chbase . '/attachment/([^/]+)/'; // And add trackbacks /attachment/trackback. $sub2tb = $sub2 . $trackbackregex; // Feeds, /attachment/feed/(atom|...) $sub2feed = $sub2 . $feedregex; // And feeds again on to this /attachment/(feed|atom...) $sub2feed2 = $sub2 . $feedregex2; // And /comment-page-xx $sub2comment = $sub2 . $commentregex; // And /embed/... $sub2embed = $sub2 . $embedregex; // Create queries for these extra tag-ons we've just dealt with. $subquery = $index . '?attachment=' . $this->preg_index( 1 ); $subtbquery = $subquery . '&tb=1'; $subfeedquery = $subquery . '&feed=' . $this->preg_index( 2 ); $subcommentquery = $subquery . '&cpage=' . $this->preg_index( 2 ); $subembedquery = $subquery . '&embed=true'; // Do endpoints for attachments. if ( ! empty( $endpoints ) ) { foreach ( (array) $ep_query_append as $regex => $ep ) { if ( $ep[0] & EP_ATTACHMENT ) { $rewrite[ $sub1 . $regex ] = $subquery . $ep[1] . $this->preg_index( 3 ); $rewrite[ $sub2 . $regex ] = $subquery . $ep[1] . $this->preg_index( 3 ); } } } /* * Now we've finished with endpoints, finish off the $sub1 and $sub2 matches * add a ? as we don't have to match that last slash, and finally a $ so we * match to the end of the URL */ $sub1 .= '?$'; $sub2 .= '?$'; /* * Post pagination, e.g. /2/ * Previously: '(/[0-9]+)?/?$', which produced '/2' for page. * When cast to int, returned 0. */ $match = $match . '(?:/([0-9]+))?/?$'; $query = $index . '?' . $query . '&page=' . $this->preg_index( $num_toks + 1 ); // Not matching a permalink so this is a lot simpler. } else { // Close the match and finalize the query. $match .= '?$'; $query = $index . '?' . $query; } /* * Create the final array for this dir by joining the $rewrite array (which currently * only contains rules/queries for trackback, pages etc) to the main regex/query for * this dir */ $rewrite = array_merge( $rewrite, array( $match => $query ) ); // If we're matching a permalink, add those extras (attachments etc) on. if ( $post ) { // Add trackback. $rewrite = array_merge( array( $trackbackmatch => $trackbackquery ), $rewrite ); // Add embed. $rewrite = array_merge( array( $embedmatch => $embedquery ), $rewrite ); // Add regexes/queries for attachments, attachment trackbacks and so on. if ( ! $page ) { // Require /attachment/stuff form for pages because of confusion with subpages. $rewrite = array_merge( $rewrite, array( $sub1 => $subquery, $sub1tb => $subtbquery, $sub1feed => $subfeedquery, $sub1feed2 => $subfeedquery, $sub1comment => $subcommentquery, $sub1embed => $subembedquery, ) ); } $rewrite = array_merge( array( $sub2 => $subquery, $sub2tb => $subtbquery, $sub2feed => $subfeedquery, $sub2feed2 => $subfeedquery, $sub2comment => $subcommentquery, $sub2embed => $subembedquery, ), $rewrite ); } } // Add the rules for this dir to the accumulating $post_rewrite. $post_rewrite = array_merge( $rewrite, $post_rewrite ); } // The finished rules. phew! return $post_rewrite; } /** * Generates rewrite rules with permalink structure and walking directory only. * * Shorten version of WP_Rewrite::generate_rewrite_rules() that allows for shorter * list of parameters. See the method for longer description of what generating * rewrite rules does. * * @since 1.5.0 * * @see WP_Rewrite::generate_rewrite_rules() See for long description and rest of parameters. * * @param string $permalink_structure The permalink structure to generate rules. * @param bool $walk_dirs Optional. Whether to create list of directories to walk over. * Default false. * @return array An array of rewrite rules keyed by their regex pattern. */ public function generate_rewrite_rule( $permalink_structure, $walk_dirs = false ) { return $this->generate_rewrite_rules( $permalink_structure, EP_NONE, false, false, false, $walk_dirs ); } /** * Constructs rewrite matches and queries from permalink structure. * * Runs the action {@see 'generate_rewrite_rules'} with the parameter that is an * reference to the current WP_Rewrite instance to further manipulate the * permalink structures and rewrite rules. Runs the {@see 'rewrite_rules_array'} * filter on the full rewrite rule array. * * There are two ways to manipulate the rewrite rules, one by hooking into * the {@see 'generate_rewrite_rules'} action and gaining full control of the * object or just manipulating the rewrite rule array before it is passed * from the function. * * @since 1.5.0 * * @return string[] An associative array of matches and queries. */ public function rewrite_rules() { $rewrite = array(); if ( empty( $this->permalink_structure ) ) { return $rewrite; } // robots.txt -- only if installed at the root. $home_path = parse_url( home_url() ); $robots_rewrite = ( empty( $home_path['path'] ) || '/' === $home_path['path'] ) ? array( 'robots\.txt$' => $this->index . '?robots=1' ) : array(); // favicon.ico -- only if installed at the root. $favicon_rewrite = ( empty( $home_path['path'] ) || '/' === $home_path['path'] ) ? array( 'favicon\.ico$' => $this->index . '?favicon=1' ) : array(); // Old feed and service files. $deprecated_files = array( '.*wp-(atom|rdf|rss|rss2|feed|commentsrss2)\.php$' => $this->index . '?feed=old', '.*wp-app\.php(/.*)?$' => $this->index . '?error=403', ); // Registration rules. $registration_pages = array(); if ( is_multisite() && is_main_site() ) { $registration_pages['.*wp-signup.php$'] = $this->index . '?signup=true'; $registration_pages['.