mp-wp/wp-includes/formatting.php [mp-wp

mp-wp/wp-includes/formatting.php

1	<?php
2	/**
3	* Main Wordpress Formatting API.
4	*
5	* Handles many functions for formatting output.
6	*
7	* @package WordPress
8	**/
9
10	/**
11	* Replaces common plain text characters into formatted entities
12	*
13	* As an example,
14	* <code>
15	* 'cause today's effort makes it worth tomorrow's "holiday"...
16	* </code>
17	* Becomes:
18	* <code>
19	* ’cause today’s effort makes it worth tomorrow’s “holiday”…
20	* </code>
21	* Code within certain html blocks are skipped.
22	*
23	* @since 0.71
24	* @uses $wp_cockneyreplace Array of formatted entities for certain common phrases
25	*
26	* @param string $text The text to be formatted
27	* @return string The string replaced with html entities
28	*/
29	function wptexturize($text) {
30	/* global $wp_cockneyreplace;
31	$next = true;
32	$has_pre_parent = false;
33	$output = '';
34	$curl = '';
35	$textarr = preg_split('/(<.>\|\[.\])/Us', $text, -1, PREG_SPLIT_DELIM_CAPTURE);
36	$stop = count($textarr);
37
38	// if a plugin has provided an autocorrect array, use it
39	if ( isset($wp_cockneyreplace) ) {
40	$cockney = array_keys($wp_cockneyreplace);
41	$cockneyreplace = array_values($wp_cockneyreplace);
42	} else {
43	$cockney = array("'tain't","'twere","'twas","'tis","'twill","'til","'bout","'nuff","'round","'cause");
44	$cockneyreplace = array("’tain’t","’twere","’twas","’tis","’twill","’til","’bout","’nuff","’round","’cause");
45	}
46
47	$static_characters = array_merge(array('---', ' -- ', '--', 'xn–', '...', '``', '\'s', '\'\'', ' (tm)'), $cockney);
48	$static_replacements = array_merge(array('—', ' — ', '–', 'xn--', '…', '“', '’s', '”', ' ™'), $cockneyreplace);
49
50	$dynamic_characters = array('/\'(\d\d(?:’\|\')?s)/', '/(\s\|\A\|")\'/', '/(\d+)"/', '/(\d+)\'/', '/(\S)\'([^\'\s])/', '/(\s\|\A)"(?!\s)/', '/"(\s\|\S\|\Z)/', '/\'([\s.]\|\Z)/', '/(\d+)x(\d+)/');
51	$dynamic_replacements = array('’$1','$1‘', '$1″', '$1′', '$1’$2', '$1“$2', '”$1', '’$1', '$1×$2');
52
53	for ( $i = 0; $i < $stop; $i++ ) {
54	$curl = $textarr[$i];
55
56	if ( !empty($curl) && '<' != $curl{0} && '[' != $curl{0} && $next && !$has_pre_parent) { // If it's not a tag
57	// static strings
58	$curl = str_replace($static_characters, $static_replacements, $curl);
59	// regular expressions
60	$curl = preg_replace($dynamic_characters, $dynamic_replacements, $curl);
61	} elseif (strpos($curl, '<code') !== false \|\| strpos($curl, '<kbd') !== false \|\| strpos($curl, '<style') !== false \|\| strpos($curl, '<script') !== false) {
62	$next = false;
63	} elseif (strpos($curl, '<pre') !== false) {
64	$has_pre_parent = true;
65	} elseif (strpos($curl, '</pre>') !== false) {
66	$has_pre_parent = false;
67	} else {
68	$next = true;
69	}
70
71	$curl = preg_replace('/&([^#])(?![a-zA-Z1-4]{1,8};)/', '&$1', $curl);
72	$output .= $curl;
73	}
74
75	return $output;
76	*/
77	return $text;
78	}
79
80	/**
81	* Accepts matches array from preg_replace_callback in wpautop() or a string.
82	*
83	* Ensures that the contents of a <<pre>>...<</pre>> HTML block are not
84	* converted into paragraphs or line-breaks.
85	*
86	* @since 1.2.0
87	*
88	* @param array\|string $matches The array or string
89	* @return string The pre block without paragraph/line-break conversion.
90	*/
91	function clean_pre($matches) {
92	if ( is_array($matches) )
93	$text = $matches[1] . $matches[2] . "</pre>";
94	else
95	$text = $matches;
96
97	$text = str_replace('<br />', '', $text);
98	$text = str_replace('<p>', "\n", $text);
99	$text = str_replace('</p>', '', $text);
100
101	return $text;
102	}
103
104	/**
105	* Replaces double line-breaks with paragraph elements.
106	*
107	* A group of regex replaces used to identify text formatted with newlines and
108	* replace double line-breaks with HTML paragraph tags. The remaining
109	* line-breaks after conversion become <<br />> tags, unless $br is set to '0'
110	* or 'false'.
111	*
112	* @since 0.71
113	*
114	* @param string $pee The text which has to be formatted.
115	* @param int\|bool $br Optional. If set, this will convert all remaining line-breaks after paragraphing. Default true.
116	* @return string Text which has been converted into correct paragraph tags.
117	*/
118	function wpautop($pee, $br = 1) {
119	$pee = $pee . "\n"; // just to make things a little easier, pad the end
120	$pee = preg_replace('\|<br />\s*<br />\|', "\n\n", $pee);
121	// Space things out a little
122	$allblocks = '(?:table\|thead\|tfoot\|caption\|colgroup\|tbody\|tr\|td\|th\|div\|dl\|dd\|dt\|ul\|ol\|li\|pre\|select\|form\|map\|area\|blockquote\|address\|math\|style\|input\|p\|h[1-6]\|hr)';
123	$pee = preg_replace('!(<' . $allblocks . '[^>]*>)!', "\n$1", $pee);
124	$pee = preg_replace('!(</' . $allblocks . '>)!', "$1\n\n", $pee);
125	$pee = str_replace(array("\r\n", "\r"), "\n", $pee); // cross-platform newlines
126	if ( strpos($pee, '<object') !== false ) {
127	$pee = preg_replace('\|\s<param([^>])>\s*\|', "<param$1>", $pee); // no pee inside object/embed
128	$pee = preg_replace('\|\s</embed>\s\|', '</embed>', $pee);
129	}
130	$pee = preg_replace("/\n\n+/", "\n\n", $pee); // take care of duplicates
131	// make paragraphs, including one at the end
132	$pees = preg_split('/\n\s*\n/', $pee, -1, PREG_SPLIT_NO_EMPTY);
133	$pee = '';
134	foreach ( $pees as $tinkle )
135	$pee .= '<p>' . trim($tinkle, "\n") . "</p>\n";
136	$pee = preg_replace('\|<p>\s*?</p>\|', '', $pee); // under certain strange conditions it could create a P of entirely whitespace
137	$pee = preg_replace('!<p>([^<]+)\s?(</(?:div\|address\|form)[^>]>)!', "<p>$1</p>$2", $pee);
138	$pee = preg_replace( '\|<p>\|', "$1<p>", $pee );
139	$pee = preg_replace('!<p>\s(</?' . $allblocks . '[^>]>)\s*</p>!', "$1", $pee); // don't pee all over a tag
140	$pee = preg_replace("\|<p>(<li.+?)</p>\|", "$1", $pee); // problem with nested lists
141	$pee = preg_replace('\|<p><blockquote([^>]*)>\|i', "<blockquote$1><p>", $pee);
142	$pee = str_replace('</blockquote></p>', '</p></blockquote>', $pee);
143	$pee = preg_replace('!<p>\s(</?' . $allblocks . '[^>]>)!', "$1", $pee);
144	$pee = preg_replace('!(</?' . $allblocks . '[^>]>)\s</p>!', "$1", $pee);
145	if ($br) {
146	$pee = preg_replace_callback('/<(script\|style).*?<\/\\1>/s', create_function('$matches', 'return str_replace("\n", "<WPPreserveNewline />", $matches[0]);'), $pee);
147	$pee = preg_replace('\|(?<!<br />)\s*\n\|', "<br />\n", $pee); // optionally make line breaks
148	$pee = str_replace('<WPPreserveNewline />', "\n", $pee);
149	}
150	$pee = preg_replace('!(</?' . $allblocks . '[^>]>)\s<br />!', "$1", $pee);
151	$pee = preg_replace('!<br />(\s</?(?:p\|li\|div\|dl\|dd\|dt\|th\|pre\|td\|ul\|ol)[^>]>)!', '$1', $pee);
152	if (strpos($pee, '<pre') !== false)
153	$pee = preg_replace_callback('!(<pre.?>)(.?)</pre>!is', 'clean_pre', $pee );
154	$pee = preg_replace( "\|\n</p>$\|", '</p>', $pee );
155	$pee = preg_replace('/<p>\s?(' . get_shortcode_regex() . ')\s<\/p>/s', '$1', $pee); // don't auto-p wrap shortcodes that stand alone
156
157	return $pee;
158	}
159
160	/**
161	* Checks to see if a string is utf8 encoded.
162	*
163	* @author bmorel at ssi dot fr
164	*
165	* @since 1.2.1
166	*
167	* @param string $Str The string to be checked
168	* @return bool True if $Str fits a UTF-8 model, false otherwise.
169	*/
170	function seems_utf8($Str) { # by bmorel at ssi dot fr
171	$length = strlen($Str);
172	for ($i=0; $i < $length; $i++) {
173	if (ord($Str[$i]) < 0x80) continue; # 0bbbbbbb
174	elseif ((ord($Str[$i]) & 0xE0) == 0xC0) $n=1; # 110bbbbb
175	elseif ((ord($Str[$i]) & 0xF0) == 0xE0) $n=2; # 1110bbbb
176	elseif ((ord($Str[$i]) & 0xF8) == 0xF0) $n=3; # 11110bbb
177	elseif ((ord($Str[$i]) & 0xFC) == 0xF8) $n=4; # 111110bb
178	elseif ((ord($Str[$i]) & 0xFE) == 0xFC) $n=5; # 1111110b
179	else return false; # Does not match any model
180	for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
181	if ((++$i == $length) \|\| ((ord($Str[$i]) & 0xC0) != 0x80))
182	return false;
183	}
184	}
185	return true;
186	}
187
188	/**
189	* Converts a number of special characters into their HTML entities.
190	*
191	* Differs from htmlspecialchars as existing HTML entities will not be encoded.
192	* Specifically changes: & to &, < to < and > to >.
193	*
194	* $quotes can be set to 'single' to encode ' to ', 'double' to encode " to
195	* ", or '1' to do both. Default is 0 where no quotes are encoded.
