Edit File by line
/home/barbar84/www/wp-admin
File: admin.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* WordPress Administration Bootstrap
[2] Fix | Delete
*
[3] Fix | Delete
* @package WordPress
[4] Fix | Delete
* @subpackage Administration
[5] Fix | Delete
*/
[6] Fix | Delete
[7] Fix | Delete
/**
[8] Fix | Delete
* In WordPress Administration Screens
[9] Fix | Delete
*
[10] Fix | Delete
* @since 2.3.2
[11] Fix | Delete
*/
[12] Fix | Delete
if ( ! defined( 'WP_ADMIN' ) ) {
[13] Fix | Delete
define( 'WP_ADMIN', true );
[14] Fix | Delete
}
[15] Fix | Delete
[16] Fix | Delete
if ( ! defined( 'WP_NETWORK_ADMIN' ) ) {
[17] Fix | Delete
define( 'WP_NETWORK_ADMIN', false );
[18] Fix | Delete
}
[19] Fix | Delete
[20] Fix | Delete
if ( ! defined( 'WP_USER_ADMIN' ) ) {
[21] Fix | Delete
define( 'WP_USER_ADMIN', false );
[22] Fix | Delete
}
[23] Fix | Delete
[24] Fix | Delete
if ( ! WP_NETWORK_ADMIN && ! WP_USER_ADMIN ) {
[25] Fix | Delete
define( 'WP_BLOG_ADMIN', true );
[26] Fix | Delete
}
[27] Fix | Delete
[28] Fix | Delete
if ( isset( $_GET['import'] ) && ! defined( 'WP_LOAD_IMPORTERS' ) ) {
[29] Fix | Delete
define( 'WP_LOAD_IMPORTERS', true );
[30] Fix | Delete
}
[31] Fix | Delete
[32] Fix | Delete
require_once dirname( __DIR__ ) . '/wp-load.php';
[33] Fix | Delete
[34] Fix | Delete
nocache_headers();
[35] Fix | Delete
[36] Fix | Delete
if ( get_option( 'db_upgraded' ) ) {
[37] Fix | Delete
[38] Fix | Delete
flush_rewrite_rules();
[39] Fix | Delete
update_option( 'db_upgraded', false );
[40] Fix | Delete
[41] Fix | Delete
/**
[42] Fix | Delete
* Fires on the next page load after a successful DB upgrade.
[43] Fix | Delete
*
[44] Fix | Delete
* @since 2.8.0
[45] Fix | Delete
*/
[46] Fix | Delete
do_action( 'after_db_upgrade' );
[47] Fix | Delete
[48] Fix | Delete
} elseif ( ! wp_doing_ajax() && empty( $_POST )
[49] Fix | Delete
&& (int) get_option( 'db_version' ) !== $wp_db_version
[50] Fix | Delete
) {
[51] Fix | Delete
[52] Fix | Delete
if ( ! is_multisite() ) {
[53] Fix | Delete
wp_redirect( admin_url( 'upgrade.php?_wp_http_referer=' . urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) );
[54] Fix | Delete
exit;
[55] Fix | Delete
}
[56] Fix | Delete
[57] Fix | Delete
/**
[58] Fix | Delete
* Filters whether to attempt to perform the multisite DB upgrade routine.
[59] Fix | Delete
*
[60] Fix | Delete
* In single site, the user would be redirected to wp-admin/upgrade.php.
[61] Fix | Delete
* In multisite, the DB upgrade routine is automatically fired, but only
[62] Fix | Delete
* when this filter returns true.
[63] Fix | Delete
*
[64] Fix | Delete
* If the network is 50 sites or less, it will run every time. Otherwise,
[65] Fix | Delete
* it will throttle itself to reduce load.
[66] Fix | Delete
*
[67] Fix | Delete
* @since MU (3.0.0)
[68] Fix | Delete
*
[69] Fix | Delete
* @param bool $do_mu_upgrade Whether to perform the Multisite upgrade routine. Default true.
