WordPress/wp-admin/includes/misc.php

1659 lines
45 KiB
PHP
Raw Normal View History

<?php
/**
* Misc WordPress Administration API.
*
* @package WordPress
* @subpackage Administration
*/
/**
* Returns whether the server is running Apache with the mod_rewrite module loaded.
*
* @since 2.0.0
*
* @return bool Whether the server is running Apache with the mod_rewrite module loaded.
*/
function got_mod_rewrite() {
$got_rewrite = apache_mod_loaded( 'mod_rewrite', true );
/**
* Filters whether Apache and mod_rewrite are present.
*
* This filter was previously used to force URL rewriting for other servers,
* like nginx. Use the {@see 'got_url_rewrite'} filter in got_url_rewrite() instead.
*
* @since 2.5.0
*
* @see got_url_rewrite()
*
* @param bool $got_rewrite Whether Apache and mod_rewrite are present.
*/
return apply_filters( 'got_rewrite', $got_rewrite );
}
/**
* Returns whether the server supports URL rewriting.
*
* Detects Apache's mod_rewrite, IIS 7.0+ permalink support, and nginx.
*
* @since 3.7.0
*
* @global bool $is_nginx
* @global bool $is_caddy
*
* @return bool Whether the server supports URL rewriting.
*/
function got_url_rewrite() {
$got_url_rewrite = ( got_mod_rewrite() || $GLOBALS['is_nginx'] || $GLOBALS['is_caddy'] || iis7_supports_permalinks() );
/**
* Filters whether URL rewriting is available.
*
* @since 3.7.0
*
* @param bool $got_url_rewrite Whether URL rewriting is available.
*/
return apply_filters( 'got_url_rewrite', $got_url_rewrite );
}
/**
* Extracts strings from between the BEGIN and END markers in the .htaccess file.
*
* @since 1.5.0
*
* @param string $filename Filename to extract the strings from.
* @param string $marker The marker to extract the strings from.
* @return string[] An array of strings from a file (.htaccess) from between BEGIN and END markers.
*/
function extract_from_markers( $filename, $marker ) {
$result = array();
if ( ! file_exists( $filename ) ) {
return $result;
}
$markerdata = explode( "\n", implode( '', file( $filename ) ) );
$state = false;
foreach ( $markerdata as $markerline ) {
if ( str_contains( $markerline, '# END ' . $marker ) ) {
$state = false;
}
if ( $state ) {
if ( str_starts_with( $markerline, '#' ) ) {
continue;
}
$result[] = $markerline;
}
if ( str_contains( $markerline, '# BEGIN ' . $marker ) ) {
$state = true;
}
}
return $result;
}
/**
* Inserts an array of strings into a file (.htaccess), placing it between
* BEGIN and END markers.
*
* Replaces existing marked info. Retains surrounding
* data. Creates file if none exists.
*
* @since 1.5.0
*
* @param string $filename Filename to alter.
* @param string $marker The marker to alter.
* @param array|string $insertion The new content to insert.
* @return bool True on write success, false on failure.
*/
function insert_with_markers( $filename, $marker, $insertion ) {
if ( ! file_exists( $filename ) ) {
if ( ! is_writable( dirname( $filename ) ) ) {
return false;
}
if ( ! touch( $filename ) ) {
return false;
}
// Make sure the file is created with a minimum set of permissions.
$perms = fileperms( $filename );
if ( $perms ) {
chmod( $filename, $perms | 0644 );
}
} elseif ( ! is_writable( $filename ) ) {
return false;
}
if ( ! is_array( $insertion ) ) {
$insertion = explode( "\n", $insertion );
}
$switched_locale = switch_to_locale( get_locale() );
$instructions = sprintf(
/* translators: 1: Marker. */
__(
'The directives (lines) between "BEGIN %1$s" and "END %1$s" are
dynamically generated, and should only be modified via WordPress filters.
Any changes to the directives between these markers will be overwritten.'
),
$marker
);
$instructions = explode( "\n", $instructions );
foreach ( $instructions as $line => $text ) {
$instructions[ $line ] = '# ' . $text;
}
/**
* Filters the inline instructions inserted before the dynamically generated content.
*
* @since 5.3.0
*
* @param string[] $instructions Array of lines with inline instructions.
* @param string $marker The marker being inserted.
*/
$instructions = apply_filters( 'insert_with_markers_inline_instructions', $instructions, $marker );
if ( $switched_locale ) {
restore_previous_locale();
}
$insertion = array_merge( $instructions, $insertion );
$start_marker = "# BEGIN {$marker}";
$end_marker = "# END {$marker}";
$fp = fopen( $filename, 'r+' );
if ( ! $fp ) {
return false;
}
// Attempt to get a lock. If the filesystem supports locking, this will block until the lock is acquired.
flock( $fp, LOCK_EX );
$lines = array();
while ( ! feof( $fp ) ) {
$lines[] = rtrim( fgets( $fp ), "\r\n" );
}
// Split out the existing file into the preceding lines, and those that appear after the marker.
$pre_lines = array();
$post_lines = array();
$existing_lines = array();
$found_marker = false;
$found_end_marker = false;
foreach ( $lines as $line ) {
if ( ! $found_marker && str_contains( $line, $start_marker ) ) {
$found_marker = true;
continue;
} elseif ( ! $found_end_marker && str_contains( $line, $end_marker ) ) {
$found_end_marker = true;
continue;
}
if ( ! $found_marker ) {
$pre_lines[] = $line;
} elseif ( $found_marker && $found_end_marker ) {
$post_lines[] = $line;
} else {
$existing_lines[] = $line;
}
}
// Check to see if there was a change.
if ( $existing_lines === $insertion ) {
flock( $fp, LOCK_UN );
fclose( $fp );
return true;
}
// Generate the new file data.
