diff -r 7b1b88e27a20 -r 48c4eec2b7e6 wp/wp-includes/load.php --- a/wp/wp-includes/load.php Thu Sep 29 08:06:27 2022 +0200 +++ b/wp/wp-includes/load.php Fri Sep 05 18:40:08 2025 +0200 @@ -6,7 +6,7 @@ */ /** - * Return the HTTP protocol sent by the server. + * Returns the HTTP protocol sent by the server. * * @since 4.4.0 * @@ -14,14 +14,16 @@ */ function wp_get_server_protocol() { $protocol = isset( $_SERVER['SERVER_PROTOCOL'] ) ? $_SERVER['SERVER_PROTOCOL'] : ''; + if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { $protocol = 'HTTP/1.0'; } + return $protocol; } /** - * Fix `$_SERVER` variables for various setups. + * Fixes `$_SERVER` variables for various setups. * * @since 3.0.0 * @access private @@ -40,7 +42,9 @@ $_SERVER = array_merge( $default_server_values, $_SERVER ); // Fix for IIS when running with PHP ISAPI. - if ( empty( $_SERVER['REQUEST_URI'] ) || ( 'cgi-fcgi' !== PHP_SAPI && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) { + if ( empty( $_SERVER['REQUEST_URI'] ) + || ( 'cgi-fcgi' !== PHP_SAPI && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) + ) { if ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) { // IIS Mod-Rewrite. @@ -56,7 +60,7 @@ // Some IIS + PHP configurations put the script-name in the path-info (no need to append it twice). if ( isset( $_SERVER['PATH_INFO'] ) ) { - if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] ) { + if ( $_SERVER['PATH_INFO'] === $_SERVER['SCRIPT_NAME'] ) { $_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO']; } else { $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO']; @@ -71,12 +75,12 @@ } // Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in php.cgi for all requests. - if ( isset( $_SERVER['SCRIPT_FILENAME'] ) && ( strpos( $_SERVER['SCRIPT_FILENAME'], 'php.cgi' ) == strlen( $_SERVER['SCRIPT_FILENAME'] ) - 7 ) ) { + if ( isset( $_SERVER['SCRIPT_FILENAME'] ) && str_ends_with( $_SERVER['SCRIPT_FILENAME'], 'php.cgi' ) ) { $_SERVER['SCRIPT_FILENAME'] = $_SERVER['PATH_TRANSLATED']; } // Fix for Dreamhost and other PHP as CGI hosts. - if ( isset( $_SERVER['SCRIPT_NAME'] ) && ( strpos( $_SERVER['SCRIPT_NAME'], 'php.cgi' ) !== false ) ) { + if ( isset( $_SERVER['SCRIPT_NAME'] ) && str_contains( $_SERVER['SCRIPT_NAME'], 'php.cgi' ) ) { unset( $_SERVER['PATH_INFO'] ); } @@ -122,7 +126,12 @@ $token = substr( $header, 6 ); $userpass = base64_decode( $token ); - list( $user, $pass ) = explode( ':', $userpass ); + // There must be at least one colon in the string. + if ( ! str_contains( $userpass, ':' ) ) { + return; + } + + list( $user, $pass ) = explode( ':', $userpass, 2 ); // Now shove them in the proper keys where we're expecting later on. $_SERVER['PHP_AUTH_USER'] = $user; @@ -130,7 +139,7 @@ } /** - * Check for the required PHP version, and the MySQL extension or + * Checks for the required PHP version, and the mysqli extension or * a database drop-in. * * Dies if requirements are not met. @@ -143,29 +152,51 @@ */ function wp_check_php_mysql_versions() { global $required_php_version, $wp_version; - $php_version = phpversion(); + + $php_version = PHP_VERSION; if ( version_compare( $required_php_version, $php_version, '>' ) ) { $protocol = wp_get_server_protocol(); header( sprintf( '%s 500 Internal Server Error', $protocol ), true, 500 ); header( 'Content-Type: text/html; charset=utf-8' ); - printf( 'Your server is running PHP version %1$s but WordPress %2$s requires at least %3$s.', $php_version, $wp_version, $required_php_version ); + printf( + 'Your server is running PHP version %1$s but WordPress %2$s requires at least %3$s.', + $php_version, + $wp_version, + $required_php_version + ); exit( 1 ); } - if ( ! extension_loaded( 'mysql' ) && ! extension_loaded( 'mysqli' ) && ! extension_loaded( 'mysqlnd' ) - // This runs before default constants are defined, so we can't assume WP_CONTENT_DIR is set yet. - && ( defined( 'WP_CONTENT_DIR' ) && ! file_exists( WP_CONTENT_DIR . '/db.php' ) - || ! file_exists( ABSPATH . 