/** * WordPress List utility class * * @package WordPress * @since 4.7.0 */ /** * List utility. * * Utility class to handle operations on an array of objects or arrays. * * @since 4.7.0 */ #[AllowDynamicProperties] class WP_List_Util { /** * The input array. * * @since 4.7.0 * @var array */ private $input = array(); /** * The output array. * * @since 4.7.0 * @var array */ private $output = array(); /** * Temporary arguments for sorting. * * @since 4.7.0 * @var string[] */ private $orderby = array(); /** * Constructor. * * Sets the input array. * * @since 4.7.0 * * @param array $input Array to perform operations on. */ public function __construct( $input ) { $this->output = $input; $this->input = $input; } /** * Returns the original input array. * * @since 4.7.0 * * @return array The input array. */ public function get_input() { return $this->input; } /** * Returns the output array. * * @since 4.7.0 * * @return array The output array. */ public function get_output() { return $this->output; } /** * Filters the list, based on a set of key => value arguments. * * Retrieves the objects from the list that match the given arguments. * Key represents property name, and value represents property value. * * If an object has more properties than those specified in arguments, * that will not disqualify it. When using the 'AND' operator, * any missing properties will disqualify it. * * @since 4.7.0 * * @param array $args Optional. An array of key => value arguments to match * against each object. Default empty array. * @param string $operator Optional. The logical operation to perform. 'AND' means * all elements from the array must match. 'OR' means only * one element needs to match. 'NOT' means no elements may * match. Default 'AND'. * @return array Array of found values. */ public function filter( $args = array(), $operator = 'AND' ) { if ( empty( $args ) ) { return $this->output; } $operator = strtoupper( $operator ); if ( ! in_array( $operator, array( 'AND', 'OR', 'NOT' ), true ) ) { $this->output = array(); return $this->output; } $count = count( $args ); $filtered = array(); foreach ( $this->output as $key => $obj ) { $matched = 0; foreach ( $args as $m_key => $m_value ) { if ( is_array( $obj ) ) { // Treat object as an array. if ( array_key_exists( $m_key, $obj ) && ( $m_value == $obj[ $m_key ] ) ) { $matched++; } } elseif ( is_object( $obj ) ) { // Treat object as an object. if ( isset( $obj->{$m_key} ) && ( $m_value == $obj->{$m_key} ) ) { $matched++; } } } if ( ( 'AND' === $operator && $matched === $count ) || ( 'OR' === $operator && $matched > 0 ) || ( 'NOT' === $operator && 0 === $matched ) ) { $filtered[ $key ] = $obj; } } $this->output = $filtered; return $this->output; } /** * Plucks a certain field out of each element in the input array. * * This has the same functionality and prototype of * array_column() (PHP 5.5) but also supports objects. * * @since 4.7.0 * * @param int|string $field Field to fetch from the object or array. * @param int|string $index_key Optional. Field from the element to use as keys for the new array. * Default null. * @return array Array of found values. If `$index_key` is set, an array of found values with keys * corresponding to `$index_key`. If `$index_key` is null, array keys from the original * `$list` will be preserved in the results. */ public function pluck( $field, $index_key = null ) { $newlist = array(); if ( ! $index_key ) { /* * This is simple. Could at some point wrap array_column() * if we knew we had an array of arrays. */ foreach ( $this->output as $key => $value ) { if ( is_object( $value ) ) { $newlist[ $key ] = $value->$field; } else { $newlist[ $key ] = $value[ $field ]; } } $this->output = $newlist; return $this->output; } /* * When index_key is not set for a particular item, push the value * to the end of the stack. This is how array_column() behaves. */ foreach ( $this->output as $value ) { if ( is_object( $value ) ) { if ( isset( $value->$index_key ) ) { $newlist[ $value->$index_key ] = $value->$field; } else { $newlist[] = $value->$field; } } else { if ( isset( $value[ $index_key ] ) ) { $newlist[ $value[ $index_key ] ] = $value[ $field ]; } else { $newlist[] = $value[ $field ]; } } } $this->output = $newlist; return $this->output; } /** * Sorts the input array based on one or more orderby arguments. * * @since 4.7.0 * * @param string|array $orderby Optional. Either the field name to order by or an array * of multiple orderby fields as $orderby => $order. * @param string $order Optional. Either 'ASC' or 'DESC'. Only used if $orderby * is a string. * @param bool $preserve_keys Optional. Whether to preserve keys. Default false. * @return array The sorted array. */ public function sort( $orderby = array(), $order = 'ASC', $preserve_keys = false ) { if ( empty( $orderby ) ) { return $this->output; } if ( is_string( $orderby ) ) { $orderby = array( $orderby => $order ); } foreach ( $orderby as $field => $direction ) { $orderby[ $field ] = 'DESC' === strtoupper( $direction ) ? 'DESC' : 'ASC'; } $this->orderby = $orderby; if ( $preserve_keys ) { uasort( $this->output, array( $this, 'sort_callback' ) ); } else { usort( $this->output, array( $this, 'sort_callback' ) ); } $this->orderby = array(); return $this->output; } /** * Callback to sort an array by specific fields. * * @since 4.7.0 * * @see WP_List_Util::sort() * * @param object|array $a One object to compare. * @param object|array $b The other object to compare. * @return int 0 if both objects equal. -1 if second object should come first, 1 otherwise. */ private function sort_callback( $a, $b ) { if ( empty( $this->orderby ) ) { return 0; } $a = (array) $a; $b = (array) $b; foreach ( $this->orderby as $field => $direction ) { if ( ! isset( $a[ $field ] ) || ! isset( $b[ $field ] ) ) { continue; } if ( $a[ $field ] == $b[ $field ] ) { continue; } $results = 'DESC' === $direction ? array( 1, -1 ) : array( -1, 1 ); if ( is_numeric( $a[ $field ] ) && is_numeric( $b[ $field ] ) ) { return ( $a[ $field ] < $b[ $field ] ) ? $results[0] : $results[1]; } return 0 > strcmp( $a[ $field ], $b[ $field ] ) ? $results[0] : $results[1]; } return 0; } } /** * Classes, which help reading streams of data from files. * Based on the classes from Danilo Segan * * @version $Id: streams.php 1157 2015-11-20 04:30:11Z dd32 $ * @package pomo * @subpackage streams */ if ( ! class_exists( 'POMO_Reader', false ) ) : #[AllowDynamicProperties] class POMO_Reader { public $endian = 'little'; public $_pos; public $is_overloaded; /** * PHP5 constructor. */ public function __construct() { if ( function_exists( 'mb_substr' ) && ( (int) ini_get( 'mbstring.func_overload' ) & 2 ) // phpcs:ignore PHPCompatibility.IniDirectives.RemovedIniDirectives.mbstring_func_overloadDeprecated ) { $this->is_overloaded = true; } else { $this->is_overloaded = false; } $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_Reader::__construct() */ public function POMO_Reader() { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct(); } /** * Sets the endianness of the file. * * @param string $endian Set the endianness of the file. Accepts 'big', or 'little'. */ public function setEndian( $endian ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.MethodNameInvalid $this->endian = $endian; } /** * Reads a 32bit Integer from the Stream * * @return mixed The integer, corresponding to the next 32 bits from * the stream of false if there are not enough bytes or on error */ public function readint32() { $bytes = $this->read( 4 ); if ( 4 != $this->strlen( $bytes ) ) { return false; } $endian_letter = ( 'big' === $this->endian ) ? 'N' : 'V'; $int = unpack( $endian_letter, $bytes ); return reset( $int ); } /** * Reads an array of 32-bit Integers from the Stream * * @param int $count How many elements should be read * @return mixed Array of integers or false if there isn't * enough data or on error */ public function readint32array( $count ) { $bytes = $this->read( 4 * $count ); if ( 4 * $count != $this->strlen( $bytes ) ) { return false; } $endian_letter = ( 'big' === $this->endian ) ? 'N' : 'V'; return unpack( $endian_letter . $count, $bytes ); } /** * @param string $string * @param int $start * @param int $length * @return string */ public function substr( $string, $start, $length ) { if ( $this->is_overloaded ) { return mb_substr( $string, $start, $length, 'ascii' ); } else { return substr( $string, $start, $length ); } } /** * @param string $string * @return int */ public function strlen( $string ) { if ( $this->is_overloaded ) { return mb_strlen( $string, 'ascii' ); } else { return strlen( $string ); } } /** * @param string $string * @param int $chunk_size * @return array */ public function str_split( $string, $chunk_size ) { if ( ! function_exists( 'str_split' ) ) { $length = $this->strlen( $string ); $out = array(); for ( $i = 0; $i < $length; $i += $chunk_size ) { $out[] = $this->substr( $string, $i, $chunk_size ); } return $out; } else { return str_split( $string, $chunk_size ); } } /** * @return int */ public function pos() { return $this->_pos; } /** * @return true */ public function is_resource() { return true; } /** * @return true */ public function close() { return true; } } endif; if ( ! class_exists( 'POMO_FileReader', false ) ) : class POMO_FileReader extends POMO_Reader { /** * File pointer resource. * * @var resource|false */ public $_f; /** * @param string $filename */ public function __construct( $filename ) { parent::__construct(); $this->_f = fopen( $filename, 'rb' ); } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_FileReader::__construct() */ public function POMO_FileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } /** * @param int $bytes * @return string|false Returns read string, otherwise false. */ public function read( $bytes ) { return fread( $this->_f, $bytes ); } /** * @param int $pos * @return bool */ public function seekto( $pos ) { if ( -1 == fseek( $this->_f, $pos, SEEK_SET ) ) { return false; } $this->_pos = $pos; return true; } /** * @return bool */ public function is_resource() { return is_resource( $this->_f ); } /** * @return bool */ public function feof() { return feof( $this->_f ); } /** * @return bool */ public function close() { return fclose( $this->_f ); } /** * @return string */ public function read_all() { return stream_get_contents( $this->_f ); } } endif; if ( ! class_exists( 'POMO_StringReader', false ) ) : /** * Provides file-like methods for manipulating a string instead * of a physical file. */ class POMO_StringReader extends POMO_Reader { public $_str = ''; /** * PHP5 constructor. */ public function __construct( $str = '' ) { parent::__construct(); $this->_str = $str; $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_StringReader::__construct() */ public function POMO_StringReader( $str = '' ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $str ); } /** * @param string $bytes * @return string */ public function read( $bytes ) { $data = $this->substr( $this->_str, $this->_pos, $bytes ); $this->_pos += $bytes; if ( $this->strlen( $this->_str ) < $this->_pos ) { $this->_pos = $this->strlen( $this->_str ); } return $data; } /** * @param int $pos * @return int */ public function seekto( $pos ) { $this->_pos = $pos; if ( $this->strlen( $this->_str ) < $this->_pos ) { $this->_pos = $this->strlen( $this->_str ); } return $this->_pos; } /** * @return int */ public function length() { return $this->strlen( $this->_str ); } /** * @return string */ public function read_all() { return $this->substr( $this->_str, $this->_pos, $this->strlen( $this->_str ) ); } } endif; if ( ! class_exists( 'POMO_CachedFileReader', false ) ) : /** * Reads the contents of the file in the beginning. */ class POMO_CachedFileReader extends POMO_StringReader { /** * PHP5 constructor. */ public function __construct( $filename ) { parent::__construct(); $this->_str = file_get_contents( $filename ); if ( false === $this->_str ) { return false; } $this->_pos = 0; } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_CachedFileReader::__construct() */ public function POMO_CachedFileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } } endif; if ( ! class_exists( 'POMO_CachedIntFileReader', false ) ) : /** * Reads the contents of the file in the beginning. */ class POMO_CachedIntFileReader extends POMO_CachedFileReader { /** * PHP5 constructor. */ public function __construct( $filename ) { parent::__construct( $filename ); } /** * PHP4 constructor. * * @deprecated 5.4.0 Use __construct() instead. * * @see POMO_CachedIntFileReader::__construct() */ public function POMO_CachedIntFileReader( $filename ) { _deprecated_constructor( self::class, '5.4.0', static::class ); self::__construct( $filename ); } } endif; /** * Post API: Walker_Page class * * @package WordPress * @subpackage Template * @since 4.4.0 */ /** * Core walker class used to create an HTML list of pages. * * @since 2.1.0 * * @see Walker */ class Walker_Page extends Walker { /** * What the class handles. * * @since 2.1.0 * @var string * * @see Walker::$tree_type */ public $tree_type = 'page'; /** * Database fields to use. * * @since 2.1.0 * @var string[] * * @see Walker::$db_fields * @todo Decouple this. */ public $db_fields = array( 'parent' => 'post_parent', 'id' => 'ID', ); /** * Outputs the beginning of the current level in the tree before elements are output. * * @since 2.1.0 * * @see Walker::start_lvl() * * @param string $output Used to append additional content (passed by reference). * @param int $depth Optional. Depth of page. Used for padding. Default 0. * @param array $args Optional. Arguments for outputting the next level. * Default empty array. */ public function start_lvl( &$output, $depth = 0, $args = array() ) { if ( isset( $args['item_spacing'] ) && 'preserve' === $args['item_spacing'] ) { $t = "\t"; $n = "\n"; } else { $t = ''; $n = ''; } $indent = str_repeat( $t, $depth ); $output .