2140 lines
66 KiB
PHP
2140 lines
66 KiB
PHP
<?php
|
|
/**
|
|
* Main Wordpress Formatting API.
|
|
*
|
|
* Handles many functions for formatting output.
|
|
*
|
|
* @package WordPress
|
|
**/
|
|
|
|
/**
|
|
* Replaces common plain text characters into formatted entities
|
|
*
|
|
* As an example,
|
|
* <code>
|
|
* 'cause today's effort makes it worth tomorrow's "holiday"...
|
|
* </code>
|
|
* Becomes:
|
|
* <code>
|
|
* ’cause today’s effort makes it worth tomorrow’s “holiday”…
|
|
* </code>
|
|
* Code within certain html blocks are skipped.
|
|
*
|
|
* @since 0.71
|
|
* @uses $wp_cockneyreplace Array of formatted entities for certain common phrases
|
|
*
|
|
* @param string $text The text to be formatted
|
|
* @return string The string replaced with html entities
|
|
*/
|
|
function wptexturize($text) {
|
|
global $wp_cockneyreplace;
|
|
$next = true;
|
|
$has_pre_parent = false;
|
|
$output = '';
|
|
$curl = '';
|
|
$textarr = preg_split('/(<.*>|\[.*\])/Us', $text, -1, PREG_SPLIT_DELIM_CAPTURE);
|
|
$stop = count($textarr);
|
|
|
|
// if a plugin has provided an autocorrect array, use it
|
|
if ( isset($wp_cockneyreplace) ) {
|
|
$cockney = array_keys($wp_cockneyreplace);
|
|
$cockneyreplace = array_values($wp_cockneyreplace);
|
|
} else {
|
|
$cockney = array("'tain't","'twere","'twas","'tis","'twill","'til","'bout","'nuff","'round","'cause");
|
|
$cockneyreplace = array("’tain’t","’twere","’twas","’tis","’twill","’til","’bout","’nuff","’round","’cause");
|
|
}
|
|
|
|
$static_characters = array_merge(array('---', ' -- ', '--', 'xn–', '...', '``', '\'s', '\'\'', ' (tm)'), $cockney);
|
|
$static_replacements = array_merge(array('—', ' — ', '–', 'xn--', '…', '“', '’s', '”', ' ™'), $cockneyreplace);
|
|
|
|
$dynamic_characters = array('/\'(\d\d(?:’|\')?s)/', '/(\s|\A|")\'/', '/(\d+)"/', '/(\d+)\'/', '/(\S)\'([^\'\s])/', '/(\s|\A)"(?!\s)/', '/"(\s|\S|\Z)/', '/\'([\s.]|\Z)/', '/(\d+)x(\d+)/');
|
|
$dynamic_replacements = array('’$1','$1‘', '$1″', '$1′', '$1’$2', '$1“$2', '”$1', '’$1', '$1×$2');
|
|
|
|
for ( $i = 0; $i < $stop; $i++ ) {
|
|
$curl = $textarr[$i];
|
|
|
|
if ( !empty($curl) && '<' != $curl{0} && '[' != $curl{0} && $next && !$has_pre_parent) { // If it's not a tag
|
|
// static strings
|
|
$curl = str_replace($static_characters, $static_replacements, $curl);
|
|
// regular expressions
|
|
$curl = preg_replace($dynamic_characters, $dynamic_replacements, $curl);
|
|
} elseif (strpos($curl, '<code') !== false || strpos($curl, '<kbd') !== false || strpos($curl, '<style') !== false || strpos($curl, '<script') !== false) {
|
|
$next = false;
|
|
} elseif (strpos($curl, '<pre') !== false) {
|
|
$has_pre_parent = true;
|
|
} elseif (strpos($curl, '</pre>') !== false) {
|
|
$has_pre_parent = false;
|
|
} else {
|
|
$next = true;
|
|
}
|
|
|
|
$curl = preg_replace('/&([^#])(?![a-zA-Z1-4]{1,8};)/', '&$1', $curl);
|
|
$output .= $curl;
|
|
}
|
|
|
|
return $output;
|
|
}
|
|
|
|
/**
|
|
* Accepts matches array from preg_replace_callback in wpautop() or a string.
|
|
*
|
|
* Ensures that the contents of a <<pre>>...<</pre>> HTML block are not
|
|
* converted into paragraphs or line-breaks.
|
|
*
|
|
* @since 1.2.0
|
|
*
|
|
* @param array|string $matches The array or string
|
|
* @return string The pre block without paragraph/line-break conversion.
|
|
*/
|
|
function clean_pre($matches) {
|
|
if ( is_array($matches) )
|
|
$text = $matches[1] . $matches[2] . "</pre>";
|
|
else
|
|
$text = $matches;
|
|
|
|
$text = str_replace('<br />', '', $text);
|
|
$text = str_replace('<p>', "\n", $text);
|
|
$text = str_replace('</p>', '', $text);
|
|
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Replaces double line-breaks with paragraph elements.
|
|
*
|
|
* A group of regex replaces used to identify text formatted with newlines and
|
|
* replace double line-breaks with HTML paragraph tags. The remaining
|
|
* line-breaks after conversion become <<br />> tags, unless $br is set to '0'
|
|
* or 'false'.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $pee The text which has to be formatted.
|
|
* @param int|bool $br Optional. If set, this will convert all remaining line-breaks after paragraphing. Default true.
|
|
* @return string Text which has been converted into correct paragraph tags.
|
|
*/
|
|
function wpautop($pee, $br = 1) {
|
|
$pee = $pee . "\n"; // just to make things a little easier, pad the end
|
|
$pee = preg_replace('|<br />\s*<br />|', "\n\n", $pee);
|
|
// Space things out a little
|
|
$allblocks = '(?:table|thead|tfoot|caption|colgroup|tbody|tr|td|th|div|dl|dd|dt|ul|ol|li|pre|select|form|map|area|blockquote|address|math|style|input|p|h[1-6]|hr)';
|
|
$pee = preg_replace('!(<' . $allblocks . '[^>]*>)!', "\n$1", $pee);
|
|
$pee = preg_replace('!(</' . $allblocks . '>)!', "$1\n\n", $pee);
|
|
$pee = str_replace(array("\r\n", "\r"), "\n", $pee); // cross-platform newlines
|
|
if ( strpos($pee, '<object') !== false ) {
|
|
$pee = preg_replace('|\s*<param([^>]*)>\s*|', "<param$1>", $pee); // no pee inside object/embed
|
|
$pee = preg_replace('|\s*</embed>\s*|', '</embed>', $pee);
|
|
}
|
|
$pee = preg_replace("/\n\n+/", "\n\n", $pee); // take care of duplicates
|
|
$pee = preg_replace('/\n?(.+?)(?:\n\s*\n|\z)/s', "<p>$1</p>\n", $pee); // make paragraphs, including one at the end
|
|
$pee = preg_replace('|<p>\s*?</p>|', '', $pee); // under certain strange conditions it could create a P of entirely whitespace
|
|
$pee = preg_replace('!<p>([^<]+)\s*?(</(?:div|address|form)[^>]*>)!', "<p>$1</p>$2", $pee);
|
|
$pee = preg_replace( '|<p>|', "$1<p>", $pee );
|
|
$pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee); // don't pee all over a tag
|
|
$pee = preg_replace("|<p>(<li.+?)</p>|", "$1", $pee); // problem with nested lists
|
|
$pee = preg_replace('|<p><blockquote([^>]*)>|i', "<blockquote$1><p>", $pee);
|
|
$pee = str_replace('</blockquote></p>', '</p></blockquote>', $pee);
|
|
$pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)!', "$1", $pee);
|
|
$pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee);
|
|
if ($br) {
|
|
$pee = preg_replace_callback('/<(script|style).*?<\/\\1>/s', create_function('$matches', 'return str_replace("\n", "<WPPreserveNewline />", $matches[0]);'), $pee);
|
|
$pee = preg_replace('|(?<!<br />)\s*\n|', "<br />\n", $pee); // optionally make line breaks
|
|
$pee = str_replace('<WPPreserveNewline />', "\n", $pee);
|
|
}
|
|
$pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*<br />!', "$1", $pee);
|
|
$pee = preg_replace('!<br />(\s*</?(?:p|li|div|dl|dd|dt|th|pre|td|ul|ol)[^>]*>)!', '$1', $pee);
|
|
if (strpos($pee, '<pre') !== false)
|
|
$pee = preg_replace_callback('!(<pre.*?>)(.*?)</pre>!is', 'clean_pre', $pee );
|
|
$pee = preg_replace( "|\n</p>$|", '</p>', $pee );
|
|
$pee = preg_replace('/<p>\s*?(' . get_shortcode_regex() . ')\s*<\/p>/s', '$1', $pee); // don't auto-p wrap shortcodes that stand alone
|
|
|
|
return $pee;
|
|
}
|
|
|
|
/**
|
|
* Checks to see if a string is utf8 encoded.
|
|
*
|
|
* @author bmorel at ssi dot fr
|
|
*
|
|
* @since 1.2.1
|
|
*
|
|
* @param string $Str The string to be checked
|
|
* @return bool True if $Str fits a UTF-8 model, false otherwise.
|
|
*/
|
|
function seems_utf8($Str) { # by bmorel at ssi dot fr
|
|
$length = strlen($Str);
|
|
for ($i=0; $i < $length; $i++) {
|
|
if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
|
|
elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
|
|
elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
|
|
elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
|
|
elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
|
|
elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
|
|
else return false; # Does not match any model
|
|
for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
|
|
if ((++$i == $length) || ((ord($Str[$i]) & 0xC0) != 0x80))
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Converts a number of special characters into their HTML entities.
|
|
*
|
|
* Differs from htmlspecialchars as existing HTML entities will not be encoded.
|
|
* Specifically changes: & to &, < to < and > to >.
|
|
*
|
|
* $quotes can be set to 'single' to encode ' to ', 'double' to encode " to
|
|
* ", or '1' to do both. Default is 0 where no quotes are encoded.
|
|
*
|
|
* @since 1.2.2
|
|
*
|
|
* @param string $text The text which is to be encoded.
|
|
* @param mixed $quotes Optional. Converts single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default 0.
|
|
* @return string The encoded text with HTML entities.
|
|
*/
|
|
function wp_specialchars( $text, $quotes = 0 ) {
|
|
// Like htmlspecialchars except don't double-encode HTML entities
|
|
$text = str_replace('&&', '&&', $text);
|
|
$text = str_replace('&&', '&&', $text);
|
|
$text = preg_replace('/&(?:$|([^#])(?![a-z1-4]{1,8};))/', '&$1', $text);
|
|
$text = str_replace('<', '<', $text);
|
|
$text = str_replace('>', '>', $text);
|
|
if ( 'double' === $quotes ) {
|
|
$text = str_replace('"', '"', $text);
|
|
} elseif ( 'single' === $quotes ) {
|
|
$text = str_replace("'", ''', $text);
|
|
} elseif ( $quotes ) {
|
|
$text = str_replace('"', '"', $text);
|
|
$text = str_replace("'", ''', $text);
|
|
}
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Encode the Unicode values to be used in the URI.
