/var/www/wordpress/wp-admin/includes/admin.php
/var/www/wordpress/wp-admin/includes/bookmark.php
/var/www/wordpress/wp-admin/includes/class-ftp-pure.php
/var/www/wordpress/wp-admin/includes/class-ftp-sockets.php
/var/www/wordpress/wp-admin/includes/class-ftp.php
/var/www/wordpress/wp-admin/includes/class-pclzip.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-base.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-direct.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpext.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpsockets.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ssh2.php
/var/www/wordpress/wp-admin/includes/class-wp-importer.php
/var/www/wordpress/wp-admin/includes/class-wp-upgrader.php
/var/www/wordpress/wp-admin/includes/comment.php
/var/www/wordpress/wp-admin/includes/continents-cities.php
/var/www/wordpress/wp-admin/includes/dashboard.php
/var/www/wordpress/wp-admin/includes/deprecated.php
/var/www/wordpress/wp-admin/includes/export.php
/var/www/wordpress/wp-admin/includes/file.php
/var/www/wordpress/wp-admin/includes/image-edit.php
/var/www/wordpress/wp-admin/includes/image.php
/var/www/wordpress/wp-admin/includes/import.php
/var/www/wordpress/wp-admin/includes/manifest.php
/var/www/wordpress/wp-admin/includes/media.php
/var/www/wordpress/wp-admin/includes/meta-boxes.php
/var/www/wordpress/wp-admin/includes/misc.php
/var/www/wordpress/wp-admin/includes/ms-deprecated.php
/var/www/wordpress/wp-admin/includes/ms.php
/var/www/wordpress/wp-admin/includes/nav-menu.php
/var/www/wordpress/wp-admin/includes/plugin-install.php
/var/www/wordpress/wp-admin/includes/plugin.php
/var/www/wordpress/wp-admin/includes/post.php
/var/www/wordpress/wp-admin/includes/schema.php
/var/www/wordpress/wp-admin/includes/taxonomy.php
/var/www/wordpress/wp-admin/includes/template.php
/var/www/wordpress/wp-admin/includes/theme-install.php
/var/www/wordpress/wp-admin/includes/theme.php
/var/www/wordpress/wp-admin/includes/update-core.php
/var/www/wordpress/wp-admin/includes/update.php
/var/www/wordpress/wp-admin/includes/upgrade.php
/var/www/wordpress/wp-admin/includes/user.php
/var/www/wordpress/wp-admin/includes/widgets.php
/var/www/wordpress/wp-admin/js/revisions-js.php
/var/www/wordpress/wp-admin/maint/repair.php
/var/www/wordpress/wp-admin/admin-ajax.php
/var/www/wordpress/wp-admin/admin-footer.php
/var/www/wordpress/wp-admin/admin-functions.php
/var/www/wordpress/wp-admin/admin-header.php
/var/www/wordpress/wp-admin/admin-post.php
/var/www/wordpress/wp-admin/admin.php
/var/www/wordpress/wp-admin/async-upload.php
/var/www/wordpress/wp-admin/comment.php
/var/www/wordpress/wp-admin/custom-background.php
/var/www/wordpress/wp-admin/custom-header.php
/var/www/wordpress/wp-admin/edit-attachment-rows.php
/var/www/wordpress/wp-admin/edit-comments.php
/var/www/wordpress/wp-admin/edit-form-advanced.php
/var/www/wordpress/wp-admin/edit-form-comment.php
/var/www/wordpress/wp-admin/edit-link-categories.php
/var/www/wordpress/wp-admin/edit-link-category-form.php
/var/www/wordpress/wp-admin/edit-link-form.php
/var/www/wordpress/wp-admin/edit-post-rows.php
/var/www/wordpress/wp-admin/edit-tag-form.php
/var/www/wordpress/wp-admin/edit-tags.php
/var/www/wordpress/wp-admin/edit.php
/var/www/wordpress/wp-admin/export.php
/var/www/wordpress/wp-admin/gears-manifest.php
/var/www/wordpress/wp-admin/import.php
/var/www/wordpress/wp-admin/index-extra.php
/var/www/wordpress/wp-admin/index.php
/var/www/wordpress/wp-admin/install-helper.php
/var/www/wordpress/wp-admin/install.php
/var/www/wordpress/wp-admin/link-add.php
/var/www/wordpress/wp-admin/link-category.php
/var/www/wordpress/wp-admin/link-manager.php
/var/www/wordpress/wp-admin/link-parse-opml.php
/var/www/wordpress/wp-admin/link.php
/var/www/wordpress/wp-admin/load-scripts.php
/var/www/wordpress/wp-admin/load-styles.php
/var/www/wordpress/wp-admin/media-new.php
/var/www/wordpress/wp-admin/media-upload.php
/var/www/wordpress/wp-admin/media.php
/var/www/wordpress/wp-admin/menu-header.php
/var/www/wordpress/wp-admin/menu.php
/var/www/wordpress/wp-admin/moderation.php
/var/www/wordpress/wp-admin/ms-admin.php
/var/www/wordpress/wp-admin/ms-delete-site.php
/var/www/wordpress/wp-admin/ms-edit.php
/var/www/wordpress/wp-admin/ms-options.php
/var/www/wordpress/wp-admin/ms-sites.php
/var/www/wordpress/wp-admin/ms-themes.php
/var/www/wordpress/wp-admin/ms-upgrade-network.php
/var/www/wordpress/wp-admin/ms-users.php
/var/www/wordpress/wp-admin/my-sites.php
/var/www/wordpress/wp-admin/nav-menus.php
/var/www/wordpress/wp-admin/network.php
/var/www/wordpress/wp-admin/options-discussion.php
/var/www/wordpress/wp-admin/options-general.php
/var/www/wordpress/wp-admin/options-head.php
/var/www/wordpress/wp-admin/options-media.php
/var/www/wordpress/wp-admin/options-permalink.php
/var/www/wordpress/wp-admin/options-privacy.php
/var/www/wordpress/wp-admin/options-reading.php
/var/www/wordpress/wp-admin/options-writing.php
/var/www/wordpress/wp-admin/options.php
/var/www/wordpress/wp-admin/plugin-editor.php
/var/www/wordpress/wp-admin/plugin-install.php
/var/www/wordpress/wp-admin/plugins.php
/var/www/wordpress/wp-admin/post-new.php
/var/www/wordpress/wp-admin/post.php
/var/www/wordpress/wp-admin/press-this.php
/var/www/wordpress/wp-admin/profile.php
/var/www/wordpress/wp-admin/revision.php
/var/www/wordpress/wp-admin/setup-config.php
/var/www/wordpress/wp-admin/sidebar.php
/var/www/wordpress/wp-admin/theme-editor.php
/var/www/wordpress/wp-admin/theme-install.php
/var/www/wordpress/wp-admin/themes.php
/var/www/wordpress/wp-admin/tools.php
/var/www/wordpress/wp-admin/update-core.php
/var/www/wordpress/wp-admin/update.php
/var/www/wordpress/wp-admin/upgrade-functions.php
/var/www/wordpress/wp-admin/upgrade.php
/var/www/wordpress/wp-admin/upload.php
/var/www/wordpress/wp-admin/user-edit.php
/var/www/wordpress/wp-admin/user-new.php
