tive_plugins as $plugin ) { if ( ! validate_file( $plugin ) // $plugin must validate as file. && str_ends_with( $plugin, '.php' ) // $plugin must end with '.php'. && file_exists( WP_PLUGIN_DIR . '/' . $plugin ) // $plugin must exist. // Not already included as a network plugin. && ( ! $network_plugins || ! in_array( WP_PLUGIN_DIR . '/' . $plugin, $network_plugins, true ) ) ) { $plugins[] = WP_PLUGIN_DIR . '/' . $plugin; } } /* * Remove plugins from the list of active plugins when we're on an endpoint * that should be protected against WSODs and the plugin is paused. */ if ( wp_is_recovery_mode() ) { $plugins = wp_skip_paused_plugins( $plugins ); } return $plugins; } /** * Filters a given list of plugins, removing any paused plugins from it. * * @since 5.2.0 * * @global WP_Paused_Extensions_Storage $_paused_plugins * * @param string[] $plugins Array of absolute plugin main file paths. * @return string[] Filtered array of plugins, without any paused plugins. */ function wp_skip_paused_plugins( array $plugins ) { $paused_plugins = wp_paused_plugins()->get_all(); if ( empty( $paused_plugins ) ) { return $plugins; } foreach ( $plugins as $index => $plugin ) { list( $plugin ) = explode( '/', plugin_basename( $plugin ) ); if ( array_key_exists( $plugin, $paused_plugins ) ) { unset( $plugins[ $index ] ); // Store list of paused plugins for displaying an admin notice. $GLOBALS['_paused_plugins'][ $plugin ] = $paused_plugins[ $plugin ]; } } return $plugins; } /** * Retrieves an array of active and valid themes. * * While upgrading or installing WordPress, no themes are returned. * * @since 5.1.0 * @access private * * @global string $pagenow The filename of the current screen. * @global string $wp_stylesheet_path Path to current theme's stylesheet directory. * @global string $wp_template_path Path to current theme's template directory. * * @return string[] Array of absolute paths to theme directories. */ function wp_get_active_and_valid_themes() { global $pagenow, $wp_stylesheet_path, $wp_template_path; $themes = array(); if ( wp_installing() && 'wp-activate.php' !== $pagenow ) { return $themes; } if ( is_child_theme() ) { $themes[] = $wp_stylesheet_path; } $themes[] = $wp_template_path; /* * Remove themes from the list of active themes when we're on an endpoint * that should be protected against WSODs and the theme is paused. */ if ( wp_is_recovery_mode() ) { $themes = wp_skip_paused_themes( $themes ); // If no active and valid themes exist, skip loading themes. if ( empty( $themes ) ) { add_filter( 'wp_using_themes', '__return_false' ); } } return $themes; } /** * Filters a given list of themes, removing any paused themes from it. * * @since 5.2.0 * * @global WP_Paused_Extensions_Storage $_paused_themes * * @param string[] $themes Array of absolute theme directory paths. * @return string[] Filtered array of absolute paths to themes, without any paused themes. */ function wp_skip_paused_themes( array $themes ) { $paused_themes = wp_paused_themes()->get_all(); if ( empty( $paused_themes ) ) { return $themes; } foreach ( $themes as $index => $theme ) { $theme = basename( $theme ); if ( array_key_exists( $theme, $paused_themes ) ) { unset( $themes[ $index ] ); // Store list of paused themes for displaying an admin notice. $GLOBALS['_paused_themes'][ $theme ] = $paused_themes[ $theme ]; } } return $themes; } /** * Determines whether WordPress is in Recovery Mode. * * In this mode, plugins or themes that cause WSODs will be paused. * * @since 5.2.0 * * @return bool */ function wp_is_recovery_mode() { return wp_recovery_mode()->is_active(); } /** * Determines whether we are currently on an endpoint that should be protected against WSODs. * * @since 5.2.0 * * @global string $pagenow The filename of the current screen. * * @return bool True if the current endpoint should be protected. */ function is_protected_endpoint() { // Protect login pages. if ( isset( $GLOBALS['pagenow'] ) && 'wp-login.php' === $GLOBALS['pagenow'] ) { return true; } // Protect the admin backend. if ( is_admin() && ! wp_doing_ajax() ) { return true; } // Protect Ajax actions that could help resolve a fatal error should be available. if ( is_protected_ajax_action() ) { return true; } /** * Filters