Make WordPress Core

Opened 17 years ago

Closed 16 years ago

Last modified 16 years ago

#4642 closed enhancement (fixed)

Enhanced wp-mail.php

Reported by: lexhair's profile lexhair Owned by: ryan's profile ryan
Milestone: 2.5 Priority: normal
Severity: normal Version: 2.3
Component: Administration Keywords: has-patch tested
Focuses: Cc:

Description

Please consider adding a check box switch to the Blog by Email admin panel to dump emails that come from addresses not in the user database. The wp-mail.php code already has this functionality but must be user edited to implement.

Attachments (6)

4642.diff (2.4 KB) - added by Bobcat 16 years ago.
wp-mail.php patch, including email addr regexp fix
4642.2.diff (1.9 KB) - added by Bobcat 16 years ago.
wp-mail.php patch to set post_status based on the author's capabilities
4642.3.diff (2.9 KB) - added by Bobcat 16 years ago.
Set post status based on author's capabilities; includes new function get_userdatabyemail
4642.4.diff (3.8 KB) - added by Bobcat 16 years ago.
Set post status based on author's capabilities; includes new function get_user_by
4642.5.diff (4.1 KB) - added by Bobcat 16 years ago.
Set post status based on author's capabilities; includes new function get_user_by
4642.6.diff (2.0 KB) - added by Bobcat 16 years ago.
Set post status based on author's capabilities; calls get_user_by_email

Download all attachments as: .zip

Change History (28)

#1 @Nazgul
17 years ago

  • Milestone set to 2.4 (future)

I disagree with it being an option on the admin interface, but adding a few hooks and filters to wp-mail.php to make this possible through a plugin gets a +1 from me.

#2 @Bobcat
16 years ago

  • Cc Bobcat added

How about if emails from Contributors, Subscribers, and unknown users are set to post_status 'pending', while emails from Administrators, Editors, and Authors are published? This would mimic the behavior of the web interface where only Administrators, Editors, and Authors can publish their posts. I can give this a shot if it's an acceptable approach.

#3 @Bobcat
16 years ago

  • Keywords has-patch tested added
  • Owner changed from anonymous to Bobcat
  • Version set to 2.3

Attached patch to wp-mail.php sets post_status to 'publish' if the author is in the DB and has 'publish_posts' capability. Otherwise (unknown author or no 'publish_posts'), post_status is set to 'pending'. This is analogous to the behavior when posting via the web interface.

post_status may be overridden by a plugin hooking into the existing phone_content filter.

Patch was tested with version 2.3, using test case email senders of an administrator, an author, a subscriber, and a user not in the DB.

#4 @Bobcat
16 years ago

I found additional problems with the email address parsing (reported at http://wordpress.org/support/topic/137830?replies=3 ). I have the solution. Give me a couple days to fully test it and upload a new patch.

@Bobcat
16 years ago

wp-mail.php patch, including email addr regexp fix

#5 follow-up: @Bobcat
16 years ago

  • Keywords changed from has-patch, tested to has-patch tested

Uploaded revised patch which sets the post_status based on the author's capabilities, as well as fixes the regexp that extracts the author's email address (this fixes a problem where an email address containing a "-" was not recognized).

I'm done (pending any further comments).

#6 in reply to: ↑ 5 @westi
16 years ago

  • Keywords needs-patch added; has-patch removed

Replying to Bobcat:

Uploaded revised patch which sets the post_status based on the author's capabilities, as well as fixes the regexp that extracts the author's email address (this fixes a problem where an email address containing a "-" was not recognized).

I'm done (pending any further comments).

Good patch.

The email address sanitization has already changed in [6212] for #5169 could you update your patch to just do the post_status changes please.

#7 @Bobcat
16 years ago

Just a note that I'm waiting for #5169 to be resolved before continuing with this ticket/patch. I want to be able to test this patch with the final patch for #5169.

@Bobcat
16 years ago

wp-mail.php patch to set post_status based on the author's capabilities

#8 @Bobcat
16 years ago

  • Keywords has-patch added; needs-patch removed

Added patch 4642.2.diff, which sets the post_status based on the author's capabilities. (Email address validation removed as requested.) Tested with WP 2.3 + #5169 by sending test emails from users with and without publish_posts capability, and also from an unknown user.