/var/www/wordpress/wp-admin/users.php
/var/www/wordpress/wp-admin/widgets.php
/var/www/wordpress/wp-content/languages/ru_RU.php
/var/www/wordpress/wp-content/plugins/akismet/akismet.php
/var/www/wordpress/wp-content/plugins/rh/rh.php
/var/www/wordpress/wp-content/plugins/hello.php
/var/www/wordpress/wp-content/plugins/index.php
/var/www/wordpress/wp-content/themes/twentyten/404.php
/var/www/wordpress/wp-content/themes/twentyten/archive.php
/var/www/wordpress/wp-content/themes/twentyten/attachment.php
/var/www/wordpress/wp-content/themes/twentyten/author.php
/var/www/wordpress/wp-content/themes/twentyten/category.php
/var/www/wordpress/wp-content/themes/twentyten/comments.php
/var/www/wordpress/wp-content/themes/twentyten/footer.php
/var/www/wordpress/wp-content/themes/twentyten/functions.php
/var/www/wordpress/wp-content/themes/twentyten/header.php
/var/www/wordpress/wp-content/themes/twentyten/index.php
/var/www/wordpress/wp-content/themes/twentyten/loop.php
/var/www/wordpress/wp-content/themes/twentyten/onecolumn-page.php
/var/www/wordpress/wp-content/themes/twentyten/page.php
/var/www/wordpress/wp-content/themes/twentyten/search.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar-footer.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar.php
/var/www/wordpress/wp-content/themes/twentyten/single.php
/var/www/wordpress/wp-content/themes/twentyten/tag.php
/var/www/wordpress/wp-content/themes/index.php
/var/www/wordpress/wp-content/index.php
/var/www/wordpress/wp-includes/js/tinymce/langs/wp-langs.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/JSON.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/Logger.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/EnchantSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/GoogleSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpellShell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/SpellChecker.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/includes/general.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/config.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/rpc.php
/var/www/wordpress/wp-includes/js/tinymce/wp-mce-help.php
/var/www/wordpress/wp-includes/js/tinymce/wp-tinymce.php
/var/www/wordpress/wp-includes/pomo/entry.php
/var/www/wordpress/wp-includes/pomo/mo.php
/var/www/wordpress/wp-includes/pomo/po.php
/var/www/wordpress/wp-includes/pomo/streams.php
/var/www/wordpress/wp-includes/pomo/translations.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/native.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/shell.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/string.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/xdiff.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer/inline.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer.php
/var/www/wordpress/wp-includes/Text/Diff.php
/var/www/wordpress/wp-includes/theme-compat/comments-popup.php
/var/www/wordpress/wp-includes/theme-compat/comments.php
/var/www/wordpress/wp-includes/theme-compat/footer.php
/var/www/wordpress/wp-includes/theme-compat/header.php
/var/www/wordpress/wp-includes/theme-compat/sidebar.php
/var/www/wordpress/wp-includes/atomlib.php
/var/www/wordpress/wp-includes/author-template.php
/var/www/wordpress/wp-includes/bookmark-template.php
/var/www/wordpress/wp-includes/bookmark.php
/var/www/wordpress/wp-includes/cache.php
/var/www/wordpress/wp-includes/canonical.php
/var/www/wordpress/wp-includes/capabilities.php
/var/www/wordpress/wp-includes/category-template.php
/var/www/wordpress/wp-includes/category.php
/var/www/wordpress/wp-includes/class-feed.php
/var/www/wordpress/wp-includes/class-http.php
/var/www/wordpress/wp-includes/class-IXR.php
/var/www/wordpress/wp-includes/class-json.php
/var/www/wordpress/wp-includes/class-oembed.php
/var/www/wordpress/wp-includes/class-phpass.php
/var/www/wordpress/wp-includes/class-phpmailer.php
/var/www/wordpress/wp-includes/class-pop3.php
/var/www/wordpress/wp-includes/class-simplepie.php
/var/www/wordpress/wp-includes/class-smtp.php
/var/www/wordpress/wp-includes/class-snoopy.php
/var/www/wordpress/wp-includes/class.wp-dependencies.php
/var/www/wordpress/wp-includes/class.wp-scripts.php
/var/www/wordpress/wp-includes/class.wp-styles.php
/var/www/wordpress/wp-includes/classes.php
/var/www/wordpress/wp-includes/comment-template.php
/var/www/wordpress/wp-includes/comment.php
/var/www/wordpress/wp-includes/compat.php
/var/www/wordpress/wp-includes/cron.php
/var/www/wordpress/wp-includes/default-constants.php
/var/www/wordpress/wp-includes/default-embeds.php
/var/www/wordpress/wp-includes/default-filters.php
/var/www/wordpress/wp-includes/default-widgets.php
/var/www/wordpress/wp-includes/deprecated.php
/var/www/wordpress/wp-includes/feed-atom-comments.php
/var/www/wordpress/wp-includes/feed-atom.php
/var/www/wordpress/wp-includes/feed-rdf.php
/var/www/wordpress/wp-includes/feed-rss.php
/var/www/wordpress/wp-includes/feed-rss2-comments.php
/var/www/wordpress/wp-includes/feed-rss2.php
/var/www/wordpress/wp-includes/feed.php
/var/www/wordpress/wp-includes/formatting.php
/var/www/wordpress/wp-includes/functions.php
/var/www/wordpress/wp-includes/functions.wp-scripts.php
/var/www/wordpress/wp-includes/functions.wp-styles.php
/var/www/wordpress/wp-includes/general-template.php
#CodeDescriptions
1<?php
2/**
3 * General template tags that can go anywhere in a template.
4 *
5 * @package WordPress
6 * @subpackage Template
7 */
8
9/**
10 * Load header template.
11 *
12 * Includes the header template for a theme or if a name is specified then a
13 * specialised header will be included.
14 *
15 * For the parameter, if the file is called "header-special.php" then specify
16 * "special".
17 *
18 * @uses locate_template()
19 * @since 1.5.0
20 * @uses do_action() Calls 'get_header' action.
21 *
22 * @param string $name The name of the specialised header.
