' . __( 'Sorry, you are not allowed to customize this site.' ) . '
', + 403 + ); + } + return; + } + + // If a changeset was provided is invalid. + if ( isset( $this->_changeset_uuid ) && false !== $this->_changeset_uuid && ! wp_is_uuid( $this->_changeset_uuid ) ) { + $this->wp_die( -1, __( 'Invalid changeset UUID' ) ); + } + + /* + * Clear incoming post data if the user lacks a CSRF token (nonce). Note that the customizer + * application will inject the customize_preview_nonce query parameter into all Ajax requests. + * For similar behavior elsewhere in WordPress, see rest_cookie_check_errors() which logs out + * a user when a valid nonce isn't present. + */ + $has_post_data_nonce = ( + check_ajax_referer( 'preview-customize_' . $this->get_stylesheet(), 'nonce', false ) + || + check_ajax_referer( 'save-customize_' . $this->get_stylesheet(), 'nonce', false ) + || + check_ajax_referer( 'preview-customize_' . $this->get_stylesheet(), 'customize_preview_nonce', false ) + ); + if ( ! current_user_can( 'customize' ) || ! $has_post_data_nonce ) { + unset( $_POST['customized'] ); + unset( $_REQUEST['customized'] ); + } + + /* + * If unauthenticated then require a valid changeset UUID to load the preview. + * In this way, the UUID serves as a secret key. If the messenger channel is present, + * then send unauthenticated code to prompt re-auth. + */ + if ( ! current_user_can( 'customize' ) && ! $this->changeset_post_id() ) { + $this->wp_die( $this->messenger_channel ? 0 : -1, __( 'Non-existent changeset UUID.' ) ); + } + + if ( ! headers_sent() ) { + send_origin_headers(); + } + + // Hide the admin bar if we're embedded in the customizer iframe. + if ( $this->messenger_channel ) { + show_admin_bar( false ); + } if ( $this->is_theme_active() ) { // Once the theme is loaded, we'll validate it. @@ -211,30 +568,88 @@ // If the requested theme is not the active theme and the user doesn't have the // switch_themes cap, bail. if ( ! current_user_can( 'switch_themes' ) ) { - $this->wp_die( -1 ); + $this->wp_die( -1, __( 'Sorry, you are not allowed to edit theme options on this site.' ) ); } // If the theme has errors while loading, bail. if ( $this->theme()->errors() ) { - $this->wp_die( -1 ); + $this->wp_die( -1, $this->theme()->errors()->get_error_message() ); } // If the theme isn't allowed per multisite settings, bail. if ( ! $this->theme()->is_allowed() ) { - $this->wp_die( -1 ); + $this->wp_die( -1, __( 'The requested theme does not exist.' ) ); } } + // Make sure changeset UUID is established immediately after the theme is loaded. + add_action( 'after_setup_theme', array( $this, 'establish_loaded_changeset' ), 5 ); + + /* + * Import theme starter content for fresh installations when landing in the customizer. + * Import starter content at after_setup_theme:100 so that any + * add_theme_support( 'starter-content' ) calls will have been made. + */ + if ( get_option( 'fresh_site' ) && 'customize.php' === $pagenow ) { + add_action( 'after_setup_theme', array( $this, 'import_theme_starter_content' ), 100 ); + } + $this->start_previewing_theme(); } /** + * Establish the loaded changeset. + * + * This method runs right at after_setup_theme and applies the 'customize_changeset_branching' filter to determine + * whether concurrent changesets are allowed. Then if the Customizer is not initialized with a `changeset_uuid` param, + * this method will determine which UUID should be used. If changeset branching is disabled, then the most saved + * changeset will be loaded by default. Otherwise, if there are no existing saved changesets or if changeset branching is + * enabled, then a new UUID will be generated. + * + * @since 4.9.0 + * @global string $pagenow + */ + public function establish_loaded_changeset() { + global $pagenow; + + if ( empty( $this->_changeset_uuid ) ) { + $changeset_uuid = null; + + if ( ! $this->branching() && $this->is_theme_active() ) { + $unpublished_changeset_posts = $this->get_changeset_posts( array( + 'post_status' => array_diff( get_post_stati(), array( 'auto-draft', 'publish', 'trash', 'inherit', 'private' ) ), + 'exclude_restore_dismissed' => false, + 'author' => 'any', + 'posts_per_page' => 1, + 'order' => 'DESC', + 'orderby' => 'date', + ) ); + $unpublished_changeset_post = array_shift( $unpublished_changeset_posts ); + if ( ! empty( $unpublished_changeset_post ) && wp_is_uuid( $unpublished_changeset_post->post_name ) ) { + $changeset_uuid = $unpublished_changeset_post->post_name; + } + } + + // If no changeset UUID has been set yet, then generate a new one. + if ( empty( $changeset_uuid ) ) { + $changeset_uuid = wp_generate_uuid4(); + } + + $this->_changeset_uuid = $changeset_uuid; + } + + if ( is_admin() && 'customize.php' === $pagenow ) { + $this->set_changeset_lock( $this->changeset_post_id() ); + } + } + + /** * Callback to validate a theme once it is loaded * * @since 3.4.0 */ public function after_setup_theme() { - $doing_ajax_or_is_customized = ( $this->doing_ajax() || isset( $_SERVER['customized'] ) ); + $doing_ajax_or_is_customized = ( $this->doing_ajax() || isset( $_POST['customized'] ) ); if ( ! $doing_ajax_or_is_customized && ! validate_current_theme() ) { wp_redirect( 'themes.php?broken=true' ); exit; @@ -318,6 +733,85 @@ } /** + * Gets whether settings are or will be previewed. + * + * @since 4.9.0 + * @see WP_Customize_Setting::preview() + * + * @return bool + */ + public function settings_previewed() { + return $this->settings_previewed; + } + + /** + * Gets whether data from a changeset's autosaved revision should be loaded if it exists. + * + * @since 4.9.0 + * @see WP_Customize_Manager::changeset_data() + * + * @return bool Is using autosaved changeset revision. + */ + public function autosaved() { + return $this->autosaved; + } + + /** + * Whether the changeset branching is allowed. + * + * @since 4.9.0 + * @see WP_Customize_Manager::establish_loaded_changeset() + * + * @return bool Is changeset branching. + */ + public function branching() { + + /** + * Filters whether or not changeset branching is allowed. + * + * By default in core, when changeset branching is not allowed, changesets will operate + * linearly in that only one saved changeset will exist at a time (with a 'draft' or + * 'future' status). This makes the Customizer operate in a way that is similar to going to + * "edit" to one existing post: all users will be making changes to the same post, and autosave + * revisions will be made for that post. + * + * By contrast, when changeset branching is allowed, then the model is like users going + * to "add new" for a page and each user makes changes independently of each other since + * they are all operating on their own separate pages, each getting their own separate + * initial auto-drafts and then once initially saved, autosave revisions on top of that + * user's specific post. + * + * Since linear changesets are deemed to be more suitable for the majority of WordPress users, + * they are the default. For WordPress sites that have heavy site management in the Customizer + * by multiple users then branching changesets should be enabled by means of this filter. + * + * @since 4.9.0 + * + * @param bool $allow_branching Whether branching is allowed. If `false`, the default, + * then only one saved changeset exists at a time. + * @param WP_Customize_Manager $wp_customize Manager instance. + */ + $this->branching = apply_filters( 'customize_changeset_branching', $this->branching, $this ); + + return $this->branching; + } + + /** + * Get the changeset UUID. + * + * @since 4.7.0 + * @see WP_Customize_Manager::establish_loaded_changeset() + * + * @return string UUID. + */ + public function changeset_uuid() { + if ( empty( $this->_changeset_uuid ) ) { + $this->establish_loaded_changeset(); + } + return $this->_changeset_uuid; + } + + /** * Get the theme being customized. * * @since 3.4.0 @@ -379,7 +873,6 @@ * Get the registered panels. * * @since 4.0.0 - * @access public * * @return array Panels. */ @@ -405,6 +898,24 @@ */ public function wp_loaded() { + // Unconditionally register core types for panels, sections, and controls in case plugin unhooks all customize_register actions. + $this->register_panel_type( 'WP_Customize_Panel' ); + $this->register_panel_type( 'WP_Customize_Themes_Panel' ); + $this->register_section_type( 'WP_Customize_Section' ); + $this->register_section_type( 'WP_Customize_Sidebar_Section' ); + $this->register_section_type( 'WP_Customize_Themes_Section' ); + $this->register_control_type( 'WP_Customize_Color_Control' ); + $this->register_control_type( 'WP_Customize_Media_Control' ); + $this->register_control_type( 'WP_Customize_Upload_Control' ); + $this->register_control_type( 'WP_Customize_Image_Control' ); + $this->register_control_type( 'WP_Customize_Background_Image_Control' ); + $this->register_control_type( 'WP_Customize_Background_Position_Control' ); + $this->register_control_type( 'WP_Customize_Cropped_Image_Control' ); + $this->register_control_type( 'WP_Customize_Site_Icon_Control' ); + $this->register_control_type( 'WP_Customize_Theme_Control' ); + $this->register_control_type( 'WP_Customize_Code_Editor_Control' ); + $this->register_control_type( 'WP_Customize_Date_Time_Control' ); + /** * Fires once WordPress has loaded, allowing scripts and styles to be initialized. * @@ -414,83 +925,897 @@ */ do_action( 'customize_register', $this ); - if ( $this->is_preview() && ! is_admin() ) + if ( $this->settings_previewed() ) { + foreach ( $this->settings as $setting ) { + $setting->preview(); + } + } + + if ( $this->is_preview() && ! is_admin() ) { $this->customize_preview_init(); + } } /** - * Prevents AJAX requests from following redirects when previewing a theme + * Prevents Ajax requests from following redirects when previewing a theme * by issuing a 200 response instead of a 30x. * * Instead, the JS will sniff out the location header. * * @since 3.4.0 - * - * @param $status + * @deprecated 4.7.0 + * + * @param int $status Status. * @return int */ public function wp_redirect_status( $status ) { - if ( $this->is_preview() && ! is_admin() ) + _deprecated_function( __FUNCTION__, '4.7.0' ); + + if ( $this->is_preview() && ! is_admin() ) { return 200; + } return $status; } /** - * Parse the incoming $_POST['customized'] JSON data and store the unsanitized - * settings for subsequent post_value() lookups. - * - * @since 4.1.1 - * - * @return array + * Find the changeset post ID for a given changeset UUID. + * + * @since 4.7.0 + * + * @param string $uuid Changeset UUID. + * @return int|null Returns post ID on success and null on failure. + */ + public function find_changeset_post_id( $uuid ) { + $cache_group = 'customize_changeset_post'; + $changeset_post_id = wp_cache_get( $uuid, $cache_group ); + if ( $changeset_post_id && 'customize_changeset' === get_post_type( $changeset_post_id ) ) { + return $changeset_post_id; + } + + $changeset_post_query = new