[70] Fix | Delete
*/
[71] Fix | Delete
if ( apply_filters( 'do_mu_upgrade', true ) ) {
[72] Fix | Delete
$c = get_blog_count();
[73] Fix | Delete
[74] Fix | Delete
/*
[75] Fix | Delete
* If there are 50 or fewer sites, run every time. Otherwise, throttle to reduce load:
[76] Fix | Delete
* attempt to do no more than threshold value, with some +/- allowed.
[77] Fix | Delete
*/
[78] Fix | Delete
if ( $c <= 50 || ( $c > 50 && mt_rand( 0, (int) ( $c / 50 ) ) === 1 ) ) {
[79] Fix | Delete
require_once ABSPATH . WPINC . '/http.php';
[80] Fix | Delete
$response = wp_remote_get(
[81] Fix | Delete
admin_url( 'upgrade.php?step=1' ),
[82] Fix | Delete
array(
[83] Fix | Delete
'timeout' => 120,
[84] Fix | Delete
'httpversion' => '1.1',
[85] Fix | Delete
)
[86] Fix | Delete
);
[87] Fix | Delete
/** This action is documented in wp-admin/network/upgrade.php */
[88] Fix | Delete
do_action( 'after_mu_upgrade', $response );
[89] Fix | Delete
unset( $response );
[90] Fix | Delete
}
[91] Fix | Delete
unset( $c );
[92] Fix | Delete
}
[93] Fix | Delete
}
[94] Fix | Delete
[95] Fix | Delete
require_once ABSPATH . 'wp-admin/includes/admin.php';
[96] Fix | Delete
[97] Fix | Delete
auth_redirect();
[98] Fix | Delete
[99] Fix | Delete
// Schedule Trash collection.
[100] Fix | Delete
if ( ! wp_next_scheduled( 'wp_scheduled_delete' ) && ! wp_installing() ) {
[101] Fix | Delete
wp_schedule_event( time(), 'daily', 'wp_scheduled_delete' );
[102] Fix | Delete
}
[103] Fix | Delete
[104] Fix | Delete
// Schedule transient cleanup.
[105] Fix | Delete
if ( ! wp_next_scheduled( 'delete_expired_transients' ) && ! wp_installing() ) {
[106] Fix | Delete
wp_schedule_event( time(), 'daily', 'delete_expired_transients' );
[107] Fix | Delete
}
[108] Fix | Delete
[109] Fix | Delete
set_screen_options();
[110] Fix | Delete
[111] Fix | Delete
$date_format = __( 'F j, Y' );
[112] Fix | Delete
$time_format = __( 'g:i a' );
[113] Fix | Delete
[114] Fix | Delete
wp_enqueue_script( 'common' );
[115] Fix | Delete
[116] Fix | Delete
/**
[117] Fix | Delete
* $pagenow is set in vars.php
[118] Fix | Delete
* $wp_importers is sometimes set in wp-admin/includes/import.php
[119] Fix | Delete
* The remaining variables are imported as globals elsewhere, declared as globals here
[120] Fix | Delete
*
[121] Fix | Delete
* @global string $pagenow
[122] Fix | Delete
* @global array $wp_importers
[123] Fix | Delete
* @global string $hook_suffix
[124] Fix | Delete
* @global string $plugin_page
[125] Fix | Delete
* @global string $typenow
[126] Fix | Delete
* @global string $taxnow
[127] Fix | Delete
*/
[128] Fix | Delete
global $pagenow, $wp_importers, $hook_suffix, $plugin_page, $typenow, $taxnow;
[129] Fix | Delete
[130] Fix | Delete
$page_hook = null;
[131] Fix | Delete
[132] Fix | Delete
$editing = false;
[133] Fix | Delete
[134] Fix | Delete
if ( isset( $_GET['page'] ) ) {
[135] Fix | Delete
$plugin_page = wp_unslash( $_GET['page'] );
[136] Fix | Delete
$plugin_page = plugin_basename( $plugin_page );
[137] Fix | Delete
}
[138] Fix | Delete
[139] Fix | Delete
if ( isset( $_REQUEST['post_type'] ) && post_type_exists( $_REQUEST['post_type'] ) ) {
[140] Fix | Delete
$typenow = $_REQUEST['post_type'];