23 */
24function get_header( $name = null ) {
25 do_action( 'get_header', $name );//Cross Site Scripting
26
27 $templates = array();
28 if ( isset($name) )
29 $templates[] = "header-{$name}.php";//Cross Site Scripting
30
31 $templates[] = "header.php";
32
33 // Backward compat code will be removed in a future release
34 if ('' == locate_template($templates, true))
35 load_template( ABSPATH . WPINC . '/theme-compat/header.php');
36}
37
38/**
39 * Load footer template.
40 *
41 * Includes the footer template for a theme or if a name is specified then a
42 * specialised footer will be included.
43 *
44 * For the parameter, if the file is called "footer-special.php" then specify
45 * "special".
46 *
47 * @uses locate_template()
48 * @since 1.5.0
49 * @uses do_action() Calls 'get_footer' action.
50 *
51 * @param string $name The name of the specialised footer.
52 */
53function get_footer( $name = null ) {
54 do_action( 'get_footer', $name );
55
56 $templates = array();
57 if ( isset($name) )
58 $templates[] = "footer-{$name}.php";
59
60 $templates[] = "footer.php";
61
62 // Backward compat code will be removed in a future release
63 if ('' == locate_template($templates, true))
64 load_template( ABSPATH . WPINC . '/theme-compat/footer.php');
65}
66
67/**
68 * Load sidebar template.
69 *
70 * Includes the sidebar template for a theme or if a name is specified then a
71 * specialised sidebar will be included.
72 *
73 * For the parameter, if the file is called "sidebar-special.php" then specify
74 * "special".
75 *
76 * @uses locate_template()
77 * @since 1.5.0
78 * @uses do_action() Calls 'get_sidebar' action.
79 *
80 * @param string $name The name of the specialised sidebar.
81 */
82function get_sidebar( $name = null ) {
83 do_action( 'get_sidebar', $name );
84
85 $templates = array();
86 if ( isset($name) )
87 $templates[] = "sidebar-{$name}.php";
88
89 $templates[] = "sidebar.php";
90
91 // Backward compat code will be removed in a future release
92 if ('' == locate_template($templates, true))
93 load_template( ABSPATH . WPINC . '/theme-compat/sidebar.php');
94}
95
96/**
97 * Load a template part into a template
98 *
99 * Makes it easy for a theme to reuse sections of code in a easy to overload way
100 * for child themes.
101 *
102 * Includes the named template part for a theme or if a name is specified then a
103 * specialised part will be included. If the theme contains no {slug}.php file
104 * then no template will be included.
105 *
106 * The template is included using require, not require_once, so you may include the
107 * same template part multiple times.
108 *
109 * For the parameter, if the file is called "{slug}-special.php" then specify
110 * "special".
111 *
112 * @uses locate_template()
113 * @since 3.0.0
114 * @uses do_action() Calls 'get_template_part{$slug}' action.
115 *
116 * @param string $slug The slug name for the generic template.
117 * @param string $name The name of the specialised template.
118 */
119function get_template_part( $slug, $name = null ) {
120 do_action( "get_template_part_{$slug}", $slug, $name );
121
122 $templates = array();
123 if ( isset($name) )
124 $templates[] = "{$slug}-{$name}.php";
125
126 $templates[] = "{$slug}.php";
127
128 locate_template($templates, true, false);
129}
130
131/**
132 * Display search form.
133 *
134 * Will first attempt to locate the searchform.php file in either the child or
135 * the parent, then load it. If it doesn't exist, then the default search form
136 * will be displayed. The default search form is HTML, which will be displayed.
137 * There is a filter applied to the search form HTML in order to edit or replace
138 * it. The filter is 'get_search_form'.
139 *
140 * This function is primarily used by themes which want to hardcode the search
141 * form into the sidebar and also by the search widget in WordPress.
142 *
143 * There is also an action that is called whenever the function is run called,
144 * 'get_search_form'. This can be useful for outputting JavaScript that the
145 * search relies on or various formatting that applies to the beginning of the
146 * search. To give a few examples of what it can be used for.
147 *
148 * @since 2.7.0
149 * @param boolean $echo Default to echo and not return the form.
150 */
151function get_search_form($echo = true) {
152 do_action( 'get_search_form' );
153
154 $search_form_template = locate_template(array('searchform.php'));
155 if ( '' != $search_form_template ) {
156 require($search_form_template);//Arbitrary code inclusion
157 return;
158 }
159
160 $form = '<form role="search" method="get" id="searchform" action="' . home_url( '/' ) . '" >
161 <div><label class="screen-reader-text" for="s">' . __('Search for:') . '</label>
162 <input type="text" value="' . get_search_query() . '" name="s" id="s" />
163 <input type="submit" id="searchsubmit" value="'. esc_attr__('Search') .'" />
164 </div>
165 </form>';
166
167 if ( $echo )
168 echo apply_filters('get_search_form', $form);
169 else
170 return apply_filters('get_search_form', $form);
171}
172
173/**
174 * Display the Log In/Out link.
175 *
176 * Displays a link, which allows users to navigate to the Log In page to log in
177 * or log out depending on whether they are currently logged in.
178 *
179 * @since 1.5.0
180 * @uses apply_filters() Calls 'loginout' hook on HTML link content.
181 *
182 * @param string $redirect Optional path to redirect to on login/logout.
183 * @param boolean $echo Default to echo and not return the link.
184 */
185function wp_loginout($redirect = '', $echo = true) {
186 if ( ! is_user_logged_in() )
187 $link = '<a href="' . esc_url( wp_login_url($redirect) ) . '">' . __('Log in') . '</a>';
188 else
189 $link = '<a href="' . esc_url( wp_logout_url($redirect) ) . '">' . __('Log out') . '</a>';
190
191 if ( $echo )
192 echo apply_filters('loginout', $link);
193 else
194 return apply_filters('loginout', $link);
195}
196
197/**
198 * Returns the Log Out URL.
199 *
200 * Returns the URL that allows the user to log out of the site
201 *
202 * @since 2.7
203 * @uses wp_nonce_url() To protect against CSRF
204 * @uses site_url() To generate the log in URL
205 * @uses apply_filters() calls 'logout_url' hook on final logout url
206 *
207 * @param string $redirect Path to redirect to on logout.
208 */
209function wp_logout_url($redirect = '') {
210 $args = array( 'action' => 'logout' );
211 if ( !empty($redirect) ) {
212 $args['redirect_to'] = urlencode( $redirect );
213 }
214
215 $logout_url = add_query_arg($args, site_url('wp-login.php', 'login'));
216 $logout_url = wp_nonce_url( $logout_url, 'log-out' );
217
218 return apply_filters('logout_url', $logout_url, $redirect);
219}
220
221/**
222 * Returns the Log In URL.
223 *
224 * Returns the URL that allows the user to log in to the site
225 *
226 * @since 2.7
227 * @uses site_url() To generate the log in URL
228 * @uses apply_filters() calls 'login_url' hook on final login url
229 *
230 * @param string $redirect Path to redirect to on login.
