X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/11be8dc178e77d0b46189bbd8e33a216a9b90942..refs/tags/wordpress-2.8-scripts:/wp-app.php?ds=sidebyside
diff --git a/wp-app.php b/wp-app.php
index 15d924ab..0ada250e 100644
--- a/wp-app.php
+++ b/wp-app.php
@@ -26,6 +26,9 @@ require_once(ABSPATH . WPINC . '/atomlib.php');
/** Feed Handling API */
require_once(ABSPATH . WPINC . '/feed.php');
+/** Admin Image API for metadata updating */
+require_once(ABSPATH . '/wp-admin/includes/image.php');
+
$_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] );
/**
@@ -349,9 +352,9 @@ class AtomServer {
if( !current_user_can( 'edit_posts' ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
- $entries_url = attribute_escape($this->get_entries_url());
- $categories_url = attribute_escape($this->get_categories_url());
- $media_url = attribute_escape($this->get_attachments_url());
+ $entries_url = esc_attr($this->get_entries_url());
+ $categories_url = esc_attr($this->get_categories_url());
+ $media_url = esc_attr($this->get_attachments_url());
foreach ($this->media_content_types as $med) {
$accepted_media_types = $accepted_media_types . "" . $med . "";
}
@@ -389,12 +392,12 @@ EOD;
if( !current_user_can( 'edit_posts' ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
- $home = attribute_escape(get_bloginfo_rss('home'));
+ $home = esc_attr(get_bloginfo_rss('home'));
$categories = "";
$cats = get_categories("hierarchical=0&hide_empty=0");
foreach ((array) $cats as $cat) {
- $categories .= " name) . "\" />\n";
+ $categories .= " name) . "\" />\n";
}
$output = <<get_entry($postID);
log_app('function',"create_post($postID)");
@@ -553,6 +558,8 @@ EOD;
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
}
+ do_action( 'atompub_put_post', $ID, $parsed );
+
log_app('function',"put_post($postID)");
$this->ok();
}
@@ -698,7 +705,7 @@ EOD;
extract($entry);
$post_title = $parsed->title[1];
- $post_content = $parsed->content[1];
+ $post_content = $parsed->summary[1];
$pubtimes = $this->get_publish_time($parsed->updated);
$post_modified = $pubtimes[0];
$post_modified_gmt = $pubtimes[1];
@@ -814,9 +821,12 @@ EOD;
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
}
+ $upload_dir = wp_upload_dir( );
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
+ $location = "{$upload_dir['basedir']}/{$location}";
+
if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
@@ -843,6 +853,8 @@ EOD;
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
}
+ wp_update_attachment_metadata( $postID, wp_generate_attachment_metadata( $postID, $location ) );
+
log_app('function',"put_file($postID)");
$this->ok();
}
@@ -1067,6 +1079,8 @@ EOD;
log_app('function',"get_feed($page, '$post_type')");
ob_start();
+ $this->ENTRY_PATH = $post_type;
+
if(!isset($page)) {
$page = 1;
}
@@ -1074,7 +1088,7 @@ EOD;
$count = get_option('posts_per_rss');
- wp('what_to_show=posts&posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified'));
+ wp('posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified'));
$post = $GLOBALS['post'];
$posts = $GLOBALS['posts'];
@@ -1092,7 +1106,7 @@ EOD;
$self_page = $page > 1 ? $page : NULL;
?>
the_entries_url() ?>
-
+
@@ -1104,7 +1118,7 @@ EOD;
-Copyright
+Copyright
ENTRY_PATH = 'attachment';
$varname = 'attachment_id';
break;
}
@@ -1174,8 +1189,8 @@ EOD;
-
-
+
+
post_type == 'attachment') { ?>
@@ -1189,9 +1204,7 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
-
-
-
+
@@ -1319,7 +1332,7 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
function redirect($url) {
log_app('Status','302: Redirect');
- $escaped_url = attribute_escape($url);
+ $escaped_url = esc_attr($url);
$content = <<
@@ -1479,12 +1492,13 @@ EOD;
// If Basic Auth is working...
if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
log_app("Basic Auth",$_SERVER['PHP_AUTH_USER']);
- $user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
- if ( $user && !is_wp_error($user) ) {
- wp_set_current_user($user->ID);
- log_app("authenticate()", $_SERVER['PHP_AUTH_USER']);
- return true;
- }
+ }
+
+ $user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+ if ( $user && !is_wp_error($user) ) {
+ wp_set_current_user($user->ID);
+ log_app("authenticate()", $user->user_login);
+ return true;
}
return false;