1 | <?php |
2 | /** |
3 | * General template tags that can go anywhere in a template. |
4 | * |
5 | * @package WordPress |
6 | * @subpackage Template |
7 | */ |
8 | |
9 | /** |
10 | * Load header template. |
11 | * |
12 | * Includes the header template for a theme or if a name is specified then a |
13 | * specialised header will be included. |
14 | * |
15 | * For the parameter, if the file is called "header-special.php" then specify |
16 | * "special". |
17 | * |
18 | * @uses locate_template() |
19 | * @since 1.5.0 |
20 | * @uses do_action() Calls 'get_header' action. |
21 | * |
22 | * @param string $name The name of the specialised header. |
23 | */ |
24 | function get_header( $name = null ) { |
25 | do_action( 'get_header', $name ); | //Cross Site Scripting
|
26 | |
27 | $templates = array(); |
28 | if ( isset($name) ) |
29 | $templates[] = "header-{$name}.php"; | //Cross Site Scripting
|
30 | |
31 | $templates[] = "header.php"; |
32 | |
33 | // Backward compat code will be removed in a future release |
34 | if ('' == locate_template($templates, true)) |
35 | load_template( ABSPATH . WPINC . '/theme-compat/header.php'); |
36 | } |
37 | |
38 | /** |
39 | * Load footer template. |
40 | * |
41 | * Includes the footer template for a theme or if a name is specified then a |
42 | * specialised footer will be included. |
43 | * |
44 | * For the parameter, if the file is called "footer-special.php" then specify |
45 | * "special". |
46 | * |
47 | * @uses locate_template() |
48 | * @since 1.5.0 |
49 | * @uses do_action() Calls 'get_footer' action. |
50 | * |
51 | * @param string $name The name of the specialised footer. |
52 | */ |
53 | function get_footer( $name = null ) { |
54 | do_action( 'get_footer', $name ); |
55 | |
56 | $templates = array(); |
57 | if ( isset($name) ) |
58 | $templates[] = "footer-{$name}.php"; |
59 | |
60 | $templates[] = "footer.php"; |
61 | |
62 | // Backward compat code will be removed in a future release |
63 | if ('' == locate_template($templates, true)) |
64 | load_template( ABSPATH . WPINC . '/theme-compat/footer.php'); |
65 | } |
66 | |
67 | /** |
68 | * Load sidebar template. |
69 | * |
70 | * Includes the sidebar template for a theme or if a name is specified then a |
71 | * specialised sidebar will be included. |
72 | * |
73 | * For the parameter, if the file is called "sidebar-special.php" then specify |
74 | * "special". |
75 | * |
76 | * @uses locate_template() |
77 | * @since 1.5.0 |
78 | * @uses do_action() Calls 'get_sidebar' action. |
79 | * |
80 | * @param string $name The name of the specialised sidebar. |
81 | */ |
82 | function get_sidebar( $name = null ) { |
83 | do_action( 'get_sidebar', $name ); |
84 | |
85 | $templates = array(); |
86 | if ( isset($name) ) |
87 | $templates[] = "sidebar-{$name}.php"; |
88 | |
89 | $templates[] = "sidebar.php"; |
90 | |
91 | // Backward compat code will be removed in a future release |
92 | if ('' == locate_template($templates, true)) |
93 | load_template( ABSPATH . WPINC . '/theme-compat/sidebar.php'); |
94 | } |
95 | |
96 | /** |
97 | * Load a template part into a template |
98 | * |
99 | * Makes it easy for a theme to reuse sections of code in a easy to overload way |
100 | * for child themes. |
101 | * |
102 | * Includes the named template part for a theme or if a name is specified then a |
103 | * specialised part will be included. If the theme contains no {slug}.php file |
104 | * then no template will be included. |
105 | * |
106 | * The template is included using require, not require_once, so you may include the |
107 | * same template part multiple times. |
108 | * |
109 | * For the parameter, if the file is called "{slug}-special.php" then specify |
110 | * "special". |
111 | * |
112 | * @uses locate_template() |
113 | * @since 3.0.0 |
114 | * @uses do_action() Calls 'get_template_part{$slug}' action. |
115 | * |
116 | * @param string $slug The slug name for the generic template. |
117 | * @param string $name The name of the specialised template. |
118 | */ |
119 | function get_template_part( $slug, $name = null ) { |
120 | do_action( "get_template_part_{$slug}", $slug, $name ); |
121 | |
122 | $templates = array(); |
123 | if ( isset($name) ) |
124 | $templates[] = "{$slug}-{$name}.php"; |
125 | |
126 | $templates[] = "{$slug}.php"; |
127 | |
128 | locate_template($templates, true, false); |
129 | } |
130 | |
131 | /** |
132 | * Display search form. |
133 | * |
134 | * Will first attempt to locate the searchform.php file in either the child or |
135 | * the parent, then load it. If it doesn't exist, then the default search form |
136 | * will be displayed. The default search form is HTML, which will be displayed. |
137 | * There is a filter applied to the search form HTML in order to edit or replace |
138 | * it. The filter is 'get_search_form'. |
139 | * |
140 | * This function is primarily used by themes which want to hardcode the search |
141 | * form into the sidebar and also by the search widget in WordPress. |
142 | * |
143 | * There is also an action that is called whenever the function is run called, |
