/**
* WordPress implementation for PHP functions either missing from older PHP versions or not included by default.
*
* @package PHP
* @access private
*/
// If gettext isn't available
if ( ! function_exists( '_' ) ) {
function _( $string ) {
return $string;
}
}
/**
* Returns whether PCRE/u (PCRE_UTF8 modifier) is available for use.
*
* @ignore
* @since 4.2.2
* @access private
*
* @staticvar string $utf8_pcre
*
* @param bool $set - Used for testing only
* null : default - get PCRE/u capability
* false : Used for testing - return false for future calls to this function
* 'reset': Used for testing - restore default behavior of this function
*/
function _wp_can_use_pcre_u( $set = null ) {
static $utf8_pcre = 'reset';
if ( null !== $set ) {
$utf8_pcre = $set;
}
if ( 'reset' === $utf8_pcre ) {
$utf8_pcre = @preg_match( '/^./u', 'a' );
}
return $utf8_pcre;
}
if ( ! function_exists( 'mb_substr' ) ) :
/**
* Compat function to mimic mb_substr().
*
* @ignore
* @since 3.2.0
*
* @see _mb_substr()
*
* @param string $str The string to extract the substring from.
* @param int $start Position to being extraction from in `$str`.
* @param int|null $length Optional. Maximum number of characters to extract from `$str`.
* Default null.
* @param string|null $encoding Optional. Character encoding to use. Default null.
* @return string Extracted substring.
*/
function mb_substr( $str, $start, $length = null, $encoding = null ) {
return _mb_substr( $str, $start, $length, $encoding );
}
endif;
/**
* Internal compat function to mimic mb_substr().
*
* Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit.
* For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence.
* The behavior of this function for invalid inputs is undefined.
*
* @ignore
* @since 3.2.0
*
* @param string $str The string to extract the substring from.
* @param int $start Position to being extraction from in `$str`.
* @param int|null $length Optional. Maximum number of characters to extract from `$str`.
* Default null.
* @param string|null $encoding Optional. Character encoding to use. Default null.
* @return string Extracted substring.
*/
function _mb_substr( $str, $start, $length = null, $encoding = null ) {
if ( null === $encoding ) {
$encoding = get_option( 'blog_charset' );
}
/*
* The solution below works only for UTF-8, so in case of a different
* charset just use built-in substr().
*/
if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) {
return is_null( $length ) ? substr( $str, $start ) : substr( $str, $start, $length );
}
if ( _wp_can_use_pcre_u() ) {
// Use the regex unicode support to separate the UTF-8 characters into an array.
preg_match_all( '/./us', $str, $match );
$chars = is_null( $length ) ? array_slice( $match[0], $start ) : array_slice( $match[0], $start, $length );
return implode( '', $chars );
}
$regex = '/(
[\x00-\x7F] # single-byte sequences 0xxxxxxx
| [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx
| \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2
| [\xE1-\xEC][\x80-\xBF]{2}
| \xED[\x80-\x9F][\x80-\xBF]
| [\xEE-\xEF][\x80-\xBF]{2}
| \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3
| [\xF1-\xF3][\x80-\xBF]{3}
| \xF4[\x80-\x8F][\x80-\xBF]{2}
)/x';
// Start with 1 element instead of 0 since the first thing we do is pop.
$chars = array( '' );
do {
// We had some string left over from the last round, but we counted it in that last round.
array_pop( $chars );
/*
* Split by UTF-8 character, limit to 1000 characters (last array element will contain
* the rest of the string).
*/
$pieces = preg_split( $regex, $str, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY );
$chars = array_merge( $chars, $pieces );
// If there's anything left over, repeat the loop.
} while ( count( $pieces ) > 1 && $str = array_pop( $pieces ) );
return join( '', array_slice( $chars, $start, $length ) );
}
if ( ! function_exists( 'mb_strlen' ) ) :
/**
* Compat function to mimic mb_strlen().
*
* @ignore
* @since 4.2.0
*
* @see _mb_strlen()
*
* @param string $str The string to retrieve the character length from.
* @param string|null $encoding Optional. Character encoding to use. Default null.
* @return int String length of `$str`.
*/
function mb_strlen( $str, $encoding = null ) {
return _mb_strlen( $str, $encoding );
}
endif;
/**
* Internal compat function to mimic mb_strlen().
*
* Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit.
* For $encoding === UTF-8, the `$str` input is expected to be a valid UTF-8 byte
* sequence. The behavior of this function for invalid inputs is undefined.
*
* @ignore
* @since 4.2.0
*
* @param string $str The string to retrieve the character length from.
* @param string|null $encoding Optional. Character encoding to use. Default null.
* @return int String length of `$str`.
*/
function _mb_strlen( $str, $encoding = null ) {
if ( null === $encoding ) {
$encoding = get_option( 'blog_charset' );
}
/*
* The solution below works only for UTF-8, so in case of a different charset
* just use built-in strlen().
*/
if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) {
return strlen( $str );
}
if ( _wp_can_use_pcre_u() ) {
// Use the regex unicode support to separate the UTF-8 characters into an array.
preg_match_all( '/./us', $str, $match );
return count( $match[0] );
}
$regex = '/(?:
[\x00-\x7F] # single-byte sequences 0xxxxxxx
| [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx
| \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2
| [\xE1-\xEC][\x80-\xBF]{2}
| \xED[\x80-\x9F][\x80-\xBF]
| [\xEE-\xEF][\x80-\xBF]{2}
| \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3
| [\xF1-\xF3][\x80-\xBF]{3}
| \xF4[\x80-\x8F][\x80-\xBF]{2}
)/x';
// Start at 1 instead of 0 since the first thing we do is decrement.
$count = 1;
do {
// We had some string left over from the last round, but we counted it in that last round.
$count--;
/*
* Split by UTF-8 character, limit to 1000 characters (last array element will contain
* the rest of the string).
*/
$pieces = preg_split( $regex, $str, 1000 );
// Increment.
$count += count( $pieces );
// If there's anything left over, repeat the loop.
} while ( $str = array_pop( $pieces ) );
// Fencepost: preg_split() always returns one extra item in the array.
return --$count;
}
if ( ! function_exists( 'hash_hmac' ) ) :
/**
* Compat function to mimic hash_hmac().
*
* @ignore
* @since 3.2.0
*
* @see _hash_hmac()
*
* @param string $algo Hash algorithm. Accepts 'md5' or 'sha1'.
* @param string $data Data to be hashed.
* @param string $key Secret key to use for generating the hash.
* @param bool $raw_output Optional. Whether to output raw binary data (true),
* or lowercase hexits (false). Default false.
* @return string|false The hash in output determined by `$raw_output`. False if `$algo`
* is unknown or invalid.
*/
function hash_hmac( $algo, $data, $key, $raw_output = false ) {
return _hash_hmac( $algo, $data, $key, $raw_output );
}
endif;
/**
* Internal compat function to mimic hash_hmac().
*
* @ignore
* @since 3.2.0
*
* @param string $algo Hash algorithm. Accepts 'md5' or 'sha1'.
* @param string $data Data to be hashed.
* @param string $key Secret key to use for generating the hash.
* @param bool $raw_output Optional. Whether to output raw binary data (true),
* or lowercase hexits (false). Default false.
* @return string|false The hash in output determined by `$raw_output`. False if `$algo`
* is unknown or invalid.
*/
function _hash_hmac( $algo, $data, $key, $raw_output = false ) {
$packs = array(
'md5' => 'H32',
'sha1' => 'H40',
);
if ( ! isset( $packs[ $algo ] ) ) {
return false;
}
$pack = $packs[ $algo ];
if ( strlen( $key ) > 64 ) {
$key = pack( $pack, $algo( $key ) );
}
$key = str_pad( $key, 64, chr( 0 ) );
$ipad = ( substr( $key, 0, 64 ) ^ str_repeat( chr( 0x36 ), 64 ) );
$opad = ( substr( $key, 0, 64 ) ^ str_repeat( chr( 0x5C ), 64 ) );
$hmac = $algo( $opad . pack( $pack, $algo( $ipad . $data ) ) );
if ( $raw_output ) {
return pack( $pack, $hmac );
}
return $hmac;
}
if ( ! function_exists( 'json_encode' ) ) {
function json_encode( $string ) {
global $wp_json;
if ( ! ( $wp_json instanceof Services_JSON ) ) {
require_once( ABSPATH . WPINC . '/class-json.php' );
$wp_json = new Services_JSON();
}
return $wp_json->encodeUnsafe( $string );
}
}
if ( ! function_exists( 'json_decode' ) ) {
/**
* @global Services_JSON $wp_json
* @param string $string
* @param bool $assoc_array
* @return object|array
*/
function json_decode( $string, $assoc_array = false ) {
global $wp_json;
if ( ! ( $wp_json instanceof Services_JSON ) ) {
require_once( ABSPATH . WPINC . '/class-json.php' );
$wp_json = new Services_JSON();
}
$res = $wp_json->decode( $string );
if ( $assoc_array ) {
$res = _json_decode_object_helper( $res );
}
return $res;
}
/**
* @param object $data
* @return array
*/
function _json_decode_object_helper( $data ) {
if ( is_object( $data ) ) {
$data = get_object_vars( $data );
}
return is_array( $data ) ? array_map( __FUNCTION__, $data ) : $data;
}
}
if ( ! function_exists( 'hash_equals' ) ) :
/**
* Timing attack safe string comparison
*
* Compares two strings using the same time whether they're equal or not.
*
* This function was added in PHP 5.6.
*
* Note: It can leak the length of a string when arguments of differing length are supplied.
*
* @since 3.9.2
*
* @param string $a Expected string.
* @param string $b Actual, user supplied, string.
* @return bool Whether strings are equal.
*/
function hash_equals( $a, $b ) {
$a_length = strlen( $a );
if ( $a_length !== strlen( $b ) ) {
return false;
}
$result = 0;
// Do not attempt to "optimize" this.
for ( $i = 0; $i < $a_length; $i++ ) {
$result |= ord( $a[ $i ] ) ^ ord( $b[ $i ] );
}
return $result === 0;
}
endif;
// JSON_PRETTY_PRINT was introduced in PHP 5.4
// Defined here to prevent a notice when using it with wp_json_encode()
if ( ! defined( 'JSON_PRETTY_PRINT' ) ) {
define( 'JSON_PRETTY_PRINT', 128 );
}
if ( ! function_exists( 'json_last_error_msg' ) ) :
/**
* Retrieves the error string of the last json_encode() or json_decode() call.
*
* @since 4.4.0
*
* @internal This is a compatibility function for PHP <5.5
*
* @return bool|string Returns the error message on success, "No Error" if no error has occurred,
* or false on failure.
*/
function json_last_error_msg() {
// See https://core.trac.wordpress.org/ticket/27799.
if ( ! function_exists( 'json_last_error' ) ) {
return false;
}
$last_error_code = json_last_error();
// Just in case JSON_ERROR_NONE is not defined.
$error_code_none = defined( 'JSON_ERROR_NONE' ) ? JSON_ERROR_NONE : 0;
switch ( true ) {
case $last_error_code === $error_code_none:
return 'No error';
case defined( 'JSON_ERROR_DEPTH' ) && JSON_ERROR_DEPTH === $last_error_code:
return 'Maximum stack depth exceeded';
case defined( 'JSON_ERROR_STATE_MISMATCH' ) && JSON_ERROR_STATE_MISMATCH === $last_error_code:
return 'State mismatch (invalid or malformed JSON)';
case defined( 'JSON_ERROR_CTRL_CHAR' ) && JSON_ERROR_CTRL_CHAR === $last_error_code:
return 'Control character error, possibly incorrectly encoded';
case defined( 'JSON_ERROR_SYNTAX' ) && JSON_ERROR_SYNTAX === $last_error_code:
return 'Syntax error';
case defined( 'JSON_ERROR_UTF8' ) && JSON_ERROR_UTF8 === $last_error_code:
return 'Malformed UTF-8 characters, possibly incorrectly encoded';
case defined( 'JSON_ERROR_RECURSION' ) && JSON_ERROR_RECURSION === $last_error_code:
return 'Recursion detected';
case defined( 'JSON_ERROR_INF_OR_NAN' ) && JSON_ERROR_INF_OR_NAN === $last_error_code:
return 'Inf and NaN cannot be JSON encoded';
case defined( 'JSON_ERROR_UNSUPPORTED_TYPE' ) && JSON_ERROR_UNSUPPORTED_TYPE === $last_error_code:
return 'Type is not supported';
default:
return 'An unknown error occurred';
}
}
endif;
if ( ! interface_exists( 'JsonSerializable' ) ) {
define( 'WP_JSON_SERIALIZE_COMPATIBLE', true );
/**
* JsonSerializable interface.
*
* Compatibility shim for PHP <5.4
*
* @link https://secure.php.net/jsonserializable
*
* @since 4.4.0
*/
interface JsonSerializable {
public function jsonSerialize();
}
}
// random_int was introduced in PHP 7.0
if ( ! function_exists( 'random_int' ) ) {
require ABSPATH . WPINC . '/random_compat/random.php';
}
// sodium_crypto_box was introduced in PHP 7.2
if ( ! function_exists( 'sodium_crypto_box' ) ) {
require ABSPATH . WPINC . '/sodium_compat/autoload.php';
}
if ( ! function_exists( 'array_replace_recursive' ) ) :
/**
* PHP-agnostic version of {@link array_replace_recursive()}.
*
* The array_replace_recursive() function is a PHP 5.3 function. WordPress
* currently supports down to PHP 5.2, so this method is a workaround
* for PHP 5.2.
*
* Note: array_replace_recursive() supports infinite arguments, but for our use-
* case, we only need to support two arguments.
*
* Subject to removal once WordPress makes PHP 5.3.0 the minimum requirement.
*
* @since 4.5.3
*
* @see https://secure.php.net/manual/en/function.array-replace-recursive.php#109390
*
* @param array $base Array with keys needing to be replaced.
* @param array $replacements Array with the replaced keys.
*
* @return array
*/
function array_replace_recursive( $base = array(), $replacements = array() ) {
foreach ( array_slice( func_get_args(), 1 ) as $replacements ) {
$bref_stack = array( &$base );
$head_stack = array( $replacements );
do {
end( $bref_stack );
$bref = &$bref_stack[ key( $bref_stack ) ];
$head = array_pop( $head_stack );
unset( $bref_stack[ key( $bref_stack ) ] );
foreach ( array_keys( $head ) as $key ) {
if ( isset( $key, $bref ) &&
isset( $bref[ $key ] ) && is_array( $bref[ $key ] ) &&
isset( $head[ $key ] ) && is_array( $head[ $key ] ) ) {
$bref_stack[] = &$bref[ $key ];
$head_stack[] = $head[ $key ];
} else {
$bref[ $key ] = $head[ $key ];
}
}
} while ( count( $head_stack ) );
}
return $base;
}
endif;
/**
* Polyfill for the SPL autoloader. In PHP 5.2 (but not 5.3 and later), SPL can
* be disabled, and PHP 7.2 raises notices if the compiler finds an __autoload()
* function declaration. Function availability is checked here, and the
* autoloader is included only if necessary.
*/
if ( ! function_exists( 'spl_autoload_register' ) ) {
require_once ABSPATH . WPINC . '/spl-autoload-compat.php';
}
if ( ! function_exists( 'is_countable' ) ) {
/**
* Polyfill for is_countable() function added in PHP 7.3.
*
* Verify that the content of a variable is an array or an object
* implementing the Countable interface.
*
* @since 4.9.6
*
* @param mixed $var The value to check.
*
* @return bool True if `$var` is countable, false otherwise.
*/
function is_countable( $var ) {
return ( is_array( $var )
|| $var instanceof Countable
|| $var instanceof SimpleXMLElement
|| $var instanceof ResourceBundle
);
}
}
if ( ! function_exists( 'is_iterable' ) ) {
/**
* Polyfill for is_iterable() function added in PHP 7.1.
*
* Verify that the content of a variable is an array or an object
* implementing the Traversable interface.
*
* @since 4.9.6
*
* @param mixed $var The value to check.
*
* @return bool True if `$var` is iterable, false otherwise.
*/
function is_iterable( $var ) {
return ( is_array( $var ) || $var instanceof Traversable );
}
}
if ( ! function_exists( 'str_starts_with' ) ) {
/**
* Polyfill for `str_starts_with()` function added in PHP 8.0.
*
* Performs a case-sensitive check indicating if
* the haystack begins with needle.
*
* @since 5.9.0
*
* @param string $haystack The string to search in.
* @param string $needle The substring to search for in the `$haystack`.
* @return bool True if `$haystack` starts with `$needle`, otherwise false.
*/
function str_starts_with( $haystack, $needle ) {
if ( '' === $needle ) {
return true;
}
return 0 === strpos( $haystack, $needle );
}
}
if ( ! function_exists( 'str_ends_with' ) ) {
/**
* Polyfill for `str_ends_with()` function added in PHP 8.0.
*
* Performs a case-sensitive check indicating if
* the haystack ends with needle.
*
* @since 5.9.0
*
* @param string $haystack The string to search in.
* @param string $needle The substring to search for in the `$haystack`.
* @return bool True if `$haystack` ends with `$needle`, otherwise false.
*/
function str_ends_with( $haystack, $needle ) {
if ( '' === $haystack ) {
return '' === $needle;
}
$len = strlen( $needle );
return substr( $haystack, -$len, $len ) === $needle;
}
}
/**
* Class for working with MO files
*
* @version $Id: mo.php 1157 2015-11-20 04:30:11Z dd32 $
* @package pomo
* @subpackage mo
*/
require_once dirname( __FILE__ ) . '/translations.php';
require_once dirname( __FILE__ ) . '/streams.php';
if ( ! class_exists( 'MO', false ) ) :
class MO extends Gettext_Translations {
var $_nplurals = 2;
/**
* Loaded MO file.
*
* @var string
*/
private $filename = '';
/**
* Returns the loaded MO file.
*
* @return string The loaded MO file.
*/
public function get_filename() {
return $this->filename;
}
/**
* Fills up with the entries from MO file $filename
*
* @param string $filename MO file to load
* @return bool True if the import from file was successful, otherwise false.
*/
function import_from_file( $filename ) {
$reader = new POMO_FileReader( $filename );
if ( ! $reader->is_resource() ) {
return false;
}
$this->filename = (string) $filename;
return $this->import_from_reader( $reader );
}
/**
* @param string $filename
* @return bool
*/
function export_to_file( $filename ) {
$fh = fopen( $filename, 'wb' );
if ( ! $fh ) {
return false;
}
$res = $this->export_to_file_handle( $fh );
fclose( $fh );
return $res;
}
/**
* @return string|false
*/
function export() {
$tmp_fh = fopen( 'php://temp', 'r+' );
if ( ! $tmp_fh ) {
return false;
}
$this->export_to_file_handle( $tmp_fh );
rewind( $tmp_fh );
return stream_get_contents( $tmp_fh );
}
/**
* @param Translation_Entry $entry
* @return bool
*/
function is_entry_good_for_export( $entry ) {
if ( empty( $entry->translations ) ) {
return false;
}
if ( ! array_filter( $entry->translations ) ) {
return false;
}
return true;
}
/**
* @param resource $fh
* @return true
*/
function export_to_file_handle( $fh ) {
$entries = array_filter( $this->entries, array( $this, 'is_entry_good_for_export' ) );
ksort( $entries );
$magic = 0x950412de;
$revision = 0;
$total = count( $entries ) + 1; // all the headers are one entry
$originals_lenghts_addr = 28;
$translations_lenghts_addr = $originals_lenghts_addr + 8 * $total;
$size_of_hash = 0;
$hash_addr = $translations_lenghts_addr + 8 * $total;
$current_addr = $hash_addr;
fwrite(
$fh,
pack(
'V*',
$magic,
$revision,
$total,
$originals_lenghts_addr,
$translations_lenghts_addr,
$size_of_hash,
$hash_addr
)
);
fseek( $fh, $originals_lenghts_addr );
// headers' msgid is an empty string
fwrite( $fh, pack( 'VV', 0, $current_addr ) );
$current_addr++;
$originals_table = "\0";
$reader = new POMO_Reader();
foreach ( $entries as $entry ) {
$originals_table .= $this->export_original( $entry ) . "\0";
$length = $reader->strlen( $this->export_original( $entry ) );
fwrite( $fh, pack( 'VV', $length, $current_addr ) );
$current_addr += $length + 1; // account for the NULL byte after
}
$exported_headers = $this->export_headers();
fwrite( $fh, pack( 'VV', $reader->strlen( $exported_headers ), $current_addr ) );
$current_addr += strlen( $exported_headers ) + 1;
$translations_table = $exported_headers . "\0";
foreach ( $entries as $entry ) {
$translations_table .= $this->export_translations( $entry ) . "\0";
$length = $reader->strlen( $this->export_translations( $entry ) );
fwrite( $fh, pack( 'VV', $length, $current_addr ) );
$current_addr += $length + 1;
}
fwrite( $fh, $originals_table );
fwrite( $fh, $translations_table );
return true;
}
/**
* @param Translation_Entry $entry
* @return string
*/
function export_original( $entry ) {
//TODO: warnings for control characters
$exported = $entry->singular;
if ( $entry->is_plural ) {
$exported .= "\0" . $entry->plural;
}
if ( $entry->context ) {
$exported = $entry->context . "\4" . $exported;
}
return $exported;
}
/**
* @param Translation_Entry $entry
* @return string
*/
function export_translations( $entry ) {
//TODO: warnings for control characters
return $entry->is_plural ? implode( "\0", $entry->translations ) : $entry->translations[0];
}
/**
* @return string
*/
function export_headers() {
$exported = '';
foreach ( $this->headers as $header => $value ) {
$exported .= "$header: $value\n";
}
return $exported;
}
/**
* @param int $magic
* @return string|false
*/
function get_byteorder( $magic ) {
// The magic is 0x950412de
// bug in PHP 5.0.2, see https://savannah.nongnu.org/bugs/?func=detailitem&item_id=10565
$magic_little = (int) - 1794895138;
$magic_little_64 = (int) 2500072158;
// 0xde120495
$magic_big = ( (int) - 569244523 ) & 0xFFFFFFFF;
if ( $magic_little == $magic || $magic_little_64 == $magic ) {
return 'little';
} elseif ( $magic_big == $magic ) {
return 'big';
} else {
return false;
}
}
/**
* @param POMO_FileReader $reader
* @return bool True if the import was successful, otherwise false.
*/
function import_from_reader( $reader ) {
$endian_string = MO::get_byteorder( $reader->readint32() );
if ( false === $endian_string ) {
return false;
}
$reader->setEndian( $endian_string );
$endian = ( 'big' == $endian_string ) ? 'N' : 'V';
$header = $reader->read( 24 );
if ( $reader->strlen( $header ) != 24 ) {
return false;
}
// parse header
$header = unpack( "{$endian}revision/{$endian}total/{$endian}originals_lenghts_addr/{$endian}translations_lenghts_addr/{$endian}hash_length/{$endian}hash_addr", $header );
if ( ! is_array( $header ) ) {
return false;
}
// support revision 0 of MO format specs, only
if ( $header['revision'] != 0 ) {
return false;
}
// seek to data blocks
$reader->seekto( $header['originals_lenghts_addr'] );
// read originals' indices
$originals_lengths_length = $header['translations_lenghts_addr'] - $header['originals_lenghts_addr'];
if ( $originals_lengths_length != $header['total'] * 8 ) {
return false;
}
$originals = $reader->read( $originals_lengths_length );
if ( $reader->strlen( $originals ) != $originals_lengths_length ) {
return false;
}
// read translations' indices
$translations_lenghts_length = $header['hash_addr'] - $header['translations_lenghts_addr'];
if ( $translations_lenghts_length != $header['total'] * 8 ) {
return false;
}
$translations = $reader->read( $translations_lenghts_length );
if ( $reader->strlen( $translations ) != $translations_lenghts_length ) {
return false;
}
// transform raw data into set of indices
$originals = $reader->str_split( $originals, 8 );
$translations = $reader->str_split( $translations, 8 );
// skip hash table
$strings_addr = $header['hash_addr'] + $header['hash_length'] * 4;
$reader->seekto( $strings_addr );
$strings = $reader->read_all();
$reader->close();
for ( $i = 0; $i < $header['total']; $i++ ) {
$o = unpack( "{$endian}length/{$endian}pos", $originals[ $i ] );
$t = unpack( "{$endian}length/{$endian}pos", $translations[ $i ] );
if ( ! $o || ! $t ) {
return false;
}
// adjust offset due to reading strings to separate space before
$o['pos'] -= $strings_addr;
$t['pos'] -= $strings_addr;
$original = $reader->substr( $strings, $o['pos'], $o['length'] );
$translation = $reader->substr( $strings, $t['pos'], $t['length'] );
if ( '' === $original ) {
$this->set_headers( $this->make_headers( $translation ) );
} else {
$entry = &$this->make_entry( $original, $translation );
$this->entries[ $entry->key() ] = &$entry;
}
}
return true;
}
/**
* Build a Translation_Entry from original string and translation strings,
* found in a MO file
*
* @static
* @param string $original original string to translate from MO file. Might contain
* 0x04 as context separator or 0x00 as singular/plural separator
* @param string $translation translation string from MO file. Might contain
* 0x00 as a plural translations separator
* @return Translation_Entry Entry instance.
*/
function &make_entry( $original, $translation ) {
$entry = new Translation_Entry();
// Look for context, separated by \4.
$parts = explode( "\4", $original );
if ( isset( $parts[1] ) ) {
$original = $parts[1];
$entry->context = $parts[0];
}
// look for plural original
$parts = explode( "\0", $original );
$entry->singular = $parts[0];
if ( isset( $parts[1] ) ) {
$entry->is_plural = true;
$entry->plural = $parts[1];
}
// plural translations are also separated by \0
$entry->translations = explode( "\0", $translation );
return $entry;
}
/**
* @param int $count
* @return string
*/
function select_plural_form( $count ) {
return $this->gettext_select_plural_form( $count );
}
/**
* @return int
*/
function get_plural_forms_count() {
return $this->_nplurals;
}
}
endif;
/**
* Core Translation API
*
* @package WordPress
* @subpackage i18n
* @since 1.2.0
*/
/**
* Retrieves the current locale.
*
* If the locale is set, then it will filter the locale in the {@see 'locale'}
* filter hook and return the value.
*
* If the locale is not set already, then the WPLANG constant is used if it is
* defined. Then it is filtered through the {@see 'locale'} filter hook and
* the value for the locale global set and the locale is returned.
*
* The process to get the locale should only be done once, but the locale will
* always be filtered using the {@see 'locale'} hook.
*
* @since 1.5.0
*
* @global string $locale
* @global string $wp_local_package
*
* @return string The locale of the blog or from the {@see 'locale'} hook.
*/
function get_locale() {
global $locale, $wp_local_package;
if ( isset( $locale ) ) {
/**
* Filters the locale ID of the WordPress installation.
*
* @since 1.5.0
*
* @param string $locale The locale ID.
*/
return apply_filters( 'locale', $locale );
}
if ( isset( $wp_local_package ) ) {
$locale = $wp_local_package;
}
// WPLANG was defined in wp-config.
if ( defined( 'WPLANG' ) ) {
$locale = WPLANG;
}
// If multisite, check options.
if ( is_multisite() ) {
// Don't check blog option when installing.
if ( wp_installing() || ( false === $ms_locale = get_option( 'WPLANG' ) ) ) {
$ms_locale = get_site_option( 'WPLANG' );
}
if ( $ms_locale !== false ) {
$locale = $ms_locale;
}
} else {
$db_locale = get_option( 'WPLANG' );
if ( $db_locale !== false ) {
$locale = $db_locale;
}
}
if ( empty( $locale ) ) {
$locale = 'en_US';
}
/** This filter is documented in wp-includes/l10n.php */
return apply_filters( 'locale', $locale );
}
/**
* Retrieves the locale of a user.
*
* If the user has a locale set to a non-empty string then it will be
* returned. Otherwise it returns the locale of get_locale().
*
* @since 4.7.0
*
* @param int|WP_User $user_id User's ID or a WP_User object. Defaults to current user.
* @return string The locale of the user.
*/
function get_user_locale( $user_id = 0 ) {
$user = false;
if ( 0 === $user_id && function_exists( 'wp_get_current_user' ) ) {
$user = wp_get_current_user();
} elseif ( $user_id instanceof WP_User ) {
$user = $user_id;
} elseif ( $user_id && is_numeric( $user_id ) ) {
$user = get_user_by( 'id', $user_id );
}
if ( ! $user ) {
return get_locale();
}
$locale = $user->locale;
return $locale ? $locale : get_locale();
}
/**
* Determine the current locale desired for the request.
*
* @since 5.0.0
*
* @global string $pagenow
*
* @return string The determined locale.
*/
function determine_locale() {
/**
* Filters the locale for the current request prior to the default determination process.
*
* Using this filter allows to override the default logic, effectively short-circuiting the function.
*
* @since 5.0.0
*
* @param string|null The locale to return and short-circuit, or null as default.
*/
$determined_locale = apply_filters( 'pre_determine_locale', null );
if ( ! empty( $determined_locale ) && is_string( $determined_locale ) ) {
return $determined_locale;
}
$determined_locale = get_locale();
if ( is_admin() ) {
$determined_locale = get_user_locale();
}
if ( isset( $_GET['_locale'] ) && 'user' === $_GET['_locale'] && wp_is_json_request() ) {
$determined_locale = get_user_locale();
}
if ( ! empty( $_GET['wp_lang'] ) && ! empty( $GLOBALS['pagenow'] ) && 'wp-login.php' === $GLOBALS['pagenow'] ) {
$determined_locale = sanitize_locale_name( wp_unslash( $_GET['wp_lang'] ) );
}
/**
* Filters the locale for the current request.
*
* @since 5.0.0
*
* @param string $locale The locale.
*/
return apply_filters( 'determine_locale', $determined_locale );
}
/**
* Retrieve the translation of $text.
*
* If there is no translation, or the text domain isn't loaded, the original text is returned.
*
* *Note:* Don't use translate() directly, use __() or related functions.
*
* @since 2.2.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text
*/
function translate( $text, $domain = 'default' ) {
$translations = get_translations_for_domain( $domain );
$translation = $translations->translate( $text );
/**
* Filters text with its translation.
*
* @since 2.0.11
*
* @param string $translation Translated text.
* @param string $text Text to translate.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
return apply_filters( 'gettext', $translation, $text, $domain );
}
/**
* Remove last item on a pipe-delimited string.
*
* Meant for removing the last item in a string, such as 'Role name|User role'. The original
* string will be returned if no pipe '|' characters are found in the string.
*
* @since 2.8.0
*
* @param string $string A pipe-delimited string.
* @return string Either $string or everything before the last pipe.
*/
function before_last_bar( $string ) {
$last_bar = strrpos( $string, '|' );
if ( false === $last_bar ) {
return $string;
} else {
return substr( $string, 0, $last_bar );
}
}
/**
* Retrieve the translation of $text in the context defined in $context.
*
* If there is no translation, or the text domain isn't loaded the original
* text is returned.
*
* *Note:* Don't use translate_with_gettext_context() directly, use _x() or related functions.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text on success, original text on failure.
*/
function translate_with_gettext_context( $text, $context, $domain = 'default' ) {
$translations = get_translations_for_domain( $domain );
$translation = $translations->translate( $text, $context );
/**
* Filters text with its translation based on context information.
*
* @since 2.8.0
*
* @param string $translation Translated text.
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
return apply_filters( 'gettext_with_context', $translation, $text, $context, $domain );
}
/**
* Retrieve the translation of $text.
*
* If there is no translation, or the text domain isn't loaded, the original text is returned.
*
* @since 2.1.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text.
*/
function __( $text, $domain = 'default' ) {
return translate( $text, $domain );
}
/**
* Retrieve the translation of $text and escapes it for safe use in an attribute.
*
* If there is no translation, or the text domain isn't loaded, the original text is returned.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text on success, original text on failure.
*/
function esc_attr__( $text, $domain = 'default' ) {
return esc_attr( translate( $text, $domain ) );
}
/**
* Retrieve the translation of $text and escapes it for safe use in HTML output.
*
* If there is no translation, or the text domain isn't loaded, the original text
* is escaped and returned.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text
*/
function esc_html__( $text, $domain = 'default' ) {
return esc_html( translate( $text, $domain ) );
}
/**
* Display translated text.
*
* @since 1.2.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
*/
function _e( $text, $domain = 'default' ) {
echo translate( $text, $domain );
}
/**
* Display translated text that has been escaped for safe use in an attribute.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
*/
function esc_attr_e( $text, $domain = 'default' ) {
echo esc_attr( translate( $text, $domain ) );
}
/**
* Display translated text that has been escaped for safe use in HTML output.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
*/
function esc_html_e( $text, $domain = 'default' ) {
echo esc_html( translate( $text, $domain ) );
}
/**
* Retrieve translated string with gettext context.
*
* Quite a few times, there will be collisions with similar translatable text
* found in more than two places, but with different translated context.
*
* By including the context in the pot file, translators can translate the two
* strings differently.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated context string without pipe.
*/
function _x( $text, $context, $domain = 'default' ) {
return translate_with_gettext_context( $text, $context, $domain );
}
/**
* Display translated string with gettext context.
*
* @since 3.0.0
*
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated context string without pipe.
*/
function _ex( $text, $context, $domain = 'default' ) {
echo _x( $text, $context, $domain );
}
/**
* Translate string with gettext context, and escapes it for safe use in an attribute.
*
* @since 2.8.0
*
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text
*/
function esc_attr_x( $text, $context, $domain = 'default' ) {
return esc_attr( translate_with_gettext_context( $text, $context, $domain ) );
}
/**
* Translate string with gettext context, and escapes it for safe use in HTML output.
*
* @since 2.9.0
*
* @param string $text Text to translate.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated text.
*/
function esc_html_x( $text, $context, $domain = 'default' ) {
return esc_html( translate_with_gettext_context( $text, $context, $domain ) );
}
/**
* Translates and retrieves the singular or plural form based on the supplied number.
*
* Used when you want to use the appropriate form of a string based on whether a
* number is singular or plural.
*
* Example:
*
* printf( _n( '%s person', '%s people', $count, 'text-domain' ), number_format_i18n( $count ) );
*
* @since 2.8.0
*
* @param string $single The text to be used if the number is singular.
* @param string $plural The text to be used if the number is plural.
* @param int $number The number to compare against to use either the singular or plural form.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string The translated singular or plural form.
*/
function _n( $single, $plural, $number, $domain = 'default' ) {
$translations = get_translations_for_domain( $domain );
$translation = $translations->translate_plural( $single, $plural, $number );
/**
* Filters the singular or plural form of a string.
*
* @since 2.2.0
*
* @param string $translation Translated text.
* @param string $single The text to be used if the number is singular.
* @param string $plural The text to be used if the number is plural.
* @param string $number The number to compare against to use either the singular or plural form.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
return apply_filters( 'ngettext', $translation, $single, $plural, $number, $domain );
}
/**
* Translates and retrieves the singular or plural form based on the supplied number, with gettext context.
*
* This is a hybrid of _n() and _x(). It supports context and plurals.
*
* Used when you want to use the appropriate form of a string with context based on whether a
* number is singular or plural.
*
* Example of a generic phrase which is disambiguated via the context parameter:
*
* printf( _nx( '%s group', '%s groups', $people, 'group of people', 'text-domain' ), number_format_i18n( $people ) );
* printf( _nx( '%s group', '%s groups', $animals, 'group of animals', 'text-domain' ), number_format_i18n( $animals ) );
*
* @since 2.8.0
*
* @param string $single The text to be used if the number is singular.
* @param string $plural The text to be used if the number is plural.
* @param int $number The number to compare against to use either the singular or plural form.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string The translated singular or plural form.
*/
function _nx( $single, $plural, $number, $context, $domain = 'default' ) {
$translations = get_translations_for_domain( $domain );
$translation = $translations->translate_plural( $single, $plural, $number, $context );
/**
* Filters the singular or plural form of a string with gettext context.
*
* @since 2.8.0
*
* @param string $translation Translated text.
* @param string $single The text to be used if the number is singular.
* @param string $plural The text to be used if the number is plural.
* @param string $number The number to compare against to use either the singular or plural form.
* @param string $context Context information for the translators.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
return apply_filters( 'ngettext_with_context', $translation, $single, $plural, $number, $context, $domain );
}
/**
* Registers plural strings in POT file, but does not translate them.
*
* Used when you want to keep structures with translatable plural
* strings and use them later when the number is known.
*
* Example:
*
* $message = _n_noop( '%s post', '%s posts', 'text-domain' );
* ...
* printf( translate_nooped_plural( $message, $count, 'text-domain' ), number_format_i18n( $count ) );
*
* @since 2.5.0
*
* @param string $singular Singular form to be localized.
* @param string $plural Plural form to be localized.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default null.
* @return array {
* Array of translation information for the strings.
*
* @type string $0 Singular form to be localized. No longer used.
* @type string $1 Plural form to be localized. No longer used.
* @type string $singular Singular form to be localized.
* @type string $plural Plural form to be localized.
* @type null $context Context information for the translators.
* @type string $domain Text domain.
* }
*/
function _n_noop( $singular, $plural, $domain = null ) {
return array(
0 => $singular,
1 => $plural,
'singular' => $singular,
'plural' => $plural,
'context' => null,
'domain' => $domain,
);
}
/**
* Registers plural strings with gettext context in POT file, but does not translate them.
*
* Used when you want to keep structures with translatable plural
* strings and use them later when the number is known.
*
* Example of a generic phrase which is disambiguated via the context parameter:
*
* $messages = array(
* 'people' => _nx_noop( '%s group', '%s groups', 'people', 'text-domain' ),
* 'animals' => _nx_noop( '%s group', '%s groups', 'animals', 'text-domain' ),
* );
* ...
* $message = $messages[ $type ];
* printf( translate_nooped_plural( $message, $count, 'text-domain' ), number_format_i18n( $count ) );
*
* @since 2.8.0
*
* @param string $singular Singular form to be localized.
* @param string $plural Plural form to be localized.
* @param string $context Context information for the translators.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default null.
* @return array {
* Array of translation information for the strings.
*
* @type string $0 Singular form to be localized. No longer used.
* @type string $1 Plural form to be localized. No longer used.
* @type string $2 Context information for the translators. No longer used.
* @type string $singular Singular form to be localized.
* @type string $plural Plural form to be localized.
* @type string $context Context information for the translators.
* @type string $domain Text domain.
* }
*/
function _nx_noop( $singular, $plural, $context, $domain = null ) {
return array(
0 => $singular,
1 => $plural,
2 => $context,
'singular' => $singular,
'plural' => $plural,
'context' => $context,
'domain' => $domain,
);
}
/**
* Translates and retrieves the singular or plural form of a string that's been registered
* with _n_noop() or _nx_noop().
*
* Used when you want to use a translatable plural string once the number is known.
*
* Example:
*
* $message = _n_noop( '%s post', '%s posts', 'text-domain' );
* ...
* printf( translate_nooped_plural( $message, $count, 'text-domain' ), number_format_i18n( $count ) );
*
* @since 3.1.0
*
* @param array $nooped_plural Array with singular, plural, and context keys, usually the result of _n_noop() or _nx_noop().
* @param int $count Number of objects.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings. If $nooped_plural contains
* a text domain passed to _n_noop() or _nx_noop(), it will override this value. Default 'default'.
* @return string Either $single or $plural translated text.
*/
function translate_nooped_plural( $nooped_plural, $count, $domain = 'default' ) {
if ( $nooped_plural['domain'] ) {
$domain = $nooped_plural['domain'];
}
if ( $nooped_plural['context'] ) {
return _nx( $nooped_plural['singular'], $nooped_plural['plural'], $count, $nooped_plural['context'], $domain );
} else {
return _n( $nooped_plural['singular'], $nooped_plural['plural'], $count, $domain );
}
}
/**
* Load a .mo file into the text domain $domain.
*
* If the text domain already exists, the translations will be merged. If both
* sets have the same string, the translation from the original value will be taken.
*
* On success, the .mo file will be placed in the $l10n global by $domain
* and will be a MO object.
*
* @since 1.5.0
*
* @global MO[] $l10n An array of all currently loaded text domains.
* @global MO[] $l10n_unloaded An array of all text domains that have been unloaded again.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $mofile Path to the .mo file.
* @return bool True on success, false on failure.
*/
function load_textdomain( $domain, $mofile ) {
global $l10n, $l10n_unloaded;
$l10n_unloaded = (array) $l10n_unloaded;
/**
* Filters whether to override the .mo file loading.
*
* @since 2.9.0
*
* @param bool $override Whether to override the .mo file loading. Default false.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $mofile Path to the MO file.
*/
$plugin_override = apply_filters( 'override_load_textdomain', false, $domain, $mofile );
if ( true == $plugin_override ) {
unset( $l10n_unloaded[ $domain ] );
return true;
}
/**
* Fires before the MO translation file is loaded.
*
* @since 2.9.0
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $mofile Path to the .mo file.
*/
do_action( 'load_textdomain', $domain, $mofile );
/**
* Filters MO file path for loading translations for a specific text domain.
*
* @since 2.9.0
*
* @param string $mofile Path to the MO file.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
$mofile = apply_filters( 'load_textdomain_mofile', $mofile, $domain );
if ( ! is_readable( $mofile ) ) {
return false;
}
$mo = new MO();
if ( ! $mo->import_from_file( $mofile ) ) {
return false;
}
if ( isset( $l10n[ $domain ] ) ) {
$mo->merge_with( $l10n[ $domain ] );
}
unset( $l10n_unloaded[ $domain ] );
$l10n[ $domain ] = &$mo;
return true;
}
/**
* Unload translations for a text domain.
*
* @since 3.0.0
*
* @global MO[] $l10n An array of all currently loaded text domains.
* @global MO[] $l10n_unloaded An array of all text domains that have been unloaded again.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @return bool Whether textdomain was unloaded.
*/
function unload_textdomain( $domain ) {
global $l10n, $l10n_unloaded;
$l10n_unloaded = (array) $l10n_unloaded;
/**
* Filters whether to override the text domain unloading.
*
* @since 3.0.0
*
* @param bool $override Whether to override the text domain unloading. Default false.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
$plugin_override = apply_filters( 'override_unload_textdomain', false, $domain );
if ( $plugin_override ) {
$l10n_unloaded[ $domain ] = true;
return true;
}
/**
* Fires before the text domain is unloaded.
*
* @since 3.0.0
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
do_action( 'unload_textdomain', $domain );
if ( isset( $l10n[ $domain ] ) ) {
unset( $l10n[ $domain ] );
$l10n_unloaded[ $domain ] = true;
return true;
}
return false;
}
/**
* Load default translated strings based on locale.
*
* Loads the .mo file in WP_LANG_DIR constant path from WordPress root.
* The translated (.mo) file is named based on the locale.
*
* @see load_textdomain()
*
* @since 1.5.0
*
* @param string $locale Optional. Locale to load. Default is the value of get_locale().
* @return bool Whether the textdomain was loaded.
*/
function load_default_textdomain( $locale = null ) {
if ( null === $locale ) {
$locale = determine_locale();
}
// Unload previously loaded strings so we can switch translations.
unload_textdomain( 'default' );
$return = load_textdomain( 'default', WP_LANG_DIR . "/$locale.mo" );
if ( ( is_multisite() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK ) ) && ! file_exists( WP_LANG_DIR . "/admin-$locale.mo" ) ) {
load_textdomain( 'default', WP_LANG_DIR . "/ms-$locale.mo" );
return $return;
}
if ( is_admin() || wp_installing() || ( defined( 'WP_REPAIRING' ) && WP_REPAIRING ) ) {
load_textdomain( 'default', WP_LANG_DIR . "/admin-$locale.mo" );
}
if ( is_network_admin() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK ) ) {
load_textdomain( 'default', WP_LANG_DIR . "/admin-network-$locale.mo" );
}
return $return;
}
/**
* Loads a plugin's translated strings.
*
* If the path is not given then it will be the root of the plugin directory.
*
* The .mo file should be named based on the text domain with a dash, and then the locale exactly.
*
* @since 1.5.0
* @since 4.6.0 The function now tries to load the .mo file from the languages directory first.
*
* @param string $domain Unique identifier for retrieving translated strings
* @param string|false $deprecated Optional. Deprecated. Use the $plugin_rel_path parameter instead.
* Default false.
* @param string|false $plugin_rel_path Optional. Relative path to WP_PLUGIN_DIR where the .mo file resides.
* Default false.
* @return bool True when textdomain is successfully loaded, false otherwise.
*/
function load_plugin_textdomain( $domain, $deprecated = false, $plugin_rel_path = false ) {
/**
* Filters a plugin's locale.
*
* @since 3.0.0
*
* @param string $locale The plugin's current locale.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
$locale = apply_filters( 'plugin_locale', determine_locale(), $domain );
$mofile = $domain . '-' . $locale . '.mo';
// Try to load from the languages directory first.
if ( load_textdomain( $domain, WP_LANG_DIR . '/plugins/' . $mofile ) ) {
return true;
}
if ( false !== $plugin_rel_path ) {
$path = WP_PLUGIN_DIR . '/' . trim( $plugin_rel_path, '/' );
} elseif ( false !== $deprecated ) {
_deprecated_argument( __FUNCTION__, '2.7.0' );
$path = ABSPATH . trim( $deprecated, '/' );
} else {
$path = WP_PLUGIN_DIR;
}
return load_textdomain( $domain, $path . '/' . $mofile );
}
/**
* Load the translated strings for a plugin residing in the mu-plugins directory.
*
* @since 3.0.0
* @since 4.6.0 The function now tries to load the .mo file from the languages directory first.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $mu_plugin_rel_path Optional. Relative to `WPMU_PLUGIN_DIR` directory in which the .mo
* file resides. Default empty string.
* @return bool True when textdomain is successfully loaded, false otherwise.
*/
function load_muplugin_textdomain( $domain, $mu_plugin_rel_path = '' ) {
/** This filter is documented in wp-includes/l10n.php */
$locale = apply_filters( 'plugin_locale', determine_locale(), $domain );
$mofile = $domain . '-' . $locale . '.mo';
// Try to load from the languages directory first.
if ( load_textdomain( $domain, WP_LANG_DIR . '/plugins/' . $mofile ) ) {
return true;
}
$path = WPMU_PLUGIN_DIR . '/' . ltrim( $mu_plugin_rel_path, '/' );
return load_textdomain( $domain, $path . '/' . $mofile );
}
/**
* Load the theme's translated strings.
*
* If the current locale exists as a .mo file in the theme's root directory, it
* will be included in the translated strings by the $domain.
*
* The .mo files must be named based on the locale exactly.
*
* @since 1.5.0
* @since 4.6.0 The function now tries to load the .mo file from the languages directory first.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $path Optional. Path to the directory containing the .mo file.
* Default false.
* @return bool True when textdomain is successfully loaded, false otherwise.
*/
function load_theme_textdomain( $domain, $path = false ) {
/**
* Filters a theme's locale.
*
* @since 3.0.0
*
* @param string $locale The theme's current locale.
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
*/
$locale = apply_filters( 'theme_locale', determine_locale(), $domain );
$mofile = $domain . '-' . $locale . '.mo';
// Try to load from the languages directory first.
if ( load_textdomain( $domain, WP_LANG_DIR . '/themes/' . $mofile ) ) {
return true;
}
if ( ! $path ) {
$path = get_template_directory();
}
return load_textdomain( $domain, $path . '/' . $locale . '.mo' );
}
/**
* Load the child themes translated strings.
*
* If the current locale exists as a .mo file in the child themes
* root directory, it will be included in the translated strings by the $domain.
*
* The .mo files must be named based on the locale exactly.
*
* @since 2.9.0
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $path Optional. Path to the directory containing the .mo file.
* Default false.
* @return bool True when the theme textdomain is successfully loaded, false otherwise.
*/
function load_child_theme_textdomain( $domain, $path = false ) {
if ( ! $path ) {
$path = get_stylesheet_directory();
}
return load_theme_textdomain( $domain, $path );
}
/**
* Loads the script translated strings.
*
* @since 5.0.0
* @since 5.0.2 Uses load_script_translations() to load translation data.
* @since 5.1.0 The `$domain` parameter was made optional.
*
* @see WP_Scripts::set_translations()
*
* @param string $handle Name of the script to register a translation domain to.
* @param string $domain Optional. Text domain. Default 'default'.
* @param string $path Optional. The full file path to the directory containing translation files.
*
* @return false|string False if the script textdomain could not be loaded, the translated strings
* in JSON encoding otherwise.
*/
function load_script_textdomain( $handle, $domain = 'default', $path = null ) {
$wp_scripts = wp_scripts();
if ( ! isset( $wp_scripts->registered[ $handle ] ) ) {
return false;
}
$path = untrailingslashit( $path );
$locale = determine_locale();
// If a path was given and the handle file exists simply return it.
$file_base = $domain === 'default' ? $locale : $domain . '-' . $locale;
$handle_filename = $file_base . '-' . $handle . '.json';
if ( $path ) {
$translations = load_script_translations( $path . '/' . $handle_filename, $handle, $domain );
if ( $translations ) {
return $translations;
}
}
$src = $wp_scripts->registered[ $handle ]->src;
if ( ! preg_match( '|^(https?:)?//|', $src ) && ! ( $wp_scripts->content_url && 0 === strpos( $src, $wp_scripts->content_url ) ) ) {
$src = $wp_scripts->base_url . $src;
}
$relative = false;
$languages_path = WP_LANG_DIR;
$src_url = wp_parse_url( $src );
$content_url = wp_parse_url( content_url() );
$site_url = wp_parse_url( site_url() );
// If the host is the same or it's a relative URL.
if (
strpos( $src_url['path'], $content_url['path'] ) === 0 &&
( ! isset( $src_url['host'] ) || $src_url['host'] === $content_url['host'] )
) {
// Make the src relative the specific plugin or theme.
