diff -r 3d4e9c994f10 -r a86126ab1dd4 wp/wp-includes/canonical.php --- a/wp/wp-includes/canonical.php Tue Oct 22 16:11:46 2019 +0200 +++ b/wp/wp-includes/canonical.php Tue Dec 15 13:49:49 2020 +0100 @@ -19,8 +19,8 @@ * * Prevents redirection for feeds, trackbacks, searches, and * admin URLs. Does not redirect on non-pretty-permalink-supporting IIS 7+, - * page/post previews, WP admin, Trackbacks, robots.txt, searches, or on POST - * requests. + * page/post previews, WP admin, Trackbacks, robots.txt, favicon.ico, searches, + * or on POST requests. * * Will also attempt to find the correct link when a user enters a URL that does * not exist based on exact WordPress query. Will instead try to parse the URL @@ -28,46 +28,49 @@ * * @since 2.3.0 * - * @global WP_Rewrite $wp_rewrite - * @global bool $is_IIS - * @global WP_Query $wp_query - * @global wpdb $wpdb WordPress database abstraction object. - * @global WP $wp Current WordPress environment instance. + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. + * @global bool $is_IIS + * @global WP_Query $wp_query WordPress Query object. + * @global wpdb $wpdb WordPress database abstraction object. + * @global WP $wp Current WordPress environment instance. * * @param string $requested_url Optional. The URL that was requested, used to - * figure if redirect is needed. - * @param bool $do_redirect Optional. Redirect to the new URL. + * figure if redirect is needed. + * @param bool $do_redirect Optional. Redirect to the new URL. * @return string|void The string of the URL, if redirect needed. */ function redirect_canonical( $requested_url = null, $do_redirect = true ) { global $wp_rewrite, $is_IIS, $wp_query, $wpdb, $wp; - if ( isset( $_SERVER['REQUEST_METHOD'] ) && ! in_array( strtoupper( $_SERVER['REQUEST_METHOD'] ), array( 'GET', 'HEAD' ) ) ) { + if ( isset( $_SERVER['REQUEST_METHOD'] ) && ! in_array( strtoupper( $_SERVER['REQUEST_METHOD'] ), array( 'GET', 'HEAD' ), true ) ) { return; } // If we're not in wp-admin and the post has been published and preview nonce - // is non-existent or invalid then no need for preview in query - if ( is_preview() && get_query_var( 'p' ) && 'publish' == get_post_status( get_query_var( 'p' ) ) ) { + // is non-existent or invalid then no need for preview in query. + if ( is_preview() && get_query_var( 'p' ) && 'publish' === get_post_status( get_query_var( 'p' ) ) ) { if ( ! isset( $_GET['preview_id'] ) || ! isset( $_GET['preview_nonce'] ) - || ! wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . (int) $_GET['preview_id'] ) ) { + || ! wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . (int) $_GET['preview_id'] ) + ) { $wp_query->is_preview = false; } } - if ( is_trackback() || is_search() || is_admin() || is_preview() || is_robots() || ( $is_IIS && ! iis7_supports_permalinks() ) ) { + if ( is_admin() || is_search() || is_preview() || is_trackback() || is_favicon() + || ( $is_IIS && ! iis7_supports_permalinks() ) + ) { return; } if ( ! $requested_url && isset( $_SERVER['HTTP_HOST'] ) ) { - // build the URL in the address bar + // Build the URL in the address bar. $requested_url = is_ssl() ? 'https://' : 'http://'; $requested_url .= $_SERVER['HTTP_HOST']; $requested_url .= $_SERVER['REQUEST_URI']; } - $original = @parse_url( $requested_url ); + $original = parse_url( $requested_url ); if ( false === $original ) { return; } @@ -75,7 +78,7 @@ $redirect = $original; $redirect_url = false; - // Notice fixing + // Notice fixing. if ( ! isset( $redirect['path'] ) ) { $redirect['path'] = ''; } @@ -83,84 +86,144 @@ $redirect['query'] = ''; } - // If the original URL ended with non-breaking spaces, they were almost - // certainly inserted by accident. Let's remove them, so the reader doesn't - // see a 404 error with no obvious cause. + /* + * If the original URL ended with non-breaking spaces, they were almost + * certainly inserted by accident. Let's remove them, so the reader doesn't + * see a 404 error with no obvious cause. + */ $redirect['path'] = preg_replace( '|(%C2%A0)+$|i', '', $redirect['path'] ); - // It's not a preview, so remove it from URL + // It's not a preview, so remove it from URL. if ( get_query_var( 'preview' ) ) { $redirect['query'] = remove_query_arg( 'preview', $redirect['query'] ); } - if ( is_feed() && ( $id = get_query_var( 'p' ) ) ) { - if ( $redirect_url = get_post_comments_feed_link( $id, get_query_var( 'feed' ) ) ) { - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type', 'feed' ), $redirect_url ); - $redirect['path'] = parse_url( $redirect_url, PHP_URL_PATH ); + $post_id = get_query_var( 'p' ); + + if ( is_feed() && $post_id ) { + $redirect_url = get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) ); + + if ( $redirect_url ) { + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type', 'feed' ), + $redirect_url + ); + + $redirect['path'] = parse_url( $redirect_url, PHP_URL_PATH ); } } - if ( is_singular() && 1 > $wp_query->post_count && ( $id = get_query_var( 'p' ) ) ) { + if ( is_singular() && $wp_query->post_count < 1 && $post_id ) { - $vars = $wpdb->get_results( $wpdb->prepare( "SELECT post_type, post_parent FROM $wpdb->posts WHERE ID = %d", $id ) ); + $vars = $wpdb->get_results( $wpdb->prepare( "SELECT post_type, post_parent FROM $wpdb->posts WHERE ID = %d", $post_id ) ); - if ( isset( $vars[0] ) && $vars = $vars[0] ) { - if ( 'revision' == $vars->post_type && $vars->post_parent > 0 ) { - $id = $vars->post_parent; + if ( ! empty( $vars[0] ) ) { + $vars = $vars[0]; + + if ( 'revision' === $vars->post_type && $vars->post_parent > 0 ) { + $post_id = $vars->post_parent; } - if ( $redirect_url = get_permalink( $id ) ) { - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), $redirect_url ); + $redirect_url = get_permalink( $post_id ); + + if ( $redirect_url ) { + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), + $redirect_url + ); } } } - // These tests give us a WP-generated permalink + // These tests give us a WP-generated permalink. if ( is_404() ) { - // Redirect ?page_id, ?p=, ?attachment_id= to their respective url's - $id = max( get_query_var( 'p' ), get_query_var( 'page_id' ), get_query_var( 'attachment_id' ) ); - if ( $id && $redirect_post = get_post( $id ) ) { + // Redirect ?page_id, ?p=, ?attachment_id= to their respective URLs. + $post_id = max( get_query_var( 'p' ), get_query_var( 'page_id' ), get_query_var( 'attachment_id' ) ); + + $redirect_post = $post_id ? get_post( $post_id ) : false; + + if ( $redirect_post ) { $post_type_obj = get_post_type_object( $redirect_post->post_type ); - if ( $post_type_obj->public && 'auto-draft' != $redirect_post->post_status ) { - $redirect_url = get_permalink( $redirect_post ); - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), $redirect_url ); + + if ( $post_type_obj->public && 'auto-draft' !== $redirect_post->post_status ) { + $redirect_url = get_permalink( $redirect_post ); + + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), + $redirect_url + ); } } - if ( get_query_var( 'day' ) && get_query_var( 'monthnum' ) && get_query_var( 'year' ) ) { - $year = get_query_var( 'year' ); - $month = get_query_var( 'monthnum' ); - $day = get_query_var( 'day' ); - $date = sprintf( '%04d-%02d-%02d', $year, $month, $day ); + $year = get_query_var( 'year' ); + $month = get_query_var( 'monthnum' ); + $day = get_query_var( 'day' ); + + if ( $year && $month && $day ) { + $date = sprintf( '%04d-%02d-%02d', $year, $month, $day ); + if ( ! wp_checkdate( $month, $day, $year, $date ) ) { - $redirect_url = get_month_link( $year, $month ); - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'year', 'monthnum', 'day' ), $redirect_url ); + $redirect_url = get_month_link( $year, $month ); + + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'year', 'monthnum', 'day' ), + $redirect_url + ); } - } elseif ( get_query_var( 'monthnum' ) && get_query_var( 'year' ) && 12 < get_query_var( 'monthnum' ) ) { - $redirect_url = get_year_link( get_query_var( 'year' ) ); - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'year', 'monthnum' ), $redirect_url ); + } elseif ( $year && $month && $month > 12 ) { + $redirect_url = get_year_link( $year ); + + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'year', 'monthnum' ), + $redirect_url + ); + } + + // Strip off non-existing links from single posts or pages. + if ( get_query_var( 'page' ) ) { + $post_id = 0; + + if ( $wp_query->queried_object instanceof WP_Post ) { + $post_id = $wp_query->queried_object->ID; + } elseif ( $wp_query->post ) { + $post_id = $wp_query->post->ID; + } + + if ( $post_id ) { + $redirect_url = get_permalink( $post_id ); + + $redirect['path'] = rtrim( $redirect['path'], (int) get_query_var( 'page' ) . '/' ); + $redirect['query'] = remove_query_arg( 'page', $redirect['query'] ); + } } if ( ! $redirect_url ) { - if ( $redirect_url = redirect_guess_404_permalink() ) { - $redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'page', 'feed', 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), $redirect_url ); + $redirect_url = redirect_guess_404_permalink(); + + if ( $redirect_url ) { + $redirect['query'] = _remove_qs_args_if_not_in_url( + $redirect['query'], + array( 'page', 'feed', 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type' ), + $redirect_url + ); } } + } elseif ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() ) { - if ( get_query_var( 'page' ) && $wp_query->post && - false !