231 * @param bool $force_reauth Whether to force reauthorization, even if a cookie is present. Default is false.
232 * @return string A log in url
233 */
234function wp_login_url($redirect = '', $force_reauth = false) {
235 $login_url = site_url('wp-login.php', 'login');
236
237 if ( !empty($redirect) )
238 $login_url = add_query_arg('redirect_to', urlencode($redirect), $login_url);
239
240 if ( $force_reauth )
241 $login_url = add_query_arg('reauth', '1', $login_url);
242
243 return apply_filters('login_url', $login_url, $redirect);
244}
245
246/**
247 * Provides a simple login form for use anywhere within WordPress. By default, it echoes
248 * the HTML immediately. Pass array('echo'=>false) to return the string instead.
249 *
250 * @since 3.0.0
251 * @param array $args Configuration options to modify the form output
252 * @return Void, or string containing the form
253 */
254function wp_login_form( $args = array() ) {
255 $defaults = array( 'echo' => true,
256 'redirect' => site_url( $_SERVER['REQUEST_URI'] ), // Default redirect is back to the current page
257 'form_id' => 'loginform',
258 'label_username' => __( 'Username' ),
259 'label_password' => __( 'Password' ),
260 'label_remember' => __( 'Remember Me' ),
261 'label_log_in' => __( 'Log In' ),
262 'id_username' => 'user_login',
263 'id_password' => 'user_pass',
264 'id_remember' => 'rememberme',
265 'id_submit' => 'wp-submit',
266 'remember' => true,
267 'value_username' => '',
268 'value_remember' => false, // Set this to true to default the "Remember me" checkbox to checked
269 );
270 $args = wp_parse_args( $args, apply_filters( 'login_form_defaults', $defaults ) );
271
272 $form = '
273 <form name="' . $args['form_id'] . '" id="' . $args['form_id'] . '" action="' . site_url( 'wp-login.php', 'login' ) . '" method="post">
274 ' . apply_filters( 'login_form_top', '' ) . '
275 <p class="login-username">
276 <label for="' . esc_attr( $args['id_username'] ) . '">' . esc_html( $args['label_username'] ) . '</label>
277 <input type="text" name="log" id="' . esc_attr( $args['id_username'] ) . '" class="input" value="' . esc_attr( $args['value_username'] ) . '" size="20" tabindex="10" />
278 </p>
279 <p class="login-password">
280 <label for="' . esc_attr( $args['id_password'] ) . '">' . esc_html( $args['label_password'] ) . '</label>
281 <input type="password" name="pwd" id="' . esc_attr( $args['id_password'] ) . '" class="input" value="" size="20" tabindex="20" />
282 </p>
283 ' . apply_filters( 'login_form_middle', '' ) . '
284 ' . ( $args['remember'] ? '<p class="login-remember"><label><input name="rememberme" type="checkbox" id="' . esc_attr( $args['id_remember'] ) . '" value="forever" tabindex="90"' . ( $args['value_remember'] ? ' checked="checked"' : '' ) . ' /> ' . esc_html( $args['label_remember'] ) . '</label></p>' : '' ) . '
285 <p class="login-submit">
286 <input type="submit" name="wp-submit" id="' . esc_attr( $args['id_submit'] ) . '" class="button-primary" value="' . esc_attr( $args['label_log_in'] ) . '" tabindex="100" />
287 <input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" />
288 </p>
289 ' . apply_filters( 'login_form_bottom', '' ) . '
290 </form>';
291
292 if ( $args['echo'] )
293 echo $form;//Cross Site Scripting
294 else
295 return $form;
296}
297
298/**
299 * Returns the Lost Password URL.
300 *
301 * Returns the URL that allows the user to retrieve the lost password
302 *
303 * @since 2.8.0
304 * @uses site_url() To generate the lost password URL
305 * @uses apply_filters() calls 'lostpassword_url' hook on the lostpassword url
306 *
307 * @param string $redirect Path to redirect to on login.
308 */
309function wp_lostpassword_url($redirect = '') {
310 $args = array( 'action' => 'lostpassword' );
311 if ( !empty($redirect) ) {
312 $args['redirect_to'] = $redirect;
313 }
314
315 $lostpassword_url = add_query_arg($args, site_url('wp-login.php', 'login'));
316 return apply_filters('lostpassword_url', $lostpassword_url, $redirect);
317}
318
319/**
320 * Display the Registration or Admin link.
321 *
322 * Display a link which allows the user to navigate to the registration page if
323 * not logged in and registration is enabled or to the dashboard if logged in.
324 *
325 * @since 1.5.0
326 * @uses apply_filters() Calls 'register' hook on register / admin link content.
327 *
328 * @param string $before Text to output before the link (defaults to <li>).
329 * @param string $after Text to output after the link (defaults to </li>).
330 * @param boolean $echo Default to echo and not return the link.
331 */
332function wp_register( $before = '<li>', $after = '</li>', $echo = true ) {
333
334 if ( ! is_user_logged_in() ) {
335 if ( get_option('users_can_register') )
336 $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'login') . '">' . __('Register') . '</a>' . $after;
337 else
338 $link = '';
339 } else {
340 $link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after;
341 }
342
343 if ( $echo )
344 echo apply_filters('register', $link);
345 else
346 return apply_filters('register', $link);
347}
348
349/**
350 * Theme container function for the 'wp_meta' action.
351 *
352 * The 'wp_meta' action can have several purposes, depending on how you use it,
353 * but one purpose might have been to allow for theme switching.
354 *
355 * @since 1.5.0
356 * @link http://trac.wordpress.org/ticket/1458 Explanation of 'wp_meta' action.
357 * @uses do_action() Calls 'wp_meta' hook.
358 */
359function wp_meta() {
360 do_action('wp_meta');
361}
362
363/**
364 * Display information about the blog.
365 *
366 * @see get_bloginfo() For possible values for the parameter.
367 * @since 0.71
368 *
369 * @param string $show What to display.
370 */
371function bloginfo( $show='' ) {
372 echo get_bloginfo( $show, 'display' );
373}
374
375/**
376 * Retrieve information about the blog.
377 *
378 * Some show parameter values are deprecated and will be removed in future
379 * versions. These options will trigger the _deprecated_argument() function.
380 * The deprecated blog info options are listed in the function contents.
381 *
382 * The possible values for the 'show' parameter are listed below.
383 * <ol>
384 * <li><strong>url<strong> - Blog URI to homepage.</li>
385 * <li><strong>wpurl</strong> - Blog URI path to WordPress.</li>
386 * <li><strong>description</strong> - Secondary title</li>
387 * </ol>
388 *
389 * The feed URL options can be retrieved from 'rdf_url' (RSS 0.91),
390 * 'rss_url' (RSS 1.0), 'rss2_url' (RSS 2.0), or 'atom_url' (Atom feed). The
391 * comment feeds can be retrieved from the 'comments_atom_url' (Atom comment
392 * feed) or 'comments_rss2_url' (RSS 2.0 comment feed).