196	*
197	* @since 1.2.2
198	*
199	* @param string $text The text which is to be encoded.
200	* @param mixed $quotes Optional. Converts single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default 0.
201	* @return string The encoded text with HTML entities.
202	*/
203	function wp_specialchars( $text, $quotes = 0 ) {
204	// Like htmlspecialchars except don't double-encode HTML entities
205	$text = str_replace('&&', '&&', $text);
206	$text = str_replace('&&', '&&', $text);
207	$text = preg_replace('/&(?:$\|([^#])(?![a-z1-4]{1,8};))/', '&$1', $text);
208	$text = str_replace('<', '<', $text);
209	$text = str_replace('>', '>', $text);
210	if ( 'double' === $quotes ) {
211	$text = str_replace('"', '"', $text);
212	} elseif ( 'single' === $quotes ) {
213	$text = str_replace("'", ''', $text);
214	} elseif ( $quotes ) {
215	$text = str_replace('"', '"', $text);
216	$text = str_replace("'", ''', $text);
217	}
218	return $text;
219	}
220
221	/**
222	* Encode the Unicode values to be used in the URI.
223	*
224	* @since 1.5.0
225	*
226	* @param string $utf8_string
227	* @param int $length Max length of the string
228	* @return string String with Unicode encoded for URI.
229	*/
230	function utf8_uri_encode( $utf8_string, $length = 0 ) {
231	$unicode = '';
232	$values = array();
233	$num_octets = 1;
234	$unicode_length = 0;
235
236	$string_length = strlen( $utf8_string );
237	for ($i = 0; $i < $string_length; $i++ ) {
238
239	$value = ord( $utf8_string[ $i ] );
240
241	if ( $value < 128 ) {
242	if ( $length && ( $unicode_length >= $length ) )
243	break;
244	$unicode .= chr($value);
245	$unicode_length++;
246	} else {
247	if ( count( $values ) == 0 ) $num_octets = ( $value < 224 ) ? 2 : 3;
248
249	$values[] = $value;
250
251	if ( $length && ( $unicode_length + ($num_octets * 3) ) > $length )
252	break;
253	if ( count( $values ) == $num_octets ) {
254	if ($num_octets == 3) {
255	$unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]) . '%' . dechex($values[2]);
256	$unicode_length += 9;
257	} else {
258	$unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]);
259	$unicode_length += 6;
260	}
261
262	$values = array();
263	$num_octets = 1;
264	}
265	}
266	}
267
268	return $unicode;
269	}
270
271	/**
272	* Converts all accent characters to ASCII characters.
273	*
274	* If there are no accent characters, then the string given is just returned.
275	*
276	* @since 1.2.1
277	*
278	* @param string $string Text that might have accent characters
279	* @return string Filtered string with replaced "nice" characters.
280	*/
281	function remove_accents($string) {
282	if ( !preg_match('/[\x80-\xff]/', $string) )
283	return $string;
284
285	if (seems_utf8($string)) {
286	$chars = array(
287	// Decompositions for Latin-1 Supplement
288	chr(195).chr(128) => 'A', chr(195).chr(129) => 'A',
289	chr(195).chr(130) => 'A', chr(195).chr(131) => 'A',
290	chr(195).chr(132) => 'A', chr(195).chr(133) => 'A',
291	chr(195).chr(135) => 'C', chr(195).chr(136) => 'E',
292	chr(195).chr(137) => 'E', chr(195).chr(138) => 'E',
293	chr(195).chr(139) => 'E', chr(195).chr(140) => 'I',
294	chr(195).chr(141) => 'I', chr(195).chr(142) => 'I',
295	chr(195).chr(143) => 'I', chr(195).chr(145) => 'N',
296	chr(195).chr(146) => 'O', chr(195).chr(147) => 'O',
297	chr(195).chr(148) => 'O', chr(195).chr(149) => 'O',
298	chr(195).chr(150) => 'O', chr(195).chr(153) => 'U',
299	chr(195).chr(154) => 'U', chr(195).chr(155) => 'U',
300	chr(195).chr(156) => 'U', chr(195).chr(157) => 'Y',
301	chr(195).chr(159) => 's', chr(195).chr(160) => 'a',
302	chr(195).chr(161) => 'a', chr(195).chr(162) => 'a',
303	chr(195).chr(163) => 'a', chr(195).chr(164) => 'a',
304	chr(195).chr(165) => 'a', chr(195).chr(167) => 'c',
305	chr(195).chr(168) => 'e', chr(195).chr(169) => 'e',
306	chr(195).chr(170) => 'e', chr(195).chr(171) => 'e',
307	chr(195).chr(172) => 'i', chr(195).chr(173) => 'i',
308	chr(195).chr(174) => 'i', chr(195).chr(175) => 'i',
309	chr(195).chr(177) => 'n', chr(195).chr(178) => 'o',
310	chr(195).chr(179) => 'o', chr(195).chr(180) => 'o',
311	chr(195).chr(181) => 'o', chr(195).chr(182) => 'o',
312	chr(195).chr(182) => 'o', chr(195).chr(185) => 'u',
313	chr(195).chr(186) => 'u', chr(195).chr(187) => 'u',
314	chr(195).chr(188) => 'u', chr(195).chr(189) => 'y',
315	chr(195).chr(191) => 'y',
316	// Decompositions for Latin Extended-A
317	chr(196).chr(128) => 'A', chr(196).chr(129) => 'a',
318	chr(196).chr(130) => 'A', chr(196).chr(131) => 'a',
319	chr(196).chr(132) => 'A', chr(196).chr(133) => 'a',
320	chr(196).chr(134) => 'C', chr(196).chr(135) => 'c',
321	chr(196).chr(136) => 'C', chr(196).chr(137) => 'c',
322	chr(196).chr(138) => 'C', chr(196).chr(139) => 'c',
323	chr(196).chr(140) => 'C', chr(196).chr(141) => 'c',
324	chr(196).chr(142) => 'D', chr(196).chr(143) => 'd',
325	chr(196).chr(144) => 'D', chr(196).chr(145) => 'd',
326	chr(196).chr(146) => 'E', chr(196).chr(147) => 'e',
327	chr(196).chr(148) => 'E', chr(196).chr(149) => 'e',
328	chr(196).chr(150) => 'E', chr(196).chr(151) => 'e',
329	chr(196).chr(152) => 'E', chr(196).chr(153) => 'e',
330	chr(196).chr(154) => 'E', chr(196).chr(155) => 'e',
331	chr(196).chr(156) => 'G', chr(196).chr(157) => 'g',
332	chr(196).chr(158) => 'G', chr(196).chr(159) => 'g',
333	chr(196).chr(160) => 'G', chr(196).chr(161) => 'g',
334	chr(196).chr(162) => 'G', chr(196).chr(163) => 'g',
335	chr(196).chr(164) => 'H', chr(196).chr(165) => 'h',
336	chr(196).chr(166) => 'H', chr(196).chr(167) => 'h',
337	chr(196).chr(168) => 'I', chr(196).chr(169) => 'i',
338	chr(196).chr(170) => 'I', chr(196).chr(171) => 'i',
339	chr(196).chr(172) => 'I', chr(196).chr(173) => 'i',
340	chr(196).chr(174) => 'I', chr(196).chr(175) => 'i',
341	chr(196).chr(176) => 'I', chr(196).chr(177) => 'i',
342	chr(196).chr(178) => 'IJ',chr(196).chr(179) => 'ij',
343	chr(196).chr(180) => 'J', chr(196).chr(181) => 'j',
344	chr(196).chr(182) => 'K', chr(196).chr(183) => 'k',
345	chr(196).chr(184) => 'k', chr(196).chr(185) => 'L',
346	chr(196).chr(186) => 'l', chr(196).chr(187) => 'L',
347	chr(196).chr(188) => 'l', chr(196).chr(189) => 'L',
348	chr(196).chr(190) => 'l', chr(196).chr(191) => 'L',
349	chr(197).chr(128) => 'l', chr(197).chr(129) => 'L',
350	chr(197).chr(130) => 'l', chr(197).chr(131) => 'N',
351	chr(197).chr(132) => 'n', chr(197).chr(133) => 'N',
352	chr(197).chr(134) => 'n', chr(197).chr(135) => 'N',
353	chr(197).chr(136) => 'n', chr(197).chr(137) => 'N',
354	chr(197).chr(138) => 'n', chr(197).chr(139) => 'N',
355	chr(197).chr(140) => 'O', chr(197).chr(141) => 'o',
356	chr(197).chr(142) => 'O', chr(197).chr(143) => 'o',
357	chr(197).chr(144) => 'O', chr(197).chr(145) => 'o',
358	chr(197).chr(146) => 'OE',chr(197).chr(147) => 'oe',
359	chr(197).chr(148) => 'R',chr(197).chr(149) => 'r',
360	chr(197).chr(150) => 'R',chr(197).chr(151) => 'r',
361	chr(197).chr(152) => 'R',chr(197).chr(153) => 'r',
362	chr(197).chr(154) => 'S',chr(197).chr(155) => 's',
363	chr(197).chr(156) => 'S',chr(197).chr(157) => 's',
364	chr(197).chr(158) => 'S',chr(197).chr(159) => 's',
365	chr(197).chr(160) => 'S', chr(197).chr(161) => 's',
366	chr(197).chr(162) => 'T', chr(197).chr(163) => 't',
367	chr(197).chr(164) => 'T', chr(197).chr(165) => 't',
368	chr(197).chr(166) => 'T', chr(197).chr(167) => 't',
369	chr(197).chr(168) => 'U', chr(197).chr(169) => 'u',
370	chr(197).chr(170) => 'U', chr(197).chr(171) => 'u',
371	chr(197).chr(172) => 'U', chr(197).chr(173) => 'u',
372	chr(197).chr(174) => 'U', chr(197).chr(175) => 'u',
373	chr(197).chr(176) => 'U', chr(197).chr(177) => 'u',
374	chr(197).chr(178) => 'U', chr(197).chr(179) => 'u',
375	chr(197).chr(180) => 'W', chr(197).chr(181) => 'w',
376	chr(197).chr(182) => 'Y', chr(197).chr(183) => 'y',
377	chr(197).chr(184) => 'Y', chr(197).chr(185) => 'Z',
378	chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z',
379	chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z',
380	chr(197).chr(190) => 'z', chr(197).chr(191) => 's',
381	// Euro Sign
382	chr(226).chr(130).chr(172) => 'E',
383	// GBP (Pound) Sign
384	chr(194).chr(163) => '');
385
386	$string = strtr($string, $chars);
387	} else {
388	// Assume ISO-8859-1 if not UTF-8
389	$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
390	.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
391	.chr(195).chr(196).chr(197).chr(199).chr(200).chr(201).chr(202)
392	.chr(203).chr(204).chr(205).chr(206).chr(207).chr(209).chr(210)
393	.chr(211).chr(212).chr(213).chr(214).chr(216).chr(217).chr(218)
394	.chr(219).chr(220).chr(221).chr(224).chr(225).chr(226).chr(227)
395	.chr(228).chr(229).chr(231).chr(232).chr(233).chr(234).chr(235)
396	.chr(236).chr(237).chr(238).chr(239).chr(241).chr(242).chr(243)
397	.chr(244).chr(245).chr(246).chr(248).chr(249).chr(250).chr(251)
398	.chr(252).chr(253).chr(255);
399
400	$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
401
402	$string = strtr($string, $chars['in'], $chars['out']);
403	$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
404	$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
405	$string = str_replace($double_chars['in'], $double_chars['out'], $string);
406	}
407
408	return $string;
409	}
410
411	/**
412	* Filters certain characters from the file name.
