} /** * Classes, which help reading streams of data from files. * Based on the classes from Danilo Segan * * @version $Id: streams.php 1157 2015-11-20 04:30:11Z dd32 $ * @package pomo * @subpackage streams */ if ( ! class_exists( 'POMO_Reader', false ) ) : #[AllowDynamicProperties] class POMO_Reader { public $endian = 'little'; public $_pos; public $is_overloaded; /** * PHP5 constructor. */ public function __construct() { if ( function_exists( 'mb_substr' ) && ( (int) ini_get( 'mbstring.func_overload' ) & 2 ) // phpcs:ignore PHPCompatibility.IniDirectives.RemovedIniDirectives.mbstring_func_overloadDeprecated ) { $this->is_overloaded = true; } else { $this->is_overloaded = false; } $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_Reader::__construct() */ public function POMO_Reader() { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct(); } /** * Sets the endianness of the file. * * @param string $endian Set the endianness of the file. Accepts 'big', or 'little'. */ public function setEndian( $endian ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.MethodNameInvalid $this->endian = $endian; } /** * Reads a 32bit Integer from the Stream * * @return mixed The integer, corresponding to the next 32 bits from * the stream of false if there are not enough bytes or on error */ public function readint32() { $bytes = $this->read( 4 ); if ( 4 !== $this->strlen( $bytes ) ) { return false; } $endian_letter = ( 'big' === $this->endian ) ? 'N' : 'V'; $int = unpack( $endian_letter, $bytes ); return reset( $int ); } /** * Reads an array of 32-bit Integers from the Stream * * @param int $count How many elements should be read * @return mixed Array of integers or false if there isn't * enough data or on error */ public function readint32array( $count ) { $bytes = $this->read( 4 * $count ); if ( 4 * $count !== $this->strlen( $bytes ) ) { return false; } $endian_letter = ( 'big' === $this->endian ) ? 'N' : 'V'; return unpack( $endian_letter . $count, $bytes ); } /** * @param string $input_string * @param int $start * @param int $length * @return string */ public function substr( $input_string, $start, $length ) { if ( $this->is_overloaded ) { return mb_substr( $input_string, $start, $length, 'ascii' ); } else { return substr( $input_string, $start, $length ); } } /** * @param string $input_string * @return int */ public function strlen( $input_string ) { if ( $this->is_overloaded ) { return mb_strlen( $input_string, 'ascii' ); } else { return strlen( $input_string ); } } /** * @param string $input_string * @param int $chunk_size * @return array */ public function str_split( $input_string, $chunk_size ) { if ( ! function_exists( 'str_split' ) ) { $length = $this->strlen( $input_string ); $out = array(); for ( $i = 0; $i < $length; $i += $chunk_size ) { $out[] = $this->substr( $input_string, $i, $chunk_size ); } return $out; } else { return str_split( $input_string, $chunk_size ); } } /** * @return int */ public function pos() { return $this->_pos; } /** * @return true */ public function is_resource() { return true; } /** * @return true */ public function close() { return true; } } endif; if ( ! class_exists( 'POMO_FileReader', false ) ) : class POMO_FileReader extends POMO_Reader { /** * File pointer resource. * * @var resource|false */ public $_f; /** * @param string $filename */ public function __construct( $filename ) { parent::__construct(); $this->_f = fopen( $filename, 'rb' ); } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_FileReader::__construct() */ public function POMO_FileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } /** * @param int $bytes * @return string|false Returns read string, otherwise false. */ public function read( $bytes ) { return fread( $this->_f, $bytes ); } /** * @param int $pos * @return bool */ public function seekto( $pos ) { if ( -1 === fseek( $this->_f, $pos, SEEK_SET ) ) { return false; } $this->_pos = $pos; return true; } /** * @return bool */ public function is_resource() { return is_resource( $this->_f ); } /** * @return bool */ public function feof() { return feof( $this->_f ); } /** * @return bool */ public function close() { return fclose( $this->_f ); } /** * @return string */ public function read_all() { return stream_get_contents( $this->_f ); } } endif; if ( ! class_exists( 'POMO_StringReader', false ) ) : /** * Provides file-like methods for manipulating a string instead * of a physical file. */ class POMO_StringReader extends POMO_Reader { public $_str = ''; /** * PHP5 constructor. */ public function __construct( $str = '' ) { parent::__construct(); $this->_str = $str; $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_StringReader::__construct() */ public function POMO_StringReader( $str = '' ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $str ); } /** * @param string $bytes * @return string */ public function read( $bytes ) { $data = $this->substr( $this->_str, $this->_pos, $bytes ); $this->_pos += $bytes; if ( $this->strlen( $this->_str ) < $this->_pos ) { $this->_pos = $this->strlen( $this->_str ); } return $data; } /** * @param int $pos * @return int */ public function seekto( $pos ) { $this->_pos = $pos; if ( $this->strlen( $this->_str ) < $this->_pos ) { $this->_pos = $this->strlen( $this->_str ); } return $this->_pos; } /** * @return int */ public function length() { return $this->strlen( $this->_str ); } /** * @return string */ public function read_all() { return $this->substr( $this->_str, $this->_pos, $this->strlen( $this->_str ) ); } } endif; if ( ! class_exists( 'POMO_CachedFileReader', false ) ) : /** * Reads the contents of the file in the beginning. */ class POMO_CachedFileReader extends POMO_StringReader { /** * PHP5 constructor. */ public function __construct( $filename ) { parent::__construct(); $this->_str = file_get_contents( $filename ); if ( false === $this->_str ) { return false; } $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_CachedFileReader::__construct() */ public function POMO_CachedFileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } } endif; if ( ! class_exists( 'POMO_CachedIntFileReader', false ) ) : /** * Reads the contents of the file in the beginning. */ class POMO_CachedIntFileReader extends POMO_CachedFileReader { /** * PHP5 constructor. */ public function __construct( $filename ) { parent::__construct( $filename ); } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_CachedIntFileReader::__construct() */ public function POMO_CachedIntFileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } } endif;} /** * WordPress Rewrite API * * @package WordPress * @subpackage Rewrite */ /** * Endpoint mask that matches nothing. * * @since 2.1.0 */ define( 'EP_NONE', 0 ); /** * Endpoint mask that matches post permalinks. * * @since 2.1.0 */ define( 'EP_PERMALINK', 1 ); /** * Endpoint mask that matches attachment permalinks. * * @since 2.1.0 */ define( 'EP_ATTACHMENT', 2 ); /** * Endpoint mask that matches any date archives. * * @since 2.1.0 */ define( 'EP_DATE', 4 ); /** * Endpoint mask that matches yearly archives. * * @since 2.1.0 */ define( 'EP_YEAR', 8 ); /** * Endpoint mask that matches monthly archives. * * @since 2.1.0 */ define( 'EP_MONTH', 16 ); /** * Endpoint mask that matches daily archives. * * @since 2.1.0 */ define( 'EP_DAY', 32 ); /** * Endpoint mask that matches the site root. * * @since 2.1.0 */ define( 'EP_ROOT', 64 ); /** * Endpoint mask that matches comment feeds. * * @since 2.1.0 */ define( 'EP_COMMENTS', 128 ); /** * Endpoint mask that matches searches. * * Note that this only matches a search at a "pretty" URL such as * `/search/my-search-term`, not `?s=my-search-term`. * * @since 2.1.0 */ define( 'EP_SEARCH', 256 ); /** * Endpoint mask that matches category archives. * * @since 2.1.0 */ define( 'EP_CATEGORIES', 512 ); /** * Endpoint mask that matches tag archives. * * @since 2.3.0 */ define( 'EP_TAGS', 1024 ); /** * Endpoint mask that matches author archives. * * @since 2.1.0 */ define( 'EP_AUTHORS', 2048 ); /** * Endpoint mask that matches pages. * * @since 2.1.0 */ define( 'EP_PAGES', 4096 ); /** * Endpoint mask that matches all archive views. * * @since 3.7.0 */ define( 'EP_ALL_ARCHIVES', EP_DATE | EP_YEAR | EP_MONTH | EP_DAY | EP_CATEGORIES | EP_TAGS | EP_AUTHORS ); /** * Endpoint mask that matches everything. * * @since 2.1.0 */ define( 'EP_ALL', EP_PERMALINK | EP_ATTACHMENT | EP_ROOT | EP_COMMENTS | EP_SEARCH | EP_PAGES | EP_ALL_ARCHIVES ); /** * Adds a rewrite rule that transforms a URL structure to a set of query vars. * * Any value in the $after parameter that isn't 'bottom' will result in the rule * being placed at the top of the rewrite rules. * * @since 2.1.0 * @since 4.4.0 Array support was added to the `$query` parameter. * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $regex Regular expression to match request against. * @param string|array $query The corresponding query vars for this rewrite rule. * @param string $after Optional. Priority of the new rule. Accepts 'top' * or 'bottom'. Default 'bottom'. */ function add_rewrite_rule( $regex, $query, $after = 'bottom' ) { global $wp_rewrite; $wp_rewrite->add_rule( $regex, $query, $after ); } /** * Adds a new rewrite tag (like %postname%). * * The `$query` parameter is optional. If it is omitted you must ensure that you call * this on, or before, the {@see 'init'} hook. This is because `$query` defaults to * `$tag=`, and for this to work a new query var has to be added. * * @since 2.1.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * @global WP $wp Current WordPress environment instance. * * @param string $tag Name of the new rewrite tag. * @param string $regex Regular expression to substitute the tag for in rewrite rules. * @param string $query Optional. String to append to the rewritten query. Must end in '='. Default empty. */ function add_rewrite_tag( $tag, $regex, $query = '' ) { // Validate the tag's name. if ( strlen( $tag ) < 3 || '%' !== $tag[0] || '%' !== $tag[ strlen( $tag ) - 1 ] ) { return; } global $wp_rewrite, $wp; if ( empty( $query ) ) { $qv = trim( $tag, '%' ); $wp->add_query_var( $qv ); $query = $qv . '='; } $wp_rewrite->add_rewrite_tag( $tag, $regex, $query ); } /** * Removes an existing rewrite tag (like %postname%). * * @since 4.5.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $tag Name of the rewrite tag. */ function remove_rewrite_tag( $tag ) { global $wp_rewrite; $wp_rewrite->remove_rewrite_tag( $tag ); } /** * Adds a permalink structure. * * @since 3.0.0 * * @see WP_Rewrite::add_permastruct() * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $name Name for permalink structure. * @param string $struct Permalink structure. * @param array $args Optional. Arguments for building the rules from the permalink structure, * see WP_Rewrite::add_permastruct() for full details. Default empty array. */ function add_permastruct( $name, $struct, $args = array() ) { global $wp_rewrite; // Back-compat for the old parameters: $with_front and $ep_mask. if ( ! is_array( $args ) ) { $args = array( 'with_front' => $args ); } if ( func_num_args() === 4 ) { $args['ep_mask'] = func_get_arg( 3 ); } $wp_rewrite->add_permastruct( $name, $struct, $args ); } /** * Removes a permalink structure. * * Can only be used to remove permastructs that were added using add_permastruct(). * Built-in permastructs cannot be removed. * * @since 4.5.0 * * @see WP_Rewrite::remove_permastruct() * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $name Name for permalink structure. */ function remove_permastruct( $name ) { global $wp_rewrite; $wp_rewrite->remove_permastruct( $name ); } /** * Adds a new feed type like /atom1/. * * @since 2.1.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $feedname Feed name. Should not start with '_'. * @param callable $callback Callback to run on feed display. * @return string Feed action name. */ function add_feed( $feedname, $callback ) { global $wp_rewrite; if ( ! in_array( $feedname, $wp_rewrite->feeds, true ) ) { $wp_rewrite->feeds[] = $feedname; } $hook = 'do_feed_' . $feedname; // Remove default function hook. remove_action( $hook, $hook ); add_action( $hook, $callback, 10, 2 ); return $hook; } /** * Removes rewrite rules and then recreate rewrite rules. * * @since 3.0.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param bool $hard Whether to update .htaccess (hard flush) or just update * rewrite_rules option (soft flush). Default is true (hard). */ function flush_rewrite_rules( $hard = true ) { global $wp_rewrite; if ( is_callable( array( $wp_rewrite, 'flush_rules' ) ) ) { $wp_rewrite->flush_rules( $hard ); } } /** * Adds an endpoint, like /trackback/. * * Adding an endpoint creates extra rewrite rules for each of the matching * places specified by the provided bitmask. For example: * * add_rewrite_endpoint( 'json', EP_PERMALINK | EP_PAGES ); * * will add a new rewrite rule ending with "json(/(.