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $utf8_string
|
|
* @param int $length Max length of the string
|
|
* @return string String with Unicode encoded for URI.
|
|
*/
|
|
function utf8_uri_encode( $utf8_string, $length = 0 ) {
|
|
$unicode = '';
|
|
$values = array();
|
|
$num_octets = 1;
|
|
$unicode_length = 0;
|
|
|
|
$string_length = strlen( $utf8_string );
|
|
for ($i = 0; $i < $string_length; $i++ ) {
|
|
|
|
$value = ord( $utf8_string[ $i ] );
|
|
|
|
if ( $value < 128 ) {
|
|
if ( $length && ( $unicode_length >= $length ) )
|
|
break;
|
|
$unicode .= chr($value);
|
|
$unicode_length++;
|
|
} else {
|
|
if ( count( $values ) == 0 ) $num_octets = ( $value < 224 ) ? 2 : 3;
|
|
|
|
$values[] = $value;
|
|
|
|
if ( $length && ( $unicode_length + ($num_octets * 3) ) > $length )
|
|
break;
|
|
if ( count( $values ) == $num_octets ) {
|
|
if ($num_octets == 3) {
|
|
$unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]) . '%' . dechex($values[2]);
|
|
$unicode_length += 9;
|
|
} else {
|
|
$unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]);
|
|
$unicode_length += 6;
|
|
}
|
|
|
|
$values = array();
|
|
$num_octets = 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
return $unicode;
|
|
}
|
|
|
|
/**
|
|
* Converts all accent characters to ASCII characters.
|
|
*
|
|
* If there are no accent characters, then the string given is just returned.
|
|
*
|
|
* @since 1.2.1
|
|
*
|
|
* @param string $string Text that might have accent characters
|
|
* @return string Filtered string with replaced "nice" characters.
|
|
*/
|
|
function remove_accents($string) {
|
|
if ( !preg_match('/[\x80-\xff]/', $string) )
|
|
return $string;
|
|
|
|
if (seems_utf8($string)) {
|
|
$chars = array(
|
|
// Decompositions for Latin-1 Supplement
|
|
chr(195).chr(128) => 'A', chr(195).chr(129) => 'A',
|
|
chr(195).chr(130) => 'A', chr(195).chr(131) => 'A',
|
|
chr(195).chr(132) => 'A', chr(195).chr(133) => 'A',
|
|
chr(195).chr(135) => 'C', chr(195).chr(136) => 'E',
|
|
chr(195).chr(137) => 'E', chr(195).chr(138) => 'E',
|
|
chr(195).chr(139) => 'E', chr(195).chr(140) => 'I',
|
|
chr(195).chr(141) => 'I', chr(195).chr(142) => 'I',
|
|
chr(195).chr(143) => 'I', chr(195).chr(145) => 'N',
|
|
chr(195).chr(146) => 'O', chr(195).chr(147) => 'O',
|
|
chr(195).chr(148) => 'O', chr(195).chr(149) => 'O',
|
|
chr(195).chr(150) => 'O', chr(195).chr(153) => 'U',
|
|
chr(195).chr(154) => 'U', chr(195).chr(155) => 'U',
|
|
chr(195).chr(156) => 'U', chr(195).chr(157) => 'Y',
|
|
chr(195).chr(159) => 's', chr(195).chr(160) => 'a',
|
|
chr(195).chr(161) => 'a', chr(195).chr(162) => 'a',
|
|
chr(195).chr(163) => 'a', chr(195).chr(164) => 'a',
|
|
chr(195).chr(165) => 'a', chr(195).chr(167) => 'c',
|
|
chr(195).chr(168) => 'e', chr(195).chr(169) => 'e',
|
|
chr(195).chr(170) => 'e', chr(195).chr(171) => 'e',
|
|
chr(195).chr(172) => 'i', chr(195).chr(173) => 'i',
|
|
chr(195).chr(174) => 'i', chr(195).chr(175) => 'i',
|
|
chr(195).chr(177) => 'n', chr(195).chr(178) => 'o',
|
|
chr(195).chr(179) => 'o', chr(195).chr(180) => 'o',
|
|
chr(195).chr(181) => 'o', chr(195).chr(182) => 'o',
|
|
chr(195).chr(182) => 'o', chr(195).chr(185) => 'u',
|
|
chr(195).chr(186) => 'u', chr(195).chr(187) => 'u',
|
|
chr(195).chr(188) => 'u', chr(195).chr(189) => 'y',
|
|
chr(195).chr(191) => 'y',
|
|
// Decompositions for Latin Extended-A
|
|
chr(196).chr(128) => 'A', chr(196).chr(129) => 'a',
|
|
chr(196).chr(130) => 'A', chr(196).chr(131) => 'a',
|
|
chr(196).chr(132) => 'A', chr(196).chr(133) => 'a',
|
|
chr(196).chr(134) => 'C', chr(196).chr(135) => 'c',
|
|
chr(196).chr(136) => 'C', chr(196).chr(137) => 'c',
|
|
chr(196).chr(138) => 'C', chr(196).chr(139) => 'c',
|
|
chr(196).chr(140) => 'C', chr(196).chr(141) => 'c',
|
|
chr(196).chr(142) => 'D', chr(196).chr(143) => 'd',
|
|
chr(196).chr(144) => 'D', chr(196).chr(145) => 'd',
|
|
chr(196).chr(146) => 'E', chr(196).chr(147) => 'e',
|
|
chr(196).chr(148) => 'E', chr(196).chr(149) => 'e',
|
|
chr(196).chr(150) => 'E', chr(196).chr(151) => 'e',
|
|
chr(196).chr(152) => 'E', chr(196).chr(153) => 'e',
|
|
chr(196).chr(154) => 'E', chr(196).chr(155) => 'e',
|
|
chr(196).chr(156) => 'G', chr(196).chr(157) => 'g',
|
|
chr(196).chr(158) => 'G', chr(196).chr(159) => 'g',
|
|
chr(196).chr(160) => 'G', chr(196).chr(161) => 'g',
|
|
chr(196).chr(162) => 'G', chr(196).chr(163) => 'g',
|
|
chr(196).chr(164) => 'H', chr(196).chr(165) => 'h',
|
|
chr(196).chr(166) => 'H', chr(196).chr(167) => 'h',
|
|
chr(196).chr(168) => 'I', chr(196).chr(169) => 'i',
|
|
chr(196).chr(170) => 'I', chr(196).chr(171) => 'i',
|
|
chr(196).chr(172) => 'I', chr(196).chr(173) => 'i',
|
|
chr(196).chr(174) => 'I', chr(196).chr(175) => 'i',
|
|
chr(196).chr(176) => 'I', chr(196).chr(177) => 'i',
|
|
chr(196).chr(178) => 'IJ',chr(196).chr(179) => 'ij',
|
|
chr(196).chr(180) => 'J', chr(196).chr(181) => 'j',
|
|
chr(196).chr(182) => 'K', chr(196).chr(183) => 'k',
|
|
chr(196).chr(184) => 'k', chr(196).chr(185) => 'L',
|
|
chr(196).chr(186) => 'l', chr(196).chr(187) => 'L',
|
|
chr(196).chr(188) => 'l', chr(196).chr(189) => 'L',
|
|
chr(196).chr(190) => 'l', chr(196).chr(191) => 'L',
|
|
chr(197).chr(128) => 'l', chr(197).chr(129) => 'L',
|
|
chr(197).chr(130) => 'l', chr(197).chr(131) => 'N',
|
|
chr(197).chr(132) => 'n', chr(197).chr(133) => 'N',
|
|
chr(197).chr(134) => 'n', chr(197).chr(135) => 'N',
|
|
chr(197).chr(136) => 'n', chr(197).chr(137) => 'N',
|
|
chr(197).chr(138) => 'n', chr(197).chr(139) => 'N',
|
|
chr(197).chr(140) => 'O', chr(197).chr(141) => 'o',
|
|
chr(197).chr(142) => 'O', chr(197).chr(143) => 'o',
|
|
chr(197).chr(144) => 'O', chr(197).chr(145) => 'o',
|
|
chr(197).chr(146) => 'OE',chr(197).chr(147) => 'oe',
|
|
chr(197).chr(148) => 'R',chr(197).chr(149) => 'r',
|
|
chr(197).chr(150) => 'R',chr(197).chr(151) => 'r',
|
|
chr(197).chr(152) => 'R',chr(197).chr(153) => 'r',
|
|
chr(197).chr(154) => 'S',chr(197).chr(155) => 's',
|
|
chr(197).chr(156) => 'S',chr(197).chr(157) => 's',
|
|
chr(197).chr(158) => 'S',chr(197).chr(159) => 's',
|
|
chr(197).chr(160) => 'S', chr(197).chr(161) => 's',
|
|
chr(197).chr(162) => 'T', chr(197).chr(163) => 't',
|
|
chr(197).chr(164) => 'T', chr(197).chr(165) => 't',
|
|
chr(197).chr(166) => 'T', chr(197).chr(167) => 't',
|
|
chr(197).chr(168) => 'U', chr(197).chr(169) => 'u',
|
|
chr(197).chr(170) => 'U', chr(197).chr(171) => 'u',
|
|
chr(197).chr(172) => 'U', chr(197).chr(173) => 'u',
|
|
chr(197).chr(174) => 'U', chr(197).chr(175) => 'u',
|
|
chr(197).chr(176) => 'U', chr(197).chr(177) => 'u',
|
|
chr(197).chr(178) => 'U', chr(197).chr(179) => 'u',
|
|
chr(197).chr(180) => 'W', chr(197).chr(181) => 'w',
|
|
chr(197).chr(182) => 'Y', chr(197).chr(183) => 'y',
|
|
chr(197).chr(184) => 'Y', chr(197).chr(185) => 'Z',
|
|
chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z',
|
|
chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z',
|
|
chr(197).chr(190) => 'z', chr(197).chr(191) => 's',
|
|
// Euro Sign
|
|
chr(226).chr(130).chr(172) => 'E',
|
|
// GBP (Pound) Sign
|
|
chr(194).chr(163) => '');
|
|
|
|
$string = strtr($string, $chars);
|
|
} else {
|
|
// Assume ISO-8859-1 if not UTF-8
|
|
$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
|
|
.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
|
|
.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
|
|
.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
|
|
.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
|
|
.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
|
|
.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
|
|
.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
|
|
.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
|
|
.chr(252).chr(253).chr(255);
|
|
|
|
$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
|
|
|
|
$string = strtr($string, $chars['in'], $chars['out']);
|
|
$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
|
|
$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
|
|
$string = str_replace($double_chars['in'], $double_chars['out'], $string);
|
|
}
|
|
|
|
return $string;
|
|
}
|
|
|
|
/**
|
|
* Filters certain characters from the file name.
