enmi-conf.org: comparison wp/wp-includes/class-wp.php

equal deleted inserted replaced

-:490d5cc509ed
+:cf61fcea0001
 	 * Public query variables.
 	 *
 	 * Long list of public query variables.
 	 *
 	 * @since 2.0.0
-	 * @access public
 	 * @var array
 	 */
-	public $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type');
+	public $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type', 'embed' );
 	/**
 	 * Private query variables.
 	 *
 	 * Long list of private query variables.
 	 *
 	 * @since 2.0.0
 	 * @var array
 	 */
-	public $private_query_vars = array( 'offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page', 'post__in', 'post__not_in', 'post_parent', 'post_parent__in', 'post_parent__not_in' );
+	public $private_query_vars = array( 'offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page', 'post__in', 'post__not_in', 'post_parent', 'post_parent__in', 'post_parent__not_in', 'title', 'fields' );
 	/**
 	 * Extra query variables set by the user.
 	 *
 	 * @since 2.1.0
 	 * @var string
 	 */
 	public $query_string;
 	/**
-	 * Permalink or requested URI.
+	 * The request path, e.g. 2015/05/06.
 	 *
 	 * @since 2.0.0
 	 * @var string
 	 */
 	public $request;
 		if ( !in_array($qv, $this->public_query_vars) )
 			$this->public_query_vars[] = $qv;
 	}
 	/**
+	 * Removes a query variable from a list of public query variables.
+	 *
+	 * @since 4.5.0
+	 *
+	 * @param string $name Query variable name.
+	 */
+	public function remove_query_var( $name ) {
+		$this->public_query_vars = array_diff( $this->public_query_vars, array( $name ) );
+	}
+	/**
 	 * Set the value of a query variable.
 	 *
 	 * @since 2.3.0
 	 *
 	 * @param string $key Query variable name.
 	 * Sets up the query variables based on the request. There are also many
 	 * filters and actions that can be used to further manipulate the result.
 	 *
 	 * @since 2.0.0
 	 *
+	 * @global WP_Rewrite $wp_rewrite
+	 *
 	 * @param array|string $extra_query_vars Set the extra query variables.
 	 */
 	public function parse_request($extra_query_vars = '') {
 		global $wp_rewrite;
 		/**
-		 * Filter whether to parse the request.
+		 * Filters whether to parse the request.
 		 *
 		 * @since 3.5.0
 		 *
 		 * @param bool         $bool             Whether or not to parse the request. Default true.
 		 * @param WP           $this             Current WordPress environment instance.
 			$pathinfo = str_replace( "%", "%25", $pathinfo );
 			list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] );
 			$self = $_SERVER['PHP_SELF'];
 			$home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' );
+			$home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) );
 			// Trim path info from the end and the leading home path from the
 			// front. For path info requests, this leaves us with the requesting
 			// filename, if any. For 404 requests, this leaves us with the
 			// requested permalink.
 			$req_uri = str_replace($pathinfo, '', $req_uri);
 			$req_uri = trim($req_uri, '/');
-			$req_uri = preg_replace("|^$home_path|i", '', $req_uri);
+			$req_uri = preg_replace( $home_path_regex, '', $req_uri );
 			$req_uri = trim($req_uri, '/');
 			$pathinfo = trim($pathinfo, '/');
-			$pathinfo = preg_replace("|^$home_path|i", '', $pathinfo);
+			$pathinfo = preg_replace( $home_path_regex, '', $pathinfo );
 			$pathinfo = trim($pathinfo, '/');
 			$self = trim($self, '/');
-			$self = preg_replace("|^$home_path|i", '', $self);
+			$self = preg_replace( $home_path_regex, '', $self );
 			$self = trim($self, '/');
 			// The requested permalink is in $pathinfo for path info requests and
 			//  $req_uri for other requests.
 			if ( ! empty($pathinfo) && !preg_match('|^.*' . $wp_rewrite->index . '$|', $pathinfo) ) {
-				$request = $pathinfo;
+				$requested_path = $pathinfo;
 			} else {
 				// If the request uri is the index, blank it out so that we don't try to match it against a rule.
 				if ( $req_uri == $wp_rewrite->index )
 					$req_uri = '';
-				$request = $req_uri;
+				$requested_path = $req_uri;
 			}
+			$requested_file = $req_uri;
-			$this->request = $request;
+			$this->request = $requested_path;
 			// Look for matches.
