Ticket #41057: 41057-src-root.diff
File 41057-src-root.diff, 102.5 KB (added by , 8 years ago) |
---|
-
src/index.php
11 11 * 12 12 * @var bool 13 13 */ 14 define( 'WP_USE_THEMES', true);14 define( 'WP_USE_THEMES', true ); 15 15 16 16 /** Loads the WordPress Environment and Template */ 17 17 require( dirname( __FILE__ ) . '/wp-blog-header.php' ); -
src/wp-activate.php
9 9 define( 'WP_INSTALLING', true ); 10 10 11 11 /** Sets up the WordPress Environment. */ 12 require( dirname( __FILE__) . '/wp-load.php' );12 require( dirname( __FILE__ ) . '/wp-load.php' ); 13 13 14 14 require( dirname( __FILE__ ) . '/wp-blog-header.php' ); 15 15 16 if ( ! is_multisite() ) {16 if ( ! is_multisite() ) { 17 17 wp_redirect( wp_registration_url() ); 18 18 die(); 19 19 } 20 20 21 if ( is_object( $wp_object_cache ) ) 21 if ( is_object( $wp_object_cache ) ) { 22 22 $wp_object_cache->cache_enabled = false; 23 } 23 24 24 25 // Fix for page title 25 26 $wp_query->is_404 = false; … … 43 44 * Fires before the Site Activation page is loaded. 44 45 * 45 46 * Fires on the {@see 'wp_head'} action. 46 47 48 49 47 * 48 * @since 3.0.0 49 */ 50 do_action( 'activate_wp_head' ); 50 51 } 51 52 add_action( 'wp_head', 'do_activate_header' ); 52 53 … … 73 74 74 75 <div id="signup-content" class="widecolumn"> 75 76 <div class="wp-activate-container"> 76 <?php if ( empty( $_GET['key']) && empty($_POST['key']) ) { ?>77 <?php if ( empty( $_GET['key'] ) && empty( $_POST['key'] ) ) { ?> 77 78 78 <h2><?php _e( 'Activation Key Required') ?></h2>79 <form name="activateform" id="activateform" method="post" action="<?php echo network_site_url( 'wp-activate.php'); ?>">79 <h2><?php _e( 'Activation Key Required' ) ?></h2> 80 <form name="activateform" id="activateform" method="post" action="<?php echo network_site_url( 'wp-activate.php' ); ?>"> 80 81 <p> 81 <label for="key"><?php _e('Activation Key:') ?></label>82 82 <label for="key"><?php _e( 'Activation Key:' ) ?></label> 83 <br /><input type="text" name="key" id="key" value="" size="50" /> 83 84 </p> 84 85 <p class="submit"> 85 <input id="submit" type="submit" name="Submit" class="submit" value="<?php esc_attr_e('Activate') ?>" />86 <input id="submit" type="submit" name="Submit" class="submit" value="<?php esc_attr_e( 'Activate' ) ?>" /> 86 87 </p> 87 88 </form> 88 89 89 90 <?php } else { 90 91 91 $key = ! empty($_GET['key']) ? $_GET['key'] : $_POST['key'];92 $key = ! empty( $_GET['key'] ) ? $_GET['key'] : $_POST['key']; 92 93 $result = wpmu_activate_signup( $key ); 93 if ( is_wp_error($result) ) {94 95 96 97 <h2><?php _e('Your account is now active!'); ?></h2>94 if ( is_wp_error( $result ) ) { 95 if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) { 96 $signup = $result->get_error_data(); 97 ?> 98 <h2><?php _e( 'Your account is now active!' ); ?></h2> 98 99 <?php 99 100 echo '<p class="lead-in">'; 100 101 if ( $signup->domain . $signup->path == '' ) { … … 118 119 ); 119 120 } 120 121 echo '</p>'; 121 } else {122 ?>123 <h2><?php _e( 'An error occurred during the activation' ); ?></h2>124 <p><?php echo $result->get_error_message(); ?></p>125 <?php126 }127 122 } else { 128 $url = isset( $result['blog_id'] ) ? get_home_url( (int) $result['blog_id'] ) : '';129 $user = get_userdata( (int) $result['user_id'] );130 123 ?> 131 <h2><?php _e('Your account is now active!'); ?></h2> 132 133 <div id="signup-welcome"> 134 <p><span class="h3"><?php _e('Username:'); ?></span> <?php echo $user->user_login ?></p> 135 <p><span class="h3"><?php _e('Password:'); ?></span> <?php echo $result['password']; ?></p> 136 </div> 124 <h2><?php _e( 'An error occurred during the activation' ); ?></h2> 125 <p><?php echo $result->get_error_message(); ?></p> 126 <?php 127 } 128 } else { 129 $url = isset( $result['blog_id'] ) ? get_home_url( (int) $result['blog_id'] ) : ''; 130 $user = get_userdata( (int) $result['user_id'] ); 131 ?> 132 <h2><?php _e( 'Your account is now active!' ); ?></h2> 133 134 <div id="signup-welcome"> 135 <p><span class="h3"><?php _e( 'Username:' ); ?></span> <?php echo $user->user_login ?></p> 136 <p><span class="h3"><?php _e( 'Password:' ); ?></span> <?php echo $result['password']; ?></p> 137 </div> 137 138 138 139 <?php if ( $url && $url != network_home_url( '', 'http' ) ) : 139 140 switch_to_blog( (int) $result['blog_id'] ); 140 141 $login_url = wp_login_url(); 141 142 restore_current_blog(); … … 144 145 /* translators: 1: site URL, 2: login URL */ 145 146 printf( __( 'Your account is now activated. <a href="%1$s">View your site</a> or <a href="%2$s">Log in</a>' ), $url, esc_url( $login_url ) ); 146 147 ?></p> 147 <?php else : ?>148 <?php else : ?> 148 149 <p class="view"><?php 149 150 /* translators: 1: login URL, 2: network home URL */ 150 151 printf( __( 'Your account is now activated. <a href="%1$s">Log in</a> or go back to the <a href="%2$s">homepage</a>.' ), network_site_url( 'wp-login.php', 'login' ), network_home_url() ); 151 152 ?></p> 152 153 <?php endif; 153 }154 } 154 }// End if(). 155 }// End if(). 155 156 ?> 156 157 </div> 157 158 </div> -
src/wp-blog-header.php
5 5 * @package WordPress 6 6 */ 7 7 8 if ( ! isset($wp_did_header) ) {8 if ( ! isset( $wp_did_header ) ) { 9 9 10 10 $wp_did_header = true; 11 11 12 12 // Load the WordPress library. 13 require_once( dirname( __FILE__) . '/wp-load.php' );13 require_once( dirname( __FILE__ ) . '/wp-load.php' ); 14 14 15 15 // Set up the WordPress query. 16 16 wp(); -
src/wp-comments-post.php
11 11 $protocol = 'HTTP/1.0'; 12 12 } 13 13 14 header( 'Allow: POST');15 header( "$protocol 405 Method Not Allowed");16 header( 'Content-Type: text/plain');14 header( 'Allow: POST' ); 15 header( "$protocol 405 Method Not Allowed" ); 16 header( 'Content-Type: text/plain' ); 17 17 exit; 18 18 } 19 19 20 20 /** Sets up the WordPress Environment. */ 21 require( dirname( __FILE__) . '/wp-load.php' );21 require( dirname( __FILE__ ) . '/wp-load.php' ); 22 22 23 23 nocache_headers(); 24 24 … … 26 26 if ( is_wp_error( $comment ) ) { 27 27 $data = intval( $comment->get_error_data() ); 28 28 if ( ! empty( $data ) ) { 29 wp_die( '<p>' . $comment->get_error_message() . '</p>', __( 'Comment Submission Failure' ), array( 'response' => $data, 'back_link' => true ) ); 29 wp_die( '<p>' . $comment->get_error_message() . '</p>', __( 'Comment Submission Failure' ), array( 30 'response' => $data, 31 'back_link' => true, 32 ) ); 30 33 } else { 31 34 exit; 32 35 } -
src/wp-cron.php
9 9 * @package WordPress 10 10 */ 11 11 12 ignore_user_abort( true);12 ignore_user_abort( true ); 13 13 14 if ( ! empty($_POST) || defined('DOING_AJAX') || defined('DOING_CRON') )14 if ( ! empty( $_POST ) || defined( 'DOING_AJAX' ) || defined( 'DOING_CRON' ) ) { 15 15 die(); 16 } 16 17 17 18 /** 18 19 * Tell WordPress we are doing the CRON task. 19 20 * 20 21 * @var bool 21 22 */ 22 define( 'DOING_CRON', true);23 define( 'DOING_CRON', true ); 23 24 24 if ( ! defined('ABSPATH') ) {25 if ( ! defined( 'ABSPATH' ) ) { 25 26 /** Set up WordPress environment */ 26 27 require_once( dirname( __FILE__ ) . '/wp-load.php' ); 27 28 } … … 48 49 $value = wp_cache_get( 'doing_cron', 'transient', true ); 49 50 } else { 50 51 $row = $wpdb->get_row( $wpdb->prepare( "SELECT option_value FROM $wpdb->options WHERE option_name = %s LIMIT 1", '_transient_doing_cron' ) ); 51 if ( is_object( $row ) ) 52 if ( is_object( $row ) ) { 52 53 $value = $row->option_value; 54 } 53 55 } 54 56 55 57 return $value; 56 58 } 57 59 58 if ( false === $crons = _get_cron_array() ) 60 if ( false === $crons = _get_cron_array() ) { 59 61 die(); 62 } 60 63 61 64 $keys = array_keys( $crons ); 62 65 $gmt_time = microtime( true ); 63 66 64 if ( isset( $keys[0]) && $keys[0] > $gmt_time )67 if ( isset( $keys[0] ) && $keys[0] > $gmt_time ) { 65 68 die(); 69 } 66 70 67 71 68 72 // The cron lock: a unix timestamp from when the cron was spawned. … … 70 74 71 75 // Use global $doing_wp_cron lock otherwise use the GET lock. If no lock, trying grabbing a new lock. 72 76 if ( empty( $doing_wp_cron ) ) { 73 if ( empty( $_GET[ 'doing_wp_cron'] ) ) {77 if ( empty( $_GET['doing_wp_cron'] ) ) { 74 78 // Called from external script/job. Try setting a lock. 75 if ( $doing_cron_transient && ( $doing_cron_transient + WP_CRON_LOCK_TIMEOUT > $gmt_time ) ) 79 if ( $doing_cron_transient && ( $doing_cron_transient + WP_CRON_LOCK_TIMEOUT > $gmt_time ) ) { 76 80 return; 81 } 77 82 $doing_cron_transient = $doing_wp_cron = sprintf( '%.22F', microtime( true ) ); 78 83 set_transient( 'doing_cron', $doing_wp_cron ); 79 84 } else { 80 $doing_wp_cron = $_GET[ 'doing_wp_cron'];85 $doing_wp_cron = $_GET['doing_wp_cron']; 81 86 } 82 87 } 83 88 … … 85 90 * The cron lock (a unix timestamp set when the cron was spawned), 86 91 * must match $doing_wp_cron (the "key"). 87 92 */ 88 if ( $doing_cron_transient != $doing_wp_cron ) 93 if ( $doing_cron_transient != $doing_wp_cron ) { 89 94 return; 95 } 90 96 91 97 foreach ( $crons as $timestamp => $cronhooks ) { 92 if ( $timestamp > $gmt_time ) 98 if ( $timestamp > $gmt_time ) { 93 99 break; 100 } 94 101 95 102 foreach ( $cronhooks as $hook => $keys ) { 96 103 … … 99 106 $schedule = $v['schedule']; 100 107 101 108 if ( $schedule != false ) { 102 $new_args = array( $timestamp, $schedule, $hook, $v['args']);103 call_user_func_array( 'wp_reschedule_event', $new_args);109 $new_args = array( $timestamp, $schedule, $hook, $v['args'] ); 110 call_user_func_array( 'wp_reschedule_event', $new_args ); 104 111 } 105 112 106 113 wp_unschedule_event( $timestamp, $hook, $v['args'] ); … … 114 121 * @param string $hook Name of the hook that was scheduled to be fired. 115 122 * @param array $args The arguments to be passed to the hook. 116 123 */ 117 124 do_action_ref_array( $hook, $v['args'] ); 118 125 119 126 // If the hook ran too long and another cron process stole the lock, quit. 120 if ( _get_cron_lock() != $doing_wp_cron ) 127 if ( _get_cron_lock() != $doing_wp_cron ) { 121 128 return; 129 } 122 130 } 123 131 } 124 } 132 }// End foreach(). 125 133 126 if ( _get_cron_lock() == $doing_wp_cron ) 134 if ( _get_cron_lock() == $doing_wp_cron ) { 127 135 delete_transient( 'doing_cron' ); 136 } 128 137 129 138 die(); -
src/wp-links-opml.php
14 14 15 15 require_once( dirname( __FILE__ ) . '/wp-load.php' ); 16 16 17 header( 'Content-Type: text/xml; charset=' . get_option('blog_charset'), true);17 header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ), true ); 18 18 $link_cat = ''; 19 if ( ! empty($_GET['link_cat']) ) {19 if ( ! empty( $_GET['link_cat'] ) ) { 20 20 $link_cat = $_GET['link_cat']; 21 if ( !in_array($link_cat, array('all', '0')) ) 22 $link_cat = absint( (string)urldecode($link_cat) ); 21 if ( ! in_array( $link_cat, array( 'all', '0' ) ) ) { 22 $link_cat = absint( (string) urldecode( $link_cat ) ); 23 } 23 24 } 24 25 25 echo '<?xml version="1.0"?' .">\n";26 echo '<?xml version="1.0"?' . ">\n"; 26 27 ?> 27 28 <opml version="1.0"> 28 29 <head> 29 30 <title><?php 30 31 /* translators: 1: Site name */ 31 printf( __( 'Links for %s'), esc_attr(get_bloginfo('name', 'display')) );32 printf( __( 'Links for %s' ), esc_attr( get_bloginfo( 'name', 'display' ) ) ); 32 33 ?></title> 33 <dateCreated><?php echo gmdate( "D, d M Y H:i:s"); ?> GMT</dateCreated>34 <dateCreated><?php echo gmdate( 'D, d M Y H:i:s' ); ?> GMT</dateCreated> 34 35 <?php 35 36 /** 36 37 * Fires in the OPML header. … … 42 43 </head> 43 44 <body> 44 45 <?php 45 if ( empty($link_cat) ) 46 $cats = get_categories(array('taxonomy' => 'link_category', 'hierarchical' => 0)); 47 else 48 $cats = get_categories(array('taxonomy' => 'link_category', 'hierarchical' => 0, 'include' => $link_cat)); 46 if ( empty( $link_cat ) ) { 47 $cats = get_categories( array( 48 'taxonomy' => 'link_category', 49 'hierarchical' => 0, 50 ) ); 51 } else { $cats = get_categories( array( 52 'taxonomy' => 'link_category', 53 'hierarchical' => 0, 54 'include' => $link_cat, 55 ) ); 56 } 49 57 50 foreach ( (array) $cats as $cat ) :58 foreach ( (array) $cats as $cat ) : 51 59 /** 52 60 * Filters the OPML outline link category name. 53 61 * … … 58 66 $catname = apply_filters( 'link_category', $cat->name ); 59 67 60 68 ?> 61 <outline type="category" title="<?php echo esc_attr( $catname); ?>">69 <outline type="category" title="<?php echo esc_attr( $catname ); ?>"> 62 70 <?php 63 $bookmarks = get_bookmarks(array("category" => $cat->term_id)); 64 foreach ( (array)$bookmarks as $bookmark ) : 65 /** 71 $bookmarks = get_bookmarks( array( 72 'category' => $cat->term_id, 73 ) ); 74 foreach ( (array) $bookmarks as $bookmark ) : 75 /** 66 76 * Filters the OPML outline link title text. 67 77 * 68 78 * @since 2.2.0 69 79 * 70 80 * @param string $title The OPML outline title text. 71 81 */ 72 82 $title = apply_filters( 'link_title', $bookmark->link_name ); 73 83 ?> 74 <outline text="<?php echo esc_attr($title); ?>" type="link" xmlUrl="<?php echo esc_attr($bookmark->link_rss); ?>" htmlUrl="<?php echo esc_attr($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated;?>" />84 <outline text="<?php echo esc_attr( $title ); ?>" type="link" xmlUrl="<?php echo esc_attr( $bookmark->link_rss ); ?>" htmlUrl="<?php echo esc_attr( $bookmark->link_url ); ?>" updated="<?php if ( '0000-00-00 00:00:00' != $bookmark->link_updated ) { echo $bookmark->link_updated;} ?>" /> 75 85 <?php 76 86 endforeach; // $bookmarks 77 87 ?> -
