Ticket #986: 986-root.diff
| File 986-root.diff, 69.2 KB (added by Nazgul, 6 years ago) |
|---|
-
index.php
1 <?php 1 <?php 2 2 /* Short and sweet */ 3 3 define('WP_USE_THEMES', true); 4 4 require('./wp-blog-header.php'); -
wp-atom.php
11 11 ?> 12 12 <?php echo '<?xml version="1.0" encoding="'.get_settings('blog_charset').'"?'.'>'; ?> 13 13 <feed version="0.3" 14 15 16 17 18 14 xmlns="http://purl.org/atom/ns#" 15 xmlns:dc="http://purl.org/dc/elements/1.1/" 16 xml:lang="<?php echo get_option('rss_language'); ?>" 17 <?php do_action('atom_ns'); ?> 18 > 19 19 <title><?php bloginfo_rss('name') ?></title> 20 20 <link rel="alternate" type="text/html" href="<?php bloginfo_rss('home') ?>" /> 21 21 <tagline><?php bloginfo_rss("description") ?></tagline> … … 25 25 <?php do_action('atom_head'); ?> 26 26 <?php $items_count = 0; if ($posts) { foreach ($posts as $post) { start_wp(); ?> 27 27 <entry> 28 28 <author> 29 29 <name><?php the_author() ?></name> 30 30 </author> 31 31 <title type="text/html" mode="escaped"><![CDATA[<?php the_title_rss() ?>]]></title> … … 33 33 <id><?php the_guid(); ?></id> 34 34 <modified><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></modified> 35 35 <issued><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></issued> 36 <?php the_category_rss('rdf') ?> 36 <?php the_category_rss('rdf') ?> 37 37 <summary type="text/plain" mode="escaped"><![CDATA[<?php the_excerpt_rss(); ?>]]></summary> 38 38 <?php if ( !get_settings('rss_use_excerpt') ) : ?> 39 39 <content type="<?php bloginfo('html_type'); ?>" mode="escaped" xml:base="<?php permalink_single_rss() ?>"><![CDATA[<?php the_content('', 0, '') ?>]]></content> -
wp-blog-header.php
4 4 if ( !file_exists( dirname(__FILE__) . '/wp-config.php') ) { 5 5 if ( strstr( $_SERVER['PHP_SELF'], 'wp-admin') ) $path = ''; 6 6 else $path = 'wp-admin/'; 7 7 die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://wordpress.org/docs/faq/#wp-config'>We got it</a>. You can <a href='{$path}setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file."); 8 8 } 9 9 10 10 $wp_did_header = true; -
wp-comments-post.php
57 57 setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); 58 58 endif; 59 59 60 $location = ( empty( $_POST['redirect_to'] ) ) ? get_permalink( $comment_post_ID ) : $_POST['redirect_to']; 60 $location = ( empty( $_POST['redirect_to'] ) ) ? get_permalink( $comment_post_ID ) : $_POST['redirect_to']; 61 61 62 62 wp_redirect( $location ); 63 63 -
wp-commentsrss2.php
1 <?php 1 <?php 2 2 3 3 if (empty($wp)) { 4 4 require_once('wp-config.php'); … … 7 7 8 8 header('Content-type: text/xml;charset=' . get_settings('blog_charset'), true); 9 9 10 echo '<?xml version="1.0" encoding="'.get_settings('blog_charset').'"?'.'>'; 10 echo '<?xml version="1.0" encoding="'.get_settings('blog_charset').'"?'.'>'; 11 11 ?> 12 12 <!-- generator="wordpress/<?php echo $wp_version ?>" --> 13 <rss version="2.0" 13 <rss version="2.0" 14 14 xmlns:content="http://purl.org/rss/1.0/modules/content/"> 15 15 <channel> 16 16 <?php 17 17 $i = 0; 18 18 if (have_posts()) : 19 19 while (have_posts()) : the_post(); 20 20 if ($i < 1) { 21 21 $i++; 22 22 ?> … … 26 26 <pubDate><?php echo gmdate('r'); ?></pubDate> 27 27 <generator>http://wordpress.org/?v=<?php echo $wp_version ?></generator> 28 28 29 <?php 29 <?php 30 30 if (is_single() || is_page()) { 31 $comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_author_email, 32 comment_author_url, comment_date, comment_date_gmt, comment_content, comment_post_ID, 33 $wpdb->posts.ID, $wpdb->posts.post_password FROM $wpdb->comments 34 LEFT JOIN $wpdb->posts ON comment_post_id = id WHERE comment_post_ID = '" . get_the_ID() . "' 35 AND $wpdb->comments.comment_approved = '1' AND $wpdb->posts.post_status = 'publish' 36 AND post_date_gmt < '" . gmdate("Y-m-d H:i:59") . "' 31 $comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_author_email, 32 comment_author_url, comment_date, comment_date_gmt, comment_content, comment_post_ID, 33 $wpdb->posts.ID, $wpdb->posts.post_password FROM $wpdb->comments 34 LEFT JOIN $wpdb->posts ON comment_post_id = id WHERE comment_post_ID = '" . get_the_ID() . "' 35 AND $wpdb->comments.comment_approved = '1' AND $wpdb->posts.post_status = 'publish' 36 AND post_date_gmt < '" . gmdate("Y-m-d H:i:59") . "' 37 37 ORDER BY comment_date_gmt DESC LIMIT " . get_settings('posts_per_rss') ); 38 38 } else { // if no post id passed in, we'll just ue the last 10 comments. 39 $comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_author_email, 40 comment_author_url, comment_date, comment_date_gmt, comment_content, comment_post_ID, 41 $wpdb->posts.ID, $wpdb->posts.post_password FROM $wpdb->comments 42 LEFT JOIN $wpdb->posts ON comment_post_id = id WHERE $wpdb->posts.post_status = 'publish' 43 AND $wpdb->comments.comment_approved = '1' AND post_date_gmt < '" . gmdate("Y-m-d H:i:s") . "' 39 $comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_author_email, 40 comment_author_url, comment_date, comment_date_gmt, comment_content, comment_post_ID, 41 $wpdb->posts.ID, $wpdb->posts.post_password FROM $wpdb->comments 42 LEFT JOIN $wpdb->posts ON comment_post_id = id WHERE $wpdb->posts.post_status = 'publish' 43 AND $wpdb->comments.comment_approved = '1' AND post_date_gmt < '" . gmdate("Y-m-d H:i:s") . "' 44 44 ORDER BY comment_date_gmt DESC LIMIT " . get_settings('posts_per_rss') ); 45 45 } 46 46 // this line is WordPress' motor, do not delete it. … … 63 63 <link><?php comment_link() ?></link> 64 64 <pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_comment_time('Y-m-d H:i:s', true), false); ?></pubDate> 65 65 <guid><?php comment_link() ?></guid> 66 <?php 66 <?php 67 67 if (!empty($comment->post_password) && $_COOKIE['wp-postpass'] != $comment->post_password) { 68 68 ?> 69 69 <description><?php _e('Protected Comments: Please enter your password to view comments.'); ?></description> … … 73 73 ?> 74 74 <description><?php comment_text_rss() ?></description> 75 75 <content:encoded><![CDATA[<?php comment_text() ?>]]></content:encoded> 76 <?php 77 } // close check for password 76 <?php 77 } // close check for password 78 78 ?> 79 79 </item> 80 <?php 81 } 80 <?php 81 } 82 82 } 83 83 } 84 84 endwhile; endif; -