[141] Fix | Delete
} else {
[142] Fix | Delete
$typenow = '';
[143] Fix | Delete
}
[144] Fix | Delete
[145] Fix | Delete
if ( isset( $_REQUEST['taxonomy'] ) && taxonomy_exists( $_REQUEST['taxonomy'] ) ) {
[146] Fix | Delete
$taxnow = $_REQUEST['taxonomy'];
[147] Fix | Delete
} else {
[148] Fix | Delete
$taxnow = '';
[149] Fix | Delete
}
[150] Fix | Delete
[151] Fix | Delete
if ( WP_NETWORK_ADMIN ) {
[152] Fix | Delete
require ABSPATH . 'wp-admin/network/menu.php';
[153] Fix | Delete
} elseif ( WP_USER_ADMIN ) {
[154] Fix | Delete
require ABSPATH . 'wp-admin/user/menu.php';
[155] Fix | Delete
} else {
[156] Fix | Delete
require ABSPATH . 'wp-admin/menu.php';
[157] Fix | Delete
}
[158] Fix | Delete
[159] Fix | Delete
if ( current_user_can( 'manage_options' ) ) {
[160] Fix | Delete
wp_raise_memory_limit( 'admin' );
[161] Fix | Delete
}
[162] Fix | Delete
[163] Fix | Delete
/**
[164] Fix | Delete
* Fires as an admin screen or script is being initialized.
[165] Fix | Delete
*
[166] Fix | Delete
* Note, this does not just run on user-facing admin screens.
[167] Fix | Delete
* It runs on admin-ajax.php and admin-post.php as well.
[168] Fix | Delete
*
[169] Fix | Delete
* This is roughly analogous to the more general {@see 'init'} hook, which fires earlier.
[170] Fix | Delete
*
[171] Fix | Delete
* @since 2.5.0
[172] Fix | Delete
*/
[173] Fix | Delete
do_action( 'admin_init' );
[174] Fix | Delete
[175] Fix | Delete
if ( isset( $plugin_page ) ) {
[176] Fix | Delete
if ( ! empty( $typenow ) ) {
[177] Fix | Delete
$the_parent = $pagenow . '?post_type=' . $typenow;
[178] Fix | Delete
} else {
[179] Fix | Delete
$the_parent = $pagenow;
[180] Fix | Delete
}
[181] Fix | Delete
[182] Fix | Delete
$page_hook = get_plugin_page_hook( $plugin_page, $the_parent );
[183] Fix | Delete
if ( ! $page_hook ) {
[184] Fix | Delete
$page_hook = get_plugin_page_hook( $plugin_page, $plugin_page );
[185] Fix | Delete
[186] Fix | Delete
// Back-compat for plugins using add_management_page().
[187] Fix | Delete
if ( empty( $page_hook ) && 'edit.php' === $pagenow && get_plugin_page_hook( $plugin_page, 'tools.php' ) ) {
[188] Fix | Delete
// There could be plugin specific params on the URL, so we need the whole query string.
[189] Fix | Delete
if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
[190] Fix | Delete
$query_string = $_SERVER['QUERY_STRING'];
[191] Fix | Delete
} else {
[192] Fix | Delete
$query_string = 'page=' . $plugin_page;
[193] Fix | Delete
}
[194] Fix | Delete
wp_redirect( admin_url( 'tools.php?' . $query_string ) );
[195] Fix | Delete
exit;
[196] Fix | Delete
}
[197] Fix | Delete
}
[198] Fix | Delete
unset( $the_parent );
[199] Fix | Delete
}
[200] Fix | Delete
[201] Fix | Delete
$hook_suffix = '';
[202] Fix | Delete
if ( isset( $page_hook ) ) {
[203] Fix | Delete
$hook_suffix = $page_hook;
[204] Fix | Delete
} elseif ( isset( $plugin_page ) ) {
[205] Fix | Delete
$hook_suffix = $plugin_page;
[206] Fix | Delete
} elseif ( isset( $pagenow ) ) {
[207] Fix | Delete
$hook_suffix = $pagenow;
[208] Fix | Delete
}
[209] Fix | Delete
[210] Fix | Delete
set_current_screen();
[211] Fix | Delete
[212] Fix | Delete
// Handle plugin admin pages.
