[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

title

Body

[close]

/wp-includes/rest-api/ -> class-wp-rest-request.php (source)

   1  <?php
   2  /**
   3   * REST API: WP_REST_Request class
   4   *
   5   * @package WordPress
   6   * @subpackage REST_API
   7   * @since 4.4.0
   8   */
   9  
  10  /**
  11   * Core class used to implement a REST request object.
  12   *
  13   * Contains data from the request, to be passed to the callback.
  14   *
  15   * Note: This implements ArrayAccess, and acts as an array of parameters when
  16   * used in that manner. It does not use ArrayObject (as we cannot rely on SPL),
  17   * so be aware it may have non-array behaviour in some cases.
  18   *
  19   * Note: When using features provided by ArrayAccess, be aware that WordPress deliberately
  20   * does not distinguish between arguments of the same name for different request methods.
  21   * For instance, in a request with `GET id=1` and `POST id=2`, `$request['id']` will equal
  22   * 2 (`POST`) not 1 (`GET`). For more precision between request methods, use
  23   * WP_REST_Request::get_body_params(), WP_REST_Request::get_url_params(), etc.
  24   *
  25   * @since 4.4.0
  26   *
  27   * @link https://secure.php.net/manual/en/class.arrayaccess.php
  28   */
  29  class WP_REST_Request implements ArrayAccess {
  30  
  31      /**
  32       * HTTP method.
  33       *
  34       * @since 4.4.0
  35       * @var string
  36       */
  37      protected $method = '';
  38  
  39      /**
  40       * Parameters passed to the request.
  41       *
  42       * These typically come from the `$_GET`, `$_POST` and `$_FILES`
  43       * superglobals when being created from the global scope.
  44       *
  45       * @since 4.4.0
  46       * @var array Contains GET, POST and FILES keys mapping to arrays of data.
  47       */
  48      protected $params;
  49  
  50      /**
  51       * HTTP headers for the request.
  52       *
  53       * @since 4.4.0
  54       * @var array Map of key to value. Key is always lowercase, as per HTTP specification.
  55       */
  56      protected $headers = array();
  57  
  58      /**
  59       * Body data.
  60       *
  61       * @since 4.4.0
  62       * @var string Binary data from the request.
  63       */
  64      protected $body = null;
  65  
  66      /**
  67       * Route matched for the request.
  68       *
  69       * @since 4.4.0
  70       * @var string
  71       */
  72      protected $route;
  73  
  74      /**
  75       * Attributes (options) for the route that was matched.
  76       *
  77       * This is the options array used when the route was registered, typically
  78       * containing the callback as well as the valid methods for the route.
  79       *
  80       * @since 4.4.0
  81       * @var array Attributes for the request.
  82       */
  83      protected $attributes = array();
  84  
  85      /**
  86       * Used to determine if the JSON data has been parsed yet.
  87       *
  88       * Allows lazy-parsing of JSON data where possible.
  89       *
  90       * @since 4.4.0
  91       * @var bool
  92       */
  93      protected $parsed_json = false;
  94  
  95      /**
  96       * Used to determine if the body data has been parsed yet.
  97       *
  98       * @since 4.4.0
  99       * @var bool
 100       */
 101      protected $parsed_body = false;
 102  
 103      /**
 104       * Constructor.
 105       *
 106       * @since 4.4.0
 107       *
 108       * @param string $method     Optional. Request method. Default empty.
 109       * @param string $route      Optional. Request route. Default empty.
 110       * @param array  $attributes Optional. Request attributes. Default empty array.
 111       */
 112  	public function __construct( $method = '', $route = '', $attributes = array() ) {
 113          $this->params = array(
 114              'URL'      => array(),
 115              'GET'      => array(),
 116              'POST'     => array(),
 117              'FILES'    => array(),
 118  
 119              // See parse_json_params.
