| 1 | <?php |
| 2 | /** |
| 3 | * WordPress Plugin Administration API |
| 4 | * |
| 5 | * @package WordPress |
| 6 | * @subpackage Administration |
| 7 | */ |
| 8 | |
| 9 | /** |
| 10 | * Parse the plugin contents to retrieve plugin's metadata. |
| 11 | * |
| 12 | * The metadata of the plugin's data searches for the following in the plugin's |
| 13 | * header. All plugin data must be on its own line. For plugin description, it |
| 14 | * must not have any newlines or only parts of the description will be displayed |
| 15 | * and the same goes for the plugin data. The below is formatted for printing. |
| 16 | * |
| 17 | * <code> |
| 18 | * /* |
| 19 | * Plugin Name: Name of Plugin |
| 20 | * Plugin URI: Link to plugin information |
| 21 | * Description: Plugin Description |
| 22 | * Author: Plugin author's name |
| 23 | * Author URI: Link to the author's web site |
| 24 | * Version: Must be set in the plugin for WordPress 2.3+ |
| 25 | * Text Domain: Optional. Unique identifier, should be same as the one used in |
| 26 | * plugin_text_domain() |
| 27 | * Domain Path: Optional. Only useful if the translations are located in a |
| 28 | * folder above the plugin's base path. For example, if .mo files are |
| 29 | * located in the locale folder then Domain Path will be "/locale/" and |
| 30 | * must have the first slash. Defaults to the base folder the plugin is |
| 31 | * located in. |
| 32 | * Network: Optional. Specify "Network: true" to require that a plugin is activated |
| 33 | * across all sites in an installation. This will prevent a plugin from being |
| 34 | * activated on a single site when Multisite is enabled. |
| 35 | * * / # Remove the space to close comment |
| 36 | * </code> |
| 37 | * |
| 38 | * Plugin data returned array contains the following: |
| 39 | * 'Name' - Name of the plugin, must be unique. |
| 40 | * 'Title' - Title of the plugin and the link to the plugin's web site. |
| 41 | * 'Description' - Description of what the plugin does and/or notes |
| 42 | * from the author. |
| 43 | * 'Author' - The author's name |
| 44 | * 'AuthorURI' - The authors web site address. |
| 45 | * 'Version' - The plugin version number. |
| 46 | * 'PluginURI' - Plugin web site address. |
| 47 | * 'TextDomain' - Plugin's text domain for localization. |
| 48 | * 'DomainPath' - Plugin's relative directory path to .mo files. |
| 49 | * 'Network' - Boolean. Whether the plugin can only be activated network wide. |
| 50 | * |
| 51 | * Some users have issues with opening large files and manipulating the contents |
| 52 | * for want is usually the first 1kiB or 2kiB. This function stops pulling in |
| 53 | * the plugin contents when it has all of the required plugin data. |
| 54 | * |
| 55 | * The first 8kiB of the file will be pulled in and if the plugin data is not |
| 56 | * within that first 8kiB, then the plugin author should correct their plugin |
| 57 | * and move the plugin data headers to the top. |
| 58 | * |
| 59 | * The plugin file is assumed to have permissions to allow for scripts to read |
| 60 | * the file. This is not checked however and the file is only opened for |
| 61 | * reading. |
| 62 | * |
| 63 | * @link http://trac.wordpress.org/ticket/5651 Previous Optimizations. |
| 64 | * @link http://trac.wordpress.org/ticket/7372 Further and better Optimizations. |
| 65 | * @since 1.5.0 |
| 66 | * |
| 67 | * @param string $plugin_file Path to the plugin file |
| 68 | * @param bool $markup If the returned data should have HTML markup applied |
| 69 | * @param bool $translate If the returned data should be translated |
| 70 | * @return array See above for description. |
| 71 | */ |
| 72 | function get_plugin_data( $plugin_file, $markup = true, $translate = true ) { |
| 73 | |
| 74 | $default_headers = array( |
| 75 | 'Name' => 'Plugin Name', |
| 76 | 'PluginURI' => 'Plugin URI', |
| 77 | 'Version' => 'Version', |
| 78 | 'Description' => 'Description', |
| 79 | 'Author' => 'Author', |
| 80 | 'AuthorURI' => 'Author URI', |
| 81 | 'TextDomain' => 'Text Domain', |
| 82 | 'DomainPath' => 'Domain Path', |
| 83 | 'Network' => 'Network', |
| 84 | // Site Wide Only is deprecated in favor of Network. |
| 85 | '_sitewide' => 'Site Wide Only', |
| 86 | ); |
| 87 | |
| 88 | $plugin_data = get_file_data( $plugin_file, $default_headers, 'plugin' ); | //Arbitrary file disclosing
|
| 89 | |
| 90 | // Site Wide Only is the old header for Network |
| 91 | if ( empty( $plugin_data['Network'] ) && ! empty( $plugin_data['_sitewide'] ) ) { |
| 92 | _deprecated_argument( __FUNCTION__, '3.0', sprintf( __( 'The <code>%1$s</code> plugin header is deprecated. Use <code>%2$s</code> instead.' ), 'Site Wide Only: true', 'Network: true' ) ); |
| 93 | $plugin_data['Network'] = $plugin_data['_sitewide']; |
| 94 | } |
| 95 | $plugin_data['Network'] = ( 'true' == strtolower( $plugin_data['Network'] ) ); |
| 96 | unset( $plugin_data['_sitewide'] ); |
| 97 | |
| 98 | //For backward compatibility by default Title is the same as Name. |
| 99 | $plugin_data['Title'] = $plugin_data['Name']; |
| 100 | |
| 101 | if ( $markup || $translate ) |
| 102 | $plugin_data = _get_plugin_data_markup_translate( $plugin_file, $plugin_data, $markup, $translate ); | //Arbitrary file disclosing
|
| 103 | |
| 104 | return $plugin_data; |
| 105 | } |
| 106 | |
| 107 | function _get_plugin_data_markup_translate($plugin_file, $plugin_data, $markup = true, $translate = true) { |
| 108 | |
| 109 | //Translate fields30 |
