[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-includes/rest-api/endpoints/ -> class-wp-rest-global-styles-controller.php (source)

   1  <?php
   2  /**
   3   * REST API: WP_REST_Global_Styles_Controller class
   4   *
   5   * @package    WordPress
   6   * @subpackage REST_API
   7   * @since 5.9.0
   8   */
   9  
  10  /**
  11   * Base Global Styles REST API Controller.
  12   */
  13  class WP_REST_Global_Styles_Controller extends WP_REST_Posts_Controller {
  14      /**
  15       * Whether the controller supports batching.
  16       *
  17       * @since 6.6.0
  18       * @var array
  19       */
  20      protected $allow_batch = array( 'v1' => false );
  21  
  22      /**
  23       * Constructor.
  24       *
  25       * @since 6.6.0
  26       *
  27       * @param string $post_type Post type.
  28       */
  29  	public function __construct( $post_type = 'wp_global_styles' ) {
  30          parent::__construct( $post_type );
  31      }
  32  
  33      /**
  34       * Registers the controllers routes.
  35       *
  36       * @since 5.9.0
  37       */
  38  	public function register_routes() {
  39          register_rest_route(
  40              $this->namespace,
  41              '/' . $this->rest_base . '/themes/(?P<stylesheet>[\/\s%\w\.\(\)\[\]\@_\-]+)/variations',
  42              array(
  43                  array(
  44                      'methods'             => WP_REST_Server::READABLE,
  45                      'callback'            => array( $this, 'get_theme_items' ),
  46                      'permission_callback' => array( $this, 'get_theme_items_permissions_check' ),
  47                      'args'                => array(
  48                          'stylesheet' => array(
  49                              'description' => __( 'The theme identifier' ),
  50                              'type'        => 'string',
  51                          ),
  52                      ),
  53                      'allow_batch'         => $this->allow_batch,
  54                  ),
  55              )
  56          );
  57  
  58          // List themes global styles.
  59          register_rest_route(
  60              $this->namespace,
  61              // The route.
  62              sprintf(
  63                  '/%s/themes/(?P<stylesheet>%s)',
  64                  $this->rest_base,
  65                  /*
  66                   * Matches theme's directory: `/themes/<subdirectory>/<theme>/` or `/themes/<theme>/`.
  67                   * Excludes invalid directory name characters: `/:<>*?"|`.
  68                   */
  69                  '[^\/:<>\*\?"\|]+(?:\/[^\/:<>\*\?"\|]+)?'
  70              ),
  71              array(
  72                  array(
  73                      'methods'             => WP_REST_Server::READABLE,
  74                      'callback'            => array( $this, 'get_theme_item' ),
  75                      'permission_callback' => array( $this, 'get_theme_item_permissions_check' ),
  76                      'args'                => array(
  77                          'stylesheet' => array(
  78                              'description'       => __( 'The theme identifier' ),
  79                              'type'              => 'string',
  80                              'sanitize_callback' => array( $this, '_sanitize_global_styles_callback' ),
  81                          ),
  82                      ),
  83                      'allow_batch'         => $this->allow_batch,
  84                  ),
  85              )
  86          );
  87  
  88          // Lists/updates a single global style variation based on the given id.
  89          register_rest_route(
  90              $this->namespace,
  91              '/' . $this->rest_base . '/(?P<id>[\/\w-]+)',
  92              array(
  93                  array(
  94                      'methods'             => WP_REST_Server::READABLE,
  95                      'callback'            => array( $this, 'get_item' ),
  96                      'permission_callback' => array( $this, 'get_item_permissions_check' ),
  97                      'args'                => array(
  98                          'id' => array(
  99                              'description'       => __( 'The id of a template' ),
 100                              'type'              => 'string',
 101                              'sanitize_callback' => array( $this, '_sanitize_global_styles_callback' ),
 102                          ),
 103                      ),
 104                  ),
 105                  array(
 106                      'methods'             => WP_REST_Server::EDITABLE,
 107                      'callback'            => array( $this, 'update_item' ),
 108                      'permission_callback' => array( $this, 'update_item_permissions_check' ),
 109                      'args'                => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ),
 110                  ),
 111                  'schema'      => array( $this, 'get_public_item_schema' ),
 112                  'allow_batch' => $this->allow_batch,
 113              )
 114          );
 115      }
 116  
 117      /**
 118       * Sanitize the global styles ID or stylesheet to decode endpoint.
