/** * WP_Theme Class * * @package WordPress * @subpackage Theme */ final class WP_Theme implements ArrayAccess { /** * Headers for style.css files. * * @static * @access private * @var array */ private static $file_headers = array( 'Name' => 'Theme Name', 'ThemeURI' => 'Theme URI', 'Description' => 'Description', 'Author' => 'Author', 'AuthorURI' => 'Author URI', 'Version' => 'Version', 'Template' => 'Template', 'Status' => 'Status', 'Tags' => 'Tags', 'TextDomain' => 'Text Domain', 'DomainPath' => 'Domain Path', ); /** * Default themes. * * @static * @access private * @var array */ private static $default_themes = array( 'classic' => 'WordPress Classic', 'default' => 'WordPress Default', 'twentyten' => 'Twenty Ten', 'twentyeleven' => 'Twenty Eleven', 'twentytwelve' => 'Twenty Twelve', 'twentythirteen' => 'Twenty Thirteen', 'twentyfourteen' => 'Twenty Fourteen', 'twentyfifteen' => 'Twenty Fifteen', ); /** * Renamed theme tags. * * @static * @access private * @var array */ private static $tag_map = array( 'fixed-width' => 'fixed-layout', 'flexible-width' => 'fluid-layout', ); /** * Absolute path to the theme root, usually wp-content/themes * * @access private * @var string */ private $theme_root; /** * Header data from the theme's style.css file. * * @access private * @var array */ private $headers = array(); /** * Header data from the theme's style.css file after being sanitized. * * @access private * @var array */ private $headers_sanitized; /** * Header name from the theme's style.css after being translated. * * Cached due to sorting functions running over the translated name. * * @access private * @var string */ private $name_translated; /** * Errors encountered when initializing the theme. * * @access private * @var WP_Error */ private $errors; /** * The directory name of the theme's files, inside the theme root. * * In the case of a child theme, this is directory name of the child theme. * Otherwise, 'stylesheet' is the same as 'template'. * * @access private * @var string */ private $stylesheet; /** * The directory name of the theme's files, inside the theme root. * * In the case of a child theme, this is the directory name of the parent theme. * Otherwise, 'template' is the same as 'stylesheet'. * * @access private * @var string */ private $template; /** * A reference to the parent theme, in the case of a child theme. * * @access private * @var WP_Theme */ private $parent; /** * URL to the theme root, usually an absolute URL to wp-content/themes * * @access private * var string */ private $theme_root_uri; /** * Flag for whether the theme's textdomain is loaded. * * @access private * @var bool */ private $textdomain_loaded; /** * Stores an md5 hash of the theme root, to function as the cache key. * * @access private * @var string */ private $cache_hash; /** * Flag for whether the themes cache bucket should be persistently cached. * * Default is false. Can be set with the wp_cache_themes_persistently filter. * * @static * @access private * @var bool */ private static $persistently_cache; /** * Expiration time for the themes cache bucket. * * By default the bucket is not cached, so this value is useless. * * @static * @access private * @var bool */ private static $cache_expiration = 1800; /** * Constructor for WP_Theme. * * @global array $wp_theme_directories * * @param string $theme_dir Directory of the theme within the theme_root. * @param string $theme_root Theme root. * @param WP_Error|void $_child If this theme is a parent theme, the child may be passed for validation purposes. */ public function __construct( $theme_dir, $theme_root, $_child = null ) { global $wp_theme_directories; // Initialize caching on first run. if ( ! isset( self::$persistently_cache ) ) { /** This action is documented in wp-includes/theme.php */ self::$persistently_cache = apply_filters( 'wp_cache_themes_persistently', false, 'WP_Theme' ); if ( self::$persistently_cache ) { wp_cache_add_global_groups( 'themes' ); if ( is_int( self::$persistently_cache ) ) self::$cache_expiration = self::$persistently_cache; } else { wp_cache_add_non_persistent_groups( 'themes' ); } } $this->theme_root = $theme_root; $this->stylesheet = $theme_dir; // Correct a situation where the theme is 'some-directory/some-theme' but 'some-directory' was passed in as part of the theme root instead. if ( ! in_array( $theme_root, (array) $wp_theme_directories ) && in_array( dirname( $theme_root ), (array) $wp_theme_directories ) ) { $this->stylesheet = basename( $this->theme_root ) . '/' . $this->stylesheet; $this->theme_root = dirname( $theme_root ); } $this->cache_hash = md5( $this->theme_root . '/' . $this->stylesheet ); $theme_file = $this->stylesheet . '/style.css'; $cache = $this->cache_get( 'theme' ); if ( is_array( $cache ) ) { foreach ( array( 'errors', 'headers', 'template' ) as $key ) { if ( isset( $cache[ $key ] ) ) $this->$key = $cache[ $key ]; } if ( $this->errors ) return; if ( isset( $cache['theme_root_template'] ) ) $theme_root_template = $cache['theme_root_template']; } elseif ( ! file_exists( $this->theme_root . '/' . $theme_file ) ) { $this->headers['Name'] = $this->stylesheet; if ( ! file_exists( $this->theme_root . '/' . $this->stylesheet ) ) $this->errors = new WP_Error( 'theme_not_found', sprintf( __( 'The theme directory "%s" does not exist.' ), esc_html( $this->stylesheet ) ) ); else $this->errors = new WP_Error( 'theme_no_stylesheet', __( 'Stylesheet is missing.' ) ); $this->template = $this->stylesheet; $this->cache_add( 'theme', array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ) ); if ( ! file_exists( $this->theme_root ) ) // Don't cache this one. $this->errors->add( 'theme_root_missing', __( 'ERROR: The themes directory is either empty or doesn’t exist. Please check your installation.' ) ); return; } elseif ( ! is_readable( $this->theme_root . '/' . $theme_file ) ) { $this->headers['Name'] = $this->stylesheet; $this->errors = new WP_Error( 'theme_stylesheet_not_readable', __( 'Stylesheet is not readable.' ) ); $this->template = $this->stylesheet; $this->cache_add( 'theme', array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ) ); return; } else { $this->headers = get_file_data( $this->theme_root . '/' . $theme_file, self::$file_headers, 'theme' ); // Default themes always trump their pretenders. // Properly identify default themes that are inside a directory within wp-content/themes. if ( $default_theme_slug = array_search( $this->headers['Name'], self::$default_themes ) ) { if ( basename( $this->stylesheet ) != $default_theme_slug ) $this->headers['Name'] .