wp-feed.php
1 1 <?php 2 2 3 3 if (empty($doing_rss)) { 4 5 4 $doing_rss = 1; 5 require(dirname(__FILE__) . '/wp-blog-header.php'); 6 6 } 7 7 8 8 do_feed(); -
wp-links-opml.php
16 16 ?><?php echo '<?xml version="1.0"?'.">\n"; ?> 17 17 <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> 18 18 <opml version="1.0"> 19 20 21 22 23 19 <head> 20 <title>Links for <?php echo get_bloginfo('name').$cat_name ?></title> 21 <dateCreated><?php echo gmdate("D, d M Y H:i:s"); ?> GMT</dateCreated> 22 </head> 23 <body> 24 24 <?php 25 25 26 26 if (empty ($link_cat)) … … 36 36 $bookmarks = get_bookmarks("category={$cat->cat_ID}"); 37 37 foreach ((array) $bookmarks as $bookmark) { 38 38 ?> 39 39 <outline text="<?php echo wp_specialchars($bookmark->link_name); ?>" type="link" xmlUrl="<?php echo wp_specialchars($bookmark->link_rss); ?>" htmlUrl="<?php echo wp_specialchars($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated; ?>" /> 40 40 <?php 41 41 42 42 } -
wp-login.php
106 106 // Generate something random for a password... md5'ing current time with a rand salt 107 107 $key = substr( md5( uniqid( microtime() ) ), 0, 8); 108 108 // now insert the new pass md5'd into the db 109 109 $wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'"); 110 110 $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n"; 111 111 $message .= get_option('siteurl') . "\r\n\r\n"; 112 112 $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; … … 116 116 $m = wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_settings('blogname')), $message); 117 117 118 118 if ($m == false) { 119 120 119 echo '<p>' . __('The e-mail could not be sent.') . "<br />\n"; 120 echo __('Possible reason: your host may have disabled the mail() function...') . "</p>"; 121 121 die(); 122 122 } else { 123 123 echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address."), $user_login) . '<br />'; … … 140 140 do_action('password_reset'); 141 141 142 142 $new_pass = substr( md5( uniqid( microtime() ) ), 0, 7); 143 143 $wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'"); 144 144 wp_cache_delete($user->ID, 'users'); 145 145 wp_cache_delete($user->user_login, 'userlogins'); 146 146 $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; … … 155 155 die(); 156 156 } else { 157 157 echo '<p>' . sprintf(__('Your new password is in the mail.'), $user_login) . '<br />'; 158 158 echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>'; 159 159 // send a copy of password change notification to the admin 160 160 $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n"; 161 161 wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change'), get_settings('blogname')), $message); … … 163 163 } 164 164 break; 165 165 166 case 'login' : 166 case 'login' : 167 167 default: 168 168 169 169 $user_login = ''; … … 237 237 <p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="1" /></label></p> 238 238 <p><label><?php _e('Password:') ?><br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p> 239 239 <p> 240 <label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" /> 241 240 <label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" /> 241 <?php _e('Remember me'); ?></label></p> 242 242 <p class="submit"> 243 243 <input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> »" tabindex="4" /> 244 244 <input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($redirect_to); ?>" /> -
wp-register.php
66 66 </head> 67 67 <body> 68 68 69 <div id="login"> 69 <div id="login"> 70 70 <h2><?php _e('Registration Complete') ?></h2> 71 71 <p><?php printf(__('Username: %s'), "<strong>" . wp_specialchars($user_login) . "</strong>") ?><br /> 72 72 <?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>') ?> <br /> -
wp-rss2.php
12 12 <?php echo '<?xml version="1.0" encoding="'.get_settings('blog_charset').'"?'.'>'; ?> 13 13 14 14 <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> 15 <rss version="2.0" 15 <rss version="2.0" 16 16 xmlns:content="http://purl.org/rss/1.0/modules/content/" 17 17 xmlns:wfw="http://wellformedweb.org/CommentAPI/" 18 18 xmlns:dc="http://purl.org/dc/elements/1.1/" -
wp-settings.php
11 11 $noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'table_prefix'); 12 12 13 13 $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); 14 foreach ( $input as $k => $v ) 14 foreach ( $input as $k => $v ) 15 15 if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) 16 16 unset($GLOBALS[$k]); 17 17 } 18 18 19 unregister_GLOBALS(); 19 unregister_GLOBALS(); 20 20 21 21 unset( $wp_filter, $cache_userdata, $cache_lastcommentmodified, $cache_lastpostdate, $cache_settings, $category_cache, $cache_categories ); 22 22 … … 140 140 require (ABSPATH . WPINC . '/script-loader.php'); 141 141 142 142 if (!strstr($_SERVER['PHP_SELF'], 'install.php')) : 143 144 145 define('COOKIEHASH', $cookiehash); 143 // Used to guarantee unique hash cookies 144 $cookiehash = md5(get_settings('siteurl')); // Remove in 1.4 145 define('COOKIEHASH', $cookiehash); 146 146 endif; 147 147 148 148 if ( !defined('USER_COOKIE') ) -
wp-trackback.php
47 47 $blog_name = mb_convert_encoding($blog_name, get_settings('blog_charset'), $charset); 48 48 } 49 49 50 if ( is_single() || is_page() ) 51 50 if ( is_single() || is_page() ) 51 $tb_id = $posts[0]->ID; 52 52 53 53 if ( !intval( $tb_id ) ) 54 54 trackback_response(1, 'I really need an ID for this to work.'); -
xmlrpc.php
