[360] | 1 | <?php
|
---|
| 2 | // wp_login override for wp2.3 under
|
---|
| 3 | if ( !function_exists('wp_login') && version_compare($xoops_config->wp_version,'2.3', '<')) :
|
---|
| 4 | function wp_login($username, $password, $already_md5 = false) {
|
---|
| 5 | global $wpdb, $error;
|
---|
| 6 |
|
---|
| 7 |
|
---|
| 8 | if(is_object($GLOBALS["xoopsModule"]) && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
|
---|
| 9 | if(!is_object($GLOBALS["xoopsUser"])){
|
---|
| 10 | wp_clearcookie();
|
---|
| 11 | return false;
|
---|
| 12 | }
|
---|
| 13 | }
|
---|
| 14 |
|
---|
| 15 | $username = sanitize_user($username);
|
---|
| 16 |
|
---|
| 17 | if ( '' == $username )
|
---|
| 18 | return false;
|
---|
| 19 |
|
---|
| 20 | if ( '' == $password ) {
|
---|
| 21 | $error = __('<strong>ERROR</strong>: The password field is empty.');
|
---|
| 22 | return false;
|
---|
| 23 | }
|
---|
| 24 |
|
---|
| 25 | $login = get_userdatabylogin($username);
|
---|
| 26 | //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");
|
---|
| 27 |
|
---|
| 28 | if (!$login) {
|
---|
| 29 | $error = __('<strong>ERROR</strong>: Invalid username.');
|
---|
| 30 | return false;
|
---|
| 31 | } else {
|
---|
| 32 | if ($login->user_login == $username) {
|
---|
| 33 | if ($login->user_pass == $password) return true;
|
---|
| 34 | if ($login->user_pass == md5($password)) return true;
|
---|
| 35 | }
|
---|
| 36 |
|
---|
| 37 | $error = __('<strong>ERROR</strong>: Incorrect password.');
|
---|
| 38 | $pwd = '';
|
---|
| 39 | return false;
|
---|
| 40 | }
|
---|
| 41 | }
|
---|
| 42 | endif;
|
---|
| 43 |
|
---|
| 44 | // Under WP2.1
|
---|
| 45 | if (version_compare($xoops_config->wp_version,'2.1', '<')) :
|
---|
| 46 | // ADD WP 2.1.0
|
---|
| 47 | function the_modified_date($d = '') {
|
---|
| 48 | echo apply_filters('the_modified_date', get_the_modified_date($d), $d);
|
---|
| 49 | }
|
---|
| 50 |
|
---|
| 51 | // ADD WP 2.1.0
|
---|
| 52 | function get_the_modified_date($d = '') {
|
---|
| 53 | if ( '' == $d )
|
---|
| 54 | $the_time = get_post_modified_time(get_option('date_format'));
|
---|
| 55 | else
|
---|
| 56 | $the_time = get_post_modified_time($d);
|
---|
| 57 | return apply_filters('get_the_modified_date', $the_time, $d);
|
---|
| 58 | }
|
---|
| 59 | endif; // Under WP2.1
|
---|
| 60 |
|
---|
| 61 | // Under WP2.2
|
---|
| 62 | if (version_compare($xoops_config->wp_version,'2.2', '<')):
|
---|
| 63 | // Added WP2.2 wp_parse_args()
|
---|
| 64 | function wp_parse_args( $args, $defaults = '' ) {
|
---|
| 65 | if ( is_object( $args ) )
|
---|
| 66 | $r = get_object_vars( $args );
|
---|
| 67 | elseif ( is_array( $args ) )
|
---|
| 68 | $r =& $args;
|
---|
| 69 | else
|
---|
