1 | <?php
|
---|
2 | // wp_login override for wp2.3 under
|
---|
3 | if ( !function_exists('wp_login') && version_compare($modInfo->get_wp_version(),'2.3', '<')) :
|
---|
4 | function wp_login($username, $password, $already_md5 = false) {
|
---|
5 | global $wpdb, $error;
|
---|
6 |
|
---|
7 |
|
---|
8 | if(is_object($GLOBALS["xoopsModule"]) && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
|
---|
9 | if(!is_object($GLOBALS["xoopsUser"])){
|
---|
10 | wp_clearcookie();
|
---|
11 | return false;
|
---|
12 | }
|
---|
13 | }
|
---|
14 |
|
---|
15 | $username = sanitize_user($username);
|
---|
16 |
|
---|
17 | if ( '' == $username )
|
---|
18 | return false;
|
---|
19 |
|
---|
20 | if ( '' == $password ) {
|
---|
21 | $error = __('<strong>ERROR</strong>: The password field is empty.');
|
---|
22 | return false;
|
---|
23 | }
|
---|
24 |
|
---|
25 | $login = get_userdatabylogin($username);
|
---|
26 | //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");
|
---|
27 |
|
---|
28 | if (!$login) {
|
---|
29 | $error = __('<strong>ERROR</strong>: Invalid username.');
|
---|
30 | return false;
|
---|
31 | } else {
|
---|
32 | if ($login->user_login == $username) {
|
---|
33 | if ($login->user_pass == $password) return true;
|
---|
34 | if ($login->user_pass == md5($password)) return true;
|
---|
35 | }
|
---|
36 |
|
---|
37 | $error = __('<strong>ERROR</strong>: Incorrect password.');
|
---|
38 | $pwd = '';
|
---|
39 | return false;
|
---|
40 | }
|
---|
41 | }
|
---|
42 | endif;
|
---|
43 |
|
---|
44 | // Under WP2.1
|
---|
45 | if (version_compare($modInfo->get_wp_version(),'2.1', '<')) :
|
---|
46 | // ADD WP 2.1.0
|
---|
47 | function the_modified_date($d = '') {
|
---|
48 | echo apply_filters('the_modified_date', get_the_modified_date($d), $d);
|
---|
49 | }
|
---|
50 |
|
---|
51 | // ADD WP 2.1.0
|
---|
52 | function get_the_modified_date($d = '') {
|
---|
53 | if ( '' == $d )
|
---|
54 | $the_time = get_post_modified_time(get_option('date_format'));
|
---|
55 | else
|
---|
56 | $the_time = get_post_modified_time($d);
|
---|
57 | return apply_filters('get_the_modified_date', $the_time, $d);
|
---|
58 | }
|
---|
59 | endif; // Under WP2.1
|
---|
60 |
|
---|
61 | // Under WP2.2
|
---|
62 | if (version_compare($modInfo->get_wp_version(),'2.2', '<')):
|
---|
63 | // Added WP2.2 wp_parse_args()
|
---|
64 | function wp_parse_args( $args, $defaults = '' ) {
|
---|
65 | if ( is_object( $args ) )
|
---|
66 | $r = get_object_vars( $args );
|
---|
67 | elseif ( is_array( $args ) )
|
---|
68 | $r =& $args;
|
---|
69 | else
|
---|
70 | wp_parse_str( $args, $r );
|
---|
71 |
|
---|
72 | if ( is_array( $defaults ) )
|
---|
73 | return array_merge( $defaults, $r );
|
---|
74 | return $r;
|
---|
75 | }
|
---|
76 | // Added WP2.2 translate()
|
---|
77 | function translate($text, $domain = 'default') {
|
---|
78 | global $l10n;
|
---|
79 |
|
---|
80 | if (isset($l10n[$domain]))
|
---|
81 | return apply_filters('gettext', $l10n[$domain]->translate($text), $text, $domain);
|
---|
82 | else
|
---|
83 | return apply_filters('gettext', $text, $text, $domain);
|
---|
84 | }
|
---|
85 |
|
---|
86 | // Added WP2.2 translate_with_context()
|
---|
87 | function before_last_bar( $string ) {
|
---|
88 | $last_bar = strrpos( $string, '|' );
|
---|
89 | if ( false == $last_bar )
|
---|
90 | return $string;
|
---|
91 | else
|
---|
92 | return substr( $string, 0, $last_bar );
|
---|
93 | }
|
---|
94 | endif; // Under WP2.2
|
---|
95 |
|
---|
96 | // Under WP2.2.1
|
---|
97 | if (version_compare($modInfo->get_wp_version(),'2.2.1', '<')) :
|
---|
98 | // Added WP2.2.1 wp_parse_str()
|
---|
99 | function wp_parse_str( $string, &$array ) {
|
---|
100 | parse_str( $string, $array );
|
---|
101 | if ( get_magic_quotes_gpc() )
|
---|
102 | $array = stripslashes_deep( $array );
|
---|
103 | $array = apply_filters( 'wp_parse_str', $array );
|
---|
104 | }
|
---|
105 |
|
---|
106 | endif; // Under WP2.2.1
|
---|
107 |
|
---|
108 | // Under WP2.3
|
---|
109 | if (version_compare($modInfo->get_wp_version(),'2.3', '<')) :
|
---|
110 | if ( !function_exists('wp_sanitize_redirect') ) :
|
---|
111 | /**
|
---|
112 | * Sanitizes a URL for use in a redirect.
