link_service = $link_service; } /** * Sends the recovery mode email if the rate limit has not been sent. * * @since 5.2.0 * * @param int $rate_limit Number of seconds before another email can be sent. * @param array $error Error details from `error_get_last()`. * @param array $extension { * The extension that caused the error. * * @type string $slug The extension slug. The plugin or theme's directory. * @type string $type The extension type. Either 'plugin' or 'theme'. * } * @return true|WP_Error True if email sent, WP_Error otherwise. */ public function maybe_send_recovery_mode_email( $rate_limit, $error, $extension ) { $last_sent = get_option( self::RATE_LIMIT_OPTION ); if ( ! $last_sent || time() > $last_sent + $rate_limit ) { if ( ! update_option( self::RATE_LIMIT_OPTION, time() ) ) { return new WP_Error( 'storage_error', __( 'Could not update the email last sent time.' ) ); } $sent = $this->send_recovery_mode_email( $rate_limit, $error, $extension ); if ( $sent ) { return true; } return new WP_Error( 'email_failed', sprintf( /* translators: %s: mail() */ __( 'The email could not be sent. Possible reason: your host may have disabled the %s function.' ), 'mail()' ) ); } $err_message = sprintf( /* translators: 1: Last sent as a human time diff, 2: Wait time as a human time diff. */ __( 'A recovery link was already sent %1$s ago. Please wait another %2$s before requesting a new email.' ), human_time_diff( $last_sent ), human_time_diff( $last_sent + $rate_limit ) ); return new WP_Error( 'email_sent_already', $err_message ); } /** * Clears the rate limit, allowing a new recovery mode email to be sent immediately. * * @since 5.2.0 * * @return bool True on success, false on failure. */ public function clear_rate_limit() { return delete_option( self::RATE_LIMIT_OPTION ); } /** * Sends the Recovery Mode email to the site admin email address. * * @since 5.2.0 * * @param int $rate_limit Number of seconds before another email can be sent. * @param array $error Error details from `error_get_last()`. * @param array $extension { * The extension that caused the error. * * @type string $slug The extension slug. The directory of the plugin or theme. * @type string $type The extension type. Either 'plugin' or 'theme'. * } * @return bool Whether the email was sent successfully. */ private function send_recovery_mode_email( $rate_limit, $error, $extension ) { $url = $this->link_service->generate_url(); $blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); $switched_locale = switch_to_locale( get_locale() ); if ( $extension ) { $cause = $this->get_cause( $extension ); $details = wp_strip_all_tags( wp_get_extension_error_description( $error ) ); if ( $details ) { $header = __( 'Error Details' ); $details = "\n\n" . $header . "\n" . str_pad( '', strlen( $header ), '=' ) . "\n" . $details; } } else { $cause = ''; $details = ''; } /** * Filters the support message sent with the the fatal error protection email. * * @since 5.2.0 * * @param string $message The Message to include in the email. */ $support = apply_filters( 'recovery_email_support_info', __( 'Please contact your host for assistance with investigating this issue further.' ) ); /** * Filters the debug information included in the fatal error protection email. * * @since 5.3.0 * * @param array $message An associative array of debug information. */ $debug = apply_filters( 'recovery_email_debug_info', $this->get_debug( $extension ) ); /* translators: Do not translate LINK, EXPIRES, CAUSE, DETAILS, SITEURL, PAGEURL, SUPPORT. DEBUG: those are placeholders. */ $message = __( 'Howdy! WordPress has a built-in feature that detects when a plugin or theme causes a fatal error on your site, and notifies you with this automated email. ###CAUSE### First, visit your website (###SITEURL###) and check for any visible issues. Next, visit the page where the error was caught (###PAGEURL###) and check for any visible issues. ###SUPPORT### If your site appears broken and you can\'t access your dashboard normally, WordPress now has a special "recovery mode". This lets you safely login to your dashboard and investigate further. ###LINK### To keep your site safe, this link will expire in ###EXPIRES###. Don\'t worry about that, though: a new link will be emailed to you if the error occurs again after it expires. When seeking help with this issue, you may be asked for some of the following information: ###DEBUG### ###DETAILS###' ); $message = str_replace( array( '###LINK###', '###EXPIRES###', '###CAUSE###', '###DETAILS###', '###SITEURL###', '###PAGEURL###', '###SUPPORT###', '###DEBUG###', ), array( $url, human_time_diff( time() + $rate_limit ), $cause ? "\n{$cause}\n" : "\n", $details, home_url( '/' ), home_url( $_SERVER['REQUEST_URI'] ), $support, implode( "\r\n", $debug ), ), $message ); $email = array( 'to' => $this->get_recovery_mode_email_address(), /* translators: %s: Site title. */ 'subject' => __( '[%s] Your Site is Experiencing a Technical Issue' ), 'message' => $message, 'headers' => '', 'attachments' => '', ); /** * Filters the contents of the Recovery Mode email. * * @since 5.2.0 * @since 5.6.0 The `$email` argument includes the `attachments` key. * * @param array $email { * Used to build a call to wp_mail(). * * @type string|array $to Array or comma-separated list of email addresses to send message. * @type string $subject Email subject * @type string $message Message contents * @type string|array $headers Optional. Additional headers. * @type string|array $attachments Optional. Files to attach. * } * @param string $url URL to enter recovery mode. */ $email = apply_filters( 'recovery_mode_email', $email, $url ); $sent = wp_mail( $email['to'], wp_specialchars_decode( sprintf( $email['subject'], $blogname ) ), $email['message'], $email['headers'], $email['attachments'] ); if ( $switched_locale ) { restore_previous_locale(); } return $sent; } /** * Gets the email address to send the recovery mode link to. * * @since 5.2.0 * * @return string Email address to send recovery mode link to. */ private function get_recovery_mode_email_address() { if ( defined( 'RECOVERY_MODE_EMAIL' ) && is_email( RECOVERY_MODE_EMAIL ) ) { return RECOVERY_MODE_EMAIL; } return get_option( 'admin_email' ); } /** * Gets the description indicating the possible cause for the error. * * @since 5.2.0 * * @param array $extension { * The extension that caused the error. * * @type string $slug The extension slug. The directory of the plugin or theme. * @type string $type The extension type. Either 'plugin' or 'theme'. * } * @return string Message about which extension caused the error. */ private function get_cause( $extension ) { if ( 'plugin' === $extension['type'] ) { $plugin = $this->get_plugin( $extension ); if ( false === $plugin ) { $name = $extension['slug']; } else { $name = $plugin['Name']; } /* translators: %s: Plugin name. */ $cause = sprintf( __( 'In this case, WordPress caught an error with one of your plugins, %s.' ), $name ); } else { $theme = wp_get_theme( $extension['slug'] ); $name = $theme->exists() ? $theme->display( 'Name' ) : $extension['slug']; /* translators: %s: Theme name. */ $cause = sprintf( __( 'In this case, WordPress caught an error with your theme, %s.' ), $name ); } return $cause; } /** * Return the details for a single plugin based on the extension data from an error. * * @since 5.3.0 * * @param array $extension { * The extension that caused the error. * * @type string $slug The extension slug. The directory of the plugin or theme. * @type string $type The extension type. Either 'plugin' or 'theme'. * } * @return array|false A plugin array {@see get_plugins()} or `false` if no plugin was found. */ private function get_plugin( $extension ) { if ( ! function_exists( 'get_plugins' ) ) { require_once ABSPATH . 