WP_Query( array( + 'post_type' => 'customize_changeset', + 'post_status' => get_post_stati(), + 'name' => $uuid, + 'posts_per_page' => 1, + 'no_found_rows' => true, + 'cache_results' => true, + 'update_post_meta_cache' => false, + 'update_post_term_cache' => false, + 'lazy_load_term_meta' => false, + ) ); + if ( ! empty( $changeset_post_query->posts ) ) { + // Note: 'fields'=>'ids' is not being used in order to cache the post object as it will be needed. + $changeset_post_id = $changeset_post_query->posts[0]->ID; + wp_cache_set( $uuid, $changeset_post_id, $cache_group ); + return $changeset_post_id; + } + + return null; + } + + /** + * Get changeset posts. + * + * @since 4.9.0 + * + * @param array $args { + * Args to pass into `get_posts()` to query changesets. + * + * @type int $posts_per_page Number of posts to return. Defaults to -1 (all posts). + * @type int $author Post author. Defaults to current user. + * @type string $post_status Status of changeset. Defaults to 'auto-draft'. + * @type bool $exclude_restore_dismissed Whether to exclude changeset auto-drafts that have been dismissed. Defaults to true. + * } + * @return WP_Post[] Auto-draft changesets. + */ + protected function get_changeset_posts( $args = array() ) { + $default_args = array( + 'exclude_restore_dismissed' => true, + 'posts_per_page' => -1, + 'post_type' => 'customize_changeset', + 'post_status' => 'auto-draft', + 'order' => 'DESC', + 'orderby' => 'date', + 'no_found_rows' => true, + 'cache_results' => true, + 'update_post_meta_cache' => false, + 'update_post_term_cache' => false, + 'lazy_load_term_meta' => false, + ); + if ( get_current_user_id() ) { + $default_args['author'] = get_current_user_id(); + } + $args = array_merge( $default_args, $args ); + + if ( ! empty( $args['exclude_restore_dismissed'] ) ) { + unset( $args['exclude_restore_dismissed'] ); + $args['meta_query'] = array( + array( + 'key' => '_customize_restore_dismissed', + 'compare' => 'NOT EXISTS', + ), + ); + } + + return get_posts( $args ); + } + + /** + * Dismiss all of the current user's auto-drafts (other than the present one). + * + * @since 4.9.0 + * @return int The number of auto-drafts that were dismissed. + */ + protected function dismiss_user_auto_draft_changesets() { + $changeset_autodraft_posts = $this->get_changeset_posts( array( + 'post_status' => 'auto-draft', + 'exclude_restore_dismissed' => true, + 'posts_per_page' => -1, + ) ); + $dismissed = 0; + foreach ( $changeset_autodraft_posts as $autosave_autodraft_post ) { + if ( $autosave_autodraft_post->ID === $this->changeset_post_id() ) { + continue; + } + if ( update_post_meta( $autosave_autodraft_post->ID, '_customize_restore_dismissed', true ) ) { + $dismissed++; + } + } + return $dismissed; + } + + /** + * Get the changeset post id for the loaded changeset. + * + * @since 4.7.0 + * + * @return int|null Post ID on success or null if there is no post yet saved. + */ + public function changeset_post_id() { + if ( ! isset( $this->_changeset_post_id ) ) { + $post_id = $this->find_changeset_post_id( $this->changeset_uuid() ); + if ( ! $post_id ) { + $post_id = false; + } + $this->_changeset_post_id = $post_id; + } + if ( false === $this->_changeset_post_id ) { + return null; + } + return $this->_changeset_post_id; + } + + /** + * Get the data stored in a changeset post. + * + * @since 4.7.0 + * + * @param int $post_id Changeset post ID. + * @return array|WP_Error Changeset data or WP_Error on error. + */ + protected function get_changeset_post_data( $post_id ) { + if ( ! $post_id ) { + return new WP_Error( 'empty_post_id' ); + } + $changeset_post = get_post( $post_id ); + if ( ! $changeset_post ) { + return new WP_Error( 'missing_post' ); + } + if ( 'revision' === $changeset_post->post_type ) { + if ( 'customize_changeset' !== get_post_type( $changeset_post->post_parent ) ) { + return new WP_Error( 'wrong_post_type' ); + } + } elseif ( 'customize_changeset' !== $changeset_post->post_type ) { + return new WP_Error( 'wrong_post_type' ); + } + $changeset_data = json_decode( $changeset_post->post_content, true ); + if ( function_exists( 'json_last_error' ) && json_last_error() ) { + return new WP_Error( 'json_parse_error', '', json_last_error() ); + } + if ( ! is_array( $changeset_data ) ) { + return new WP_Error( 'expected_array' ); + } + return $changeset_data; + } + + /** + * Get changeset data. + * + * @since 4.7.0 + * @since 4.9.0 This will return the changeset's data with a user's autosave revision merged on top, if one exists and $autosaved is true. + * + * @return array Changeset data. + */ + public function changeset_data() { + if ( isset( $this->_changeset_data ) ) { + return $this->_changeset_data; + } + $changeset_post_id = $this->changeset_post_id(); + if ( ! $changeset_post_id ) { + $this->_changeset_data = array(); + } else { + if ( $this->autosaved() && is_user_logged_in() ) { + $autosave_post = wp_get_post_autosave( $changeset_post_id, get_current_user_id() ); + if ( $autosave_post ) { + $data = $this->get_changeset_post_data( $autosave_post->ID ); + if ( ! is_wp_error( $data ) ) { + $this->_changeset_data = $data; + } + } + } + + // Load data from the changeset if it was not loaded from an autosave. + if ( ! isset( $this->_changeset_data ) ) { + $data = $this->get_changeset_post_data( $changeset_post_id ); + if ( ! is_wp_error( $data ) ) { + $this->_changeset_data = $data; + } else { + $this->_changeset_data = array(); + } + } + } + return $this->_changeset_data; + } + + /** + * Starter content setting IDs. + * + * @since 4.7.0 + * @var array + */ + protected $pending_starter_content_settings_ids = array(); + + /** + * Import theme starter content into the customized state. + * + * @since 4.7.0 + * + * @param array $starter_content Starter content. Defaults to `get_theme_starter_content()`. */ - public function unsanitized_post_values() { - if ( ! isset( $this->_post_values ) ) { - if ( isset( $_POST['customized'] ) ) { - $this->_post_values = json_decode( wp_unslash( $_POST['customized'] ), true ); + function import_theme_starter_content( $starter_content = array() ) { + if ( empty( $starter_content ) ) { + $starter_content = get_theme_starter_content(); + } + + $changeset_data = array(); + if ( $this->changeset_post_id() ) { + /* + * Don't re-import starter content into a changeset saved persistently. + * This will need to be revisited in the future once theme switching + * is allowed with drafted/scheduled changesets, since switching to + * another theme could result in more starter content being applied. + * However, when doing an explicit save it is currently possible for + * nav menus and nav menu items specifically to lose their starter_content + * flags, thus resulting in duplicates being created since they fail + * to get re-used. See #40146. + */ + if ( 'auto-draft' !== get_post_status( $this->changeset_post_id() ) ) { + return; + } + + $changeset_data = $this->get_changeset_post_data( $this->changeset_post_id() ); + } + + $sidebars_widgets = isset( $starter_content['widgets'] ) && ! empty( $this->widgets ) ? $starter_content['widgets'] : array(); + $attachments = isset( $starter_content['attachments'] ) && ! empty( $this->nav_menus ) ? $starter_content['attachments'] : array(); + $posts = isset( $starter_content['posts'] ) && ! empty( $this->nav_menus ) ? $starter_content['posts'] : array(); + $options = isset( $starter_content['options'] ) ? $starter_content['options'] : array(); + $nav_menus = isset( $starter_content['nav_menus'] ) && ! empty( $this->nav_menus ) ? $starter_content['nav_menus'] : array(); + $theme_mods = isset( $starter_content['theme_mods'] ) ? $starter_content['theme_mods'] : array(); + + // Widgets. + $max_widget_numbers = array(); + foreach ( $sidebars_widgets as $sidebar_id => $widgets ) { + $sidebar_widget_ids = array(); + foreach ( $widgets as $widget ) { + list( $id_base, $instance ) = $widget; + + if ( ! isset( $max_widget_numbers[ $id_base ] ) ) { + + // When $settings is an array-like object, get an intrinsic array for use with array_keys(). + $settings = get_option( "widget_{$id_base}", array() ); + if ( $settings instanceof ArrayObject || $settings instanceof ArrayIterator ) { + $settings = $settings->getArrayCopy(); + } + + // Find the max widget number for this type. + $widget_numbers = array_keys( $settings ); + if ( count( $widget_numbers ) > 0 ) { + $widget_numbers[] = 1; + $max_widget_numbers[ $id_base ] = call_user_func_array( 'max', $widget_numbers ); + } else { + $max_widget_numbers[ $id_base ] = 1; + } + } + $max_widget_numbers[ $id_base ] += 1; + + $widget_id = sprintf( '%s-%d', $id_base, $max_widget_numbers[ $id_base ] ); + $setting_id = sprintf( 'widget_%s[%d]', $id_base, $max_widget_numbers[ $id_base ] ); + + $setting_value = $this->widgets->sanitize_widget_js_instance( $instance ); + if ( empty( $changeset_data[ $setting_id ] ) || ! empty( $changeset_data[ $setting_id ]['starter_content'] ) ) { + $this->set_post_value( $setting_id, $setting_value ); + $this->pending_starter_content_settings_ids[] = $setting_id; + } + $sidebar_widget_ids[] = $widget_id; + } + + $setting_id = sprintf( 'sidebars_widgets[%s]', $sidebar_id ); + if ( empty( $changeset_data[ $setting_id ] ) || ! empty( $changeset_data[ $setting_id ]['starter_content'] ) ) { + $this->set_post_value( $setting_id, $sidebar_widget_ids ); + $this->pending_starter_content_settings_ids[] = $setting_id; + } + } + + $starter_content_auto_draft_post_ids = array(); + if ( ! empty( $changeset_data['nav_menus_created_posts']['value'] ) ) { + $starter_content_auto_draft_post_ids = array_merge( $starter_content_auto_draft_post_ids, $changeset_data['nav_menus_created_posts']['value'] ); + } + + // Make an index of all the posts needed and what their slugs are. + $needed_posts = array(); + $attachments = $this->prepare_starter_content_attachments( $attachments ); + foreach ( $attachments as $attachment ) { + $key = 'attachment:' . $attachment['post_name']; + $needed_posts[ $key ] = true; + } + foreach ( array_keys( $posts ) as $post_symbol ) { + if ( empty( $posts[ $post_symbol ]['post_name'] ) && empty( $posts[ $post_symbol ]['post_title'] ) ) { + unset( $posts[ $post_symbol ] ); + continue; + } + if ( empty( $posts[ $post_symbol ]['post_name'] ) ) { + $posts[ $post_symbol ]['post_name'] = sanitize_title( $posts[ $post_symbol ]['post_title'] ); + } + if ( empty( $posts[ $post_symbol ]['post_type'] ) ) { + $posts[ $post_symbol ]['post_type'] = 'post'; + } + $needed_posts[ $posts[ $post_symbol ]['post_type'] . ':' . $posts[ $post_symbol ]['post_name'] ] = true; + } + $all_post_slugs = array_merge( + wp_list_pluck( $attachments, 'post_name' ), + wp_list_pluck( $posts, 'post_name' ) + ); + + /* + * Obtain all post types referenced in starter content to use in query. + * This is needed because 'any' will not account for post types not yet registered. + */ + $post_types = array_filter( array_merge( array( 