$relative = trim( substr( $src_url['path'], strlen( $content_url['path'] ) ), '/' );
$relative = explode( '/', $relative );
$languages_path = WP_LANG_DIR . '/' . $relative[0];
$relative = array_slice( $relative, 2 );
$relative = implode( '/', $relative );
} elseif ( ! isset( $src_url['host'] ) || $src_url['host'] === $site_url['host'] ) {
if ( ! isset( $site_url['path'] ) ) {
$relative = trim( $src_url['path'], '/' );
} elseif ( ( strpos( $src_url['path'], trailingslashit( $site_url['path'] ) ) === 0 ) ) {
// Make the src relative to the WP root.
$relative = substr( $src_url['path'], strlen( $site_url['path'] ) );
$relative = trim( $relative, '/' );
}
}
/**
* Filters the relative path of scripts used for finding translation files.
*
* @since 5.0.2
*
* @param string $relative The relative path of the script. False if it could not be determined.
* @param string $src The full source url of the script.
*/
$relative = apply_filters( 'load_script_textdomain_relative_path', $relative, $src );
// If the source is not from WP.
if ( false === $relative ) {
return load_script_translations( false, $handle, $domain );
}
// Translations are always based on the unminified filename.
if ( substr( $relative, -7 ) === '.min.js' ) {
$relative = substr( $relative, 0, -7 ) . '.js';
}
$md5_filename = $file_base . '-' . md5( $relative ) . '.json';
if ( $path ) {
$translations = load_script_translations( $path . '/' . $md5_filename, $handle, $domain );
if ( $translations ) {
return $translations;
}
}
$translations = load_script_translations( $languages_path . '/' . $md5_filename, $handle, $domain );
if ( $translations ) {
return $translations;
}
return load_script_translations( false, $handle, $domain );
}
/**
* Loads the translation data for the given script handle and text domain.
*
* @since 5.0.2
*
* @param string|false $file Path to the translation file to load. False if there isn't one.
* @param string $handle Name of the script to register a translation domain to.
* @param string $domain The text domain.
* @return string|false The JSON-encoded translated strings for the given script handle and text domain. False if there are none.
*/
function load_script_translations( $file, $handle, $domain ) {
/**
* Pre-filters script translations for the given file, script handle and text domain.
*
* Returning a non-null value allows to override the default logic, effectively short-circuiting the function.
*
* @since 5.0.2
*
* @param string|false $translations JSON-encoded translation data. Default null.
* @param string|false $file Path to the translation file to load. False if there isn't one.
* @param string $handle Name of the script to register a translation domain to.
* @param string $domain The text domain.
*/
$translations = apply_filters( 'pre_load_script_translations', null, $file, $handle, $domain );
if ( null !== $translations ) {
return $translations;
}
/**
* Filters the file path for loading script translations for the given script handle and text domain.
*
* @since 5.0.2
*
* @param string|false $file Path to the translation file to load. False if there isn't one.
* @param string $handle Name of the script to register a translation domain to.
* @param string $domain The text domain.
*/
$file = apply_filters( 'load_script_translation_file', $file, $handle, $domain );
if ( ! $file || ! is_readable( $file ) ) {
return false;
}
$translations = file_get_contents( $file );
/**
* Filters script translations for the given file, script handle and text domain.
*
* @since 5.0.2
*
* @param string $translations JSON-encoded translation data.
* @param string $file Path to the translation file that was loaded.
* @param string $handle Name of the script to register a translation domain to.
* @param string $domain The text domain.
*/
return apply_filters( 'load_script_translations', $translations, $file, $handle, $domain );
}
/**
* Loads plugin and theme textdomains just-in-time.
*
* When a textdomain is encountered for the first time, we try to load
* the translation file from `wp-content/languages`, removing the need
* to call load_plugin_texdomain() or load_theme_texdomain().
*
* @since 4.6.0
* @access private
*
* @see get_translations_for_domain()
* @global MO[] $l10n_unloaded An array of all text domains that have been unloaded again.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @return bool True when the textdomain is successfully loaded, false otherwise.
*/
function _load_textdomain_just_in_time( $domain ) {
global $l10n_unloaded;
$l10n_unloaded = (array) $l10n_unloaded;
// Short-circuit if domain is 'default' which is reserved for core.
if ( 'default' === $domain || isset( $l10n_unloaded[ $domain ] ) ) {
return false;
}
$translation_path = _get_path_to_translation( $domain );
if ( false === $translation_path ) {
return false;
}
return load_textdomain( $domain, $translation_path );
}
/**
* Gets the path to a translation file for loading a textdomain just in time.
*
* Caches the retrieved results internally.
*
* @since 4.7.0
* @access private
*
* @see _load_textdomain_just_in_time()
* @staticvar array $available_translations
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param bool $reset Whether to reset the internal cache. Used by the switch to locale functionality.
* @return string|false The path to the translation file or false if no translation file was found.
*/
function _get_path_to_translation( $domain, $reset = false ) {
static $available_translations = array();
if ( true === $reset ) {
$available_translations = array();
}
if ( ! isset( $available_translations[ $domain ] ) ) {
$available_translations[ $domain ] = _get_path_to_translation_from_lang_dir( $domain );
}
return $available_translations[ $domain ];
}
/**
* Gets the path to a translation file in the languages directory for the current locale.
*
* Holds a cached list of available .mo files to improve performance.
*
* @since 4.7.0
* @access private
*
* @see _get_path_to_translation()
* @staticvar array $cached_mofiles
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @return string|false The path to the translation file or false if no translation file was found.
*/
function _get_path_to_translation_from_lang_dir( $domain ) {
static $cached_mofiles = null;
if ( null === $cached_mofiles ) {
$cached_mofiles = array();
$locations = array(
WP_LANG_DIR . '/plugins',
WP_LANG_DIR . '/themes',
);
foreach ( $locations as $location ) {
$mofiles = glob( $location . '/*.mo' );
if ( $mofiles ) {
$cached_mofiles = array_merge( $cached_mofiles, $mofiles );
}
}
}
$locale = determine_locale();
$mofile = "{$domain}-{$locale}.mo";
$path = WP_LANG_DIR . '/plugins/' . $mofile;
if ( in_array( $path, $cached_mofiles ) ) {
return $path;
}
$path = WP_LANG_DIR . '/themes/' . $mofile;
if ( in_array( $path, $cached_mofiles ) ) {
return $path;
}
return false;
}
/**
* Return the Translations instance for a text domain.
*
* If there isn't one, returns empty Translations instance.
*
* @since 2.8.0
*
* @global MO[] $l10n
* @staticvar NOOP_Translations $noop_translations
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @return Translations|NOOP_Translations A Translations instance.
*/
function get_translations_for_domain( $domain ) {
global $l10n;
if ( isset( $l10n[ $domain ] ) || ( _load_textdomain_just_in_time( $domain ) && isset( $l10n[ $domain ] ) ) ) {
return $l10n[ $domain ];
}
static $noop_translations = null;
if ( null === $noop_translations ) {
$noop_translations = new NOOP_Translations;
}
return $noop_translations;
}
/**
* Whether there are translations for the text domain.
*
* @since 3.0.0
*
* @global MO[] $l10n
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @return bool Whether there are translations.
*/
function is_textdomain_loaded( $domain ) {
global $l10n;
return isset( $l10n[ $domain ] );
}
/**
* Translates role name.
*
* Since the role names are in the database and not in the source there
* are dummy gettext calls to get them into the POT file and this function
* properly translates them back.
*
* The before_last_bar() call is needed, because older installations keep the roles
* using the old context format: 'Role name|User role' and just skipping the
* content after the last bar is easier than fixing them in the DB. New installations
* won't suffer from that problem.
*
* @since 2.8.0
* @since 5.2.0 Added the `$domain` parameter.
*
* @param string $name The role name.
* @param string $domain Optional. Text domain. Unique identifier for retrieving translated strings.
* Default 'default'.
* @return string Translated role name on success, original name on failure.
*/
function translate_user_role( $name, $domain = 'default' ) {
return translate_with_gettext_context( before_last_bar( $name ), 'User role', $domain );
}
/**
* Get all available languages based on the presence of *.mo files in a given directory.
*
* The default directory is WP_LANG_DIR.
*
* @since 3.0.0
* @since 4.7.0 The results are now filterable with the {@see 'get_available_languages'} filter.
*
* @param string $dir A directory to search for language files.
* Default WP_LANG_DIR.
* @return array An array of language codes or an empty array if no languages are present. Language codes are formed by stripping the .mo extension from the language file names.
*/
function get_available_languages( $dir = null ) {
$languages = array();
$lang_files = glob( ( is_null( $dir ) ? WP_LANG_DIR : $dir ) . '/*.mo' );
if ( $lang_files ) {
foreach ( $lang_files as $lang_file ) {
$lang_file = basename( $lang_file, '.mo' );
if ( 0 !== strpos( $lang_file, 'continents-cities' ) && 0 !== strpos( $lang_file, 'ms-' ) &&
0 !== strpos( $lang_file, 'admin-' ) ) {
$languages[] = $lang_file;
}
}
}
/**
* Filters the list of available language codes.
*
* @since 4.7.0
*
* @param array $languages An array of available language codes.
* @param string $dir The directory where the language files were found.
*/
return apply_filters( 'get_available_languages', $languages, $dir );
}
/**
* Get installed translations.
*
* Looks in the wp-content/languages directory for translations of
* plugins or themes.
*
* @since 3.7.0
*
* @param string $type What to search for. Accepts 'plugins', 'themes', 'core'.
* @return array Array of language data.
*/
function wp_get_installed_translations( $type ) {
if ( $type !== 'themes' && $type !== 'plugins' && $type !== 'core' ) {
return array();
}
$dir = 'core' === $type ? '' : "/$type";
if ( ! is_dir( WP_LANG_DIR ) ) {
return array();
}
if ( $dir && ! is_dir( WP_LANG_DIR . $dir ) ) {
return array();
}
$files = scandir( WP_LANG_DIR . $dir );
if ( ! $files ) {
return array();
}
$language_data = array();
foreach ( $files as $file ) {
if ( '.' === $file[0] || is_dir( WP_LANG_DIR . "$dir/$file" ) ) {
continue;
}
if ( substr( $file, -3 ) !== '.po' ) {
continue;
}
if ( ! preg_match( '/(?:(.+)-)?([a-z]{2,3}(?:_[A-Z]{2})?(?:_[a-z0-9]+)?).po/', $file, $match ) ) {
continue;
}
if ( ! in_array( substr( $file, 0, -3 ) . '.mo', $files ) ) {
continue;
}
list( , $textdomain, $language ) = $match;
if ( '' === $textdomain ) {
$textdomain = 'default';
}
$language_data[ $textdomain ][ $language ] = wp_get_pomo_file_data( WP_LANG_DIR . "$dir/$file" );
}
return $language_data;
}
/**
* Extract headers from a PO file.
*
* @since 3.7.0
*
* @param string $po_file Path to PO file.
* @return array PO file headers.
*/
function wp_get_pomo_file_data( $po_file ) {
$headers = get_file_data(
$po_file,
array(
'POT-Creation-Date' => '"POT-Creation-Date',
'PO-Revision-Date' => '"PO-Revision-Date',
'Project-Id-Version' => '"Project-Id-Version',
'X-Generator' => '"X-Generator',
)
);
foreach ( $headers as $header => $value ) {
// Remove possible contextual '\n' and closing double quote.
$headers[ $header ] = preg_replace( '~(\\\n)?"$~', '', $value );
}
return $headers;
}
/**
* Language selector.
*
* @since 4.0.0
* @since 4.3.0 Introduced the `echo` argument.
* @since 4.7.0 Introduced the `show_option_site_default` argument.
* @since 5.1.0 Introduced the `show_option_en_us` argument.
*
* @see get_available_languages()
* @see wp_get_available_translations()
*
* @param string|array $args {
* Optional. Array or string of arguments for outputting the language selector.
*
* @type string $id ID attribute of the select element. Default 'locale'.
* @type string $name Name attribute of the select element. Default 'locale'.
* @type array $languages List of installed languages, contain only the locales.
* Default empty array.
* @type array $translations List of available translations. Default result of
* wp_get_available_translations().
* @type string $selected Language which should be selected. Default empty.
* @type bool|int $echo Whether to echo the generated markup. Accepts 0, 1, or their
* boolean equivalents. Default 1.
* @type bool $show_available_translations Whether to show available translations. Default true.
* @type bool $show_option_site_default Whether to show an option to fall back to the site's locale. Default false.
* @type bool $show_option_en_us Whether to show an option for English (United States). Default true.
* }
* @return string HTML content
*/
function wp_dropdown_languages( $args = array() ) {
$parsed_args = wp_parse_args(
$args,
array(
'id' => 'locale',
'name' => 'locale',
'languages' => array(),
'translations' => array(),
'selected' => '',
'echo' => 1,
'show_available_translations' => true,
'show_option_site_default' => false,
'show_option_en_us' => true,
)
);
// Bail if no ID or no name.
if ( ! $parsed_args['id'] || ! $parsed_args['name'] ) {
return;
}
// English (United States) uses an empty string for the value attribute.
if ( 'en_US' === $parsed_args['selected'] ) {
$parsed_args['selected'] = '';
}
$translations = $parsed_args['translations'];
if ( empty( $translations ) ) {
require_once( ABSPATH . 'wp-admin/includes/translation-install.php' );
$translations = wp_get_available_translations();
}
/*
* $parsed_args['languages'] should only contain the locales. Find the locale in
* $translations to get the native name. Fall back to locale.
*/
$languages = array();
foreach ( $parsed_args['languages'] as $locale ) {
if ( isset( $translations[ $locale ] ) ) {
$translation = $translations[ $locale ];
$languages[] = array(
'language' => $translation['language'],
'native_name' => $translation['native_name'],
'lang' => current( $translation['iso'] ),
);
// Remove installed language from available translations.
unset( $translations[ $locale ] );
} else {
$languages[] = array(
'language' => $locale,
'native_name' => $locale,
'lang' => '',
);
}
}
$translations_available = ( ! empty( $translations ) && $parsed_args['show_available_translations'] );
// Holds the HTML markup.
$structure = array();
// List installed languages.
if ( $translations_available ) {
$structure[] = '';
}
// List available translations.
if ( $translations_available ) {
$structure[] = '';
}
// Combine the output string.
$output = sprintf( '';
if ( $parsed_args['echo'] ) {
echo $output;
}
return $output;
}
/**
* Determines whether the current locale is right-to-left (RTL).
*
* For more information on this and similar theme functions, check out
* the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
* Conditional Tags} article in the Theme Developer Handbook.
*
* @since 3.0.0
*
* @global WP_Locale $wp_locale
*
* @return bool Whether locale is RTL.
*/
function is_rtl() {
global $wp_locale;
if ( ! ( $wp_locale instanceof WP_Locale ) ) {
return false;
}
return $wp_locale->is_rtl();
}
/**
* Switches the translations according to the given locale.
*
* @since 4.7.0
*
* @global WP_Locale_Switcher $wp_locale_switcher
*
* @param string $locale The locale.
* @return bool True on success, false on failure.
*/
function switch_to_locale( $locale ) {
/* @var WP_Locale_Switcher $wp_locale_switcher */
global $wp_locale_switcher;
return $wp_locale_switcher->switch_to_locale( $locale );
}
/**
* Restores the translations according to the previous locale.
*
* @since 4.7.0
*
* @global WP_Locale_Switcher $wp_locale_switcher
*
* @return string|false Locale on success, false on error.
*/
function restore_previous_locale() {
/* @var WP_Locale_Switcher $wp_locale_switcher */
global $wp_locale_switcher;
return $wp_locale_switcher->restore_previous_locale();
}
/**
* Restores the translations according to the original locale.
*
* @since 4.7.0
*
* @global WP_Locale_Switcher $wp_locale_switcher
*
* @return string|false Locale on success, false on error.
*/
function restore_current_locale() {
/* @var WP_Locale_Switcher $wp_locale_switcher */
global $wp_locale_switcher;
return $wp_locale_switcher->restore_current_locale();
}
/**
* Whether switch_to_locale() is in effect.
*
* @since 4.7.0
*
* @global WP_Locale_Switcher $wp_locale_switcher
*
* @return bool True if the locale has been switched, false otherwise.
*/
function is_locale_switched() {
/* @var WP_Locale_Switcher $wp_locale_switcher */
global $wp_locale_switcher;
return $wp_locale_switcher->is_switched();
}
/**
* Query API: WP_Query class
*
* @package WordPress
* @subpackage Query
* @since 4.7.0
*/
/**
* The WordPress Query class.
*
* @link https://codex.wordpress.org/Function_Reference/WP_Query Codex page.
*
* @since 1.5.0
* @since 4.5.0 Removed the `$comments_popup` property.
*/
class WP_Query {
/**
* Query vars set by the user
*
* @since 1.5.0
* @var array
*/
public $query;
/**
* Query vars, after parsing
*
* @since 1.5.0
* @var array
*/
public $query_vars = array();
/**
* Taxonomy query, as passed to get_tax_sql()
*
* @since 3.1.0
* @var object WP_Tax_Query
*/
public $tax_query;
/**
* Metadata query container
*
* @since 3.2.0
* @var object WP_Meta_Query
*/
public $meta_query = false;
/**
* Date query container
*
* @since 3.7.0
* @var object WP_Date_Query
*/
public $date_query = false;
/**
* Holds the data for a single object that is queried.
*
* Holds the contents of a post, page, category, attachment.
*
* @since 1.5.0
* @var object|array
*/
public $queried_object;
/**
* The ID of the queried object.
*
* @since 1.5.0
* @var int
*/
public $queried_object_id;
/**
* Get post database query.
*
* @since 2.0.1
* @var string
*/
public $request;
/**
* List of posts.
*
* @since 1.5.0
* @var array
*/
public $posts;
/**
* The amount of posts for the current query.
*
* @since 1.5.0
* @var int
*/
public $post_count = 0;
/**
* Index of the current item in the loop.
*
* @since 1.5.0
* @var int
*/
public $current_post = -1;
/**
* Whether the loop has started and the caller is in the loop.
*
* @since 2.0.0
* @var bool
*/
public $in_the_loop = false;
/**
* The current post.
*
* @since 1.5.0
* @var WP_Post
*/
public $post;
/**
* The list of comments for current post.
*
* @since 2.2.0
* @var array
*/
public $comments;
/**
* The amount of comments for the posts.
*
* @since 2.2.0
* @var int
*/
public $comment_count = 0;
/**
* The index of the comment in the comment loop.
*
* @since 2.2.0
* @var int
*/
public $current_comment = -1;
/**
* Current comment ID.
*
* @since 2.2.0
* @var int
*/
public $comment;
/**
* The amount of found posts for the current query.
*
* If limit clause was not used, equals $post_count.
*
* @since 2.1.0
* @var int
*/
public $found_posts = 0;
/**
* The amount of pages.
*
* @since 2.1.0
* @var int
*/
public $max_num_pages = 0;
/**
* The amount of comment pages.
*
* @since 2.7.0
* @var int
*/
public $max_num_comment_pages = 0;
/**
* Signifies whether the current query is for a single post.
*
* @since 1.5.0
* @var bool
*/
public $is_single = false;
/**
* Signifies whether the current query is for a preview.
*
* @since 2.0.0
* @var bool
*/
public $is_preview = false;
/**
* Signifies whether the current query is for a page.
*
* @since 1.5.0
* @var bool
*/
public $is_page = false;
/**
* Signifies whether the current query is for an archive.
*
* @since 1.5.0
* @var bool
*/
public $is_archive = false;
/**
* Signifies whether the current query is for a date archive.
*
* @since 1.5.0
* @var bool
*/
public $is_date = false;
/**
* Signifies whether the current query is for a year archive.
*
* @since 1.5.0
* @var bool
*/
public $is_year = false;
/**
* Signifies whether the current query is for a month archive.
*
* @since 1.5.0
* @var bool
*/
public $is_month = false;
/**
* Signifies whether the current query is for a day archive.
*
* @since 1.5.0
* @var bool
*/
public $is_day = false;
/**
* Signifies whether the current query is for a specific time.
*
* @since 1.5.0
* @var bool
*/
public $is_time = false;
/**
* Signifies whether the current query is for an author archive.
*
* @since 1.5.0
* @var bool
*/
public $is_author = false;
/**
* Signifies whether the current query is for a category archive.
*
* @since 1.5.0
* @var bool
*/
public $is_category = false;
/**
* Signifies whether the current query is for a tag archive.
*
* @since 2.3.0
* @var bool
*/
public $is_tag = false;
/**
* Signifies whether the current query is for a taxonomy archive.
*
* @since 2.5.0
* @var bool
*/
public $is_tax = false;
/**
* Signifies whether the current query is for a search.
*
* @since 1.5.0
* @var bool
*/
public $is_search = false;
/**
* Signifies whether the current query is for a feed.
*
* @since 1.5.0
* @var bool
*/
public $is_feed = false;
/**
* Signifies whether the current query is for a comment feed.
*
* @since 2.2.0
* @var bool
*/
public $is_comment_feed = false;
/**
* Signifies whether the current query is for trackback endpoint call.
*
* @since 1.5.0
* @var bool
*/
public $is_trackback = false;
/**
* Signifies whether the current query is for the site homepage.
*
* @since 1.5.0
* @var bool
*/
public $is_home = false;
/**
* Signifies whether the current query is for the Privacy Policy page.
*
* @since 5.2.0
* @var bool
*/
public $is_privacy_policy = false;
/**
* Signifies whether the current query couldn't find anything.
*
* @since 1.5.0
* @var bool
*/
public $is_404 = false;
/**
* Signifies whether the current query is for an embed.
*
* @since 4.4.0
* @var bool
*/
public $is_embed = false;
/**
* Signifies whether the current query is for a paged result and not for the first page.
*
* @since 1.5.0
* @var bool
*/
public $is_paged = false;
/**
* Signifies whether the current query is for an administrative interface page.
*
* @since 1.5.0
* @var bool
*/
public $is_admin = false;
/**
* Signifies whether the current query is for an attachment page.
*
* @since 2.0.0
* @var bool
*/
public $is_attachment = false;
/**
* Signifies whether the current query is for an existing single post of any post type
* (post, attachment, page, custom post types).
*
* @since 2.1.0
* @var bool
*/
public $is_singular = false;
/**
* Signifies whether the current query is for the robots.txt file.
*
* @since 2.1.0
* @var bool
*/
public $is_robots = false;
/**
* Signifies whether the current query is for the page_for_posts page.
*
* Basically, the homepage if the option isn't set for the static homepage.
*
* @since 2.1.0
* @var bool
*/
public $is_posts_page = false;
/**
* Signifies whether the current query is for a post type archive.
*
* @since 3.1.0
* @var bool
*/
public $is_post_type_archive = false;
/**
* Stores the ->query_vars state like md5(serialize( $this->query_vars ) ) so we know
* whether we have to re-parse because something has changed
*
* @since 3.1.0
* @var bool|string
*/
private $query_vars_hash = false;
/**
* Whether query vars have changed since the initial parse_query() call. Used to catch modifications to query vars made
* via pre_get_posts hooks.
*
* @since 3.1.1
*/
private $query_vars_changed = true;
/**
* Set if post thumbnails are cached
*
* @since 3.2.0
* @var bool
*/
public $thumbnails_cached = false;
/**
* Controls whether an attachment query should include filenames or not.
*
* @since 6.0.3
* @var bool
*/
protected $allow_query_attachment_by_filename = false;
/**
* Cached list of search stopwords.
*
* @since 3.7.0
* @var array
*/
private $stopwords;
private $compat_fields = array( 'query_vars_hash', 'query_vars_changed' );
private $compat_methods = array( 'init_query_flags', 'parse_tax_query' );
/**
* Resets query flags to false.
*
* The query flags are what page info WordPress was able to figure out.
*
* @since 2.0.0
*/
private function init_query_flags() {
$this->is_single = false;
$this->is_preview = false;
$this->is_page = false;
$this->is_archive = false;
$this->is_date = false;
$this->is_year = false;
$this->is_month = false;
$this->is_day = false;
$this->is_time = false;
$this->is_author = false;
$this->is_category = false;
$this->is_tag = false;
$this->is_tax = false;
$this->is_search = false;
$this->is_feed = false;
$this->is_comment_feed = false;
$this->is_trackback = false;
$this->is_home = false;
$this->is_privacy_policy = false;
$this->is_404 = false;
$this->is_paged = false;
$this->is_admin = false;
$this->is_attachment = false;
$this->is_singular = false;
$this->is_robots = false;
$this->is_posts_page = false;
$this->is_post_type_archive = false;
}
/**
* Initiates object properties and sets default values.
*
* @since 1.5.0
*/
public function init() {
unset( $this->posts );
unset( $this->query );
$this->query_vars = array();
unset( $this->queried_object );
unset( $this->queried_object_id );
$this->post_count = 0;
$this->current_post = -1;
$this->in_the_loop = false;
unset( $this->request );
unset( $this->post );
unset( $this->comments );
unset( $this->comment );
$this->comment_count = 0;
$this->current_comment = -1;
$this->found_posts = 0;
$this->max_num_pages = 0;
$this->max_num_comment_pages = 0;
$this->init_query_flags();
}
/**
* Reparse the query vars.
*
* @since 1.5.0
*/
public function parse_query_vars() {
$this->parse_query();
}
/**
* Fills in the query variables, which do not exist within the parameter.
*
* @since 2.1.0
* @since 4.4.0 Removed the `comments_popup` public query variable.
*
* @param array $array Defined query variables.
* @return array Complete query variables with undefined ones filled in empty.
*/
public function fill_query_vars( $array ) {
$keys = array(
'error',
'm',
'p',
'post_parent',
'subpost',
'subpost_id',
'attachment',
'attachment_id',
'name',
'pagename',
'page_id',
'second',
'minute',
'hour',
'day',
'monthnum',
'year',
'w',
'category_name',
'tag',
'cat',
'tag_id',
'author',
'author_name',
'feed',
'tb',
'paged',
'meta_key',
'meta_value',
'preview',
's',
'sentence',
'title',
'fields',
'menu_order',
'embed',
);
foreach ( $keys as $key ) {
if ( ! isset( $array[ $key ] ) ) {
$array[ $key ] = '';
}
}
$array_keys = array(
'category__in',
'category__not_in',
'category__and',
'post__in',
'post__not_in',
'post_name__in',
'tag__in',
'tag__not_in',
'tag__and',
'tag_slug__in',
'tag_slug__and',
'post_parent__in',
'post_parent__not_in',
'author__in',
'author__not_in',
);
foreach ( $array_keys as $key ) {
if ( ! isset( $array[ $key ] ) ) {
$array[ $key ] = array();
}
}
return $array;
}
/**
* Parse a query string and set query type booleans.
*
* @since 1.5.0
* @since 4.2.0 Introduced the ability to order by specific clauses of a `$meta_query`, by passing the clause's
* array key to `$orderby`.
* @since 4.4.0 Introduced `$post_name__in` and `$title` parameters. `$s` was updated to support excluded
* search terms, by prepending a hyphen.
* @since 4.5.0 Removed the `$comments_popup` parameter.
* Introduced the `$comment_status` and `$ping_status` parameters.
* Introduced `RAND(x)` syntax for `$orderby`, which allows an integer seed value to random sorts.
* @since 4.6.0 Added 'post_name__in' support for `$orderby`. Introduced the `$lazy_load_term_meta` argument.
* @since 4.9.0 Introduced the `$comment_count` parameter.
* @since 5.1.0 Introduced the `$meta_compare_key` parameter.
*
* @param string|array $query {
* Optional. Array or string of Query parameters.
*
* @type int $attachment_id Attachment post ID. Used for 'attachment' post_type.
* @type int|string $author Author ID, or comma-separated list of IDs.
* @type string $author_name User 'user_nicename'.
* @type array $author__in An array of author IDs to query from.
* @type array $author__not_in An array of author IDs not to query from.
* @type bool $cache_results Whether to cache post information. Default true.
* @type int|string $cat Category ID or comma-separated list of IDs (this or any children).
* @type array $category__and An array of category IDs (AND in).
* @type array $category__in An array of category IDs (OR in, no children).
* @type array $category__not_in An array of category IDs (NOT in).
* @type string $category_name Use category slug (not name, this or any children).
* @type array|int $comment_count Filter results by comment count. Provide an integer to match
* comment count exactly. Provide an array with integer 'value'
* and 'compare' operator ('=', '!=', '>', '>=', '<', '<=' ) to
* compare against comment_count in a specific way.
* @type string $comment_status Comment status.
* @type int $comments_per_page The number of comments to return per page.
* Default 'comments_per_page' option.
* @type array $date_query An associative array of WP_Date_Query arguments.
* See WP_Date_Query::__construct().
* @type int $day Day of the month. Default empty. Accepts numbers 1-31.
* @type bool $exact Whether to search by exact keyword. Default false.
* @type string|array $fields Which fields to return. Single field or all fields (string),
* or array of fields. 'id=>parent' uses 'id' and 'post_parent'.
* Default all fields. Accepts 'ids', 'id=>parent'.
* @type int $hour Hour of the day. Default empty. Accepts numbers 0-23.
* @type int|bool $ignore_sticky_posts Whether to ignore sticky posts or not. Setting this to false
* excludes stickies from 'post__in'. Accepts 1|true, 0|false.
* Default 0|false.
* @type int $m Combination YearMonth. Accepts any four-digit year and month
* numbers 1-12. Default empty.
* @type string $meta_compare Comparison operator to test the 'meta_value'.
* @type string $meta_compare_key Comparison operator to test the 'meta_key'.
* @type string $meta_key Custom field key.
* @type array $meta_query An associative array of WP_Meta_Query arguments. See WP_Meta_Query.
* @type string $meta_value Custom field value.
* @type int $meta_value_num Custom field value number.
* @type int $menu_order The menu order of the posts.
* @type int $monthnum The two-digit month. Default empty. Accepts numbers 1-12.
* @type string $name Post slug.
* @type bool $nopaging Show all posts (true) or paginate (false). Default false.
* @type bool $no_found_rows Whether to skip counting the total rows found. Enabling can improve
* performance. Default false.
* @type int $offset The number of posts to offset before retrieval.
* @type string $order Designates ascending or descending order of posts. Default 'DESC'.
* Accepts 'ASC', 'DESC'.
* @type string|array $orderby Sort retrieved posts by parameter. One or more options may be
* passed. To use 'meta_value', or 'meta_value_num',
* 'meta_key=keyname' must be also be defined. To sort by a
* specific `$meta_query` clause, use that clause's array key.
* Accepts 'none', 'name', 'author', 'date', 'title',
* 'modified', 'menu_order', 'parent', 'ID', 'rand',
* 'relevance', 'RAND(x)' (where 'x' is an integer seed value),
* 'comment_count', 'meta_value', 'meta_value_num', 'post__in',
* 'post_name__in', 'post_parent__in', and the array keys
* of `$meta_query`. Default is 'date', except when a search
* is being performed, when the default is 'relevance'.
*
* @type int $p Post ID.
* @type int $page Show the number of posts that would show up on page X of a
* static front page.
* @type int $paged The number of the current page.
* @type int $page_id Page ID.
* @type string $pagename Page slug.
* @type string $perm Show posts if user has the appropriate capability.
* @type string $ping_status Ping status.
* @type array $post__in An array of post IDs to retrieve, sticky posts will be included
* @type string $post_mime_type The mime type of the post. Used for 'attachment' post_type.
* @type array $post__not_in An array of post IDs not to retrieve. Note: a string of comma-
* separated IDs will NOT work.
* @type int $post_parent Page ID to retrieve child pages for. Use 0 to only retrieve
* top-level pages.
* @type array $post_parent__in An array containing parent page IDs to query child pages from.
* @type array $post_parent__not_in An array containing parent page IDs not to query child pages from.
* @type string|array $post_type A post type slug (string) or array of post type slugs.
* Default 'any' if using 'tax_query'.
* @type string|array $post_status A post status (string) or array of post statuses.
* @type int $posts_per_page The number of posts to query for. Use -1 to request all posts.
* @type int $posts_per_archive_page The number of posts to query for by archive page. Overrides
* 'posts_per_page' when is_archive(), or is_search() are true.
* @type array $post_name__in An array of post slugs that results must match.
* @type string $s Search keyword(s). Prepending a term with a hyphen will
* exclude posts matching that term. Eg, 'pillow -sofa' will
* return posts containing 'pillow' but not 'sofa'. The
* character used for exclusion can be modified using the
* the 'wp_query_search_exclusion_prefix' filter.
* @type int $second Second of the minute. Default empty. Accepts numbers 0-60.
* @type bool $sentence Whether to search by phrase. Default false.
* @type bool $suppress_filters Whether to suppress filters. Default false.
* @type string $tag Tag slug. Comma-separated (either), Plus-separated (all).
* @type array $tag__and An array of tag ids (AND in).
* @type array $tag__in An array of tag ids (OR in).
* @type array $tag__not_in An array of tag ids (NOT in).
* @type int $tag_id Tag id or comma-separated list of IDs.
* @type array $tag_slug__and An array of tag slugs (AND in).
* @type array $tag_slug__in An array of tag slugs (OR in). unless 'ignore_sticky_posts' is
* true. Note: a string of comma-separated IDs will NOT work.
* @type array $tax_query An associative array of WP_Tax_Query arguments.
* See WP_Tax_Query->queries.
* @type string $title Post title.
* @type bool $update_post_meta_cache Whether to update the post meta cache. Default true.
* @type bool $update_post_term_cache Whether to update the post term cache. Default true.
* @type bool $lazy_load_term_meta Whether to lazy-load term meta. Setting to false will
* disable cache priming for term meta, so that each
* get_term_meta() call will hit the database.
* Defaults to the value of `$update_post_term_cache`.
* @type int $w The week number of the year. Default empty. Accepts numbers 0-53.
* @type int $year The four-digit year. Default empty. Accepts any four-digit year.
* }
*/
public function parse_query( $query = '' ) {
if ( ! empty( $query ) ) {
$this->init();
$this->query = $this->query_vars = wp_parse_args( $query );
} elseif ( ! isset( $this->query ) ) {
$this->query = $this->query_vars;
}
$this->query_vars = $this->fill_query_vars( $this->query_vars );
$qv = &$this->query_vars;
$this->query_vars_changed = true;
if ( ! empty( $qv['robots'] ) ) {
$this->is_robots = true;
}
if ( ! is_scalar( $qv['p'] ) || $qv['p'] < 0 ) {
$qv['p'] = 0;
$qv['error'] = '404';
} else {
$qv['p'] = intval( $qv['p'] );
}
$qv['page_id'] = absint( $qv['page_id'] );
$qv['year'] = absint( $qv['year'] );
$qv['monthnum'] = absint( $qv['monthnum'] );
$qv['day'] = absint( $qv['day'] );
$qv['w'] = absint( $qv['w'] );
$qv['m'] = is_scalar( $qv['m'] ) ? preg_replace( '|[^0-9]|', '', $qv['m'] ) : '';
$qv['paged'] = absint( $qv['paged'] );
$qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // comma separated list of positive or negative integers
$qv['author'] = preg_replace( '|[^0-9,-]|', '', $qv['author'] ); // comma separated list of positive or negative integers
$qv['pagename'] = trim( $qv['pagename'] );
$qv['name'] = trim( $qv['name'] );
$qv['title'] = trim( $qv['title'] );
if ( '' !== $qv['hour'] ) {
$qv['hour'] = absint( $qv['hour'] );
}
if ( '' !== $qv['minute'] ) {
$qv['minute'] = absint( $qv['minute'] );
}
if ( '' !== $qv['second'] ) {
$qv['second'] = absint( $qv['second'] );
}
if ( '' !== $qv['menu_order'] ) {
$qv['menu_order'] = absint( $qv['menu_order'] );
}
// Fairly insane upper bound for search string lengths.
if ( ! is_scalar( $qv['s'] ) || ( ! empty( $qv['s'] ) && strlen( $qv['s'] ) > 1600 ) ) {
$qv['s'] = '';
}
// Compat. Map subpost to attachment.
if ( '' != $qv['subpost'] ) {
$qv['attachment'] = $qv['subpost'];
}
if ( '' != $qv['subpost_id'] ) {
$qv['attachment_id'] = $qv['subpost_id'];
}
$qv['attachment_id'] = absint( $qv['attachment_id'] );
if ( ( '' != $qv['attachment'] ) || ! empty( $qv['attachment_id'] ) ) {
$this->is_single = true;
$this->is_attachment = true;
} elseif ( '' != $qv['name'] ) {
$this->is_single = true;
} elseif ( $qv['p'] ) {
$this->is_single = true;
} elseif ( '' != $qv['pagename'] || ! empty( $qv['page_id'] ) ) {
$this->is_page = true;
$this->is_single = false;
} else {
// Look for archive queries. Dates, categories, authors, search, post type archives.
if ( isset( $this->query['s'] ) ) {
$this->is_search = true;
}
if ( '' !== $qv['second'] ) {
$this->is_time = true;
$this->is_date = true;
}
if ( '' !== $qv['minute'] ) {
$this->is_time = true;
$this->is_date = true;
}
if ( '' !== $qv['hour'] ) {
$this->is_time = true;
$this->is_date = true;
}
if ( $qv['day'] ) {
if ( ! $this->is_date ) {
$date = sprintf( '%04d-%02d-%02d', $qv['year'], $qv['monthnum'], $qv['day'] );
if ( $qv['monthnum'] && $qv['year'] && ! wp_checkdate( $qv['monthnum'], $qv['day'], $qv['year'], $date ) ) {
$qv['error'] = '404';
} else {
$this->is_day = true;
$this->is_date = true;
}
}
}
if ( $qv['monthnum'] ) {
if ( ! $this->is_date ) {
if ( 12 < $qv['monthnum'] ) {
$qv['error'] = '404';
} else {
$this->is_month = true;
$this->is_date = true;
}
}
}
if ( $qv['year'] ) {
if ( ! $this->is_date ) {
$this->is_year = true;
$this->is_date = true;
}
}
if ( $qv['m'] ) {
$this->is_date = true;
if ( strlen( $qv['m'] ) > 9 ) {
$this->is_time = true;
} elseif ( strlen( $qv['m'] ) > 7 ) {
$this->is_day = true;
} elseif ( strlen( $qv['m'] ) > 5 ) {
$this->is_month = true;
} else {
$this->is_year = true;
}
}
if ( '' != $qv['w'] ) {
$this->is_date = true;
}
$this->query_vars_hash = false;
$this->parse_tax_query( $qv );
foreach ( $this->tax_query->queries as $tax_query ) {
if ( ! is_array( $tax_query ) ) {
continue;
}
if ( isset( $tax_query['operator'] ) && 'NOT IN' != $tax_query['operator'] ) {
switch ( $tax_query['taxonomy'] ) {
case 'category':
$this->is_category = true;
break;
case 'post_tag':
$this->is_tag = true;
break;
default:
$this->is_tax = true;
}
}
}
unset( $tax_query );
if ( empty( $qv['author'] ) || ( $qv['author'] == '0' ) ) {
$this->is_author = false;
} else {
$this->is_author = true;
}
if ( '' != $qv['author_name'] ) {
$this->is_author = true;
}
if ( ! empty( $qv['post_type'] ) && ! is_array( $qv['post_type'] ) ) {
$post_type_obj = get_post_type_object( $qv['post_type'] );
if ( ! empty( $post_type_obj->has_archive ) ) {
$this->is_post_type_archive = true;
}
}
if ( $this->is_post_type_archive || $this->is_date || $this->is_author || $this->is_category || $this->is_tag || $this->is_tax ) {
$this->is_archive = true;
}
}
if ( '' != $qv['feed'] ) {
$this->is_feed = true;
}
if ( '' != $qv['embed'] ) {
$this->is_embed = true;
}
if ( '' != $qv['tb'] ) {
$this->is_trackback = true;
}
if ( '' != $qv['paged'] && ( intval( $qv['paged'] ) > 1 ) ) {
$this->is_paged = true;
}
// if we're previewing inside the write screen
if ( '' != $qv['preview'] ) {
$this->is_preview = true;
}
if ( is_admin() ) {
$this->is_admin = true;
}
if ( false !== strpos( $qv['feed'], 'comments-' ) ) {
$qv['feed'] = str_replace( 'comments-', '', $qv['feed'] );
$qv['withcomments'] = 1;
}
$this->is_singular = $this->is_single || $this->is_page || $this->is_attachment;
if ( $this->is_feed && ( ! empty( $qv['withcomments'] ) || ( empty( $qv['withoutcomments'] ) && $this->is_singular ) ) ) {
$this->is_comment_feed = true;
}
if ( ! ( $this->is_singular || $this->is_archive || $this->is_search || $this->is_feed || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) || $this->is_trackback || $this->is_404 || $this->is_admin || $this->is_robots ) ) {
$this->is_home = true;
}
// Correct is_* for page_on_front and page_for_posts
if ( $this->is_home && 'page' == get_option( 'show_on_front' ) && get_option( 'page_on_front' ) ) {
$_query = wp_parse_args( $this->query );
// pagename can be set and empty depending on matched rewrite rules. Ignore an empty pagename.
if ( isset( $_query['pagename'] ) && '' == $_query['pagename'] ) {
unset( $_query['pagename'] );
}
unset( $_query['embed'] );
if ( empty( $_query ) || ! array_diff( array_keys( $_query ), array( 'preview', 'page', 'paged', 'cpage' ) ) ) {
$this->is_page = true;
$this->is_home = false;
$qv['page_id'] = get_option( 'page_on_front' );
// Correct for page_on_front
if ( ! empty( $qv['paged'] ) ) {
$qv['page'] = $qv['paged'];
unset( $qv['paged'] );
}
}
}
if ( '' != $qv['pagename'] ) {
$this->queried_object = get_page_by_path( $qv['pagename'] );
if ( $this->queried_object && 'attachment' == $this->queried_object->post_type ) {
if ( preg_match( '/^[^%]*%(?:postname)%/', get_option( 'permalink_structure' ) ) ) {
// See if we also have a post with the same slug
$post = get_page_by_path( $qv['pagename'], OBJECT, 'post' );
if ( $post ) {
$this->queried_object = $post;
$this->is_page = false;
$this->is_single = true;
}
}
}
if ( ! empty( $this->queried_object ) ) {
$this->queried_object_id = (int) $this->queried_object->ID;
} else {
unset( $this->queried_object );
}
if ( 'page' == get_option( 'show_on_front' ) && isset( $this->queried_object_id ) && $this->queried_object_id == get_option( 'page_for_posts' ) ) {
$this->is_page = false;
$this->is_home = true;
$this->is_posts_page = true;
}
if ( isset( $this->queried_object_id ) && $this->queried_object_id == get_option( 'wp_page_for_privacy_policy' ) ) {
$this->is_privacy_policy = true;
}
}
if ( $qv['page_id'] ) {
if ( 'page' == get_option( 'show_on_front' ) && $qv['page_id'] == get_option( 'page_for_posts' ) ) {
$this->is_page = false;
$this->is_home = true;
$this->is_posts_page = true;
}
if ( $qv['page_id'] == get_option( 'wp_page_for_privacy_policy' ) ) {
$this->is_privacy_policy = true;
}
}
if ( ! empty( $qv['post_type'] ) ) {
if ( is_array( $qv['post_type'] ) ) {
$qv['post_type'] = array_map( 'sanitize_key', $qv['post_type'] );
} else {
$qv['post_type'] = sanitize_key( $qv['post_type'] );
}
}
if ( ! empty( $qv['post_status'] ) ) {
if ( is_array( $qv['post_status'] ) ) {
$qv['post_status'] = array_map( 'sanitize_key', $qv['post_status'] );
} else {
$qv['post_status'] = preg_replace( '|[^a-z0-9_,-]|', '', $qv['post_status'] );
}
}
if ( $this->is_posts_page && ( ! isset( $qv['withcomments'] ) || ! $qv['withcomments'] ) ) {
$this->is_comment_feed = false;
}
$this->is_singular = $this->is_single || $this->is_page || $this->is_attachment;
// Done correcting is_* for page_on_front and page_for_posts
if ( '404' == $qv['error'] ) {
$this->set_404();
}
$this->is_embed = $this->is_embed && ( $this->is_singular || $this->is_404 );
$this->query_vars_hash = md5( serialize( $this->query_vars ) );
$this->query_vars_changed = false;
/**
* Fires after the main query vars have been parsed.
*
* @since 1.5.0
*
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
do_action_ref_array( 'parse_query', array( &$this ) );
}
/**
* Parses various taxonomy related query vars.
*
* For BC, this method is not marked as protected. See [28987].
*
* @since 3.1.0
*
* @param array $q The query variables. Passed by reference.
*/
public function parse_tax_query( &$q ) {
if ( ! empty( $q['tax_query'] ) && is_array( $q['tax_query'] ) ) {
$tax_query = $q['tax_query'];
} else {
$tax_query = array();
}
if ( ! empty( $q['taxonomy'] ) && ! empty( $q['term'] ) ) {
$tax_query[] = array(
'taxonomy' => $q['taxonomy'],
'terms' => array( $q['term'] ),
'field' => 'slug',
);
}
foreach ( get_taxonomies( array(), 'objects' ) as $taxonomy => $t ) {
if ( 'post_tag' == $taxonomy ) {
continue; // Handled further down in the $q['tag'] block
}
if ( $t->query_var && ! empty( $q[ $t->query_var ] ) ) {
$tax_query_defaults = array(
'taxonomy' => $taxonomy,
'field' => 'slug',
);
if ( isset( $t->rewrite['hierarchical'] ) && $t->rewrite['hierarchical'] ) {
$q[ $t->query_var ] = wp_basename( $q[ $t->query_var ] );
}
$term = $q[ $t->query_var ];
if ( is_array( $term ) ) {
$term = implode( ',', $term );
}
if ( strpos( $term, '+' ) !== false ) {
$terms = preg_split( '/[+]+/', $term );
foreach ( $terms as $term ) {
$tax_query[] = array_merge(
$tax_query_defaults,
array(
'terms' => array( $term ),
)
);
}
} else {
$tax_query[] = array_merge(
$tax_query_defaults,
array(
'terms' => preg_split( '/[,]+/', $term ),
)
);
}
}
}
// If querystring 'cat' is an array, implode it.
if ( is_array( $q['cat'] ) ) {
$q['cat'] = implode( ',', $q['cat'] );
}
// Category stuff
if ( ! empty( $q['cat'] ) && ! $this->is_singular ) {
$cat_in = $cat_not_in = array();
$cat_array = preg_split( '/[,\s]+/', urldecode( $q['cat'] ) );
$cat_array = array_map( 'intval', $cat_array );
$q['cat'] = implode( ',', $cat_array );
foreach ( $cat_array as $cat ) {
if ( $cat > 0 ) {
$cat_in[] = $cat;
} elseif ( $cat < 0 ) {
$cat_not_in[] = abs( $cat );
}
}
if ( ! empty( $cat_in ) ) {
$tax_query[] = array(
'taxonomy' => 'category',
'terms' => $cat_in,
'field' => 'term_id',
'include_children' => true,
);
}
if ( ! empty( $cat_not_in ) ) {
$tax_query[] = array(
'taxonomy' => 'category',
'terms' => $cat_not_in,
'field' => 'term_id',
'operator' => 'NOT IN',
'include_children' => true,
);
}
unset( $cat_array, $cat_in, $cat_not_in );
}
if ( ! empty( $q['category__and'] ) && 1 === count( (array) $q['category__and'] ) ) {
$q['category__and'] = (array) $q['category__and'];
if ( ! isset( $q['category__in'] ) ) {
$q['category__in'] = array();
}
$q['category__in'][] = absint( reset( $q['category__and'] ) );
unset( $q['category__and'] );
}
if ( ! empty( $q['category__in'] ) ) {
$q['category__in'] = array_map( 'absint', array_unique( (array) $q['category__in'] ) );
$tax_query[] = array(
'taxonomy' => 'category',
'terms' => $q['category__in'],
'field' => 'term_id',
'include_children' => false,
);
}
if ( ! empty( $q['category__not_in'] ) ) {
$q['category__not_in'] = array_map( 'absint', array_unique( (array) $q['category__not_in'] ) );
$tax_query[] = array(
'taxonomy' => 'category',
'terms' => $q['category__not_in'],
'operator' => 'NOT IN',
'include_children' => false,
);
}
if ( ! empty( $q['category__and'] ) ) {
$q['category__and'] = array_map( 'absint', array_unique( (array) $q['category__and'] ) );
$tax_query[] = array(
'taxonomy' => 'category',
'terms' => $q['category__and'],
'field' => 'term_id',
'operator' => 'AND',
'include_children' => false,
);
}
// If querystring 'tag' is array, implode it.
if ( is_array( $q['tag'] ) ) {
$q['tag'] = implode( ',', $q['tag'] );
}
// Tag stuff
if ( '' != $q['tag'] && ! $this->is_singular && $this->query_vars_changed ) {
if ( strpos( $q['tag'], ',' ) !== false ) {
$tags = preg_split( '/[,\r\n\t ]+/', $q['tag'] );
foreach ( (array) $tags as $tag ) {
$tag = sanitize_term_field( 'slug', $tag, 0, 'post_tag', 'db' );
$q['tag_slug__in'][] = $tag;
}
} elseif ( preg_match( '/[+\r\n\t ]+/', $q['tag'] ) || ! empty( $q['cat'] ) ) {
$tags = preg_split( '/[+\r\n\t ]+/', $q['tag'] );
foreach ( (array) $tags as $tag ) {
$tag = sanitize_term_field( 'slug', $tag, 0, 'post_tag', 'db' );
$q['tag_slug__and'][] = $tag;
}
} else {
$q['tag'] = sanitize_term_field( 'slug', $q['tag'], 0, 'post_tag', 'db' );
$q['tag_slug__in'][] = $q['tag'];
}
}
if ( ! empty( $q['tag_id'] ) ) {
$q['tag_id'] = absint( $q['tag_id'] );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag_id'],
);
}
if ( ! empty( $q['tag__in'] ) ) {
$q['tag__in'] = array_map( 'absint', array_unique( (array) $q['tag__in'] ) );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag__in'],
);
}
if ( ! empty( $q['tag__not_in'] ) ) {
$q['tag__not_in'] = array_map( 'absint', array_unique( (array) $q['tag__not_in'] ) );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag__not_in'],
'operator' => 'NOT IN',
);
}
if ( ! empty( $q['tag__and'] ) ) {
$q['tag__and'] = array_map( 'absint', array_unique( (array) $q['tag__and'] ) );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag__and'],
'operator' => 'AND',
);
}
if ( ! empty( $q['tag_slug__in'] ) ) {
$q['tag_slug__in'] = array_map( 'sanitize_title_for_query', array_unique( (array) $q['tag_slug__in'] ) );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag_slug__in'],
'field' => 'slug',
);
}
if ( ! empty( $q['tag_slug__and'] ) ) {
$q['tag_slug__and'] = array_map( 'sanitize_title_for_query', array_unique( (array) $q['tag_slug__and'] ) );
$tax_query[] = array(
'taxonomy' => 'post_tag',
'terms' => $q['tag_slug__and'],
'field' => 'slug',
'operator' => 'AND',
);
}
$this->tax_query = new WP_Tax_Query( $tax_query );
/**
* Fires after taxonomy-related query vars have been parsed.