$new_file_data = implode(
"\n",
array_merge(
$pre_lines,
array( $start_marker ),
$insertion,
array( $end_marker ),
$post_lines
)
);
// Write to the start of the file, and truncate it to that length.
fseek( $fp, 0 );
$bytes = fwrite( $fp, $new_file_data );
if ( $bytes ) {
ftruncate( $fp, ftell( $fp ) );
}
fflush( $fp );
flock( $fp, LOCK_UN );
fclose( $fp );
return (bool) $bytes;
}
/**
* Updates the htaccess file with the current rules if it is writable.
*
* Always writes to the file if it exists and is writable to ensure that we
* blank out old rules.
*
* @since 1.5.0
*
* @global WP_Rewrite $wp_rewrite WordPress rewrite component.
*
* @return bool|null True on write success, false on failure. Null in multisite.
*/
function save_mod_rewrite_rules() {
global $wp_rewrite;
if ( is_multisite() ) {
return;
}
// Ensure get_home_path() is declared.
require_once ABSPATH . 'wp-admin/includes/file.php';
$home_path = get_home_path();
$htaccess_file = $home_path . '.htaccess';
/*
* If the file doesn't already exist check for write access to the directory
* and whether we have some rules. Else check for write access to the file.
*/
if ( ! file_exists( $htaccess_file ) && is_writable( $home_path ) && $wp_rewrite->using_mod_rewrite_permalinks()
|| is_writable( $htaccess_file )
) {
if ( got_mod_rewrite() ) {
$rules = explode( "\n", $wp_rewrite->mod_rewrite_rules() );
return insert_with_markers( $htaccess_file, 'WordPress', $rules );
}
}
return false;
}
/**
* Updates the IIS web.config file with the current rules if it is writable.
* If the permalinks do not require rewrite rules then the rules are deleted from the web.config file.
*
* @since 2.8.0
*
* @global WP_Rewrite $wp_rewrite WordPress rewrite component.
*
* @return bool|null True on write success, false on failure. Null in multisite.
*/
function iis7_save_url_rewrite_rules() {
global $wp_rewrite;
if ( is_multisite() ) {
return;
}
// Ensure get_home_path() is declared.
require_once ABSPATH . 'wp-admin/includes/file.php';
$home_path = get_home_path();
$web_config_file = $home_path . 'web.config';
// Using win_is_writable() instead of is_writable() because of a bug in Windows PHP.
if ( iis7_supports_permalinks()
&& ( ! file_exists( $web_config_file ) && win_is_writable( $home_path ) && $wp_rewrite->using_mod_rewrite_permalinks()
|| win_is_writable( $web_config_file ) )
) {
$rule = $wp_rewrite->iis7_url_rewrite_rules( false );
if ( ! empty( $rule ) ) {
return iis7_add_rewrite_rule( $web_config_file, $rule );
} else {
return iis7_delete_rewrite_rule( $web_config_file );
}
}
return false;
}
/**
* Updates the "recently-edited" file for the plugin or theme file editor.
*
* @since 1.5.0
*
* @param string $file
*/
function update_recently_edited( $file ) {
$oldfiles = (array) get_option( 'recently_edited' );
if ( $oldfiles ) {
$oldfiles = array_reverse( $oldfiles );
$oldfiles[] = $file;
$oldfiles = array_reverse( $oldfiles );
$oldfiles = array_unique( $oldfiles );
if ( 5 < count( $oldfiles ) ) {
array_pop( $oldfiles );
}
} else {
$oldfiles[] = $file;
}
update_option( 'recently_edited', $oldfiles );
}
/**
* Makes a tree structure for the theme file editor's file list.
*
* @since 4.9.0
* @access private
*
* @param array $allowed_files List of theme file paths.
* @return array Tree structure for listing theme files.
*/
function wp_make_theme_file_tree( $allowed_files ) {
$tree_list = array();
foreach ( $allowed_files as $file_name => $absolute_filename ) {
$list = explode( '/', $file_name );
$last_dir = &$tree_list;
foreach ( $list as $dir ) {
$last_dir =& $last_dir[ $dir ];
}
$last_dir = $file_name;
}
return $tree_list;
}
/**
* Outputs the formatted file list for the theme file editor.
*
* @since 4.9.0
* @access private
*
* @global string $relative_file Name of the file being edited relative to the
* theme directory.
* @global string $stylesheet The stylesheet name of the theme being edited.
*
* @param array|string $tree List of file/folder paths, or filename.
* @param int $level The aria-level for the current iteration.
* @param int $size The aria-setsize for the current iteration.
* @param int $index The aria-posinset for the current iteration.
*/
function wp_print_theme_file_tree( $tree, $level = 2, $size = 1, $index = 1 ) {
global $relative_file, $stylesheet;
if ( is_array( $tree ) ) {
$index = 0;
$size = count( $tree );
foreach ( $tree as $label => $theme_file ) :
++$index;
if ( ! is_array( $theme_file ) ) {
wp_print_theme_file_tree( $theme_file, $level, $index, $size );
continue;
}
?>
<li role="treeitem" aria-expanded="true" tabindex="-1"
aria-level="<?php echo esc_attr( $level ); ?>"
aria-setsize="<?php echo esc_attr( $size ); ?>"
aria-posinset="<?php echo esc_attr( $index ); ?>">
<span class="folder-label"><?php echo esc_html( $label ); ?> <span class="screen-reader-text">
<?php
/* translators: Hidden accessibility text. */
_e( 'folder' );
?>
</span><span aria-hidden="true" class="icon"></span></span>
<ul role="group" class="tree-folder"><?php wp_print_theme_file_tree( $theme_file, $level + 1, $index, $size ); ?></ul>
</li>
<?php
endforeach;
} else {
$filename = $tree;
$url = add_query_arg(
array(
'file' => rawurlencode( $tree ),
'theme' => rawurlencode( $stylesheet ),
),
self_admin_url( 'theme-editor.php' )
);
?>
<li role="none" class="<?php echo esc_attr( $relative_file === $filename ? 'current-file' : '' ); ?>">
<a role="treeitem" tabindex="<?php echo esc_attr( $relative_file === $filename ? '0' : '-1' ); ?>"
href="<?php echo esc_url( $url ); ?>"
aria-level="<?php echo esc_attr( $level ); ?>"
aria-setsize="<?php echo esc_attr( $size ); ?>"
aria-posinset="<?php echo esc_attr( $index ); ?>">
<?php
$file_description = esc_html( get_file_description( $filename ) );
if ( $file_description !== $filename && wp_basename( $filename ) !== $file_description ) {
$file_description .= '<br /><span class="nonessential">(' . esc_html( $filename ) . ')</span>';
}
if ( $relative_file === $filename ) {
echo '<span class="notice notice-info">' . $file_description . '</span>';
} else {
echo $file_description;
}
?>
</a>
</li>
<?php
}
}
/**
* Makes a tree structure for the plugin file editor's file list.
