2010-01-15 23:03:41 +01:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* These functions are needed to load WordPress.
|
|
|
|
*
|
|
|
|
* @package WordPress
|
|
|
|
*/
|
|
|
|
|
2015-10-07 04:35:26 +02:00
|
|
|
/**
|
|
|
|
* Return the HTTP protocol sent by the server.
|
|
|
|
*
|
|
|
|
* @since 4.4.0
|
|
|
|
*
|
|
|
|
* @return string The HTTP protocol. Default: HTTP/1.0.
|
|
|
|
*/
|
|
|
|
function wp_get_server_protocol() {
|
2019-05-24 03:47:51 +02:00
|
|
|
$protocol = isset( $_SERVER['SERVER_PROTOCOL'] ) ? $_SERVER['SERVER_PROTOCOL'] : '';
|
2020-04-05 05:02:11 +02:00
|
|
|
if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0' ), true ) ) {
|
2015-10-07 04:35:26 +02:00
|
|
|
$protocol = 'HTTP/1.0';
|
|
|
|
}
|
|
|
|
return $protocol;
|
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Fix `$_SERVER` variables for various setups.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
|
|
|
* @global string $PHP_SELF The filename of the currently executing script,
|
|
|
|
* relative to the document root.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_fix_server_vars() {
|
|
|
|
global $PHP_SELF;
|
2010-03-26 20:36:49 +01:00
|
|
|
|
2010-03-25 16:33:35 +01:00
|
|
|
$default_server_values = array(
|
|
|
|
'SERVER_SOFTWARE' => '',
|
2017-12-01 00:11:00 +01:00
|
|
|
'REQUEST_URI' => '',
|
2010-03-25 16:33:35 +01:00
|
|
|
);
|
|
|
|
|
|
|
|
$_SERVER = array_merge( $default_server_values, $_SERVER );
|
2010-03-26 20:36:49 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Fix for IIS when running with PHP ISAPI.
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( empty( $_SERVER['REQUEST_URI'] ) || ( 'cgi-fcgi' !== PHP_SAPI && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
if ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) {
|
2020-01-29 01:45:18 +01:00
|
|
|
// IIS Mod-Rewrite.
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_ORIGINAL_URL'];
|
2019-01-11 07:40:50 +01:00
|
|
|
} elseif ( isset( $_SERVER['HTTP_X_REWRITE_URL'] ) ) {
|
2020-01-29 01:45:18 +01:00
|
|
|
// IIS Isapi_Rewrite.
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
|
2010-03-06 06:57:24 +01:00
|
|
|
} else {
|
2020-01-29 01:45:18 +01:00
|
|
|
// Use ORIG_PATH_INFO if there is no PATH_INFO.
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! isset( $_SERVER['PATH_INFO'] ) && isset( $_SERVER['ORIG_PATH_INFO'] ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Some IIS + PHP configurations put the script-name in the path-info (no need to append it twice).
|
2010-01-19 18:27:03 +01:00
|
|
|
if ( isset( $_SERVER['PATH_INFO'] ) ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO'];
|
2017-12-01 00:11:00 +01:00
|
|
|
} else {
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Append the query string if it exists and isn't null.
|
2010-03-19 22:29:21 +01:00
|
|
|
if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in php.cgi for all requests.
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $_SERVER['SCRIPT_FILENAME'] ) && ( strpos( $_SERVER['SCRIPT_FILENAME'], 'php.cgi' ) == strlen( $_SERVER['SCRIPT_FILENAME'] ) - 7 ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
$_SERVER['SCRIPT_FILENAME'] = $_SERVER['PATH_TRANSLATED'];
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Fix for Dreamhost and other PHP as CGI hosts.
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( strpos( $_SERVER['SCRIPT_NAME'], 'php.cgi' ) !== false ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
unset( $_SERVER['PATH_INFO'] );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Fix empty PHP_SELF.
|
2010-01-15 23:03:41 +01:00
|
|
|
$PHP_SELF = $_SERVER['PHP_SELF'];
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( empty( $PHP_SELF ) ) {
|
2019-07-03 01:42:58 +02:00
|
|
|
$_SERVER['PHP_SELF'] = preg_replace( '/(\?.*)?$/', '', $_SERVER['REQUEST_URI'] );
|
|
|
|
$PHP_SELF = $_SERVER['PHP_SELF'];
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.
Built from https://develop.svn.wordpress.org/trunk@49109
git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-09 00:14:06 +02:00
|
|
|
|
|
|
|
wp_populate_basic_auth_from_authorization_header();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Populates the Basic Auth server details from the Authorization header.
|
|
|
|
*
|
|
|
|
* Some servers running in CGI or FastCGI mode don't pass the Authorization
|
|
|
|
* header on to WordPress. If it's been rewritten to the `HTTP_AUTHORIZATION` header,
|
|
|
|
* fill in the proper $_SERVER variables instead.
|
|
|
|
*
|
|
|
|
* @since 5.6.0
|
|
|
|
*/
|
|
|
|
function wp_populate_basic_auth_from_authorization_header() {
|
|
|
|
// If we don't have anything to pull from, return early.
|
|
|
|
if ( ! isset( $_SERVER['HTTP_AUTHORIZATION'] ) && ! isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// If either PHP_AUTH key is already set, do nothing.
|
|
|
|
if ( isset( $_SERVER['PHP_AUTH_USER'] ) || isset( $_SERVER['PHP_AUTH_PW'] ) ) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// From our prior conditional, one of these must be set.
|
|
|
|
$header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
|
|
|
|
|
|
|
|
// Test to make sure the pattern matches expected.
|
|
|
|
if ( ! preg_match( '%^Basic [a-z\d/+]*={0,2}$%i', $header ) ) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Removing `Basic ` the token would start six characters in.
|
|
|
|
$token = substr( $header, 6 );
|
|
|
|
$userpass = base64_decode( $token );
|
|
|
|
|
|
|
|
list( $user, $pass ) = explode( ':', $userpass );
|
|
|
|
|
|
|
|
// Now shove them in the proper keys where we're expecting later on.
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $user;
|
|
|
|
$_SERVER['PHP_AUTH_PW'] = $pass;
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Check for the required PHP version, and the MySQL extension or
|
|
|
|
* a database drop-in.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* Dies if requirements are not met.
|
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
|
|
|
* @global string $required_php_version The required PHP version string.
|
|
|
|
* @global string $wp_version The WordPress version string.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_check_php_mysql_versions() {
|
|
|
|
global $required_php_version, $wp_version;
|
|
|
|
$php_version = phpversion();
|
2014-06-04 06:12:17 +02:00
|
|
|
|
2012-01-26 21:34:27 +01:00
|
|
|
if ( version_compare( $required_php_version, $php_version, '>' ) ) {
|
2015-10-07 04:35:26 +02:00
|
|
|
$protocol = wp_get_server_protocol();
|
2015-09-23 23:57:26 +02:00
|
|
|
header( sprintf( '%s 500 Internal Server Error', $protocol ), true, 500 );
|
2014-03-15 07:17:14 +01:00
|
|
|
header( 'Content-Type: text/html; charset=utf-8' );
|
2019-09-19 14:02:58 +02:00
|
|
|
printf( 'Your server is running PHP version %1$s but WordPress %2$s requires at least %3$s.', $php_version, $wp_version, $required_php_version );
|
2019-05-17 14:34:52 +02:00
|
|
|
exit( 1 );
|
2012-01-26 21:34:27 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2020-10-15 23:16:10 +02:00
|
|
|
if ( ! extension_loaded( 'mysql' ) && ! extension_loaded( 'mysqli' ) && ! extension_loaded( 'mysqlnd' )
|
|
|
|
// This runs before default constants are defined, so we can't assume WP_CONTENT_DIR is set yet.
|
|
|
|
&& ( defined( 'WP_CONTENT_DIR' ) && ! file_exists( WP_CONTENT_DIR . '/db.php' )
|
|
|
|
|| ! file_exists( ABSPATH . 'wp-content/db.php' ) )
|
|
|
|
) {
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . WPINC . '/functions.php';
|
2012-01-26 21:34:27 +01:00
|
|
|
wp_load_translations_early();
|
2019-05-17 14:34:52 +02:00
|
|
|
$args = array(
|
|
|
|
'exit' => false,
|
|
|
|
'code' => 'mysql_not_found',
|
|
|
|
);
|
|
|
|
wp_die(
|
|
|
|
__( 'Your PHP installation appears to be missing the MySQL extension which is required by WordPress.' ),
|
2019-08-08 14:54:56 +02:00
|
|
|
__( 'Requirements Not Met' ),
|
2019-05-17 14:34:52 +02:00
|
|
|
$args
|
|
|
|
);
|
|
|
|
exit( 1 );
|
2012-01-26 21:34:27 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
/**
|
|
|
|
* Retrieves the current environment type.
|
|
|
|
*
|
|
|
|
* The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable,
|
2020-07-28 14:10:05 +02:00
|
|
|
* or a constant of the same name.
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
*
|
2020-09-04 22:41:07 +02:00
|
|
|
* Possible values are 'local', 'development', 'staging', and 'production'.
|
Bootstrap/Load: Add `local` environment type to `wp_get_environment_type()`.
This gives developers a better control over their existing development workflow and ensures that `local` is not the exact same as `development` if it does not need to be.
Props claytoncollie, johnbillion, jeremyfelt, kreppar, dushakov, TimothyBlynJacobs, Ipstenu, khag7, knutsp, Clorith, markjaquith, joostdevalk, SergeyBiryukov.
Fixes #51064.
Built from https://develop.svn.wordpress.org/trunk@48856
git-svn-id: http://core.svn.wordpress.org/trunk@48618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-25 00:32:05 +02:00
|
|
|
* If not set, the type defaults to 'production'.
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
*
|
|
|
|
* @since 5.5.0
|
Bootstrap/Load: Remove the ability to alter the list of environment types in `wp_get_environment_type()`.
The intention of `wp_get_environment_type()` is to provide a consistent means of identifying the environment type, not of identifying a specific environment.
Actual environments should fit within one of the existing types: `local`, `development`, `staging`, or `production`. That should cover the types that plugins and themes might be concerned about when toggling functionality.
Props johnbillion, joostdevalk, TimothyBlynJacobs, jeremyfelt, batmoo, claytoncollie, Clorith, markjaquith, garrett-eclipse, GaryJ, elrae.
Fixes #50992.
Built from https://develop.svn.wordpress.org/trunk@48894
git-svn-id: http://core.svn.wordpress.org/trunk@48656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-27 23:32:08 +02:00
|
|
|
* @since 5.5.1 Added the 'local' type.
|
|
|
|
* @since 5.5.1 Removed the ability to alter the list of types.
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
*
|
|
|
|
* @return string The current environment type.
|
|
|
|
*/
|
|
|
|
function wp_get_environment_type() {
|
2020-06-27 12:36:06 +02:00
|
|
|
static $current_env = '';
|
|
|
|
|
|
|
|
if ( $current_env ) {
|
|
|
|
return $current_env;
|
|
|
|
}
|
|
|
|
|
|
|
|
$wp_environments = array(
|
Bootstrap/Load: Add `local` environment type to `wp_get_environment_type()`.
This gives developers a better control over their existing development workflow and ensures that `local` is not the exact same as `development` if it does not need to be.
Props claytoncollie, johnbillion, jeremyfelt, kreppar, dushakov, TimothyBlynJacobs, Ipstenu, khag7, knutsp, Clorith, markjaquith, joostdevalk, SergeyBiryukov.
Fixes #51064.
Built from https://develop.svn.wordpress.org/trunk@48856
git-svn-id: http://core.svn.wordpress.org/trunk@48618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-25 00:32:05 +02:00
|
|
|
'local',
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
'development',
|
2020-06-27 12:36:06 +02:00
|
|
|
'staging',
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
'production',
|
|
|
|
);
|
|
|
|
|
Bootstrap/Load: Remove the ability to alter the list of environment types in `wp_get_environment_type()`.
The intention of `wp_get_environment_type()` is to provide a consistent means of identifying the environment type, not of identifying a specific environment.
Actual environments should fit within one of the existing types: `local`, `development`, `staging`, or `production`. That should cover the types that plugins and themes might be concerned about when toggling functionality.
