* @since 4.2.0
*/
class WP_Press_This {
-
// Used to trigger the bookmarklet update notice.
+ const VERSION = 8;
public $version = 8;
private $images = array();
public function site_settings() {
return array(
/**
- * Filter whether or not Press This should redirect the user in the parent window upon save.
+ * Filters whether or not Press This should redirect the user in the parent window upon save.
*
* @since 4.2.0
*
- * @param bool false Whether to redirect in parent window or not. Default false.
+ * @param bool $redirect Whether to redirect in parent window or not. Default false.
*/
'redirInParent' => apply_filters( 'press_this_redirect_in_parent', false ),
);
}
}
- // Edxpected slashed
+ // Expected slashed
return wp_slash( $content );
}
/**
- * AJAX handler for saving the post as draft or published.
+ * Ajax handler for saving the post as draft or published.
*
* @since 4.2.0
* @access public
wp_send_json_error( array( 'errorMessage' => __( 'Invalid post.' ) ) );
}
- $post = array(
+ $post_data = array(
'ID' => $post_id,
'post_title' => ( ! empty( $_POST['post_title'] ) ) ? sanitize_text_field( trim( $_POST['post_title'] ) ) : '',
'post_content' => ( ! empty( $_POST['post_content'] ) ) ? trim( $_POST['post_content'] ) : '',
'post_type' => 'post',
'post_status' => 'draft',
'post_format' => ( ! empty( $_POST['post_format'] ) ) ? sanitize_text_field( $_POST['post_format'] ) : '',
- 'tax_input' => ( ! empty( $_POST['tax_input'] ) ) ? $_POST['tax_input'] : array(),
- 'post_category' => ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array(),
);
+ // Only accept categories if the user actually can assign
+ $category_tax = get_taxonomy( 'category' );
+ if ( current_user_can( $category_tax->cap->assign_terms ) ) {
+ $post_data['post_category'] = ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array();
+ }
+
+ // Only accept taxonomies if the user can actually assign
+ if ( ! empty( $_POST['tax_input'] ) ) {
+ $tax_input = $_POST['tax_input'];
+ foreach ( $tax_input as $tax => $_ti ) {
+ $tax_object = get_taxonomy( $tax );
+ if ( ! $tax_object || ! current_user_can( $tax_object->cap->assign_terms ) ) {
+ unset( $tax_input[ $tax ] );
+ }
+ }
+
+ $post_data['tax_input'] = $tax_input;
+ }
+
+ // Toggle status to pending if user cannot actually publish
if ( ! empty( $_POST['post_status'] ) && 'publish' === $_POST['post_status'] ) {
if ( current_user_can( 'publish_posts' ) ) {
- $post['post_status'] = 'publish';
+ $post_data['post_status'] = 'publish';
} else {
- $post['post_status'] = 'pending';
+ $post_data['post_status'] = 'pending';
}
}
- $post['post_content'] = $this->side_load_images( $post_id, $post['post_content'] );
+ $post_data['post_content'] = $this->side_load_images( $post_id, $post_data['post_content'] );
- $updated = wp_update_post( $post, true );
+ /**
+ * Filters the post data of a Press This post before saving/updating.
+ *
+ * The {@see 'side_load_images'} action has already run at this point.
+ *
+ * @since 4.5.0
+ *
+ * @param array $post_data The post data.
+ */
+ $post_data = apply_filters( 'press_this_save_post', $post_data );
+
+ $updated = wp_update_post( $post_data, true );
if ( is_wp_error( $updated ) ) {
wp_send_json_error( array( 'errorMessage' => $updated->get_error_message() ) );
} else {
- if ( isset( $post['post_format'] ) ) {
- if ( current_theme_supports( 'post-formats', $post['post_format'] ) ) {
- set_post_format( $post_id, $post['post_format'] );
- } elseif ( $post['post_format'] ) {
+ if ( isset( $post_data['post_format'] ) ) {
+ if ( current_theme_supports( 'post-formats', $post_data['post_format'] ) ) {
+ set_post_format( $post_id, $post_data['post_format'] );
+ } elseif ( $post_data['post_format'] ) {
set_post_format( $post_id, false );
}
}
}
/**
- * Filter the URL to redirect to when Press This saves.
+ * Filters the URL to redirect to when Press This saves.
*
* @since 4.2.0
*
* @param int $post_id Post ID.
* @param string $status Post status.
*/
- $redirect = apply_filters( 'press_this_save_redirect', $redirect, $post_id, $post['post_status'] );
+ $redirect = apply_filters( 'press_this_save_redirect', $redirect, $post_id, $post_data['post_status'] );
if ( $redirect ) {
wp_send_json_success( array( 'redirect' => $redirect, 'force' => $forceRedirect ) );
}
/**
- * AJAX handler for adding a new category.
+ * Ajax handler for adding a new category.