-			$request_match = $request;
+			$request_match = $requested_path;
 			if ( empty( $request_match ) ) {
 				// An empty request could only match against ^$ regex
 				if ( isset( $rewrite['$'] ) ) {
 					$this->matched_rule = '$';
 					$query = $rewrite['$'];
 					$matches = array('');
 				}
 			} else {
 				foreach ( (array) $rewrite as $match => $query ) {
-					// If the requesting file is the anchor of the match, prepend it to the path info.
+					// If the requested file is the anchor of the match, prepend it to the path info.
-					if ( ! empty($req_uri) && strpos($match, $req_uri) === 0 && $req_uri != $request )
+					if ( ! empty($requested_file) && strpos($match, $requested_file) === 0 && $requested_file != $requested_path )
-						$request_match = $req_uri . '/' . $request;
+						$request_match = $requested_file . '/' . $requested_path;
 					if ( preg_match("#^$match#", $request_match, $matches) ||
 						preg_match("#^$match#", urldecode($request_match), $matches) ) {
 						if ( $wp_rewrite->use_verbose_page_rules && preg_match( '/pagename=\$matches\[([0-9]+)\]/', $query, $varmatch ) ) {
 							// This is a verbose page match, let's check to be sure about it.
-							if ( ! get_page_by_path( $matches[ $varmatch[1] ] ) )
+							$page = get_page_by_path( $matches[ $varmatch[1] ] );
+							if ( ! $page ) {
 						 		continue;
+							}
+							$post_status_obj = get_post_status_object( $page->post_status );
+							if ( ! $post_status_obj->public && ! $post_status_obj->protected
+								&& ! $post_status_obj->private && $post_status_obj->exclude_from_search ) {
+								continue;
+							}
 						}
 						// Got a match.
 						$this->matched_rule = $match;
 						break;
 				if ( '404' == $error )
 					unset( $error, $_GET['error'] );
 			}
 			// If req_uri is empty or if it is a request for ourself, unset error.
-			if ( empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) {
+			if ( empty($requested_path) || $requested_file == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) {
 				unset( $error, $_GET['error'] );
 				if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false )
 					unset( $perma_query_vars );
 				$this->did_permalink = false;
 			}
 		}
 		/**
-		 * Filter the query variables whitelist before processing.
+		 * Filters the query variables whitelist before processing.
 		 *
 		 * Allows (publicly allowed) query vars to be added, removed, or changed prior
 		 * to executing the query. Needed to allow custom rewrite rules using your own arguments
 		 * to work, or any other custom query variables you want to be publicly available.
 		 *
 		 *
 		 * @param array $public_query_vars The array of whitelisted query variables.
 		 */
 		$this->public_query_vars = apply_filters( 'query_vars', $this->public_query_vars );
-		foreach ( get_post_types( array(), 'objects' ) as $post_type => $t )
+		foreach ( get_post_types( array(), 'objects' ) as $post_type => $t ) {
-			if ( $t->query_var )
+			if ( is_post_type_viewable( $t ) && $t->query_var ) {
 				$post_type_query_vars[$t->query_var] = $post_type;
+			}
+		}
 		foreach ( $this->public_query_vars as $wpvar ) {
 			if ( isset( $this->extra_query_vars[$wpvar] ) )
 				$this->query_vars[$wpvar] = $this->extra_query_vars[$wpvar];
 			elseif ( isset( $_POST[$wpvar] ) )
 		// Convert urldecoded spaces back into +
 		foreach ( get_taxonomies( array() , 'objects' ) as $taxonomy => $t )
 			if ( $t->query_var && isset( $this->query_vars[$t->query_var] ) )
 				$this->query_vars[$t->query_var] = str_replace( ' ', '+', $this->query_vars[$t->query_var] );
+		// Don't allow non-publicly queryable taxonomies to be queried from the front end.
+		if ( ! is_admin() ) {
+			foreach ( get_taxonomies( array( 'publicly_queryable' => false ), 'objects' ) as $taxonomy => $t ) {
+				/*
+				 * Disallow when set to the 'taxonomy' query var.
+				 * Non-publicly queryable taxonomies cannot register custom query vars. See register_taxonomy().
+				 */
+				if ( isset( $this->query_vars['taxonomy'] ) && $taxonomy === $this->query_vars['taxonomy'] ) {
+					unset( $this->query_vars['taxonomy'], $this->query_vars['term'] );
+				}
+			}
+		}
 		// Limit publicly queried post_types to those that are publicly_queryable
 		if ( isset( $this->query_vars['post_type']) ) {
 			$queryable_post_types = get_post_types( array('publicly_queryable' => true) );
 			if ( ! is_array( $this->query_vars['post_type'] ) ) {
 				if ( ! in_array( $this->query_vars['post_type'], $queryable_post_types ) )
 			} else {
 				$this->query_vars['post_type'] = array_intersect( $this->query_vars['post_type'], $queryable_post_types );
 			}
 		}
+		// Resolve conflicts between posts with numeric slugs and date archive queries.