Props johnbillion, joostdevalk, TimothyBlynJacobs, jeremyfelt, batmoo, claytoncollie, Clorith, markjaquith, garrett-eclipse, GaryJ, elrae.
Fixes #50992.
Built from https://develop.svn.wordpress.org/trunk@48894
git-svn-id: http://core.svn.wordpress.org/trunk@48656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-27 23:32:08 +02:00
|
|
|
// Add a note about the deprecated WP_ENVIRONMENT_TYPES constant.
|
|
|
|
if ( defined( 'WP_ENVIRONMENT_TYPES' ) && function_exists( '_deprecated_argument' ) ) {
|
2020-08-27 23:39:05 +02:00
|
|
|
if ( function_exists( '__' ) ) {
|
|
|
|
/* translators: %s: WP_ENVIRONMENT_TYPES */
|
|
|
|
$message = sprintf( __( 'The %s constant is no longer supported.' ), 'WP_ENVIRONMENT_TYPES' );
|
|
|
|
} else {
|
|
|
|
$message = sprintf( 'The %s constant is no longer supported.', 'WP_ENVIRONMENT_TYPES' );
|
|
|
|
}
|
|
|
|
|
Bootstrap/Load: Remove the ability to alter the list of environment types in `wp_get_environment_type()`.
The intention of `wp_get_environment_type()` is to provide a consistent means of identifying the environment type, not of identifying a specific environment.
Actual environments should fit within one of the existing types: `local`, `development`, `staging`, or `production`. That should cover the types that plugins and themes might be concerned about when toggling functionality.
Props johnbillion, joostdevalk, TimothyBlynJacobs, jeremyfelt, batmoo, claytoncollie, Clorith, markjaquith, garrett-eclipse, GaryJ, elrae.
Fixes #50992.
Built from https://develop.svn.wordpress.org/trunk@48894
git-svn-id: http://core.svn.wordpress.org/trunk@48656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-27 23:32:08 +02:00
|
|
|
_deprecated_argument(
|
|
|
|
'define()',
|
|
|
|
'5.5.1',
|
2020-08-27 23:39:05 +02:00
|
|
|
$message
|
Bootstrap/Load: Remove the ability to alter the list of environment types in `wp_get_environment_type()`.
The intention of `wp_get_environment_type()` is to provide a consistent means of identifying the environment type, not of identifying a specific environment.
Actual environments should fit within one of the existing types: `local`, `development`, `staging`, or `production`. That should cover the types that plugins and themes might be concerned about when toggling functionality.
Props johnbillion, joostdevalk, TimothyBlynJacobs, jeremyfelt, batmoo, claytoncollie, Clorith, markjaquith, garrett-eclipse, GaryJ, elrae.
Fixes #50992.
Built from https://develop.svn.wordpress.org/trunk@48894
git-svn-id: http://core.svn.wordpress.org/trunk@48656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-27 23:32:08 +02:00
|
|
|
);
|
2020-06-27 12:36:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Check if the environment variable has been set, if `getenv` is available on the system.
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
if ( function_exists( 'getenv' ) ) {
|
|
|
|
$has_env = getenv( 'WP_ENVIRONMENT_TYPE' );
|
|
|
|
if ( false !== $has_env ) {
|
|
|
|
$current_env = $has_env;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Fetch the environment from a constant, this overrides the global system variable.
|
|
|
|
if ( defined( 'WP_ENVIRONMENT_TYPE' ) ) {
|
|
|
|
$current_env = WP_ENVIRONMENT_TYPE;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Make sure the environment is an allowed one, and not accidentally set to an invalid value.
|
2020-06-27 12:36:06 +02:00
|
|
|
if ( ! in_array( $current_env, $wp_environments, true ) ) {
|
Bootstrap/Load: Introduce `wp_get_environment_type()` to retrieve the current environment type.
The type can be set via the `WP_ENVIRONMENT_TYPE` global system variable, a constant of the same name, or the `wp_get_environment_type` filter.
Possible values include `development`, `stage`, `production'. If not set, the type defaults to `production`.
Props Clorith, krogsgard, joostdevalk, frank-klein, Maelacuna, nathanrice, grierson, jchristopher, davidvee, jackfungi, johnbillion, tabrisrp, knutsp, ev3rywh3re, Rastaban, danielbachhuber, pfefferle, audrasjb, SergeyBiryukov.
Fixes #33161.
Built from https://develop.svn.wordpress.org/trunk@47919
git-svn-id: http://core.svn.wordpress.org/trunk@47693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-06 13:07:12 +02:00
|
|
|
$current_env = 'production';
|
|
|
|
}
|
|
|
|
|
|
|
|
return $current_env;
|
|
|
|
}
|
|
|
|
|
2010-02-19 00:41:50 +01:00
|
|
|
/**
|
|
|
|
* Don't load all of WordPress when handling a favicon.ico request.
|
2014-06-04 06:12:17 +02:00
|
|
|
*
|
2010-02-19 00:41:50 +01:00
|
|
|
* Instead, send the headers for a zero-length favicon and bail.
|
|
|
|
*
|
|
|
|
* @since 3.0.0
|
Bootstrap/Load: Make handling the `/favicon.ico` requests more flexible.
Previously, `wp_favicon_request()` was introduced in [13205] to avoid a performance hit of serving a full 404 page on every favicon request.
While working as intended, that implementation did not provide a way for theme or plugin authors to manage the behavior of favicon requests.
This changeset implements the following logic (only applied if WordPress is installed in the root directory):
* If there is a Site Icon set in Customizer, redirect `/favicon.ico` requests to that icon.
* Otherwise, use the WordPress logo as a default icon.
* If a physical `/favicon.ico` file exists, do nothing, let the server handle the request.
Handling `/favicon.ico` is now more consistent with handling `/robots.txt` requests.
New functions and hooks:
* Introduce `is_favicon()` conditional tag to complement `is_robots()`.
* Introduce `do_favicon` action to complement `do_robots` and use it in template loader.
* Introduce `do_favicon()` function, hooked to the above action by default, to complement `do_robots()`.
* Introduce `do_faviconico` action to complement `do_robotstxt`, for plugins to override the default behavior.
* Mark `wp_favicon_request()` as deprecated in favor of `do_favicon()`.
Props jonoaldersonwp, birgire, joostdevalk, mukesh27, SergeyBiryukov.
Fixes #47398.
Built from https://develop.svn.wordpress.org/trunk@47018
git-svn-id: http://core.svn.wordpress.org/trunk@46818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-28 22:20:04 +01:00
|
|
|
* @deprecated 5.4.0 Deprecated in favor of do_favicon().
|
2010-02-19 00:41:50 +01:00
|
|
|
*/
|
|
|
|
function wp_favicon_request() {
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( '/favicon.ico' === $_SERVER['REQUEST_URI'] ) {
|
2017-12-01 00:11:00 +01:00
|
|
|
header( 'Content-Type: image/vnd.microsoft.icon' );
|
2010-03-06 06:57:24 +01:00
|
|
|
exit;
|
|
|
|
}
|
2010-02-19 00:41:50 +01:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Die with a maintenance message when conditions are met.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* The default message can be replaced by using a drop-in (maintenance.php in
|
|
|
|
* the wp-content directory).
|
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_maintenance() {
|
2020-04-25 22:19:07 +02:00
|
|
|
// Return if maintenance mode is disabled.
|
2020-05-31 21:54:24 +02:00
|
|
|
if ( ! wp_is_maintenance_mode() ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
return;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2020-04-25 22:19:07 +02:00
|
|
|
if ( file_exists( WP_CONTENT_DIR . '/maintenance.php' ) ) {
|
|
|
|
require_once WP_CONTENT_DIR . '/maintenance.php';
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
|
|
|
require_once ABSPATH . WPINC . '/functions.php';
|
|
|
|
wp_load_translations_early();
|
|
|
|
|
|
|
|
header( 'Retry-After: 600' );
|
|
|
|
|
|
|
|
wp_die(
|
|
|
|
__( 'Briefly unavailable for scheduled maintenance. Check back in a minute.' ),
|
|
|
|
__( 'Maintenance' ),
|
|
|
|
503
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if maintenance mode is enabled.
|
|
|
|
*
|
|
|
|
* Checks for a file in the WordPress root directory named ".maintenance".
|
|
|
|
* This file will contain the variable $upgrading, set to the time the file
|
|
|
|
* was created. If the file was created less than 10 minutes ago, WordPress
|
|
|
|
* is in maintenance mode.
|
|
|
|
*
|
|
|
|
* @since 5.5.0
|
|
|
|
*
|
|
|
|
* @global int $upgrading The Unix timestamp marking when upgrading WordPress began.
|
|
|
|
*
|
|
|
|
* @return bool True if maintenance mode is enabled, false otherwise.
|
|
|
|
*/
|
2020-05-31 21:54:24 +02:00
|
|
|
function wp_is_maintenance_mode() {
|
2010-06-04 17:16:17 +02:00
|
|
|
global $upgrading;
|
|
|
|
|
2020-04-25 22:19:07 +02:00
|
|
|
if ( ! file_exists( ABSPATH . '.maintenance' ) || wp_installing() ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require ABSPATH . '.maintenance';
|
2020-04-25 22:19:07 +02:00
|
|
|
// If the $upgrading timestamp is older than 10 minutes, consider maintenance over.
|
2020-06-27 12:36:06 +02:00
|
|
|
if ( ( time() - $upgrading ) >= 10 * MINUTE_IN_SECONDS ) {
|
2020-04-25 22:19:07 +02:00
|
|
|
return false;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2016-06-12 04:43:27 +02:00
|
|
|
|
2016-06-02 20:47:27 +02:00
|
|
|
/**
|
2016-06-12 04:43:27 +02:00
|
|
|
* Filters whether to enable maintenance mode.
|
2016-06-02 20:47:27 +02:00
|
|
|
*
|
2016-06-12 04:43:27 +02:00
|
|
|
* This filter runs before it can be used by plugins. It is designed for
|
|
|
|
* non-web runtimes. If this filter returns true, maintenance mode will be
|
|
|
|
* active and the request will end. If false, the request will be allowed to
|
|
|
|
* continue processing even if maintenance mode should be active.
|
2016-06-02 20:47:27 +02:00
|
|
|
*
|
|
|
|
* @since 4.6.0
|
|
|
|
*
|
2016-06-12 04:43:27 +02:00
|
|
|
* @param bool $enable_checks Whether to enable maintenance mode. Default true.
|
|
|
|
* @param int $upgrading The timestamp set in the .maintenance file.
|
2016-06-02 20:47:27 +02:00
|
|
|
*/
|
2016-06-12 04:43:27 +02:00
|
|
|
if ( ! apply_filters( 'enable_maintenance_mode', true, $upgrading ) ) {
|
2020-04-25 22:19:07 +02:00
|
|
|
return false;
|
2010-01-19 18:27:03 +01:00
|
|
|
}
|
2019-03-27 01:03:51 +01:00
|
|
|
|
2020-04-25 22:19:07 +02:00
|
|
|
return true;
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Start the WordPress micro-timer.
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
|
|
|
* @since 0.71
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
|
|
|
* @global float $timestart Unix timestamp set at the beginning of the page load.
|
|
|
|
* @see timer_stop()
|
|
|
|
*
|
2010-01-15 23:03:41 +01:00
|
|
|
* @return bool Always returns true.
|
|
|
|
*/
|
|
|
|
function timer_start() {
|
|
|
|
global $timestart;
|
2011-12-20 22:36:53 +01:00
|
|
|
$timestart = microtime( true );
|
2010-01-15 23:03:41 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-03-01 03:42:14 +01:00
|
|
|
* Retrieve or display the time from the page start to when function is called.