whether the current request is against a protected endpoint. * * This filter is only fired when an endpoint is requested which is not already protected by * WordPress core. As such, it exclusively allows providing further protected endpoints in * addition to the admin backend, login pages and protected Ajax actions. * * @since 5.2.0 * * @param bool $is_protected_endpoint Whether the currently requested endpoint is protected. * Default false. */ return (bool) apply_filters( 'is_protected_endpoint', false ); } /** * Determines whether we are currently handling an Ajax action that should be protected against WSODs. * * @since 5.2.0 * * @return bool True if the current Ajax action should be protected. */ function is_protected_ajax_action() { if ( ! wp_doing_ajax() ) { return false; } if ( ! isset( $_REQUEST['action'] ) ) { return false; } $actions_to_protect = array( 'edit-theme-plugin-file', // Saving changes in the core code editor. 'heartbeat', // Keep the heart beating. 'install-plugin', // Installing a new plugin. 'install-theme', // Installing a new theme. 'search-plugins', // Searching in the list of plugins. 'search-install-plugins', // Searching for a plugin in the plugin install screen. 'update-plugin', // Update an existing plugin. 'update-theme', // Update an existing theme. 'activate-plugin', // Activating an existing plugin. ); /** * Filters the array of protected Ajax actions. * * This filter is only fired when doing Ajax and the Ajax request has an 'action' property. * * @since 5.2.0 * * @param string[] $actions_to_protect Array of strings with Ajax actions to protect. */ $actions_to_protect = (array) apply_filters( 'wp_protected_ajax_actions', $actions_to_protect ); if ( ! in_array( $_REQUEST['action'], $actions_to_protect, true ) ) { return false; } return true; } /** * Sets internal encoding. * * In most cases the default internal encoding is latin1, which is * of no use, since we want to use the `mb_` functions for `utf-8` strings. * * @since 3.0.0 * @access private */ function wp_set_internal_encoding() { if ( function_exists( 'mb_internal_encoding' ) ) { $charset = get_option( 'blog_charset' ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged if ( ! $charset || ! @mb_internal_encoding( $charset ) ) { mb_internal_encoding( 'UTF-8' ); } } } /** * Adds magic quotes to `$_GET`, `$_POST`, `$_COOKIE`, and `$_SERVER`. * * Also forces `$_REQUEST` to be `$_GET + $_POST`. If `$_SERVER`, * `$_COOKIE`, or `$_ENV` are needed, use those superglobals directly. * * @since 3.0.0 * @access private */ function wp_magic_quotes() { // Escape with wpdb. $_GET = add_magic_quotes( $_GET ); $_POST = add_magic_quotes( $_POST ); $_COOKIE = add_magic_quotes( $_COOKIE ); $_SERVER = add_magic_quotes( $_SERVER ); // Force REQUEST to be GET + POST. $_REQUEST = array_merge( $_GET, $_POST ); } /** * Runs just before PHP shuts down execution. * * @since 1.2.0 * @access private */ function shutdown_action_hook() { /** * Fires just before PHP shuts down execution. * * @since 1.2.0 */ do_action( 'shutdown' ); wp_cache_close(); } /** * Clones an object. * * @since 2.7.0 * @deprecated 3.2.0 * * @param object $input_object The object to clone. * @return object The cloned object. */ function wp_clone( $input_object ) { // Use parens for clone to accommodate PHP 4. See #17880. return clone( $input_object ); } /** * Determines whether the current request is for the login screen. * * @since 6.1.0 * * @see wp_login_url() * * @return bool True if inside WordPress login screen, false otherwise. */ function is_login() { return false !== stripos( wp_login_url(), $_SERVER['SCRIPT_NAME'] ); } /** * Determines whether the current request is for an administrative interface page. * * Does not check if the user is an administrator; use current_user_can() * for checking roles and capabilities. * * For more information on this and similar theme functions, check out * the {@link https://developer.wordpress.org/themes/basics/conditional-tags/ * Conditional Tags} article in the Theme Developer Handbook. * * @since 1.5.1 * * @global WP_Screen $current_screen WordPress current screen object. * * @return bool True if inside WordPress administration interface, false otherwise. */ function