CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
wp_unslash example
/**
* Starts scraping edited file errors.
*
* @since 4.9.0
*/
function wp_start_scraping_edited_file_errors() {
if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) {
return;
}
$key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 );
$nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] );
if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) {
echo "###### wp_scraping_result_start:$key ######";
echo wp_json_encode(
array(
'code' => 'scrape_nonce_failure',
'message' => __( 'Scrape key check failed. Please try again.' ),
)
);
echo "###### wp_scraping_result_end:$key ######";
function wp_start_scraping_edited_file_errors() {
if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) {
return;
}
$key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 );
$nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] );
if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) {
echo "###### wp_scraping_result_start:$key ######";
echo wp_json_encode(
array(
'code' => 'scrape_nonce_failure',
'message' => __( 'Scrape key check failed. Please try again.' ),
)
);
echo "###### wp_scraping_result_end:$key ######";
/** * Displays the search query. * * A simple wrapper to display the "s" parameter in a `GET` URI. This function * should only be used when the_search_query() cannot. * * @since 2.7.0 */
function _admin_search_query() {
echo isset( $_REQUEST['s'] ) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : '';
}
/** * Generic Iframe header for use with Thickbox. * * @since 2.7.0 * * @global string $hook_suffix * @global string $admin_body_class * @global WP_Locale $wp_locale WordPress date and time locale object. * * @param string $title Optional. Title of the Iframe page. Default empty. * @param bool $deprecated Not used. */
$defaults = apply_filters( 'term_exists_default_query_args', $defaults, $term, $taxonomy, $parent_term );
if ( is_int( $term ) ) {
if ( 0 === $term ) {
return 0;
}
$args = wp_parse_args( array( 'include' => array( $term ) ), $defaults );
$terms = get_terms( $args );
} else {
$term = trim( wp_unslash( $term ) );
if ( '' === $term ) {
return null;
}
if ( ! empty( $taxonomy ) && is_numeric( $parent_term ) ) {
$defaults['parent'] = (int) $parent_term;
}
$args = wp_parse_args( array( 'slug' => sanitize_title( $term ) ), $defaults );
$terms = get_terms( $args );
if ( empty( $terms ) || is_wp_error( $terms ) ) {
$blog_meta_defaults = array(
'lang_id' => 1,
'public' => $public,
);
// Handle the language setting for the new site. if ( ! empty( $_POST['WPLANG'] ) ) {
$languages = signup_get_available_languages();
if ( in_array( $_POST['WPLANG'], $languages, true ) ) {
$language = wp_unslash( sanitize_text_field( $_POST['WPLANG'] ) );
if ( $language ) {
$blog_meta_defaults['WPLANG'] = $language;
}
}
}
/** * Filters the new site meta variables. * * Use the {@see 'add_signup_meta'} filter instead. * * @since MU (3.0.0) * @deprecated 3.0.0 Use the {@see 'add_signup_meta'} filter instead. * * @param array $blog_meta_defaults An array of default blog meta variables. */
'lang_id' => 1,
'public' => $public,
);
// Handle the language setting for the new site. if ( ! empty( $_POST['WPLANG'] ) ) {
$languages = signup_get_available_languages();
if ( in_array( $_POST['WPLANG'], $languages, true ) ) {
$language = wp_unslash( sanitize_text_field( $_POST['WPLANG'] ) );
if ( $language ) {
$blog_meta_defaults['WPLANG'] = $language;
}
}
}
/** * Filters the new site meta variables. * * Use the {@see 'add_signup_meta'} filter instead. * * @since MU (3.0.0) * @deprecated 3.0.0 Use the {@see 'add_signup_meta'} filter instead. * * @param array $blog_meta_defaults An array of default blog meta variables. */
public function prepare_items() {
require ABSPATH . 'wp-admin/includes/theme-install.php';
global $tabs, $tab, $paged, $type, $theme_field_defaults;
wp_reset_vars( array( 'tab' ) );
$search_terms = array();
$search_string = '';