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
|
|
|
* @since 0.71
|
|
|
|
*
|
2014-12-21 00:04:23 +01:00
|
|
|
* @global float $timestart Seconds from when timer_start() is called.
|
|
|
|
* @global float $timeend Seconds from when function is called.
|
2014-03-01 03:42:14 +01:00
|
|
|
*
|
2014-12-21 00:04:23 +01:00
|
|
|
* @param int|bool $display Whether to echo or return the results. Accepts 0|false for return,
|
|
|
|
* 1|true for echo. Default 0|false.
|
|
|
|
* @param int $precision The number of digits from the right of the decimal to display.
|
|
|
|
* Default 3.
|
2014-03-01 03:42:14 +01:00
|
|
|
* @return string The "second.microsecond" finished time calculation. The number is formatted
|
|
|
|
* for human consumption, both localized and rounded.
|
2010-01-15 23:03:41 +01:00
|
|
|
*/
|
2014-03-01 03:42:14 +01:00
|
|
|
function timer_stop( $display = 0, $precision = 3 ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
global $timestart, $timeend;
|
2017-12-01 00:11:00 +01:00
|
|
|
$timeend = microtime( true );
|
2010-02-26 20:09:29 +01:00
|
|
|
$timetotal = $timeend - $timestart;
|
2017-12-01 00:11:00 +01:00
|
|
|
$r = ( function_exists( 'number_format_i18n' ) ) ? number_format_i18n( $timetotal, $precision ) : number_format( $timetotal, $precision );
|
|
|
|
if ( $display ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
echo $r;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
return $r;
|
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Set PHP error reporting based on WordPress debug settings.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Uses three constants: `WP_DEBUG`, `WP_DEBUG_DISPLAY`, and `WP_DEBUG_LOG`.
|
2015-12-12 02:49:26 +01:00
|
|
|
* All three can be defined in wp-config.php. By default, `WP_DEBUG` and
|
|
|
|
* `WP_DEBUG_LOG` are set to false, and `WP_DEBUG_DISPLAY` is set to true.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* When `WP_DEBUG` is true, all PHP notices are reported. WordPress will also
|
|
|
|
* display internal notices: when a deprecated WordPress function, function
|
|
|
|
* argument, or file is used. Deprecated code may be removed from a later
|
|
|
|
* version.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* It is strongly recommended that plugin and theme developers use `WP_DEBUG`
|
|
|
|
* in their development environments.
|
2010-02-17 14:14:45 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* `WP_DEBUG_DISPLAY` and `WP_DEBUG_LOG` perform no function unless `WP_DEBUG`
|
|
|
|
* is true.
|
2010-02-17 14:14:45 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* When `WP_DEBUG_DISPLAY` is true, WordPress will force errors to be displayed.
|
|
|
|
* `WP_DEBUG_DISPLAY` defaults to true. Defining it as null prevents WordPress
|
|
|
|
* from changing the global configuration setting. Defining `WP_DEBUG_DISPLAY`
|
|
|
|
* as false will force errors to be hidden.
|
2010-02-17 14:14:45 +01:00
|
|
|
*
|
2019-01-08 04:42:48 +01:00
|
|
|
* When `WP_DEBUG_LOG` is true, errors will be logged to `wp-content/debug.log`.
|
|
|
|
* When `WP_DEBUG_LOG` is a valid path, errors will be logged to the specified file.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2016-02-18 17:43:27 +01:00
|
|
|
* Errors are never displayed for XML-RPC, REST, and Ajax requests.
|
2013-07-08 14:59:10 +02:00
|
|
|
*
|
2010-01-19 18:27:03 +01:00
|
|
|
* @since 3.0.0
|
2019-01-08 04:42:48 +01:00
|
|
|
* @since 5.1.0 `WP_DEBUG_LOG` can be a file path.
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_debug_mode() {
|
2016-06-02 20:47:27 +02:00
|
|
|
/**
|
2016-06-12 04:43:27 +02:00
|
|
|
* Filters whether to allow the debug mode check to occur.
|
2016-06-02 20:47:27 +02:00
|
|
|
*
|
2016-06-12 04:43:27 +02:00
|
|
|
* This filter runs before it can be used by plugins. It is designed for
|
|
|
|
* non-web run-times. Returning false causes the `WP_DEBUG` and related
|
2019-11-22 19:16:03 +01:00
|
|
|
* constants to not be checked and the default PHP values for errors
|
2016-06-12 04:43:27 +02:00
|
|
|
* will be used unless you take care to update them yourself.
|
2016-06-02 20:47:27 +02:00
|
|
|
*
|
2021-02-20 18:10:11 +01:00
|
|
|
* To use this filter you must define a `$wp_filter` global before
|
|
|
|
* WordPress loads, usually in `wp-config.php`.
|
|
|
|
*
|
|
|
|
* Example:
|
|
|
|
*
|
|
|
|
* $GLOBALS['wp_filter'] = array(
|
|
|
|
* 'enable_wp_debug_mode_checks' => array(
|
|
|
|
* 10 => array(
|
|
|
|
* array(
|
|
|
|
* 'accepted_args' => 0,
|
|
|
|
* 'function' => function() {
|
|
|
|
* return false;
|
|
|
|
* },
|
|
|
|
* ),
|
|
|
|
* ),
|
|
|
|
* ),
|
|
|
|
* );
|
|
|
|
*
|
2016-06-02 20:47:27 +02:00
|
|
|
* @since 4.6.0
|
|
|
|
*
|
2016-06-12 04:43:27 +02:00
|
|
|
* @param bool $enable_debug_mode Whether to enable debug mode checks to occur. Default true.
|
2016-06-02 20:47:27 +02:00
|
|
|
*/
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! apply_filters( 'enable_wp_debug_mode_checks', true ) ) {
|
2016-06-12 04:43:27 +02:00
|
|
|
return;
|
2016-06-02 20:47:27 +02:00
|
|
|
}
|
|
|
|
|
2010-01-15 23:03:41 +01:00
|
|
|
if ( WP_DEBUG ) {
|
2013-05-17 22:44:54 +02:00
|
|
|
error_reporting( E_ALL );
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( WP_DEBUG_DISPLAY ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
ini_set( 'display_errors', 1 );
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( null !== WP_DEBUG_DISPLAY ) {
|
2011-08-13 20:59:05 +02:00
|
|
|
ini_set( 'display_errors', 0 );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2019-01-08 04:42:48 +01:00
|
|
|
if ( in_array( strtolower( (string) WP_DEBUG_LOG ), array( 'true', '1' ), true ) ) {
|
|
|
|
$log_path = WP_CONTENT_DIR . '/debug.log';
|
|
|
|
} elseif ( is_string( WP_DEBUG_LOG ) ) {
|
|
|
|
$log_path = WP_DEBUG_LOG;
|
|
|
|
} else {
|
|
|
|
$log_path = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( $log_path ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
ini_set( 'log_errors', 1 );
|
2019-01-08 04:42:48 +01:00
|
|
|
ini_set( 'error_log', $log_path );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
} else {
|
2011-04-12 11:21:13 +02:00
|
|
|
error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
2016-02-18 17:43:27 +01:00
|
|
|
|
2018-12-12 04:08:23 +01:00
|
|
|
if ( defined( 'XMLRPC_REQUEST' ) || defined( 'REST_REQUEST' ) || ( defined( 'WP_INSTALLING' ) && WP_INSTALLING ) || wp_doing_ajax() || wp_is_json_request() ) {
|
2019-07-09 07:45:58 +02:00
|
|
|
ini_set( 'display_errors', 0 );
|
2016-02-16 02:36:25 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Set the location of the language directory.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* To set directory manually, define the `WP_LANG_DIR` constant
|
|
|
|
* in wp-config.php.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* If the language directory exists within `WP_CONTENT_DIR`, it
|
|
|
|
* is used. Otherwise the language directory is assumed to live
|
|
|
|
* in `WPINC`.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_set_lang_dir() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! defined( 'WP_LANG_DIR' ) ) {
|
|
|
|
if ( file_exists( WP_CONTENT_DIR . '/languages' ) && @is_dir( WP_CONTENT_DIR . '/languages' ) || ! @is_dir( ABSPATH . WPINC . '/languages' ) ) {
|
2014-06-04 06:12:17 +02:00
|
|
|
/**
|
|
|
|
* Server path of the language directory.
|
|
|
|
*
|
|
|
|
* No leading slash, no trailing slash, full path, not relative to ABSPATH
|
|
|
|
*
|
|
|
|
* @since 2.1.0
|
|
|
|
*/
|
|
|
|
define( 'WP_LANG_DIR', WP_CONTENT_DIR . '/languages' );
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! defined( 'LANGDIR' ) ) {
|
2016-05-13 20:41:31 +02:00
|
|
|
// Old static relative path maintained for limited backward compatibility - won't work in some cases.
|
2010-01-19 18:27:03 +01:00
|
|
|
define( 'LANGDIR', 'wp-content/languages' );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
} else {
|
2014-06-04 06:12:17 +02:00
|
|
|
/**
|
|
|
|
* Server path of the language directory.
|
|
|
|
*
|
|
|
|
* No leading slash, no trailing slash, full path, not relative to `ABSPATH`.
|
|
|
|
*
|
|
|
|
* @since 2.1.0
|
|
|
|
*/
|
|
|
|
define( 'WP_LANG_DIR', ABSPATH . WPINC . '/languages' );
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! defined( 'LANGDIR' ) ) {
|
2016-05-13 20:41:31 +02:00
|
|
|
// Old relative path maintained for backward compatibility.
|
2010-01-19 18:27:03 +01:00
|
|
|
define( 'LANGDIR', WPINC . '/languages' );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-09-20 21:13:47 +02:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Load the database class file and instantiate the `$wpdb` global.
|
2010-09-20 21:13:47 +02:00
|
|
|
*
|
|
|
|
* @since 2.5.0
|
2014-06-04 06:12:17 +02:00
|
|
|
*
|
2019-08-04 03:12:56 +02:00
|
|
|
* @global wpdb $wpdb WordPress database abstraction object.
|
2010-09-20 21:13:47 +02:00
|
|
|
*/
|
|
|
|
function require_wp_db() {
|
|
|
|
global $wpdb;
|
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . WPINC . '/wp-db.php';
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( file_exists( WP_CONTENT_DIR . '/db.php' ) ) {
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once WP_CONTENT_DIR . '/db.php';
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-09-20 21:13:47 +02:00
|
|
|
|
2016-08-28 00:32:37 +02:00
|
|
|
if ( isset( $wpdb ) ) {
|
2010-09-20 21:13:47 +02:00
|
|
|
return;
|
2016-08-28 00:32:37 +02:00
|
|
|
}
|
2010-09-20 21:13:47 +02:00
|
|
|
|
2018-02-11 19:47:30 +01:00
|
|
|
$dbuser = defined( 'DB_USER' ) ? DB_USER : '';
|
|
|
|
$dbpassword = defined( 'DB_PASSWORD' ) ? DB_PASSWORD : '';
|
|
|
|
$dbname = defined( 'DB_NAME' ) ? DB_NAME : '';
|
|
|
|
$dbhost = defined( 'DB_HOST' ) ? DB_HOST : '';
|
|
|
|
|
|
|
|
$wpdb = new wpdb( $dbuser, $dbpassword, $dbname, $dbhost );
|
2010-09-20 21:13:47 +02:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Set the database table prefix and the format specifiers for database
|
|
|
|
* table columns.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Columns not listed here default to `%s`.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
2019-08-04 03:12:56 +02:00
|
|
|
* @global wpdb $wpdb WordPress database abstraction object.