*
* @since 4.9.0
* @access private
*
* @param array $plugin_editable_files List of plugin file paths.
* @return array Tree structure for listing plugin files.
*/
function wp_make_plugin_file_tree( $plugin_editable_files ) {
$tree_list = array();
foreach ( $plugin_editable_files as $plugin_file ) {
$list = explode( '/', preg_replace( '#^.+?/#', '', $plugin_file ) );
$last_dir = &$tree_list;
foreach ( $list as $dir ) {
$last_dir =& $last_dir[ $dir ];
}
$last_dir = $plugin_file;
}
return $tree_list;
}
/**
* Outputs the formatted file list for the plugin file editor.
*
* @since 4.9.0
* @access private
*
* @param array|string $tree List of file/folder paths, or filename.
* @param string $label Name of file or folder to print.
* @param int $level The aria-level for the current iteration.
* @param int $size The aria-setsize for the current iteration.
* @param int $index The aria-posinset for the current iteration.
*/
function wp_print_plugin_file_tree( $tree, $label = '', $level = 2, $size = 1, $index = 1 ) {
global $file, $plugin;
if ( is_array( $tree ) ) {
$index = 0;
$size = count( $tree );
foreach ( $tree as $label => $plugin_file ) :
++$index;
if ( ! is_array( $plugin_file ) ) {
wp_print_plugin_file_tree( $plugin_file, $label, $level, $index, $size );
continue;
}
?>
<li role="treeitem" aria-expanded="true" tabindex="-1"
aria-level="<?php echo esc_attr( $level ); ?>"
aria-setsize="<?php echo esc_attr( $size ); ?>"
aria-posinset="<?php echo esc_attr( $index ); ?>">
<span class="folder-label"><?php echo esc_html( $label ); ?> <span class="screen-reader-text">
<?php
/* translators: Hidden accessibility text. */
_e( 'folder' );
?>
</span><span aria-hidden="true" class="icon"></span></span>
<ul role="group" class="tree-folder"><?php wp_print_plugin_file_tree( $plugin_file, '', $level + 1, $index, $size ); ?></ul>
</li>
<?php
endforeach;
} else {
$url = add_query_arg(
array(
'file' => rawurlencode( $tree ),
'plugin' => rawurlencode( $plugin ),
),
self_admin_url( 'plugin-editor.php' )
);
?>
<li role="none" class="<?php echo esc_attr( $file === $tree ? 'current-file' : '' ); ?>">
<a role="treeitem" tabindex="<?php echo esc_attr( $file === $tree ? '0' : '-1' ); ?>"
href="<?php echo esc_url( $url ); ?>"
aria-level="<?php echo esc_attr( $level ); ?>"
aria-setsize="<?php echo esc_attr( $size ); ?>"
aria-posinset="<?php echo esc_attr( $index ); ?>">
<?php
if ( $file === $tree ) {
echo '<span class="notice notice-info">' . esc_html( $label ) . '</span>';
} else {
echo esc_html( $label );
}
?>
</a>
</li>
<?php
}
}
/**
* Flushes rewrite rules if `siteurl`, `home` or `page_on_front` changed.
*
* @since 2.1.0
*
* @param string $old_value
* @param string $value
*/
function update_home_siteurl( $old_value, $value ) {
if ( wp_installing() ) {
return;
}
if ( is_multisite() && ms_is_switched() ) {
delete_option( 'rewrite_rules' );
} else {
flush_rewrite_rules();
}
}
/**
* Resets global variables based on `$_GET` and `$_POST`.
*
* This function resets global variables based on the names passed
* in the `$vars` array to the value of `$_POST[$var]` or `$_GET[$var]` or an
* empty string if neither is defined.
*
* @since 2.0.0
*
* @param array $vars An array of globals to reset.
*/
function wp_reset_vars( $vars ) {
foreach ( $vars as $var ) {
if ( empty( $_POST[ $var ] ) ) {
if ( empty( $_GET[ $var ] ) ) {
$GLOBALS[ $var ] = '';
} else {
$GLOBALS[ $var ] = $_GET[ $var ];
}
} else {
$GLOBALS[ $var ] = $_POST[ $var ];
}
}
}
/**
* Displays the given administration message.
*
* @since 2.1.0
*
* @param string|WP_Error $message
*/
function show_message( $message ) {
if ( is_wp_error( $message ) ) {
if ( $message->get_error_data() && is_string( $message->get_error_data() ) ) {
$message = $message->get_error_message() . ': ' . $message->get_error_data();
} else {
$message = $message->get_error_message();
}
}
echo "<p>$message</p>\n";
wp_ob_end_flush_all();
flush();
}
/**
* @since 2.8.0
*
* @param string $content
* @return array
*/
function wp_doc_link_parse( $content ) {
if ( ! is_string( $content ) || empty( $content ) ) {
return array();
}
if ( ! function_exists( 'token_get_all' ) ) {
return array();
}
$tokens = token_get_all( $content );
$count = count( $tokens );
$functions = array();
$ignore_functions = array();
for ( $t = 0; $t < $count - 2; $t++ ) {
if ( ! is_array( $tokens[ $t ] ) ) {
continue;
}
if ( T_STRING === $tokens[ $t ][0] && ( '(' === $tokens[ $t + 1 ] || '(' === $tokens[ $t + 2 ] ) ) {
// If it's a function or class defined locally, there's not going to be any docs available.
if ( ( isset( $tokens[ $t - 2 ][1] ) && in_array( $tokens[ $t - 2 ][1], array( 'function', 'class' ), true ) )
|| ( isset( $tokens[ $t - 2 ][0] ) && T_OBJECT_OPERATOR === $tokens[ $t - 1 ][0] )
) {
$ignore_functions[] = $tokens[ $t ][1];
}
// Add this to our stack of unique references.