'attachment' ), wp_list_pluck( $posts, 'post_type' ) ) ); + + // Re-use auto-draft starter content posts referenced in the current customized state. + $existing_starter_content_posts = array(); + if ( ! empty( $starter_content_auto_draft_post_ids ) ) { + $existing_posts_query = new WP_Query( array( + 'post__in' => $starter_content_auto_draft_post_ids, + 'post_status' => 'auto-draft', + 'post_type' => $post_types, + 'posts_per_page' => -1, + ) ); + foreach ( $existing_posts_query->posts as $existing_post ) { + $post_name = $existing_post->post_name; + if ( empty( $post_name ) ) { + $post_name = get_post_meta( $existing_post->ID, '_customize_draft_post_name', true ); + } + $existing_starter_content_posts[ $existing_post->post_type . ':' . $post_name ] = $existing_post; + } + } + + // Re-use non-auto-draft posts. + if ( ! empty( $all_post_slugs ) ) { + $existing_posts_query = new WP_Query( array( + 'post_name__in' => $all_post_slugs, + 'post_status' => array_diff( get_post_stati(), array( 'auto-draft' ) ), + 'post_type' => 'any', + 'posts_per_page' => -1, + ) ); + foreach ( $existing_posts_query->posts as $existing_post ) { + $key = $existing_post->post_type . ':' . $existing_post->post_name; + if ( isset( $needed_posts[ $key ] ) && ! isset( $existing_starter_content_posts[ $key ] ) ) { + $existing_starter_content_posts[ $key ] = $existing_post; + } } - if ( empty( $this->_post_values ) ) { // if not isset or if JSON error - $this->_post_values = array(); + } + + // Attachments are technically posts but handled differently. + if ( ! empty( $attachments ) ) { + + $attachment_ids = array(); + + foreach ( $attachments as $symbol => $attachment ) { + $file_array = array( + 'name' => $attachment['file_name'], + ); + $file_path = $attachment['file_path']; + $attachment_id = null; + $attached_file = null; + if ( isset( $existing_starter_content_posts[ 'attachment:' . $attachment['post_name'] ] ) ) { + $attachment_post = $existing_starter_content_posts[ 'attachment:' . $attachment['post_name'] ]; + $attachment_id = $attachment_post->ID; + $attached_file = get_attached_file( $attachment_id ); + if ( empty( $attached_file ) || ! file_exists( $attached_file ) ) { + $attachment_id = null; + $attached_file = null; + } elseif ( $this->get_stylesheet() !== get_post_meta( $attachment_post->ID, '_starter_content_theme', true ) ) { + + // Re-generate attachment metadata since it was previously generated for a different theme. + $metadata = wp_generate_attachment_metadata( $attachment_post->ID, $attached_file ); + wp_update_attachment_metadata( $attachment_id, $metadata ); + update_post_meta( $attachment_id, '_starter_content_theme', $this->get_stylesheet() ); + } + } + + // Insert the attachment auto-draft because it doesn't yet exist or the attached file is gone. + if ( ! $attachment_id ) { + + // Copy file to temp location so that original file won't get deleted from theme after sideloading. + $temp_file_name = wp_tempnam( basename( $file_path ) ); + if ( $temp_file_name && copy( $file_path, $temp_file_name ) ) { + $file_array['tmp_name'] = $temp_file_name; + } + if ( empty( $file_array['tmp_name'] ) ) { + continue; + } + + $attachment_post_data = array_merge( + wp_array_slice_assoc( $attachment, array( 'post_title', 'post_content', 'post_excerpt' ) ), + array( + 'post_status' => 'auto-draft', // So attachment will be garbage collected in a week if changeset is never published. + ) + ); + + // In PHP < 5.6 filesize() returns 0 for the temp files unless we clear the file status cache. + // Technically, PHP < 5.6.0 || < 5.5.13 || < 5.4.29 but no need to be so targeted. + // See https://bugs.php.net/bug.php?id=65701 + if ( version_compare( PHP_VERSION, '5.6', '<' ) ) { + clearstatcache(); + } + + $attachment_id = media_handle_sideload( $file_array, 0, null, $attachment_post_data ); + if ( is_wp_error( $attachment_id ) ) { + continue; + } + update_post_meta( $attachment_id, '_starter_content_theme', $this->get_stylesheet() ); + update_post_meta( $attachment_id, '_customize_draft_post_name', $attachment['post_name'] ); + } + + $attachment_ids[ $symbol ] = $attachment_id; + } + $starter_content_auto_draft_post_ids = array_merge( $starter_content_auto_draft_post_ids, array_values( $attachment_ids ) ); + } + + // Posts & pages. + if ( ! empty( $posts ) ) { + foreach ( array_keys( $posts ) as $post_symbol ) { + if ( empty( $posts[ $post_symbol ]['post_type'] ) || empty( $posts[ $post_symbol ]['post_name'] ) ) { + continue; + } + $post_type = $posts[ $post_symbol ]['post_type']; + if ( ! empty( $posts[ $post_symbol ]['post_name'] ) ) { + $post_name = $posts[ $post_symbol ]['post_name']; + } elseif ( ! empty( $posts[ $post_symbol ]['post_title'] ) ) { + $post_name = sanitize_title( $posts[ $post_symbol ]['post_title'] ); + } else { + continue; + } + + // Use existing auto-draft post if one already exists with the same type and name. + if ( isset( $existing_starter_content_posts[ $post_type . ':' . $post_name ] ) ) { + $posts[ $post_symbol ]['ID'] = $existing_starter_content_posts[ $post_type . ':' . $post_name ]->ID; + continue; + } + + // Translate the featured image symbol. + if ( ! empty( $posts[ $post_symbol ]['thumbnail'] ) + && preg_match( '/^{{(?Pcustomize_loaded_components'
+ );
+
+ _doing_it_wrong( __METHOD__, $message, '4.5.0' );
+ }
unset( $this->panels[ $id ] );
}
/**
+ * Register a customize panel type.
+ *
+ * Registered types are eligible to be rendered via JS and created dynamically.
+ *
+ * @since 4.3.0
+ *
+ * @see WP_Customize_Panel
+ *
+ * @param string $panel Name of a custom panel which is a subclass of WP_Customize_Panel.
+ */
+ public function register_panel_type( $panel ) {
+ $this->registered_panel_types[] = $panel;
+ }
+
+ /**
+ * Render JS templates for all registered panel types.
+ *
+ * @since 4.3.0
+ */
+ public function render_panel_templates() {
+ foreach ( $this->registered_panel_types as $panel_type ) {
+ $panel = new $panel_type( $this, 'temp', array() );
+ $panel->print_template();
+ }
+ }
+
+ /**
* Add a customize section.
*
* @since 3.4.0
+ * @since 4.5.0 Return added WP_Customize_Section instance.
*
* @param WP_Customize_Section|string $id Customize Section object, or Section ID.
- * @param array $args Section arguments.
+ * @param array $args {
+ * Optional. Array of properties for the new Section object. Default empty array.
+ * @type int $priority Priority of the section, defining the display order of panels and sections.
+ * Default 160.
+ * @type string $panel The panel this section belongs to (if any). Default empty.
+ * @type string $capability Capability required for the section. Default 'edit_theme_options'
+ * @type string|array $theme_supports Theme features required to support the section.
+ * @type string $title Title of the section to show in UI.
+ * @type string $description Description to show in the UI.
+ * @type string $type Type of the section.
+ * @type callable $active_callback Active callback.
+ * @type bool $description_hidden Hide the description behind a help icon, instead of inline above the first control. Default false.
+ * }
+ * @return WP_Customize_Section The instance of the section that was added.
*/
public function add_section( $id, $args = array() ) {
if ( $id instanceof WP_Customize_Section ) {
@@ -976,7 +3822,9 @@
} else {
$section = new WP_Customize_Section( $this, $id, $args );
}
+
$this->sections[ $section->id ] = $section;
+ return $section;
}
/**
@@ -985,7 +3833,7 @@
* @since 3.4.0
*
* @param string $id Section ID.
- * @return WP_Customize_Section
+ * @return WP_Customize_Section|void The section, if set.
*/
public function get_section( $id ) {
if ( isset( $this->sections[ $id ] ) )
@@ -1004,13 +3852,60 @@
}
/**
+ * Register a customize section type.
+ *
+ * Registered types are eligible to be rendered via JS and created dynamically.
+ *
+ * @since 4.3.0
+ *
+ * @see WP_Customize_Section
+ *
+ * @param string $section Name of a custom section which is a subclass of WP_Customize_Section.
+ */
+ public function register_section_type( $section ) {
+ $this->registered_section_types[] = $section;
+ }
+
+ /**
+ * Render JS templates for all registered section types.
+ *
+ * @since 4.3.0
+ */
+ public function render_section_templates() {
+ foreach ( $this->registered_section_types as $section_type ) {
+ $section = new $section_type( $this, 'temp', array() );
+ $section->print_template();
+ }
+ }
+
+ /**
* Add a customize control.
*
* @since 3.4.0
+ * @since 4.5.0 Return added WP_Customize_Control instance.
*
* @param WP_Customize_Control|string $id Customize Control object, or ID.
- * @param array $args Control arguments; passed to WP_Customize_Control
- * constructor.
+ * @param array $args {
+ * Optional. Array of properties for the new Control object. Default empty array.
+ *
+ * @type array $settings All settings tied to the control. If undefined, defaults to `$setting`.
+ * IDs in the array correspond to the ID of a registered `WP_Customize_Setting`.
+ * @type string $setting The primary setting for the control (if there is one). Default is 'default'.
+ * @type string $capability Capability required to use this control. Normally derived from `$settings`.
+ * @type int $priority Order priority to load the control. Default 10.
+ * @type string $section The section this control belongs to. Default empty.
+ * @type string $label Label for the control. Default empty.
+ * @type string $description Description for the control. Default empty.
+ * @type array $choices List of choices for 'radio' or 'select' type controls, where values
+ * are the keys, and labels are the values. Default empty array.
+ * @type array $input_attrs List of custom input attributes for control output, where attribute
+ * names are the keys and values are the values. Default empty array.
+ * @type bool $allow_addition Show UI for adding new content, currently only used for the
+ * dropdown-pages control. Default false.
+ * @type string $type The type of the control. Default 'text'.
+ * @type callback $active_callback Active callback.
+ * }
+ * @return WP_Customize_Control The instance of the control that was added.
*/
public function add_control( $id, $args = array() ) {
if ( $id instanceof WP_Customize_Control ) {
@@ -1018,7 +3913,9 @@
} else {
$control = new WP_Customize_Control( $this, $id, $args );
}
+
$this->controls[ $control->id ] = $control;
+ return $control;
}
/**
@@ -1027,7 +3924,7 @@
* @since 3.4.0
*
* @param string $id ID of the control.
- * @return WP_Customize_Control $control The control object.
+ * @return WP_Customize_Control|void The control object, if set.
*/
public function get_control( $id ) {
if ( isset( $this->controls[ $id ] ) )
@@ -1051,10 +3948,9 @@
* Registered types are eligible to be rendered via JS and created dynamically.
*
* @since 4.1.0
- * @access public
*
* @param string $control Name of a custom control which is a subclass of
- * {@see WP_Customize_Control}.