|
---|
113 | *
|
---|
114 | * @since 2.3
|
---|
115 | *
|
---|
116 | * @return string redirect-sanitized URL
|
---|
117 | **/
|
---|
118 | function wp_sanitize_redirect($location) {
|
---|
119 | $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
|
---|
120 | $location = wp_kses_no_null($location);
|
---|
121 |
|
---|
122 | // remove %0d and %0a from location
|
---|
123 | $strip = array('%0d', '%0a');
|
---|
124 | $found = true;
|
---|
125 | while($found) {
|
---|
126 | $found = false;
|
---|
127 | foreach( (array) $strip as $val ) {
|
---|
128 | while(strpos($location, $val) !== false) {
|
---|
129 | $found = true;
|
---|
130 | $location = str_replace($val, '', $location);
|
---|
131 | }
|
---|
132 | }
|
---|
133 | }
|
---|
134 | return $location;
|
---|
135 | }
|
---|
136 | endif;
|
---|
137 |
|
---|
138 | if ( !function_exists('wp_sanitize_redirect') ) :
|
---|
139 | /**
|
---|
140 | * Sanitizes a URL for use in a redirect.
|
---|
141 | *
|
---|
142 | * @since 2.3
|
---|
143 | *
|
---|
144 | * @return string redirect-sanitized URL
|
---|
145 | **/
|
---|
146 | function wp_sanitize_redirect($location) {
|
---|
147 | $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
|
---|
148 | $location = wp_kses_no_null($location);
|
---|
149 |
|
---|
150 | // remove %0d and %0a from location
|
---|
151 | $strip = array('%0d', '%0a');
|
---|
152 | $found = true;
|
---|
153 | while($found) {
|
---|
154 | $found = false;
|
---|
155 | foreach( (array) $strip as $val ) {
|
---|
156 | while(strpos($location, $val) !== false) {
|
---|
157 | $found = true;
|
---|
158 | $location = str_replace($val, '', $location);
|
---|
159 | }
|
---|
160 | }
|
---|
161 | }
|
---|
162 | return $location;
|
---|
163 | }
|
---|
164 | endif;
|
---|
165 |
|
---|
166 | endif; // Under WP2.3
|
---|
167 |
|
---|
168 | // Under WP2.5
|
---|
169 | if (version_compare($modInfo->get_wp_version(),'2.5', '<')) :
|
---|
170 | // Added WP2.5 absint()
|
---|
171 | function absint( $maybeint ) {
|
---|
172 | return abs( intval( $maybeint ) );
|
---|
173 | }
|
---|
174 | // Added WP2.5 translate_with_context()
|
---|
175 | function translate_with_context( $text, $domain = 'default' ) {
|
---|
176 | return before_last_bar(translate( $text, $domain ) );
|
---|
177 | }
|
---|
178 | /**
|
---|
179 | * @ignore
|
---|
180 | */
|
---|
181 | function _c() {}
|
---|
182 |
|
---|
183 | if ( !function_exists('wp_logout') ) {
|
---|
184 | function wp_logout() {
|
---|
185 | wp_clear_auth_cookie();
|
---|
186 | do_action('wp_logout');
|
---|
187 | }
|
---|
188 | }
|
---|
189 |
|
---|
190 |
|
---|
191 | endif; // Under WP2.5
|
---|
192 |
|
---|
193 | // Under WP2.7
|
---|
194 | if (version_compare($modInfo->get_wp_version(),'2.6', '<')) :
|
---|
195 | /**
|
---|
196 | * Guess the URL for the site.