+		$this->query_vars = wp_resolve_numeric_slug_conflicts( $this->query_vars );
 		foreach ( (array) $this->private_query_vars as $var) {
 			if ( isset($this->extra_query_vars[$var]) )
 				$this->query_vars[$var] = $this->extra_query_vars[$var];
 		}
 		if ( isset($error) )
 			$this->query_vars['error'] = $error;
 		/**
-		 * Filter the array of parsed query variables.
+		 * Filters the array of parsed query variables.
 		 *
 		 * @since 2.1.0
 		 *
 		 * @param array $query_vars The array of requested query variables.
 		 */
 		/**
 		 * Fires once all query variables for the current request have been parsed.
 		 *
 		 * @since 2.1.0
 		 *
-		 * @param WP &$this Current WordPress environment instance (passed by reference).
+		 * @param WP $this Current WordPress environment instance (passed by reference).
 		 */
 		do_action_ref_array( 'parse_request', array( &$this ) );
 	}
 	/**
-	 * Send additional HTTP headers for caching, content type, etc.
+	 * Sends additional HTTP headers for caching, content type, etc.
 	 *
-	 * Sets the X-Pingback header, 404 status (if 404), Content-type. If showing
+	 * Sets the Content-Type header. Sets the 'error' status (if passed) and optionally exits.
-	 * a feed, it will also send last-modified, etag, and 304 status if needed.
+	 * If showing a feed, it will also send Last-Modified, ETag, and 304 status if needed.
 	 *
 	 * @since 2.0.0
+	 * @since 4.4.0 `X-Pingback` header is added conditionally after posts have been queried in handle_404().
 	 */
 	public function send_headers() {
-		$headers = array('X-Pingback' => get_bloginfo('pingback_url'));
+		$headers = array();
 		$status = null;
 		$exit_required = false;
 		if ( is_user_logged_in() )
 			$headers = array_merge($headers, wp_get_nocache_headers());
 				$exit_required = true;
 			}
 		} elseif ( empty( $this->query_vars['feed'] ) ) {
 			$headers['Content-Type'] = get_option('html_type') . '; charset=' . get_option('blog_charset');
 		} else {
-			// We're showing a feed, so WP is indeed the only thing that last changed
+			// Set the correct content type for feeds
-			if ( !empty($this->query_vars['withcomments'])
+			$type = $this->query_vars['feed'];
-				|| false !== strpos( $this->query_vars['feed'], 'comments-' )
+			if ( 'feed' == $this->query_vars['feed'] ) {
-				|| ( empty($this->query_vars['withoutcomments'])
+				$type = get_default_feed();
-					&& ( !empty($this->query_vars['p'])
+			}
-						|| !empty($this->query_vars['name'])
+			$headers['Content-Type'] = feed_content_type( $type ) . '; charset=' . get_option( 'blog_charset' );
-						|| !empty($this->query_vars['page_id'])
-						|| !empty($this->query_vars['pagename'])
+			// We're showing a feed, so WP is indeed the only thing that last changed.
-						|| !empty($this->query_vars['attachment'])
+			if ( ! empty( $this->query_vars['withcomments'] )
-						|| !empty($this->query_vars['attachment_id'])
+			     || false !== strpos( $this->query_vars['feed'], 'comments-' )
-					)
+			     || ( empty( $this->query_vars['withoutcomments'] )
-				)
+			          && ( ! empty( $this->query_vars['p'] )
-			)
+			               || ! empty( $this->query_vars['name'] )
-				$wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastcommentmodified('GMT'), 0).' GMT';
+			               || ! empty( $this->query_vars['page_id'] )
-			else
+			               || ! empty( $this->query_vars['pagename'] )
-				$wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0).' GMT';
+			               || ! empty( $this->query_vars['attachment'] )
+			               || ! empty( $this->query_vars['attachment_id'] )
+			          )
+			     )
+			) {
+				$wp_last_modified = mysql2date( 'D, d M Y H:i:s', get_lastcommentmodified( 'GMT' ), false );
+			} else {
+				$wp_last_modified = mysql2date( 'D, d M Y H:i:s', get_lastpostmodified( 'GMT' ), false );
+			}
+			if ( ! $wp_last_modified ) {
+				$wp_last_modified = date( 'D, d M Y H:i:s' );
+			}
+			$wp_last_modified .= ' GMT';
 			$wp_etag = '"' . md5($wp_last_modified) . '"';
 			$headers['Last-Modified'] = $wp_last_modified;
 			$headers['ETag'] = $wp_etag;
 			// Support for Conditional GET
 				$exit_required = true;
 			}
 		}
 		/**
-		 * Filter the HTTP headers before they're sent to the browser.