'wp-content/db.php' ) ) + // This runs before default constants are defined, so we can't assume WP_CONTENT_DIR is set yet. + $wp_content_dir = defined( 'WP_CONTENT_DIR' ) ? WP_CONTENT_DIR : ABSPATH . 'wp-content'; + + if ( ! function_exists( 'mysqli_connect' ) + && ! file_exists( $wp_content_dir . '/db.php' ) ) { require_once ABSPATH . WPINC . '/functions.php'; wp_load_translations_early(); + + $message = '

' . __( 'Your PHP installation appears to be missing the MySQL extension which is required by WordPress.' ) . "

\n"; + + $message .= '

' . sprintf( + /* translators: %s: mysqli. */ + __( 'Please check that the %s PHP extension is installed and enabled.' ), + 'mysqli' + ) . "

\n"; + + $message .= '

' . sprintf( + /* translators: %s: Support forums URL. */ + __( 'If you are unsure what these terms mean you should probably contact your host. If you still need help you can always visit the WordPress support forums.' ), + __( 'https://wordpress.org/support/forums/' ) + ) . "

\n"; + $args = array( 'exit' => false, 'code' => 'mysql_not_found', ); wp_die( - __( 'Your PHP installation appears to be missing the MySQL extension which is required by WordPress.' ), + $message, __( 'Requirements Not Met' ), $args ); @@ -227,7 +258,7 @@ } // Fetch the environment from a constant, this overrides the global system variable. - if ( defined( 'WP_ENVIRONMENT_TYPE' ) ) { + if ( defined( 'WP_ENVIRONMENT_TYPE' ) && WP_ENVIRONMENT_TYPE ) { $current_env = WP_ENVIRONMENT_TYPE; } @@ -240,7 +271,82 @@ } /** - * Don't load all of WordPress when handling a favicon.ico request. + * Retrieves the current development mode. + * + * The development mode affects how certain parts of the WordPress application behave, + * which is relevant when developing for WordPress. + * + * Development mode can be set via the `WP_DEVELOPMENT_MODE` constant in `wp-config.php`. + * Possible values are 'core', 'plugin', 'theme', 'all', or an empty string to disable + * development mode. 'all' is a special value to signify that all three development modes + * ('core', 'plugin', and 'theme') are enabled. + * + * Development mode is considered separately from `WP_DEBUG` and wp_get_environment_type(). + * It does not affect debugging output, but rather functional nuances in WordPress. + * + * This function retrieves the currently set development mode value. To check whether + * a specific development mode is enabled, use wp_is_development_mode(). + * + * @since 6.3.0 + * + * @return string The current development mode. + */ +function wp_get_development_mode() { + static $current_mode = null; + + if ( ! defined( 'WP_RUN_CORE_TESTS' ) && null !