Ticket #27506: 27506.diff
| File 27506.diff, 29.3 KB (added by , 7 years ago) |
|---|
-
src/wp-includes/class-wp-xmlrpc-server.php
127 127 ); 128 128 129 129 $this->initialise_blog_option_info(); 130 $this->methods = apply_filters('xmlrpc_methods', $this->methods); 130 131 /** 132 * Filter the methods exposed by the XML-RPC server. 133 * 134 * This filter can be used to add new methods, and remove built-in methods. 135 * 136 * @since 1.5.0 137 * 138 * @param object $methods An array of methods. 139 */ 140 $this->methods = apply_filters( 'xmlrpc_methods', $this->methods ); 131 141 } 132 142 133 143 function serve_request() { … … 171 181 */ 172 182 function login( $username, $password ) { 173 183 // Respect any old filters against get_option() for 'enable_xmlrpc'. 184 185 /** 186 * Filter 187 * 188 * @since 3.5.0 189 * @deprecated 3.5.0 Use xmlrpc_enabled instead. 190 * 191 * @param 192 */ 174 193 $enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated 175 194 if ( false === $enabled ) 195 196 /** 197 * Filter 198 * 199 * @since 3.5.0 200 * @deprecated 3.5.0 Use xmlrpc_enabled instead. 201 * 202 * @param 203 */ 176 204 $enabled = apply_filters( 'option_enable_xmlrpc', true ); // Deprecated 177 205 178 // Proper filter for turning off XML-RPC. It is on by default. 206 /** 207 * Filter whether XML-RPC is enabled. 208 * 209 * This is the proper filter for turning off XML-RPC. 210 * 211 * @since 3.5.0 212 * 213 * @param bool $enabled Whether XML-RPC is enabled. Default on. 214 */ 179 215 $enabled = apply_filters( 'xmlrpc_enabled', $enabled ); 180 216 181 217 if ( ! $enabled ) { … … 187 223 188 224 if (is_wp_error($user)) { 189 225 $this->error = new IXR_Error( 403, __( 'Incorrect username or password.' ) ); 226 227 /** 228 * Filter the user login error message. 229 * 230 * @since 3.5.0 231 * 232 * @param string $error The error message. 233 * @param WP_User $user WP_User object. 234 */ 190 235 $this->error = apply_filters( 'xmlrpc_login_error', $this->error, $user ); 191 236 return false; 192 237 } … … 441 486 ) 442 487 ); 443 488 489 /** 490 * Filter the blog options property. 491 * 492 * @since 2.6.0 493 * 494 * @param array $blog_options An array of blog options. 495 */ 444 496 $this->blog_options = apply_filters( 'xmlrpc_blog_options', $this->blog_options ); 445 497 } 446 498 … … 474 526 if ( !$user = $this->login($username, $password) ) 475 527 return $this->error; 476 528 529 /** 530 * Fires after the user has been authenticated but before the rest of 531 * the method logic begins. 532 * 533 * All built-in XML-RPC methods use the action xmlrpc_call, with a parameter 534 * equal to the method's name, e.g., wp.getUsersBlogs, wp.newPost, etc. 535 * 536 * @since 2.5.0 537 * 538 * @param method $name The method name. 539 */ 477 540 do_action( 'xmlrpc_call', 'wp.getUsersBlogs' ); 478 541 479 542 $blogs = (array) get_blogs_of_user( $user->ID ); … … 972 1035 if ( ! $user = $this->login( $username, $password ) ) 973 1036 return $this->error; 974 1037 1038 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 975 1039 do_action( 'xmlrpc_call', 'wp.newPost' ); 976 1040 977 1041 unset( $content_struct['ID'] ); … … 1258 1322 if ( ! $user = $this->login( $username, $password ) ) 1259 1323 return $this->error; 1260 1324 1325 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1261 1326 do_action( 'xmlrpc_call', 'wp.editPost' ); 1262 1327 1263 1328 $post = get_post( $post_id, ARRAY_A ); … … 1319 1384 if ( ! $user = $this->login( $username, $password ) ) 1320 1385 return $this->error; 1321 1386 1387 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1322 1388 do_action( 'xmlrpc_call', 'wp.deletePost' ); 1323 1389 1324 1390 $post = get_post( $post_id, ARRAY_A ); … … 1394 1460 if ( isset( $args[4] ) ) 1395 1461 $fields = $args[4]; 1396 1462 else 1463 1464 /** 1465 * Filter the conceptual groups used to retrieve a post. 1466 * 1467 * @since 3.4.0 1468 * 1469 * @param array $fields An array of conceptual groups. Default 'post', 1470 * 'terms', 'custom_fields'. 