= '/' . $this->stylesheet; } } // (If template is set from cache [and there are no errors], we know it's good.) if ( ! $this->template && ! ( $this->template = $this->headers['Template'] ) ) { $this->template = $this->stylesheet; if ( ! file_exists( $this->theme_root . '/' . $this->stylesheet . '/index.php' ) ) { $this->errors = new WP_Error( 'theme_no_index', __( 'Template is missing.' ) ); $this->cache_add( 'theme', array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ) ); return; } } // If we got our data from cache, we can assume that 'template' is pointing to the right place. if ( ! is_array( $cache ) && $this->template != $this->stylesheet && ! file_exists( $this->theme_root . '/' . $this->template . '/index.php' ) ) { // If we're in a directory of themes inside /themes, look for the parent nearby. // wp-content/themes/directory-of-themes/* $parent_dir = dirname( $this->stylesheet ); if ( '.' != $parent_dir && file_exists( $this->theme_root . '/' . $parent_dir . '/' . $this->template . '/index.php' ) ) { $this->template = $parent_dir . '/' . $this->template; } elseif ( ( $directories = search_theme_directories() ) && isset( $directories[ $this->template ] ) ) { // Look for the template in the search_theme_directories() results, in case it is in another theme root. // We don't look into directories of themes, just the theme root. $theme_root_template = $directories[ $this->template ]['theme_root']; } else { // Parent theme is missing. $this->errors = new WP_Error( 'theme_no_parent', sprintf( __( 'The parent theme is missing. Please install the "%s" parent theme.' ), esc_html( $this->template ) ) ); $this->cache_add( 'theme', array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ) ); $this->parent = new WP_Theme( $this->template, $this->theme_root, $this ); return; } } // Set the parent, if we're a child theme. if ( $this->template != $this->stylesheet ) { // If we are a parent, then there is a problem. Only two generations allowed! Cancel things out. if ( $_child instanceof WP_Theme && $_child->template == $this->stylesheet ) { $_child->parent = null; $_child->errors = new WP_Error( 'theme_parent_invalid', sprintf( __( 'The "%s" theme is not a valid parent theme.' ), esc_html( $_child->template ) ) ); $_child->cache_add( 'theme', array( 'headers' => $_child->headers, 'errors' => $_child->errors, 'stylesheet' => $_child->stylesheet, 'template' => $_child->template ) ); // The two themes actually reference each other with the Template header. if ( $_child->stylesheet == $this->template ) { $this->errors = new WP_Error( 'theme_parent_invalid', sprintf( __( 'The "%s" theme is not a valid parent theme.' ), esc_html( $this->template ) ) ); $this->cache_add( 'theme', array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ) ); } return; } // Set the parent. Pass the current instance so we can do the crazy checks above and assess errors. $this->parent = new WP_Theme( $this->template, isset( $theme_root_template ) ? $theme_root_template : $this->theme_root, $this ); } // We're good. If we didn't retrieve from cache, set it. if ( ! is_array( $cache ) ) { $cache = array( 'headers' => $this->headers, 'errors' => $this->errors, 'stylesheet' => $this->stylesheet, 'template' => $this->template ); // If the parent theme is in another root, we'll want to cache this. Avoids an entire branch of filesystem calls above. if ( isset( $theme_root_template ) ) $cache['theme_root_template'] = $theme_root_template; $this->cache_add( 'theme', $cache ); } } /** * When converting the object to a string, the theme name is returned. * * @return string Theme name, ready for display (translated) */ public function __toString() { return (string) $this->display('Name'); } /** * __isset() magic method for properties formerly returned by current_theme_info() * * @staticvar array $properties * * @return bool */ public function __isset( $offset ) { static $properties = array( 'name', 'title', 'version', 'parent_theme', 'template_dir', 'stylesheet_dir', 'template', 'stylesheet', 'screenshot', 'description', 'author', 'tags', 'theme_root', 'theme_root_uri', ); return in_array( $offset, $properties ); } /** * __get() magic method for properties formerly returned by current_theme_info() * * @return mixed */ public function __get( $offset ) { switch ( $offset ) { case 'name' : case 'title' : return $this->get('Name'); case 'version' : return $this->get('Version'); case 'parent_theme' : return $this->parent() ? $this->parent()->get('Name') : ''; case 'template_dir' : return $this->get_template_directory(); case 'stylesheet_dir' : return $this->get_stylesheet_directory(); case 'template' : return $this->get_template(); case 'stylesheet' : return $this->get_stylesheet(); case 'screenshot' : return $this->get_screenshot( 'relative' ); // 'author' and 'description' did not previously return translated data. case 'description' : return $this->display('Description'); case 'author' : return $this->display('Author'); case 'tags' : return $this->get( 'Tags' ); case 'theme_root' : return $this->get_theme_root(); case 'theme_root_uri' : return $this->get_theme_root_uri(); // For cases where the array was converted to an object. default : return $this->offsetGet( $offset ); } } /** * Method to implement ArrayAccess for keys formerly returned by get_themes() * * @param mixed $offset * @param mixed $value */ public function offsetSet( $offset, $value ) {} /** * Method to implement ArrayAccess for keys formerly returned by get_themes() * * @param mixed $offset */ public function offsetUnset( $offset ) {} /** * Method to implement ArrayAccess for keys formerly returned by get_themes() * * @staticvar array $keys * * @param mixed $offset * @return bool */ public function offsetExists( $offset ) { static $keys = array( 'Name', 'Version', 'Status', 'Title', 'Author', 'Author Name', 'Author URI', 