= "{$n}{$indent}{$n}"; } /** * Outputs the beginning of the current element in the tree. * * @see Walker::start_el() * @since 2.1.0 * @since 5.9.0 Renamed `$page` to `$data_object` and `$current_page` to `$current_object_id` * to match parent class for PHP 8 named parameter support. * * @param string $output Used to append additional content. Passed by reference. * @param WP_Post $data_object Page data object. * @param int $depth Optional. Depth of page. Used for padding. Default 0. * @param array $args Optional. Array of arguments. Default empty array. * @param int $current_object_id Optional. ID of the current page. Default 0. */ public function start_el( &$output, $data_object, $depth = 0, $args = array(), $current_object_id = 0 ) { // Restores the more descriptive, specific name for use within this method. $page = $data_object; $current_page_id = $current_object_id; if ( isset( $args['item_spacing'] ) && 'preserve' === $args['item_spacing'] ) { $t = "\t"; $n = "\n"; } else { $t = ''; $n = ''; } if ( $depth ) { $indent = str_repeat( $t, $depth ); } else { $indent = ''; } $css_class = array( 'page_item', 'page-item-' . $page->ID ); if ( isset( $args['pages_with_children'][ $page->ID ] ) ) { $css_class[] = 'page_item_has_children'; } if ( ! empty( $current_page_id ) ) { $_current_page = get_post( $current_page_id ); if ( $_current_page && in_array( $page->ID, $_current_page->ancestors, true ) ) { $css_class[] = 'current_page_ancestor'; } if ( $page->ID == $current_page_id ) { $css_class[] = 'current_page_item'; } elseif ( $_current_page && $page->ID === $_current_page->post_parent ) { $css_class[] = 'current_page_parent'; } } elseif ( get_option( 'page_for_posts' ) == $page->ID ) { $css_class[] = 'current_page_parent'; } /** * Filters the list of CSS classes to include with each page item in the list. * * @since 2.8.0 * * @see wp_list_pages() * * @param string[] $css_class An array of CSS classes to be applied to each list item. * @param WP_Post $page Page data object. * @param int $depth Depth of page, used for padding. * @param array $args An array of arguments. * @param int $current_page_id ID of the current page. */ $css_classes = implode( ' ', apply_filters( 'page_css_class', $css_class, $page, $depth, $args, $current_page_id ) ); $css_classes = $css_classes ? ' class="' . esc_attr( $css_classes ) . '"' : ''; if ( '' === $page->post_title ) { /* translators: %d: ID of a post. */ $page->post_title = sprintf( __( '#%d (no title)' ), $page->ID ); } $args['link_before'] = empty( $args['link_before'] ) ? '' : $args['link_before']; $args['link_after'] = empty( $args['link_after'] ) ? '' : $args['link_after']; $atts = array(); $atts['href'] = get_permalink( $page->ID ); $atts['aria-current'] = ( $page->ID == $current_page_id ) ? 'page' : ''; /** * Filters the HTML attributes applied to a page menu item's anchor element. * * @since 4.8.0 * * @param array $atts { * The HTML attributes applied to the menu item's `` element, empty strings are ignored. * * @type string $href The href attribute. * @type string $aria-current The aria-current attribute. * } * @param WP_Post $page Page data object. * @param int $depth Depth of page, used for padding. * @param array $args An array of arguments. * @param int $current_page_id ID of the current page. */ $atts = apply_filters( 'page_menu_link_attributes', $atts, $page, $depth, $args, $current_page_id ); $attributes = ''; foreach ( $atts as $attr => $value ) { if ( is_scalar( $value ) && '' !== $value && false !== $value ) { $value = ( 'href' === $attr ) ? esc_url( $value ) : esc_attr( $value ); $attributes .= ' ' . $attr . '="' . $value . '"'; } } $output .= $indent . sprintf( '%s%s%s', $css_classes, $attributes, $args['link_before'], /** This filter is documented in wp-includes/post-template.php */ apply_filters( 'the_title', $page->post_title, $page->ID ), $args['link_after'] ); if ( ! empty( $args['show_date'] ) ) { if ( 'modified' === $args['show_date'] ) { $time = $page->post_modified; } else { $time = $page->post_date; } $date_format = empty( $args['date_format'] ) ? '' : $args['date_format']; $output .= ' ' . mysql2date( $date_format, $time ); } } /** * Outputs the end of the current element in the tree. * * @since 2.1.0 * @since 5.9.0 Renamed `$page` to `$data_object` to match parent class for PHP 8 named parameter support. * * @see Walker::end_el() * * @param string $output Used to append additional content. Passed by reference. * @param WP_Post $data_object Page data object. Not used. * @param int $depth Optional. Depth of page. Default 0 (unused). * @param array $args Optional. Array of arguments. Default empty array. */ public function end_el( &$output, $data_object, $depth = 0, $args = array() ) { if ( isset( $args['item_spacing'] ) && 'preserve' === $args['item_spacing'] ) { $t = "\t"; $n = "\n"; } else { $t = ''; $n = ''; } $output .= "{$n}"; } } /** * Post API: WP_Post_Type class * * @package WordPress * @subpackage Post * @since 4.6.0 */ /** * Core class used for interacting with post types. * * @since 4.6.0 * * @see register_post_type() */ #[AllowDynamicProperties] final class WP_Post_Type { /** * Post type key. * * @since 4.6.0 * @var string $name */ public $name; /** * Name of the post type shown in the menu. Usually plural. * * @since 4.6.0 * @var string $label */ public $label; /** * Labels object for this post type. * * If not set, post labels are inherited for non-hierarchical types * and page labels for hierarchical ones. * * @see get_post_type_labels() * * @since 4.6.0 * @var stdClass $labels */ public $labels; /** * Default labels. * * @since 6.0.0 * @var (string|null)[][] $default_labels */ protected static $default_labels = array(); /** * A short descriptive summary of what the post type is. * * Default empty. * * @since 4.6.0 * @var string $description */ public $description = ''; /** * Whether a post type is intended for use publicly either via the admin interface or by front-end users. * * While the default settings of $exclude_from_search, $publicly_queryable, $show_ui, and $show_in_nav_menus * are inherited from public, each does not rely on this relationship and controls a very specific intention. * * Default false. * * @since 4.6.0 * @var bool $public */ public $public = false; /** * Whether the post type is hierarchical (e.g. page). * * Default false. * * @since 4.6.0 * @var bool $hierarchical */ public $hierarchical = false; /** * Whether to exclude posts with this post type from front end search * results. * * Default is the opposite value of $public. * * @since 4.6.0 * @var bool $exclude_from_search */ public $exclude_from_search = null; /** * Whether queries can be performed on the front end for the post type as part of `parse_request()`. * * Endpoints would include: * * - `?post_type={post_type_key}` * - `?{post_type_key}={single_post_slug}` * - `?{post_type_query_var}={single_post_slug}` * * Default is the value of $public. * * @since 4.6.0 * @var bool $publicly_queryable */ public $publicly_queryable = null; /** * Whether to generate and allow a UI for managing this post type in the admin. * * Default is the value of $public. * * @since 4.6.0 * @var bool $show_ui */ public $show_ui = null; /** * Where to show the post type in the admin menu. * * To work, $show_ui must be true. If true, the post type is shown in its own top level menu. If false, no menu is * shown. If a string of an existing top level menu ('tools.php' or 'edit.php?post_type=page', for example), the * post type will be placed as a sub-menu of that. * * Default is the value of $show_ui. * * @since 4.6.0 * @var bool|string $show_in_menu */ public $show_in_menu = null; /** * Makes this post type available for selection in navigation menus. * * Default is the value $public. * * @since 4.6.0 * @var bool $show_in_nav_menus */ public $show_in_nav_menus = null; /** * Makes this post type available via the admin bar. * * Default is the value of $show_in_menu. * * @since 4.6.0 * @var bool $show_in_admin_bar */ public $show_in_admin_bar = null; /** * The position in the menu order the post type should appear. * * To work, $show_in_menu must be true. Default null (at the bottom). * * @since 4.6.0 * @var int $menu_position */ public $menu_position = null; /** * The URL or reference to the icon to be used for this menu. * * Pass a base64-encoded SVG using a data URI, which will be colored to match the color scheme. * This should begin with 'data:image/svg+xml;base64,'. Pass the name of a Dashicons helper class * to use a font icon, e.g. 'dashicons-chart-pie'. Pass 'none' to leave div.wp-menu-image empty * so an icon can be added via CSS. * * Defaults to use the posts icon. * * @since 4.6.0 * @var string $menu_icon */ public $menu_icon = null; /** * The string to use to build the read, edit, and delete capabilities. * * May be passed as an array to allow for alternative plurals when using * this argument as a base to construct the capabilities, e.g. * array( 'story', 'stories' ). Default 'post'. * * @since 4.6.0 * @var string $capability_type */ public $capability_type = 'post'; /** * Whether to use the internal default meta capability handling. * * Default false. * * @since 4.6.0 * @var bool $map_meta_cap */ public $map_meta_cap = false; /** * Provide a callback function that sets up the meta boxes for the edit form. * * Do `remove_meta_box()` and `add_meta_box()` calls in the callback. Default null. * * @since 4.6.0 * @var callable $register_meta_box_cb */ public $register_meta_box_cb = null; /** * An array of taxonomy identifiers that will be registered for the post type. * * Taxonomies can be registered later with `register_taxonomy()` or `register_taxonomy_for_object_type()`. * * Default empty array. * * @since 4.6.0 * @var string[] $taxonomies */ public $taxonomies = array(); /** * Whether there should be post type archives, or if a string, the archive slug to use. * * Will generate the proper rewrite rules if $rewrite is enabled. Default false. * * @since 4.6.0 * @var bool|string $has_archive */ public $has_archive = false; /** * Sets the query_var key for this post type. * * Defaults to $post_type key. If false, a post type cannot be loaded at `?{query_var}={post_slug}`. * If specified as a string, the query `?