$functions[] = $tokens[ $t ][1];
}
}
$functions = array_unique( $functions );
sort( $functions );
/**
* Filters the list of functions and classes to be ignored from the documentation lookup.
*
* @since 2.8.0
*
* @param string[] $ignore_functions Array of names of functions and classes to be ignored.
*/
$ignore_functions = apply_filters( 'documentation_ignore_functions', $ignore_functions );
$ignore_functions = array_unique( $ignore_functions );
$output = array();
foreach ( $functions as $function ) {
if ( in_array( $function, $ignore_functions, true ) ) {
continue;
}
$output[] = $function;
}
return $output;
}
/**
* Saves option for number of rows when listing posts, pages, comments, etc.
*
* @since 2.8.0
*/
function set_screen_options() {
if ( ! isset( $_POST['wp_screen_options'] ) || ! is_array( $_POST['wp_screen_options'] ) ) {
return;
}
check_admin_referer( 'screen-options-nonce', 'screenoptionnonce' );
$user = wp_get_current_user();
if ( ! $user ) {
return;
}
$option = $_POST['wp_screen_options']['option'];
$value = $_POST['wp_screen_options']['value'];
if ( sanitize_key( $option ) !== $option ) {
return;
}
$map_option = $option;
$type = str_replace( 'edit_', '', $map_option );
$type = str_replace( '_per_page', '', $type );
if ( in_array( $type, get_taxonomies(), true ) ) {
$map_option = 'edit_tags_per_page';
} elseif ( in_array( $type, get_post_types(), true ) ) {
$map_option = 'edit_per_page';
} else {
$option = str_replace( '-', '_', $option );
}
switch ( $map_option ) {
case 'edit_per_page':
case 'users_per_page':
case 'edit_comments_per_page':
case 'upload_per_page':
case 'edit_tags_per_page':
case 'plugins_per_page':
case 'export_personal_data_requests_per_page':
case 'remove_personal_data_requests_per_page':
// Network admin.
case 'sites_network_per_page':
case 'users_network_per_page':
case 'site_users_network_per_page':
case 'plugins_network_per_page':
case 'themes_network_per_page':
case 'site_themes_network_per_page':
$value = (int) $value;
if ( $value < 1 || $value > 999 ) {
return;
}
break;
default:
$screen_option = false;
if ( str_ends_with( $option, '_page' ) || 'layout_columns' === $option ) {
/**
* Filters a screen option value before it is set.
*
* The filter can also be used to modify non-standard `[items]_per_page`
* settings. See the parent function for a full list of standard options.
*
* Returning false from the filter will skip saving the current option.
*
* @since 2.8.0
* @since 5.4.2 Only applied to options ending with '_page',
* or the 'layout_columns' option.
*
* @see set_screen_options()
*
* @param mixed $screen_option The value to save instead of the option value.
* Default false (to skip saving the current option).
* @param string $option The option name.
* @param int $value The option value.
*/
$screen_option = apply_filters( 'set-screen-option', $screen_option, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
}
/**
* Filters a screen option value before it is set.
*
* The dynamic portion of the hook name, `$option`, refers to the option name.
*
* Returning false from the filter will skip saving the current option.
*
* @since 5.4.2
*
* @see set_screen_options()
*
* @param mixed $screen_option The value to save instead of the option value.
* Default false (to skip saving the current option).
* @param string $option The option name.
* @param int $value The option value.
*/
$value = apply_filters( "set_screen_option_{$option}", $screen_option, $option, $value );
if ( false === $value ) {
return;
}
break;
}
update_user_meta( $user->ID, $option, $value );
$url = remove_query_arg( array( 'pagenum', 'apage', 'paged' ), wp_get_referer() );
if ( isset( $_POST['mode'] ) ) {
$url = add_query_arg( array( 'mode' => $_POST['mode'] ), $url );
}
wp_safe_redirect( $url );
exit;
}
/**
* Checks if rewrite rule for WordPress already exists in the IIS 7+ configuration file.
*
* @since 2.8.0
*
* @param string $filename The file path to the configuration file.
* @return bool
*/
function iis7_rewrite_rule_exists( $filename ) {
if ( ! file_exists( $filename ) ) {
return false;
}
if ( ! class_exists( 'DOMDocument', false ) ) {
return false;
}
$doc = new DOMDocument();
if ( $doc->load( $filename ) === false ) {
return false;
}
$xpath = new DOMXPath( $doc );
$rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' );
if ( 0 === $rules->length ) {
return false;
}
return true;
}
/**
* Deletes WordPress rewrite rule from web.config file if it exists there.
*
* @since 2.8.0
*
* @param string $filename Name of the configuration file.
* @return bool
*/
function iis7_delete_rewrite_rule( $filename ) {
// If configuration file does not exist then rules also do not exist, so there is nothing to delete.
if ( ! file_exists( $filename ) ) {
return true;
}
if ( ! class_exists( 'DOMDocument', false ) ) {
return false;
}
$doc = new DOMDocument();
$doc->preserveWhiteSpace = false;
if ( $doc->load( $filename ) === false ) {
return false;
}
$xpath = new DOMXPath( $doc );
$rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' );
if ( $rules->length > 0 ) {
$child = $rules->item( 0 );
$parent = $child->parentNode;
$parent->removeChild( $child );
$doc->formatOutput = true;
saveDomDocument( $doc, $filename );
}
return true;
}
/**
* Adds WordPress rewrite rule to the IIS 7+ configuration file.