11 11 12 12 include('./wp-config.php'); 13 13 14 if ( isset( $_GET['rsd'] ) ) { // http://archipelago.phrasewise.com/rsd 14 if ( isset( $_GET['rsd'] ) ) { // http://archipelago.phrasewise.com/rsd 15 15 header('Content-type: text/xml; charset=' . get_settings('blog_charset'), true); 16 16 17 17 ?> 18 18 <?php echo '<?xml version="1.0" encoding="'.get_settings('blog_charset').'"?'.'>'; ?> 19 19 <rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd"> 20 21 22 23 24 25 26 27 28 29 20 <service> 21 <engineName>WordPress</engineName> 22 <engineLink>http://wordpress.org/</engineLink> 23 <homePageLink><?php bloginfo_rss('url') ?></homePageLink> 24 <apis> 25 <api name="Movable Type" blogID="1" preferred="true" apiLink="<?php bloginfo_rss('url') ?>/xmlrpc.php" /> 26 <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('url') ?>/xmlrpc.php" /> 27 <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('url') ?>/xmlrpc.php" /> 28 </apis> 29 </service> 30 30 </rsd> 31 31 <?php 32 32 exit; … … 62 62 63 63 64 64 function mkdir_p($target) { 65 // from php.net/mkdir user contributed notes 65 // from php.net/mkdir user contributed notes 66 66 if (file_exists($target)) { 67 68 69 70 71 67 if (!is_dir($target)) { 68 return false; 69 } else { 70 return true; 71 } 72 72 } 73 73 74 74 // Attempting to create the directory may clutter up our display. 75 75 if (@mkdir($target)) { 76 76 return true; 77 77 } 78 78 79 79 // If the above failed, attempt to create the parent node, then try again. 80 80 if (mkdir_p(dirname($target))) { 81 81 return mkdir_p($target); 82 82 } 83 83 84 84 return false; … … 89 89 90 90 function wp_xmlrpc_server() { 91 91 $this->methods = array( 92 93 94 95 96 97 98 99 100 101 92 // Blogger API 93 'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs', 94 'blogger.getUserInfo' => 'this:blogger_getUserInfo', 95 'blogger.getPost' => 'this:blogger_getPost', 96 'blogger.getRecentPosts' => 'this:blogger_getRecentPosts', 97 'blogger.getTemplate' => 'this:blogger_getTemplate', 98 'blogger.setTemplate' => 'this:blogger_setTemplate', 99 'blogger.newPost' => 'this:blogger_newPost', 100 'blogger.editPost' => 'this:blogger_editPost', 101 'blogger.deletePost' => 'this:blogger_deletePost', 102 102 103 104 105 106 107 108 109 103 // MetaWeblog API (with MT extensions to structs) 104 'metaWeblog.newPost' => 'this:mw_newPost', 105 'metaWeblog.editPost' => 'this:mw_editPost', 106 'metaWeblog.getPost' => 'this:mw_getPost', 107 'metaWeblog.getRecentPosts' => 'this:mw_getRecentPosts', 108 'metaWeblog.getCategories' => 'this:mw_getCategories', 109 'metaWeblog.newMediaObject' => 'this:mw_newMediaObject', 110 110 111 112 113 114 115 116 111 // MetaWeblog API aliases for Blogger API 112 // see http://www.xmlrpc.com/stories/storyReader$2460 113 'metaWeblog.deletePost' => 'this:blogger_deletePost', 114 'metaWeblog.getTemplate' => 'this:blogger_getTemplate', 115 'metaWeblog.setTemplate' => 'this:blogger_setTemplate', 116 'metaWeblog.getUsersBlogs' => 'this:blogger_getUsersBlogs', 117 117 118 119 120 121 122 123 124 125 126 118 // MovableType API 119 'mt.getCategoryList' => 'this:mt_getCategoryList', 120 'mt.getRecentPostTitles' => 'this:mt_getRecentPostTitles', 121 'mt.getPostCategories' => 'this:mt_getPostCategories', 122 'mt.setPostCategories' => 'this:mt_setPostCategories', 123 'mt.supportedMethods' => 'this:mt_supportedMethods', 124 'mt.supportedTextFilters' => 'this:mt_supportedTextFilters', 125 'mt.getTrackbackPings' => 'this:mt_getTrackbackPings', 126 'mt.publishPost' => 'this:mt_publishPost', 127 127 128 129 130 128 // PingBack 129 'pingback.ping' => 'this:pingback_ping', 130 'pingback.extensions.getPingbacks' => 'this:pingback_extensions_getPingbacks', 131 131 132 133 132 'demo.sayHello' => 'this:sayHello', 133 'demo.addTwoNumbers' => 'this:addTwoNumbers' 134 134 ); 135 135 $this->methods = apply_filters('xmlrpc_methods', $this->methods); 136 136 $this->IXR_Server($this->methods); … … 147 147 } 148 148 149 149 function login_pass_ok($user_login, $user_pass) { 150 151 152 153 154 150 if (!user_pass_ok($user_login, $user_pass)) { 151 $this->error = new IXR_Error(403, 'Bad login/pass combination.'); 152 return false; 153 } 154 return true; 155 155 } 156 156 157 157 function escape(&$array) { … … 178 178 179 179 $this->escape($args); 180 180 181 182 181 $user_login = $args[1]; 182 $user_pass = $args[2]; 183 183 184 185 186 184 if (!$this->login_pass_ok($user_login, $user_pass)) { 185 return $this->error; 186 } 187 187 188 189 188 set_current_user(0, $user_login); 189 $is_admin = current_user_can('level_8'); 190 190 191 192 193 194 195 196 191 $struct = array( 192 'isAdmin' => $is_admin, 193 'url' => get_settings('home') . '/', 194 'blogid' => '1', 195 'blogName' => get_settings('blogname') 196 ); 197 197 198 198 return array($struct); 199 199 } 200 200 201 201 … … 204 204 205 205 $this->escape($args); 206 206 207 208 207 $user_login = $args[1]; 208 $user_pass = $args[2]; 209 209 210 211 212 210 if (!$this->login_pass_ok($user_login, $user_pass)) { 211 return $this->error; 212 } 213 213 214 214 $user_data = get_userdatabylogin($user_login); 215 215 216 217 218 219 220 221 222 223 216 $struct = array( 217 'nickname' => $user_data->nickname, 218 'userid' => $user_data->ID, 219 'url' => $user_data->user_url, 220 'email' => $user_data->user_email, 221 'lastname' => $user_data->last_name, 222 'firstname' => $user_data->first_name 223 ); 224 224 225 225 return $struct; 226 226 } 227 227 228 228 … … 231 231 232 232 $this->escape($args); 233 233 234 235 236 234 $post_ID = $args[1]; 235 $user_login = $args[2]; 236 $user_pass = $args[3]; 237 237 238 239 240 238 if (!$this->login_pass_ok($user_login, $user_pass)) { 239 return $this->error; 240 } 241 241 242 243 242 $user_data = get_userdatabylogin($user_login); 243 $post_data = wp_get_single_post($post_ID, ARRAY_A); 244 244 245 245 $categories = implode(',', wp_get_post_categories($post_ID)); 246 246 247 248 249 247 $content = '<title>'.stripslashes($post_data['post_title']).'</title>'; 248 $content .= '<category>'.$categories.'</category>'; 249 $content .= stripslashes($post_data['post_content']); 250 250 251 252 253 254 255 256 251 $struct = array( 252 'userid' => $post_data['post_author'], 253 'dateCreated' => new IXR_Date(mysql2date('Ymd\TH:i:s', $post_data['post_date'])), 254 'content' => $content, 255 'postid' => $post_data['ID'] 256 ); 257 257 258 258 return $struct; 259 259 } 260 260 261 261 262 262 /* blogger.getRecentPosts ...gets recent posts */ 263 263 function blogger_getRecentPosts($args) { 264 264 265 265 global $wpdb; 266 266 267 267 $this->escape($args); 268 268 269 270 271 272 269 $blog_ID = $args[1]; /* though we don't use it yet */ 270 $user_login = $args[2]; 271 $user_pass = $args[3]; 272 $num_posts = $args[4]; 273 273 274 275 276 274 if (!