 120              'JSON'     => null,
 121  
 122              'defaults' => array(),
 123          );
 124  
 125          $this->set_method( $method );
 126          $this->set_route( $route );
 127          $this->set_attributes( $attributes );
 128      }
 129  
 130      /**
 131       * Retrieves the HTTP method for the request.
 132       *
 133       * @since 4.4.0
 134       *
 135       * @return string HTTP method.
 136       */
 137  	public function get_method() {
 138          return $this->method;
 139      }
 140  
 141      /**
 142       * Sets HTTP method for the request.
 143       *
 144       * @since 4.4.0
 145       *
 146       * @param string $method HTTP method.
 147       */
 148  	public function set_method( $method ) {
 149          $this->method = strtoupper( $method );
 150      }
 151  
 152      /**
 153       * Retrieves all headers from the request.
 154       *
 155       * @since 4.4.0
 156       *
 157       * @return array Map of key to value. Key is always lowercase, as per HTTP specification.
 158       */
 159  	public function get_headers() {
 160          return $this->headers;
 161      }
 162  
 163      /**
 164       * Canonicalizes the header name.
 165       *
 166       * Ensures that header names are always treated the same regardless of
 167       * source. Header names are always case insensitive.
 168       *
 169       * Note that we treat `-` (dashes) and `_` (underscores) as the same
 170       * character, as per header parsing rules in both Apache and nginx.
 171       *
 172       * @link https://stackoverflow.com/q/18185366
 173       * @link https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#missing-disappearing-http-headers
 174       * @link https://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
 175       *
 176       * @since 4.4.0
 177       *
 178       * @param string $key Header name.
 179       * @return string Canonicalized name.
 180       */
 181  	public static function canonicalize_header_name( $key ) {
 182          $key = strtolower( $key );
 183          $key = str_replace( '-', '_', $key );
 184  
 185          return $key;
 186      }
 187  
 188      /**
 189       * Retrieves the given header from the request.
 190       *
 191       * If the header has multiple values, they will be concatenated with a comma
 192       * as per the HTTP specification. Be aware that some non-compliant headers
 193       * (notably cookie headers) cannot be joined this way.
 194       *
 195       * @since 4.4.0
 196       *
 197       * @param string $key Header name, will be canonicalized to lowercase.
 198       * @return string|null String value if set, null otherwise.
 199       */
 200  	public function get_header( $key ) {
 201          $key = $this->canonicalize_header_name( $key );
 202  
 203          if ( ! isset( $this->headers[ $key ] ) ) {
 204              return null;
 205          }
 206  
 207          return implode( ',', $this->headers[ $key ] );
 208      }
 209  
 210      /**
 211       * Retrieves header values from the request.
 212       *
 213       * @since 4.4.0
 214       *
 215       * @param string $key Header name, will be canonicalized to lowercase.
 216       * @return array|null List of string values if set, null otherwise.
 217       */
 218  	public function get_header_as_array( $key ) {
 219          $key = $this->canonicalize_header_name( $key );
 220  
 221          if ( ! isset( $this->headers[ $key ] ) ) {
 222              return null;
 223          }
 224  
 225          return $this->headers[ $key ];
 226      }
 227  
 228      /**
 229       * Sets the header on request.
 230       *
 231       * @since 4.4.0
 232       *
 233       * @param string $key   Header name.
 234       * @param string $value Header value, or list of values.
 235       */
 236  	public function set_header( $key, $value ) {
 237          $key   = $this->canonicalize_header_name( $key );
 238          $value = (array) $value;
 239  
 240          $this->headers[ $key ] = $value;
 241      }
 242  
 243      /**
 244       * Appends a header value for the given header.
 245       *
 246       * @since 4.4.0
 247       *
 248       * @param string $key   Header name.
 249       * @param string $value Header value, or list of values.