413	*
414	* Turns all strings to lowercase removing most characters except alphanumeric
415	* with spaces, dashes and periods. All spaces and underscores are converted to
416	* dashes. Multiple dashes are converted to a single dash. Finally, if the file
417	* name ends with a dash, it is removed.
418	*
419	* @since 2.1.0
420	*
421	* @param string $name The file name
422	* @return string Sanitized file name
423	*/
424	function sanitize_file_name( $name ) { // Like sanitize_title, but with periods
425	$name = strtolower( $name );
426	$name = preg_replace('/&.+?;/', '', $name); // kill entities
427	$name = str_replace( '_', '-', $name );
428	$name = preg_replace('/[^a-z0-9\s-.]/', '', $name);
429	$name = preg_replace('/\s+/', '-', $name);
430	$name = preg_replace('\|-+\|', '-', $name);
431	$name = trim($name, '-');
432	return $name;
433	}
434
435	/**
436	* Sanitize username stripping out unsafe characters.
437	*
438	* If $strict is true, only alphanumeric characters (as well as _, space, ., -,
439	* @) are returned.
440	* Removes tags, octets, entities, and if strict is enabled, will remove all
441	* non-ASCII characters. After sanitizing, it passes the username, raw username
442	* (the username in the parameter), and the strict parameter as parameters for
443	* the filter.
444	*
445	* @since 2.0.0
446	* @uses apply_filters() Calls 'sanitize_user' hook on username, raw username,
447	* and $strict parameter.
448	*
449	* @param string $username The username to be sanitized.
450	* @param bool $strict If set limits $username to specific characters. Default false.
451	* @return string The sanitized username, after passing through filters.
452	*/
453	function sanitize_user( $username, $strict = false ) {
454	$raw_username = $username;
455	$username = strip_tags($username);
456	// Kill octets
457	$username = preg_replace('\|%([a-fA-F0-9][a-fA-F0-9])\|', '', $username);
458	$username = preg_replace('/&.+?;/', '', $username); // Kill entities
459
460	// If strict, reduce to ASCII for max portability.
461	if ( $strict )
462	$username = preg_replace('\|[^a-z0-9 _.\-@]\|i', '', $username);
463
464	// Consolidate contiguous whitespace
465	$username = preg_replace('\|\s+\|', ' ', $username);
466
467	return apply_filters('sanitize_user', $username, $raw_username, $strict);
468	}
469
470	/**
471	* Sanitizes title or use fallback title.
472	*
473	* Specifically, HTML and PHP tags are stripped. Further actions can be added
474	* via the plugin API. If $title is empty and $fallback_title is set, the latter
475	* will be used.
476	*
477	* @since 1.0.0
478	*
479	* @param string $title The string to be sanitized.
480	* @param string $fallback_title Optional. A title to use if $title is empty.
481	* @return string The sanitized string.
482	*/
483	function sanitize_title($title, $fallback_title = '') {
484	$title = strip_tags($title);
485	$title = apply_filters('sanitize_title', $title);
486
487	if ( '' === $title \|\| false === $title )
488	$title = $fallback_title;
489
490	return $title;
491	}
492
493	/**
494	* Sanitizes title, replacing whitespace with dashes.
495	*
496	* Limits the output to alphanumeric characters, underscore (_) and dash (-).
497	* Whitespace becomes a dash.
498	*
499	* @since 1.2.0
500	*
501	* @param string $title The title to be sanitized.
502	* @return string The sanitized title.
503	*/
504	function sanitize_title_with_dashes($title) {
505	$title = strip_tags($title);
506	// Preserve escaped octets.
507	$title = preg_replace('\|%([a-fA-F0-9][a-fA-F0-9])\|', '---$1---', $title);
508	// Remove percent signs that are not part of an octet.
509	$title = str_replace('%', '', $title);
510	// Restore octets.
511	$title = preg_replace('\|---([a-fA-F0-9][a-fA-F0-9])---\|', '%$1', $title);
512
513	$title = remove_accents($title);
514	if (seems_utf8($title)) {
515	if (function_exists('mb_strtolower')) {
516	$title = mb_strtolower($title, 'UTF-8');
517	}
518	$title = utf8_uri_encode($title, 200);
519	}
520
521	$title = strtolower($title);
522	$title = preg_replace('/&.+?;/', '', $title); // kill entities
523	$title = preg_replace('/[^%a-z0-9 _-]/', '', $title);
524	$title = preg_replace('/\s+/', '-', $title);
525	$title = preg_replace('\|-+\|', '-', $title);
526	$title = trim($title, '-');
527
528	return $title;
529	}
530
531	/**
532	* Ensures a string is a valid SQL order by clause.
533	*
534	* Accepts one or more columns, with or without ASC/DESC, and also accepts
535	* RAND().
536	*
537	* @since 2.5.1
538	*
539	* @param string $orderby Order by string to be checked.
540	* @return string\|false Returns the order by clause if it is a match, false otherwise.
541	*/
542	function sanitize_sql_orderby( $orderby ){
543	preg_match('/^\s([a-z0-9_]+(\s+(ASC\|DESC))?(\s,\s\|\s$))+\|^\sRAND$\s$\s*$/i', $orderby, $obmatches);
544	if ( !$obmatches )
545	return false;
546	return $orderby;
547	}
548
549	/**
550	* Converts a number of characters from a string.
551	*
552	* Metadata tags <<title>> and <<category>> are removed, <<br>> and <<hr>> are
553	* converted into correct XHTML and Unicode characters are converted to the
554	* valid range.
555	*
556	* @since 0.71
557	*
558	* @param string $content String of characters to be converted.
559	* @param string $deprecated Not used.
560	* @return string Converted string.
561	*/
562	function convert_chars($content, $deprecated = '') {
563	// Translation of invalid Unicode references range to valid range
564	$wp_htmltranswinuni = array(
565	'' => '€', // the Euro sign
566	'' => '',
567	'' => '‚', // these are Windows CP1252 specific characters
568	'' => 'ƒ', // they would look weird on non-Windows browsers
569	'' => '„',
570	'' => '…',
571	'' => '†',
572	'' => '‡',
573	'' => 'ˆ',
574	'' => '‰',
575	'' => 'Š',
576	'' => '‹',
577	'' => 'Œ',
578	'' => '',
579	'' => 'ž',
580	'' => '',
581	'' => '',
582	'' => '‘',
583	'' => '’',
584	'' => '“',
585	'' => '”',
586	'' => '•',
587	'' => '–',
588	'' => '—',
589	'' => '˜',
590	'' => '™',
591	'' => 'š',
592	'' => '›',
593	'' => 'œ',
594	'' => '',
595	'' => '',
596	'' => 'Ÿ'
597	);
598
599	// Remove metadata tags
600	$content = preg_replace('/<title>(.+?)<\/title>/','',$content);
601	$content = preg_replace('/<category>(.+?)<\/category>/','',$content);
602
603	// Converts lone & characters into & (a.k.a. &)
604	$content = preg_replace('/&([^#])(?![a-z1-4]{1,8};)/i', '&$1', $content);
605
606	// Fix Word pasting
607	$content = strtr($content, $wp_htmltranswinuni);
608
609	// Just a little XHTML help
610	$content = str_replace('<br>', '<br />', $content);
611	$content = str_replace('<hr>', '<hr />', $content);
612
613	return $content;
614	}
615
616	/**
617	* Fixes javascript bugs in browsers.
618	*
619	* Converts unicode characters to HTML numbered entities.
620	*
621	* @since 1.5.0
622	* @uses $is_macIE
623	* @uses $is_winIE
624	*
625	* @param string $text Text to be made safe.
626	* @return string Fixed text.
627	*/
628	function funky_javascript_fix($text) {
629	// Fixes for browsers' javascript bugs
630	global $is_macIE, $is_winIE;
631
632	/** @todo use preg_replace_callback() instead */
633	if ( $is_winIE \|\| $is_macIE )
634	$text = preg_replace("/\%u([0-9A-F]{4,4})/e", "'&#'.base_convert('\\1',16,10).';'", $text);
635
636	return $text;
637	}
638
639	/**
640	* Will only balance the tags if forced to and the option is set to balance tags.
641	*
642	* The option 'use_balanceTags' is used for whether the tags will be balanced.
643	* Both the $force parameter and 'use_balanceTags' option will have to be true
644	* before the tags will be balanced.
645	*
646	* @since 0.71
647	*
648	* @param string $text Text to be balanced
649	* @param bool $force Forces balancing, ignoring the value of the option. Default false.
650	* @return string Balanced text
651	*/
652	function balanceTags( $text, $force = false ) {
653	if ( !$force && get_option('use_balanceTags') == 0 )
654	return $text;
655	return force_balance_tags( $text );
656	}
657
658	/**
659	* Balances tags of string using a modified stack.
660	*
661	* @since 2.0.4
662	*
663	* @author Leonard Lin <leonard@acm.org>
664	* @license GPL v2.0
665	* @copyright November 4, 2001
666	* @version 1.1
667	* @todo Make better - change loop condition to $text in 1.2
668	* @internal Modified by Scott Reilly (coffee2code) 02 Aug 2004
669	* 1.1 Fixed handling of append/stack pop order of end text
670	* Added Cleaning Hooks
671	* 1.0 First Version
672	*
673	* @param string $text Text to be balanced.
674	* @return string Balanced text.