== $current_mode ) { + return $current_mode; + } + + $development_mode = WP_DEVELOPMENT_MODE; + + // Exclusively for core tests, rely on the `$_wp_tests_development_mode` global. + if ( defined( 'WP_RUN_CORE_TESTS' ) && isset( $GLOBALS['_wp_tests_development_mode'] ) ) { + $development_mode = $GLOBALS['_wp_tests_development_mode']; + } + + $valid_modes = array( + 'core', + 'plugin', + 'theme', + 'all', + '', + ); + + if ( ! in_array( $development_mode, $valid_modes, true ) ) { + $development_mode = ''; + } + + $current_mode = $development_mode; + + return $current_mode; +} + +/** + * Checks whether the site is in the given development mode. + * + * @since 6.3.0 + * + * @param string $mode Development mode to check for. Either 'core', 'plugin', 'theme', or 'all'. + * @return bool True if the given mode is covered by the current development mode, false otherwise. + */ +function wp_is_development_mode( $mode ) { + $current_mode = wp_get_development_mode(); + if ( empty( $current_mode ) ) { + return false; + } + + // Return true if the current mode encompasses all modes. + if ( 'all' === $current_mode ) { + return true; + } + + // Return true if the current mode is the given mode. + return $mode === $current_mode; +} + +/** + * Ensures all of WordPress is not loaded when handling a favicon.ico request. * * Instead, send the headers for a zero-length favicon and bail. * @@ -255,7 +361,7 @@ } /** - * Die with a maintenance message when conditions are met. + * Dies with a maintenance message when conditions are met. * * The default message can be replaced by using a drop-in (maintenance.php in * the wp-content directory). @@ -287,7 +393,7 @@ } /** - * Check if maintenance mode is enabled. + * Checks if maintenance mode is enabled. * * Checks for a file in the WordPress root directory named ".maintenance". * This file will contain the variable $upgrading, set to the time the file @@ -308,11 +414,22 @@ } require ABSPATH . '.maintenance'; + // If the $upgrading timestamp is older than 10 minutes, consider maintenance over. if ( ( time() - $upgrading ) >= 10 * MINUTE_IN_SECONDS ) { return false; } + // Don't enable maintenance mode while scraping for fatal errors. + if ( is_int( $upgrading ) && isset( $_REQUEST['wp_scrape_key'], $_REQUEST['wp_scrape_nonce'] ) ) { + $key = stripslashes( $_REQUEST['wp_scrape_key'] ); + $nonce = stripslashes( $_REQUEST['wp_scrape_nonce'] ); + + if ( md5( $upgrading ) === $key && (int) $nonce === $upgrading ) { + return false; + } + } + /** * Filters whether to enable maintenance mode. * @@ -334,7 +451,7 @@ } /** - * Get the time elapsed so far during this PHP script. + * Gets the time elapsed so far during this PHP script. * * Uses REQUEST_TIME_FLOAT that appeared in PHP 5.4.0. * @@ -347,7 +464,7 @@ } /** - * Start the WordPress micro-timer. + * Starts the WordPress micro-timer. * * @since 0.71 * @access private @@ -359,12 +476,14 @@ */ function timer_start() { global $timestart; + $timestart = microtime( true ); + return true; } /** - * Retrieve or display the time from the page start to when function is called. + * Retrieves or displays the time from the page start to when function is called. * * @since 0.71 * @@ -380,17 +499,25 @@ */ function timer_stop( $display = 0, $precision = 3 ) { global $timestart, $timeend; + $timeend = microtime( true ); $timetotal = $timeend - $timestart; - $r = ( function_exists( 'number_format_i18n' ) ) ? number_format_i18n( $timetotal, $precision ) : number_format( $timetotal, $precision ); + + if ( function_exists( 'number_format_i18n' ) ) { + $r = number_format_i18n( $timetotal, $precision ); + } else { + $r = number_format( $timetotal, $precision ); + } + if ( $display ) { echo $r; } + return $r; } /** - * Set PHP error reporting based on WordPress debug settings. + * Sets PHP error reporting based on WordPress debug settings. * * Uses three constants: `WP_DEBUG`, `WP_DEBUG_DISPLAY`, and `WP_DEBUG_LOG`. * All three can be defined in wp-config.php. By