 250       */
 251  	public function add_header( $key, $value ) {
 252          $key   = $this->canonicalize_header_name( $key );
 253          $value = (array) $value;
 254  
 255          if ( ! isset( $this->headers[ $key ] ) ) {
 256              $this->headers[ $key ] = array();
 257          }
 258  
 259          $this->headers[ $key ] = array_merge( $this->headers[ $key ], $value );
 260      }
 261  
 262      /**
 263       * Removes all values for a header.
 264       *
 265       * @since 4.4.0
 266       *
 267       * @param string $key Header name.
 268       */
 269  	public function remove_header( $key ) {
 270          $key = $this->canonicalize_header_name( $key );
 271          unset( $this->headers[ $key ] );
 272      }
 273  
 274      /**
 275       * Sets headers on the request.
 276       *
 277       * @since 4.4.0
 278       *
 279       * @param array $headers  Map of header name to value.
 280       * @param bool  $override If true, replace the request's headers. Otherwise, merge with existing.
 281       */
 282  	public function set_headers( $headers, $override = true ) {
 283          if ( true === $override ) {
 284              $this->headers = array();
 285          }
 286  
 287          foreach ( $headers as $key => $value ) {
 288              $this->set_header( $key, $value );
 289          }
 290      }
 291  
 292      /**
 293       * Retrieves the content-type of the request.
 294       *
 295       * @since 4.4.0
 296       *
 297       * @return array|null Map containing 'value' and 'parameters' keys
 298       *                    or null when no valid content-type header was
 299       *                    available.
 300       */
 301  	public function get_content_type() {
 302          $value = $this->get_header( 'content-type' );
 303          if ( empty( $value ) ) {
 304              return null;
 305          }
 306  
 307          $parameters = '';
 308          if ( strpos( $value, ';' ) ) {
 309              list( $value, $parameters ) = explode( ';', $value, 2 );
 310          }
 311  
 312          $value = strtolower( $value );
 313          if ( false === strpos( $value, '/' ) ) {
 314              return null;
 315          }
 316  
 317          // Parse type and subtype out.
 318          list( $type, $subtype ) = explode( '/', $value, 2 );
 319  
 320          $data = compact( 'value', 'type', 'subtype', 'parameters' );
 321          $data = array_map( 'trim', $data );
 322  
 323          return $data;
 324      }
 325  
 326      /**
 327       * Retrieves the parameter priority order.
 328       *
 329       * Used when checking parameters in get_param().
 330       *
 331       * @since 4.4.0
 332       *
 333       * @return string[] Array of types to check, in order of priority.
 334       */
 335  	protected function get_parameter_order() {
 336          $order = array();
 337  
 338          $content_type = $this->get_content_type();
 339          if ( isset( $content_type['value'] ) && 'application/json' === $content_type['value'] ) {
 340              $order[] = 'JSON';
 341          }
 342  
 343          $this->parse_json_params();
 344  
 345          // Ensure we parse the body data.
 346          $body = $this->get_body();
 347  
 348          if ( 'POST' !== $this->method && ! empty( $body ) ) {
 349              $this->parse_body_params();
 350          }
 351  
 352          $accepts_body_data = array( 'POST', 'PUT', 'PATCH', 'DELETE' );
 353          if ( in_array( $this->method, $accepts_body_data ) ) {
 354              $order[] = 'POST';
 355          }
 356  
 357          $order[] = 'GET';
 358          $order[] = 'URL';
 359          $order[] = 'defaults';
 360  
 361          /**
 362           * Filters the parameter order.
 363           *
 364           * The order affects which parameters are checked when using get_param() and family.
 365           * This acts similarly to PHP's `request_order` setting.
 366           *
 367           * @since 4.4.0
 368           *
 369           * @param string[]        $order Array of types to check, in order of priority.
 370           * @param WP_REST_Request $this  The request object.
 371           */
 372          return apply_filters( 'rest_request_parameter_order', $order, $this );
 373      }
 374  
 375      /**
 376       * Retrieves a parameter from the request.
 377       *
 378       * @since 4.4.0
 379       *
 380       * @param string $key Parameter name.