$this->login_pass_ok($user_login, $user_pass)) { 275 return $this->error; 276 } 277 277 278 278 $posts_list = wp_get_recent_posts($num_posts); 279 279 280 281 282 283 280 if (!$posts_list) { 281 $this->error = new IXR_Error(500, 'Either there are no posts, or something went wrong.'); 282 return $this->error; 283 } 284 284 285 foreach ($posts_list as $entry) { 286 287 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 288 $categories = implode(',', wp_get_post_categories($entry['ID'])); 285 foreach ($posts_list as $entry) { 289 286 290 $content = '<title>'.stripslashes($entry['post_title']).'</title>'; 291 $content .= '<category>'.$categories.'</category>'; 292 $content .= stripslashes($entry['post_content']); 287 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 288 $categories = implode(',', wp_get_post_categories($entry['ID'])); 293 289 294 $struct[] = array( 295 'userid' => $entry['post_author'], 296 'dateCreated' => new IXR_Date($post_date), 297 'content' => $content, 298 'postid' => $entry['ID'], 299 ); 290 $content = '<title>'.stripslashes($entry['post_title']).'</title>'; 291 $content .= '<category>'.$categories.'</category>'; 292 $content .= stripslashes($entry['post_content']); 300 293 301 } 294 $struct[] = array( 295 'userid' => $entry['post_author'], 296 'dateCreated' => new IXR_Date($post_date), 297 'content' => $content, 298 'postid' => $entry['ID'], 299 ); 302 300 303 $recent_posts = array(); 304 for ($j=0; $j<count($struct); $j++) { 305 array_push($recent_posts, $struct[$j]); 306 } 301 } 307 302 308 return $recent_posts; 303 $recent_posts = array(); 304 for ($j=0; $j<count($struct); $j++) { 305 array_push($recent_posts, $struct[$j]); 306 } 307 308 return $recent_posts; 309 309 } 310 310 311 311 … … 314 314 315 315 $this->escape($args); 316 316 317 318 319 320 317 $blog_ID = $args[1]; 318 $user_login = $args[2]; 319 $user_pass = $args[3]; 320 $template = $args[4]; /* could be 'main' or 'archiveIndex', but we don't use it */ 321 321 322 323 324 322 if (!$this->login_pass_ok($user_login, $user_pass)) { 323 return $this->error; 324 } 325 325 326 327 328 329 326 set_current_user(0, $user_login); 327 if ( !current_user_can('edit_themes') ) { 328 return new IXR_Error(401, 'Sorry, this user can not edit the template.'); 329 } 330 330 331 332 333 331 /* warning: here we make the assumption that the weblog's URI is on the same server */ 332 $filename = get_settings('home') . '/'; 333 $filename = preg_replace('#https?://.+?/#', $_SERVER['DOCUMENT_ROOT'].'/', $filename); 334 334 335 336 337 335 $f = fopen($filename, 'r'); 336 $content = fread($f, filesize($filename)); 337 fclose($f); 338 338 339 340 // FIXME: (or delete me) do we really want to cater to bad clients at the expense of good ones by BEEPing up their line breaks? commented. $content = str_replace("\n", "\r\n", $content);339 /* so it is actually editable with a windows/mac client */ 340 // FIXME: (or delete me) do we really want to cater to bad clients at the expense of good ones by BEEPing up their line breaks? commented. $content = str_replace("\n", "\r\n", $content); 341 341 342 342 return $content; 343 343 } 344 344 345 345 … … 348 348 349 349 $this->escape($args); 350 350 351 352 353 354 355 351 $blog_ID = $args[1]; 352 $user_login = $args[2]; 353 $user_pass = $args[3]; 354 $content = $args[4]; 355 $template = $args[5]; /* could be 'main' or 'archiveIndex', but we don't use it */ 356 356 357 358 359 357 if (!$this->login_pass_ok($user_login, $user_pass)) { 358 return $this->error; 359 } 360 360 361 362 363 364 361 set_current_user(0, $user_login); 362 if ( !current_user_can('edit_themes') ) { 363 return new IXR_Error(401, 'Sorry, this user can not edit the template.'); 364 } 365 365 366 367 368 366 /* warning: here we make the assumption that the weblog's URI is on the same server */ 367 $filename = get_settings('home') . '/'; 368 $filename = preg_replace('#https?://.+?/#', $_SERVER['DOCUMENT_ROOT'].'/', $filename); 369 369 370 371 372 373 374 375 370 if ($f = fopen($filename, 'w+')) { 371 fwrite($f, $content); 372 fclose($f); 373 } else { 374 return new IXR_Error(500, 'Either the file is not writable, or something wrong happened. The file has not been updated.'); 375 } 376 376 377 377 return true; 378 378 } 379 379 380 380 381 381 /* blogger.newPost ...creates a new post */ 382 382 function blogger_newPost($args) { 383 383 384 384 global $wpdb; 385 385 386 386 $this->escape($args); 387 387 388 389 390 391 392 388 $blog_ID = $args[1]; /* though we don't use it yet */ 389 $user_login = $args[2]; 390 $user_pass = $args[3]; 391 $content = $args[4]; 392 $publish = $args[5]; 393 393 394 if (!$this->login_pass_ok($user_login, $user_pass)) { 395 return $this->error; 396 } 397 398 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 399 $user = set_current_user(0, $user_login); 400 if ( !current_user_can($cap) ) 401 return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); 394 if (!$this->login_pass_ok($user_login, $user_pass)) { 395 return $this->error; 396 } 402 397 403 $post_status = ($publish) ? 'publish' : 'draft'; 398 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 399 $user = set_current_user(0, $user_login); 400 if ( !current_user_can($cap) ) 401 return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); 404 402 405 $post_author = $user->ID;403 $post_status = ($publish) ? 'publish' : 'draft'; 406 404 407 $post_title = xmlrpc_getposttitle($content); 408 $post_category = xmlrpc_getpostcategory($content); 409 $post_content = xmlrpc_removepostdata($content); 405 $post_author = $user->ID; 410 406 411 $post_date = current_time('mysql'); 412 $post_date_gmt = current_time('mysql', 1); 407 $post_title = xmlrpc_getposttitle($content); 408 $post_category = xmlrpc_getpostcategory($content); 409 $post_content = xmlrpc_removepostdata($content); 413 410 414 $post_data = compact('blog_ID', 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status'); 411 $post_date = current_time('mysql'); 412 $post_date_gmt = current_time('mysql', 1); 415 413 416 $post_ID = wp_insert_post($post_data);414 $post_data = compact('blog_ID', 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status'); 417 415 418 if (!