 119       * For example, `wp/v2/global-styles/twentytwentytwo%200.4.0`
 120       * would be decoded to `twentytwentytwo 0.4.0`.
 121       *
 122       * @since 5.9.0
 123       *
 124       * @param string $id_or_stylesheet Global styles ID or stylesheet.
 125       * @return string Sanitized global styles ID or stylesheet.
 126       */
 127  	public function _sanitize_global_styles_callback( $id_or_stylesheet ) {
 128          return urldecode( $id_or_stylesheet );
 129      }
 130  
 131      /**
 132       * Get the post, if the ID is valid.
 133       *
 134       * @since 5.9.0
 135       *
 136       * @param int $id Supplied ID.
 137       * @return WP_Post|WP_Error Post object if ID is valid, WP_Error otherwise.
 138       */
 139  	protected function get_post( $id ) {
 140          $error = new WP_Error(
 141              'rest_global_styles_not_found',
 142              __( 'No global styles config exist with that id.' ),
 143              array( 'status' => 404 )
 144          );
 145  
 146          $id = (int) $id;
 147          if ( $id <= 0 ) {
 148              return $error;
 149          }
 150  
 151          $post = get_post( $id );
 152          if ( empty( $post ) || empty( $post->ID ) || $this->post_type !== $post->post_type ) {
 153              return $error;
 154          }
 155  
 156          return $post;
 157      }
 158  
 159      /**
 160       * Checks if a given request has access to read a single global style.
 161       *
 162       * @since 5.9.0
 163       *
 164       * @param WP_REST_Request $request Full details about the request.
 165       * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 166       */
 167  	public function get_item_permissions_check( $request ) {
 168          $post = $this->get_post( $request['id'] );
 169          if ( is_wp_error( $post ) ) {
 170              return $post;
 171          }
 172  
 173          if ( 'edit' === $request['context'] && $post && ! $this->check_update_permission( $post ) ) {
 174              return new WP_Error(
 175                  'rest_forbidden_context',
 176                  __( 'Sorry, you are not allowed to edit this global style.' ),
 177                  array( 'status' => rest_authorization_required_code() )
 178              );
 179          }
 180  
 181          if ( ! $this->check_read_permission( $post ) ) {
 182              return new WP_Error(
 183                  'rest_cannot_view',
 184                  __( 'Sorry, you are not allowed to view this global style.' ),
 185                  array( 'status' => rest_authorization_required_code() )
 186              );
 187          }
 188  
 189          return true;
 190      }
 191  
 192      /**
 193       * Checks if a global style can be read.
 194       *
 195       * @since 5.9.0
 196       *
 197       * @param WP_Post $post Post object.
 198       * @return bool Whether the post can be read.
 199       */
 200  	public function check_read_permission( $post ) {
 201          return current_user_can( 'read_post', $post->ID );
 202      }
 203  
 204      /**
 205       * Checks if a given request has access to write a single global styles config.
 206       *
 207       * @since 5.9.0
 208       *
 209       * @param WP_REST_Request $request Full details about the request.
 210       * @return true|WP_Error True if the request has write access for the item, WP_Error object otherwise.
 211       */
 212  	public function update_item_permissions_check( $request ) {
 213          $post = $this->get_post( $request['id'] );
 214          if ( is_wp_error( $post ) ) {
 215              return $post;
 216          }
 217  
 218          if ( $post && ! $this->check_update_permission( $post ) ) {
 219              return new WP_Error(
 220                  'rest_cannot_edit',
 221                  __( 'Sorry, you are not allowed to edit this global style.' ),
 222                  array( 'status' => rest_authorization_required_code() )
 223              );
 224          }
 225  
 226          return true;
 227      }
 228  
 229      /**
 230       * Prepares a single global styles config for update.
 231       *
 232       * @since 5.9.0
 233       * @since 6.2.0 Added validation of styles.css property.
 234       * @since 6.6.0 Added registration of block style variations from theme.json sources (theme.json, user theme.json, partials).
 235       *
 236       * @param WP_REST_Request $request Request object.
 237       * @return stdClass|WP_Error Prepared item on success. WP_Error on when the custom CSS is not valid.
