apability name */ _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' ); $caps[] = 'edit_others_posts'; break; } if ( ! $post_type->map_meta_cap ) { $caps[] = $post_type->cap->$cap; // Prior to 3.1 we would re-call map_meta_cap here. if ( 'read_post' == $cap ) $cap = $post_type->cap->$cap; break; } $status_obj = get_post_status_object( $post->post_status ); if ( $status_obj->public ) { $caps[] = $post_type->cap->read; break; } if ( $post->post_author && $user_id == $post->post_author ) { $caps[] = $post_type->cap->read; } elseif ( $status_obj->private ) { $caps[] = $post_type->cap->read_private_posts; } else { $caps = map_meta_cap( 'edit_post', $user_id, $post->ID ); } break; case 'publish_post': $post = get_post( $args[0] ); if ( ! $post ) { $caps[] = 'do_not_allow'; break; } $post_type = get_post_type_object( $post->post_type ); if ( ! $post_type ) { /* translators: 1: post type, 2: capability name */ _doing_it_wrong( __FUNCTION__, sprintf( __( 'The post type %1$s is not registered, so it may not be reliable to check the capability "%2$s" against a post of that type.' ), $post->post_type, $cap ), '4.4.0' ); $caps[] = 'edit_others_posts'; break; } $caps[] = $post_type->cap->publish_posts; break; case 'edit_post_meta': case 'delete_post_meta': case 'add_post_meta': case 'edit_comment_meta': case 'delete_comment_meta': case 'add_comment_meta': case 'edit_term_meta': case 'delete_term_meta': case 'add_term_meta': case 'edit_user_meta': case 'delete_user_meta': case 'add_user_meta': list( $_, $object_type, $_ ) = explode( '_', $cap ); $object_id = (int) $args[0]; $object_subtype = get_object_subtype( $object_type, $object_id ); if ( empty( $object_subtype ) ) { $caps[] = 'do_not_allow'; break; } $caps = map_meta_cap( "edit_{$object_type}", $user_id, $object_id ); $meta_key = isset( $args[1] ) ? $args[1] : false; if ( $meta_key ) { $allowed = ! is_protected_meta( $meta_key, $object_type ); if ( ! empty( $object_subtype ) && has_filter( "auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}" ) ) { /** * Filters whether the user is allowed to edit a specific meta key of a specific object type and subtype. * * The dynamic portions of the hook name, `$object_type`, `$meta_key`, * and `$object_subtype`, refer to the metadata object type (comment, post, term or user), * the meta key value, and the object subtype respectively. * * @since 4.9.8 * * @param bool $allowed Whether the user can add the object meta. Default false. * @param string $meta_key The meta key. * @param int $object_id Object ID. * @param int $user_id User ID. * @param string $cap Capability name. * @param string[] $caps Array of the user's capabilities. */ $allowed = apply_filters( "auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}", $allowed, $meta_key, $object_id, $user_id, $cap, $caps ); } else { /** * Filters whether the user is allowed to edit a specific meta key of a specific object type. * * Return true to have the mapped meta caps from `edit_{$object_type}` apply. * * The dynamic portion of the hook name, `$object_type` refers to the object type being filtered. * The dynamic portion of the hook name, `$meta_key`, refers to the meta key passed to map_meta_cap(). * * @since 3.3.0 As `auth_post_meta_{$meta_key}`. * @since 4.6.0 * * @param bool $allowed Whether the user can add the object meta. Default false. * @param string $meta_key The meta key. * @param int $object_id Object ID. * @param int $user_id User ID. * @param string $cap Capability name. * @param string[] $caps Array of the user's capabilities. */ $allowed = apply_filters( "auth_{$object_type}_meta_{$meta_key}", $allowed, $meta_key, $object_id, $user_id, $cap, $caps ); } if ( ! empty( $object_subtype ) ) { /** * Filters whether the user is allowed to edit meta for specific object types/subtypes. * * Return true to have the mapped meta caps from `edit_{$object_type}` apply. * * The dynamic portion of the hook name, `$object_type` refers to the object type being filtered. * The dynamic portion of the hook name, `$object_subtype` refers to the object subtype being filtered. * The dynamic portion of the hook name, `$meta_key`, refers to the meta key passed to map_meta_cap(). * * @since 4.6.0 As `auth_post_{$post_type}_meta_{$meta_key}`. * @since 4.7.0 * @deprecated 4.9.8 Use `auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}` * * @param bool $allowed Whether the user can add the object meta. Default false. * @param string $meta_key The meta key. * @param int $object_id Object ID. * @param int $user_id User ID. * @param string $cap Capability name. * @param string[] $caps Array of the user's capabilities. */ $allowed = apply_filters_deprecated( "auth_{$object_type}_{$object_subtype}_meta_{$meta_key}", array( $allowed, $meta_key, $object_id, $user_id, $cap, $caps ), '4.9.8', "auth_{$object_type}_meta_{$meta_key}_for_{$object_subtype}" ); } if ( ! $allowed ) { $caps[] = $cap; } } break; case 'edit_comment': $comment = get_comment( $args[0] ); if ( ! $comment ) { $caps[] = 'do_not_allow'; break; } $post = get_post( $comment->comment_post_ID ); /* * If the post doesn't exist, we have an orphaned comment. * Fall back to the edit_posts capability, instead. */ if ( $post ) { $caps = map_meta_cap( 'edit_post', $user_id, $post->ID ); } else { $caps = map_meta_cap( 'edit_posts', $user_id ); } break; case 'unfiltered_upload': if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) ) $caps[] = $cap; else $caps[] = 'do_not_allow'; break; case 'edit_css' : case 'unfiltered_html' : // Disallow unfiltered_html for all users, even admins and super admins. if ( defined( 'DISALLOW_UNFILTERED_HTML' ) && DISALLOW_UNFILTERED_HTML ) $caps[] = 'do_not_allow'; elseif ( is_multisite() && ! is_super_admin( $user_id ) ) $caps[] = 'do_not_allow'; else $caps[] = 'unfiltered_html'; break; case 'edit_files': case 'edit_plugins': case 'edit_themes': // Disallow the file editors. if ( defined( 'DISALLOW_FILE_EDIT' ) && DISALLOW_FILE_EDIT ) $caps[] = 'do_not_allow'; elseif ( ! wp_is_file_mod_allowed( 'capability_edit_themes' ) ) $caps[] = 'do_not_allow'; elseif ( is_multisite() && ! is_super_admin( $user_id ) ) $caps[] = 'do_not_allow'; else $caps[] = $cap; break; case 'update_plugins': case 'delete_plugins': case 'install_plugins': case 'upload_plugins': case 'update_themes': case 'delete_themes': case 'install_themes': case 'upload_themes': case 'update_core': // Disallow anything that creates, deletes, or updates core, plugin, or theme files. // Files in uploads are excepted. if ( ! wp_is_file_mod_allowed( 'capability_update_core' ) ) { $caps[] = 'do_not_allow'; } elseif ( is_multisite() && ! is_super_admin( $user_id ) ) { $caps[] = 'do_not_allow'; } elseif ( 'upload_themes' === $cap ) { $caps[] = 'install_themes'; } elseif ( 'upload_plugins' === $cap ) { $caps[] = 'install_plugins'; } else { $caps[] = $cap; } break; case 'install_languages': case 'update_languages': if ( ! wp_is_file_mod_allowed( 'can_install_language_pack' ) ) { $caps[] = 'do_not_allow'; } elseif ( is_multisite() && ! is_super_admin( $user_id ) ) { $caps[] = 'do_not_allow'; } else { $caps[] = 'install_languages'; } break; case 'activate_plugins': case 'deactivate_plugins': case 'activate_plugin': case 'deactivate_plugin': $caps[] = 'activate_plugins'; if ( is_multisite() ) { // update_, install_, and delete_ are handled above with is_super_admin(). $menu_perms = get_site_option( 'menu_items', array() ); if ( empty( $menu_perms['plugins'] ) ) $caps[] = 'manage_network_plugins'; } break; case 'delete_user': case 'delete_users': // If multisite only super admins can delete users. if ( is_multisite() && ! is_super_admin( $user_id ) ) $caps[] = 'do_not_allow'; else $caps[] = 'delete_users'; // delete_user maps to delete_users. break; case 'create_users': if ( !is_multisite() ) $caps[] = $cap; elseif ( is_super_admin( $user_id ) || get_site_option( 'add_new_users' ) ) $caps[] = $cap; else $caps[] = 'do_not_allow'; break; case 'manage_links' : if ( get_option( 'link_manager_enabled' ) ) $caps[] = $cap; else $caps[] = 'do_not_allow'; break; case 'customize' : $caps[] = 'edit_theme_options'; break; case 'delete_site': if ( is_multisite() ) { $caps[] = 'manage_options'; } else { $caps[] = 'do_not_allow'; } break; case 'edit_term': case 'delete_term': case 'assign_term': $term_id = (int) $args[0]; $term = get_term( $term_id ); if ( ! $term || is_wp_error( $term ) ) { $caps[] = 'do_not_allow'; break; } $tax = get_taxonomy( $term->taxonomy ); if ( ! $tax ) { $caps[] = 'do_not_allow'; break; } if ( 'delete_term' === $cap && ( $term->term_id == get_option( 'default_' . $term->taxonomy ) ) ) { $caps[] = 'do_not_allow'; break; } $taxo_cap = $cap . 