$post_ID) { 419 return new IXR_Error(500, 'Sorry, your entry could not be posted. Something wrong happened.'); 420 } 416 $post_ID = wp_insert_post($post_data); 421 417 422 logIO('O', "Posted ! ID: $post_ID"); 418 if (!$post_ID) { 419 return new IXR_Error(500, 'Sorry, your entry could not be posted. Something wrong happened.'); 420 } 423 421 424 return $post_ID; 422 logIO('O', "Posted ! ID: $post_ID"); 423 424 return $post_ID; 425 425 } 426 426 427 427 428 428 /* blogger.editPost ...edits a post */ 429 429 function blogger_editPost($args) { 430 430 431 431 global $wpdb; 432 432 433 433 $this->escape($args); 434 434 435 436 437 438 439 435 $post_ID = $args[1]; 436 $user_login = $args[2]; 437 $user_pass = $args[3]; 438 $content = $args[4]; 439 $publish = $args[5]; 440 440 441 442 443 441 if (!$this->login_pass_ok($user_login, $user_pass)) { 442 return $this->error; 443 } 444 444 445 445 $actual_post = wp_get_single_post($post_ID,ARRAY_A); 446 446 447 448 449 447 if (!$actual_post) { 448 return new IXR_Error(404, 'Sorry, no such post.'); 449 } 450 450 451 451 $this->escape($actual_post); 452 452 453 454 455 453 set_current_user(0, $user_login); 454 if ( !current_user_can('edit_post', $post_ID) ) 455 return new IXR_Error(401, 'Sorry, you do not have the right to edit this post.'); 456 456 457 457 extract($actual_post); 458 458 459 460 461 459 $post_title = xmlrpc_getposttitle($content); 460 $post_category = xmlrpc_getpostcategory($content); 461 $post_content = xmlrpc_removepostdata($content); 462 462 463 463 $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt'); 464 464 465 465 $result = wp_update_post($postdata); 466 466 467 468 469 467 if (!$result) { 468 return new IXR_Error(500, 'For some strange yet very annoying reason, this post could not be edited.'); 469 } 470 470 471 471 return true; 472 472 } 473 473 474 474 475 475 /* blogger.deletePost ...deletes a post */ 476 476 function blogger_deletePost($args) { 477 477 478 478 global $wpdb; 479 479 480 480 $this->escape($args); 481 481 482 483 484 485 482 $post_ID = $args[1]; 483 $user_login = $args[2]; 484 $user_pass = $args[3]; 485 $publish = $args[4]; 486 486 487 488 489 487 if (!$this->login_pass_ok($user_login, $user_pass)) { 488 return $this->error; 489 } 490 490 491 491 $actual_post = wp_get_single_post($post_ID,ARRAY_A); 492 492 493 494 495 493 if (!$actual_post) { 494 return new IXR_Error(404, 'Sorry, no such post.'); 495 } 496 496 497 498 499 497 set_current_user(0, $user_login); 498 if ( !current_user_can('edit_post', $post_ID) ) 499 return new IXR_Error(401, 'Sorry, you do not have the right to delete this post.'); 500 500 501 501 $result = wp_delete_post($post_ID); 502 502 503 504 505 503 if (!$result) { 504 return new IXR_Error(500, 'For some strange yet very annoying reason, this post could not be deleted.'); 505 } 506 506 507 507 return true; 508 508 } 509 509 510 510 … … 516 516 /* metaweblog.newPost creates a post */ 517 517 function mw_newPost($args) { 518 518 519 519 global $wpdb, $post_default_category; 520 520 521 521 $this->escape($args); 522 522 523 524 525 526 527 523 $blog_ID = $args[0]; // we will support this in the near future 524 $user_login = $args[1]; 525 $user_pass = $args[2]; 526 $content_struct = $args[3]; 527 $publish = $args[4]; 528 528 529 530 531 529 if (!$this->login_pass_ok($user_login, $user_pass)) { 530 return $this->error; 531 } 532 532 533 534 535 533 $user = set_current_user(0, $user_login); 534 if ( !current_user_can('publish_posts') ) 535 return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); 536 536 537 537 $post_author = $user->ID; 538 538 539 540 541 539 $post_title = $content_struct['title']; 540 $post_content = apply_filters( 'content_save_pre', $content_struct['description'] ); 541 $post_status = $publish ? 'publish' : 'draft'; 542 542 543 544 543 $post_excerpt = $content_struct['mt_excerpt']; 544 $post_more = $content_struct['mt_text_more']; 545 545 546 547 548 546 $comment_status = (empty($content_struct['mt_allow_comments'])) ? 547 get_settings('default_comment_status') 548 : $content_struct['mt_allow_comments']; 549 549 550 551 552 550 $ping_status = (empty($content_struct['mt_allow_pings'])) ? 551 get_settings('default_ping_status') 552 : $content_struct['mt_allow_pings']; 553 553 554 555 556 554 if ($post_more) { 555 $post_content = $post_content . "\n<!--more-->\n" . $post_more; 556 } 557 557 558 558 $to_ping = $content_struct['mt_tb_ping_urls']; 559 559 560 561 562 563 564 565 566 567 568 569 560 // Do some timestamp voodoo 561 $dateCreatedd = $content_struct['dateCreated']; 562 if (!empty($dateCreatedd)) { 563 $dateCreated = $dateCreatedd->getIso(); 564 $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); 565 $post_date_gmt = iso8601_to_datetime($dateCreated, GMT); 566 } else { 567 $post_date = current_time('mysql'); 568 $post_date_gmt = current_time('mysql', 1); 569 } 570 570 571 572 573 571 $catnames = $content_struct['categories']; 572 logIO('O', 'Post cats: ' . printr($catnames,true)); 573 $post_category = array(); 574 574 575 576 577 578 579 575 if (is_array($catnames)) { 576 foreach ($catnames as $cat) { 577 $post_category[] = get_cat_ID($cat); 578 } 579 } 580 580 581 582 581 // We've got all the data -- post it: 582 $postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'to_ping'); 583 583 584 584 $post_ID = wp_insert_post($postdata); 585 585 586 587 588 586 if (!$post_ID) { 587 return new IXR_Error(500, 'Sorry, your entry could not be posted. Something wrong happened.'); 588 } 589 589 590 590 logIO('O', "Posted ! ID: $post_ID"); 591 591 592 592 return strval($post_ID); 593 593 } 594 594 595 595 596 596 /* metaweblog.editPost ...edits a post */ 597 597 function mw_editPost($args) { 598 598 599 599 global $wpdb, $post_default_category; 600 600 601 601 $this->escape($args); 602 602 603 604 605 606 607 603 $post_ID = $args[0]; 604 $user_login = $args[1]; 605 $user_pass = $args[2]; 606 $content_struct = $args[3]; 607 $publish = $args[4]; 608 608 609 610 611 609 if (!