|
|
*
|
|
* Turns all strings to lowercase removing most characters except alphanumeric
|
|
* with spaces, dashes and periods. All spaces and underscores are converted to
|
|
* dashes. Multiple dashes are converted to a single dash. Finally, if the file
|
|
* name ends with a dash, it is removed.
|
|
*
|
|
* @since 2.1.0
|
|
*
|
|
* @param string $name The file name
|
|
* @return string Sanitized file name
|
|
*/
|
|
function sanitize_file_name( $name ) { // Like sanitize_title, but with periods
|
|
$name = strtolower( $name );
|
|
$name = preg_replace('/&.+?;/', '', $name); // kill entities
|
|
$name = str_replace( '_', '-', $name );
|
|
$name = preg_replace('/[^a-z0-9\s-.]/', '', $name);
|
|
$name = preg_replace('/\s+/', '-', $name);
|
|
$name = preg_replace('|-+|', '-', $name);
|
|
$name = trim($name, '-');
|
|
return $name;
|
|
}
|
|
|
|
/**
|
|
* Sanitize username stripping out unsafe characters.
|
|
*
|
|
* If $strict is true, only alphanumeric characters (as well as _, space, ., -,
|
|
* @) are returned.
|
|
* Removes tags, octets, entities, and if strict is enabled, will remove all
|
|
* non-ASCII characters. After sanitizing, it passes the username, raw username
|
|
* (the username in the parameter), and the strict parameter as parameters for
|
|
* the filter.
|
|
*
|
|
* @since 2.0.0
|
|
* @uses apply_filters() Calls 'sanitize_user' hook on username, raw username,
|
|
* and $strict parameter.
|
|
*
|
|
* @param string $username The username to be sanitized.
|
|
* @param bool $strict If set limits $username to specific characters. Default false.
|
|
* @return string The sanitized username, after passing through filters.
|
|
*/
|
|
function sanitize_user( $username, $strict = false ) {
|
|
$raw_username = $username;
|
|
$username = strip_tags($username);
|
|
// Kill octets
|
|
$username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
|
|
$username = preg_replace('/&.+?;/', '', $username); // Kill entities
|
|
|
|
// If strict, reduce to ASCII for max portability.
|
|
if ( $strict )
|
|
$username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
|
|
|
|
// Consolidate contiguous whitespace
|
|
$username = preg_replace('|\s+|', ' ', $username);
|
|
|
|
return apply_filters('sanitize_user', $username, $raw_username, $strict);
|
|
}
|
|
|
|
/**
|
|
* Sanitizes title or use fallback title.
|
|
*
|
|
* Specifically, HTML and PHP tags are stripped. Further actions can be added
|
|
* via the plugin API. If $title is empty and $fallback_title is set, the latter
|
|
* will be used.
|
|
*
|
|
* @since 1.0.0
|
|
*
|
|
* @param string $title The string to be sanitized.
|
|
* @param string $fallback_title Optional. A title to use if $title is empty.
|
|
* @return string The sanitized string.
|
|
*/
|
|
function sanitize_title($title, $fallback_title = '') {
|
|
$title = strip_tags($title);
|
|
$title = apply_filters('sanitize_title', $title);
|
|
|
|
if ( '' === $title || false === $title )
|
|
$title = $fallback_title;
|
|
|
|
return $title;
|
|
}
|
|
|
|
/**
|
|
* Sanitizes title, replacing whitespace with dashes.
|
|
*
|
|
* Limits the output to alphanumeric characters, underscore (_) and dash (-).
|
|
* Whitespace becomes a dash.
|
|
*
|
|
* @since 1.2.0
|
|
*
|
|
* @param string $title The title to be sanitized.
|
|
* @return string The sanitized title.
|
|
*/
|
|
function sanitize_title_with_dashes($title) {
|
|
$title = strip_tags($title);
|
|
// Preserve escaped octets.
|
|
$title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title);
|
|
// Remove percent signs that are not part of an octet.
|
|
$title = str_replace('%', '', $title);
|
|
// Restore octets.
|
|
$title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title);
|
|
|
|
$title = remove_accents($title);
|
|
if (seems_utf8($title)) {
|
|
if (function_exists('mb_strtolower')) {
|
|
$title = mb_strtolower($title, 'UTF-8');
|
|
}
|
|
$title = utf8_uri_encode($title, 200);
|
|
}
|
|
|
|
$title = strtolower($title);
|
|
$title = preg_replace('/&.+?;/', '', $title); // kill entities
|
|
$title = preg_replace('/[^%a-z0-9 _-]/', '', $title);
|
|
$title = preg_replace('/\s+/', '-', $title);
|
|
$title = preg_replace('|-+|', '-', $title);
|
|
$title = trim($title, '-');
|
|
|
|
return $title;
|
|
}
|
|
|
|
/**
|
|
* Ensures a string is a valid SQL order by clause.
|
|
*
|
|
* Accepts one or more columns, with or without ASC/DESC, and also accepts
|
|
* RAND().
|
|
*
|
|
* @since 2.5.1
|
|
*
|
|
* @param string $orderby Order by string to be checked.
|
|
* @return string|false Returns the order by clause if it is a match, false otherwise.
|
|
*/
|
|
function sanitize_sql_orderby( $orderby ){
|
|
preg_match('/^\s*([a-z0-9_]+(\s+(ASC|DESC))?(\s*,\s*|\s*$))+|^\s*RAND\(\s*\)\s*$/i', $orderby, $obmatches);
|
|
if ( !$obmatches )
|
|
return false;
|
|
return $orderby;
|
|
}
|
|
|
|
/**
|
|
* Converts a number of characters from a string.
|
|
*
|
|
* Metadata tags <<title>> and <<category>> are removed, <<br>> and <<hr>> are
|
|
* converted into correct XHTML and Unicode characters are converted to the
|
|
* valid range.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $content String of characters to be converted.
|
|
* @param string $deprecated Not used.
|
|
* @return string Converted string.
|
|
*/
|
|
function convert_chars($content, $deprecated = '') {
|
|
// Translation of invalid Unicode references range to valid range
|
|
$wp_htmltranswinuni = array(
|
|
'€' => '€', // the Euro sign
|
|
'' => '',
|
|
'‚' => '‚', // these are Windows CP1252 specific characters
|
|
'ƒ' => 'ƒ', // they would look weird on non-Windows browsers
|
|
'„' => '„',
|
|
'…' => '…',
|
|
'†' => '†',
|
|
'‡' => '‡',
|
|
'ˆ' => 'ˆ',
|
|
'‰' => '‰',
|
|
'Š' => 'Š',
|
|
'‹' => '‹',
|
|
'Œ' => 'Œ',
|
|
'' => '',
|
|
'Ž' => 'ž',
|
|
'' => '',
|
|
'' => '',
|
|
'‘' => '‘',
|
|
'’' => '’',
|
|
'“' => '“',
|
|
'”' => '”',
|
|
'•' => '•',
|
|
'–' => '–',
|
|
'—' => '—',
|
|
'˜' => '˜',
|
|
'™' => '™',
|
|
'š' => 'š',
|
|
'›' => '›',
|
|
'œ' => 'œ',
|
|
'' => '',
|
|
'ž' => '',
|
|
'Ÿ' => 'Ÿ'
|
|
);
|
|
|
|
// Remove metadata tags
|
|
$content = preg_replace('/<title>(.+?)<\/title>/','',$content);
|
|
$content = preg_replace('/<category>(.+?)<\/category>/','',$content);
|
|
|
|
// Converts lone & characters into & (a.k.a. &)
|
|
$content = preg_replace('/&([^#])(?![a-z1-4]{1,8};)/i', '&$1', $content);
|
|
|
|
// Fix Word pasting
|
|
$content = strtr($content, $wp_htmltranswinuni);
|
|
|
|
// Just a little XHTML help
|
|
$content = str_replace('<br>', '<br />', $content);
|
|
$content = str_replace('<hr>', '<hr />', $content);
|
|
|
|
return $content;
|
|
}
|
|
|
|
/**
|
|
* Fixes javascript bugs in browsers.
|
|
*
|
|
* Converts unicode characters to HTML numbered entities.
|
|
*
|
|
* @since 1.5.0
|
|
* @uses $is_macIE
|
|
* @uses $is_winIE
|
|
*
|
|
* @param string $text Text to be made safe.
|
|
* @return string Fixed text.
|
|
*/
|
|
function funky_javascript_fix($text) {
|
|
// Fixes for browsers' javascript bugs
|
|
global $is_macIE, $is_winIE;
|
|
|
|
/** @todo use preg_replace_callback() instead */
|
|
if ( $is_winIE || $is_macIE )
|
|
$text = preg_replace("/\%u([0-9A-F]{4,4})/e", "'&#'.base_convert('\\1',16,10).';'", $text);
|
|
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Will only balance the tags if forced to and the option is set to balance tags.
|
|
*
|
|
* The option 'use_balanceTags' is used for whether the tags will be balanced.
|
|
* Both the $force parameter and 'use_balanceTags' option will have to be true
|
|
* before the tags will be balanced.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $text Text to be balanced
|
|
* @param bool $force Forces balancing, ignoring the value of the option. Default false.
|
|
* @return string Balanced text
|
|
*/
|
|
function balanceTags( $text, $force = false ) {
|
|
if ( !$force && get_option('use_balanceTags') == 0 )
|
|
return $text;
|
|
return force_balance_tags( $text );
|
|
}
|
|
|
|
/**
|
|
* Balances tags of string using a modified stack.
|
|
*
|
|
* @since 2.0.4
|
|
*
|
|
* @author Leonard Lin <leonard@acm.org>
|
|
* @license GPL v2.0
|
|
* @copyright November 4, 2001
|
|
* @version 1.1
|
|
* @todo Make better - change loop condition to $text in 1.2
|
|
* @internal Modified by Scott Reilly (coffee2code) 02 Aug 2004
|
|
* 1.1 Fixed handling of append/stack pop order of end text
|
|
* Added Cleaning Hooks
|
|
* 1.0 First Version
|
|
*
|
|
* @param string $text Text to be balanced.
|
|
* @return string Balanced text.