+ * WP_Customize_Control.
*/
public function register_control_type( $control ) {
$this->registered_control_types[] = $control;
@@ -1064,27 +3960,283 @@
* Render JS templates for all registered control types.
*
* @since 4.1.0
- * @access public
*/
public function render_control_templates() {
+ if ( $this->branching() ) {
+ $l10n = array(
+ /* translators: %s: User who is customizing the changeset in customizer. */
+ 'locked' => __( '%s is already customizing this changeset. Please wait until they are done to try customizing. Your latest changes have been autosaved.' ),
+ /* translators: %s: User who is customizing the changeset in customizer. */
+ 'locked_allow_override' => __( '%s is already customizing this changeset. Do you want to take over?' ),
+ );
+ } else {
+ $l10n = array(
+ /* translators: %s: User who is customizing the changeset in customizer. */
+ 'locked' => __( '%s is already customizing this site. Please wait until they are done to try customizing. Your latest changes have been autosaved.' ),
+ /* translators: %s: User who is customizing the changeset in customizer. */
+ 'locked_allow_override' => __( '%s is already customizing this site. Do you want to take over?' ),
+ );
+ }
+
foreach ( $this->registered_control_types as $control_type ) {
- $control = new $control_type( $this, 'temp', array() );
+ $control = new $control_type( $this, 'temp', array(
+ 'settings' => array(),
+ ) );
$control->print_template();
}
+ ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ priority === $b->priority ) {
- return $a->instance_number - $a->instance_number;
+ return $a->instance_number - $b->instance_number;
} else {
return $a->priority - $b->priority;
}
@@ -1102,7 +4254,10 @@
public function prepare_controls() {
$controls = array();
- uasort( $this->controls, array( $this, '_cmp_priority' ) );
+ $this->controls = wp_list_sort( $this->controls, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ), 'ASC', true );
foreach ( $this->controls as $id => $control ) {
if ( ! isset( $this->sections[ $control->section ] ) || ! $control->check_capabilities() ) {
@@ -1115,15 +4270,22 @@
$this->controls = $controls;
// Prepare sections.
- uasort( $this->sections, array( $this, '_cmp_priority' ) );
+ $this->sections = wp_list_sort( $this->sections, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ), 'ASC', true );
$sections = array();
foreach ( $this->sections as $section ) {
- if ( ! $section->check_capabilities() || ! $section->controls ) {
+ if ( ! $section->check_capabilities() ) {
continue;
}
- usort( $section->controls, array( $this, '_cmp_priority' ) );
+
+ $section->controls = wp_list_sort( $section->controls, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ) );
if ( ! $section->panel ) {
// Top-level section.
@@ -1138,22 +4300,31 @@
$this->sections = $sections;
// Prepare panels.
- uasort( $this->panels, array( $this, '_cmp_priority' ) );
+ $this->panels = wp_list_sort( $this->panels, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ), 'ASC', true );
$panels = array();
foreach ( $this->panels as $panel ) {
- if ( ! $panel->check_capabilities() || ! $panel->sections ) {
+ if ( ! $panel->check_capabilities() ) {
continue;
}
- uasort( $panel->sections, array( $this, '_cmp_priority' ) );
+ $panel->sections = wp_list_sort( $panel->sections, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ), 'ASC', true );
$panels[ $panel->id ] = $panel;
}
$this->panels = $panels;
// Sort panels and top-level sections together.
$this->containers = array_merge( $this->panels, $this->sections );
- uasort( $this->containers, array( $this, '_cmp_priority' ) );
+ $this->containers = wp_list_sort( $this->containers, array(
+ 'priority' => 'ASC',
+ 'instance_number' => 'ASC',
+ ), 'ASC', true );
}
/**
@@ -1165,6 +4336,480 @@
foreach ( $this->controls as $control ) {
$control->enqueue();
}
+
+ if ( ! is_multisite() && ( current_user_can( 'install_themes' ) || current_user_can( 'update_themes' ) || current_user_can( 'delete_themes' ) ) ) {
+ wp_enqueue_script( 'updates' );
+ wp_localize_script( 'updates', '_wpUpdatesItemCounts', array(
+ 'totals' => wp_get_update_data(),
+ ) );
+ }
+ }
+
+ /**
+ * Determine whether the user agent is iOS.
+ *
+ * @since 4.4.0
+ *
+ * @return bool Whether the user agent is iOS.
+ */
+ public function is_ios() {
+ return wp_is_mobile() && preg_match( '/iPad|iPod|iPhone/', $_SERVER['HTTP_USER_AGENT'] );
+ }
+
+ /**
+ * Get the template string for the Customizer pane document title.
+ *
+ * @since 4.4.0
+ *
+ * @return string The template string for the document title.
+ */
+ public function get_document_title_template() {
+ if ( $this->is_theme_active() ) {
+ /* translators: %s: document title from the preview */
+ $document_title_tmpl = __( 'Customize: %s' );
+ } else {
+ /* translators: %s: document title from the preview */
+ $document_title_tmpl = __( 'Live Preview: %s' );
+ }
+ $document_title_tmpl = html_entity_decode( $document_title_tmpl, ENT_QUOTES, 'UTF-8' ); // Because exported to JS and assigned to document.title.
+ return $document_title_tmpl;
+ }
+
+ /**
+ * Set the initial URL to be previewed.
+ *
+ * URL is validated.
+ *
+ * @since 4.4.0
+ *
+ * @param string $preview_url URL to be previewed.
+ */
+ public function set_preview_url( $preview_url ) {
+ $preview_url = esc_url_raw( $preview_url );
+ $this->preview_url = wp_validate_redirect( $preview_url, home_url( '/' ) );
+ }
+
+ /**
+ * Get the initial URL to be previewed.
+ *
+ * @since 4.4.0
+ *
+ * @return string URL being previewed.
+ */
+ public function get_preview_url() {
+ if ( empty( $this->preview_url ) ) {
+ $preview_url = home_url( '/' );
+ } else {
+ $preview_url = $this->preview_url;
+ }
+ return $preview_url;
+ }
+
+ /**
+ * Determines whether the admin and the frontend are on different domains.
+ *
+ * @since 4.7.0
+ *
+ * @return bool Whether cross-domain.
+ */
+ public function is_cross_domain() {
+ $admin_origin = wp_parse_url( admin_url() );
+ $home_origin = wp_parse_url( home_url() );
+ $cross_domain = ( strtolower( $admin_origin['host'] ) !== strtolower( $home_origin['host'] ) );
+ return $cross_domain;
+ }
+
+ /**
+ * Get URLs allowed to be previewed.
+ *
+ * If the front end and the admin are served from the same domain, load the
+ * preview over ssl if the Customizer is being loaded over ssl. This avoids
+ * insecure content warnings. This is not attempted if the admin and front end
+ * are on different domains to avoid the case where the front end doesn't have
+ * ssl certs. Domain mapping plugins can allow other urls in these conditions
+ * using the customize_allowed_urls filter.
+ *
+ * @since 4.7.0
+ *
+ * @returns array Allowed URLs.
+ */
+ public function get_allowed_urls() {
+ $allowed_urls = array( home_url( '/' ) );
+
+ if ( is_ssl() && ! $this->is_cross_domain() ) {
+ $allowed_urls[] = home_url( '/', 'https' );
+ }
+
+ /**
+ * Filters the list of URLs allowed to be clicked and followed in the Customizer preview.
+ *
+ * @since 3.4.0
+ *
+ * @param array $allowed_urls An array of allowed URLs.
+ */
+ $allowed_urls = array_unique( apply_filters( 'customize_allowed_urls', $allowed_urls ) );
+
+ return $allowed_urls;
+ }
+
+ /**
+ * Get messenger channel.
+ *
+ * @since 4.7.0
+ *
+ * @return string Messenger channel.
+ */
+ public function get_messenger_channel() {
+ return $this->messenger_channel;
+ }
+
+ /**
+ * Set URL to link the user to when closing the Customizer.
+ *
+ * URL is validated.
+ *
+ * @since 4.4.0
+ *
+ * @param string $return_url URL for return link.
+ */
+ public function set_return_url( $return_url ) {
+ $return_url = esc_url_raw( $return_url );
+ $return_url = remove_query_arg( wp_removable_query_args(), $return_url );
+ $return_url = wp_validate_redirect( $return_url );
+ $this->return_url = $return_url;
+ }
+
+ /**
+ * Get URL to link the user to when closing the Customizer.
+ *
+ * @since 4.4.0
+ *
+ * @return string URL for link to close Customizer.
+ */
+ public function get_return_url() {
+ $referer = wp_get_referer();
+ $excluded_referer_basenames = array( 'customize.php', 'wp-login.php' );
+
+ if ( $this->return_url ) {
+ $return_url = $this->return_url;
+ } else if ( $referer && ! in_array( basename( parse_url( $referer, PHP_URL_PATH ) ), $excluded_referer_basenames, true ) ) {
+ $return_url = $referer;
+ } else if ( $this->preview_url ) {
+ $return_url = $this->preview_url;
+ } else {
+ $return_url = home_url( '/' );
+ }
+ return $return_url;
+ }
+
+ /**
+ * Set the autofocused constructs.
+ *
+ * @since 4.4.0
+ *
+ * @param array $autofocus {
+ * Mapping of 'panel', 'section', 'control' to the ID which should be autofocused.
+ *
+ * @type string [$control] ID for control to be autofocused.
+ * @type string [$section] ID for section to be autofocused.
+ * @type string [$panel] ID for panel to be autofocused.
+ * }
+ */
+ public function set_autofocus( $autofocus ) {
+ $this->autofocus = array_filter( wp_array_slice_assoc( $autofocus, array( 'panel', 'section', 'control' ) ), 'is_string' );
+ }
+
+ /**
+ * Get the autofocused constructs.
+ *
+ * @since 4.4.0
+ *
+ * @return array {
+ * Mapping of 'panel', 'section', 'control' to the ID which should be autofocused.
+ *
+ * @type string [$control] ID for control to be autofocused.
+ * @type string [$section] ID for section to be autofocused.
+ * @type string [$panel] ID for panel to be autofocused.
+ * }
+ */
+ public function get_autofocus() {
+ return $this->autofocus;
+ }
+
+ /**
+ * Get nonces for the Customizer.
+ *
+ * @since 4.5.0
+ *
+ * @return array Nonces.
+ */
+ public function get_nonces() {
+ $nonces = array(
+ 'save' => wp_create_nonce( 'save-customize_' . $this->get_stylesheet() ),
+ 'preview' => wp_create_nonce( 'preview-customize_' . $this->get_stylesheet() ),
+ 'switch_themes' => wp_create_nonce( 'switch_themes' ),
+ 'dismiss_autosave_or_lock' => wp_create_nonce( 'customize_dismiss_autosave_or_lock' ),
+ 'override_lock' => wp_create_nonce( 'customize_override_changeset_lock' ),
+ 'trash' => wp_create_nonce( 'trash_customize_changeset' ),
+ );
+
+ /**
+ * Filters nonces for Customizer.
+ *
+ * @since 4.2.0
+ *
+ * @param array $nonces Array of refreshed nonces for save and
+ * preview actions.
+ * @param WP_Customize_Manager $this WP_Customize_Manager instance.