| 70 | wp_parse_str( $args, $r );
|
---|
| 71 |
|
---|
| 72 | if ( is_array( $defaults ) )
|
---|
| 73 | return array_merge( $defaults, $r );
|
---|
| 74 | return $r;
|
---|
| 75 | }
|
---|
| 76 | // Added WP2.2 translate()
|
---|
| 77 | function translate($text, $domain = 'default') {
|
---|
| 78 | global $l10n;
|
---|
| 79 |
|
---|
| 80 | if (isset($l10n[$domain]))
|
---|
| 81 | return apply_filters('gettext', $l10n[$domain]->translate($text), $text, $domain);
|
---|
| 82 | else
|
---|
| 83 | return apply_filters('gettext', $text, $text, $domain);
|
---|
| 84 | }
|
---|
| 85 |
|
---|
| 86 | // Added WP2.2 translate_with_context()
|
---|
| 87 | function before_last_bar( $string ) {
|
---|
| 88 | $last_bar = strrpos( $string, '|' );
|
---|
| 89 | if ( false == $last_bar )
|
---|
| 90 | return $string;
|
---|
| 91 | else
|
---|
| 92 | return substr( $string, 0, $last_bar );
|
---|
| 93 | }
|
---|
| 94 | endif; // Under WP2.2
|
---|
| 95 |
|
---|
| 96 | // Under WP2.2.1
|
---|
| 97 | if (version_compare($xoops_config->wp_version,'2.2.1', '<')) :
|
---|
| 98 | // Added WP2.2.1 wp_parse_str()
|
---|
| 99 | function wp_parse_str( $string, &$array ) {
|
---|
| 100 | parse_str( $string, $array );
|
---|
| 101 | if ( get_magic_quotes_gpc() )
|
---|
| 102 | $array = stripslashes_deep( $array );
|
---|
| 103 | $array = apply_filters( 'wp_parse_str', $array );
|
---|
| 104 | }
|
---|
| 105 |
|
---|
| 106 | endif; // Under WP2.2.1
|
---|
| 107 |
|
---|
| 108 | // Under WP2.3
|
---|
| 109 | if (version_compare($xoops_config->wp_version,'2.3', '<')) :
|
---|
| 110 | if ( !function_exists('wp_sanitize_redirect') ) :
|
---|
| 111 | /**
|
---|
| 112 | * Sanitizes a URL for use in a redirect.
|
---|
| 113 | *
|
---|
| 114 | * @since 2.3
|
---|
| 115 | *
|
---|
| 116 | * @return string redirect-sanitized URL
|
---|
| 117 | **/
|
---|
| 118 | function wp_sanitize_redirect($location) {
|
---|
| 119 | $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
|
---|
| 120 | $location = wp_kses_no_null($location);
|
---|
| 121 |
|
---|
| 122 | // remove %0d and %0a from location
|
---|
| 123 | $strip = array('%0d', '%0a');
|
---|
| 124 | $found = true;
|
---|
| 125 | while($found) {
|
---|
| 126 | $found = false;
|
---|
| 127 | foreach( (array) $strip as $val ) {
|
---|
| 128 | while(strpos($location, $val) !== false) {
|
---|
| 129 | $found = true;
|
---|
| 130 | $location = str_replace($val, '', $location);
|
---|
| 131 | }
|
---|
| 132 | }
|
---|
| 133 | }
|
---|
| 134 | return $location;
|
---|
| 135 | }
|
---|
| 136 | endif;
|
---|
| 137 |
|
---|
| 138 | if ( !function_exists('wp_sanitize_redirect') ) :
|
---|
| 139 | /**
|
---|
| 140 | * Sanitizes a URL for use in a redirect.