#9 @westi
16 years ago

+1

Good Patch.

I think we should consider creating a get_userbyemail function and adding it to wp-includes/pluggable.php rather than continuing with the embedded query in wp-mail.php.

#10 follow-up: @Bobcat
16 years ago

OK, I can pattern it after get_userdatabylogin, but I don't know what to do with the following code:

$user_id = wp_cache_get($user_login, 'userlogins');
$userdata = wp_cache_get($user_id, 'users');
if ( $userdata )
        return $userdata;

Is there an equivalent for user_email? If so, how do I use it?

#11 in reply to: ↑ 10 @westi
16 years ago

Replying to Bobcat:

OK, I can pattern it after get_userdatabylogin, but I don't know what to do with the following code:

$user_id = wp_cache_get($user_login, 'userlogins');
$userdata = wp_cache_get($user_id, 'users');
if ( $userdata )
        return $userdata;

Is there an equivalent for user_email? If so, how do I use it?

There is no equivalent at the moment - for now code it without the caching and we can decide what to cache it on afterwards.

@Bobcat
16 years ago

Set post status based on author's capabilities; includes new function get_userdatabyemail

#12 @Bobcat
16 years ago

Revised patch to call new function in pluggable.php. Is there a way to check the capabilities directly from userdata without doing a "new WP_User"? I got an undefined method when I tried that.

#13 @ryan
16 years ago

WP_User is the way to go. What was the error, exactly.

Also, instead of adding another get_userdata* function, let's add get_user_by().

function get_user_by($field, $value, $output = OBJECT, $filter = 'raw')

get_user_by('email', 'blah@blah.blah');

get_term_by() offers an example.

#14 @Bobcat
16 years ago

When I tried $userdata->has_cap('publish_posts'), I got "Fatal error: Call to undefined method stdClass::has_cap()". I was hoping I could check the capabilities directly from $userdata (it's in there!).

Are you sure you want get_user_by()? When specifying email and login, for example, there are different sanitize functions that need to be called from within the function.

#15 @Bobcat
16 years ago

What would the SQL query look like for get_user_by() ? I don't know enough about SQL to derive it from the query in get_term_by().

@Bobcat
16 years ago

Set post status based on author's capabilities; includes new function get_user_by

#16 @Bobcat
16 years ago

OK, here you go - 4642.4.diff. I added the function get_user_by, which returns the ID, to pluggable.php. (The svn diff command output is funky because of where it resynchronized. Not sure how to make that look nicer.) I modified get_userbylogin to call get_user_by, but I removed the caching in the process, because I don't know how to add caching to get_user_by.

@Bobcat
16 years ago

Set post status based on author's capabilities; includes new function get_user_by

#17 @Bobcat
16 years ago

4642.5.diff is the final version of the patch. I added the caching back when calling get_userdatabylogin. I prefer 4642.3.diff, which has get_userdatabyemail. But you guys can pick whichever one you prefer.

It would be nice to get this into 2.4 (or earlier), as it leverages the post_status of pending when using the Blog By Email feature.

#18 @ryan
16 years ago

  • Owner changed from Bobcat to ryan

@Bobcat
16 years ago

Set post status based on author's capabilities; calls get_user_by_email

#19 @Bobcat
16 years ago

  • Keywords needs-testing added; tested removed

#20 @ryan
16 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6349]) When posting by email, publish only if user has publish caps, otherwise set status to pending. Props Bobcat. fixes #4642

#21 @lexhair
16 years ago

Thanks to all of you for your consideration. Great job.

#22 @Bobcat
16 years ago

  • Keywords tested added; needs-testing removed

Tested with trunk revision 6349, FreeBSD 6.2-RELEASE-p1, MySQL 4.1.20, by sending three email messages, one with publish capability, one without, and one unknown user. Resulting posts were posted, pending, and pending from admin, respectively. This is the expected result.

Note: See TracTickets for help on using tickets.