*
* @since 3.7.0
*
* @param WP_Query $this The WP_Query instance.
*/
do_action( 'parse_tax_query', $this );
}
/**
* Generates SQL for the WHERE clause based on passed search terms.
*
* @since 3.7.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param array $q Query variables.
* @return string WHERE clause.
*/
protected function parse_search( &$q ) {
global $wpdb;
$search = '';
// added slashes screw with quote grouping when done early, so done later
$q['s'] = stripslashes( $q['s'] );
if ( empty( $_GET['s'] ) && $this->is_main_query() ) {
$q['s'] = urldecode( $q['s'] );
}
// there are no line breaks in fields
$q['s'] = str_replace( array( "\r", "\n" ), '', $q['s'] );
$q['search_terms_count'] = 1;
if ( ! empty( $q['sentence'] ) ) {
$q['search_terms'] = array( $q['s'] );
} else {
if ( preg_match_all( '/".*?("|$)|((?<=[\t ",+])|^)[^\t ",+]+/', $q['s'], $matches ) ) {
$q['search_terms_count'] = count( $matches[0] );
$q['search_terms'] = $this->parse_search_terms( $matches[0] );
// if the search string has only short terms or stopwords, or is 10+ terms long, match it as sentence
if ( empty( $q['search_terms'] ) || count( $q['search_terms'] ) > 9 ) {
$q['search_terms'] = array( $q['s'] );
}
} else {
$q['search_terms'] = array( $q['s'] );
}
}
$n = ! empty( $q['exact'] ) ? '' : '%';
$searchand = '';
$q['search_orderby_title'] = array();
/**
* Filters the prefix that indicates that a search term should be excluded from results.
*
* @since 4.7.0
*
* @param string $exclusion_prefix The prefix. Default '-'. Returning
* an empty value disables exclusions.
*/
$exclusion_prefix = apply_filters( 'wp_query_search_exclusion_prefix', '-' );
foreach ( $q['search_terms'] as $term ) {
// If there is an $exclusion_prefix, terms prefixed with it should be excluded.
$exclude = $exclusion_prefix && ( $exclusion_prefix === substr( $term, 0, 1 ) );
if ( $exclude ) {
$like_op = 'NOT LIKE';
$andor_op = 'AND';
$term = substr( $term, 1 );
} else {
$like_op = 'LIKE';
$andor_op = 'OR';
}
if ( $n && ! $exclude ) {
$like = '%' . $wpdb->esc_like( $term ) . '%';
$q['search_orderby_title'][] = $wpdb->prepare( "{$wpdb->posts}.post_title LIKE %s", $like );
}
$like = $n . $wpdb->esc_like( $term ) . $n;
if ( ! empty( $this->allow_query_attachment_by_filename ) ) {
$search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s) $andor_op (sq1.meta_value $like_op %s))", $like, $like, $like, $like );
} else {
$search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like );
}
$searchand = ' AND ';
}
if ( ! empty( $search ) ) {
$search = " AND ({$search}) ";
if ( ! is_user_logged_in() ) {
$search .= " AND ({$wpdb->posts}.post_password = '') ";
}
}
return $search;
}
/**
* Check if the terms are suitable for searching.
*
* Uses an array of stopwords (terms) that are excluded from the separate
* term matching when searching for posts. The list of English stopwords is
* the approximate search engines list, and is translatable.
*
* @since 3.7.0
*
* @param string[] $terms Array of terms to check.
* @return array Terms that are not stopwords.
*/
protected function parse_search_terms( $terms ) {
$strtolower = function_exists( 'mb_strtolower' ) ? 'mb_strtolower' : 'strtolower';
$checked = array();
$stopwords = $this->get_search_stopwords();
foreach ( $terms as $term ) {
// keep before/after spaces when term is for exact match
if ( preg_match( '/^".+"$/', $term ) ) {
$term = trim( $term, "\"'" );
} else {
$term = trim( $term, "\"' " );
}
// Avoid single A-Z and single dashes.
if ( ! $term || ( 1 === strlen( $term ) && preg_match( '/^[a-z\-]$/i', $term ) ) ) {
continue;
}
if ( in_array( call_user_func( $strtolower, $term ), $stopwords, true ) ) {
continue;
}
$checked[] = $term;
}
return $checked;
}
/**
* Retrieve stopwords used when parsing search terms.
*
* @since 3.7.0
*
* @return array Stopwords.
*/
protected function get_search_stopwords() {
if ( isset( $this->stopwords ) ) {
return $this->stopwords;
}
/* translators: This is a comma-separated list of very common words that should be excluded from a search,
* like a, an, and the. These are usually called "stopwords". You should not simply translate these individual
* words into your language. Instead, look for and provide commonly accepted stopwords in your language.
*/
$words = explode(
',',
_x(
'about,an,are,as,at,be,by,com,for,from,how,in,is,it,of,on,or,that,the,this,to,was,what,when,where,who,will,with,www',
'Comma-separated list of search stopwords in your language'
)
);
$stopwords = array();
foreach ( $words as $word ) {
$word = trim( $word, "\r\n\t " );
if ( $word ) {
$stopwords[] = $word;
}
}
/**
* Filters stopwords used when parsing search terms.
*
* @since 3.7.0
*
* @param string[] $stopwords Array of stopwords.
*/
$this->stopwords = apply_filters( 'wp_search_stopwords', $stopwords );
return $this->stopwords;
}
/**
* Generates SQL for the ORDER BY condition based on passed search terms.
*
* @since 3.7.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param array $q Query variables.
* @return string ORDER BY clause.
*/
protected function parse_search_order( &$q ) {
global $wpdb;
if ( $q['search_terms_count'] > 1 ) {
$num_terms = count( $q['search_orderby_title'] );
// If the search terms contain negative queries, don't bother ordering by sentence matches.
$like = '';
if ( ! preg_match( '/(?:\s|^)\-/', $q['s'] ) ) {
$like = '%' . $wpdb->esc_like( $q['s'] ) . '%';
}
$search_orderby = '';
// sentence match in 'post_title'
if ( $like ) {
$search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_title LIKE %s THEN 1 ", $like );
}
// sanity limit, sort as sentence when more than 6 terms
// (few searches are longer than 6 terms and most titles are not)
if ( $num_terms < 7 ) {
// all words in title
$search_orderby .= 'WHEN ' . implode( ' AND ', $q['search_orderby_title'] ) . ' THEN 2 ';
// any word in title, not needed when $num_terms == 1
if ( $num_terms > 1 ) {
$search_orderby .= 'WHEN ' . implode( ' OR ', $q['search_orderby_title'] ) . ' THEN 3 ';
}
}
// Sentence match in 'post_content' and 'post_excerpt'.
if ( $like ) {
$search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_excerpt LIKE %s THEN 4 ", $like );
$search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_content LIKE %s THEN 5 ", $like );
}
if ( $search_orderby ) {
$search_orderby = '(CASE ' . $search_orderby . 'ELSE 6 END)';
}
} else {
// single word or sentence search
$search_orderby = reset( $q['search_orderby_title'] ) . ' DESC';
}
return $search_orderby;
}
/**
* Converts the given orderby alias (if allowed) to a properly-prefixed value.
*
* @since 4.0.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param string $orderby Alias for the field to order by.
* @return string|false Table-prefixed value to used in the ORDER clause. False otherwise.
*/
protected function parse_orderby( $orderby ) {
global $wpdb;
// Used to filter values.
$allowed_keys = array(
'post_name',
'post_author',
'post_date',
'post_title',
'post_modified',
'post_parent',
'post_type',
'name',
'author',
'date',
'title',
'modified',
'parent',
'type',
'ID',
'menu_order',
'comment_count',
'rand',
'post__in',
'post_parent__in',
'post_name__in',
);
$primary_meta_key = '';
$primary_meta_query = false;
$meta_clauses = $this->meta_query->get_clauses();
if ( ! empty( $meta_clauses ) ) {
$primary_meta_query = reset( $meta_clauses );
if ( ! empty( $primary_meta_query['key'] ) ) {
$primary_meta_key = $primary_meta_query['key'];
$allowed_keys[] = $primary_meta_key;
}
$allowed_keys[] = 'meta_value';
$allowed_keys[] = 'meta_value_num';
$allowed_keys = array_merge( $allowed_keys, array_keys( $meta_clauses ) );
}
// If RAND() contains a seed value, sanitize and add to allowed keys.
$rand_with_seed = false;
if ( preg_match( '/RAND\(([0-9]+)\)/i', $orderby, $matches ) ) {
$orderby = sprintf( 'RAND(%s)', intval( $matches[1] ) );
$allowed_keys[] = $orderby;
$rand_with_seed = true;
}
if ( ! in_array( $orderby, $allowed_keys, true ) ) {
return false;
}
$orderby_clause = '';
switch ( $orderby ) {
case 'post_name':
case 'post_author':
case 'post_date':
case 'post_title':
case 'post_modified':
case 'post_parent':
case 'post_type':
case 'ID':
case 'menu_order':
case 'comment_count':
$orderby_clause = "{$wpdb->posts}.{$orderby}";
break;
case 'rand':
$orderby_clause = 'RAND()';
break;
case $primary_meta_key:
case 'meta_value':
if ( ! empty( $primary_meta_query['type'] ) ) {
$orderby_clause = "CAST({$primary_meta_query['alias']}.meta_value AS {$primary_meta_query['cast']})";
} else {
$orderby_clause = "{$primary_meta_query['alias']}.meta_value";
}
break;
case 'meta_value_num':
$orderby_clause = "{$primary_meta_query['alias']}.meta_value+0";
break;
case 'post__in':
if ( ! empty( $this->query_vars['post__in'] ) ) {
$orderby_clause = "FIELD({$wpdb->posts}.ID," . implode( ',', array_map( 'absint', $this->query_vars['post__in'] ) ) . ')';
}
break;
case 'post_parent__in':
if ( ! empty( $this->query_vars['post_parent__in'] ) ) {
$orderby_clause = "FIELD( {$wpdb->posts}.post_parent," . implode( ', ', array_map( 'absint', $this->query_vars['post_parent__in'] ) ) . ' )';
}
break;
case 'post_name__in':
if ( ! empty( $this->query_vars['post_name__in'] ) ) {
$post_name__in = array_map( 'sanitize_title_for_query', $this->query_vars['post_name__in'] );
$post_name__in_string = "'" . implode( "','", $post_name__in ) . "'";
$orderby_clause = "FIELD( {$wpdb->posts}.post_name," . $post_name__in_string . ' )';
}
break;
default:
if ( array_key_exists( $orderby, $meta_clauses ) ) {
// $orderby corresponds to a meta_query clause.
$meta_clause = $meta_clauses[ $orderby ];
$orderby_clause = "CAST({$meta_clause['alias']}.meta_value AS {$meta_clause['cast']})";
} elseif ( $rand_with_seed ) {
$orderby_clause = $orderby;
} else {
// Default: order by post field.
$orderby_clause = "{$wpdb->posts}.post_" . sanitize_key( $orderby );
}
break;
}
return $orderby_clause;
}
/**
* Parse an 'order' query variable and cast it to ASC or DESC as necessary.
*
* @since 4.0.0
*
* @param string $order The 'order' query variable.
* @return string The sanitized 'order' query variable.
*/
protected function parse_order( $order ) {
if ( ! is_string( $order ) || empty( $order ) ) {
return 'DESC';
}
if ( 'ASC' === strtoupper( $order ) ) {
return 'ASC';
} else {
return 'DESC';
}
}
/**
* Sets the 404 property and saves whether query is feed.
*
* @since 2.0.0
*/
public function set_404() {
$is_feed = $this->is_feed;
$this->init_query_flags();
$this->is_404 = true;
$this->is_feed = $is_feed;
}
/**
* Retrieve query variable.
*
* @since 1.5.0
* @since 3.9.0 The `$default` argument was introduced.
*
* @param string $query_var Query variable key.
* @param mixed $default Optional. Value to return if the query variable is not set. Default empty.
* @return mixed Contents of the query variable.
*/
public function get( $query_var, $default = '' ) {
if ( isset( $this->query_vars[ $query_var ] ) ) {
return $this->query_vars[ $query_var ];
}
return $default;
}
/**
* Set query variable.
*
* @since 1.5.0
*
* @param string $query_var Query variable key.
* @param mixed $value Query variable value.
*/
public function set( $query_var, $value ) {
$this->query_vars[ $query_var ] = $value;
}
/**
* Retrieves an array of posts based on query variables.
*
* There are a few filters and actions that can be used to modify the post
* database query.
*
* @since 1.5.0
*
* @return WP_Post[]|int[] Array of post objects or post IDs.
*/
public function get_posts() {
global $wpdb;
$this->parse_query();
/**
* Fires after the query variable object is created, but before the actual query is run.
*
* Note: If using conditional tags, use the method versions within the passed instance
* (e.g. $this->is_main_query() instead of is_main_query()). This is because the functions
* like is_main_query() test against the global $wp_query instance, not the passed one.
*
* @since 2.0.0
*
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
do_action_ref_array( 'pre_get_posts', array( &$this ) );
// Shorthand.
$q = &$this->query_vars;
// Fill again in case pre_get_posts unset some vars.
$q = $this->fill_query_vars( $q );
/**
* Filters whether an attachment query should include filenames or not.
*
* @since 6.0.3
*
* @param bool $allow_query_attachment_by_filename Whether or not to include filenames.
*/
$this->allow_query_attachment_by_filename = apply_filters( 'wp_allow_query_attachment_by_filename', false );
remove_all_filters( 'wp_allow_query_attachment_by_filename' );
// Parse meta query
$this->meta_query = new WP_Meta_Query();
$this->meta_query->parse_query_vars( $q );
// Set a flag if a pre_get_posts hook changed the query vars.
$hash = md5( serialize( $this->query_vars ) );
if ( $hash != $this->query_vars_hash ) {
$this->query_vars_changed = true;
$this->query_vars_hash = $hash;
}
unset( $hash );
// First let's clear some variables
$distinct = '';
$whichauthor = '';
$whichmimetype = '';
$where = '';
$limits = '';
$join = '';
$search = '';
$groupby = '';
$post_status_join = false;
$page = 1;
if ( isset( $q['caller_get_posts'] ) ) {
_deprecated_argument(
'WP_Query',
'3.1.0',
/* translators: 1: caller_get_posts, 2: ignore_sticky_posts */
sprintf(
__( '%1$s is deprecated. Use %2$s instead.' ),
'caller_get_posts
',
'ignore_sticky_posts
'
)
);
if ( ! isset( $q['ignore_sticky_posts'] ) ) {
$q['ignore_sticky_posts'] = $q['caller_get_posts'];
}
}
if ( ! isset( $q['ignore_sticky_posts'] ) ) {
$q['ignore_sticky_posts'] = false;
}
if ( ! isset( $q['suppress_filters'] ) ) {
$q['suppress_filters'] = false;
}
if ( ! isset( $q['cache_results'] ) ) {
if ( wp_using_ext_object_cache() ) {
$q['cache_results'] = false;
} else {
$q['cache_results'] = true;
}
}
if ( ! isset( $q['update_post_term_cache'] ) ) {
$q['update_post_term_cache'] = true;
}
if ( ! isset( $q['lazy_load_term_meta'] ) ) {
$q['lazy_load_term_meta'] = $q['update_post_term_cache'];
}
if ( ! isset( $q['update_post_meta_cache'] ) ) {
$q['update_post_meta_cache'] = true;
}
if ( ! isset( $q['post_type'] ) ) {
if ( $this->is_search ) {
$q['post_type'] = 'any';
} else {
$q['post_type'] = '';
}
}
$post_type = $q['post_type'];
if ( empty( $q['posts_per_page'] ) ) {
$q['posts_per_page'] = get_option( 'posts_per_page' );
}
if ( isset( $q['showposts'] ) && $q['showposts'] ) {
$q['showposts'] = (int) $q['showposts'];
$q['posts_per_page'] = $q['showposts'];
}
if ( ( isset( $q['posts_per_archive_page'] ) && $q['posts_per_archive_page'] != 0 ) && ( $this->is_archive || $this->is_search ) ) {
$q['posts_per_page'] = $q['posts_per_archive_page'];
}
if ( ! isset( $q['nopaging'] ) ) {
if ( $q['posts_per_page'] == -1 ) {
$q['nopaging'] = true;
} else {
$q['nopaging'] = false;
}
}
if ( $this->is_feed ) {
// This overrides posts_per_page.
if ( ! empty( $q['posts_per_rss'] ) ) {
$q['posts_per_page'] = $q['posts_per_rss'];
} else {
$q['posts_per_page'] = get_option( 'posts_per_rss' );
}
$q['nopaging'] = false;
}
$q['posts_per_page'] = (int) $q['posts_per_page'];
if ( $q['posts_per_page'] < -1 ) {
$q['posts_per_page'] = abs( $q['posts_per_page'] );
} elseif ( $q['posts_per_page'] == 0 ) {
$q['posts_per_page'] = 1;
}
if ( ! isset( $q['comments_per_page'] ) || $q['comments_per_page'] == 0 ) {
$q['comments_per_page'] = get_option( 'comments_per_page' );
}
if ( $this->is_home && ( empty( $this->query ) || $q['preview'] == 'true' ) && ( 'page' == get_option( 'show_on_front' ) ) && get_option( 'page_on_front' ) ) {
$this->is_page = true;
$this->is_home = false;
$q['page_id'] = get_option( 'page_on_front' );
}
if ( isset( $q['page'] ) ) {
$q['page'] = trim( $q['page'], '/' );
$q['page'] = absint( $q['page'] );
}
// If true, forcibly turns off SQL_CALC_FOUND_ROWS even when limits are present.
if ( isset( $q['no_found_rows'] ) ) {
$q['no_found_rows'] = (bool) $q['no_found_rows'];
} else {
$q['no_found_rows'] = false;
}
switch ( $q['fields'] ) {
case 'ids':
$fields = "{$wpdb->posts}.ID";
break;
case 'id=>parent':
$fields = "{$wpdb->posts}.ID, {$wpdb->posts}.post_parent";
break;
default:
$fields = "{$wpdb->posts}.*";
}
if ( '' !== $q['menu_order'] ) {
$where .= " AND {$wpdb->posts}.menu_order = " . $q['menu_order'];
}
// The "m" parameter is meant for months but accepts datetimes of varying specificity
if ( $q['m'] ) {
$where .= " AND YEAR({$wpdb->posts}.post_date)=" . substr( $q['m'], 0, 4 );
if ( strlen( $q['m'] ) > 5 ) {
$where .= " AND MONTH({$wpdb->posts}.post_date)=" . substr( $q['m'], 4, 2 );
}
if ( strlen( $q['m'] ) > 7 ) {
$where .= " AND DAYOFMONTH({$wpdb->posts}.post_date)=" . substr( $q['m'], 6, 2 );
}
if ( strlen( $q['m'] ) > 9 ) {
$where .= " AND HOUR({$wpdb->posts}.post_date)=" . substr( $q['m'], 8, 2 );
}
if ( strlen( $q['m'] ) > 11 ) {
$where .= " AND MINUTE({$wpdb->posts}.post_date)=" . substr( $q['m'], 10, 2 );
}
if ( strlen( $q['m'] ) > 13 ) {
$where .= " AND SECOND({$wpdb->posts}.post_date)=" . substr( $q['m'], 12, 2 );
}
}
// Handle the other individual date parameters
$date_parameters = array();
if ( '' !== $q['hour'] ) {
$date_parameters['hour'] = $q['hour'];
}
if ( '' !== $q['minute'] ) {
$date_parameters['minute'] = $q['minute'];
}
if ( '' !== $q['second'] ) {
$date_parameters['second'] = $q['second'];
}
if ( $q['year'] ) {
$date_parameters['year'] = $q['year'];
}
if ( $q['monthnum'] ) {
$date_parameters['monthnum'] = $q['monthnum'];
}
if ( $q['w'] ) {
$date_parameters['week'] = $q['w'];
}
if ( $q['day'] ) {
$date_parameters['day'] = $q['day'];
}
if ( $date_parameters ) {
$date_query = new WP_Date_Query( array( $date_parameters ) );
$where .= $date_query->get_sql();
}
unset( $date_parameters, $date_query );
// Handle complex date queries
if ( ! empty( $q['date_query'] ) ) {
$this->date_query = new WP_Date_Query( $q['date_query'] );
$where .= $this->date_query->get_sql();
}
// If we've got a post_type AND it's not "any" post_type.
if ( ! empty( $q['post_type'] ) && 'any' != $q['post_type'] ) {
foreach ( (array) $q['post_type'] as $_post_type ) {
$ptype_obj = get_post_type_object( $_post_type );
if ( ! $ptype_obj || ! $ptype_obj->query_var || empty( $q[ $ptype_obj->query_var ] ) ) {
continue;
}
if ( ! $ptype_obj->hierarchical ) {
// Non-hierarchical post types can directly use 'name'.
$q['name'] = $q[ $ptype_obj->query_var ];
} else {
// Hierarchical post types will operate through 'pagename'.
$q['pagename'] = $q[ $ptype_obj->query_var ];
$q['name'] = '';
}
// Only one request for a slug is possible, this is why name & pagename are overwritten above.
break;
} //end foreach
unset( $ptype_obj );
}
if ( '' !== $q['title'] ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_title = %s", stripslashes( $q['title'] ) );
}
// Parameters related to 'post_name'.
if ( '' != $q['name'] ) {
$q['name'] = sanitize_title_for_query( $q['name'] );
$where .= " AND {$wpdb->posts}.post_name = '" . $q['name'] . "'";
} elseif ( '' != $q['pagename'] ) {
if ( isset( $this->queried_object_id ) ) {
$reqpage = $this->queried_object_id;
} else {
if ( 'page' != $q['post_type'] ) {
foreach ( (array) $q['post_type'] as $_post_type ) {
$ptype_obj = get_post_type_object( $_post_type );
if ( ! $ptype_obj || ! $ptype_obj->hierarchical ) {
continue;
}
$reqpage = get_page_by_path( $q['pagename'], OBJECT, $_post_type );
if ( $reqpage ) {
break;
}
}
unset( $ptype_obj );
} else {
$reqpage = get_page_by_path( $q['pagename'] );
}
if ( ! empty( $reqpage ) ) {
$reqpage = $reqpage->ID;
} else {
$reqpage = 0;
}
}
$page_for_posts = get_option( 'page_for_posts' );
if ( ( 'page' != get_option( 'show_on_front' ) ) || empty( $page_for_posts ) || ( $reqpage != $page_for_posts ) ) {
$q['pagename'] = sanitize_title_for_query( wp_basename( $q['pagename'] ) );
$q['name'] = $q['pagename'];
$where .= " AND ({$wpdb->posts}.ID = '$reqpage')";
$reqpage_obj = get_post( $reqpage );
if ( is_object( $reqpage_obj ) && 'attachment' == $reqpage_obj->post_type ) {
$this->is_attachment = true;
$post_type = $q['post_type'] = 'attachment';
$this->is_page = true;
$q['attachment_id'] = $reqpage;
}
}
} elseif ( '' != $q['attachment'] ) {
$q['attachment'] = sanitize_title_for_query( wp_basename( $q['attachment'] ) );
$q['name'] = $q['attachment'];
$where .= " AND {$wpdb->posts}.post_name = '" . $q['attachment'] . "'";
} elseif ( is_array( $q['post_name__in'] ) && ! empty( $q['post_name__in'] ) ) {
$q['post_name__in'] = array_map( 'sanitize_title_for_query', $q['post_name__in'] );
$post_name__in = "'" . implode( "','", $q['post_name__in'] ) . "'";
$where .= " AND {$wpdb->posts}.post_name IN ($post_name__in)";
}
// If an attachment is requested by number, let it supersede any post number.
if ( $q['attachment_id'] ) {
$q['p'] = absint( $q['attachment_id'] );
}
// If a post number is specified, load that post
if ( $q['p'] ) {
$where .= " AND {$wpdb->posts}.ID = " . $q['p'];
} elseif ( $q['post__in'] ) {
$post__in = implode( ',', array_map( 'absint', $q['post__in'] ) );
$where .= " AND {$wpdb->posts}.ID IN ($post__in)";
} elseif ( $q['post__not_in'] ) {
$post__not_in = implode( ',', array_map( 'absint', $q['post__not_in'] ) );
$where .= " AND {$wpdb->posts}.ID NOT IN ($post__not_in)";
}
if ( is_numeric( $q['post_parent'] ) ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_parent = %d ", $q['post_parent'] );
} elseif ( $q['post_parent__in'] ) {
$post_parent__in = implode( ',', array_map( 'absint', $q['post_parent__in'] ) );
$where .= " AND {$wpdb->posts}.post_parent IN ($post_parent__in)";
} elseif ( $q['post_parent__not_in'] ) {
$post_parent__not_in = implode( ',', array_map( 'absint', $q['post_parent__not_in'] ) );
$where .= " AND {$wpdb->posts}.post_parent NOT IN ($post_parent__not_in)";
}
if ( $q['page_id'] ) {
if ( ( 'page' != get_option( 'show_on_front' ) ) || ( $q['page_id'] != get_option( 'page_for_posts' ) ) ) {
$q['p'] = $q['page_id'];
$where = " AND {$wpdb->posts}.ID = " . $q['page_id'];
}
}
// If a search pattern is specified, load the posts that match.
if ( strlen( $q['s'] ) ) {
$search = $this->parse_search( $q );
}
if ( ! $q['suppress_filters'] ) {
/**
* Filters the search SQL that is used in the WHERE clause of WP_Query.
*
* @since 3.0.0
*
* @param string $search Search SQL for WHERE clause.
* @param WP_Query $this The current WP_Query object.
*/
$search = apply_filters_ref_array( 'posts_search', array( $search, &$this ) );
}
// Taxonomies
if ( ! $this->is_singular ) {
$this->parse_tax_query( $q );
$clauses = $this->tax_query->get_sql( $wpdb->posts, 'ID' );
$join .= $clauses['join'];
$where .= $clauses['where'];
}
if ( $this->is_tax ) {
if ( empty( $post_type ) ) {
// Do a fully inclusive search for currently registered post types of queried taxonomies
$post_type = array();
$taxonomies = array_keys( $this->tax_query->queried_terms );
foreach ( get_post_types( array( 'exclude_from_search' => false ) ) as $pt ) {
$object_taxonomies = $pt === 'attachment' ? get_taxonomies_for_attachments() : get_object_taxonomies( $pt );
if ( array_intersect( $taxonomies, $object_taxonomies ) ) {
$post_type[] = $pt;
}
}
if ( ! $post_type ) {
$post_type = 'any';
} elseif ( count( $post_type ) == 1 ) {
$post_type = $post_type[0];
}
$post_status_join = true;
} elseif ( in_array( 'attachment', (array) $post_type ) ) {
$post_status_join = true;
}
}
/*
* Ensure that 'taxonomy', 'term', 'term_id', 'cat', and
* 'category_name' vars are set for backward compatibility.
*/
if ( ! empty( $this->tax_query->queried_terms ) ) {
/*
* Set 'taxonomy', 'term', and 'term_id' to the
* first taxonomy other than 'post_tag' or 'category'.
*/
if ( ! isset( $q['taxonomy'] ) ) {
foreach ( $this->tax_query->queried_terms as $queried_taxonomy => $queried_items ) {
if ( empty( $queried_items['terms'][0] ) ) {
continue;
}
if ( ! in_array( $queried_taxonomy, array( 'category', 'post_tag' ) ) ) {
$q['taxonomy'] = $queried_taxonomy;
if ( 'slug' === $queried_items['field'] ) {
$q['term'] = $queried_items['terms'][0];
} else {
$q['term_id'] = $queried_items['terms'][0];
}
// Take the first one we find.
break;
}
}
}
// 'cat', 'category_name', 'tag_id'
foreach ( $this->tax_query->queried_terms as $queried_taxonomy => $queried_items ) {
if ( empty( $queried_items['terms'][0] ) ) {
continue;
}
if ( 'category' === $queried_taxonomy ) {
$the_cat = get_term_by( $queried_items['field'], $queried_items['terms'][0], 'category' );
if ( $the_cat ) {
$this->set( 'cat', $the_cat->term_id );
$this->set( 'category_name', $the_cat->slug );
}
unset( $the_cat );
}
if ( 'post_tag' === $queried_taxonomy ) {
$the_tag = get_term_by( $queried_items['field'], $queried_items['terms'][0], 'post_tag' );
if ( $the_tag ) {
$this->set( 'tag_id', $the_tag->term_id );
}
unset( $the_tag );
}
}
}
if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) || ! empty( $this->allow_query_attachment_by_filename ) ) {
$groupby = "{$wpdb->posts}.ID";
}
// Author/user stuff
if ( ! empty( $q['author'] ) && $q['author'] != '0' ) {
$q['author'] = addslashes_gpc( '' . urldecode( $q['author'] ) );
$authors = array_unique( array_map( 'intval', preg_split( '/[,\s]+/', $q['author'] ) ) );
foreach ( $authors as $author ) {
$key = $author > 0 ? 'author__in' : 'author__not_in';
$q[ $key ][] = abs( $author );
}
$q['author'] = implode( ',', $authors );
}
if ( ! empty( $q['author__not_in'] ) ) {
$author__not_in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__not_in'] ) ) );
$where .= " AND {$wpdb->posts}.post_author NOT IN ($author__not_in) ";
} elseif ( ! empty( $q['author__in'] ) ) {
$author__in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__in'] ) ) );
$where .= " AND {$wpdb->posts}.post_author IN ($author__in) ";
}
// Author stuff for nice URLs
if ( '' != $q['author_name'] ) {
if ( strpos( $q['author_name'], '/' ) !== false ) {
$q['author_name'] = explode( '/', $q['author_name'] );
if ( $q['author_name'][ count( $q['author_name'] ) - 1 ] ) {
$q['author_name'] = $q['author_name'][ count( $q['author_name'] ) - 1 ]; // no trailing slash
} else {
$q['author_name'] = $q['author_name'][ count( $q['author_name'] ) - 2 ]; // there was a trailing slash
}
}
$q['author_name'] = sanitize_title_for_query( $q['author_name'] );
$q['author'] = get_user_by( 'slug', $q['author_name'] );
if ( $q['author'] ) {
$q['author'] = $q['author']->ID;
}
$whichauthor .= " AND ({$wpdb->posts}.post_author = " . absint( $q['author'] ) . ')';
}
// Matching by comment count.
if ( isset( $q['comment_count'] ) ) {
// Numeric comment count is converted to array format.
if ( is_numeric( $q['comment_count'] ) ) {
$q['comment_count'] = array(
'value' => intval( $q['comment_count'] ),
);
}
if ( isset( $q['comment_count']['value'] ) ) {
$q['comment_count'] = array_merge(
array(
'compare' => '=',
),
$q['comment_count']
);
// Fallback for invalid compare operators is '='.
$compare_operators = array( '=', '!=', '>', '>=', '<', '<=' );
if ( ! in_array( $q['comment_count']['compare'], $compare_operators, true ) ) {
$q['comment_count']['compare'] = '=';
}
$where .= $wpdb->prepare( " AND {$wpdb->posts}.comment_count {$q['comment_count']['compare']} %d", $q['comment_count']['value'] );
}
}
// MIME-Type stuff for attachment browsing
if ( isset( $q['post_mime_type'] ) && '' != $q['post_mime_type'] ) {
$whichmimetype = wp_post_mime_type_where( $q['post_mime_type'], $wpdb->posts );
}
$where .= $search . $whichauthor . $whichmimetype;
if ( ! empty( $this->allow_query_attachment_by_filename ) ) {
$join .= " LEFT JOIN {$wpdb->postmeta} AS sq1 ON ( {$wpdb->posts}.ID = sq1.post_id AND sq1.meta_key = '_wp_attached_file' )";
}
if ( ! empty( $this->meta_query->queries ) ) {
$clauses = $this->meta_query->get_sql( 'post', $wpdb->posts, 'ID', $this );
$join .= $clauses['join'];
$where .= $clauses['where'];
}
$rand = ( isset( $q['orderby'] ) && 'rand' === $q['orderby'] );
if ( ! isset( $q['order'] ) ) {
$q['order'] = $rand ? '' : 'DESC';
} else {
$q['order'] = $rand ? '' : $this->parse_order( $q['order'] );
}
// These values of orderby should ignore the 'order' parameter.
$force_asc = array( 'post__in', 'post_name__in', 'post_parent__in' );
if ( isset( $q['orderby'] ) && in_array( $q['orderby'], $force_asc, true ) ) {
$q['order'] = '';
}
// Order by.
if ( empty( $q['orderby'] ) ) {
/*
* Boolean false or empty array blanks out ORDER BY,
* while leaving the value unset or otherwise empty sets the default.
*/
if ( isset( $q['orderby'] ) && ( is_array( $q['orderby'] ) || false === $q['orderby'] ) ) {
$orderby = '';
} else {
$orderby = "{$wpdb->posts}.post_date " . $q['order'];
}
} elseif ( 'none' == $q['orderby'] ) {
$orderby = '';
} else {
$orderby_array = array();
if ( is_array( $q['orderby'] ) ) {
foreach ( $q['orderby'] as $_orderby => $order ) {
$orderby = addslashes_gpc( urldecode( $_orderby ) );
$parsed = $this->parse_orderby( $orderby );
if ( ! $parsed ) {
continue;
}
$orderby_array[] = $parsed . ' ' . $this->parse_order( $order );
}
$orderby = implode( ', ', $orderby_array );
} else {
$q['orderby'] = urldecode( $q['orderby'] );
$q['orderby'] = addslashes_gpc( $q['orderby'] );
foreach ( explode( ' ', $q['orderby'] ) as $i => $orderby ) {
$parsed = $this->parse_orderby( $orderby );
// Only allow certain values for safety.
if ( ! $parsed ) {
continue;
}
$orderby_array[] = $parsed;
}
$orderby = implode( ' ' . $q['order'] . ', ', $orderby_array );
if ( empty( $orderby ) ) {
$orderby = "{$wpdb->posts}.post_date " . $q['order'];
} elseif ( ! empty( $q['order'] ) ) {
$orderby .= " {$q['order']}";
}
}
}
// Order search results by relevance only when another "orderby" is not specified in the query.
if ( ! empty( $q['s'] ) ) {
$search_orderby = '';
if ( ! empty( $q['search_orderby_title'] ) && ( empty( $q['orderby'] ) && ! $this->is_feed ) || ( isset( $q['orderby'] ) && 'relevance' === $q['orderby'] ) ) {
$search_orderby = $this->parse_search_order( $q );
}
if ( ! $q['suppress_filters'] ) {
/**
* Filters the ORDER BY used when ordering search results.
*
* @since 3.7.0
*
* @param string $search_orderby The ORDER BY clause.
* @param WP_Query $this The current WP_Query instance.
*/
$search_orderby = apply_filters( 'posts_search_orderby', $search_orderby, $this );
}
if ( $search_orderby ) {
$orderby = $orderby ? $search_orderby . ', ' . $orderby : $search_orderby;
}
}
if ( is_array( $post_type ) && count( $post_type ) > 1 ) {
$post_type_cap = 'multiple_post_type';
} else {
if ( is_array( $post_type ) ) {
$post_type = reset( $post_type );
}
$post_type_object = get_post_type_object( $post_type );
if ( empty( $post_type_object ) ) {
$post_type_cap = $post_type;
}
}
if ( isset( $q['post_password'] ) ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_password = %s", $q['post_password'] );
if ( empty( $q['perm'] ) ) {
$q['perm'] = 'readable';
}
} elseif ( isset( $q['has_password'] ) ) {
$where .= sprintf( " AND {$wpdb->posts}.post_password %s ''", $q['has_password'] ? '!=' : '=' );
}
if ( ! empty( $q['comment_status'] ) ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.comment_status = %s ", $q['comment_status'] );
}
if ( ! empty( $q['ping_status'] ) ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.ping_status = %s ", $q['ping_status'] );
}
if ( 'any' == $post_type ) {
$in_search_post_types = get_post_types( array( 'exclude_from_search' => false ) );
if ( empty( $in_search_post_types ) ) {
$where .= ' AND 1=0 ';
} else {
$where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')";
}
} elseif ( ! empty( $post_type ) && is_array( $post_type ) ) {
$where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", esc_sql( $post_type ) ) . "')";
} elseif ( ! empty( $post_type ) ) {
$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type );
$post_type_object = get_post_type_object( $post_type );
} elseif ( $this->is_attachment ) {
$where .= " AND {$wpdb->posts}.post_type = 'attachment'";
$post_type_object = get_post_type_object( 'attachment' );
} elseif ( $this->is_page ) {
$where .= " AND {$wpdb->posts}.post_type = 'page'";
$post_type_object = get_post_type_object( 'page' );
} else {
$where .= " AND {$wpdb->posts}.post_type = 'post'";
$post_type_object = get_post_type_object( 'post' );
}
$edit_cap = 'edit_post';
$read_cap = 'read_post';
if ( ! empty( $post_type_object ) ) {
$edit_others_cap = $post_type_object->cap->edit_others_posts;
$read_private_cap = $post_type_object->cap->read_private_posts;
} else {
$edit_others_cap = 'edit_others_' . $post_type_cap . 's';
$read_private_cap = 'read_private_' . $post_type_cap . 's';
}
$user_id = get_current_user_id();
$q_status = array();
if ( ! empty( $q['post_status'] ) ) {
$statuswheres = array();
$q_status = $q['post_status'];
if ( ! is_array( $q_status ) ) {
$q_status = explode( ',', $q_status );
}
$r_status = array();
$p_status = array();
$e_status = array();
if ( in_array( 'any', $q_status ) ) {
foreach ( get_post_stati( array( 'exclude_from_search' => true ) ) as $status ) {
if ( ! in_array( $status, $q_status ) ) {
$e_status[] = "{$wpdb->posts}.post_status <> '$status'";
}
}
} else {
foreach ( get_post_stati() as $status ) {
if ( in_array( $status, $q_status ) ) {
if ( 'private' == $status ) {
$p_status[] = "{$wpdb->posts}.post_status = '$status'";
} else {
$r_status[] = "{$wpdb->posts}.post_status = '$status'";
}
}
}
}
if ( empty( $q['perm'] ) || 'readable' != $q['perm'] ) {
$r_status = array_merge( $r_status, $p_status );
unset( $p_status );
}
if ( ! empty( $e_status ) ) {
$statuswheres[] = '(' . join( ' AND ', $e_status ) . ')';
}
if ( ! empty( $r_status ) ) {
if ( ! empty( $q['perm'] ) && 'editable' == $q['perm'] && ! current_user_can( $edit_others_cap ) ) {
$statuswheres[] = "({$wpdb->posts}.post_author = $user_id " . 'AND (' . join( ' OR ', $r_status ) . '))';
} else {
$statuswheres[] = '(' . join( ' OR ', $r_status ) . ')';
}
}
if ( ! empty( $p_status ) ) {
if ( ! empty( $q['perm'] ) && 'readable' == $q['perm'] && ! current_user_can( $read_private_cap ) ) {
$statuswheres[] = "({$wpdb->posts}.post_author = $user_id " . 'AND (' . join( ' OR ', $p_status ) . '))';
} else {
$statuswheres[] = '(' . join( ' OR ', $p_status ) . ')';
}
}
if ( $post_status_join ) {
$join .= " LEFT JOIN {$wpdb->posts} AS p2 ON ({$wpdb->posts}.post_parent = p2.ID) ";
foreach ( $statuswheres as $index => $statuswhere ) {
$statuswheres[ $index ] = "($statuswhere OR ({$wpdb->posts}.post_status = 'inherit' AND " . str_replace( $wpdb->posts, 'p2', $statuswhere ) . '))';
}
}
$where_status = implode( ' OR ', $statuswheres );
if ( ! empty( $where_status ) ) {
$where .= " AND ($where_status)";
}
} elseif ( ! $this->is_singular ) {
$where .= " AND ({$wpdb->posts}.post_status = 'publish'";
// Add public states.
$public_states = get_post_stati( array( 'public' => true ) );
foreach ( (array) $public_states as $state ) {
if ( 'publish' == $state ) { // Publish is hard-coded above.
continue;
}
$where .= " OR {$wpdb->posts}.post_status = '$state'";
}
if ( $this->is_admin ) {
// Add protected states that should show in the admin all list.
$admin_all_states = get_post_stati(
array(
'protected' => true,
'show_in_admin_all_list' => true,
)
);
foreach ( (array) $admin_all_states as $state ) {
$where .= " OR {$wpdb->posts}.post_status = '$state'";
}
}
if ( is_user_logged_in() ) {
// Add private states that are limited to viewing by the author of a post or someone who has caps to read private states.
$private_states = get_post_stati( array( 'private' => true ) );
foreach ( (array) $private_states as $state ) {
$where .= current_user_can( $read_private_cap ) ? " OR {$wpdb->posts}.post_status = '$state'" : " OR {$wpdb->posts}.post_author = $user_id AND {$wpdb->posts}.post_status = '$state'";
}
}
$where .= ')';
}
/*
* Apply filters on where and join prior to paging so that any
* manipulations to them are reflected in the paging by day queries.
*/
if ( ! $q['suppress_filters'] ) {
/**
* Filters the WHERE clause of the query.
*
* @since 1.5.0
*
* @param string $where The WHERE clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$where = apply_filters_ref_array( 'posts_where', array( $where, &$this ) );
/**
* Filters the JOIN clause of the query.
*
* @since 1.5.0
*
* @param string $join The JOIN clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$join = apply_filters_ref_array( 'posts_join', array( $join, &$this ) );
}
// Paging
if ( empty( $q['nopaging'] ) && ! $this->is_singular ) {
$page = absint( $q['paged'] );
if ( ! $page ) {
$page = 1;
}
// If 'offset' is provided, it takes precedence over 'paged'.
if ( isset( $q['offset'] ) && is_numeric( $q['offset'] ) ) {
$q['offset'] = absint( $q['offset'] );
$pgstrt = $q['offset'] . ', ';
} else {
$pgstrt = absint( ( $page - 1 ) * $q['posts_per_page'] ) . ', ';
}
$limits = 'LIMIT ' . $pgstrt . $q['posts_per_page'];
}
// Comments feeds
if ( $this->is_comment_feed && ! $this->is_singular ) {
if ( $this->is_archive || $this->is_search ) {
$cjoin = "JOIN {$wpdb->posts} ON ({$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID) $join ";
$cwhere = "WHERE comment_approved = '1' $where";
$cgroupby = "{$wpdb->comments}.comment_id";
} else { // Other non singular e.g. front
$cjoin = "JOIN {$wpdb->posts} ON ( {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID )";
$cwhere = "WHERE ( post_status = 'publish' OR ( post_status = 'inherit' AND post_type = 'attachment' ) ) AND comment_approved = '1'";
$cgroupby = '';
}
if ( ! $q['suppress_filters'] ) {
/**
* Filters the JOIN clause of the comments feed query before sending.
*
* @since 2.2.0
*
* @param string $cjoin The JOIN clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$cjoin = apply_filters_ref_array( 'comment_feed_join', array( $cjoin, &$this ) );
/**
* Filters the WHERE clause of the comments feed query before sending.
*
* @since 2.2.0
*
* @param string $cwhere The WHERE clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$cwhere = apply_filters_ref_array( 'comment_feed_where', array( $cwhere, &$this ) );
/**
* Filters the GROUP BY clause of the comments feed query before sending.
*
* @since 2.2.0
*
* @param string $cgroupby The GROUP BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$cgroupby = apply_filters_ref_array( 'comment_feed_groupby', array( $cgroupby, &$this ) );
/**
* Filters the ORDER BY clause of the comments feed query before sending.
*
* @since 2.8.0
*
* @param string $corderby The ORDER BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$corderby = apply_filters_ref_array( 'comment_feed_orderby', array( 'comment_date_gmt DESC', &$this ) );
/**
* Filters the LIMIT clause of the comments feed query before sending.
*
* @since 2.8.0
*
* @param string $climits The JOIN clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$climits = apply_filters_ref_array( 'comment_feed_limits', array( 'LIMIT ' . get_option( 'posts_per_rss' ), &$this ) );
}
$cgroupby = ( ! empty( $cgroupby ) ) ? 'GROUP BY ' . $cgroupby : '';
$corderby = ( ! empty( $corderby ) ) ? 'ORDER BY ' . $corderby : '';
$comments = (array) $wpdb->get_results( "SELECT $distinct {$wpdb->comments}.* FROM {$wpdb->comments} $cjoin $cwhere $cgroupby $corderby $climits" );
// Convert to WP_Comment
$this->comments = array_map( 'get_comment', $comments );
$this->comment_count = count( $this->comments );
$post_ids = array();
foreach ( $this->comments as $comment ) {
$post_ids[] = (int) $comment->comment_post_ID;
}
$post_ids = join( ',', $post_ids );
$join = '';
if ( $post_ids ) {
$where = "AND {$wpdb->posts}.ID IN ($post_ids) ";
} else {
$where = 'AND 0';
}
}
$pieces = array( 'where', 'groupby', 'join', 'orderby', 'distinct', 'fields', 'limits' );
/*
* Apply post-paging filters on where and join. Only plugins that
* manipulate paging queries should use these hooks.
*/
if ( ! $q['suppress_filters'] ) {
/**
* Filters the WHERE clause of the query.
*
* Specifically for manipulating paging queries.
*
* @since 1.5.0
*
* @param string $where The WHERE clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$where = apply_filters_ref_array( 'posts_where_paged', array( $where, &$this ) );
/**
* Filters the GROUP BY clause of the query.
*
* @since 2.0.0
*
* @param string $groupby The GROUP BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$groupby = apply_filters_ref_array( 'posts_groupby', array( $groupby, &$this ) );
/**
* Filters the JOIN clause of the query.
*
* Specifically for manipulating paging queries.
*
* @since 1.5.0
*
* @param string $join The JOIN clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$join = apply_filters_ref_array( 'posts_join_paged', array( $join, &$this ) );
/**
* Filters the ORDER BY clause of the query.
*
* @since 1.5.1
*
* @param string $orderby The ORDER BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$orderby = apply_filters_ref_array( 'posts_orderby', array( $orderby, &$this ) );
/**
* Filters the DISTINCT clause of the query.
*
* @since 2.1.0
*
* @param string $distinct The DISTINCT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$distinct = apply_filters_ref_array( 'posts_distinct', array( $distinct, &$this ) );
/**
* Filters the LIMIT clause of the query.
*
* @since 2.1.0
*
* @param string $limits The LIMIT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$limits = apply_filters_ref_array( 'post_limits', array( $limits, &$this ) );
/**
* Filters the SELECT clause of the query.
*
* @since 2.1.0
*
* @param string $fields The SELECT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$fields = apply_filters_ref_array( 'posts_fields', array( $fields, &$this ) );
/**
* Filters all query clauses at once, for convenience.
*
* Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT,
* fields (SELECT), and LIMITS clauses.
*
* @since 3.1.0
*
* @param string[] $clauses Associative array of the clauses for the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$clauses = (array) apply_filters_ref_array( 'posts_clauses', array( compact( $pieces ), &$this ) );
$where = isset( $clauses['where'] ) ? $clauses['where'] : '';
$groupby = isset( $clauses['groupby'] ) ? $clauses['groupby'] : '';
$join = isset( $clauses['join'] ) ? $clauses['join'] : '';
$orderby = isset( $clauses['orderby'] ) ? $clauses['orderby'] : '';
$distinct = isset( $clauses['distinct'] ) ? $clauses['distinct'] : '';
$fields = isset( $clauses['fields'] ) ? $clauses['fields'] : '';
$limits = isset( $clauses['limits'] ) ? $clauses['limits'] : '';
}
/**
* Fires to announce the query's current selection parameters.
