WordPress.org

Make WordPress Core

Changeset 3430


Ignore:
Timestamp:
01/13/06 19:19:09 (9 years ago)
Author:
ryan
Message:

Make the xmlrpc user the current user. fixes #2273

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/kses.php

    r3429 r3430  
    531531    global $current_user; 
    532532 
    533     get_currentuserinfo(); // set $current_user 
     533    remove_filter('pre_comment_author', 'wp_filter_kses'); 
     534    remove_filter('pre_comment_content', 'wp_filter_kses'); 
     535    remove_filter('content_save_pre', 'wp_filter_post_kses'); 
     536    remove_filter('title_save_pre', 'wp_filter_kses'); 
     537 
     538    if (! defined('XMLRPC_REQUEST') ) 
     539        get_currentuserinfo(); 
     540 
    534541    if (current_user_can('unfiltered_html') == false) 
    535542        kses_init_filters(); 
    536543} 
    537544add_action('init', 'kses_init'); 
     545add_action('set_current_user', 'kses_init'); 
    538546?> 
  • trunk/wp-includes/pluggable-functions.php

    r3343 r3430  
    33    /* These functions can be replaced via plugins.  They are loaded after 
    44     plugins are loaded. */ 
     5 
     6if ( !function_exists('set_current_user') ) : 
     7function set_current_user($id, $name = '') { 
     8    global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user; 
     9 
     10    $current_user   = ''; 
     11 
     12    $current_user   = new WP_User($id, $name); 
     13 
     14    $userdata   = get_userdatabylogin($user_login); 
     15 
     16    $user_login = $userdata->user_login; 
     17    $user_level = $userdata->user_level; 
     18    $user_ID    = $userdata->ID; 
     19    $user_email = $userdata->user_email; 
     20    $user_url   = $userdata->user_url; 
     21    $user_pass_md5  = md5($userdata->user_pass); 
     22    $user_identity  = $userdata->display_name; 
     23 
     24    do_action('set_current_user'); 
     25 
     26    return $current_user; 
     27} 
     28endif; 
    529 
    630 
     
    832function get_currentuserinfo() { 
    933    global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user; 
     34 
     35    if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) 
     36        return false; 
    1037 
    1138    if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) ||  
  • trunk/xmlrpc.php

    r3378 r3430  
    11<?php 
     2 
     3define('XMLRPC_REQUEST', true); 
     4 
     5// Some browser-embedded clients send cookies. We don't want them. 
     6$_COOKIE = array(); 
    27 
    38# fix for mozBlog and other cases where '<?xml' isn't on the very first line 
     
    180185      } 
    181186 
    182       $user = new WP_User(0, $user_login); 
    183       $is_admin = $user->has_cap('level_8'); 
     187      set_current_user(0, $user_login); 
     188      $is_admin = current_user_can('level_8'); 
    184189 
    185190      $struct = array( 
     
    189194        'blogName' => get_settings('blogname') 
    190195      ); 
    191  
     196error_log(print_r($struct,1), 3, '/tmp/xmlrpc'); 
    192197      return array($struct); 
    193198    } 
     
    318323      } 
    319324 
    320       $user = new WP_User(0, $user_login); 
    321       if ( !$user->has_cap('edit_themes') ) { 
     325      set_current_user(0, $user_login); 
     326      if ( !current_user_can('edit_themes') ) { 
    322327        return new IXR_Error(401, 'Sorry, this user can not edit the template.'); 
    323328      } 
     
    353358      } 
    354359 
    355       $user = new WP_User(0, $user_login); 
    356       if ( !$user->has_cap('edit_themes') ) { 
     360      set_current_user(0, $user_login); 
     361      if ( !current_user_can('edit_themes') ) { 
    357362        return new IXR_Error(401, 'Sorry, this user can not edit the template.'); 
    358363      } 
     
    391396       
    392397      $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 
    393  
    394       $user = new WP_User(0, $user_login); 
    395       if ( !$user->has_cap($cap) ) 
     398      $user = set_current_user(0, $user_login); 
     399      if ( !current_user_can($cap) ) 
    396400        return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); 
    397401 
     
    446450        $this->escape($actual_post); 
    447451 
    448       $user = new WP_User(0, $user_login); 
    449       if ( !$user->has_cap('edit_post', $post_ID) ) 
     452      set_current_user(0, $user_login); 
     453      if ( !current_user_can('edit_post', $post_ID) ) 
    450454        return new IXR_Error(401, 'Sorry, you do not have the right to edit this post.'); 
    451455 
     
    490494      } 
    491495 
    492       $user = new WP_User(0, $user_login); 
    493       if ( !$user->has_cap('edit_post', $post_ID) ) 
     496      set_current_user(0, $user_login); 
     497      if ( !current_user_can('edit_post', $post_ID) ) 
    494498        return new IXR_Error(401, 'Sorry, you do not have the right to delete this post.'); 
    495499 
     
    526530      } 
    527531 
    528       $user = new WP_User(0, $user_login); 
    529       if ( !$user->has_cap('publish_posts') ) 
     532      $user = set_current_user(0, $user_login); 
     533      if ( !current_user_can('publish_posts') ) 
    530534        return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); 
    531535 
     
    606610      } 
    607611 
    608       $user = new WP_User(0, $user_login); 
    609       if ( !$user->has_cap('edit_post', $post_ID) ) 
     612      set_current_user(0, $user_login); 
     613      if ( !current_user_can('edit_post', $post_ID) ) 
    610614        return new IXR_Error(401, 'Sorry, you can not edit this post.'); 
    611615 
     
    845849            return $this->error; 
    846850 
    847         $user = new WP_User(0, $user_login); 
    848  
    849         if ( !$user->has_cap('upload_files') ) { 
     851        set_current_user(0, $user_login); 
     852        if ( !current_user_can('upload_files') ) { 
    850853            logIO('O', '(MW) User does not have upload_files capability'); 
    851854            $this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.'); 
     
    985988      } 
    986989 
    987       $user = new WP_User(0, $user_login); 
    988       if ( !$user->has_cap('edit_post', $post_ID) ) 
     990      set_current_user(0, $user_login); 
     991      if ( !current_user_can('edit_post', $post_ID) ) 
    989992        return new IXR_Error(401, 'Sorry, you can not edit this post.'); 
    990993 
     
    10671070      } 
    10681071 
    1069       $user = new WP_User(0, $user_login); 
    1070       if ( !$user->has_cap('edit_post', $post_ID) ) 
     1072      set_current_user(0, $user_login); 
     1073      if ( !current_user_can('edit_post', $post_ID) ) 
    10711074        return new IXR_Error(401, 'Sorry, you can not edit this post.'); 
    10721075 
Note: See TracChangeset for help on using the changeset viewer.