--- a/wp/wp-includes/class-wp.php Tue Jun 09 11:14:17 2015 +0000
+++ b/wp/wp-includes/class-wp.php Mon Oct 14 17:39:30 2019 +0200
@@ -12,10 +12,9 @@
* Long list of public query variables.
*
* @since 2.0.0
- * @access public
* @var array
*/
- public $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type');
+ public $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type', 'embed' );
/**
* Private query variables.
@@ -25,7 +24,7 @@
* @since 2.0.0
* @var array
*/
- public $private_query_vars = array( 'offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page', 'post__in', 'post__not_in', 'post_parent', 'post_parent__in', 'post_parent__not_in' );
+ public $private_query_vars = array( 'offset', 'posts_per_page', 'posts_per_archive_page', 'showposts', 'nopaging', 'post_type', 'post_status', 'category__in', 'category__not_in', 'category__and', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'tag_id', 'post_mime_type', 'perm', 'comments_per_page', 'post__in', 'post__not_in', 'post_parent', 'post_parent__in', 'post_parent__not_in', 'title', 'fields' );
/**
* Extra query variables set by the user.
@@ -52,7 +51,7 @@
public $query_string;
/**
- * Permalink or requested URI.
+ * The request path, e.g. 2015/05/06.
*
* @since 2.0.0
* @var string
@@ -96,6 +95,17 @@
}
/**
+ * Removes a query variable from a list of public query variables.
+ *
+ * @since 4.5.0
+ *
+ * @param string $name Query variable name.
+ */
+ public function remove_query_var( $name ) {
+ $this->public_query_vars = array_diff( $this->public_query_vars, array( $name ) );
+ }
+
+ /**
* Set the value of a query variable.
*
* @since 2.3.0
@@ -115,13 +125,15 @@
*
* @since 2.0.0
*
+ * @global WP_Rewrite $wp_rewrite
+ *
* @param array|string $extra_query_vars Set the extra query variables.
*/
public function parse_request($extra_query_vars = '') {
global $wp_rewrite;
/**
- * Filter whether to parse the request.
+ * Filters whether to parse the request.
*
* @since 3.5.0
*
@@ -157,6 +169,7 @@
list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] );
$self = $_SERVER['PHP_SELF'];
$home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' );
+ $home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) );
// Trim path info from the end and the leading home path from the
// front. For path info requests, this leaves us with the requesting
@@ -164,30 +177,31 @@
// requested permalink.
$req_uri = str_replace($pathinfo, '', $req_uri);
$req_uri = trim($req_uri, '/');
- $req_uri = preg_replace("|^$home_path|i", '', $req_uri);
+ $req_uri = preg_replace( $home_path_regex, '', $req_uri );
$req_uri = trim($req_uri, '/');
$pathinfo = trim($pathinfo, '/');
- $pathinfo = preg_replace("|^$home_path|i", '', $pathinfo);
+ $pathinfo = preg_replace( $home_path_regex, '', $pathinfo );
$pathinfo = trim($pathinfo, '/');
$self = trim($self, '/');
- $self = preg_replace("|^$home_path|i", '', $self);
+ $self = preg_replace( $home_path_regex, '', $self );
$self = trim($self, '/');
// The requested permalink is in $pathinfo for path info requests and
// $req_uri for other requests.
if ( ! empty($pathinfo) && !preg_match('|^.*' . $wp_rewrite->index . '$|', $pathinfo) ) {
- $request = $pathinfo;
+ $requested_path = $pathinfo;
} else {
// If the request uri is the index, blank it out so that we don't try to match it against a rule.
if ( $req_uri == $wp_rewrite->index )
$req_uri = '';
- $request = $req_uri;
+ $requested_path = $req_uri;
}
+ $requested_file = $req_uri;
- $this->request = $request;
+ $this->request = $requested_path;
// Look for matches.
- $request_match = $request;
+ $request_match = $requested_path;
if ( empty( $request_match ) ) {
// An empty request could only match against ^$ regex
if ( isset( $rewrite['$'] ) ) {
@@ -197,17 +211,25 @@
}
} else {
foreach ( (array) $rewrite as $match => $query ) {
- // If the requesting file is the anchor of the match, prepend it to the path info.
- if ( ! empty($req_uri) && strpos($match, $req_uri) === 0 && $req_uri != $request )
- $request_match = $req_uri . '/' . $request;
+ // If the requested file is the anchor of the match, prepend it to the path info.
+ if ( ! empty($requested_file) && strpos($match, $requested_file) === 0 && $requested_file != $requested_path )
+ $request_match = $requested_file . '/' . $requested_path;
if ( preg_match("#^$match#", $request_match, $matches) ||
preg_match("#^$match#", urldecode($request_match), $matches) ) {
if ( $wp_rewrite->use_verbose_page_rules && preg_match( '/pagename=\$matches\[([0-9]+)\]/', $query, $varmatch ) ) {
// This is a verbose page match, let's check to be sure about it.