675	*/
676	function force_balance_tags( $text ) {
677	$tagstack = array(); $stacksize = 0; $tagqueue = ''; $newtext = '';
678	$single_tags = array('br', 'hr', 'img', 'input'); //Known single-entity/self-closing tags
679	$nestable_tags = array('blockquote', 'div', 'span'); //Tags that can be immediately nested within themselves
680
681	# WP bug fix for comments - in case you REALLY meant to type '< !--'
682	$text = str_replace('< !--', '< !--', $text);
683	# WP bug fix for LOVE <3 (and other situations with '<' before a number)
684	$text = preg_replace('#<([0-9]{1})#', '<$1', $text);
685
686	while (preg_match("/<(\/?\w)\s([^>]*)>/",$text,$regex)) {
687	$newtext .= $tagqueue;
688
689	$i = strpos($text,$regex[0]);
690	$l = strlen($regex[0]);
691
692	// clear the shifter
693	$tagqueue = '';
694	// Pop or Push
695	if ($regex[1][0] == "/") { // End Tag
696	$tag = strtolower(substr($regex[1],1));
697	// if too many closing tags
698	if($stacksize <= 0) {
699	$tag = '';
700	//or close to be safe $tag = '/' . $tag;
701	}
702	// if stacktop value = tag close value then pop
703	else if ($tagstack[$stacksize - 1] == $tag) { // found closing tag
704	$tag = '</' . $tag . '>'; // Close Tag
705	// Pop
706	array_pop ($tagstack);
707	$stacksize--;
708	} else { // closing tag not at top, search for it
709	for ($j=$stacksize-1;$j>=0;$j--) {
710	if ($tagstack[$j] == $tag) {
711	// add tag to tagqueue
712	for ($k=$stacksize-1;$k>=$j;$k--){
713	$tagqueue .= '</' . array_pop ($tagstack) . '>';
714	$stacksize--;
715	}
716	break;
717	}
718	}
719	$tag = '';
720	}
721	} else { // Begin Tag
722	$tag = strtolower($regex[1]);
723
724	// Tag Cleaning
725
726	// If self-closing or '', don't do anything.
727	if((substr($regex[2],-1) == '/') \|\| ($tag == '')) {
728	}
729	// ElseIf it's a known single-entity tag but it doesn't close itself, do so
730	elseif ( in_array($tag, $single_tags) ) {
731	$regex[2] .= '/';
732	} else { // Push the tag onto the stack
733	// If the top of the stack is the same as the tag we want to push, close previous tag
734	if (($stacksize > 0) && !in_array($tag, $nestable_tags) && ($tagstack[$stacksize - 1] == $tag)) {
735	$tagqueue = '</' . array_pop ($tagstack) . '>';
736	$stacksize--;
737	}
738	$stacksize = array_push ($tagstack, $tag);
739	}
740
741	// Attributes
742	$attributes = $regex[2];
743	if($attributes) {
744	$attributes = ' '.$attributes;
745	}
746	$tag = '<'.$tag.$attributes.'>';
747	//If already queuing a close tag, then put this tag on, too
748	if ($tagqueue) {
749	$tagqueue .= $tag;
750	$tag = '';
751	}
752	}
753	$newtext .= substr($text,0,$i) . $tag;
754	$text = substr($text,$i+$l);
755	}
756
757	// Clear Tag Queue
758	$newtext .= $tagqueue;
759
760	// Add Remaining text
761	$newtext .= $text;
762
763	// Empty Stack
764	while($x = array_pop($tagstack)) {
765	$newtext .= '</' . $x . '>'; // Add remaining tags to close
766	}
767
768	// WP fix for the bug with HTML comments
769	$newtext = str_replace("< !--","<!--",$newtext);
770	$newtext = str_replace("< !--","< !--",$newtext);
771
772	return $newtext;
773	}
774
775	/**
776	* Acts on text which is about to be edited.
777	*
778	* Unless $richedit is set, it is simply a holder for the 'format_to_edit'
779	* filter. If $richedit is set true htmlspecialchars() will be run on the
780	* content, converting special characters to HTMl entities.
781	*
782	* @since 0.71
783	*
784	* @param string $content The text about to be edited.
785	* @param bool $richedit Whether or not the $content should pass through htmlspecialchars(). Default false.
786	* @return string The text after the filter (and possibly htmlspecialchars()) has been run.
787	*/
788	function format_to_edit($content, $richedit = false) {
789	$content = apply_filters('format_to_edit', $content);
790	if (! $richedit )
791	$content = htmlspecialchars($content);
792	return $content;
793	}
794
795	/**
796	* Holder for the 'format_to_post' filter.
797	*
798	* @since 0.71
799	*
800	* @param string $content The text to pass through the filter.
801	* @return string Text returned from the 'format_to_post' filter.
802	*/
803	function format_to_post($content) {
804	$content = apply_filters('format_to_post', $content);
805	return $content;
806	}
807
808	/**
809	* Add leading zeros when necessary.
810	*
811	* If you set the threshold to '4' and the number is '10', then you will get
812	* back '0010'. If you set the number to '4' and the number is '5000', then you
813	* will get back '5000'.
814	*
815	* Uses sprintf to append the amount of zeros based on the $threshold parameter
816	* and the size of the number. If the number is large enough, then no zeros will
817	* be appended.
818	*
819	* @since 0.71
820	*
821	* @param mixed $number Number to append zeros to if not greater than threshold.
822	* @param int $threshold Digit places number needs to be to not have zeros added.
823	* @return string Adds leading zeros to number if needed.
824	*/
825	function zeroise($number, $threshold) {
826	return sprintf('%0'.$threshold.'s', $number);
827	}
828
829	/**
830	* Adds backslashes before letters and before a number at the start of a string.
831	*
832	* @since 0.71
833	*
834	* @param string $string Value to which backslashes will be added.
835	* @return string String with backslashes inserted.
836	*/
837	function backslashit($string) {
838	$string = preg_replace('/^([0-9])/', '\\\\\\\\\1', $string);
839	$string = preg_replace('/([a-z])/i', '\\\\\1', $string);
840	return $string;
841	}
842
843	/**
844	* Appends a trailing slash.
845	*
846	* Will remove trailing slash if it exists already before adding a trailing
847	* slash. This prevents double slashing a string or path.
848	*
849	* The primary use of this is for paths and thus should be used for paths. It is
850	* not restricted to paths and offers no specific path support.
851	*
852	* @since 1.2.0
853	* @uses untrailingslashit() Unslashes string if it was slashed already.
854	*
855	* @param string $string What to add the trailing slash to.
856	* @return string String with trailing slash added.
857	*/
858	function trailingslashit($string) {
859	return untrailingslashit($string) . '/';
860	}
861
862	/**
863	* Removes trailing slash if it exists.
864	*
865	* The primary use of this is for paths and thus should be used for paths. It is
866	* not restricted to paths and offers no specific path support.
867	*
868	* @since 2.2.0
869	*
870	* @param string $string What to remove the trailing slash from.
871	* @return string String without the trailing slash.
872	*/
873	function untrailingslashit($string) {
874	return rtrim($string, '/');
875	}
876
877	/**
878	* Adds slashes to escape strings.
879	*
880	* Slashes will first be removed if magic_quotes_gpc is set, see {@link
881	* http://www.php.net/magic_quotes} for more details.
882	*
883	* @since 0.71
884	*
885	* @param string $gpc The string returned from HTTP request data.
886	* @return string Returns a string escaped with slashes.
887	*/
888	function addslashes_gpc($gpc) {
889	global $wpdb;
890
891	if (get_magic_quotes_gpc()) {
892	$gpc = stripslashes($gpc);
893	}
894
895	return $wpdb->escape($gpc);
896	}
897
898	/**
899	* Navigates through an array and removes slashes from the values.
900	*
901	* If an array is passed, the array_map() function causes a callback to pass the
902	* value back to the function. The slashes from this value will removed.
903	*
904	* @since 2.0.0
905	*
906	* @param array\|string $value The array or string to be striped.
907	* @return array\|string Stripped array (or string in the callback).
908	*/
909	function stripslashes_deep($value) {
910	$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
911	return $value;
912	}
913
914	/**
915	* Navigates through an array and encodes the values to be used in a URL.
916	*
917	* Uses a callback to pass the value of the array back to the function as a
918	* string.
919	*
920	* @since 2.2.0
921	*
922	* @param array\|string $value The array or string to be encoded.
923	* @return array\|string $value The encoded array (or string from the callback).
924	*/
925	function urlencode_deep($value) {
926	$value = is_array($value) ? array_map('urlencode_deep', $value) : urlencode($value);
927	return $value;
928	}
929
930	/**
931	* Converts email addresses characters to HTML entities to block spam bots.
932	*
933	* @since 0.71
934	*
935	* @param string $emailaddy Email address.
936	* @param int $mailto Optional. Range from 0 to 1. Used for encoding.
937	* @return string Converted email address.
938	*/
939	function antispambot($emailaddy, $mailto=0) {
940	$emailNOSPAMaddy = '';
941	srand ((float) microtime() * 1000000);
942	for ($i = 0; $i < strlen($emailaddy); $i = $i + 1) {
943	$j = floor(rand(0, 1+$mailto));
944	if ($j==0) {
945	$emailNOSPAMaddy .= '&#'.ord(substr($emailaddy,$i,1)).';';
946	} elseif ($j==1) {
947	$emailNOSPAMaddy .= substr($emailaddy,$i,1);
948	} elseif ($j==2) {
949	$emailNOSPAMaddy .= '%'.zeroise(dechex(ord(substr($emailaddy, $i, 1))), 2);
950	}
951	}
952	$emailNOSPAMaddy = str_replace('@','@',$emailNOSPAMaddy);
953	return $emailNOSPAMaddy;
954	}
955
956	/**
957	* Callback to convert URI match to HTML A element.
958	*
959	* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
960	* make_clickable()}.
961	*
962	* @since 2.3.2
963	* @access private
964	*
965	* @param array $matches Single Regex Match.
966	* @return string HTML A element with URI address.
967	*/
968	function _make_url_clickable_cb($matches) {
969	$ret = '';
970	$url = $matches[2];
971	$url = clean_url($url);
972	if ( empty($url) )
973	return $matches[0];
974	// removed trailing [.,;:] from URL
975	if ( in_array(substr($url, -1), array('.', ',', ';', ':')) === true ) {
976	$ret = substr($url, -1);
977	$url = substr($url, 0, strlen($url)-1);
978	}
979	return $matches[1] . "<a href=\"$url\" rel=\"nofollow\">$url</a>" . $ret;
980	}
981
982	/**
983	* Callback to convert URL match to HTML A element.
984	*
985	* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
986	* make_clickable()}.
987	*
988	* @since 2.3.2
989	* @access private
990	*
991	* @param array $matches Single Regex Match.
992	* @return string HTML A element with URL address.