[213] Fix | Delete
if ( isset( $plugin_page ) ) {
[214] Fix | Delete
if ( $page_hook ) {
[215] Fix | Delete
/**
[216] Fix | Delete
* Fires before a particular screen is loaded.
[217] Fix | Delete
*
[218] Fix | Delete
* The load-* hook fires in a number of contexts. This hook is for plugin screens
[219] Fix | Delete
* where a callback is provided when the screen is registered.
[220] Fix | Delete
*
[221] Fix | Delete
* The dynamic portion of the hook name, `$page_hook`, refers to a mixture of plugin
[222] Fix | Delete
* page information including:
[223] Fix | Delete
* 1. The page type. If the plugin page is registered as a submenu page, such as for
[224] Fix | Delete
* Settings, the page type would be 'settings'. Otherwise the type is 'toplevel'.
[225] Fix | Delete
* 2. A separator of '_page_'.
[226] Fix | Delete
* 3. The plugin basename minus the file extension.
[227] Fix | Delete
*
[228] Fix | Delete
* Together, the three parts form the `$page_hook`. Citing the example above,
[229] Fix | Delete
* the hook name used would be 'load-settings_page_pluginbasename'.
[230] Fix | Delete
*
[231] Fix | Delete
* @see get_plugin_page_hook()
[232] Fix | Delete
*
[233] Fix | Delete
* @since 2.1.0
[234] Fix | Delete
*/
[235] Fix | Delete
do_action( "load-{$page_hook}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[236] Fix | Delete
if ( ! isset( $_GET['noheader'] ) ) {
[237] Fix | Delete
require_once ABSPATH . 'wp-admin/admin-header.php';
[238] Fix | Delete
}
[239] Fix | Delete
[240] Fix | Delete
/**
[241] Fix | Delete
* Used to call the registered callback for a plugin screen.
[242] Fix | Delete
*
[243] Fix | Delete
* This hook uses a dynamic hook name, `$page_hook`, which refers to a mixture of plugin
[244] Fix | Delete
* page information including:
[245] Fix | Delete
* 1. The page type. If the plugin page is registered as a submenu page, such as for
[246] Fix | Delete
* Settings, the page type would be 'settings'. Otherwise the type is 'toplevel'.
[247] Fix | Delete
* 2. A separator of '_page_'.
[248] Fix | Delete
* 3. The plugin basename minus the file extension.
[249] Fix | Delete
*
[250] Fix | Delete
* Together, the three parts form the `$page_hook`. Citing the example above,
[251] Fix | Delete
* the hook name used would be 'settings_page_pluginbasename'.
[252] Fix | Delete
*
[253] Fix | Delete
* @see get_plugin_page_hook()
[254] Fix | Delete
*
[255] Fix | Delete
* @since 1.5.0
[256] Fix | Delete
*/
[257] Fix | Delete
do_action( $page_hook );
[258] Fix | Delete
} else {
[259] Fix | Delete
if ( validate_file( $plugin_page ) ) {
[260] Fix | Delete
wp_die( __( 'Invalid plugin page.' ) );
[261] Fix | Delete
}
[262] Fix | Delete
[263] Fix | Delete
if ( ! ( file_exists( WP_PLUGIN_DIR . "/$plugin_page" ) && is_file( WP_PLUGIN_DIR . "/$plugin_page" ) )
[264] Fix | Delete
&& ! ( file_exists( WPMU_PLUGIN_DIR . "/$plugin_page" ) && is_file( WPMU_PLUGIN_DIR . "/$plugin_page" ) )
[265] Fix | Delete
) {
[266] Fix | Delete
/* translators: %s: Admin page generated by a plugin. */
[267] Fix | Delete
wp_die( sprintf( __( 'Cannot load %s.' ), htmlentities( $plugin_page ) ) );
[268] Fix | Delete
}
[269] Fix | Delete
[270] Fix | Delete
/**
[271] Fix | Delete
* Fires before a particular screen is loaded.
