WordPress/wp-admin/includes/schema.php
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00

975 lines
31 KiB
PHP

<?php
/**
* WordPress Administration Scheme API
*
* Here we keep the DB structure and option values.
*
* @package WordPress
* @subpackage Administration
*/
// Declare these as global in case schema.php is included from a function.
global $wpdb, $wp_queries, $charset_collate;
/**
* The database character collate.
* @var string
* @global string
* @name $charset_collate
*/
$charset_collate = $wpdb->get_charset_collate();
/**
* Retrieve the SQL for creating database tables.
*
* @since 3.3.0
*
* @param string $scope Optional. The tables for which to retrieve SQL. Can be all, global, ms_global, or blog tables. Defaults to all.
* @param int $blog_id Optional. The blog ID for which to retrieve SQL. Default is the current blog ID.
* @return string The SQL needed to create the requested tables.
*/
function wp_get_db_schema( $scope = 'all', $blog_id = null ) {
global $wpdb;
$charset_collate = '';
if ( ! empty($wpdb->charset) )
$charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
if ( ! empty($wpdb->collate) )
$charset_collate .= " COLLATE $wpdb->collate";
if ( $blog_id && $blog_id != $wpdb->blogid )
$old_blog_id = $wpdb->set_blog_id( $blog_id );
// Engage multisite if in the middle of turning it on from network.php.
$is_multisite = is_multisite() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK );
// Blog specific tables.
$blog_tables = "CREATE TABLE $wpdb->terms (
term_id bigint(20) unsigned NOT NULL auto_increment,
name varchar(200) NOT NULL default '',
slug varchar(200) NOT NULL default '',
term_group bigint(10) NOT NULL default 0,
PRIMARY KEY (term_id),
UNIQUE KEY slug (slug),
KEY name (name)
) $charset_collate;
CREATE TABLE $wpdb->term_taxonomy (
term_taxonomy_id bigint(20) unsigned NOT NULL auto_increment,
term_id bigint(20) unsigned NOT NULL default 0,
taxonomy varchar(32) NOT NULL default '',
description longtext NOT NULL,
parent bigint(20) unsigned NOT NULL default 0,
count bigint(20) NOT NULL default 0,
PRIMARY KEY (term_taxonomy_id),
UNIQUE KEY term_id_taxonomy (term_id,taxonomy),
KEY taxonomy (taxonomy)
) $charset_collate;
CREATE TABLE $wpdb->term_relationships (
object_id bigint(20) unsigned NOT NULL default 0,
term_taxonomy_id bigint(20) unsigned NOT NULL default 0,
term_order int(11) NOT NULL default 0,
PRIMARY KEY (object_id,term_taxonomy_id),
KEY term_taxonomy_id (term_taxonomy_id)
) $charset_collate;
CREATE TABLE $wpdb->commentmeta (
meta_id bigint(20) unsigned NOT NULL auto_increment,
comment_id bigint(20) unsigned NOT NULL default '0',
meta_key varchar(255) default NULL,
meta_value longtext,
PRIMARY KEY (meta_id),
KEY comment_id (comment_id),
KEY meta_key (meta_key)
) $charset_collate;
CREATE TABLE $wpdb->comments (
comment_ID bigint(20) unsigned NOT NULL auto_increment,
comment_post_ID bigint(20) unsigned NOT NULL default '0',
comment_author tinytext NOT NULL,
comment_author_email varchar(100) NOT NULL default '',
comment_author_url varchar(200) NOT NULL default '',
comment_author_IP varchar(100) NOT NULL default '',
comment_date datetime NOT NULL default '0000-00-00 00:00:00',
comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