993	*/
994	function _make_web_ftp_clickable_cb($matches) {
995	$ret = '';
996	$dest = $matches[2];
997	$dest = 'http://' . $dest;
998	$dest = clean_url($dest);
999	if ( empty($dest) )
1000	return $matches[0];
1001	// removed trailing [,;:] from URL
1002	if ( in_array(substr($dest, -1), array('.', ',', ';', ':')) === true ) {
1003	$ret = substr($dest, -1);
1004	$dest = substr($dest, 0, strlen($dest)-1);
1005	}
1006	return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>" . $ret;
1007	}
1008
1009	/**
1010	* Callback to convert email address match to HTML A element.
1011	*
1012	* This function was backported from 2.5.0 to 2.3.2. Regex callback for {@link
1013	* make_clickable()}.
1014	*
1015	* @since 2.3.2
1016	* @access private
1017	*
1018	* @param array $matches Single Regex Match.
1019	* @return string HTML A element with email address.
1020	*/
1021	function _make_email_clickable_cb($matches) {
1022	$email = $matches[2] . '@' . $matches[3];
1023	return $matches[1] . "<a href=\"mailto:$email\">$email</a>";
1024	}
1025
1026	/**
1027	* Convert plaintext URI to HTML links.
1028	*
1029	* Converts URI, www and ftp, and email addresses. Finishes by fixing links
1030	* within links.
1031	*
1032	* @since 0.71
1033	*
1034	* @param string $ret Content to convert URIs.
1035	* @return string Content with converted URIs.
1036	*/
1037	function make_clickable($ret) {
1038	$ret = ' ' . $ret;
1039	// in testing, using arrays here was found to be faster
1040	$ret = preg_replace_callback('#([\s>])([\w]+?://[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
1041	$ret = preg_replace_callback('#([\s>])((www\|ftp)\.[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
1042	$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
1043	// this one is not in an array because we need it to run last, for cleanup of accidental links within links
1044	$ret = preg_replace("#(<a( [^>]+?>\|>))<a [^>]+?>([^>]+?)</a></a>#i", "$1$3</a>", $ret);
1045	$ret = trim($ret);
1046	return $ret;
1047	}
1048
1049	/**
1050	* Adds rel nofollow string to all HTML A elements in content.
1051	*
1052	* @since 1.5.0
1053	*
1054	* @param string $text Content that may contain HTML A elements.
1055	* @return string Converted content.
1056	*/
1057	function wp_rel_nofollow( $text ) {
1058	global $wpdb;
1059	// This is a pre save filter, so text is already escaped.
1060	$text = stripslashes($text);
1061	$text = preg_replace_callback('\|<a (.+?)>\|i', 'wp_rel_nofollow_callback', $text);
1062	$text = $wpdb->escape($text);
1063	return $text;
1064	}
1065
1066	/**
1067	* Callback to used to add rel=nofollow string to HTML A element.
1068	*
1069	* Will remove already existing rel="nofollow" and rel='nofollow' from the
1070	* string to prevent from invalidating (X)HTML.
1071	*
1072	* @since 2.3.0
1073	*
1074	* @param array $matches Single Match
1075	* @return string HTML A Element with rel nofollow.
1076	*/
1077	function wp_rel_nofollow_callback( $matches ) {
1078	$text = $matches[1];
1079	$text = str_replace(array(' rel="nofollow"', " rel='nofollow'"), '', $text);
1080	return "<a $text rel=\"nofollow\">";
1081	}
1082
1083	/**
1084	* Convert text equivalent of smilies to images.
1085	*
1086	* Will only convert smilies if the option 'use_smilies' is true and the globals
1087	* used in the function aren't empty.
1088	*
1089	* @since 0.71
1090	* @uses $wp_smiliessearch, $wp_smiliesreplace Smiley replacement arrays.
1091	*
1092	* @param string $text Content to convert smilies from text.
1093	* @return string Converted content with text smilies replaced with images.
1094	*/
1095	function convert_smilies($text) {
1096	global $wp_smiliessearch, $wp_smiliesreplace;
1097	$output = '';
1098	if ( get_option('use_smilies') && !empty($wp_smiliessearch) && !empty($wp_smiliesreplace) ) {
1099	// HTML loop taken from texturize function, could possible be consolidated
1100	$textarr = preg_split("/(<.*>)/U", $text, -1, PREG_SPLIT_DELIM_CAPTURE); // capture the tags as well as in between
1101	$stop = count($textarr);// loop stuff
1102	for ($i = 0; $i < $stop; $i++) {
1103	$content = $textarr[$i];
1104	if ((strlen($content) > 0) && ('<' != $content{0})) { // If it's not a tag
1105	$content = preg_replace($wp_smiliessearch, $wp_smiliesreplace, $content);
1106	}
1107	$output .= $content;
1108	}
1109	} else {
1110	// return default text.
1111	$output = $text;
1112	}
1113	return $output;
1114	}
1115
1116	/**
1117	* Checks to see if the text is a valid email address.
1118	*
1119	* @since 0.71
1120	*
1121	* @param string $user_email The email address to be checked.
1122	* @return bool Returns true if valid, otherwise false.
1123	*/
1124	function is_email($user_email) {
1125	$chars = "/^([a-z0-9+_]\|\\-\|\\.)+@(([a-z0-9_]\|\\-)+\\.)+[a-z]{2,6}\$/i";
1126	if (strpos($user_email, '@') !== false && strpos($user_email, '.') !== false) {
1127	if (preg_match($chars, $user_email)) {
1128	return true;
1129	} else {
1130	return false;
1131	}
1132	} else {
1133	return false;
1134	}
1135	}
1136
1137	/**
1138	* Convert to ASCII from email subjects.
1139	*
1140	* @since 1.2.0
1141	* @usedby wp_mail() handles charsets in email subjects
1142	*
1143	* @param string $string Subject line
1144	* @return string Converted string to ASCII
1145	*/
1146	function wp_iso_descrambler($string) {
1147	/* this may only work with iso-8859-1, I'm afraid */
1148	if (!preg_match('#\=\?(.+)\?Q\?(.+)\?\=#i', $string, $matches)) {
1149	return $string;
1150	} else {
1151	$subject = str_replace('_', ' ', $matches[2]);
1152	/** @todo use preg_replace_callback() */
1153	$subject = preg_replace('#\=([0-9a-f]{2})#ei', "chr(hexdec(strtolower('$1')))", $subject);
1154	return $subject;
1155	}
1156	}
1157
1158	/**
1159	* Returns a date in the GMT equivalent.
1160	*
1161	* Requires and returns a date in the Y-m-d H:i:s format. Simply subtracts the
1162	* value of gmt_offset.
1163	*
1164	* @since 1.2.0
1165	*
1166	* @param string $string The date to be converted.
1167	* @return string GMT version of the date provided.
1168	*/
1169	function get_gmt_from_date($string) {
1170	preg_match('#([0-9]{1,4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})#', $string, $matches);
1171	$string_time = gmmktime($matches[4], $matches[5], $matches[6], $matches[2], $matches[3], $matches[1]);
1172	$string_gmt = gmdate('Y-m-d H:i:s', $string_time - get_option('gmt_offset') * 3600);
1173	return $string_gmt;
1174	}
1175
1176	/**
1177	* Converts a GMT date into the correct format for the blog.
1178	*
1179	* Requires and returns in the Y-m-d H:i:s format. Simply adds the value of
1180	* gmt_offset.
1181	*
1182	* @since 1.2.0
1183	*
1184	* @param string $string The date to be converted.
1185	* @return string Formatted date relative to the GMT offset.
1186	*/
1187	function get_date_from_gmt($string) {
1188	preg_match('#([0-9]{1,4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})#', $string, $matches);
1189	$string_time = gmmktime($matches[4], $matches[5], $matches[6], $matches[2], $matches[3], $matches[1]);
1190	$string_localtime = gmdate('Y-m-d H:i:s', $string_time + get_option('gmt_offset')*3600);
1191	return $string_localtime;
1192	}
1193
1194	/**
1195	* Computes an offset in seconds from an iso8601 timezone.
1196	*
1197	* @since 1.5.0
1198	*
1199	* @param string $timezone Either 'Z' for 0 offset or 'hhmm'.
1200	* @return int\|float The offset in seconds.
1201	*/
1202	function iso8601_timezone_to_offset($timezone) {
1203	// $timezone is either 'Z' or '[+\|-]hhmm'
1204	if ($timezone == 'Z') {
1205	$offset = 0;
1206	} else {
1207	$sign = (substr($timezone, 0, 1) == '+') ? 1 : -1;
1208	$hours = intval(substr($timezone, 1, 2));
1209	$minutes = intval(substr($timezone, 3, 4)) / 60;
1210	$offset = $sign * 3600 * ($hours + $minutes);
1211	}
1212	return $offset;
1213	}
1214
1215	/**
1216	* Converts an iso8601 date to MySQL DateTime format used by post_date[_gmt].
1217	*
1218	* @since 1.5.0
1219	*
1220	* @param string $date_string Date and time in ISO 8601 format {@link http://en.wikipedia.org/wiki/ISO_8601}.
1221	* @param string $timezone Optional. If set to GMT returns the time minus gmt_offset. Default is 'user'.
1222	* @return string The date and time in MySQL DateTime format - Y-m-d H:i:s.
1223	*/
1224	function iso8601_to_datetime($date_string, $timezone = 'user') {
1225	$timezone = strtolower($timezone);
1226
1227	if ($timezone == 'gmt') {
1228
1229	preg_match('#([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})(Z\|[\+\|\-][0-9]{2,4}){0,1}#', $date_string, $date_bits);
1230
1231	if (!empty($date_bits[7])) { // we have a timezone, so let's compute an offset
1232	$offset = iso8601_timezone_to_offset($date_bits[7]);
1233	} else { // we don't have a timezone, so we assume user local timezone (not server's!)
1234	$offset = 3600 * get_option('gmt_offset');
1235	}
1236
1237	$timestamp = gmmktime($date_bits[4], $date_bits[5], $date_bits[6], $date_bits[2], $date_bits[3], $date_bits[1]);
1238	$timestamp -= $offset;
1239
1240	return gmdate('Y-m-d H:i:s', $timestamp);
1241
1242	} else if ($timezone == 'user') {
1243	return preg_replace('#([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})(Z\|[\+\|\-][0-9]{2,4}){0,1}#', '$1-$2-$3 $4:$5:$6', $date_string);
1244	}
1245	}
1246
1247	/**
1248	* Adds a element attributes to open links in new windows.
1249	*
1250	* Comment text in popup windows should be filtered through this. Right now it's
1251	* a moderately dumb function, ideally it would detect whether a target or rel
1252	* attribute was already there and adjust its actions accordingly.
1253	*
1254	* @since 0.71
1255	*
1256	* @param string $text Content to replace links to open in a new window.
