/** * Meta API: WP_Metadata_Lazyloader class * * @package WordPress * @subpackage Meta * @since 4.5.0 */ /** * Core class used for lazy-loading object metadata. * * When loading many objects of a given type, such as posts in a WP_Query loop, it often makes * sense to prime various metadata caches at the beginning of the loop. This means fetching all * relevant metadata with a single database query, a technique that has the potential to improve * performance dramatically in some cases. * * In cases where the given metadata may not even be used in the loop, we can improve performance * even more by only priming the metadata cache for affected items the first time a piece of metadata * is requested - ie, by lazy-loading it. So, for example, comment meta may not be loaded into the * cache in the comments section of a post until the first time get_comment_meta() is called in the * context of the comment loop. * * WP uses the WP_Metadata_Lazyloader class to queue objects for metadata cache priming. The class * then detects the relevant get_*_meta() function call, and queries the metadata of all queued objects. * * Do not access this class directly. Use the wp_metadata_lazyloader() function. * * @since 4.5.0 */ #[AllowDynamicProperties] class WP_Metadata_Lazyloader { /** * Pending objects queue. * * @since 4.5.0 * @var array */ protected $pending_objects; /** * Settings for supported object types. * * @since 4.5.0 * @var array */ protected $settings = array(); /** * Constructor. * * @since 4.5.0 */ public function __construct() { $this->settings = array( 'term' => array( 'filter' => 'get_term_metadata', 'callback' => array( $this, 'lazyload_meta_callback' ), ), 'comment' => array( 'filter' => 'get_comment_metadata', 'callback' => array( $this, 'lazyload_meta_callback' ), ), 'blog' => array( 'filter' => 'get_blog_metadata', 'callback' => array( $this, 'lazyload_meta_callback' ), ), ); } /** * Adds objects to the metadata lazy-load queue. * * @since 4.5.0 * * @param string $object_type Type of object whose meta is to be lazy-loaded. Accepts 'term' or 'comment'. * @param array $object_ids Array of object IDs. * @return void|WP_Error WP_Error on failure. */ public function queue_objects( $object_type, $object_ids ) { if ( ! isset( $this->settings[ $object_type ] ) ) { return new WP_Error( 'invalid_object_type', __( 'Invalid object type.' ) ); } $type_settings = $this->settings[ $object_type ]; if ( ! isset( $this->pending_objects[ $object_type ] ) ) { $this->pending_objects[ $object_type ] = array(); } foreach ( $object_ids as $object_id ) { // Keyed by ID for faster lookup. if ( ! isset( $this->pending_objects[ $object_type ][ $object_id ] ) ) { $this->pending_objects[ $object_type ][ $object_id ] = 1; } } add_filter( $type_settings['filter'], $type_settings['callback'], 10, 5 ); /** * Fires after objects are added to the metadata lazy-load queue. * * @since 4.5.0 * * @param array $object_ids Array of object IDs. * @param string $object_type Type of object being queued. * @param WP_Metadata_Lazyloader $lazyloader The lazy-loader object. */ do_action( 'metadata_lazyloader_queued_objects', $object_ids, $object_type, $this ); } /** * Resets lazy-load queue for a given object type. * * @since 4.5.0 * * @param string $object_type Object type. Accepts 'comment' or 'term'. * @return void|WP_Error WP_Error on failure. */ public function reset_queue( $object_type ) { if ( ! isset( $this->settings[ $object_type ] ) ) { return new WP_Error( 'invalid_object_type', __( 'Invalid object type.' ) ); } $type_settings = $this->settings[ $object_type ]; $this->pending_objects[ $object_type ] = array(); remove_filter( $type_settings['filter'], $type_settings['callback'] ); } /** * Lazy-loads term meta for queued terms. * * This method is public so that it can be used as a filter callback. As a rule, there * is no need to invoke it directly. * * @since 4.5.0 * @deprecated 6.3.0 Use WP_Metadata_Lazyloader::lazyload_meta_callback() instead. * * @param mixed $check The `$check` param passed from the 'get_term_metadata' hook. * @return mixed In order not to short-circuit `get_metadata()`. Generally, this is `null`, but it could be * another value if filtered by a plugin. */ public function lazyload_term_meta( $check ) { _deprecated_function( __METHOD__, '6.3.0', 'WP_Metadata_Lazyloader::lazyload_meta_callback' ); return $this->lazyload_meta_callback( $check, 0, '', false, 'term' ); } /** * Lazy-loads comment meta for queued comments. * * This method is public so that it can be used as a filter callback. As a rule, there is no need to invoke it * directly, from either inside or outside the `WP_Query` object. * * @since 4.5.0 * @deprecated 6.3.0 Use WP_Metadata_Lazyloader::lazyload_meta_callback() instead. * * @param mixed $check The `$check` param passed from the {@see 'get_comment_metadata'} hook. * @return mixed The original value of `$check`, so as not to short-circuit `get_comment_metadata()`. */ public function lazyload_comment_meta( $check ) { _deprecated_function( __METHOD__, '6.3.0', 'WP_Metadata_Lazyloader::lazyload_meta_callback' ); return $this->lazyload_meta_callback( $check, 0, '', false, 'comment' ); } /** * Lazy-loads meta for queued objects. * * This method is public so that it can be used as a filter callback. As a rule, there * is no need to invoke it directly. * * @since 6.3.0 * * @param mixed $check The `$check` param passed from the 'get_*_metadata' hook. * @param int $object_id ID of the object metadata is for. * @param string $meta_key Unused. * @param bool $single Unused. * @param string $meta_type Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user', * or any other object type with an associated meta table. * @return mixed In order not to short-circuit `get_metadata()`. Generally, this is `null`, but it could be * another value if filtered by a plugin. */ public function lazyload_meta_callback( $check, $object_id, $meta_key, $single, $meta_type ) { if ( empty( $this->pending_objects[ $meta_type ] ) ) { return $check; } $object_ids = array_keys( $this->pending_objects[ $meta_type ] ); if ( $object_id && ! in_array( $object_id, $object_ids, true ) ) { $object_ids[] = $object_id; } update_meta_cache( $meta_type, $object_ids ); // No need to run again for this set of objects. $this->reset_queue( $meta_type ); return $check; } } /** * WordPress Error API. * * @package WordPress */ /** * WordPress Error class. * * Container for checking for WordPress errors and error messages. Return * WP_Error and use is_wp_error() to check if this class is returned. Many * core WordPress functions pass this class in the event of an error and * if not handled properly will result in code errors. * * @since 2.1.0 */ #[AllowDynamicProperties] class WP_Error { /** * Stores the list of errors. * * @since 2.1.0 * @var array */ public $errors = array(); /** * Stores the most recently added data for each error code. * * @since 2.1.0 * @var array */ public $error_data = array(); /** * Stores previously added data added for error codes, oldest-to-newest by code. * * @since 5.6.0 * @var array[] */ protected $additional_data = array(); /** * Initializes the error. * * If `$code` is empty, the other parameters will be ignored. * When `$code` is not empty, `$message` will be used even if * it is empty. The `$data` parameter will be used only if it * is not empty. * * Though the class is constructed with a single error code and * message, multiple codes can be added using the `add()` method. * * @since 2.1.0 * * @param string|int $code Error code. * @param string $message Error message. * @param mixed $data Optional. Error data. Default empty string. */ public function __construct( $code = '', $message = '', $data = '' ) { if ( empty( $code ) ) { return; } $this->add( $code, $message, $data ); } /** * Retrieves all error codes. * * @since 2.1.0 * * @return array List of error codes, if available. */ public function get_error_codes() { if ( ! $this->has_errors() ) { return array(); } return array_keys( $this->errors ); } /** * Retrieves the first error code available. * * @since 2.1.0 * * @return string|int Empty string, if no error codes. */ public function get_error_code() { $codes = $this->get_error_codes(); if ( empty( $codes ) ) { return ''; } return $codes[0]; } /** * Retrieves all error messages, or the error messages for the given error code. * * @since 2.1.0 * * @param string|int $code Optional. Error code to retrieve the messages for. * Default empty string. * @return string[] Error strings on success, or empty array if there are none. */ public function get_error_messages( $code = '' ) { // Return all messages if no code specified. if ( empty( $code ) ) { $all_messages = array(); foreach ( (array) $this->errors as $code => $messages ) { $all_messages = array_merge( $all_messages, $messages ); } return $all_messages; } if ( isset( $this->errors[ $code ] ) ) { return $this->errors[ $code ]; } else { return array(); } } /** * Gets a single error message. * * This will get the first message available for the code. If no code is * given then the first code available will be used. * * @since 2.1.0 * * @param string|int $code Optional. Error code to retrieve the message for. * Default empty string. * @return string The error message. */ public function get_error_message( $code = '' ) { if ( empty( $code ) ) { $code = $this->get_error_code(); } $messages = $this->get_error_messages( $code ); if ( empty( $messages ) ) { return ''; } return $messages[0]; } /** * Retrieves the most recently added error data for an error code. * * @since 2.1.0 * * @param string|int $code Optional. Error code. Default empty string. * @return mixed Error data, if it exists. */ public function get_error_data( $code = '' ) { if ( empty( $code ) ) { $code = $this->get_error_code(); } if ( isset( $this->error_data[ $code ] ) ) { return $this->error_data[ $code ]; } } /** * Verifies if the instance contains errors. * * @since 5.1.0 * * @return bool If the instance contains errors. */ public function has_errors() { if ( ! empty( $this->errors ) ) { return true; } return false; } /** * Adds an error or appends an additional message to an existing error. * * @since 2.1.0 * * @param string|int $code Error code. * @param string $message Error message. * @param mixed $data Optional. Error data. Default empty string. */ public function add( $code, $message, $data = '' ) { $this->errors[ $code ][] = $message; if ( ! empty( $data ) ) { $this->add_data( $data, $code ); } /** * Fires when an error is added to a WP_Error object. * * @since 5.6.0 * * @param string|int $code Error code. * @param string $message Error message. * @param mixed $data Error data. Might be empty. * @param WP_Error $wp_error The WP_Error object. */ do_action( 'wp_error_added', $code, $message, $data, $this ); } /** * Adds data to an error with the given code. * * @since 2.1.0 * @since 5.6.0 Errors can now contain more than one item of error data. {@see WP_Error::$additional_data}. * * @param mixed $data Error data. * @param string|int $code Error code. */ public function add_data( $data, $code = '' ) { if ( empty( $code ) ) { $code = $this->get_error_code(); } if ( isset( $this->error_data[ $code ] ) ) { $this->additional_data[ $code ][] = $this->error_data[ $code ]; } $this->error_data[ $code ] = $data; } /** * Retrieves all error data for an error code in the order in which the data was added. * * @since 5.6.0 * * @param string|int $code Error code. * @return mixed[] Array of error data, if it exists. */ public function get_all_error_data( $code = '' ) { if ( empty( $code ) ) { $code = $this->get_error_code(); } $data = array(); if ( isset( $this->additional_data[ $code ] ) ) { $data = $this->additional_data[ $code ]; } if ( isset( $this->error_data[ $code ] ) ) { $data[] = $this->error_data[ $code ]; } return $data; } /** * Removes the specified error. * * This function removes all error messages associated with the specified * error code, along with any error data for that code. * * @since 4.1.0 * * @param string|int $code Error code. */ public function remove( $code ) { unset( $this->errors[ $code ] ); unset( $this->error_data[ $code ] ); unset( $this->additional_data[ $code ] ); } /** * Merges the errors in the given error object into this one. * * @since 5.6.0 * * @param WP_Error $error Error object to merge. */ public function merge_from( WP_Error $error ) { static::copy_errors( $error, $this ); } /** * Exports the errors in this object into the given one. * * @since 5.6.0 * * @param WP_Error $error Error object to export into. */ public function export_to( WP_Error $error ) { static::copy_errors( $this, $error ); } /** * Copies errors from one WP_Error instance to another. * * @since 5.6.0 * * @param WP_Error $from The WP_Error to copy from. * @param WP_Error $to The WP_Error to copy to. */ protected static function copy_errors( WP_Error $from, WP_Error $to ) { foreach ( $from->get_error_codes() as $code ) { foreach ( $from->get_error_messages( $code ) as $error_message ) { $to->add( $code, $error_message ); } foreach ( $from->get_all_error_data( $code ) as $data ) { $to->add_data( $data, $code ); } } } } /** * Class for working with MO files * * @version $Id: mo.php 1157 2015-11-20 04:30:11Z dd32 $ * @package pomo * @subpackage mo */ require_once __DIR__ . '/translations.php'; require_once __DIR__ . '/streams.php'; if ( ! class_exists( 'MO', false ) ) : class MO extends Gettext_Translations { /** * Number of plural forms. * * @var int */ public $_nplurals = 2; /** * Loaded MO file. * * @var string */ private $filename = ''; /** * Returns the loaded MO file. * * @return string The loaded MO file. */ public function get_filename() { return $this->filename; } /** * Fills up with the entries from MO file $filename * * @param string $filename MO file to load * @return bool True if the import from file was successful, otherwise false. */ public function import_from_file( $filename ) { $reader = new POMO_FileReader( $filename ); if ( ! $reader->is_resource() ) { return false; } $this->filename = (string) $filename; return $this->import_from_reader( $reader ); } /** * @param string $filename * @return bool */ public function export_to_file( $filename ) { $fh = fopen( $filename, 'wb' ); if ( ! $fh ) { return false; } $res = $this->export_to_file_handle( $fh ); fclose( $fh ); return $res; } /** * @return string|false */ public function export() { $tmp_fh = fopen( 'php://temp', 'r+' ); if ( ! $tmp_fh ) { return false; } $this->export_to_file_handle( $tmp_fh ); rewind( $tmp_fh ); return stream_get_contents( $tmp_fh ); } /** * @param Translation_Entry $entry * @return bool */ public function is_entry_good_for_export( $entry ) { if ( empty( $entry->translations ) ) { return false; } if ( ! array_filter( $entry->translations ) ) { return false; } return true; } /** * @param resource $fh * @return true */ public function export_to_file_handle( $fh ) { $entries = array_filter( $this->entries, array( $this, 'is_entry_good_for_export' ) ); ksort( $entries ); $magic = 0x950412de; $revision = 0; $total = count( $entries ) + 1; // All the headers are one entry. $originals_lengths_addr = 28; $translations_lengths_addr = $originals_lengths_addr + 8 * $total; $size_of_hash = 0; $hash_addr = $translations_lengths_addr + 8 * $total; $current_addr = $hash_addr; fwrite( $fh, pack( 'V*', $magic, $revision, $total, $originals_lengths_addr, $translations_lengths_addr, $size_of_hash, $hash_addr ) ); fseek( $fh, $originals_lengths_addr ); // Headers' msgid is an empty string. fwrite( $fh, pack( 'VV', 0, $current_addr ) ); ++$current_addr; $originals_table = "\0"; $reader = new POMO_Reader(); foreach ( $entries as $entry ) { $originals_table .= $this->export_original( $entry ) . "\0"; $length = $reader->strlen( $this->export_original( $entry ) ); fwrite( $fh, pack( 'VV', $length, $current_addr ) ); $current_addr += $length + 1; // Account for the NULL byte after. } $exported_headers = $this->export_headers(); fwrite( $fh, pack( 'VV', $reader->strlen( $exported_headers ), $current_addr ) ); $current_addr += strlen( $exported_headers ) + 1; $translations_table = $exported_headers . "\0"; foreach ( $entries as $entry ) { $translations_table .= $this->export_translations( $entry ) . "\0"; $length = $reader->strlen( $this->export_translations( $entry ) ); fwrite( $fh, pack( 'VV', $length, $current_addr ) ); $current_addr += $length + 1; } fwrite( $fh, $originals_table ); fwrite( $fh, $translations_table ); return true; } /** * @param Translation_Entry $entry * @return string */ public function export_original( $entry ) { // TODO: Warnings for control characters. $exported = $entry->singular; if ( $entry->is_plural ) { $exported .= "\0" . $entry->plural; } if ( $entry->context ) { $exported = $entry->context . "\4" . $exported; } return $exported; } /** * @param Translation_Entry $entry * @return string */ public function export_translations( $entry ) { // TODO: Warnings for control characters. return $entry->is_plural ? implode( "\0", $entry->translations ) : $entry->translations[0]; } /** * @return string */ public function export_headers() { $exported = ''; foreach ( $this->headers as $header => $value ) { $exported .= "$header: $value\n"; } return $exported; } /** * @param int $magic * @return string|false */ public function get_byteorder( $magic ) { // The magic is 0x950412de. // bug in PHP 5.0.2, see https://savannah.nongnu.org/bugs/?func=detailitem&item_id=10565 $magic_little = (int) - 1794895138; $magic_little_64 = (int) 2500072158; // 0xde120495 $magic_big = ( (int) - 569244523 ) & 0xFFFFFFFF; if ( $magic_little === $magic || $magic_little_64 === $magic ) { return 'little'; } elseif ( $magic_big === $magic ) { return 'big'; } else { return false; } } /** * @param POMO_FileReader $reader * @return bool True if the import was successful, otherwise false. */ public function import_from_reader( $reader ) { $endian_string = MO::get_byteorder( $reader->readint32() ); if ( false === $endian_string ) { return false; } $reader->setEndian( $endian_string ); $endian = ( 'big' === $endian_string ) ? 'N' : 'V'; $header = $reader->read( 24 ); if ( $reader->strlen( $header ) !== 24 ) { return false; } // Parse header. $header = unpack( "{$endian}revision/{$endian}total/{$endian}originals_lengths_addr/{$endian}translations_lengths_addr/{$endian}hash_length/{$endian}hash_addr", $header ); if ( ! is_array( $header ) ) { return false; } // Support revision 0 of MO format specs, only. if ( 0 !== $header['revision'] ) { return false; } // Seek to data blocks. $reader->seekto( $header['originals_lengths_addr'] ); // Read originals' indices. $originals_lengths_length = $header['translations_lengths_addr'] - $header['originals_lengths_addr']; if ( $originals_lengths_length !== $header['total'] * 8 ) { return false; } $originals = $reader->read( $originals_lengths_length ); if ( $reader->strlen( $originals ) !== $originals_lengths_length ) { return false; } // Read translations' indices. $translations_lengths_length = $header['hash_addr'] - $header['translations_lengths_addr']; if ( $translations_lengths_length !== $header['total'] * 8 ) { return false; } $translations = $reader->read( $translations_lengths_length ); if ( $reader->strlen( $translations ) !== $translations_lengths_length ) { return false; } // Transform raw data into set of indices. $originals = $reader->str_split( $originals, 8 ); $translations = $reader->str_split( $translations, 8 ); // Skip hash table. $strings_addr = $header['hash_addr'] + $header['hash_length'] * 4; $reader->seekto( $strings_addr ); $strings = $reader->read_all(); $reader->close(); for ( $i = 0; $i < $header['total']; $i++ ) { $o = unpack( "{$endian}length/{$endian}pos", $originals[ $i ] ); $t = unpack( "{$endian}length/{$endian}pos", $translations[ $i ] ); if ( ! $o || ! $t ) { return false; } // Adjust offset due to reading strings to separate space before. $o['pos'] -= $strings_addr; $t['pos'] -= $strings_addr; $original = $reader->substr( $strings, $o['pos'], $o['length'] ); $translation = $reader->substr( $strings, $t['pos'], $t['length'] ); if ( '' === $original ) { $this->set_headers( $this->make_headers( $translation ) ); } else { $entry = &$this->make_entry( $original, $translation ); $this->entries[ $entry->key() ] = &$entry; } } return true; } /** * Build a Translation_Entry from original string and translation strings, * found in a MO file * * @static * @param string $original original string to translate from MO file. Might contain * 0x04 as context separator or 0x00 as singular/plural separator * @param string $translation translation string from MO file. Might contain * 0x00 as a plural translations separator * @return Translation_Entry Entry instance. */ public function &make_entry( $original, $translation ) { $entry = new Translation_Entry(); // Look for context, separated by \4. $parts = explode( "\4", $original ); if ( isset( $parts[1] ) ) { $original = $parts[1]; $entry->context = $parts[0]; } // Look for plural original. $parts = explode( "\0", $original ); $entry->singular = $parts[0]; if ( isset( $parts[1] ) ) { $entry->is_plural = true; $entry->plural = $parts[1]; } // Plural translations are also separated by \0. $entry->translations = explode( "\0", $translation ); return $entry; } /** * @param int $count * @return string */ public function select_plural_form( $count ) { return $this->gettext_select_plural_form( $count ); } /** * @return int */ public function get_plural_forms_count() { return $this->_nplurals; } } endif; /** * Query API: WP_Query class * * @package WordPress * @subpackage Query * @since 4.7.0 */ /** * The WordPress Query class. * * @link https://developer.wordpress.org/reference/classes/wp_query/ * * @since 1.5.0 * @since 4.5.0 Removed the `$comments_popup` property. */ #[AllowDynamicProperties] class WP_Query { /** * Query vars set by the user. * * @since 1.5.0 * @var array */ public $query; /** * Query vars, after parsing. * * @since 1.5.0 * @var array */ public $query_vars = array(); /** * Taxonomy query, as passed to get_tax_sql(). * * @since 3.1.0 * @var WP_Tax_Query|null A taxonomy query instance. */ public $tax_query; /** * Metadata query container. * * @since 3.2.0 * @var WP_Meta_Query A meta query instance. */ public $meta_query = false; /** * Date query container. * * @since 3.7.0 * @var WP_Date_Query A date query instance. */ public $date_query = false; /** * Holds the data for a single object that is queried. * * Holds the contents of a post, page, category, attachment. * * @since 1.5.0 * @var WP_Term|WP_Post_Type|WP_Post|WP_User|null */ public $queried_object; /** * The ID of the queried object. * * @since 1.5.0 * @var int */ public $queried_object_id; /** * SQL for the database query. * * @since 2.0.1 * @var string */ public $request; /** * Array of post objects or post IDs. * * @since 1.5.0 * @var WP_Post[]|int[] */ public $posts; /** * The number of posts for the current query. * * @since 1.5.0 * @var int */ public $post_count = 0; /** * Index of the current item in the loop. * * @since 1.5.0 * @var int */ public $current_post = -1; /** * Whether the caller is before the loop. * * @since 6.3.0 * @var bool */ public $before_loop = true; /** * Whether the loop has started and the caller is in the loop. * * @since 2.0.0 * @var bool */ public $in_the_loop = false; /** * The current post. * * This property does not get populated when the `fields` argument is set to * `ids` or `id=>parent`. * * @since 1.5.0 * @var WP_Post|null */ public $post; /** * The list of comments for current post. * * @since 2.2.0 * @var WP_Comment[] */ public $comments; /** * The number of comments for the posts. * * @since 2.2.0 * @var int */ public $comment_count = 0; /** * The index of the comment in the comment loop. * * @since 2.2.0 * @var int */ public $current_comment = -1; /** * Current comment object. * * @since 2.2.0 * @var WP_Comment */ public $comment; /** * The number of found posts for the current query. * * If limit clause was not used, equals $post_count. * * @since 2.1.0 * @var int */ public $found_posts = 0; /** * The number of pages. * * @since 2.1.0 * @var int */ public $max_num_pages = 0; /** * The number of comment pages. * * @since 2.7.0 * @var int */ public $max_num_comment_pages = 0; /** * Signifies whether the current query is for a single post. * * @since 1.5.0 * @var bool */ public $is_single = false; /** * Signifies whether the current query is for a preview. * * @since 2.0.0 * @var bool */ public $is_preview = false; /** * Signifies whether the current query is for a page. * * @since 1.5.0 * @var bool */ public $is_page = false; /** * Signifies whether the current query is for an archive. * * @since 1.5.0 * @var bool */ public $is_archive = false; /** * Signifies whether the current query is for a date archive. * * @since 1.5.0 * @var bool */ public $is_date = false; /** * Signifies whether the current query is for a year archive. * * @since 1.5.0 * @var bool */ public $is_year = false; /** * Signifies whether the current query is for a month archive. * * @since 1.5.0 * @var bool */ public $is_month = false; /** * Signifies whether the current query is for a day archive. * * @since 1.5.0 * @var bool */ public $is_day = false; /** * Signifies whether the current query is for a specific time. * * @since 1.5.0 * @var bool */ public $is_time = false; /** * Signifies whether the current query is for an author archive. * * @since 1.5.0 * @var bool */ public $is_author = false; /** * Signifies whether the current query is for a category archive. * * @since 1.5.0 * @var bool */ public $is_category = false; /** * Signifies whether the current query is for a tag archive. * * @since 2.3.0 * @var bool */ public $is_tag = false; /** * Signifies whether the current query is for a taxonomy archive. * * @since 2.5.0 * @var bool */ public $is_tax = false; /** * Signifies whether the current query is for a search. * * @since 1.5.0 * @var bool */ public $is_search = false; /** * Signifies whether the current query is for a feed. * * @since 1.5.0 * @var bool */ public $is_feed = false; /** * Signifies whether the current query is for a comment feed. * * @since 2.2.0 * @var bool */ public $is_comment_feed = false; /** * Signifies whether the current query is for trackback endpoint call. * * @since 1.5.0 * @var bool */ public $is_trackback = false; /** * Signifies whether the current query is for the site homepage. * * @since 1.5.0 * @var bool */ public $is_home = false; /** * Signifies whether the current query is for the Privacy Policy page. * * @since 5.2.0 * @var bool */ public $is_privacy_policy = false; /** * Signifies whether the current query couldn't find anything. * * @since 1.5.0 * @var bool */ public $is_404 = false; /** * Signifies whether the current query is for an embed. * * @since 4.4.0 * @var bool */ public $is_embed = false; /** * Signifies whether the current query is for a paged result and not for the first page. * * @since 1.5.0 * @var bool */ public $is_paged = false; /** * Signifies whether the current query is for an administrative interface page. * * @since 1.5.0 * @var bool */ public $is_admin = false; /** * Signifies whether the current query is for an attachment page. * * @since 2.0.0 * @var bool */ public $is_attachment = false; /** * Signifies whether the current query is for an existing single post of any post type * (post, attachment, page, custom post types). * * @since 2.1.0 * @var bool */ public $is_singular = false; /** * Signifies whether the current query is for the robots.txt file. * * @since 2.1.0 * @var bool */ public $is_robots = false; /** * Signifies whether the current query is for the favicon.ico file. * * @since 5.4.0 * @var bool */ public $is_favicon = false; /** * Signifies whether the current query is for the page_for_posts page. * * Basically, the homepage if the option isn't set for the static homepage. * * @since 2.1.0 * @var bool */ public $is_posts_page = false; /** * Signifies whether the current query is for a post type archive. * * @since 3.1.0 * @var bool */ public $is_post_type_archive = false; /** * Stores the ->query_vars state like md5(serialize( $this->query_vars ) ) so we know * whether we have to re-parse because something has changed * * @since 3.1.0 * @var bool|string */ private $query_vars_hash = false; /** * Whether query vars have changed since the initial parse_query() call. Used to catch modifications to query vars made * via pre_get_posts hooks. * * @since 3.1.1 */ private $query_vars_changed = true; /** * Set if post thumbnails are cached * * @since 3.2.0 * @var bool */ public $thumbnails_cached = false; /** * Controls whether an attachment query should include filenames or not. * * @since 6.0.3 * @var bool */ protected $allow_query_attachment_by_filename = false; /** * Cached list of search stopwords. * * @since 3.7.0 * @var array */ private $stopwords; private $compat_fields = array( 'query_vars_hash', 'query_vars_changed' ); private $compat_methods = array( 'init_query_flags', 'parse_tax_query' ); /** * Resets query flags to false. * * The query flags are what page info WordPress was able to figure out. * * @since 2.0.0 */ private function init_query_flags() { $this->is_single = false; $this->is_preview = false; $this->is_page = false; $this->is_archive = false; $this->is_date = false; $this->is_year = false; $this->is_month = false; $this->is_day = false; $this->is_time = false; $this->is_author = false; $this->is_category = false; $this->is_tag = false; $this->is_tax = false; $this->is_search = false; $this->is_feed = false; $this->is_comment_feed = false; $this->is_trackback = false; $this->is_home = false; $this->is_privacy_policy = false; $this->is_404 = false; $this->is_paged = false; $this->is_admin = false; $this->is_attachment = false; $this->is_singular = false; $this->is_robots = false; $this->is_favicon = false; $this->is_posts_page = false; $this->is_post_type_archive = false; } /** * Initiates object properties and sets default values. * * @since 1.5.0 */ public function init() { unset( $this->posts ); unset( $this->query ); $this->query_vars = array(); unset( $this->queried_object ); unset( $this->queried_object_id ); $this->post_count = 0; $this->current_post = -1; $this->in_the_loop = false; $this->before_loop = true; unset( $this->request ); unset( $this->post ); unset( $this->comments ); unset( $this->comment ); $this->comment_count = 0; $this->current_comment = -1; $this->found_posts = 0; $this->max_num_pages = 0; $this->max_num_comment_pages = 0; $this->init_query_flags(); } /** * Reparses the query vars. * * @since 1.5.0 */ public function parse_query_vars() { $this->parse_query(); } /** * Fills in the query variables, which do not exist within the parameter. * * @since 2.1.0 * @since 4.5.0 Removed the `comments_popup` public query variable. * * @param array $query_vars Defined query variables. * @return array Complete query variables with undefined ones filled in empty. */ public function fill_query_vars( $query_vars ) { $keys = array( 'error', 'm', 'p', 'post_parent', 'subpost', 'subpost_id', 'attachment', 'attachment_id', 'name', 'pagename', 'page_id', 'second', 'minute', 'hour', 'day', 'monthnum', 'year', 'w', 'category_name', 'tag', 'cat', 'tag_id', 'author', 'author_name', 'feed', 'tb', 'paged', 'meta_key', 'meta_value', 'preview', 's', 'sentence', 'title', 'fields', 'menu_order', 'embed', ); foreach ( $keys as $key ) { if ( ! isset( $query_vars[ $key ] ) ) { $query_vars[ $key ] = ''; } } $array_keys = array( 'category__in', 'category__not_in', 'category__and', 'post__in', 'post__not_in', 'post_name__in', 'tag__in', 'tag__not_in', 'tag__and', 'tag_slug__in', 'tag_slug__and', 'post_parent__in', 'post_parent__not_in', 'author__in', 'author__not_in', 'search_columns', ); foreach ( $array_keys as $key ) { if ( ! isset( $query_vars[ $key ] ) ) { $query_vars[ $key ] = array(); } } return $query_vars; } /** * Parses a query string and sets query type booleans. * * @since 1.5.0 * @since 4.2.0 Introduced the ability to order by specific clauses of a `$meta_query`, by passing the clause's * array key to `$orderby`. * @since 4.4.0 Introduced `$post_name__in` and `$title` parameters. `$s` was updated to support excluded * search terms, by prepending a hyphen. * @since 4.5.0 Removed the `$comments_popup` parameter. * Introduced the `$comment_status` and `$ping_status` parameters. * Introduced `RAND(x)` syntax for `$orderby`, which allows an integer seed value to random sorts. * @since 4.6.0 Added 'post_name__in' support for `$orderby`. Introduced the `$lazy_load_term_meta` argument. * @since 4.9.0 Introduced the `$comment_count` parameter. * @since 5.1.0 Introduced the `$meta_compare_key` parameter. * @since 5.3.0 Introduced the `$meta_type_key` parameter. * @since 6.1.0 Introduced the `$update_menu_item_cache` parameter. * @since 6.2.0 Introduced the `$search_columns` parameter. * * @param string|array $query { * Optional. Array or string of Query parameters. * * @type int $attachment_id Attachment post ID. Used for 'attachment' post_type. * @type int|string $author Author ID, or comma-separated list of IDs. * @type string $author_name User 'user_nicename'. * @type int[] $author__in An array of author IDs to query from. * @type int[] $author__not_in An array of author IDs not to query from. * @type bool $cache_results Whether to cache post information. Default true. * @type int|string $cat Category ID or comma-separated list of IDs (this or any children). * @type int[] $category__and An array of category IDs (AND in). * @type int[] $category__in An array of category IDs (OR in, no children). * @type int[] $category__not_in An array of category IDs (NOT in). * @type string $category_name Use category slug (not name, this or any children). * @type array|int $comment_count Filter results by comment count. Provide an integer to match * comment count exactly. Provide an array with integer 'value' * and 'compare' operator ('=', '!