X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/3e7fab96d7874067884348df10bbdcdefa4a89ad..refs/tags/wordpress-2.8-scripts:/wp-app.php
diff --git a/wp-app.php b/wp-app.php
index e0fdaf32..0ada250e 100644
--- a/wp-app.php
+++ b/wp-app.php
@@ -1,25 +1,64 @@
+ * @author Modified by Dougal Campbell
+ * @version 1.0.5-dc
*/
+/**
+ * WordPress is handling an Atom Publishing Protocol request.
+ *
+ * @var bool
+ */
define('APP_REQUEST', true);
-require_once('./wp-config.php');
+/** Set up WordPress environment */
+require_once('./wp-load.php');
+
+/** Post Template API */
require_once(ABSPATH . WPINC . '/post-template.php');
+
+/** Atom Publishing Protocol Class */
require_once(ABSPATH . WPINC . '/atomlib.php');
+/** Feed Handling API */
+require_once(ABSPATH . WPINC . '/feed.php');
+
+/** Admin Image API for metadata updating */
+require_once(ABSPATH . '/wp-admin/includes/image.php');
+
$_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] );
+/**
+ * Whether to enable Atom Publishing Protocol Logging.
+ *
+ * @name app_logging
+ * @var int|bool
+ */
$app_logging = 0;
-// TODO: Should be an option somewhere
+/**
+ * Whether to always authenticate user. Permanently set to true.
+ *
+ * @name always_authenticate
+ * @var int|bool
+ * @todo Should be an option somewhere
+ */
$always_authenticate = 1;
+/**
+ * Writes logging info to a file.
+ *
+ * @since 2.2.0
+ * @uses $app_logging
+ * @package WordPress
+ * @subpackage Logging
+ *
+ * @param string $label Type of logging
+ * @param string $msg Information describing logging reason.
+ */
function log_app($label,$msg) {
global $app_logging;
if ($app_logging) {
@@ -31,6 +70,9 @@ function log_app($label,$msg) {
}
if ( !function_exists('wp_set_current_user') ) :
+/**
+ * @ignore
+ */
function wp_set_current_user($id, $name = '') {
global $current_user;
@@ -43,42 +85,173 @@ function wp_set_current_user($id, $name = '') {
}
endif;
+/**
+ * Filter to add more post statuses.
+ *
+ * @since 2.2.0
+ *
+ * @param string $where SQL statement to filter.
+ * @return string Filtered SQL statement with added post_status for where clause.
+ */
function wa_posts_where_include_drafts_filter($where) {
- $where = str_replace("post_status = 'publish'","post_status = 'publish' OR post_status = 'future' OR post_status = 'draft' OR post_status = 'inherit'", $where);
- return $where;
+ $where = str_replace("post_status = 'publish'","post_status = 'publish' OR post_status = 'future' OR post_status = 'draft' OR post_status = 'inherit'", $where);
+ return $where;
}
add_filter('posts_where', 'wa_posts_where_include_drafts_filter');
+/**
+ * WordPress AtomPub API implementation.
+ *
+ * @package WordPress
+ * @subpackage Publishing
+ * @since 2.2.0
+ */
class AtomServer {
+ /**
+ * ATOM content type.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ATOM_CONTENT_TYPE = 'application/atom+xml';
+
+ /**
+ * Categories ATOM content type.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $CATEGORIES_CONTENT_TYPE = 'application/atomcat+xml';
+
+ /**
+ * Service ATOM content type.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $SERVICE_CONTENT_TYPE = 'application/atomsvc+xml';
+ /**
+ * ATOM XML namespace.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $ATOM_NS = 'http://www.w3.org/2005/Atom';
+
+ /**
+ * ATOMPUB XML namespace.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $ATOMPUB_NS = 'http://www.w3.org/2007/app';
+ /**
+ * Entries path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ENTRIES_PATH = "posts";
+
+ /**
+ * Categories path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $CATEGORIES_PATH = "categories";
+
+ /**
+ * Media path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $MEDIA_PATH = "attachments";
+
+ /**
+ * Entry path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ENTRY_PATH = "post";
+
+ /**
+ * Service path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $SERVICE_PATH = "service";
+
+ /**
+ * Media single path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $MEDIA_SINGLE_PATH = "attachment";
+ /**
+ * ATOMPUB parameters.
