display = true ) { + $post_states = get_post_states( $post ); + $post_states_string = ''; + + if ( ! empty( $post_states ) ) { + $state_count = count( $post_states ); + + $i = 0; + + $post_states_string .= ' — '; + + foreach ( $post_states as $state ) { + ++$i; + + $separator = ( $i < $state_count ) ? ', ' : ''; + + $post_states_string .= "<span class='post-state'>{$state}{$separator}</span>"; + } + } + + if ( $display ) { + echo $post_states_string; + } + + return $post_states_string; +} + +/** + * Retrieves an array of post states from a post. + * + * @since 5.3.0 + * + * @param WP_Post $post The post to retrieve states for. + * @return string[] Array of post state labels keyed by their state. + */ +function get_post_states( $post ) { + $post_states = array(); + + if ( isset( $_REQUEST['post_status'] ) ) { + $post_status = $_REQUEST['post_status']; + } else { + $post_status = ''; + } + + if ( ! empty( $post->post_password ) ) { + $post_states['protected'] = _x( 'Password protected', 'post status' ); + } + + if ( 'private' === $post->post_status && 'private' !== $post_status ) { + $post_states['private'] = _x( 'Private', 'post status' ); + } + + if ( 'draft' === $post->post_status ) { + if ( get_post_meta( $post->ID, '_customize_changeset_uuid', true ) ) { + $post_states[] = __( 'Customization Draft' ); + } elseif ( 'draft' !== $post_status ) { + $post_states['draft'] = _x( 'Draft', 'post status' ); + } + } elseif ( 'trash' === $post->post_status && get_post_meta( $post->ID, '_customize_changeset_uuid', true ) ) { + $post_states[] = _x( 'Customization Draft', 'post status' ); + } + + if ( 'pending' === $post->post_status && 'pending' !== $post_status ) { + $post_states['pending'] = _x( 'Pending', 'post status' ); + } + + if ( is_sticky( $post->ID ) ) { + $post_states['sticky'] = _x( 'Sticky', 'post status' ); + } + + if ( 'future' === $post->post_status ) { + $post_states['scheduled'] = _x( 'Scheduled', 'post status' ); + } + + if ( 'page' === get_option( 'show_on_front' ) ) { + if ( (int) get_option( 'page_on_front' ) === $post->ID ) { + $post_states['page_on_front'] = _x( 'Front Page', 'page label' ); + } + + if ( (int) get_option( 'page_for_posts' ) === $post->ID ) { + $post_states['page_for_posts'] = _x( 'Posts Page', 'page label' ); + } + } + + if ( (int) get_option( 'wp_page_for_privacy_policy' ) === $post->ID ) { + $post_states['page_for_privacy_policy'] = _x( 'Privacy Policy Page', 'page label' ); + } + + /** + * Filters the default post display states used in the posts list table. + * + * @since 2.8.0 + * @since 3.6.0 Added the `$post` parameter. + * @since 5.5.0 Also applied in the Customizer context. If any admin functions + * are used within the filter, their existence should be checked + * with `function_exists()` before being used. + * + * @param string[] $post_states An array of post display states. + * @param WP_Post $post The current post object. + */ + return apply_filters( 'display_post_states', $post_states, $post ); +} + +/** + * Outputs the attachment media states as HTML. + * + * @since 3.2.0 + * @since 5.6.0 Added the `$display` parameter and a return value. + * + * @param WP_Post $post The attachment post to retrieve states for. + * @param bool $display Optional. Whether to display the post states as an HTML string. + * Default true. + * @return string Media states string. + */ +function _media_states( $post, $display = true ) { + $media_states = get_media_states( $post ); + $media_states_string = ''; + + if ( ! empty( $media_states ) ) { + $state_count = count( $media_states ); + + $i = 0; + + $media_states_string .= ' — '; + + foreach ( $media_states as $state ) { + ++$i; + + $separator = ( $i < $state_count ) ? ', ' : ''; + + $media_states_string .= "<span class='post-state'>{$state}{$separator}</span>"; + } + } + + if ( $display ) { + echo $media_states_string; + } + + return $media_states_string; +} + +/** + * Retrieves an array of media states from an attachment. + * + * @since 5.6.0 + * + * @param WP_Post $post The attachment to retrieve states for. + * @return string[] Array of media state labels keyed by their state. + */ +function get_media_states( $post ) { + static $header_images; + + $media_states = array(); + $stylesheet = get_option( 'stylesheet' ); + + if ( current_theme_supports( 'custom-header' ) ) { + $meta_header = get_post_meta( $post->ID, '_wp_attachment_is_custom_header', true ); + + if ( is_random_header_image() ) { + if ( ! isset( $header_images ) ) { + $header_images = wp_list_pluck( get_uploaded_header_images(), 'attachment_id' ); + } + + if ( $meta_header === $stylesheet && in_array( $post->ID, $header_images, true ) ) { + $media_states[] = __( 'Header Image' ); + } + } else { + $header_image = get_header_image(); + + // Display "Header Image" if the image was ever used as a header image. + if ( ! empty( $meta_header ) && $meta_header === $stylesheet && wp_get_attachment_url( $post->ID ) !== $header_image ) { + $media_states[] = __( 'Header Image' ); + } + + // Display "Current Header Image" if the image is currently the header image. + if ( $header_image && wp_get_attachment_url( $post->ID ) === $header_image ) { + $media_states[] = __( 'Current Header Image' ); + } + } + + if ( get_theme_support( 'custom-header', 'video' ) && has_header_video() ) { + $mods = get_theme_mods(); + if ( isset( $mods['header_video'] ) && $post->ID === $mods['header_video'] ) { + $media_states[] = __( 'Current Header Video' ); + } + } + } + + if ( current_theme_supports( 'custom-background' ) ) { + $meta_background = get_post_meta( $post->ID, '_wp_attachment_is_custom_background', true ); + + if ( ! empty( $meta_background ) && $meta_background === $stylesheet ) { + $media_states[] = __( 'Background Image' ); + + $background_image = get_background_image(); + if ( $background_image && wp_get_attachment_url( $post->ID ) === $background_image ) { + $media_states[] = __( 'Current Background Image' ); + } + } + } + + if ( (int) get_option( 'site_icon' ) === $post->ID ) { + $media_states[] = __( 'Site Icon' ); + } + + if ( (int) get_theme_mod( 'custom_logo' ) === $post->ID ) { + $media_states[] = __( 'Logo' ); + } + + /** + * Filters the default media display states for items in the Media list table. + * + * @since 3.2.0 + * @since 4.8.0 Added the `$post` parameter. + * + * @param string[] $media_states An array of media states. Default 'Header Image', + * 'Background Image', 'Site Icon', 'Logo'. + * @param WP_Post $post The current attachment object. + */ + return apply_filters( 'display_media_states', $media_states, $post ); +} + +/** + * Tests support for compressing JavaScript from PHP. + * + * Outputs JavaScript that tests if compression from PHP works as expected + * and sets an option with the result. Has no effect when the current user + * is not an administrator. To run the test again the option 'can_compress_scripts' + * has to be deleted. + * + * @since 2.8.0 + */ +function compression_test() { + ?> + <script type="text/javascript"> + var compressionNonce = <?php echo wp_json_encode( wp_create_nonce( 'update_can_compress_scripts' ) ); ?>; + var testCompression = { + get : function(test) { + var x; + if ( window.XMLHttpRequest ) { + x = new XMLHttpRequest(); + } else { + try{x=new ActiveXObject('Msxml2.XMLHTTP');}catch(e){try{x=new ActiveXObject('Microsoft.XMLHTTP');}catch(e){};} + } + + if (x) { + x.onreadystatechange = function() { + var r, h; + if ( x.readyState == 4 ) { + r = x.responseText.substr(0, 18); + h = x.getResponseHeader('Content-Encoding'); + testCompression.check(r, h, test); + } + }; + + x.open('GET', ajaxurl + '?action=wp-compression-test&test='+test+'&_ajax_nonce='+compressionNonce+'&'+(new Date()).getTime(), true); + x.send(''); + } + }, + + check : function(r, h, test) { + if ( ! r && ! test ) + this.get(1); + + if ( 1 == test ) { + if ( h && ( h.match(/deflate/i) || h.match(/gzip/i) ) ) + this.get('no'); + else + this.get(2); + + return; + } + + if ( 2 == test ) { + if ( '"wpCompressionTest' === r ) + this.get('yes'); + else + this.get('no'); + } + } + }; + testCompression.check(); + </script> + <?php +} + +/** + * Echoes a submit button, with provided text and appropriate class(es). + * + * @since 3.1.0 + * + * @see get_submit_button() + * + * @param string $text The text of the button (defaults to 'Save Changes') + * @param string $type Optional. The type and CSS class(es) of the button. Core values + * include 'primary', 'small', and 'large'. Default 'primary'. + * @param string $name The HTML name of the submit button. Defaults to "submit". If no + * id attribute is given in $other_attributes below, $name will be + * used as the button's id. + * @param bool $wrap True if the output button should be wrapped in a paragraph tag, + * false otherwise. Defaults to true. + * @param array|string $other_attributes Other attributes that should be output with the button, mapping + * attributes to their values, such as setting tabindex to 1, etc. + * These key/value attribute pairs will be output as attribute="value", + * where attribute is the key. Other attributes can also be provided + * as a string such as 'tabindex="1"', though the array format is + * preferred. Default null. + */ +function submit_button( $text = null, $type = 'primary', $name = 'submit', $wrap = true, $other_attributes = null ) { + echo get_submit_button( $text, $type, $name, $wrap, $other_attributes ); +} + +/** + * Returns a submit button, with provided text and appropriate class. + * + * @since 3.1.0 + * + * @param string $text Optional. The text of the button. Default 'Save Changes'. + * @param string $type Optional. The type and CSS class(es) of the button. Core values + * include 'primary', 'small', and 'large'. Default 'primary large'. + * @param string $name Optional. The HTML name of the submit button. Defaults to "submit". + * If no id attribute is given in $other_attributes below, `$name` will + * be used as the button's id. Default 'submit'. + * @param bool $wrap Optional. True if the output button should be wrapped in a paragraph + * tag, false otherwise. Default true. + * @param array|string $other_attributes Optional. Other attributes that should be output with the button, + * mapping attributes to their values, such as `array( 'tabindex' => '1' )`. + * These attributes will be output as `attribute="value"`, such as + * `tabindex="1"`. Other attributes can also be provided as a string such + * as `tabindex="1"`, though the array format is typically cleaner. + * Default empty. + * @return string Submit button HTML. + */ +function get_submit_button( $text = '', $type = 'primary large', $name = 'submit', $wrap = true, $other_attributes = '' ) { + if ( ! is_array( $type ) ) { + $type = explode( ' ', $type ); + } + + $button_shorthand = array( 'primary', 'small', 'large' ); + $classes = array( 'button' ); + + foreach ( $type as $t ) { + if ( 'secondary' === $t || 'button-secondary' === $t ) { + continue; + } + + $classes[] = in_array( $t, $button_shorthand, true ) ? 'button-' . $t : $t; + } + + // Remove empty items, remove duplicate items, and finally build a string. + $class = implode( ' ', array_unique( array_filter( $classes ) ) ); + + $text = $text ? $text : __( 'Save Changes' ); + + // Default the id attribute to $name unless an id was specifically provided in $other_attributes. + $id = $name; + if ( is_array( $other_attributes ) && isset( $other_attributes['id'] ) ) { + $id = $other_attributes['id']; + unset( $other_attributes['id'] ); + } + + $attributes = ''; + if ( is_array( $other_attributes ) ) { + foreach ( $other_attributes as $attribute => $value ) { + $attributes .= $attribute . '="' . esc_attr( $value ) . '" '; // Trailing space is important. + } + } elseif ( ! empty( $other_attributes ) ) { // Attributes provided as a string. + $attributes = $other_attributes; + } + + // Don't output empty name and id attributes. + $name_attr = $name ? ' name="' . esc_attr( $name ) . '"' : ''; + $id_attr = $id ? ' id="' . esc_attr( $id ) . '"' : ''; + + $button = '<input type="submit"' . $name_attr . $id_attr . ' class="' . esc_attr( $class ); + $button .= '" value="' . esc_attr( $text ) . '" ' . $attributes . ' />'; + + if ( $wrap ) { + $button = '<p class="submit">' . $button . '</p>'; + } + + return $button; +} + +/** + * Prints out the beginning of the admin HTML header. + * + * @global bool $is_IE + */ +function _wp_admin_html_begin() { + global $is_IE; + + $admin_html_class = ( is_admin_bar_showing() ) ? 'wp-toolbar' : ''; + + if ( $is_IE ) { + header( 'X-UA-Compatible: IE=edge' ); + } + + ?> +<!DOCTYPE html> +<html class="<?php echo $admin_html_class; ?>" + <?php + /** + * Fires inside the HTML tag in the admin header. + * + * @since 2.2.0 + */ + do_action( 'admin_xml_ns' ); + + language_attributes(); + ?> +> +<head> +<meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php echo get_option( 'blog_charset' ); ?>" /> + <?php +} + +/** + * Converts a screen string to a screen object. + * + * @since 3.0.0 + * + * @param string $hook_name The hook name (also known as the hook suffix) used to determine the screen. + * @return WP_Screen Screen object. + */ +function convert_to_screen( $hook_name ) { + if ( ! class_exists( 'WP_Screen' ) ) { + _doing_it_wrong( + 'convert_to_screen(), add_meta_box()', + sprintf( + /* translators: 1: wp-admin/includes/template.php, 2: add_meta_box(), 3: add_meta_boxes */ + __( 'Likely direct inclusion of %1$s in order to use %2$s. This is very wrong. Hook the %2$s call into the %3$s action instead.' ), + '<code>wp-admin/includes/template.php</code>', + '<code>add_meta_box()</code>', + '<code>add_meta_boxes</code>' + ), + '3.3.0' + ); + return (object) array( + 'id' => '_invalid', + 'base' => '_are_belong_to_us', + ); + } + + return WP_Screen::get( $hook_name ); +} + +/** + * Outputs the HTML for restoring the post data from DOM storage + * + * @since 3.6.0 + * @access private + */ +function _local_storage_notice() { + $local_storage_message = '<p class="local-restore">'; + $local_storage_message .= __( 'The backup of this post in your browser is different from the version below.' ); + $local_storage_message .= '<button type="button" class="button restore-backup">' . __( 'Restore the backup' ) . '</button></p>'; + $local_storage_message .= '<p class="help">'; + $local_storage_message .= __( 'This will replace the current editor content with the last backup version. You can use undo and redo in the editor to get the old content back or to return to the restored version.' ); + $local_storage_message .= '</p>'; + + wp_admin_notice( + $local_storage_message, + array( + 'id' => 'local-storage-notice', + 'additional_classes' => array( 'hidden' ), + 'dismissible' => true, + 'paragraph_wrap' => false, + ) + ); +} + +/** + * Outputs a HTML element with a star rating for a given rating. + * + * Outputs a HTML element with the star rating exposed on a 0..5 scale in + * half star increments (ie. 1, 1.5, 2 stars). Optionally, if specified, the + * number of ratings may also be displayed by passing the $number parameter. + * + * @since 3.8.0 + * @since 4.4.0 Introduced the `echo` parameter. + * + * @param array $args { + * Optional. Array of star ratings arguments. + * + * @type int|float $rating The rating to display, expressed in either a 0.5 rating increment, + * or percentage. Default 0. + * @type string $type Format that the $rating is in. Valid values are 'rating' (default), + * or, 'percent'. Default 'rating'. + * @type int $number The number of ratings that makes up this rating. Default 0. + * @type bool $echo Whether to echo the generated markup. False to return the markup instead + * of echoing it. Default true. + * } + * @return string Star rating HTML. + */ +function wp_star_rating( $args = array() ) { + $defaults = array( + 'rating' => 0, + 'type' => 'rating', + 'number' => 0, + 'echo' => true, + ); + $parsed_args = wp_parse_args( $args, $defaults ); + + // Non-English decimal places when the $rating is coming from a string. + $rating = (float) str_replace( ',', '.', $parsed_args['rating'] ); + + // Convert percentage to star rating, 0..5 in .5 increments. + if ( 'percent' === $parsed_args['type'] ) { + $rating = round( $rating / 10, 0 ) / 2; + } + + // Calculate the number of each type of star needed. + $full_stars = floor( $rating ); + $half_stars = ceil( $rating - $full_stars ); + $empty_stars = 5 - $full_stars - $half_stars; + + if ( $parsed_args['number'] ) { + /* translators: Hidden accessibility text. 1: The rating, 2: The number of ratings. */ + $format = _n( '%1$s rating based on %2$s rating', '%1$s rating based on %2$s ratings', $parsed_args['number'] ); + $title = sprintf( $format, number_format_i18n( $rating, 1 ), number_format_i18n( $parsed_args['number'] ) ); + } else { + /* translators: Hidden accessibility text. %s: The rating. */ + $title = sprintf( __( '%s rating' ), number_format_i18n( $rating, 1 ) ); + } + + $output = '<div class="star-rating">'; + $output .= '<span class="screen-reader-text">' . $title . '</span>'; + $output .= str_repeat( '<div class="star star-full" aria-hidden="true"></div>', $full_stars ); + $output .= str_repeat( '<div class="star star-half" aria-hidden="true"></div>', $half_stars ); + $output .= str_repeat( '<div class="star star-empty" aria-hidden="true"></div>', $empty_stars ); + $output .= '</div>'; + + if ( $parsed_args['echo'] ) { + echo $output; + } + + return $output; +} + +/** + * Outputs a notice when editing the page for posts (internal use only). + * + * @ignore + * @since 4.2.0 + */ +function _wp_posts_page_notice() { + wp_admin_notice( + __( 'You are currently editing the page that shows your latest posts.' ), + array( + 'type' => 'warning', + 'additional_classes' => array( 'inline' ), + ) + ); +} + +/** + * Outputs a notice when editing the page for posts in the block editor (internal use only). + * + * @ignore + * @since 5.8.0 + */ +function _wp_block_editor_posts_page_notice() { + wp_add_inline_script( + 'wp-notices', + sprintf( + 'wp.data.dispatch( "core/notices" ).createWarningNotice( "%s", { isDismissible: false } )', + __( 'You are currently editing the page that shows your latest posts.' ) + ), + 'after' + ); +} diff --git a/wp-admin/includes/theme-install.php b/wp-admin/includes/theme-install.php new file mode 100644 index 0000000..949f0d5 --- /dev/null +++ b/wp-admin/includes/theme-install.php @@ -0,0 +1,271 @@ +<?php +/** + * WordPress Theme Installation Administration API + * + * @package WordPress + * @subpackage Administration + */ + +$themes_allowedtags = array( + 'a' => array( + 'href' => array(), + 'title' => array(), + 'target' => array(), + ), + 'abbr' => array( 'title' => array() ), + 'acronym' => array( 'title' => array() ), + 'code' => array(), + 'pre' => array(), + 'em' => array(), + 'strong' => array(), + 'div' => array(), + 'p' => array(), + 'ul' => array(), + 'ol' => array(), + 'li' => array(), + 'h1' => array(), + 'h2' => array(), + 'h3' => array(), + 'h4' => array(), + 'h5' => array(), + 'h6' => array(), + 'img' => array( + 'src' => array(), + 'class' => array(), + 'alt' => array(), + ), +); + +$theme_field_defaults = array( + 'description' => true, + 'sections' => false, + 'tested' => true, + 'requires' => true, + 'rating' => true, + 'downloaded' => true, + 'downloadlink' => true, + 'last_updated' => true, + 'homepage' => true, + 'tags' => true, + 'num_ratings' => true, +); + +/** + * Retrieves the list of WordPress theme features (aka theme tags). + * + * @since 2.8.0 + * + * @deprecated 3.1.0 Use get_theme_feature_list() instead. + * + * @return array + */ +function install_themes_feature_list() { + _deprecated_function( __FUNCTION__, '3.1.0', 'get_theme_feature_list()' ); + + $cache = get_transient( 'wporg_theme_feature_list' ); + if ( ! $cache ) { + set_transient( 'wporg_theme_feature_list', array(), 3 * HOUR_IN_SECONDS ); + } + + if ( $cache ) { + return $cache; + } + + $feature_list = themes_api( 'feature_list', array() ); + if ( is_wp_error( $feature_list ) ) { + return array(); + } + + set_transient( 'wporg_theme_feature_list', $feature_list, 3 * HOUR_IN_SECONDS ); + + return $feature_list; +} + +/** + * Displays search form for searching themes. + * + * @since 2.8.0 + * + * @param bool $type_selector + */ +function install_theme_search_form( $type_selector = true ) { + $type = isset( $_REQUEST['type'] ) ? wp_unslash( $_REQUEST['type'] ) : 'term'; + $term = isset( $_REQUEST['s'] ) ? wp_unslash( $_REQUEST['s'] ) : ''; + if ( ! $type_selector ) { + echo '<p class="install-help">' . __( 'Search for themes by keyword.' ) . '</p>'; + } + ?> +<form id="search-themes" method="get"> + <input type="hidden" name="tab" value="search" /> + <?php if ( $type_selector ) : ?> + <label class="screen-reader-text" for="typeselector"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Type of search' ); + ?> + </label> + <select name="type" id="typeselector"> + <option value="term" <?php selected( 'term', $type ); ?>><?php _e( 'Keyword' ); ?></option> + <option value="author" <?php selected( 'author', $type ); ?>><?php _e( 'Author' ); ?></option> + <option value="tag" <?php selected( 'tag', $type ); ?>><?php _ex( 'Tag', 'Theme Installer' ); ?></option> + </select> + <label class="screen-reader-text" for="s"> + <?php + switch ( $type ) { + case 'term': + /* translators: Hidden accessibility text. */ + _e( 'Search by keyword' ); + break; + case 'author': + /* translators: Hidden accessibility text. */ + _e( 'Search by author' ); + break; + case 'tag': + /* translators: Hidden accessibility text. */ + _e( 'Search by tag' ); + break; + } + ?> + </label> + <?php else : ?> + <label class="screen-reader-text" for="s"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Search by keyword' ); + ?> + </label> + <?php endif; ?> + <input type="search" name="s" id="s" size="30" value="<?php echo esc_attr( $term ); ?>" autofocus="autofocus" /> + <?php submit_button( __( 'Search' ), '', 'search', false ); ?> +</form> + <?php +} + +/** + * Displays tags filter for themes. + * + * @since 2.8.0 + */ +function install_themes_dashboard() { + install_theme_search_form( false ); + ?> +<h4><?php _e( 'Feature Filter' ); ?></h4> +<p class="install-help"><?php _e( 'Find a theme based on specific features.' ); ?></p> + +<form method="get"> + <input type="hidden" name="tab" value="search" /> + <?php + $feature_list = get_theme_feature_list(); + echo '<div class="feature-filter">'; + + foreach ( (array) $feature_list as $feature_name => $features ) { + $feature_name = esc_html( $feature_name ); + echo '<div class="feature-name">' . $feature_name . '</div>'; + + echo '<ol class="feature-group">'; + foreach ( $features as $feature => $feature_name ) { + $feature_name = esc_html( $feature_name ); + $feature = esc_attr( $feature ); + ?> + +<li> + <input type="checkbox" name="features[]" id="feature-id-<?php echo $feature; ?>" value="<?php echo $feature; ?>" /> + <label for="feature-id-<?php echo $feature; ?>"><?php echo $feature_name; ?></label> +</li> + +<?php } ?> +</ol> +<br class="clear" /> + <?php + } + ?> + +</div> +<br class="clear" /> + <?php submit_button( __( 'Find Themes' ), '', 'search' ); ?> +</form> + <?php +} + +/** + * Displays a form to upload themes from zip files. + * + * @since 2.8.0 + */ +function install_themes_upload() { + ?> +<p class="install-help"><?php _e( 'If you have a theme in a .zip format, you may install or update it by uploading it here.' ); ?></p> +<form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo esc_url( self_admin_url( 'update.php?action=upload-theme' ) ); ?>"> + <?php wp_nonce_field( 'theme-upload' ); ?> + <label class="screen-reader-text" for="themezip"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Theme zip file' ); + ?> + </label> + <input type="file" id="themezip" name="themezip" accept=".zip" /> + <?php submit_button( __( 'Install Now' ), '', 'install-theme-submit', false ); ?> +</form> + <?php +} + +/** + * Prints a theme on the Install Themes pages. + * + * @deprecated 3.4.0 + * + * @global WP_Theme_Install_List_Table $wp_list_table + * + * @param object $theme + */ +function display_theme( $theme ) { + _deprecated_function( __FUNCTION__, '3.4.0' ); + global $wp_list_table; + if ( ! isset( $wp_list_table ) ) { + $wp_list_table = _get_list_table( 'WP_Theme_Install_List_Table' ); + } + $wp_list_table->prepare_items(); + $wp_list_table->single_row( $theme ); +} + +/** + * Displays theme content based on theme list. + * + * @since 2.8.0 + * + * @global WP_Theme_Install_List_Table $wp_list_table + */ +function display_themes() { + global $wp_list_table; + + if ( ! isset( $wp_list_table ) ) { + $wp_list_table = _get_list_table( 'WP_Theme_Install_List_Table' ); + } + $wp_list_table->prepare_items(); + $wp_list_table->display(); +} + +/** + * Displays theme information in dialog box form. + * + * @since 2.8.0 + * + * @global WP_Theme_Install_List_Table $wp_list_table + */ +function install_theme_information() { + global $wp_list_table; + + $theme = themes_api( 'theme_information', array( 'slug' => wp_unslash( $_REQUEST['theme'] ) ) ); + + if ( is_wp_error( $theme ) ) { + wp_die( $theme ); + } + + iframe_header( __( 'Theme Installation' ) ); + if ( ! isset( $wp_list_table ) ) { + $wp_list_table = _get_list_table( 'WP_Theme_Install_List_Table' ); + } + $wp_list_table->theme_installer_single( $theme ); + iframe_footer(); + exit; +} diff --git a/wp-admin/includes/theme.php b/wp-admin/includes/theme.php new file mode 100644 index 0000000..f822e57 --- /dev/null +++ b/wp-admin/includes/theme.php @@ -0,0 +1,1250 @@ +<?php +/** + * WordPress Theme Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Removes a theme. + * + * @since 2.8.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * + * @param string $stylesheet Stylesheet of the theme to delete. + * @param string $redirect Redirect to page when complete. + * @return bool|null|WP_Error True on success, false if `$stylesheet` is empty, WP_Error on failure. + * Null if filesystem credentials are required to proceed. + */ +function delete_theme( $stylesheet, $redirect = '' ) { + global $wp_filesystem; + + if ( empty( $stylesheet ) ) { + return false; + } + + if ( empty( $redirect ) ) { + $redirect = wp_nonce_url( 'themes.php?action=delete&stylesheet=' . urlencode( $stylesheet ), 'delete-theme_' . $stylesheet ); + } + + ob_start(); + $credentials = request_filesystem_credentials( $redirect ); + $data = ob_get_clean(); + + if ( false === $credentials ) { + if ( ! empty( $data ) ) { + require_once ABSPATH . 'wp-admin/admin-header.php'; + echo $data; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + exit; + } + return; + } + + if ( ! WP_Filesystem( $credentials ) ) { + ob_start(); + // Failed to connect. Error and request again. + request_filesystem_credentials( $redirect, '', true ); + $data = ob_get_clean(); + + if ( ! empty( $data ) ) { + require_once ABSPATH . 'wp-admin/admin-header.php'; + echo $data; + require_once ABSPATH . 'wp-admin/admin-footer.php'; + exit; + } + return; + } + + if ( ! is_object( $wp_filesystem ) ) { + return new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) ); + } + + if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() ) { + return new WP_Error( 'fs_error', __( 'Filesystem error.' ), $wp_filesystem->errors ); + } + + // Get the base plugin folder. + $themes_dir = $wp_filesystem->wp_themes_dir(); + if ( empty( $themes_dir ) ) { + return new WP_Error( 'fs_no_themes_dir', __( 'Unable to locate WordPress theme directory.' ) ); + } + + /** + * Fires immediately before a theme deletion attempt. + * + * @since 5.8.0 + * + * @param string $stylesheet Stylesheet of the theme to delete. + */ + do_action( 'delete_theme', $stylesheet ); + + $theme = wp_get_theme( $stylesheet ); + + $themes_dir = trailingslashit( $themes_dir ); + $theme_dir = trailingslashit( $themes_dir . $stylesheet ); + $deleted = $wp_filesystem->delete( $theme_dir, true ); + + /** + * Fires immediately after a theme deletion attempt. + * + * @since 5.8.0 + * + * @param string $stylesheet Stylesheet of the theme to delete. + * @param bool $deleted Whether the theme deletion was successful. + */ + do_action( 'deleted_theme', $stylesheet, $deleted ); + + if ( ! $deleted ) { + return new WP_Error( + 'could_not_remove_theme', + /* translators: %s: Theme name. */ + sprintf( __( 'Could not fully remove the theme %s.' ), $stylesheet ) + ); + } + + $theme_translations = wp_get_installed_translations( 'themes' ); + + // Remove language files, silently. + if ( ! empty( $theme_translations[ $stylesheet ] ) ) { + $translations = $theme_translations[ $stylesheet ]; + + foreach ( $translations as $translation => $data ) { + $wp_filesystem->delete( WP_LANG_DIR . '/themes/' . $stylesheet . '-' . $translation . '.po' ); + $wp_filesystem->delete( WP_LANG_DIR . '/themes/' . $stylesheet . '-' . $translation . '.mo' ); + + $json_translation_files = glob( WP_LANG_DIR . '/themes/' . $stylesheet . '-' . $translation . '-*.json' ); + if ( $json_translation_files ) { + array_map( array( $wp_filesystem, 'delete' ), $json_translation_files ); + } + } + } + + // Remove the theme from allowed themes on the network. + if ( is_multisite() ) { + WP_Theme::network_disable_theme( $stylesheet ); + } + + // Clear theme caches. + $theme->cache_delete(); + + // Force refresh of theme update information. + delete_site_transient( 'update_themes' ); + + return true; +} + +/** + * Gets the page templates available in this theme. + * + * @since 1.5.0 + * @since 4.7.0 Added the `$post_type` parameter. + * + * @param WP_Post|null $post Optional. The post being edited, provided for context. + * @param string $post_type Optional. Post type to get the templates for. Default 'page'. + * @return string[] Array of template file names keyed by the template header name. + */ +function get_page_templates( $post = null, $post_type = 'page' ) { + return array_flip( wp_get_theme()->get_page_templates( $post, $post_type ) ); +} + +/** + * Tidies a filename for url display by the theme file editor. + * + * @since 2.9.0 + * @access private + * + * @param string $fullpath Full path to the theme file + * @param string $containingfolder Path of the theme parent folder + * @return string + */ +function _get_template_edit_filename( $fullpath, $containingfolder ) { + return str_replace( dirname( $containingfolder, 2 ), '', $fullpath ); +} + +/** + * Check if there is an update for a theme available. + * + * Will display link, if there is an update available. + * + * @since 2.7.0 + * + * @see get_theme_update_available() + * + * @param WP_Theme $theme Theme data object. + */ +function theme_update_available( $theme ) { + echo get_theme_update_available( $theme ); +} + +/** + * Retrieves the update link if there is a theme update available. + * + * Will return a link if there is an update available. + * + * @since 3.8.0 + * + * @param WP_Theme $theme WP_Theme object. + * @return string|false HTML for the update link, or false if invalid info was passed. + */ +function get_theme_update_available( $theme ) { + static $themes_update = null; + + if ( ! current_user_can( 'update_themes' ) ) { + return false; + } + + if ( ! isset( $themes_update ) ) { + $themes_update = get_site_transient( 'update_themes' ); + } + + if ( ! ( $theme instanceof WP_Theme ) ) { + return false; + } + + $stylesheet = $theme->get_stylesheet(); + + $html = ''; + + if ( isset( $themes_update->response[ $stylesheet ] ) ) { + $update = $themes_update->response[ $stylesheet ]; + $theme_name = $theme->display( 'Name' ); + $details_url = add_query_arg( + array( + 'TB_iframe' => 'true', + 'width' => 1024, + 'height' => 800, + ), + $update['url'] + ); // Theme browser inside WP? Replace this. Also, theme preview JS will override this on the available list. + $update_url = wp_nonce_url( admin_url( 'update.php?action=upgrade-theme&theme=' . urlencode( $stylesheet ) ), 'upgrade-theme_' . $stylesheet ); + + if ( ! is_multisite() ) { + if ( ! current_user_can( 'update_themes' ) ) { + $html = sprintf( + /* translators: 1: Theme name, 2: Theme details URL, 3: Additional link attributes, 4: Version number. */ + '<p><strong>' . __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>.' ) . '</strong></p>', + $theme_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme_name, $update['new_version'] ) ) + ), + $update['new_version'] + ); + } elseif ( empty( $update['package'] ) ) { + $html = sprintf( + /* translators: 1: Theme name, 2: Theme details URL, 3: Additional link attributes, 4: Version number. */ + '<p><strong>' . __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>. <em>Automatic update is unavailable for this theme.</em>' ) . '</strong></p>', + $theme_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme_name, $update['new_version'] ) ) + ), + $update['new_version'] + ); + } else { + $html = sprintf( + /* translators: 1: Theme name, 2: Theme details URL, 3: Additional link attributes, 4: Version number, 5: Update URL, 6: Additional link attributes. */ + '<p><strong>' . __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s" %6$s>update now</a>.' ) . '</strong></p>', + $theme_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme_name, $update['new_version'] ) ) + ), + $update['new_version'], + $update_url, + sprintf( + 'aria-label="%s" id="update-theme" data-slug="%s"', + /* translators: %s: Theme name. */ + esc_attr( sprintf( _x( 'Update %s now', 'theme' ), $theme_name ) ), + $stylesheet + ) + ); + } + } + } + + return $html; +} + +/** + * Retrieves list of WordPress theme features (aka theme tags). + * + * @since 3.1.0 + * @since 3.2.0 Added 'Gray' color and 'Featured Image Header', 'Featured Images', + * 'Full Width Template', and 'Post Formats' features. + * @since 3.5.0 Added 'Flexible Header' feature. + * @since 3.8.0 Renamed 'Width' filter to 'Layout'. + * @since 3.8.0 Renamed 'Fixed Width' and 'Flexible Width' options + * to 'Fixed Layout' and 'Fluid Layout'. + * @since 3.8.0 Added 'Accessibility Ready' feature and 'Responsive Layout' option. + * @since 3.9.0 Combined 'Layout' and 'Columns' filters. + * @since 4.6.0 Removed 'Colors' filter. + * @since 4.6.0 Added 'Grid Layout' option. + * Removed 'Fixed Layout', 'Fluid Layout', and 'Responsive Layout' options. + * @since 4.6.0 Added 'Custom Logo' and 'Footer Widgets' features. + * Removed 'Blavatar' feature. + * @since 4.6.0 Added 'Blog', 'E-Commerce', 'Education', 'Entertainment', 'Food & Drink', + * 'Holiday', 'News', 'Photography', and 'Portfolio' subjects. + * Removed 'Photoblogging' and 'Seasonal' subjects. + * @since 4.9.0 Reordered the filters from 'Layout', 'Features', 'Subject' + * to 'Subject', 'Features', 'Layout'. + * @since 4.9.0 Removed 'BuddyPress', 'Custom Menu', 'Flexible Header', + * 'Front Page Posting', 'Microformats', 'RTL Language Support', + * 'Threaded Comments', and 'Translation Ready' features. + * @since 5.5.0 Added 'Block Editor Patterns', 'Block Editor Styles', + * and 'Full Site Editing' features. + * @since 5.5.0 Added 'Wide Blocks' layout option. + * @since 5.8.1 Added 'Template Editing' feature. + * @since 6.1.1 Replaced 'Full Site Editing' feature name with 'Site Editor'. + * @since 6.2.0 Added 'Style Variations' feature. + * + * @param bool $api Optional. Whether try to fetch tags from the WordPress.org API. Defaults to true. + * @return array Array of features keyed by category with translations keyed by slug. + */ +function get_theme_feature_list( $api = true ) { + // Hard-coded list is used if API is not accessible. + $features = array( + + __( 'Subject' ) => array( + 'blog' => __( 'Blog' ), + 'e-commerce' => __( 'E-Commerce' ), + 'education' => __( 'Education' ), + 'entertainment' => __( 'Entertainment' ), + 'food-and-drink' => __( 'Food & Drink' ), + 'holiday' => __( 'Holiday' ), + 'news' => __( 'News' ), + 'photography' => __( 'Photography' ), + 'portfolio' => __( 'Portfolio' ), + ), + + __( 'Features' ) => array( + 'accessibility-ready' => __( 'Accessibility Ready' ), + 'block-patterns' => __( 'Block Editor Patterns' ), + 'block-styles' => __( 'Block Editor Styles' ), + 'custom-background' => __( 'Custom Background' ), + 'custom-colors' => __( 'Custom Colors' ), + 'custom-header' => __( 'Custom Header' ), + 'custom-logo' => __( 'Custom Logo' ), + 'editor-style' => __( 'Editor Style' ), + 'featured-image-header' => __( 'Featured Image Header' ), + 'featured-images' => __( 'Featured Images' ), + 'footer-widgets' => __( 'Footer Widgets' ), + 'full-site-editing' => __( 'Site Editor' ), + 'full-width-template' => __( 'Full Width Template' ), + 'post-formats' => __( 'Post Formats' ), + 'sticky-post' => __( 'Sticky Post' ), + 'style-variations' => __( 'Style Variations' ), + 'template-editing' => __( 'Template Editing' ), + 'theme-options' => __( 'Theme Options' ), + ), + + __( 'Layout' ) => array( + 'grid-layout' => __( 'Grid Layout' ), + 'one-column' => __( 'One Column' ), + 'two-columns' => __( 'Two Columns' ), + 'three-columns' => __( 'Three Columns' ), + 'four-columns' => __( 'Four Columns' ), + 'left-sidebar' => __( 'Left Sidebar' ), + 'right-sidebar' => __( 'Right Sidebar' ), + 'wide-blocks' => __( 'Wide Blocks' ), + ), + + ); + + if ( ! $api || ! current_user_can( 'install_themes' ) ) { + return $features; + } + + $feature_list = get_site_transient( 'wporg_theme_feature_list' ); + if ( ! $feature_list ) { + set_site_transient( 'wporg_theme_feature_list', array(), 3 * HOUR_IN_SECONDS ); + } + + if ( ! $feature_list ) { + $feature_list = themes_api( 'feature_list', array() ); + if ( is_wp_error( $feature_list ) ) { + return $features; + } + } + + if ( ! $feature_list ) { + return $features; + } + + set_site_transient( 'wporg_theme_feature_list', $feature_list, 3 * HOUR_IN_SECONDS ); + + $category_translations = array( + 'Layout' => __( 'Layout' ), + 'Features' => __( 'Features' ), + 'Subject' => __( 'Subject' ), + ); + + $wporg_features = array(); + + // Loop over the wp.org canonical list and apply translations. + foreach ( (array) $feature_list as $feature_category => $feature_items ) { + if ( isset( $category_translations[ $feature_category ] ) ) { + $feature_category = $category_translations[ $feature_category ]; + } + + $wporg_features[ $feature_category ] = array(); + + foreach ( $feature_items as $feature ) { + if ( isset( $features[ $feature_category ][ $feature ] ) ) { + $wporg_features[ $feature_category ][ $feature ] = $features[ $feature_category ][ $feature ]; + } else { + $wporg_features[ $feature_category ][ $feature ] = $feature; + } + } + } + + return $wporg_features; +} + +/** + * Retrieves theme installer pages from the WordPress.org Themes API. + * + * It is possible for a theme to override the Themes API result with three + * filters. Assume this is for themes, which can extend on the Theme Info to + * offer more choices. This is very powerful and must be used with care, when + * overriding the filters. + * + * The first filter, {@see 'themes_api_args'}, is for the args and gives the action + * as the second parameter. The hook for {@see 'themes_api_args'} must ensure that + * an object is returned. + * + * The second filter, {@see 'themes_api'}, allows a plugin to override the WordPress.org + * Theme API entirely. If `$action` is 'query_themes', 'theme_information', or 'feature_list', + * an object MUST be passed. If `$action` is 'hot_tags', an array should be passed. + * + * Finally, the third filter, {@see 'themes_api_result'}, makes it possible to filter the + * response object or array, depending on the `$action` type. + * + * Supported arguments per action: + * + * | Argument Name | 'query_themes' | 'theme_information' | 