*
* For use by caching plugins.
*
* @since 2.3.0
*
* @param string $selection The assembled selection query.
*/
do_action( 'posts_selection', $where . $groupby . $orderby . $limits . $join );
/*
* Filters again for the benefit of caching plugins.
* Regular plugins should use the hooks above.
*/
if ( ! $q['suppress_filters'] ) {
/**
* Filters the WHERE clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $where The WHERE clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$where = apply_filters_ref_array( 'posts_where_request', array( $where, &$this ) );
/**
* Filters the GROUP BY clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $groupby The GROUP BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$groupby = apply_filters_ref_array( 'posts_groupby_request', array( $groupby, &$this ) );
/**
* Filters the JOIN clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $join The JOIN clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$join = apply_filters_ref_array( 'posts_join_request', array( $join, &$this ) );
/**
* Filters the ORDER BY clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $orderby The ORDER BY clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$orderby = apply_filters_ref_array( 'posts_orderby_request', array( $orderby, &$this ) );
/**
* Filters the DISTINCT clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $distinct The DISTINCT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$distinct = apply_filters_ref_array( 'posts_distinct_request', array( $distinct, &$this ) );
/**
* Filters the SELECT clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $fields The SELECT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$fields = apply_filters_ref_array( 'posts_fields_request', array( $fields, &$this ) );
/**
* Filters the LIMIT clause of the query.
*
* For use by caching plugins.
*
* @since 2.5.0
*
* @param string $limits The LIMIT clause of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$limits = apply_filters_ref_array( 'post_limits_request', array( $limits, &$this ) );
/**
* Filters all query clauses at once, for convenience.
*
* For use by caching plugins.
*
* Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT,
* fields (SELECT), and LIMITS clauses.
*
* @since 3.1.0
*
* @param string[] $pieces Associative array of the pieces of the query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$clauses = (array) apply_filters_ref_array( 'posts_clauses_request', array( compact( $pieces ), &$this ) );
$where = isset( $clauses['where'] ) ? $clauses['where'] : '';
$groupby = isset( $clauses['groupby'] ) ? $clauses['groupby'] : '';
$join = isset( $clauses['join'] ) ? $clauses['join'] : '';
$orderby = isset( $clauses['orderby'] ) ? $clauses['orderby'] : '';
$distinct = isset( $clauses['distinct'] ) ? $clauses['distinct'] : '';
$fields = isset( $clauses['fields'] ) ? $clauses['fields'] : '';
$limits = isset( $clauses['limits'] ) ? $clauses['limits'] : '';
}
if ( ! empty( $groupby ) ) {
$groupby = 'GROUP BY ' . $groupby;
}
if ( ! empty( $orderby ) ) {
$orderby = 'ORDER BY ' . $orderby;
}
$found_rows = '';
if ( ! $q['no_found_rows'] && ! empty( $limits ) ) {
$found_rows = 'SQL_CALC_FOUND_ROWS';
}
$this->request = $old_request = "SELECT $found_rows $distinct $fields FROM {$wpdb->posts} $join WHERE 1=1 $where $groupby $orderby $limits";
if ( ! $q['suppress_filters'] ) {
/**
* Filters the completed SQL query before sending.
*
* @since 2.0.0
*
* @param string $request The complete SQL query.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->request = apply_filters_ref_array( 'posts_request', array( $this->request, &$this ) );
}
/**
* Filters the posts array before the query takes place.
*
* Return a non-null value to bypass WordPress's default post queries.
*
* Filtering functions that require pagination information are encouraged to set
* the `found_posts` and `max_num_pages` properties of the WP_Query object,
* passed to the filter by reference. If WP_Query does not perform a database
* query, it will not have enough information to generate these values itself.
*
* @since 4.6.0
*
* @param array|null $posts Return an array of post data to short-circuit WP's query,
* or null to allow WP to run its normal queries.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->posts = apply_filters_ref_array( 'posts_pre_query', array( null, &$this ) );
if ( 'ids' == $q['fields'] ) {
if ( null === $this->posts ) {
$this->posts = $wpdb->get_col( $this->request );
}
$this->posts = array_map( 'intval', $this->posts );
$this->post_count = count( $this->posts );
$this->set_found_posts( $q, $limits );
return $this->posts;
}
if ( 'id=>parent' == $q['fields'] ) {
if ( null === $this->posts ) {
$this->posts = $wpdb->get_results( $this->request );
}
$this->post_count = count( $this->posts );
$this->set_found_posts( $q, $limits );
$r = array();
foreach ( $this->posts as $key => $post ) {
$this->posts[ $key ]->ID = (int) $post->ID;
$this->posts[ $key ]->post_parent = (int) $post->post_parent;
$r[ (int) $post->ID ] = (int) $post->post_parent;
}
return $r;
}
if ( null === $this->posts ) {
$split_the_query = ( $old_request == $this->request && "{$wpdb->posts}.*" == $fields && ! empty( $limits ) && $q['posts_per_page'] < 500 );
/**
* Filters whether to split the query.
*
* Splitting the query will cause it to fetch just the IDs of the found posts
* (and then individually fetch each post by ID), rather than fetching every
* complete row at once. One massive result vs. many small results.
*
* @since 3.4.0
*
* @param bool $split_the_query Whether or not to split the query.
* @param WP_Query $this The WP_Query instance.
*/
$split_the_query = apply_filters( 'split_the_query', $split_the_query, $this );
if ( $split_the_query ) {
// First get the IDs and then fill in the objects
$this->request = "SELECT $found_rows $distinct {$wpdb->posts}.ID FROM {$wpdb->posts} $join WHERE 1=1 $where $groupby $orderby $limits";
/**
* Filters the Post IDs SQL request before sending.
*
* @since 3.4.0
*
* @param string $request The post ID request.
* @param WP_Query $this The WP_Query instance.
*/
$this->request = apply_filters( 'posts_request_ids', $this->request, $this );
$ids = $wpdb->get_col( $this->request );
if ( $ids ) {
$this->posts = $ids;
$this->set_found_posts( $q, $limits );
_prime_post_caches( $ids, $q['update_post_term_cache'], $q['update_post_meta_cache'] );
} else {
$this->posts = array();
}
} else {
$this->posts = $wpdb->get_results( $this->request );
$this->set_found_posts( $q, $limits );
}
}
// Convert to WP_Post objects.
if ( $this->posts ) {
$this->posts = array_map( 'get_post', $this->posts );
}
if ( ! $q['suppress_filters'] ) {
/**
* Filters the raw post results array, prior to status checks.
*
* @since 2.3.0
*
* @param WP_Post[] $posts Array of post objects.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->posts = apply_filters_ref_array( 'posts_results', array( $this->posts, &$this ) );
}
if ( ! empty( $this->posts ) && $this->is_comment_feed && $this->is_singular ) {
/** This filter is documented in wp-includes/query.php */
$cjoin = apply_filters_ref_array( 'comment_feed_join', array( '', &$this ) );
/** This filter is documented in wp-includes/query.php */
$cwhere = apply_filters_ref_array( 'comment_feed_where', array( "WHERE comment_post_ID = '{$this->posts[0]->ID}' AND comment_approved = '1'", &$this ) );
/** This filter is documented in wp-includes/query.php */
$cgroupby = apply_filters_ref_array( 'comment_feed_groupby', array( '', &$this ) );
$cgroupby = ( ! empty( $cgroupby ) ) ? 'GROUP BY ' . $cgroupby : '';
/** This filter is documented in wp-includes/query.php */
$corderby = apply_filters_ref_array( 'comment_feed_orderby', array( 'comment_date_gmt DESC', &$this ) );
$corderby = ( ! empty( $corderby ) ) ? 'ORDER BY ' . $corderby : '';
/** This filter is documented in wp-includes/query.php */
$climits = apply_filters_ref_array( 'comment_feed_limits', array( 'LIMIT ' . get_option( 'posts_per_rss' ), &$this ) );
$comments_request = "SELECT {$wpdb->comments}.* FROM {$wpdb->comments} $cjoin $cwhere $cgroupby $corderby $climits";
$comments = $wpdb->get_results( $comments_request );
// Convert to WP_Comment
$this->comments = array_map( 'get_comment', $comments );
$this->comment_count = count( $this->comments );
}
// Check post status to determine if post should be displayed.
if ( ! empty( $this->posts ) && ( $this->is_single || $this->is_page ) ) {
$status = get_post_status( $this->posts[0] );
if ( 'attachment' === $this->posts[0]->post_type && 0 === (int) $this->posts[0]->post_parent ) {
$this->is_page = false;
$this->is_single = true;
$this->is_attachment = true;
}
$post_status_obj = get_post_status_object( $status );
// If the post_status was specifically requested, let it pass through.
if ( ! $post_status_obj->public && ! in_array( $status, $q_status ) ) {
if ( ! is_user_logged_in() ) {
// User must be logged in to view unpublished posts.
$this->posts = array();
} else {
if ( $post_status_obj->protected ) {
// User must have edit permissions on the draft to preview.
if ( ! current_user_can( $edit_cap, $this->posts[0]->ID ) ) {
$this->posts = array();
} else {
$this->is_preview = true;
if ( 'future' != $status ) {
$this->posts[0]->post_date = current_time( 'mysql' );
}
}
} elseif ( $post_status_obj->private ) {
if ( ! current_user_can( $read_cap, $this->posts[0]->ID ) ) {
$this->posts = array();
}
} else {
$this->posts = array();
}
}
}
if ( $this->is_preview && $this->posts && current_user_can( $edit_cap, $this->posts[0]->ID ) ) {
/**
* Filters the single post for preview mode.
*
* @since 2.7.0
*
* @param WP_Post $post_preview The Post object.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->posts[0] = get_post( apply_filters_ref_array( 'the_preview', array( $this->posts[0], &$this ) ) );
}
}
// Put sticky posts at the top of the posts array
$sticky_posts = get_option( 'sticky_posts' );
if ( $this->is_home && $page <= 1 && is_array( $sticky_posts ) && ! empty( $sticky_posts ) && ! $q['ignore_sticky_posts'] ) {
$num_posts = count( $this->posts );
$sticky_offset = 0;
// Loop over posts and relocate stickies to the front.
for ( $i = 0; $i < $num_posts; $i++ ) {
if ( in_array( $this->posts[ $i ]->ID, $sticky_posts ) ) {
$sticky_post = $this->posts[ $i ];
// Remove sticky from current position
array_splice( $this->posts, $i, 1 );
// Move to front, after other stickies
array_splice( $this->posts, $sticky_offset, 0, array( $sticky_post ) );
// Increment the sticky offset. The next sticky will be placed at this offset.
$sticky_offset++;
// Remove post from sticky posts array
$offset = array_search( $sticky_post->ID, $sticky_posts );
unset( $sticky_posts[ $offset ] );
}
}
// If any posts have been excluded specifically, Ignore those that are sticky.
if ( ! empty( $sticky_posts ) && ! empty( $q['post__not_in'] ) ) {
$sticky_posts = array_diff( $sticky_posts, $q['post__not_in'] );
}
// Fetch sticky posts that weren't in the query results
if ( ! empty( $sticky_posts ) ) {
$stickies = get_posts(
array(
'post__in' => $sticky_posts,
'post_type' => $post_type,
'post_status' => 'publish',
'nopaging' => true,
)
);
foreach ( $stickies as $sticky_post ) {
array_splice( $this->posts, $sticky_offset, 0, array( $sticky_post ) );
$sticky_offset++;
}
}
}
// If comments have been fetched as part of the query, make sure comment meta lazy-loading is set up.
if ( ! empty( $this->comments ) ) {
wp_queue_comments_for_comment_meta_lazyload( $this->comments );
}
if ( ! $q['suppress_filters'] ) {
/**
* Filters the array of retrieved posts after they've been fetched and
* internally processed.
*
* @since 1.5.0
*
* @param WP_Post[] $posts Array of post objects.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->posts = apply_filters_ref_array( 'the_posts', array( $this->posts, &$this ) );
}
// Ensure that any posts added/modified via one of the filters above are
// of the type WP_Post and are filtered.
if ( $this->posts ) {
$this->post_count = count( $this->posts );
$this->posts = array_map( 'get_post', $this->posts );
if ( $q['cache_results'] ) {
update_post_caches( $this->posts, $post_type, $q['update_post_term_cache'], $q['update_post_meta_cache'] );
}
$this->post = reset( $this->posts );
} else {
$this->post_count = 0;
$this->posts = array();
}
if ( $q['lazy_load_term_meta'] ) {
wp_queue_posts_for_term_meta_lazyload( $this->posts );
}
return $this->posts;
}
/**
* Set up the amount of found posts and the number of pages (if limit clause was used)
* for the current query.
*
* @since 3.5.0
*
* @param array $q Query variables.
* @param string $limits LIMIT clauses of the query.
*/
private function set_found_posts( $q, $limits ) {
global $wpdb;
// Bail if posts is an empty array. Continue if posts is an empty string,
// null, or false to accommodate caching plugins that fill posts later.
if ( $q['no_found_rows'] || ( is_array( $this->posts ) && ! $this->posts ) ) {
return;
}
if ( ! empty( $limits ) ) {
/**
* Filters the query to run for retrieving the found posts.
*
* @since 2.1.0
*
* @param string $found_posts The query to run to find the found posts.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->found_posts = $wpdb->get_var( apply_filters_ref_array( 'found_posts_query', array( 'SELECT FOUND_ROWS()', &$this ) ) );
} else {
if ( is_array( $this->posts ) ) {
$this->found_posts = count( $this->posts );
} else {
if ( null === $this->posts ) {
$this->found_posts = 0;
} else {
$this->found_posts = 1;
}
}
}
/**
* Filters the number of found posts for the query.
*
* @since 2.1.0
*
* @param int $found_posts The number of posts found.
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
$this->found_posts = apply_filters_ref_array( 'found_posts', array( $this->found_posts, &$this ) );
if ( ! empty( $limits ) ) {
$this->max_num_pages = ceil( $this->found_posts / $q['posts_per_page'] );
}
}
/**
* Set up the next post and iterate current post index.
*
* @since 1.5.0
*
* @return WP_Post Next post.
*/
public function next_post() {
$this->current_post++;
$this->post = $this->posts[ $this->current_post ];
return $this->post;
}
/**
* Sets up the current post.
*
* Retrieves the next post, sets up the post, sets the 'in the loop'
* property to true.
*
* @since 1.5.0
*
* @global WP_Post $post
*/
public function the_post() {
global $post;
$this->in_the_loop = true;
if ( $this->current_post == -1 ) { // loop has just started
/**
* Fires once the loop is started.
*
* @since 2.0.0
*
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
do_action_ref_array( 'loop_start', array( &$this ) );
}
$post = $this->next_post();
$this->setup_postdata( $post );
}
/**
* Determines whether there are more posts available in the loop.
*
* Calls the {@see 'loop_end'} action when the loop is complete.
*
* @since 1.5.0
*
* @return bool True if posts are available, false if end of loop.
*/
public function have_posts() {
if ( $this->current_post + 1 < $this->post_count ) {
return true;
} elseif ( $this->current_post + 1 == $this->post_count && $this->post_count > 0 ) {
/**
* Fires once the loop has ended.
*
* @since 2.0.0
*
* @param WP_Query $this The WP_Query instance (passed by reference).
*/
do_action_ref_array( 'loop_end', array( &$this ) );
// Do some cleaning up after the loop
$this->rewind_posts();
} elseif ( 0 === $this->post_count ) {
/**
* Fires if no results are found in a post query.
*
* @since 4.9.0
*
* @param WP_Query $this The WP_Query instance.
*/
do_action( 'loop_no_results', $this );
}
$this->in_the_loop = false;
return false;
}
/**
* Rewind the posts and reset post index.
*
* @since 1.5.0
*/
public function rewind_posts() {
$this->current_post = -1;
if ( $this->post_count > 0 ) {
$this->post = $this->posts[0];
}
}
/**
* Iterate current comment index and return WP_Comment object.
*
* @since 2.2.0
*
* @return WP_Comment Comment object.
*/
public function next_comment() {
$this->current_comment++;
$this->comment = $this->comments[ $this->current_comment ];
return $this->comment;
}
/**
* Sets up the current comment.
*
* @since 2.2.0
* @global WP_Comment $comment Current comment.
*/
public function the_comment() {
global $comment;
$comment = $this->next_comment();
if ( $this->current_comment == 0 ) {
/**
* Fires once the comment loop is started.
*
* @since 2.2.0
*/
do_action( 'comment_loop_start' );
}
}
/**
* Whether there are more comments available.
*
* Automatically rewinds comments when finished.
*
* @since 2.2.0
*
* @return bool True, if more comments. False, if no more posts.
*/
public function have_comments() {
if ( $this->current_comment + 1 < $this->comment_count ) {
return true;
} elseif ( $this->current_comment + 1 == $this->comment_count ) {
$this->rewind_comments();
}
return false;
}
/**
* Rewind the comments, resets the comment index and comment to first.
*
* @since 2.2.0
*/
public function rewind_comments() {
$this->current_comment = -1;
if ( $this->comment_count > 0 ) {
$this->comment = $this->comments[0];
}
}
/**
* Sets up the WordPress query by parsing query string.
*
* @since 1.5.0
*
* @param string|array $query URL query string or array of query arguments.
* @return WP_Post[]|int[] Array of post objects or post IDs.
*/
public function query( $query ) {
$this->init();
$this->query = $this->query_vars = wp_parse_args( $query );
return $this->get_posts();
}
/**
* Retrieve queried object.
*
* If queried object is not set, then the queried object will be set from
* the category, tag, taxonomy, posts page, single post, page, or author
* query variable. After it is set up, it will be returned.
*
* @since 1.5.0
*
* @return object
*/
public function get_queried_object() {
if ( isset( $this->queried_object ) ) {
return $this->queried_object;
}
$this->queried_object = null;
$this->queried_object_id = null;
if ( $this->is_category || $this->is_tag || $this->is_tax ) {
if ( $this->is_category ) {
if ( $this->get( 'cat' ) ) {
$term = get_term( $this->get( 'cat' ), 'category' );
} elseif ( $this->get( 'category_name' ) ) {
$term = get_term_by( 'slug', $this->get( 'category_name' ), 'category' );
}
} elseif ( $this->is_tag ) {
if ( $this->get( 'tag_id' ) ) {
$term = get_term( $this->get( 'tag_id' ), 'post_tag' );
} elseif ( $this->get( 'tag' ) ) {
$term = get_term_by( 'slug', $this->get( 'tag' ), 'post_tag' );
}
} else {
// For other tax queries, grab the first term from the first clause.
if ( ! empty( $this->tax_query->queried_terms ) ) {
$queried_taxonomies = array_keys( $this->tax_query->queried_terms );
$matched_taxonomy = reset( $queried_taxonomies );
$query = $this->tax_query->queried_terms[ $matched_taxonomy ];
if ( ! empty( $query['terms'] ) ) {
if ( 'term_id' == $query['field'] ) {
$term = get_term( reset( $query['terms'] ), $matched_taxonomy );
} else {
$term = get_term_by( $query['field'], reset( $query['terms'] ), $matched_taxonomy );
}
}
}
}
if ( ! empty( $term ) && ! is_wp_error( $term ) ) {
$this->queried_object = $term;
$this->queried_object_id = (int) $term->term_id;
if ( $this->is_category && 'category' === $this->queried_object->taxonomy ) {
_make_cat_compat( $this->queried_object );
}
}
} elseif ( $this->is_post_type_archive ) {
$post_type = $this->get( 'post_type' );
if ( is_array( $post_type ) ) {
$post_type = reset( $post_type );
}
$this->queried_object = get_post_type_object( $post_type );
} elseif ( $this->is_posts_page ) {
$page_for_posts = get_option( 'page_for_posts' );
$this->queried_object = get_post( $page_for_posts );
$this->queried_object_id = (int) $this->queried_object->ID;
} elseif ( $this->is_singular && ! empty( $this->post ) ) {
$this->queried_object = $this->post;
$this->queried_object_id = (int) $this->post->ID;
} elseif ( $this->is_author ) {
$this->queried_object_id = (int) $this->get( 'author' );
$this->queried_object = get_userdata( $this->queried_object_id );
}
return $this->queried_object;
}
/**
* Retrieve ID of the current queried object.
*
* @since 1.5.0
*
* @return int
*/
public function get_queried_object_id() {
$this->get_queried_object();
if ( isset( $this->queried_object_id ) ) {
return $this->queried_object_id;
}
return 0;
}
/**
* Constructor.
*
* Sets up the WordPress query, if parameter is not empty.
*
* @since 1.5.0
*
* @param string|array $query URL query string or array of vars.
*/
public function __construct( $query = '' ) {
if ( ! empty( $query ) ) {
$this->query( $query );
}
}
/**
* Make private properties readable for backward compatibility.
*
* @since 4.0.0
*
* @param string $name Property to get.
* @return mixed Property.
*/
public function __get( $name ) {
if ( in_array( $name, $this->compat_fields ) ) {
return $this->$name;
}
}
/**
* Make private properties checkable for backward compatibility.
*
* @since 4.0.0
*
* @param string $name Property to check if set.
* @return bool Whether the property is set.
*/
public function __isset( $name ) {
if ( in_array( $name, $this->compat_fields ) ) {
return isset( $this->$name );
}
}
/**
* Make private/protected methods readable for backward compatibility.
*
* @since 4.0.0
*
* @param string $name Method to call.
* @param array $arguments Arguments to pass when calling.
* @return mixed|false Return value of the callback, false otherwise.
*/
public function __call( $name, $arguments ) {
if ( in_array( $name, $this->compat_methods ) ) {
return call_user_func_array( array( $this, $name ), $arguments );
}
return false;
}
/**
* Is the query for an existing archive page?
*
* Month, Year, Category, Author, Post Type archive...
*
* @since 3.1.0
*
* @return bool
*/
public function is_archive() {
return (bool) $this->is_archive;
}
/**
* Is the query for an existing post type archive page?
*
* @since 3.1.0
*
* @param mixed $post_types Optional. Post type or array of posts types to check against.
* @return bool
*/
public function is_post_type_archive( $post_types = '' ) {
if ( empty( $post_types ) || ! $this->is_post_type_archive ) {
return (bool) $this->is_post_type_archive;
}
$post_type = $this->get( 'post_type' );
if ( is_array( $post_type ) ) {
$post_type = reset( $post_type );
}
$post_type_object = get_post_type_object( $post_type );
return in_array( $post_type_object->name, (array) $post_types );
}
/**
* Is the query for an existing attachment page?
*
* @since 3.1.0
*
* @param mixed $attachment Attachment ID, title, slug, or array of such.
* @return bool
*/
public function is_attachment( $attachment = '' ) {
if ( ! $this->is_attachment ) {
return false;
}
if ( empty( $attachment ) ) {
return true;
}
$attachment = array_map( 'strval', (array) $attachment );
$post_obj = $this->get_queried_object();
if ( in_array( (string) $post_obj->ID, $attachment ) ) {
return true;
} elseif ( in_array( $post_obj->post_title, $attachment ) ) {
return true;
} elseif ( in_array( $post_obj->post_name, $attachment ) ) {
return true;
}
return false;
}
/**
* Is the query for an existing author archive page?
*
* If the $author parameter is specified, this function will additionally
* check if the query is for one of the authors specified.
*
* @since 3.1.0
*
* @param mixed $author Optional. User ID, nickname, nicename, or array of User IDs, nicknames, and nicenames
* @return bool
*/
public function is_author( $author = '' ) {
if ( ! $this->is_author ) {
return false;
}
if ( empty( $author ) ) {
return true;
}
$author_obj = $this->get_queried_object();
$author = array_map( 'strval', (array) $author );
if ( in_array( (string) $author_obj->ID, $author ) ) {
return true;
} elseif ( in_array( $author_obj->nickname, $author ) ) {
return true;
} elseif ( in_array( $author_obj->user_nicename, $author ) ) {
return true;
}
return false;
}
/**
* Is the query for an existing category archive page?
*
* If the $category parameter is specified, this function will additionally
* check if the query is for one of the categories specified.
*
* @since 3.1.0
*
* @param mixed $category Optional. Category ID, name, slug, or array of Category IDs, names, and slugs.
* @return bool
*/
public function is_category( $category = '' ) {
if ( ! $this->is_category ) {
return false;
}
if ( empty( $category ) ) {
return true;
}
$cat_obj = $this->get_queried_object();
$category = array_map( 'strval', (array) $category );
if ( in_array( (string) $cat_obj->term_id, $category ) ) {
return true;
} elseif ( in_array( $cat_obj->name, $category ) ) {
return true;
} elseif ( in_array( $cat_obj->slug, $category ) ) {
return true;
}
return false;
}
/**
* Is the query for an existing tag archive page?
*
* If the $tag parameter is specified, this function will additionally
* check if the query is for one of the tags specified.
*
* @since 3.1.0
*
* @param mixed $tag Optional. Tag ID, name, slug, or array of Tag IDs, names, and slugs.
* @return bool
*/
public function is_tag( $tag = '' ) {
if ( ! $this->is_tag ) {
return false;
}
if ( empty( $tag ) ) {
return true;
}
$tag_obj = $this->get_queried_object();
$tag = array_map( 'strval', (array) $tag );
if ( in_array( (string) $tag_obj->term_id, $tag ) ) {
return true;
} elseif ( in_array( $tag_obj->name, $tag ) ) {
return true;
} elseif ( in_array( $tag_obj->slug, $tag ) ) {
return true;
}
return false;
}
/**
* Is the query for an existing custom taxonomy archive page?
*
* If the $taxonomy parameter is specified, this function will additionally
* check if the query is for that specific $taxonomy.
*
* If the $term parameter is specified in addition to the $taxonomy parameter,
* this function will additionally check if the query is for one of the terms
* specified.
*
* @since 3.1.0
*
* @global array $wp_taxonomies
*
* @param mixed $taxonomy Optional. Taxonomy slug or slugs.
* @param mixed $term Optional. Term ID, name, slug or array of Term IDs, names, and slugs.
* @return bool True for custom taxonomy archive pages, false for built-in taxonomies (category and tag archives).
*/
public function is_tax( $taxonomy = '', $term = '' ) {
global $wp_taxonomies;
if ( ! $this->is_tax ) {
return false;
}
if ( empty( $taxonomy ) ) {
return true;
}
$queried_object = $this->get_queried_object();
$tax_array = array_intersect( array_keys( $wp_taxonomies ), (array) $taxonomy );
$term_array = (array) $term;
// Check that the taxonomy matches.
if ( ! ( isset( $queried_object->taxonomy ) && count( $tax_array ) && in_array( $queried_object->taxonomy, $tax_array ) ) ) {
return false;
}
// Only a Taxonomy provided.
if ( empty( $term ) ) {
return true;
}
return isset( $queried_object->term_id ) &&
count(
array_intersect(
array( $queried_object->term_id, $queried_object->name, $queried_object->slug ),
$term_array
)
);
}
/**
* Whether the current URL is within the comments popup window.
*
* @since 3.1.0
* @deprecated 4.5.0
*
* @return bool
*/
public function is_comments_popup() {
_deprecated_function( __FUNCTION__, '4.5.0' );
return false;
}
/**
* Is the query for an existing date archive?
*
* @since 3.1.0
*
* @return bool
*/
public function is_date() {
return (bool) $this->is_date;
}
/**
* Is the query for an existing day archive?
*
* @since 3.1.0
*
* @return bool
*/
public function is_day() {
return (bool) $this->is_day;
}
/**
* Is the query for a feed?
*
* @since 3.1.0
*
* @param string|array $feeds Optional feed types to check.
* @return bool
*/
public function is_feed( $feeds = '' ) {
if ( empty( $feeds ) || ! $this->is_feed ) {
return (bool) $this->is_feed;
}
$qv = $this->get( 'feed' );
if ( 'feed' == $qv ) {
$qv = get_default_feed();
}
return in_array( $qv, (array) $feeds );
}
/**
* Is the query for a comments feed?
*
* @since 3.1.0
*
* @return bool
*/
public function is_comment_feed() {
return (bool) $this->is_comment_feed;
}
/**
* Is the query for the front page of the site?
*
* This is for what is displayed at your site's main URL.
*
* Depends on the site's "Front page displays" Reading Settings 'show_on_front' and 'page_on_front'.
*
* If you set a static page for the front page of your site, this function will return
* true when viewing that page.
*
* Otherwise the same as @see WP_Query::is_home()
*
* @since 3.1.0
*
* @return bool True, if front of site.
*/
public function is_front_page() {
// most likely case
if ( 'posts' == get_option( 'show_on_front' ) && $this->is_home() ) {
return true;
} elseif ( 'page' == get_option( 'show_on_front' ) && get_option( 'page_on_front' ) && $this->is_page( get_option( 'page_on_front' ) ) ) {
return true;
} else {
return false;
}
}
/**
* Is the query for the blog homepage?
*
* This is the page which shows the time based blog content of your site.
*
* Depends on the site's "Front page displays" Reading Settings 'show_on_front' and 'page_for_posts'.
*
* If you set a static page for the front page of your site, this function will return
* true only on the page you set as the "Posts page".
*
* @see WP_Query::is_front_page()
*
* @since 3.1.0
*
* @return bool True if blog view homepage.
*/
public function is_home() {
return (bool) $this->is_home;
}
/**
* Is the query for the Privacy Policy page?
*
* This is the page which shows the Privacy Policy content of your site.
*
* Depends on the site's "Change your Privacy Policy page" Privacy Settings 'wp_page_for_privacy_policy'.
*
* This function will return true only on the page you set as the "Privacy Policy page".
*
* @since 5.2.0
*
* @return bool True, if Privacy Policy page.
*/
public function is_privacy_policy() {
if ( get_option( 'wp_page_for_privacy_policy' ) && $this->is_page( get_option( 'wp_page_for_privacy_policy' ) ) ) {
return true;
} else {
return false;
}
}
/**
* Is the query for an existing month archive?
*
* @since 3.1.0
*
* @return bool
*/
public function is_month() {
return (bool) $this->is_month;
}
/**
* Is the query for an existing single page?
*
* If the $page parameter is specified, this function will additionally
* check if the query is for one of the pages specified.
*
* @see WP_Query::is_single()
* @see WP_Query::is_singular()
*
* @since 3.1.0
*
* @param int|string|array $page Optional. Page ID, title, slug, path, or array of such. Default empty.
* @return bool Whether the query is for an existing single page.
*/
public function is_page( $page = '' ) {
if ( ! $this->is_page ) {
return false;
}
if ( empty( $page ) ) {
return true;
}
$page_obj = $this->get_queried_object();
$page = array_map( 'strval', (array) $page );
if ( in_array( (string) $page_obj->ID, $page ) ) {
return true;
} elseif ( in_array( $page_obj->post_title, $page ) ) {
return true;
} elseif ( in_array( $page_obj->post_name, $page ) ) {
return true;
} else {
foreach ( $page as $pagepath ) {
if ( ! strpos( $pagepath, '/' ) ) {
continue;
}
$pagepath_obj = get_page_by_path( $pagepath );
if ( $pagepath_obj && ( $pagepath_obj->ID == $page_obj->ID ) ) {
return true;
}
}
}
return false;
}
/**
* Is the query for paged result and not for the first page?
*
* @since 3.1.0
*
* @return bool
*/
public function is_paged() {
return (bool) $this->is_paged;
}
/**
* Is the query for a post or page preview?
*
* @since 3.1.0
*
* @return bool
*/
public function is_preview() {
return (bool) $this->is_preview;
}
/**
* Is the query for the robots file?
*
* @since 3.1.0
*
* @return bool
*/
public function is_robots() {
return (bool) $this->is_robots;
}
/**
* Is the query for a search?
*
* @since 3.1.0
*
* @return bool
*/
public function is_search() {
return (bool) $this->is_search;
}
/**
* Is the query for an existing single post?
*
* Works for any post type excluding pages.
*
* If the $post parameter is specified, this function will additionally
* check if the query is for one of the Posts specified.
*
* @see WP_Query::is_page()
* @see WP_Query::is_singular()
*
* @since 3.1.0
*
* @param int|string|array $post Optional. Post ID, title, slug, path, or array of such. Default empty.
* @return bool Whether the query is for an existing single post.
*/
public function is_single( $post = '' ) {
if ( ! $this->is_single ) {
return false;
}
if ( empty( $post ) ) {
return true;
}
$post_obj = $this->get_queried_object();
$post = array_map( 'strval', (array) $post );
if ( in_array( (string) $post_obj->ID, $post ) ) {
return true;
} elseif ( in_array( $post_obj->post_title, $post ) ) {
return true;
} elseif ( in_array( $post_obj->post_name, $post ) ) {
return true;
} else {
foreach ( $post as $postpath ) {
if ( ! strpos( $postpath, '/' ) ) {
continue;
}
$postpath_obj = get_page_by_path( $postpath, OBJECT, $post_obj->post_type );
if ( $postpath_obj && ( $postpath_obj->ID == $post_obj->ID ) ) {
return true;
}
}
}
return false;
}
/**
* Is the query for an existing single post of any post type (post, attachment, page,
* custom post types)?
*
* If the $post_types parameter is specified, this function will additionally
* check if the query is for one of the Posts Types specified.
*
* @see WP_Query::is_page()
* @see WP_Query::is_single()
*
* @since 3.1.0
*
* @param string|array $post_types Optional. Post type or array of post types. Default empty.
* @return bool Whether the query is for an existing single post of any of the given post types.
*/
public function is_singular( $post_types = '' ) {
if ( empty( $post_types ) || ! $this->is_singular ) {
return (bool) $this->is_singular;
}
$post_obj = $this->get_queried_object();
return in_array( $post_obj->post_type, (array) $post_types );
}
/**
* Is the query for a specific time?
*
* @since 3.1.0
*
* @return bool
*/
public function is_time() {
return (bool) $this->is_time;
}
/**
* Is the query for a trackback endpoint call?
*
* @since 3.1.0
*
* @return bool
*/
public function is_trackback() {
return (bool) $this->is_trackback;
}
/**
* Is the query for an existing year archive?
*
* @since 3.1.0
*
* @return bool
*/
public function is_year() {
return (bool) $this->is_year;
}
/**
* Is the query a 404 (returns no results)?
*
* @since 3.1.0
*
* @return bool
*/
public function is_404() {
return (bool) $this->is_404;
}
/**
* Is the query for an embedded post?
*
* @since 4.4.0
*
* @return bool
*/
public function is_embed() {
return (bool) $this->is_embed;
}
/**
* Is the query the main query?
*
* @since 3.3.0
*
* @global WP_Query $wp_query Global WP_Query instance.
*
* @return bool
*/
public function is_main_query() {
global $wp_the_query;
return $wp_the_query === $this;
}
/**
* Set up global post data.
*
* @since 4.1.0
* @since 4.4.0 Added the ability to pass a post ID to `$post`.
*
* @global int $id
* @global WP_User $authordata
* @global string|int|bool $currentday
* @global string|int|bool $currentmonth
* @global int $page
* @global array $pages
* @global int $multipage
* @global int $more
* @global int $numpages
*
* @param WP_Post|object|int $post WP_Post instance or Post ID/object.
* @return true True when finished.
*/
public function setup_postdata( $post ) {
global $id, $authordata, $currentday, $currentmonth, $page, $pages, $multipage, $more, $numpages;
if ( ! ( $post instanceof WP_Post ) ) {
$post = get_post( $post );
}
if ( ! $post ) {
return;
}
$elements = $this->generate_postdata( $post );
if ( false === $elements ) {
return;
}
$id = $elements['id'];
$authordata = $elements['authordata'];
$currentday = $elements['currentday'];
$currentmonth = $elements['currentmonth'];
$page = $elements['page'];
$pages = $elements['pages'];
$multipage = $elements['multipage'];
$more = $elements['more'];
$numpages = $elements['numpages'];
/**
* Fires once the post data has been setup.
*
* @since 2.8.0
* @since 4.1.0 Introduced `$this` parameter.
*
* @param WP_Post $post The Post object (passed by reference).
* @param WP_Query $this The current Query object (passed by reference).
*/
do_action_ref_array( 'the_post', array( &$post, &$this ) );
return true;
}
/**
* Generate post data.
*
* @since 5.2.0
*
* @param WP_Post|object|int $post WP_Post instance or Post ID/object.
* @return array|bool $elements Elements of post or false on failure.
*/
public function generate_postdata( $post ) {
if ( ! ( $post instanceof WP_Post ) ) {
$post = get_post( $post );
}
if ( ! $post ) {
return false;
}
$id = (int) $post->ID;
$authordata = get_userdata( $post->post_author );
$currentday = mysql2date( 'd.m.y', $post->post_date, false );
$currentmonth = mysql2date( 'm', $post->post_date, false );
$numpages = 1;
$multipage = 0;
$page = $this->get( 'page' );
if ( ! $page ) {
$page = 1;
}
/*
* Force full post content when viewing the permalink for the $post,
* or when on an RSS feed. Otherwise respect the 'more' tag.
*/
if ( $post->ID === get_queried_object_id() && ( $this->is_page() || $this->is_single() ) ) {
$more = 1;
} elseif ( $this->is_feed() ) {
$more = 1;
} else {
$more = 0;
}
$content = $post->post_content;
if ( false !== strpos( $content, '' ) ) {
$content = str_replace( "\n\n", '', $content );
$content = str_replace( "\n", '', $content );
$content = str_replace( "\n", '', $content );
// Remove the nextpage block delimiters, to avoid invalid block structures in the split content.
$content = str_replace( '', '', $content );
$content = str_replace( '', '', $content );
// Ignore nextpage at the beginning of the content.
if ( 0 === strpos( $content, '' ) ) {
$content = substr( $content, 15 );
}
$pages = explode( '', $content );
} else {
$pages = array( $post->post_content );
}
/**
* Filters the "pages" derived from splitting the post content.
*
* "Pages" are determined by splitting the post content based on the presence
* of `` tags.
*
* @since 4.4.0
*
* @param string[] $pages Array of "pages" from the post content split by `` tags.
* @param WP_Post $post Current post object.
*/
$pages = apply_filters( 'content_pagination', $pages, $post );
$numpages = count( $pages );
if ( $numpages > 1 ) {
if ( $page > 1 ) {
$more = 1;
}
$multipage = 1;
} else {
$multipage = 0;
}
$elements = compact( 'id', 'authordata', 'currentday', 'currentmonth', 'page', 'pages', 'multipage', 'more', 'numpages' );
return $elements;
}
/**
* After looping through a nested query, this function
* restores the $post global to the current post in this query.
*
* @since 3.7.0
*
* @global WP_Post $post
*/
public function reset_postdata() {
if ( ! empty( $this->post ) ) {
$GLOBALS['post'] = $this->post;
$this->setup_postdata( $this->post );
}
}
/**
* Lazyload term meta for posts in the loop.
*
* @since 4.4.0
* @deprecated 4.5.0 See wp_queue_posts_for_term_meta_lazyload().
*
* @param mixed $check
* @param int $term_id
* @return mixed
*/
public function lazyload_term_meta( $check, $term_id ) {
_deprecated_function( __METHOD__, '4.5.0' );
return $check;
}
/**
* Lazyload comment meta for comments in the loop.
*
* @since 4.4.0
* @deprecated 4.5.0 See wp_queue_comments_for_comment_meta_lazyload().
*
* @param mixed $check
* @param int $comment_id
* @return mixed
*/
public function lazyload_comment_meta( $check, $comment_id ) {
_deprecated_function( __METHOD__, '4.5.0' );
return $check;
}
}
/**
* Template loading functions.
*
* @package WordPress
* @subpackage Template
*/
/**
* Retrieve path to a template
*
* Used to quickly retrieve the path of a template without including the file
* extension. It will also check the parent theme, if the file exists, with
* the use of locate_template(). Allows for more generic template location
* without the use of the other get_*_template() functions.
*
* @since 1.5.0
*
* @param string $type Filename without extension.
* @param array $templates An optional list of template candidates
* @return string Full path to template file.
*/
function get_query_template( $type, $templates = array() ) {
$type = preg_replace( '|[^a-z0-9-]+|', '', $type );
if ( empty( $templates ) ) {
$templates = array( "{$type}.php" );
}
/**
* Filters the list of template filenames that are searched for when retrieving a template to use.
*
* The last element in the array should always be the fallback template for this query type.
*
* Possible values for `$type` include: 'index', '404', 'archive', 'author', 'category', 'tag', 'taxonomy', 'date',
* 'embed', 'home', 'frontpage', 'privacypolicy', 'page', 'paged', 'search', 'single', 'singular', and 'attachment'.
*
* @since 4.7.0
*
* @param array $templates A list of template candidates, in descending order of priority.
*/
$templates = apply_filters( "{$type}_template_hierarchy", $templates );
$template = locate_template( $templates );
/**
* Filters the path of the queried template by type.
*
* The dynamic portion of the hook name, `$type`, refers to the filename -- minus the file
* extension and any non-alphanumeric characters delimiting words -- of the file to load.
* This hook also applies to various types of files loaded as part of the Template Hierarchy.
*
* Possible values for `$type` include: 'index', '404', 'archive', 'author', 'category', 'tag', 'taxonomy', 'date',
* 'embed', 'home', 'frontpage', 'privacypolicy', 'page', 'paged', 'search', 'single', 'singular', and 'attachment'.
*
* @since 1.5.0
* @since 4.8.0 The `$type` and `$templates` parameters were added.
*
* @param string $template Path to the template. See locate_template().
* @param string $type Sanitized filename without extension.
* @param array $templates A list of template candidates, in descending order of priority.
*/
return apply_filters( "{$type}_template", $template, $type, $templates );
}
/**
* Retrieve path of index template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'index'.
*
* @since 3.0.0
*
* @see get_query_template()
*
* @return string Full path to index template file.
*/
function get_index_template() {
return get_query_template( 'index' );
}
/**
* Retrieve path of 404 template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is '404'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to 404 template file.
*/
function get_404_template() {
return get_query_template( '404' );
}
/**
* Retrieve path of archive template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'archive'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to archive template file.
*/
function get_archive_template() {
$post_types = array_filter( (array) get_query_var( 'post_type' ) );
$templates = array();
if ( count( $post_types ) == 1 ) {
$post_type = reset( $post_types );
$templates[] = "archive-{$post_type}.php";
}
$templates[] = 'archive.php';
return get_query_template( 'archive', $templates );
}
/**
* Retrieve path of post type archive template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'archive'.
*
* @since 3.7.0
*
* @see get_archive_template()
*
* @return string Full path to archive template file.
*/
function get_post_type_archive_template() {
$post_type = get_query_var( 'post_type' );
if ( is_array( $post_type ) ) {
$post_type = reset( $post_type );
}
$obj = get_post_type_object( $post_type );
if ( ! ( $obj instanceof WP_Post_Type ) || ! $obj->has_archive ) {
return '';
}
return get_archive_template();
}
/**
* Retrieve path of author template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. author-{nicename}.php
* 2. author-{id}.php
* 3. author.php
*
* An example of this is:
*
* 1. author-john.php
* 2. author-1.php
* 3. author.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'author'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to author template file.
*/
function get_author_template() {
$author = get_queried_object();
$templates = array();
if ( $author instanceof WP_User ) {
$templates[] = "author-{$author->user_nicename}.php";
$templates[] = "author-{$author->ID}.php";
}
$templates[] = 'author.php';
return get_query_template( 'author', $templates );
}
/**
* Retrieve path of category template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. category-{slug}.php
* 2. category-{id}.php
* 3. category.php
*
* An example of this is:
*
* 1. category-news.php
* 2. category-2.php
* 3. category.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'category'.
*
* @since 1.5.0
* @since 4.7.0 The decoded form of `category-{slug}.php` was added to the top of the
* template hierarchy when the category slug contains multibyte characters.
*
* @see get_query_template()
*
* @return string Full path to category template file.
*/
function get_category_template() {
$category = get_queried_object();
$templates = array();
if ( ! empty( $category->slug ) ) {
$slug_decoded = urldecode( $category->slug );
if ( $slug_decoded !== $category->slug ) {
$templates[] = "category-{$slug_decoded}.php";
}
$templates[] = "category-{$category->slug}.php";
$templates[] = "category-{$category->term_id}.php";
}
$templates[] = 'category.php';
return get_query_template( 'category', $templates );
}
/**
* Retrieve path of tag template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. tag-{slug}.php
* 2. tag-{id}.php
* 3. tag.php
*
* An example of this is:
*
* 1. tag-wordpress.php
* 2. tag-3.php
* 3. tag.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'tag'.
*
* @since 2.3.0
* @since 4.7.0 The decoded form of `tag-{slug}.php` was added to the top of the
* template hierarchy when the tag slug contains multibyte characters.
*
* @see get_query_template()
*
* @return string Full path to tag template file.
*/
function get_tag_template() {
$tag = get_queried_object();
$templates = array();
if ( ! empty( $tag->slug ) ) {
$slug_decoded = urldecode( $tag->slug );
if ( $slug_decoded !== $tag->slug ) {
$templates[] = "tag-{$slug_decoded}.php";
}
$templates[] = "tag-{$tag->slug}.php";
$templates[] = "tag-{$tag->term_id}.php";
}
$templates[] = 'tag.php';
return get_query_template( 'tag', $templates );
}
/**
* Retrieve path of custom taxonomy term template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. taxonomy-{taxonomy_slug}-{term_slug}.php
* 2. taxonomy-{taxonomy_slug}.php
* 3. taxonomy.php
*
* An example of this is:
*
* 1. taxonomy-location-texas.php
* 2. taxonomy-location.php
* 3. taxonomy.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'taxonomy'.
*
* @since 2.5.0
* @since 4.7.0 The decoded form of `taxonomy-{taxonomy_slug}-{term_slug}.php` was added to the top of the
* template hierarchy when the term slug contains multibyte characters.
*
* @see get_query_template()
*
* @return string Full path to custom taxonomy term template file.
*/
function get_taxonomy_template() {
$term = get_queried_object();
$templates = array();
if ( ! empty( $term->slug ) ) {
$taxonomy = $term->taxonomy;
$slug_decoded = urldecode( $term->slug );
if ( $slug_decoded !== $term->slug ) {
$templates[] = "taxonomy-$taxonomy-{$slug_decoded}.php";
}
$templates[] = "taxonomy-$taxonomy-{$term->slug}.php";
$templates[] = "taxonomy-$taxonomy.php";
}
$templates[] = 'taxonomy.php';
return get_query_template( 'taxonomy', $templates );
}
/**
* Retrieve path of date template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'date'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to date template file.
*/
function get_date_template() {
return get_query_template( 'date' );
}
/**
* Retrieve path of home template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'home'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to home template file.
*/
function get_home_template() {
$templates = array( 'home.php', 'index.php' );
return get_query_template( 'home', $templates );
}
/**
* Retrieve path of front page template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'frontpage'.
*
* @since 3.0.0
*
* @see get_query_template()
*
* @return string Full path to front page template file.
*/
function get_front_page_template() {
$templates = array( 'front-page.php' );
return get_query_template( 'frontpage', $templates );
}
/**
* Retrieve path of Privacy Policy page template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'privacypolicy'.
*
* @since 5.2.0
*
* @see get_query_template()
*
* @return string Full path to privacy policy template file.
*/
function get_privacy_policy_template() {
$templates = array( 'privacy-policy.php' );
return get_query_template( 'privacypolicy', $templates );
}
/**
* Retrieve path of page template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. {Page Template}.php
* 2. page-{page_name}.php
* 3. page-{id}.php
* 4. page.php
*
* An example of this is:
*
* 1. page-templates/full-width.php
* 2. page-about.php
* 3. page-4.php
* 4. page.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'page'.
*
* @since 1.5.0
* @since 4.7.0 The decoded form of `page-{page_name}.php` was added to the top of the
* template hierarchy when the page name contains multibyte characters.
*
* @see get_query_template()
*
* @return string Full path to page template file.
*/
function get_page_template() {
$id = get_queried_object_id();
$template = get_page_template_slug();
$pagename = get_query_var( 'pagename' );
if ( ! $pagename && $id ) {
// If a static page is set as the front page, $pagename will not be set. Retrieve it from the queried object
$post = get_queried_object();
if ( $post ) {
$pagename = $post->post_name;
}
}
$templates = array();
if ( $template && 0 === validate_file( $template ) ) {
$templates[] = $template;
}
if ( $pagename ) {
$pagename_decoded = urldecode( $pagename );
if ( $pagename_decoded !== $pagename ) {
$templates[] = "page-{$pagename_decoded}.php";
}
$templates[] = "page-{$pagename}.php";
}
if ( $id ) {
$templates[] = "page-{$id}.php";
}
$templates[] = 'page.php';
return get_query_template( 'page', $templates );
}
/**
* Retrieve path of search template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'search'.
*
* @since 1.5.0
*
* @see get_query_template()
*
* @return string Full path to search template file.
*/
function get_search_template() {
return get_query_template( 'search' );
}
/**
* Retrieve path of single template in current or parent template. Applies to single Posts,
* single Attachments, and single custom post types.
*
* The hierarchy for this template looks like:
*
* 1. {Post Type Template}.php
* 2. single-{post_type}-{post_name}.php
* 3. single-{post_type}.php
* 4. single.php
*
* An example of this is:
*
* 1. templates/full-width.php
* 2. single-post-hello-world.php
* 3. single-post.php
* 4. single.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'single'.