+ *
+ * @since 2.2.0
+ * @var array
+ */
var $params = array();
- var $script_name = "wp-app.php";
+
+ /**
+ * Supported ATOMPUB media types.
+ *
+ * @since 2.3.0
+ * @var array
+ */
var $media_content_types = array('image/*','audio/*','video/*');
+
+ /**
+ * ATOMPUB content type(s).
+ *
+ * @since 2.2.0
+ * @var array
+ */
var $atom_content_types = array('application/atom+xml');
+ /**
+ * ATOMPUB methods.
+ *
+ * @since 2.2.0
+ * @var unknown_type
+ */
var $selectors = array();
- // support for head
+ /**
+ * Whether to do output.
+ *
+ * Support for head.
+ *
+ * @since 2.2.0
+ * @var bool
+ */
var $do_output = true;
+ /**
+ * PHP4 constructor - Sets up object properties.
+ *
+ * @since 2.2.0
+ * @return AtomServer
+ */
function AtomServer() {
$this->script_name = array_pop(explode('/',$_SERVER['SCRIPT_NAME']));
+ $this->app_base = get_bloginfo('url') . '/' . $this->script_name . '/';
+ if ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) {
+ $this->app_base = preg_replace( '/^http:\/\//', 'https://', $this->app_base );
+ }
$this->selectors = array(
'@/service$@' =>
@@ -106,10 +279,19 @@ class AtomServer {
);
}
+ /**
+ * Handle ATOMPUB request.
+ *
+ * @since 2.2.0
+ */
function handle_request() {
global $always_authenticate;
- $path = $_SERVER['PATH_INFO'];
+ if( !empty( $_SERVER['ORIG_PATH_INFO'] ) )
+ $path = $_SERVER['ORIG_PATH_INFO'];
+ else
+ $path = $_SERVER['PATH_INFO'];
+
$method = $_SERVER['REQUEST_METHOD'];
log_app('REQUEST',"$method $path\n================");
@@ -128,6 +310,10 @@ class AtomServer {
$this->redirect($this->get_service_url());
}
+ // check to see if AtomPub is enabled
+ if( !get_option( 'enable_app' ) )
+ $this->forbidden( sprintf( __( 'AtomPub services are disabled on this blog. An admin user can enable them at %s' ), admin_url('options-writing.php') ) );
+
// dispatch
foreach($this->selectors as $regex => $funcs) {
if(preg_match($regex, $path, $matches)) {
@@ -135,9 +321,7 @@ class AtomServer {
// authenticate regardless of the operation and set the current
// user. each handler will decide if auth is required or not.
- $this->authenticate();
- $u = wp_get_current_user();
- if(!isset($u) || $u->ID == 0) {
+ if(!$this->authenticate()) {
if ($always_authenticate) {
$this->auth_required('Credentials required.');
}
@@ -157,30 +341,36 @@ class AtomServer {
$this->not_found();
}
+ /**
+ * Retrieve XML for ATOMPUB service.
+ *
+ * @since 2.2.0
+ */
function get_service() {
log_app('function','get_service()');
- if( !current_user_can( 'edit_posts' ) )
+ if( !current_user_can( 'edit_posts' ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
- $entries_url = attribute_escape($this->get_entries_url());
- $categories_url = attribute_escape($this->get_categories_url());
- $media_url = attribute_escape($this->get_attachments_url());
- foreach ($this->media_content_types as $med) {
- $accepted_media_types = $accepted_media_types . "" . $med . "";
- }
+ $entries_url = esc_attr($this->get_entries_url());
+ $categories_url = esc_attr($this->get_categories_url());
+ $media_url = esc_attr($this->get_attachments_url());
+ foreach ($this->media_content_types as $med) {
+ $accepted_media_types = $accepted_media_types . "" . $med . "";
+ }
$atom_prefix="atom";
+ $atom_blogname=get_bloginfo('name');
$service_doc = <<
- <$atom_prefix:title>WordPress Workspace
+ <$atom_prefix:title>$atom_blogname Workspace
- <$atom_prefix:title>WordPress Posts
+ <$atom_prefix:title>$atom_blogname Posts
$this->ATOM_CONTENT_TYPE;type=entry
- <$atom_prefix:title>WordPress Media
+ <$atom_prefix:title>$atom_blogname Media
$accepted_media_types
@@ -191,18 +381,23 @@ EOD;
$this->output($service_doc, $this->SERVICE_CONTENT_TYPE);
}
+ /**
+ * Retrieve categories list in XML format.