| 110 | if ( $translate && ! empty($plugin_data['TextDomain']) ) { |
| 111 | if ( ! empty( $plugin_data['DomainPath'] ) ) |
| 112 | load_plugin_textdomain($plugin_data['TextDomain'], false, dirname($plugin_file). $plugin_data['DomainPath']); | //Arbitrary file disclosing
|
| 113 | else |
| 114 | load_plugin_textdomain($plugin_data['TextDomain'], false, dirname($plugin_file)); |
| 115 | |
| 116 | foreach ( array('Name', 'PluginURI', 'Description', 'Author', 'AuthorURI', 'Version') as $field ) |
| 117 | $plugin_data[ $field ] = translate($plugin_data[ $field ], $plugin_data['TextDomain']); |
| 118 | } |
| 119 | |
| 120 | //Apply Markup |
| 121 | if ( $markup ) { |
| 122 | if ( ! empty($plugin_data['PluginURI']) && ! empty($plugin_data['Name']) ) |
| 123 | $plugin_data['Title'] = '<a href="' . $plugin_data['PluginURI'] . '" title="' . __( 'Visit plugin homepage' ) . '">' . $plugin_data['Name'] . '</a>'; |
| 124 | else |
| 125 | $plugin_data['Title'] = $plugin_data['Name']; |
| 126 | |
| 127 | if ( ! empty($plugin_data['AuthorURI']) && ! empty($plugin_data['Author']) ) |
| 128 | $plugin_data['Author'] = '<a href="' . $plugin_data['AuthorURI'] . '" title="' . __( 'Visit author homepage' ) . '">' . $plugin_data['Author'] . '</a>'; |
| 129 | |
| 130 | $plugin_data['Description'] = wptexturize( $plugin_data['Description'] ); |
| 131 | if ( ! empty($plugin_data['Author']) ) |
| 132 | $plugin_data['Description'] .= ' <cite>' . sprintf( __('By %s'), $plugin_data['Author'] ) . '.</cite>'; |
| 133 | } |
| 134 | |
| 135 | $plugins_allowedtags = array('a' => array('href' => array(),'title' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array()); |
| 136 | |
| 137 | // Sanitize all displayed data |
| 138 | $plugin_data['Title'] = wp_kses($plugin_data['Title'], $plugins_allowedtags); |
| 139 | $plugin_data['Version'] = wp_kses($plugin_data['Version'], $plugins_allowedtags); |
| 140 | $plugin_data['Description'] = wp_kses($plugin_data['Description'], $plugins_allowedtags); |
| 141 | $plugin_data['Author'] = wp_kses($plugin_data['Author'], $plugins_allowedtags); |
| 142 | |
| 143 | return $plugin_data; |
| 144 | } |
| 145 | |
| 146 | /** |
| 147 | * Get a list of a plugin's files. |
| 148 | * |
| 149 | * @since 2.8.0 |
| 150 | * |
| 151 | * @param string $plugin Plugin ID |
| 152 | * @return array List of files relative to the plugin root. |
| 153 | */ |
| 154 | function get_plugin_files($plugin) { |
| 155 | $plugin_file = WP_PLUGIN_DIR . '/' . $plugin; |
| 156 | $dir = dirname($plugin_file); |
| 157 | $plugin_files = array($plugin); |
| 158 | if ( is_dir($dir) && $dir != WP_PLUGIN_DIR ) { |
| 159 | $plugins_dir = @ opendir( $dir ); | //Arbitrary file disclosing
|
| 160 | if ( $plugins_dir ) { |
| 161 | while (($file = readdir( $plugins_dir ) ) !== false ) { |
| 162 | if ( substr($file, 0, 1) == '.' ) |
| 163 | continue; |
| 164 | if ( is_dir( $dir . '/' . $file ) ) { |
| 165 | $plugins_subdir = @ opendir( $dir . '/' . $file ); | //Arbitrary file disclosing
|
| 166 | if ( $plugins_subdir ) { |
| 167 | while (($subfile = readdir( $plugins_subdir ) ) !== false ) { |
| 168 | if ( substr($subfile, 0, 1) == '.' ) |
| 169 | continue; |
| 170 | $plugin_files[] = plugin_basename("$dir/$file/$subfile"); | //Arbitrary file disclosing
|
| 171 | } |
| 172 | @closedir( $plugins_subdir ); |
| 173 | } |
| 174 | } else { |
| 175 | if ( plugin_basename("$dir/$file") != $plugin ) |
| 176 | $plugin_files[] = plugin_basename("$dir/$file"); |
| 177 | } |
| 178 | } |
| 179 | @closedir( $plugins_dir ); |
| 180 | } |
| 181 | } |
| 182 | |
| 183 | return $plugin_files; |
| 184 | } |
| 185 | |
| 186 | /** |
| 187 | * Check the plugins directory and retrieve all plugin files with plugin data. |
| 188 | * |
| 189 | * WordPress only supports plugin files in the base plugins directory |
| 190 | * (wp-content/plugins) and in one directory above the plugins directory |
| 191 | * (wp-content/plugins/my-plugin). The file it looks for has the plugin data and |
| 192 | * must be found in those two locations. It is recommended that do keep your |
| 193 | * plugin files in directories. |
| 194 | * |
| 195 | * The file with the plugin data is the file that will be included and therefore |
| 196 | * needs to have the main execution for the plugin. This does not mean |
| 197 | * everything must be contained in the file and it is recommended that the file |
| 198 | * be split for maintainability. Keep everything in one file for extreme |
| 199 | * optimization purposes. |
| 200 | * |
| 201 | * @since unknown |
| 202 | * |
| 203 | * @param string $plugin_folder Optional. Relative path to single plugin folder. |
| 204 | * @return array Key is the plugin file path and the value is an array of the plugin data. |
| 205 | */ |
| 206 | function get_plugins($plugin_folder = '') { |
| 207 | |
| 208 | if ( ! $cache_plugins = wp_cache_get('plugins', 'plugins') ) |
| 209 | $cache_plugins = array(); |
| 210 | |
| 211 | if ( isset($cache_plugins[ $plugin_folder ]) ) |
| 212 | return $cache_plugins[ $plugin_folder ]; |
| 213 | |
| 214 | $wp_plugins = array (); |
| 215 | $plugin_root = WP_PLUGIN_DIR; |
| 216 | if ( !empty($plugin_folder) ) |
| 217 | $plugin_root .= $plugin_folder; |
| 218 | |
| 219 | // Files in wp-content/plugins directory |
| 220 | $plugins_dir = @ opendir( $plugin_root); | //Arbitrary file disclosing
|
| 221 | $plugin_files = array(); |
| 222 | if ( $plugins_dir ) { |
| 223 | while (($file = readdir( $plugins_dir ) ) !== false ) { |