'hot_tags' | 'feature_list' | + * | -------------------| :------------: | :-----------------: | :--------: | :--------------: | + * | `$slug` | No | Yes | No | No | + * | `$per_page` | Yes | No | No | No | + * | `$page` | Yes | No | No | No | + * | `$number` | No | No | Yes | No | + * | `$search` | Yes | No | No | No | + * | `$tag` | Yes | No | No | No | + * | `$author` | Yes | No | No | No | + * | `$user` | Yes | No | No | No | + * | `$browse` | Yes | No | No | No | + * | `$locale` | Yes | Yes | No | No | + * | `$fields` | Yes | Yes | No | No | + * + * @since 2.8.0 + * + * @param string $action API action to perform: 'query_themes', 'theme_information', + * 'hot_tags' or 'feature_list'. + * @param array|object $args { + * Optional. Array or object of arguments to serialize for the Themes API. Default empty array. + * + * @type string $slug The theme slug. Default empty. + * @type int $per_page Number of themes per page. Default 24. + * @type int $page Number of current page. Default 1. + * @type int $number Number of tags to be queried. + * @type string $search A search term. Default empty. + * @type string $tag Tag to filter themes. Default empty. + * @type string $author Username of an author to filter themes. Default empty. + * @type string $user Username to query for their favorites. Default empty. + * @type string $browse Browse view: 'featured', 'popular', 'updated', 'favorites'. + * @type string $locale Locale to provide context-sensitive results. Default is the value of get_locale(). + * @type array $fields { + * Array of fields which should or should not be returned. + * + * @type bool $description Whether to return the theme full description. Default false. + * @type bool $sections Whether to return the theme readme sections: description, installation, + * FAQ, screenshots, other notes, and changelog. Default false. + * @type bool $rating Whether to return the rating in percent and total number of ratings. + * Default false. + * @type bool $ratings Whether to return the number of rating for each star (1-5). Default false. + * @type bool $downloaded Whether to return the download count. Default false. + * @type bool $downloadlink Whether to return the download link for the package. Default false. + * @type bool $last_updated Whether to return the date of the last update. Default false. + * @type bool $tags Whether to return the assigned tags. Default false. + * @type bool $homepage Whether to return the theme homepage link. Default false. + * @type bool $screenshots Whether to return the screenshots. Default false. + * @type int $screenshot_count Number of screenshots to return. Default 1. + * @type bool $screenshot_url Whether to return the URL of the first screenshot. Default false. + * @type bool $photon_screenshots Whether to return the screenshots via Photon. Default false. + * @type bool $template Whether to return the slug of the parent theme. Default false. + * @type bool $parent Whether to return the slug, name and homepage of the parent theme. Default false. + * @type bool $versions Whether to return the list of all available versions. Default false. + * @type bool $theme_url Whether to return theme's URL. Default false. + * @type bool $extended_author Whether to return nicename or nicename and display name. Default false. + * } + * } + * @return object|array|WP_Error Response object or array on success, WP_Error on failure. See the + * {@link https://developer.wordpress.org/reference/functions/themes_api/ function reference article} + * for more information on the make-up of possible return objects depending on the value of `$action`. + */ +function themes_api( $action, $args = array() ) { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + if ( is_array( $args ) ) { + $args = (object) $args; + } + + if ( 'query_themes' === $action ) { + if ( ! isset( $args->per_page ) ) { + $args->per_page = 24; + } + } + + if ( ! isset( $args->locale ) ) { + $args->locale = get_user_locale(); + } + + if ( ! isset( $args->wp_version ) ) { + $args->wp_version = substr( $wp_version, 0, 3 ); // x.y + } + + /** + * Filters arguments used to query for installer pages from the WordPress.org Themes API. + * + * Important: An object MUST be returned to this filter. + * + * @since 2.8.0 + * + * @param object $args Arguments used to query for installer pages from the WordPress.org Themes API. + * @param string $action Requested action. Likely values are 'theme_information', + * 'feature_list', or 'query_themes'. + */ + $args = apply_filters( 'themes_api_args', $args, $action ); + + /** + * Filters whether to override the WordPress.org Themes API. + * + * Returning a non-false value will effectively short-circuit the WordPress.org API request. + * + * If `$action` is 'query_themes', 'theme_information', or 'feature_list', an object MUST + * be passed. If `$action` is 'hot_tags', an array should be passed. + * + * @since 2.8.0 + * + * @param false|object|array $override Whether to override the WordPress.org Themes API. Default false. + * @param string $action Requested action. Likely values are 'theme_information', + * 'feature_list', or 'query_themes'. + * @param object $args Arguments used to query for installer pages from the Themes API. + */ + $res = apply_filters( 'themes_api', false, $action, $args ); + + if ( ! $res ) { + $url = 'http://api.wordpress.org/themes/info/1.2/'; + $url = add_query_arg( + array( + 'action' => $action, + 'request' => $args, + ), + $url + ); + + $http_url = $url; + $ssl = wp_http_supports( array( 'ssl' ) ); + if ( $ssl ) { + $url = set_url_scheme( $url, 'https' ); + } + + $http_args = array( + 'timeout' => 15, + 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), + ); + $request = wp_remote_get( $url, $http_args ); + + if ( $ssl && is_wp_error( $request ) ) { + if ( ! wp_doing_ajax() ) { + trigger_error( + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), + headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE + ); + } + $request = wp_remote_get( $http_url, $http_args ); + } + + if ( is_wp_error( $request ) ) { + $res = new WP_Error( + 'themes_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + $request->get_error_message() + ); + } else { + $res = json_decode( wp_remote_retrieve_body( $request ), true ); + if ( is_array( $res ) ) { + // Object casting is required in order to match the info/1.0 format. + $res = (object) $res; + } elseif ( null === $res ) { + $res = new WP_Error( + 'themes_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + wp_remote_retrieve_body( $request ) + ); + } + + if ( isset( $res->error ) ) { + $res = new WP_Error( 'themes_api_failed', $res->error ); + } + } + + if ( ! is_wp_error( $res ) ) { + // Back-compat for info/1.2 API, upgrade the theme objects in query_themes to objects. + if ( 'query_themes' === $action ) { + foreach ( $res->themes as $i => $theme ) { + $res->themes[ $i ] = (object) $theme; + } + } + + // Back-compat for info/1.2 API, downgrade the feature_list result back to an array. + if ( 'feature_list' === $action ) { + $res = (array) $res; + } + } + } + + /** + * Filters the returned WordPress.org Themes API response. + * + * @since 2.8.0 + * + * @param array|stdClass|WP_Error $res WordPress.org Themes API response. + * @param string $action Requested action. Likely values are 'theme_information', + * 'feature_list', or 'query_themes'. + * @param stdClass $args Arguments used to query for installer pages from the WordPress.org Themes API. + */ + return apply_filters( 'themes_api_result', $res, $action, $args ); +} + +/** + * Prepares themes for JavaScript. + * + * @since 3.8.0 + * + * @param WP_Theme[] $themes Optional. Array of theme objects to prepare. + * Defaults to all allowed themes. + * + * @return array An associative array of theme data, sorted by name. + */ +function wp_prepare_themes_for_js( $themes = null ) { + $current_theme = get_stylesheet(); + + /** + * Filters theme data before it is prepared for JavaScript. + * + * Passing a non-empty array will result in wp_prepare_themes_for_js() returning + * early with that value instead. + * + * @since 4.2.0 + * + * @param array $prepared_themes An associative array of theme data. Default empty array. + * @param WP_Theme[]|null $themes An array of theme objects to prepare, if any. + * @param string $current_theme The active theme slug. + */ + $prepared_themes = (array) apply_filters( 'pre_prepare_themes_for_js', array(), $themes, $current_theme ); + + if ( ! empty( $prepared_themes ) ) { + return $prepared_themes; + } + + // Make sure the active theme is listed first. + $prepared_themes[ $current_theme ] = array(); + + if ( null === $themes ) { + $themes = wp_get_themes( array( 'allowed' => true ) ); + if ( ! isset( $themes[ $current_theme ] ) ) { + $themes[ $current_theme ] = wp_get_theme(); + } + } + + $updates = array(); + $no_updates = array(); + if ( ! is_multisite() && current_user_can( 'update_themes' ) ) { + $updates_transient = get_site_transient( 'update_themes' ); + if ( isset( $updates_transient->response ) ) { + $updates = $updates_transient->response; + } + if ( isset( $updates_transient->no_update ) ) { + $no_updates = $updates_transient->no_update; + } + } + + WP_Theme::sort_by_name( $themes ); + + $parents = array(); + + $auto_updates = (array) get_site_option( 'auto_update_themes', array() ); + + foreach ( $themes as $theme ) { + $slug = $theme->get_stylesheet(); + $encoded_slug = urlencode( $slug ); + + $parent = false; + if ( $theme->parent() ) { + $parent = $theme->parent(); + $parents[ $slug ] = $parent->get_stylesheet(); + $parent = $parent->display( 'Name' ); + } + + $customize_action = null; + + $can_edit_theme_options = current_user_can( 'edit_theme_options' ); + $can_customize = current_user_can( 'customize' ); + $is_block_theme = $theme->is_block_theme(); + + if ( $is_block_theme && $can_edit_theme_options ) { + $customize_action = admin_url( 'site-editor.php' ); + if ( $current_theme !== $slug ) { + $customize_action = add_query_arg( 'wp_theme_preview', $slug, $customize_action ); + } + } elseif ( ! $is_block_theme && $can_customize && $can_edit_theme_options ) { + $customize_action = wp_customize_url( $slug ); + } + if ( null !== $customize_action ) { + $customize_action = add_query_arg( + array( + 'return' => urlencode( sanitize_url( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) ), + ), + $customize_action + ); + $customize_action = esc_url( $customize_action ); + } + + $update_requires_wp = isset( $updates[ $slug ]['requires'] ) ? $updates[ $slug ]['requires'] : null; + $update_requires_php = isset( $updates[ $slug ]['requires_php'] ) ? $updates[ $slug ]['requires_php'] : null; + + $auto_update = in_array( $slug, $auto_updates, true ); + $auto_update_action = $auto_update ? 'disable-auto-update' : 'enable-auto-update'; + + if ( isset( $updates[ $slug ] ) ) { + $auto_update_supported = true; + $auto_update_filter_payload = (object) $updates[ $slug ]; + } elseif ( isset( $no_updates[ $slug ] ) ) { + $auto_update_supported = true; + $auto_update_filter_payload = (object) $no_updates[ $slug ]; + } else { + $auto_update_supported = false; + /* + * Create the expected payload for the auto_update_theme filter, this is the same data + * as contained within $updates or $no_updates but used when the Theme is not known. + */ + $auto_update_filter_payload = (object) array( + 'theme' => $slug, + 'new_version' => $theme->get( 'Version' ), + 'url' => '', + 'package' => '', + 'requires' => $theme->get( 'RequiresWP' ), + 'requires_php' => $theme->get( 'RequiresPHP' ), + ); + } + + $auto_update_forced = wp_is_auto_update_forced_for_item( 'theme', null, $auto_update_filter_payload ); + + $prepared_themes[ $slug ] = array( + 'id' => $slug, + 'name' => $theme->display( 'Name' ), + 'screenshot' => array( $theme->get_screenshot() ), // @todo Multiple screenshots. + 'description' => $theme->display( 'Description' ), + 'author' => $theme->display( 'Author', false, true ), + 'authorAndUri' => $theme->display( 'Author' ), + 'tags' => $theme->display( 'Tags' ), + 'version' => $theme->get( 'Version' ), + 'compatibleWP' => is_wp_version_compatible( $theme->get( 'RequiresWP' ) ), + 'compatiblePHP' => is_php_version_compatible( $theme->get( 'RequiresPHP' ) ), + 'updateResponse' => array( + 'compatibleWP' => is_wp_version_compatible( $update_requires_wp ), + 'compatiblePHP' => is_php_version_compatible( $update_requires_php ), + ), + 'parent' => $parent, + 'active' => $slug === $current_theme, + 'hasUpdate' => isset( $updates[ $slug ] ), + 'hasPackage' => isset( $updates[ $slug ] ) && ! empty( $updates[ $slug ]['package'] ), + 'update' => get_theme_update_available( $theme ), + 'autoupdate' => array( + 'enabled' => $auto_update || $auto_update_forced, + 'supported' => $auto_update_supported, + 'forced' => $auto_update_forced, + ), + 'actions' => array( + 'activate' => current_user_can( 'switch_themes' ) ? wp_nonce_url( admin_url( 'themes.php?action=activate&stylesheet=' . $encoded_slug ), 'switch-theme_' . $slug ) : null, + 'customize' => $customize_action, + 'delete' => ( ! is_multisite() && current_user_can( 'delete_themes' ) ) ? wp_nonce_url( admin_url( 'themes.php?action=delete&stylesheet=' . $encoded_slug ), 'delete-theme_' . $slug ) : null, + 'autoupdate' => wp_is_auto_update_enabled_for_type( 'theme' ) && ! is_multisite() && current_user_can( 'update_themes' ) + ? wp_nonce_url( admin_url( 'themes.php?action=' . $auto_update_action . '&stylesheet=' . $encoded_slug ), 'updates' ) + : null, + ), + 'blockTheme' => $theme->is_block_theme(), + ); + } + + // Remove 'delete' action if theme has an active child. + if ( ! empty( $parents ) && array_key_exists( $current_theme, $parents ) ) { + unset( $prepared_themes[ $parents[ $current_theme ] ]['actions']['delete'] ); + } + + /** + * Filters the themes prepared for JavaScript, for themes.php. + * + * Could be useful for changing the order, which is by name by default. + * + * @since 3.8.0 + * + * @param array $prepared_themes Array of theme data. + */ + $prepared_themes = apply_filters( 'wp_prepare_themes_for_js', $prepared_themes ); + $prepared_themes = array_values( $prepared_themes ); + return array_filter( $prepared_themes ); +} + +/** + * Prints JS templates for the theme-browsing UI in the Customizer. + * + * @since 4.2.0 + */ +function customize_themes_print_templates() { + ?> + <script type="text/html" id="tmpl-customize-themes-details-view"> + <div class="theme-backdrop"></div> + <div class="theme-wrap wp-clearfix" role="document"> + <div class="theme-header"> + <button type="button" class="left dashicons dashicons-no"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Show previous theme' ); + ?> + </span></button> + <button type="button" class="right dashicons dashicons-no"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Show next theme' ); + ?> + </span></button> + <button type="button" class="close dashicons dashicons-no"><span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Close details dialog' ); + ?> + </span></button> + </div> + <div class="theme-about wp-clearfix"> + <div class="theme-screenshots"> + <# if ( data.screenshot && data.screenshot[0] ) { #> + <div class="screenshot"><img src="{{ data.screenshot[0] }}?ver={{ data.version }}" alt="" /></div> + <# } else { #> + <div class="screenshot blank"></div> + <# } #> + </div> + + <div class="theme-info"> + <# if ( data.active ) { #> + <span class="current-label"><?php _e( 'Active Theme' ); ?></span> + <# } #> + <h2 class="theme-name">{{{ data.name }}}<span class="theme-version"> + <?php + /* translators: %s: Theme version. */ + printf( __( 'Version: %s' ), '{{ data.version }}' ); + ?> + </span></h2> + <h3 class="theme-author"> + <?php + /* translators: %s: Theme author link. */ + printf( __( 'By %s' ), '{{{ data.authorAndUri }}}' ); + ?> + </h3> + + <# if ( data.stars && 0 != data.num_ratings ) { #> + <div class="theme-rating"> + {{{ data.stars }}} + <a class="num-ratings" target="_blank" href="{{ data.reviews_url }}"> + <?php + printf( + '%1$s <span class="screen-reader-text">%2$s</span>', + /* translators: %s: Number of ratings. */ + sprintf( __( '(%s ratings)' ), '{{ data.num_ratings }}' ), + /* translators: Hidden accessibility text. */ + __( '(opens in a new tab)' ) + ); + ?> + </a> + </div> + <# } #> + + <# if ( data.hasUpdate ) { #> + <# if ( data.updateResponse.compatibleWP && data.updateResponse.compatiblePHP ) { #> + <div class="notice notice-warning notice-alt notice-large" data-slug="{{ data.id }}"> + <h3 class="notice-title"><?php _e( 'Update Available' ); ?></h3> + {{{ data.update }}} + </div> + <# } else { #> + <div class="notice notice-error notice-alt notice-large" data-slug="{{ data.id }}"> + <h3 class="notice-title"><?php _e( 'Update Incompatible' ); ?></h3> + <p> + <# if ( ! data.updateResponse.compatibleWP && ! data.updateResponse.compatiblePHP ) { #> + <?php + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your versions of WordPress and PHP.' ), + '{{{ data.name }}}' + ); + if ( current_user_can( 'update_core' ) && current_user_can( 'update_php' ) ) { + printf( + /* translators: 1: URL to WordPress Updates screen, 2: URL to Update PHP page. */ + ' ' . __( '<a href="%1$s">Please update WordPress</a>, and then <a href="%2$s">learn more about updating PHP</a>.' ), + self_admin_url( 'update-core.php' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } elseif ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } elseif ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + ?> + <# } else if ( ! data.updateResponse.compatibleWP ) { #> + <?php + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your version of WordPress.' ), + '{{{ data.name }}}' + ); + if ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } + ?> + <# } else if ( ! data.updateResponse.compatiblePHP ) { #> + <?php + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your version of PHP.' ), + '{{{ data.name }}}' + ); + if ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + ?> + <# } #> + </p> + </div> + <# } #> + <# } #> + + <# if ( data.parent ) { #> + <p class="parent-theme"> + <?php + printf( + /* translators: %s: Theme name. */ + __( 'This is a child theme of %s.' ), + '<strong>{{{ data.parent }}}</strong>' + ); + ?> + </p> + <# } #> + + <# if ( ! data.compatibleWP || ! data.compatiblePHP ) { #> + <div class="notice notice-error notice-alt notice-large"><p> + <# if ( ! data.compatibleWP && ! data.compatiblePHP ) { #> + <?php + _e( 'This theme does not work with your versions of WordPress and PHP.' ); + if ( current_user_can( 'update_core' ) && current_user_can( 'update_php' ) ) { + printf( + /* translators: 1: URL to WordPress Updates screen, 2: URL to Update PHP page. */ + ' ' . __( '<a href="%1$s">Please update WordPress</a>, and then <a href="%2$s">learn more about updating PHP</a>.' ), + self_admin_url( 'update-core.php' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } elseif ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } elseif ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + ?> + <# } else if ( ! data.compatibleWP ) { #> + <?php + _e( 'This theme does not work with your version of WordPress.' ); + if ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } + ?> + <# } else if ( ! data.compatiblePHP ) { #> + <?php + _e( 'This theme does not work with your version of PHP.' ); + if ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + ?> + <# } #> + </p></div> + <# } else if ( ! data.active && data.blockTheme ) { #> + <div class="notice notice-error notice-alt notice-large"><p> + <?php + _e( 'This theme doesn\'t support Customizer.' ); + ?> + <# if ( data.actions.activate ) { #> + <?php + printf( + /* translators: %s: URL to the themes page (also it activates the theme). */ + ' ' . __( 'However, you can still <a href="%s">activate this theme</a>, and use the Site Editor to customize it.' ), + '{{{ data.actions.activate }}}' + ); + ?> + <# } #> + </p></div> + <# } #> + + <p class="theme-description">{{{ data.description }}}</p> + + <# if ( data.tags ) { #> + <p class="theme-tags"><span><?php _e( 'Tags:' ); ?></span> {{{ data.tags }}}</p> + <# } #> + </div> + </div> + + <div class="theme-actions"> + <# if ( data.active ) { #> + <button type="button" class="button button-primary customize-theme"><?php _e( 'Customize' ); ?></button> + <# } else if ( 'installed' === data.type ) { #> + <div class="theme-inactive-actions"> + <# if ( data.blockTheme ) { #> + <?php + /* translators: %s: Theme name. */ + $aria_label = sprintf( _x( 'Activate %s', 'theme' ), '{{ data.name }}' ); + ?> + <# if ( data.compatibleWP && data.compatiblePHP && data.actions.activate ) { #> + <a href="{{{ data.actions.activate }}}" class="button button-primary activate" aria-label="<?php echo esc_attr( $aria_label ); ?>"><?php _e( 'Activate' ); ?></a> + <# } #> + <# } else { #> + <# if ( data.compatibleWP && data.compatiblePHP ) { #> + <button type="button" class="button button-primary preview-theme" data-slug="{{ data.id }}"><?php _e( 'Live Preview' ); ?></button> + <# } else { #> + <button class="button button-primary disabled"><?php _e( 'Live Preview' ); ?></button> + <# } #> + <# } #> + </div> + <?php if ( current_user_can( 'delete_themes' ) ) { ?> + <# if ( data.actions && data.actions['delete'] ) { #> + <a href="{{{ data.actions['delete'] }}}" data-slug="{{ data.id }}" class="button button-secondary delete-theme"><?php _e( 'Delete' ); ?></a> + <# } #> + <?php } ?> + <# } else { #> + <# if ( data.compatibleWP && data.compatiblePHP ) { #> + <button type="button" class="button theme-install" data-slug="{{ data.id }}"><?php _e( 'Install' ); ?></button> + <button type="button" class="button button-primary theme-install preview" data-slug="{{ data.id }}"><?php _e( 'Install & Preview' ); ?></button> + <# } else { #> + <button type="button" class="button disabled"><?php _ex( 'Cannot Install', 'theme' ); ?></button> + <button type="button" class="button button-primary disabled"><?php _e( 'Install & Preview' ); ?></button> + <# } #> + <# } #> + </div> + </div> + </script> + <?php +} + +/** + * Determines whether a theme is technically active but was paused while + * loading. + * + * For more information on this and similar theme functions, check out + * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ + * Conditional Tags} article in the Theme Developer Handbook. + * + * @since 5.2.0 + * + * @param string $theme Path to the theme directory relative to the themes directory. + * @return bool True, if in the list of paused themes. False, not in the list. + */ +function is_theme_paused( $theme ) { + if ( ! isset( $GLOBALS['_paused_themes'] ) ) { + return false; + } + + if ( get_stylesheet() !== $theme && get_template() !== $theme ) { + return false; + } + + return array_key_exists( $theme, $GLOBALS['_paused_themes'] ); +} + +/** + * Gets the error that was recorded for a paused theme. + * + * @since 5.2.0 + * + * @param string $theme Path to the theme directory relative to the themes + * directory. + * @return array|false Array of error information as it was returned by + * `error_get_last()`, or false if none was recorded. + */ +function wp_get_theme_error( $theme ) { + if ( ! isset( $GLOBALS['_paused_themes'] ) ) { + return false; + } + + if ( ! array_key_exists( $theme, $GLOBALS['_paused_themes'] ) ) { + return false; + } + + return $GLOBALS['_paused_themes'][ $theme ]; +} + +/** + * Tries to resume a single theme. + * + * If a redirect was provided and a functions.php file was found, we first ensure that + * functions.php file does not throw fatal errors anymore. + * + * The way it works is by setting the redirection to the error before trying to + * include the file. If the theme fails, then the redirection will not be overwritten + * with the success message and the theme will not be resumed. + * + * @since 5.2.0 + * + * @param string $theme Single theme to resume. + * @param string $redirect Optional. URL to redirect to. Default empty string. + * @return bool|WP_Error True on success, false if `$theme` was not paused, + * `WP_Error` on failure. + */ +function resume_theme( $theme, $redirect = '' ) { + list( $extension ) = explode( '/', $theme ); + + /* + * We'll override this later if the theme could be resumed without + * creating a fatal error. + */ + if ( ! empty( $redirect ) ) { + $stylesheet_path = get_stylesheet_directory(); + $template_path = get_template_directory(); + + $functions_path = ''; + if ( str_contains( $stylesheet_path, $extension ) ) { + $functions_path = $stylesheet_path . '/functions.php'; + } elseif ( str_contains( $template_path, $extension ) ) { + $functions_path = $template_path . '/functions.php'; + } + + if ( ! empty( $functions_path ) ) { + wp_redirect( + add_query_arg( + '_error_nonce', + wp_create_nonce( 'theme-resume-error_' . $theme ), + $redirect + ) + ); + + // Load the theme's functions.php to test whether it throws a fatal error. + ob_start(); + if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) { + define( 'WP_SANDBOX_SCRAPING', true ); + } + include $functions_path; + ob_clean(); + } + } + + $result = wp_paused_themes()->delete( $extension ); + + if ( ! $result ) { + return new WP_Error( + 'could_not_resume_theme', + __( 'Could not resume the theme.' ) + ); + } + + return true; +} + +/** + * Renders an admin notice in case some themes have been paused due to errors. + * + * @since 5.2.0 + * + * @global string $pagenow The filename of the current screen. + */ +function paused_themes_notice() { + if ( 'themes.php' === $GLOBALS['pagenow'] ) { + return; + } + + if ( ! current_user_can( 'resume_themes' ) ) { + return; + } + + if ( ! isset( $GLOBALS['_paused_themes'] ) || empty( $GLOBALS['_paused_themes'] ) ) { + return; + } + + $message = sprintf( + '<p><strong>%s</strong><br>%s</p><p><a href="%s">%s</a></p>', + __( 'One or more themes failed to load properly.' ), + __( 'You can find more details and make changes on the Themes screen.' ), + esc_url( admin_url( 'themes.php' ) ), + __( 'Go to the Themes screen' ) + ); + wp_admin_notice( + $message, + array( + 'type' => 'error', + 'paragraph_wrap' => false, + ) + ); +} diff --git a/wp-admin/includes/translation-install.php b/wp-admin/includes/translation-install.php new file mode 100644 index 0000000..01c61bb --- /dev/null +++ b/wp-admin/includes/translation-install.php @@ -0,0 +1,277 @@ +<?php +/** + * WordPress Translation Installation Administration API + * + * @package WordPress + * @subpackage Administration + */ + + +/** + * Retrieve translations from WordPress Translation API. + * + * @since 4.0.0 + * + * @param string $type Type of translations. Accepts 'plugins', 'themes', 'core'. + * @param array|object $args Translation API arguments. Optional. + * @return array|WP_Error On success an associative array of translations, WP_Error on failure. + */ +function translations_api( $type, $args = null ) { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + if ( ! in_array( $type, array( 'plugins', 'themes', 'core' ), true ) ) { + return new WP_Error( 'invalid_type', __( 'Invalid translation type.' ) ); + } + + /** + * Allows a plugin to override the WordPress.org Translation Installation API entirely. + * + * @since 4.0.0 + * + * @param false|array $result The result array. Default false. + * @param string $type The type of translations being requested. + * @param object $args Translation API arguments. + */ + $res = apply_filters( 'translations_api', false, $type, $args ); + + if ( false === $res ) { + $url = 'http://api.wordpress.org/translations/' . $type . '/1.0/'; + $http_url = $url; + $ssl = wp_http_supports( array( 'ssl' ) ); + if ( $ssl ) { + $url = set_url_scheme( $url, 'https' ); + } + + $options = array( + 'timeout' => 3, + 'body' => array( + 'wp_version' => $wp_version, + 'locale' => get_locale(), + 'version' => $args['version'], // Version of plugin, theme or core. + ), + ); + + if ( 'core' !== $type ) { + $options['body']['slug'] = $args['slug']; // Plugin or theme slug. + } + + $request = wp_remote_post( $url, $options ); + + if ( $ssl && is_wp_error( $request ) ) { + trigger_error( + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), + headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE + ); + + $request = wp_remote_post( $http_url, $options ); + } + + if ( is_wp_error( $request ) ) { + $res = new WP_Error( + 'translations_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + $request->get_error_message() + ); + } else { + $res = json_decode( wp_remote_retrieve_body( $request ), true ); + if ( ! is_object( $res ) && ! is_array( $res ) ) { + $res = new WP_Error( + 'translations_api_failed', + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ), + wp_remote_retrieve_body( $request ) + ); + } + } + } + + /** + * Filters the Translation Installation API response results. + * + * @since 4.0.0 + * + * @param array|WP_Error $res Response as an associative array or WP_Error. + * @param string $type The type of translations being requested. + * @param object $args Translation API arguments. + */ + return apply_filters( 'translations_api_result', $res, $type, $args ); +} + +/** + * Get available translations from the WordPress.org API. + * + * @since 4.0.0 + * + * @see translations_api() + * + * @return array[] Array of translations, each an array of data, keyed by the language. If the API response results + * in an error, an empty array will be returned. + */ +function wp_get_available_translations() { + if ( ! wp_installing() ) { + $translations = get_site_transient( 'available_translations' ); + if ( false !== $translations ) { + return $translations; + } + } + + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $api = translations_api( 'core', array( 'version' => $wp_version ) ); + + if ( is_wp_error( $api ) || empty( $api['translations'] ) ) { + return array(); + } + + $translations = array(); + // Key the array with the language code for now. + foreach ( $api['translations'] as $translation ) { + $translations[ $translation['language'] ] = $translation; + } + + if ( ! defined( 'WP_INSTALLING' ) ) { + set_site_transient( 'available_translations', $translations, 3 * HOUR_IN_SECONDS ); + } + + return $translations; +} + +/** + * Output the select form for the language selection on the installation screen. + * + * @since 4.0.0 + * + * @global string $wp_local_package Locale code of the package. + * + * @param array[] $languages Array of available languages (populated via the Translation API). + */ +function wp_install_language_form( $languages ) { + global $wp_local_package; + + $installed_languages = get_available_languages(); + + echo "<label class='screen-reader-text' for='language'>Select a default language</label>\n"; + echo "<select size='14' name='language' id='language'>\n"; + echo '<option value="" lang="en" selected="selected" data-continue="Continue" data-installed="1">English (United States)</option>'; + echo "\n"; + + if ( ! empty( $wp_local_package ) && isset( $languages[ $wp_local_package ] ) ) { + if ( isset( $languages[ $wp_local_package ] ) ) { + $language = $languages[ $wp_local_package ]; + printf( + '<option value="%s" lang="%s" data-continue="%s"%s>%s</option>' . "\n", + esc_attr( $language['language'] ), + esc_attr( current( $language['iso'] ) ), + esc_attr( $language['strings']['continue'] ? $language['strings']['continue'] : 'Continue' ), + in_array( $language['language'], $installed_languages, true ) ? ' data-installed="1"' : '', + esc_html( $language['native_name'] ) + ); + + unset( $languages[ $wp_local_package ] ); + } + } + + foreach ( $languages as $language ) { + printf( + '<option value="%s" lang="%s" data-continue="%s"%s>%s</option>' . "\n", + esc_attr( $language['language'] ), + esc_attr( current( $language['iso'] ) ), + esc_attr( $language['strings']['continue'] ? $language['strings']['continue'] : 'Continue' ), + in_array( $language['language'], $installed_languages, true ) ? ' data-installed="1"' : '', + esc_html( $language['native_name'] ) + ); + } + echo "</select>\n"; + echo '<p class="step"><span class="spinner"></span><input id="language-continue" type="submit" class="button button-primary button-large" value="Continue" /></p>'; +} + +/** + * Download a language pack. + * + * @since 4.0.0 + * + * @see wp_get_available_translations() + * + * @param string $download Language code to download. + * @return string|false Returns the language code if successfully downloaded + * (or already installed), or false on failure. + */ +function wp_download_language_pack( $download ) { + // Check if the translation is already installed. + if ( in_array( $download, get_available_languages(), true ) ) { + return $download; + } + + if ( ! wp_is_file_mod_allowed( 'download_language_pack' ) ) { + return false; + } + + // Confirm the translation is one we can download. + $translations = wp_get_available_translations(); + if ( ! $translations ) { + return false; + } + foreach ( $translations as $translation ) { + if ( $translation['language'] === $download ) { + $translation_to_load = true; + break; + } + } + + if ( empty( $translation_to_load ) ) { + return false; + } + $translation = (object) $translation; + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + $skin = new Automatic_Upgrader_Skin(); + $upgrader = new Language_Pack_Upgrader( $skin ); + $translation->type = 'core'; + $result = $upgrader->upgrade( $translation, array( 'clear_update_cache' => false ) ); + + if ( ! $result || is_wp_error( $result ) ) { + return false; + } + + return $translation->language; +} + +/** + * Check if WordPress has access to the filesystem without asking for + * credentials. + * + * @since 4.0.0 + * + * @return bool Returns true on success, false on failure. + */ +function wp_can_install_language_pack() { + if ( ! wp_is_file_mod_allowed( 'can_install_language_pack' ) ) { + return false; + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + $skin = new Automatic_Upgrader_Skin(); + $upgrader = new Language_Pack_Upgrader( $skin ); + $upgrader->init(); + + $check = $upgrader->fs_connect( array( WP_CONTENT_DIR, WP_LANG_DIR ) ); + + if ( ! $check || is_wp_error( $check ) ) { + return false; + } + + return true; +} diff --git a/wp-admin/includes/update-core.php b/wp-admin/includes/update-core.php new file mode 100644 index 0000000..c767834 --- /dev/null +++ b/wp-admin/includes/update-core.php @@ -0,0 +1,1870 @@ +<?php +/** + * WordPress core upgrade functionality. + * + * @package WordPress + * @subpackage Administration + * @since 2.7.0 + */ + +/** + * Stores files to be deleted. + * + * Bundled theme files should not be included in this list. + * + * @since 2.7.0 + * + * @global array $_old_files + * @var array + * @name $_old_files + */ +global $_old_files; + +$_old_files = array( + // 2.0 + 'wp-admin/import-b2.php', + 'wp-admin/import-blogger.php', + 'wp-admin/import-greymatter.php', + 'wp-admin/import-livejournal.php', + 'wp-admin/import-mt.php', + 'wp-admin/import-rss.php', + 'wp-admin/import-textpattern.php', + 'wp-admin/quicktags.js', + 'wp-images/fade-butt.png', + 'wp-images/get-firefox.png', + 'wp-images/header-shadow.png', + 'wp-images/smilies', + 'wp-images/wp-small.png', + 'wp-images/wpminilogo.png', + 'wp.php', + // 2.0.8 + 'wp-includes/js/tinymce/plugins/inlinepopups/readme.txt', + // 2.1 + 'wp-admin/edit-form-ajax-cat.php', + 'wp-admin/execute-pings.php', + 'wp-admin/inline-uploading.php', + 'wp-admin/link-categories.php', + 'wp-admin/list-manipulation.js', + 'wp-admin/list-manipulation.php', + 'wp-includes/comment-functions.php', + 'wp-includes/feed-functions.php', + 'wp-includes/functions-compat.php', + 'wp-includes/functions-formatting.php', + 'wp-includes/functions-post.php', + 'wp-includes/js/dbx-key.js', + 'wp-includes/js/tinymce/plugins/autosave/langs/cs.js', + 'wp-includes/js/tinymce/plugins/autosave/langs/sv.js', + 'wp-includes/links.php', + 'wp-includes/pluggable-functions.php', + 'wp-includes/template-functions-author.php', + 'wp-includes/template-functions-category.php', + 'wp-includes/template-functions-general.php', + 'wp-includes/template-functions-links.php', + 'wp-includes/template-functions-post.php', + 'wp-includes/wp-l10n.php', + // 2.2 + 'wp-admin/cat-js.php', + 'wp-admin/import/b2.php', + 'wp-includes/js/autosave-js.php', + 'wp-includes/js/list-manipulation-js.php', + 'wp-includes/js/wp-ajax-js.php', + // 2.3 + 'wp-admin/admin-db.php', + 'wp-admin/cat.js', + 'wp-admin/categories.js', + 'wp-admin/custom-fields.js', + 'wp-admin/dbx-admin-key.js', + 'wp-admin/edit-comments.js', + 'wp-admin/install-rtl.css', + 'wp-admin/install.css', + 'wp-admin/upgrade-schema.php', + 'wp-admin/upload-functions.php', + 'wp-admin/upload-rtl.css', + 'wp-admin/upload.css', + 'wp-admin/upload.js', + 'wp-admin/users.js', + 'wp-admin/widgets-rtl.css', + 'wp-admin/widgets.css', + 'wp-admin/xfn.js', + 'wp-includes/js/tinymce/license.html', + // 2.5 + 'wp-admin/css/upload.css', + 'wp-admin/images/box-bg-left.gif', + 'wp-admin/images/box-bg-right.gif', + 'wp-admin/images/box-bg.gif', + 'wp-admin/images/box-butt-left.gif', + 'wp-admin/images/box-butt-right.gif', + 'wp-admin/images/box-butt.gif', + 'wp-admin/images/box-head-left.gif', + 'wp-admin/images/box-head-right.gif', + 'wp-admin/images/box-head.gif', + 'wp-admin/images/heading-bg.gif', + 'wp-admin/images/login-bkg-bottom.gif', + 'wp-admin/images/login-bkg-tile.gif', + 'wp-admin/images/notice.gif', + 'wp-admin/images/toggle.gif', + 'wp-admin/includes/upload.php', + 'wp-admin/js/dbx-admin-key.js', + 'wp-admin/js/link-cat.js', + 'wp-admin/profile-update.php', + 'wp-admin/templates.php', + 'wp-includes/images/wlw/WpComments.png', + 'wp-includes/images/wlw/WpIcon.png', + 'wp-includes/images/wlw/WpWatermark.png', + 'wp-includes/js/dbx.js', + 'wp-includes/js/fat.js', + 'wp-includes/js/list-manipulation.js', + 'wp-includes/js/tinymce/langs/en.js', + 'wp-includes/js/tinymce/plugins/autosave/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/autosave/langs', + 'wp-includes/js/tinymce/plugins/directionality/images', + 'wp-includes/js/tinymce/plugins/directionality/langs', + 'wp-includes/js/tinymce/plugins/inlinepopups/css', + 'wp-includes/js/tinymce/plugins/inlinepopups/images', + 'wp-includes/js/tinymce/plugins/inlinepopups/jscripts', + 'wp-includes/js/tinymce/plugins/paste/images', + 'wp-includes/js/tinymce/plugins/paste/jscripts', + 'wp-includes/js/tinymce/plugins/paste/langs', + 'wp-includes/js/tinymce/plugins/spellchecker/classes/HttpClient.class.php', + 'wp-includes/js/tinymce/plugins/spellchecker/classes/TinyGoogleSpell.class.php', + 'wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspell.class.php', + 'wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspellShell.class.php', + 'wp-includes/js/tinymce/plugins/spellchecker/css/spellchecker.css', + 'wp-includes/js/tinymce/plugins/spellchecker/images', + 'wp-includes/js/tinymce/plugins/spellchecker/langs', + 'wp-includes/js/tinymce/plugins/spellchecker/tinyspell.php', + 'wp-includes/js/tinymce/plugins/wordpress/images', + 'wp-includes/js/tinymce/plugins/wordpress/langs', + 'wp-includes/js/tinymce/plugins/wordpress/wordpress.css', + 'wp-includes/js/tinymce/plugins/wphelp', + 'wp-includes/js/tinymce/themes/advanced/css', + 'wp-includes/js/tinymce/themes/advanced/images', + 'wp-includes/js/tinymce/themes/advanced/jscripts', + 'wp-includes/js/tinymce/themes/advanced/langs', + // 2.5.1 + 'wp-includes/js/tinymce/tiny_mce_gzip.php', + // 2.6 + 'wp-admin/bookmarklet.php', + 'wp-includes/js/jquery/jquery.dimensions.min.js', + 'wp-includes/js/tinymce/plugins/wordpress/popups.css', + 'wp-includes/js/wp-ajax.js', + // 2.7 + 'wp-admin/css/press-this-ie-rtl.css', + 