comment_content text NOT NULL,
comment_karma int(11) NOT NULL default '0',
comment_approved varchar(20) NOT NULL default '1',
comment_agent varchar(255) NOT NULL default '',
comment_type varchar(20) NOT NULL default '',
comment_parent bigint(20) unsigned NOT NULL default '0',
user_id bigint(20) unsigned NOT NULL default '0',
PRIMARY KEY (comment_ID),
KEY comment_post_ID (comment_post_ID),
KEY comment_approved_date_gmt (comment_approved,comment_date_gmt),
KEY comment_date_gmt (comment_date_gmt),
KEY comment_parent (comment_parent)
) $charset_collate;
CREATE TABLE $wpdb->links (
link_id bigint(20) unsigned NOT NULL auto_increment,
link_url varchar(255) NOT NULL default '',
link_name varchar(255) NOT NULL default '',
link_image varchar(255) NOT NULL default '',
link_target varchar(25) NOT NULL default '',
link_description varchar(255) NOT NULL default '',
link_visible varchar(20) NOT NULL default 'Y',
link_owner bigint(20) unsigned NOT NULL default '1',
link_rating int(11) NOT NULL default '0',
link_updated datetime NOT NULL default '0000-00-00 00:00:00',
link_rel varchar(255) NOT NULL default '',
link_notes mediumtext NOT NULL,
link_rss varchar(255) NOT NULL default '',
PRIMARY KEY (link_id),
KEY link_visible (link_visible)
) $charset_collate;
CREATE TABLE $wpdb->options (
option_id bigint(20) unsigned NOT NULL auto_increment,
option_name varchar(64) NOT NULL default '',
option_value longtext NOT NULL,
autoload varchar(20) NOT NULL default 'yes',
PRIMARY KEY (option_id),
UNIQUE KEY option_name (option_name)
) $charset_collate;
CREATE TABLE $wpdb->postmeta (
meta_id bigint(20) unsigned NOT NULL auto_increment,
post_id bigint(20) unsigned NOT NULL default '0',
meta_key varchar(255) default NULL,
meta_value longtext,
PRIMARY KEY (meta_id),
KEY post_id (post_id),
KEY meta_key (meta_key)
) $charset_collate;
CREATE TABLE $wpdb->posts (
ID bigint(20) unsigned NOT NULL auto_increment,
post_author bigint(20) unsigned NOT NULL default '0',
post_date datetime NOT NULL default '0000-00-00 00:00:00',
post_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
post_content longtext NOT NULL,
post_title text NOT NULL,
post_excerpt text NOT NULL,
post_status varchar(20) NOT NULL default 'publish',
comment_status varchar(20) NOT NULL default 'open',
ping_status varchar(20) NOT NULL default 'open',
post_password varchar(20) NOT NULL default '',
post_name varchar(200) NOT NULL default '',
to_ping text NOT NULL,
pinged text NOT NULL,
post_modified datetime NOT NULL default '0000-00-00 00:00:00',
post_modified_gmt datetime NOT NULL default '0000-00-00 00:00:00',
post_content_filtered longtext NOT NULL,
post_parent bigint(20) unsigned NOT NULL default '0',
guid varchar(255) NOT NULL default '',
menu_order int(11) NOT NULL default '0',
post_type varchar(20) NOT NULL default 'post',
post_mime_type varchar(100) NOT NULL default '',
comment_count bigint(20) NOT NULL default '0',
PRIMARY KEY (ID),
KEY post_name (post_name),
KEY type_status_date (post_type,post_status,post_date,ID),
KEY post_parent (post_parent),
KEY post_author (post_author)
) $charset_collate;\n";
// Single site users table. The multisite flavor of the users table is handled below.