| 224 | if ( substr($file, 0, 1) == '.' ) |
| 225 | continue; |
| 226 | if ( is_dir( $plugin_root.'/'.$file ) ) { |
| 227 | $plugins_subdir = @ opendir( $plugin_root.'/'.$file ); | //Arbitrary file disclosing
|
| 228 | if ( $plugins_subdir ) { |
| 229 | while (($subfile = readdir( $plugins_subdir ) ) !== false ) { |
| 230 | if ( substr($subfile, 0, 1) == '.' ) |
| 231 | continue; |
| 232 | if ( substr($subfile, -4) == '.php' ) |
| 233 | $plugin_files[] = "$file/$subfile"; | //Arbitrary file disclosing
|
| 234 | } |
| 235 | } |
| 236 | } else { |
| 237 | if ( substr($file, -4) == '.php' ) |
| 238 | $plugin_files[] = $file; |
| 239 | } |
| 240 | } |
| 241 | } else { |
| 242 | return $wp_plugins; |
| 243 | } |
| 244 | |
| 245 | @closedir( $plugins_dir ); |
| 246 | @closedir( $plugins_subdir ); |
| 247 | |
| 248 | if ( empty($plugin_files) ) |
| 249 | return $wp_plugins; |
| 250 | |
| 251 | foreach ( $plugin_files as $plugin_file ) { |
| 252 | if ( !is_readable( "$plugin_root/$plugin_file" ) ) |
| 253 | continue; |
| 254 | |
| 255 | $plugin_data = get_plugin_data( "$plugin_root/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached. |
| 256 | |
| 257 | if ( empty ( $plugin_data['Name'] ) ) |
| 258 | continue; |
| 259 | |
| 260 | $wp_plugins[plugin_basename( $plugin_file )] = $plugin_data; | //Arbitrary file disclosing
|
| 261 | } |
| 262 | |
| 263 | uasort( $wp_plugins, create_function( '$a, $b', 'return strnatcasecmp( $a["Name"], $b["Name"] );' )); |
| 264 | |
| 265 | $cache_plugins[ $plugin_folder ] = $wp_plugins; |
| 266 | wp_cache_set('plugins', $cache_plugins, 'plugins'); |
| 267 | |
| 268 | return $wp_plugins; |
| 269 | } |
| 270 | |
| 271 | /** |
| 272 | * Check the mu-plugins directory and retrieve all mu-plugin files with any plugin data. |
| 273 | * |
| 274 | * WordPress only includes mu-plugin files in the base mu-plugins directory (wp-content/mu-plugins). |
| 275 | * |
| 276 | * @since 3.0.0 |
| 277 | * @return array Key is the mu-plugin file path and the value is an array of the mu-plugin data. |
| 278 | */ |
| 279 | function get_mu_plugins() { |
| 280 | $wp_plugins = array(); |
| 281 | // Files in wp-content/mu-plugins directory |
| 282 | $plugin_files = array(); |
| 283 | |
| 284 | if ( ! is_dir( WPMU_PLUGIN_DIR ) ) |
| 285 | return $wp_plugins; |
| 286 | if ( $plugins_dir = @ opendir( WPMU_PLUGIN_DIR ) ) { |
| 287 | while ( ( $file = readdir( $plugins_dir ) ) !== false ) { |
| 288 | if ( substr( $file, -4 ) == '.php' ) |
| 289 | $plugin_files[] = $file; |
| 290 | } |
| 291 | } else { |
| 292 | return $wp_plugins; |
| 293 | } |
| 294 | |
| 295 | @closedir( $plugins_dir ); |
| 296 | |
| 297 | if ( empty($plugin_files) ) |
| 298 | return $wp_plugins; |
| 299 | |
| 300 | foreach ( $plugin_files as $plugin_file ) { |
| 301 | if ( !is_readable( WPMU_PLUGIN_DIR . "/$plugin_file" ) ) |
| 302 | continue; |
| 303 | |
| 304 | $plugin_data = get_plugin_data( WPMU_PLUGIN_DIR . "/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached. |
| 305 | |
| 306 | if ( empty ( $plugin_data['Name'] ) ) |
| 307 | $plugin_data['Name'] = $plugin_file; |
| 308 | |
| 309 | $wp_plugins[ $plugin_file ] = $plugin_data; | //Arbitrary file disclosing
|
| 310 | } |
| 311 | |
| 312 | if ( isset( $wp_plugins['index.php'] ) && filesize( WPMU_PLUGIN_DIR . '/index.php') <= 30 ) // silence is golden |
| 313 | unset( $wp_plugins['index.php'] ); |
| 314 | |
| 315 | uasort( $wp_plugins, create_function( '$a, $b', 'return strnatcasecmp( $a["Name"], $b["Name"] );' )); |
| 316 | |
| 317 | return $wp_plugins; |
| 318 | } |
| 319 | |
| 320 | /** |
| 321 | * Check the wp-content directory and retrieve all drop-ins with any plugin data. |
| 322 | * |
| 323 | * @since 3.0.0 |
| 324 | * @return array Key is the file path and the value is an array of the plugin data. |
| 325 | */ |
| 326 | function get_dropins() { |
| 327 | $dropins = array(); |
| 328 | $plugin_files = array(); |
| 329 | |
| 330 | $_dropins = _get_dropins(); |
| 331 | |
| 332 | // These exist in the wp-content directory |
| 333 | if ( $plugins_dir = @ opendir( WP_CONTENT_DIR ) ) { |
| 334 | while ( ( $file = readdir( $plugins_dir ) ) !== false ) { |
| 335 | if ( isset( $_dropins[ $file ] ) ) |
| 336 | $plugin_files[] = $file; |
| 337 | } |
| 338 | } else { |
| 339 | return $dropins; |
| 340 | } |
| 341 | |
| 342 | @closedir( $plugins_dir ); |
| 343 | |
| 344 | if ( empty($plugin_files) ) |
| 345 | return $dropins; |
| 346 | |
| 347 | foreach ( $plugin_files as $plugin_file ) { |
| 348 | if ( !is_readable( WP_CONTENT_DIR . "/$plugin_file" ) ) |
| 349 | continue; |
| 350 | $plugin_data = get_plugin_data( WP_CONTENT_DIR . "/$plugin_file", false, false ); //Do not apply markup/translate as it'll be cached. |
| 351 | if ( empty( $plugin_data['Name'] ) ) |
| 352 | $plugin_data['Name'] = $plugin_file; |
| 353 | $dropins[ $plugin_file ] = $plugin_data; | //Arbitrary file disclosing
|
| 354 | } |
| 355 | |
| 356 | uksort( $dropins, create_function( '$a, $b', 'return strnatcasecmp( $a, $b );' )); |
| 357 | |
| 358 | return $dropins; |
| 359 | } |
| 360 | |
| 361 | /** |
| 362 | * Returns drop-ins that WordPress uses. |
| 363 | * |
| 364 | * Includes Multisite drop-ins only when is_multisite() |
| 365 | * |
| 366 | * @since 3.0.0 |
| 367 | * @return array Key is file name. The value is an array, with the first value the |
| 368 | * purpose of the drop-in and the second value the name of the constant that must be |
| 369 | * true for the drop-in to be used, or true if no constant is required. |