 238       */
 239  	protected function prepare_item_for_database( $request ) {
 240          $changes     = new stdClass();
 241          $changes->ID = $request['id'];
 242  
 243          $post            = get_post( $request['id'] );
 244          $existing_config = array();
 245          if ( $post ) {
 246              $existing_config     = json_decode( $post->post_content, true );
 247              $json_decoding_error = json_last_error();
 248              if ( JSON_ERROR_NONE !== $json_decoding_error || ! isset( $existing_config['isGlobalStylesUserThemeJSON'] ) ||
 249                  ! $existing_config['isGlobalStylesUserThemeJSON'] ) {
 250                  $existing_config = array();
 251              }
 252          }
 253  
 254          if ( isset( $request['styles'] ) || isset( $request['settings'] ) ) {
 255              $config = array();
 256              if ( isset( $request['styles'] ) ) {
 257                  if ( isset( $request['styles']['css'] ) ) {
 258                      $css_validation_result = $this->validate_custom_css( $request['styles']['css'] );
 259                      if ( is_wp_error( $css_validation_result ) ) {
 260                          return $css_validation_result;
 261                      }
 262                  }
 263                  $config['styles'] = $request['styles'];
 264              } elseif ( isset( $existing_config['styles'] ) ) {
 265                  $config['styles'] = $existing_config['styles'];
 266              }
 267  
 268              // Register theme-defined variations e.g. from block style variation partials under `/styles`.
 269              $variations = WP_Theme_JSON_Resolver::get_style_variations( 'block' );
 270              wp_register_block_style_variations_from_theme_json_partials( $variations );
 271  
 272              if ( isset( $request['settings'] ) ) {
 273                  $config['settings'] = $request['settings'];
 274              } elseif ( isset( $existing_config['settings'] ) ) {
 275                  $config['settings'] = $existing_config['settings'];
 276              }
 277              $config['isGlobalStylesUserThemeJSON'] = true;
 278              $config['version']                     = WP_Theme_JSON::LATEST_SCHEMA;
 279              $changes->post_content                 = wp_json_encode( $config );
 280          }
 281  
 282          // Post title.
 283          if ( isset( $request['title'] ) ) {
 284              if ( is_string( $request['title'] ) ) {
 285                  $changes->post_title = $request['title'];
 286              } elseif ( ! empty( $request['title']['raw'] ) ) {
 287                  $changes->post_title = $request['title']['raw'];
 288              }
 289          }
 290  
 291          return $changes;
 292      }
 293  
 294      /**
 295       * Prepare a global styles config output for response.
 296       *
 297       * @since 5.9.0
 298       * @since 6.6.0 Added custom relative theme file URIs to `_links`.
 299       *
 300       * @param WP_Post         $post    Global Styles post object.
 301       * @param WP_REST_Request $request Request object.
 302       * @return WP_REST_Response Response object.
 303       */
 304  	public function prepare_item_for_response( $post, $request ) {
 305          $raw_config                       = json_decode( $post->post_content, true );
 306          $is_global_styles_user_theme_json = isset( $raw_config['isGlobalStylesUserThemeJSON'] ) && true === $raw_config['isGlobalStylesUserThemeJSON'];
 307          $config                           = array();
 308          $theme_json                       = null;
 309          if ( $is_global_styles_user_theme_json ) {
 310              $theme_json = new WP_Theme_JSON( $raw_config, 'custom' );
 311              $config     = $theme_json->get_raw_data();
 312          }
 313  
 314          // Base fields for every post.
 315          $fields = $this->get_fields_for_response( $request );
 316          $data   = array();
 317  
 318          if ( rest_is_field_included( 'id', $fields ) ) {
 319              $data['id'] = $post->ID;
 320          }
 321  
 322          if ( rest_is_field_included( 'title', $fields ) ) {
 323              $data['title'] = array();
 324          }
 325          if ( rest_is_field_included( 'title.raw', $fields ) ) {
 326              $data['title']['raw'] = $post->post_title;
 327          }
 328          if ( rest_is_field_included( 'title.rendered', $fields ) ) {
 329              add_filter( 'protected_title_format', array( $this, 'protected_title_format' ) );
 330  
 331              $data['title']['rendered'] = get_the_title( $post->ID );
 332  
 333              remove_filter( 'protected_title_format', array( $this, 'protected_title_format' ) );
 334          }
 335  
 336          if ( rest_is_field_included( 'settings', $fields ) ) {
 337              $data['settings'] = ! empty( $config['settings'] ) && $is_global_styles_user_theme_json ? $config['settings'] : new stdClass();
 338          }
 339  
 340          if ( rest_is_field_included( 'styles', $fields ) ) {
 341              $data['styles'] = ! empty( $config['styles'] ) && $is_global_styles_user_theme_json ? $config['styles'] : new stdClass();
 342          }
 343  
 344          $context = ! empty( $request['context'] ) ? $request['context'] : 'view';
 345          $data    = $this->add_additional_fields_to_object( $data, $request );
 346          $data    = $this->filter_response_by_context( $data, $context );
 347  
 348          // Wrap the data in a response object.