'wp-admin/includes/plugin.php'; } $plugins = get_plugins(); // Assume plugin main file name first since it is a common convention. if ( isset( $plugins[ "{$extension['slug']}/{$extension['slug']}.php" ] ) ) { return $plugins[ "{$extension['slug']}/{$extension['slug']}.php" ]; } else { foreach ( $plugins as $file => $plugin_data ) { if ( str_starts_with( $file, "{$extension['slug']}/" ) || $file === $extension['slug'] ) { return $plugin_data; } } } return false; has_archive ) { return ''; } return get_archive_template(); } /** * Retrieves path of author template in current or parent template. * * The hierarchy for this template looks like: * * 1. author-{nicename}.php * 2. author-{id}.php * 3. author.php * * An example of this is: * * 1. author-john.php * 2. author-1.php * 3. author.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'author'. * * @since 1.5.0 * * @see get_query_template() * * @return string Full path to author template file. */ function get_author_template() { $author = get_queried_object(); $templates = array(); if ( $author instanceof WP_User ) { $templates[] = "author-{$author->user_nicename}.php"; $templates[] = "author-{$author->ID}.php"; } $templates[] = 'author.php'; return get_query_template( 'author', $templates ); } /** * Retrieves path of category template in current or parent template. * * The hierarchy for this template looks like: * * 1. category-{slug}.php * 2. category-{id}.php * 3. category.php * * An example of this is: * * 1. category-news.php * 2. category-2.php * 3. category.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'category'. * * @since 1.5.0 * @since 4.7.0 The decoded form of `category-{slug}.php` was added to the top of the * template hierarchy when the category slug contains multibyte characters. * * @see get_query_template() * * @return string Full path to category template file. */ function get_category_template() { $category = get_queried_object(); $templates = array(); if ( ! empty( $category->slug ) ) { $slug_decoded = urldecode( $category->slug ); if ( $slug_decoded !== $category->slug ) { $templates[] = "category-{$slug_decoded}.php"; } $templates[] = "category-{$category->slug}.php"; $templates[] = "category-{$category->term_id}.php"; } $templates[] = 'category.php'; return get_query_template( 'category', $templates ); } /** * Retrieves path of tag template in current or parent template. * * The hierarchy for this template looks like: * * 1. tag-{slug}.php * 2. tag-{id}.php * 3. tag.php * * An example of this is: * * 1. tag-wordpress.php * 2. tag-3.php * 3. tag.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'tag'. * * @since 2.3.0 * @since 4.7.0 The decoded form of `tag-{slug}.php` was added to the top of the * template hierarchy when the tag slug contains multibyte characters. * * @see get_query_template() * * @return string Full path to tag template file. */ function get_tag_template() { $tag = get_queried_object(); $templates = array(); if ( ! empty( $tag->slug ) ) { $slug_decoded = urldecode( $tag->slug ); if ( $slug_decoded !== $tag->slug ) { $templates[] = "tag-{$slug_decoded}.php"; } $templates[] = "tag-{$tag->slug}.php"; $templates[] = "tag-{$tag->term_id}.php"; } $templates[] = 'tag.php'; return get_query_template( 'tag', $templates ); } /** * Retrieves path of custom taxonomy term template in current or parent template. * * The hierarchy for this template looks like: * * 1. taxonomy-{taxonomy_slug}-{term_slug}.php * 2. taxonomy-{taxonomy_slug}-{term_id}.php * 3. taxonomy-{taxonomy_slug}.php * 4. taxonomy.php * * An example of this is: * * 1. taxonomy-location-texas.php * 2. taxonomy-location-67.php * 3. taxonomy-location.php * 4. taxonomy.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'taxonomy'. * * @since 2.5.0 * @since 4.7.0 The decoded form of `taxonomy-{taxonomy_slug}-{term_slug}.php` was added to the top of the * template hierarchy when the term slug contains multibyte characters. * @since 6.9.0 Added `taxonomy-{taxonomy_slug}-{term_id}.php` to the hierarchy. * * @see get_query_template() * * @return string Full path to custom taxonomy term template file. */ function get_taxonomy_template() { $term = get_queried_object(); $templates = array(); if ( ! empty( $term->slug ) ) { $taxonomy = $term->taxonomy; $slug_decoded = urldecode( $term->slug ); if ( $slug_decoded !== $term->slug ) { $templates[] = "taxonomy-$taxonomy-{$slug_decoded}.php"; } $templates[] = "taxonomy-$taxonomy-{$term->slug}.php"; $templates[] = "taxonomy-$taxonomy-{$term->term_id}.php"; $templates[] = "taxonomy-$taxonomy.php"; } $templates[] = 'taxonomy.php'; return get_query_template( 'taxonomy', $templates ); } /** * Retrieves path of date template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'date'. * * @since 1.5.0 * * @see get_query_template() * * @return string Full path to date template file. */ function get_date_template() { return get_query_template( 'date' ); } /** * Retrieves path of home template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'home'. * * @since 1.5.0 * * @see get_query_template() * * @return string Full path to home template file. */ function get_home_template() { $templates = array( 'home.php', 'index.php' ); return get_query_template( 'home', $templates ); } /** * Retrieves path of front page template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'frontpage'. * * @since 3.0.0 * * @see get_query_template() * * @return string Full path to front page template file. */ function get_front_page_template() { $templates = array( 'front-page.php' ); return get_query_template( 'frontpage', $templates ); } /** * Retrieves path of Privacy Policy page template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'privacypolicy'. * * @since 5.2.0 * * @see get_query_template() * * @return string Full path to privacy policy template file. */ function get_privacy_policy_template() { $templates = array( 'privacy-policy.php' ); return get_query_template( 'privacypolicy', $templates ); } /** * Retrieves path of page template in current or parent template. * * Note: For block themes, use locate_block_template() function instead. * * The hierarchy for this template looks like: * * 1. {Page Template}.php * 2. page-{page_name}.php * 3. page-{id}.php * 4. page.php * * An example of this is: * * 1. page-templates/full-width.php * 2. page-about.php * 3. page-4.php * 4. page.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'page'. * * @since 1.5.0 * @since 4.7.0 The decoded form of `page-{page_name}.php` was added to the top of the * template hierarchy when the page name contains multibyte characters. * * @see get_query_template() * * @return string Full path to page template file. */ function get_page_template() { $id = get_queried_object_id(); $template = get_page_template_slug(); $pagename = get_query_var( 'pagename' ); if ( ! $pagename && $id ) { /* * If a static page is set as the front page, $pagename will not be set. * Retrieve it from the queried object. */ $post = get_queried_object(); if ( $post ) { $pagename = $post->post_name; } } $templates = array(); if ( $template && 0 === validate_file( $template ) ) { $templates[] = $template; } if ( $pagename ) { $pagename_decoded = urldecode( $pagename ); if ( $pagename_decoded !