Ticket #20394: 20394.guard.diff
| File 20394.guard.diff, 20.6 KB (added by markoheijnen, 14 months ago) |
|---|
-
wp-includes/class-wp-xmlrpc-server.php
208 208 } 209 209 210 210 /** 211 * Checks if the argument have a certain length before running the method 212 * 213 * @since 3.4 214 * 215 * @param string|array $array Sanitize single string or array of strings. 216 * @param string|array $array Sanitize single string or array of strings. 217 * @return boolean if it match 218 */ 219 function guard_condition( $args, $length ) { 220 if ( count( $args ) < $length ) { 221 $this->error = new IXR_Error( 400, __( "You didn't passed enough arguments to this XML-RPC method" ) ); 222 return false; 223 } 224 225 return true; 226 } 227 228 /** 211 229 * Sanitize string or array of strings for database. 212 230 * 213 231 * @since 1.5.2 … … 456 474 457 475 $this->escape( $args ); 458 476 477 if( ! $this->guard_condition( $args, 2 ) ) 478 return $this->error; 479 459 480 $username = $args[0]; 460 481 $password = $args[1]; 461 482 … … 733 754 function wp_newPost( $args ) { 734 755 $this->escape( $args ); 735 756 757 if( ! $this->guard_condition( $args, 4 ) ) 758 return $this->error; 759 736 760 $blog_id = (int) $args[0]; 737 761 $username = $args[1]; 738 762 $password = $args[2]; … … 1005 1029 function wp_editPost( $args ) { 1006 1030 $this->escape( $args ); 1007 1031 1032 if( ! $this->guard_condition( $args, 5 ) ) 1033 return $this->error; 1034 1008 1035 $blog_id = (int) $args[0]; // we will support this in the near future 1009 1036 $username = $args[1]; 1010 1037 $password = $args[2]; … … 1057 1084 function wp_deletePost( $args ) { 1058 1085 $this->escape( $args ); 1059 1086 1087 if( ! $this->guard_condition( $args, 4 ) ) 1088 return $this->error; 1089 1060 1090 $blog_id = (int) $args[0]; 1061 1091 $username = $args[1]; 1062 1092 $password = $args[2]; … … 1128 1158 function wp_getPost( $args ) { 1129 1159 $this->escape( $args ); 1130 1160 1161 if( ! $this->guard_condition( $args, 4 ) ) 1162 return $this->error; 1163 1131 1164 $blog_id = (int) $args[0]; 1132 1165 $username = $args[1]; 1133 1166 $password = $args[2]; … … 1180 1213 function wp_getPosts( $args ) { 1181 1214 $this->escape( $args ); 1182 1215 1216 if( ! $this->guard_condition( $args, 3 ) ) 1217 return $this->error; 1218 1183 1219 $blog_id = (int) $args[0]; 1184 1220 $username = $args[1]; 1185 1221 $password = $args[2]; … … 1266 1302 function wp_newTerm( $args ) { 1267 1303 $this->escape( $args ); 1268 1304 1305 if( ! $this->guard_condition( $args, 4 ) ) 1306 return $this->error; 1307 1269 1308 $blog_id = (int) $args[0]; 1270 1309 $username = $args[1]; 1271 1310 $password = $args[2]; … … 1348 1387 function wp_editTerm( $args ) { 1349 1388 $this->escape( $args ); 1350 1389 1390 if( ! $this->guard_condition( $args, 5 ) ) 1391 return $this->error; 1392 1351 1393 $blog_id = (int) $args[0]; 1352 1394 $username = $args[1]; 1353 1395 $password = $args[2]; … … 1435 1477 function wp_deleteTerm( $args ) { 1436 1478 $this->escape( $args ); 1437 1479 1480 if( ! $this->guard_condition( $args, 5 ) ) 1481 return $this->error; 1482 1438 1483 $blog_id = (int) $args[0]; 1439 1484 $username = $args[1]; 1440 1485 $password = $args[2]; … … 1497 1542 function wp_getTerm( $args ) { 1498 1543 $this->escape( $args ); 1499 1544 1545 if( ! $this->guard_condition( $args, 5 ) ) 1546 return $this->error; 1547 1500 1548 $blog_id = (int) $args[0]; 1501 1549 $username = $args[1]; 1502 1550 $password = $args[2]; … … 1545 1593 function wp_getTerms( $args ) { 1546 1594 $this->escape( $args ); 1547 1595 1596 if( ! $this->guard_condition( $args, 4 ) ) 1597 return $this->error; 1598 1548 1599 $blog_id = (int) $args[0]; 1549 1600 $username = $args[1]; 1550 1601 $password = $args[2]; … … 1615 1666 function wp_getTaxonomy( $args ) { 1616 1667 $this->escape( $args ); 1617 1668 1669 if( ! $this->guard_condition( $args, 4 ) ) 1670 return $this->error; 1671 1618 1672 $blog_id = (int) $args[0]; 1619 1673 $username = $args[1]; 1620 1674 $password = $args[2]; … … 1649 1703 function wp_getTaxonomies( $args ) { 1650 1704 $this->escape( $args ); 1651 1705 1706 if( ! $this->guard_condition( $args, 3 ) ) 1707 return $this->error; 1708 1652 1709 $blog_id = (int) $args[0]; 1653 1710 $username = $args[1]; 1654 1711 $password = $args[2]; … … 1689 1746 function wp_getPage($args) { 1690 1747 $this->escape($args); 1691 1748 1749 if( ! $this->guard_condition( $args, 4 ) ) 1750 return $this->error; 1751 1692 1752 $blog_id = (int) $args[0]; 1693 1753 $page_id = (int) $args[1]; 1694 1754 $username = $args[2]; … … 1790 1850 function wp_getPages($args) { 1791 1851 $this->escape($args); 1792 1852 1853 if( ! $this->guard_condition( $args, 3 ) ) 1854 return $this->error; 1855 1793 1856 $blog_id = (int) $args[0]; 1794 1857 $username = $args[1]; 1795 1858 $password = $args[2]; … … 1834 1897 * @return unknown 1835 1898 */ 1836 1899 function wp_newPage($args) { 1900 if( ! $this->guard_condition( $args, 5 ) ) 1901 return $this->error; 1902 1837 1903 // Items not escaped here will be escaped in newPost. 1838 1904 $username = $this->escape($args[1]); 1839 1905 $password = $this->escape($args[2]); … … 1863 1929 function wp_deletePage($args) { 1864 1930 $this->escape($args); 1865 1931 1932 if( ! $this->guard_condition( $args, 4 ) ) 1933 return $this->error; 1934 1866 1935 $blog_id = (int) $args[0]; 1867 1936 $username = $args[1]; 1868 1937 $password = $args[2]; … … 1902 1971 * @return unknown 1903 1972 */ 1904 1973 function wp_editPage($args) { 1974 if( ! $this->guard_condition( $args, 6 ) ) 1975 return $this->error; 1976 1905 1977 // Items not escaped here will be escaped in editPost. 1906 1978 $blog_id = (int) $args[0]; 1907 1979 $page_id = (int) $this->escape($args[1]); … … 1953 2025 1954 2026 $this->escape($args); 1955 2027 2028 if( ! $this->guard_condition( $args, 3 ) ) 2029 return $this->error; 2030 1956 2031 $blog_id = (int) $args[0]; 1957 2032 $username = $args[1]; 1958 2033 $password = $args[2]; … … 2001 2076 * @return array 2002 2077 */ 2003 2078 function wp_getAuthors($args) { 2004 2005 2079 $this->escape($args); 2006 2080 2081 if( ! $this->guard_condition( $args, 3 ) ) 2082 return $this->error; 2083 2007 2084 $blog_id = (int) $args[0]; 2008 2085 $username = $args[1]; 2009 2086 $password = $args[2]; … … 2039 2116 function wp_getTags( $args ) { 2040 2117 $this->escape( $args ); 2041 2118 2119 if( ! $this->guard_condition( $args, 3 ) ) 2120 return $this->error; 2121 2042 2122 $blog_id = (int) $args[0]; 2043 