$users_single_table = "CREATE TABLE $wpdb->users (
ID bigint(20) unsigned NOT NULL auto_increment,
user_login varchar(60) NOT NULL default '',
user_pass varchar(64) NOT NULL default '',
user_nicename varchar(50) NOT NULL default '',
user_email varchar(100) NOT NULL default '',
user_url varchar(100) NOT NULL default '',
user_registered datetime NOT NULL default '0000-00-00 00:00:00',
user_activation_key varchar(60) NOT NULL default '',
user_status int(11) NOT NULL default '0',
display_name varchar(250) NOT NULL default '',
PRIMARY KEY (ID),
KEY user_login_key (user_login),
KEY user_nicename (user_nicename)
) $charset_collate;\n";
// Multisite users table
$users_multi_table = "CREATE TABLE $wpdb->users (
ID bigint(20) unsigned NOT NULL auto_increment,
user_login varchar(60) NOT NULL default '',
user_pass varchar(64) NOT NULL default '',
user_nicename varchar(50) NOT NULL default '',
user_email varchar(100) NOT NULL default '',
user_url varchar(100) NOT NULL default '',
user_registered datetime NOT NULL default '0000-00-00 00:00:00',
user_activation_key varchar(60) NOT NULL default '',
user_status int(11) NOT NULL default '0',
display_name varchar(250) NOT NULL default '',
spam tinyint(2) NOT NULL default '0',
deleted tinyint(2) NOT NULL default '0',
PRIMARY KEY (ID),
KEY user_login_key (user_login),
KEY user_nicename (user_nicename)
) $charset_collate;\n";
// usermeta
$usermeta_table = "CREATE TABLE $wpdb->usermeta (
umeta_id bigint(20) unsigned NOT NULL auto_increment,
user_id bigint(20) unsigned NOT NULL default '0',
meta_key varchar(255) default NULL,
meta_value longtext,
PRIMARY KEY (umeta_id),
KEY user_id (user_id),
KEY meta_key (meta_key)
) $charset_collate;\n";
// Global tables
if ( $is_multisite )
$global_tables = $users_multi_table . $usermeta_table;
else
$global_tables = $users_single_table . $usermeta_table;
// Multisite global tables.
$ms_global_tables = "CREATE TABLE $wpdb->blogs (
blog_id bigint(20) NOT NULL auto_increment,
site_id bigint(20) NOT NULL default '0',
domain varchar(200) NOT NULL default '',
path varchar(100) NOT NULL default '',
registered datetime NOT NULL default '0000-00-00 00:00:00',
last_updated datetime NOT NULL default '0000-00-00 00:00:00',
public tinyint(2) NOT NULL default '1',
archived enum('0','1') NOT NULL default '0',
mature tinyint(2) NOT NULL default '0',
spam tinyint(2) NOT NULL default '0',
deleted tinyint(2) NOT NULL default '0',
lang_id int(11) NOT NULL default '0',
PRIMARY KEY (blog_id),
KEY domain (domain(50),path(5)),
KEY lang_id (lang_id)
) $charset_collate;
CREATE TABLE $wpdb->blog_versions (
blog_id bigint(20) NOT NULL default '0',
db_version varchar(20) NOT NULL default '',
last_updated datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (blog_id),
KEY db_version (db_version)
) $charset_collate;
CREATE TABLE $wpdb->registration_log (
ID bigint(20) NOT NULL auto_increment,
email varchar(255) NOT NULL default '',
IP varchar(30) NOT NULL default '',
blog_id bigint(20) NOT NULL default '0',
date_registered datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (ID),
KEY IP (IP)
) $charset_collate;
CREATE TABLE $wpdb->site (
id bigint(20) NOT NULL auto_increment,
domain varchar(200) NOT NULL default '',
path varchar(100) NOT NULL default '',
PRIMARY KEY (id),
KEY domain (domain,path)
) $charset_collate;
CREATE TABLE $wpdb->sitemeta (
meta_id bigint(20) NOT NULL auto_increment,
site_id bigint(20) NOT NULL default '0',
meta_key varchar(255) default NULL,
meta_value longtext,
PRIMARY KEY (meta_id),
KEY meta_key (meta_key),
KEY site_id (site_id)
) $charset_collate;
CREATE TABLE $wpdb->signups (
domain varchar(200) NOT NULL default '',
path varchar(100) NOT NULL default '',
title longtext NOT NULL,
user_login varchar(60) NOT NULL default '',
user_email varchar(100) NOT NULL default '',
registered datetime NOT NULL default '0000-00-00 00:00:00',
activated datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '0',
activation_key varchar(50) NOT NULL default '',
meta longtext,
KEY activation_key (activation_key),
KEY domain (domain)
) $charset_collate;";
switch ( $scope ) {
case 'blog' :
$queries = $blog_tables;
break;
case 'global' :
$queries = $global_tables;
if ( $is_multisite )
$queries .= $ms_global_tables;
break;
case 'ms_global' :
$queries = $ms_global_tables;
break;
default:
case 'all' :
$queries = $global_tables . $blog_tables;
if ( $is_multisite )
$queries .= $ms_global_tables;
break;
}
if ( isset( $old_blog_id ) )
$wpdb->set_blog_id( $old_blog_id );
return $queries;
}
// Populate for back compat.