$this->login_pass_ok($user_login, $user_pass)) { 610 return $this->error; 611 } 612 612 613 614 615 613 set_current_user(0, $user_login); 614 if ( !current_user_can('edit_post', $post_ID) ) 615 return new IXR_Error(401, 'Sorry, you can not edit this post.'); 616 616 617 618 617 $postdata = wp_get_single_post($post_ID, ARRAY_A); 618 extract($postdata); 619 619 $this->escape($postdata); 620 620 621 622 623 621 $post_title = $content_struct['title']; 622 $post_content = apply_filters( 'content_save_pre', $content_struct['description'] ); 623 $catnames = $content_struct['categories']; 624 624 625 625 $post_category = array(); 626 626 627 628 629 630 631 627 if (is_array($catnames)) { 628 foreach ($catnames as $cat) { 629 $post_category[] = get_cat_ID($cat); 630 } 631 } 632 632 633 634 635 633 $post_excerpt = $content_struct['mt_excerpt']; 634 $post_more = $content_struct['mt_text_more']; 635 $post_status = $publish ? 'publish' : 'draft'; 636 636 637 638 639 637 if ($post_more) { 638 $post_content = $post_content . "\n<!--more-->\n" . $post_more; 639 } 640 640 641 641 $to_ping = $content_struct['mt_tb_ping_urls']; 642 642 643 644 645 643 $comment_status = (empty($content_struct['mt_allow_comments'])) ? 644 get_settings('default_comment_status') 645 : $content_struct['mt_allow_comments']; 646 646 647 648 649 647 $ping_status = (empty($content_struct['mt_allow_pings'])) ? 648 get_settings('default_ping_status') 649 : $content_struct['mt_allow_pings']; 650 650 651 652 653 654 655 656 657 658 659 660 651 // Do some timestamp voodoo 652 $dateCreatedd = $content_struct['dateCreated']; 653 if (!empty($dateCreatedd)) { 654 $dateCreated = $dateCreatedd->getIso(); 655 $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); 656 $post_date_gmt = iso8601_to_datetime($dateCreated, GMT); 657 } else { 658 $post_date = $postdata['post_date']; 659 $post_date_gmt = $postdata['post_date_gmt']; 660 } 661 661 662 663 662 // We've got all the data -- post it: 663 $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping'); 664 664 665 666 667 668 665 $result = wp_update_post($newpost); 666 if (!$result) { 667 return new IXR_Error(500, 'Sorry, your entry could not be edited. Something wrong happened.'); 668 } 669 669 670 670 logIO('O',"(MW) Edited ! ID: $post_ID"); 671 671 672 672 return true; 673 673 } 674 674 675 675 676 676 /* metaweblog.getPost ...returns a post */ 677 677 function mw_getPost($args) { 678 678 679 679 global $wpdb; 680 680 681 681 $this->escape($args); 682 682 683 684 685 683 $post_ID = $args[0]; 684 $user_login = $args[1]; 685 $user_pass = $args[2]; 686 686 687 688 689 687 if (!$this->login_pass_ok($user_login, $user_pass)) { 688 return $this->error; 689 } 690 690 691 691 $postdata = wp_get_single_post($post_ID, ARRAY_A); 692 692 693 693 if ($postdata['post_date'] != '') { 694 694 695 695 $post_date = mysql2date('Ymd\TH:i:s', $postdata['post_date']); 696 696 697 698 699 700 701 697 $categories = array(); 698 $catids = wp_get_post_categories($post_ID); 699 foreach($catids as $catid) { 700 $categories[] = get_cat_name($catid); 701 } 702 702 703 704 703 $post = get_extended($postdata['post_content']); 704 $link = post_permalink($postdata['ID']); 705 705 706 707 706 $allow_comments = ('open' == $postdata['comment_status']) ? 1 : 0; 707 $allow_pings = ('open' == $postdata['ping_status']) ? 1 : 0; 708 708 709 710 711 712 713 714 715 716 709 $resp = array( 710 'dateCreated' => new IXR_Date($post_date), 711 'userid' => $postdata['post_author'], 712 'postid' => $postdata['ID'], 713 'description' => $post['main'], 714 'title' => $postdata['post_title'], 715 'link' => $link, 716 'permaLink' => $link, 717 717 // commented out because no other tool seems to use this 718 718 // 'content' => $entry['post_content'], 719 720 721 722 723 724 719 'categories' => $categories, 720 'mt_excerpt' => $postdata['post_excerpt'], 721 'mt_text_more' => $post['extended'], 722 'mt_allow_comments' => $allow_comments, 723 'mt_allow_pings' => $allow_pings 724 ); 725 725 726 727 728 729 726 return $resp; 727 } else { 728 return new IXR_Error(404, 'Sorry, no such post.'); 729 } 730 730 } 731 731 732 732 … … 735 735 736 736 $this->escape($args); 737 737 738 739 740 741 738 $blog_ID = $args[0]; 739 $user_login = $args[1]; 740 $user_pass = $args[2]; 741 $num_posts = $args[3]; 742 742 743 744 745 743 if (!$this->login_pass_ok($user_login, $user_pass)) { 744 return $this->error; 745 } 746 746 747 747 $posts_list = wp_get_recent_posts($num_posts); 748 748 749 750 751 752 749 if (!$posts_list) { 750 $this->error = new IXR_Error(500, 'Either there are no posts, or something went wrong.'); 751 return $this->error; 752 } 753 753 754 foreach ($posts_list as $entry) { 755 756 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 757 $categories = array(); 758 $catids = wp_get_post_categories($entry['ID']); 759 foreach($catids as $catid) { 760 $categories[] = get_cat_name($catid); 761 } 754 foreach ($posts_list as $entry) { 762 755 763 $post = get_extended($entry['post_content']); 764 $link = post_permalink($entry['ID']); 756 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 757 $categories = array(); 758 $catids = wp_get_post_categories($entry['ID']); 759 foreach($catids as $catid) { 760 $categories[] = get_cat_name($catid); 761 } 765 762 766 $allow_comments = ('open' == $entry['comment_status']) ? 1 : 0;767 $allow_pings = ('open' == $entry['ping_status']) ? 1 : 0;763 $post = get_extended($entry['post_content']); 764 $link = post_permalink($entry['ID']); 768 765 769 $struct[] = array( 770 'dateCreated' => new IXR_Date($post_date), 771 'userid' => $entry['post_author'], 772 'postid' => $entry['ID'], 773 'description' => $post['main'], 774 'title' => $entry['post_title'], 775 'link' => $link, 776 'permaLink' => $link, 766 $allow_comments = ('open' == $entry['comment_status']) ? 