2123 $username = $args[1]; 2044 2124 $password = $args[2]; … … 2080 2160 function wp_newCategory($args) { 2081 2161 $this->escape($args); 2082 2162 2163 if( ! $this->guard_condition( $args, 4 ) ) 2164 return $this->error; 2165 2083 2166 $blog_id = (int) $args[0]; 2084 2167 $username = $args[1]; 2085 2168 $password = $args[2]; … … 2141 2224 function wp_deleteCategory($args) { 2142 2225 $this->escape($args); 2143 2226 2227 if( ! $this->guard_condition( $args, 4 ) ) 2228 return $this->error; 2229 2144 2230 $blog_id = (int) $args[0]; 2145 2231 $username = $args[1]; 2146 2232 $password = $args[2]; … … 2173 2259 function wp_suggestCategories($args) { 2174 2260 $this->escape($args); 2175 2261 2262 if( ! $this->guard_condition( $args, 4 ) ) 2263 return $this->error; 2264 2176 2265 $blog_id = (int) $args[0]; 2177 2266 $username = $args[1]; 2178 2267 $password = $args[2]; 2179 2268 $category = $args[3]; 2180 $max_results = (int) $args[4];2269 $max_results = isset( $args[4] ) ? (int) $args[4] : ''; 2181 2270 2182 2271 if ( !$user = $this->login($username, $password) ) 2183 2272 return $this->error; … … 2210 2299 function wp_getComment($args) { 2211 2300 $this->escape($args); 2212 2301 2302 if( ! $this->guard_condition( $args, 4 ) ) 2303 return $this->error; 2304 2213 2305 $blog_id = (int) $args[0]; 2214 2306 $username = $args[1]; 2215 2307 $password = $args[2]; … … 2284 2376 $raw_args = $args; 2285 2377 $this->escape($args); 2286 2378 2379 if( ! $this->guard_condition( $args, 4 ) ) 2380 return $this->error; 2381 2287 2382 $blog_id = (int) $args[0]; 2288 2383 $username = $args[1]; 2289 2384 $password = $args[2]; … … 2352 2447 function wp_deleteComment($args) { 2353 2448 $this->escape($args); 2354 2449 2450 if( ! $this->guard_condition( $args, 4 ) ) 2451 return $this->error; 2452 2355 2453 $blog_id = (int) $args[0]; 2356 2454 $username = $args[1]; 2357 2455 $password = $args[2]; … … 2406 2504 function wp_editComment($args) { 2407 2505 $this->escape($args); 2408 2506 2507 if( ! $this->guard_condition( $args, 5 ) ) 2508 return $this->error; 2509 2409 2510 $blog_id = (int) $args[0]; 2410 2511 $username = $args[1]; 2411 2512 $password = $args[2]; … … 2482 2583 2483 2584 $this->escape($args); 2484 2585 2586 if( ! $this->guard_condition( $args, 5 ) ) 2587 return $this->error; 2588 2485 2589 $blog_id = (int) $args[0]; 2486 2590 $username = $args[1]; 2487 2591 $password = $args[2]; … … 2567 2671 function wp_getCommentStatusList($args) { 2568 2672 $this->escape( $args ); 2569 2673 2674 if( ! $this->guard_condition( $args, 3 ) ) 2675 return $this->error; 2676 2570 2677 $blog_id = (int) $args[0]; 2571 2678 $username = $args[1]; 2572 2679 $password = $args[2]; … … 2593 2700 function wp_getCommentCount( $args ) { 2594 2701 $this->escape($args); 2595 2702 2703 if( ! $this->guard_condition( $args, 4 ) ) 2704 return $this->error; 2705 2596 2706 $blog_id = (int) $args[0]; 2597 2707 $username = $args[1]; 2598 2708 $password = $args[2]; … … 2626 2736 function wp_getPostStatusList( $args ) { 2627 2737 $this->escape( $args ); 2628 2738 2739 if( ! $this->guard_condition( $args, 3 ) ) 2740 return $this->error; 2741 2629 2742 $blog_id = (int) $args[0]; 2630 2743 $username = $args[1]; 2631 2744 $password = $args[2]; … … 2652 2765 