|
2014-06-04 06:12:17 +02:00
|
|
|
* @global string $table_prefix The database table prefix.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_set_wpdb_vars() {
|
|
|
|
global $wpdb, $table_prefix;
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! empty( $wpdb->error ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
dead_db();
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$wpdb->field_types = array(
|
|
|
|
'post_author' => '%d',
|
|
|
|
'post_parent' => '%d',
|
|
|
|
'menu_order' => '%d',
|
|
|
|
'term_id' => '%d',
|
|
|
|
'term_group' => '%d',
|
|
|
|
'term_taxonomy_id' => '%d',
|
|
|
|
'parent' => '%d',
|
|
|
|
'count' => '%d',
|
|
|
|
'object_id' => '%d',
|
|
|
|
'term_order' => '%d',
|
|
|
|
'ID' => '%d',
|
|
|
|
'comment_ID' => '%d',
|
|
|
|
'comment_post_ID' => '%d',
|
|
|
|
'comment_parent' => '%d',
|
|
|
|
'user_id' => '%d',
|
|
|
|
'link_id' => '%d',
|
|
|
|
'link_owner' => '%d',
|
|
|
|
'link_rating' => '%d',
|
|
|
|
'option_id' => '%d',
|
|
|
|
'blog_id' => '%d',
|
|
|
|
'meta_id' => '%d',
|
|
|
|
'post_id' => '%d',
|
|
|
|
'user_status' => '%d',
|
|
|
|
'umeta_id' => '%d',
|
|
|
|
'comment_karma' => '%d',
|
|
|
|
'comment_count' => '%d',
|
2020-01-29 01:45:18 +01:00
|
|
|
// Multisite:
|
2017-12-01 00:11:00 +01:00
|
|
|
'active' => '%d',
|
|
|
|
'cat_id' => '%d',
|
|
|
|
'deleted' => '%d',
|
|
|
|
'lang_id' => '%d',
|
|
|
|
'mature' => '%d',
|
|
|
|
'public' => '%d',
|
|
|
|
'site_id' => '%d',
|
|
|
|
'spam' => '%d',
|
2010-01-27 20:13:00 +01:00
|
|
|
);
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
$prefix = $wpdb->set_prefix( $table_prefix );
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2012-01-26 21:34:27 +01:00
|
|
|
if ( is_wp_error( $prefix ) ) {
|
|
|
|
wp_load_translations_early();
|
2015-11-12 19:21:24 +01:00
|
|
|
wp_die(
|
2017-12-01 00:11:00 +01:00
|
|
|
sprintf(
|
I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926
git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 19:13:59 +02:00
|
|
|
/* translators: 1: $table_prefix, 2: wp-config.php */
|
2020-06-21 16:00:09 +02:00
|
|
|
__( '<strong>Error</strong>: %1$s in %2$s can only contain numbers, letters, and underscores.' ),
|
2015-11-12 19:21:24 +01:00
|
|
|
'<code>$table_prefix</code>',
|
|
|
|
'<code>wp-config.php</code>'
|
|
|
|
)
|
|
|
|
);
|
2012-01-26 21:34:27 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2013-09-06 20:10:09 +02:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Toggle `$_wp_using_ext_object_cache` on and off without directly
|
|
|
|
* touching global.
|
2013-09-06 20:10:09 +02:00
|
|
|
*
|
|
|
|
* @since 3.7.0
|
|
|
|
*
|
2015-05-26 20:53:27 +02:00
|
|
|
* @global bool $_wp_using_ext_object_cache
|
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* @param bool $using Whether external object cache is being used.
|
|
|
|
* @return bool The current 'using' setting.
|
2013-09-06 20:10:09 +02:00
|
|
|
*/
|
|
|
|
function wp_using_ext_object_cache( $using = null ) {
|
|
|
|
global $_wp_using_ext_object_cache;
|
|
|
|
$current_using = $_wp_using_ext_object_cache;
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( null !== $using ) {
|
2013-09-06 20:10:09 +02:00
|
|
|
$_wp_using_ext_object_cache = $using;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
Revert the conversion of adjacent post queries to WP_Query. Explanation on the ticket.
Reverts [27285], [27286], [27287], [27288], [27291], [27292], [27293], [27296], [27633], [27634], [27635], and [27692].
see #26937.
Built from https://develop.svn.wordpress.org/trunk@27836
git-svn-id: http://core.svn.wordpress.org/trunk@27670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-29 07:03:15 +01:00
|
|
|
return $current_using;
|
2013-09-06 20:10:09 +02:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Start the WordPress object cache.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* If an object-cache.php file exists in the wp-content directory,
|
|
|
|
* it uses that drop-in as an external object cache.
|
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2017-07-02 00:13:41 +02:00
|
|
|
*
|
|
|
|
* @global array $wp_filter Stores all of the filters.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_start_object_cache() {
|
2016-12-12 02:29:42 +01:00
|
|
|
global $wp_filter;
|
2018-02-21 15:59:30 +01:00
|
|
|
static $first_init = true;
|
|
|
|
|
|
|
|
// Only perform the following checks once.
|
|
|
|
if ( $first_init ) {
|
|
|
|
if ( ! function_exists( 'wp_cache_init' ) ) {
|
|
|
|
/*
|
|
|
|
* This is the normal situation. First-run of this function. No
|
|
|
|
* caching backend has been loaded.
|
|
|
|
*
|
|
|
|
* We try to load a custom caching backend, and then, if it
|
|
|
|
* results in a wp_cache_init() function existing, we note
|
|
|
|
* that an external object cache is being used.
|
|
|
|
*/
|
|
|
|
if ( file_exists( WP_CONTENT_DIR . '/object-cache.php' ) ) {
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once WP_CONTENT_DIR . '/object-cache.php';
|
2018-02-21 15:59:30 +01:00
|
|
|
if ( function_exists( 'wp_cache_init' ) ) {
|
|
|
|
wp_using_ext_object_cache( true );
|
|
|
|
}
|
2016-12-12 02:29:42 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Re-initialize any hooks added manually by object-cache.php.
|
2018-02-21 15:59:30 +01:00
|
|
|
if ( $wp_filter ) {
|
|
|
|
$wp_filter = WP_Hook::build_preinitialized_hooks( $wp_filter );
|
|
|
|
}
|
2016-12-12 02:29:42 +01:00
|
|
|
}
|
2018-02-21 15:59:30 +01:00
|
|
|
} elseif ( ! wp_using_ext_object_cache() && file_exists( WP_CONTENT_DIR . '/object-cache.php' ) ) {
|
|
|
|
/*
|
|
|
|
* Sometimes advanced-cache.php can load object-cache.php before
|
|
|
|
* this function is run. This breaks the function_exists() check
|
|
|
|
* above and can result in wp_using_ext_object_cache() returning
|
|
|
|
* false when actually an external cache is in use.
|
|
|
|
*/
|
|
|
|
wp_using_ext_object_cache( true );
|
2010-01-28 18:28:44 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2016-08-31 06:55:54 +02:00
|
|
|
if ( ! wp_using_ext_object_cache() ) {
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once ABSPATH . WPINC . '/cache.php';
|
2016-08-31 06:55:54 +02:00
|
|
|
}
|
2013-09-06 20:10:09 +02:00
|
|
|
|
2020-06-10 00:42:12 +02:00
|
|
|
require_once ABSPATH . WPINC . '/cache-compat.php';
|
Cache API: Introduce `wp_cache_get_multi()`.
Many caching backend have support for multiple gets in a single request. This brings that support to core, with a compatability fallback that will loop over requests if needed.
Fixes: #20875.
Props: nacin, tollmanz, wonderboymusic, ryan, jeremyfelt, spacedmonkey, boonebgorges, dd32, rmccue, ocean90, jipmoors, johnjamesjacoby, tillkruess, donmhico, davidbaumwald, SergeyBiryukov, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@47938
git-svn-id: http://core.svn.wordpress.org/trunk@47711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-09 21:47:13 +02:00
|
|
|
|
2014-06-04 06:12:17 +02:00
|
|
|
/*
|
|
|
|
* If cache supports reset, reset instead of init if already
|
|
|
|
* initialized. Reset signals to the cache that global IDs
|
|
|
|
* have changed and it may need to update keys and cleanup caches.
|
|
|
|
*/
|
2016-08-31 06:55:54 +02:00
|
|
|
if ( ! $first_init && function_exists( 'wp_cache_switch_to_blog' ) ) {
|
|
|
|
wp_cache_switch_to_blog( get_current_blog_id() );
|
|
|
|
} elseif ( function_exists( 'wp_cache_init' ) ) {
|
2010-02-12 18:06:43 +01:00
|
|
|
wp_cache_init();
|
2016-08-31 06:55:54 +02:00
|
|
|
}
|
2010-02-12 18:06:43 +01:00
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
if ( function_exists( 'wp_cache_add_global_groups' ) ) {
|
2018-03-16 03:15:31 +01:00
|
|
|
wp_cache_add_global_groups( array( 'users', 'userlogins', 'usermeta', 'user_meta', 'useremail', 'userslugs', 'site-transient', 'site-options', 'blog-lookup', 'blog-details', 'site-details', 'rss', 'global-posts', 'blog-id-cache', 'networks', 'sites', 'blog_meta' ) );
|
2016-06-01 23:26:27 +02:00
|
|
|
wp_cache_add_non_persistent_groups( array( 'counts', 'plugins' ) );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
2018-02-21 15:59:30 +01:00
|
|
|
|
|
|
|
$first_init = false;
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Redirect to the installer if WordPress is not installed.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Dies with an error message when Multisite is enabled.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_not_installed() {
|
2010-01-15 23:25:40 +01:00
|
|
|
if ( is_multisite() ) {
|
Use `wp_installing()` instead of `WP_INSTALLING` constant.
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.
A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available. However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.
The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.
Props boonebgorges, jeremyfelt.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34828
git-svn-id: http://core.svn.wordpress.org/trunk@34793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 17:06:28 +02:00
|
|
|
if ( ! is_blog_installed() && ! wp_installing() ) {
|
2014-08-25 19:40:16 +02:00
|
|
|
nocache_headers();
|
|
|
|
|
2010-04-30 03:54:32 +02:00
|
|
|
wp_die( __( 'The site you have requested is not installed properly. Please contact the system administrator.' ) );
|
2014-08-25 19:40:16 +02:00
|
|
|
}
|
Use `wp_installing()` instead of `WP_INSTALLING` constant.
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.
A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available. However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.
The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.
Props boonebgorges, jeremyfelt.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34828
git-svn-id: http://core.svn.wordpress.org/trunk@34793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 17:06:28 +02:00
|
|
|
} elseif ( ! is_blog_installed() && ! wp_installing() ) {
|
2014-08-25 19:40:16 +02:00
|
|
|
nocache_headers();
|
|
|
|
|
2020-02-06 07:33:11 +01:00
|
|
|
require ABSPATH . WPINC . '/kses.php';
|
|
|
|
require ABSPATH . WPINC . '/pluggable.php';
|
2013-09-12 08:57:09 +02:00
|
|
|
|
|
|
|
$link = wp_guess_url() . '/wp-admin/install.php';
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
wp_redirect( $link );
|
2010-01-15 23:03:41 +01:00
|
|
|
die();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Retrieve an array of must-use plugin files.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* The default directory is wp-content/mu-plugins. To change the default
|
|
|
|
* directory manually, define `WPMU_PLUGIN_DIR` and `WPMU_PLUGIN_URL`
|
2010-01-19 18:27:03 +01:00
|
|
|
* in wp-config.php.
|
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
2019-11-05 22:23:02 +01:00
|
|
|
* @return string[] Array of absolute paths of files to include.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-02-12 08:59:11 +01:00
|
|
|
function wp_get_mu_plugins() {
|
2010-01-19 18:27:03 +01:00
|
|
|
$mu_plugins = array();
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! is_dir( WPMU_PLUGIN_DIR ) ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
return $mu_plugins;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2019-07-03 01:42:58 +02:00
|
|
|
$dh = opendir( WPMU_PLUGIN_DIR );
|
|
|
|
if ( ! $dh ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
return $mu_plugins;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-19 18:27:03 +01:00
|
|
|
while ( ( $plugin = readdir( $dh ) ) !== false ) {
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( '.php' === substr( $plugin, -4 ) ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
$mu_plugins[] = WPMU_PLUGIN_DIR . '/' . $plugin;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
2010-01-19 18:27:03 +01:00
|
|
|
closedir( $dh );
|
|
|
|
sort( $mu_plugins );
|
|
|
|
|
|
|
|
return $mu_plugins;
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Retrieve an array of active and valid plugin files.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* While upgrading or installing WordPress, no plugins are returned.
|
|
|
|
*
|
2018-03-05 22:50:31 +01:00
|
|
|
* The default directory is `wp-content/plugins`. To change the default
|
2014-06-04 06:12:17 +02:00
|
|
|
* directory manually, define `WP_PLUGIN_DIR` and `WP_PLUGIN_URL`
|
2018-03-05 22:50:31 +01:00
|
|
|
* in `wp-config.php`.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
|
|
|
*
|
2020-06-20 00:55:12 +02:00
|
|
|
* @return string[] Array of paths to plugin files relative to the plugins directory.