[272] Fix | Delete
*
[273] Fix | Delete
* The load-* hook fires in a number of contexts. This hook is for plugin screens
[274] Fix | Delete
* where the file to load is directly included, rather than the use of a function.
[275] Fix | Delete
*
[276] Fix | Delete
* The dynamic portion of the hook name, `$plugin_page`, refers to the plugin basename.
[277] Fix | Delete
*
[278] Fix | Delete
* @see plugin_basename()
[279] Fix | Delete
*
[280] Fix | Delete
* @since 1.5.0
[281] Fix | Delete
*/
[282] Fix | Delete
do_action( "load-{$plugin_page}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[283] Fix | Delete
[284] Fix | Delete
if ( ! isset( $_GET['noheader'] ) ) {
[285] Fix | Delete
require_once ABSPATH . 'wp-admin/admin-header.php';
[286] Fix | Delete
}
[287] Fix | Delete
[288] Fix | Delete
if ( file_exists( WPMU_PLUGIN_DIR . "/$plugin_page" ) ) {
[289] Fix | Delete
include WPMU_PLUGIN_DIR . "/$plugin_page";
[290] Fix | Delete
} else {
[291] Fix | Delete
include WP_PLUGIN_DIR . "/$plugin_page";
[292] Fix | Delete
}
[293] Fix | Delete
}
[294] Fix | Delete
[295] Fix | Delete
require_once ABSPATH . 'wp-admin/admin-footer.php';
[296] Fix | Delete
[297] Fix | Delete
exit;
[298] Fix | Delete
} elseif ( isset( $_GET['import'] ) ) {
[299] Fix | Delete
[300] Fix | Delete
$importer = $_GET['import'];
[301] Fix | Delete
[302] Fix | Delete
if ( ! current_user_can( 'import' ) ) {
[303] Fix | Delete
wp_die( __( 'Sorry, you are not allowed to import content into this site.' ) );
[304] Fix | Delete
}
[305] Fix | Delete
[306] Fix | Delete
if ( validate_file( $importer ) ) {
[307] Fix | Delete
wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
[308] Fix | Delete
exit;
[309] Fix | Delete
}
[310] Fix | Delete
[311] Fix | Delete
if ( ! isset( $wp_importers[ $importer ] ) || ! is_callable( $wp_importers[ $importer ][2] ) ) {
[312] Fix | Delete
wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
[313] Fix | Delete
exit;
[314] Fix | Delete
}
[315] Fix | Delete
[316] Fix | Delete
/**
[317] Fix | Delete
* Fires before an importer screen is loaded.
[318] Fix | Delete
*
[319] Fix | Delete
* The dynamic portion of the hook name, `$importer`, refers to the importer slug.
[320] Fix | Delete
*
[321] Fix | Delete
* @since 3.5.0
[322] Fix | Delete
*/
[323] Fix | Delete
do_action( "load-importer-{$importer}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[324] Fix | Delete
[325] Fix | Delete
$parent_file = 'tools.php';
[326] Fix | Delete
$submenu_file = 'import.php';
[327] Fix | Delete
$title = __( 'Import' );
[328] Fix | Delete
[329] Fix | Delete
if ( ! isset( $_GET['noheader'] ) ) {
[330] Fix | Delete
require_once ABSPATH . 'wp-admin/admin-header.php';
[331] Fix | Delete
}
[332] Fix | Delete
[333] Fix | Delete
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
[334] Fix | Delete
[335] Fix | Delete
define( 'WP_IMPORTING', true );
[336] Fix | Delete
[337] Fix | Delete
/**
[338] Fix | Delete
* Whether to filter imported data through kses on import.