393 *
394 * @since 0.71
395 *
396 * @param string $show Blog info to retrieve.
397 * @param string $filter How to filter what is retrieved.
398 * @return string Mostly string values, might be empty.
399 */
400function get_bloginfo( $show = '', $filter = 'raw' ) {
401
402 switch( $show ) {
403 case 'home' : // DEPRECATED
404 case 'siteurl' : // DEPRECATED
405 _deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> option instead.' ), 'url' ) );
406 case 'url' :
407 $output = home_url();
408 break;
409 case 'wpurl' :
410 $output = site_url();
411 break;
412 case 'description':
413 $output = get_option('blogdescription');
414 break;
415 case 'rdf_url':
416 $output = get_feed_link('rdf');
417 break;
418 case 'rss_url':
419 $output = get_feed_link('rss');
420 break;
421 case 'rss2_url':
422 $output = get_feed_link('rss2');
423 break;
424 case 'atom_url':
425 $output = get_feed_link('atom');
426 break;
427 case 'comments_atom_url':
428 $output = get_feed_link('comments_atom');
429 break;
430 case 'comments_rss2_url':
431 $output = get_feed_link('comments_rss2');
432 break;
433 case 'pingback_url':
434 $output = get_option('siteurl') .'/xmlrpc.php';
435 break;
436 case 'stylesheet_url':
437 $output = get_stylesheet_uri();
438 break;
439 case 'stylesheet_directory':
440 $output = get_stylesheet_directory_uri();
441 break;
442 case 'template_directory':
443 case 'template_url':
444 $output = get_template_directory_uri();
445 break;
446 case 'admin_email':
447 $output = get_option('admin_email');
448 break;
449 case 'charset':
450 $output = get_option('blog_charset');
451 if ('' == $output) $output = 'UTF-8';
452 break;
453 case 'html_type' :
454 $output = get_option('html_type');
455 break;
456 case 'version':
457 global $wp_version;
458 $output = $wp_version;
459 break;
460 case 'language':
461 $output = get_locale();
462 $output = str_replace('_', '-', $output);
463 break;
464 case 'text_direction':
465 //_deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> function instead.' ), 'is_rtl()' ) );
466 if ( function_exists( 'is_rtl' ) ) {
467 $output = is_rtl() ? 'rtl' : 'ltr';
468 } else {
469 $output = 'ltr';
470 }
471 break;
472 case 'name':
473 default:
474 $output = get_option('blogname');
475 break;
476 }
477
478 $url = true;
479 if (strpos($show, 'url') === false &&
480 strpos($show, 'directory') === false &&
481 strpos($show, 'home') === false)
482 $url = false;
483
484 if ( 'display' == $filter ) {
485 if ( $url )
486 $output = apply_filters('bloginfo_url', $output, $show);
487 else
488 $output = apply_filters('bloginfo', $output, $show);
489 }
490
491 return $output;
492}
493
494/**
495 * Display or retrieve page title for all areas of blog.
496 *
497 * By default, the page title will display the separator before the page title,
498 * so that the blog title will be before the page title. This is not good for
499 * title display, since the blog title shows up on most tabs and not what is
500 * important, which is the page that the user is looking at.
501 *
502 * There are also SEO benefits to having the blog title after or to the 'right'
503 * or the page title. However, it is mostly common sense to have the blog title
504 * to the right with most browsers supporting tabs. You can achieve this by
505 * using the seplocation parameter and setting the value to 'right'. This change
506 * was introduced around 2.5.0, in case backwards compatibility of themes is
507 * important.
508 *
509 * @since 1.0.0
510 *
511 * @param string $sep Optional, default is '»'. How to separate the various items within the page title.
512 * @param bool $display Optional, default is true. Whether to display or retrieve title.
513 * @param string $seplocation Optional. Direction to display title, 'right'.
514 * @return string|null String on retrieve, null when displaying.
515 */
516function wp_title($sep = '»', $display = true, $seplocation = '') {
517 global $wpdb, $wp_locale, $wp_query;
518
519 $cat = get_query_var('cat');
520 $tag = get_query_var('tag_id');
521 $category_name = get_query_var('category_name');
522 $author = get_query_var('author');
523 $author_name = get_query_var('author_name');
524 $m = get_query_var('m');
525 $year = get_query_var('year');
526 $monthnum = get_query_var('monthnum');
527 $day = get_query_var('day');
528 $search = get_query_var('s');
529 $title = '';
530
531 $t_sep = '%WP_TITILE_SEP%'; // Temporary separator, for accurate flipping, if necessary
532
533 // If there's a category
534 if ( !empty($cat) ) {
535 // category exclusion
536 if ( !stristr($cat,'-') )
537 $title = apply_filters('single_cat_title', get_the_category_by_ID($cat));
538 } elseif ( !empty($category_name) ) {
539 if ( stristr($category_name,'/') ) {
540 $category_name = explode('/',$category_name);
541 if ( $category_name[count($category_name)-1] )
542 $category_name = $category_name[count($category_name)-1]; // no trailing slash
543 else
544 $category_name = $category_name[count($category_name)-2]; // there was a trailling slash
545 }
546 $cat = get_term_by('slug', $category_name, 'category', OBJECT, 'display');
547 if ( $cat )
548 $title = apply_filters('single_cat_title', $cat->name);
549 }
550
551 if ( !empty($tag) ) {
552 $tag = get_term($tag, 'post_tag', OBJECT, 'display');
553 if ( is_wp_error( $tag ) )
554 return $tag;
555 if ( ! empty($tag->name) )
556 $title = apply_filters('single_tag_title', $tag->name);
557 }
558
559 // If there's an author
560 if ( !empty($author) ) {
561 $title = get_userdata($author);
562 $title = $title->display_name;
563 }
564 if ( !empty($author_name) ) {
565 // We do a direct query here because we don't cache by nicename.