+		 * Filters the HTTP headers before they're sent to the browser.
 		 *
 		 * @since 2.8.0
 		 *
 		 * @param array $headers The list of headers to be sent.
 		 * @param WP    $this    Current WordPress environment instance.
 					}
 				}
 			}
 		}
-		foreach( (array) $headers as $name => $field_value )
+		foreach ( (array) $headers as $name => $field_value )
 			@header("{$name}: {$field_value}");
 		if ( $exit_required )
 			exit();
 		/**
 		 * Fires once the requested HTTP headers for caching, content type, etc. have been sent.
 		 *
 		 * @since 2.1.0
 		 *
-		 * @param WP &$this Current WordPress environment instance (passed by reference).
+		 * @param WP $this Current WordPress environment instance (passed by reference).
 		 */
 		do_action_ref_array( 'send_headers', array( &$this ) );
 	}
 	/**
 	 * Sets the query string property based off of the query variable property.
 	 *
-	 * The 'query_string' filter is deprecated, but still works. Plugins should
+	 * The {@see 'query_string'} filter is deprecated, but still works. Plugins should
-	 * use the 'request' filter instead.
+	 * use the {@see 'request'} filter instead.
 	 *
 	 * @since 2.0.0
 	 */
 	public function build_query_string() {
 		$this->query_string = '';
 			}
 		}
 		if ( has_filter( 'query_string' ) ) {  // Don't bother filtering and parsing if no plugins are hooked in.
 			/**
-			 * Filter the query string before parsing.
+			 * Filters the query string before parsing.
 			 *
 			 * @since 1.5.0
 			 * @deprecated 2.1.0 Use 'query_vars' or 'request' filters instead.
 			 *
 			 * @param string $query_string The query string to modify.
 	 *
 	 * The query_vars property will be extracted to the GLOBALS. So care should
 	 * be taken when naming global variables that might interfere with the
 	 * WordPress environment.
 	 *
-	 * @global string $query_string Query string for the loop.
+	 * @since 2.0.0
-	 * @global array $posts The found posts.
+	 *
+	 * @global WP_Query     $wp_query
+	 * @global string       $query_string Query string for the loop.
+	 * @global array        $posts The found posts.
 	 * @global WP_Post|null $post The current post, if available.
-	 * @global string $request The SQL statement for the request.
+	 * @global string       $request The SQL statement for the request.
-	 * @global int $more Only set, if single page or post.
+	 * @global int          $more Only set, if single page or post.
-	 * @global int $single If single page or post. Only set, if single page or post.
+	 * @global int          $single If single page or post. Only set, if single page or post.
-	 * @global WP_User $authordata Only set, if author archive.
+	 * @global WP_User      $authordata Only set, if author archive.
-	 *
-	 * @since 2.0.0
 	 */
 	public function register_globals() {
 		global $wp_query;
 		// Extract updated query vars back into global namespace.
 	/**
 	 * Set up the Loop based on the query variables.
 	 *
 	 * @since 2.0.0
+	 *
+	 * @global WP_Query $wp_the_query
 	 */
 	public function query_posts() {
 		global $wp_the_query;
 		$this->build_query_string();
 		$wp_the_query->query($this->query_vars);
 	 * any object (e.g. an existing-but-empty category, tag, author) and a 404 was not already
 	 * issued, and if the request was not a search or the homepage.
 	 *
 	 * Otherwise, issue a 200.
 	 *
-	 * @since 2.0.0
+	 * This sets headers after posts have been queried. handle_404() really means "handle status."
+	 * By inspecting the result of querying posts, seemingly successful requests can be switched to
+	 * a 404 so that canonical redirection logic can kick in.
+	 *
+	 * @since 2.0.0
+*
+	 * @global WP_Query $wp_query
 	 */
 	public function handle_404() {
 		global $wp_query;
+		/**
+		 * Filters whether to short-circuit default header status handling.
+		 *
+		 * Returning a non-false value from the filter will short-circuit the handling
+		 * and return early.
+		 *
+		 * @since 4.5.0
+		 *
+		 * @param bool     $preempt  Whether to short-circuit default header status handling. Default false.
+		 * @param WP_Query $wp_query WordPress Query object.