'Description', 'Template', 'Stylesheet', 'Template Files', 'Stylesheet Files', 'Template Dir', 'Stylesheet Dir', 'Screenshot', 'Tags', 'Theme Root', 'Theme Root URI', 'Parent Theme', ); return in_array( $offset, $keys ); } /** * Method to implement ArrayAccess for keys formerly returned by get_themes(). * * Author, Author Name, Author URI, and Description did not previously return * translated data. We are doing so now as it is safe to do. However, as * Name and Title could have been used as the key for get_themes(), both remain * untranslated for back compatibility. This means that ['Name'] is not ideal, * and care should be taken to use $theme->display('Name') to get a properly * translated header. * * @param mixed $offset * @return mixed */ public function offsetGet( $offset ) { switch ( $offset ) { case 'Name' : case 'Title' : // See note above about using translated data. get() is not ideal. // It is only for backwards compatibility. Use display(). return $this->get('Name'); case 'Author' : return $this->display( 'Author'); case 'Author Name' : return $this->display( 'Author', false); case 'Author URI' : return $this->display('AuthorURI'); case 'Description' : return $this->display( 'Description'); case 'Version' : case 'Status' : return $this->get( $offset ); case 'Template' : return $this->get_template(); case 'Stylesheet' : return $this->get_stylesheet(); case 'Template Files' : return $this->get_files( 'php', 1, true ); case 'Stylesheet Files' : return $this->get_files( 'css', 0, false ); case 'Template Dir' : return $this->get_template_directory(); case 'Stylesheet Dir' : return $this->get_stylesheet_directory(); case 'Screenshot' : return $this->get_screenshot( 'relative' ); case 'Tags' : return $this->get('Tags'); case 'Theme Root' : return $this->get_theme_root(); case 'Theme Root URI' : return $this->get_theme_root_uri(); case 'Parent Theme' : return $this->parent() ? $this->parent()->get('Name') : ''; default : return null; } } /** * Returns errors property. * * @since 3.4.0 * @access public * * @return WP_Error|false WP_Error if there are errors, or false. */ public function errors() { return is_wp_error( $this->errors ) ? $this->errors : false; } /** * Whether the theme exists. * * A theme with errors exists. A theme with the error of 'theme_not_found', * meaning that the theme's directory was not found, does not exist. * * @since 3.4.0 * @access public * * @return bool Whether the theme exists. */ public function exists() { return ! ( $this->errors() && in_array( 'theme_not_found', $this->errors()->get_error_codes() ) ); } /** * Returns reference to the parent theme. * * @since 3.4.0 * @access public * * @return WP_Theme|false Parent theme, or false if the current theme is not a child theme. */ public function parent() { return isset( $this->parent ) ? $this->parent : false; } /** * Adds theme data to cache. * * Cache entries keyed by the theme and the type of data. * * @since 3.4.0 * @access private * * @param string $key Type of data to store (theme, screenshot, headers, page_templates) * @param string $data Data to store * @return bool Return value from wp_cache_add() */ private function cache_add( $key, $data ) { return wp_cache_add( $key . '-' . $this->cache_hash, $data, 'themes', self::$cache_expiration ); } /** * Gets theme data from cache. * * Cache entries are keyed by the theme and the type of data. * * @since 3.4.0 * @access private * * @param string $key Type of data to retrieve (theme, screenshot, headers, page_templates) * @return mixed Retrieved data */ private function cache_get( $key ) { return wp_cache_get( $key . '-' . $this->cache_hash, 'themes' ); } /** * Clears the cache for the theme. * * @since 3.4.0 * @access public */ public function cache_delete() { foreach ( array( 'theme', 'screenshot', 'headers', 'page_templates' ) as $key ) wp_cache_delete( $key . '-' . $this->cache_hash, 'themes' ); $this->template = $this->textdomain_loaded = $this->theme_root_uri = $this->parent = $this->errors = $this->headers_sanitized = $this->name_translated = null; $this->headers = array(); $this->__construct( $this->stylesheet, $this->theme_root ); } /** * Get a raw, unformatted theme header. * * The header is sanitized, but is not translated, and is not marked up for display. * To get a theme header for display, use the display() method. * * Use the get_template() method, not the 'Template' header, for finding the template. * The 'Template' header is only good for what was written in the style.css, while * get_template() takes into account where WordPress actually located the theme and * whether it is actually valid. * * @since 3.4.0 * @access public * * @param string $header Theme header. Name, Description, Author, Version, ThemeURI, AuthorURI, Status, Tags. * @return string|false String on success, false on failure. */ public function get( $header ) { if ( ! isset( $this->headers[ $header ] ) ) return false; if ( ! isset( $this->headers_sanitized ) ) { $this->headers_sanitized = $this->cache_get( 'headers' ); if ( ! is_array( $this->headers_sanitized ) ) $this->headers_sanitized = array(); } if ( isset( $this->headers_sanitized[ $header ] ) ) return $this->headers_sanitized[ $header ]; // If themes are a persistent group, sanitize everything and cache it. One cache add is better than many cache sets. if ( self::$persistently_cache ) { foreach ( array_keys( $this->headers ) as $_header ) $this->headers_sanitized[ $_header ] = $this->sanitize_header( $_header, $this->headers[ $_header ] ); $this->cache_add( 'headers', $this->headers_sanitized ); } else { $this->headers_sanitized[ $header ] = $this->sanitize_header( $header, $this->headers[ $header ] ); } return $this->headers_sanitized[ $header ]; } /** * Gets a theme header, formatted and translated for display. * * @since 3.4.0 * @access public * * @param string $header Theme header. Name, Description, Author, Version, ThemeURI, AuthorURI, Status, Tags. * @param bool $markup Optional. Whether to mark up the header. Defaults to true. * @param bool $translate Optional. Whether to translate the header. Defaults to true. * @return string|false Processed header, false on failure. */ public function display( $header, $markup = true, $translate = true ) { $value = $this->get( $header ); if ( false === $value ) { return false; } if ( $translate && ( empty( $value ) || ! $this->load_textdomain() ) ) $translate = false; if ( $translate ) $value = $this->translate_header( $header, $value ); if ( $markup ) $value = $this->markup_header( $header, $value, $translate ); return $value; } /** * Sanitize a theme header. * * @since 3.4.0 * @access private * * @staticvar array $header_tags * @staticvar array $header_tags_with_a * * @param string $header Theme header. Name, Description, Author, Version, ThemeURI, AuthorURI, Status, Tags. * @param string $value Value to sanitize. * @return mixed */ private function sanitize_header( $header, $value ) { switch ( $header ) { case 'Status' : if ( ! $value ) { $value = 'publish'; break; } // Fall through otherwise. case 'Name' : static $header_tags = array( 'abbr' => array( 'title' => true ), 'acronym' => array( 'title' => true ), 'code' => true, 'em' => true, 'strong' => true, ); $value = wp_kses( $value, $header_tags ); break; case 'Author' : // There shouldn't be anchor tags in Author, but some themes like to be challenging. case 'Description' : static $header_tags_with_a = array( 'a' => array( 'href' => true, 'title' => true ), 'abbr' => array( 'title' => true ), 'acronym' => array( 'title' => true ), 'code' => true, 'em' => true, 'strong' => true, ); $value = wp_kses( $value, $header_tags_with_a ); break; case 'ThemeURI' : case 'AuthorURI' : $value = esc_url_raw( $value ); break; case 'Tags' : $value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) ); break; case 'Version' : $value = strip_tags( $value ); break; } return $value; } /** * Mark up a theme header. * * @since 3.4.0 * @access private * * @staticvar string $comma * * @param string $header Theme header. Name, Description, Author, Version, ThemeURI, AuthorURI, Status, Tags. * @param string $value Value to mark up. * @param string $translate Whether the header has been translated. * @return string Value, marked up. */ private function markup_header( $header, $value, $translate ) { switch ( $header ) { case 'Name' : if ( empty( $value ) ) { $value = esc_html( $this->get_stylesheet() ); } break; case 'Description' : $value = wptexturize( $value ); break; case 'Author' : if ( $this->get('AuthorURI') ) { $value = sprintf( '%2$s', $this->display( 'AuthorURI', true, $translate ), $value ); } elseif ( ! $value ) { $value = __( 'Anonymous' ); } break; case 'Tags' : static $comma = null; if ( ! isset( $comma ) ) { /* translators: used between list items, there is a space after the comma */ $comma = __( ', ' ); } $value = implode( $comma, $value ); break; case 'ThemeURI' : case 'AuthorURI' : $value = esc_url( $value ); break; } return $value; } /** * Translate a theme header. * * @since 3.4.0 * @access private * * @staticvar array $tags_list * * @param string $header Theme header. Name, Description, Author, Version, ThemeURI, AuthorURI, Status, Tags. * @param string $value Value to translate. * @return string Translated value. */ private function translate_header( $header, $value ) { switch ( $header ) { case 'Name' : // Cached for sorting reasons. if ( isset( $this->name_translated ) ) return $this->name_translated; $this->name_translated = translate( $value, $this->get('TextDomain' ) ); return $this->name_translated; case 'Tags' : if ( empty( $value ) || ! function_exists( 'get_theme_feature_list' ) ) return $value; static $tags_list; if ( ! isset( $tags_list ) ) { $tags_list = array(); $feature_list = get_theme_feature_list( false ); // No API foreach ( $feature_list as $tags ) $tags_list += $tags; } foreach ( $value as &$tag ) { if ( isset( $tags_list[ $tag ] ) ) { $tag = $tags_list[ $tag ]; } elseif ( isset( self::$tag_map[ $tag ] ) ) { $tag = $tags_list[ self::$tag_map[ $tag ] ]; } } return $value; default : $value = translate( $value, $this->get('TextDomain') ); } return $value; } /** * The directory name of the theme's "stylesheet" files, inside the theme root. * * In the case of a child theme, this is directory name of the child theme. * Otherwise, get_stylesheet() is the same as get_template(). * * @since 3.4.0 * @access public * * @return string Stylesheet */ public function get_stylesheet() { return $this->stylesheet; } /** * The directory name of the theme's "template" files, inside the theme root. * * In the case of a child theme, this is the directory name of the parent theme. * Otherwise, the get_template() is the same as get_stylesheet(). * * @since 3.4.0 * @access public * * @return string Template */ public function get_template() { return $this->template; } /** * Returns the absolute path to the directory of a theme's "stylesheet" files. * * In the case of a child theme, this is the absolute path to the directory * of the child theme's files. * * @since 3.4.0 * @access public * * @return string Absolute path of the stylesheet directory. */ public function get_stylesheet_directory() { if ( $this->errors() && in_array( 'theme_root_missing', $this->errors()->get_error_codes() ) ) return ''; return $this->theme_root . '/' . $this->stylesheet; } /** * Returns the absolute path to the directory of a theme's "template" files. * * In the case of a child theme, this is the absolute path to the directory * of the parent theme's files. * * @since 3.4.0 * @access public * * @return string Absolute path of the template directory. */ public function get_template_directory() { if ( $this->parent() ) $theme_root = $this->parent()->theme_root; else $theme_root = $this->theme_root; return $theme_root . '/' . $this->template; } /** * Returns the URL to the directory of a theme's "stylesheet" files. * * In the case of a child theme, this is the URL to the directory of the * child theme's files. * * @since 3.4.0 * @access public * * @return string URL to the stylesheet directory. */ public function get_stylesheet_directory_uri() { return $this->get_theme_root_uri() . '/' . str_replace( '%2F', '/', rawurlencode( $this->stylesheet ) ); } /** * Returns the URL to the directory of a theme's "template" files. * * In the case of a child theme, this is the URL to the directory of the * parent theme's files. * * @since 3.4.0 * @access public * * @return string URL to the template directory. */ public function get_template_directory_uri() { if ( $this->parent() ) $theme_root_uri = $this->parent()->get_theme_root_uri(); else $theme_root_uri = $this->get_theme_root_uri(); return $theme_root_uri . '/' . str_replace( '%2F', '/', rawurlencode( $this->template ) ); } /** * The absolute path to the directory of the theme root. * * This is typically the absolute path to wp-content/themes. * * @since 3.4.0 * @access public * * @return string Theme root. */ public function get_theme_root() { return $this->theme_root; } /** * Returns the URL to the directory of the theme root. * * This is typically the absolute URL to wp-content/themes. This forms the basis * for all other URLs returned by WP_Theme, so we pass it to the public function * get_theme_root_uri() and allow it to run the theme_root_uri filter. * * @since 3.4.0 * @access public * * @return string Theme root URI. */ public function get_theme_root_uri() { if ( ! isset( $this->theme_root_uri ) ) $this->theme_root_uri = get_theme_root_uri( $this->stylesheet, $this->theme_root ); return $this->theme_root_uri; } /** * Returns the main screenshot file for the theme. * * The main screenshot is called screenshot.png. gif and jpg extensions are also allowed. * * Screenshots for a theme must be in the stylesheet directory. (In the case of child * themes, parent theme screenshots are not inherited.) * * @since 3.4.0 * @access public * * @param string $uri Type of URL to return, either 'relative' or an absolute URI. Defaults to absolute URI. * @return string|false Screenshot file. False if the theme does not have a screenshot. */ public function get_screenshot( $uri = 'uri' ) { $screenshot = $this->cache_get( 'screenshot' ); if ( $screenshot ) { if ( 'relative' == $uri ) return $screenshot; return $this->get_stylesheet_directory_uri() . '/' . $screenshot; } elseif ( 0 === $screenshot ) { return false; } foreach ( array( 'png', 'gif', 'jpg', 'jpeg' ) as $ext ) { if ( file_exists( $this->get_stylesheet_directory() . "/screenshot.$ext" ) ) { $this->cache_add( 'screenshot', 'screenshot.' . $ext ); if ( 'relative' == $uri ) return 'screenshot.' . $ext; return $this->get_stylesheet_directory_uri() . '/' . 'screenshot.' . $ext; } } $this->cache_add( 'screenshot', 0 ); return false; } /** * Return files in the theme's directory. * * @since 3.4.0 * @access public * * @param mixed $type Optional. Array of extensions to return. Defaults to all files (null). * @param int $depth Optional. How deep to search for files. Defaults to a flat scan (0 depth). -1 depth is infinite. * @param bool $search_parent Optional. Whether to return parent files. Defaults to false. * @return array Array of files, keyed by the path to the file relative to the theme's directory, with the values * being absolute paths. */ public function get_files( $type = null, $depth = 0, $search_parent = false ) { $files = (array) self::scandir( $this->get_stylesheet_directory(), $type, $depth ); if ( $search_parent && $this->parent() ) $files += (array) self::scandir( $this->get_template_directory(), $type, $depth ); return $files; } /** * Returns the theme's page templates. * * @since 3.4.0 * @access public * * @param WP_Post|null $post Optional. The post being edited, provided for context. * @return array Array of page templates, keyed by filename, with the value of the translated header name. */ public function get_page_templates( $post = null ) { // If you screw up your current theme and we invalidate your parent, most things still work. Let it slide. if ( $this->errors() && $this->errors()->get_error_codes() !== array( 'theme_parent_invalid' ) ) return array(); $page_templates = $this->cache_get( 'page_templates' ); if ( ! is_array( $page_templates ) ) { $page_templates = array(); $files = (array) $this->get_files( 'php', 1 ); foreach ( $files as $file => $full_path ) { if ( ! preg_match( '|Template Name:(.*)$|mi', file_get_contents( $full_path ), $header ) ) continue; $page_templates[ $file ] = _cleanup_header_comment( $header[1] ); } $this->cache_add( 'page_templates', $page_templates ); } if ( $this->load_textdomain() ) { foreach ( $page_templates as &$page_template ) { $page_template = $this->translate_header( 'Template Name', $page_template ); } } if ( $this->parent() ) $page_templates += $this->parent()->get_page_templates( $post ); /** * Filter list of page templates for a theme. * * This filter does not currently allow for page templates to be added. * * @since 3.9.0 * * @param array $page_templates Array of page templates. Keys are filenames, * values are translated names. * @param WP_Theme $this The theme object. * @param WP_Post|null $post The post being edited, provided for context, or null. */ $return = apply_filters( 'theme_page_templates', $page_templates, $this, $post ); return array_intersect_assoc( $return, $page_templates ); } /** * Scans a directory for files of a certain extension. * * @since 3.4.0 * * @static * @access private * * @param string $path Absolute path to search. * @param array|string|null $extensions Optional. Array of extensions to find, string of a single extension, * or null for all extensions. Default null. * @param int $depth Optional. How many levels deep to search for files. Accepts 0, 1+, or * -1 (infinite depth). Default 0. * @param string $relative_path Optional. The basename of the absolute path. Used to control the * returned path for the found files, particularly when this function * recurses to lower depths. Default empty. * @return array|false Array of files, keyed by the path to the file relative to the `$path` directory prepended * with `$relative_path`, with the values being absolute paths. False otherwise. */ private static function scandir( $path, $extensions = null, $depth = 0, $relative_path = '' ) { if ( ! is_dir( $path ) ) return false; if ( $extensions ) { $extensions = (array) $extensions; $_extensions = implode( '|', $extensions ); } $relative_path = trailingslashit( $relative_path ); if ( '/' == $relative_path ) $relative_path = ''; $results = scandir( $path ); $files = array(); foreach ( $results as $result ) { if ( '.' == $result[0] ) continue; if ( is_dir( $path . '/' . $result ) ) { if ( ! $depth || 'CVS' == $result ) continue; $found = self::scandir( $path . '/' . $result, $extensions, $depth - 1 , $relative_path . $result ); $files = array_merge_recursive( $files, $found ); } elseif ( ! $extensions || preg_match( '~\.