1<?php
2/**
3 * Multisite themes administration panel.
4 *
5 * @package WordPress
6 * @subpackage Multisite
7 * @since 3.1.0
8 */
9
10/** Load WordPress Administration Bootstrap */
11require_once __DIR__ . '/admin.php';
12
13if ( ! current_user_can( 'manage_network_themes' ) ) {
14	wp_die( __( 'Sorry, you are not allowed to manage network themes.' ) );
15}
16
17$wp_list_table = _get_list_table( 'WP_MS_Themes_List_Table' );
18$pagenum       = $wp_list_table->get_pagenum();
19
20$action = $wp_list_table->current_action();
21
22$s = isset( $_REQUEST['s'] ) ? $_REQUEST['s'] : '';
23
24// Clean up request URI from temporary args for screen options/paging uri's to work as expected.
25$temp_args = array(
26	'enabled',
27	'disabled',
28	'deleted',
29	'error',
30	'enabled-auto-update',
31	'disabled-auto-update',
32);
33
34$_SERVER['REQUEST_URI'] = remove_query_arg( $temp_args, $_SERVER['REQUEST_URI'] );
35$referer                = remove_query_arg( $temp_args, wp_get_referer() );
36
37if ( $action ) {
38	switch ( $action ) {
39		case 'enable':
40			check_admin_referer( 'enable-theme_' . $_GET['theme'] );
41			WP_Theme::network_enable_theme( $_GET['theme'] );
42			if ( false === strpos( $referer, '/network/themes.php' ) ) {
43				wp_redirect( network_admin_url( 'themes.php?enabled=1' ) );
44			} else {
45				wp_safe_redirect( add_query_arg( 'enabled', 1, $referer ) );
46			}
47			exit;
48		case 'disable':
49			check_admin_referer( 'disable-theme_' . $_GET['theme'] );
50			WP_Theme::network_disable_theme( $_GET['theme'] );
51			wp_safe_redirect( add_query_arg( 'disabled', '1', $referer ) );
52			exit;
53		case 'enable-selected':
54			check_admin_referer( 'bulk-themes' );
55			$themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
56			if ( empty( $themes ) ) {
57				wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
58				exit;
59			}
60			WP_Theme::network_enable_theme( (array) $themes );
61			wp_safe_redirect( add_query_arg( 'enabled', count( $themes ), $referer ) );
62			exit;
63		case 'disable-selected':
64			check_admin_referer( 'bulk-themes' );
65			$themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
66			if ( empty( $themes ) ) {
67				wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
68				exit;
69			}
70			WP_Theme::network_disable_theme( (array) $themes );
71			wp_safe_redirect( add_query_arg( 'disabled', count( $themes ), $referer ) );
72			exit;
73		case 'update-selected':
74			check_admin_referer( 'bulk-themes' );
75
76			if ( isset( $_GET['themes'] ) ) {
77				$themes = explode( ',', $_GET['themes'] );
78			} elseif ( isset( $_POST['checked'] ) ) {
79				$themes = (array) $_POST['checked'];
80			} else {
81				$themes = array();
82			}
83
84			$title       = __( 'Update Themes' );
85			$parent_file = 'themes.php';
86
87			require_once ABSPATH . 'wp-admin/admin-header.php';
88
89			echo '<div class="wrap">';
90			echo '<h1>' . esc_html( $title ) . '</h1>';
91
92			$url = self_admin_url( 'update.php?action=update-selected-themes&amp;themes=' . urlencode( implode( ',', $themes ) ) );
93			$url = wp_nonce_url( $url, 'bulk-update-themes' );
94
95			echo "<iframe src='$url' style='width: 100%; height:100%; min-height:850px;'></iframe>";
96			echo '</div>';
97			require_once ABSPATH . 'wp-admin/admin-footer.php';
98			exit;
99		case 'delete-selected':
100			if ( ! current_user_can( 'delete_themes' ) ) {
101				wp_die( __( 'Sorry, you are not allowed to delete themes for this site.' ) );
102			}
103
104			check_admin_referer( 'bulk-themes' );
105
106			$themes = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array();
107
108			if ( empty( $themes ) ) {
109				wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
110				exit;
111			}
112
113			$themes = array_diff( $themes, array( get_option( 'stylesheet' ), get_option( 'template' ) ) );
114
115			if ( empty( $themes ) ) {
116				wp_safe_redirect( add_query_arg( 'error', 'main', $referer ) );
117				exit;
118			}
119
120			$theme_info = array();
121			foreach ( $themes as $key => $theme ) {
122				$theme_info[ $theme ] = wp_get_theme( $theme );