| 370 | */ |
| 371 | function _get_dropins() { |
| 372 | $dropins = array( |
| 373 | 'advanced-cache.php' => array( __( 'Advanced caching plugin.' ), 'WP_CACHE' ), // WP_CACHE |
| 374 | 'db.php' => array( __( 'Custom database class.' ), true ), // auto on load |
| 375 | 'db-error.php' => array( __( 'Custom database error message.' ), true ), // auto on error |
| 376 | 'install.php' => array( __( 'Custom install script.' ), true ), // auto on install |
| 377 | 'maintenance.php' => array( __( 'Custom maintenance message.' ), true ), // auto on maintenance |
| 378 | 'object-cache.php' => array( __( 'External object cache.' ), true ), // auto on load |
| 379 | ); |
| 380 | |
| 381 | if ( is_multisite() ) { |
| 382 | $dropins['sunrise.php' ] = array( __( 'Executed before Multisite is loaded.' ), 'SUNRISE' ); // SUNRISE |
| 383 | $dropins['blog-deleted.php' ] = array( __( 'Custom site deleted message.' ), true ); // auto on deleted blog |
| 384 | $dropins['blog-inactive.php' ] = array( __( 'Custom site inactive message.' ), true ); // auto on inactive blog |
| 385 | $dropins['blog-suspended.php'] = array( __( 'Custom site suspended message.' ), true ); // auto on archived or spammed blog |
| 386 | } |
| 387 | |
| 388 | return $dropins; |
| 389 | } |
| 390 | |
| 391 | /** |
| 392 | * Check whether the plugin is active by checking the active_plugins list. |
| 393 | * |
| 394 | * @since 2.5.0 |
| 395 | * |
| 396 | * @param string $plugin Base plugin path from plugins directory. |
| 397 | * @return bool True, if in the active plugins list. False, not in the list. |
| 398 | */ |
| 399 | function is_plugin_active( $plugin ) { |
| 400 | return in_array( $plugin, (array) get_option( 'active_plugins', array() ) ) || is_plugin_active_for_network( $plugin ); |
| 401 | } |
| 402 | |
| 403 | /** |
| 404 | * Check whether the plugin is active for the entire network. |
| 405 | * |
| 406 | * @since 3.0.0 |
| 407 | * |
| 408 | * @param string $plugin Base plugin path from plugins directory. |
| 409 | * @return bool True, if active for the network, otherwise false. |
| 410 | */ |
| 411 | function is_plugin_active_for_network( $plugin ) { |
| 412 | if ( !is_multisite() ) |
| 413 | return false; |
| 414 | |
| 415 | $plugins = get_site_option( 'active_sitewide_plugins'); |
| 416 | if ( isset($plugins[$plugin]) ) |
| 417 | return true; |
| 418 | |
| 419 | return false; |
| 420 | } |
| 421 | |
| 422 | /** |
| 423 | * Checks for "Network: true" in the plugin header to see if this should |
| 424 | * be activated only as a network wide plugin. The plugin would also work |
| 425 | * when Multisite is not enabled. |
| 426 | * |
| 427 | * Checks for "Site Wide Only: true" for backwards compatibility. |
| 428 | * |
| 429 | * @since 3.0.0 |
| 430 | * |
| 431 | * @param $file Plugin to check |
| 432 | * $return bool True if plugin is network only, false otherwise. |
| 433 | */ |
| 434 | function is_network_only_plugin( $plugin ) { |
| 435 | $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin ); |
| 436 | if ( $plugin_data ) |
| 437 | return $plugin_data['Network']; |
| 438 | return false; |
| 439 | } |
| 440 | |
| 441 | /** |
| 442 | * Attempts activation of plugin in a "sandbox" and redirects on success. |
| 443 | * |
| 444 | * A plugin that is already activated will not attempt to be activated again. |
| 445 | * |
| 446 | * The way it works is by setting the redirection to the error before trying to |
| 447 | * include the plugin file. If the plugin fails, then the redirection will not |
| 448 | * be overwritten with the success message. Also, the options will not be |
| 449 | * updated and the activation hook will not be called on plugin error. |
| 450 | * |
| 451 | * It should be noted that in no way the below code will actually prevent errors |
| 452 | * within the file. The code should not be used elsewhere to replicate the |
| 453 | * "sandbox", which uses redirection to work. |
| 454 | * {@source 13 1} |
| 455 | * |
| 456 | * If any errors are found or text is outputted, then it will be captured to |
| 457 | * ensure that the success redirection will update the error redirection. |
| 458 | * |
| 459 | * @since unknown |
| 460 | * |
| 461 | * @param string $plugin Plugin path to main plugin file with plugin data. |
| 462 | * @param string $redirect Optional. URL to redirect to. |
| 463 | * @param bool $network_wide Whether to enable the plugin for all sites in the network or just the current site. Multisite only. Default is false. |
| 464 | * @return WP_Error|null WP_Error on invalid file or null on success. |
| 465 | */ |
| 466 | function activate_plugin( $plugin, $redirect = '', $network_wide = false) { |
| 467 | $plugin = plugin_basename( trim( $plugin ) ); |
| 468 | |
| 469 | if ( is_multisite() && ( $network_wide || is_network_only_plugin($plugin) ) ) { |
| 470 | $network_wide = true; |
| 471 | $current = get_site_option( 'active_sitewide_plugins', array() ); |
| 472 | } else { |
| 473 | $current = get_option( 'active_plugins', array() ); |
| 474 | } |
| 475 | |
| 476 | $valid = validate_plugin($plugin); |
| 477 | if ( is_wp_error($valid) ) |
| 478 | return $valid; |
| 479 | |
| 480 | if ( !in_array($plugin, $current) ) { |
| 481 | if ( !empty($redirect) ) |
| 482 | wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect)); // we'll override this later if the plugin can be included without fatal error |
| 483 | ob_start(); |
| 484 | include(WP_PLUGIN_DIR . '/' . $plugin); | //Arbitrary code inclusion