*
* @since 4.2.0
* @access public
* @return string Source's HTML sanitized markup
*/
public function fetch_source_html( $url ) {
- global $wp_version;
-
if ( empty( $url ) ) {
return new WP_Error( 'invalid-url', __( 'A valid URL was not provided.' ) );
}
$remote_url = wp_safe_remote_get( $url, array(
'timeout' => 30,
// Use an explicit user-agent for Press This
- 'user-agent' => 'Press This (WordPress/' . $wp_version . '); ' . get_bloginfo( 'url' )
+ 'user-agent' => 'Press This (WordPress/' . get_bloginfo( 'version' ) . '); ' . get_bloginfo( 'url' )
) );
if ( is_wp_error( $remote_url ) ) {
return $remote_url;
}
- $useful_html_elements = array(
+ $allowed_elements = array(
'img' => array(
'src' => true,
'width' => true,
);
$source_content = wp_remote_retrieve_body( $remote_url );
- $source_content = wp_kses( $source_content, $useful_html_elements );
+ $source_content = wp_kses( $source_content, $allowed_elements );
return $source_content;
}
return ''; // Return empty rather than a truncated/invalid URL
}
- // Does not look like an URL.
+ // Does not look like a URL.
if ( ! preg_match( '/^([!#$&-;=?-\[\]_a-z~]|%[0-9a-fA-F]{2})+$/', $url ) ) {
return '';
}
* @since 4.2.0
*
* @param string $src Embed source URL.
- * @return string If not from a supported provider, an empty string. Otherwise, a reformattd embed URL.
+ * @return string If not from a supported provider, an empty string. Otherwise, a reformatted embed URL.
*/
private function _limit_embed( $src ) {
$src = $this->_limit_url( $src );
// Embedded Daily Motion videos
$src = 'https://www.dailymotion.com/video/' . $src_matches[2];
} else {
- require_once( ABSPATH . WPINC . '/class-oembed.php' );
$oembed = _wp_oembed_get_object();
if ( ! $oembed->get_provider( $src, array( 'discover' => false ) ) ) {
}
/**
- * Filter whether to enable in-source media discovery in Press This.
+ * Filters whether to enable in-source media discovery in Press This.
*
* @since 4.2.0
*
}
/**
- * Filter the Press This data array.
+ * Filters the Press This data array.
*
* @since 4.2.0
*
$press_this = str_replace( '.css', '-rtl.css', $press_this );
}
- $open_sans_font_url = '';
-
- /* translators: If there are characters in your language that are not supported
- * by Open Sans, translate this to 'off'. Do not translate into your own language.
- */
- if ( 'off' !== _x( 'on', 'Open Sans font: on or off' ) ) {
- $subsets = 'latin,latin-ext';
-
- /* translators: To add an additional Open Sans character subset specific to your language,
- * translate this to 'greek', 'cyrillic' or 'vietnamese'. Do not translate into your own language.
- */
- $subset = _x( 'no-subset', 'Open Sans font: add new subset (greek, cyrillic, vietnamese)' );
-
- if ( 'cyrillic' == $subset ) {
- $subsets .= ',cyrillic,cyrillic-ext';
- } elseif ( 'greek' == $subset ) {
- $subsets .= ',greek,greek-ext';
- } elseif ( 'vietnamese' == $subset ) {
- $subsets .= ',vietnamese';
- }
-
- $query_args = array(
- 'family' => urlencode( 'Open Sans:400italic,700italic,400,600,700' ),
- 'subset' => urlencode( $subsets ),
- );
-
- $open_sans_font_url = ',' . add_query_arg( $query_args, 'https://fonts.googleapis.com/css' );
- }
-
- return $styles . $press_this . $open_sans_font_url;
+ return $styles . $press_this;
}
/**
public function categories_html( $post ) {
$taxonomy = get_taxonomy( 'category' );
+ // Bail if user cannot assign terms
+ if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) {
+ return;
+ }
+
+ // Only show "add" if user can edit terms
if ( current_user_can( $taxonomy->cap->edit_terms ) ) {
?>
<button type="button" class="add-cat-toggle button-link" aria-expanded="false">
if ( $user_can_assign_terms ) {
?>
- <button type="button" class="button-link tagcloud-link" id="link-post_tag"><?php echo $taxonomy->labels->choose_from_most_used; ?></button>
+ <button type="button" class="button-link tagcloud-link" id="link-post_tag" aria-expanded="false"><?php echo $taxonomy->labels->choose_from_most_used; ?></button>
<?php
}
}
}
/**
- * Filter the default HTML for the Press This editor.
+ * Filters the default HTML tags used in the suggested content for the editor.
+ *
+ * The HTML strings use printf format. After filtering the content is added at the specified places with `sprintf()`.
*
* @since 4.2.0
*
- * @param array $default_html Associative array with two keys: 'quote' where %1$s is replaced with the site description
- * or the selected content, and 'link' there %1$s is link href, %2$s is link text.
