PHP Cross Reference of WordPress Subversion HEAD |
| [ Index ] [ Classes ] [ Functions ] [ Variables ] [ Constants ] |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* These functions can be replaced via plugins. They are loaded after 4 plugins are loaded. */ 5 6 if ( !function_exists('set_current_user') ) : 7 function set_current_user($id, $name = '') { 8 return wp_set_current_user($id, $name); 9 } 10 endif; 11 12 if ( !function_exists('wp_set_current_user') ) : 13 function wp_set_current_user($id, $name = '') { 14 global $current_user; 15 16 if ( isset($current_user) && ($id == $current_user->ID) ) 17 return $current_user; 18 19 $current_user = new WP_User($id, $name); 20 21 setup_userdata($current_user->ID); 22 23 do_action('set_current_user'); 24 25 return $current_user; 26 } 27 endif; 28 29 if ( !function_exists('wp_get_current_user') ) : 30 function wp_get_current_user() { 31 global $current_user; 32 33 get_currentuserinfo(); 34 35 return $current_user; 36 } 37 endif; 38 39 if ( !function_exists('get_currentuserinfo') ) : 40 function get_currentuserinfo() { 41 global $current_user; 42 43 if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) 44 return false; 45 46 if ( ! empty($current_user) ) 47 return; 48 49 if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) || 50 !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) { 51 wp_set_current_user(0); 52 return false; 53 } 54 55 $user_login = $_COOKIE[USER_COOKIE]; 56 wp_set_current_user(0, $user_login); 57 } 58 endif; 59 60 if ( !function_exists('get_userdata') ) : 61 function get_userdata( $user_id ) { 62 global $wpdb; 63 64 $user_id = abs(intval($user_id)); 65 if ( $user_id == 0 ) 66 return false; 67 68 $user = wp_cache_get($user_id, 'users'); 69 70 if ( '0' === $user ) 71 return false; 72 else if ( $user ) 73 return $user; 74 75 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE ID = %d LIMIT 1", $user_id)) ) { 76 wp_cache_add($user_id, 0, 'users'); 77 return false; 78 } 79 80 _fill_user($user); 81 82 return $user; 83 } 84 endif; 85 86 if ( !function_exists('update_user_cache') ) : 87 function update_user_cache() { 88 return true; 89 } 90 endif; 91 92 if ( !function_exists('get_userdatabylogin') ) : 93 function get_userdatabylogin($user_login) { 94 global $wpdb; 95 $user_login = sanitize_user( $user_login ); 96 97 if ( empty( $user_login ) ) 98 return false; 99 100 $user_id = wp_cache_get($user_login, 'userlogins'); 101 if ( '0' === $user_id ) 102 return false; 103 104 $user = false; 105 if ( false !== $user_id ) 106 $user = wp_cache_get($user_id, 'users'); 107 108 if ( false !== $user ) 109 return $user; 110 111 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_login = %s", $user_login)) ) { 112 wp_cache_add($user_login, 0, 'userlogins'); 113 return false; 114 } 115 116 _fill_user($user); 117 118 return $user; 119 } 120 endif; 121 122 if ( !function_exists('get_user_by_email') ) : 123 function get_user_by_email($email) { 124 global $wpdb; 125 126 $user_id = wp_cache_get($email, 'useremail'); 127 128 if ( '0' === $user_id ) 129 return false; 130 131 $user = false; 132 if ( false !== $user_id ) 133 $user = wp_cache_get($user_id, 'users'); 134 135 if ( false !