{query_var_string}={post_slug}` will be valid. * * @since 4.6.0 * @var string|bool $query_var */ public $query_var; /** * Whether to allow this post type to be exported. * * Default true. * * @since 4.6.0 * @var bool $can_export */ public $can_export = true; /** * Whether to delete posts of this type when deleting a user. * * - If true, posts of this type belonging to the user will be moved to Trash when the user is deleted. * - If false, posts of this type belonging to the user will *not* be trashed or deleted. * - If not set (the default), posts are trashed if post type supports the 'author' feature. * Otherwise posts are not trashed or deleted. * * Default null. * * @since 4.6.0 * @var bool $delete_with_user */ public $delete_with_user = null; /** * Array of blocks to use as the default initial state for an editor session. * * Each item should be an array containing block name and optional attributes. * * Default empty array. * * @link https://developer.wordpress.org/block-editor/developers/block-api/block-templates/ * * @since 5.0.0 * @var array[] $template */ public $template = array(); /** * Whether the block template should be locked if $template is set. * * - If set to 'all', the user is unable to insert new blocks, move existing blocks * and delete blocks. * - If set to 'insert', the user is able to move existing blocks but is unable to insert * new blocks and delete blocks. * * Default false. * * @link https://developer.wordpress.org/block-editor/developers/block-api/block-templates/ * * @since 5.0.0 * @var string|false $template_lock */ public $template_lock = false; /** * Whether this post type is a native or "built-in" post_type. * * Default false. * * @since 4.6.0 * @var bool $_builtin */ public $_builtin = false; /** * URL segment to use for edit link of this post type. * * Default 'post.php?post=%d'. * * @since 4.6.0 * @var string $_edit_link */ public $_edit_link = 'post.php?post=%d'; /** * Post type capabilities. * * @since 4.6.0 * @var stdClass $cap */ public $cap; /** * Triggers the handling of rewrites for this post type. * * Defaults to true, using $post_type as slug. * * @since 4.6.0 * @var array|false $rewrite */ public $rewrite; /** * The features supported by the post type. * * @since 4.6.0 * @var array|bool $supports */ public $supports; /** * Whether this post type should appear in the REST API. * * Default false. If true, standard endpoints will be registered with * respect to $rest_base and $rest_controller_class. * * @since 4.7.4 * @var bool $show_in_rest */ public $show_in_rest; /** * The base path for this post type's REST API endpoints. * * @since 4.7.4 * @var string|bool $rest_base */ public $rest_base; /** * The namespace for this post type's REST API endpoints. * * @since 5.9.0 * @var string|bool $rest_namespace */ public $rest_namespace; /** * The controller for this post type's REST API endpoints. * * Custom controllers must extend WP_REST_Controller. * * @since 4.7.4 * @var string|bool $rest_controller_class */ public $rest_controller_class; /** * The controller instance for this post type's REST API endpoints. * * Lazily computed. Should be accessed using {@see WP_Post_Type::get_rest_controller()}. * * @since 5.3.0 * @var WP_REST_Controller $rest_controller */ public $rest_controller; /** * Constructor. * * See the register_post_type() function for accepted arguments for `$args`. * * Will populate object properties from the provided arguments and assign other * default properties based on that information. * * @since 4.6.0 * * @see register_post_type() * * @param string $post_type Post type key. * @param array|string $args Optional. Array or string of arguments for registering a post type. * Default empty array. */ public function __construct( $post_type, $args = array() ) { $this->name = $post_type; $this->set_props( $args ); } /** * Sets post type properties. * * See the register_post_type() function for accepted arguments for `$args`. * * @since 4.6.0 * * @param array|string $args Array or string of arguments for registering a post type. */ public function set_props( $args ) { $args = wp_parse_args( $args ); /** * Filters the arguments for registering a post type. * * @since 4.4.0 * * @param array $args Array of arguments for registering a post type. * See the register_post_type() function for accepted arguments. * @param string $post_type Post type key. */ $args = apply_filters( 'register_post_type_args', $args, $this->name ); $post_type = $this->name; /** * Filters the arguments for registering a specific post type. * * The dynamic portion of the filter name, `$post_type`, refers to the post type key. * * Possible hook names include: * * - `register_post_post_type_args` * - `register_page_post_type_args` * * @since 6.0.0 * * @param array $args Array of arguments for registering a post type. * See the register_post_type() function for accepted arguments. * @param string $post_type Post type key. */ $args = apply_filters( "register_{$post_type}_post_type_args", $args, $this->name ); $has_edit_link = ! empty( $args['_edit_link'] ); // Args prefixed with an underscore are reserved for internal use. $defaults = array( 'labels' => array(), 'description' => '', 'public' => false, 'hierarchical' => false, 'exclude_from_search' => null, 'publicly_queryable' => null, 'show_ui' => null, 'show_in_menu' => null, 'show_in_nav_menus' => null, 'show_in_admin_bar' => null, 'menu_position' => null, 'menu_icon' => null, 'capability_type' => 'post', 'capabilities' => array(), 'map_meta_cap' => null, 'supports' => array(), 'register_meta_box_cb' => null, 'taxonomies' => array(), 'has_archive' => false, 'rewrite' => true, 'query_var' => true, 'can_export' => true, 'delete_with_user' => null, 'show_in_rest' => false, 'rest_base' => false, 'rest_namespace' => false, 'rest_controller_class' => false, 'template' => array(), 'template_lock' => false, '_builtin' => false, '_edit_link' => 'post.php?post=%d', ); $args = array_merge( $defaults, $args ); $args['name'] = $this->name; // If not set, default to the setting for 'public'. if ( null === $args['publicly_queryable'] ) { $args['publicly_queryable'] = $args['public']; } // If not set, default to the setting for 'public'. if ( null === $args['show_ui'] ) { $args['show_ui'] = $args['public']; } // If not set, default rest_namespace to wp/v2 if show_in_rest is true. if ( false === $args['rest_namespace'] && ! empty( $args['show_in_rest'] ) ) { $args['rest_namespace'] = 'wp/v2'; } // If not set, default to the setting for 'show_ui'. if ( null === $args['show_in_menu'] || ! $args['show_ui'] ) { $args['show_in_menu'] = $args['show_ui']; } // If not set, default to the setting for 'show_in_menu'. if ( null === $args['show_in_admin_bar'] ) { $args['show_in_admin_bar'] = (bool) $args['show_in_menu']; } // If not set, default to the setting for 'public'. if ( null === $args['show_in_nav_menus'] ) { $args['show_in_nav_menus'] = $args['public']; } // If not set, default to true if not public, false if public. if ( null === $args['exclude_from_search'] ) { $args['exclude_from_search'] = ! $args['public']; } // Back compat with quirky handling in version 3.0. #14122. if ( empty( $args['capabilities'] ) && null === $args['map_meta_cap'] && in_array( $args['capability_type'], array( 'post', 'page' ), true ) ) { $args['map_meta_cap'] = true; } // If not set, default to false. if ( null === $args['map_meta_cap'] ) { $args['map_meta_cap'] = false; } // If there's no specified edit link and no UI, remove the edit link. if ( ! $args['show_ui'] && ! $has_edit_link ) { $args['_edit_link'] = ''; } $this->cap = get_post_type_capabilities( (object) $args ); unset( $args['capabilities'] ); if ( is_array( $args['capability_type'] ) ) { $args['capability_type'] = $args['capability_type'][0]; } if ( false !== $args['query_var'] ) { if ( true === $args['query_var'] ) { $args['query_var'] = $this->name; } else { $args['query_var'] = sanitize_title_with_dashes( $args['query_var'] ); } } if ( false !== $args['rewrite'] && ( is_admin() || get_option( 'permalink_structure' ) ) ) { if ( ! is_array( $args['rewrite'] ) ) { $args['rewrite'] = array(); } if ( empty( $args['rewrite']['slug'] ) ) { $args['rewrite']['slug'] = $this->name; } if ( ! isset( $args['rewrite']['with_front'] ) ) { $args['rewrite']['with_front'] = true; } if ( ! isset( $args['rewrite']['pages'] ) ) { $args['rewrite']['pages'] = true; } if ( ! isset( $args['rewrite']['feeds'] ) || ! $args['has_archive'] ) { $args['rewrite']['feeds'] = (bool) $args['has_archive']; } if ( ! isset( $args['rewrite']['ep_mask'] ) ) { if ( isset( $args['permalink_epmask'] ) ) { $args['rewrite']['ep_mask'] = $args['permalink_epmask']; } else { $args['rewrite']['ep_mask'] = EP_PERMALINK; } } } foreach ( $args as $property_name => $property_value ) { $this->$property_name = $property_value; } $this->labels = get_post_type_labels( $this ); $this->label = $this->labels->name; } /** * Sets the features support for the post type. * * @since 4.6.0 */ public function add_supports() { if ( ! empty( $this->supports ) ) { foreach ( $this->supports as $feature => $args ) { if ( is_array( $args ) ) { add_post_type_support( $this->name, $feature, $args ); } else { add_post_type_support( $this->name, $args ); } } unset( $this->supports ); } elseif ( false !== $this->supports ) { // Add default features. add_post_type_support( $this->name, array( 'title', 'editor' ) ); } } /** * Adds the necessary rewrite rules for the post type. * * @since 4.6.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * @global WP $wp Current WordPress environment instance. */ public function add_rewrite_rules() { global $wp_rewrite, $wp; if ( false !== $this->query_var && $wp && is_post_type_viewable( $this ) ) { $wp->add_query_var( $this->query_var ); } if ( false !== $this->rewrite && ( is_admin() || get_option( 'permalink_structure' ) ) ) { if ( $this->hierarchical ) { add_rewrite_tag( "%$this->name%", '(.+?)', $this->query_var ? "{$this->query_var}=" : "post_type=$this->name&pagename=" ); } else { add_rewrite_tag( "%$this->name%", '([^/]+)', $this->query_var ? "{$this->query_var}=" : "post_type=$this->name&name=" ); } if ( $this->has_archive ) { $archive_slug = true === $this->has_archive ? $this->rewrite['slug'] : $this->has_archive; if ( $this->rewrite['with_front'] ) { $archive_slug = substr( $wp_rewrite->front, 1 ) . $archive_slug; } else { $archive_slug = $wp_rewrite->root . $archive_slug; } add_rewrite_rule( "{$archive_slug}/?$", "index.php?post_type=$this->name", 'top' ); if ( $this->rewrite['feeds'] && $wp_rewrite->feeds ) { $feeds = '(' . trim( implode( '|', $wp_rewrite->feeds ) ) . ')'; add_rewrite_rule( "{$archive_slug}/feed/$feeds/?$", "index.php?post_type=$this->name" . '&feed=$matches[1]', 'top' ); add_rewrite_rule( "{$archive_slug}/$feeds/?$", "index.php?post_type=$this->name" . '&feed=$matches[1]', 'top' ); } if ( $this->rewrite['pages'] ) { add_rewrite_rule( "{$archive_slug}/{$wp_rewrite->pagination_base}/([0-9]{1,})/?$", "index.php?post_type=$this->name" . '&paged=$matches[1]', 'top' ); } } $permastruct_args = $this->rewrite; $permastruct_args['feed'] = $permastruct_args['feeds']; add_permastruct( $this->name, "{$this->rewrite['slug']}/%$this->name%", $permastruct_args ); } } /** * Registers the post type meta box if a custom callback was specified. * * @since 4.6.0 */ public function register_meta_boxes() { if ( $this->register_meta_box_cb ) { add_action( 'add_meta_boxes_' . $this->name, $this->register_meta_box_cb, 10, 1 ); } } /** * Adds the future post hook action for the post type. * * @since 4.6.0 */ public function add_hooks() { add_action( 'future_' . $this->name, '_future_post_hook', 5, 2 ); } /** * Registers the taxonomies for the post type. * * @since 4.6.0 */ public function register_taxonomies() { foreach ( $this->taxonomies as $taxonomy ) { register_taxonomy_for_object_type( $taxonomy, $this->name ); } } /** * Removes the features support for the post type. * * @since 4.6.0 * * @global array $_wp_post_type_features Post type features. */ public function remove_supports() { global $_wp_post_type_features; unset( $_wp_post_type_features[ $this->name ] ); } /** * Removes any rewrite rules, permastructs, and rules for the post type. * * @since 4.6.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * @global WP $wp Current WordPress environment instance. * @global array $post_type_meta_caps Used to remove meta capabilities. */ public function remove_rewrite_rules() { global $wp, $wp_rewrite, $post_type_meta_caps; // Remove query var. if ( false !