 381       * @return mixed|null Value if set, null otherwise.
 382       */
 383  	public function get_param( $key ) {
 384          $order = $this->get_parameter_order();
 385  
 386          foreach ( $order as $type ) {
 387              // Determine if we have the parameter for this type.
 388              if ( isset( $this->params[ $type ][ $key ] ) ) {
 389                  return $this->params[ $type ][ $key ];
 390              }
 391          }
 392  
 393          return null;
 394      }
 395  
 396      /**
 397       * Checks if a parameter exists in the request.
 398       *
 399       * This allows distinguishing between an omitted parameter,
 400       * and a parameter specifically set to null.
 401       *
 402       * @since 5.3.0
 403       *
 404       * @param string $key Parameter name.
 405       *
 406       * @return bool True if a param exists for the given key.
 407       */
 408  	public function has_param( $key ) {
 409          $order = $this->get_parameter_order();
 410  
 411          foreach ( $order as $type ) {
 412              if ( array_key_exists( $key, $this->params[ $type ] ) ) {
 413                  return true;
 414              }
 415          }
 416  
 417          return false;
 418      }
 419  
 420      /**
 421       * Sets a parameter on the request.
 422       *
 423       * @since 4.4.0
 424       *
 425       * @param string $key   Parameter name.
 426       * @param mixed  $value Parameter value.
 427       */
 428  	public function set_param( $key, $value ) {
 429          $order                             = $this->get_parameter_order();
 430          $this->params[ $order[0] ][ $key ] = $value;
 431      }
 432  
 433      /**
 434       * Retrieves merged parameters from the request.
 435       *
 436       * The equivalent of get_param(), but returns all parameters for the request.
 437       * Handles merging all the available values into a single array.
 438       *
 439       * @since 4.4.0
 440       *
 441       * @return array Map of key to value.
 442       */
 443  	public function get_params() {
 444          $order = $this->get_parameter_order();
 445          $order = array_reverse( $order, true );
 446  
 447          $params = array();
 448          foreach ( $order as $type ) {
 449              // array_merge / the "+" operator will mess up
 450              // numeric keys, so instead do a manual foreach.
 451              foreach ( (array) $this->params[ $type ] as $key => $value ) {
 452                  $params[ $key ] = $value;
 453              }
 454          }
 455  
 456          return $params;
 457      }
 458  
 459      /**
 460       * Retrieves parameters from the route itself.
 461       *
 462       * These are parsed from the URL using the regex.
 463       *
 464       * @since 4.4.0
 465       *
 466       * @return array Parameter map of key to value.
 467       */
 468  	public function get_url_params() {
 469          return $this->params['URL'];
 470      }
 471  
 472      /**
 473       * Sets parameters from the route.
 474       *
 475       * Typically, this is set after parsing the URL.
 476       *
 477       * @since 4.4.0
 478       *
 479       * @param array $params Parameter map of key to value.
 480       */
 481  	public function set_url_params( $params ) {
 482          $this->params['URL'] = $params;
 483      }
 484  
 485      /**
 486       * Retrieves parameters from the query string.
 487       *
 488       * These are the parameters you'd typically find in `$_GET`.
 489       *
 490       * @since 4.4.0
 491       *
 492       * @return array Parameter map of key to value
 493       */
 494  	public function get_query_params() {
 495          return $this->params['GET'];
 496      }
 497  
 498      /**
 499       * Sets parameters from the query string.
 500       *
 501       * Typically, this is set from `$_GET`.
 502       *
 503       * @since 4.4.0
 504       *
 505       * @param array $params Parameter map of key to value.
 506       */
 507  	public function set_query_params( $params ) {
 508          $this->params['GET'] = $params;
 509      }
 510  
 511      /**
 512       * Retrieves parameters from the body.
 513       *
 514       * These are the parameters you'd typically find in `$_POST`.