144 | * 'get_search_form'. This can be useful for outputting JavaScript that the |
145 | * search relies on or various formatting that applies to the beginning of the |
146 | * search. To give a few examples of what it can be used for. |
147 | * |
148 | * @since 2.7.0 |
149 | * @param boolean $echo Default to echo and not return the form. |
150 | */ |
151 | function get_search_form($echo = true) { |
152 | do_action( 'get_search_form' ); |
153 | |
154 | $search_form_template = locate_template(array('searchform.php')); |
155 | if ( '' != $search_form_template ) { |
156 | require($search_form_template); | //Arbitrary code inclusion
|
157 | return; |
158 | } |
159 | |
160 | $form = '<form role="search" method="get" id="searchform" action="' . home_url( '/' ) . '" > |
161 | <div><label class="screen-reader-text" for="s">' . __('Search for:') . '</label> |
162 | <input type="text" value="' . get_search_query() . '" name="s" id="s" /> |
163 | <input type="submit" id="searchsubmit" value="'. esc_attr__('Search') .'" /> |
164 | </div> |
165 | </form>'; |
166 | |
167 | if ( $echo ) |
168 | echo apply_filters('get_search_form', $form); |
169 | else |
170 | return apply_filters('get_search_form', $form); |
171 | } |
172 | |
173 | /** |
174 | * Display the Log In/Out link. |
175 | * |
176 | * Displays a link, which allows users to navigate to the Log In page to log in |
177 | * or log out depending on whether they are currently logged in. |
178 | * |
179 | * @since 1.5.0 |
180 | * @uses apply_filters() Calls 'loginout' hook on HTML link content. |
181 | * |
182 | * @param string $redirect Optional path to redirect to on login/logout. |
183 | * @param boolean $echo Default to echo and not return the link. |
184 | */ |
185 | function wp_loginout($redirect = '', $echo = true) { |
186 | if ( ! is_user_logged_in() ) |
187 | $link = '<a href="' . esc_url( wp_login_url($redirect) ) . '">' . __('Log in') . '</a>'; |
188 | else |
189 | $link = '<a href="' . esc_url( wp_logout_url($redirect) ) . '">' . __('Log out') . '</a>'; |
190 | |
191 | if ( $echo ) |
192 | echo apply_filters('loginout', $link); |
193 | else |
194 | return apply_filters('loginout', $link); |
195 | } |
196 | |
197 | /** |
198 | * Returns the Log Out URL. |
199 | * |
200 | * Returns the URL that allows the user to log out of the site |
201 | * |
202 | * @since 2.7 |
203 | * @uses wp_nonce_url() To protect against CSRF |
204 | * @uses site_url() To generate the log in URL |
205 | * @uses apply_filters() calls 'logout_url' hook on final logout url |
206 | * |
207 | * @param string $redirect Path to redirect to on logout. |
208 | */ |
209 | function wp_logout_url($redirect = '') { |
210 | $args = array( 'action' => 'logout' ); |
211 | if ( !empty($redirect) ) { |
212 | $args['redirect_to'] = urlencode( $redirect ); |
213 | } |
214 | |
215 | $logout_url = add_query_arg($args, site_url('wp-login.php', 'login')); |
216 | $logout_url = wp_nonce_url( $logout_url, 'log-out' ); |
217 | |
218 | return apply_filters('logout_url', $logout_url, $redirect); |
219 | } |
220 | |
221 | /** |
222 | * Returns the Log In URL. |
223 | * |
224 | * Returns the URL that allows the user to log in to the site |
225 | * |
226 | * @since 2.7 |
227 | * @uses site_url() To generate the log in URL |
228 | * @uses apply_filters() calls 'login_url' hook on final login url |
229 | * |
230 | * @param string $redirect Path to redirect to on login. |
231 | * @param bool $force_reauth Whether to force reauthorization, even if a cookie is present. Default is false. |
232 | * @return string A log in url |
233 | */ |
234 | function wp_login_url($redirect = '', $force_reauth = false) { |
235 | $login_url = site_url('wp-login.php', 'login'); |
236 | |
237 | if ( !empty($redirect) ) |
238 | $login_url = add_query_arg('redirect_to', urlencode($redirect), $login_url); |
239 | |
240 | if ( $force_reauth ) |
241 | $login_url = add_query_arg('reauth', '1', $login_url); |
242 | |
243 | return apply_filters('login_url', $login_url, $redirect); |
244 | } |
245 | |
246 | /** |
247 | * Provides a simple login form for use anywhere within WordPress. By default, it echoes |
248 | * the HTML immediately. Pass array('echo'=>false) to return the string instead. |
249 | * |
250 | * @since 3.0.0 |
251 | * @param array $args Configuration options to modify the form output |
252 | * @return Void, or string containing the form |
253 | */ |
254 | function wp_login_form( $args = array() ) { |
255 | $defaults = array( 'echo' => true, |
256 | 'redirect' => site_url( $_SERVER['REQUEST_URI'] ), // Default redirect is back to the current page |
257 | 'form_id' => 'loginform', |
258 | 'label_username' => __( 'Username' ), |
259 | 'label_password' => __( 'Password' ), |
260 | 'label_remember' => __( 'Remember Me' ), |
261 | 'label_log_in' => __( 'Log In' ), |
262 | 'id_username' => 'user_login', |
263 | 'id_password' => 'user_pass', |
264 | 'id_remember' => 'rememberme', |
265 | 'id_submit' => 'wp-submit', |
266 | 'remember' => true, |
267 | 'value_username' => '', |