|
---|
197 | *
|
---|
198 | * Will remove wp-admin links to retrieve only return URLs not in the wp-admin
|
---|
199 | * directory.
|
---|
200 | *
|
---|
201 | * @since 2.6.0
|
---|
202 | *
|
---|
203 | * @return string
|
---|
204 | */
|
---|
205 | function wp_guess_url() {
|
---|
206 | if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
|
---|
207 | $url = WP_SITEURL;
|
---|
208 | } else {
|
---|
209 | $schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
|
---|
210 | $url = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
---|
211 | }
|
---|
212 | return $url;
|
---|
213 | }
|
---|
214 | endif; // Under WP2.6
|
---|
215 |
|
---|
216 | // Under WP2.7
|
---|
217 | if (version_compare($modInfo->get_wp_version(),'2.7', '<')) :
|
---|
218 | // Added WP2.7 separate_comments()
|
---|
219 | function &separate_comments(&$comments) {
|
---|
220 | $comments_by_type = array('comment' => array(), 'trackback' => array(), 'pingback' => array(), 'pings' => array());
|
---|
221 | $count = count($comments);
|
---|
222 | for ( $i = 0; $i < $count; $i++ ) {
|
---|
223 | $type = $comments[$i]->comment_type;
|
---|
224 | if ( empty($type) )
|
---|
225 | $type = 'comment';
|
---|
226 | $comments_by_type[$type][] = &$comments[$i];
|
---|
227 | if ( 'trackback' == $type || 'pingback' == $type )
|
---|
228 | $comments_by_type['pings'][] = &$comments[$i];
|
---|
229 | }
|
---|
230 |
|
---|
231 | return $comments_by_type;
|
---|
232 | }
|
---|
233 |
|
---|
234 | // Added WP2.7 get_comments()
|
---|
235 | function get_comments( $args = '' ) {
|
---|
236 | global $wpdb;
|
---|
237 |
|
---|
238 | $defaults = array('status' => '', 'orderby' => 'comment_date_gmt', 'order' => 'DESC', 'number' => '', 'offset' => '', 'post_id' => 0);
|
---|
239 |
|
---|
240 | $args = wp_parse_args( $args, $defaults );
|
---|
241 | extract( $args, EXTR_SKIP );
|
---|
242 |
|
---|
243 | // $args can be whatever, only use the args defined in defaults to compute the key
|
---|
244 | $key = md5( serialize( compact(array_keys($defaults)) ) );
|
---|
245 | $last_changed = wp_cache_get('last_changed', 'comment');
|
---|
246 | if ( !$last_changed ) {
|
---|
247 | $last_changed = time();
|
---|
248 | wp_cache_set('last_changed', $last_changed, 'comment');
|
---|
249 | }
|
---|
250 | $cache_key = "get_comments:$key:$last_changed";
|
---|
251 |
|
---|
252 | if ( $cache = wp_cache_get( $cache_key, 'comment' ) ) {
|
---|
253 | return $cache;
|
---|
254 | }
|
---|
255 |
|
---|
256 | $post_id = absint($post_id);
|
---|
257 |
|
---|
258 | if ( 'hold' == $status )
|
---|
259 | $approved = "comment_approved = '0'";
|
---|
260 | elseif ( 'approve' == $status )
|
---|
261 | $approved = "comment_approved = '1'";
|
---|
262 | elseif ( 'spam' == $status )
|
---|
263 | $approved = "comment_approved = 'spam'";
|
---|
264 | else
|
---|
265 | $approved = "( comment_approved = '0' OR comment_approved = '1' )";
|
---|
266 |
|
---|
267 | $order = ( 'ASC' == $order ) ? 'ASC' : 'DESC';
|
---|
268 |
|
---|
269 | $orderby = 'comment_date_gmt'; // Hard code for now
|
---|
270 |
|
---|
271 | $number = absint($number);
|
---|
272 | $offset = absint($offset);
|
---|
273 |
|
---|
274 | if ( !empty($number) ) {
|
---|
275 | if ( $offset )
|
---|
276 | $number = 'LIMIT ' . $offset . ',' . $number;
|
---|
277 | else
|
---|
278 | $number = 'LIMIT ' . $number;
|
---|
279 |
|
---|
280 | } else {
|
---|
281 | $number = '';
|
---|
282 | }
|
---|
283 |
|
---|
284 | if ( ! empty($post_id) )
|
---|
285 | $post_where = "comment_post_ID = $post_id AND" ;
|
---|
286 | else
|
---|
287 | $post_where = '';
|
---|
288 |
|
---|
289 | $comments = $wpdb->get_results( "SELECT * FROM $wpdb->comments WHERE $post_where $approved ORDER BY $orderby $order $number" );
|
---|
290 | wp_cache_add( $cache_key, $comments, 'comment' );
|
---|
291 |
|
---|
292 | return $comments;
|
---|
293 | }
|
---|
294 |
|
---|
295 | // Added WP2.7 absint()
|
---|
296 | function locate_template($template_names, $load = false) {