function wp_getPageStatusList( $args ) { 2653 2766 $this->escape( $args ); 2654 2767 2768 if( ! $this->guard_condition( $args, 3 ) ) 2769 return $this->error; 2770 2655 2771 $blog_id = (int) $args[0]; 2656 2772 $username = $args[1]; 2657 2773 $password = $args[2]; … … 2678 2794 function wp_getPageTemplates( $args ) { 2679 2795 $this->escape( $args ); 2680 2796 2797 if( ! $this->guard_condition( $args, 3 ) ) 2798 return $this->error; 2799 2681 2800 $blog_id = (int) $args[0]; 2682 2801 $username = $args[1]; 2683 2802 $password = $args[2]; … … 2705 2824 function wp_getOptions( $args ) { 2706 2825 $this->escape( $args ); 2707 2826 2827 if( ! $this->guard_condition( $args, 3 ) ) 2828 return $this->error; 2829 2708 2830 $blog_id = (int) $args[0]; 2709 2831 $username = $args[1]; 2710 2832 $password = $args[2]; … … 2755 2877 function wp_setOptions( $args ) { 2756 2878 $this->escape( $args ); 2757 2879 2880 if( ! $this->guard_condition( $args, 4 ) ) 2881 return $this->error; 2882 2758 2883 $blog_id = (int) $args[0]; 2759 2884 $username = $args[1]; 2760 2885 $password = $args[2]; … … 2804 2929 function wp_getMediaItem($args) { 2805 2930 $this->escape($args); 2806 2931 2932 if( ! $this->guard_condition( $args, 4 ) ) 2933 return $this->error; 2934 2807 2935 $blog_id = (int) $args[0]; 2808 2936 $username = $args[1]; 2809 2937 $password = $args[2]; … … 2869 2997 $raw_args = $args; 2870 2998 $this->escape($args); 2871 2999 3000 if( ! $this->guard_condition( $args, 3 ) ) 3001 return $this->error; 3002 2872 3003 $blog_id = (int) $args[0]; 2873 3004 $username = $args[1]; 2874 3005 $password = $args[2]; … … 2915 3046 function wp_getPostFormats( $args ) { 2916 3047 $this->escape( $args ); 2917 3048 3049 if( ! $this->guard_condition( $args, 3 ) ) 3050 return $this->error; 3051 2918 3052 $blog_id = (int) $args[0]; 2919 3053 $username = $args[1]; 2920 3054 $password = $args[2]; … … 2967 3101 function wp_getPostType( $args ) { 2968 3102 $this->escape( $args ); 2969 3103 3104 if( ! $this->guard_condition( $args, 4 ) ) 3105 return $this->error; 3106 2970 3107 $blog_id = (int) $args[0]; 2971 3108 $username = $args[1]; 2972 3109 $password = $args[2]; … … 3010 3147 function wp_getPostTypes( $args ) { 3011 3148 $this->escape( $args ); 3012 3149 3150 if( ! $this->guard_condition( $args, 3 ) ) 3151 return $this->error; 3152 3013 3153 $blog_id = (int) $args[0]; 3014 3154 $username = $args[1]; 3015 3155 $password = $args[2]; … … 3059 3199 3060 3200 $this->escape($args); 3061 3201 3062 $username = $args[1]; 3202 if( ! $this->guard_condition( $args, 3 ) ) 3203 return $this->error; 3204 3205 $username = $args[1]; 3063 3206 $password = $args[2]; 3064 3207 3065 3208 if ( !$user = $this->login($username, $password) ) … … 3120 3263 * @return array 3121 3264 */ 3122 3265 function blogger_getUserInfo($args) { 3123 3124 3266 $this->escape($args); 3125 3267 3126 $username = $args[1]; 3268 if( ! $this->guard_condition( $args, 3 ) ) 3269 return $this->error; 3270 3271 $username = $args[1]; 3127 3272 $password = $args[2]; 3128 3273 3129 3274 if ( !