p_parse_args( $args, $defaults ); $page_links = paginate_links( $args ); if ( $args['echo'] && 'array' !== $args['type'] ) { echo $page_links; } else { return $page_links; } } /** * Retrieves navigation to next/previous set of comments, when applicable. * * @since 4.4.0 * @since 5.3.0 Added the `aria_label` parameter. * @since 5.5.0 Added the `class` parameter. * * @param array $args { * Optional. Default comments navigation arguments. * * @type string $prev_text Anchor text to display in the previous comments link. * Default 'Older comments'. * @type string $next_text Anchor text to display in the next comments link. * Default 'Newer comments'. * @type string $screen_reader_text Screen reader text for the nav element. Default 'Comments navigation'. * @type string $aria_label ARIA label text for the nav element. Default 'Comments'. * @type string $class Custom class for the nav element. Default 'comment-navigation'. * } * @return string Markup for comments links. */ function get_the_comments_navigation( $args = array() ) { $navigation = ''; // Are there comments to navigate through? if ( get_comment_pages_count() > 1 ) { // Make sure the nav element has an aria-label attribute: fallback to the screen reader text. if ( ! empty( $args['screen_reader_text'] ) && empty( $args['aria_label'] ) ) { $args['aria_label'] = $args['screen_reader_text']; } $args = wp_parse_args( $args, array( 'prev_text' => __( 'Older comments' ), 'next_text' => __( 'Newer comments' ), 'screen_reader_text' => __( 'Comments navigation' ), 'aria_label' => __( 'Comments' ), 'class' => 'comment-navigation', ) ); $prev_link = get_previous_comments_link( $args['prev_text'] ); $next_link = get_next_comments_link( $args['next_text'] ); if ( $prev_link ) { $navigation .= '

' . $prev_link . '

'; } if ( $next_link ) { $navigation .= '

' . $next_link . '

'; } $navigation = _navigation_markup( $navigation, $args['class'], $args['screen_reader_text'], $args['aria_label'] ); } return $navigation; } /** * Displays navigation to next/previous set of comments, when applicable. * * @since 4.4.0 * * @param array $args See get_the_comments_navigation() for available arguments. Default empty array. */ function the_comments_navigation( $args = array() ) { echo get_the_comments_navigation( $args ); } /** * Retrieves a paginated navigation to next/previous set of comments, when applicable. * * @since 4.4.0 * @since 5.3.0 Added the `aria_label` parameter. * @since 5.5.0 Added the `class` parameter. * * @see paginate_comments_links() * * @param array $args { * Optional. Default pagination arguments. * * @type string $screen_reader_text Screen reader text for the nav element. Default 'Comments navigation'. * @type string $aria_label ARIA label text for the nav element. Default 'Comments'. * @type string $class Custom class for the nav element. Default 'comments-pagination'. * } * @return string Markup for pagination links. */ function get_the_comments_pagination( $args = array() ) { $navigation = ''; // Make sure the nav element has an aria-label attribute: fallback to the screen reader text. if ( ! empty( $args['screen_reader_text'] ) && empty( $args['aria_label'] ) ) { $args['aria_label'] = $args['screen_reader_text']; } $args = wp_parse_args( $args, array( 'screen_reader_text' => __( 'Comments navigation' ), 'aria_label' => __( 'Comments' ), 'class' => 'comments-pagination', ) ); $args['echo'] = false; // Make sure we get a string back. Plain is the next best thing. if ( isset( $args['type'] ) && 'array' === $args['type'] ) { $args['type'] = 'plain'; } $links = paginate_comments_links( $args ); if ( $links ) { $navigation = _navigation_markup( $links, $args['class'], $args['screen_reader_text'], $args['aria_label'] ); } return $navigation; } /** * Displays a paginated navigation to next/previous set of comments, when applicable. * * @since 4.4.0 * * @param array $args See get_the_comments_pagination() for available arguments. Default empty array. */ function the_comments_pagination( $args = array() ) { echo get_the_comments_pagination( $args ); } /** * Retrieves the URL for the current site where the front end is accessible. * * Returns the 'home' option with the appropriate protocol. The protocol will be 'https' * if is_ssl() evaluates to true; otherwise, it will be the same as the 'home' option. * If `$scheme` is 'http' or 'https', is_ssl() is overridden. * * @since 3.0.0 * * @param string $path Optional. Path relative to the home URL. Default empty. * @param string|null $scheme Optional. Scheme to give the home URL context. Accepts * 'http', 'https', 'relative', 'rest', or null. Default null. * @return string Home URL link with optional path appended. */ function home_url( $path = '', $scheme = null ) { return get_home_url( null, $path, $scheme ); } /** * Retrieves the URL for a given site where the front end is accessible. * * Returns the 'home' option with the appropriate protocol. The protocol will be 'https' * if is_ssl() evaluates to true; otherwise, it will be the same as the 'home' option. * If `$scheme` is 'http' or 'https', is_ssl() is overridden. * * @since 3.0.0 * * @param int|null $blog_id Optional. Site ID. Default null (current site). * @param string $path Optional. Path relative to the home URL. Default empty. * @param string|null $scheme Optional. Scheme to give the home URL context. Accepts * 'http', 'https', 'relative', 'rest', or null. Default null. * @return string Home URL link with optional path appended. */ function get_home_url( $blog_id = null, $path = '', $scheme = null ) { $orig_scheme = $scheme; if ( empty( $blog_id ) || ! is_multisite() ) { $url = get_option( 'home' ); } else { switch_to_blog( $blog_id ); $url = get_option( 'home' ); restore_current_blog(); } if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ), true ) ) { if ( is_ssl() ) { $scheme = 'https'; } else { $scheme = parse_url( $url, PHP_URL_SCHEME ); } } $url = set_url_scheme( $url, $scheme ); if ( $path && is_string( $path ) ) { $url .= '/' . ltrim( $path, '/' ); } /** * Filters the home URL. * * @since 3.0.0 * * @param string $url The complete home URL including scheme and path. * @param string $path Path relative to the home URL. Blank string if no path is specified. * @param string|null $orig_scheme Scheme to give the home URL context. Accepts 'http', 'https', * 'relative', 'rest', or null. * @param int|null $blog_id Site ID, or null for the current site. */ return apply_filters( 'home_url', $url, $path, $orig_scheme, $blog_id ); } /** * Retrieves the URL for the current site where WordPress application files * (e.g. wp-blog-header.php or the wp-admin/ folder) are accessible. * * Returns the 'site_url' option with the appropriate protocol, 'https' if * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is * overridden. * * @since 3.0.0 * * @param string $path Optional. Path relative to the site URL. Default empty. * @param string|null $scheme Optional. Scheme to give the site URL context. See set_url_scheme(). * @return string Site URL link with optional path appended. */ function site_url( $path = '', $scheme = null ) { return get_site_url( null, $path, $scheme ); } /** * Retrieves the URL for a given site where WordPress application files * (e.g. wp-blog-header.php or the wp-admin/ folder) are accessible. * * Returns the 'site_url' option with the appropriate protocol, 'https' if * is_ssl() and 'http' otherwise. If `$scheme` is 'http' or 'https', * `is_ssl()` is overridden. * * @since 3.0.0 * * @param int|null $blog_id Optional. Site ID. Default null (current site). * @param string $path Optional. Path relative to the site URL. Default empty. * @param string|null $scheme Optional. Scheme to give the site URL context. Accepts * 'http', 'https', 'login', 'login_post', 'admin', or * 'relative'. Default null. * @return string Site URL link with optional path appended. */ function get_site_url( $blog_id = null, $path = '', $scheme = null ) { if ( empty( $blog_id ) || ! is_multisite() ) { $url = get_option( 'siteurl' ); } else { switch_to_blog( $blog_id ); $url = get_option( 'siteurl' ); restore_current_blog(); } $url = set_url_scheme( $url, $scheme ); if ( $path && is_string( $path ) ) { $url .