WordPress.org

Make WordPress Core

Changeset 3430


Ignore:
Timestamp:
01/13/2006 07:19:09 PM (12 years ago)
Author:
ryan
Message:

Make the xmlrpc user the current user. fixes #2273

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/kses.php

    r3429 r3430  
    531531    global $current_user;
    532532
    533     get_currentuserinfo(); // set $current_user
     533    remove_filter('pre_comment_author', 'wp_filter_kses');
     534    remove_filter('pre_comment_content', 'wp_filter_kses');
     535    remove_filter('content_save_pre', 'wp_filter_post_kses');
     536    remove_filter('title_save_pre', 'wp_filter_kses');
     537
     538    if (! defined('XMLRPC_REQUEST') )
     539        get_currentuserinfo();
     540
    534541    if (current_user_can('unfiltered_html') == false)
    535542        kses_init_filters();
    536543}
    537544add_action('init', 'kses_init');
     545add_action('set_current_user', 'kses_init');
    538546?>
  • trunk/wp-includes/pluggable-functions.php

    r3343 r3430  
    33    /* These functions can be replaced via plugins.  They are loaded after
    44     plugins are loaded. */
     5
     6if ( !function_exists('set_current_user') ) :
     7function set_current_user($id, $name = '') {
     8    global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user;
     9
     10    $current_user   = '';
     11
     12    $current_user   = new WP_User($id, $name);
     13
     14    $userdata   = get_userdatabylogin($user_login);
     15
     16    $user_login = $userdata->user_login;
     17    $user_level = $userdata->user_level;
     18    $user_ID    = $userdata->ID;
     19    $user_email = $userdata->user_email;
     20    $user_url   = $userdata->user_url;
     21    $user_pass_md5  = md5($userdata->user_pass);
     22    $user_identity  = $userdata->display_name;
     23
     24    do_action('set_current_user');
     25
     26    return $current_user;
     27}
     28endif;
    529
    630
     
    832function get_currentuserinfo() {
    933    global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user;
     34
     35    if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
     36        return false;
    1037
    1138    if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) ||
  • trunk/xmlrpc.php

    r3378 r3430  
    11<?php
     2
     3define('XMLRPC_REQUEST', true);
     4
     5// Some browser-embedded clients send cookies. We don't want them.
     6$_COOKIE = array();
    27
    38# fix for mozBlog and other cases where '<?xml' isn't on the very first line
     
    180185      }
    181186
    182       $user = new WP_User(0, $user_login);
    183       $is_admin = $user->has_cap('level_8');
     187      set_current_user(0, $user_login);
     188      $is_admin = current_user_can('level_8');
    184189
    185190      $struct = array(
     
    189194        'blogName' => get_settings('blogname')
    190195      );
    191 
     196error_log(print_r($struct,1), 3, '/tmp/xmlrpc');
    192197      return array($struct);
    193198    }
     
    318323      }
    319324
    320       $user = new WP_User(0, $user_login);
    321       if ( !$user->has_cap('edit_themes') ) {
     325      set_current_user(0, $user_login);
     326      if ( !current_user_can('edit_themes') ) {
    322327        return new IXR_Error(401, 'Sorry, this user can not edit the template.');
    323328      }
     
    353358      }
    354359
    355       $user = new WP_User(0, $user_login);
    356       if ( !$user->has_cap('edit_themes') ) {
     360      set_current_user(0, $user_login);
     361      if ( !current_user_can('edit_themes') ) {
    357362        return new IXR_Error(401, 'Sorry, this user can not edit the template.');
    358363      }
     
    391396     
    392397      $cap = ($publish) ? 'publish_posts' : 'edit_posts';
    393 
    394       $user = new WP_User(0, $user_login);
    395       if ( !$user->has_cap($cap) )
     398      $user = set_current_user(0, $user_login);
     399      if ( !current_user_can($cap) )
    396400        return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.');
    397401
     
    446450        $this->escape($actual_post);
    447451
    448       $user = new WP_User(0, $user_login);
    449       if ( !$user->has_cap('edit_post', $post_ID) )
     452      set_current_user(0, $user_login);
     453      if ( !current_user_can('edit_post', $post_ID) )
    450454        return new IXR_Error(401, 'Sorry, you do not have the right to edit this post.');
    451455
     
    490494      }
    491495
    492       $user = new WP_User(0, $user_login);
    493       if ( !$user->has_cap('edit_post', $post_ID) )
     496      set_current_user(0, $user_login);
     497      if ( !current_user_can('edit_post', $post_ID) )
    494498        return new IXR_Error(401, 'Sorry, you do not have the right to delete this post.');
    495499
     
    526530      }
    527531
    528       $user = new WP_User(0, $user_login);
    529       if ( !$user->has_cap('publish_posts') )
     532      $user = set_current_user(0, $user_login);
     533      if ( !current_user_can('publish_posts') )
    530534        return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.');
    531535
     
    606610      }
    607611
    608       $user = new WP_User(0, $user_login);
    609       if ( !$user->has_cap('edit_post', $post_ID) )
     612      set_current_user(0, $user_login);
     613      if ( !current_user_can('edit_post', $post_ID) )
    610614        return new IXR_Error(401, 'Sorry, you can not edit this post.');
    611615
     
    845849            return $this->error;
    846850
    847         $user = new WP_User(0, $user_login);
    848 
    849         if ( !$user->has_cap('upload_files') ) {
     851        set_current_user(0, $user_login);
     852        if ( !current_user_can('upload_files') ) {
    850853            logIO('O', '(MW) User does not have upload_files capability');
    851854            $this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.');
     
    985988      }
    986989
    987       $user = new WP_User(0, $user_login);
    988       if ( !$user->has_cap('edit_post', $post_ID) )
     990      set_current_user(0, $user_login);
     991      if ( !current_user_can('edit_post', $post_ID) )
    989992        return new IXR_Error(401, 'Sorry, you can not edit this post.');
    990993
     
    10671070      }
    10681071
    1069       $user = new WP_User(0, $user_login);
    1070       if ( !$user->has_cap('edit_post', $post_ID) )
     1072      set_current_user(0, $user_login);
     1073      if ( !current_user_can('edit_post', $post_ID) )
    10711074        return new IXR_Error(401, 'Sorry, you can not edit this post.');
    10721075
Note: See TracChangeset for help on using the changeset viewer.