+ */
+ $nonces = apply_filters( 'customize_refresh_nonces', $nonces, $this );
+
+ return $nonces;
+ }
+
+ /**
+ * Print JavaScript settings for parent window.
+ *
+ * @since 4.4.0
+ */
+ public function customize_pane_settings() {
+
+ $login_url = add_query_arg( array(
+ 'interim-login' => 1,
+ 'customize-login' => 1,
+ ), wp_login_url() );
+
+ // Ensure dirty flags are set for modified settings.
+ foreach ( array_keys( $this->unsanitized_post_values() ) as $setting_id ) {
+ $setting = $this->get_setting( $setting_id );
+ if ( $setting ) {
+ $setting->dirty = true;
+ }
+ }
+
+ $autosave_revision_post = null;
+ $autosave_autodraft_post = null;
+ $changeset_post_id = $this->changeset_post_id();
+ if ( ! $this->saved_starter_content_changeset && ! $this->autosaved() ) {
+ if ( $changeset_post_id ) {
+ if ( is_user_logged_in() ) {
+ $autosave_revision_post = wp_get_post_autosave( $changeset_post_id, get_current_user_id() );
+ }
+ } else {
+ $autosave_autodraft_posts = $this->get_changeset_posts( array(
+ 'posts_per_page' => 1,
+ 'post_status' => 'auto-draft',
+ 'exclude_restore_dismissed' => true,
+ ) );
+ if ( ! empty( $autosave_autodraft_posts ) ) {
+ $autosave_autodraft_post = array_shift( $autosave_autodraft_posts );
+ }
+ }
+ }
+
+ $current_user_can_publish = current_user_can( get_post_type_object( 'customize_changeset' )->cap->publish_posts );
+
+ // @todo Include all of the status labels here from script-loader.php, and then allow it to be filtered.
+ $status_choices = array();
+ if ( $current_user_can_publish ) {
+ $status_choices[] = array(
+ 'status' => 'publish',
+ 'label' => __( 'Publish' ),
+ );
+ }
+ $status_choices[] = array(
+ 'status' => 'draft',
+ 'label' => __( 'Save Draft' ),
+ );
+ if ( $current_user_can_publish ) {
+ $status_choices[] = array(
+ 'status' => 'future',
+ 'label' => _x( 'Schedule', 'customizer changeset action/button label' ),
+ );
+ }
+
+ // Prepare Customizer settings to pass to JavaScript.
+ $changeset_post = null;
+ if ( $changeset_post_id ) {
+ $changeset_post = get_post( $changeset_post_id );
+ }
+
+ // Determine initial date to be at present or future, not past.
+ $current_time = current_time( 'mysql', false );
+ $initial_date = $current_time;
+ if ( $changeset_post ) {
+ $initial_date = get_the_time( 'Y-m-d H:i:s', $changeset_post->ID );
+ if ( $initial_date < $current_time ) {
+ $initial_date = $current_time;
+ }
+ }
+
+ $lock_user_id = false;
+ if ( $this->changeset_post_id() ) {
+ $lock_user_id = wp_check_post_lock( $this->changeset_post_id() );
+ }
+
+ $settings = array(
+ 'changeset' => array(
+ 'uuid' => $this->changeset_uuid(),
+ 'branching' => $this->branching(),
+ 'autosaved' => $this->autosaved(),
+ 'hasAutosaveRevision' => ! empty( $autosave_revision_post ),
+ 'latestAutoDraftUuid' => $autosave_autodraft_post ? $autosave_autodraft_post->post_name : null,
+ 'status' => $changeset_post ? $changeset_post->post_status : '',
+ 'currentUserCanPublish' => $current_user_can_publish,
+ 'publishDate' => $initial_date,
+ 'statusChoices' => $status_choices,
+ 'lockUser' => $lock_user_id ? $this->get_lock_user_data( $lock_user_id ) : null,
+ ),
+ 'initialServerDate' => $current_time,
+ 'dateFormat' => get_option( 'date_format' ),
+ 'timeFormat' => get_option( 'time_format' ),
+ 'initialServerTimestamp' => floor( microtime( true ) * 1000 ),
+ 'initialClientTimestamp' => -1, // To be set with JS below.
+ 'timeouts' => array(
+ 'windowRefresh' => 250,
+ 'changesetAutoSave' => AUTOSAVE_INTERVAL * 1000,
+ 'keepAliveCheck' => 2500,
+ 'reflowPaneContents' => 100,
+ 'previewFrameSensitivity' => 2000,
+ ),
+ 'theme' => array(
+ 'stylesheet' => $this->get_stylesheet(),
+ 'active' => $this->is_theme_active(),
+ '_canInstall' => current_user_can( 'install_themes' ),
+ ),
+ 'url' => array(
+ 'preview' => esc_url_raw( $this->get_preview_url() ),
+ 'return' => esc_url_raw( $this->get_return_url() ),
+ 'parent' => esc_url_raw( admin_url() ),
+ 'activated' => esc_url_raw( home_url( '/' ) ),
+ 'ajax' => esc_url_raw( admin_url( 'admin-ajax.php', 'relative' ) ),
+ 'allowed' => array_map( 'esc_url_raw', $this->get_allowed_urls() ),
+ 'isCrossDomain' => $this->is_cross_domain(),
+ 'home' => esc_url_raw( home_url( '/' ) ),
+ 'login' => esc_url_raw( $login_url ),
+ ),
+ 'browser' => array(
+ 'mobile' => wp_is_mobile(),
+ 'ios' => $this->is_ios(),
+ ),
+ 'panels' => array(),
+ 'sections' => array(),
+ 'nonce' => $this->get_nonces(),
+ 'autofocus' => $this->get_autofocus(),
+ 'documentTitleTmpl' => $this->get_document_title_template(),
+ 'previewableDevices' => $this->get_previewable_devices(),
+ 'l10n' => array(
+ 'confirmDeleteTheme' => __( 'Are you sure you want to delete this theme?' ),
+ /* translators: %d: number of theme search results, which cannot currently consider singular vs. plural forms */
+ 'themeSearchResults' => __( '%d themes found' ),
+ /* translators: %d: number of themes being displayed, which cannot currently consider singular vs. plural forms */
+ 'announceThemeCount' => __( 'Displaying %d themes' ),
+ /* translators: %s: theme name */
+ 'announceThemeDetails' => __( 'Showing details for theme: %s' ),
+ ),
+ );
+
+ // Temporarily disable installation in Customizer. See #42184.
+ $filesystem_method = get_filesystem_method();
+ ob_start();
+ $filesystem_credentials_are_stored = request_filesystem_credentials( self_admin_url() );
+ ob_end_clean();
+ if ( 'direct' !== $filesystem_method && ! $filesystem_credentials_are_stored ) {
+ $settings['theme']['_filesystemCredentialsNeeded'] = true;
+ }
+
+ // Prepare Customize Section objects to pass to JavaScript.
+ foreach ( $this->sections() as $id => $section ) {
+ if ( $section->check_capabilities() ) {
+ $settings['sections'][ $id ] = $section->json();
+ }
+ }
+
+ // Prepare Customize Panel objects to pass to JavaScript.
+ foreach ( $this->panels() as $panel_id => $panel ) {
+ if ( $panel->check_capabilities() ) {
+ $settings['panels'][ $panel_id ] = $panel->json();
+ foreach ( $panel->sections as $section_id => $section ) {
+ if ( $section->check_capabilities() ) {
+ $settings['sections'][ $section_id ] = $section->json();
+ }
+ }
+ }
+ }
+
+ ?>
+
+ array(
+ 'label' => __( 'Enter desktop preview mode' ),
+ 'default' => true,
+ ),
+ 'tablet' => array(
+ 'label' => __( 'Enter tablet preview mode' ),
+ ),
+ 'mobile' => array(
+ 'label' => __( 'Enter mobile preview mode' ),
+ ),
+ );
+
+ /**
+ * Filters the available devices to allow previewing in the Customizer.
+ *
+ * @since 4.5.0
+ *
+ * @see WP_Customize_Manager::get_previewable_devices()
+ *
+ * @param array $devices List of devices with labels and default setting.
