X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/699231ae09f7057a4d0000cdf32e50a3df6a04ca..refs/tags/wordpress-4.7.1:/wp-mail.php diff --git a/wp-mail.php b/wp-mail.php index 69b54156..35fb24ae 100644 --- a/wp-mail.php +++ b/wp-mail.php @@ -10,11 +10,22 @@ /** Make sure that the WordPress bootstrap has run before continuing. */ require(dirname(__FILE__) . '/wp-load.php'); +/** This filter is documented in wp-admin/options.php */ if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) - wp_die( __( 'This action has been disabled by the administrator.' ) ); + wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); -/** Allow a plugin to do a complete takeover of Post by Email **/ -do_action('wp-mail.php'); +$mailserver_url = get_option( 'mailserver_url' ); + +if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) { + wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); +} + +/** + * Fires to allow a plugin to do a complete takeover of Post by Email. + * + * @since 2.9.0 + */ +do_action( 'wp-mail.php' ); /** Get the POP3 class with which to access the mailbox. */ require_once( ABSPATH . WPINC . '/class-pop3.php' ); @@ -30,7 +41,7 @@ if ( $last_checked ) set_transient('mailserver_last_checked', true, WP_MAIL_INTERVAL); -$time_difference = get_option('gmt_offset') * 3600; +$time_difference = get_option('gmt_offset') * HOUR_IN_SECONDS; $phone_delim = '::'; @@ -61,9 +72,8 @@ for ( $i = 1; $i <= $count; $i++ ) { $content_transfer_encoding = ''; $post_author = 1; $author_found = false; - $dmonths = array('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'); foreach ($message as $line) { - // body signal + // Body signal. if ( strlen($line) < 3 ) $bodysignal = true; if ( $bodysignal ) { @@ -103,55 +113,33 @@ for ( $i = 1; $i <= $count; $i++ ) { $subject = $subject[0]; } - // Set the author using the email address (From or Reply-To, the last used) - // otherwise use the site admin - if ( preg_match('/(From|Reply-To): /', $line) ) { + /* + * Set the author using the email address (From or Reply-To, the last used) + * otherwise use the site admin. + */ + if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) { if ( preg_match('|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches) ) $author = $matches[0]; else $author = trim($line); $author = sanitize_email($author); if ( is_email($author) ) { + /* translators: Post author email address */ echo '

' . sprintf(__('Author is %s'), $author) . '