566 $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name));
567 }
568
569 // If there's a month
570 if ( !empty($m) ) {
571 $my_year = substr($m, 0, 4);
572 $my_month = $wp_locale->get_month(substr($m, 4, 2));
573 $my_day = intval(substr($m, 6, 2));
574 $title = $my_year . ($my_month ? $t_sep . $my_month : "") . ($my_day ? $t_sep . $my_day : "");
575 }
576
577 if ( !empty($year) ) {
578 $title = $year;
579 if ( !empty($monthnum) )
580 $title .= $t_sep . $wp_locale->get_month($monthnum);
581 if ( !empty($day) )
582 $title .= $t_sep . zeroise($day, 2);
583 }
584
585 // If there is a post
586 if ( is_single() || ( is_home() && !is_front_page() ) || ( is_page() && !is_front_page() ) ) {
587 $post = $wp_query->get_queried_object();
588 $title = apply_filters( 'single_post_title', $post->post_title );
589 }
590
591 // If there's a taxonomy
592 if ( is_tax() ) {
593 $taxonomy = get_query_var( 'taxonomy' );
594 $tax = get_taxonomy( $taxonomy );
595 $term = $wp_query->get_queried_object();
596 $term = $term->name;
597 $title = $tax->labels->name . $t_sep . $term;
598 }
599
600 //If it's a search
601 if ( is_search() ) {
602 /* translators: 1: separator, 2: search phrase */
603 $title = sprintf(__('Search Results %1$s %2$s'), $t_sep, strip_tags($search));
604 }
605
606 if ( is_404() ) {
607 $title = __('Page not found');
608 }
609
610 $prefix = '';
611 if ( !empty($title) )
612 $prefix = " $sep ";
613
614 // Determines position of the separator and direction of the breadcrumb
615 if ( 'right' == $seplocation ) { // sep on right, so reverse the order
616 $title_array = explode( $t_sep, $title );
617 $title_array = array_reverse( $title_array );
618 $title = implode( " $sep ", $title_array ) . $prefix;
619 } else {
620 $title_array = explode( $t_sep, $title );
621 $title = $prefix . implode( " $sep ", $title_array );
622 }
623
624 $title = apply_filters('wp_title', $title, $sep, $seplocation);
625
626 // Send it out
627 if ( $display )
628 echo $title;//Cross Site Scripting
629 else
630 return $title;
631
632}
633
634/**
635 * Display or retrieve page title for post.
636 *
637 * This is optimized for single.php template file for displaying the post title.
638 * Only useful for posts, does not support pages for example.
639 *
640 * It does not support placing the separator after the title, but by leaving the
641 * prefix parameter empty, you can set the title separator manually. The prefix
642 * does not automatically place a space between the prefix, so if there should
643 * be a space, the parameter value will need to have it at the end.
644 *
645 * @since 0.71
646 * @uses $wpdb
647 *
648 * @param string $prefix Optional. What to display before the title.
649 * @param bool $display Optional, default is true. Whether to display or retrieve title.
650 * @return string|null Title when retrieving, null when displaying or failure.
651 */
652function single_post_title($prefix = '', $display = true) {
653 global $wp_query, $post;
654
655 if ( ! $post )
656 $_post = $wp_query->get_queried_object();
657 else
658 $_post = $post;
659
660 if ( !isset($_post->post_title) )
661 return;
662
663 $title = apply_filters('single_post_title', $_post->post_title, $_post);
664 if ( $display )
665 echo $prefix . $title;//Cross Site Scripting
666 else
667 return $title;
668}
669
670/**
671 * Display or retrieve page title for category archive.
672 *
673 * This is useful for category template file or files, because it is optimized
674 * for category page title and with less overhead than {@link wp_title()}.
675 *
676 * It does not support placing the separator after the title, but by leaving the
677 * prefix parameter empty, you can set the title separator manually. The prefix
678 * does not automatically place a space between the prefix, so if there should
679 * be a space, the parameter value will need to have it at the end.
680 *
681 * @since 0.71
682 *
683 * @param string $prefix Optional. What to display before the title.
684 * @param bool $display Optional, default is true. Whether to display or retrieve title.
685 * @return string|null Title when retrieving, null when displaying or failure.
686 */
687function single_cat_title($prefix = '', $display = true ) {
688 global $wp_query;
689
690 if ( is_tag() )
691 return single_tag_title($prefix, $display);
692
693 if ( !is_category() )
694 return;
695
696 $cat = $wp_query->get_queried_object();
697 $my_cat_name = apply_filters('single_cat_title', $cat->name);
698 if ( !empty($my_cat_name) ) {
699 if ( $display )
700 echo $prefix . $my_cat_name;//Cross Site Scripting
701 else
702 return $my_cat_name;
703 }
704}
705
706/**
707 * Display or retrieve page title for tag post archive.
708 *
709 * Useful for tag template files for displaying the tag page title. It has less
710 * overhead than {@link wp_title()}, because of its limited implementation.
711 *
712 * It does not support placing the separator after the title, but by leaving the
713 * prefix parameter empty, you can set the title separator manually. The prefix
714 * does not automatically place a space between the prefix, so if there should
715 * be a space, the parameter value will need to have it at the end.
716 *
717 * @since 2.3.0
718 *
719 * @param string $prefix Optional. What to display before the title.
720 * @param bool $display Optional, default is true. Whether to display or retrieve title.
721 * @return string|null Title when retrieving, null when displaying or failure.
722 */
723function single_tag_title($prefix = '', $display = true ) {
724 global $wp_query;
725 if ( !is_tag() )
726 return;
727
728 $tag = $wp_query->get_queried_object();
729
730 if ( ! $tag )
731 return;
732
733 $my_tag_name = apply_filters('single_tag_title', $tag->name);
734 if ( !empty($my_tag_name) ) {
735 if ( $display )
736 echo $prefix . $my_tag_name;//Cross Site Scripting
737 else
738 return $my_tag_name;
739 }
740}
741
742/**
743 * Display or retrieve page title for post archive based on date.
744 *
745 * Useful for when the template only needs to display the month and year, if
746 * either are available. Optimized for just this purpose, so if it is all that
747 * is needed, should be better than {@link wp_title()}.
748 *
749 * It does not support placing the separator after the title, but by leaving the
750 * prefix parameter empty, you can set the title separator manually. The prefix
751 * does not automatically place a space between the prefix, so if there should
752 * be a space, the parameter value will need to have it at the end.
753 *
754 * @since 0.71
755 *
756 * @param string $prefix Optional. What to display before the title.
757 * @param bool $display Optional, default is true. Whether to display or retrieve title.
758 * @return string|null Title when retrieving, null when displaying or failure.
759 */
760function single_month_title($prefix = '', $display = true ) {
761 global $wp_locale;
762
763 $m = get_query_var('m');
764 $year = get_query_var('year');
765 $monthnum = get_query_var('monthnum');
766
767 if ( !empty($monthnum) && !empty($year) ) {
768 $my_year = $year;
769 $my_month = $wp_locale->get_month($monthnum);
770 } elseif ( !empty($m) ) {
771 $my_year = substr($m, 0, 4);
772 $my_month = $wp_locale->get_month(substr($m, 4, 2));
773 }
774
775 if ( empty($my_month) )
776 return false;
777
778 $result = $prefix . $my_month . $prefix . $my_year;
779
780 if ( !$display )
781 return $result;
782 echo $result;//Cross Site Scripting
783}
784
785/**
786 * Retrieve archive link content based on predefined or custom code.