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-02-12 08:59:11 +01:00
|
|
|
function wp_get_active_and_valid_plugins() {
|
2017-12-01 00:11:00 +01:00
|
|
|
$plugins = array();
|
2010-02-04 19:50:36 +01:00
|
|
|
$active_plugins = (array) get_option( 'active_plugins', array() );
|
2015-11-18 21:49:26 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Check for hacks file if the option is enabled.
|
2015-11-18 21:49:26 +01:00
|
|
|
if ( get_option( 'hack_file' ) && file_exists( ABSPATH . 'my-hacks.php' ) ) {
|
2016-07-06 14:40:29 +02:00
|
|
|
_deprecated_file( 'my-hacks.php', '1.5.0' );
|
2015-11-18 21:49:26 +01:00
|
|
|
array_unshift( $plugins, ABSPATH . 'my-hacks.php' );
|
|
|
|
}
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( empty( $active_plugins ) || wp_installing() ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
return $plugins;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-02-02 22:41:17 +01:00
|
|
|
|
2010-11-24 01:19:38 +01:00
|
|
|
$network_plugins = is_multisite() ? wp_get_active_network_plugins() : false;
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
foreach ( $active_plugins as $plugin ) {
|
2020-01-29 01:45:18 +01:00
|
|
|
if ( ! validate_file( $plugin ) // $plugin must validate as file.
|
2020-05-16 20:42:12 +02:00
|
|
|
&& '.php' === substr( $plugin, -4 ) // $plugin must end with '.php'.
|
2020-01-29 01:45:18 +01:00
|
|
|
&& file_exists( WP_PLUGIN_DIR . '/' . $plugin ) // $plugin must exist.
|
|
|
|
// Not already included as a network plugin.
|
2020-04-05 05:02:11 +02:00
|
|
|
&& ( ! $network_plugins || ! in_array( WP_PLUGIN_DIR . '/' . $plugin, $network_plugins, true ) )
|
2017-12-01 00:11:00 +01:00
|
|
|
) {
|
|
|
|
$plugins[] = WP_PLUGIN_DIR . '/' . $plugin;
|
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.
Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.
The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.
Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.
Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.
Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.
Built from https://develop.svn.wordpress.org/trunk@44524
git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 21:05:49 +01:00
|
|
|
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
/*
|
|
|
|
* Remove plugins from the list of active plugins when we're on an endpoint
|
|
|
|
* that should be protected against WSODs and the plugin is paused.
|
|
|
|
*/
|
|
|
|
if ( wp_is_recovery_mode() ) {
|
|
|
|
$plugins = wp_skip_paused_plugins( $plugins );
|
|
|
|
}
|
|
|
|
|
|
|
|
return $plugins;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Filters a given list of plugins, removing any paused plugins from it.
|
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2019-10-26 23:09:04 +02:00
|
|
|
* @param string[] $plugins Array of absolute plugin main file paths.
|
|
|
|
* @return string[] Filtered array of plugins, without any paused plugins.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*/
|
|
|
|
function wp_skip_paused_plugins( array $plugins ) {
|
|
|
|
$paused_plugins = wp_paused_plugins()->get_all();
|
|
|
|
|
|
|
|
if ( empty( $paused_plugins ) ) {
|
|
|
|
return $plugins;
|
|
|
|
}
|
|
|
|
|
|
|
|
foreach ( $plugins as $index => $plugin ) {
|
|
|
|
list( $plugin ) = explode( '/', plugin_basename( $plugin ) );
|
|
|
|
|
|
|
|
if ( array_key_exists( $plugin, $paused_plugins ) ) {
|
|
|
|
unset( $plugins[ $index ] );
|
|
|
|
|
|
|
|
// Store list of paused plugins for displaying an admin notice.
|
|
|
|
$GLOBALS['_paused_plugins'][ $plugin ] = $paused_plugins[ $plugin ];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.
Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.
The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.
Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.
Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.
Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.
Built from https://develop.svn.wordpress.org/trunk@44524
git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 21:05:49 +01:00
|
|
|
return $plugins;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Retrieves an array of active and valid themes.
|
|
|
|
*
|
|
|
|
* While upgrading or installing WordPress, no themes are returned.
|
|
|
|
*
|
|
|
|
* @since 5.1.0
|
|
|
|
* @access private
|
|
|
|
*
|
2019-11-05 22:23:02 +01:00
|
|
|
* @return string[] Array of absolute paths to theme directories.
|
Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.
Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.
The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.
Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.
Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.
Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.
Built from https://develop.svn.wordpress.org/trunk@44524
git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 21:05:49 +01:00
|
|
|
*/
|
|
|
|
function wp_get_active_and_valid_themes() {
|
|
|
|
global $pagenow;
|
|
|
|
|
|
|
|
$themes = array();
|
|
|
|
|
|
|
|
if ( wp_installing() && 'wp-activate.php' !== $pagenow ) {
|
|
|
|
return $themes;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( TEMPLATEPATH !== STYLESHEETPATH ) {
|
|
|
|
$themes[] = STYLESHEETPATH;
|
|
|
|
}
|
|
|
|
|
|
|
|
$themes[] = TEMPLATEPATH;
|
|
|
|
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
/*
|
|
|
|
* Remove themes from the list of active themes when we're on an endpoint
|
|
|
|
* that should be protected against WSODs and the theme is paused.
|
|
|
|
*/
|
|
|
|
if ( wp_is_recovery_mode() ) {
|
|
|
|
$themes = wp_skip_paused_themes( $themes );
|
|
|
|
|
|
|
|
// If no active and valid themes exist, skip loading themes.
|
|
|
|
if ( empty( $themes ) ) {
|
|
|
|
add_filter( 'wp_using_themes', '__return_false' );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return $themes;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Filters a given list of themes, removing any paused themes from it.
|
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2019-10-26 23:09:04 +02:00
|
|
|
* @param string[] $themes Array of absolute theme directory paths.
|
2019-11-05 22:23:02 +01:00
|
|
|
* @return string[] Filtered array of absolute paths to themes, without any paused themes.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*/
|
|
|
|
function wp_skip_paused_themes( array $themes ) {
|
|
|
|
$paused_themes = wp_paused_themes()->get_all();
|
|
|
|
|
|
|
|
if ( empty( $paused_themes ) ) {
|
|
|
|
return $themes;
|
|
|
|
}
|
|
|
|
|
|
|
|
foreach ( $themes as $index => $theme ) {
|
|
|
|
$theme = basename( $theme );
|
|
|
|
|
|
|
|
if ( array_key_exists( $theme, $paused_themes ) ) {
|
|
|
|
unset( $themes[ $index ] );
|
|
|
|
|
|
|
|
// Store list of paused themes for displaying an admin notice.
|
|
|
|
$GLOBALS['_paused_themes'][ $theme ] = $paused_themes[ $theme ];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.
Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.
The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.
Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.
Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.
Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.
Built from https://develop.svn.wordpress.org/trunk@44524
git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 21:05:49 +01:00
|
|
|
return $themes;
|
|
|
|
}
|
|
|
|
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
/**
|
|
|
|
* Is WordPress in Recovery Mode.
|
|
|
|
*
|
|
|
|
* In this mode, plugins or themes that cause WSODs will be paused.
|
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
function wp_is_recovery_mode() {
|
|
|
|
return wp_recovery_mode()->is_active();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Determines whether we are currently on an endpoint that should be protected against WSODs.
|
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2021-02-22 20:18:12 +01:00
|
|
|
* @global string $pagenow
|
|
|
|
*
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
* @return bool True if the current endpoint should be protected.
|
|
|
|
*/
|
|
|
|
function is_protected_endpoint() {
|
|
|
|
// Protect login pages.
|
|
|
|
if ( isset( $GLOBALS['pagenow'] ) && 'wp-login.php' === $GLOBALS['pagenow'] ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Protect the admin backend.
|
|
|
|
if ( is_admin() && ! wp_doing_ajax() ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2020-06-25 14:43:07 +02:00
|
|
|
// Protect Ajax actions that could help resolve a fatal error should be available.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
if ( is_protected_ajax_action() ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Filters whether the current request is against a protected endpoint.
|
|
|
|
*
|
|
|
|
* This filter is only fired when an endpoint is requested which is not already protected by
|
|
|
|
* WordPress core. As such, it exclusively allows providing further protected endpoints in
|
2020-06-25 14:43:07 +02:00
|
|
|
* addition to the admin backend, login pages and protected Ajax actions.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2020-06-25 14:43:07 +02:00
|
|
|
* @param bool $is_protected_endpoint Whether the currently requested endpoint is protected.
|
|
|
|
* Default false.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*/
|
|
|
|
return (bool) apply_filters( 'is_protected_endpoint', false );
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-06-25 14:43:07 +02:00
|
|
|
* Determines whether we are currently handling an Ajax action that should be protected against WSODs.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2020-06-25 14:43:07 +02:00
|
|
|
* @return bool True if the current Ajax action should be protected.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*/
|
|
|
|
function is_protected_ajax_action() {
|
|
|
|
if ( ! wp_doing_ajax() ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! isset( $_REQUEST['action'] ) ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$actions_to_protect = array(
|
|
|
|
'edit-theme-plugin-file', // Saving changes in the core code editor.
|
|
|
|
'heartbeat', // Keep the heart beating.
|
|
|
|
'install-plugin', // Installing a new plugin.
|
|
|
|
'install-theme', // Installing a new theme.
|
|
|
|
'search-plugins', // Searching in the list of plugins.
|
|
|
|
'search-install-plugins', // Searching for a plugin in the plugin install screen.
|
|
|
|
'update-plugin', // Update an existing plugin.
|
|
|
|
'update-theme', // Update an existing theme.
|
|
|
|
);
|
|
|
|
|
|
|
|
/**
|
2020-06-25 14:43:07 +02:00
|
|
|
* Filters the array of protected Ajax actions.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*
|
2020-06-25 14:43:07 +02:00
|
|
|
* This filter is only fired when doing Ajax and the Ajax request has an 'action' property.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2020-06-25 14:43:07 +02:00
|
|
|
* @param string[] $actions_to_protect Array of strings with Ajax actions to protect.
|
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 22:53:51 +01:00
|
|
|
*/
|
|
|
|
$actions_to_protect = (array) apply_filters( 'wp_protected_ajax_actions', $actions_to_protect );
|
|
|
|
|
|
|
|
if ( ! in_array( $_REQUEST['action'], $actions_to_protect, true ) ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Set internal encoding.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* In most cases the default internal encoding is latin1, which is
|
|
|
|
* of no use, since we want to use the `mb_` functions for `utf-8` strings.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_set_internal_encoding() {
|
2010-01-19 18:27:03 +01:00
|
|
|
if ( function_exists( 'mb_internal_encoding' ) ) {
|
2013-02-02 03:01:29 +01:00
|
|
|
$charset = get_option( 'blog_charset' );
|
2019-07-09 07:45:58 +02:00
|
|
|
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! $charset || ! @mb_internal_encoding( $charset ) ) {
|
2010-01-19 18:27:03 +01:00
|
|
|
mb_internal_encoding( 'UTF-8' );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Add magic quotes to `$_GET`, `$_POST`, `$_COOKIE`, and `$_SERVER`.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Also forces `$_REQUEST` to be `$_GET + $_POST`. If `$_SERVER`,
|
|
|
|
* `$_COOKIE`, or `$_ENV` are needed, use those superglobals directly.
|
2010-01-19 18:27:03 +01:00
|
|
|
*
|
|
|
|
* @since 3.0.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-19 18:27:03 +01:00
|
|
|
*/
|
2010-01-15 23:03:41 +01:00
|
|
|
function wp_magic_quotes() {
|
|
|
|
// Escape with wpdb.
|
2017-12-01 00:11:00 +01:00
|
|
|
$_GET = add_magic_quotes( $_GET );
|
|
|
|
$_POST = add_magic_quotes( $_POST );
|
2010-01-19 18:27:03 +01:00
|
|
|
$_COOKIE = add_magic_quotes( $_COOKIE );
|
|
|
|
$_SERVER = add_magic_quotes( $_SERVER );
|
2010-01-15 23:03:41 +01:00
|
|
|
|
2010-01-19 18:27:03 +01:00
|
|
|
// Force REQUEST to be GET + POST.
|
|
|
|
$_REQUEST = array_merge( $_GET, $_POST );
|
2010-01-15 23:03:41 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Runs just before PHP shuts down execution.
|
|
|
|
*
|
|
|
|
* @since 1.2.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @access private
|
2010-01-15 23:03:41 +01:00
|
|
|
*/
|
|
|
|
function shutdown_action_hook() {
|
2013-09-16 20:30:10 +02:00
|
|
|
/**
|
|
|
|
* Fires just before PHP shuts down execution.
|
|
|
|
*
|
|
|
|
* @since 1.2.0
|
|
|
|
*/
|
2010-01-19 18:27:03 +01:00
|
|
|
do_action( 'shutdown' );
|
2014-06-04 06:12:17 +02:00
|
|
|
|
2010-01-15 23:03:41 +01:00
|
|
|
wp_cache_close();
|
|
|
|
}
|
|
|
|
|
2011-04-22 19:46:02 +02:00
|
|
|
/**
|
|
|
|
* Copy an object.
|
|
|
|
*
|
|
|
|
* @since 2.7.0
|
2014-06-04 06:12:17 +02:00
|
|
|
* @deprecated 3.2.0
|
2011-04-22 19:46:02 +02:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* @param object $object The object to clone.
|
|
|
|
* @return object The cloned object.
|
2011-04-22 19:46:02 +02:00
|
|
|
*/
|
|
|
|
function wp_clone( $object ) {
|
2020-01-29 01:45:18 +01:00
|
|
|
// Use parens for clone to accommodate PHP 4. See #17880.
|
2011-06-24 23:32:40 +02:00
|
|
|
return clone( $object );
|
2011-04-22 19:46:02 +02:00
|
|
|
}
|
|
|
|
|
2010-01-15 23:03:41 +01:00
|
|
|
/**
|
2018-02-13 17:54:31 +01:00
|
|
|
* Determines whether the current request is for an administrative interface page.