=', '>', '>=', '<', '<=' ) to * compare against comment_count in a specific way. * @type string $comment_status Comment status. * @type int $comments_per_page The number of comments to return per page. * Default 'comments_per_page' option. * @type array $date_query An associative array of WP_Date_Query arguments. * See WP_Date_Query::__construct(). * @type int $day Day of the month. Default empty. Accepts numbers 1-31. * @type bool $exact Whether to search by exact keyword. Default false. * @type string $fields Post fields to query for. Accepts: * - '' Returns an array of complete post objects (`WP_Post[]`). * - 'ids' Returns an array of post IDs (`int[]`). * - 'id=>parent' Returns an associative array of parent post IDs, * keyed by post ID (`int[]`). * Default ''. * @type int $hour Hour of the day. Default empty. Accepts numbers 0-23. * @type int|bool $ignore_sticky_posts Whether to ignore sticky posts or not. Setting this to false * excludes stickies from 'post__in'. Accepts 1|true, 0|false. * Default false. * @type int $m Combination YearMonth. Accepts any four-digit year and month * numbers 01-12. Default empty. * @type string|string[] $meta_key Meta key or keys to filter by. * @type string|string[] $meta_value Meta value or values to filter by. * @type string $meta_compare MySQL operator used for comparing the meta value. * See WP_Meta_Query::__construct() for accepted values and default value. * @type string $meta_compare_key MySQL operator used for comparing the meta key. * See WP_Meta_Query::__construct() for accepted values and default value. * @type string $meta_type MySQL data type that the meta_value column will be CAST to for comparisons. * See WP_Meta_Query::__construct() for accepted values and default value. * @type string $meta_type_key MySQL data type that the meta_key column will be CAST to for comparisons. * See WP_Meta_Query::__construct() for accepted values and default value. * @type array $meta_query An associative array of WP_Meta_Query arguments. * See WP_Meta_Query::__construct() for accepted values. * @type int $menu_order The menu order of the posts. * @type int $minute Minute of the hour. Default empty. Accepts numbers 0-59. * @type int $monthnum The two-digit month. Default empty. Accepts numbers 1-12. * @type string $name Post slug. * @type bool $nopaging Show all posts (true) or paginate (false). Default false. * @type bool $no_found_rows Whether to skip counting the total rows found. Enabling can improve * performance. Default false. * @type int $offset The number of posts to offset before retrieval. * @type string $order Designates ascending or descending order of posts. Default 'DESC'. * Accepts 'ASC', 'DESC'. * @type string|array $orderby Sort retrieved posts by parameter. One or more options may be passed. * To use 'meta_value', or 'meta_value_num', 'meta_key=keyname' must be * also be defined. To sort by a specific `$meta_query` clause, use that * clause's array key. Accepts: * - 'none' * - 'name' * - 'author' * - 'date' * - 'title' * - 'modified' * - 'menu_order' * - 'parent' * - 'ID' * - 'rand' * - 'relevance' * - 'RAND(x)' (where 'x' is an integer seed value) * - 'comment_count' * - 'meta_value' * - 'meta_value_num' * - 'post__in' * - 'post_name__in' * - 'post_parent__in' * - The array keys of `$meta_query`. * Default is 'date', except when a search is being performed, when * the default is 'relevance'. * @type int $p Post ID. * @type int $page Show the number of posts that would show up on page X of a * static front page. * @type int $paged The number of the current page. * @type int $page_id Page ID. * @type string $pagename Page slug. * @type string $perm Show posts if user has the appropriate capability. * @type string $ping_status Ping status. * @type int[] $post__in An array of post IDs to retrieve, sticky posts will be included. * @type int[] $post__not_in An array of post IDs not to retrieve. Note: a string of comma- * separated IDs will NOT work. * @type string $post_mime_type The mime type of the post. Used for 'attachment' post_type. * @type string[] $post_name__in An array of post slugs that results must match. * @type int $post_parent Page ID to retrieve child pages for. Use 0 to only retrieve * top-level pages. * @type int[] $post_parent__in An array containing parent page IDs to query child pages from. * @type int[] $post_parent__not_in An array containing parent page IDs not to query child pages from. * @type string|string[] $post_type A post type slug (string) or array of post type slugs. * Default 'any' if using 'tax_query'. * @type string|string[] $post_status A post status (string) or array of post statuses. * @type int $posts_per_page The number of posts to query for. Use -1 to request all posts. * @type int $posts_per_archive_page The number of posts to query for by archive page. Overrides * 'posts_per_page' when is_archive(), or is_search() are true. * @type string $s Search keyword(s). Prepending a term with a hyphen will * exclude posts matching that term. Eg, 'pillow -sofa' will * return posts containing 'pillow' but not 'sofa'. The * character used for exclusion can be modified using the * the 'wp_query_search_exclusion_prefix' filter. * @type string[] $search_columns Array of column names to be searched. Accepts 'post_title', * 'post_excerpt' and 'post_content'. Default empty array. * @type int $second Second of the minute. Default empty. Accepts numbers 0-59. * @type bool $sentence Whether to search by phrase. Default false. * @type bool $suppress_filters Whether to suppress filters. Default false. * @type string $tag Tag slug. Comma-separated (either), Plus-separated (all). * @type int[] $tag__and An array of tag IDs (AND in). * @type int[] $tag__in An array of tag IDs (OR in). * @type int[] $tag__not_in An array of tag IDs (NOT in). * @type int $tag_id Tag id or comma-separated list of IDs. * @type string[] $tag_slug__and An array of tag slugs (AND in). * @type string[] $tag_slug__in An array of tag slugs (OR in). unless 'ignore_sticky_posts' is * true. Note: a string of comma-separated IDs will NOT work. * @type array $tax_query An associative array of WP_Tax_Query arguments. * See WP_Tax_Query::__construct(). * @type string $title Post title. * @type bool $update_post_meta_cache Whether to update the post meta cache. Default true. * @type bool $update_post_term_cache Whether to update the post term cache. Default true. * @type bool $update_menu_item_cache Whether to update the menu item cache. Default false. * @type bool $lazy_load_term_meta Whether to lazy-load term meta. Setting to false will * disable cache priming for term meta, so that each * get_term_meta() call will hit the database. * Defaults to the value of `$update_post_term_cache`. * @type int $w The week number of the year. Default empty. Accepts numbers 0-53. * @type int $year The four-digit year. Default empty. Accepts any four-digit year. * } */ public function parse_query( $query = '' ) { if ( ! empty( $query ) ) { $this->init(); $this->query = wp_parse_args( $query ); $this->query_vars = $this->query; } elseif ( ! isset( $this->query ) ) { $this->query = $this->query_vars; } $this->query_vars = $this->fill_query_vars( $this->query_vars ); $qv = &$this->query_vars; $this->query_vars_changed = true; if ( ! empty( $qv['robots'] ) ) { $this->is_robots = true; } elseif ( ! empty( $qv['favicon'] ) ) { $this->is_favicon = true; } if ( ! is_scalar( $qv['p'] ) || (int) $qv['p'] < 0 ) { $qv['p'] = 0; $qv['error'] = '404'; } else { $qv['p'] = (int) $qv['p']; } $qv['page_id'] = is_scalar( $qv['page_id'] ) ? absint( $qv['page_id'] ) : 0; $qv['year'] = is_scalar( $qv['year'] ) ? absint( $qv['year'] ) : 0; $qv['monthnum'] = is_scalar( $qv['monthnum'] ) ? absint( $qv['monthnum'] ) : 0; $qv['day'] = is_scalar( $qv['day'] ) ? absint( $qv['day'] ) : 0; $qv['w'] = is_scalar( $qv['w'] ) ? absint( $qv['w'] ) : 0; $qv['m'] = is_scalar( $qv['m'] ) ? preg_replace( '|[^0-9]|', '', $qv['m'] ) : ''; $qv['paged'] = is_scalar( $qv['paged'] ) ? absint( $qv['paged'] ) : 0; $qv['cat'] = preg_replace( '|[^0-9,-]|', '', $qv['cat'] ); // Array or comma-separated list of positive or negative integers. $qv['author'] = is_scalar( $qv['author'] ) ? preg_replace( '|[^0-9,-]|', '', $qv['author'] ) : ''; // Comma-separated list of positive or negative integers. $qv['pagename'] = is_scalar( $qv['pagename'] ) ? trim( $qv['pagename'] ) : ''; $qv['name'] = is_scalar( $qv['name'] ) ? trim( $qv['name'] ) : ''; $qv['title'] = is_scalar( $qv['title'] ) ? trim( $qv['title'] ) : ''; if ( is_scalar( $qv['hour'] ) && '' !== $qv['hour'] ) { $qv['hour'] = absint( $qv['hour'] ); } else { $qv['hour'] = ''; } if ( is_scalar( $qv['minute'] ) && '' !== $qv['minute'] ) { $qv['minute'] = absint( $qv['minute'] ); } else { $qv['minute'] = ''; } if ( is_scalar( $qv['second'] ) && '' !== $qv['second'] ) { $qv['second'] = absint( $qv['second'] ); } else { $qv['second'] = ''; } if ( is_scalar( $qv['menu_order'] ) && '' !== $qv['menu_order'] ) { $qv['menu_order'] = absint( $qv['menu_order'] ); } else { $qv['menu_order'] = ''; } // Fairly large, potentially too large, upper bound for search string lengths. if ( ! is_scalar( $qv['s'] ) || ( ! empty( $qv['s'] ) && strlen( $qv['s'] ) > 1600 ) ) { $qv['s'] = ''; } // Compat. Map subpost to attachment. if ( is_scalar( $qv['subpost'] ) && '' != $qv['subpost'] ) { $qv['attachment'] = $qv['subpost']; } if ( is_scalar( $qv['subpost_id'] ) && '' != $qv['subpost_id'] ) { $qv['attachment_id'] = $qv['subpost_id']; } $qv['attachment_id'] = is_scalar( $qv['attachment_id'] ) ? absint( $qv['attachment_id'] ) : 0; if ( ( '' !== $qv['attachment'] ) || ! empty( $qv['attachment_id'] ) ) { $this->is_single = true; $this->is_attachment = true; } elseif ( '' !== $qv['name'] ) { $this->is_single = true; } elseif ( $qv['p'] ) { $this->is_single = true; } elseif ( '' !== $qv['pagename'] || ! empty( $qv['page_id'] ) ) { $this->is_page = true; $this->is_single = false; } else { // Look for archive queries. Dates, categories, authors, search, post type archives. if ( isset( $this->query['s'] ) ) { $this->is_search = true; } if ( '' !== $qv['second'] ) { $this->is_time = true; $this->is_date = true; } if ( '' !== $qv['minute'] ) { $this->is_time = true; $this->is_date = true; } if ( '' !== $qv['hour'] ) { $this->is_time = true; $this->is_date = true; } if ( $qv['day'] ) { if ( ! $this->is_date ) { $date = sprintf( '%04d-%02d-%02d', $qv['year'], $qv['monthnum'], $qv['day'] ); if ( $qv['monthnum'] && $qv['year'] && ! wp_checkdate( $qv['monthnum'], $qv['day'], $qv['year'], $date ) ) { $qv['error'] = '404'; } else { $this->is_day = true; $this->is_date = true; } } } if ( $qv['monthnum'] ) { if ( ! $this->is_date ) { if ( 12 < $qv['monthnum'] ) { $qv['error'] = '404'; } else { $this->is_month = true; $this->is_date = true; } } } if ( $qv['year'] ) { if ( ! $this->is_date ) { $this->is_year = true; $this->is_date = true; } } if ( $qv['m'] ) { $this->is_date = true; if ( strlen( $qv['m'] ) > 9 ) { $this->is_time = true; } elseif ( strlen( $qv['m'] ) > 7 ) { $this->is_day = true; } elseif ( strlen( $qv['m'] ) > 5 ) { $this->is_month = true; } else { $this->is_year = true; } } if ( $qv['w'] ) { $this->is_date = true; } $this->query_vars_hash = false; $this->parse_tax_query( $qv ); foreach ( $this->tax_query->queries as $tax_query ) { if ( ! is_array( $tax_query ) ) { continue; } if ( isset( $tax_query['operator'] ) && 'NOT IN' !== $tax_query['operator'] ) { switch ( $tax_query['taxonomy'] ) { case 'category': $this->is_category = true; break; case 'post_tag': $this->is_tag = true; break; default: $this->is_tax = true; } } } unset( $tax_query ); if ( empty( $qv['author'] ) || ( '0' == $qv['author'] ) ) { $this->is_author = false; } else { $this->is_author = true; } if ( '' !== $qv['author_name'] ) { $this->is_author = true; } if ( ! empty( $qv['post_type'] ) && ! is_array( $qv['post_type'] ) ) { $post_type_obj = get_post_type_object( $qv['post_type'] ); if ( ! empty( $post_type_obj->has_archive ) ) { $this->is_post_type_archive = true; } } if ( $this->is_post_type_archive || $this->is_date || $this->is_author || $this->is_category || $this->is_tag || $this->is_tax ) { $this->is_archive = true; } } if ( '' != $qv['feed'] ) { $this->is_feed = true; } if ( '' != $qv['embed'] ) { $this->is_embed = true; } if ( '' != $qv['tb'] ) { $this->is_trackback = true; } if ( '' != $qv['paged'] && ( (int) $qv['paged'] > 1 ) ) { $this->is_paged = true; } // If we're previewing inside the write screen. if ( '' != $qv['preview'] ) { $this->is_preview = true; } if ( is_admin() ) { $this->is_admin = true; } if ( str_contains( $qv['feed'], 'comments-' ) ) { $qv['feed'] = str_replace( 'comments-', '', $qv['feed'] ); $qv['withcomments'] = 1; } $this->is_singular = $this->is_single || $this->is_page || $this->is_attachment; if ( $this->is_feed && ( ! empty( $qv['withcomments'] ) || ( empty( $qv['withoutcomments'] ) && $this->is_singular ) ) ) { $this->is_comment_feed = true; } if ( ! ( $this->is_singular || $this->is_archive || $this->is_search || $this->is_feed || ( wp_is_serving_rest_request() && $this->is_main_query() ) || $this->is_trackback || $this->is_404 || $this->is_admin || $this->is_robots || $this->is_favicon ) ) { $this->is_home = true; } // Correct `is_*` for 'page_on_front' and 'page_for_posts'. if ( $this->is_home && 'page' === get_option( 'show_on_front' ) && get_option( 'page_on_front' ) ) { $_query = wp_parse_args( $this->query ); // 'pagename' can be set and empty depending on matched rewrite rules. Ignore an empty 'pagename'. if ( isset( $_query['pagename'] ) && '' === $_query['pagename'] ) { unset( $_query['pagename'] ); } unset( $_query['embed'] ); if ( empty( $_query ) || ! array_diff( array_keys( $_query ), array( 'preview', 'page', 'paged', 'cpage' ) ) ) { $this->is_page = true; $this->is_home = false; $qv['page_id'] = get_option( 'page_on_front' ); // Correct for 'page_on_front'. if ( ! empty( $qv['paged'] ) ) { $qv['page'] = $qv['paged']; unset( $qv['paged'] ); } } } if ( '' !== $qv['pagename'] ) { $this->queried_object = get_page_by_path( $qv['pagename'] ); if ( $this->queried_object && 'attachment' === $this->queried_object->post_type ) { if ( preg_match( '/^[^%]*%(?:postname)%/', get_option( 'permalink_structure' ) ) ) { // See if we also have a post with the same slug. $post = get_page_by_path( $qv['pagename'], OBJECT, 'post' ); if ( $post ) { $this->queried_object = $post; $this->is_page = false; $this->is_single = true; } } } if ( ! empty( $this->queried_object ) ) { $this->queried_object_id = (int) $this->queried_object->ID; } else { unset( $this->queried_object ); } if ( 'page' === get_option( 'show_on_front' ) && isset( $this->queried_object_id ) && get_option( 'page_for_posts' ) == $this->queried_object_id ) { $this->is_page = false; $this->is_home = true; $this->is_posts_page = true; } if ( isset( $this->queried_object_id ) && get_option( 'wp_page_for_privacy_policy' ) == $this->queried_object_id ) { $this->is_privacy_policy = true; } } if ( $qv['page_id'] ) { if ( 'page' === get_option( 'show_on_front' ) && get_option( 'page_for_posts' ) == $qv['page_id'] ) { $this->is_page = false; $this->is_home = true; $this->is_posts_page = true; } if ( get_option( 'wp_page_for_privacy_policy' ) == $qv['page_id'] ) { $this->is_privacy_policy = true; } } if ( ! empty( $qv['post_type'] ) ) { if ( is_array( $qv['post_type'] ) ) { $qv['post_type'] = array_map( 'sanitize_key', $qv['post_type'] ); } else { $qv['post_type'] = sanitize_key( $qv['post_type'] ); } } if ( ! empty( $qv['post_status'] ) ) { if ( is_array( $qv['post_status'] ) ) { $qv['post_status'] = array_map( 'sanitize_key', $qv['post_status'] ); } else { $qv['post_status'] = preg_replace( '|[^a-z0-9_,-]|', '', $qv['post_status'] ); } } if ( $this->is_posts_page && ( ! isset( $qv['withcomments'] ) || ! $qv['withcomments'] ) ) { $this->is_comment_feed = false; } $this->is_singular = $this->is_single || $this->is_page || $this->is_attachment; // Done correcting `is_*` for 'page_on_front' and 'page_for_posts'. if ( '404' == $qv['error'] ) { $this->set_404(); } $this->is_embed = $this->is_embed && ( $this->is_singular || $this->is_404 ); $this->query_vars_hash = md5( serialize( $this->query_vars ) ); $this->query_vars_changed = false; /** * Fires after the main query vars have been parsed. * * @since 1.5.0 * * @param WP_Query $query The WP_Query instance (passed by reference). */ do_action_ref_array( 'parse_query', array( &$this ) ); } /** * Parses various taxonomy related query vars. * * For BC, this method is not marked as protected. See [28987]. * * @since 3.1.0 * * @param array $q The query variables. Passed by reference. */ public function parse_tax_query( &$q ) { if ( ! empty( $q['tax_query'] ) && is_array( $q['tax_query'] ) ) { $tax_query = $q['tax_query']; } else { $tax_query = array(); } if ( ! empty( $q['taxonomy'] ) && ! empty( $q['term'] ) ) { $tax_query[] = array( 'taxonomy' => $q['taxonomy'], 'terms' => array( $q['term'] ), 'field' => 'slug', ); } foreach ( get_taxonomies( array(), 'objects' ) as $taxonomy => $t ) { if ( 'post_tag' === $taxonomy ) { continue; // Handled further down in the $q['tag'] block. } if ( $t->query_var && ! empty( $q[ $t->query_var ] ) ) { $tax_query_defaults = array( 'taxonomy' => $taxonomy, 'field' => 'slug', ); if ( ! empty( $t->rewrite['hierarchical'] ) ) { $q[ $t->query_var ] = wp_basename( $q[ $t->query_var ] ); } $term = $q[ $t->query_var ]; if ( is_array( $term ) ) { $term = implode( ',', $term ); } if ( str_contains( $term, '+' ) ) { $terms = preg_split( '/[+]+/', $term ); foreach ( $terms as $term ) { $tax_query[] = array_merge( $tax_query_defaults, array( 'terms' => array( $term ), ) ); } } else { $tax_query[] = array_merge( $tax_query_defaults, array( 'terms' => preg_split( '/[,]+/', $term ), ) ); } } } // If query string 'cat' is an array, implode it. if ( is_array( $q['cat'] ) ) { $q['cat'] = implode( ',', $q['cat'] ); } // Category stuff. if ( ! empty( $q['cat'] ) && ! $this->is_singular ) { $cat_in = array(); $cat_not_in = array(); $cat_array = preg_split( '/[,\s]+/', urldecode( $q['cat'] ) ); $cat_array = array_map( 'intval', $cat_array ); $q['cat'] = implode( ',', $cat_array ); foreach ( $cat_array as $cat ) { if ( $cat > 0 ) { $cat_in[] = $cat; } elseif ( $cat < 0 ) { $cat_not_in[] = abs( $cat ); } } if ( ! empty( $cat_in ) ) { $tax_query[] = array( 'taxonomy' => 'category', 'terms' => $cat_in, 'field' => 'term_id', 'include_children' => true, ); } if ( ! empty( $cat_not_in ) ) { $tax_query[] = array( 'taxonomy' => 'category', 'terms' => $cat_not_in, 'field' => 'term_id', 'operator' => 'NOT IN', 'include_children' => true, ); } unset( $cat_array, $cat_in, $cat_not_in ); } if ( ! empty( $q['category__and'] ) && 1 === count( (array) $q['category__and'] ) ) { $q['category__and'] = (array) $q['category__and']; if ( ! isset( $q['category__in'] ) ) { $q['category__in'] = array(); } $q['category__in'][] = absint( reset( $q['category__and'] ) ); unset( $q['category__and'] ); } if ( ! empty( $q['category__in'] ) ) { $q['category__in'] = array_map( 'absint', array_unique( (array) $q['category__in'] ) ); $tax_query[] = array( 'taxonomy' => 'category', 'terms' => $q['category__in'], 'field' => 'term_id', 'include_children' => false, ); } if ( ! empty( $q['category__not_in'] ) ) { $q['category__not_in'] = array_map( 'absint', array_unique( (array) $q['category__not_in'] ) ); $tax_query[] = array( 'taxonomy' => 'category', 'terms' => $q['category__not_in'], 'operator' => 'NOT IN', 'include_children' => false, ); } if ( ! empty( $q['category__and'] ) ) { $q['category__and'] = array_map( 'absint', array_unique( (array) $q['category__and'] ) ); $tax_query[] = array( 'taxonomy' => 'category', 'terms' => $q['category__and'], 'field' => 'term_id', 'operator' => 'AND', 'include_children' => false, ); } // If query string 'tag' is array, implode it. if ( is_array( $q['tag'] ) ) { $q['tag'] = implode( ',', $q['tag'] ); } // Tag stuff. if ( '' !== $q['tag'] && ! $this->is_singular && $this->query_vars_changed ) { if ( str_contains( $q['tag'], ',' ) ) { $tags = preg_split( '/[,\r\n\t ]+/', $q['tag'] ); foreach ( (array) $tags as $tag ) { $tag = sanitize_term_field( 'slug', $tag, 0, 'post_tag', 'db' ); $q['tag_slug__in'][] = $tag; } } elseif ( preg_match( '/[+\r\n\t ]+/', $q['tag'] ) || ! empty( $q['cat'] ) ) { $tags = preg_split( '/[+\r\n\t ]+/', $q['tag'] ); foreach ( (array) $tags as $tag ) { $tag = sanitize_term_field( 'slug', $tag, 0, 'post_tag', 'db' ); $q['tag_slug__and'][] = $tag; } } else { $q['tag'] = sanitize_term_field( 'slug', $q['tag'], 0, 'post_tag', 'db' ); $q['tag_slug__in'][] = $q['tag']; } } if ( ! empty( $q['tag_id'] ) ) { $q['tag_id'] = absint( $q['tag_id'] ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag_id'], ); } if ( ! empty( $q['tag__in'] ) ) { $q['tag__in'] = array_map( 'absint', array_unique( (array) $q['tag__in'] ) ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag__in'], ); } if ( ! empty( $q['tag__not_in'] ) ) { $q['tag__not_in'] = array_map( 'absint', array_unique( (array) $q['tag__not_in'] ) ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag__not_in'], 'operator' => 'NOT IN', ); } if ( ! empty( $q['tag__and'] ) ) { $q['tag__and'] = array_map( 'absint', array_unique( (array) $q['tag__and'] ) ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag__and'], 'operator' => 'AND', ); } if ( ! empty( $q['tag_slug__in'] ) ) { $q['tag_slug__in'] = array_map( 'sanitize_title_for_query', array_unique( (array) $q['tag_slug__in'] ) ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag_slug__in'], 'field' => 'slug', ); } if ( ! empty( $q['tag_slug__and'] ) ) { $q['tag_slug__and'] = array_map( 'sanitize_title_for_query', array_unique( (array) $q['tag_slug__and'] ) ); $tax_query[] = array( 'taxonomy' => 'post_tag', 'terms' => $q['tag_slug__and'], 'field' => 'slug', 'operator' => 'AND', ); } $this->tax_query = new WP_Tax_Query( $tax_query ); /** * Fires after taxonomy-related query vars have been parsed. * * @since 3.7.0 * * @param WP_Query $query The WP_Query instance. */ do_action( 'parse_tax_query', $this ); } /** * Generates SQL for the WHERE clause based on passed search terms. * * @since 3.7.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $q Query variables. * @return string WHERE clause. */ protected function parse_search( &$q ) { global $wpdb; $search = ''; // Added slashes screw with quote grouping when done early, so done later. $q['s'] = stripslashes( $q['s'] ); if ( empty( $_GET['s'] ) && $this->is_main_query() ) { $q['s'] = urldecode( $q['s'] ); } // There are no line breaks in fields. $q['s'] = str_replace( array( "\r", "\n" ), '', $q['s'] ); $q['search_terms_count'] = 1; if ( ! empty( $q['sentence'] ) ) { $q['search_terms'] = array( $q['s'] ); } else { if ( preg_match_all( '/".*?("|$)|((?<=[\t ",+])|^)[^\t ",+]+/', $q['s'], $matches ) ) { $q['search_terms_count'] = count( $matches[0] ); $q['search_terms'] = $this->parse_search_terms( $matches[0] ); // If the search string has only short terms or stopwords, or is 10+ terms long, match it as sentence. if ( empty( $q['search_terms'] ) || count( $q['search_terms'] ) > 9 ) { $q['search_terms'] = array( $q['s'] ); } } else { $q['search_terms'] = array( $q['s'] ); } } $n = ! empty( $q['exact'] ) ? '' : '%'; $searchand = ''; $q['search_orderby_title'] = array(); $default_search_columns = array( 'post_title', 'post_excerpt', 'post_content' ); $search_columns = ! empty( $q['search_columns'] ) ? $q['search_columns'] : $default_search_columns; if ( ! is_array( $search_columns ) ) { $search_columns = array( $search_columns ); } /** * Filters the columns to search in a WP_Query search. * * The supported columns are `post_title`, `post_excerpt` and `post_content`. * They are all included by default. * * @since 6.2.0 * * @param string[] $search_columns Array of column names to be searched. * @param string $search Text being searched. * @param WP_Query $query The current WP_Query instance. */ $search_columns = (array) apply_filters( 'post_search_columns', $search_columns, $q['s'], $this ); // Use only supported search columns. $search_columns = array_intersect( $search_columns, $default_search_columns ); if ( empty( $search_columns ) ) { $search_columns = $default_search_columns; } /** * Filters the prefix that indicates that a search term should be excluded from results. * * @since 4.7.0 * * @param string $exclusion_prefix The prefix. Default '-'. Returning * an empty value disables exclusions. */ $exclusion_prefix = apply_filters( 'wp_query_search_exclusion_prefix', '-' ); foreach ( $q['search_terms'] as $term ) { // If there is an $exclusion_prefix, terms prefixed with it should be excluded. $exclude = $exclusion_prefix && str_starts_with( $term, $exclusion_prefix ); if ( $exclude ) { $like_op = 'NOT LIKE'; $andor_op = 'AND'; $term = substr( $term, 1 ); } else { $like_op = 'LIKE'; $andor_op = 'OR'; } if ( $n && ! $exclude ) { $like = '%' . $wpdb->esc_like( $term ) . '%'; $q['search_orderby_title'][] = $wpdb->prepare( "{$wpdb->posts}.post_title LIKE %s", $like ); } $like = $n . $wpdb->esc_like( $term ) . $n; $search_columns_parts = array(); foreach ( $search_columns as $search_column ) { $search_columns_parts[ $search_column ] = $wpdb->prepare( "({$wpdb->posts}.$search_column $like_op %s)", $like ); } if ( ! empty( $this->allow_query_attachment_by_filename ) ) { $search_columns_parts['attachment'] = $wpdb->prepare( "(sq1.meta_value $like_op %s)", $like ); } $search .= "$searchand(" . implode( " $andor_op ", $search_columns_parts ) . ')'; $searchand = ' AND '; } if ( ! empty( $search ) ) { $search = " AND ({$search}) "; if ( ! is_user_logged_in() ) { $search .= " AND ({$wpdb->posts}.post_password = '') "; } } return $search; } /** * Checks if the terms are suitable for searching. * * Uses an array of stopwords (terms) that are excluded from the separate * term matching when searching for posts. The list of English stopwords is * the approximate search engines list, and is translatable. * * @since 3.7.0 * * @param string[] $terms Array of terms to check. * @return string[] Terms that are not stopwords. */ protected function parse_search_terms( $terms ) { $strtolower = function_exists( 'mb_strtolower' ) ? 'mb_strtolower' : 'strtolower'; $checked = array(); $stopwords = $this->get_search_stopwords(); foreach ( $terms as $term ) { // Keep before/after spaces when term is for exact match. if ( preg_match( '/^".+"$/', $term ) ) { $term = trim( $term, "\"'" ); } else { $term = trim( $term, "\"' " ); } // Avoid single A-Z and single dashes. if ( ! $term || ( 1 === strlen( $term ) && preg_match( '/^[a-z\-]$/i', $term ) ) ) { continue; } if ( in_array( call_user_func( $strtolower, $term ), $stopwords, true ) ) { continue; } $checked[] = $term; } return $checked; } /** * Retrieves stopwords used when parsing search terms. * * @since 3.7.0 * * @return string[] Stopwords. */ protected function get_search_stopwords() { if ( isset( $this->stopwords ) ) { return $this->stopwords; } /* * translators: This is a comma-separated list of very common words that should be excluded from a search, * like a, an, and the. These are usually called "stopwords". You should not simply translate these individual * words into your language. Instead, look for and provide commonly accepted stopwords in your language. */ $words = explode( ',', _x( 'about,an,are,as,at,be,by,com,for,from,how,in,is,it,of,on,or,that,the,this,to,was,what,when,where,who,will,with,www', 'Comma-separated list of search stopwords in your language' ) ); $stopwords = array(); foreach ( $words as $word ) { $word = trim( $word, "\r\n\t " ); if ( $word ) { $stopwords[] = $word; } } /** * Filters stopwords used when parsing search terms. * * @since 3.7.0 * * @param string[] $stopwords Array of stopwords. */ $this->stopwords = apply_filters( 'wp_search_stopwords', $stopwords ); return $this->stopwords; } /** * Generates SQL for the ORDER BY condition based on passed search terms. * * @since 3.7.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $q Query variables. * @return string ORDER BY clause. */ protected function parse_search_order( &$q ) { global $wpdb; if ( $q['search_terms_count'] > 1 ) { $num_terms = count( $q['search_orderby_title'] ); // If the search terms contain negative queries, don't bother ordering by sentence matches. $like = ''; if ( ! preg_match( '/(?:\s|^)\-/', $q['s'] ) ) { $like = '%' . $wpdb->esc_like( $q['s'] ) . '%'; } $search_orderby = ''; // Sentence match in 'post_title'. if ( $like ) { $search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_title LIKE %s THEN 1 ", $like ); } /* * Sanity limit, sort as sentence when more than 6 terms * (few searches are longer than 6 terms and most titles are not). */ if ( $num_terms < 7 ) { // All words in title. $search_orderby .= 'WHEN ' . implode( ' AND ', $q['search_orderby_title'] ) . ' THEN 2 '; // Any word in title, not needed when $num_terms == 1. if ( $num_terms > 1 ) { $search_orderby .= 'WHEN ' . implode( ' OR ', $q['search_orderby_title'] ) . ' THEN 3 '; } } // Sentence match in 'post_content' and 'post_excerpt'. if ( $like ) { $search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_excerpt LIKE %s THEN 4 ", $like ); $search_orderby .= $wpdb->prepare( "WHEN {$wpdb->posts}.post_content LIKE %s THEN 5 ", $like ); } if ( $search_orderby ) { $search_orderby = '(CASE ' . $search_orderby . 'ELSE 6 END)'; } } else { // Single word or sentence search. $search_orderby = reset( $q['search_orderby_title'] ) . ' DESC'; } return $search_orderby; } /** * Converts the given orderby alias (if allowed) to a properly-prefixed value. * * @since 4.0.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $orderby Alias for the field to order by. * @return string|false Table-prefixed value to used in the ORDER clause. False otherwise. */ protected function parse_orderby( $orderby ) { global $wpdb; // Used to filter values. $allowed_keys = array( 'post_name', 'post_author', 'post_date', 'post_title', 'post_modified', 'post_parent', 'post_type', 'name', 'author', 'date', 'title', 'modified', 'parent', 'type', 'ID', 'menu_order', 'comment_count', 'rand', 'post__in', 'post_parent__in', 'post_name__in', ); $primary_meta_key = ''; $primary_meta_query = false; $meta_clauses = $this->meta_query->get_clauses(); if ( ! empty( $meta_clauses ) ) { $primary_meta_query = reset( $meta_clauses ); if ( ! empty( $primary_meta_query['key'] ) ) { $primary_meta_key = $primary_meta_query['key']; $allowed_keys[] = $primary_meta_key; } $allowed_keys[] = 'meta_value'; $allowed_keys[] = 'meta_value_num'; $allowed_keys = array_merge( $allowed_keys, array_keys( $meta_clauses ) ); } // If RAND() contains a seed value, sanitize and add to allowed keys. $rand_with_seed = false; if ( preg_match( '/RAND\(([0-9]+)\)/i', $orderby, $matches ) ) { $orderby = sprintf( 'RAND(%s)', (int) $matches[1] ); $allowed_keys[] = $orderby; $rand_with_seed = true; } if ( ! in_array( $orderby, $allowed_keys, true ) ) { return false; } $orderby_clause = ''; switch ( $orderby ) { case 'post_name': case 'post_author': case 'post_date': case 'post_title': case 'post_modified': case 'post_parent': case 'post_type': case 'ID': case 'menu_order': case 'comment_count': $orderby_clause = "{$wpdb->posts}.{$orderby}"; break; case 'rand': $orderby_clause = 'RAND()'; break; case $primary_meta_key: case 'meta_value': if ( ! empty( $primary_meta_query['type'] ) ) { $orderby_clause = "CAST({$primary_meta_query['alias']}.meta_value AS {$primary_meta_query['cast']})"; } else { $orderby_clause = "{$primary_meta_query['alias']}.meta_value"; } break; case 'meta_value_num': $orderby_clause = "{$primary_meta_query['alias']}.meta_value+0"; break; case 'post__in': if ( ! empty( $this->query_vars['post__in'] ) ) { $orderby_clause = "FIELD({$wpdb->posts}.ID," . implode( ',', array_map( 'absint', $this->query_vars['post__in'] ) ) . ')'; } break; case 'post_parent__in': if ( ! empty( $this->query_vars['post_parent__in'] ) ) { $orderby_clause = "FIELD( {$wpdb->posts}.post_parent," . implode( ', ', array_map( 'absint', $this->query_vars['post_parent__in'] ) ) . ' )'; } break; case 'post_name__in': if ( ! empty( $this->query_vars['post_name__in'] ) ) { $post_name__in = array_map( 'sanitize_title_for_query', $this->query_vars['post_name__in'] ); $post_name__in_string = "'" . implode( "','", $post_name__in ) . "'"; $orderby_clause = "FIELD( {$wpdb->posts}.post_name," . $post_name__in_string . ' )'; } break; default: if ( array_key_exists( $orderby, $meta_clauses ) ) { // $orderby corresponds to a meta_query clause. $meta_clause = $meta_clauses[ $orderby ]; $orderby_clause = "CAST({$meta_clause['alias']}.meta_value AS {$meta_clause['cast']})"; } elseif ( $rand_with_seed ) { $orderby_clause = $orderby; } else { // Default: order by post field. $orderby_clause = "{$wpdb->posts}.post_" . sanitize_key( $orderby ); } break; } return $orderby_clause; } /** * Parse an 'order' query variable and cast it to ASC or DESC as necessary. * * @since 4.0.0 * * @param string $order The 'order' query variable. * @return string The sanitized 'order' query variable. */ protected function parse_order( $order ) { if ( ! is_string( $order ) || empty( $order ) ) { return 'DESC'; } if ( 'ASC' === strtoupper( $order ) ) { return 'ASC'; } else { return 'DESC'; } } /** * Sets the 404 property and saves whether query is feed. * * @since 2.0.0 */ public function set_404() { $is_feed = $this->is_feed; $this->init_query_flags(); $this->is_404 = true; $this->is_feed = $is_feed; /** * Fires after a 404 is triggered. * * @since 5.5.0 * * @param WP_Query $query The WP_Query instance (passed by reference). */ do_action_ref_array( 'set_404', array( $this ) ); } /** * Retrieves the value of a query variable. * * @since 1.5.0 * @since 3.9.0 The `$default_value` argument was introduced. * * @param string $query_var Query variable key. * @param mixed $default_value Optional. Value to return if the query variable is not set. * Default empty string. * @return mixed Contents of the query variable. */ public function get( $query_var, $default_value = '' ) { if ( isset( $this->query_vars[ $query_var ] ) ) { return $this->query_vars[ $query_var ]; } return $default_value; } /** * Sets the value of a query variable. * * @since 1.5.0 * * @param string $query_var Query variable key. * @param mixed $value Query variable value. */ public function set( $query_var, $value ) { $this->query_vars[ $query_var ] = $value; } /** * Retrieves an array of posts based on query variables. * * There are a few filters and actions that can be used to modify the post * database query. * * @since 1.5.