(' . $_extensions . ')$~', $result ) ) { $files[ $relative_path . $result ] = $path . '/' . $result; } } return $files; } /** * Loads the theme's textdomain. * * Translation files are not inherited from the parent theme. Todo: if this fails for the * child theme, it should probably try to load the parent theme's translations. * * @since 3.4.0 * @access public * * @return bool True if the textdomain was successfully loaded or has already been loaded. * False if no textdomain was specified in the file headers, or if the domain could not be loaded. */ public function load_textdomain() { if ( isset( $this->textdomain_loaded ) ) return $this->textdomain_loaded; $textdomain = $this->get('TextDomain'); if ( ! $textdomain ) { $this->textdomain_loaded = false; return false; } if ( is_textdomain_loaded( $textdomain ) ) { $this->textdomain_loaded = true; return true; } $path = $this->get_stylesheet_directory(); if ( $domainpath = $this->get('DomainPath') ) $path .= $domainpath; else $path .= '/languages'; $this->textdomain_loaded = load_theme_textdomain( $textdomain, $path ); return $this->textdomain_loaded; } /** * Whether the theme is allowed (multisite only). * * @since 3.4.0 * @access public * * @param string $check Optional. Whether to check only the 'network'-wide settings, the 'site' * settings, or 'both'. Defaults to 'both'. * @param int $blog_id Optional. Ignored if only network-wide settings are checked. Defaults to current blog. * @return bool Whether the theme is allowed for the network. Returns true in single-site. */ public function is_allowed( $check = 'both', $blog_id = null ) { if ( ! is_multisite() ) return true; if ( 'both' == $check || 'network' == $check ) { $allowed = self::get_allowed_on_network(); if ( ! empty( $allowed[ $this->get_stylesheet() ] ) ) return true; } if ( 'both' == $check || 'site' == $check ) { $allowed = self::get_allowed_on_site( $blog_id ); if ( ! empty( $allowed[ $this->get_stylesheet() ] ) ) return true; } return false; } /** * Returns array of stylesheet names of themes allowed on the site or network. * * @since 3.4.0 * * @static * @access public * * @param int $blog_id Optional. Defaults to current blog. * @return array Array of stylesheet names. */ public static function get_allowed( $blog_id = null ) { /** * Filter the array of themes allowed on the site or network. * * @since MU * * @param array $allowed_themes An array of theme stylesheet names. */ $network = (array) apply_filters( 'allowed_themes', self::get_allowed_on_network() ); return $network + self::get_allowed_on_site( $blog_id ); } /** * Returns array of stylesheet names of themes allowed on the network. * * @since 3.4.0 * * @static * @access public * * @staticvar array $allowed_themes * * @return array Array of stylesheet names. */ public static function get_allowed_on_network() { static $allowed_themes; if ( ! isset( $allowed_themes ) ) $allowed_themes = (array) get_site_option( 'allowedthemes' ); return $allowed_themes; } /** * Returns array of stylesheet names of themes allowed on the site. * * @since 3.4.0 * * @static * @access public * * @staticvar array $allowed_themes * * @param int $blog_id Optional. Defaults to current blog. * @return array Array of stylesheet names. */ public static function get_allowed_on_site( $blog_id = null ) { static $allowed_themes = array(); if ( ! $blog_id || ! is_multisite() ) $blog_id = get_current_blog_id(); if ( isset( $allowed_themes[ $blog_id ] ) ) return $allowed_themes[ $blog_id ]; $current = $blog_id == get_current_blog_id(); if ( $current ) { $allowed_themes[ $blog_id ] = get_option( 'allowedthemes' ); } else { switch_to_blog( $blog_id ); $allowed_themes[ $blog_id ] = get_option( 'allowedthemes' ); restore_current_blog(); } // This is all super old MU back compat joy. // 'allowedthemes' keys things by stylesheet. 'allowed_themes' keyed things by name. if ( false === $allowed_themes[ $blog_id ] ) { if ( $current ) { $allowed_themes[ $blog_id ] = get_option( 'allowed_themes' ); } else { switch_to_blog( $blog_id ); $allowed_themes[ $blog_id ] = get_option( 'allowed_themes' ); restore_current_blog(); } if ( ! is_array( $allowed_themes[ $blog_id ] ) || empty( $allowed_themes[ $blog_id ] ) ) { $allowed_themes[ $blog_id ] = array(); } else { $converted = array(); $themes = wp_get_themes(); foreach ( $themes as $stylesheet => $theme_data ) { if ( isset( $allowed_themes[ $blog_id ][ $theme_data->get('Name') ] ) ) $converted[ $stylesheet ] = true; } $allowed_themes[ $blog_id ] = $converted; } // Set the option so we never have to go through this pain again. if ( is_admin() && $allowed_themes[ $blog_id ] ) { if ( $current ) { update_option( 'allowedthemes', $allowed_themes[ $blog_id ] ); delete_option( 'allowed_themes' ); } else { switch_to_blog( $blog_id ); update_option( 'allowedthemes', $allowed_themes[ $blog_id ] ); delete_option( 'allowed_themes' ); restore_current_blog(); } } } return (array) $allowed_themes[ $blog_id ]; } /** * Sort themes by name. * * @since 3.4.0 * * @static * @access public */ public static function sort_by_name( &$themes ) { if ( 0 === strpos( get_locale(), 'en_' ) ) { uasort( $themes, array( 'WP_Theme', '_name_sort' ) ); } else { uasort( $themes, array( 'WP_Theme', '_name_sort_i18n' ) ); } } /** * Callback function for usort() to naturally sort themes by name. * * Accesses the Name header directly from the class for maximum speed. * Would choke on HTML but we don't care enough to slow it down with strip_tags(). * * @since 3.4.0 * * @static * @access private * * @return int */ private static function _name_sort( $a, $b ) { return strnatcasecmp( $a->headers['Name'], $b->headers['Name'] ); } /** * Name sort (with translation). * * @since 3.4.0 * * @static * @access private * * @return int */ private static function _name_sort_i18n( $a, $b ) { // Don't mark up; Do translate. return strnatcasecmp( $a->display( 'Name', false, true ), $b->display( 'Name', false, true ) ); } } 转载《跨域资源共享的10种方式》 》 html5jscss

