Changeset 23330
- Timestamp:
- 01/22/2013 10:32:06 PM (12 years ago)
- Location:
- branches/3.5/wp-includes
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.5/wp-includes/class-wp-xmlrpc-server.php
r22914 r23330 5310 5310 $pagelinkedto = str_replace('&', '&', $pagelinkedto); 5311 5311 5312 $pagelinkedfrom = apply_filters( 'pingback_ping_source_uri', $pagelinkedfrom, $pagelinkedto ); 5313 if ( ! $pagelinkedfrom ) 5314 return $this->pingback_error( 0, __( 'A valid URL was not provided.' ) ); 5315 5312 5316 // Check if the page linked to is in our site 5313 5317 $pos1 = strpos($pagelinkedto, str_replace(array('http://www.','http://','https://www.','https://'), '', get_option('home'))); 5314 5318 if ( !$pos1 ) 5315 return new IXR_Error(0, __('Is there no link to us?'));5319 return $this->pingback_error( 0, __( 'Is there no link to us?' ) ); 5316 5320 5317 5321 // let's find which post is linked to … … 5347 5351 if (! ($post_ID = $wpdb->get_var($sql)) ) { 5348 5352 // returning unknown error '0' is better than die()ing 5349 return new IXR_Error(0, '');5353 return $this->pingback_error( 0, '' ); 5350 5354 } 5351 5355 $way = 'from the fragment (title)'; … … 5353 5357 } else { 5354 5358 // TODO: Attempt to extract a post ID from the given URL 5355 return new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.'));5359 return $this->pingback_error( 33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 5356 5360 } 5357 5361 $post_ID = (int) $post_ID; … … 5360 5364 5361 5365 if ( !$post ) // Post_ID not found 5362 return new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.'));5366 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 5363 5367 5364 5368 if ( $post_ID == url_to_postid($pagelinkedfrom) ) 5365 return new IXR_Error(0, __('The source URL and the target URL cannot both point to the same resource.'));5369 return $this->pingback_error( 0, __( 'The source URL and the target URL cannot both point to the same resource.' ) ); 5366 5370 5367 5371 // Check if pings are on 5368 5372 if ( !pings_open($post) ) 5369 return new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.'));5373 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 5370 5374 5371 5375 // Let's check that the remote site didn't already pingback this entry 5372 5376 if ( $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $post_ID, $pagelinkedfrom) ) ) 5373 return new IXR_Error( 48, __( 'The pingback has already been registered.' ) );5377 return $this->pingback_error( 48, __( 'The pingback has already been registered.' ) ); 5374 5378 5375 5379 // very stupid, but gives time to the 'from' server to publish ! … … 5377 5381 5378 5382 // Let's check the remote site 5379 $linea = wp_remote_ fopen( $pagelinkedfrom);5383 $linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, array( 'timeout' => 10, 'redirection' => 0 ) ) ); 5380 5384 if ( !$linea ) 5381 return new IXR_Error(16, __('The source URL does not exist.'));5385 return $this->pingback_error( 16, __( 'The source URL does not exist.' ) ); 5382 5386 5383 5387 $linea = apply_filters('pre_remote_source', $linea, $pagelinkedto); … … 5391 5395 $title = $matchtitle[1]; 5392 5396 if ( empty( $title ) ) 5393 return new IXR_Error(32, __('We cannot find a title on that page.'));5397 return $this->pingback_error( 32, __('We cannot find a title on that page.' ) ); 5394 5398 5395 5399 $linea = strip_tags( $linea, '<a>' ); // just keep the tag we need … … 5427 5431 5428 5432 if ( empty($context) ) // Link to target not found 5429 return new IXR_Error(17, __('The source URL does not contain a link to the target URL, and so cannot be used as a source.'));5433 return $this->pingback_error( 17, __( 'The source URL does not contain a link to the target URL, and so cannot be used as a source.' ) ); 5430 5434 5431 5435 $pagelinkedfrom = str_replace('&', '&', $pagelinkedfrom); … … 5474 5478 if ( !