if ( ! empty( $_REQUEST['s'] ) ) {
$search_string = strtolower( wp_unslash( $_REQUEST['s'] ) );
$search_terms = array_unique( array_filter( array_map( 'trim', explode( ',', $search_string ) ) ) );
}
if ( ! empty( $_REQUEST['features'] ) ) {
$this->features = $_REQUEST['features'];
}
$paged = $this->get_pagenum();
$per_page = 36;
$submenu['themes.php'][6] = array( _x( 'Editor', 'site editor menu item' ), 'edit_theme_options', 'site-editor.php' );
}
if ( ! wp_is_block_theme() && current_theme_supports( 'block-template-parts' ) ) {
$submenu['themes.php'][6] = array(
__( 'Template Parts' ),
'edit_theme_options',
'site-editor.php?path=/wp_template_part/all',
);
}
$customize_url = add_query_arg( 'return', urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ), 'customize.php' );
// Hide Customize link on block themes unless a plugin or theme // is using 'customize_register' to add a setting. if ( ! wp_is_block_theme() || has_action( 'customize_register' ) ) {
$position = ( wp_is_block_theme() || current_theme_supports( 'block-template-parts' ) ) ? 7 : 6;
$submenu['themes.php'][ $position ] = array( __( 'Customize' ), 'customize', esc_url( $customize_url ), '', 'hide-if-no-customize' );
}
if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
$submenu['themes.php'][10] = array( __( 'Menus' ), 'edit_theme_options', 'nav-menus.php' );
}
}
if ( ! wp_is_block_theme() && current_theme_supports( 'block-template-parts' ) ) {
$submenu['themes.php'][6] = array(
__( 'Template Parts' ),
'edit_theme_options',
'site-editor.php?path=/wp_template_part/all',
);
}
$customize_url = add_query_arg( 'return', urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ), 'customize.php' );
// Hide Customize link on block themes unless a plugin or theme // is using 'customize_register' to add a setting. if ( ! wp_is_block_theme() || has_action( 'customize_register' ) ) {
$position = ( wp_is_block_theme() || current_theme_supports( 'block-template-parts' ) ) ? 7 : 6;
$submenu['themes.php'][ $position ] = array( __( 'Customize' ), 'customize', esc_url( $customize_url ), '', 'hide-if-no-customize' );
}
if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
$submenu['themes.php'][10] = array( __( 'Menus' ), 'edit_theme_options', 'nav-menus.php' );
}
if ( ! is_customize_preview() ) {
wp_send_json_error( 'expected_customize_preview', 403 );
} elseif ( ! isset( $_POST['partials'] ) ) {
wp_send_json_error( 'missing_partials', 400 );
}
// Ensure that doing selective refresh on 404 template doesn't result in fallback rendering behavior (full refreshes). status_header( 200 );
$partials = json_decode( wp_unslash( $_POST['partials'] ), true );
if ( ! is_array( $partials ) ) {
wp_send_json_error( 'malformed_partials' );
}
$this->add_dynamic_partials( array_keys( $partials ) );
/** * Fires immediately before partials are rendered. * * Plugins may do things like call wp_enqueue_scripts() and gather a list of the scripts * and styles which may get enqueued in the response. * * @since 4.5.0 * * @param WP_Customize_Selective_Refresh $refresh Selective refresh component. * @param array $partials Placements' context data for the partials rendered in the request. * The array is keyed by partial ID, with each item being an array of * the placements' context data. */
$wp_last_modified = gmdate( $date_format );
}
$wp_last_modified .= ' GMT';
$wp_etag = '"' . md5( $wp_last_modified ) . '"';
$headers['Last-Modified'] = $wp_last_modified;
$headers['ETag'] = $wp_etag;
// Support for conditional GET. if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) {
$client_etag = wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] );
} else {
$client_etag = false;
}
$client_last_modified = empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ? '' : trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
// If string is empty, return 0. If not, attempt to parse into a timestamp. $client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;