= '/' . ltrim( $path, '/' ); } /** * Filters the site URL. * * @since 2.7.0 * * @param string $url The complete site URL including scheme and path. * @param string $path Path relative to the site URL. Blank string if no path is specified. * @param string|null $scheme Scheme to give the site URL context. Accepts 'http', 'https', 'login', * 'login_post', 'admin', 'relative' or null. * @param int|null $blog_id Site ID, or null for the current site. */ return apply_filters( 'site_url', $url, $path, $scheme, $blog_id ); } /** * Retrieves the URL to the admin area for the current site. * * @since 2.6.0 * * @param string $path Optional. Path relative to the admin URL. Default empty. * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). * 'http' or 'https' can be passed to force those schemes. * @return string Admin URL link with optional path appended. */ function admin_url( $path = '', $scheme = 'admin' ) { return get_admin_url( null, $path, $scheme ); } /** * Retrieves the URL to the admin area for a given site. * * @since 3.0.0 * * @param int|null $blog_id Optional. Site ID. Default null (current site). * @param string $path Optional. Path relative to the admin URL. Default empty. * @param string $scheme Optional. The scheme to use. Accepts 'http' or 'https', * to force those schemes. Default 'admin', which obeys * force_ssl_admin() and is_ssl(). * @return string Admin URL link with optional path appended. */ function get_admin_url( $blog_id = null, $path = '', $scheme = 'admin' ) { $url = get_site_url( $blog_id, 'wp-admin/', $scheme ); if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the admin area URL. * * @since 2.8.0 * @since 5.8.0 The `$scheme` parameter was added. * * @param string $url The complete admin area URL including scheme and path. * @param string $path Path relative to the admin area URL. Blank string if no path is specified. * @param int|null $blog_id Site ID, or null for the current site. * @param string|null $scheme The scheme to use. Accepts 'http', 'https', * 'admin', or null. Default 'admin', which obeys force_ssl_admin() and is_ssl(). */ return apply_filters( 'admin_url', $url, $path, $blog_id, $scheme ); } /** * Retrieves the URL to the includes directory. * * @since 2.6.0 * * @param string $path Optional. Path relative to the includes URL. Default empty. * @param string|null $scheme Optional. Scheme to give the includes URL context. Accepts * 'http', 'https', or 'relative'. Default null. * @return string Includes URL link with optional path appended. */ function includes_url( $path = '', $scheme = null ) { $url = site_url( '/' . WPINC . '/', $scheme ); if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the URL to the includes directory. * * @since 2.8.0 * @since 5.8.0 The `$scheme` parameter was added. * * @param string $url The complete URL to the includes directory including scheme and path. * @param string $path Path relative to the URL to the wp-includes directory. Blank string * if no path is specified. * @param string|null $scheme Scheme to give the includes URL context. Accepts * 'http', 'https', 'relative', or null. Default null. */ return apply_filters( 'includes_url', $url, $path, $scheme ); } /** * Retrieves the URL to the content directory. * * @since 2.6.0 * * @param string $path Optional. Path relative to the content URL. Default empty. * @return string Content URL link with optional path appended. */ function content_url( $path = '' ) { $url = set_url_scheme( WP_CONTENT_URL ); if ( $path && is_string( $path ) ) { $url .= '/' . ltrim( $path, '/' ); } /** * Filters the URL to the content directory. * * @since 2.8.0 * * @param string $url The complete URL to the content directory including scheme and path. * @param string $path Path relative to the URL to the content directory. Blank string * if no path is specified. */ return apply_filters( 'content_url', $url, $path ); } /** * Retrieves a URL within the plugins or mu-plugins directory. * * Defaults to the plugins directory URL if no arguments are supplied. * * @since 2.6.0 * * @param string $path Optional. Extra path appended to the end of the URL, including * the relative directory if $plugin is supplied. Default empty. * @param string $plugin Optional. A full path to a file inside a plugin or mu-plugin. * The URL will be relative to its directory. Default empty. * Typically this is done by passing `__FILE__` as the argument. * @return string Plugins URL link with optional paths appended. */ function plugins_url( $path = '', $plugin = '' ) { $path = wp_normalize_path( $path ); $plugin = wp_normalize_path( $plugin ); $mu_plugin_dir = wp_normalize_path( WPMU_PLUGIN_DIR ); if ( ! empty( $plugin ) && str_starts_with( $plugin, $mu_plugin_dir ) ) { $url = WPMU_PLUGIN_URL; } else { $url = WP_PLUGIN_URL; } $url = set_url_scheme( $url ); if ( ! empty( $plugin ) && is_string( $plugin ) ) { $folder = dirname( plugin_basename( $plugin ) ); if ( '.' !== $folder ) { $url .= '/' . ltrim( $folder, '/' ); } } if ( $path && is_string( $path ) ) { $url .= '/' . ltrim( $path, '/' ); } /** * Filters the URL to the plugins directory. * * @since 2.8.0 * * @param string $url The complete URL to the plugins directory including scheme and path. * @param string $path Path relative to the URL to the plugins directory. Blank string * if no path is specified. * @param string $plugin The plugin file path to be relative to. Blank string if no plugin * is specified. */ return apply_filters( 'plugins_url', $url, $path, $plugin ); } /** * Retrieves the site URL for the current network. * * Returns the site URL with the appropriate protocol, 'https' if * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is * overridden. * * @since 3.0.0 * * @see set_url_scheme() * * @param string $path Optional. Path relative to the site URL. Default empty. * @param string|null $scheme Optional. Scheme to give the site URL context. Accepts * 'http', 'https', or 'relative'. Default null. * @return string Site URL link with optional path appended. */ function network_site_url( $path = '', $scheme = null ) { if ( ! is_multisite() ) { return site_url( $path, $scheme ); } $current_network = get_network(); if ( 'relative' === $scheme ) { $url = $current_network->path; } else { $url = set_url_scheme( 'http://' . $current_network->domain . $current_network->path, $scheme ); } if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the network site URL. * * @since 3.0.0 * * @param string $url The complete network site URL including scheme and path. * @param string $path Path relative to the network site URL. Blank string if * no path is specified. * @param string|null $scheme Scheme to give the URL context. Accepts 'http', 'https', * 'relative' or null. */ return apply_filters( 'network_site_url', $url, $path, $scheme ); } /** * Retrieves the home URL for the current network. * * Returns the home URL with the appropriate protocol, 'https' is_ssl() * and 'http' otherwise. If `$scheme` is 'http' or 'https', `is_ssl()` is * overridden. * * @since 3.0.0 * * @param string $path Optional. Path relative to the home URL. Default empty. * @param string|null $scheme Optional. Scheme to give the home URL context. Accepts * 'http', 'https', or 'relative'. Default null. * @return string Home URL link with optional path appended. */ function network_home_url( $path = '', $scheme = null ) { if ( ! is_multisite() ) { return home_url( $path, $scheme ); } $current_network = get_network(); $orig_scheme = $scheme; if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ), true ) ) { $scheme = is_ssl() ? 'https' : 'http'; } if ( 'relative' === $scheme ) { $url = $current_network->path; } else { $url = set_url_scheme( 'http://' . $current_network->domain . $current_network->path, $scheme ); } if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the network home URL. * * @since 3.0.0 * * @param string $url The complete network home URL including scheme and path. * @param string $path Path relative to the network home URL. Blank string * if no path is specified. * @param string|null $orig_scheme Scheme to give the URL context. Accepts 'http', 'https', * 'relative' or null. */ return apply_filters( 'network_home_url', $url, $path, $orig_scheme ); } /** * Retrieves the URL to the admin area for the network. * * @since 3.0.0 * * @param string $path Optional path relative to the admin URL. Default empty. * @param string $scheme Optional. The scheme to use. Default is 'admin', which obeys force_ssl_admin() * and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Admin URL link with optional path appended. */ function network_admin_url( $path = '', $scheme = 'admin' ) { if ( ! is_multisite() ) { return admin_url( $path, $scheme ); } $url = network_site_url( 'wp-admin/network/', $scheme ); if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the network admin URL. * * @since 3.0.0 * @since 5.8.0 The `$scheme` parameter was added. * * @param string $url The complete network admin URL including scheme and path. * @param string $path Path relative to the network admin URL. Blank string if * no path is specified. * @param string|null $scheme The scheme to use. Accepts 'http', 'https', * 'admin', or null. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). */ return apply_filters( 'network_admin_url', $url, $path, $scheme ); } /** * Retrieves the URL to the admin area for the current user. * * @since 3.0.0 * * @param string $path Optional. Path relative to the admin URL. Default empty. * @param string $scheme Optional. The scheme to use. Default is 'admin', which obeys force_ssl_admin() * and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Admin URL link with optional path appended. */ function user_admin_url( $path = '', $scheme = 'admin' ) { $url = network_site_url( 'wp-admin/user/', $scheme ); if ( $path && is_string( $path ) ) { $url .