$wp_queries = wp_get_db_schema( 'all' );
/**
* Create WordPress options and set the default values.
*
* @since 1.5.0
* @uses $wpdb
* @uses $wp_db_version
*/
function populate_options() {
global $wpdb, $wp_db_version, $current_site, $wp_current_db_version;
$guessurl = wp_guess_url();
do_action('populate_options');
if ( ini_get('safe_mode') ) {
// Safe mode can break mkdir() so use a flat structure by default.
$uploads_use_yearmonth_folders = 0;
} else {
$uploads_use_yearmonth_folders = 1;
}
$template = WP_DEFAULT_THEME;
// If default theme is a child theme, we need to get its template
$theme = wp_get_theme( $template );
if ( ! $theme->errors() )
$template = $theme->get_template();
$timezone_string = '';
$gmt_offset = 0;
/* translators: default GMT offset or timezone string. Must be either a valid offset (-12 to 14)
or a valid timezone string (America/New_York). See http://us3.php.net/manual/en/timezones.php
for all timezone strings supported by PHP.
*/
$offset_or_tz = _x( '0', 'default GMT offset or timezone string' );
if ( is_numeric( $offset_or_tz ) )
$gmt_offset = $offset_or_tz;
elseif ( $offset_or_tz && in_array( $offset_or_tz, timezone_identifiers_list() ) )
$timezone_string = $offset_or_tz;
$options = array(
'siteurl' => $guessurl,
'blogname' => __('My Site'),
/* translators: blog tagline */
'blogdescription' => __('Just another WordPress site'),
'users_can_register' => 0,
'admin_email' => 'you@example.com',
/* translators: default start of the week. 0 = Sunday, 1 = Monday */
'start_of_week' => _x( '1', 'start of week' ),
'use_balanceTags' => 0,
'use_smilies' => 1,
'require_name_email' => 1,
'comments_notify' => 1,
'posts_per_rss' => 10,
'rss_use_excerpt' => 0,
'mailserver_url' => 'mail.example.com',
'mailserver_login' => 'login@example.com',
'mailserver_pass' => 'password',
'mailserver_port' => 110,
'default_category' => 1,
'default_comment_status' => 'open',
'default_ping_status' => 'open',
'default_pingback_flag' => 1,
'posts_per_page' => 10,
/* translators: default date format, see http://php.net/date */
'date_format' => __('F j, Y'),
/* translators: default time format, see http://php.net/date */
'time_format' => __('g:i a'),
/* translators: links last updated date format, see http://php.net/date */
'links_updated_date_format' => __('F j, Y g:i a'),
'links_recently_updated_prepend' => '<em>',
'links_recently_updated_append' => '</em>',
'links_recently_updated_time' => 120,
'comment_moderation' => 0,
'moderation_notify' => 1,
'permalink_structure' => '',
'gzipcompression' => 0,
'hack_file' => 0,
'blog_charset' => 'UTF-8',
'moderation_keys' => '',
'active_plugins' => array(),
'home' => $guessurl,
'category_base' => '',
'ping_sites' => 'http://rpc.pingomatic.com/',
'advanced_edit' => 0,
'comment_max_links' => 2,
'gmt_offset' => $gmt_offset,
// 1.5
'default_email_category' => 1,
'recently_edited' => '',
'template' => $template,
'stylesheet' => WP_DEFAULT_THEME,
'comment_whitelist' => 1,
'blacklist_keys' => '',
'comment_registration' => 0,
'html_type' => 'text/html',
// 1.5.1
'use_trackback' => 0,
// 2.0
'default_role' => 'subscriber',
'db_version' => $wp_db_version,
// 2.0.1
'uploads_use_yearmonth_folders' => $uploads_use_yearmonth_folders,
'upload_path' => '',
// 2.1
'blog_public' => '1',
'default_link_category' => 2,
'show_on_front' => 'posts',
// 2.2
'tag_base' => '',
// 2.5
'show_avatars' => '1',
'avatar_rating' => 'G',
'upload_url_path' => '',
'thumbnail_size_w' => 150,
'thumbnail_size_h' => 150,
'thumbnail_crop' => 1,
'medium_size_w' => 300,
'medium_size_h' => 300,
// 2.6
'avatar_default' => 'mystery',
// 2.7
'large_size_w' => 1024,
'large_size_h' => 1024,