's'; $caps = map_meta_cap( $tax->cap->$taxo_cap, $user_id, $term_id ); break; case 'manage_post_tags': case 'edit_categories': case 'edit_post_tags': case 'delete_categories': case 'delete_post_tags': $caps[] = 'manage_categories'; break; case 'assign_categories': case 'assign_post_tags': $caps[] = 'edit_posts'; break; case 'create_sites': case 'delete_sites': case 'manage_network': case 'manage_sites': case 'manage_network_users': case 'manage_network_plugins': case 'manage_network_themes': case 'manage_network_options': case 'upgrade_network': $caps[] = $cap; break; case 'setup_network': if ( is_multisite() ) { $caps[] = 'manage_network_options'; } else { $caps[] = 'manage_options'; } break; case 'export_others_personal_data': case 'erase_others_personal_data': case 'manage_privacy_options': $caps[] = is_multisite() ? 'manage_network' : 'manage_options'; break; default: // Handle meta capabilities for custom post types. global $post_type_meta_caps; if ( isset( $post_type_meta_caps[ $cap ] ) ) { $args = array_merge( array( $post_type_meta_caps[ $cap ], $user_id ), $args ); return call_user_func_array( 'map_meta_cap', $args ); } // Block capabilities map to their post equivalent. $block_caps = array( 'edit_blocks', 'edit_others_blocks', 'publish_blocks', 'read_private_blocks', 'delete_blocks', 'delete_private_blocks', 'delete_published_blocks', 'delete_others_blocks', 'edit_private_blocks', 'edit_published_blocks', ); if ( in_array( $cap, $block_caps, true ) ) { $cap = str_replace( '_blocks', '_posts', $cap ); } // If no meta caps match, return the original cap. $caps[] = $cap; } /** * Filters a user's capabilities depending on specific context and/or privilege. * * @since 2.8.0 * * @param array $caps Returns the user's actual capabilities. * @param string $cap Capability name. * @param int $user_id The user ID. * @param array $args Adds the context to the cap. Typically the object ID. */ return apply_filters( 'map_meta_cap', $caps, $cap, $user_id, $args ); } /** * Whether the current user has a specific capability. * * While checking against particular roles in place of a capability is supported * in part, this practice is discouraged as it may produce unreliable results. * * Note: Will always return true if the current user is a super admin, unless specifically denied. * * @since 2.0.0 * * @see WP_User::has_cap() * @see map_meta_cap() * * @param string $capability Capability name. * @param int $object_id Optional. ID of the specific object to check against if `$capability` is a "meta" cap. * "Meta" capabilities, e.g. 'edit_post', 'edit_user', etc., are capabilities used * by map_meta_cap() to map to other "primitive" capabilities, e.g. 'edit_posts', * 'edit_others_posts', etc. Accessed via func_get_args() and passed to WP_User::has_cap(), * then map_meta_cap(). * @return bool Whether the current user has the given capability. If `$capability` is a meta cap and `$object_id` is * passed, whether the current user has the given meta capability for the given object. */ function current_user_can( $capability ) { $current_user = wp_get_current_user(); if ( empty( $current_user ) ) return false; $args = array_slice( func_get_args(), 1 ); $args = array_merge( array( $capability ), $args ); return call_user_func_array( array( $current_user, 'has_cap' ), $args ); } /** * Whether the current user has a specific capability for a given site. * * @since 3.0.0 * * @param int $blog_id Site ID. * @param string $capability Capability name. * @return bool Whether the user has the given capability. */ function current_user_can_for_blog( $blog_id, $capability ) { $switched = is_multisite() ? switch_to_blog( $blog_id ) : false; $current_user = wp_get_current_user(); if ( empty( $current_user ) ) { if ( $switched ) { restore_current_blog(); } return false; } $args = array_slice( func_get_args(), 2 ); $args = array_merge( array( $capability ), $args ); $can = call_user_func_array( array( $current_user, 'has_cap' ), $args ); if ( $switched ) { restore_current_blog(); } return $can; } /** * Whether the author of the supplied post has a specific capability. * * @since 2.9.0 * * @param int|WP_Post $post Post ID or post object. * @param string $capability Capability name. * @return bool Whether the post author has the given capability. */ function author_can( $post, $capability ) { if ( !$post = get_post($post) ) return false; $author = get_userdata( $post->post_author ); if ( ! $author ) return false; $args = array_slice( func_get_args(), 2 ); $args = array_merge( array( $capability ), $args ); return call_user_func_array( array( $author, 'has_cap' ), $args ); } /** * Whether a particular user has a specific capability. * * @since 3.1.0 * * @param int|WP_User $user User ID or object. * @param string $capability Capability name. * @return bool Whether the user has the given capability. */ function user_can( $user, $capability ) { if ( ! is_object( $user ) ) $user = get_userdata( $user ); if ( ! $user || ! $user->exists() ) return false; $args = array_slice( func_get_args(), 2 ); $args = array_merge( array( $capability ), $args ); return call_user_func_array( array( $user, 'has_cap' ), $args ); } /** * Retrieves the global WP_Roles instance and instantiates it if necessary. * * @since 4.3.0 * * @global WP_Roles $wp_roles WP_Roles global instance. * * @return WP_Roles WP_Roles global instance if not already instantiated. */ function wp_roles() { global $wp_roles; if ( ! isset( $wp_roles ) ) { $wp_roles = new WP_Roles(); } return $wp_roles; } /** * Retrieve role object. * * @since 2.0.0 * * @param string $role Role name. * @return WP_Role|null WP_Role object if found, null if the role does not exist. */ function get_role( $role ) { return wp_roles()->get_role( $role ); } /** * Add role, if it does not exist. * * @since 2.0.0 * * @param string $role Role name. * @param string $display_name Display name for role. * @param array $capabilities List of capabilities, e.g. array( 'edit_posts' => true, 'delete_posts' => false ); * @return WP_Role|null WP_Role object if role is added, null if already exists. */ function add_role( $role, $display_name, $capabilities = array() ) { if ( empty( $role ) ) { return; } return wp_roles()->add_role( $role, $display_name, $capabilities ); } /** * Remove role, if it exists. * * @since 2.0.0 * * @param string $role Role name. */ function remove_role( $role ) { wp_roles()->remove_role( $role ); } /** * Retrieve a list of super admins. * * @since 3.0.0 * * @global array $super_admins * * @return array List of super admin logins */ function get_super_admins() { global $super_admins; if ( isset($super_admins) ) return $super_admins; else return get_site_option( 'site_admins', array('admin') ); } /** * Determine if user is a site admin. * * @since 3.0.0 * * @param int $user_id (Optional) The ID of a user. Defaults to the current user. * @return bool True if the user is a site admin. */ function is_super_admin( $user_id = false ) { if ( ! $user_id || $user_id == get_current_user_id() ) $user = wp_get_current_user(); else $user = get_userdata( $user_id ); if ( ! $user || ! $user->exists() ) return false; if ( is_multisite() ) { $super_admins = get_super_admins(); if ( is_array( $super_admins ) && in_array( $user->user_login, $super_admins ) ) return