= ltrim( $path, '/' ); } /** * Filters the user admin URL for the current user. * * @since 3.1.0 * @since 5.8.0 The `$scheme` parameter was added. * * @param string $url The complete URL including scheme and path. * @param string $path Path relative to the URL. Blank string if * no path is specified. * @param string|null $scheme The scheme to use. Accepts 'http', 'https', * 'admin', or null. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). */ return apply_filters( 'user_admin_url', $url, $path, $scheme ); } /** * Retrieves the URL to the admin area for either the current site or the network depending on context. * * @since 3.1.0 * * @param string $path Optional. Path relative to the admin URL. Default empty. * @param string $scheme Optional. The scheme to use. Default is 'admin', which obeys force_ssl_admin() * and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Admin URL link with optional path appended. */ function self_admin_url( $path = '', $scheme = 'admin' ) { if ( is_network_admin() ) { $url = network_admin_url( $path, $scheme ); } elseif ( is_user_admin() ) { $url = user_admin_url( $path, $scheme ); } else { $url = admin_url( $path, $scheme ); } /** * Filters the admin URL for the current site or network depending on context. * * @since 4.9.0 * * @param string $url The complete URL including scheme and path. * @param string $path Path relative to the URL. Blank string if no path is specified. * @param string $scheme The scheme to use. */ return apply_filters( 'self_admin_url', $url, $path, $scheme ); } /** * Sets the scheme for a URL. * * @since 3.4.0 * @since 4.4.0 The 'rest' scheme was added. * * @param string $url Absolute URL that includes a scheme * @param string|null $scheme Optional. Scheme to give $url. Currently 'http', 'https', 'login', * 'login_post', 'admin', 'relative', 'rest', 'rpc', or null. Default null. * @return string URL with chosen scheme. */ function set_url_scheme( $url, $scheme = null ) { $orig_scheme = $scheme; if ( ! $scheme ) { $scheme = is_ssl() ? 'https' : 'http'; } elseif ( 'admin' === $scheme || 'login' === $scheme || 'login_post' === $scheme || 'rpc' === $scheme ) { $scheme = is_ssl() || force_ssl_admin() ? 'https' : 'http'; } elseif ( 'http' !== $scheme && 'https' !== $scheme && 'relative' !== $scheme ) { $scheme = is_ssl() ? 'https' : 'http'; } $url = trim( $url ); if ( str_starts_with( $url, '//' ) ) { $url = 'http:' . $url; } if ( 'relative' === $scheme ) { $url = ltrim( preg_replace( '#^\w+://[^/]*#', '', $url ) ); if ( '' !== $url && '/' === $url[0] ) { $url = '/' . ltrim( $url, "/ \t\n\r\0\x0B" ); } } else { $url = preg_replace( '#^\w+://#', $scheme . '://', $url ); } /** * Filters the resulting URL after setting the scheme. * * @since 3.4.0 * * @param string $url The complete URL including scheme and path. * @param string $scheme Scheme applied to the URL. One of 'http', 'https', or 'relative'. * @param string|null $orig_scheme Scheme requested for the URL. One of 'http', 'https', 'login', * 'login_post', 'admin', 'relative', 'rest', 'rpc', or null. */ return apply_filters( 'set_url_scheme', $url, $scheme, $orig_scheme ); } /** * Retrieves the URL to the user's dashboard. * * If a user does not belong to any site, the global user dashboard is used. If the user * belongs to the current site, the dashboard for the current site is returned. If the user * cannot edit the current site, the dashboard to the user's primary site is returned. * * @since 3.1.0 * * @param int $user_id Optional. User ID. Defaults to current user. * @param string $path Optional path relative to the dashboard. Use only paths known to * both site and user admins. Default empty. * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() * and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Dashboard URL link with optional path appended. */ function get_dashboard_url( $user_id = 0, $path = '', $scheme = 'admin' ) { $user_id = $user_id ? (int) $user_id : get_current_user_id(); $blogs = get_blogs_of_user( $user_id ); if ( is_multisite() && ! user_can( $user_id, 'manage_network' ) && empty( $blogs ) ) { $url = user_admin_url( $path, $scheme ); } elseif ( ! is_multisite() ) { $url = admin_url( $path, $scheme ); } else { $current_blog = get_current_blog_id(); if ( $current_blog && ( user_can( $user_id, 'manage_network' ) || in_array( $current_blog, array_keys( $blogs ), true ) ) ) { $url = admin_url( $path, $scheme ); } else { $active = get_active_blog_for_user( $user_id ); if ( $active ) { $url = get_admin_url( $active->blog_id, $path, $scheme ); } else { $url = user_admin_url( $path, $scheme ); } } } /** * Filters the dashboard URL for a user. * * @since 3.1.0 * * @param string $url The complete URL including scheme and path. * @param int $user_id The user ID. * @param string $path Path relative to the URL. Blank string if no path is specified. * @param string $scheme Scheme to give the URL context. Accepts 'http', 'https', 'login', * 'login_post', 'admin', 'relative' or null. */ return apply_filters( 'user_dashboard_url', $url, $user_id, $path, $scheme ); } /** * Retrieves the URL to the user's profile editor. * * @since 3.1.0 * * @param int $user_id Optional. User ID. Defaults to current user. * @param string $scheme Optional. The scheme to use. Default is 'admin', which obeys force_ssl_admin() * and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Dashboard URL link with optional path appended. */ function get_edit_profile_url( $user_id = 0, $scheme = 'admin' ) { $user_id = $user_id ? (int) $user_id : get_current_user_id(); if ( is_user_admin() ) { $url = user_admin_url( 'profile.php', $scheme ); } elseif ( is_network_admin() ) { $url = network_admin_url( 'profile.php', $scheme ); } else { $url = get_dashboard_url( $user_id, 'profile.php', $scheme ); } /** * Filters the URL for a user's profile editor. * * @since 3.1.0 * * @param string $url The complete URL including scheme and path. * @param int $user_id The user ID. * @param string $scheme Scheme to give the URL context. Accepts 'http', 'https', 'login', * 'login_post', 'admin', 'relative' or null. */ return apply_filters( 'edit_profile_url', $url, $user_id, $scheme ); } /** * Returns the canonical URL for a post. * * When the post is the same as the current requested page the function will handle the * pagination arguments too. * * @since 4.6.0 * * @param int|WP_Post $post Optional. Post ID or object. Default is global `$post`. * @return string|false The canonical URL. False if the post does not exist * or has not been published yet. */ function wp_get_canonical_url( $post = null ) { $post = get_post( $post ); if ( ! $post ) { return false; } if ( 'publish' !== $post->post_status ) { return false; } $canonical_url = get_permalink( $post ); // If a canonical is being generated for the current page, make sure it has pagination if needed. if ( get_queried_object_id() === $post->ID ) { $page = get_query_var( 'page', 0 ); if ( $page >= 2 ) { if ( ! get_option( 'permalink_structure' ) ) { $canonical_url = add_query_arg( 'page', $page, $canonical_url ); } else { $canonical_url = trailingslashit( $canonical_url ) . user_trailingslashit( $page, 'single_paged' ); } } $cpage = get_query_var( 'cpage', 0 ); if ( $cpage ) { $canonical_url = get_comments_pagenum_link( $cpage ); } } /** * Filters the canonical URL for a post. * * @since 4.6.0 * * @param string $canonical_url The post's canonical URL. * @param WP_Post $post Post object. */ return apply_filters( 'get_canonical_url', $canonical_url, $post ); } /** * Outputs rel=canonical for singular queries. * * @since 2.9.0 * @since 4.6.0 Adjusted to use `wp_get_canonical_url()`. */ function rel_canonical() { if ( ! is_singular() ) { return; } $id = get_queried_object_id(); if ( 0 === $id ) { return; } $url = wp_get_canonical_url( $id ); if ( ! empty( $url ) ) { echo '' . "\n"; } } /** * Returns a shortlink for a post, page, attachment, or site. * * This function exists to provide a shortlink tag that all themes and plugins can target. * A plugin must hook in to provide the actual shortlinks. Default shortlink support is * limited to providing ?p= style links for posts. Plugins can short-circuit this function * via the {@see 'pre_get_shortlink'} filter or filter the output via the {@see 'get_shortlink'} * filter. * * @since 3.0.0 * * @param int $id Optional. A post or site ID. Default is 0, which means the current post or site. * @param string $context Optional. Whether the ID is a 'site' ID, 'post' ID, or 'media' ID. If 'post', * the post_type of the post is consulted. If 'query', the current query is consulted * to determine the ID and context. Default 'post'. * @param bool $allow_slugs Optional. Whether to allow post slugs in the shortlink. It is up to the plugin how * and whether to honor this. Default true. * @return string A shortlink or an empty string if no shortlink exists for the requested resource or if shortlinks * are not enabled. */ function wp_get_shortlink( $id = 0, $context = 'post', $allow_slugs = true ) { /** * Filters whether to preempt generating a shortlink for the given post. * * Returning a value other than false from the filter will short-circuit * the shortlink generation process, returning that value instead. * * @since 3.0.0 * * @param false|string $return Short-circuit return value. Either false or a URL string. * @param int $id Post ID, or 0 for the current post. * @param string $context The context for the link. One of 'post' or 'query', * @param bool $allow_slugs Whether to allow post slugs in the shortlink. */ $shortlink = apply_filters( 'pre_get_shortlink', false, $id, $context, $allow_slugs ); if ( false !