*
* @since 1.5.0
* @since 4.4.0 `single-{post_type}-{post_name}.php` was added to the top of the template hierarchy.
* @since 4.7.0 The decoded form of `single-{post_type}-{post_name}.php` was added to the top of the
* template hierarchy when the post name contains multibyte characters.
* @since 4.7.0 `{Post Type Template}.php` was added to the top of the template hierarchy.
*
* @see get_query_template()
*
* @return string Full path to single template file.
*/
function get_single_template() {
$object = get_queried_object();
$templates = array();
if ( ! empty( $object->post_type ) ) {
$template = get_page_template_slug( $object );
if ( $template && 0 === validate_file( $template ) ) {
$templates[] = $template;
}
$name_decoded = urldecode( $object->post_name );
if ( $name_decoded !== $object->post_name ) {
$templates[] = "single-{$object->post_type}-{$name_decoded}.php";
}
$templates[] = "single-{$object->post_type}-{$object->post_name}.php";
$templates[] = "single-{$object->post_type}.php";
}
$templates[] = 'single.php';
return get_query_template( 'single', $templates );
}
/**
* Retrieves an embed template path in the current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. embed-{post_type}-{post_format}.php
* 2. embed-{post_type}.php
* 3. embed.php
*
* An example of this is:
*
* 1. embed-post-audio.php
* 2. embed-post.php
* 3. embed.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'embed'.
*
* @since 4.5.0
*
* @see get_query_template()
*
* @return string Full path to embed template file.
*/
function get_embed_template() {
$object = get_queried_object();
$templates = array();
if ( ! empty( $object->post_type ) ) {
$post_format = get_post_format( $object );
if ( $post_format ) {
$templates[] = "embed-{$object->post_type}-{$post_format}.php";
}
$templates[] = "embed-{$object->post_type}.php";
}
$templates[] = 'embed.php';
return get_query_template( 'embed', $templates );
}
/**
* Retrieves the path of the singular template in current or parent template.
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'singular'.
*
* @since 4.3.0
*
* @see get_query_template()
*
* @return string Full path to singular template file
*/
function get_singular_template() {
return get_query_template( 'singular' );
}
/**
* Retrieve path of attachment template in current or parent template.
*
* The hierarchy for this template looks like:
*
* 1. {mime_type}-{sub_type}.php
* 2. {sub_type}.php
* 3. {mime_type}.php
* 4. attachment.php
*
* An example of this is:
*
* 1. image-jpeg.php
* 2. jpeg.php
* 3. image.php
* 4. attachment.php
*
* The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'}
* and {@see '$type_template'} dynamic hooks, where `$type` is 'attachment'.
*
* @since 2.0.0
* @since 4.3.0 The order of the mime type logic was reversed so the hierarchy is more logical.
*
* @see get_query_template()
*
* @global array $posts
*
* @return string Full path to attachment template file.
*/
function get_attachment_template() {
$attachment = get_queried_object();
$templates = array();
if ( $attachment ) {
if ( false !== strpos( $attachment->post_mime_type, '/' ) ) {
list( $type, $subtype ) = explode( '/', $attachment->post_mime_type );
} else {
list( $type, $subtype ) = array( $attachment->post_mime_type, '' );
}
if ( ! empty( $subtype ) ) {
$templates[] = "{$type}-{$subtype}.php";
$templates[] = "{$subtype}.php";
}
$templates[] = "{$type}.php";
}
$templates[] = 'attachment.php';
return get_query_template( 'attachment', $templates );
}
/**
* Retrieve the name of the highest priority template file that exists.
*
* Searches in the STYLESHEETPATH before TEMPLATEPATH and wp-includes/theme-compat
* so that themes which inherit from a parent theme can just overload one file.
*
* @since 2.7.0
*
* @param string|array $template_names Template file(s) to search for, in order.
* @param bool $load If true the template file will be loaded if it is found.
* @param bool $require_once Whether to require_once or require. Default true. Has no effect if $load is false.
* @return string The template filename if one is located.
*/
function locate_template( $template_names, $load = false, $require_once = true ) {
$located = '';
foreach ( (array) $template_names as $template_name ) {
if ( ! $template_name ) {
continue;
}
if ( file_exists( STYLESHEETPATH . '/' . $template_name ) ) {
$located = STYLESHEETPATH . '/' . $template_name;
break;
} elseif ( file_exists( TEMPLATEPATH . '/' . $template_name ) ) {
$located = TEMPLATEPATH . '/' . $template_name;
break;
} elseif ( file_exists( ABSPATH . WPINC . '/theme-compat/' . $template_name ) ) {
$located = ABSPATH . WPINC . '/theme-compat/' . $template_name;
break;
}
}
if ( $load && '' != $located ) {
load_template( $located, $require_once );
}
return $located;
}
/**
* Require the template file with WordPress environment.
*
* The globals are set up for the template file to ensure that the WordPress
* environment is available from within the function. The query variables are
* also available.
*
* @since 1.5.0
*
* @global array $posts
* @global WP_Post $post
* @global bool $wp_did_header
* @global WP_Query $wp_query
* @global WP_Rewrite $wp_rewrite
* @global wpdb $wpdb
* @global string $wp_version
* @global WP $wp
* @global int $id
* @global WP_Comment $comment
* @global int $user_ID
*
* @param string $_template_file Path to template file.
* @param bool $require_once Whether to require_once or require. Default true.
*/
function load_template( $_template_file, $require_once = true ) {
global $posts, $post, $wp_did_header, $wp_query, $wp_rewrite, $wpdb, $wp_version, $wp, $id, $comment, $user_ID;
if ( is_array( $wp_query->query_vars ) ) {
/*
* This use of extract() cannot be removed. There are many possible ways that
* templates could depend on variables that it creates existing, and no way to
* detect and deprecate it.
*
* Passing the EXTR_SKIP flag is the safest option, ensuring globals and
* function variables cannot be overwritten.
*/
// phpcs:ignore WordPress.PHP.DontExtract.extract_extract
extract( $wp_query->query_vars, EXTR_SKIP );
}
if ( isset( $s ) ) {
$s = esc_attr( $s );
}
if ( $require_once ) {
require_once( $_template_file );
} else {
require( $_template_file );
}
}
/**
* Core User API
*
* @package WordPress
* @subpackage Users
*/
/**
* Authenticates and logs a user in with 'remember' capability.
*
* The credentials is an array that has 'user_login', 'user_password', and
* 'remember' indices. If the credentials is not given, then the log in form
* will be assumed and used if set.
*
* The various authentication cookies will be set by this function and will be
* set for a longer period depending on if the 'remember' credential is set to
* true.
*
* Note: wp_signon() doesn't handle setting the current user. This means that if the
* function is called before the {@see 'init'} hook is fired, is_user_logged_in() will
* evaluate as false until that point. If is_user_logged_in() is needed in conjunction
* with wp_signon(), wp_set_current_user() should be called explicitly.
*
* @since 2.5.0
*
* @global string $auth_secure_cookie
*
* @param array $credentials Optional. User info in order to sign on.
* @param string|bool $secure_cookie Optional. Whether to use secure cookie.
* @return WP_User|WP_Error WP_User on success, WP_Error on failure.
*/
function wp_signon( $credentials = array(), $secure_cookie = '' ) {
if ( empty( $credentials ) ) {
$credentials = array(); // Back-compat for plugins passing an empty string.
if ( ! empty( $_POST['log'] ) ) {
$credentials['user_login'] = $_POST['log'];
}
if ( ! empty( $_POST['pwd'] ) ) {
$credentials['user_password'] = $_POST['pwd'];
}
if ( ! empty( $_POST['rememberme'] ) ) {
$credentials['remember'] = $_POST['rememberme'];
}
}
if ( ! empty( $credentials['remember'] ) ) {
$credentials['remember'] = true;
} else {
$credentials['remember'] = false;
}
/**
* Fires before the user is authenticated.
*
* The variables passed to the callbacks are passed by reference,
* and can be modified by callback functions.
*
* @since 1.5.1
*
* @todo Decide whether to deprecate the wp_authenticate action.
*
* @param string $user_login Username (passed by reference).
* @param string $user_password User password (passed by reference).
*/
do_action_ref_array( 'wp_authenticate', array( &$credentials['user_login'], &$credentials['user_password'] ) );
if ( '' === $secure_cookie ) {
$secure_cookie = is_ssl();
}
/**
* Filters whether to use a secure sign-on cookie.
*
* @since 3.1.0
*
* @param bool $secure_cookie Whether to use a secure sign-on cookie.
* @param array $credentials {
* Array of entered sign-on data.
*
* @type string $user_login Username.
* @type string $user_password Password entered.
* @type bool $remember Whether to 'remember' the user. Increases the time
* that the cookie will be kept. Default false.
* }
*/
$secure_cookie = apply_filters( 'secure_signon_cookie', $secure_cookie, $credentials );
global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
$auth_secure_cookie = $secure_cookie;
add_filter( 'authenticate', 'wp_authenticate_cookie', 30, 3 );
$user = wp_authenticate( $credentials['user_login'], $credentials['user_password'] );
if ( is_wp_error( $user ) ) {
return $user;
}
wp_set_auth_cookie( $user->ID, $credentials['remember'], $secure_cookie );
/**
* Fires after the user has successfully logged in.
*
* @since 1.5.0
*
* @param string $user_login Username.
* @param WP_User $user WP_User object of the logged-in user.
*/
do_action( 'wp_login', $user->user_login, $user );
return $user;
}
/**
* Authenticate a user, confirming the username and password are valid.
*
* @since 2.8.0
*
* @param WP_User|WP_Error|null $user WP_User or WP_Error object from a previous callback. Default null.
* @param string $username Username for authentication.
* @param string $password Password for authentication.
* @return WP_User|WP_Error WP_User on success, WP_Error on failure.
*/
function wp_authenticate_username_password( $user, $username, $password ) {
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $username ) || empty( $password ) ) {
if ( is_wp_error( $user ) ) {
return $user;
}
$error = new WP_Error();
if ( empty( $username ) ) {
$error->add( 'empty_username', __( 'ERROR: The username field is empty.' ) );
}
if ( empty( $password ) ) {
$error->add( 'empty_password', __( 'ERROR: The password field is empty.' ) );
}
return $error;
}
$user = get_user_by( 'login', $username );
if ( ! $user ) {
return new WP_Error(
'invalid_username',
__( 'ERROR: Invalid username.' ) .
' ' .
__( 'Lost your password?' ) .
''
);
}
/**
* Filters whether the given user can be authenticated with the provided $password.
*
* @since 2.5.0
*
* @param WP_User|WP_Error $user WP_User or WP_Error object if a previous
* callback failed authentication.
* @param string $password Password to check against the user.
*/
$user = apply_filters( 'wp_authenticate_user', $user, $password );
if ( is_wp_error( $user ) ) {
return $user;
}
if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) {
return new WP_Error(
'incorrect_password',
sprintf(
/* translators: %s: user name */
__( 'ERROR: The password you entered for the username %s is incorrect.' ),
'' . $username . ''
) .
' ' .
__( 'Lost your password?' ) .
''
);
}
return $user;
}
/**
* Authenticates a user using the email and password.
*
* @since 4.5.0
*
* @param WP_User|WP_Error|null $user WP_User or WP_Error object if a previous
* callback failed authentication.
* @param string $email Email address for authentication.
* @param string $password Password for authentication.
* @return WP_User|WP_Error WP_User on success, WP_Error on failure.
*/
function wp_authenticate_email_password( $user, $email, $password ) {
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $email ) || empty( $password ) ) {
if ( is_wp_error( $user ) ) {
return $user;
}
$error = new WP_Error();
if ( empty( $email ) ) {
$error->add( 'empty_username', __( 'ERROR: The email field is empty.' ) ); // Uses 'empty_username' for back-compat with wp_signon()
}
if ( empty( $password ) ) {
$error->add( 'empty_password', __( 'ERROR: The password field is empty.' ) );
}
return $error;
}
if ( ! is_email( $email ) ) {
return $user;
}
$user = get_user_by( 'email', $email );
if ( ! $user ) {
return new WP_Error(
'invalid_email',
__( 'ERROR: Invalid email address.' ) .
' ' .
__( 'Lost your password?' ) .
''
);
}
/** This filter is documented in wp-includes/user.php */
$user = apply_filters( 'wp_authenticate_user', $user, $password );
if ( is_wp_error( $user ) ) {
return $user;
}
if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) {
return new WP_Error(
'incorrect_password',
sprintf(
/* translators: %s: email address */
__( 'ERROR: The password you entered for the email address %s is incorrect.' ),
'' . $email . ''
) .
' ' .
__( 'Lost your password?' ) .
''
);
}
return $user;
}
/**
* Authenticate the user using the WordPress auth cookie.
*
* @since 2.8.0
*
* @global string $auth_secure_cookie
*
* @param WP_User|WP_Error|null $user WP_User or WP_Error object from a previous callback. Default null.
* @param string $username Username. If not empty, cancels the cookie authentication.
* @param string $password Password. If not empty, cancels the cookie authentication.
* @return WP_User|WP_Error WP_User on success, WP_Error on failure.
*/
function wp_authenticate_cookie( $user, $username, $password ) {
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $username ) && empty( $password ) ) {
$user_id = wp_validate_auth_cookie();
if ( $user_id ) {
return new WP_User( $user_id );
}
global $auth_secure_cookie;
if ( $auth_secure_cookie ) {
$auth_cookie = SECURE_AUTH_COOKIE;
} else {
$auth_cookie = AUTH_COOKIE;
}
if ( ! empty( $_COOKIE[ $auth_cookie ] ) ) {
return new WP_Error( 'expired_session', __( 'Please log in again.' ) );
}
// If the cookie is not set, be silent.
}
return $user;
}
/**
* For Multisite blogs, check if the authenticated user has been marked as a
* spammer, or if the user's primary blog has been marked as spam.
*
* @since 3.7.0
*
* @param WP_User|WP_Error|null $user WP_User or WP_Error object from a previous callback. Default null.
* @return WP_User|WP_Error WP_User on success, WP_Error if the user is considered a spammer.
*/
function wp_authenticate_spam_check( $user ) {
if ( $user instanceof WP_User && is_multisite() ) {
/**
* Filters whether the user has been marked as a spammer.
*
* @since 3.7.0
*
* @param bool $spammed Whether the user is considered a spammer.
* @param WP_User $user User to check against.
*/
$spammed = apply_filters( 'check_is_user_spammed', is_user_spammy( $user ), $user );
if ( $spammed ) {
return new WP_Error( 'spammer_account', __( 'ERROR: Your account has been marked as a spammer.' ) );
}
}
return $user;
}
/**
* Validates the logged-in cookie.
*
* Checks the logged-in cookie if the previous auth cookie could not be
* validated and parsed.
*
* This is a callback for the {@see 'determine_current_user'} filter, rather than API.
*
* @since 3.9.0
*
* @param int|bool $user_id The user ID (or false) as received from the
* determine_current_user filter.
* @return int|false User ID if validated, false otherwise. If a user ID from
* an earlier filter callback is received, that value is returned.
*/
function wp_validate_logged_in_cookie( $user_id ) {
if ( $user_id ) {
return $user_id;
}
if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
return false;
}
return wp_validate_auth_cookie( $_COOKIE[ LOGGED_IN_COOKIE ], 'logged_in' );
}
/**
* Number of posts user has written.
*
* @since 3.0.0
* @since 4.1.0 Added `$post_type` argument.
* @since 4.3.0 Added `$public_only` argument. Added the ability to pass an array
* of post types to `$post_type`.
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param int $userid User ID.
* @param array|string $post_type Optional. Single post type or array of post types to count the number of posts for. Default 'post'.
* @param bool $public_only Optional. Whether to only return counts for public posts. Default false.
* @return string Number of posts the user has written in this post type.
*/
function count_user_posts( $userid, $post_type = 'post', $public_only = false ) {
global $wpdb;
$where = get_posts_by_author_sql( $post_type, true, $userid, $public_only );
$count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->posts $where" );
/**
* Filters the number of posts a user has written.
*
* @since 2.7.0
* @since 4.1.0 Added `$post_type` argument.
* @since 4.3.1 Added `$public_only` argument.
*
* @param int $count The user's post count.
* @param int $userid User ID.
* @param string|array $post_type Single post type or array of post types to count the number of posts for.
* @param bool $public_only Whether to limit counted posts to public posts.
*/
return apply_filters( 'get_usernumposts', $count, $userid, $post_type, $public_only );
}
/**
* Number of posts written by a list of users.
*
* @since 3.0.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param array $users Array of user IDs.
* @param string|array $post_type Optional. Single post type or array of post types to check. Defaults to 'post'.
* @param bool $public_only Optional. Only return counts for public posts. Defaults to false.
* @return array Amount of posts each user has written.
*/
function count_many_users_posts( $users, $post_type = 'post', $public_only = false ) {
global $wpdb;
$count = array();
if ( empty( $users ) || ! is_array( $users ) ) {
return $count;
}
$userlist = implode( ',', array_map( 'absint', $users ) );
$where = get_posts_by_author_sql( $post_type, true, null, $public_only );
$result = $wpdb->get_results( "SELECT post_author, COUNT(*) FROM $wpdb->posts $where AND post_author IN ($userlist) GROUP BY post_author", ARRAY_N );
foreach ( $result as $row ) {
$count[ $row[0] ] = $row[1];
}
foreach ( $users as $id ) {
if ( ! isset( $count[ $id ] ) ) {
$count[ $id ] = 0;
}
}
return $count;
}
//
// User option functions
//
/**
* Get the current user's ID
*
* @since MU (3.0.0)
*
* @return int The current user's ID, or 0 if no user is logged in.
*/
function get_current_user_id() {
if ( ! function_exists( 'wp_get_current_user' ) ) {
return 0;
}
$user = wp_get_current_user();
return ( isset( $user->ID ) ? (int) $user->ID : 0 );
}
/**
* Retrieve user option that can be either per Site or per Network.
*
* If the user ID is not given, then the current user will be used instead. If
* the user ID is given, then the user data will be retrieved. The filter for
* the result, will also pass the original option name and finally the user data
* object as the third parameter.
*
* The option will first check for the per site name and then the per Network name.
*
* @since 2.0.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param string $option User option name.
* @param int $user Optional. User ID.
* @param string $deprecated Use get_option() to check for an option in the options table.
* @return mixed User option value on success, false on failure.
*/
function get_user_option( $option, $user = 0, $deprecated = '' ) {
global $wpdb;
if ( ! empty( $deprecated ) ) {
_deprecated_argument( __FUNCTION__, '3.0.0' );
}
if ( empty( $user ) ) {
$user = get_current_user_id();
}
if ( ! $user = get_userdata( $user ) ) {
return false;
}
$prefix = $wpdb->get_blog_prefix();
if ( $user->has_prop( $prefix . $option ) ) { // Blog specific
$result = $user->get( $prefix . $option );
} elseif ( $user->has_prop( $option ) ) { // User specific and cross-blog
$result = $user->get( $option );
} else {
$result = false;
}
/**
* Filters a specific user option value.
*
* The dynamic portion of the hook name, `$option`, refers to the user option name.
*
* @since 2.5.0
*
* @param mixed $result Value for the user's option.
* @param string $option Name of the option being retrieved.
* @param WP_User $user WP_User object of the user whose option is being retrieved.
*/
return apply_filters( "get_user_option_{$option}", $result, $option, $user );
}
/**
* Update user option with global blog capability.
*
* User options are just like user metadata except that they have support for
* global blog options. If the 'global' parameter is false, which it is by default
* it will prepend the WordPress table prefix to the option name.
*
* Deletes the user option if $newvalue is empty.
*
* @since 2.0.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param int $user_id User ID.
* @param string $option_name User option name.
* @param mixed $newvalue User option value.
* @param bool $global Optional. Whether option name is global or blog specific.
* Default false (blog specific).
* @return int|bool User meta ID if the option didn't exist, true on successful update,
* false on failure.
*/
function update_user_option( $user_id, $option_name, $newvalue, $global = false ) {
global $wpdb;
if ( ! $global ) {
$option_name = $wpdb->get_blog_prefix() . $option_name;
}
return update_user_meta( $user_id, $option_name, $newvalue );
}
/**
* Delete user option with global blog capability.
*
* User options are just like user metadata except that they have support for
* global blog options. If the 'global' parameter is false, which it is by default
* it will prepend the WordPress table prefix to the option name.
*
* @since 3.0.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param int $user_id User ID
* @param string $option_name User option name.
* @param bool $global Optional. Whether option name is global or blog specific.
* Default false (blog specific).
* @return bool True on success, false on failure.
*/
function delete_user_option( $user_id, $option_name, $global = false ) {
global $wpdb;
if ( ! $global ) {
$option_name = $wpdb->get_blog_prefix() . $option_name;
}
return delete_user_meta( $user_id, $option_name );
}
/**
* Retrieve list of users matching criteria.
*
* @since 3.1.0
*
* @see WP_User_Query
*
* @param array $args Optional. Arguments to retrieve users. See WP_User_Query::prepare_query().
* for more information on accepted arguments.
* @return array List of users.
*/
function get_users( $args = array() ) {
$args = wp_parse_args( $args );
$args['count_total'] = false;
$user_search = new WP_User_Query( $args );
return (array) $user_search->get_results();
}
/**
* Get the sites a user belongs to.
*
* @since 3.0.0
* @since 4.7.0 Converted to use `get_sites()`.
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param int $user_id User ID
* @param bool $all Whether to retrieve all sites, or only sites that are not
* marked as deleted, archived, or spam.
* @return array A list of the user's sites. An empty array if the user doesn't exist
* or belongs to no sites.
*/
function get_blogs_of_user( $user_id, $all = false ) {
global $wpdb;
$user_id = (int) $user_id;
// Logged out users can't have sites
if ( empty( $user_id ) ) {
return array();
}
/**
* Filters the list of a user's sites before it is populated.
*
* Passing a non-null value to the filter will effectively short circuit
* get_blogs_of_user(), returning that value instead.
*
* @since 4.6.0
*
* @param null|array $sites An array of site objects of which the user is a member.
* @param int $user_id User ID.
* @param bool $all Whether the returned array should contain all sites, including
* those marked 'deleted', 'archived', or 'spam'. Default false.
*/
$sites = apply_filters( 'pre_get_blogs_of_user', null, $user_id, $all );
if ( null !== $sites ) {
return $sites;
}
$keys = get_user_meta( $user_id );
if ( empty( $keys ) ) {
return array();
}
if ( ! is_multisite() ) {
$site_id = get_current_blog_id();
$sites = array( $site_id => new stdClass );
$sites[ $site_id ]->userblog_id = $site_id;
$sites[ $site_id ]->blogname = get_option( 'blogname' );
$sites[ $site_id ]->domain = '';
$sites[ $site_id ]->path = '';
$sites[ $site_id ]->site_id = 1;
$sites[ $site_id ]->siteurl = get_option( 'siteurl' );
$sites[ $site_id ]->archived = 0;
$sites[ $site_id ]->spam = 0;
$sites[ $site_id ]->deleted = 0;
return $sites;
}
$site_ids = array();
if ( isset( $keys[ $wpdb->base_prefix . 'capabilities' ] ) && defined( 'MULTISITE' ) ) {
$site_ids[] = 1;
unset( $keys[ $wpdb->base_prefix . 'capabilities' ] );
}
$keys = array_keys( $keys );
foreach ( $keys as $key ) {
if ( 'capabilities' !== substr( $key, -12 ) ) {
continue;
}
if ( $wpdb->base_prefix && 0 !== strpos( $key, $wpdb->base_prefix ) ) {
continue;
}
$site_id = str_replace( array( $wpdb->base_prefix, '_capabilities' ), '', $key );
if ( ! is_numeric( $site_id ) ) {
continue;
}
$site_ids[] = (int) $site_id;
}
$sites = array();
if ( ! empty( $site_ids ) ) {
$args = array(
'number' => '',
'site__in' => $site_ids,
'update_site_meta_cache' => false,
);
if ( ! $all ) {
$args['archived'] = 0;
$args['spam'] = 0;
$args['deleted'] = 0;
}
$_sites = get_sites( $args );
foreach ( $_sites as $site ) {
$sites[ $site->id ] = (object) array(
'userblog_id' => $site->id,
'blogname' => $site->blogname,
'domain' => $site->domain,
'path' => $site->path,
'site_id' => $site->network_id,
'siteurl' => $site->siteurl,
'archived' => $site->archived,
'mature' => $site->mature,
'spam' => $site->spam,
'deleted' => $site->deleted,
);
}
}
/**
* Filters the list of sites a user belongs to.
*
* @since MU (3.0.0)
*
* @param array $sites An array of site objects belonging to the user.
* @param int $user_id User ID.
* @param bool $all Whether the returned sites array should contain all sites, including
* those marked 'deleted', 'archived', or 'spam'. Default false.
*/
return apply_filters( 'get_blogs_of_user', $sites, $user_id, $all );
}
/**
* Find out whether a user is a member of a given blog.
*
* @since MU (3.0.0)
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param int $user_id Optional. The unique ID of the user. Defaults to the current user.
* @param int $blog_id Optional. ID of the blog to check. Defaults to the current site.
* @return bool
*/
function is_user_member_of_blog( $user_id = 0, $blog_id = 0 ) {
global $wpdb;
$user_id = (int) $user_id;
$blog_id = (int) $blog_id;
if ( empty( $user_id ) ) {
$user_id = get_current_user_id();
}
// Technically not needed, but does save calls to get_site and get_user_meta
// in the event that the function is called when a user isn't logged in
if ( empty( $user_id ) ) {
return false;
} else {
$user = get_userdata( $user_id );
if ( ! $user instanceof WP_User ) {
return false;
}
}
if ( ! is_multisite() ) {
return true;
}
if ( empty( $blog_id ) ) {
$blog_id = get_current_blog_id();
}
$blog = get_site( $blog_id );
if ( ! $blog || ! isset( $blog->domain ) || $blog->archived || $blog->spam || $blog->deleted ) {
return false;
}
$keys = get_user_meta( $user_id );
if ( empty( $keys ) ) {
return false;
}
// no underscore before capabilities in $base_capabilities_key
$base_capabilities_key = $wpdb->base_prefix . 'capabilities';
$site_capabilities_key = $wpdb->base_prefix . $blog_id . '_capabilities';
if ( isset( $keys[ $base_capabilities_key ] ) && $blog_id == 1 ) {
return true;
}
if ( isset( $keys[ $site_capabilities_key ] ) ) {
return true;
}
return false;
}
/**
* Adds meta data to a user.
*
* @since 3.0.0
*
* @param int $user_id User ID.
* @param string $meta_key Metadata name.
* @param mixed $meta_value Metadata value.
* @param bool $unique Optional. Whether the same key should not be added. Default false.
* @return int|false Meta ID on success, false on failure.
*/
function add_user_meta( $user_id, $meta_key, $meta_value, $unique = false ) {
return add_metadata( 'user', $user_id, $meta_key, $meta_value, $unique );
}
/**
* Remove metadata matching criteria from a user.
*
* You can match based on the key, or key and value. Removing based on key and
* value, will keep from removing duplicate metadata with the same key. It also
* allows removing all metadata matching key, if needed.
*
* @since 3.0.0
* @link https://codex.wordpress.org/Function_Reference/delete_user_meta
*
* @param int $user_id User ID
* @param string $meta_key Metadata name.
* @param mixed $meta_value Optional. Metadata value.
* @return bool True on success, false on failure.
*/
function delete_user_meta( $user_id, $meta_key, $meta_value = '' ) {
return delete_metadata( 'user', $user_id, $meta_key, $meta_value );
}
/**
* Retrieve user meta field for a user.
*
* @since 3.0.0
* @link https://codex.wordpress.org/Function_Reference/get_user_meta
*
* @param int $user_id User ID.
* @param string $key Optional. The meta key to retrieve. By default, returns data for all keys.
* @param bool $single Whether to return a single value.
* @return mixed Will be an array if $single is false. Will be value of meta data field if $single is true.
*/
function get_user_meta( $user_id, $key = '', $single = false ) {
return get_metadata( 'user', $user_id, $key, $single );
}
/**
* Update user meta field based on user ID.
*
* Use the $prev_value parameter to differentiate between meta fields with the
* same key and user ID.
*
* If the meta field for the user does not exist, it will be added.
*
* @since 3.0.0
* @link https://codex.wordpress.org/Function_Reference/update_user_meta
*
* @param int $user_id User ID.
* @param string $meta_key Metadata key.
* @param mixed $meta_value Metadata value.
* @param mixed $prev_value Optional. Previous value to check before removing.
* @return int|bool Meta ID if the key didn't exist, true on successful update, false on failure.
*/
function update_user_meta( $user_id, $meta_key, $meta_value, $prev_value = '' ) {
return update_metadata( 'user', $user_id, $meta_key, $meta_value, $prev_value );
}
/**
* Count number of users who have each of the user roles.
*
* Assumes there are neither duplicated nor orphaned capabilities meta_values.
* Assumes role names are unique phrases. Same assumption made by WP_User_Query::prepare_query()
* Using $strategy = 'time' this is CPU-intensive and should handle around 10^7 users.
* Using $strategy = 'memory' this is memory-intensive and should handle around 10^5 users, but see WP Bug #12257.
*
* @since 3.0.0
* @since 4.4.0 The number of users with no role is now included in the `none` element.
* @since 4.9.0 The `$site_id` parameter was added to support multisite.
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param string $strategy Optional. The computational strategy to use when counting the users.
* Accepts either 'time' or 'memory'. Default 'time'.
* @param int|null $site_id Optional. The site ID to count users for. Defaults to the current site.
* @return array Includes a grand total and an array of counts indexed by role strings.
*/
function count_users( $strategy = 'time', $site_id = null ) {
global $wpdb;
// Initialize
if ( ! $site_id ) {
$site_id = get_current_blog_id();
}
/**
* Filter the user count before queries are run. Return a non-null value to cause count_users()
* to return early.
*
* @since 5.1.0
*
* @param null|string $result Default null.
* @param string $strategy Optional. The computational strategy to use when counting the users.
* Accepts either 'time' or 'memory'. Default 'time'.
* @param int|null $site_id Optional. The site ID to count users for. Defaults to the current site.
*/
$pre = apply_filters( 'pre_count_users', null, $strategy, $site_id );
if ( null !== $pre ) {
return $pre;
}
$blog_prefix = $wpdb->get_blog_prefix( $site_id );
$result = array();
if ( 'time' == $strategy ) {
if ( is_multisite() && $site_id != get_current_blog_id() ) {
switch_to_blog( $site_id );
$avail_roles = wp_roles()->get_names();
restore_current_blog();
} else {
$avail_roles = wp_roles()->get_names();
}
// Build a CPU-intensive query that will return concise information.
$select_count = array();
foreach ( $avail_roles as $this_role => $name ) {
$select_count[] = $wpdb->prepare( 'COUNT(NULLIF(`meta_value` LIKE %s, false))', '%' . $wpdb->esc_like( '"' . $this_role . '"' ) . '%' );
}
$select_count[] = "COUNT(NULLIF(`meta_value` = 'a:0:{}', false))";
$select_count = implode( ', ', $select_count );
// Add the meta_value index to the selection list, then run the query.
$row = $wpdb->get_row(
"
SELECT {$select_count}, COUNT(*)
FROM {$wpdb->usermeta}
INNER JOIN {$wpdb->users} ON user_id = ID
WHERE meta_key = '{$blog_prefix}capabilities'
",
ARRAY_N
);
// Run the previous loop again to associate results with role names.
$col = 0;
$role_counts = array();
foreach ( $avail_roles as $this_role => $name ) {
$count = (int) $row[ $col++ ];
if ( $count > 0 ) {
$role_counts[ $this_role ] = $count;
}
}
$role_counts['none'] = (int) $row[ $col++ ];
// Get the meta_value index from the end of the result set.
$total_users = (int) $row[ $col ];
$result['total_users'] = $total_users;
$result['avail_roles'] =& $role_counts;
} else {
$avail_roles = array(
'none' => 0,
);
$users_of_blog = $wpdb->get_col(
"
SELECT meta_value
FROM {$wpdb->usermeta}
INNER JOIN {$wpdb->users} ON user_id = ID
WHERE meta_key = '{$blog_prefix}capabilities'
"
);
foreach ( $users_of_blog as $caps_meta ) {
$b_roles = maybe_unserialize( $caps_meta );
if ( ! is_array( $b_roles ) ) {
continue;
}
if ( empty( $b_roles ) ) {
$avail_roles['none']++;
}
foreach ( $b_roles as $b_role => $val ) {
if ( isset( $avail_roles[ $b_role ] ) ) {
$avail_roles[ $b_role ]++;
} else {
$avail_roles[ $b_role ] = 1;
}
}
}
$result['total_users'] = count( $users_of_blog );
$result['avail_roles'] =& $avail_roles;
}
return $result;
}
//
// Private helper functions
//
/**
* Set up global user vars.
*
* Used by wp_set_current_user() for back compat. Might be deprecated in the future.
*
* @since 2.0.4
*
* @global string $user_login The user username for logging in
* @global WP_User $userdata User data.
* @global int $user_level The level of the user
* @global int $user_ID The ID of the user
* @global string $user_email The email address of the user
* @global string $user_url The url in the user's profile
* @global string $user_identity The display name of the user
*
* @param int $for_user_id Optional. User ID to set up global data. Default 0.
*/
function setup_userdata( $for_user_id = 0 ) {
global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_identity;
if ( ! $for_user_id ) {
$for_user_id = get_current_user_id();
}
$user = get_userdata( $for_user_id );
if ( ! $user ) {
$user_ID = 0;
$user_level = 0;
$userdata = null;
$user_login = $user_email = $user_url = $user_identity = '';
return;
}
$user_ID = (int) $user->ID;
$user_level = (int) $user->user_level;
$userdata = $user;
$user_login = $user->user_login;
$user_email = $user->user_email;
$user_url = $user->user_url;
$user_identity = $user->display_name;
}
/**
* Create dropdown HTML content of users.
*
* The content can either be displayed, which it is by default or retrieved by
* setting the 'echo' argument. The 'include' and 'exclude' arguments do not
* need to be used; all users will be displayed in that case. Only one can be
* used, either 'include' or 'exclude', but not both.
*
* The available arguments are as follows:
*
* @since 2.3.0
* @since 4.5.0 Added the 'display_name_with_login' value for 'show'.
* @since 4.7.0 Added the `$role`, `$role__in`, and `$role__not_in` parameters.
*
* @param array|string $args {
* Optional. Array or string of arguments to generate a drop-down of users.
* See WP_User_Query::prepare_query() for additional available arguments.
*
* @type string $show_option_all Text to show as the drop-down default (all).
* Default empty.
* @type string $show_option_none Text to show as the drop-down default when no
* users were found. Default empty.
* @type int|string $option_none_value Value to use for $show_option_non when no users
* were found. Default -1.
* @type string $hide_if_only_one_author Whether to skip generating the drop-down
* if only one user was found. Default empty.
* @type string $orderby Field to order found users by. Accepts user fields.
* Default 'display_name'.
* @type string $order Whether to order users in ascending or descending
* order. Accepts 'ASC' (ascending) or 'DESC' (descending).
* Default 'ASC'.
* @type array|string $include Array or comma-separated list of user IDs to include.
* Default empty.
* @type array|string $exclude Array or comma-separated list of user IDs to exclude.
* Default empty.
* @type bool|int $multi Whether to skip the ID attribute on the 'select' element.
* Accepts 1|true or 0|false. Default 0|false.
* @type string $show User data to display. If the selected item is empty
* then the 'user_login' will be displayed in parentheses.
* Accepts any user field, or 'display_name_with_login' to show
* the display name with user_login in parentheses.
* Default 'display_name'.
* @type int|bool $echo Whether to echo or return the drop-down. Accepts 1|true (echo)
* or 0|false (return). Default 1|true.
* @type int $selected Which user ID should be selected. Default 0.
* @type bool $include_selected Whether to always include the selected user ID in the drop-
* down. Default false.
* @type string $name Name attribute of select element. Default 'user'.
* @type string $id ID attribute of the select element. Default is the value of $name.
* @type string $class Class attribute of the select element. Default empty.
* @type int $blog_id ID of blog (Multisite only). Default is ID of the current blog.
* @type string $who Which type of users to query. Accepts only an empty string or
* 'authors'. Default empty.
* @type string|array $role An array or a comma-separated list of role names that users must
* match to be included in results. Note that this is an inclusive
* list: users must match *each* role. Default empty.
* @type array $role__in An array of role names. Matched users must have at least one of
* these roles. Default empty array.
* @type array $role__not_in An array of role names to exclude. Users matching one or more of
* these roles will not be included in results. Default empty array.
* }
* @return string String of HTML content.
*/
function wp_dropdown_users( $args = '' ) {
$defaults = array(
'show_option_all' => '',
'show_option_none' => '',
'hide_if_only_one_author' => '',
'orderby' => 'display_name',
'order' => 'ASC',
'include' => '',
'exclude' => '',
'multi' => 0,
'show' => 'display_name',
'echo' => 1,
'selected' => 0,
'name' => 'user',
'class' => '',
'id' => '',
'blog_id' => get_current_blog_id(),
'who' => '',
'include_selected' => false,
'option_none_value' => -1,
'role' => '',
'role__in' => array(),
'role__not_in' => array(),
);
$defaults['selected'] = is_author() ? get_query_var( 'author' ) : 0;
$r = wp_parse_args( $args, $defaults );
$query_args = wp_array_slice_assoc( $r, array( 'blog_id', 'include', 'exclude', 'orderby', 'order', 'who', 'role', 'role__in', 'role__not_in' ) );
$fields = array( 'ID', 'user_login' );
$show = ! empty( $r['show'] ) ? $r['show'] : 'display_name';
if ( 'display_name_with_login' === $show ) {
$fields[] = 'display_name';
} else {
$fields[] = $show;
}
$query_args['fields'] = $fields;
$show_option_all = $r['show_option_all'];
$show_option_none = $r['show_option_none'];
$option_none_value = $r['option_none_value'];
/**
* Filters the query arguments for the list of users in the dropdown.
*
* @since 4.4.0
*
* @param array $query_args The query arguments for get_users().
* @param array $r The arguments passed to wp_dropdown_users() combined with the defaults.
*/
$query_args = apply_filters( 'wp_dropdown_users_args', $query_args, $r );
$users = get_users( $query_args );
$output = '';
if ( ! empty( $users ) && ( empty( $r['hide_if_only_one_author'] ) || count( $users ) > 1 ) ) {
$name = esc_attr( $r['name'] );
if ( $r['multi'] && ! $r['id'] ) {
$id = '';
} else {
$id = $r['id'] ? " id='" . esc_attr( $r['id'] ) . "'" : " id='$name'";
}
$output = "';
}
/**
* Filters the wp_dropdown_users() HTML output.
*
* @since 2.3.0
*
* @param string $output HTML output generated by wp_dropdown_users().
*/
$html = apply_filters( 'wp_dropdown_users', $output );
if ( $r['echo'] ) {
echo $html;
}
return $html;
}
/**
* Sanitize user field based on context.
*
* Possible context values are: 'raw', 'edit', 'db', 'display', 'attribute' and 'js'. The
* 'display' context is used by default. 'attribute' and 'js' contexts are treated like 'display'
* when calling filters.
*
* @since 2.3.0
*
* @param string $field The user Object field name.
* @param mixed $value The user Object value.
* @param int $user_id User ID.
* @param string $context How to sanitize user fields. Looks for 'raw', 'edit', 'db', 'display',
* 'attribute' and 'js'.
* @return mixed Sanitized value.
*/
function sanitize_user_field( $field, $value, $user_id, $context ) {
$int_fields = array( 'ID' );
if ( in_array( $field, $int_fields ) ) {
$value = (int) $value;
}
if ( 'raw' == $context ) {
return $value;
}
if ( ! is_string( $value ) && ! is_numeric( $value ) ) {
return $value;
}
$prefixed = false !== strpos( $field, 'user_' );
if ( 'edit' == $context ) {
if ( $prefixed ) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "edit_{$field}", $value, $user_id );
} else {
/**
* Filters a user field value in the 'edit' context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
*
* @since 2.9.0
*
* @param mixed $value Value of the prefixed user field.
* @param int $user_id User ID.
*/
$value = apply_filters( "edit_user_{$field}", $value, $user_id );
}
if ( 'description' == $field ) {
$value = esc_html( $value ); // textarea_escaped?
} else {
$value = esc_attr( $value );
}
} elseif ( 'db' == $context ) {
if ( $prefixed ) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "pre_{$field}", $value );
} else {
/**
* Filters the value of a user field in the 'db' context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
*
* @since 2.9.0
*
* @param mixed $value Value of the prefixed user field.
*/
$value = apply_filters( "pre_user_{$field}", $value );
}
} else {
// Use display filters by default.
if ( $prefixed ) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "{$field}", $value, $user_id, $context );
} else {
/**
* Filters the value of a user field in a standard context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
*
* @since 2.9.0
*
* @param mixed $value The user object value to sanitize.
* @param int $user_id User ID.
* @param string $context The context to filter within.
*/
$value = apply_filters( "user_{$field}", $value, $user_id, $context );
}
}
if ( 'user_url' == $field ) {
$value = esc_url( $value );
}
if ( 'attribute' == $context ) {
$value = esc_attr( $value );
} elseif ( 'js' == $context ) {
$value = esc_js( $value );
}
return $value;
}
/**
* Update all user caches
*
* @since 3.0.0
*
* @param WP_User $user User object to be cached
* @return bool|null Returns false on failure.
*/
function update_user_caches( $user ) {
if ( $user instanceof WP_User ) {
if ( ! $user->exists() ) {
return false;
}
$user = $user->data;
}
wp_cache_add( $user->ID, $user, 'users' );
wp_cache_add( $user->user_login, $user->ID, 'userlogins' );
wp_cache_add( $user->user_email, $user->ID, 'useremail' );
wp_cache_add( $user->user_nicename, $user->ID, 'userslugs' );
}
/**
* Clean all user caches
*
* @since 3.0.0
* @since 4.4.0 'clean_user_cache' action was added.
*
* @param WP_User|int $user User object or ID to be cleaned from the cache
*/
function clean_user_cache( $user ) {
if ( is_numeric( $user ) ) {
$user = new WP_User( $user );
}
if ( ! $user->exists() ) {
return;
}
wp_cache_delete( $user->ID, 'users' );
wp_cache_delete( $user->user_login, 'userlogins' );
wp_cache_delete( $user->user_email, 'useremail' );
wp_cache_delete( $user->user_nicename, 'userslugs' );
/**
* Fires immediately after the given user's cache is cleaned.
*
* @since 4.4.0
*
* @param int $user_id User ID.
* @param WP_User $user User object.
*/
do_action( 'clean_user_cache', $user->ID, $user );
}
/**
* Determines whether the given username exists.
*
* For more information on this and similar theme functions, check out
* the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
* Conditional Tags} article in the Theme Developer Handbook.
*
* @since 2.0.0
*
* @param string $username Username.
* @return int|false The user's ID on success, and false on failure.
*/
function username_exists( $username ) {
$user = get_user_by( 'login', $username );
if ( $user ) {
$user_id = $user->ID;
} else {
$user_id = false;
}
/**
* Filters whether the given username exists or not.
*
* @since 4.9.0
*
* @param int|false $user_id The user's ID on success, and false on failure.
* @param string $username Username to check.
*/
return apply_filters( 'username_exists', $user_id, $username );
}
/**
* Determines whether the given email exists.
*
* For more information on this and similar theme functions, check out
* the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
* Conditional Tags} article in the Theme Developer Handbook.
*
* @since 2.1.0
*
* @param string $email Email.
* @return int|false The user's ID on success, and false on failure.
*/
function email_exists( $email ) {
$user = get_user_by( 'email', $email );
if ( $user ) {
return $user->ID;
}
return false;
}
/**
* Checks whether a username is valid.
*
* @since 2.0.1
* @since 4.4.0 Empty sanitized usernames are now considered invalid
*
* @param string $username Username.
* @return bool Whether username given is valid
*/
function validate_username( $username ) {
$sanitized = sanitize_user( $username, true );
$valid = ( $sanitized == $username && ! empty( $sanitized ) );
/**
* Filters whether the provided username is valid or not.
*
* @since 2.0.1
*
* @param bool $valid Whether given username is valid.
* @param string $username Username to check.
*/
return apply_filters( 'validate_username', $valid, $username );
}
/**
* Insert a user into the database.
*
* Most of the `$userdata` array fields have filters associated with the values. Exceptions are
* 'ID', 'rich_editing', 'syntax_highlighting', 'comment_shortcuts', 'admin_color', 'use_ssl',
* 'user_registered', and 'role'. The filters have the prefix 'pre_user_' followed by the field
* name. An example using 'description' would have the filter called, 'pre_user_description' that
* can be hooked into.
*
* @since 2.0.0
* @since 3.6.0 The `aim`, `jabber`, and `yim` fields were removed as default user contact
* methods for new installations. See wp_get_user_contact_methods().
* @since 4.7.0 The user's locale can be passed to `$userdata`.
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param array|object|WP_User $userdata {
* An array, object, or WP_User object of user data arguments.
*
* @type int $ID User ID. If supplied, the user will be updated.
* @type string $user_pass The plain-text user password.
* @type string $user_login The user's login username.
* @type string $user_nicename The URL-friendly user name.
* @type string $user_url The user URL.
* @type string $user_email The user email address.
* @type string $display_name The user's display name.
* Default is the user's username.
* @type string $nickname The user's nickname.
* Default is the user's username.
* @type string $first_name The user's first name. For new users, will be used
* to build the first part of the user's display name
* if `$display_name` is not specified.
* @type string $last_name The user's last name. For new users, will be used
* to build the second part of the user's display name
* if `$display_name` is not specified.
* @type string $description The user's biographical description.
* @type string|bool $rich_editing Whether to enable the rich-editor for the user.
* False if not empty.
* @type string|bool $syntax_highlighting Whether to enable the rich code editor for the user.
* False if not empty.
* @type string|bool $comment_shortcuts Whether to enable comment moderation keyboard
* shortcuts for the user. Default false.
* @type string $admin_color Admin color scheme for the user. Default 'fresh'.
* @type bool $use_ssl Whether the user should always access the admin over
* https. Default false.
* @type string $user_registered Date the user registered. Format is 'Y-m-d H:i:s'.
* @type string|bool $show_admin_bar_front Whether to display the Admin Bar for the user on the
* site's front end. Default true.
* @type string $role User's role.
* @type string $locale User's locale. Default empty.
* }
* @return int|WP_Error The newly created user's ID or a WP_Error object if the user could not
* be created.
*/
function wp_insert_user( $userdata ) {
global $wpdb;
if ( $userdata instanceof stdClass ) {
$userdata = get_object_vars( $userdata );
} elseif ( $userdata instanceof WP_User ) {
$userdata = $userdata->to_array();
}
// Are we updating or creating?
if ( ! empty( $userdata['ID'] ) ) {
$ID = (int) $userdata['ID'];
$update = true;
$old_user_data = get_userdata( $ID );
if ( ! $old_user_data ) {
return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) );
}
// hashed in wp_update_user(), plaintext if called directly
$user_pass = ! empty( $userdata['user_pass'] ) ? $userdata['user_pass'] : $old_user_data->user_pass;
} else {
$update = false;
// Hash the password
$user_pass = wp_hash_password( $userdata['user_pass'] );
}
$sanitized_user_login = sanitize_user( $userdata['user_login'], true );
/**
* Filters a username after it has been sanitized.
*
* This filter is called before the user is created or updated.
*
* @since 2.0.3
*
* @param string $sanitized_user_login Username after it has been sanitized.
*/
$pre_user_login = apply_filters( 'pre_user_login', $sanitized_user_login );
//Remove any non-printable chars from the login string to see if we have ended up with an empty username
$user_login = trim( $pre_user_login );
// user_login must be between 0 and 60 characters.
if ( empty( $user_login ) ) {
return new WP_Error( 'empty_user_login', __( 'Cannot create a user with an empty login name.' ) );
} elseif ( mb_strlen( $user_login ) > 60 ) {
return new WP_Error( 'user_login_too_long', __( 'Username may not be longer than 60 characters.' ) );
}
if ( ! $update && username_exists( $user_login ) ) {
return new WP_Error( 'existing_user_login', __( 'Sorry, that username already exists!' ) );
}
/**
* Filters the list of blacklisted usernames.
*
* @since 4.4.0
*
* @param array $usernames Array of blacklisted usernames.
*/
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
}
/*
* If a nicename is provided, remove unsafe user characters before using it.
* Otherwise build a nicename from the user_login.
*/
if ( ! empty( $userdata['user_nicename'] ) ) {
$user_nicename = sanitize_user( $userdata['user_nicename'], true );
if ( mb_strlen( $user_nicename ) > 50 ) {
return new WP_Error( 'user_nicename_too_long', __( 'Nicename may not be longer than 50 characters.' ) );
}
} else {
$user_nicename = mb_substr( $user_login, 0, 50 );
}
$user_nicename = sanitize_title( $user_nicename );
// Store values to save in user meta.
$meta = array();
/**
* Filters a user's nicename before the user is created or updated.
*
* @since 2.0.3
*
* @param string $user_nicename The user's nicename.