== $user ) 136 return $user; 137 138 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_email = %s", $email)) ) { 139 wp_cache_add($email, 0, 'useremail'); 140 return false; 141 } 142 143 _fill_user($user); 144 145 return $user; 146 } 147 endif; 148 149 if ( !function_exists( 'wp_mail' ) ) : 150 function wp_mail( $to, $subject, $message, $headers = '' ) { 151 // Compact the input, apply the filters, and extract them back out 152 extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers' ) ) ); 153 154 global $phpmailer; 155 156 // (Re)create it, if it's gone missing 157 if ( !is_object( $phpmailer ) || !is_a( $phpmailer, 'PHPMailer' ) ) { 158 require_once ABSPATH . WPINC . '/class-phpmailer.php'; 159 require_once ABSPATH . WPINC . '/class-smtp.php'; 160 $phpmailer = new PHPMailer(); 161 } 162 163 // Headers 164 if ( empty( $headers ) ) { 165 $headers = array(); 166 } elseif ( !is_array( $headers ) ) { 167 // Explode the headers out, so this function can take both 168 // string headers and an array of headers. 169 $tempheaders = (array) explode( "\n", $headers ); 170 $headers = array(); 171 172 // If it's actually got contents 173 if ( !empty( $tempheaders ) ) { 174 // Iterate through the raw headers 175 foreach ( $tempheaders as $header ) { 176 if ( strpos($header, ':') === false ) 177 continue; 178 // Explode them out 179 list( $name, $content ) = explode( ':', trim( $header ), 2 ); 180 181 // Cleanup crew 182 $name = trim( $name ); 183 $content = trim( $content ); 184 185 // Mainly for legacy -- process a From: header if it's there 186 if ( 'from' == strtolower($name) ) { 187 if ( strpos($content, '<' ) !== false ) { 188 // So... making my life hard again? 189 $from_name = substr( $content, 0, strpos( $content, '<' ) - 1 ); 190 $from_name = str_replace( '"', '', $from_name ); 191 $from_name = trim( $from_name ); 192 193 $from_email = substr( $content, strpos( $content, '<' ) + 1 ); 194 $from_email = str_replace( '>', '', $from_email ); 195 $from_email = trim( $from_email ); 196 } else { 197 $from_name = trim( $content ); 198 } 199 } elseif ( 'content-type' == strtolower($name) ) { 200 if ( strpos( $content,';' ) !== false ) { 201 list( $type, $charset ) = explode( ';', $content ); 202 $content_type = trim( $type ); 203 $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset ) ); 204 } else { 205 $content_type = trim( $content ); 206 } 207 } else { 208 // Add it to our grand headers array 209 $headers[trim( $name )] = trim( $content ); 210 } 211 } 212 } 213 } 214 215 // Empty out the values that may be set 216 $phpmailer->ClearAddresses(); 217 $phpmailer->ClearAllRecipients(); 218 $phpmailer->ClearAttachments(); 219 $phpmailer->ClearBCCs(); 220 $phpmailer->ClearCCs(); 221 $phpmailer->ClearCustomHeaders(); 222 $phpmailer->ClearReplyTos(); 223 224 // From email and name 225 // If we don't have a name from the input headers 226 if ( !isset( $from_name ) ) { 227 $from_name = 'WordPress'; 228 } 229 230 // If we don't have an email from the input headers 231 if ( !isset( $from_email ) ) { 232 // Get the site domain and get rid of www. 233 $sitename = strtolower( $_SERVER['SERVER_NAME'] ); 234 if ( substr( $sitename, 0, 4 ) == 'www.' ) { 235 $sitename = substr( $sitename, 4 ); 236 } 237 238 $from_email = 'wordpress@' . $sitename; 239 } 240 241 // Set the from name and email 242 $phpmailer->From = apply_filters( 'wp_mail_from', $from_email ); 243 $phpmailer->Sender = apply_filters( 'wp_mail_from', $from_email ); 244 $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name ); 245 246 // Set destination address 247 $phpmailer->AddAddress( $to ); 248 249 // Set mail's subject and body 250 $phpmailer->Subject = $subject; 251 $phpmailer->Body = $message; 252 253 // Set to use PHP's mail() 254 $phpmailer->IsMail(); 255 256 // Set Content-Type and charset 257 // If we don't have a content-type from the input headers 258 if ( !isset( $content_type ) ) { 259 $content_type = 'text/plain'; 260 } 261 262 $content_type = apply_filters( 'wp_mail_content_type', $content_type ); 263 264 // Set whether it's plaintext or not, depending on $content_type 265 if ( $content_type == 'text/html' ) { 266 $phpmailer->IsHTML( true ); 267 } else { 268 $phpmailer->IsHTML( false ); 269 } 270 271 // If we don't have a charset from the input headers 272 if ( !isset( $charset ) ) { 273 $charset = get_bloginfo( 'charset' ); 274 } 275 276 // Set the content-type and charset 277 $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset ); 278 279 // Set custom headers 280 if ( !empty( $headers ) ) { 281 foreach ( $headers as $name => $content ) { 282 $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) ); 283 } 284 } 285 286 do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) ); 287 288 // Send! 289 $result = @$phpmailer->Send(); 290 291 return $result; 292 } 293 endif; 294 295 if ( !function_exists('wp_login') ) : 296 function wp_login($username, $password, $already_md5 = false) { 297 global $wpdb, $error; 298 299 $username = sanitize_user($username); 300 301 if ( '' == $username ) 302 return false; 303 304 if ( '' == $password ) { 305 $error = __('<strong>ERROR</strong>: The password field is empty.'); 306 return false; 307 } 308 309 $login = get_userdatabylogin($username); 310 311 if ( !$login || ($login->user_login != $username) ) { 312 $error = __('<strong>ERROR</strong>: Invalid username.'); 313 return false; 314 } 315 316 // If the password is already_md5, it has been double hashed. 317 // Otherwise, it is plain text. 318 if ( !$already_md5 ) { 319 if ( wp_check_password($password, $login->user_pass) ) { 320 // If using old md5 password, rehash. 321 if ( strlen($login->user_pass) <= 32 ) { 322 $hash = wp_hash_password($password); 323 $wpdb->query("UPDATE $wpdb->users SET user_pass = '$hash', user_activation_key = '' WHERE ID = '$login->ID'"); 324 wp_cache_delete($login->ID, 'users'); 325 } 326 327 return true; 328 } 329 } else { 330 if ( md5($login->user_pass) == $password ) 331 return true; 332 } 333 334 $error = __('<strong>ERROR</strong>: Incorrect password.'); 335 return false; 336 } 337 endif; 338 339 if ( !function_exists('is_user_logged_in') ) : 340 function is_user_logged_in() { 341 $user = wp_get_current_user(); 342 343 if ( $user->id == 0 ) 344 return false; 345 346 return true; 347 } 348 endif; 349 350 if ( !function_exists('auth_redirect') ) : 351 function auth_redirect() { 352 // Checks if a user is logged in, if not redirects them to the login page 353 if ( (!empty($_COOKIE[USER_COOKIE]) && 354 !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || 355 (empty($_COOKIE[USER_COOKIE])) ) { 356 nocache_headers(); 357 358 wp_redirect(get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI'])); 359 exit(); 360 } 361 } 362 endif; 363 364 if ( !function_exists('check_admin_referer') ) : 365 function check_admin_referer($action = -1) { 366 $adminurl = strtolower(get_option('siteurl')).'/wp-admin'; 367 $referer = strtolower(wp_get_referer()); 368 if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) && 369 !(-1 == $action && strpos($referer, $adminurl) !== false)) { 370 wp_nonce_ays($action); 371 die(); 372 } 373 do_action('check_admin_referer', $action); 374 }endif; 375 376 if ( !function_exists('check_ajax_referer') ) : 377 function check_ajax_referer( $action = -1 ) { 378 $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; 379 if ( !wp_verify_nonce( $nonce, $action ) ) { 380 $current_name = ''; 381 if ( ( $current = wp_get_current_user() ) && $current->ID ) 382 $current_name = $current->data->user_login; 383 if ( !$current_name ) 384 die('-1'); 385 386 $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie 387 foreach ( $cookie as $tasty ) { 388 if ( false !