|
| 485 | do_action( 'activate_plugin', trim( $plugin) ); |
| 486 | if ( $network_wide ) { |
| 487 | $current[$plugin] = time(); |
| 488 | update_site_option( 'active_sitewide_plugins', $current ); |
| 489 | } else { |
| 490 | $current[] = $plugin; |
| 491 | sort($current); |
| 492 | update_option('active_plugins', $current); |
| 493 | } |
| 494 | do_action( 'activate_' . trim( $plugin ) ); |
| 495 | do_action( 'activated_plugin', trim( $plugin) ); |
| 496 | if ( ob_get_length() > 0 ) { |
| 497 | $output = ob_get_clean(); |
| 498 | return new WP_Error('unexpected_output', __('The plugin generated unexpected output.'), $output); |
| 499 | } |
| 500 | ob_end_clean(); |
| 501 | } |
| 502 | |
| 503 | return null; |
| 504 | } |
| 505 | |
| 506 | /** |
| 507 | * Deactivate a single plugin or multiple plugins. |
| 508 | * |
| 509 | * The deactivation hook is disabled by the plugin upgrader by using the $silent |
| 510 | * parameter. |
| 511 | * |
| 512 | * @since unknown |
| 513 | * |
| 514 | * @param string|array $plugins Single plugin or list of plugins to deactivate. |
| 515 | * @param bool $silent Optional, default is false. Prevent calling deactivate hook. |
| 516 | */ |
| 517 | function deactivate_plugins( $plugins, $silent = false ) { |
| 518 | $network_current = get_site_option( 'active_sitewide_plugins', array() ); |
| 519 | $current = get_option( 'active_plugins', array() ); |
| 520 | $do_blog = $do_network = false; |
| 521 | |
| 522 | foreach ( (array) $plugins as $plugin ) { |
| 523 | $plugin = plugin_basename($plugin); |
| 524 | if ( ! is_plugin_active($plugin) ) |
| 525 | continue; |
| 526 | if ( ! $silent ) |
| 527 | do_action( 'deactivate_plugin', trim( $plugin ) ); |
| 528 | |
| 529 | if ( is_plugin_active_for_network($plugin) ) { |
| 530 | // Deactivate network wide |
| 531 | $do_network = true; |
| 532 | unset( $network_current[ $plugin ] ); |
| 533 | } else { |
| 534 | // Deactivate for this blog only |
| 535 | $key = array_search( $plugin, (array) $current ); |
| 536 | if ( false !== $key ) { |
| 537 | $do_blog = true; |
| 538 | array_splice( $current, $key, 1 ); |
| 539 | } |
| 540 | } |
| 541 | |
| 542 | //Used by Plugin updater to internally deactivate plugin, however, not to notify plugins of the fact to prevent plugin output. |
| 543 | if ( ! $silent ) { |
| 544 | do_action( 'deactivate_' . trim( $plugin ) ); |
| 545 | do_action( 'deactivated_plugin', trim( $plugin ) ); |
| 546 | } |
| 547 | } |
| 548 | |
| 549 | if ( $do_blog ) |
| 550 | update_option('active_plugins', $current); |
| 551 | if ( $do_network ) |
| 552 | update_site_option( 'active_sitewide_plugins', $network_current ); |
| 553 | } |
| 554 | |
| 555 | /** |
| 556 | * Activate multiple plugins. |
| 557 | * |
| 558 | * When WP_Error is returned, it does not mean that one of the plugins had |
| 559 | * errors. It means that one or more of the plugins file path was invalid. |
| 560 | * |
| 561 | * The execution will be halted as soon as one of the plugins has an error. |
| 562 | * |
| 563 | * @since unknown |
| 564 | * |
| 565 | * @param string|array $plugins |
| 566 | * @param string $redirect Redirect to page after successful activation. |
| 567 | * @param bool $network_wide Whether to enable the plugin for all sites in the network. |
| 568 | * @return bool|WP_Error True when finished or WP_Error if there were errors during a plugin activation. |
| 569 | */ |
| 570 | function activate_plugins($plugins, $redirect = '', $network_wide) { |
| 571 | if ( !is_array($plugins) ) |
| 572 | $plugins = array($plugins); |
| 573 | |
| 574 | $errors = array(); |
| 575 | foreach ( (array) $plugins as $plugin ) { |
| 576 | if ( !empty($redirect) ) |
| 577 | $redirect = add_query_arg('plugin', $plugin, $redirect); |
| 578 | $result = activate_plugin($plugin, $redirect, $network_wide); |
| 579 | if ( is_wp_error($result) ) |
| 580 | $errors[$plugin] = $result; |
| 581 | } |
| 582 | |
| 583 | if ( !empty($errors) ) |
| 584 | return new WP_Error('plugins_invalid', __('One of the plugins is invalid.'), $errors); |
| 585 | |
| 586 | return true; |
| 587 | } |
| 588 | |
| 589 | /** |
| 590 | * Remove directory and files of a plugin for a single or list of plugin(s). |
| 591 | * |
| 592 | * If the plugins parameter list is empty, false will be returned. True when |
| 593 | * completed. |
| 594 | * |
| 595 | * @since unknown |
| 596 | * |
| 597 | * @param array $plugins List of plugin |
| 598 | * @param string $redirect Redirect to page when complete. |
| 599 | * @return mixed |
| 600 | */ |
| 601 | function delete_plugins($plugins, $redirect = '' ) { |
| 602 | global $wp_filesystem; |
| 603 | |
| 604 | if ( empty($plugins) ) |
| 605 | return false; |
| 606 | |
| 607 | $checked = array(); |
| 608 | foreach( $plugins as $plugin ) |
| 609 | $checked[] = 'checked[]=' . $plugin; |
| 610 | |
| 611 | ob_start(); |
| 612 | $url = wp_nonce_url('plugins.php?action=delete-selected&verify-delete=1&' . implode('&', $checked), 'bulk-manage-plugins'); |
| 613 | if ( false === ($credentials = request_filesystem_credentials($url)) ) { |
| 614 | $data = ob_get_contents(); |
| 615 | ob_end_clean(); |
| 616 | if ( ! empty($data) ){ |
| 617 | include_once( ABSPATH . 'wp-admin/admin-header.php'); |
| 618 | echo $data; | //Cross Site Scripting
|
| 619 | include( ABSPATH . 'wp-admin/admin-footer.php'); |
| 620 | exit; |
| 621 | } |
| 622 | return; |
| 623 | } |
| 624 | |
| 625 | if ( ! WP_Filesystem($credentials) ) { |