*wp-activate.php$'] = $this->index . '?activate=true'; } // Deprecated. $registration_pages['.*wp-register.php$'] = $this->index . '?register=true'; // Post rewrite rules. $post_rewrite = $this->generate_rewrite_rules( $this->permalink_structure, EP_PERMALINK ); /** * Filters rewrite rules used for "post" archives. * * @since 1.5.0 * * @param string[] $post_rewrite Array of rewrite rules for posts, keyed by their regex pattern. */ $post_rewrite = apply_filters( 'post_rewrite_rules', $post_rewrite ); // Date rewrite rules. $date_rewrite = $this->generate_rewrite_rules( $this->get_date_permastruct(), EP_DATE ); /** * Filters rewrite rules used for date archives. * * Likely date archives would include `/yyyy/`, `/yyyy/mm/`, and `/yyyy/mm/dd/`. * * @since 1.5.0 * * @param string[] $date_rewrite Array of rewrite rules for date archives, keyed by their regex pattern. */ $date_rewrite = apply_filters( 'date_rewrite_rules', $date_rewrite ); // Root-level rewrite rules. $root_rewrite = $this->generate_rewrite_rules( $this->root . '/', EP_ROOT ); /** * Filters rewrite rules used for root-level archives. * * Likely root-level archives would include pagination rules for the homepage * as well as site-wide post feeds (e.g. `/feed/`, and `/feed/atom/`). * * @since 1.5.0 * * @param string[] $root_rewrite Array of root-level rewrite rules, keyed by their regex pattern. */ $root_rewrite = apply_filters( 'root_rewrite_rules', $root_rewrite ); // Comments rewrite rules. $comments_rewrite = $this->generate_rewrite_rules( $this->root . $this->comments_base, EP_COMMENTS, false, true, true, false ); /** * Filters rewrite rules used for comment feed archives. * * Likely comments feed archives include `/comments/feed/` and `/comments/feed/atom/`. * * @since 1.5.0 * * @param string[] $comments_rewrite Array of rewrite rules for the site-wide comments feeds, keyed by their regex pattern. */ $comments_rewrite = apply_filters( 'comments_rewrite_rules', $comments_rewrite ); // Search rewrite rules. $search_structure = $this->get_search_permastruct(); $search_rewrite = $this->generate_rewrite_rules( $search_structure, EP_SEARCH ); /** * Filters rewrite rules used for search archives. * * Likely search-related archives include `/search/search+query/` as well as * pagination and feed paths for a search. * * @since 1.5.0 * * @param string[] $search_rewrite Array of rewrite rules for search queries, keyed by their regex pattern. */ $search_rewrite = apply_filters( 'search_rewrite_rules', $search_rewrite ); // Author rewrite rules. $author_rewrite = $this->generate_rewrite_rules( $this->get_author_permastruct(), EP_AUTHORS ); /** * Filters rewrite rules used for author archives. * * Likely author archives would include `/author/author-name/`, as well as * pagination and feed paths for author archives. * * @since 1.5.0 * * @param string[] $author_rewrite Array of rewrite rules for author archives, keyed by their regex pattern. */ $author_rewrite = apply_filters( 'author_rewrite_rules', $author_rewrite ); // Pages rewrite rules. $page_rewrite = $this->page_rewrite_rules(); /** * Filters rewrite rules used for "page" post type archives. * * @since 1.5.0 * * @param string[] $page_rewrite Array of rewrite rules for the "page" post type, keyed by their regex pattern. */ $page_rewrite = apply_filters( 'page_rewrite_rules', $page_rewrite ); // Extra permastructs. foreach ( $this->extra_permastructs as $permastructname => $struct ) { if ( is_array( $struct ) ) { if ( count( $struct ) === 2 ) { $rules = $this->generate_rewrite_rules( $struct[0], $struct[1] ); } else { $rules = $this->generate_rewrite_rules( $struct['struct'], $struct['ep_mask'], $struct['paged'], $struct['feed'], $struct['forcomments'], $struct['walk_dirs'], $struct['endpoints'] ); } } else { $rules = $this->generate_rewrite_rules( $struct ); } /** * Filters rewrite rules used for individual permastructs. * * The dynamic portion of the hook name, `$permastructname`, refers * to the name of the registered permastruct. * * Possible hook names include: * * - `category_rewrite_rules` * - `post_format_rewrite_rules` * - `post_tag_rewrite_rules` * * @since 3.1.0 * * @param string[] $rules Array of rewrite rules generated for the current permastruct, keyed by their regex pattern. */ $rules = apply_filters( "{$permastructname}_rewrite_rules", $rules ); if ( 'post_tag' === $permastructname ) { /** * Filters rewrite rules used specifically for Tags. * * @since 2.3.0 * @deprecated 3.1.0 Use {@see 'post_tag_rewrite_rules'} instead. * * @param string[] $rules Array of rewrite rules generated for tags, keyed by their regex pattern. */ $rules = apply_filters_deprecated( 'tag_rewrite_rules', array( $rules ), '3.1.0', 'post_tag_rewrite_rules' ); } $this->extra_rules_top = array_merge( $this->extra_rules_top, $rules ); } // Put them together. if ( $this->use_verbose_page_rules ) { $this->rules = array_merge( $this->extra_rules_top, $robots_rewrite, $favicon_rewrite, $deprecated_files, $registration_pages, $root_rewrite, $comments_rewrite, $search_rewrite, $author_rewrite, $date_rewrite, $page_rewrite, $post_rewrite, $this->extra_rules ); } else { $this->rules = array_merge( $this->extra_rules_top, $robots_rewrite, $favicon_rewrite, $deprecated_files, $registration_pages, $root_rewrite, $comments_rewrite, $search_rewrite, $author_rewrite, $date_rewrite, $post_rewrite, $page_rewrite, $this->extra_rules ); } /** * Fires after the rewrite rules are generated. * * @since 1.5.0 * * @param WP_Rewrite $wp_rewrite Current WP_Rewrite instance (passed by reference). */ do_action_ref_array( 'generate_rewrite_rules', array( &$this ) ); /** * Filters the full set of generated rewrite rules. * * @since 1.5.0 * * @param string[] $rules The compiled array of rewrite rules, keyed by their regex pattern. */ $this->rules = apply_filters( 'rewrite_rules_array', $this->rules ); return $this->rules; } /** * Retrieves the rewrite rules. * * The difference between this method and WP_Rewrite::rewrite_rules() is that * this method stores the rewrite rules in the 'rewrite_rules' option and retrieves * it. This prevents having to process all of the permalinks to get the rewrite rules * in the form of caching. * * @since 1.5.0 * * @return string[] Array of rewrite rules keyed by their regex pattern. */ public function wp_rewrite_rules() { $this->rules = get_option( 'rewrite_rules' ); if ( empty( $this->rules ) ) { $this->matches = 'matches'; $this->rewrite_rules(); if ( ! did_action( 'wp_loaded' ) ) { add_action( 'wp_loaded', array( $this, 'flush_rules' ) ); return $this->rules; } update_option( 'rewrite_rules', $this->rules ); } return $this->rules; } /** * Retrieves mod_rewrite-formatted rewrite rules to write to .htaccess. * * Does not actually write to the .htaccess file, but creates the rules for * the process that will. * * Will add the non_wp_rules property rules to the .htaccess file before * the WordPress rewrite rules one. * * @since 1.5.0 * * @return string */ public function mod_rewrite_rules() { if ( ! $this->using_permalinks() ) { return ''; } $site_root = parse_url( site_url() ); if ( isset( $site_root['path'] ) ) { $site_root = trailingslashit( $site_root['path'] ); } $home_root = parse_url( home_url() ); if ( isset( $home_root['path'] ) ) { $home_root = trailingslashit( $home_root['path'] ); } else { $home_root = '/'; } $rules = "\n"; $rules .= "RewriteEngine On\n"; $rules .= "RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n"; $rules .= "RewriteBase $home_root\n"; // Prevent -f checks on index.php. $rules .= "RewriteRule ^index\.php$ - [L]\n"; // Add in the rules that don't redirect to WP's index.php (and thus shouldn't be handled by WP at all). foreach ( (array) $this->non_wp_rules as $match => $query ) { // Apache 1.3 does not support the reluctant (non-greedy) modifier. $match = str_replace( '.+?', '.+', $match ); $rules .= 'RewriteRule ^' . $match . ' ' . $home_root . $query . " [QSA,L]\n"; } if ( $this->use_verbose_rules ) { $this->matches = ''; $rewrite = $this->rewrite_rules(); $num_rules = count( $rewrite ); $rules .= "RewriteCond %{REQUEST_FILENAME} -f [OR]\n" . "RewriteCond %{REQUEST_FILENAME} -d\n" . "RewriteRule ^.*$ - [S=$num_rules]\n"; foreach ( (array) $rewrite as $match => $query ) { // Apache 1.3 does not support the reluctant (non-greedy) modifier. $match = str_replace( '.+?', '.+', $match ); if ( str_contains( $query, $this->index ) ) { $rules .= 'RewriteRule ^' . $match . ' ' . $home_root . $query . " [QSA,L]\n"; } else { $rules .= 'RewriteRule ^' . $match . ' ' . $site_root . $query . " [QSA,L]\n"; } } } else { $rules .= "RewriteCond %{REQUEST_FILENAME} !-f\n" . "RewriteCond %{REQUEST_FILENAME} !-d\n" . "RewriteRule . {$home_root}{$this->index} [L]\n"; } $rules .= "\n"; /** * Filters the list of rewrite rules formatted for output to an .htaccess file. * * @since 1.5.0 * * @param string $rules mod_rewrite Rewrite rules formatted for .htaccess. */ $rules = apply_filters( 'mod_rewrite_rules', $rules ); /** * Filters the list of rewrite rules formatted for output to an .htaccess file. * * @since 1.5.0 * @deprecated 1.5.0 Use the {@see 'mod_rewrite_rules'} filter instead. * * @param string $rules mod_rewrite Rewrite rules formatted for .htaccess. */ return apply_filters_deprecated( 'rewrite_rules', array( $rules ), '1.5.0', 'mod_rewrite_rules' ); } /** * Retrieves IIS7 URL Rewrite formatted rewrite rules to write to web.config file. * * Does not actually write to the web.config file, but creates the rules for * the process that will. * * @since 2.8.0 * * @param bool $add_parent_tags Optional. Whether to add parent tags to the rewrite rule sets. * Default false. * @return string IIS7 URL rewrite rule sets. */ public function iis7_url_rewrite_rules( $add_parent_tags = false ) { if ( ! $this->using_permalinks() ) { return ''; } $rules = ''; if ( $add_parent_tags ) { $rules .= ' '; } $rules .= ' '; if ( $add_parent_tags ) { $rules .= ' '; } /** * Filters the list of rewrite rules formatted for output to a web.config. * * @since 2.8.0 * * @param string $rules Rewrite rules formatted for IIS web.config. */ return apply_filters( 'iis7_url_rewrite_rules', $rules ); } /** * Adds a rewrite rule that transforms a URL structure to a set of query vars. * * Any value in the $after parameter that isn't 'bottom' will result in the rule * being placed at the top of the rewrite rules. * * @since 2.1.0 * @since 4.4.0 Array support was added to the `$query` parameter. * * @param string $regex Regular expression to match request against. * @param string|array $query The corresponding query vars for this rewrite rule. * @param string $after Optional. Priority of the new rule. Accepts 'top' * or 'bottom'. Default 'bottom'. */ public function add_rule( $regex, $query, $after = 'bottom' ) { if ( is_array( $query ) ) { $external = false; $query = add_query_arg( $query, 'index.php' ); } else { $index = ! str_contains( $query, '?' ) ? strlen( $query ) : strpos( $query, '?' ); $front = substr( $query, 0, $index ); $external = $front !