true; } else { if ( $user->has_cap('delete_users') ) return true; } return false; } /** * Grants Super Admin privileges. * * @since 3.0.0 * * @global array $super_admins * * @param int $user_id ID of the user to be granted Super Admin privileges. * @return bool True on success, false on failure. This can fail when the user is * already a super admin or when the `$super_admins` global is defined. */ function grant_super_admin( $user_id ) { // If global super_admins override is defined, there is nothing to do here. if ( isset( $GLOBALS['super_admins'] ) || ! is_multisite() ) { return false; } /** * Fires before the user is granted Super Admin privileges. * * @since 3.0.0 * * @param int $user_id ID of the user that is about to be granted Super Admin privileges. */ do_action( 'grant_super_admin', $user_id ); // Directly fetch site_admins instead of using get_super_admins() $super_admins = get_site_option( 'site_admins', array( 'admin' ) ); $user = get_userdata( $user_id ); if ( $user && ! in_array( $user->user_login, $super_admins ) ) { $super_admins[] = $user->user_login; update_site_option( 'site_admins' , $super_admins ); /** * Fires after the user is granted Super Admin privileges. * * @since 3.0.0 * * @param int $user_id ID of the user that was granted Super Admin privileges. */ do_action( 'granted_super_admin', $user_id ); return true; } return false; } /** * Revokes Super Admin privileges. * * @since 3.0.0 * * @global array $super_admins * * @param int $user_id ID of the user Super Admin privileges to be revoked from. * @return bool True on success, false on failure. This can fail when the user's email * is the network admin email or when the `$super_admins` global is defined. */ function revoke_super_admin( $user_id ) { // If global super_admins override is defined, there is nothing to do here. if ( isset( $GLOBALS['super_admins'] ) || ! is_multisite() ) { return false; } /** * Fires before the user's Super Admin privileges are revoked. * * @since 3.0.0 * * @param int $user_id ID of the user Super Admin privileges are being revoked from. */ do_action( 'revoke_super_admin', $user_id ); // Directly fetch site_admins instead of using get_super_admins() $super_admins = get_site_option( 'site_admins', array( 'admin' ) ); $user = get_userdata( $user_id ); if ( $user && 0 !== strcasecmp( $user->user_email, get_site_option( 'admin_email' ) ) ) { if ( false !== ( $key = array_search( $user->user_login, $super_admins ) ) ) { unset( $super_admins[$key] ); update_site_option( 'site_admins', $super_admins ); /** * Fires after the user's Super Admin privileges are revoked. * * @since 3.0.0 * * @param int $user_id ID of the user Super Admin privileges were revoked from. */ do_action( 'revoked_super_admin', $user_id ); return true; } } return false; } /** * Filters the user capabilities to grant the 'install_languages' capability as necessary. * * A user must have at least one out of the 'update_core', 'install_plugins', and * 'install_themes' capabilities to qualify for 'install_languages'. * * @since 4.9.0 * * @param array $allcaps An array of all the user's capabilities. * @return array Filtered array of the user's capabilities. */ function wp_maybe_grant_install_languages_cap( $allcaps ) { if ( ! empty( $allcaps['update_core'] ) || ! empty( $allcaps['install_plugins'] ) || ! empty( $allcaps['install_themes'] ) ) { $allcaps['install_languages'] = true; } return $allcaps; } post_id, $user_id = 0 ) { $revisions = wp_get_post_revisions( $post_id, array( 'check_enabled' => false ) ); foreach ( $revisions as $revision ) { if ( false !== strpos( $revision->post_name, "{$post_id}-autosave" ) ) { if ( $user_id && $user_id != $revision->post_author ) continue; return $revision; } } return false; } /** * Determines if the specified post is a revision. * * @since 2.6.0 * * @param int|WP_Post $post Post ID or post object. * @return false|int False if not a revision, ID of revision's parent otherwise. */ function wp_is_post_revision( $post ) { if ( !$post = wp_get_post_revision( $post ) ) return false; return (int) $post->post_parent; } /** * Determines if the specified post is an autosave. * * @since 2.6.0 * * @param int|WP_Post $post Post ID or post object. * @return false|int False if not a revision, ID of autosave's parent otherwise */ function wp_is_post_autosave( $post ) { if ( !$post = wp_get_post_revision( $post ) ) return false; if ( false !== strpos( $post->post_name, "{$post->post_parent}-autosave" ) ) return (int) $post->post_parent; return false; } /** * Inserts post data into the posts table as a post revision. * * @since 2.6.0 * @access private * * @param int|WP_Post|array|null $post Post ID, post object OR post array. * @param bool $autosave Optional. Is the revision an autosave? * @return int|WP_Error WP_Error or 0 if error, new revision ID if success. */ function _wp_put_post_revision( $post = null, $autosave = false ) { if ( is_object($post) ) $post = get_object_vars( $post ); elseif ( !is_array($post) ) $post = get_post($post, ARRAY_A); if ( ! $post || empty($post['ID']) ) return new WP_Error( 'invalid_post', __( 'Invalid post ID.' ) ); if ( isset($post['post_type']) && 'revision' == $post['post_type'] ) return new WP_Error( 'post_type', __( 'Cannot create a revision of a revision' ) ); $post = _wp_post_revision_data( $post, $autosave ); $post = wp_slash($post); //since data is from db $revision_id = wp_insert_post( $post ); if ( is_wp_error($revision_id) ) return $revision_id; if ( $revision_id ) { /** * Fires once a revision has been saved. * * @since 2.6.0 * * @param int $revision_id Post revision ID. */ do_action( '_wp_put_post_revision', $revision_id ); } return $revision_id; } /** * Gets a post revision. * * @since 2.6.0 * * @param int|WP_Post $post The post ID or object. * @param string $output Optional. The required return type. One of OBJECT, ARRAY_A, or ARRAY_N, which correspond to * a WP_Post object, an associative array, or a numeric array, respectively. Default OBJECT. * @param string $filter Optional sanitation filter. See sanitize_post(). * @return WP_Post|array|null WP_Post (or array) on success, or null on failure. */ function wp_get_post_revision(&$post, $output = OBJECT, $filter = 'raw') { if ( !$revision = get_post( $post, OBJECT, $filter ) ) return $revision; if ( 'revision' !== $revision->post_type ) return null; if ( $output == OBJECT ) { return $revision; } elseif ( $output == ARRAY_A ) { $_revision = get_object_vars($revision); return $_revision; } elseif ( $output == ARRAY_N ) { $_revision = array_values(get_object_vars($revision)); return $_revision; } return $revision; } /** * Restores a post to the specified revision. * * Can restore a past revision using all fields of the post revision, or only selected fields. * * @since 2.6.0 * * @param int|WP_Post $revision_id Revision ID or revision object. * @param array $fields Optional. What fields to restore from. Defaults to all. * @return int|false|null Null if error, false if no fields to restore, (int) post ID if success. */ function wp_restore_post_revision( $revision_id, $fields = null ) { if ( !$revision = wp_get_post_revision( $revision_id, ARRAY_A ) ) return $revision; if ( !is_array( $fields ) ) $fields = array_keys( _wp_post_revision_fields( $revision ) ); $update = array(); foreach ( array_intersect( array_keys( $revision ), $fields ) as $field ) { $update[$field] = $revision[$field]; } if ( !