+ */
+ $devices = apply_filters( 'customize_previewable_devices', $devices );
+
+ return $devices;
}
/**
@@ -1174,62 +4819,46 @@
*/
public function register_controls() {
- /* Control Types (custom control classes) */
- $this->register_control_type( 'WP_Customize_Color_Control' );
- $this->register_control_type( 'WP_Customize_Media_Control' );
- $this->register_control_type( 'WP_Customize_Upload_Control' );
- $this->register_control_type( 'WP_Customize_Image_Control' );
- $this->register_control_type( 'WP_Customize_Background_Image_Control' );
- $this->register_control_type( 'WP_Customize_Theme_Control' );
-
- /* Themes */
-
- $this->add_section( new WP_Customize_Themes_Section( $this, 'themes', array(
- 'title' => $this->theme()->display( 'Name' ),
- 'capability' => 'switch_themes',
- 'priority' => 0,
+ /* Themes (controls are loaded via ajax) */
+
+ $this->add_panel( new WP_Customize_Themes_Panel( $this, 'themes', array(
+ 'title' => $this->theme()->display( 'Name' ),
+ 'description' => (
+ '' . __( 'Looking for a theme? You can search or browse the WordPress.org theme directory, install and preview themes, then activate them right here.' ) . '
' . + '' . __( 'While previewing a new theme, you can continue to tailor things like widgets and menus, and explore theme-specific options.' ) . '
' + ), + 'capability' => 'switch_themes', + 'priority' => 0, ) ) ); + $this->add_section( new WP_Customize_Themes_Section( $this, 'installed_themes', array( + 'title' => __( 'Installed themes' ), + 'action' => 'installed', + 'capability' => 'switch_themes', + 'panel' => 'themes', + 'priority' => 0, + ) ) ); + + if ( ! is_multisite() ) { + $this->add_section( new WP_Customize_Themes_Section( $this, 'wporg_themes', array( + 'title' => __( 'WordPress.org themes' ), + 'action' => 'wporg', + 'filter_type' => 'remote', + 'capability' => 'install_themes', + 'panel' => 'themes', + 'priority' => 5, + ) ) ); + } + // Themes Setting (unused - the theme is considerably more fundamental to the Customizer experience). $this->add_setting( new WP_Customize_Filter_Setting( $this, 'active_theme', array( 'capability' => 'switch_themes', ) ) ); - require_once( ABSPATH . 'wp-admin/includes/theme.php' ); - - // Theme Controls. - - // Add a control for the active/original theme. - if ( ! $this->is_theme_active() ) { - $themes = wp_prepare_themes_for_js( array( wp_get_theme( $this->original_stylesheet ) ) ); - $active_theme = current( $themes ); - $active_theme['isActiveTheme'] = true; - $this->add_control( new WP_Customize_Theme_Control( $this, $active_theme['id'], array( - 'theme' => $active_theme, - 'section' => 'themes', - 'settings' => 'active_theme', - ) ) ); - } - - $themes = wp_prepare_themes_for_js(); - foreach ( $themes as $theme ) { - if ( $theme['active'] || $theme['id'] === $this->original_stylesheet ) { - continue; - } - - $theme_id = 'theme_' . $theme['id']; - $theme['isActiveTheme'] = false; - $this->add_control( new WP_Customize_Theme_Control( $this, $theme_id, array( - 'theme' => $theme, - 'section' => 'themes', - 'settings' => 'active_theme', - ) ) ); - } - - /* Site Title & Tagline */ + /* Site Identity */ $this->add_section( 'title_tagline', array( - 'title' => __( 'Site Title & Tagline' ), + 'title' => __( 'Site Identity' ), 'priority' => 20, ) ); @@ -1255,6 +4884,74 @@ 'section' => 'title_tagline', ) ); + // Add a setting to hide header text if the theme doesn't support custom headers. + if ( ! current_theme_supports( 'custom-header', 'header-text' ) ) { + $this->add_setting( 'header_text', array( + 'theme_supports' => array( 'custom-logo', 'header-text' ), + 'default' => 1, + 'sanitize_callback' => 'absint', + ) ); + + $this->add_control( 'header_text', array( + 'label' => __( 'Display Site Title and Tagline' ), + 'section' => 'title_tagline', + 'settings' => 'header_text', + 'type' => 'checkbox', + ) ); + } + + $this->add_setting( 'site_icon', array( + 'type' => 'option', + 'capability' => 'manage_options', + 'transport' => 'postMessage', // Previewed with JS in the Customizer controls window. + ) ); + + $this->add_control( new WP_Customize_Site_Icon_Control( $this, 'site_icon', array( + 'label' => __( 'Site Icon' ), + 'description' => sprintf( + '' . __( 'Site Icons are what you see in browser tabs, bookmark bars, and within the WordPress mobile apps. Upload one here!' ) . '
' . + /* translators: %s: site icon size in pixels */ + '' . __( 'Site Icons should be square and at least %s pixels.' ) . '
', + '512 × 512' + ), + 'section' => 'title_tagline', + 'priority' => 60, + 'height' => 512, + 'width' => 512, + ) ) ); + + $this->add_setting( 'custom_logo', array( + 'theme_supports' => array( 'custom-logo' ), + 'transport' => 'postMessage', + ) ); + + $custom_logo_args = get_theme_support( 'custom-logo' ); + $this->add_control( new WP_Customize_Cropped_Image_Control( $this, 'custom_logo', array( + 'label' => __( 'Logo' ), + 'section' => 'title_tagline', + 'priority' => 8, + 'height' => $custom_logo_args[0]['height'], + 'width' => $custom_logo_args[0]['width'], + 'flex_height' => $custom_logo_args[0]['flex-height'], + 'flex_width' => $custom_logo_args[0]['flex-width'], + 'button_labels' => array( + 'select' => __( 'Select logo' ), + 'change' => __( 'Change logo' ), + 'remove' => __( 'Remove' ), + 'default' => __( 'Default' ), + 'placeholder' => __( 'No logo selected' ), + 'frame_title' => __( 'Select logo' ), + 'frame_button' => __( 'Choose logo' ), + ), + ) ) ); + + $this->selective_refresh->add_partial( 'custom_logo', array( + 'settings' => array( 'custom_logo' ), + 'selector' => '.custom-logo-link', + 'render_callback' => array( $this, '_render_custom_logo_partial' ), + 'container_inclusive' => true, + ) ); + /* Colors */ $this->add_section( 'colors', array( @@ -1274,9 +4971,10 @@ // With custom value $this->add_control( 'display_header_text', array( 'settings' => 'header_textcolor', - 'label' => __( 'Display Header Text' ), + 'label' => __( 'Display Site Title and Tagline' ), 'section' => 'title_tagline', 'type' => 'checkbox', + 'priority' => 40, ) ); $this->add_control( new WP_Customize_Color_Control( $this, 'header_textcolor', array( @@ -1299,27 +4997,108 @@ 'section' => 'colors', ) ) ); - /* Custom Header */ + if ( current_theme_supports( 'custom-header', 'video' ) ) { + $title = __( 'Header Media' ); + $description = '' . __( 'If you add a video, the image will be used as a fallback while the video loads.' ) . '
'; + + $width = absint( get_theme_support( 'custom-header', 'width' ) ); + $height = absint( get_theme_support( 'custom-header', 'height' ) ); + if ( $width && $height ) { + $control_description = sprintf( + /* translators: 1: .mp4, 2: header size in pixels */ + __( 'Upload your video in %1$s format and minimize its file size for best results. Your theme recommends dimensions of %2$s pixels.' ), + '.mp4',
+ sprintf( '%s × %s', $width, $height )
+ );
+ } elseif ( $width ) {
+ $control_description = sprintf(
+ /* translators: 1: .mp4, 2: header width in pixels */
+ __( 'Upload your video in %1$s format and minimize its file size for best results. Your theme recommends a width of %2$s pixels.' ),
+ '.mp4',
+ sprintf( '%s', $width )
+ );
+ } else {
+ $control_description = sprintf(
+ /* translators: 1: .mp4, 2: header height in pixels */
+ __( 'Upload your video in %1$s format and minimize its file size for best results. Your theme recommends a height of %2$s pixels.' ),
+ '.mp4',
+ sprintf( '%s', $height )
+ );
+ }
+ } else {
+ $title = __( 'Header Image' );
+ $description = '';
+ $control_description = '';
+ }
+
$this->add_section( 'header_image', array(
- 'title' => __( 'Header Image' ),
+ 'title' => $title,
+ 'description' => $description,
'theme_supports' => 'custom-header',
'priority' => 60,
) );
+ $this->add_setting( 'header_video', array(
+ 'theme_supports' => array( 'custom-header', 'video' ),
+ 'transport' => 'postMessage',
+ 'sanitize_callback' => 'absint',
+ 'validate_callback' => array( $this, '_validate_header_video' ),
+ ) );
+
+ $this->add_setting( 'external_header_video', array(
+ 'theme_supports' => array( 'custom-header', 'video' ),
+ 'transport' => 'postMessage',
+ 'sanitize_callback' => array( $this, '_sanitize_external_header_video' ),
+ 'validate_callback' => array( $this, '_validate_external_header_video' ),
+ ) );
+
$this->add_setting( new WP_Customize_Filter_Setting( $this, 'header_image', array(
- 'default' => get_theme_support( 'custom-header', 'default-image' ),
+ 'default' => sprintf( get_theme_support( 'custom-header', 'default-image' ), get_template_directory_uri(), get_stylesheet_directory_uri() ),
'theme_supports' => 'custom-header',
) ) );
$this->add_setting( new WP_Customize_Header_Image_Setting( $this, 'header_image_data', array(
- // 'default' => get_theme_support( 'custom-header', 'default-image' ),
'theme_supports' => 'custom-header',
) ) );
+ /*
+ * Switch image settings to postMessage when video support is enabled since
+ * it entails that the_custom_header_markup() will be used, and thus selective
+ * refresh can be utilized.
+ */
+ if ( current_theme_supports( 'custom-header', 'video' ) ) {
+ $this->get_setting( 'header_image' )->transport = 'postMessage';
+ $this->get_setting( 'header_image_data' )->transport = 'postMessage';
+ }
+
+ $this->add_control( new WP_Customize_Media_Control( $this, 'header_video', array(
+ 'theme_supports' => array( 'custom-header', 'video' ),
+ 'label' => __( 'Header Video' ),
+ 'description' => $control_description,
+ 'section' => 'header_image',
+ 'mime_type' => 'video',
+ 'active_callback' => 'is_header_video_active',
+ ) ) );
+
+ $this->add_control( 'external_header_video', array(
+ 'theme_supports' => array( 'custom-header', 'video' ),
+ 'type' => 'url',
+ 'description' => __( 'Or, enter a YouTube URL:' ),
+ 'section' => 'header_image',
+ 'active_callback' => 'is_header_video_active',
+ ) );
+
$this->add_control( new WP_Customize_Header_Image_Control( $this ) );
+ $this->selective_refresh->add_partial( 'custom_header', array(
+ 'selector' => '#wp-custom-header',
+ 'render_callback' => 'the_custom_header_markup',
+ 'settings' => array( 'header_video', 'external_header_video', 'header_image' ), // The image is used as a video fallback here.
+ 'container_inclusive' => true,
+ ) );
+
/* Custom Background */
$this->add_section( 'background_image', array(
@@ -1331,180 +5110,430 @@
$this->add_setting( 'background_image', array(
'default' => get_theme_support( 'custom-background', 'default-image' ),
'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
) );
$this->add_setting( new WP_Customize_Background_Image_Setting( $this, 'background_image_thumb', array(
'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
) ) );
$this->add_control( new WP_Customize_Background_Image_Control( $this ) );
- $this->add_setting( 'background_repeat', array(
- 'default' => get_theme_support( 'custom-background', 'default-repeat' ),
+ $this->add_setting( 'background_preset', array(
+ 'default' => get_theme_support( 'custom-background', 'default-preset' ),
'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
) );
- $this->add_control( 'background_repeat', array(
- 'label' => __( 'Background Repeat' ),
+ $this->add_control( 'background_preset', array(
+ 'label' => _x( 'Preset', 'Background Preset' ),
'section' => 'background_image',
- 'type' => 'radio',
+ 'type' => 'select',
'choices' => array(
- 'no-repeat' => __('No Repeat'),
- 'repeat' => __('Tile'),
- 'repeat-x' => __('Tile Horizontally'),
- 'repeat-y' => __('Tile Vertically'),
+ 'default' => _x( 'Default', 'Default Preset' ),
+ 'fill' => __( 'Fill Screen' ),
+ 'fit' => __( 'Fit to Screen' ),
+ 'repeat' => _x( 'Repeat', 'Repeat Image' ),
+ 'custom' => _x( 'Custom', 'Custom Preset' ),
),
) );
$this->add_setting( 'background_position_x', array(
'default' => get_theme_support( 'custom-background', 'default-position-x' ),
'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
) );
- $this->add_control( 'background_position_x', array(
- 'label' => __( 'Background Position' ),
+ $this->add_setting( 'background_position_y', array(
+ 'default' => get_theme_support( 'custom-background', 'default-position-y' ),
+ 'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
+ ) );
+
+ $this->add_control( new WP_Customize_Background_Position_Control( $this, 'background_position', array(
+ 'label' => __( 'Image Position' ),
+ 'section' => 'background_image',
+ 'settings' => array(
+ 'x' => 'background_position_x',
+ 'y' => 'background_position_y',
+ ),
+ ) ) );
+
+ $this->add_setting( 'background_size', array(
+ 'default' => get_theme_support( 'custom-background', 'default-size' ),
+ 'theme_supports' => 'custom-background',
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
+ ) );
+
+ $this->add_control( 'background_size', array(
+ 'label' => __( 'Image Size' ),
'section' => 'background_image',
- 'type' => 'radio',
+ 'type' => 'select',
'choices' => array(
- 'left' => __('Left'),
- 'center' => __('Center'),
- 'right' => __('Right'),
+ 'auto' => __( 'Original' ),
+ 'contain' => __( 'Fit to Screen' ),
+ 'cover' => __( 'Fill Screen' ),
),
) );
+ $this->add_setting( 'background_repeat', array(
+ 'default' => get_theme_support( 'custom-background', 'default-repeat' ),
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
+ 'theme_supports' => 'custom-background',
+ ) );
+
+ $this->add_control( 'background_repeat', array(
+ 'label' => __( 'Repeat Background Image' ),
+ 'section' => 'background_image',
+ 'type' => 'checkbox',
+ ) );
+
$this->add_setting( 'background_attachment', array(
- 'default' => get_theme_support( 'custom-background', 'default-attachment' ),
- 'theme_supports' => 'custom-background',
+ 'default' => get_theme_support( 'custom-background', 'default-attachment' ),
+ 'sanitize_callback' => array( $this, '_sanitize_background_setting' ),
+ 'theme_supports' => 'custom-background',
) );
$this->add_control( 'background_attachment', array(
- 'label' => __( 'Background Attachment' ),
- 'section' => 'background_image',
- 'type' => 'radio',
- 'choices' => array(
- 'scroll' => __('Scroll'),
- 'fixed' => __('Fixed'),
- ),
+ 'label' => __( 'Scroll with Page' ),
+ 'section' => 'background_image',
+ 'type' => 'checkbox',
) );
+
// If the theme is using the default background callback, we can update
// the background CSS using postMessage.