default, `WP_DEBUG` and @@ -481,16 +608,20 @@ error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR ); } - if ( - defined( 'XMLRPC_REQUEST' ) || defined( 'REST_REQUEST' ) || defined( 'MS_FILES_REQUEST' ) || - ( defined( 'WP_INSTALLING' ) && WP_INSTALLING ) || - wp_doing_ajax() || wp_is_json_request() ) { + /* + * The 'REST_REQUEST' check here is optimistic as the constant is most + * likely not set at this point even if it is in fact a REST request. + */ + if ( defined( 'XMLRPC_REQUEST' ) || defined( 'REST_REQUEST' ) || defined( 'MS_FILES_REQUEST' ) + || ( defined( 'WP_INSTALLING' ) && WP_INSTALLING ) + || wp_doing_ajax() || wp_is_json_request() + ) { ini_set( 'display_errors', 0 ); } } /** - * Set the location of the language directory. + * Sets the location of the language directory. * * To set directory manually, define the `WP_LANG_DIR` constant * in wp-config.php. @@ -504,7 +635,9 @@ */ function wp_set_lang_dir() { if ( ! defined( 'WP_LANG_DIR' ) ) { - if ( file_exists( WP_CONTENT_DIR . '/languages' ) && @is_dir( WP_CONTENT_DIR . '/languages' ) || ! @is_dir( ABSPATH . WPINC . '/languages' ) ) { + if ( file_exists( WP_CONTENT_DIR . '/languages' ) && @is_dir( WP_CONTENT_DIR . '/languages' ) + || ! @is_dir( ABSPATH . WPINC . '/languages' ) + ) { /** * Server path of the language directory. * @@ -513,6 +646,7 @@ * @since 2.1.0 */ define( 'WP_LANG_DIR', WP_CONTENT_DIR . '/languages' ); + if ( ! defined( 'LANGDIR' ) ) { // Old static relative path maintained for limited backward compatibility - won't work in some cases. define( 'LANGDIR', 'wp-content/languages' ); @@ -526,6 +660,7 @@ * @since 2.1.0 */ define( 'WP_LANG_DIR', ABSPATH . WPINC . '/languages' ); + if ( ! defined( 'LANGDIR' ) ) { // Old relative path maintained for backward compatibility. define( 'LANGDIR', WPINC . '/languages' ); @@ -535,7 +670,7 @@ } /** - * Load the database class file and instantiate the `$wpdb` global. + * Loads the database class file and instantiates the `$wpdb` global. * * @since 2.5.0 * @@ -544,7 +679,8 @@ function require_wp_db() { global $wpdb; - require_once ABSPATH . WPINC . '/wp-db.php'; + require_once ABSPATH . WPINC . '/class-wpdb.php'; + if ( file_exists( WP_CONTENT_DIR . '/db.php' ) ) { require_once WP_CONTENT_DIR . '/db.php'; } @@ -562,7 +698,7 @@ } /** - * Set the database table prefix and the format specifiers for database + * Sets the database table prefix and the format specifiers for database * table columns. * * Columns not listed here default to `%s`. @@ -575,6 +711,7 @@ */ function wp_set_wpdb_vars() { global $wpdb, $table_prefix; + if ( ! empty( $wpdb->error ) ) { dead_db(); } @@ -624,7 +761,7 @@ wp_die( sprintf( /* translators: 1: $table_prefix, 2: wp-config.php */ - __( 'Error: %1$s in %2$s can only contain numbers, letters, and underscores.' ), + __( 'Error: %1$s in %2$s can only contain numbers, letters, and underscores.' ), '$table_prefix', 'wp-config.php' ) @@ -633,7 +770,7 @@ } /** - * Toggle `$_wp_using_ext_object_cache` on and off without directly + * Toggles `$_wp_using_ext_object_cache` on and off without directly * touching global. * * @since 3.7.0 @@ -645,15 +782,18 @@ */ function wp_using_ext_object_cache( $using = null ) { global $_wp_using_ext_object_cache; + $current_using = $_wp_using_ext_object_cache; + if ( null !