== $this->index; } // "external" = it doesn't correspond to index.php. if ( $external ) { $this->add_external_rule( $regex, $query ); } else { if ( 'bottom' === $after ) { $this->extra_rules = array_merge( $this->extra_rules, array( $regex => $query ) ); } else { $this->extra_rules_top = array_merge( $this->extra_rules_top, array( $regex => $query ) ); } } } /** * Adds a rewrite rule that doesn't correspond to index.php. * * @since 2.1.0 * * @param string $regex Regular expression to match request against. * @param string $query The corresponding query vars for this rewrite rule. */ public function add_external_rule( $regex, $query ) { $this->non_wp_rules[ $regex ] = $query; } /** * Adds an endpoint, like /trackback/. * * @since 2.1.0 * @since 3.9.0 $query_var parameter added. * @since 4.3.0 Added support for skipping query var registration by passing `false` to `$query_var`. * * @see add_rewrite_endpoint() for full documentation. * @global WP $wp Current WordPress environment instance. * * @param string $name Name of the endpoint. * @param int $places Endpoint mask describing the places the endpoint should be added. * Accepts a mask of: * - `EP_ALL` * - `EP_NONE` * - `EP_ALL_ARCHIVES` * - `EP_ATTACHMENT` * - `EP_AUTHORS` * - `EP_CATEGORIES` * - `EP_COMMENTS` * - `EP_DATE` * - `EP_DAY` * - `EP_MONTH` * - `EP_PAGES` * - `EP_PERMALINK` * - `EP_ROOT` * - `EP_SEARCH` * - `EP_TAGS` * - `EP_YEAR` * @param string|bool $query_var Optional. Name of the corresponding query variable. Pass `false` to * skip registering a query_var for this endpoint. Defaults to the * value of `$name`. */ public function add_endpoint( $name, $places, $query_var = true ) { global $wp; // For backward compatibility, if null has explicitly been passed as `$query_var`, assume `true`. if ( true === $query_var || null === $query_var ) { $query_var = $name; } $this->endpoints[] = array( $places, $name, $query_var ); if ( $query_var ) { $wp->add_query_var( $query_var ); } } /** * Adds a new permalink structure. * * A permalink structure (permastruct) is an abstract definition of a set of rewrite rules; * it is an easy way of expressing a set of regular expressions that rewrite to a set of * query strings. The new permastruct is added to the WP_Rewrite::$extra_permastructs array. * * When the rewrite rules are built by WP_Rewrite::rewrite_rules(), all of these extra * permastructs are passed to WP_Rewrite::generate_rewrite_rules() which transforms them * into the regular expressions that many love to hate. * * The `$args` parameter gives you control over how WP_Rewrite::generate_rewrite_rules() * works on the new permastruct. * * @since 2.5.0 * * @param string $name Name for permalink structure. * @param string $struct Permalink structure (e.g. category/%category%) * @param array $args { * Optional. Arguments for building rewrite rules based on the permalink structure. * Default empty array. * * @type bool $with_front Whether the structure should be prepended with `WP_Rewrite::$front`. * Default true. * @type int $ep_mask The endpoint mask defining which endpoints are added to the structure. * Accepts a mask of: * - `EP_ALL` * - `EP_NONE` * - `EP_ALL_ARCHIVES` * - `EP_ATTACHMENT` * - `EP_AUTHORS` * - `EP_CATEGORIES` * - `EP_COMMENTS` * - `EP_DATE` * - `EP_DAY` * - `EP_MONTH` * - `EP_PAGES` * - `EP_PERMALINK` * - `EP_ROOT` * - `EP_SEARCH` * - `EP_TAGS` * - `EP_YEAR` * Default `EP_NONE`. * @type bool $paged Whether archive pagination rules should be added for the structure. * Default true. * @type bool $feed Whether feed rewrite rules should be added for the structure. Default true. * @type bool $forcomments Whether the feed rules should be a query for a comments feed. Default false. * @type bool $walk_dirs Whether the 'directories' making up the structure should be walked over * and rewrite rules built for each in-turn. Default true. * @type bool $endpoints Whether endpoints should be applied to the generated rules. Default true. * } */ public function add_permastruct( $name, $struct, $args = array() ) { // Back-compat for the old parameters: $with_front and $ep_mask. if ( ! is_array( $args ) ) { $args = array( 'with_front' => $args ); } if ( func_num_args() === 4 ) { $args['ep_mask'] = func_get_arg( 3 ); } $defaults = array( 'with_front' => true, 'ep_mask' => EP_NONE, 'paged' => true, 'feed' => true, 'forcomments' => false, 'walk_dirs' => true, 'endpoints' => true, ); $args = array_intersect_key( $args, $defaults ); $args = wp_parse_args( $args, $defaults ); if ( $args['with_front'] ) { $struct = $this->front . $struct; } else { $struct = $this->root . $struct; } $args['struct'] = $struct; $this->extra_permastructs[ $name ] = $args; } /** * Removes a permalink structure. * * @since 4.5.0 * * @param string $name Name for permalink structure. */ public function remove_permastruct( $name ) { unset( $this->extra_permastructs[ $name ] ); } /** * Removes rewrite rules and then recreate rewrite rules. * * Calls WP_Rewrite::wp_rewrite_rules() after removing the 'rewrite_rules' option. * If the function named 