1257	* @return string Content that has filtered links.
1258	*/
1259	function popuplinks($text) {
1260	$text = preg_replace('/<a (.+?)>/i', "<a $1 target='_blank' rel='external'>", $text);
1261	return $text;
1262	}
1263
1264	/**
1265	* Strips out all characters that are not allowable in an email.
1266	*
1267	* @since 1.5.0
1268	*
1269	* @param string $email Email address to filter.
1270	* @return string Filtered email address.
1271	*/
1272	function sanitize_email($email) {
1273	return preg_replace('/[^a-z0-9+_.@-]/i', '', $email);
1274	}
1275
1276	/**
1277	* Determines the difference between two timestamps.
1278	*
1279	* The difference is returned in a human readable format such as "1 hour",
1280	* "5 mins", "2 days".
1281	*
1282	* @since 1.5.0
1283	*
1284	* @param int $from Unix timestamp from which the difference begins.
1285	* @param int $to Optional. Unix timestamp to end the time difference. Default becomes time() if not set.
1286	* @return string Human readable time difference.
1287	*/
1288	function human_time_diff( $from, $to = '' ) {
1289	if ( empty($to) )
1290	$to = time();
1291	$diff = (int) abs($to - $from);
1292	if ($diff <= 3600) {
1293	$mins = round($diff / 60);
1294	if ($mins <= 1) {
1295	$mins = 1;
1296	}
1297	$since = sprintf(__ngettext('%s min', '%s mins', $mins), $mins);
1298	} else if (($diff <= 86400) && ($diff > 3600)) {
1299	$hours = round($diff / 3600);
1300	if ($hours <= 1) {
1301	$hours = 1;
1302	}
1303	$since = sprintf(__ngettext('%s hour', '%s hours', $hours), $hours);
1304	} elseif ($diff >= 86400) {
1305	$days = round($diff / 86400);
1306	if ($days <= 1) {
1307	$days = 1;
1308	}
1309	$since = sprintf(__ngettext('%s day', '%s days', $days), $days);
1310	}
1311	return $since;
1312	}
1313
1314	/**
1315	* Generates an excerpt from the content, if needed.
1316	*
1317	* The excerpt word amount will be 55 words and if the amount is greater than
1318	* that, then the string '[...]' will be appended to the excerpt. If the string
1319	* is less than 55 words, then the content will be returned as is.
1320	*
1321	* @since 1.5.0
1322	*
1323	* @param string $text The exerpt. If set to empty an excerpt is generated.
1324	* @return string The excerpt.
1325	*/
1326	function wp_trim_excerpt($text) {
1327	if ( '' == $text ) {
1328	$text = get_the_content('');
1329
1330	$text = strip_shortcodes( $text );
1331
1332	$text = apply_filters('the_content', $text);
1333	$text = str_replace(']]>', ']]>', $text);
1334	$text = strip_tags($text);
1335	$excerpt_length = apply_filters('excerpt_length', 55);
1336	$words = explode(' ', $text, $excerpt_length + 1);
1337	if (count($words) > $excerpt_length) {
1338	array_pop($words);
1339	array_push($words, '[...]');
1340	$text = implode(' ', $words);
1341	}
1342	}
1343	return $text;
1344	}
1345
1346	/**
1347	* Converts named entities into numbered entities.
1348	*
1349	* @since 1.5.1
1350	*
1351	* @param string $text The text within which entities will be converted.
1352	* @return string Text with converted entities.
1353	*/
1354	function ent2ncr($text) {
1355	$to_ncr = array(
1356	'"' => '"',
1357	'&' => '&',
1358	'&frasl;' => '/',
1359	'<' => '<',
1360	'>' => '>',
1361	'\|' => '\|',
1362	' ' => ' ',
1363	'¡' => '¡',
1364	'¢' => '¢',
1365	'£' => '£',
1366	'¤' => '¤',
1367	'¥' => '¥',
1368	'¦' => '¦',
1369	'&brkbar;' => '¦',
1370	'§' => '§',
1371	'¨' => '¨',
1372	'&die;' => '¨',
1373	'©' => '©',
1374	'ª' => 'ª',
1375	'«' => '«',
1376	'¬' => '¬',
1377	'' => '',
1378	'®' => '®',
1379	'¯' => '¯',
1380	'&hibar;' => '¯',
1381	'°' => '°',
1382	'±' => '±',
1383	'²' => '²',
1384	'³' => '³',
1385	'´' => '´',
1386	'µ' => 'µ',
1387	'¶' => '¶',
1388	'·' => '·',
1389	'¸' => '¸',
1390	'¹' => '¹',
1391	'º' => 'º',
1392	'»' => '»',
1393	'¼' => '¼',
1394	'½' => '½',
1395	'¾' => '¾',
1396	'¿' => '¿',
1397	'À' => 'À',
1398	'Á' => 'Á',
1399	'Â' => 'Â',
1400	'Ã' => 'Ã',
1401	'Ä' => 'Ä',
1402	'Å' => 'Å',
1403	'Æ' => 'Æ',
1404	'Ç' => 'Ç',
1405	'È' => 'È',
1406	'É' => 'É',
1407	'Ê' => 'Ê',
1408	'Ë' => 'Ë',
1409	'Ì' => 'Ì',
1410	'Í' => 'Í',
1411	'Î' => 'Î',
1412	'Ï' => 'Ï',
1413	'Ð' => 'Ð',
1414	'Ñ' => 'Ñ',
1415	'Ò' => 'Ò',
1416	'Ó' => 'Ó',
1417	'Ô' => 'Ô',
1418	'Õ' => 'Õ',
1419	'Ö' => 'Ö',
1420	'×' => '×',
1421	'Ø' => 'Ø',
1422	'Ù' => 'Ù',
1423	'Ú' => 'Ú',
1424	'Û' => 'Û',
1425	'Ü' => 'Ü',
1426	'Ý' => 'Ý',
1427	'Þ' => 'Þ',
1428	'ß' => 'ß',
1429	'à' => 'à',
1430	'á' => 'á',
1431	'â' => 'â',
1432	'ã' => 'ã',
1433	'ä' => 'ä',
1434	'å' => 'å',
1435	'æ' => 'æ',
1436	'ç' => 'ç',
1437	'è' => 'è',
1438	'é' => 'é',
1439	'ê' => 'ê',
1440	'ë' => 'ë',
1441	'ì' => 'ì',
1442	'í' => 'í',
1443	'î' => 'î',
1444	'ï' => 'ï',
1445	'ð' => 'ð',
1446	'ñ' => 'ñ',
1447	'ò' => 'ò',
1448	'ó' => 'ó',
1449	'ô' => 'ô',
1450	'õ' => 'õ',
1451	'ö' => 'ö',
1452	'÷' => '÷',
1453	'ø' => 'ø',
1454	'ù' => 'ù',
1455	'ú' => 'ú',
1456	'û' => 'û',
1457	'ü' => 'ü',
1458	'ý' => 'ý',
1459	'þ' => 'þ',
1460	'ÿ' => 'ÿ',
1461	'&OElig;' => 'Œ',
1462	'&oelig;' => 'œ',
1463	'&Scaron;' => 'Š',
1464	'&scaron;' => 'š',
1465	'&Yuml;' => 'Ÿ',
1466	'&fnof;' => 'ƒ',
1467	'&circ;' => 'ˆ',
1468	'&tilde;' => '˜',
1469	'Α' => 'Α',
1470	'Β' => 'Β',
1471	'Γ' => 'Γ',
1472	'Δ' => 'Δ',
1473	'Ε' => 'Ε',
1474	'Ζ' => 'Ζ',
1475	'Η' => 'Η',
1476	'Θ' => 'Θ',
1477	'Ι' => 'Ι',
1478	'Κ' => 'Κ',
1479	'Λ' => 'Λ',
1480	'Μ' => 'Μ',
1481	'Ν' => 'Ν',
1482	'Ξ' => 'Ξ',
1483	'Ο' => 'Ο',
1484	'Π' => 'Π',
1485	'Ρ' => 'Ρ',
1486	'Σ' => 'Σ',
1487	'Τ' => 'Τ',
1488	'Υ' => 'Υ',
1489	'Φ' => 'Φ',
1490	'Χ' => 'Χ',
1491	'Ψ' => 'Ψ',
1492	'Ω' => 'Ω',
1493	'α' => 'α',
1494	'β' => 'β',
1495	'γ' => 'γ',
1496	'δ' => 'δ',
1497	'ε' => 'ε',
1498	'ζ' => 'ζ',
1499	'η' => 'η',
1500	'θ' => 'θ',
1501	'ι' => 'ι',
1502	'κ' => 'κ',
1503	'λ' => 'λ',
1504	'μ' => 'μ',
1505	'ν' => 'ν',
1506	'ξ' => 'ξ',
1507	'ο' => 'ο',
1508	'π' => 'π',
1509	'ρ' => 'ρ',
1510	'&sigmaf;' => 'ς',
1511	'σ' => 'σ',
1512	'τ' => 'τ',
1513	'υ' => 'υ',
1514	'φ' => 'φ',
1515	'χ' => 'χ',
1516	'ψ' => 'ψ',
1517	'ω' => 'ω',
1518	'&thetasym;' => 'ϑ',
1519	'&upsih;' => 'ϒ',
1520	'ϖ' => 'ϖ',
1521	'&ensp;' => ' ',
1522	'&emsp;' => ' ',
1523	' ' => ' ',
1524	'&zwnj;' => '‌',
1525	'&zwj;' => '‍',
1526	'&lrm;' => '‎',
1527	'&rlm;' => '‏',
1528	'–' => '–',
1529	'—' => '—',
1530	'‘' => '‘',
1531	'’' => '’',
1532	'&sbquo;' => '‚',
1533	'“' => '“',
1534	'”' => '”',
1535	'&bdquo;' => '„',
1536	'&dagger;' => '†',
1537	'&Dagger;' => '‡',
1538	'•' => '•',
1539	'…' => '…',
1540	'&permil;' => '‰',
1541	'′' => '′',
1542	'″' => '″',
1543	'&lsaquo;' => '‹',
1544	'&rsaquo;' => '›',
1545	'&oline;' => '‾',
1546	'&frasl;' => '⁄',
1547	'€' => '€',
1548	'&image;' => 'ℑ',
1549	'&weierp;' => '℘',
1550	'&real;' => 'ℜ',
1551	'™' => '™',
1552	'&alefsym;' => 'ℵ',
1553	'&crarr;' => '↵',
1554	'⇐' => '⇐',
1555	'&uArr;' => '⇑',
1556	'⇒' => '⇒',
1557	'&dArr;' => '⇓',
1558	'⇔' => '⇔',
1559	'∀' => '∀',
1560	'∂' => '∂',
1561	'∃' => '∃',
1562	'∅' => '∅',
1563	'∇' => '∇',
1564	'∈' => '∈',
1565	'∉' => '∉',
1566	'&ni;' => '∋',
1567	'∏' => '∏',
1568	'∑' => '∑',
1569	'−' => '−',
1570	'&lowast;' => '∗',
1571	'√' => '√',
1572	'&prop;' => '∝',
1573	'∞' => '∞',
1574	'&ang;' => '∠',
1575	'&and;' => '∧',
1576	'&or;' => '∨',
1577	'∩' => '∩',
1578	'∪' => '∪',
1579	'∫' => '∫',
1580	'&there4;' => '∴',
1581	'&sim;' => '∼',
1582	'&cong;' => '≅',
1583	'≈' => '≈',
1584	'≠' => '≠',
1585	'&equiv;' => '≡',
1586	'≤' => '≤',
1587	'≥' => '≥',
1588	'⊂' => '⊂',
1589	'⊃' => '⊃',
1590	'&nsub;' => '⊄',
1591	'&sube;' => '⊆',
1592	'&supe;' => '⊇',
1593	'&oplus;' => '⊕',
1594	'&otimes;' => '⊗',
1595	'&perp;' => '⊥',
1596	'⋅' => '⋅',
1597	'&lceil;' => '⌈',
1598	'&rceil;' => '⌉',
1599	'&lfloor;' => '⌊',
1600	'&rfloor;' => '⌋',
1601	'&lang;' => '〈',
1602	'&rang;' => '〉',
1603	'←' => '←',
1604	'↑' => '↑',
1605	'→' => '→',
1606	'↓' => '↓',
1607	'↔' => '↔',
1608	'&loz;' => '◊',
1609	'&spades;' => '♠',
1610	'&clubs;' => '♣',
1611	'&hearts;' => '♥',
1612	'&diams;' => '♦'
1613	);
1614
1615	return str_replace( array_keys($to_ncr), array_values($to_ncr), $text );
1616	}
1617
1618	/**
1619	* Formats text for the rich text editor.