== $this->query_var ) { $wp->remove_query_var( $this->query_var ); } // Remove any rewrite rules, permastructs, and rules. if ( false !== $this->rewrite ) { remove_rewrite_tag( "%$this->name%" ); remove_permastruct( $this->name ); foreach ( $wp_rewrite->extra_rules_top as $regex => $query ) { if ( false !== strpos( $query, "index.php?post_type=$this->name" ) ) { unset( $wp_rewrite->extra_rules_top[ $regex ] ); } } } // Remove registered custom meta capabilities. foreach ( $this->cap as $cap ) { unset( $post_type_meta_caps[ $cap ] ); } } /** * Unregisters the post type meta box if a custom callback was specified. * * @since 4.6.0 */ public function unregister_meta_boxes() { if ( $this->register_meta_box_cb ) { remove_action( 'add_meta_boxes_' . $this->name, $this->register_meta_box_cb, 10 ); } } /** * Removes the post type from all taxonomies. * * @since 4.6.0 */ public function unregister_taxonomies() { foreach ( get_object_taxonomies( $this->name ) as $taxonomy ) { unregister_taxonomy_for_object_type( $taxonomy, $this->name ); } } /** * Removes the future post hook action for the post type. * * @since 4.6.0 */ public function remove_hooks() { remove_action( 'future_' . $this->name, '_future_post_hook', 5 ); } /** * Gets the REST API controller for this post type. * * Will only instantiate the controller class once per request. * * @since 5.3.0 * * @return WP_REST_Controller|null The controller instance, or null if the post type * is set not to show in rest. */ public function get_rest_controller() { if ( ! $this->show_in_rest ) { return null; } $class = $this->rest_controller_class ? $this->rest_controller_class : WP_REST_Posts_Controller::class; if ( ! class_exists( $class ) ) { return null; } if ( ! is_subclass_of( $class, WP_REST_Controller::class ) ) { return null; } if ( ! $this->rest_controller ) { $this->rest_controller = new $class( $this->name ); } if ( ! ( $this->rest_controller instanceof $class ) ) { return null; } return $this->rest_controller; } /** * Returns the default labels for post types. * * @since 6.0.0 * * @return (string|null)[][] The default labels for post types. */ public static function get_default_labels() { if ( ! empty( self::$default_labels ) ) { return self::$default_labels; } self::$default_labels = array( 'name' => array( _x( 'Posts', 'post type general name' ), _x( 'Pages', 'post type general name' ) ), 'singular_name' => array( _x( 'Post', 'post type singular name' ), _x( 'Page', 'post type singular name' ) ), 'add_new' => array( _x( 'Add New', 'post' ), _x( 'Add New', 'page' ) ), 'add_new_item' => array( __( 'Add New Post' ), __( 'Add New Page' ) ), 'edit_item' => array( __( 'Edit Post' ), __( 'Edit Page' ) ), 'new_item' => array( __( 'New Post' ), __( 'New Page' ) ), 'view_item' => array( __( 'View Post' ), __( 'View Page' ) ), 'view_items' => array( __( 'View Posts' ), __( 'View Pages' ) ), 'search_items' => array( __( 'Search Posts' ), __( 'Search Pages' ) ), 'not_found' => array( __( 'No posts found.' ), __( 'No pages found.' ) ), 'not_found_in_trash' => array( __( 'No posts found in Trash.' ), __( 'No pages found in Trash.' ) ), 'parent_item_colon' => array( null, __( 'Parent Page:' ) ), 'all_items' => array( __( 'All Posts' ), __( 'All Pages' ) ), 'archives' => array( __( 'Post Archives' ), __( 'Page Archives' ) ), 'attributes' => array( __( 'Post Attributes' ), __( 'Page Attributes' ) ), 'insert_into_item' => array( __( 'Insert into post' ), __( 'Insert into page' ) ), 'uploaded_to_this_item' => array( __( 'Uploaded to this post' ), __( 'Uploaded to this page' ) ), 'featured_image' => array( _x( 'Featured image', 'post' ), _x( 'Featured image', 'page' ) ), 'set_featured_image' => array( _x( 'Set featured image', 'post' ), _x( 'Set featured image', 'page' ) ), 'remove_featured_image' => array( _x( 'Remove featured image', 'post' ), _x( 'Remove featured image', 'page' ) ), 'use_featured_image' => array( _x( 'Use as featured image', 'post' ), _x( 'Use as featured image', 'page' ) ), 'filter_items_list' => array( __( 'Filter posts list' ), __( 'Filter pages list' ) ), 'filter_by_date' => array( __( 'Filter by date' ), __( 'Filter by date' ) ), 'items_list_navigation' => array( __( 'Posts list navigation' ), __( 'Pages list navigation' ) ), 'items_list' => array( __( 'Posts list' ), __( 'Pages list' ) ), 'item_published' => array( __( 'Post published.' ), __( 'Page published.' ) ), 'item_published_privately' => array( __( 'Post published privately.' ), __( 'Page published privately.' ) ), 'item_reverted_to_draft' => array( __( 'Post reverted to draft.' ), __( 'Page reverted to draft.' ) ), 'item_scheduled' => array( __( 'Post scheduled.' ), __( 'Page scheduled.' ) ), 'item_updated' => array( __( 'Post updated.' ), __( 'Page updated.' ) ), 'item_link' => array( _x( 'Post Link', 'navigation link block title' ), _x( 'Page Link', 'navigation link block title' ), ), 'item_link_description' => array( _x( 'A link to a post.', 'navigation link block description' ), _x( 'A link to a page.', 'navigation link block description' ), ), ); return self::$default_labels; } /** * Resets the cache for the default labels. * * @since 6.0.0 */ public static function reset_default_labels() { self::$default_labels = array(); } } /** * Comment API: WP_Comment class * * @package WordPress * @subpackage Comments * @since 4.4.0 */ /** * Core class used to organize comments as instantiated objects with defined members. * * @since 4.4.0 */ #[AllowDynamicProperties] final class WP_Comment { /** * Comment ID. * * A numeric string, for compatibility reasons. * * @since 4.4.0 * @var string */ public $comment_ID; /** * ID of the post the comment is associated with. * * A numeric string, for compatibility reasons. * * @since 4.4.0 * @var string */ public $comment_post_ID = 0; /** * Comment author name. * * @since 4.4.0 * @var string */ public $comment_author = ''; /** * Comment author email address. * * @since 4.4.0 * @var string */ public $comment_author_email = ''; /** * Comment author URL. * * @since 4.4.0 * @var string */ public $comment_author_url = ''; /** * Comment author IP address (IPv4 format). * * @since 4.4.0 * @var string */ public $comment_author_IP = ''; /** * Comment date in YYYY-MM-DD HH:MM:SS format. * * @since 4.4.0 * @var string */ public $comment_date = '0000-00-00 00:00:00'; /** * Comment GMT date in YYYY-MM-DD HH::MM:SS format. * * @since 4.4.0 * @var string */ public $comment_date_gmt = '0000-00-00 00:00:00'; /** * Comment content. * * @since 4.4.0 * @var string */ public $comment_content; /** * Comment karma count. * * A numeric string, for compatibility reasons. * * @since 4.4.0 * @var string */ public $comment_karma = 0; /** * Comment approval status. * * @since 4.4.0 * @var string */ public $comment_approved = '1'; /** * Comment author HTTP user agent. * * @since 4.4.0 * @var string */ public $comment_agent = ''; /** * Comment type. * * @since 4.4.0 * @since 5.5.0 Default value changed to `comment`. * @var string */ public $comment_type = 'comment'; /** * Parent comment ID. * * A numeric string, for compatibility reasons. * * @since 4.4.0 * @var string */ public $comment_parent = 0; /** * Comment author ID. * * A numeric string, for compatibility reasons. * * @since 4.4.0 * @var string */ public $user_id = 0; /** * Comment children. * * @since 4.4.0 * @var array */ protected $children; /** * Whether children have been populated for this comment object. * * @since 4.4.0 * @var bool */ protected $populated_children = false; /** * Post fields. * * @since 4.4.0 * @var array */ protected $post_fields = array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_content_filtered', 'post_parent', 'guid', 'menu_order', 'post_type', 'post_mime_type', 'comment_count' ); /** * Retrieves a WP_Comment instance. * * @since 4.4.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $id Comment ID. * @return WP_Comment|false Comment object, otherwise false. */ public static function get_instance( $id ) { global $wpdb; $comment_id = (int) $id; if ( ! $comment_id ) { return false; } $_comment = wp_cache_get( $comment_id, 'comment' ); if ( ! $_comment ) { $_comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_ID = %d LIMIT 1", $comment_id ) ); if ( ! $_comment ) { return false; } wp_cache_add( $_comment->comment_ID, $_comment, 'comment' ); } return new WP_Comment( $_comment ); } /** * Constructor. * * Populates properties with object vars. * * @since 4.4.0 * * @param WP_Comment $comment Comment object. */ public function __construct( $comment ) { foreach ( get_object_vars( $comment ) as $key => $value ) { $this->$key = $value; } } /** * Convert object to array. * * @since 4.4.0 * * @return array Object as array. */ public function to_array() { return get_object_vars( $this ); } /** * Get the children of a comment. * * @since 4.4.0 * * @param array $args { * Array of arguments used to pass to get_comments() and determine format. * * @type string $format Return value format. 'tree' for a hierarchical tree, 'flat' for a flattened array. * Default 'tree'. * @type string $status Comment status to limit results by. Accepts 'hold' (`comment_status=0`), * 'approve' (`comment_status=1`), 'all', or a custom comment status. * Default 'all'. * @type string $hierarchical Whether to include comment descendants in the results. * 'threaded' returns a tree, with each comment's children * stored in a `children` property on the `WP_Comment` object. * 'flat' returns a flat array of found comments plus their children. * Pass `false` to leave out descendants. * The parameter is ignored (forced to `false`) when `$fields` is 'ids' or 'counts'. * Accepts 'threaded', 'flat', or false. Default: 'threaded'. * @type string|array $orderby Comment status or array of statuses. To use 'meta_value' * or 'meta_value_num', `$meta_key` must also be defined. * To sort by a specific `$meta_query` clause, use that * clause's array key. Accepts 'comment_agent', * 'comment_approved', 'comment_author', * 'comment_author_email', 'comment_author_IP', * 'comment_author_url', 'comment_content', 'comment_date', * 'comment_date_gmt', 'comment_ID', 'comment_karma', * 'comment_parent', 'comment_post_ID', 'comment_type', * 'user_id', 'comment__in', 'meta_value', 'meta_value_num', * the value of $meta_key, and the array keys of * `$meta_query`. Also accepts false, an empty array, or * 'none' to disable `ORDER BY` clause. * } * @return WP_Comment[] Array of `WP_Comment` objects. */ public function get_children( $args = array() ) { $defaults = array( 'format' => 'tree', 'status' => 'all', 'hierarchical' => 'threaded', 'orderby' => '', ); $_args = wp_parse_args( $args, $defaults ); $_args['parent'] = $this->comment_ID; if ( is_null( $this->children ) ) { if ( $this->populated_children ) { $this->children = array(); } else { $this->children = get_comments( $_args ); } } if ( 'flat' === $_args['format'] ) { $children = array(); foreach ( $this->children as $child ) { $child_args = $_args; $child_args['format'] = 'flat'; // get_children() resets this value automatically. unset( $child_args['parent'] ); $children = array_merge( $children, array( $child ), $child->get_children( $child_args ) ); } } else { $children = $this->children; } return $children; } /** * Add a child to the comment. * * Used by `WP_Comment_Query` when bulk-filling descendants. * * @since 4.4.0 * * @param WP_Comment $child Child comment. */ public function add_child( WP_Comment $child ) { $this->children[ $child->comment_ID ] = $child; } /** * Get a child comment by ID. * * @since 4.4.0 * * @param int $child_id ID of the child. * @return WP_Comment|false Returns the comment object if found, otherwise false. */ public function get_child( $child_id ) { if ( isset( $this->children[ $child_id ] ) ) { return $this->children[ $child_id ]; } return false; } /** * Set the 'populated_children' flag. * * This flag is important for ensuring that calling `get_children()` on a childless comment will not trigger * unneeded database queries. * * @since 4.4.0 * * @param bool $set Whether the comment's children have already been populated. */ public function populated_children( $set ) { $this->populated_children = (bool) $set; } /** * Check whether a non-public property is set. * * If `$name` matches a post field, the comment post will be loaded and the post's value checked. * * @since 4.4.0 * * @param string $name Property name. * @return bool */ public function __isset( $name ) { if ( in_array( $name, $this->post_fields, true ) && 0 !