25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

admin.php 10 KiB

3 년 전
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360
  1. <?php
  2. /**
  3. * WordPress Administration Bootstrap
  4. *
  5. * @package WordPress
  6. * @subpackage Administration
  7. */
  8. /**
  9. * In WordPress Administration Screens
  10. *
  11. * @since 2.3.2
  12. */
  13. if ( ! defined( 'WP_ADMIN' ) ) {
  14. define( 'WP_ADMIN', true );
  15. }
  16. if ( ! defined('WP_NETWORK_ADMIN') )
  17. define('WP_NETWORK_ADMIN', false);
  18. if ( ! defined('WP_USER_ADMIN') )
  19. define('WP_USER_ADMIN', false);
  20. if ( ! WP_NETWORK_ADMIN && ! WP_USER_ADMIN ) {
  21. define('WP_BLOG_ADMIN', true);
  22. }
  23. if ( isset($_GET['import']) && !defined('WP_LOAD_IMPORTERS') )
  24. define('WP_LOAD_IMPORTERS', true);
  25. require_once(dirname(dirname(__FILE__)) . '/wp-load.php');
  26. nocache_headers();
  27. if ( get_option('db_upgraded') ) {
  28. flush_rewrite_rules();
  29. update_option( 'db_upgraded', false );
  30. /**
  31. * Fires on the next page load after a successful DB upgrade.
  32. *
  33. * @since 2.8.0
  34. */
  35. do_action( 'after_db_upgrade' );
  36. } elseif ( get_option('db_version') != $wp_db_version && empty($_POST) ) {
  37. if ( !is_multisite() ) {
  38. wp_redirect( admin_url( 'upgrade.php?_wp_http_referer=' . urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) );
  39. exit;
  40. /**
  41. * Filters whether to attempt to perform the multisite DB upgrade routine.
  42. *
  43. * In single site, the user would be redirected to wp-admin/upgrade.php.
  44. * In multisite, the DB upgrade routine is automatically fired, but only
  45. * when this filter returns true.
  46. *
  47. * If the network is 50 sites or less, it will run every time. Otherwise,
  48. * it will throttle itself to reduce load.
  49. *
  50. * @since 3.0.0
  51. *
  52. * @param bool $do_mu_upgrade Whether to perform the Multisite upgrade routine. Default true.
  53. */
  54. } elseif ( apply_filters( 'do_mu_upgrade', true ) ) {
  55. $c = get_blog_count();
  56. /*
  57. * If there are 50 or fewer sites, run every time. Otherwise, throttle to reduce load:
  58. * attempt to do no more than threshold value, with some +/- allowed.
  59. */
  60. if ( $c <= 50 || ( $c > 50 && mt_rand( 0, (int)( $c / 50 ) ) == 1 ) ) {
  61. require_once( ABSPATH . WPINC . '/http.php' );
  62. $response = wp_remote_get( admin_url( 'upgrade.php?step=1' ), array( 'timeout' => 120, 'httpversion' => '1.1' ) );
  63. /** This action is documented in wp-admin/network/upgrade.php */
  64. do_action( 'after_mu_upgrade', $response );
  65. unset($response);
  66. }
  67. unset($c);
  68. }
  69. }
  70. require_once(ABSPATH . 'wp-admin/includes/admin.php');
  71. auth_redirect();
  72. // Schedule trash collection
  73. if ( ! wp_next_scheduled( 'wp_scheduled_delete' ) && ! wp_installing() )
  74. wp_schedule_event(time(), 'daily', 'wp_scheduled_delete');
  75. set_screen_options();
  76. $date_format = __( 'F j, Y' );
  77. $time_format = __( 'g:i a' );
  78. wp_enqueue_script( 'common' );
  79. /**
  80. * $pagenow is set in vars.php
  81. * $wp_importers is sometimes set in wp-admin/includes/import.php
  82. * The remaining variables are imported as globals elsewhere, declared as globals here
  83. *
  84. * @global string $pagenow
  85. * @global array $wp_importers
  86. * @global string $hook_suffix
  87. * @global string $plugin_page
  88. * @global string $typenow
  89. * @global string $taxnow
  90. */
  91. global $pagenow, $wp_importers, $hook_suffix, $plugin_page, $typenow, $taxnow;
  92. $page_hook = null;
  93. $editing = false;
  94. if ( isset($_GET['page']) ) {
  95. $plugin_page = wp_unslash( $_GET['page'] );
  96. $plugin_page = plugin_basename($plugin_page);
  97. }
  98. if ( isset( $_REQUEST['post_type'] ) && post_type_exists( $_REQUEST['post_type'] ) )
  99. $typenow = $_REQUEST['post_type'];
  100. else
  101. $typenow = '';
  102. if ( isset( $_REQUEST['taxonomy'] ) && taxonomy_exists( $_REQUEST['taxonomy'] ) )
  103. $taxnow = $_REQUEST['taxonomy'];
  104. else
  105. $taxnow = '';
  106. if ( WP_NETWORK_ADMIN )
  107. require(ABSPATH . 'wp-admin/network/menu.php');
  108. elseif ( WP_USER_ADMIN )
  109. require(ABSPATH . 'wp-admin/user/menu.php');
  110. else
  111. require(ABSPATH . 'wp-admin/menu.php');
  112. if ( current_user_can( 'manage_options' ) ) {
  113. wp_raise_memory_limit( 'admin' );
  114. }
  115. /**
  116. * Fires as an admin screen or script is being initialized.
