┌────────────────────────────────────────────────────┐
│ 0. WordPress 核心加载 │
│ └── 加载 wp-settings.php │
│ │
│ 1. 插件加载阶段 │
│ ├── muplugins_loaded │
│ ├── 加载 Must-Use Plugins │
│ ├── plugins_loaded │
│ │ │
│ │ *此时身份未确定,$current_user 尚未设置* │
│ │ │
│ └── 用户身份识别阶段 │
│ ↓ │
│ [非 Hook] wp_get_current_user() │
│ ↓ │
│ [非 Hook] wp_validate_auth_cookie() │
│ ↓ │
│ [Hook] determine_current_user │ 🔁 可插入 JWT 等自定义认证逻辑
│ ↓ │
│ [内部] 设置全局 $current_user │
│ │
│ 2. 初始化主题和功能 │
│ ├── setup_theme │
│ ├── after_setup_theme │
│ └── init │ ✅ 自定义内容注册的关键时机
│ ├─✅ register_post_type() │
│ ├─✅ register_taxonomy() │
│ ├─✅ add_rewrite_rule() ←←←←←←←←←←←←←←←←←←←★ 自定义 URL 重写
│ ├─✅ register_rest_route() ←←←←←←←←←←←←←←←←★ 自定义 REST API 路由
│ ├─✅ 用户权限判断(如 is_user_logged_in) │
│ └─✅ 表单处理/前端 POST 捕获 │
│ │
│ 3. 请求解析阶段 │
│ ├── wp_loaded │ ✅ 所有组件加载完成(如 REST/AJAX)
│ ├── parse_request │ URL 解析
│ ├── template_redirect │ 🔁 登录跳转、权限控制等推荐放这里
│ ├── wp │ 查询处理
│ ├── get_header / get_footer │ 模板加载钩子
│ └── the_content / wp_footer / wp_head │ 内容、样式输出等
└────────────────────────────────────────────────────┘
+-------------------------------------------------------------------------------------------------+
| WordPress 加载时序图 |
+-------------------------------------------------------------------------------------------------+
参与者:
User (用户/浏览器)
WP_Core (WordPress 核心)
Plugins (插件)
Theme (主题)
DB (数据库)
+-------------------------------------+
| 插件激活流程(仅激活时) |
|-------------------------------------|
| Plugins: |
| Note: register_activation_hook() |
| 用于初始化数据表、rewrite 等|
+-------------------------------------+
+-------------------------------------+ +-------------------------------------+ +-----------------+ +-----------+ +--------+
| User | | WP_Core | | Plugins | | Theme | | DB |
+-------------------------------------+ +-------------------------------------+ +-----------------+ +-----------+ +--------+
| | | | | |
| 发起请求 | | | | |
|------------------------------------>| | | | |
| | | | | |
| | 0. WordPress 核心加载 | | | |
| |-------------------------------------| | | |
| | 加载 wp-config.php | | | |
| | 加载 wp-settings.php | | | |
| | | | | |
| | 1. 插件加载阶段 | | | |
| |-------------------------------------| | | |
| | muplugins_loaded (Hook) | | | |
| |------------------------------------>| | | |
| | 加载 Must-Use Plugins | | | |
| |------------------------------------>| | | |
| | plugins_loaded (Hook) | | | |
| |------------------------------------>| | | |
| | | Note: 此时身份未确定,| | |
| | | $current_user | | |
| | | 尚未设置 | | |
| | | | | |
| | [用户身份识别阶段] | | | |
| | wp_get_current_user() → 内部触发: | | | |
| | wp_validate_auth_cookie() | | | |
| | determine_current_user (Hook) | | | |
| |<------------------------------------| 返回用户对象或 0| | |
| | (Note: 🔁 可插入 JWT 等) | | | |
| | 设置全局 $current_user | | | |
| | | | | |
| | 2. 初始化主题和功能 | | | |
| |-------------------------------------| | | |
| | setup_theme (Hook) | | | |
| |------------------------------------------------------>| | |
| | after_setup_theme (Hook) | | | |
| |------------------------------------------------------>| | |
| | init (Hook) | | | |
| |------------------------------------>| | | |
| | | | init (Hook)| |
| |<------------------------------------------------------| | |
| | | Note: ✅ 自定义内容注册的关键时机 | |
| | | | | |
| | register_post_type() |<----------------| | |
| | register_taxonomy() |<----------------| | |
| | add_rewrite_rule() ★ |<----------------| | |
| | flush_rewrite_rules() (仅激活时) | | | |
| | | | | |
| | rest_api_init (Hook) | | | |
| |------------------------------------>| | | |
| | register_rest_route() ★ |<----------------| | |
| | | | | |
| | 用户权限判断 (如 is_user_logged_in)| | | |
| | 表单处理/前端 POST 捕获 | | | |
| | | | | |
| | 3. 请求解析阶段 | | | |
| |-------------------------------------| | | |
| | wp_loaded (Hook) | | | |
| |------------------------------------>| | | |
| | | | wp_loaded (Hook)| |
| |<------------------------------------------------------| | |
| | Note: ✅ 所有组件加载完成 (REST/AJAX)| | | |
| | | | | |