268 | 'value_remember' => false, // Set this to true to default the "Remember me" checkbox to checked |
269 | ); |
270 | $args = wp_parse_args( $args, apply_filters( 'login_form_defaults', $defaults ) ); |
271 | |
272 | $form = ' |
273 | <form name="' . $args['form_id'] . '" id="' . $args['form_id'] . '" action="' . site_url( 'wp-login.php', 'login' ) . '" method="post"> |
274 | ' . apply_filters( 'login_form_top', '' ) . ' |
275 | <p class="login-username"> |
276 | <label for="' . esc_attr( $args['id_username'] ) . '">' . esc_html( $args['label_username'] ) . '</label> |
277 | <input type="text" name="log" id="' . esc_attr( $args['id_username'] ) . '" class="input" value="' . esc_attr( $args['value_username'] ) . '" size="20" tabindex="10" /> |
278 | </p> |
279 | <p class="login-password"> |
280 | <label for="' . esc_attr( $args['id_password'] ) . '">' . esc_html( $args['label_password'] ) . '</label> |
281 | <input type="password" name="pwd" id="' . esc_attr( $args['id_password'] ) . '" class="input" value="" size="20" tabindex="20" /> |
282 | </p> |
283 | ' . apply_filters( 'login_form_middle', '' ) . ' |
284 | ' . ( $args['remember'] ? '<p class="login-remember"><label><input name="rememberme" type="checkbox" id="' . esc_attr( $args['id_remember'] ) . '" value="forever" tabindex="90"' . ( $args['value_remember'] ? ' checked="checked"' : '' ) . ' /> ' . esc_html( $args['label_remember'] ) . '</label></p>' : '' ) . ' |
285 | <p class="login-submit"> |
286 | <input type="submit" name="wp-submit" id="' . esc_attr( $args['id_submit'] ) . '" class="button-primary" value="' . esc_attr( $args['label_log_in'] ) . '" tabindex="100" /> |
287 | <input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" /> |
288 | </p> |
289 | ' . apply_filters( 'login_form_bottom', '' ) . ' |
290 | </form>'; |
291 | |
292 | if ( $args['echo'] ) |
293 | echo $form; | //Cross Site Scripting
|
294 | else |
295 | return $form; |
296 | } |
297 | |
298 | /** |
299 | * Returns the Lost Password URL. |
300 | * |
301 | * Returns the URL that allows the user to retrieve the lost password |
302 | * |
303 | * @since 2.8.0 |
304 | * @uses site_url() To generate the lost password URL |
305 | * @uses apply_filters() calls 'lostpassword_url' hook on the lostpassword url |
306 | * |
307 | * @param string $redirect Path to redirect to on login. |
308 | */ |
309 | function wp_lostpassword_url($redirect = '') { |
310 | $args = array( 'action' => 'lostpassword' ); |
311 | if ( !empty($redirect) ) { |
312 | $args['redirect_to'] = $redirect; |
313 | } |
314 | |
315 | $lostpassword_url = add_query_arg($args, site_url('wp-login.php', 'login')); |
316 | return apply_filters('lostpassword_url', $lostpassword_url, $redirect); |
317 | } |
318 | |
319 | /** |
320 | * Display the Registration or Admin link. |
321 | * |
322 | * Display a link which allows the user to navigate to the registration page if |
323 | * not logged in and registration is enabled or to the dashboard if logged in. |
324 | * |
325 | * @since 1.5.0 |
326 | * @uses apply_filters() Calls 'register' hook on register / admin link content. |
327 | * |
328 | * @param string $before Text to output before the link (defaults to <li>). |
329 | * @param string $after Text to output after the link (defaults to </li>). |
330 | * @param boolean $echo Default to echo and not return the link. |
331 | */ |
332 | function wp_register( $before = '<li>', $after = '</li>', $echo = true ) { |
333 | |
334 | if ( ! is_user_logged_in() ) { |
335 | if ( get_option('users_can_register') ) |
336 | $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'login') . '">' . __('Register') . '</a>' . $after; |
337 | else |
338 | $link = ''; |
339 | } else { |
340 | $link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after; |
341 | } |
342 | |
343 | if ( $echo ) |
344 | echo apply_filters('register', $link); |
345 | else |
346 | return apply_filters('register', $link); |
347 | } |
348 | |
349 | /** |
350 | * Theme container function for the 'wp_meta' action. |
351 | * |
352 | * The 'wp_meta' action can have several purposes, depending on how you use it, |
353 | * but one purpose might have been to allow for theme switching. |
354 | * |
355 | * @since 1.5.0 |
356 | * @link http://trac.wordpress.org/ticket/1458 Explanation of 'wp_meta' action. |
357 | * @uses do_action() Calls 'wp_meta' hook. |
358 | */ |
359 | function wp_meta() { |
360 | do_action('wp_meta'); |
361 | } |
362 | |
363 | /** |
364 | * Display information about the blog. |
365 | * |
366 | * @see get_bloginfo() For possible values for the parameter. |
367 | * @since 0.71 |
368 | * |
369 | * @param string $show What to display. |
370 | */ |
371 | function bloginfo( $show='' ) { |
372 | echo get_bloginfo( $show, 'display' ); |
373 | } |
374 | |
375 | /** |
376 | * Retrieve information about the blog. |
377 | * |
378 | * Some show parameter values are deprecated and will be removed in future |
379 | * versions. These options will trigger the _deprecated_argument() function. |
380 | * The deprecated blog info options are listed in the function contents. |
381 | * |