  117. *
  118. * Note, this does not just run on user-facing admin screens.
  119. * It runs on admin-ajax.php and admin-post.php as well.
  120. *
  121. * This is roughly analogous to the more general {@see 'init'} hook, which fires earlier.
  122. *
  123. * @since 2.5.0
  124. */
  125. do_action( 'admin_init' );
  126. if ( isset($plugin_page) ) {
  127. if ( !empty($typenow) )
  128. $the_parent = $pagenow . '?post_type=' . $typenow;
  129. else
  130. $the_parent = $pagenow;
  131. if ( ! $page_hook = get_plugin_page_hook($plugin_page, $the_parent) ) {
  132. $page_hook = get_plugin_page_hook($plugin_page, $plugin_page);
  133. // Back-compat for plugins using add_management_page().
  134. if ( empty( $page_hook ) && 'edit.php' == $pagenow && '' != get_plugin_page_hook($plugin_page, 'tools.php') ) {
  135. // There could be plugin specific params on the URL, so we need the whole query string
  136. if ( !empty($_SERVER[ 'QUERY_STRING' ]) )
  137. $query_string = $_SERVER[ 'QUERY_STRING' ];
  138. else
  139. $query_string = 'page=' . $plugin_page;
  140. wp_redirect( admin_url('tools.php?' . $query_string) );
  141. exit;
  142. }
  143. }
  144. unset($the_parent);
  145. }
  146. $hook_suffix = '';
  147. if ( isset( $page_hook ) ) {
  148. $hook_suffix = $page_hook;
  149. } elseif ( isset( $plugin_page ) ) {
  150. $hook_suffix = $plugin_page;
  151. } elseif ( isset( $pagenow ) ) {
  152. $hook_suffix = $pagenow;
  153. }
  154. set_current_screen();
  155. // Handle plugin admin pages.
  156. if ( isset($plugin_page) ) {
  157. if ( $page_hook ) {
  158. /**
  159. * Fires before a particular screen is loaded.
  160. *
  161. * The load-* hook fires in a number of contexts. This hook is for plugin screens
  162. * where a callback is provided when the screen is registered.
  163. *
  164. * The dynamic portion of the hook name, `$page_hook`, refers to a mixture of plugin
  165. * page information including:
  166. * 1. The page type. If the plugin page is registered as a submenu page, such as for
  167. * Settings, the page type would be 'settings'. Otherwise the type is 'toplevel'.
  168. * 2. A separator of '_page_'.
  169. * 3. The plugin basename minus the file extension.
  170. *
  171. * Together, the three parts form the `$page_hook`. Citing the example above,
  172. * the hook name used would be 'load-settings_page_pluginbasename'.
  173. *
  174. * @see get_plugin_page_hook()
  175. *
  176. * @since 2.1.0
  177. */
  178. do_action( "load-{$page_hook}" );
  179. if (! isset($_GET['noheader']))
  180. require_once(ABSPATH . 'wp-admin/admin-header.php');
  181. /**
  182. * Used to call the registered callback for a plugin screen.
  183. *
  184. * @ignore
  185. * @since 1.5.0
  186. */
  187. do_action( $page_hook );
  188. } else {
  189. if ( validate_file($plugin_page) )
  190. wp_die(__('Invalid plugin page'));
  191. if ( !( file_exists(WP_PLUGIN_DIR . "/$plugin_page") && is_file(WP_PLUGIN_DIR . "/$plugin_page") ) && !( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") && is_file(WPMU_PLUGIN_DIR . "/$plugin_page") ) )
  192. wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page)));
  193. /**
  194. * Fires before a particular screen is loaded.