*
* @since 2.8.0
*
* @param string $filename The file path to the configuration file.
* @param string $rewrite_rule The XML fragment with URL Rewrite rule.
* @return bool
*/
function iis7_add_rewrite_rule( $filename, $rewrite_rule ) {
if ( ! class_exists( 'DOMDocument', false ) ) {
return false;
}
// If configuration file does not exist then we create one.
if ( ! file_exists( $filename ) ) {
$fp = fopen( $filename, 'w' );
fwrite( $fp, '<configuration/>' );
fclose( $fp );
}
$doc = new DOMDocument();
$doc->preserveWhiteSpace = false;
if ( $doc->load( $filename ) === false ) {
return false;
}
$xpath = new DOMXPath( $doc );
// First check if the rule already exists as in that case there is no need to re-add it.
$wordpress_rules = $xpath->query( '/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]' );
if ( $wordpress_rules->length > 0 ) {
return true;
}
// Check the XPath to the rewrite rule and create XML nodes if they do not exist.
$xml_nodes = $xpath->query( '/configuration/system.webServer/rewrite/rules' );
if ( $xml_nodes->length > 0 ) {
$rules_node = $xml_nodes->item( 0 );
} else {
$rules_node = $doc->createElement( 'rules' );
$xml_nodes = $xpath->query( '/configuration/system.webServer/rewrite' );
if ( $xml_nodes->length > 0 ) {
$rewrite_node = $xml_nodes->item( 0 );
$rewrite_node->appendChild( $rules_node );
} else {
$rewrite_node = $doc->createElement( 'rewrite' );
$rewrite_node->appendChild( $rules_node );
$xml_nodes = $xpath->query( '/configuration/system.webServer' );
if ( $xml_nodes->length > 0 ) {
$system_web_server_node = $xml_nodes->item( 0 );
$system_web_server_node->appendChild( $rewrite_node );
} else {
$system_web_server_node = $doc->createElement( 'system.webServer' );
$system_web_server_node->appendChild( $rewrite_node );
$xml_nodes = $xpath->query( '/configuration' );
if ( $xml_nodes->length > 0 ) {
$config_node = $xml_nodes->item( 0 );
$config_node->appendChild( $system_web_server_node );
} else {
$config_node = $doc->createElement( 'configuration' );
$doc->appendChild( $config_node );
$config_node->appendChild( $system_web_server_node );
}
}
}
}
$rule_fragment = $doc->createDocumentFragment();
$rule_fragment->appendXML( $rewrite_rule );
$rules_node->appendChild( $rule_fragment );
$doc->encoding = 'UTF-8';
$doc->formatOutput = true;
saveDomDocument( $doc, $filename );
return true;
}
/**
* Saves the XML document into a file.
*
* @since 2.8.0
*
* @param DOMDocument $doc
* @param string $filename
*/
function saveDomDocument( $doc, $filename ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid
$config = $doc->saveXML();
$config = preg_replace( "/([^\r])\n/", "$1\r\n", $config );
$fp = fopen( $filename, 'w' );
fwrite( $fp, $config );
fclose( $fp );
}
/**
* Displays the default admin color scheme picker (Used in user-edit.php).
*
* @since 3.0.0
*
* @global array $_wp_admin_css_colors
*
* @param int $user_id User ID.
*/
function admin_color_scheme_picker( $user_id ) {
global $_wp_admin_css_colors;
ksort( $_wp_admin_css_colors );
if ( isset( $_wp_admin_css_colors['fresh'] ) ) {
// Set Default ('fresh') and Light should go first.
$_wp_admin_css_colors = array_filter(
array_merge(
array(
'fresh' => '',
'light' => '',
'modern' => '',
),
$_wp_admin_css_colors
)
);
}
$current_color = get_user_option( 'admin_color', $user_id );
if ( empty( $current_color ) || ! isset( $_wp_admin_css_colors[ $current_color ] ) ) {
$current_color = 'fresh';
}
?>
<fieldset id="color-picker" class="scheme-list">
<legend class="screen-reader-text"><span>
<?php
/* translators: Hidden accessibility text. */
_e( 'Admin Color Scheme' );
?>
</span></legend>
<?php
wp_nonce_field( 'save-color-scheme', 'color-nonce', false );
foreach ( $_wp_admin_css_colors as $color => $color_info ) :
?>
<div class="color-option <?php echo ( $color === $current_color ) ? 'selected' : ''; ?>">
<input name="admin_color" id="admin_color_<?php echo esc_attr( $color ); ?>" type="radio" value="<?php echo esc_attr( $color ); ?>" class="tog" <?php checked( $color, $current_color ); ?> />
<input type="hidden" class="css_url" value="<?php echo esc_url( $color_info->url ); ?>" />
<input type="hidden" class="icon_colors" value="<?php echo esc_attr( wp_json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" />
<label for="admin_color_<?php echo esc_attr( $color ); ?>"><?php echo esc_html( $color_info->name ); ?></label>
<div class="color-palette">
<?php
foreach ( $color_info->colors as $html_color ) {
?>
<div class="color-palette-shade" style="background-color: <?php echo esc_attr( $html_color ); ?>">&nbsp;</div>
<?php
}
?>
</div>
</div>
<?php
endforeach;
?>
</fieldset>
<?php
}
/**
*
* @global array $_wp_admin_css_colors
*/
function wp_color_scheme_settings() {
global $_wp_admin_css_colors;
$color_scheme = get_user_option( 'admin_color' );
// It's possible to have a color scheme set that is no longer registered.
if ( empty( $_wp_admin_css_colors[ $color_scheme ] ) ) {
$color_scheme = 'fresh';
}
if ( ! empty( $_wp_admin_css_colors[ $color_scheme ]->icon_colors ) ) {
$icon_colors = $_wp_admin_css_colors[ $color_scheme ]->icon_colors;
} elseif ( ! empty( $_wp_admin_css_colors['fresh']->icon_colors ) ) {
$icon_colors = $_wp_admin_css_colors['fresh']->icon_colors;
} else {
// Fall back to the default set of icon colors if the default scheme is missing.