src/wp-load.php
31 31 * 32 32 * If neither set of conditions is true, initiate loading the setup process. 33 33 */ 34 if ( file_exists( ABSPATH . 'wp-config.php' ) ) {34 if ( file_exists( ABSPATH . 'wp-config.php' ) ) { 35 35 36 36 /** The config file resides in ABSPATH */ 37 37 require_once( ABSPATH . 'wp-config.php' ); … … 87 87 __( "You can create a %s file through a web interface, but this doesn't work for all server setups. The safest way is to manually create the file." ), 88 88 '<code>wp-config.php</code>' 89 89 ) . '</p>'; 90 $die .= '<p><a href="' . $path . '" class="button button-large">' . __( "Create a Configuration File") . '</a>';90 $die .= '<p><a href="' . $path . '" class="button button-large">' . __( 'Create a Configuration File' ) . '</a>'; 91 91 92 92 wp_die( $die, __( 'WordPress › Error' ) ); 93 } 93 }// End if(). -
src/wp-login.php
9 9 */ 10 10 11 11 /** Make sure that the WordPress bootstrap has run before continuing. */ 12 require( dirname( __FILE__) . '/wp-load.php' );12 require( dirname( __FILE__ ) . '/wp-load.php' ); 13 13 14 14 // Redirect to https login if forced to use SSL 15 15 if ( force_ssl_admin() && ! is_ssl() ) { 16 if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http') ) {16 if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { 17 17 wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) ); 18 18 exit(); 19 19 } else { … … 38 38 39 39 add_action( 'login_head', 'wp_login_viewport_meta' ); 40 40 41 if ( empty( $wp_error) )41 if ( empty( $wp_error ) ) { 42 42 $wp_error = new WP_Error(); 43 } 43 44 44 45 // Shake it! 45 46 $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); … … 52 53 */ 53 54 $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); 54 55 55 if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) 56 if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) { 56 57 add_action( 'login_head', 'wp_shake_js', 12 ); 58 } 57 59 58 60 $separator = is_rtl() ? ' › ' : ' ‹ '; 59 61 … … 65 67 <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>> 66 68 <!--<![endif]--> 67 69 <head> 68 <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />70 <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php bloginfo( 'charset' ); ?>" /> 69 71 <title><?php echo get_bloginfo( 'name', 'display' ) . $separator . $title; ?></title> 70 72 <?php 71 73 … … 123 125 $login_header_title = apply_filters( 'login_headertitle', $login_header_title ); 124 126 125 127 $classes = array( 'login-action-' . $action, 'wp-core-ui' ); 126 if ( is_rtl() ) 128 if ( is_rtl() ) { 127 129 $classes[] = 'rtl'; 130 } 128 131 if ( $interim_login ) { 129 132 $classes[] = 'interim-login'; 130 133 ?> 131 134 <style type="text/css">html{background-color: transparent;}</style> 132 135 <?php 133 136 134 if ( 'success' === $interim_login )137 if ( 'success' === $interim_login ) { 135 138 $classes[] = 'interim-login-success'; 139 } 136 140 } 137 $classes[] = ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) );141 $classes[] = ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) ); 138 142 139 143 /** 140 144 * Filters the login page body classes. … … 171 175 * @param string $message Login message text. 172 176 */ 173 177 $message = apply_filters( 'login_message', $message ); 174 if ( ! empty( $message ) )178 if ( ! empty( $message ) ) { 175 179 echo $message . "\n"; 180 } 176 181 177 182 // In case a plugin uses $error rather than the $wp_errors object 178 if ( ! empty( $error ) ) {179 $wp_error->add( 'error', $error);180 unset( $error);183 if ( ! empty( $error ) ) { 184 $wp_error->add( 'error', $error ); 185 unset( $error ); 181 186 } 182 187 183 188 if ( $wp_error->get_error_code() ) { … … 186 191 foreach ( $wp_error->get_error_codes() as $code ) { 187 192 $severity = $wp_error->get_error_data( $code ); 188 193 foreach ( $wp_error->get_error_messages( $code ) as $error_message ) { 189 if ( 'message' == $severity ) 194 if ( 'message' == $severity ) { 190 195 $messages .= ' ' . $error_message . "<br />\n"; 191 else192 $errors .= ' ' . $error_message . "<br />\n";196 } else { $errors .= ' ' . $error_message . "<br />\n"; 197 } 193 198 } 194 199 } 195 200 if ( ! empty( $errors ) ) { … … 220 225 * 221 226 * @param string $input_id Which input to auto-focus 222 227 */ 223 function login_footer( $input_id = '') {228 function login_footer( $input_id = '' ) { 224 229 global $interim_login; 225 230 226 231 // Don't allow interim logins to navigate away from the page. 227 if ( ! $interim_login ) : ?>232 if ( ! $interim_login ) : ?> 228 233 <p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>"><?php 229 234 /* translators: %s: site title */ 230 235 printf( _x( '← Back to %s', 'site' ), get_bloginfo( 'title', 'display' ) ); … … 233 238 234 239 </div> 235 240 236 <?php if ( ! empty($input_id) ) : ?>241 <?php if ( ! empty( $input_id ) ) : ?> 237 242 <script type="text/javascript"> 238 243 try{document.getElementById('<?php echo $input_id; ?>').focus();}catch(e){} 239 244 if(typeof wpOnload=='function')wpOnload(); … … 286 291 $errors = new WP_Error(); 287 292 288 293 if ( empty( $_POST['user_login'] ) ) { 289 $errors->add( 'empty_username', __('<strong>ERROR</strong>: Enter a username or email address.'));294 $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Enter a username or email address.' ) ); 290 295 } elseif ( strpos( $_POST['user_login'], '@' ) ) { 291 296 $user_data = get_user_by( 'email', trim( wp_unslash( $_POST['user_login'] ) ) ); 292 if ( empty( $user_data ) ) 293 $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.')); 297 if ( empty( $user_data ) ) { 298 $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: There is no user registered with that email address.' ) ); 299 } 294 300 } else { 295 $login = trim( $_POST['user_login']);296 $user_data = get_user_by( 'login', $login);301 $login = trim( $_POST['user_login'] ); 302 $user_data = get_user_by( 'login', $login ); 297 303 } 298 304 299 305 /** … … 307 313 */ 308 314 do_action( 'lostpassword_post', $errors ); 309 315 310 if ( $errors->get_error_code() ) 316 if ( $errors->get_error_code() ) { 311 317 return $errors; 318 } 312 319 313 if ( ! $user_data ) {314 $errors->add( 'invalidcombo', __('<strong>ERROR</strong>: Invalid username or email.'));320 if ( ! $user_data ) { 321 $errors->add( 'invalidcombo', __( '<strong>ERROR</strong>: Invalid username or email.' ) ); 315 322 return $errors; 316 323 } 317 324 … … 324 331 return $key; 325 332 } 326 333 327 $message = __( 'Someone has requested a password reset for the following account:') . "\r\n\r\n";334 $message = __( 'Someone has requested a password reset for the following account:' ) . "\r\n\r\n"; 328 335 $message .= network_home_url( '/' ) . "\r\n\r\n"; 329 $message .= sprintf( __('Username: %s'), $user_login) . "\r\n\r\n";330 $message .= __( 'If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";331 $message .= __( 'To reset your password, visit the following address:') . "\r\n\r\n";332 $message .= '<' . network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";336 $message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n"; 337 $message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n"; 338 $message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n"; 339 $message .= '<' . network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . ">\r\n"; 333 340 334 341 if ( is_multisite() ) { 335 342 $blogname = get_network()->site_name; … … 338 345 * The blogname option is escaped with esc_html on the way into the database 339 346 * in sanitize_option we want to reverse this for the plain text arena of emails. 340 347 */ 341 $blogname = wp_specialchars_decode( get_option('blogname'), ENT_QUOTES);348 $blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); 342 349 } 343 350 344 351 /* translators: Password reset email subject. 1: Site name */ 345 $title = sprintf( __( '[%s] Password Reset'), $blogname );352 $title = sprintf( __( '[%s] Password Reset' ), $blogname ); 346 353 347 354 /** 348 355 * Filters the subject of the password reset email. … … 371 378 */ 372 379 $message = apply_filters( 'retrieve_password_message', $message, $key, $user_login, $user_data ); 373 380 374 if ( $message && !wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) ) 375 wp_die( __('The email could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.') ); 381 if ( $message && ! wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) ) { 382 wp_die( __( 'The email could not be sent.' ) . "<br />\n" . __( 'Possible reason: your host may have disabled the mail() function.' ) ); 383 } 376 384 377 385 return true; 378 386 } … … 381 389 // Main 382 390 // 383 391 384 $action = isset( $_REQUEST['action']) ? $_REQUEST['action'] : 'login';392 $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : 'login'; 385 393 $errors = new WP_Error(); 386 394 387 if ( isset( $_GET['key']) )395 if ( isset( $_GET['key'] ) ) { 388 396 $action = 'resetpass'; 397 } 389 398 390 399 // validate action so as to default to the login screen 391 if ( ! in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )400 if ( ! in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) ) { 392 401 $action = 'login'; 402 } 393 403 394 404 nocache_headers(); 395 405 396 header( 'Content-Type: '.get_bloginfo('html_type').'; charset='.get_bloginfo('charset'));406 header( 'Content-Type: ' . get_bloginfo( 'html_type' ) . '; charset=' . get_bloginfo( 'charset' ) ); 397 407 398 408 if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set 399 if ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) ) 409 if ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) ) { 400 410 $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] ); 411 } 401 412 402 $url = dirname( set_url_scheme( 'http://' . 403 if ( $url != get_option( 'siteurl' ) ) 413 $url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) ); 414 if ( $url != get_option( 'siteurl' ) ) { 404 415 update_option( 'siteurl', $url ); 416 } 405 417 } 406 418 407 419 //Set a cookie now to see if they are supported by the browser. 408 420 $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ); 409 421 setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); 410 if ( SITECOOKIEPATH != COOKIEPATH ) 422 if ( SITECOOKIEPATH != COOKIEPATH ) { 411 423 setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure ); 424 } 412 425 413 426 /** 414 427 * Fires when the login form is initialized. … … 428 441 do_action( "login_form_{$action}" ); 429 442 430 443 $http_post = ('POST' == $_SERVER['REQUEST_METHOD']); 431 $interim_login = isset( $_REQUEST['interim-login']);444 $interim_login = isset( $_REQUEST['interim-login'] ); 432 445 433 switch ( $action) {446 switch ( $action ) { 434 447 435 case 'postpass' :436 if ( ! array_key_exists( 'post_password', $_POST ) ) {437 wp_safe_redirect( wp_get_referer() );438 exit();439 }448 case 'postpass' : 449 if ( ! array_key_exists( 'post_password', $_POST ) ) { 450 wp_safe_redirect( wp_get_referer() ); 451 exit(); 452 } 440 453 441 require_once ABSPATH . WPINC . '/class-phpass.php';442 $hasher = new PasswordHash( 8, true );454 require_once ABSPATH . WPINC . '/class-phpass.php'; 455 $hasher = new PasswordHash( 8, true ); 443 456 444 /**457 /** 445 458 * Filters the life span of the post password cookie. 