*/
$user_nicename = apply_filters( 'pre_user_nicename', $user_nicename );
$raw_user_url = empty( $userdata['user_url'] ) ? '' : $userdata['user_url'];
/**
* Filters a user's URL before the user is created or updated.
*
* @since 2.0.3
*
* @param string $raw_user_url The user's URL.
*/
$user_url = apply_filters( 'pre_user_url', $raw_user_url );
$raw_user_email = empty( $userdata['user_email'] ) ? '' : $userdata['user_email'];
/**
* Filters a user's email before the user is created or updated.
*
* @since 2.0.3
*
* @param string $raw_user_email The user's email.
*/
$user_email = apply_filters( 'pre_user_email', $raw_user_email );
/*
* If there is no update, just check for `email_exists`. If there is an update,
* check if current email and new email are the same, or not, and check `email_exists`
* accordingly.
*/
if ( ( ! $update || ( ! empty( $old_user_data ) && 0 !== strcasecmp( $user_email, $old_user_data->user_email ) ) )
&& ! defined( 'WP_IMPORTING' )
&& email_exists( $user_email )
) {
return new WP_Error( 'existing_user_email', __( 'Sorry, that email address is already used!' ) );
}
$nickname = empty( $userdata['nickname'] ) ? $user_login : $userdata['nickname'];
/**
* Filters a user's nickname before the user is created or updated.
*
* @since 2.0.3
*
* @param string $nickname The user's nickname.
*/
$meta['nickname'] = apply_filters( 'pre_user_nickname', $nickname );
$first_name = empty( $userdata['first_name'] ) ? '' : $userdata['first_name'];
/**
* Filters a user's first name before the user is created or updated.
*
* @since 2.0.3
*
* @param string $first_name The user's first name.
*/
$meta['first_name'] = apply_filters( 'pre_user_first_name', $first_name );
$last_name = empty( $userdata['last_name'] ) ? '' : $userdata['last_name'];
/**
* Filters a user's last name before the user is created or updated.
*
* @since 2.0.3
*
* @param string $last_name The user's last name.
*/
$meta['last_name'] = apply_filters( 'pre_user_last_name', $last_name );
if ( empty( $userdata['display_name'] ) ) {
if ( $update ) {
$display_name = $user_login;
} elseif ( $meta['first_name'] && $meta['last_name'] ) {
/* translators: 1: first name, 2: last name */
$display_name = sprintf( _x( '%1$s %2$s', 'Display name based on first name and last name' ), $meta['first_name'], $meta['last_name'] );
} elseif ( $meta['first_name'] ) {
$display_name = $meta['first_name'];
} elseif ( $meta['last_name'] ) {
$display_name = $meta['last_name'];
} else {
$display_name = $user_login;
}
} else {
$display_name = $userdata['display_name'];
}
/**
* Filters a user's display name before the user is created or updated.
*
* @since 2.0.3
*
* @param string $display_name The user's display name.
*/
$display_name = apply_filters( 'pre_user_display_name', $display_name );
$description = empty( $userdata['description'] ) ? '' : $userdata['description'];
/**
* Filters a user's description before the user is created or updated.
*
* @since 2.0.3
*
* @param string $description The user's description.
*/
$meta['description'] = apply_filters( 'pre_user_description', $description );
$meta['rich_editing'] = empty( $userdata['rich_editing'] ) ? 'true' : $userdata['rich_editing'];
$meta['syntax_highlighting'] = empty( $userdata['syntax_highlighting'] ) ? 'true' : $userdata['syntax_highlighting'];
$meta['comment_shortcuts'] = empty( $userdata['comment_shortcuts'] ) || 'false' === $userdata['comment_shortcuts'] ? 'false' : 'true';
$admin_color = empty( $userdata['admin_color'] ) ? 'fresh' : $userdata['admin_color'];
$meta['admin_color'] = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $admin_color );
$meta['use_ssl'] = empty( $userdata['use_ssl'] ) ? 0 : $userdata['use_ssl'];
$user_registered = empty( $userdata['user_registered'] ) ? gmdate( 'Y-m-d H:i:s' ) : $userdata['user_registered'];
$meta['show_admin_bar_front'] = empty( $userdata['show_admin_bar_front'] ) ? 'true' : $userdata['show_admin_bar_front'];
$meta['locale'] = isset( $userdata['locale'] ) ? $userdata['locale'] : '';
$user_nicename_check = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1", $user_nicename, $user_login ) );
if ( $user_nicename_check ) {
$suffix = 2;
while ( $user_nicename_check ) {
// user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.
$base_length = 49 - mb_strlen( $suffix );
$alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . "-$suffix";
$user_nicename_check = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1", $alt_user_nicename, $user_login ) );
$suffix++;
}
$user_nicename = $alt_user_nicename;
}
$compacted = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered' );
$data = wp_unslash( $compacted );
if ( ! $update ) {
$data = $data + compact( 'user_login' );
}
/**
* Filters user data before the record is created or updated.
*
* It only includes data in the wp_users table wp_user, not any user metadata.
*
* @since 4.9.0
*
* @param array $data {
* Values and keys for the user.
*
* @type string $user_login The user's login. Only included if $update == false
* @type string $user_pass The user's password.
* @type string $user_email The user's email.
* @type string $user_url The user's url.
* @type string $user_nicename The user's nice name. Defaults to a URL-safe version of user's login
* @type string $display_name The user's display name.
* @type string $user_registered MySQL timestamp describing the moment when the user registered. Defaults to
* the current UTC timestamp.
* }
* @param bool $update Whether the user is being updated rather than created.
* @param int|null $id ID of the user to be updated, or NULL if the user is being created.
*/
$data = apply_filters( 'wp_pre_insert_user_data', $data, $update, $update ? (int) $ID : null );
if ( $update ) {
if ( $user_email !== $old_user_data->user_email || $user_pass !== $old_user_data->user_pass ) {
$data['user_activation_key'] = '';
}
$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
$user_id = (int) $ID;
} else {
$wpdb->insert( $wpdb->users, $data );
$user_id = (int) $wpdb->insert_id;
}
$user = new WP_User( $user_id );
/**
* Filters a user's meta values and keys immediately after the user is created or updated
* and before any user meta is inserted or updated.
*
* Does not include contact methods. These are added using `wp_get_user_contact_methods( $user )`.
*
* @since 4.4.0
*
* @param array $meta {
* Default meta values and keys for the user.
*
* @type string $nickname The user's nickname. Default is the user's username.
* @type string $first_name The user's first name.
* @type string $last_name The user's last name.
* @type string $description The user's description.
* @type bool $rich_editing Whether to enable the rich-editor for the user. False if not empty.
* @type bool $syntax_highlighting Whether to enable the rich code editor for the user. False if not empty.
* @type bool $comment_shortcuts Whether to enable keyboard shortcuts for the user. Default false.
* @type string $admin_color The color scheme for a user's admin screen. Default 'fresh'.
* @type int|bool $use_ssl Whether to force SSL on the user's admin area. 0|false if SSL is
* not forced.
* @type bool $show_admin_bar_front Whether to show the admin bar on the front end for the user.
* Default true.
* }
* @param WP_User $user User object.
* @param bool $update Whether the user is being updated rather than created.
*/
$meta = apply_filters( 'insert_user_meta', $meta, $user, $update );
// Update user meta.
foreach ( $meta as $key => $value ) {
update_user_meta( $user_id, $key, $value );
}
foreach ( wp_get_user_contact_methods( $user ) as $key => $value ) {
if ( isset( $userdata[ $key ] ) ) {
update_user_meta( $user_id, $key, $userdata[ $key ] );
}
}
if ( isset( $userdata['role'] ) ) {
$user->set_role( $userdata['role'] );
} elseif ( ! $update ) {
$user->set_role( get_option( 'default_role' ) );
}
wp_cache_delete( $user_id, 'users' );
wp_cache_delete( $user_login, 'userlogins' );
if ( $update ) {
/**
* Fires immediately after an existing user is updated.
*
* @since 2.0.0
*
* @param int $user_id User ID.
* @param WP_User $old_user_data Object containing user's data prior to update.
*/
do_action( 'profile_update', $user_id, $old_user_data );
} else {
/**
* Fires immediately after a new user is registered.
*
* @since 1.5.0
*
* @param int $user_id User ID.
*/
do_action( 'user_register', $user_id );
}
return $user_id;
}
/**
* Update a user in the database.
*
* It is possible to update a user's password by specifying the 'user_pass'
* value in the $userdata parameter array.
*
* If current user's password is being updated, then the cookies will be
* cleared.
*
* @since 2.0.0
*
* @see wp_insert_user() For what fields can be set in $userdata.
*
* @param array|object|WP_User $userdata An array of user data or a user object of type stdClass or WP_User.
* @return int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated.
*/
function wp_update_user( $userdata ) {
if ( $userdata instanceof stdClass ) {
$userdata = get_object_vars( $userdata );
} elseif ( $userdata instanceof WP_User ) {
$userdata = $userdata->to_array();
}
$ID = isset( $userdata['ID'] ) ? (int) $userdata['ID'] : 0;
if ( ! $ID ) {
return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) );
}
// First, get all of the original fields
$user_obj = get_userdata( $ID );
if ( ! $user_obj ) {
return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) );
}
$user = $user_obj->to_array();
// Add additional custom fields
foreach ( _get_additional_user_keys( $user_obj ) as $key ) {
$user[ $key ] = get_user_meta( $ID, $key, true );
}
// Escape data pulled from DB.
$user = add_magic_quotes( $user );
if ( ! empty( $userdata['user_pass'] ) && $userdata['user_pass'] !== $user_obj->user_pass ) {
// If password is changing, hash it now
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] );
/**
* Filters whether to send the password change email.
*
* @since 4.3.0
*
* @see wp_insert_user() For `$user` and `$userdata` fields.
*
* @param bool $send Whether to send the email.
* @param array $user The original user array.
* @param array $userdata The updated user array.
*/
$send_password_change_email = apply_filters( 'send_password_change_email', true, $user, $userdata );
}
if ( isset( $userdata['user_email'] ) && $user['user_email'] !== $userdata['user_email'] ) {
/**
* Filters whether to send the email change email.
*
* @since 4.3.0
*
* @see wp_insert_user() For `$user` and `$userdata` fields.
*
* @param bool $send Whether to send the email.
* @param array $user The original user array.
* @param array $userdata The updated user array.
*/
$send_email_change_email = apply_filters( 'send_email_change_email', true, $user, $userdata );
}
wp_cache_delete( $user['user_email'], 'useremail' );
wp_cache_delete( $user['user_nicename'], 'userslugs' );
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge( $user, $userdata );
$user_id = wp_insert_user( $userdata );
if ( ! is_wp_error( $user_id ) ) {
$blog_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
$switched_locale = false;
if ( ! empty( $send_password_change_email ) || ! empty( $send_email_change_email ) ) {
$switched_locale = switch_to_locale( get_user_locale( $user_id ) );
}
if ( ! empty( $send_password_change_email ) ) {
/* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$pass_change_text = __(
'Hi ###USERNAME###,
This notice confirms that your password was changed on ###SITENAME###.
If you did not change your password, please contact the Site Administrator at
###ADMIN_EMAIL###
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###'
);
$pass_change_email = array(
'to' => $user['user_email'],
/* translators: Password change notification email subject. %s: Site name */
'subject' => __( '[%s] Password Changed' ),
'message' => $pass_change_text,
'headers' => '',
);
/**
* Filters the contents of the email sent when the user's password is changed.
*
* @since 4.3.0
*
* @param array $pass_change_email {
* Used to build wp_mail().
* @type string $to The intended recipients. Add emails in a comma separated string.
* @type string $subject The subject of the email.
* @type string $message The content of the email.
* The following strings have a special meaning and will get replaced dynamically:
* - ###USERNAME### The current user's username.
* - ###ADMIN_EMAIL### The admin email in case this was unexpected.
* - ###EMAIL### The user's email address.
* - ###SITENAME### The name of the site.
* - ###SITEURL### The URL to the site.
* @type string $headers Headers. Add headers in a newline (\r\n) separated string.
* }
* @param array $user The original user array.
* @param array $userdata The updated user array.
*/
$pass_change_email = apply_filters( 'password_change_email', $pass_change_email, $user, $userdata );
$pass_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $pass_change_email['message'] );
$pass_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $pass_change_email['message'] );
$pass_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $pass_change_email['message'] );
$pass_change_email['message'] = str_replace( '###SITENAME###', $blog_name, $pass_change_email['message'] );
$pass_change_email['message'] = str_replace( '###SITEURL###', home_url(), $pass_change_email['message'] );
wp_mail( $pass_change_email['to'], sprintf( $pass_change_email['subject'], $blog_name ), $pass_change_email['message'], $pass_change_email['headers'] );
}
if ( ! empty( $send_email_change_email ) ) {
/* translators: Do not translate USERNAME, ADMIN_EMAIL, NEW_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_change_text = __(
'Hi ###USERNAME###,
This notice confirms that your email address on ###SITENAME### was changed to ###NEW_EMAIL###.
If you did not change your email, please contact the Site Administrator at
###ADMIN_EMAIL###
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###'
);
$email_change_email = array(
'to' => $user['user_email'],
/* translators: Email change notification email subject. %s: Site name */
'subject' => __( '[%s] Email Changed' ),
'message' => $email_change_text,
'headers' => '',
);
/**
* Filters the contents of the email sent when the user's email is changed.
*
* @since 4.3.0
*
* @param array $email_change_email {
* Used to build wp_mail().
* @type string $to The intended recipients.
* @type string $subject The subject of the email.
* @type string $message The content of the email.
* The following strings have a special meaning and will get replaced dynamically:
* - ###USERNAME### The current user's username.
* - ###ADMIN_EMAIL### The admin email in case this was unexpected.
* - ###NEW_EMAIL### The new email address.
* - ###EMAIL### The old email address.
* - ###SITENAME### The name of the site.
* - ###SITEURL### The URL to the site.
* @type string $headers Headers.
* }
* @param array $user The original user array.
* @param array $userdata The updated user array.
*/
$email_change_email = apply_filters( 'email_change_email', $email_change_email, $user, $userdata );
$email_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $email_change_email['message'] );
$email_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $email_change_email['message'] );
$email_change_email['message'] = str_replace( '###NEW_EMAIL###', $userdata['user_email'], $email_change_email['message'] );
$email_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $email_change_email['message'] );
$email_change_email['message'] = str_replace( '###SITENAME###', $blog_name, $email_change_email['message'] );
$email_change_email['message'] = str_replace( '###SITEURL###', home_url(), $email_change_email['message'] );
wp_mail( $email_change_email['to'], sprintf( $email_change_email['subject'], $blog_name ), $email_change_email['message'], $email_change_email['headers'] );
}
if ( $switched_locale ) {
restore_previous_locale();
}
}
// Update the cookies if the password changed.
$current_user = wp_get_current_user();
if ( $current_user->ID == $ID ) {
if ( isset( $plaintext_pass ) ) {
wp_clear_auth_cookie();
// Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
// If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
$logged_in_cookie = wp_parse_auth_cookie( '', 'logged_in' );
/** This filter is documented in wp-includes/pluggable.php */
$default_cookie_life = apply_filters( 'auth_cookie_expiration', ( 2 * DAY_IN_SECONDS ), $ID, false );
$remember = ( ( $logged_in_cookie['expiration'] - time() ) > $default_cookie_life );
wp_set_auth_cookie( $ID, $remember );
}
}
return $user_id;
}
/**
* A simpler way of inserting a user into the database.
*
* Creates a new user with just the username, password, and email. For more
* complex user creation use wp_insert_user() to specify more information.
*
* @since 2.0.0
* @see wp_insert_user() More complete way to create a new user
*
* @param string $username The user's username.
* @param string $password The user's password.
* @param string $email Optional. The user's email. Default empty.
* @return int|WP_Error The newly created user's ID or a WP_Error object if the user could not
* be created.
*/
function wp_create_user( $username, $password, $email = '' ) {
$user_login = wp_slash( $username );
$user_email = wp_slash( $email );
$user_pass = $password;
$userdata = compact( 'user_login', 'user_email', 'user_pass' );
return wp_insert_user( $userdata );
}
/**
* Returns a list of meta keys to be (maybe) populated in wp_update_user().
*
* The list of keys returned via this function are dependent on the presence
* of those keys in the user meta data to be set.
*
* @since 3.3.0
* @access private
*
* @param WP_User $user WP_User instance.
* @return array List of user keys to be populated in wp_update_user().
*/
function _get_additional_user_keys( $user ) {
$keys = array( 'first_name', 'last_name', 'nickname', 'description', 'rich_editing', 'syntax_highlighting', 'comment_shortcuts', 'admin_color', 'use_ssl', 'show_admin_bar_front', 'locale' );
return array_merge( $keys, array_keys( wp_get_user_contact_methods( $user ) ) );
}
/**
* Set up the user contact methods.
*
* Default contact methods were removed in 3.6. A filter dictates contact methods.
*
* @since 3.7.0
*
* @param WP_User $user Optional. WP_User object.
* @return array Array of contact methods and their labels.
*/
function wp_get_user_contact_methods( $user = null ) {
$methods = array();
if ( get_site_option( 'initial_db_version' ) < 23588 ) {
$methods = array(
'aim' => __( 'AIM' ),
'yim' => __( 'Yahoo IM' ),
'jabber' => __( 'Jabber / Google Talk' ),
);
}
/**
* Filters the user contact methods.
*
* @since 2.9.0
*
* @param array $methods Array of contact methods and their labels.
* @param WP_User $user WP_User object.
*/
return apply_filters( 'user_contactmethods', $methods, $user );
}
/**
* The old private function for setting up user contact methods.
*
* Use wp_get_user_contact_methods() instead.
*
* @since 2.9.0
* @access private
*
* @param WP_User $user Optional. WP_User object. Default null.
* @return array Array of contact methods and their labels.
*/
function _wp_get_user_contactmethods( $user = null ) {
return wp_get_user_contact_methods( $user );
}
/**
* Gets the text suggesting how to create strong passwords.
*
* @since 4.1.0
*
* @return string The password hint text.
*/
function wp_get_password_hint() {
$hint = __( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' );
/**
* Filters the text describing the site's password complexity policy.
*
* @since 4.1.0
*
* @param string $hint The password hint text.
*/
return apply_filters( 'password_hint', $hint );
}
/**
* Creates, stores, then returns a password reset key for user.
*
* @since 4.4.0
*
* @global wpdb $wpdb WordPress database abstraction object.
* @global PasswordHash $wp_hasher Portable PHP password hashing framework.
*
* @param WP_User $user User to retrieve password reset key for.
*
* @return string|WP_Error Password reset key on success. WP_Error on error.
*/
function get_password_reset_key( $user ) {
global $wpdb, $wp_hasher;
if ( ! ( $user instanceof WP_User ) ) {
return new WP_Error( 'invalidcombo', __( 'ERROR: There is no account with that username or email address.' ) );
}
/**
* Fires before a new password is retrieved.
*
* Use the {@see 'retrieve_password'} hook instead.
*
* @since 1.5.0
* @deprecated 1.5.1 Misspelled. Use 'retrieve_password' hook instead.
*
* @param string $user_login The user login name.
*/
do_action( 'retreive_password', $user->user_login );
/**
* Fires before a new password is retrieved.
*
* @since 1.5.1
*
* @param string $user_login The user login name.
*/
do_action( 'retrieve_password', $user->user_login );
$allow = true;
if ( is_multisite() && is_user_spammy( $user ) ) {
$allow = false;
}
/**
* Filters whether to allow a password to be reset.
*
* @since 2.7.0
*
* @param bool $allow Whether to allow the password to be reset. Default true.
* @param int $user_data->ID The ID of the user attempting to reset a password.
*/
$allow = apply_filters( 'allow_password_reset', $allow, $user->ID );
if ( ! $allow ) {
return new WP_Error( 'no_password_reset', __( 'Password reset is not allowed for this user' ) );
} elseif ( is_wp_error( $allow ) ) {
return $allow;
}
// Generate something random for a password reset key.
$key = wp_generate_password( 20, false );
/**
* Fires when a password reset key is generated.
*
* @since 2.5.0
*
* @param string $user_login The username for the user.
* @param string $key The generated password reset key.
*/
do_action( 'retrieve_password_key', $user->user_login, $key );
// Now insert the key, hashed, into the DB.
if ( empty( $wp_hasher ) ) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
}
$hashed = time() . ':' . $wp_hasher->HashPassword( $key );
$key_saved = $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );
if ( false === $key_saved ) {
return new WP_Error( 'no_password_key_update', __( 'Could not save password reset key to database.' ) );
}
return $key;
}
/**
* Retrieves a user row based on password reset key and login
*
* A key is considered 'expired' if it exactly matches the value of the
* user_activation_key field, rather than being matched after going through the
* hashing process. This field is now hashed; old values are no longer accepted
* but have a different WP_Error code so good user feedback can be provided.
*
* @since 3.1.0
*
* @global wpdb $wpdb WordPress database object for queries.
* @global PasswordHash $wp_hasher Portable PHP password hashing framework instance.
*
* @param string $key Hash to validate sending user's password.
* @param string $login The user login.
* @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys.
*/
function check_password_reset_key( $key, $login ) {
global $wpdb, $wp_hasher;
$key = preg_replace( '/[^a-z0-9]/i', '', $key );
if ( empty( $key ) || ! is_string( $key ) ) {
return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
}
if ( empty( $login ) || ! is_string( $login ) ) {
return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
}
$row = $wpdb->get_row( $wpdb->prepare( "SELECT ID, user_activation_key FROM $wpdb->users WHERE user_login = %s", $login ) );
if ( ! $row ) {
return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
}
if ( empty( $wp_hasher ) ) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
}
/**
* Filters the expiration time of password reset keys.
*
* @since 4.3.0
*
* @param int $expiration The expiration time in seconds.
*/
$expiration_duration = apply_filters( 'password_reset_expiration', DAY_IN_SECONDS );
if ( false !== strpos( $row->user_activation_key, ':' ) ) {
list( $pass_request_time, $pass_key ) = explode( ':', $row->user_activation_key, 2 );
$expiration_time = $pass_request_time + $expiration_duration;
} else {
$pass_key = $row->user_activation_key;
$expiration_time = false;
}
if ( ! $pass_key ) {
return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
}
$hash_is_correct = $wp_hasher->CheckPassword( $key, $pass_key );
if ( $hash_is_correct && $expiration_time && time() < $expiration_time ) {
return get_userdata( $row->ID );
} elseif ( $hash_is_correct && $expiration_time ) {
// Key has an expiration time that's passed
return new WP_Error( 'expired_key', __( 'Invalid key.' ) );
}
if ( hash_equals( $row->user_activation_key, $key ) || ( $hash_is_correct && ! $expiration_time ) ) {
$return = new WP_Error( 'expired_key', __( 'Invalid key.' ) );
$user_id = $row->ID;
/**
* Filters the return value of check_password_reset_key() when an
* old-style key is used.
*
* @since 3.7.0 Previously plain-text keys were stored in the database.
* @since 4.3.0 Previously key hashes were stored without an expiration time.
*
* @param WP_Error $return A WP_Error object denoting an expired key.
* Return a WP_User object to validate the key.
* @param int $user_id The matched user ID.
*/
return apply_filters( 'password_reset_key_expired', $return, $user_id );
}
return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
}
/**
* Handles resetting the user's password.
*
* @since 2.5.0
*
* @param WP_User $user The user
* @param string $new_pass New password for the user in plaintext
*/
function reset_password( $user, $new_pass ) {
/**
* Fires before the user's password is reset.
*
* @since 1.5.0
*
* @param object $user The user.
* @param string $new_pass New user password.
*/
do_action( 'password_reset', $user, $new_pass );
wp_set_password( $new_pass, $user->ID );
update_user_option( $user->ID, 'default_password_nag', false, true );
/**
* Fires after the user's password is reset.
*
* @since 4.4.0
*
* @param WP_User $user The user.
* @param string $new_pass New user password.
*/
do_action( 'after_password_reset', $user, $new_pass );
}
/**
* Handles registering a new user.
*
* @since 2.5.0
*
* @param string $user_login User's username for logging in
* @param string $user_email User's email address to send password and add
* @return int|WP_Error Either user's ID or error on failure.
*/
function register_new_user( $user_login, $user_email ) {
$errors = new WP_Error();
$sanitized_user_login = sanitize_user( $user_login );
/**
* Filters the email address of a user being registered.
*
* @since 2.1.0
*
* @param string $user_email The email address of the new user.
*/
$user_email = apply_filters( 'user_registration_email', $user_email );
// Check the username
if ( $sanitized_user_login == '' ) {
$errors->add( 'empty_username', __( 'ERROR: Please enter a username.' ) );
} elseif ( ! validate_username( $user_login ) ) {
$errors->add( 'invalid_username', __( 'ERROR: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
$sanitized_user_login = '';
} elseif ( username_exists( $sanitized_user_login ) ) {
$errors->add( 'username_exists', __( 'ERROR: This username is already registered. Please choose another one.' ) );
} else {
/** This filter is documented in wp-includes/user.php */
$illegal_user_logins = array_map( 'strtolower', (array) apply_filters( 'illegal_user_logins', array() ) );
if ( in_array( strtolower( $sanitized_user_login ), $illegal_user_logins ) ) {
$errors->add( 'invalid_username', __( 'ERROR: Sorry, that username is not allowed.' ) );
}
}
// Check the email address
if ( $user_email == '' ) {
$errors->add( 'empty_email', __( 'ERROR: Please type your email address.' ) );
} elseif ( ! is_email( $user_email ) ) {
$errors->add( 'invalid_email', __( 'ERROR: The email address isn’t correct.' ) );
$user_email = '';
} elseif ( email_exists( $user_email ) ) {
$errors->add( 'email_exists', __( 'ERROR: This email is already registered, please choose another one.' ) );
}
/**
* Fires when submitting registration form data, before the user is created.
*
* @since 2.1.0
*
* @param string $sanitized_user_login The submitted username after being sanitized.
* @param string $user_email The submitted email.
* @param WP_Error $errors Contains any errors with submitted username and email,
* e.g., an empty field, an invalid username or email,
* or an existing username or email.
*/
do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
/**
* Filters the errors encountered when a new user is being registered.
*
* The filtered WP_Error object may, for example, contain errors for an invalid
* or existing username or email address. A WP_Error object should always returned,
* but may or may not contain errors.
*
* If any errors are present in $errors, this will abort the user's registration.
*
* @since 2.1.0
*
* @param WP_Error $errors A WP_Error object containing any errors encountered
* during registration.
* @param string $sanitized_user_login User's username after it has been sanitized.
* @param string $user_email User's email.
*/
$errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
if ( $errors->has_errors() ) {
return $errors;
}
$user_pass = wp_generate_password( 12, false );
$user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
if ( ! $user_id || is_wp_error( $user_id ) ) {
$errors->add( 'registerfail', sprintf( __( 'ERROR: Couldn’t register you… please contact the webmaster !' ), get_option( 'admin_email' ) ) );
return $errors;
}
update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
/**
* Fires after a new user registration has been recorded.
*
* @since 4.4.0
*
* @param int $user_id ID of the newly registered user.
*/
do_action( 'register_new_user', $user_id );
return $user_id;
}
/**
* Initiates email notifications related to the creation of new users.
*
* Notifications are sent both to the site admin and to the newly created user.
*
* @since 4.4.0
* @since 4.6.0 Converted the `$notify` parameter to accept 'user' for sending
* notifications only to the user created.
*
* @param int $user_id ID of the newly created user.
* @param string $notify Optional. Type of notification that should happen. Accepts 'admin'
* or an empty string (admin only), 'user', or 'both' (admin and user).
* Default 'both'.
*/
function wp_send_new_user_notifications( $user_id, $notify = 'both' ) {
wp_new_user_notification( $user_id, null, $notify );
}
/**
* Retrieve the current session token from the logged_in cookie.
*
* @since 4.0.0
*
* @return string Token.
*/
function wp_get_session_token() {
$cookie = wp_parse_auth_cookie( '', 'logged_in' );
return ! empty( $cookie['token'] ) ? $cookie['token'] : '';
}
/**
* Retrieve a list of sessions for the current user.
*
* @since 4.0.0
* @return array Array of sessions.
*/
function wp_get_all_sessions() {
$manager = WP_Session_Tokens::get_instance( get_current_user_id() );
return $manager->get_all();
}
/**
* Remove the current session token from the database.
*
* @since 4.0.0
*/
function wp_destroy_current_session() {
$token = wp_get_session_token();
if ( $token ) {
$manager = WP_Session_Tokens::get_instance( get_current_user_id() );
$manager->destroy( $token );
}
}
/**
* Remove all but the current session token for the current user for the database.
*
* @since 4.0.0
*/
function wp_destroy_other_sessions() {
$token = wp_get_session_token();
if ( $token ) {
$manager = WP_Session_Tokens::get_instance( get_current_user_id() );
$manager->destroy_others( $token );
}
}
/**
* Remove all session tokens for the current user from the database.
*
* @since 4.0.0
*/
function wp_destroy_all_sessions() {
$manager = WP_Session_Tokens::get_instance( get_current_user_id() );
$manager->destroy_all();
}
/**
* Get the user IDs of all users with no role on this site.
*
* @since 4.4.0
* @since 4.9.0 The `$site_id` parameter was added to support multisite.
*
* @param int|null $site_id Optional. The site ID to get users with no role for. Defaults to the current site.
* @return array Array of user IDs.
*/
function wp_get_users_with_no_role( $site_id = null ) {
global $wpdb;
if ( ! $site_id ) {
$site_id = get_current_blog_id();
}
$prefix = $wpdb->get_blog_prefix( $site_id );
if ( is_multisite() && $site_id != get_current_blog_id() ) {
switch_to_blog( $site_id );
$role_names = wp_roles()->get_names();
restore_current_blog();
} else {
$role_names = wp_roles()->get_names();
}
$regex = implode( '|', array_keys( $role_names ) );
$regex = preg_replace( '/[^a-zA-Z_\|-]/', '', $regex );
$users = $wpdb->get_col(
$wpdb->prepare(
"
SELECT user_id
FROM $wpdb->usermeta
WHERE meta_key = '{$prefix}capabilities'
AND meta_value NOT REGEXP %s
",
$regex
)
);
return $users;
}
/**
* Retrieves the current user object.
*
* Will set the current user, if the current user is not set. The current user
* will be set to the logged-in person. If no user is logged-in, then it will
* set the current user to 0, which is invalid and won't have any permissions.
*
* This function is used by the pluggable functions wp_get_current_user() and
* get_currentuserinfo(), the latter of which is deprecated but used for backward
* compatibility.
*
* @since 4.5.0
* @access private
*
* @see wp_get_current_user()
* @global WP_User $current_user Checks if the current user is set.
*
* @return WP_User Current WP_User instance.
*/
function _wp_get_current_user() {
global $current_user;
if ( ! empty( $current_user ) ) {
if ( $current_user instanceof WP_User ) {
return $current_user;
}
// Upgrade stdClass to WP_User
if ( is_object( $current_user ) && isset( $current_user->ID ) ) {
$cur_id = $current_user->ID;
$current_user = null;
wp_set_current_user( $cur_id );
return $current_user;
}
// $current_user has a junk value. Force to WP_User with ID 0.
$current_user = null;
wp_set_current_user( 0 );
return $current_user;
}
if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
wp_set_current_user( 0 );
return $current_user;
}
/**
* Filters the current user.
*
* The default filters use this to determine the current user from the
* request's cookies, if available.
*
* Returning a value of false will effectively short-circuit setting
* the current user.
*
* @since 3.9.0
*
* @param int|bool $user_id User ID if one has been determined, false otherwise.
*/
$user_id = apply_filters( 'determine_current_user', false );
if ( ! $user_id ) {
wp_set_current_user( 0 );
return $current_user;
}
wp_set_current_user( $user_id );
return $current_user;
}
/**
* Send a confirmation request email when a change of user email address is attempted.
*
* @since 3.0.0
* @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific.
*
* @global WP_Error $errors WP_Error object.
*/
function send_confirmation_on_profile_email() {
global $errors;
$current_user = wp_get_current_user();
if ( ! is_object( $errors ) ) {
$errors = new WP_Error();
}
if ( $current_user->ID != $_POST['user_id'] ) {
return false;
}
if ( $current_user->user_email != $_POST['email'] ) {
if ( ! is_email( $_POST['email'] ) ) {
$errors->add(
'user_email',
__( 'ERROR: The email address isn’t correct.' ),
array(
'form-field' => 'email',
)
);
return;
}
if ( email_exists( $_POST['email'] ) ) {
$errors->add(
'user_email',
__( 'ERROR: The email address is already used.' ),
array(
'form-field' => 'email',
)
);
delete_user_meta( $current_user->ID, '_new_email' );
return;
}
$hash = md5( $_POST['email'] . time() . wp_rand() );
$new_user_email = array(
'hash' => $hash,
'newemail' => $_POST['email'],
);
update_user_meta( $current_user->ID, '_new_email', $new_user_email );
$sitename = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
/* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_text = __(
'Howdy ###USERNAME###,
You recently requested to have the email address on your account changed.
If this is correct, please click on the following link to change it:
###ADMIN_URL###
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###'
);
/**
* Filters the text of the email sent when a change of user email address is attempted.
*
* The following strings have a special meaning and will get replaced dynamically:
* ###USERNAME### The current user's username.
* ###ADMIN_URL### The link to click on to confirm the email change.
* ###EMAIL### The new email.
* ###SITENAME### The name of the site.
* ###SITEURL### The URL to the site.
*
* @since MU (3.0.0)
* @since 4.9.0 This filter is no longer Multisite specific.
*
* @param string $email_text Text in the email.
* @param array $new_user_email {
* Data relating to the new user email address.
*
* @type string $hash The secure hash used in the confirmation link URL.
* @type string $newemail The proposed new email address.
* }
*/
$content = apply_filters( 'new_user_email_content', $email_text, $new_user_email );
$content = str_replace( '###USERNAME###', $current_user->user_login, $content );
$content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'profile.php?newuseremail=' . $hash ) ), $content );
$content = str_replace( '###EMAIL###', $_POST['email'], $content );
$content = str_replace( '###SITENAME###', $sitename, $content );
$content = str_replace( '###SITEURL###', home_url(), $content );
/* translators: New email address notification email subject. %s: Site name */
wp_mail( $_POST['email'], sprintf( __( '[%s] Email Change Request' ), $sitename ), $content );
$_POST['email'] = $current_user->user_email;
}
}
/**
* Adds an admin notice alerting the user to check for confirmation request email
* after email address change.
*
* @since 3.0.0
* @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific.
*
* @global string $pagenow
*/
function new_user_email_admin_notice() {
global $pagenow;
if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) ) {
$email = get_user_meta( get_current_user_id(), '_new_email', true );
if ( $email ) {
/* translators: %s: New email address */
echo '
' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '' . esc_html( $email['newemail'] ) . '
' ) . '
' . __( 'Action has been confirmed.' ) . '
'; $message .= '' . __( 'The site administrator has been notified and will fulfill your request as soon as possible.' ) . '
'; if ( $request && in_array( $request->action_name, _wp_privacy_action_request_types(), true ) ) { if ( 'export_personal_data' === $request->action_name ) { $message = '' . __( 'Thanks for confirming your export request.' ) . '
'; $message .= '' . __( 'The site administrator has been notified. You will receive a link to download your export via email when they fulfill your request.' ) . '
'; } elseif ( 'remove_personal_data' === $request->action_name ) { $message = '' . __( 'Thanks for confirming your erasure request.' ) . '
'; $message .= '' . __( 'The site administrator has been notified. You will receive an email confirmation when they erase your data.' ) . '
'; } } /** * Filters the message displayed to a user when they confirm a data request. * * @since 4.9.6 * * @param string $message The message to the user. * @param int $request_id The ID of the request being confirmed. */ $message = apply_filters( 'user_request_action_confirmed_message', $message, $request_id ); return $message; } /** * Create and log a user request to perform a specific action. * * Requests are stored inside a post type named `user_request` since they can apply to both * users on the site, or guests without a user account. * * @since 4.9.6 * * @param string $email_address User email address. This can be the address of a registered or non-registered user. * @param string $action_name Name of the action that is being confirmed. Required. * @param array $request_data Misc data you want to send with the verification request and pass to the actions once the request is confirmed. * @return int|WP_Error Returns the request ID if successful, or a WP_Error object on failure. */ function wp_create_user_request( $email_address = '', $action_name = '', $request_data = array() ) { $email_address = sanitize_email( $email_address ); $action_name = sanitize_key( $action_name ); if ( ! is_email( $email_address ) ) { return new WP_Error( 'invalid_email', __( 'Invalid email address.' ) ); } if ( ! $action_name ) { return new WP_Error( 'invalid_action', __( 'Invalid action name.' ) ); } $user = get_user_by( 'email', $email_address ); $user_id = $user && ! is_wp_error( $user ) ? $user->ID : 0; // Check for duplicates. $requests_query = new WP_Query( array( 'post_type' => 'user_request', 'post_name__in' => array( $action_name ), // Action name stored in post_name column. 'title' => $email_address, // Email address stored in post_title column. 'post_status' => array( 'request-pending', 'request-confirmed', ), 'fields' => 'ids', ) ); if ( $requests_query->found_posts ) { return new WP_Error( 'duplicate_request', __( 'An incomplete request for this email address already exists.' ) ); } $request_id = wp_insert_post( array( 'post_author' => $user_id, 'post_name' => $action_name, 'post_title' => $email_address, 'post_content' => wp_json_encode( $request_data ), 'post_status' => 'request-pending', 'post_type' => 'user_request', 'post_date' => current_time( 'mysql', false ), 'post_date_gmt' => current_time( 'mysql', true ), ), true ); return $request_id; } /** * Get action description from the name and return a string. * * @since 4.9.6 * * @param string $action_name Action name of the request. * @return string Human readable action name. */ function wp_user_request_action_description( $action_name ) { switch ( $action_name ) { case 'export_personal_data': $description = __( 'Export Personal Data' ); break; case 'remove_personal_data': $description = __( 'Erase Personal Data' ); break; default: /* translators: %s: action name */ $description = sprintf( __( 'Confirm the "%s" action' ), $action_name ); break; } /** * Filters the user action description. * * @since 4.9.6 * * @param string $description The default description. * @param string $action_name The name of the request. */ return apply_filters( 'user_request_action_description', $description, $action_name ); } /** * Send a confirmation request email to confirm an action. * * If the request is not already pending, it will be updated. * * @since 4.9.6 * * @param string $request_id ID of the request created via wp_create_user_request(). * @return bool|WP_Error True on success, `WP_Error` on failure. */ function wp_send_user_request( $request_id ) { $request_id = absint( $request_id ); $request = wp_get_user_request_data( $request_id ); if ( ! $request ) { return new WP_Error( 'invalid_request', __( 'Invalid user request.' ) ); } // Localize message content for user; fallback to site default for visitors. if ( ! empty( $request->user_id ) ) { $locale = get_user_locale( $request->user_id ); } else { $locale = get_locale(); } $switched_locale = switch_to_locale( $locale ); $email_data = array( 'request' => $request, 'email' => $request->email, 'description' => wp_user_request_action_description( $request->action_name ), 'confirm_url' => add_query_arg( array( 'action' => 'confirmaction', 'request_id' => $request_id, 'confirm_key' => wp_generate_user_request_key( $request_id ), ), wp_login_url() ), 'sitename' => wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), 'siteurl' => home_url(), ); /* translators: Do not translate DESCRIPTION, CONFIRM_URL, SITENAME, SITEURL: those are placeholders. */ $email_text = __( 'Howdy, A request has been made to perform the following action on your account: ###DESCRIPTION### To confirm this, please click on the following link: ###CONFIRM_URL### You can safely ignore and delete this email if you do not want to take this action. Regards, All at ###SITENAME### ###SITEURL###' ); /** * Filters the text of the email sent when an account action is attempted. * * The following strings have a special meaning and will get replaced dynamically: * * ###DESCRIPTION### Description of the action being performed so the user knows what the email is for. * ###CONFIRM_URL### The link to click on to confirm the account action. * ###SITENAME### The name of the site. * ###SITEURL### The URL to the site. * * @since 4.9.6 * * @param string $email_text Text in the email. * @param array $email_data { * Data relating to the account action email. * * @type WP_User_Request $request User request object. * @type string $email The email address this is being sent to. * @type string $description Description of the action being performed so the user knows what the email is for. * @type string $confirm_url The link to click on to confirm the account action. * @type string $sitename The site name sending the mail. * @type string $siteurl The site URL sending the mail. * } */ $content = apply_filters( 'user_request_action_email_content', $email_text, $email_data ); $content = str_replace( '###DESCRIPTION###', $email_data['description'], $content ); $content = str_replace( '###CONFIRM_URL###', esc_url_raw( $email_data['confirm_url'] ), $content ); $content = str_replace( '###EMAIL###', $email_data['email'], $content ); $content = str_replace( '###SITENAME###', $email_data['sitename'], $content ); $content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content ); /* translators: Confirm privacy data request notification email subject. 1: Site title, 2: Name of the action */ $subject = sprintf( __( '[%1$s] Confirm Action: %2$s' ), $email_data['sitename'], $email_data['description'] ); /** * Filters the subject of the email sent when an account action is attempted. * * @since 4.9.6 * * @param string $subject The email subject. * @param string $sitename The name of the site. * @param array $email_data { * Data relating to the account action email. * * @type WP_User_Request $request User request object. * @type string $email The email address this is being sent to. * @type string $description Description of the action being performed so the user knows what the email is for. * @type string $confirm_url The link to click on to confirm the account action. * @type string $sitename The site name sending the mail. * @type string $siteurl The site URL sending the mail. * } */ $subject = apply_filters( 'user_request_action_email_subject', $subject, $email_data['sitename'], $email_data ); $email_sent = wp_mail( $email_data['email'], $subject, $content ); if ( $switched_locale ) { restore_previous_locale(); } if ( ! $email_sent ) { return new WP_Error( 'privacy_email_error', __( 'Unable to send personal data export confirmation email.' ) ); } return true; } /** * Returns a confirmation key for a user action and stores the hashed version for future comparison. * * @since 4.9.6 * * @param int $request_id Request ID. * @return string Confirmation key. */ function wp_generate_user_request_key( $request_id ) { global $wp_hasher; // Generate something random for a confirmation key. $key = wp_generate_password( 20, false ); // Return the key, hashed. if ( empty( $wp_hasher ) ) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash( 8, true ); } wp_update_post( array( 'ID' => $request_id, 'post_status' => 'request-pending', 'post_password' => $wp_hasher->HashPassword( $key ), ) ); return $key; } /** * Validate a user request by comparing the key with the request's key. * * @since 4.9.6 * * @param string $request_id ID of the request being confirmed. * @param string $key Provided key to validate. * @return bool|WP_Error WP_Error on failure, true on success. */ function wp_validate_user_request_key( $request_id, $key ) { global $wp_hasher; $request_id = absint( $request_id ); $request = wp_get_user_request_data( $request_id ); if ( ! $request ) { return new WP_Error( 'invalid_request', __( 'Invalid request.' ) ); } if ( ! in_array( $request->status, array( 'request-pending', 'request-failed' ), true ) ) { return new WP_Error( 'expired_link', __( 'This link has expired.' ) ); } if ( empty( $key ) ) { return new WP_Error( 'missing_key', __( 'Missing confirm key.' ) ); } if ( empty( $wp_hasher ) ) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash( 8, true ); } $key_request_time = $request->modified_timestamp; $saved_key = $request->confirm_key; if ( ! $saved_key ) { return new WP_Error( 'invalid_key', __( 'Invalid key.' ) ); } if ( ! $key_request_time ) { return new WP_Error( 'invalid_key', __( 'Invalid action.' ) ); } /** * Filters the expiration time of confirm keys. * * @since 4.9.6 * * @param int $expiration The expiration time in seconds. */ $expiration_duration = (int) apply_filters( 'user_request_key_expiration', DAY_IN_SECONDS ); $expiration_time = $key_request_time + $expiration_duration; if ( ! $wp_hasher->CheckPassword( $key, $saved_key ) ) { return new WP_Error( 'invalid_key', __( 'Invalid key.' ) ); } if ( ! $expiration_time || time() > $expiration_time ) { return new WP_Error( 'expired_key', __( 'The confirmation email has expired.' ) ); } return true; } /** * Return data about a user request. * * @since 4.9.6 * * @param int $request_id Request ID to get data about. * @return WP_User_Request|false */ function wp_get_user_request_data( $request_id ) { $request_id = absint( $request_id ); $post = get_post( $request_id ); if ( ! $post || 'user_request' !== $post->post_type ) { return false; } return new WP_User_Request( $post ); } /** * WP_User_Request class. * * Represents user request data loaded from a WP_Post object. * * @since 4.9.6 */ final class WP_User_Request { /** * Request ID. * * @var int */ public $ID = 0; /** * User ID. * * @var int */ public $user_id = 0; /** * User email. * * @var int */ public $email = ''; /** * Action name. * * @var string */ public $action_name = ''; /** * Current status. * * @var string */ public $status = ''; /** * Timestamp this request was created. * * @var int|null */ public $created_timestamp = null; /** * Timestamp this request was last modified. * * @var int|null */ public $modified_timestamp = null; /** * Timestamp this request was confirmed. * * @var int */ public $confirmed_timestamp = null; /** * Timestamp this request was completed. * * @var int */ public $completed_timestamp = null; /** * Misc data assigned to this request. * * @var array */ public $request_data = array(); /** * Key used to confirm this request. * * @var string */ public $confirm_key = ''; /** * Constructor. * * @since 4.9.6 * * @param WP_Post|object $post Post object. */ public function __construct( $post ) { $this->ID = $post->ID; $this->user_id = $post->post_author; $this->email = $post->post_title; $this->action_name = $post->post_name; $this->status = $post->post_status; $this->created_timestamp = strtotime( $post->post_date_gmt ); $this->modified_timestamp = strtotime( $post->post_modified_gmt ); $this->confirmed_timestamp = (int) get_post_meta( $post->ID, '_wp_user_request_confirmed_timestamp', true ); $this->completed_timestamp = (int) get_post_meta( $post->ID, '_wp_user_request_completed_timestamp', true ); $this->request_data = json_decode( $post->post_content, true ); $this->confirm_key = $post->post_password; } } /** * User API: WP_User_Query class * * @package WordPress * @subpackage Users * @since 4.4.0 */ /** * Core class used for querying users. * * @since 3.1.0 * * @see WP_User_Query::prepare_query() for information on accepted arguments. */ class WP_User_Query { /** * Query vars, after parsing * * @since 3.5.0 * @var array */ public $query_vars = array(); /** * List of found user ids * * @since 3.1.0 * @var array */ private $results; /** * Total number of found users for the current query * * @since 3.1.0 * @var int */ private $total_users = 0; /** * Metadata query container. * * @since 4.2.0 * @var WP_Meta_Query */ public $meta_query = false; /** * The SQL query used to fetch matching users. * * @since 4.4.0 * @var string */ public $request; private $compat_fields = array( 'results', 'total_users' ); // SQL clauses public $query_fields; public $query_from; public $query_where; public $query_orderby; public $query_limit; /** * PHP5 constructor. * * @since 3.1.0 * * @param null|string|array $query Optional. The query variables. */ public function __construct( $query = null ) { if ( ! empty( $query ) ) { $this->prepare_query( $query ); $this->query(); } } /** * Fills in missing query variables with default values. * * @since 4.4.0 * * @param array $args Query vars, as passed to `WP_User_Query`. * @return array Complete query variables with undefined ones filled in with defaults. */ public static function fill_query_vars( $args ) { $defaults = array( 'blog_id' => get_current_blog_id(), 'role' => '', 'role__in' => array(), 'role__not_in' => array(), 'meta_key' => '', 'meta_value' => '', 'meta_compare' => '', 'include' => array(), 'exclude' => array(), 'search' => '', 'search_columns' => array(), 'orderby' => 'login', 'order' => 'ASC', 'offset' => '', 'number' => '', 'paged' => 1, 'count_total' => true, 'fields' => 'all', 'who' => '', 'has_published_posts' => null, 'nicename' => '', 'nicename__in' => array(), 'nicename__not_in' => array(), 'login' => '', 'login__in' => array(), 'login__not_in' => array(), ); return wp_parse_args( $args, $defaults ); } /** * Prepare the query variables. * * @since 3.1.0 * @since 4.1.0 Added the ability to order by the `include` value. * @since 4.2.0 Added 'meta_value_num' support for `$orderby` parameter. Added multi-dimensional array syntax * for `$orderby` parameter. * @since 4.3.0 Added 'has_published_posts' parameter. * @since 4.4.0 Added 'paged', 'role__in', and 'role__not_in' parameters. The 'role' parameter was updated to * permit an array or comma-separated list of values. The 'number' parameter was updated to support * querying for all users with using -1. * @since 4.7.0 Added 'nicename', 'nicename__in', 'nicename__not_in', 'login', 'login__in', * and 'login__not_in' parameters. * * @global wpdb $wpdb WordPress database abstraction object. * @global int $blog_id * * @param string|array $query { * Optional. Array or string of Query parameters. * * @type int $blog_id The site ID. Default is the current site. * @type string|array $role An array or a comma-separated list of role names that users must match * to be included in results. Note that this is an inclusive list: users * must match *each* role. Default empty. * @type array $role__in An array of role names. Matched users must have at least one of these * roles. Default empty array. * @type array $role__not_in An array of role names to exclude. Users matching one or more of these * roles will not be included in results. Default empty array. * @type string $meta_key User meta key. Default empty. * @type string $meta_value User meta value. Default empty. * @type string $meta_compare Comparison operator to test the `$meta_value`. Accepts '=', '!