+ *
+ * @since 2.2.0
+ */
function get_categories_xml() {
log_app('function','get_categories_xml()');
- if( !current_user_can( 'edit_posts' ) )
+ if( !current_user_can( 'edit_posts' ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
- $home = attribute_escape(get_bloginfo_rss('home'));
+ $home = esc_attr(get_bloginfo_rss('home'));
$categories = "";
$cats = get_categories("hierarchical=0&hide_empty=0");
foreach ((array) $cats as $cat) {
- $categories .= " name) . "\" />\n";
+ $categories .= " name) . "\" />\n";
}
$output = <<output($output, $this->CATEGORIES_CONTENT_TYPE);
}
- /*
- * Create Post (No arguments)
+ /**
+ * Create new post.
+ *
+ * @since 2.2.0
*/
function create_post() {
- global $blog_id, $wpdb;
+ global $blog_id, $user_ID;
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
@@ -252,11 +449,11 @@ EOD;
$blog_ID = (int ) $blog_id;
$post_status = ($publish) ? 'publish' : 'draft';
- $post_author = (int) $user->ID;
+ $post_author = (int) $user_ID;
$post_title = $entry->title[1];
$post_content = $entry->content[1];
$post_excerpt = $entry->summary[1];
- $pubtimes = $this->get_publish_time($entry);
+ $pubtimes = $this->get_publish_time($entry->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
@@ -272,9 +469,8 @@ EOD;
if ( is_wp_error( $postID ) )
$this->internal_error($postID->get_error_message());
- if (!$postID) {
+ if (!$postID)
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
- }
// getting warning here about unable to set headers
// because something in the cache is printing to the buffer
@@ -282,17 +478,26 @@ EOD;
// this could affect our ability to send back the right headers
@wp_set_post_categories($postID, $post_category);
+ do_action( 'atompub_create_post', $postID, $entry );
+
$output = $this->get_entry($postID);
log_app('function',"create_post($postID)");
$this->created($postID, $output);
}
+ /**
+ * Retrieve post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function get_post($postID) {
global $entry;
if( !current_user_can( 'edit_post', $postID ) )
- $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
+ $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
$this->set_current_entry($postID);
$output = $this->get_entry($postID);
@@ -301,9 +506,14 @@ EOD;
}
+ /**
+ * Update post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_post($postID) {
- global $wpdb;
-
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
@@ -319,31 +529,27 @@ EOD;
// check for not found
global $entry;
- $entry = $GLOBALS['entry'];
$this->set_current_entry($postID);
if(!current_user_can('edit_post', $entry['ID']))
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
$publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true;
+ $post_status = ($publish) ? 'publish' : 'draft';
extract($entry);
$post_title = $parsed->title[1];
$post_content = $parsed->content[1];
$post_excerpt = $parsed->summary[1];
- $pubtimes = $this->get_publish_time($entry);
+ $pubtimes = $this->get_publish_time($entry->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
+ $pubtimes = $this->get_publish_time($parsed->updated);
+ $post_modified = $pubtimes[0];
+ $post_modified_gmt = $pubtimes[1];
- // let's not go backwards and make something draft again.
- if(!$publish && $post_status == 'draft') {
- $post_status = ($publish) ? 'publish' : 'draft';
- } elseif($publish) {
- $post_status = 'publish';
- }
-
- $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_date', 'post_date_gmt');
+ $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt');
$this->escape($postdata);
$result = wp_update_post($postdata);
@@ -352,10 +558,19 @@ EOD;
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
}
+ do_action( 'atompub_put_post', $ID, $parsed );
+
log_app('function',"put_post($postID)");
$this->ok();
}
+ /**
+ * Remove post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function delete_post($postID) {
// check for not found
@@ -381,9 +596,16 @@ EOD;
}
- function get_attachment($postID = NULL) {
+ /**
+ * Retrieve attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Optional. Post ID.