|
---|
| 141 | *
|
---|
| 142 | * @since 2.3
|
---|
| 143 | *
|
---|
| 144 | * @return string redirect-sanitized URL
|
---|
| 145 | **/
|
---|
| 146 | function wp_sanitize_redirect($location) {
|
---|
| 147 | $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
|
---|
| 148 | $location = wp_kses_no_null($location);
|
---|
| 149 |
|
---|
| 150 | // remove %0d and %0a from location
|
---|
| 151 | $strip = array('%0d', '%0a');
|
---|
| 152 | $found = true;
|
---|
| 153 | while($found) {
|
---|
| 154 | $found = false;
|
---|
| 155 | foreach( (array) $strip as $val ) {
|
---|
| 156 | while(strpos($location, $val) !== false) {
|
---|
| 157 | $found = true;
|
---|
| 158 | $location = str_replace($val, '', $location);
|
---|
| 159 | }
|
---|
| 160 | }
|
---|
| 161 | }
|
---|
| 162 | return $location;
|
---|
| 163 | }
|
---|
| 164 | endif;
|
---|
| 165 |
|
---|
| 166 | endif; // Under WP2.3
|
---|
| 167 |
|
---|
| 168 | // Under WP2.5
|
---|
| 169 | if (version_compare($xoops_config->wp_version,'2.5', '<')) :
|
---|
| 170 | // Added WP2.5 absint()
|
---|
| 171 | function absint( $maybeint ) {
|
---|
| 172 | return abs( intval( $maybeint ) );
|
---|
| 173 | }
|
---|
| 174 | // Added WP2.5 translate_with_context()
|
---|
| 175 | function translate_with_context( $text, $domain = 'default' ) {
|
---|
| 176 | return before_last_bar(translate( $text, $domain ) );
|
---|
| 177 | }
|
---|
| 178 | /**
|
---|
| 179 | * @ignore
|
---|
| 180 | */
|
---|
| 181 | function _c() {}
|
---|
[378] | 182 |
|
---|
| 183 | if ( !function_exists('wp_logout') ) {
|
---|
| 184 | function wp_logout() {
|
---|
| 185 | wp_clear_auth_cookie();
|
---|
| 186 | do_action('wp_logout');
|
---|
| 187 | }
|
---|
| 188 | }
|
---|
[360] | 189 |
|
---|
[378] | 190 |
|
---|
[360] | 191 | endif; // Under WP2.5
|
---|
| 192 |
|
---|
| 193 | // Under WP2.7
|
---|
[454] | 194 | if (version_compare($xoops_config->wp_version,'2.6', '<')) :
|
---|
| 195 | /**
|
---|
| 196 | * Guess the URL for the site.
|
---|
| 197 | *
|
---|
| 198 | * Will remove wp-admin links to retrieve only return URLs not in the wp-admin
|
---|
| 199 | * directory.
|
---|
| 200 | *
|
---|
| 201 | * @since 2.6.0
|
---|
| 202 | *
|
---|
| 203 | * @return string
|
---|
| 204 | */
|
---|
| 205 | function wp_guess_url() {
|
---|
| 206 | if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
|
---|
| 207 | $url = WP_SITEURL;
|
---|
| 208 | } else {
|
---|
| 209 | $schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
|
---|
| 210 | $url = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
---|
| 211 | }
|
---|
| 212 | return $url;
|
---|
| 213 | }
|
---|
| 214 | endif; // Under WP2.6
|
---|
| 215 |
|
---|
| 216 | // Under WP2.7
|
---|
[360] | 217 | if (version_compare($xoops_config->wp_version,'2.7', '<')) :
|
---|
| 218 | // Added WP2.7 separate_comments()
|
---|
| 219 | function &separate_comments(&$comments) {
|
---|
| 220 | $comments_by_type = array('comment' => array(), 'trackback' => array(), 'pingback' => array(), 'pings' => array());
|
---|
| 221 | $count = count($comments);
|
---|
| 222 | for ( $i = 0; $i < $count; $i++ ) {
|
---|
| 223 | $type = $comments[$i]->comment_type;
|
---|
| 224 | if ( empty($type) )
|
---|
| 225 | $type = 'comment';
|
---|
| 226 | $comments_by_type[$type][] = &$comments[$i];
|
---|
| 227 | if ( 'trackback' == $type || 'pingback' == $type )
|
---|
| 228 | $comments_by_type['pings'][] = &$comments[$i];
|
---|
| 229 | }
|
---|
| 230 |
|
---|
| 231 | return $comments_by_type;
|
---|
| 232 | }
|
---|
| 233 |
|
---|
| 234 | // Added WP2.7 get_comments()
|
---|
| 235 | function get_comments( $args = '' ) {
|
---|
| 236 | global $wpdb;
|
---|
| 237 |
|
---|
| 238 | $defaults = array('status' => '', 'orderby' => 'comment_date_gmt', 'order' => 'DESC', 'number' => '', 'offset' => '', 'post_id' => 0);
|
---|
| 239 |
|
---|
| 240 | $args = wp_parse_args( $args, $defaults );
|
---|
| 241 | extract( $args, EXTR_SKIP );
|
---|
| 242 |
|
---|
| 243 | // $args can be whatever, only use the args defined in defaults to compute the key
|
---|
| 244 | $key = md5( serialize( compact(array_keys($defaults)) ) );
|
---|
| 245 | $last_changed = wp_cache_get('last_changed', 'comment');
|
---|
| 246 | if ( !$last_changed ) {
|
---|
| 247 | $last_changed = time();
|
---|
| 248 | wp_cache_set('last_changed', $last_changed, 'comment');
|
---|
| 249 | }
|
---|
| 250 | $cache_key = "get_comments:$key:$last_changed";
|
---|
| 251 |
|
---|
| 252 | if ( $cache = wp_cache_get( $cache_key, 'comment' ) ) {
|
---|
| 253 | return $cache;
|
---|
| 254 | }
|
---|
| 255 |
|
---|
| 256 | $post_id = absint($post_id);
|
---|
| 257 |
|
---|
| 258 | if ( 'hold' == $status )
|
---|
| 259 | $approved = "comment_approved = '0'";
|
---|
| 260 | elseif ( 'approve' == $status )
|
---|
| 261 | $approved = "comment_approved = '1'";
|
---|
| 262 | elseif ( 'spam' == $status )
|
---|
| 263 | $approved = "comment_approved = 'spam'";
|
---|
| 264 | else
|
---|
| 265 | $approved = "( comment_approved = '0' OR comment_approved = '1' )";
|
---|
| 266 |
|
---|
| 267 | $order = ( 'ASC' == $order ) ? 'ASC' : 'DESC';
|
---|
| 268 |
|
---|
| 269 | $orderby = 'comment_date_gmt'; // Hard code for now
|
---|
| 270 |
|
---|
| 271 | $number = absint($number);
|
---|
| 272 | $offset = absint($offset);
|
---|
| 273 |
|
---|
| 274 | if ( !empty($number) ) {
|
---|
| 275 | if ( $offset )
|
---|
| 276 | $number = 'LIMIT ' . $offset . ',' . $number;
|
---|
| 277 | else
|
---|
| 278 | $number = 'LIMIT ' . $number;
|
---|
| 279 |
|
---|
| 280 | } else {
|
---|
| 281 | $number = '';
|
---|
| 282 | }
|
---|
| 283 |
|
---|
| 284 | if ( ! empty($post_id) )
|
---|
| 285 | $post_where = "comment_post_ID = $post_id AND" ;
|
---|
| 286 | else
|
---|
| 287 | $post_where = '';
|
---|
| 288 |
|
---|
| 289 | $comments = $wpdb->get_results( "SELECT * FROM $wpdb->comments WHERE $post_where $approved ORDER BY $orderby $order $number" );
|
---|
| 290 | wp_cache_add( $cache_key, $comments, 'comment' );
|
---|
| 291 |
|
---|
| 292 | return $comments;
|
---|
| 293 | }
|
---|
| 294 |
|
---|
| 295 | // Added WP2.7 absint()
|
---|
| 296 | function locate_template($template_names, $load = false) {
|
---|
| 297 | if (!is_array($template_names))
|
---|
| 298 | return '';
|
---|
| 299 |
|
---|
| 300 | $located = '';
|
---|
| 301 | foreach($template_names as $template_name) {
|
---|
| 302 | if ( file_exists(STYLESHEETPATH . '/' . $template_name)) {
|
---|
| 303 | $located = STYLESHEETPATH . '/' . $template_name;
|
---|
| 304 | break;
|
---|
| 305 | } else if ( file_exists(TEMPLATEPATH . '/' . $template_name) ) {
|
---|
| 306 | $located = TEMPLATEPATH . '/' . $template_name;
|
---|
| 307 | break;
|
---|
| 308 | }
|
---|
| 309 | }
|
---|
| 310 |
|
---|
| 311 | if ($load && '' != $located)
|
---|
| 312 | load_template($located);
|
---|
| 313 |
|
---|
| 314 | return $located;
|
---|
| 315 | }
|
---|
