Lines: 1 to 100 of 271
<?php /** * Theme Customize Screen. * * @package WordPress * @subpackage Customize * @since 3.4.0 */ define( 'IFRAME_REQUEST', true ); /** Load WordPress Administration Bootstrap */ require_once( dirname( __FILE__ ) . '/admin.php' ); if ( ! current_user_can( 'customize' ) ) { wp_die( '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' . '<p>' . __( 'Sorry, you are not allowed to customize this site.' ) . '</p>', 403 ); } /** * @global WP_Scripts $wp_scripts * @global WP_Customize_Manager $wp_customize */ global $wp_scripts, $wp_customize; if ( $wp_customize->changeset_post_id() ) { $changeset_post = get_post( $wp_customize->changeset_post_id() ); if ( ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $changeset_post->ID ) ) { wp_die( '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' . '<p>' . __( 'Sorry, you are not allowed to edit this changeset.' ) . '</p>', 403 ); } $missed_schedule = ( 'future' === $changeset_post->post_status && get_post_time( 'G', true, $changeset_post ) < time() ); if ( $missed_schedule ) { /* * Note that an Ajax request spawns here instead of just calling `wp_publish_post( $changeset_post->ID )`. * * Because WP_Customize_Manager is not instantiated for customize.php with the `settings_previewed=false` * argument, settings cannot be reliably saved. Some logic short-circuits if the current value is the * same as the value being saved. This is particularly true for options via `update_option()`. * * By opening an Ajax request, this is avoided and the changeset is published. See #39221. */ $nonces = $wp_customize->get_nonces(); $request_args = array( 'nonce' => $nonces['save'], 'customize_changeset_uuid' => $wp_customize->changeset_uuid(), 'wp_customize' => 'on', 'customize_changeset_status' => 'publish', ); ob_start(); ?> <?php wp_print_scripts( array( 'wp-util' ) ); ?> <script> wp.ajax.post( 'customize_save', <?php echo wp_json_encode( $request_args ); ?> ); </script> <?php $script = ob_get_clean(); wp_die( '<h1>' . __( 'Your scheduled changes just published' ) . '</h1>' . '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>' . $script, 200 ); } if ( in_array( get_post_status( $changeset_post->ID ), array( 'publish', 'trash' ), true ) ) { wp_die( '<h1>' . __( 'Something went wrong.' ) . '</h1>' . '<p>' . __( 'This changeset cannot be further modified.' ) . '</p>' . '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>', 403 ); } } wp_reset_vars( array( 'url', 'return', 'autofocus' ) ); if ( ! empty( $url ) ) { $wp_customize->set_preview_url( wp_unslash( $url ) ); } if ( ! empty( $return ) ) { $wp_customize->set_return_url( wp_unslash( $return ) ); } if ( ! empty( $autofocus ) && is_array( $autofocus ) ) { $wp_customize->set_autofocus( wp_unslash( $autofocus ) ); }
[1] [2] [3] Next » View on GitHub View on Trac
Called by
Invoked by
Calls
1 to 30 of 32
- __() – Retrieve the translation of $text.
- _e() – Display translated text.
- _ex() – Display translated string with gettext context.
- _wp_admin_html_begin() –
- _x() – Retrieve translated string with gettext context.
- add_action() – Hooks a function on to a specific action.
- admin_url() – Retrieves the URL to the admin area for the current site.
- current_user_can() – Whether the current user has a specific capability.
- do_action() – Execute functions hooked on a specific action hook.
- esc_attr_e() – Display translated text that has been escaped for safe use in an attribute.
- esc_attr() – Escaping for HTML attributes.
- esc_html() – Escaping for HTML blocks.
- esc_url() – Checks and cleans a URL.
- get_bloginfo() – Retrieves information about the current site.
- get_option() – Retrieves an option value based on an option name.
- get_post_status() – Retrieve the post status based on the Post ID.
- get_post_type_object() – Retrieves a post type object by name.
- get_post() – Retrieves post data given a post ID or post object.
- get_user_locale() – Retrieves the locale of a user.
- is_rtl() – Checks if current locale is RTL.
- remove_query_arg() – Removes an item or items from a query string.
- sanitize_html_class() – Sanitizes an HTML classname to ensure it only contains valid characters.
- submit_button() – Echoes a submit button, with provided text and appropriate class(es).
- wp_die() – Kill WordPress execution and display HTML message with error message.
- wp_enqueue_script() – Enqueue a script.
- wp_enqueue_style() – Enqueue a CSS stylesheet.
- wp_is_mobile() – Test if the current browser runs on a mobile device (smart phone, tablet, etc.)
- wp_json_encode() – Encode a variable into JSON, with some sanity checks.
- wp_print_scripts() – Prints scripts in document head that are in the $handles queue.
- wp_reset_vars() – Resets global variables based on $_GET and $_POST