if ( get_theme_support( 'custom-background', 'wp-head-callback' ) === '_custom_background_cb' ) {
- foreach ( array( 'color', 'image', 'position_x', 'repeat', 'attachment' ) as $prop ) {
+ foreach ( array( 'color', 'image', 'preset', 'position_x', 'position_y', 'size', 'repeat', 'attachment' ) as $prop ) {
$this->get_setting( 'background_' . $prop )->transport = 'postMessage';
}
}
- /* Nav Menus */
-
- $locations = get_registered_nav_menus();
- $menus = wp_get_nav_menus();
- $num_locations = count( array_keys( $locations ) );
-
- if ( 1 == $num_locations ) {
- $description = __( 'Your theme supports one menu. Select which menu you would like to use.' );
- } else {
- $description = sprintf( _n( 'Your theme supports %s menu. Select which menu appears in each location.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations ), number_format_i18n( $num_locations ) );
- }
-
- $this->add_section( 'nav', array(
- 'title' => __( 'Navigation' ),
- 'theme_supports' => 'menus',
- 'priority' => 100,
- 'description' => $description . "\n\n" . __( 'You can edit your menu content on the Menus screen in the Appearance section.' ),
+ /*
+ * Static Front Page
+ * See also https://core.trac.wordpress.org/ticket/19627 which introduces the static-front-page theme_support.
+ * The following replicates behavior from options-reading.php.
+ */
+
+ $this->add_section( 'static_front_page', array(
+ 'title' => __( 'Homepage Settings' ),
+ 'priority' => 120,
+ 'description' => __( 'You can choose what’s displayed on the homepage of your site. It can be posts in reverse chronological order (classic blog), or a fixed/static page. To set a static homepage, you first need to create two Pages. One will become the homepage, and the other will be where your posts are displayed.' ),
+ 'active_callback' => array( $this, 'has_published_pages' ),
+ ) );
+
+ $this->add_setting( 'show_on_front', array(
+ 'default' => get_option( 'show_on_front' ),
+ 'capability' => 'manage_options',
+ 'type' => 'option',
+ ) );
+
+ $this->add_control( 'show_on_front', array(
+ 'label' => __( 'Your homepage displays' ),
+ 'section' => 'static_front_page',
+ 'type' => 'radio',
+ 'choices' => array(
+ 'posts' => __( 'Your latest posts' ),
+ 'page' => __( 'A static page' ),
+ ),
+ ) );
+
+ $this->add_setting( 'page_on_front', array(
+ 'type' => 'option',
+ 'capability' => 'manage_options',
+ ) );
+
+ $this->add_control( 'page_on_front', array(
+ 'label' => __( 'Homepage' ),
+ 'section' => 'static_front_page',
+ 'type' => 'dropdown-pages',
+ 'allow_addition' => true,
+ ) );
+
+ $this->add_setting( 'page_for_posts', array(
+ 'type' => 'option',
+ 'capability' => 'manage_options',
+ ) );
+
+ $this->add_control( 'page_for_posts', array(
+ 'label' => __( 'Posts page' ),
+ 'section' => 'static_front_page',
+ 'type' => 'dropdown-pages',
+ 'allow_addition' => true,
) );
- if ( $menus ) {
- $choices = array( '' => __( '— Select —' ) );
- foreach ( $menus as $menu ) {
- $choices[ $menu->term_id ] = wp_html_excerpt( $menu->name, 40, '…' );
- }
-
- foreach ( $locations as $location => $description ) {
- $menu_setting_id = "nav_menu_locations[{$location}]";
-
- $this->add_setting( $menu_setting_id, array(
- 'sanitize_callback' => 'absint',
- 'theme_supports' => 'menus',
- ) );
-
- $this->add_control( $menu_setting_id, array(
- 'label' => $description,
- 'section' => 'nav',
- 'type' => 'select',
- 'choices' => $choices,
- ) );
+ /* Custom CSS */
+ $section_description = ''; + $section_description .= __( 'Add your own CSS code here to customize the appearance and layout of your site.' ); + $section_description .= sprintf( + ' %2$s %3$s', + esc_url( __( 'https://codex.wordpress.org/CSS' ) ), + __( 'Learn more about CSS' ), + /* translators: accessibility text */ + __( '(opens in a new window)' ) + ); + $section_description .= '
'; + + $section_description .= '' . __( 'When using a keyboard to navigate:' ) . '
'; + $section_description .= ''; + $section_description .= sprintf( + /* translators: 1: link to user profile, 2: additional link attributes, 3: accessibility text */ + __( 'The edit field automatically highlights code syntax. You can disable this in your user profile%3$s to work in plain text mode.' ), + esc_url( get_edit_profile_url() ), + 'class="external-link" target="_blank"', + sprintf( ' %s', + /* translators: accessibility text */ + __( '(opens in a new window)' ) + ) + ); + $section_description .= '
'; + } + + $section_description .= ''; + + $this->add_section( 'custom_css', array( + 'title' => __( 'Additional CSS' ), + 'priority' => 200, + 'description_hidden' => true, + 'description' => $section_description, + ) ); + + $custom_css_setting = new WP_Customize_Custom_CSS_Setting( $this, sprintf( 'custom_css[%s]', get_stylesheet() ), array( + 'capability' => 'edit_css', + 'default' => '', + ) ); + $this->add_setting( $custom_css_setting ); + + $this->add_control( new WP_Customize_Code_Editor_Control( $this, 'custom_css', array( + 'label' => __( 'CSS code' ), + 'section' => 'custom_css', + 'settings' => array( 'default' => $custom_css_setting->id ), + 'code_type' => 'text/css', + 'input_attrs' => array( + 'aria-describedby' => 'editor-keyboard-trap-help-1 editor-keyboard-trap-help-2 editor-keyboard-trap-help-3 editor-keyboard-trap-help-4', + ), + ) ) ); + } + + /** + * Return whether there are published pages. + * + * Used as active callback for static front page section and controls. + * + * @since 4.7.0 + * + * @returns bool Whether there are published (or to be published) pages. + */ + public function has_published_pages() { + + $setting = $this->get_setting( 'nav_menus_created_posts' ); + if ( $setting ) { + foreach ( $setting->value() as $post_id ) { + if ( 'page' === get_post_type( $post_id ) ) { + return true; + } } } - - /* Static Front Page */ - // #WP19627 - - // Replicate behavior from options-reading.php and hide front page options if there are no pages - if ( get_pages() ) { - $this->add_section( 'static_front_page', array( - 'title' => __( 'Static Front Page' ), - // 'theme_supports' => 'static-front-page', - 'priority' => 120, - 'description' => __( 'Your theme supports a static front page.' ), - ) ); - - $this->add_setting( 'show_on_front', array( - 'default' => get_option( 'show_on_front' ), - 'capability' => 'manage_options', - 'type' => 'option', - // 'theme_supports' => 'static-front-page', - ) ); - - $this->add_control( 'show_on_front', array( - 'label' => __( 'Front page displays' ), - 'section' => 'static_front_page', - 'type' => 'radio', - 'choices' => array( - 'posts' => __( 'Your latest posts' ), - 'page' => __( 'A static page' ), - ), - ) ); - - $this->add_setting( 'page_on_front', array( - 'type' => 'option', - 'capability' => 'manage_options', - // 'theme_supports' => 'static-front-page', - ) ); - - $this->add_control( 'page_on_front', array( - 'label' => __( 'Front page' ), - 'section' => 'static_front_page', - 'type' => 'dropdown-pages', - ) ); - - $this->add_setting( 'page_for_posts', array( - 'type' => 'option', - 'capability' => 'manage_options', - // 'theme_supports' => 'static-front-page', - ) ); - - $this->add_control( 'page_for_posts', array( - 'label' => __( 'Posts page' ), - 'section' => 'static_front_page', - 'type' => 'dropdown-pages', - ) ); - } + return 0 !== count( get_pages() ); } /** * Add settings from the POST data that were not added with code, e.g. dynamically-created settings for Widgets * * @since 4.2.0 - * @access public * * @see add_dynamic_settings() */ public function register_dynamic_settings() { - $this->add_dynamic_settings( array_keys( $this->unsanitized_post_values() ) ); + $setting_ids = array_keys( $this->unsanitized_post_values() ); + $this->add_dynamic_settings( $setting_ids ); } /** + * Load themes into the theme browsing/installation UI. + * + * @since 4.9.0 + */ + public function handle_load_themes_request() { + check_ajax_referer( 'switch_themes', 'nonce' ); + + if ( ! current_user_can( 'switch_themes' ) ) { + wp_die( -1 ); + } + + if ( empty( $_POST['theme_action'] ) ) { + wp_send_json_error( 'missing_theme_action' ); + } + $theme_action = sanitize_key( $_POST['theme_action'] ); + $themes = array(); + $args = array(); + + // Define query filters based on user input. + if ( ! array_key_exists( 'search', $_POST ) ) { + $args['search'] = ''; + } else { + $args['search'] = sanitize_text_field( wp_unslash( $_POST['search'] ) ); + } + + if ( ! array_key_exists( 'tags', $_POST ) ) { + $args['tag'] = ''; + } else { + $args['tag'] = array_map( 'sanitize_text_field', wp_unslash( (array) $_POST['tags'] ) ); + } + + if ( ! array_key_exists( 'page', $_POST ) ) { + $args['page'] = 1; + } else { + $args['page'] = absint( $_POST['page'] ); + } + + require_once ABSPATH . 'wp-admin/includes/theme.php'; + + if ( 'installed' === $theme_action ) { + + // Load all installed themes from wp_prepare_themes_for_js(). + $themes = array( 'themes' => wp_prepare_themes_for_js() ); + foreach ( $themes['themes'] as &$theme ) { + $theme['type'] = 'installed'; + $theme['active'] = ( isset( $_POST['customized_theme'] ) && $_POST['customized_theme'] === $theme['id'] ); + } + + } elseif ( 'wporg' === $theme_action ) { + + // Load WordPress.org themes from the .org API and normalize data to match installed theme objects. + if ( ! current_user_can( 'install_themes' ) ) { + wp_die( -1 ); + } + + // Arguments for all queries. + $wporg_args = array( + 'per_page' => 100, + 'fields' => array( + 'screenshot_url' => true, + 'description' => true, + 'rating' => true, + 'downloaded' => true, + 'downloadlink' => true, + 'last_updated' => true, + 'homepage' => true, + 'num_ratings' => true, + 'tags' => true, + 'parent' => true, + // 'extended_author' => true, @todo: WordPress.org throws a 500 server error when this is here. + ), + ); + + $args = array_merge( $wporg_args, $args ); + + if ( '' === $args['search'] && '' === $args['tag'] ) { + $args['browse'] = 'new'; // Sort by latest themes by default. + } + + // Load themes from the .org API. + $themes = themes_api( 'query_themes', $args ); + if ( is_wp_error( $themes ) ) { + wp_send_json_error(); + } + + // This list matches the allowed tags in wp-admin/includes/theme-install.php. + $themes_allowedtags = array_fill_keys( + array( 'a', 'abbr', 'acronym', 'code', 'pre', 'em', 