$update ) return false; $update['ID'] = $revision['post_parent']; $update = wp_slash( $update ); //since data is from db $post_id = wp_update_post( $update ); if ( ! $post_id || is_wp_error( $post_id ) ) return $post_id; // Update last edit user update_post_meta( $post_id, '_edit_last', get_current_user_id() ); /** * Fires after a post revision has been restored. * * @since 2.6.0 * * @param int $post_id Post ID. * @param int $revision_id Post revision ID. */ do_action( 'wp_restore_post_revision', $post_id, $revision['ID'] ); return $post_id; } /** * Deletes a revision. * * Deletes the row from the posts table corresponding to the specified revision. * * @since 2.6.0 * * @param int|WP_Post $revision_id Revision ID or revision object. * @return array|false|WP_Post|WP_Error|null Null or WP_Error if error, deleted post if success. */ function wp_delete_post_revision( $revision_id ) { if ( ! $revision = wp_get_post_revision( $revision_id ) ) { return $revision; } $delete = wp_delete_post( $revision->ID ); if ( $delete ) { /** * Fires once a post revision has been deleted. * * @since 2.6.0 * * @param int $revision_id Post revision ID. * @param object|array $revision Post revision object or array. */ do_action( 'wp_delete_post_revision', $revision->ID, $revision ); } return $delete; } /** * Returns all revisions of specified post. * * @since 2.6.0 * * @see get_children() * * @param int|WP_Post $post_id Optional. Post ID or WP_Post object. Default is global `$post`. * @param array|null $args Optional. Arguments for retrieving post revisions. Default null. * @return array An array of revisions, or an empty array if none. */ function wp_get_post_revisions( $post_id = 0, $args = null ) { $post = get_post( $post_id ); if ( ! $post || empty( $post->ID ) ) return array(); $defaults = array( 'order' => 'DESC', 'orderby' => 'date ID', 'check_enabled' => true ); $args = wp_parse_args( $args, $defaults ); if ( $args['check_enabled'] && ! wp_revisions_enabled( $post ) ) return array(); $args = array_merge( $args, array( 'post_parent' => $post->ID, 'post_type' => 'revision', 'post_status' => 'inherit' ) ); if ( ! $revisions = get_children( $args ) ) return array(); return $revisions; } /** * Determine if revisions are enabled for a given post. * * @since 3.6.0 * * @param WP_Post $post The post object. * @return bool True if number of revisions to keep isn't zero, false otherwise. */ function wp_revisions_enabled( $post ) { return wp_revisions_to_keep( $post ) !== 0; } /** * Determine how many revisions to retain for a given post. * * By default, an infinite number of revisions are kept. * * The constant WP_POST_REVISIONS can be set in wp-config to specify the limit * of revisions to keep. * * @since 3.6.0 * * @param WP_Post $post The post object. * @return int The number of revisions to keep. */ function wp_revisions_to_keep( $post ) { $num = WP_POST_REVISIONS; if ( true === $num ) $num = -1; else $num = intval( $num ); if ( ! post_type_supports( $post->post_type, 'revisions' ) ) $num = 0; /** * Filters the number of revisions to save for the given post. * * Overrides the value of WP_POST_REVISIONS. * * @since 3.6.0 * * @param int $num Number of revisions to store. * @param WP_Post $post Post object. */ return (int) apply_filters( 'wp_revisions_to_keep', $num, $post ); } /** * Sets up the post object for preview based on the post autosave. * * @since 2.7.0 * @access private * * @param WP_Post $post * @return WP_Post|false */ function _set_preview( $post ) { if ( ! is_object( $post ) ) { return $post; } $preview = wp_get_post_autosave( $post->ID ); if ( ! is_object( $preview ) ) { return $post; } $preview = sanitize_post( $preview ); $post->post_content = $preview->post_content; $post->post_title = $preview->post_title; $post->post_excerpt = $preview->post_excerpt; add_filter( 'get_the_terms', '_wp_preview_terms_filter', 10, 3 ); add_filter( 'get_post_metadata', '_wp_preview_post_thumbnail_filter', 10, 3 ); return $post; } /** * Filters the latest content for preview from the post autosave. * * @since 2.7.0 * @access private */ function _show_post_preview() { if ( isset($_GET['preview_id']) && isset($_GET['preview_nonce']) ) { $id = (int) $_GET['preview_id']; if ( false === wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . $id ) ) wp_die( __('Sorry, you are not allowed to preview drafts.') ); add_filter('the_preview', '_set_preview'); } } /** * Filters terms lookup to set the post format. * * @since 3.6.0 * @access private * * @param array $terms * @param int $post_id * @param string $taxonomy * @return array */ function _wp_preview_terms_filter( $terms, $post_id, $taxonomy ) { if ( ! $post = get_post() ) return $terms; if ( empty( $_REQUEST['post_format'] ) || $post->ID != $post_id || 'post_format' != $taxonomy || 'revision' == $post->post_type ) return $terms; if ( 'standard' == $_REQUEST['post_format'] ) $terms = array(); elseif ( $term = get_term_by( 'slug', 'post-format-' . sanitize_key( $_REQUEST['post_format'] ), 'post_format' ) ) $terms = array( $term ); // Can only have one post format return $terms; } /** * Filters post thumbnail lookup to set the post thumbnail. * * @since 4.6.0 * @access private * * @param null|array|string $value The value to return - a single metadata value, or an array of values. * @param int $post_id Post ID. * @param string $meta_key Meta key. * @return null|array The default return value or the post thumbnail meta array. */ function _wp_preview_post_thumbnail_filter( $value, $post_id, $meta_key ) { if ( ! $post = get_post() ) { return $value; } if ( empty( $_REQUEST['_thumbnail_id'] ) || empty( $_REQUEST['preview_id'] ) || $post->ID != $post_id || '_thumbnail_id' != $meta_key || 'revision' == $post->post_type || $post_id != $_REQUEST['preview_id'] ) { return $value; } $thumbnail_id = intval( $_REQUEST['_thumbnail_id'] ); if ( $thumbnail_id <= 0 ) { return ''; } return strval( $thumbnail_id ); } /** * Gets the post revision version. * * @since 3.6.0 * @access private * * @param WP_Post $revision * @return int|false */ function _wp_get_post_revision_version( $revision ) { if ( is_object( $revision ) ) $revision = get_object_vars( $revision ); elseif ( !is_array( $revision ) ) return false; if ( preg_match( '/^\d+-(?:autosave|revision)-v(\d+)$/', $revision['post_name'], $matches ) ) return (int) $matches[1]; return 0; } /** * Upgrade the revisions author, add the current post as a revision and set the revisions version to 1 * * @since 3.6.0 * @access private * * @global wpdb $wpdb WordPress database abstraction object. * * @param WP_Post $post Post object * @param array $revisions Current revisions of the post * @return bool true if the revisions were upgraded, false if problems */ function _wp_upgrade_revisions_of_post( $post, $revisions ) { global $wpdb; // Add post option exclusively $lock = "revision-upgrade-{$post->ID}"; $now = time(); $result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, 'no') /* LOCK */", $lock, $now ) ); if ( ! $result ) { // If we couldn't get a lock, see how old the previous lock is $locked = get_option( $lock ); if ( ! $locked ) { // Can't write to the lock, and can't read the lock. // Something broken has happened return false; } if ( $locked > $now - 3600 ) { // Lock is not too old: some other process may be upgrading this post. Bail. return false; } // Lock is too old - update it (below) and continue } // If we could get a lock, re-"add" the option to fire all the correct filters. update_option( $lock, $now ); reset( $revisions ); $add_last = true; do { $this_revision = current( $revisions ); $prev_revision = next( $revisions ); $this_revision_version = _wp_get_post_revision_version( $this_revision ); // Something terrible happened if ( false === $this_revision_version ) continue; // 1 is the latest revision version, so we're already up to date. // No need to add a copy of the post as latest revision. if ( 0 < $this_revision_version ) { $add_last = false; continue; } // Always update the revision version $update = array( 'post_name' => preg_replace( '/^(\d+-(?:autosave|revision))[\d-]*$/', '$1-v1', $this_revision->post_name ), ); // If this revision is the oldest revision of the post, i.e. no $prev_revision, // the correct post_author is probably $post->post_author, but that's only a good guess. // Update the revision version only and Leave the author as-is. if ( $prev_revision ) { $prev_revision_version = _wp_get_post_revision_version( $prev_revision ); // If the previous revision is already up to date, it no longer has the information