446 459 * 447 460 * By default, the cookie expires 10 days from creation. To turn this … … 451 464 * 452 465 * @param int $expires The expiry time, as passed to setcookie(). 453 466 */ 454 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS );455 $referer = wp_get_referer();456 if ( $referer ) {457 $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) );458 } else {459 $secure = false;460 }461 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );467 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); 468 $referer = wp_get_referer(); 469 if ( $referer ) { 470 $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) ); 471 } else { 472 $secure = false; 473 } 474 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); 462 475 463 wp_safe_redirect( wp_get_referer() );476 wp_safe_redirect( wp_get_referer() ); 464 477 exit(); 465 478 466 case 'logout' :467 check_admin_referer('log-out');479 case 'logout' : 480 check_admin_referer( 'log-out' ); 468 481 469 $user = wp_get_current_user();482 $user = wp_get_current_user(); 470 483 471 wp_logout();484 wp_logout(); 472 485 473 if ( ! empty( $_REQUEST['redirect_to'] ) ) {474 $redirect_to = $requested_redirect_to = $_REQUEST['redirect_to'];475 } else {476 $redirect_to = 'wp-login.php?loggedout=true';477 $requested_redirect_to = '';478 }486 if ( ! empty( $_REQUEST['redirect_to'] ) ) { 487 $redirect_to = $requested_redirect_to = $_REQUEST['redirect_to']; 488 } else { 489 $redirect_to = 'wp-login.php?loggedout=true'; 490 $requested_redirect_to = ''; 491 } 479 492 480 /**493 /** 481 494 * Filters the log out redirect URL. 482 495 * 483 496 * @since 4.2.0 … … 486 499 * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter. 487 500 * @param WP_User $user The WP_User object for the user that's logging out. 488 501 */ 489 $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user );490 wp_safe_redirect( $redirect_to );502 $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user ); 503 wp_safe_redirect( $redirect_to ); 491 504 exit(); 492 505 493 case 'lostpassword' :494 case 'retrievepassword' :506 case 'lostpassword' : 507 case 'retrievepassword' : 495 508 496 if ( $http_post ) { 497 $errors = retrieve_password(); 498 if ( !is_wp_error($errors) ) { 499 $redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm'; 500 wp_safe_redirect( $redirect_to ); 501 exit(); 509 if ( $http_post ) { 510 $errors = retrieve_password(); 511 if ( ! is_wp_error( $errors ) ) { 512 $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm'; 513 wp_safe_redirect( $redirect_to ); 514 exit(); 515 } 502 516 } 503 }504 517 505 if ( isset( $_GET['error'] ) ) { 506 if ( 'invalidkey' == $_GET['error'] ) { 507 $errors->add( 'invalidkey', __( 'Your password reset link appears to be invalid. Please request a new link below.' ) ); 508 } elseif ( 'expiredkey' == $_GET['error'] ) { 509 $errors->add( 'expiredkey', __( 'Your password reset link has expired. Please request a new link below.' ) ); 518 if ( isset( $_GET['error'] ) ) { 519 if ( 'invalidkey' == $_GET['error'] ) { 520 $errors->add( 'invalidkey', __( 'Your password reset link appears to be invalid. Please request a new link below.' ) ); 521 } elseif ( 'expiredkey' == $_GET['error'] ) { 522 $errors->add( 'expiredkey', __( 'Your password reset link has expired. Please request a new link below.' ) ); 523 } 510 524 } 511 }512 525 513 $lostpassword_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';514 /**526 $lostpassword_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 527 /** 515 528 * Filters the URL redirected to after submitting the lostpassword/retrievepassword form. 516 529 * 517 530 * @since 3.0.0 518 531 * 519 532 * @param string $lostpassword_redirect The redirect destination URL. 520 533 */ 521 $redirect_to = apply_filters( 'lostpassword_redirect', $lostpassword_redirect );534 $redirect_to = apply_filters( 'lostpassword_redirect', $lostpassword_redirect ); 522 535 523 /**536 /** 524 537 * Fires before the lost password form. 525 538 * 526 539 * @since 1.5.1 527 540 */ 528 do_action( 'lost_password' );541 do_action( 'lost_password' ); 529 542 530 login_header(__('Lost Password'), '<p class="message">' . __('Please enter your username or email address. You will receive a link to create a new password via email.') . '</p>', $errors);543 login_header( __( 'Lost Password' ), '<p class="message">' . __( 'Please enter your username or email address. You will receive a link to create a new password via email.' ) . '</p>', $errors ); 531 544 532 $user_login = isset($_POST['user_login']) ? wp_unslash($_POST['user_login']) : '';545 $user_login = isset( $_POST['user_login'] ) ? wp_unslash( $_POST['user_login'] ) : ''; 533 546 534 ?>547 ?> 535 548 536 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">549 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post"> 537 550 <p> 538 551 <label for="user_login" ><?php _e( 'Username or Email Address' ); ?><br /> 539 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login); ?>" size="20" /></label>552 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" /></label> 540 553 </p> 541 554 <?php 542 555 /** … … 545 558 * @since 2.1.0 546 559 */ 547 560 do_action( 'lostpassword_form' ); ?> 548 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />549 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e('Get New Password'); ?>" /></p>550 </form>561 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 562 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" /></p> 563 </form> 551 564 552 <p id="nav">553 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e('Log in') ?></a>554 <?php555 if ( get_option( 'users_can_register' ) ) :556 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );565 <p id="nav"> 566 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ) ?></a> 567 <?php 568 if ( get_option( 'users_can_register' ) ) : 569 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 557 570 558 /** This filter is documented in wp-includes/general-template.php */559 echo ' | ' . apply_filters( 'register', $registration_url );560 endif;561 ?>562 </p>571 /** This filter is documented in wp-includes/general-template.php */ 572 echo ' | ' . apply_filters( 'register', $registration_url ); 573 endif; 574 ?> 575 </p> 563 576 564 <?php565 login_footer('user_login');577 <?php 578 login_footer( 'user_login' ); 566 579 break; 567 580 568 case 'resetpass' : 569 case 'rp' : 570 list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) ); 571 $rp_cookie = 'wp-resetpass-' . COOKIEHASH; 572 if ( isset( $_GET['key'] ) ) { 573 $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) ); 574 setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 575 wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) ); 576 exit; 577 } 578 579 if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) { 580 list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 ); 581 $user = check_password_reset_key( $rp_key, $rp_login ); 582 if ( isset( $_POST['pass1'] ) && ! hash_equals( $rp_key, $_POST['rp_key'] ) ) { 581 case 'resetpass' : 582 case 'rp' : 583 list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) ); 584 $rp_cookie = 'wp-resetpass-' . COOKIEHASH; 585 if ( isset( $_GET['key'] ) ) { 586 $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) ); 587 setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 588 wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) ); 589 exit; 590 } 591 592 if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) { 593 list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 ); 594 $user = check_password_reset_key( $rp_key, $rp_login ); 595 if ( isset( $_POST['pass1'] ) && ! hash_equals( $rp_key, $_POST['rp_key'] ) ) { 596 $user = false; 597 } 598 } else { 583 599 $user = false; 584 600 } 585 } else {586 $user = false;587 }588 601 589 if ( ! $user || is_wp_error( $user ) ) {590 setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );591 if ( $user && $user->get_error_code() === 'expired_key' )592 wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );593 else594 wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );595 exit;596 }602 if ( ! $user || is_wp_error( $user ) ) { 603 setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 604 if ( $user && $user->get_error_code() === 'expired_key' ) { 605 wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) ); 606 } else { wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) ); 607 } 608 exit; 609 } 597 610 598 $errors = new WP_Error();611 $errors = new WP_Error(); 599 612 600 if ( isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2'] ) 601 $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) ); 613 if ( isset( $_POST['pass1'] ) && $_POST['pass1'] != $_POST['pass2'] ) { 614 $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) ); 615 } 602 616 603 /**617 /** 604 618 * Fires before the password reset procedure is validated. 605 619 * 606 620 * @since 3.5.0 … … 608 622 * @param object $errors WP Error object. 609 623 * @param WP_User|WP_Error $user WP_User object if the login and reset key match. WP_Error object otherwise. 610 624 */ 611 do_action( 'validate_password_reset', $errors, $user );625 do_action( 'validate_password_reset', $errors, $user ); 612 626 613 if ( ( ! $errors->get_error_code() ) && isset( $_POST['pass1'] ) && !empty( $_POST['pass1'] ) ) {614 reset_password($user, $_POST['pass1']);615 setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );616 login_header( __( 'Password Reset' ), '<p class="message reset-pass">' . __( 'Your password has been reset.' ) . ' <a href="' . esc_url( wp_login_url() ) . '">' . __( 'Log in' ) . '</a></p>' );617 login_footer();618 exit;619 }627 if ( ( ! $errors->get_error_code() ) && isset( $_POST['pass1'] ) && ! empty( $_POST['pass1'] ) ) { 628 reset_password( $user, $_POST['pass1'] ); 629 setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 630 login_header( __( 'Password Reset' ), '<p class="message reset-pass">' . __( 'Your password has been reset.' ) . ' <a href="' . esc_url( wp_login_url() ) . '">' . __( 'Log in' ) . '</a></p>' ); 631 login_footer(); 632 exit; 633 } 620 634 621 wp_enqueue_script('utils');622 wp_enqueue_script('user-profile');635 wp_enqueue_script( 'utils' ); 636 wp_enqueue_script( 'user-profile' ); 623 637 624 login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );638 login_header( __( 'Reset Password' ), '<p class="message reset-pass">' . __( 'Enter your new password below.' ) . '</p>', $errors ); 625 639 626 ?>627 <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">640 ?> 641 <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off"> 628 642 <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" /> 629 643 630 644 <div class="user-pass1-wrap"> … … 659 673 do_action( 'resetpass_form', $user ); 660 674 ?> 661 675 <input type="hidden" name="rp_key" value="<?php echo esc_attr( $rp_key ); ?>" /> 662 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password'); ?>" /></p>663 </form>676 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password' ); ?>" /></p> 677 </form> 664 678 665 <p id="nav">666 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>667 <?php668 if ( get_option( 'users_can_register' ) ) :669 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );679 <p id="nav"> 680 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 681 <?php 682 if ( get_option( 'users_can_register' ) ) : 683 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 670 684 671 /** This filter is documented in wp-includes/general-template.php */672 echo ' | ' . apply_filters( 'register', $registration_url );673 endif;674 ?>675 </p>685 /** This filter is documented in wp-includes/general-template.php */ 686 echo ' | ' . apply_filters( 'register', $registration_url ); 687 endif; 688 ?