Ticket #4546: post_filter.diff
File post_filter.diff, 7.2 KB (added by , 17 years ago) |
---|
-
wp-includes/taxonomy.php
439 439 $value = apply_filters("${taxonomy}_$field", $value, $term_id, $context); 440 440 } 441 441 442 // TODO: attribute is usually done in an edit context, so display filters probably443 // not appropriate.444 442 if ( 'attribute' == $context ) 445 443 $value = attribute_escape($value); 446 444 else if ( 'js' == $context ) -
wp-includes/post.php
92 92 93 93 // Retrieves post data given a post ID or post object. 94 94 // Handles post caching. 95 function &get_post(&$post, $output = OBJECT ) {95 function &get_post(&$post, $output = OBJECT, $filter = 'raw') { 96 96 global $post_cache, $wpdb, $blog_id; 97 97 98 98 if ( empty($post) ) { … … 124 124 if ( defined('WP_IMPORTING') ) 125 125 unset($post_cache[$blog_id]); 126 126 127 $_post = sanitize_post($_post, $filter); 128 127 129 if ( $output == OBJECT ) { 128 130 return $_post; 129 131 } elseif ( $output == ARRAY_A ) { … … 135 137 } 136 138 } 137 139 140 function get_post_field( $field, $post, $context = 'display' ) { 141 $post = (int) $post; 142 $post = get_term( $post ); 143 144 if ( is_wp_error($post) ) 145 return $post; 146 147 if ( !is_object($post) ) 148 return ''; 149 150 if ( !isset($post->$field) ) 151 return ''; 152 153 return sanitize_post_field($field, $post->$field, $post->ID, $context); 154 } 155 138 156 // Takes a post ID, returns its mime type. 139 157 function get_post_mime_type($ID = '') { 140 158 $post = & get_post($ID); … … 398 416 return $custom[$key]; 399 417 } 400 418 419 function sanitize_post($post, $context = 'display') { 420 // TODO: Use array keys instead of hard coded list 421 $fields = array('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_date', 'post_date_gmt', 'post_parent', 'menu_order', 'post_mime_type'); 422 423 if ( 'raw' == $context ) 424 return $post; 425 426 $do_object = false; 427 if ( is_object($post) ) 428 $do_object = true; 429 430 foreach ( $fields as $field ) { 431 if ( $do_object ) 432 $post->$field = sanitize_post_field($field, $post->$field, $post->ID, $context); 433 else 434 $post[$field] = sanitize_post_field($field, $post[$field], $post['ID'], $context); 435 } 436 437 return $post; 438 } 439 440 function sanitize_post_field($field, $value, $post_id, $context) { 441 $int_fields = array('ID', 'post_parent', 'menu_order'); 442 if ( in_array($field, $int_fields) ) 443 $value = (int) $value; 444 445 $prefixed = false; 446 if ( false !== strpos($field, 'post_') ) { 447 $prefixed = true; 448 $field_no_prefix = str_replace('post_', '', $field); 449 } 450 451 if ( 'edit' == $context ) { 452 $format_to_edit = array('post_content', 'post_excerpt', 'post_title', 'post_password'); 453 454 if ( $prefixed ) { 455 $value = apply_filters("edit_$field", $value, $post_id); 456 // Old school 457 $value = apply_filters("${field_no_prefix}_edit_pre", $value, $post_id); 458 } else { 459 $value = apply_filters("edit_post_$field", $value, $post_id); 460 } 461 462 if ( in_array($field, $format_to_edit) ) { 463 if ( 'post_content' == $field ) 464 $value = format_to_edit($value, user_can_richedit()); 465 else 466 $value = format_to_edit($value); 467 } else { 468 $value = attribute_escape($value); 469 } 470 } else if ( 'db' == $context ) { 471 if ( $prefixed ) { 472 $value = apply_filters("pre_$field", $value); 473 $value = apply_filters("${field_no_prefix}_save_pre", $value); 474 } else { 475 $value = apply_filters("pre_post_$field", $value); 476 $value = apply_filters("${field}_pre", $value); 477 } 478 } else { 479 // Use display filters by default. 