Ticket #3290: unfiltered-imports.diff
| File unfiltered-imports.diff, 9.1 KB (added by andy, 5 years ago) |
|---|
-
wp-includes/capabilities.php
454 454 return call_user_func_array(array(&$current_user, 'has_cap'), $args); 455 455 } 456 456 457 // Capability checker for any user 458 function user_can($user, $capability) { 459 $user = new WP_User($user); 460 461 if ( empty($user) ) 462 return false; 463 464 $args = array_slice(func_get_args(), 2); 465 $args = array_merge(array($capability), $args); 466 467 return call_user_func_array(array(&$user, 'has_cap'), $args); 468 } 469 457 470 // Convenience wrappers around $wp_roles. 458 471 function get_role($role) { 459 472 global $wp_roles; -
wp-includes/kses.php
547 547 remove_filter('content_filtered_save_pre', 'wp_filter_post_kses'); 548 548 } 549 549 550 function kses_init( ) {550 function kses_init($filtered = null) { 551 551 kses_remove_filters(); 552 552 553 if (current_user_can('unfiltered_html') == false) 553 if ( isset($filtered) && $filtered == false ) 554 return; 555 if ( isset($filtered) && $filtered == true ) 554 556 kses_init_filters(); 557 if ( current_user_can('unfiltered_html') == false ) 558 kses_init_filters(); 555 559 } 556 560 557 561 add_action('init', 'kses_init'); -
wp-admin/import/livejournal.php
69 69 printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title)); 70 70 } else { 71 71 printf(__('Importing post <i>%s</i>...'), stripslashes($post_title)); 72 73 // Set up kses filters appropriate for the author's caps 74 $filtered = ! user_can($post_author, 'unfiltered_html'); 75 kses_init($filtered); 76 72 77 $postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status'); 73 78 $post_id = wp_insert_post($postdata); 74 79 if (!$post_id) { … … 82 87 $comments = $comments[1]; 83 88 84 89 if ( $comments ) { 90 // Always filter imported comments. 91 kses_init(true); 92 85 93 $comment_post_ID = $post_id; 86 94 $num_comments = 0; 87 95 foreach ($comments as $comment) { -
wp-admin/import/dotclear.php
366 366 367 367 // Import Post data into WordPress 368 368 369 // Set up kses filters appropriate for the author's caps 370 $filtered = ! user_can($authorid, 'unfiltered_html'); 371 kses_init($filtered); 372 369 373 if($pinfo = post_exists($Title,$post_content)) 370 374 { 371 375 $ret_id = wp_insert_post(array( … … 427 431 $dccm2wpcm = array(); 428 432 $postarr = get_option('dcposts2wpposts'); 429 433 434 // Always filter imported comments. 435 kses_init(true); 436 430 437 // Magic Mojo 431 438 if(is_array($comments)) 432 439 { -
wp-admin/import/mt.php
287 287 288 288 $post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor 289 289 290 // Set up kses filters appropriate for the author's caps 291 $filtered = ! user_can($post_author, 'unfiltered_html'); 292 kses_init($filtered); 293 290 294 $postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt'); 291 295 $post_id = wp_insert_post($postdata); 292 296 // Add categories. … … 301 305 // Now for comments 302 306 $comments = explode("-----\nCOMMENT:", $comments[0]); 303 307 $num_comments = 0; 308 309 // Always filter imported comments. 310 kses_init(true); 311 304 312 foreach ($comments as $comment) { 305 313 if ('' != trim($comment)) { 306 314 // Author -
wp-admin/import/blogger.php