we need :( if ( $prev_revision_version < 1 ) $update['post_author'] = $prev_revision->post_author; } // Upgrade this revision $result = $wpdb->update( $wpdb->posts, $update, array( 'ID' => $this_revision->ID ) ); if ( $result ) wp_cache_delete( $this_revision->ID, 'posts' ); } while ( $prev_revision ); delete_option( $lock ); // Add a copy of the post as latest revision. if ( $add_last ) wp_save_post_revision( $post->ID ); return true; } t_id); if ( !is_object($comment) ) return false; return get_the_guid($comment->comment_post_ID) . '#comment-' . $comment->comment_ID; } /** * Display the link to the comments. * * @since 1.5.0 * @since 4.4.0 Introduced the `$comment` argument. * * @param int|WP_Comment $comment Optional. Comment object or id. Defaults to global comment object. */ function comment_link( $comment = null ) { /** * Filters the current comment's permalink. * * @since 3.6.0 * * @see get_comment_link() * * @param string $comment_permalink The current comment permalink. */ echo esc_url( apply_filters( 'comment_link', get_comment_link( $comment ) ) ); } /** * Retrieve the current comment author for use in the feeds. * * @since 2.0.0 * * @return string Comment Author */ function get_comment_author_rss() { /** * Filters the current comment author for use in a feed. * * @since 1.5.0 * * @see get_comment_author() * * @param string $comment_author The current comment author. */ return apply_filters( 'comment_author_rss', get_comment_author() ); } /** * Display the current comment author in the feed. * * @since 1.0.0 */ function comment_author_rss() { echo get_comment_author_rss(); } /** * Display the current comment content for use in the feeds. * * @since 1.0.0 */ function comment_text_rss() { $comment_text = get_comment_text(); /** * Filters the current comment content for use in a feed. * * @since 1.5.0 * * @param string $comment_text The content of the current comment. */ $comment_text = apply_filters( 'comment_text_rss', $comment_text ); echo $comment_text; } /** * Retrieve all of the post categories, formatted for use in feeds. * * All of the categories for the current post in the feed loop, will be * retrieved and have feed markup added, so that they can easily be added to the * RSS2, Atom, or RSS1 and RSS0.91 RDF feeds. * * @since 2.1.0 * * @param string $type Optional, default is the type returned by get_default_feed(). * @return string All of the post categories for displaying in the feed. */ function get_the_category_rss($type = null) { if ( empty($type) ) $type = get_default_feed(); $categories = get_the_category(); $tags = get_the_tags(); $the_list = ''; $cat_names = array(); $filter = 'rss'; if ( 'atom' == $type ) $filter = 'raw'; if ( !empty($categories) ) foreach ( (array) $categories as $category ) { $cat_names[] = sanitize_term_field('name', $category->name, $category->term_id, 'category', $filter); } if ( !empty($tags) ) foreach ( (array) $tags as $tag ) { $cat_names[] = sanitize_term_field('name', $tag->name, $tag->term_id, 'post_tag', $filter); } $cat_names = array_unique($cat_names); foreach ( $cat_names as $cat_name ) { if ( 'rdf' == $type ) $the_list .= "\t\t\n"; elseif ( 'atom' == $type ) $the_list .= sprintf( '', esc_attr( get_bloginfo_rss( 'url' ) ), esc_attr( $cat_name ) ); else $the_list .= "\t\t\n"; } /** * Filters all of the post categories for display in a feed. * * @since 1.2.0 * * @param string $the_list All of the RSS post categories. * @param string $type Type of feed. Possible values include 'rss2', 'atom'. * Default 'rss2'. */ return apply_filters( 'the_category_rss', $the_list, $type ); } /** * Display the post categories in the feed. * * @since 0.71 * @see get_the_category_rss() For better explanation. * * @param string $type Optional, default is the type returned by get_default_feed(). */ function the_category_rss($type = null) { echo get_the_category_rss($type); } /** * Display the HTML type based on the blog setting. * * The two possible values are either 'xhtml' or 'html'. * * @since 2.2.0 */ function html_type_rss() { $type = get_bloginfo('html_type'); if (strpos($type, 'xhtml') !== false) $type = 'xhtml'; else $type = 'html'; echo $type; } /** * Display the rss enclosure for the current post. * * Uses the global $post to check whether the post requires a password and if * the user has the password for the post. If not then it will return before * displaying. * * Also uses the function get_post_custom() to get the post's 'enclosure' * metadata field and parses the value to display the enclosure(s). The * enclosure(s) consist of enclosure HTML tag(s) with a URI and other * attributes. * * @since 1.5.0 */ function rss_enclosure() { if ( post_password_required() ) return; foreach ( (array) get_post_custom() as $key => $val) { if ($key == 'enclosure') { foreach ( (array) $val as $enc ) { $enclosure = explode("\n", $enc); // only get the first element, e.g. audio/mpeg from 'audio/mpeg mpga mp2 mp3' $t = preg_split('/[ \t]/', trim($enclosure[2]) ); $type = $t[0]; /** * Filters the RSS enclosure HTML link tag for the current post. * * @since 2.2.0 * * @param string $html_link_tag The HTML link tag with a URI and other attributes. */ echo apply_filters( 'rss_enclosure', '' . "\n" ); } } } } /** * Display the atom enclosure for the current post. * * Uses the global $post to check whether the post requires a password and if * the user has the password for the post. If not then it will return before * displaying. * * Also uses the function get_post_custom() to get the post's 'enclosure' * metadata field and parses the value to display the enclosure(s). The * enclosure(s) consist of link HTML tag(s) with a URI and other attributes. * * @since 2.2.0 */ function atom_enclosure() { if ( post_password_required() ) return; foreach ( (array) get_post_custom() as $key => $val ) { if ($key == 'enclosure') { foreach ( (array) $val as $enc ) { $enclosure = explode("\n", $enc); /** * Filters the atom enclosure HTML link tag for the current post. * * @since 2.2.0 * * @param string $html_link_tag The HTML link tag with a URI and other attributes. */ echo apply_filters( 'atom_enclosure', '' . "\n" ); } } } } /** * Determine the type of a string of data with the data formatted. * * Tell whether the type is text, html, or xhtml, per RFC 4287 section 3.1. * * In the case of WordPress, text is defined as containing no markup, * xhtml is defined as "well formed", and html as tag soup (i.e., the rest). * * Container div tags are added to xhtml values, per section 3.1.1.3. * * @link http://www.atomenabled.org/developers/syndication/atom-format-spec.php#rfc.section.3.1 * * @since 2.5.0 * * @param string $data Input string * @return array array(type, value) */ function prep_atom_text_construct($data) { if (strpos($data, '<') === false && strpos($data, '&') === false) { return array('text', $data); } if ( ! function_exists( 'xml_parser_create' ) ) { trigger_error( __( "PHP's XML extension is not available. Please contact your hosting provider to enable PHP's XML extension." ) ); return array( 'html', "" ); } $parser = xml_parser_create(); xml_parse($parser, '
' . $data . '
', true); $code = xml_get_error_code($parser); xml_parser_free($parser); if (!$code) { if (strpos($data, '<') === false) { return array('text', $data); } else { $data = "
$data