- if ( ! get_page_by_path( $matches[ $varmatch[1] ] ) )
+ $page = get_page_by_path( $matches[ $varmatch[1] ] );
+ if ( ! $page ) {
continue;
+ }
+
+ $post_status_obj = get_post_status_object( $page->post_status );
+ if ( ! $post_status_obj->public && ! $post_status_obj->protected
+ && ! $post_status_obj->private && $post_status_obj->exclude_from_search ) {
+ continue;
+ }
}
// Got a match.
@@ -235,7 +257,7 @@
}
// If req_uri is empty or if it is a request for ourself, unset error.
- if ( empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) {
+ if ( empty($requested_path) || $requested_file == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) {
unset( $error, $_GET['error'] );
if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false )
@@ -246,7 +268,7 @@
}
/**
- * Filter the query variables whitelist before processing.
+ * Filters the query variables whitelist before processing.
*
* Allows (publicly allowed) query vars to be added, removed, or changed prior
* to executing the query. Needed to allow custom rewrite rules using your own arguments
@@ -258,9 +280,11 @@
*/
$this->public_query_vars = apply_filters( 'query_vars', $this->public_query_vars );
- foreach ( get_post_types( array(), 'objects' ) as $post_type => $t )
- if ( $t->query_var )
+ foreach ( get_post_types( array(), 'objects' ) as $post_type => $t ) {
+ if ( is_post_type_viewable( $t ) && $t->query_var ) {
$post_type_query_vars[$t->query_var] = $post_type;
+ }
+ }
foreach ( $this->public_query_vars as $wpvar ) {
if ( isset( $this->extra_query_vars[$wpvar] ) )
@@ -295,6 +319,19 @@
if ( $t->query_var && isset( $this->query_vars[$t->query_var] ) )
$this->query_vars[$t->query_var] = str_replace( ' ', '+', $this->query_vars[$t->query_var] );
+ // Don't allow non-publicly queryable taxonomies to be queried from the front end.
+ if ( ! is_admin() ) {
+ foreach ( get_taxonomies( array( 'publicly_queryable' => false ), 'objects' ) as $taxonomy => $t ) {
+ /*
+ * Disallow when set to the 'taxonomy' query var.
+ * Non-publicly queryable taxonomies cannot register custom query vars. See register_taxonomy().
+ */
+ if ( isset( $this->query_vars['taxonomy'] ) && $taxonomy === $this->query_vars['taxonomy'] ) {
+ unset( $this->query_vars['taxonomy'], $this->query_vars['term'] );
+ }
+ }
+ }
+
// Limit publicly queried post_types to those that are publicly_queryable
if ( isset( $this->query_vars['post_type']) ) {
$queryable_post_types = get_post_types( array('publicly_queryable' => true) );
@@ -306,6 +343,9 @@
}
}
+ // Resolve conflicts between posts with numeric slugs and date archive queries.
+ $this->query_vars = wp_resolve_numeric_slug_conflicts( $this->query_vars );
+
foreach ( (array) $this->private_query_vars as $var) {
if ( isset($this->extra_query_vars[$var]) )
$this->query_vars[$var] = $this->extra_query_vars[$var];
@@ -315,7 +355,7 @@
$this->query_vars['error'] = $error;
/**
- * Filter the array of parsed query variables.
+ * Filters the array of parsed query variables.
*
* @since 2.1.0
*
@@ -328,21 +368,22 @@
*
* @since 2.1.0
*
- * @param WP &$this Current WordPress environment instance (passed by reference).
+ * @param WP $this Current WordPress environment instance (passed by reference).
*/
do_action_ref_array( 'parse_request', array( &$this ) );
}
/**
- * Send additional HTTP headers for caching, content type, etc.
+ * Sends additional HTTP headers for caching, content type, etc.
*
- * Sets the X-Pingback header, 404 status (if 404), Content-type. If showing
- * a feed, it will also send last-modified, etag, and 304 status if needed.
+ * Sets the Content-Type header. Sets the 'error' status (if passed) and optionally exits.
+ * If showing a feed, it will also send Last-Modified, ETag, and 304 status if needed.
*
* @since 2.0.0
+ * @since 4.4.0 `X-Pingback` header is added conditionally after posts have been queried in handle_404().