'wp-admin/css/press-this-ie.css', + 'wp-admin/css/upload-rtl.css', + 'wp-admin/edit-form.php', + 'wp-admin/images/comment-pill.gif', + 'wp-admin/images/comment-stalk-classic.gif', + 'wp-admin/images/comment-stalk-fresh.gif', + 'wp-admin/images/comment-stalk-rtl.gif', + 'wp-admin/images/del.png', + 'wp-admin/images/gear.png', + 'wp-admin/images/media-button-gallery.gif', + 'wp-admin/images/media-buttons.gif', + 'wp-admin/images/postbox-bg.gif', + 'wp-admin/images/tab.png', + 'wp-admin/images/tail.gif', + 'wp-admin/js/forms.js', + 'wp-admin/js/upload.js', + 'wp-admin/link-import.php', + 'wp-includes/images/audio.png', + 'wp-includes/images/css.png', + 'wp-includes/images/default.png', + 'wp-includes/images/doc.png', + 'wp-includes/images/exe.png', + 'wp-includes/images/html.png', + 'wp-includes/images/js.png', + 'wp-includes/images/pdf.png', + 'wp-includes/images/swf.png', + 'wp-includes/images/tar.png', + 'wp-includes/images/text.png', + 'wp-includes/images/video.png', + 'wp-includes/images/zip.png', + 'wp-includes/js/tinymce/tiny_mce_config.php', + 'wp-includes/js/tinymce/tiny_mce_ext.js', + // 2.8 + 'wp-admin/js/users.js', + 'wp-includes/js/swfupload/plugins/swfupload.documentready.js', + 'wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', + 'wp-includes/js/swfupload/swfupload_f9.swf', + 'wp-includes/js/tinymce/plugins/autosave', + 'wp-includes/js/tinymce/plugins/paste/css', + 'wp-includes/js/tinymce/utils/mclayer.js', + 'wp-includes/js/tinymce/wordpress.css', + // 2.8.5 + 'wp-admin/import/btt.php', + 'wp-admin/import/jkw.php', + // 2.9 + 'wp-admin/js/page.dev.js', + 'wp-admin/js/page.js', + 'wp-admin/js/set-post-thumbnail-handler.dev.js', + 'wp-admin/js/set-post-thumbnail-handler.js', + 'wp-admin/js/slug.dev.js', + 'wp-admin/js/slug.js', + 'wp-includes/gettext.php', + 'wp-includes/js/tinymce/plugins/wordpress/js', + 'wp-includes/streams.php', + // MU + 'README.txt', + 'htaccess.dist', + 'index-install.php', + 'wp-admin/css/mu-rtl.css', + 'wp-admin/css/mu.css', + 'wp-admin/images/site-admin.png', + 'wp-admin/includes/mu.php', + 'wp-admin/wpmu-admin.php', + 'wp-admin/wpmu-blogs.php', + 'wp-admin/wpmu-edit.php', + 'wp-admin/wpmu-options.php', + 'wp-admin/wpmu-themes.php', + 'wp-admin/wpmu-upgrade-site.php', + 'wp-admin/wpmu-users.php', + 'wp-includes/images/wordpress-mu.png', + 'wp-includes/wpmu-default-filters.php', + 'wp-includes/wpmu-functions.php', + 'wpmu-settings.php', + // 3.0 + 'wp-admin/categories.php', + 'wp-admin/edit-category-form.php', + 'wp-admin/edit-page-form.php', + 'wp-admin/edit-pages.php', + 'wp-admin/images/admin-header-footer.png', + 'wp-admin/images/browse-happy.gif', + 'wp-admin/images/ico-add.png', + 'wp-admin/images/ico-close.png', + 'wp-admin/images/ico-edit.png', + 'wp-admin/images/ico-viewpage.png', + 'wp-admin/images/fav-top.png', + 'wp-admin/images/screen-options-left.gif', + 'wp-admin/images/wp-logo-vs.gif', + 'wp-admin/images/wp-logo.gif', + 'wp-admin/import', + 'wp-admin/js/wp-gears.dev.js', + 'wp-admin/js/wp-gears.js', + 'wp-admin/options-misc.php', + 'wp-admin/page-new.php', + 'wp-admin/page.php', + 'wp-admin/rtl.css', + 'wp-admin/rtl.dev.css', + 'wp-admin/update-links.php', + 'wp-admin/wp-admin.css', + 'wp-admin/wp-admin.dev.css', + 'wp-includes/js/codepress', + 'wp-includes/js/codepress/engines/khtml.js', + 'wp-includes/js/codepress/engines/older.js', + 'wp-includes/js/jquery/autocomplete.dev.js', + 'wp-includes/js/jquery/autocomplete.js', + 'wp-includes/js/jquery/interface.js', + 'wp-includes/js/scriptaculous/prototype.js', + // Following file added back in 5.1, see #45645. + //'wp-includes/js/tinymce/wp-tinymce.js', + // 3.1 + 'wp-admin/edit-attachment-rows.php', + 'wp-admin/edit-link-categories.php', + 'wp-admin/edit-link-category-form.php', + 'wp-admin/edit-post-rows.php', + 'wp-admin/images/button-grad-active-vs.png', + 'wp-admin/images/button-grad-vs.png', + 'wp-admin/images/fav-arrow-vs-rtl.gif', + 'wp-admin/images/fav-arrow-vs.gif', + 'wp-admin/images/fav-top-vs.gif', + 'wp-admin/images/list-vs.png', + 'wp-admin/images/screen-options-right-up.gif', + 'wp-admin/images/screen-options-right.gif', + 'wp-admin/images/visit-site-button-grad-vs.gif', + 'wp-admin/images/visit-site-button-grad.gif', + 'wp-admin/link-category.php', + 'wp-admin/sidebar.php', + 'wp-includes/classes.php', + 'wp-includes/js/tinymce/blank.htm', + 'wp-includes/js/tinymce/plugins/media/css/content.css', + 'wp-includes/js/tinymce/plugins/media/img', + 'wp-includes/js/tinymce/plugins/safari', + // 3.2 + 'wp-admin/images/logo-login.gif', + 'wp-admin/images/star.gif', + 'wp-admin/js/list-table.dev.js', + 'wp-admin/js/list-table.js', + 'wp-includes/default-embeds.php', + 'wp-includes/js/tinymce/plugins/wordpress/img/help.gif', + 'wp-includes/js/tinymce/plugins/wordpress/img/more.gif', + 'wp-includes/js/tinymce/plugins/wordpress/img/toolbars.gif', + 'wp-includes/js/tinymce/themes/advanced/img/fm.gif', + 'wp-includes/js/tinymce/themes/advanced/img/sflogo.png', + // 3.3 + 'wp-admin/css/colors-classic-rtl.css', + 'wp-admin/css/colors-classic-rtl.dev.css', + 'wp-admin/css/colors-fresh-rtl.css', + 'wp-admin/css/colors-fresh-rtl.dev.css', + 'wp-admin/css/dashboard-rtl.dev.css', + 'wp-admin/css/dashboard.dev.css', + 'wp-admin/css/global-rtl.css', + 'wp-admin/css/global-rtl.dev.css', + 'wp-admin/css/global.css', + 'wp-admin/css/global.dev.css', + 'wp-admin/css/install-rtl.dev.css', + 'wp-admin/css/login-rtl.dev.css', + 'wp-admin/css/login.dev.css', + 'wp-admin/css/ms.css', + 'wp-admin/css/ms.dev.css', + 'wp-admin/css/nav-menu-rtl.css', + 'wp-admin/css/nav-menu-rtl.dev.css', + 'wp-admin/css/nav-menu.css', + 'wp-admin/css/nav-menu.dev.css', + 'wp-admin/css/plugin-install-rtl.css', + 'wp-admin/css/plugin-install-rtl.dev.css', + 'wp-admin/css/plugin-install.css', + 'wp-admin/css/plugin-install.dev.css', + 'wp-admin/css/press-this-rtl.dev.css', + 'wp-admin/css/press-this.dev.css', + 'wp-admin/css/theme-editor-rtl.css', + 'wp-admin/css/theme-editor-rtl.dev.css', + 'wp-admin/css/theme-editor.css', + 'wp-admin/css/theme-editor.dev.css', + 'wp-admin/css/theme-install-rtl.css', + 'wp-admin/css/theme-install-rtl.dev.css', + 'wp-admin/css/theme-install.css', + 'wp-admin/css/theme-install.dev.css', + 'wp-admin/css/widgets-rtl.dev.css', + 'wp-admin/css/widgets.dev.css', + 'wp-admin/includes/internal-linking.php', + 'wp-includes/images/admin-bar-sprite-rtl.png', + 'wp-includes/js/jquery/ui.button.js', + 'wp-includes/js/jquery/ui.core.js', + 'wp-includes/js/jquery/ui.dialog.js', + 'wp-includes/js/jquery/ui.draggable.js', + 'wp-includes/js/jquery/ui.droppable.js', + 'wp-includes/js/jquery/ui.mouse.js', + 'wp-includes/js/jquery/ui.position.js', + 'wp-includes/js/jquery/ui.resizable.js', + 'wp-includes/js/jquery/ui.selectable.js', + 'wp-includes/js/jquery/ui.sortable.js', + 'wp-includes/js/jquery/ui.tabs.js', + 'wp-includes/js/jquery/ui.widget.js', + 'wp-includes/js/l10n.dev.js', + 'wp-includes/js/l10n.js', + 'wp-includes/js/tinymce/plugins/wplink/css', + 'wp-includes/js/tinymce/plugins/wplink/img', + 'wp-includes/js/tinymce/plugins/wplink/js', + 'wp-includes/js/tinymce/themes/advanced/img/wpicons.png', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/butt2.png', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/button_bg.png', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/down_arrow.gif', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/fade-butt.png', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/separator.gif', + // Don't delete, yet: 'wp-rss.php', + // Don't delete, yet: 'wp-rdf.php', + // Don't delete, yet: 'wp-rss2.php', + // Don't delete, yet: 'wp-commentsrss2.php', + // Don't delete, yet: 'wp-atom.php', + // Don't delete, yet: 'wp-feed.php', + // 3.4 + 'wp-admin/images/gray-star.png', + 'wp-admin/images/logo-login.png', + 'wp-admin/images/star.png', + 'wp-admin/index-extra.php', + 'wp-admin/network/index-extra.php', + 'wp-admin/user/index-extra.php', + 'wp-admin/images/screenshots/admin-flyouts.png', + 'wp-admin/images/screenshots/coediting.png', + 'wp-admin/images/screenshots/drag-and-drop.png', + 'wp-admin/images/screenshots/help-screen.png', + 'wp-admin/images/screenshots/media-icon.png', + 'wp-admin/images/screenshots/new-feature-pointer.png', + 'wp-admin/images/screenshots/welcome-screen.png', + 'wp-includes/css/editor-buttons.css', + 'wp-includes/css/editor-buttons.dev.css', + 'wp-includes/js/tinymce/plugins/paste/blank.htm', + 'wp-includes/js/tinymce/plugins/wordpress/css', + 'wp-includes/js/tinymce/plugins/wordpress/editor_plugin.dev.js', + 'wp-includes/js/tinymce/plugins/wordpress/img/embedded.png', + 'wp-includes/js/tinymce/plugins/wordpress/img/more_bug.gif', + 'wp-includes/js/tinymce/plugins/wordpress/img/page_bug.gif', + 'wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin.dev.js', + 'wp-includes/js/tinymce/plugins/wpeditimage/css/editimage-rtl.css', + 'wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.dev.js', + 'wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin.dev.js', + 'wp-includes/js/tinymce/plugins/wpgallery/editor_plugin.dev.js', + 'wp-includes/js/tinymce/plugins/wpgallery/img/gallery.png', + 'wp-includes/js/tinymce/plugins/wplink/editor_plugin.dev.js', + // Don't delete, yet: 'wp-pass.php', + // Don't delete, yet: 'wp-register.php', + // 3.5 + 'wp-admin/gears-manifest.php', + 'wp-admin/includes/manifest.php', + 'wp-admin/images/archive-link.png', + 'wp-admin/images/blue-grad.png', + 'wp-admin/images/button-grad-active.png', + 'wp-admin/images/button-grad.png', + 'wp-admin/images/ed-bg-vs.gif', + 'wp-admin/images/ed-bg.gif', + 'wp-admin/images/fade-butt.png', + 'wp-admin/images/fav-arrow-rtl.gif', + 'wp-admin/images/fav-arrow.gif', + 'wp-admin/images/fav-vs.png', + 'wp-admin/images/fav.png', + 'wp-admin/images/gray-grad.png', + 'wp-admin/images/loading-publish.gif', + 'wp-admin/images/logo-ghost.png', + 'wp-admin/images/logo.gif', + 'wp-admin/images/menu-arrow-frame-rtl.png', + 'wp-admin/images/menu-arrow-frame.png', + 'wp-admin/images/menu-arrows.gif', + 'wp-admin/images/menu-bits-rtl-vs.gif', + 'wp-admin/images/menu-bits-rtl.gif', + 'wp-admin/images/menu-bits-vs.gif', + 'wp-admin/images/menu-bits.gif', + 'wp-admin/images/menu-dark-rtl-vs.gif', + 'wp-admin/images/menu-dark-rtl.gif', + 'wp-admin/images/menu-dark-vs.gif', + 'wp-admin/images/menu-dark.gif', + 'wp-admin/images/required.gif', + 'wp-admin/images/screen-options-toggle-vs.gif', + 'wp-admin/images/screen-options-toggle.gif', + 'wp-admin/images/toggle-arrow-rtl.gif', + 'wp-admin/images/toggle-arrow.gif', + 'wp-admin/images/upload-classic.png', + 'wp-admin/images/upload-fresh.png', + 'wp-admin/images/white-grad-active.png', + 'wp-admin/images/white-grad.png', + 'wp-admin/images/widgets-arrow-vs.gif', + 'wp-admin/images/widgets-arrow.gif', + 'wp-admin/images/wpspin_dark.gif', + 'wp-includes/images/upload.png', + 'wp-includes/js/prototype.js', + 'wp-includes/js/scriptaculous', + 'wp-admin/css/wp-admin-rtl.dev.css', + 'wp-admin/css/wp-admin.dev.css', + 'wp-admin/css/media-rtl.dev.css', + 'wp-admin/css/media.dev.css', + 'wp-admin/css/colors-classic.dev.css', + 'wp-admin/css/customize-controls-rtl.dev.css', + 'wp-admin/css/customize-controls.dev.css', + 'wp-admin/css/ie-rtl.dev.css', + 'wp-admin/css/ie.dev.css', + 'wp-admin/css/install.dev.css', + 'wp-admin/css/colors-fresh.dev.css', + 'wp-includes/js/customize-base.dev.js', + 'wp-includes/js/json2.dev.js', + 'wp-includes/js/comment-reply.dev.js', + 'wp-includes/js/customize-preview.dev.js', + 'wp-includes/js/wplink.dev.js', + 'wp-includes/js/tw-sack.dev.js', + 'wp-includes/js/wp-list-revisions.dev.js', + 'wp-includes/js/autosave.dev.js', + 'wp-includes/js/admin-bar.dev.js', + 'wp-includes/js/quicktags.dev.js', + 'wp-includes/js/wp-ajax-response.dev.js', + 'wp-includes/js/wp-pointer.dev.js', + 'wp-includes/js/hoverIntent.dev.js', + 'wp-includes/js/colorpicker.dev.js', + 'wp-includes/js/wp-lists.dev.js', + 'wp-includes/js/customize-loader.dev.js', + 'wp-includes/js/jquery/jquery.table-hotkeys.dev.js', + 'wp-includes/js/jquery/jquery.color.dev.js', + 'wp-includes/js/jquery/jquery.color.js', + 'wp-includes/js/jquery/jquery.hotkeys.dev.js', + 'wp-includes/js/jquery/jquery.form.dev.js', + 'wp-includes/js/jquery/suggest.dev.js', + 'wp-admin/js/xfn.dev.js', + 'wp-admin/js/set-post-thumbnail.dev.js', + 'wp-admin/js/comment.dev.js', + 'wp-admin/js/theme.dev.js', + 'wp-admin/js/cat.dev.js', + 'wp-admin/js/password-strength-meter.dev.js', + 'wp-admin/js/user-profile.dev.js', + 'wp-admin/js/theme-preview.dev.js', + 'wp-admin/js/post.dev.js', + 'wp-admin/js/media-upload.dev.js', + 'wp-admin/js/word-count.dev.js', + 'wp-admin/js/plugin-install.dev.js', + 'wp-admin/js/edit-comments.dev.js', + 'wp-admin/js/media-gallery.dev.js', + 'wp-admin/js/custom-fields.dev.js', + 'wp-admin/js/custom-background.dev.js', + 'wp-admin/js/common.dev.js', + 'wp-admin/js/inline-edit-tax.dev.js', + 'wp-admin/js/gallery.dev.js', + 'wp-admin/js/utils.dev.js', + 'wp-admin/js/widgets.dev.js', + 'wp-admin/js/wp-fullscreen.dev.js', + 'wp-admin/js/nav-menu.dev.js', + 'wp-admin/js/dashboard.dev.js', + 'wp-admin/js/link.dev.js', + 'wp-admin/js/user-suggest.dev.js', + 'wp-admin/js/postbox.dev.js', + 'wp-admin/js/tags.dev.js', + 'wp-admin/js/image-edit.dev.js', + 'wp-admin/js/media.dev.js', + 'wp-admin/js/customize-controls.dev.js', + 'wp-admin/js/inline-edit-post.dev.js', + 'wp-admin/js/categories.dev.js', + 'wp-admin/js/editor.dev.js', + 'wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.dev.js', + 'wp-includes/js/tinymce/plugins/wpdialogs/js/popup.dev.js', + 'wp-includes/js/tinymce/plugins/wpdialogs/js/wpdialog.dev.js', + 'wp-includes/js/plupload/handlers.dev.js', + 'wp-includes/js/plupload/wp-plupload.dev.js', + 'wp-includes/js/swfupload/handlers.dev.js', + 'wp-includes/js/jcrop/jquery.Jcrop.dev.js', + 'wp-includes/js/jcrop/jquery.Jcrop.js', + 'wp-includes/js/jcrop/jquery.Jcrop.css', + 'wp-includes/js/imgareaselect/jquery.imgareaselect.dev.js', + 'wp-includes/css/wp-pointer.dev.css', + 'wp-includes/css/editor.dev.css', + 'wp-includes/css/jquery-ui-dialog.dev.css', + 'wp-includes/css/admin-bar-rtl.dev.css', + 'wp-includes/css/admin-bar.dev.css', + 'wp-includes/js/jquery/ui/jquery.effects.clip.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.scale.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.blind.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.core.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.shake.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.fade.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.explode.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.slide.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.drop.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.highlight.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.bounce.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.pulsate.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.transfer.min.js', + 'wp-includes/js/jquery/ui/jquery.effects.fold.min.js', + 'wp-admin/images/screenshots/captions-1.png', + 'wp-admin/images/screenshots/captions-2.png', + 'wp-admin/images/screenshots/flex-header-1.png', + 'wp-admin/images/screenshots/flex-header-2.png', + 'wp-admin/images/screenshots/flex-header-3.png', + 'wp-admin/images/screenshots/flex-header-media-library.png', + 'wp-admin/images/screenshots/theme-customizer.png', + 'wp-admin/images/screenshots/twitter-embed-1.png', + 'wp-admin/images/screenshots/twitter-embed-2.png', + 'wp-admin/js/utils.js', + // Added back in 5.3 [45448], see #43895. + // 'wp-admin/options-privacy.php', + 'wp-app.php', + 'wp-includes/class-wp-atom-server.php', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/ui.css', + // 3.5.2 + 'wp-includes/js/swfupload/swfupload-all.js', + // 3.6 + 'wp-admin/js/revisions-js.php', + 'wp-admin/images/screenshots', + 'wp-admin/js/categories.js', + 'wp-admin/js/categories.min.js', + 'wp-admin/js/custom-fields.js', + 'wp-admin/js/custom-fields.min.js', + // 3.7 + 'wp-admin/js/cat.js', + 'wp-admin/js/cat.min.js', + 'wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.min.js', + // 3.8 + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/page_bug.gif', + 'wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/more_bug.gif', + 'wp-includes/js/thickbox/tb-close-2x.png', + 'wp-includes/js/thickbox/tb-close.png', + 'wp-includes/images/wpmini-blue-2x.png', + 'wp-includes/images/wpmini-blue.png', + 'wp-admin/css/colors-fresh.css', + 'wp-admin/css/colors-classic.css', + 'wp-admin/css/colors-fresh.min.css', + 'wp-admin/css/colors-classic.min.css', + 'wp-admin/js/about.min.js', + 'wp-admin/js/about.js', + 'wp-admin/images/arrows-dark-vs-2x.png', + 'wp-admin/images/wp-logo-vs.png', + 'wp-admin/images/arrows-dark-vs.png', + 'wp-admin/images/wp-logo.png', + 'wp-admin/images/arrows-pr.png', + 'wp-admin/images/arrows-dark.png', + 'wp-admin/images/press-this.png', + 'wp-admin/images/press-this-2x.png', + 'wp-admin/images/arrows-vs-2x.png', + 'wp-admin/images/welcome-icons.png', + 'wp-admin/images/wp-logo-2x.png', + 'wp-admin/images/stars-rtl-2x.png', + 'wp-admin/images/arrows-dark-2x.png', + 'wp-admin/images/arrows-pr-2x.png', + 'wp-admin/images/menu-shadow-rtl.png', + 'wp-admin/images/arrows-vs.png', + 'wp-admin/images/about-search-2x.png', + 'wp-admin/images/bubble_bg-rtl-2x.gif', + 'wp-admin/images/wp-badge-2x.png', + 'wp-admin/images/wordpress-logo-2x.png', + 'wp-admin/images/bubble_bg-rtl.gif', + 'wp-admin/images/wp-badge.png', + 'wp-admin/images/menu-shadow.png', + 'wp-admin/images/about-globe-2x.png', + 'wp-admin/images/welcome-icons-2x.png', + 'wp-admin/images/stars-rtl.png', + 'wp-admin/images/wp-logo-vs-2x.png', + 'wp-admin/images/about-updates-2x.png', + // 3.9 + 'wp-admin/css/colors.css', + 'wp-admin/css/colors.min.css', + 'wp-admin/css/colors-rtl.css', + 'wp-admin/css/colors-rtl.min.css', + // Following files added back in 4.5, see #36083. + // 'wp-admin/css/media-rtl.min.css', + // 'wp-admin/css/media.min.css', + // 'wp-admin/css/farbtastic-rtl.min.css', + 'wp-admin/images/lock-2x.png', + 'wp-admin/images/lock.png', + 'wp-admin/js/theme-preview.js', + 'wp-admin/js/theme-install.min.js', + 'wp-admin/js/theme-install.js', + 'wp-admin/js/theme-preview.min.js', + 'wp-includes/js/plupload/plupload.html4.js', + 'wp-includes/js/plupload/plupload.html5.js', + 'wp-includes/js/plupload/changelog.txt', + 'wp-includes/js/plupload/plupload.silverlight.js', + 'wp-includes/js/plupload/plupload.flash.js', + // Added back in 4.9 [41328], see #41755. + // 'wp-includes/js/plupload/plupload.js', + 'wp-includes/js/tinymce/plugins/spellchecker', + 'wp-includes/js/tinymce/plugins/inlinepopups', + 'wp-includes/js/tinymce/plugins/media/js', + 'wp-includes/js/tinymce/plugins/media/css', + 'wp-includes/js/tinymce/plugins/wordpress/img', + 'wp-includes/js/tinymce/plugins/wpdialogs/js', + 'wp-includes/js/tinymce/plugins/wpeditimage/img', + 'wp-includes/js/tinymce/plugins/wpeditimage/js', + 'wp-includes/js/tinymce/plugins/wpeditimage/css', + 'wp-includes/js/tinymce/plugins/wpgallery/img', + 'wp-includes/js/tinymce/plugins/wpfullscreen/css', + 'wp-includes/js/tinymce/plugins/paste/js', + 'wp-includes/js/tinymce/themes/advanced', + 'wp-includes/js/tinymce/tiny_mce.js', + 'wp-includes/js/tinymce/mark_loaded_src.js', + 'wp-includes/js/tinymce/wp-tinymce-schema.js', + 'wp-includes/js/tinymce/plugins/media/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/media/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/media/media.htm', + 'wp-includes/js/tinymce/plugins/wpview/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wpview/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/directionality/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/directionality/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wordpress/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wordpress/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wpeditimage/editimage.html', + 'wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/fullscreen/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/fullscreen/fullscreen.htm', + 'wp-includes/js/tinymce/plugins/fullscreen/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wplink/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wplink/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wpgallery/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wpgallery/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/tabfocus/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/tabfocus/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/paste/editor_plugin.js', + 'wp-includes/js/tinymce/plugins/paste/pasteword.htm', + 'wp-includes/js/tinymce/plugins/paste/editor_plugin_src.js', + 'wp-includes/js/tinymce/plugins/paste/pastetext.htm', + 'wp-includes/js/tinymce/langs/wp-langs.php', + // 4.1 + 'wp-includes/js/jquery/ui/jquery.ui.accordion.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.autocomplete.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.button.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.core.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.dialog.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.draggable.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.droppable.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-blind.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-bounce.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-clip.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-drop.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-explode.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-fade.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-fold.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-highlight.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-pulsate.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-scale.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-shake.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-slide.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect-transfer.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.effect.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.menu.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.mouse.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.position.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.resizable.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.selectable.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.slider.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.sortable.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.spinner.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.tabs.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.tooltip.min.js', + 'wp-includes/js/jquery/ui/jquery.ui.widget.min.js', + 'wp-includes/js/tinymce/skins/wordpress/images/dashicon-no-alt.png', + // 4.3 + 'wp-admin/js/wp-fullscreen.js', + 'wp-admin/js/wp-fullscreen.min.js', + 'wp-includes/js/tinymce/wp-mce-help.php', + 'wp-includes/js/tinymce/plugins/wpfullscreen', + // 4.5 + 'wp-includes/theme-compat/comments-popup.php', + // 4.6 + 'wp-admin/includes/class-wp-automatic-upgrader.php', // Wrong file name, see #37628. + // 4.8 + 'wp-includes/js/tinymce/plugins/wpembed', + 'wp-includes/js/tinymce/plugins/media/moxieplayer.swf', + 'wp-includes/js/tinymce/skins/lightgray/fonts/readme.md', + 'wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.json', + 'wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.json', + 'wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css', + // 4.9 + 'wp-admin/css/press-this-editor-rtl.css', + 'wp-admin/css/press-this-editor-rtl.min.css', + 'wp-admin/css/press-this-editor.css', + 'wp-admin/css/press-this-editor.min.css', + 'wp-admin/css/press-this-rtl.css', + 'wp-admin/css/press-this-rtl.min.css', + 'wp-admin/css/press-this.css', + 'wp-admin/css/press-this.min.css', + 'wp-admin/includes/class-wp-press-this.php', + 'wp-admin/js/bookmarklet.js', + 'wp-admin/js/bookmarklet.min.js', + 'wp-admin/js/press-this.js', + 'wp-admin/js/press-this.min.js', + 'wp-includes/js/mediaelement/background.png', + 'wp-includes/js/mediaelement/bigplay.png', + 'wp-includes/js/mediaelement/bigplay.svg', + 'wp-includes/js/mediaelement/controls.png', + 'wp-includes/js/mediaelement/controls.svg', + 'wp-includes/js/mediaelement/flashmediaelement.swf', + 'wp-includes/js/mediaelement/froogaloop.min.js', + 'wp-includes/js/mediaelement/jumpforward.png', + 'wp-includes/js/mediaelement/loading.gif', + 'wp-includes/js/mediaelement/silverlightmediaelement.xap', + 'wp-includes/js/mediaelement/skipback.png', + 'wp-includes/js/plupload/plupload.flash.swf', + 'wp-includes/js/plupload/plupload.full.min.js', + 'wp-includes/js/plupload/plupload.silverlight.xap', + 'wp-includes/js/swfupload/plugins', + 'wp-includes/js/swfupload/swfupload.swf', + // 4.9.2 + 'wp-includes/js/mediaelement/lang', + 'wp-includes/js/mediaelement/lang/ca.js', + 'wp-includes/js/mediaelement/lang/cs.js', + 'wp-includes/js/mediaelement/lang/de.js', + 'wp-includes/js/mediaelement/lang/es.js', + 'wp-includes/js/mediaelement/lang/fa.js', + 'wp-includes/js/mediaelement/lang/fr.js', + 'wp-includes/js/mediaelement/lang/hr.js', + 'wp-includes/js/mediaelement/lang/hu.js', + 'wp-includes/js/mediaelement/lang/it.js', + 'wp-includes/js/mediaelement/lang/ja.js', + 'wp-includes/js/mediaelement/lang/ko.js', + 'wp-includes/js/mediaelement/lang/nl.js', + 'wp-includes/js/mediaelement/lang/pl.js', + 'wp-includes/js/mediaelement/lang/pt.js', + 'wp-includes/js/mediaelement/lang/ro.js', + 'wp-includes/js/mediaelement/lang/ru.js', + 'wp-includes/js/mediaelement/lang/sk.js', + 'wp-includes/js/mediaelement/lang/sv.js', + 'wp-includes/js/mediaelement/lang/uk.js', + 'wp-includes/js/mediaelement/lang/zh-cn.js', + 'wp-includes/js/mediaelement/lang/zh.js', + 'wp-includes/js/mediaelement/mediaelement-flash-audio-ogg.swf', + 'wp-includes/js/mediaelement/mediaelement-flash-audio.swf', + 'wp-includes/js/mediaelement/mediaelement-flash-video-hls.swf', + 'wp-includes/js/mediaelement/mediaelement-flash-video-mdash.swf', + 'wp-includes/js/mediaelement/mediaelement-flash-video.swf', + 'wp-includes/js/mediaelement/renderers/dailymotion.js', + 'wp-includes/js/mediaelement/renderers/dailymotion.min.js', + 'wp-includes/js/mediaelement/renderers/facebook.js', + 'wp-includes/js/mediaelement/renderers/facebook.min.js', + 'wp-includes/js/mediaelement/renderers/soundcloud.js', + 'wp-includes/js/mediaelement/renderers/soundcloud.min.js', + 'wp-includes/js/mediaelement/renderers/twitch.js', + 'wp-includes/js/mediaelement/renderers/twitch.min.js', + // 5.0 + 'wp-includes/js/codemirror/jshint.js', + // 5.1 + 'wp-includes/random_compat/random_bytes_openssl.php', + 'wp-includes/js/tinymce/wp-tinymce.js.gz', + // 5.3 + 'wp-includes/js/wp-a11y.js', // Moved to: wp-includes/js/dist/a11y.js + 'wp-includes/js/wp-a11y.min.js', // Moved to: wp-includes/js/dist/a11y.min.js + // 5.4 + 'wp-admin/js/wp-fullscreen-stub.js', + 'wp-admin/js/wp-fullscreen-stub.min.js', + // 5.5 + 'wp-admin/css/ie.css', + 'wp-admin/css/ie.min.css', + 'wp-admin/css/ie-rtl.css', + 'wp-admin/css/ie-rtl.min.css', + // 5.6 + 'wp-includes/js/jquery/ui/position.min.js', + 'wp-includes/js/jquery/ui/widget.min.js', + // 5.7 + 'wp-includes/blocks/classic/block.json', + // 5.8 + 'wp-admin/images/freedoms.png', + 'wp-admin/images/privacy.png', + 'wp-admin/images/about-badge.svg', + 'wp-admin/images/about-color-palette.svg', + 'wp-admin/images/about-color-palette-vert.svg', + 'wp-admin/images/about-header-brushes.svg', + 'wp-includes/block-patterns/large-header.php', + 'wp-includes/block-patterns/heading-paragraph.php', + 'wp-includes/block-patterns/quote.php', + 'wp-includes/block-patterns/text-three-columns-buttons.php', + 'wp-includes/block-patterns/two-buttons.php', + 'wp-includes/block-patterns/two-images.php', + 'wp-includes/block-patterns/three-buttons.php', + 'wp-includes/block-patterns/text-two-columns-with-images.php', + 'wp-includes/block-patterns/text-two-columns.php', + 'wp-includes/block-patterns/large-header-button.php', + 'wp-includes/blocks/subhead/block.json', + 'wp-includes/blocks/subhead', + 'wp-includes/css/dist/editor/editor-styles.css', + 'wp-includes/css/dist/editor/editor-styles.min.css', + 'wp-includes/css/dist/editor/editor-styles-rtl.css', + 'wp-includes/css/dist/editor/editor-styles-rtl.min.css', + // 5.9 + 'wp-includes/blocks/heading/editor.css', + 'wp-includes/blocks/heading/editor.min.css', + 'wp-includes/blocks/heading/editor-rtl.css', + 'wp-includes/blocks/heading/editor-rtl.min.css', + 'wp-includes/blocks/post-content/editor.css', + 'wp-includes/blocks/post-content/editor.min.css', + 'wp-includes/blocks/post-content/editor-rtl.css', + 'wp-includes/blocks/post-content/editor-rtl.min.css', + 'wp-includes/blocks/query-title/editor.css', + 'wp-includes/blocks/query-title/editor.min.css', + 'wp-includes/blocks/query-title/editor-rtl.css', + 'wp-includes/blocks/query-title/editor-rtl.min.css', + 'wp-includes/blocks/tag-cloud/editor.css', + 'wp-includes/blocks/tag-cloud/editor.min.css', + 'wp-includes/blocks/tag-cloud/editor-rtl.css', + 'wp-includes/blocks/tag-cloud/editor-rtl.min.css', + // 6.1 + 'wp-includes/blocks/post-comments.php', + 'wp-includes/blocks/post-comments/block.json', + 'wp-includes/blocks/post-comments/editor.css', + 'wp-includes/blocks/post-comments/editor.min.css', + 'wp-includes/blocks/post-comments/editor-rtl.css', + 'wp-includes/blocks/post-comments/editor-rtl.min.css', + 'wp-includes/blocks/post-comments/style.css', + 'wp-includes/blocks/post-comments/style.min.css', + 'wp-includes/blocks/post-comments/style-rtl.css', + 'wp-includes/blocks/post-comments/style-rtl.min.css', + 'wp-includes/blocks/post-comments', + 'wp-includes/blocks/comments-query-loop/block.json', + 'wp-includes/blocks/comments-query-loop/editor.css', + 'wp-includes/blocks/comments-query-loop/editor.min.css', + 'wp-includes/blocks/comments-query-loop/editor-rtl.css', + 'wp-includes/blocks/comments-query-loop/editor-rtl.min.css', + 'wp-includes/blocks/comments-query-loop', + // 6.3 + 'wp-includes/images/wlw', + 'wp-includes/wlwmanifest.xml', + 'wp-includes/random_compat', + // 6.4 + 'wp-includes/navigation-fallback.php', + 'wp-includes/blocks/navigation/view-modal.min.js', + 'wp-includes/blocks/navigation/view-modal.js', +); + +/** + * Stores Requests files to be preloaded and deleted. + * + * For classes/interfaces, use the class/interface name + * as the array key. + * + * All other files/directories should not have a key. + * + * @since 6.2.0 + * + * @global array $_old_requests_files + * @var array + * @name $_old_requests_files + */ +global $_old_requests_files; + +$_old_requests_files = array( + // Interfaces. + 'Requests_Auth' => 'wp-includes/Requests/Auth.php', + 'Requests_Hooker' => 'wp-includes/Requests/Hooker.php', + 'Requests_Proxy' => 'wp-includes/Requests/Proxy.php', + 'Requests_Transport' => 'wp-includes/Requests/Transport.php', + + // Classes. + 'Requests_Auth_Basic' => 'wp-includes/Requests/Auth/Basic.php', + 'Requests_Cookie_Jar' => 'wp-includes/Requests/Cookie/Jar.php', + 'Requests_Exception_HTTP' => 'wp-includes/Requests/Exception/HTTP.php', + 'Requests_Exception_Transport' => 'wp-includes/Requests/Exception/Transport.php', + 'Requests_Exception_HTTP_304' => 'wp-includes/Requests/Exception/HTTP/304.php', + 'Requests_Exception_HTTP_305' => 'wp-includes/Requests/Exception/HTTP/305.php', + 'Requests_Exception_HTTP_306' => 'wp-includes/Requests/Exception/HTTP/306.php', + 'Requests_Exception_HTTP_400' => 'wp-includes/Requests/Exception/HTTP/400.php', + 'Requests_Exception_HTTP_401' => 'wp-includes/Requests/Exception/HTTP/401.php', + 'Requests_Exception_HTTP_402' => 'wp-includes/Requests/Exception/HTTP/402.php', + 'Requests_Exception_HTTP_403' => 'wp-includes/Requests/Exception/HTTP/403.php', + 'Requests_Exception_HTTP_404' => 'wp-includes/Requests/Exception/HTTP/404.php', + 'Requests_Exception_HTTP_405' => 'wp-includes/Requests/Exception/HTTP/405.php', + 'Requests_Exception_HTTP_406' => 'wp-includes/Requests/Exception/HTTP/406.php', + 'Requests_Exception_HTTP_407' => 'wp-includes/Requests/Exception/HTTP/407.php', + 'Requests_Exception_HTTP_408' => 'wp-includes/Requests/Exception/HTTP/408.php', + 'Requests_Exception_HTTP_409' => 'wp-includes/Requests/Exception/HTTP/409.php', + 'Requests_Exception_HTTP_410' => 'wp-includes/Requests/Exception/HTTP/410.php', + 'Requests_Exception_HTTP_411' => 'wp-includes/Requests/Exception/HTTP/411.php', + 'Requests_Exception_HTTP_412' => 'wp-includes/Requests/Exception/HTTP/412.php', + 'Requests_Exception_HTTP_413' => 'wp-includes/Requests/Exception/HTTP/413.php', + 'Requests_Exception_HTTP_414' => 'wp-includes/Requests/Exception/HTTP/414.php', + 'Requests_Exception_HTTP_415' => 'wp-includes/Requests/Exception/HTTP/415.php', + 'Requests_Exception_HTTP_416' => 'wp-includes/Requests/Exception/HTTP/416.php', + 'Requests_Exception_HTTP_417' => 'wp-includes/Requests/Exception/HTTP/417.php', + 'Requests_Exception_HTTP_418' => 'wp-includes/Requests/Exception/HTTP/418.php', + 'Requests_Exception_HTTP_428' => 'wp-includes/Requests/Exception/HTTP/428.php', + 'Requests_Exception_HTTP_429' => 'wp-includes/Requests/Exception/HTTP/429.php', + 'Requests_Exception_HTTP_431' => 'wp-includes/Requests/Exception/HTTP/431.php', + 'Requests_Exception_HTTP_500' => 'wp-includes/Requests/Exception/HTTP/500.php', + 'Requests_Exception_HTTP_501' => 'wp-includes/Requests/Exception/HTTP/501.php', + 'Requests_Exception_HTTP_502' => 'wp-includes/Requests/Exception/HTTP/502.php', + 'Requests_Exception_HTTP_503' => 'wp-includes/Requests/Exception/HTTP/503.php', + 'Requests_Exception_HTTP_504' => 'wp-includes/Requests/Exception/HTTP/504.php', + 'Requests_Exception_HTTP_505' => 'wp-includes/Requests/Exception/HTTP/505.php', + 'Requests_Exception_HTTP_511' => 'wp-includes/Requests/Exception/HTTP/511.php', + 'Requests_Exception_HTTP_Unknown' => 'wp-includes/Requests/Exception/HTTP/Unknown.php', + 'Requests_Exception_Transport_cURL' => 'wp-includes/Requests/Exception/Transport/cURL.php', + 'Requests_Proxy_HTTP' => 'wp-includes/Requests/Proxy/HTTP.php', + 'Requests_Response_Headers' => 'wp-includes/Requests/Response/Headers.php', + 'Requests_Transport_cURL' => 'wp-includes/Requests/Transport/cURL.php', + 'Requests_Transport_fsockopen' => 'wp-includes/Requests/Transport/fsockopen.php', + 'Requests_Utility_CaseInsensitiveDictionary' => 'wp-includes/Requests/Utility/CaseInsensitiveDictionary.php', + 'Requests_Utility_FilteredIterator' => 'wp-includes/Requests/Utility/FilteredIterator.php', + 'Requests_Cookie' => 'wp-includes/Requests/Cookie.php', + 'Requests_Exception' => 'wp-includes/Requests/Exception.php', + 'Requests_Hooks' => 'wp-includes/Requests/Hooks.php', + 'Requests_IDNAEncoder' => 'wp-includes/Requests/IDNAEncoder.php', + 'Requests_IPv6' => 'wp-includes/Requests/IPv6.php', + 'Requests_IRI' => 'wp-includes/Requests/IRI.php', + 'Requests_Response' => 'wp-includes/Requests/Response.php', + 'Requests_SSL' => 'wp-includes/Requests/SSL.php', + 'Requests_Session' => 'wp-includes/Requests/Session.php', + + // Directories. + 'wp-includes/Requests/Auth/', + 'wp-includes/Requests/Cookie/', + 'wp-includes/Requests/Exception/HTTP/', + 'wp-includes/Requests/Exception/Transport/', + 'wp-includes/Requests/Exception/', + 'wp-includes/Requests/Proxy/', + 'wp-includes/Requests/Response/', + 'wp-includes/Requests/Transport/', + 'wp-includes/Requests/Utility/', +); + +/** + * Stores new files in wp-content to copy + * + * The contents of this array indicate any new bundled plugins/themes which + * should be installed with the WordPress Upgrade. These items will not be + * re-installed in future upgrades, this behavior is controlled by the + * introduced version present here being older than the current installed version. + * + * The content of this array should follow the following format: + * Filename (relative to wp-content) => Introduced version + * Directories should be noted by suffixing it with a trailing slash (/) + * + * @since 3.2.0 + * @since 4.7.0 New themes were not automatically installed for 4.4-4.6 on + * upgrade. New themes are now installed again. To disable new + * themes from being installed on upgrade, explicitly define + * CORE_UPGRADE_SKIP_NEW_BUNDLED as true. + * @global array $_new_bundled_files + * @var array + * @name $_new_bundled_files + */ +global $_new_bundled_files; + +$_new_bundled_files = array( + 'plugins/akismet/' => '2.0', + 'themes/twentyten/' => '3.0', + 'themes/twentyeleven/' => '3.2', + 'themes/twentytwelve/' => '3.5', + 'themes/twentythirteen/' => '3.6', + 'themes/twentyfourteen/' => '3.8', + 'themes/twentyfifteen/' => '4.1', + 'themes/twentysixteen/' => '4.4', + 'themes/twentyseventeen/' => '4.7', + 'themes/twentynineteen/' => '5.0', + 'themes/twentytwenty/' => '5.3', + 'themes/twentytwentyone/' => '5.6', + 'themes/twentytwentytwo/' => '5.9', + 'themes/twentytwentythree/' => '6.1', + 'themes/twentytwentyfour/' => '6.4', +); + +/** + * Upgrades the core of WordPress. + * + * This will create a .maintenance file at the base of the WordPress directory + * to ensure that people can not access the web site, when the files are being + * copied to their locations. + * + * The files in the `$_old_files` list will be removed and the new files + * copied from the zip file after the database is upgraded. + * + * The files in the `$_new_bundled_files` list will be added to the installation + * if the version is greater than or equal to the old version being upgraded. + * + * The steps for the upgrader for after the new release is downloaded and + * unzipped is: + * 1. Test unzipped location for select files to ensure that unzipped worked. + * 2. Create the .maintenance file in current WordPress base. + * 3. Copy new WordPress directory over old WordPress files. + * 4. Upgrade WordPress to new version. + * 4.1. Copy all files/folders other than wp-content + * 4.2. Copy any language files to WP_LANG_DIR (which may differ from WP_CONTENT_DIR + * 4.3. Copy any new bundled themes/plugins to their respective locations + * 5. Delete new WordPress directory path. + * 6. Delete .maintenance file. + * 7. Remove old files. + * 8. Delete 'update_core' option. + * + * There are several areas of failure. For instance if PHP times out before step + * 6, then you will not be able to access any portion of your site. Also, since + * the upgrade will not continue where it left off, you will not be able to + * automatically remove old files and remove the 'update_core' option. This + * isn't that bad. + * + * If the copy of the new WordPress over the old fails, then the worse is that + * the new WordPress directory will remain. + * + * If it is assumed that every file will be copied over, including plugins and + * themes, then if you edit the default theme, you should rename it, so that + * your changes remain. + * + * @since 2.7.0 + * + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global array $_old_files + * @global array $_old_requests_files + * @global array $_new_bundled_files + * @global wpdb $wpdb WordPress database abstraction object. + * @global string $wp_version + * @global string $required_php_version + * @global string $required_mysql_version + * + * @param string $from New release unzipped path. + * @param string $to Path to old WordPress installation. + * @return string|WP_Error New WordPress version on success, WP_Error on failure. + */ +function update_core( $from, $to ) { + global $wp_filesystem, $_old_files, $_old_requests_files, $_new_bundled_files, $wpdb; + + if ( function_exists( 'set_time_limit' ) ) { + set_time_limit( 300 ); + } + + /* + * Merge the old Requests files and directories into the `$_old_files`. + * Then preload these Requests files first, before the files are deleted + * and replaced to ensure the code is in memory if needed. + */ + $_old_files = array_merge( $_old_files, array_values( $_old_requests_files ) ); + _preload_old_requests_classes_and_interfaces( $to ); + + /** + * Filters feedback messages displayed during the core update process. + * + * The filter is first evaluated after the zip file for the latest version + * has been downloaded and unzipped. It is evaluated five more times during + * the process: + * + * 1. Before WordPress begins the core upgrade process. + * 2. Before Maintenance Mode is enabled. + * 3. Before WordPress begins copying over the necessary files. + * 4. Before Maintenance Mode is disabled. + * 5. Before the database is upgraded. + * + * @since 2.5.0 + * + * @param string $feedback The core update feedback messages. + */ + apply_filters( 'update_feedback', __( 'Verifying the unpacked files…' ) ); + + // Sanity check the unzipped distribution. + $distro = ''; + $roots = array( '/wordpress/', '/wordpress-mu/' ); + + foreach ( $roots as $root ) { + if ( $wp_filesystem->exists( $from . $root . 