== strpos($tasty, USER_COOKIE) ) 389 $user = substr(strstr($tasty, '='), 1); 390 if ( false !== strpos($tasty, PASS_COOKIE) ) 391 $pass = substr(strstr($tasty, '='), 1); 392 } 393 394 if ( $current_name != $user || !wp_login( $user, $pass, true ) ) 395 die('-1'); 396 } 397 do_action('check_ajax_referer'); 398 } 399 endif; 400 401 // Cookie safe redirect. Works around IIS Set-Cookie bug. 402 // http://support.microsoft.com/kb/q176113/ 403 if ( !function_exists('wp_redirect') ) : 404 function wp_redirect($location, $status = 302) { 405 global $is_IIS; 406 407 $location = apply_filters('wp_redirect', $location, $status); 408 409 if ( !$location ) // allows the wp_redirect filter to cancel a redirect 410 return false; 411 412 $location = wp_sanitize_redirect($location); 413 414 if ( $is_IIS ) { 415 header("Refresh: 0;url=$location"); 416 } else { 417 if ( php_sapi_name() != 'cgi-fcgi' ) 418 status_header($status); // This causes problems on IIS and some FastCGI setups 419 header("Location: $location"); 420 } 421 } 422 endif; 423 424 if ( !function_exists('wp_sanitize_redirect') ) : 425 /** 426 * sanitizes a URL for use in a redirect 427 * @return string redirect-sanitized URL 428 **/ 429 function wp_sanitize_redirect($location) { 430 $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location); 431 $location = wp_kses_no_null($location); 432 433 // remove %0d and %0a from location 434 $strip = array('%0d', '%0a'); 435 $found = true; 436 while($found) { 437 $found = false; 438 foreach($strip as $val) { 439 while(strpos($location, $val) !== false) { 440 $found = true; 441 $location = str_replace($val, '', $location); 442 } 443 } 444 } 445 return $location; 446 } 447 endif; 448 449 if ( !function_exists('wp_safe_redirect') ) : 450 /** 451 * performs a safe (local) redirect, using wp_redirect() 452 * @return void 453 **/ 454 function wp_safe_redirect($location, $status = 302) { 455 456 // Need to look at the URL the way it will end up in wp_redirect() 457 $location = wp_sanitize_redirect($location); 458 459 // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//' 460 if ( substr($location, 0, 2) == '//' ) 461 $location = 'http:' . $location; 462 463 $lp = parse_url($location); 464 $wpp = parse_url(get_option('home')); 465 466 $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), $lp['host']); 467 468 if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) ) 469 $location = get_option('siteurl') . '/wp-admin/'; 470 471 wp_redirect($location, $status); 472 } 473 endif; 474 475 if ( !function_exists('wp_get_cookie_login') ): 476 function wp_get_cookie_login() { 477 if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) ) 478 return false; 479 480 return array('login' => $_COOKIE[USER_COOKIE], 'password' => $_COOKIE[PASS_COOKIE]); 481 } 482 483 endif; 484 485 if ( !function_exists('wp_setcookie') ) : 486 function wp_setcookie($username, $password, $already_md5 = false, $home = '', $siteurl = '', $remember = false) { 487 $user = get_userdatabylogin($username); 488 if ( !$already_md5) { 489 $password = md5($user->user_pass); // Double hash the password in the cookie. 490 } 491 492 if ( empty($home) ) 493 $cookiepath = COOKIEPATH; 494 else 495 $cookiepath = preg_replace('|https?://[^/]+|i', '', $home . '/' ); 496 497 if ( empty($siteurl) ) { 498 $sitecookiepath = SITECOOKIEPATH; 499 $cookiehash = COOKIEHASH; 500 } else { 501 $sitecookiepath = preg_replace('|https?://[^/]+|i', '', $siteurl . '/' ); 502 $cookiehash = md5($siteurl); 503 } 504 505 if ( $remember ) 506 $expire = time() + 31536000;