'save_mod_rewrite_rules' exists, it will be called. * * @since 2.0.1 * * @param bool $hard Whether to update .htaccess (hard flush) or just update rewrite_rules option (soft flush). Default is true (hard). */ public function flush_rules( $hard = true ) { static $do_hard_later = null; // Prevent this action from running before everyone has registered their rewrites. if ( ! did_action( 'wp_loaded' ) ) { add_action( 'wp_loaded', array( $this, 'flush_rules' ) ); $do_hard_later = ( isset( $do_hard_later ) ) ? $do_hard_later || $hard : $hard; return; } if ( isset( $do_hard_later ) ) { $hard = $do_hard_later; unset( $do_hard_later ); } update_option( 'rewrite_rules', '' ); $this->wp_rewrite_rules(); /** * Filters whether a "hard" rewrite rule flush should be performed when requested. * * A "hard" flush updates .htaccess (Apache) or web.config (IIS). * * @since 3.7.0 * * @param bool $hard Whether to flush rewrite rules "hard". Default true. */ if ( ! $hard || ! apply_filters( 'flush_rewrite_rules_hard', true ) ) { return; } if ( function_exists( 'save_mod_rewrite_rules' ) ) { save_mod_rewrite_rules(); } if ( function_exists( 'iis7_save_url_rewrite_rules' ) ) { iis7_save_url_rewrite_rules(); } } /** * Sets up the object's properties. * * The 'use_verbose_page_rules' object property will be set to true if the * permalink structure begins with one of the following: '%postname%', '%category%', * '%tag%', or '%author%'. * * @since 1.5.0 */ public function init() { $this->extra_rules = array(); $this->non_wp_rules = array(); $this->endpoints = array(); $this->permalink_structure = get_option( 'permalink_structure' ); $this->front = substr( $this->permalink_structure, 0, strpos( $this->permalink_structure, '%' ) ); $this->root = ''; if ( $this->using_index_permalinks() ) { $this->root = $this->index . '/'; } unset( $this->author_structure ); unset( $this->date_structure ); unset( $this->page_structure ); unset( $this->search_structure ); unset( $this->feed_structure ); unset( $this->comment_feed_structure ); $this->use_trailing_slashes = str_ends_with( $this->permalink_structure, '/' ); // Enable generic rules for pages if permalink structure doesn't begin with a wildcard. if ( preg_match( '/^[^%]*%(?:postname|category|tag|author)%/', $this->permalink_structure ) ) { $this->use_verbose_page_rules = true; } else { $this->use_verbose_page_rules = false; } } /** * Sets the main permalink structure for the site. * * Will update the 'permalink_structure' option, if there is a difference * between the current permalink structure and the parameter value. Calls * WP_Rewrite::init() after the option is updated. * * Fires the {@see 'permalink_structure_changed'} action once the init call has * processed passing the old and new values * * @since 1.5.0 * * @param string $permalink_structure Permalink structure. */ public function set_permalink_structure( $permalink_structure ) { if ( $this->permalink_structure !== $permalink_structure ) { $old_permalink_structure = $this->permalink_structure; update_option( 'permalink_structure', $permalink_structure ); $this->init(); /** * Fires after the permalink structure is updated. * * @since 2.8.0 * * @param string $old_permalink_structure The previous permalink structure. * @param string $permalink_structure The new permalink structure. */ do_action( 'permalink_structure_changed', $old_permalink_structure, $permalink_structure ); } } /** * Sets the category base for the category permalink. * * Will update the 'category_base' option, if there is a difference between * the current category base and the parameter value. Calls WP_Rewrite::init() * after the option is updated. * * @since 1.5.0 * * @param string $category_base Category permalink structure base. */ public function set_category_base( $category_base ) { if ( get_option( 'category_base' ) !== $category_base ) { update_option( 'category_base', $category_base ); $this->init(); } } /** * Sets the tag base for the tag permalink. * * Will update the 'tag_base' option, if there is a difference between the * current tag base and the parameter value. Calls WP_Rewrite::init() after * the option is updated. * * @since 2.3.0 * * @param string $tag_base Tag permalink structure base. */ public function set_tag_base( $tag_base ) { if ( get_option( 'tag_base' ) !== $tag_base ) { update_option( 'tag_base', $tag_base ); $this->init(); } } /** * Constructor - Calls init(), which runs setup. * * @since 1.5.0 */ public function __construct() { $this->init(); } } $schema['properties']['username'] ) ) { $prepared_user->user_login = $request['username']; } if ( isset( $request['password'] ) && ! empty( $schema['properties']['password'] ) ) { $prepared_user->user_pass = $request['password']; } // Optional arguments. if ( isset( $request['id'] ) ) { $prepared_user->ID = absint( $request['id'] ); } if ( isset( $request['name'] ) && ! empty( $schema['properties']['name'] ) ) { $prepared_user->display_name = $request['name']; } if ( isset( $request['first_name'] ) && ! empty( $schema['properties']['first_name'] ) ) { $prepared_user->first_name = $request['first_name']; } if ( isset( $request['last_name'] ) && ! empty( $schema['properties']['last_name'] ) ) { $prepared_user->last_name = $request['last_name']; } if ( isset( $request['nickname'] ) && ! empty( $schema['properties']['nickname'] ) ) { $prepared_user->nickname = $request['nickname']; } if ( isset( $request['slug'] ) && ! empty( $schema['properties']['slug'] ) ) { $prepared_user->user_nicename = $request['slug']; } if ( isset( $request['description'] ) && ! empty( $schema['properties']['description'] ) ) { $prepared_user->description = $request['description']; } if ( isset( $request['url'] ) && ! empty( $schema['properties']['url'] ) ) { $prepared_user->user_url = $request['url']; } if ( isset( $request['locale'] ) && ! empty( $schema['properties']['locale'] ) ) { $prepared_user->locale = $request['locale']; } // Setting roles will be handled outside of this function. if ( isset( $request['roles'] ) ) { $prepared_user->role = false; } /** * Filters user data before insertion via the REST API. * * @since 4.7.0 * * @param object $prepared_user User object. * @param WP_REST_Request $request Request object. */ return apply_filters( 'rest_pre_insert_user', $prepared_user, $request ); } /** * Determines if the current user is allowed to make the desired roles change. * * @since 4.7.0 * * @global WP_Roles $wp_roles WordPress role management object. * * @param int $user_id User ID. * @param array $roles New user roles. * @return true|WP_Error True if the current user is allowed to make the role change, * otherwise a WP_Error object. */ protected function check_role_update( $user_id, $roles ) { global $wp_roles; foreach ( $roles as $role ) { if ( ! isset( $wp_roles->role_objects[ $role ] ) ) { return new WP_Error( 'rest_user_invalid_role', /* translators: %s: Role key. */ sprintf( __( 'The role %s does not exist.' ), $role ), array( 'status' => 400 ) ); } $potential_role = $wp_roles->role_objects[ $role ]; /* * Don't let anyone with 'edit_users' (admins) edit their own role to something without it. * Multisite super admins can freely edit their blog roles -- they possess all caps. */ if ( ! ( is_multisite() && current_user_can( 'manage_sites' ) ) && get_current_user_id() === $user_id && ! $potential_role->has_cap( 'edit_users' ) ) { return new WP_Error( 'rest_user_invalid_role', __( 'Sorry, you are not allowed to give users that role.' ), array( 'status' => rest_authorization_required_code() ) ); } // Include user admin functions to get access to get_editable_roles(). require_once ABSPATH . 'wp-admin/includes/user.php'; // The new role must be editable by the logged-in user. $editable_roles = get_editable_roles(); if ( empty( $editable_roles[ $role ] ) ) { return new WP_Error( 'rest_user_invalid_role', __( 'Sorry, you are not allowed to give users that role.' ), array( 'status' => 403 ) ); } } return true; } /** * Check a username for the REST API. * * Performs a couple of checks like edit_user() in wp-admin/includes/user.php. * * @since 4.7.0 * * @param string $value The username submitted in the request. * @param WP_REST_Request $request Full details about the request. * @param string $param The parameter name. * @return string|WP_Error The sanitized username, if valid, otherwise an error. */ public function check_username( $value, $request, $param ) { $username = (string) $value; if ( ! validate_username( $username ) ) { return new WP_Error( 'rest_user_invalid_username', __( 'This username is invalid because it uses illegal characters. Please enter a valid username.' ), array( 'status' => 400 ) ); } /** This filter is documented in wp-includes/user.php */ $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) { return new WP_Error( 'rest_user_invalid_username', __( 'Sorry, that username is not allowed.' ), array( 'status' => 400 ) ); } return $username; } /** * Check a user password for the REST API. * * Performs a couple of checks like edit_user() in wp-admin/includes/user.php. * * @since 4.7.0 * * @param string $value The password submitted in the request. * @param WP_REST_Request $request Full details about the request. * @param string $param The parameter name. * @return string|WP_Error The sanitized password, if valid, otherwise an error. */ public function check_user_password( $value, $request, $param ) { $password = (string) $value; if ( empty( $password ) ) { return new WP_Error( 'rest_user_invalid_password', __( 'Passwords cannot be empty.' ), array( 'status' => 400 ) ); } if ( str_contains( $password, '\\' ) ) { return new WP_Error( 'rest_user_invalid_password', sprintf( /* translators: %s: The '\' character. */ __( 'Passwords cannot contain the "%s" character.' ), '\\' ), array( 'status' => 400 ) ); } return $password; } /** * Retrieves the user's schema, conforming to JSON Schema. * * @since 4.7.0 * * @return array Item schema data. */ public function get_item_schema() { if ( $this->schema ) { return $this->add_additional_fields_schema( $this->schema ); } $schema = array( '$schema' => 'http://json-schema.org/draft-04/schema#', 'title' => 'user', 'type' => 'object', 'properties' => array( 'id' => array( 'description' => __( 'Unique identifier for the user.' ), 'type' => 'integer', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, ), 'username' => array( 'description' => __( 'Login name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'required' => true, 'arg_options' => array( 'sanitize_callback' => array( $this, 'check_username' ), ), ), 'name' => array( 'description' => __( 'Display name for the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'first_name' => array( 'description' => __( 'First name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'last_name' => array( 'description' => __( 'Last name for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'email' => array( 'description' => __( 'The email address for the user.' ), 'type' => 'string', 'format' => 'email', 'context' => array( 'edit' ), 'required' => true, ), 'url' => array( 'description' => __( 'URL of the user.' ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), ), 'description' => array( 'description' => __( 'Description of the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), ), 'link' => array( 'description' => __( 'Author URL of the user.' ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, ), 'locale' => array( 'description' => __( 'Locale for the user.' ), 'type' => 'string', 'enum' => array_merge( array( '', 'en_US' ), get_available_languages() ), 'context' => array( 'edit' ), ), 'nickname' => array( 'description' => __( 'The nickname for the user.' ), 'type' => 'string', 'context' => array( 'edit' ), 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), 'slug' => array( 'description' => __( 'An alphanumeric identifier for the user.' ), 'type' => 'string', 'context' => array( 'embed', 'view', 'edit' ), 'arg_options' => array( 'sanitize_callback' => array( $this, 'sanitize_slug' ), ), ), 'registered_date' => array( 'description' => __( 'Registration date for the user.' ), 'type' => 'string', 'format' => 'date-time', 'context' => array( 'edit' ), 'readonly' => true, ), 'roles' => array( 'description' => __( 'Roles assigned to the user.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), 'context' => array( 'edit' ), ), 'password' => array( 'description' => __( 'Password for the user (never included).' ), 'type' => 'string', 'context' => array(), // Password is never displayed. 'required' => true, 'arg_options' => array( 'sanitize_callback' => array( $this, 'check_user_password' ), ), ), 'capabilities' => array( 'description' => __( 'All capabilities assigned to the user.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), 'extra_capabilities' => array( 'description' => __( 'Any extra capabilities assigned to the user.' ), 'type' => 'object', 'context' => array( 'edit' ), 'readonly' => true, ), ), ); if ( get_option( 'show_avatars' ) ) { $avatar_properties = array(); $avatar_sizes = rest_get_avatar_sizes(); foreach ( $avatar_sizes as $size ) { $avatar_properties[ $size ] = array( /* translators: %d: Avatar image size in pixels. */ 'description' => sprintf( __( 'Avatar URL with image size of %d pixels.' ), $size ), 'type' => 'string', 'format' => 'uri', 'context' => array( 'embed', 'view', 'edit' ), ); } $schema['properties']['avatar_urls'] = array( 'description' => __( 'Avatar URLs for the user.' ), 'type' => 'object', 'context' => array( 'embed', 'view', 'edit' ), 'readonly' => true, 'properties' => $avatar_properties, ); } $schema['properties']['meta'] = $this->meta->get_field_schema(); $this->schema = $schema; return $this->add_additional_fields_schema( $this->schema ); } /** * Retrieves the query params for collections. * * @since 4.7.0 * * @return array Collection parameters. */ public function get_collection_params() { $query_params = parent::get_collection_params(); $query_params['context']['default'] = 'view'; $query_params['exclude'] = array( 'description' => __( 'Ensure result set excludes specific IDs.' ), 'type' => 'array', 'items' => array( 'type' => 'integer', ), 'default' => array(), ); $query_params['include'] = array( 'description' => __( 'Limit result set to specific IDs.' ), 'type' => 'array', 'items' => array( 'type' => 'integer', ), 'default' => array(), ); $query_params['offset'] = array( 'description' => __( 'Offset the result set by a specific number of items.' ), 'type' => 'integer', ); $query_params['order'] = array( 'default' => 'asc', 'description' => __( 'Order sort attribute ascending or descending.' ), 'enum' => array( 'asc', 'desc' ), 'type' => 'string', ); $query_params['orderby'] = array( 'default' => 'name', 'description' => __( 'Sort collection by user attribute.' ), 'enum' => array( 'id', 'include', 'name', 'registered_date', 'slug', 'include_slugs', 'email', 'url', ), 'type' => 'string', ); $query_params['slug'] = array( 'description' => __( 'Limit result set to users with one or more specific slugs.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['roles'] = array( 'description' => __( 'Limit result set to users matching at least one specific role provided. Accepts csv list or single role.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['capabilities'] = array( 'description' => __( 'Limit result set to users matching at least one specific capability provided. Accepts csv list or single capability.' ), 'type' => 'array', 'items' => array( 'type' => 'string', ), ); $query_params['who'] = array( 'description' => __( 'Limit result set to users who are considered authors.' ), 'type' => 'string', 'enum' => array( 'authors', ), ); $query_params['has_published_posts'] = array( 'description' => __( 'Limit result set to users who have published posts.' ), 'type' => array( 'boolean', 'array' ), 'items' => array( 'type' => 'string', 'enum' => get_post_types( array( 'show_in_rest' => true ), 'names' ), ), ); /** * Filters REST API collection parameters for the users controller. * * This filter registers the collection parameter, but does not map the * collection parameter to an