== (int) $this->comment_post_ID ) { $post = get_post( $this->comment_post_ID ); return property_exists( $post, $name ); } } /** * Magic getter. * * If `$name` matches a post field, the comment post will be loaded and the post's value returned. * * @since 4.4.0 * * @param string $name * @return mixed */ public function __get( $name ) { if ( in_array( $name, $this->post_fields, true ) ) { $post = get_post( $this->comment_post_ID ); return $post->$name; } } } /** * Dependencies API: _WP_Dependency class * * @since 4.7.0 * * @package WordPress * @subpackage Dependencies */ /** * Class _WP_Dependency * * Helper class to register a handle and associated data. * * @access private * @since 2.6.0 */ #[AllowDynamicProperties] class _WP_Dependency { /** * The handle name. * * @since 2.6.0 * @var string */ public $handle; /** * The handle source. * * @since 2.6.0 * @var string */ public $src; /** * An array of handle dependencies. * * @since 2.6.0 * @var string[] */ public $deps = array(); /** * The handle version. * * Used for cache-busting. * * @since 2.6.0 * @var bool|string */ public $ver = false; /** * Additional arguments for the handle. * * @since 2.6.0 * @var array */ public $args = null; // Custom property, such as $in_footer or $media. /** * Extra data to supply to the handle. * * @since 2.6.0 * @var array */ public $extra = array(); /** * Translation textdomain set for this dependency. * * @since 5.0.0 * @var string */ public $textdomain; /** * Translation path set for this dependency. * * @since 5.0.0 * @var string */ public $translations_path; /** * Setup dependencies. * * @since 2.6.0 * @since 5.3.0 Formalized the existing `...$args` parameter by adding it * to the function signature. * * @param mixed ...$args Dependency information. */ public function __construct( ...$args ) { list( $this->handle, $this->src, $this->deps, $this->ver, $this->args ) = $args; if ( ! is_array( $this->deps ) ) { $this->deps = array(); } } /** * Add handle data. * * @since 2.6.0 * * @param string $name The data key to add. * @param mixed $data The data value to add. * @return bool False if not scalar, true otherwise. */ public function add_data( $name, $data ) { if ( ! is_scalar( $name ) ) { return false; } $this->extra[ $name ] = $data; return true; } /** * Sets the translation domain for this dependency. * * @since 5.0.0 * * @param string $domain The translation textdomain. * @param string $path Optional. The full file path to the directory containing translation files. * @return bool False if $domain is not a string, true otherwise. */ public function set_translations( $domain, $path = '' ) { if ( ! is_string( $domain ) ) { return false; } $this->textdomain = $domain; $this->translations_path = $path; return true; } } /** * Core HTTP Request API * * Standardizes the HTTP requests for WordPress. Handles cookies, gzip encoding and decoding, chunk * decoding, if HTTP 1.1 and various other difficult HTTP protocol implementations. * * @package WordPress * @subpackage HTTP */ /** * Returns the initialized WP_Http Object * * @since 2.7.0 * @access private * * @return WP_Http HTTP Transport object. */ function _wp_http_get_object() { static $http = null; if ( is_null( $http ) ) { $http = new WP_Http(); } return $http; } /** * Retrieve the raw response from a safe HTTP request. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_request( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->request( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the GET method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_get( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->get( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the POST method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_post( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->post( $url, $args ); } /** * Retrieve the raw response from a safe HTTP request using the HEAD method. * * This function is ideal when the HTTP request is being made to an arbitrary * URL. The URL is validated to avoid redirection and request forgery attacks. * * @since 3.6.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_head( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; $http = _wp_http_get_object(); return $http->head( $url, $args ); } /** * Performs an HTTP request and returns its response. * * There are other API functions available which abstract away the HTTP method: * * - Default 'GET' for wp_remote_get() * - Default 'POST' for wp_remote_post() * - Default 'HEAD' for wp_remote_head() * * @since 2.7.0 * * @see WP_Http::request() For information on default arguments. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error { * The response array or a WP_Error on failure. * * @type string[] $headers Array of response headers keyed by their name. * @type string $body Response body. * @type array $response { * Data about the HTTP response. * * @type int|false $code HTTP response code. * @type string|false $message HTTP response message. * } * @type WP_HTTP_Cookie[] $cookies Array of response cookies. * @type WP_HTTP_Requests_Response|null $http_response Raw HTTP response object. * } */ function wp_remote_request( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->request( $url, $args ); } /** * Performs an HTTP request using the GET method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_get( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->get( $url, $args ); } /** * Performs an HTTP request using the POST method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_post( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->post( $url, $args ); } /** * Performs an HTTP request using the HEAD method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_head( $url, $args = array() ) { $http = _wp_http_get_object(); return $http->head( $url, $args ); } /** * Retrieve only the headers from the raw response. * * @since 2.7.0 * @since 4.6.0 Return value changed from an array to an Requests_Utility_CaseInsensitiveDictionary instance. * * @see \Requests_Utility_CaseInsensitiveDictionary * * @param array|WP_Error $response HTTP response. * @return \Requests_Utility_CaseInsensitiveDictionary|array The headers of the response, or empty array * if incorrect parameter given. */ function wp_remote_retrieve_headers( $response ) { if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { return array(); } return $response['headers']; } /** * Retrieve a single header by name from the raw response. * * @since 2.7.0 * * @param array|WP_Error $response HTTP response. * @param string $header Header name to retrieve value from. * @return array|string The header(s) value(s). Array if multiple headers with the same name are retrieved. * Empty string if incorrect parameter given, or if the header doesn't exist. */ function wp_remote_retrieve_header( $response, $header ) { if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { return ''; } if ( isset( $response['headers'][ $header ] ) ) { return $response['headers'][ $header ]; } return ''; } /** * Retrieve only the response code from the raw response. * * Will return an empty string if incorrect parameter value is given. * * @since 2.7.0 * * @param array|WP_Error $response HTTP response. * @return int|string The response code as an integer. Empty string if incorrect parameter given. */ function wp_remote_retrieve_response_code( $response ) { if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) { return ''; } return $response['response']['code']; } /** * Retrieve only the response message from the raw response. * * Will return an empty string if incorrect parameter value is given. * * @since 2.7.0 * * @param array|WP_Error $response HTTP response. * @return string The response message. Empty string if incorrect parameter given. */ function wp_remote_retrieve_response_message( $response ) { if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) { return ''; } return $response['response']['message']; } /** * Retrieve only the body from the raw response. * * @since 2.7.0 * * @param array|WP_Error $response HTTP response. * @return string The body of the response. Empty string if no body or incorrect parameter given. */ function wp_remote_retrieve_body( $response ) { if ( is_wp_error( $response ) || ! isset( $response['body'] ) ) { return ''; } return $response['body']; } /** * Retrieve only the cookies from the raw response. * * @since 4.4.0 * * @param array|WP_Error $response HTTP response. * @return WP_Http_Cookie[] An array of `WP_Http_Cookie` objects from the response. * Empty array if there are none, or the response is a WP_Error. */ function wp_remote_retrieve_cookies( $response ) { if ( is_wp_error( $response ) || empty( $response['cookies'] ) ) { return array(); } return $response['cookies']; } /** * Retrieve a single cookie by name from the raw response. * * @since 4.4.0 * * @param array|WP_Error $response HTTP response. * @param string $name The name of the cookie to retrieve. * @return WP_Http_Cookie|string The `WP_Http_Cookie` object, or empty string * if the cookie is not present in the response. */ function wp_remote_retrieve_cookie( $response, $name ) { $cookies = wp_remote_retrieve_cookies( $response ); if ( empty( $cookies ) ) { return ''; } foreach ( $cookies as $cookie ) { if ( $cookie->name === $name ) { return $cookie; } } return ''; } /** * Retrieve a single cookie's value by name from the raw response. * * @since 4.4.0 * * @param array|WP_Error $response HTTP response. * @param string $name The name of the cookie to retrieve. * @return string The value of the cookie, or empty string * if the cookie is not present in the response. */ function wp_remote_retrieve_cookie_value( $response, $name ) { $cookie = wp_remote_retrieve_cookie( $response, $name ); if ( ! is_a( $cookie, 'WP_Http_Cookie' ) ) { return ''; } return $cookie->value; } /** * Determines if there is an HTTP Transport that can process this request. * * @since 3.2.0 * * @param array $capabilities Array of capabilities to test or a wp_remote_request() $args array. * @param string $url Optional. If given, will check if the URL requires SSL and adds * that requirement to the capabilities array. * * @return bool */ function wp_http_supports( $capabilities = array(), $url = null ) { $http = _wp_http_get_object(); $capabilities = wp_parse_args( $capabilities ); $count = count( $capabilities ); // If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array. if ( $count && count( array_filter( array_keys( $capabilities ), 'is_numeric' ) ) == $count ) { $capabilities = array_combine( array_values( $capabilities ), array_fill( 0, $count, true ) ); } if ( $url && ! isset( $capabilities['ssl'] ) ) { $scheme = parse_url( $url, PHP_URL_SCHEME ); if ( 'https' === $scheme || 'ssl' === $scheme ) { $capabilities['ssl'] = true; } } return (bool) $http->_get_first_available_transport( $capabilities ); } /** * Get the HTTP Origin of the current request. * * @since 3.4.0 * * @return string URL of the origin. Empty string if no origin. */ function get_http_origin() { $origin = ''; if ( ! empty( $_SERVER['HTTP_ORIGIN'] ) ) { $origin = $_SERVER['HTTP_ORIGIN']; } /** * Change the origin of an HTTP request. * * @since 3.4.0 * * @param string $origin The original origin for the request. */ return apply_filters( 'http_origin', $origin ); } /** * Retrieve list of allowed HTTP origins. * * @since 3.4.0 * * @return string[] Array of origin URLs. */ function get_allowed_http_origins() { $admin_origin = parse_url( admin_url() ); $home_origin = parse_url( home_url() ); // @todo Preserve port? $allowed_origins = array_unique( array( 'http://' . $admin_origin['host'], 'https://' . $admin_origin['host'], 'http://' . $home_origin['host'], 'https://' . $home_origin['host'], ) ); /** * Change the origin types allowed for HTTP requests. * * @since 3.4.0 * * @param string[] $allowed_origins { * Array of default allowed HTTP origins. * * @type string $0 Non-secure URL