| 1 | <?php |
| 2 | /** |
| 3 | * General template tags that can go anywhere in a template. |
| 4 | * |
| 5 | * @package WordPress |
| 6 | * @subpackage Template |
| 7 | */ |
| 8 | |
| 9 | /** |
| 10 | * Load header template. |
| 11 | * |
| 12 | * Includes the header template for a theme or if a name is specified then a |
| 13 | * specialised header will be included. |
| 14 | * |
| 15 | * For the parameter, if the file is called "header-special.php" then specify |
| 16 | * "special". |
| 17 | * |
| 18 | * @uses locate_template() |
| 19 | * @since 1.5.0 |
| 20 | * @uses do_action() Calls 'get_header' action. |
| 21 | * |
| 22 | * @param string $name The name of the specialised header. |
| 23 | */ |
| 24 | function get_header( $name = null ) { |
| 25 | do_action( 'get_header', $name ); | //Cross Site Scripting
|
| 26 | |
| 27 | $templates = array(); |
| 28 | if ( isset($name) ) |
| 29 | $templates[] = "header-{$name}.php"; | //Cross Site Scripting
|
| 30 | |
| 31 | $templates[] = "header.php"; |
| 32 | |
| 33 | // Backward compat code will be removed in a future release |
| 34 | if ('' == locate_template($templates, true)) |
| 35 | load_template( ABSPATH . WPINC . '/theme-compat/header.php'); |
| 36 | } |
| 37 | |
| 38 | /** |
| 39 | * Load footer template. |
| 40 | * |
| 41 | * Includes the footer template for a theme or if a name is specified then a |
| 42 | * specialised footer will be included. |
| 43 | * |
| 44 | * For the parameter, if the file is called "footer-special.php" then specify |
| 45 | * "special". |
| 46 | * |
| 47 | * @uses locate_template() |
| 48 | * @since 1.5.0 |
| 49 | * @uses do_action() Calls 'get_footer' action. |
| 50 | * |
| 51 | * @param string $name The name of the specialised footer. |
| 52 | */ |
| 53 | function get_footer( $name = null ) { |
| 54 | do_action( 'get_footer', $name ); |
| 55 | |
| 56 | $templates = array(); |
| 57 | if ( isset($name) ) |
| 58 | $templates[] = "footer-{$name}.php"; |
| 59 | |
| 60 | $templates[] = "footer.php"; |
| 61 | |
| 62 | // Backward compat code will be removed in a future release |
| 63 | if ('' == locate_template($templates, true)) |
| 64 | load_template( ABSPATH . WPINC . '/theme-compat/footer.php'); |
| 65 | } |
| 66 | |
| 67 | /** |
| 68 | * Load sidebar template. |
| 69 | * |
| 70 | * Includes the sidebar template for a theme or if a name is specified then a |
| 71 | * specialised sidebar will be included. |
| 72 | * |
| 73 | * For the parameter, if the file is called "sidebar-special.php" then specify |
| 74 | * "special". |
| 75 | * |
| 76 | * @uses locate_template() |
| 77 | * @since 1.5.0 |
| 78 | * @uses do_action() Calls 'get_sidebar' action. |
| 79 | * |
| 80 | * @param string $name The name of the specialised sidebar. |
| 81 | */ |
| 82 | function get_sidebar( $name = null ) { |
| 83 | do_action( 'get_sidebar', $name ); |
| 84 | |
| 85 | $templates = array(); |
| 86 | if ( isset($name) ) |
| 87 | $templates[] = "sidebar-{$name}.php"; |
| 88 | |
| 89 | $templates[] = "sidebar.php"; |
| 90 | |
| 91 | // Backward compat code will be removed in a future release |
| 92 | if ('' == locate_template($templates, true)) |
| 93 | load_template( ABSPATH . WPINC . '/theme-compat/sidebar.php'); |
| 94 | } |
| 95 | |
| 96 | /** |
| 97 | * Load a template part into a template |
| 98 | * |
| 99 | * Makes it easy for a theme to reuse sections of code in a easy to overload way |
| 100 | * for child themes. |
| 101 | * |
| 102 | * Includes the named template part for a theme or if a name is specified then a |
| 103 | * specialised part will be included. If the theme contains no {slug}.php file |
| 104 | * then no template will be included. |
| 105 | * |
| 106 | * The template is included using require, not require_once, so you may include the |
| 107 | * same template part multiple times. |
| 108 | * |
| 109 | * For the parameter, if the file is called "{slug}-special.php" then specify |
| 110 | * "special". |
| 111 | * |
| 112 | * @uses locate_template() |
| 113 | * @since 3.0.0 |
| 114 | * @uses do_action() Calls 'get_template_part{$slug}' action. |
| 115 | * |
| 116 | * @param string $slug The slug name for the generic template. |
| 117 | * @param string $name The name of the specialised template. |
| 118 | */ |
| 119 | function get_template_part( $slug, $name = null ) { |
| 120 | do_action( "get_template_part_{$slug}", $slug, $name ); |
| 121 | |
| 122 | $templates = array(); |
| 123 | if ( isset($name) ) |
| 124 | $templates[] = "{$slug}-{$name}.php"; |
| 125 | |
| 126 | $templates[] = "{$slug}.php"; |
| 127 | |
| 128 | locate_template($templates, true, false); |
| 129 | } |
| 130 | |
| 131 | /** |
| 132 | * Display search form. |
| 133 | * |
| 134 | * Will first attempt to locate the searchform.php file in either the child or |
| 135 | * the parent, then load it. If it doesn't exist, then the default search form |
| 136 | * will be displayed. The default search form is HTML, which will be displayed. |
| 137 | * There is a filter applied to the search form HTML in order to edit or replace |
| 138 | * it. The filter is 'get_search_form'. |
| 139 | * |
| 140 | * This function is primarily used by themes which want to hardcode the search |
| 141 | * form into the sidebar and also by the search widget in WordPress. |
| 142 | * |
| 143 | * There is also an action that is called whenever the function is run called, |