1471 * @param string $method The method used to retrieve the post fields. 1472 */ 1397 1473 $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPost' ); 1398 1474 1399 1475 if ( ! $user = $this->login( $username, $password ) ) 1400 1476 return $this->error; 1401 1477 1478 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1402 1479 do_action( 'xmlrpc_call', 'wp.getPost' ); 1403 1480 1404 1481 $post = get_post( $post_id, ARRAY_A ); … … 1450 1527 if ( isset( $args[4] ) ) 1451 1528 $fields = $args[4]; 1452 1529 else 1530 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1453 1531 $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPosts' ); 1454 1532 1455 1533 if ( ! $user = $this->login( $username, $password ) ) 1456 1534 return $this->error; 1457 1535 1536 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1458 1537 do_action( 'xmlrpc_call', 'wp.getPosts' ); 1459 1538 1460 1539 $query = array(); … … 1544 1623 if ( ! $user = $this->login( $username, $password ) ) 1545 1624 return $this->error; 1546 1625 1626 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1547 1627 do_action( 'xmlrpc_call', 'wp.newTerm' ); 1548 1628 1549 1629 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) … … 1632 1712 if ( ! $user = $this->login( $username, $password ) ) 1633 1713 return $this->error; 1634 1714 1715 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1635 1716 do_action( 'xmlrpc_call', 'wp.editTerm' ); 1636 1717 1637 1718 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) … … 1724 1805 if ( ! $user = $this->login( $username, $password ) ) 1725 1806 return $this->error; 1726 1807 1808 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1727 1809 do_action( 'xmlrpc_call', 'wp.deleteTerm' ); 1728 1810 1729 1811 if ( ! taxonomy_exists( $taxonomy ) ) … … 1791 1873 if ( ! $user = $this->login( $username, $password ) ) 1792 1874 return $this->error; 1793 1875 1876 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1794 1877 do_action( 'xmlrpc_call', 'wp.getTerm' ); 1795 1878 1796 1879 if ( ! taxonomy_exists( $taxonomy ) ) … … 1844 1927 if ( ! $user = $this->login( $username, $password ) ) 1845 1928 return $this->error; 1846 1929 1930 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1847 1931 do_action( 'xmlrpc_call', 'wp.getTerms' ); 1848 1932 1849 1933 if ( ! taxonomy_exists( $taxonomy ) ) … … 1923 2007 if ( ! $user = $this->login( $username, $password ) ) 1924 2008 return $this->error; 1925 2009 2010 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1926 2011 do_action( 'xmlrpc_call', 'wp.getTaxonomy' ); 1927 2012 1928 2013 if ( ! taxonomy_exists( $taxonomy ) ) … … 1962 2047 if ( isset( $args[4] ) ) 1963 2048 $fields = $args[4]; 1964 2049 else 2050 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1965 2051 $fields = apply_filters( 'xmlrpc_default_taxonomy_fields', array( 'labels', 'cap', 'object_type' ), 'wp.getTaxonomies' ); 1966 2052 1967 2053 if ( ! $user = $this->login( $username, $password ) ) 1968 2054 return $this->error; 1969 2055 2056 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1970 2057 do_action( 'xmlrpc_call', 'wp.getTaxonomies' ); 1971 2058 1972 2059 $taxonomies = get_taxonomies( $filter, 'objects' ); … … 2036 2123 if ( ! $user = $this->login( $username, $password ) ) 2037 2124 return $this->error; 2038 2125 2126 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2039 2127 do_action( 'xmlrpc_call', 'wp.getUser' ); 2040 2128 2041 2129 if ( ! current_user_can( 