498 498 if ( count($post_array) ) { 499 499 krsort($post_array); 500 500 foreach($post_array as $post) { 501 if ( ! $comment_post_ID = $post['ID'] ) 501 if ( isset($post['post']) ) { 502 $filtered = ! user_can($post['post']['post_author'], 'unfiltered_html'); 503 kses_init($filtered); 502 504 $comment_post_ID = wp_insert_post($post['post']); 505 } else { 506 $comment_post_ID = $post['ID']; 507 } 503 508 if ( $post['comments'] ) { 509 // Always filter imported comments. 510 kses_init(true); 511 504 512 foreach ( $post['comments'] as $comment ) { 505 513 $comment['comment_post_ID'] = $comment_post_ID; 506 514 wp_insert_comment($comment); -
wp-admin/import/blogware.php
90 90 } else { 91 91 printf(__('Importing post <i>%s</i>...'), stripslashes($post_title)); 92 92 $postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status'); 93 // Set up kses filters appropriate for the author's caps 94 $filtered = ! user_can($post_author, 'unfiltered_html'); 95 kses_init($filtered); 93 96 $post_id = wp_insert_post($postdata); 94 97 if (!$post_id) { 95 98 _e("Couldn't get post ID"); … … 104 107 $comments = $comments[1]; 105 108 106 109 if ( $comments ) { 110 // Always filter imported comments. 111 kses_init(true); 112 107 113 $comment_post_ID = $post_id; 108 114 $num_comments = 0; 109 115 foreach ($comments as $comment) { -
wp-admin/import/textpattern.php
300 300 301 301 // Import Post data into WordPress 302 302 303 // Set up kses filters appropriate for the author's caps 304 $filtered = ! user_can($authorid, 'unfiltered_html'); 305 kses_init($filtered); 306 303 307 if($pinfo = post_exists($Title,$Body)) 304 308 { 305 309 $ret_id = wp_insert_post(array( … … 358 362 $txpcm2wpcm = array(); 359 363 $postarr = get_option('txpposts2wpposts'); 360 364 365 // Always filter imported comments. 366 kses_init(true); 367 361 368 // Magic Mojo 362 369 if(is_array($comments)) 363 370 { -
wp-admin/import/greymatter.php
228 228 $post_author = $user_id; 229 229 } 230 230 231 // Set up kses filters appropriate for the author's caps 232 $filtered = ! user_can($post_author, 'unfiltered_html'); 233 kses_init($filtered); 234 231 235 $postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt'); 232 236 $post_ID = wp_insert_post($postdata); 233 237 } 234 238 235 239 $c=count($entry); 236 240 if ($c>4) { 241 // Always filter imported comments. 242 kses_init(true); 243 237 244 $numAddedComments = 0; 238 245 $numComments = 0; 239 246 for ($j=4;$j<$c;$j++) { -
wp-admin/import/rss.php
109 109 if ($post_id = post_exists($post_title, $post_content, $post_date)) { 110 110 _e('Post already imported'); 111 111 } else { 112 // Set up kses filters appropriate for the author's caps 113 $filtered = ! user_can($post_author, 'unfiltered_html'); 114 kses_init($filtered); 112 115 $post_id = wp_insert_post($post); 113 116 if (!$post_id) { 114 117 _e("Couldn't get post ID"); -
wp-admin/import/wordpress.php
251 251 252 252 $post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor 253 253 254 // Set up kses filters appropriate for the author's caps 255 $filtered = ! user_can($post_author, 'unfiltered_html'); 256 kses_init($filtered); 257 254 258 $postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt', 'guid', 'post_parent', 'post_type'); 255 259 $comment_post_ID = $post_id = wp_insert_post($postdata); 256 260 // Add categories. … … 263 267 preg_match_all('|<wp:comment>(.*?)</wp:comment>|is', $post, $comments); 264 268 $comments = $comments[1]; 265 269 $num_comments = 0; 270 271 // Always filter imported comments. 272 kses_init(true); 273 266 274 if ( $comments) { foreach ($comments as $comment) { 267 275 $comment_author = $this->get_tag( $comment, 'wp:comment_author'); 268 276 $comment_author_email = $this->get_tag( $comment, 'wp:comment_author_email');