| 626 | request_filesystem_credentials($url, '', true); //Failed to connect, Error and request again |
| 627 | $data = ob_get_contents(); |
| 628 | ob_end_clean(); |
| 629 | if ( ! empty($data) ){ |
| 630 | include_once( ABSPATH . 'wp-admin/admin-header.php'); |
| 631 | echo $data; | //Cross Site Scripting
|
| 632 | include( ABSPATH . 'wp-admin/admin-footer.php'); |
| 633 | exit; |
| 634 | } |
| 635 | return; |
| 636 | } |
| 637 | |
| 638 | if ( ! is_object($wp_filesystem) ) |
| 639 | return new WP_Error('fs_unavailable', __('Could not access filesystem.')); |
| 640 | |
| 641 | if ( is_wp_error($wp_filesystem->errors) && $wp_filesystem->errors->get_error_code() ) |
| 642 | return new WP_Error('fs_error', __('Filesystem error.'), $wp_filesystem->errors); |
| 643 | |
| 644 | //Get the base plugin folder |
| 645 | $plugins_dir = $wp_filesystem->wp_plugins_dir(); |
| 646 | if ( empty($plugins_dir) ) |
| 647 | return new WP_Error('fs_no_plugins_dir', __('Unable to locate WordPress Plugin directory.')); |
| 648 | |
| 649 | $plugins_dir = trailingslashit( $plugins_dir ); |
| 650 | |
| 651 | $errors = array(); |
| 652 | |
| 653 | foreach( $plugins as $plugin_file ) { |
| 654 | // Run Uninstall hook |
| 655 | if ( is_uninstallable_plugin( $plugin_file ) ) |
| 656 | uninstall_plugin($plugin_file); |
| 657 | |
| 658 | $this_plugin_dir = trailingslashit( dirname($plugins_dir . $plugin_file) ); |
| 659 | // If plugin is in its own directory, recursively delete the directory. |
| 660 | if ( strpos($plugin_file, '/') && $this_plugin_dir != $plugins_dir ) //base check on if plugin includes directory seperator AND that its not the root plugin folder |
| 661 | $deleted = $wp_filesystem->delete($this_plugin_dir, true); |
| 662 | else |
| 663 | $deleted = $wp_filesystem->delete($plugins_dir . $plugin_file); |
| 664 | |
| 665 | if ( ! $deleted ) |
| 666 | $errors[] = $plugin_file; |
| 667 | } |
| 668 | |
| 669 | if ( ! empty($errors) ) |
| 670 | return new WP_Error('could_not_remove_plugin', sprintf(__('Could not fully remove the plugin(s) %s.'), implode(', ', $errors)) ); |
| 671 | |
| 672 | // Force refresh of plugin update information |
| 673 | if ( $current = get_site_transient('update_plugins') ) { |
| 674 | unset( $current->response[ $plugin_file ] ); |
| 675 | set_site_transient('update_plugins', $current); |
| 676 | } |
| 677 | |
| 678 | return true; |
| 679 | } |
| 680 | |
| 681 | /** |
| 682 | * Validate active plugins |
| 683 | * |
| 684 | * Validate all active plugins, deactivates invalid and |
| 685 | * returns an array of deactivated ones. |
| 686 | * |
| 687 | * @since unknown |
| 688 | * @return array invalid plugins, plugin as key, error as value |
| 689 | */ |
| 690 | function validate_active_plugins() { |
| 691 | $plugins = get_option( 'active_plugins', array() ); |
| 692 | // validate vartype: array |
| 693 | if ( ! is_array( $plugins ) ) { |
| 694 | update_option( 'active_plugins', array() ); |
| 695 | $plugins = array(); |
| 696 | } |
| 697 | |
| 698 | if ( is_multisite() && is_super_admin() ) { |
| 699 | $network_plugins = (array) get_site_option( 'active_sitewide_plugins', array() ); |
| 700 | $plugins = array_merge( $plugins, array_keys( $network_plugins ) ); |
| 701 | } |
| 702 | |
| 703 | if ( empty( $plugins ) ) |
| 704 | return; |
| 705 | |
| 706 | $invalid = array(); |
| 707 | |
| 708 | // invalid plugins get deactivated |
| 709 | foreach ( $plugins as $plugin ) { |
| 710 | $result = validate_plugin( $plugin ); |
| 711 | if ( is_wp_error( $result ) ) { |
| 712 | $invalid[$plugin] = $result; |
| 713 | deactivate_plugins( $plugin, true ); |
| 714 | } |
| 715 | } |
| 716 | return $invalid; |
| 717 | } |
| 718 | |
| 719 | /** |
| 720 | * Validate the plugin path. |
| 721 | * |
| 722 | * Checks that the file exists and {@link validate_file() is valid file}. |
| 723 | * |
| 724 | * @since unknown |
| 725 | * |
| 726 | * @param string $plugin Plugin Path |
| 727 | * @return WP_Error|int 0 on success, WP_Error on failure. |
| 728 | */ |
| 729 | function validate_plugin($plugin) { |
| 730 | if ( validate_file($plugin) ) |
| 731 | return new WP_Error('plugin_invalid', __('Invalid plugin path.')); |
| 732 | if ( ! file_exists(WP_PLUGIN_DIR . '/' . $plugin) ) |
| 733 | return new WP_Error('plugin_not_found', __('Plugin file does not exist.')); |
| 734 | |
| 735 | $installed_plugins = get_plugins(); |
| 736 | if ( ! isset($installed_plugins[$plugin]) ) |
| 737 | return new WP_Error('no_plugin_header', __('The plugin does not have a valid header.')); |
| 738 | return 0; |
| 739 | } |
| 740 | |
| 741 | /** |
| 742 | * Whether the plugin can be uninstalled. |
| 743 | * |
| 744 | * @since 2.7.0 |
| 745 | * |
| 746 | * @param string $plugin Plugin path to check. |
| 747 | * @return bool Whether plugin can be uninstalled. |
| 748 | */ |
| 749 | function is_uninstallable_plugin($plugin) { |
| 750 | $file = plugin_basename($plugin); |
| 751 | |
| 752 | $uninstallable_plugins = (array) get_option('uninstall_plugins'); |
| 753 | if ( isset( $uninstallable_plugins[$file] ) || file_exists( WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php' ) ) |
| 754 | return true; |
| 755 | |
| 756 | return false; |
| 757 | } |
| 758 | |
| 759 | /** |
| 760 | * Uninstall a single plugin. |
| 761 | * |
| 762 | * Calls the uninstall hook, if it is available. |
| 763 | * |
| 764 | * @since 2.7.0 |
| 765 | * |
| 766 | * @param string $plugin Relative plugin path from Plugin Directory. |
| 767 | */ |