  195. *
  196. * The load-* hook fires in a number of contexts. This hook is for plugin screens
  197. * where the file to load is directly included, rather than the use of a function.
  198. *
  199. * The dynamic portion of the hook name, `$plugin_page`, refers to the plugin basename.
  200. *
  201. * @see plugin_basename()
  202. *
  203. * @since 1.5.0
  204. */
  205. do_action( "load-{$plugin_page}" );
  206. if ( !isset($_GET['noheader']))
  207. require_once(ABSPATH . 'wp-admin/admin-header.php');
  208. if ( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") )
  209. include(WPMU_PLUGIN_DIR . "/$plugin_page");
  210. else
  211. include(WP_PLUGIN_DIR . "/$plugin_page");
  212. }
  213. include(ABSPATH . 'wp-admin/admin-footer.php');
  214. exit();
  215. } elseif ( isset( $_GET['import'] ) ) {
  216. $importer = $_GET['import'];
  217. if ( ! current_user_can( 'import' ) ) {
  218. wp_die( __( 'Sorry, you are not allowed to import content.' ) );
  219. }
  220. if ( validate_file($importer) ) {
  221. wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
  222. exit;
  223. }
  224. if ( ! isset($wp_importers[$importer]) || ! is_callable($wp_importers[$importer][2]) ) {
  225. wp_redirect( admin_url( 'import.php?invalid=' . $importer ) );
  226. exit;
  227. }
  228. /**
  229. * Fires before an importer screen is loaded.
  230. *
  231. * The dynamic portion of the hook name, `$importer`, refers to the importer slug.
  232. *
  233. * @since 3.5.0
  234. */
  235. do_action( "load-importer-{$importer}" );
  236. $parent_file = 'tools.php';
  237. $submenu_file = 'import.php';
  238. $title = __('Import');
  239. if (! isset($_GET['noheader']))
  240. require_once(ABSPATH . 'wp-admin/admin-header.php');
  241. require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
  242. define('WP_IMPORTING', true);
  243. /**
  244. * Whether to filter imported data through kses on import.
  245. *
  246. * Multisite uses this hook to filter all data through kses by default,
  247. * as a super administrator may be assisting an untrusted user.
  248. *
  249. * @since 3.1.0
  250. *
  251. * @param bool $force Whether to force data to be filtered through kses. Default false.
  252. */
  253. if ( apply_filters( 'force_filtered_html_on_import', false ) ) {
  254. kses_init_filters(); // Always filter imported data with kses on multisite.
  255. }
  256. call_user_func($wp_importers[$importer][2]);
  257. include(ABSPATH . 'wp-admin/admin-footer.php');
  258. // Make sure rules are flushed
  259. flush_rewrite_rules(false);
  260. exit();
  261. } else {
  262. /**
  263. * Fires before a particular screen is loaded.
  264. *
  265. * The load-* hook fires in a number of contexts. This hook is for core screens.
  266. *
  267. * The dynamic portion of the hook name, `$pagenow`, is a global variable
  268. * referring to the filename of the current page, such as 'admin.php',
  269. * 'post-new.php' etc. A complete hook for the latter would be
  270. * 'load-post-new.php'.
  271. *
  272. * @since 2.1.0
  273. */
  274. do_action( "load-{$pagenow}" );
  275. /*
  276. * The following hooks are fired to ensure backward compatibility.
  277. * In all other cases, 'load-' . $pagenow should be used instead.
  278. */
  279. if ( $typenow == 'page' ) {
  280. if ( $pagenow == 'post-new.php' )
  281. do_action( 'load-page-new.php' );
  282. elseif ( $pagenow == 'post.php' )
  283. do_action( 'load-page.php' );
  284. } elseif ( $pagenow == 'edit-tags.php' ) {
  285. if ( $taxnow == 'category' )
  286. do_action( 'load-categories.php' );
  287. elseif ( $taxnow == 'link_category' )
  288. do_action( 'load-edit-link-categories.php' );
  289. } elseif( 'term.php' === $pagenow ) {
  290. do_action( 'load-edit-tags.php' );
  291. }
  292. }
  293. if ( ! empty( $_REQUEST['action'] ) ) {
  294. /**
  295. * Fires when an 'action' request variable is sent.
  296. *
  297. * The dynamic portion of the hook name, `$_REQUEST['action']`,
  298. * refers to the action derived from the `GET` or `POST` request.
  299. *
  300. * @since 2.6.0
  301. */
  302. do_action( 'admin_action_' . $_REQUEST['action'] );
  303. }