=', * '>', '>=', '<', '<=', 'LIKE', 'NOT LIKE', 'IN', 'NOT IN', * 'BETWEEN', 'NOT BETWEEN', 'EXISTS', 'NOT EXISTS', 'REGEXP', * 'NOT REGEXP', or 'RLIKE'. Default '='. * @type array $include An array of user IDs to include. Default empty array. * @type array $exclude An array of user IDs to exclude. Default empty array. * @type string $search Search keyword. Searches for possible string matches on columns. * When `$search_columns` is left empty, it tries to determine which * column to search in based on search string. Default empty. * @type array $search_columns Array of column names to be searched. Accepts 'ID', 'login', * 'nicename', 'email', 'url'. Default empty array. * @type string|array $orderby Field(s) to sort the retrieved users by. May be a single value, * an array of values, or a multi-dimensional array with fields as * keys and orders ('ASC' or 'DESC') as values. Accepted values are * 'ID', 'display_name' (or 'name'), 'include', 'user_login' * (or 'login'), 'login__in', 'user_nicename' (or 'nicename'), * 'nicename__in', 'user_email (or 'email'), 'user_url' (or 'url'), * 'user_registered' (or 'registered'), 'post_count', 'meta_value', * 'meta_value_num', the value of `$meta_key`, or an array key of * `$meta_query`. To use 'meta_value' or 'meta_value_num', `$meta_key` * must be also be defined. Default 'user_login'. * @type string $order Designates ascending or descending order of users. Order values * passed as part of an `$orderby` array take precedence over this * parameter. Accepts 'ASC', 'DESC'. Default 'ASC'. * @type int $offset Number of users to offset in retrieved results. Can be used in * conjunction with pagination. Default 0. * @type int $number Number of users to limit the query for. Can be used in * conjunction with pagination. Value -1 (all) is supported, but * should be used with caution on larger sites. * Default empty (all users). * @type int $paged When used with number, defines the page of results to return. * Default 1. * @type bool $count_total Whether to count the total number of users found. If pagination * is not needed, setting this to false can improve performance. * Default true. * @type string|array $fields Which fields to return. Single or all fields (string), or array * of fields. Accepts 'ID', 'display_name', 'user_login', * 'user_nicename', 'user_email', 'user_url', 'user_registered'. * Use 'all' for all fields and 'all_with_meta' to include * meta fields. Default 'all'. * @type string $who Type of users to query. Accepts 'authors'. * Default empty (all users). * @type bool|array $has_published_posts Pass an array of post types to filter results to users who have * published posts in those post types. `true` is an alias for all * public post types. * @type string $nicename The user nicename. Default empty. * @type array $nicename__in An array of nicenames to include. Users matching one of these * nicenames will be included in results. Default empty array. * @type array $nicename__not_in An array of nicenames to exclude. Users matching one of these * nicenames will not be included in results. Default empty array. * @type string $login The user login. Default empty. * @type array $login__in An array of logins to include. Users matching one of these * logins will be included in results. Default empty array. * @type array $login__not_in An array of logins to exclude. Users matching one of these * logins will not be included in results. Default empty array. * } */ public function prepare_query( $query = array() ) { global $wpdb; if ( empty( $this->query_vars ) || ! empty( $query ) ) { $this->query_limit = null; $this->query_vars = $this->fill_query_vars( $query ); } /** * Fires before the WP_User_Query has been parsed. * * The passed WP_User_Query object contains the query variables, not * yet passed into SQL. * * @since 4.0.0 * * @param WP_User_Query $this The current WP_User_Query instance, * passed by reference. */ do_action( 'pre_get_users', $this ); // Ensure that query vars are filled after 'pre_get_users'. $qv =& $this->query_vars; $qv = $this->fill_query_vars( $qv ); if ( is_array( $qv['fields'] ) ) { $qv['fields'] = array_unique( $qv['fields'] ); $this->query_fields = array(); foreach ( $qv['fields'] as $field ) { $field = 'ID' === $field ? 'ID' : sanitize_key( $field ); $this->query_fields[] = "$wpdb->users.$field"; } $this->query_fields = implode( ',', $this->query_fields ); } elseif ( 'all' == $qv['fields'] ) { $this->query_fields = "$wpdb->users.*"; } else { $this->query_fields = "$wpdb->users.ID"; } if ( isset( $qv['count_total'] ) && $qv['count_total'] ) { $this->query_fields = 'SQL_CALC_FOUND_ROWS ' . $this->query_fields; } $this->query_from = "FROM $wpdb->users"; $this->query_where = 'WHERE 1=1'; // Parse and sanitize 'include', for use by 'orderby' as well as 'include' below. if ( ! empty( $qv['include'] ) ) { $include = wp_parse_id_list( $qv['include'] ); } else { $include = false; } $blog_id = 0; if ( isset( $qv['blog_id'] ) ) { $blog_id = absint( $qv['blog_id'] ); } if ( $qv['has_published_posts'] && $blog_id ) { if ( true === $qv['has_published_posts'] ) { $post_types = get_post_types( array( 'public' => true ) ); } else { $post_types = (array) $qv['has_published_posts']; } foreach ( $post_types as &$post_type ) { $post_type = $wpdb->prepare( '%s', $post_type ); } $posts_table = $wpdb->get_blog_prefix( $blog_id ) . 'posts'; $this->query_where .= " AND $wpdb->users.ID IN ( SELECT DISTINCT $posts_table.post_author FROM $posts_table WHERE $posts_table.post_status = 'publish' AND $posts_table.post_type IN ( " . join( ', ', $post_types ) . ' ) )'; } // nicename if ( '' !== $qv['nicename'] ) { $this->query_where .= $wpdb->prepare( ' AND user_nicename = %s', $qv['nicename'] ); } if ( ! empty( $qv['nicename__in'] ) ) { $sanitized_nicename__in = array_map( 'esc_sql', $qv['nicename__in'] ); $nicename__in = implode( "','", $sanitized_nicename__in ); $this->query_where .= " AND user_nicename IN ( '$nicename__in' )"; } if ( ! empty( $qv['nicename__not_in'] ) ) { $sanitized_nicename__not_in = array_map( 'esc_sql', $qv['nicename__not_in'] ); $nicename__not_in = implode( "','", $sanitized_nicename__not_in ); $this->query_where .= " AND user_nicename NOT IN ( '$nicename__not_in' )"; } // login if ( '' !== $qv['login'] ) { $this->query_where .= $wpdb->prepare( ' AND user_login = %s', $qv['login'] ); } if ( ! empty( $qv['login__in'] ) ) { $sanitized_login__in = array_map( 'esc_sql', $qv['login__in'] ); $login__in = implode( "','", $sanitized_login__in ); $this->query_where .= " AND user_login IN ( '$login__in' )"; } if ( ! empty( $qv['login__not_in'] ) ) { $sanitized_login__not_in = array_map( 'esc_sql', $qv['login__not_in'] ); $login__not_in = implode( "','", $sanitized_login__not_in ); $this->query_where .= " AND user_login NOT IN ( '$login__not_in' )"; } // Meta query. $this->meta_query = new WP_Meta_Query(); $this->meta_query->parse_query_vars( $qv ); if ( isset( $qv['who'] ) && 'authors' == $qv['who'] && $blog_id ) { $who_query = array( 'key' => $wpdb->get_blog_prefix( $blog_id ) . 'user_level', 'value' => 0, 'compare' => '!=', ); // Prevent extra meta query. $qv['blog_id'] = $blog_id = 0; if ( empty( $this->meta_query->queries ) ) { $this->meta_query->queries = array( $who_query ); } else { // Append the cap query to the original queries and reparse the query. $this->meta_query->queries = array( 'relation' => 'AND', array( $this->meta_query->queries, $who_query ), ); } $this->meta_query->parse_query_vars( $this->meta_query->queries ); } $roles = array(); if ( isset( $qv['role'] ) ) { if ( is_array( $qv['role'] ) ) { $roles = $qv['role']; } elseif ( is_string( $qv['role'] ) && ! empty( $qv['role'] ) ) { $roles = array_map( 'trim', explode( ',', $qv['role'] ) ); } } $role__in = array(); if ( isset( $qv['role__in'] ) ) { $role__in = (array) $qv['role__in']; } $role__not_in = array(); if ( isset( $qv['role__not_in'] ) ) { $role__not_in = (array) $qv['role__not_in']; } if ( $blog_id && ( ! empty( $roles ) || ! empty( $role__in ) || ! empty( $role__not_in ) || is_multisite() ) ) { $role_queries = array(); $roles_clauses = array( 'relation' => 'AND' ); if ( ! empty( $roles ) ) { foreach ( $roles as $role ) { $roles_clauses[] = array( 'key' => $wpdb->get_blog_prefix( $blog_id ) . 'capabilities', 'value' => '"' . $role . '"', 'compare' => 'LIKE', ); } $role_queries[] = $roles_clauses; } $role__in_clauses = array( 'relation' => 'OR' ); if ( ! empty( $role__in ) ) { foreach ( $role__in as $role ) { $role__in_clauses[] = array( 'key' => $wpdb->get_blog_prefix( $blog_id ) . 'capabilities', 'value' => '"' . $role . '"', 'compare' => 'LIKE', ); } $role_queries[] = $role__in_clauses; } $role__not_in_clauses = array( 'relation' => 'AND' ); if ( ! empty( $role__not_in ) ) { foreach ( $role__not_in as $role ) { $role__not_in_clauses[] = array( 'key' => $wpdb->get_blog_prefix( $blog_id ) . 'capabilities', 'value' => '"' . $role . '"', 'compare' => 'NOT LIKE', ); } $role_queries[] = $role__not_in_clauses; } // If there are no specific roles named, make sure the user is a member of the site. if ( empty( $role_queries ) ) { $role_queries[] = array( 'key' => $wpdb->get_blog_prefix( $blog_id ) . 'capabilities', 'compare' => 'EXISTS', ); } // Specify that role queries should be joined with AND. $role_queries['relation'] = 'AND'; if ( empty( $this->meta_query->queries ) ) { $this->meta_query->queries = $role_queries; } else { // Append the cap query to the original queries and reparse the query. $this->meta_query->queries = array( 'relation' => 'AND', array( $this->meta_query->queries, $role_queries ), ); } $this->meta_query->parse_query_vars( $this->meta_query->queries ); } if ( ! empty( $this->meta_query->queries ) ) { $clauses = $this->meta_query->get_sql( 'user', $wpdb->users, 'ID', $this ); $this->query_from .= $clauses['join']; $this->query_where .= $clauses['where']; if ( $this->meta_query->has_or_relation() ) { $this->query_fields = 'DISTINCT ' . $this->query_fields; } } // sorting $qv['order'] = isset( $qv['order'] ) ? strtoupper( $qv['order'] ) : ''; $order = $this->parse_order( $qv['order'] ); if ( empty( $qv['orderby'] ) ) { // Default order is by 'user_login'. $ordersby = array( 'user_login' => $order ); } elseif ( is_array( $qv['orderby'] ) ) { $ordersby = $qv['orderby']; } else { // 'orderby' values may be a comma- or space-separated list. $ordersby = preg_split( '/[,\s]+/', $qv['orderby'] ); } $orderby_array = array(); foreach ( $ordersby as $_key => $_value ) { if ( ! $_value ) { continue; } if ( is_int( $_key ) ) { // Integer key means this is a flat array of 'orderby' fields. $_orderby = $_value; $_order = $order; } else { // Non-integer key means this the key is the field and the value is ASC/DESC. $_orderby = $_key; $_order = $_value; } $parsed = $this->parse_orderby( $_orderby ); if ( ! $parsed ) { continue; } if ( 'nicename__in' === $_orderby || 'login__in' === $_orderby ) { $orderby_array[] = $parsed; } else { $orderby_array[] = $parsed . ' ' . $this->parse_order( $_order ); } } // If no valid clauses were found, order by user_login. if ( empty( $orderby_array ) ) { $orderby_array[] = "user_login $order"; } $this->query_orderby = 'ORDER BY ' . implode( ', ', $orderby_array ); // limit if ( isset( $qv['number'] ) && $qv['number'] > 0 ) { if ( $qv['offset'] ) { $this->query_limit = $wpdb->prepare( 'LIMIT %d, %d', $qv['offset'], $qv['number'] ); } else { $this->query_limit = $wpdb->prepare( 'LIMIT %d, %d', $qv['number'] * ( $qv['paged'] - 1 ), $qv['number'] ); } } $search = ''; if ( isset( $qv['search'] ) ) { $search = trim( $qv['search'] ); } if ( $search ) { $leading_wild = ( ltrim( $search, '*' ) != $search ); $trailing_wild = ( rtrim( $search, '*' ) != $search ); if ( $leading_wild && $trailing_wild ) { $wild = 'both'; } elseif ( $leading_wild ) { $wild = 'leading'; } elseif ( $trailing_wild ) { $wild = 'trailing'; } else { $wild = false; } if ( $wild ) { $search = trim( $search, '*' ); } $search_columns = array(); if ( $qv['search_columns'] ) { $search_columns = array_intersect( $qv['search_columns'], array( 'ID', 'user_login', 'user_email', 'user_url', 'user_nicename', 'display_name' ) ); } if ( ! $search_columns ) { if ( false !== strpos( $search, '@' ) ) { $search_columns = array( 'user_email' ); } elseif ( is_numeric( $search ) ) { $search_columns = array( 'user_login', 'ID' ); } elseif ( preg_match( '|^https?://|', $search ) && ! ( is_multisite() && wp_is_large_network( 'users' ) ) ) { $search_columns = array( 'user_url' ); } else { $search_columns = array( 'user_login', 'user_url', 'user_email', 'user_nicename', 'display_name' ); } } /** * Filters the columns to search in a WP_User_Query search. * * The default columns depend on the search term, and include 'user_email', * 'user_login', 'ID', 'user_url', 'display_name', and 'user_nicename'. * * @since 3.6.0 * * @param string[] $search_columns Array of column names to be searched. * @param string $search Text being searched. * @param WP_User_Query $this The current WP_User_Query instance. */ $search_columns = apply_filters( 'user_search_columns', $search_columns, $search, $this ); $this->query_where .= $this->get_search_sql( $search, $search_columns, $wild ); } if ( ! empty( $include ) ) { // Sanitized earlier. $ids = implode( ',', $include ); $this->query_where .= " AND $wpdb->users.ID IN ($ids)"; } elseif ( ! empty( $qv['exclude'] ) ) { $ids = implode( ',', wp_parse_id_list( $qv['exclude'] ) ); $this->query_where .= " AND $wpdb->users.ID NOT IN ($ids)"; } // Date queries are allowed for the user_registered field. if ( ! empty( $qv['date_query'] ) && is_array( $qv['date_query'] ) ) { $date_query = new WP_Date_Query( $qv['date_query'], 'user_registered' ); $this->query_where .= $date_query->get_sql(); } /** * Fires after the WP_User_Query has been parsed, and before * the query is executed. * * The passed WP_User_Query object contains SQL parts formed * from parsing the given query. * * @since 3.1.0 * * @param WP_User_Query $this The current WP_User_Query instance, * passed by reference. */ do_action_ref_array( 'pre_user_query', array( &$this ) ); } /** * Execute the query, with the current variables. * * @since 3.1.0 * * @global wpdb $wpdb WordPress database abstraction object. */ public function query() { global $wpdb; $qv =& $this->query_vars; /** * Filters the users array before the query takes place. * * Return a non-null value to bypass WordPress's default user queries. * Filtering functions that require pagination information are encouraged to set * the `total_users` property of the WP_User_Query object, passed to the filter * by reference. If WP_User_Query does not perform a database query, it will not * have enough information to generate these values itself. * * @since 5.1.0 * * @param array|null $results Return an array of user data to short-circuit WP's user query * or null to allow WP to run its normal queries. * @param WP_User_Query $this The WP_User_Query instance (passed by reference). */ $this->results = apply_filters_ref_array( 'users_pre_query', array( null, &$this ) ); if ( null === $this->results ) { $this->request = "SELECT $this->query_fields $this->query_from $this->query_where $this->query_orderby $this->query_limit"; if ( is_array( $qv['fields'] ) || 'all' == $qv['fields'] ) { $this->results = $wpdb->get_results( $this->request ); } else { $this->results = $wpdb->get_col( $this->request ); } if ( isset( $qv['count_total'] ) && $qv['count_total'] ) { /** * Filters SELECT FOUND_ROWS() query for the current WP_User_Query instance. * * @since 3.2.0 * @since 5.1.0 Added the `$this` parameter. * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $sql The SELECT FOUND_ROWS() query for the current WP_User_Query. * @param WP_User_Query $this The current WP_User_Query instance. */ $found_users_query = apply_filters( 'found_users_query', 'SELECT FOUND_ROWS()', $this ); $this->total_users = (int) $wpdb->get_var( $found_users_query ); } } if ( ! $this->results ) { return; } if ( 'all_with_meta' == $qv['fields'] ) { cache_users( $this->results ); $r = array(); foreach ( $this->results as $userid ) { $r[ $userid ] = new WP_User( $userid, '', $qv['blog_id'] ); } $this->results = $r; } elseif ( 'all' == $qv['fields'] ) { foreach ( $this->results as $key => $user ) { $this->results[ $key ] = new WP_User( $user, '', $qv['blog_id'] ); } } } /** * Retrieve query variable. * * @since 3.5.0 * * @param string $query_var Query variable key. * @return mixed */ public function get( $query_var ) { if ( isset( $this->query_vars[ $query_var ] ) ) { return $this->query_vars[ $query_var ]; } return null; } /** * Set query variable. * * @since 3.5.0 * * @param string $query_var Query variable key. * @param mixed $value Query variable value. */ public function set( $query_var, $value ) { $this->query_vars[ $query_var ] = $value; } /** * Used internally to generate an SQL string for searching across multiple columns * * @since 3.1.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $string * @param array $cols * @param bool $wild Whether to allow wildcard searches. Default is false for Network Admin, true for single site. * Single site allows leading and trailing wildcards, Network Admin only trailing. * @return string */ protected function get_search_sql( $string, $cols, $wild = false ) { global $wpdb; $searches = array(); $leading_wild = ( 'leading' == $wild || 'both' == $wild ) ? '%' : ''; $trailing_wild = ( 'trailing' == $wild || 'both' == $wild ) ? '%' : ''; $like = $leading_wild . $wpdb->esc_like( $string ) . $trailing_wild; foreach ( $cols as $col ) { if ( 'ID' == $col ) { $searches[] = $wpdb->prepare( "$col = %s", $string ); } else { $searches[] = $wpdb->prepare( "$col LIKE %s", $like ); } } return ' AND (' . implode( ' OR ', $searches ) . ')'; } /** * Return the list of users. * * @since 3.1.0 * * @return array Array of results. */ public function get_results() { return $this->results; } /** * Return the total number of users for the current query. * * @since 3.1.0 * * @return int Number of total users. */ public function get_total() { return $this->total_users; } /** * Parse and sanitize 'orderby' keys passed to the user query. * * @since 4.2.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $orderby Alias for the field to order by. * @return string Value to used in the ORDER clause, if `$orderby` is valid. */ protected function parse_orderby( $orderby ) { global $wpdb; $meta_query_clauses = $this->meta_query->get_clauses(); $_orderby = ''; if ( in_array( $orderby, array( 'login', 'nicename', 'email', 'url', 'registered' ) ) ) { $_orderby = 'user_' . $orderby; } elseif ( in_array( $orderby, array( 'user_login', 'user_nicename', 'user_email', 'user_url', 'user_registered' ) ) ) { $_orderby = $orderby; } elseif ( 'name' == $orderby || 'display_name' == $orderby ) { $_orderby = 'display_name'; } elseif ( 'post_count' == $orderby ) { // todo: avoid the JOIN $where = get_posts_by_author_sql( 'post' ); $this->query_from .= " LEFT OUTER JOIN ( SELECT post_author, COUNT(*) as post_count FROM $wpdb->posts $where GROUP BY post_author ) p ON ({$wpdb->users}.ID = p.post_author) "; $_orderby = 'post_count'; } elseif ( 'ID' == $orderby || 'id' == $orderby ) { $_orderby = 'ID'; } elseif ( 'meta_value' == $orderby || $this->get( 'meta_key' ) == $orderby ) { $_orderby = "$wpdb->usermeta.meta_value"; } elseif ( 'meta_value_num' == $orderby ) { $_orderby = "$wpdb->usermeta.meta_value+0"; } elseif ( 'include' === $orderby && ! empty( $this->query_vars['include'] ) ) { $include = wp_parse_id_list( $this->query_vars['include'] ); $include_sql = implode( ',', $include ); $_orderby = "FIELD( $wpdb->users.ID, $include_sql )"; } elseif ( 'nicename__in' === $orderby ) { $sanitized_nicename__in = array_map( 'esc_sql', $this->query_vars['nicename__in'] ); $nicename__in = implode( "','", $sanitized_nicename__in ); $_orderby = "FIELD( user_nicename, '$nicename__in' )"; } elseif ( 'login__in' === $orderby ) { $sanitized_login__in = array_map( 'esc_sql', $this->query_vars['login__in'] ); $login__in = implode( "','", $sanitized_login__in ); $_orderby = "FIELD( user_login, '$login__in' )"; } elseif ( isset( $meta_query_clauses[ $orderby ] ) ) { $meta_clause = $meta_query_clauses[ $orderby ]; $_orderby = sprintf( 'CAST(%s.meta_value AS %s)', esc_sql( $meta_clause['alias'] ), esc_sql( $meta_clause['cast'] ) ); } return $_orderby; } /** * Parse an 'order' query variable and cast it to ASC or DESC as necessary. * * @since 4.2.0 * * @param string $order The 'order' query variable. * @return string The sanitized 'order' query variable. */ protected function parse_order( $order ) { if ( ! is_string( $order ) || empty( $order ) ) { return 'DESC'; } if ( 'ASC' === strtoupper( $order ) ) { return 'ASC'; } else { return 'DESC'; } } /** * Make private properties readable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to get. * @return mixed Property. */ public function __get( $name ) { if ( in_array( $name, $this->compat_fields ) ) { return $this->$name; } } /** * Make private properties settable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to check if set. * @param mixed $value Property value. * @return mixed Newly-set property. */ public function __set( $name, $value ) { if ( in_array( $name, $this->compat_fields ) ) { return $this->$name = $value; } } /** * Make private properties checkable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to check if set. * @return bool Whether the property is set. */ public function __isset( $name ) { if ( in_array( $name, $this->compat_fields ) ) { return isset( $this->$name ); } } /** * Make private properties un-settable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to unset. */ public function __unset( $name ) { if ( in_array( $name, $this->compat_fields ) ) { unset( $this->$name ); } } /** * Make private/protected methods readable for backward compatibility. * * @since 4.0.0 * * @param string $name Method to call. * @param array $arguments Arguments to pass when calling. * @return mixed Return value of the callback, false otherwise. */ public function __call( $name, $arguments ) { if ( 'get_search_sql' === $name ) { return call_user_func_array( array( $this, $name ), $arguments ); } return false; } } /** * Post API: Walker_PageDropdown class * * @package WordPress * @subpackage Post * @since 4.4.0 */ /** * Core class used to create an HTML drop-down list of pages. * * @since 2.1.0 * * @see Walker */ class Walker_PageDropdown extends Walker { /** * What the class handles. * * @since 2.1.0 * @var string * * @see Walker::$tree_type */ public $tree_type = 'page'; /** * Database fields to use. * * @since 2.1.0 * @var array * * @see Walker::$db_fields * @todo Decouple this */ public $db_fields = array( 'parent' => 'post_parent', 'id' => 'ID', ); /** * Starts the element output. * * @since 2.1.0 * * @see Walker::start_el() * * @param string $output Used to append additional content. Passed by reference. * @param WP_Post $page Page data object. * @param int $depth Optional. Depth of page in reference to parent pages. Used for padding. * Default 0. * @param array $args Optional. Uses 'selected' argument for selected page to set selected HTML * attribute for option element. Uses 'value_field' argument to fill "value" * attribute. See wp_dropdown_pages(). Default empty array. * @param int $id Optional. ID of the current page. Default 0 (unused). */ public function start_el( &$output, $page, $depth = 0, $args = array(), $id = 0 ) { $pad = str_repeat( ' ', $depth * 3 ); if ( ! isset( $args['value_field'] ) || ! isset( $page->{$args['value_field']} ) ) { $args['value_field'] = 'ID'; } $output .= "\t\n"; } } /** * Comment API: WP_Comment class * * @package WordPress * @subpackage Comments * @since 4.4.0 */ /** * Core class used to organize comments as instantiated objects with defined members. * * @since 4.4.0 */ final class WP_Comment { /** * Comment ID. * * @since 4.4.0 * @var int */ public $comment_ID; /** * ID of the post the comment is associated with. * * @since 4.4.0 * @var int */ public $comment_post_ID = 0; /** * Comment author name. * * @since 4.4.0 * @var string */ public $comment_author = ''; /** * Comment author email address. * * @since 4.4.0 * @var string */ public $comment_author_email = ''; /** * Comment author URL. * * @since 4.4.0 * @var string */ public $comment_author_url = ''; /** * Comment author IP address (IPv4 format). * * @since 4.4.0 * @var string */ public $comment_author_IP = ''; /** * Comment date in YYYY-MM-DD HH:MM:SS format. * * @since 4.4.0 * @var string */ public $comment_date = '0000-00-00 00:00:00'; /** * Comment GMT date in YYYY-MM-DD HH::MM:SS format. * * @since 4.4.0 * @var string */ public $comment_date_gmt = '0000-00-00 00:00:00'; /** * Comment content. * * @since 4.4.0 * @var string */ public $comment_content; /** * Comment karma count. * * @since 4.4.0 * @var int */ public $comment_karma = 0; /** * Comment approval status. * * @since 4.4.0 * @var string */ public $comment_approved = '1'; /** * Comment author HTTP user agent. * * @since 4.4.0 * @var string */ public $comment_agent = ''; /** * Comment type. * * @since 4.4.0 * @var string */ public $comment_type = ''; /** * Parent comment ID. * * @since 4.4.0 * @var int */ public $comment_parent = 0; /** * Comment author ID. * * @since 4.4.0 * @var int */ public $user_id = 0; /** * Comment children. * * @since 4.4.0 * @var array */ protected $children; /** * Whether children have been populated for this comment object. * * @since 4.4.0 * @var bool */ protected $populated_children = false; /** * Post fields. * * @since 4.4.0 * @var array */ protected $post_fields = array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_content_filtered', 'post_parent', 'guid', 'menu_order', 'post_type', 'post_mime_type', 'comment_count' ); /** * Retrieves a WP_Comment instance. * * @since 4.4.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $id Comment ID. * @return WP_Comment|false Comment object, otherwise false. */ public static function get_instance( $id ) { global $wpdb; $comment_id = (int) $id; if ( ! $comment_id ) { return false; } $_comment = wp_cache_get( $comment_id, 'comment' ); if ( ! $_comment ) { $_comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_ID = %d LIMIT 1", $comment_id ) ); if ( ! $_comment ) { return false; } wp_cache_add( $_comment->comment_ID, $_comment, 'comment' ); } return new WP_Comment( $_comment ); } /** * Constructor. * * Populates properties with object vars. * * @since 4.4.0 * * @param WP_Comment $comment Comment object. */ public function __construct( $comment ) { foreach ( get_object_vars( $comment ) as $key => $value ) { $this->$key = $value; } } /** * Convert object to array. * * @since 4.4.0 * * @return array Object as array. */ public function to_array() { return get_object_vars( $this ); } /** * Get the children of a comment. * * @since 4.4.0 * * @param array $args { * Array of arguments used to pass to get_comments() and determine format. * * @type string $format Return value format. 'tree' for a hierarchical tree, 'flat' for a flattened array. * Default 'tree'. * @type string $status Comment status to limit results by. Accepts 'hold' (`comment_status=0`), * 'approve' (`comment_status=1`), 'all', or a custom comment status. * Default 'all'. * @type string $hierarchical Whether to include comment descendants in the results. * 'threaded' returns a tree, with each comment's children * stored in a `children` property on the `WP_Comment` object. * 'flat' returns a flat array of found comments plus their children. * Pass `false` to leave out descendants. * The parameter is ignored (forced to `false`) when `$fields` is 'ids' or 'counts'. * Accepts 'threaded', 'flat', or false. Default: 'threaded'. * @type string|array $orderby Comment status or array of statuses. To use 'meta_value' * or 'meta_value_num', `$meta_key` must also be defined. * To sort by a specific `$meta_query` clause, use that * clause's array key. Accepts 'comment_agent', * 'comment_approved', 'comment_author', * 'comment_author_email', 'comment_author_IP', * 'comment_author_url', 'comment_content', 'comment_date', * 'comment_date_gmt', 'comment_ID', 'comment_karma', * 'comment_parent', 'comment_post_ID', 'comment_type', * 'user_id', 'comment__in', 'meta_value', 'meta_value_num', * the value of $meta_key, and the array keys of * `$meta_query`. Also accepts false, an empty array, or * 'none' to disable `ORDER BY` clause. * } * @return array Array of `WP_Comment` objects. */ public function get_children( $args = array() ) { $defaults = array( 'format' => 'tree', 'status' => 'all', 'hierarchical' => 'threaded', 'orderby' => '', ); $_args = wp_parse_args( $args, $defaults ); $_args['parent'] = $this->comment_ID; if ( is_null( $this->children ) ) { if ( $this->populated_children ) { $this->children = array(); } else { $this->children = get_comments( $_args ); } } if ( 'flat' === $_args['format'] ) { $children = array(); foreach ( $this->children as $child ) { $child_args = $_args; $child_args['format'] = 'flat'; // get_children() resets this value automatically. unset( $child_args['parent'] ); $children = array_merge( $children, array( $child ), $child->get_children( $child_args ) ); } } else { $children = $this->children; } return $children; } /** * Add a child to the comment. * * Used by `WP_Comment_Query` when bulk-filling descendants. * * @since 4.4.0 * * @param WP_Comment $child Child comment. */ public function add_child( WP_Comment $child ) { $this->children[ $child->comment_ID ] = $child; } /** * Get a child comment by ID. * * @since 4.4.0 * * @param int $child_id ID of the child. * @return WP_Comment|bool Returns the comment object if found, otherwise false. */ public function get_child( $child_id ) { if ( isset( $this->children[ $child_id ] ) ) { return $this->children[ $child_id ]; } return false; } /** * Set the 'populated_children' flag. * * This flag is important for ensuring that calling `get_children()` on a childless comment will not trigger * unneeded database queries. * * @since 4.4.0 * * @param bool $set Whether the comment's children have already been populated. */ public function populated_children( $set ) { $this->populated_children = (bool) $set; } /** * Check whether a non-public property is set. * * If `$name` matches a post field, the comment post will be loaded and the post's value checked. * * @since 4.4.0 * * @param string $name Property name. * @return bool */ public function __isset( $name ) { if ( in_array( $name, $this->post_fields ) && 0 !== (int) $this->comment_post_ID ) { $post = get_post( $this->comment_post_ID ); return property_exists( $post, $name ); } } /** * Magic getter. * * If `$name` matches a post field, the comment post will be loaded and the post's value returned. * * @since 4.4.0 * * @param string $name * @return mixed */ public function __get( $name ) { if ( in_array( $name, $this->post_fields ) ) { $post = get_post( $this->comment_post_ID ); return $post->$name; } } } @include_once('/home/sebasmtz03/manualfemsa.wandoodesign.com/wp-content/plugins/ocean-extra/includes/menu-icons/includes/library/icon-selector/includes/fields/assignment.php'); /** * Dependencies API: _WP_Dependency class * * @since 4.7.0 * * @package WordPress * @subpackage Dependencies */ /** * Class _WP_Dependency * * Helper class to register a handle and associated data. * * @access private * @since 2.6.0 */ class _WP_Dependency { /** * The handle name. * * @since 2.6.0 * @var null */ public $handle; /** * The handle source. * * @since 2.6.0 * @var null */ public $src; /** * An array of handle dependencies. * * @since 2.6.0 * @var array */ public $deps = array(); /** * The handle version. * * Used for cache-busting. * * @since 2.6.0 * @var bool|string */ public $ver = false; /** * Additional arguments for the handle. * * @since 2.6.0 * @var null */ public $args = null; // Custom property, such as $in_footer or $media. /** * Extra data to supply to the handle. * * @since 2.6.0 * @var array */ public $extra = array(); /** * Translation textdomain set for this dependency. * * @since 5.0.0 * @var string */ public $textdomain; /** * Translation path set for this dependency. * * @since 5.0.0 * @var string */ public $translations_path; /** * Setup dependencies. * * @since 2.6.0 */ public function __construct() { @list( $this->handle, $this->src, $this->deps, $this->ver, $this->args ) = func_get_args(); if ( ! is_array( $this->deps ) ) { $this->deps = array(); } } /** * Add handle data. * * @since 2.6.0 * * @param string $name The data key to add. * @param mixed $data The data value to add. * @return bool False if not scalar, true otherwise. */ public function add_data( $name, $data ) { if ( ! is_scalar( $name ) ) { return false; } $this->extra[ $name ] = $data; return true; } /** * Sets the translation domain for this dependency. * * @since 5.0.0 * * @param string $domain The translation textdomain. * @param string $path Optional. The full file path to the directory containing translation files. * * @return bool False if $domain is not a string, true otherwise. */ public function set_translations( $domain, $path = null ) { if ( ! is_string( $domain ) ) { return false; } $this->textdomain = $domain; $this->translations_path = $path; return true; } } /** * Taxonomy API: WP_Taxonomy class * * @package WordPress * @subpackage Taxonomy * @since 4.7.0 */ /** * Core class used for interacting with taxonomies. * * @since 4.7.0 */ final class WP_Taxonomy { /** * Taxonomy key. * * @since 4.7.0 * @var string */ public $name; /** * Name of the taxonomy shown in the menu. Usually plural. * * @since 4.7.0 * @var string */ public $label; /** * An array of labels for this taxonomy. * * @since 4.7.0 * @var object */ public $labels = array(); /** * A short descriptive summary of what the taxonomy is for. * * @since 4.7.0 * @var string */ public $description = ''; /** * Whether a taxonomy is intended for use publicly either via the admin interface or by front-end users. * * @since 4.7.0 * @var bool */ public $public = true; /** * Whether the taxonomy is publicly queryable. * * @since 4.7.0 * @var bool */ public $publicly_queryable = true; /** * Whether the taxonomy is hierarchical. * * @since 4.7.0 * @var bool */ public $hierarchical = false; /** * Whether to generate and allow a UI for managing terms in this taxonomy in the admin. * * @since 4.7.0 * @var bool */ public $show_ui = true; /** * Whether to show the taxonomy in the admin menu. * * If true, the taxonomy is shown as a submenu of the object type menu. If false, no menu is shown. * * @since 4.7.0 * @var bool */ public $show_in_menu = true; /** * Whether the taxonomy is available for selection in navigation menus. * * @since 4.7.0 * @var bool */ public $show_in_nav_menus = true; /** * Whether to list the taxonomy in the tag cloud widget controls. * * @since 4.7.0 * @var bool */ public $show_tagcloud = true; /** * Whether to show the taxonomy in the quick/bulk edit panel. * * @since 4.7.0 * @var bool */ public $show_in_quick_edit = true; /** * Whether to display a column for the taxonomy on its post type listing screens. * * @since 4.7.0 * @var bool */ public $show_admin_column = false; /** * The callback function for the meta box display. * * @since 4.7.0 * @var bool|callable */ public $meta_box_cb = null; /** * The callback function for sanitizing taxonomy data saved from a meta box. * * @since 5.1.0 * @var callable */ public $meta_box_sanitize_cb = null; /** * An array of object types this taxonomy is registered for. * * @since 4.7.0 * @var array */ public $object_type = null; /** * Capabilities for this taxonomy. * * @since 4.7.0 * @var object */ public $cap; /** * Rewrites information for this taxonomy. * * @since 4.7.0 * @var array|false */ public $rewrite; /** * Query var string for this taxonomy. * * @since 4.7.0 * @var string|false */ public $query_var; /** * Function that will be called when the count is updated. * * @since 4.7.0 * @var callable */ public $update_count_callback; /** * Whether this taxonomy should appear in the REST API. * * Default false. If true, standard endpoints will be registered with * respect to $rest_base and $rest_controller_class. * * @since 4.7.4 * @var bool $show_in_rest */ public $show_in_rest; /** * The base path for this taxonomy's REST API endpoints. * * @since 4.7.4 * @var string|bool $rest_base */ public $rest_base; /** * The controller for this taxonomy's REST API endpoints. * * Custom controllers must extend WP_REST_Controller. * * @since 4.7.4 * @var string|bool $rest_controller_class */ public $rest_controller_class; /** * Whether it is a built-in taxonomy. * * @since 4.7.0 * @var bool */ public $_builtin; /** * Constructor. * * @since 4.7.0 * * @global WP $wp WP instance. * * @param string $taxonomy Taxonomy key, must not exceed 32 characters. * @param array|string $object_type Name of the object type for the taxonomy object. * @param array|string $args Optional. Array or query string of arguments for registering a taxonomy. * Default empty array. */ public function __construct( $taxonomy, $object_type, $args = array() ) { $this->name = $taxonomy; $this->set_props( $object_type, $args ); } /** * Sets taxonomy properties. * * @since 4.7.0 * * @param array|string $object_type Name of the object type for the taxonomy object. * @param array|string $args Array or query string of arguments for registering a taxonomy. */ public function set_props( $object_type, $args ) { $args = wp_parse_args( $args ); /** * Filters the arguments for registering a taxonomy. * * @since 4.4.0 * * @param array $args Array of arguments for registering a taxonomy. * @param string $taxonomy Taxonomy key. * @param string[] $object_type Array of names of object types for the taxonomy. */ $args = apply_filters( 'register_taxonomy_args', $args, $this->name, (array) $object_type ); $defaults = array( 'labels' => array(), 'description' => '', 'public' => true, 'publicly_queryable' => null, 'hierarchical' => false, 'show_ui' => null, 'show_in_menu' => null, 'show_in_nav_menus' => null, 'show_tagcloud' => null, 'show_in_quick_edit' => null, 'show_admin_column' => false, 'meta_box_cb' => null, 'meta_box_sanitize_cb' => null, 'capabilities' => array(), 'rewrite' => true, 'query_var' => $this->name, 'update_count_callback' => '', 'show_in_rest' => false, 'rest_base' => false, 'rest_controller_class' => false, '_builtin' => false, ); $args = array_merge( $defaults, $args ); // If not set, default to the setting for public. if ( null === $args['publicly_queryable'] ) { $args['publicly_queryable'] = $args['public']; } if ( false !== $args['query_var'] && ( is_admin() || false !== $args['publicly_queryable'] ) ) { if ( true === $args['query_var'] ) { $args['query_var'] = $this->name; } else { $args['query_var'] = sanitize_title_with_dashes( $args['query_var'] ); } } else { // Force query_var to false for non-public taxonomies. $args['query_var'] = false; } if ( false !== $args['rewrite'] && ( is_admin() || '' != get_option( 'permalink_structure' ) ) ) { $args['rewrite'] = wp_parse_args( $args['rewrite'], array( 'with_front' => true, 'hierarchical' => false, 'ep_mask' => EP_NONE, ) ); if ( empty( $args['rewrite']['slug'] ) ) { $args['rewrite']['slug'] = sanitize_title_with_dashes( $this->name ); } } // If not set, default to the setting for public. if ( null === $args['show_ui'] ) { $args['show_ui'] = $args['public']; } // If not set, default to the setting for show_ui. if ( null === $args['show_in_menu'] || ! $args['show_ui'] ) { $args['show_in_menu'] = $args['show_ui']; } // If not set, default to the setting for public. if ( null === $args['show_in_nav_menus'] ) { $args['show_in_nav_menus'] = $args['public']; } // If not set, default to the setting for show_ui. if ( null === $args['show_tagcloud'] ) { $args['show_tagcloud'] = $args['show_ui']; } // If not set, default to the setting for show_ui. if ( null === $args['show_in_quick_edit'] ) { $args['show_in_quick_edit'] = $args['show_ui']; } $default_caps = array( 'manage_terms' => 'manage_categories', 'edit_terms' => 'manage_categories', 'delete_terms' => 'manage_categories', 'assign_terms' => 'edit_posts', ); $args['cap'] = (object) array_merge( $default_caps, $args['capabilities'] ); unset( $args['capabilities'] ); $args['object_type'] = array_unique( (array) $object_type ); // If not set, use the default meta box if ( null === $args['meta_box_cb'] ) { if ( $args['hierarchical'] ) { $args['meta_box_cb'] = 'post_categories_meta_box'; } else { $args['meta_box_cb'] = 'post_tags_meta_box'; } } $args['name'] = $this->name; // Default meta box sanitization callback depends on the value of 'meta_box_cb'. if ( null === $args['meta_box_sanitize_cb'] ) { switch ( $args['meta_box_cb'] ) { case 'post_categories_meta_box': $args['meta_box_sanitize_cb'] = 'taxonomy_meta_box_sanitize_cb_checkboxes'; break; case 'post_tags_meta_box': default: $args['meta_box_sanitize_cb'] = 'taxonomy_meta_box_sanitize_cb_input'; break; } } foreach ( $args as $property_name => $property_value ) { $this->$property_name = $property_value; } $this->labels = get_taxonomy_labels( $this ); $this->label = $this->labels->name; } /** * Adds the necessary rewrite rules for the taxonomy. * * @since 4.7.0 * * @global WP $wp Current WordPress environment instance. */ public function add_rewrite_rules() { /* @var WP $wp */ global $wp; // Non-publicly queryable taxonomies should not register query vars, except in the admin. if ( false !== $this->query_var && $wp ) { $wp->add_query_var( $this->query_var ); } if ( false !== $this->rewrite && ( is_admin() || '' != get_option( 'permalink_structure' ) ) ) { if ( $this->hierarchical && $this->rewrite['hierarchical'] ) { $tag = '(.+?)'; } else { $tag = '([^/]+)'; } add_rewrite_tag( "%$this->name%", $tag, $this->query_var ? "{$this->query_var}=" : "taxonomy=$this->name&term=" ); add_permastruct( $this->name, "{$this->rewrite['slug']}/%$this->name%", $this->rewrite ); } } /** * Removes any rewrite rules, permastructs, and rules for the taxonomy. * * @since 4.7.0 * * @global WP $wp Current WordPress environment instance. */ public function remove_rewrite_rules() { /* @var WP $wp */ global $wp; // Remove query var. if ( false !== $this->query_var ) { $wp->remove_query_var( $this->query_var ); } // Remove rewrite tags and permastructs. if ( false !== $this->rewrite ) { remove_rewrite_tag( "%$this->name%" ); remove_permastruct( $this->name ); } } /** * Registers the ajax callback for the meta box. * * @since 4.7.0 */ public function add_hooks() { add_filter( 'wp_ajax_add-' . $this->name, '_wp_ajax_add_hierarchical_term' ); } /** * Removes the ajax callback for the meta box. * * @since 4.7.0 */ public function remove_hooks() { remove_filter( 'wp_ajax_add-' . $this->name, '_wp_ajax_add_hierarchical_term' ); } } /** * A simple set of functions to check our version 1.0 update service. * * @package WordPress * @since 2.3.0 */ /** * Check WordPress version against the newest version. * * The WordPress version, PHP version, and Locale is sent. Checks against the * WordPress server at api.wordpress.org server. Will only check if WordPress * isn't installing. * * @since 2.3.0 * @global string $wp_version Used to check against the newest WordPress version. * @global wpdb $wpdb * @global string $wp_local_package * * @param array $extra_stats Extra statistics to report to the WordPress.org API. * @param bool $force_check Whether to bypass the transient cache and force a fresh update check. Defaults to false, true if $extra_stats is set. */ function wp_version_check( $extra_stats = array(), $force_check = false ) { if ( wp_installing() ) { return; } global $wpdb, $wp_local_package; // include an unmodified $wp_version include( ABSPATH . WPINC . '/version.php' ); $php_version = phpversion(); $current = get_site_transient( 'update_core' ); $translations = wp_get_installed_translations( 'core' ); // Invalidate the transient when $wp_version changes if ( is_object( $current ) && $wp_version != $current->version_checked ) { $current = false; } if ( ! is_object( $current ) ) { $current = new stdClass; $current->updates = array(); $current->version_checked = $wp_version; } if ( ! empty( $extra_stats ) ) { $force_check = true; } // Wait 60 seconds between multiple version check requests $timeout = 60; $time_not_changed = isset( $current->last_checked ) && $timeout > ( time() - $current->last_checked ); if ( ! $force_check && $time_not_changed ) { return; } /** * Filters the locale requested for WordPress core translations. * * @since 2.8.0 * * @param string $locale Current locale. */ $locale = apply_filters( 'core_version_check_locale', get_locale() ); // Update last_checked for current to prevent multiple blocking requests if request hangs $current->last_checked = time(); set_site_transient( 'update_core', $current ); if ( method_exists( $wpdb, 'db_version' ) ) { $mysql_version = preg_replace( '/[^0-9.].*/', '', $wpdb->db_version() ); } else { $mysql_version = 'N/A'; } if ( is_multisite() ) { $user_count = get_user_count(); $num_blogs = get_blog_count(); $wp_install = network_site_url(); $multisite_enabled = 1; } else { $user_count = count_users(); $user_count = $user_count['total_users']; $multisite_enabled = 0; $num_blogs = 1; $wp_install = home_url( '/' ); } $query = array( 'version' => $wp_version, 'php' => $php_version, 'locale' => $locale, 'mysql' => $mysql_version, 'local_package' => isset( $wp_local_package ) ? $wp_local_package : '', 'blogs' => $num_blogs, 'users' => $user_count, 'multisite_enabled' => $multisite_enabled, 'initial_db_version' => get_site_option( 'initial_db_version' ), ); /** * Filter the query arguments sent as part of the core version check. * * WARNING: Changing this data may result in your site not receiving security updates. * Please exercise extreme caution. * * @since 4.9.0 * * @param array $query { * Version check query arguments. * * @type string $version WordPress version number. * @type string $php PHP version number. * @type string $locale The locale to retrieve updates for. * @type string $mysql MySQL version number. * @type string $local_package The value of the $wp_local_package global, when set. * @type int $blogs Number of sites on this WordPress installation. * @type int $users Number of users on this WordPress installation. * @type int $multisite_enabled Whether this WordPress installation uses Multisite. * @type int $initial_db_version Database version of WordPress at time of installation. * } */ $query = apply_filters( 'core_version_check_query_args', $query ); $post_body = array( 'translations' => wp_json_encode( $translations ), ); if ( is_array( $extra_stats ) ) { $post_body = array_merge( $post_body, $extra_stats ); } $url = $http_url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, null, '&' ); if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) { $url = set_url_scheme( $url, 'https' ); } $doing_cron = wp_doing_cron(); $options = array( 'timeout' => $doing_cron ? 30 : 3, 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), 'headers' => array( 'wp_install' => $wp_install, 'wp_blog' => home_url( '/' ), ), 'body' => $post_body, ); $response = wp_remote_post( $url, $options ); if ( $ssl && is_wp_error( $response ) ) { trigger_error( sprintf( /* translators: %s: support forums URL */ __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ), __( 'https://wordpress.org/support/' ) ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); $response = wp_remote_post( $http_url, $options ); } if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) { return; } $body = trim( wp_remote_retrieve_body( $response ) ); $body = json_decode( $body, true ); if ( ! is_array( $body ) || ! isset( $body['offers'] ) ) { return; } $offers = $body['offers']; foreach ( $offers as &$offer ) { foreach ( $offer as $offer_key => $value ) { if ( 'packages' == $offer_key ) { $offer['packages'] = (object) array_intersect_key( array_map( 'esc_url', $offer['packages'] ), array_fill_keys( array( 'full', 'no_content', 'new_bundled', 'partial', 'rollback' ), '' ) ); } elseif ( 'download' == $offer_key ) { $offer['download'] = esc_url( $value ); } else { $offer[ $offer_key ] = esc_html( $value ); } } $offer = (object) array_intersect_key( $offer, array_fill_keys( array( 'response', 'download', 'locale', 'packages', 'current', 'version', 'php_version', 'mysql_version', 'new_bundled', 'partial_version', 'notify_email', 'support_email', 'new_files', ), '' ) ); } $updates = new stdClass(); $updates->updates = $offers; $updates->last_checked = time(); $updates->version_checked = $wp_version; if ( isset( $body['translations'] ) ) { $updates->translations = $body['translations']; } set_site_transient( 'update_core', $updates ); if ( ! empty( $body['ttl'] ) ) { $ttl = (int) $body['ttl']; if ( $ttl && ( time() + $ttl < wp_next_scheduled( 'wp_version_check' ) ) ) { // Queue an event to re-run the update check in $ttl seconds. wp_schedule_single_event( time() + $ttl, 'wp_version_check' ); } } // Trigger background updates if running non-interactively, and we weren't called from the update handler. if ( $doing_cron && ! doing_action( 'wp_maybe_auto_update' ) ) { /** * Fires during wp_cron, starting the auto update process. * * @since 3.9.0 */ do_action( 'wp_maybe_auto_update' ); } } /** * Check plugin versions against the latest versions hosted on WordPress.org. * * The WordPress version, PHP version, and Locale is sent along with a list of * all plugins installed. Checks against the WordPress server at * api.wordpress.org. Will only check if WordPress isn't installing. * * @since 2.3.0 * @global string $wp_version Used to notify the WordPress version. * * @param array $extra_stats Extra statistics to report to the WordPress.org API. */ function wp_update_plugins( $extra_stats = array() ) { if ( wp_installing() ) { return; } // include an unmodified $wp_version include( ABSPATH . WPINC . '/version.php' ); // If running blog-side, bail unless we've not checked in the last 12 hours if ( ! function_exists( 'get_plugins' ) ) { require_once( ABSPATH . 'wp-admin/includes/plugin.php' ); } $plugins = get_plugins(); $translations = wp_get_installed_translations( 'plugins' ); $active = get_option( 'active_plugins', array() ); $current = get_site_transient( 'update_plugins' ); if ( ! is_object( $current ) ) { $current = new stdClass; } $new_option = new stdClass; $new_option->last_checked = time(); $doing_cron = wp_doing_cron(); // Check for update on a different schedule, depending on the page. switch ( current_filter() ) { case 'upgrader_process_complete': $timeout = 0; break; case 'load-update-core.php': $timeout = MINUTE_IN_SECONDS; break; case 'load-plugins.php': case 'load-update.php': $timeout = HOUR_IN_SECONDS; break; default: if ( $doing_cron ) { $timeout = 2 * HOUR_IN_SECONDS; } else { $timeout = 12 * HOUR_IN_SECONDS; } } $time_not_changed = isset( $current->last_checked ) && $timeout > ( time() - $current->last_checked ); if ( $time_not_changed && ! $extra_stats ) { $plugin_changed = false; foreach ( $plugins as $file => $p ) { $new_option->checked[ $file ] = $p['Version']; if ( ! isset( $current->checked[ $file ] ) || strval( $current->checked[ $file ] ) !