'image_default_link_type' => 'file',
'image_default_size' => '',
'image_default_align' => '',
'close_comments_for_old_posts' => 0,
'close_comments_days_old' => 14,
'thread_comments' => 1,
'thread_comments_depth' => 5,
'page_comments' => 0,
'comments_per_page' => 50,
'default_comments_page' => 'newest',
'comment_order' => 'asc',
'sticky_posts' => array(),
'widget_categories' => array(),
'widget_text' => array(),
'widget_rss' => array(),
'uninstall_plugins' => array(),
// 2.8
'timezone_string' => $timezone_string,
// 3.0
'page_for_posts' => 0,
'page_on_front' => 0,
// 3.1
'default_post_format' => 0,
// 3.5
'link_manager_enabled' => 0,
);
// 3.3
if ( ! is_multisite() ) {
$options['initial_db_version'] = ! empty( $wp_current_db_version ) && $wp_current_db_version < $wp_db_version
? $wp_current_db_version : $wp_db_version;
}
// 3.0 multisite
if ( is_multisite() ) {
/* translators: blog tagline */
$options[ 'blogdescription' ] = sprintf(__('Just another %s site'), $current_site->site_name );
$options[ 'permalink_structure' ] = '/%year%/%monthnum%/%day%/%postname%/';
}
// Set autoload to no for these options
$fat_options = array( 'moderation_keys', 'recently_edited', 'blacklist_keys', 'uninstall_plugins' );
$existing_options = $wpdb->get_col("SELECT option_name FROM $wpdb->options");
$insert = '';
foreach ( $options as $option => $value ) {
if ( in_array($option, $existing_options) )
continue;
if ( in_array($option, $fat_options) )
$autoload = 'no';
else
$autoload = 'yes';
if ( is_array($value) )
$value = serialize($value);
if ( !empty($insert) )
$insert .= ', ';
$insert .= $wpdb->prepare( "(%s, %s, %s)", $option, $value, $autoload );
}
if ( !empty($insert) )
$wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES " . $insert);
// in case it is set, but blank, update "home"
if ( !__get_option('home') ) update_option('home', $guessurl);
// Delete unused options
$unusedoptions = array(
'blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory',
'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping',
'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers',
'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference',
'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char',
'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1',
'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5',
'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9',
'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat',
'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog', '_wpnonce',
'_wp_http_referer', 'Update', 'action', 'rich_editing', 'autosave_interval', 'deactivated_plugins',
'can_compress_scripts', 'page_uris', 'update_core', 'update_plugins', 'update_themes', 'doing_cron',
'random_seed', 'rss_excerpt_length', 'secret', 'use_linksupdate', 'default_comment_status_page',
'wporg_popular_tags', 'what_to_show', 'rss_language', 'language', 'enable_xmlrpc', 'enable_app',
'autoembed_urls', 'default_post_edit_rows',
);
foreach ( $unusedoptions as $option )
delete_option($option);
// delete obsolete magpie stuff
$wpdb->query("DELETE FROM $wpdb->options WHERE option_name REGEXP '^rss_[0-9a-f]{32}(_ts)?$'");
}
/**
* Execute WordPress role creation for the various WordPress versions.
*
* @since 2.0.0
*/
function populate_roles() {
populate_roles_160();
populate_roles_210();
populate_roles_230();
populate_roles_250();
populate_roles_260();
populate_roles_270();
populate_roles_280();
populate_roles_300();
}
/**
* Create the roles for WordPress 2.0
*
* @since 2.0.0
*/
function populate_roles_160() {
// Add roles
// Dummy gettext calls to get strings in the catalog.