== $pagename ) { $templates[] = "page-{$pagename_decoded}.php"; } $templates[] = "page-{$pagename}.php"; } if ( $id ) { $templates[] = "page-{$id}.php"; } $templates[] = 'page.php'; return get_query_template( 'page', $templates ); } /** * Retrieves path of search template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'search'. * * @since 1.5.0 * * @see get_query_template() * * @return string Full path to search template file. */ function get_search_template() { return get_query_template( 'search' ); } /** * Retrieves path of single template in current or parent template. Applies to single Posts, * single Attachments, and single custom post types. * * The hierarchy for this template looks like: * * 1. {Post Type Template}.php * 2. single-{post_type}-{post_name}.php * 3. single-{post_type}.php * 4. single.php * * An example of this is: * * 1. templates/full-width.php * 2. single-post-hello-world.php * 3. single-post.php * 4. single.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'single'. * * @since 1.5.0 * @since 4.4.0 `single-{post_type}-{post_name}.php` was added to the top of the template hierarchy. * @since 4.7.0 The decoded form of `single-{post_type}-{post_name}.php` was added to the top of the * template hierarchy when the post name contains multibyte characters. * @since 4.7.0 `{Post Type Template}.php` was added to the top of the template hierarchy. * * @see get_query_template() * * @return string Full path to single template file. */ function get_single_template() { $object = get_queried_object(); $templates = array(); if ( ! empty( $object->post_type ) ) { $template = get_page_template_slug( $object ); if ( $template && 0 === validate_file( $template ) ) { $templates[] = $template; } $name_decoded = urldecode( $object->post_name ); if ( $name_decoded !== $object->post_name ) { $templates[] = "single-{$object->post_type}-{$name_decoded}.php"; } $templates[] = "single-{$object->post_type}-{$object->post_name}.php"; $templates[] = "single-{$object->post_type}.php"; } $templates[] = 'single.php'; return get_query_template( 'single', $templates ); } /** * Retrieves an embed template path in the current or parent template. * * The hierarchy for this template looks like: * * 1. embed-{post_type}-{post_format}.php * 2. embed-{post_type}.php * 3. embed.php * * An example of this is: * * 1. embed-post-audio.php * 2. embed-post.php * 3. embed.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'embed'. * * @since 4.5.0 * * @see get_query_template() * * @return string Full path to embed template file. */ function get_embed_template() { $object = get_queried_object(); $templates = array(); if ( ! empty( $object->post_type ) ) { $post_format = get_post_format( $object ); if ( $post_format ) { $templates[] = "embed-{$object->post_type}-{$post_format}.php"; } $templates[] = "embed-{$object->post_type}.php"; } $templates[] = 'embed.php'; return get_query_template( 'embed', $templates ); } /** * Retrieves the path of the singular template in current or parent template. * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'singular'. * * @since 4.3.0 * * @see get_query_template() * * @return string Full path to singular template file. */ function get_singular_template() { return get_query_template( 'singular' ); } /** * Retrieves path of attachment template in current or parent template. * * The hierarchy for this template looks like: * * 1. {mime_type}-{sub_type}.php * 2. {sub_type}.php * 3. {mime_type}.php * 4. attachment.php * * An example of this is: * * 1. image-jpeg.php * 2. jpeg.php * 3. image.php * 4. attachment.php * * The template hierarchy and template path are filterable via the {@see '$type_template_hierarchy'} * and {@see '$type_template'} dynamic hooks, where `$type` is 'attachment'. * * @since 2.0.0 * @since 4.3.0 The order of the mime type logic was reversed so the hierarchy is more logical. * * @see get_query_template() * * @return string Full path to attachment template file. */ function get_attachment_template() { $attachment = get_queried_object(); $templates = array(); if ( $attachment ) { if ( str_contains( $attachment->post_mime_type, '/' ) ) { list( $type, $subtype ) = explode( '/', $attachment->post_mime_type ); } else { list( $type, $subtype ) = array( $attachment->post_mime_type, '' ); } if ( ! empty( $subtype ) ) { $templates[] = "{$type}-{$subtype}.php"; $templates[] = "{$subtype}.php"; } $templates[] = "{$type}.php"; } $templates[] = 'attachment.php'; return get_query_template( 'attachment', $templates ); } /** * Set up the globals used for template loading. * * @since 6.5.0 * * @global string $wp_stylesheet_path Path to current theme's stylesheet directory. * @global string $wp_template_path Path to current theme's template directory. */ function wp_set_template_globals() { global $wp_stylesheet_path, $wp_template_path; $wp_stylesheet_path = get_stylesheet_directory(); $wp_template_path = get_template_directory(); } /** * Retrieves the name of the highest priority template file that exists. * * Searches in the stylesheet directory before the template directory and * wp-includes/theme-compat so that themes which inherit from a parent theme * can just overload one file. * * @since 2.7.0 * @since 5.5.0 The `$args` parameter was added. * * @global string $wp_stylesheet_path Path to current theme's stylesheet directory. * @global string $wp_template_path Path to current theme's template directory. * * @param string|array $template_names Template file(s) to search for, in order. * @param bool $load If true the template file will be loaded if it is found. * @param bool $load_once Whether to require_once or require. Has no effect if `$load` is false. * Default true. * @param array $args Optional. Additional arguments passed to the template. * Default empty array. * @return string The template filename if one is located. */ function locate_template( $template_names, $load = false, $load_once = true, $args = array() ) { global $wp_stylesheet_path, $wp_template_path; if ( ! isset( $wp_stylesheet_path ) || ! isset( $wp_template_path ) ) { wp_set_template_globals(); } $is_child_theme = is_child_theme(); $located = ''; foreach ( (array) $template_names as $template_name ) { if ( ! $template_name ) { continue; } if ( file_exists( $wp_stylesheet_path . '/' . $template_name ) ) { $located = $wp_stylesheet_path . '/' . $template_name; break; } elseif ( $is_child_theme && file_exists( $wp_template_path . '/' . $template_name ) ) { $located = $wp_template_path . '/' . $template_name; break; } elseif ( file_exists( ABSPATH . WPINC . '/theme-compat/' . $template_name ) ) { $located = ABSPATH . WPINC . '/theme-compat/' . $template_name; break; } } if ( $load && '' !