 515       *
 516       * @since 4.4.0
 517       *
 518       * @return array Parameter map of key to value.
 519       */
 520  	public function get_body_params() {
 521          return $this->params['POST'];
 522      }
 523  
 524      /**
 525       * Sets parameters from the body.
 526       *
 527       * Typically, this is set from `$_POST`.
 528       *
 529       * @since 4.4.0
 530       *
 531       * @param array $params Parameter map of key to value.
 532       */
 533  	public function set_body_params( $params ) {
 534          $this->params['POST'] = $params;
 535      }
 536  
 537      /**
 538       * Retrieves multipart file parameters from the body.
 539       *
 540       * These are the parameters you'd typically find in `$_FILES`.
 541       *
 542       * @since 4.4.0
 543       *
 544       * @return array Parameter map of key to value
 545       */
 546  	public function get_file_params() {
 547          return $this->params['FILES'];
 548      }
 549  
 550      /**
 551       * Sets multipart file parameters from the body.
 552       *
 553       * Typically, this is set from `$_FILES`.
 554       *
 555       * @since 4.4.0
 556       *
 557       * @param array $params Parameter map of key to value.
 558       */
 559  	public function set_file_params( $params ) {
 560          $this->params['FILES'] = $params;
 561      }
 562  
 563      /**
 564       * Retrieves the default parameters.
 565       *
 566       * These are the parameters set in the route registration.
 567       *
 568       * @since 4.4.0
 569       *
 570       * @return array Parameter map of key to value
 571       */
 572  	public function get_default_params() {
 573          return $this->params['defaults'];
 574      }
 575  
 576      /**
 577       * Sets default parameters.
 578       *
 579       * These are the parameters set in the route registration.
 580       *
 581       * @since 4.4.0
 582       *
 583       * @param array $params Parameter map of key to value.
 584       */
 585  	public function set_default_params( $params ) {
 586          $this->params['defaults'] = $params;
 587      }
 588  
 589      /**
 590       * Retrieves the request body content.
 591       *
 592       * @since 4.4.0
 593       *
 594       * @return string Binary data from the request body.
 595       */
 596  	public function get_body() {
 597          return $this->body;
 598      }
 599  
 600      /**
 601       * Sets body content.
 602       *
 603       * @since 4.4.0
 604       *
 605       * @param string $data Binary data from the request body.
 606       */
 607  	public function set_body( $data ) {
 608          $this->body = $data;
 609  
 610          // Enable lazy parsing.
 611          $this->parsed_json    = false;
 612          $this->parsed_body    = false;
 613          $this->params['JSON'] = null;
 614      }
 615  
 616      /**
 617       * Retrieves the parameters from a JSON-formatted body.
 618       *
 619       * @since 4.4.0
 620       *
 621       * @return array Parameter map of key to value.
 622       */
 623  	public function get_json_params() {
 624          // Ensure the parameters have been parsed out.
 625          $this->parse_json_params();
 626  
 627          return $this->params['JSON'];
 628      }
 629  
 630      /**
 631       * Parses the JSON parameters.
 632       *
 633       * Avoids parsing the JSON data until we need to access it.
 634       *
 635       * @since 4.4.0
 636       * @since 4.7.0 Returns error instance if value cannot be decoded.
 637       * @return true|WP_Error True if the JSON data was passed or no JSON data was provided, WP_Error if invalid JSON was passed.
 638       */
 639  	protected function parse_json_params() {
 640          if ( $this->parsed_json ) {
 641              return true;
 642          }
 643  
 644          $this->parsed_json = true;
 645  
 646          // Check that we actually got JSON.
 647          $content_type = $this->get_content_type();
 648  
 649          if ( empty( $content_type ) || 'application/json' !== $content_type['value'] ) {
 650              return true;
 651          }
 652  
 653          $body = $this->get_body();
 654          if ( empty( $body ) ) {
 655              return true;
 656          }
 657  
 658          $params = json_decode( $body, true );
 659  
 660          /*
 661           * Check for a parsing error.