1620	*
1621	* The filter 'richedit_pre' is applied here. If $text is empty the filter will
1622	* be applied to an empty string.
1623	*
1624	* @since 2.0.0
1625	*
1626	* @param string $text The text to be formatted.
1627	* @return string The formatted text after filter is applied.
1628	*/
1629	function wp_richedit_pre($text) {
1630	// Filtering a blank results in an annoying <br />\n
1631	if ( empty($text) ) return apply_filters('richedit_pre', '');
1632
1633	$output = convert_chars($text);
1634	$output = wpautop($output);
1635	$output = htmlspecialchars($output, ENT_NOQUOTES);
1636
1637	return apply_filters('richedit_pre', $output);
1638	}
1639
1640	/**
1641	* Formats text for the HTML editor.
1642	*
1643	* Unless $output is empty it will pass through htmlspecialchars before the
1644	* 'htmledit_pre' filter is applied.
1645	*
1646	* @since 2.5.0
1647	*
1648	* @param string $output The text to be formatted.
1649	* @return string Formatted text after filter applied.
1650	*/
1651	function wp_htmledit_pre($output) {
1652	if ( !empty($output) )
1653	$output = htmlspecialchars($output, ENT_NOQUOTES); // convert only < > &
1654
1655	return apply_filters('htmledit_pre', $output);
1656	}
1657
1658	/**
1659	* Checks and cleans a URL.
1660	*
1661	* A number of characters are removed from the URL. If the URL is for displaying
1662	* (the default behaviour) amperstands are also replaced. The 'clean_url' filter
1663	* is applied to the returned cleaned URL.
1664	*
1665	* @since 1.2.0
1666	* @uses wp_kses_bad_protocol() To only permit protocols in the URL set
1667	* via $protocols or the common ones set in the function.
1668	*
1669	* @param string $url The URL to be cleaned.
1670	* @param array $protocols Optional. An array of acceptable protocols.
1671	* Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet' if not set.
1672	* @param string $context Optional. How the URL will be used. Default is 'display'.
1673	* @return string The cleaned $url after the 'cleaned_url' filter is applied.
1674	*/
1675	function clean_url( $url, $protocols = null, $context = 'display' ) {
1676	$original_url = $url;
1677
1678	if ('' == $url) return $url;
1679	$url = preg_replace('\|[^a-z0-9-~+_.?#=!&;,/:%@$*\'()\\x80-\\xff]\|i', '', $url);
1680	$strip = array('%0d', '%0a');
1681	$url = str_replace($strip, '', $url);
1682	$url = str_replace(';//', '://', $url);
1683	/* If the URL doesn't appear to contain a scheme, we
1684	* presume it needs http:// appended (unless a relative
1685	* link starting with / or a php file).
1686	*/
1687	if ( strpos($url, ':') === false &&
1688	substr( $url, 0, 1 ) != '/' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) )
1689	$url = 'http://' . $url;
1690
1691	// Replace ampersands and single quotes only when displaying.
1692	if ( 'display' == $context ) {
1693	$url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
1694	$url = str_replace( "'", ''', $url );
1695	}
1696
1697	if ( !is_array($protocols) )
1698	$protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet');
1699	if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
1700	return '';
1701
1702	return apply_filters('clean_url', $url, $original_url, $context);
1703	}
1704
1705	/**
1706	* Performs clean_url() for database usage.
1707	*
1708	* @see clean_url()
1709	*
1710	* @since 2.3.1
1711	*
1712	* @param string $url The URL to be cleaned.
1713	* @param array $protocols An array of acceptable protocols.
1714	* @return string The cleaned URL.
1715	*/
1716	function sanitize_url( $url, $protocols = null ) {
1717	return clean_url( $url, $protocols, 'db' );
1718	}
1719
1720	/**
1721	* Convert entities, while preserving already-encoded entities.
1722	*
1723	* @link http://www.php.net/htmlentities Borrowed from the PHP Manual user notes.
1724	*
1725	* @since 1.2.2
1726	*
1727	* @param string $myHTML The text to be converted.
1728	* @return string Converted text.
1729	*/
1730	function htmlentities2($myHTML) {
1731	$translation_table = get_html_translation_table( HTML_ENTITIES, ENT_QUOTES );
1732	$translation_table[chr(38)] = '&';
1733	return preg_replace( "/&(?![A-Za-z]{0,4}\w{2,3};\|#[0-9]{2,3};)/", "&", strtr($myHTML, $translation_table) );
1734	}
1735
1736	/**
1737	* Escape single quotes, specialchar double quotes, and fix line endings.
1738	*
1739	* The filter 'js_escape' is also applied here.
1740	*
1741	* @since 2.0.4
1742	*
1743	* @param string $text The text to be escaped.
1744	* @return string Escaped text.
1745	*/
1746	function js_escape($text) {
1747	$safe_text = wp_specialchars($text, 'double');
1748	$safe_text = preg_replace('/&#(x)?0*(?(1)27\|39);?/i', "'", stripslashes($safe_text));
1749	$safe_text = preg_replace("/\r?\n/", "\\n", addslashes($safe_text));
1750	return apply_filters('js_escape', $safe_text, $text);
1751	}
1752
1753	/**
1754	* Escaping for HTML attributes.
1755	*
1756	* @since 2.0.6
1757	*
1758	* @param string $text
1759	* @return string
1760	*/
1761	function attribute_escape($text) {
1762	$safe_text = wp_specialchars($text, true);
1763	return apply_filters('attribute_escape', $safe_text, $text);
1764	}
1765
1766	/**
1767	* Escape a HTML tag name.
1768	*
1769	* @since 2.5.0
1770	*
1771	* @param string $tag_name
1772	* @return string
1773	*/
1774	function tag_escape($tag_name) {
1775	$safe_tag = strtolower( preg_replace('[^a-zA-Z_:]', '', $tag_name) );
1776	return apply_filters('tag_escape', $safe_tag, $tag_name);
1777	}
1778
1779	/**
1780	* Escapes text for SQL LIKE special characters % and _.
1781	*
1782	* @since 2.5.0
1783	*
1784	* @param string $text The text to be escaped.
1785	* @return string text, safe for inclusion in LIKE query.
1786	*/
1787	function like_escape($text) {
1788	return str_replace(array("%", "_"), array("\\%", "\\_"), $text);
1789	}
1790
1791	/**
1792	* Convert full URL paths to absolute paths.
1793	*
1794	* Removes the http or https protocols and the domain. Keeps the path '/' at the
1795	* beginning, so it isn't a true relative link, but from the web root base.
1796	*
1797	* @since 2.1.0
1798	*
1799	* @param string $link Full URL path.
1800	* @return string Absolute path.
1801	*/
1802	function wp_make_link_relative( $link ) {
1803	return preg_replace( '\|https?://[^/]+(/.*)\|i', '$1', $link );
1804	}
1805
1806	/**
1807	* Sanitises various option values based on the nature of the option.
1808	*
1809	* This is basically a switch statement which will pass $value through a number
1810	* of functions depending on the $option.
1811	*
1812	* @since 2.0.5
1813	*
1814	* @param string $option The name of the option.
1815	* @param string $value The unsanitised value.
1816	* @return string Sanitized value.
1817	*/
1818	function sanitize_option($option, $value) {
1819
1820	switch ($option) {
1821	case 'admin_email':
1822	$value = sanitize_email($value);
1823	break;
1824
1825	case 'thumbnail_size_w':
1826	case 'thumbnail_size_h':
1827	case 'medium_size_w':
1828	case 'medium_size_h':
1829	case 'large_size_w':
1830	case 'large_size_h':
1831	case 'default_post_edit_rows':
1832	case 'mailserver_port':
1833	case 'comment_max_links':
1834	case 'page_on_front':
1835	case 'rss_excerpt_length':
1836	case 'default_category':
1837	case 'default_email_category':
1838	case 'default_link_category':
1839	case 'close_comments_days_old':
1840	case 'comments_per_page':
1841	case 'thread_comments_depth':
1842	$value = abs((int) $value);
1843	break;
1844
1845	case 'posts_per_page':
1846	case 'posts_per_rss':
1847	$value = (int) $value;
1848	if ( empty($value) ) $value = 1;
1849	if ( $value < -1 ) $value = abs($value);
1850	break;
1851
1852	case 'default_ping_status':
1853	case 'default_comment_status':
1854	// Options that if not there have 0 value but need to be something like "closed"
1855	if ( $value == '0' \|\| $value == '')
1856	$value = 'closed';
1857	break;
1858
1859	case 'blogdescription':
1860	case 'blogname':
1861	$value = addslashes($value);
1862	$value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes
1863	$value = stripslashes($value);
1864	$value = wp_specialchars( $value );
1865	break;
1866
1867	case 'blog_charset':
1868	$value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes
1869	break;
1870
1871	case 'date_format':
1872	case 'time_format':
1873	case 'mailserver_url':
1874	case 'mailserver_login':
1875	case 'mailserver_pass':
1876	case 'ping_sites':
1877	case 'upload_path':
1878	$value = strip_tags($value);
1879	$value = addslashes($value);
1880	$value = wp_filter_kses($value); // calls stripslashes then addslashes
1881	$value = stripslashes($value);
1882	break;
1883
1884	case 'gmt_offset':
1885	$value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes
1886	break;
1887
1888	case 'siteurl':
1889	case 'home':
1890	$value = stripslashes($value);
1891	$value = clean_url($value);
1892	break;
1893	default :
1894	$value = apply_filters("sanitize_option_{$option}", $value, $option);
1895	break;
1896	}
1897
1898	return $value;
1899	}
1900
1901	/**
1902	* Parses a string into variables to be stored in an array.