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @return WP_Post[]|int[] Array of post objects or post IDs. */ public function get_posts() { global $wpdb; $this->parse_query(); /** * Fires after the query variable object is created, but before the actual query is run. * * Note: If using conditional tags, use the method versions within the passed instance * (e.g. $this->is_main_query() instead of is_main_query()). This is because the functions * like is_main_query() test against the global $wp_query instance, not the passed one. * * @since 2.0.0 * * @param WP_Query $query The WP_Query instance (passed by reference). */ do_action_ref_array( 'pre_get_posts', array( &$this ) ); // Shorthand. $q = &$this->query_vars; // Fill again in case 'pre_get_posts' unset some vars. $q = $this->fill_query_vars( $q ); /** * Filters whether an attachment query should include filenames or not. * * @since 6.0.3 * * @param bool $allow_query_attachment_by_filename Whether or not to include filenames. */ $this->allow_query_attachment_by_filename = apply_filters( 'wp_allow_query_attachment_by_filename', false ); remove_all_filters( 'wp_allow_query_attachment_by_filename' ); // Parse meta query. $this->meta_query = new WP_Meta_Query(); $this->meta_query->parse_query_vars( $q ); // Set a flag if a 'pre_get_posts' hook changed the query vars. $hash = md5( serialize( $this->query_vars ) ); if ( $hash != $this->query_vars_hash ) { $this->query_vars_changed = true; $this->query_vars_hash = $hash; } unset( $hash ); // First let's clear some variables. $distinct = ''; $whichauthor = ''; $whichmimetype = ''; $where = ''; $limits = ''; $join = ''; $search = ''; $groupby = ''; $post_status_join = false; $page = 1; if ( isset( $q['caller_get_posts'] ) ) { _deprecated_argument( 'WP_Query', '3.1.0', sprintf( /* translators: 1: caller_get_posts, 2: ignore_sticky_posts */ __( '%1$s is deprecated. Use %2$s instead.' ), 'caller_get_posts', 'ignore_sticky_posts' ) ); if ( ! isset( $q['ignore_sticky_posts'] ) ) { $q['ignore_sticky_posts'] = $q['caller_get_posts']; } } if ( ! isset( $q['ignore_sticky_posts'] ) ) { $q['ignore_sticky_posts'] = false; } if ( ! isset( $q['suppress_filters'] ) ) { $q['suppress_filters'] = false; } if ( ! isset( $q['cache_results'] ) ) { $q['cache_results'] = true; } if ( ! isset( $q['update_post_term_cache'] ) ) { $q['update_post_term_cache'] = true; } if ( ! isset( $q['update_menu_item_cache'] ) ) { $q['update_menu_item_cache'] = false; } if ( ! isset( $q['lazy_load_term_meta'] ) ) { $q['lazy_load_term_meta'] = $q['update_post_term_cache']; } elseif ( $q['lazy_load_term_meta'] ) { // Lazy loading term meta only works if term caches are primed. $q['update_post_term_cache'] = true; } if ( ! isset( $q['update_post_meta_cache'] ) ) { $q['update_post_meta_cache'] = true; } if ( ! isset( $q['post_type'] ) ) { if ( $this->is_search ) { $q['post_type'] = 'any'; } else { $q['post_type'] = ''; } } $post_type = $q['post_type']; if ( empty( $q['posts_per_page'] ) ) { $q['posts_per_page'] = get_option( 'posts_per_page' ); } if ( isset( $q['showposts'] ) && $q['showposts'] ) { $q['showposts'] = (int) $q['showposts']; $q['posts_per_page'] = $q['showposts']; } if ( ( isset( $q['posts_per_archive_page'] ) && 0 != $q['posts_per_archive_page'] ) && ( $this->is_archive || $this->is_search ) ) { $q['posts_per_page'] = $q['posts_per_archive_page']; } if ( ! isset( $q['nopaging'] ) ) { if ( -1 == $q['posts_per_page'] ) { $q['nopaging'] = true; } else { $q['nopaging'] = false; } } if ( $this->is_feed ) { // This overrides 'posts_per_page'. if ( ! empty( $q['posts_per_rss'] ) ) { $q['posts_per_page'] = $q['posts_per_rss']; } else { $q['posts_per_page'] = get_option( 'posts_per_rss' ); } $q['nopaging'] = false; } $q['posts_per_page'] = (int) $q['posts_per_page']; if ( $q['posts_per_page'] < -1 ) { $q['posts_per_page'] = abs( $q['posts_per_page'] ); } elseif ( 0 == $q['posts_per_page'] ) { $q['posts_per_page'] = 1; } if ( ! isset( $q['comments_per_page'] ) || 0 == $q['comments_per_page'] ) { $q['comments_per_page'] = get_option( 'comments_per_page' ); } if ( $this->is_home && ( empty( $this->query ) || 'true' === $q['preview'] ) && ( 'page' === get_option( 'show_on_front' ) ) && get_option( 'page_on_front' ) ) { $this->is_page = true; $this->is_home = false; $q['page_id'] = get_option( 'page_on_front' ); } if ( isset( $q['page'] ) ) { $q['page'] = is_scalar( $q['page'] ) ? absint( trim( $q['page'], '/' ) ) : 0; } // If true, forcibly turns off SQL_CALC_FOUND_ROWS even when limits are present. if ( isset( $q['no_found_rows'] ) ) { $q['no_found_rows'] = (bool) $q['no_found_rows']; } else { $q['no_found_rows'] = false; } switch ( $q['fields'] ) { case 'ids': $fields = "{$wpdb->posts}.ID"; break; case 'id=>parent': $fields = "{$wpdb->posts}.ID, {$wpdb->posts}.post_parent"; break; default: $fields = "{$wpdb->posts}.*"; } if ( '' !== $q['menu_order'] ) { $where .= " AND {$wpdb->posts}.menu_order = " . $q['menu_order']; } // The "m" parameter is meant for months but accepts datetimes of varying specificity. if ( $q['m'] ) { $where .= " AND YEAR({$wpdb->posts}.post_date)=" . substr( $q['m'], 0, 4 ); if ( strlen( $q['m'] ) > 5 ) { $where .= " AND MONTH({$wpdb->posts}.post_date)=" . substr( $q['m'], 4, 2 ); } if ( strlen( $q['m'] ) > 7 ) { $where .= " AND DAYOFMONTH({$wpdb->posts}.post_date)=" . substr( $q['m'], 6, 2 ); } if ( strlen( $q['m'] ) > 9 ) { $where .= " AND HOUR({$wpdb->posts}.post_date)=" . substr( $q['m'], 8, 2 ); } if ( strlen( $q['m'] ) > 11 ) { $where .= " AND MINUTE({$wpdb->posts}.post_date)=" . substr( $q['m'], 10, 2 ); } if ( strlen( $q['m'] ) > 13 ) { $where .= " AND SECOND({$wpdb->posts}.post_date)=" . substr( $q['m'], 12, 2 ); } } // Handle the other individual date parameters. $date_parameters = array(); if ( '' !== $q['hour'] ) { $date_parameters['hour'] = $q['hour']; } if ( '' !== $q['minute'] ) { $date_parameters['minute'] = $q['minute']; } if ( '' !== $q['second'] ) { $date_parameters['second'] = $q['second']; } if ( $q['year'] ) { $date_parameters['year'] = $q['year']; } if ( $q['monthnum'] ) { $date_parameters['monthnum'] = $q['monthnum']; } if ( $q['w'] ) { $date_parameters['week'] = $q['w']; } if ( $q['day'] ) { $date_parameters['day'] = $q['day']; } if ( $date_parameters ) { $date_query = new WP_Date_Query( array( $date_parameters ) ); $where .= $date_query->get_sql(); } unset( $date_parameters, $date_query ); // Handle complex date queries. if ( ! empty( $q['date_query'] ) ) { $this->date_query = new WP_Date_Query( $q['date_query'] ); $where .= $this->date_query->get_sql(); } // If we've got a post_type AND it's not "any" post_type. if ( ! empty( $q['post_type'] ) && 'any' !== $q['post_type'] ) { foreach ( (array) $q['post_type'] as $_post_type ) { $ptype_obj = get_post_type_object( $_post_type ); if ( ! $ptype_obj || ! $ptype_obj->query_var || empty( $q[ $ptype_obj->query_var ] ) ) { continue; } if ( ! $ptype_obj->hierarchical ) { // Non-hierarchical post types can directly use 'name'. $q['name'] = $q[ $ptype_obj->query_var ]; } else { // Hierarchical post types will operate through 'pagename'. $q['pagename'] = $q[ $ptype_obj->query_var ]; $q['name'] = ''; } // Only one request for a slug is possible, this is why name & pagename are overwritten above. break; } // End foreach. unset( $ptype_obj ); } if ( '' !== $q['title'] ) { $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_title = %s", stripslashes( $q['title'] ) ); } // Parameters related to 'post_name'. if ( '' !== $q['name'] ) { $q['name'] = sanitize_title_for_query( $q['name'] ); $where .= " AND {$wpdb->posts}.post_name = '" . $q['name'] . "'"; } elseif ( '' !== $q['pagename'] ) { if ( isset( $this->queried_object_id ) ) { $reqpage = $this->queried_object_id; } else { if ( 'page' !== $q['post_type'] ) { foreach ( (array) $q['post_type'] as $_post_type ) { $ptype_obj = get_post_type_object( $_post_type ); if ( ! $ptype_obj || ! $ptype_obj->hierarchical ) { continue; } $reqpage = get_page_by_path( $q['pagename'], OBJECT, $_post_type ); if ( $reqpage ) { break; } } unset( $ptype_obj ); } else { $reqpage = get_page_by_path( $q['pagename'] ); } if ( ! empty( $reqpage ) ) { $reqpage = $reqpage->ID; } else { $reqpage = 0; } } $page_for_posts = get_option( 'page_for_posts' ); if ( ( 'page' !== get_option( 'show_on_front' ) ) || empty( $page_for_posts ) || ( $reqpage != $page_for_posts ) ) { $q['pagename'] = sanitize_title_for_query( wp_basename( $q['pagename'] ) ); $q['name'] = $q['pagename']; $where .= " AND ({$wpdb->posts}.ID = '$reqpage')"; $reqpage_obj = get_post( $reqpage ); if ( is_object( $reqpage_obj ) && 'attachment' === $reqpage_obj->post_type ) { $this->is_attachment = true; $post_type = 'attachment'; $q['post_type'] = 'attachment'; $this->is_page = true; $q['attachment_id'] = $reqpage; } } } elseif ( '' !== $q['attachment'] ) { $q['attachment'] = sanitize_title_for_query( wp_basename( $q['attachment'] ) ); $q['name'] = $q['attachment']; $where .= " AND {$wpdb->posts}.post_name = '" . $q['attachment'] . "'"; } elseif ( is_array( $q['post_name__in'] ) && ! empty( $q['post_name__in'] ) ) { $q['post_name__in'] = array_map( 'sanitize_title_for_query', $q['post_name__in'] ); $post_name__in = "'" . implode( "','", $q['post_name__in'] ) . "'"; $where .= " AND {$wpdb->posts}.post_name IN ($post_name__in)"; } // If an attachment is requested by number, let it supersede any post number. if ( $q['attachment_id'] ) { $q['p'] = absint( $q['attachment_id'] ); } // If a post number is specified, load that post. if ( $q['p'] ) { $where .= " AND {$wpdb->posts}.ID = " . $q['p']; } elseif ( $q['post__in'] ) { $post__in = implode( ',', array_map( 'absint', $q['post__in'] ) ); $where .= " AND {$wpdb->posts}.ID IN ($post__in)"; } elseif ( $q['post__not_in'] ) { $post__not_in = implode( ',', array_map( 'absint', $q['post__not_in'] ) ); $where .= " AND {$wpdb->posts}.ID NOT IN ($post__not_in)"; } if ( is_numeric( $q['post_parent'] ) ) { $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_parent = %d ", $q['post_parent'] ); } elseif ( $q['post_parent__in'] ) { $post_parent__in = implode( ',', array_map( 'absint', $q['post_parent__in'] ) ); $where .= " AND {$wpdb->posts}.post_parent IN ($post_parent__in)"; } elseif ( $q['post_parent__not_in'] ) { $post_parent__not_in = implode( ',', array_map( 'absint', $q['post_parent__not_in'] ) ); $where .= " AND {$wpdb->posts}.post_parent NOT IN ($post_parent__not_in)"; } if ( $q['page_id'] ) { if ( ( 'page' !== get_option( 'show_on_front' ) ) || ( get_option( 'page_for_posts' ) != $q['page_id'] ) ) { $q['p'] = $q['page_id']; $where = " AND {$wpdb->posts}.ID = " . $q['page_id']; } } // If a search pattern is specified, load the posts that match. if ( strlen( $q['s'] ) ) { $search = $this->parse_search( $q ); } if ( ! $q['suppress_filters'] ) { /** * Filters the search SQL that is used in the WHERE clause of WP_Query. * * @since 3.0.0 * * @param string $search Search SQL for WHERE clause. * @param WP_Query $query The current WP_Query object. */ $search = apply_filters_ref_array( 'posts_search', array( $search, &$this ) ); } // Taxonomies. if ( ! $this->is_singular ) { $this->parse_tax_query( $q ); $clauses = $this->tax_query->get_sql( $wpdb->posts, 'ID' ); $join .= $clauses['join']; $where .= $clauses['where']; } if ( $this->is_tax ) { if ( empty( $post_type ) ) { // Do a fully inclusive search for currently registered post types of queried taxonomies. $post_type = array(); $taxonomies = array_keys( $this->tax_query->queried_terms ); foreach ( get_post_types( array( 'exclude_from_search' => false ) ) as $pt ) { $object_taxonomies = 'attachment' === $pt ? get_taxonomies_for_attachments() : get_object_taxonomies( $pt ); if ( array_intersect( $taxonomies, $object_taxonomies ) ) { $post_type[] = $pt; } } if ( ! $post_type ) { $post_type = 'any'; } elseif ( count( $post_type ) === 1 ) { $post_type = $post_type[0]; } else { // Sort post types to ensure same cache key generation. sort( $post_type ); } $post_status_join = true; } elseif ( in_array( 'attachment', (array) $post_type, true ) ) { $post_status_join = true; } } /* * Ensure that 'taxonomy', 'term', 'term_id', 'cat', and * 'category_name' vars are set for backward compatibility. */ if ( ! empty( $this->tax_query->queried_terms ) ) { /* * Set 'taxonomy', 'term', and 'term_id' to the * first taxonomy other than 'post_tag' or 'category'. */ if ( ! isset( $q['taxonomy'] ) ) { foreach ( $this->tax_query->queried_terms as $queried_taxonomy => $queried_items ) { if ( empty( $queried_items['terms'][0] ) ) { continue; } if ( ! in_array( $queried_taxonomy, array( 'category', 'post_tag' ), true ) ) { $q['taxonomy'] = $queried_taxonomy; if ( 'slug' === $queried_items['field'] ) { $q['term'] = $queried_items['terms'][0]; } else { $q['term_id'] = $queried_items['terms'][0]; } // Take the first one we find. break; } } } // 'cat', 'category_name', 'tag_id'. foreach ( $this->tax_query->queried_terms as $queried_taxonomy => $queried_items ) { if ( empty( $queried_items['terms'][0] ) ) { continue; } if ( 'category' === $queried_taxonomy ) { $the_cat = get_term_by( $queried_items['field'], $queried_items['terms'][0], 'category' ); if ( $the_cat ) { $this->set( 'cat', $the_cat->term_id ); $this->set( 'category_name', $the_cat->slug ); } unset( $the_cat ); } if ( 'post_tag' === $queried_taxonomy ) { $the_tag = get_term_by( $queried_items['field'], $queried_items['terms'][0], 'post_tag' ); if ( $the_tag ) { $this->set( 'tag_id', $the_tag->term_id ); } unset( $the_tag ); } } } if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) || ! empty( $this->allow_query_attachment_by_filename ) ) { $groupby = "{$wpdb->posts}.ID"; } // Author/user stuff. if ( ! empty( $q['author'] ) && '0' != $q['author'] ) { $q['author'] = addslashes_gpc( '' . urldecode( $q['author'] ) ); $authors = array_unique( array_map( 'intval', preg_split( '/[,\s]+/', $q['author'] ) ) ); foreach ( $authors as $author ) { $key = $author > 0 ? 'author__in' : 'author__not_in'; $q[ $key ][] = abs( $author ); } $q['author'] = implode( ',', $authors ); } if ( ! empty( $q['author__not_in'] ) ) { $author__not_in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__not_in'] ) ) ); $where .= " AND {$wpdb->posts}.post_author NOT IN ($author__not_in) "; } elseif ( ! empty( $q['author__in'] ) ) { $author__in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__in'] ) ) ); $where .= " AND {$wpdb->posts}.post_author IN ($author__in) "; } // Author stuff for nice URLs. if ( '' !== $q['author_name'] ) { if ( str_contains( $q['author_name'], '/' ) ) { $q['author_name'] = explode( '/', $q['author_name'] ); if ( $q['author_name'][ count( $q['author_name'] ) - 1 ] ) { $q['author_name'] = $q['author_name'][ count( $q['author_name'] ) - 1 ]; // No trailing slash. } else { $q['author_name'] = $q['author_name'][ count( $q['author_name'] ) - 2 ]; // There was a trailing slash. } } $q['author_name'] = sanitize_title_for_query( $q['author_name'] ); $q['author'] = get_user_by( 'slug', $q['author_name'] ); if ( $q['author'] ) { $q['author'] = $q['author']->ID; } $whichauthor .= " AND ({$wpdb->posts}.post_author = " . absint( $q['author'] ) . ')'; } // Matching by comment count. if ( isset( $q['comment_count'] ) ) { // Numeric comment count is converted to array format. if ( is_numeric( $q['comment_count'] ) ) { $q['comment_count'] = array( 'value' => (int) $q['comment_count'], ); } if ( isset( $q['comment_count']['value'] ) ) { $q['comment_count'] = array_merge( array( 'compare' => '=', ), $q['comment_count'] ); // Fallback for invalid compare operators is '='. $compare_operators = array( '=', '!=', '>', '>=', '<', '<=' ); if ( ! in_array( $q['comment_count']['compare'], $compare_operators, true ) ) { $q['comment_count']['compare'] = '='; } $where .= $wpdb->prepare( " AND {$wpdb->posts}.comment_count {$q['comment_count']['compare']} %d", $q['comment_count']['value'] ); } } // MIME-Type stuff for attachment browsing. if ( isset( $q['post_mime_type'] ) && '' !== $q['post_mime_type'] ) { $whichmimetype = wp_post_mime_type_where( $q['post_mime_type'], $wpdb->posts ); } $where .= $search . $whichauthor . $whichmimetype; if ( ! empty( $this->allow_query_attachment_by_filename ) ) { $join .= " LEFT JOIN {$wpdb->postmeta} AS sq1 ON ( {$wpdb->posts}.ID = sq1.post_id AND sq1.meta_key = '_wp_attached_file' )"; } if ( ! empty( $this->meta_query->queries ) ) { $clauses = $this->meta_query->get_sql( 'post', $wpdb->posts, 'ID', $this ); $join .= $clauses['join']; $where .= $clauses['where']; } $rand = ( isset( $q['orderby'] ) && 'rand' === $q['orderby'] ); if ( ! isset( $q['order'] ) ) { $q['order'] = $rand ? '' : 'DESC'; } else { $q['order'] = $rand ? '' : $this->parse_order( $q['order'] ); } // These values of orderby should ignore the 'order' parameter. $force_asc = array( 'post__in', 'post_name__in', 'post_parent__in' ); if ( isset( $q['orderby'] ) && in_array( $q['orderby'], $force_asc, true ) ) { $q['order'] = ''; } // Order by. if ( empty( $q['orderby'] ) ) { /* * Boolean false or empty array blanks out ORDER BY, * while leaving the value unset or otherwise empty sets the default. */ if ( isset( $q['orderby'] ) && ( is_array( $q['orderby'] ) || false === $q['orderby'] ) ) { $orderby = ''; } else { $orderby = "{$wpdb->posts}.post_date " . $q['order']; } } elseif ( 'none' === $q['orderby'] ) { $orderby = ''; } else { $orderby_array = array(); if ( is_array( $q['orderby'] ) ) { foreach ( $q['orderby'] as $_orderby => $order ) { $orderby = addslashes_gpc( urldecode( $_orderby ) ); $parsed = $this->parse_orderby( $orderby ); if ( ! $parsed ) { continue; } $orderby_array[] = $parsed . ' ' . $this->parse_order( $order ); } $orderby = implode( ', ', $orderby_array ); } else { $q['orderby'] = urldecode( $q['orderby'] ); $q['orderby'] = addslashes_gpc( $q['orderby'] ); foreach ( explode( ' ', $q['orderby'] ) as $i => $orderby ) { $parsed = $this->parse_orderby( $orderby ); // Only allow certain values for safety. if ( ! $parsed ) { continue; } $orderby_array[] = $parsed; } $orderby = implode( ' ' . $q['order'] . ', ', $orderby_array ); if ( empty( $orderby ) ) { $orderby = "{$wpdb->posts}.post_date " . $q['order']; } elseif ( ! empty( $q['order'] ) ) { $orderby .= " {$q['order']}"; } } } // Order search results by relevance only when another "orderby" is not specified in the query. if ( ! empty( $q['s'] ) ) { $search_orderby = ''; if ( ! empty( $q['search_orderby_title'] ) && ( empty( $q['orderby'] ) && ! $this->is_feed ) || ( isset( $q['orderby'] ) && 'relevance' === $q['orderby'] ) ) { $search_orderby = $this->parse_search_order( $q ); } if ( ! $q['suppress_filters'] ) { /** * Filters the ORDER BY used when ordering search results. * * @since 3.7.0 * * @param string $search_orderby The ORDER BY clause. * @param WP_Query $query The current WP_Query instance. */ $search_orderby = apply_filters( 'posts_search_orderby', $search_orderby, $this ); } if ( $search_orderby ) { $orderby = $orderby ? $search_orderby . ', ' . $orderby : $search_orderby; } } if ( is_array( $post_type ) && count( $post_type ) > 1 ) { $post_type_cap = 'multiple_post_type'; } else { if ( is_array( $post_type ) ) { $post_type = reset( $post_type ); } $post_type_object = get_post_type_object( $post_type ); if ( empty( $post_type_object ) ) { $post_type_cap = $post_type; } } if ( isset( $q['post_password'] ) ) { $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_password = %s", $q['post_password'] ); if ( empty( $q['perm'] ) ) { $q['perm'] = 'readable'; } } elseif ( isset( $q['has_password'] ) ) { $where .= sprintf( " AND {$wpdb->posts}.post_password %s ''", $q['has_password'] ? '!=' : '=' ); } if ( ! empty( $q['comment_status'] ) ) { $where .= $wpdb->prepare( " AND {$wpdb->posts}.comment_status = %s ", $q['comment_status'] ); } if ( ! empty( $q['ping_status'] ) ) { $where .= $wpdb->prepare( " AND {$wpdb->posts}.ping_status = %s ", $q['ping_status'] ); } $skip_post_status = false; if ( 'any' === $post_type ) { $in_search_post_types = get_post_types( array( 'exclude_from_search' => false ) ); if ( empty( $in_search_post_types ) ) { $post_type_where = ' AND 1=0 '; $skip_post_status = true; } else { $post_type_where = " AND {$wpdb->posts}.post_type IN ('" . implode( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')"; } } elseif ( ! empty( $post_type ) && is_array( $post_type ) ) { // Sort post types to ensure same cache key generation. sort( $post_type ); $post_type_where = " AND {$wpdb->posts}.post_type IN ('" . implode( "', '", esc_sql( $post_type ) ) . "')"; } elseif ( ! empty( $post_type ) ) { $post_type_where = $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type ); $post_type_object = get_post_type_object( $post_type ); } elseif ( $this->is_attachment ) { $post_type_where = " AND {$wpdb->posts}.post_type = 'attachment'"; $post_type_object = get_post_type_object( 'attachment' ); } elseif ( $this->is_page ) { $post_type_where = " AND {$wpdb->posts}.post_type = 'page'"; $post_type_object = get_post_type_object( 'page' ); } else { $post_type_where = " AND {$wpdb->posts}.post_type = 'post'"; $post_type_object = get_post_type_object( 'post' ); } $edit_cap = 'edit_post'; $read_cap = 'read_post'; if ( ! empty( $post_type_object ) ) { $edit_others_cap = $post_type_object->cap->edit_others_posts; $read_private_cap = $post_type_object->cap->read_private_posts; } else { $edit_others_cap = 'edit_others_' . $post_type_cap . 's'; $read_private_cap = 'read_private_' . $post_type_cap . 's'; } $user_id = get_current_user_id(); $q_status = array(); if ( $skip_post_status ) { $where .= $post_type_where; } elseif ( ! empty( $q['post_status'] ) ) { $where .= $post_type_where; $statuswheres = array(); $q_status = $q['post_status']; if ( ! is_array( $q_status ) ) { $q_status = explode( ',', $q_status ); } $r_status = array(); $p_status = array(); $e_status = array(); if ( in_array( 'any', $q_status, true ) ) { foreach ( get_post_stati( array( 'exclude_from_search' => true ) ) as $status ) { if ( ! in_array( $status, $q_status, true ) ) { $e_status[] = "{$wpdb->posts}.post_status <> '$status'"; } } } else { foreach ( get_post_stati() as $status ) { if ( in_array( $status, $q_status, true ) ) { if ( 'private' === $status ) { $p_status[] = "{$wpdb->posts}.post_status = '$status'"; } else { $r_status[] = "{$wpdb->posts}.post_status = '$status'"; } } } } if ( empty( $q['perm'] ) || 'readable' !== $q['perm'] ) { $r_status = array_merge( $r_status, $p_status ); unset( $p_status ); } if ( ! empty( $e_status ) ) { $statuswheres[] = '(' . implode( ' AND ', $e_status ) . ')'; } if ( ! empty( $r_status ) ) { if ( ! empty( $q['perm'] ) && 'editable' === $q['perm'] && ! current_user_can( $edit_others_cap ) ) { $statuswheres[] = "({$wpdb->posts}.post_author = $user_id " . 'AND (' . implode( ' OR ', $r_status ) . '))'; } else { $statuswheres[] = '(' . implode( ' OR ', $r_status ) . ')'; } } if ( ! empty( $p_status ) ) { if ( ! empty( $q['perm'] ) && 'readable' === $q['perm'] && ! current_user_can( $read_private_cap ) ) { $statuswheres[] = "({$wpdb->posts}.post_author = $user_id " . 'AND (' . implode( ' OR ', $p_status ) . '))'; } else { $statuswheres[] = '(' . implode( ' OR ', $p_status ) . ')'; } } if ( $post_status_join ) { $join .= " LEFT JOIN {$wpdb->posts} AS p2 ON ({$wpdb->posts}.post_parent = p2.ID) "; foreach ( $statuswheres as $index => $statuswhere ) { $statuswheres[ $index ] = "($statuswhere OR ({$wpdb->posts}.post_status = 'inherit' AND " . str_replace( $wpdb->posts, 'p2', $statuswhere ) . '))'; } } $where_status = implode( ' OR ', $statuswheres ); if ( ! empty( $where_status ) ) { $where .= " AND ($where_status)"; } } elseif ( ! $this->is_singular ) { if ( 'any' === $post_type ) { $queried_post_types = get_post_types( array( 'exclude_from_search' => false ) ); } elseif ( is_array( $post_type ) ) { $queried_post_types = $post_type; } elseif ( ! empty( $post_type ) ) { $queried_post_types = array( $post_type ); } else { $queried_post_types = array( 'post' ); } if ( ! empty( $queried_post_types ) ) { sort( $queried_post_types ); $status_type_clauses = array(); foreach ( $queried_post_types as $queried_post_type ) { $queried_post_type_object = get_post_type_object( $queried_post_type ); $type_where = '(' . $wpdb->prepare( "{$wpdb->posts}.post_type = %s AND (", $queried_post_type ); // Public statuses. $public_statuses = get_post_stati( array( 'public' => true ) ); $status_clauses = array(); foreach ( $public_statuses as $public_status ) { $status_clauses[] = "{$wpdb->posts}.post_status = '$public_status'"; } $type_where .= implode( ' OR ', $status_clauses ); // Add protected states that should show in the admin all list. if ( $this->is_admin ) { $admin_all_statuses = get_post_stati( array( 'protected' => true, 'show_in_admin_all_list' => true, ) ); foreach ( $admin_all_statuses as $admin_all_status ) { $type_where .= " OR {$wpdb->posts}.post_status = '$admin_all_status'"; } } // Add private states that are visible to current user. if ( is_user_logged_in() && $queried_post_type_object instanceof WP_Post_Type ) { $read_private_cap = $queried_post_type_object->cap->read_private_posts; $private_statuses = get_post_stati( array( 'private' => true ) ); foreach ( $private_statuses as $private_status ) { $type_where .= current_user_can( $read_private_cap ) ? " \nOR {$wpdb->posts}.post_status = '$private_status'" : " \nOR ({$wpdb->posts}.post_author = $user_id AND {$wpdb->posts}.post_status = '$private_status')"; } } $type_where .= '))'; $status_type_clauses[] = $type_where; } if ( ! empty( $status_type_clauses ) ) { $where .= ' AND (' . implode( ' OR ', $status_type_clauses ) . ')'; } } else { $where .= ' AND 1=0 '; } } else { $where .= $post_type_where; } /* * Apply filters on where and join prior to paging so that any * manipulations to them are reflected in the paging by day queries. */ if ( ! $q['suppress_filters'] ) { /** * Filters the WHERE clause of the query. * * @since 1.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array( 'posts_where', array( $where, &$this ) ); /** * Filters the JOIN clause of the query. * * @since 1.5.0 * * @param string $join The JOIN clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array( 'posts_join', array( $join, &$this ) ); } // Paging. if ( empty( $q['nopaging'] ) && ! $this->is_singular ) { $page = absint( $q['paged'] ); if ( ! $page ) { $page = 1; } // If 'offset' is provided, it takes precedence over 'paged'. if ( isset( $q['offset'] ) && is_numeric( $q['offset'] ) ) { $q['offset'] = absint( $q['offset'] ); $pgstrt = $q['offset'] . ', '; } else { $pgstrt = absint( ( $page - 1 ) * $q['posts_per_page'] ) . ', '; } $limits = 'LIMIT ' . $pgstrt . $q['posts_per_page']; } // Comments feeds. if ( $this->is_comment_feed && ! $this->is_singular ) { if ( $this->is_archive || $this->is_search ) { $cjoin = "JOIN {$wpdb->posts} ON ( {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID ) $join "; $cwhere = "WHERE comment_approved = '1' $where"; $cgroupby = "{$wpdb->comments}.comment_id"; } else { // Other non-singular, e.g. front. $cjoin = "JOIN {$wpdb->posts} ON ( {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID )"; $cwhere = "WHERE ( post_status = 'publish' OR ( post_status = 'inherit' AND post_type = 'attachment' ) ) AND comment_approved = '1'"; $cgroupby = ''; } if ( ! $q['suppress_filters'] ) { /** * Filters the JOIN clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cjoin The JOIN clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $cjoin = apply_filters_ref_array( 'comment_feed_join', array( $cjoin, &$this ) ); /** * Filters the WHERE clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cwhere The WHERE clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $cwhere = apply_filters_ref_array( 'comment_feed_where', array( $cwhere, &$this ) ); /** * Filters the GROUP BY clause of the comments feed query before sending. * * @since 2.2.0 * * @param string $cgroupby The GROUP BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $cgroupby = apply_filters_ref_array( 'comment_feed_groupby', array( $cgroupby, &$this ) ); /** * Filters the ORDER BY clause of the comments feed query before sending. * * @since 2.8.0 * * @param string $corderby The ORDER BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $corderby = apply_filters_ref_array( 'comment_feed_orderby', array( 'comment_date_gmt DESC', &$this ) ); /** * Filters the LIMIT clause of the comments feed query before sending. * * @since 2.8.0 * * @param string $climits The JOIN clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $climits = apply_filters_ref_array( 'comment_feed_limits', array( 'LIMIT ' . get_option( 'posts_per_rss' ), &$this ) ); } $cgroupby = ( ! empty( $cgroupby ) ) ? 'GROUP BY ' . $cgroupby : ''; $corderby = ( ! empty( $corderby ) ) ? 'ORDER BY ' . $corderby : ''; $climits = ( ! empty( $climits ) ) ? $climits : ''; $comments_request = "SELECT $distinct {$wpdb->comments}.comment_ID FROM {$wpdb->comments} $cjoin $cwhere $cgroupby $corderby $climits"; $key = md5( $comments_request ); $last_changed = wp_cache_get_last_changed( 'comment' ) . ':' . wp_cache_get_last_changed( 'posts' ); $cache_key = "comment_feed:$key:$last_changed"; $comment_ids = wp_cache_get( $cache_key, 'comment-queries' ); if ( false === $comment_ids ) { $comment_ids = $wpdb->get_col( $comments_request ); wp_cache_add( $cache_key, $comment_ids, 'comment-queries' ); } _prime_comment_caches( $comment_ids ); // Convert to WP_Comment. /** @var WP_Comment[] */ $this->comments = array_map( 'get_comment', $comment_ids ); $this->comment_count = count( $this->comments ); $post_ids = array(); foreach ( $this->comments as $comment ) { $post_ids[] = (int) $comment->comment_post_ID; } $post_ids = implode( ',', $post_ids ); $join = ''; if ( $post_ids ) { $where = "AND {$wpdb->posts}.ID IN ($post_ids) "; } else { $where = 'AND 0'; } } $pieces = array( 'where', 'groupby', 'join', 'orderby', 'distinct', 'fields', 'limits' ); /* * Apply post-paging filters on where and join. Only plugins that * manipulate paging queries should use these hooks. */ if ( ! $q['suppress_filters'] ) { /** * Filters the WHERE clause of the query. * * Specifically for manipulating paging queries. * * @since 1.