X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/76aea3697c6043c1613370f172395b4f65ee71f0..2394dc71e94f8323dc422e89f9841959de78d328:/wp-app.php?ds=sidebyside
diff --git a/wp-app.php b/wp-app.php
index 8244dab3..323f832a 100644
--- a/wp-app.php
+++ b/wp-app.php
@@ -2,8 +2,6 @@
/**
* Atom Publishing Protocol support for WordPress
*
- * @author Original by Elias Torres
- * @author Modified by Dougal Campbell
* @version 1.0.5-dc
*/
@@ -17,14 +15,11 @@ define('APP_REQUEST', true);
/** Set up WordPress environment */
require_once('./wp-load.php');
-/** Post Template API */
-require_once(ABSPATH . WPINC . '/post-template.php');
-
/** Atom Publishing Protocol Class */
require_once(ABSPATH . WPINC . '/atomlib.php');
-/** Feed Handling API */
-require_once(ABSPATH . WPINC . '/feed.php');
+/** Admin Image API for metadata updating */
+require_once(ABSPATH . '/wp-admin/includes/image.php');
$_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] );
@@ -46,8 +41,9 @@ $app_logging = 0;
$always_authenticate = 1;
/**
- * log_app() - Writes logging info to a file.
+ * Writes logging info to a file.
*
+ * @since 2.2.0
* @uses $app_logging
* @package WordPress
* @subpackage Logging
@@ -65,36 +61,13 @@ function log_app($label,$msg) {
}
}
-if ( !function_exists('wp_set_current_user') ) :
/**
- * wp_set_current_user() - Sets the current WordPress User
- *
- * Pluggable function which is also found in pluggable.php.
+ * Filter to add more post statuses.
*
- * @see wp-includes/pluggable.php Documentation for this function.
- * @uses $current_user Global of current user to test whether $id is the same.
+ * @since 2.2.0
*
- * @param int $id The user's ID
- * @param string $name Optional. The username of the user.
- * @return WP_User Current user's User object
- */
-function wp_set_current_user($id, $name = '') {
- global $current_user;
-
- if ( isset($current_user) && ($id == $current_user->ID) )
- return $current_user;
-
- $current_user = new WP_User($id, $name);
-
- return $current_user;
-}
-endif;
-
-/**
- * wa_posts_where_include_drafts_filter() - Filter to add more post statuses
- *
- * @param string $where SQL statement to filter
- * @return string Filtered SQL statement with added post_status for where clause
+ * @param string $where SQL statement to filter.
+ * @return string Filtered SQL statement with added post_status for where clause.
*/
function wa_posts_where_include_drafts_filter($where) {
$where = str_replace("post_status = 'publish'","post_status = 'publish' OR post_status = 'future' OR post_status = 'draft' OR post_status = 'inherit'", $where);
@@ -104,44 +77,155 @@ function wa_posts_where_include_drafts_filter($where) {
add_filter('posts_where', 'wa_posts_where_include_drafts_filter');
/**
- * @internal
- * Left undocumented to work on later. If you want to finish, then please do so.
+ * WordPress AtomPub API implementation.
*
* @package WordPress
* @subpackage Publishing
+ * @since 2.2.0
*/
class AtomServer {
+ /**
+ * ATOM content type.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ATOM_CONTENT_TYPE = 'application/atom+xml';
+
+ /**
+ * Categories ATOM content type.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $CATEGORIES_CONTENT_TYPE = 'application/atomcat+xml';
+
+ /**
+ * Service ATOM content type.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $SERVICE_CONTENT_TYPE = 'application/atomsvc+xml';
+ /**
+ * ATOM XML namespace.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $ATOM_NS = 'http://www.w3.org/2005/Atom';
+
+ /**
+ * ATOMPUB XML namespace.
+ *
+ * @since 2.3.0
+ * @var string
+ */
var $ATOMPUB_NS = 'http://www.w3.org/2007/app';
+ /**
+ * Entries path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ENTRIES_PATH = "posts";
+
+ /**
+ * Categories path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $CATEGORIES_PATH = "categories";
+
+ /**
+ * Media path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $MEDIA_PATH = "attachments";
+
+ /**
+ * Entry path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $ENTRY_PATH = "post";
+
+ /**
+ * Service path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $SERVICE_PATH = "service";
+
+ /**
+ * Media single path.
+ *
+ * @since 2.2.0
+ * @var string
+ */
var $MEDIA_SINGLE_PATH = "attachment";
+ /**
+ * ATOMPUB parameters.
+ *
+ * @since 2.2.0
+ * @var array
+ */
var $params = array();
+
+ /**
+ * Supported ATOMPUB media types.
+ *
+ * @since 2.3.0
+ * @var array
+ */
var $media_content_types = array('image/*','audio/*','video/*');
+
+ /**
+ * ATOMPUB content type(s).
+ *
+ * @since 2.2.0
+ * @var array
+ */
var $atom_content_types = array('application/atom+xml');
+ /**
+ * ATOMPUB methods.