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
2018-04-29 23:14:22 +02:00
|
|
|
* Does not check if the user is an administrator; use current_user_can()
|
2014-06-04 06:12:17 +02:00
|
|
|
* for checking roles and capabilities.
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
2018-02-13 17:54:31 +01:00
|
|
|
* For more information on this and similar theme functions, check out
|
2018-03-18 15:23:33 +01:00
|
|
|
* the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
|
|
|
|
* Conditional Tags} article in the Theme Developer Handbook.
|
2018-02-13 17:54:31 +01:00
|
|
|
*
|
2010-01-15 23:03:41 +01:00
|
|
|
* @since 1.5.1
|
|
|
|
*
|
2019-08-04 04:03:55 +02:00
|
|
|
* @global WP_Screen $current_screen WordPress current screen object.
|
2015-05-26 20:53:27 +02:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* @return bool True if inside WordPress administration interface, false otherwise.
|
2010-01-15 23:03:41 +01:00
|
|
|
*/
|
|
|
|
function is_admin() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $GLOBALS['current_screen'] ) ) {
|
2012-08-31 19:16:46 +02:00
|
|
|
return $GLOBALS['current_screen']->in_admin();
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( defined( 'WP_ADMIN' ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
return WP_ADMIN;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-08-31 19:16:46 +02:00
|
|
|
|
2010-01-15 23:03:41 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2010-07-30 22:34:54 +02:00
|
|
|
/**
|
2019-11-22 19:16:03 +01:00
|
|
|
* Whether the current request is for a site's administrative interface.
|
2010-09-02 17:03:39 +02:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* e.g. `/wp-admin/`
|
|
|
|
*
|
2018-04-29 23:14:22 +02:00
|
|
|
* Does not check if the user is an administrator; use current_user_can()
|
2014-06-04 06:12:17 +02:00
|
|
|
* for checking roles and capabilities.
|
2010-09-02 17:03:39 +02:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
*
|
2019-08-04 04:03:55 +02:00
|
|
|
* @global WP_Screen $current_screen WordPress current screen object.
|
2015-05-26 20:53:27 +02:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* @return bool True if inside WordPress blog administration pages.
|
2010-09-02 17:03:39 +02:00
|
|
|
*/
|
|
|
|
function is_blog_admin() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $GLOBALS['current_screen'] ) ) {
|
2012-08-31 22:45:28 +02:00
|
|
|
return $GLOBALS['current_screen']->in_admin( 'site' );
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( defined( 'WP_BLOG_ADMIN' ) ) {
|
2010-09-02 17:03:39 +02:00
|
|
|
return WP_BLOG_ADMIN;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-08-31 19:16:46 +02:00
|
|
|
|
2010-09-02 17:03:39 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Whether the current request is for the network administrative interface.
|
2010-07-30 22:34:54 +02:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* e.g. `/wp-admin/network/`
|
|
|
|
*
|
2018-04-29 23:14:22 +02:00
|
|
|
* Does not check if the user is an administrator; use current_user_can()
|
2014-06-04 06:12:17 +02:00
|
|
|
* for checking roles and capabilities.
|
2010-07-30 22:34:54 +02:00
|
|
|
*
|
2019-07-25 17:19:58 +02:00
|
|
|
* Does not check if the site is a Multisite network; use is_multisite()
|
|
|
|
* for checking if Multisite is enabled.
|
|
|
|
*
|
2010-07-30 22:34:54 +02:00
|
|
|
* @since 3.1.0
|
|
|
|
*
|
2019-08-04 04:03:55 +02:00
|
|
|
* @global WP_Screen $current_screen WordPress current screen object.
|
2015-05-26 20:53:27 +02:00
|
|
|
*
|
2010-07-30 22:34:54 +02:00
|
|
|
* @return bool True if inside WordPress network administration pages.
|
|
|
|
*/
|
|
|
|
function is_network_admin() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $GLOBALS['current_screen'] ) ) {
|
2012-08-31 19:16:46 +02:00
|
|
|
return $GLOBALS['current_screen']->in_admin( 'network' );
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( defined( 'WP_NETWORK_ADMIN' ) ) {
|
2010-07-30 22:34:54 +02:00
|
|
|
return WP_NETWORK_ADMIN;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-08-31 19:16:46 +02:00
|
|
|
|
2010-07-30 22:34:54 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2010-10-07 21:34:18 +02:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Whether the current request is for a user admin screen.
|
|
|
|
*
|
|
|
|
* e.g. `/wp-admin/user/`
|
2010-10-07 21:34:18 +02:00
|
|
|
*
|
2018-04-29 23:14:22 +02:00
|
|
|
* Does not check if the user is an administrator; use current_user_can()
|
|
|
|
* for checking roles and capabilities.
|
2010-10-07 21:34:18 +02:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
*
|
2019-08-04 04:03:55 +02:00
|
|
|
* @global WP_Screen $current_screen WordPress current screen object.
|
2015-05-26 20:53:27 +02:00
|
|
|
*
|
2010-10-07 21:34:18 +02:00
|
|
|
* @return bool True if inside WordPress user administration pages.
|
|
|
|
*/
|
|
|
|
function is_user_admin() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $GLOBALS['current_screen'] ) ) {
|
2012-08-31 19:16:46 +02:00
|
|
|
return $GLOBALS['current_screen']->in_admin( 'user' );
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( defined( 'WP_USER_ADMIN' ) ) {
|
2010-10-07 21:34:18 +02:00
|
|
|
return WP_USER_ADMIN;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-08-31 19:16:46 +02:00
|
|
|
|
2010-10-07 21:34:18 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2010-01-15 23:03:41 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* If Multisite is enabled.
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
2010-02-20 14:51:32 +01:00
|
|
|
* @since 3.0.0
|
2010-01-15 23:03:41 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* @return bool True if Multisite is enabled, false otherwise.
|
2010-01-15 23:03:41 +01:00
|
|
|
*/
|
|
|
|
function is_multisite() {
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( defined( 'MULTISITE' ) ) {
|
2010-04-08 04:39:17 +02:00
|
|
|
return MULTISITE;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-04-05 02:00:13 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( defined( 'SUBDOMAIN_INSTALL' ) || defined( 'VHOST' ) || defined( 'SUNRISE' ) ) {
|
2010-01-15 23:03:41 +01:00
|
|
|
return true;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2010-01-15 23:03:41 +01:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2012-08-09 15:17:14 +02:00
|
|
|
/**
|
2016-01-15 14:18:27 +01:00
|
|
|
* Retrieve the current site ID.
|
2012-08-09 15:17:14 +02:00
|
|
|
*
|
|
|
|
* @since 3.1.0
|
|
|
|
*
|
2015-05-26 20:53:27 +02:00
|
|
|
* @global int $blog_id
|
|
|
|
*
|
2016-01-15 14:18:27 +01:00
|
|
|
* @return int Site ID.
|
2012-08-09 15:17:14 +02:00
|
|
|
*/
|
|
|
|
function get_current_blog_id() {
|
|
|
|
global $blog_id;
|
2017-12-01 00:11:00 +01:00
|
|
|
return absint( $blog_id );
|
2012-08-09 15:17:14 +02:00
|
|
|
}
|
|
|
|
|
2016-06-09 22:34:28 +02:00
|
|
|
/**
|
|
|
|
* Retrieves the current network ID.
|
|
|
|
*
|
|
|
|
* @since 4.6.0
|
|
|
|
*
|
|
|
|
* @return int The ID of the current network.
|
|
|
|
*/
|
|
|
|
function get_current_network_id() {
|
|
|
|
if ( ! is_multisite() ) {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-10-19 06:47:30 +02:00
|
|
|
$current_network = get_network();
|
2016-06-09 22:34:28 +02:00
|
|
|
|
2016-10-19 06:47:30 +02:00
|
|
|
if ( ! isset( $current_network->id ) ) {
|
2016-06-09 22:34:28 +02:00
|
|
|
return get_main_network_id();
|
|
|
|
}
|
|
|
|
|
2016-10-19 06:47:30 +02:00
|
|
|
return absint( $current_network->id );
|
2016-06-09 22:34:28 +02:00
|
|
|
}
|
|
|
|
|
2012-01-26 21:34:27 +01:00
|
|
|
/**
|
2014-06-04 06:12:17 +02:00
|
|
|
* Attempt an early load of translations.
|
2012-01-26 21:34:27 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Used for errors encountered during the initial loading process, before
|
|
|
|
* the locale has been properly detected and loaded.
|
2012-01-26 21:34:27 +01:00
|
|
|
*
|
2014-06-04 06:12:17 +02:00
|
|
|
* Designed for unusual load sequences (like setup-config.php) or for when
|
|
|
|
* the script will then terminate with an error, otherwise there is a risk
|
|
|
|
* that a file can be double-included.
|
2012-01-26 21:34:27 +01:00
|
|
|
*
|
|
|
|
* @since 3.4.0
|
|
|
|
* @access private
|
2014-06-04 06:12:17 +02:00
|
|
|
*
|
2019-08-04 03:46:55 +02:00
|
|
|
* @global WP_Locale $wp_locale WordPress date and time locale object.
|
2012-01-26 21:34:27 +01:00
|
|
|
*/
|
|
|
|
function wp_load_translations_early() {
|
2016-11-04 18:13:27 +01:00
|
|
|
global $wp_locale;
|
2012-01-26 21:34:27 +01:00
|
|
|
|
|
|
|
static $loaded = false;
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $loaded ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
return;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
$loaded = true;
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( function_exists( 'did_action' ) && did_action( 'init' ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
return;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// We need $wp_local_package.
|
2012-01-26 21:34:27 +01:00
|
|
|
require ABSPATH . WPINC . '/version.php';
|
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// Translation and localization.
|
2012-01-26 21:34:27 +01:00
|
|
|
require_once ABSPATH . WPINC . '/pomo/mo.php';
|
|
|
|
require_once ABSPATH . WPINC . '/l10n.php';
|
2016-08-27 17:13:33 +02:00
|
|
|
require_once ABSPATH . WPINC . '/class-wp-locale.php';
|
2016-10-26 17:36:31 +02:00
|
|
|
require_once ABSPATH . WPINC . '/class-wp-locale-switcher.php';
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2020-01-29 01:45:18 +01:00
|
|
|
// General libraries.