== strpos( $wp_query->post->post_content, '' ) ) { - $redirect['path'] = rtrim( $redirect['path'], (int) get_query_var( 'page' ) . '/' ); - $redirect['query'] = remove_query_arg( 'page', $redirect['query'] ); - $redirect_url = get_permalink( $wp_query->post->ID ); - } - } elseif ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() ) { - // rewriting of old ?p=X, ?m=2004, ?m=200401, ?m=20040101 - if ( is_attachment() && - ! array_diff( array_keys( $wp->query_vars ), array( 'attachment', 'attachment_id' ) ) && - ! $redirect_url ) { + // Rewriting of old ?p=X, ?m=2004, ?m=200401, ?m=20040101. + if ( is_attachment() + && ! array_diff( array_keys( $wp->query_vars ), array( 'attachment', 'attachment_id' ) ) + && ! $redirect_url + ) { if ( ! empty( $_GET['attachment_id'] ) ) { $redirect_url = get_attachment_link( get_query_var( 'attachment_id' ) ); + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'attachment_id', $redirect['query'] ); } @@ -168,200 +231,290 @@ $redirect_url = get_attachment_link(); } } elseif ( is_single() && ! empty( $_GET['p'] ) && ! $redirect_url ) { - if ( $redirect_url = get_permalink( get_query_var( 'p' ) ) ) { + $redirect_url = get_permalink( get_query_var( 'p' ) ); + + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( array( 'p', 'post_type' ), $redirect['query'] ); } } elseif ( is_single() && ! empty( $_GET['name'] ) && ! $redirect_url ) { - if ( $redirect_url = get_permalink( $wp_query->get_queried_object_id() ) ) { + $redirect_url = get_permalink( $wp_query->get_queried_object_id() ); + + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'name', $redirect['query'] ); } } elseif ( is_page() && ! empty( $_GET['page_id'] ) && ! $redirect_url ) { - if ( $redirect_url = get_permalink( get_query_var( 'page_id' ) ) ) { + $redirect_url = get_permalink( get_query_var( 'page_id' ) ); + + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'page_id', $redirect['query'] ); } - } elseif ( is_page() && ! is_feed() && 'page' == get_option( 'show_on_front' ) && get_queried_object_id() == get_option( 'page_on_front' ) && ! $redirect_url ) { + } elseif ( is_page() && ! is_feed() && ! $redirect_url + && 'page' === get_option( 'show_on_front' ) && get_queried_object_id() === (int) get_option( 'page_on_front' ) + ) { $redirect_url = home_url( '/' ); - } elseif ( is_home() && ! empty( $_GET['page_id'] ) && 'page' == get_option( 'show_on_front' ) && get_query_var( 'page_id' ) == get_option( 'page_for_posts' ) && ! $redirect_url ) { - if ( $redirect_url = get_permalink( get_option( 'page_for_posts' ) ) ) { + } elseif ( is_home() && ! empty( $_GET['page_id'] ) && ! $redirect_url + && 'page' === get_option( 'show_on_front' ) && get_query_var( 'page_id' ) === (int) get_option( 'page_for_posts' ) + ) { + $redirect_url = get_permalink( get_option( 'page_for_posts' ) ); + + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'page_id', $redirect['query'] ); } } elseif ( ! empty( $_GET['m'] ) && ( is_year() || is_month() || is_day() ) ) { $m = get_query_var( 'm' ); + switch ( strlen( $m ) ) { - case 4: // Yearly + case 4: // Yearly. $redirect_url = get_year_link( $m ); break; - case 6: // Monthly + case 6: // Monthly. $redirect_url = get_month_link( substr( $m, 0, 4 ), substr( $m, 4, 2 ) ); break; - case 8: // Daily + case 8: // Daily. $redirect_url = get_day_link( substr( $m, 0, 4 ), substr( $m, 4, 2 ), substr( $m, 6, 2 ) ); break; } + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'm', $redirect['query'] ); } - // now moving on to non ?m=X year/month/day links - } elseif ( is_day() && get_query_var( 'year' ) && get_query_var( 'monthnum' ) && ! empty( $_GET['day'] ) ) { - if ( $redirect_url = get_day_link( get_query_var( 'year' ), get_query_var( 'monthnum' ), get_query_var( 'day' ) ) ) { - $redirect['query'] = remove_query_arg( array( 'year', 'monthnum', 'day' ), $redirect['query'] ); - } - } elseif ( is_month() && get_query_var( 'year' ) && ! empty( $_GET['monthnum'] ) ) { - if ( $redirect_url = get_month_link( get_query_var( 'year' ), get_query_var( 'monthnum' ) ) ) { - $redirect['query'] = remove_query_arg( array( 'year', 'monthnum' ), $redirect['query'] ); - } - } elseif ( is_year() && ! empty( $_GET['year'] ) ) { - if ( $redirect_url = get_year_link( get_query_var( 'year' ) ) ) { - $redirect['query'] = remove_query_arg( 'year', $redirect['query'] ); + // Now moving on to non ?m=X year/month/day links. + } elseif ( is_date() ) { + $year = get_query_var( 'year' ); + $month = get_query_var( 'monthnum' ); + $day = get_query_var( 'day' ); + + if ( is_day() && $year && $month && ! empty( $_GET['day'] ) ) { + $redirect_url = get_day_link( $year, $month, $day ); + + if ( $redirect_url ) { + $redirect['query'] = remove_query_arg( array( 'year', 'monthnum', 'day' ), $redirect['query'] ); + } + } elseif ( is_month() && $year && ! empty( $_GET['monthnum'] ) ) { + $redirect_url = get_month_link( $year, $month ); + + if ( $redirect_url ) { + $redirect['query'] = remove_query_arg( array( 'year', 'monthnum' ), $redirect['query'] ); + } + } elseif ( is_year() && ! empty( $_GET['year'] ) ) { + $redirect_url = get_year_link( $year ); + + if ( $redirect_url ) { + $redirect['query'] = remove_query_arg( 'year', $redirect['query'] ); + } } } elseif ( is_author() && ! empty( $_GET['author'] ) && preg_match( '|^[0-9]+$|', $_GET['author'] ) ) { $author = get_userdata( get_query_var( 'author' ) ); - if ( ( false !