== $using ) { $_wp_using_ext_object_cache = $using; } + return $current_using; } /** - * Start the WordPress object cache. + * Starts the WordPress object cache. * * If an object-cache.php file exists in the wp-content directory, * it uses that drop-in as an external object cache. @@ -692,6 +832,7 @@ */ if ( file_exists( WP_CONTENT_DIR . '/object-cache.php' ) ) { require_once WP_CONTENT_DIR . '/object-cache.php'; + if ( function_exists( 'wp_cache_init' ) ) { wp_using_ext_object_cache( true ); } @@ -730,15 +871,40 @@ } if ( function_exists( 'wp_cache_add_global_groups' ) ) { - wp_cache_add_global_groups( array( 'users', 'userlogins', 'usermeta', 'user_meta', 'useremail', 'userslugs', 'site-transient', 'site-options', 'blog-lookup', 'blog-details', 'site-details', 'rss', 'global-posts', 'blog-id-cache', 'networks', 'sites', 'blog_meta' ) ); - wp_cache_add_non_persistent_groups( array( 'counts', 'plugins' ) ); + wp_cache_add_global_groups( + array( + 'blog-details', + 'blog-id-cache', + 'blog-lookup', + 'blog_meta', + 'global-posts', + 'networks', + 'network-queries', + 'sites', + 'site-details', + 'site-options', + 'site-queries', + 'site-transient', + 'theme_files', + 'translation_files', + 'rss', + 'users', + 'user-queries', + 'user_meta', + 'useremail', + 'userlogins', + 'userslugs', + ) + ); + + wp_cache_add_non_persistent_groups( array( 'counts', 'plugins', 'theme_json' ) ); } $first_init = false; } /** - * Redirect to the installer if WordPress is not installed. + * Redirects to the installer if WordPress is not installed. * * Dies with an error message when Multisite is enabled. * @@ -746,27 +912,27 @@ * @access private */ function wp_not_installed() { - if ( is_multisite() ) { - if ( ! is_blog_installed() && ! wp_installing() ) { - nocache_headers(); + if ( is_blog_installed() || wp_installing() ) { + return; + } - wp_die( __( 'The site you have requested is not installed properly. Please contact the system administrator.' ) ); - } - } elseif ( ! is_blog_installed() && ! wp_installing() ) { - nocache_headers(); + nocache_headers(); - require ABSPATH . WPINC . '/kses.php'; - require ABSPATH . WPINC . '/pluggable.php'; + if ( is_multisite() ) { + wp_die( __( 'The site you have requested is not installed properly. Please contact the system administrator.' ) ); + } - $link = wp_guess_url() . '/wp-admin/install.php'; + require ABSPATH . WPINC . '/kses.php'; + require ABSPATH . WPINC . '/pluggable.php'; - wp_redirect( $link ); - die(); - } + $link = wp_guess_url() . '/wp-admin/install.php'; + + wp_redirect( $link ); + die(); } /** - * Retrieve an array of must-use plugin files. + * Retrieves an array of must-use plugin files. * * The default directory is wp-content/mu-plugins. To change the default * directory manually, define `WPMU_PLUGIN_DIR` and `WPMU_PLUGIN_URL` @@ -779,26 +945,31 @@ */ function wp_get_mu_plugins() { $mu_plugins = array(); + if ( ! is_dir( WPMU_PLUGIN_DIR ) ) { return $mu_plugins; } + $dh = opendir( WPMU_PLUGIN_DIR ); if ( ! $dh ) { return $mu_plugins; } + while ( ( $plugin = readdir( $dh ) ) !== false ) { - if ( '.php' === substr( $plugin, -4 ) ) { + if ( str_ends_with( $plugin, '.php' ) ) { $mu_plugins[] = WPMU_PLUGIN_DIR . '/' . $plugin; } } + closedir( $dh ); + sort( $mu_plugins ); return $mu_plugins; } /** - * Retrieve an array of active and valid plugin files. + * Retrieves an array of active and valid plugin files. * * While upgrading or installing WordPress, no plugins are returned. * @@ -829,11 +1000,11 @@ foreach ( $active_plugins as $plugin ) { if ( ! validate_file( $plugin ) // $plugin must validate as file. - && '.php' === substr( $plugin, -4 ) // $plugin must end with '.php'. + && str_ends_with( $plugin, '.php' ) // $plugin must end with '.php'. && file_exists( WP_PLUGIN_DIR . '/' . $plugin ) // $plugin must exist. // Not already included as a network plugin. && ( ! $network_plugins || ! in_array( WP_PLUGIN_DIR . '/' . $plugin, $network_plugins, true ) ) - ) { + ) { $plugins[] = WP_PLUGIN_DIR . '/' . $plugin; } } @@ -854,6 +1025,8 @@ * * @since 5.2.0 * + * @global WP_Paused_Extensions_Storage $_paused_plugins + * * @param string[] $plugins Array of absolute plugin main file paths. * @return string[] Filtered array of plugins, without any paused plugins. */ @@ -886,12 +1059,14 @@ * @since 5.1.0 * @access private * - * @global string $pagenow The filename of the current screen. + * @global string $pagenow The filename of the current screen. + * @global string $wp_stylesheet_path Path to current theme's stylesheet directory. + * @global string $wp_template_path Path to current theme's template directory. * * @return string[] Array of absolute paths to theme directories. */ function wp_get_active_and_valid_themes() { - global $pagenow; + global $pagenow, $wp_stylesheet_path, $wp_template_path; $themes = array(); @@ -899,11 +1074,11 @@ return $themes; } - if ( TEMPLATEPATH !== STYLESHEETPATH ) { - $themes[] = STYLESHEETPATH; + if ( is_child_theme() ) { + $themes[] = $wp_stylesheet_path; } - $themes[] = TEMPLATEPATH; + $themes[] = $wp_template_path; /* * Remove themes from the list of active themes when we're on an endpoint @@ -926,6 +1101,8 @@ * * @since 5.2.0 * + * @global WP_Paused_Extensions_Storage $_paused_themes + * * @param string[] $themes Array of absolute theme directory paths. * @return string[] Filtered array of absolute paths to themes, without any paused themes. */ @@ -951,7 +1128,7 @@ } /** - * Is WordPress in Recovery Mode. + * Determines whether WordPress is in Recovery Mode. * * In this mode, plugins or themes that cause WSODs will be paused. * @@ -1028,6 +1205,7 @@ 'search-install-plugins', // Searching for a plugin in the plugin install screen. 'update-plugin', // Update an existing plugin. 'update-theme', // Update an existing theme. + 'activate-plugin', // Activating an existing plugin. ); /** @@ -1049,7 +1227,7 @@ } /** - * Set internal encoding. + * Sets internal encoding. * * In most cases the default internal encoding is latin1, which is * of no use, since we want to use the `mb_` functions for `utf-8` strings. @@ -1068,7 +1246,7 @@ } /** - * Add magic quotes to `$_GET`, `$_POST`, `$_COOKIE`, and `$_SERVER`. + * Adds magic quotes to `$_GET`, `$_POST`, `$_COOKIE`, and `$_SERVER`. * * Also forces `$_REQUEST` to be `$_GET + $_POST`. If `$_SERVER`, * `$_COOKIE`, or `$_ENV` are needed, use those superglobals directly. @@ -1105,17 +1283,30 @@ } /** - * Copy an object. + * Clones an object. * * @since 2.7.0 * @deprecated 3.2.0 * - * @param object $object The object to clone. + * @param object $input_object The object to clone. * @return object The cloned object. */ -function wp_clone( $object ) { +function wp_clone( $input_object ) { // Use parens for clone to accommodate PHP 4. See #17880. - return clone( $object ); + return clone( $input_object ); +} + +/** + * Determines whether the current request is for the login screen. + * + * @since 6.1.0 + * + * @see wp_login_url() + * + * @return bool True if inside WordPress login screen, false otherwise. + */ +function is_login() { + return false !