787 *
788 * The format can be one of four styles. The 'link' for head element, 'option'
789 * for use in the select element, 'html' for use in list (either ol or ul HTML
790 * elements). Custom content is also supported using the before and after
791 * parameters.
792 *
793 * The 'link' format uses the link HTML element with the <em>archives</em>
794 * relationship. The before and after parameters are not used. The text
795 * parameter is used to describe the link.
796 *
797 * The 'option' format uses the option HTML element for use in select element.
798 * The value is the url parameter and the before and after parameters are used
799 * between the text description.
800 *
801 * The 'html' format, which is the default, uses the li HTML element for use in
802 * the list HTML elements. The before parameter is before the link and the after
803 * parameter is after the closing link.
804 *
805 * The custom format uses the before parameter before the link ('a' HTML
806 * element) and the after parameter after the closing link tag. If the above
807 * three values for the format are not used, then custom format is assumed.
808 *
809 * @since 1.0.0
810 *
811 * @param string $url URL to archive.
812 * @param string $text Archive text description.
813 * @param string $format Optional, default is 'html'. Can be 'link', 'option', 'html', or custom.
814 * @param string $before Optional.
815 * @param string $after Optional.
816 * @return string HTML link content for archive.
817 */
818function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
819 $text = wptexturize($text);
820 $title_text = esc_attr($text);
821 $url = esc_url($url);
822
823 if ('link' == $format)
824 $link_html = "\t<link rel='archives' title='$title_text' href='$url' />\n";
825 elseif ('option' == $format)
826 $link_html = "\t<option value='$url'>$before $text $after</option>\n";
827 elseif ('html' == $format)
828 $link_html = "\t<li>$before<a href='$url' title='$title_text'>$text</a>$after</li>\n";
829 else // custom
830 $link_html = "\t$before<a href='$url' title='$title_text'>$text</a>$after\n";
831
832 $link_html = apply_filters( "get_archives_link", $link_html );
833
834 return $link_html;
835}
836
837/**
838 * Display archive links based on type and format.
839 *
840 * The 'type' argument offers a few choices and by default will display monthly
841 * archive links. The other options for values are 'daily', 'weekly', 'monthly',
842 * 'yearly', 'postbypost' or 'alpha'. Both 'postbypost' and 'alpha' display the
843 * same archive link list, the difference between the two is that 'alpha'
844 * will order by post title and 'postbypost' will order by post date.
845 *
846 * The date archives will logically display dates with links to the archive post
847 * page. The 'postbypost' and 'alpha' values for 'type' argument will display
848 * the post titles.
849 *
850 * The 'limit' argument will only display a limited amount of links, specified
851 * by the 'limit' integer value. By default, there is no limit. The
852 * 'show_post_count' argument will show how many posts are within the archive.
853 * By default, the 'show_post_count' argument is set to false.
854 *
855 * For the 'format', 'before', and 'after' arguments, see {@link
856 * get_archives_link()}. The values of these arguments have to do with that
857 * function.
858 *
859 * @since 1.2.0
860 *
861 * @param string|array $args Optional. Override defaults.
862 */
863function wp_get_archives($args = '') {
864 global $wpdb, $wp_locale;
865
866 $defaults = array(
867 'type' => 'monthly', 'limit' => '',
868 'format' => 'html', 'before' => '',
869 'after' => '', 'show_post_count' => false,
870 'echo' => 1
871 );
872
873 $r = wp_parse_args( $args, $defaults );
874 extract( $r, EXTR_SKIP );//Possible Control Flow
875
876 if ( '' == $type )
877 $type = 'monthly';
878
879 if ( '' != $limit ) {
880 $limit = absint($limit);
881 $limit = ' LIMIT '.$limit;
882 }
883
884 // this is what will separate dates on weekly archive links
885 $archive_week_separator = '–';
886
887 // over-ride general date format ? 0 = no: use the date format set in Options, 1 = yes: over-ride
888 $archive_date_format_over_ride = 0;
889
890 // options for daily archive (only if you over-ride the general date format)
891 $archive_day_date_format = 'Y/m/d';
892
893 // options for weekly archive (only if you over-ride the general date format)
894 $archive_week_start_date_format = 'Y/m/d';
895 $archive_week_end_date_format = 'Y/m/d';
896
897 if ( !$archive_date_format_over_ride ) {
898 $archive_day_date_format = get_option('date_format');
899 $archive_week_start_date_format = get_option('date_format');
900 $archive_week_end_date_format = get_option('date_format');
901 }
902
903 //filters
904 $where = apply_filters('getarchives_where', "WHERE post_type = 'post' AND post_status = 'publish'", $r );
905 $join = apply_filters('getarchives_join', "", $r);
906
907 $output = '';
908
909 if ( 'monthly' == $type ) {
910 $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date) ORDER BY post_date DESC $limit";
911 $key = md5($query);
912 $cache = wp_cache_get( 'wp_get_archives' , 'general');
913 if ( !isset( $cache[ $key ] ) ) {
914 $arcresults = $wpdb->get_results($query);
915 $cache[ $key ] = $arcresults;
916 wp_cache_set( 'wp_get_archives', $cache, 'general' );
917 } else {
918 $arcresults = $cache[ $key ];
919 }
920 if ( $arcresults ) {
921 $afterafter = $after;
922 foreach ( (array) $arcresults as $arcresult ) {
923 $url = get_month_link( $arcresult->year, $arcresult->month );
924 /* translators: 1: month name, 2: 4-digit year */
925 $text = sprintf(__('%1$s %2$d'), $wp_locale->get_month($arcresult->month), $arcresult->year);
926 if ( $show_post_count )
927 $after = ' ('.$arcresult->posts.')' . $afterafter;
928 $output .= get_archives_link($url, $text, $format, $before, $after);
929 }
930 }
931 } elseif ('yearly' == $type) {
932 $query = "SELECT YEAR(post_date) AS `year`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date) ORDER BY post_date DESC $limit";