'readme.html' ) + && $wp_filesystem->exists( $from . $root . 'wp-includes/version.php' ) + ) { + $distro = $root; + break; + } + } + + if ( ! $distro ) { + $wp_filesystem->delete( $from, true ); + + return new WP_Error( 'insane_distro', __( 'The update could not be unpacked' ) ); + } + + /* + * Import $wp_version, $required_php_version, and $required_mysql_version from the new version. + * DO NOT globalize any variables imported from `version-current.php` in this function. + * + * BC Note: $wp_filesystem->wp_content_dir() returned unslashed pre-2.8. + */ + $versions_file = trailingslashit( $wp_filesystem->wp_content_dir() ) . 'upgrade/version-current.php'; + + if ( ! $wp_filesystem->copy( $from . $distro . 'wp-includes/version.php', $versions_file ) ) { + $wp_filesystem->delete( $from, true ); + + return new WP_Error( + 'copy_failed_for_version_file', + __( 'The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.' ), + 'wp-includes/version.php' + ); + } + + $wp_filesystem->chmod( $versions_file, FS_CHMOD_FILE ); + + /* + * `wp_opcache_invalidate()` only exists in WordPress 5.5 or later, + * so don't run it when upgrading from older versions. + */ + if ( function_exists( 'wp_opcache_invalidate' ) ) { + wp_opcache_invalidate( $versions_file ); + } + + require WP_CONTENT_DIR . '/upgrade/version-current.php'; + $wp_filesystem->delete( $versions_file ); + + $php_version = PHP_VERSION; + $mysql_version = $wpdb->db_version(); + $old_wp_version = $GLOBALS['wp_version']; // The version of WordPress we're updating from. + /* + * Note: str_contains() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + $development_build = ( false !== strpos( $old_wp_version . $wp_version, '-' ) ); // A dash in the version indicates a development release. + $php_compat = version_compare( $php_version, $required_php_version, '>=' ); + + if ( file_exists( WP_CONTENT_DIR . '/db.php' ) && empty( $wpdb->is_mysql ) ) { + $mysql_compat = true; + } else { + $mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ); + } + + if ( ! $mysql_compat || ! $php_compat ) { + $wp_filesystem->delete( $from, true ); + } + + $php_update_message = ''; + + if ( function_exists( 'wp_get_update_php_url' ) ) { + $php_update_message = '</p><p>' . sprintf( + /* translators: %s: URL to Update PHP page. */ + __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + + if ( function_exists( 'wp_get_update_php_annotation' ) ) { + $annotation = wp_get_update_php_annotation(); + + if ( $annotation ) { + $php_update_message .= '</p><p><em>' . $annotation . '</em>'; + } + } + } + + if ( ! $mysql_compat && ! $php_compat ) { + return new WP_Error( + 'php_mysql_not_compatible', + sprintf( + /* translators: 1: WordPress version number, 2: Minimum required PHP version number, 3: Minimum required MySQL version number, 4: Current PHP version number, 5: Current MySQL version number. */ + __( 'The update cannot be installed because WordPress %1$s requires PHP version %2$s or higher and MySQL version %3$s or higher. You are running PHP version %4$s and MySQL version %5$s.' ), + $wp_version, + $required_php_version, + $required_mysql_version, + $php_version, + $mysql_version + ) . $php_update_message + ); + } elseif ( ! $php_compat ) { + return new WP_Error( + 'php_not_compatible', + sprintf( + /* translators: 1: WordPress version number, 2: Minimum required PHP version number, 3: Current PHP version number. */ + __( 'The update cannot be installed because WordPress %1$s requires PHP version %2$s or higher. You are running version %3$s.' ), + $wp_version, + $required_php_version, + $php_version + ) . $php_update_message + ); + } elseif ( ! $mysql_compat ) { + return new WP_Error( + 'mysql_not_compatible', + sprintf( + /* translators: 1: WordPress version number, 2: Minimum required MySQL version number, 3: Current MySQL version number. */ + __( 'The update cannot be installed because WordPress %1$s requires MySQL version %2$s or higher. You are running version %3$s.' ), + $wp_version, + $required_mysql_version, + $mysql_version + ) + ); + } + + // Add a warning when the JSON PHP extension is missing. + if ( ! extension_loaded( 'json' ) ) { + return new WP_Error( + 'php_not_compatible_json', + sprintf( + /* translators: 1: WordPress version number, 2: The PHP extension name needed. */ + __( 'The update cannot be installed because WordPress %1$s requires the %2$s PHP extension.' ), + $wp_version, + 'JSON' + ) + ); + } + + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', __( 'Preparing to install the latest version…' ) ); + + /* + * Don't copy wp-content, we'll deal with that below. + * We also copy version.php last so failed updates report their old version. + */ + $skip = array( 'wp-content', 'wp-includes/version.php' ); + $check_is_writable = array(); + + // Check to see which files don't really need updating - only available for 3.7 and higher. + if ( function_exists( 'get_core_checksums' ) ) { + // Find the local version of the working directory. + $working_dir_local = WP_CONTENT_DIR . '/upgrade/' . basename( $from ) . $distro; + + $checksums = get_core_checksums( $wp_version, isset( $wp_local_package ) ? $wp_local_package : 'en_US' ); + + if ( is_array( $checksums ) && isset( $checksums[ $wp_version ] ) ) { + $checksums = $checksums[ $wp_version ]; // Compat code for 3.7-beta2. + } + + if ( is_array( $checksums ) ) { + foreach ( $checksums as $file => $checksum ) { + /* + * Note: str_starts_with() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + if ( 'wp-content' === substr( $file, 0, 10 ) ) { + continue; + } + + if ( ! file_exists( ABSPATH . $file ) ) { + continue; + } + + if ( ! file_exists( $working_dir_local . $file ) ) { + continue; + } + + if ( '.' === dirname( $file ) + && in_array( pathinfo( $file, PATHINFO_EXTENSION ), array( 'html', 'txt' ), true ) + ) { + continue; + } + + if ( md5_file( ABSPATH . $file ) === $checksum ) { + $skip[] = $file; + } else { + $check_is_writable[ $file ] = ABSPATH . $file; + } + } + } + } + + // If we're using the direct method, we can predict write failures that are due to permissions. + if ( $check_is_writable && 'direct' === $wp_filesystem->method ) { + $files_writable = array_filter( $check_is_writable, array( $wp_filesystem, 'is_writable' ) ); + + if ( $files_writable !== $check_is_writable ) { + $files_not_writable = array_diff_key( $check_is_writable, $files_writable ); + + foreach ( $files_not_writable as $relative_file_not_writable => $file_not_writable ) { + // If the writable check failed, chmod file to 0644 and try again, same as copy_dir(). + $wp_filesystem->chmod( $file_not_writable, FS_CHMOD_FILE ); + + if ( $wp_filesystem->is_writable( $file_not_writable ) ) { + unset( $files_not_writable[ $relative_file_not_writable ] ); + } + } + + // Store package-relative paths (the key) of non-writable files in the WP_Error object. + $error_data = version_compare( $old_wp_version, '3.7-beta2', '>' ) ? array_keys( $files_not_writable ) : ''; + + if ( $files_not_writable ) { + return new WP_Error( + 'files_not_writable', + __( 'The update cannot be installed because your site is unable to copy some files. This is usually due to inconsistent file permissions.' ), + implode( ', ', $error_data ) + ); + } + } + } + + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', __( 'Enabling Maintenance mode…' ) ); + + // Create maintenance file to signal that we are upgrading. + $maintenance_string = '<?php $upgrading = ' . time() . '; ?>'; + $maintenance_file = $to . '.maintenance'; + $wp_filesystem->delete( $maintenance_file ); + $wp_filesystem->put_contents( $maintenance_file, $maintenance_string, FS_CHMOD_FILE ); + + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', __( 'Copying the required files…' ) ); + + // Copy new versions of WP files into place. + $result = copy_dir( $from . $distro, $to, $skip ); + + if ( is_wp_error( $result ) ) { + $result = new WP_Error( + $result->get_error_code(), + $result->get_error_message(), + substr( $result->get_error_data(), strlen( $to ) ) + ); + } + + // Since we know the core files have copied over, we can now copy the version file. + if ( ! is_wp_error( $result ) ) { + if ( ! $wp_filesystem->copy( $from . $distro . 'wp-includes/version.php', $to . 'wp-includes/version.php', true /* overwrite */ ) ) { + $wp_filesystem->delete( $from, true ); + $result = new WP_Error( + 'copy_failed_for_version_file', + __( 'The update cannot be installed because your site is unable to copy some files. This is usually due to inconsistent file permissions.' ), + 'wp-includes/version.php' + ); + } + + $wp_filesystem->chmod( $to . 'wp-includes/version.php', FS_CHMOD_FILE ); + + /* + * `wp_opcache_invalidate()` only exists in WordPress 5.5 or later, + * so don't run it when upgrading from older versions. + */ + if ( function_exists( 'wp_opcache_invalidate' ) ) { + wp_opcache_invalidate( $to . 'wp-includes/version.php' ); + } + } + + // Check to make sure everything copied correctly, ignoring the contents of wp-content. + $skip = array( 'wp-content' ); + $failed = array(); + + if ( isset( $checksums ) && is_array( $checksums ) ) { + foreach ( $checksums as $file => $checksum ) { + /* + * Note: str_starts_with() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + if ( 'wp-content' === substr( $file, 0, 10 ) ) { + continue; + } + + if ( ! file_exists( $working_dir_local . $file ) ) { + continue; + } + + if ( '.' === dirname( $file ) + && in_array( pathinfo( $file, PATHINFO_EXTENSION ), array( 'html', 'txt' ), true ) + ) { + $skip[] = $file; + continue; + } + + if ( file_exists( ABSPATH . $file ) && md5_file( ABSPATH . $file ) === $checksum ) { + $skip[] = $file; + } else { + $failed[] = $file; + } + } + } + + // Some files didn't copy properly. + if ( ! empty( $failed ) ) { + $total_size = 0; + + foreach ( $failed as $file ) { + if ( file_exists( $working_dir_local . $file ) ) { + $total_size += filesize( $working_dir_local . $file ); + } + } + + /* + * If we don't have enough free space, it isn't worth trying again. + * Unlikely to be hit due to the check in unzip_file(). + */ + $available_space = function_exists( 'disk_free_space' ) ? @disk_free_space( ABSPATH ) : false; + + if ( $available_space && $total_size >= $available_space ) { + $result = new WP_Error( 'disk_full', __( 'There is not enough free disk space to complete the update.' ) ); + } else { + $result = copy_dir( $from . $distro, $to, $skip ); + + if ( is_wp_error( $result ) ) { + $result = new WP_Error( + $result->get_error_code() . '_retry', + $result->get_error_message(), + substr( $result->get_error_data(), strlen( $to ) ) + ); + } + } + } + + /* + * Custom content directory needs updating now. + * Copy languages. + */ + if ( ! is_wp_error( $result ) && $wp_filesystem->is_dir( $from . $distro . 'wp-content/languages' ) ) { + if ( WP_LANG_DIR !== ABSPATH . WPINC . '/languages' || @is_dir( WP_LANG_DIR ) ) { + $lang_dir = WP_LANG_DIR; + } else { + $lang_dir = WP_CONTENT_DIR . '/languages'; + } + /* + * Note: str_starts_with() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + // Check if the language directory exists first. + if ( ! @is_dir( $lang_dir ) && 0 === strpos( $lang_dir, ABSPATH ) ) { + // If it's within the ABSPATH we can handle it here, otherwise they're out of luck. + $wp_filesystem->mkdir( $to . str_replace( ABSPATH, '', $lang_dir ), FS_CHMOD_DIR ); + clearstatcache(); // For FTP, need to clear the stat cache. + } + + if ( @is_dir( $lang_dir ) ) { + $wp_lang_dir = $wp_filesystem->find_folder( $lang_dir ); + + if ( $wp_lang_dir ) { + $result = copy_dir( $from . $distro . 'wp-content/languages/', $wp_lang_dir ); + + if ( is_wp_error( $result ) ) { + $result = new WP_Error( + $result->get_error_code() . '_languages', + $result->get_error_message(), + substr( $result->get_error_data(), strlen( $wp_lang_dir ) ) + ); + } + } + } + } + + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', __( 'Disabling Maintenance mode…' ) ); + + // Remove maintenance file, we're done with potential site-breaking changes. + $wp_filesystem->delete( $maintenance_file ); + + /* + * 3.5 -> 3.5+ - an empty twentytwelve directory was created upon upgrade to 3.5 for some users, + * preventing installation of Twenty Twelve. + */ + if ( '3.5' === $old_wp_version ) { + if ( is_dir( WP_CONTENT_DIR . '/themes/twentytwelve' ) + && ! file_exists( WP_CONTENT_DIR . '/themes/twentytwelve/style.css' ) + ) { + $wp_filesystem->delete( $wp_filesystem->wp_themes_dir() . 'twentytwelve/' ); + } + } + + /* + * Copy new bundled plugins & themes. + * This gives us the ability to install new plugins & themes bundled with + * future versions of WordPress whilst avoiding the re-install upon upgrade issue. + * $development_build controls us overwriting bundled themes and plugins when a non-stable release is being updated. + */ + if ( ! is_wp_error( $result ) + && ( ! defined( 'CORE_UPGRADE_SKIP_NEW_BUNDLED' ) || ! CORE_UPGRADE_SKIP_NEW_BUNDLED ) + ) { + foreach ( (array) $_new_bundled_files as $file => $introduced_version ) { + // If a $development_build or if $introduced version is greater than what the site was previously running. + if ( $development_build || version_compare( $introduced_version, $old_wp_version, '>' ) ) { + $directory = ( '/' === $file[ strlen( $file ) - 1 ] ); + + list( $type, $filename ) = explode( '/', $file, 2 ); + + // Check to see if the bundled items exist before attempting to copy them. + if ( ! $wp_filesystem->exists( $from . $distro . 'wp-content/' . $file ) ) { + continue; + } + + if ( 'plugins' === $type ) { + $dest = $wp_filesystem->wp_plugins_dir(); + } elseif ( 'themes' === $type ) { + // Back-compat, ::wp_themes_dir() did not return trailingslash'd pre-3.2. + $dest = trailingslashit( $wp_filesystem->wp_themes_dir() ); + } else { + continue; + } + + if ( ! $directory ) { + if ( ! $development_build && $wp_filesystem->exists( $dest . $filename ) ) { + continue; + } + + if ( ! $wp_filesystem->copy( $from . $distro . 'wp-content/' . $file, $dest . $filename, FS_CHMOD_FILE ) ) { + $result = new WP_Error( "copy_failed_for_new_bundled_$type", __( 'Could not copy file.' ), $dest . $filename ); + } + } else { + if ( ! $development_build && $wp_filesystem->is_dir( $dest . $filename ) ) { + continue; + } + + $wp_filesystem->mkdir( $dest . $filename, FS_CHMOD_DIR ); + $_result = copy_dir( $from . $distro . 'wp-content/' . $file, $dest . $filename ); + + /* + * If an error occurs partway through this final step, + * keep the error flowing through, but keep the process going. + */ + if ( is_wp_error( $_result ) ) { + if ( ! is_wp_error( $result ) ) { + $result = new WP_Error(); + } + + $result->add( + $_result->get_error_code() . "_$type", + $_result->get_error_message(), + substr( $_result->get_error_data(), strlen( $dest ) ) + ); + } + } + } + } // End foreach. + } + + // Handle $result error from the above blocks. + if ( is_wp_error( $result ) ) { + $wp_filesystem->delete( $from, true ); + + return $result; + } + + // Remove old files. + foreach ( $_old_files as $old_file ) { + $old_file = $to . $old_file; + + if ( ! $wp_filesystem->exists( $old_file ) ) { + continue; + } + + // If the file isn't deleted, try writing an empty string to the file instead. + if ( ! $wp_filesystem->delete( $old_file, true ) && $wp_filesystem->is_file( $old_file ) ) { + $wp_filesystem->put_contents( $old_file, '' ); + } + } + + // Remove any Genericons example.html's from the filesystem. + _upgrade_422_remove_genericons(); + + // Deactivate the REST API plugin if its version is 2.0 Beta 4 or lower. + _upgrade_440_force_deactivate_incompatible_plugins(); + + // Deactivate incompatible plugins. + _upgrade_core_deactivate_incompatible_plugins(); + + // Upgrade DB with separate request. + /** This filter is documented in wp-admin/includes/update-core.php */ + apply_filters( 'update_feedback', __( 'Upgrading database…' ) ); + + $db_upgrade_url = admin_url( 'upgrade.php?step=upgrade_db' ); + wp_remote_post( $db_upgrade_url, array( 'timeout' => 60 ) ); + + // Clear the cache to prevent an update_option() from saving a stale db_version to the cache. + wp_cache_flush(); + // Not all cache back ends listen to 'flush'. + wp_cache_delete( 'alloptions', 'options' ); + + // Remove working directory. + $wp_filesystem->delete( $from, true ); + + // Force refresh of update information. + if ( function_exists( 'delete_site_transient' ) ) { + delete_site_transient( 'update_core' ); + } else { + delete_option( 'update_core' ); + } + + /** + * Fires after WordPress core has been successfully updated. + * + * @since 3.3.0 + * + * @param string $wp_version The current WordPress version. + */ + do_action( '_core_updated_successfully', $wp_version ); + + // Clear the option that blocks auto-updates after failures, now that we've been successful. + if ( function_exists( 'delete_site_option' ) ) { + delete_site_option( 'auto_core_update_failed' ); + } + + return $wp_version; +} + +/** + * Preloads old Requests classes and interfaces. + * + * This function preloads the old Requests code into memory before the + * upgrade process deletes the files. Why? Requests code is loaded into + * memory via an autoloader, meaning when a class or interface is needed + * If a request is in process, Requests could attempt to access code. If + * the file is not there, a fatal error could occur. If the file was + * replaced, the new code is not compatible with the old, resulting in + * a fatal error. Preloading ensures the code is in memory before the + * code is updated. + * + * @since 6.2.0 + * + * @global array $_old_requests_files Requests files to be preloaded. + * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass. + * @global string $wp_version The WordPress version string. + * + * @param string $to Path to old WordPress installation. + */ +function _preload_old_requests_classes_and_interfaces( $to ) { + global $_old_requests_files, $wp_filesystem, $wp_version; + + /* + * Requests was introduced in WordPress 4.6. + * + * Skip preloading if the website was previously using + * an earlier version of WordPress. + */ + if ( version_compare( $wp_version, '4.6', '<' ) ) { + return; + } + + if ( ! defined( 'REQUESTS_SILENCE_PSR0_DEPRECATIONS' ) ) { + define( 'REQUESTS_SILENCE_PSR0_DEPRECATIONS', true ); + } + + foreach ( $_old_requests_files as $name => $file ) { + // Skip files that aren't interfaces or classes. + if ( is_int( $name ) ) { + continue; + } + + // Skip if it's already loaded. + if ( class_exists( $name ) || interface_exists( $name ) ) { + continue; + } + + // Skip if the file is missing. + if ( ! $wp_filesystem->is_file( $to . $file ) ) { + continue; + } + + require_once $to . $file; + } +} + +/** + * Redirect to the About WordPress page after a successful upgrade. + * + * This function is only needed when the existing installation is older than 3.4.0. + * + * @since 3.3.0 + * + * @global string $wp_version The WordPress version string. + * @global string $pagenow The filename of the current screen. + * @global string $action + * + * @param string $new_version + */ +function _redirect_to_about_wordpress( $new_version ) { + global $wp_version, $pagenow, $action; + + if ( version_compare( $wp_version, '3.4-RC1', '>=' ) ) { + return; + } + + // Ensure we only run this on the update-core.php page. The Core_Upgrader may be used in other contexts. + if ( 'update-core.php' !== $pagenow ) { + return; + } + + if ( 'do-core-upgrade' !== $action && 'do-core-reinstall' !== $action ) { + return; + } + + // Load the updated default text localization domain for new strings. + load_default_textdomain(); + + // See do_core_upgrade(). + show_message( __( 'WordPress updated successfully.' ) ); + + // self_admin_url() won't exist when upgrading from <= 3.0, so relative URLs are intentional. + show_message( + '<span class="hide-if-no-js">' . sprintf( + /* translators: 1: WordPress version, 2: URL to About screen. */ + __( 'Welcome to WordPress %1$s. You will be redirected to the About WordPress screen. If not, click <a href="%2$s">here</a>.' ), + $new_version, + 'about.php?updated' + ) . '</span>' + ); + show_message( + '<span class="hide-if-js">' . sprintf( + /* translators: 1: WordPress version, 2: URL to About screen. */ + __( 'Welcome to WordPress %1$s. <a href="%2$s">Learn more</a>.' ), + $new_version, + 'about.php?updated' + ) . '</span>' + ); + echo '</div>'; + ?> +<script type="text/javascript"> +window.location = 'about.php?updated'; +</script> + <?php + + // Include admin-footer.php and exit. + require_once ABSPATH . 'wp-admin/admin-footer.php'; + exit; +} + +/** + * Cleans up Genericons example files. + * + * @since 4.2.2 + * + * @global array $wp_theme_directories + * @global WP_Filesystem_Base $wp_filesystem + */ +function _upgrade_422_remove_genericons() { + global $wp_theme_directories, $wp_filesystem; + + // A list of the affected files using the filesystem absolute paths. + $affected_files = array(); + + // Themes. + foreach ( $wp_theme_directories as $directory ) { + $affected_theme_files = _upgrade_422_find_genericons_files_in_folder( $directory ); + $affected_files = array_merge( $affected_files, $affected_theme_files ); + } + + // Plugins. + $affected_plugin_files = _upgrade_422_find_genericons_files_in_folder( WP_PLUGIN_DIR ); + $affected_files = array_merge( $affected_files, $affected_plugin_files ); + + foreach ( $affected_files as $file ) { + $gen_dir = $wp_filesystem->find_folder( trailingslashit( dirname( $file ) ) ); + + if ( empty( $gen_dir ) ) { + continue; + } + + // The path when the file is accessed via WP_Filesystem may differ in the case of FTP. + $remote_file = $gen_dir . basename( $file ); + + if ( ! $wp_filesystem->exists( $remote_file ) ) { + continue; + } + + if ( ! $wp_filesystem->delete( $remote_file, false, 'f' ) ) { + $wp_filesystem->put_contents( $remote_file, '' ); + } + } +} + +/** + * Recursively find Genericons example files in a given folder. + * + * @ignore + * @since 4.2.2 + * + * @param string $directory Directory path. Expects trailingslashed. + * @return array + */ +function _upgrade_422_find_genericons_files_in_folder( $directory ) { + $directory = trailingslashit( $directory ); + $files = array(); + + if ( file_exists( "{$directory}example.html" ) + /* + * Note: str_contains() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + && false !== strpos( file_get_contents( "{$directory}example.html" ), '<title>Genericons</title>' ) + ) { + $files[] = "{$directory}example.html"; + } + + $dirs = glob( $directory . '*', GLOB_ONLYDIR ); + $dirs = array_filter( + $dirs, + static function ( $dir ) { + /* + * Skip any node_modules directories. + * + * Note: str_contains() is not used here, as this file is included + * when updating from older WordPress versions, in which case + * the polyfills from wp-includes/compat.php may not be available. + */ + return false === strpos( $dir, 'node_modules' ); + } + ); + + if ( $dirs ) { + foreach ( $dirs as $dir ) { + $files = array_merge( $files, _upgrade_422_find_genericons_files_in_folder( $dir ) ); + } + } + + return $files; +} + +/** + * @ignore + * @since 4.4.0 + */ +function _upgrade_440_force_deactivate_incompatible_plugins() { + if ( defined( 'REST_API_VERSION' ) && version_compare( REST_API_VERSION, '2.0-beta4', '<=' ) ) { + deactivate_plugins( array( 'rest-api/plugin.php' ), true ); + } +} + +/** + * @access private + * @ignore + * @since 5.8.0 + * @since 5.9.0 The minimum compatible version of Gutenberg is 11.9. + * @since 6.1.1 The minimum compatible version of Gutenberg is 14.1. + * @since 6.4.0 The minimum compatible version of Gutenberg is 16.5. + */ +function _upgrade_core_deactivate_incompatible_plugins() { + if ( defined( 'GUTENBERG_VERSION' ) && version_compare( GUTENBERG_VERSION, '16.5', '<' ) ) { + $deactivated_gutenberg['gutenberg'] = array( + 'plugin_name' => 'Gutenberg', + 'version_deactivated' => GUTENBERG_VERSION, + 'version_compatible' => '16.5', + ); + if ( is_plugin_active_for_network( 'gutenberg/gutenberg.php' ) ) { + $deactivated_plugins = get_site_option( 'wp_force_deactivated_plugins', array() ); + $deactivated_plugins = array_merge( $deactivated_plugins, $deactivated_gutenberg ); + update_site_option( 'wp_force_deactivated_plugins', $deactivated_plugins ); + } else { + $deactivated_plugins = get_option( 'wp_force_deactivated_plugins', array() ); + $deactivated_plugins = array_merge( $deactivated_plugins, $deactivated_gutenberg ); + update_option( 'wp_force_deactivated_plugins', $deactivated_plugins ); + } + deactivate_plugins( array( 'gutenberg/gutenberg.php' ), true ); + } +} diff --git a/wp-admin/includes/update.php b/wp-admin/includes/update.php new file mode 100644 index 0000000..7e68440 --- /dev/null +++ b/wp-admin/includes/update.php @@ -0,0 +1,1165 @@ +<?php +/** + * WordPress Administration Update API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Selects the first update version from the update_core option. + * + * @since 2.7.0 + * + * @return object|array|false The response from the API on success, false on failure. + */ +function get_preferred_from_update_core() { + $updates = get_core_updates(); + + if ( ! is_array( $updates ) ) { + return false; + } + + if ( empty( $updates ) ) { + return (object) array( 'response' => 'latest' ); + } + + return $updates[0]; +} + +/** + * Gets available core updates. + * + * @since 2.7.0 + * + * @param array $options Set $options['dismissed'] to true to show dismissed upgrades too, + * set $options['available'] to false to skip not-dismissed updates. + * @return array|false Array of the update objects on success, false on failure. + */ +function get_core_updates( $options = array() ) { + $options = array_merge( + array( + 'available' => true, + 'dismissed' => false, + ), + $options + ); + + $dismissed = get_site_option( 'dismissed_update_core' ); + + if ( ! is_array( $dismissed ) ) { + $dismissed = array(); + } + + $from_api = get_site_transient( 'update_core' ); + + if ( ! isset( $from_api->updates ) || ! is_array( $from_api->updates ) ) { + return false; + } + + $updates = $from_api->updates; + $result = array(); + + foreach ( $updates as $update ) { + if ( 'autoupdate' === $update->response ) { + continue; + } + + if ( array_key_exists( $update->current . '|' . $update->locale, $dismissed ) ) { + if ( $options['dismissed'] ) { + $update->dismissed = true; + $result[] = $update; + } + } else { + if ( $options['available'] ) { + $update->dismissed = false; + $result[] = $update; + } + } + } + + return $result; +} + +/** + * Gets the best available (and enabled) Auto-Update for WordPress core. + * + * If there's 1.2.3 and 1.3 on offer, it'll choose 1.3 if the installation allows it, else, 1.2.3. + * + * @since 3.7.0 + * + * @return object|false The core update offering on success, false on failure. + */ +function find_core_auto_update() { + $updates = get_site_transient( 'update_core' ); + + if ( ! $updates || empty( $updates->updates ) ) { + return false; + } + + require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; + + $auto_update = false; + $upgrader = new WP_Automatic_Updater(); + + foreach ( $updates->updates as $update ) { + if ( 'autoupdate' !== $update->response ) { + continue; + } + + if ( ! $upgrader->should_update( 'core', $update, ABSPATH ) ) { + continue; + } + + if ( ! $auto_update || version_compare( $update->current, $auto_update->current, '>' ) ) { + $auto_update = $update; + } + } + + return $auto_update; +} + +/** + * Gets and caches the checksums for the given version of WordPress. + * + * @since 3.7.0 + * + * @param string $version Version string to query. + * @param string $locale Locale to query. + * @return array|false An array of checksums on success, false on failure. + */ +function get_core_checksums( $version, $locale ) { + $http_url = 'http://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), '', '&' ); + $url = $http_url; + + $ssl = wp_http_supports( array( 'ssl' ) ); + + if ( $ssl ) { + $url = set_url_scheme( $url, 'https' ); + } + + $options = array( + 'timeout' => wp_doing_cron() ? 30 : 3, + ); + + $response = wp_remote_get( $url, $options ); + + if ( $ssl && is_wp_error( $response ) ) { + trigger_error( + sprintf( + /* translators: %s: Support forums URL. */ + __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="%s">support forums</a>.' ), + __( 'https://wordpress.org/support/forums/' ) + ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), + headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE + ); + + $response = wp_remote_get( $http_url, $options ); + } + + if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) { + return false; + } + + $body = trim( wp_remote_retrieve_body( $response ) ); + $body = json_decode( $body, true ); + + if ( ! is_array( $body ) || ! isset( $body['checksums'] ) || ! is_array( $body['checksums'] ) ) { + return false; + } + + return $body['checksums']; +} + +/** + * Dismisses core update. + * + * @since 2.7.0 + * + * @param object $update + * @return bool + */ +function dismiss_core_update( $update ) { + $dismissed = get_site_option( 'dismissed_update_core' ); + $dismissed[ $update->current . '|' . $update->locale ] = true; + + return update_site_option( 'dismissed_update_core', $dismissed ); +} + +/** + * Undismisses core update. + * + * @since 2.7.0 + * + * @param string $version + * @param string $locale + * @return bool + */ +function undismiss_core_update( $version, $locale ) { + $dismissed = get_site_option( 'dismissed_update_core' ); + $key = $version . '|' . $locale; + + if ( ! isset( $dismissed[ $key ] ) ) { + return false; + } + + unset( $dismissed[ $key ] ); + + return update_site_option( 'dismissed_update_core', $dismissed ); +} + +/** + * Finds the available update for WordPress core. + * + * @since 2.7.0 + * + * @param string $version Version string to find the update for. + * @param string $locale Locale to find the update for. + * @return object|false The core update offering on success, false on failure. + */ +function find_core_update( $version, $locale ) { + $from_api = get_site_transient( 'update_core' ); + + if ( ! isset( $from_api->updates ) || ! is_array( $from_api->updates ) ) { + return false; + } + + $updates = $from_api->updates; + + foreach ( $updates as $update ) { + if ( $update->current === $version && $update->locale === $locale ) { + return $update; + } + } + + return false; +} + +/** + * Returns core update footer message. + * + * @since 2.3.0 + * + * @param string $msg + * @return string + */ +function core_update_footer( $msg = '' ) { + if ( ! current_user_can( 'update_core' ) ) { + /* translators: %s: WordPress version. */ + return sprintf( __( 'Version %s' ), get_bloginfo( 'version', 'display' ) ); + } + + $cur = get_preferred_from_update_core(); + + if ( ! is_object( $cur ) ) { + $cur = new stdClass(); + } + + if ( ! isset( $cur->current ) ) { + $cur->current = ''; + } + + if ( ! isset( $cur->response ) ) { + $cur->response = ''; + } + + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + + $is_development_version = preg_match( '/alpha|beta|RC/', $wp_version ); + + if ( $is_development_version ) { + return sprintf( + /* translators: 1: WordPress version number, 2: URL to WordPress Updates screen. */ + __( 'You are using a development version (%1$s). Cool! Please <a href="%2$s">stay updated</a>.' ), + get_bloginfo( 'version', 'display' ), + network_admin_url( 'update-core.php' ) + ); + } + + switch ( $cur->response ) { + case 'upgrade': + return sprintf( + '<strong><a href="%s">%s</a></strong>', + network_admin_url( 'update-core.php' ), + /* translators: %s: WordPress version. */ + sprintf( __( 'Get Version %s' ), $cur->current ) + ); + + case 'latest': + default: + /* translators: %s: WordPress version. */ + return sprintf( __( 'Version %s' ), get_bloginfo( 'version', 'display' ) ); + } +} + +/** + * Returns core update notification message. + * + * @since 2.3.0 + * + * @global string $pagenow The filename of the current screen. + * @return void|false + */ +function update_nag() { + global $pagenow; + + if ( is_multisite() && ! current_user_can( 'update_core' ) ) { + return false; + } + + if ( 'update-core.php' === $pagenow ) { + return; + } + + $cur = get_preferred_from_update_core(); + + if ( ! isset( $cur->response ) || 'upgrade' !== $cur->response ) { + return false; + } + + $version_url = sprintf( + /* translators: %s: WordPress version. */ + esc_url( __( 'https://wordpress.org/documentation/wordpress-version/version-%s/' ) ), + sanitize_title( $cur->current ) + ); + + if ( current_user_can( 'update_core' ) ) { + $msg = sprintf( + /* translators: 1: URL to WordPress release notes, 2: New WordPress version, 3: URL to network admin, 4: Accessibility text. */ + __( '<a href="%1$s">WordPress %2$s</a> is available! <a href="%3$s" aria-label="%4$s">Please update now</a>.' ), + $version_url, + $cur->current, + network_admin_url( 'update-core.php' ), + esc_attr__( 'Please update WordPress now' ) + ); + } else { + $msg = sprintf( + /* translators: 1: URL to WordPress release notes, 2: New WordPress version. */ + __( '<a href="%1$s">WordPress %2$s</a> is available! Please notify the site administrator.' ), + $version_url, + $cur->current + ); + } + + wp_admin_notice( + $msg, + array( + 'type' => 'warning', + 'additional_classes' => array( 'update-nag', 'inline' ), + 'paragraph_wrap' => false, + ) + ); +} + +/** + * Displays WordPress version and active theme in the 'At a Glance' dashboard widget. + * + * @since 2.5.0 + */ +function update_right_now_message() { + $theme_name = wp_get_theme(); + + if ( current_user_can( 'switch_themes' ) ) { + $theme_name = sprintf( '<a href="themes.php">%1$s</a>', $theme_name ); + } + + $msg = ''; + + if ( current_user_can( 'update_core' ) ) { + $cur = get_preferred_from_update_core(); + + if ( isset( $cur->response ) && 'upgrade' === $cur->response ) { + $msg .= sprintf( + '<a href="%s" class="button" aria-describedby="wp-version">%s</a> ', + network_admin_url( 'update-core.php' ), + /* translators: %s: WordPress version number, or 'Latest' string. */ + sprintf( __( 'Update to %s' ), $cur->current ? $cur->current : __( 'Latest' ) ) + ); + } + } + + /* translators: 1: Version number, 2: Theme name. */ + $content = __( 'WordPress %1$s running %2$s theme.' ); + + /** + * Filters the text displayed in the 'At a Glance' dashboard widget. + * + * Prior to 3.8.0, the widget was named 'Right Now'. + * + * @since 4.4.0 + * + * @param string $content Default text. + */ + $content = apply_filters( 'update_right_now_text', $content ); + + $msg .= sprintf( '<span id="wp-version">' . $content . '</span>', get_bloginfo( 'version', 'display' ), $theme_name ); + + echo "<p id='wp-version-message'>$msg</p>"; +} + +/** + * Retrieves plugins with updates available. + * + * @since 2.9.0 + * + * @return array + */ +function get_plugin_updates() { + $all_plugins = get_plugins(); + $upgrade_plugins = array(); + $current = get_site_transient( 'update_plugins' ); + + foreach ( (array) $all_plugins as $plugin_file => $plugin_data ) { + if ( isset( $current->response[ $plugin_file ] ) ) { + $upgrade_plugins[ $plugin_file ] = (object) $plugin_data; + $upgrade_plugins[ $plugin_file ]->update = $current->response[ $plugin_file ]; + } + } + + return $upgrade_plugins; +} + +/** + * Adds a callback to display update information for plugins with updates available. + * + * @since 2.9.0 + */ +function wp_plugin_update_rows() { + if ( ! current_user_can( 'update_plugins' ) ) { + return; + } + + $plugins = get_site_transient( 'update_plugins' ); + + if ( isset( $plugins->response ) && is_array( $plugins->response ) ) { + $plugins = array_keys( $plugins->response ); + + foreach ( $plugins as $plugin_file ) { + add_action( "after_plugin_row_{$plugin_file}", 'wp_plugin_update_row', 10, 2 ); + } + } +} + +/** + * Displays update information for a plugin. + * + * @since 2.3.0 + * + * @param string $file Plugin basename. + * @param array $plugin_data Plugin information. + * @return void|false + */ +function wp_plugin_update_row( $file, $plugin_data ) { + $current = get_site_transient( 'update_plugins' ); + + if ( ! isset( $current->response[ $file ] ) ) { + return false; + } + + $response = $current->response[ $file ]; + + $plugins_allowedtags = array( + 'a' => array( + 'href' => array(), + 'title' => array(), + ), + 'abbr' => array( 'title' => array() ), + 'acronym' => array( 'title' => array() ), + 'code' => array(), + 'em' => array(), + 'strong' => array(), + ); + + $plugin_name = wp_kses( $plugin_data['Name'], $plugins_allowedtags ); + $plugin_slug = isset( $response->slug ) ? $response->slug : $response->id; + + if ( isset( $response->slug ) ) { + $details_url = self_admin_url( 'plugin-install.php?tab=plugin-information&plugin=' . $plugin_slug . '§ion=changelog' ); + } elseif ( isset( $response->url ) ) { + $details_url = $response->url; + } else { + $details_url = $plugin_data['PluginURI']; + } + + $details_url = add_query_arg( + array( + 'TB_iframe' => 'true', + 'width' => 600, + 'height' => 800, + ), + $details_url + ); + + /** @var WP_Plugins_List_Table $wp_list_table */ + $wp_list_table = _get_list_table( + 'WP_Plugins_List_Table', + array( + 'screen' => get_current_screen(), + ) + ); + + if ( is_network_admin() || ! is_multisite() ) { + if ( is_network_admin() ) { + $active_class = is_plugin_active_for_network( $file ) ? ' active' : ''; + } else { + $active_class = is_plugin_active( $file ) ? ' active' : ''; + } + + $requires_php = isset( $response->requires_php ) ? $response->requires_php : null; + $compatible_php = is_php_version_compatible( $requires_php ); + $notice_type = $compatible_php ? 'notice-warning' : 'notice-error'; + + printf( + '<tr class="plugin-update-tr%s" id="%s" data-slug="%s" data-plugin="%s">' . + '<td colspan="%s" class="plugin-update colspanchange">' . + '<div class="update-message notice inline %s notice-alt"><p>', + $active_class, + esc_attr( $plugin_slug . '-update' ), + esc_attr( $plugin_slug ), + esc_attr( $file ), + esc_attr( $wp_list_table->get_column_count() ), + $notice_type + ); + + if ( ! current_user_can( 'update_plugins' ) ) { + printf( + /* translators: 1: Plugin name, 2: Details URL, 3: Additional link attributes, 4: Version number. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>.' ), + $plugin_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Plugin name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) ) + ), + esc_attr( $response->new_version ) + ); + } elseif ( empty( $response->package ) ) { + printf( + /* translators: 1: Plugin name, 2: Details URL, 3: Additional link attributes, 4: Version number. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>. <em>Automatic update is unavailable for this plugin.</em>' ), + $plugin_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Plugin name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) ) + ), + esc_attr( $response->new_version ) + ); + } else { + if ( $compatible_php ) { + printf( + /* translators: 1: Plugin name, 2: Details URL, 3: Additional link attributes, 4: Version number, 5: Update URL, 6: Additional link attributes. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s" %6$s>update now</a>.' ), + $plugin_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Plugin name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) ) + ), + esc_attr( $response->new_version ), + wp_nonce_url( self_admin_url( 'update.php?action=upgrade-plugin&plugin=' ) . $file, 'upgrade-plugin_' . $file ), + sprintf( + 'class="update-link" aria-label="%s"', + /* translators: %s: Plugin name. */ + esc_attr( sprintf( _x( 'Update %s now', 'plugin' ), $plugin_name ) ) + ) + ); + } else { + printf( + /* translators: 1: Plugin name, 2: Details URL, 3: Additional link attributes, 4: Version number 5: URL to Update PHP page. */ + __( 'There is a new version of %1$s available, but it does not work with your version of PHP. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s">learn more about updating PHP</a>.' ), + $plugin_name, + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Plugin name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $plugin_name, $response->new_version ) ) + ), + esc_attr( $response->new_version ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '<br><em>', '</em>' ); + } + } + + /** + * Fires at the end of the update message container in each + * row of the plugins list table. + * + * The dynamic portion of the hook name, `$file`, refers to the path + * of the plugin's primary file relative to the plugins directory. + * + * @since 2.8.0 + * + * @param array $plugin_data An array of plugin metadata. See get_plugin_data() + * and the {@see 'plugin_row_meta'} filter for the list + * of possible values. + * @param object $response { + * An object of metadata about the available plugin update. + * + * @type string $id Plugin ID, e.g. `w.org/plugins/[plugin-name]`. + * @type string $slug Plugin slug. + * @type string $plugin Plugin basename. + * @type string $new_version New plugin version. + * @type string $url Plugin URL. + * @type string $package Plugin update package URL. + * @type string[] $icons An array of plugin icon URLs. + * @type string[] $banners An array of plugin banner URLs. + * @type string[] $banners_rtl An array of plugin RTL banner URLs. + * @type string $requires The version of WordPress which the plugin requires. + * @type string $tested The version of WordPress the plugin is tested against. + * @type string $requires_php The version of PHP which the plugin requires. + * } + */ + do_action( "in_plugin_update_message-{$file}", $plugin_data, $response ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + echo '</p></div></td></tr>'; + } +} + +/** + * Retrieves themes with updates available. + * + * @since 2.9.0 + * + * @return array + */ +function get_theme_updates() { + $current = get_site_transient( 'update_themes' ); + + if ( ! isset( $current->response ) ) { + return array(); + } + + $update_themes = array(); + + foreach ( $current->response as $stylesheet => $data ) { + $update_themes[ $stylesheet ] = wp_get_theme( $stylesheet ); + $update_themes[ $stylesheet ]->update = $data; + } + + return $update_themes; +} + +/** + * Adds a callback to display update information for themes with updates available. + * + * @since 3.1.0 + */ +function wp_theme_update_rows() { + if ( ! current_user_can( 'update_themes' ) ) { + return; + } + + $themes = get_site_transient( 'update_themes' ); + + if ( isset( $themes->response ) && is_array( $themes->response ) ) { + $themes = array_keys( $themes->response ); + + foreach ( $themes as $theme ) { + add_action( "after_theme_row_{$theme}", 'wp_theme_update_row', 10, 2 ); + } + } +} + +/** + * Displays update information for a theme. + * + * @since 3.1.0 + * + * @param string $theme_key Theme stylesheet. + * @param WP_Theme $theme Theme object. + * @return void|false + */ +function wp_theme_update_row( $theme_key, $theme ) { + $current = get_site_transient( 'update_themes' ); + + if ( ! isset( $current->response[ $theme_key ] ) ) { + return false; + } + + $response = $current->response[ $theme_key ]; + + $details_url = add_query_arg( + array( + 'TB_iframe' => 'true', + 'width' => 1024, + 'height' => 800, + ), + $current->response[ $theme_key ]['url'] + ); + + /** @var WP_MS_Themes_List_Table $wp_list_table */ + $wp_list_table = _get_list_table( 'WP_MS_Themes_List_Table' ); + + $active = $theme->is_allowed( 'network' ) ? ' active' : ''; + + $requires_wp = isset( $response['requires'] ) ? $response['requires'] : null; + $requires_php = isset( $response['requires_php'] ) ? $response['requires_php'] : null; + + $compatible_wp = is_wp_version_compatible( $requires_wp ); + $compatible_php = is_php_version_compatible( $requires_php ); + + printf( + '<tr class="plugin-update-tr%s" id="%s" data-slug="%s">' . + '<td colspan="%s" class="plugin-update colspanchange">' . + '<div class="update-message notice inline notice-warning notice-alt"><p>', + $active, + esc_attr( $theme->get_stylesheet() . '-update' ), + esc_attr( $theme->get_stylesheet() ), + $wp_list_table->get_column_count() + ); + + if ( $compatible_wp && $compatible_php ) { + if ( ! current_user_can( 'update_themes' ) ) { + printf( + /* translators: 1: Theme name, 2: Details URL, 3: Additional link attributes, 4: Version number. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>.' ), + $theme['Name'], + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme['Name'], $response['new_version'] ) ) + ), + $response['new_version'] + ); + } elseif ( empty( $response['package'] ) ) { + printf( + /* translators: 1: Theme name, 2: Details URL, 3: Additional link attributes, 4: Version number. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a>. <em>Automatic update is unavailable for this theme.</em>' ), + $theme['Name'], + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme['Name'], $response['new_version'] ) ) + ), + $response['new_version'] + ); + } else { + printf( + /* translators: 1: Theme name, 2: Details URL, 3: Additional link attributes, 4: Version number, 5: Update URL, 6: Additional link attributes. */ + __( 'There is a new version of %1$s available. <a href="%2$s" %3$s>View version %4$s details</a> or <a href="%5$s" %6$s>update now</a>.' ), + $theme['Name'], + esc_url( $details_url ), + sprintf( + 'class="thickbox open-plugin-details-modal" aria-label="%s"', + /* translators: 1: Theme name, 2: Version number. */ + esc_attr( sprintf( __( 'View %1$s version %2$s details' ), $theme['Name'], $response['new_version'] ) ) + ), + $response['new_version'], + wp_nonce_url( self_admin_url( 'update.php?action=upgrade-theme&theme=' ) . $theme_key, 'upgrade-theme_' . $theme_key ), + sprintf( + 'class="update-link" aria-label="%s"', + /* translators: %s: Theme name. */ + esc_attr( sprintf( _x( 'Update %s now', 'theme' ), $theme['Name'] ) ) + ) + ); + } + } else { + if ( ! $compatible_wp && ! $compatible_php ) { + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your versions of WordPress and PHP.' ), + $theme['Name'] + ); + if ( current_user_can( 'update_core' ) && current_user_can( 'update_php' ) ) { + printf( + /* translators: 1: URL to WordPress Updates screen, 2: URL to Update PHP page. */ + ' ' . __( '<a href="%1$s">Please update WordPress</a>, and then <a href="%2$s">learn more about updating PHP</a>.' ), + self_admin_url( 'update-core.php' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } elseif ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } elseif ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + } elseif ( ! $compatible_wp ) { + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your version of WordPress.' ), + $theme['Name'] + ); + if ( current_user_can( 'update_core' ) ) { + printf( + /* translators: %s: URL to WordPress Updates screen. */ + ' ' . __( '<a href="%s">Please update WordPress</a>.' ), + self_admin_url( 'update-core.php' ) + ); + } + } elseif ( ! $compatible_php ) { + printf( + /* translators: %s: Theme name. */ + __( 'There is a new version of %s available, but it does not work with your version of PHP.' ), + $theme['Name'] + ); + if ( current_user_can( 'update_php' ) ) { + printf( + /* translators: %s: URL to Update PHP page. */ + ' ' . __( '<a href="%s">Learn more about updating PHP</a>.' ), + esc_url( wp_get_update_php_url() ) + ); + wp_update_php_annotation( '</p><p><em>', '</em>' ); + } + } + } + + /** + * Fires at the end of the update message container in each + * row of the themes list table. + * + * The dynamic portion of the hook name, `$theme_key`, refers to + * the theme slug as found in the WordPress.org themes repository. + * + * @since 3.1.0 + * + * @param WP_Theme $theme The WP_Theme object. + * @param array $response { + * An array of metadata about the available theme update. + * + * @type string $new_version New theme version. + * @type string $url Theme URL. + * @type string $package Theme update package URL. + * } + */ + do_action( "in_theme_update_message-{$theme_key}", $theme, $response ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores + + echo '</p></div></td></tr>'; +} + +/** + * Displays maintenance nag HTML message. + * + * @since 2.7.0 + * + * @global int $upgrading + * + * @return void|false + */ +function maintenance_nag() { + // Include an unmodified $wp_version. + require ABSPATH . WPINC . '/version.php'; + global $upgrading; + + $nag = isset( $upgrading ); + + if ( ! $nag ) { + $failed = get_site_option( 'auto_core_update_failed' ); + /* + * If an update failed critically, we may have copied over version.php but not other files. + * In that case, if the installation claims we're running the version we attempted, nag. + * This is serious enough to err on the side of nagging. + * + * If we simply failed to update before we tried to copy any files, then assume things are + * OK if they are now running the latest. + * + * This flag is cleared whenever a successful update occurs using Core_Upgrader. + */ + $comparison = ! empty( $failed['critical'] ) ? '>=' : '>'; + if ( isset( $failed['attempted'] ) && version_compare( $failed['attempted'], $wp_version, $comparison ) ) { + $nag = true; + } + } + + if ( ! $nag ) { + return false; + } + + if ( current_user_can( 'update_core' ) ) { + $msg = sprintf( + /* translators: %s: URL to WordPress Updates screen. */ + __( 'An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.' ), + 'update-core.php' + ); + } else { + $msg = __( 'An automated WordPress update has failed to complete! Please notify the site administrator.' ); + } + + wp_admin_notice( + $msg, + array( + 'type' => 'warning', + 'additional_classes' => array( 'update-nag', 'inline' ), + 'paragraph_wrap' => false, + ) + ); +} + +/** + * Prints the JavaScript templates for update admin notices. + * + * @since 4.6.0 + * + * Template takes one argument with four values: + * + * param {object} data { + * Arguments for admin notice. + * + * @type string id ID of the notice. + * @type string className Class names for the notice. + * @type string message The notice's message. + * @type string type The type of update the notice is for. Either 'plugin' or 'theme'. + * } + */ +function wp_print_admin_notice_templates() { + ?> + <script id="tmpl-wp-updates-admin-notice" type="text/html"> + <div <# if ( data.id ) { #>id="{{ data.id }}"<# } #> class="notice {{ data.className }}"><p>{{{ data.message }}}</p></div> + </script> + <script id="tmpl-wp-bulk-updates-admin-notice" type="text/html"> + <div id="{{ data.id }}" class="{{ data.className }} notice <# if ( data.errors ) { #>notice-error<# } else { #>notice-success<# } #>"> + <p> + <# if ( data.successes ) { #> + <# if ( 1 === data.successes ) { #> + <# if ( 'plugin' === data.type ) { #> + <?php + /* translators: %s: Number of plugins. */ + printf( __( '%s plugin successfully updated.' ), '{{ data.successes }}' ); + ?> + <# } else { #> + <?php + /* translators: %s: Number of themes. */ + printf( __( '%s theme successfully updated.' ), '{{ data.successes }}' ); + ?> + <# } #> + <# } else { #> + <# if ( 'plugin' === data.type ) { #> + <?php + /* translators: %s: Number of plugins. */ + printf( __( '%s plugins successfully updated.' ), '{{ data.successes }}' ); + ?> + <# } else { #> + <?php + /* translators: %s: Number of themes. */ + printf( __( '%s themes successfully updated.' ), '{{ data.successes }}' ); + ?> + <# } #> + <# } #> + <# } #> + <# if ( data.errors ) { #> + <button class="button-link bulk-action-errors-collapsed" aria-expanded="false"> + <# if ( 1 === data.errors ) { #> + <?php + /* translators: %s: Number of failed updates. */ + printf( __( '%s update failed.' ), '{{ data.errors }}' ); + ?> + <# } else { #> + <?php + /* translators: %s: Number of failed updates. */ + printf( __( '%s updates failed.' ), '{{ data.errors }}' ); + ?> + <# } #> + <span class="screen-reader-text"> + <?php + /* translators: Hidden accessibility text. */ + _e( 'Show more details' ); + ?> + </span> + <span class="toggle-indicator" aria-hidden="true"></span> + </button> + <# } #> + </p> + <# if ( data.errors ) { #> + <ul class="bulk-action-errors hidden"> + <# _.each( data.errorMessages, function( errorMessage ) { #> + <li>{{ errorMessage }}</li> + <# } ); #> + </ul> + <# } #> + </div> + </script> + <?php +} + +/** + * Prints the JavaScript templates for update and deletion rows in list tables. + * + * @since 4.6.0 + * + * The update template takes one argument with four values: + * + * param {object} data { + * Arguments for the update row + * + * @type string slug Plugin slug. + * @type string plugin Plugin base name. + * @type string colspan The number of table columns this row spans. + * @type string content The row content. + * } + * + * The delete template takes one argument with four values: + * + * param {object} data { + * Arguments for the update row + * + * @type string slug Plugin slug. + * @type string plugin Plugin base name. + * @type string name Plugin name. + * @type string colspan The number of table columns this row spans. + * } + */ +function wp_print_update_row_templates() { + ?> + <script id="tmpl-item-update-row" type="text/template"> + <tr class="plugin-update-tr update" id="{{ data.slug }}-update" data-slug="{{ data.slug }}" <# if ( data.plugin ) { #>data-plugin="{{ data.plugin }}"<# } #>> + <td colspan="{{ data.colspan }}" class="plugin-update colspanchange"> + {{{ data.content }}} + </td> + </tr> + </script> + <script id="tmpl-item-deleted-row" type="text/template"> + <tr class="plugin-deleted-tr inactive deleted" id="{{ data.slug }}-deleted" data-slug="{{ data.slug }}" <# if ( data.plugin ) { #>data-plugin="{{ data.plugin }}"<# } #>> + <td colspan="{{ data.colspan }}" class="plugin-update colspanchange"> + <# if ( data.plugin ) { #> + <?php + printf( + /* translators: %s: Plugin name. */ + _x( '%s was successfully deleted.', 'plugin' ), + '<strong>{{{ data.name }}}</strong>' + ); + ?> + <# } else { #> + <?php + printf( + /* translators: %s: Theme name. */ + _x( '%s was successfully deleted.', 'theme' ), + '<strong>{{{ data.name }}}</strong>' + ); + ?> + <# } #> + </td> + </tr> + </script> + <?php +} + +/** + * Displays a notice when the user is in recovery mode. + * + * @since 5.2.0 + */ +function wp_recovery_mode_nag() { + if ( ! wp_is_recovery_mode() ) { + return; + } + + $url = wp_login_url(); + $url = add_query_arg( 'action', WP_Recovery_Mode::EXIT_ACTION, $url ); + $url = wp_nonce_url( $url, WP_Recovery_Mode::EXIT_ACTION ); + + $message = sprintf( + /* translators: %s: Recovery Mode exit link. */ + __( 'You are in recovery mode. This means there may be an error with a theme or plugin. To exit recovery mode, log out or use the Exit button. <a href="%s">Exit Recovery Mode</a>' ), + esc_url( $url ) + ); + wp_admin_notice( $message, array( 'type' => 'info' ) ); +} + +/** + * Checks whether auto-updates are enabled. + * + * @since 5.5.0 + * + * @param string $type The type of update being checked: 'theme' or 'plugin'. + * @return bool True if auto-updates are enabled for `$type`, false otherwise. + */ +function wp_is_auto_update_enabled_for_type( $type ) { + if ( ! class_exists( 'WP_Automatic_Updater' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-automatic-updater.php'; + } + + $updater = new WP_Automatic_Updater(); + $enabled = ! $updater->is_disabled(); + + switch ( $type ) { + case 'plugin': + /** + * Filters whether plugins auto-update is enabled. + * + * @since 5.5.0 + * + * @param bool $enabled True if plugins auto-update is enabled, false otherwise. + */ + return apply_filters( 'plugins_auto_update_enabled', $enabled ); + case 'theme': + /** + * Filters whether themes auto-update is enabled. + * + * @since 5.5.0 + * + * @param bool $enabled True if themes auto-update is enabled, false otherwise. + */ + return apply_filters( 'themes_auto_update_enabled', $enabled ); + } + + return false; +} + +/** + * Checks whether auto-updates are forced for an item. + * + * @since 5.6.0 + * + * @param string $type The type of update being checked: 'theme' or 'plugin'. + * @param bool|null $update Whether to update. The value of null is internally used + * to detect whether nothing has hooked into this filter. + * @param object $item The update offer. + * @return bool True if auto-updates are forced for `$item`, false otherwise. + */ +function wp_is_auto_update_forced_for_item( $type, $update, $item ) { + /** This filter is documented in wp-admin/includes/class-wp-automatic-updater.php */ + return apply_filters( "auto_update_{$type}", $update, $item ); +} + +/** + * Determines the appropriate auto-update message to be displayed. + * + * @since 5.5.0 + * + * @return string The update message to be shown. + */ +function wp_get_auto_update_message() { + $next_update_time = wp_next_scheduled( 'wp_version_check' ); + + // Check if the event exists. + if ( false === $next_update_time ) { + $message = __( 'Automatic update not scheduled. There may be a problem with WP-Cron.' ); + } else { + $time_to_next_update = human_time_diff( (int) $next_update_time ); + + // See if cron is overdue. + $overdue = ( time() - $next_update_time ) > 0; + + if ( $overdue ) { + $message = sprintf( + /* translators: %s: Duration that WP-Cron has been overdue. */ + __( 'Automatic update overdue by %s. There may be a problem with WP-Cron.' ), + $time_to_next_update + ); + } else { + $message = sprintf( + /* translators: %s: Time until the next update. */ + __( 'Automatic update scheduled in %s.' ), + $time_to_next_update + ); + } + } + + return $message; +} diff --git a/wp-admin/includes/upgrade.php b/wp-admin/includes/upgrade.php new file mode 100644 index 0000000..6929570 --- /dev/null +++ b/wp-admin/includes/upgrade.php @@ -0,0 +1,3671 @@ +<?php +/** + * WordPress Upgrade API + * + * Most of the functions are pluggable and can be overwritten. + * + * @package WordPress + * @subpackage Administration + */ + +/** Include user installation customization script. */ +if ( file_exists( WP_CONTENT_DIR . '/install.php' ) ) { + require WP_CONTENT_DIR . '/install.php'; +} + +/** WordPress Administration API */ +require_once ABSPATH . 'wp-admin/includes/admin.php'; + +/** WordPress Schema API */ +require_once ABSPATH . 'wp-admin/includes/schema.php'; + +if ( ! function_exists( 'wp_install' ) ) : + /** + * Installs the site. + * + * Runs the required functions to set up and populate the database, + * including primary admin user and initial options. + * + * @since 2.1.0 + * + * @param string $blog_title Site title. + * @param string $user_name User's username. + * @param string $user_email User's email. + * @param bool $is_public Whether the site is public. + * @param string $deprecated Optional. Not used. + * @param string $user_password Optional. User's chosen password. Default empty (random password). + * @param string $language Optional. Language chosen. Default empty. + * @return array { + * Data for the newly installed site. + * + * @type string $url The URL of the site. + * @type int $user_id The ID of the site owner. + * @type string $password The password of the site owner, if their user account didn't already exist. + * @type string $password_message The explanatory message regarding the password. + * } + */ + function wp_install( $blog_title, $user_name, $user_email, $is_public, $deprecated = '', $user_password = '', $language = '' ) { + if ( ! empty( $deprecated ) ) { + _deprecated_argument( __FUNCTION__, '2.6.0' ); + } + + wp_check_mysql_version(); + wp_cache_flush(); + make_db_current_silent(); + populate_options(); + populate_roles(); + + update_option( 'blogname', $blog_title ); + update_option( 'admin_email', $user_email ); + update_option( 'blog_public', $is_public ); + + // Freshness of site - in the future, this could get more specific about actions taken, perhaps. + update_option( 'fresh_site', 1 ); + + if ( $language ) { + update_option( 'WPLANG', $language ); + } + + $guessurl = wp_guess_url(); + + update_option( 'siteurl', $guessurl ); + + // If not a public site, don't ping. + if ( ! $is_public ) { + update_option( 'default_pingback_flag', 0 ); + } + + /* + * Create default user. If the user already exists, the user tables are + * being shared among sites. Just set the role in that case. + */ + $user_id = username_exists( $user_name ); + $user_password = trim( $user_password ); + $email_password = false; + $user_created = false; + + if ( ! $user_id && empty( $user_password ) ) { + $user_password = wp_generate_password( 12, false ); + $message = __( '<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.' ); + $user_id = wp_create_user( $user_name, $user_password, $user_email ); + update_user_meta( $user_id, 'default_password_nag', true ); + $email_password = true; + $user_created = true; + } elseif ( ! $user_id ) { + // Password has been provided. + $message = '<em>' . __( 'Your chosen password.' ) . '</em>'; + $user_id = wp_create_user( $user_name, $user_password, $user_email ); + $user_created = true; + } else { + $message = __( 'User already exists. Password inherited.' ); + } + + $user = new WP_User( $user_id ); + $user->set_role( 'administrator' ); + + if ( $user_created ) { + $user->user_url = $guessurl; + wp_update_user( $user ); + } + + wp_install_defaults( $user_id ); + + wp_install_maybe_enable_pretty_permalinks(); + + flush_rewrite_rules(); + + wp_new_blog_notification( $blog_title, $guessurl, $user_id, ( $email_password ? $user_password : __( 'The password you chose during installation.' ) ) ); + + wp_cache_flush(); + + /** + * Fires after a site is fully installed. + * + * @since 3.9.0 + * + * @param WP_User $user The site owner. + */ + do_action( 'wp_install', $user ); + + return array( + 'url' => $guessurl, + 'user_id' => $user_id, + 'password' => $user_password, + 'password_message' => $message, + ); + } +endif; + +if ( ! function_exists( 'wp_install_defaults' ) ) : + /** + * Creates the initial content for a newly-installed site. + * + * Adds the default "Uncategorized" category, the first post (with comment), + * first page, and default widgets for default theme for the current version. + * + * @since 2.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * @global string $table_prefix + * + * @param int $user_id User ID. + */ + function wp_install_defaults( $user_id ) { + global $wpdb, $wp_rewrite, $table_prefix; + + // Default category. + $cat_name = __( 'Uncategorized' ); + /* translators: Default category slug. */ + $cat_slug = sanitize_title( _x( 'Uncategorized', 'Default category slug' ) ); + + $cat_id = 1; + + $wpdb->insert( + $wpdb->terms, + array( + 'term_id' => $cat_id, + 'name' => $cat_name, + 'slug' => $cat_slug, + 'term_group' => 0, + ) + ); + $wpdb->insert( + $wpdb->term_taxonomy, + array( + 'term_id' => $cat_id, + 'taxonomy' => 'category', + 'description' => '', + 'parent' => 0, + 'count' => 1, + ) + ); + $cat_tt_id = $wpdb->insert_id; + + // First post. + $now = current_time( 'mysql' ); + $now_gmt = current_time( 'mysql', 1 ); + $first_post_guid = get_option( 'home' ) . '/?p=1'; + + if ( is_multisite() ) { + $first_post = get_site_option( 'first_post' ); + + if ( ! $first_post ) { + $first_post = "<!-- wp:paragraph -->\n<p>" . + /* translators: First post content. %s: Site link. */ + __( 'Welcome to %s. This is your first post. Edit or delete it, then start writing!' ) . + "</p>\n<!-- /wp:paragraph -->"; + } + + $first_post = sprintf( + $first_post, + sprintf( '<a href="%s">%s</a>', esc_url( network_home_url() ), get_network()->site_name ) + ); + + // Back-compat for pre-4.4. + $first_post = str_replace( 'SITE_URL', esc_url( network_home_url() ), $first_post ); + $first_post = str_replace( 'SITE_NAME', get_network()->site_name, $first_post ); + } else { + $first_post = "<!-- wp:paragraph -->\n<p>" . + /* translators: First post content. %s: Site link. */ + __( 'Welcome to WordPress. This is your first post. Edit or delete it, then start writing!' ) . + "</p>\n<!-- /wp:paragraph -->"; + } + + $wpdb->insert( + $wpdb->posts, + array( + 'post_author' => $user_id, + 'post_date' => $now, + 'post_date_gmt' => $now_gmt, + 'post_content' => $first_post, + 'post_excerpt' => '', + 'post_title' => __( 'Hello world!' ), + /* translators: Default post slug. */ + 'post_name' => sanitize_title( _x( 'hello-world', 'Default post slug' ) ), + 'post_modified' => $now, + 'post_modified_gmt' => $now_gmt, + 'guid' => $first_post_guid, + 'comment_count' => 1, + 'to_ping' => '', + 'pinged' => '', + 'post_content_filtered' => '', + ) + ); + + if ( is_multisite() ) { + update_posts_count(); + } + + $wpdb->insert( + $wpdb->term_relationships, + array( + 'term_taxonomy_id' => $cat_tt_id, + 'object_id' => 1, + ) + ); + + // Default comment. + if ( is_multisite() ) { + $first_comment_author = get_site_option( 'first_comment_author' ); + $first_comment_email = get_site_option( 'first_comment_email' ); + $first_comment_url = get_site_option( 'first_comment_url', network_home_url() ); + $first_comment = get_site_option( 'first_comment' ); + } + + $first_comment_author = ! empty( $first_comment_author ) ? $first_comment_author : __( 'A WordPress Commenter' ); + $first_comment_email = ! empty( $first_comment_email ) ? $first_comment_email : 'wapuu@wordpress.example'; + $first_comment_url = ! empty( $first_comment_url ) ? $first_comment_url : esc_url( __( 'https://wordpress.org/' ) ); + $first_comment = ! empty( $first_comment ) ? $first_comment : sprintf( + /* translators: %s: Gravatar URL. */ + __( + 'Hi, this is a comment. +To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard. +Commenter avatars come from <a href="%s">Gravatar</a>.' + ), + esc_url( __( 'https://en.gravatar.com/' ) ) + ); + $wpdb->insert( + $wpdb->comments, + array( + 'comment_post_ID' => 1, + 'comment_author' => $first_comment_author, + 'comment_author_email' => $first_comment_email, + 'comment_author_url' => $first_comment_url, + 'comment_date' => $now, + 'comment_date_gmt' => $now_gmt, + 'comment_content' => $first_comment, + 'comment_type' => 'comment', + ) + ); + + // First page. + if ( is_multisite() ) { + $first_page = get_site_option( 'first_page' ); + } + + if ( empty( $first_page ) ) { + $first_page = "<!-- wp:paragraph -->\n<p>"; + /* translators: First page content. */ + $first_page .= __( "This is an example page. It's different from a blog post because it will stay in one place and will show up in your site navigation (in most themes). Most people start with an About page that introduces them to potential site visitors. It might say something like this:" ); + $first_page .= "</p>\n<!-- /wp:paragraph -->\n\n"; + + $first_page .= "<!-- wp:quote -->\n<blockquote class=\"wp-block-quote\"><p>"; + /* translators: First page content. */ + $first_page .= __( "Hi there! I'm a bike messenger by day, aspiring actor by night, and this is my website. I live in Los Angeles, have a great dog named Jack, and I like piña coladas. (And gettin' caught in the rain.)" ); + $first_page .= "</p></blockquote>\n<!-- /wp:quote -->\n\n"; + + $first_page .= "<!-- wp:paragraph -->\n<p>"; + /* translators: First page content. */ + $first_page .= __( '...or something like this:' ); + $first_page .= "</p>\n<!-- /wp:paragraph -->\n\n"; + + $first_page .= "<!-- wp:quote -->\n<blockquote class=\"wp-block-quote\"><p>"; + /* translators: First page content. */ + $first_page .= __( 'The XYZ Doohickey Company was founded in 1971, and has been providing quality doohickeys to the public ever since. Located in Gotham City, XYZ employs over 2,000 people and does all kinds of awesome things for the Gotham community.' ); + $first_page .= "</p></blockquote>\n<!-- /wp:quote -->\n\n"; + + $first_page .= "<!-- wp:paragraph -->\n<p>"; + $first_page .= sprintf( + /* translators: First page content. %s: Site admin URL. */ + __( 'As a new WordPress user, you should go to <a href="%s">your dashboard</a> to delete this page and create new pages for your content. Have fun!' ), + admin_url() + ); + $first_page .= "</p>\n<!-- /wp:paragraph -->"; + } + + $first_post_guid = get_option( 'home' ) . '/?page_id=2'; + $wpdb->insert( + $wpdb->posts, + array( + 'post_author' => $user_id, + 'post_date' => $now, + 'post_date_gmt' => $now_gmt, + 'post_content' => $first_page, + 'post_excerpt' => '', + 'comment_status' => 'closed', + 'post_title' => __( 'Sample Page' ), + /* translators: Default page slug. */ + 'post_name' => __( 'sample-page' ), + 'post_modified' => $now, + 'post_modified_gmt' => $now_gmt, + 'guid' => $first_post_guid, + 'post_type' => 'page', + 'to_ping' => '', + 'pinged' => '', + 'post_content_filtered' => '', + ) + ); + $wpdb->insert( + $wpdb->postmeta, + array( + 'post_id' => 2, + 'meta_key' => '_wp_page_template', + 'meta_value' => 'default', + ) + ); + + // Privacy Policy page. + if ( is_multisite() ) { + // Disable by default unless the suggested content is provided. + $privacy_policy_content = get_site_option( 'default_privacy_policy_content' ); + } else { + if ( ! class_exists( 'WP_Privacy_Policy_Content' ) ) { + require_once ABSPATH . 'wp-admin/includes/class-wp-privacy-policy-content.php'; + } + + $privacy_policy_content = WP_Privacy_Policy_Content::get_default_content(); + } + + if ( ! empty( $privacy_policy_content ) ) { + $privacy_policy_guid = get_option( 'home' ) . '/?page_id=3'; + + $wpdb->insert( + $wpdb->posts, + array( + 'post_author' => $user_id, + 'post_date' => $now, + 'post_date_gmt' => $now_gmt, + 'post_content' => $privacy_policy_content, + 'post_excerpt' => '', + 'comment_status' => 'closed', + 'post_title' => __( 'Privacy Policy' ), + /* translators: Privacy Policy page slug. */ + 'post_name' => __( 'privacy-policy' ), + 'post_modified' => $now, + 'post_modified_gmt' => $now_gmt, + 'guid' => $privacy_policy_guid, + 'post_type' => 'page', + 'post_status' => 'draft', + 'to_ping' => '', + 'pinged' => '', + 'post_content_filtered' => '', + ) + ); + $wpdb->insert( + $wpdb->postmeta, + array( + 'post_id' => 3, + 'meta_key' => '_wp_page_template', + 'meta_value' => 'default', + ) + ); + update_option( 'wp_page_for_privacy_policy', 3 ); + } + + // Set up default widgets for default theme. + update_option( + 'widget_block', + array( + 2 => array( 'content' => '<!-- wp:search /-->' ), + 3 => array( 'content' => '<!-- wp:group --><div class="wp-block-group"><!-- wp:heading --><h2>' . __( 'Recent Posts' ) . '</h2><!-- /wp:heading --><!-- wp:latest-posts /--></div><!-- /wp:group -->' ), + 4 => array( 'content' => '<!-- wp:group --><div class="wp-block-group"><!-- wp:heading --><h2>' . __( 'Recent Comments' ) . '</h2><!-- /wp:heading --><!-- wp:latest-comments {"displayAvatar":false,"displayDate":false,"displayExcerpt":false} /--></div><!-- /wp:group -->' ), + 5 => array( 'content' => '<!-- wp:group --><div class="wp-block-group"><!-- wp:heading --><h2>' . __( 'Archives' ) . '</h2><!-- /wp:heading --><!-- wp:archives /--></div><!-- /wp:group -->' ), + 6 => array( 'content' => '<!-- wp:group --><div class="wp-block-group"><!-- wp:heading --><h2>' . __( 'Categories' ) . '</h2><!-- /wp:heading --><!-- wp:categories /--></div><!-- /wp:group -->' ), + '_multiwidget' => 1, + ) + ); + update_option( + 'sidebars_widgets', + array( + 'wp_inactive_widgets' => array(), + 'sidebar-1' => array( + 0 => 'block-2', + 1 => 'block-3', + 2 => 'block-4', + ), + 'sidebar-2' => array( + 0 => 'block-5', + 1 => 'block-6', + ), + 'array_version' => 3, + ) + ); + + if ( ! is_multisite() ) { + update_user_meta( $user_id, 'show_welcome_panel', 1 ); + } elseif ( ! is_super_admin( $user_id ) && ! metadata_exists( 'user', $user_id, 'show_welcome_panel' ) ) { + update_user_meta( $user_id, 'show_welcome_panel', 2 ); + } + + if ( is_multisite() ) { + // Flush rules to pick up the new page. + $wp_rewrite->init(); + $wp_rewrite->flush_rules(); + + $user = new WP_User( $user_id ); + $wpdb->update( $wpdb->options, array( 'option_value' => $user->user_email ), array( 'option_name' => 'admin_email' ) ); + + // Remove all perms except for the login user. + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE user_id != %d AND meta_key = %s", $user_id, $table_prefix . 'user_level' ) ); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE user_id != %d AND meta_key = %s", $user_id, $table_prefix . 'capabilities' ) ); + + /* + * Delete any caps that snuck into the previously active blog. (Hardcoded to blog 1 for now.) + * TODO: Get previous_blog_id. + */ + if ( ! is_super_admin( $user_id ) && 1 != $user_id ) { + $wpdb->delete( + $wpdb->usermeta, + array( + 'user_id' => $user_id, + 'meta_key' => $wpdb->base_prefix . '1_capabilities', + ) + ); + } + } + } +endif; + +/** + * Maybe enable pretty permalinks on installation. + * + * If after enabling pretty permalinks don't work, fallback to query-string permalinks. + * + * @since 4.2.0 + * + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * + * @return bool Whether pretty permalinks are enabled. False otherwise. + */ +function wp_install_maybe_enable_pretty_permalinks() { + global $wp_rewrite; + + // Bail if a permalink structure is already enabled. + if ( get_option( 'permalink_structure' ) ) { + return true; + } + + /* + * The Permalink structures to attempt. + * + * The first is designed for mod_rewrite or nginx rewriting. + * + * The second is PATHINFO-based permalinks for web server configurations + * without a true rewrite module enabled. + */ + $permalink_structures = array( + '/%year%/%monthnum%/%day%/%postname%/', + '/index.php/%year%/%monthnum%/%day%/%postname%/', + ); + + foreach ( (array) $permalink_structures as $permalink_structure ) { + $wp_rewrite->set_permalink_structure( $permalink_structure ); + + /* + * Flush rules with the hard option to force refresh of the web-server's + * rewrite config file (e.g. .htaccess or web.config). + */ + $wp_rewrite->flush_rules( true ); + + $test_url = ''; + + // Test against a real WordPress post. + $first_post = get_page_by_path( sanitize_title( _x( 'hello-world', 'Default post slug' ) ), OBJECT, 'post' ); + if ( $first_post ) { + $test_url = get_permalink( $first_post->ID ); + } + + /* + * Send a request to the site, and check whether + * the 'X-Pingback' header is returned as expected. + * + * Uses wp_remote_get() instead of wp_remote_head() because web servers + * can block head requests. + */ + $response = wp_remote_get( $test_url, array( 'timeout' => 5 ) ); + $x_pingback_header = wp_remote_retrieve_header( $response, 'X-Pingback' ); + $pretty_permalinks = $x_pingback_header && get_bloginfo( 'pingback_url' ) === $x_pingback_header; + + if ( $pretty_permalinks ) { + return true; + } + } + + /* + * If it makes it this far, pretty permalinks failed. + * Fallback to query-string permalinks. + */ + $wp_rewrite->set_permalink_structure( '' ); + $wp_rewrite->flush_rules( true ); + + return false; +} + +if ( ! function_exists( 'wp_new_blog_notification' ) ) : + /** + * Notifies the site admin that the installation of WordPress is complete. + * + * Sends an email to the new administrator that the installation is complete + * and provides them with a record of their login credentials. + * + * @since 2.1.0 + * + * @param string $blog_title Site title. + * @param string $blog_url Site URL. + * @param int $user_id Administrator's user ID. + * @param string $password Administrator's password. Note that a placeholder message is + * usually passed instead of the actual password. + */ + function wp_new_blog_notification( $blog_title, $blog_url, $user_id, $password ) { + $user = new WP_User( $user_id ); + $email = $user->user_email; + $name = $user->user_login; + $login_url = wp_login_url(); + + $message = sprintf( + /* translators: New site notification email. 1: New site URL, 2: User login, 3: User password or password reset link, 4: Login URL. */ + __( + 'Your new WordPress site has been successfully set up at: + +%1$s + +You can log in to the administrator account with the following information: + +Username: %2$s +Password: %3$s +Log in here: %4$s + +We hope you enjoy your new site. Thanks! + +--The WordPress Team +https://wordpress.org/ +' + ), + $blog_url, + $name, + $password, + $login_url + ); + + $installed_email = array( + 'to' => $email, + 'subject' => __( 'New WordPress Site' ), + 'message' => $message, + 'headers' => '', + ); + + /** + * Filters the contents of the email sent to the site administrator when WordPress is installed. + * + * @since 5.6.0 + * + * @param array $installed_email { + * Used to build wp_mail(). + * + * @type string $to The email address of the recipient. + * @type string $subject The subject of the email. + * @type string $message The content of the email. + * @type string $headers Headers. + * } + * @param WP_User $user The site administrator user object. + * @param string $blog_title The site title. + * @param string $blog_url The site URL. + * @param string $password The site administrator's password. Note that a placeholder message + * is usually passed instead of the user's actual password. + */ + $installed_email = apply_filters( 'wp_installed_email', $installed_email, $user, $blog_title, $blog_url, $password ); + + wp_mail( + $installed_email['to'], + $installed_email['subject'], + $installed_email['message'], + $installed_email['headers'] + ); + } +endif; + +if ( ! function_exists( 'wp_upgrade' ) ) : + /** + * Runs WordPress Upgrade functions. + * + * Upgrades the database if needed during a site update. + * + * @since 2.1.