 662           */
 663          if ( null === $params && JSON_ERROR_NONE !== json_last_error() ) {
 664              // Ensure subsequent calls receive error instance.
 665              $this->parsed_json = false;
 666  
 667              $error_data = array(
 668                  'status'             => WP_Http::BAD_REQUEST,
 669                  'json_error_code'    => json_last_error(),
 670                  'json_error_message' => json_last_error_msg(),
 671              );
 672  
 673              return new WP_Error( 'rest_invalid_json', __( 'Invalid JSON body passed.' ), $error_data );
 674          }
 675  
 676          $this->params['JSON'] = $params;
 677          return true;
 678      }
 679  
 680      /**
 681       * Parses the request body parameters.
 682       *
 683       * Parses out URL-encoded bodies for request methods that aren't supported
 684       * natively by PHP. In PHP 5.x, only POST has these parsed automatically.
 685       *
 686       * @since 4.4.0
 687       */
 688  	protected function parse_body_params() {
 689          if ( $this->parsed_body ) {
 690              return;
 691          }
 692  
 693          $this->parsed_body = true;
 694  
 695          /*
 696           * Check that we got URL-encoded. Treat a missing content-type as
 697           * URL-encoded for maximum compatibility.
 698           */
 699          $content_type = $this->get_content_type();
 700  
 701          if ( ! empty( $content_type ) && 'application/x-www-form-urlencoded' !== $content_type['value'] ) {
 702              return;
 703          }
 704  
 705          parse_str( $this->get_body(), $params );
 706  
 707          /*
 708           * Add to the POST parameters stored internally. If a user has already
 709           * set these manually (via `set_body_params`), don't override them.
 710           */
 711          $this->params['POST'] = array_merge( $params, $this->params['POST'] );
 712      }
 713  
 714      /**
 715       * Retrieves the route that matched the request.
 716       *
 717       * @since 4.4.0
 718       *
 719       * @return string Route matching regex.
 720       */
 721  	public function get_route() {
 722          return $this->route;
 723      }
 724  
 725      /**
 726       * Sets the route that matched the request.
 727       *
 728       * @since 4.4.0
 729       *
 730       * @param string $route Route matching regex.
 731       */
 732  	public function set_route( $route ) {
 733          $this->route = $route;
 734      }
 735  
 736      /**
 737       * Retrieves the attributes for the request.
 738       *
 739       * These are the options for the route that was matched.
 740       *
 741       * @since 4.4.0
 742       *
 743       * @return array Attributes for the request.
 744       */
 745  	public function get_attributes() {
 746          return $this->attributes;
 747      }
 748  
 749      /**
 750       * Sets the attributes for the request.
 751       *
 752       * @since 4.4.0
 753       *
 754       * @param array $attributes Attributes for the request.
 755       */
 756  	public function set_attributes( $attributes ) {
 757          $this->attributes = $attributes;
 758      }
 759  
 760      /**
 761       * Sanitizes (where possible) the params on the request.
 762       *
 763       * This is primarily based off the sanitize_callback param on each registered
 764       * argument.
 765       *
 766       * @since 4.4.0
 767       *
 768       * @return true|WP_Error True if parameters were sanitized, WP_Error if an error occurred during sanitization.
 769       */
 770  	public function sanitize_params() {
 771          $attributes = $this->get_attributes();
 772  
 773          // No arguments set, skip sanitizing.
 774          if ( empty( $attributes['args'] ) ) {
 775              return true;
 776          }
 777  
 778          $order = $this->get_parameter_order();
 779  
 780          $invalid_params = array();
 781  
 782          foreach ( $order as $type ) {
 783              if ( empty( $this->params[ $type ] ) ) {
 784                  continue;
 785              }
 786              foreach ( $this->params[ $type ] as $key => $value ) {
 787                  if ( ! isset( $attributes['args'][ $key ] ) ) {
 788                      continue;
 789                  }
 790                  $param_args = $attributes['args'][ $key ];
 791  
 792                  // If the arg has a type but no sanitize_callback attribute, default to rest_parse_request_arg.