|
|
*/
|
|
function force_balance_tags( $text ) {
|
|
$tagstack = array(); $stacksize = 0; $tagqueue = ''; $newtext = '';
|
|
$single_tags = array('br', 'hr', 'img', 'input'); //Known single-entity/self-closing tags
|
|
$nestable_tags = array('blockquote', 'div', 'span'); //Tags that can be immediately nested within themselves
|
|
|
|
# WP bug fix for comments - in case you REALLY meant to type '< !--'
|
|
$text = str_replace('< !--', '< !--', $text);
|
|
# WP bug fix for LOVE <3 (and other situations with '<' before a number)
|
|
$text = preg_replace('#<([0-9]{1})#', '<$1', $text);
|
|
|
|
while (preg_match("/<(\/?\w*)\s*([^>]*)>/",$text,$regex)) {
|
|
$newtext .= $tagqueue;
|
|
|
|
$i = strpos($text,$regex[0]);
|
|
$l = strlen($regex[0]);
|
|
|
|
// clear the shifter
|
|
$tagqueue = '';
|
|
// Pop or Push
|
|
if ($regex[1][0] == "/") { // End Tag
|
|
$tag = strtolower(substr($regex[1],1));
|
|
// if too many closing tags
|
|
if($stacksize <= 0) {
|
|
$tag = '';
|
|
//or close to be safe $tag = '/' . $tag;
|
|
}
|
|
// if stacktop value = tag close value then pop
|
|
else if ($tagstack[$stacksize - 1] == $tag) { // found closing tag
|
|
$tag = '</' . $tag . '>'; // Close Tag
|
|
// Pop
|
|
array_pop ($tagstack);
|
|
$stacksize--;
|
|
} else { // closing tag not at top, search for it
|
|
for ($j=$stacksize-1;$j>=0;$j--) {
|
|
if ($tagstack[$j] == $tag) {
|
|
// add tag to tagqueue
|
|
for ($k=$stacksize-1;$k>=$j;$k--){
|
|
$tagqueue .= '</' . array_pop ($tagstack) . '>';
|
|
$stacksize--;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
$tag = '';
|
|
}
|
|
} else { // Begin Tag
|
|
$tag = strtolower($regex[1]);
|
|
|
|
// Tag Cleaning
|
|
|
|
// If self-closing or '', don't do anything.
|
|
if((substr($regex[2],-1) == '/') || ($tag == '')) {
|
|
}
|
|
// ElseIf it's a known single-entity tag but it doesn't close itself, do so
|
|
elseif ( in_array($tag, $single_tags) ) {
|
|
$regex[2] .= '/';
|
|
} else { // Push the tag onto the stack
|
|
// If the top of the stack is the same as the tag we want to push, close previous tag
|
|
if (($stacksize > 0) && !in_array($tag, $nestable_tags) && ($tagstack[$stacksize - 1] == $tag)) {
|
|
$tagqueue = '</' . array_pop ($tagstack) . '>';
|
|
$stacksize--;
|
|
}
|
|
$stacksize = array_push ($tagstack, $tag);
|
|
}
|
|
|
|
// Attributes
|
|
$attributes = $regex[2];
|
|
if($attributes) {
|
|
$attributes = ' '.$attributes;
|
|
}
|
|
$tag = '<'.$tag.$attributes.'>';
|
|
//If already queuing a close tag, then put this tag on, too
|
|
if ($tagqueue) {
|
|
$tagqueue .= $tag;
|
|
$tag = '';
|
|
}
|
|
}
|
|
$newtext .= substr($text,0,$i) . $tag;
|
|
$text = substr($text,$i+$l);
|
|
}
|
|
|
|
// Clear Tag Queue
|
|
$newtext .= $tagqueue;
|
|
|
|
// Add Remaining text
|
|
$newtext .= $text;
|
|
|
|
// Empty Stack
|
|
while($x = array_pop($tagstack)) {
|
|
$newtext .= '</' . $x . '>'; // Add remaining tags to close
|
|
}
|
|
|
|
// WP fix for the bug with HTML comments
|
|
$newtext = str_replace("< !--","<!--",$newtext);
|
|
$newtext = str_replace("< !--","< !--",$newtext);
|
|
|
|
return $newtext;
|
|
}
|
|
|
|
/**
|
|
* Acts on text which is about to be edited.
|
|
*
|
|
* Unless $richedit is set, it is simply a holder for the 'format_to_edit'
|
|
* filter. If $richedit is set true htmlspecialchars() will be run on the
|
|
* content, converting special characters to HTMl entities.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $content The text about to be edited.
|
|
* @param bool $richedit Whether or not the $content should pass through htmlspecialchars(). Default false.
|
|
* @return string The text after the filter (and possibly htmlspecialchars()) has been run.
|
|
*/
|
|
function format_to_edit($content, $richedit = false) {
|
|
$content = apply_filters('format_to_edit', $content);
|
|
if (! $richedit )
|
|
$content = htmlspecialchars($content);
|
|
return $content;
|
|
}
|
|
|
|
/**
|
|
* Holder for the 'format_to_post' filter.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $content The text to pass through the filter.
|
|
* @return string Text returned from the 'format_to_post' filter.
|
|
*/
|
|
function format_to_post($content) {
|
|
$content = apply_filters('format_to_post', $content);
|
|
return $content;
|
|
}
|
|
|
|
/**
|
|
* Add leading zeros when necessary.
|
|
*
|
|
* If you set the threshold to '4' and the number is '10', then you will get
|
|
* back '0010'. If you set the number to '4' and the number is '5000', then you
|
|
* will get back '5000'.
|
|
*
|
|
* Uses sprintf to append the amount of zeros based on the $threshold parameter
|
|
* and the size of the number. If the number is large enough, then no zeros will
|
|
* be appended.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param mixed $number Number to append zeros to if not greater than threshold.
|
|
* @param int $threshold Digit places number needs to be to not have zeros added.
|
|
* @return string Adds leading zeros to number if needed.
|
|
*/
|
|
function zeroise($number, $threshold) {
|
|
return sprintf('%0'.$threshold.'s', $number);
|
|
}
|
|
|
|
/**
|
|
* Adds backslashes before letters and before a number at the start of a string.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $string Value to which backslashes will be added.
|
|
* @return string String with backslashes inserted.
|
|
*/
|
|
function backslashit($string) {
|
|
$string = preg_replace('/^([0-9])/', '\\\\\\\\\1', $string);
|
|
$string = preg_replace('/([a-z])/i', '\\\\\1', $string);
|
|
return $string;
|
|
}
|
|
|
|
/**
|
|
* Appends a trailing slash.
|
|
*
|
|
* Will remove trailing slash if it exists already before adding a trailing
|
|
* slash. This prevents double slashing a string or path.
|
|
*
|
|
* The primary use of this is for paths and thus should be used for paths. It is
|
|
* not restricted to paths and offers no specific path support.
|
|
*
|
|
* @since 1.2.0
|
|
* @uses untrailingslashit() Unslashes string if it was slashed already.
|
|
*
|
|
* @param string $string What to add the trailing slash to.
|
|
* @return string String with trailing slash added.
|
|
*/
|
|
function trailingslashit($string) {
|
|
return untrailingslashit($string) . '/';
|
|
}
|
|
|
|
/**
|
|
* Removes trailing slash if it exists.
|
|
*
|
|
* The primary use of this is for paths and thus should be used for paths. It is
|
|
* not restricted to paths and offers no specific path support.
|
|
*
|
|
* @since 2.2.0
|
|
*
|
|
* @param string $string What to remove the trailing slash from.
|
|
* @return string String without the trailing slash.
|
|
*/
|
|
function untrailingslashit($string) {
|
|
return rtrim($string, '/');
|
|
}
|
|
|
|
/**
|
|
* Adds slashes to escape strings.
|
|
*
|
|
* Slashes will first be removed if magic_quotes_gpc is set, see {@link
|
|
* http://www.php.net/magic_quotes} for more details.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $gpc The string returned from HTTP request data.
|
|
* @return string Returns a string escaped with slashes.
|
|
*/
|
|
function addslashes_gpc($gpc) {
|
|
global $wpdb;
|
|
|
|
if (get_magic_quotes_gpc()) {
|
|
$gpc = stripslashes($gpc);
|
|
}
|
|
|
|
return $wpdb->escape($gpc);
|
|
}
|
|
|
|
/**
|
|
* Navigates through an array and removes slashes from the values.
|
|
*
|
|
* If an array is passed, the array_map() function causes a callback to pass the
|
|
* value back to the function. The slashes from this value will removed.
|
|
*
|
|
* @since 2.0.0
|
|
*
|
|
* @param array|string $value The array or string to be striped.
|
|
* @return array|string Stripped array (or string in the callback).
|
|
*/
|
|
function stripslashes_deep($value) {
|
|
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Navigates through an array and encodes the values to be used in a URL.
|
|
*
|
|
* Uses a callback to pass the value of the array back to the function as a
|
|
* string.
|
|
*
|
|
* @since 2.2.0
|
|
*
|
|
* @param array|string $value The array or string to be encoded.
|
|
* @return array|string $value The encoded array (or string from the callback).
|
|
*/
|
|
function urlencode_deep($value) {
|
|
$value = is_array($value) ? array_map('urlencode_deep', $value) : urlencode($value);
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Converts email addresses characters to HTML entities to block spam bots.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $emailaddy Email address.
|
|
* @param int $mailto Optional. Range from 0 to 1. Used for encoding.
|
|
* @return string Converted email address.
|
|
*/
|
|
function antispambot($emailaddy, $mailto=0) {
|
|
$emailNOSPAMaddy = '';
|
|
srand ((float) microtime() * 1000000);
|
|
for ($i = 0; $i < strlen($emailaddy); $i = $i + 1) {
|
|
$j = floor(rand(0, 1+$mailto));
|
|
if ($j==0) {
|
|
$emailNOSPAMaddy .= '&#'.ord(substr($emailaddy,$i,1)).';';
|
|
} elseif ($j==1) {
|
|
$emailNOSPAMaddy .= substr($emailaddy,$i,1);
|
|
} elseif ($j==2) {
|
|
$emailNOSPAMaddy .= '%'.zeroise(dechex(ord(substr($emailaddy, $i, 1))), 2);
|
|
}
|
|
}
|
|
$emailNOSPAMaddy = str_replace('@','@',$emailNOSPAMaddy);
|
|
return $emailNOSPAMaddy;
|
|
}
|
|
|
|
/**
|
|
* Callback to convert URI match to HTML A element.
|
|
*
|
|
* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
|
|
* make_clickable()}.
|
|
*
|
|
* @since 2.3.2
|
|
* @access private
|
|
*
|
|
* @param array $matches Single Regex Match.
|
|
* @return string HTML A element with URI address.
|
|
*/
|
|
function _make_url_clickable_cb($matches) {
|
|
$ret = '';
|
|
$url = $matches[2];
|
|
$url = clean_url($url);
|
|
if ( empty($url) )
|
|
return $matches[0];
|
|
// removed trailing [.,;:] from URL
|
|
if ( in_array(substr($url, -1), array('.', ',', ';', ':')) === true ) {
|
|
$ret = substr($url, -1);
|
|
$url = substr($url, 0, strlen($url)-1);
|
|
}
|
|
return $matches[1] . "<a href=\"$url\" rel=\"nofollow\">$url</a>" . $ret;
|
|
}
|
|
|
|
/**
|
|
* Callback to convert URL match to HTML A element.