$icon_colors = array(
'base' => '#a7aaad',
'focus' => '#72aee6',
'current' => '#fff',
);
}
echo '<script type="text/javascript">var _wpColorScheme = ' . wp_json_encode( array( 'icons' => $icon_colors ) ) . ";</script>\n";
}
/**
* Displays the viewport meta in the admin.
*
* @since 5.5.0
*/
function wp_admin_viewport_meta() {
/**
* Filters the viewport meta in the admin.
*
* @since 5.5.0
*
* @param string $viewport_meta The viewport meta.
*/
$viewport_meta = apply_filters( 'admin_viewport_meta', 'width=device-width,initial-scale=1.0' );
if ( empty( $viewport_meta ) ) {
return;
}
echo '<meta name="viewport" content="' . esc_attr( $viewport_meta ) . '">';
}
/**
* Adds viewport meta for mobile in Customizer.
*
* Hooked to the {@see 'admin_viewport_meta'} filter.
*
* @since 5.5.0
*
* @param string $viewport_meta The viewport meta.
* @return string Filtered viewport meta.
*/
function _customizer_mobile_viewport_meta( $viewport_meta ) {
return trim( $viewport_meta, ',' ) . ',minimum-scale=0.5,maximum-scale=1.2';
}
/**
* Checks lock status for posts displayed on the Posts screen.
*
* @since 3.6.0
*
* @param array $response The Heartbeat response.
* @param array $data The $_POST data sent.
* @param string $screen_id The screen ID.
* @return array The Heartbeat response.
*/
function wp_check_locked_posts( $response, $data, $screen_id ) {
$checked = array();
if ( array_key_exists( 'wp-check-locked-posts', $data ) && is_array( $data['wp-check-locked-posts'] ) ) {
foreach ( $data['wp-check-locked-posts'] as $key ) {
$post_id = absint( substr( $key, 5 ) );
if ( ! $post_id ) {
continue;
}
$user_id = wp_check_post_lock( $post_id );
if ( $user_id ) {
$user = get_userdata( $user_id );
if ( $user && current_user_can( 'edit_post', $post_id ) ) {
$send = array(
'name' => $user->display_name,
/* translators: %s: User's display name. */
'text' => sprintf( __( '%s is currently editing' ), $user->display_name ),
);
if ( get_option( 'show_avatars' ) ) {
$send['avatar_src'] = get_avatar_url( $user->ID, array( 'size' => 18 ) );
$send['avatar_src_2x'] = get_avatar_url( $user->ID, array( 'size' => 36 ) );
}
$checked[ $key ] = $send;
}
}
}
}
if ( ! empty( $checked ) ) {
$response['wp-check-locked-posts'] = $checked;
}
return $response;
}
/**
* Checks lock status on the New/Edit Post screen and refresh the lock.
*
* @since 3.6.0
*
* @param array $response The Heartbeat response.
* @param array $data The $_POST data sent.
* @param string $screen_id The screen ID.
* @return array The Heartbeat response.
*/
function wp_refresh_post_lock( $response, $data, $screen_id ) {
if ( array_key_exists( 'wp-refresh-post-lock', $data ) ) {
$received = $data['wp-refresh-post-lock'];
$send = array();
$post_id = absint( $received['post_id'] );
if ( ! $post_id ) {
return $response;
}
if ( ! current_user_can( 'edit_post', $post_id ) ) {
return $response;
}
$user_id = wp_check_post_lock( $post_id );
$user = get_userdata( $user_id );
if ( $user ) {
$error = array(
'name' => $user->display_name,
/* translators: %s: User's display name. */
'text' => sprintf( __( '%s has taken over and is currently editing.' ), $user->display_name ),
);
if ( get_option( 'show_avatars' ) ) {
$error['avatar_src'] = get_avatar_url( $user->ID, array( 'size' => 64 ) );
$error['avatar_src_2x'] = get_avatar_url( $user->ID, array( 'size' => 128 ) );
}
$send['lock_error'] = $error;
} else {
$new_lock = wp_set_post_lock( $post_id );
if ( $new_lock ) {
$send['new_lock'] = implode( ':', $new_lock );
}
}
$response['wp-refresh-post-lock'] = $send;
}
return $response;
}
/**
* Checks nonce expiration on the New/Edit Post screen and refresh if needed.
*
* @since 3.6.0
*
* @param array $response The Heartbeat response.
* @param array $data The $_POST data sent.
* @param string $screen_id The screen ID.
* @return array The Heartbeat response.
*/
function wp_refresh_post_nonces( $response, $data, $screen_id ) {
if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) {
$received = $data['wp-refresh-post-nonces'];
$response['wp-refresh-post-nonces'] = array( 'check' => 1 );
$post_id = absint( $received['post_id'] );
if ( ! $post_id ) {
return $response;
}
if ( ! current_user_can( 'edit_post', $post_id ) ) {
return $response;
}
$response['wp-refresh-post-nonces'] = array(
'replace' => array(
'getpermalinknonce' => wp_create_nonce( 'getpermalink' ),
'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
'_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
'_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
),
);
}
return $response;
}
/**
* Refresh nonces used with meta boxes in the block editor.
*
* @since 6.1.0
*
* @param array $response The Heartbeat response.
* @param array $data The $_POST data sent.
* @return array The Heartbeat response.