== $shortlink ) { return $shortlink; } $post_id = 0; if ( 'query' === $context && is_singular() ) { $post_id = get_queried_object_id(); $post = get_post( $post_id ); } elseif ( 'post' === $context ) { $post = get_post( $id ); if ( ! empty( $post->ID ) ) { $post_id = $post->ID; } } $shortlink = ''; // Return `?p=` link for all public post types. if ( ! empty( $post_id ) ) { $post_type = get_post_type_object( $post->post_type ); if ( 'page' === $post->post_type && get_option( 'page_on_front' ) == $post->ID && 'page' === get_option( 'show_on_front' ) ) { $shortlink = home_url( '/' ); } elseif ( $post_type && $post_type->public ) { $shortlink = home_url( '?p=' . $post_id ); } } /** * Filters the shortlink for a post. * * @since 3.0.0 * * @param string $shortlink Shortlink URL. * @param int $id Post ID, or 0 for the current post. * @param string $context The context for the link. One of 'post' or 'query', * @param bool $allow_slugs Whether to allow post slugs in the shortlink. Not used by default. */ return apply_filters( 'get_shortlink', $shortlink, $id, $context, $allow_slugs ); } /** * Injects rel=shortlink into the head if a shortlink is defined for the current page. * * Attached to the {@see 'wp_head'} action. * * @since 3.0.0 */ function wp_shortlink_wp_head() { $shortlink = wp_get_shortlink( 0, 'query' ); if ( empty( $shortlink ) ) { return; } echo "\n"; } /** * Sends a Link: rel=shortlink header if a shortlink is defined for the current page. * * Attached to the {@see 'wp'} action. * * @since 3.0.0 */ function wp_shortlink_header() { if ( headers_sent() ) { return; } $shortlink = wp_get_shortlink( 0, 'query' ); if ( empty( $shortlink ) ) { return; } header( 'Link: <' . $shortlink . '>; rel=shortlink', false ); } /** * Displays the shortlink for a post. * * Must be called from inside "The Loop" * * Call like the_shortlink( __( 'Shortlinkage FTW' ) ) * * @since 3.0.0 * * @param string $text Optional The link text or HTML to be displayed. Defaults to 'This is the short link.' * @param string $title Optional The tooltip for the link. Must be sanitized. Defaults to the sanitized post title. * @param string $before Optional HTML to display before the link. Default empty. * @param string $after Optional HTML to display after the link. Default empty. */ function the_shortlink( $text = '', $title = '', $before = '', $after = '' ) { $post = get_post(); if ( empty( $text ) ) { $text = __( 'This is the short link.' ); } if ( empty( $title ) ) { $title = the_title_attribute( array( 'echo' => false ) ); } $shortlink = wp_get_shortlink( $post->ID ); if ( ! empty( $shortlink ) ) { $link = '' . $text . ''; /** * Filters the short link anchor tag for a post. * * @since 3.0.0 * * @param string $link Shortlink anchor tag. * @param string $shortlink Shortlink URL. * @param string $text Shortlink's text. * @param string $title Shortlink's title attribute. */ $link = apply_filters( 'the_shortlink', $link, $shortlink, $text, $title ); echo $before, $link, $after; } } /** * Retrieves the avatar URL. * * @since 4.2.0 * * @param mixed $id_or_email The avatar to retrieve a URL for. Accepts a user ID, Gravatar MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args { * Optional. Arguments to use instead of the default arguments. * * @type int $size Height and width of the avatar in pixels. Default 96. * @type string $default URL for the default image or a default type. Accepts: * - '404' (return a 404 instead of a default image) * - 'retro' (a 8-bit arcade-style pixelated face) * - 'robohash' (a robot) * - 'monsterid' (a monster) * - 'wavatar' (a cartoon face) * - 'identicon' (the "quilt", a geometric pattern) * - 'mystery', 'mm', or 'mysteryman' (The Oyster Man) * - 'blank' (transparent GIF) * - 'gravatar_default' (the Gravatar logo) * Default is the value of the 'avatar_default' option, * with a fallback of 'mystery'. * @type bool $force_default Whether to always show the default image, never the Gravatar. * Default false. * @type string $rating What rating to display avatars up to. Accepts: * - 'G' (suitable for all audiences) * - 'PG' (possibly offensive, usually for audiences 13 and above) * - 'R' (intended for adult audiences above 17) * - 'X' (even more mature than above) * Default is the value of the 'avatar_rating' option. * @type string $scheme URL scheme to use. See set_url_scheme() for accepted values. * Default null. * @type array $processed_args When the function returns, the value will be the processed/sanitized $args * plus a "found_avatar" guess. Pass as a reference. Default null. * } * @return string|false The URL of the avatar on success, false on failure. */ function get_avatar_url( $id_or_email, $args = null ) { $args = get_avatar_data( $id_or_email, $args ); return $args['url']; } /** * Check if this comment type allows avatars to be retrieved. * * @since 5.1.0 * * @param string $comment_type Comment type to check. * @return bool Whether the comment type is allowed for retrieving avatars. */ function is_avatar_comment_type( $comment_type ) { /** * Filters the list of allowed comment types for retrieving avatars. * * @since 3.0.0 * * @param array $types An array of content types. Default only contains 'comment'. */ $allowed_comment_types = apply_filters( 'get_avatar_comment_types', array( 'comment' ) ); return in_array( $comment_type, (array) $allowed_comment_types, true ); } /** * Retrieves default data about the avatar. * * @since 4.2.0 * * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args { * Optional. Arguments to use instead of the default arguments. * * @type int $size Height and width of the avatar in pixels. Default 96. * @type int $height Display height of the avatar in pixels. Defaults to $size. * @type int $width Display width of the avatar in pixels. Defaults to $size. * @type string $default URL for the default image or a default type. Accepts: * - '404' (return a 404 instead of a default image) * - 'retro' (a 8-bit arcade-style pixelated face) * - 'robohash' (a robot) * - 'monsterid' (a monster) * - 'wavatar' (a cartoon face) * - 'identicon' (the "quilt", a geometric pattern) * - 'mystery', 'mm', or 'mysteryman' (The Oyster Man) * - 'blank' (transparent GIF) * - 'gravatar_default' (the Gravatar logo) * Default is the value of the 'avatar_default' option, * with a fallback of 'mystery'. * @type bool $force_default Whether to always show the default image, never the Gravatar. * Default false. * @type string $rating What rating to display avatars up to. Accepts: * - 'G' (suitable for all audiences) * - 'PG' (possibly offensive, usually for audiences 13 and above) * - 'R' (intended for adult audiences above 17) * - 'X' (even more mature than above) * Default is the value of the 'avatar_rating' option. * @type string $scheme URL scheme to use. See set_url_scheme() for accepted values. * Default null. * @type array $processed_args When the function returns, the value will be the processed/sanitized $args * plus a "found_avatar" guess. Pass as a reference. Default null. * @type string $extra_attr HTML attributes to insert in the IMG element. Is not sanitized. * Default empty. * } * @return array { * Along with the arguments passed in `$args`, this will contain a couple of extra arguments. * * @type bool $found_avatar True if an avatar was found for this user, * false or not set if none was found. * @type string|false $url The URL of the avatar that was found, or false. * } */ function get_avatar_data( $id_or_email, $args = null ) { $args = wp_parse_args( $args, array( 'size' => 96, 'height' => null, 'width' => null, 'default' => get_option( 'avatar_default', 'mystery' ), 'force_default' => false, 'rating' => get_option( 'avatar_rating' ), 'scheme' => null, 'processed_args' => null, // If used, should be a reference. 