== $author ) && $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE $wpdb->posts.post_author = %d AND $wpdb->posts.post_status = 'publish' LIMIT 1", $author->ID ) ) ) { - if ( $redirect_url = get_author_posts_url( $author->ID, $author->user_nicename ) ) { + + if ( false !== $author + && $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE $wpdb->posts.post_author = %d AND $wpdb->posts.post_status = 'publish' LIMIT 1", $author->ID ) ) + ) { + $redirect_url = get_author_posts_url( $author->ID, $author->user_nicename ); + + if ( $redirect_url ) { $redirect['query'] = remove_query_arg( 'author', $redirect['query'] ); } } - } elseif ( is_category() || is_tag() || is_tax() ) { // Terms (Tags/categories) + } elseif ( is_category() || is_tag() || is_tax() ) { // Terms (tags/categories). + $term_count = 0; - $term_count = 0; foreach ( $wp_query->tax_query->queried_terms as $tax_query ) { $term_count += count( $tax_query['terms'] ); } $obj = $wp_query->get_queried_object(); - if ( $term_count <= 1 && ! empty( $obj->term_id ) && ( $tax_url = get_term_link( (int) $obj->term_id, $obj->taxonomy ) ) && ! is_wp_error( $tax_url ) ) { - if ( ! empty( $redirect['query'] ) ) { - // Strip taxonomy query vars off the url. - $qv_remove = array( 'term', 'taxonomy' ); - if ( is_category() ) { - $qv_remove[] = 'category_name'; - $qv_remove[] = 'cat'; - } elseif ( is_tag() ) { - $qv_remove[] = 'tag'; - $qv_remove[] = 'tag_id'; - } else { // Custom taxonomies will have a custom query var, remove those too: - $tax_obj = get_taxonomy( $obj->taxonomy ); - if ( false !== $tax_obj->query_var ) { - $qv_remove[] = $tax_obj->query_var; + + if ( $term_count <= 1 && ! empty( $obj->term_id ) ) { + $tax_url = get_term_link( (int) $obj->term_id, $obj->taxonomy ); + + if ( $tax_url && ! is_wp_error( $tax_url ) ) { + if ( ! empty( $redirect['query'] ) ) { + // Strip taxonomy query vars off the URL. + $qv_remove = array( 'term', 'taxonomy' ); + + if ( is_category() ) { + $qv_remove[] = 'category_name'; + $qv_remove[] = 'cat'; + } elseif ( is_tag() ) { + $qv_remove[] = 'tag'; + $qv_remove[] = 'tag_id'; + } else { + // Custom taxonomies will have a custom query var, remove those too. + $tax_obj = get_taxonomy( $obj->taxonomy ); + if ( false !== $tax_obj->query_var ) { + $qv_remove[] = $tax_obj->query_var; + } } - } - $rewrite_vars = array_diff( array_keys( $wp_query->query ), array_keys( $_GET ) ); + $rewrite_vars = array_diff( array_keys( $wp_query->query ), array_keys( $_GET ) ); - if ( ! array_diff( $rewrite_vars, array_keys( $_GET ) ) ) { // Check to see if all the Query vars are coming from the rewrite, none are set via $_GET - $redirect['query'] = remove_query_arg( $qv_remove, $redirect['query'] ); //Remove all of the per-tax qv's + // Check to see if all the query vars are coming from the rewrite, none are set via $_GET. + if ( ! array_diff( $rewrite_vars, array_keys( $_GET ) ) ) { + // Remove all of the per-tax query vars. + $redirect['query'] = remove_query_arg( $qv_remove, $redirect['query'] ); + + // Create the destination URL for this taxonomy. + $tax_url = parse_url( $tax_url ); - // Create the destination url for this taxonomy - $tax_url = parse_url( $tax_url ); - if ( ! empty( $tax_url['query'] ) ) { // Taxonomy accessible via ?taxonomy=..&term=.. or any custom qv.. - parse_str( $tax_url['query'], $query_vars ); - $redirect['query'] = add_query_arg( $query_vars, $redirect['query'] ); - } else { // Taxonomy is accessible via a "pretty-URL" - $redirect['path'] = $tax_url['path']; - } - } else { // Some query vars are set via $_GET. Unset those from $_GET that exist via the rewrite - foreach ( $qv_remove as $_qv ) { - if ( isset( $rewrite_vars[ $_qv ] ) ) { - $redirect['query'] = remove_query_arg( $_qv, $redirect['query'] ); + if ( ! empty( $tax_url['query'] ) ) { + // Taxonomy accessible via ?taxonomy=...&term=... or any custom query var. + parse_str( $tax_url['query'], $query_vars ); + $redirect['query'] = add_query_arg( $query_vars, $redirect['query'] ); + } else { + // Taxonomy is accessible via a "pretty URL". + $redirect['path'] = $tax_url['path']; + } + } else { + // Some query vars are set via $_GET. Unset those from $_GET that exist via the rewrite. + foreach ( $qv_remove as $_qv ) { + if ( isset( $rewrite_vars[ $_qv ] ) ) { + $redirect['query'] = remove_query_arg( $_qv, $redirect['query'] ); + } } } } } } - } elseif ( is_single() && strpos( $wp_rewrite->permalink_structure, '%category%' ) !== false && $cat = get_query_var( 'category_name' ) ) { - $category = get_category_by_path( $cat ); - if ( ( ! $category || is_wp_error( $category ) ) || ! has_term( $category->term_id, 'category', $wp_query->get_queried_object_id() ) ) { - $redirect_url = get_permalink( $wp_query->get_queried_object_id() ); + } elseif ( is_single() && strpos( $wp_rewrite->permalink_structure, '%category%' ) !