> 689 </p> 676 690 677 <?php678 login_footer('user_pass');691 <?php 692 login_footer( 'user_pass' ); 679 693 break; 680 694 681 case 'register' :682 if ( is_multisite() ) {683 /**695 case 'register' : 696 if ( is_multisite() ) { 697 /** 684 698 * Filters the Multisite sign up URL. 685 699 * 686 700 * @since 3.0.0 687 701 * 688 702 * @param string $sign_up_url The sign up URL. 689 703 */ 690 wp_redirect( apply_filters( 'wp_signup_location', network_site_url( 'wp-signup.php' ) ) ); 691 exit; 692 } 693 694 if ( !get_option('users_can_register') ) { 695 wp_redirect( site_url('wp-login.php?registration=disabled') ); 696 exit(); 697 } 704 wp_redirect( apply_filters( 'wp_signup_location', network_site_url( 'wp-signup.php' ) ) ); 705 exit; 706 } 698 707 699 $user_login = ''; 700 $user_email = ''; 701 if ( $http_post ) { 702 $user_login = isset( $_POST['user_login'] ) ? $_POST['user_login'] : ''; 703 $user_email = isset( $_POST['user_email'] ) ? wp_unslash( $_POST['user_email'] ) : ''; 704 $errors = register_new_user($user_login, $user_email); 705 if ( !is_wp_error($errors) ) { 706 $redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered'; 707 wp_safe_redirect( $redirect_to ); 708 if ( ! get_option( 'users_can_register' ) ) { 709 wp_redirect( site_url( 'wp-login.php?registration=disabled' ) ); 708 710 exit(); 709 711 } 710 }711 712 712 $registration_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 713 /** 713 $user_login = ''; 714 $user_email = ''; 715 if ( $http_post ) { 716 $user_login = isset( $_POST['user_login'] ) ? $_POST['user_login'] : ''; 717 $user_email = isset( $_POST['user_email'] ) ? wp_unslash( $_POST['user_email'] ) : ''; 718 $errors = register_new_user( $user_login, $user_email ); 719 if ( ! is_wp_error( $errors ) ) { 720 $redirect_to = ! empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered'; 721 wp_safe_redirect( $redirect_to ); 722 exit(); 723 } 724 } 725 726 $registration_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 727 /** 714 728 * Filters the registration redirect URL. 715 729 * 716 730 * @since 3.0.0 717 731 * 718 732 * @param string $registration_redirect The redirect destination URL. 719 733 */ 720 $redirect_to = apply_filters( 'registration_redirect', $registration_redirect );721 login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);722 ?>723 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate">734 $redirect_to = apply_filters( 'registration_redirect', $registration_redirect ); 735 login_header( __( 'Registration Form' ), '<p class="message register">' . __( 'Register For This Site' ) . '</p>', $errors ); 736 ?> 737 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate"> 724 738 <p> 725 <label for="user_login"><?php _e( 'Username') ?><br />726 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash($user_login)); ?>" size="20" /></label>739 <label for="user_login"><?php _e( 'Username' ) ?><br /> 740 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" /></label> 727 741 </p> 728 742 <p> 729 <label for="user_email"><?php _e( 'Email') ?><br />743 <label for="user_email"><?php _e( 'Email' ) ?><br /> 730 744 <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" /></label> 731 745 </p> 732 746 <?php … … 740 754 <p id="reg_passmail"><?php _e( 'Registration confirmation will be emailed to you.' ); ?></p> 741 755 <br class="clear" /> 742 756 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 743 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register'); ?>" /></p>744 </form>757 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register' ); ?>" /></p> 758 </form> 745 759 746 <p id="nav">747 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> |748 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a>749 </p>760 <p id="nav"> 761 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> | 762 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 763 </p> 750 764 751 <?php752 login_footer('user_login');765 <?php 766 login_footer( 'user_login' ); 753 767 break; 754 768 755 case 'login' : 756 default: 757 $secure_cookie = ''; 758 $customize_login = isset( $_REQUEST['customize-login'] ); 759 if ( $customize_login ) 760 wp_enqueue_script( 'customize-base' ); 769 case 'login' : 770 default: 771 $secure_cookie = ''; 772 $customize_login = isset( $_REQUEST['customize-login'] ); 773 if ( $customize_login ) { 774 wp_enqueue_script( 'customize-base' ); 775 } 761 776 762 // If the user wants ssl but the session is not ssl, force a secure cookie.763 if ( !empty($_POST['log']) && !force_ssl_admin() ) {764 $user_name = sanitize_user($_POST['log']);765 $user = get_user_by( 'login', $user_name );777 // If the user wants ssl but the session is not ssl, force a secure cookie. 778 if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) { 779 $user_name = sanitize_user( $_POST['log'] ); 780 $user = get_user_by( 'login', $user_name ); 766 781 767 if ( ! $user && strpos( $user_name, '@' ) ) {768 $user = get_user_by( 'email', $user_name );769 }782 if ( ! $user && strpos( $user_name, '@' ) ) { 783 $user = get_user_by( 'email', $user_name ); 784 } 770 785 771 if ( $user ) { 772 if ( get_user_option('use_ssl', $user->ID) ) { 773 $secure_cookie = true; 774 force_ssl_admin(true); 786 if ( $user ) { 787 if ( get_user_option( 'use_ssl', $user->ID ) ) { 788 $secure_cookie = true; 789 force_ssl_admin( true ); 790 } 775 791 } 776 792 } 777 }778 793 779 if ( isset( $_REQUEST['redirect_to'] ) ) { 780 $redirect_to = $_REQUEST['redirect_to']; 781 // Redirect to https if user wants ssl 782 if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') ) 783 $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); 784 } else { 785 $redirect_to = admin_url(); 786 } 794 if ( isset( $_REQUEST['redirect_to'] ) ) { 795 $redirect_to = $_REQUEST['redirect_to']; 796 // Redirect to https if user wants ssl 797 if ( $secure_cookie && false !== strpos( $redirect_to, 'wp-admin' ) ) { 798 $redirect_to = preg_replace( '|^http://|', 'https://', $redirect_to ); 799 } 800 } else { 801 $redirect_to = admin_url(); 802 } 787 803 788 $reauth = empty($_REQUEST['reauth']) ? false : true;804 $reauth = empty( $_REQUEST['reauth'] ) ? false : true; 789 805 790 $user = wp_signon( array(), $secure_cookie );806 $user = wp_signon( array(), $secure_cookie ); 791 807 792 if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {793 if ( headers_sent() ) {794 /* translators: 1: Browser cookie documentation URL, 2: Support forums URL */795 $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.' ),808 if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) { 809 if ( headers_sent() ) { 810 /* translators: 1: Browser cookie documentation URL, 2: Support forums URL */ 811 $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.' ), 796 812 __( 'https://codex.wordpress.org/Cookies' ), __( 'https://wordpress.org/support/' ) ) ); 797 } elseif ( isset( $_POST['testcookie'] ) && empty( $_COOKIE[ TEST_COOKIE ] ) ) {798 // If cookies are disabled we can't log in even with a valid user+pass799 /* translators: 1: Browser cookie documentation URL */800 $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href="%s">enable cookies</a> to use WordPress.' ),813 } elseif ( isset( $_POST['testcookie'] ) && empty( $_COOKIE[ TEST_COOKIE ] ) ) { 814 // If cookies are disabled we can't log in even with a valid user+pass 815 /* translators: 1: Browser cookie documentation URL */ 816 $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href="%s">enable cookies</a> to use WordPress.' ), 801 817 __( 'https://codex.wordpress.org/Cookies' ) ) ); 818 } 802 819 } 803 }804 820 805 $requested_redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';806 /**821 $requested_redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 822 /** 807 823 * Filters the login redirect URL. 808 824 * 809 825 * @since 3.0.0 … … 812 828 * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter. 813 829 * @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise. 814 830 */ 815 $redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user );831 $redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user ); 816 832 817 if ( !is_wp_error($user) && !$reauth ) {818 if ( $interim_login ) {819 $message = '<p class="message">' . __('You have logged in successfully.') . '</p>';820 $interim_login = 'success';821 login_header( '', $message ); ?>822 </div>823 <?php824 /** This action is documented in wp-login.php */825 do_action( 'login_footer' ); ?>826 <?php if ( $customize_login ) : ?>833 if ( ! is_wp_error( $user ) && ! $reauth ) { 834 if ( $interim_login ) { 835 $message = '<p class="message">' . __( 'You have logged in successfully.' ) . '</p>'; 836 $interim_login = 'success'; 837 login_header( '', $message ); ?> 838 </div> 839 <?php 840 /** This action is documented in wp-login.php */ 841 do_action( 'login_footer' ); ?> 842 <?php if ( $customize_login ) : ?> 827 843 <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?>', channel: 'login' }).send('login') }, 1000 );</script> 828 844 <?php endif; ?> 829 </body></html>830 <?php exit;831 }845 </body></html> 846 <?php exit; 847 } 832 848 833 if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) { 834 // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. 835 if ( is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin( $user->ID ) ) 836 $redirect_to = user_admin_url(); 837 elseif ( is_multisite() && !$user->has_cap('read') ) 838 $redirect_to = get_dashboard_url( $user->ID ); 839 elseif ( !$user->has_cap('edit_posts') ) 840 $redirect_to = $user->has_cap( 'read' ) ? admin_url( 'profile.php' ) : home_url(); 849 if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) { 850 // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. 851 if ( is_multisite() && ! get_active_blog_for_user( $user->ID ) && ! is_super_admin( $user->ID ) ) { 852 $redirect_to = user_admin_url(); 853 } elseif ( is_multisite() && ! $user->has_cap( 'read' ) ) { 854 $redirect_to = get_dashboard_url( $user->ID ); 855 } elseif ( ! $user->has_cap( 'edit_posts' ) ) { 856 $redirect_to = $user->has_cap( 'read' ) ? admin_url( 'profile.php' ) : home_url(); 857 } 841 858 842 wp_redirect( $redirect_to ); 859 wp_redirect( $redirect_to ); 860 exit(); 861 } 862 wp_safe_redirect( $redirect_to ); 843 863 exit(); 844 864 } 845 wp_safe_redirect($redirect_to);846 exit();847 }848 865 849 $errors = $user; 850 // Clear errors if loggedout is set. 851 if ( !empty($_GET['loggedout']) || $reauth ) 852 $errors = new WP_Error(); 866 $errors = $user; 867 // Clear errors if loggedout is set. 868 if ( ! empty( $_GET['loggedout'] ) || $reauth ) { 869 $errors = new WP_Error(); 870 } 853 871 854 if ( $interim_login ) { 855 if ( ! $errors->get_error_code() ) 856 $errors->add( 'expired', __( 'Your session has expired. Please log in to continue where you left off.' ), 'message' ); 857 } else { 858 // Some parts of this script use the main login form to display a message 859 if ( isset($_GET['loggedout']) && true == $_GET['loggedout'] ) 860 $errors->add('loggedout', __('You are now logged out.'), 'message'); 861 elseif ( isset($_GET['registration']) && 'disabled' == $_GET['registration'] ) 862 $errors->add('registerdisabled', __('User registration is currently not allowed.')); 863 elseif ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] ) 864 $errors->add('confirm', __('Check your email for the confirmation link.'), 'message'); 865 elseif ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] ) 866 $errors->add('newpass', __('Check your email for your new password.'), 'message'); 867 elseif ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) 868 $errors->add('registered', __('Registration complete. Please check your email.'), 'message'); 869 elseif ( strpos( $redirect_to, 'about.php?updated' ) ) 870 $errors->add('updated', __( '<strong>You have successfully updated WordPress!</strong> Please log back in to see what’s new.' ), 'message' ); 871 } 872 if ( $interim_login ) { 873 if ( ! $errors->get_error_code() ) { 874 $errors->add( 'expired', __( 'Your session has expired. Please log in to continue where you left off.' ), 'message' ); 875 } 876 } else { 877 // Some parts of this script use the main login form to display a message 878 if ( isset( $_GET['loggedout'] ) && true == $_GET['loggedout'] ) { 879 $errors->add( 'loggedout', __( 'You are now logged out.' ), 'message' ); 880 } elseif ( isset( $_GET['registration'] ) && 'disabled' == $_GET['registration'] ) { 881 $errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) ); 882 } elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) { 883 $errors->add( 'confirm', __( 'Check your email for the confirmation link.' ), 'message' ); 884 } elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) { 885 $errors->add( 'newpass', __( 'Check your email for your new password.' ), 'message' ); 886 } elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) { 887 $errors->add( 'registered', __( 'Registration complete. Please check your email.' ), 'message' ); 888 } elseif ( strpos( $redirect_to, 'about.php?updated' ) ) { 889 $errors->add( 'updated', __( '<strong>You have successfully updated WordPress!