'extra_attr' => '', ) ); if ( is_numeric( $args['size'] ) ) { $args['size'] = absint( $args['size'] ); if ( ! $args['size'] ) { $args['size'] = 96; } } else { $args['size'] = 96; } if ( is_numeric( $args['height'] ) ) { $args['height'] = absint( $args['height'] ); if ( ! $args['height'] ) { $args['height'] = $args['size']; } } else { $args['height'] = $args['size']; } if ( is_numeric( $args['width'] ) ) { $args['width'] = absint( $args['width'] ); if ( ! $args['width'] ) { $args['width'] = $args['size']; } } else { $args['width'] = $args['size']; } if ( empty( $args['default'] ) ) { $args['default'] = get_option( 'avatar_default', 'mystery' ); } switch ( $args['default'] ) { case 'mm': case 'mystery': case 'mysteryman': $args['default'] = 'mm'; break; case 'gravatar_default': $args['default'] = false; break; } $args['force_default'] = (bool) $args['force_default']; $args['rating'] = strtolower( $args['rating'] ); $args['found_avatar'] = false; /** * Filters whether to retrieve the avatar URL early. * * Passing a non-null value in the 'url' member of the return array will * effectively short circuit get_avatar_data(), passing the value through * the {@see 'get_avatar_data'} filter and returning early. * * @since 4.2.0 * * @param array $args Arguments passed to get_avatar_data(), after processing. * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. */ $args = apply_filters( 'pre_get_avatar_data', $args, $id_or_email ); if ( isset( $args['url'] ) ) { /** This filter is documented in wp-includes/link-template.php */ return apply_filters( 'get_avatar_data', $args, $id_or_email ); } $email_hash = ''; $user = false; $email = false; if ( is_object( $id_or_email ) && isset( $id_or_email->comment_ID ) ) { $id_or_email = get_comment( $id_or_email ); } // Process the user identifier. if ( is_numeric( $id_or_email ) ) { $user = get_user_by( 'id', absint( $id_or_email ) ); } elseif ( is_string( $id_or_email ) ) { if ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) { // MD5 hash. list( $email_hash ) = explode( '@', $id_or_email ); } else { // Email address. $email = $id_or_email; } } elseif ( $id_or_email instanceof WP_User ) { // User object. $user = $id_or_email; } elseif ( $id_or_email instanceof WP_Post ) { // Post object. $user = get_user_by( 'id', (int) $id_or_email->post_author ); } elseif ( $id_or_email instanceof WP_Comment ) { if ( ! is_avatar_comment_type( get_comment_type( $id_or_email ) ) ) { $args['url'] = false; /** This filter is documented in wp-includes/link-template.php */ return apply_filters( 'get_avatar_data', $args, $id_or_email ); } if ( ! empty( $id_or_email->user_id ) ) { $user = get_user_by( 'id', (int) $id_or_email->user_id ); } if ( ( ! $user || is_wp_error( $user ) ) && ! empty( $id_or_email->comment_author_email ) ) { $email = $id_or_email->comment_author_email; } } if ( ! $email_hash ) { if ( $user ) { $email = $user->user_email; } if ( $email ) { $email_hash = md5( strtolower( trim( $email ) ) ); } } if ( $email_hash ) { $args['found_avatar'] = true; $gravatar_server = hexdec( $email_hash[0] ) % 3; } else { $gravatar_server = rand( 0, 2 ); } $url_args = array( 's' => $args['size'], 'd' => $args['default'], 'f' => $args['force_default'] ? 'y' : false, 'r' => $args['rating'], ); if ( is_ssl() ) { $url = 'https://secure.gravatar.com/avatar/' . $email_hash; } else { $url = sprintf( 'http://%d.gravatar.com/avatar/%s', $gravatar_server, $email_hash ); } $url = add_query_arg( rawurlencode_deep( array_filter( $url_args ) ), set_url_scheme( $url, $args['scheme'] ) ); /** * Filters the avatar URL. * * @since 4.2.0 * * @param string $url The URL of the avatar. * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args Arguments passed to get_avatar_data(), after processing. */ $args['url'] = apply_filters( 'get_avatar_url', $url, $id_or_email, $args ); /** * Filters the avatar data. * * @since 4.2.0 * * @param array $args Arguments passed to get_avatar_data(), after processing. * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. */ return apply_filters( 'get_avatar_data', $args, $id_or_email ); } /** * Retrieves the URL of a file in the theme. * * Searches in the stylesheet directory before the template directory so themes * which inherit from a parent theme can just override one file. * * @since 4.7.0 * * @param string $file Optional. File to search for in the stylesheet directory. * @return string The URL of the file. */ function get_theme_file_uri( $file = '' ) { $file = ltrim( $file, '/' ); $stylesheet_directory = get_stylesheet_directory(); if ( empty( $file ) ) { $url = get_stylesheet_directory_uri(); } elseif ( get_template_directory() !== $stylesheet_directory && file_exists( $stylesheet_directory . '/' . $file ) ) { $url = get_stylesheet_directory_uri() . '/' . $file; } else { $url = get_template_directory_uri() . '/' . $file; } /** * Filters the URL to a file in the theme. * * @since 4.7.0 * * @param string $url The file URL. * @param string $file The requested file to search for. */ return apply_filters( 'theme_file_uri', $url, $file ); } /** * Retrieves the URL of a file in the parent theme. * * @since 4.7.0 * * @param string $file Optional. File to return the URL for in the template directory. * @return string The URL of the file. */ function get_parent_theme_file_uri( $file = '' ) { $file = ltrim( $file, '/' ); if ( empty( $file ) ) { $url = get_template_directory_uri(); } else { $url = get_template_directory_uri() . '/' . $file; } /** * Filters the URL to a file in the parent theme. * * @since 4.7.0 * * @param string $url The file URL. * @param string $file The requested file to search for. */ return apply_filters( 'parent_theme_file_uri', $url, $file ); } /** * Retrieves the path of a file in the theme. * * Searches in the stylesheet directory before the template directory so themes * which inherit from a parent theme can just override one file. * * @since 4.7.0 * * @param string $file Optional. File to search for in the stylesheet directory. * @return string The path of the file. */ function get_theme_file_path( $file = '' ) { $file = ltrim( $file, '/' ); $stylesheet_directory = get_stylesheet_directory(); $template_directory = get_template_directory(); if ( empty( $file ) ) { $path = $stylesheet_directory; } elseif ( $stylesheet_directory !== $template_directory && file_exists( $stylesheet_directory . '/' . $file ) ) { $path = $stylesheet_directory . '/' . $file; } else { $path = $template_directory . '/' . $file; } /** * Filters the path to a file in the theme. * * @since 4.7.0 * * @param string $path The file path. * @param string $file The requested file to search for. */ return apply_filters( 'theme_file_path', $path, $file ); } /** * Retrieves the path of a file in the parent theme. * * @since 4.7.0 * * @param string $file Optional. File to return the path for in the template directory. * @return string The path of the file. */ function get_parent_theme_file_path( $file = '' ) { $file = ltrim( $file, '/' ); if ( empty( $file ) ) { $path = get_template_directory(); } else { $path = get_template_directory() . '/' . $file; } /** * Filters the path to a file in the parent theme. * * @since 4.7.0 * * @param string $path The file path. * @param string $file The requested file to search for. */ return apply_filters( 'parent_theme_file_path', $path, $file ); } /** * Retrieves the URL to the privacy policy page. * * @since 4.9.6 * * @return string The URL to the privacy policy page. Empty string if it doesn't exist. */ function get_privacy_policy_url() { $url = ''; $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); if ( ! empty( $policy_page_id ) && get_post_status( $policy_page_id ) === 'publish' ) { $url = (string) get_permalink( $policy_page_id ); } /** * Filters the URL of the privacy policy page. * * @since 4.9.6 * * @param string $url The URL to the privacy policy page. Empty string * if it doesn't exist. * @param int $policy_page_id The ID of privacy policy page. */ return apply_filters( 'privacy_policy_url', $url, $policy_page_id ); } /** * Displays the privacy policy link with formatting, when applicable. * * @since 4.9.6 * * @param string $before Optional. Display before privacy policy link. Default empty. * @param string $after Optional. Display after privacy policy link. Default empty. */ function the_privacy_policy_link( $before = '', $after = '' ) { echo get_the_privacy_policy_link( $before, $after ); } /** * Returns the privacy policy link with formatting, when applicable. * * @since 4.9.6 * @since 6.2.0 Added 'privacy-policy' rel attribute. * * @param string $before Optional. Display before privacy policy link. Default empty. * @param string $after Optional. Display after privacy policy link. Default empty. * @return string Markup for the link and surrounding elements. Empty string if it * doesn't exist. */ function get_the_privacy_policy_link( $before = '', $after = '' ) { $link = ''; $privacy_policy_url = get_privacy_policy_url(); $policy_page_id = (int) get_option( 'wp_page_for_privacy_policy' ); $page_title = ( $policy_page_id ) ? get_the_title( $policy_page_id ) : ''; if ( $privacy_policy_url && $page_title ) { $link = sprintf( '%s', esc_url( $privacy_policy_url ), esc_html( $page_title ) ); } /** * Filters the privacy policy link. * * @since 4.9.6 * * @param string $link The privacy policy link. Empty string if it * doesn't exist. * @param string $privacy_policy_url The URL of the privacy policy. Empty string * if it doesn't exist. */ $link = apply_filters( 'the_privacy_policy_link', $link, $privacy_policy_url ); if ( $link ) { return $before . $link . $after; } return ''; } /** * Returns an array of URL hosts which are considered to be internal hosts. * * By default the list of internal hosts is comprised of the host name of * the site's home_url() (as parsed by wp_parse_url()). * * This list is used when determining if a specificed URL is a link to a page on * the site itself or a link offsite (to an external host). This is used, for * example, when determining if the "nofollow" attribute should be applied to a * link. * * @see wp_is_internal_link * * @since 6.2.0 * * @return string[] An array of URL hosts. */ function wp_internal_hosts() { static $internal_hosts; if ( empty( $internal_hosts ) ) { /** * Filters the array of URL hosts which are considered internal. * * @since 6.2.0 * * @param string[] $internal_hosts An array of internal URL hostnames. */ $internal_hosts = apply_filters( 'wp_internal_hosts', array( wp_parse_url( home_url(), PHP_URL_HOST ), ) ); $internal_hosts = array_unique( array_map( 'strtolower', (array) $internal_hosts ) ); } return $internal_hosts; } /** * Determines whether or not the specified URL is of a host included in the internal hosts list. * * @see wp_internal_hosts() * * @since 6.2.0 * * @param string $link The URL to test. * @return bool Returns true for internal URLs and false for all other URLs. */ function wp_is_internal_link( $link ) { $link = strtolower( $link ); if ( in_array( wp_parse_url( $link, PHP_URL_SCHEME ), wp_allowed_protocols(), true ) ) { return in_array( wp_parse_url( $link, PHP_URL_HOST ), wp_internal_hosts(), true ); } return false; } $schema = $this->get_item_schema(); if ( ! empty( $request['roles'] ) && ! empty( $schema['properties']['roles'] ) ) { $check_permission = $this->check_role_update( $request['id'], $request['roles'] ); if ( is_wp_error( $check_permission ) ) { return $check_permission; } } $user = $this->prepare_item_for_database( $request ); if ( is_multisite() ) { $ret = wpmu_validate_user_signup( $user->user_login, $user->user_email ); if ( is_wp_error( $ret['errors'] ) && $ret['errors']->has_errors() ) { $error = new WP_Error( 'rest_invalid_param', __( 'Invalid user parameter(s).' ), array( 'status' => 400 ) ); foreach ( $ret['errors']->errors as $code => $messages ) { foreach ( $messages as $message ) { $error->add( $code, $message ); } $error_data = $error->get_error_data( $code ); if ( $error_data ) { $error->add_data( $error_data, $code ); } } return $error; } } if ( is_multisite() ) { $user_id = wpmu_create_user( $user->user_login, $user->user_pass, $user->user_email ); if ( ! $user_id ) { return new WP_Error( 'rest_user_create', __( 'Error creating new user.' ), array( 'status' => 500 ) ); } $user->ID = $user_id; $user_id = wp_update_user( wp_slash( (array) $user ) ); if ( is_wp_error( $user_id ) ) { return $user_id; } $result = add_user_to_blog( get_site()->id, $user_id, '' ); if ( is_wp_error( $result ) ) { return $result; } } else { $user_id = wp_insert_user( wp_slash( (array) $user ) ); if ( is_wp_error( $user_id ) ) { return $user_id; } } $user = get_user_by( 'id', $user_id ); /** * Fires immediately after a user is created or updated via the REST API. * * @since 4.7.0 * * @param WP_User $user Inserted or updated user object. * @param WP_REST_Request $request Request object. * @param bool $creating True when creating a user, false when updating. */ do_action( 'rest_insert_user', $user, $request, true ); if ( ! empty( $request['roles'] ) && ! empty( $schema['properties']['roles'] ) ) { array_map( array( $user, 'add_role' ), $request['roles'] ); } if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { $meta_update = $this->meta->update_value( $request['meta'], $user_id ); if ( is_wp_error( $meta_update ) ) { return $meta_update; } } $user = get_user_by( 'id', $user_id ); $fields_update = $this->update_additional_fields_for_object( $user, $request ); if ( is_wp_error( $fields_update ) ) { return $fields_update; } $request->set_param( 'context', 'edit' ); /** * Fires after a user is completely created or updated via the REST API. * * @since 5.0.0 * * @param WP_User $user Inserted or updated user object. * @param WP_REST_Request $request Request object. * @param bool $creating True when creating a user, false when updating. */ do_action( 'rest_after_insert_user', $user, $request, true ); $response = $this->prepare_item_for_response( $user, $request ); $response = rest_ensure_response( $response ); $response->set_status( 201 ); $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $user_id ) ) ); return $response; } /** * Checks if a given request has access to update a user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. */ public function update_item_permissions_check( $request ) { $user = $this->get_user( $request['id'] ); if ( is_wp_error( $user ) ) { return $user; } if ( ! empty( $request['roles'] ) ) { if ( ! current_user_can( 'promote_user', $user->ID ) ) { return new WP_Error( 'rest_cannot_edit_roles', __( 'Sorry, you are not allowed to edit roles of this user.' ), array( 'status' => rest_authorization_required_code() ) ); } $request_params = array_keys( $request->get_params() ); sort( $request_params ); /* * If only 'id' and 'roles' are specified (we are only trying to * edit roles), then only the 'promote_user' cap is required. */ if ( array( 'id', 'roles' ) === $request_params ) { return true; } } if ( ! current_user_can( 'edit_user', $user->ID ) ) { return new WP_Error( 'rest_cannot_edit', __( 'Sorry, you are not allowed to edit this user.' ), array( 'status' => rest_authorization_required_code() ) ); } return true; } /** * Updates a single user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. */ public function update_item( $request ) { $user = $this->get_user( $request['id'] ); if ( is_wp_error( $user ) ) { return $user; } $id = $user->ID; $owner_id = false; if ( is_string( $request['email'] ) ) { $owner_id = email_exists( $request['email'] ); } if ( $owner_id && $owner_id !== $id ) { return new WP_Error( 'rest_user_invalid_email', __( 'Invalid email address.' ), array( 'status' => 400 ) ); } if ( ! empty( $request['username'] ) && $request['username'] !== $user->user_login ) { return new WP_Error( 'rest_user_invalid_argument', __( 'Username is not editable.' ), array( 'status' => 400 ) ); } if ( ! empty( $request['slug'] ) && $request['slug'] !== $user->user_nicename && get_user_by( 'slug', $request['slug'] ) ) { return new WP_Error( 'rest_user_invalid_slug', __( 'Invalid slug.' ), array( 'status' => 400 ) ); } if ( ! empty( $request['roles'] ) ) { $check_permission = $this->check_role_update( $id, $request['roles'] ); if ( is_wp_error( $check_permission ) ) { return $check_permission; } } $user = $this->prepare_item_for_database( $request ); // Ensure we're operating on the same user we already checked. $user->ID = $id; $user_id = wp_update_user( wp_slash( (array) $user ) ); if ( is_wp_error( $user_id ) ) { return $user_id; } $user = get_user_by( 'id', $user_id ); /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php */ do_action( 'rest_insert_user', $user, $request, false ); if ( ! empty( $request['roles'] ) ) { array_map( array( $user, 'add_role' ), $request['roles'] ); } $schema = $this->get_item_schema(); if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { $meta_update = $this->meta->update_value( $request['meta'], $id ); if ( is_wp_error( $meta_update ) ) { return $meta_update; } } $user = get_user_by( 'id', $user_id ); $fields_update = $this->update_additional_fields_for_object( $user, $request ); if ( is_wp_error( $fields_update ) ) { return $fields_update; } $request->set_param( 'context', 'edit' ); /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php */ do_action( 'rest_after_insert_user', $user, $request, false ); $response = $this->prepare_item_for_response( $user, $request ); $response = rest_ensure_response( $response ); return $response; } /** * Checks if a given request has access to update the current user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. */ public function update_current_item_permissions_check( $request ) { $request['id'] = get_current_user_id(); return $this->update_item_permissions_check( $request ); } /** * Updates the current user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. */ public function update_current_item( $request ) { $request['id'] = get_current_user_id(); return $this->update_item( $request ); } /** * Checks if a given request has access delete a user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. */ public function delete_item_permissions_check( $request ) { $user = $this->get_user( $request['id'] ); if ( is_wp_error( $user ) ) { return $user; } if ( ! current_user_can( 'delete_user', $user->ID ) ) { return new WP_Error( 'rest_user_cannot_delete', __( 'Sorry, you are not allowed to delete this user.' ), array( 'status' => rest_authorization_required_code() ) ); } return true; } /** * Deletes a single user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. */ public function delete_item( $request ) { // We don't support delete requests in multisite. if ( is_multisite() ) { return new WP_Error( 'rest_cannot_delete', __( 'The user cannot be deleted.' ), array( 'status' => 501 ) ); } $user = $this->get_user( $request['id'] ); if ( is_wp_error( $user ) ) { return $user; } $id = $user->ID; $reassign = false === $request['reassign'] ? null : absint( $request['reassign'] ); $force = isset( $request['force'] ) ? (bool) $request['force'] : false; // We don't support trashing for users. if ( ! $force ) { return new WP_Error( 'rest_trash_not_supported', /* translators: %s: force=true */ sprintf( __( "Users do not support trashing. Set '%s' to delete." ), 'force=true' ), array( 'status' => 501 ) ); } if ( ! empty( $reassign ) ) { if ( $reassign === $id || ! get_userdata( $reassign ) ) { return new WP_Error( 'rest_user_invalid_reassign', __( 'Invalid user ID for reassignment.' ), array( 'status' => 400 ) ); } } $request->set_param( 'context', 'edit' ); $previous = $this->prepare_item_for_response( $user, $request ); // Include user admin functions to get access to wp_delete_user(). require_once ABSPATH . 