| 144 | * 'get_search_form'. This can be useful for outputting JavaScript that the |
| 145 | * search relies on or various formatting that applies to the beginning of the |
| 146 | * search. To give a few examples of what it can be used for. |
| 147 | * |
| 148 | * @since 2.7.0 |
| 149 | * @param boolean $echo Default to echo and not return the form. |
| 150 | */ |
| 151 | function get_search_form($echo = true) { |
| 152 | do_action( 'get_search_form' ); |
| 153 | |
| 154 | $search_form_template = locate_template(array('searchform.php')); |
| 155 | if ( '' != $search_form_template ) { |
| 156 | require($search_form_template); | //Arbitrary code inclusion
|
| 157 | return; |
| 158 | } |
| 159 | |
| 160 | $form = '<form role="search" method="get" id="searchform" action="' . home_url( '/' ) . '" > |
| 161 | <div><label class="screen-reader-text" for="s">' . __('Search for:') . '</label> |
| 162 | <input type="text" value="' . get_search_query() . '" name="s" id="s" /> |
| 163 | <input type="submit" id="searchsubmit" value="'. esc_attr__('Search') .'" /> |
| 164 | </div> |
| 165 | </form>'; |
| 166 | |
| 167 | if ( $echo ) |
| 168 | echo apply_filters('get_search_form', $form); |
| 169 | else |
| 170 | return apply_filters('get_search_form', $form); |
| 171 | } |
| 172 | |
| 173 | /** |
| 174 | * Display the Log In/Out link. |
| 175 | * |
| 176 | * Displays a link, which allows users to navigate to the Log In page to log in |
| 177 | * or log out depending on whether they are currently logged in. |
| 178 | * |
| 179 | * @since 1.5.0 |
| 180 | * @uses apply_filters() Calls 'loginout' hook on HTML link content. |
| 181 | * |
| 182 | * @param string $redirect Optional path to redirect to on login/logout. |
| 183 | * @param boolean $echo Default to echo and not return the link. |
| 184 | */ |
| 185 | function wp_loginout($redirect = '', $echo = true) { |
| 186 | if ( ! is_user_logged_in() ) |
| 187 | $link = '<a href="' . esc_url( wp_login_url($redirect) ) . '">' . __('Log in') . '</a>'; |
| 188 | else |
| 189 | $link = '<a href="' . esc_url( wp_logout_url($redirect) ) . '">' . __('Log out') . '</a>'; |
| 190 | |
| 191 | if ( $echo ) |
| 192 | echo apply_filters('loginout', $link); |
| 193 | else |
| 194 | return apply_filters('loginout', $link); |
| 195 | } |
| 196 | |
| 197 | /** |
| 198 | * Returns the Log Out URL. |
| 199 | * |
| 200 | * Returns the URL that allows the user to log out of the site |
| 201 | * |
| 202 | * @since 2.7 |
| 203 | * @uses wp_nonce_url() To protect against CSRF |
| 204 | * @uses site_url() To generate the log in URL |
| 205 | * @uses apply_filters() calls 'logout_url' hook on final logout url |
| 206 | * |
| 207 | * @param string $redirect Path to redirect to on logout. |
| 208 | */ |
| 209 | function wp_logout_url($redirect = '') { |
| 210 | $args = array( 'action' => 'logout' ); |
| 211 | if ( !empty($redirect) ) { |
| 212 | $args['redirect_to'] = urlencode( $redirect ); |
| 213 | } |
| 214 | |
| 215 | $logout_url = add_query_arg($args, site_url('wp-login.php', 'login')); |
| 216 | $logout_url = wp_nonce_url( $logout_url, 'log-out' ); |
| 217 | |
| 218 | return apply_filters('logout_url', $logout_url, $redirect); |
| 219 | } |
| 220 | |
| 221 | /** |
| 222 | * Returns the Log In URL. |
| 223 | * |
| 224 | * Returns the URL that allows the user to log in to the site |
| 225 | * |
| 226 | * @since 2.7 |
| 227 | * @uses site_url() To generate the log in URL |
| 228 | * @uses apply_filters() calls 'login_url' hook on final login url |
| 229 | * |
| 230 | * @param string $redirect Path to redirect to on login. |
| 231 | * @param bool $force_reauth Whether to force reauthorization, even if a cookie is present. Default is false. |
| 232 | * @return string A log in url |
| 233 | */ |
| 234 | function wp_login_url($redirect = '', $force_reauth = false) { |
| 235 | $login_url = site_url('wp-login.php', 'login'); |
| 236 | |
| 237 | if ( !empty($redirect) ) |
| 238 | $login_url = add_query_arg('redirect_to', urlencode($redirect), $login_url); |
| 239 | |
| 240 | if ( $force_reauth ) |
| 241 | $login_url = add_query_arg('reauth', '1', $login_url); |
| 242 | |
| 243 | return apply_filters('login_url', $login_url, $redirect); |
| 244 | } |
| 245 | |
| 246 | /** |
| 247 | * Provides a simple login form for use anywhere within WordPress. By default, it echoes |
| 248 | * the HTML immediately. Pass array('echo'=>false) to return the string instead. |
| 249 | * |
| 250 | * @since 3.0.0 |
| 251 | * @param array $args Configuration options to modify the form output |
| 252 | * @return Void, or string containing the form |
| 253 | */ |
| 254 | function wp_login_form( $args = array() ) { |
| 255 | $defaults = array( 'echo' => true, |
| 256 | 'redirect' => site_url( $_SERVER['REQUEST_URI'] ), // Default redirect is back to the current page |
| 257 | 'form_id' => 'loginform', |
| 258 | 'label_username' => __( 'Username' ), |
| 259 | 'label_password' => __( 'Password' ), |
| 260 | 'label_remember' => __( 'Remember Me' ), |
| 261 | 'label_log_in' => __( 'Log In' ), |
| 262 | 'id_username' => 'user_login', |
| 263 | 'id_password' => 'user_pass', |
| 264 | 'id_remember' => 'rememberme', |
| 265 | 'id_submit' => 'wp-submit', |
| 266 | 'remember' => true, |
| 267 | 'value_username' => '', |
| 268 | 'value_remember' => false, // Set this to true to default the "Remember me" checkbox to checked |
| 269 | ); |
| 270 | $args = wp_parse_args( $args, apply_filters( 'login_form_defaults', $defaults ) ); |
| 271 | |
| 272 | $form = ' |
| 273 | <form name="' . $args['form_id'] . '" id="' . $args['form_id'] . '" action="' . site_url( 'wp-login.php', 'login' ) . '" method="post"> |
| 274 | ' . apply_filters( 'login_form_top', '' ) . ' |
| 275 | <p class="login-username"> |
| 276 | <label for="' . esc_attr( $args['id_username'] ) . '">' . esc_html( $args['label_username'] ) . '</label> |
| 277 | <input type="text" name="log" id="' . esc_attr( $args['id_username'] ) . '" class="input" value="' . esc_attr( $args['value_username'] ) . '" size="20" tabindex="10" /> |
| 278 | </p> |
| 279 | <p class="login-password"> |
| 280 | <label for="' . esc_attr( $args['id_password'] ) . '">' . esc_html( $args['label_password'] ) . '</label> |
| 281 | <input type="password" name="pwd" id="' . esc_attr( $args['id_password'] ) . '" class="input" value="" size="20" tabindex="20" /> |
| 282 | </p> |
| 283 | ' . apply_filters( 'login_form_middle', '' ) . ' |
| 284 | ' . ( $args['remember'] ? '<p class="login-remember"><label><input name="rememberme" type="checkbox" id="' . esc_attr( $args['id_remember'] ) . '" value="forever" tabindex="90"' . ( $args['value_remember'] ? ' checked="checked"' : '' ) . ' /> ' . esc_html( $args['label_remember'] ) . '</label></p>' : '' ) . ' |
| 285 | <p class="login-submit"> |
| 286 | <input type="submit" name="wp-submit" id="' . esc_attr( $args['id_submit'] ) . '" class="button-primary" value="' . esc_attr( $args['label_log_in'] ) . '" tabindex="100" /> |
| 287 | <input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" /> |
| 288 | </p> |
| 289 | ' . apply_filters( 'login_form_bottom', '' ) . ' |
| 290 | </form>'; |
| 291 | |
| 292 | if ( $args['echo'] ) |
| 293 | echo $form; | //Cross Site Scripting
|
| 294 | else |
| 295 | return $form; |
| 296 | } |
| 297 | |
| 298 | /** |
| 299 | * Returns the Lost Password URL. |
| 300 | * |
| 301 | * Returns the URL that allows the user to retrieve the lost password |
| 302 | * |
| 303 | * @since 2.8.0 |
| 304 | * @uses site_url() To generate the lost password URL |
| 305 | * @uses apply_filters() calls 'lostpassword_url' hook on the lostpassword url |
| 306 | * |
| 307 | * @param string $redirect Path to redirect to on login. |
| 308 | */ |
| 309 | function wp_lostpassword_url($redirect = '') { |
| 310 | $args = array( 'action' => 'lostpassword' ); |
| 311 | if ( !empty($redirect) ) { |
| 312 | $args['redirect_to'] = $redirect; |
| 313 | } |
| 314 | |
| 315 | $lostpassword_url = add_query_arg($args, site_url('wp-login.php', 'login')); |
| 316 | return apply_filters('lostpassword_url', $lostpassword_url, $redirect); |
| 317 | } |
| 318 | |
| 319 | /** |
| 320 | * Display the Registration or Admin link. |
| 321 | * |
| 322 | * Display a link which allows the user to navigate to the registration page if |
| 323 | * not logged in and registration is enabled or to the dashboard if logged in. |
| 324 | * |
| 325 | * @since 1.5.0 |
| 326 | * @uses apply_filters() Calls 'register' hook on register / admin link content. |
| 327 | * |
| 328 | * @param string $before Text to output before the link (defaults to <li>). |
| 329 | * @param string $after Text to output after the link (defaults to </li>). |
| 330 | * @param boolean $echo Default to echo and not return the link. |
| 331 | */ |
| 332 | function wp_register( $before = '<li>', $after = '</li>', $echo = true ) { |
| 333 | |
| 334 | if ( ! is_user_logged_in() ) { |
| 335 | if ( get_option('users_can_register') ) |
| 336 | $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'login') . '">' . __('Register') . '</a>' . $after; |
| 337 | else |
| 338 | $link = ''; |
| 339 | } else { |
| 340 | $link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after; |
| 341 | } |
| 342 | |
| 343 | if ( $echo ) |
| 344 | echo apply_filters('register', $link); |
| 345 | else |
| 346 | return apply_filters('register', $link); |
| 347 | } |
| 348 | |
| 349 | /** |
| 350 | * Theme container function for the 'wp_meta' action. |
| 351 | * |
| 352 | * The 'wp_meta' action can have several purposes, depending on how you use it, |
| 353 | * but one purpose might have been to allow for theme switching. |
| 354 | * |
| 355 | * @since 1.5.0 |
| 356 | * @link http://trac.wordpress.org/ticket/1458 Explanation of 'wp_meta' action. |
| 357 | * @uses do_action() Calls 'wp_meta' hook. |
| 358 | */ |
| 359 | function wp_meta() { |
| 360 | do_action('wp_meta'); |
| 361 | } |
| 362 | |
| 363 | /** |
| 364 | * Display information about the blog. |
| 365 | * |
| 366 | * @see get_bloginfo() For possible values for the parameter. |
| 367 | * @since 0.71 |
| 368 | * |
| 369 | * @param string $show What to display. |
| 370 | */ |
| 371 | function bloginfo( $show='' ) { |
| 372 | echo get_bloginfo( $show, 'display' ); |
| 373 | } |
| 374 | |
| 375 | /** |
| 376 | * Retrieve information about the blog. |
| 377 | * |
| 378 | * Some show parameter values are deprecated and will be removed in future |
| 379 | * versions. These options will trigger the _deprecated_argument() function. |
| 380 | * The deprecated blog info options are listed in the function contents. |
| 381 | * |
| 382 | * The possible values for the 'show' parameter are listed below. |
| 383 | * <ol> |
| 384 | * <li><strong>url<strong> - Blog URI to homepage.</li> |
| 385 | * <li><strong>wpurl</strong> - Blog URI path to WordPress.</li> |
| 386 | * <li><strong>description</strong> - Secondary title</li> |
| 387 | * </ol> |
| 388 | * |
| 389 | * The feed URL options can be retrieved from 'rdf_url' (RSS 0.91), |
| 390 | * 'rss_url' (RSS 1.0), 'rss2_url' (RSS 2.0), or 'atom_url' (Atom feed). The |
| 391 | * comment feeds can be retrieved from the 'comments_atom_url' (Atom comment |
| 392 | * feed) or 'comments_rss2_url' (RSS 2.0 comment feed). |
| 393 | * |
| 394 | * @since 0.71 |
| 395 | * |
| 396 | * @param string $show Blog info to retrieve. |
| 397 | * @param string $filter How to filter what is retrieved. |
| 398 | * @return string Mostly string values, might be empty. |
| 399 | */ |
| 400 | function get_bloginfo( $show = '', $filter = 'raw' ) { |
| 401 | |
| 402 | switch( $show ) { |
| 403 | case 'home' : // DEPRECATED |
| 404 | case 'siteurl' : // DEPRECATED |
| 405 | _deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> option instead.' ), 'url' ) ); |
| 406 | case 'url' : |
| 407 | $output = home_url(); |
| 408 | break; |
| 409 | case 'wpurl' : |
| 410 | $output = site_url(); |
| 411 | break; |
| 412 | case 'description': |
| 413 | $output = get_option('blogdescription'); |
| 414 | break; |
| 415 | case 'rdf_url': |
| 416 | $output = get_feed_link('rdf'); |
| 417 | break; |
| 418 | case 'rss_url': |
| 419 | $output = get_feed_link('rss'); |
| 420 | break; |
| 421 | case 'rss2_url': |
| 422 | $output = get_feed_link('rss2'); |
| 423 | break; |
| 424 | case 'atom_url': |
| 425 | $output = get_feed_link('atom'); |
| 426 | break; |
| 427 | case 'comments_atom_url': |
| 428 | $output = get_feed_link('comments_atom'); |
| 429 | break; |
| 430 | case 'comments_rss2_url': |
| 431 | $output = get_feed_link('comments_rss2'); |
| 432 | break; |
| 433 | case 'pingback_url': |
| 434 | $output = get_option('siteurl') .'/xmlrpc.php'; |
| 435 | break; |
| 436 | case 'stylesheet_url': |
| 437 | $output = get_stylesheet_uri(); |
| 438 | break; |
| 439 | case 'stylesheet_directory': |
| 440 | $output = get_stylesheet_directory_uri(); |
| 441 | break; |
| 442 | case 'template_directory': |
| 443 | case 'template_url': |
| 444 | $output = get_template_directory_uri(); |
| 445 | break; |
| 446 | case 'admin_email': |
| 447 | $output = get_option('admin_email'); |
| 448 | break; |
| 449 | case 'charset': |
| 450 | $output = get_option('blog_charset'); |
| 451 | if ('' == $output) $output = 'UTF-8'; |
| 452 | break; |
| 453 | case 'html_type' : |
| 454 | $output = get_option('html_type'); |
| 455 | break; |
| 456 | case 'version': |
| 457 | global $wp_version; |
| 458 | $output = $wp_version; |
| 459 | break; |
| 460 | case 'language': |
| 461 | $output = get_locale(); |
| 462 | $output = str_replace('_', '-', $output); |
| 463 | break; |
| 464 | case 'text_direction': |
| 465 | //_deprecated_argument( __FUNCTION__, '2.2', sprintf( __('The <code>%s</code> option is deprecated for the family of <code>bloginfo()</code> functions.' ), $show ) . ' ' . sprintf( __( 'Use the <code>%s</code> function instead.' ), 'is_rtl()' ) ); |
| 466 | if ( function_exists( 'is_rtl' ) ) { |
| 467 | $output = is_rtl() ? 'rtl' : 'ltr'; |
| 468 | } else { |
| 469 | $output = 'ltr'; |
| 470 | } |
| 471 | break; |
| 472 | case 'name': |
| 473 | default: |
| 474 | $output = get_option('blogname'); |
| 475 | break; |
| 476 | } |
| 477 | |
| 478 | $url = true; |
| 479 | if (strpos($show, 'url') === false && |
| 480 | strpos($show, 'directory') === false && |
| 481 | strpos($show, 'home') === false) |
| 482 | $url = false; |
| 483 | |
| 484 | if ( 'display' == $filter ) { |
| 485 | if ( $url ) |
| 486 | $output = apply_filters('bloginfo_url', $output, $show); |
| 487 | else |
| 488 | $output = apply_filters('bloginfo', $output, $show); |
| 489 | } |
| 490 | |
| 491 | return $output; |
| 492 | } |
| 493 | |
| 494 | /** |
| 495 | * Display or retrieve page title for all areas of blog. |
| 496 | * |
| 497 | * By default, the page title will display the separator before the page title, |
| 498 | * so that the blog title will be before the page title. This is not good for |
| 499 | * title display, since the blog title shows up on most tabs and not what is |
| 500 | * important, which is the page that the user is looking at. |
| 501 | * |
| 502 | * There are also SEO benefits to having the blog title after or to the 'right' |
| 503 | * or the page title. However, it is mostly common sense to have the blog title |
| 504 | * to the right with most browsers supporting tabs. You can achieve this by |
| 505 | * using the seplocation parameter and setting the value to 'right'. This change |
| 506 | * was introduced around 2.5.0, in case backwards compatibility of themes is |
| 507 | * important. |
| 508 | * |
| 509 | * @since 1.0.0 |
| 510 | * |
| 511 | * @param string $sep Optional, default is '»'. How to separate the various items within the page title. |
| 512 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
| 513 | * @param string $seplocation Optional. Direction to display title, 'right'. |
| 514 | * @return string|null String on retrieve, null when displaying. |
| 515 | */ |
| 516 | function wp_title($sep = '»', $display = true, $seplocation = '') { |
| 517 | global $wpdb, $wp_locale, $wp_query; |
| 518 | |
| 519 | $cat = get_query_var('cat'); |
| 520 | $tag = get_query_var('tag_id'); |
| 521 | $category_name = get_query_var('category_name'); |
| 522 | $author = get_query_var('author'); |
| 523 | $author_name = get_query_var('author_name'); |
| 524 | $m = get_query_var('m'); |
| 525 | $year = get_query_var('year'); |
| 526 | $monthnum = get_query_var('monthnum'); |
| 527 | $day = get_query_var('day'); |
| 528 | $search = get_query_var('s'); |
| 529 | $title = ''; |
| 530 | |
| 531 | $t_sep = '%WP_TITILE_SEP%'; // Temporary separator, for accurate flipping, if necessary |
| 532 | |
| 533 | // If there's a category |
| 534 | if ( !empty($cat) ) { |
| 535 | // category exclusion |
| 536 | if ( !stristr($cat,'-') ) |
| 537 | $title = apply_filters('single_cat_title', get_the_category_by_ID($cat)); |
| 538 | } elseif ( !empty($category_name) ) { |
| 539 | if ( stristr($category_name,'/') ) { |
| 540 | $category_name = explode('/',$category_name); |
| 541 | if ( $category_name[count($category_name)-1] ) |
| 542 | $category_name = $category_name[count($category_name)-1]; // no trailing slash |
| 543 | else |
| 544 | $category_name = $category_name[count($category_name)-2]; // there was a trailling slash |
| 545 | } |
| 546 | $cat = get_term_by('slug', $category_name, 'category', OBJECT, 'display'); |
| 547 | if ( $cat ) |
| 548 | $title = apply_filters('single_cat_title', $cat->name); |
| 549 | } |
| 550 | |
| 551 | if ( !empty($tag) ) { |
| 552 | $tag = get_term($tag, 'post_tag', OBJECT, 'display'); |
| 553 | if ( is_wp_error( $tag ) ) |
| 554 | return $tag; |
| 555 | if ( ! empty($tag->name) ) |
| 556 | $title = apply_filters('single_tag_title', $tag->name); |
| 557 | } |
| 558 | |
| 559 | // If there's an author |
| 560 | if ( !empty($author) ) { |
| 561 | $title = get_userdata($author); |
| 562 | $title = $title->display_name; |
| 563 | } |
| 564 | if ( !empty($author_name) ) { |
| 565 | // We do a direct query here because we don't cache by nicename. |
| 566 | $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name)); |
| 567 | } |
| 568 | |
| 569 | // If there's a month |
| 570 | if ( !empty($m) ) { |
| 571 | $my_year = substr($m, 0, 4); |
| 572 | $my_month = $wp_locale->get_month(substr($m, 4, 2)); |
| 573 | $my_day = intval(substr($m, 6, 2)); |
| 574 | $title = $my_year . ($my_month ? $t_sep . $my_month : "") . ($my_day ? $t_sep . $my_day : ""); |
| 575 | } |
| 576 | |
| 577 | if ( !empty($year) ) { |
| 578 | $title = $year; |
| 579 | if ( !empty($monthnum) ) |
| 580 | $title .= $t_sep . $wp_locale->get_month($monthnum); |
| 581 | if ( !empty($day) ) |
| 582 | $title .= $t_sep . zeroise($day, 2); |
| 583 | } |
| 584 | |
| 585 | // If there is a post |
| 586 | if ( is_single() || ( is_home() && !is_front_page() ) || ( is_page() && !is_front_page() ) ) { |
| 587 | $post = $wp_query->get_queried_object(); |
| 588 | $title = apply_filters( 'single_post_title', $post->post_title ); |
| 589 | } |
| 590 | |
| 591 | // If there's a taxonomy |
| 592 | if ( is_tax() ) { |
| 593 | $taxonomy = get_query_var( 'taxonomy' ); |
| 594 | $tax = get_taxonomy( $taxonomy ); |
| 595 | $term = $wp_query->get_queried_object(); |
| 596 | $term = $term->name; |
| 597 | $title = $tax->labels->name . $t_sep . $term; |
| 598 | } |
| 599 | |
| 600 | //If it's a search |
| 601 | if ( is_search() ) { |
| 602 | /* translators: 1: separator, 2: search phrase */ |
| 603 | $title = sprintf(__('Search Results %1$s %2$s'), $t_sep, strip_tags($search)); |
| 604 | } |
| 605 | |
| 606 | if ( is_404() ) { |
| 607 | $title = __('Page not found'); |
| 608 | } |
| 609 | |
| 610 | $prefix = ''; |
| 611 | if ( !empty($title) ) |
| 612 | $prefix = " $sep "; |
| 613 | |
| 614 | // Determines position of the separator and direction of the breadcrumb |
| 615 | if ( 'right' == $seplocation ) { // sep on right, so reverse the order |
| 616 | $title_array = explode( $t_sep, $title ); |
| 617 | $title_array = array_reverse( $title_array ); |
| 618 | $title = implode( " $sep ", $title_array ) . $prefix; |
| 619 | } else { |
| 620 | $title_array = explode( $t_sep, $title ); |
| 621 | $title = $prefix . implode( " $sep ", $title_array ); |
| 622 | } |
| 623 | |
| 624 | $title = apply_filters('wp_title', $title, $sep, $seplocation); |
| 625 | |
| 626 | // Send it out |
| 627 | if ( $display ) |
| 628 | echo $title; | //Cross Site Scripting
|
| 629 | else |
| 630 | return $title; |
| 631 | |
| 632 | } |
| 633 | |
| 634 | /** |
| 635 | * Display or retrieve page title for post. |
| 636 | * |
| 637 | * This is optimized for single.php template file for displaying the post title. |
| 638 | * Only useful for posts, does not support pages for example. |
| 639 | * |
| 640 | * It does not support placing the separator after the title, but by leaving the |
| 641 | * prefix parameter empty, you can set the title separator manually. The prefix |
| 642 | * does not automatically place a space between the prefix, so if there should |
| 643 | * be a space, the parameter value will need to have it at the end. |
| 644 | * |
| 645 | * @since 0.71 |
| 646 | * @uses $wpdb |
| 647 | * |
| 648 | * @param string $prefix Optional. What to display before the title. |
| 649 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
| 650 | * @return string|null Title when retrieving, null when displaying or failure. |
| 651 | */ |
| 652 | function single_post_title($prefix = '', $display = true) { |
| 653 | global $wp_query, $post; |
| 654 | |
| 655 | if ( ! $post ) |
| 656 | $_post = $wp_query->get_queried_object(); |
| 657 | else |
| 658 | $_post = $post; |
| 659 | |
| 660 | if ( !isset($_post->post_title) ) |
| 661 | return; |
| 662 | |
| 663 | $title = apply_filters('single_post_title', $_post->post_title, $_post); |
| 664 | if ( $display ) |
| 665 | echo $prefix . $title; | //Cross Site Scripting
|
| 666 | else |
| 667 | return $title; |
| 668 | } |
| 669 | |
| 670 | /** |
| 671 | * Display or retrieve page title for category archive. |
| 672 | * |
| 673 | * This is useful for category template file or files, because it is optimized |
| 674 | * for category page title and with less overhead than {@link wp_title()}. |
| 675 | * |
| 676 | * It does not support placing the separator after the title, but by leaving the |
| 677 | * prefix parameter empty, you can set the title separator manually. The prefix |
| 678 | * does not automatically place a space between the prefix, so if there should |
| 679 | * be a space, the parameter value will need to have it at the end. |
| 680 | * |
| 681 | * @since 0.71 |
| 682 | * |
| 683 | * @param string $prefix Optional. What to display before the title. |
| 684 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
| 685 | * @return string|null Title when retrieving, null when displaying or failure. |
| 686 | */ |
| 687 | function single_cat_title($prefix = '', $display = true ) { |
| 688 | global $wp_query; |
| 689 | |
| 690 | if ( is_tag() ) |
| 691 | return single_tag_title($prefix, $display); |
| 692 | |
| 693 | if ( !is_category() ) |
| 694 | return; |
| 695 | |
| 696 | $cat = $wp_query->get_queried_object(); |
| 697 | $my_cat_name = apply_filters('single_cat_title', $cat->name); |
| 698 | if ( !empty($my_cat_name) ) { |
| 699 | if ( $display ) |
| 700 | echo $prefix . $my_cat_name; | //Cross Site Scripting
|
| 701 | else |
| 702 | return $my_cat_name; |
| 703 | } |
| 704 | } |
| 705 | |
| 706 | /** |
| 707 | * Display or retrieve page title for tag post archive. |
| 708 | * |
| 709 | * Useful for tag template files for displaying the tag page title. It has less |
| 710 | * overhead than {@link wp_title()}, because of its limited implementation. |
| 711 | * |
| 712 | * It does not support placing the separator after the title, but by leaving the |
| 713 | * prefix parameter empty, you can set the title separator manually. The prefix |
| 714 | * does not automatically place a space between the prefix, so if there should |
| 715 | * be a space, the parameter value will need to have it at the end. |
| 716 | * |
| 717 | * @since 2.3.0 |
| 718 | * |
| 719 | * @param string $prefix Optional. What to display before the title. |
| 720 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
| 721 | * @return string|null Title when retrieving, null when displaying or failure. |
| 722 | */ |
| 723 | function single_tag_title($prefix = '', $display = true ) { |
| 724 | global $wp_query; |
| 725 | if ( !is_tag() ) |
| 726 | return; |
| 727 | |
| 728 | $tag = $wp_query->get_queried_object(); |
| 729 | |
| 730 | if ( ! $tag ) |
| 731 | return; |
| 732 | |
| 733 | $my_tag_name = apply_filters('single_tag_title', $tag->name); |
| 734 | if ( !empty($my_tag_name) ) { |
| 735 | if ( $display ) |
| 736 | echo $prefix . $my_tag_name; | //Cross Site Scripting
|
| 737 | else |
| 738 | return $my_tag_name; |
| 739 | } |
| 740 | } |
| 741 | |
| 742 | /** |
| 743 | * Display or retrieve page title for post archive based on date. |
| 744 | * |
| 745 | * Useful for when the template only needs to display the month and year, if |
| 746 | * either are available. Optimized for just this purpose, so if it is all that |
| 747 | * is needed, should be better than {@link wp_title()}. |
| 748 | * |
| 749 | * It does not support placing the separator after the title, but by leaving the |
| 750 | * prefix parameter empty, you can set the title separator manually. The prefix |
| 751 | * does not automatically place a space between the prefix, so if there should |
| 752 | * be a space, the parameter value will need to have it at the end. |
| 753 | * |
| 754 | * @since 0.71 |
| 755 | * |
| 756 | * @param string $prefix Optional. What to display before the title. |
| 757 | * @param bool $display Optional, default is true. Whether to display or retrieve title. |
| 758 | * @return string|null Title when retrieving, null when displaying or failure. |
| 759 | */ |
| 760 | function single_month_title($prefix = '', $display = true ) { |
| 761 | global $wp_locale; |
| 762 | |
| 763 | $m = get_query_var('m'); |
| 764 | $year = get_query_var('year'); |
| 765 | $monthnum = get_query_var('monthnum'); |
| 766 | |
| 767 | if ( !empty($monthnum) && !empty($year) ) { |
| 768 | $my_year = $year; |
| 769 | $my_month = $wp_locale->get_month($monthnum); |
| 770 | } elseif ( !empty($m) ) { |
| 771 | $my_year = substr($m, 0, 4); |
| 772 | $my_month = $wp_locale->get_month(substr($m, 4, 2)); |
| 773 | } |
| 774 | |
| 775 | if ( empty($my_month) ) |
| 776 | return false; |
| 777 | |
| 778 | $result = $prefix . $my_month . $prefix . $my_year; |
| 779 | |
| 780 | if ( !$display ) |
| 781 | return $result; |
| 782 | echo $result; | //Cross Site Scripting
|
| 783 | } |
| 784 | |
| 785 | /** |
| 786 | * Retrieve archive link content based on predefined or custom code. |
| 787 | * |
| 788 | * The format can be one of four styles. The 'link' for head element, 'option' |
| 789 | * for use in the select element, 'html' for use in list (either ol or ul HTML |
| 790 | * elements). Custom content is also supported using the before and after |
| 791 | * parameters. |
| 792 | * |
| 793 | * The 'link' format uses the link HTML element with the <em>archives</em> |
| 794 | * relationship. The before and after parameters are not used. The text |
| 795 | * parameter is used to describe the link. |
| 796 | * |
| 797 | * The 'option' format uses the option HTML element for use in select element. |
| 798 | * The value is the url parameter and the before and after parameters are used |
| 799 | * between the text description. |
| 800 | * |
| 801 | * The 'html' format, which is the default, uses the li HTML element for use in |
| 802 | * the list HTML elements. The before parameter is before the link and the after |
| 803 | * parameter is after the closing link. |
| 804 | * |
| 805 | * The custom format uses the before parameter before the link ('a' HTML |
| 806 | * element) and the after parameter after the closing link tag. If the above |
| 807 | * three values for the format are not used, then custom format is assumed. |
| 808 | * |
| 809 | * @since 1.0.0 |
| 810 | * |
| 811 | * @param string $url URL to archive. |
| 812 | * @param string $text Archive text description. |
| 813 | * @param string $format Optional, default is 'html'. Can be 'link', 'option', 'html', or custom. |
| 814 | * @param string $before Optional. |
| 815 | * @param string $after Optional. |
| 816 | * @return string HTML link content for archive. |
| 817 | */ |
| 818 | function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') { |
| 819 | $text = wptexturize($text); |
| 820 | $title_text = esc_attr($text); |
| 821 | $url = esc_url($url); |
| 822 | |
| 823 | if ('link' == $format) |
| 824 | $link_html = "\t<link rel='archives' title='$title_text' href='$url' />\n"; |
| 825 | elseif ('option' == $format) |
| 826 | $link_html = "\t<option value='$url'>$before $text $after</option>\n"; |
| 827 | elseif ('html' == $format) |
| 828 | $link_html = "\t<li>$before<a href='$url' title='$title_text'>$text</a>$after</li>\n"; |
| 829 | else // custom |
| 830 | $link_html = "\t$before<a href='$url' title='$title_text'>$text</a>$after\n"; |
| 831 | |
| 832 | $link_html = apply_filters( "get_archives_link", $link_html ); |
| 833 | |
| 834 | return $link_html; |
| 835 | } |
| 836 | |
| 837 | /** |
| 838 | * Display archive links based on type and format. |
| 839 | * |
| 840 | * The 'type' argument offers a few choices and by default will display monthly |
| 841 | * archive links. The other options for values are 'daily', 'weekly', 'monthly', |
| 842 | * 'yearly', 'postbypost' or 'alpha'. Both 'postbypost' and 'alpha' display the |
| 843 | * same archive link list, the difference between the two is that 'alpha' |
| 844 | * will order by post title and 'postbypost' will order by post date. |
| 845 | * |
| 846 | * The date archives will logically display dates with links to the archive post |
| 847 | * page. The 'postbypost' and 'alpha' values for 'type' argument will display |
| 848 | * the post titles. |
| 849 | * |
| 850 | * The 'limit' argument will only display a limited amount of links, specified |
| 851 | * by the 'limit' integer value. By default, there is no limit. The |
| 852 | * 'show_post_count' argument will show how many posts are within the archive. |
| 853 | * By default, the 'show_post_count' argument is set to false. |
| 854 | * |
| 855 | * For the 'format', 'before', and 'after' arguments, see {@link |
| 856 | * get_archives_link()}. The values of these arguments have to do with that |
| 857 | * function. |
| 858 | * |
| 859 | * @since 1.2.0 |
| 860 | * |
| 861 | * @param string|array $args Optional. Override defaults. |
| 862 | */ |
| 863 | function wp_get_archives($args = '') { |
| 864 | global $wpdb, $wp_locale; |
| 865 | |
| 866 | $defaults = array( |
| 867 | 'type' => 'monthly', 'limit' => '', |
| 868 | 'format' => 'html', 'before' => '', |
| 869 | 'after' => '', 'show_post_count' => false, |
| 870 | 'echo' => 1 |
| 871 | ); |
| 872 | |
| 873 | $r = wp_parse_args( $args, $defaults ); |
| 874 | extract( $r, EXTR_SKIP ); | //Possible Control Flow
|
| 875 | |
| 876 | if ( '' == $type ) |
| 877 | $type = 'monthly'; |
| 878 | |
| 879 | if ( '' != $limit ) { |
| 880 | $limit = absint($limit); |
| 881 | $limit = ' LIMIT '.$limit; |
| 882 | } |
| 883 | |
| 884 | // this is what will separate dates on weekly archive links |
| 885 | $archive_week_separator = '–'; |
| 886 | |
| 887 | // over-ride general date format ? 0 = no: use the date format set in Options, 1 = yes: over-ride |
| 888 | $archive_date_format_over_ride = 0; |
| 889 | |
| 890 | // options for daily archive (only if you over-ride the general date format) |
| 891 | $archive_day_date_format = 'Y/m/d'; |
| 892 | |
| 893 | // options for weekly archive (only if you over-ride the general date format) |
| 894 | $archive_week_start_date_format = 'Y/m/d'; |
| 895 | $archive_week_end_date_format = 'Y/m/d'; |
| 896 | |
| 897 | if ( !$archive_date_format_over_ride ) { |
| 898 | $archive_day_date_format = get_option('date_format'); |
| 899 | $archive_week_start_date_format = get_option('date_format'); |
| 900 | $archive_week_end_date_format = get_option('date_format'); |
| 901 | } |
| 902 | |
| 903 | //filters |
| 904 | $where = apply_filters('getarchives_where', "WHERE post_type = 'post' AND post_status = 'publish'", $r ); |
| 905 | $join = apply_filters('getarchives_join', "", $r); |
| 906 | |
| 907 | $output = ''; |
| 908 | |
| 909 | if ( 'monthly' == $type ) { |
| 910 | $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date) ORDER BY post_date DESC $limit"; |
| 911 | $key = md5($query); |
| 912 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
| 913 | if ( !isset( $cache[ $key ] ) ) { |
| 914 | $arcresults = $wpdb->get_results($query); |
| 915 | $cache[ $key ] = $arcresults; |
| 916 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
| 917 | } else { |
| 918 | $arcresults = $cache[ $key ]; |
| 919 | } |
| 920 | if ( $arcresults ) { |
| 921 | $afterafter = $after; |
| 922 | foreach ( (array) $arcresults as $arcresult ) { |
| 923 | $url = get_month_link( $arcresult->year, $arcresult->month ); |
| 924 | /* translators: 1: month name, 2: 4-digit year */ |
| 925 | $text = sprintf(__('%1$s %2$d'), $wp_locale->get_month($arcresult->month), $arcresult->year); |
| 926 | if ( $show_post_count ) |
| 927 | $after = ' ('.$arcresult->posts.')' . $afterafter; |
| 928 | $output .= get_archives_link($url, $text, $format, $before, $after); |
| 929 | } |
| 930 | } |
| 931 | } elseif ('yearly' == $type) { |
| 932 | $query = "SELECT YEAR(post_date) AS `year`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date) ORDER BY post_date DESC $limit"; |
| 933 | $key = md5($query); |
| 934 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
| 935 | if ( !isset( $cache[ $key ] ) ) { |
| 936 | $arcresults = $wpdb->get_results($query); |
| 937 | $cache[ $key ] = $arcresults; |
| 938 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
| 939 | } else { |
| 940 | $arcresults = $cache[ $key ]; |
| 941 | } |
| 942 | if ($arcresults) { |
| 943 | $afterafter = $after; |
| 944 | foreach ( (array) $arcresults as $arcresult) { |
| 945 | $url = get_year_link($arcresult->year); |
| 946 | $text = sprintf('%d', $arcresult->year); |
| 947 | if ($show_post_count) |
| 948 | $after = ' ('.$arcresult->posts.')' . $afterafter; |
| 949 | $output .= get_archives_link($url, $text, $format, $before, $after); |
| 950 | } |
| 951 | } |
| 952 | } elseif ( 'daily' == $type ) { |
| 953 | $query = "SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, DAYOFMONTH(post_date) AS `dayofmonth`, count(ID) as posts FROM $wpdb->posts $join $where GROUP BY YEAR(post_date), MONTH(post_date), DAYOFMONTH(post_date) ORDER BY post_date DESC $limit"; |
| 954 | $key = md5($query); |
| 955 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
| 956 | if ( !isset( $cache[ $key ] ) ) { |
| 957 | $arcresults = $wpdb->get_results($query); |
| 958 | $cache[ $key ] = $arcresults; |
| 959 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
| 960 | } else { |
| 961 | $arcresults = $cache[ $key ]; |
| 962 | } |
| 963 | if ( $arcresults ) { |
| 964 | $afterafter = $after; |
| 965 | foreach ( (array) $arcresults as $arcresult ) { |
| 966 | $url = get_day_link($arcresult->year, $arcresult->month, $arcresult->dayofmonth); |
| 967 | $date = sprintf('%1$d-%2$02d-%3$02d 00:00:00', $arcresult->year, $arcresult->month, $arcresult->dayofmonth); | //Cross Site Scripting
|
| 968 | $text = mysql2date($archive_day_date_format, $date); |
| 969 | if ($show_post_count) |
| 970 | $after = ' ('.$arcresult->posts.')'.$afterafter; |
| 971 | $output .= get_archives_link($url, $text, $format, $before, $after); |
| 972 | } |
| 973 | } |
| 974 | } elseif ( 'weekly' == $type ) { |
| 975 | $week = _wp_mysql_week( '`post_date`' ); |
| 976 | $query = "SELECT DISTINCT $week AS `week`, YEAR( `post_date` ) AS `yr`, DATE_FORMAT( `post_date`, '%Y-%m-%d' ) AS `yyyymmdd`, count( `ID` ) AS `posts` FROM `$wpdb->posts` $join $where GROUP BY $week, YEAR( `post_date` ) ORDER BY `post_date` DESC $limit"; | //Arbitrary command execution
|
| 977 | $key = md5($query); |
| 978 | $cache = wp_cache_get( 'wp_get_archives' , 'general'); |
| 979 | if ( !isset( $cache[ $key ] ) ) { |
| 980 | $arcresults = $wpdb->get_results($query); |
| 981 | $cache[ $key ] = $arcresults; |
| 982 | wp_cache_set( 'wp_get_archives', $cache, 'general' ); |
| 983 | } else { |
| 984 | $arcresults = $cache[ $key ]; |
| 985 | } |
| 986 | $arc_w_last = ''; |
| 987 | $afterafter = $after; |
| 988 | if ( $arcresults ) { |
| 989 | foreach ( (array) $arcresults as $arcresult ) { |
| 990 | if ( $arcresult->week != $arc_w_last ) { |
| 991 | $arc_year = $arcresult->yr; |
| 992 | $arc_w_last = $arcresult->week; |
| 993 | $arc_week = get_weekstartend($arcresult->yyyymmdd, get_option('start_of_week')); |
| 994 | $arc_week_start = date_i18n($archive_week_start_date_format, $arc_week['start']); |
| 995 | $arc_week_end = date_i18n($archive_week_end_date_format, $arc_week['end']); |
| 996 | $url = sprintf('%1$s/%2$s%3$sm%4$s%5$s%6$sw%7$s%8$d', home_url(), '', '?', '=', $arc_year, '&', '=', $arcresult->week); | //Cross Site Scripting
|
| 997 | $text = $arc_week_start . $archive_week_separator . $arc_week_end; |
| 998 | if ($show_post_count) |
| 999 | $after = ' ('.$arcresult->posts.')'.$afterafter; |
| 1000 | $output .= get_archives_link($url, $text, $format, $before, $after); |