</strong> Please log back in to see what’s new.' ), 'message' ); 890 } 891 } 872 892 873 /**893 /** 874 894 * Filters the login page errors. 875 895 * 876 896 * @since 3.6.0 … … 878 898 * @param object $errors WP Error object. 879 899 * @param string $redirect_to Redirect destination URL. 880 900 */ 881 $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to );901 $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to ); 882 902 883 // Clear any stale cookies. 884 if ( $reauth ) 885 wp_clear_auth_cookie(); 903 // Clear any stale cookies. 904 if ( $reauth ) { 905 wp_clear_auth_cookie(); 906 } 886 907 887 login_header(__('Log In'), '', $errors);908 login_header( __( 'Log In' ), '', $errors ); 888 909 889 if ( isset($_POST['log']) ) 890 $user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(wp_unslash($_POST['log'])) : ''; 891 $rememberme = ! empty( $_POST['rememberme'] ); 910 if ( isset( $_POST['log'] ) ) { 911 $user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; 912 } 913 $rememberme = ! empty( $_POST['rememberme'] ); 892 914 893 if ( ! empty( $errors->errors ) ) {894 $aria_describedby_error = ' aria-describedby="login_error"';895 } else {896 $aria_describedby_error = '';897 }898 ?>915 if ( ! empty( $errors->errors ) ) { 916 $aria_describedby_error = ' aria-describedby="login_error"'; 917 } else { 918 $aria_describedby_error = ''; 919 } 920 ?> 899 921 900 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">922 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> 901 923 <p> 902 924 <label for="user_login"><?php _e( 'Username or Email Address' ); ?><br /> 903 925 <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" /></label> … … 916 938 ?> 917 939 <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_html_e( 'Remember Me' ); ?></label></p> 918 940 <p class="submit"> 919 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In'); ?>" />920 <?php if ( $interim_login ) { ?>941 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In' ); ?>" /> 942 <?php if ( $interim_login ) { ?> 921 943 <input type="hidden" name="interim-login" value="1" /> 922 <?php } else { ?>923 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to); ?>" />924 <?php } ?>925 <?php if ( $customize_login ) : ?>944 <?php } else { ?> 945 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 946 <?php } ?> 947 <?php if ( $customize_login ) : ?> 926 948 <input type="hidden" name="customize-login" value="1" /> 927 <?php endif; ?>949 <?php endif; ?> 928 950 <input type="hidden" name="testcookie" value="1" /> 929 951 </p> 930 </form> 931 932 <?php if ( ! $interim_login ) { ?> 933 <p id="nav"> 934 <?php if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) : 935 if ( get_option( 'users_can_register' ) ) : 936 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 952 </form> 937 953 938 /** This filter is documented in wp-includes/general-template.php */ 939 echo apply_filters( 'register', $registration_url ) . ' | '; 940 endif; 941 ?> 942 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 943 <?php endif; ?> 944 </p> 945 <?php } ?> 954 <?php if ( ! $interim_login ) { ?> 955 <p id="nav"> 956 <?php if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) : 957 if ( get_option( 'users_can_register' ) ) : 958 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 959 960 /** This filter is documented in wp-includes/general-template.php */ 961 echo apply_filters( 'register', $registration_url ) . ' | '; 962 endif; 963 ?> 964 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 965 <?php endif; ?> 966 </p> 967 <?php } ?> 946 968 947 <script type="text/javascript">948 function wp_attempt_focus(){949 setTimeout( function(){ try{950 <?php if ( $user_login ) { ?>951 d = document.getElementById('user_pass');952 d.value = '';953 <?php } else { ?>954 d = document.getElementById('user_login');955 <?php if ( 'invalid_username' == $errors->get_error_code() ) { ?>956 if( d.value != '' )957 d.value = '';958 <?php969 <script type="text/javascript"> 970 function wp_attempt_focus(){ 971 setTimeout( function(){ try{ 972 <?php if ( $user_login ) { ?> 973 d = document.getElementById('user_pass'); 974 d.value = ''; 975 <?php } else { ?> 976 d = document.getElementById('user_login'); 977 <?php if ( 'invalid_username' == $errors->get_error_code() ) { ?> 978 if( d.value != '' ) 979 d.value = ''; 980 <?php 959 981 } 960 982 }?> 961 d.focus();962 d.select();963 } catch(e){}964 }, 200);965 }983 d.focus(); 984 d.select(); 985 } catch(e){} 986 }, 200); 987 } 966 988 967 /**968 * Filters whether to print the call to `wp_attempt_focus()` on the login screen.969 *970 * @since 4.8.0971 *972 * @param bool $print Whether to print the function call. Default true.973 */974 <?php if ( apply_filters( 'enable_login_autofocus', true ) && ! $error ) { ?>975 wp_attempt_focus();976 <?php } ?>977 if(typeof wpOnload=='function')wpOnload();978 <?php if ( $interim_login ) { ?>979 (function(){980 try {989 /** 990 * Filters whether to print the call to `wp_attempt_focus()` on the login screen. 991 * 992 * @since 4.8.0 993 * 994 * @param bool $print Whether to print the function call. Default true. 995 */ 996 <?php if ( apply_filters( 'enable_login_autofocus', true ) && ! $error ) { ?> 997 wp_attempt_focus(); 998 <?php } ?> 999 if(typeof wpOnload=='function')wpOnload(); 1000 <?php if ( $interim_login ) { ?> 1001 (function(){ 1002 try { 981 1003 var i, links = document.getElementsByTagName('a'); 982 1004 for ( i in links ) { 983 1005 if ( links[i].href ) 984 1006 links[i].target = '_blank'; 985 1007 } 986 } catch(e){}987 }());988 <?php } ?>989 </script>1008 } catch(e){} 1009 }()); 1010 <?php } ?> 1011 </script> 990 1012 991 <?php992 login_footer();1013 <?php 1014 login_footer(); 993 1015 break; 994 } // end action switch1016 } // End switch(). -
src/wp-mail.php
8 8 */ 9 9 10 10 /** Make sure that the WordPress bootstrap has run before continuing. */ 11 require( dirname(__FILE__) . '/wp-load.php');11 require( dirname( __FILE__ ) . '/wp-load.php' ); 12 12 13 13 /** This filter is documented in wp-admin/options.php */ 14 if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) 14 if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) { 15 15 wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); 16 } 16 17 17 18 $mailserver_url = get_option( 'mailserver_url' ); 18 19 … … 31 32 require_once( ABSPATH . WPINC . '/class-pop3.php' ); 32 33 33 34 /** Only check at this interval for new messages. */ 34 if ( !defined('WP_MAIL_INTERVAL') ) 35 define('WP_MAIL_INTERVAL', 300); // 5 minutes 35 if ( ! defined( 'WP_MAIL_INTERVAL' ) ) { 36 define( 'WP_MAIL_INTERVAL', 300 ); // 5 minutes 37 } 36 38 37 $last_checked = get_transient( 'mailserver_last_checked');39 $last_checked = get_transient( 'mailserver_last_checked' ); 38 40 39 if ( $last_checked ) 40 wp_die(__('Slow down cowboy, no need to check for new mails so often!')); 41 if ( $last_checked ) { 42 wp_die( __( 'Slow down cowboy, no need to check for new mails so often!' ) ); 43 } 41 44 42 set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL);45 set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL ); 43 46 44 $time_difference = get_option( 'gmt_offset') * HOUR_IN_SECONDS;47 $time_difference = get_option( 'gmt_offset' ) * HOUR_IN_SECONDS; 45 48 46 49 $phone_delim = '::'; 47 50 48 51 $pop3 = new POP3(); 49 52 50 if ( ! $pop3->connect( get_option('mailserver_url'), get_option('mailserver_port') ) || !$pop3->user( get_option('mailserver_login') ) )53 if ( ! $pop3->connect( get_option( 'mailserver_url' ), get_option( 'mailserver_port' ) ) || ! $pop3->user( get_option( 'mailserver_login' ) ) ) { 51 54 wp_die( esc_html( $pop3->ERROR ) ); 55 } 52 56 53 $count = $pop3->pass( get_option( 'mailserver_pass') );57 $count = $pop3->pass( get_option( 'mailserver_pass' ) ); 54 58 55 if ( false === $count )59 if ( false === $count ) { 56 60 wp_die( esc_html( $pop3->ERROR ) ); 61 } 57 62 58 if ( 0 === $count ) {63 if ( 0 === $count ) { 59 64 $pop3->quit(); 60 wp_die( __( 'There doesn’t seem to be any new mail.') );65 wp_die( __( 'There doesn’t seem to be any new mail.' ) ); 61 66 } 62 67 63 68 for ( $i = 1; $i <= $count; $i++ ) { 64 69 65 $message = $pop3->get( $i);70 $message = $pop3->get( $i ); 66 71 67 72 $bodysignal = false; 68 73 $boundary = ''; … … 72 77 $content_transfer_encoding = ''; 73 78 $post_author = 1; 74 79 $author_found = false; 75 foreach ( $message as $line) {80 foreach ( $message as $line ) { 76 81 // Body signal. 77 if ( strlen( $line) < 3 )82 if ( strlen( $line ) < 3 ) { 78 83 $bodysignal = true; 84 } 79 85 if ( $bodysignal ) { 80 86 $content .= $line; 81 87 } else { 82 if ( preg_match( '/Content-Type: /i', $line) ) {83 $content_type = trim( $line);84 $content_type = substr( $content_type, 14, strlen($content_type) - 14);85 $content_type = explode( ';', $content_type);88 if ( preg_match( '/Content-Type: /i', $line ) ) { 89 $content_type = trim( $line ); 90 $content_type = substr( $content_type, 14, strlen( $content_type ) - 14 ); 91 $content_type = explode( ';', $content_type ); 86 92 if ( ! empty( $content_type[1] ) ) { 87 $charset = explode( '=', $content_type[1]);88 $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1]) : '';93 $charset = explode( '=', $content_type[1] ); 94 $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1] ) : ''; 89 95 } 90 96 $content_type = $content_type[0]; 91 97 } 92 if ( preg_match( '/Content-Transfer-Encoding: /i', $line) ) {93 $content_transfer_encoding = trim( $line);94 $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen($content_transfer_encoding) - 27);95 $content_transfer_encoding = explode( ';', $content_transfer_encoding);98 if ( preg_match( '/Content-Transfer-Encoding: /i', $line ) ) { 99 $content_transfer_encoding = trim( $line ); 100 $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen( $content_transfer_encoding ) - 27 ); 101 $content_transfer_encoding = explode( ';', $content_transfer_encoding ); 96 102 $content_transfer_encoding = $content_transfer_encoding[0]; 97 103 } 98 if ( ( $content_type == 'multipart/alternative' ) && ( false !== strpos( $line, 'boundary="') ) && ( '' == $boundary ) ) {99 $boundary = trim( $line);100 $boundary = explode( '"', $boundary);104 if ( ( $content_type == 'multipart/alternative' ) && ( false !== strpos( $line, 'boundary="' ) ) && ( '' == $boundary ) ) { 105 $boundary = trim( $line ); 106 $boundary = explode( '"', $boundary ); 101 107 $boundary = $boundary[1]; 102 108 } 103 if ( preg_match('/Subject: /i', $line)) {104 $subject = trim( $line);105 $subject = substr( $subject, 9, strlen($subject) - 9);109 if ( preg_match( '/Subject: /i', $line ) ) { 110 $subject = trim( $line ); 111 $subject = substr( $subject, 9, strlen( $subject ) - 9 ); 106 112 // Captures any text in the subject before $phone_delim as the subject 107 if ( function_exists( 'iconv_mime_decode') ) {108 $subject = iconv_mime_decode( $subject, 2, get_option('blog_charset'));113 if ( function_exists( 'iconv_mime_decode' ) ) { 114 $subject = iconv_mime_decode( $subject, 2, get_option( 'blog_charset' ) ); 109 115 } else { 110 $subject = wp_iso_descrambler( $subject);116 $subject = wp_iso_descrambler( $subject ); 111 117 } 112 $subject = explode( $phone_delim, $subject);118 $subject = explode( $phone_delim, $subject ); 113 119 $subject = $subject[0]; 114 120 } 115 121 … … 118 124 * otherwise use the site admin. 119 125 */ 120 126 if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) { 121 if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches) )127 if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches ) ) { 122 128 $author = $matches[0]; 123 else124 $author = trim($line);125 $author = sanitize_email( $author);126 if ( is_email( $author) ) {129 } else { $author = trim( $line ); 130 } 131 $author = sanitize_email( $author ); 132 if ( is_email( $author ) ) { 127 133 /* translators: Post author email address */ 128 echo '<p>' . sprintf( __('Author is %s'), $author) . '</p>';129 $userdata = get_user_by( 'email', $author);134 echo '<p>' . sprintf( __( 'Author is %s' ), $author ) . '</p>'; 135 $userdata = get_user_by( 'email', $author ); 130 136 if ( ! empty( $userdata ) ) { 131 137 $post_author = $userdata->ID; 132 138 $author_found = true; … … 141 147 $post_date = gmdate( 'Y-m-d H:i:s', $ddate_U + $time_difference ); 142 148 $post_date_gmt = gmdate( 'Y-m-d H:i:s', $ddate_U ); 143 149 } 144 } 145 } 150 }// End if(). 