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array( 'posts_where_paged', array( $where, &$this ) ); /** * Filters the GROUP BY clause of the query. * * @since 2.0.0 * * @param string $groupby The GROUP BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $groupby = apply_filters_ref_array( 'posts_groupby', array( $groupby, &$this ) ); /** * Filters the JOIN clause of the query. * * Specifically for manipulating paging queries. * * @since 1.5.0 * * @param string $join The JOIN clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array( 'posts_join_paged', array( $join, &$this ) ); /** * Filters the ORDER BY clause of the query. * * @since 1.5.1 * * @param string $orderby The ORDER BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $orderby = apply_filters_ref_array( 'posts_orderby', array( $orderby, &$this ) ); /** * Filters the DISTINCT clause of the query. * * @since 2.1.0 * * @param string $distinct The DISTINCT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $distinct = apply_filters_ref_array( 'posts_distinct', array( $distinct, &$this ) ); /** * Filters the LIMIT clause of the query. * * @since 2.1.0 * * @param string $limits The LIMIT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $limits = apply_filters_ref_array( 'post_limits', array( $limits, &$this ) ); /** * Filters the SELECT clause of the query. * * @since 2.1.0 * * @param string $fields The SELECT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $fields = apply_filters_ref_array( 'posts_fields', array( $fields, &$this ) ); /** * Filters all query clauses at once, for convenience. * * Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT, * fields (SELECT), and LIMIT clauses. * * @since 3.1.0 * * @param string[] $clauses { * Associative array of the clauses for the query. * * @type string $where The WHERE clause of the query. * @type string $groupby The GROUP BY clause of the query. * @type string $join The JOIN clause of the query. * @type string $orderby The ORDER BY clause of the query. * @type string $distinct The DISTINCT clause of the query. * @type string $fields The SELECT clause of the query. * @type string $limits The LIMIT clause of the query. * } * @param WP_Query $query The WP_Query instance (passed by reference). */ $clauses = (array) apply_filters_ref_array( 'posts_clauses', array( compact( $pieces ), &$this ) ); $where = isset( $clauses['where'] ) ? $clauses['where'] : ''; $groupby = isset( $clauses['groupby'] ) ? $clauses['groupby'] : ''; $join = isset( $clauses['join'] ) ? $clauses['join'] : ''; $orderby = isset( $clauses['orderby'] ) ? $clauses['orderby'] : ''; $distinct = isset( $clauses['distinct'] ) ? $clauses['distinct'] : ''; $fields = isset( $clauses['fields'] ) ? $clauses['fields'] : ''; $limits = isset( $clauses['limits'] ) ? $clauses['limits'] : ''; } /** * Fires to announce the query's current selection parameters. * * For use by caching plugins. * * @since 2.3.0 * * @param string $selection The assembled selection query. */ do_action( 'posts_selection', $where . $groupby . $orderby . $limits . $join ); /* * Filters again for the benefit of caching plugins. * Regular plugins should use the hooks above. */ if ( ! $q['suppress_filters'] ) { /** * Filters the WHERE clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $where The WHERE clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $where = apply_filters_ref_array( 'posts_where_request', array( $where, &$this ) ); /** * Filters the GROUP BY clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $groupby The GROUP BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $groupby = apply_filters_ref_array( 'posts_groupby_request', array( $groupby, &$this ) ); /** * Filters the JOIN clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $join The JOIN clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $join = apply_filters_ref_array( 'posts_join_request', array( $join, &$this ) ); /** * Filters the ORDER BY clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $orderby The ORDER BY clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $orderby = apply_filters_ref_array( 'posts_orderby_request', array( $orderby, &$this ) ); /** * Filters the DISTINCT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $distinct The DISTINCT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $distinct = apply_filters_ref_array( 'posts_distinct_request', array( $distinct, &$this ) ); /** * Filters the SELECT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $fields The SELECT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $fields = apply_filters_ref_array( 'posts_fields_request', array( $fields, &$this ) ); /** * Filters the LIMIT clause of the query. * * For use by caching plugins. * * @since 2.5.0 * * @param string $limits The LIMIT clause of the query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $limits = apply_filters_ref_array( 'post_limits_request', array( $limits, &$this ) ); /** * Filters all query clauses at once, for convenience. * * For use by caching plugins. * * Covers the WHERE, GROUP BY, JOIN, ORDER BY, DISTINCT, * fields (SELECT), and LIMIT clauses. * * @since 3.1.0 * * @param string[] $clauses { * Associative array of the clauses for the query. * * @type string $where The WHERE clause of the query. * @type string $groupby The GROUP BY clause of the query. * @type string $join The JOIN clause of the query. * @type string $orderby The ORDER BY clause of the query. * @type string $distinct The DISTINCT clause of the query. * @type string $fields The SELECT clause of the query. * @type string $limits The LIMIT clause of the query. * } * @param WP_Query $query The WP_Query instance (passed by reference). */ $clauses = (array) apply_filters_ref_array( 'posts_clauses_request', array( compact( $pieces ), &$this ) ); $where = isset( $clauses['where'] ) ? $clauses['where'] : ''; $groupby = isset( $clauses['groupby'] ) ? $clauses['groupby'] : ''; $join = isset( $clauses['join'] ) ? $clauses['join'] : ''; $orderby = isset( $clauses['orderby'] ) ? $clauses['orderby'] : ''; $distinct = isset( $clauses['distinct'] ) ? $clauses['distinct'] : ''; $fields = isset( $clauses['fields'] ) ? $clauses['fields'] : ''; $limits = isset( $clauses['limits'] ) ? $clauses['limits'] : ''; } if ( ! empty( $groupby ) ) { $groupby = 'GROUP BY ' . $groupby; } if ( ! empty( $orderby ) ) { $orderby = 'ORDER BY ' . $orderby; } $found_rows = ''; if ( ! $q['no_found_rows'] && ! empty( $limits ) ) { $found_rows = 'SQL_CALC_FOUND_ROWS'; } /* * Beginning of the string is on a new line to prevent leading whitespace. * * The additional indentation of subsequent lines is to ensure the SQL * queries are identical to those generated when splitting queries. This * improves caching of the query by ensuring the same cache key is * generated for the same database queries functionally. * * See https://core.trac.wordpress.org/ticket/56841. * See https://github.com/WordPress/wordpress-develop/pull/6393#issuecomment-2088217429 */ $old_request = "SELECT $found_rows $distinct $fields FROM {$wpdb->posts} $join WHERE 1=1 $where $groupby $orderby $limits"; $this->request = $old_request; if ( ! $q['suppress_filters'] ) { /** * Filters the completed SQL query before sending. * * @since 2.0.0 * * @param string $request The complete SQL query. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->request = apply_filters_ref_array( 'posts_request', array( $this->request, &$this ) ); } /** * Filters the posts array before the query takes place. * * Return a non-null value to bypass WordPress' default post queries. * * Filtering functions that require pagination information are encouraged to set * the `found_posts` and `max_num_pages` properties of the WP_Query object, * passed to the filter by reference. If WP_Query does not perform a database * query, it will not have enough information to generate these values itself. * * @since 4.6.0 * * @param WP_Post[]|int[]|null $posts Return an array of post data to short-circuit WP's query, * or null to allow WP to run its normal queries. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->posts = apply_filters_ref_array( 'posts_pre_query', array( null, &$this ) ); /* * Ensure the ID database query is able to be cached. * * Random queries are expected to have unpredictable results and * cannot be cached. Note the space before `RAND` in the string * search, that to ensure against a collision with another * function. * * If `$fields` has been modified by the `posts_fields`, * `posts_fields_request`, `post_clauses` or `posts_clauses_request` * filters, then caching is disabled to prevent caching collisions. */ $id_query_is_cacheable = ! str_contains( strtoupper( $orderby ), ' RAND(' ); $cacheable_field_values = array( "{$wpdb->posts}.*", "{$wpdb->posts}.ID, {$wpdb->posts}.post_parent", "{$wpdb->posts}.ID", ); if ( ! in_array( $fields, $cacheable_field_values, true ) ) { $id_query_is_cacheable = false; } if ( $q['cache_results'] && $id_query_is_cacheable ) { $new_request = str_replace( $fields, "{$wpdb->posts}.*", $this->request ); $cache_key = $this->generate_cache_key( $q, $new_request ); $cache_found = false; if ( null === $this->posts ) { $cached_results = wp_cache_get( $cache_key, 'post-queries', false, $cache_found ); if ( $cached_results ) { /** @var int[] */ $post_ids = array_map( 'intval', $cached_results['posts'] ); $this->post_count = count( $post_ids ); $this->found_posts = $cached_results['found_posts']; $this->max_num_pages = $cached_results['max_num_pages']; if ( 'ids' === $q['fields'] ) { $this->posts = $post_ids; return $this->posts; } elseif ( 'id=>parent' === $q['fields'] ) { _prime_post_parent_id_caches( $post_ids ); $post_parent_cache_keys = array(); foreach ( $post_ids as $post_id ) { $post_parent_cache_keys[] = 'post_parent:' . (string) $post_id; } /** @var int[] */ $post_parents = wp_cache_get_multiple( $post_parent_cache_keys, 'posts' ); foreach ( $post_parents as $cache_key => $post_parent ) { $obj = new stdClass(); $obj->ID = (int) str_replace( 'post_parent:', '', $cache_key ); $obj->post_parent = (int) $post_parent; $this->posts[] = $obj; } return $post_parents; } else { _prime_post_caches( $post_ids, $q['update_post_term_cache'], $q['update_post_meta_cache'] ); /** @var WP_Post[] */ $this->posts = array_map( 'get_post', $post_ids ); } } } } if ( 'ids' === $q['fields'] ) { if ( null === $this->posts ) { $this->posts = $wpdb->get_col( $this->request ); } /** @var int[] */ $this->posts = array_map( 'intval', $this->posts ); $this->post_count = count( $this->posts ); $this->set_found_posts( $q, $limits ); if ( $q['cache_results'] && $id_query_is_cacheable ) { $cache_value = array( 'posts' => $this->posts, 'found_posts' => $this->found_posts, 'max_num_pages' => $this->max_num_pages, ); wp_cache_set( $cache_key, $cache_value, 'post-queries' ); } return $this->posts; } if ( 'id=>parent' === $q['fields'] ) { if ( null === $this->posts ) { $this->posts = $wpdb->get_results( $this->request ); } $this->post_count = count( $this->posts ); $this->set_found_posts( $q, $limits ); /** @var int[] */ $post_parents = array(); $post_ids = array(); $post_parents_cache = array(); foreach ( $this->posts as $key => $post ) { $this->posts[ $key ]->ID = (int) $post->ID; $this->posts[ $key ]->post_parent = (int) $post->post_parent; $post_parents[ (int) $post->ID ] = (int) $post->post_parent; $post_ids[] = (int) $post->ID; $post_parents_cache[ 'post_parent:' . (string) $post->ID ] = (int) $post->post_parent; } // Prime post parent caches, so that on second run, there is not another database query. wp_cache_add_multiple( $post_parents_cache, 'posts' ); if ( $q['cache_results'] && $id_query_is_cacheable ) { $cache_value = array( 'posts' => $post_ids, 'found_posts' => $this->found_posts, 'max_num_pages' => $this->max_num_pages, ); wp_cache_set( $cache_key, $cache_value, 'post-queries' ); } return $post_parents; } $is_unfiltered_query = $old_request == $this->request && "{$wpdb->posts}.*" === $fields; if ( null === $this->posts ) { $split_the_query = ( $is_unfiltered_query && ( wp_using_ext_object_cache() || ( ! empty( $limits ) && $q['posts_per_page'] < 500 ) ) ); /** * Filters whether to split the query. * * Splitting the query will cause it to fetch just the IDs of the found posts * (and then individually fetch each post by ID), rather than fetching every * complete row at once. One massive result vs. many small results. * * @since 3.4.0 * @since 6.6.0 Added the `$old_request` and `$clauses` parameters. * * @param bool $split_the_query Whether or not to split the query. * @param WP_Query $query The WP_Query instance. * @param string $old_request The complete SQL query before filtering. * @param string[] $clauses { * Associative array of the clauses for the query. * * @type string $where The WHERE clause of the query. * @type string $groupby The GROUP BY clause of the query. * @type string $join The JOIN clause of the query. * @type string $orderby The ORDER BY clause of the query. * @type string $distinct The DISTINCT clause of the query. * @type string $fields The SELECT clause of the query. * @type string $limits The LIMIT clause of the query. * } */ $split_the_query = apply_filters( 'split_the_query', $split_the_query, $this, $old_request, compact( $pieces ) ); if ( $split_the_query ) { // First get the IDs and then fill in the objects. // Beginning of the string is on a new line to prevent leading whitespace. See https://core.trac.wordpress.org/ticket/56841. $this->request = "SELECT $found_rows $distinct {$wpdb->posts}.ID FROM {$wpdb->posts} $join WHERE 1=1 $where $groupby $orderby $limits"; /** * Filters the Post IDs SQL request before sending. * * @since 3.4.0 * * @param string $request The post ID request. * @param WP_Query $query The WP_Query instance. */ $this->request = apply_filters( 'posts_request_ids', $this->request, $this ); $post_ids = $wpdb->get_col( $this->request ); if ( $post_ids ) { $this->posts = $post_ids; $this->set_found_posts( $q, $limits ); _prime_post_caches( $post_ids, $q['update_post_term_cache'], $q['update_post_meta_cache'] ); } else { $this->posts = array(); } } else { $this->posts = $wpdb->get_results( $this->request ); $this->set_found_posts( $q, $limits ); } } // Convert to WP_Post objects. if ( $this->posts ) { /** @var WP_Post[] */ $this->posts = array_map( 'get_post', $this->posts ); } $unfiltered_posts = $this->posts; if ( $q['cache_results'] && $id_query_is_cacheable && ! $cache_found ) { $post_ids = wp_list_pluck( $this->posts, 'ID' ); $cache_value = array( 'posts' => $post_ids, 'found_posts' => $this->found_posts, 'max_num_pages' => $this->max_num_pages, ); wp_cache_set( $cache_key, $cache_value, 'post-queries' ); } if ( ! $q['suppress_filters'] ) { /** * Filters the raw post results array, prior to status checks. * * @since 2.3.0 * * @param WP_Post[] $posts Array of post objects. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->posts = apply_filters_ref_array( 'posts_results', array( $this->posts, &$this ) ); } if ( ! empty( $this->posts ) && $this->is_comment_feed && $this->is_singular ) { /** This filter is documented in wp-includes/query.php */ $cjoin = apply_filters_ref_array( 'comment_feed_join', array( '', &$this ) ); /** This filter is documented in wp-includes/query.php */ $cwhere = apply_filters_ref_array( 'comment_feed_where', array( "WHERE comment_post_ID = '{$this->posts[0]->ID}' AND comment_approved = '1'", &$this ) ); /** This filter is documented in wp-includes/query.php */ $cgroupby = apply_filters_ref_array( 'comment_feed_groupby', array( '', &$this ) ); $cgroupby = ( ! empty( $cgroupby ) ) ? 'GROUP BY ' . $cgroupby : ''; /** This filter is documented in wp-includes/query.php */ $corderby = apply_filters_ref_array( 'comment_feed_orderby', array( 'comment_date_gmt DESC', &$this ) ); $corderby = ( ! empty( $corderby ) ) ? 'ORDER BY ' . $corderby : ''; /** This filter is documented in wp-includes/query.php */ $climits = apply_filters_ref_array( 'comment_feed_limits', array( 'LIMIT ' . get_option( 'posts_per_rss' ), &$this ) ); $comments_request = "SELECT {$wpdb->comments}.comment_ID FROM {$wpdb->comments} $cjoin $cwhere $cgroupby $corderby $climits"; $comment_key = md5( $comments_request ); $comment_last_changed = wp_cache_get_last_changed( 'comment' ); $comment_cache_key = "comment_feed:$comment_key:$comment_last_changed"; $comment_ids = wp_cache_get( $comment_cache_key, 'comment-queries' ); if ( false === $comment_ids ) { $comment_ids = $wpdb->get_col( $comments_request ); wp_cache_add( $comment_cache_key, $comment_ids, 'comment-queries' ); } _prime_comment_caches( $comment_ids ); // Convert to WP_Comment. /** @var WP_Comment[] */ $this->comments = array_map( 'get_comment', $comment_ids ); $this->comment_count = count( $this->comments ); } // Check post status to determine if post should be displayed. if ( ! empty( $this->posts ) && ( $this->is_single || $this->is_page ) ) { $status = get_post_status( $this->posts[0] ); if ( 'attachment' === $this->posts[0]->post_type && 0 === (int) $this->posts[0]->post_parent ) { $this->is_page = false; $this->is_single = true; $this->is_attachment = true; } // If the post_status was specifically requested, let it pass through. if ( ! in_array( $status, $q_status, true ) ) { $post_status_obj = get_post_status_object( $status ); if ( $post_status_obj && ! $post_status_obj->public ) { if ( ! is_user_logged_in() ) { // User must be logged in to view unpublished posts. $this->posts = array(); } else { if ( $post_status_obj->protected ) { // User must have edit permissions on the draft to preview. if ( ! current_user_can( $edit_cap, $this->posts[0]->ID ) ) { $this->posts = array(); } else { $this->is_preview = true; if ( 'future' !== $status ) { $this->posts[0]->post_date = current_time( 'mysql' ); } } } elseif ( $post_status_obj->private ) { if ( ! current_user_can( $read_cap, $this->posts[0]->ID ) ) { $this->posts = array(); } } else { $this->posts = array(); } } } elseif ( ! $post_status_obj ) { // Post status is not registered, assume it's not public. if ( ! current_user_can( $edit_cap, $this->posts[0]->ID ) ) { $this->posts = array(); } } } if ( $this->is_preview && $this->posts && current_user_can( $edit_cap, $this->posts[0]->ID ) ) { /** * Filters the single post for preview mode. * * @since 2.7.0 * * @param WP_Post $post_preview The Post object. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->posts[0] = get_post( apply_filters_ref_array( 'the_preview', array( $this->posts[0], &$this ) ) ); } } // Put sticky posts at the top of the posts array. $sticky_posts = get_option( 'sticky_posts' ); if ( $this->is_home && $page <= 1 && is_array( $sticky_posts ) && ! empty( $sticky_posts ) && ! $q['ignore_sticky_posts'] ) { $num_posts = count( $this->posts ); $sticky_offset = 0; // Loop over posts and relocate stickies to the front. for ( $i = 0; $i < $num_posts; $i++ ) { if ( in_array( $this->posts[ $i ]->ID, $sticky_posts, true ) ) { $sticky_post = $this->posts[ $i ]; // Remove sticky from current position. array_splice( $this->posts, $i, 1 ); // Move to front, after other stickies. array_splice( $this->posts, $sticky_offset, 0, array( $sticky_post ) ); // Increment the sticky offset. The next sticky will be placed at this offset. ++$sticky_offset; // Remove post from sticky posts array. $offset = array_search( $sticky_post->ID, $sticky_posts, true ); unset( $sticky_posts[ $offset ] ); } } // If any posts have been excluded specifically, Ignore those that are sticky. if ( ! empty( $sticky_posts ) && ! empty( $q['post__not_in'] ) ) { $sticky_posts = array_diff( $sticky_posts, $q['post__not_in'] ); } // Fetch sticky posts that weren't in the query results. if ( ! empty( $sticky_posts ) ) { $stickies = get_posts( array( 'post__in' => $sticky_posts, 'post_type' => $post_type, 'post_status' => 'publish', 'posts_per_page' => count( $sticky_posts ), 'suppress_filters' => $q['suppress_filters'], 'cache_results' => $q['cache_results'], 'update_post_meta_cache' => $q['update_post_meta_cache'], 'update_post_term_cache' => $q['update_post_term_cache'], 'lazy_load_term_meta' => $q['lazy_load_term_meta'], ) ); foreach ( $stickies as $sticky_post ) { array_splice( $this->posts, $sticky_offset, 0, array( $sticky_post ) ); ++$sticky_offset; } } } if ( ! $q['suppress_filters'] ) { /** * Filters the array of retrieved posts after they've been fetched and * internally processed. * * @since 1.5.0 * * @param WP_Post[] $posts Array of post objects. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->posts = apply_filters_ref_array( 'the_posts', array( $this->posts, &$this ) ); } /* * Ensure that any posts added/modified via one of the filters above are * of the type WP_Post and are filtered. */ if ( $this->posts ) { $this->post_count = count( $this->posts ); /** @var WP_Post[] */ $this->posts = array_map( 'get_post', $this->posts ); if ( $q['cache_results'] ) { if ( $is_unfiltered_query && $unfiltered_posts === $this->posts ) { update_post_caches( $this->posts, $post_type, $q['update_post_term_cache'], $q['update_post_meta_cache'] ); } else { $post_ids = wp_list_pluck( $this->posts, 'ID' ); _prime_post_caches( $post_ids, $q['update_post_term_cache'], $q['update_post_meta_cache'] ); } } /** @var WP_Post */ $this->post = reset( $this->posts ); } else { $this->post_count = 0; $this->posts = array(); } if ( ! empty( $this->posts ) && $q['update_menu_item_cache'] ) { update_menu_item_cache( $this->posts ); } if ( $q['lazy_load_term_meta'] ) { wp_queue_posts_for_term_meta_lazyload( $this->posts ); } return $this->posts; } /** * Sets up the amount of found posts and the number of pages (if limit clause was used) * for the current query. * * @since 3.5.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $q Query variables. * @param string $limits LIMIT clauses of the query. */ private function set_found_posts( $q, $limits ) { global $wpdb; /* * Bail if posts is an empty array. Continue if posts is an empty string, * null, or false to accommodate caching plugins that fill posts later. */ if ( $q['no_found_rows'] || ( is_array( $this->posts ) && ! $this->posts ) ) { return; } if ( ! empty( $limits ) ) { /** * Filters the query to run for retrieving the found posts. * * @since 2.1.0 * * @param string $found_posts_query The query to run to find the found posts. * @param WP_Query $query The WP_Query instance (passed by reference). */ $found_posts_query = apply_filters_ref_array( 'found_posts_query', array( 'SELECT FOUND_ROWS()', &$this ) ); $this->found_posts = (int) $wpdb->get_var( $found_posts_query ); } else { if ( is_array( $this->posts ) ) { $this->found_posts = count( $this->posts ); } else { if ( null === $this->posts ) { $this->found_posts = 0; } else { $this->found_posts = 1; } } } /** * Filters the number of found posts for the query. * * @since 2.1.0 * * @param int $found_posts The number of posts found. * @param WP_Query $query The WP_Query instance (passed by reference). */ $this->found_posts = (int) apply_filters_ref_array( 'found_posts', array( $this->found_posts, &$this ) ); if ( ! empty( $limits ) ) { $this->max_num_pages = (int) ceil( $this->found_posts / $q['posts_per_page'] ); } } /** * Sets up the next post and iterate current post index. * * @since 1.5.0 * * @return WP_Post Next post. */ public function next_post() { ++$this->current_post; /** @var WP_Post */ $this->post = $this->posts[ $this->current_post ]; return $this->post; } /** * Sets up the current post. * * Retrieves the next post, sets up the post, sets the 'in the loop' * property to true. * * @since 1.5.0 * * @global WP_Post $post Global post object. */ public function the_post() { global $post; if ( ! $this->in_the_loop ) { // Only prime the post cache for queries limited to the ID field. $post_ids = array_filter( $this->posts, 'is_numeric' ); // Exclude any falsey values, such as 0. $post_ids = array_filter( $post_ids ); if ( $post_ids ) { _prime_post_caches( $post_ids, $this->query_vars['update_post_term_cache'], $this->query_vars['update_post_meta_cache'] ); } $post_objects = array_map( 'get_post', $this->posts ); update_post_author_caches( $post_objects ); } $this->in_the_loop = true; $this->before_loop = false; if ( -1 == $this->current_post ) { // Loop has just started. /** * Fires once the loop is started. * * @since 2.0.0 * * @param WP_Query $query The WP_Query instance (passed by reference). */ do_action_ref_array( 'loop_start', array( &$this ) ); } $post = $this->next_post(); $this->setup_postdata( $post ); } /** * Determines whether there are more posts available in the loop. * * Calls the {@see 'loop_end'} action when the loop is complete. * * @since 1.5.0 * * @return bool True if posts are available, false if end of the loop. */ public function have_posts() { if ( $this->current_post + 1 < $this->post_count ) { return true; } elseif ( $this->current_post + 1 == $this->post_count && $this->post_count > 0 ) { /** * Fires once the loop has ended. * * @since 2.0.0 * * @param WP_Query $query The WP_Query instance (passed by reference). */ do_action_ref_array( 'loop_end', array( &$this ) ); // Do some cleaning up after the loop. $this->rewind_posts(); } elseif ( 0 === $this->post_count ) { $this->before_loop = false; /** * Fires if no results are found in a post query. * * @since 4.9.0 * * @param WP_Query $query The WP_Query instance. */ do_action( 'loop_no_results', $this ); } $this->in_the_loop = false; return false; } /** * Rewinds the posts and resets post index. * * @since 1.5.0 */ public function rewind_posts() { $this->current_post = -1; if ( $this->post_count > 0 ) { $this->post = $this->posts[0]; } } /** * Iterates current comment index and returns WP_Comment object. * * @since 2.2.0 * * @return WP_Comment Comment object. */ public function next_comment() { ++$this->current_comment; /** @var WP_Comment */ $this->comment = $this->comments[ $this->current_comment ]; return $this->comment; } /** * Sets up the current comment. * * @since 2.2.0 * * @global WP_Comment $comment Global comment object. */ public function the_comment() { global $comment; $comment = $this->next_comment(); if ( 0 == $this->current_comment ) { /** * Fires once the comment loop is started. * * @since 2.2.0 */ do_action( 'comment_loop_start' ); } } /** * Determines whether there are more comments available. * * Automatically rewinds comments when finished. * * @since 2.2.0 * * @return bool True if comments are available, false if no more comments. */ public function have_comments() { if ( $this->current_comment + 1 < $this->comment_count ) { return true; } elseif ( $this->current_comment + 1 == $this->comment_count ) { $this->rewind_comments(); } return false; } /** * Rewinds the comments, resets the comment index and comment to first. * * @since 2.2.0 */ public function rewind_comments() { $this->current_comment = -1; if ( $this->comment_count > 0 ) { $this->comment = $this->comments[0]; } } /** * Sets up the WordPress query by parsing query string. * * @since 1.5.0 * * @see WP_Query::parse_query() for all available arguments. * * @param string|array $query URL query string or array of query arguments. * @return WP_Post[]|int[] Array of post objects or post IDs. */ public function query( $query ) { $this->init(); $this->query = wp_parse_args( $query ); $this->query_vars = $this->query; return $this->get_posts(); } /** * Retrieves the currently queried object. * * If queried object is not set, then the queried object will be set from * the category, tag, taxonomy, posts page, single post, page, or author * query variable. After it is set up, it will be returned. * * @since 1.5.0 * * @return WP_Term|WP_Post_Type|WP_Post|WP_User|null The queried object. */ public function get_queried_object() { if ( isset( $this->queried_object ) ) { return $this->queried_object; } $this->queried_object = null; $this->queried_object_id = null; if ( $this->is_category || $this->is_tag || $this->is_tax ) { if ( $this->is_category ) { $cat = $this->get( 'cat' ); $category_name = $this->get( 'category_name' ); if ( $cat ) { $term = get_term( $cat, 'category' ); } elseif ( $category_name ) { $term = get_term_by( 'slug', $category_name, 'category' ); } } elseif ( $this->is_tag ) { $tag_id = $this->get( 'tag_id' ); $tag = $this->get( 'tag' ); if ( $tag_id ) { $term = get_term( $tag_id, 'post_tag' ); } elseif ( $tag ) { $term = get_term_by( 'slug', $tag, 'post_tag' ); } } else { // For other tax queries, grab the first term from the first clause. if ( ! empty( $this->tax_query->queried_terms ) ) { $queried_taxonomies = array_keys( $this->tax_query->queried_terms ); $matched_taxonomy = reset( $queried_taxonomies ); $query = $this->tax_query->queried_terms[ $matched_taxonomy ]; if ( ! empty( $query['terms'] ) ) { if ( 'term_id' === $query['field'] ) { $term = get_term( reset( $query['terms'] ), $matched_taxonomy ); } else { $term = get_term_by( $query['field'], reset( $query['terms'] ), $matched_taxonomy ); } } } } if ( ! empty( $term ) && ! is_wp_error( $term ) ) { $this->queried_object = $term; $this->queried_object_id = (int) $term->term_id; if ( $this->is_category && 'category' === $this->queried_object->taxonomy ) { _make_cat_compat( $this->queried_object ); } } } elseif ( $this->is_post_type_archive ) { $post_type = $this->get( 'post_type' ); if ( is_array( $post_type ) ) { $post_type = reset( $post_type ); } $this->queried_object = get_post_type_object( $post_type ); } elseif ( $this->is_posts_page ) { $page_for_posts = get_option( 'page_for_posts' ); $this->queried_object = get_post( $page_for_posts ); $this->queried_object_id = (int) $this->queried_object->ID; } elseif ( $this->is_singular && ! empty( $this->post ) ) { $this->queried_object = $this->post; $this->queried_object_id = (int) $this->post->ID; } elseif ( $this->is_author ) { $author = (int) $this->get( 'author' ); $author_name = $this->get( 'author_name' ); if ( $author ) { $this->queried_object_id = $author; } elseif ( $author_name ) { $user = get_user_by( 'slug', $author_name ); if ( $user ) { $this->queried_object_id = $user->ID; } } $this->queried_object = get_userdata( $this->queried_object_id ); } return $this->queried_object; } /** * Retrieves the ID of the currently queried object. * * @since 1.5.0 * * @return int */ public function get_queried_object_id() { $this->get_queried_object(); if ( isset( $this->queried_object_id ) ) { return $this->queried_object_id; } return 0; } /** * Constructor. * * Sets up the WordPress query, if parameter is not empty. * * @since 1.5.0 * * @see WP_Query::parse_query() for all available arguments. * * @param string|array $query URL query string or array of vars. */ public function __construct( $query = '' ) { if ( ! empty( $query ) ) { $this->query( $query ); } } /** * Makes private properties readable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to get. * @return mixed Property. */ public function __get( $name ) { if ( in_array( $name, $this->compat_fields, true ) ) { return $this->$name; } } /** * Makes private properties checkable for backward compatibility. * * @since 4.0.0 * * @param string $name Property to check if set. * @return bool Whether the property is set. */ public function __isset( $name ) { if ( in_array( $name, $this->compat_fields, true ) ) { return isset( $this->$name ); } } /** * Makes private/protected methods readable for backward compatibility. * * @since 4.0.0 * * @param string $name Method to call. * @param array $arguments Arguments to pass when calling. * @return mixed|false Return value of the callback, false otherwise. */ public function __call( $name, $arguments ) { if ( in_array( $name, $this->compat_methods, true ) ) { return $this->$name( ...