"; return array('xhtml', $data); } } if (strpos($data, ']]>') === false) { return array('html', ""); } else { return array('html', htmlspecialchars($data)); } } /** * Displays Site Icon in atom feeds. * * @since 4.3.0 * * @see get_site_icon_url() */ function atom_site_icon() { $url = get_site_icon_url( 32 ); if ( $url ) { echo "$url\n"; } } /** * Displays Site Icon in RSS2. * * @since 4.3.0 */ function rss2_site_icon() { $rss_title = get_wp_title_rss(); if ( empty( $rss_title ) ) { $rss_title = get_bloginfo_rss( 'name' ); } $url = get_site_icon_url( 32 ); if ( $url ) { echo ' ' . convert_chars( $url ) . ' ' . $rss_title . ' ' . get_bloginfo_rss( 'url' ) . ' 32 32 ' . "\n"; } } /** * Display the link for the currently displayed feed in a XSS safe way. * * Generate a correct link for the atom:self element. * * @since 2.5.0 */ function self_link() { $host = @parse_url(home_url()); /** * Filters the current feed URL. * * @since 3.6.0 * * @see set_url_scheme() * @see wp_unslash() * * @param string $feed_link The link for the feed with set URL scheme. */ echo esc_url( apply_filters( 'self_link', set_url_scheme( 'http://' . $host['host'] . wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) ); } /** * Return the content type for specified feed type. * * @since 2.8.0 * * @param string $type Type of feed. Possible values include 'rss', rss2', 'atom', and 'rdf'. */ function feed_content_type( $type = '' ) { if ( empty($type) ) $type = get_default_feed(); $types = array( 'rss' => 'application/rss+xml', 'rss2' => 'application/rss+xml', 'rss-http' => 'text/xml', 'atom' => 'application/atom+xml', 'rdf' => 'application/rdf+xml' ); $content_type = ( !empty($types[$type]) ) ? $types[$type] : 'application/octet-stream'; /** * Filters the content type for a specific feed type. * * @since 2.8.0 * * @param string $content_type Content type indicating the type of data that a feed contains. * @param string $type Type of feed. Possible values include 'rss', rss2', 'atom', and 'rdf'. */ return apply_filters( 'feed_content_type', $content_type, $type ); } /** * Build SimplePie object based on RSS or Atom feed from URL. * * @since 2.8.0 * * @param mixed $url URL of feed to retrieve. If an array of URLs, the feeds are merged * using SimplePie's multifeed feature. * See also {@link ​http://simplepie.org/wiki/faq/typical_multifeed_gotchas} * * @return WP_Error|SimplePie WP_Error object on failure or SimplePie object on success */ function fetch_feed( $url ) { if ( ! class_exists( 'SimplePie', false ) ) { require_once( ABSPATH . WPINC . '/class-simplepie.php' ); } require_once( ABSPATH . WPINC . '/class-wp-feed-cache.php' ); require_once( ABSPATH . WPINC . '/class-wp-feed-cache-transient.php' ); require_once( ABSPATH . WPINC . '/class-wp-simplepie-file.php' ); require_once( ABSPATH . WPINC . '/class-wp-simplepie-sanitize-kses.php' ); $feed = new SimplePie(); $feed->set_sanitize_class( 'WP_SimplePie_Sanitize_KSES' ); // We must manually overwrite $feed->sanitize because SimplePie's // constructor sets it before we have a chance to set the sanitization class $feed->sanitize = new WP_SimplePie_Sanitize_KSES(); $feed->set_cache_class( 'WP_Feed_Cache' ); $feed->set_file_class( 'WP_SimplePie_File' ); $feed->set_feed_url( $url ); /** This filter is documented in wp-includes/class-wp-feed-cache-transient.php */ $feed->set_cache_duration( apply_filters( 'wp_feed_cache_transient_lifetime', 12 * HOUR_IN_SECONDS, $url ) ); /** * Fires just before processing the SimplePie feed object. * * @since 3.0.0 * * @param object $feed SimplePie feed object (passed by reference). * @param mixed $url URL of feed to retrieve. If an array of URLs, the feeds are merged. */ do_action_ref_array( 'wp_feed_options', array( &$feed, $url ) ); $feed->init(); $feed->set_output_encoding( get_option( 'blog_charset' ) ); if ( $feed->error() ) return new WP_Error( 'simplepie-error', $feed->error() ); return $feed; } sic authentication * (Requests_Auth|array|boolean, default: false) * - `proxy`: Proxy details to use for proxy by-passing and authentication * (Requests_Proxy|array|string|boolean, default: false) * - `max_bytes`: Limit for the response body size. * (integer|boolean, default: false) * - `idn`: Enable IDN parsing * (boolean, default: true) * - `transport`: Custom transport. Either a class name, or a * transport object. Defaults to the first working transport from * {@see getTransport()} * (string|Requests_Transport, default: {@see getTransport()}) * - `hooks`: Hooks handler. * (Requests_Hooker, default: new Requests_Hooks()) * - `verify`: Should we verify SSL certificates? Allows passing in a custom * certificate file as a string. (Using true uses the system-wide root * certificate store instead, but this may have different behaviour * across transports.) * (string|boolean, default: library/Requests/Transport/cacert.pem) * - `verifyname`: Should we verify the common name in the SSL certificate? * (boolean: default, true) * - `data_format`: How should we send the `$data` parameter? * (string, one of 'query' or 'body', default: 'query' for * HEAD/GET/DELETE, 'body' for POST/PUT/OPTIONS/PATCH) * * @throws Requests_Exception On invalid URLs (`nonhttp`) * * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array|null $data Data to send either as a query string for GET/HEAD requests, or in the body for POST requests * @param string $type HTTP request type (use Requests constants) * @param array $options Options for the request (see description for more information) * @return Requests_Response */ public static function request($url, $headers = array(), $data = array(), $type = self::GET, $options = array()) { if (empty($options['type'])) { $options['type'] = $type; } $options = array_merge(self::get_default_options(), $options); self::set_defaults($url, $headers, $data, $type, $options); $options['hooks']->dispatch('requests.before_request', array(&$url, &$headers, &$data, &$type, &$options)); if (!empty($options['transport'])) { $transport = $options['transport']; if (is_string($options['transport'])) { $transport = new $transport(); } } else { $need_ssl = (0 === stripos($url, 'https://')); $capabilities = array('ssl' => $need_ssl); $transport = self::get_transport($capabilities); } $response = $transport->request($url, $headers, $data, $options); $options['hooks']->dispatch('requests.before_parse', array(&$response, $url, $headers, $data, $type, $options)); return self::parse_response($response, $url, $headers, $data, $options); } /** * Send multiple HTTP requests simultaneously * * The `$requests` parameter takes an associative or indexed array of * request fields. The key of each request can be used to match up the * request with the returned data, or with the request passed into your * `multiple.request.complete` callback. * * The request fields value is an associative array with the following keys: * * - `url`: Request URL Same as the `$url` parameter to * {@see Requests::request} * (string, required) * - `headers`: Associative array of header fields. Same as the `$headers` * parameter to {@see Requests::request} * (array, default: `array()`) * - `data`: Associative array of data fields or a string. Same as the * `$data` parameter to {@see Requests::request} * (array|string, default: `array()`) * - `type`: HTTP request type (use Requests constants). Same as the `$type` * parameter to {@see Requests::request} * (string, default: `Requests::GET`) * - `cookies`: Associative array of cookie name to value, or cookie jar. * (array|Requests_Cookie_Jar) * * If the `$options` parameter is specified, individual requests will * inherit options from it. This can be used to use a single hooking system, * or set all the types to `Requests::POST`, for example. * * In addition, the `$options` parameter takes the following global options: * * - `complete`: A callback for when a request is complete. Takes two * parameters, a Requests_Response/Requests_Exception reference, and the * ID from the request array (Note: this can also be overridden on a * per-request basis, although that's a little silly) * (callback) * * @param array $requests Requests data (see description for more information) * @param array $options Global and default options (see {@see Requests::request}) * @return array Responses (either Requests_Response or a Requests_Exception object) */ public static function request_multiple($requests, $options = array()) { $options = array_merge(self::get_default_options(true), $options); if (!empty($options['hooks'])) { $options['hooks']->register('transport.internal.parse_response', array('Requests', 'parse_multiple')); if (!empty($options['complete'])) { $options['hooks']->register('multiple.request.complete', $options['complete']); } } foreach ($requests as $id => &$request) { if (!isset($request['headers'])) { $request['headers'] = array(); } if (!isset($request['data'])) { $request['data'] = array(); } if (!isset($request['type'])) { $request['type'] = self::GET; } if (!isset($request['options'])) { $request['options'] = $options; $request['options']['type'] = $request['type']; } else { if (empty($request['options']['type'])) { $request['options']['type'] = $request['type']; } $request['options'] = array_merge($options, $request['options']); } self::set_defaults($request['url'], $request['headers'], $request['data'], $request['type'], $request['options']); // Ensure we only hook in once if ($request['options']['hooks'] !