| 316 | // Added WP2.7 post_password_required()
|
---|
| 317 | function post_password_required( $post = null ) {
|
---|
| 318 | $post = get_post($post);
|
---|
| 319 |
|
---|
| 320 | if ( empty($post->post_password) )
|
---|
| 321 | return false;
|
---|
| 322 |
|
---|
| 323 | if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
|
---|
| 324 | return true;
|
---|
| 325 |
|
---|
| 326 | if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
|
---|
| 327 | return true;
|
---|
| 328 |
|
---|
| 329 | return false;
|
---|
| 330 | }
|
---|
| 331 | // Added WP2.7 comment_form_title()
|
---|
| 332 | function comment_form_title( $noreplytext = 'Leave a Reply', $replytext = 'Leave a Reply to %s', $linktoparent = TRUE ) {
|
---|
| 333 | global $comment;
|
---|
| 334 |
|
---|
| 335 | $replytoid = isset($_GET['replytocom']) ? (int) $_GET['replytocom'] : 0;
|
---|
| 336 |
|
---|
| 337 | if ( 0 == $replytoid )
|
---|
| 338 | echo $noreplytext;
|
---|
| 339 | else {
|
---|
| 340 | $comment = get_comment($replytoid);
|
---|
| 341 | $author = ( $linktoparent ) ? '<a href="#comment-' . get_comment_ID() . '">' . get_comment_author() . '</a>' : get_comment_author();
|
---|
| 342 | printf( $replytext, $author );
|
---|
| 343 | }
|
---|
| 344 | }
|
---|
| 345 | endif; // Under WP2.7
|
---|
[718] | 346 |
|
---|
| 347 | // Under WP2.8
|
---|
| 348 | if (version_compare($xoops_config->wp_version,'2.8', '<')) :
|
---|
| 349 | function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
|
---|
| 350 | $string = (string) $string;
|
---|
| 351 |
|
---|
| 352 | if ( 0 === strlen( $string ) ) {
|
---|
| 353 | return '';
|
---|
| 354 | }
|
---|
| 355 |
|
---|
| 356 | // Don't bother if there are no specialchars - saves some processing
|
---|
| 357 | if ( !preg_match( '/[&<>"\']/', $string ) ) {
|
---|
| 358 | return $string;
|
---|
| 359 | }
|
---|
| 360 |
|
---|
| 361 | // Account for the previous behaviour of the function when the $quote_style is not an accepted value
|
---|
| 362 | if ( empty( $quote_style ) ) {
|
---|
| 363 | $quote_style = ENT_NOQUOTES;
|
---|
| 364 | } elseif ( !in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) ) {
|
---|
| 365 | $quote_style = ENT_QUOTES;
|
---|
| 366 | }
|
---|
| 367 |
|
---|
| 368 | // Store the site charset as a static to avoid multiple calls to wp_load_alloptions()
|
---|
| 369 | if ( !$charset ) {
|
---|
| 370 | static $_charset;
|
---|
| 371 | if ( !isset( $_charset ) ) {
|
---|
| 372 | $alloptions = wp_load_alloptions();
|
---|
| 373 | $_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : '';
|
---|
| 374 | }
|
---|
| 375 | $charset = $_charset;
|
---|
| 376 | }
|
---|
| 377 | if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) ) {
|
---|
| 378 | $charset = 'UTF-8';
|
---|
| 379 | }
|
---|
| 380 |
|
---|
| 381 | $_quote_style = $quote_style;
|
---|
| 382 |
|
---|
| 383 | if ( $quote_style === 'double' ) {
|
---|
| 384 | $quote_style = ENT_COMPAT;
|
---|
| 385 | $_quote_style = ENT_COMPAT;
|
---|
| 386 | } elseif ( $quote_style === 'single' ) {
|
---|
| 387 | $quote_style = ENT_NOQUOTES;
|
---|
| 388 | }
|
---|
| 389 |
|
---|
| 390 | // Handle double encoding ourselves
|
---|
| 391 | if ( !$double_encode ) {
|
---|
| 392 | $string = wp_specialchars_decode( $string, $_quote_style );
|
---|
| 393 |
|
---|
| 394 | /* Critical */
|
---|
| 395 | // The previous line decodes &phrase; into &phrase; We must guarantee that &phrase; is valid before proceeding.