$user = $this->login($username, $password) ) … … 3154 3299 * @return array 3155 3300 */ 3156 3301 function blogger_getPost($args) { 3157 3158 3302 $this->escape($args); 3159 3303 3160 $post_ID = (int) $args[1]; 3161 $username = $args[2]; 3304 if( ! $this->guard_condition( $args, 4 ) ) 3305 return $this->error; 3306 3307 $post_ID = (int) $args[1]; 3308 $username = $args[2]; 3162 3309 $password = $args[3]; 3163 3310 3164 3311 if ( !$user = $this->login($username, $password) ) … … 3196 3343 * @return array 3197 3344 */ 3198 3345 function blogger_getRecentPosts($args) { 3199 3200 3346 $this->escape($args); 3201 3347 3348 if( ! $this->guard_condition( $args, 4 ) ) 3349 return $this->error; 3350 3202 3351 // $args[0] = appkey - ignored 3203 $blog_ID 3204 $username = $args[2];3352 $blog_ID = (int) $args[1]; /* though we don't use it yet */ 3353 $username = $args[2]; 3205 3354 $password = $args[3]; 3355 3206 3356 if ( isset( $args[4] ) ) 3207 3357 $query = array( 'numberposts' => absint( $args[4] ) ); 3208 3358 else … … 3257 3407 * @return string 3258 3408 */ 3259 3409 function blogger_getTemplate($args) { 3260 3261 3410 $this->escape($args); 3262 3411 3263 $blog_ID = (int) $args[1]; 3264 $username = $args[2]; 3412 if( ! $this->guard_condition( $args, 4 ) ) 3413 return $this->error; 3414 3415 $blog_ID = (int) $args[1]; 3416 $username = $args[2]; 3265 3417 $password = $args[3]; 3266 $template = $args[4]; /* could be 'main' or 'archiveIndex', but we don't use it */3418 $template = isset( $args[4] ) ? $args[4] : ''; /* could be 'main' or 'archiveIndex', but we don't use it */ 3267 3419 3268 3420 if ( !$user = $this->login($username, $password) ) 3269 3421 return $this->error; … … 3296 3448 * @return bool True when done. 3297 3449 */ 3298 3450 function blogger_setTemplate($args) { 3299 3300 3451 $this->escape($args); 3301 3452 3302 $blog_ID = (int) $args[1]; 3303 $username = $args[2]; 3453 if( ! $this->guard_condition( $args, 5 ) ) 3454 return $this->error; 3455 3456 $blog_ID = (int) $args[1]; 3457 $username = $args[2]; 3304 3458 $password = $args[3]; 3305 $content 3306 $template = $args[5]; /* could be 'main' or 'archiveIndex', but we don't use it */3459 $content = $args[4]; 3460 $template = isset( $args[5] ) ? $args[5] : ''; /* could be 'main' or 'archiveIndex', but we don't use it */ 3307 3461 3308 3462 if ( !$user = $this->login($username, $password) ) 3309 3463 return $this->error; … … 3336 3490 * @return int 3337 3491 */ 3338 3492 function blogger_newPost($args) { 3339 3340 3493 $this->escape($args); 3341 3494 3342 $blog_ID = (int) $args[1]; /* though we don't use it yet */ 3343 $username = $args[2]; 3495 if( ! $this->guard_condition( $args, 6 ) ) 3496 return $this->error; 3497 3498 $blog_ID = (int) $args[1]; /* though we don't use it yet */ 3499 $username = $args[2]; 3344 3500 $password = $args[3]; 3345 $content 3346 $publish 3501 $content = $args[4]; 3502 $publish = $args[5]; 3347 3503 3348 3504 if ( !$user = $this->login($username, $password) ) 3349 3505 return $this->error; … … 3390 3546 * @return bool true when done. 3391 3547 */ 3392 3548 function blogger_editPost($args) { 3393 3394 3549 $this->escape($args); 3395 3550 3396 $post_ID = (int) $args[1]; 3397 $username = $args[2]; 3551 if( ! $this->guard_condition( $args, 6 ) ) 3552 return $this->error; 3553 3554 $post_ID = (int) $args[1]; 3555 $username = $args[2]; 3398 3556 $password = $args[3]; 3399 $content 3400 $publish 3557 $content = $args[4]; 3558 $publish = $args[5]; 3401 3559 3402 3560 if ( !