$arguments ); } return false; } /** * Determines whether the query is for an existing archive page. * * Archive pages include category, tag, author, date, custom post type, * and custom taxonomy based archives. * * @since 3.1.0 * * @see WP_Query::is_category() * @see WP_Query::is_tag() * @see WP_Query::is_author() * @see WP_Query::is_date() * @see WP_Query::is_post_type_archive() * @see WP_Query::is_tax() * * @return bool Whether the query is for an existing archive page. */ public function is_archive() { return (bool) $this->is_archive; } /** * Determines whether the query is for an existing post type archive page. * * @since 3.1.0 * * @param string|string[] $post_types Optional. Post type or array of posts types * to check against. Default empty. * @return bool Whether the query is for an existing post type archive page. */ public function is_post_type_archive( $post_types = '' ) { if ( empty( $post_types ) || ! $this->is_post_type_archive ) { return (bool) $this->is_post_type_archive; } $post_type = $this->get( 'post_type' ); if ( is_array( $post_type ) ) { $post_type = reset( $post_type ); } $post_type_object = get_post_type_object( $post_type ); if ( ! $post_type_object ) { return false; } return in_array( $post_type_object->name, (array) $post_types, true ); } /** * Determines whether the query is for an existing attachment page. * * @since 3.1.0 * * @param int|string|int[]|string[] $attachment Optional. Attachment ID, title, slug, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing attachment page. */ public function is_attachment( $attachment = '' ) { if ( ! $this->is_attachment ) { return false; } if ( empty( $attachment ) ) { return true; } $attachment = array_map( 'strval', (array) $attachment ); $post_obj = $this->get_queried_object(); if ( ! $post_obj ) { return false; } if ( in_array( (string) $post_obj->ID, $attachment, true ) ) { return true; } elseif ( in_array( $post_obj->post_title, $attachment, true ) ) { return true; } elseif ( in_array( $post_obj->post_name, $attachment, true ) ) { return true; } return false; } /** * Determines whether the query is for an existing author archive page. * * If the $author parameter is specified, this function will additionally * check if the query is for one of the authors specified. * * @since 3.1.0 * * @param int|string|int[]|string[] $author Optional. User ID, nickname, nicename, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing author archive page. */ public function is_author( $author = '' ) { if ( ! $this->is_author ) { return false; } if ( empty( $author ) ) { return true; } $author_obj = $this->get_queried_object(); if ( ! $author_obj ) { return false; } $author = array_map( 'strval', (array) $author ); if ( in_array( (string) $author_obj->ID, $author, true ) ) { return true; } elseif ( in_array( $author_obj->nickname, $author, true ) ) { return true; } elseif ( in_array( $author_obj->user_nicename, $author, true ) ) { return true; } return false; } /** * Determines whether the query is for an existing category archive page. * * If the $category parameter is specified, this function will additionally * check if the query is for one of the categories specified. * * @since 3.1.0 * * @param int|string|int[]|string[] $category Optional. Category ID, name, slug, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing category archive page. */ public function is_category( $category = '' ) { if ( ! $this->is_category ) { return false; } if ( empty( $category ) ) { return true; } $cat_obj = $this->get_queried_object(); if ( ! $cat_obj ) { return false; } $category = array_map( 'strval', (array) $category ); if ( in_array( (string) $cat_obj->term_id, $category, true ) ) { return true; } elseif ( in_array( $cat_obj->name, $category, true ) ) { return true; } elseif ( in_array( $cat_obj->slug, $category, true ) ) { return true; } return false; } /** * Determines whether the query is for an existing tag archive page. * * If the $tag parameter is specified, this function will additionally * check if the query is for one of the tags specified. * * @since 3.1.0 * * @param int|string|int[]|string[] $tag Optional. Tag ID, name, slug, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing tag archive page. */ public function is_tag( $tag = '' ) { if ( ! $this->is_tag ) { return false; } if ( empty( $tag ) ) { return true; } $tag_obj = $this->get_queried_object(); if ( ! $tag_obj ) { return false; } $tag = array_map( 'strval', (array) $tag ); if ( in_array( (string) $tag_obj->term_id, $tag, true ) ) { return true; } elseif ( in_array( $tag_obj->name, $tag, true ) ) { return true; } elseif ( in_array( $tag_obj->slug, $tag, true ) ) { return true; } return false; } /** * Determines whether the query is for an existing custom taxonomy archive page. * * If the $taxonomy parameter is specified, this function will additionally * check if the query is for that specific $taxonomy. * * If the $term parameter is specified in addition to the $taxonomy parameter, * this function will additionally check if the query is for one of the terms * specified. * * @since 3.1.0 * * @global WP_Taxonomy[] $wp_taxonomies Registered taxonomies. * * @param string|string[] $taxonomy Optional. Taxonomy slug or slugs to check against. * Default empty. * @param int|string|int[]|string[] $term Optional. Term ID, name, slug, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing custom taxonomy archive page. * True for custom taxonomy archive pages, false for built-in taxonomies * (category and tag archives). */ public function is_tax( $taxonomy = '', $term = '' ) { global $wp_taxonomies; if ( ! $this->is_tax ) { return false; } if ( empty( $taxonomy ) ) { return true; } $queried_object = $this->get_queried_object(); $tax_array = array_intersect( array_keys( $wp_taxonomies ), (array) $taxonomy ); $term_array = (array) $term; // Check that the taxonomy matches. if ( ! ( isset( $queried_object->taxonomy ) && count( $tax_array ) && in_array( $queried_object->taxonomy, $tax_array, true ) ) ) { return false; } // Only a taxonomy provided. if ( empty( $term ) ) { return true; } return isset( $queried_object->term_id ) && count( array_intersect( array( $queried_object->term_id, $queried_object->name, $queried_object->slug ), $term_array ) ); } /** * Determines whether the current URL is within the comments popup window. * * @since 3.1.0 * @deprecated 4.5.0 * * @return false Always returns false. */ public function is_comments_popup() { _deprecated_function( __FUNCTION__, '4.5.0' ); return false; } /** * Determines whether the query is for an existing date archive. * * @since 3.1.0 * * @return bool Whether the query is for an existing date archive. */ public function is_date() { return (bool) $this->is_date; } /** * Determines whether the query is for an existing day archive. * * @since 3.1.0 * * @return bool Whether the query is for an existing day archive. */ public function is_day() { return (bool) $this->is_day; } /** * Determines whether the query is for a feed. * * @since 3.1.0 * * @param string|string[] $feeds Optional. Feed type or array of feed types * to check against. Default empty. * @return bool Whether the query is for a feed. */ public function is_feed( $feeds = '' ) { if ( empty( $feeds ) || ! $this->is_feed ) { return (bool) $this->is_feed; } $qv = $this->get( 'feed' ); if ( 'feed' === $qv ) { $qv = get_default_feed(); } return in_array( $qv, (array) $feeds, true ); } /** * Determines whether the query is for a comments feed. * * @since 3.1.0 * * @return bool Whether the query is for a comments feed. */ public function is_comment_feed() { return (bool) $this->is_comment_feed; } /** * Determines whether the query is for the front page of the site. * * This is for what is displayed at your site's main URL. * * Depends on the site's "Front page displays" Reading Settings 'show_on_front' and 'page_on_front'. * * If you set a static page for the front page of your site, this function will return * true when viewing that page. * * Otherwise the same as {@see WP_Query::is_home()}. * * @since 3.1.0 * * @return bool Whether the query is for the front page of the site. */ public function is_front_page() { // Most likely case. if ( 'posts' === get_option( 'show_on_front' ) && $this->is_home() ) { return true; } elseif ( 'page' === get_option( 'show_on_front' ) && get_option( 'page_on_front' ) && $this->is_page( get_option( 'page_on_front' ) ) ) { return true; } else { return false; } } /** * Determines whether the query is for the blog homepage. * * This is the page which shows the time based blog content of your site. * * Depends on the site's "Front page displays" Reading Settings 'show_on_front' and 'page_for_posts'. * * If you set a static page for the front page of your site, this function will return * true only on the page you set as the "Posts page". * * @since 3.1.0 * * @see WP_Query::is_front_page() * * @return bool Whether the query is for the blog homepage. */ public function is_home() { return (bool) $this->is_home; } /** * Determines whether the query is for the Privacy Policy page. * * This is the page which shows the Privacy Policy content of your site. * * Depends on the site's "Change your Privacy Policy page" Privacy Settings 'wp_page_for_privacy_policy'. * * This function will return true only on the page you set as the "Privacy Policy page". * * @since 5.2.0 * * @return bool Whether the query is for the Privacy Policy page. */ public function is_privacy_policy() { if ( get_option( 'wp_page_for_privacy_policy' ) && $this->is_page( get_option( 'wp_page_for_privacy_policy' ) ) ) { return true; } else { return false; } } /** * Determines whether the query is for an existing month archive. * * @since 3.1.0 * * @return bool Whether the query is for an existing month archive. */ public function is_month() { return (bool) $this->is_month; } /** * Determines whether the query is for an existing single page. * * If the $page parameter is specified, this function will additionally * check if the query is for one of the pages specified. * * @since 3.1.0 * * @see WP_Query::is_single() * @see WP_Query::is_singular() * * @param int|string|int[]|string[] $page Optional. Page ID, title, slug, path, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing single page. */ public function is_page( $page = '' ) { if ( ! $this->is_page ) { return false; } if ( empty( $page ) ) { return true; } $page_obj = $this->get_queried_object(); if ( ! $page_obj ) { return false; } $page = array_map( 'strval', (array) $page ); if ( in_array( (string) $page_obj->ID, $page, true ) ) { return true; } elseif ( in_array( $page_obj->post_title, $page, true ) ) { return true; } elseif ( in_array( $page_obj->post_name, $page, true ) ) { return true; } else { foreach ( $page as $pagepath ) { if ( ! strpos( $pagepath, '/' ) ) { continue; } $pagepath_obj = get_page_by_path( $pagepath ); if ( $pagepath_obj && ( $pagepath_obj->ID == $page_obj->ID ) ) { return true; } } } return false; } /** * Determines whether the query is for a paged result and not for the first page. * * @since 3.1.0 * * @return bool Whether the query is for a paged result. */ public function is_paged() { return (bool) $this->is_paged; } /** * Determines whether the query is for a post or page preview. * * @since 3.1.0 * * @return bool Whether the query is for a post or page preview. */ public function is_preview() { return (bool) $this->is_preview; } /** * Determines whether the query is for the robots.txt file. * * @since 3.1.0 * * @return bool Whether the query is for the robots.txt file. */ public function is_robots() { return (bool) $this->is_robots; } /** * Determines whether the query is for the favicon.ico file. * * @since 5.4.0 * * @return bool Whether the query is for the favicon.ico file. */ public function is_favicon() { return (bool) $this->is_favicon; } /** * Determines whether the query is for a search. * * @since 3.1.0 * * @return bool Whether the query is for a search. */ public function is_search() { return (bool) $this->is_search; } /** * Determines whether the query is for an existing single post. * * Works for any post type excluding pages. * * If the $post parameter is specified, this function will additionally * check if the query is for one of the Posts specified. * * @since 3.1.0 * * @see WP_Query::is_page() * @see WP_Query::is_singular() * * @param int|string|int[]|string[] $post Optional. Post ID, title, slug, path, or array of such * to check against. Default empty. * @return bool Whether the query is for an existing single post. */ public function is_single( $post = '' ) { if ( ! $this->is_single ) { return false; } if ( empty( $post ) ) { return true; } $post_obj = $this->get_queried_object(); if ( ! $post_obj ) { return false; } $post = array_map( 'strval', (array) $post ); if ( in_array( (string) $post_obj->ID, $post, true ) ) { return true; } elseif ( in_array( $post_obj->post_title, $post, true ) ) { return true; } elseif ( in_array( $post_obj->post_name, $post, true ) ) { return true; } else { foreach ( $post as $postpath ) { if ( ! strpos( $postpath, '/' ) ) { continue; } $postpath_obj = get_page_by_path( $postpath, OBJECT, $post_obj->post_type ); if ( $postpath_obj && ( $postpath_obj->ID == $post_obj->ID ) ) { return true; } } } return false; } /** * Determines whether the query is for an existing single post of any post type * (post, attachment, page, custom post types). * * If the $post_types parameter is specified, this function will additionally * check if the query is for one of the Posts Types specified. * * @since 3.1.0 * * @see WP_Query::is_page() * @see WP_Query::is_single() * * @param string|string[] $post_types Optional. Post type or array of post types * to check against. Default empty. * @return bool Whether the query is for an existing single post * or any of the given post types. */ public function is_singular( $post_types = '' ) { if ( empty( $post_types ) || ! $this->is_singular ) { return (bool) $this->is_singular; } $post_obj = $this->get_queried_object(); if ( ! $post_obj ) { return false; } return in_array( $post_obj->post_type, (array) $post_types, true ); } /** * Determines whether the query is for a specific time. * * @since 3.1.0 * * @return bool Whether the query is for a specific time. */ public function is_time() { return (bool) $this->is_time; } /** * Determines whether the query is for a trackback endpoint call. * * @since 3.1.0 * * @return bool Whether the query is for a trackback endpoint call. */ public function is_trackback() { return (bool) $this->is_trackback; } /** * Determines whether the query is for an existing year archive. * * @since 3.1.0 * * @return bool Whether the query is for an existing year archive. */ public function is_year() { return (bool) $this->is_year; } /** * Determines whether the query is a 404 (returns no results). * * @since 3.1.0 * * @return bool Whether the query is a 404 error. */ public function is_404() { return (bool) $this->is_404; } /** * Determines whether the query is for an embedded post. * * @since 4.4.0 * * @return bool Whether the query is for an embedded post. */ public function is_embed() { return (bool) $this->is_embed; } /** * Determines whether the query is the main query. * * @since 3.3.0 * * @global WP_Query $wp_the_query WordPress Query object. * * @return bool Whether the query is the main query. */ public function is_main_query() { global $wp_the_query; return $wp_the_query === $this; } /** * Sets up global post data. * * @since 4.1.0 * @since 4.4.0 Added the ability to pass a post ID to `$post`. * * @global int $id * @global WP_User $authordata * @global string $currentday * @global string $currentmonth * @global int $page * @global array $pages * @global int $multipage * @global int $more * @global int $numpages * * @param WP_Post|object|int $post WP_Post instance or Post ID/object. * @return true True when finished. */ public function setup_postdata( $post ) { global $id, $authordata, $currentday, $currentmonth, $page, $pages, $multipage, $more, $numpages; if ( ! ( $post instanceof WP_Post ) ) { $post = get_post( $post ); } if ( ! $post ) { return; } $elements = $this->generate_postdata( $post ); if ( false === $elements ) { return; } $id = $elements['id']; $authordata = $elements['authordata']; $currentday = $elements['currentday']; $currentmonth = $elements['currentmonth']; $page = $elements['page']; $pages = $elements['pages']; $multipage = $elements['multipage']; $more = $elements['more']; $numpages = $elements['numpages']; /** * Fires once the post data has been set up. * * @since 2.8.0 * @since 4.1.0 Introduced `$query` parameter. * * @param WP_Post $post The Post object (passed by reference). * @param WP_Query $query The current Query object (passed by reference). */ do_action_ref_array( 'the_post', array( &$post, &$this ) ); return true; } /** * Generates post data. * * @since 5.2.0 * * @param WP_Post|object|int $post WP_Post instance or Post ID/object. * @return array|false Elements of post or false on failure. */ public function generate_postdata( $post ) { if ( ! ( $post instanceof WP_Post ) ) { $post = get_post( $post ); } if ( ! $post ) { return false; } $id = (int) $post->ID; $authordata = get_userdata( $post->post_author ); $currentday = false; $currentmonth = false; $post_date = $post->post_date; if ( ! empty( $post_date ) && '0000-00-00 00:00:00' !== $post_date ) { // Avoid using mysql2date for performance reasons. $currentmonth = substr( $post_date, 5, 2 ); $day = substr( $post_date, 8, 2 ); $year = substr( $post_date, 2, 2 ); $currentday = sprintf( '%s.%s.%s', $day, $currentmonth, $year ); } $numpages = 1; $multipage = 0; $page = $this->get( 'page' ); if ( ! $page ) { $page = 1; } /* * Force full post content when viewing the permalink for the $post, * or when on an RSS feed. Otherwise respect the 'more' tag. */ if ( get_queried_object_id() === $post->ID && ( $this->is_page() || $this->is_single() ) ) { $more = 1; } elseif ( $this->is_feed() ) { $more = 1; } else { $more = 0; } $content = $post->post_content; if ( str_contains( $content, '' ) ) { $content = str_replace( "\n\n", '', $content ); $content = str_replace( "\n", '', $content ); $content = str_replace( "\n", '', $content ); // Remove the nextpage block delimiters, to avoid invalid block structures in the split content. $content = str_replace( '', '', $content ); $content = str_replace( '', '', $content ); // Ignore nextpage at the beginning of the content. if ( str_starts_with( $content, '' ) ) { $content = substr( $content, 15 ); } $pages = explode( '', $content ); } else { $pages = array( $post->post_content ); } /** * Filters the "pages" derived from splitting the post content. * * "Pages" are determined by splitting the post content based on the presence * of `` tags. * * @since 4.4.0 * * @param string[] $pages Array of "pages" from the post content split by `` tags. * @param WP_Post $post Current post object. */ $pages = apply_filters( 'content_pagination', $pages, $post ); $numpages = count( $pages ); if ( $numpages > 1 ) { if ( $page > 1 ) { $more = 1; } $multipage = 1; } else { $multipage = 0; } $elements = compact( 'id', 'authordata', 'currentday', 'currentmonth', 'page', 'pages', 'multipage', 'more', 'numpages' ); return $elements; } /** * Generates cache key. * * @since 6.1.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $args Query arguments. * @param string $sql SQL statement. * @return string Cache key. */ protected function generate_cache_key( array $args, $sql ) { global $wpdb; unset( $args['cache_results'], $args['fields'], $args['lazy_load_term_meta'], $args['update_post_meta_cache'], $args['update_post_term_cache'], $args['update_menu_item_cache'], $args['suppress_filters'] ); if ( empty( $args['post_type'] ) ) { if ( $this->is_attachment ) { $args['post_type'] = 'attachment'; } elseif ( $this->is_page ) { $args['post_type'] = 'page'; } else { $args['post_type'] = 'post'; } } elseif ( 'any' === $args['post_type'] ) { $args['post_type'] = array_values( get_post_types( array( 'exclude_from_search' => false ) ) ); } $args['post_type'] = (array) $args['post_type']; // Sort post types to ensure same cache key generation. sort( $args['post_type'] ); if ( isset( $args['post_status'] ) ) { $args['post_status'] = (array) $args['post_status']; // Sort post status to ensure same cache key generation. sort( $args['post_status'] ); } // Add a default orderby value of date to ensure same cache key generation. if ( ! isset( $q['orderby'] ) ) { $args['orderby'] = 'date'; } $placeholder = $wpdb->placeholder_escape(); array_walk_recursive( $args, /* * Replace wpdb placeholders with the string used in the database * query to avoid unreachable cache keys. This is necessary because * the placeholder is randomly generated in each request. * * $value is passed by reference to allow it to be modified. * array_walk_recursive() does not return an array. */ static function ( &$value ) use ( $wpdb, $placeholder ) { if ( is_string( $value ) && str_contains( $value, $placeholder ) ) { $value = $wpdb->remove_placeholder_escape( $value ); } } ); ksort( $args ); // Replace wpdb placeholder in the SQL statement used by the cache key. $sql = $wpdb->remove_placeholder_escape( $sql ); $key = md5( serialize( $args ) . $sql ); $last_changed = wp_cache_get_last_changed( 'posts' ); if ( ! empty( $this->tax_query->queries ) ) { $last_changed .= wp_cache_get_last_changed( 'terms' ); } return "wp_query:$key:$last_changed"; } /** * After looping through a nested query, this function * restores the $post global to the current post in this query. * * @since 3.7.0 * * @global WP_Post $post Global post object. */ public function reset_postdata() { if ( ! empty( $this->post ) ) { $GLOBALS['post'] = $this->post; $this->setup_postdata( $this->post ); } } /** * Lazyloads term meta for posts in the loop. * * @since 4.4.0 * @deprecated 4.5.0 See wp_queue_posts_for_term_meta_lazyload(). * * @param mixed $check * @param int $term_id * @return mixed */ public function lazyload_term_meta( $check, $term_id ) { _deprecated_function( __METHOD__, '4.5.0' ); return $check; } /** * Lazyloads comment meta for comments in the loop. * * @since 4.4.0 * @deprecated 4.5.0 See wp_lazyload_comment_meta(). * * @param mixed $check * @param int $comment_id * @return mixed */ public function lazyload_comment_meta( $check, $comment_id ) { _deprecated_function( __METHOD__, '4.5.0' ); return $check; } } /** * Core Comment API * * @package WordPress * @subpackage Comment */ /** * Checks whether a comment passes internal checks to be allowed to add. * * If manual comment moderation is set in the administration, then all checks, * regardless of their type and substance, will fail and the function will * return false. * * If the number of links exceeds the amount in the administration, then the * check fails. If any of the parameter contents contain any disallowed words, * then the check fails. * * If the comment author was approved before, then the comment is automatically * approved. * * If all checks pass, the function will return true. * * @since 1.2.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $author Comment author name. * @param string $email Comment author email. * @param string $url Comment author URL. * @param string $comment Content of the comment. * @param string $user_ip Comment author IP address. * @param string $user_agent Comment author User-Agent. * @param string $comment_type Comment type, either user-submitted comment, * trackback, or pingback. * @return bool If all checks pass, true, otherwise false. */ function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) { global $wpdb; // If manual moderation is enabled, skip all checks and return false. if ( 1 == get_option( 'comment_moderation' ) ) { return false; } /** This filter is documented in wp-includes/comment-template.php */ $comment = apply_filters( 'comment_text', $comment, null, array() ); // Check for the number of external links if a max allowed number is set. $max_links = get_option( 'comment_max_links' ); if ( $max_links ) { $num_links = preg_match_all( '/]*href/i', $comment, $out ); /** * Filters the number of links found in a comment. * * @since 3.0.0 * @since 4.7.0 Added the `$comment` parameter. * * @param int $num_links The number of links found. * @param string $url Comment author's URL. Included in allowed links total. * @param string $comment Content of the comment. */ $num_links = apply_filters( 'comment_max_links_url', $num_links, $url, $comment ); /* * If the number of links in the comment exceeds the allowed amount, * fail the check by returning false. */ if ( $num_links >= $max_links ) { return false; } } $mod_keys = trim( get_option( 'moderation_keys' ) ); // If moderation 'keys' (keywords) are set, process them. if ( ! empty( $mod_keys ) ) { $words = explode( "\n", $mod_keys ); foreach ( (array) $words as $word ) { $word = trim( $word ); // Skip empty lines. if ( empty( $word ) ) { continue; } /* * Do some escaping magic so that '#' (number of) characters in the spam * words don't break things: */ $word = preg_quote( $word, '#' ); /* * Check the comment fields for moderation keywords. If any are found, * fail the check for the given field by returning false. */ $pattern = "#$word#iu"; if ( preg_match( $pattern, $author ) ) { return false; } if ( preg_match( $pattern, $email ) ) { return false; } if ( preg_match( $pattern, $url ) ) { return false; } if ( preg_match( $pattern, $comment ) ) { return false; } if ( preg_match( $pattern, $user_ip ) ) { return false; } if ( preg_match( $pattern, $user_agent ) ) { return false; } } } /* * Check if the option to approve comments by previously-approved authors is enabled. * * If it is enabled, check whether the comment author has a previously-approved comment, * as well as whether there are any moderation keywords (if set) present in the author * email address. If both checks pass, return true. Otherwise, return false. */ if ( 1 == get_option( 'comment_previously_approved' ) ) { if ( 'trackback' !== $comment_type && 'pingback' !== $comment_type && '' !== $author && '' !== $email ) { $comment_user = get_user_by( 'email', wp_unslash( $email ) ); if ( ! empty( $comment_user->ID ) ) { $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE user_id = %d AND comment_approved = '1' LIMIT 1", $comment_user->ID ) ); } else { // expected_slashed ($author, $email) $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE comment_author = %s AND comment_author_email = %s and comment_approved = '1' LIMIT 1", $author, $email ) ); } if ( ( 1 == $ok_to_comment ) && ( empty( $mod_keys ) || ! str_contains( $email, $mod_keys ) ) ) { return true; } else { return false; } } else { return false; } } return true; } /** * Retrieves the approved comments for a post. * * @since 2.0.0 * @since 4.1.0 Refactored to leverage WP_Comment_Query over a direct query. * * @param int $post_id The ID of the post. * @param array $args { * Optional. See WP_Comment_Query::__construct() for information on accepted arguments. * * @type int $status Comment status to limit results by. Defaults to approved comments. * @type int $post_id Limit results to those affiliated with a given post ID. * @type string $order How to order retrieved comments. Default 'ASC'. * } * @return WP_Comment[]|int[]|int The approved comments, or number of comments if `$count` * argument is true. */ function get_approved_comments( $post_id, $args = array() ) { if ( ! $post_id ) { return array(); } $defaults = array( 'status' => 1, 'post_id' => $post_id, 'order' => 'ASC', ); $parsed_args = wp_parse_args( $args, $defaults ); $query = new WP_Comment_Query(); return $query->query( $parsed_args ); } /** * Retrieves comment data given a comment ID or comment object. * * If an object is passed then the comment data will be cached and then returned * after being passed through a filter. If the comment is empty, then the global * comment variable will be used, if it is set. * * @since 2.0.0 * * @global WP_Comment $comment Global comment object. * * @param WP_Comment|string|int $comment Comment to retrieve. * @param string $output Optional. The required return type. One of OBJECT, ARRAY_A, or ARRAY_N, which * correspond to a WP_Comment object, an associative array, or a numeric array, * respectively. Default OBJECT. * @return WP_Comment|array|null Depends on $output value. */ function get_comment( $comment = null, $output = OBJECT ) { if ( empty( $comment ) && isset( $GLOBALS['comment'] ) ) { $comment = $GLOBALS['comment']; } if ( $comment instanceof WP_Comment ) { $_comment = $comment; } elseif ( is_object( $comment ) ) { $_comment = new WP_Comment( $comment ); } else { $_comment = WP_Comment::get_instance( $comment ); } if ( ! $_comment ) { return null; } /** * Fires after a comment is retrieved. * * @since 2.3.0 * * @param WP_Comment $_comment Comment data. */ $_comment = apply_filters( 'get_comment', $_comment ); if ( OBJECT === $output ) { return $_comment; } elseif ( ARRAY_A === $output ) { return $_comment->to_array(); } elseif ( ARRAY_N === $output ) { return array_values( $_comment->to_array() ); } return $_comment; } /** * Retrieves a list of comments. * * The comment list can be for the blog as a whole or for an individual post. * * @since 2.7.0 * * @param string|array $args Optional. Array or string of arguments. See WP_Comment_Query::__construct() * for information on accepted arguments. Default empty string. * @return WP_Comment[]|int[]|int List of comments or number of found comments if `$count` argument is true. */ function get_comments( $args = '' ) { $query = new WP_Comment_Query(); return $query->query( $args ); } /** * Retrieves all of the WordPress supported comment statuses. * * Comments have a limited set of valid status values, this provides the comment * status values and descriptions. * * @since 2.7.0 * * @return string[] List of comment status labels keyed by status. */ function get_comment_statuses() { $status = array( 'hold' => __( 'Unapproved' ), 'approve' => _x( 'Approved', 'comment status' ), 'spam' => _x( 'Spam', 'comment status' ), 'trash' => _x( 'Trash', 'comment status' ), ); return $status; } /** * Gets the default comment status for a post type. * * @since 4.3.0 * * @param string $post_type Optional. Post type. Default 'post'. * @param string $comment_type Optional. Comment type. Default 'comment'. * @return string Either 'open' or 'closed'. */ function get_default_comment_status( $post_type = 'post', $comment_type = 'comment' ) { switch ( $comment_type ) { case 'pingback': case 'trackback': $supports = 'trackbacks'; $option = 'ping'; break; default: $supports = 'comments'; $option = 'comment'; break; } // Set the status. if ( 'page' === $post_type ) { $status = 'closed'; } elseif ( post_type_supports( $post_type, $supports ) ) { $status = get_option( "default_{$option}_status" ); } else { $status = 'closed'; } /** * Filters the default comment status for the given post type. * * @since 4.3.0 * * @param string $status Default status for the given post type, * either 'open' or 'closed'. * @param string $post_type Post type. Default is `post`. * @param string $comment_type Type of comment. Default is `comment`. */ return apply_filters( 'get_default_comment_status', $status, $post_type, $comment_type ); } /** * Retrieves the date the last comment was modified. * * @since 1.5.0 * @since 4.7.0 Replaced caching the modified date in a local static variable * with the Object Cache API. * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $timezone Which timezone to use in reference to 'gmt', 'blog', or 'server' locations. * @return string|false Last comment modified date on success, false on failure. */ function get_lastcommentmodified( $timezone = 'server' ) { global $wpdb; $timezone = strtolower( $timezone ); $key = "lastcommentmodified:$timezone"; $comment_modified_date = wp_cache_get( $key, 'timeinfo' ); if ( false !== $comment_modified_date ) { return $comment_modified_date; } switch ( $timezone ) { case 'gmt': $comment_modified_date = $wpdb->get_var( "SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1" ); break; case 'blog': $comment_modified_date = $wpdb->get_var( "SELECT comment_date FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1" ); break; case 'server': $add_seconds_server = gmdate( 'Z' ); $comment_modified_date = $wpdb->get_var( $wpdb->prepare( "SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $add_seconds_server ) ); break; } if ( $comment_modified_date ) { wp_cache_set( $key, $comment_modified_date, 'timeinfo' ); return $comment_modified_date; } return false; } /** * Retrieves the total comment counts for the whole site or a single post. * * @since 2.0.0 * * @param int $post_id Optional. Restrict the comment counts to the given post. Default 0, which indicates that * comment counts for the whole site will be retrieved. * @return int[] { * The number of comments keyed by their status. * * @type int $approved The number of approved comments. * @type int $awaiting_moderation The number of comments awaiting moderation (a.k.a. pending). * @type int $spam The number of spam comments. * @type int $trash The number of trashed comments. * @type int $post-trashed The number of comments for posts that are in the trash. * @type int $total_comments The total number of non-trashed comments, including spam. * @type int $all The total number of pending or approved comments. * } */ function get_comment_count( $post_id = 0 ) { $post_id = (int) $post_id; $comment_count = array( 'approved' => 0, 'awaiting_moderation' => 0, 'spam' => 0, 'trash' => 0, 'post-trashed' => 0, 'total_comments' => 0, 'all' => 0, ); $args = array( 'count' => true, 'update_comment_meta_cache' => false, 'orderby' => 'none', ); if ( $post_id > 0 ) { $args['post_id'] = $post_id; } $mapping = array( 'approved' => 'approve', 'awaiting_moderation' => 'hold', 'spam' => 'spam', 'trash' => 'trash', 'post-trashed' => 'post-trashed', ); $comment_count = array(); foreach ( $mapping as $key => $value ) { $comment_count[ $key ] = get_comments( array_merge( $args, array( 'status' => $value ) ) ); } $comment_count['all'] = $comment_count['approved'] + $comment_count['awaiting_moderation']; $comment_count['total_comments'] = $comment_count['all'] + $comment_count['spam']; return array_map( 'intval', $comment_count ); } // // Comment meta functions. // /** * Adds meta data field to a comment. * * @since 2.9.0 * * @link https://developer.wordpress.org/reference/functions/add_comment_meta/ * * @param int $comment_id Comment ID. * @param string $meta_key Metadata name. * @param mixed $meta_value Metadata value. Must be serializable if non-scalar. * @param bool $unique Optional. Whether the same key should not be added. * Default false. * @return int|false Meta ID on success, false on failure. */ function add_comment_meta( $comment_id, $meta_key, $meta_value, $unique = false ) { return add_metadata( 'comment', $comment_id, $meta_key, $meta_value, $unique ); } /** * Removes metadata matching criteria from a comment. * * You can match based on the key, or key and value. Removing based on key and * value, will keep from removing duplicate metadata with the same key. It also * allows removing all metadata matching key, if needed. * * @since 2.9.0 * * @link https://developer.wordpress.org/reference/functions/delete_comment_meta/ * * @param int $comment_id Comment ID. * @param string $meta_key Metadata name. * @param mixed $meta_value Optional. Metadata value. If provided, * rows will only be removed that match the value. * Must be serializable if non-scalar. Default empty string. * @return bool True on success, false on failure. */ function delete_comment_meta( $comment_id, $meta_key, $meta_value = '' ) { return delete_metadata( 'comment', $comment_id, $meta_key, $meta_value ); } /** * Retrieves comment meta field for a comment. * * @since 2.9.0 * * @link https://developer.wordpress.org/reference/functions/get_comment_meta/ * * @param int $comment_id Comment ID. * @param string $key Optional. The meta key to retrieve. By default, * returns data for all keys. Default empty string. * @param bool $single Optional. Whether to return a single value. * This parameter has no effect if `$key` is not specified. * Default false. * @return mixed An array of values if `$single` is false. * The value of meta data field if `$single` is true. * False for an invalid `$comment_id` (non-numeric, zero, or negative value). * An empty array if a valid but non-existing comment ID is passed and `$single` is false. * An empty string if a valid but non-existing comment ID is passed and `$single` is true. */ function get_comment_meta( $comment_id, $key = '', $single = false ) { return get_metadata( 'comment', $comment_id, $key, $single ); } /** * Queue comment meta for lazy-loading. * * @since 6.3.0 * * @param array $comment_ids List of comment IDs. */ function wp_lazyload_comment_meta( array $comment_ids ) { if ( empty( $comment_ids ) ) { return; } $lazyloader = wp_metadata_lazyloader(); $lazyloader->queue_objects( 