== stripos( wp_login_url(), $_SERVER['SCRIPT_NAME'] ); } /** @@ -1145,7 +1336,7 @@ } /** - * Whether the current request is for a site's administrative interface. + * Determines whether the current request is for a site's administrative interface. * * e.g. `/wp-admin/` * @@ -1156,7 +1347,7 @@ * * @global WP_Screen $current_screen WordPress current screen object. * - * @return bool True if inside WordPress blog administration pages. + * @return bool True if inside WordPress site administration pages. */ function is_blog_admin() { if ( isset( $GLOBALS['current_screen'] ) ) { @@ -1169,7 +1360,7 @@ } /** - * Whether the current request is for the network administrative interface. + * Determines whether the current request is for the network administrative interface. * * e.g. `/wp-admin/network/` * @@ -1196,7 +1387,7 @@ } /** - * Whether the current request is for a user admin screen. + * Determines whether the current request is for a user admin screen. * * e.g. `/wp-admin/user/` * @@ -1220,7 +1411,7 @@ } /** - * If Multisite is enabled. + * Determines whether Multisite is enabled. * * @since 3.0.0 * @@ -1239,7 +1430,7 @@ } /** - * Retrieve the current site ID. + * Retrieves the current site ID. * * @since 3.1.0 * @@ -1249,6 +1440,7 @@ */ function get_current_blog_id() { global $blog_id; + return absint( $blog_id ); } @@ -1274,7 +1466,7 @@ } /** - * Attempt an early load of translations. + * Attempts an early load of translations. * * Used for errors encountered during the initial loading process, before * the locale has been properly detected and loaded. @@ -1286,15 +1478,17 @@ * @since 3.4.0 * @access private * - * @global WP_Locale $wp_locale WordPress date and time locale object. + * @global WP_Textdomain_Registry $wp_textdomain_registry WordPress Textdomain Registry. + * @global WP_Locale $wp_locale WordPress date and time locale object. */ function wp_load_translations_early() { - global $wp_locale; + global $wp_textdomain_registry, $wp_locale; + static $loaded = false; - static $loaded = false; if ( $loaded ) { return; } + $loaded = true; if ( function_exists( 'did_action' ) && did_action( 'init' ) ) { @@ -1306,7 +1500,13 @@ // Translation and localization. require_once ABSPATH . WPINC . '/pomo/mo.php'; + require_once ABSPATH . WPINC . '/l10n/class-wp-translation-controller.php'; + require_once ABSPATH . WPINC . '/l10n/class-wp-translations.php'; + require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file.php'; + require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file-mo.php'; + require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file-php.php'; require_once ABSPATH . WPINC . '/l10n.php'; + require_once ABSPATH . WPINC . '/class-wp-textdomain-registry.php'; require_once ABSPATH . WPINC . '/class-wp-locale.php'; require_once ABSPATH . WPINC . '/class-wp-locale-switcher.php'; @@ -1316,6 +1516,10 @@ $locales = array(); $locations = array(); + if ( ! $wp_textdomain_registry instanceof WP_Textdomain_Registry ) { + $wp_textdomain_registry = new WP_Textdomain_Registry(); + } + while ( true ) { if ( defined( 'WPLANG' ) ) { if ( '' === WPLANG ) { @@ -1357,10 +1561,12 @@ foreach ( $locales as $locale ) { foreach ( $locations as $location ) { if ( file_exists( $location . '/' . $locale . '.mo' ) ) { - load_textdomain( 'default', $location . '/' . $locale . '.mo' ); + load_textdomain( 'default', $location . '/' . $locale . '.mo', $locale ); + if ( defined( 'WP_SETUP_CONFIG' ) && file_exists( $location . '/admin-' . $locale . '.mo' ) ) { - load_textdomain( 'default', $location . '/admin-' . $locale . '.mo' ); + load_textdomain( 'default', $location . '/admin-' . $locale . '.mo', $locale ); } + break 2; } } @@ -1373,7 +1579,7 @@ } /** - * Check or set