| | parse_request (URL 解析) | | | |
| | template_redirect (Hook) | | | |
| |------------------------------------>| | | |
| | | | template_redirect (Hook)|
| |<------------------------------------------------------| | |
| | | Note: 🔁 登录跳转、权限控制等 | |
| | | | | |
| | wp (查询处理) | | | |
| |---------------------------------------------------------------------->|
| | | | | 返回查询结果|
| |<----------------------------------------------------------------------|
| | | | | |
| | get_header() | | | |
| |------------------------------------------------------>| Header 内容 |
| |<------------------------------------------------------| | |
| | the_content() | | | |
| |------------------------------------------------------>| 主体内容 |
| |<------------------------------------------------------| | |
| | wp_head() | | | |
| |------------------------------------------------------>| Head 输出 |
| |<------------------------------------------------------| | |
| | get_footer() | | | |
| |------------------------------------------------------>| Footer 内容 |
| |<------------------------------------------------------| | |
| | wp_footer() | | | |
| |------------------------------------------------------>| 脚本输出 |
| |<------------------------------------------------------| | |
| | | | | |
| 返回 HTML 页面 | | | | |
|<------------------------------------| | | | |
| | | | | |
sequenceDiagram
participant Browser
participant Web Server
participant PHP Interpreter
participant WordPress Core
participant Plugins
participant Theme
participant Database
participant Auth Server
Browser->>Web Server: HTTP Request (e.g., /blog/my-post or /wp-admin)
Web Server->>PHP Interpreter: Execute WordPress index.php (or wp-login.php for login)
PHP Interpreter->>WordPress Core: Load WordPress Core (wp-load.php, wp-config.php, wp-settings.php)
WordPress Core->>Database: Establish Database Connection
WordPress Core->>WordPress Core: Load Must-Use Plugins
WordPress Core->>WordPress Core: Load Active Plugins
WordPress Core->>WordPress Core: Load Theme (frontend or admin)
WordPress Core->>Plugins: Trigger 'plugins_loaded' hook
alt User Authentication Check (Early Check)
WordPress Core->>WordPress Core: Check for WordPress auth cookies (wp-auth or session cookie)
alt Valid auth cookie found
WordPress Core-->>WordPress Core: Valid cookie found
WordPress Core->>Auth Server: Verify cookie (wp-auth/session) and roles
Auth Server->>Database: Retrieve user data and roles based on session or wp_auth cookie.
Database-->>Auth Server: User data and roles.
Auth Server-->>WordPress Core: User Authenticated and Authorized (roles, permissions)
WordPress Core->>WordPress Core: User Authenticated
else No valid auth cookie found
WordPress Core-->>WordPress Core: No Valid Cookie
WordPress Core->>WordPress Core: User Not Authenticated (Handle as guest/unauthenticated user)
end
end
WordPress Core->>WordPress Core: Parse Request URL
WordPress Core->>WordPress Core: Execute WP_Query based on URL (if applicable)
WordPress Core->>WordPress Core: Determine Template File (Template Hierarchy)
WordPress Core->>Plugins: Trigger 'template_redirect' hook
WordPress Core->>Theme: Trigger 'template_include' filter
Theme->>WordPress Core: Template File is loaded
WordPress Core->>Plugins: Trigger various hooks within loop (if applicable)
WordPress Core->>Theme: Execute theme-specific code within template (if applicable)
alt Check if User is authorized for the current Page
WordPress Core->>WordPress Core: Check User authorization and capabilities for the current page
alt Authorized
WordPress Core->>Database: Retrieve post data as necessary
WordPress Core->>WordPress Core: Generate HTML Output
else Unauthorized
WordPress Core->>WordPress Core: Handle user unauthorized to access current page
WordPress Core->>WordPress Core: Generate HTML output for unauthorized access (403 or redirect)
end
end
WordPress Core->>PHP Interpreter: Return HTML Output
PHP Interpreter->>Web Server: Return HTTP Response
Web Server->>Browser: HTTP Response (HTML)