382 | * The possible values for the 'show' parameter are listed below. |
383 | * <ol> |
384 | * <li><strong>url<strong> - Blog URI to homepage.</li> |
385 | * <li><strong>wpurl</strong> - Blog URI path to WordPress.</li> |
386 | * <li><strong>description</strong> - Secondary title</li> |
387 | * </ol> |
388 | * |
389 | * The feed URL options can be retrieved from 'rdf_url' (RSS 0.91), |
390 | * 'rss_url' (RSS 1.0), 'rss2_url' (RSS 2.0), or 'atom_url' (Atom feed). The |
391 | * comment feeds can be retrieved from the 'comments_atom_url' (Atom comment |
392 | * feed) or 'comments_rss2_url' (RSS 2.0 comment feed). |
393 | * |
394 | * @since 0.71 |
395 | * |
396 | * @param string $show Blog info to retrieve. |
397 | * @param string $filter How to filter what is retrieved. |
398 | * @return string Mostly string values, might be empty. |
399 | */ |
400 | function get_bloginfo( $show = '', $filter = 'raw' ) { |
401 | |
402 | switch( $show ) { |
403 | case 'home' : // DEPRECATED |
404 | case 'siteurl' : // DEPRECATED |
405 | _deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> option instead.' ), 'url' ) ); |
406 | case 'url' : |
407 | $output = home_url(); |
408 | break; |
409 | case 'wpurl' : |
410 | $output = site_url(); |
411 | break; |
412 | case 'description': |
413 | $output = get_option('blogdescription'); |
414 | break; |
415 | case 'rdf_url': |
416 | $output = get_feed_link('rdf'); |
417 | break; |
418 | case 'rss_url': |
419 | $output = get_feed_link('rss'); |
420 | break; |
421 | case 'rss2_url': |
422 | $output = get_feed_link('rss2'); |
423 | break; |
424 | case 'atom_url': |
425 | $output = get_feed_link('atom'); |
426 | break; |
427 | case 'comments_atom_url': |
428 | $output = get_feed_link('comments_atom'); |
429 | break; |
430 | case 'comments_rss2_url': |
431 | $output = get_feed_link('comments_rss2'); |
432 | break; |
433 | case 'pingback_url': |
434 | $output = get_option('siteurl') .'/xmlrpc.php'; |
435 | break; |
436 | case 'stylesheet_url': |
437 | $output = get_stylesheet_uri(); |
438 | break; |
439 | case 'stylesheet_directory': |
440 | $output = get_stylesheet_directory_uri(); |
441 | break; |
442 | case 'template_directory': |
443 | case 'template_url': |
444 | $output = get_template_directory_uri(); |
445 | break; |
446 | case 'admin_email': |
447 | $output = get_option('admin_email'); |
448 | break; |
449 | case 'charset': |
450 | $output = get_option('blog_charset'); |
451 | if ('' == $output) $output = 'UTF-8'; |
452 | break; |
453 | case 'html_type' : |
454 | $output = get_option('html_type'); |
455 | break; |
456 | case 'version': |
457 | global $wp_version; |
458 | $output = $wp_version; |
459 | break; |
460 | case 'language': |
461 | $output = get_locale(); |
462 | $output = str_replace('_', '-', $output); |
463 | break; |
464 | case 'text_direction': |
465 | //_deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> function instead.' ), 'is_rtl()' ) ); |
466 | if ( function_exists( 'is_rtl' ) ) { |
467 | $output = is_rtl() ? 'rtl' : 'ltr'; |
468 | } else { |
469 | $output = 'ltr'; |
470 | } |
471 | break; |
472 | case 'name': |
473 | default: |
474 | $output = get_option('blogname'); |
475 | break; |
476 | } |
477 | |
478 | $url = true; |
479 | if (strpos($show, 'url') === false && |
480 | strpos($show, 'directory') === false && |
481 | strpos($show, 'home') === false) |
482 | $url = false; |
483 | |
484 | if ( 'display' == $filter ) { |
485 | if ( $url ) |
486 | $output = apply_filters('bloginfo_url', $output, $show); |
487 | else |
488 | $output = apply_filters('bloginfo', $output, $show); |
489 | } |
490 | |
491 | return $output; |
492 | } |
493 | |
494 | /** |
495 | * Display or retrieve page title for all areas of blog. |
496 | * |
497 | * By default, the page title will display the separator before the page title, |
498 | * so that the blog title will be before the page title. This is not good for |
499 | * title display, since the blog title shows up on most tabs and not what is |
500 | * important, which is the page that the user is looking at. |
501 | * |
502 | * There are also SEO benefits to having the blog title after or to the 'right' |
503 | * or the page title. However, it is mostly common sense to have the blog title |
504 | * to the right with most browsers supporting tabs. You can achieve this by |
505 | * using the seplocation parameter and setting the value to 'right'. This change |
506 | * was introduced around 2.5.0, in case backwards compatibility of themes is |
507 | * important. |
508 | * |
509 | * @since 1.0.0 |
510 | * |
511 | * @param string $sep Optional, default is '»'. How to separate the various items within the page title. |
512 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
513 | * @param string $seplocation Optional. Direction to display title, 'right'. |
514 | * @return string|null String on retrieve, null when displaying. |
515 | */ |
516 | function wp_title($sep = '»', $display = true, $seplocation = '') { |
517 | global $wpdb, $wp_locale, $wp_query; |
518 | |
519 | $cat = get_query_var('cat'); |