whether WordPress is in "installation" mode. + * Checks or sets whether WordPress is in "installation" mode. * * If the `WP_INSTALLING` constant is defined during the bootstrap, `wp_installing()` will default to `true`. * @@ -1395,6 +1601,7 @@ if ( ! is_null( $is_installing ) ) { $old_installing = $installing; $installing = $is_installing; + return (bool) $old_installing; } @@ -1415,12 +1622,13 @@ return true; } - if ( '1' == $_SERVER['HTTPS'] ) { + if ( '1' === (string) $_SERVER['HTTPS'] ) { return true; } - } elseif ( isset( $_SERVER['SERVER_PORT'] ) && ( '443' == $_SERVER['SERVER_PORT'] ) ) { + } elseif ( isset( $_SERVER['SERVER_PORT'] ) && ( '443' === (string) $_SERVER['SERVER_PORT'] ) ) { return true; } + return false; } @@ -1440,11 +1648,11 @@ $value = strtolower( trim( $value ) ); $bytes = (int) $value; - if ( false !== strpos( $value, 'g' ) ) { + if ( str_contains( $value, 'g' ) ) { $bytes *= GB_IN_BYTES; - } elseif ( false !== strpos( $value, 'm' ) ) { + } elseif ( str_contains( $value, 'm' ) ) { $bytes *= MB_IN_BYTES; - } elseif ( false !== strpos( $value, 'k' ) ) { + } elseif ( str_contains( $value, 'k' ) ) { $bytes *= KB_IN_BYTES; } @@ -1474,7 +1682,9 @@ } // Bit operator to workaround https://bugs.php.net/bug.php?id=44936 which changes access level to 63 in PHP 5.2.6 - 5.2.17. - if ( isset( $ini_all[ $setting ]['access'] ) && ( INI_ALL === ( $ini_all[ $setting ]['access'] & 7 ) || INI_USER === ( $ini_all[ $setting ]['access'] & 7 ) ) ) { + if ( isset( $ini_all[ $setting ]['access'] ) + && ( INI_ALL === ( $ini_all[ $setting ]['access'] & 7 ) || INI_USER === ( $ini_all[ $setting ]['access'] & 7 ) ) + ) { return true; } @@ -1588,7 +1798,7 @@ } /** - * Start scraping edited file errors. + * Starts scraping edited file errors. * * @since 4.9.0 */ @@ -1596,6 +1806,7 @@ if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) { return; } + $key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 ); $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] ); @@ -1610,14 +1821,16 @@ echo "###### wp_scraping_result_end:$key ######"; die(); } + if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) { define( 'WP_SANDBOX_SCRAPING', true ); } + register_shutdown_function( 'wp_finalize_scraping_edited_file_errors', $key ); } /** - * Finalize scraping for edited file errors. + * Finalizes scraping for edited file errors. * * @since 4.9.0 * @@ -1625,13 +1838,18 @@ */ function wp_finalize_scraping_edited_file_errors( $scrape_key ) { $error = error_get_last(); + echo "\n###### wp_scraping_result_start:$scrape_key ######\n"; - if ( ! empty( $error ) && in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) ) { + + if ( ! empty( $error ) + && in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) + ) { $error = str_replace( ABSPATH, '', $error ); echo wp_json_encode( $error ); } else { echo wp_json_encode( true ); } + echo "\n###### wp_scraping_result_end:$scrape_key ######\n"; } @@ -1644,7 +1862,6 @@ * False otherwise. */ function wp_is_json_request() { - if ( isset( $_SERVER['HTTP_ACCEPT'] ) && wp_is_json_media_type( $_SERVER['HTTP_ACCEPT'] ) ) { return true; } @@ -1654,7 +1871,6 @@ } return false; - } /** @@ -1682,7 +1898,6 @@ $jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true ); return $jsonp_enabled; - } /** @@ -1723,7 +1938,7 @@ if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) { foreach ( $accepted as $type ) { - if ( false !== strpos( $_SERVER['HTTP_ACCEPT'], $type ) ) { + if ( str_contains( $_SERVER['HTTP_ACCEPT'], $type ) ) { return true; } }