 349          $response = rest_ensure_response( $data );
 350  
 351          if ( rest_is_field_included( '_links', $fields ) || rest_is_field_included( '_embedded', $fields ) ) {
 352              $links = $this->prepare_links( $post->ID );
 353  
 354              // Only return resolved URIs for get requests to user theme JSON.
 355              if ( $theme_json ) {
 356                  $resolved_theme_uris = WP_Theme_JSON_Resolver::get_resolved_theme_uris( $theme_json );
 357                  if ( ! empty( $resolved_theme_uris ) ) {
 358                      $links['https://api.w.org/theme-file'] = $resolved_theme_uris;
 359                  }
 360              }
 361  
 362              $response->add_links( $links );
 363              if ( ! empty( $links['self']['href'] ) ) {
 364                  $actions = $this->get_available_actions( $post, $request );
 365                  $self    = $links['self']['href'];
 366                  foreach ( $actions as $rel ) {
 367                      $response->add_link( $rel, $self );
 368                  }
 369              }
 370          }
 371  
 372          return $response;
 373      }
 374  
 375      /**
 376       * Prepares links for the request.
 377       *
 378       * @since 5.9.0
 379       * @since 6.3.0 Adds revisions count and rest URL href to version-history.
 380       *
 381       * @param integer $id ID.
 382       * @return array Links for the given post.
 383       */
 384  	protected function prepare_links( $id ) {
 385          $base = sprintf( '%s/%s', $this->namespace, $this->rest_base );
 386  
 387          $links = array(
 388              'self'  => array(
 389                  'href' => rest_url( trailingslashit( $base ) . $id ),
 390              ),
 391              'about' => array(
 392                  'href' => rest_url( 'wp/v2/types/' . $this->post_type ),
 393              ),
 394          );
 395  
 396          if ( post_type_supports( $this->post_type, 'revisions' ) ) {
 397              $revisions                = wp_get_latest_revision_id_and_total_count( $id );
 398              $revisions_count          = ! is_wp_error( $revisions ) ? $revisions['count'] : 0;
 399              $revisions_base           = sprintf( '/%s/%d/revisions', $base, $id );
 400              $links['version-history'] = array(
 401                  'href'  => rest_url( $revisions_base ),
 402                  'count' => $revisions_count,
 403              );
 404          }
 405  
 406          return $links;
 407      }
 408  
 409      /**
 410       * Get the link relations available for the post and current user.
 411       *
 412       * @since 5.9.0
 413       * @since 6.2.0 Added 'edit-css' action.
 414       * @since 6.6.0 Added $post and $request parameters.
 415       *
 416       * @param WP_Post         $post    Post object.
 417       * @param WP_REST_Request $request Request object.
 418       * @return array List of link relations.
 419       */
 420  	protected function get_available_actions( $post, $request ) {
 421          $rels = array();
 422  
 423          $post_type = get_post_type_object( $post->post_type );
 424          if ( current_user_can( $post_type->cap->publish_posts ) ) {
 425              $rels[] = 'https://api.w.org/action-publish';
 426          }
 427  
 428          if ( current_user_can( 'edit_css' ) ) {
 429              $rels[] = 'https://api.w.org/action-edit-css';
 430          }
 431  
 432          return $rels;
 433      }
 434  
 435      /**
 436       * Retrieves the query params for the global styles collection.
 437       *
 438       * @since 5.9.0
 439       *
 440       * @return array Collection parameters.
 441       */
 442  	public function get_collection_params() {
 443          return array();
 444      }
 445  
 446      /**
 447       * Retrieves the global styles type' schema, conforming to JSON Schema.
 448       *
 449       * @since 5.9.0
 450       *
 451       * @return array Item schema data.