== false ) { + $category_name = get_query_var( 'category_name' ); + + if ( $category_name ) { + $category = get_category_by_path( $category_name ); + + if ( ! $category || is_wp_error( $category ) + || ! has_term( $category->term_id, 'category', $wp_query->get_queried_object_id() ) + ) { + $redirect_url = get_permalink( $wp_query->get_queried_object_id() ); + } } } - // Post Paging + // Post paging. if ( is_singular() && get_query_var( 'page' ) ) { + $page = get_query_var( 'page' ); + if ( ! $redirect_url ) { $redirect_url = get_permalink( get_queried_object_id() ); } - $page = get_query_var( 'page' ); if ( $page > 1 ) { + $redirect_url = trailingslashit( $redirect_url ); + if ( is_front_page() ) { - $redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( "$wp_rewrite->pagination_base/$page", 'paged' ); + $redirect_url .= user_trailingslashit( "$wp_rewrite->pagination_base/$page", 'paged' ); } else { - $redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( $page, 'single_paged' ); + $redirect_url .= user_trailingslashit( $page, 'single_paged' ); } } - $redirect['query'] = remove_query_arg( 'page', $redirect['query'] ); + + $redirect['query'] = remove_query_arg( 'page', $redirect['query'] ); } - // paging and feeds - if ( get_query_var( 'paged' ) || is_feed() || get_query_var( 'cpage' ) ) { - while ( preg_match( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", $redirect['path'] ) || preg_match( '#/(comments/?)?(feed|rss|rdf|atom|rss2)(/+)?$#', $redirect['path'] ) || preg_match( "#/{$wp_rewrite->comments_pagination_base}-[0-9]+(/+)?$#", $redirect['path'] ) ) { - // Strip off paging and feed - $redirect['path'] = preg_replace( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", '/', $redirect['path'] ); // strip off any existing paging - $redirect['path'] = preg_replace( '#/(comments/?)?(feed|rss2?|rdf|atom)(/+|$)#', '/', $redirect['path'] ); // strip off feed endings - $redirect['path'] = preg_replace( "#/{$wp_rewrite->comments_pagination_base}-[0-9]+?(/+)?$#", '/', $redirect['path'] ); // strip off any existing comment paging + if ( get_query_var( 'sitemap' ) ) { + $redirect_url = get_sitemap_url( get_query_var( 'sitemap' ), get_query_var( 'sitemap-subtype' ), get_query_var( 'paged' ) ); + $redirect['query'] = remove_query_arg( array( 'sitemap', 'sitemap-subtype', 'paged' ), $redirect['query'] ); + } elseif ( get_query_var( 'paged' ) || is_feed() || get_query_var( 'cpage' ) ) { + // Paging and feeds. + $paged = get_query_var( 'paged' ); + $feed = get_query_var( 'feed' ); + $cpage = get_query_var( 'cpage' ); + + while ( preg_match( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", $redirect['path'] ) + || preg_match( '#/(comments/?)?(feed|rss2?|rdf|atom)(/+)?$#', $redirect['path'] ) + || preg_match( "#/{$wp_rewrite->comments_pagination_base}-[0-9]+(/+)?$#", $redirect['path'] ) + ) { + // Strip off any existing paging. + $redirect['path'] = preg_replace( "#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#", '/', $redirect['path'] ); + // Strip off feed endings. + $redirect['path'] = preg_replace( '#/(comments/?)?(feed|rss2?|rdf|atom)(/+|$)#', '/', $redirect['path'] ); + // Strip off any existing comment paging. + $redirect['path'] = preg_replace( "#/{$wp_rewrite->comments_pagination_base}-[0-9]+?(/+)?$#", '/', $redirect['path'] ); } - $addl_path = ''; - if ( is_feed() && in_array( get_query_var( 'feed' ), $wp_rewrite->feeds ) ) { + $addl_path = ''; + $default_feed = get_default_feed(); + + if ( is_feed() && in_array( $feed, $wp_rewrite->feeds, true ) ) { $addl_path = ! empty( $addl_path ) ? trailingslashit( $addl_path ) : ''; + if ( ! is_singular() && get_query_var( 'withcomments' ) ) { $addl_path .= 'comments/'; } - if ( ( 'rss' == get_default_feed() && 'feed' == get_query_var( 'feed' ) ) || 'rss' == get_query_var( 'feed' ) ) { - $addl_path .= user_trailingslashit( 'feed/' . ( ( get_default_feed() == 'rss2' ) ? '' : 'rss2' ), 'feed' ); + + if ( ( 'rss' === $default_feed && 'feed' === $feed ) || 'rss' === $feed ) { + $format = ( 'rss2' === $default_feed ) ? '' : 'rss2'; } else { - $addl_path .= user_trailingslashit( 'feed/' . ( ( get_default_feed() == get_query_var( 'feed' ) || 'feed' == get_query_var( 'feed' ) ) ? '' : get_query_var( 'feed' ) ), 'feed' ); + $format = ( $default_feed === $feed || 'feed' === $feed ) ? '' : $feed; } + + $addl_path .= user_trailingslashit( 'feed/' . $format, 'feed' ); + $redirect['query'] = remove_query_arg( 'feed', $redirect['query'] ); - } elseif ( is_feed() && 'old' == get_query_var( 'feed' ) ) { + } elseif ( is_feed() && 'old' === $feed ) { $old_feed_files = array( 'wp-atom.php' => 'atom', 'wp-commentsrss2.php' => 'comments_rss2', - 'wp-feed.php' => get_default_feed(), + 'wp-feed.php' => $default_feed, 'wp-rdf.php' => 'rdf', 'wp-rss.php' => 'rss2', 'wp-rss2.php' => 'rss2', ); + if ( isset( $old_feed_files[ basename( $redirect['path'] ) ] ) ) { $redirect_url = get_feed_link( $old_feed_files[ basename( $redirect['path'] ) ] ); + wp_redirect( $redirect_url, 301 ); die(); } } - if ( get_query_var( 'paged' ) > 0 ) { - $paged = get_query_var( 'paged' ); + if ( $paged > 0 ) { $redirect['query'] = remove_query_arg( 'paged', $redirect['query'] ); + if ( ! is_feed() ) { - if ( $paged > 1 && ! is_single() ) { - $addl_path = ( ! empty( $addl_path ) ? trailingslashit( $addl_path ) : '' ) . user_trailingslashit( "$wp_rewrite->pagination_base/$paged", 'paged' ); - } elseif ( ! is_single() ) { + if ( ! is_single() ) { $addl_path = ! empty( $addl_path ) ? trailingslashit( $addl_path ) : ''; + + if ( $paged > 1 ) { + $addl_path .