1903	*
1904	* Uses {@link http://www.php.net/parse_str parse_str()} and stripslashes if
1905	* {@link http://www.php.net/magic_quotes magic_quotes_gpc} is on.
1906	*
1907	* @since 2.2.1
1908	* @uses apply_filters() for the 'wp_parse_str' filter.
1909	*
1910	* @param string $string The string to be parsed.
1911	* @param array $array Variables will be stored in this array.
1912	*/
1913	function wp_parse_str( $string, &$array ) {
1914	parse_str( $string, $array );
1915	if ( get_magic_quotes_gpc() )
1916	$array = stripslashes_deep( $array );
1917	$array = apply_filters( 'wp_parse_str', $array );
1918	}
1919
1920	/**
1921	* Convert lone less than signs.
1922	*
1923	* KSES already converts lone greater than signs.
1924	*
1925	* @uses wp_pre_kses_less_than_callback in the callback function.
1926	* @since 2.3.0
1927	*
1928	* @param string $text Text to be converted.
1929	* @return string Converted text.
1930	*/
1931	function wp_pre_kses_less_than( $text ) {
1932	return preg_replace_callback('%<[^>]*?((?=<)\|>\|$)%', 'wp_pre_kses_less_than_callback', $text);
1933	}
1934
1935	/**
1936	* Callback function used by preg_replace.
1937	*
1938	* @uses wp_specialchars to format the $matches text.
1939	* @since 2.3.0
1940	*
1941	* @param array $matches Populated by matches to preg_replace.
1942	* @return string The text returned after wp_specialchars if needed.
1943	*/
1944	function wp_pre_kses_less_than_callback( $matches ) {
1945	if ( false === strpos($matches[0], '>') )
1946	return wp_specialchars($matches[0]);
1947	return $matches[0];
1948	}
1949
1950	/**
1951	* WordPress implementation of PHP sprintf() with filters.
1952	*
1953	* @since 2.5.0
1954	* @link http://www.php.net/sprintf
1955	*
1956	* @param string $pattern The string which formatted args are inserted.
1957	* @param mixed $args,... Arguments to be formatted into the $pattern string.
1958	* @return string The formatted string.
1959	*/
1960	function wp_sprintf( $pattern ) {
1961	$args = func_get_args( );
1962	$len = strlen($pattern);
1963	$start = 0;
1964	$result = '';
1965	$arg_index = 0;
1966	while ( $len > $start ) {
1967	// Last character: append and break
1968	if ( strlen($pattern) - 1 == $start ) {
1969	$result .= substr($pattern, -1);
1970	break;
1971	}
1972
1973	// Literal %: append and continue
1974	if ( substr($pattern, $start, 2) == '%%' ) {
1975	$start += 2;
1976	$result .= '%';
1977	continue;
1978	}
1979
1980	// Get fragment before next %
1981	$end = strpos($pattern, '%', $start + 1);
1982	if ( false === $end )
1983	$end = $len;
1984	$fragment = substr($pattern, $start, $end - $start);
1985
1986	// Fragment has a specifier
1987	if ( $pattern{$start} == '%' ) {
1988	// Find numbered arguments or take the next one in order
1989	if ( preg_match('/^%(\d+)\$/', $fragment, $matches) ) {
1990	$arg = isset($args[$matches[1]]) ? $args[$matches[1]] : '';
1991	$fragment = str_replace("%{$matches[1]}$", '%', $fragment);
1992	} else {
1993	++$arg_index;
1994	$arg = isset($args[$arg_index]) ? $args[$arg_index] : '';
1995	}
1996
1997	// Apply filters OR sprintf
1998	$_fragment = apply_filters( 'wp_sprintf', $fragment, $arg );
1999	if ( $_fragment != $fragment )
2000	$fragment = $_fragment;
2001	else
2002	$fragment = sprintf($fragment, strval($arg) );
2003	}
2004
2005	// Append to result and move to next fragment
2006	$result .= $fragment;
2007	$start = $end;
2008	}
2009	return $result;
2010	}
2011
2012	/**
2013	* Localize list items before the rest of the content.
2014	*
2015	* The '%l' must be at the first characters can then contain the rest of the
2016	* content. The list items will have ', ', ', and', and ' and ' added depending
2017	* on the amount of list items in the $args parameter.
2018	*
2019	* @since 2.5.0
2020	*
2021	* @param string $pattern Content containing '%l' at the beginning.
2022	* @param array $args List items to prepend to the content and replace '%l'.
2023	* @return string Localized list items and rest of the content.
2024	*/
2025	function wp_sprintf_l($pattern, $args) {
2026	// Not a match
2027	if ( substr($pattern, 0, 2) != '%l' )
2028	return $pattern;
2029
2030	// Nothing to work with
2031	if ( empty($args) )
2032	return '';
2033
2034	// Translate and filter the delimiter set (avoid ampersands and entities here)
2035	$l = apply_filters('wp_sprintf_l', array(
2036	'between' => _c(', \|between list items'),
2037	'between_last_two' => _c(', and \|between last two list items'),
2038	'between_only_two' => _c(' and \|between only two list items'),
2039	));
2040
2041	$args = (array) $args;
2042	$result = array_shift($args);
2043	if ( count($args) == 1 )
2044	$result .= $l['between_only_two'] . array_shift($args);
2045	// Loop when more than two args
2046	$i = count($args);
2047	while ( $i ) {
2048	$arg = array_shift($args);
2049	$i--;
2050	if ( $i == 1 )
2051	$result .= $l['between_last_two'] . $arg;
2052	else
2053	$result .= $l['between'] . $arg;
2054	}
2055	return $result . substr($pattern, 2);
2056	}
2057
2058	/**
2059	* Safely extracts not more than the first $count characters from html string.
2060	*
2061	* UTF-8, tags and entities safe prefix extraction. Entities inside will NOT
2062	* be counted as one character. For example & will be counted as 4, < as
2063	* 3, etc.
2064	*
2065	* @since 2.5.0
2066	*
2067	* @param integer $str String to get the excerpt from.
2068	* @param integer $count Maximum number of characters to take.
2069	* @return string The excerpt.
2070	*/
2071	function wp_html_excerpt( $str, $count ) {
2072	$str = strip_tags( $str );
2073	$str = mb_strcut( $str, 0, $count );
2074	// remove part of an entity at the end
2075	$str = preg_replace( '/&[^;\s]{0,6}$/', '', $str );
2076	return $str;
2077	}
2078
2079	/**
2080	* Add a Base url to relative links in passed content.
2081	*
2082	* By default it supports the 'src' and 'href' attributes. However this can be
2083	* changed via the 3rd param.
2084	*
2085	* @since 2.7.0
2086	*
2087	* @param string $content String to search for links in.
2088	* @param string $base The base URL to prefix to links.
2089	* @param array $attrs The attributes which should be processed.
2090	* @return string The processed content.
2091	*/
2092	function links_add_base_url( $content, $base, $attrs = array('src', 'href') ) {
2093	$attrs = implode('\|', (array)$attrs);
2094	return preg_replace_callback("!($attrs)=(['\"])(.+?)\\2!i",
2095	create_function('$m', 'return _links_add_base($m, "' . $base . '");'),
2096	$content);
2097	}
2098
2099	/**
2100	* Callback to add a base url to relative links in passed content.
2101	*
2102	* @since 2.7.0
2103	* @access private
2104	*
2105	* @param string $m The matched link.
2106	* @param string $base The base URL to prefix to links.
2107	* @return string The processed link.
2108	*/
2109	function _links_add_base($m, $base) {
2110	//1 = attribute name 2 = quotation mark 3 = URL
2111	return $m[1] . '=' . $m[2] .
2112	(strpos($m[3], 'http://') === false ?
2113	path_join($base, $m[3]) :
2114	$m[3])
2115	. $m[2];
2116	}
2117
2118	/**
2119	* Adds a Target attribute to all links in passed content.
2120	*
2121	* This function by default only applies to <a> tags, however this can be
2122	* modified by the 3rd param.
2123	*
2124	* <b>NOTE:</b> Any current target attributed will be striped and replaced.
2125	*
2126	* @since 2.7.0
2127	*
2128	* @param string $content String to search for links in.
2129	* @param string $target The Target to add to the links.
2130	* @param array $tags An array of tags to apply to.
2131	* @return string The processed content.
2132	*/
2133	function links_add_target( $content, $target = '_blank', $tags = array('a') ) {
2134	$tags = implode('\|', (array)$tags);
2135	return preg_replace_callback("!<($tags)(.+?)>!i",
2136	create_function('$m', 'return _links_add_target($m, "' . $target . '");'),
2137	$content);
2138	}
2139	/**
2140	* Callback to add a target attribute to all links in passed content.
2141	*
2142	* @since 2.7.0
2143	* @access private
2144	*
2145	* @param string $m The matched link.
2146	* @param string $target The Target to add to the links.
2147	* @return string The processed link.
2148	*/
2149	function _links_add_target( $m, $target ) {
2150	$tag = $m[1];
2151	$link = preg_replace('\|(target=[\'"](.*?)[\'"])\|i', '', $m[2]);
2152	return '<' . $tag . $link . ' target="' . $target . '">';
2153	}
2154
2155	// normalize EOL characters and strip duplicate whitespace
2156	function normalize_whitespace( $str ) {
2157	$str = trim($str);
2158	$str = str_replace("\r", "\n", $str);
2159	$str = preg_replace( array( '/\n+/', '/[ \t]+/' ), array( "\n", ' ' ), $str );
2160	return $str;
2161	}
2162
2163	?>