 452       */
 453  	public function get_item_schema() {
 454          if ( $this->schema ) {
 455              return $this->add_additional_fields_schema( $this->schema );
 456          }
 457  
 458          $schema = array(
 459              '$schema'    => 'http://json-schema.org/draft-04/schema#',
 460              'title'      => $this->post_type,
 461              'type'       => 'object',
 462              'properties' => array(
 463                  'id'       => array(
 464                      'description' => __( 'ID of global styles config.' ),
 465                      'type'        => 'string',
 466                      'context'     => array( 'embed', 'view', 'edit' ),
 467                      'readonly'    => true,
 468                  ),
 469                  'styles'   => array(
 470                      'description' => __( 'Global styles.' ),
 471                      'type'        => array( 'object' ),
 472                      'context'     => array( 'view', 'edit' ),
 473                  ),
 474                  'settings' => array(
 475                      'description' => __( 'Global settings.' ),
 476                      'type'        => array( 'object' ),
 477                      'context'     => array( 'view', 'edit' ),
 478                  ),
 479                  'title'    => array(
 480                      'description' => __( 'Title of the global styles variation.' ),
 481                      'type'        => array( 'object', 'string' ),
 482                      'default'     => '',
 483                      'context'     => array( 'embed', 'view', 'edit' ),
 484                      'properties'  => array(
 485                          'raw'      => array(
 486                              'description' => __( 'Title for the global styles variation, as it exists in the database.' ),
 487                              'type'        => 'string',
 488                              'context'     => array( 'view', 'edit', 'embed' ),
 489                          ),
 490                          'rendered' => array(
 491                              'description' => __( 'HTML title for the post, transformed for display.' ),
 492                              'type'        => 'string',
 493                              'context'     => array( 'view', 'edit', 'embed' ),
 494                              'readonly'    => true,
 495                          ),
 496                      ),
 497                  ),
 498              ),
 499          );
 500  
 501          $this->schema = $schema;
 502  
 503          return $this->add_additional_fields_schema( $this->schema );
 504      }
 505  
 506      /**
 507       * Checks if a given request has access to read a single theme global styles config.
 508       *
 509       * @since 5.9.0
 510       *
 511       * @param WP_REST_Request $request Full details about the request.
 512       * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise.
 513       */
 514  	public function get_theme_item_permissions_check( $request ) {
 515          /*
 516           * Verify if the current user has edit_theme_options capability.
 517           * This capability is required to edit/view/delete templates.
 518           */
 519          if ( ! current_user_can( 'edit_theme_options' ) ) {
 520              return new WP_Error(
 521                  'rest_cannot_manage_global_styles',
 522                  __( 'Sorry, you are not allowed to access the global styles on this site.' ),
 523                  array(
 524                      'status' => rest_authorization_required_code(),
 525                  )
 526              );
 527          }
 528  
 529          return true;
 530      }
 531  
 532      /**
 533       * Returns the given theme global styles config.
 534       *
 535       * @since 5.9.0
 536       * @since 6.6.0 Added custom relative theme file URIs to `_links`.
 537       *
 538       * @param WP_REST_Request $request The request instance.
 539       * @return WP_REST_Response|WP_Error
 540       */
 541  	public function get_theme_item( $request ) {
 542          if ( get_stylesheet() !== $request['stylesheet'] ) {
 543              // This endpoint only supports the active theme for now.
 544              return new WP_Error(
 545                  'rest_theme_not_found',
 546                  __( 'Theme not found.' ),
 547                  array( 'status' => 404 )
 548              );
 549          }
 550  
 551          $theme  = WP_Theme_JSON_Resolver::get_merged_data( 'theme' );
 552          $fields = $this->get_fields_for_response( $request );
 553          $data   = array();
 554  
 555          if ( rest_is_field_included( 'settings', $fields ) ) {
 556              $data['settings'] = $theme->get_settings();
 557          }
 558  
 559          if ( rest_is_field_included( 'styles', $fields ) ) {
 560              $raw_data       = $theme->get_raw_data();
 561              $data['styles'] = isset( $raw_data['styles'] ) ? $raw_data['styles'] : array();
 562          }
 563  
 564          $context = ! empty( $request['context'] ) ? $request['context'] : 'view';
 565          $data    = $this->add_additional_fields_to_object( $data, $request );
 566          $data    = $this->filter_response_by_context( $data, $context );
 567  
 568          $response = rest_ensure_response( $data );
 569  
 570          if ( rest_is_field_included( '_links', $fields ) || rest_is_field_included( '_embedded', $fields ) ) {
 571              $links               = array(
 572                  'self' => array(
 573                      'href' => rest_url( sprintf( '%s/%s/themes/%s', $this->namespace, $this->rest_base, $request['stylesheet'] ) ),
 574                  ),
 575              );
 576              $resolved_theme_uris = WP_Theme_JSON_Resolver::get_resolved_theme_uris( $theme );
 577              if ( ! empty( $resolved_theme_uris ) ) {
 578                  $links['https://api.w.org/theme-file'] = $resolved_theme_uris;
 579              }
 580              $response->add_links( $links );
 581          }
 582  
 583          return $response;
 584      }
 585  
 586      /**
 587       * Checks if a given request has access to read a single theme global styles config.