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global int $wp_db_version The new database version. + */ + function wp_upgrade() { + global $wp_current_db_version, $wp_db_version; + + $wp_current_db_version = __get_option( 'db_version' ); + + // We are up to date. Nothing to do. + if ( $wp_db_version == $wp_current_db_version ) { + return; + } + + if ( ! is_blog_installed() ) { + return; + } + + wp_check_mysql_version(); + wp_cache_flush(); + pre_schema_upgrade(); + make_db_current_silent(); + upgrade_all(); + if ( is_multisite() && is_main_site() ) { + upgrade_network(); + } + wp_cache_flush(); + + if ( is_multisite() ) { + update_site_meta( get_current_blog_id(), 'db_version', $wp_db_version ); + update_site_meta( get_current_blog_id(), 'db_last_updated', microtime() ); + } + + delete_transient( 'wp_core_block_css_files' ); + + /** + * Fires after a site is fully upgraded. + * + * @since 3.9.0 + * + * @param int $wp_db_version The new $wp_db_version. + * @param int $wp_current_db_version The old (current) $wp_db_version. + */ + do_action( 'wp_upgrade', $wp_db_version, $wp_current_db_version ); + } +endif; + +/** + * Functions to be called in installation and upgrade scripts. + * + * Contains conditional checks to determine which upgrade scripts to run, + * based on database version and WP version being updated-to. + * + * @ignore + * @since 1.0.1 + * + * @global int $wp_current_db_version The old (current) database version. + * @global int $wp_db_version The new database version. + */ +function upgrade_all() { + global $wp_current_db_version, $wp_db_version; + + $wp_current_db_version = __get_option( 'db_version' ); + + // We are up to date. Nothing to do. + if ( $wp_db_version == $wp_current_db_version ) { + return; + } + + // If the version is not set in the DB, try to guess the version. + if ( empty( $wp_current_db_version ) ) { + $wp_current_db_version = 0; + + // If the template option exists, we have 1.5. + $template = __get_option( 'template' ); + if ( ! empty( $template ) ) { + $wp_current_db_version = 2541; + } + } + + if ( $wp_current_db_version < 6039 ) { + upgrade_230_options_table(); + } + + populate_options(); + + if ( $wp_current_db_version < 2541 ) { + upgrade_100(); + upgrade_101(); + upgrade_110(); + upgrade_130(); + } + + if ( $wp_current_db_version < 3308 ) { + upgrade_160(); + } + + if ( $wp_current_db_version < 4772 ) { + upgrade_210(); + } + + if ( $wp_current_db_version < 4351 ) { + upgrade_old_slugs(); + } + + if ( $wp_current_db_version < 5539 ) { + upgrade_230(); + } + + if ( $wp_current_db_version < 6124 ) { + upgrade_230_old_tables(); + } + + if ( $wp_current_db_version < 7499 ) { + upgrade_250(); + } + + if ( $wp_current_db_version < 7935 ) { + upgrade_252(); + } + + if ( $wp_current_db_version < 8201 ) { + upgrade_260(); + } + + if ( $wp_current_db_version < 8989 ) { + upgrade_270(); + } + + if ( $wp_current_db_version < 10360 ) { + upgrade_280(); + } + + if ( $wp_current_db_version < 11958 ) { + upgrade_290(); + } + + if ( $wp_current_db_version < 15260 ) { + upgrade_300(); + } + + if ( $wp_current_db_version < 19389 ) { + upgrade_330(); + } + + if ( $wp_current_db_version < 20080 ) { + upgrade_340(); + } + + if ( $wp_current_db_version < 22422 ) { + upgrade_350(); + } + + if ( $wp_current_db_version < 25824 ) { + upgrade_370(); + } + + if ( $wp_current_db_version < 26148 ) { + upgrade_372(); + } + + if ( $wp_current_db_version < 26691 ) { + upgrade_380(); + } + + if ( $wp_current_db_version < 29630 ) { + upgrade_400(); + } + + if ( $wp_current_db_version < 33055 ) { + upgrade_430(); + } + + if ( $wp_current_db_version < 33056 ) { + upgrade_431(); + } + + if ( $wp_current_db_version < 35700 ) { + upgrade_440(); + } + + if ( $wp_current_db_version < 36686 ) { + upgrade_450(); + } + + if ( $wp_current_db_version < 37965 ) { + upgrade_460(); + } + + if ( $wp_current_db_version < 44719 ) { + upgrade_510(); + } + + if ( $wp_current_db_version < 45744 ) { + upgrade_530(); + } + + if ( $wp_current_db_version < 48575 ) { + upgrade_550(); + } + + if ( $wp_current_db_version < 49752 ) { + upgrade_560(); + } + + if ( $wp_current_db_version < 51917 ) { + upgrade_590(); + } + + if ( $wp_current_db_version < 53011 ) { + upgrade_600(); + } + + if ( $wp_current_db_version < 55853 ) { + upgrade_630(); + } + + if ( $wp_current_db_version < 56657 ) { + upgrade_640(); + } + + maybe_disable_link_manager(); + + maybe_disable_automattic_widgets(); + + update_option( 'db_version', $wp_db_version ); + update_option( 'db_upgraded', true ); +} + +/** + * Execute changes made in WordPress 1.0. + * + * @ignore + * @since 1.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_100() { + global $wpdb; + + // Get the title and ID of every post, post_name to check if it already has a value. + $posts = $wpdb->get_results( "SELECT ID, post_title, post_name FROM $wpdb->posts WHERE post_name = ''" ); + if ( $posts ) { + foreach ( $posts as $post ) { + if ( '' === $post->post_name ) { + $newtitle = sanitize_title( $post->post_title ); + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_name = %s WHERE ID = %d", $newtitle, $post->ID ) ); + } + } + } + + $categories = $wpdb->get_results( "SELECT cat_ID, cat_name, category_nicename FROM $wpdb->categories" ); + foreach ( $categories as $category ) { + if ( '' === $category->category_nicename ) { + $newtitle = sanitize_title( $category->cat_name ); + $wpdb->update( $wpdb->categories, array( 'category_nicename' => $newtitle ), array( 'cat_ID' => $category->cat_ID ) ); + } + } + + $sql = "UPDATE $wpdb->options + SET option_value = REPLACE(option_value, 'wp-links/links-images/', 'wp-images/links/') + WHERE option_name LIKE %s + AND option_value LIKE %s"; + $wpdb->query( $wpdb->prepare( $sql, $wpdb->esc_like( 'links_rating_image' ) . '%', $wpdb->esc_like( 'wp-links/links-images/' ) . '%' ) ); + + $done_ids = $wpdb->get_results( "SELECT DISTINCT post_id FROM $wpdb->post2cat" ); + if ( $done_ids ) : + $done_posts = array(); + foreach ( $done_ids as $done_id ) : + $done_posts[] = $done_id->post_id; + endforeach; + $catwhere = ' AND ID NOT IN (' . implode( ',', $done_posts ) . ')'; + else : + $catwhere = ''; + endif; + + $allposts = $wpdb->get_results( "SELECT ID, post_category FROM $wpdb->posts WHERE post_category != '0' $catwhere" ); + if ( $allposts ) : + foreach ( $allposts as $post ) { + // Check to see if it's already been imported. + $cat = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->post2cat WHERE post_id = %d AND category_id = %d", $post->ID, $post->post_category ) ); + if ( ! $cat && 0 != $post->post_category ) { // If there's no result. + $wpdb->insert( + $wpdb->post2cat, + array( + 'post_id' => $post->ID, + 'category_id' => $post->post_category, + ) + ); + } + } + endif; +} + +/** + * Execute changes made in WordPress 1.0.1. + * + * @ignore + * @since 1.0.1 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_101() { + global $wpdb; + + // Clean up indices, add a few. + add_clean_index( $wpdb->posts, 'post_name' ); + add_clean_index( $wpdb->posts, 'post_status' ); + add_clean_index( $wpdb->categories, 'category_nicename' ); + add_clean_index( $wpdb->comments, 'comment_approved' ); + add_clean_index( $wpdb->comments, 'comment_post_ID' ); + add_clean_index( $wpdb->links, 'link_category' ); + add_clean_index( $wpdb->links, 'link_visible' ); +} + +/** + * Execute changes made in WordPress 1.2. + * + * @ignore + * @since 1.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_110() { + global $wpdb; + + // Set user_nicename. + $users = $wpdb->get_results( "SELECT ID, user_nickname, user_nicename FROM $wpdb->users" ); + foreach ( $users as $user ) { + if ( '' === $user->user_nicename ) { + $newname = sanitize_title( $user->user_nickname ); + $wpdb->update( $wpdb->users, array( 'user_nicename' => $newname ), array( 'ID' => $user->ID ) ); + } + } + + $users = $wpdb->get_results( "SELECT ID, user_pass from $wpdb->users" ); + foreach ( $users as $row ) { + if ( ! preg_match( '/^[A-Fa-f0-9]{32}$/', $row->user_pass ) ) { + $wpdb->update( $wpdb->users, array( 'user_pass' => md5( $row->user_pass ) ), array( 'ID' => $row->ID ) ); + } + } + + // Get the GMT offset, we'll use that later on. + $all_options = get_alloptions_110(); + + $time_difference = $all_options->time_difference; + + $server_time = time() + gmdate( 'Z' ); + $weblogger_time = $server_time + $time_difference * HOUR_IN_SECONDS; + $gmt_time = time(); + + $diff_gmt_server = ( $gmt_time - $server_time ) / HOUR_IN_SECONDS; + $diff_weblogger_server = ( $weblogger_time - $server_time ) / HOUR_IN_SECONDS; + $diff_gmt_weblogger = $diff_gmt_server - $diff_weblogger_server; + $gmt_offset = -$diff_gmt_weblogger; + + // Add a gmt_offset option, with value $gmt_offset. + add_option( 'gmt_offset', $gmt_offset ); + + /* + * Check if we already set the GMT fields. If we did, then + * MAX(post_date_gmt) can't be '0000-00-00 00:00:00'. + * <michel_v> I just slapped myself silly for not thinking about it earlier. + */ + $got_gmt_fields = ( '0000-00-00 00:00:00' !== $wpdb->get_var( "SELECT MAX(post_date_gmt) FROM $wpdb->posts" ) ); + + if ( ! $got_gmt_fields ) { + + // Add or subtract time to all dates, to get GMT dates. + $add_hours = (int) $diff_gmt_weblogger; + $add_minutes = (int) ( 60 * ( $diff_gmt_weblogger - $add_hours ) ); + $wpdb->query( "UPDATE $wpdb->posts SET post_date_gmt = DATE_ADD(post_date, INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE)" ); + $wpdb->query( "UPDATE $wpdb->posts SET post_modified = post_date" ); + $wpdb->query( "UPDATE $wpdb->posts SET post_modified_gmt = DATE_ADD(post_modified, INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE) WHERE post_modified != '0000-00-00 00:00:00'" ); + $wpdb->query( "UPDATE $wpdb->comments SET comment_date_gmt = DATE_ADD(comment_date, INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE)" ); + $wpdb->query( "UPDATE $wpdb->users SET user_registered = DATE_ADD(user_registered, INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE)" ); + } +} + +/** + * Execute changes made in WordPress 1.5. + * + * @ignore + * @since 1.5.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_130() { + global $wpdb; + + // Remove extraneous backslashes. + $posts = $wpdb->get_results( "SELECT ID, post_title, post_content, post_excerpt, guid, post_date, post_name, post_status, post_author FROM $wpdb->posts" ); + if ( $posts ) { + foreach ( $posts as $post ) { + $post_content = addslashes( deslash( $post->post_content ) ); + $post_title = addslashes( deslash( $post->post_title ) ); + $post_excerpt = addslashes( deslash( $post->post_excerpt ) ); + if ( empty( $post->guid ) ) { + $guid = get_permalink( $post->ID ); + } else { + $guid = $post->guid; + } + + $wpdb->update( $wpdb->posts, compact( 'post_title', 'post_content', 'post_excerpt', 'guid' ), array( 'ID' => $post->ID ) ); + + } + } + + // Remove extraneous backslashes. + $comments = $wpdb->get_results( "SELECT comment_ID, comment_author, comment_content FROM $wpdb->comments" ); + if ( $comments ) { + foreach ( $comments as $comment ) { + $comment_content = deslash( $comment->comment_content ); + $comment_author = deslash( $comment->comment_author ); + + $wpdb->update( $wpdb->comments, compact( 'comment_content', 'comment_author' ), array( 'comment_ID' => $comment->comment_ID ) ); + } + } + + // Remove extraneous backslashes. + $links = $wpdb->get_results( "SELECT link_id, link_name, link_description FROM $wpdb->links" ); + if ( $links ) { + foreach ( $links as $link ) { + $link_name = deslash( $link->link_name ); + $link_description = deslash( $link->link_description ); + + $wpdb->update( $wpdb->links, compact( 'link_name', 'link_description' ), array( 'link_id' => $link->link_id ) ); + } + } + + $active_plugins = __get_option( 'active_plugins' ); + + /* + * If plugins are not stored in an array, they're stored in the old + * newline separated format. Convert to new format. + */ + if ( ! is_array( $active_plugins ) ) { + $active_plugins = explode( "\n", trim( $active_plugins ) ); + update_option( 'active_plugins', $active_plugins ); + } + + // Obsolete tables. + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optionvalues' ); + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiontypes' ); + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroups' ); + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroup_options' ); + + // Update comments table to use comment_type. + $wpdb->query( "UPDATE $wpdb->comments SET comment_type='trackback', comment_content = REPLACE(comment_content, '<trackback />', '') WHERE comment_content LIKE '<trackback />%'" ); + $wpdb->query( "UPDATE $wpdb->comments SET comment_type='pingback', comment_content = REPLACE(comment_content, '<pingback />', '') WHERE comment_content LIKE '<pingback />%'" ); + + // Some versions have multiple duplicate option_name rows with the same values. + $options = $wpdb->get_results( "SELECT option_name, COUNT(option_name) AS dupes FROM `$wpdb->options` GROUP BY option_name" ); + foreach ( $options as $option ) { + if ( 1 != $option->dupes ) { // Could this be done in the query? + $limit = $option->dupes - 1; + $dupe_ids = $wpdb->get_col( $wpdb->prepare( "SELECT option_id FROM $wpdb->options WHERE option_name = %s LIMIT %d", $option->option_name, $limit ) ); + if ( $dupe_ids ) { + $dupe_ids = implode( ',', $dupe_ids ); + $wpdb->query( "DELETE FROM $wpdb->options WHERE option_id IN ($dupe_ids)" ); + } + } + } + + make_site_theme(); +} + +/** + * Execute changes made in WordPress 2.0. + * + * @ignore + * @since 2.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_160() { + global $wpdb, $wp_current_db_version; + + populate_roles_160(); + + $users = $wpdb->get_results( "SELECT * FROM $wpdb->users" ); + foreach ( $users as $user ) : + if ( ! empty( $user->user_firstname ) ) { + update_user_meta( $user->ID, 'first_name', wp_slash( $user->user_firstname ) ); + } + if ( ! empty( $user->user_lastname ) ) { + update_user_meta( $user->ID, 'last_name', wp_slash( $user->user_lastname ) ); + } + if ( ! empty( $user->user_nickname ) ) { + update_user_meta( $user->ID, 'nickname', wp_slash( $user->user_nickname ) ); + } + if ( ! empty( $user->user_level ) ) { + update_user_meta( $user->ID, $wpdb->prefix . 'user_level', $user->user_level ); + } + if ( ! empty( $user->user_icq ) ) { + update_user_meta( $user->ID, 'icq', wp_slash( $user->user_icq ) ); + } + if ( ! empty( $user->user_aim ) ) { + update_user_meta( $user->ID, 'aim', wp_slash( $user->user_aim ) ); + } + if ( ! empty( $user->user_msn ) ) { + update_user_meta( $user->ID, 'msn', wp_slash( $user->user_msn ) ); + } + if ( ! empty( $user->user_yim ) ) { + update_user_meta( $user->ID, 'yim', wp_slash( $user->user_icq ) ); + } + if ( ! empty( $user->user_description ) ) { + update_user_meta( $user->ID, 'description', wp_slash( $user->user_description ) ); + } + + if ( isset( $user->user_idmode ) ) : + $idmode = $user->user_idmode; + if ( 'nickname' === $idmode ) { + $id = $user->user_nickname; + } + if ( 'login' === $idmode ) { + $id = $user->user_login; + } + if ( 'firstname' === $idmode ) { + $id = $user->user_firstname; + } + if ( 'lastname' === $idmode ) { + $id = $user->user_lastname; + } + if ( 'namefl' === $idmode ) { + $id = $user->user_firstname . ' ' . $user->user_lastname; + } + if ( 'namelf' === $idmode ) { + $id = $user->user_lastname . ' ' . $user->user_firstname; + } + if ( ! $idmode ) { + $id = $user->user_nickname; + } + $wpdb->update( $wpdb->users, array( 'display_name' => $id ), array( 'ID' => $user->ID ) ); + endif; + + // FIXME: RESET_CAPS is temporary code to reset roles and caps if flag is set. + $caps = get_user_meta( $user->ID, $wpdb->prefix . 'capabilities' ); + if ( empty( $caps ) || defined( 'RESET_CAPS' ) ) { + $level = get_user_meta( $user->ID, $wpdb->prefix . 'user_level', true ); + $role = translate_level_to_role( $level ); + update_user_meta( $user->ID, $wpdb->prefix . 'capabilities', array( $role => true ) ); + } + + endforeach; + $old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname', 'user_level' ); + $wpdb->hide_errors(); + foreach ( $old_user_fields as $old ) { + $wpdb->query( "ALTER TABLE $wpdb->users DROP $old" ); + } + $wpdb->show_errors(); + + // Populate comment_count field of posts table. + $comments = $wpdb->get_results( "SELECT comment_post_ID, COUNT(*) as c FROM $wpdb->comments WHERE comment_approved = '1' GROUP BY comment_post_ID" ); + if ( is_array( $comments ) ) { + foreach ( $comments as $comment ) { + $wpdb->update( $wpdb->posts, array( 'comment_count' => $comment->c ), array( 'ID' => $comment->comment_post_ID ) ); + } + } + + /* + * Some alpha versions used a post status of object instead of attachment + * and put the mime type in post_type instead of post_mime_type. + */ + if ( $wp_current_db_version > 2541 && $wp_current_db_version <= 3091 ) { + $objects = $wpdb->get_results( "SELECT ID, post_type FROM $wpdb->posts WHERE post_status = 'object'" ); + foreach ( $objects as $object ) { + $wpdb->update( + $wpdb->posts, + array( + 'post_status' => 'attachment', + 'post_mime_type' => $object->post_type, + 'post_type' => '', + ), + array( 'ID' => $object->ID ) + ); + + $meta = get_post_meta( $object->ID, 'imagedata', true ); + if ( ! empty( $meta['file'] ) ) { + update_attached_file( $object->ID, $meta['file'] ); + } + } + } +} + +/** + * Execute changes made in WordPress 2.1. + * + * @ignore + * @since 2.1.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_210() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 3506 ) { + // Update status and type. + $posts = $wpdb->get_results( "SELECT ID, post_status FROM $wpdb->posts" ); + + if ( ! empty( $posts ) ) { + foreach ( $posts as $post ) { + $status = $post->post_status; + $type = 'post'; + + if ( 'static' === $status ) { + $status = 'publish'; + $type = 'page'; + } elseif ( 'attachment' === $status ) { + $status = 'inherit'; + $type = 'attachment'; + } + + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_status = %s, post_type = %s WHERE ID = %d", $status, $type, $post->ID ) ); + } + } + } + + if ( $wp_current_db_version < 3845 ) { + populate_roles_210(); + } + + if ( $wp_current_db_version < 3531 ) { + // Give future posts a post_status of future. + $now = gmdate( 'Y-m-d H:i:59' ); + $wpdb->query( "UPDATE $wpdb->posts SET post_status = 'future' WHERE post_status = 'publish' AND post_date_gmt > '$now'" ); + + $posts = $wpdb->get_results( "SELECT ID, post_date FROM $wpdb->posts WHERE post_status ='future'" ); + if ( ! empty( $posts ) ) { + foreach ( $posts as $post ) { + wp_schedule_single_event( mysql2date( 'U', $post->post_date, false ), 'publish_future_post', array( $post->ID ) ); + } + } + } +} + +/** + * Execute changes made in WordPress 2.3. + * + * @ignore + * @since 2.3.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_230() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 5200 ) { + populate_roles_230(); + } + + // Convert categories to terms. + $tt_ids = array(); + $have_tags = false; + $categories = $wpdb->get_results( "SELECT * FROM $wpdb->categories ORDER BY cat_ID" ); + foreach ( $categories as $category ) { + $term_id = (int) $category->cat_ID; + $name = $category->cat_name; + $description = $category->category_description; + $slug = $category->category_nicename; + $parent = $category->category_parent; + $term_group = 0; + + // Associate terms with the same slug in a term group and make slugs unique. + $exists = $wpdb->get_results( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $slug ) ); + if ( $exists ) { + $term_group = $exists[0]->term_group; + $id = $exists[0]->term_id; + $num = 2; + do { + $alt_slug = $slug . "-$num"; + ++$num; + $slug_check = $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug ) ); + } while ( $slug_check ); + + $slug = $alt_slug; + + if ( empty( $term_group ) ) { + $term_group = $wpdb->get_var( "SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group" ) + 1; + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $id ) ); + } + } + + $wpdb->query( + $wpdb->prepare( + "INSERT INTO $wpdb->terms (term_id, name, slug, term_group) VALUES + (%d, %s, %s, %d)", + $term_id, + $name, + $slug, + $term_group + ) + ); + + $count = 0; + if ( ! empty( $category->category_count ) ) { + $count = (int) $category->category_count; + $taxonomy = 'category'; + $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count ) ); + $tt_ids[ $term_id ][ $taxonomy ] = (int) $wpdb->insert_id; + } + + if ( ! empty( $category->link_count ) ) { + $count = (int) $category->link_count; + $taxonomy = 'link_category'; + $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ( %d, %s, %s, %d, %d)", $term_id, $taxonomy, $description, $parent, $count ) ); + $tt_ids[ $term_id ][ $taxonomy ] = (int) $wpdb->insert_id; + } + + if ( ! empty( $category->tag_count ) ) { + $have_tags = true; + $count = (int) $category->tag_count; + $taxonomy = 'post_tag'; + $wpdb->insert( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent', 'count' ) ); + $tt_ids[ $term_id ][ $taxonomy ] = (int) $wpdb->insert_id; + } + + if ( empty( $count ) ) { + $count = 0; + $taxonomy = 'category'; + $wpdb->insert( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent', 'count' ) ); + $tt_ids[ $term_id ][ $taxonomy ] = (int) $wpdb->insert_id; + } + } + + $select = 'post_id, category_id'; + if ( $have_tags ) { + $select .= ', rel_type'; + } + + $posts = $wpdb->get_results( "SELECT $select FROM $wpdb->post2cat GROUP BY post_id, category_id" ); + foreach ( $posts as $post ) { + $post_id = (int) $post->post_id; + $term_id = (int) $post->category_id; + $taxonomy = 'category'; + if ( ! empty( $post->rel_type ) && 'tag' === $post->rel_type ) { + $taxonomy = 'tag'; + } + $tt_id = $tt_ids[ $term_id ][ $taxonomy ]; + if ( empty( $tt_id ) ) { + continue; + } + + $wpdb->insert( + $wpdb->term_relationships, + array( + 'object_id' => $post_id, + 'term_taxonomy_id' => $tt_id, + ) + ); + } + + // < 3570 we used linkcategories. >= 3570 we used categories and link2cat. + if ( $wp_current_db_version < 3570 ) { + /* + * Create link_category terms for link categories. Create a map of link + * category IDs to link_category terms. + */ + $link_cat_id_map = array(); + $default_link_cat = 0; + $tt_ids = array(); + $link_cats = $wpdb->get_results( 'SELECT cat_id, cat_name FROM ' . $wpdb->prefix . 'linkcategories' ); + foreach ( $link_cats as $category ) { + $cat_id = (int) $category->cat_id; + $term_id = 0; + $name = wp_slash( $category->cat_name ); + $slug = sanitize_title( $name ); + $term_group = 0; + + // Associate terms with the same slug in a term group and make slugs unique. + $exists = $wpdb->get_results( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $slug ) ); + if ( $exists ) { + $term_group = $exists[0]->term_group; + $term_id = $exists[0]->term_id; + } + + if ( empty( $term_id ) ) { + $wpdb->insert( $wpdb->terms, compact( 'name', 'slug', 'term_group' ) ); + $term_id = (int) $wpdb->insert_id; + } + + $link_cat_id_map[ $cat_id ] = $term_id; + $default_link_cat = $term_id; + + $wpdb->insert( + $wpdb->term_taxonomy, + array( + 'term_id' => $term_id, + 'taxonomy' => 'link_category', + 'description' => '', + 'parent' => 0, + 'count' => 0, + ) + ); + $tt_ids[ $term_id ] = (int) $wpdb->insert_id; + } + + // Associate links to categories. + $links = $wpdb->get_results( "SELECT link_id, link_category FROM $wpdb->links" ); + if ( ! empty( $links ) ) { + foreach ( $links as $link ) { + if ( 0 == $link->link_category ) { + continue; + } + if ( ! isset( $link_cat_id_map[ $link->link_category ] ) ) { + continue; + } + $term_id = $link_cat_id_map[ $link->link_category ]; + $tt_id = $tt_ids[ $term_id ]; + if ( empty( $tt_id ) ) { + continue; + } + + $wpdb->insert( + $wpdb->term_relationships, + array( + 'object_id' => $link->link_id, + 'term_taxonomy_id' => $tt_id, + ) + ); + } + } + + // Set default to the last category we grabbed during the upgrade loop. + update_option( 'default_link_category', $default_link_cat ); + } else { + $links = $wpdb->get_results( "SELECT link_id, category_id FROM $wpdb->link2cat GROUP BY link_id, category_id" ); + foreach ( $links as $link ) { + $link_id = (int) $link->link_id; + $term_id = (int) $link->category_id; + $taxonomy = 'link_category'; + $tt_id = $tt_ids[ $term_id ][ $taxonomy ]; + if ( empty( $tt_id ) ) { + continue; + } + $wpdb->insert( + $wpdb->term_relationships, + array( + 'object_id' => $link_id, + 'term_taxonomy_id' => $tt_id, + ) + ); + } + } + + if ( $wp_current_db_version < 4772 ) { + // Obsolete linkcategories table. + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'linkcategories' ); + } + + // Recalculate all counts. + $terms = $wpdb->get_results( "SELECT term_taxonomy_id, taxonomy FROM $wpdb->term_taxonomy" ); + foreach ( (array) $terms as $term ) { + if ( 'post_tag' === $term->taxonomy || 'category' === $term->taxonomy ) { + $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = %d", $term->term_taxonomy_id ) ); + } else { + $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $term->term_taxonomy_id ) ); + } + $wpdb->update( $wpdb->term_taxonomy, array( 'count' => $count ), array( 'term_taxonomy_id' => $term->term_taxonomy_id ) ); + } +} + +/** + * Remove old options from the database. + * + * @ignore + * @since 2.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_230_options_table() { + global $wpdb; + $old_options_fields = array( 'option_can_override', 'option_type', 'option_width', 'option_height', 'option_description', 'option_admin_level' ); + $wpdb->hide_errors(); + foreach ( $old_options_fields as $old ) { + $wpdb->query( "ALTER TABLE $wpdb->options DROP $old" ); + } + $wpdb->show_errors(); +} + +/** + * Remove old categories, link2cat, and post2cat database tables. + * + * @ignore + * @since 2.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_230_old_tables() { + global $wpdb; + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'categories' ); + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'link2cat' ); + $wpdb->query( 'DROP TABLE IF EXISTS ' . $wpdb->prefix . 'post2cat' ); +} + +/** + * Upgrade old slugs made in version 2.2. + * + * @ignore + * @since 2.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_old_slugs() { + // Upgrade people who were using the Redirect Old Slugs plugin. + global $wpdb; + $wpdb->query( "UPDATE $wpdb->postmeta SET meta_key = '_wp_old_slug' WHERE meta_key = 'old_slug'" ); +} + +/** + * Execute changes made in WordPress 2.5.0. + * + * @ignore + * @since 2.5.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_250() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 6689 ) { + populate_roles_250(); + } +} + +/** + * Execute changes made in WordPress 2.5.2. + * + * @ignore + * @since 2.5.2 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_252() { + global $wpdb; + + $wpdb->query( "UPDATE $wpdb->users SET user_activation_key = ''" ); +} + +/** + * Execute changes made in WordPress 2.6. + * + * @ignore + * @since 2.6.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_260() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 8000 ) { + populate_roles_260(); + } +} + +/** + * Execute changes made in WordPress 2.7. + * + * @ignore + * @since 2.7.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_270() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 8980 ) { + populate_roles_270(); + } + + // Update post_date for unpublished posts with empty timestamp. + if ( $wp_current_db_version < 8921 ) { + $wpdb->query( "UPDATE $wpdb->posts SET post_date = post_modified WHERE post_date = '0000-00-00 00:00:00'" ); + } +} + +/** + * Execute changes made in WordPress 2.8. + * + * @ignore + * @since 2.8.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_280() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 10360 ) { + populate_roles_280(); + } + if ( is_multisite() ) { + $start = 0; + while ( $rows = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options ORDER BY option_id LIMIT $start, 20" ) ) { + foreach ( $rows as $row ) { + $value = maybe_unserialize( $row->option_value ); + if ( $value === $row->option_value ) { + $value = stripslashes( $value ); + } + if ( $value !== $row->option_value ) { + update_option( $row->option_name, $value ); + } + } + $start += 20; + } + clean_blog_cache( get_current_blog_id() ); + } +} + +/** + * Execute changes made in WordPress 2.9. + * + * @ignore + * @since 2.9.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_290() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 11958 ) { + /* + * Previously, setting depth to 1 would redundantly disable threading, + * but now 2 is the minimum depth to avoid confusion. + */ + if ( get_option( 'thread_comments_depth' ) == '1' ) { + update_option( 'thread_comments_depth', 2 ); + update_option( 'thread_comments', 0 ); + } + } +} + +/** + * Execute changes made in WordPress 3.0. + * + * @ignore + * @since 3.0.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_300() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 15093 ) { + populate_roles_300(); + } + + if ( $wp_current_db_version < 14139 && is_multisite() && is_main_site() && ! defined( 'MULTISITE' ) && get_site_option( 'siteurl' ) === false ) { + add_site_option( 'siteurl', '' ); + } + + // 3.0 screen options key name changes. + if ( wp_should_upgrade_global_tables() ) { + $sql = "DELETE FROM $wpdb->usermeta + WHERE meta_key LIKE %s + OR meta_key LIKE %s + OR meta_key LIKE %s + OR meta_key LIKE %s + OR meta_key LIKE %s + OR meta_key LIKE %s + OR meta_key = 'manageedittagscolumnshidden' + OR meta_key = 'managecategoriescolumnshidden' + OR meta_key = 'manageedit-tagscolumnshidden' + OR meta_key = 'manageeditcolumnshidden' + OR meta_key = 'categories_per_page' + OR meta_key = 'edit_tags_per_page'"; + $prefix = $wpdb->esc_like( $wpdb->base_prefix ); + $wpdb->query( + $wpdb->prepare( + $sql, + $prefix . '%' . $wpdb->esc_like( 'meta-box-hidden' ) . '%', + $prefix . '%' . $wpdb->esc_like( 'closedpostboxes' ) . '%', + $prefix . '%' . $wpdb->esc_like( 'manage-' ) . '%' . $wpdb->esc_like( '-columns-hidden' ) . '%', + $prefix . '%' . $wpdb->esc_like( 'meta-box-order' ) . '%', + $prefix . '%' . $wpdb->esc_like( 'metaboxorder' ) . '%', + $prefix . '%' . $wpdb->esc_like( 'screen_layout' ) . '%' + ) + ); + } +} + +/** + * Execute changes made in WordPress 3.3. + * + * @ignore + * @since 3.3.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + * @global array $wp_registered_widgets + * @global array $sidebars_widgets + */ +function upgrade_330() { + global $wp_current_db_version, $wpdb, $wp_registered_widgets, $sidebars_widgets; + + if ( $wp_current_db_version < 19061 && wp_should_upgrade_global_tables() ) { + $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key IN ('show_admin_bar_admin', 'plugins_last_view')" ); + } + + if ( $wp_current_db_version >= 11548 ) { + return; + } + + $sidebars_widgets = get_option( 'sidebars_widgets', array() ); + $_sidebars_widgets = array(); + + if ( isset( $sidebars_widgets['wp_inactive_widgets'] ) || empty( $sidebars_widgets ) ) { + $sidebars_widgets['array_version'] = 3; + } elseif ( ! isset( $sidebars_widgets['array_version'] ) ) { + $sidebars_widgets['array_version'] = 1; + } + + switch ( $sidebars_widgets['array_version'] ) { + case 1: + foreach ( (array) $sidebars_widgets as $index => $sidebar ) { + if ( is_array( $sidebar ) ) { + foreach ( (array) $sidebar as $i => $name ) { + $id = strtolower( $name ); + if ( isset( $wp_registered_widgets[ $id ] ) ) { + $_sidebars_widgets[ $index ][ $i ] = $id; + continue; + } + + $id = sanitize_title( $name ); + if ( isset( $wp_registered_widgets[ $id ] ) ) { + $_sidebars_widgets[ $index ][ $i ] = $id; + continue; + } + + $found = false; + + foreach ( $wp_registered_widgets as $widget_id => $widget ) { + if ( strtolower( $widget['name'] ) === strtolower( $name ) ) { + $_sidebars_widgets[ $index ][ $i ] = $widget['id']; + + $found = true; + break; + } elseif ( sanitize_title( $widget['name'] ) === sanitize_title( $name ) ) { + $_sidebars_widgets[ $index ][ $i ] = $widget['id']; + + $found = true; + break; + } + } + + if ( $found ) { + continue; + } + + unset( $_sidebars_widgets[ $index ][ $i ] ); + } + } + } + $_sidebars_widgets['array_version'] = 2; + $sidebars_widgets = $_sidebars_widgets; + unset( $_sidebars_widgets ); + + // Intentional fall-through to upgrade to the next version. + case 2: + $sidebars_widgets = retrieve_widgets(); + $sidebars_widgets['array_version'] = 3; + update_option( 'sidebars_widgets', $sidebars_widgets ); + } +} + +/** + * Execute changes made in WordPress 3.4. + * + * @ignore + * @since 3.4.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_340() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 19798 ) { + $wpdb->hide_errors(); + $wpdb->query( "ALTER TABLE $wpdb->options DROP COLUMN blog_id" ); + $wpdb->show_errors(); + } + + if ( $wp_current_db_version < 19799 ) { + $wpdb->hide_errors(); + $wpdb->query( "ALTER TABLE $wpdb->comments DROP INDEX comment_approved" ); + $wpdb->show_errors(); + } + + if ( $wp_current_db_version < 20022 && wp_should_upgrade_global_tables() ) { + $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key = 'themes_last_view'" ); + } + + if ( $wp_current_db_version < 20080 ) { + if ( 'yes' === $wpdb->get_var( "SELECT autoload FROM $wpdb->options WHERE option_name = 'uninstall_plugins'" ) ) { + $uninstall_plugins = get_option( 'uninstall_plugins' ); + delete_option( 'uninstall_plugins' ); + add_option( 'uninstall_plugins', $uninstall_plugins, null, 'no' ); + } + } +} + +/** + * Execute changes made in WordPress 3.5. + * + * @ignore + * @since 3.5.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_350() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 22006 && $wpdb->get_var( "SELECT link_id FROM $wpdb->links LIMIT 1" ) ) { + update_option( 'link_manager_enabled', 1 ); // Previously set to 0 by populate_options(). + } + + if ( $wp_current_db_version < 21811 && wp_should_upgrade_global_tables() ) { + $meta_keys = array(); + foreach ( array_merge( get_post_types(), get_taxonomies() ) as $name ) { + if ( str_contains( $name, '-' ) ) { + $meta_keys[] = 'edit_' . str_replace( '-', '_', $name ) . '_per_page'; + } + } + if ( $meta_keys ) { + $meta_keys = implode( "', '", $meta_keys ); + $wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key IN ('$meta_keys')" ); + } + } + + if ( $wp_current_db_version < 22422 ) { + $term = get_term_by( 'slug', 'post-format-standard', 'post_format' ); + if ( $term ) { + wp_delete_term( $term->term_id, 'post_format' ); + } + } +} + +/** + * Execute changes made in WordPress 3.7. + * + * @ignore + * @since 3.7.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_370() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 25824 ) { + wp_clear_scheduled_hook( 'wp_auto_updates_maybe_update' ); + } +} + +/** + * Execute changes made in WordPress 3.7.2. + * + * @ignore + * @since 3.7.2 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_372() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 26148 ) { + wp_clear_scheduled_hook( 'wp_maybe_auto_update' ); + } +} + +/** + * Execute changes made in WordPress 3.8.0. + * + * @ignore + * @since 3.8.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_380() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 26691 ) { + deactivate_plugins( array( 'mp6/mp6.php' ), true ); + } +} + +/** + * Execute changes made in WordPress 4.0.0. + * + * @ignore + * @since 4.0.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_400() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 29630 ) { + if ( ! is_multisite() && false === get_option( 'WPLANG' ) ) { + if ( defined( 'WPLANG' ) && ( '' !== WPLANG ) && in_array( WPLANG, get_available_languages(), true ) ) { + update_option( 'WPLANG', WPLANG ); + } else { + update_option( 'WPLANG', '' ); + } + } + } +} + +/** + * Execute changes made in WordPress 4.2.0. + * + * @ignore + * @since 4.2.0 + */ +function upgrade_420() {} + +/** + * Executes changes made in WordPress 4.3.0. + * + * @ignore + * @since 4.3.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_430() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 32364 ) { + upgrade_430_fix_comments(); + } + + // Shared terms are split in a separate process. + if ( $wp_current_db_version < 32814 ) { + update_option( 'finished_splitting_shared_terms', 0 ); + wp_schedule_single_event( time() + ( 1 * MINUTE_IN_SECONDS ), 'wp_split_shared_term_batch' ); + } + + if ( $wp_current_db_version < 33055 && 'utf8mb4' === $wpdb->charset ) { + if ( is_multisite() ) { + $tables = $wpdb->tables( 'blog' ); + } else { + $tables = $wpdb->tables( 'all' ); + if ( ! wp_should_upgrade_global_tables() ) { + $global_tables = $wpdb->tables( 'global' ); + $tables = array_diff_assoc( $tables, $global_tables ); + } + } + + foreach ( $tables as $table ) { + maybe_convert_table_to_utf8mb4( $table ); + } + } +} + +/** + * Executes comments changes made in WordPress 4.3.0. + * + * @ignore + * @since 4.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_430_fix_comments() { + global $wpdb; + + $content_length = $wpdb->get_col_length( $wpdb->comments, 'comment_content' ); + + if ( is_wp_error( $content_length ) ) { + return; + } + + if ( false === $content_length ) { + $content_length = array( + 'type' => 'byte', + 'length' => 65535, + ); + } elseif ( ! is_array( $content_length ) ) { + $length = (int) $content_length > 0 ? (int) $content_length : 65535; + $content_length = array( + 'type' => 'byte', + 'length' => $length, + ); + } + + if ( 'byte' !== $content_length['type'] || 0 === $content_length['length'] ) { + // Sites with malformed DB schemas are on their own. + return; + } + + $allowed_length = (int) $content_length['length'] - 10; + + $comments = $wpdb->get_results( + "SELECT `comment_ID` FROM `{$wpdb->comments}` + WHERE `comment_date_gmt` > '2015-04-26' + AND LENGTH( `comment_content` ) >= {$allowed_length} + AND ( `comment_content` LIKE '%<%' OR `comment_content` LIKE '%>%' )" + ); + + foreach ( $comments as $comment ) { + wp_delete_comment( $comment->comment_ID, true ); + } +} + +/** + * Executes changes made in WordPress 4.3.1. + * + * @ignore + * @since 4.3.1 + */ +function upgrade_431() { + // Fix incorrect cron entries for term splitting. + $cron_array = _get_cron_array(); + if ( isset( $cron_array['wp_batch_split_terms'] ) ) { + unset( $cron_array['wp_batch_split_terms'] ); + _set_cron_array( $cron_array ); + } +} + +/** + * Executes changes made in WordPress 4.4.0. + * + * @ignore + * @since 4.4.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_440() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 34030 ) { + $wpdb->query( "ALTER TABLE {$wpdb->options} MODIFY option_name VARCHAR(191)" ); + } + + // Remove the unused 'add_users' role. + $roles = wp_roles(); + foreach ( $roles->role_objects as $role ) { + if ( $role->has_cap( 'add_users' ) ) { + $role->remove_cap( 'add_users' ); + } + } +} + +/** + * Executes changes made in WordPress 4.5.0. + * + * @ignore + * @since 4.5.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_450() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 36180 ) { + wp_clear_scheduled_hook( 'wp_maybe_auto_update' ); + } + + // Remove unused email confirmation options, moved to usermeta. + if ( $wp_current_db_version < 36679 && is_multisite() ) { + $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name REGEXP '^[0-9]+_new_email$'" ); + } + + // Remove unused user setting for wpLink. + delete_user_setting( 'wplink' ); +} + +/** + * Executes changes made in WordPress 4.6.0. + * + * @ignore + * @since 4.6.