+ */
+ function get_attachment($postID = null) {
if( !current_user_can( 'upload_files' ) )
- $this->auth_required( __( 'Sorry, you do not have the right to file uploads on this blog.' ) );
+ $this->auth_required( __( 'Sorry, you do not have permission to upload files.' ) );
if (!isset($postID)) {
$this->get_attachments();
@@ -395,8 +617,12 @@ EOD;
}
}
+ /**
+ * Create new attachment.
+ *
+ * @since 2.2.0
+ */
function create_attachment() {
- global $wp, $wpdb, $wp_query, $blog_id;
$type = $this->get_accepted_content_type();
@@ -404,7 +630,7 @@ EOD;
$this->auth_required(__('You do not have permission to upload files.'));
$fp = fopen("php://input", "rb");
- $bits = NULL;
+ $bits = null;
while(!feof($fp)) {
$bits .= fread($fp, 4096);
}
@@ -417,7 +643,7 @@ EOD;
$slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] );
elseif ( empty( $slug ) ) // just make a random name
$slug = substr( md5( uniqid( microtime() ) ), 0, 7);
- $ext = preg_replace( '|.*/([a-z]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
+ $ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
$slug = "$slug.$ext";
$file = wp_upload_bits( $slug, NULL, $bits);
@@ -425,9 +651,8 @@ EOD;
$url = $file['url'];
$file = $file['file'];
- $filename = basename($file);
- $header = apply_filters('wp_create_file_in_uploads', $file); // replicate
+ do_action('wp_create_file_in_uploads', $file); // replicate
// Construct the attachment array
$attachment = array(
@@ -440,11 +665,10 @@ EOD;
);
// Save the data
- $postID = wp_insert_attachment($attachment, $file, $post);
+ $postID = wp_insert_attachment($attachment, $file);
- if (!$postID) {
+ if (!$postID)
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
- }
$output = $this->get_entry($postID, 'attachment');
@@ -452,9 +676,14 @@ EOD;
log_app('function',"create_attachment($postID)");
}
+ /**
+ * Update attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_attachment($postID) {
- global $wpdb;
-
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
@@ -473,14 +702,15 @@ EOD;
if(!current_user_can('edit_post', $entry['ID']))
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
- $publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true;
-
extract($entry);
$post_title = $parsed->title[1];
- $post_content = $parsed->content[1];
+ $post_content = $parsed->summary[1];
+ $pubtimes = $this->get_publish_time($parsed->updated);
+ $post_modified = $pubtimes[0];
+ $post_modified_gmt = $pubtimes[1];
- $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt');
+ $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_modified', 'post_modified_gmt');
$this->escape($postdata);
$result = wp_update_post($postdata);
@@ -493,6 +723,13 @@ EOD;
$this->ok();
}
+ /**
+ * Remove attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function delete_attachment($postID) {
log_app('function',"delete_attachment($postID). File '$location' deleted.");
@@ -524,6 +761,13 @@ EOD;
$this->ok();
}
+ /**
+ * Retrieve attachment from post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function get_file($postID) {
// check for not found
@@ -555,10 +799,15 @@ EOD;
exit;
}
+ /**
+ * Upload file to blog and add attachment to post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_file($postID) {
- $type = $this->get_accepted_content_type();
-
// first check if user can upload
if(!current_user_can('upload_files'))
$this->auth_required(__('You do not have permission to upload files.'));
@@ -572,9 +821,12 @@ EOD;
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
}
+ $upload_dir = wp_upload_dir( );
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
+ $location = "{$upload_dir['basedir']}/{$location}";
+
if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
@@ -587,99 +839,186 @@ EOD;
fclose($localfp);
$ID = $entry['ID'];
- $pubtimes = $this->get_publish_time($entry);
+ $pubtimes = $this->get_publish_time($entry->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
+ $pubtimes = $this->get_publish_time($parsed->updated);
+ $post_modified = $pubtimes[0];
+ $post_modified_gmt = $pubtimes[1];
- $post_data = compact('ID', 'post_date', 'post_date_gmt');
+ $post_data = compact('ID', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt');
$result = wp_update_post($post_data);
if (!$result) {
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
}
+ wp_update_attachment_metadata( $postID, wp_generate_attachment_metadata( $postID, $location ) );
+
log_app('function',"put_file($postID)");
$this->ok();
}
- function get_entries_url($page = NULL) {
+ /**
+ * Retrieve entries URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @return string
+ */
+ function get_entries_url($page = null) {
if($GLOBALS['post_type'] == 'attachment') {
$path = $this->MEDIA_PATH;
} else {
$path = $this->ENTRIES_PATH;
}
- $url = get_bloginfo('url') . '/' . $this->script_name . '/' . $path;
+ $url = $this->app_base . $path;
if(isset($page) && is_int($page)) {
$url .= "/$page";
}
return $url;
}
- function the_entries_url($page = NULL) {
- $url = $this->get_entries_url($page);
- echo $url;
+ /**
+ * Display entries URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ */
+ function the_entries_url($page = null) {
+ echo $this->get_entries_url($page);
}
- function get_categories_url($page = NULL) {
- return get_bloginfo('url') . '/' . $this->script_name . '/' . $this->CATEGORIES_PATH;
+ /**
+ * Retrieve categories URL.