[339] Fix | Delete
*
[340] Fix | Delete
* Multisite uses this hook to filter all data through kses by default,
[341] Fix | Delete
* as a super administrator may be assisting an untrusted user.
[342] Fix | Delete
*
[343] Fix | Delete
* @since 3.1.0
[344] Fix | Delete
*
[345] Fix | Delete
* @param bool $force Whether to force data to be filtered through kses. Default false.
[346] Fix | Delete
*/
[347] Fix | Delete
if ( apply_filters( 'force_filtered_html_on_import', false ) ) {
[348] Fix | Delete
kses_init_filters(); // Always filter imported data with kses on multisite.
[349] Fix | Delete
}
[350] Fix | Delete
[351] Fix | Delete
call_user_func( $wp_importers[ $importer ][2] );
[352] Fix | Delete
[353] Fix | Delete
require_once ABSPATH . 'wp-admin/admin-footer.php';
[354] Fix | Delete
[355] Fix | Delete
// Make sure rules are flushed.
[356] Fix | Delete
flush_rewrite_rules( false );
[357] Fix | Delete
[358] Fix | Delete
exit;
[359] Fix | Delete
} else {
[360] Fix | Delete
/**
[361] Fix | Delete
* Fires before a particular screen is loaded.
[362] Fix | Delete
*
[363] Fix | Delete
* The load-* hook fires in a number of contexts. This hook is for core screens.
[364] Fix | Delete
*
[365] Fix | Delete
* The dynamic portion of the hook name, `$pagenow`, is a global variable
[366] Fix | Delete
* referring to the filename of the current page, such as 'admin.php',
[367] Fix | Delete
* 'post-new.php' etc. A complete hook for the latter would be
[368] Fix | Delete
* 'load-post-new.php'.
[369] Fix | Delete
*
[370] Fix | Delete
* @since 2.1.0
[371] Fix | Delete
*/
[372] Fix | Delete
do_action( "load-{$pagenow}" ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[373] Fix | Delete
[374] Fix | Delete
/*
[375] Fix | Delete
* The following hooks are fired to ensure backward compatibility.
[376] Fix | Delete
* In all other cases, 'load-' . $pagenow should be used instead.
[377] Fix | Delete
*/
[378] Fix | Delete
if ( 'page' === $typenow ) {
[379] Fix | Delete
if ( 'post-new.php' === $pagenow ) {
[380] Fix | Delete
do_action( 'load-page-new.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[381] Fix | Delete
} elseif ( 'post.php' === $pagenow ) {
[382] Fix | Delete
do_action( 'load-page.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[383] Fix | Delete
}
[384] Fix | Delete
} elseif ( 'edit-tags.php' === $pagenow ) {
[385] Fix | Delete
if ( 'category' === $taxnow ) {
[386] Fix | Delete
do_action( 'load-categories.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[387] Fix | Delete
} elseif ( 'link_category' === $taxnow ) {
[388] Fix | Delete
do_action( 'load-edit-link-categories.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[389] Fix | Delete
}
[390] Fix | Delete
} elseif ( 'term.php' === $pagenow ) {
[391] Fix | Delete
do_action( 'load-edit-tags.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
[392] Fix | Delete
}
[393] Fix | Delete
}
[394] Fix | Delete
[395] Fix | Delete
if ( ! empty( $_REQUEST['action'] ) ) {
[396] Fix | Delete
$action = $_REQUEST['action'];
[397] Fix | Delete
[398] Fix | Delete
/**
[399] Fix | Delete
* Fires when an 'action' request variable is sent.
[400] Fix | Delete
*
[401] Fix | Delete
* The dynamic portion of the hook name, `$action`, refers to
[402] Fix | Delete
* the action derived from the `GET` or `POST` request.
[403] Fix | Delete
*
[404] Fix | Delete
* @since 2.6.0
[405] Fix | Delete
*/
[406] Fix | Delete
do_action( "admin_action_{$action}" );
[407] Fix | Delete
}
[408] Fix | Delete
[409] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function