== $options['hooks']) { $request['options']['hooks']->register('transport.internal.parse_response', array('Requests', 'parse_multiple')); if (!empty($request['options']['complete'])) { $request['options']['hooks']->register('multiple.request.complete', $request['options']['complete']); } } } unset($request); if (!empty($options['transport'])) { $transport = $options['transport']; if (is_string($options['transport'])) { $transport = new $transport(); } } else { $transport = self::get_transport(); } $responses = $transport->request_multiple($requests, $options); foreach ($responses as $id => &$response) { // If our hook got messed with somehow, ensure we end up with the // correct response if (is_string($response)) { $request = $requests[$id]; self::parse_multiple($response, $request); $request['options']['hooks']->dispatch('multiple.request.complete', array(&$response, $id)); } } return $responses; } /** * Get the default options * * @see Requests::request() for values returned by this method * @param boolean $multirequest Is this a multirequest? * @return array Default option values */ protected static function get_default_options($multirequest = false) { $defaults = array( 'timeout' => 10, 'connect_timeout' => 10, 'useragent' => 'php-requests/' . self::VERSION, 'protocol_version' => 1.1, 'redirected' => 0, 'redirects' => 10, 'follow_redirects' => true, 'blocking' => true, 'type' => self::GET, 'filename' => false, 'auth' => false, 'proxy' => false, 'cookies' => false, 'max_bytes' => false, 'idn' => true, 'hooks' => null, 'transport' => null, 'verify' => Requests::get_certificate_path(), 'verifyname' => true, ); if ($multirequest !== false) { $defaults['complete'] = null; } return $defaults; } /** * Get default certificate path. * * @return string Default certificate path. */ public static function get_certificate_path() { if ( ! empty( Requests::$certificate_path ) ) { return Requests::$certificate_path; } return dirname(__FILE__) . '/Requests/Transport/cacert.pem'; } /** * Set default certificate path. * * @param string $path Certificate path, pointing to a PEM file. */ public static function set_certificate_path( $path ) { Requests::$certificate_path = $path; } /** * Set the default values * * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array|null $data Data to send either as a query string for GET/HEAD requests, or in the body for POST requests * @param string $type HTTP request type * @param array $options Options for the request * @return array $options */ protected static function set_defaults(&$url, &$headers, &$data, &$type, &$options) { if (!preg_match('/^http(s)?:\/\//i', $url, $matches)) { throw new Requests_Exception('Only HTTP(S) requests are handled.', 'nonhttp', $url); } if (empty($options['hooks'])) { $options['hooks'] = new Requests_Hooks(); } if (is_array($options['auth'])) { $options['auth'] = new Requests_Auth_Basic($options['auth']); } if ($options['auth'] !== false) { $options['auth']->register($options['hooks']); } if (is_string($options['proxy']) || is_array($options['proxy'])) { $options['proxy'] = new Requests_Proxy_HTTP($options['proxy']); } if ($options['proxy'] !== false) { $options['proxy']->register($options['hooks']); } if (is_array($options['cookies'])) { $options['cookies'] = new Requests_Cookie_Jar($options['cookies']); } elseif (empty($options['cookies'])) { $options['cookies'] = new Requests_Cookie_Jar(); } if ($options['cookies'] !== false) { $options['cookies']->register($options['hooks']); } if ($options['idn'] !== false) { $iri = new Requests_IRI($url); $iri->host = Requests_IDNAEncoder::encode($iri->ihost); $url = $iri->uri; } // Massage the type to ensure we support it. $type = strtoupper($type); if (!isset($options['data_format'])) { if (in_array($type, array(self::HEAD, self::GET, self::DELETE))) { $options['data_format'] = 'query'; } else { $options['data_format'] = 'body'; } } } /** * HTTP response parser * * @throws Requests_Exception On missing head/body separator (`requests.no_crlf_separator`) * @throws Requests_Exception On missing head/body separator (`noversion`) * @throws Requests_Exception On missing head/body separator (`toomanyredirects`) * * @param string $headers Full response text including headers and body * @param string $url Original request URL * @param array $req_headers Original $headers array passed to {@link request()}, in case we need to follow redirects * @param array $req_data Original $data array passed to {@link request()}, in case we need to follow redirects * @param array $options Original $options array passed to {@link request()}, in case we need to follow redirects * @return Requests_Response */ protected static function parse_response($headers, $url, $req_headers, $req_data, $options) { $return = new Requests_Response(); if (!$options['blocking']) { return $return; } $return->raw = $headers; $return->url = $url; if (!$options['filename']) { if (($pos = strpos($headers, "\r\n\r\n")) === false) { // Crap! throw new Requests_Exception('Missing header/body separator', 'requests.no_crlf_separator'); } $headers = substr($return->raw, 0, $pos); $return->body = substr($return->raw, $pos + strlen("\n\r\n\r")); } else { $return->body = ''; } // Pretend CRLF = LF for compatibility (RFC 2616, section 19.3) $headers = str_replace("\r\n", "\n", $headers); // Unfold headers (replace [CRLF] 1*( SP | HT ) with SP) as per RFC 2616 (section 2.2) $headers = preg_replace('/\n[ \t]/', ' ', $headers); $headers = explode("\n", $headers); preg_match('#^HTTP/(1\.\d)[ \t]+(\d+)#i', array_shift($headers), $matches); if (empty($matches)) { throw new Requests_Exception('Response could not be parsed', 'noversion', $headers); } $return->protocol_version = (float) $matches[1]; $return->status_code = (int) $matches[2]; if ($return->status_code >= 200 && $return->status_code < 300) { $return->success = true; } foreach ($headers as $header) { list($key, $value) = explode(':', $header, 2); $value = trim($value); preg_replace('#(\s+)#i', ' ', $value); $return->headers[$key] = $value; } if (isset($return->headers['transfer-encoding'])) { $return->body = self::decode_chunked($return->body); unset($return->headers['transfer-encoding']); } if (isset($return->headers['content-encoding'])) { $return->body = self::decompress($return->body); } //fsockopen and cURL compatibility if (isset($return->headers['connection'])) { unset($return->headers['connection']); } $options['hooks']->dispatch('requests.before_redirect_check', array(&$return, $req_headers, $req_data, $options)); if ($return->is_redirect() && $options['follow_redirects'] === true) { if (isset($return->headers['location']) && $options['redirected'] < $options['redirects']) { if ($return->status_code === 303) { $options['type'] = self::GET; } $options['redirected']++; $location = $return->headers['location']; if (strpos($location, 'http://') !== 0 && strpos($location, 'https://') !