+		 */
+		if ( false !== apply_filters( 'pre_handle_404', false, $wp_query ) ) {
+			return;
+		}
 		// If we've already issued a 404, bail.
 		if ( is_404() )
 			return;
 		// Never 404 for the admin, robots, or if we found posts.
 		if ( is_admin() || is_robots() || $wp_query->posts ) {
-			status_header( 200 );
-			return;
+			$success = true;
+			if ( is_singular() ) {
+				$p = false;
+				if ( $wp_query->post instanceof WP_Post ) {
+					$p = clone $wp_query->post;
+				}
+				// Only set X-Pingback for single posts that allow pings.
+				if ( $p && pings_open( $p ) ) {
+					@header( 'X-Pingback: ' . get_bloginfo( 'pingback_url', 'display' ) );
+				}
+				// check for paged content that exceeds the max number of pages
+				$next = '<!--nextpage-->';
+				if ( $p && false !== strpos( $p->post_content, $next ) && ! empty( $this->query_vars['page'] ) ) {
+					$page = trim( $this->query_vars['page'], '/' );
+					$success = (int) $page <= ( substr_count( $p->post_content, $next ) + 1 );
+				}
+			}
+			if ( $success ) {
+				status_header( 200 );
+				return;
+			}
 		}
 		// We will 404 for paged queries, as no posts were found.
 		if ( ! is_paged() ) {
 	}
 	/**
 	 * Sets up all of the variables required by the WordPress environment.
 	 *
-	 * The action 'wp' has one parameter that references the WP object. It
+	 * The action {@see 'wp'} has one parameter that references the WP object. It
 	 * allows for accessing the properties and methods to further manipulate the
 	 * object.
 	 *
 	 * @since 2.0.0
 	 *
-	 * @param string|array $query_args Passed to {@link parse_request()}
+	 * @param string|array $query_args Passed to parse_request().
 	 */
 	public function main($query_args = '') {
 		$this->init();
 		$this->parse_request($query_args);
 		$this->send_headers();
 		/**
 		 * Fires once the WordPress environment has been set up.
 		 *
 		 * @since 2.1.0
 		 *
-		 * @param WP &$this Current WordPress environment instance (passed by reference).
+		 * @param WP $this Current WordPress environment instance (passed by reference).
 		 */
 		do_action_ref_array( 'wp', array( &$this ) );
 	}
 }
-/**
-* Helper class to remove the need to use eval to replace $matches[] in query strings.
-*
-* @since 2.9.0
-*/
-class WP_MatchesMapRegex {
-	/**
-	 * store for matches
-	 *
-	 * @access private
-	 * @var array
-	 */
-	private $_matches;
-	/**
-	 * store for mapping result
-	 *
-	 * @access public
-	 * @var string
-	 */
-	public $output;
-	/**
-	 * subject to perform mapping on (query string containing $matches[] references
-	 *
-	 * @access private
-	 * @var string
-	 */
-	private $_subject;
-	/**
-	 * regexp pattern to match $matches[] references
-	 *
-	 * @var string
-	 */
-	public $_pattern = '(\$matches\[[1-9]+[0-9]*\])'; // magic number
-	/**
-	 * constructor
-	 *
-	 * @param string $subject subject if regex
-	 * @param array  $matches data to use in map
-	 */
-	public function __construct($subject, $matches) {
-		$this->_subject = $subject;
-		$this->_matches = $matches;
-		$this->output = $this->_map();
-	}
-	/**
-	 * Substitute substring matches in subject.
-	 *
-	 * static helper function to ease use
-	 *
-	 * @access public
-	 * @param string $subject subject
-	 * @param array  $matches data used for substitution
-	 * @return string
-	 */
-	public static function apply($subject, $matches) {
-		$oSelf = new WP_MatchesMapRegex($subject, $matches);
-		return $oSelf->output;
-	}
-	/**
-	 * do the actual mapping
-	 *
-	 * @access private
-	 * @return string
-	 */
-	private function _map() {
-		$callback = array($this, 'callback');
-		return preg_replace_callback($this->_pattern, $callback, $this->_subject);
-	}
-	/**
-	 * preg_replace_callback hook
-	 *
-	 * @access public
-	 * @param  array $matches preg_replace regexp matches
-	 * @return string
-	 */
-	public function callback($matches) {
-		$index = intval(substr($matches[0], 9, -1));
-		return ( isset( $this->_matches[$index] ) ? urlencode($this->_matches[$index]) : '' );
-	}
-}

changeset 7	cf61fcea0001
parent 5	5e2f62d02dcd
child 9	177826044cd9