'; - $userdata = get_user_by_email($author); - if ( empty($userdata) ) { - $author_found = false; - } else { + $userdata = get_user_by('email', $author); + if ( ! empty( $userdata ) ) { $post_author = $userdata->ID; $author_found = true; } - } else { - $author_found = false; } } - if (preg_match('/Date: /i', $line)) { // of the form '20 Mar 2002 20:32:37' - $ddate = trim($line); - $ddate = str_replace('Date: ', '', $ddate); - if (strpos($ddate, ',')) { - $ddate = trim(substr($ddate, strpos($ddate, ',') + 1, strlen($ddate))); - } - $date_arr = explode(' ', $ddate); - $date_time = explode(':', $date_arr[3]); - - $ddate_H = $date_time[0]; - $ddate_i = $date_time[1]; - $ddate_s = $date_time[2]; - - $ddate_m = $date_arr[1]; - $ddate_d = $date_arr[0]; - $ddate_Y = $date_arr[2]; - for ( $j = 0; $j < 12; $j++ ) { - if ( $ddate_m == $dmonths[$j] ) { - $ddate_m = $j+1; - } - } - - $time_zn = intval($date_arr[4]) * 36; - $ddate_U = gmmktime($ddate_H, $ddate_i, $ddate_s, $ddate_m, $ddate_d, $ddate_Y); - $ddate_U = $ddate_U - $time_zn; - $post_date = gmdate('Y-m-d H:i:s', $ddate_U + $time_difference); - $post_date_gmt = gmdate('Y-m-d H:i:s', $ddate_U); + if ( preg_match( '/Date: /i', $line ) ) { // of the form '20 Mar 2002 20:32:37 +0100' + $ddate = str_replace( 'Date: ', '', trim( $line ) ); + $ddate = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate ); // remove parenthesised timezone string if it exists, as this confuses strtotime + $ddate_U = strtotime( $ddate ); + $post_date = gmdate( 'Y-m-d H:i:s', $ddate_U + $time_difference ); + $post_date_gmt = gmdate( 'Y-m-d H:i:s', $ddate_U ); } } } @@ -161,7 +149,7 @@ for ( $i = 1; $i <= $count; $i++ ) { $user = new WP_User($post_author); $post_status = ( $user->has_cap('publish_posts') ) ? 'publish' : 'pending'; } else { - // Author not found in DB, set status to pending. Author already set to admin. + // Author not found in DB, set status to pending. Author already set to admin. $post_status = 'pending'; } @@ -170,7 +158,8 @@ for ( $i = 1; $i <= $count; $i++ ) { if ( $content_type == 'multipart/alternative' ) { $content = explode('--'.$boundary, $content); $content = $content[2]; - // match case-insensitive content-transfer-encoding + + // Match case-insensitive content-transfer-encoding. if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim) ) { $content = explode($delim[0], $content); $content = $content[1]; @@ -179,9 +168,17 @@ for ( $i = 1; $i <= $count; $i++ ) { } $content = trim($content); - //Give Post-By-Email extending plugins full access to the content - //Either the raw content or the content of the last quoted-printable section - $content = apply_filters('wp_mail_original_content', $content); + /** + * Filters the original content of the email. + * + * Give Post-By-Email extending plugins full access to the content, either + * the raw content, or the content of the last quoted-printable section. + * + * @since 2.8.0 + * + * @param string $content The original email content. + */ + $content = apply_filters( 'wp_mail_original_content', $content ); if ( false !== stripos($content_transfer_encoding, "quoted-printable") ) { $content = quoted_printable_decode($content); @@ -197,7 +194,14 @@ for ( $i = 1; $i <= $count; $i++ ) { $content = trim($content); - $post_content = apply_filters('phone_content', $content); + /** + * Filters the content of the post submitted by email before saving. + * + * @since 1.2.0 + * + * @param string $content The email content. + */ + $post_content = apply_filters( 'phone_content', $content ); $post_title = xmlrpc_getposttitle($content); @@ -206,7 +210,7 @@ for ( $i = 1; $i <= $count; $i++ ) { $post_category = array(get_option('default_email_category')); $post_data = compact('post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status'); - $post_data = add_magic_quotes($post_data); + $post_data = wp_slash($post_data); $post_ID = wp_insert_post($post_data); if ( is_wp_error( $post_ID ) ) @@ -216,21 +220,34 @@ for ( $i = 1; $i <= $count; $i++ ) { if ( empty( $post_ID ) ) continue; - do_action('publish_phone', $post_ID); + /** + * Fires after a post submitted by email is published. + * + * @since 1.2.0 + * + * @param int $post_ID The post ID. + */ + do_action( 'publish_phone', $post_ID ); - echo "\n

" . sprintf(__('Author: %s'), esc_html($post_author)) . '

'; - echo "\n

" . sprintf(__('Posted title: %s'), esc_html($post_title)) . '

'; + echo "\n

" . __( 'Author:' ) . ' ' . esc_html( $post_author ) . '

'; + echo "\n

" . __( 'Posted title:' ) . ' ' . esc_html( $post_title ) . '

'; if(!$pop3->delete($i)) { - echo '

' . sprintf(__('Oops: %s'), esc_html($pop3->ERROR)) . '

'; + echo '

' . sprintf( + /* translators: %s: POP3 error */ + __( 'Oops: %s' ), + esc_html( $pop3->ERROR ) + ) . '

'; $pop3->reset(); exit; } else { - echo '

' . sprintf(__('Mission complete. Message %s deleted.'), $i) . '

'; + echo '

' . sprintf( + /* translators: %s: the message ID */ + __( 'Mission complete. Message %s deleted.' ), + '' . $i . '' + ) . '

'; } } $pop3->quit(); - -?>