123			}
124
125			require ABSPATH . 'wp-admin/update.php';
126
127			$parent_file = 'themes.php';
128
129			if ( ! isset( $_REQUEST['verify-delete'] ) ) {
130				wp_enqueue_script( 'jquery' );
131				require_once ABSPATH . 'wp-admin/admin-header.php';
132				$themes_to_delete = count( $themes );
133				?>
134				<div class="wrap">
135				<?php if ( 1 === $themes_to_delete ) : ?>
136					<h1><?php _e( 'Delete Theme' ); ?></h1>
137					<div class="error"><p><strong><?php _e( 'Caution:' ); ?></strong> <?php _e( 'This theme may be active on other sites in the network.' ); ?></p></div>
138					<p><?php _e( 'You are about to remove the following theme:' ); ?></p>
139				<?php else : ?>
140					<h1><?php _e( 'Delete Themes' ); ?></h1>
141					<div class="error"><p><strong><?php _e( 'Caution:' ); ?></strong> <?php _e( 'These themes may be active on other sites in the network.' ); ?></p></div>
142					<p><?php _e( 'You are about to remove the following themes:' ); ?></p>
143				<?php endif; ?>
144					<ul class="ul-disc">
145					<?php
146					foreach ( $theme_info as $theme ) {
147						echo '<li>' . sprintf(
148							/* translators: 1: Theme name, 2: Theme author. */
149							_x( '%1$s by %2$s', 'theme' ),
150							'<strong>' . $theme->display( 'Name' ) . '</strong>',
151							'<em>' . $theme->display( 'Author' ) . '</em>'
152						) . '</li>';
153					}
154					?>
155					</ul>
156				<?php if ( 1 === $themes_to_delete ) : ?>
157					<p><?php _e( 'Are you sure you want to delete this theme?' ); ?></p>
158				<?php else : ?>
159					<p><?php _e( 'Are you sure you want to delete these themes?' ); ?></p>
160				<?php endif; ?>
161				<form method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>" style="display:inline;">
162					<input type="hidden" name="verify-delete" value="1" />
163					<input type="hidden" name="action" value="delete-selected" />
164					<?php
165
166					foreach ( (array) $themes as $theme ) {
167						echo '<input type="hidden" name="checked[]" value="' . esc_attr( $theme ) . '" />';
168					}
169
170					wp_nonce_field( 'bulk-themes' );
171
172					if ( 1 === $themes_to_delete ) {
173						submit_button( __( 'Yes, delete this theme' ), '', 'submit', false );
174					} else {
175						submit_button( __( 'Yes, delete these themes' ), '', 'submit', false );
176					}
177
178					?>
179				</form>
180				<?php $referer = wp_get_referer(); ?>
181				<form method="post" action="<?php echo $referer ? esc_url( $referer ) : ''; ?>" style="display:inline;">
182					<?php submit_button( __( 'No, return me to the theme list' ), '', 'submit', false ); ?>
183				</form>
184				</div>
185				<?php
186
187				require_once ABSPATH . 'wp-admin/admin-footer.php';
188				exit;
189			} // End if verify-delete.
190
191			foreach ( $themes as $theme ) {
192				$delete_result = delete_theme(
193					$theme,
194					esc_url(
195						add_query_arg(
196							array(
197								'verify-delete' => 1,
198								'action'        => 'delete-selected',
199								'checked'       => $_REQUEST['checked'],
200								'_wpnonce'      => $_REQUEST['_wpnonce'],
201							),
202							network_admin_url( 'themes.php' )
203						)
204					)
205				);
206			}
207
208			$paged = ( $_REQUEST['paged'] ) ? $_REQUEST['paged'] : 1;
209			wp_redirect(
210				add_query_arg(
211					array(
212						'deleted' => count( $themes ),
213						'paged'   => $paged,
214						's'       => $s,
215					),
216					network_admin_url( 'themes.php' )
217				)
218			);
219			exit;
220		case 'enable-auto-update':
221		case 'disable-auto-update':
222		case 'enable-auto-update-selected':
223		case 'disable-auto-update-selected':
224			if ( ! ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) ) {
225				wp_die( __( 'Sorry, you are not allowed to change themes automatic update settings.' ) );
226			}
227
228			if ( 'enable-auto-update' === $action || 'disable-auto-update' === $action ) {
229				check_admin_referer( 'updates' );
230			} else {
231				if ( empty( $_POST['checked'] ) ) {
232					// Nothing to do.