|
---|
| 396 | $string = wp_kses_normalize_entities($string);
|
---|
| 397 |
|
---|
| 398 | // Now proceed with custom double-encoding silliness
|
---|
| 399 | $string = preg_replace( '/&(#?x?[0-9a-z]+);/i', '|wp_entity|$1|/wp_entity|', $string );
|
---|
| 400 | }
|
---|
| 401 |
|
---|
| 402 | $string = @htmlspecialchars( $string, $quote_style, $charset );
|
---|
| 403 |
|
---|
| 404 | // Handle double encoding ourselves
|
---|
| 405 | if ( !$double_encode ) {
|
---|
| 406 | $string = str_replace( array( '|wp_entity|', '|/wp_entity|' ), array( '&', ';' ), $string );
|
---|
| 407 | }
|
---|
| 408 |
|
---|
| 409 | // Backwards compatibility
|
---|
| 410 | if ( 'single' === $_quote_style ) {
|
---|
| 411 | $string = str_replace( "'", ''', $string );
|
---|
| 412 | }
|
---|
| 413 |
|
---|
| 414 | return $string;
|
---|
| 415 | }
|
---|
| 416 |
|
---|
| 417 | /**
|
---|
| 418 | * Checks for invalid UTF8 in a string.
|
---|
| 419 | *
|
---|
| 420 | * @since 2.8
|
---|
| 421 | *
|
---|
| 422 | * @param string $string The text which is to be checked.
|
---|
| 423 | * @param boolean $strip Optional. Whether to attempt to strip out invalid UTF8. Default is false.
|
---|
| 424 | * @return string The checked text.
|
---|
| 425 | */
|
---|
| 426 | function wp_check_invalid_utf8( $string, $strip = false ) {
|
---|
| 427 | $string = (string) $string;
|
---|
| 428 |
|
---|
| 429 | if ( 0 === strlen( $string ) ) {
|
---|
| 430 | return '';
|
---|
| 431 | }
|
---|
| 432 |
|
---|
| 433 | // Store the site charset as a static to avoid multiple calls to get_option()
|
---|
| 434 | static $is_utf8;
|
---|
| 435 | if ( !isset( $is_utf8 ) ) {
|
---|
| 436 | $is_utf8 = in_array( get_option( 'blog_charset' ), array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) );
|
---|
| 437 | }
|
---|
| 438 | if ( !$is_utf8 ) {
|
---|
| 439 | return $string;
|
---|
| 440 | }
|
---|
| 441 |
|
---|
| 442 | // Check for support for utf8 in the installed PCRE library once and store the result in a static
|
---|
| 443 | static $utf8_pcre;
|
---|
| 444 | if ( !isset( $utf8_pcre ) ) {
|
---|
| 445 | $utf8_pcre = @preg_match( '/^./u', 'a' );
|
---|
| 446 | }
|
---|
| 447 | // We can't demand utf8 in the PCRE installation, so just return the string in those cases
|
---|
| 448 | if ( !$utf8_pcre ) {
|
---|
| 449 | return $string;
|
---|
| 450 | }
|
---|
| 451 |
|
---|
| 452 | // preg_match fails when it encounters invalid UTF8 in $string
|
---|
| 453 | if ( 1 === @preg_match( '/^./us', $string ) ) {
|
---|
| 454 | return $string;
|
---|
| 455 | }
|
---|
| 456 |
|
---|
| 457 | // Attempt to strip the bad chars if requested (not recommended)
|
---|
| 458 | if ( $strip && function_exists( 'iconv' ) ) {
|
---|
| 459 | return iconv( 'utf-8', 'utf-8', $string );
|
---|
| 460 | }
|
---|
| 461 |
|
---|
| 462 | return '';
|
---|
| 463 | }
|
---|
| 464 |
|
---|
| 465 | /**
|
---|
| 466 | * Perform a deep string replace operation to ensure the values in $search are no longer present
|
---|
| 467 | *
|
---|
| 468 | * Repeats the replacement operation until it no longer replaces anything so as to remove "nested" values
|
---|
| 469 | * e.g. $subject = '%0%0%0DDD', $search ='%0D', $result ='' rather than the '%0%0DD' that
|
---|
| 470 | * str_replace would return
|
---|
| 471 | *
|
---|
| 472 | * @since 2.8.1
|
---|
| 473 | * @access private
|
---|
| 474 | *
|
---|
| 475 | * @param string|array $search
|
---|
| 476 | * @param string $subject
|
---|
| 477 | * @return string The processed string
|
---|
| 478 | */
|
---|
| 479 | function _deep_replace( $search, $subject ) {
|
---|
| 480 | $found = true;
|
---|
| 481 | $subject = (string) $subject;
|
---|
| 482 | while ( $found ) {
|
---|
| 483 | $found = false;
|
---|
| 484 | foreach ( (array) $search as $val ) {
|
---|
| 485 | while ( strpos( $subject, $val ) !== false ) {
|
---|
| 486 | $found = true;
|
---|
| 487 | $subject = str_replace( $val, '', $subject );
|
---|
| 488 | }
|
---|
| 489 | }
|
---|
| 490 | }
|
---|
| 491 |
|
---|
| 492 | return $subject;
|
---|
| 493 | }
|
---|
| 494 |
|
---|
| 495 |
|
---|
| 496 | /* @since 2.8.0
|
---|
| 497 | * @uses wp_kses_bad_protocol() To only permit protocols in the URL set
|
---|
| 498 | * via $protocols or the common ones set in the function.