'edit_user', $user_id ) ) … … 2084 2172 if ( isset( $args[4] ) ) 2085 2173 $fields = $args[4]; 2086 2174 else 2175 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2087 2176 $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getUsers' ); 2088 2177 2089 2178 if ( ! $user = $this->login( $username, $password ) ) 2090 2179 return $this->error; 2091 2180 2181 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2092 2182 do_action( 'xmlrpc_call', 'wp.getUsers' ); 2093 2183 2094 2184 if ( ! current_user_can( 'list_users' ) ) … … 2151 2241 if ( isset( $args[3] ) ) 2152 2242 $fields = $args[3]; 2153 2243 else 2244 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2154 2245 $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getProfile' ); 2155 2246 2156 2247 if ( ! $user = $this->login( $username, $password ) ) 2157 2248 return $this->error; 2158 2249 2250 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2159 2251 do_action( 'xmlrpc_call', 'wp.getProfile' ); 2160 2252 2161 2253 if ( ! current_user_can( 'edit_user', $user->ID ) ) … … 2199 2291 if ( ! $user = $this->login( $username, $password ) ) 2200 2292 return $this->error; 2201 2293 2294 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2202 2295 do_action( 'xmlrpc_call', 'wp.editProfile' ); 2203 2296 2204 2297 if ( ! current_user_can( 'edit_user', $user->ID ) ) … … 2272 2365 if ( !current_user_can( 'edit_page', $page_id ) ) 2273 2366 return new IXR_Error( 401, __( 'Sorry, you cannot edit this page.' ) ); 2274 2367 2275 do_action('xmlrpc_call', 'wp.getPage'); 2368 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2369 do_action( 'xmlrpc_call', 'wp.getPage' ); 2276 2370 2277 2371 // If we found the page then format the data. 2278 2372 if ( $page->ID && ($page->post_type == 'page') ) { … … 2310 2404 if ( !current_user_can( 'edit_pages' ) ) 2311 2405 return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) ); 2312 2406 2313 do_action('xmlrpc_call', 'wp.getPages'); 2407 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2408 do_action( 'xmlrpc_call', 'wp.getPages' ); 2314 2409 2315 2410 $pages = get_posts( array('post_type' => 'page', 'post_status' => 'any', 'numberposts' => $num_pages) ); 2316 2411 $num_pages = count($pages); … … 2350 2445 if ( !$user = $this->login($username, $password) ) 2351 2446 return $this->error; 2352 2447 2353 do_action('xmlrpc_call', 'wp.newPage'); 2448 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2449 do_action( 'xmlrpc_call', 'wp.newPage' ); 2354 2450 2355 2451 // Mark this as content for a page. 2356 2452 $args[3]["post_type"] = 'page'; … … 2378 2474 if ( !$user = $this->login($username, $password) ) 2379 2475 return $this->error; 2380 2476 2381 do_action('xmlrpc_call', 'wp.deletePage'); 2477 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2478 do_action( 'xmlrpc_call', 'wp.deletePage' ); 2382 2479 2383 2480 // Get the current page based on the page_id and 2384 2481 // make sure it is a page and not a post. … … 2420 2517 if ( !$user = $this->login($username, $password) ) 2421 2518 return $this->error; 2422 2519 2423 do_action('xmlrpc_call', 'wp.editPage'); 2520 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2521 do_action( 'xmlrpc_call', 'wp.editPage' ); 2424 2522 2425 2523 // Get the page data and make sure it is a page. 2426 2524 $actual_page = get_post($page_id, ARRAY_A); … … 2470 2568 if ( !current_user_can( 'edit_pages' ) ) 2471 2569 return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) ); 2472 2570 2473 do_action('xmlrpc_call', 'wp.getPageList'); 2571 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2572 do_action( 'xmlrpc_call', 'wp.getPageList' ); 2474 2573 2475 2574 // Get list of pages ids and titles 2476 2575 $page_list = $wpdb->get_results(" … … 2521 2620 if ( !current_user_can('edit_posts') ) 2522 2621 return(new IXR_Error(401, __('Sorry, you cannot edit posts on this site.'))); 2523 2622 2524 do_action('xmlrpc_call', 'wp.getAuthors'); 2623 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2624 do_action( 'xmlrpc_call', 'wp.getAuthors' ); 2525 2625 2526 2626 $authors = array(); 2527 2627 foreach ( get_users( array( 'fields' => array('ID','user_login','display_name') ) ) as $user ) { … … 2556 2656 if ( !current_user_can( 'edit_posts' ) ) 2557 2657 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view tags.' ) ); 2558 2658 2659 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2559 2660 do_action( 'xmlrpc_call', 'wp.getKeywords' ); 2560 2661 2561 2662 $tags = array(); … … 2595 2696 if ( !$user = $this->login($username, $password) ) 2596 2697 return $this->error; 2597 2698 2598 do_action('xmlrpc_call', 'wp.newCategory'); 2699 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2700 do_action( 'xmlrpc_call', 'wp.newCategory' ); 2599 2701 2600 2702 // Make sure the user is allowed to add a category. 2601 2703 if ( !current_user_can('manage_categories') ) … … 2656 2758 if ( !$user = $this->login($username, $password) ) 2657 2759 return $this->error; 2658 2760 2659 do_action('xmlrpc_call', 'wp.deleteCategory'); 2761 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2762 do_action( 'xmlrpc_call', 'wp.deleteCategory' ); 2660 2763 2661 2764 if ( !current_user_can('manage_categories') ) 2662 2765 return new IXR_Error( 401, __( 'Sorry, you do not have the right to delete a category.' ) ); … … 2692 2795 if ( !current_user_can( 'edit_posts' ) ) 2693 2796 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts to this site in order to view categories.' ) ); 2694 2797 2695 do_action('xmlrpc_call', 'wp.suggestCategories'); 2798 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2799 do_action( 'xmlrpc_call', 'wp.suggestCategories' ); 2696 2800 2697 2801 $category_suggestions = array(); 2698 2802 $args = array('get' => 'all', 'number' => $max_results, 'name__like' => $category); … … 2728 2832 if ( !current_user_can( 'moderate_comments' ) ) 2729 2833 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 2730 2834 2731 do_action('xmlrpc_call', 'wp.getComment'); 2835 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2836 do_action( 'xmlrpc_call', 'wp.getComment' ); 2732 2837 2733 2838 if ( ! $comment = get_comment($comment_id) ) 2734 2839 return new IXR_Error( 404, __( 'Invalid comment ID.' ) ); … … 2769 2874 if ( !current_user_can( 'moderate_comments' ) ) 2770 2875 return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) ); 2771 2876 2772 do_action('xmlrpc_call', 'wp.getComments'); 2877 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2878 do_action( 'xmlrpc_call', 'wp.getComments' ); 2773 2879 2774 2880 if ( isset($struct['status']) ) 2775 2881 $status = $struct['status']; … … 2835 2941 if ( !current_user_can( 'edit_comment', $comment_ID ) ) 2836 2942 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 2837 2943 2838 do_action('xmlrpc_call', 'wp.deleteComment'); 2944 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2945 do_action( 'xmlrpc_call', 'wp.deleteComment' ); 2839 2946 2840 2947 $status = wp_delete_comment( $comment_ID ); 2841 2948 … … 2890 2997 if ( !current_user_can( 'edit_comment', $comment_ID ) ) 2891 2998 return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) ); 2892 2999 2893 do_action('xmlrpc_call', 'wp.editComment'); 3000 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3001 do_action( 'xmlrpc_call', 'wp.editComment' ); 2894 3002 2895 3003 if ( isset($content_struct['status']) ) { 2896 3004 $statuses = get_comment_statuses(); … … 2955 3063 $post = $args[3]; 2956 3064 $content_struct = $args[4]; 2957 3065 2958 $allow_anon = apply_filters( 'xmlrpc_allow_anonymous_comments', false);3066 $allow_anon = apply_filters( 'xmlrpc_allow_anonymous_comments', false ); 2959 3067 2960 3068 $user = $this->login($username, $password); 2961 3069 … … 3014 3122 3015 3123 $comment['comment_content'] = isset($content_struct['content']) ? $content_struct['content'] : null; 3016 3124 3017 do_action('xmlrpc_call', 'wp.newComment'); 3125 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3126 do_action( 'xmlrpc_call', 'wp.newComment' ); 3018 3127 3019 3128 $comment_ID = wp_new_comment( $comment ); 3020 3129 … … 3044 3153 if ( !current_user_can( 'moderate_comments' ) ) 3045 3154 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 3046 3155 3047 do_action('xmlrpc_call', 'wp.getCommentStatusList'); 3156 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3157 do_action( 'xmlrpc_call', 'wp.getCommentStatusList' ); 3048 3158 3049 3159 return get_comment_statuses(); 3050 3160 } … … 3071 3181 if ( !current_user_can( 'edit_posts' ) ) 3072 3182 return new IXR_Error( 403, __( 'You are not allowed access to details about comments.' ) ); 3073 3183 3074 do_action('xmlrpc_call', 'wp.getCommentCount'); 3184 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3185 do_action( 'xmlrpc_call', 'wp.getCommentCount' ); 3075 3186 3076 3187 $count = wp_count_comments( $post_id ); 3077 3188 return array( … … 3103 3214 if ( !current_user_can( 'edit_posts' ) ) 3104 3215 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 3105 3216 3106 do_action('xmlrpc_call', 'wp.getPostStatusList'); 3217 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3218 do_action( 'xmlrpc_call', 'wp.getPostStatusList' ); 3107 3219 3108 3220 return get_post_statuses(); 3109 3221 } … … 3129 3241 if ( !current_user_can( 'edit_pages' ) ) 3130 3242 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 3131 3243 3132 do_action('xmlrpc_call', 'wp.getPageStatusList'); 3244 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3245 do_action( 'xmlrpc_call', 'wp.getPageStatusList' ); 3133 3246 3134 3247 return get_page_statuses(); 3135 3248 } … … 3286 3399 if ( !current_user_can( 'upload_files' ) ) 3287 3400 return new IXR_Error( 403, __( 'You do not have permission to upload files.' ) ); 3288 3401 3289 do_action('xmlrpc_call', 'wp.getMediaItem'); 3402 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3403 do_action( 'xmlrpc_call', 'wp.getMediaItem' ); 3290 3404 3291 3405 if ( ! $attachment = get_post($attachment_id) ) 3292 3406 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); … … 3331 3445 if ( !current_user_can( 'upload_files' ) ) 3332 3446 return new IXR_Error( 401, __( 'You do not have permission to upload files.' ) ); 3333 3447 3334 do_action('xmlrpc_call', 'wp.getMediaLibrary'); 3448 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3449 do_action( 'xmlrpc_call', 'wp.getMediaLibrary' ); 3335 3450 3336 3451 $parent_id = ( isset($struct['parent_id']) ) ? absint($struct['parent_id']) : '' ; 3337 3452 $mime_type = ( isset($struct['mime_type']) ) ? $struct['mime_type'] : '' ; … … 3372 3487 if ( !current_user_can( 'edit_posts' ) ) 3373 3488 return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) ); 3374 3489 3490 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3375 3491 do_action( 'xmlrpc_call', 'wp.getPostFormats' ); 3376 3492 3377 3493 $formats = get_post_format_strings(); … … 3435 3551 if ( !