151 }// End foreach(). 146 152 147 153 // Set $post_status based on $author_found and on author's publish_posts capability 148 154 if ( $author_found ) { 149 $user = new WP_User( $post_author);150 $post_status = ( $user->has_cap( 'publish_posts') ) ? 'publish' : 'pending';155 $user = new WP_User( $post_author ); 156 $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending'; 151 157 } else { 152 158 // Author not found in DB, set status to pending. Author already set to admin. 153 159 $post_status = 'pending'; 154 160 } 155 161 156 $subject = trim( $subject);162 $subject = trim( $subject ); 157 163 158 164 if ( $content_type == 'multipart/alternative' ) { 159 $content = explode( '--'.$boundary, $content);165 $content = explode( '--' . $boundary, $content ); 160 166 $content = $content[2]; 161 167 162 168 // Match case-insensitive content-transfer-encoding. 163 if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) {164 $content = explode( $delim[0], $content);169 if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) { 170 $content = explode( $delim[0], $content ); 165 171 $content = $content[1]; 166 172 } 167 $content = strip_tags( $content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>');173 $content = strip_tags( $content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>' ); 168 174 } 169 $content = trim( $content);175 $content = trim( $content ); 170 176 171 177 /** 172 178 * Filters the original content of the email. … … 180 186 */ 181 187 $content = apply_filters( 'wp_mail_original_content', $content ); 182 188 183 if ( false !== stripos( $content_transfer_encoding, "quoted-printable") ) {184 $content = quoted_printable_decode( $content);189 if ( false !== stripos( $content_transfer_encoding, 'quoted-printable' ) ) { 190 $content = quoted_printable_decode( $content ); 185 191 } 186 192 187 if ( function_exists( 'iconv') && ! empty( $charset ) ) {188 $content = iconv( $charset, get_option('blog_charset'), $content);193 if ( function_exists( 'iconv' ) && ! empty( $charset ) ) { 194 $content = iconv( $charset, get_option( 'blog_charset' ), $content ); 189 195 } 190 196 191 197 // Captures any text in the body after $phone_delim as the body 192 $content = explode( $phone_delim, $content);198 $content = explode( $phone_delim, $content ); 193 199 $content = empty( $content[1] ) ? $content[0] : $content[1]; 194 200 195 $content = trim( $content);201 $content = trim( $content ); 196 202 197 203 /** 198 204 * Filters the content of the post submitted by email before saving. … … 203 209 */ 204 210 $post_content = apply_filters( 'phone_content', $content ); 205 211 206 $post_title = xmlrpc_getposttitle( $content);212 $post_title = xmlrpc_getposttitle( $content ); 207 213 208 if ($post_title == '') $post_title = $subject; 214 if ( $post_title == '' ) { $post_title = $subject; 215 } 209 216 210 $post_category = array( get_option('default_email_category'));217 $post_category = array( get_option( 'default_email_category' ) ); 211 218 212 $post_data = compact( 'post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status');213 $post_data = wp_slash( $post_data);219 $post_data = compact( 'post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status' ); 220 $post_data = wp_slash( $post_data ); 214 221 215 $post_ID = wp_insert_post( $post_data);216 if ( is_wp_error( $post_ID ) ) 222 $post_ID = wp_insert_post( $post_data ); 223 if ( is_wp_error( $post_ID ) ) { 217 224 echo "\n" . $post_ID->get_error_message(); 225 } 218 226 219 227 // We couldn't post, for whatever reason. Better move forward to the next email. 220 if ( empty( $post_ID ) ) 228 if ( empty( $post_ID ) ) { 221 229 continue; 230 } 222 231 223 232 /** 224 233 * Fires after a post submitted by email is published. … … 232 241 echo "\n<p><strong>" . __( 'Author:' ) . '</strong> ' . esc_html( $post_author ) . '</p>'; 233 242 echo "\n<p><strong>" . __( 'Posted title:' ) . '</strong> ' . esc_html( $post_title ) . '</p>'; 234 243 235 if (!$pop3->delete($i)) {244 if ( ! $pop3->delete( $i ) ) { 236 245 echo '<p>' . sprintf( 237 246 /* translators: %s: POP3 error */ 238 247 __( 'Oops: %s' ), … … 247 256 '<strong>' . $i . '</strong>' 248 257 ) . '</p>'; 249 258 } 250 251 } 259 }// End for(). 252 260 253 261 $pop3->quit(); -
src/wp-settings.php
128 128 register_shutdown_function( 'shutdown_action_hook' ); 129 129 130 130 // Stop most of WordPress from being loaded if we just want the basics. 131 if ( SHORTINIT ) 131 if ( SHORTINIT ) { 132 132 return false; 133 } 133 134 134 135 // Load the L10n library. 135 136 require_once( ABSPATH . WPINC . '/l10n.php' ); … … 277 278 */ 278 279 do_action( 'muplugins_loaded' ); 279 280 280 if ( is_multisite() ) 281 ms_cookie_constants( ); 281 if ( is_multisite() ) { 282 ms_cookie_constants( ); 283 } 282 284 283 285 // Define constants after multisite is loaded. 284 286 wp_cookie_constants(); … … 312 314 wp_set_internal_encoding(); 313 315 314 316 // Run wp_cache_postload() if object cache is enabled and the function exists. 315 if ( WP_CACHE && function_exists( 'wp_cache_postload' ) ) 317 if ( WP_CACHE && function_exists( 'wp_cache_postload' ) ) { 316 318 wp_cache_postload(); 319 } 317 320 318 321 /** 319 322 * Fires once activated plugins have loaded. … … 388 391 do_action( 'setup_theme' ); 389 392 390 393 // Define the template related constants. 391 wp_templating_constants( 394 wp_templating_constants( ); 392 395 393 396 // Load the default text localization domain. 394 397 load_default_textdomain(); 395 398 396 399 $locale = get_locale(); 397 400 $locale_file = WP_LANG_DIR . "/$locale.php"; 398 if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) ) 401 if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) ) { 399 402 require( $locale_file ); 403 } 400 404 unset( $locale_file ); 401 405 402 406 /** … … 418 422 419 423 // Load the functions for the active theme, for both parent and child theme if applicable. 420 424 if ( ! wp_installing() || 'wp-activate.php' === $pagenow ) { 421 if ( TEMPLATEPATH !== STYLESHEETPATH && file_exists( STYLESHEETPATH . '/functions.php' ) ) 425 if ( TEMPLATEPATH !== STYLESHEETPATH && file_exists( STYLESHEETPATH . '/functions.php' ) ) { 422 426 include( STYLESHEETPATH . '/functions.php' ); 423 if ( file_exists( TEMPLATEPATH . '/functions.php' ) ) 427 } 428 if ( file_exists( TEMPLATEPATH . '/functions.php' ) ) { 424 429 include( TEMPLATEPATH . '/functions.php' ); 430 } 425 431 } 426 432 427 433 /** … … 453 459 require( $file ); 454 460 die(); 455 461 } 456 unset( $file);462 unset( $file ); 457 463 } 458 464 459 465 /** -
src/wp-signup.php
1 1 <?php 2 2 3 3 /** Sets up the WordPress Environment. */ 4 require( dirname( __FILE__) . '/wp-load.php' );4 require( dirname( __FILE__ ) . '/wp-load.php' ); 5 5 6 6 add_action( 'wp_head', 'wp_no_robots' ); 7 7 8 8 require( dirname( __FILE__ ) . '/wp-blog-header.php' ); 9 9 10 if ( is_array( get_site_option( 'illegal_names' ) ) && isset( $_GET[ 'new' ] ) && in_array( $_GET[ 'new'], get_site_option( 'illegal_names' ) ) ) {10 if ( is_array( get_site_option( 'illegal_names' ) ) && isset( $_GET['new'] ) && in_array( $_GET['new'], get_site_option( 'illegal_names' ) ) ) { 11 11 wp_redirect( network_home_url() ); 12 12 die(); 13 13 } … … 27 27 } 28 28 add_action( 'wp_head', 'do_signup_header' ); 29 29 30 if ( ! is_multisite() ) {30 if ( ! is_multisite() ) { 31 31 wp_redirect( wp_registration_url() ); 32 32 die(); 33 33 } 34 34 35 if ( ! is_main_site() ) {35 if ( ! is_main_site() ) { 36 36 wp_redirect( network_site_url( 'wp-signup.php' ) ); 37 37 die(); 38 38 } … … 102 102 103 103 $current_network = get_network(); 104 104 // Blog name 105 if ( ! is_subdomain_install() )106 echo '<label for="blogname">' . __( 'Site Name:') . '</label>';107 else108 echo '<label for="blogname">' . __('Site Domain:') . '</label>';105 if ( ! is_subdomain_install() ) { 106 echo '<label for="blogname">' . __( 'Site Name:' ) . '</label>'; 107 } else { echo '<label for="blogname">' . __( 'Site Domain:' ) . '</label>'; 108 } 109 109 110 if ( $errmsg = $errors->get_error_message( 'blogname') ) { ?>110 if ( $errmsg = $errors->get_error_message( 'blogname' ) ) { ?> 111 111 <p class="error"><?php echo $errmsg ?></p> 112 112 <?php } 113 113 114 if ( ! is_subdomain_install() )115 echo '<span class="prefix_address">' . $current_network->domain . $current_network->path . '</span><input name="blogname" type="text" id="blogname" value="' . esc_attr($blogname) .'" maxlength="60" /><br />';116 else117 echo '<input name="blogname" type="text" id="blogname" value="'.esc_attr($blogname).'" maxlength="60" /><span class="suffix_address">.' . ( $site_domain = preg_replace( '|^www\.|', '', $current_network->domain ) ) . '</span><br />';114 if ( ! is_subdomain_install() ) { 115 echo '<span class="prefix_address">' . $current_network->domain . $current_network->path . '</span><input name="blogname" type="text" id="blogname" value="' . esc_attr( $blogname ) . '" maxlength="60" /><br />'; 116 } else { echo '<input name="blogname" type="text" id="blogname" value="' . esc_attr( $blogname ) . '" maxlength="60" /><span class="suffix_address">.' . ( $site_domain = preg_replace( '|^www\.|', '', $current_network->domain ) ) . '</span><br />'; 117 } 118 118 119 119 if ( ! is_user_logged_in() ) { 120 120 if ( ! is_subdomain_install() ) { … … 129 129 130 130 // Blog Title 131 131 ?> 132 <label for="blog_title"><?php _e( 'Site Title:') ?></label>133 <?php if ( $errmsg = $errors->get_error_message( 'blog_title') ) { ?>132 <label for="blog_title"><?php _e( 'Site Title:' ) ?></label> 133 <?php if ( $errmsg = $errors->get_error_message( 'blog_title' ) ) { ?> 134 134 <p class="error"><?php echo $errmsg ?></p> 135 135 <?php } 136 echo '<input name="blog_title" type="text" id="blog_title" value="' .esc_attr($blog_title).'" />';136 echo '<input name="blog_title" type="text" id="blog_title" value="' . esc_attr( $blog_title ) . '" />'; 137 137 ?> 138 138 139 139 <?php … … 169 169 <?php endif; // Languages. ?> 170 170 171 171 <div id="privacy"> 172 173 <label for="blog_public_on"><?php _e('Privacy:') ?></label>174 175 176 177 <input type="radio" id="blog_public_on" name="blog_public" value="1" <?php if ( !isset( $_POST['blog_public'] ) || $_POST['blog_public'] == '1' ) { ?>checked="checked"<?php } ?> />178 179 180 181 182 183 184 172 <p class="privacy-intro"> 173 <label for="blog_public_on"><?php _e( 'Privacy:' ) ?></label> 174 <?php _e( 'Allow search engines to index this site.' ); ?> 175 <br style="clear:both" /> 176 <label class="checkbox" for="blog_public_on"> 177 <input type="radio" id="blog_public_on" name="blog_public" value="1" <?php if ( ! isset( $_POST['blog_public'] ) || $_POST['blog_public'] == '1' ) { ?>checked="checked"<?php } ?> /> 178 <strong><?php _e( 'Yes' ); ?></strong> 179 </label> 180 <label class="checkbox" for="blog_public_off"> 181 <input type="radio" id="blog_public_off" name="blog_public" value="0" <?php if ( isset( $_POST['blog_public'] ) && $_POST['blog_public'] == '0' ) { ?>checked="checked"<?php } ?> /> 182 <strong><?php _e( 'No' ); ?></strong> 183 </label> 184 </p> 185 185 </div> 186 186 187 187 <?php … … 204 204 */ 205 205 function validate_blog_form() { 206 206 $user = ''; 207 if ( is_user_logged_in() ) 207 if ( is_user_logged_in() ) { 208 208 $user = wp_get_current_user(); 209 } 209 210 210 return wpmu_validate_blog_signup( $_POST['blogname'], $_POST['blog_title'], $user);211 return wpmu_validate_blog_signup( $_POST['blogname'], $_POST['blog_title'], $user ); 211 212 } 212 213 213 214 /** … … 219 220 * @param string $user_email The entered email address. 220 221 * @param WP_Error|string $errors A WP_Error object containing existing errors. Defaults to empty string. 