|
---|
| 499 | *
|
---|
| 500 | * @param string $url The URL to be cleaned.
|
---|
| 501 | * @param array $protocols Optional. An array of acceptable protocols.
|
---|
| 502 | * Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet' if not set.
|
---|
| 503 | * @param string $_context Private. Use esc_url_raw() for database usage.
|
---|
| 504 | * @return string The cleaned $url after the 'clean_url' filter is applied.
|
---|
| 505 | */
|
---|
| 506 | function esc_url( $url, $protocols = null, $_context = 'display' ) {
|
---|
| 507 | $original_url = $url;
|
---|
| 508 |
|
---|
| 509 | if ( '' == $url )
|
---|
| 510 | return $url;
|
---|
| 511 | $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url);
|
---|
| 512 | $strip = array('%0d', '%0a', '%0D', '%0A');
|
---|
| 513 | $url = _deep_replace($strip, $url);
|
---|
| 514 | $url = str_replace(';//', '://', $url);
|
---|
| 515 | /* If the URL doesn't appear to contain a scheme, we
|
---|
| 516 | * presume it needs http:// appended (unless a relative
|
---|
| 517 | * link starting with / or a php file).
|
---|
| 518 | */
|
---|
| 519 | if ( strpos($url, ':') === false &&
|
---|
| 520 | substr( $url, 0, 1 ) != '/' && substr( $url, 0, 1 ) != '#' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) )
|
---|
| 521 | $url = 'http://' . $url;
|
---|
| 522 |
|
---|
| 523 | // Replace ampersands and single quotes only when displaying.
|
---|
| 524 | if ( 'display' == $_context ) {
|
---|
| 525 | $url = wp_kses_normalize_entities( $url );
|
---|
| 526 | $url = str_replace( '&', '&', $url );
|
---|
| 527 | $url = str_replace( "'", ''', $url );
|
---|
| 528 | }
|
---|
| 529 |
|
---|
| 530 | if ( !is_array($protocols) )
|
---|
| 531 | $protocols = array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn');
|
---|
| 532 | if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
|
---|
| 533 | return '';
|
---|
| 534 |
|
---|
| 535 | return apply_filters('clean_url', $url, $original_url, $_context);
|
---|
| 536 | }
|
---|
| 537 | /**
|
---|
| 538 | * Escaping for HTML attributes.
|
---|
| 539 | *
|
---|
| 540 | * @since 2.8.0
|
---|
| 541 | *
|
---|
| 542 | * @param string $text
|
---|
| 543 | * @return string
|
---|
| 544 | */
|
---|
| 545 | function esc_attr( $text ) {
|
---|
| 546 | $safe_text = wp_check_invalid_utf8( $text );
|
---|
| 547 | $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
|
---|
| 548 | return apply_filters( 'attribute_escape', $safe_text, $text );
|
---|
| 549 | }
|
---|
| 550 |
|
---|
| 551 | endif; // Under WP2.8
|
---|
[360] | 552 | ?> |
---|