is_admin() { if ( isset( $GLOBALS['current_screen'] ) ) { return $GLOBALS['current_screen']->in_admin(); } elseif ( defined( 'WP_ADMIN' ) ) { return WP_ADMIN; } return false; } /** * Determines whether the current request is for a site's administrative interface. * * e.g. `/wp-admin/` * * Does not check if the user is an administrator; use current_user_can() * for checking roles and capabilities. * * @since 3.1.0 * * @global WP_Screen $current_screen WordPress current screen object. * * @return bool True if inside WordPress site administration pages. */ function is_blog_admin() { if ( isset( $GLOBALS['current_screen'] ) ) { return $GLOBALS['current_screen']->in_admin( 'site' ); } elseif ( defined( 'WP_BLOG_ADMIN' ) ) { return WP_BLOG_ADMIN; } return false; } /** * Determines whether the current request is for the network administrative interface. * * e.g. `/wp-admin/network/` * * Does not check if the user is an administrator; use current_user_can() * for checking roles and capabilities. * * Does not check if the site is a Multisite network; use is_multisite() * for checking if Multisite is enabled. * * @since 3.1.0 * * @global WP_Screen $current_screen WordPress current screen object. * * @return bool True if inside WordPress network administration pages. */ function is_network_admin() { if ( isset( $GLOBALS['current_screen'] ) ) { return $GLOBALS['current_screen']->in_admin( 'network' ); } elseif ( defined( 'WP_NETWORK_ADMIN' ) ) { return WP_NETWORK_ADMIN; } return false; } /** * Determines whether the current request is for a user admin screen. * * e.g. `/wp-admin/user/` * * Does not check if the user is an administrator; use current_user_can() * for checking roles and capabilities. * * @since 3.1.0 * * @global WP_Screen $current_screen WordPress current screen object. * * @return bool True if inside WordPress user administration pages. */ function is_user_admin() { if ( isset( $GLOBALS['current_screen'] ) ) { return $GLOBALS['current_screen']->in_admin( 'user' ); } elseif ( defined( 'WP_USER_ADMIN' ) ) { return WP_USER_ADMIN; } return false; } /** * Determines whether Multisite is enabled. * * @since 3.0.0 * * @return bool True if Multisite is enabled, false otherwise. */ function is_multisite() { if ( defined( 'MULTISITE' ) ) { return MULTISITE; } if ( defined( 'SUBDOMAIN_INSTALL' ) || defined( 'VHOST' ) || defined( 'SUNRISE' ) ) { return true; } return false; } /** * Converts a value to non-negative integer. * * @since 2.5.0 * * @param mixed $maybeint Data you wish to have converted to a non-negative integer. * @return int A non-negative integer. */ function absint( $maybeint ) { return abs( (int) $maybeint ); } /** * Retrieves the current site ID. * * @since 3.1.0 * * @global int $blog_id * * @return int Site ID. */ function get_current_blog_id() { global $blog_id; return absint( $blog_id ); } /** * Retrieves the current network ID. * * @since 4.6.0 * * @return int The ID of the current network. */ function get_current_network_id() { if ( ! is_multisite() ) { return 1; } $current_network = get_network(); if ( ! isset( $current_network->id ) ) { return get_main_network_id(); } return absint( $current_network->id ); } /** * Attempts an early load of translations. * * Used for errors encountered during the initial loading process, before * the locale has been properly detected and loaded. * * Designed for unusual load sequences (like setup-config.php) or for when * the script will then terminate with an error, otherwise there is a risk * that a file can be double-included. * * @since 3.4.0 * @access private * * @global WP_Textdomain_Registry $wp_textdomain_registry WordPress Textdomain Registry. * @global WP_Locale $wp_locale WordPress date and time locale object. */ function wp_load_translations_early() { global $wp_textdomain_registry, $wp_locale; static $loaded = false; if ( $loaded ) { return; } $loaded = true; if ( function_exists( 'did_action' ) && did_action( 'init' ) ) { return; } // We need $wp_local_package. require ABSPATH . WPINC . '/version.php'; // Translation and localization. require_once ABSPATH . WPINC . '/pomo/mo.php'; require_once ABSPATH . WPINC . '/l10n/class-wp-translation-controller.php'; require_once ABSPATH . WPINC . '/l10n/class-wp-translations.php'; require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file.php'; require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file-mo.php'; require_once ABSPATH . WPINC . '/l10n/class-wp-translation-file-php.php'; require_once ABSPATH . WPINC . '/l10n.php'; require_once ABSPATH . WPINC . '/class-wp-textdomain-registry.php'; require_once ABSPATH . WPINC . '/class-wp-locale.php'; require_once ABSPATH . WPINC . '/class-wp-locale-switcher.php'; // General libraries. require_once ABSPATH . WPINC . '/plugin.php'; $locales = array(); $locations = array(); if ( ! $wp_textdomain_registry instanceof WP_Textdomain_Registry ) { $wp_textdomain_registry = new WP_Textdomain_Registry(); } while ( true ) { if ( defined( 'WPLANG' ) ) { if ( '' === WPLANG ) { break; } $locales[] = WPLANG; } if ( isset( $wp_local_package ) ) { $locales[] = $wp_local_package; } if ( ! $locales ) { break; } if ( defined( 'WP_LANG_DIR' ) && @is_dir( WP_LANG_DIR ) ) { $locations[] = WP_LANG_DIR; } if ( defined( 'WP_CONTENT_DIR' ) && @is_dir( WP_CONTENT_DIR . '/languages' ) ) { $locations[] = WP_CONTENT_DIR . '/languages'; } if ( @is_dir( ABSPATH . 'wp-content/languages' ) ) { $locations[] = ABSPATH . 'wp-content/languages'; } if ( @is_dir( ABSPATH . WPINC . '/languages' ) ) { $locations[] = ABSPATH . WPINC . '/languages'; } if ( ! $locations ) { break; } $locations = array_unique( $locations ); foreach ( $locales as $locale ) { foreach ( $locations as $location ) { if ( file_exists( $location . '/' . $locale . '.mo' ) ) { load_textdomain( 'default', $location . '/' . $locale . '.mo', $locale ); if ( defined( 'WP_SETUP_CONFIG' ) && file_exists( $location . '/admin-' . $locale . '.mo' ) ) { load_textdomain( 'default', $location . '/admin-' . $locale . '.mo', $locale ); } break 2; } } } break; } $wp_locale = new WP_Locale(); } /** * Checks or sets whether WordPress is in "installation" mode. * * If the `WP_INSTALLING` constant is defined during the bootstrap, `wp_installing()` will default to `true`. * * @since 4.4.0 * * @param bool $is_installing Optional. True to set WP into Installing mode, false to turn Installing mode off. * Omit this parameter if you only want to fetch the current status. * @return bool True if WP is installing, otherwise false. When a `$is_installing` is passed, the function will * report whether WP was in installing mode prior to the change to `$is_installing`. */ function wp_installing( $is_installing = null ) { static $installing = null; // Support for the `WP_INSTALLING` constant, defined before WP is loaded. if ( is_null( $installing ) ) { $installing = defined( 'WP_INSTALLING' ) && WP_INSTALLING; } if ( ! is_null( $is_installing ) ) { $old_installing = $installing; $installing = $is_installing; return (bool) $old_installing; } return (bool) $installing; } /** * Determines if SSL is used. * * @since 2.6.0 * @since 4.6.0 Moved from functions.php to load.php. * * @return bool True if SSL, otherwise false. */ function is_ssl() { if ( isset( $_SERVER['HTTPS'] ) ) { if ( 'on' === strtolower( $_SERVER['HTTPS'] ) ) { return true; } if ( '1' === (string) $_SERVER['HTTPS'] ) { return true; } } elseif ( isset( $_SERVER['SERVER_PORT'] ) && ( '443' === (string) $_SERVER['SERVER_PORT'] ) ) { return true; } return false; } /** * Converts a shorthand byte value to an integer byte value. * * @since 2.3.0 * @since 4.6.0 Moved from media.php to load.php. * * @link https://www.php.net/manual/en/function.ini-get.php * @link https://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes * * @param string $value A (PHP ini) byte value, either shorthand or ordinary. * @return int An integer byte value. */ function wp_convert_hr_to_bytes( $value ) { $value = strtolower( trim( $value ) ); $bytes = (int) $value; if ( str_contains( $value, 'g' ) ) { $bytes *= GB_IN_BYTES; } elseif ( str_contains( $value, 'm' ) ) { $bytes *= MB_IN_BYTES; } elseif ( str_contains( $value, 'k' ) ) { $bytes *= KB_IN_BYTES; } // Deal with large (float) values which run into the maximum integer size. return min( $bytes, PHP_INT_MAX ); } /** * Determines whether a PHP ini value is changeable at runtime. * * @since 4.6.0 * * @link https://www.php.net/manual/en/function.ini-get-all.php * * @param string $setting The name of the ini setting to check. * @return bool True if the value is changeable at runtime. False otherwise. */ function wp_is_ini_value_changeable( $setting ) { static $ini_all; if ( ! isset( $ini_all ) ) { $ini_all = false; // Sometimes `ini_get_all()` is disabled via the `disable_functions` option for "security purposes". if ( function_exists( 'ini_get_all' ) ) { $ini_all = ini_get_all(); } } if ( isset( $ini_all[ $setting ]['access'] ) && ( INI_ALL === $ini_all[ $setting ]['access'] || INI_USER === $ini_all[ $setting ]['access'] ) ) { return true; } // If we were unable to retrieve the details, fail gracefully to assume it's changeable. if ( ! is_array( $ini_all ) ) { return true; } return false; } /** * Determines whether the current request is a WordPress Ajax request. * * @since 4.7.0 * * @return bool True if it's a WordPress Ajax request, false otherwise. */ function wp_doing_ajax() { /** * Filters whether the current request is a WordPress Ajax request. * * @since 4.7.0 * * @param bool $wp_doing_ajax Whether the current request is a WordPress Ajax request. */ return apply_filters( 'wp_doing_ajax', defined( 'DOING_AJAX' ) && DOING_AJAX ); } /** * Determines whether the current request should use themes. * * @since 5.1.0 * * @return bool True if themes should be used, false otherwise. */ function wp_using_themes() { /** * Filters whether the current request should use themes. * * @since 5.1.0 * * @param bool $wp_using_themes Whether the current request should use themes. */ return apply_filters( 'wp_using_themes', defined( 'WP_USE_THEMES' ) && WP_USE_THEMES ); } /** * Determines whether the current request is a WordPress cron request. * * @since 4.8.0 * * @return bool True if it's a WordPress cron request, false otherwise. */ function wp_doing_cron() { /** * Filters whether the current request is a WordPress cron request. * * @since 4.8.0 * * @param bool $wp_doing_cron Whether the current request is a WordPress cron request. */ return apply_filters( 'wp_doing_cron', defined( 'DOING_CRON' ) && DOING_CRON ); } /** * Checks whether the given variable is a WordPress Error. * * Returns whether `$thing` is an instance of the `WP_Error` class. * * @since 2.1.0 * * @param mixed $thing The variable to check. * @return bool Whether the variable is an instance of WP_Error. */ function is_wp_error( $thing ) { $is_wp_error = ( $thing instanceof WP_Error ); if ( $is_wp_error ) { /** * Fires when `is_wp_error()` is called and its parameter is an instance of `WP_Error`. * * @since 5.6.0 * * @param WP_Error $thing The error object passed to `is_wp_error()`. */ do_action( 'is_wp_error_instance', $thing ); } return $is_wp_error; } /** * Determines whether file modifications are allowed. * * @since 4.8.0 * * @param string $context The usage context. * @return bool True if file modification is allowed, false otherwise. */ function wp_is_file_mod_allowed( $context ) { /** * Filters whether file modifications are allowed. * * @since 4.8.0 * * @param bool $file_mod_allowed Whether file modifications are allowed. * @param string $context The usage context. */ return apply_filters( 'file_mod_allowed', ! defined( 'DISALLOW_FILE_MODS' ) || ! DISALLOW_FILE_MODS, $context ); } /** * Starts scraping edited file errors. * * @since 4.9.0 */ function wp_start_scraping_edited_file_errors() { if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) { return; } $key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 ); $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] ); if ( empty( $key ) || empty( $nonce ) ) { return; } $transient = get_transient( 'scrape_key_' . $key ); if ( false === $transient ) { return; } if ( $transient !