1 : 0; 767 $allow_pings = ('open' == $entry['ping_status']) ? 1 : 0; 768 769 $struct[] = array( 770 'dateCreated' => new IXR_Date($post_date), 771 'userid' => $entry['post_author'], 772 'postid' => $entry['ID'], 773 'description' => $post['main'], 774 'title' => $entry['post_title'], 775 'link' => $link, 776 'permaLink' => $link, 777 777 // commented out because no other tool seems to use this 778 778 // 'content' => $entry['post_content'], 779 780 781 782 783 784 779 'categories' => $categories, 780 'mt_excerpt' => $entry['post_excerpt'], 781 'mt_text_more' => $post['extended'], 782 'mt_allow_comments' => $allow_comments, 783 'mt_allow_pings' => $allow_pings 784 ); 785 785 786 786 } 787 787 788 789 790 791 792 793 788 $recent_posts = array(); 789 for ($j=0; $j<count($struct); $j++) { 790 array_push($recent_posts, $struct[$j]); 791 } 792 793 return $recent_posts; 794 794 } 795 795 796 796 797 797 /* metaweblog.getCategories ...returns the list of categories on a given weblog */ 798 798 function mw_getCategories($args) { 799 799 800 800 global $wpdb; 801 801 802 802 $this->escape($args); 803 803 804 805 806 804 $blog_ID = $args[0]; 805 $user_login = $args[1]; 806 $user_pass = $args[2]; 807 807 808 809 810 808 if (!$this->login_pass_ok($user_login, $user_pass)) { 809 return $this->error; 810 } 811 811 812 812 $categories_struct = array(); 813 813 814 815 816 817 818 819 820 821 814 // FIXME: can we avoid using direct SQL there? 815 if ($cats = $wpdb->get_results("SELECT cat_ID,cat_name FROM $wpdb->categories", ARRAY_A)) { 816 foreach ($cats as $cat) { 817 $struct['categoryId'] = $cat['cat_ID']; 818 $struct['description'] = $cat['cat_name']; 819 $struct['categoryName'] = $cat['cat_name']; 820 $struct['htmlUrl'] = wp_specialchars(get_category_link($cat['cat_ID'])); 821 $struct['rssUrl'] = wp_specialchars(get_category_rss_link(false, $cat['cat_ID'], $cat['cat_name'])); 822 822 823 824 825 823 $categories_struct[] = $struct; 824 } 825 } 826 826 827 827 return $categories_struct; 828 828 } 829 829 830 830 … … 875 875 876 876 $this->escape($args); 877 877 878 879 880 881 878 $blog_ID = $args[0]; 879 $user_login = $args[1]; 880 $user_pass = $args[2]; 881 $num_posts = $args[3]; 882 882 883 884 885 883 if (!$this->login_pass_ok($user_login, $user_pass)) { 884 return $this->error; 885 } 886 886 887 887 $posts_list = wp_get_recent_posts($num_posts); 888 888 889 890 891 892 889 if (!$posts_list) { 890 $this->error = new IXR_Error(500, 'Either there are no posts, or something went wrong.'); 891 return $this->error; 892 } 893 893 894 foreach ($posts_list as $entry) { 895 896 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 894 foreach ($posts_list as $entry) { 897 895 898 $struct[] = array( 899 'dateCreated' => new IXR_Date($post_date), 900 'userid' => $entry['post_author'], 901 'postid' => $entry['ID'], 902 'title' => $entry['post_title'], 903 ); 896 $post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']); 904 897 905 } 898 $struct[] = array( 899 'dateCreated' => new IXR_Date($post_date), 900 'userid' => $entry['post_author'], 901 'postid' => $entry['ID'], 902 'title' => $entry['post_title'], 903 ); 906 904 907 $recent_posts = array(); 908 for ($j=0; $j<count($struct); $j++) { 909 array_push($recent_posts, $struct[$j]); 910 } 911 912 return $recent_posts; 905 } 906 907 $recent_posts = array(); 908 for ($j=0; $j<count($struct); $j++) { 909 array_push($recent_posts, $struct[$j]); 910 } 911 912 return $recent_posts; 913 913 } 914 914 915 915 916 916 /* mt.getCategoryList ...returns the list of categories on a given weblog */ 917 917 function mt_getCategoryList($args) { 918 918 919 919 global $wpdb; 920 920 921 921 $this->escape($args); 922 922 923 924 925 923 $blog_ID = $args[0]; 924 $user_login = $args[1]; 925 $user_pass = $args[2]; 926 926 927 928 929 927 if (!$this->login_pass_ok($user_login, $user_pass)) { 928 return $this->error; 929 } 930 930 931 931 $categories_struct = array(); 932 932 933 934 935 936 937 933 // FIXME: can we avoid using direct SQL there? 934 if ($cats = $wpdb->get_results("SELECT cat_ID, cat_name FROM $wpdb->categories", ARRAY_A)) { 935 foreach ($cats as $cat) { 936 $struct['categoryId'] = $cat['cat_ID']; 937 $struct['categoryName'] = $cat['cat_name']; 938 938 939 940 941 939 $categories_struct[] = $struct; 940 } 941 } 942 942 943 943 return $categories_struct; 944 944 } 945 945 946 946 … … 949 949 950 950 $this->escape($args); 951 951 952 953 954 952 $post_ID = $args[0]; 953 $user_login = $args[1]; 954 $user_pass = $args[2]; 955 955 956 957 958 956 if (!$this->login_pass_ok($user_login, $user_pass)) { 957 return $this->error; 958 } 959 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 960 $categories = array(); 961 $catids = wp_get_post_categories(intval($post_ID)); 962 // first listed category will be the primary category 963 $isPrimary = true; 964 foreach($catids as $catid) { 965 $categories[] = array( 966 'categoryName' => get_cat_name($catid), 967 'categoryId' => $catid, 968 'isPrimary' => $isPrimary 969 ); 970 $isPrimary = false; 971 } 972 973 return $categories; 974 974 } 975 975 976 976 … … 979 979 980 980 $this->escape($args); 981 981 982 983 984 985 982 $post_ID = $args[0]; 983 $user_login = $args[1]; 984 $user_pass = $args[2]; 985 $categories = $args[3]; 986 986 987 988 989 987 if (!$this->login_pass_ok($user_login, $user_pass)) { 988 return $this->error; 989 } 990 990 991 992 993 991 set_current_user(0, $user_login); 992 if ( !current_user_can('edit_post', $post_ID) ) 993 return new IXR_Error(401, 'Sorry, you can not edit this post.'); 994 994 995 996 997 995 foreach($categories as $cat) { 996 $catids[] = $cat['categoryId']; 997 } 998 998 999 999 wp_set_post_categories($post_ID, $catids); 1000 1000 1001 1001 return true; 1002 1002 } 1003 1003 1004 1004 1005 1005 /* mt.supportedMethods ...returns an array of methods supported by this server */ 1006 1006 function mt_supportedMethods($args) { 1007 1007 1008 1009 1010 1011 1008 $supported_methods = array(); 1009 foreach($this->methods as $key=>$value) { 1010 $supported_methods[] = $key; 1011 } 1012 1012 1013 1013 return $supported_methods; 1014 1014 } 1015 1015 1016 1016 1017 1017 /* mt.supportedTextFilters ...returns an empty array because we don't 1018 1018 support per-post text filters yet */ 1019 1019 function mt_supportedTextFilters($args) { 1020 1020 return array(); 1021 1021 } 1022 1022 1023 1023 1024 1024 /* mt.getTrackbackPings ...returns trackbacks sent to a given post */ 1025 1025 function mt_getTrackbackPings($args) { 1026 1026 1027 1027 global $wpdb; 1028 1028 1029 1029 $post_ID = intval($args); 1030 1030 1031 1031 $actual_post = wp_get_single_post($post_ID, ARRAY_A); 1032 1032 1033 1034 1035 1033 if (!