$user = $this->login( $username, $password ) ) 3436 3552 return $this->error; 3437 3553 3554 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3438 3555 do_action( 'xmlrpc_call', 'wp.getPostType' ); 3439 3556 3440 3557 if( ! post_type_exists( $post_type_name ) ) … … 3476 3593 if ( isset( $args[4] ) ) 3477 3594 $fields = $args[4]; 3478 3595 else 3596 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3479 3597 $fields = apply_filters( 'xmlrpc_default_posttype_fields', array( 'labels', 'cap', 'taxonomies' ), 'wp.getPostTypes' ); 3480 3598 3481 3599 if ( ! $user = $this->login( $username, $password ) ) 3482 3600 return $this->error; 3483 3601 3602 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3484 3603 do_action( 'xmlrpc_call', 'wp.getPostTypes' ); 3485 3604 3486 3605 $post_types = get_post_types( $filter, 'objects' ); … … 3535 3654 if ( ! $user = $this->login( $username, $password ) ) 3536 3655 return $this->error; 3537 3656 3657 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3538 3658 do_action( 'xmlrpc_call', 'wp.getRevisions' ); 3539 3659 3540 3660 if ( ! $post = get_post( $post_id ) ) … … 3596 3716 if ( ! $user = $this->login( $username, $password ) ) 3597 3717 return $this->error; 3598 3718 3719 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3599 3720 do_action( 'xmlrpc_call', 'wp.restoreRevision' ); 3600 3721 3601 3722 if ( ! $revision = wp_get_post_revision( $revision_id ) ) … … 3645 3766 if ( !$user = $this->login($username, $password) ) 3646 3767 return $this->error; 3647 3768 3648 do_action('xmlrpc_call', 'blogger.getUsersBlogs'); 3769 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3770 do_action( 'xmlrpc_call', 'blogger.getUsersBlogs' ); 3649 3771 3650 3772 $is_admin = current_user_can('manage_options'); 3651 3773 … … 3712 3834 if ( !current_user_can( 'edit_posts' ) ) 3713 3835 return new IXR_Error( 401, __( 'Sorry, you do not have access to user data on this site.' ) ); 3714 3836 3715 do_action('xmlrpc_call', 'blogger.getUserInfo'); 3837 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3838 do_action( 'xmlrpc_call', 'blogger.getUserInfo' ); 3716 3839 3717 3840 $struct = array( 3718 3841 'nickname' => $user->nickname, … … 3751 3874 if ( !current_user_can( 'edit_post', $post_ID ) ) 3752 3875 return new IXR_Error( 401, __( 'Sorry, you cannot edit this post.' ) ); 3753 3876 3754 do_action('xmlrpc_call', 'blogger.getPost'); 3877 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3878 do_action( 'xmlrpc_call', 'blogger.getPost' ); 3755 3879 3756 3880 $categories = implode(',', wp_get_post_categories($post_ID)); 3757 3881 … … 3796 3920 if ( ! current_user_can( 'edit_posts' ) ) 3797 3921 return new IXR_Error( 401, __( 'Sorry, you cannot edit posts on this site.' ) ); 3798 3922 3799 do_action('xmlrpc_call', 'blogger.getRecentPosts'); 3923 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 3924 do_action( 'xmlrpc_call', 'blogger.getRecentPosts' ); 3800 3925 3801 3926 $posts_list = wp_get_recent_posts( $query ); 3802 3927 … … 3874 3999 if ( !$user = $this->login($username, $password) ) 3875 4000 return $this->error; 3876 4001 3877 do_action('xmlrpc_call', 'blogger.newPost'); 4002 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4003 do_action( 'xmlrpc_call', 'blogger.newPost' ); 3878 4004 3879 4005 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 3880 4006 if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) || !current_user_can($cap) ) … … 3928 4054 if ( !$user = $this->login($username, $password) ) 3929 4055 return $this->error; 3930 4056 3931 do_action('xmlrpc_call', 'blogger.editPost'); 4057 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4058 do_action( 'xmlrpc_call', 'blogger.editPost' ); 3932 4059 3933 4060 $actual_post = get_post($post_ID,ARRAY_A); 3934 4061 … … 3982 4109 if ( !$user = $this->login($username, $password) ) 3983 4110 return $this->error; 3984 4111 3985 do_action('xmlrpc_call', 'blogger.deletePost'); 4112 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4113 do_action( 'xmlrpc_call', 'blogger.deletePost' ); 3986 4114 3987 4115 $actual_post = get_post($post_ID,ARRAY_A); 3988 4116 … … 4053 4181 if ( !