= user_trailingslashit( "$wp_rewrite->pagination_base/$paged", 'paged' ); + } } } elseif ( $paged > 1 ) { $redirect['query'] = add_query_arg( 'paged', $paged, $redirect['query'] ); } } - if ( get_option( 'page_comments' ) && ( - ( 'newest' == get_option( 'default_comments_page' ) && get_query_var( 'cpage' ) > 0 ) || - ( 'newest' != get_option( 'default_comments_page' ) && get_query_var( 'cpage' ) > 1 ) - ) ) { - $addl_path = ( ! empty( $addl_path ) ? trailingslashit( $addl_path ) : '' ) . user_trailingslashit( $wp_rewrite->comments_pagination_base . '-' . get_query_var( 'cpage' ), 'commentpaged' ); + $default_comments_page = get_option( 'default_comments_page' ); + + if ( get_option( 'page_comments' ) + && ( 'newest' === $default_comments_page && $cpage > 0 + || 'newest' !== $default_comments_page && $cpage > 1 ) + ) { + $addl_path = ( ! empty( $addl_path ) ? trailingslashit( $addl_path ) : '' ); + $addl_path .= user_trailingslashit( $wp_rewrite->comments_pagination_base . '-' . $cpage, 'commentpaged' ); + $redirect['query'] = remove_query_arg( 'cpage', $redirect['query'] ); } - $redirect['path'] = user_trailingslashit( preg_replace( '|/' . preg_quote( $wp_rewrite->index, '|' ) . '/?$|', '/', $redirect['path'] ) ); // strip off trailing /index.php/ - if ( ! empty( $addl_path ) && $wp_rewrite->using_index_permalinks() && strpos( $redirect['path'], '/' . $wp_rewrite->index . '/' ) === false ) { + // Strip off trailing /index.php/. + $redirect['path'] = preg_replace( '|/' . preg_quote( $wp_rewrite->index, '|' ) . '/?$|', '/', $redirect['path'] ); + $redirect['path'] = user_trailingslashit( $redirect['path'] ); + + if ( ! empty( $addl_path ) + && $wp_rewrite->using_index_permalinks() + && strpos( $redirect['path'], '/' . $wp_rewrite->index . '/' ) === false + ) { $redirect['path'] = trailingslashit( $redirect['path'] ) . $wp_rewrite->index . '/'; } + if ( ! empty( $addl_path ) ) { $redirect['path'] = trailingslashit( $redirect['path'] ) . $addl_path; } + $redirect_url = $redirect['scheme'] . '://' . $redirect['host'] . $redirect['path']; } - if ( 'wp-register.php' == basename( $redirect['path'] ) ) { + if ( 'wp-register.php' === basename( $redirect['path'] ) ) { if ( is_multisite() ) { /** This filter is documented in wp-login.php */ $redirect_url = apply_filters( 'wp_signup_location', network_site_url( 'wp-signup.php' ) ); @@ -374,11 +527,12 @@ } } - // tack on any additional query vars $redirect['query'] = preg_replace( '#^\??&*?#', '', $redirect['query'] ); + + // Tack on any additional query vars. if ( $redirect_url && ! empty( $redirect['query'] ) ) { parse_str( $redirect['query'], $_parsed_query ); - $redirect = @parse_url( $redirect_url ); + $redirect = parse_url( $redirect_url ); if ( ! empty( $_parsed_query['name'] ) && ! empty( $redirect['query'] ) ) { parse_str( $redirect['query'], $_parsed_redirect_query ); @@ -392,30 +546,33 @@ rawurlencode_deep( array_keys( $_parsed_query ) ), rawurlencode_deep( array_values( $_parsed_query ) ) ); - $redirect_url = add_query_arg( $_parsed_query, $redirect_url ); + + $redirect_url = add_query_arg( $_parsed_query, $redirect_url ); } if ( $redirect_url ) { - $redirect = @parse_url( $redirect_url ); + $redirect = parse_url( $redirect_url ); } - // www.example.com vs example.com - $user_home = @parse_url( home_url() ); + // www.example.com vs. example.com + $user_home = parse_url( home_url() ); + if ( ! empty( $user_home['host'] ) ) { $redirect['host'] = $user_home['host']; } + if ( empty( $user_home['path'] ) ) { $user_home['path'] = '/'; } - // Handle ports + // Handle ports. if ( ! empty( $user_home['port'] ) ) { $redirect['port'] = $user_home['port']; } else { unset( $redirect['port'] ); } - // trailing /index.php + // Trailing /index.php. $redirect['path'] = preg_replace( '|/' . preg_quote( $wp_rewrite->index, '|' ) . '/*?$|', '/', $redirect['path'] ); $punctuation_pattern = implode( @@ -424,29 +581,29 @@ 'preg_quote', array( ' ', - '%20', // space + '%20', // Space. '!', - '%21', // exclamation mark + '%21', // Exclamation mark. '"', - '%22', // double quote + '%22', // Double quote. "'", - '%27', // single quote + '%27', // Single quote. '(', - '%28', // opening bracket + '%28', // Opening bracket. ')', - '%29', // closing bracket + '%29', // Closing bracket. ',', - '%2C', // comma + '%2C', // Comma. '.', - '%2E', // period + '%2E', // Period. ';', - '%3B', // semicolon + '%3B', // Semicolon. '{', - '%7B', // opening curly bracket + '%7B', // Opening curly bracket. '}', - '%7D', // closing curly bracket - '%E2%80%9C', // opening curly quote - '%E2%80%9D', // closing curly quote + '%7D', // Closing curly bracket. + '%E2%80%9C', // Opening curly quote. + '%E2%80%9D', // Closing curly quote. ) ) ); @@ -456,26 +613,29 @@ if ( ! empty( $redirect['query'] ) ) { // Remove trailing spaces and end punctuation from certain terminating query string args. - $redirect['query'] = preg_replace( "#((p|page_id|cat|tag)=[^&]*?)