1<?php 2/** 3 * Theme Customize Screen. 4 * 5 * @package WordPress 6 * @subpackage Customize 7 * @since 3.4.0 8 */ 9 10define( 'IFRAME_REQUEST', true ); 11 12/** Load WordPress Administration Bootstrap */ 13require_once __DIR__ . '/admin.php'; 14 15if ( ! current_user_can( 'customize' ) ) { 16 wp_die( 17 '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' . 18 '<p>' . __( 'Sorry, you are not allowed to customize this site.' ) . '</p>', 19 403 20 ); 21} 22 23/** 24 * @global WP_Scripts $wp_scripts 25 * @global WP_Customize_Manager $wp_customize 26 */ 27global $wp_scripts, $wp_customize; 28 29if ( $wp_customize->changeset_post_id() ) { 30 $changeset_post = get_post( $wp_customize->changeset_post_id() ); 31 32 if ( ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $changeset_post->ID ) ) { 33 wp_die( 34 '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' . 35 '<p>' . __( 'Sorry, you are not allowed to edit this changeset.' ) . '</p>', 36 403 37 ); 38 } 39 40 $missed_schedule = ( 41 'future' === $changeset_post->post_status && 42 get_post_time( 'G', true, $changeset_post ) < time() 43 ); 44 if ( $missed_schedule ) { 45 /* 46 * Note that an Ajax request spawns here instead of just calling `wp_publish_post( $changeset_post->ID )`. 47 * 48 * Because WP_Customize_Manager is not instantiated for customize.php with the `settings_previewed=false` 49 * argument, settings cannot be reliably saved. Some logic short-circuits if the current value is the 50 * same as the value being saved. This is particularly true for options via `update_option()`. 51 * 52 * By opening an Ajax request, this is avoided and the changeset is published. See #39221. 53 */ 54 $nonces = $wp_customize->get_nonces(); 55 $request_args = array( 56 'nonce' => $nonces['save'], 57 'customize_changeset_uuid' => $wp_customize->changeset_uuid(), 58 'wp_customize' => 'on', 59 'customize_changeset_status' => 'publish', 60 ); 61 ob_start(); 62 ?> 63 <?php wp_print_scripts( array( 'wp-util' ) ); ?> 64 <script> 65 wp.ajax.post( 'customize_save', <?php echo wp_json_encode( $request_args ); ?> ); 66 </script> 67 <?php 68 $script = ob_get_clean(); 69 70 wp_die( 71 '<h1>' . __( 'Your scheduled changes just published' ) . '</h1>' . 72 '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>' . $script, 73 200 74 ); 75 } 76 77 if ( in_array( get_post_status( $changeset_post->ID ), array( 'publish', 'trash' ), true ) ) { 78 wp_die( 79 '<h1>' . __( 'Something went wrong.' ) . '</h1>' . 80 '<p>' . __( 'This changeset cannot be further modified.' ) . '</p>' . 81 '<p><a href="' . esc_url( remove_query_arg( 'changeset_uuid' ) ) . '">' . __( 'Customize New Changes' ) . '</a></p>', 82 403 83 ); 84 } 85} 86 87 88wp_reset_vars( array( 'url', 'return', 'autofocus' ) ); 89if ( ! empty( $url ) ) { 90 $wp_customize->set_preview_url( wp_unslash( $url ) ); 91} 92if ( ! empty( $return ) ) { 93 $wp_customize->set_return_url( wp_unslash( $return ) ); 94} 95if ( ! empty( $autofocus ) && is_array( $autofocus ) ) { 96 $wp_customize->set_autofocus( wp_unslash( $autofocus ) ); 97} 98 99$registered = $wp_scripts->registered; 100$wp_scripts = new WP_Scripts; 101$wp_scripts->registered = $registered; 102 103add_action( 'customize_controls_print_scripts', 'print_head_scripts', 20 ); 104add_action( 'customize_controls_print_footer_scripts', '_wp_footer_scripts' ); 105add_action( 'customize_controls_print_styles', 'print_admin_styles', 20 ); 106 107/** 108 * Fires when Customizer controls are initialized, before scripts are enqueued. 