$user = $this->login($username, $password) ) 4054 4182 return $this->error; 4055 4183 4056 do_action('xmlrpc_call', 'metaWeblog.newPost'); 4184 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4185 do_action( 'xmlrpc_call', 'metaWeblog.newPost' ); 4057 4186 4058 4187 $page_template = ''; 4059 4188 if ( !empty( $content_struct['post_type'] ) ) { … … 4372 4501 if ( ! $user = $this->login($username, $password) ) 4373 4502 return $this->error; 4374 4503 4375 do_action('xmlrpc_call', 'metaWeblog.editPost'); 4504 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4505 do_action( 'xmlrpc_call', 'metaWeblog.editPost' ); 4376 4506 4377 4507 $postdata = get_post( $post_ID, ARRAY_A ); 4378 4508 … … 4646 4776 if ( !current_user_can( 'edit_post', $post_ID ) ) 4647 4777 return new IXR_Error( 401, __( 'Sorry, you cannot edit this post.' ) ); 4648 4778 4649 do_action('xmlrpc_call', 'metaWeblog.getPost'); 4779 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4780 do_action( 'xmlrpc_call', 'metaWeblog.getPost' ); 4650 4781 4651 4782 if ($postdata['post_date'] != '') { 4652 4783 $post_date = $this->_convert_date( $postdata['post_date'] ); … … 4770 4901 if ( ! current_user_can( 'edit_posts' ) ) 4771 4902 return new IXR_Error( 401, __( 'Sorry, you cannot edit posts on this site.' ) ); 4772 4903 4773 do_action('xmlrpc_call', 'metaWeblog.getRecentPosts'); 4904 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4905 do_action( 'xmlrpc_call', 'metaWeblog.getRecentPosts' ); 4774 4906 4775 4907 $posts_list = wp_get_recent_posts( $query ); 4776 4908 … … 4885 5017 if ( !current_user_can( 'edit_posts' ) ) 4886 5018 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) ); 4887 5019 4888 do_action('xmlrpc_call', 'metaWeblog.getCategories'); 5020 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5021 do_action( 'xmlrpc_call', 'metaWeblog.getCategories' ); 4889 5022 4890 5023 $categories_struct = array(); 4891 5024 … … 4933 5066 if ( !$user = $this->login($username, $password) ) 4934 5067 return $this->error; 4935 5068 4936 do_action('xmlrpc_call', 'metaWeblog.newMediaObject'); 5069 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5070 do_action( 'xmlrpc_call', 'metaWeblog.newMediaObject' ); 4937 5071 4938 5072 if ( !current_user_can('upload_files') ) { 4939 5073 $this->error = new IXR_Error( 401, __( 'You do not have permission to upload files.' ) ); … … 5027 5161 if ( !$user = $this->login($username, $password) ) 5028 5162 return $this->error; 5029 5163 5030 do_action('xmlrpc_call', 'mt.getRecentPostTitles'); 5164 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5165 do_action( 'xmlrpc_call', 'mt.getRecentPostTitles' ); 5031 5166 5032 5167 $posts_list = wp_get_recent_posts( $query ); 5033 5168 … … 5086 5221 if ( !current_user_can( 'edit_posts' ) ) 5087 5222 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) ); 5088 5223 5089 do_action('xmlrpc_call', 'mt.getCategoryList'); 5224 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5225 do_action( 'xmlrpc_call', 'mt.getCategoryList' ); 5090 5226 5091 5227 $categories_struct = array(); 5092 5228 … … 5127 5263 if ( !current_user_can( 'edit_post', $post_ID ) ) 5128 5264 return new IXR_Error( 401, __( 'Sorry, you can not edit this post.' ) ); 5129 5265 5130 do_action('xmlrpc_call', 'mt.getPostCategories'); 5266 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5267 do_action( 'xmlrpc_call', 'mt.getPostCategories' ); 5131 5268 5132 5269 $categories = array(); 5133 5270 $catids = wp_get_post_categories(intval($post_ID)); … … 5165 5302 if ( !