'strong', 'div', 'p', 'ul', 'ol', 'li', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img' ), + array() + ); + $themes_allowedtags['a'] = array_fill_keys( array( 'href', 'title', 'target' ), true ); + $themes_allowedtags['acronym']['title'] = true; + $themes_allowedtags['abbr']['title'] = true; + $themes_allowedtags['img'] = array_fill_keys( array( 'src', 'class', 'alt' ), true ); + + // Prepare a list of installed themes to check against before the loop. + $installed_themes = array(); + $wp_themes = wp_get_themes(); + foreach ( $wp_themes as $theme ) { + $installed_themes[] = $theme->get_stylesheet(); + } + $update_php = network_admin_url( 'update.php?action=install-theme' ); + + // Set up properties for themes available on WordPress.org. + foreach ( $themes->themes as &$theme ) { + $theme->install_url = add_query_arg( array( + 'theme' => $theme->slug, + '_wpnonce' => wp_create_nonce( 'install-theme_' . $theme->slug ), + ), $update_php ); + + $theme->name = wp_kses( $theme->name, $themes_allowedtags ); + $theme->author = wp_kses( $theme->author, $themes_allowedtags ); + $theme->version = wp_kses( $theme->version, $themes_allowedtags ); + $theme->description = wp_kses( $theme->description, $themes_allowedtags ); + $theme->tags = implode( ', ', $theme->tags ); + $theme->stars = wp_star_rating( array( + 'rating' => $theme->rating, + 'type' => 'percent', + 'number' => $theme->num_ratings, + 'echo' => false, + ) ); + $theme->num_ratings = number_format_i18n( $theme->num_ratings ); + $theme->preview_url = set_url_scheme( $theme->preview_url ); + + // Handle themes that are already installed as installed themes. + if ( in_array( $theme->slug, $installed_themes, true ) ) { + $theme->type = 'installed'; + } else { + $theme->type = $theme_action; + } + + // Set active based on customized theme. + $theme->active = ( isset( $_POST['customized_theme'] ) && $_POST['customized_theme'] === $theme->slug ); + + // Map available theme properties to installed theme properties. + $theme->id = $theme->slug; + $theme->screenshot = array( $theme->screenshot_url ); + $theme->authorAndUri = $theme->author; + // The .org API can return the full parent theme details if passed the 'parent' arg, or if passed the 'template' option it'll return that in the event it's a child theme. + if ( isset( $theme->parent ) ) { + $theme->parent = $theme->parent['slug']; + } else { + $theme->parent = false; + } + unset( $theme->slug ); + unset( $theme->screenshot_url ); + unset( $theme->author ); + } // End foreach(). + } // End if(). + + /** + * Filters the theme data loaded in the customizer. + * + * This allows theme data to be loading from an external source, + * or modification of data loaded from `wp_prepare_themes_for_js()` + * or WordPress.org via `themes_api()`. + * + * @since 4.9.0 + * + * @see wp_prepare_themes_for_js() + * @see themes_api() + * @see WP_Customize_Manager::__construct() + * + * @param array $themes Nested array of theme data. + * @param array $args List of arguments, such as page, search term, and tags to query for. + * @param WP_Customize_Manager $manager Instance of Customize manager. + */ + $themes = apply_filters( 'customize_load_themes', $themes, $args, $this ); + + wp_send_json_success( $themes ); + } + + + /** * Callback for validating the header_textcolor value. * * Accepts 'blank', and otherwise uses sanitize_hex_color_no_hash(). @@ -1513,7 +5542,7 @@ * @since 3.4.0 * * @param string $color - * @return string + * @return mixed */ public function _sanitize_header_textcolor( $color ) { if ( 'blank' === $color ) @@ -1525,67 +5554,148 @@ return $color; } -} - -/** - * Sanitizes a hex color. - * - * Returns either '', a 3 or 6 digit hex color (with #), or null. - * For sanitizing values without a #, see sanitize_hex_color_no_hash(). - * - * @since 3.4.0 - * - * @param string $color - * @return string|null - */ -function sanitize_hex_color( $color ) { - if ( '' === $color ) - return ''; - - // 3 or 6 hex digits, or the empty string. - if ( preg_match('|^#([A-Fa-f0-9]{3}){1,2}$|', $color ) ) - return $color; - - return null; + + /** + * Callback for validating a background setting value. + * + * @since 4.7.0 + * + * @param string $value Repeat value. + * @param WP_Customize_Setting $setting Setting. + * @return string|WP_Error Background value or validation error. + */ + public function _sanitize_background_setting( $value, $setting ) { + if ( 'background_repeat' === $setting->id ) { + if ( ! in_array( $value, array( 'repeat-x', 'repeat-y', 'repeat', 'no-repeat' ) ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background repeat.' ) ); + } + } elseif ( 'background_attachment' === $setting->id ) { + if ( ! in_array( $value, array( 'fixed', 'scroll' ) ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background attachment.' ) ); + } + } elseif ( 'background_position_x' === $setting->id ) { + if ( ! in_array( $value, array( 'left', 'center', 'right' ), true ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background position X.' ) ); + } + } elseif ( 'background_position_y' === $setting->id ) { + if ( ! in_array( $value, array( 'top', 'center', 'bottom' ), true ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background position Y.' ) ); + } + } elseif ( 'background_size' === $setting->id ) { + if ( ! in_array( $value, array( 'auto', 'contain', 'cover' ), true ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background size.' ) ); + } + } elseif ( 'background_preset' === $setting->id ) { + if ( ! in_array( $value, array( 'default', 'fill', 'fit', 'repeat', 'custom' ), true ) ) { + return new WP_Error( 'invalid_value', __( 'Invalid value for background size.' ) ); + } + } elseif ( 'background_image' === $setting->id || 'background_image_thumb' === $setting->id ) { + $value = empty( $value ) ? '' : esc_url_raw( $value ); + } else { + return new WP_Error( 'unrecognized_setting', __( 'Unrecognized background setting.' ) ); + } + return $value; + } + + /** + * Export header video settings to facilitate selective refresh. + * + * @since 4.7.0 + * + * @param array $response Response. + * @param WP_Customize_Selective_Refresh $selective_refresh Selective refresh component. + * @param array $partials Array of partials. + * @return array + */ + public function export_header_video_settings( $response, $selective_refresh, $partials ) { + if ( isset( $partials['custom_header'] ) ) { + $response['custom_header_settings'] = get_header_video_settings(); + } + + return $response; + } + + /** + * Callback for validating the header_video value. + * + * Ensures that the selected video is less than 8MB and provides an error message. + * + * @since 4.7.0 + * + * @param WP_Error $validity + * @param mixed $value + * @return mixed + */ + public function _validate_header_video( $validity, $value ) { + $video = get_attached_file( absint( $value ) ); + if ( $video ) { + $size = filesize( $video ); + if ( 8 < $size / pow( 1024, 2 ) ) { // Check whether the size is larger than 8MB. + $validity->add( 'size_too_large', + __( 'This video file is too large to use as a header video. Try a shorter video or optimize the compression settings and re-upload a file that is less than 8MB. Or, upload your video to YouTube and link it with the option below.' ) + ); + } + if ( '.mp4' !== substr( $video, -4 ) && '.mov' !== substr( $video, -4 ) ) { // Check for .mp4 or .mov format, which (assuming h.264 encoding) are the only cross-browser-supported formats. + $validity->add( 'invalid_file_type', sprintf( + /* translators: 1: .mp4, 2: .mov */ + __( 'Only %1$s or %2$s files may be used for header video. Please convert your video file and try again, or, upload your video to YouTube and link it with the option below.' ), + '.mp4',
+ '.mov'
+ ) );
+ }
+ }
+ return $validity;
+ }
+
+ /**
+ * Callback for validating the external_header_video value.
+ *
+ * Ensures that the provided URL is supported.
+ *
+ * @since 4.7.0
+ *
+ * @param WP_Error $validity
+ * @param mixed $value
+ * @return mixed
+ */
+ public function _validate_external_header_video( $validity, $value ) {
+ $video = esc_url_raw( $value );
+ if ( $video ) {
+ if ( ! preg_match( '#^https?://(?:www\.)?(?:youtube\.com/watch|youtu\.be/)#', $video ) ) {
+ $validity->add( 'invalid_url', __( 'Please enter a valid YouTube URL.' ) );
+ }
+ }
+ return $validity;
+ }
+
+ /**
+ * Callback for sanitizing the external_header_video value.
+ *
+ * @since 4.7.1
+ *
+ * @param string $value URL.
+ * @return string Sanitized URL.
+ */
+ public function _sanitize_external_header_video( $value ) {
+ return esc_url_raw( trim( $value ) );
+ }
+
+ /**
+ * Callback for rendering the custom logo, used in the custom_logo partial.
+ *
+ * This method exists because the partial object and context data are passed
+ * into a partial's render_callback so we cannot use get_custom_logo() as
+ * the render_callback directly since it expects a blog ID as the first
+ * argument. When WP no longer supports PHP 5.3, this method can be removed
+ * in favor of an anonymous function.
+ *
+ * @see WP_Customize_Manager::register_controls()
+ *
+ * @since 4.5.0
+ *
+ * @return string Custom logo.
+ */
+ public function _render_custom_logo_partial() {
+ return get_custom_logo();
+ }
}
-
-/**
- * Sanitizes a hex color without a hash. Use sanitize_hex_color() when possible.
- *
- * Saving hex colors without a hash puts the burden of adding the hash on the
- * UI, which makes it difficult to use or upgrade to other color types such as
- * rgba, hsl, rgb, and html color names.
- *
- * Returns either '', a 3 or 6 digit hex color (without a #), or null.
- *
- * @since 3.4.0
- *
- * @param string $color
- * @return string|null
- */
-function sanitize_hex_color_no_hash( $color ) {
- $color = ltrim( $color, '#' );
-
- if ( '' === $color )
- return '';
-
- return sanitize_hex_color( '#' . $color ) ? $color : null;
-}
-
-/**
- * Ensures that any hex color is properly hashed.
- * Otherwise, returns value untouched.
- *
- * This method should only be necessary if using sanitize_hex_color_no_hash().
- *
- * @since 3.4.0
- *
- * @param string $color
- * @return string
- */
-function maybe_hash_hex_color( $color ) {
- if ( $unhashed = sanitize_hex_color_no_hash( $color ) )
- return '#' . $unhashed;
-
- return $color;
-}