*/
public function send_headers() {
- $headers = array('X-Pingback' => get_bloginfo('pingback_url'));
+ $headers = array();
$status = null;
$exit_required = false;
@@ -360,22 +401,37 @@
} elseif ( empty( $this->query_vars['feed'] ) ) {
$headers['Content-Type'] = get_option('html_type') . '; charset=' . get_option('blog_charset');
} else {
- // We're showing a feed, so WP is indeed the only thing that last changed
- if ( !empty($this->query_vars['withcomments'])
- || false !== strpos( $this->query_vars['feed'], 'comments-' )
- || ( empty($this->query_vars['withoutcomments'])
- && ( !empty($this->query_vars['p'])
- || !empty($this->query_vars['name'])
- || !empty($this->query_vars['page_id'])
- || !empty($this->query_vars['pagename'])
- || !empty($this->query_vars['attachment'])
- || !empty($this->query_vars['attachment_id'])
- )
- )
- )
- $wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastcommentmodified('GMT'), 0).' GMT';
- else
- $wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0).' GMT';
+ // Set the correct content type for feeds
+ $type = $this->query_vars['feed'];
+ if ( 'feed' == $this->query_vars['feed'] ) {
+ $type = get_default_feed();
+ }
+ $headers['Content-Type'] = feed_content_type( $type ) . '; charset=' . get_option( 'blog_charset' );
+
+ // We're showing a feed, so WP is indeed the only thing that last changed.
+ if ( ! empty( $this->query_vars['withcomments'] )
+ || false !== strpos( $this->query_vars['feed'], 'comments-' )
+ || ( empty( $this->query_vars['withoutcomments'] )
+ && ( ! empty( $this->query_vars['p'] )
+ || ! empty( $this->query_vars['name'] )
+ || ! empty( $this->query_vars['page_id'] )
+ || ! empty( $this->query_vars['pagename'] )
+ || ! empty( $this->query_vars['attachment'] )
+ || ! empty( $this->query_vars['attachment_id'] )
+ )
+ )
+ ) {
+ $wp_last_modified = mysql2date( 'D, d M Y H:i:s', get_lastcommentmodified( 'GMT' ), false );
+ } else {
+ $wp_last_modified = mysql2date( 'D, d M Y H:i:s', get_lastpostmodified( 'GMT' ), false );
+ }
+
+ if ( ! $wp_last_modified ) {
+ $wp_last_modified = date( 'D, d M Y H:i:s' );
+ }
+
+ $wp_last_modified .= ' GMT';
+
$wp_etag = '"' . md5($wp_last_modified) . '"';
$headers['Last-Modified'] = $wp_last_modified;
$headers['ETag'] = $wp_etag;
@@ -401,7 +457,7 @@
}
/**
- * Filter the HTTP headers before they're sent to the browser.
+ * Filters the HTTP headers before they're sent to the browser.
*
* @since 2.8.0
*
@@ -432,7 +488,7 @@
}
}
- foreach( (array) $headers as $name => $field_value )
+ foreach ( (array) $headers as $name => $field_value )
@header("{$name}: {$field_value}");
if ( $exit_required )
@@ -443,7 +499,7 @@
*
* @since 2.1.0
*
- * @param WP &$this Current WordPress environment instance (passed by reference).
+ * @param WP $this Current WordPress environment instance (passed by reference).
*/
do_action_ref_array( 'send_headers', array( &$this ) );
}
@@ -451,8 +507,8 @@
/**
* Sets the query string property based off of the query variable property.
*
- * The 'query_string' filter is deprecated, but still works. Plugins should
- * use the 'request' filter instead.
+ * The {@see 'query_string'} filter is deprecated, but still works. Plugins should
+ * use the {@see 'request'} filter instead.
*
* @since 2.0.0
*/
@@ -469,7 +525,7 @@
if ( has_filter( 'query_string' ) ) { // Don't bother filtering and parsing if no plugins are hooked in.
/**
- * Filter the query string before parsing.
+ * Filters the query string before parsing.
*
* @since 1.5.0
* @deprecated 2.1.0 Use 'query_vars' or 'request' filters instead.
@@ -488,15 +544,16 @@
* be taken when naming global variables that might interfere with the
* WordPress environment.
*
- * @global string $query_string Query string for the loop.
- * @global array $posts The found posts.
+ * @since 2.0.0
+ *
+ * @global WP_Query $wp_query
+ * @global string $query_string Query string for the loop.
+ * @global array $posts The found posts.
* @global WP_Post|null $post The current post, if available.
- * @global string $request The SQL statement for the request.
- * @global int $more Only set, if single page or post.
- * @global int $single If single page or post. Only set, if single page or post.
- * @global WP_User $authordata Only set, if author archive.
- *
- * @since 2.0.0
+ * @global string $request The SQL statement for the request.
+ * @global int $more Only set, if single page or post.
+ * @global int $single If single page or post. Only set, if single page or post.
+ * @global WP_User $authordata Only set, if author archive.
*/
public function register_globals() {
global $wp_query;
@@ -533,6 +590,8 @@
* Set up the Loop based on the query variables.