|
---|
297 | if (!is_array($template_names))
|
---|
298 | return '';
|
---|
299 |
|
---|
300 | $located = '';
|
---|
301 | foreach($template_names as $template_name) {
|
---|
302 | if ( file_exists(STYLESHEETPATH . '/' . $template_name)) {
|
---|
303 | $located = STYLESHEETPATH . '/' . $template_name;
|
---|
304 | break;
|
---|
305 | } else if ( file_exists(TEMPLATEPATH . '/' . $template_name) ) {
|
---|
306 | $located = TEMPLATEPATH . '/' . $template_name;
|
---|
307 | break;
|
---|
308 | }
|
---|
309 | }
|
---|
310 |
|
---|
311 | if ($load && '' != $located)
|
---|
312 | load_template($located);
|
---|
313 |
|
---|
314 | return $located;
|
---|
315 | }
|
---|
316 | // Added WP2.7 post_password_required()
|
---|
317 | function post_password_required( $post = null ) {
|
---|
318 | $post = get_post($post);
|
---|
319 |
|
---|
320 | if ( empty($post->post_password) )
|
---|
321 | return false;
|
---|
322 |
|
---|
323 | if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
|
---|
324 | return true;
|
---|
325 |
|
---|
326 | if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
|
---|
327 | return true;
|
---|
328 |
|
---|
329 | return false;
|
---|
330 | }
|
---|
331 | // Added WP2.7 comment_form_title()
|
---|
332 | function comment_form_title( $noreplytext = 'Leave a Reply', $replytext = 'Leave a Reply to %s', $linktoparent = TRUE ) {
|
---|
333 | global $comment;
|
---|
334 |
|
---|
335 | $replytoid = isset($_GET['replytocom']) ? (int) $_GET['replytocom'] : 0;
|
---|
336 |
|
---|
337 | if ( 0 == $replytoid )
|
---|
338 | echo $noreplytext;
|
---|
339 | else {
|
---|
340 | $comment = get_comment($replytoid);
|
---|
341 | $author = ( $linktoparent ) ? '<a href="#comment-' . get_comment_ID() . '">' . get_comment_author() . '</a>' : get_comment_author();
|
---|
342 | printf( $replytext, $author );
|
---|
343 | }
|
---|
344 | }
|
---|
345 | endif; // Under WP2.7
|
---|
346 |
|
---|
347 | // Under WP2.8
|
---|
348 | if (version_compare($modInfo->get_wp_version(),'2.8', '<')) :
|
---|
349 | function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
|
---|
350 | $string = (string) $string;
|
---|
351 |
|
---|
352 | if ( 0 === strlen( $string ) ) {
|
---|
353 | return '';
|
---|
354 | }
|
---|
355 |
|
---|
356 | // Don't bother if there are no specialchars - saves some processing
|
---|
357 | if ( !preg_match( '/[&<>"\']/', $string ) ) {
|
---|
358 | return $string;
|
---|
359 | }
|
---|
360 |
|
---|
361 | // Account for the previous behaviour of the function when the $quote_style is not an accepted value
|
---|
362 | if ( empty( $quote_style ) ) {
|
---|
363 | $quote_style = ENT_NOQUOTES;
|
---|
364 | } elseif ( !in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) ) {
|
---|
365 | $quote_style = ENT_QUOTES;
|
---|
366 | }
|
---|
367 |
|
---|
368 | // Store the site charset as a static to avoid multiple calls to wp_load_alloptions()
|
---|
369 | if ( !$charset ) {
|
---|
370 | static $_charset;
|
---|
371 | if ( !isset( $_charset ) ) {
|
---|
372 | $alloptions = wp_load_alloptions();
|
---|
373 | $_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : '';
|
---|
374 | }
|
---|
375 | $charset = $_charset;
|
---|
376 | }
|
---|
377 | if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) ) {
|
---|
378 | $charset = 'UTF-8';
|
---|
379 | }
|
---|
380 |
|
---|
381 | $_quote_style = $quote_style;
|
---|
382 |
|
---|
383 | if ( $quote_style === 'double' ) {
|
---|
384 | $quote_style = ENT_COMPAT;
|
---|
385 | $_quote_style = ENT_COMPAT;
|
---|
386 | } elseif ( $quote_style === 'single' ) {
|
---|
387 | $quote_style = ENT_NOQUOTES;
|
---|
388 | }
|
---|
389 |
|
---|
390 | // Handle double encoding ourselves
|
---|
391 | if ( !$double_encode ) {
|
---|
392 | $string = wp_specialchars_decode( $string, $_quote_style );
|
---|
393 |
|
---|
394 | /* Critical */
|
---|
395 | // The previous line decodes &phrase; into &phrase; We must guarantee that &phrase; is valid before proceeding.