== 0) { // relative redirect, for compatibility make it absolute $location = Requests_IRI::absolutize($url, $location); $location = $location->uri; } $hook_args = array( &$location, &$req_headers, &$req_data, &$options, $return ); $options['hooks']->dispatch('requests.before_redirect', $hook_args); $redirected = self::request($location, $req_headers, $req_data, $options['type'], $options); $redirected->history[] = $return; return $redirected; } elseif ($options['redirected'] >= $options['redirects']) { throw new Requests_Exception('Too many redirects', 'toomanyredirects', $return); } } $return->redirects = $options['redirected']; $options['hooks']->dispatch('requests.after_request', array(&$return, $req_headers, $req_data, $options)); return $return; } /** * Callback for `transport.internal.parse_response` * * Internal use only. Converts a raw HTTP response to a Requests_Response * while still executing a multiple request. * * @param string $response Full response text including headers and body (will be overwritten with Response instance) * @param array $request Request data as passed into {@see Requests::request_multiple()} * @return null `$response` is either set to a Requests_Response instance, or a Requests_Exception object */ public static function parse_multiple(&$response, $request) { try { $url = $request['url']; $headers = $request['headers']; $data = $request['data']; $options = $request['options']; $response = self::parse_response($response, $url, $headers, $data, $options); } catch (Requests_Exception $e) { $response = $e; } } /** * Decoded a chunked body as per RFC 2616 * * @see https://tools.ietf.org/html/rfc2616#section-3.6.1 * @param string $data Chunked body * @return string Decoded body */ protected static function decode_chunked($data) { if (!preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', trim($data))) { return $data; } $decoded = ''; $encoded = $data; while (true) { $is_chunked = (bool) preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', $encoded, $matches); if (!$is_chunked) { // Looks like it's not chunked after all return $data; } $length = hexdec(trim($matches[1])); if ($length === 0) { // Ignore trailer headers return $decoded; } $chunk_length = strlen($matches[0]); $decoded .= substr($encoded, $chunk_length, $length); $encoded = substr($encoded, $chunk_length + $length + 2); if (trim($encoded) === '0' || empty($encoded)) { return $decoded; } } // We'll never actually get down here // @codeCoverageIgnoreStart } // @codeCoverageIgnoreEnd /** * Convert a key => value array to a 'key: value' array for headers * * @param array $array Dictionary of header values * @return array List of headers */ public static function flatten($array) { $return = array(); foreach ($array as $key => $value) { $return[] = sprintf('%s: %s', $key, $value); } return $return; } /** * Convert a key => value array to a 'key: value' array for headers * * @codeCoverageIgnore * @deprecated Misspelling of {@see Requests::flatten} * @param array $array Dictionary of header values * @return array List of headers */ public static function flattern($array) { return self::flatten($array); } /** * Decompress an encoded body * * Implements gzip, compress and deflate. Guesses which it is by attempting * to decode. * * @param string $data Compressed data in one of the above formats * @return string Decompressed string */ public static function decompress($data) { if (substr($data, 0, 2) !== "\x1f\x8b" && substr($data, 0, 2) !== "\x78\x9c") { // Not actually compressed. Probably cURL ruining this for us. return $data; } if (function_exists('gzdecode') && ($decoded = @gzdecode($data)) !== false) { return $decoded; } elseif (function_exists('gzinflate') && ($decoded = @gzinflate($data)) !== false) { return $decoded; } elseif (($decoded = self::compatible_gzinflate($data)) !== false) { return $decoded; } elseif (function_exists('gzuncompress') && ($decoded = @gzuncompress($data)) !== false) { return $decoded; } return $data; } /** * Decompression of deflated string while staying compatible with the majority of servers. * * Certain Servers will return deflated data with headers which PHP's gzinflate() * function cannot handle out of the box. The following function has been created from * various snippets on the gzinflate() PHP documentation. * * Warning: Magic numbers within. Due to the potential different formats that the compressed * data may be returned in, some "magic offsets" are needed to ensure proper decompression * takes place. For a simple progmatic way to determine the magic offset in use, see: * https://core.trac.wordpress.org/ticket/18273 * * @since 2.8.1 * @link https://core.trac.wordpress.org/ticket/18273 * @link https://secure.php.net/manual/en/function.gzinflate.php#70875 * @link https://secure.php.net/manual/en/function.gzinflate.php#77336 * * @param string $gzData String to decompress. * @return string|bool False on failure. */ public static function compatible_gzinflate($gzData) { // Compressed data might contain a full zlib header, if so strip it for // gzinflate() if (substr($gzData, 0, 3) == "\x1f\x8b\x08") { $i = 10; $flg = ord(substr($gzData, 3, 1)); if ($flg > 0) { if ($flg & 4) { list($xlen) = unpack('v', substr($gzData, $i, 2)); $i = $i + 2 + $xlen; } if ($flg & 8) { $i = strpos($gzData, "\0", $i) + 1; } if ($flg & 16) { $i = strpos($gzData, "\0", $i) + 1; } if ($flg & 2) { $i = $i + 2; } } $decompressed = self::compatible_gzinflate(substr($gzData, $i)); if (false !== $decompressed) { return $decompressed; } } // If the data is Huffman Encoded, we must first strip the leading 2 // byte Huffman marker for gzinflate() // The response is Huffman coded by many compressors such as // java.util.zip.Deflater, Ruby’s Zlib::Deflate, and .NET's // System.IO.Compression.DeflateStream. // // See https://decompres.blogspot.com/ for a quick explanation of this // data type $huffman_encoded = false; // low nibble of first byte should be 0x08 list(, $first_nibble) = unpack('h', $gzData); // First 2 bytes should be divisible by 0x1F list(, $first_two_bytes) = unpack('n', $gzData); if (0x08 == $first_nibble && 0 == ($first_two_bytes % 0x1F)) { $huffman_encoded = true; } if ($huffman_encoded) { if (false !== ($decompressed = @gzinflate(substr($gzData, 2)))) { return $decompressed; } } if ("\x50\x4b\x03\x04" == substr($gzData, 0, 4)) { // ZIP file format header // Offset 6: 2 bytes, General-purpose field // Offset 26: 2 bytes, filename length // Offset 28: 2 bytes, optional field length // Offset 30: Filename field, followed by optional field, followed // immediately by data list(, $general_purpose_flag) = unpack('v', substr($gzData, 6, 2)); // If the file has been compressed on the fly, 0x08 bit is set of // the general purpose field. We can use this to differentiate // between a compressed document, and a ZIP file $zip_compressed_on_the_fly = (0x08 == (0x08 & $general_purpose_flag)); if (!$zip_compressed_on_the_fly) { // Don't attempt to decode a compressed zip file return $gzData; } // Determine the first byte of data, based on the above ZIP header // offsets: $first_file_start = array_sum(unpack('v2', substr($gzData, 26, 4))); if (false !== ($decompressed = @gzinflate(substr($gzData, 30 + $first_file_start)))) { return $decompressed; } return false; } // Finally fall back to straight gzinflate if (false !== ($decompressed = @gzinflate($gzData))) { return $decompressed; } // Fallback for all above failing, not expected, but included for // debugging and preventing regressions and to track stats if (false !== ($decompressed = @gzinflate(substr($gzData, 2)))) { return $decompressed; } return false; } public static function match_domain($host, $reference) { // Check for a direct match if ($host === $reference) { return true; } // Calculate the valid wildcard match if the host is not an IP address // Also validates that the host has 3 parts or more, as per Firefox's // ruleset. $parts = explode('.', $host); if (ip2long($host) === false && count($parts) >= 3) { $parts[0] = '*'; $wildcard = implode('.', $parts); if ($wildcard === $reference) { return true; } } return false; } }
Fatal error: Class 'Requests' not found in /home/delegand/public_html/fotografiaemocional.com/wp-includes/class-http.php on line 13