== $located ) { load_template( $located, $load_once, $args ); } return $located; } /** * Requires the template file with WordPress environment. * * The globals are set up for the template file to ensure that the WordPress * environment is available from within the function. The query variables are * also available. * * @since 1.5.0 * @since 5.5.0 The `$args` parameter was added. * * @global array $posts * @global WP_Post $post Global post object. * @global bool $wp_did_header * @global WP_Query $wp_query WordPress Query object. * @global WP_Rewrite $wp_rewrite WordPress rewrite component. * @global wpdb $wpdb WordPress database abstraction object. * @global string $wp_version * @global WP $wp Current WordPress environment instance. * @global int $id * @global WP_Comment $comment Global comment object. * @global int $user_ID * * @param string $_template_file Path to template file. * @param bool $load_once Whether to require_once or require. Default true. * @param array $args Optional. Additional arguments passed to the template. * Default empty array. */ function load_template( $_template_file, $load_once = true, $args = array() ) { global $posts, $post, $wp_did_header, $wp_query, $wp_rewrite, $wpdb, $wp_version, $wp, $id, $comment, $user_ID; if ( is_array( $wp_query->query_vars ) ) { /* * This use of extract() cannot be removed. There are many possible ways that * templates could depend on variables that it creates existing, and no way to * detect and deprecate it. * * Passing the EXTR_SKIP flag is the safest option, ensuring globals and * function variables cannot be overwritten. */ // phpcs:ignore WordPress.PHP.DontExtract.extract_extract extract( $wp_query->query_vars, EXTR_SKIP ); } if ( isset( $s ) ) { $s = esc_attr( $s ); } /** * Fires before a template file is loaded. * * @since 6.1.0 * * @param string $_template_file The full path to the template file. * @param bool $load_once Whether to require_once or require. * @param array $args Additional arguments passed to the template. */ do_action( 'wp_before_load_template', $_template_file, $load_once, $args ); if ( $load_once ) { require_once $_template_file; } else { require $_template_file; } /** * Fires after a template file is loaded. * * @since 6.1.0 * * @param string $_template_file The full path to the template file. * @param bool $load_once Whether to require_once or require. * @param array $args Additional arguments passed to the template. */ do_action( 'wp_after_load_template', $_template_file, $load_once, $args ); } /** * Checks whether the template should be output buffered for enhancement. * * By default, an output buffer is only started if a {@see 'wp_template_enhancement_output_buffer'} filter has been * added by the time a template is included at the {@see 'wp_before_include_template'} action. This allows template * responses to be streamed as much as possible when no template enhancements are registered to apply. * * @since 6.9.0 * * @return bool Whether the template should be output-buffered for enhancement. */ function wp_should_output_buffer_template_for_enhancement(): bool { /** * Filters whether the template should be output-buffered for enhancement. * * By default, an output buffer is only started if a {@see 'wp_template_enhancement_output_buffer'} filter has been * added or if a plugin has added a {@see 'wp_finalized_template_enhancement_output_buffer'} action. For this * default to apply, either of the hooks must be added by the time the template is included at the * {@see 'wp_before_include_template'} action. This allows template responses to be streamed unless the there is * code which depends on an output buffer being opened. This filter allows a site to opt in to adding such template * enhancement filters later during the rendering of the template. * * @since 6.9.0 * * @param bool $use_output_buffer Whether an output buffer is started. */ return (bool) apply_filters( 'wp_should_output_buffer_template_for_enhancement', has_filter( 'wp_template_enhancement_output_buffer' ) || has_action( 'wp_finalized_template_enhancement_output_buffer' ) ); } /** * Starts the template enhancement output buffer. * * This function is called immediately before the template is included. * * @since 6.9.0 * * @return bool Whether the output buffer successfully started. */ function wp_start_template_enhancement_output_buffer(): bool { if ( ! wp_should_output_buffer_template_for_enhancement() ) { return false; } $started = ob_start( 'wp_finalize_template_enhancement_output_buffer', 0, // Unlimited buffer size so that entire output is passed to the filter. /* * Instead of the default PHP_OUTPUT_HANDLER_STDFLAGS (cleanable, flushable, and removable) being used for * flags, the PHP_OUTPUT_HANDLER_FLUSHABLE flag must be omitted. If the buffer were flushable, then each time * that ob_flush() is called, a fragment of the output would be sent into the output buffer callback. This * output buffer is intended to capture the entire response for processing, as indicated by the chunk size of 0. * So the buffer does not allow flushing to ensure the entire buffer can be processed, such as for optimizing an * entire HTML document, where markup in the HEAD may need to be adjusted based on markup that appears late in * the BODY. * * If this ends up being problematic, then PHP_OUTPUT_HANDLER_FLUSHABLE could be added to the $flags and the * output buffer callback could check if the phase is PHP_OUTPUT_HANDLER_FLUSH and abort any subsequent * processing while also emitting a _doing_it_wrong(). * * The output buffer needs to be removable because WordPress calls wp_ob_end_flush_all() and then calls * wp_cache_close(). If the buffers are not all flushed before wp_cache_close() is closed, then some output buffer * handlers (e.g. for caching plugins) may fail to be able to store the page output in the object cache. * See . */ PHP_OUTPUT_HANDLER_STDFLAGS ^ PHP_OUTPUT_HANDLER_FLUSHABLE ); if ( $started ) { /** * Fires when the template enhancement output buffer has started. * * @since 6.9.0 */ do_action( 'wp_template_enhancement_output_buffer_started' ); } return $started; } /** * Finalizes the template enhancement output buffer. * * Checks to see if the output buffer is complete and contains HTML. If so, runs the content through * the `wp_template_enhancement_output_buffer` filter. If not, the original content is returned. * * @since 6.9.0 * * @see wp_start_template_enhancement_output_buffer() * * @param string $output Output buffer. * @param int $phase Phase. * @return string Finalized output buffer. */ function wp_finalize_template_enhancement_output_buffer( string $output, int $phase ): string { // When the output is being cleaned (e.g. pending template is replaced with error page), do not send it through the filter. if ( ( $phase & PHP_OUTPUT_HANDLER_CLEAN ) !== 0 ) { return $output; } // Detect if the response is an HTML content type. $is_html_content_type = null; $html_content_types = array( 'text/html', 'application/xhtml+xml' ); foreach ( headers_list() as $header ) { $header_parts = explode( ':', strtolower( $header ), 2 ); if ( count( $header_parts ) === 2 && 'content-type' === $header_parts[0] ) { /* * This is looking for very specific content types, therefore it * doesn’t need to fully parse the header’s value. Instead, it needs * only assert that the content type is one of the static HTML types. * * Example: * * Content-Type: text/html; charset=utf8 * Content-Type: text/html ;charset=latin4 * Content-Type:application/xhtml+xml */ $media_type = trim( strtok( $header_parts[1], ';' ), " \t" ); $is_html_content_type = in_array( $media_type, $html_content_types, true ); break; // PHP only sends the first Content-Type header in the list. } } if ( null === $is_html_content_type ) { $is_html_content_type = in_array( ini_get( 'default_mimetype' ), $html_content_types, true ); } // If the content type is not HTML, short-circuit since it is not relevant for enhancement. if ( ! $is_html_content_type ) { /** This action is documented in wp-includes/template.php */ do_action( 'wp_finalized_template_enhancement_output_buffer', $output ); return $output; } $filtered_output = $output; $did_just_catch = false; $error_log = array(); set_error_handler( static function ( int $level, string $message, ?string $file = null, ?int $line = null ) use ( &$error_log, &$did_just_catch ) { // Switch a user error to an exception so that it can be caught and the buffer can be returned. if ( E_USER_ERROR === $level ) { throw new Exception( __( 'User error triggered:' ) . ' ' . $message ); } // Display a caught exception as an error since it prevents any of the output buffer filters from applying. if ( $did_just_catch ) { // @phpstan-ignore if.alwaysFalse (The variable is set