*))?/?$" for every permastruct * that describes a permalink (post) or page. This is rewritten to "json=$match" * where $match is the part of the URL matched by the endpoint regex (e.g. "foo" in * "[permalink]/json/foo/"). * * A new query var with the same name as the endpoint will also be created. * * When specifying $places ensure that you are using the EP_* constants (or a * combination of them using the bitwise OR operator) as their values are not * guaranteed to remain static (especially `EP_ALL`). * * Be sure to flush the rewrite rules - see flush_rewrite_rules() - when your plugin gets * activated and deactivated. * * @since 2.1.0 * @since 4.3.0 Added support for skipping query var registration by passing `false` to `$query_var`. * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * * @param string $name Name of the endpoint. * @param int $places Endpoint mask describing the places the endpoint should be added. * Accepts a mask of: * - `EP_ALL` * - `EP_NONE` * - `EP_ALL_ARCHIVES` * - `EP_ATTACHMENT` * - `EP_AUTHORS` * - `EP_CATEGORIES` * - `EP_COMMENTS` * - `EP_DATE` * - `EP_DAY` * - `EP_MONTH` * - `EP_PAGES` * - `EP_PERMALINK` * - `EP_ROOT` * - `EP_SEARCH` * - `EP_TAGS` * - `EP_YEAR` * @param string|bool $query_var Name of the corresponding query variable. Pass `false` to skip registering a query_var * for this endpoint. Defaults to the value of `$name`. */ function add_rewrite_endpoint( $name, $places, $query_var = true ) { global $wp_rewrite; $wp_rewrite->add_endpoint( $name, $places, $query_var ); } /** * Filters the URL base for taxonomies. * * To remove any manually prepended /index.php/. * * @access private * @since 2.6.0 * * @param string $base The taxonomy base that we're going to filter * @return string */ function _wp_filter_taxonomy_base( $base ) { if ( ! empty( $base ) ) { $base = preg_replace( '|^/index\.php/|', '', $base ); $base = trim( $base, '/' ); } return $base; } /** * Resolves numeric slugs that collide with date permalinks. * * Permalinks of posts with numeric slugs can sometimes look to WP_Query::parse_query() * like a date archive, as when your permalink structure is `/%year%/%postname%/` and * a post with post_name '05' has the URL `/2015/05/`. * * This function detects conflicts of this type and resolves them in favor of the * post permalink. * * Note that, since 4.3.0, wp_unique_post_slug() prevents the creation of post slugs * that would result in a date archive conflict. The resolution performed in this * function is primarily for legacy content, as well as cases when the admin has changed * the site's permalink structure in a way that introduces URL conflicts. * * @since 4.3.0 * * @param array $query_vars Optional. Query variables for setting up the loop, as determined in * WP::parse_request(). Default empty array. * @return array Returns the original array of query vars, with date/post conflicts resolved. */ function wp_resolve_numeric_slug_conflicts( $query_vars = array() ) { if ( ! isset( $query_vars['year'] ) && ! isset( $query_vars['monthnum'] ) && ! isset( $query_vars['day'] ) ) { return $query_vars; } // Identify the 'postname' position in the permastruct array. $permastructs = array_values( array_filter( explode( '/', get_option( 'permalink_structure' ) ) ) ); $postname_index = array_search( '%postname%', $permastructs, true ); if ( false === $postname_index ) { return $query_vars; } /* * A numeric slug could be confused with a year, month, or day, depending on position. To account for * the possibility of post pagination (eg 2015/2 for the second page of a post called '2015'), our * `is_*` checks are generous: check for year-slug clashes when `is_year` *or* `is_month`, and check * for month-slug clashes when `is_month` *or* `is_day`. */ $compare = ''; if ( 0 === $postname_index && ( isset( $query_vars['year'] ) || isset( $query_vars['monthnum'] ) ) ) { $compare = 'year'; } elseif ( $postname_index && '%year%' === $permastructs[ $postname_index - 1 ] && ( isset( $query_vars['monthnum'] ) || isset( $query_vars['day'] ) ) ) { $compare = 'monthnum'; } elseif ( $postname_index && '%monthnum%' === $permastructs[ $postname_index - 1 ] && isset( $query_vars['day'] ) ) { $compare = 'day'; } if ( ! $compare ) { return $query_vars; } // This is the potentially clashing slug. $value = ''; if ( $compare && array_key_exists( $compare, $query_vars ) ) { $value = $query_vars[ $compare ]; } $post = get_page_by_path( $value, OBJECT, 'post' ); if ( ! ( $post instanceof WP_Post ) ) { return $query_vars; } // If the date of the post doesn't match the date specified in the URL, resolve to the date archive. if ( preg_match( '/^([0-9]{4})\-([0-9]{2})/', $post->post_date, $matches ) && isset( $query_vars['year'] ) && ( 'monthnum' === $compare || 'day' === $compare ) ) { // $matches[1] is the year the post was published. if ( (int) $query_vars['year'] !== (int) $matches[1] ) { return $query_vars; } // $matches[2] is the month the post was published. if ( 'day' === $compare && isset( $query_vars['monthnum'] ) && (int) $query_vars['monthnum'] !== (int) $matches[2] ) { return $query_vars; } } /* * If the located post contains nextpage pagination, then the URL chunk following postname may be * intended as the page number. Verify that it's a valid page before resolving to it. */ $maybe_page = ''; if ( 'year' === $compare && isset( $query_vars['monthnum'] ) ) { $maybe_page = $query_vars['monthnum']; } elseif ( 'monthnum' === $compare && isset( $query_vars['day'] ) ) { $maybe_page = $query_vars['day']; } // Bug found in #11694 - 'page' was returning '/4'. $maybe_page = (int) trim( $maybe_page, '/' ); $post_page_count = substr_count( $post->post_content, '' ) + 1; // If the post doesn't have multiple pages, but a 'page' candidate is found, resolve to the date archive. if ( 1 === $post_page_count && $maybe_page ) { return $query_vars; } // If the post has multiple pages and the 'page' number isn't valid, resolve to the date archive. if ( $post_page_count > 1 && $maybe_page > $post_page_count ) { return $query_vars; } // If we've gotten to this point, we have a slug/date clash. First, adjust for nextpage. if ( '' !