_mod_allowed', ! defined( 'DISALLOW_FILE_MODS' ) || ! DISALLOW_FILE_MODS, $context ); } /** * Start scraping edited file errors. * * @since 4.9.0 */ function wp_start_scraping_edited_file_errors() { if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) { return; } $key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 ); $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] ); if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) { echo "###### wp_scraping_result_start:$key ######"; echo wp_json_encode( array( 'code' => 'scrape_nonce_failure', 'message' => __( 'Scrape key check failed. Please try again.' ), ) ); echo "###### wp_scraping_result_end:$key ######"; die(); } if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) { define( 'WP_SANDBOX_SCRAPING', true ); } register_shutdown_function( 'wp_finalize_scraping_edited_file_errors', $key ); } /** * Finalize scraping for edited file errors. * * @since 4.9.0 * * @param string $scrape_key Scrape key. */ function wp_finalize_scraping_edited_file_errors( $scrape_key ) { $error = error_get_last(); echo "\n###### wp_scraping_result_start:$scrape_key ######\n"; if ( ! empty( $error ) && in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) ) { $error = str_replace( ABSPATH, '', $error ); echo wp_json_encode( $error ); } else { echo wp_json_encode( true ); } echo "\n###### wp_scraping_result_end:$scrape_key ######\n"; } /** * Checks whether current request is a JSON request, or is expecting a JSON response. * * @since 5.0.0 * * @return bool True if `Accepts` or `Content-Type` headers contain `application/json`. * False otherwise. */ function wp_is_json_request() { if ( isset( $_SERVER['HTTP_ACCEPT'] ) && wp_is_json_media_type( $_SERVER['HTTP_ACCEPT'] ) ) { return true; } if ( isset( $_SERVER['CONTENT_TYPE'] ) && wp_is_json_media_type( $_SERVER['CONTENT_TYPE'] ) ) { return true; } return false; } /** * Checks whether current request is a JSONP request, or is expecting a JSONP response. * * @since 5.2.0 * * @return bool True if JSONP request, false otherwise. */ function wp_is_jsonp_request() { if ( ! isset( $_GET['_jsonp'] ) ) { return false; } if ( ! function_exists( 'wp_check_jsonp_callback' ) ) { require_once ABSPATH . WPINC . '/functions.php'; } $jsonp_callback = $_GET['_jsonp']; if ( ! wp_check_jsonp_callback( $jsonp_callback ) ) { return false; } /** This filter is documented in wp-includes/rest-api/class-wp-rest-server.php */ $jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true ); return $jsonp_enabled; } /** * Checks whether a string is a valid JSON Media Type. * * @since 5.6.0 * * @param string $media_type A Media Type string to check. * @return bool True if string is a valid JSON Media Type. */ function wp_is_json_media_type( $media_type ) { static $cache = array(); if ( ! isset( $cache[ $media_type ] ) ) { $cache[ $media_type ] = (bool) preg_match( '/(^|\s|,)application\/([\w!#\$&-\^\.\+]+\+)?json(\+oembed)?($|\s|;|,)/i', $media_type ); } return $cache[ $media_type ]; } /** * Checks whether current request is an XML request, or is expecting an XML response. * * @since 5.2.0 * * @return bool True if `Accepts` or `Content-Type` headers contain `text/xml` * or one of the related MIME types. False otherwise. */ function wp_is_xml_request() { $accepted = array( 'text/xml', 'application/rss+xml', 'application/atom+xml', 'application/rdf+xml', 'text/xml+oembed', 'application/xml+oembed', ); if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) { foreach ( $accepted as $type ) { if ( false !== strpos( $_SERVER['HTTP_ACCEPT'], $type ) ) { return true; } } } if ( isset( $_SERVER['CONTENT_TYPE'] ) && in_array( $_SERVER['CONTENT_TYPE'], $accepted, true ) ) { return true; } return false; } /** * Checks if this site is protected by HTTP Basic Auth. * * At the moment, this merely checks for the present of Basic Auth credentials. Therefore, calling * this function with a context different from the current context may give inaccurate results. * In a future release, this evaluation may be made more robust. * * Currently, this is only used by Application Passwords to prevent a conflict since it also utilizes * Basic Auth. * * @since 5.6.1 * * @global string $pagenow The filename of the current screen. * * @param string $context The context to check for protection. Accepts 'login', 'admin', and 'front'. * Defaults to the current context. * @return bool Whether the site is protected by Basic Auth. */ function wp_is_site_protected_by_basic_auth( $context = '' ) { global $pagenow; if ( ! $context ) { if ( 'wp-login.php' === $pagenow ) { $context = 'login'; } elseif ( is_admin() ) { $context = 'admin'; } else { $context = 'front'; } } $is_protected = ! empty( $_SERVER['PHP_AUTH_USER'] ) || ! empty( $_SERVER['PHP_AUTH_PW'] ); /** * Filters whether a site is protected by HTTP Basic Auth. * * @since 5.6.1 * * @param bool $is_protected Whether the site is protected by Basic Auth. * @param string $context The context to check for protection. One of 'login', 'admin', or 'front'. */ return apply_filters( 'wp_is_site_protected_by_basic_auth', $is_protected, $context ); }