109 * 110 * @since 3.4.0 111 */ 112do_action( 'customize_controls_init' ); 113 114wp_enqueue_script( 'heartbeat' ); 115wp_enqueue_script( 'customize-controls' ); 116wp_enqueue_style( 'customize-controls' ); 117 118/** 119 * Enqueue Customizer control scripts. 120 * 121 * @since 3.4.0 122 */ 123do_action( 'customize_controls_enqueue_scripts' ); 124 125// Let's roll. 126header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); 127 128wp_user_settings(); 129_wp_admin_html_begin(); 130 131$body_class = 'wp-core-ui wp-customizer js'; 132 133if ( wp_is_mobile() ) : 134 $body_class .= ' mobile'; 135 add_filter( 'admin_viewport_meta', '_customizer_mobile_viewport_meta' ); 136endif; 137 138if ( $wp_customize->is_ios() ) { 139 $body_class .= ' ios'; 140} 141 142if ( is_rtl() ) { 143 $body_class .= ' rtl'; 144} 145$body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_user_locale() ) ) ); 146 147if ( wp_use_widgets_block_editor() ) { 148 $body_class .= ' wp-embed-responsive'; 149} 150 151$admin_title = sprintf( $wp_customize->get_document_title_template(), __( 'Loading…' ) ); 152 153?> 154<title><?php echo esc_html( $admin_title ); ?></title> 155 156<script type="text/javascript"> 157var ajaxurl = <?php echo wp_json_encode( admin_url( 'admin-ajax.php', 'relative' ) ); ?>, 158 pagenow = 'customize'; 159</script> 160 161<?php 162/** 163 * Fires when Customizer control styles are printed. 164 * 165 * @since 3.4.0 166 */ 167do_action( 'customize_controls_print_styles' ); 168 169/** 170 * Fires when Customizer control scripts are printed. 171 * 172 * @since 3.4.0 173 */ 174do_action( 'customize_controls_print_scripts' ); 175 176/** 177 * Fires in head section of Customizer controls. 178 * 179 * @since 5.5.0 180 */ 181do_action( 'customize_controls_head' ); 182?> 183</head> 184<body class="<?php echo esc_attr( $body_class ); ?>"> 185<div class="wp-full-overlay expanded"> 186 <form id="customize-controls" class="wrap wp-full-overlay-sidebar"> 187 <div id="customize-header-actions" class="wp-full-overlay-header"> 188 <?php 189 $compatible_wp = is_wp_version_compatible( $wp_customize->theme()->get( 'RequiresWP' ) ); 190 $compatible_php = is_php_version_compatible( $wp_customize->theme()->get( 'RequiresPHP' ) ); 191 $fse_safe = true; 192 193 // Check if the theme requires the Gutenberg plugin to work correctly. 194 $theme_tags = $wp_customize->theme()->get( 'Tags' ); 195 196 if ( ! empty( $theme_tags ) && in_array( 'full-site-editing', $theme_tags, true ) && ! function_exists( 'gutenberg_is_fse_theme' ) ) { 197 $fse_safe = false; 198 } 199 ?> 200 <?php if ( $compatible_wp && $compatible_php && $fse_safe ) : ?> 201 <?php $save_text = $wp_customize->is_theme_active() ? __( 'Publish' ) : __( 'Activate & Publish' ); ?> 202 <div id="customize-save-button-wrapper" class="customize-save-button-wrapper" > 203 <?php submit_button( $save_text, 'primary save', 'save', false ); ?> 204 <button id="publish-settings" class="publish-settings button-primary button dashicons dashicons-admin-generic" aria-label="<?php esc_attr_e( 'Publish Settings' ); ?>" aria-expanded="false" disabled></button> 205 </div> 206 <?php else : ?> 207 <?php $save_text = _x( 'Cannot Activate', 'theme' ); ?> 208 <div id="customize-save-button-wrapper" class="customize-save-button-wrapper disabled" > 209 <button class="button button-primary disabled" aria-label="<?php esc_attr_e( 'Publish Settings' ); ?>" aria-expanded="false" disabled><?php echo $save_text; ?></button> 210 </div> 211 <?php endif; ?> 212 <span class="spinner"></span> 213 <button type="button" class="customize-controls-preview-toggle"> 214 <span class="controls"><?php _e( 'Customize' ); ?></span> 215 <span class="preview"><?php _e( 'Preview' ); ?