($punctuation_pattern)+$#", '$1', $redirect['query'] ); + $redirect['query'] = preg_replace( "#((^|&)(p|page_id|cat|tag)=[^&]*?)($punctuation_pattern)+$#", '$1', $redirect['query'] ); - // Clean up empty query strings + // Clean up empty query strings. $redirect['query'] = trim( preg_replace( '#(^|&)(p|page_id|cat|tag)=?(&|$)#', '&', $redirect['query'] ), '&' ); - // Redirect obsolete feeds + // Redirect obsolete feeds. $redirect['query'] = preg_replace( '#(^|&)feed=rss(&|$)#', '$1feed=rss2$2', $redirect['query'] ); - // Remove redundant leading ampersands + // Remove redundant leading ampersands. $redirect['query'] = preg_replace( '#^\??&*?#', '', $redirect['query'] ); } - // strip /index.php/ when we're not using PATHINFO permalinks + // Strip /index.php/ when we're not using PATHINFO permalinks. if ( ! $wp_rewrite->using_index_permalinks() ) { $redirect['path'] = str_replace( '/' . $wp_rewrite->index . '/', '/', $redirect['path'] ); } - // trailing slashes - if ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() && ! is_404() && ( ! is_front_page() || ( is_front_page() && ( get_query_var( 'paged' ) > 1 ) ) ) ) { + // Trailing slashes. + if ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() + && ! is_404() && ( ! is_front_page() || is_front_page() && get_query_var( 'paged' ) > 1 ) + ) { $user_ts_type = ''; + if ( get_query_var( 'paged' ) > 0 ) { $user_ts_type = 'paged'; } else { @@ -487,25 +647,38 @@ } } } + $redirect['path'] = user_trailingslashit( $redirect['path'], $user_ts_type ); } elseif ( is_front_page() ) { $redirect['path'] = trailingslashit( $redirect['path'] ); } - // Strip multiple slashes out of the URL + // Remove trailing slash for robots.txt or sitemap requests. + if ( is_robots() + || ! empty( get_query_var( 'sitemap' ) ) || ! empty( get_query_var( 'sitemap-stylesheet' ) ) + ) { + $redirect['path'] = untrailingslashit( $redirect['path'] ); + } + + // Strip multiple slashes out of the URL. if ( strpos( $redirect['path'], '//' ) > -1 ) { $redirect['path'] = preg_replace( '|/+|', '/', $redirect['path'] ); } - // Always trailing slash the Front Page URL - if ( trailingslashit( $redirect['path'] ) == trailingslashit( $user_home['path'] ) ) { + // Always trailing slash the Front Page URL. + if ( trailingslashit( $redirect['path'] ) === trailingslashit( $user_home['path'] ) ) { $redirect['path'] = trailingslashit( $redirect['path'] ); } - // Ignore differences in host capitalization, as this can lead to infinite redirects - // Only redirect no-www <=> yes-www - if ( strtolower( $original['host'] ) == strtolower( $redirect['host'] ) || - ( strtolower( $original['host'] ) != 'www.' . strtolower( $redirect['host'] ) && 'www.' . strtolower( $original['host'] ) != strtolower( $redirect['host'] ) ) ) { + $original_host_low = strtolower( $original['host'] ); + $redirect_host_low = strtolower( $redirect['host'] ); + + // Ignore differences in host capitalization, as this can lead to infinite redirects. + // Only redirect no-www <=> yes-www. + if ( $original_host_low === $redirect_host_low + || ( 'www.' . $original_host_low !== $redirect_host_low + && 'www.' . $redirect_host_low !== $original_host_low ) + ) { $redirect['host'] = $original['host']; } @@ -531,16 +704,19 @@ if ( $compare_original !== $compare_redirect ) { $redirect_url = $redirect['scheme'] . '://' . $redirect['host']; + if ( ! empty( $redirect['port'] ) ) { $redirect_url .= ':' . $redirect['port']; } + $redirect_url .= $redirect['path']; + if ( ! empty( $redirect['query'] ) ) { $redirect_url .= '?' . $redirect['query']; } } - if ( ! $redirect_url || $redirect_url == $requested_url ) { + if ( ! $redirect_url || $redirect_url === $requested_url ) { return; } @@ -560,6 +736,7 @@ return strtolower( $matches[0] ); } } + $requested_url = preg_replace_callback( '|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url ); } @@ -575,18 +752,18 @@ */ $redirect_url = apply_filters( 'redirect_canonical', $redirect_url, $requested_url ); - // yes, again -- in case the filter aborted the request - if ( ! $redirect_url || strip_fragment_from_url( $redirect_url ) == strip_fragment_from_url( $requested_url ) ) { + // Yes, again -- in case the filter aborted the request. + if ( ! $redirect_url || strip_fragment_from_url( $redirect_url ) === strip_fragment_from_url( $requested_url ) ) { return; } if ( $do_redirect ) { - // protect against chained redirects + // Protect against chained redirects. if ( ! redirect_canonical( $redirect_url, false ) ) { wp_redirect( $redirect_url, 301 ); - exit(); + exit; } else { - // Debug + // Debug. // die("1: $redirect_url