// Make a timestamp for our most recent modification.. $wp_modified_timestamp = strtotime( $wp_last_modified );
}
$wp_last_modified .= ' GMT';
$wp_etag = '"' . md5( $wp_last_modified ) . '"';
$headers['Last-Modified'] = $wp_last_modified;
$headers['ETag'] = $wp_etag;
// Support for conditional GET. if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) {
$client_etag = wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] );
} else {
$client_etag = false;
}
$client_last_modified = empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ? '' : trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
// If string is empty, return 0. If not, attempt to parse into a timestamp. $client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;
// Make a timestamp for our most recent modification.. $wp_modified_timestamp = strtotime( $wp_last_modified );
update_option( 'siteurl', $siteurl );
update_option( 'home', $home );
if ( get_site_option( 'ms_files_rewriting' ) ) {
update_option( 'upload_path', UPLOADBLOGSDIR . "/$blog_id/files" );
} else {
update_option( 'upload_path', get_blog_option( get_network()->site_id, 'upload_path' ) );
}
update_option( 'blogname', wp_unslash( $blog_title ) );
update_option( 'admin_email', '' );
// Remove all permissions. $table_prefix = $wpdb->get_blog_prefix();
delete_metadata( 'user', 0, $table_prefix . 'user_level', null, true ); // Delete all. delete_metadata( 'user', 0, $table_prefix . 'capabilities', null, true ); // Delete all. }
/** * Set blog defaults. * * This function creates a row in the wp_blogs table. * * @since MU (3.0.0) * @deprecated MU * @deprecated Use wp_install_defaults() * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $blog_id Ignored in this function. * @param int $user_id */
break;
default:
$screen = get_current_screen()->id;
/** This action is documented in wp-admin/edit.php */
$location = apply_filters( "handle_bulk_actions-{$screen}", $location, $doaction, $post_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores }
wp_redirect( $location );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
$wp_list_table->prepare_items();
// Used in the HTML title tag. $title = __( 'Media Library' );
$parent_file = 'upload.php';
wp_enqueue_script( 'media' );
default:
$screen = get_current_screen()->id;
/** This action is documented in wp-admin/edit.php */
$location = apply_filters( "handle_bulk_actions-{$screen}", $location, $doaction, $post_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores }
wp_redirect( $location );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
$wp_list_table->prepare_items();
// Used in the HTML title tag. $title = __( 'Media Library' );
$parent_file = 'upload.php';
wp_enqueue_script( 'media' );
<input type="hidden" name="language" value="<?php echo esc_attr( $language ); ?>" />
<p class="step"><input name="submit" type="submit" value="<?php echo htmlspecialchars( __( 'Submit' ), ENT_QUOTES ); ?>" class="button button-large" /></p>
</form>
<?php
wp_print_scripts( 'password-toggle' );
break;
case 2:
load_default_textdomain( $language );
$GLOBALS['wp_locale'] = new WP_Locale();
$dbname = trim( wp_unslash( $_POST['dbname'] ) );
$uname = trim( wp_unslash( $_POST['uname'] ) );
$pwd = trim( wp_unslash( $_POST['pwd'] ) );
$dbhost = trim( wp_unslash( $_POST['dbhost'] ) );
$prefix = trim( wp_unslash( $_POST['prefix'] ) );
$step_1 = 'setup-config.php?step=1';
$install = 'install.php';
if ( isset( $_REQUEST['noapi'] ) ) {
$step_1 .= '&noapi';
}
break;
case 2:
load_default_textdomain( $language );
$GLOBALS['wp_locale'] = new WP_Locale();
$dbname = trim( wp_unslash( $_POST['dbname'] ) );
$uname = trim( wp_unslash( $_POST['uname'] ) );
$pwd = trim( wp_unslash( $_POST['pwd'] ) );
$dbhost = trim( wp_unslash( $_POST['dbhost'] ) );
$prefix = trim( wp_unslash( $_POST['prefix'] ) );
$step_1 = 'setup-config.php?step=1';
$install = 'install.php';
if ( isset( $_REQUEST['noapi'] ) ) {
$step_1 .= '&noapi';
}
header( 'Allow: POST' );
header( "$protocol 405 Method Not Allowed" );