+ * @param array $default_html Associative array with three possible keys:
+ * - 'quote' where %1$s is replaced with the site description or the selected content.
+ * - 'link' where %1$s is link href, %2$s is link text, usually the source page title.
+ * - 'embed' which contains an [embed] shortcode when the source page offers embeddable content.
+ * @param array $data Associative array containing the data from the source page.
*/
$default_html = apply_filters( 'press_this_suggested_html', $default_html, $data );
* @access public
*
* @global WP_Locale $wp_locale
- * @global string $wp_version
* @global bool $is_IE
*/
public function html() {
- global $wp_locale, $wp_version;
+ global $wp_locale;
+
+ $wp_version = get_bloginfo( 'version' );
// Get data, new (POST) and old (GET).
$data = $this->merge_or_fetch_data();
wp_enqueue_script( 'json2' );
wp_enqueue_script( 'editor' );
+ $categories_tax = get_taxonomy( 'category' );
+ $show_categories = current_user_can( $categories_tax->cap->assign_terms ) || current_user_can( $categories_tax->cap->edit_terms );
+
+ $tag_tax = get_taxonomy( 'post_tag' );
+ $show_tags = current_user_can( $tag_tax->cap->assign_terms );
+
$supports_formats = false;
$post_format = 0;
$admin_body_class .= ' branch-' . str_replace( array( '.', ',' ), '-', floatval( $wp_version ) );
$admin_body_class .= ' version-' . str_replace( '.', '-', preg_replace( '/^([.0-9]+).*/', '$1', $wp_version ) );
$admin_body_class .= ' admin-color-' . sanitize_html_class( get_user_option( 'admin_color' ), 'fresh' );
- $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) );
+ $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_user_locale() ) ) );
/** This filter is documented in wp-admin/admin-header.php */
$admin_body_classes = apply_filters( 'admin_body_class', '' );
</button>
<?php endif; ?>
- <button type="button" class="button-link post-option">
- <span class="dashicons dashicons-category"></span>
- <span class="post-option-title"><?php _e( 'Categories' ); ?></span>
- <span class="dashicons post-option-forward"></span>
- </button>
-
- <button type="button" class="button-link post-option">
- <span class="dashicons dashicons-tag"></span>
- <span class="post-option-title"><?php _e( 'Tags' ); ?></span>
- <span class="dashicons post-option-forward"></span>
- </button>
+ <?php if ( $show_categories ) : ?>
+ <button type="button" class="button-link post-option">
+ <span class="dashicons dashicons-category"></span>
+ <span class="post-option-title"><?php _e( 'Categories' ); ?></span>
+ <span class="dashicons post-option-forward"></span>
+ </button>
+ <?php endif; ?>
+
+ <?php if ( $show_tags ) : ?>
+ <button type="button" class="button-link post-option">
+ <span class="dashicons dashicons-tag"></span>
+ <span class="post-option-title"><?php _e( 'Tags' ); ?></span>
+ <span class="dashicons post-option-forward"></span>
+ </button>
+ <?php endif; ?>
</div>
<?php if ( $supports_formats ) : ?>
</div>
<?php endif; ?>
- <div class="setting-modal is-off-screen is-hidden">
- <button type="button" class="button-link modal-close">
- <span class="dashicons post-option-back"></span>
- <span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span>
- <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
- </button>
- <?php $this->categories_html( $post ); ?>
- </div>
+ <?php if ( $show_categories ) : ?>
+ <div class="setting-modal is-off-screen is-hidden">
+ <button type="button" class="button-link modal-close">
+ <span class="dashicons post-option-back"></span>
+ <span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span>
+ <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
+ </button>
+ <?php $this->categories_html( $post ); ?>
+ </div>
+ <?php endif; ?>
- <div class="setting-modal tags is-off-screen is-hidden">
- <button type="button" class="button-link modal-close">
- <span class="dashicons post-option-back"></span>
- <span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span>
- <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
- </button>
- <?php $this->tags_html( $post ); ?>
- </div>
+ <?php if ( $show_tags ) : ?>
+ <div class="setting-modal tags is-off-screen is-hidden">
+ <button type="button" class="button-link modal-close">
+ <span class="dashicons post-option-back"></span>
+ <span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span>
+ <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span>
+ </button>
+ <?php $this->tags_html( $post ); ?>
+ </div>
+ <?php endif; ?>
</div><!-- .options-panel -->
</div><!-- .wrapper -->
/** This action is documented in wp-admin/admin-footer.php */
do_action( 'admin_footer' );
+ /** This action is documented in wp-admin/admin-footer.php */
+ do_action( 'admin_print_footer_scripts-press-this.php' );
+
/** This action is documented in wp-admin/admin-footer.php */
do_action( 'admin_print_footer_scripts' );
die();
}
}
-
-/**
- *
- * @global WP_Press_This $wp_press_this
- */
-$GLOBALS['wp_press_this'] = new WP_Press_This;
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff