rect_url ); if ( ! empty( $_parsed_query['name'] ) && ! empty( $redirect['query'] ) ) { parse_str( $redirect['query'], $_parsed_redirect_query ); if ( empty( $_parsed_redirect_query['name'] ) ) { unset( $_parsed_query['name'] ); } } $_parsed_query = array_combine( rawurlencode_deep( array_keys( $_parsed_query ) ), rawurlencode_deep( array_values( $_parsed_query ) ) ); $redirect_url = add_query_arg( $_parsed_query, $redirect_url ); } if ( $redirect_url ) { $redirect = parse_url( $redirect_url ); } // www.example.com vs. example.com $user_home = parse_url( home_url() ); if ( ! empty( $user_home['host'] ) ) { $redirect['host'] = $user_home['host']; } if ( empty( $user_home['path'] ) ) { $user_home['path'] = '/'; } // Handle ports. if ( ! empty( $user_home['port'] ) ) { $redirect['port'] = $user_home['port']; } else { unset( $redirect['port'] ); } // Trailing /index.php. $redirect['path'] = preg_replace( '|/' . preg_quote( $wp_rewrite->index, '|' ) . '/*?$|', '/', $redirect['path'] ); $punctuation_pattern = implode( '|', array_map( 'preg_quote', array( ' ', '%20', // Space. '!', '%21', // Exclamation mark. '"', '%22', // Double quote. "'", '%27', // Single quote. '(', '%28', // Opening bracket. ')', '%29', // Closing bracket. ',', '%2C', // Comma. '.', '%2E', // Period. ';', '%3B', // Semicolon. '{', '%7B', // Opening curly bracket. '}', '%7D', // Closing curly bracket. '%E2%80%9C', // Opening curly quote. '%E2%80%9D', // Closing curly quote. ) ) ); // Remove trailing spaces and end punctuation from the path. $redirect['path'] = preg_replace( "#($punctuation_pattern)+$#", '', $redirect['path'] ); if ( ! empty( $redirect['query'] ) ) { // Remove trailing spaces and end punctuation from certain terminating query string args. $redirect['query'] = preg_replace( "#((^|&)(p|page_id|cat|tag)=[^&]*?)($punctuation_pattern)+$#", '$1', $redirect['query'] ); // Clean up empty query strings. $redirect['query'] = trim( preg_replace( '#(^|&)(p|page_id|cat|tag)=?(&|$)#', '&', $redirect['query'] ), '&' ); // Redirect obsolete feeds. $redirect['query'] = preg_replace( '#(^|&)feed=rss(&|$)#', '$1feed=rss2$2', $redirect['query'] ); // Remove redundant leading ampersands. $redirect['query'] = preg_replace( '#^\??&*?#', '', $redirect['query'] ); } // Strip /index.php/ when we're not using PATHINFO permalinks. if ( ! $wp_rewrite->using_index_permalinks() ) { $redirect['path'] = str_replace( '/' . $wp_rewrite->index . '/', '/', $redirect['path'] ); } // Trailing slashes. if ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() && ! $is_attachment_redirect && ! is_404() && ( ! is_front_page() || is_front_page() && get_query_var( 'paged' ) > 1 ) ) { $user_ts_type = ''; if ( get_query_var( 'paged' ) > 0 ) { $user_ts_type = 'paged'; } else { foreach ( array( 'single', 'category', 'page', 'day', 'month', 'year', 'home' ) as $type ) { $func = 'is_' . $type; if ( call_user_func( $func ) ) { $user_ts_type = $type; break; } } } $redirect['path'] = user_trailingslashit( $redirect['path'], $user_ts_type ); } elseif ( is_front_page() ) { $redirect['path'] = trailingslashit( $redirect['path'] ); } // Remove trailing slash for robots.txt or sitemap requests. if ( is_robots() || ! empty( get_query_var( 'sitemap' ) ) || ! empty( get_query_var( 'sitemap-stylesheet' ) ) ) { $redirect['path'] = untrailingslashit( $redirect['path'] ); } // Strip multiple slashes out of the URL. if ( str_contains( $redirect['path'], '//' ) ) { $redirect['path'] = preg_replace( '|/+|', '/', $redirect['path'] ); } // Always trailing slash the Front Page URL. if ( trailingslashit( $redirect['path'] ) === trailingslashit( $user_home['path'] ) ) { $redirect['path'] = trailingslashit( $redirect['path'] ); } $original_host_low = strtolower( $original['host'] ); $redirect_host_low = strtolower( $redirect['host'] ); /* * Ignore differences in host capitalization, as this can lead to infinite redirects. * Only redirect no-www <=> yes-www. */ if ( $original_host_low === $redirect_host_low || ( 'www.' . $original_host_low !== $redirect_host_low && 'www.' . $redirect_host_low !== $original_host_low ) ) { $redirect['host'] = $original['host']; } $compare_original = array( $original['host'], $original['path'] ); if ( ! empty( $original['port'] ) ) { $compare_original[] = $original['port']; } if ( ! empty( $original['query'] ) ) { $compare_original[] = $original['query']; } $compare_redirect = array( $redirect['host'], $redirect['path'] ); if ( ! empty( $redirect['port'] ) ) { $compare_redirect[] = $redirect['port']; } if ( ! empty( $redirect['query'] ) ) { $compare_redirect[] = $redirect['query']; } if ( $compare_original !== $compare_redirect ) { $redirect_url = $redirect['scheme'] . '://' . $redirect['host']; if ( ! empty( $redirect['port'] ) ) { $redirect_url .= ':' . $redirect['port']; } $redirect_url .= $redirect['path']; if ( ! empty( $redirect['query'] ) ) { $redirect_url .= '?' . $redirect['query']; } } if ( ! $redirect_url || $redirect_url === $requested_url ) { return; } // Hex-encoded octets are case-insensitive. if ( str_contains( $requested_url, '%' ) ) { if ( ! function_exists( 'lowercase_octets' ) ) { /** * Converts the first hex-encoded octet match to lowercase. * * @since 3.1.0 * @ignore * * @param array $matches Hex-encoded octet matches for the requested URL. * @return string Lowercased version of the first match. */ function lowercase_octets( $matches ) { return strtolower( $matches[0] ); } } $requested_url = preg_replace_callback( '|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url ); } if ( $redirect_obj instanceof WP_Post ) { $post_status_obj = get_post_status_object( get_post_status( $redirect_obj ) ); /* * Unset the redirect object and URL if they are not readable by the user. * This condition is a little confusing as the condition needs to pass if * the post is not readable by the user. That's why there are ! (not) conditions * throughout. */ if ( // Private post statuses only redirect if the user can read them. ! ( $post_status_obj->private && current_user_can( 'read_post', $redirect_obj->ID ) ) && // For other posts, only redirect if publicly viewable. ! is_post_publicly_viewable( $redirect_obj ) ) { $redirect_obj = false; $redirect_url = false; } } /** * Filters the canonical redirect URL. * * Returning false to this filter will cancel the redirect. * * @since 2.3.0 * * @param string $redirect_url The redirect URL. * @param string $requested_url The requested URL. */ $redirect_url = apply_filters( 'redirect_canonical', $redirect_url, $requested_url ); // Yes, again -- in case the filter aborted the request. if ( ! $redirect_url || strip_fragment_from_url( $redirect_url ) === strip_fragment_from_url( $requested_url ) ) { return; } if ( $do_redirect ) { // Protect against chained redirects. if ( ! redirect_canonical( $redirect_url, false ) ) { wp_redirect( $redirect_url, 301 ); exit; } else { // Debug. // die("1: $redirect_url
2: " . redirect_canonical( $redirect_url, false ) ); return; } } else { return $redirect_url; } } /** * Removes arguments from a query string if they are not present in a URL * DO NOT use this in plugin code. * * @since 3.4.0 * @access private * * @param string $query_string * @param array $args_to_check * @param string $url * @return string The altered query string */ function _remove_qs_args_if_not_in_url( $query_string, array $args_to_check, $url ) { $parsed_url = parse_url( $url ); if ( ! empty( $parsed_url['query'] ) ) { parse_str( $parsed_url['query'], $parsed_query ); foreach ( $args_to_check as $qv ) { if ( ! isset( $parsed_query[ $qv ] ) ) { $query_string = remove_query_arg( $qv, $query_string ); } } } else { $query_string = remove_query_arg( $args_to_check, $query_string ); } return $query_string; } /** * Strips the #fragment from a URL, if one is present. * * @since 4.4.0 * * @param string $url The URL to strip. * @return string The altered URL. */ function strip_fragment_from_url( $url ) { $parsed_url = wp_parse_url( $url ); if ( ! empty( $parsed_url['host'] ) ) { $url = ''; if ( ! empty( $parsed_url['scheme'] ) ) { $url = $parsed_url['scheme'] . ':'; } $url .= '//' . $parsed_url['host']; if ( ! empty( $parsed_url['port'] ) ) { $url .= ':' . $parsed_url['port']; } if ( ! empty( $parsed_url['path'] ) ) { $url .= $parsed_url['path']; } if ( ! empty( $parsed_url['query'] ) ) { $url .= '?' . $parsed_url['query']; } } return $url; } /** * Attempts to guess the correct URL for a 404 request based on query vars. * * @since 2.3.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @return string|false The correct URL if one is found. False on failure. */ function redirect_guess_404_permalink() { global $wpdb; /** * Filters whether to attempt to guess a redirect URL for a 404 request. * * Returning a false value from the filter will disable the URL guessing * and return early without performing a redirect. * * @since 5.5.0 * * @param bool $do_redirect_guess Whether to attempt to guess a redirect URL * for a 404 request. Default true. */ if ( false === apply_filters( 'do_redirect_guess_404_permalink', true ) ) { return false; } /** * Short-circuits the redirect URL guessing for 404 requests. * * Returning a non-null value from the filter will effectively short-circuit * the URL guessing, returning the passed value instead. * * @since 5.5.0 * * @param null|string|false $pre Whether to short-circuit guessing the redirect for a 404. * Default null to continue with the URL guessing. */ $pre = apply_filters( 'pre_redirect_guess_404_permalink', null ); if ( null !== $pre ) { return $pre; } if ( get_query_var( 'name' ) ) { $publicly_viewable_statuses = array_filter( get_post_stati(), 'is_post_status_viewable' ); $publicly_viewable_post_types = array_filter( get_post_types( array( 'exclude_from_search' => false ) ), 'is_post_type_viewable' ); /** * Filters whether to perform a strict guess for a 404 redirect. * * Returning a truthy value from the filter will redirect only exact post_name matches. * * @since 5.5.0 * * @param bool $strict_guess Whether to perform a strict guess. Default false (loose guess). */ $strict_guess = apply_filters( 'strict_redirect_guess_404_permalink', false ); if ( $strict_guess ) { $where = $wpdb->prepare( 'post_name = %s', get_query_var( 'name' ) ); } else { $where = $wpdb->prepare( 'post_name LIKE %s', $wpdb->esc_like( get_query_var( 'name' ) ) . '%' ); } // If any of post_type, year, monthnum, or day are set, use them to refine the query. if ( get_query_var( 'post_type' ) ) { if ( is_array( get_query_var( 'post_type' ) ) ) { $post_types = array_intersect( get_query_var( 'post_type' ), $publicly_viewable_post_types ); if ( empty( $post_types ) ) { return false; } $where .= " AND post_type IN ('" . join( "', '", esc_sql( get_query_var( 'post_type' ) ) ) . "')"; } else { if ( ! in_array( get_query_var( 'post_type' ), $publicly_viewable_post_types, true ) ) { return false; } $where .= $wpdb->prepare( ' AND post_type = %s', get_query_var( 'post_type' ) ); } } else { $where .= " AND post_type IN ('" . implode( "', '", esc_sql( $publicly_viewable_post_types ) ) . "')"; } if ( get_query_var( 'year' ) ) { $where .= $wpdb->prepare( ' AND YEAR(post_date) = %d', get_query_var( 'year' ) ); } if ( get_query_var( 'monthnum' ) ) { $where .= $wpdb->prepare( ' AND MONTH(post_date) = %d', get_query_var( 'monthnum' ) ); } if ( get_query_var( 'day' ) ) { $where .= $wpdb->prepare( ' AND DAYOFMONTH(post_date) = %d', get_query_var( 'day' ) ); } // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared $post_id = $wpdb->get_var( "SELECT ID FROM $wpdb->posts WHERE $where AND post_status IN ('" . implode( "', '", esc_sql( $publicly_viewable_statuses ) ) . "')" ); if ( ! $post_id ) { return false; } if ( get_query_var( 'feed' ) ) { return get_post_comments_feed_link( $post_id, get_query_var( 'feed' ) ); } elseif ( get_query_var( 'page' ) > 1 ) { return trailingslashit( get_permalink( $post_id ) ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' ); } else { return get_permalink( $post_id ); } } return false; } /** * Redirects a variety of shorthand URLs to the admin. * * If a user visits example.com/admin, they'll be redirected to /wp-admin. * Visiting /login redirects to /wp-login.php, and so on. * * @since 3.4.0 * * @global WP_Rewrite $wp_rewrite WordPress rewrite component. */ function wp_redirect_admin_locations() { global $wp_rewrite; if ( ! ( is_404() && $wp_rewrite->using_permalinks() ) ) { return; } $admins = array( home_url( 'wp-admin', 'relative' ), home_url( 'dashboard', 'relative' ), home_url( 'admin', 'relative' ), site_url( 'dashboard', 'relative' ), site_url( 'admin', 'relative' ), ); if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $admins, true ) ) { wp_redirect( admin_url() ); exit; } $logins = array( home_url( 'wp-login.php', 'relative' ), home_url( 'login.php', 'relative' ), home_url( 'login', 'relative' ), site_url( 'login', 'relative' ), ); if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins, true ) ) { wp_redirect( wp_login_url() ); exit; } } * that the context is a shortcode and not part of the theme's template rendering logic. * * @since 6.3.0 * @access private * * @return string The filtered context value for wp_get_attachment_images when doing shortcodes. */ function _filter_do_shortcode_context() { return 'do_shortcode'; } /** * Retrieves the shortcode regular expression for searching. * * The regular expression combines the shortcode tags in the regular expression * in a regex class. * * The regular expression contains 6 different sub matches to help with parsing. * * 1 - An extra [ to allow for escaping shortcodes with double [[]] * 2 - The shortcode name * 3 - The shortcode argument list * 4 - The self closing / * 5 - The content of a shortcode when it wraps some content. * 6 - An extra ] to allow for escaping shortcodes with double [[]] * * @since 2.5.0 * @since 4.4.0 Added the `$tagnames` parameter. * * @global array $shortcode_tags * * @param array $tagnames Optional. List of shortcodes to find. Defaults to all registered shortcodes. * @return string The shortcode search regular expression */ function get_shortcode_regex( $tagnames = null ) { global $shortcode_tags; if ( empty( $tagnames ) ) { $tagnames = array_keys( $shortcode_tags ); } $tagregexp = implode( '|', array_map( 'preg_quote', $tagnames ) ); /* * WARNING! Do not change this regex without changing do_shortcode_tag() and strip_shortcode_tag(). * Also, see shortcode_unautop() and shortcode.js. */ // phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound -- don't remove regex indentation return '\\[' // Opening bracket. . '(\\[?)' // 1: Optional second opening bracket for escaping shortcodes: [[tag]]. . "($tagregexp)" // 2: Shortcode name. . '(?![\\w-])' // Not followed by word character or hyphen. . '(' // 3: Unroll the loop: Inside the opening shortcode tag. . '[^\\]\\/]*' // Not a closing bracket or forward slash. . '(?:' . '\\/(?!\\])' // A forward slash not followed by a closing bracket. . '[^\\]\\/]*' // Not a closing bracket or forward slash. . ')*?' . ')' . '(?:' . '(\\/)' // 4: Self closing tag... . '\\]' // ...and closing bracket. . '|' . '\\]' // Closing bracket. . '(?:' . '(' // 5: Unroll the loop: Optionally, anything between the opening and closing shortcode tags. . '[^\\[]*+' // Not an opening bracket. . '(?:' . '\\[(?!\\/\\2\\])' // An opening bracket not followed by the closing shortcode tag. . '[^\\[]*+' // Not an opening bracket. . ')*+' . ')' . '\\[\\/\\2\\]' // Closing shortcode tag. . ')?' . ')' . '(\\]?)'; // 6: Optional second closing bracket for escaping shortcodes: [[tag]]. // phpcs:enable } /** * Regular Expression callable for do_shortcode() for calling shortcode hook. * * @see get_shortcode_regex() for details of the match array contents. * * @since 2.5.0 * @access private * * @global array $shortcode_tags * * @param array $m { * Regular expression match array. * * @type string $0 Entire matched shortcode text. * @type string $1 Optional second opening bracket for escaping shortcodes. * @type string $2 Shortcode name. * @type string $3 Shortcode arguments list. * @type string $4 Optional self closing slash. * @type string $5 Content of a shortcode when it wraps some content. * @type string $6 Optional second closing bracket for escaping shortcodes. * } * @return string Shortcode output. */ function do_shortcode_tag( $m ) { global $shortcode_tags; // Allow [[foo]] syntax for escaping a tag. if ( '[' === $m[1] && ']' === $m[6] ) { return substr( $m[0], 1, -1 ); } $tag = $m[2]; $attr = shortcode_parse_atts( $m[3] ); if ( ! is_callable( $shortcode_tags[ $tag ] ) ) { _doing_it_wrong( __FUNCTION__, /* translators: %s: Shortcode tag. */ sprintf( __( 'Attempting to parse a shortcode without a valid callback: %s' ), $tag ), '4.3.0' ); return $m[0]; } /** * Filters whether to call a shortcode callback. * * Returning a non-false value from filter will short-circuit the * shortcode generation process, returning that value instead. * * @since 4.7.0 * @since 6.5.0 The `$attr` parameter is always an array. * * @param false|string $output Short-circuit return value. Either false or the value to replace the shortcode with. * @param string $tag Shortcode name. * @param array $attr Shortcode attributes array, can be empty if the original arguments string cannot be parsed. * @param array $m Regular expression match array. */ $return = apply_filters( 'pre_do_shortcode_tag', false, $tag, $attr, $m ); if ( false !== $return ) { return $return; } $content = isset( $m[5] ) ? $m[5] : null; $output = $m[1] . call_user_func( $shortcode_tags[ $tag ], $attr, $content, $tag ) . $m[6]; /** * Filters the output created by a shortcode callback. * * @since 4.7.0 * @since 6.5.0 The `$attr` parameter is always an array. * * @param string $output Shortcode output. * @param string $tag Shortcode name. * @param array $attr Shortcode attributes array, can be empty if the original arguments string cannot be parsed. * @param array $m Regular expression match array. */ return apply_filters( 'do_shortcode_tag', $output, $tag, $attr, $m ); } /** * Searches only inside HTML elements for shortcodes and process them. * * Any [ or ] characters remaining inside elements will be HTML encoded * to prevent interference with shortcodes that are outside the elements. * Assumes $content processed by KSES already. Users with unfiltered_html * capability may get unexpected output if angle braces are nested in tags. * * @since 4.2.3 * * @param string $content Content to search for shortcodes. * @param bool $ignore_html When true, all square braces inside elements will be encoded. * @param array $tagnames List of shortcodes to find. * @return string Content with shortcodes filtered out. */ function do_shortcodes_in_html_tags( $content, $ignore_html, $tagnames ) { // Normalize entities in unfiltered HTML before adding placeholders. $trans = array( '[' => '[', ']' => ']', ); $content = strtr( $content, $trans ); $trans = array( '[' => '[', ']' => ']', ); $pattern = get_shortcode_regex( $tagnames ); $textarr = wp_html_split( $content ); foreach ( $textarr as &$element ) { if ( '' === $element || '<' !== $element[0] ) { continue; } $noopen = ! str_contains( $element, '[' ); $noclose = ! str_contains( $element, ']' ); if ( $noopen || $noclose ) { // This element does not contain shortcodes. if ( $noopen xor $noclose ) { // Need to encode stray '[' or ']' chars. $element = strtr( $element, $trans ); } continue; } if ( $ignore_html || str_starts_with( $element, '