header( 'Content-Type: text/plain' );
exit;
}
/** Sets up the WordPress Environment. */
require __DIR__ . '/wp-load.php';
nocache_headers();
$comment = wp_handle_comment_submission( wp_unslash( $_POST ) );
if ( is_wp_error( $comment ) ) {
$data = (int) $comment->get_error_data();
if ( ! empty( $data ) ) {
wp_die(
'<p>' . $comment->get_error_message() . '</p>',
__( 'Comment Submission Failure' ),
array(
'response' => $data,
'back_link' => true,
)
);
}
header( "$protocol 405 Method Not Allowed" );
header( 'Content-Type: text/plain' );
exit;
}
/** Sets up the WordPress Environment. */
require __DIR__ . '/wp-load.php';
nocache_headers();
$comment = wp_handle_comment_submission( wp_unslash( $_POST ) );
if ( is_wp_error( $comment ) ) {
$data = (int) $comment->get_error_data();
if ( ! empty( $data ) ) {
wp_die(
'<p>' . $comment->get_error_message() . '</p>',
__( 'Comment Submission Failure' ),
array(
'response' => $data,
'back_link' => true,
)
);
}
$redirect_to = add_query_arg( 'deleted', count( $bulklinks ), $redirect_to );
} else {
$screen = get_current_screen()->id;
/** This action is documented in wp-admin/edit.php */
$redirect_to = apply_filters( "handle_bulk_actions-{$screen}", $redirect_to, $doaction, $bulklinks ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores }
wp_redirect( $redirect_to );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
$wp_list_table->prepare_items();
// Used in the HTML title tag. $title = __( 'Links' );
$this_file = 'link-manager.php';
$parent_file = $this_file;
get_current_screen()->add_help_tab(
} else {
$screen = get_current_screen()->id;
/** This action is documented in wp-admin/edit.php */
$redirect_to = apply_filters( "handle_bulk_actions-{$screen}", $redirect_to, $doaction, $bulklinks ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores }
wp_redirect( $redirect_to );
exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
exit;
}
$wp_list_table->prepare_items();
// Used in the HTML title tag. $title = __( 'Links' );
$this_file = 'link-manager.php';
$parent_file = $this_file;
get_current_screen()->add_help_tab(
<?php
if ( $_POST ) {
check_admin_referer( 'install-network-1' );
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
// Create network tables. install_network();
$base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
$subdomain_install = allow_subdomain_install() ? ! empty( $_POST['subdomain_install'] ) : false;
if ( ! network_domain_check() ) {
$result = populate_network( 1, get_clean_basedomain(), sanitize_email( $_POST['email'] ), wp_unslash( $_POST['sitename'] ), $base, $subdomain_install );
if ( is_wp_error( $result ) ) {
if ( 1 === count( $result->get_error_codes() ) && 'no_wildcard_dns' === $result->get_error_code() ) {
network_step2( $result );
} else {
network_step1( $result );
}
} else {
network_step2();
}
} else {
network_step2();
}
check_admin_referer( 'install-network-1' );
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
// Create network tables. install_network();
$base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
$subdomain_install = allow_subdomain_install() ? ! empty( $_POST['subdomain_install'] ) : false;
if ( ! network_domain_check() ) {
$result = populate_network( 1, get_clean_basedomain(), sanitize_email( $_POST['email'] ), wp_unslash( $_POST['sitename'] ), $base, $subdomain_install );
if ( is_wp_error( $result ) ) {
if ( 1 === count( $result->get_error_codes() ) && 'no_wildcard_dns' === $result->get_error_code() ) {
network_step2( $result );
} else {
network_step1( $result );
}
} else {
network_step2();
}
} else {
network_step2();
}
function wp_original_referer_field( $display = true, $jump_back_to = 'current' ) {
$ref = wp_get_original_referer();
if ( ! $ref ) {
$ref = ( 'previous' === $jump_back_to ) ? wp_get_referer() : wp_unslash( $_SERVER['REQUEST_URI'] );
}
$orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( $ref ) . '" />';
if ( $display ) {
echo $orig_referer_field;
}
return $orig_referer_field;
}