520 | $tag = get_query_var('tag_id'); |
521 | $category_name = get_query_var('category_name'); |
522 | $author = get_query_var('author'); |
523 | $author_name = get_query_var('author_name'); |
524 | $m = get_query_var('m'); |
525 | $year = get_query_var('year'); |
526 | $monthnum = get_query_var('monthnum'); |
527 | $day = get_query_var('day'); |
528 | $search = get_query_var('s'); |
529 | $title = ''; |
530 | |
531 | $t_sep = '%WP_TITILE_SEP%'; // Temporary separator, for accurate flipping, if necessary |
532 | |
533 | // If there's a category |
534 | if ( !empty($cat) ) { |
535 | // category exclusion |
536 | if ( !stristr($cat,'-') ) |
537 | $title = apply_filters('single_cat_title', get_the_category_by_ID($cat)); |
538 | } elseif ( !empty($category_name) ) { |
539 | if ( stristr($category_name,'/') ) { |
540 | $category_name = explode('/',$category_name); |
541 | if ( $category_name[count($category_name)-1] ) |
542 | $category_name = $category_name[count($category_name)-1]; // no trailing slash |
543 | else |
544 | $category_name = $category_name[count($category_name)-2]; // there was a trailling slash |
545 | } |
546 | $cat = get_term_by('slug', $category_name, 'category', OBJECT, 'display'); |
547 | if ( $cat ) |
548 | $title = apply_filters('single_cat_title', $cat->name); |
549 | } |
550 | |
551 | if ( !empty($tag) ) { |
552 | $tag = get_term($tag, 'post_tag', OBJECT, 'display'); |
553 | if ( is_wp_error( $tag ) ) |
554 | return $tag; |
555 | if ( ! empty($tag->name) ) |
556 | $title = apply_filters('single_tag_title', $tag->name); |
557 | } |
558 | |
559 | // If there's an author |
560 | if ( !empty($author) ) { |
561 | $title = get_userdata($author); |
562 | $title = $title->display_name; |
563 | } |
564 | if ( !empty($author_name) ) { |
565 | // We do a direct query here because we don't cache by nicename. |
566 | $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name)); |
567 | } |
568 | |
569 | // If there's a month |
570 | if ( !empty($m) ) { |
571 | $my_year = substr($m, 0, 4); |
572 | $my_month = $wp_locale->get_month(substr($m, 4, 2)); |
573 | $my_day = intval(substr($m, 6, 2)); |
574 | $title = $my_year . ($my_month ? $t_sep . $my_month : "") . ($my_day ? $t_sep . $my_day : ""); |
575 | } |
576 | |
577 | if ( !empty($year) ) { |
578 | $title = $year; |
579 | if ( !empty($monthnum) ) |
580 | $title .= $t_sep . $wp_locale->get_month($monthnum); |
581 | if ( !empty($day) ) |
582 | $title .= $t_sep . zeroise($day, 2); |
583 | } |
584 | |
585 | // If there is a post |
586 | if ( is_single() || ( is_home() && !is_front_page() ) || ( is_page() && !is_front_page() ) ) { |
587 | $post = $wp_query->get_queried_object(); |
588 | $title = apply_filters( 'single_post_title', $post->post_title ); |
589 | } |
590 | |
591 | // If there's a taxonomy |
592 | if ( is_tax() ) { |
593 | $taxonomy = get_query_var( 'taxonomy' ); |
594 | $tax = get_taxonomy( $taxonomy ); |
595 | $term = $wp_query->get_queried_object(); |
596 | $term = $term->name; |
597 | $title = $tax->labels->name . $t_sep . $term; |
598 | } |
599 | |
600 | //If it's a search |
601 | if ( is_search() ) { |
602 | /* translators: 1: separator, 2: search phrase */ |
603 | $title = sprintf(__('Search Results %1$s %2$s'), $t_sep, strip_tags($search)); |
604 | } |
605 | |
606 | if ( is_404() ) { |
607 | $title = __('Page not found'); |
608 | } |
609 | |
610 | $prefix = ''; |
611 | if ( !empty($title) ) |
612 | $prefix = " $sep "; |
613 | |
614 | // Determines position of the separator and direction of the breadcrumb |
615 | if ( 'right' == $seplocation ) { // sep on right, so reverse the order |
616 | $title_array = explode( $t_sep, $title ); |
617 | $title_array = array_reverse( $title_array ); |
618 | $title = implode( " $sep ", $title_array ) . $prefix; |
619 | } else { |
620 | $title_array = explode( $t_sep, $title ); |
621 | $title = $prefix . implode( " $sep ", $title_array ); |
622 | } |
623 | |
624 | $title = apply_filters('wp_title', $title, $sep, $seplocation); |
625 | |
626 | // Send it out |
627 | if ( $display ) |
628 | echo $title; | //Cross Site Scripting
|
629 | else |
630 | return $title; |
631 | |
632 | } |
633 | |
634 | /** |
635 | * Display or retrieve page title for post. |
636 | * |
637 | * This is optimized for single.php template file for displaying the post title. |
638 | * Only useful for posts, does not support pages for example. |
639 | * |
640 | * It does not support placing the separator after the title, but by leaving the |
641 | * prefix parameter empty, you can set the title separator manually. The prefix |
642 | * does not automatically place a space between the prefix, so if there should |
643 | * be a space, the parameter value will need to have it at the end. |
644 | * |
645 | * @since 0.71 |
646 | * @uses $wpdb |
647 | * |
648 | * @param string $prefix Optional. What to display before the title. |
649 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
650 | * @return string|null Title when retrieving, null when displaying or failure. |
651 | */ |
652 | function single_post_title($prefix = '', $display = true) { |