/* translators: user role */
_x('Administrator', 'User role');
/* translators: user role */
_x('Editor', 'User role');
/* translators: user role */
_x('Author', 'User role');
/* translators: user role */
_x('Contributor', 'User role');
/* translators: user role */
_x('Subscriber', 'User role');
add_role('administrator', 'Administrator');
add_role('editor', 'Editor');
add_role('author', 'Author');
add_role('contributor', 'Contributor');
add_role('subscriber', 'Subscriber');
// Add caps for Administrator role
$role =& get_role('administrator');
$role->add_cap('switch_themes');
$role->add_cap('edit_themes');
$role->add_cap('activate_plugins');
$role->add_cap('edit_plugins');
$role->add_cap('edit_users');
$role->add_cap('edit_files');
$role->add_cap('manage_options');
$role->add_cap('moderate_comments');
$role->add_cap('manage_categories');
$role->add_cap('manage_links');
$role->add_cap('upload_files');
$role->add_cap('import');
$role->add_cap('unfiltered_html');
$role->add_cap('edit_posts');
$role->add_cap('edit_others_posts');
$role->add_cap('edit_published_posts');
$role->add_cap('publish_posts');
$role->add_cap('edit_pages');
$role->add_cap('read');
$role->add_cap('level_10');
$role->add_cap('level_9');
$role->add_cap('level_8');
$role->add_cap('level_7');
$role->add_cap('level_6');
$role->add_cap('level_5');
$role->add_cap('level_4');
$role->add_cap('level_3');
$role->add_cap('level_2');
$role->add_cap('level_1');
$role->add_cap('level_0');
// Add caps for Editor role
$role =& get_role('editor');
$role->add_cap('moderate_comments');
$role->add_cap('manage_categories');
$role->add_cap('manage_links');
$role->add_cap('upload_files');
$role->add_cap('unfiltered_html');
$role->add_cap('edit_posts');
$role->add_cap('edit_others_posts');
$role->add_cap('edit_published_posts');
$role->add_cap('publish_posts');
$role->add_cap('edit_pages');
$role->add_cap('read');
$role->add_cap('level_7');
$role->add_cap('level_6');
$role->add_cap('level_5');
$role->add_cap('level_4');
$role->add_cap('level_3');
$role->add_cap('level_2');
$role->add_cap('level_1');
$role->add_cap('level_0');
// Add caps for Author role
$role =& get_role('author');
$role->add_cap('upload_files');
$role->add_cap('edit_posts');
$role->add_cap('edit_published_posts');
$role->add_cap('publish_posts');
$role->add_cap('read');
$role->add_cap('level_2');
$role->add_cap('level_1');
$role->add_cap('level_0');
// Add caps for Contributor role
$role =& get_role('contributor');
$role->add_cap('edit_posts');
$role->add_cap('read');
$role->add_cap('level_1');
$role->add_cap('level_0');
// Add caps for Subscriber role
$role =& get_role('subscriber');
$role->add_cap('read');
$role->add_cap('level_0');
}
/**
* Create and modify WordPress roles for WordPress 2.1.
*
* @since 2.1.0
*/
function populate_roles_210() {
$roles = array('administrator', 'editor');
foreach ($roles as $role) {
$role =& get_role($role);
if ( empty($role) )
continue;
$role->add_cap('edit_others_pages');
$role->add_cap('edit_published_pages');
$role->add_cap('publish_pages');
$role->add_cap('delete_pages');
$role->add_cap('delete_others_pages');
$role->add_cap('delete_published_pages');
$role->add_cap('delete_posts');
$role->add_cap('delete_others_posts');
$role->add_cap('delete_published_posts');
$role->add_cap('delete_private_posts');
$role->add_cap('edit_private_posts');
$role->add_cap('read_private_posts');
$role->add_cap('delete_private_pages');
$role->add_cap('edit_private_pages');
$role->add_cap('read_private_pages');
}
$role =& get_role('administrator');
if ( ! empty($role) ) {
$role->add_cap('delete_users');
$role->add_cap('create_users');
}
$role =& get_role('author');
if ( ! empty($role) ) {
$role->add_cap('delete_posts');
$role->add_cap('delete_published_posts');
}
$role =& get_role('contributor');
if ( ! empty($role) ) {
$role->add_cap('delete_posts');
}
}
/**
* Create and modify WordPress roles for WordPress 2.3.