221 222 */ 222 function show_user_form( $user_name = '', $user_email = '', $errors = '') {223 function show_user_form( $user_name = '', $user_email = '', $errors = '' ) { 223 224 if ( ! is_wp_error( $errors ) ) { 224 225 $errors = new WP_Error(); 225 226 } 226 227 227 228 // User name 228 echo '<label for="user_name">' . __( 'Username:') . '</label>';229 if ( $errmsg = $errors->get_error_message( 'user_name') ) {230 echo '<p class="error">' .$errmsg.'</p>';229 echo '<label for="user_name">' . __( 'Username:' ) . '</label>'; 230 if ( $errmsg = $errors->get_error_message( 'user_name' ) ) { 231 echo '<p class="error">' . $errmsg . '</p>'; 231 232 } 232 echo '<input name="user_name" type="text" id="user_name" value="' . esc_attr( $user_name ) .'" autocapitalize="none" autocorrect="off" maxlength="60" /><br />';233 echo '<input name="user_name" type="text" id="user_name" value="' . esc_attr( $user_name ) . '" autocapitalize="none" autocorrect="off" maxlength="60" /><br />'; 233 234 _e( '(Must be at least 4 characters, letters and numbers only.)' ); 234 235 ?> 235 236 236 237 <label for="user_email"><?php _e( 'Email Address:' ) ?></label> 237 <?php if ( $errmsg = $errors->get_error_message( 'user_email') ) { ?>238 <?php if ( $errmsg = $errors->get_error_message( 'user_email' ) ) { ?> 238 239 <p class="error"><?php echo $errmsg ?></p> 239 240 <?php } ?> 240 <input name="user_email" type="email" id="user_email" value="<?php echo esc_attr( $user_email) ?>" maxlength="200" /><br /><?php _e('We send your registration email to this address. (Double-check your email address before continuing.)') ?>241 <input name="user_email" type="email" id="user_email" value="<?php echo esc_attr( $user_email ) ?>" maxlength="200" /><br /><?php _e( 'We send your registration email to this address. (Double-check your email address before continuing.)' ) ?> 241 242 <?php 242 if ( $errmsg = $errors->get_error_message( 'generic') ) {243 if ( $errmsg = $errors->get_error_message( 'generic' ) ) { 243 244 echo '<p class="error">' . $errmsg . '</p>'; 244 245 } 245 246 /** … … 260 261 * @return array Contains username, email, and error messages. 261 262 */ 262 263 function validate_user_form() { 263 return wpmu_validate_user_signup( $_POST['user_name'], $_POST['user_email']);264 return wpmu_validate_user_signup( $_POST['user_name'], $_POST['user_email'] ); 264 265 } 265 266 266 267 /** … … 275 276 function signup_another_blog( $blogname = '', $blog_title = '', $errors = '' ) { 276 277 $current_user = wp_get_current_user(); 277 278 278 if ( ! is_wp_error( $errors) ) {279 if ( ! is_wp_error( $errors ) ) { 279 280 $errors = new WP_Error(); 280 281 } 281 282 282 283 $signup_defaults = array( 283 284 'blogname' => $blogname, 284 285 'blog_title' => $blog_title, 285 'errors' => $errors 286 'errors' => $errors, 286 287 ); 287 288 288 289 /** … … 313 314 <p><?php printf( __( 'Welcome back, %s. By filling out the form below, you can <strong>add another site to your account</strong>. There is no limit to the number of sites you can have, so create to your heart’s content, but write responsibly!' ), $current_user->display_name ) ?></p> 314 315 315 316 <?php 316 $blogs = get_blogs_of_user( $current_user->ID);317 if ( ! empty($blogs) ) { ?>317 $blogs = get_blogs_of_user( $current_user->ID ); 318 if ( ! empty( $blogs ) ) { ?> 318 319 319 320 <p><?php _e( 'Sites you are already a member of:' ) ?></p> 320 321 <ul> 321 322 <?php foreach ( $blogs as $blog ) { 322 323 $home_url = get_home_url( $blog->userblog_id ); 323 324 echo '<li><a href="' . esc_url( $home_url ) . '">' . $home_url . '</a></li>'; 324 325 } ?> 325 326 </ul> 326 327 <?php } ?> 327 328 … … 339 340 */ 340 341 do_action( 'signup_hidden_fields', 'create-another-site' ); 341 342 ?> 342 <?php show_blog_form( $blogname, $blog_title, $errors); ?>343 <?php show_blog_form( $blogname, $blog_title, $errors ); ?> 343 344 <p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Create Site' ) ?>" /></p> 344 345 </form> 345 346 <?php … … 370 371 $errors = $result['errors']; 371 372 372 373 if ( $errors->get_error_code() ) { 373 signup_another_blog( $blogname, $blog_title, $errors);374 signup_another_blog( $blogname, $blog_title, $errors ); 374 375 return false; 375 376 } 376 377 … … 378 379 379 380 $blog_meta_defaults = array( 380 381 'lang_id' => 1, 381 'public' => $public 382 'public' => $public, 382 383 ); 383 384 384 385 // Handle the language setting for the new site. … … 393 394 $blog_meta_defaults['WPLANG'] = $language; 394 395 } 395 396 } 396 397 397 } 398 398 399 399 /** … … 499 499 function signup_user( $user_name = '', $user_email = '', $errors = '' ) { 500 500 global $active_signup; 501 501 502 if ( ! is_wp_error($errors) )502 if ( ! is_wp_error( $errors ) ) { 503 503 $errors = new WP_Error(); 504 } 504 505 505 $signup_for = isset( $_POST[ 'signup_for' ] ) ? esc_html( $_POST[ 'signup_for'] ) : 'blog';506 $signup_for = isset( $_POST['signup_for'] ) ? esc_html( $_POST['signup_for'] ) : 'blog'; 506 507 507 508 $signup_user_defaults = array( 508 509 'user_name' => $user_name, … … 540 541 /** This action is documented in wp-signup.php */ 541 542 do_action( 'signup_hidden_fields', 'validate-user' ); 542 543 ?> 543 <?php show_user_form( $user_name, $user_email, $errors); ?>544 <?php show_user_form( $user_name, $user_email, $errors ); ?> 544 545 545 546 <p> 546 547 <?php if ( $active_signup == 'blog' ) { ?> … … 549 550 <input id="signupblog" type="hidden" name="signup_for" value="user" /> 550 551 <?php } else { ?> 551 552 <input id="signupblog" type="radio" name="signup_for" value="blog" <?php checked( $signup_for, 'blog' ); ?> /> 552 <label class="checkbox" for="signupblog"><?php _e( 'Gimme a site!') ?></label>553 <label class="checkbox" for="signupblog"><?php _e( 'Gimme a site!' ) ?></label> 553 554 <br /> 554 555 <input id="signupuser" type="radio" name="signup_for" value="user" <?php checked( $signup_for, 'user' ); ?> /> 555 <label class="checkbox" for="signupuser"><?php _e( 'Just a username, please.') ?></label>556 <label class="checkbox" for="signupuser"><?php _e( 'Just a username, please.' ) ?></label> 556 557 <?php } ?> 557 558 </p> 558 559 559 <p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Next') ?>" /></p>560 <p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Next' ) ?>" /></p> 560 561 </form> 561 562 <?php 562 563 } … … 575 576 $errors = $result['errors']; 576 577 577 578 if ( $errors->get_error_code() ) { 578 signup_user( $user_name, $user_email, $errors);579 signup_user( $user_name, $user_email, $errors ); 579 580 return false; 580 581 } 581 582 582 583 if ( 'blog' == $_POST['signup_for'] ) { 583 signup_blog( $user_name, $user_email);584 signup_blog( $user_name, $user_email ); 584 585 return false; 585 586 } 586 587 587 588 /** This filter is documented in wp-signup.php */ 588 589 wpmu_signup_user( $user_name, $user_email, apply_filters( 'add_signup_meta', array() ) ); 589 590 590 confirm_user_signup( $user_name, $user_email);591 confirm_user_signup( $user_name, $user_email ); 591 592 return true; 592 593 } 593 594 … … 599 600 * @param string $user_name The username 600 601 * @param string $user_email The user's email address 601 602 */ 602 function confirm_user_signup( $user_name, $user_email) {603 function confirm_user_signup( $user_name, $user_email ) { 603 604 ?> 604 605 <h2><?php /* translators: %s: username */ 605 printf( __( '%s is your new username' ), $user_name ) ?></h2>606 printf( __( '%s is your new username' ), $user_name ) ?></h2> 606 607 <p><?php _e( 'But, before you can start using your new username, <strong>you must activate it</strong>.' ) ?></p> 607 608 <p><?php /* translators: %s: email address */ 608 609 printf( __( 'Check your inbox at %s and click the link given.' ), '<strong>' . $user_email . '</strong>' ); ?></p> … … 623 624 * @param string $blog_title The site title. 624 625 * @param WP_Error|string $errors A WP_Error object containing existing errors. Defaults to empty string. 625 626 */ 626 function signup_blog( $user_name = '', $user_email = '', $blogname = '', $blog_title = '', $errors = '') {627 if ( ! is_wp_error($errors) )627 function signup_blog( $user_name = '', $user_email = '', $blogname = '', $blog_title = '', $errors = '' ) { 628 if ( ! is_wp_error( $errors ) ) { 628 629 $errors = new WP_Error(); 630 } 629 631 630 632 $signup_blog_defaults = array( 631 633 'user_name' => $user_name, 632 634 'user_email' => $user_email, 633 635 'blogname' => $blogname, 634 636 'blog_title' => $blog_title, 635 'errors' => $errors 637 'errors' => $errors, 636 638 ); 637 639 638 640 /** … … 658 660 $blog_title = $filtered_results['blog_title']; 659 661 $errors = $filtered_results['errors']; 660 662 661 if ( empty( $blogname) )663 if ( empty( $blogname ) ) { 662 664 $blogname = $user_name; 665 } 663 666 ?> 664 667 <form id="setupform" method="post" action="wp-signup.php"> 665 668 <input type="hidden" name="stage" value="validate-blog-signup" /> 666 <input type="hidden" name="user_name" value="<?php echo esc_attr( $user_name) ?>" />667 <input type="hidden" name="user_email" value="<?php echo esc_attr( $user_email) ?>" />669 <input type="hidden" name="user_name" value="<?php echo esc_attr( $user_name ) ?>" /> 670 <input type="hidden" name="user_email" value="<?php echo esc_attr( $user_email ) ?>" /> 668 671 <?php 669 672 /** This action is documented in wp-signup.php */ 670 673 do_action( 'signup_hidden_fields', 'validate-site' ); 671 674 ?> 672 <?php show_blog_form( $blogname, $blog_title, $errors); ?>673 <p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Signup') ?>" /></p>675 <?php show_blog_form( $blogname, $blog_title, $errors ); ?> 676 <p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Signup' ) ?>" /></p> 674 677 </form> 675 678 <?php 676 679 } … … 702 705 $errors = $result['errors']; 703 706 704 707 if ( $errors->get_error_code() ) { 705 signup_blog( $user_name, $user_email, $blogname, $blog_title, $errors);708 signup_blog( $user_name, $user_email, $blogname, $blog_title, $errors ); 706 709 return false; 707 710 } 708 711 709 712 $public = (int) $_POST['blog_public']; 710 $signup_meta = array ('lang_id' => 1, 'public' => $public); 713 $signup_meta = array( 714 'lang_id' => 1, 715 'public' => $public, 716 ); 711 717 712 718 // Handle the language setting for the new site. 713 719 if ( ! empty( $_POST['WPLANG'] ) ) { … … 721 727 $signup_meta['WPLANG'] = $language; 722 728 } 723 729 } 724 725 730 } 726 731 727 732 /** This filter is documented in wp-signup.php */ 728 733 $meta = apply_filters( 'add_signup_meta', $signup_meta ); 729 734 730 wpmu_signup_blog( $domain, $path, $blog_title, $user_name, $user_email, $meta);731 confirm_blog_signup( $domain, $path, $blog_title, $user_name, $user_email, $meta);735 wpmu_signup_blog( $domain, $path, $blog_title, $user_name, $user_email, $meta ); 736 confirm_blog_signup( $domain, $path, $blog_title, $user_name, $user_email, $meta ); 732 737 return true; 733 738 } 734 739 … … 843 848 echo '</div>'; 844 849 } 845 850 846 $newblogname = isset( $_GET['new']) ? strtolower(preg_replace('/^-|-$|[^-a-zA-Z0-9]/', '', $_GET['new'])) : null;851 $newblogname = isset( $_GET['new'] ) ? strtolower( preg_replace( '/^-|-$|[^-a-zA-Z0-9]/', '', $_GET['new'] ) ) : null; 847 852 848 853 $current_user = wp_get_current_user(); 849 854 if ( $active_signup == 'none' ) { 850 855 _e( 'Registration has been disabled.' ); 851 } elseif ( $active_signup == 'blog' && ! is_user_logged_in() ) {856 } elseif ( $active_signup == 'blog' && ! is_user_logged_in() ) { 852 857 $login_url = wp_login_url( network_site_url( 'wp-signup.php' ) ); 853 858 /* translators: %s: login URL */ 854 859 printf( __( 'You must first <a href="%s">log in</a>, and then you can create a new site.' ), $login_url ); … … 856 861 $stage = isset( $_POST['stage'] ) ? $_POST['stage'] : 'default'; 857 862 switch ( $stage ) { 858 863 case 'validate-user-signup' : 859 if ( $active_signup == 'all' || $_POST[ 'signup_for' ] == 'blog' && $active_signup == 'blog' || $_POST[ 'signup_for' ] == 'user' && $active_signup == 'user' )864 if ( $active_signup == 'all' || $_POST['signup_for'] == 'blog' && $active_signup == 'blog' || $_POST['signup_for'] == 'user' && $active_signup == 'user' ) { 860 865 validate_user_signup(); 861 else862 _e( 'User registration has been disabled.' );866 } else { _e( 'User registration has been disabled.' ); 867 } 863 868 break; 864 869 case 'validate-blog-signup': 865 if ( $active_signup == 'all' || $active_signup == 'blog' ) 870 if ( $active_signup == 'all' || $active_signup == 'blog' ) { 866 871 validate_blog_signup(); 867 else868 _e( 'Site registration has been disabled.' );872 } else { _e( 'Site registration has been disabled.' ); 873 } 869 874 break; 870 875 case 'gimmeanotherblog': 871 876 validate_another_blog_signup(); 872 877 break; 873 878 case 'default': 874 879 default : 875 $user_email = isset( $_POST[ 'user_email' ] ) ? $_POST[ 'user_email'] : '';880 $user_email = isset( $_POST['user_email'] ) ? $_POST['user_email'] : ''; 876 881 /** 877 882 * Fires when the site sign-up form is sent. 878 883 * 879 884 * @since 3.0.0 880 885 */ 881 886 do_action( 'preprocess_signup_form' ); 882 if ( is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'blog' ) ) 883 signup_another_blog( $newblogname);884 elseif ( ! is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'user' ) )887 if ( is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'blog' ) ) { 888 signup_another_blog( $newblogname ); 889 } elseif ( ! is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'user' ) ) { 885 890 signup_user( $newblogname, $user_email ); 886 elseif ( ! is_user_logged_in() && ( $active_signup == 'blog' ) )891 } elseif ( ! is_user_logged_in() && ( $active_signup == 'blog' ) ) { 887 892 _e( 'Sorry, new registrations are not allowed at this time.' ); 888 else889 _e( 'You are logged in already. No need to register again!' );893 } else { _e( 'You are logged in already. No need to register again!' ); 894 } 890 895 891 896 if ( $newblogname ) { 892 897 $newblog = get_blogaddress_by_name( $newblogname ); 893 898 894 if ( $active_signup == 'blog' || $active_signup == 'all' ) 899 if ( $active_signup == 'blog' || $active_signup == 'all' ) { 895 900 /* translators: %s: site address */ 896 901 printf( '<p><em>' . __( 'The site you were looking for, %s, does not exist, but you can create it now!' ) . '</em></p>', 897 902 '<strong>' . $newblog . '</strong>' 898 903 ); 899 else900 /* translators: %s: site address */ 904 } else { // End if(). 905 901 906 printf( '<p><em>' . __( 'The site you were looking for, %s, does not exist.' ) . '</em></p>', 902 907 '<strong>' . $newblog . '</strong>' 903 908 ); 909 } 904 910 } 905 911 break; 906 } 907 } 912 }// End switch(). 913 }// End if(). 908 914 ?> 909 915 </div> 910 916 </div> -
src/wp-trackback.php
8 8 * @subpackage Trackbacks 9 9 */ 10 10 11 if ( empty($wp)) {11 if ( empty( $wp ) ) { 12 12 require_once( dirname( __FILE__ ) . '/wp-load.php' ); 13 wp( array( 'tb' => '1' ) ); 13 wp( array( 14 'tb' => '1', 15 ) ); 14 16 } 15 17 16 18 /** … … 24 26 * Default '0'. Accepts '0' or '1', true or false. 25 27 * @param string $error_message Error message if an error occurred. 26 28 */ 27 function trackback_response( $error = 0, $error_message = '') {28 header( 'Content-Type: text/xml; charset=' . get_option('blog_charset') );29 if ( $error) {30 echo '<?xml version="1.0" encoding="utf-8"?' .">\n";29 function trackback_response( $error = 0, $error_message = '' ) { 30 header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) ); 31 if ( $error ) { 32 echo '<?xml version="1.0" encoding="utf-8"?' . ">\n"; 31 33 echo "<response>\n"; 32 34 echo "<error>1</error>\n"; 33 35 echo "<message>$error_message</message>\n"; 34 echo "</response>";36 echo '</response>'; 35 37 die(); 36 38 } else { 37 echo '<?xml version="1.0" encoding="utf-8"?' .">\n";39 echo '<?xml version="1.0" encoding="utf-8"?' . ">\n"; 38 40 echo "<response>\n"; 39 41 echo "<error>0</error>\n"; 40 echo "</response>";42 echo '</response>'; 41 43 } 42 44 } 43 45 44 46 // Trackback is done by a POST. 45 47 $request_array = 'HTTP_POST_VARS'; 46 48 47 if ( ! isset($_GET['tb_id']) || !$_GET['tb_id'] ) {48 $tb_id = explode( '/', $_SERVER['REQUEST_URI']);49 $tb_id = intval( $tb_id[ count( $tb_id) - 1 ] );49 if ( ! isset( $_GET['tb_id'] ) || ! $_GET['tb_id'] ) { 50 $tb_id = explode( '/', $_SERVER['REQUEST_URI'] ); 51 $tb_id = intval( $tb_id[ count( $tb_id ) - 1 ] ); 50 52 } 51 53 52 $tb_url = isset( $_POST['url']) ? $_POST['url'] : '';53 $charset = isset( $_POST['charset']) ? $_POST['charset'] : '';54 $tb_url = isset( $_POST['url'] ) ? $_POST['url'] : ''; 55 $charset = isset( $_POST['charset'] ) ? $_POST['charset'] : ''; 54 56 55 57 // These three are stripslashed here so they can be properly escaped after mb_convert_encoding(). 56 $title = isset( $_POST['title']) ? wp_unslash($_POST['title']) : '';57 $excerpt = isset( $_POST['excerpt']) ? wp_unslash($_POST['excerpt']) : '';58 $blog_name = isset( $_POST['blog_name']) ? wp_unslash($_POST['blog_name']) : '';59 60 if ( $charset)61 $charset = str_replace( array( ',', ' '), '', strtoupper( trim($charset) ) );62 else 63 $charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS'; 58 $title = isset( $_POST['title'] ) ? wp_unslash( $_POST['title'] ) : ''; 59 $excerpt = isset( $_POST['excerpt'] ) ? wp_unslash( $_POST['excerpt'] ) : ''; 60 $blog_name = isset( $_POST['blog_name'] ) ? wp_unslash( $_POST['blog_name'] ) : ''; 61 62 if ( $charset ) { 63 $charset = str_replace( array( ',', ' ' ), '', strtoupper( trim( $charset ) ) ); 64 } else { $charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS'; 65 } 64 66 65 67 // No valid uses for UTF-7. 66 if ( false !== strpos( $charset, 'UTF-7') )68 if ( false !== strpos( $charset, 'UTF-7' ) ) { 67 69 die; 70 } 68 71 69 72 // For international trackbacks. 70 if ( function_exists( 'mb_convert_encoding') ) {71 $title = mb_convert_encoding( $title, get_option('blog_charset'), $charset);72 $excerpt = mb_convert_encoding( $excerpt, get_option('blog_charset'), $charset);73 $blog_name = mb_convert_encoding( $blog_name, get_option('blog_charset'), $charset);73 if ( function_exists( 'mb_convert_encoding' ) ) { 74 $title = mb_convert_encoding( $title, get_option( 'blog_charset' ), $charset ); 75 $excerpt = mb_convert_encoding( $excerpt, get_option( 'blog_charset' ), $charset ); 76 $blog_name = mb_convert_encoding( $blog_name, get_option( 'blog_charset' ), $charset ); 74 77 } 75 78 76 79 // Now that mb_convert_encoding() has been given a swing, we need to escape these three. 77 $title = wp_slash( $title);78 $excerpt = wp_slash( $excerpt);79 $blog_name = wp_slash( $blog_name);80 $title = wp_slash( $title ); 81 $excerpt = wp_slash( $excerpt ); 82 $blog_name = wp_slash( $blog_name ); 80 83 81 if ( is_single() || is_page() ) 84 if ( is_single() || is_page() ) { 82 85 $tb_id = $posts[0]->ID; 86 } 83 87 84 if ( ! isset($tb_id) || !intval( $tb_id ) )88 if ( ! isset( $tb_id ) || ! intval( $tb_id ) ) { 85 89 trackback_response( 1, __( 'I really need an ID for this to work.' ) ); 90 } 86 91 87 if ( empty($title) && empty($tb_url) && empty($blog_name)) {92 if ( empty( $title ) && empty( $tb_url ) && empty( $blog_name ) ) { 88 93 // If it doesn't look like a trackback at all. 89 wp_redirect( get_permalink($tb_id));94 wp_redirect( get_permalink( $tb_id ) ); 90 95 exit; 91 96 } 92 97 93 if ( ! empty($tb_url) && !empty($title) ) {98 if ( ! empty( $tb_url ) && ! empty( $title ) ) { 94 99 /** 95 100 * Fires before the trackback is added to a post. 96 101 * … … 105 110 */ 106 111 do_action( 'pre_trackback_post', $tb_id, $tb_url, $charset, $title, $excerpt, $blog_name ); 107 112 108 header( 'Content-Type: text/xml; charset=' . get_option('blog_charset') );113 header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) ); 109 114 110 if ( ! pings_open($tb_id) )115 if ( ! pings_open( $tb_id ) ) { 111 116 trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) ); 117 } 112 118 113 $title = 119 $title = wp_html_excerpt( $title, 250, '…' ); 114 120 $excerpt = wp_html_excerpt( $excerpt, 252, '…' ); 115 121 116 122 $comment_post_ID = (int) $tb_id; … … 120 126 $comment_content = "<strong>$title</strong>\n\n$excerpt"; 121 127 $comment_type = 'trackback'; 122 128 123 $dupe = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url) );124 if ( $dupe ) 129 $dupe = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url ) ); 130 if ( $dupe ) { 125 131 trackback_response( 1, __( 'We already have a ping from that URL for this post.' ) ); 132 } 126 133 127 $commentdata = compact( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');134 $commentdata = compact( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type' ); 128 135 129 wp_new_comment( $commentdata);136 wp_new_comment( $commentdata ); 130 137 $trackback_id = $wpdb->insert_id; 131 138 132 139 /** … … 138 145 */ 139 146 do_action( 'trackback_post', $trackback_id ); 140 147 trackback_response( 0 ); 141 } 148 }// End if(). -
src/xmlrpc.php
10 10 * 11 11 * @var bool 12 12 */ 13 define( 'XMLRPC_REQUEST', true);13 define( 'XMLRPC_REQUEST', true ); 14 14 15 15 // Some browser-embedded clients send cookies. We don't want them. 16 16 $_COOKIE = array(); 17 17 18 18 // A bug in PHP < 5.2.2 makes $HTTP_RAW_POST_DATA not set by default, 19 19 // but we can do it ourself. 20 if ( ! isset( $HTTP_RAW_POST_DATA ) ) {20 if ( ! isset( $HTTP_RAW_POST_DATA ) ) { 21 21 $HTTP_RAW_POST_DATA = file_get_contents( 'php://input' ); 22 22 } 23 23 24 24 // fix for mozBlog and other cases where '<?xml' isn't on the very first line 25 if ( isset($HTTP_RAW_POST_DATA) ) 26 $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); 25 if ( isset( $HTTP_RAW_POST_DATA ) ) { 26 $HTTP_RAW_POST_DATA = trim( $HTTP_RAW_POST_DATA ); 27 } 27 28 28 29 /** Include the bootstrap for setting up WordPress environment */ 29 30 include( dirname( __FILE__ ) . '/wp-load.php' ); 30 31 31 32 if ( isset( $_GET['rsd'] ) ) { // http://cyber.law.harvard.edu/blogs/gems/tech/rsd.html 32 header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true);33 header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ), true ); 33 34 ?> 34 <?php echo '<?xml version="1.0" encoding="' .get_option('blog_charset').'"?'.'>'; ?>35 <?php echo '<?xml version="1.0" encoding="' . get_option( 'blog_charset' ) . '"?' . '>'; ?> 35 36 <rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd"> 36 37 <service> 37 38 39 <homePageLink><?php bloginfo_rss('url') ?></homePageLink>40 41 <api name="WordPress" blogID="1" preferred="true" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />42 <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />43 <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />44 <api name="Blogger" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />45 46 47 48 49 38 <engineName>WordPress</engineName> 39 <engineLink>https://wordpress.org/</engineLink> 40 <homePageLink><?php bloginfo_rss( 'url' ) ?></homePageLink> 41 <apis> 42 <api name="WordPress" blogID="1" preferred="true" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ) ?>" /> 43 <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ) ?>" /> 44 <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ) ?>" /> 45 <api name="Blogger" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ) ?>" /> 46 <?php 47 /** 48 * Add additional APIs to the Really Simple Discovery (RSD) endpoint. 49 * 50 * @link http://cyber.law.harvard.edu/blogs/gems/tech/rsd.html 50 51 * 51 52 53 54 55 52 * @since 3.5.0 53 */ 54 do_action( 'xmlrpc_rsd_apis' ); 55 ?> 56 </apis> 56 57 </service> 57 58 </rsd> 58 59 <?php 59 60 exit; 60 61 } 61 62 62 include_once( ABSPATH . 'wp-admin/includes/admin.php');63 include_once( ABSPATH . WPINC . '/class-IXR.php');64 include_once( ABSPATH . WPINC . '/class-wp-xmlrpc-server.php');63 include_once( ABSPATH . 'wp-admin/includes/admin.php' ); 64 include_once( ABSPATH . WPINC . '/class-IXR.php' ); 65 include_once( ABSPATH . WPINC . '/class-wp-xmlrpc-server.php' ); 65 66 66 67 /** 67 68 * Posts submitted via the XML-RPC interface get that title 68 69 * @name post_default_title 69 70 * @var string 70 71 */ 71 $post_default_title = "";72 $post_default_title = ''; 72 73 73 74 /** 74 75 * Filters the class used for handling XML-RPC requests. … … 96 97 */ 97 98 function logIO( $io, $msg ) { 98 99 _deprecated_function( __FUNCTION__, '3.4.0', 'error_log()' ); 99 if ( ! empty( $GLOBALS['xmlrpc_logging'] ) ) 100 if ( ! empty( $GLOBALS['xmlrpc_logging'] ) ) { 100 101 error_log( $io . ' - ' . $msg ); 101 }102 No newline at end of file 102 } 103 }