WordPress.org

Make WordPress Core

Changeset 8136


Ignore:
Timestamp:
06/20/2008 03:39:41 PM (11 years ago)
Author:
ryan
Message:

Disable remote publishing by default. Add options to turn them back on. Props josephscott. see #7157

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/schema.php

    r8060 r8136  
    256256    // 2.6
    257257    add_option('avatar_default', 'mystery');
    258 
     258    add_option('enable_app',0);
     259    add_option('enable_xmlrpc',0);
     260   
    259261    // Delete unused options
    260262    $unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog', '_wpnonce', '_wp_http_referer', 'Update', 'action', 'rich_editing', 'autosave_interval', 'deactivated_plugins');
  • trunk/wp-admin/options-writing.php

    r7997 r8136  
    5757</tr>
    5858</table>
     59
     60<h3><?php _e('Remote Publishing') ?></h3>
     61<p><?php printf(__('To post to WordPress from a desktop blogging client or remote website that uses the Atom Publishing Protocol or one of the XML-RPC publishing interfaces you must enable them below.')) ?></p>
     62<table class="form-table">
     63<tr valign="top">
     64<th scope="row"><?php _e('Atom Publishing Protocol') ?></th>
     65<td><fieldset><legend class="hidden"><?php _e('Atom Publishing Protocol') ?></legend>
     66<label for="enable_app">
     67<input name="enable_app" type="checkbox" id="enable_app" value="1" <?php checked('1', get_option('enable_app')); ?> />
     68<?php _e('Enable the Atom Publishing Protocol.') ?></label><br />
     69</fieldset></td>
     70</tr>
     71<tr valign="top">
     72<th scope="row"><?php _e('XML-RPC') ?></th>
     73<td><fieldset><legend class="hidden"><?php _e('XML-RPC') ?></legend>
     74<label for="enable_xmlrpc">
     75<input name="enable_xmlrpc" type="checkbox" id="enable_xmlrpc" value="1" <?php checked('1', get_option('enable_xmlrpc')); ?> />
     76<?php _e('Enable the WordPress, Movable Type, MetaWeblog and Blogger XML-RPC publishing protocols.') ?></label><br />
     77</fieldset></td>
     78</tr></table>
    5979
    6080<h3><?php _e('Post via e-mail') ?></h3>
  • trunk/xmlrpc.php

    r8114 r8136  
    4040    <homePageLink><?php bloginfo_rss('url') ?></homePageLink>
    4141    <apis>
     42    <?php if ( get_option('enable_xmlrpc') ) :?>
    4243      <api name="WordPress" blogID="1" preferred="true" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
    4344      <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
    4445      <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
    4546      <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
     47    <?php endif; if ( get_option('enable_app') ) :?>
    4648      <api name="Atom" blogID="" preferred="false" apiLink="<?php echo apply_filters('atom_service_url', (get_bloginfo('url')."/wp-app.php/service"))?>" />
     49    <?php endif; ?>
    4750    </apis>
    4851  </service>
     
    109112
    110113    function wp_xmlrpc_server() {
    111         $this->methods = array(
     114        $xmlrpc_methods = array(
    112115            // WordPress API
    113116            'wp.getUsersBlogs'      => 'this:wp_getUsersBlogs',
     
    165168            'mt.supportedTextFilters' => 'this:mt_supportedTextFilters',
    166169            'mt.getTrackbackPings' => 'this:mt_getTrackbackPings',
    167             'mt.publishPost' => 'this:mt_publishPost',
    168 
     170            'mt.publishPost' => 'this:mt_publishPost'
     171        );
     172       
     173        $xmlrpc_functions = array (
    169174            // PingBack
    170175            'pingback.ping' => 'this:pingback_ping',
     
    175180        );
    176181
     182        if ( get_option('enable_xmlrpc') )
     183        {
     184            $this->methods = array_merge($xmlrpc_methods,$xmlrpc_functions);
     185        } else {
     186            $this->methods = $xmlrpc_functions;
     187        }
     188       
    177189        $this->initialise_blog_option_info( );
    178190        $this->methods = apply_filters('xmlrpc_methods', $this->methods);
Note: See TracChangeset for help on using the changeset viewer.