|
|
*
|
|
* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
|
|
* make_clickable()}.
|
|
*
|
|
* @since 2.3.2
|
|
* @access private
|
|
*
|
|
* @param array $matches Single Regex Match.
|
|
* @return string HTML A element with URL address.
|
|
*/
|
|
function _make_web_ftp_clickable_cb($matches) {
|
|
$ret = '';
|
|
$dest = $matches[2];
|
|
$dest = 'http://' . $dest;
|
|
$dest = clean_url($dest);
|
|
if ( empty($dest) )
|
|
return $matches[0];
|
|
// removed trailing [,;:] from URL
|
|
if ( in_array(substr($dest, -1), array('.', ',', ';', ':')) === true ) {
|
|
$ret = substr($dest, -1);
|
|
$dest = substr($dest, 0, strlen($dest)-1);
|
|
}
|
|
return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>" . $ret;
|
|
}
|
|
|
|
/**
|
|
* Callback to convert email address match to HTML A element.
|
|
*
|
|
* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
|
|
* make_clickable()}.
|
|
*
|
|
* @since 2.3.2
|
|
* @access private
|
|
*
|
|
* @param array $matches Single Regex Match.
|
|
* @return string HTML A element with email address.
|
|
*/
|
|
function _make_email_clickable_cb($matches) {
|
|
$email = $matches[2] . '@' . $matches[3];
|
|
return $matches[1] . "<a href=\"mailto:$email\">$email</a>";
|
|
}
|
|
|
|
/**
|
|
* Convert plaintext URI to HTML links.
|
|
*
|
|
* Converts URI, www and ftp, and email addresses. Finishes by fixing links
|
|
* within links.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $ret Content to convert URIs.
|
|
* @return string Content with converted URIs.
|
|
*/
|
|
function make_clickable($ret) {
|
|
$ret = ' ' . $ret;
|
|
// in testing, using arrays here was found to be faster
|
|
$ret = preg_replace_callback('#([\s>])([\w]+?://[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
|
|
$ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
|
|
$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
|
|
// this one is not in an array because we need it to run last, for cleanup of accidental links within links
|
|
$ret = preg_replace("#(<a( [^>]+?>|>))<a [^>]+?>([^>]+?)</a></a>#i", "$1$3</a>", $ret);
|
|
$ret = trim($ret);
|
|
return $ret;
|
|
}
|
|
|
|
/**
|
|
* Adds rel nofollow string to all HTML A elements in content.
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $text Content that may contain HTML A elements.
|
|
* @return string Converted content.
|
|
*/
|
|
function wp_rel_nofollow( $text ) {
|
|
global $wpdb;
|
|
// This is a pre save filter, so text is already escaped.
|
|
$text = stripslashes($text);
|
|
$text = preg_replace_callback('|<a (.+?)>|i', 'wp_rel_nofollow_callback', $text);
|
|
$text = $wpdb->escape($text);
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Callback to used to add rel=nofollow string to HTML A element.
|
|
*
|
|
* Will remove already existing rel="nofollow" and rel='nofollow' from the
|
|
* string to prevent from invalidating (X)HTML.
|
|
*
|
|
* @since 2.3.0
|
|
*
|
|
* @param array $matches Single Match
|
|
* @return string HTML A Element with rel nofollow.
|
|
*/
|
|
function wp_rel_nofollow_callback( $matches ) {
|
|
$text = $matches[1];
|
|
$text = str_replace(array(' rel="nofollow"', " rel='nofollow'"), '', $text);
|
|
return "<a $text rel=\"nofollow\">";
|
|
}
|
|
|
|
/**
|
|
* Convert text equivalent of smilies to images.
|
|
*
|
|
* Will only convert smilies if the option 'use_smilies' is true and the globals
|
|
* used in the function aren't empty.
|
|
*
|
|
* @since 0.71
|
|
* @uses $wp_smiliessearch, $wp_smiliesreplace Smiley replacement arrays.
|
|
*
|
|
* @param string $text Content to convert smilies from text.
|
|
* @return string Converted content with text smilies replaced with images.
|
|
*/
|
|
function convert_smilies($text) {
|
|
global $wp_smiliessearch, $wp_smiliesreplace;
|
|
$output = '';
|
|
if ( get_option('use_smilies') && !empty($wp_smiliessearch) && !empty($wp_smiliesreplace) ) {
|
|
// HTML loop taken from texturize function, could possible be consolidated
|
|
$textarr = preg_split("/(<.*>)/U", $text, -1, PREG_SPLIT_DELIM_CAPTURE); // capture the tags as well as in between
|
|
$stop = count($textarr);// loop stuff
|
|
for ($i = 0; $i < $stop; $i++) {
|
|
$content = $textarr[$i];
|
|
if ((strlen($content) > 0) && ('<' != $content{0})) { // If it's not a tag
|
|
$content = preg_replace($wp_smiliessearch, $wp_smiliesreplace, $content);
|
|
}
|
|
$output .= $content;
|
|
}
|
|
} else {
|
|
// return default text.
|
|
$output = $text;
|
|
}
|
|
return $output;
|
|
}
|
|
|
|
/**
|
|
* Checks to see if the text is a valid email address.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $user_email The email address to be checked.
|
|
* @return bool Returns true if valid, otherwise false.
|
|
*/
|
|
function is_email($user_email) {
|
|
$chars = "/^([a-z0-9+_]|\\-|\\.)+@(([a-z0-9_]|\\-)+\\.)+[a-z]{2,6}\$/i";
|
|
if (strpos($user_email, '@') !== false && strpos($user_email, '.') !== false) {
|
|
if (preg_match($chars, $user_email)) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Convert to ASCII from email subjects.
|
|
*
|
|
* @since 1.2.0
|
|
* @usedby wp_mail() handles charsets in email subjects
|
|
*
|
|
* @param string $string Subject line
|
|
* @return string Converted string to ASCII
|
|
*/
|
|
function wp_iso_descrambler($string) {
|
|
/* this may only work with iso-8859-1, I'm afraid */
|
|
if (!preg_match('#\=\?(.+)\?Q\?(.+)\?\=#i', $string, $matches)) {
|
|
return $string;
|
|
} else {
|
|
$subject = str_replace('_', ' ', $matches[2]);
|
|
/** @todo use preg_replace_callback() */
|
|
$subject = preg_replace('#\=([0-9a-f]{2})#ei', "chr(hexdec(strtolower('$1')))", $subject);
|
|
return $subject;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Returns a date in the GMT equivalent.
|
|
*
|
|
* Requires and returns a date in the Y-m-d H:i:s format. Simply subtracts the
|
|
* value of gmt_offset.
|
|
*
|
|
* @since 1.2.0
|
|
*
|
|
* @param string $string The date to be converted.
|
|
* @return string GMT version of the date provided.
|
|
*/
|
|
function get_gmt_from_date($string) {
|
|
preg_match('#([0-9]{1,4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})#', $string, $matches);
|
|
$string_time = gmmktime($matches[4], $matches[5], $matches[6], $matches[2], $matches[3], $matches[1]);
|
|
$string_gmt = gmdate('Y-m-d H:i:s', $string_time - get_option('gmt_offset') * 3600);
|
|
return $string_gmt;
|
|
}
|
|
|
|
/**
|
|
* Converts a GMT date into the correct format for the blog.
|
|
*
|
|
* Requires and returns in the Y-m-d H:i:s format. Simply adds the value of
|
|
* gmt_offset.
|
|
*
|
|
* @since 1.2.0
|
|
*
|
|
* @param string $string The date to be converted.
|
|
* @return string Formatted date relative to the GMT offset.
|
|
*/
|
|
function get_date_from_gmt($string) {
|
|
preg_match('#([0-9]{1,4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})#', $string, $matches);
|
|
$string_time = gmmktime($matches[4], $matches[5], $matches[6], $matches[2], $matches[3], $matches[1]);
|
|
$string_localtime = gmdate('Y-m-d H:i:s', $string_time + get_option('gmt_offset')*3600);
|
|
return $string_localtime;
|
|
}
|
|
|
|
/**
|
|
* Computes an offset in seconds from an iso8601 timezone.
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $timezone Either 'Z' for 0 offset or '±hhmm'.
|
|
* @return int|float The offset in seconds.
|
|
*/
|
|
function iso8601_timezone_to_offset($timezone) {
|
|
// $timezone is either 'Z' or '[+|-]hhmm'
|
|
if ($timezone == 'Z') {
|
|
$offset = 0;
|
|
} else {
|
|
$sign = (substr($timezone, 0, 1) == '+') ? 1 : -1;
|
|
$hours = intval(substr($timezone, 1, 2));
|
|
$minutes = intval(substr($timezone, 3, 4)) / 60;
|
|
$offset = $sign * 3600 * ($hours + $minutes);
|
|
}
|
|
return $offset;
|
|
}
|
|
|
|
/**
|
|
* Converts an iso8601 date to MySQL DateTime format used by post_date[_gmt].
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $date_string Date and time in ISO 8601 format {@link http://en.wikipedia.org/wiki/ISO_8601}.
|
|
* @param string $timezone Optional. If set to GMT returns the time minus gmt_offset. Default is 'user'.
|
|
* @return string The date and time in MySQL DateTime format - Y-m-d H:i:s.
|
|
*/
|
|
function iso8601_to_datetime($date_string, $timezone = 'user') {
|
|
$timezone = strtolower($timezone);
|
|
|
|
if ($timezone == 'gmt') {
|
|
|
|
preg_match('#([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})(Z|[\+|\-][0-9]{2,4}){0,1}#', $date_string, $date_bits);
|
|
|
|
if (!empty($date_bits[7])) { // we have a timezone, so let's compute an offset
|
|
$offset = iso8601_timezone_to_offset($date_bits[7]);
|
|
} else { // we don't have a timezone, so we assume user local timezone (not server's!)
|
|
$offset = 3600 * get_option('gmt_offset');
|
|
}
|
|
|
|
$timestamp = gmmktime($date_bits[4], $date_bits[5], $date_bits[6], $date_bits[2], $date_bits[3], $date_bits[1]);
|
|
$timestamp -= $offset;
|
|
|
|
return gmdate('Y-m-d H:i:s', $timestamp);
|
|
|
|
} else if ($timezone == 'user') {
|
|
return preg_replace('#([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})(Z|[\+|\-][0-9]{2,4}){0,1}#', '$1-$2-$3 $4:$5:$6', $date_string);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Adds a element attributes to open links in new windows.
|
|
*
|
|
* Comment text in popup windows should be filtered through this. Right now it's
|
|
* a moderately dumb function, ideally it would detect whether a target or rel
|
|
* attribute was already there and adjust its actions accordingly.
|
|
*
|
|
* @since 0.71
|
|
*
|
|
* @param string $text Content to replace links to open in a new window.
|
|
* @return string Content that has filtered links.
|
|
*/
|
|
function popuplinks($text) {
|
|
$text = preg_replace('/<a (.+?)>/i', "<a $1 target='_blank' rel='external'>", $text);
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Strips out all characters that are not allowable in an email.