in the catch block below.) $level = E_USER_ERROR; } // Capture a reported error to be displayed by appending to the processed output buffer if display_errors is enabled. if ( error_reporting() & $level ) { $error_log[] = compact( 'level', 'message', 'file', 'line' ); } return false; } ); $original_display_errors = ini_get( 'display_errors' ); if ( $original_display_errors ) { ini_set( 'display_errors', 0 ); } try { /** * Filters the template enhancement output buffer prior to sending to the client. * * This filter only applies the HTML output of an included template. This filter is a progressive enhancement * intended for applications such as optimizing markup to improve frontend page load performance. Sites must not * depend on this filter applying since they may opt to stream the responses instead. Callbacks for this filter * are highly discouraged from using regular expressions to do any kind of replacement on the output. Use the * HTML API (either `WP_HTML_Tag_Processor` or `WP_HTML_Processor`), or else use {@see DOM\HtmlDocument} as of * PHP 8.4 which fully supports HTML5. * * Do not print any output during this filter. While filters normally don't print anything, this is especially * important since this applies during an output buffer callback. Prior to PHP 8.5, the output will be silently * omitted, whereas afterward a deprecation notice will be emitted. * * Important: Because this filter is applied inside an output buffer callback (i.e. display handler), any * callbacks added to the filter must not attempt to start their own output buffers. Otherwise, PHP will raise a * fatal error: "Cannot use output buffering in output buffering display handlers." * * @since 6.9.0 * * @param string $filtered_output HTML template enhancement output buffer. * @param string $output Original HTML template output buffer. */ $filtered_output = (string) apply_filters( 'wp_template_enhancement_output_buffer', $filtered_output, $output ); } catch ( Throwable $throwable ) { // Emit to the error log as a warning not as an error to prevent halting execution. $did_just_catch = true; trigger_error( sprintf( /* translators: %s is the throwable class name */ __( 'Uncaught "%s" thrown:' ), get_class( $throwable ) ) . ' ' . $throwable->getMessage(), E_USER_WARNING ); $did_just_catch = false; } try { /** * Fires after the template enhancement output buffer has been finalized. * * This happens immediately before the template enhancement output buffer is flushed. No output may be printed * at this action; prior to PHP 8.5, the output will be silently omitted, whereas afterward a deprecation notice * will be emitted. Nevertheless, HTTP headers may be sent, which makes this action complimentary to the * {@see 'send_headers'} action, in which headers may be sent before the template has started rendering. In * contrast, this `wp_finalized_template_enhancement_output_buffer` action is the possible point at which HTTP * headers can be sent. This action does not fire if the "template enhancement output buffer" was not started. * This output buffer is automatically started if this action is added before * {@see wp_start_template_enhancement_output_buffer()} runs at the {@see 'wp_before_include_template'} action * with priority 1000. Before this point, the output buffer will also be started automatically if there was a * {@see 'wp_template_enhancement_output_buffer'} filter added, or if the * {@see 'wp_should_output_buffer_template_for_enhancement'} filter is made to return `true`. * * Important: Because this action fires inside an output buffer callback (i.e. display handler), any callbacks * added to the action must not attempt to start their own output buffers. Otherwise, PHP will raise a fatal * error: "Cannot use output buffering in output buffering display handlers." * * @since 6.9.0 * * @param string $output Finalized output buffer. */ do_action( 'wp_finalized_template_enhancement_output_buffer', $filtered_output ); } catch ( Throwable $throwable ) { // Emit to the error log as a warning not as an error to prevent halting execution. $did_just_catch = true; trigger_error( sprintf( /* translators: %s is the class name */ __( 'Uncaught "%s" thrown:' ), get_class( $throwable ) ) . ' ' . $throwable->getMessage(), E_USER_WARNING ); $did_just_catch = false; } // Append any errors to be displayed before returning flutype_attr = " type='text/css'"; } /** * Fires when the WP_Styles instance is initialized. * * @since 2.6.0 * * @param WP_Styles $wp_styles WP_Styles instance (passed by reference). */ do_action_ref_array( 'wp_default_styles', array( &$this ) ); } /** * Processes a style dependency. * * @since 2.6.0 * @since 5.5.0 Added the `$group` parameter. * * @see WP_Dependencies::do_item() * * @param string $handle The style's registered handle. * @param int|false $group Optional. Group level: level (int), no groups (false). * Default false. * @return bool True on success, false on failure. */ public function do_item( $handle, $group = false ) { if ( ! parent::do_item( $handle ) ) { return false; } $obj = $this->registered[ $handle ]; if ( $obj->extra['conditional'] ?? false ) { return false; } if ( null === $obj->ver ) { $ver = ''; } else { $ver = $obj->ver ? $obj->ver : $this->default_version; } if ( isset( $this->args[ $handle ] ) ) { $ver = $ver ? $ver . '&' . $this->args[ $handle ] : $this->args[ $handle ]; } $src = $obj->src; $inline_style = $this->print_inline_style( $handle, false ); if ( $inline_style ) { $inline_style_tag = sprintf( "\n", esc_attr( $handle ), $this->type_attr, $inline_style ); } else { $inline_style_tag = ''; } if ( $this->do_concat ) { if ( $this->in_default_dir( $src ) && ! isset( $obj->extra['alt'] ) ) { $this->concat .= "$handle,"; $this->concat_version .= "$handle$ver"; $this->print_code .= $inline_style; return true; } } if ( isset( $obj->args ) ) { $media = $obj->args; } else { $media = 'all'; } // A single item may alias a set of items, by having dependencies, but no source. if ( ! $src ) { if ( $inline_style_tag ) { if ( $this->do_concat ) { $this->print_html .= $inline_style_tag; } else { echo $inline_style_tag; } } return true; } $href = $this->_css_href( $src, $ver, $handle ); if ( ! $href ) { return true; } $rel = isset( $obj->extra['alt'] ) && $obj->extra['alt'] ? 'alternate stylesheet' : 'stylesheet'; $title = isset( $obj->extra['title'] ) ? $obj->extra['title'] : ''; $tag = sprintf( "\n", $rel, esc_attr( $handle ), $title ? sprintf( " title='%s'", esc_attr( $title ) ) : '', $href, $this->type_attr, esc_attr( $media ) ); /** * Filters the HTML link tag of an enqueued style. * * @since 2.6.0 * @since 4.3.0 Introduced the `$href` parameter. * @since 4.5.0 Introduced the `$media` parameter. * * @param string $tag The link tag for the enqueued style. * @param string $handle The style's registered handle. * @param string $href The stylesheet's source URL. * @param string $media The stylesheet's media attribute. */ $tag = apply_filters( 'style_loader_tag', $tag, $handle, $href, $media ); if ( 'rtl' === $this->text_direction && isset( $obj->extra['rtl'] ) && $obj->extra['rtl'] ) { if ( is_bool( $obj->extra['rtl'] ) || 'replace' === $obj->extra['rtl'] ) { $suffix = isset( $obj->extra['suffix'] ) ? $obj->extra['suffix'] : ''; $rtl_href = str_replace( "{$suffix}.css", "-rtl{$suffix}.css", $this->_css_href( $src, $ver, "$handle-rtl" ) ); } else { $rtl_href = $this->_css_href( $obj->extra['rtl'], $ver, "$handle-rtl" ); } $rtl_tag = sprintf( "\n", $rel, esc_attr( $handle ), $title ? sprintf( " title='%s'", esc_attr( $title ) ) : '', $rtl_href, $this->type_attr, esc_attr( $media ) ); /** This filter is documented in wp-includes/class-wp-styles.php */ $rtl_tag = apply_filters( 'style_loader_tag', $rtl_tag, $handle, $rtl_href, $media ); if ( 'replace' === $obj->extra['rtl'] ) { $tag = $rtl_tag; } else { $tag .