== $maybe_page ) { $query_vars['page'] = (int) $maybe_page; } // Next, unset autodetected date-related query vars. unset( $query_vars['year'] ); unset( $query_vars['monthnum'] ); unset( $query_vars['day'] ); // Then, set the identified post. $query_vars['name'] = $post->post_name; // Finally, return the modified query vars. return $query_vars; } /** * Examines a URL and try to determine the post ID it represents. * * Checks are supposedly from the hosted site blog. * * @since 1.0.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * @global WP $wp Current WordPress environment instance. * * @param string $url Permalink to check. * @return int Post ID, or 0 on failure. */ function url_to_postid( $url ) { global $wp_rewrite; /** * Filters the URL to derive the post ID from. * * @since 2.2.0 * * @param string $url The URL to derive the post ID from. */ $url = apply_filters( 'url_to_postid', $url ); $url_host = parse_url( $url, PHP_URL_HOST ); if ( is_string( $url_host ) ) { $url_host = str_replace( 'www.', '', $url_host ); } else { $url_host = ''; } $home_url_host = parse_url( home_url(), PHP_URL_HOST ); if ( is_string( $home_url_host ) ) { $home_url_host = str_replace( 'www.', '', $home_url_host ); } else { $home_url_host = ''; } // Bail early if the URL does not belong to this site. if ( $url_host && $url_host !== $home_url_host ) { return 0; } // First, check to see if there is a 'p=N' or 'page_id=N' to match against. if ( preg_match( '#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values ) ) { $id = absint( $values[2] ); if ( $id ) { return $id; } } // Get rid of the #anchor. $url_split = explode( '#', $url ); $url = $url_split[0]; // Get rid of URL ?query=string. $url_split = explode( '?', $url ); $url = $url_split[0]; // Set the correct URL scheme. $scheme = parse_url( home_url(), PHP_URL_SCHEME ); $url = set_url_scheme( $url, $scheme ); // Add 'www.' if it is absent and should be there. if ( str_contains( home_url(), '://www.' ) && ! str_contains( $url, '://www.' ) ) { $url = str_replace( '://', '://www.', $url ); } // Strip 'www.' if it is present and shouldn't be. if ( ! str_contains( home_url(), '://www.' ) ) { $url = str_replace( '://www.', '://', $url ); } if ( trim( $url, '/' ) === home_url() && 'page' === get_option( 'show_on_front' ) ) { $page_on_front = get_option( 'page_on_front' ); if ( $page_on_front && get_post( $page_on_front ) instanceof WP_Post ) { return (int) $page_on_front; } } // Check to see if we are using rewrite rules. $rewrite = $wp_rewrite->wp_rewrite_rules(); // Not using rewrite rules, and 'p=N' and 'page_id=N' methods failed, so we're out of options. if ( empty( $rewrite ) ) { return 0; } // Strip 'index.php/' if we're not using path info permalinks. if ( ! $wp_rewrite->using_index_permalinks() ) { $url = str_replace( $wp_rewrite->index . '/', '', $url ); } if ( str_contains( trailingslashit( $url ), home_url( '/' ) ) ) { // Chop off http://domain.com/[path]. $url = str_replace( home_url(), '', $url ); } else { // Chop off /path/to/blog. $home_path = parse_url( home_url( '/' ) ); $home_path = isset( $home_path['path'] ) ? $home_path['path'] : ''; $url = preg_replace( sprintf( '#^%s#', preg_quote( $home_path ) ), '', trailingslashit( $url ) ); } // Trim leading and lagging slashes. $url = trim( $url, '/' ); $request = $url; $post_type_query_vars = array(); foreach ( get_post_types( array(), 'objects' ) as $post_type => $t ) { if ( ! empty( $t->query_var ) ) { $post_type_query_vars[ $t->query_var ] = $post_type; } } // Look for matches. $request_match = $request; foreach ( (array) $rewrite as $match => $query ) { /* * If the requesting file is the anchor of the match, * prepend it to the path info. */ if ( ! empty( $url ) && ( $url !== $request ) && str_starts_with( $match, $url ) ) { $request_match = $url . '/' . $request; } if ( preg_match( "#^$match#", $request_match, $matches ) ) { if ( $wp_rewrite->use_verbose_page_rules && preg_match( '/pagename=\$matches\[([0-9]+)\]/', $query, $varmatch ) ) { // This is a verbose page match, let's check to be sure about it. $page = get_page_by_path( $matches[ $varmatch[1] ] ); if ( ! $page ) { continue; } $post_status_obj = get_post_status_object( $page->post_status ); if ( ! $post_status_obj->public && ! $post_status_obj->protected && ! $post_status_obj->private && $post_status_obj->exclude_from_search ) { continue; } } /* * Got a match. * Trim the query of everything up to the '?'. */ $query = preg_replace( '!^.+\?!', '', $query ); // Substitute the substring matches into the query. $query = addslashes( WP_MatchesMapRegex::apply( $query, $matches ) ); // Filter out non-public query vars. global $wp; parse_str( $query, $query_vars ); $query = array(); foreach ( (array) $query_vars as $key => $value ) { if ( in_array( (string) $key, $wp->public_query_vars, true ) ) { $query[ $key ] = $value; if ( isset( $post_type_query_vars[ $key ] ) ) { $query['post_type'] = $post_type_query_vars[ $key ]; $query['name'] = $value; } } } // Resolve conflicts between posts with numeric slugs and date archive queries. $query = wp_resolve_numeric_slug_conflicts( $query ); // Do the query. $query = new WP_Query( $query ); if ( ! empty( $query->posts ) && $query->is_singular ) { return $query->post->ID; } else { return 0; } } } return 0; }} /** * Taxonomy API: WP_Tax_Query class * * @package WordPress * @subpackage Taxonomy * @since 4.4.0 */ /** * Core class used to implement taxonomy queries for the Taxonomy API. * * Used for generating SQL clauses that filter a primary query according to object * taxonomy terms. * * WP_Tax_Query is a helper that allows primary query classes, such as WP_Query, to filter * their results by object metadata, by generating `JOIN` and `WHERE` subclauses to be * attached to the primary SQL query string. * * @since 3.1.0 */ #[AllowDynamicProperties] class WP_Tax_Query { /** * Array of taxonomy queries. * * See WP_Tax_Query::__construct() for information on tax query arguments. * * @since 3.1.0 * @var array */ public $queries = array(); /** * The relation between the queries. Can be one of 'AND' or 'OR'. * * @since 3.1.0 * @var string */ public $relation; /** * Standard response when the query should not return any rows. * * @since 3.2.0 * @var string */ private static $no_results = array( 'join' => array( '' ), 'where' => array( '0 = 1' ), ); /** * A flat list of table aliases used in the JOIN clauses. * * @since 4.1.0 * @var array */ protected $table_aliases = array(); /** * Terms and taxonomies fetched by this query. * * We store this data in a flat array because they are referenced in a * number of places by WP_Query. * * @since 4.1.0 * @var array */ public $queried_terms = array(); /** * Database table that where the metadata's objects are stored (eg $wpdb->users). * * @since 4.1.0 * @var string */ public $primary_table; /** * Column in 'primary_table' that represents the ID of the object. * * @since 4.1.0 * @var string */ public $primary_id_column; /** * Constructor. * * @since 3.1.0 * @since 4.1.0 Added support for `$operator` 'NOT EXISTS' and 'EXISTS' values. * * @param array $tax_query { * Array of taxonomy query clauses. * * @type string $relation Optional. The MySQL keyword used to join * the clauses of the query. Accepts 'AND', or 'OR'. Default 'AND'. * @type array ...