== $nonce ) { if ( ! headers_sent() ) { header( 'X-Robots-Tag: noindex' ); nocache_headers(); } echo "###### wp_scraping_result_start:$key ######"; echo wp_json_encode( array( 'code' => 'scrape_nonce_failure', 'message' => __( 'Scrape key check failed. Please try again.' ), ) ); echo "###### wp_scraping_result_end:$key ######"; die(); } if ( ! defined( 'WP_SANDBOX_SCRAPING' ) ) { define( 'WP_SANDBOX_SCRAPING', true ); } register_shutdown_function( 'wp_finalize_scraping_edited_file_errors', $key ); } /** * Finalizes scraping for edited file errors. * * @since 4.9.0 * * @param string $scrape_key Scrape key. */ function wp_finalize_scraping_edited_file_errors( $scrape_key ) { $error = error_get_last(); echo "\n###### wp_scraping_result_start:$scrape_key ######\n"; if ( ! empty( $error ) && in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) ) { $error = str_replace( ABSPATH, '', $error ); echo wp_json_encode( $error ); } else { echo wp_json_encode( true ); } echo "\n###### wp_scraping_result_end:$scrape_key ######\n"; } /** * Checks whether current request is a JSON request, or is expecting a JSON response. * * @since 5.0.0 * * @return bool True if `Accepts` or `Content-Type` headers contain `application/json`. * False otherwise. */ function wp_is_json_request() { if ( isset( $_SERVER['HTTP_ACCEPT'] ) && wp_is_json_media_type( $_SERVER['HTTP_ACCEPT'] ) ) { return true; } if ( isset( $_SERVER['CONTENT_TYPE'] ) && wp_is_json_media_type( $_SERVER['CONTENT_TYPE'] ) ) { return true; } return false; } /** * Checks whether current request is a JSONP request, or is expecting a JSONP response. * * @since 5.2.0 * * @return bool True if JSONP request, false otherwise. */ function wp_is_jsonp_request() { if ( ! isset( $_GET['_jsonp'] ) ) { return false; } if ( ! function_exists( 'wp_check_jsonp_callback' ) ) { require_once ABSPATH . WPINC . '/functions.php'; } $jsonp_callback = $_GET['_jsonp']; if ( ! wp_check_jsonp_callback( $jsonp_callback ) ) { return false; } /** This filter is documented in wp-includes/rest-api/class-wp-rest-server.php */ $jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true ); return $jsonp_enabled; } /** * Checks whether a string is a valid JSON Media Type. * * @since 5.6.0 * * @param string $media_type A Media Type string to check. * @return bool True if string is a valid JSON Media Type. */ function wp_is_json_media_type( $media_type ) { static $cache = array(); if ( ! isset( $cache[ $media_type ] ) ) { $cache[ $media_type ] = (bool) preg_match( '/(^|\s|,)application\/([\w!#\$&-\^\.\+]+\+)?json(\+oembed)?($|\s|;|,)/i', $media_type ); } return $cache[ $media_type ]; } /** * Checks whether current request is an XML request, or is expecting an XML response. * * @since 5.2.0 * * @return bool True if `Accepts` or `Content-Type` headers contain `text/xml` * or one of the related MIME types. False otherwise. */ function wp_is_xml_request() { $accepted = array( 'text/xml', 'application/rss+xml', 'application/atom+xml', 'application/rdf+xml', 'text/xml+oembed', 'application/xml+oembed', ); if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) { foreach ( $accepted as $type ) { if ( str_contains( $_SERVER['HTTP_ACCEPT'], $type ) ) { return true; } } } if ( isset( $_SERVER['CONTENT_TYPE'] ) && in_array( $_SERVER['CONTENT_TYPE'], $accepted, true ) ) { return true; } return false; } /** * Checks if this site is protected by HTTP Basic Auth. * * At the moment, this merely checks for the present of Basic Auth credentials. Therefore, calling * this function with a context different from the current context may give inaccurate results. * In a future release, this evaluation may be made more robust. * * Currently, this is only used by Application Passwords to prevent a conflict since it also utilizes * Basic Auth. * * @since 5.6.1 * * @global string $pagenow The filename of the current screen. * * @param string $context The context to check for protection. Accepts 'login', 'admin', and 'front'. * Defaults to the current context. * @return bool Whether the site is protected by Basic Auth. */ function wp_is_site_protected_by_basic_auth( $context = '' ) { global $pagenow; if ( ! $context ) { if ( 'wp-login.php' === $pagenow ) { $context = 'login'; } elseif ( is_admin() ) { $context = 'admin'; } else { $context = 'front'; } } $is_protected = ! empty( $_SERVER['PHP_AUTH_USER'] ) || ! empty( $_SERVER['PHP_AUTH_PW'] ); /** * Filters whether a site is protected by HTTP Basic Auth. * * @since 5.6.1 * * @param bool $is_protected Whether the site is protected by Basic Auth. * @param string $context The context to check for protection. One of 'login', 'admin', or 'front'. */ return apply_filters( 'wp_is_site_protected_by_basic_auth', $is_protected, $context ); }