= $rtl_tag; } } if ( $this->do_concat ) { $this->print_html .= $tag; if ( $inline_style_tag ) { $this->print_html .= $inline_style_tag; } } else { echo $tag; $this->print_inline_style( $handle ); } return true; } /** * Adds extra CSS styles to a registered stylesheet. * * @since 3.3.0 * * @param string $handle The style's registered handle. * @param string $code String containing the CSS styles to be added. * @return bool True on success, false on failure. */ public function add_inline_style( $handle, $code ) { if ( ! $code ) { return false; } $after = $this->get_data( $handle, 'after' ); if ( ! $after ) { $after = array(); } $after[] = $code; return $this->add_data( $handle, 'after', $after ); } /** * Prints extra CSS styles of a registered stylesheet. * * @since 3.3.0 * * @param string $handle The style's registered handle. * @param bool $display Optional. Whether to print the inline style * instead of just returning it. Default true. * @return string|bool False if no data exists, inline styles if `$display` is true, * true otherwise. */ public function print_inline_style( $handle, $display = true ) { $output = $this->get_data( $handle, 'after' ); if ( empty( $output ) || ! is_array( $output ) ) { return false; } if ( ! $this->do_concat ) { // Obtain the original `src` for a stylesheet possibly inlined by wp_maybe_inline_styles(). $inlined_src = $this->get_data( $handle, 'inlined_src' ); // If there's only one `after` inline style, and that inline style had been inlined, then use the $inlined_src // as the sourceURL. Otherwise, if there is more than one inline `after` style associated with the handle, // then resort to using the handle to construct the sourceURL since there isn't a single source. if ( count( $output ) === 1 && is_string( $inlined_src ) && strlen( $inlined_src ) > 0 ) { $source_url = esc_url_raw( $inlined_src ); } else { $source_url = rawurlencode( "{$handle}-inline-css" ); } $output[] = sprintf( '/*# sourceURL=%s */', $source_url ); } $output = implode( "\n", $output ); if ( ! $display ) { return $output; } printf( "\n", esc_attr( $handle ), $this->type_attr, $output ); return true; } /** * Overrides the add_data method from WP_Dependencies, to allow unsetting dependencies for conditional styles. * * @since 6.9.0 * * @param string $handle Name of the item. Should be unique. * @param string $key The data key. * @param mixed $value The data value. * @return bool True on success, false on failure. */ public function add_data( $handle, $key, $value ) { if ( ! isset( $this->registered[ $handle ] ) ) { return false; } if ( 'conditional' === $key ) { $this->registered[ $handle ]->deps = array(); } return parent::add_data( $handle, $key, $value ); } /** * Determines style dependencies. * * @since 2.6.0 * * @see WP_Dependencies::all_deps() * * @param string|string[] $handles Item handle (string) or item handles (array of strings). * @param bool $recursion Optional. Internal flag that function is calling itself. * Default false. * @param int|false $group Optional. Group level: level (int), no groups (false). * Default false. * @return bool True on success, false on failure. */ public function all_deps( $handles, $recursion = false, $group = false ) { $result = parent::all_deps( $handles, $recursion, $group ); if ( ! $recursion ) { /** * Filters the array of enqueued styles before processing for output. * * @since 2.6.0 * * @param string[] $to_do The list of enqueued style handles about to be processed. */ $this->to_do = apply_filters( 'print_styles_array', $this->to_do ); } return $result; } /** * Generates an enqueued style's fully-qualified URL. * * @since 2.6.0 * * @param string $src The source of the enqueued style. * @param string $ver The version of the enqueued style. * @param string $handle The style's registered handle. * @return string Style's fully-qualified URL. */ public function _css_href( $src, $ver, $handle ) { if ( ! is_bool( $ __( 'Export Users', 'my-plugin' ), * 'description' => __( 'Exports user data to CSV format.', 'my-plugin' ), * 'category' => 'data-export', * 'execute_callback' => 'my_plugin_export_users', * 'permission_callback' => function(): bool { * return current_user_can( 'export' ); * }, * 'input_schema' => array( * 'type' => 'string', * 'enum' => array( 'subscriber', 'contributor', 'author', 'editor', 'administrator' ), * 'description' => __( 'Limits the export to users with this role.', 'my-plugin' ), * 'required' => false, * ), * 'output_schema' => array( * 'type' => 'string', * 'description' => __( 'User data in CSV format.', 'my-plugin' ), * 'required' => true, * ), * 'meta' => array( * 'show_in_rest' => true, * ), * ) * ); * } * add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' ); * * Once registered, abilities can be checked, retrieved, and managed: * * // Checks if an ability is registered, and prints its label. * if ( wp_has_ability( 'my-plugin/export-users' ) ) { * $ability = wp_get_ability( 'my-plugin/export-users' ); * * echo $ability->get_label(); * } * * // Gets all registered abilities. * $all_abilities = wp_get_abilities(); * * // Unregisters when no longer needed. * wp_unregister_ability( 'my-plugin/export-users' ); * * ## Best Practices * * - Always register abilities on the `wp_abilities_api_init` hook. * - Use namespaced ability names to prevent conflicts. * - Implement robust permission checks in permission callbacks. * - Provide an `input_schema` to ensure data integrity and document expected inputs. * - Define an `output_schema` to describe return values and validate responses. * - Return `WP_Error` objects for failures rather than throwing exceptions. * - Use internationalization functions for all user-facing strings. * * @package WordPress * @subpackage Abilities_API * @since 6.9.0 */ declare( strict_types = 1 ); /** * Registers a new ability using the Abilities API. It requires three steps: * * 1. Hook into the `wp_abilities_api_init` action. * 2. Call `wp_register_ability()` with a namespaced name and configuration. * 3. Provide execute and permission callbacks. * * Example: * * function my_plugin_register_abilities(): void { * wp_register_ability( * 'my-plugin/analyze-text', * array( * 'label' => __( 'Analyze Text', 'my-plugin' ), * 'description' => __( 'Performs sentiment analysis on provided text.', 'my-plugin' ), * 'category' => 'text-processing', * 'input_schema' => array( * 'type' => 'string', * 'description' => __( 'The text to be analyzed.', 'my-plugin' ), * 'minLength' => 10, * 'required' => true, * ), * 'output_schema' => array( * 'type' => 'string', * 'enum' => array( 'positive', 'negative', 'neutral' ), * 'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ), * 'required' => true, * ), * 'execute_callback' => 'my_plugin_analyze_text', * 'permission_callback' => 'my_plugin_can_analyze_text', * 'meta' => array( * 'annotations' => array( * 'readonly' => true, * ), * 'show_in_rest' => true, * ), * ) * ); * } * add_action( 'wp_abilities_api_init', 'my_plugin_register_abilities' ); * * ### Naming Conventions * * Ability names must follow these rules: * * - Include a namespace prefix (e.g., `my-plugin/my-ability`). * - Use only lowercase alphanumeric characters, dashes, and forward slashes. * - Use descriptive, action-oriented names (e.g., `process-payment`, `generate-report`). * * ### Categories * * Abilities must be organized into categories. Ability categories provide