653 | global $wp_query, $post; |
654 | |
655 | if ( ! $post ) |
656 | $_post = $wp_query->get_queried_object(); |
657 | else |
658 | $_post = $post; |
659 | |
660 | if ( !isset($_post->post_title) ) |
661 | return; |
662 | |
663 | $title = apply_filters('single_post_title', $_post->post_title, $_post); |
664 | if ( $display ) |
665 | echo $prefix . $title; | //Cross Site Scripting
|
666 | else |
667 | return $title; |
668 | } |
669 | |
670 | /** |
671 | * Display or retrieve page title for category archive. |
672 | * |
673 | * This is useful for category template file or files, because it is optimized |
674 | * for category page title and with less overhead than {@link wp_title()}. |
675 | * |
676 | * It does not support placing the separator after the title, but by leaving the |
677 | * prefix parameter empty, you can set the title separator manually. The prefix |
678 | * does not automatically place a space between the prefix, so if there should |
679 | * be a space, the parameter value will need to have it at the end. |
680 | * |
681 | * @since 0.71 |
682 | * |
683 | * @param string $prefix Optional. What to display before the title. |
684 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
685 | * @return string|null Title when retrieving, null when displaying or failure. |
686 | */ |
687 | function single_cat_title($prefix = '', $display = true ) { |
688 | global $wp_query; |
689 | |
690 | if ( is_tag() ) |
691 | return single_tag_title($prefix, $display); |
692 | |
693 | if ( !is_category() ) |
694 | return; |
695 | |
696 | $cat = $wp_query->get_queried_object(); |
697 | $my_cat_name = apply_filters('single_cat_title', $cat->name); |
698 | if ( !empty($my_cat_name) ) { |
699 | if ( $display ) |
700 | echo $prefix . $my_cat_name; | //Cross Site Scripting
|
701 | else |
702 | return $my_cat_name; |
703 | } |
704 | } |
705 | |
706 | /** |
707 | * Display or retrieve page title for tag post archive. |
708 | * |
709 | * Useful for tag template files for displaying the tag page title. It has less |
710 | * overhead than {@link wp_title()}, because of its limited implementation. |
711 | * |
712 | * It does not support placing the separator after the title, but by leaving the |
713 | * prefix parameter empty, you can set the title separator manually. The prefix |
714 | * does not automatically place a space between the prefix, so if there should |
715 | * be a space, the parameter value will need to have it at the end. |
716 | * |
717 | * @since 2.3.0 |
718 | * |
719 | * @param string $prefix Optional. What to display before the title. |
720 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
721 | * @return string|null Title when retrieving, null when displaying or failure. |
722 | */ |
723 | function single_tag_title($prefix = '', $display = true ) { |
724 | global $wp_query; |
725 | if ( !is_tag() ) |
726 | return; |
727 | |
728 | $tag = $wp_query->get_queried_object(); |
729 | |
730 | if ( ! $tag ) |
731 | return; |
732 | |
733 | $my_tag_name = apply_filters('single_tag_title', $tag->name); |
734 | if ( !empty($my_tag_name) ) { |
735 | if ( $display ) |
736 | echo $prefix . $my_tag_name; | //Cross Site Scripting
|
737 | else |
738 | return $my_tag_name; |
739 | } |
740 | } |
741 | |
742 | /** |
743 | * Display or retrieve page title for post archive based on date. |
744 | * |
745 | * Useful for when the template only needs to display the month and year, if |
746 | * either are available. Optimized for just this purpose, so if it is all that |
747 | * is needed, should be better than {@link wp_title()}. |
748 | * |
749 | * It does not support placing the separator after the title, but by leaving the |
750 | * prefix parameter empty, you can set the title separator manually. The prefix |
751 | * does not automatically place a space between the prefix, so if there should |
752 | * be a space, the parameter value will need to have it at the end. |
753 | * |
754 | * @since 0.71 |
755 | * |
756 | * @param string $prefix Optional. What to display before the title. |
757 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
758 | * @return string|null Title when retrieving, null when displaying or failure. |
759 | */ |
760 | function single_month_title($prefix = '', $display = true ) { |
761 | global $wp_locale; |
762 | |
763 | $m = get_query_var('m'); |
764 | $year = get_query_var('year'); |
765 | $monthnum = get_query_var('monthnum'); |
766 | |
767 | if ( !empty($monthnum) && !empty($year) ) { |
768 | $my_year = $year; |
769 | $my_month = $wp_locale->get_month($monthnum); |
770 | } elseif ( !empty($m) ) { |
771 | $my_year = substr($m, 0, 4); |
772 | $my_month = $wp_locale->get_month(substr($m, 4, 2)); |
773 | } |
774 | |
775 | if ( empty($my_month) ) |
776 | return false; |
777 | |
778 | $result = $prefix . $my_month . $prefix . $my_year; |
779 | |
780 | if ( !$display ) |
781 | return $result; |
782 | echo $result; | //Cross Site Scripting
|
783 | } |
784 | |
785 | /** |
786 | * Retrieve archive link content based on predefined or custom code. |
787 | * |