 793                  if ( ! array_key_exists( 'sanitize_callback', $param_args ) && ! empty( $param_args['type'] ) ) {
 794                      $param_args['sanitize_callback'] = 'rest_parse_request_arg';
 795                  }
 796                  // If there's still no sanitize_callback, nothing to do here.
 797                  if ( empty( $param_args['sanitize_callback'] ) ) {
 798                      continue;
 799                  }
 800  
 801                  $sanitized_value = call_user_func( $param_args['sanitize_callback'], $value, $this, $key );
 802  
 803                  if ( is_wp_error( $sanitized_value ) ) {
 804                      $invalid_params[ $key ] = $sanitized_value->get_error_message();
 805                  } else {
 806                      $this->params[ $type ][ $key ] = $sanitized_value;
 807                  }
 808              }
 809          }
 810  
 811          if ( $invalid_params ) {
 812              return new WP_Error(
 813                  'rest_invalid_param',
 814                  /* translators: %s: List of invalid parameters. */
 815                  sprintf( __( 'Invalid parameter(s): %s' ), implode( ', ', array_keys( $invalid_params ) ) ),
 816                  array(
 817                      'status' => 400,
 818                      'params' => $invalid_params,
 819                  )
 820              );
 821          }
 822  
 823          return true;
 824      }
 825  
 826      /**
 827       * Checks whether this request is valid according to its attributes.
 828       *
 829       * @since 4.4.0
 830       *
 831       * @return bool|WP_Error True if there are no parameters to validate or if all pass validation,
 832       *                       WP_Error if required parameters are missing.
 833       */
 834  	public function has_valid_params() {
 835          // If JSON data was passed, check for errors.
 836          $json_error = $this->parse_json_params();
 837          if ( is_wp_error( $json_error ) ) {
 838              return $json_error;
 839          }
 840  
 841          $attributes = $this->get_attributes();
 842          $required   = array();
 843  
 844          // No arguments set, skip validation.
 845          if ( empty( $attributes['args'] ) ) {
 846              return true;
 847          }
 848  
 849          foreach ( $attributes['args'] as $key => $arg ) {
 850  
 851              $param = $this->get_param( $key );
 852              if ( isset( $arg['required'] ) && true === $arg['required'] && null === $param ) {
 853                  $required[] = $key;
 854              }
 855          }
 856  
 857          if ( ! empty( $required ) ) {
 858              return new WP_Error(
 859                  'rest_missing_callback_param',
 860                  /* translators: %s: List of required parameters. */
 861                  sprintf( __( 'Missing parameter(s): %s' ), implode( ', ', $required ) ),
 862                  array(
 863                      'status' => 400,
 864                      'params' => $required,
 865                  )
 866              );
 867          }
 868  
 869          /*
 870           * Check the validation callbacks for each registered arg.
 871           *
 872           * This is done after required checking as required checking is cheaper.
 873           */
 874          $invalid_params = array();
 875  
 876          foreach ( $attributes['args'] as $key => $arg ) {
 877  
 878              $param = $this->get_param( $key );
 879  
 880              if ( null !== $param && ! empty( $arg['validate_callback'] ) ) {
 881                  $valid_check = call_user_func( $arg['validate_callback'], $param, $this, $key );
 882  
 883                  if ( false === $valid_check ) {
 884                      $invalid_params[ $key ] = __( 'Invalid parameter.' );
 885                  }
 886  
 887                  if ( is_wp_error( $valid_check ) ) {
 888                      $invalid_params[ $key ] = $valid_check->get_error_message();
 889                  }
 890              }
 891          }
 892  
 893          if ( $invalid_params ) {
 894              return new WP_Error(
 895                  'rest_invalid_param',
 896                  /* translators: %s: List of invalid parameters. */
 897                  sprintf( __( 'Invalid parameter(s): %s' ), implode( ', ', array_keys( $invalid_params ) ) ),
 898                  array(
 899                      'status' => 400,
 900                      'params' => $invalid_params,
 901                  )
 902              );
 903          }
 904  
 905          return true;
 906  
 907      }
 908  
 909      /**
 910       * Checks if a parameter is set.