| 768 | function uninstall_plugin($plugin) { |
| 769 | $file = plugin_basename($plugin); |
| 770 | |
| 771 | $uninstallable_plugins = (array) get_option('uninstall_plugins'); |
| 772 | if ( file_exists( WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php' ) ) { |
| 773 | if ( isset( $uninstallable_plugins[$file] ) ) { |
| 774 | unset($uninstallable_plugins[$file]); |
| 775 | update_option('uninstall_plugins', $uninstallable_plugins); |
| 776 | } |
| 777 | unset($uninstallable_plugins); |
| 778 | |
| 779 | define('WP_UNINSTALL_PLUGIN', $file); |
| 780 | include WP_PLUGIN_DIR . '/' . dirname($file) . '/uninstall.php'; | //Arbitrary code inclusion
|
| 781 | |
| 782 | return true; |
| 783 | } |
| 784 | |
| 785 | if ( isset( $uninstallable_plugins[$file] ) ) { |
| 786 | $callable = $uninstallable_plugins[$file]; |
| 787 | unset($uninstallable_plugins[$file]); |
| 788 | update_option('uninstall_plugins', $uninstallable_plugins); |
| 789 | unset($uninstallable_plugins); |
| 790 | |
| 791 | include WP_PLUGIN_DIR . '/' . $file; | //Arbitrary code inclusion
|
| 792 | |
| 793 | add_action( 'uninstall_' . $file, $callable ); | //Arbitrary file disclosing
|
| 794 | do_action( 'uninstall_' . $file ); |
| 795 | } |
| 796 | } |
| 797 | |
| 798 | // |
| 799 | // Menu |
| 800 | // |
| 801 | |
| 802 | /** |
| 803 | * Add a top level menu page |
| 804 | * |
| 805 | * This function takes a capability which will be used to determine whether |
| 806 | * or not a page is included in the menu. |
| 807 | * |
| 808 | * The function which is hooked in to handle the output of the page must check |
| 809 | * that the user has the required capability as well. |
| 810 | * |
| 811 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 812 | * @param string $menu_title The text to be used for the menu |
| 813 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 814 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 815 | * @param callback $function The function to be called to output the content for this page. |
| 816 | * @param string $icon_url The url to the icon to be used for this menu |
| 817 | * @param int $position The position in the menu order this one should appear |
| 818 | */ |
| 819 | function add_menu_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '', $position = NULL ) { |
| 820 | global $menu, $admin_page_hooks, $_registered_pages, $_parent_pages; |
| 821 | |
| 822 | $menu_slug = plugin_basename( $menu_slug ); |
| 823 | |
| 824 | $admin_page_hooks[$menu_slug] = sanitize_title( $menu_title ); |
| 825 | |
| 826 | $hookname = get_plugin_page_hookname( $menu_slug, '' ); |
| 827 | |
| 828 | if ( !empty( $function ) && !empty( $hookname ) && current_user_can( $capability ) ) |
| 829 | add_action( $hookname, $function ); |
| 830 | |
| 831 | if ( empty($icon_url) ) |
| 832 | $icon_url = esc_url( admin_url( 'images/generic.png' ) ); |
| 833 | elseif ( is_ssl() && 0 === strpos($icon_url, 'http://') ) |
| 834 | $icon_url = 'https://' . substr($icon_url, 7); |
| 835 | |
| 836 | $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url ); |
| 837 | |
| 838 | if ( null === $position ) |
| 839 | $menu[] = $new_menu; |
| 840 | else |
| 841 | $menu[$position] = $new_menu; |
| 842 | |
| 843 | $_registered_pages[$hookname] = true; |
| 844 | |
| 845 | // No parent as top level |
| 846 | $_parent_pages[$menu_slug] = false; |
| 847 | |
| 848 | return $hookname; |
| 849 | } |
| 850 | |
| 851 | /** |
| 852 | * Add a top level menu page in the 'objects' section |
| 853 | * |
| 854 | * This function takes a capability which will be used to determine whether |
| 855 | * or not a page is included in the menu. |
| 856 | * |
| 857 | * The function which is hooked in to handle the output of the page must check |
| 858 | * that the user has the required capability as well. |
| 859 | * |
| 860 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 861 | * @param string $menu_title The text to be used for the menu |
| 862 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 863 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 864 | * @param callback $function The function to be called to output the content for this page. |
| 865 | * @param string $icon_url The url to the icon to be used for this menu |
| 866 | */ |
| 867 | function add_object_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '') { |
| 868 | global $_wp_last_object_menu; |
| 869 | |
| 870 | $_wp_last_object_menu++; |
| 871 | |
| 872 | return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $_wp_last_object_menu); |
| 873 | } |
| 874 | |
| 875 | /** |
| 876 | * Add a top level menu page in the 'utility' section |
| 877 | * |
| 878 | * This function takes a capability which will be used to determine whether |
| 879 | * or not a page is included in the menu. |
| 880 | * |
| 881 | * The function which is hooked in to handle the output of the page must check |
| 882 | * that the user has the required capability as well. |
| 883 | * |
| 884 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 885 | * @param string $menu_title The text to be used for the menu |
| 886 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 887 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 888 | * @param callback $function The function to be called to output the content for this page. |
| 889 | * @param string $icon_url The url to the icon to be used for this menu |
| 890 | */ |
| 891 | function add_utility_page( $page_title, $menu_title, $capability, $menu_slug, $function = '', $icon_url = '') { |