480 $value = apply_filters("post_$field", $value, $post_id, $context); 481 } 482 483 if ( 'attribute' == $context ) 484 $value = attribute_escape($value); 485 else if ( 'js' == $context ) 486 $value = js_escape($value); 487 488 return $value; 489 } 490 401 491 function wp_delete_post($postid = 0) { 402 492 global $wpdb, $wp_rewrite; 403 493 $postid = (int) $postid; … … 491 581 function wp_insert_post($postarr = array()) { 492 582 global $wpdb, $wp_rewrite, $allowedtags, $user_ID; 493 583 494 if ( is_object($postarr) ) 495 $postarr = get_object_vars($postarr); 584 $defaults = array('post_status' => 'draft', 'post_type' => 'post', 'post_author' => $user_ID, 585 'ping_status' => get_option('default_ping_status'), 'post_pingback' => get_option('default_pingback_flag'), 586 'post_parent' => 0, 'menu_order' => 0, 'to_ping' => '', 'pinged' => '', 'post_password' => ''); 496 587 588 $postarr = wp_parse_args($postarr, $defaults); 589 590 if ( empty($postarr['no_filter']) ) 591 $postarr = sanitize_post($postarr, 'db'); 592 497 593 // export array as variables 498 594 extract($postarr, EXTR_SKIP); 499 595 … … 505 601 $previous_status = $post->post_status; 506 602 } 507 603 508 // Get the basics.509 if ( empty($no_filter) ) {510 $post_content = apply_filters('content_save_pre', $post_content);511 $post_content_filtered = apply_filters('content_filtered_save_pre', $post_content_filtered);512 $post_excerpt = apply_filters('excerpt_save_pre', $post_excerpt);513 $post_title = apply_filters('title_save_pre', $post_title);514 $post_category = apply_filters('category_save_pre', $post_category);515 $post_status = apply_filters('status_save_pre', $post_status);516 $post_name = apply_filters('name_save_pre', $post_name);517 $comment_status = apply_filters('comment_status_pre', $comment_status);518 $ping_status = apply_filters('ping_status_pre', $ping_status);519 $tags_input = apply_filters('tags_input_pre', $tags_input);520 }521 522 604 if ( ('' == $post_content) && ('' == $post_title) && ('' == $post_excerpt) ) 523 605 return 0; 524 606 -
wp-includes/functions.php
1286 1286 } 1287 1287 1288 1288 function wp_parse_args( $args, $defaults = '' ) { 1289 if ( is_array( $args ) ) 1289 if ( is_object($args) ) 1290 $r = get_object_vars($args); 1291 else if ( is_array( $args ) ) 1290 1292 $r =& $args; 1291 1293 else 1292 1294 wp_parse_str( $args, $r ); -
wp-admin/includes/post.php
161 161 // Get an existing post and format it for editing. 162 162 function get_post_to_edit( $id ) { 163 163 164 $post = get_post( $id );164 $post = get_post( $id, OBJECT, 'edit' ); 165 165 166 $post->post_content = format_to_edit( $post->post_content, user_can_richedit() );167 $post->post_content = apply_filters( 'content_edit_pre', $post->post_content);168 169 $post->post_excerpt = format_to_edit( $post->post_excerpt);170 $post->post_excerpt = apply_filters( 'excerpt_edit_pre', $post->post_excerpt);171 172 $post->post_title = format_to_edit( $post->post_title );173 $post->post_title = apply_filters( 'title_edit_pre', $post->post_title );174 175 $post->post_password = format_to_edit( $post->post_password );176 177 $post->menu_order = (int) $post->menu_order;178 179 166 if ( $post->post_type == 'page' ) 180 167 $post->page_template = get_post_meta( $id, '_wp_page_template', true ); 181 168