Ticket #7652: 7652.diff

wp-app.php

@@ -17 +17 @@
 
 /** Atom Publishing Protocol Class */
 require_once(ABSPATH . WPINC . '/atomlib.php');
+require_once(ABSPATH . WPINC . '/class-simplepie.php');
 
 /** Admin Image API for metadata updating */
 require_once(ABSPATH . '/wp-admin/includes/image.php');
@@ -38 +39 @@
  * @var int|bool
  * @todo Should be an option somewhere
  */
-$always_authenticate = 1;
+$always_authenticate = 0;
 
 /**
  * Writes logging info to a file.
@@ -258 +259 @@
          * @since 2.2.0
          */
         function handle_request() {
-                global $always_authenticate;
-
                 if ( !empty( $_SERVER['ORIG_PATH_INFO'] ) )
                         $path = $_SERVER['ORIG_PATH_INFO'];
                 else
@@ -294 +293 @@
                                         // authenticate regardless of the operation and set the current
                                         // user. each handler will decide if auth is required or not.
                                         if ( !$this->authenticate() ) {
-                                                if ( $always_authenticate )
-                                                        $this->auth_required('Credentials required.');
+                                                $this->auth_required('Credentials required.');
                                         }
 
                                         array_shift($matches);
@@ -390 +388 @@
                 global $user_ID;
                 $this->get_accepted_content_type($this->atom_content_types);
 
-                $parser = new AtomParser();
-                if ( !$parser->parse() )
-                        $this->client_error();
+                $data = file_get_contents('php://input');
+                // SimplePie expects the feed element to be the top element
+                if (strpos($data, '<feed') === false) {
+                        $data = str_replace('<entry', '<feed xmlns="' . SIMPLEPIE_NAMESPACE_ATOM_10 . '"><entry', $data);
+                        $data = str_replace('</entry>', '</entry></feed>', $data);
+                }
+                $feed = new SimplePie();
+                $feed->set_raw_data($data);
+                $feed->init();
+                if ( $feed->error() )
+                        $this->client_error($feed->error());
 
-                $entry = array_pop($parser->feed->entries);
+                $entry = $feed->get_item(0);
 
-                log_app('Received entry:', print_r($entry,true));
+                log_app('Received entry:', $entry->get_title());
 
                 $catnames = array();
-                foreach ( $entry->categories as $cat ) {
-                        array_push($catnames, $cat["term"]);
+                foreach ( (array) $entry->get_categories() as $category ) {
+                        array_push($catnames, $category->get_term());
                 }
 
                 $wp_cats = get_categories(array('hide_empty' => false));
@@ -412 +418 @@
                                 array_push($post_category, $cat->term_id);
                 }
 
-                $publish = ! ( isset( $entry->draft ) && 'yes' == trim( $entry->draft ) );
+                $publish = true;
+                if (($control = $entry->get_item_tags($this->ATOMPUB_NS, 'control')) && !empty($control[0]['child'][$this->ATOMPUB_NS]['draft'][0]['data'])) {
+                        $publish = ('no' == $control[0]['child'][$this->ATOMPUB_NS]['draft'][0]['data']);
+                }
 
                 $cap = ($publish) ? 'publish_posts' : 'edit_posts';
 
@@ -422 +431 @@
                 $blog_ID = get_current_blog_id();
                 $post_status = ($publish) ? 'publish' : 'draft';
                 $post_author = (int) $user_ID;
-                $post_title = $entry->title[1];
-                $post_content = $entry->content[1];
-                $post_excerpt = $entry->summary[1];
-                $pubtimes = $this->get_publish_time($entry->published);
-                $post_date = $pubtimes[0];
-                $post_date_gmt = $pubtimes[1];
+                $post_title = $entry->get_title();
+                $post_content = $entry->get_content();
+                $post_excerpt = $entry->get_description();
+                $post_date = $entry->get_date('Y-m-d H:i:s');
+                $post_date_gmt = gmdate('Y-m-d H:i:s', $entry->get_date('U'));
 
                 if ( isset( $_SERVER['HTTP_SLUG'] ) )
                         $post_name = $_SERVER['HTTP_SLUG'];
@@ -1336 +1344 @@
                 log_app('Status','400: Client Error');
                 header('Content-Type: text/plain');
                 status_header('400');
+                echo $msg;
                 exit;
         }
 
@@ -1448 +1457 @@
          * @return bool
          */
         function authenticate() {
+                global $always_authenticate;
+
                 log_app("authenticate()",print_r($_ENV, true));
 
                 // if using mod_rewrite/ENV hack
@@ -1474 +1485 @@
                         }
                 }
 
+                // If we're forcing admin abilities
+                if (!$always_authenticate) {
+                        wp_set_current_user(1);
+                        return true;
+                }
+
                 return false;
         }