$user = $this->login($username, $password) ) 5166 5303 return $this->error; 5167 5304 5168 do_action('xmlrpc_call', 'mt.setPostCategories'); 5305 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5306 do_action( 'xmlrpc_call', 'mt.setPostCategories' ); 5169 5307 5170 5308 if ( ! get_post( $post_ID ) ) 5171 5309 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); … … 5193 5331 */ 5194 5332 function mt_supportedMethods($args) { 5195 5333 5196 do_action('xmlrpc_call', 'mt.supportedMethods'); 5334 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5335 do_action( 'xmlrpc_call', 'mt.supportedMethods' ); 5197 5336 5198 5337 $supported_methods = array(); 5199 5338 foreach ( $this->methods as $key => $value ) { … … 5211 5350 * @param array $args Method parameters. 5212 5351 */ 5213 5352 function mt_supportedTextFilters($args) { 5214 do_action('xmlrpc_call', 'mt.supportedTextFilters'); 5215 return apply_filters('xmlrpc_text_filters', array()); 5353 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5354 do_action( 'xmlrpc_call', 'mt.supportedTextFilters' ); 5355 5356 return apply_filters( 'xmlrpc_text_filters', array() ); 5216 5357 } 5217 5358 5218 5359 /** … … 5229 5370 5230 5371 $post_ID = intval($args); 5231 5372 5232 do_action('xmlrpc_call', 'mt.getTrackbackPings'); 5373 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5374 do_action( 'xmlrpc_call', 'mt.getTrackbackPings' ); 5233 5375 5234 5376 $actual_post = get_post($post_ID, ARRAY_A); 5235 5377 … … 5276 5418 if ( !$user = $this->login($username, $password) ) 5277 5419 return $this->error; 5278 5420 5279 do_action('xmlrpc_call', 'mt.publishPost'); 5421 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5422 do_action( 'xmlrpc_call', 'mt.publishPost' ); 5280 5423 5281 5424 $postdata = get_post($post_ID, ARRAY_A); 5282 5425 if ( ! $postdata ) … … 5312 5455 function pingback_ping($args) { 5313 5456 global $wpdb; 5314 5457 5315 do_action('xmlrpc_call', 'pingback.ping'); 5458 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5459 do_action( 'xmlrpc_call', 'pingback.ping' ); 5316 5460 5317 5461 $this->escape($args); 5318 5462 … … 5325 5469 $pagelinkedto = str_replace('&', '&', $pagelinkedto); 5326 5470 $pagelinkedto = str_replace('&', '&', $pagelinkedto); 5327 5471 5472 /** 5473 * Filter the pingback source URI. 5474 * 5475 * @since 3.6.0 5476 * 5477 * @param string $pagelinkedfrom The URI of the page linked from. 5478 * @param string $pagelinkedto The URI of the page linked to. 5479 */ 5328 5480 $pagelinkedfrom = apply_filters( 'pingback_ping_source_uri', $pagelinkedfrom, $pagelinkedto ); 5329 5481 if ( ! $pagelinkedfrom ) 5330 5482 return $this->pingback_error( 0, __( 'A valid URL was not provided.' ) ); … … 5406 5558 if ( !$linea ) 5407 5559 return $this->pingback_error( 16, __( 'The source URL does not exist.' ) ); 5408 5560 5409 $linea = apply_filters( 'pre_remote_source', $linea, $pagelinkedto);5561 $linea = apply_filters( 'pre_remote_source', $linea, $pagelinkedto ); 5410 5562 5411 5563 // Work around bug in strip_tags(): 5412 5564 $linea = str_replace('<!DOC', '<DOC', $linea); … … 5471 5623 $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_content', 'comment_type'); 5472 5624 5473 5625 $comment_ID = wp_new_comment($commentdata); 5474 do_action( 'pingback_post', $comment_ID);5626 do_action( 'pingback_post', $comment_ID ); 5475 5627 5476 5628 return sprintf(__('Pingback from %1$s to %2$s registered. Keep the web talking! :-)'), $pagelinkedfrom, $pagelinkedto); 5477 5629 } … … 5490 5642 5491 5643 global $wpdb; 5492 5644 5493 do_action('xmlrpc_call', 'pingback.extensions.getPingbacks'); 5645 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5646 do_action( 'xmlrpc_call', 'pingback.extensions.getPingbacks' ); 5494 5647 5495 5648 $this->escape($args); 5496 5649