 588       *
 589       * @since 6.0.0
 590       *
 591       * @param WP_REST_Request $request Full details about the request.
 592       * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise.
 593       */
 594  	public function get_theme_items_permissions_check( $request ) {
 595          /*
 596           * Verify if the current user has edit_theme_options capability.
 597           * This capability is required to edit/view/delete templates.
 598           */
 599          if ( ! current_user_can( 'edit_theme_options' ) ) {
 600              return new WP_Error(
 601                  'rest_cannot_manage_global_styles',
 602                  __( 'Sorry, you are not allowed to access the global styles on this site.' ),
 603                  array(
 604                      'status' => rest_authorization_required_code(),
 605                  )
 606              );
 607          }
 608  
 609          return true;
 610      }
 611  
 612      /**
 613       * Returns the given theme global styles variations.
 614       *
 615       * @since 6.0.0
 616       * @since 6.2.0 Returns parent theme variations, if they exist.
 617       * @since 6.6.0 Added custom relative theme file URIs to `_links` for each item.
 618       *
 619       * @param WP_REST_Request $request The request instance.
 620       *
 621       * @return WP_REST_Response|WP_Error
 622       */
 623  	public function get_theme_items( $request ) {
 624          if ( get_stylesheet() !== $request['stylesheet'] ) {
 625              // This endpoint only supports the active theme for now.
 626              return new WP_Error(
 627                  'rest_theme_not_found',
 628                  __( 'Theme not found.' ),
 629                  array( 'status' => 404 )
 630              );
 631          }
 632  
 633          $response   = array();
 634  
 635          // Register theme-defined variations e.g. from block style variation partials under `/styles`.
 636          $partials = WP_Theme_JSON_Resolver::get_style_variations( 'block' );
 637          wp_register_block_style_variations_from_theme_json_partials( $partials );
 638  
 639          $variations = WP_Theme_JSON_Resolver::get_style_variations();
 640          foreach ( $variations as $variation ) {
 641              $variation_theme_json = new WP_Theme_JSON( $variation );
 642              $resolved_theme_uris  = WP_Theme_JSON_Resolver::get_resolved_theme_uris( $variation_theme_json );
 643              $data                 = rest_ensure_response( $variation );
 644              if ( ! empty( $resolved_theme_uris ) ) {
 645                  $data->add_links(
 646                      array(
 647                          'https://api.w.org/theme-file' => $resolved_theme_uris,
 648                      )
 649                  );
 650              }
 651              $response[] = $this->prepare_response_for_collection( $data );
 652          }
 653  
 654          return rest_ensure_response( $response );
 655      }
 656  
 657      /**
 658       * Validate style.css as valid CSS.
 659       *
 660       * Currently just checks for invalid markup.
 661       *
 662       * @since 6.2.0
 663       * @since 6.4.0 Changed method visibility to protected.
 664       *
 665       * @param string $css CSS to validate.
 666       * @return true|WP_Error True if the input was validated, otherwise WP_Error.
 667       */
 668  	protected function validate_custom_css( $css ) {
 669          if ( preg_match( '#</?\w+#', $css ) ) {
 670              return new WP_Error(
 671                  'rest_custom_css_illegal_markup',
 672                  __( 'Markup is not allowed in CSS.' ),
 673                  array( 'status' => 400 )
 674              );
 675          }
 676          return true;
 677      }
 678  }


Generated : Mon Jul 15 08:20:02 2024 Cross-referenced by PHPXref