$0 { * An array of first-order clause parameters, or another fully-formed tax query. * * @type string $taxonomy Taxonomy being queried. Optional when field=term_taxonomy_id. * @type string|int|array $terms Term or terms to filter by. * @type string $field Field to match $terms against. Accepts 'term_id', 'slug', * 'name', or 'term_taxonomy_id'. Default: 'term_id'. * @type string $operator MySQL operator to be used with $terms in the WHERE clause. * Accepts 'AND', 'IN', 'NOT IN', 'EXISTS', 'NOT EXISTS'. * Default: 'IN'. * @type bool $include_children Optional. Whether to include child terms. * Requires a $taxonomy. Default: true. * } * } */ public function __construct( $tax_query ) { if ( isset( $tax_query['relation'] ) ) { $this->relation = $this->sanitize_relation( $tax_query['relation'] ); } else { $this->relation = 'AND'; } $this->queries = $this->sanitize_query( $tax_query ); } /** * Ensures the 'tax_query' argument passed to the class constructor is well-formed. * * Ensures that each query-level clause has a 'relation' key, and that * each first-order clause contains all the necessary keys from `$defaults`. * * @since 4.1.0 * * @param array $queries Array of queries clauses. * @return array Sanitized array of query clauses. */ public function sanitize_query( $queries ) { $cleaned_query = array(); $defaults = array( 'taxonomy' => '', 'terms' => array(), 'field' => 'term_id', 'operator' => 'IN', 'include_children' => true, ); foreach ( $queries as $key => $query ) { if ( 'relation' === $key ) { $cleaned_query['relation'] = $this->sanitize_relation( $query ); // First-order clause. } elseif ( self::is_first_order_clause( $query ) ) { $cleaned_clause = array_merge( $defaults, $query ); $cleaned_clause['terms'] = (array) $cleaned_clause['terms']; $cleaned_query[] = $cleaned_clause; /* * Keep a copy of the clause in the flate * $queried_terms array, for use in WP_Query. */ if ( ! empty( $cleaned_clause['taxonomy'] ) && 'NOT IN' !== $cleaned_clause['operator'] ) { $taxonomy = $cleaned_clause['taxonomy']; if ( ! isset( $this->queried_terms[ $taxonomy ] ) ) { $this->queried_terms[ $taxonomy ] = array(); } /* * Backward compatibility: Only store the first * 'terms' and 'field' found for a given taxonomy. */ if ( ! empty( $cleaned_clause['terms'] ) && ! isset( $this->queried_terms[ $taxonomy ]['terms'] ) ) { $this->queried_terms[ $taxonomy ]['terms'] = $cleaned_clause['terms']; } if ( ! empty( $cleaned_clause['field'] ) && ! isset( $this->queried_terms[ $taxonomy ]['field'] ) ) { $this->queried_terms[ $taxonomy ]['field'] = $cleaned_clause['field']; } } // Otherwise, it's a nested query, so we recurse. } elseif ( is_array( $query ) ) { $cleaned_subquery = $this->sanitize_query( $query ); if ( ! empty( $cleaned_subquery ) ) { // All queries with children must have a relation. if ( ! isset( $cleaned_subquery['relation'] ) ) { $cleaned_subquery['relation'] = 'AND'; } $cleaned_query[] = $cleaned_subquery; } } } return $cleaned_query; } /** * Sanitizes a 'relation' operator. * * @since 4.1.0 * * @param string $relation Raw relation key from the query argument. * @return string Sanitized relation. Either 'AND' or 'OR'. */ public function sanitize_relation( $relation ) { if ( 'OR' === strtoupper( $relation ) ) { return 'OR'; } else { return 'AND'; } } /** * Determines whether a clause is first-order. * * A "first-order" clause is one that contains any of the first-order * clause keys ('terms', 'taxonomy', 'include_children', 'field', * 'operator'). An empty clause also counts as a first-order clause, * for backward compatibility. Any clause that doesn't meet this is * determined, by process of elimination, to be a higher-order query. * * @since 4.1.0 * * @param array $query Tax query arguments. * @return bool Whether the query clause is a first-order clause. */ protected static function is_first_order_clause( $query ) { return is_array( $query ) && ( empty( $query ) || array_key_exists( 'terms', $query ) || array_key_exists( 'taxonomy', $query ) || array_key_exists( 'include_children', $query ) || array_key_exists( 'field', $query ) || array_key_exists( 'operator', $query ) ); } /** * Generates SQL clauses to be appended to a main query. * * @since 3.1.0 * * @param string $primary_table Database table where the object being filtered is stored (eg wp_users). * @param string $primary_id_column ID column for the filtered object in $primary_table. * @return string[] { * Array containing JOIN and WHERE SQL clauses to append to the main query. * * @type string $join SQL fragment to append to the main JOIN clause. * @type string $where SQL fragment to append to the main WHERE clause. * } */ public function get_sql( $primary_table, $primary_id_column ) { $this->primary_table = $primary_table; $this->primary_id_column = $primary_id_column; return $this->get_sql_clauses(); } /** * Generates SQL clauses to be appended to a main query. * * Called by the public WP_Tax_Query::get_sql(), this method * is abstracted out to maintain parity with the other Query classes. * * @since 4.1.0 * * @return string[] { * Array containing JOIN and WHERE SQL clauses to append to the main query. * * @type string $join SQL fragment to append to the main JOIN clause. * @type string $where SQL fragment to append to the main WHERE clause. * } */ protected function get_sql_clauses() { /* * $queries are passed by reference to get_sql_for_query() for recursion. * To keep $this->queries unaltered, pass a