 911       *
 912       * @since 4.4.0
 913       *
 914       * @param string $offset Parameter name.
 915       * @return bool Whether the parameter is set.
 916       */
 917  	public function offsetExists( $offset ) {
 918          $order = $this->get_parameter_order();
 919  
 920          foreach ( $order as $type ) {
 921              if ( isset( $this->params[ $type ][ $offset ] ) ) {
 922                  return true;
 923              }
 924          }
 925  
 926          return false;
 927      }
 928  
 929      /**
 930       * Retrieves a parameter from the request.
 931       *
 932       * @since 4.4.0
 933       *
 934       * @param string $offset Parameter name.
 935       * @return mixed|null Value if set, null otherwise.
 936       */
 937  	public function offsetGet( $offset ) {
 938          return $this->get_param( $offset );
 939      }
 940  
 941      /**
 942       * Sets a parameter on the request.
 943       *
 944       * @since 4.4.0
 945       *
 946       * @param string $offset Parameter name.
 947       * @param mixed  $value  Parameter value.
 948       */
 949  	public function offsetSet( $offset, $value ) {
 950          $this->set_param( $offset, $value );
 951      }
 952  
 953      /**
 954       * Removes a parameter from the request.
 955       *
 956       * @since 4.4.0
 957       *
 958       * @param string $offset Parameter name.
 959       */
 960  	public function offsetUnset( $offset ) {
 961          $order = $this->get_parameter_order();
 962  
 963          // Remove the offset from every group.
 964          foreach ( $order as $type ) {
 965              unset( $this->params[ $type ][ $offset ] );
 966          }
 967      }
 968  
 969      /**
 970       * Retrieves a WP_REST_Request object from a full URL.
 971       *
 972       * @since 4.5.0
 973       *
 974       * @param string $url URL with protocol, domain, path and query args.
 975       * @return WP_REST_Request|false WP_REST_Request object on success, false on failure.
 976       */
 977  	public static function from_url( $url ) {
 978          $bits         = parse_url( $url );
 979          $query_params = array();
 980  
 981          if ( ! empty( $bits['query'] ) ) {
 982              wp_parse_str( $bits['query'], $query_params );
 983          }
 984  
 985          $api_root = rest_url();
 986          if ( get_option( 'permalink_structure' ) && 0 === strpos( $url, $api_root ) ) {
 987              // Pretty permalinks on, and URL is under the API root.
 988              $api_url_part = substr( $url, strlen( untrailingslashit( $api_root ) ) );
 989              $route        = parse_url( $api_url_part, PHP_URL_PATH );
 990          } elseif ( ! empty( $query_params['rest_route'] ) ) {
 991              // ?rest_route=... set directly
 992              $route = $query_params['rest_route'];
 993              unset( $query_params['rest_route'] );
 994          }
 995  
 996          $request = false;
 997          if ( ! empty( $route ) ) {
 998              $request = new WP_REST_Request( 'GET', $route );
 999              $request->set_query_params( $query_params );
1000          }
1001  
1002          /**
1003           * Filters the request generated from a URL.
1004           *
1005           * @since 4.5.0
1006           *
1007           * @param WP_REST_Request|false $request Generated request object, or false if URL
1008           *                                       could not be parsed.
1009           * @param string                $url     URL the request was generated from.
1010           */
1011          return apply_filters( 'rest_request_from_url', $request, $url );
1012      }
1013  }


Generated: Sat Nov 23 20:47:33 2019 Cross-referenced by PHPXref 0.7