$post_ID ) { 5475 5479 // We aren't sure that the resource is available and/or pingback enabled 5476 return new IXR_Error(33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.'));5480 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 5477 5481 } 5478 5482 … … 5481 5485 if ( !$actual_post ) { 5482 5486 // No such post = resource not found 5483 return new IXR_Error(32, __('The specified target URL does not exist.'));5487 return $this->pingback_error( 32, __('The specified target URL does not exist.' ) ); 5484 5488 } 5485 5489 … … 5497 5501 return $pingbacks; 5498 5502 } 5503 5504 protected function pingback_error( $code, $message ) { 5505 return apply_filters( 'xmlrpc_pingback_error', new IXR_Error( $code, $message ) ); 5506 } 5499 5507 } -
branches/3.5/wp-includes/comment.php
r22229 r23330 1952 1952 } 1953 1953 1954 /** 1955 * Default filter attached to pingback_ping_source_uri to validate the pingback's Source URI 1956 * 1957 * @since 3.5.1 1958 * 1959 * @param string $source_uri 1960 * @return string 1961 */ 1962 function pingback_ping_source_uri( $source_uri ) { 1963 $uri = esc_url_raw( $source_uri, array( 'http', 'https' ) ); 1964 if ( ! $uri ) 1965 return ''; 1966 1967 $parsed_url = @parse_url( $uri ); 1968 if ( ! $parsed_url ) 1969 return ''; 1970 1971 if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) ) 1972 return ''; 1973 1974 if ( false !== strpos( $parsed_url['host'], ':' ) ) 1975 return ''; 1976 1977 $parsed_home = @parse_url( get_option( 'home' ) ); 1978 1979 $same_host = strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ); 1980 1981 if ( ! $same_host ) { 1982 $host = trim( $parsed_url['host'], '.' ); 1983 if ( preg_match( '#^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $host ) ) { 1984 $ip = $host; 1985 } else { 1986 $ip = gethostbyname( $host ); 1987 if ( $ip === $host ) // Error condition for gethostbyname() 1988 $ip = false; 1989 } 1990 if ( $ip ) { 1991 if ( '127.0.0.1' === $ip ) 1992 return ''; 1993 $parts = array_map( 'intval', explode( '.', $ip ) ); 1994 if ( 10 === $parts[0] ) 1995 return ''; 1996 if ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] ) 1997 return ''; 1998 if ( 192 === $parts[0] && 168 === $parts[1] ) 1999 return ''; 2000 } 2001 } 2002 2003 if ( empty( $parsed_url['port'] ) ) 2004 return $uri; 2005 2006 $port = $parsed_url['port']; 2007 if ( 80 === $port || 443 === $port || 8080 === $port ) 2008 return $uri; 2009 2010 if ( $parsed_home && $same_host && $parsed_home['port'] === $port ) 2011 return $uri; 2012 2013 return ''; 2014 } 2015 2016 /** 2017 * Default filter attached to xmlrpc_pingback_error. 2018 * 2019 * Returns a generic pingback error code unless the error code is 48, 2020 * which reports that the pingback is already registered. 2021 * 2022 * @since 3.5.1 2023 * @link http://www.hixie.ch/specs/pingback/pingback#TOC3 2024 * 2025 * @param IXR_Error $ixr_error 2026 * @return IXR_Error 2027 */ 2028 function xmlrpc_pingback_error( $ixr_error ) { 2029 if ( $ixr_error->code === 48 ) 2030 return $ixr_error; 2031 return new IXR_Error( 0, '' ); 2032 } 2033 1954 2034 // 1955 2035 // Cache -
branches/3.5/wp-includes/default-filters.php
r22070 r23330 193 193 add_filter( 'editable_slug', 'esc_textarea' ); 194 194 add_filter( 'nav_menu_meta_box_object', '_wp_nav_menu_meta_box_object' ); 195 add_filter( 'pingback_ping_source_uri', 'pingback_ping_source_uri' ); 196 add_filter( 'xmlrpc_pingback_error', 'xmlrpc_pingback_error' ); 195 197 196 198 // Actions
Note: See TracChangeset
for help on using the changeset viewer.