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $email Email address to filter.
|
|
* @return string Filtered email address.
|
|
*/
|
|
function sanitize_email($email) {
|
|
return preg_replace('/[^a-z0-9+_.@-]/i', '', $email);
|
|
}
|
|
|
|
/**
|
|
* Determines the difference between two timestamps.
|
|
*
|
|
* The difference is returned in a human readable format such as "1 hour",
|
|
* "5 mins", "2 days".
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param int $from Unix timestamp from which the difference begins.
|
|
* @param int $to Optional. Unix timestamp to end the time difference. Default becomes time() if not set.
|
|
* @return string Human readable time difference.
|
|
*/
|
|
function human_time_diff( $from, $to = '' ) {
|
|
if ( empty($to) )
|
|
$to = time();
|
|
$diff = (int) abs($to - $from);
|
|
if ($diff <= 3600) {
|
|
$mins = round($diff / 60);
|
|
if ($mins <= 1) {
|
|
$mins = 1;
|
|
}
|
|
$since = sprintf(__ngettext('%s min', '%s mins', $mins), $mins);
|
|
} else if (($diff <= 86400) && ($diff > 3600)) {
|
|
$hours = round($diff / 3600);
|
|
if ($hours <= 1) {
|
|
$hours = 1;
|
|
}
|
|
$since = sprintf(__ngettext('%s hour', '%s hours', $hours), $hours);
|
|
} elseif ($diff >= 86400) {
|
|
$days = round($diff / 86400);
|
|
if ($days <= 1) {
|
|
$days = 1;
|
|
}
|
|
$since = sprintf(__ngettext('%s day', '%s days', $days), $days);
|
|
}
|
|
return $since;
|
|
}
|
|
|
|
/**
|
|
* Generates an excerpt from the content, if needed.
|
|
*
|
|
* The excerpt word amount will be 55 words and if the amount is greater than
|
|
* that, then the string '[...]' will be appended to the excerpt. If the string
|
|
* is less than 55 words, then the content will be returned as is.
|
|
*
|
|
* @since 1.5.0
|
|
*
|
|
* @param string $text The exerpt. If set to empty an excerpt is generated.
|
|
* @return string The excerpt.
|
|
*/
|
|
function wp_trim_excerpt($text) {
|
|
if ( '' == $text ) {
|
|
$text = get_the_content('');
|
|
|
|
$text = strip_shortcodes( $text );
|
|
|
|
$text = apply_filters('the_content', $text);
|
|
$text = str_replace(']]>', ']]>', $text);
|
|
$text = strip_tags($text);
|
|
$excerpt_length = apply_filters('excerpt_length', 55);
|
|
$words = explode(' ', $text, $excerpt_length + 1);
|
|
if (count($words) > $excerpt_length) {
|
|
array_pop($words);
|
|
array_push($words, '[...]');
|
|
$text = implode(' ', $words);
|
|
}
|
|
}
|
|
return $text;
|
|
}
|
|
|
|
/**
|
|
* Converts named entities into numbered entities.
|
|
*
|
|
* @since 1.5.1
|
|
*
|
|
* @param string $text The text within which entities will be converted.
|
|
* @return string Text with converted entities.
|
|
*/
|
|
function ent2ncr($text) {
|
|
$to_ncr = array(
|
|
'"' => '"',
|
|
'&' => '&',
|
|
'⁄' => '/',
|
|
'<' => '<',
|
|
'>' => '>',
|
|
'|' => '|',
|
|
' ' => ' ',
|
|
'¡' => '¡',
|
|
'¢' => '¢',
|
|
'£' => '£',
|
|
'¤' => '¤',
|
|
'¥' => '¥',
|
|
'¦' => '¦',
|
|
'&brkbar;' => '¦',
|
|
'§' => '§',
|
|
'¨' => '¨',
|
|
'¨' => '¨',
|
|
'©' => '©',
|
|
'ª' => 'ª',
|
|
'«' => '«',
|
|
'¬' => '¬',
|
|
'­' => '­',
|
|
'®' => '®',
|
|
'¯' => '¯',
|
|
'&hibar;' => '¯',
|
|
'°' => '°',
|
|
'±' => '±',
|
|
'²' => '²',
|
|
'³' => '³',
|
|
'´' => '´',
|
|
'µ' => 'µ',
|
|
'¶' => '¶',
|
|
'·' => '·',
|
|
'¸' => '¸',
|
|
'¹' => '¹',
|
|
'º' => 'º',
|
|
'»' => '»',
|
|
'¼' => '¼',
|
|
'½' => '½',
|
|
'¾' => '¾',
|
|
'¿' => '¿',
|
|
'À' => 'À',
|
|
'Á' => 'Á',
|
|
'Â' => 'Â',
|
|
'Ã' => 'Ã',
|
|
'Ä' => 'Ä',
|
|
'Å' => 'Å',
|
|
'Æ' => 'Æ',
|
|
'Ç' => 'Ç',
|
|
'È' => 'È',
|
|
'É' => 'É',
|
|
'Ê' => 'Ê',
|
|
'Ë' => 'Ë',
|
|
'Ì' => 'Ì',
|
|
'Í' => 'Í',
|
|
'Î' => 'Î',
|
|
'Ï' => 'Ï',
|
|
'Ð' => 'Ð',
|
|
'Ñ' => 'Ñ',
|
|
'Ò' => 'Ò',
|
|
'Ó' => 'Ó',
|
|
'Ô' => 'Ô',
|
|
'Õ' => 'Õ',
|
|
'Ö' => 'Ö',
|
|
'×' => '×',
|
|
'Ø' => 'Ø',
|
|
'Ù' => 'Ù',
|
|
'Ú' => 'Ú',
|
|
'Û' => 'Û',
|
|
'Ü' => 'Ü',
|
|
'Ý' => 'Ý',
|
|
'Þ' => 'Þ',
|
|
'ß' => 'ß',
|
|
'à' => 'à',
|
|
'á' => 'á',
|
|
'â' => 'â',
|
|
'ã' => 'ã',
|
|
'ä' => 'ä',
|
|
'å' => 'å',
|
|
'æ' => 'æ',
|
|
'ç' => 'ç',
|
|
'è' => 'è',
|
|
'é' => 'é',
|
|
'ê' => 'ê',
|
|
'ë' => 'ë',
|
|
'ì' => 'ì',
|
|
'í' => 'í',
|
|
'î' => 'î',
|
|
'ï' => 'ï',
|
|
'ð' => 'ð',
|
|
'ñ' => 'ñ',
|
|
'ò' => 'ò',
|
|
'ó' => 'ó',
|
|
'ô' => 'ô',
|
|
'õ' => 'õ',
|
|
'ö' => 'ö',
|
|
'÷' => '÷',
|
|
'ø' => 'ø',
|
|
'ù' => 'ù',
|
|
'ú' => 'ú',
|
|
'û' => 'û',
|
|
'ü' => 'ü',
|
|
'ý' => 'ý',
|
|
'þ' => 'þ',
|
|
'ÿ' => 'ÿ',
|
|
'Œ' => 'Œ',
|
|
'œ' => 'œ',
|
|
'Š' => 'Š',
|
|
'š' => 'š',
|
|
'Ÿ' => 'Ÿ',
|
|
'ƒ' => 'ƒ',
|
|
'ˆ' => 'ˆ',
|
|
'˜' => '˜',
|
|
'Α' => 'Α',
|
|
'Β' => 'Β',
|
|
'Γ' => 'Γ',
|
|
'Δ' => 'Δ',
|
|
'Ε' => 'Ε',
|
|
'Ζ' => 'Ζ',
|
|
'Η' => 'Η',
|
|
'Θ' => 'Θ',
|
|
'Ι' => 'Ι',
|
|
'Κ' => 'Κ',
|
|
'Λ' => 'Λ',
|
|
'Μ' => 'Μ',
|
|
'Ν' => 'Ν',
|
|
'Ξ' => 'Ξ',
|
|
'Ο' => 'Ο',
|
|
'Π' => 'Π',
|
|
'Ρ' => 'Ρ',
|
|
'Σ' => 'Σ',
|
|
'Τ' => 'Τ',
|
|
'Υ' => 'Υ',
|
|
'Φ' => 'Φ',
|
|
'Χ' => 'Χ',
|
|
'Ψ' => 'Ψ',
|
|
'Ω' => 'Ω',
|
|
'α' => 'α',
|
|
'β' => 'β',
|
|
'γ' => 'γ',
|
|
'δ' => 'δ',
|
|
'ε' => 'ε',
|
|
'ζ' => 'ζ',
|
|
'η' => 'η',
|
|
'θ' => 'θ',
|
|
'ι' => 'ι',
|
|
'κ' => 'κ',
|
|
'λ' => 'λ',
|
|
'μ' => 'μ',
|
|
'ν' => 'ν',
|
|
'ξ' => 'ξ',
|
|
'ο' => 'ο',
|
|
'π' => 'π',
|
|
'ρ' => 'ρ',
|
|
'ς' => 'ς',
|
|
'σ' => 'σ',
|
|
'τ' => 'τ',
|
|
'υ' => 'υ',
|
|
'φ' => 'φ',
|
|
'χ' => 'χ',
|
|
'ψ' => 'ψ',
|
|
'ω' => 'ω',
|
|
'ϑ' => 'ϑ',
|
|
'ϒ' => 'ϒ',
|
|
'ϖ' => 'ϖ',
|
|
' ' => ' ',
|
|
' ' => ' ',
|
|
' ' => ' ',
|
|
'‌' => '‌',
|
|
'‍' => '‍',
|
|
'‎' => '‎',
|
|
'‏' => '‏',
|
|
'–' => '–',
|
|
'—' => '—',
|
|
'‘' => '‘',
|
|
'’' => '’',
|
|
'‚' => '‚',
|
|
'“' => '“',
|
|
'”' => '”',
|
|
'„' => '„',
|
|
'†' => '†',
|
|
'‡' => '‡',
|
|
'•' => '•',
|
|
'…' => '…',
|
|
'‰' => '‰',
|
|
'′' => '′',
|
|
'″' => '″',
|
|
'‹' => '‹',
|
|
'›' => '›',
|
|
'‾' => '‾',
|
|
'⁄' => '⁄',
|
|
'€' => '€',
|
|
'ℑ' => 'ℑ',
|
|
'℘' => '℘',
|
|
'ℜ' => 'ℜ',
|
|
'™' => '™',
|
|
'ℵ' => 'ℵ',
|
|
'↵' => '↵',
|
|
'⇐' => '⇐',
|
|
'⇑' => '⇑',
|
|
'⇒' => '⇒',
|
|
'⇓' => '⇓',
|
|
'⇔' => '⇔',
|
|
'∀' => '∀',
|
|
'∂' => '∂',
|
|
'∃' => '∃',
|
|
'∅' => '∅',
|
|
'∇' => '∇',
|
|
'∈' => '∈',
|
|
'∉' => '∉',
|
|
'∋' => '∋',
|
|
'∏' => '∏',
|
|
'∑' => '∑',
|
|
'−' => '−',
|
|
'∗' => '∗',
|
|
'√' => '√',
|
|
'∝' => '∝',
|
|
'∞' => '∞',
|
|
'∠' => '∠',
|
|
'∧' => '∧',
|
|
'∨' => '∨',
|
|
'∩' => '∩',
|
|
'∪' => '∪',
|
|
'∫' => '∫',
|
|
'∴' => '∴',
|
|
'∼' => '∼',
|
|
'≅' => '≅',
|
|
'≈' => '≈',
|
|
'≠' => '≠',
|
|
'≡' => '≡',
|
|
'≤' => '≤',
|
|
'≥' => '≥',
|
|
'⊂' => '⊂',
|
|
'⊃' => '⊃',
|
|
'⊄' => '⊄',
|
|
'⊆' => '⊆',
|
|
'⊇' => '⊇',
|
|
'⊕' => '⊕',
|
|
'⊗' => '⊗',
|
|
'⊥' => '⊥',
|
|
'⋅' => '⋅',
|
|
'⌈' => '⌈',
|
|
'⌉' => '⌉',
|
|
'⌊' => '⌊',
|
|
'⌋' => '⌋',
|
|
'⟨' => '〈',
|
|
'⟩' => '〉',
|
|
'←' => '←',
|
|
'↑' => '↑',
|
|
'→' => '→',
|
|
'↓' => '↓',
|
|
'↔' => '↔',
|
|
'◊' => '◊',
|
|
'♠' => '♠',
|
|
'♣' => '♣',
|
|
'♥' => '♥',
|
|
'♦' => '♦'
|
|
);
|
|
|
|
return str_replace( array_keys($to_ncr), array_values($to_ncr), $text );
|
|
}
|
|
|
|
/**
|
|
* Formats text for the rich text editor.