788 | * The format can be one of four styles. The 'link' for head element, 'option' |
789 | * for use in the select element, 'html' for use in list (either ol or ul HTML |
790 | * elements). Custom content is also supported using the before and after |
791 | * parameters. |
792 | * |
793 | * The 'link' format uses the link HTML element with the <em>archives</em> |
794 | * relationship. The before and after parameters are not used. The text |
795 | * parameter is used to describe the link. |
796 | * |
797 | * The 'option' format uses the option HTML element for use in select element. |
798 | * The value is the url parameter and the before and after parameters are used |
799 | * between the text description. |
800 | * |
801 | * The 'html' format, which is the default, uses the li HTML element for use in |
802 | * the list HTML elements. The before parameter is before the link and the after |
803 | * parameter is after the closing link. |
804 | * |
805 | * The custom format uses the before parameter before the link ('a' HTML |
806 | * element) and the after parameter after the closing link tag. If the above |
807 | * three values for the format are not used, then custom format is assumed. |
808 | * |
809 | * @since 1.0.0 |
810 | * |
811 | * @param string $url URL to archive. |
812 | * @param string $text Archive text description. |
813 | * @param string $format Optional, default is 'html'. Can be 'link', 'option', 'html', or custom. |
814 | * @param string $before Optional. |
815 | * @param string $after Optional. |
816 | * @return string HTML link content for archive. |
817 | */ |
818 | function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') { |
819 | $text = wptexturize($text); |
820 | $title_text = esc_attr($text); |
821 | $url = esc_url($url); |
822 | |
823 | if ('link' == $format) |
824 | $link_html = "\t<link rel='archives' title='$title_text' href='$url' />\n"; |
825 | elseif ('option' == $format) |
826 | $link_html = "\t<option value='$url'>$before $text $after</option>\n"; |
827 | elseif ('html' == $format) |
828 | $link_html = "\t<li>$before<a href='$url' title='$title_text'>$text</a>$after</li>\n"; |
829 | else // custom |
830 | $link_html = "\t$before<a href='$url' title='$title_text'>$text</a>$after\n"; |
831 | |
832 | $link_html = apply_filters( "get_archives_link", $link_html ); |
833 | |
834 | return $link_html; |
835 | } |
836 | |
837 | /** |
838 | * Display archive links based on type and format. |
839 | * |
840 | * The 'type' argument offers a few choices and by default will display monthly |
841 | * archive links. The other options for values are 'daily', 'weekly', 'monthly', |
842 | * 'yearly', 'postbypost' or 'alpha'. Both 'postbypost' and 'alpha' display the |
843 | * same archive link list, the difference between the two is that 'alpha' |
844 | * will order by post title and 'postbypost' will order by post date. |
845 | * |
846 | * The date archives will logically display dates with links to the archive post |
847 | * page. The 'postbypost' and 'alpha' values for 'type' argument will display |
848 | * the post titles. |
849 | * |
850 | * The 'limit' argument will only display a limited amount of links, specified |
851 | * by the 'limit' integer value. By default, there is no limit. The |
852 | * 'show_post_count' argument will show how many posts are within the archive. |
853 | * By default, the 'show_post_count' argument is set to false. |
854 | * |
855 | * For the 'format', 'before', and 'after' arguments, see {@link |
856 | * get_archives_link()}. The values of these arguments have to do with that |
857 | * function. |
858 | * |
859 | * @since 1.2.0 |
860 | * |
861 | * @param string|array $args Optional. Override defaults. |
862 | */ |
863 | function wp_get_archives($args = '') { |
864 | global $wpdb, $wp_locale; |
865 | |
866 | $defaults = array( |
867 | 'type' => 'monthly', 'limit' => '', |
868 | 'format' => 'html', 'before' => '', |
869 | 'after' => '', 'show_post_count' => false, |
870 | 'echo' => 1 |
871 | ); |
872 | |
873 | $r = wp_parse_args( $args, $defaults ); |
874 | extract( $r, EXTR_SKIP ); | //Possible Control Flow
|
875 | |
876 | if ( '' == $type ) |
877 | $type = 'monthly'; |
878 | |
879 | if ( '' != $limit ) { |
880 | $limit = absint($limit); |
881 | $limit = ' LIMIT '.$limit; |
882 | } |
883 | |
884 | // this is what will separate dates on weekly archive links |
885 | $archive_week_separator = '–'; |
886 | |
887 | // over-ride general date format ? 0 = no: use the date format set in Options, 1 = yes: over-ride |
888 | $archive_date_format_over_ride = 0; |
889 | |
890 | // options for daily archive (only if you over-ride the general date format) |
891 | $archive_day_date_format = 'Y/m/d'; |
892 | |
893 | // options for weekly archive (only if you over-ride the general date format) |
894 | $archive_week_start_date_format = 'Y/m/d'; |
895 | $archive_week_end_date_format = 'Y/m/d'; |
896 | |
897 | if ( !$archive_date_format_over_ride ) { |
898 | $archive_day_date_format = get_option('date_format'); |
899 | $archive_week_start_date_format = get_option('date_format'); |