'comment', $comment_ids ); } /** * Updates comment meta field based on comment ID. * * Use the $prev_value parameter to differentiate between meta fields with the * same key and comment ID. * * If the meta field for the comment does not exist, it will be added. * * @since 2.9.0 * * @link https://developer.wordpress.org/reference/functions/update_comment_meta/ * * @param int $comment_id Comment ID. * @param string $meta_key Metadata key. * @param mixed $meta_value Metadata value. Must be serializable if non-scalar. * @param mixed $prev_value Optional. Previous value to check before updating. * If specified, only update existing metadata entries with * this value. Otherwise, update all entries. Default empty string. * @return int|bool Meta ID if the key didn't exist, true on successful update, * false on failure or if the value passed to the function * is the same as the one that is already in the database. */ function update_comment_meta( $comment_id, $meta_key, $meta_value, $prev_value = '' ) { return update_metadata( 'comment', $comment_id, $meta_key, $meta_value, $prev_value ); } /** * Sets the cookies used to store an unauthenticated commentator's identity. Typically used * to recall previous comments by this commentator that are still held in moderation. * * @since 3.4.0 * @since 4.9.6 The `$cookies_consent` parameter was added. * * @param WP_Comment $comment Comment object. * @param WP_User $user Comment author's user object. The user may not exist. * @param bool $cookies_consent Optional. Comment author's consent to store cookies. Default true. */ function wp_set_comment_cookies( $comment, $user, $cookies_consent = true ) { // If the user already exists, or the user opted out of cookies, don't set cookies. if ( $user->exists() ) { return; } if ( false === $cookies_consent ) { // Remove any existing cookies. $past = time() - YEAR_IN_SECONDS; setcookie( 'comment_author_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); setcookie( 'comment_author_email_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); setcookie( 'comment_author_url_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); return; } /** * Filters the lifetime of the comment cookie in seconds. * * @since 2.8.0 * @since 6.6.0 The default $seconds value changed from 30000000 to YEAR_IN_SECONDS. * * @param int $seconds Comment cookie lifetime. Default YEAR_IN_SECONDS. */ $comment_cookie_lifetime = time() + apply_filters( 'comment_cookie_lifetime', YEAR_IN_SECONDS ); $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ); setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); } /** * Sanitizes the cookies sent to the user already. * * Will only do anything if the cookies have already been created for the user. * Mostly used after cookies had been sent to use elsewhere. * * @since 2.0.4 */ function sanitize_comment_cookies() { if ( isset( $_COOKIE[ 'comment_author_' . COOKIEHASH ] ) ) { /** * Filters the comment author's name cookie before it is set. * * When this filter hook is evaluated in wp_filter_comment(), * the comment author's name string is passed. * * @since 1.5.0 * * @param string $author_cookie The comment author name cookie. */ $comment_author = apply_filters( 'pre_comment_author_name', $_COOKIE[ 'comment_author_' . COOKIEHASH ] ); $comment_author = wp_unslash( $comment_author ); $comment_author = esc_attr( $comment_author ); $_COOKIE[ 'comment_author_' . COOKIEHASH ] = $comment_author; } if ( isset( $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ) ) { /** * Filters the comment author's email cookie before it is set. * * When this filter hook is evaluated in wp_filter_comment(), * the comment author's email string is passed. * * @since 1.5.0 * * @param string $author_email_cookie The comment author email cookie. */ $comment_author_email = apply_filters( 'pre_comment_author_email', $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ); $comment_author_email = wp_unslash( $comment_author_email ); $comment_author_email = esc_attr( $comment_author_email ); $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] = $comment_author_email; } if ( isset( $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ) ) { /** * Filters the comment author's URL cookie before it is set. * * When this filter hook is evaluated in wp_filter_comment(), * the comment author's URL string is passed. * * @since 1.5.0 * * @param string $author_url_cookie The comment author URL cookie. */ $comment_author_url = apply_filters( 'pre_comment_author_url', $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ); $comment_author_url = wp_unslash( $comment_author_url ); $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] = $comment_author_url; } } /** * Validates whether this comment is allowed to be made. * * @since 2.0.0 * @since 4.7.0 The `$avoid_die` parameter was added, allowing the function * to return a WP_Error object instead of dying. * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $commentdata Contains information on the comment. * @param bool $wp_error When true, a disallowed comment will result in the function * returning a WP_Error object, rather than executing wp_die(). * Default false. * @return int|string|WP_Error Allowed comments return the approval status (0|1|'spam'|'trash'). * If `$wp_error` is true, disallowed comments return a WP_Error. */ function wp_allow_comment( $commentdata, $wp_error = false ) { global $wpdb; /* * Simple duplicate check. * expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) */ $dupe = $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = %s AND comment_approved != 'trash' AND ( comment_author = %s ", wp_unslash( $commentdata['comment_post_ID'] ), wp_unslash( $commentdata['comment_parent'] ), wp_unslash( $commentdata['comment_author'] ) ); if ( $commentdata['comment_author_email'] ) { $dupe .= $wpdb->prepare( 'AND comment_author_email = %s ', wp_unslash( $commentdata['comment_author_email'] ) ); } $dupe .= $wpdb->prepare( ') AND comment_content = %s LIMIT 1', wp_unslash( $commentdata['comment_content'] ) ); $dupe_id = $wpdb->get_var( $dupe ); /** * Filters the ID, if any, of the duplicate comment found when creating a new comment. * * Return an empty value from this filter to allow what WP considers a duplicate comment. * * @since 4.4.0 * * @param int $dupe_id ID of the comment identified as a duplicate. * @param array $commentdata Data for the comment being created. */ $dupe_id = apply_filters( 'duplicate_comment_id', $dupe_id, $commentdata ); if ( $dupe_id ) { /** * Fires immediately after a duplicate comment is detected. * * @since 3.0.0 * * @param array $commentdata Comment data. */ do_action( 'comment_duplicate_trigger', $commentdata ); /** * Filters duplicate comment error message. * * @since 5.2.0 * * @param string $comment_duplicate_message Duplicate comment error message. */ $comment_duplicate_message = apply_filters( 'comment_duplicate_message', __( 'Duplicate comment detected; it looks as though you’ve already said that!' ) ); if ( $wp_error ) { return new WP_Error( 'comment_duplicate', $comment_duplicate_message, 409 ); } else { if ( wp_doing_ajax() ) { die( $comment_duplicate_message ); } wp_die( $comment_duplicate_message, 409 ); } } /** * Fires immediately before a comment is marked approved. * * Allows checking for comment flooding. * * @since 2.3.0 * @since 4.7.0 The `$avoid_die` parameter was added. * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. * * @param string $comment_author_ip Comment author's IP address. * @param string $comment_author_email Comment author's email. * @param string $comment_date_gmt GMT date the comment was posted. * @param bool $wp_error Whether to return a WP_Error object instead of executing * wp_die() or die() if a comment flood is occurring. */ do_action( 'check_comment_flood', $commentdata['comment_author_IP'], $commentdata['comment_author_email'], $commentdata['comment_date_gmt'], $wp_error ); /** * Filters whether a comment is part of a comment flood. * * The default check is wp_check_comment_flood(). See check_comment_flood_db(). * * @since 4.7.0 * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. * * @param bool $is_flood Is a comment flooding occurring? Default false. * @param string $comment_author_ip Comment author's IP address. * @param string $comment_author_email Comment author's email. * @param string $comment_date_gmt GMT date the comment was posted. * @param bool $wp_error Whether to return a WP_Error object instead of executing * wp_die() or die() if a comment flood is occurring. */ $is_flood = apply_filters( 'wp_is_comment_flood', false, $commentdata['comment_author_IP'], $commentdata['comment_author_email'], $commentdata['comment_date_gmt'], $wp_error ); if ( $is_flood ) { /** This filter is documented in wp-includes/comment-template.php */ $comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) ); return new WP_Error( 'comment_flood', $comment_flood_message, 429 ); } return wp_check_comment_data( $commentdata ); } /** * Hooks WP's native database-based comment-flood check. * * This wrapper maintains backward compatibility with plugins that expect to * be able to unhook the legacy check_comment_flood_db() function from * 'check_comment_flood' using remove_action(). * * @since 2.3.0 * @since 4.7.0 Converted to be an add_filter() wrapper. */ function check_comment_flood_db() { add_filter( 'wp_is_comment_flood', 'wp_check_comment_flood', 10, 5 ); } /** * Checks whether comment flooding is occurring. * * Won't run, if current user can manage options, so to not block * administrators. * * @since 4.7.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param bool $is_flood Is a comment flooding occurring? * @param string $ip Comment author's IP address. * @param string $email Comment author's email address. * @param string $date MySQL time string. * @param bool $avoid_die When true, a disallowed comment will result in the function * returning without executing wp_die() or die(). Default false. * @return bool Whether comment flooding is occurring. */ function wp_check_comment_flood( $is_flood, $ip, $email, $date, $avoid_die = false ) { global $wpdb; // Another callback has declared a flood. Trust it. if ( true === $is_flood ) { return $is_flood; } // Don't throttle admins or moderators. if ( current_user_can( 'manage_options' ) || current_user_can( 'moderate_comments' ) ) { return false; } $hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS ); if ( is_user_logged_in() ) { $user = get_current_user_id(); $check_column = '`user_id`'; } else { $user = $ip; $check_column = '`comment_author_IP`'; } $sql = $wpdb->prepare( "SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( $check_column = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1", $hour_ago, $user, $email ); $lasttime = $wpdb->get_var( $sql ); if ( $lasttime ) { $time_lastcomment = mysql2date( 'U', $lasttime, false ); $time_newcomment = mysql2date( 'U', $date, false ); /** * Filters the comment flood status. * * @since 2.1.0 * * @param bool $bool Whether a comment flood is occurring. Default false. * @param int $time_lastcomment Timestamp of when the last comment was posted. * @param int $time_newcomment Timestamp of when the new comment was posted. */ $flood_die = apply_filters( 'comment_flood_filter', false, $time_lastcomment, $time_newcomment ); if ( $flood_die ) { /** * Fires before the comment flood message is triggered. * * @since 1.5.0 * * @param int $time_lastcomment Timestamp of when the last comment was posted. * @param int $time_newcomment Timestamp of when the new comment was posted. */ do_action( 'comment_flood_trigger', $time_lastcomment, $time_newcomment ); if ( $avoid_die ) { return true; } else { /** * Filters the comment flood error message. * * @since 5.2.0 * * @param string $comment_flood_message Comment flood error message. */ $comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) ); if ( wp_doing_ajax() ) { die( $comment_flood_message ); } wp_die( $comment_flood_message, 429 ); } } } return false; } /** * Separates an array of comments into an array keyed by comment_type. * * @since 2.7.0 * * @param WP_Comment[] $comments Array of comments * @return WP_Comment[] Array of comments keyed by comment_type. */ function separate_comments( &$comments ) { $comments_by_type = array( 'comment' => array(), 'trackback' => array(), 'pingback' => array(), 'pings' => array(), ); $count = count( $comments ); for ( $i = 0; $i < $count; $i++ ) { $type = $comments[ $i ]->comment_type; if ( empty( $type ) ) { $type = 'comment'; } $comments_by_type[ $type ][] = &$comments[ $i ]; if ( 'trackback' === $type || 'pingback' === $type ) { $comments_by_type['pings'][] = &$comments[ $i ]; } } return $comments_by_type; } /** * Calculates the total number of comment pages. * * @since 2.7.0 * * @uses Walker_Comment * * @global WP_Query $wp_query WordPress Query object. * * @param WP_Comment[] $comments Optional. Array of WP_Comment objects. Defaults to `$wp_query->comments`. * @param int $per_page Optional. Comments per page. Defaults to the value of `comments_per_page` * query var, option of the same name, or 1 (in that order). * @param bool $threaded Optional. Control over flat or threaded comments. Defaults to the value * of `thread_comments` option. * @return int Number of comment pages. */ function get_comment_pages_count( $comments = null, $per_page = null, $threaded = null ) { global $wp_query; if ( null === $comments && null === $per_page && null === $threaded && ! empty( $wp_query->max_num_comment_pages ) ) { return $wp_query->max_num_comment_pages; } if ( ( ! $comments || ! is_array( $comments ) ) && ! empty( $wp_query->comments ) ) { $comments = $wp_query->comments; } if ( empty( $comments ) ) { return 0; } if ( ! get_option( 'page_comments' ) ) { return 1; } if ( ! isset( $per_page ) ) { $per_page = (int) get_query_var( 'comments_per_page' ); } if ( 0 === $per_page ) { $per_page = (int) get_option( 'comments_per_page' ); } if ( 0 === $per_page ) { return 1; } if ( ! isset( $threaded ) ) { $threaded = get_option( 'thread_comments' ); } if ( $threaded ) { $walker = new Walker_Comment(); $count = ceil( $walker->get_number_of_root_elements( $comments ) / $per_page ); } else { $count = ceil( count( $comments ) / $per_page ); } return (int) $count; } /** * Calculates what page number a comment will appear on for comment paging. * * @since 2.7.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $comment_id Comment ID. * @param array $args { * Array of optional arguments. * * @type string $type Limit paginated comments to those matching a given type. * Accepts 'comment', 'trackback', 'pingback', 'pings' * (trackbacks and pingbacks), or 'all'. Default 'all'. * @type int $per_page Per-page count to use when calculating pagination. * Defaults to the value of the 'comments_per_page' option. * @type int|string $max_depth If greater than 1, comment page will be determined * for the top-level parent `$comment_id`. * Defaults to the value of the 'thread_comments_depth' option. * } * @return int|null Comment page number or null on error. */ function get_page_of_comment( $comment_id, $args = array() ) { global $wpdb; $page = null; $comment = get_comment( $comment_id ); if ( ! $comment ) { return; } $defaults = array( 'type' => 'all', 'page' => '', 'per_page' => '', 'max_depth' => '', ); $args = wp_parse_args( $args, $defaults ); $original_args = $args; // Order of precedence: 1. `$args['per_page']`, 2. 'comments_per_page' query_var, 3. 'comments_per_page' option. if ( get_option( 'page_comments' ) ) { if ( '' === $args['per_page'] ) { $args['per_page'] = get_query_var( 'comments_per_page' ); } if ( '' === $args['per_page'] ) { $args['per_page'] = get_option( 'comments_per_page' ); } } if ( empty( $args['per_page'] ) ) { $args['per_page'] = 0; $args['page'] = 0; } if ( $args['per_page'] < 1 ) { $page = 1; } if ( null === $page ) { if ( '' === $args['max_depth'] ) { if ( get_option( 'thread_comments' ) ) { $args['max_depth'] = get_option( 'thread_comments_depth' ); } else { $args['max_depth'] = -1; } } // Find this comment's top-level parent if threading is enabled. if ( $args['max_depth'] > 1 && 0 != $comment->comment_parent ) { return get_page_of_comment( $comment->comment_parent, $args ); } $comment_args = array( 'type' => $args['type'], 'post_id' => $comment->comment_post_ID, 'fields' => 'ids', 'count' => true, 'status' => 'approve', 'orderby' => 'none', 'parent' => 0, 'date_query' => array( array( 'column' => "$wpdb->comments.comment_date_gmt", 'before' => $comment->comment_date_gmt, ), ), ); if ( is_user_logged_in() ) { $comment_args['include_unapproved'] = array( get_current_user_id() ); } else { $unapproved_email = wp_get_unapproved_comment_author_email(); if ( $unapproved_email ) { $comment_args['include_unapproved'] = array( $unapproved_email ); } } /** * Filters the arguments used to query comments in get_page_of_comment(). * * @since 5.5.0 * * @see WP_Comment_Query::__construct() * * @param array $comment_args { * Array of WP_Comment_Query arguments. * * @type string $type Limit paginated comments to those matching a given type. * Accepts 'comment', 'trackback', 'pingback', 'pings' * (trackbacks and pingbacks), or 'all'. Default 'all'. * @type int $post_id ID of the post. * @type string $fields Comment fields to return. * @type bool $count Whether to return a comment count (true) or array * of comment objects (false). * @type string $status Comment status. * @type int $parent Parent ID of comment to retrieve children of. * @type array $date_query Date query clauses to limit comments by. See WP_Date_Query. * @type array $include_unapproved Array of IDs or email addresses whose unapproved comments * will be included in paginated comments. * } */ $comment_args = apply_filters( 'get_page_of_comment_query_args', $comment_args ); $comment_query = new WP_Comment_Query(); $older_comment_count = $comment_query->query( $comment_args ); // No older comments? Then it's page #1. if ( 0 == $older_comment_count ) { $page = 1; // Divide comments older than this one by comments per page to get this comment's page number. } else { $page = (int) ceil( ( $older_comment_count + 1 ) / $args['per_page'] ); } } /** * Filters the calculated page on which a comment appears. * * @since 4.4.0 * @since 4.7.0 Introduced the `$comment_id` parameter. * * @param int $page Comment page. * @param array $args { * Arguments used to calculate pagination. These include arguments auto-detected by the function, * based on query vars, system settings, etc. For pristine arguments passed to the function, * see `$original_args`. * * @type string $type Type of comments to count. * @type int $page Calculated current page. * @type int $per_page Calculated number of comments per page. * @type int $max_depth Maximum comment threading depth allowed. * } * @param array $original_args { * Array of arguments passed to the function. Some or all of these may not be set. * * @type string $type Type of comments to count. * @type int $page Current comment page. * @type int $per_page Number of comments per page. * @type int $max_depth Maximum comment threading depth allowed. * } * @param int $comment_id ID of the comment. */ return apply_filters( 'get_page_of_comment', (int) $page, $args, $original_args, $comment_id ); } /** * Retrieves the maximum character lengths for the comment form fields. * * @since 4.5.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @return int[] Array of maximum lengths keyed by field name. */ function wp_get_comment_fields_max_lengths() { global $wpdb; $lengths = array( 'comment_author' => 245, 'comment_author_email' => 100, 'comment_author_url' => 200, 'comment_content' => 65525, ); if ( $wpdb->is_mysql ) { foreach ( $lengths as $column => $length ) { $col_length = $wpdb->get_col_length( $wpdb->comments, $column ); $max_length = 0; // No point if we can't get the DB column lengths. if ( is_wp_error( $col_length ) ) { break; } if ( ! is_array( $col_length ) && (int) $col_length > 0 ) { $max_length = (int) $col_length; } elseif ( is_array( $col_length ) && isset( $col_length['length'] ) && (int) $col_length['length'] > 0 ) { $max_length = (int) $col_length['length']; if ( ! empty( $col_length['type'] ) && 'byte' === $col_length['type'] ) { $max_length = $max_length - 10; } } if ( $max_length > 0 ) { $lengths[ $column ] = $max_length; } } } /** * Filters the lengths for the comment form fields. * * @since 4.5.0 * * @param int[] $lengths Array of maximum lengths keyed by field name. */ return apply_filters( 'wp_get_comment_fields_max_lengths', $lengths ); } /** * Compares the lengths of comment data against the maximum character limits. * * @since 4.7.0 * * @param array $comment_data Array of arguments for inserting a comment. * @return WP_Error|true WP_Error when a comment field exceeds the limit, * otherwise true. */ function wp_check_comment_data_max_lengths( $comment_data ) { $max_lengths = wp_get_comment_fields_max_lengths(); if ( isset( $comment_data['comment_author'] ) && mb_strlen( $comment_data['comment_author'], '8bit' ) > $max_lengths['comment_author'] ) { return new WP_Error( 'comment_author_column_length', __( 'Error: Your name is too long.' ), 200 ); } if ( isset( $comment_data['comment_author_email'] ) && strlen( $comment_data['comment_author_email'] ) > $max_lengths['comment_author_email'] ) { return new WP_Error( 'comment_author_email_column_length', __( 'Error: Your email address is too long.' ), 200 ); } if ( isset( $comment_data['comment_author_url'] ) && strlen( $comment_data['comment_author_url'] ) > $max_lengths['comment_author_url'] ) { return new WP_Error( 'comment_author_url_column_length', __( 'Error: Your URL is too long.' ), 200 ); } if ( isset( $comment_data['comment_content'] ) && mb_strlen( $comment_data['comment_content'], '8bit' ) > $max_lengths['comment_content'] ) { return new WP_Error( 'comment_content_column_length', __( 'Error: Your comment is too long.' ), 200 ); } return true; } /** * Checks whether comment data passes internal checks or has disallowed content. * * @since 6.7.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $comment_data Array of arguments for inserting a comment. * @return int|string|WP_Error The approval status on success (0|1|'spam'|'trash'), * WP_Error otherwise. */ function wp_check_comment_data( $comment_data ) { global $wpdb; if ( ! empty( $comment_data['user_id'] ) ) { $user = get_userdata( $comment_data['user_id'] ); $post_author = $wpdb->get_var( $wpdb->prepare( "SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1", $comment_data['comment_post_ID'] ) ); } if ( isset( $user ) && ( $comment_data['user_id'] == $post_author || $user->has_cap( 'moderate_comments' ) ) ) { // The author and the admins get respect. $approved = 1; } else { // Everyone else's comments will be checked. if ( check_comment( $comment_data['comment_author'], $comment_data['comment_author_email'], $comment_data['comment_author_url'], $comment_data['comment_content'], $comment_data['comment_author_IP'], $comment_data['comment_agent'], $comment_data['comment_type'] ) ) { $approved = 1; } else { $approved = 0; } if ( wp_check_comment_disallowed_list( $comment_data['comment_author'], $comment_data['comment_author_email'], $comment_data['comment_author_url'], $comment_data['comment_content'], $comment_data['comment_author_IP'], $comment_data['comment_agent'] ) ) { $approved = EMPTY_TRASH_DAYS ? 'trash' : 'spam'; } } /** * Filters a comment's approval status before it is set. * * @since 2.1.0 * @since 4.9.0 Returning a WP_Error value from the filter will short-circuit comment insertion * and allow skipping further processing. * * @param int|string|WP_Error $approved The approval status. Accepts 1, 0, 'spam', 'trash', * or WP_Error. * @param array $commentdata Comment data. */ return apply_filters( 'pre_comment_approved', $approved, $comment_data ); } /** * Checks if a comment contains disallowed characters or words. * * @since 5.5.0 * * @param string $author The author of the comment * @param string $email The email of the comment * @param string $url The url used in the comment * @param string $comment The comment content * @param string $user_ip The comment author's IP address * @param string $user_agent The author's browser user agent * @return bool True if comment contains disallowed content, false if comment does not */ function wp_check_comment_disallowed_list( $author, $email, $url, $comment, $user_ip, $user_agent ) { /** * Fires before the comment is tested for disallowed characters or words. * * @since 1.5.0 * @deprecated 5.5.0 Use {@see 'wp_check_comment_disallowed_list'} instead. * * @param string $author Comment author. * @param string $email Comment author's email. * @param string $url Comment author's URL. * @param string $comment Comment content. * @param string $user_ip Comment author's IP address. * @param string $user_agent Comment author's browser user agent. */ do_action_deprecated( 'wp_blacklist_check', array( $author, $email, $url, $comment, $user_ip, $user_agent ), '5.5.0', 'wp_check_comment_disallowed_list', __( 'Please consider writing more inclusive code.' ) ); /** * Fires before the comment is tested for disallowed characters or words. * * @since 5.5.0 * * @param string $author Comment author. * @param string $email Comment author's email. * @param string $url Comment author's URL. * @param string $comment Comment content. * @param string $user_ip Comment author's IP address. * @param string $user_agent Comment author's browser user agent. */ do_action( 'wp_check_comment_disallowed_list', $author, $email, $url, $comment, $user_ip, $user_agent ); $mod_keys = trim( get_option( 'disallowed_keys' ) ); if ( '' === $mod_keys ) { return false; // If moderation keys are empty. } // Ensure HTML tags are not being used to bypass the list of disallowed characters and words. $comment_without_html = wp_strip_all_tags( $comment ); $words = explode( "\n", $mod_keys ); foreach ( (array) $words as $word ) { $word = trim( $word ); // Skip empty lines. if ( empty( $word ) ) { continue; } // Do some escaping magic so that '#' chars in the spam words don't break things: $word = preg_quote( $word, '#' ); $pattern = "#$word#iu"; if ( preg_match( $pattern, $author ) || preg_match( $pattern, $email ) || preg_match( $pattern, $url ) || preg_match( $pattern, $comment ) || preg_match( $pattern, $comment_without_html ) || preg_match( $pattern, $user_ip ) || preg_match( $pattern, $user_agent ) ) { return true; } } return false; } /** * Retrieves the total comment counts for the whole site or a single post. * * The comment stats are cached and then retrieved, if they already exist in the * cache. * * @see get_comment_count() Which handles fetching the live comment counts. * * @since 2.5.0 * * @param int $post_id Optional. Restrict the comment counts to the given post. Default 0, which indicates that * comment counts for the whole site will be retrieved. * @return stdClass { * The number of comments keyed by their status. * * @type int $approved The number of approved comments. * @type int $moderated The number of comments awaiting moderation (a.k.a. pending). * @type int $spam The number of spam comments. * @type int $trash The number of trashed comments. * @type int $post-trashed The number of comments for posts that are in the trash. * @type int $total_comments The total number of non-trashed comments, including spam. * @type int $all The total number of pending or approved comments. * } */ function wp_count_comments( $post_id = 0 ) { $post_id = (int) $post_id; /** * Filters the comments count for a given post or the whole site. * * @since 2.7.0 * * @param array|stdClass $count An empty array or an object containing comment counts. * @param int $post_id The post ID. Can be 0 to represent the whole site. */ $filtered = apply_filters( 'wp_count_comments', array(), $post_id ); if ( ! empty( $filtered ) ) { return $filtered; } $count = wp_cache_get( "comments-{$post_id}", 'counts' ); if ( false !== $count ) { return $count; } $stats = get_comment_count( $post_id ); $stats['moderated'] = $stats['awaiting_moderation']; unset( $stats['awaiting_moderation'] ); $stats_object = (object) $stats; wp_cache_set( "comments-{$post_id}", $stats_object, 'counts' ); return $stats_object; } /** * Trashes or deletes a comment. * * The comment is moved to Trash instead of permanently deleted unless Trash is * disabled, item is already in the Trash, or $force_delete is true. * * The post comment count will be updated if the comment was approved and has a * post ID available. * * @since 2.0.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @param bool $force_delete Whether to bypass Trash and force deletion. Default false. * @return bool True on success, false on failure. */ function wp_delete_comment( $comment_id, $force_delete = false ) { global $wpdb; $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } if ( ! $force_delete && EMPTY_TRASH_DAYS && ! in_array( wp_get_comment_status( $comment ), array( 'trash', 'spam' ), true ) ) { return wp_trash_comment( $comment_id ); } /** * Fires immediately before a comment is deleted from the database. * * @since 1.2.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The comment to be deleted. */ do_action( 'delete_comment', $comment->comment_ID, $comment ); // Move children up a level. $children = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_parent = %d", $comment->comment_ID ) ); if ( ! empty( $children ) ) { $wpdb->update( $wpdb->comments, array( 'comment_parent' => $comment->comment_parent ), array( 'comment_parent' => $comment->comment_ID ) ); clean_comment_cache( $children ); } // Delete metadata. $meta_ids = $wpdb->get_col( $wpdb->prepare( "SELECT meta_id FROM $wpdb->commentmeta WHERE comment_id = %d", $comment->comment_ID ) ); foreach ( $meta_ids as $mid ) { delete_metadata_by_mid( 'comment', $mid ); } if ( ! $wpdb->delete( $wpdb->comments, array( 'comment_ID' => $comment->comment_ID ) ) ) { return false; } /** * Fires immediately after a comment is deleted from the database. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The deleted comment. */ do_action( 'deleted_comment', $comment->comment_ID, $comment ); $post_id = $comment->comment_post_ID; if ( $post_id && 1 == $comment->comment_approved ) { wp_update_comment_count( $post_id ); } clean_comment_cache( $comment->comment_ID ); /** This action is documented in wp-includes/comment.php */ do_action( 'wp_set_comment_status', $comment->comment_ID, 'delete' ); wp_transition_comment_status( 'delete', $comment->comment_approved, $comment ); return true; } /** * Moves a comment to the Trash * * If Trash is disabled, comment is permanently deleted. * * @since 2.9.0 * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @return bool True on success, false on failure. */ function wp_trash_comment( $comment_id ) { if ( ! EMPTY_TRASH_DAYS ) { return wp_delete_comment( $comment_id, true ); } $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } /** * Fires immediately before a comment is sent to the Trash. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The comment to be trashed. */ do_action( 'trash_comment', $comment->comment_ID, $comment ); if ( wp_set_comment_status( $comment, 'trash' ) ) { delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); add_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', $comment->comment_approved ); add_comment_meta( $comment->comment_ID, '_wp_trash_meta_time', time() ); /** * Fires immediately after a comment is sent to Trash. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The trashed comment. */ do_action( 'trashed_comment', $comment->comment_ID, $comment ); return true; } return false; } /** * Removes a comment from the Trash * * @since 2.9.0 * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @return bool True on success, false on failure. */ function wp_untrash_comment( $comment_id ) { $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } /** * Fires immediately before a comment is restored from the Trash. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The comment to be untrashed. */ do_action( 'untrash_comment', $comment->comment_ID, $comment ); $status = (string) get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ); if ( empty( $status ) ) { $status = '0'; } if ( wp_set_comment_status( $comment, $status ) ) { delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); /** * Fires immediately after a comment is restored from the Trash. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The untrashed comment. */ do_action( 'untrashed_comment', $comment->comment_ID, $comment ); return true; } return false; } /** * Marks a comment as Spam. * * @since 2.9.0 * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @return bool True on success, false on failure. */ function wp_spam_comment( $comment_id ) { $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } /** * Fires immediately before a comment is marked as Spam. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param int $comment_id The comment ID. * @param WP_Comment $comment The comment to be marked as spam. */ do_action( 'spam_comment', $comment->comment_ID, $comment ); if ( wp_set_comment_status( $comment, 'spam' ) ) { delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); add_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', $comment->comment_approved ); add_comment_meta( $comment->comment_ID, '_wp_trash_meta_time', time() ); /** * Fires immediately after a comment is marked as Spam. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param int $comment_id The comment ID. * @param WP_Comment $comment The comment marked as spam. */ do_action( 'spammed_comment', $comment->comment_ID, $comment ); return true; } return false; } /** * Removes a comment from the Spam. * * @since 2.9.0 * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @return bool True on success, false on failure. */ function wp_unspam_comment( $comment_id ) { $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } /** * Fires immediately before a comment is unmarked as Spam. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The comment to be unmarked as spam. */ do_action( 'unspam_comment', $comment->comment_ID, $comment ); $status = (string) get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ); if ( empty( $status ) ) { $status = '0'; } if ( wp_set_comment_status( $comment, $status ) ) { delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); /** * Fires immediately after a comment is unmarked as Spam. * * @since 2.9.0 * @since 4.9.0 Added the `$comment` parameter. * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment The comment unmarked as spam. */ do_action( 'unspammed_comment', $comment->comment_ID, $comment ); return true; } return false; } /** * Retrieves the status of a comment by comment ID. * * @since 1.0.0 * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object * @return string|false Status might be 'trash', 'approved', 'unapproved', 'spam'. False on failure. */ function wp_get_comment_status( $comment_id ) { $comment = get_comment( $comment_id ); if ( ! $comment ) { return false; } $approved = $comment->comment_approved; if ( null == $approved ) { return false; } elseif ( '1' == $approved ) { return 'approved'; } elseif ( '0' == $approved ) { return 'unapproved'; } elseif ( 'spam' === $approved ) { return 'spam'; } elseif ( 'trash' === $approved ) { return 'trash'; } else { return false; } } /** * Calls hooks for when a comment status transition occurs. * * Calls hooks for comment status transitions. If the new comment status is not the same * as the previous comment status, then two hooks will be ran, the first is * {@see 'transition_comment_status'} with new status, old status, and comment data. * The next action called is {@see 'comment_$old_status_to_$new_status'}. It has * the comment data. * * The final action will run whether or not the comment statuses are the same. * The action is named {@see 'comment_$new_status_$comment->comment_type'}. * * @since 2.7.0 * * @param string $new_status New comment status. * @param string $old_status Previous comment status. * @param WP_Comment $comment Comment object. */ function wp_transition_comment_status( $new_status, $old_status, $comment ) { /* * Translate raw statuses to human-readable formats for the hooks. * This is not a complete list of comment status, it's only the ones * that need to be renamed. */ $comment_statuses = array( 0 => 'unapproved', 'hold' => 'unapproved', // wp_set_comment_status() uses "hold". 1 => 'approved', 'approve' => 'approved', // wp_set_comment_status() uses "approve". ); if ( isset( $comment_statuses[ $new_status ] ) ) { $new_status = $comment_statuses[ $new_status ]; } if ( isset( $comment_statuses[ $old_status ] ) ) { $old_status = $comment_statuses[ $old_status ]; } // Call the hooks. if ( $new_status != $old_status ) { /** * Fires when the comment status is in transition. * * @since 2.7.0 * * @param int|string $new_status The new comment status. * @param int|string $old_status The old comment status. * @param WP_Comment $comment Comment object. */ do_action( 'transition_comment_status', $new_status, $old_status, $comment ); /** * Fires when the comment status is in transition from one specific status to another. * * The dynamic portions of the hook name, `$old_status`, and `$new_status`, * refer to the old and new comment statuses, respectively. * * Possible hook names include: * * - `comment_unapproved_to_approved` * - `comment_spam_to_approved` * - `comment_approved_to_unapproved` * - `comment_spam_to_unapproved` * - `comment_unapproved_to_spam` * - `comment_approved_to_spam` * * @since 2.7.0 * * @param WP_Comment $comment Comment object. */ do_action( "comment_{$old_status}_to_{$new_status}", $comment ); } /** * Fires when the status of a specific comment type is in transition. * * The dynamic portions of the hook name, `$new_status`, and `$comment->comment_type`, * refer to the new comment status, and the type of comment, respectively. * * Typical comment types include 'comment', 'pingback', or 'trackback'. * * Possible hook names include: * * - `comment_approved_comment` * - `comment_approved_pingback` * - `comment_approved_trackback` * - `comment_unapproved_comment` * - `comment_unapproved_pingback` * - `comment_unapproved_trackback` * - `comment_spam_comment` * - `comment_spam_pingback` * - `comment_spam_trackback` * * @since 2.7.0 * * @param string $comment_id The comment ID as a numeric string. * @param WP_Comment $comment Comment object. */ do_action( "comment_{$new_status}_{$comment->comment_type}", $comment->comment_ID, $comment ); } /** * Clears the lastcommentmodified cached value when a comment status is changed. * * Deletes the lastcommentmodified cache key when a comment enters or leaves * 'approved' status. * * @since 4.7.0 * @access private * * @param string $new_status The new comment status. * @param string $old_status The old comment status. */ function _clear_modified_cache_on_transition_comment_status( $new_status, $old_status ) { if ( 'approved' === $new_status || 'approved' === $old_status ) { $data = array(); foreach ( array( 'server', 'gmt', 'blog' ) as $timezone ) { $data[] = "lastcommentmodified:$timezone"; } wp_cache_delete_multiple( $data, 'timeinfo' ); } } /** * Gets current commenter's name, email, and URL. * * Expects cookies content to already be sanitized. User of this function might * wish to recheck the returned array for validity. * * @see sanitize_comment_cookies() Use to sanitize cookies * * @since 2.0.4 * * @return array { * An array of current commenter variables. * * @type string $comment_author The name of the current commenter, or an empty string. * @type string $comment_author_email The email address of the current commenter, or an empty string. * @type string $comment_author_url The URL address of the current commenter, or an empty string. * } */ function wp_get_current_commenter() { // Cookies should already be sanitized. $comment_author = ''; if ( isset( $_COOKIE[ 'comment_author_' . COOKIEHASH ] ) ) { $comment_author = $_COOKIE[ 'comment_author_' . COOKIEHASH ]; } $comment_author_email = ''; if ( isset( $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ) ) { $comment_author_email = $_COOKIE[ 'comment_author_email_' . COOKIEHASH ]; } $comment_author_url = ''; if ( isset( $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ) ) { $comment_author_url = $_COOKIE[ 'comment_author_url_' . COOKIEHASH ]; } /** * Filters the current commenter's name, email, and URL. * * @since 3.1.0 * * @param array $comment_author_data { * An array of current commenter variables. * * @type string $comment_author The name of the current commenter, or an empty string. * @type string $comment_author_email The email address of the current commenter, or an empty string. * @type string $comment_author_url The URL address of the current commenter, or an empty string. * } */ return apply_filters( 'wp_get_current_commenter', compact( 'comment_author', 'comment_author_email', 'comment_author_url' ) ); } /** * Gets unapproved comment author's email. * * Used to allow the commenter to see their pending comment. * * @since 5.1.0 * @since 5.7.0 The window within which the author email for an unapproved comment * can be retrieved was extended to 10 minutes. * * @return string The unapproved comment author's email (when supplied). */ function wp_get_unapproved_comment_author_email() { $commenter_email = ''; if ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { $comment_id = (int) $_GET['unapproved']; $comment = get_comment( $comment_id ); if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) { // The comment will only be viewable by the comment author for 10 minutes. $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+10 minutes' ); if ( time() < $comment_preview_expires ) { $commenter_email = $comment->comment_author_email; } } } if ( ! $commenter_email ) { $commenter = wp_get_current_commenter(); $commenter_email = $commenter['comment_author_email']; } return $commenter_email; } /** * Inserts a comment into the database. * * @since 2.0.0 * @since 4.4.0 Introduced the `$comment_meta` argument. * @since 5.5.0 Default value for `$comment_type` argument changed to `comment`. * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $commentdata { * Array of arguments for inserting a new comment. * * @type string $comment_agent The HTTP user agent of the `$comment_author` when * the comment was submitted. Default empty. * @type int|string $comment_approved Whether the comment has been approved. Default 1. * @type string $comment_author The name of the author of the comment. Default empty. * @type string $comment_author_email The email address of the `$comment_author`. Default empty. * @type string $comment_author_IP The IP address of the `$comment_author`. Default empty. * @type string $comment_author_url The URL address of the `$comment_author`. Default empty. * @type string $comment_content The content of the comment. Default empty. * @type string $comment_date The date the comment was submitted. To set the date * manually, `$comment_date_gmt` must also be specified. * Default is the current time. * @type string $comment_date_gmt The date the comment was submitted in the GMT timezone. * Default is `$comment_date` in the site's GMT timezone. * @type int $comment_karma The karma of the comment. Default 0. * @type int $comment_parent ID of this comment's parent, if any. Default 0. * @type int $comment_post_ID ID of the post that relates to the comment, if any. * Default 0. * @type string $comment_type Comment type. Default 'comment'. * @type array $comment_meta Optional. Array of key/value pairs to be stored in commentmeta for the * new comment. * @type int $user_id ID of the user who submitted the comment. Default 0. * } * @return int|false The new comment's ID on success, false on failure. */ function wp_insert_comment( $commentdata ) { global $wpdb; $data = wp_unslash( $commentdata ); $comment_author = ! isset( $data['comment_author'] ) ? '' : $data['comment_author']; $comment_author_email = ! isset( $data['comment_author_email'] ) ? '' : $data['comment_author_email']; $comment_author_url = ! isset( $data['comment_author_url'] ) ? '' : $data['comment_author_url']; $comment_author_ip = ! isset( $data['comment_author_IP'] ) ? '' : $data['comment_author_IP']; $comment_date = ! isset( $data['comment_date'] ) ? current_time( 'mysql' ) : $data['comment_date']; $comment_date_gmt = ! isset( $data['comment_date_gmt'] ) ? get_gmt_from_date( $comment_date ) : $data['comment_date_gmt']; $comment_post_id = ! isset( $data['comment_post_ID'] ) ? 0 : $data['comment_post_ID']; $comment_content = ! isset( $data['comment_content'] ) ? '' : $data['comment_content']; $comment_karma = ! isset( $data['comment_karma'] ) ? 0 : $data['comment_karma']; $comment_approved = ! isset( $data['comment_approved'] ) ? 1 : $data['comment_approved']; $comment_agent = ! isset( $data['comment_agent'] ) ? '' : $data['comment_agent']; $comment_type = empty( $data['comment_type'] ) ? 'comment' : $data['comment_type']; $comment_parent = ! isset( $data['comment_parent'] ) ? 0 : $data['comment_parent']; $user_id = ! isset( $data['user_id'] ) ? 0 : $data['user_id']; $compacted = array( 'comment_post_ID' => $comment_post_id, 'comment_author_IP' => $comment_author_ip, ); $compacted += compact( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_karma', 'comment_approved', 'comment_agent', 'comment_type', 'comment_parent', 'user_id' ); if ( ! $wpdb->insert( $wpdb->comments, $compacted ) ) { return false; } $id = (int) $wpdb->insert_id; if ( 1 == $comment_approved ) { wp_update_comment_count( $comment_post_id ); $data = array(); foreach ( array( 'server', 'gmt', 'blog' ) as $timezone ) { $data[] = "lastcommentmodified:$timezone"; } wp_cache_delete_multiple( $data, 'timeinfo' ); } clean_comment_cache( $id ); $comment = get_comment( $id ); // If metadata is provided, store it. if ( isset( $commentdata['comment_meta'] ) && is_array( $commentdata['comment_meta'] ) ) { foreach ( $commentdata['comment_meta'] as $meta_key => $meta_value ) { add_comment_meta( $comment->comment_ID, $meta_key, $meta_value, true ); } } /** * Fires immediately after a comment is inserted into the database. * * @since 2.8.0 * * @param int $id The comment ID. * @param WP_Comment $comment Comment object. */ do_action( 'wp_insert_comment', $id, $comment ); return $id; } /** * Filters and sanitizes comment data. * * Sets the comment data 'filtered' field to true when finished. This can be * checked as to whether the comment should be filtered and to keep from * filtering the same comment more than once. * * @since 2.0.0 * * @param array $commentdata Contains information on the comment. * @return array Parsed comment information. */ function wp_filter_comment( $commentdata ) { if ( isset( $commentdata['user_ID'] ) ) { /** * Filters the comment author's user ID before it is set. * * The first time this filter is evaluated, `user_ID` is checked * (for back-compat), followed by the standard `user_id` value. * * @since 1.5.0 * * @param int $user_id The comment author's user ID. */ $commentdata['user_id'] = apply_filters( 'pre_user_id', $commentdata['user_ID'] ); } elseif ( isset( $commentdata['user_id'] ) ) { /** This filter is documented in wp-includes/comment.php */ $commentdata['user_id'] = apply_filters( 'pre_user_id', $commentdata['user_id'] ); } /** * Filters the comment author's browser user agent before it is set. * * @since 1.5.0 * * @param string $comment_agent The comment author's browser user agent. */ $commentdata['comment_agent'] = apply_filters( 'pre_comment_user_agent', ( isset( $commentdata['comment_agent'] ) ? $commentdata['comment_agent'] : '' ) ); /** This filter is documented in wp-includes/comment.php */ $commentdata['comment_author'] = apply_filters( 'pre_comment_author_name', $commentdata['comment_author'] ); /** * Filters the comment content before it is set. * * @since 1.5.0 * * @param string $comment_content The comment content. */ $commentdata['comment_content'] = apply_filters( 'pre_comment_content', $commentdata['comment_content'] ); /** * Filters the comment author's IP address before it is set. * * @since 1.5.0 * * @param string $comment_author_ip The comment author's IP address. */ $commentdata['comment_author_IP'] = apply_filters( 'pre_comment_user_ip', $commentdata['comment_author_IP'] ); /** This filter is documented in wp-includes/comment.php */ $commentdata['comment_author_url'] = apply_filters( 'pre_comment_author_url', $commentdata['comment_author_url'] ); /** This filter is documented in wp-includes/comment.php */ $commentdata['comment_author_email'] = apply_filters( 'pre_comment_author_email', $commentdata['comment_author_email'] ); $commentdata['filtered'] = true; return $commentdata; } /** * Determines whether a comment should be blocked because of comment flood. * * @since 2.1.0 * * @param bool $block Whether plugin has already blocked comment. * @param int $time_lastcomment Timestamp for last comment. * @param int $time_newcomment Timestamp for new comment. * @return bool Whether comment should be blocked. */ function wp_throttle_comment_flood( $block, $time_lastcomment, $time_newcomment ) { if ( $block ) { // A plugin has already blocked... we'll let that decision stand. return $block; } if ( ( $time_newcomment - $time_lastcomment ) < 15 ) { return true; } return false; } /** * Adds a new comment to the database. * * Filters new comment to ensure that the fields are sanitized and valid before * inserting comment into database. Calls {@see 'comment_post'} action with comment ID * and whether comment is approved by WordPress. Also has {@see 'preprocess_comment'} * filter for processing the comment data before the function handles it. * * We use `REMOTE_ADDR` here directly. If you are behind a proxy, you should ensure * that it is properly set, such as in wp-config.php, for your environment. * * See {@link https://core.trac.wordpress.org/ticket/9235} * * @since 1.5.0 * @since 4.3.0 Introduced the `comment_agent` and `comment_author_IP` arguments. * @since 4.7.0 The `$avoid_die` parameter was added, allowing the function * to return a WP_Error object instead of dying. * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. * @since 5.5.0 Introduced the `comment_type` argument. * * @see wp_insert_comment() * @global wpdb $wpdb WordPress database abstraction object. * * @param array $commentdata { * Comment data. * * @type string $comment_author The name of the comment author. * @type string $comment_author_email The comment author email address. * @type string $comment_author_url The comment author URL. * @type string $comment_content The content of the comment. * @type string $comment_date The date the comment was submitted. Default is the current time. * @type string $comment_date_gmt The date the comment was submitted in the GMT timezone. * Default is `$comment_date` in the GMT timezone. * @type string $comment_type Comment type. Default 'comment'. * @type int $comment_parent The ID of this comment's parent, if any. Default 0. * @type int $comment_post_ID The ID of the post that relates to the comment. * @type int $user_id The ID of the user who submitted the comment. Default 0. * @type int $user_ID Kept for backward-compatibility. Use `$user_id` instead. * @type string $comment_agent Comment author user agent. Default is the value of 'HTTP_USER_AGENT' * in the `$_SERVER` superglobal sent in the original request. * @type string $comment_author_IP Comment author IP address in IPv4 format. Default is the value of * 'REMOTE_ADDR' in the `$_SERVER` superglobal sent in the original request. * } * @param bool $wp_error Should errors be returned as WP_Error objects instead of * executing wp_die()? Default false. * @return int|false|WP_Error The ID of the comment on success, false or WP_Error on failure. */ function wp_new_comment( $commentdata, $wp_error = false ) { global $wpdb; /* * Normalize `user_ID` to `user_id`, but pass the old key * to the `preprocess_comment` filter for backward compatibility. */ if ( isset( $commentdata['user_ID'] ) ) { $commentdata['user_ID'] = (int) $commentdata['user_ID']; $commentdata['user_id'] = $commentdata['user_ID']; } elseif ( isset( $commentdata['user_id'] ) ) { $commentdata['user_id'] = (int) $commentdata['user_id']; $commentdata['user_ID'] = $commentdata['user_id']; } $prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0; if ( ! isset( $commentdata['comment_author_IP'] ) ) { $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; } if ( ! isset( $commentdata['comment_agent'] ) ) { $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : ''; } /** * Filters a comment's data before it is sanitized and inserted into the database. * * @since 1.5.0 * @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values. * * @param array $commentdata Comment data. */ $commentdata = apply_filters( 'preprocess_comment', $commentdata ); $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; // Normalize `user_ID` to `user_id` again, after the filter. if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) { $commentdata['user_ID'] = (int) $commentdata['user_ID']; $commentdata['user_id'] = $commentdata['user_ID']; } elseif ( isset( $commentdata['user_id'] ) ) { $commentdata['user_id'] = (int) $commentdata['user_id']; $commentdata['user_ID'] = $commentdata['user_id']; } $commentdata['comment_parent'] = isset( $commentdata['comment_parent'] ) ? absint( $commentdata['comment_parent'] ) : 0; $parent_status = ( $commentdata['comment_parent'] > 0 ) ? wp_get_comment_status( $commentdata['comment_parent'] ) : ''; $commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0; $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] ); $commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 ); if ( empty( $commentdata['comment_date'] ) ) { $commentdata['comment_date'] = current_time( 'mysql' ); } if ( empty( $commentdata['comment_date_gmt'] ) ) { $commentdata['comment_date_gmt'] = current_time( 'mysql', 1 ); } if ( empty( $commentdata['comment_type'] ) ) { $commentdata['comment_type'] = 'comment'; } $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); if ( is_wp_error( $commentdata['comment_approved'] ) ) { return $commentdata['comment_approved']; } $commentdata = wp_filter_comment( $commentdata ); if ( ! in_array( $commentdata['comment_approved'], array( 'trash', 'spam' ), true ) ) { // Validate the comment again after filters are applied to comment data. $commentdata['comment_approved'] = wp_check_comment_data( $commentdata ); } if ( is_wp_error( $commentdata['comment_approved'] ) ) { return $commentdata['comment_approved']; } $comment_id = wp_insert_comment( $commentdata ); if ( ! $comment_id ) { $fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' ); foreach ( $fields as $field ) { if ( isset( $commentdata[ $field ] ) ) { $commentdata[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] ); } } $commentdata = wp_filter_comment( $commentdata ); $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); if ( is_wp_error( $commentdata['comment_approved'] ) ) { return $commentdata['comment_approved']; } $comment_id = wp_insert_comment( $commentdata ); if ( ! $comment_id ) { return false; } } /** * Fires immediately after a comment is inserted into the database. * * @since 1.2.0 * @since 4.5.0 The `$commentdata` parameter was added. * * @param int $comment_id The comment ID. * @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam. * @param array $commentdata Comment data. */ do_action( 'comment_post', $comment_id, $commentdata['comment_approved'], $commentdata ); return $comment_id; } /** * Sends a comment moderation notification to the comment moderator. * * @since 4.4.0 * * @param int $comment_id ID of the comment. * @return bool True on success, false on failure. */ function wp_new_comment_notify_moderator( $comment_id ) { $comment = get_comment( $comment_id ); // Only send notifications for pending comments. $maybe_notify = ( '0' == $comment->comment_approved ); /** This filter is documented in wp-includes/pluggable.php */ $maybe_notify = apply_filters( 'notify_moderator', $maybe_notify, $comment_id ); if ( ! $maybe_notify ) { return false; } return wp_notify_moderator( $comment_id ); } /** * Sends a notification of a new comment to the post author. * * @since 4.4.0 * * Uses the {@see 'notify_post_author'} filter to determine whether the post author * should be notified when a new comment is added, overriding site setting. * * @param int $comment_id Comment ID. * @return bool True on success, false on failure. */ function wp_new_comment_notify_postauthor( $comment_id ) { $comment = get_comment( $comment_id ); $maybe_notify = get_option( 'comments_notify' ); /** * Filters whether to send the post author new comment notification emails, * overriding the site setting. * * @since 4.4.0 * * @param bool $maybe_notify Whether to notify the post author about the new comment. * @param int $comment_id The ID of the comment for the notification. */ $maybe_notify = apply_filters( 'notify_post_author', $maybe_notify, $comment_id ); /* * wp_notify_postauthor() checks if notifying the author of their own comment. * By default, it won't, but filters can override this. */ if ( ! $maybe_notify ) { return false; } // Only send notifications for approved comments. if ( ! isset( $comment->comment_approved ) || '1' != $comment->comment_approved ) { return false; } return wp_notify_postauthor( $comment_id ); } /** * Sets the status of a comment. * * The {@see 'wp_set_comment_status'} action is called after the comment is handled. * If the comment status is not in the list, then false is returned. * * @since 1.0.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. * @param string $comment_status New comment status, either 'hold', 'approve', 'spam', or 'trash'. * @param bool $wp_error Whether to return a WP_Error object if there is a failure. Default false. * @return bool|WP_Error True on success, false or WP_Error on failure. */ function wp_set_comment_status( $comment_id, $comment_status, $wp_error = false ) { global $wpdb; switch ( $comment_status ) { case 'hold': case '0': $status = '0'; break; case 'approve': case '1': $status = '1'; add_action( 'wp_set_comment_status', 'wp_new_comment_notify_postauthor' ); break; case 'spam': $status = 'spam'; break; case 'trash': $status = 'trash'; break; default: return false; } $comment_old = clone get_comment( $comment_id ); if ( ! $wpdb->update( $wpdb->comments, array( 'comment_approved' => $status ), array( 'comment_ID' => $comment_old->comment_ID ) ) ) { if ( $wp_error ) { return new WP_Error( 'db_update_error', __( 'Could not update comment status.' ), $wpdb->last_error ); } else { return false; } } clean_comment_cache( $comment_old->comment_ID ); $comment = get_comment( $comment_old->comment_ID ); /** * Fires immediately after transitioning a comment's status from one to another in the database * and removing the comment from the object cache, but prior to all status transition hooks. * * @since 1.5.0 * * @param string $comment_id Comment ID as a numeric string. * @param string $comment_status Current comment status. Possible values include * 'hold', '0', 'approve', '1', 'spam', and 'trash'. */ do_action( 'wp_set_comment_status', $comment->comment_ID, $comment_status ); wp_transition_comment_status( $comment_status, $comment_old->comment_approved, $comment ); wp_update_comment_count( $comment->comment_post_ID ); return true; } /** * Updates an existing comment in the database. * * Filters the comment and makes sure certain fields are valid before updating. * * @since 2.0.0 * @since 4.9.0 Add updating comment meta during comment update. * @since 5.5.0 The `$wp_error` parameter was added. * @since 5.5.0 The return values for an invalid comment or post ID * were changed to false instead of 0. * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $commentarr Contains information on the comment. * @param bool $wp_error Optional. Whether to return a WP_Error on failure. Default false. * @return int|false|WP_Error The value 1 if the comment was updated, 0 if not updated. * False or a WP_Error object on failure. */ function wp_update_comment( $commentarr, $wp_error = false ) { global $wpdb; // First, get all of the original fields. $comment = get_comment( $commentarr['comment_ID'], ARRAY_A ); if ( empty( $comment ) ) { if ( $wp_error ) { return new WP_Error( 'invalid_comment_id', __( 'Invalid comment ID.' ) ); } else { return false; } } // Make sure that the comment post ID is valid (if specified). if ( ! empty( $commentarr['comment_post_ID'] ) && ! get_post( $commentarr['comment_post_ID'] ) ) { if ( $wp_error ) { return new WP_Error( 'invalid_post_id', __( 'Invalid post ID.' ) ); } else { return false; } } $filter_comment = false; if ( ! has_filter( 'pre_comment_content', 'wp_filter_kses' ) ) { $filter_comment = ! user_can( isset( $comment['user_id'] ) ? $comment['user_id'] : 0, 'unfiltered_html' ); } if ( $filter_comment ) { add_filter( 'pre_comment_content', 'wp_filter_kses' ); } // Escape data pulled from DB. $comment = wp_slash( $comment ); $old_status = $comment['comment_approved']; // Merge old and new fields with new fields overwriting old ones. $commentarr = array_merge( $comment, $commentarr ); $commentarr = wp_filter_comment( $commentarr ); if ( $filter_comment ) { remove_filter( 'pre_comment_content', 'wp_filter_kses' ); } // Now extract the merged array. $data = wp_unslash( $commentarr ); /** * Filters the comment content before it is updated in the database. * * @since 1.5.0 * * @param string $comment_content The comment data. */ $data['comment_content'] = apply_filters( 'comment_save_pre', $data['comment_content'] ); $data['comment_date_gmt'] = get_gmt_from_date( $data['comment_date'] ); if ( ! isset( $data['comment_approved'] ) ) { $data['comment_approved'] = 1; } elseif ( 'hold' === $data['comment_approved'] ) { $data['comment_approved'] = 0; } elseif ( 'approve' === $data['comment_approved'] ) { $data['comment_approved'] = 1; } $comment_id = $data['comment_ID']; $comment_post_id = $data['comment_post_ID']; /** * Filters the comment data immediately before it is updated in the database. * * Note: data being passed to the filter is already unslashed. * * @since 4.7.0 * @since 5.5.0 Returning a WP_Error value from the filter will short-circuit comment update * and allow skipping further processing. * * @param array|WP_Error $data The new, processed comment data, or WP_Error. * @param array $comment The old, unslashed comment data. * @param array $commentarr The new, raw comment data. */ $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr ); // Do not carry on on failure. if ( is_wp_error( $data ) ) { if ( $wp_error ) { return $data; } else { return false; } } $keys = array( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_author_IP', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_karma', 'comment_approved', 'comment_agent', 'comment_type', 'comment_parent', 'user_id', ); $data = wp_array_slice_assoc( $data, $keys ); $result = $wpdb->update( $wpdb->comments, $data, array( 'comment_ID' => $comment_id ) ); if ( false === $result ) { if ( $wp_error ) { return new WP_Error( 'db_update_error', __( 'Could not update comment in the database.' ), $wpdb->last_error ); } else { return false; } } // If metadata is provided, store it. if ( isset( $commentarr['comment_meta'] ) && is_array( $commentarr['comment_meta'] ) ) { foreach ( $commentarr['comment_meta'] as $meta_key => $meta_value ) { update_comment_meta( $comment_id, $meta_key, $meta_value ); } } clean_comment_cache( $comment_id ); wp_update_comment_count( $comment_post_id ); /** * Fires immediately after a comment is updated in the database. * * The hook also fires immediately before comment status transition hooks are fired. * * @since 1.2.0 * @since 4.6.0 Added the `$data` parameter. * * @param int $comment_id The comment ID. * @param array $data Comment data. */ do_action( 'edit_comment', $comment_id, $data ); $comment = get_comment( $comment_id ); wp_transition_comment_status( $comment->comment_approved, $old_status, $comment ); return $result; } /** * Determines whether to defer comment counting. * * When setting $defer to true, all post comment counts will not be updated * until $defer is set to false. When $defer is set to false, then all * previously deferred updated post comment counts will then be automatically * updated without having to call wp_update_comment_count() after. * * @since 2.5.0 * * @param bool $defer * @return bool */ function wp_defer_comment_counting( $defer = null ) { static $_defer = false; if ( is_bool( $defer ) ) { $_defer = $defer; // Flush any deferred counts. if ( ! $defer ) { wp_update_comment_count( null, true ); } } return $_defer; } /** * Updates the comment count for post(s). * * When $do_deferred is false (is by default) and the comments have been set to * be deferred, the post_id will be added to a queue, which will be updated at a * later date and only updated once per post ID. * * If the comments have not be set up to be deferred, then the post will be * updated. When $do_deferred is set to true, then all previous deferred post * IDs will be updated along with the current $post_id. * * @since 2.1.0 * * @see wp_update_comment_count_now() For what could cause a false return value * * @param int|null $post_id Post ID. * @param bool $do_deferred Optional. Whether to process previously deferred * post comment counts. Default false. * @return bool|void True on success, false on failure or if post with ID does * not exist. */ function wp_update_comment_count( $post_id, $do_deferred = false ) { static $_deferred = array(); if ( empty( $post_id ) && ! $do_deferred ) { return false; } if ( $do_deferred ) { $_deferred = array_unique( $_deferred ); foreach ( $_deferred as $i => $_post_id ) { wp_update_comment_count_now( $_post_id ); unset( $_deferred[ $i ] ); /** @todo Move this outside of the foreach and reset $_deferred to an array instead */ } } if ( wp_defer_comment_counting() ) { $_deferred[] = $post_id; return true; } elseif ( $post_id ) { return wp_update_comment_count_now( $post_id ); } } /** * Updates the comment count for the post. * * @since 2.5.