|
|
*
|
|
* The filter 'richedit_pre' is applied here. If $text is empty the filter will
|
|
* be applied to an empty string.
|
|
*
|
|
* @since 2.0.0
|
|
*
|
|
* @param string $text The text to be formatted.
|
|
* @return string The formatted text after filter is applied.
|
|
*/
|
|
function wp_richedit_pre($text) {
|
|
// Filtering a blank results in an annoying <br />\n
|
|
if ( empty($text) ) return apply_filters('richedit_pre', '');
|
|
|
|
$output = convert_chars($text);
|
|
$output = wpautop($output);
|
|
$output = htmlspecialchars($output, ENT_NOQUOTES);
|
|
|
|
return apply_filters('richedit_pre', $output);
|
|
}
|
|
|
|
/**
|
|
* Formats text for the HTML editor.
|
|
*
|
|
* Unless $output is empty it will pass through htmlspecialchars before the
|
|
* 'htmledit_pre' filter is applied.
|
|
*
|
|
* @since 2.5.0
|
|
*
|
|
* @param string $output The text to be formatted.
|
|
* @return string Formatted text after filter applied.
|
|
*/
|
|
function wp_htmledit_pre($output) {
|
|
if ( !empty($output) )
|
|
$output = htmlspecialchars($output, ENT_NOQUOTES); // convert only < > &
|
|
|
|
return apply_filters('htmledit_pre', $output);
|
|
}
|
|
|
|
/**
|
|
* Checks and cleans a URL.
|
|
*
|
|
* A number of characters are removed from the URL. If the URL is for displaying
|
|
* (the default behaviour) amperstands are also replaced. The 'clean_url' filter
|
|
* is applied to the returned cleaned URL.
|
|
*
|
|
* @since 1.2.0
|
|
* @uses wp_kses_bad_protocol() To only permit protocols in the URL set
|
|
* via $protocols or the common ones set in the function.
|
|
*
|
|
* @param string $url The URL to be cleaned.
|
|
* @param array $protocols Optional. An array of acceptable protocols.
|
|
* Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet' if not set.
|
|
* @param string $context Optional. How the URL will be used. Default is 'display'.
|
|
* @return string The cleaned $url after the 'cleaned_url' filter is applied.
|
|
*/
|
|
function clean_url( $url, $protocols = null, $context = 'display' ) {
|
|
$original_url = $url;
|
|
|
|
if ('' == $url) return $url;
|
|
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@()\\x80-\\xff]|i', '', $url);
|
|
$strip = array('%0d', '%0a');
|
|
$url = str_replace($strip, '', $url);
|
|
$url = str_replace(';//', '://', $url);
|
|
/* If the URL doesn't appear to contain a scheme, we
|
|
* presume it needs http:// appended (unless a relative
|
|
* link starting with / or a php file).
|
|
*/
|
|
if ( strpos($url, ':') === false &&
|
|
substr( $url, 0, 1 ) != '/' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) )
|
|
$url = 'http://' . $url;
|
|
|
|
// Replace ampersands only when displaying.
|
|
if ( 'display' == $context )
|
|
$url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
|
|
|
|
if ( !is_array($protocols) )
|
|
$protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet');
|
|
if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
|
|
return '';
|
|
|
|
return apply_filters('clean_url', $url, $original_url, $context);
|
|
}
|
|
|
|
/**
|
|
* Performs clean_url() for database usage.
|
|
*
|
|
* @see clean_url()
|
|
*
|
|
* @since 2.3.1
|
|
*
|
|
* @param string $url The URL to be cleaned.
|
|
* @param array $protocols An array of acceptable protocols.
|
|
* @return string The cleaned URL.
|
|
*/
|
|
function sanitize_url( $url, $protocols = null ) {
|
|
return clean_url( $url, $protocols, 'db' );
|
|
}
|
|
|
|
/**
|
|
* Convert entities, while preserving already-encoded entities.
|
|
*
|
|
* @link http://www.php.net/htmlentities Borrowed from the PHP Manual user notes.
|
|
*
|
|
* @since 1.2.2
|
|
*
|
|
* @param string $myHTML The text to be converted.
|
|
* @return string Converted text.
|
|
*/
|
|
function htmlentities2($myHTML) {
|
|
$translation_table = get_html_translation_table( HTML_ENTITIES, ENT_QUOTES );
|
|
$translation_table[chr(38)] = '&';
|
|
return preg_replace( "/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/", "&", strtr($myHTML, $translation_table) );
|
|
}
|
|
|
|
/**
|
|
* Escape single quotes, specialchar double quotes, and fix line endings.
|
|
*
|
|
* The filter 'js_escape' is also applied here.
|
|
*
|
|
* @since 2.0.4
|
|
*
|
|
* @param string $text The text to be escaped.
|
|
* @return string Escaped text.
|
|
*/
|
|
function js_escape($text) {
|
|
$safe_text = wp_specialchars($text, 'double');
|
|
$safe_text = preg_replace('/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes($safe_text));
|
|
$safe_text = preg_replace("/\r?\n/", "\\n", addslashes($safe_text));
|
|
return apply_filters('js_escape', $safe_text, $text);
|
|
}
|
|
|
|
/**
|
|
* Escaping for HTML attributes.
|
|
*
|
|
* @since 2.0.6
|
|
*
|
|
* @param string $text
|
|
* @return string
|
|
*/
|
|
function attribute_escape($text) {
|
|
$safe_text = wp_specialchars($text, true);
|
|
return apply_filters('attribute_escape', $safe_text, $text);
|
|
}
|
|
|
|
/**
|
|
* Escape a HTML tag name.
|
|
*
|
|
* @since 2.5.0
|
|
*
|
|
* @param string $tag_name
|
|
* @return string
|
|
*/
|
|
function tag_escape($tag_name) {
|
|
$safe_tag = strtolower( preg_replace('[^a-zA-Z_:]', '', $tag_name) );
|
|
return apply_filters('tag_escape', $safe_tag, $tag_name);
|
|
}
|
|
|
|
/**
|
|
* Escapes text for SQL LIKE special characters % and _.
|
|
*
|
|
* @since 2.5.0
|
|
*
|
|
* @param string $text The text to be escaped.
|
|
* @return string text, safe for inclusion in LIKE query.
|
|
*/
|
|
function like_escape($text) {
|
|
return str_replace(array("%", "_"), array("\\%", "\\_"), $text);
|
|
}
|
|
|
|
/**
|
|
* Convert full URL paths to absolute paths.
|
|
*
|
|
* Removes the http or https protocols and the domain. Keeps the path '/' at the
|
|
* beginning, so it isn't a true relative link, but from the web root base.
|
|
*
|
|
* @since 2.1.0
|
|
*
|
|
* @param string $link Full URL path.
|
|
* @return string Absolute path.
|
|
*/
|
|
function wp_make_link_relative( $link ) {
|
|
return preg_replace( '|https?://[^/]+(/.*)|i', '$1', $link );
|
|
}
|
|
|
|
/**
|
|
* Sanitises various option values based on the nature of the option.
|
|
*
|
|
* This is basically a switch statement which will pass $value through a number
|
|
* of functions depending on the $option.
|
|
*
|
|
* @since 2.0.5
|
|
*
|
|
* @param string $option The name of the option.
|
|
* @param string $value The unsanitised value.
|
|
* @return string Sanitized value.
|
|
*/
|
|
function sanitize_option($option, $value) {
|
|
|
|
switch ($option) {
|
|
case 'admin_email':
|
|
$value = sanitize_email($value);
|
|
break;
|
|
|
|
case 'default_post_edit_rows':
|
|
case 'mailserver_port':
|
|
case 'comment_max_links':
|
|
case 'page_on_front':
|
|
case 'rss_excerpt_length':
|
|
case 'default_category':
|
|
case 'default_email_category':
|
|
case 'default_link_category':
|
|
case 'close_comments_days_old':
|
|
case 'comments_per_page':
|
|
case 'thread_comments_depth':
|
|
$value = abs((int) $value);
|
|
break;
|
|
|
|
case 'posts_per_page':
|
|
case 'posts_per_rss':
|
|
$value = (int) $value;
|
|
if ( empty($value) ) $value = 1;
|
|
if ( $value < -1 ) $value = abs($value);
|
|
break;
|
|
|
|
case 'default_ping_status':
|
|
case 'default_comment_status':
|
|
// Options that if not there have 0 value but need to be something like "closed"
|
|
if ( $value == '0' || $value == '')
|
|
$value = 'closed';
|
|
break;
|
|
|
|
case 'blogdescription':
|
|
case 'blogname':
|
|
$value = addslashes($value);
|
|
$value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes
|
|
$value = stripslashes($value);
|
|
$value = wp_specialchars( $value );
|
|
break;
|
|
|
|
case 'blog_charset':
|
|
$value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes
|
|
break;
|
|
|
|
case 'date_format':
|
|
case 'time_format':
|
|
case 'mailserver_url':
|
|
case 'mailserver_login':
|
|
case 'mailserver_pass':
|
|
case 'ping_sites':
|
|
case 'upload_path':
|
|
$value = strip_tags($value);
|
|
$value = addslashes($value);
|
|
$value = wp_filter_kses($value); // calls stripslashes then addslashes
|
|
$value = stripslashes($value);
|
|
break;
|
|
|
|
case 'gmt_offset':
|
|
$value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes
|
|
break;
|
|
|
|
case 'siteurl':
|
|
case 'home':
|
|
$value = stripslashes($value);
|
|
$value = clean_url($value);
|
|
break;
|
|
default :
|
|
$value = apply_filters("sanitize_option_{$option}", $value, $option);
|
|
break;
|
|
}
|
|
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Parses a string into variables to be stored in an array.
