/wp-admin/admin.php

  1. <?php 
  2. /** 
  3. * WordPress Administration Bootstrap 
  4. * 
  5. * @package WordPress 
  6. * @subpackage Administration 
  7. */ 
  8.  
  9. /** 
  10. * In WordPress Administration Screens 
  11. * 
  12. * @since 2.3.2 
  13. */ 
  14. if ( ! defined( 'WP_ADMIN' ) ) { 
  15. define( 'WP_ADMIN', true ); 
  16.  
  17. if ( ! defined('WP_NETWORK_ADMIN') ) 
  18. define('WP_NETWORK_ADMIN', false); 
  19.  
  20. if ( ! defined('WP_USER_ADMIN') ) 
  21. define('WP_USER_ADMIN', false); 
  22.  
  23. if ( ! WP_NETWORK_ADMIN && ! WP_USER_ADMIN ) { 
  24. define('WP_BLOG_ADMIN', true); 
  25.  
  26. if ( isset($_GET['import']) && !defined('WP_LOAD_IMPORTERS') ) 
  27. define('WP_LOAD_IMPORTERS', true); 
  28.  
  29. require_once(dirname(dirname(__FILE__)) . '/wp-load.php'); 
  30.  
  31. nocache_headers(); 
  32.  
  33. if ( get_option('db_upgraded') ) { 
  34. flush_rewrite_rules(); 
  35. update_option( 'db_upgraded', false ); 
  36.  
  37. /** 
  38. * Fires on the next page load after a successful DB upgrade. 
  39. * 
  40. * @since 2.8.0 
  41. */ 
  42. do_action( 'after_db_upgrade' ); 
  43. } elseif ( get_option('db_version') != $wp_db_version && empty($_POST) ) { 
  44. if ( !is_multisite() ) { 
  45. wp_redirect( admin_url( 'upgrade.php?_wp_http_referer=' . urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) ); 
  46. exit; 
  47.  
  48. /** 
  49. * Filters whether to attempt to perform the multisite DB upgrade routine. 
  50. * 
  51. * In single site, the user would be redirected to wp-admin/upgrade.php. 
  52. * In multisite, the DB upgrade routine is automatically fired, but only 
  53. * when this filter returns true. 
  54. * 
  55. * If the network is 50 sites or less, it will run every time. Otherwise,  
  56. * it will throttle itself to reduce load. 
  57. * 
  58. * @since 3.0.0 
  59. * 
  60. * @param bool $do_mu_upgrade Whether to perform the Multisite upgrade routine. Default true. 
  61. */ 
  62. } elseif ( apply_filters( 'do_mu_upgrade', true ) ) { 
  63. $c = get_blog_count(); 
  64.  
  65. /** 
  66. * If there are 50 or fewer sites, run every time. Otherwise, throttle to reduce load: 
  67. * attempt to do no more than threshold value, with some +/- allowed. 
  68. */ 
  69. if ( $c <= 50 || ( $c > 50 && mt_rand( 0, (int)( $c / 50 ) ) == 1 ) ) { 
  70. require_once( ABSPATH . WPINC . '/http.php' ); 
  71. $response = wp_remote_get( admin_url( 'upgrade.php?step=1' ), array( 'timeout' => 120, 'httpversion' => '1.1' ) ); 
  72. /** This action is documented in wp-admin/network/upgrade.php */ 
  73. do_action( 'after_mu_upgrade', $response ); 
  74. unset($response); 
  75. unset($c); 
  76.  
  77. require_once(ABSPATH . 'wp-admin/includes/admin.php'); 
  78.  
  79. auth_redirect(); 
  80.  
  81. // Schedule trash collection 
  82. if ( ! wp_next_scheduled( 'wp_scheduled_delete' ) && ! wp_installing() ) 
  83. wp_schedule_event(time(), 'daily', 'wp_scheduled_delete'); 
  84.  
  85. set_screen_options(); 
  86.  
  87. $date_format = __( 'F j, Y' ); 
  88. $time_format = __( 'g:i a' ); 
  89.  
  90. wp_enqueue_script( 'common' ); 
  91.  
  92.  
  93.  
  94.  
  95. /** 
  96. * $pagenow is set in vars.php 
  97. * $wp_importers is sometimes set in wp-admin/includes/import.php 
  98. * The remaining variables are imported as globals elsewhere, declared as globals here 
  99. * 
  100. * @global string $pagenow 
  101. * @global array $wp_importers 
  102. * @global string $hook_suffix 
  103. * @global string $plugin_page 
  104. * @global string $typenow 
  105. * @global string $taxnow 
  106. */ 
  107. global $pagenow, $wp_importers, $hook_suffix, $plugin_page, $typenow, $taxnow; 
  108.  
  109. $page_hook = null; 
  110.  
  111. $editing = false; 
  112.  
  113. if ( isset($_GET['page']) ) { 
  114. $plugin_page = wp_unslash( $_GET['page'] ); 
  115. $plugin_page = plugin_basename($plugin_page); 
  116.  