900 | $archive_week_end_date_format = get_option('date_format'); |
901 | } |
902 | |
903 | //filters |
904 | $where = apply_filters('getarchives_where', "WHERE post_type = 'post' AND post_status = 'publish'", $r ); |
905 | $join = apply_filters('getarchives_join', "", $r); |
906 | |
907 | $output = ''; |
908 | |
909 | if ( 'monthly' == $type ) { |
910 | $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date) ORDER BY post_date DESC $limit"; |
911 | $key = md5($query); |
912 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
913 | if ( !isset( $cache[ $key ] ) ) { |
914 | $arcresults = $wpdb->get_results($query); |
915 | $cache[ $key ] = $arcresults; |
916 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
917 | } else { |
918 | $arcresults = $cache[ $key ]; |
919 | } |
920 | if ( $arcresults ) { |
921 | $afterafter = $after; |
922 | foreach ( (array) $arcresults as $arcresult ) { |
923 | $url = get_month_link( $arcresult->year, $arcresult->month ); |
924 | /* translators: 1: month name, 2: 4-digit year */ |
925 | $text = sprintf(__('%1$s %2$d'), $wp_locale->get_month($arcresult->month), $arcresult->year); |
926 | if ( $show_post_count ) |
927 | $after = ' ('.$arcresult->posts.')' . $afterafter; |
928 | $output .= get_archives_link($url, $text, $format, $before, $after); |
929 | } |
930 | } |
931 | } elseif ('yearly' == $type) { |
932 | $query = "SELECT YEAR(post_date) AS `year`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date) ORDER BY post_date DESC $limit"; |
933 | $key = md5($query); |
934 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
935 | if ( !isset( $cache[ $key ] ) ) { |
936 | $arcresults = $wpdb->get_results($query); |
937 | $cache[ $key ] = $arcresults; |
938 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
939 | } else { |
940 | $arcresults = $cache[ $key ]; |
941 | } |
942 | if ($arcresults) { |
943 | $afterafter = $after; |
944 | foreach ( (array) $arcresults as $arcresult) { |
945 | $url = get_year_link($arcresult->year); |
946 | $text = sprintf('%d', $arcresult->year); |
947 | if ($show_post_count) |
948 | $after = ' ('.$arcresult->posts.')' . $afterafter; |
949 | $output .= get_archives_link($url, $text, $format, $before, $after); |
950 | } |
951 | } |
952 | } elseif ( 'daily' == $type ) { |
953 | $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, DAYOFMONTH(post_date) AS `dayofmonth`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date), DAYOFMONTH(post_date) ORDER BY post_date DESC $limit"; |
954 | $key = md5($query); |
955 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
956 | if ( !isset( $cache[ $key ] ) ) { |
957 | $arcresults = $wpdb->get_results($query); |
958 | $cache[ $key ] = $arcresults; |
959 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
960 | } else { |
961 | $arcresults = $cache[ $key ]; |
962 | } |
963 | if ( $arcresults ) { |
964 | $afterafter = $after; |
965 | foreach ( (array) $arcresults as $arcresult ) { |
966 | $url = get_day_link($arcresult->year, $arcresult->month, $arcresult->dayofmonth); |
967 | $date = sprintf('%1$d-%2$02d-%3$02d 00:00:00', $arcresult->year, $arcresult->month, $arcresult->dayofmonth); | //Cross Site Scripting
|
968 | $text = mysql2date($archive_day_date_format, $date); |
969 | if ($show_post_count) |
970 | $after = ' ('.$arcresult->posts.')'.$afterafter; |
971 | $output .= get_archives_link($url, $text, $format, $before, $after); |
972 | } |
973 | } |
974 | } elseif ( 'weekly' == $type ) { |
975 | $week = _wp_mysql_week( '`post_date`' ); |
976 | $query = "SELECT DISTINCT $week AS `week`, YEAR( `post_date` ) AS `yr`, DATE_FORMAT( `post_date`, '%Y-%m-%d' ) AS `yyyymmdd`, count( `ID` ) AS `posts` FROM `$wpdb->posts` $join $where GROUP BY $week, YEAR( `post_date` ) ORDER BY `post_date` DESC $limit"; | //Arbitrary command execution
|
977 | $key = md5($query); |
978 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
979 | if ( !isset( $cache[ $key ] ) ) { |
980 | $arcresults = $wpdb->get_results($query); |
981 | $cache[ $key ] = $arcresults; |
982 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
983 | } else { |
984 | $arcresults = $cache[ $key ]; |
985 | } |
986 | $arc_w_last = ''; |
987 | $afterafter = $after; |
988 | if ( $arcresults ) { |
989 | foreach ( (array) $arcresults as $arcresult ) { |
990 | if ( $arcresult->week != $arc_w_last ) { |
991 | $arc_year = $arcresult->yr; |
992 | $arc_w_last = $arcresult->week; |
993 | $arc_week = get_weekstartend($arcresult->yyyymmdd, get_option('start_of_week')); |
994 | $arc_week_start = date_i18n($archive_week_start_date_format, $arc_week['start']); |
995 | $arc_week_end = date_i18n($archive_week_end_date_format, $arc_week['end']); |
996 | $url = sprintf('%1$s/%2$s%3$sm%4$s%5$s%6$sw%7$s%8$d', home_url(), '', '?', '=', $arc_year, '&', '=', $arcresult->week); | //Cross Site Scripting
|
997 | $text = $arc_week_start . $archive_week_separator . $arc_week_end; |
998 | if ($show_post_count) |
999 | $after = ' ('.$arcresult->posts.')'.$afterafter; |
1000 | $output .= get_archives_link($url, $text, $format, $before, $after); |