+ *
+ * @since 2.2.0
+ *
+ * @param mixed $deprecated Optional, not used.
+ * @return string
+ */
+ function get_categories_url($deprecated = '') {
+ return $this->app_base . $this->CATEGORIES_PATH;
}
+ /**
+ * Display category URL.
+ *
+ * @since 2.2.0
+ */
function the_categories_url() {
- $url = $this->get_categories_url();
- echo $url;
+ echo $this->get_categories_url();
}
- function get_attachments_url($page = NULL) {
- $url = get_bloginfo('url') . '/' . $this->script_name . '/' . $this->MEDIA_PATH;
+ /**
+ * Retrieve attachment URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @return string
+ */
+ function get_attachments_url($page = null) {
+ $url = $this->app_base . $this->MEDIA_PATH;
if(isset($page) && is_int($page)) {
$url .= "/$page";
}
return $url;
}
- function the_attachments_url($page = NULL) {
- $url = $this->get_attachments_url($page);
- echo $url;
+ /**
+ * Display attachment URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ */
+ function the_attachments_url($page = null) {
+ echo $this->get_attachments_url($page);
}
+ /**
+ * Retrieve service URL.
+ *
+ * @since 2.3.0
+ *
+ * @return string
+ */
function get_service_url() {
- return get_bloginfo('url') . '/' . $this->script_name . '/' . $this->SERVICE_PATH;
+ return $this->app_base . $this->SERVICE_PATH;
}
- function get_entry_url($postID = NULL) {
+ /**
+ * Retrieve entry URL.
+ *
+ * @since 2.7.0
+ *
+ * @param int $postID Post ID.
+ * @return string
+ */
+ function get_entry_url($postID = null) {
if(!isset($postID)) {
global $post;
- $postID = (int) $GLOBALS['post']->ID;
+ $postID = (int) $post->ID;
}
- $url = get_bloginfo('url') . '/' . $this->script_name . '/' . $this->ENTRY_PATH . "/$postID";
+ $url = $this->app_base . $this->ENTRY_PATH . "/$postID";
log_app('function',"get_entry_url() = $url");
return $url;
}
- function the_entry_url($postID = NULL) {
- $url = $this->get_entry_url($postID);
- echo $url;
+ /**
+ * Display entry URL.
+ *
+ * @since 2.7.0
+ *
+ * @param int $postID Post ID.
+ */
+ function the_entry_url($postID = null) {
+ echo $this->get_entry_url($postID);
}
- function get_media_url($postID = NULL) {
+ /**
+ * Retrieve media URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ * @return string
+ */
+ function get_media_url($postID = null) {
if(!isset($postID)) {
global $post;
- $postID = (int) $GLOBALS['post']->ID;
+ $postID = (int) $post->ID;
}
- $url = get_bloginfo('url') . '/' . $this->script_name . '/' . $this->MEDIA_SINGLE_PATH ."/file/$postID";
+ $url = $this->app_base . $this->MEDIA_SINGLE_PATH ."/file/$postID";
log_app('function',"get_media_url() = $url");
return $url;
}
- function the_media_url($postID = NULL) {
- $url = $this->get_media_url($postID);
- echo $url;
+ /**
+ * Display the media URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
+ function the_media_url($postID = null) {
+ echo $this->get_media_url($postID);
}
+ /**
+ * Set the current entry to post ID.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function set_current_entry($postID) {
global $entry;
log_app('function',"set_current_entry($postID)");
@@ -697,24 +1036,51 @@ EOD;
return;
}
+ /**
+ * Display posts XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Optional. Page ID.