'wp-admin/includes/user.php'; $result = wp_delete_user( $id, $reassign ); if ( ! $result ) { return new WP_Error( 'rest_cannot_delete', __( 'The user cannot be deleted.' ), array( 'status' => 500 ) ); } $response = new WP_REST_Response(); $response->set_data( array( 'deleted' => true, 'previous' => $previous->get_data(), ) ); /** * Fires immediately after a user is deleted via the REST API. * * @since 4.7.0 * * @param WP_User $user The user data. * @param WP_REST_Response $response The response returned from the API. * @param WP_REST_Request $request The request sent to the API. */ do_action( 'rest_delete_user', $user, $response, $request ); return $response; } /** * Checks if a given request has access to delete the current user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise. */ public function delete_current_item_permissions_check( $request ) { $request['id'] = get_current_user_id(); return $this->delete_item_permissions_check( $request ); } /** * Deletes the current user. * * @since 4.7.0 * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. */ public function delete_current_item( $request ) { $request['id'] = get_current_user_id(); return $this->delete_item( $request ); } /** * Prepares a single user output for response. * * @since 4.7.0 * @since 5.9.0 Renamed `$user` to `$item` to match parent class for PHP 8 named parameter support. * * @param WP_User $item User object. * @param WP_REST_Request $request Request object. * @return WP_REST_Response Response object. */ public function prepare_item_for_response( $item, $request ) { // Restores the more descriptive, specific name for use within this method. $user = $item; $fields = $this->get_fields_for_response( $request ); $data = array(); if ( in_array( 'id', $fields, true ) ) { $data['id'] = $user->ID; } if ( in_array( 'username', $fields, true ) ) { $data['username'] = $user->user_login; } if ( in_array( 'name', $fields, true ) ) { $data['name'] = $user->display_name; } if ( in_array( 'first_name', $fields, true ) ) { $data['first_name'] = $user->first_name; } if ( in_array( 'last_name', $fields, true ) ) { $data['last_name'] = $user->last_name; } if ( in_array( 'email', $fields, true ) ) { $data['email'] = $user->user_email; } if ( in_array( 'url', $fields, true ) ) { $data['url'] = $user->user_url; } if ( in_array( 'description', $fields, true ) ) { $data['description'] = $user->description; } if ( in_array( 'link', $fields, true ) ) { $data['link'] = get_author_posts_url( $user->ID, $user->user_nicename ); } if ( in_array( 'locale', $fields, true ) ) { $data['locale'] = get_user_locale( $user ); } if ( in_array( 'nickname', $fields, true ) ) { $data['nickname'] = $user->nickname; } if ( in_array( 'slug', $fields, true ) ) { $data['slug'] = $user->user_nicename; } if ( in_array( 'roles', $fields, true ) ) { // Defensively call array_values() to ensure an array is returned. $data['roles'] = array_values( $user->roles ); } if ( in_array( 'registered_date', $fields, true ) ) { $data['registered_date'] = gmdate( 'c', strtotime( $user->user_registered ) ); } if ( in_array( 'capabilities', $fields, true ) ) { $data['capabilities'] = (object) $user->allcaps; } if ( in_array( 'extra_capabilities', $fields, true ) ) { $data['extra_capabilities'] = (object) $user->caps; } if ( in_array( 'avatar_urls', $fields, true ) ) { $data['avatar_urls'] = rest_get_avatar_urls( $user ); } if ( in_array( 'meta', $fields, true ) ) { $data['meta'] = $this->meta->get_value( $user->ID, $request ); } $context = ! empty( $request['context'] ) ? $request['context'] : 'embed'; $data = $this->add_additional_fields_to_object( $data, $request ); $data = $this->filter_response_by_context( $data, $context ); // Wrap the data in a response object. $response = rest_ensure_response( $data ); if ( rest_is_field_included( '_links', $fields ) || rest_is_field_included( '_embedded', $fields ) ) { $response->add_links( $this->prepare_links( $user ) ); } /** * Filters user data returned from the REST API. * * @since 4.7.0 * * @param WP_REST_Response $response The response object. * @param WP_User $user User object used to create response. * @param WP_REST_Request $request Request object. */ return apply_filters( 'rest_prepare_user', $response, $user, $request ); } /** * Prepares links for the user request. * * @since 4.7.0 * * @param WP_User $user User object. * @return array Links for the given user. */ protected function prepare_links( $user ) { $links = array( 'self' => array( 'href' => rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $user->ID ) ), ), 'collection' => array( 'href' => rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ), ), ); return $links; } /** * Prepares a single user for creation or update. * * @since 4.7.0 * * @param WP_REST_Request $request Request object. * @return object User object. */ protected function prepare_item_for_database( $request ) { $prepared_user = new stdClass(); $schema = $this->get_item_schema(); // Required arguments. if ( isset( $request['email'] ) && ! empty( $schema['properties']['email'] ) ) { $prepared_user->user_email = $request['email']; } if ( isset( $request['username'] ) && ! empty( $schema['properties']['username'] ) ) { $prepared_user->user_login = $request['username']; } if ( isset( $request['password'] ) && ! empty( $schema['properties']['password'] ) ) { $prepared_user->user_pass = $request['password']; } // Optional arguments. if ( isset( $request['id'] ) ) { $prepared_user->ID = absint( $request['id'] ); } if ( isset( $request['name'] ) && ! empty( $schema['properties']['name'] ) ) { $prepared_user->display_name = $request['name']; } if ( isset( $request['first_name'] ) && ! empty( $schema['properties']['first_name'] ) ) { $prepared_user->first_name = $request['first_name']; } if ( isset( $request['last_name'] ) && ! empty( $schema['properties']['last_name'] ) ) { $prepared_user->last_name = $request['last_name']; } if ( isset( $request['nickname'] ) && ! empty( $schema['properties']['nickname'] ) ) { $prepared_user->nickname = $request['nickname']; } if ( isset( $request['slug'] ) && ! empty( $schema['properties']['slug'] ) ) { $prepared_user->user_nicename = $request['slug']; } if ( isset( $request['description'] ) && ! empty( $schema['properties']['description'] ) ) { $prepared_user->description = $request['description']; } if ( isset( $request['url'] ) && ! empty( $schema['properties']['url'] ) ) { $prepared_user->user_url = $request['url']; } if ( isset( $request['locale'] ) && ! empty( $schema['properties']['locale'] ) ) { $prepared_user->locale = $request['locale']; } // Setting roles will be handled outside of this function. if ( isset( $request['roles'] ) ) { $prepared_user->role = false; } /** * Filters user data before insertion via the REST API. * * @since 4.7.0 * * @param object $prepared_user User object. * @param WP_REST_Request $request Request object. */ return apply_filters( 'rest_pre_insert_user', $prepared_user, $request ); } /** * Determines if the current user is allowed to make the desired roles change. * * @since 4.7.0 * * @global WP_Roles $wp_roles WordPress role management object. * * @param int $user_id User ID. * @param array $roles New user roles. * @return true|WP_Error True if the current user is allowed to make the role change, * otherwise a WP_Error object. */ protected function check_role_update( $user_id, $roles ) { global $wp_roles; foreach ( $roles as $role ) { if ( ! isset( $wp_roles->role_objects[ $role ] ) ) { return new WP_Error( 'rest_user_invalid_role', /* translators: %s: Role key. */ sprintf( __( 'The role %s does not exist.' ), $role ), array( 'status' => 400 ) ); } $potential_role = $wp_roles->role_objects[ $role ]; /* * Don't let anyone with 'edit_users' (admins) edit their own role to something without it. * Multisite super admins can freely edit their blog roles -- they possess all caps. */ if ( ! ( is_multisite() && current_user_can( 'manage_sites' ) ) && get_current_user_id() === $user_id && ! $potential_role->has_cap( 'edit_users' ) ) { return new WP_Error( 'rest_user_invalid_role', __( 'Sorry, you are not allowed to give users that role.' ), array( 'status' => rest_authorization_required_code() ) ); } // Include user admin functions to get access to get_editable_roles(). require_once ABSPATH . 