for admin origin. * @type string $1 Secure URL for admin origin. * @type string $2 Non-secure URL for home origin. * @type string $3 Secure URL for home origin. * } */ return apply_filters( 'allowed_http_origins', $allowed_origins ); } /** * Determines if the HTTP origin is an authorized one. * * @since 3.4.0 * * @param string|null $origin Origin URL. If not provided, the value of get_http_origin() is used. * @return string Origin URL if allowed, empty string if not. */ function is_allowed_http_origin( $origin = null ) { $origin_arg = $origin; if ( null === $origin ) { $origin = get_http_origin(); } if ( $origin && ! in_array( $origin, get_allowed_http_origins(), true ) ) { $origin = ''; } /** * Change the allowed HTTP origin result. * * @since 3.4.0 * * @param string $origin Origin URL if allowed, empty string if not. * @param string $origin_arg Original origin string passed into is_allowed_http_origin function. */ return apply_filters( 'allowed_http_origin', $origin, $origin_arg ); } /** * Send Access-Control-Allow-Origin and related headers if the current request * is from an allowed origin. * * If the request is an OPTIONS request, the script exits with either access * control headers sent, or a 403 response if the origin is not allowed. For * other request methods, you will receive a return value. * * @since 3.4.0 * * @return string|false Returns the origin URL if headers are sent. Returns false * if headers are not sent. */ function send_origin_headers() { $origin = get_http_origin(); if ( is_allowed_http_origin( $origin ) ) { header( 'Access-Control-Allow-Origin: ' . $origin ); header( 'Access-Control-Allow-Credentials: true' ); if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { exit; } return $origin; } if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { status_header( 403 ); exit; } return false; } /** * Validate a URL for safe use in the HTTP API. * * @since 3.5.2 * * @param string $url Request URL. * @return string|false URL or false on failure. */ function wp_http_validate_url( $url ) { if ( ! is_string( $url ) || '' === $url || is_numeric( $url ) ) { return false; } $original_url = $url; $url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) ); if ( ! $url || strtolower( $url ) !== strtolower( $original_url ) ) { return false; } $parsed_url = parse_url( $url ); if ( ! $parsed_url || empty( $parsed_url['host'] ) ) { return false; } if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) ) { return false; } if ( false !== strpbrk( $parsed_url['host'], ':#?[]' ) ) { return false; } $parsed_home = parse_url( get_option( 'home' ) ); $same_host = isset( $parsed_home['host'] ) && strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ); $host = trim( $parsed_url['host'], '.' ); if ( ! $same_host ) { if ( preg_match( '#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', $host ) ) { $ip = $host; } else { $ip = gethostbyname( $host ); if ( $ip === $host ) { // Error condition for gethostbyname(). return false; } } if ( $ip ) { $parts = array_map( 'intval', explode( '.', $ip ) ); if ( 127 === $parts[0] || 10 === $parts[0] || 0 === $parts[0] || ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] ) || ( 192 === $parts[0] && 168 === $parts[1] ) ) { // If host appears local, reject unless specifically allowed. /** * Check if HTTP request is external or not. * * Allows to change and allow external requests for the HTTP request. * * @since 3.6.0 * * @param bool $external Whether HTTP request is external or not. * @param string $host Host name of the requested URL. * @param string $url Requested URL. */ if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) { return false; } } } } if ( empty( $parsed_url['port'] ) ) { return $url; } $port = $parsed_url['port']; /** * Controls the list of ports considered safe in HTTP API. * * Allows to change and allow external requests for the HTTP request. * * @since 5.9.0 * * @param array $allowed_ports Array of integers for valid ports. * @param string $host Host name of the requested URL. * @param string $url Requested URL. */ $allowed_ports = apply_filters( 'http_allowed_safe_ports', array( 80, 443, 8080 ), $host, $url ); if ( is_array( $allowed_ports ) && in_array( $port, $allowed_ports, true ) ) { return $url; } if ( $parsed_home && $same_host && isset( $parsed_home['port'] ) && $parsed_home['port'] === $port ) { return $url; } return false; } /** * Mark allowed redirect hosts safe for HTTP requests as well. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @param bool $is_external * @param string $host * @return bool */ function allowed_http_request_hosts( $is_external, $host ) { if ( ! $is_external && wp_validate_redirect( 'http://' . $host ) ) { $is_external = true; } return $is_external; } /** * Adds any domain in a multisite installation for safe HTTP requests to the * allowed list. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param bool $is_external * @param string $host * @return bool */ function ms_allowed_http_request_hosts( $is_external, $host ) { global $wpdb; static $queried = array(); if ( $is_external ) { return $is_external; } if ( get_network()->domain === $host ) { return true; } if ( isset( $queried[ $host ] ) ) { return $queried[ $host ]; } $queried[ $host ] = (bool) $wpdb->get_var( $wpdb->prepare( "SELECT domain FROM $wpdb->blogs WHERE domain = %s LIMIT 1", $host ) ); return $queried[ $host ]; } /** * A wrapper for PHP's parse_url() function that handles consistency in the return values * across PHP versions. * * PHP 5.4.7 expanded parse_url()'s ability to handle non-absolute URLs, including * schemeless and relative URLs with "://" in the path. This function works around * those limitations providing a standard output on PHP 5.2~5.4+. * * Secondly, across various PHP versions, schemeless URLs containing a ":" in the query * are being handled inconsistently. This function works around those differences as well. * * @since 4.4.0 * @since 4.7.0 The `$component` parameter was added for parity with PHP's `parse_url()`. * * @link https://www.php.net/manual/en/function.parse-url.php * * @param string $url The URL to parse. * @param int $component The specific component to retrieve. Use one of the PHP * predefined constants to specify which one. * Defaults to -1 (= return all parts as an array). * @return mixed False on parse failure; Array of URL components on success; * When a specific component has been requested: null if the component * doesn't exist in the given URL; a string or - in the case of * PHP_URL_PORT - integer when it does. See parse_url()'s return values. */ function wp_parse_url( $url, $component = -1 ) { $to_unset = array(); $url = (string) $url; if ( '//' === substr( $url, 0, 2 ) ) { $to_unset[] = 'scheme'; $url = 'placeholder:' . $url; } elseif ( '/' === substr( $url, 0, 1 ) ) { $to_unset[] = 'scheme'; $to_unset[] = 'host'; $url = 'placeholder://placeholder' . $url; } $parts = parse_url( $url ); if ( false === $parts ) { // Parsing failure. return $parts; } // Remove the placeholder values. foreach ( $to_unset as $key ) { unset( $parts[ $key ] ); } return _get_component_from_parsed_url_array( $parts, $component ); } /** * Retrieve a specific component from a parsed URL array. * * @internal * * @since 4.7.0 * @access private * * @link https://www.php.net/manual/en/function.parse-url.php * * @param array|false $url_parts The parsed URL. Can be false if the URL failed to parse. * @param int $component The specific component to retrieve. Use one of the PHP * predefined constants to specify which one. * Defaults to -1 (= return all parts as an array). * @return mixed False on parse failure; Array of URL components on success; * When a specific component has been requested: null if the component * doesn't exist in the given URL; a string or - in the case of * PHP_URL_PORT - integer when it does. See parse_url()'s return values. */ function _get_component_from_parsed_url_array( $url_parts, $component = -1 ) { if ( -1 === $component ) { return $url_parts; } $key = _wp_translate_php_url_constant_to_key( $component ); if ( false !== $key && is_array( $url_parts ) && isset( $url_parts[ $key ] ) ) { return $url_parts[ $key ]; } else { return null; } } /** * Translate a PHP_URL_* constant to the named array keys PHP uses. * * @internal * * @since 4.7.0 * @access private * * @link https://www.php.net/manual/en/url.constants.php * * @param int $constant PHP_URL_* constant. * @return string|false The named key or false. */ function _wp_translate_php_url_constant_to_key( $constant ) { $translation = array( PHP_URL_SCHEME => 'scheme', PHP_URL_HOST => 'host', PHP_URL_PORT => 'port', PHP_URL_USER => 'user', PHP_URL_PASS => 'pass', PHP_URL_PATH => 'path', PHP_URL_QUERY => 'query', PHP_URL_FRAGMENT => 'fragment', ); if ( isset( $translation[ $constant ] ) ) { return $translation[ $constant ]; } else { return false; } } /** * Requests for PHP * * Inspired by Requests for Python. * * Based on concepts from SimplePie_File, RequestCore and WP_Http. * * @package Requests */ /** * Requests for PHP * * Inspired by Requests for Python. * * Based on concepts from SimplePie_File, RequestCore and WP_Http. * * @package Requests */ class Requests { /** * POST method * * @var string */ const POST = 'POST'; /** * PUT method * * @var string */ const PUT = 'PUT'; /** * GET method * * @var string */ const GET = 'GET'; /** * HEAD method * * @var string */ const HEAD = 'HEAD'; /** * DELETE method * * @var string */ const DELETE = 'DELETE'; /** * OPTIONS method * * @var string */ const OPTIONS = 'OPTIONS'; /** * TRACE method * * @var string */ const TRACE = 'TRACE'; /** * PATCH method * * @link https://tools.ietf.org/html/rfc5789 * @var string */ const PATCH = 'PATCH'; /** * Default size of buffer size to read streams * * @var integer */ const BUFFER_SIZE = 1160; /** * Current version of Requests * * @var string */ const VERSION = '1.8.1'; /** * Registered transport classes * * @var array */ protected static $transports = array(); /** * Selected transport name * * Use {@see get_transport()} instead * * @var array */ public static $transport = array(); /** * Default certificate path. * * @see Requests::get_certificate_path() * @see Requests::set_certificate_path() * * @var string */ protected static $certificate_path; /** * This is a static class, do not instantiate it * * @codeCoverageIgnore */ private function __construct() {} /** * Autoloader for Requests * * Register this with {@see register_autoloader()} if you'd like to avoid * having to create your own. * * (You can also use `spl_autoload_register` directly if you'd prefer.) * * @codeCoverageIgnore * * @param string $class Class name to load */ public static function autoloader($class) { // Check that the class starts with "Requests" if (strpos($class, 'Requests') !== 0) { return; } $file = str_replace('_', '/', $class); if (file_exists(dirname(__FILE__) . '/' . $file . '.php')) { require_once dirname(__FILE__) . '/' . $file . '.php'; } } /** * Register the built-in autoloader * * @codeCoverageIgnore */ public static function register_autoloader() { spl_autoload_register(array('Requests', 'autoloader')); } /** * Register a transport * * @param string $transport Transport class to add, must support the Requests_Transport interface */ public static function add_transport($transport) { if (empty(self::$transports)) { self::$transports = array( 'Requests_Transport_cURL', 'Requests_Transport_fsockopen', ); } self::$transports = array_merge(self::$transports, array($transport)); } /** * Get a working transport * * @throws Requests_Exception If no valid transport is found (`notransport`) * @return Requests_Transport */ protected static function get_transport($capabilities = array()) { // Caching code, don't bother testing coverage // @codeCoverageIgnoreStart // array of capabilities as a string to be used as an array key ksort($capabilities); $cap_string = serialize($capabilities); // Don't search for a transport if it's already been done for these $capabilities if (isset(self::$transport[$cap_string]) && self::$transport[$cap_string] !