+ * @param string $post_type Optional, default is 'post'. Post Type.
+ */
function get_posts($page = 1, $post_type = 'post') {
log_app('function',"get_posts($page, '$post_type')");
$feed = $this->get_feed($page, $post_type);
$this->output($feed);
}
+ /**
+ * Display attachment XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @param string $post_type Optional, default is 'attachment'. Post type.
+ */
function get_attachments($page = 1, $post_type = 'attachment') {
- log_app('function',"get_attachments($page, '$post_type')");
- $GLOBALS['post_type'] = $post_type;
- $feed = $this->get_feed($page, $post_type);
- $this->output($feed);
+ log_app('function',"get_attachments($page, '$post_type')");
+ $GLOBALS['post_type'] = $post_type;
+ $feed = $this->get_feed($page, $post_type);
+ $this->output($feed);
}
+ /**
+ * Retrieve feed XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @param string $post_type Optional, default is post. Post type.
+ * @return string
+ */
function get_feed($page = 1, $post_type = 'post') {
- global $post, $wp, $wp_query, $posts, $wpdb, $blog_id, $post_cache;
+ global $post, $wp, $wp_query, $posts, $wpdb, $blog_id;
log_app('function',"get_feed($page, '$post_type')");
ob_start();
+ $this->ENTRY_PATH = $post_type;
+
if(!isset($page)) {
$page = 1;
}
@@ -722,7 +1088,7 @@ EOD;
$count = get_option('posts_per_rss');
- wp('what_to_show=posts&posts_per_page=' . $count . '&offset=' . ($count * ($page-1) ));
+ wp('posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified'));
$post = $GLOBALS['post'];
$posts = $GLOBALS['posts'];
@@ -730,7 +1096,6 @@ EOD;
$wp_query = $GLOBALS['wp_query'];
$wpdb = $GLOBALS['wpdb'];
$blog_id = (int) $GLOBALS['blog_id'];
- $post_cache = $GLOBALS['post_cache'];
log_app('function',"query_posts(# " . print_r($wp_query, true) . "#)");
log_app('function',"total_count(# $wp_query->max_num_pages #)");
@@ -741,7 +1106,7 @@ EOD;
$self_page = $page > 1 ? $page : NULL;
?>
the_entries_url() ?>
-
+
<?php bloginfo_rss('name') ?>
@@ -753,8 +1118,8 @@ EOD;
-Copyright
-WordPress.com Atom API
+Copyright
+
ENTRY_PATH = 'attachment';
$varname = 'attachment_id';
break;
}
@@ -796,11 +1170,16 @@ EOD;
return $entry;
}
+ /**
+ * Display post content XML.
+ *
+ * @since 2.3.0
+ */
function echo_entry() { ?>
ID); ?>
-prep_content(get_the_title()); ?>
+
<?php echo $content ?>
@@ -810,8 +1189,8 @@ EOD;
-
-
+
+
post_type == 'attachment') { ?>
@@ -820,45 +1199,22 @@ EOD;
post_content ) ) :
-list($content_type, $content) = $this->prep_content(get_the_content()); ?>
+list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
-
-
-
-prep_content(get_the_excerpt()); ?>
+
+
' . $data . '', true);
- $code = xml_get_error_code($parser);
- xml_parser_free($parser);
-
- if (!$code) {
- if (strpos($data, '<') === false) {
- return array('text', $data);
- } else {
- $data = "$data
";
- return array('xhtml', $data);
- }
- }
-
- if (strpos($data, ']]>') == false) {
- return array('html', "");
- } else {
- return array('html', htmlspecialchars($data));
- }
- }
-
+ /**
+ * Set 'OK' (200) status header.
+ *
+ * @since 2.2.0
+ */
function ok() {
log_app('Status','200: OK');
header('Content-Type: text/plain');
@@ -866,6 +1222,11 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'No Content' (204) status header.