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_460() { + global $wp_current_db_version; + + // Remove unused post meta. + if ( $wp_current_db_version < 37854 ) { + delete_post_meta_by_key( '_post_restored_from' ); + } + + // Remove plugins with callback as an array object/method as the uninstall hook, see #13786. + if ( $wp_current_db_version < 37965 ) { + $uninstall_plugins = get_option( 'uninstall_plugins', array() ); + + if ( ! empty( $uninstall_plugins ) ) { + foreach ( $uninstall_plugins as $basename => $callback ) { + if ( is_array( $callback ) && is_object( $callback[0] ) ) { + unset( $uninstall_plugins[ $basename ] ); + } + } + + update_option( 'uninstall_plugins', $uninstall_plugins ); + } + } +} + +/** + * Executes changes made in WordPress 5.0.0. + * + * @ignore + * @since 5.0.0 + * @deprecated 5.1.0 + */ +function upgrade_500() { +} + +/** + * Executes changes made in WordPress 5.1.0. + * + * @ignore + * @since 5.1.0 + */ +function upgrade_510() { + delete_site_option( 'upgrade_500_was_gutenberg_active' ); +} + +/** + * Executes changes made in WordPress 5.3.0. + * + * @ignore + * @since 5.3.0 + */ +function upgrade_530() { + /* + * The `admin_email_lifespan` option may have been set by an admin that just logged in, + * saw the verification screen, clicked on a button there, and is now upgrading the db, + * or by populate_options() that is called earlier in upgrade_all(). + * In the second case `admin_email_lifespan` should be reset so the verification screen + * is shown next time an admin logs in. + */ + if ( function_exists( 'current_user_can' ) && ! current_user_can( 'manage_options' ) ) { + update_option( 'admin_email_lifespan', 0 ); + } +} + +/** + * Executes changes made in WordPress 5.5.0. + * + * @ignore + * @since 5.5.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_550() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 48121 ) { + $comment_previously_approved = get_option( 'comment_whitelist', '' ); + update_option( 'comment_previously_approved', $comment_previously_approved ); + delete_option( 'comment_whitelist' ); + } + + if ( $wp_current_db_version < 48575 ) { + // Use more clear and inclusive language. + $disallowed_list = get_option( 'blacklist_keys' ); + + /* + * This option key was briefly renamed `blocklist_keys`. + * Account for sites that have this key present when the original key does not exist. + */ + if ( false === $disallowed_list ) { + $disallowed_list = get_option( 'blocklist_keys' ); + } + + update_option( 'disallowed_keys', $disallowed_list ); + delete_option( 'blacklist_keys' ); + delete_option( 'blocklist_keys' ); + } + + if ( $wp_current_db_version < 48748 ) { + update_option( 'finished_updating_comment_type', 0 ); + wp_schedule_single_event( time() + ( 1 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); + } +} + +/** + * Executes changes made in WordPress 5.6.0. + * + * @ignore + * @since 5.6.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_560() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version < 49572 ) { + /* + * Clean up the `post_category` column removed from schema in version 2.8.0. + * Its presence may conflict with `WP_Post::__get()`. + */ + $post_category_exists = $wpdb->get_var( "SHOW COLUMNS FROM $wpdb->posts LIKE 'post_category'" ); + if ( ! is_null( $post_category_exists ) ) { + $wpdb->query( "ALTER TABLE $wpdb->posts DROP COLUMN `post_category`" ); + } + + /* + * When upgrading from WP < 5.6.0 set the core major auto-updates option to `unset` by default. + * This overrides the same option from populate_options() that is intended for new installs. + * See https://core.trac.wordpress.org/ticket/51742. + */ + update_option( 'auto_update_core_major', 'unset' ); + } + + if ( $wp_current_db_version < 49632 ) { + /* + * Regenerate the .htaccess file to add the `HTTP_AUTHORIZATION` rewrite rule. + * See https://core.trac.wordpress.org/ticket/51723. + */ + save_mod_rewrite_rules(); + } + + if ( $wp_current_db_version < 49735 ) { + delete_transient( 'dirsize_cache' ); + } + + if ( $wp_current_db_version < 49752 ) { + $results = $wpdb->get_results( + $wpdb->prepare( + "SELECT 1 FROM {$wpdb->usermeta} WHERE meta_key = %s LIMIT 1", + WP_Application_Passwords::USERMETA_KEY_APPLICATION_PASSWORDS + ) + ); + + if ( ! empty( $results ) ) { + $network_id = get_main_network_id(); + update_network_option( $network_id, WP_Application_Passwords::OPTION_KEY_IN_USE, 1 ); + } + } +} + +/** + * Executes changes made in WordPress 5.9.0. + * + * @ignore + * @since 5.9.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_590() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 51917 ) { + $crons = _get_cron_array(); + + if ( $crons && is_array( $crons ) ) { + // Remove errant `false` values, see #53950, #54906. + $crons = array_filter( $crons ); + _set_cron_array( $crons ); + } + } +} + +/** + * Executes changes made in WordPress 6.0.0. + * + * @ignore + * @since 6.0.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_600() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 53011 ) { + wp_update_user_counts(); + } +} + +/** + * Executes changes made in WordPress 6.3.0. + * + * @ignore + * @since 6.3.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_630() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 55853 ) { + if ( ! is_multisite() ) { + // Replace non-autoload option can_compress_scripts with autoload option, see #55270 + $can_compress_scripts = get_option( 'can_compress_scripts', false ); + if ( false !== $can_compress_scripts ) { + delete_option( 'can_compress_scripts' ); + add_option( 'can_compress_scripts', $can_compress_scripts, '', 'yes' ); + } + } + } +} + +/** + * Executes changes made in WordPress 6.4.0. + * + * @ignore + * @since 6.4.0 + * + * @global int $wp_current_db_version The old (current) database version. + */ +function upgrade_640() { + global $wp_current_db_version; + + if ( $wp_current_db_version < 56657 ) { + // Enable attachment pages. + update_option( 'wp_attachment_pages_enabled', 1 ); + + // Remove the wp_https_detection cron. Https status is checked directly in an async Site Health check. + $scheduled = wp_get_scheduled_event( 'wp_https_detection' ); + if ( $scheduled ) { + wp_clear_scheduled_hook( 'wp_https_detection' ); + } + } +} + +/** + * Executes network-level upgrade routines. + * + * @since 3.0.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function upgrade_network() { + global $wp_current_db_version, $wpdb; + + // Always clear expired transients. + delete_expired_transients( true ); + + // 2.8.0 + if ( $wp_current_db_version < 11549 ) { + $wpmu_sitewide_plugins = get_site_option( 'wpmu_sitewide_plugins' ); + $active_sitewide_plugins = get_site_option( 'active_sitewide_plugins' ); + if ( $wpmu_sitewide_plugins ) { + if ( ! $active_sitewide_plugins ) { + $sitewide_plugins = (array) $wpmu_sitewide_plugins; + } else { + $sitewide_plugins = array_merge( (array) $active_sitewide_plugins, (array) $wpmu_sitewide_plugins ); + } + + update_site_option( 'active_sitewide_plugins', $sitewide_plugins ); + } + delete_site_option( 'wpmu_sitewide_plugins' ); + delete_site_option( 'deactivated_sitewide_plugins' ); + + $start = 0; + while ( $rows = $wpdb->get_results( "SELECT meta_key, meta_value FROM {$wpdb->sitemeta} ORDER BY meta_id LIMIT $start, 20" ) ) { + foreach ( $rows as $row ) { + $value = $row->meta_value; + if ( ! @unserialize( $value ) ) { + $value = stripslashes( $value ); + } + if ( $value !== $row->meta_value ) { + update_site_option( $row->meta_key, $value ); + } + } + $start += 20; + } + } + + // 3.0.0 + if ( $wp_current_db_version < 13576 ) { + update_site_option( 'global_terms_enabled', '1' ); + } + + // 3.3.0 + if ( $wp_current_db_version < 19390 ) { + update_site_option( 'initial_db_version', $wp_current_db_version ); + } + + if ( $wp_current_db_version < 19470 ) { + if ( false === get_site_option( 'active_sitewide_plugins' ) ) { + update_site_option( 'active_sitewide_plugins', array() ); + } + } + + // 3.4.0 + if ( $wp_current_db_version < 20148 ) { + // 'allowedthemes' keys things by stylesheet. 'allowed_themes' keyed things by name. + $allowedthemes = get_site_option( 'allowedthemes' ); + $allowed_themes = get_site_option( 'allowed_themes' ); + if ( false === $allowedthemes && is_array( $allowed_themes ) && $allowed_themes ) { + $converted = array(); + $themes = wp_get_themes(); + foreach ( $themes as $stylesheet => $theme_data ) { + if ( isset( $allowed_themes[ $theme_data->get( 'Name' ) ] ) ) { + $converted[ $stylesheet ] = true; + } + } + update_site_option( 'allowedthemes', $converted ); + delete_site_option( 'allowed_themes' ); + } + } + + // 3.5.0 + if ( $wp_current_db_version < 21823 ) { + update_site_option( 'ms_files_rewriting', '1' ); + } + + // 3.5.2 + if ( $wp_current_db_version < 24448 ) { + $illegal_names = get_site_option( 'illegal_names' ); + if ( is_array( $illegal_names ) && count( $illegal_names ) === 1 ) { + $illegal_name = reset( $illegal_names ); + $illegal_names = explode( ' ', $illegal_name ); + update_site_option( 'illegal_names', $illegal_names ); + } + } + + // 4.2.0 + if ( $wp_current_db_version < 31351 && 'utf8mb4' === $wpdb->charset ) { + if ( wp_should_upgrade_global_tables() ) { + $wpdb->query( "ALTER TABLE $wpdb->usermeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->site DROP INDEX domain, ADD INDEX domain(domain(140),path(51))" ); + $wpdb->query( "ALTER TABLE $wpdb->sitemeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->signups DROP INDEX domain_path, ADD INDEX domain_path(domain(140),path(51))" ); + + $tables = $wpdb->tables( 'global' ); + + // sitecategories may not exist. + if ( ! $wpdb->get_var( "SHOW TABLES LIKE '{$tables['sitecategories']}'" ) ) { + unset( $tables['sitecategories'] ); + } + + foreach ( $tables as $table ) { + maybe_convert_table_to_utf8mb4( $table ); + } + } + } + + // 4.3.0 + if ( $wp_current_db_version < 33055 && 'utf8mb4' === $wpdb->charset ) { + if ( wp_should_upgrade_global_tables() ) { + $upgrade = false; + $indexes = $wpdb->get_results( "SHOW INDEXES FROM $wpdb->signups" ); + foreach ( $indexes as $index ) { + if ( 'domain_path' === $index->Key_name && 'domain' === $index->Column_name && 140 != $index->Sub_part ) { + $upgrade = true; + break; + } + } + + if ( $upgrade ) { + $wpdb->query( "ALTER TABLE $wpdb->signups DROP INDEX domain_path, ADD INDEX domain_path(domain(140),path(51))" ); + } + + $tables = $wpdb->tables( 'global' ); + + // sitecategories may not exist. + if ( ! $wpdb->get_var( "SHOW TABLES LIKE '{$tables['sitecategories']}'" ) ) { + unset( $tables['sitecategories'] ); + } + + foreach ( $tables as $table ) { + maybe_convert_table_to_utf8mb4( $table ); + } + } + } + + // 5.1.0 + if ( $wp_current_db_version < 44467 ) { + $network_id = get_main_network_id(); + delete_network_option( $network_id, 'site_meta_supported' ); + is_site_meta_supported(); + } +} + +// +// General functions we use to actually do stuff. +// + +/** + * Creates a table in the database, if it doesn't already exist. + * + * This method checks for an existing database table and creates a new one if it's not + * already present. It doesn't rely on MySQL's "IF NOT EXISTS" statement, but chooses + * to query all tables first and then run the SQL statement creating the table. + * + * @since 1.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $table_name Database table name. + * @param string $create_ddl SQL statement to create table. + * @return bool True on success or if the table already exists. False on failure. + */ +function maybe_create_table( $table_name, $create_ddl ) { + global $wpdb; + + $query = $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_name ) ); + + if ( $wpdb->get_var( $query ) === $table_name ) { + return true; + } + + // Didn't find it, so try to create it. + $wpdb->query( $create_ddl ); + + // We cannot directly tell that whether this succeeded! + if ( $wpdb->get_var( $query ) === $table_name ) { + return true; + } + + return false; +} + +/** + * Drops a specified index from a table. + * + * @since 1.0.1 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $table Database table name. + * @param string $index Index name to drop. + * @return true True, when finished. + */ +function drop_index( $table, $index ) { + global $wpdb; + + $wpdb->hide_errors(); + + $wpdb->query( "ALTER TABLE `$table` DROP INDEX `$index`" ); + + // Now we need to take out all the extra ones we may have created. + for ( $i = 0; $i < 25; $i++ ) { + $wpdb->query( "ALTER TABLE `$table` DROP INDEX `{$index}_$i`" ); + } + + $wpdb->show_errors(); + + return true; +} + +/** + * Adds an index to a specified table. + * + * @since 1.0.1 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $table Database table name. + * @param string $index Database table index column. + * @return true True, when done with execution. + */ +function add_clean_index( $table, $index ) { + global $wpdb; + + drop_index( $table, $index ); + $wpdb->query( "ALTER TABLE `$table` ADD INDEX ( `$index` )" ); + + return true; +} + +/** + * Adds column to a database table, if it doesn't already exist. + * + * @since 1.3.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $table_name Database table name. + * @param string $column_name Table column name. + * @param string $create_ddl SQL statement to add column. + * @return bool True on success or if the column already exists. False on failure. + */ +function maybe_add_column( $table_name, $column_name, $create_ddl ) { + global $wpdb; + + foreach ( $wpdb->get_col( "DESC $table_name", 0 ) as $column ) { + if ( $column === $column_name ) { + return true; + } + } + + // Didn't find it, so try to create it. + $wpdb->query( $create_ddl ); + + // We cannot directly tell that whether this succeeded! + foreach ( $wpdb->get_col( "DESC $table_name", 0 ) as $column ) { + if ( $column === $column_name ) { + return true; + } + } + + return false; +} + +/** + * If a table only contains utf8 or utf8mb4 columns, convert it to utf8mb4. + * + * @since 4.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $table The table to convert. + * @return bool True if the table was converted, false if it wasn't. + */ +function maybe_convert_table_to_utf8mb4( $table ) { + global $wpdb; + + $results = $wpdb->get_results( "SHOW FULL COLUMNS FROM `$table`" ); + if ( ! $results ) { + return false; + } + + foreach ( $results as $column ) { + if ( $column->Collation ) { + list( $charset ) = explode( '_', $column->Collation ); + $charset = strtolower( $charset ); + if ( 'utf8' !== $charset && 'utf8mb4' !== $charset ) { + // Don't upgrade tables that have non-utf8 columns. + return false; + } + } + } + + $table_details = $wpdb->get_row( "SHOW TABLE STATUS LIKE '$table'" ); + if ( ! $table_details ) { + return false; + } + + list( $table_charset ) = explode( '_', $table_details->Collation ); + $table_charset = strtolower( $table_charset ); + if ( 'utf8mb4' === $table_charset ) { + return true; + } + + return $wpdb->query( "ALTER TABLE $table CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci" ); +} + +/** + * Retrieve all options as it was for 1.2. + * + * @since 1.2.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @return stdClass List of options. + */ +function get_alloptions_110() { + global $wpdb; + $all_options = new stdClass(); + $options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" ); + if ( $options ) { + foreach ( $options as $option ) { + if ( 'siteurl' === $option->option_name || 'home' === $option->option_name || 'category_base' === $option->option_name ) { + $option->option_value = untrailingslashit( $option->option_value ); + } + $all_options->{$option->option_name} = stripslashes( $option->option_value ); + } + } + return $all_options; +} + +/** + * Utility version of get_option that is private to installation/upgrade. + * + * @ignore + * @since 1.5.1 + * @access private + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $setting Option name. + * @return mixed + */ +function __get_option( $setting ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionDoubleUnderscore,PHPCompatibility.FunctionNameRestrictions.ReservedFunctionNames.FunctionDoubleUnderscore + global $wpdb; + + if ( 'home' === $setting && defined( 'WP_HOME' ) ) { + return untrailingslashit( WP_HOME ); + } + + if ( 'siteurl' === $setting && defined( 'WP_SITEURL' ) ) { + return untrailingslashit( WP_SITEURL ); + } + + $option = $wpdb->get_var( $wpdb->prepare( "SELECT option_value FROM $wpdb->options WHERE option_name = %s", $setting ) ); + + if ( 'home' === $setting && ! $option ) { + return __get_option( 'siteurl' ); + } + + if ( in_array( $setting, array( 'siteurl', 'home', 'category_base', 'tag_base' ), true ) ) { + $option = untrailingslashit( $option ); + } + + return maybe_unserialize( $option ); +} + +/** + * Filters for content to remove unnecessary slashes. + * + * @since 1.5.0 + * + * @param string $content The content to modify. + * @return string The de-slashed content. + */ +function deslash( $content ) { + // Note: \\\ inside a regex denotes a single backslash. + + /* + * Replace one or more backslashes followed by a single quote with + * a single quote. + */ + $content = preg_replace( "/\\\+'/", "'", $content ); + + /* + * Replace one or more backslashes followed by a double quote with + * a double quote. + */ + $content = preg_replace( '/\\\+"/', '"', $content ); + + // Replace one or more backslashes with one backslash. + $content = preg_replace( '/\\\+/', '\\', $content ); + + return $content; +} + +/** + * Modifies the database based on specified SQL statements. + * + * Useful for creating new tables and updating existing tables to a new structure. + * + * @since 1.5.0 + * @since 6.1.0 Ignores display width for integer data types on MySQL 8.0.17 or later, + * to match MySQL behavior. Note: This does not affect MariaDB. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string[]|string $queries Optional. The query to run. Can be multiple queries + * in an array, or a string of queries separated by + * semicolons. Default empty string. + * @param bool $execute Optional. Whether or not to execute the query right away. + * Default true. + * @return array Strings containing the results of the various update queries. + */ +function dbDelta( $queries = '', $execute = true ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid + global $wpdb; + + if ( in_array( $queries, array( '', 'all', 'blog', 'global', 'ms_global' ), true ) ) { + $queries = wp_get_db_schema( $queries ); + } + + // Separate individual queries into an array. + if ( ! is_array( $queries ) ) { + $queries = explode( ';', $queries ); + $queries = array_filter( $queries ); + } + + /** + * Filters the dbDelta SQL queries. + * + * @since 3.3.0 + * + * @param string[] $queries An array of dbDelta SQL queries. + */ + $queries = apply_filters( 'dbdelta_queries', $queries ); + + $cqueries = array(); // Creation queries. + $iqueries = array(); // Insertion queries. + $for_update = array(); + + // Create a tablename index for an array ($cqueries) of recognized query types. + foreach ( $queries as $qry ) { + if ( preg_match( '|CREATE TABLE ([^ ]*)|', $qry, $matches ) ) { + $cqueries[ trim( $matches[1], '`' ) ] = $qry; + $for_update[ $matches[1] ] = 'Created table ' . $matches[1]; + continue; + } + + if ( preg_match( '|CREATE DATABASE ([^ ]*)|', $qry, $matches ) ) { + array_unshift( $cqueries, $qry ); + continue; + } + + if ( preg_match( '|INSERT INTO ([^ ]*)|', $qry, $matches ) ) { + $iqueries[] = $qry; + continue; + } + + if ( preg_match( '|UPDATE ([^ ]*)|', $qry, $matches ) ) { + $iqueries[] = $qry; + continue; + } + } + + /** + * Filters the dbDelta SQL queries for creating tables and/or databases. + * + * Queries filterable via this hook contain "CREATE TABLE" or "CREATE DATABASE". + * + * @since 3.3.0 + * + * @param string[] $cqueries An array of dbDelta create SQL queries. + */ + $cqueries = apply_filters( 'dbdelta_create_queries', $cqueries ); + + /** + * Filters the dbDelta SQL queries for inserting or updating. + * + * Queries filterable via this hook contain "INSERT INTO" or "UPDATE". + * + * @since 3.3.0 + * + * @param string[] $iqueries An array of dbDelta insert or update SQL queries. + */ + $iqueries = apply_filters( 'dbdelta_insert_queries', $iqueries ); + + $text_fields = array( 'tinytext', 'text', 'mediumtext', 'longtext' ); + $blob_fields = array( 'tinyblob', 'blob', 'mediumblob', 'longblob' ); + $int_fields = array( 'tinyint', 'smallint', 'mediumint', 'int', 'integer', 'bigint' ); + + $global_tables = $wpdb->tables( 'global' ); + $db_version = $wpdb->db_version(); + $db_server_info = $wpdb->db_server_info(); + + foreach ( $cqueries as $table => $qry ) { + // Upgrade global tables only for the main site. Don't upgrade at all if conditions are not optimal. + if ( in_array( $table, $global_tables, true ) && ! wp_should_upgrade_global_tables() ) { + unset( $cqueries[ $table ], $for_update[ $table ] ); + continue; + } + + // Fetch the table column structure from the database. + $suppress = $wpdb->suppress_errors(); + $tablefields = $wpdb->get_results( "DESCRIBE {$table};" ); + $wpdb->suppress_errors( $suppress ); + + if ( ! $tablefields ) { + continue; + } + + // Clear the field and index arrays. + $cfields = array(); + $indices = array(); + $indices_without_subparts = array(); + + // Get all of the field names in the query from between the parentheses. + preg_match( '|\((.*)\)|ms', $qry, $match2 ); + $qryline = trim( $match2[1] ); + + // Separate field lines into an array. + $flds = explode( "\n", $qryline ); + + // For every field line specified in the query. + foreach ( $flds as $fld ) { + $fld = trim( $fld, " \t\n\r\0\x0B," ); // Default trim characters, plus ','. + + // Extract the field name. + preg_match( '|^([^ ]*)|', $fld, $fvals ); + $fieldname = trim( $fvals[1], '`' ); + $fieldname_lowercased = strtolower( $fieldname ); + + // Verify the found field name. + $validfield = true; + switch ( $fieldname_lowercased ) { + case '': + case 'primary': + case 'index': + case 'fulltext': + case 'unique': + case 'key': + case 'spatial': + $validfield = false; + + /* + * Normalize the index definition. + * + * This is done so the definition can be compared against the result of a + * `SHOW INDEX FROM $table_name` query which returns the current table + * index information. + */ + + // Extract type, name and columns from the definition. + // phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound -- don't remove regex indentation + preg_match( + '/^' + . '(?P<index_type>' // 1) Type of the index. + . 'PRIMARY\s+KEY|(?:UNIQUE|FULLTEXT|SPATIAL)\s+(?:KEY|INDEX)|KEY|INDEX' + . ')' + . '\s+' // Followed by at least one white space character. + . '(?:' // Name of the index. Optional if type is PRIMARY KEY. + . '`?' // Name can be escaped with a backtick. + . '(?P<index_name>' // 2) Name of the index. + . '(?:[0-9a-zA-Z$_-]|[\xC2-\xDF][\x80-\xBF])+' + . ')' + . '`?' // Name can be escaped with a backtick. + . '\s+' // Followed by at least one white space character. + . ')*' + . '\(' // Opening bracket for the columns. + . '(?P<index_columns>' + . '.+?' // 3) Column names, index prefixes, and orders. + . ')' + . '\)' // Closing bracket for the columns. + . '$/im', + $fld, + $index_matches + ); + // phpcs:enable + + // Uppercase the index type and normalize space characters. + $index_type = strtoupper( preg_replace( '/\s+/', ' ', trim( $index_matches['index_type'] ) ) ); + + // 'INDEX' is a synonym for 'KEY', standardize on 'KEY'. + $index_type = str_replace( 'INDEX', 'KEY', $index_type ); + + // Escape the index name with backticks. An index for a primary key has no name. + $index_name = ( 'PRIMARY KEY' === $index_type ) ? '' : '`' . strtolower( $index_matches['index_name'] ) . '`'; + + // Parse the columns. Multiple columns are separated by a comma. + $index_columns = array_map( 'trim', explode( ',', $index_matches['index_columns'] ) ); + $index_columns_without_subparts = $index_columns; + + // Normalize columns. + foreach ( $index_columns as $id => &$index_column ) { + // Extract column name and number of indexed characters (sub_part). + // phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound -- don't remove regex indentation + preg_match( + '/' + . '`?' // Name can be escaped with a backtick. + . '(?P<column_name>' // 1) Name of the column. + . '(?:[0-9a-zA-Z$_-]|[\xC2-\xDF][\x80-\xBF])+' + . ')' + . '`?' // Name can be escaped with a backtick. + . '(?:' // Optional sub part. + . '\s*' // Optional white space character between name and opening bracket. + . '\(' // Opening bracket for the sub part. + . '\s*' // Optional white space character after opening bracket. + . '(?P<sub_part>' + . '\d+' // 2) Number of indexed characters. + . ')' + . '\s*' // Optional white space character before closing bracket. + . '\)' // Closing bracket for the sub part. + . ')?' + . '/', + $index_column, + $index_column_matches + ); + // phpcs:enable + + // Escape the column name with backticks. + $index_column = '`' . $index_column_matches['column_name'] . '`'; + + // We don't need to add the subpart to $index_columns_without_subparts + $index_columns_without_subparts[ $id ] = $index_column; + + // Append the optional sup part with the number of indexed characters. + if ( isset( $index_column_matches['sub_part'] ) ) { + $index_column .= '(' . $index_column_matches['sub_part'] . ')'; + } + } + + // Build the normalized index definition and add it to the list of indices. + $indices[] = "{$index_type} {$index_name} (" . implode( ',', $index_columns ) . ')'; + $indices_without_subparts[] = "{$index_type} {$index_name} (" . implode( ',', $index_columns_without_subparts ) . ')'; + + // Destroy no longer needed variables. + unset( $index_column, $index_column_matches, $index_matches, $index_type, $index_name, $index_columns, $index_columns_without_subparts ); + + break; + } + + // If it's a valid field, add it to the field array. + if ( $validfield ) { + $cfields[ $fieldname_lowercased ] = $fld; + } + } + + // For every field in the table. + foreach ( $tablefields as $tablefield ) { + $tablefield_field_lowercased = strtolower( $tablefield->Field ); + $tablefield_type_lowercased = strtolower( $tablefield->Type ); + + $tablefield_type_without_parentheses = preg_replace( + '/' + . '(.+)' // Field type, e.g. `int`. + . '\(\d*\)' // Display width. + . '(.*)' // Optional attributes, e.g. `unsigned`. + . '/', + '$1$2', + $tablefield_type_lowercased + ); + + // Get the type without attributes, e.g. `int`. + $tablefield_type_base = strtok( $tablefield_type_without_parentheses, ' ' ); + + // If the table field exists in the field array... + if ( array_key_exists( $tablefield_field_lowercased, $cfields ) ) { + + // Get the field type from the query. + preg_match( '|`?' . $tablefield->Field . '`? ([^ ]*( unsigned)?)|i', $cfields[ $tablefield_field_lowercased ], $matches ); + $fieldtype = $matches[1]; + $fieldtype_lowercased = strtolower( $fieldtype ); + + $fieldtype_without_parentheses = preg_replace( + '/' + . '(.+)' // Field type, e.g. `int`. + . '\(\d*\)' // Display width. + . '(.*)' // Optional attributes, e.g. `unsigned`. + . '/', + '$1$2', + $fieldtype_lowercased + ); + + // Get the type without attributes, e.g. `int`. + $fieldtype_base = strtok( $fieldtype_without_parentheses, ' ' ); + + // Is actual field type different from the field type in query? + if ( $tablefield->Type != $fieldtype ) { + $do_change = true; + if ( in_array( $fieldtype_lowercased, $text_fields, true ) && in_array( $tablefield_type_lowercased, $text_fields, true ) ) { + if ( array_search( $fieldtype_lowercased, $text_fields, true ) < array_search( $tablefield_type_lowercased, $text_fields, true ) ) { + $do_change = false; + } + } + + if ( in_array( $fieldtype_lowercased, $blob_fields, true ) && in_array( $tablefield_type_lowercased, $blob_fields, true ) ) { + if ( array_search( $fieldtype_lowercased, $blob_fields, true ) < array_search( $tablefield_type_lowercased, $blob_fields, true ) ) { + $do_change = false; + } + } + + if ( in_array( $fieldtype_base, $int_fields, true ) && in_array( $tablefield_type_base, $int_fields, true ) + && $fieldtype_without_parentheses === $tablefield_type_without_parentheses + ) { + /* + * MySQL 8.0.17 or later does not support display width for integer data types, + * so if display width is the only difference, it can be safely ignored. + * Note: This is specific to MySQL and does not affect MariaDB. + */ + if ( version_compare( $db_version, '8.0.17', '>=' ) + && ! str_contains( $db_server_info, 'MariaDB' ) + ) { + $do_change = false; + } + } + + if ( $do_change ) { + // Add a query to change the column type. + $cqueries[] = "ALTER TABLE {$table} CHANGE COLUMN `{$tablefield->Field}` " . $cfields[ $tablefield_field_lowercased ]; + + $for_update[ $table . '.' . $tablefield->Field ] = "Changed type of {$table}.{$tablefield->Field} from {$tablefield->Type} to {$fieldtype}"; + } + } + + // Get the default value from the array. + if ( preg_match( "| DEFAULT '(.*?)'|i", $cfields[ $tablefield_field_lowercased ], $matches ) ) { + $default_value = $matches[1]; + if ( $tablefield->Default != $default_value ) { + // Add a query to change the column's default value + $cqueries[] = "ALTER TABLE {$table} ALTER COLUMN `{$tablefield->Field}` SET DEFAULT '{$default_value}'"; + + $for_update[ $table . '.' . $tablefield->Field ] = "Changed default value of {$table}.{$tablefield->Field} from {$tablefield->Default} to {$default_value}"; + } + } + + // Remove the field from the array (so it's not added). + unset( $cfields[ $tablefield_field_lowercased ] ); + } else { + // This field exists in the table, but not in the creation queries? + } + } + + // For every remaining field specified for the table. + foreach ( $cfields as $fieldname => $fielddef ) { + // Push a query line into $cqueries that adds the field to that table. + $cqueries[] = "ALTER TABLE {$table} ADD COLUMN $fielddef"; + + $for_update[ $table . '.' . $fieldname ] = 'Added column ' . $table . '.' . $fieldname; + } + + // Index stuff goes here. Fetch the table index structure from the database. + $tableindices = $wpdb->get_results( "SHOW INDEX FROM {$table};" ); + + if ( $tableindices ) { + // Clear the index array. + $index_ary = array(); + + // For every index in the table. + foreach ( $tableindices as $tableindex ) { + $keyname = strtolower( $tableindex->Key_name ); + + // Add the index to the index data array. + $index_ary[ $keyname ]['columns'][] = array( + 'fieldname' => $tableindex->Column_name, + 'subpart' => $tableindex->Sub_part, + ); + $index_ary[ $keyname ]['unique'] = ( 0 == $tableindex->Non_unique ) ? true : false; + $index_ary[ $keyname ]['index_type'] = $tableindex->Index_type; + } + + // For each actual index in the index array. + foreach ( $index_ary as $index_name => $index_data ) { + + // Build a create string to compare to the query. + $index_string = ''; + if ( 'primary' === $index_name ) { + $index_string .= 'PRIMARY '; + } elseif ( $index_data['unique'] ) { + $index_string .= 'UNIQUE '; + } + + if ( 'FULLTEXT' === strtoupper( $index_data['index_type'] ) ) { + $index_string .= 'FULLTEXT '; + } + + if ( 'SPATIAL' === strtoupper( $index_data['index_type'] ) ) { + $index_string .= 'SPATIAL '; + } + + $index_string .= 'KEY '; + if ( 'primary' !== $index_name ) { + $index_string .= '`' . $index_name . '`'; + } + + $index_columns = ''; + + // For each column in the index. + foreach ( $index_data['columns'] as $column_data ) { + if ( '' !== $index_columns ) { + $index_columns .= ','; + } + + // Add the field to the column list string. + $index_columns .= '`' . $column_data['fieldname'] . '`'; + } + + // Add the column list to the index create string. + $index_string .= " ($index_columns)"; + + // Check if the index definition exists, ignoring subparts. + $aindex = array_search( $index_string, $indices_without_subparts, true ); + if ( false !== $aindex ) { + // If the index already exists (even with different subparts), we don't need to create it. + unset( $indices_without_subparts[ $aindex ] ); + unset( $indices[ $aindex ] ); + } + } + } + + // For every remaining index specified for the table. + foreach ( (array) $indices as $index ) { + // Push a query line into $cqueries that adds the index to that table. + $cqueries[] = "ALTER TABLE {$table} ADD $index"; + + $for_update[] = 'Added index ' . $table . ' ' . $index; + } + + // Remove the original table creation query from processing. + unset( $cqueries[ $table ], $for_update[ $table ] ); + } + + $allqueries = array_merge( $cqueries, $iqueries ); + if ( $execute ) { + foreach ( $allqueries as $query ) { + $wpdb->query( $query ); + } + } + + return $for_update; +} + +/** + * Updates the database tables to a new schema. + * + * By default, updates all the tables to use the latest defined schema, but can also + * be used to update a specific set of tables in wp_get_db_schema(). + * + * @since 1.5.0 + * + * @uses dbDelta + * + * @param string $tables Optional. Which set of tables to update. Default is 'all'. + */ +function make_db_current( $tables = 'all' ) { + $alterations = dbDelta( $tables ); + echo "<ol>\n"; + foreach ( $alterations as $alteration ) { + echo "<li>$alteration</li>\n"; + } + echo "</ol>\n"; +} + +/** + * Updates the database tables to a new schema, but without displaying results. + * + * By default, updates all the tables to use the latest defined schema, but can + * also be used to update a specific set of tables in wp_get_db_schema(). + * + * @since 1.5.0 + * + * @see make_db_current() + * + * @param string $tables Optional. Which set of tables to update. Default is 'all'. + */ +function make_db_current_silent( $tables = 'all' ) { + dbDelta( $tables ); +} + +/** + * Creates a site theme from an existing theme. + * + * {@internal Missing Long Description}} + * + * @since 1.5.0 + * + * @param string $theme_name The name of the theme. + * @param string $template The directory name of the theme. + * @return bool + */ +function make_site_theme_from_oldschool( $theme_name, $template ) { + $home_path = get_home_path(); + $site_dir = WP_CONTENT_DIR . "/themes/$template"; + $default_dir = WP_CONTENT_DIR . '/themes/' . WP_DEFAULT_THEME; + + if ( ! file_exists( "$home_path/index.php" ) ) { + return false; + } + + /* + * Copy files from the old locations to the site theme. + * TODO: This does not copy arbitrary include dependencies. Only the standard WP files are copied. + */ + $files = array( + 'index.php' => 'index.php', + 'wp-layout.css' => 'style.css', + 'wp-comments.php' => 'comments.php', + 'wp-comments-popup.php' => 'comments-popup.php', + ); + + foreach ( $files as $oldfile => $newfile ) { + if ( 'index.php' === $oldfile ) { + $oldpath = $home_path; + } else { + $oldpath = ABSPATH; + } + + // Check to make sure it's not a new index. + if ( 'index.php' === $oldfile ) { + $index = implode( '', file( "$oldpath/$oldfile" ) ); + if ( str_contains( $index, 'WP_USE_THEMES' ) ) { + if ( ! copy( "$default_dir/$oldfile", "$site_dir/$newfile" ) ) { + return false; + } + + // Don't copy anything. + continue; + } + } + + if ( ! copy( "$oldpath/$oldfile", "$site_dir/$newfile" ) ) { + return false; + } + + chmod( "$site_dir/$newfile", 0777 ); + + // Update the blog header include in each file. + $lines = explode( "\n", implode( '', file( "$site_dir/$newfile" ) ) ); + if ( $lines ) { + $f = fopen( "$site_dir/$newfile", 'w' ); + + foreach ( $lines as $line ) { + if ( preg_match( '/require.*wp-blog-header/', $line ) ) { + $line = '//' . $line; + } + + // Update stylesheet references. + $line = str_replace( + "<?php echo __get_option('siteurl'); ?>/wp-layout.css", + "<?php bloginfo('stylesheet_url'); ?>", + $line + ); + + // Update comments template inclusion. + $line = str_replace( + "<?php include(ABSPATH . 'wp-comments.php'); ?>", + '<?php comments_template(); ?>', + $line + ); + + fwrite( $f, "{$line}\n" ); + } + fclose( $f ); + } + } + + // Add a theme header. + $header = "/*\n" . + "Theme Name: $theme_name\n" . + 'Theme URI: ' . __get_option( 'siteurl' ) . "\n" . + "Description: A theme automatically created by the update.\n" . + "Version: 1.0\n" . + "Author: Moi\n" . + "*/\n"; + + $stylelines = file_get_contents( "$site_dir/style.css" ); + if ( $stylelines ) { + $f = fopen( "$site_dir/style.css", 'w' ); + + fwrite( $f, $header ); + fwrite( $f, $stylelines ); + fclose( $f ); + } + + return true; +} + +/** + * Creates a site theme from the default theme. + * + * {@internal Missing Long Description}} + * + * @since 1.5.0 + * + * @param string $theme_name The name of the theme. + * @param string $template The directory name of the theme. + * @return void|false + */ +function make_site_theme_from_default( $theme_name, $template ) { + $site_dir = WP_CONTENT_DIR . "/themes/$template"; + $default_dir = WP_CONTENT_DIR . '/themes/' . WP_DEFAULT_THEME; + + /* + * Copy files from the default theme to the site theme. + * $files = array( 'index.php', 'comments.php', 'comments-popup.php', 'footer.php', 'header.php', 'sidebar.php', 'style.css' ); + */ + + $theme_dir = @opendir( $default_dir ); + if ( $theme_dir ) { + while ( ( $theme_file = readdir( $theme_dir ) ) !== false ) { + if ( is_dir( "$default_dir/$theme_file" ) ) { + continue; + } + + if ( ! copy( "$default_dir/$theme_file", "$site_dir/$theme_file" ) ) { + return; + } + + chmod( "$site_dir/$theme_file", 0777 ); + } + + closedir( $theme_dir ); + } + + // Rewrite the theme header. + $stylelines = explode( "\n", implode( '', file( "$site_dir/style.css" ) ) ); + if ( $stylelines ) { + $f = fopen( "$site_dir/style.css", 'w' ); + + $headers = array( + 'Theme Name:' => $theme_name, + 'Theme URI:' => __get_option( 'url' ), + 'Description:' => 'Your theme.', + 'Version:' => '1', + 'Author:' => 'You', + ); + + foreach ( $stylelines as $line ) { + foreach ( $headers as $header => $value ) { + if ( str_contains( $line, $header ) ) { + $line = $header . ' ' . $value; + break; + } + } + + fwrite( $f, $line . "\n" ); + } + + fclose( $f ); + } + + // Copy the images. + umask( 0 ); + if ( ! mkdir( "$site_dir/images", 0777 ) ) { + return false; + } + + $images_dir = @opendir( "$default_dir/images" ); + if ( $images_dir ) { + while ( ( $image = readdir( $images_dir ) ) !== false ) { + if ( is_dir( "$default_dir/images/$image" ) ) { + continue; + } + + if ( ! copy( "$default_dir/images/$image", "$site_dir/images/$image" ) ) { + return; + } + + chmod( "$site_dir/images/$image", 0777 ); + } + + closedir( $images_dir ); + } +} + +/** + * Creates a site theme. + * + * {@internal Missing Long Description}} + * + * @since 1.5.0 + * + * @return string|false + */ +function make_site_theme() { + // Name the theme after the blog. + $theme_name = __get_option( 'blogname' ); + $template = sanitize_title( $theme_name ); + $site_dir = WP_CONTENT_DIR . "/themes/$template"; + + // If the theme already exists, nothing to do. + if ( is_dir( $site_dir ) ) { + return false; + } + + // We must be able to write to the themes dir. + if ( ! is_writable( WP_CONTENT_DIR . '/themes' ) ) { + return false; + } + + umask( 0 ); + if ( ! mkdir( $site_dir, 0777 ) ) { + return false; + } + + if ( file_exists( ABSPATH . 'wp-layout.css' ) ) { + if ( ! make_site_theme_from_oldschool( $theme_name, $template ) ) { + // TODO: rm -rf the site theme directory. + return false; + } + } else { + if ( ! make_site_theme_from_default( $theme_name, $template ) ) { + // TODO: rm -rf the site theme directory. + return false; + } + } + + // Make the new site theme active. + $current_template = __get_option( 'template' ); + if ( WP_DEFAULT_THEME == $current_template ) { + update_option( 'template', $template ); + update_option( 'stylesheet', $template ); + } + return $template; +} + +/** + * Translate user level to user role name. + * + * @since 2.0.0 + * + * @param int $level User level. + * @return string User role name. + */ +function translate_level_to_role( $level ) { + switch ( $level ) { + case 10: + case 9: + case 8: + return 'administrator'; + case 7: + case 6: + case 5: + return 'editor'; + case 4: + case 3: + case 2: + return 'author'; + case 1: + return 'contributor'; + case 0: + default: + return 'subscriber'; + } +} + +/** + * Checks the version of the installed MySQL binary. + * + * @since 2.1.