Home / Files / wp-admin/customize.php


Lines: 1 to 100 of 278

<?php

/**
 * Theme Customize Screen.
 *
 * @package WordPress
 * @subpackage Customize
 * @since 3.4.0
 */

define( 'IFRAME_REQUEST', true );


/** Load WordPress Administration Bootstrap */
require_once( dirname( __FILE__ ) . '/admin.php' );

if ( ! current_user_can( 'customize' ) ) {
  wp_die(
    '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
    '<p>' . __( 'Sorry, you are not allowed to customize this site.' ) . '</p>',
    403
  );
}


/**
 * @global WP_Scripts           $wp_scripts
 * @global WP_Customize_Manager $wp_customize
 */
global $wp_scripts, $wp_customize;

if ( $wp_customize->changeset_post_id() ) {
  $changeset_post = get_post( $wp_customize->changeset_post_id() );

  if ( ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $changeset_post->ID ) ) {
    wp_die(
      '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
      '<p>' . __( 'Sorry, you are not allowed to edit this changeset.' ) . '</p>',
      403
    );
  }

  $missed_schedule = (
    'future' === $changeset_post->post_status &&
    get_post_time( 'G', true, $changeset_post ) < time()
  );
  if ( $missed_schedule ) {
    /*
		 * Note that an Ajax request spawns here instead of just calling `wp_publish_post( $changeset_post->ID )`.
		 *
		 * Because WP_Customize_Manager is not instantiated for customize.php with the `settings_previewed=false`
		 * argument, settings cannot be reliably saved. Some logic short-circuits if the current value is the
		 * same as the value being saved. This is particularly true for options via `update_option()`.
		 *
		 * By opening an Ajax request, this is avoided and the changeset is published. See #39221.
		 */
    $nonces       = $wp_customize->get_nonces();
    $request_args = array(
      'nonce'                      => $nonces['save'],
      'customize_changeset_uuid'   => $wp_customize->changeset_uuid(),
      'wp_customize'               => 'on',
      'customize_changeset_status' => 'publish',
    );
    ob_start();
    ?>
		<?php wp_print_scripts( array( 'wp-util' ) ); ?>
		<script>
			wp.ajax.post( 'customize_save', <?php echo wp_json_encode( $request_args ); ?> );
		</script>
		<?php
    $script = ob_get_clean();

    wp_die(
      '<h1>' . __( 'Your scheduled changes just published' ) . '</h1>' .
      '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>' . $script,
      200
    );
  }

  if ( in_array( get_post_status( $changeset_post->ID ), array( 'publish', 'trash' ), true ) ) {
    wp_die(
      '<h1>' . __( 'Something went wrong.' ) . '</h1>' .
      '<p>' . __( 'This changeset cannot be further modified.' ) . '</p>' .
      '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>',
      403
    );
  }
}


wp_reset_vars( array( 'url', 'return', 'autofocus' ) );
if ( ! empty( $url ) ) {
  $wp_customize->set_preview_url( wp_unslash( $url ) );
}
if ( ! empty( $return ) ) {
  $wp_customize->set_return_url( wp_unslash( $return ) );
}
if ( ! empty( $autofocus ) && is_array( $autofocus ) ) {
  $wp_customize->set_autofocus( wp_unslash( $autofocus ) );
}

[1] [2] [3]  View on GitHub View on Trac

Called by

    Invoked by

      Calls

      1 to 30 of 32

      [1] [2]

      Call hooks

      1 to 5 of 5

      File name: wp-admin/customize.php
      Plugin ref: WordPress
      Version: 5.1.1
      Deprecated?: No
      API Letters: ,,,

      Published: | Last updated:

      WordPress core a2z
      WordPress core only