$actual_post) { 1034 return new IXR_Error(404, 'Sorry, no such post.'); 1035 } 1036 1036 1037 1037 $comments = $wpdb->get_results("SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = $post_ID"); 1038 1038 1039 1040 1041 1039 if (!$comments) { 1040 return array(); 1041 } 1042 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1043 $trackback_pings = array(); 1044 foreach($comments as $comment) { 1045 if ( 'trackback' == $comment->comment_type ) { 1046 $content = $comment->comment_content; 1047 $title = substr($content, 8, (strpos($content, '</strong>') - 8)); 1048 $trackback_pings[] = array( 1049 'pingTitle' => $title, 1050 'pingURL' => $comment->comment_author_url, 1051 'pingIP' => $comment->comment_author_IP 1052 ); 1053 1053 } 1054 1054 } 1055 1055 1056 1056 return $trackback_pings; 1057 1057 } 1058 1058 1059 1059 … … 1062 1062 1063 1063 $this->escape($args); 1064 1064 1065 1066 1067 1065 $post_ID = $args[0]; 1066 $user_login = $args[1]; 1067 $user_pass = $args[2]; 1068 1068 1069 1070 1071 1069 if (!$this->login_pass_ok($user_login, $user_pass)) { 1070 return $this->error; 1071 } 1072 1072 1073 1074 1075 1073 set_current_user(0, $user_login); 1074 if ( !current_user_can('edit_post', $post_ID) ) 1075 return new IXR_Error(401, 'Sorry, you can not edit this post.'); 1076 1076 1077 1077 $postdata = wp_get_single_post($post_ID,ARRAY_A); 1078 1078 1079 1079 $postdata['post_status'] = 'publish'; 1080 1080 1081 1082 1083 1081 // retain old cats 1082 $cats = wp_get_post_categories($post_ID); 1083 $postdata['post_category'] = $cats; 1084 1084 $this->escape($postdata); 1085 1085 1086 1086 $result = wp_update_post($postdata); 1087 1087 1088 1088 return $result; 1089 1089 } 1090 1090 1091 1091 … … 1096 1096 1097 1097 /* pingback.ping gets a pingback and registers it */ 1098 1098 function pingback_ping($args) { 1099 global $wpdb, $wp_version; 1099 global $wpdb, $wp_version; 1100 1100 1101 1101 $this->escape($args); 1102 1102 … … 1113 1113 // Check if the page linked to is in our site 1114 1114 $pos1 = strpos($pagelinkedto, str_replace(array('http://www.','http://','https://www.','https://'), '', get_settings('home'))); 1115 1115 if( !$pos1 ) 1116 1116 return new IXR_Error(0, 'Is there no link to us?'); 1117 1117 1118 1118 // let's find which post is linked to 1119 1119 // FIXME: does url_to_postid() cover all these cases already? … … 1147 1147 $sql = "SELECT ID FROM $wpdb->posts WHERE post_title RLIKE '$title'"; 1148 1148 if (! ($post_ID = $wpdb->get_var($sql)) ) { 1149 1149 // returning unknown error '0' is better than die()ing 1150 1150 return new IXR_Error(0, ''); 1151 1151 } 1152 1152 $way = 'from the fragment (title)'; 1153 1153 } 1154 1154 } else { 1155 1155 // TODO: Attempt to extract a post ID from the given URL 1156 1156 return new IXR_Error(33, 'The specified target URI cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.'); 1157 1157 } 1158 1158 $post_ID = (int) $post_ID; 1159 1159 … … 1163 1163 $post = get_post($post_ID); 1164 1164 1165 1165 if ( !$post ) // Post_ID not found 1166 1166 return new IXR_Error(33, 'The specified target URI cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.'); 1167 1167 1168 1168 if ( $post_ID == url_to_postid($pagelinkedfrom) ) 1169 1169 return new IXR_Error(0, 'The source URI and the target URI cannot both point to the same resource.'); 1170 1170 1171 1171 // Check if pings are on 1172 1172 if ( 'closed' == $post->ping_status ) 1173 1173 return new IXR_Error(33, 'The specified target URI cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.'); 1174 1174 1175 1175 // Let's check that the remote site didn't already pingback this entry 1176 1176 $result = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post_ID' AND comment_author_url = '$pagelinkedfrom'"); 1177 1177 1178 1178 if ( $wpdb->num_rows ) // We already have a Pingback from this URL 1179 1179 return new IXR_Error(48, 'The pingback has already been registered.'); 1180 1180 1181 1181 // very stupid, but gives time to the 'from' server to publish ! 1182 1182 sleep(1); … … 1184 1184 // Let's check the remote site 1185 1185 $linea = wp_remote_fopen( $pagelinkedfrom ); 1186 1186 if ( !$linea ) 1187 1187 return new IXR_Error(16, 'The source URI does not exist.'); 1188 1188 1189 1189 // Work around bug in strip_tags(): 1190 1190 $linea = str_replace('<!DOC', '<DOC', $linea); … … 1244 1244 1245 1245 1246 1246 /* pingback.extensions.getPingbacks returns an array of URLs 1247 1248 1247 that pingbacked the given URL 1248 specs on http://www.aquarionics.com/misc/archives/blogite/0198.html */ 1249 1249 function pingback_extensions_getPingbacks($args) { 1250 1250 1251 1251 global $wpdb; … … 1257 1257 $post_ID = url_to_postid($url); 1258 1258 if (!$post_ID) { 1259 1259 // We aren't sure that the resource is available and/or pingback enabled 1260 1260 return new IXR_Error(33, 'The specified target URI cannot be used as a target. It either doesn\'t exist, or it is not a pingback-enabled resource.'); 1261 1261 } 1262 1262 1263 1263 $actual_post = wp_get_single_post($post_ID, ARRAY_A); 1264 1264 1265 1265 if (!$actual_post) { 1266 1266 // No such post = resource not found 1267 1267 return new IXR_Error(32, 'The specified target URI does not exist.'); 1268 1268 } 1269 1269 1270 1270 $comments = $wpdb->get_results("SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = $post_ID");