|
|
*
|
|
* Uses {@link http://www.php.net/parse_str parse_str()} and stripslashes if
|
|
* {@link http://www.php.net/magic_quotes magic_quotes_gpc} is on.
|
|
*
|
|
* @since 2.2.1
|
|
* @uses apply_filters() for the 'wp_parse_str' filter.
|
|
*
|
|
* @param string $string The string to be parsed.
|
|
* @param array $array Variables will be stored in this array.
|
|
*/
|
|
function wp_parse_str( $string, &$array ) {
|
|
parse_str( $string, $array );
|
|
if ( get_magic_quotes_gpc() )
|
|
$array = stripslashes_deep( $array );
|
|
$array = apply_filters( 'wp_parse_str', $array );
|
|
}
|
|
|
|
/**
|
|
* Convert lone less than signs.
|
|
*
|
|
* KSES already converts lone greater than signs.
|
|
*
|
|
* @uses wp_pre_kses_less_than_callback in the callback function.
|
|
* @since 2.3.0
|
|
*
|
|
* @param string $text Text to be converted.
|
|
* @return string Converted text.
|
|
*/
|
|
function wp_pre_kses_less_than( $text ) {
|
|
return preg_replace_callback('%<[^>]*?((?=<)|>|$)%', 'wp_pre_kses_less_than_callback', $text);
|
|
}
|
|
|
|
/**
|
|
* Callback function used by preg_replace.
|
|
*
|
|
* @uses wp_specialchars to format the $matches text.
|
|
* @since 2.3.0
|
|
*
|
|
* @param array $matches Populated by matches to preg_replace.
|
|
* @return string The text returned after wp_specialchars if needed.
|
|
*/
|
|
function wp_pre_kses_less_than_callback( $matches ) {
|
|
if ( false === strpos($matches[0], '>') )
|
|
return wp_specialchars($matches[0]);
|
|
return $matches[0];
|
|
}
|
|
|
|
/**
|
|
* WordPress implementation of PHP sprintf() with filters.
|
|
*
|
|
* @since 2.5.0
|
|
* @link http://www.php.net/sprintf
|
|
*
|
|
* @param string $pattern The string which formatted args are inserted.
|
|
* @param mixed $args,... Arguments to be formatted into the $pattern string.
|
|
* @return string The formatted string.
|
|
*/
|
|
function wp_sprintf( $pattern ) {
|
|
$args = func_get_args( );
|
|
$len = strlen($pattern);
|
|
$start = 0;
|
|
$result = '';
|
|
$arg_index = 0;
|
|
while ( $len > $start ) {
|
|
// Last character: append and break
|
|
if ( strlen($pattern) - 1 == $start ) {
|
|
$result .= substr($pattern, -1);
|
|
break;
|
|
}
|
|
|
|
// Literal %: append and continue
|
|
if ( substr($pattern, $start, 2) == '%%' ) {
|
|
$start += 2;
|
|
$result .= '%';
|
|
continue;
|
|
}
|
|
|
|
// Get fragment before next %
|
|
$end = strpos($pattern, '%', $start + 1);
|
|
if ( false === $end )
|
|
$end = $len;
|
|
$fragment = substr($pattern, $start, $end - $start);
|
|
|
|
// Fragment has a specifier
|
|
if ( $pattern{$start} == '%' ) {
|
|
// Find numbered arguments or take the next one in order
|
|
if ( preg_match('/^%(\d+)\$/', $fragment, $matches) ) {
|
|
$arg = isset($args[$matches[1]]) ? $args[$matches[1]] : '';
|
|
$fragment = str_replace("%{$matches[1]}$", '%', $fragment);
|
|
} else {
|
|
++$arg_index;
|
|
$arg = isset($args[$arg_index]) ? $args[$arg_index] : '';
|
|
}
|
|
|
|
// Apply filters OR sprintf
|
|
$_fragment = apply_filters( 'wp_sprintf', $fragment, $arg );
|
|
if ( $_fragment != $fragment )
|
|
$fragment = $_fragment;
|
|
else
|
|
$fragment = sprintf($fragment, strval($arg) );
|
|
}
|
|
|
|
// Append to result and move to next fragment
|
|
$result .= $fragment;
|
|
$start = $end;
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Localize list items before the rest of the content.
|
|
*
|
|
* The '%l' must be at the first characters can then contain the rest of the
|
|
* content. The list items will have ', ', ', and', and ' and ' added depending
|
|
* on the amount of list items in the $args parameter.
|
|
*
|
|
* @since 2.5.0
|
|
*
|
|
* @param string $pattern Content containing '%l' at the beginning.
|
|
* @param array $args List items to prepend to the content and replace '%l'.
|
|
* @return string Localized list items and rest of the content.
|
|
*/
|
|
function wp_sprintf_l($pattern, $args) {
|
|
// Not a match
|
|
if ( substr($pattern, 0, 2) != '%l' )
|
|
return $pattern;
|
|
|
|
// Nothing to work with
|
|
if ( empty($args) )
|
|
return '';
|
|
|
|
// Translate and filter the delimiter set (avoid ampersands and entities here)
|
|
$l = apply_filters('wp_sprintf_l', array(
|
|
'between' => _c(', |between list items'),
|
|
'between_last_two' => _c(', and |between last two list items'),
|
|
'between_only_two' => _c(' and |between only two list items'),
|
|
));
|
|
|
|
$args = (array) $args;
|
|
$result = array_shift($args);
|
|
if ( count($args) == 1 )
|
|
$result .= $l['between_only_two'] . array_shift($args);
|
|
// Loop when more than two args
|
|
while ( count($args) ) {
|
|
$arg = array_shift($args);
|
|
if ( $i == 1 )
|
|
$result .= $l['between_last_two'] . $arg;
|
|
else
|
|
$result .= $l['between'] . $arg;
|
|
}
|
|
return $result . substr($pattern, 2);
|
|
}
|
|
|
|
/**
|
|
* Safely extracts not more than the first $count characters from html string.
|
|
*
|
|
* UTF-8, tags and entities safe prefix extraction. Entities inside will *NOT*
|
|
* be counted as one character. For example & will be counted as 4, < as
|
|
* 3, etc.
|
|
*
|
|
* @since 2.5.0
|
|
*
|
|
* @param integer $str String to get the excerpt from.
|
|
* @param integer $count Maximum number of characters to take.
|
|
* @return string The excerpt.
|
|
*/
|
|
function wp_html_excerpt( $str, $count ) {
|
|
$str = strip_tags( $str );
|
|
$str = mb_strcut( $str, 0, $count );
|
|
// remove part of an entity at the end
|
|
$str = preg_replace( '/&[^;\s]{0,6}$/', '', $str );
|
|
return $str;
|
|
}
|
|
|
|
/**
|
|
* Add a Base url to relative links in passed content.
|
|
*
|
|
* By default it supports the 'src' and 'href' attributes. However this can be
|
|
* changed via the 3rd param.
|
|
*
|
|
* @since 2.7.0
|
|
*
|
|
* @param string $content String to search for links in.
|
|
* @param string $base The base URL to prefix to links.
|
|
* @param array $attrs The attributes which should be processed.
|
|
* @return string The processed content.
|
|
*/
|
|
function links_add_base_url( $content, $base, $attrs = array('src', 'href') ) {
|
|
$attrs = implode('|', (array)$attrs);
|
|
return preg_replace_callback("!($attrs)=(['\"])(.+?)\\2!i",
|
|
create_function('$m', 'return _links_add_base($m, "' . $base . '");'),
|
|
$content);
|
|
}
|
|
|
|
/**
|
|
* Callback to add a base url to relative links in passed content.
|
|
*
|
|
* @since 2.7.0
|
|
* @access private
|
|
*
|
|
* @param string $m The matched link.
|
|
* @param string $base The base URL to prefix to links.
|
|
* @return string The processed link.
|
|
*/
|
|
function _links_add_base($m, $base) {
|
|
//1 = attribute name 2 = quotation mark 3 = URL
|
|
return $m[1] . '=' . $m[2] .
|
|
(strpos($m[3], 'http://') === false ?
|
|
path_join($base, $m[3]) :
|
|
$m[3])
|
|
. $m[2];
|
|
}
|
|
|
|
/**
|
|
* Adds a Target attribute to all links in passed content.
|
|
*
|
|
* This function by default only applies to <a> tags, however this can be
|
|
* modified by the 3rd param.
|
|
*
|
|
* <b>NOTE:</b> Any current target attributed will be striped and replaced.
|
|
*
|
|
* @since 2.7.0
|
|
*
|
|
* @param string $content String to search for links in.
|
|
* @param string $target The Target to add to the links.
|
|
* @param array $tags An array of tags to apply to.
|
|
* @return string The processed content.
|
|
*/
|
|
function links_add_target( $content, $target = '_blank', $tags = array('a') ) {
|
|
$tags = implode('|', (array)$tags);
|
|
return preg_replace_callback("!<($tags)(.+?)>!i",
|
|
create_function('$m', 'return _links_add_target($m, "' . $target . '");'),
|
|
$content);
|
|
}
|
|
/**
|
|
* Callback to add a target attribute to all links in passed content.
|
|
*
|
|
* @since 2.7.0
|
|
* @access private
|
|
*
|
|
* @param string $m The matched link.
|
|
* @param string $target The Target to add to the links.
|
|
* @return string The processed link.
|
|
*/
|
|
function _links_add_target( $m, $target ) {
|
|
$tag = $m[1];
|
|
$link = preg_replace('|(target=[\'"](.*?)[\'"])|i', '', $m[2]);
|
|
return '<' . $tag . $link . ' target="' . $target . '">';
|
|
}
|
|
|
|
?>
|