933 $key = md5($query);
934 $cache = wp_cache_get( 'wp_get_archives' , 'general');
935 if ( !isset( $cache[ $key ] ) ) {
936 $arcresults = $wpdb->get_results($query);
937 $cache[ $key ] = $arcresults;
938 wp_cache_set( 'wp_get_archives', $cache, 'general' );
939 } else {
940 $arcresults = $cache[ $key ];
941 }
942 if ($arcresults) {
943 $afterafter = $after;
944 foreach ( (array) $arcresults as $arcresult) {
945 $url = get_year_link($arcresult->year);
946 $text = sprintf('%d', $arcresult->year);
947 if ($show_post_count)
948 $after = ' ('.$arcresult->posts.')' . $afterafter;
949 $output .= get_archives_link($url, $text, $format, $before, $after);
950 }
951 }
952 } elseif ( 'daily' == $type ) {
953 $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, DAYOFMONTH(post_date) AS `dayofmonth`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date), DAYOFMONTH(post_date) ORDER BY post_date DESC $limit";
954 $key = md5($query);
955 $cache = wp_cache_get( 'wp_get_archives' , 'general');
956 if ( !isset( $cache[ $key ] ) ) {
957 $arcresults = $wpdb->get_results($query);
958 $cache[ $key ] = $arcresults;
959 wp_cache_set( 'wp_get_archives', $cache, 'general' );
960 } else {
961 $arcresults = $cache[ $key ];
962 }
963 if ( $arcresults ) {
964 $afterafter = $after;
965 foreach ( (array) $arcresults as $arcresult ) {
966 $url = get_day_link($arcresult->year, $arcresult->month, $arcresult->dayofmonth);
967 $date = sprintf('%1$d-%2$02d-%3$02d 00:00:00', $arcresult->year, $arcresult->month, $arcresult->dayofmonth);//Cross Site Scripting
968 $text = mysql2date($archive_day_date_format, $date);
969 if ($show_post_count)
970 $after = ' ('.$arcresult->posts.')'.$afterafter;
971 $output .= get_archives_link($url, $text, $format, $before, $after);
972 }
973 }
974 } elseif ( 'weekly' == $type ) {
975 $week = _wp_mysql_week( '`post_date`' );
976 $query = "SELECT DISTINCT $week AS `week`, YEAR( `post_date` ) AS `yr`, DATE_FORMAT( `post_date`, '%Y-%m-%d' ) AS `yyyymmdd`, count( `ID` ) AS `posts` FROM `$wpdb->posts` $join $where GROUP BY $week, YEAR( `post_date` ) ORDER BY `post_date` DESC $limit";//Arbitrary command execution
977 $key = md5($query);
978 $cache = wp_cache_get( 'wp_get_archives' , 'general');
979 if ( !isset( $cache[ $key ] ) ) {
980 $arcresults = $wpdb->get_results($query);
981 $cache[ $key ] = $arcresults;
982 wp_cache_set( 'wp_get_archives', $cache, 'general' );
983 } else {
984 $arcresults = $cache[ $key ];
985 }
986 $arc_w_last = '';
987 $afterafter = $after;
988 if ( $arcresults ) {
989 foreach ( (array) $arcresults as $arcresult ) {
990 if ( $arcresult->week != $arc_w_last ) {
991 $arc_year = $arcresult->yr;
992 $arc_w_last = $arcresult->week;
993 $arc_week = get_weekstartend($arcresult->yyyymmdd, get_option('start_of_week'));
994 $arc_week_start = date_i18n($archive_week_start_date_format, $arc_week['start']);
995 $arc_week_end = date_i18n($archive_week_end_date_format, $arc_week['end']);
996 $url = sprintf('%1$s/%2$s%3$sm%4$s%5$s%6$sw%7$s%8$d', home_url(), '', '?', '=', $arc_year, '&', '=', $arcresult->week);//Cross Site Scripting
997 $text = $arc_week_start . $archive_week_separator . $arc_week_end;
998 if ($show_post_count)
999 $after = ' ('.$arcresult->posts.')'.$afterafter;
1000 $output .= get_archives_link($url, $text, $format, $before, $after);
/var/www/wordpress/wp-includes/http.php
/var/www/wordpress/wp-includes/kses.php
/var/www/wordpress/wp-includes/l10n.php
/var/www/wordpress/wp-includes/link-template.php
/var/www/wordpress/wp-includes/load.php
/var/www/wordpress/wp-includes/locale.php
/var/www/wordpress/wp-includes/media.php
/var/www/wordpress/wp-includes/meta.php
/var/www/wordpress/wp-includes/ms-blogs.php
/var/www/wordpress/wp-includes/ms-default-constants.php
/var/www/wordpress/wp-includes/ms-default-filters.php
/var/www/wordpress/wp-includes/ms-deprecated.php
/var/www/wordpress/wp-includes/ms-files.php
/var/www/wordpress/wp-includes/ms-functions.php
/var/www/wordpress/wp-includes/ms-load.php
/var/www/wordpress/wp-includes/ms-settings.php
/var/www/wordpress/wp-includes/nav-menu-template.php
/var/www/wordpress/wp-includes/nav-menu.php
/var/www/wordpress/wp-includes/pluggable-deprecated.php
/var/www/wordpress/wp-includes/pluggable.php
/var/www/wordpress/wp-includes/plugin.php
/var/www/wordpress/wp-includes/post-template.php
/var/www/wordpress/wp-includes/post-thumbnail-template.php
/var/www/wordpress/wp-includes/post.php
/var/www/wordpress/wp-includes/query.php
/var/www/wordpress/wp-includes/registration-functions.php
/var/www/wordpress/wp-includes/registration.php
/var/www/wordpress/wp-includes/rewrite.php
/var/www/wordpress/wp-includes/rss-functions.php
/var/www/wordpress/wp-includes/rss.php
/var/www/wordpress/wp-includes/script-loader.php
/var/www/wordpress/wp-includes/shortcodes.php
/var/www/wordpress/wp-includes/taxonomy.php
/var/www/wordpress/wp-includes/template-loader.php
/var/www/wordpress/wp-includes/theme.php
/var/www/wordpress/wp-includes/update.php
/var/www/wordpress/wp-includes/user.php
/var/www/wordpress/wp-includes/vars.php
/var/www/wordpress/wp-includes/version.php
/var/www/wordpress/wp-includes/widgets.php
/var/www/wordpress/wp-includes/wp-db.php
/var/www/wordpress/wp-includes/wp-diff.php
/var/www/wordpress/index.php
/var/www/wordpress/wp-activate.php
/var/www/wordpress/wp-app.php
/var/www/wordpress/wp-atom.php
/var/www/wordpress/wp-blog-header.php
/var/www/wordpress/wp-comments-post.php
/var/www/wordpress/wp-commentsrss2.php
/var/www/wordpress/wp-config-sample.php
/var/www/wordpress/wp-cron.php
/var/www/wordpress/wp-feed.php
/var/www/wordpress/wp-links-opml.php
/var/www/wordpress/wp-load.php
/var/www/wordpress/wp-login.php
/var/www/wordpress/wp-mail.php
/var/www/wordpress/wp-pass.php
/var/www/wordpress/wp-rdf.php
/var/www/wordpress/wp-register.php
/var/www/wordpress/wp-rss.php
/var/www/wordpress/wp-rss2.php
/var/www/wordpress/wp-settings.php
/var/www/wordpress/wp-signup.php
/var/www/wordpress/wp-trackback.php
/var/www/wordpress/xmlrpc.php