*
* @since 2.0.0
+ *
+ * @global WP_Query $wp_the_query
*/
public function query_posts() {
global $wp_the_query;
@@ -549,19 +608,64 @@
*
* Otherwise, issue a 200.
*
+ * This sets headers after posts have been queried. handle_404() really means "handle status."
+ * By inspecting the result of querying posts, seemingly successful requests can be switched to
+ * a 404 so that canonical redirection logic can kick in.
+ *
* @since 2.0.0
+ *
+ * @global WP_Query $wp_query
*/
public function handle_404() {
global $wp_query;
+ /**
+ * Filters whether to short-circuit default header status handling.
+ *
+ * Returning a non-false value from the filter will short-circuit the handling
+ * and return early.
+ *
+ * @since 4.5.0
+ *
+ * @param bool $preempt Whether to short-circuit default header status handling. Default false.
+ * @param WP_Query $wp_query WordPress Query object.
+ */
+ if ( false !== apply_filters( 'pre_handle_404', false, $wp_query ) ) {
+ return;
+ }
+
// If we've already issued a 404, bail.
if ( is_404() )
return;
// Never 404 for the admin, robots, or if we found posts.
if ( is_admin() || is_robots() || $wp_query->posts ) {
- status_header( 200 );
- return;
+
+ $success = true;
+ if ( is_singular() ) {
+ $p = false;
+
+ if ( $wp_query->post instanceof WP_Post ) {
+ $p = clone $wp_query->post;
+ }
+
+ // Only set X-Pingback for single posts that allow pings.
+ if ( $p && pings_open( $p ) ) {
+ @header( 'X-Pingback: ' . get_bloginfo( 'pingback_url', 'display' ) );
+ }
+
+ // check for paged content that exceeds the max number of pages
+ $next = '<!--nextpage-->';
+ if ( $p && false !== strpos( $p->post_content, $next ) && ! empty( $this->query_vars['page'] ) ) {
+ $page = trim( $this->query_vars['page'], '/' );
+ $success = (int) $page <= ( substr_count( $p->post_content, $next ) + 1 );
+ }
+ }
+
+ if ( $success ) {
+ status_header( 200 );
+ return;
+ }
}
// We will 404 for paged queries, as no posts were found.
@@ -596,13 +700,13 @@
/**
* Sets up all of the variables required by the WordPress environment.
*
- * The action 'wp' has one parameter that references the WP object. It
+ * The action {@see 'wp'} has one parameter that references the WP object. It
* allows for accessing the properties and methods to further manipulate the
* object.
*
* @since 2.0.0
*
- * @param string|array $query_args Passed to {@link parse_request()}
+ * @param string|array $query_args Passed to parse_request().
*/
public function main($query_args = '') {
$this->init();
@@ -617,98 +721,8 @@
*
* @since 2.1.0
*
- * @param WP &$this Current WordPress environment instance (passed by reference).
+ * @param WP $this Current WordPress environment instance (passed by reference).
*/
do_action_ref_array( 'wp', array( &$this ) );
}
-
}
-
-/**
- * Helper class to remove the need to use eval to replace $matches[] in query strings.
- *
- * @since 2.9.0
- */
-class WP_MatchesMapRegex {
- /**
- * store for matches
- *
- * @access private
- * @var array
- */
- private $_matches;
-
- /**
- * store for mapping result
- *
- * @access public
- * @var string
- */
- public $output;
-
- /**
- * subject to perform mapping on (query string containing $matches[] references
- *
- * @access private
- * @var string
- */
- private $_subject;
-
- /**
- * regexp pattern to match $matches[] references
- *
- * @var string
- */
- public $_pattern = '(\$matches\[[1-9]+[0-9]*\])'; // magic number
-
- /**
- * constructor
- *
- * @param string $subject subject if regex
- * @param array $matches data to use in map
- */
- public function __construct($subject, $matches) {
- $this->_subject = $subject;
- $this->_matches = $matches;
- $this->output = $this->_map();
- }
-
- /**
- * Substitute substring matches in subject.
- *
- * static helper function to ease use
- *
- * @access public
- * @param string $subject subject
- * @param array $matches data used for substitution
- * @return string
- */
- public static function apply($subject, $matches) {
- $oSelf = new WP_MatchesMapRegex($subject, $matches);
- return $oSelf->output;
- }
-
- /**
- * do the actual mapping
- *
- * @access private
- * @return string
- */
- private function _map() {
- $callback = array($this, 'callback');
- return preg_replace_callback($this->_pattern, $callback, $this->_subject);
- }
-
- /**
- * preg_replace_callback hook
- *
- * @access public
- * @param array $matches preg_replace regexp matches
- * @return string
- */
- public function callback($matches) {
- $index = intval(substr($matches[0], 9, -1));
- return ( isset( $this->_matches[$index] ) ? urlencode($this->_matches[$index]) : '' );
- }
-
-}