233					wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
234					exit;
235				}
236
237				check_admin_referer( 'bulk-themes' );
238			}
239
240			$auto_updates = (array) get_site_option( 'auto_update_themes', array() );
241
242			if ( 'enable-auto-update' === $action ) {
243				$auto_updates[] = $_GET['theme'];
244				$auto_updates   = array_unique( $auto_updates );
245				$referer        = add_query_arg( 'enabled-auto-update', 1, $referer );
246			} elseif ( 'disable-auto-update' === $action ) {
247				$auto_updates = array_diff( $auto_updates, array( $_GET['theme'] ) );
248				$referer      = add_query_arg( 'disabled-auto-update', 1, $referer );
249			} else {
250				// Bulk enable/disable.
251				$themes = (array) wp_unslash( $_POST['checked'] );
252
253				if ( 'enable-auto-update-selected' === $action ) {
254					$auto_updates = array_merge( $auto_updates, $themes );
255					$auto_updates = array_unique( $auto_updates );
256					$referer      = add_query_arg( 'enabled-auto-update', count( $themes ), $referer );
257				} else {
258					$auto_updates = array_diff( $auto_updates, $themes );
259					$referer      = add_query_arg( 'disabled-auto-update', count( $themes ), $referer );
260				}
261			}
262
263			$all_items = wp_get_themes();
264
265			// Remove themes that don't exist or have been deleted since the option was last updated.
266			$auto_updates = array_intersect( $auto_updates, array_keys( $all_items ) );
267
268			update_site_option( 'auto_update_themes', $auto_updates );
269
270			wp_safe_redirect( $referer );
271			exit;
272		default:
273			$themes = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
274			if ( empty( $themes ) ) {
275				wp_safe_redirect( add_query_arg( 'error', 'none', $referer ) );
276				exit;
277			}
278			check_admin_referer( 'bulk-themes' );
279
280			/** This action is documented in wp-admin/network/site-themes.php */
281			$referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $themes ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
282
283			wp_safe_redirect( $referer );
284			exit;
285	}
286}
287
288$wp_list_table->prepare_items();
289
290add_thickbox();
291
292add_screen_option( 'per_page' );
293
294get_current_screen()->add_help_tab(
295	array(
296		'id'      => 'overview',
297		'title'   => __( 'Overview' ),
298		'content' =>
299			'<p>' . __( 'This screen enables and disables the inclusion of themes available to choose in the Appearance menu for each site. It does not activate or deactivate which theme a site is currently using.' ) . '</p>' .
300			'<p>' . __( 'If the network admin disables a theme that is in use, it can still remain selected on that site. If another theme is chosen, the disabled theme will not appear in the site&#8217;s Appearance > Themes screen.' ) . '</p>' .
301			'<p>' . __( 'Themes can be enabled on a site by site basis by the network admin on the Edit Site screen (which has a Themes tab); get there via the Edit action link on the All Sites screen. Only network admins are able to install or edit themes.' ) . '</p>',
302	)
303);
304
305$help_sidebar_autoupdates = '';
306
307if ( current_user_can( 'update_themes' ) && wp_is_auto_update_enabled_for_type( 'theme' ) ) {
308	get_current_screen()->add_help_tab(
309		array(
310			'id'      => 'plugins-themes-auto-updates',
311			'title'   => __( 'Auto-updates' ),
312			'content' =>
313				'<p>' . __( 'Auto-updates can be enabled or disabled for each individual theme. Themes with auto-updates enabled will display the estimated date of the next auto-update. Auto-updates depends on the WP-Cron task scheduling system.' ) . '</p>' .
314				'<p>' . __( 'Please note: Third-party themes and plugins, or custom code, may override WordPress scheduling.' ) . '</p>',
315		)
316	);
317
318	$help_sidebar_autoupdates = '<p>' . __( '<a href="https://wordpress.org/support/article/plugins-themes-auto-updates/">Learn more: Auto-updates documentation</a>' ) . '</p>';
319}
320
321get_current_screen()->set_help_sidebar(
322	'<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
323	'<p>' . __( '<a href="https://codex.wordpress.org/Network_Admin_Themes_Screen">Documentation on Network Themes</a>' ) . '</p>' .
324	$help_sidebar_autoupdates .