+ *
+ * @since 2.2.0
+ */
function no_content() {
log_app('Status','204: No Content');
header('Content-Type: text/plain');
@@ -874,6 +1235,13 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Display 'Internal Server Error' (500) status header.
+ *
+ * @since 2.2.0
+ *
+ * @param string $msg Optional. Status string.
+ */
function internal_error($msg = 'Internal Server Error') {
log_app('Status','500: Server Error');
header('Content-Type: text/plain');
@@ -882,6 +1250,11 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Bad Request' (400) status header.
+ *
+ * @since 2.2.0
+ */
function bad_request() {
log_app('Status','400: Bad Request');
header('Content-Type: text/plain');
@@ -889,6 +1262,11 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Length Required' (411) status header.
+ *
+ * @since 2.2.0
+ */
function length_required() {
log_app('Status','411: Length Required');
header("HTTP/1.1 411 Length Required");
@@ -897,6 +1275,11 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Unsupported Media Type' (415) status header.
+ *
+ * @since 2.2.0
+ */
function invalid_media() {
log_app('Status','415: Unsupported Media Type');
header("HTTP/1.1 415 Unsupported Media Type");
@@ -904,6 +1287,24 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Forbidden' (403) status header.
+ *
+ * @since 2.6.0
+ */
+ function forbidden($reason='') {
+ log_app('Status','403: Forbidden');
+ header('Content-Type: text/plain');
+ status_header('403');
+ echo $reason;
+ exit;
+ }
+
+ /**
+ * Set 'Not Found' (404) status header.
+ *
+ * @since 2.2.0
+ */
function not_found() {
log_app('Status','404: Not Found');
header('Content-Type: text/plain');
@@ -911,6 +1312,11 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Not Allowed' (405) status header.
+ *
+ * @since 2.2.0
+ */
function not_allowed($allow) {
log_app('Status','405: Not Allowed');
header('Allow: ' . join(',', $allow));
@@ -918,10 +1324,15 @@ list($content_type, $content) = $this->prep_content(get_the_content()); ?>
exit;
}
+ /**
+ * Display Redirect (302) content and set status headers.
+ *
+ * @since 2.3.0
+ */
function redirect($url) {
log_app('Status','302: Redirect');
- $escaped_url = attribute_escape($url);
+ $escaped_url = esc_attr($url);
$content = <<
@@ -943,7 +1354,11 @@ EOD;
}
-
+ /**
+ * Set 'Client Error' (400) status header.
+ *
+ * @since 2.2.0
+ */
function client_error($msg = 'Client Error') {
log_app('Status','400: Client Error');
header('Content-Type: text/plain');
@@ -951,6 +1366,13 @@ EOD;
exit;
}
+ /**
+ * Set created status headers (201).
+ *
+ * Sets the 'content-type', 'content-location', and 'location'.
+ *
+ * @since 2.2.0
+ */
function created($post_ID, $content, $post_type = 'post') {
log_app('created()::$post_ID',"$post_ID, $post_type");
$edit = $this->get_entry_url($post_ID);
@@ -959,7 +1381,7 @@ EOD;
$ctloc = $this->get_entry_url($post_ID);
break;
case 'attachment':
- $edit = get_bloginfo('url') . '/' . $this->script_name . "/attachments/$post_ID";
+ $edit = $this->app_base . "attachments/$post_ID";
break;
}
header("Content-Type: $this->ATOM_CONTENT_TYPE");
@@ -971,12 +1393,19 @@ EOD;
exit;
}
+ /**
+ * Set 'Auth Required' (401) headers.
+ *
+ * @since 2.2.0
+ *
+ * @param string $msg Status header content and HTML content.
+ */
function auth_required($msg) {
log_app('Status','401: Auth Required');
nocache_headers();
header('WWW-Authenticate: Basic realm="WordPress Atom Protocol"');
header("HTTP/1.1 401 $msg");
- header('Status: ' . $msg);
+ header('Status: 401 ' . $msg);
header('Content-Type: text/html');
$content = <<
@@ -995,6 +1424,14 @@ EOD;
exit;
}
+ /**
+ * Display XML and set headers with content type.
+ *
+ * @since 2.2.0
+ *
+ * @param string $xml Display feed content.