|
2012-01-26 21:34:27 +01:00
|
|
|
require_once ABSPATH . WPINC . '/plugin.php';
|
|
|
|
|
2019-07-03 01:42:58 +02:00
|
|
|
$locales = array();
|
|
|
|
$locations = array();
|
2012-01-26 21:34:27 +01:00
|
|
|
|
|
|
|
while ( true ) {
|
|
|
|
if ( defined( 'WPLANG' ) ) {
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( '' === WPLANG ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
break;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
$locales[] = WPLANG;
|
|
|
|
}
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( isset( $wp_local_package ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
$locales[] = $wp_local_package;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! $locales ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
break;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( defined( 'WP_LANG_DIR' ) && @is_dir( WP_LANG_DIR ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
$locations[] = WP_LANG_DIR;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( defined( 'WP_CONTENT_DIR' ) && @is_dir( WP_CONTENT_DIR . '/languages' ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
$locations[] = WP_CONTENT_DIR . '/languages';
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( @is_dir( ABSPATH . 'wp-content/languages' ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
$locations[] = ABSPATH . 'wp-content/languages';
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( @is_dir( ABSPATH . WPINC . '/languages' ) ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
$locations[] = ABSPATH . WPINC . '/languages';
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! $locations ) {
|
2012-01-26 21:34:27 +01:00
|
|
|
break;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
|
|
|
|
$locations = array_unique( $locations );
|
|
|
|
|
|
|
|
foreach ( $locales as $locale ) {
|
|
|
|
foreach ( $locations as $location ) {
|
|
|
|
if ( file_exists( $location . '/' . $locale . '.mo' ) ) {
|
|
|
|
load_textdomain( 'default', $location . '/' . $locale . '.mo' );
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( defined( 'WP_SETUP_CONFIG' ) && file_exists( $location . '/admin-' . $locale . '.mo' ) ) {
|
2012-01-29 21:49:34 +01:00
|
|
|
load_textdomain( 'default', $location . '/admin-' . $locale . '.mo' );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2012-01-26 21:34:27 +01:00
|
|
|
break 2;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
$wp_locale = new WP_Locale();
|
|
|
|
}
|
2015-10-07 05:02:23 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Check or set whether WordPress is in "installation" mode.
|
|
|
|
*
|
|
|
|
* If the `WP_INSTALLING` constant is defined during the bootstrap, `wp_installing()` will default to `true`.
|
|
|
|
*
|
|
|
|
* @since 4.4.0
|
|
|
|
*
|
|
|
|
* @param bool $is_installing Optional. True to set WP into Installing mode, false to turn Installing mode off.
|
|
|
|
* Omit this parameter if you only want to fetch the current status.
|
|
|
|
* @return bool True if WP is installing, otherwise false. When a `$is_installing` is passed, the function will
|
|
|
|
* report whether WP was in installing mode prior to the change to `$is_installing`.
|
|
|
|
*/
|
|
|
|
function wp_installing( $is_installing = null ) {
|
|
|
|
static $installing = null;
|
|
|
|
|
|
|
|
// Support for the `WP_INSTALLING` constant, defined before WP is loaded.
|
|
|
|
if ( is_null( $installing ) ) {
|
|
|
|
$installing = defined( 'WP_INSTALLING' ) && WP_INSTALLING;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! is_null( $is_installing ) ) {
|
|
|
|
$old_installing = $installing;
|
2017-12-01 00:11:00 +01:00
|
|
|
$installing = $is_installing;
|
2015-10-07 05:02:23 +02:00
|
|
|
return (bool) $old_installing;
|
|
|
|
}
|
|
|
|
|
|
|
|
return (bool) $installing;
|
|
|
|
}
|
2016-06-10 20:56:31 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Determines if SSL is used.
|
|
|
|
*
|
|
|
|
* @since 2.6.0
|
2016-07-08 14:54:28 +02:00
|
|
|
* @since 4.6.0 Moved from functions.php to load.php.
|
2016-06-10 20:56:31 +02:00
|
|
|
*
|
|
|
|
* @return bool True if SSL, otherwise false.
|
|
|
|
*/
|
|
|
|
function is_ssl() {
|
|
|
|
if ( isset( $_SERVER['HTTPS'] ) ) {
|
2020-05-16 20:42:12 +02:00
|
|
|
if ( 'on' === strtolower( $_SERVER['HTTPS'] ) ) {
|
2016-06-10 20:56:31 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( '1' == $_SERVER['HTTPS'] ) {
|
|
|
|
return true;
|
|
|
|
}
|
2017-12-01 00:11:00 +01:00
|
|
|
} elseif ( isset( $_SERVER['SERVER_PORT'] ) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
|
2016-06-10 20:56:31 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
2016-07-08 13:27:27 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Converts a shorthand byte value to an integer byte value.
|
|
|
|
*
|
|
|
|
* @since 2.3.0
|
2016-07-08 14:54:28 +02:00
|
|
|
* @since 4.6.0 Moved from media.php to load.php.
|
2016-07-08 13:27:27 +02:00
|
|
|
*
|
2020-01-20 04:14:06 +01:00
|
|
|
* @link https://www.php.net/manual/en/function.ini-get.php
|
|
|
|
* @link https://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes
|
2016-07-08 14:54:28 +02:00
|
|
|
*
|
|
|
|
* @param string $value A (PHP ini) byte value, either shorthand or ordinary.
|
2016-07-08 13:27:27 +02:00
|
|
|
* @return int An integer byte value.
|
|
|
|
*/
|
2016-07-08 14:54:28 +02:00
|
|
|
function wp_convert_hr_to_bytes( $value ) {
|
|
|
|
$value = strtolower( trim( $value ) );
|
|
|
|
$bytes = (int) $value;
|
|
|
|
|
|
|
|
if ( false !== strpos( $value, 'g' ) ) {
|
|
|
|
$bytes *= GB_IN_BYTES;
|
|
|
|
} elseif ( false !== strpos( $value, 'm' ) ) {
|
|
|
|
$bytes *= MB_IN_BYTES;
|
|
|
|
} elseif ( false !== strpos( $value, 'k' ) ) {
|
|
|
|
$bytes *= KB_IN_BYTES;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Deal with large (float) values which run into the maximum integer size.
|
|
|
|
return min( $bytes, PHP_INT_MAX );
|
2016-07-08 13:27:27 +02:00
|
|
|
}
|
2016-07-08 16:37:30 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Determines whether a PHP ini value is changeable at runtime.
|
|
|
|
*
|
|
|
|
* @since 4.6.0
|
|
|
|
*
|
2020-01-20 04:14:06 +01:00
|
|
|
* @link https://www.php.net/manual/en/function.ini-get-all.php
|
2016-07-08 16:37:30 +02:00
|
|
|
*
|
|
|
|
* @param string $setting The name of the ini setting to check.
|
|
|
|
* @return bool True if the value is changeable at runtime. False otherwise.
|
|
|
|
*/
|
|
|
|
function wp_is_ini_value_changeable( $setting ) {
|
|
|
|
static $ini_all;
|
|
|
|
|
|
|
|
if ( ! isset( $ini_all ) ) {
|
2016-08-29 04:59:30 +02:00
|
|
|
$ini_all = false;
|
|
|
|
// Sometimes `ini_get_all()` is disabled via the `disable_functions` option for "security purposes".
|
|
|
|
if ( function_exists( 'ini_get_all' ) ) {
|
|
|
|
$ini_all = ini_get_all();
|
|
|
|
}
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2016-07-08 16:37:30 +02:00
|
|
|
|
2016-07-08 20:36:30 +02:00
|
|
|
// Bit operator to workaround https://bugs.php.net/bug.php?id=44936 which changes access level to 63 in PHP 5.2.6 - 5.2.17.
|
|
|
|
if ( isset( $ini_all[ $setting ]['access'] ) && ( INI_ALL === ( $ini_all[ $setting ]['access'] & 7 ) || INI_USER === ( $ini_all[ $setting ]['access'] & 7 ) ) ) {
|
2016-07-08 16:37:30 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-08-29 04:59:30 +02:00
|
|
|
// If we were unable to retrieve the details, fail gracefully to assume it's changeable.
|
|
|
|
if ( ! is_array( $ini_all ) ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-07-08 16:37:30 +02:00
|
|
|
return false;
|
|
|
|
}
|
2016-08-23 16:33:30 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Determines whether the current request is a WordPress Ajax request.
|
|
|
|
*
|
|
|
|
* @since 4.7.0
|
|
|
|
*
|
|
|
|
* @return bool True if it's a WordPress Ajax request, false otherwise.
|
|
|
|
*/
|
|
|
|
function wp_doing_ajax() {
|
|
|
|
/**
|
2016-09-14 23:51:28 +02:00
|
|
|
* Filters whether the current request is a WordPress Ajax request.
|
2016-08-23 16:33:30 +02:00
|
|
|
*
|
|
|
|
* @since 4.7.0
|
|
|
|
*
|
|
|
|
* @param bool $wp_doing_ajax Whether the current request is a WordPress Ajax request.
|
|
|
|
*/
|
|
|
|
return apply_filters( 'wp_doing_ajax', defined( 'DOING_AJAX' ) && DOING_AJAX );
|
|
|
|
}
|
2016-08-26 11:58:28 +02:00
|
|
|
|
Bootstrap/Load: Introduce fatal error recovery mechanism allowing users to still log in to their admin dashboard.
This changeset introduces a `WP_Shutdown_Handler` class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed. Subsequently, in certain protected areas, for example the admin, the broken extension will be paused, ensuring that the website is still usable in the respective area. The major benefit is that this mechanism allows site owners to still log in to their website, to fix the problem by either disabling the extension or solving the bug and then resuming the extension.
Extensions are only paused in certain designated areas. The frontend for example stays unaffected, as it is impossible to know what pausing the extension would cause to be missing, so it might be preferrable to clearly see that the website is temporarily not accessible instead.
The fatal error recovery is especially important in scope of encouraging the switch to a maintained PHP version, as not necessarily every WordPress extension is compatible with all PHP versions. If problems occur now, non-technical site owners that do not have immediate access to the codebase are not locked out of their site and can at least temporarily solve the problem quickly.
Websites that have custom requirements in that regard can implement their own shutdown handler by adding a `shutdown-handler.php` drop-in that returns the handler instance to use, which must be based on a class that inherits `WP_Shutdown_Handler`. That handler will then be used in place of the default one.
Websites that would like to modify specifically the error template displayed in the frontend can add a `php-error.php` drop-in that works similarly to the existing `db-error.php` drop-in.
Props afragen, bradleyt, flixos90, ocean90, schlessera, SergeyBiryukov, spacedmonkey.
Fixes #44458.
Built from https://develop.svn.wordpress.org/trunk@44524
git-svn-id: http://core.svn.wordpress.org/trunk@44355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 21:05:49 +01:00
|
|
|
/**
|
|
|
|
* Determines whether the current request should use themes.
|
|
|
|
*
|
|
|
|
* @since 5.1.0
|
|
|
|
*
|
|
|
|
* @return bool True if themes should be used, false otherwise.
|
|
|
|
*/
|
|
|
|
function wp_using_themes() {
|
|
|
|
/**
|
|
|
|
* Filters whether the current request should use themes.
|
|
|
|
*
|
|
|
|
* @since 5.1.0
|
|
|
|
*
|
|
|
|
* @param bool $wp_using_themes Whether the current request should use themes.
|
|
|
|
*/
|
|
|
|
return apply_filters( 'wp_using_themes', defined( 'WP_USE_THEMES' ) && WP_USE_THEMES );
|
|
|
|
}
|
|
|
|
|
2017-05-06 16:30:40 +02:00
|
|
|
/**
|
|
|
|
* Determines whether the current request is a WordPress cron request.
|
|
|
|
*
|
|
|
|
* @since 4.8.0
|
|
|
|
*
|
|
|
|
* @return bool True if it's a WordPress cron request, false otherwise.
|
|
|
|
*/
|
|
|
|
function wp_doing_cron() {
|
|
|
|
/**
|
|
|
|
* Filters whether the current request is a WordPress cron request.
|
|
|
|
*
|
|
|
|
* @since 4.8.0
|
|
|
|
*
|
|
|
|
* @param bool $wp_doing_cron Whether the current request is a WordPress cron request.
|
|
|
|
*/
|
|
|
|
return apply_filters( 'wp_doing_cron', defined( 'DOING_CRON' ) && DOING_CRON );
|
|
|
|
}
|
|
|
|
|
2016-08-26 11:58:28 +02:00
|
|
|
/**
|
2020-09-20 19:44:07 +02:00
|
|
|
* Checks whether the given variable is a WordPress Error.
|
2016-08-26 11:58:28 +02:00
|
|
|
*
|
2020-09-20 19:44:07 +02:00
|
|
|
* Returns whether `$thing` is an instance of the `WP_Error` class.
|
2016-08-26 11:58:28 +02:00
|
|
|
*
|
|
|
|
* @since 2.1.0
|
|
|
|
*
|
2020-09-20 19:44:07 +02:00
|
|
|
* @param mixed $thing The variable to check.