></span> 216 </button> 217 <a class="customize-controls-close" href="<?php echo esc_url( $wp_customize->get_return_url() ); ?>"> 218 <span class="screen-reader-text"><?php _e( 'Close the Customizer and go back to the previous page' ); ?></span> 219 </a> 220 </div> 221 222 <div id="customize-sidebar-outer-content"> 223 <div id="customize-outer-theme-controls"> 224 <ul class="customize-outer-pane-parent"><?php // Outer panel and sections are not implemented, but its here as a placeholder to avoid any side-effect in api.Section. ?></ul> 225 </div> 226 </div> 227 228 <div id="widgets-right" class="wp-clearfix"><!-- For Widget Customizer, many widgets try to look for instances under div#widgets-right, so we have to add that ID to a container div in the Customizer for compat --> 229 <div id="customize-notifications-area" class="customize-control-notifications-container"> 230 <ul></ul> 231 </div> 232 <div class="wp-full-overlay-sidebar-content" tabindex="-1"> 233 <div id="customize-info" class="accordion-section customize-info"> 234 <div class="accordion-section-title"> 235 <span class="preview-notice"> 236 <?php 237 /* translators: %s: The site/panel title in the Customizer. */ 238 printf( __( 'You are customizing %s' ), '<strong class="panel-title site-title">' . get_bloginfo( 'name', 'display' ) . '</strong>' ); 239 ?> 240 </span> 241 <button type="button" class="customize-help-toggle dashicons dashicons-editor-help" aria-expanded="false"><span class="screen-reader-text"><?php _e( 'Help' ); ?></span></button> 242 </div> 243 <div class="customize-panel-description"> 244 <?php 245 _e( 'The Customizer allows you to preview changes to your site before publishing them. You can navigate to different pages on your site within the preview. Edit shortcuts are shown for some editable elements.' ); 246 ?> 247 </div> 248 </div> 249 250 <div id="customize-theme-controls"> 251 <ul class="customize-pane-parent"><?php // Panels and sections are managed here via JavaScript ?></ul> 252 </div> 253 </div> 254 </div> 255 256 <div id="customize-footer-actions" class="wp-full-overlay-footer"> 257 <button type="button" class="collapse-sidebar button" aria-expanded="true" aria-label="<?php echo esc_attr_x( 'Hide Controls', 'label for hide controls button without length constraints' ); ?>"> 258 <span class="collapse-sidebar-arrow"></span> 259 <span class="collapse-sidebar-label"><?php _ex( 'Hide Controls', 'short (~12 characters) label for hide controls button' ); ?></span> 260 </button> 261 <?php $previewable_devices = $wp_customize->get_previewable_devices(); ?> 262 <?php if ( ! empty( $previewable_devices ) ) : ?> 263 <div class="devices-wrapper"> 264 <div class="devices"> 265 <?php foreach ( (array) $previewable_devices as $device => $settings ) : ?> 266 <?php 267 if ( empty( $settings['label'] ) ) { 268 continue; 269 } 270 $active = ! empty( $settings['default'] ); 271 $class = 'preview-' . $device; 272 if ( $active ) { 273 $class .= ' active'; 274 } 275 ?> 276 <button type="button" class="<?php echo esc_attr( $class ); ?>" aria-pressed="<?php echo esc_attr( $active ); ?>" data-device="<?php echo esc_attr( $device ); ?>"> 277 <span class="screen-reader-text"><?php echo esc_html( $settings['label'] ); ?></span> 278 </button> 279 <?php endforeach; ?> 280 </div> 281 </div> 282 <?php endif; ?> 283 </div> 284 </form> 285 <div id="customize-preview" class="wp-full-overlay-main"></div> 286 <?php 287 288 /** 289 * Prints templates, control scripts, and settings in the footer. 290 * 291 * @since 3.4.0 292 */ 293 do_action( 'customize_controls_print_footer_scripts' ); 294 ?> 295</div> 296</body> 297</html> 298