  117. if ( isset( $_REQUEST['post_type'] ) && post_type_exists( $_REQUEST['post_type'] ) ) 
  118. $typenow = $_REQUEST['post_type']; 
  119. else 
  120. $typenow = ''; 
  121.  
  122. if ( isset( $_REQUEST['taxonomy'] ) && taxonomy_exists( $_REQUEST['taxonomy'] ) ) 
  123. $taxnow = $_REQUEST['taxonomy']; 
  124. else 
  125. $taxnow = ''; 
  126.  
  127. if ( WP_NETWORK_ADMIN ) 
  128. require(ABSPATH . 'wp-admin/network/menu.php'); 
  129. elseif ( WP_USER_ADMIN ) 
  130. require(ABSPATH . 'wp-admin/user/menu.php'); 
  131. else 
  132. require(ABSPATH . 'wp-admin/menu.php'); 
  133.  
  134. if ( current_user_can( 'manage_options' ) ) { 
  135. wp_raise_memory_limit( 'admin' ); 
  136.  
  137. /** 
  138. * Fires as an admin screen or script is being initialized. 
  139. * 
  140. * Note, this does not just run on user-facing admin screens. 
  141. * It runs on admin-ajax.php and admin-post.php as well. 
  142. * 
  143. * This is roughly analogous to the more general {@see 'init'} hook, which fires earlier. 
  144. * 
  145. * @since 2.5.0 
  146. */ 
  147. do_action( 'admin_init' ); 
  148.  
  149. if ( isset($plugin_page) ) { 
  150. if ( !empty($typenow) ) 
  151. $the_parent = $pagenow . '?post_type=' . $typenow; 
  152. else 
  153. $the_parent = $pagenow; 
  154. if ( ! $page_hook = get_plugin_page_hook($plugin_page, $the_parent) ) { 
  155. $page_hook = get_plugin_page_hook($plugin_page, $plugin_page); 
  156.  
  157. // Back-compat for plugins using add_management_page(). 
  158. if ( empty( $page_hook ) && 'edit.php' == $pagenow && '' != get_plugin_page_hook($plugin_page, 'tools.php') ) { 
  159. // There could be plugin specific params on the URL, so we need the whole query string 
  160. if ( !empty($_SERVER[ 'QUERY_STRING' ]) ) 
  161. $query_string = $_SERVER[ 'QUERY_STRING' ]; 
  162. else 
  163. $query_string = 'page=' . $plugin_page; 
  164. wp_redirect( admin_url('tools.php?' . $query_string) ); 
  165. exit; 
  166. unset($the_parent); 
  167.  
  168. $hook_suffix = ''; 
  169. if ( isset( $page_hook ) ) { 
  170. $hook_suffix = $page_hook; 
  171. } elseif ( isset( $plugin_page ) ) { 
  172. $hook_suffix = $plugin_page; 
  173. } elseif ( isset( $pagenow ) ) { 
  174. $hook_suffix = $pagenow; 
  175.  
  176. set_current_screen(); 
  177.  
  178. // Handle plugin admin pages. 
  179. if ( isset($plugin_page) ) { 
  180. if ( $page_hook ) { 
  181. /** 
  182. * Fires before a particular screen is loaded. 
  183. * 
  184. * The load-* hook fires in a number of contexts. This hook is for plugin screens 
  185. * where a callback is provided when the screen is registered. 
  186. * 
  187. * The dynamic portion of the hook name, `$page_hook`, refers to a mixture of plugin 
  188. * page information including: 
  189. * 1. The page type. If the plugin page is registered as a submenu page, such as for 
  190. * Settings, the page type would be 'settings'. Otherwise the type is 'toplevel'. 
  191. * 2. A separator of '_page_'. 
  192. * 3. The plugin basename minus the file extension. 
  193. * 
  194. * Together, the three parts form the `$page_hook`. Citing the example above,  
  195. * the hook name used would be 'load-settings_page_pluginbasename'. 
  196. * 
  197. * @see get_plugin_page_hook() 
  198. * 
  199. * @since 2.1.0 
  200. */ 
  201. do_action( "load-{$page_hook}" ); 
  202. if (! isset($_GET['noheader'])) 
  203. require_once(ABSPATH . 'wp-admin/admin-header.php'); 
  204.  
  205. /** 
  206. * Used to call the registered callback for a plugin screen. 
  207. * 
  208. * @ignore 
  209. * @since 1.5.0 
  210. */ 
  211. do_action( $page_hook ); 
  212. } else { 
  213. if ( validate_file($plugin_page) ) 
  214. wp_die(__('Invalid plugin page')); 
  215.  
  216. if ( !( file_exists(WP_PLUGIN_DIR . "/$plugin_page") && is_file(WP_PLUGIN_DIR . "/$plugin_page") ) && !( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") && is_file(WPMU_PLUGIN_DIR . "/$plugin_page") ) ) 
  217. wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page))); 
  218.  
  219. /** 
  220. * Fires before a particular screen is loaded. 