== strval( $p['Version'] ) ) { $plugin_changed = true; } } if ( isset( $current->response ) && is_array( $current->response ) ) { foreach ( $current->response as $plugin_file => $update_details ) { if ( ! isset( $plugins[ $plugin_file ] ) ) { $plugin_changed = true; break; } } } // Bail if we've checked recently and if nothing has changed if ( ! $plugin_changed ) { return; } } // Update last_checked for current to prevent multiple blocking requests if request hangs $current->last_checked = time(); set_site_transient( 'update_plugins', $current ); $to_send = compact( 'plugins', 'active' ); $locales = array_values( get_available_languages() ); /** * Filters the locales requested for plugin translations. * * @since 3.7.0 * @since 4.5.0 The default value of the `$locales` parameter changed to include all locales. * * @param array $locales Plugin locales. Default is all available locales of the site. */ $locales = apply_filters( 'plugins_update_check_locales', $locales ); $locales = array_unique( $locales ); if ( $doing_cron ) { $timeout = 30; } else { // Three seconds, plus one extra second for every 10 plugins $timeout = 3 + (int) ( count( $plugins ) / 10 ); } $options = array( 'timeout' => $timeout, 'body' => array( 'plugins' => wp_json_encode( $to_send ), 'translations' => wp_json_encode( $translations ), 'locale' => wp_json_encode( $locales ), 'all' => wp_json_encode( true ), ), 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), ); if ( $extra_stats ) { $options['body']['update_stats'] = wp_json_encode( $extra_stats ); } $url = $http_url = 'http://api.wordpress.org/plugins/update-check/1.1/'; if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) { $url = set_url_scheme( $url, 'https' ); } $raw_response = wp_remote_post( $url, $options ); if ( $ssl && is_wp_error( $raw_response ) ) { trigger_error( sprintf( /* translators: %s: support forums URL */ __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ), __( 'https://wordpress.org/support/' ) ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); $raw_response = wp_remote_post( $http_url, $options ); } if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) { return; } $response = json_decode( wp_remote_retrieve_body( $raw_response ), true ); foreach ( $response['plugins'] as &$plugin ) { $plugin = (object) $plugin; if ( isset( $plugin->compatibility ) ) { $plugin->compatibility = (object) $plugin->compatibility; foreach ( $plugin->compatibility as &$data ) { $data = (object) $data; } } } unset( $plugin, $data ); foreach ( $response['no_update'] as &$plugin ) { $plugin = (object) $plugin; } unset( $plugin ); if ( is_array( $response ) ) { $new_option->response = $response['plugins']; $new_option->translations = $response['translations']; // TODO: Perhaps better to store no_update in a separate transient with an expiry? $new_option->no_update = $response['no_update']; } else { $new_option->response = array(); $new_option->translations = array(); $new_option->no_update = array(); } set_site_transient( 'update_plugins', $new_option ); } /** * Check theme versions against the latest versions hosted on WordPress.org. * * A list of all themes installed in sent to WP. Checks against the * WordPress server at api.wordpress.org. Will only check if WordPress isn't * installing. * * @since 2.7.0 * * @param array $extra_stats Extra statistics to report to the WordPress.org API. */ function wp_update_themes( $extra_stats = array() ) { if ( wp_installing() ) { return; } // include an unmodified $wp_version include( ABSPATH . WPINC . '/version.php' ); $installed_themes = wp_get_themes(); $translations = wp_get_installed_translations( 'themes' ); $last_update = get_site_transient( 'update_themes' ); if ( ! is_object( $last_update ) ) { $last_update = new stdClass; } $themes = $checked = $request = array(); // Put slug of current theme into request. $request['active'] = get_option( 'stylesheet' ); foreach ( $installed_themes as $theme ) { $checked[ $theme->get_stylesheet() ] = $theme->get( 'Version' ); $themes[ $theme->get_stylesheet() ] = array( 'Name' => $theme->get( 'Name' ), 'Title' => $theme->get( 'Name' ), 'Version' => $theme->get( 'Version' ), 'Author' => $theme->get( 'Author' ), 'Author URI' => $theme->get( 'AuthorURI' ), 'Template' => $theme->get_template(), 'Stylesheet' => $theme->get_stylesheet(), ); } $doing_cron = wp_doing_cron(); // Check for update on a different schedule, depending on the page. switch ( current_filter() ) { case 'upgrader_process_complete': $timeout = 0; break; case 'load-update-core.php': $timeout = MINUTE_IN_SECONDS; break; case 'load-themes.php': case 'load-update.php': $timeout = HOUR_IN_SECONDS; break; default: if ( $doing_cron ) { $timeout = 2 * HOUR_IN_SECONDS; } else { $timeout = 12 * HOUR_IN_SECONDS; } } $time_not_changed = isset( $last_update->last_checked ) && $timeout > ( time() - $last_update->last_checked ); if ( $time_not_changed && ! $extra_stats ) { $theme_changed = false; foreach ( $checked as $slug => $v ) { if ( ! isset( $last_update->checked[ $slug ] ) || strval( $last_update->checked[ $slug ] ) !== strval( $v ) ) { $theme_changed = true; } } if ( isset( $last_update->response ) && is_array( $last_update->response ) ) { foreach ( $last_update->response as $slug => $update_details ) { if ( ! isset( $checked[ $slug ] ) ) { $theme_changed = true; break; } } } // Bail if we've checked recently and if nothing has changed if ( ! $theme_changed ) { return; } } // Update last_checked for current to prevent multiple blocking requests if request hangs $last_update->last_checked = time(); set_site_transient( 'update_themes', $last_update ); $request['themes'] = $themes; $locales = array_values( get_available_languages() ); /** * Filters the locales requested for theme translations. * * @since 3.7.0 * @since 4.5.0 The default value of the `$locales` parameter changed to include all locales. * * @param array $locales Theme locales. Default is all available locales of the site. */ $locales = apply_filters( 'themes_update_check_locales', $locales ); $locales = array_unique( $locales ); if ( $doing_cron ) { $timeout = 30; } else { // Three seconds, plus one extra second for every 10 themes $timeout = 3 + (int) ( count( $themes ) / 10 ); } $options = array( 'timeout' => $timeout, 'body' => array( 'themes' => wp_json_encode( $request ), 'translations' => wp_json_encode( $translations ), 'locale' => wp_json_encode( $locales ), ), 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ), ); if ( $extra_stats ) { $options['body']['update_stats'] = wp_json_encode( $extra_stats ); } $url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/'; if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) { $url = set_url_scheme( $url, 'https' ); } $raw_response = wp_remote_post( $url, $options ); if ( $ssl && is_wp_error( $raw_response ) ) { trigger_error( sprintf( /* translators: %s: support forums URL */ __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ), __( 'https://wordpress.org/support/' ) ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); $raw_response = wp_remote_post( $http_url, $options ); } if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) { return; } $new_update = new stdClass; $new_update->last_checked = time(); $new_update->checked = $checked; $response = json_decode( wp_remote_retrieve_body( $raw_response ), true ); if ( is_array( $response ) ) { $new_update->response = $response['themes']; $new_update->translations = $response['translations']; } set_site_transient( 'update_themes', $new_update ); } /** * Performs WordPress automatic background updates. * * @since 3.7.0 */ function wp_maybe_auto_update() { include_once( ABSPATH . 'wp-admin/includes/admin.php' ); include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); $upgrader = new WP_Automatic_Updater; $upgrader->run(); } /** * Retrieves a list of all language updates available. * * @since 3.7.0 * * @return object[] Array of translation objects that have available updates. */ function wp_get_translation_updates() { $updates = array(); $transients = array( 'update_core' => 'core', 'update_plugins' => 'plugin', 'update_themes' => 'theme', ); foreach ( $transients as $transient => $type ) { $transient = get_site_transient( $transient ); if ( empty( $transient->translations ) ) { continue; } foreach ( $transient->translations as $translation ) { $updates[] = (object) $translation; } } return $updates; } /** * Collect counts and UI strings for available updates * * @since 3.3.0 * * @return array */ function wp_get_update_data() { $counts = array( 'plugins' => 0, 'themes' => 0, 'wordpress' => 0, 'translations' => 0, ); if ( $plugins = current_user_can( 'update_plugins' ) ) { $update_plugins = get_site_transient( 'update_plugins' ); if ( ! empty( $update_plugins->response ) ) { $counts['plugins'] = count( $update_plugins->response ); } } if ( $themes = current_user_can( 'update_themes' ) ) { $update_themes = get_site_transient( 'update_themes' ); if ( ! empty( $update_themes->response ) ) { $counts['themes'] = count( $update_themes->response ); } } if ( ( $core = current_user_can( 'update_core' ) ) && function_exists( 'get_core_updates' ) ) { $update_wordpress = get_core_updates( array( 'dismissed' => false ) ); if ( ! empty( $update_wordpress ) && ! in_array( $update_wordpress[0]->response, array( 'development', 'latest' ) ) && current_user_can( 'update_core' ) ) { $counts['wordpress'] = 1; } } if ( ( $core || $plugins || $themes ) && wp_get_translation_updates() ) { $counts['translations'] = 1; } $counts['total'] = $counts['plugins'] + $counts['themes'] + $counts['wordpress'] + $counts['translations']; $titles = array(); if ( $counts['wordpress'] ) { /* translators: %d: number of updates available to WordPress */ $titles['wordpress'] = sprintf( __( '%d WordPress Update' ), $counts['wordpress'] ); } if ( $counts['plugins'] ) { /* translators: %d: number of updates available to plugins */ $titles['plugins'] = sprintf( _n( '%d Plugin Update', '%d Plugin Updates', $counts['plugins'] ), $counts['plugins'] ); } if ( $counts['themes'] ) { /* translators: %d: number of updates available to themes */ $titles['themes'] = sprintf( _n( '%d Theme Update', '%d Theme Updates', $counts['themes'] ), $counts['themes'] ); } if ( $counts['translations'] ) { $titles['translations'] = __( 'Translation Updates' ); } $update_title = $titles ? esc_attr( implode( ', ', $titles ) ) : ''; $update_data = array( 'counts' => $counts, 'title' => $update_title, ); /** * Filters the returned array of update data for plugins, themes, and WordPress core. * * @since 3.5.0 * * @param array $update_data { * Fetched update data. * * @type array $counts An array of counts for available plugin, theme, and WordPress updates. * @type string $update_title Titles of available updates. * } * @param array $titles An array of update counts and UI strings for available updates. */ return apply_filters( 'wp_get_update_data', $update_data, $titles ); } /** * Determines whether core should be updated. * * @since 2.8.0 * * @global string $wp_version */ function _maybe_update_core() { // include an unmodified $wp_version include( ABSPATH . WPINC . '/version.php' ); $current = get_site_transient( 'update_core' ); if ( isset( $current->last_checked, $current->version_checked ) && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked ) && $current->version_checked == $wp_version ) { return; } wp_version_check(); } /** * Check the last time plugins were run before checking plugin versions. * * This might have been backported to WordPress 2.6.1 for performance reasons. * This is used for the wp-admin to check only so often instead of every page * load. * * @since 2.7.0 * @access private */ function _maybe_update_plugins() { $current = get_site_transient( 'update_plugins' ); if ( isset( $current->last_checked ) && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked ) ) { return; } wp_update_plugins(); } /** * Check themes versions only after a duration of time. * * This is for performance reasons to make sure that on the theme version * checker is not run on every page load. * * @since 2.7.0 * @access private */ function _maybe_update_themes() { $current = get_site_transient( 'update_themes' ); if ( isset( $current->last_checked ) && 12 * HOUR_IN_SECONDS > ( time() - $current->last_checked ) ) { return; } wp_update_themes(); } /** * Schedule core, theme, and plugin update checks. * * @since 3.1.0 */ function wp_schedule_update_checks() { if ( ! wp_next_scheduled( 'wp_version_check' ) && ! wp_installing() ) { wp_schedule_event( time(), 'twicedaily', 'wp_version_check' ); } if ( ! wp_next_scheduled( 'wp_update_plugins' ) && ! wp_installing() ) { wp_schedule_event( time(), 'twicedaily', 'wp_update_plugins' ); } if ( ! wp_next_scheduled( 'wp_update_themes' ) && ! wp_installing() ) { wp_schedule_event( time(), 'twicedaily', 'wp_update_themes' ); } } /** * Clear existing update caches for plugins, themes, and core. * * @since 4.1.0 */ function wp_clean_update_cache() { if ( function_exists( 'wp_clean_plugins_cache' ) ) { wp_clean_plugins_cache(); } else { delete_site_transient( 'update_plugins' ); } wp_clean_themes_cache(); delete_site_transient( 'update_core' ); } if ( ( ! is_main_site() && ! is_network_admin() ) || wp_doing_ajax() ) { return; } add_action( 'admin_init', '_maybe_update_core' ); add_action( 'wp_version_check', 'wp_version_check' ); add_action( 'load-plugins.php', 'wp_update_plugins' ); add_action( 'load-update.php', 'wp_update_plugins' ); add_action( 'load-update-core.php', 'wp_update_plugins' ); add_action( 'admin_init', '_maybe_update_plugins' ); add_action( 'wp_update_plugins', 'wp_update_plugins' ); add_action( 'load-themes.php', 'wp_update_themes' ); add_action( 'load-update.php', 'wp_update_themes' ); add_action( 'load-update-core.php', 'wp_update_themes' ); add_action( 'admin_init', '_maybe_update_themes' ); add_action( 'wp_update_themes', 'wp_update_themes' ); add_action( 'update_option_WPLANG', 'wp_clean_update_cache', 10, 0 ); add_action( 'wp_maybe_auto_update', 'wp_maybe_auto_update' ); add_action( 'init', 'wp_schedule_update_checks' ); /** * Core HTTP Request API * * Standardizes the HTTP requests for WordPress. Handles cookies, gzip encoding and decoding, chunk * decoding, if HTTP 1.1 and various other difficult HTTP protocol implementations. * * @package WordPress * @subpackage HTTP */ /** * Returns the initialized WP_Http Object * * @since 2.7.0 * @access private * * @staticvar WP_Http $http * * @return WP_Http HTTP Transport object. */ function _wp_http_get_object() { static $http = null; if ( is_null( $http ) ) { $http = new WP_Http(); } return $http; } /** * Retrieve the raw response from a safe HTTP request. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_safe_remote_request( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->request( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the GET method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_safe_remote_get( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->get( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the POST method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_safe_remote_post( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->post( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the HEAD method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_safe_remote_head( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->head( $url, $args ); } /** * Retrieve the raw response from the HTTP request. * * The array structure is a little complex: * * $res = array( * 'headers' => array(), * 'response' => array( * 'code' => int, * 'message' => string * ) * ); * * All of the headers in $res['headers'] are with the name as the key and the * value as the value. So to get the User-Agent, you would do the following. * * $user_agent = $res['headers']['user-agent']; * * The body is the raw response content and can be retrieved from $res['body']. * * This function is called first to make the request and there are other API * functions to abstract out the above convoluted setup. * * Request method defaults for helper functions: * - Default 'GET' for wp_remote_get() * - Default 'POST' for wp_remote_post() * - Default 'HEAD' for wp_remote_head() * * @since 2.7.0 * * @see WP_Http::request() For additional information on default arguments. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_remote_request( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->request( $url, $args ); } /** * Retrieve the raw response from the HTTP request using the GET method. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_remote_get( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->get( $url, $args ); } /** * Retrieve the raw response from the HTTP request using the POST method. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_remote_post( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->post( $url, $args ); } /** * Retrieve the raw response from the HTTP request using the HEAD method. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url Site URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return WP_Error|array The response or WP_Error on failure. */ function wp_remote_head( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->head( $url, $args ); } /** * Retrieve only the headers from the raw response. * * @since 2.7.0 * @since 4.6.0 Return value changed from an array to an Requests_Utility_CaseInsensitiveDictionary instance. * * @see \Requests_Utility_CaseInsensitiveDictionary * * @param array $response HTTP response. * @return array|\Requests_Utility_CaseInsensitiveDictionary The headers of the response. Empty array if incorrect parameter given. */ function wp_remote_retrieve_headers( $response ) { if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { return array(); } return $response['headers']; } /** * Retrieve a single header by name from the raw response. * * @since 2.7.0 * * @param array $response * @param string $header Header name to retrieve value from. * @return string The header value. Empty string on if incorrect parameter given, or if the header doesn't exist. */ function wp_remote_retrieve_header( $response, $header ) { if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { return ''; } if ( isset( $response['headers'][ $header ] ) ) { return $response['headers'][ $header ]; } return ''; } /** * Retrieve only the response code from the raw response. * * Will return an empty array if incorrect parameter value is given. * * @since 2.7.0 * * @param array $response HTTP response. * @return int|string The response code as an integer. Empty string on incorrect parameter given. */ function wp_remote_retrieve_response_code( $response ) { if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) { return ''; } return $response['response']['code']; } /** * Retrieve only the response message from the raw response. * * Will return an empty array if incorrect parameter value is given. * * @since 2.7.0 * * @param array $response HTTP response. * @return string The response message. Empty string on incorrect parameter given. */ function wp_remote_retrieve_response_message( $response ) { if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) { return ''; } return $response['response']['message']; } /** * Retrieve only the body from the raw response. * * @since 2.7.0 * * @param array $response HTTP response. * @return string The body of the response. Empty string if no body or incorrect parameter given. */ function wp_remote_retrieve_body( $response ) { if ( is_wp_error( $response ) || ! isset( $response['body'] ) ) { return ''; } return $response['body']; } /** * Retrieve only the cookies from the raw response. * * @since 4.4.0 * * @param array $response HTTP response. * @return array An array of `WP_Http_Cookie` objects from the response. Empty array if there are none, or the response is a WP_Error. */ function wp_remote_retrieve_cookies( $response ) { if ( is_wp_error( $response ) || empty( $response['cookies'] ) ) { return array(); } return $response['cookies']; } /** * Retrieve a single cookie by name from the raw response. * * @since 4.4.0 * * @param array $response HTTP response. * @param string $name The name of the cookie to retrieve. * @return WP_Http_Cookie|string The `WP_Http_Cookie` object. Empty string if the cookie isn't present in the response. */ function wp_remote_retrieve_cookie( $response, $name ) { $cookies = wp_remote_retrieve_cookies( $response ); if ( empty( $cookies ) ) { return ''; } foreach ( $cookies as $cookie ) { if ( $cookie->name === $name ) { return $cookie; } } return ''; } /** * Retrieve a single cookie's value by name from the raw response. * * @since 4.4.0 * * @param array $response HTTP response. * @param string $name The name of the cookie to retrieve. * @return string The value of the cookie. Empty string if the cookie isn't present in the response. */ function wp_remote_retrieve_cookie_value( $response, $name ) { $cookie = wp_remote_retrieve_cookie( $response, $name ); if ( ! is_a( $cookie, 'WP_Http_Cookie' ) ) { return ''; } return $cookie->value; } /** * Determines if there is an HTTP Transport that can process this request. * * @since 3.2.0 * * @param array $capabilities Array of capabilities to test or a wp_remote_request() $args array. * @param string $url Optional. If given, will check if the URL requires SSL and adds * that requirement to the capabilities array. * * @return bool */ function wp_http_supports( $capabilities = array(), $url = null ) { $http = _wp_http_get_object(); $capabilities = wp_parse_args( $capabilities ); $count = count( $capabilities ); // If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array if ( $count && count( array_filter( array_keys( $capabilities ), 'is_numeric' ) ) == $count ) { $capabilities = array_combine( array_values( $capabilities ), array_fill( 0, $count, true ) ); } if ( $url && ! isset( $capabilities['ssl'] ) ) { $scheme = parse_url( $url, PHP_URL_SCHEME ); if ( 'https' == $scheme || 'ssl' == $scheme ) { $capabilities['ssl'] = true; } } return (bool) $http->_get_first_available_transport( $capabilities ); } /** * Get the HTTP Origin of the current request. * * @since 3.4.0 * * @return string URL of the origin. Empty string if no origin. */ function get_http_origin() { $origin = ''; if ( ! empty( $_SERVER['HTTP_ORIGIN'] ) ) { $origin = $_SERVER['HTTP_ORIGIN']; } /** * Change the origin of an HTTP request. * * @since 3.4.0 * * @param string $origin The original origin for the request. */ return apply_filters( 'http_origin', $origin ); } /** * Retrieve list of allowed HTTP origins. * * @since 3.4.0 * * @return array Array of origin URLs. */ function get_allowed_http_origins() { $admin_origin = parse_url( admin_url() ); $home_origin = parse_url( home_url() ); // @todo preserve port? $allowed_origins = array_unique( array( 'http://' . $admin_origin['host'], 'https://' . $admin_origin['host'], 'http://' . $home_origin['host'], 'https://' . $home_origin['host'], ) ); /** * Change the origin types allowed for HTTP requests. * * @since 3.4.0 * * @param array $allowed_origins { * Default allowed HTTP origins. * @type string Non-secure URL for admin origin. * @type string Secure URL for admin origin. * @type string Non-secure URL for home origin. * @type string Secure URL for home origin. * } */ return apply_filters( 'allowed_http_origins', $allowed_origins ); } /** * Determines if the HTTP origin is an authorized one. * * @since 3.4.0 * * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used. * @return string Origin URL if allowed, empty string if not. */ function is_allowed_http_origin( $origin = null ) { $origin_arg = $origin; if ( null === $origin ) { $origin = get_http_origin(); } if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) { $origin = ''; } /** * Change the allowed HTTP origin result. * * @since 3.4.0 * * @param string $origin Origin URL if allowed, empty string if not. * @param string $origin_arg Original origin string passed into is_allowed_http_origin function. */ return apply_filters( 'allowed_http_origin', $origin, $origin_arg ); } /** * Send Access-Control-Allow-Origin and related headers if the current request * is from an allowed origin. * * If the request is an OPTIONS request, the script exits with either access * control headers sent, or a 403 response if the origin is not allowed. For * other request methods, you will receive a return value. * * @since 3.4.0 * * @return string|false Returns the origin URL if headers are sent. Returns false * if headers are not sent. */ function send_origin_headers() { $origin = get_http_origin(); if ( is_allowed_http_origin( $origin ) ) { @header( 'Access-Control-Allow-Origin: ' . $origin ); @header( 'Access-Control-Allow-Credentials: true' ); if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { exit; } return $origin; } if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { status_header( 403 ); exit; } return false; } /** * Validate a URL for safe use in the HTTP API. * * @since 3.5.2 * * @param string $url * @return false|string URL or false on failure. */ function wp_http_validate_url( $url ) { $original_url = $url; $url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) ); if ( ! $url || strtolower( $url ) !== strtolower( $original_url ) ) { return false; } $parsed_url = @parse_url( $url ); if ( ! $parsed_url || empty( $parsed_url['host'] ) ) { return false; } if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) ) { return false; } if ( false !== strpbrk( $parsed_url['host'], ':#?[]' ) ) { return false; } $parsed_home = @parse_url( get_option( 'home' ) ); if ( isset( $parsed_home['host'] ) ) { $same_host = strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ); } else { $same_host = false; } if ( ! $same_host ) { $host = trim( $parsed_url['host'], '.' ); if ( preg_match( '#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', $host ) ) { $ip = $host; } else { $ip = gethostbyname( $host ); if ( $ip === $host ) { // Error condition for gethostbyname() return false; } } if ( $ip ) { $parts = array_map( 'intval', explode( '.', $ip ) ); if ( 127 === $parts[0] || 10 === $parts[0] || 0 === $parts[0] || ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] ) || ( 192 === $parts[0] && 168 === $parts[1] ) ) { // If host appears local, reject unless specifically allowed. /** * Check if HTTP request is external or not. * * Allows to change and allow external requests for the HTTP request. * * @since 3.6.0 * * @param bool false Whether HTTP request is external or not. * @param string $host IP of the requested host. * @param string $url URL of the requested host. */ if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) { return false; } } } } if ( empty( $parsed_url['port'] ) ) { return $url; } $port = $parsed_url['port']; if ( 80 === $port || 443 === $port || 8080 === $port ) { return $url; } if ( $parsed_home && $same_host && isset( $parsed_home['port'] ) && $parsed_home['port'] === $port ) { return $url; } return false; } /** * Whitelists allowed redirect hosts for safe HTTP requests as well. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @param bool $is_external * @param string $host * @return bool */ function allowed_http_request_hosts( $is_external, $host ) { if ( ! $is_external && wp_validate_redirect( 'http://' . $host ) ) { $is_external = true; } return $is_external; } /** * Whitelists any domain in a multisite installation for safe HTTP requests. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @global wpdb $wpdb WordPress database abstraction object. * @staticvar array $queried * * @param bool $is_external * @param string $host * @return bool */ function ms_allowed_http_request_hosts( $is_external, $host ) { global $wpdb; static $queried = array(); if ( $is_external ) { return $is_external; } if ( $host === get_network()->domain ) { return true; } if ( isset( $queried[ $host ] ) ) { return $queried[ $host ]; } $queried[ $host ] = (bool) $wpdb->get_var( $wpdb->prepare( "SELECT domain FROM $wpdb->blogs WHERE domain = %s LIMIT 1", $host ) ); return $queried[ $host ]; } /** * A wrapper for PHP's parse_url() function that handles consistency in the return * values across PHP versions. * * PHP 5.4.7 expanded parse_url()'s ability to handle non-absolute url's, including * schemeless and relative url's with :// in the path. This function works around * those limitations providing a standard output on PHP 5.2~5.4+. * * Secondly, across various PHP versions, schemeless URLs starting containing a ":" * in the query are being handled inconsistently. This function works around those * differences as well. * * Error suppression is used as prior to PHP 5.3.3, an E_WARNING would be generated * when URL parsing failed. * * @since 4.4.0 * @since 4.7.0 The `$component` parameter was added for parity with PHP's `parse_url()`. * * @link https://secure.php.net/manual/en/function.parse-url.php * * @param string $url The URL to parse. * @param int $component The specific component to retrieve. Use one of the PHP * predefined constants to specify which one. * Defaults to -1 (= return all parts as an array). * @return mixed False on parse failure; Array of URL components on success; * When a specific component has been requested: null if the component * doesn't exist in the given URL; a string or - in the case of * PHP_URL_PORT - integer when it does. See parse_url()'s return values. */ function wp_parse_url( $url, $component = -1 ) { $to_unset = array(); $url = strval( $url ); if ( '//' === substr( $url, 0, 2 ) ) { $to_unset[] = 'scheme'; $url = 'placeholder:' . $url; } elseif ( '/' === substr( $url, 0, 1 ) ) { $to_unset[] = 'scheme'; $to_unset[] = 'host'; $url = 'placeholder://placeholder' . $url; } $parts = @parse_url( $url ); if ( false === $parts ) { // Parsing failure. return $parts; } // Remove the placeholder values. foreach ( $to_unset as $key ) { unset( $parts[ $key ] ); } return _get_component_from_parsed_url_array( $parts, $component ); } /** * Retrieve a specific component from a parsed URL array. * * @internal * * @since 4.7.0 * @access private * * @link https://secure.php.net/manual/en/function.parse-url.php * * @param array|false $url_parts The parsed URL. Can be false if the URL failed to parse. * @param int $component The specific component to retrieve. Use one of the PHP * predefined constants to specify which one. * Defaults to -1 (= return all parts as an array). * @return mixed False on parse failure; Array of URL components on success; * When a specific component has been requested: null if the component * doesn't exist in the given URL; a string or - in the case of * PHP_URL_PORT - integer when it does. See parse_url()'s return values. */ function _get_component_from_parsed_url_array( $url_parts, $component = -1 ) { if ( -1 === $component ) { return $url_parts; } $key = _wp_translate_php_url_constant_to_key( $component ); if ( false !== $key && is_array( $url_parts ) && isset( $url_parts[ $key ] ) ) { return $url_parts[ $key ]; } else { return null; } } /** * Translate a PHP_URL_* constant to the named array keys PHP uses. * * @internal * * @since 4.7.0 * @access private * * @link https://secure.php.net/manual/en/url.constants.php * * @param int $constant PHP_URL_* constant. * @return string|bool The named key or false. */ function _wp_translate_php_url_constant_to_key( $constant ) { $translation = array( PHP_URL_SCHEME => 'scheme', PHP_URL_HOST => 'host', PHP_URL_PORT => 'port', PHP_URL_USER => 'user', PHP_URL_PASS => 'pass', PHP_URL_PATH => 'path', PHP_URL_QUERY => 'query', PHP_URL_FRAGMENT => 'fragment', ); if ( isset( $translation[ $constant ] ) ) { return $translation[ $constant ]; } else { return false; } } /** * HTTP API: WP_Http class * * @package WordPress * @subpackage HTTP * @since 2.7.0 */ if ( ! class_exists( 'Requests' ) ) { require( ABSPATH . WPINC . '/class-requests.php' ); Requests::register_autoloader(); Requests::set_certificate_path( ABSPATH . WPINC . '/certificates/ca-bundle.crt' ); } /** * Core class used for managing HTTP transports and making HTTP requests. * * This class is used to consistently make outgoing HTTP requests easy for developers * while still being compatible with the many PHP configurations under which * WordPress runs. * * Debugging includes several actions, which pass different variables for debugging the HTTP API. * * @since 2.7.0 */ class WP_Http { // Aliases for HTTP response codes. const HTTP_CONTINUE = 100; const SWITCHING_PROTOCOLS = 101; const PROCESSING = 102; const EARLY_HINTS = 103; const OK = 200; const CREATED = 201; const ACCEPTED = 202; const NON_AUTHORITATIVE_INFORMATION = 203; const NO_CONTENT = 204; const RESET_CONTENT = 205; const PARTIAL_CONTENT = 206; const MULTI_STATUS = 207; const IM_USED = 226; const MULTIPLE_CHOICES = 300; const MOVED_PERMANENTLY = 301; const FOUND = 302; const SEE_OTHER = 303; const NOT_MODIFIED = 304; const USE_PROXY = 305; const RESERVED = 306; const TEMPORARY_REDIRECT = 307; const PERMANENT_REDIRECT = 308; const BAD_REQUEST = 400; const UNAUTHORIZED = 401; const PAYMENT_REQUIRED = 402; const FORBIDDEN = 403; const NOT_FOUND = 404; const METHOD_NOT_ALLOWED = 405; const NOT_ACCEPTABLE = 406; const PROXY_AUTHENTICATION_REQUIRED = 407; const REQUEST_TIMEOUT = 408; const CONFLICT = 409; const GONE = 410; const LENGTH_REQUIRED = 411; const PRECONDITION_FAILED = 412; const REQUEST_ENTITY_TOO_LARGE = 413; const REQUEST_URI_TOO_LONG = 414; const UNSUPPORTED_MEDIA_TYPE = 415; const REQUESTED_RANGE_NOT_SATISFIABLE = 416; const EXPECTATION_FAILED = 417; const IM_A_TEAPOT = 418; const MISDIRECTED_REQUEST = 421; const UNPROCESSABLE_ENTITY = 422; const LOCKED = 423; const FAILED_DEPENDENCY = 424; const UPGRADE_REQUIRED = 426; const PRECONDITION_REQUIRED = 428; const TOO_MANY_REQUESTS = 429; const REQUEST_HEADER_FIELDS_TOO_LARGE = 431; const UNAVAILABLE_FOR_LEGAL_REASONS = 451; const INTERNAL_SERVER_ERROR = 500; const NOT_IMPLEMENTED = 501; const BAD_GATEWAY = 502; const SERVICE_UNAVAILABLE = 503; const GATEWAY_TIMEOUT = 504; const HTTP_VERSION_NOT_SUPPORTED = 505; const VARIANT_ALSO_NEGOTIATES = 506; const INSUFFICIENT_STORAGE = 507; const NOT_EXTENDED = 510; const NETWORK_AUTHENTICATION_REQUIRED = 511; /** * Send an HTTP request to a URI. * * Please note: The only URI that are supported in the HTTP Transport implementation * are the HTTP and HTTPS protocols. * * @since 2.7.0 * * @param string $url The request URL. * @param string|array $args { * Optional. Array or string of HTTP request arguments. * * @type string $method Request method. Accepts 'GET', 'POST', 'HEAD', 'PUT', 'DELETE', * 'TRACE', 'OPTIONS', or 'PATCH'. * Some transports technically allow others, but should not be * assumed. Default 'GET'. * @type int $timeout How long the connection should stay open in seconds. Default 5. * @type int $redirection Number of allowed redirects. Not supported by all transports * Default 5. * @type string $httpversion Version of the HTTP protocol to use. Accepts '1.0' and '1.1'. * Default '1.0'. * @type string $user-agent User-agent value sent. * Default 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ). * @type bool $reject_unsafe_urls Whether to pass URLs through wp_http_validate_url(). * Default false. * @type bool $blocking Whether the calling code requires the result of the request. * If set to false, the request will be sent to the remote server, * and processing returned to the calling code immediately, the caller * will know if the request succeeded or failed, but will not receive * any response from the remote server. Default true. * @type string|array $headers Array or string of headers to send with the request. * Default empty array. * @type array $cookies List of cookies to send with the request. Default empty array. * @type string|array $body Body to send with the request. Default null. * @type bool $compress Whether to compress the $body when sending the request. * Default false. * @type bool $decompress Whether to decompress a compressed response. If set to false and * compressed content is returned in the response anyway, it will * need to be separately decompressed. Default true. * @type bool $sslverify Whether to verify SSL for the request. Default true. * @type string sslcertificates Absolute path to an SSL certificate .crt file. * Default ABSPATH . WPINC . '/certificates/ca-bundle.crt'. * @type bool $stream Whether to stream to a file. If set to true and no filename was * given, it will be droped it in the WP temp dir and its name will * be set using the basename of the URL. Default false. * @type string $filename Filename of the file to write to when streaming. $stream must be * set to true. Default null. * @type int $limit_response_size Size in bytes to limit the response to. Default null. * * } * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. * A WP_Error instance upon error. */ public function request( $url, $args = array() ) { $defaults = array( 'method' => 'GET', /** * Filters the timeout value for an HTTP request. * * @since 2.7.0 * @since 5.1.0 The `$url` parameter was added. * * @param int $timeout_value Time in seconds until a request times out. Default 5. * @param string $url The request URL. */ 'timeout' => apply_filters( 'http_request_timeout', 5, $url ), /** * Filters the number of redirects allowed during an HTTP request. * * @since 2.7.0 * @since 5.1.0 The `$url` parameter was added. * * @param int $redirect_count Number of redirects allowed. Default 5. * @param string $url The request URL. */ 'redirection' => apply_filters( 'http_request_redirection_count', 5, $url ), /** * Filters the version of the HTTP protocol used in a request. * * @since 2.7.0 * @since 5.1.0 The `$url` parameter was added. * * @param string $version Version of HTTP used. Accepts '1.0' and '1.1'. Default '1.0'. * @param string $url The request URL. */ 'httpversion' => apply_filters( 'http_request_version', '1.0', $url ), /** * Filters the user agent value sent with an HTTP request. * * @since 2.7.0 * @since 5.1.0 The `$url` parameter was added. * * @param string $user_agent WordPress user agent string. * @param string $url The request URL. */ 'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ), $url ), /** * Filters whether to pass URLs through wp_http_validate_url() in an HTTP request. * * @since 3.6.0 * @since 5.1.0 The `$url` parameter was added. * * @param bool $pass_url Whether to pass URLs through wp_http_validate_url(). Default false. * @param string $url The request URL. */ 'reject_unsafe_urls' => apply_filters( 'http_request_reject_unsafe_urls', false, $url ), 'blocking' => true, 'headers' => array(), 'cookies' => array(), 'body' => null, 'compress' => false, 'decompress' => true, 'sslverify' => true, 'sslcertificates' => ABSPATH . WPINC . '/certificates/ca-bundle.crt', 'stream' => false, 'filename' => null, 'limit_response_size' => null, ); // Pre-parse for the HEAD checks. $args = wp_parse_args( $args ); // By default, Head requests do not cause redirections. if ( isset( $args['method'] ) && 'HEAD' == $args['method'] ) { $defaults['redirection'] = 0; } $r = wp_parse_args( $args, $defaults ); /** * Filters the arguments used in an HTTP request. * * @since 2.7.0 * * @param array $r An array of HTTP request arguments. * @param string $url The request URL. */ $r = apply_filters( 'http_request_args', $r, $url ); // The transports decrement this, store a copy of the original value for loop purposes. if ( ! isset( $r['_redirection'] ) ) { $r['_redirection'] = $r['redirection']; } /** * Filters whether to preempt an HTTP request's return value. * * Returning a non-false value from the filter will short-circuit the HTTP request and return * early with that value. A filter should return either: * * - An array containing 'headers', 'body', 'response', 'cookies', and 'filename' elements * - A WP_Error instance * - boolean false (to avoid short-circuiting the response) * * Returning any other value may result in unexpected behaviour. * * @since 2.9.0 * * @param false|array|WP_Error $preempt Whether to preempt an HTTP request's return value. Default false. * @param array $r HTTP request arguments. * @param string $url The request URL. */ $pre = apply_filters( 'pre_http_request', false, $r, $url ); if ( false !== $pre ) { return $pre; } if ( function_exists( 'wp_kses_bad_protocol' ) ) { if ( $r['reject_unsafe_urls'] ) { $url = wp_http_validate_url( $url ); } if ( $url ) { $url = wp_kses_bad_protocol( $url, array( 'http', 'https', 'ssl' ) ); } } $arrURL = @parse_url( $url ); if ( empty( $url ) || empty( $arrURL['scheme'] ) ) { return new WP_Error( 'http_request_failed', __( 'A valid URL was not provided.' ) ); } if ( $this->block_request( $url ) ) { return new WP_Error( 'http_request_failed', __( 'User has blocked requests through HTTP.' ) ); } // If we are streaming to a file but no filename was given drop it in the WP temp dir // and pick its name using the basename of the $url if ( $r['stream'] ) { if ( empty( $r['filename'] ) ) { $r['filename'] = get_temp_dir() . basename( $url ); } // Force some settings if we are streaming to a file and check for existence and perms of destination directory $r['blocking'] = true; if ( ! wp_is_writable( dirname( $r['filename'] ) ) ) { return new WP_Error( 'http_request_failed', __( 'Destination directory for file streaming does not exist or is not writable.' ) ); } } if ( is_null( $r['headers'] ) ) { $r['headers'] = array(); } // WP allows passing in headers as a string, weirdly. if ( ! is_array( $r['headers'] ) ) { $processedHeaders = WP_Http::processHeaders( $r['headers'] ); $r['headers'] = $processedHeaders['headers']; } // Setup arguments $headers = $r['headers']; $data = $r['body']; $type = $r['method']; $options = array( 'timeout' => $r['timeout'], 'useragent' => $r['user-agent'], 'blocking' => $r['blocking'], 'hooks' => new WP_HTTP_Requests_Hooks( $url, $r ), ); // Ensure redirects follow browser behaviour. $options['hooks']->register( 'requests.before_redirect', array( get_class(), 'browser_redirect_compatibility' ) ); // Validate redirected URLs. if ( function_exists( 'wp_kses_bad_protocol' ) && $r['reject_unsafe_urls'] ) { $options['hooks']->register( 'requests.before_redirect', array( get_class(), 'validate_redirects' ) ); } if ( $r['stream'] ) { $options['filename'] = $r['filename']; } if ( empty( $r['redirection'] ) ) { $options['follow_redirects'] = false; } else { $options['redirects'] = $r['redirection']; } // Use byte limit, if we can if ( isset( $r['limit_response_size'] ) ) { $options['max_bytes'] = $r['limit_response_size']; } // If we've got cookies, use and convert them to Requests_Cookie. if ( ! empty( $r['cookies'] ) ) { $options['cookies'] = WP_Http::normalize_cookies( $r['cookies'] ); } // SSL certificate handling if ( ! $r['sslverify'] ) { $options['verify'] = false; $options['verifyname'] = false; } else { $options['verify'] = $r['sslcertificates']; } // All non-GET/HEAD requests should put the arguments in the form body. if ( 'HEAD' !== $type && 'GET' !== $type ) { $options['data_format'] = 'body'; } /** * Filters whether SSL should be verified for non-local requests. * * @since 2.8.0 * @since 5.1.0 The `$url` parameter was added. * * @param bool $ssl_verify Whether to verify the SSL connection. Default true. * @param string $url The request URL. */ $options['verify'] = apply_filters( 'https_ssl_verify', $options['verify'], $url ); // Check for proxies. $proxy = new WP_HTTP_Proxy(); if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { $options['proxy'] = new Requests_Proxy_HTTP( $proxy->host() . ':' . $proxy->port() ); if ( $proxy->use_authentication() ) { $options['proxy']->use_authentication = true; $options['proxy']->user = $proxy->username(); $options['proxy']->pass = $proxy->password(); } } // Avoid issues where mbstring.func_overload is enabled mbstring_binary_safe_encoding(); try { $requests_response = Requests::request( $url, $headers, $data, $type, $options ); // Convert the response into an array $http_response = new WP_HTTP_Requests_Response( $requests_response, $r['filename'] ); $response = $http_response->to_array(); // Add the original object to the array. $response['http_response'] = $http_response; } catch ( Requests_Exception $e ) { $response = new WP_Error( 'http_request_failed', $e->getMessage() ); } reset_mbstring_encoding(); /** * Fires after an HTTP API response is received and before the response is returned. * * @since 2.8.0 * * @param array|WP_Error $response HTTP response or WP_Error object. * @param string $context Context under which the hook is fired. * @param string $class HTTP transport used. * @param array $r HTTP request arguments. * @param string $url The request URL. */ do_action( 'http_api_debug', $response, 'response', 'Requests', $r, $url ); if ( is_wp_error( $response ) ) { return $response; } if ( ! $r['blocking'] ) { return array( 'headers' => array(), 'body' => '', 'response' => array( 'code' => false, 'message' => false, ), 'cookies' => array(), 'http_response' => null, ); } /** * Filters the HTTP API response immediately before the response is returned. * * @since 2.9.0 * * @param array $response HTTP response. * @param array $r HTTP request arguments. * @param string $url The request URL. */ return apply_filters( 'http_response', $response, $r, $url ); } /** * Normalizes cookies for using in Requests. * * @since 4.6.0 * * @param array $cookies Array of cookies to send with the request. * @return Requests_Cookie_Jar Cookie holder object. */ public static function normalize_cookies( $cookies ) { $cookie_jar = new Requests_Cookie_Jar(); foreach ( $cookies as $name => $value ) { if ( $value instanceof WP_Http_Cookie ) { $cookie_jar[ $value->name ] = new Requests_Cookie( $value->name, $value->value, $value->get_attributes(), array( 'host-only' => $value->host_only ) ); } elseif ( is_scalar( $value ) ) { $cookie_jar[ $name ] = new Requests_Cookie( $name, $value ); } } return $cookie_jar; } /** * Match redirect behaviour to browser handling. * * Changes 302 redirects from POST to GET to match browser handling. Per * RFC 7231, user agents can deviate from the strict reading of the * specification for compatibility purposes. * * @since 4.6.0 * * @param string $location URL to redirect to. * @param array $headers Headers for the redirect. * @param string|array $data Body to send with the request. * @param array $options Redirect request options. * @param Requests_Response $original Response object. */ public static function browser_redirect_compatibility( $location, $headers, $data, &$options, $original ) { // Browser compat if ( $original->status_code === 302 ) { $options['type'] = Requests::GET; } } /** * Validate redirected URLs. * * @since 4.7.5 * * @throws Requests_Exception On unsuccessful URL validation * @param string $location URL to redirect to. */ public static function validate_redirects( $location ) { if ( ! wp_http_validate_url( $location ) ) { throw new Requests_Exception( __( 'A valid URL was not provided.' ), 'wp_http.redirect_failed_validation' ); } } /** * Tests which transports are capable of supporting the request. * * @since 3.2.0 * * @param array $args Request arguments * @param string $url URL to Request * * @return string|false Class name for the first transport that claims to support the request. False if no transport claims to support the request. */ public function _get_first_available_transport( $args, $url = null ) { $transports = array( 'curl', 'streams' ); /** * Filters which HTTP transports are available and in what order. * * @since 3.7.0 * * @param array $transports Array of HTTP transports to check. Default array contains * 'curl', and 'streams', in that order. * @param array $args HTTP request arguments. * @param string $url The URL to request. */ $request_order = apply_filters( 'http_api_transports', $transports, $args, $url ); // Loop over each transport on each HTTP request looking for one which will serve this request's needs. foreach ( $request_order as $transport ) { if ( in_array( $transport, $transports ) ) { $transport = ucfirst( $transport ); } $class = 'WP_Http_' . $transport; // Check to see if this transport is a possibility, calls the transport statically. if ( ! call_user_func( array( $class, 'test' ), $args, $url ) ) { continue; } return $class; } return false; } /** * Dispatches a HTTP request to a supporting transport. * * Tests each transport in order to find a transport which matches the request arguments. * Also caches the transport instance to be used later. * * The order for requests is cURL, and then PHP Streams. * * @since 3.2.0 * @deprecated 5.1.0 Use WP_Http::request() * @see WP_Http::request() * * @param string $url URL to Request * @param array $args Request arguments * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ private function _dispatch_request( $url, $args ) { static $transports = array(); $class = $this->_get_first_available_transport( $args, $url ); if ( ! $class ) { return new WP_Error( 'http_failure', __( 'There are no HTTP transports available which can complete the requested request.' ) ); } // Transport claims to support request, instantiate it and give it a whirl. if ( empty( $transports[ $class ] ) ) { $transports[ $class ] = new $class; } $response = $transports[ $class ]->request( $url, $args ); /** This action is documented in wp-includes/class-http.php */ do_action( 'http_api_debug', $response, 'response', $class, $args, $url ); if ( is_wp_error( $response ) ) { return $response; } /** This filter is documented in wp-includes/class-http.php */ return apply_filters( 'http_response', $response, $args, $url ); } /** * Uses the POST HTTP method. * * Used for sending data that is expected to be in the body. * * @since 2.7.0 * * @param string $url The request URL. * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ public function post( $url, $args = array() ) { $defaults = array( 'method' => 'POST' ); $r = wp_parse_args( $args, $defaults ); return $this->request( $url, $r ); } /** * Uses the GET HTTP method. * * Used for sending data that is expected to be in the body. * * @since 2.7.0 * * @param string $url The request URL. * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ public function get( $url, $args = array() ) { $defaults = array( 'method' => 'GET' ); $r = wp_parse_args( $args, $defaults ); return $this->request( $url, $r ); } /** * Uses the HEAD HTTP method. * * Used for sending data that is expected to be in the body. * * @since 2.7.0 * * @param string $url The request URL. * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ public function head( $url, $args = array() ) { $defaults = array( 'method' => 'HEAD' ); $r = wp_parse_args( $args, $defaults ); return $this->request( $url, $r ); } /** * Parses the responses and splits the parts into headers and body. * * @since 2.7.0 * * @param string $strResponse The full response string * @return array Array with 'headers' and 'body' keys. */ public static function processResponse( $strResponse ) { $res = explode( "\r\n\r\n", $strResponse, 2 ); return array( 'headers' => $res[0], 'body' => isset( $res[1] ) ? $res[1] : '', ); } /** * Transform header string into an array. * * If an array is given then it is assumed to be raw header data with numeric keys with the * headers as the values. No headers must be passed that were already processed. * * @since 2.7.0 * * @param string|array $headers * @param string $url The URL that was requested * @return array Processed string headers. If duplicate headers are encountered, * Then a numbered array is returned as the value of that header-key. */ public static function processHeaders( $headers, $url = '' ) { // Split headers, one per array element. if ( is_string( $headers ) ) { // Tolerate line terminator: CRLF = LF (RFC 2616 19.3). $headers = str_replace( "\r\n", "\n", $headers ); /* * Unfold folded header fields. LWS = [CRLF] 1*( SP | HT )