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $post_id Post ID * @return bool True on success, false if the post does not exist. */ function wp_update_comment_count_now( $post_id ) { global $wpdb; $post_id = (int) $post_id; if ( ! $post_id ) { return false; } wp_cache_delete( 'comments-0', 'counts' ); wp_cache_delete( "comments-{$post_id}", 'counts' ); $post = get_post( $post_id ); if ( ! $post ) { return false; } $old = (int) $post->comment_count; /** * Filters a post's comment count before it is updated in the database. * * @since 4.5.0 * * @param int|null $new The new comment count. Default null. * @param int $old The old comment count. * @param int $post_id Post ID. */ $new = apply_filters( 'pre_wp_update_comment_count_now', null, $old, $post_id ); if ( is_null( $new ) ) { $new = (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1'", $post_id ) ); } else { $new = (int) $new; } $wpdb->update( $wpdb->posts, array( 'comment_count' => $new ), array( 'ID' => $post_id ) ); clean_post_cache( $post ); /** * Fires immediately after a post's comment count is updated in the database. * * @since 2.3.0 * * @param int $post_id Post ID. * @param int $new The new comment count. * @param int $old The old comment count. */ do_action( 'wp_update_comment_count', $post_id, $new, $old ); /** This action is documented in wp-includes/post.php */ do_action( "edit_post_{$post->post_type}", $post_id, $post ); /** This action is documented in wp-includes/post.php */ do_action( 'edit_post', $post_id, $post ); return true; } // // Ping and trackback functions. // /** * Finds a pingback server URI based on the given URL. * * Checks the HTML for the rel="pingback" link and X-Pingback headers. It does * a check for the X-Pingback headers first and returns that, if available. * The check for the rel="pingback" has more overhead than just the header. * * @since 1.5.0 * * @param string $url URL to ping. * @param string $deprecated Not Used. * @return string|false String containing URI on success, false on failure. */ function discover_pingback_server_uri( $url, $deprecated = '' ) { if ( ! empty( $deprecated ) ) { _deprecated_argument( __FUNCTION__, '2.7.0' ); } $pingback_str_dquote = 'rel="pingback"'; $pingback_str_squote = 'rel=\'pingback\''; /** @todo Should use Filter Extension or custom preg_match instead. */ $parsed_url = parse_url( $url ); if ( ! isset( $parsed_url['host'] ) ) { // Not a URL. This should never happen. return false; } // Do not search for a pingback server on our own uploads. $uploads_dir = wp_get_upload_dir(); if ( str_starts_with( $url, $uploads_dir['baseurl'] ) ) { return false; } $response = wp_safe_remote_head( $url, array( 'timeout' => 2, 'httpversion' => '1.0', ) ); if ( is_wp_error( $response ) ) { return false; } if ( wp_remote_retrieve_header( $response, 'X-Pingback' ) ) { return wp_remote_retrieve_header( $response, 'X-Pingback' ); } // Not an (x)html, sgml, or xml page, no use going further. if ( preg_match( '#(image|audio|video|model)/#is', wp_remote_retrieve_header( $response, 'Content-Type' ) ) ) { return false; } // Now do a GET since we're going to look in the HTML headers (and we're sure it's not a binary file). $response = wp_safe_remote_get( $url, array( 'timeout' => 2, 'httpversion' => '1.0', ) ); if ( is_wp_error( $response ) ) { return false; } $contents = wp_remote_retrieve_body( $response ); $pingback_link_offset_dquote = strpos( $contents, $pingback_str_dquote ); $pingback_link_offset_squote = strpos( $contents, $pingback_str_squote ); if ( $pingback_link_offset_dquote || $pingback_link_offset_squote ) { $quote = ( $pingback_link_offset_dquote ) ? '"' : '\''; $pingback_link_offset = ( '"' === $quote ) ? $pingback_link_offset_dquote : $pingback_link_offset_squote; $pingback_href_pos = strpos( $contents, 'href=', $pingback_link_offset ); $pingback_href_start = $pingback_href_pos + 6; $pingback_href_end = strpos( $contents, $quote, $pingback_href_start ); $pingback_server_url_len = $pingback_href_end - $pingback_href_start; $pingback_server_url = substr( $contents, $pingback_href_start, $pingback_server_url_len ); // We may find rel="pingback" but an incomplete pingback URL. if ( $pingback_server_url_len > 0 ) { // We got it! return $pingback_server_url; } } return false; } /** * Performs all pingbacks, enclosures, trackbacks, and sends to pingback services. * * @since 2.1.0 * @since 5.6.0 Introduced `do_all_pings` action hook for individual services. */ function do_all_pings() { /** * Fires immediately after the `do_pings` event to hook services individually. * * @since 5.6.0 */ do_action( 'do_all_pings' ); } /** * Performs all pingbacks. * * @since 5.6.0 */ function do_all_pingbacks() { $pings = get_posts( array( 'post_type' => get_post_types(), 'suppress_filters' => false, 'nopaging' => true, 'meta_key' => '_pingme', 'fields' => 'ids', ) ); foreach ( $pings as $ping ) { delete_post_meta( $ping, '_pingme' ); pingback( null, $ping ); } } /** * Performs all enclosures. * * @since 5.6.0 */ function do_all_enclosures() { $enclosures = get_posts( array( 'post_type' => get_post_types(), 'suppress_filters' => false, 'nopaging' => true, 'meta_key' => '_encloseme', 'fields' => 'ids', ) ); foreach ( $enclosures as $enclosure ) { delete_post_meta( $enclosure, '_encloseme' ); do_enclose( null, $enclosure ); } } /** * Performs all trackbacks. * * @since 5.6.0 */ function do_all_trackbacks() { $trackbacks = get_posts( array( 'post_type' => get_post_types(), 'suppress_filters' => false, 'nopaging' => true, 'meta_key' => '_trackbackme', 'fields' => 'ids', ) ); foreach ( $trackbacks as $trackback ) { delete_post_meta( $trackback, '_trackbackme' ); do_trackbacks( $trackback ); } } /** * Performs trackbacks. * * @since 1.5.0 * @since 4.7.0 `$post` can be a WP_Post object. * * @global wpdb $wpdb WordPress database abstraction object. * * @param int|WP_Post $post Post ID or object to do trackbacks on. * @return void|false Returns false on failure. */ function do_trackbacks( $post ) { global $wpdb; $post = get_post( $post ); if ( ! $post ) { return false; } $to_ping = get_to_ping( $post ); $pinged = get_pung( $post ); if ( empty( $to_ping ) ) { $wpdb->update( $wpdb->posts, array( 'to_ping' => '' ), array( 'ID' => $post->ID ) ); return; } if ( empty( $post->post_excerpt ) ) { /** This filter is documented in wp-includes/post-template.php */ $excerpt = apply_filters( 'the_content', $post->post_content, $post->ID ); } else { /** This filter is documented in wp-includes/post-template.php */ $excerpt = apply_filters( 'the_excerpt', $post->post_excerpt ); } $excerpt = str_replace( ']]>', ']]>', $excerpt ); $excerpt = wp_html_excerpt( $excerpt, 252, '…' ); /** This filter is documented in wp-includes/post-template.php */ $post_title = apply_filters( 'the_title', $post->post_title, $post->ID ); $post_title = strip_tags( $post_title ); if ( $to_ping ) { foreach ( (array) $to_ping as $tb_ping ) { $tb_ping = trim( $tb_ping ); if ( ! in_array( $tb_ping, $pinged, true ) ) { trackback( $tb_ping, $post_title, $excerpt, $post->ID ); $pinged[] = $tb_ping; } else { $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $tb_ping, $post->ID ) ); } } } } /** * Sends pings to all of the ping site services. * * @since 1.2.0 * * @param int $post_id Post ID. * @return int Same post ID as provided. */ function generic_ping( $post_id = 0 ) { $services = get_option( 'ping_sites' ); $services = explode( "\n", $services ); foreach ( (array) $services as $service ) { $service = trim( $service ); if ( '' !== $service ) { weblog_ping( $service ); } } return $post_id; } /** * Pings back the links found in a post. * * @since 0.71 * @since 4.7.0 `$post` can be a WP_Post object. * * @param string $content Post content to check for links. If empty will retrieve from post. * @param int|WP_Post $post Post ID or object. */ function pingback( $content, $post ) { require_once ABSPATH . WPINC . '/class-IXR.php'; require_once ABSPATH . WPINC . '/class-wp-http-ixr-client.php'; // Original code by Mort (http://mort.mine.nu:8080). $post_links = array(); $post = get_post( $post ); if ( ! $post ) { return; } $pung = get_pung( $post ); if ( empty( $content ) ) { $content = $post->post_content; } /* * Step 1. * Parsing the post, external links (if any) are stored in the $post_links array. */ $post_links_temp = wp_extract_urls( $content ); /* * Step 2. * Walking through the links array. * First we get rid of links pointing to sites, not to specific files. * Example: * http://dummy-weblog.org * http://dummy-weblog.org/ * http://dummy-weblog.org/post.php * We don't wanna ping first and second types, even if they have a valid . */ foreach ( (array) $post_links_temp as $link_test ) { // If we haven't pung it already and it isn't a link to itself. if ( ! in_array( $link_test, $pung, true ) && ( url_to_postid( $link_test ) != $post->ID ) // Also, let's never ping local attachments. && ! is_local_attachment( $link_test ) ) { $test = parse_url( $link_test ); if ( $test ) { if ( isset( $test['query'] ) ) { $post_links[] = $link_test; } elseif ( isset( $test['path'] ) && ( '/' !== $test['path'] ) && ( '' !== $test['path'] ) ) { $post_links[] = $link_test; } } } } $post_links = array_unique( $post_links ); /** * Fires just before pinging back links found in a post. * * @since 2.0.0 * * @param string[] $post_links Array of link URLs to be checked (passed by reference). * @param string[] $pung Array of link URLs already pinged (passed by reference). * @param int $post_id The post ID. */ do_action_ref_array( 'pre_ping', array( &$post_links, &$pung, $post->ID ) ); foreach ( (array) $post_links as $pagelinkedto ) { $pingback_server_url = discover_pingback_server_uri( $pagelinkedto ); if ( $pingback_server_url ) { if ( function_exists( 'set_time_limit' ) ) { // Allows an additional 60 seconds for each pingback to complete. set_time_limit( 60 ); } // Now, the RPC call. $pagelinkedfrom = get_permalink( $post ); // Using a timeout of 3 seconds should be enough to cover slow servers. $client = new WP_HTTP_IXR_Client( $pingback_server_url ); $client->timeout = 3; /** * Filters the user agent sent when pinging-back a URL. * * @since 2.9.0 * * @param string $concat_useragent The user agent concatenated with ' -- WordPress/' * and the WordPress version. * @param string $useragent The useragent. * @param string $pingback_server_url The server URL being linked to. * @param string $pagelinkedto URL of page linked to. * @param string $pagelinkedfrom URL of page linked from. */ $client->useragent = apply_filters( 'pingback_useragent', $client->useragent . ' -- WordPress/' . get_bloginfo( 'version' ), $client->useragent, $pingback_server_url, $pagelinkedto, $pagelinkedfrom ); // When set to true, this outputs debug messages by itself. $client->debug = false; if ( $client->query( 'pingback.ping', $pagelinkedfrom, $pagelinkedto ) || ( isset( $client->error->code ) && 48 == $client->error->code ) ) { // Already registered. add_ping( $post, $pagelinkedto ); } } } } /** * Checks whether blog is public before returning sites. * * @since 2.1.0 * * @param mixed $sites Will return if blog is public, will not return if not public. * @return mixed Empty string if blog is not public, returns $sites, if site is public. */ function privacy_ping_filter( $sites ) { if ( '0' != get_option( 'blog_public' ) ) { return $sites; } else { return ''; } } /** * Sends a Trackback. * * Updates database when sending trackback to prevent duplicates. * * @since 0.71 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $trackback_url URL to send trackbacks. * @param string $title Title of post. * @param string $excerpt Excerpt of post. * @param int $post_id Post ID. * @return int|false|void Database query from update. */ function trackback( $trackback_url, $title, $excerpt, $post_id ) { global $wpdb; if ( empty( $trackback_url ) ) { return; } $options = array(); $options['timeout'] = 10; $options['body'] = array( 'title' => $title, 'url' => get_permalink( $post_id ), 'blog_name' => get_option( 'blogname' ), 'excerpt' => $excerpt, ); $response = wp_safe_remote_post( $trackback_url, $options ); if ( is_wp_error( $response ) ) { return; } $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET pinged = CONCAT(pinged, '\n', %s) WHERE ID = %d", $trackback_url, $post_id ) ); return $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $trackback_url, $post_id ) ); } /** * Sends a pingback. * * @since 1.2.0 * * @param string $server Host of blog to connect to. * @param string $path Path to send the ping. */ function weblog_ping( $server = '', $path = '' ) { require_once ABSPATH . WPINC . '/class-IXR.php'; require_once ABSPATH . WPINC . '/class-wp-http-ixr-client.php'; // Using a timeout of 3 seconds should be enough to cover slow servers. $client = new WP_HTTP_IXR_Client( $server, ( ( ! strlen( trim( $path ) ) || ( '/' === $path ) ) ? false : $path ) ); $client->timeout = 3; $client->useragent .= ' -- WordPress/' . get_bloginfo( 'version' ); // When set to true, this outputs debug messages by itself. $client->debug = false; $home = trailingslashit( home_url() ); if ( ! $client->query( 'weblogUpdates.extendedPing', get_option( 'blogname' ), $home, get_bloginfo( 'rss2_url' ) ) ) { // Then try a normal ping. $client->query( 'weblogUpdates.ping', get_option( 'blogname' ), $home ); } } /** * Default filter attached to pingback_ping_source_uri to validate the pingback's Source URI. * * @since 3.5.1 * * @see wp_http_validate_url() * * @param string $source_uri * @return string */ function pingback_ping_source_uri( $source_uri ) { return (string) wp_http_validate_url( $source_uri ); } /** * Default filter attached to xmlrpc_pingback_error. * * Returns a generic pingback error code unless the error code is 48, * which reports that the pingback is already registered. * * @since 3.5.1 * * @link https://www.hixie.ch/specs/pingback/pingback#TOC3 * * @param IXR_Error $ixr_error * @return IXR_Error */ function xmlrpc_pingback_error( $ixr_error ) { if ( 48 === $ixr_error->code ) { return $ixr_error; } return new IXR_Error( 0, '' ); } // // Cache. // /** * Removes a comment from the object cache. * * @since 2.3.0 * * @param int|array $ids Comment ID or an array of comment IDs to remove from cache. */ function clean_comment_cache( $ids ) { $comment_ids = (array) $ids; wp_cache_delete_multiple( $comment_ids, 'comment' ); foreach ( $comment_ids as $id ) { /** * Fires immediately after a comment has been removed from the object cache. * * @since 4.5.0 * * @param int $id Comment ID. */ do_action( 'clean_comment_cache', $id ); } wp_cache_set_comments_last_changed(); } /** * Updates the comment cache of given comments. * * Will add the comments in $comments to the cache. If comment ID already exists * in the comment cache then it will not be updated. The comment is added to the * cache using the comment group with the key using the ID of the comments. * * @since 2.3.0 * @since 4.4.0 Introduced the `$update_meta_cache` parameter. * * @param WP_Comment[] $comments Array of comment objects * @param bool $update_meta_cache Whether to update commentmeta cache. Default true. */ function update_comment_cache( $comments, $update_meta_cache = true ) { $data = array(); foreach ( (array) $comments as $comment ) { $data[ $comment->comment_ID ] = $comment; } wp_cache_add_multiple( $data, 'comment' ); if ( $update_meta_cache ) { // Avoid `wp_list_pluck()` in case `$comments` is passed by reference. $comment_ids = array(); foreach ( $comments as $comment ) { $comment_ids[] = $comment->comment_ID; } update_meta_cache( 'comment', $comment_ids ); } } /** * Adds any comments from the given IDs to the cache that do not already exist in cache. * * @since 4.4.0 * @since 6.1.0 This function is no longer marked as "private". * @since 6.3.0 Use wp_lazyload_comment_meta() for lazy-loading of comment meta. * * @see update_comment_cache() * @global wpdb $wpdb WordPress database abstraction object. * * @param int[] $comment_ids Array of comment IDs. * @param bool $update_meta_cache Optional. Whether to update the meta cache. Default true. */ function _prime_comment_caches( $comment_ids, $update_meta_cache = true ) { global $wpdb; $non_cached_ids = _get_non_cached_ids( $comment_ids, 'comment' ); if ( ! empty( $non_cached_ids ) ) { $fresh_comments = $wpdb->get_results( sprintf( "SELECT $wpdb->comments.* FROM $wpdb->comments WHERE comment_ID IN (%s)", implode( ',', array_map( 'intval', $non_cached_ids ) ) ) ); update_comment_cache( $fresh_comments, false ); } if ( $update_meta_cache ) { wp_lazyload_comment_meta( $comment_ids ); } } // // Internal. // /** * Closes comments on old posts on the fly, without any extra DB queries. Hooked to the_posts. * * @since 2.7.0 * @access private * * @param WP_Post $posts Post data object. * @param WP_Query $query Query object. * @return array */ function _close_comments_for_old_posts( $posts, $query ) { if ( empty( $posts ) || ! $query->is_singular() || ! get_option( 'close_comments_for_old_posts' ) ) { return $posts; } /** * Filters the list of post types to automatically close comments for. * * @since 3.2.0 * * @param string[] $post_types An array of post type names. */ $post_types = apply_filters( 'close_comments_for_post_types', array( 'post' ) ); if ( ! in_array( $posts[0]->post_type, $post_types, true ) ) { return $posts; } $days_old = (int) get_option( 'close_comments_days_old' ); if ( ! $days_old ) { return $posts; } if ( time() - strtotime( $posts[0]->post_date_gmt ) > ( $days_old * DAY_IN_SECONDS ) ) { $posts[0]->comment_status = 'closed'; $posts[0]->ping_status = 'closed'; } return $posts; } /** * Closes comments on an old post. Hooked to comments_open and pings_open. * * @since 2.7.0 * @access private * * @param bool $open Comments open or closed. * @param int $post_id Post ID. * @return bool $open */ function _close_comments_for_old_post( $open, $post_id ) { if ( ! $open ) { return $open; } if ( ! get_option( 'close_comments_for_old_posts' ) ) { return $open; } $days_old = (int) get_option( 'close_comments_days_old' ); if ( ! $days_old ) { return $open; } $post = get_post( $post_id ); /** This filter is documented in wp-includes/comment.php */ $post_types = apply_filters( 'close_comments_for_post_types', array( 'post' ) ); if ( ! in_array( $post->post_type, $post_types, true ) ) { return $open; } // Undated drafts should not show up as comments closed. if ( '0000-00-00 00:00:00' === $post->post_date_gmt ) { return $open; } if ( time() - strtotime( $post->post_date_gmt ) > ( $days_old * DAY_IN_SECONDS ) ) { return false; } return $open; } /** * Handles the submission of a comment, usually posted to wp-comments-post.php via a comment form. * * This function expects unslashed data, as opposed to functions such as `wp_new_comment()` which * expect slashed data. * * @since 4.4.0 * * @param array $comment_data { * Comment data. * * @type string|int $comment_post_ID The ID of the post that relates to the comment. * @type string $author The name of the comment author. * @type string $email The comment author email address. * @type string $url The comment author URL. * @type string $comment The content of the comment. * @type string|int $comment_parent The ID of this comment's parent, if any. Default 0. * @type string $_wp_unfiltered_html_comment The nonce value for allowing unfiltered HTML. * } * @return WP_Comment|WP_Error A WP_Comment object on success, a WP_Error object on failure. */ function wp_handle_comment_submission( $comment_data ) { $comment_post_id = 0; $comment_author = ''; $comment_author_email = ''; $comment_author_url = ''; $comment_content = ''; $comment_parent = 0; $user_id = 0; if ( isset( $comment_data['comment_post_ID'] ) ) { $comment_post_id = (int) $comment_data['comment_post_ID']; } if ( isset( $comment_data['author'] ) && is_string( $comment_data['author'] ) ) { $comment_author = trim( strip_tags( $comment_data['author'] ) ); } if ( isset( $comment_data['email'] ) && is_string( $comment_data['email'] ) ) { $comment_author_email = trim( $comment_data['email'] ); } if ( isset( $comment_data['url'] ) && is_string( $comment_data['url'] ) ) { $comment_author_url = trim( $comment_data['url'] ); } if ( isset( $comment_data['comment'] ) && is_string( $comment_data['comment'] ) ) { $comment_content = trim( $comment_data['comment'] ); } if ( isset( $comment_data['comment_parent'] ) ) { $comment_parent = absint( $comment_data['comment_parent'] ); $comment_parent_object = get_comment( $comment_parent ); if ( 0 !== $comment_parent && ( ! $comment_parent_object instanceof WP_Comment || 0 === (int) $comment_parent_object->comment_approved ) ) { /** * Fires when a comment reply is attempted to an unapproved comment. * * @since 6.2.0 * * @param int $comment_post_id Post ID. * @param int $comment_parent Parent comment ID. */ do_action( 'comment_reply_to_unapproved_comment', $comment_post_id, $comment_parent ); return new WP_Error( 'comment_reply_to_unapproved_comment', __( 'Sorry, replies to unapproved comments are not allowed.' ), 403 ); } } $post = get_post( $comment_post_id ); if ( empty( $post->comment_status ) ) { /** * Fires when a comment is attempted on a post that does not exist. * * @since 1.5.0 * * @param int $comment_post_id Post ID. */ do_action( 'comment_id_not_found', $comment_post_id ); return new WP_Error( 'comment_id_not_found' ); } // get_post_status() will get the parent status for attachments. $status = get_post_status( $post ); if ( ( 'private' === $status ) && ! current_user_can( 'read_post', $comment_post_id ) ) { return new WP_Error( 'comment_id_not_found' ); } $status_obj = get_post_status_object( $status ); if ( ! comments_open( $comment_post_id ) ) { /** * Fires when a comment is attempted on a post that has comments closed. * * @since 1.5.0 * * @param int $comment_post_id Post ID. */ do_action( 'comment_closed', $comment_post_id ); return new WP_Error( 'comment_closed', __( 'Sorry, comments are closed for this item.' ), 403 ); } elseif ( 'trash' === $status ) { /** * Fires when a comment is attempted on a trashed post. * * @since 2.9.0 * * @param int $comment_post_id Post ID. */ do_action( 'comment_on_trash', $comment_post_id ); return new WP_Error( 'comment_on_trash' ); } elseif ( ! $status_obj->public && ! $status_obj->private ) { /** * Fires when a comment is attempted on a post in draft mode. * * @since 1.5.1 * * @param int $comment_post_id Post ID. */ do_action( 'comment_on_draft', $comment_post_id ); if ( current_user_can( 'read_post', $comment_post_id ) ) { return new WP_Error( 'comment_on_draft', __( 'Sorry, comments are not allowed for this item.' ), 403 ); } else { return new WP_Error( 'comment_on_draft' ); } } elseif ( post_password_required( $comment_post_id ) ) { /** * Fires when a comment is attempted on a password-protected post. * * @since 2.9.0 * * @param int $comment_post_id Post ID. */ do_action( 'comment_on_password_protected', $comment_post_id ); return new WP_Error( 'comment_on_password_protected' ); } else { /** * Fires before a comment is posted. * * @since 2.8.0 * * @param int $comment_post_id Post ID. */ do_action( 'pre_comment_on_post', $comment_post_id ); } // If the user is logged in. $user = wp_get_current_user(); if ( $user->exists() ) { if ( empty( $user->display_name ) ) { $user->display_name = $user->user_login; } $comment_author = $user->display_name; $comment_author_email = $user->user_email; $comment_author_url = $user->user_url; $user_id = $user->ID; if ( current_user_can( 'unfiltered_html' ) ) { if ( ! isset( $comment_data['_wp_unfiltered_html_comment'] ) || ! wp_verify_nonce( $comment_data['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_id ) ) { kses_remove_filters(); // Start with a clean slate. kses_init_filters(); // Set up the filters. remove_filter( 'pre_comment_content', 'wp_filter_post_kses' ); add_filter( 'pre_comment_content', 'wp_filter_kses' ); } } } else { if ( get_option( 'comment_registration' ) ) { return new WP_Error( 'not_logged_in', __( 'Sorry, you must be logged in to comment.' ), 403 ); } } $comment_type = 'comment'; if ( get_option( 'require_name_email' ) && ! $user->exists() ) { if ( '' == $comment_author_email || '' == $comment_author ) { return new WP_Error( 'require_name_email', __( 'Error: Please fill the required fields.' ), 200 ); } elseif ( ! is_email( $comment_author_email ) ) { return new WP_Error( 'require_valid_email', __( 'Error: Please enter a valid email address.' ), 200 ); } } $commentdata = array( 'comment_post_ID' => $comment_post_id, ); $commentdata += compact( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_id' ); /** * Filters whether an empty comment should be allowed. * * @since 5.1.0 * * @param bool $allow_empty_comment Whether to allow empty comments. Default false. * @param array $commentdata Array of comment data to be sent to wp_insert_comment(). */ $allow_empty_comment = apply_filters( 'allow_empty_comment', false, $commentdata ); if ( '' === $comment_content && ! $allow_empty_comment ) { return new WP_Error( 'require_valid_comment', __( 'Error: Please type your comment text.' ), 200 ); } $check_max_lengths = wp_check_comment_data_max_lengths( $commentdata ); if ( is_wp_error( $check_max_lengths ) ) { return $check_max_lengths; } $comment_id = wp_new_comment( wp_slash( $commentdata ), true ); if ( is_wp_error( $comment_id ) ) { return $comment_id; } if ( ! $comment_id ) { return new WP_Error( 'comment_save_error', __( 'Error: The comment could not be saved. Please try again later.' ), 500 ); } return get_comment( $comment_id ); } /** * Registers the personal data exporter for comments. * * @since 4.9.6 * * @param array[] $exporters An array of personal data exporters. * @return array[] An array of personal data exporters. */ function wp_register_comment_personal_data_exporter( $exporters ) { $exporters['wordpress-comments'] = array( 'exporter_friendly_name' => __( 'WordPress Comments' ), 'callback' => 'wp_comments_personal_data_exporter', ); return $exporters; } /** * Finds and exports personal data associated with an email address from the comments table. * * @since 4.9.6 * * @param string $email_address The comment author email address. * @param int $page Comment page number. * @return array { * An array of personal data. * * @type array[] $data An array of personal data arrays. * @type bool $done Whether the exporter is finished. * } */ function wp_comments_personal_data_exporter( $email_address, $page = 1 ) { // Limit us to 500 comments at a time to avoid timing out. $number = 500; $page = (int) $page; $data_to_export = array(); $comments = get_comments( array( 'author_email' => $email_address, 'number' => $number, 'paged' => $page, 'orderby' => 'comment_ID', 'order' => 'ASC', 'update_comment_meta_cache' => false, ) ); $comment_prop_to_export = array( 'comment_author' => __( 'Comment Author' ), 'comment_author_email' => __( 'Comment Author Email' ), 'comment_author_url' => __( 'Comment Author URL' ), 'comment_author_IP' => __( 'Comment Author IP' ), 'comment_agent' => __( 'Comment Author User Agent' ), 'comment_date' => __( 'Comment Date' ), 'comment_content' => __( 'Comment Content' ), 'comment_link' => __( 'Comment URL' ), ); foreach ( (array) $comments as $comment ) { $comment_data_to_export = array(); foreach ( $comment_prop_to_export as $key => $name ) { $value = ''; switch ( $key ) { case 'comment_author': case 'comment_author_email': case 'comment_author_url': case 'comment_author_IP': case 'comment_agent': case 'comment_date': $value = $comment->{$key}; break; case 'comment_content': $value = get_comment_text( $comment->comment_ID ); break; case 'comment_link': $value = get_comment_link( $comment->comment_ID ); $value = sprintf( '%s', esc_url( $value ), esc_html( $value ) ); break; } if ( ! empty( $value ) ) { $comment_data_to_export[] = array( 'name' => $name, 'value' => $value, ); } } $data_to_export[] = array( 'group_id' => 'comments', 'group_label' => __( 'Comments' ), 'group_description' => __( 'User’s comment data.' ), 'item_id' => "comment-{$comment->comment_ID}", 'data' => $comment_data_to_export, ); } $done = count( $comments ) < $number; return array( 'data' => $data_to_export, 'done' => $done, ); } /** * Registers the personal data eraser for comments. * * @since 4.9.6 * * @param array $erasers An array of personal data erasers. * @return array An array of personal data erasers. */ function wp_register_comment_personal_data_eraser( $erasers ) { $erasers['wordpress-comments'] = array( 'eraser_friendly_name' => __( 'WordPress Comments' ), 'callback' => 'wp_comments_personal_data_eraser', ); return $erasers; } /** * Erases personal data associated with an email address from the comments table. * * @since 4.9.6 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $email_address The comment author email address. * @param int $page Comment page number. * @return array { * Data removal results. * * @type bool $items_removed Whether items were actually removed. * @type bool $items_retained Whether items were retained. * @type string[] $messages An array of messages to add to the personal data export file. * @type bool $done Whether the eraser is finished. * } */ function wp_comments_personal_data_eraser( $email_address, $page = 1 ) { global $wpdb; if ( empty( $email_address ) ) { return array( 'items_removed' => false, 'items_retained' => false, 'messages' => array(), 'done' => true, ); } // Limit us to 500 comments at a time to avoid timing out. $number = 500; $page = (int) $page; $items_removed = false; $items_retained = false; $comments = get_comments( array( 'author_email' => $email_address, 'number' => $number, 'paged' => $page, 'orderby' => 'comment_ID', 'order' => 'ASC', 'include_unapproved' => true, ) ); /* translators: Name of a comment's author after being anonymized. */ $anon_author = __( 'Anonymous' ); $messages = array(); foreach ( (array) $comments as $comment ) { $anonymized_comment = array(); $anonymized_comment['comment_agent'] = ''; $anonymized_comment['comment_author'] = $anon_author; $anonymized_comment['comment_author_email'] = ''; $anonymized_comment['comment_author_IP'] = wp_privacy_anonymize_data( 'ip', $comment->comment_author_IP ); $anonymized_comment['comment_author_url'] = ''; $anonymized_comment['user_id'] = 0; $comment_id = (int) $comment->comment_ID; /** * Filters whether to anonymize the comment. * * @since 4.9.6 * * @param bool|string $anon_message Whether to apply the comment anonymization (bool) or a custom * message (string). Default true. * @param WP_Comment $comment WP_Comment object. * @param array $anonymized_comment Anonymized comment data. */ $anon_message = apply_filters( 'wp_anonymize_comment', true, $comment, $anonymized_comment ); if ( true !== $anon_message ) { if ( $anon_message && is_string( $anon_message ) ) { $messages[] = esc_html( $anon_message ); } else { /* translators: %d: Comment ID. */ $messages[] = sprintf( __( 'Comment %d contains personal data but could not be anonymized.' ), $comment_id ); } $items_retained = true; continue; } $args = array( 'comment_ID' => $comment_id, ); $updated = $wpdb->update( $wpdb->comments, $anonymized_comment, $args ); if ( $updated ) { $items_removed = true; clean_comment_cache( $comment_id ); } else { $items_retained = true; } } $done = count( $comments ) < $number; return array( 'items_removed' => $items_removed, 'items_retained' => $items_retained, 'messages' => $messages, 'done' => $done, ); } /** * Sets the last changed time for the 'comment' cache group. * * @since 5.0.0 */ function wp_cache_set_comments_last_changed() { wp_cache_set_last_changed( 'comment' ); } /** * Updates the comment type for a batch of comments. * * @since 5.5.0 * * @global wpdb $wpdb WordPress database abstraction object. */ function _wp_batch_update_comment_type() { global $wpdb; $lock_name = 'update_comment_type.lock'; // Try to lock. $lock_result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, 'no') /* LOCK */", $lock_name, time() ) ); if ( ! $lock_result ) { $lock_result = get_option( $lock_name ); // Bail if we were unable to create a lock, or if the existing lock is still valid. if ( ! $lock_result || ( $lock_result > ( time() - HOUR_IN_SECONDS ) ) ) { wp_schedule_single_event( time() + ( 5 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); return; } } // Update the lock, as by this point we've definitely got a lock, just need to fire the actions. update_option( $lock_name, time() ); // Check if there's still an empty comment type. $empty_comment_type = $wpdb->get_var( "SELECT comment_ID FROM $wpdb->comments WHERE comment_type = '' LIMIT 1" ); // No empty comment type, we're done here. if ( ! $empty_comment_type ) { update_option( 'finished_updating_comment_type', true ); delete_option( $lock_name ); return; } // Empty comment type found? We'll need to run this script again. wp_schedule_single_event( time() + ( 2 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); /** * Filters the comment batch size for updating the comment type. * * @since 5.5.0 * * @param int $comment_batch_size The comment batch size. Default 100. */ $comment_batch_size = (int) apply_filters( 'wp_update_comment_type_batch_size', 100 ); // Get the IDs of the comments to update. $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_type = '' ORDER BY comment_ID DESC LIMIT %d", $comment_batch_size ) ); if ( $comment_ids ) { $comment_id_list = implode( ',', $comment_ids ); // Update the `comment_type` field value to be `comment` for the next batch of comments. $wpdb->query( "UPDATE {$wpdb->comments} SET comment_type = 'comment' WHERE comment_type = '' AND comment_ID IN ({$comment_id_list})" // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared ); // Make sure to clean the comment cache. clean_comment_cache( $comment_ids ); } delete_option( $lock_name ); } /** * In order to avoid the _wp_batch_update_comment_type() job being accidentally removed, * check that it's still scheduled while we haven't finished updating comment types. * * @ignore * @since 5.5.0 */ function _wp_check_for_scheduled_update_comment_type() { if ( ! get_option( 'finished_updating_comment_type' ) && ! wp_next_scheduled( 'wp_update_comment_type_batch' ) ) { wp_schedule_single_event( time() + MINUTE_IN_SECONDS, 'wp_update_comment_type_batch' ); } }