*
* @since 2.3.0
*/
function populate_roles_230() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'unfiltered_upload' );
}
}
/**
* Create and modify WordPress roles for WordPress 2.5.
*
* @since 2.5.0
*/
function populate_roles_250() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'edit_dashboard' );
}
}
/**
* Create and modify WordPress roles for WordPress 2.6.
*
* @since 2.6.0
*/
function populate_roles_260() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'update_plugins' );
$role->add_cap( 'delete_plugins' );
}
}
/**
* Create and modify WordPress roles for WordPress 2.7.
*
* @since 2.7.0
*/
function populate_roles_270() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'install_plugins' );
$role->add_cap( 'update_themes' );
}
}
/**
* Create and modify WordPress roles for WordPress 2.8.
*
* @since 2.8.0
*/
function populate_roles_280() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'install_themes' );
}
}
/**
* Create and modify WordPress roles for WordPress 3.0.
*
* @since 3.0.0
*/
function populate_roles_300() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'update_core' );
$role->add_cap( 'list_users' );
$role->add_cap( 'remove_users' );
// Never used, will be removed. create_users or
// promote_users is the capability you're looking for.
$role->add_cap( 'add_users' );
$role->add_cap( 'promote_users' );
$role->add_cap( 'edit_theme_options' );
$role->add_cap( 'delete_themes' );
$role->add_cap( 'export' );
}
}
/**
* Install Network.
*
* @since 3.0.0
*
*/
if ( !function_exists( 'install_network' ) ) :
function install_network() {
if ( ! defined( 'WP_INSTALLING_NETWORK' ) )
define( 'WP_INSTALLING_NETWORK', true );
dbDelta( wp_get_db_schema( 'global' ) );
}
endif;
/**
* populate network settings
*
* @since 3.0.0
*
* @param int $network_id id of network to populate
* @return bool|WP_Error True on success, or WP_Error on warning (with the install otherwise successful,
* so the error code must be checked) or failure.
*/
function populate_network( $network_id = 1, $domain = '', $email = '', $site_name = '', $path = '/', $subdomain_install = false ) {
global $wpdb, $current_site, $wp_db_version, $wp_rewrite;
$errors = new WP_Error();
if ( '' == $domain )
$errors->add( 'empty_domain', __( 'You must provide a domain name.' ) );
if ( '' == $site_name )
$errors->add( 'empty_sitename', __( 'You must provide a name for your network of sites.' ) );
// check for network collision
if ( $network_id == $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE id = %d", $network_id ) ) )
$errors->add( 'siteid_exists', __( 'The network already exists.' ) );
$site_user = get_user_by( 'email', $email );
if ( ! is_email( $email ) )
$errors->add( 'invalid_email', __( 'You must provide a valid e-mail address.' ) );
if ( $errors->get_error_code() )
return $errors;
// set up site tables
$template = get_option( 'template' );
$stylesheet = get_option( 'stylesheet' );
$allowed_themes = array( $stylesheet => true );
if ( $template != $stylesheet )
$allowed_themes[ $template ] = true;
if ( WP_DEFAULT_THEME != $stylesheet && WP_DEFAULT_THEME != $template )
$allowed_themes[ WP_DEFAULT_THEME ] = true;
if ( 1 == $network_id ) {
$wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path ) );
$network_id = $wpdb->insert_id;
} else {
$wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path, 'id' => $network_id ) );
}
if ( !is_multisite() ) {
$site_admins = array( $site_user->user_login );
$users = get_users( array( 'fields' => array( 'ID', 'user_login' ) ) );
if ( $users ) {
foreach ( $users as $user ) {
if ( is_super_admin( $user->ID ) && !in_array( $user->user_login, $site_admins ) )
$site_admins[] = $user->user_login;
}
}
} else {
$site_admins = get_site_option( 'site_admins' );
}
$welcome_email = __( 'Dear User,
Your new SITE_NAME site has been successfully set up at:
BLOG_URL
You can log in to the administrator account with the following information:
Username: USERNAME
Password: PASSWORD
Log in here: BLOG_URLwp-login.php
We hope you enjoy your new site. Thanks!