$user = $this->login($username, $password) ) 3403 3561 return $this->error; … … 3448 3606 function blogger_deletePost($args) { 3449 3607 $this->escape($args); 3450 3608 3451 $post_ID = (int) $args[1]; 3452 $username = $args[2]; 3609 if( ! $this->guard_condition( $args, 5 ) ) 3610 return $this->error; 3611 3612 $post_ID = (int) $args[1]; 3613 $username = $args[2]; 3453 3614 $password = $args[3]; 3454 $publish 3615 $publish = $args[4]; 3455 3616 3456 3617 if ( !$user = $this->login($username, $password) ) 3457 3618 return $this->error; … … 3518 3679 function mw_newPost($args) { 3519 3680 $this->escape($args); 3520 3681 3521 $blog_ID = (int) $args[0]; // we will support this in the near future 3522 $username = $args[1]; 3523 $password = $args[2]; 3682 if( ! $this->guard_condition( $args, 4 ) ) 3683 return $this->error; 3684 3685 $blog_ID = (int) $args[0]; // we will support this in the near future 3686 $username = $args[1]; 3687 $password = $args[2]; 3524 3688 $content_struct = $args[3]; 3525 $publish = isset( $args[4] ) ? $args[4] : 0;3689 $publish = isset( $args[4] ) ? $args[4] : 0; 3526 3690 3527 3691 if ( !$user = $this->login($username, $password) ) 3528 3692 return $this->error; … … 3833 3997 * @return bool True on success. 3834 3998 */ 3835 3999 function mw_editPost($args) { 3836 3837 4000 $this->escape($args); 3838 4001 3839 $post_ID = (int) $args[0]; 3840 $username = $args[1]; 3841 $password = $args[2]; 4002 if( ! $this->guard_condition( $args, 5 ) ) 4003 return $this->error; 4004 4005 $post_ID = (int) $args[0]; 4006 $username = $args[1]; 4007 $password = $args[2]; 3842 4008 $content_struct = $args[3]; 3843 $publish = $args[4];4009 $publish = $args[4]; 3844 4010 3845 4011 if ( ! $user = $this->login($username, $password) ) 3846 4012 return $this->error; … … 3994 4160 if ( isset( $content_struct['mt_excerpt'] ) ) 3995 4161 $post_excerpt = $content_struct['mt_excerpt']; 3996 4162 4163 $post_more = null; 3997 4164 if ( isset( $content_struct['mt_text_more'] ) ) 3998 4165 $post_more = $content_struct['mt_text_more']; 3999 4166 … … 4102 4269 * @return array 4103 4270 */ 4104 4271 function mw_getPost($args) { 4105 4106 4272 $this->escape($args); 4107 4273 4108 $post_ID = (int) $args[0]; 4109 $username = $args[1]; 4274 if( ! $this->guard_condition( $args, 3 ) ) 4275 return $this->error; 4276 4277 $post_ID = (int) $args[0]; 4278 $username = $args[1]; 4110 4279 $password = $args[2]; 4111 4280 4112 4281 if ( !$user = $this->login($username, $password) ) … … 4225 4394 * @return array 4226 4395 */ 4227 4396 function mw_getRecentPosts($args) { 4228 4229 4397 $this->escape($args); 4230 4398 4231 $blog_ID = (int) $args[0]; 4232 $username = $args[1]; 4399 if( ! $this->guard_condition( $args, 3 ) ) 4400 return $this->error; 4401 4402 $blog_ID = (int) $args[0]; 4403 $username = $args[1]; 4233 4404 $password = $args[2]; 4405 4234 4406 if ( isset( $args[3] ) ) 4235 4407 $query = array( 'numberposts' => absint( $args[3] ) ); 4236 4408 else … … 4340 4512 * @return array 4341 4513 */ 4342 4514 function mw_getCategories($args) { 4343 4344 4515 $this->escape($args); 4345 4516 4346 $blog_ID = (int) $args[0]; 4347 $username = $args[1]; 4517 if( ! $this->guard_condition( $args, 3 ) ) 4518 return $this->error; 4519 4520 $blog_ID = (int) $args[0]; 4521 $username = $args[1]; 4348 4522 $password = $args[2]; 4349 4523 4350 4524 if ( !