*/
function wp_refresh_metabox_loader_nonces( $response, $data ) {
if ( empty( $data['wp-refresh-metabox-loader-nonces'] ) ) {
return $response;
}
$received = $data['wp-refresh-metabox-loader-nonces'];
$post_id = (int) $received['post_id'];
if ( ! $post_id ) {
return $response;
}
if ( ! current_user_can( 'edit_post', $post_id ) ) {
return $response;
}
$response['wp-refresh-metabox-loader-nonces'] = array(
'replace' => array(
'metabox_loader_nonce' => wp_create_nonce( 'meta-box-loader' ),
'_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
),
);
return $response;
}
/**
* Adds the latest Heartbeat and REST API nonce to the Heartbeat response.
*
* @since 5.0.0
*
* @param array $response The Heartbeat response.
* @return array The Heartbeat response.
*/
function wp_refresh_heartbeat_nonces( $response ) {
// Refresh the Rest API nonce.
$response['rest_nonce'] = wp_create_nonce( 'wp_rest' );
// Refresh the Heartbeat nonce.
$response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' );
return $response;
}
/**
* Disables suspension of Heartbeat on the Add/Edit Post screens.
*
* @since 3.8.0
*
* @global string $pagenow The filename of the current screen.
*
* @param array $settings An array of Heartbeat settings.
* @return array Filtered Heartbeat settings.
*/
function wp_heartbeat_set_suspension( $settings ) {
global $pagenow;
if ( 'post.php' === $pagenow || 'post-new.php' === $pagenow ) {
$settings['suspension'] = 'disable';
}
return $settings;
}
/**
* Performs autosave with heartbeat.
*
* @since 3.9.0
*
* @param array $response The Heartbeat response.
* @param array $data The $_POST data sent.
* @return array The Heartbeat response.
*/
function heartbeat_autosave( $response, $data ) {
if ( ! empty( $data['wp_autosave'] ) ) {
$saved = wp_autosave( $data['wp_autosave'] );
if ( is_wp_error( $saved ) ) {
$response['wp_autosave'] = array(
'success' => false,
'message' => $saved->get_error_message(),
);
} elseif ( empty( $saved ) ) {
$response['wp_autosave'] = array(
'success' => false,
'message' => __( 'Error while saving.' ),
);
} else {
/* translators: Draft saved date format, see https://www.php.net/manual/datetime.format.php */
$draft_saved_date_format = __( 'g:i:s a' );
$response['wp_autosave'] = array(
'success' => true,
/* translators: %s: Date and time. */
'message' => sprintf( __( 'Draft saved at %s.' ), date_i18n( $draft_saved_date_format ) ),
);
}
}
return $response;
}
/**
* Removes single-use URL parameters and create canonical link based on new URL.
*
* Removes specific query string parameters from a URL, create the canonical link,
* put it in the admin header, and change the current URL to match.
*
* @since 4.2.0
*/
function wp_admin_canonical_url() {
$removable_query_args = wp_removable_query_args();
if ( empty( $removable_query_args ) ) {
return;
}
// Ensure we're using an absolute URL.
$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
$filtered_url = remove_query_arg( $removable_query_args, $current_url );
/**
* Filters the admin canonical URL value.
*
* @since 6.5.0
*
* @param string $filtered_url The admin canonical URL value.
*/
$filtered_url = apply_filters( 'wp_admin_canonical_url', $filtered_url );
?>
<link id="wp-admin-canonical" rel="canonical" href="<?php echo esc_url( $filtered_url ); ?>" />
<script>
if ( window.history.replaceState ) {
window.history.replaceState( null, null, document.getElementById( 'wp-admin-canonical' ).href + window.location.hash );
}
</script>
<?php
}
/**
* Sends a referrer policy header so referrers are not sent externally from administration screens.
*
* @since 4.9.0
*/
function wp_admin_headers() {
$policy = 'strict-origin-when-cross-origin';
/**
* Filters the admin referrer policy header value.
*
* @since 4.9.0
* @since 4.9.5 The default value was changed to 'strict-origin-when-cross-origin'.
*
* @link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
*
* @param string $policy The admin referrer policy header value. Default 'strict-origin-when-cross-origin'.
*/
$policy = apply_filters( 'admin_referrer_policy', $policy );
header( sprintf( 'Referrer-Policy: %s', $policy ) );
}
/**
* Outputs JS that reloads the page if the user navigated to it with the Back or Forward button.
*
* Used on the Edit Post and Add New Post screens. Needed to ensure the page is not loaded from browser cache,
* so the post title and editor content are the last saved versions. Ideally this script should run first in the head.
*
* @since 4.6.0
*/
function wp_page_reload_on_back_button_js() {
?>
<script>
if ( typeof performance !== 'undefined' && performance.navigation && performance.navigation.type === 2 ) {
document.location.reload( true );
}
</script>
<?php
}
/**
* Sends a confirmation request email when a change of site admin email address is attempted.
*
* The new site admin address will not become active until confirmed.
*
* @since 3.0.0
* @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific.
*
* @param string $old_value The old site admin email address.
* @param string $value The proposed new site admin email address.