325	'<p>' . __( '<a href="https://wordpress.org/support/">Support</a>' ) . '</p>'
326);
327
328get_current_screen()->set_screen_reader_content(
329	array(
330		'heading_views'      => __( 'Filter themes list' ),
331		'heading_pagination' => __( 'Themes list navigation' ),
332		'heading_list'       => __( 'Themes list' ),
333	)
334);
335
336$title       = __( 'Themes' );
337$parent_file = 'themes.php';
338
339wp_enqueue_script( 'updates' );
340wp_enqueue_script( 'theme-preview' );
341
342require_once ABSPATH . 'wp-admin/admin-header.php';
343
344?>
345
346<div class="wrap">
347<h1 class="wp-heading-inline"><?php echo esc_html( $title ); ?></h1>
348
349<?php if ( current_user_can( 'install_themes' ) ) : ?>
350	<a href="theme-install.php" class="page-title-action"><?php echo esc_html_x( 'Add New', 'theme' ); ?></a>
351<?php endif; ?>
352
353<?php
354if ( isset( $_REQUEST['s'] ) && strlen( $_REQUEST['s'] ) ) {
355	echo '<span class="subtitle">';
356	printf(
357		/* translators: %s: Search query. */
358		__( 'Search results for: %s' ),
359		'<strong>' . esc_html( $s ) . '</strong>'
360	);
361	echo '</span>';
362}
363?>
364
365<hr class="wp-header-end">
366
367<?php
368if ( isset( $_GET['enabled'] ) ) {
369	$enabled = absint( $_GET['enabled'] );
370	if ( 1 === $enabled ) {
371		$message = __( 'Theme enabled.' );
372	} else {
373		/* translators: %s: Number of themes. */
374		$message = _n( '%s theme enabled.', '%s themes enabled.', $enabled );
375	}
376	echo '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $enabled ) ) . '</p></div>';
377} elseif ( isset( $_GET['disabled'] ) ) {
378	$disabled = absint( $_GET['disabled'] );
379	if ( 1 === $disabled ) {
380		$message = __( 'Theme disabled.' );
381	} else {
382		/* translators: %s: Number of themes. */
383		$message = _n( '%s theme disabled.', '%s themes disabled.', $disabled );
384	}
385	echo '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $disabled ) ) . '</p></div>';
386} elseif ( isset( $_GET['deleted'] ) ) {
387	$deleted = absint( $_GET['deleted'] );
388	if ( 1 === $deleted ) {
389		$message = __( 'Theme deleted.' );
390	} else {
391		/* translators: %s: Number of themes. */
392		$message = _n( '%s theme deleted.', '%s themes deleted.', $deleted );
393	}
394	echo '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $deleted ) ) . '</p></div>';
395} elseif ( isset( $_GET['enabled-auto-update'] ) ) {
396	$enabled = absint( $_GET['enabled-auto-update'] );
397	if ( 1 === $enabled ) {
398		$message = __( 'Theme will be auto-updated.' );
399	} else {
400		/* translators: %s: Number of themes. */
401		$message = _n( '%s theme will be auto-updated.', '%s themes will be auto-updated.', $enabled );
402	}
403	echo '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $enabled ) ) . '</p></div>';
404} elseif ( isset( $_GET['disabled-auto-update'] ) ) {
405	$disabled = absint( $_GET['disabled-auto-update'] );
406	if ( 1 === $disabled ) {
407		$message = __( 'Theme will no longer be auto-updated.' );
408	} else {
409		/* translators: %s: Number of themes. */
410		$message = _n( '%s theme will no longer be auto-updated.', '%s themes will no longer be auto-updated.', $disabled );
411	}
412	echo '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $disabled ) ) . '</p></div>';
413} elseif ( isset( $_GET['error'] ) && 'none' === $_GET['error'] ) {
414	echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'No theme selected.' ) . '</p></div>';
415} elseif ( isset( $_GET['error'] ) && 'main' === $_GET['error'] ) {
416	echo '<div class="error notice is-dismissible"><p>' . __( 'You cannot delete a theme while it is active on the main site.' ) . '</p></div>';
417}
418
419?>
420
421<form method="get">
422<?php $wp_list_table->search_box( __( 'Search Installed Themes' ), 'theme' ); ?>
423</form>
424
425<?php
426$wp_list_table->views();
427
428if ( 'broken' === $status ) {
429	echo '<p class="clear">' . __( 'The following themes are installed but incomplete.' ) . '</p>';
430}
431?>
432
433<form id="bulk-action-form" method="post">
434<input type="hidden" name="theme_status" value="<?php echo esc_attr( $status ); ?>" />
435<input type="hidden" name="paged" value="<?php echo esc_attr( $page ); ?>" />
436
437<?php $wp_list_table->display(); ?>
438</form>
439
440</div>
441
442<?php
443wp_print_request_filesystem_credentials_modal();
444wp_print_admin_notice_templates();
445wp_print_update_row_templates();
446
447require_once ABSPATH . 'wp-admin/admin-footer.php';
448