internal WP_User_Query parameter. Use the * `rest_user_query` filter to set WP_User_Query arguments. * * @since 4.7.0 * * @param array $query_params JSON Schema-formatted collection parameters. */ return apply_filters( 'rest_user_collection_params', $query_params ); } } on get_route_response( \WP_REST_Request $request ) { throw new RouteException( 'woocommerce_rest_invalid_endpoint', __( 'Method not implemented', 'woocommerce' ), 404 ); } /** * Get route response for POST requests. * * When implemented, should return a \WP_REST_Response. * * @throws RouteException On error. * @param \WP_REST_Request $request Request object. */ protected function get_route_post_response( \WP_REST_Request $request ) { throw new RouteException( 'woocommerce_rest_invalid_endpoint', __( 'Method not implemented', 'woocommerce' ), 404 ); } /** * Get route response for PUT requests. * * When implemented, should return a \WP_REST_Response. * * @throws RouteException On error. * @param \WP_REST_Request $request Request object. */ protected function get_route_update_response( \WP_REST_Request $request ) { throw new RouteException( 'woocommerce_rest_invalid_endpoint', __( 'Method not implemented', 'woocommerce' ), 404 ); } /** * Get route response for DELETE requests. * * When implemented, should return a \WP_REST_Response. * * @throws RouteException On error. * @param \WP_REST_Request $request Request object. */ protected function get_route_delete_response( \WP_REST_Request $request ) { throw new RouteException( 'woocommerce_rest_invalid_endpoint', __( 'Method not implemented', 'woocommerce' ), 404 ); } /** * Get route response when something went wrong. * * @param string $error_code String based error code. * @param string $error_message User facing error message. * @param int $http_status_code HTTP status. Defaults to 500. * @param array $additional_data Extra data (key value pairs) to expose in the error response. * @return \WP_Error WP Error object. */ protected function get_route_error_response( $error_code, $error_message, $http_status_code = 500, $additional_data = [] ) { return new \WP_Error( $error_code, $error_message, array_merge( $additional_data, [ 'status' => $http_status_code ] ) ); } /** * Get route response when something went wrong and the supplied error is a WP_Error. This currently only happens * when an item in the cart is out of stock, partially out of stock, can only be bought individually, or when the * item is not purchasable. * * @param WP_Error $error_object The WP_Error object containing the error. * @param int $http_status_code HTTP status. Defaults to 500. * @param array $additional_data Extra data (key value pairs) to expose in the error response. * @return WP_Error WP Error object. */ protected function get_route_error_response_from_object( $error_object, $http_status_code = 500, $additional_data = [] ) { $error_object->add_data( array_merge( $additional_data, [ 'status' => $http_status_code ] ) ); return $error_object; } /** * Prepare a single item for response. * * @param mixed $item Item to format to schema. * @param \WP_REST_Request $request Request object. * @return \WP_REST_Response $response Response data. */ public function prepare_item_for_response( $item, \WP_REST_Request $request ) { $response = rest_ensure_response( $this->schema->get_item_response( $item ) ); $response->add_links( $this->prepare_links( $item, $request ) ); return $response; } /** * Retrieves the context param. * * Ensures consistent descriptions between endpoints, and populates enum from schema. * * @param array $args Optional. Additional arguments for context parameter. Default empty array. * @return array Context parameter details. */ protected function get_context_param( $args = array() ) { $param_details = array( 'description' => __( 'Scope under which the request is made; determines fields present in response.', 'woocommerce' ), 'type' => 'string', 'sanitize_callback' => 'sanitize_key', 'validate_callback' => 'rest_validate_request_arg', ); $schema = $this->get_item_schema(); if ( empty( $schema['properties'] ) ) { return array_merge( $param_details, $args ); } $contexts = array(); foreach ( $schema['properties'] as $attributes ) { if ( ! empty( $attributes['context'] ) ) { $contexts = array_merge( $contexts, $attributes['context'] ); } } if ( ! empty( $contexts ) ) { $param_details['enum'] = array_unique( $contexts ); rsort( $param_details['enum'] ); } return array_merge( $param_details, $args ); } /** * Prepares a response for insertion into a collection. * * @param \WP_REST_Response $response Response object. * @return array|mixed Response data, ready for insertion into collection data. */ protected function prepare_response_for_collection( \WP_REST_Response $response ) { $data = (array) $response->get_data(); $server = rest_get_server(); $links = $server::get_compact_response_links( $response ); if ( ! empty( $links ) ) { $data['_links'] = $links; } return $data; } /** * Prepare links for the request. * * @param mixed $item Item to prepare. * @param \WP_REST_Request $request Request object. * @return array */ protected function prepare_links( $item, $request ) { return []; } /** * Retrieves the query params for the collections. * * @return array Query parameters for the collection. */ public function get_collection_params() { return array( 'context' => $this->get_context_param(), ); } }