  221. * 
  222. * The load-* hook fires in a number of contexts. This hook is for plugin screens 
  223. * where the file to load is directly included, rather than the use of a function. 
  224. * 
  225. * The dynamic portion of the hook name, `$plugin_page`, refers to the plugin basename. 
  226. * 
  227. * @see plugin_basename() 
  228. * 
  229. * @since 1.5.0 
  230. */ 
  231. do_action( "load-{$plugin_page}" ); 
  232.  
  233. if ( !isset($_GET['noheader'])) 
  234. require_once(ABSPATH . 'wp-admin/admin-header.php'); 
  235.  
  236. if ( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") ) 
  237. include(WPMU_PLUGIN_DIR . "/$plugin_page"); 
  238. else 
  239. include(WP_PLUGIN_DIR . "/$plugin_page"); 
  240.  
  241. include(ABSPATH . 'wp-admin/admin-footer.php'); 
  242.  
  243. exit(); 
  244. } elseif ( isset( $_GET['import'] ) ) { 
  245.  
  246. $importer = $_GET['import']; 
  247.  
  248. if ( ! current_user_can( 'import' ) ) { 
  249. wp_die( __( 'Sorry, you are not allowed to import content.' ) ); 
  250.  
  251. if ( validate_file($importer) ) { 
  252. wp_redirect( admin_url( 'import.php?invalid=' . $importer ) ); 
  253. exit; 
  254.  
  255. if ( ! isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2]) ) { 
  256. wp_redirect( admin_url( 'import.php?invalid=' . $importer ) ); 
  257. exit; 
  258.  
  259. /** 
  260. * Fires before an importer screen is loaded. 
  261. * 
  262. * The dynamic portion of the hook name, `$importer`, refers to the importer slug. 
  263. * 
  264. * @since 3.5.0 
  265. */ 
  266. do_action( "load-importer-{$importer}" ); 
  267.  
  268. $parent_file = 'tools.php'; 
  269. $submenu_file = 'import.php'; 
  270. $title = __('Import'); 
  271.  
  272. if (! isset($_GET['noheader'])) 
  273. require_once(ABSPATH . 'wp-admin/admin-header.php'); 
  274.  
  275. require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); 
  276.  
  277. define('WP_IMPORTING', true); 
  278.  
  279. /** 
  280. * Whether to filter imported data through kses on import. 
  281. * 
  282. * Multisite uses this hook to filter all data through kses by default,  
  283. * as a super administrator may be assisting an untrusted user. 
  284. * 
  285. * @since 3.1.0 
  286. * 
  287. * @param bool $force Whether to force data to be filtered through kses. Default false. 
  288. */ 
  289. if ( apply_filters( 'force_filtered_html_on_import', false ) ) { 
  290. kses_init_filters(); // Always filter imported data with kses on multisite. 
  291.  
  292. call_user_func($wp_importers[$importer][2]); 
  293.  
  294. include(ABSPATH . 'wp-admin/admin-footer.php'); 
  295.  
  296. // Make sure rules are flushed 
  297. flush_rewrite_rules(false); 
  298.  
  299. exit(); 
  300. } else { 
  301. /** 
  302. * Fires before a particular screen is loaded. 
  303. * 
  304. * The load-* hook fires in a number of contexts. This hook is for core screens. 
  305. * 
  306. * The dynamic portion of the hook name, `$pagenow`, is a global variable 
  307. * referring to the filename of the current page, such as 'admin.php',  
  308. * 'post-new.php' etc. A complete hook for the latter would be 
  309. * 'load-post-new.php'. 
  310. * 
  311. * @since 2.1.0 
  312. */ 
  313. do_action( "load-{$pagenow}" ); 
  314.  
  315. /** 
  316. * The following hooks are fired to ensure backward compatibility. 
  317. * In all other cases, 'load-' . $pagenow should be used instead. 
  318. */ 
  319. if ( $typenow == 'page' ) { 
  320. if ( $pagenow == 'post-new.php' ) 
  321. do_action( 'load-page-new.php' ); 
  322. elseif ( $pagenow == 'post.php' ) 
  323. do_action( 'load-page.php' ); 
  324. } elseif ( $pagenow == 'edit-tags.php' ) { 
  325. if ( $taxnow == 'category' ) 
  326. do_action( 'load-categories.php' ); 
  327. elseif ( $taxnow == 'link_category' ) 
  328. do_action( 'load-edit-link-categories.php' ); 
  329. } elseif( 'term.php' === $pagenow ) { 
  330. do_action( 'load-edit-tags.php' ); 
  331.  
  332. if ( ! empty( $_REQUEST['action'] ) ) { 
  333. /** 
  334. * Fires when an 'action' request variable is sent. 
  335. * 
  336. * The dynamic portion of the hook name, `$_REQUEST['action']`,  
  337. * refers to the action derived from the `GET` or `POST` request. 
  338. * 
  339. * @since 2.6.0 
  340. */ 
  341. do_action( 'admin_action_' . $_REQUEST['action'] ); 
.