|
|
|
|
* @return bool Whether the variable is an instance of WP_Error.
|
2016-08-26 11:58:28 +02:00
|
|
|
*/
|
|
|
|
function is_wp_error( $thing ) {
|
2020-09-21 13:13:05 +02:00
|
|
|
$is_wp_error = ( $thing instanceof WP_Error );
|
2020-09-20 19:44:07 +02:00
|
|
|
|
2020-09-21 13:13:05 +02:00
|
|
|
if ( $is_wp_error ) {
|
2020-09-20 19:44:07 +02:00
|
|
|
/**
|
2020-11-17 20:21:05 +01:00
|
|
|
* Fires when `is_wp_error()` is called and its parameter is an instance of `WP_Error`.
|
2020-09-20 19:44:07 +02:00
|
|
|
*
|
|
|
|
* @since 5.6.0
|
|
|
|
*
|
|
|
|
* @param WP_Error $thing The error object passed to `is_wp_error()`.
|
|
|
|
*/
|
2020-11-17 20:21:05 +01:00
|
|
|
do_action( 'is_wp_error_instance', $thing );
|
2020-09-20 19:44:07 +02:00
|
|
|
}
|
|
|
|
|
2020-09-21 13:13:05 +02:00
|
|
|
return $is_wp_error;
|
2016-08-26 11:58:28 +02:00
|
|
|
}
|
2017-04-07 16:36:50 +02:00
|
|
|
|
|
|
|
/**
|
2017-05-11 21:54:43 +02:00
|
|
|
* Determines whether file modifications are allowed.
|
2017-04-07 16:36:50 +02:00
|
|
|
*
|
|
|
|
* @since 4.8.0
|
|
|
|
*
|
|
|
|
* @param string $context The usage context.
|
2017-05-11 21:54:43 +02:00
|
|
|
* @return bool True if file modification is allowed, false otherwise.
|
2017-04-07 16:36:50 +02:00
|
|
|
*/
|
2017-05-11 21:24:41 +02:00
|
|
|
function wp_is_file_mod_allowed( $context ) {
|
2017-04-07 16:36:50 +02:00
|
|
|
/**
|
2017-05-11 21:54:43 +02:00
|
|
|
* Filters whether file modifications are allowed.
|
2017-04-07 16:36:50 +02:00
|
|
|
*
|
|
|
|
* @since 4.8.0
|
|
|
|
*
|
2017-05-11 21:54:43 +02:00
|
|
|
* @param bool $file_mod_allowed Whether file modifications are allowed.
|
|
|
|
* @param string $context The usage context.
|
2017-04-07 16:36:50 +02:00
|
|
|
*/
|
2017-05-11 21:54:43 +02:00
|
|
|
return apply_filters( 'file_mod_allowed', ! defined( 'DISALLOW_FILE_MODS' ) || ! DISALLOW_FILE_MODS, $context );
|
2017-04-07 16:36:50 +02:00
|
|
|
}
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Start scraping edited file errors.
|
|
|
|
*
|
|
|
|
* @since 4.9.0
|
|
|
|
*/
|
|
|
|
function wp_start_scraping_edited_file_errors() {
|
|
|
|
if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) {
|
|
|
|
return;
|
|
|
|
}
|
2017-12-01 00:11:00 +01:00
|
|
|
$key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 );
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
$nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] );
|
|
|
|
|
|
|
|
if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) {
|
2017-10-10 07:27:49 +02:00
|
|
|
echo "###### wp_scraping_result_start:$key ######";
|
2017-12-01 00:11:00 +01:00
|
|
|
echo wp_json_encode(
|
|
|
|
array(
|
|
|
|
'code' => 'scrape_nonce_failure',
|
|
|
|
'message' => __( 'Scrape nonce check failed. Please try again.' ),
|
|
|
|
)
|
|
|
|
);
|
2017-10-10 07:27:49 +02:00
|
|
|
echo "###### wp_scraping_result_end:$key ######";
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
die();
|
|
|
|
}
|
2019-04-05 17:53:50 +02:00
|
|
|
if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) {
|
|
|
|
define( 'WP_SANDBOX_SCRAPING', true );
|
|
|
|
}
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
register_shutdown_function( 'wp_finalize_scraping_edited_file_errors', $key );
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Finalize scraping for edited file errors.
|
|
|
|
*
|
|
|
|
* @since 4.9.0
|
|
|
|
*
|
|
|
|
* @param string $scrape_key Scrape key.
|
|
|
|
*/
|
|
|
|
function wp_finalize_scraping_edited_file_errors( $scrape_key ) {
|
|
|
|
$error = error_get_last();
|
2017-10-10 07:27:49 +02:00
|
|
|
echo "\n###### wp_scraping_result_start:$scrape_key ######\n";
|
|
|
|
if ( ! empty( $error ) && in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) ) {
|
|
|
|
$error = str_replace( ABSPATH, '', $error );
|
|
|
|
echo wp_json_encode( $error );
|
|
|
|
} else {
|
|
|
|
echo wp_json_encode( true );
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
}
|
2017-10-10 07:27:49 +02:00
|
|
|
echo "\n###### wp_scraping_result_end:$scrape_key ######\n";
|
File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 02:20:45 +02:00
|
|
|
}
|
2018-12-12 04:08:23 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks whether current request is a JSON request, or is expecting a JSON response.
|
|
|
|
*
|
|
|
|
* @since 5.0.0
|
|
|
|
*
|
2019-11-22 19:28:04 +01:00
|
|
|
* @return bool True if `Accepts` or `Content-Type` headers contain `application/json`.
|
|
|
|
* False otherwise.
|
2018-12-12 04:08:23 +01:00
|
|
|
*/
|
|
|
|
function wp_is_json_request() {
|
|
|
|
|
2020-10-27 17:44:06 +01:00
|
|
|
if ( isset( $_SERVER['HTTP_ACCEPT'] ) && wp_is_json_media_type( $_SERVER['HTTP_ACCEPT'] ) ) {
|
2018-12-12 04:08:23 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2020-10-27 17:44:06 +01:00
|
|
|
if ( isset( $_SERVER['CONTENT_TYPE'] ) && wp_is_json_media_type( $_SERVER['CONTENT_TYPE'] ) ) {
|
2018-12-12 04:08:23 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
}
|
2019-03-26 23:26:52 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks whether current request is a JSONP request, or is expecting a JSONP response.
|
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
|
|
|
* @return bool True if JSONP request, false otherwise.
|
|
|
|
*/
|
|
|
|
function wp_is_jsonp_request() {
|
|
|
|
if ( ! isset( $_GET['_jsonp'] ) ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! function_exists( 'wp_check_jsonp_callback' ) ) {
|
|
|
|
require_once ABSPATH . WPINC . '/functions.php';
|
|
|
|
}
|
|
|
|
|
|
|
|
$jsonp_callback = $_GET['_jsonp'];
|
|
|
|
if ( ! wp_check_jsonp_callback( $jsonp_callback ) ) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** This filter is documented in wp-includes/rest-api/class-wp-rest-server.php */
|
|
|
|
$jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true );
|
|
|
|
|
|
|
|
return $jsonp_enabled;
|
|
|
|
|
|
|
|
}
|
2019-03-27 00:11:52 +01:00
|
|
|
|
2020-10-27 17:44:06 +01:00
|
|
|
/**
|
|
|
|
* Checks whether a string is a valid JSON Media Type.
|
|
|
|
*
|
|
|
|
* @since 5.6.0
|
|
|
|
*
|
|
|
|
* @param string $media_type A Media Type string to check.
|
|
|
|
* @return bool True if string is a valid JSON Media Type.
|
|
|
|
*/
|
|
|
|
function wp_is_json_media_type( $media_type ) {
|
|
|
|
static $cache = array();
|
|
|
|
|
|
|
|
if ( ! isset( $cache[ $media_type ] ) ) {
|
|
|
|
$cache[ $media_type ] = (bool) preg_match( '/(^|\s|,)application\/([\w!#\$&-\^\.\+]+\+)?json(\+oembed)?($|\s|;|,)/i', $media_type );
|
|
|
|
}
|
|
|
|
|
|
|
|
return $cache[ $media_type ];
|
|
|
|
}
|
|
|
|
|
2019-03-27 00:11:52 +01:00
|
|
|
/**
|
2019-03-27 00:21:51 +01:00
|
|
|
* Checks whether current request is an XML request, or is expecting an XML response.
|
2019-03-27 00:11:52 +01:00
|
|
|
*
|
|
|
|
* @since 5.2.0
|
|
|
|
*
|
2019-11-22 19:28:04 +01:00
|
|
|
* @return bool True if `Accepts` or `Content-Type` headers contain `text/xml`
|
|
|
|
* or one of the related MIME types. False otherwise.
|
2019-03-27 00:11:52 +01:00
|
|
|
*/
|
|
|
|
function wp_is_xml_request() {
|
|
|
|
$accepted = array(
|
|
|
|
'text/xml',
|
|
|
|
'application/rss+xml',
|
|
|
|
'application/atom+xml',
|
|
|
|
'application/rdf+xml',
|
|
|
|
'text/xml+oembed',
|
|
|
|
'application/xml+oembed',
|
|
|
|
);
|
|
|
|
|
|
|
|
if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) {
|
|
|
|
foreach ( $accepted as $type ) {
|
|
|
|
if ( false !== strpos( $_SERVER['HTTP_ACCEPT'], $type ) ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( isset( $_SERVER['CONTENT_TYPE'] ) && in_array( $_SERVER['CONTENT_TYPE'], $accepted, true ) ) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.
This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.
In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.
Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.
Built from https://develop.svn.wordpress.org/trunk@50006
git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 03:57:59 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if this site is protected by HTTP Basic Auth.
|
|
|
|
*
|
2021-01-28 12:05:58 +01:00
|
|
|
* At the moment, this merely checks for the present of Basic Auth credentials. Therefore, calling
|
|
|
|
* this function with a context different from the current context may give inaccurate results.
|
|
|
|
* In a future release, this evaluation may be made more robust.
|
App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.
This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.
In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.
Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.
Built from https://develop.svn.wordpress.org/trunk@50006
git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 03:57:59 +01:00
|
|
|
*
|
2021-01-28 12:05:58 +01:00
|
|
|
* Currently, this is only used by Application Passwords to prevent a conflict since it also utilizes
|
|
|
|
* Basic Auth.
|
App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.
This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.
In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.
Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.
Built from https://develop.svn.wordpress.org/trunk@50006
git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 03:57:59 +01:00
|
|
|
*
|
|
|
|
* @since 5.6.1
|
|
|
|
*
|
|
|
|
* @global string $pagenow The current page.
|
|
|
|
*
|
2021-01-28 12:05:58 +01:00
|
|
|
* @param string $context The context to check for protection. Accepts 'login', 'admin', and 'front'.
|
|
|
|
* Defaults to the current context.
|
|
|
|
* @return bool Whether the site is protected by Basic Auth.
|
App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.
This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.
In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.
Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.
Built from https://develop.svn.wordpress.org/trunk@50006
git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 03:57:59 +01:00
|
|
|
*/
|
|
|
|
function wp_is_site_protected_by_basic_auth( $context = '' ) {
|
|
|
|
global $pagenow;
|
|
|
|
|
|
|
|
if ( ! $context ) {
|
|
|
|
if ( 'wp-login.php' === $pagenow ) {
|
|
|
|
$context = 'login';
|
|
|
|
} elseif ( is_admin() ) {
|
|
|
|
$context = 'admin';
|
|
|
|
} else {
|
|
|
|
$context = 'front';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$is_protected = ! empty( $_SERVER['PHP_AUTH_USER'] ) || ! empty( $_SERVER['PHP_AUTH_PW'] );
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Filters whether a site is protected by HTTP Basic Auth.
|
|
|
|
*
|
|
|
|
* @since 5.6.1
|
|
|
|
*
|
|
|
|
* @param bool $is_protected Whether the site is protected by Basic Auth.
|
|
|
|
* @param string $context The context to check for protection. One of 'login', 'admin', or 'front'.
|
|
|
|
*/
|
|
|
|
return apply_filters( 'wp_is_site_protected_by_basic_auth', $is_protected, $context );
|
|
|
|
}
|