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + */ +function wp_check_mysql_version() { + global $wpdb; + $result = $wpdb->check_database_version(); + if ( is_wp_error( $result ) ) { + wp_die( $result ); + } +} + +/** + * Disables the Automattic widgets plugin, which was merged into core. + * + * @since 2.2.0 + */ +function maybe_disable_automattic_widgets() { + $plugins = __get_option( 'active_plugins' ); + + foreach ( (array) $plugins as $plugin ) { + if ( 'widgets.php' === basename( $plugin ) ) { + array_splice( $plugins, array_search( $plugin, $plugins, true ), 1 ); + update_option( 'active_plugins', $plugins ); + break; + } + } +} + +/** + * Disables the Link Manager on upgrade if, at the time of upgrade, no links exist in the DB. + * + * @since 3.5.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function maybe_disable_link_manager() { + global $wp_current_db_version, $wpdb; + + if ( $wp_current_db_version >= 22006 && get_option( 'link_manager_enabled' ) && ! $wpdb->get_var( "SELECT link_id FROM $wpdb->links LIMIT 1" ) ) { + update_option( 'link_manager_enabled', 0 ); + } +} + +/** + * Runs before the schema is upgraded. + * + * @since 2.9.0 + * + * @global int $wp_current_db_version The old (current) database version. + * @global wpdb $wpdb WordPress database abstraction object. + */ +function pre_schema_upgrade() { + global $wp_current_db_version, $wpdb; + + // Upgrade versions prior to 2.9. + if ( $wp_current_db_version < 11557 ) { + // Delete duplicate options. Keep the option with the highest option_id. + $wpdb->query( "DELETE o1 FROM $wpdb->options AS o1 JOIN $wpdb->options AS o2 USING (`option_name`) WHERE o2.option_id > o1.option_id" ); + + // Drop the old primary key and add the new. + $wpdb->query( "ALTER TABLE $wpdb->options DROP PRIMARY KEY, ADD PRIMARY KEY(option_id)" ); + + // Drop the old option_name index. dbDelta() doesn't do the drop. + $wpdb->query( "ALTER TABLE $wpdb->options DROP INDEX option_name" ); + } + + // Multisite schema upgrades. + if ( $wp_current_db_version < 25448 && is_multisite() && wp_should_upgrade_global_tables() ) { + + // Upgrade versions prior to 3.7. + if ( $wp_current_db_version < 25179 ) { + // New primary key for signups. + $wpdb->query( "ALTER TABLE $wpdb->signups ADD signup_id BIGINT(20) NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST" ); + $wpdb->query( "ALTER TABLE $wpdb->signups DROP INDEX domain" ); + } + + if ( $wp_current_db_version < 25448 ) { + // Convert archived from enum to tinyint. + $wpdb->query( "ALTER TABLE $wpdb->blogs CHANGE COLUMN archived archived varchar(1) NOT NULL default '0'" ); + $wpdb->query( "ALTER TABLE $wpdb->blogs CHANGE COLUMN archived archived tinyint(2) NOT NULL default 0" ); + } + } + + // Upgrade versions prior to 4.2. + if ( $wp_current_db_version < 31351 ) { + if ( ! is_multisite() && wp_should_upgrade_global_tables() ) { + $wpdb->query( "ALTER TABLE $wpdb->usermeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + } + $wpdb->query( "ALTER TABLE $wpdb->terms DROP INDEX slug, ADD INDEX slug(slug(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->terms DROP INDEX name, ADD INDEX name(name(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->commentmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->postmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + $wpdb->query( "ALTER TABLE $wpdb->posts DROP INDEX post_name, ADD INDEX post_name(post_name(191))" ); + } + + // Upgrade versions prior to 4.4. + if ( $wp_current_db_version < 34978 ) { + // If compatible termmeta table is found, use it, but enforce a proper index and update collation. + if ( $wpdb->get_var( "SHOW TABLES LIKE '{$wpdb->termmeta}'" ) && $wpdb->get_results( "SHOW INDEX FROM {$wpdb->termmeta} WHERE Column_name = 'meta_key'" ) ) { + $wpdb->query( "ALTER TABLE $wpdb->termmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191))" ); + maybe_convert_table_to_utf8mb4( $wpdb->termmeta ); + } + } +} + +/** + * Determine if global tables should be upgraded. + * + * This function performs a series of checks to ensure the environment allows + * for the safe upgrading of global WordPress database tables. It is necessary + * because global tables will commonly grow to millions of rows on large + * installations, and the ability to control their upgrade routines can be + * critical to the operation of large networks. + * + * In a future iteration, this function may use `wp_is_large_network()` to more- + * intelligently prevent global table upgrades. Until then, we make sure + * WordPress is on the main site of the main network, to avoid running queries + * more than once in multi-site or multi-network environments. + * + * @since 4.3.0 + * + * @return bool Whether to run the upgrade routines on global tables. + */ +function wp_should_upgrade_global_tables() { + + // Return false early if explicitly not upgrading. + if ( defined( 'DO_NOT_UPGRADE_GLOBAL_TABLES' ) ) { + return false; + } + + // Assume global tables should be upgraded. + $should_upgrade = true; + + // Set to false if not on main network (does not matter if not multi-network). + if ( ! is_main_network() ) { + $should_upgrade = false; + } + + // Set to false if not on main site of current network (does not matter if not multi-site). + if ( ! is_main_site() ) { + $should_upgrade = false; + } + + /** + * Filters if upgrade routines should be run on global tables. + * + * @since 4.3.0 + * + * @param bool $should_upgrade Whether to run the upgrade routines on global tables. + */ + return apply_filters( 'wp_should_upgrade_global_tables', $should_upgrade ); +} diff --git a/wp-admin/includes/user.php b/wp-admin/includes/user.php new file mode 100644 index 0000000..423c13a --- /dev/null +++ b/wp-admin/includes/user.php @@ -0,0 +1,756 @@ +<?php +/** + * WordPress user administration API. + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Creates a new user from the "Users" form using $_POST information. + * + * @since 2.0.0 + * + * @return int|WP_Error WP_Error or User ID. + */ +function add_user() { + return edit_user(); +} + +/** + * Edit user settings based on contents of $_POST + * + * Used on user-edit.php and profile.php to manage and process user options, passwords etc. + * + * @since 2.0.0 + * + * @param int $user_id Optional. User ID. + * @return int|WP_Error User ID of the updated user or WP_Error on failure. + */ +function edit_user( $user_id = 0 ) { + $wp_roles = wp_roles(); + $user = new stdClass(); + $user_id = (int) $user_id; + if ( $user_id ) { + $update = true; + $user->ID = $user_id; + $userdata = get_userdata( $user_id ); + $user->user_login = wp_slash( $userdata->user_login ); + } else { + $update = false; + } + + if ( ! $update && isset( $_POST['user_login'] ) ) { + $user->user_login = sanitize_user( wp_unslash( $_POST['user_login'] ), true ); + } + + $pass1 = ''; + $pass2 = ''; + if ( isset( $_POST['pass1'] ) ) { + $pass1 = trim( $_POST['pass1'] ); + } + if ( isset( $_POST['pass2'] ) ) { + $pass2 = trim( $_POST['pass2'] ); + } + + if ( isset( $_POST['role'] ) && current_user_can( 'promote_users' ) && ( ! $user_id || current_user_can( 'promote_user', $user_id ) ) ) { + $new_role = sanitize_text_field( $_POST['role'] ); + + // If the new role isn't editable by the logged-in user die with error. + $editable_roles = get_editable_roles(); + if ( ! empty( $new_role ) && empty( $editable_roles[ $new_role ] ) ) { + wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 ); + } + + $potential_role = isset( $wp_roles->role_objects[ $new_role ] ) ? $wp_roles->role_objects[ $new_role ] : false; + + /* + * Don't let anyone with 'promote_users' edit their own role to something without it. + * Multisite super admins can freely edit their roles, they possess all caps. + */ + if ( + ( is_multisite() && current_user_can( 'manage_network_users' ) ) || + get_current_user_id() !== $user_id || + ( $potential_role && $potential_role->has_cap( 'promote_users' ) ) + ) { + $user->role = $new_role; + } + } + + if ( isset( $_POST['email'] ) ) { + $user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) ); + } + if ( isset( $_POST['url'] ) ) { + if ( empty( $_POST['url'] ) || 'http://' === $_POST['url'] ) { + $user->user_url = ''; + } else { + $user->user_url = sanitize_url( $_POST['url'] ); + $protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) ); + $user->user_url = preg_match( '/^(' . $protocols . '):/is', $user->user_url ) ? $user->user_url : 'http://' . $user->user_url; + } + } + if ( isset( $_POST['first_name'] ) ) { + $user->first_name = sanitize_text_field( $_POST['first_name'] ); + } + if ( isset( $_POST['last_name'] ) ) { + $user->last_name = sanitize_text_field( $_POST['last_name'] ); + } + if ( isset( $_POST['nickname'] ) ) { + $user->nickname = sanitize_text_field( $_POST['nickname'] ); + } + if ( isset( $_POST['display_name'] ) ) { + $user->display_name = sanitize_text_field( $_POST['display_name'] ); + } + + if ( isset( $_POST['description'] ) ) { + $user->description = trim( $_POST['description'] ); + } + + foreach ( wp_get_user_contact_methods( $user ) as $method => $name ) { + if ( isset( $_POST[ $method ] ) ) { + $user->$method = sanitize_text_field( $_POST[ $method ] ); + } + } + + if ( isset( $_POST['locale'] ) ) { + $locale = sanitize_text_field( $_POST['locale'] ); + if ( 'site-default' === $locale ) { + $locale = ''; + } elseif ( '' === $locale ) { + $locale = 'en_US'; + } elseif ( ! in_array( $locale, get_available_languages(), true ) ) { + if ( current_user_can( 'install_languages' ) && wp_can_install_language_pack() ) { + if ( ! wp_download_language_pack( $locale ) ) { + $locale = ''; + } + } else { + $locale = ''; + } + } + + $user->locale = $locale; + } + + if ( $update ) { + $user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' === $_POST['rich_editing'] ? 'false' : 'true'; + $user->syntax_highlighting = isset( $_POST['syntax_highlighting'] ) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true'; + $user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh'; + $user->show_admin_bar_front = isset( $_POST['admin_bar_front'] ) ? 'true' : 'false'; + } + + $user->comment_shortcuts = isset( $_POST['comment_shortcuts'] ) && 'true' === $_POST['comment_shortcuts'] ? 'true' : ''; + + $user->use_ssl = 0; + if ( ! empty( $_POST['use_ssl'] ) ) { + $user->use_ssl = 1; + } + + $errors = new WP_Error(); + + /* checking that username has been typed */ + if ( '' === $user->user_login ) { + $errors->add( 'user_login', __( '<strong>Error:</strong> Please enter a username.' ) ); + } + + /* checking that nickname has been typed */ + if ( $update && empty( $user->nickname ) ) { + $errors->add( 'nickname', __( '<strong>Error:</strong> Please enter a nickname.' ) ); + } + + /** + * Fires before the password and confirm password fields are checked for congruity. + * + * @since 1.5.1 + * + * @param string $user_login The username. + * @param string $pass1 The password (passed by reference). + * @param string $pass2 The confirmed password (passed by reference). + */ + do_action_ref_array( 'check_passwords', array( $user->user_login, &$pass1, &$pass2 ) ); + + // Check for blank password when adding a user. + if ( ! $update && empty( $pass1 ) ) { + $errors->add( 'pass', __( '<strong>Error:</strong> Please enter a password.' ), array( 'form-field' => 'pass1' ) ); + } + + // Check for "\" in password. + if ( str_contains( wp_unslash( $pass1 ), '\\' ) ) { + $errors->add( 'pass', __( '<strong>Error:</strong> Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) ); + } + + // Checking the password has been typed twice the same. + if ( ( $update || ! empty( $pass1 ) ) && $pass1 !== $pass2 ) { + $errors->add( 'pass', __( '<strong>Error:</strong> Passwords do not match. Please enter the same password in both password fields.' ), array( 'form-field' => 'pass1' ) ); + } + + if ( ! empty( $pass1 ) ) { + $user->user_pass = $pass1; + } + + if ( ! $update && isset( $_POST['user_login'] ) && ! validate_username( $_POST['user_login'] ) ) { + $errors->add( 'user_login', __( '<strong>Error:</strong> This username is invalid because it uses illegal characters. Please enter a valid username.' ) ); + } + + if ( ! $update && username_exists( $user->user_login ) ) { + $errors->add( 'user_login', __( '<strong>Error:</strong> This username is already registered. Please choose another one.' ) ); + } + + /** This filter is documented in wp-includes/user.php */ + $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); + + if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) { + $errors->add( 'invalid_username', __( '<strong>Error:</strong> Sorry, that username is not allowed.' ) ); + } + + // Checking email address. + if ( empty( $user->user_email ) ) { + $errors->add( 'empty_email', __( '<strong>Error:</strong> Please enter an email address.' ), array( 'form-field' => 'email' ) ); + } elseif ( ! is_email( $user->user_email ) ) { + $errors->add( 'invalid_email', __( '<strong>Error:</strong> The email address is not correct.' ), array( 'form-field' => 'email' ) ); + } else { + $owner_id = email_exists( $user->user_email ); + if ( $owner_id && ( ! $update || ( $owner_id !== $user->ID ) ) ) { + $errors->add( 'email_exists', __( '<strong>Error:</strong> This email is already registered. Please choose another one.' ), array( 'form-field' => 'email' ) ); + } + } + + /** + * Fires before user profile update errors are returned. + * + * @since 2.8.0 + * + * @param WP_Error $errors WP_Error object (passed by reference). + * @param bool $update Whether this is a user update. + * @param stdClass $user User object (passed by reference). + */ + do_action_ref_array( 'user_profile_update_errors', array( &$errors, $update, &$user ) ); + + if ( $errors->has_errors() ) { + return $errors; + } + + if ( $update ) { + $user_id = wp_update_user( $user ); + } else { + $user_id = wp_insert_user( $user ); + $notify = isset( $_POST['send_user_notification'] ) ? 'both' : 'admin'; + + /** + * Fires after a new user has been created. + * + * @since 4.4.0 + * + * @param int|WP_Error $user_id ID of the newly created user or WP_Error on failure. + * @param string $notify Type of notification that should happen. See + * wp_send_new_user_notifications() for more information. + */ + do_action( 'edit_user_created_user', $user_id, $notify ); + } + return $user_id; +} + +/** + * Fetch a filtered list of user roles that the current user is + * allowed to edit. + * + * Simple function whose main purpose is to allow filtering of the + * list of roles in the $wp_roles object so that plugins can remove + * inappropriate ones depending on the situation or user making edits. + * Specifically because without filtering anyone with the edit_users + * capability can edit others to be administrators, even if they are + * only editors or authors. This filter allows admins to delegate + * user management. + * + * @since 2.8.0 + * + * @return array[] Array of arrays containing role information. + */ +function get_editable_roles() { + $all_roles = wp_roles()->roles; + + /** + * Filters the list of editable roles. + * + * @since 2.8.0 + * + * @param array[] $all_roles Array of arrays containing role information. + */ + $editable_roles = apply_filters( 'editable_roles', $all_roles ); + + return $editable_roles; +} + +/** + * Retrieve user data and filter it. + * + * @since 2.0.5 + * + * @param int $user_id User ID. + * @return WP_User|false WP_User object on success, false on failure. + */ +function get_user_to_edit( $user_id ) { + $user = get_userdata( $user_id ); + + if ( $user ) { + $user->filter = 'edit'; + } + + return $user; +} + +/** + * Retrieve the user's drafts. + * + * @since 2.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id User ID. + * @return array + */ +function get_users_drafts( $user_id ) { + global $wpdb; + $query = $wpdb->prepare( "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id ); + + /** + * Filters the user's drafts query string. + * + * @since 2.0.0 + * + * @param string $query The user's drafts query string. + */ + $query = apply_filters( 'get_users_drafts', $query ); + return $wpdb->get_results( $query ); +} + +/** + * Delete user and optionally reassign posts and links to another user. + * + * Note that on a Multisite installation the user only gets removed from the site + * and does not get deleted from the database. + * + * If the `$reassign` parameter is not assigned to a user ID, then all posts will + * be deleted of that user. The action {@see 'delete_user'} that is passed the user ID + * being deleted will be run after the posts are either reassigned or deleted. + * The user meta will also be deleted that are for that user ID. + * + * @since 2.0.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $id User ID. + * @param int $reassign Optional. Reassign posts and links to new User ID. + * @return bool True when finished. + */ +function wp_delete_user( $id, $reassign = null ) { + global $wpdb; + + if ( ! is_numeric( $id ) ) { + return false; + } + + $id = (int) $id; + $user = new WP_User( $id ); + + if ( ! $user->exists() ) { + return false; + } + + // Normalize $reassign to null or a user ID. 'novalue' was an older default. + if ( 'novalue' === $reassign ) { + $reassign = null; + } elseif ( null !== $reassign ) { + $reassign = (int) $reassign; + } + + /** + * Fires immediately before a user is deleted from the site. + * + * Note that on a Multisite installation the user only gets removed from the site + * and does not get deleted from the database. + * + * @since 2.0.0 + * @since 5.5.0 Added the `$user` parameter. + * + * @param int $id ID of the user to delete. + * @param int|null $reassign ID of the user to reassign posts and links to. + * Default null, for no reassignment. + * @param WP_User $user WP_User object of the user to delete. + */ + do_action( 'delete_user', $id, $reassign, $user ); + + if ( null === $reassign ) { + $post_types_to_delete = array(); + foreach ( get_post_types( array(), 'objects' ) as $post_type ) { + if ( $post_type->delete_with_user ) { + $post_types_to_delete[] = $post_type->name; + } elseif ( null === $post_type->delete_with_user && post_type_supports( $post_type->name, 'author' ) ) { + $post_types_to_delete[] = $post_type->name; + } + } + + /** + * Filters the list of post types to delete with a user. + * + * @since 3.4.0 + * + * @param string[] $post_types_to_delete Array of post types to delete. + * @param int $id User ID. + */ + $post_types_to_delete = apply_filters( 'post_types_to_delete_with_user', $post_types_to_delete, $id ); + $post_types_to_delete = implode( "', '", $post_types_to_delete ); + $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN ('$post_types_to_delete')", $id ) ); + if ( $post_ids ) { + foreach ( $post_ids as $post_id ) { + wp_delete_post( $post_id ); + } + } + + // Clean links. + $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) ); + + if ( $link_ids ) { + foreach ( $link_ids as $link_id ) { + wp_delete_link( $link_id ); + } + } + } else { + $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d", $id ) ); + $wpdb->update( $wpdb->posts, array( 'post_author' => $reassign ), array( 'post_author' => $id ) ); + if ( ! empty( $post_ids ) ) { + foreach ( $post_ids as $post_id ) { + clean_post_cache( $post_id ); + } + } + $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) ); + $wpdb->update( $wpdb->links, array( 'link_owner' => $reassign ), array( 'link_owner' => $id ) ); + if ( ! empty( $link_ids ) ) { + foreach ( $link_ids as $link_id ) { + clean_bookmark_cache( $link_id ); + } + } + } + + // FINALLY, delete user. + if ( is_multisite() ) { + remove_user_from_blog( $id, get_current_blog_id() ); + } else { + $meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + foreach ( $meta as $mid ) { + delete_metadata_by_mid( 'user', $mid ); + } + + $wpdb->delete( $wpdb->users, array( 'ID' => $id ) ); + } + + clean_user_cache( $user ); + + /** + * Fires immediately after a user is deleted from the site. + * + * Note that on a Multisite installation the user may not have been deleted from + * the database depending on whether `wp_delete_user()` or `wpmu_delete_user()` + * was called. + * + * @since 2.9.0 + * @since 5.5.0 Added the `$user` parameter. + * + * @param int $id ID of the deleted user. + * @param int|null $reassign ID of the user to reassign posts and links to. + * Default null, for no reassignment. + * @param WP_User $user WP_User object of the deleted user. + */ + do_action( 'deleted_user', $id, $reassign, $user ); + + return true; +} + +/** + * Remove all capabilities from user. + * + * @since 2.1.0 + * + * @param int $id User ID. + */ +function wp_revoke_user( $id ) { + $id = (int) $id; + + $user = new WP_User( $id ); + $user->remove_all_caps(); +} + +/** + * @since 2.8.0 + * + * @global int $user_ID + * + * @param false $errors Deprecated. + */ +function default_password_nag_handler( $errors = false ) { + global $user_ID; + // Short-circuit it. + if ( ! get_user_option( 'default_password_nag' ) ) { + return; + } + + // get_user_setting() = JS-saved UI setting. Else no-js-fallback code. + if ( 'hide' === get_user_setting( 'default_password_nag' ) + || isset( $_GET['default_password_nag'] ) && '0' === $_GET['default_password_nag'] + ) { + delete_user_setting( 'default_password_nag' ); + update_user_meta( $user_ID, 'default_password_nag', false ); + } +} + +/** + * @since 2.8.0 + * + * @param int $user_ID + * @param WP_User $old_data + */ +function default_password_nag_edit_user( $user_ID, $old_data ) { + // Short-circuit it. + if ( ! get_user_option( 'default_password_nag', $user_ID ) ) { + return; + } + + $new_data = get_userdata( $user_ID ); + + // Remove the nag if the password has been changed. + if ( $new_data->user_pass !== $old_data->user_pass ) { + delete_user_setting( 'default_password_nag' ); + update_user_meta( $user_ID, 'default_password_nag', false ); + } +} + +/** + * @since 2.8.0 + * + * @global string $pagenow The filename of the current screen. + */ +function default_password_nag() { + global $pagenow; + + // Short-circuit it. + if ( 'profile.php' === $pagenow || ! get_user_option( 'default_password_nag' ) ) { + return; + } + + $default_password_nag_message = sprintf( + '<p><strong>%1$s</strong> %2$s</p>', + __( 'Notice:' ), + __( 'You are using the auto-generated password for your account. Would you like to change it?' ) + ); + $default_password_nag_message .= sprintf( + '<p><a href="%1$s">%2$s</a> | ', + esc_url( get_edit_profile_url() . '#password' ), + __( 'Yes, take me to my profile page' ) + ); + $default_password_nag_message .= sprintf( + '<a href="%1$s" id="default-password-nag-no">%2$s</a></p>', + '?default_password_nag=0', + __( 'No thanks, do not remind me again' ) + ); + + wp_admin_notice( + $default_password_nag_message, + array( + 'additional_classes' => array( 'error', 'default-password-nag' ), + 'paragraph_wrap' => false, + ) + ); +} + +/** + * @since 3.5.0 + * @access private + */ +function delete_users_add_js() { + ?> +<script> +jQuery( function($) { + var submit = $('#submit').prop('disabled', true); + $('input[name="delete_option"]').one('change', function() { + submit.prop('disabled', false); + }); + $('#reassign_user').focus( function() { + $('#delete_option1').prop('checked', true).trigger('change'); + }); +} ); +</script> + <?php +} + +/** + * Optional SSL preference that can be turned on by hooking to the 'personal_options' action. + * + * See the {@see 'personal_options'} action. + * + * @since 2.7.0 + * + * @param WP_User $user User data object. + */ +function use_ssl_preference( $user ) { + ?> + <tr class="user-use-ssl-wrap"> + <th scope="row"><?php _e( 'Use https' ); ?></th> + <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked( '1', $user->use_ssl ); ?> /> <?php _e( 'Always use https when visiting the admin' ); ?></label></td> + </tr> + <?php +} + +/** + * @since MU (3.0.0) + * + * @param string $text + * @return string + */ +function admin_created_user_email( $text ) { + $roles = get_editable_roles(); + $role = $roles[ $_REQUEST['role'] ]; + + if ( '' !== get_bloginfo( 'name' ) ) { + $site_title = wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ); + } else { + $site_title = parse_url( home_url(), PHP_URL_HOST ); + } + + return sprintf( + /* translators: 1: Site title, 2: Site URL, 3: User role. */ + __( + 'Hi, +You\'ve been invited to join \'%1$s\' at +%2$s with the role of %3$s. +If you do not want to join this site please ignore +this email. This invitation will expire in a few days. + +Please click the following link to activate your user account: +%%s' + ), + $site_title, + home_url(), + wp_specialchars_decode( translate_user_role( $role['name'] ) ) + ); +} + +/** + * Checks if the Authorize Application Password request is valid. + * + * @since 5.6.0 + * @since 6.2.0 Allow insecure HTTP connections for the local environment. + * @since 6.3.2 Validates the success and reject URLs to prevent javascript pseudo protocol being executed. + * + * @param array $request { + * The array of request data. All arguments are optional and may be empty. + * + * @type string $app_name The suggested name of the application. + * @type string $app_id A UUID provided by the application to uniquely identify it. + * @type string $success_url The URL the user will be redirected to after approving the application. + * @type string $reject_url The URL the user will be redirected to after rejecting the application. + * } + * @param WP_User $user The user authorizing the application. + * @return true|WP_Error True if the request is valid, a WP_Error object contains errors if not. + */ +function wp_is_authorize_application_password_request_valid( $request, $user ) { + $error = new WP_Error(); + + if ( isset( $request['success_url'] ) ) { + $validated_success_url = wp_is_authorize_application_redirect_url_valid( $request['success_url'] ); + if ( is_wp_error( $validated_success_url ) ) { + $error->add( + $validated_success_url->get_error_code(), + $validated_success_url->get_error_message() + ); + } + } + + if ( isset( $request['reject_url'] ) ) { + $validated_reject_url = wp_is_authorize_application_redirect_url_valid( $request['reject_url'] ); + if ( is_wp_error( $validated_reject_url ) ) { + $error->add( + $validated_reject_url->get_error_code(), + $validated_reject_url->get_error_message() + ); + } + } + + if ( ! empty( $request['app_id'] ) && ! wp_is_uuid( $request['app_id'] ) ) { + $error->add( + 'invalid_app_id', + __( 'The application ID must be a UUID.' ) + ); + } + + /** + * Fires before application password errors are returned. + * + * @since 5.6.0 + * + * @param WP_Error $error The error object. + * @param array $request The array of request data. + * @param WP_User $user The user authorizing the application. + */ + do_action( 'wp_authorize_application_password_request_errors', $error, $request, $user ); + + if ( $error->has_errors() ) { + return $error; + } + + return true; +} + +/** + * Validates the redirect URL protocol scheme. The protocol can be anything except http and javascript. + * + * @since 6.3.2 + * + * @param string $url - The redirect URL to be validated. + * + * @return true|WP_Error True if the redirect URL is valid, a WP_Error object otherwise. + */ +function wp_is_authorize_application_redirect_url_valid( $url ) { + $bad_protocols = array( 'javascript', 'data' ); + if ( empty( $url ) ) { + return true; + } + + // Based on https://www.rfc-editor.org/rfc/rfc2396#section-3.1 + $valid_scheme_regex = '/^[a-zA-Z][a-zA-Z0-9+.-]*:/'; + if ( ! preg_match( $valid_scheme_regex, $url ) ) { + return new WP_Error( + 'invalid_redirect_url_format', + __( 'Invalid URL format.' ) + ); + } + + /** + * Filters the list of invalid protocols used in applications redirect URLs. + * + * @since 6.3.2 + * + * @param string[] $bad_protocols Array of invalid protocols. + * @param string $url The redirect URL to be validated. + */ + $invalid_protocols = array_map( 'strtolower', apply_filters( 'wp_authorize_application_redirect_url_invalid_protocols', $bad_protocols, $url ) ); + + $scheme = wp_parse_url( $url, PHP_URL_SCHEME ); + $host = wp_parse_url( $url, PHP_URL_HOST ); + $is_local = 'local' === wp_get_environment_type(); + + // validates if the proper URI format is applied to the $url + if ( empty( $host ) || empty( $scheme ) || in_array( strtolower( $scheme ), $invalid_protocols, true ) ) { + return new WP_Error( + 'invalid_redirect_url_format', + __( 'Invalid URL format.' ) + ); + } + + if ( 'http' === $scheme && ! $is_local ) { + return new WP_Error( + 'invalid_redirect_scheme', + __( 'The URL must be served over a secure connection.' ) + ); + } + + return true; +} diff --git a/wp-admin/includes/widgets.php b/wp-admin/includes/widgets.php new file mode 100644 index 0000000..682f596 --- /dev/null +++ b/wp-admin/includes/widgets.php @@ -0,0 +1,329 @@ +<?php +/** + * WordPress Widgets Administration API + * + * @package WordPress + * @subpackage Administration + */ + +/** + * Display list of the available widgets. + * + * @since 2.5.0 + * + * @global array $wp_registered_widgets + * @global array $wp_registered_widget_controls + */ +function wp_list_widgets() { + global $wp_registered_widgets, $wp_registered_widget_controls; + + $sort = $wp_registered_widgets; + usort( $sort, '_sort_name_callback' ); + $done = array(); + + foreach ( $sort as $widget ) { + if ( in_array( $widget['callback'], $done, true ) ) { // We already showed this multi-widget. + continue; + } + + $sidebar = is_active_widget( $widget['callback'], $widget['id'], false, false ); + $done[] = $widget['callback']; + + if ( ! isset( $widget['params'][0] ) ) { + $widget['params'][0] = array(); + } + + $args = array( + 'widget_id' => $widget['id'], + 'widget_name' => $widget['name'], + '_display' => 'template', + ); + + if ( isset( $wp_registered_widget_controls[ $widget['id'] ]['id_base'] ) && isset( $widget['params'][0]['number'] ) ) { + $id_base = $wp_registered_widget_controls[ $widget['id'] ]['id_base']; + $args['_temp_id'] = "$id_base-__i__"; + $args['_multi_num'] = next_widget_id_number( $id_base ); + $args['_add'] = 'multi'; + } else { + $args['_add'] = 'single'; + if ( $sidebar ) { + $args['_hide'] = '1'; + } + } + + $control_args = array( + 0 => $args, + 1 => $widget['params'][0], + ); + $sidebar_args = wp_list_widget_controls_dynamic_sidebar( $control_args ); + + wp_widget_control( ...$sidebar_args ); + } +} + +/** + * Callback to sort array by a 'name' key. + * + * @since 3.1.0 + * @access private + * + * @param array $a First array. + * @param array $b Second array. + * @return int + */ +function _sort_name_callback( $a, $b ) { + return strnatcasecmp( $a['name'], $b['name'] ); +} + +/** + * Show the widgets and their settings for a sidebar. + * Used in the admin widget config screen. + * + * @since 2.5.0 + * + * @param string $sidebar Sidebar ID. + * @param string $sidebar_name Optional. Sidebar name. Default empty. + */ +function wp_list_widget_controls( $sidebar, $sidebar_name = '' ) { + add_filter( 'dynamic_sidebar_params', 'wp_list_widget_controls_dynamic_sidebar' ); + + $description = wp_sidebar_description( $sidebar ); + + echo '<div id="' . esc_attr( $sidebar ) . '" class="widgets-sortables">'; + + if ( $sidebar_name ) { + $add_to = sprintf( + /* translators: %s: Widgets sidebar name. */ + __( 'Add to: %s' ), + $sidebar_name + ); + ?> + <div class="sidebar-name" data-add-to="<?php echo esc_attr( $add_to ); ?>"> + <button type="button" class="handlediv hide-if-no-js" aria-expanded="true"> + <span class="screen-reader-text"><?php echo esc_html( $sidebar_name ); ?></span> + <span class="toggle-indicator" aria-hidden="true"></span> + </button> + <h2><?php echo esc_html( $sidebar_name ); ?> <span class="spinner"></span></h2> + </div> + <?php + } + + if ( ! empty( $description ) ) { + ?> + <div class="sidebar-description"> + <p class="description"><?php echo $description; ?></p> + </div> + <?php + } + + dynamic_sidebar( $sidebar ); + + echo '</div>'; +} + +/** + * Retrieves the widget control arguments. + * + * @since 2.5.0 + * + * @global array $wp_registered_widgets + * + * @param array $params + * @return array + */ +function wp_list_widget_controls_dynamic_sidebar( $params ) { + global $wp_registered_widgets; + static $i = 0; + ++$i; + + $widget_id = $params[0]['widget_id']; + $id = isset( $params[0]['_temp_id'] ) ? $params[0]['_temp_id'] : $widget_id; + $hidden = isset( $params[0]['_hide'] ) ? ' style="display:none;"' : ''; + + $params[0]['before_widget'] = "<div id='widget-{$i}_{$id}' class='widget'$hidden>"; + $params[0]['after_widget'] = '</div>'; + $params[0]['before_title'] = '%BEG_OF_TITLE%'; // Deprecated. + $params[0]['after_title'] = '%END_OF_TITLE%'; // Deprecated. + + if ( is_callable( $wp_registered_widgets[ $widget_id ]['callback'] ) ) { + $wp_registered_widgets[ $widget_id ]['_callback'] = $wp_registered_widgets[ $widget_id ]['callback']; + $wp_registered_widgets[ $widget_id ]['callback'] = 'wp_widget_control'; + } + + return $params; +} + +/** + * @global array $wp_registered_widgets + * + * @param string $id_base + * @return int + */ +function next_widget_id_number( $id_base ) { + global $wp_registered_widgets; + $number = 1; + + foreach ( $wp_registered_widgets as $widget_id => $widget ) { + if ( preg_match( '/' . preg_quote( $id_base, '/' ) . '-([0-9]+)$/', $widget_id, $matches ) ) { + $number = max( $number, $matches[1] ); + } + } + ++$number; + + return $number; +} + +/** + * Meta widget used to display the control form for a widget. + * + * Called from dynamic_sidebar(). + * + * @since 2.5.0 + * + * @global array $wp_registered_widgets + * @global array $wp_registered_widget_controls + * @global array $sidebars_widgets + * + * @param array $sidebar_args + * @return array + */ +function wp_widget_control( $sidebar_args ) { + global $wp_registered_widgets, $wp_registered_widget_controls, $sidebars_widgets; + + $widget_id = $sidebar_args['widget_id']; + $sidebar_id = isset( $sidebar_args['id'] ) ? $sidebar_args['id'] : false; + $key = $sidebar_id ? array_search( $widget_id, $sidebars_widgets[ $sidebar_id ], true ) : '-1'; // Position of widget in sidebar. + $control = isset( $wp_registered_widget_controls[ $widget_id ] ) ? $wp_registered_widget_controls[ $widget_id ] : array(); + $widget = $wp_registered_widgets[ $widget_id ]; + + $id_format = $widget['id']; + $widget_number = isset( $control['params'][0]['number'] ) ? $control['params'][0]['number'] : ''; + $id_base = isset( $control['id_base'] ) ? $control['id_base'] : $widget_id; + $width = isset( $control['width'] ) ? $control['width'] : ''; + $height = isset( $control['height'] ) ? $control['height'] : ''; + $multi_number = isset( $sidebar_args['_multi_num'] ) ? $sidebar_args['_multi_num'] : ''; + $add_new = isset( $sidebar_args['_add'] ) ? $sidebar_args['_add'] : ''; + + $before_form = isset( $sidebar_args['before_form'] ) ? $sidebar_args['before_form'] : '<form method="post">'; + $after_form = isset( $sidebar_args['after_form'] ) ? $sidebar_args['after_form'] : '</form>'; + $before_widget_content = isset( $sidebar_args['before_widget_content'] ) ? $sidebar_args['before_widget_content'] : '<div class="widget-content">'; + $after_widget_content = isset( $sidebar_args['after_widget_content'] ) ? $sidebar_args['after_widget_content'] : '</div>'; + + $query_arg = array( 'editwidget' => $widget['id'] ); + if ( $add_new ) { + $query_arg['addnew'] = 1; + if ( $multi_number ) { + $query_arg['num'] = $multi_number; + $query_arg['base'] = $id_base; + } + } else { + $query_arg['sidebar'] = $sidebar_id; + $query_arg['key'] = $key; + } + + /* + * We aren't showing a widget control, we're outputting a template + * for a multi-widget control. + */ + if ( isset( $sidebar_args['_display'] ) && 'template' === $sidebar_args['_display'] && $widget_number ) { + // number == -1 implies a template where id numbers are replaced by a generic '__i__'. + $control['params'][0]['number'] = -1; + // With id_base widget ID's are constructed like {$id_base}-{$id_number}. + if ( isset( $control['id_base'] ) ) { + $id_format = $control['id_base'] . '-__i__'; + } + } + + $wp_registered_widgets[ $widget_id ]['callback'] = $wp_registered_widgets[ $widget_id ]['_callback']; + unset( $wp_registered_widgets[ $widget_id ]['_callback'] ); + + $widget_title = esc_html( strip_tags( $sidebar_args['widget_name'] ) ); + $has_form = 'noform'; + + echo $sidebar_args['before_widget']; + ?> + <div class="widget-top"> + <div class="widget-title-action"> + <button type="button" class="widget-action hide-if-no-js" aria-expanded="false"> + <span class="screen-reader-text edit"> + <?php + /* translators: Hidden accessibility text. %s: Widget title. */ + printf( __( 'Edit widget: %s' ), $widget_title ); + ?> + </span> + <span class="screen-reader-text add"> + <?php + /* translators: Hidden accessibility text. %s: Widget title. */ + printf( __( 'Add widget: %s' ), $widget_title ); + ?> + </span> + <span class="toggle-indicator" aria-hidden="true"></span> + </button> + <a class="widget-control-edit hide-if-js" href="<?php echo esc_url( add_query_arg( $query_arg ) ); ?>"> + <span class="edit"><?php _ex( 'Edit', 'widget' ); ?></span> + <span class="add"><?php _ex( 'Add', 'widget' ); ?></span> + <span class="screen-reader-text"><?php echo $widget_title; ?></span> + </a> + </div> + <div class="widget-title"><h3><?php echo $widget_title; ?><span class="in-widget-title"></span></h3></div> + </div> + + <div class="widget-inside"> + <?php echo $before_form; ?> + <?php echo $before_widget_content; ?> + <?php + if ( isset( $control['callback'] ) ) { + $has_form = call_user_func_array( $control['callback'], $control['params'] ); + } else { + echo "\t\t<p>" . __( 'There are no options for this widget.' ) . "</p>\n"; + } + + $noform_class = ''; + if ( 'noform' === $has_form ) { + $noform_class = ' widget-control-noform'; + } + ?> + <?php echo $after_widget_content; ?> + <input type="hidden" name="widget-id" class="widget-id" value="<?php echo esc_attr( $id_format ); ?>" /> + <input type="hidden" name="id_base" class="id_base" value="<?php echo esc_attr( $id_base ); ?>" /> + <input type="hidden" name="widget-width" class="widget-width" value="<?php echo esc_attr( $width ); ?>" /> + <input type="hidden" name="widget-height" class="widget-height" value="<?php echo esc_attr( $height ); ?>" /> + <input type="hidden" name="widget_number" class="widget_number" value="<?php echo esc_attr( $widget_number ); ?>" /> + <input type="hidden" name="multi_number" class="multi_number" value="<?php echo esc_attr( $multi_number ); ?>" /> + <input type="hidden" name="add_new" class="add_new" value="<?php echo esc_attr( $add_new ); ?>" /> + + <div class="widget-control-actions"> + <div class="alignleft"> + <button type="button" class="button-link button-link-delete widget-control-remove"><?php _e( 'Delete' ); ?></button> + <span class="widget-control-close-wrapper"> + | <button type="button" class="button-link widget-control-close"><?php _e( 'Done' ); ?></button> + </span> + </div> + <div class="alignright<?php echo $noform_class; ?>"> + <?php submit_button( __( 'Save' ), 'primary widget-control-save right', 'savewidget', false, array( 'id' => 'widget-' . esc_attr( $id_format ) . '-savewidget' ) ); ?> + <span class="spinner"></span> + </div> + <br class="clear" /> + </div> + <?php echo $after_form; ?> + </div> + + <div class="widget-description"> + <?php + $widget_description = wp_widget_description( $widget_id ); + echo ( $widget_description ) ? "$widget_description\n" : "$widget_title\n"; + ?> + </div> + <?php + echo $sidebar_args['after_widget']; + + return $sidebar_args; +} + +/** + * @param string $classes + * @return string + */ +function wp_widgets_access_body_class( $classes ) { + return "$classes widgets_access "; +} |