2: " . redirect_canonical( $redirect_url, false ) ); return; } @@ -603,14 +780,16 @@ * @access private * * @param string $query_string - * @param array $args_to_check + * @param array $args_to_check * @param string $url * @return string The altered query string */ function _remove_qs_args_if_not_in_url( $query_string, array $args_to_check, $url ) { - $parsed_url = @parse_url( $url ); + $parsed_url = parse_url( $url ); + if ( ! empty( $parsed_url['query'] ) ) { parse_str( $parsed_url['query'], $parsed_query ); + foreach ( $args_to_check as $qv ) { if ( ! isset( $parsed_query[ $qv ] ) ) { $query_string = remove_query_arg( $qv, $query_string ); @@ -619,6 +798,7 @@ } else { $query_string = remove_query_arg( $args_to_check, $query_string ); } + return $query_string; } @@ -631,7 +811,8 @@ * @return string The altered URL. */ function strip_fragment_from_url( $url ) { - $parsed_url = @parse_url( $url ); + $parsed_url = parse_url( $url ); + if ( ! empty( $parsed_url['host'] ) ) { // This mirrors code in redirect_canonical(). It does not handle every case. $url = $parsed_url['scheme'] . '://' . $parsed_url['host']; @@ -652,21 +833,67 @@ } /** - * Attempts to guess the correct URL based on query vars + * Attempts to guess the correct URL for a 404 request based on query vars. * * @since 2.3.0 * * @global wpdb $wpdb WordPress database abstraction object. * - * @return false|string The correct URL if one is found. False on failure. + * @return string|false The correct URL if one is found. False on failure. */ function redirect_guess_404_permalink() { global $wpdb; + /** + * Filters whether to attempt to guess a redirect URL for a 404 request. + * + * Returning a false value from the filter will disable the URL guessing + * and return early without performing a redirect. + * + * @since 5.5.0 + * + * @param bool $do_redirect_guess Whether to attempt to guess a redirect URL + * for a 404 request. Default true. + */ + if ( false === apply_filters( 'do_redirect_guess_404_permalink', true ) ) { + return false; + } + + /** + * Short-circuits the redirect URL guessing for 404 requests. + * + * Returning a non-null value from the filter will effectively short-circuit + * the URL guessing, returning the passed value instead. + * + * @since 5.5.0 + * + * @param null|string|false $pre Whether to short-circuit guessing the redirect for a 404. + * Default null to continue with the URL guessing. + */ + $pre = apply_filters( 'pre_redirect_guess_404_permalink', null ); + if ( null !== $pre ) { + return $pre; + } + if ( get_query_var( 'name' ) ) { - $where = $wpdb->prepare( 'post_name LIKE %s', $wpdb->esc_like( get_query_var( 'name' ) ) . '%' ); + /** + * Filters whether to perform a strict guess for a 404 redirect. + * + * Returning a truthy value from the filter will redirect only exact post_name matches. + * + * @since 5.5.0 + * + * @param bool $strict_guess Whether to perform a strict guess. Default false (loose guess). + */ + $strict_guess = apply_filters( 'strict_redirect_guess_404_permalink', false ); - // if any of post_type, year, monthnum, or day are set, use them to refine the query + if ( $strict_guess ) { + $where = $wpdb->prepare( 'post_name = %s', get_query_var( 'name' ) ); + } else { + $where = $wpdb->prepare( 'post_name LIKE %s', $wpdb->esc_like( get_query_var( 'name' ) ) . '%' ); + } + + // If any of post_type, year, monthnum, or day are set, use them to refine the query. if ( get_query_var( 'post_type' ) ) { $where .= $wpdb->prepare( ' AND post_type = %s', get_query_var( 'post_type' ) ); } else { @@ -683,13 +910,16 @@ $where .= $wpdb->prepare( ' AND DAYOFMONTH(post_date) = %d', get_query_var( 'day' ) ); } + // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared $post_id = $wpdb->get_var( "SELECT ID FROM $wpdb->posts WHERE $where AND post_status = 'publish'" ); + if ( ! $post_id ) { return false; } + if ( get_query_var( 'feed' ) ) { return get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) ); - } elseif ( get_query_var( 'page' ) && 1 < get_query_var( 'page' ) ) { + } elseif ( get_query_var( 'page' ) > 1 ) { return trailingslashit( get_permalink( $post_id ) ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' ); } else { return get_permalink( $post_id ); @@ -707,10 +937,11 @@ * * @since 3.4.0 * - * @global WP_Rewrite $wp_rewrite + * @global WP_Rewrite $wp_rewrite WordPress rewrite component. */ function wp_redirect_admin_locations() { global $wp_rewrite; + if ( ! ( is_404() && $wp_rewrite->using_permalinks() ) ) { return; } @@ -722,7 +953,8 @@ site_url( 'dashboard', 'relative' ), site_url( 'admin', 'relative' ), ); - if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $admins ) ) { + + if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $admins, true ) ) { wp_redirect( admin_url() ); exit; } @@ -732,7 +964,8 @@ home_url( 'login', 'relative' ), site_url( 'login', 'relative' ), ); - if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins ) ) { + + if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins, true ) ) { wp_redirect( wp_login_url() ); exit; }