转载《跨域资源共享的10种方式》

在客户端编程语言中,如JavaScript和ActionScript,同源策略是一个很重要的安全理念,它在保证数据的安全性方面有着重要的意义。同 源策略规定跨域之间的脚本是隔离的,一个域的脚本不能访问和操作另外一个域的绝大部分属性和方法。那么什么叫相同域,什么叫不同的域呢?

同源策略

在客户端编程语言中,如JavaScript和ActionScript,同源策略是一个很重要的安全理念,它在保证数据的安全性方面有着重要的意义。同源策略规定跨域之间的脚本是隔离的,一个域的脚本不能访问和操作另外一个域的绝大部分属性和方法

那么什么叫相同域,什么叫不同的域呢?当两个域具有相同的协议(如http), 相同的端口(如80),相同的host(如www.example.org),那么我们就可以认为它们是相同的域。比如http://www.example.org/和http://www.example.org/sub/是同域,而http://www.example.org, https://www.example.org, http://www.example.org:8080, http://sub.example.org中的任何两个都将构成跨域。同源策略还应该对一些特殊情况做处理,比如限制file协议下脚本的访问权限。本地的HTML文件在浏览器中是通过file协议打开的,如果脚本能通过file协议访问到硬盘上其它任意文件,就会出现安全隐患,目前IE8还有这样的隐患。

受到同源策略的影响,跨域资源共享就会受到制约。但是随着人们的实践和浏览器的进步,目前在跨域请求的技巧上,有很多宝贵经验的沉淀和积累。这里我把跨域资源共享分成两种,一种是单向的数据请求,还有一种是双向的消息通信。接下来我将罗列出常见的一些跨域方式,以下跨域实例的源代码可以从这里获得。

单向跨域

JSONP

JSONP (JSON with Padding)是一个简单高效的跨域方式,HTML中的script标签可以加载并执行其他域的JavaScript,于是我们可以通过script标记来动态加载其他域的资源。例如我要从域A的页面pageA加载域B的数据,那么在域B的页面pageB中我以JavaScript的形式声明pageA需要的数据,然后在pageA中用script标签把pageB加载进来,那么pageB中的脚本就会得以执行。JSONP在此基础上加入了回调函数,pageB加载完之后会执行pageA中定义的函数,所需要的数据会以参数的形式传递给该函数。JSONP易于实现,但是也会存在一些安全隐患,如果第三方的脚本随意地执行,那么它就可以篡改页面内容,截获敏感数据。但是在受信任的双方传递数据,JSONP是非常合适的选择。

Flash URLLoader

Flash有自己的一套安全策略,服务器可以通过crossdomain.xml文件来声明能被哪些域的SWF文件访问,SWF也可以通过API来确定自身能被哪些域的SWF加载。当跨域访问资源时,例如从域www.a.com请求域www.b.com上的数据,我们可以借助Flash来发送HTTP请求。首先,修改域www.b.com上的crossdomain.xml(一般存放在根目录,如果没有需要手动创建) ,把www.a.com加入到白名单。其次,通过Flash URLLoader发送HTTP请求,最后,通过Flash API把响应结果传递给JavaScript。Flash URLLoader是一种很普遍的跨域解决方案,不过需要支持iOS的话,这个方案就无能为力了。