copy. */ $queries = $this->queries; $sql = $this->get_sql_for_query( $queries ); if ( ! empty( $sql['where'] ) ) { $sql['where'] = ' AND ' . $sql['where']; } return $sql; } /** * Generates SQL clauses for a single query array. * * If nested subqueries are found, this method recurses the tree to * produce the properly nested SQL. * * @since 4.1.0 * * @param array $query Query to parse (passed by reference). * @param int $depth Optional. Number of tree levels deep we currently are. * Used to calculate indentation. Default 0. * @return string[] { * Array containing JOIN and WHERE SQL clauses to append to a single query array. * * @type string $join SQL fragment to append to the main JOIN clause. * @type string $where SQL fragment to append to the main WHERE clause. * } */ protected function get_sql_for_query( &$query, $depth = 0 ) { $sql_chunks = array( 'join' => array(), 'where' => array(), ); $sql = array( 'join' => '', 'where' => '', ); $indent = ''; for ( $i = 0; $i < $depth; $i++ ) { $indent .= ' '; } foreach ( $query as $key => &$clause ) { if ( 'relation' === $key ) { $relation = $query['relation']; } elseif ( is_array( $clause ) ) { // This is a first-order clause. if ( $this->is_first_order_clause( $clause ) ) { $clause_sql = $this->get_sql_for_clause( $clause, $query ); $where_count = count( $clause_sql['where'] ); if ( ! $where_count ) { $sql_chunks['where'][] = ''; } elseif ( 1 === $where_count ) { $sql_chunks['where'][] = $clause_sql['where'][0]; } else { $sql_chunks['where'][] = '( ' . implode( ' AND ', $clause_sql['where'] ) . ' )'; } $sql_chunks['join'] = array_merge( $sql_chunks['join'], $clause_sql['join'] ); // This is a subquery, so we recurse. } else { $clause_sql = $this->get_sql_for_query( $clause, $depth + 1 ); $sql_chunks['where'][] = $clause_sql['where']; $sql_chunks['join'][] = $clause_sql['join']; } } } // Filter to remove empties. $sql_chunks['join'] = array_filter( $sql_chunks['join'] ); $sql_chunks['where'] = array_filter( $sql_chunks['where'] ); if ( empty( $relation ) ) { $relation = 'AND'; } // Filter duplicate JOIN clauses and combine into a single string. if ( ! empty( $sql_chunks['join'] ) ) { $sql['join'] = implode( ' ', array_unique( $sql_chunks['join'] ) ); } // Generate a single WHERE clause with proper brackets and indentation. if ( ! empty( $sql_chunks['where'] ) ) { $sql['where'] = '( ' . "\n " . $indent . implode( ' ' . "\n " . $indent . $relation . ' ' . "\n " . $indent, $sql_chunks['where'] ) . "\n" . $indent . ')'; } return $sql; } /** * Generates SQL JOIN and WHERE clauses for a "first-order" query clause. * * @since 4.1.0 * * @global wpdb $wpdb The WordPress database abstraction object. * * @param array $clause Query clause (passed by reference). * @param array $parent_query Parent query array. * @return array { * Array containing JOIN and WHERE SQL clauses to append to a first-order query. * * @type string[] $join Array of SQL fragments to append to the main JOIN clause. * @type string[] $where Array of SQL fragments to append to the main WHERE clause. * } */ public function get_sql_for_clause( &$clause, $parent_query ) { global $wpdb; $sql = array( 'where' => array(), 'join' => array(), ); $join = ''; $where = ''; $this->clean_query( $clause ); if ( is_wp_error( $clause ) ) { return self::$no_results; } $terms = $clause['terms']; $operator = strtoupper( $clause['operator'] ); if ( 'IN' === $operator ) { if ( empty( $terms ) ) { return self::$no_results; } $terms = implode( ',', $terms ); /* * Before creating another table join, see if this clause has a * sibling with an existing join that can be shared. */ $alias = $this->find_compatible_table_alias( $clause, $parent_query ); if ( false === $alias ) { $i = count( $this->table_aliases ); $alias = $i ? 'tt' . $i : $wpdb->term_relationships; // Store the alias as part of a flat array to build future iterators. $this->table_aliases[] = $alias; // Store the alias with this clause, so later siblings can use it. $clause['alias'] = $alias; $join .= " LEFT JOIN $wpdb->term_relationships"; $join .= $i ? " AS $alias" : ''; $join .= " ON ($this->primary_table.$this->primary_id_column = $alias.object_id)"; } $where = "$alias.term_taxonomy_id $operator ($terms)"; } elseif ( 'NOT IN' === $operator ) { if ( empty( $terms ) ) { return $sql; } $terms = implode( ',', $terms ); $where = "$this->primary_table.$this->primary_id_column NOT IN ( SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id IN ($terms) )"; } elseif ( 'AND' === $operator ) { if ( empty( $terms ) ) { return $sql; } $num_terms = count( $terms ); $terms = implode( ',', $terms ); $where = "( SELECT COUNT(1) FROM $wpdb->term_relationships WHERE term_taxonomy_id IN ($terms) AND object_id = $this->primary_table.$this->primary_id_column ) = $num_terms"; } elseif ( 'NOT EXISTS' === $operator || 'EXISTS' === $operator ) { $where = $wpdb->prepare( "$operator ( SELECT 1 FROM $wpdb->term_relationships INNER JOIN $wpdb->term_taxonomy ON $wpdb->term_taxonomy.term_taxonomy_id = $wpdb->term_relationships.term_taxonomy_id WHERE $wpdb->term_taxonomy.taxonomy = %s AND $wpdb->term_relationships.object_id = $this->primary_table.$this->primary_id_column )", $clause['taxonomy'] ); } $sql['join'][] = $join; $sql['where'][] = $where; return $sql; } /** * Identifies an existing table alias that is compatible with the current query clause. * * We avoid unnecessary table joins by allowing each clause to look for * an existing table alias that is compatible with the query that it * needs to perform. * * An existing alias is compatible if (a) it is a sibling of `$clause` * (ie, it's under the scope of the same relation), and (b) the combination * of operator and relation between the clauses allows for a shared table * join. In the case of WP_Tax_Query, this only applies to 'IN' * clauses that are connected by the relation 'OR'. * * @since 4.1.0 * * @param array $clause Query clause. * @param array $parent_query Parent query of $clause. * @return string|false Table alias if found, otherwise false. */ protected function find_compatible_table_alias( $clause, $parent_query ) { $alias = false; // Confidence check. Only IN queries use the JOIN syntax. if ( ! isset( $clause['operator'] ) || 'IN' !== $clause['operator'] ) { return $alias; } // Since we're only checking IN queries, we're only concerned with OR relations. if ( ! isset( $parent_query['relation'] ) || 'OR' !== $parent_query['relation'] ) { return $alias; } $compatible_operators = array( 'IN' ); foreach ( $parent_query as $sibling ) { if ( ! is_array( $sibling ) || ! $this->is_first_order_clause( $sibling ) ) { continue; } if ( empty( $sibling['alias'] ) || empty( $sibling['operator'] ) ) { continue; } // The sibling must both have compatible operator to share its alias. if ( in_array( strtoupper( $sibling['operator'] ), $compatible_operators, true ) ) { $alias = preg_replace( '/\W/', '_', $sibling['alias'] ); break; } } return $alias; } /** * Validates a single query. * * @since 3.2.0 * * @param array $query The single query. Passed by reference. */ private function clean_query( &$query ) { if ( empty( $query['taxonomy'] ) ) { if ( 'term_taxonomy_id' !== $query['field'] ) { $query = new WP_Error( 'invalid_taxonomy', __( 'Invalid taxonomy.' ) ); return; } // So long as there are shared terms, 'include_children' requires that a taxonomy is set. $query['include_children'] = false; } elseif ( ! taxonomy_exists( $query['taxonomy'] ) ) { $query = new WP_Error( 'invalid_taxonomy', __( 'Invalid taxonomy.' ) ); return; } if ( 'slug' === $query['field'] || 'name' === $query['field'] ) { $query['terms'] = array_unique( (array) $query['terms'] ); } else { $query['terms'] = wp_parse_id_list( $query['terms'] ); } if ( is_taxonomy_hierarchical( $query['taxonomy'] ) && $query['include_children'] ) { $this->transform_query( $query, 'term_id' ); if ( is_wp_error( $query ) ) { return; } $children = array(); foreach ( $query['terms'] as $term ) { $children = array_merge( $children, get_term_children( $term, $query['taxonomy'] ) ); $children[] = $term; } $query['terms'] = $children; } $this->transform_query( $query, 'term_taxonomy_id' ); } /** * Transforms a single query, from one field to another. * * Operates on the `$query` object by reference. In the case of error, * `$query` is converted to a WP_Error object. * * @since 3.2.0 * * @param array $query The single query. Passed by reference. * @param string $resulting_field The resulting field. Accepts 'slug', 'name', 'term_taxonomy_id', * or 'term_id'. Default 'term_id'. */ public function transform_query( &$query, $resulting_field ) { if ( empty( $query['terms'] ) ) { return; } if ( $query['field'] === $resulting_field ) { return; } $resulting_field = sanitize_key( $resulting_field ); // Empty 'terms' always results in a null transformation. $terms = array_filter( $query['terms'] ); if ( empty( $terms ) ) { $query['terms'] = array(); $query['field'] = $resulting_field; return; } $args = array( 'get' => 'all', 'number' => 0, 'taxonomy' => $query['taxonomy'], 'update_term_meta_cache' => false, 'orderby' => 'none', ); // Term query parameter name depends on the 'field' being searched on. switch ( $query['field'] ) { case 'slug': $args['slug'] = $terms; break; case 'name': $args['name'] = $terms; break; case 'term_taxonomy_id': $args['term_taxonomy_id'] = $terms; break; default: $args['include'] = wp_parse_id_list( $terms ); break; } if ( ! is_taxonomy_hierarchical( $query['taxonomy'] ) ) { $args['number'] = count( $terms ); } $term_query = new WP_Term_Query(); $term_list = $term_query->query( $args ); if ( is_wp_error( $term_list ) ) { $query = $term_list; return; } if ( 'AND' === $query['operator'] && count( $term_list ) < count( $query['terms'] ) ) { $query = new WP_Error( 'inexistent_terms', __( 'Inexistent terms.' ) ); return; } $query['terms'] = wp_list_pluck( $term_list, $resulting_field ); $query['field'] = $resulting_field; } }} /** * REST API: WP_REST_Settings_Controller class * * @package WordPress * @subpackage REST_API * @since 4.7.0 */ /** * Core class used to manage a site's settings via the REST API. * * @since 4.7.0 * * @see WP_REST_Controller */ class WP_REST_Settings_Controller extends WP_REST_Controller { /** * Constructor. * * @since 4.7.0 */ public function __construct() { $this->namespace = 'wp/v2'; $this->rest_base = 'settings'; } /** * Registers the routes for the site's settings. * * @since 4.7.0 * * @see register_rest_route() */ public function register_routes() { register_rest_route( $this->namespace, '/' . $this->rest_base, array( array( 'methods' => WP_REST_Server::READABLE, 'callback' => array( $this, 'get_item' ), 'args' => array(), 'permission_callback' => array( $this, 'get_item_permissions_check' ), ), array( 'methods' => WP_REST_Server::EDITABLE, 'callback' => array( $this, 'update_item' ), 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ), 'permission_callback' => array( $this, 'get_item_permissions_check' ), ), 'schema' => array( $this, 'get_public_item_schema' ), ) ); } /** * Checks if a given request has access to read and manage settings. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return bool True if the request has read access for the item, otherwise false. */ public function get_item_permissions_check( $request ) { return current_user_can( 'manage_options' ); } /** * Retrieves the settings. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return array|WP_Error Array on success, or WP_Error object on failure. */ public function get_item( $request ) { $options = $this->get_registered_options(); $response = array(); foreach ( $options as $name => $args ) { /** * Filters the value of a setting recognized by the REST API. * * Allow hijacking the setting value and overriding the built-in behavior by returning a * non-null value. The returned value will be presented as the setting value instead. * * @since 4.7.0 * * @param mixed $result Value to use for the requested setting. Can be a scalar * matching the registered schema for the setting, or null to * follow the default get_option() behavior. * @param string $name Setting name (as shown in REST API responses). * @param array $args Arguments passed to register_setting() for this setting. */ $response[ $name ] = apply_filters( 'rest_pre_get_setting', null, $name, $args ); if ( is_null( $response[ $name ] ) ) { // Default to a null value as "null" in the response means "not set". $response[ $name ] = get_option( $args['option_name'], $args['schema']['default'] ); } /* * Because get_option() is lossy, we have to * cast values to the type they are registered with. */ $response[ $name ] = $this->prepare_value( $response[ $name ], $args['schema'] ); } return $response; } /** * Prepares a value for output based off a schema array. * * @since 4.7.0 * * @param mixed $value Value to prepare. * @param array $schema Schema to match. * @return mixed The prepared value. */ protected function prepare_value( $value, $schema ) { /* * If the value is not valid by the schema, set the value to null. * Null values are specifically non-destructive, so this will not cause * overwriting the current invalid value to null. */ if ( is_wp_error( rest_validate_value_from_schema( $value, $schema ) ) ) { return null; } return rest_sanitize_value_from_schema( $value, $schema ); } /** * Updates settings for the settings object. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return array|WP_Error Array on success, or error object on failure. */ public function update_item( $request ) { $options = $this->get_registered_options(); $params = $request->get_params(); foreach ( $options as $name => $args ) { if ( ! array_key_exists( $name, $params ) ) { continue; } /** * Filters whether to preempt a setting value update via the REST API. * * Allows hijacking the setting update logic and overriding the built-in behavior by * returning true. * * @since 4.7.0 * * @param bool $result Whether to override the default behavior for updating the * value of a setting. * @param string $name Setting name (as shown in REST API responses). * @param mixed $value Updated setting value. * @param array $args Arguments passed to register_setting() for this setting. */ $updated = apply_filters( 'rest_pre_update_setting', false, $name, $request[ $name ], $args ); if ( $updated ) { continue; } /* * A null value for an option would have the same effect as * deleting the option from the database, and relying on the * default value. */ if ( is_null( $request[ $name ] ) ) { /* * A null value is returned in the response for any option * that has a non-scalar value. * * To protect clients from accidentally including the null * values from a response object in a request, we do not allow * options with values that don't pass validation to be updated to null. * Without this added protection a client could mistakenly * delete all options that have invalid values from the * database. */ if ( is_wp_error( rest_validate_value_from_schema( get_option( $args['option_name'], false ), $args['schema'] ) ) ) { return new WP_Error( 'rest_invalid_stored_value', /* translators: %s: Property name. */ sprintf( __( 'The %s property has an invalid stored value, and cannot be updated to null.' ), $name ), array( 'status' => 500 ) ); } delete_option( $args['option_name'] ); } else { update_option( $args['option_name'], $request[ $name ] ); } } return $this->get_item( $request ); } /** * Retrieves all of the registered options for the Settings API. * * @since 4.7.0 * * @return array Array of registered options. */ protected function get_registered_options() { $rest_options = array(); foreach ( get_registered_settings() as $name => $args ) { if ( empty( $args['show_in_rest'] ) ) { continue; } $rest_args = array(); if ( is_array( $args['show_in_rest'] ) ) { $rest_args = $args['show_in_rest']; } $defaults = array( 'name' => ! empty( $rest_args['name'] ) ? $rest_args['name'] : $name, 'schema' => array(), ); $rest_args = array_merge( $defaults, $rest_args ); $default_schema = array( 'type' => empty( $args['type'] ) ? null : $args['type'], 'title' => empty( $args['label'] ) ? '' : $args['label'], 'description' => empty( $args['description'] ) ? '' : $args['description'], 'default' => isset( $args['default'] ) ? $args['default'] : null, ); $rest_args['schema'] = array_merge( $default_schema, $rest_args['schema'] ); $rest_args['option_name'] = $name; // Skip over settings that don't have a defined type in the schema. if ( empty( $rest_args['schema']['type'] ) ) { continue; } /* * Allow the supported types for settings, as we don't want invalid types * to be updated with arbitrary values that we can't do decent sanitizing for. */ if ( ! in_array( $rest_args['schema']['type'], array( 'number', 'integer', 'string', 'boolean', 'array', 'object' ), true ) ) { continue; } $rest_args['schema'] = rest_default_additional_properties_to_false( $rest_args['schema'] ); $rest_options[ $rest_args['name'] ] = $rest_args; } return $rest_options; } /** * Retrieves the site setting schema, conforming to JSON Schema. * * @since 4.7.0 * * @return array Item schema data. */ public function get_item_schema() { if ( $this->schema ) { return $this->add_additional_fields_schema( $this->schema ); } $options = $this->get_registered_options(); $schema = array( '$schema' => 'http://json-schema.org/draft-04/schema#', 'title' => 'settings', 'type' => 'object', 'properties' => array(), ); foreach ( $options as $option_name => $option ) { $schema['properties'][ $option_name ] = $option['schema']; $schema['properties'][ $option_name ]['arg_options'] = array( 'sanitize_callback' => array( $this, 'sanitize_callback' ), ); } $this->schema = $schema; return $this->add_additional_fields_schema( $this->schema ); } /** * Custom sanitize callback used for all options to allow the use of 'null'. * * By default, the schema of settings will throw an error if a value is set to * `null` as it's not a valid value for something like "type => string". We * provide a wrapper sanitizer to allow the use of `null`. * * @since 4.7.0 * * @param mixed $value The value for the setting. * @param WP_REST_Request $request The request object. * @param string $param The parameter name. * @return mixed|WP_Error */ public function sanitize_callback( $value, $request, $param ) { if ( is_null( $value ) ) { return $value; } return rest_parse_request_arg( $value, $request, $param ); } /** * Recursively add additionalProperties = false to all objects in a schema * if no additionalProperties setting is specified. * * This is needed to restrict properties of objects in settings values to only * registered items, as the REST API will allow additional properties by * default. * * @since 4.9.0 * @deprecated 6.1.0 Use {@see rest_default_additional_properties_to_false()} instead. * * @param array $schema The schema array. * @return array */ protected function set_additional_properties_to_false( $schema ) { _deprecated_function( __METHOD__, '6.1.0', 'rest_default_additional_properties_to_false()' ); return rest_default_additional_properties_to_false( $schema ); } }