better * discoverability and must be registered before the abilities that reference them: * * function my_plugin_register_categories(): void { * wp_register_ability_category( * 'text-processing', * array( * 'label' => __( 'Text Processing', 'my-plugin' ), * 'description' => __( 'Abilities for analyzing and transforming text.', 'my-plugin' ), * ) * ); * } * add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' ); * * ### Input and Output Schemas * * Schemas define the expected structure, type, and constraints for ability inputs * and outputs using JSON Schema syntax. They serve two critical purposes: automatic * validation of data passed to and returned from abilities, and self-documenting * API contracts for developers. * * WordPress implements a validator based on a subset of the JSON Schema Version 4 * specification (https://json-schema.org/specification-links.html#draft-4). * For details on supported JSON Schema properties and syntax, see the * related WordPress REST API Schema documentation: * https://developer.wordpress.org/rest-api/extending-the-rest-api/schema/#json-schema-basics * * Defining schemas is mandatory when there is a value to pass or return. * They ensure data integrity, improve developer experience, and enable * better documentation: * * 'input_schema' => array( * 'type' => 'string', * 'description' => __( 'The text to be analyzed.', 'my-plugin' ), * 'minLength' => 10, * 'required' => true, * ), * 'output_schema' => array( * 'type' => 'string', * 'enum' => array( 'positive', 'negative', 'neutral' ), * 'description' => __( 'The sentiment result: positive, negative, or neutral.', 'my-plugin' ), * 'required' => true, * ), * * ### Callbacks * * #### Execute Callback * * The execute callback performs the ability's core functionality. It receives * optional input data and returns either a result or `WP_Error` on failure. * * function my_plugin_analyze_text( string $input ): string|WP_Error { * $score = My_Plugin::perform_sentiment_analysis( $input ); * if ( is_wp_error( $score ) ) { * return $score; * } * return My_Plugin::interpret_sentiment_score( $score ); * } * * #### Permission Callback * * The permission callback determines whether the ability can be executed. * It receives the same input as the execute callback and must return a * boolean or `WP_Error`. Common use cases include checking user capabilities, * validating API keys, or verifying system state: * * function my_plugin_can_analyze_text( string $input ): bool|WP_Error { * return current_user_can( 'edit_posts' ); * } * * ### REST API Integration * * Abilities can be exposed through the REST API by setting `show_in_rest` * to `true` in the meta configuration: * * 'meta' => array( * 'show_in_rest' => true, * ), * * This allows abilities to be invoked via HTTP requests to the WordPress REST API. * * @since 6.9.0 * * @see WP_Abilities_Registry::register() * @see wp_register_ability_category() * @see wp_unregister_ability() * * @param string $name The name of the ability. Must be a namespaced string containing * a prefix, e.g., `my-plugin/my-ability`. Can only contain lowercase * alphanumeric characters, dashes, and forward slashes. * @param array $args { * An associative array of arguments for configuring the ability. * * @type string $label Required. The human-readable label for the ability. * @type string $description Required. A detailed description of what the ability does * and when it should be used. * @type string $category Required. The ability category slug this ability belongs to. * The ability category must be registered via `wp_register_ability_category()` * before registering the ability. * @type callable $execute_callback Required. A callback function to execute when the ability is invoked. * Receives optional mixed input data and must return either a result * value (any type) or a `WP_Error` object on failure. * @type callable $permission_callback Required. A callback function to check permissions before execution. * Receives optional mixed input data (same as `execute_callback`) and * must return `true`/`false` for simple checks, or `WP_Error` for * detailed error responses. * @type array $input_schema Optional. JSON Schema definition for validating the ability's input. * Must be a valid JSON Schema object defining the structure and * constraints for input data. Used for automatic validation and * API documentation. * @type array $output_schema Optional. JSON Schema definition for the ability's output. * Describes the structure of successful return values from * `execute_callback`. Used for documentation and validation. * @type array $meta { * Optional. Additional metadata for the ability. * * @type array $annotations { * Optional. Semantic annotations describing the ability's behavioral characteristics. * These annotations are hints for tooling and documentation. * * @type bool|null $readonly Optional. If true, the ability does not modify its environment. * @type bool|null $destructive Optional. If true, the ability may perform destructive updates to its environment. * If false, the ability performs only additive updates. * @type bool|null $idempotent Optional. If true, calling the ability repeatedly with the same arguments * will have no additional effect on its environment. * } * @type bool $show_in_rest Optional. Whether to expose this ability in the REST API. * When true, the ability can be invoked via HTTP requests. * Default false. * } * @type string $ability_class Optional. Fully-qualified custom class name to instantiate * instead of the default `WP_Ability` class. The custom class * must extend `WP_Ability`. Useful for advanced customization * of ability behavior. * } * @return WP_Ability|null The registered ability instance on success, `null` on failure. */ function wp_register_ability( string $name, array $args ): ?WP_Ability { if ( ! doing_action( 'wp_abilities_api_init' ) ) { _doing_it_wrong( __FUNCTION__, sprintf( /* translators: 1: wp_abilities_api_init, 2: string value of the ability name. */ __( 'Abilities must be registered on the %1$s action. The ability %2$s was not registered.' ), 'wp_abilities_api_init', '' . esc_html( $name ) . '' ), '6.9.0' ); return null; } $registry = WP_Abilities_Registry::get_instance(); if ( null === $registry ) { return null; } return $registry->register( $name, $args ); } /** * Unregisters an ability from the Abilities API. * * Removes a previously registered ability from the global registry. Use this to * disable abilities provided by other plugins or when an ability is no longer needed. * * Can be called at any time after the ability has been registered. * * Example: * * if ( wp_has_ability( 'other-plugin/some-ability' ) ) { * wp_unregister_ability( 'other-plugin/some-ability' ); * } * * @since 6.9.0 * * @see WP_Abilities_Registry::unregister() * @see wp_register_ability() * * @param string $name The name of the ability to unregister, including namespace prefix * (e.g., 'my-plugin/my-ability'). * @return WP_Ability|null The unregistered ability instance on success, `null` on failure. */ function wp_unregister_ability( string $name ): ?WP_Ability { $registry = WP_Abilities_Registry::get_instance(); if ( null === $registry ) { return null; } return $registry->unregister( $name ); } /** * Checks if an ability is registered. * * Use this for conditional logic and feature detection before attempting to * retrieve or use an ability. * * Example: * * // Displays different UI based on available abilities. * if ( wp_has_ability( 'premium-plugin/advanced-export' ) ) { * echo 'Export with Premium Features'; * } else { * echo 'Basic Export'; * } * * @since 