| 892 | global $_wp_last_utility_menu; |
| 893 | |
| 894 | $_wp_last_utility_menu++; |
| 895 | |
| 896 | return add_menu_page($page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $_wp_last_utility_menu); |
| 897 | } |
| 898 | |
| 899 | /** |
| 900 | * Add a sub menu page |
| 901 | * |
| 902 | * This function takes a capability which will be used to determine whether |
| 903 | * or not a page is included in the menu. |
| 904 | * |
| 905 | * The function which is hooked in to handle the output of the page must check |
| 906 | * that the user has the required capability as well. |
| 907 | * |
| 908 | * @param string $parent_slug The slug name for the parent menu (or the file name of a standard WordPress admin page) |
| 909 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 910 | * @param string $menu_title The text to be used for the menu |
| 911 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 912 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 913 | * @param callback $function The function to be called to output the content for this page. |
| 914 | */ |
| 915 | function add_submenu_page( $parent_slug, $page_title, $menu_title, $capability, $menu_slug, $function = '' ) { |
| 916 | global $submenu; |
| 917 | global $menu; |
| 918 | global $_wp_real_parent_file; |
| 919 | global $_wp_submenu_nopriv; |
| 920 | global $_registered_pages; |
| 921 | global $_parent_pages; |
| 922 | |
| 923 | $menu_slug = plugin_basename( $menu_slug ); |
| 924 | $parent_slug = plugin_basename( $parent_slug); |
| 925 | |
| 926 | if ( isset( $_wp_real_parent_file[$parent_slug] ) ) |
| 927 | $parent_slug = $_wp_real_parent_file[$parent_slug]; | //Arbitrary file disclosing
|
| 928 | |
| 929 | if ( !current_user_can( $capability ) ) { |
| 930 | $_wp_submenu_nopriv[$parent_slug][$menu_slug] = true; |
| 931 | return false; |
| 932 | } |
| 933 | |
| 934 | // If the parent doesn't already have a submenu, add a link to the parent |
| 935 | // as the first item in the submenu. If the submenu file is the same as the |
| 936 | // parent file someone is trying to link back to the parent manually. In |
| 937 | // this case, don't automatically add a link back to avoid duplication. |
| 938 | if (!isset( $submenu[$parent_slug] ) && $menu_slug != $parent_slug ) { |
| 939 | foreach ( (array)$menu as $parent_menu ) { |
| 940 | if ( $parent_menu[2] == $parent_slug && current_user_can( $parent_menu[1] ) ) |
| 941 | $submenu[$parent_slug][] = $parent_menu; |
| 942 | } |
| 943 | } |
| 944 | |
| 945 | $submenu[$parent_slug][] = array ( $menu_title, $capability, $menu_slug, $page_title ); |
| 946 | |
| 947 | $hookname = get_plugin_page_hookname( $menu_slug, $parent_slug); |
| 948 | if (!empty ( $function ) && !empty ( $hookname )) |
| 949 | add_action( $hookname, $function ); |
| 950 | |
| 951 | $_registered_pages[$hookname] = true; |
| 952 | // backwards-compatibility for plugins using add_management page. See wp-admin/admin.php for redirect from edit.php to tools.php |
| 953 | if ( 'tools.php' == $parent_slug ) |
| 954 | $_registered_pages[get_plugin_page_hookname( $menu_slug, 'edit.php')] = true; |
| 955 | |
| 956 | // No parent as top level |
| 957 | $_parent_pages[$menu_slug] = $parent_slug; |
| 958 | |
| 959 | return $hookname; |
| 960 | } |
| 961 | |
| 962 | /** |
| 963 | * Add sub menu page to the tools main menu. |
| 964 | * |
| 965 | * This function takes a capability which will be used to determine whether |
| 966 | * or not a page is included in the menu. |
| 967 | * |
| 968 | * The function which is hooked in to handle the output of the page must check |
| 969 | * that the user has the required capability as well. |
| 970 | * |
| 971 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 972 | * @param string $menu_title The text to be used for the menu |
| 973 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 974 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 975 | * @param callback $function The function to be called to output the content for this page. |
| 976 | */ |
| 977 | function add_management_page( $page_title, $menu_title, $capability, $menu_slug, $function = '' ) { |
| 978 | return add_submenu_page( 'tools.php', $page_title, $menu_title, $capability, $menu_slug, $function ); |
| 979 | } |
| 980 | |
| 981 | /** |
| 982 | * Add sub menu page to the options main menu. |
| 983 | * |
| 984 | * This function takes a capability which will be used to determine whether |
| 985 | * or not a page is included in the menu. |
| 986 | * |
| 987 | * The function which is hooked in to handle the output of the page must check |
| 988 | * that the user has the required capability as well. |
| 989 | * |
| 990 | * @param string $page_title The text to be displayed in the title tags of the page when the menu is selected |
| 991 | * @param string $menu_title The text to be used for the menu |
| 992 | * @param string $capability The capability required for this menu to be displayed to the user. |
| 993 | * @param string $menu_slug The slug name to refer to this menu by (should be unique for this menu) |
| 994 | * @param callback $function The function to be called to output the content for this page. |
| 995 | */ |
| 996 | function add_options_page( $page_title, $menu_title, $capability, $menu_slug, $function = '' ) { |
| 997 | return add_submenu_page( 'options-general.php', $page_title, $menu_title, $capability, $menu_slug, $function ); |
| 998 | } |
| 999 | |
| 1000 | /** |