Access Control

Access Control是比较超越的跨域方式,目前只在很少的浏览器中得以支持,这些浏览器可以发送一个跨域的HTTP请求(Firefox, Google Chrome等通过XMLHTTPRequest实现,IE8下通过XDomainRequest实现),请求的响应必须包含一个Access-Control-Allow-Origin的HTTP响应头,该响应头声明了请求域的可访问权限。例如www.a.com对www.b.com下的asset.php发送了一个跨域的HTTP请求,那么asset.php必须加入如下的响应头:

header("Access-Control-Allow-Origin: http://www.a.com");
		

window.name

window对象的name属性是一个很特别的属性,当该window的location变化,然后重新加载,它的name属性可以依然保持不变。那么我们可以在页面A中用iframe加载其他域的页面B,而页面B中用JavaScript把需要传递的数据赋值给window.name,iframe加载完成之后,页面A修改iframe的地址,将其变成同域的一个地址,然后就可以读出window.name的值了。这个方式非常适合单向的数据请求,而且协议简单、安全。不会像JSONP那样不做限制地执行外部脚本。

server proxy

在数据提供方没有提供对JSONP协议或者window.name协议的支持,也没有对其它域开放访问权限时,我们可以通过server proxy的方式来抓取数据。例如当www.a.com域下的页面需要请求www.b.com下的资源文件asset.txt时,直接发送一个指向www.b.com/asset.txt的ajax请求肯定是会被浏览器阻止。这时,我们在www.a.com下配一个代理,然后把ajax请求绑定到这个代理路径下,例如www.a.com/proxy/, 然后这个代理发送HTTP请求访问www.b.com下的asset.txt,跨域的HTTP请求是在服务器端进行的,客户端并没有产生跨域的ajax请求。这个跨域方式不需要和目标资源签订协议,带有侵略性,另外需要注意的是实践中应该对这个代理实施一定程度的保护,比如限制他人使用或者使用频率。

双向跨域

document.domain

通过修改document的domain属性,我们可以在域和子域或者不同的子域之间通信。同域策略认为域和子域隶属于不同的域,比如www.a.com和sub.a.com是不同的域,这时,我们无法在www.a.com下的页面中调用sub.a.com中定义的JavaScript方法。但是当我们把它们document的domain属性都修改为a.com,浏览器就会认为它们处于同一个域下,那么我们就可以互相调用对方的method来通信了。

FIM – Fragment Identitier Messaging

不同的域之间,JavaScript只能做很有限的访问和操作,其实我们利用这些有限的访问权限就可以达到跨域通信的目的了。FIM (Fragment Identitier Messaging)就是在这个大前提下被发明的。父窗口可以对iframe进行URL读写,iframe也可以读写父窗口的URL,URL有一部分被称为frag,就是#号及其后面的字符,它一般用于浏览器锚点定位,Server端并不关心这部分,应该说HTTP请求过程中不会携带frag,所以这部分的修改不会产生HTTP请求,但是会产生浏览器历史记录。FIM的原理就是改变URL的frag部分来进行双向通信。每个window通过改变其他window的location来发送消息,并通过监听自己的URL的变化来接收消息。这个方式的通信会造成一些不必要的浏览器历史记录,而且有些浏览器不支持onhashchange事件,需要轮询来获知URL的改变,最后,URL在浏览器下有长度限制,这个制约了每次传送的数据量。

Flash LocalConnection

页面上的双向通信也可以通过Flash来解决,Flash API中有LocalConnection这个类,该类允许两个SWF之间通过进程通信,这时SWF可以播放在独立的Flash Player或者AIR中,也可以嵌在HTML页面或者是PDF中。遵循这个通信原则,我们可以在不同域的HTML页面各自嵌套一个SWF来达到相互传递数据的目的了。SWF通过LocalConnection交换数据是很快的,但是每次的数据量有40kb的大小限制。用这种方式来跨域通信过于复杂,而且需要了2个SWF文件,实用性不强。

window.postMessage

window.postMessage是HTML5定义的一个很新的方法,这个方法可以很方便地跨window通信。由于它是一个很新的方法,所以在很旧和比较旧的浏览器中都无法使用。

Cross Frame

Cross Frame是FIM的一个变种,它借助了一个空白的iframe,不会产生多余的浏览器历史记录,也不需要轮询URL的改变,在可用性和性能上都做了很大的改观。它的基本原理大致是这样的,假设在域www.a.com上有页面A.html和一个空白代理页面proxyA.html, 另一个域www.b.com上有个页面B.html和一个空白代理页面proxyB.html,A.html需要向B.html中发送消息时,页面会创建一个隐藏的iframe, iframe的src指向proxyB.html并把message作为URL frag,由于B.html和proxyB.html是同域,所以在iframe加载完成之后,B.html可以获得iframe的URL,然后解析出message,并移除该iframe。当B.html需要向A.html发送消息时,原理一样。Cross Frame是很好的双向通信方式,而且安全高效,但是它在Opera中无法使用,不过在Opera下面我们可以使用更简单的window.postMessage来代替。

总结

跨域的方法很多,不同的应用场景我们都可以找到一个最合适的解决方案。比如单向的数据请求,我们应该优先选择JSONP或者window.name,双向通信我们采取Cross Frame,在未与数据提供方没有达成通信协议的情况下我们也可以用server proxy的方式来抓取数据。

转载地址

本文源链接:http://www.html5jscss.com/10-ways-cross-domain.html

转载请注明《转载《跨域资源共享的10种方式》》| html5jscss

评论关闭了.