|
---|
396 | $string = wp_kses_normalize_entities($string);
|
---|
397 |
|
---|
398 | // Now proceed with custom double-encoding silliness
|
---|
399 | $string = preg_replace( '/&(#?x?[0-9a-z]+);/i', '|wp_entity|$1|/wp_entity|', $string );
|
---|
400 | }
|
---|
401 |
|
---|
402 | $string = @htmlspecialchars( $string, $quote_style, $charset );
|
---|
403 |
|
---|
404 | // Handle double encoding ourselves
|
---|
405 | if ( !$double_encode ) {
|
---|
406 | $string = str_replace( array( '|wp_entity|', '|/wp_entity|' ), array( '&', ';' ), $string );
|
---|
407 | }
|
---|
408 |
|
---|
409 | // Backwards compatibility
|
---|
410 | if ( 'single' === $_quote_style ) {
|
---|
411 | $string = str_replace( "'", ''', $string );
|
---|
412 | }
|
---|
413 |
|
---|
414 | return $string;
|
---|
415 | }
|
---|
416 |
|
---|
417 | /**
|
---|
418 | * Checks for invalid UTF8 in a string.
|
---|
419 | *
|
---|
420 | * @since 2.8
|
---|
421 | *
|
---|
422 | * @param string $string The text which is to be checked.
|
---|
423 | * @param boolean $strip Optional. Whether to attempt to strip out invalid UTF8. Default is false.
|
---|
424 | * @return string The checked text.
|
---|
425 | */
|
---|
426 | function wp_check_invalid_utf8( $string, $strip = false ) {
|
---|
427 | $string = (string) $string;
|
---|
428 |
|
---|
429 | if ( 0 === strlen( $string ) ) {
|
---|
430 | return '';
|
---|
431 | }
|
---|
432 |
|
---|
433 | // Store the site charset as a static to avoid multiple calls to get_option()
|
---|
434 | static $is_utf8;
|
---|
435 | if ( !isset( $is_utf8 ) ) {
|
---|
436 | $is_utf8 = in_array( get_option( 'blog_charset' ), array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) );
|
---|
437 | }
|
---|
438 | if ( !$is_utf8 ) {
|
---|
439 | return $string;
|
---|
440 | }
|
---|
441 |
|
---|
442 | // Check for support for utf8 in the installed PCRE library once and store the result in a static
|
---|
443 | static $utf8_pcre;
|
---|
444 | if ( !isset( $utf8_pcre ) ) {
|
---|
445 | $utf8_pcre = @preg_match( '/^./u', 'a' );
|
---|
446 | }
|
---|
447 | // We can't demand utf8 in the PCRE installation, so just return the string in those cases
|
---|
448 | if ( !$utf8_pcre ) {
|
---|
449 | return $string;
|
---|
450 | }
|
---|
451 |
|
---|
452 | // preg_match fails when it encounters invalid UTF8 in $string
|
---|
453 | if ( 1 === @preg_match( '/^./us', $string ) ) {
|
---|
454 | return $string;
|
---|
455 | }
|
---|
456 |
|
---|
457 | // Attempt to strip the bad chars if requested (not recommended)
|
---|
458 | if ( $strip && function_exists( 'iconv' ) ) {
|
---|
459 | return iconv( 'utf-8', 'utf-8', $string );
|
---|
460 | }
|
---|
461 |
|
---|
462 | return '';
|
---|
463 | }
|
---|
464 |
|
---|
465 | /**
|
---|
466 | * Perform a deep string replace operation to ensure the values in $search are no longer present
|
---|
467 | *
|
---|
468 | * Repeats the replacement operation until it no longer replaces anything so as to remove "nested" values
|
---|
469 | * e.g. $subject = '%0%0%0DDD', $search ='%0D', $result ='' rather than the '%0%0DD' that
|
---|
470 | * str_replace would return
|
---|
471 | *
|
---|
472 | * @since 2.8.1
|
---|
473 | * @access private
|
---|
474 | *
|
---|
475 | * @param string|array $search