--The Team @ SITE_NAME' );
$sitemeta = array(
'site_name' => $site_name,
'admin_email' => $site_user->user_email,
'admin_user_id' => $site_user->ID,
'registration' => 'none',
'upload_filetypes' => 'jpg jpeg png gif mp3 mov avi wmv midi mid pdf',
'blog_upload_space' => 100,
'fileupload_maxk' => 1500,
'site_admins' => $site_admins,
'allowedthemes' => $allowed_themes,
'illegal_names' => array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', 'files' ),
'wpmu_upgrade_site' => $wp_db_version,
'welcome_email' => $welcome_email,
'first_post' => __( 'Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!' ),
// @todo - network admins should have a method of editing the network siteurl (used for cookie hash)
'siteurl' => get_option( 'siteurl' ) . '/',
'add_new_users' => '0',
'upload_space_check_disabled' => is_multisite() ? get_site_option( 'upload_space_check_disabled' ) : '1',
'subdomain_install' => intval( $subdomain_install ),
'global_terms_enabled' => global_terms_enabled() ? '1' : '0',
'ms_files_rewriting' => is_multisite() ? get_site_option( 'ms_files_rewriting' ) : '0',
'initial_db_version' => get_option( 'initial_db_version' ),
'active_sitewide_plugins' => array(),
'WPLANG' => get_locale(),
);
if ( ! $subdomain_install )
$sitemeta['illegal_names'][] = 'blog';
$insert = '';
foreach ( $sitemeta as $meta_key => $meta_value ) {
if ( is_array( $meta_value ) )
$meta_value = serialize( $meta_value );
if ( !empty( $insert ) )
$insert .= ', ';
$insert .= $wpdb->prepare( "( %d, %s, %s)", $network_id, $meta_key, $meta_value );
}
$wpdb->query( "INSERT INTO $wpdb->sitemeta ( site_id, meta_key, meta_value ) VALUES " . $insert );
// When upgrading from single to multisite, assume the current site will become the main site of the network.
// When using populate_network() to create another network in an existing multisite environment,
// skip these steps since the main site of the new network has not yet been created.
if ( ! is_multisite() ) {
$current_site = new stdClass;
$current_site->domain = $domain;
$current_site->path = $path;
$current_site->site_name = ucfirst( $domain );
$wpdb->insert( $wpdb->blogs, array( 'site_id' => $network_id, 'domain' => $domain, 'path' => $path, 'registered' => current_time( 'mysql' ) ) );
$current_site->blog_id = $blog_id = $wpdb->insert_id;
update_user_meta( $site_user->ID, 'source_domain', $domain );
update_user_meta( $site_user->ID, 'primary_blog', $blog_id );
if ( $subdomain_install )
$wp_rewrite->set_permalink_structure( '/%year%/%monthnum%/%day%/%postname%/' );
else
$wp_rewrite->set_permalink_structure( '/blog/%year%/%monthnum%/%day%/%postname%/' );
flush_rewrite_rules();
}
if ( $subdomain_install ) {
$vhost_ok = false;
$errstr = '';
$hostname = substr( md5( time() ), 0, 6 ) . '.' . $domain; // Very random hostname!
$page = wp_remote_get( 'http://' . $hostname, array( 'timeout' => 5, 'httpversion' => '1.1' ) );
if ( is_wp_error( $page ) )
$errstr = $page->get_error_message();
elseif ( 200 == wp_remote_retrieve_response_code( $page ) )
$vhost_ok = true;
if ( ! $vhost_ok ) {
$msg = '<p><strong>' . __( 'Warning! Wildcard DNS may not be configured correctly!' ) . '</strong></p>';
$msg .= '<p>' . sprintf( __( 'The installer attempted to contact a random hostname (<code>%1$s</code>) on your domain.' ), $hostname );
if ( ! empty ( $errstr ) )
$msg .= ' ' . sprintf( __( 'This resulted in an error message: %s' ), '<code>' . $errstr . '</code>' );
$msg .= '</p>';
$msg .= '<p>' . __( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.' ) . '</p>';
$msg .= '<p>' . __( 'You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.' ) . '</p>';
return new WP_Error( 'no_wildcard_dns', $msg );
}
}
return true;
}