+ * @param string $ctype Optional, default is 'atom+xml'. Feed content type.
+ */
function output($xml, $ctype = 'application/atom+xml') {
status_header('200');
$xml = ''."\n".$xml;
@@ -1009,6 +1446,13 @@ EOD;
exit;
}
+ /**
+ * Sanitize content for database usage.
+ *
+ * @since 2.2.0
+ *
+ * @param array $array Sanitize array and multi-dimension array.
+ */
function escape(&$array) {
global $wpdb;
@@ -1023,13 +1467,14 @@ EOD;
}
}
- /*
- * Access credential through various methods and perform login
+ /**
+ * Access credential through various methods and perform login.
+ *
+ * @since 2.2.0
+ *
+ * @return bool
*/
function authenticate() {
- $login_data = array();
- $already_md5 = false;
-
log_app("authenticate()",print_r($_ENV, true));
// if using mod_rewrite/ENV hack
@@ -1037,29 +1482,37 @@ EOD;
if(isset($_SERVER['HTTP_AUTHORIZATION'])) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+ } else if (isset($_SERVER['REDIRECT_REMOTE_USER'])) {
+ // Workaround for setups that do not forward HTTP_AUTHORIZATION
+ // See http://trac.wordpress.org/ticket/7361
+ list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
+ explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
}
// If Basic Auth is working...
if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
- $login_data = array('login' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']);
- log_app("Basic Auth",$login_data['login']);
- } else {
- // else, do cookie-based authentication
- if (function_exists('wp_get_cookie_login')) {
- $login_data = wp_get_cookie_login();
- $already_md5 = true;
- }
+ log_app("Basic Auth",$_SERVER['PHP_AUTH_USER']);
}
- // call wp_login and set current user
- if (!empty($login_data) && wp_login($login_data['login'], $login_data['password'], $already_md5)) {
- $current_user = new WP_User(0, $login_data['login']);
- wp_set_current_user($current_user->ID);
- log_app("authenticate()",$login_data['login']);
+ $user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+ if ( $user && !is_wp_error($user) ) {
+ wp_set_current_user($user->ID);
+ log_app("authenticate()", $user->user_login);
+ return true;
}
+
+ return false;
}
- function get_accepted_content_type($types = NULL) {
+ /**
+ * Retrieve accepted content types.
+ *
+ * @since 2.2.0
+ *
+ * @param array $types Optional. Content Types.
+ * @return string
+ */
+ function get_accepted_content_type($types = null) {
if(!isset($types)) {
$types = $this->media_content_types;
@@ -1085,6 +1538,11 @@ EOD;
$this->invalid_media();
}
+ /**
+ * Process conditionals for posts.
+ *
+ * @since 2.2.0
+ */
function process_conditionals() {
if(empty($this->params)) return;
@@ -1128,31 +1586,52 @@ EOD;
}
}
+ /**
+ * Convert RFC3339 time string to timestamp.
+ *
+ * @since 2.3.0
+ *
+ * @param string $str String to time.
+ * @return bool|int false if format is incorrect.
+ */
function rfc3339_str2time($str) {
- $match = false;
- if(!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match))
+ $match = false;
+ if(!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match))
return false;
- if($match[3] == 'Z')
+ if($match[3] == 'Z')
$match[3] == '+0000';
- return strtotime($match[1] . " " . $match[2] . " " . $match[3]);
+ return strtotime($match[1] . " " . $match[2] . " " . $match[3]);
}
- function get_publish_time($entry) {
+ /**
+ * Retrieve published time to display in XML.
+ *
+ * @since 2.3.0
+ *
+ * @param string $published Time string.
+ * @return string
+ */
+ function get_publish_time($published) {
- $pubtime = $this->rfc3339_str2time($entry->published);
+ $pubtime = $this->rfc3339_str2time($published);
- if(!$pubtime) {
+ if(!$pubtime) {
return array(current_time('mysql'),current_time('mysql',1));
- } else {
+ } else {
return array(date("Y-m-d H:i:s", $pubtime), gmdate("Y-m-d H:i:s", $pubtime));
- }
+ }
}
}
+/**
+ * AtomServer
+ * @var AtomServer
+ * @global object $server
+ */
$server = new AtomServer();
$server->handle_request();