|
---|
476 | * @param string $subject
|
---|
477 | * @return string The processed string
|
---|
478 | */
|
---|
479 | function _deep_replace( $search, $subject ) {
|
---|
480 | $found = true;
|
---|
481 | $subject = (string) $subject;
|
---|
482 | while ( $found ) {
|
---|
483 | $found = false;
|
---|
484 | foreach ( (array) $search as $val ) {
|
---|
485 | while ( strpos( $subject, $val ) !== false ) {
|
---|
486 | $found = true;
|
---|
487 | $subject = str_replace( $val, '', $subject );
|
---|
488 | }
|
---|
489 | }
|
---|
490 | }
|
---|
491 |
|
---|
492 | return $subject;
|
---|
493 | }
|
---|
494 |
|
---|
495 |
|
---|
496 | /* @since 2.8.0
|
---|
497 | * @uses wp_kses_bad_protocol() To only permit protocols in the URL set
|
---|
498 | * via $protocols or the common ones set in the function.
|
---|
499 | *
|
---|
500 | * @param string $url The URL to be cleaned.
|
---|
501 | * @param array $protocols Optional. An array of acceptable protocols.
|
---|
502 | * Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet' if not set.
|
---|
503 | * @param string $_context Private. Use esc_url_raw() for database usage.
|
---|
504 | * @return string The cleaned $url after the 'clean_url' filter is applied.
|
---|
505 | */
|
---|
506 | function esc_url( $url, $protocols = null, $_context = 'display' ) {
|
---|
507 | $original_url = $url;
|
---|
508 |
|
---|
509 | if ( '' == $url )
|
---|
510 | return $url;
|
---|
511 | $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url);
|
---|
512 | $strip = array('%0d', '%0a', '%0D', '%0A');
|
---|
513 | $url = _deep_replace($strip, $url);
|
---|
514 | $url = str_replace(';//', '://', $url);
|
---|
515 | /* If the URL doesn't appear to contain a scheme, we
|
---|
516 | * presume it needs http:// appended (unless a relative
|
---|
517 | * link starting with / or a php file).
|
---|
518 | */
|
---|
519 | if ( strpos($url, ':') === false &&
|
---|
520 | substr( $url, 0, 1 ) != '/' && substr( $url, 0, 1 ) != '#' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) )
|
---|
521 | $url = 'http://' . $url;
|
---|
522 |
|
---|
523 | // Replace ampersands and single quotes only when displaying.
|
---|
524 | if ( 'display' == $_context ) {
|
---|
525 | $url = wp_kses_normalize_entities( $url );
|
---|
526 | $url = str_replace( '&', '&', $url );
|
---|
527 | $url = str_replace( "'", ''', $url );
|
---|
528 | }
|
---|
529 |
|
---|
530 | if ( !is_array($protocols) )
|
---|
531 | $protocols = array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn');
|
---|
532 | if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
|
---|
533 | return '';
|
---|
534 |
|
---|
535 | return apply_filters('clean_url', $url, $original_url, $_context);
|
---|
536 | }
|
---|
537 | /**
|
---|
538 | * Escaping for HTML attributes.
|
---|
539 | *
|
---|
540 | * @since 2.8.0
|
---|
541 | *
|
---|
542 | * @param string $text
|
---|
543 | * @return string
|
---|
544 | */
|
---|
545 | function esc_attr( $text ) {
|
---|
546 | $safe_text = wp_check_invalid_utf8( $text );
|
---|
547 | $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
|
---|
548 | return apply_filters( 'attribute_escape', $safe_text, $text );
|
---|
549 | }
|
---|
550 |
|
---|
551 | endif; // Under WP2.8
|
---|
552 | ?> |
---|