== null) { $class = self::$transport[$cap_string]; return new $class(); } // @codeCoverageIgnoreEnd if (empty(self::$transports)) { self::$transports = array( 'Requests_Transport_cURL', 'Requests_Transport_fsockopen', ); } // Find us a working transport foreach (self::$transports as $class) { if (!class_exists($class)) { continue; } $result = call_user_func(array($class, 'test'), $capabilities); if ($result) { self::$transport[$cap_string] = $class; break; } } if (self::$transport[$cap_string] === null) { throw new Requests_Exception('No working transports found', 'notransport', self::$transports); } $class = self::$transport[$cap_string]; return new $class(); } /**#@+ * @see request() * @param string $url * @param array $headers * @param array $options * @return Requests_Response */ /** * Send a GET request */ public static function get($url, $headers = array(), $options = array()) { return self::request($url, $headers, null, self::GET, $options); } /** * Send a HEAD request */ public static function head($url, $headers = array(), $options = array()) { return self::request($url, $headers, null, self::HEAD, $options); } /** * Send a DELETE request */ public static function delete($url, $headers = array(), $options = array()) { return self::request($url, $headers, null, self::DELETE, $options); } /** * Send a TRACE request */ public static function trace($url, $headers = array(), $options = array()) { return self::request($url, $headers, null, self::TRACE, $options); } /**#@-*/ /**#@+ * @see request() * @param string $url * @param array $headers * @param array $data * @param array $options * @return Requests_Response */ /** * Send a POST request */ public static function post($url, $headers = array(), $data = array(), $options = array()) { return self::request($url, $headers, $data, self::POST, $options); } /** * Send a PUT request */ public static function put($url, $headers = array(), $data = array(), $options = array()) { return self::request($url, $headers, $data, self::PUT, $options); } /** * Send an OPTIONS request */ public static function options($url, $headers = array(), $data = array(), $options = array()) { return self::request($url, $headers, $data, self::OPTIONS, $options); } /** * Send a PATCH request * * Note: Unlike {@see post} and {@see put}, `$headers` is required, as the * specification recommends that should send an ETag * * @link https://tools.ietf.org/html/rfc5789 */ public static function patch($url, $headers, $data = array(), $options = array()) { return self::request($url, $headers, $data, self::PATCH, $options); } /**#@-*/ /** * Main interface for HTTP requests * * This method initiates a request and sends it via a transport before * parsing. * * The `$options` parameter takes an associative array with the following * options: * * - `timeout`: How long should we wait for a response? * Note: for cURL, a minimum of 1 second applies, as DNS resolution * operates at second-resolution only. * (float, seconds with a millisecond precision, default: 10, example: 0.01) * - `connect_timeout`: How long should we wait while trying to connect? * (float, seconds with a millisecond precision, default: 10, example: 0.01) * - `useragent`: Useragent to send to the server * (string, default: php-requests/$version) * - `follow_redirects`: Should we follow 3xx redirects? * (boolean, default: true) * - `redirects`: How many times should we redirect before erroring? * (integer, default: 10) * - `blocking`: Should we block processing on this request? * (boolean, default: true) * - `filename`: File to stream the body to instead. * (string|boolean, default: false) * - `auth`: Authentication handler or array of user/password details to use * for Basic authentication * (Requests_Auth|array|boolean, default: false) * - `proxy`: Proxy details to use for proxy by-passing and authentication * (Requests_Proxy|array|string|boolean, default: false) * - `max_bytes`: Limit for the response body size. * (integer|boolean, default: false) * - `idn`: Enable IDN parsing * (boolean, default: true) * - `transport`: Custom transport. Either a class name, or a * transport object. Defaults to the first working transport from * {@see getTransport()} * (string|Requests_Transport, default: {@see getTransport()}) * - `hooks`: Hooks handler. * (Requests_Hooker, default: new Requests_Hooks()) * - `verify`: Should we verify SSL certificates? Allows passing in a custom * certificate file as a string. (Using true uses the system-wide root * certificate store instead, but this may have different behaviour * across transports.) * (string|boolean, default: library/Requests/Transport/cacert.pem) * - `verifyname`: Should we verify the common name in the SSL certificate? * (boolean, default: true) * - `data_format`: How should we send the `$data` parameter? * (string, one of 'query' or 'body', default: 'query' for * HEAD/GET/DELETE, 'body' for POST/PUT/OPTIONS/PATCH) * * @throws Requests_Exception On invalid URLs (`nonhttp`) * * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array|null $data Data to send either as a query string for GET/HEAD requests, or in the body for POST requests * @param string $type HTTP request type (use Requests constants) * @param array $options Options for the request (see description for more information) * @return Requests_Response */ public static function request($url, $headers = array(), $data = array(), $type = self::GET, $options = array()) { if (empty($options['type'])) { $options['type'] = $type; } $options = array_merge(self::get_default_options(), $options); self::set_defaults($url, $headers, $data, $type, $options); $options['hooks']->dispatch('requests.before_request', array(&$url, &$headers, &$data, &$type, &$options)); if (!empty($options['transport'])) { $transport = $options['transport']; if (is_string($options['transport'])) { $transport = new $transport(); } } else { $need_ssl = (stripos($url, 'https://') === 0); $capabilities = array('ssl' => $need_ssl); $transport = self::get_transport($capabilities); } $response = $transport->request($url, $headers, $data, $options); $options['hooks']->dispatch('requests.before_parse', array(&$response, $url, $headers, $data, $type, $options)); return self::parse_response($response, $url, $headers, $data, $options); } /** * Send multiple HTTP requests simultaneously * * The `$requests` parameter takes an associative or indexed array of * request fields. The key of each request can be used to match up the * request with the returned data, or with the request passed into your * `multiple.request.complete` callback. * * The request fields value is an associative array with the following keys: * * - `url`: Request URL Same as the `$url` parameter to * {@see Requests::request} * (string, required) * - `headers`: Associative array of header fields. Same as the `$headers` * parameter to {@see Requests::request} * (array, default: `array()`) * - `data`: Associative array of data fields or a string. Same as the * `$data` parameter to {@see Requests::request} * (array|string, default: `array()`) * - `type`: HTTP request type (use Requests constants). Same as the `$type` * parameter to {@see Requests::request} * (string, default: `Requests::GET`) * - `cookies`: Associative array of cookie name to value, or cookie jar. * (array|Requests_Cookie_Jar) * * If the `$options` parameter is specified, individual requests will * inherit options from it. This can be used to use a single hooking system, * or set all the types to `Requests::POST`, for example. * * In addition, the `$options` parameter takes the following global options: * * - `complete`: A callback for when a request is complete. Takes two * parameters, a Requests_Response/Requests_Exception reference, and the * ID from the request array (Note: this can also be overridden on a * per-request basis, although that's a little silly) * (callback) * * @param array $requests Requests data (see description for more information) * @param array $options Global and default options (see {@see Requests::request}) * @return array Responses (either Requests_Response or a Requests_Exception object) */ public static function request_multiple($requests, $options = array()) { $options = array_merge(self::get_default_options(true), $options); if (!empty($options['hooks'])) { $options['hooks']->register('transport.internal.parse_response', array('Requests', 'parse_multiple')); if (!empty($options['complete'])) { $options['hooks']->register('multiple.request.complete', $options['complete']); } } foreach ($requests as $id => &$request) { if (!isset($request['headers'])) { $request['headers'] = array(); } if (!isset($request['data'])) { $request['data'] = array(); } if (!isset($request['type'])) { $request['type'] = self::GET; } if (!isset($request['options'])) { $request['options'] = $options; $request['options']['type'] = $request['type']; } else { if (empty($request['options']['type'])) { $request['options']['type'] = $request['type']; } $request['options'] = array_merge($options, $request['options']); } self::set_defaults($request['url'], $request['headers'], $request['data'], $request['type'], $request['options']); // Ensure we only hook in once if ($request['options']['hooks'] !== $options['hooks']) { $request['options']['hooks']->register('transport.internal.parse_response', array('Requests', 'parse_multiple')); if (!empty($request['options']['complete'])) { $request['options']['hooks']->register('multiple.request.complete', $request['options']['complete']); } } } unset($request); if (!empty($options['transport'])) { $transport = $options['transport']; if (is_string($options['transport'])) { $transport = new $transport(); } } else { $transport = self::get_transport(); } $responses = $transport->request_multiple($requests, $options); foreach ($responses as $id => &$response) { // If our hook got messed with somehow, ensure we end up with the // correct response if (is_string($response)) { $request = $requests[$id]; self::parse_multiple($response, $request); $request['options']['hooks']->dispatch('multiple.request.complete', array(&$response, $id)); } } return $responses; } /** * Get the default options * * @see Requests::request() for values returned by this method * @param boolean $multirequest Is this a multirequest? * @return array Default option values */ protected static function get_default_options($multirequest = false) { $defaults = array( 'timeout' => 10, 'connect_timeout' => 10, 'useragent' => 'php-requests/' . self::VERSION, 'protocol_version' => 1.1, 'redirected' => 0, 'redirects' => 10, 'follow_redirects' => true, 'blocking' => true, 'type' => self::GET, 'filename' => false, 'auth' => false, 'proxy' => false, 'cookies' => false, 'max_bytes' => false, 'idn' => true, 'hooks' => null, 'transport' => null, 'verify' => self::get_certificate_path(), 'verifyname' => true, ); if ($multirequest !== false) { $defaults['complete'] = null; } return $defaults; } /** * Get default certificate path. * * @return string Default certificate path. */ public static function get_certificate_path() { if (!empty(self::$certificate_path)) { return self::$certificate_path; } return dirname(__FILE__) . '/Requests/Transport/cacert.pem'; } /** * Set default certificate path. * * @param string $path Certificate path, pointing to a PEM file. */ public static function set_certificate_path($path) { self::$certificate_path = $path; } /** * Set the default values * * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array|null $data Data to send either as a query string for GET/HEAD requests, or in the body for POST requests * @param string $type HTTP request type * @param array $options Options for the request * @return array $options */ protected static function set_defaults(&$url, &$headers, &$data, &$type, &$options) { if (!preg_match('/^http(s)?:\/\//i', $url, $matches)) { throw new Requests_Exception('Only HTTP(S) requests are handled.', 'nonhttp', $url); } if (empty($options['hooks'])) { $options['hooks'] = new Requests_Hooks(); } if (is_array($options['auth'])) { $options['auth'] = new Requests_Auth_Basic($options['auth']); } if ($options['auth'] !== false) { $options['auth']->register($options['hooks']); } if (is_string($options['proxy']) || is_array($options['proxy'])) { $options['proxy'] = new Requests_Proxy_HTTP($options['proxy']); } if ($options['proxy'] !