6.9.0 * * @see WP_Abilities_Registry::is_registered() * @see wp_get_ability() * * @param string $name The name of the ability to check, including namespace prefix * (e.g., 'my-plugin/my-ability'). * @return bool `true` if the ability is registered, `false` otherwise. */ function wp_has_ability( string $name ): bool { $registry = WP_Abilities_Registry::get_instance(); if ( null === $registry ) { return false; } return $registry->is_registered( $name ); } /** * Retrieves a registered ability. * * Returns the ability instance for inspection or use. The instance provides access * to the ability's configuration, metadata, and execution methods. * * Example: * * // Prints information about a registered ability. * $ability = wp_get_ability( 'my-plugin/export-data' ); * if ( $ability ) { * echo $ability->get_label() . ': ' . $ability->get_description(); * } * * @since 6.9.0 * * @see WP_Abilities_Registry::get_registered() * @see wp_has_ability() * * @param string $name The name of the ability, including namespace prefix * (e.g., 'my-plugin/my-ability'). * @return WP_Ability|null The registered ability instance, or `null` if not registered. */ function wp_get_ability( string $name ): ?WP_Ability { $registry = WP_Abilities_Registry::get_instance(); if ( null === $registry ) { return null; } return $registry->get_registered( $name ); } /** * Retrieves all registered abilities. * * Returns an array of all ability instances currently registered in the system. * Use this for discovery, debugging, or building administrative interfaces. * * Example: * * // Prints information about all available abilities. * $abilities = wp_get_abilities(); * foreach ( $abilities as $ability ) { * echo $ability->get_label() . ': ' . $ability->get_description() . "\n"; * } * * @since 6.9.0 * * @see WP_Abilities_Registry::get_all_registered() * * @return WP_Ability[] An array of registered WP_Ability instances. Returns an empty * array if no abilities are registered or if the registry is unavailable. */ function wp_get_abilities(): array { $registry = WP_Abilities_Registry::get_instance(); if ( null === $registry ) { return array(); } return $registry->get_all_registered(); } /** * Registers a new ability category. * * Ability categories provide a way to organize and group related abilities for better * discoverability and management. Ability categories must be registered before abilities * that reference them. * * Ability categories must be registered on the `wp_abilities_api_categories_init` action hook. * * Example: * * function my_plugin_register_categories() { * wp_register_ability_category( * 'content-management', * array( * 'label' => __( 'Content Management', 'my-plugin' ), * 'description' => __( 'Abilities for managing and organizing content.', 'my-plugin' ), * ) * ); * } * add_action( 'wp_abilities_api_categories_init', 'my_plugin_register_categories' ); * * @since 6.9.0 * * @see WP_Ability_Categories_Registry::register() * @see wp_register_ability() * @see wp_unregister_ability_category() * * @param string $slug The unique slug for the ability category. Must contain only lowercase * alphanumeric characters and dashes (e.g., 'data-export'). * @param array $args { * An associative array of arguments for the ability category. * * @type string $label Required. The human-readable label for the ability category. * @type string $description Required. A description of what abilities in this category do. * @type array $meta Optional. Additional metadata for the ability category. * } * @return WP_Ability_Category|null The registered ability category instance on success, `null` on failure. */ function wp_register_ability_category( string $slug, array $args ): ?WP_Ability_Category { if ( ! doing_action( 'wp_abilities_api_categories_init' ) ) { _doing_it_wrong( __FUNCTION__, sprintf( /* translators: 1: wp_abilities_api_categories_init, 2: ability category slug. */ __( 'Ability categories must be registered on the %1$s action. The ability category %2$s was not registered.' ), 'wp_abilities_api_categories_init', '' . esc_html( $slug ) . '' ), '6.9.0' ); return null; } $registry = WP_Ability_Categories_Registry::get_instance(); if ( null === $registry ) { return null; } return $registry->register( $slug, $args ); } /** * Unregisters an ability category. * * Removes a previously reg __( 'Site' ), 'description' => __( 'Abilities that retrieve or modify site information and settings.' ), ) ); wp_register_ability_category( 'user', array( 'label' => __( 'User' ), 'description' => __( 'Abilities that retrieve or modify user information and settings.' ), ) ); } /** * Registers the default core abilities. * * @since 6.9.0 * * @return void */ function wp_register_core_abilities(): void { $category_site = 'site'; $category_user = 'user'; $site_info_properties = array( 'name' => array( 'type' => 'string', 'description' => __( 'The site title.' ), ), 'description' => array( 'type' => 'string', 'description' => __( 'The site tagline.' ), ), 'url' => array( 'type' => 'string', 'description' => __( 'The site home URL.' ), ), 'wpurl' => array( 'type' => 'string', 'description' => __( 'The WordPress installation URL.' ), ), 'admin_email' => array( 'type' => 'string', 'description' => __( 'The site administrator email address.' ), ), 'charset' => array( 'type' => 'string', 'description' => __( 'The site character encoding.' ), ), 'language' => array( 'type' => 'string', 'description' => __( 'The site language locale code.' ), ), 'version' => array( 'type' => 'string', 'description' => __( 'The WordPress version.' ), ), ); $site_info_fields = array_keys( $site_info_properties ); wp_register_ability( 'core/get-site-info', array( 'label' => __( 'Get Site Information' ), 'description' => __( 'Returns site information configured in WordPress. By default returns all fields, or optionally a filtered subset.' ), 'category' => $category_site, 'input_schema' => array( 'type' => 'object', 'properties' => array( 'fields' => array( 'type' => 'array', 'items' => array( 'type' => 'string', 'enum' => $site_info_fields, ), 'description' => __( 'Optional: Limit response to specific fields. If omitted, all fields are returned.' ), ), ), 'additionalProperties' => false, 'default' => array(), ), 'output_schema' => array( 'type' => 'object', 'properties' => $site_info_properties, 'additionalProperties' => false, ), 'execute_callback' => static function ( $input = array() ) use ( $site_info_fields ): array { $input = is_array( $input ) ? $input : array(); $requested_fields = ! empty( $input['fields'] ) ? $input['fields'] : $site_info_fields; $result = array(); foreach ( $requested_fields as $field ) { $result[ $field ] = get_bloginfo( $field ); } return $result; }, 'permission_callback' => static function (): bool { return current_user_can( 'manage_options' ); }, 'meta' => array( 'annotations' => array( 'readonly' => true, 'destructive' => false, 'idempotent' => true, ), 'show_in_rest' => true, ), ) ); wp_register_ability( 'core/get-user-info', array( 'label' => __( 'Get User Information' ), 'description' => __( 'Returns basic profile details for the current authenticated user to support personalization, auditing, and access-aware behavior.' ), 'category' => $category_user, 'output_schema' => array( 'type' => 'object', 'required' => array( 'id', 'display_name', 'user_nicename', 'user_login', 'roles', 'locale' ), 'properties' => array( 'id' => array( 'type' => 'integer', 'description' => __( 'The user ID.' ), ), 'display_name' => array( 'type' => 'string', 'description' => __( 'The display name of the user.' ), ), 'user_nicename' => array( 'type'