'wp-admin/includes/user.php'; // The new role must be editable by the logged-in user. $editable_roles = get_editable_roles(); if ( empty( $editable_roles[ $role ] ) ) { return new WP_Error( 'rest_user_invalid_role', __( 'Sorry, you are not allowed to give users that role.' ), array( 'status' => 403 ) ); } } return true; } /** * Check a username for the REST API. * * Performs a couple of checks like edit_user() in wp-admin/includes/user.php. * * @since 4.7.0 * * @param string $value The username submitted in the request. * @param WP_REST_Request $request Full details about the request. * @param string $param The parameter name. * @return string|WP_Error The sanitized username, if valid, otherwise an error. */ public function check_username( $value, $request, $param ) { $username = (string) $value; if ( ! validate_username( $username ) ) { return new WP_Error( 'rest_user_invalid_username', __( 'This username is invalid because it uses illegal characters. Please enter a valid username.' ), array( 'status' => 400 ) ); } /** This filter is documented in wp-includes/user.php */ $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) { return new WP_Error( 'rest_user_invalid_username', __( 'Sorry, that username is not allowed.' ), array( 'status' => 400 ) ); } return $username; } /** * Check a user password for the REST API. * * Performs a couple of checks like edit_user() in wp-admin/includes/user.php. * * @since 4.7.0 * * @param string $value The password submitted in the request. * @param WP_REST_Request $request Full details about the request. * @param string $param The parameter name. * @return string|WP_Error The sanitized password, if valid, otherwise an error. */ public function check_user_password( $value, $request, $param ) { $password = (string) $value; if ( empty( $password ) ) { return new WP_Error( 'rest_user_invalid_password', __( 'Passwords cannot be empty.' ), array( 'status' => 400 ) ); } if ( str_contains( $password, '\\' ) ) { return new WP_Error( 'rest_user_invalid_password', sprintf( /* translators: %s: The '\' character. */ __( 'Passwords cannot contain the "%s" character.' ), '\\' ), array( 'status' => 400 ) ); } return $password; } /** * Retrieves the user's schema, conforming to JSON Schema. * * @since 4.7.0 * * @return array Item schema data. */ public function get_item_schema() { if ( $this->schema ) { return $this->add_additional_fields_schema( $this->schema ); } $schema = array( '$schema' => 'http://json-schema.org/draft-04/schema#', 'title' => 'user', 'type' => 'object', 'properties' => array( 'id' => array( 'description' => __( 'Unique identifier for the user.' ), 'type' => 'integer', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, ), 'username' => array( 'description' => __( 'Login name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'required' => true, 'arg_options' => array( 'sanitize_callback' => array( $this, 'check_username' ), ), ), 'name' => array( 'description' => __( 'Display name for the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'first_name' => array( 'description' => __( 'First name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'last_name' => array( 'description' => __( 'Last name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'email' => array( 'description' => __( 'The email address for the user.' ), 'type' => 'string', 'format' => 'email', 'context' => array( 'edit' ), 'required' => true, ), 'url' => array( 'description' => __( 'URL of the user.' ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), ), 'description' => array( 'description' => __( 'Description of the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), ), 'link' => array( 'description' => __( 'Author URL of the user.' ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, ), 'locale' => array( 'description' => __( 'Locale for the user.' ), 'type' => 'string', 'enum' => array_merge( array( '', 'en_US' ), get_available_languages() ), 'context' => array( 'edit' ), ), 'nickname' => array( 'description' => __( 'The nickname for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'slug' => array( 'description' => __( 'An alphanumeric identifier for the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), 'arg_options' => array( 'sanitize_callback' => array( $this, 'sanitize_slug' ), ), ), 'registered_date' => array( 'description' => __( 'Registration date for the user.' ), 'type' => 'string', 'format' => 'date-time', 'context' => array( 'edit' ), 'readonly' => true, ), 'roles' => array( 'description' => __( 'Roles assigned to the user.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), 'context' => array( 'edit' ), ), 'password' => array( 'description' => __( 'Password for the user (never included).' ), 'type' => 'string', 'context' => array(), // Password is never displayed. 'required' => true, 'arg_options' => array( 'sanitize_callback' => array( $this, 'check_user_password' ), ), ), 'capabilities' => array( 'description' => __( 'All capabilities assigned to the user.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), 'extra_capabilities' => array( 'description' => __( 'Any extra capabilities assigned to the user.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), ), ); if ( get_option( 'show_avatars' ) ) { $avatar_properties = array(); $avatar_sizes = rest_get_avatar_sizes(); foreach ( $avatar_sizes as $size ) { $avatar_properties[ $size ] = array( /* translators: %d: Avatar image size in pixels. */ 'description' => sprintf( __( 'Avatar URL with image size of %d pixels.' ), $size ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), ); } $schema['properties']['avatar_urls'] = array( 'description' => __( 'Avatar URLs for the user.' ), 'type' => 'object', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, 'properties' => $avatar_properties, ); } $schema['properties']['meta'] = $this->meta->get_field_schema(); $this->schema = $schema; return $this->add_additional_fields_schema( $this->schema ); } /** * Retrieves the query params for collections. * * @since 4.7.0 * * @return array Collection parameters. */ public function get_collection_params() { $query_params = parent::get_collection_params(); $query_params['context']['default'] = 'view'; $query_params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific IDs.' ), 'type' => 'array', 'items' => array( 'type' => 'integer', ), 'default' => array(), ); $query_params['include'] = array( 'description' => __( 'Limit result set to specific IDs.' ), 'type' => 'array', 'items' => array( 'type' => 'integer', ), 'default' => array(), ); $query_params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of items.' ), 'type' => 'integer', ); $query_params['order'] = array( 'default' => 'asc', 'description' => __( 'Order sort attribute ascending or descending.' ), 'enum' => array( 'asc', 'desc' ), 'type' => 'string', ); $query_params['orderby'] = array( 'default' => 'name', 'description' => __( 'Sort collection by user attribute.' ), 'enum' => array( 'id', 'include', 'name', 'registered_date', 'slug', 'include_slugs', 'email', 'url', ), 'type' => 'string', ); $query_params['slug'] = array( 'description' => __( 'Limit result set to users with one or more specific slugs.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['roles'] = array( 'description' => __( 'Limit result set to users matching at least one specific role provided. Accepts csv list or single role.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['capabilities'] = array( 'description' => __( 'Limit result set to users matching at least one specific capability provided. Accepts csv list or single capability.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['who'] = array( 'description' => __( 'Limit result set to users who are considered authors.' ), 'type' => 'string', 'enum' => array( 'authors', ), ); $query_params['has_published_posts'] = array( 'description' => __( 'Limit result set to users who have published posts.' ), 'type' => array( 'boolean', 'array' ), 'items' => array( 'type' => 'string', 'enum' => get_post_types( array( 'show_in_rest' => true ), 'names' ), ), ); /** * Filters REST API collection parameters for the users controller. * * This filter registers the collection parameter, but does not map the * collection parameter to an internal WP_User_Query parameter. Use the * `rest_user_query` filter to set WP_User_Query arguments. * * @since 4.7.0 * * @param array $query_params JSON Schema-formatted collection parameters. */ return apply_filters( 'rest_user_collection_params', $query_params ); } } 503 Service Unavailable

Service Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.