$user = $this->login($username, $password) ) … … 4389 4563 function mw_newMediaObject($args) { 4390 4564 global $wpdb; 4391 4565 4392 $blog_ID = (int) $args[0]; 4393 $username = $wpdb->escape($args[1]); 4566 if( ! $this->guard_condition( $args, 4 ) ) 4567 return $this->error; 4568 4569 $blog_ID = (int) $args[0]; 4570 $username = $wpdb->escape($args[1]); 4394 4571 $password = $wpdb->escape($args[2]); 4395 $data 4572 $data = $args[3]; 4396 4573 4397 4574 $name = sanitize_file_name( $data['name'] ); 4398 4575 $type = $data['type']; … … 4474 4651 * @return array 4475 4652 */ 4476 4653 function mt_getRecentPostTitles($args) { 4477 4478 4654 $this->escape($args); 4479 4655 4480 $blog_ID = (int) $args[0]; 4481 $username = $args[1]; 4656 if( ! $this->guard_condition( $args, 3 ) ) 4657 return $this->error; 4658 4659 $blog_ID = (int) $args[0]; 4660 $username = $args[1]; 4482 4661 $password = $args[2]; 4662 4483 4663 if ( isset( $args[3] ) ) 4484 4664 $query = array( 'numberposts' => absint( $args[3] ) ); 4485 4665 else … … 4534 4714 * @return array 4535 4715 */ 4536 4716 function mt_getCategoryList($args) { 4537 4538 4717 $this->escape($args); 4539 4718 4540 $blog_ID = (int) $args[0]; 4541 $username = $args[1]; 4719 if( ! $this->guard_condition( $args, 3 ) ) 4720 return $this->error; 4721 4722 $blog_ID = (int) $args[0]; 4723 $username = $args[1]; 4542 4724 $password = $args[2]; 4543 4725 4544 4726 if ( !$user = $this->login($username, $password) ) … … 4572 4754 * @return array 4573 4755 */ 4574 4756 function mt_getPostCategories($args) { 4575 4576 4757 $this->escape($args); 4577 4758 4578 $post_ID = (int) $args[0]; 4579 $username = $args[1]; 4759 if( ! $this->guard_condition( $args, 3 ) ) 4760 return $this->error; 4761 4762 $post_ID = (int) $args[0]; 4763 $username = $args[1]; 4580 4764 $password = $args[2]; 4581 4765 4582 4766 if ( !$user = $this->login($username, $password) ) … … 4612 4796 * @return bool True on success. 4613 4797 */ 4614 4798 function mt_setPostCategories($args) { 4615 4616 4799 $this->escape($args); 4617 4800 4618 $post_ID = (int) $args[0]; 4619 $username = $args[1]; 4801 if( ! $this->guard_condition( $args, 4 ) ) 4802 return $this->error; 4803 4804 $post_ID = (int) $args[0]; 4805 $username = $args[1]; 4620 4806 $password = $args[2]; 4621 $categories 4807 $categories = $args[3]; 4622 4808 4623 4809 if ( !$user = $this->login($username, $password) ) 4624 4810 return $this->error; … … 4720 4906 * @return int 4721 4907 */ 4722 4908 function mt_publishPost($args) { 4723 4724 4909 $this->escape($args); 4725 4910 4726 $post_ID = (int) $args[0]; 4727 $username = $args[1]; 4911 if( ! $this->guard_condition( $args, 3 ) ) 4912 return $this->error; 4913 4914 $post_ID = (int) $args[0]; 4915 $username = $args[1]; 4728 4916 $password = $args[2]; 4729 4917 4730 4918 if ( !$user = $this->login($username, $password) ) … … 4768 4956 4769 4957 $this->escape($args); 4770 4958 4959 if( ! $this->guard_condition( $args, 2 ) ) 4960 return $this->error; 4961 4771 4962 $pagelinkedfrom = $args[0]; 4772 4963 $pagelinkedto = $args[1]; 4773 4964