== false) { $options['proxy']->register($options['hooks']); } if (is_array($options['cookies'])) { $options['cookies'] = new Requests_Cookie_Jar($options['cookies']); } elseif (empty($options['cookies'])) { $options['cookies'] = new Requests_Cookie_Jar(); } if ($options['cookies'] !== false) { $options['cookies']->register($options['hooks']); } if ($options['idn'] !== false) { $iri = new Requests_IRI($url); $iri->host = Requests_IDNAEncoder::encode($iri->ihost); $url = $iri->uri; } // Massage the type to ensure we support it. $type = strtoupper($type); if (!isset($options['data_format'])) { if (in_array($type, array(self::HEAD, self::GET, self::DELETE), true)) { $options['data_format'] = 'query'; } else { $options['data_format'] = 'body'; } } } /** * HTTP response parser * * @throws Requests_Exception On missing head/body separator (`requests.no_crlf_separator`) * @throws Requests_Exception On missing head/body separator (`noversion`) * @throws Requests_Exception On missing head/body separator (`toomanyredirects`) * * @param string $headers Full response text including headers and body * @param string $url Original request URL * @param array $req_headers Original $headers array passed to {@link request()}, in case we need to follow redirects * @param array $req_data Original $data array passed to {@link request()}, in case we need to follow redirects * @param array $options Original $options array passed to {@link request()}, in case we need to follow redirects * @return Requests_Response */ protected static function parse_response($headers, $url, $req_headers, $req_data, $options) { $return = new Requests_Response(); if (!$options['blocking']) { return $return; } $return->raw = $headers; $return->url = (string) $url; $return->body = ''; if (!$options['filename']) { $pos = strpos($headers, "\r\n\r\n"); if ($pos === false) { // Crap! throw new Requests_Exception('Missing header/body separator', 'requests.no_crlf_separator'); } $headers = substr($return->raw, 0, $pos); // Headers will always be separated from the body by two new lines - `\n\r\n\r`. $body = substr($return->raw, $pos + 4); if (!empty($body)) { $return->body = $body; } } // Pretend CRLF = LF for compatibility (RFC 2616, section 19.3) $headers = str_replace("\r\n", "\n", $headers); // Unfold headers (replace [CRLF] 1*( SP | HT ) with SP) as per RFC 2616 (section 2.2) $headers = preg_replace('/\n[ \t]/', ' ', $headers); $headers = explode("\n", $headers); preg_match('#^HTTP/(1\.\d)[ \t]+(\d+)#i', array_shift($headers), $matches); if (empty($matches)) { throw new Requests_Exception('Response could not be parsed', 'noversion', $headers); } $return->protocol_version = (float) $matches[1]; $return->status_code = (int) $matches[2]; if ($return->status_code >= 200 && $return->status_code < 300) { $return->success = true; } foreach ($headers as $header) { list($key, $value) = explode(':', $header, 2); $value = trim($value); preg_replace('#(\s+)#i', ' ', $value); $return->headers[$key] = $value; } if (isset($return->headers['transfer-encoding'])) { $return->body = self::decode_chunked($return->body); unset($return->headers['transfer-encoding']); } if (isset($return->headers['content-encoding'])) { $return->body = self::decompress($return->body); } //fsockopen and cURL compatibility if (isset($return->headers['connection'])) { unset($return->headers['connection']); } $options['hooks']->dispatch('requests.before_redirect_check', array(&$return, $req_headers, $req_data, $options)); if ($return->is_redirect() && $options['follow_redirects'] === true) { if (isset($return->headers['location']) && $options['redirected'] < $options['redirects']) { if ($return->status_code === 303) { $options['type'] = self::GET; } $options['redirected']++; $location = $return->headers['location']; if (strpos($location, 'http://') !== 0 && strpos($location, 'https://') !== 0) { // relative redirect, for compatibility make it absolute $location = Requests_IRI::absolutize($url, $location); $location = $location->uri; } $hook_args = array( &$location, &$req_headers, &$req_data, &$options, $return, ); $options['hooks']->dispatch('requests.before_redirect', $hook_args); $redirected = self::request($location, $req_headers, $req_data, $options['type'], $options); $redirected->history[] = $return; return $redirected; } elseif ($options['redirected'] >= $options['redirects']) { throw new Requests_Exception('Too many redirects', 'toomanyredirects', $return); } } $return->redirects = $options['redirected']; $options['hooks']->dispatch('requests.after_request', array(&$return, $req_headers, $req_data, $options)); return $return; } /** * Callback for `transport.internal.parse_response` * * Internal use only. Converts a raw HTTP response to a Requests_Response * while still executing a multiple request. * * @param string $response Full response text including headers and body (will be overwritten with Response instance) * @param array $request Request data as passed into {@see Requests::request_multiple()} * @return null `$response` is either set to a Requests_Response instance, or a Requests_Exception object */ public static function parse_multiple(&$response, $request) { try { $url = $request['url']; $headers = $request['headers']; $data = $request['data']; $options = $request['options']; $response = self::parse_response($response, $url, $headers, $data, $options); } catch (Requests_Exception $e) { $response = $e; } } /** * Decoded a chunked body as per RFC 2616 * * @see https://tools.ietf.org/html/rfc2616#section-3.6.1 * @param string $data Chunked body * @return string Decoded body */ protected static function decode_chunked($data) { if (!preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', trim($data))) { return $data; } $decoded = ''; $encoded = $data; while (true) { $is_chunked = (bool) preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', $encoded, $matches); if (!$is_chunked) { // Looks like it's not chunked after all return $data; } $length = hexdec(trim($matches[1])); if ($length === 0) { // Ignore trailer headers return $decoded; } $chunk_length = strlen($matches[0]); $decoded .= substr($encoded, $chunk_length, $length); $encoded = substr($encoded, $chunk_length + $length + 2); if (trim($encoded) === '0' || empty($encoded)) { return $decoded; } } // We'll never actually get down here // @codeCoverageIgnoreStart } // @codeCoverageIgnoreEnd /** * Convert a key => value array to a 'key: value' array for headers * * @param array $array Dictionary of header values * @return array List of headers */ public static function flatten($array) { $return = array(); foreach ($array as $key => $value) { $return[] = sprintf('%s: %s', $key, $value); } return $return; } /** * Convert a key => value array to a 'key: value' array for headers * * @codeCoverageIgnore * @deprecated Misspelling of {@see Requests::flatten} * @param array $array Dictionary of header values * @return array List of headers */ public static function flattern($array) { return self::flatten($array); } /** * Decompress an encoded body * * Implements gzip, compress and deflate. Guesses which it is by attempting * to decode. * * @param string $data Compressed data in one of the above formats * @return string Decompressed string */ public static function decompress($data) { if (substr($data, 0, 2) !== "\x1f\x8b" && substr($data, 0, 2) !== "\x78\x9c") { // Not actually compressed. Probably cURL ruining this for us. return $data; } if (function_exists('gzdecode')) { // phpcs:ignore PHPCompatibility.FunctionUse.NewFunctions.gzdecodeFound -- Wrapped in function_exists() for PHP 5.2. $decoded = @gzdecode($data); if ($decoded !== false) { return $decoded; } } if (function_exists('gzinflate')) { $decoded = @gzinflate($data); if ($decoded !== false) { return $decoded; } } $decoded = self::compatible_gzinflate($data); if ($decoded !== false) { return $decoded; } if (function_exists('gzuncompress')) { $decoded = @gzuncompress($data); if ($decoded !== false) { return $decoded; } } return $data; } /** * Decompression of deflated string while staying compatible with the majority of servers. * * Certain Servers will return deflated data with headers which PHP's gzinflate() * function cannot handle out of the box. The following function has been created from * various snippets on the gzinflate() PHP documentation. * * Warning: Magic numbers within. Due to the potential different formats that the compressed * data may be returned in, some "magic offsets" are needed to ensure proper decompression * takes place. For a simple progmatic way to determine the magic offset in use, see: * https://core.trac.wordpress.org/ticket/18273 * * @since 2.8.1 * @link https://core.trac.wordpress.org/ticket/18273 * @link https://secure.php.net/manual/en/function.gzinflate.php#70875 * @link https://secure.php.net/manual/en/function.gzinflate.php#77336 * * @param string $gz_data String to decompress. * @return string|bool False on failure. */ public static function compatible_gzinflate($gz_data) { // Compressed data might contain a full zlib header, if so strip it for // gzinflate() if (substr($gz_data, 0, 3) === "\x1f\x8b\x08") { $i = 10; $flg = ord(substr($gz_data, 3, 1)); if ($flg > 0) { if ($flg & 4) { list($xlen) = unpack('v', substr($gz_data, $i, 2)); $i += 2 + $xlen; } if ($flg & 8) { $i = strpos($gz_data, "\0", $i) + 1; } if ($flg & 16) { $i = strpos($gz_data, "\0", $i) + 1; } if ($flg & 2) { $i += 2; } } $decompressed = self::compatible_gzinflate(substr($gz_data, $i)); if ($decompressed !== false) { return $decompressed; } } // If the data is Huffman Encoded, we must first strip the leading 2 // byte Huffman marker for gzinflate() // The response is Huffman coded by many compressors such as // java.util.zip.Deflater, Ruby’s Zlib::Deflate, and .NET's // System.IO.Compression.DeflateStream. // // See https://decompres.blogspot.com/ for a quick explanation of this // data type $huffman_encoded = false; // low nibble of first byte should be 0x08 list(, $first_nibble) = unpack('h', $gz_data); // First 2 bytes should be divisible by 0x1F list(, $first_two_bytes) = unpack('n', $gz_data); if ($first_nibble === 0x08 && ($first_two_bytes % 0x1F) === 0) { $huffman_encoded = true; } if ($huffman_encoded) { $decompressed = @gzinflate(substr($gz_data, 2)); if ($decompressed !== false) { return $decompressed; } } if (substr($gz_data, 0, 4) === "\x50\x4b\x03\x04") { // ZIP file format header // Offset 6: 2 bytes, General-purpose field // Offset 26: 2 bytes, filename length // Offset 28: 2 bytes, optional field length // Offset 30: Filename field, followed by optional field, followed // immediately by data list(, $general_purpose_flag) = unpack('v', substr($gz_data, 6, 2)); // If the file has been compressed on the fly, 0x08 bit is set of // the general purpose field. We can use this to differentiate // between a compressed document, and a ZIP file $zip_compressed_on_the_fly = ((0x08 & $general_purpose_flag) === 0x08); if (!$zip_compressed_on_the_fly) { // Don't attempt to decode a compressed zip file return $gz_data; } // Determine the first byte of data, based on the above ZIP header // offsets: $first_file_start = array_sum(unpack('v2', substr($gz_data, 26, 4))); $decompressed = @gzinflate(substr($gz_data, 30 + $first_file_start)); if ($decompressed !== false) { return $decompressed; } return false; } // Finally fall back to straight gzinflate $decompressed = @gzinflate($gz_data); if ($decompressed !== false) { return $decompressed; } // Fallback for all above failing, not expected, but included for // debugging and preventing regressions and to track stats $decompressed = @gzinflate(substr($gz_data, 2)); if ($decompressed !== false) { return $decompressed; } return false; } public static function match_domain($host, $reference) { // Check for a direct match if ($host === $reference) { return true; } // Calculate the valid wildcard match if the host is not an IP address // Also validates that the host has 3 parts or more, as per Firefox's // ruleset. $parts = explode('.', $host); if (ip2long($host) === false && count($parts) >= 3) { $parts[0] = '*'; $wildcard = implode('.', $parts); if ($wildcard === $reference) { return true; } } return false; } }