*/
function update_option_new_admin_email( $old_value, $value ) {
if ( get_option( 'admin_email' ) === $value || ! is_email( $value ) ) {
return;
}
$hash = md5( $value . time() . wp_rand() );
$new_admin_email = array(
'hash' => $hash,
'newemail' => $value,
);
Options, Meta APIs: Explicitly pass `$autoload` parameter to when potentially adding new options. It is recommended that for every option it is explicitly set whether to autoload it or not. This changeset updates relevant `update_option()` and `add_option()` calls. Note that the `$autoload` parameter is only needed for `update_option()` if the option is potentially not present yet, i.e. the call will pass through to `add_option()`. Since WordPress core adds the majority of its options to the database during installation, only `update_option()` calls for dynamically added options need to be modified, which is what this changeset does. As part of revisiting the autoload values for dynamically added WordPress core options, this changeset modifies some options to no longer be autoloaded, since they are only accessed in a few specific places that are not relevant for a regular request. These options are: * `recently_activated` * `_wp_suggested_policy_text_has_changed` * `{upgradeLock}.lock` * `dashboard_widget_options` * `ftp_credentials` * `adminhash` * `nav_menu_options` * `wp_force_deactivated_plugins` * `delete_blog_hash` * `allowedthemes` * `{sessionId}_paused_extensions` * `recovery_keys` * `https_detection_errors` * `fresh_site` An upgrade routine is present as well that sets those options to no longer autoload for existing sites. Props pbearne, flixos90, mukesh27, swissspidy, SergeyBiryukov, joemcgill, adamsilverstein. Fixes #61103. Built from https://develop.svn.wordpress.org/trunk@58975 git-svn-id: http://core.svn.wordpress.org/trunk@58371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-03 14:19:14 -04:00
update_option( 'adminhash', $new_admin_email, false );
$switched_locale = switch_to_user_locale( get_current_user_id() );
/* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_text = __(
'Howdy ###USERNAME###,
Someone with administrator capabilities recently requested to have the
administration email address changed on this site:
###SITEURL###
To confirm this change, please click on the following link:
###ADMIN_URL###
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###'
);
/**
* Filters the text of the email sent when a change of site admin email address is attempted.
*
* The following strings have a special meaning and will get replaced dynamically:
* - ###USERNAME### The current user's username.
* - ###ADMIN_URL### The link to click on to confirm the email change.
* - ###EMAIL### The proposed new site admin email address.
* - ###SITENAME### The name of the site.
* - ###SITEURL### The URL to the site.
*
* @since MU (3.0.0)
* @since 4.9.0 This filter is no longer Multisite specific.
*
* @param string $email_text Text in the email.
* @param array $new_admin_email {
* Data relating to the new site admin email address.
*
* @type string $hash The secure hash used in the confirmation link URL.
* @type string $newemail The proposed new site admin email address.
* }
*/
$content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email );
$current_user = wp_get_current_user();
$content = str_replace( '###USERNAME###', $current_user->user_login, $content );
$content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash=' . $hash ) ), $content );
$content = str_replace( '###EMAIL###', $value, $content );
$content = str_replace( '###SITENAME###', wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), $content );
$content = str_replace( '###SITEURL###', home_url(), $content );
if ( '' !== get_option( 'blogname' ) ) {
$site_title = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
} else {
$site_title = parse_url( home_url(), PHP_URL_HOST );
}
$subject = sprintf(
/* translators: New admin email address notification email subject. %s: Site title. */
__( '[%s] New Admin Email Address' ),
$site_title
);
/**
* Filters the subject of the email sent when a change of site admin email address is attempted.
*
* @since 6.5.0
*
* @param string $subject Subject of the email.
*/
$subject = apply_filters( 'new_admin_email_subject', $subject );
wp_mail( $value, $subject, $content );
if ( $switched_locale ) {
restore_previous_locale();
}
}
/**
* Appends '(Draft)' to draft page titles in the privacy page dropdown
* so that unpublished content is obvious.
*
* @since 4.9.8
* @access private
*
* @param string $title Page title.
* @param WP_Post $page Page data object.
* @return string Page title.
*/
function _wp_privacy_settings_filter_draft_page_titles( $title, $page ) {
if ( 'draft' === $page->post_status && 'privacy' === get_current_screen()->id ) {
/* translators: %s: Page title. */
$title = sprintf( __( '%s (Draft)' ), $title );
}
return $title;
}
/**
* Checks if the user needs to update PHP.
*
* @since 5.1.0
* @since 5.1.1 Added the {@see 'wp_is_php_version_acceptable'} filter.
*
* @return array|false {
* Array of PHP version data. False on failure.
*
* @type string $recommended_version The PHP version recommended by WordPress.
* @type string $minimum_version The minimum required PHP version.
* @type bool $is_supported Whether the PHP version is actively supported.
* @type bool $is_secure Whether the PHP version receives security updates.
* @type bool $is_acceptable Whether the PHP version is still acceptable or warnings
* should be shown and an update recommended.
* }
*/
function wp_check_php_version() {
$version = PHP_VERSION;
$key = md5( $version );
$response = get_site_transient( 'php_check_' . $key );
if ( false === $response ) {
$url = 'http://api.wordpress.org/core/serve-happy/1.0/';
if ( wp_http_supports( array( 'ssl' ) ) ) {
$url = set_url_scheme( $url, 'https' );
}
$url = add_query_arg( 'php_version', $version, $url );
$response = wp_remote_get( $url );
if ( is_wp_error( $response ) || 200 !== wp_remote_retrieve_response_code( $response ) ) {
return false;
}
$response = json_decode( wp_remote_retrieve_body( $response ), true );
if ( ! is_array( $response ) ) {
return false;
}
set_site_transient( 'php_check_' . $key, $response, WEEK_IN_SECONDS );
}
if ( isset( $response['is_acceptable'] ) && $response['is_acceptable'] ) {
/**
* Filters whether the active PHP version is considered acceptable by WordPress.
*
* Returning false will trigger a PHP version warning to show up in the admin dashboard to administrators.
*
* This filter is only run if the wordpress.org Serve Happy API considers the PHP version acceptable, ensuring
* that this filter can only make this check stricter, but not loosen it.
*
* @since 5.1.1
*
* @param bool $is_acceptable Whether the PHP version is considered acceptable. Default true.
* @param string $version PHP version checked.
*/
$response['is_acceptable'] = (bool) apply_filters( 'wp_is_php_version_acceptable', true, $version );
}
$response['is_lower_than_future_minimum'] = false;
// The minimum supported PHP version will be updated to 7.4 in the future. Check if the current version is lower.
if ( version_compare( $version, '7.4', '<' ) ) {
$response['is_lower_than_future_minimum'] = true;
// Force showing of warnings.
$response['is_acceptable'] = false;
}
return $response;
}