+ *
+ * @since 2.2.0
+ * @var unknown_type
+ */
var $selectors = array();
- // support for head
+ /**
+ * Whether to do output.
+ *
+ * Support for head.
+ *
+ * @since 2.2.0
+ * @var bool
+ */
var $do_output = true;
- function AtomServer() {
+ /**
+ * Constructor - Sets up object properties.
+ *
+ * @since 2.2.0
+ * @return AtomServer
+ */
+ function __construct() {
- $this->script_name = array_pop(explode('/',$_SERVER['SCRIPT_NAME']));
- $this->app_base = get_bloginfo('url') . '/' . $this->script_name . '/';
- if ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) {
- $this->app_base = preg_replace( '/^http:\/\//', 'https://', $this->app_base );
- }
+ $var_by_ref = explode( '/', $_SERVER['SCRIPT_NAME'] );
+ $this->script_name = array_pop( $var_by_ref );
+ $this->app_base = site_url( $this->script_name . '/' );
$this->selectors = array(
'@/service$@' =>
@@ -169,13 +253,18 @@ class AtomServer {
);
}
+ /**
+ * Handle ATOMPUB request.
+ *
+ * @since 2.2.0
+ */
function handle_request() {
global $always_authenticate;
- if( !empty( $_SERVER['ORIG_PATH_INFO'] ) )
+ if ( !empty( $_SERVER['ORIG_PATH_INFO'] ) )
$path = $_SERVER['ORIG_PATH_INFO'];
else
- $path = $_SERVER['PATH_INFO'];
+ $path = $_SERVER['PATH_INFO'];
$method = $_SERVER['REQUEST_METHOD'];
@@ -185,40 +274,38 @@ class AtomServer {
//$this->process_conditionals();
// exception case for HEAD (treat exactly as GET, but don't output)
- if($method == 'HEAD') {
+ if ($method == 'HEAD') {
$this->do_output = false;
$method = 'GET';
}
// redirect to /service in case no path is found.
- if(strlen($path) == 0 || $path == '/') {
+ if (strlen($path) == 0 || $path == '/')
$this->redirect($this->get_service_url());
- }
// check to see if AtomPub is enabled
- if( !get_option( 'enable_app' ) )
- $this->forbidden( sprintf( __( 'AtomPub services are disabled on this blog. An admin user can enable them at %s' ), admin_url('options-writing.php') ) );
+ if ( !get_option( 'enable_app' ) )
+ $this->forbidden( sprintf( __( 'AtomPub services are disabled on this site. An admin user can enable them at %s' ), admin_url('options-writing.php') ) );
// dispatch
- foreach($this->selectors as $regex => $funcs) {
- if(preg_match($regex, $path, $matches)) {
- if(isset($funcs[$method])) {
-
- // authenticate regardless of the operation and set the current
- // user. each handler will decide if auth is required or not.
- if(!$this->authenticate()) {
- if ($always_authenticate) {
- $this->auth_required('Credentials required.');
+ foreach ( $this->selectors as $regex => $funcs ) {
+ if ( preg_match($regex, $path, $matches) ) {
+ if ( isset($funcs[$method]) ) {
+
+ // authenticate regardless of the operation and set the current
+ // user. each handler will decide if auth is required or not.
+ if ( !$this->authenticate() ) {
+ if ( $always_authenticate )
+ $this->auth_required('Credentials required.');
}
- }
- array_shift($matches);
- call_user_func_array(array(&$this,$funcs[$method]), $matches);
- exit();
- } else {
- // only allow what we have handlers for...
- $this->not_allowed(array_keys($funcs));
- }
+ array_shift($matches);
+ call_user_func_array(array(&$this,$funcs[$method]), $matches);
+ exit();
+ } else {
+ // only allow what we have handlers for...
+ $this->not_allowed(array_keys($funcs));
+ }
}
}
@@ -226,20 +313,26 @@ class AtomServer {
$this->not_found();
}
+ /**
+ * Retrieve XML for ATOMPUB service.
+ *
+ * @since 2.2.0
+ */
function get_service() {
log_app('function','get_service()');
- if( !current_user_can( 'edit_posts' ) )
- $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
+ if ( !current_user_can( 'edit_posts' ) )
+ $this->auth_required( __( 'Sorry, you do not have the right to access this site.' ) );
- $entries_url = attribute_escape($this->get_entries_url());
- $categories_url = attribute_escape($this->get_categories_url());
- $media_url = attribute_escape($this->get_attachments_url());
+ $entries_url = esc_attr($this->get_entries_url());
+ $categories_url = esc_attr($this->get_categories_url());
+ $media_url = esc_attr($this->get_attachments_url());
+ $accepted_media_types = '';
foreach ($this->media_content_types as $med) {
$accepted_media_types = $accepted_media_types . "" . $med . "";
}
$atom_prefix="atom";
- $atom_blogname=get_bloginfo('name');
+ $atom_blogname = get_bloginfo('name');
$service_doc = <<
@@ -261,19 +354,24 @@ EOD;
$this->output($service_doc, $this->SERVICE_CONTENT_TYPE);
}
+ /**
+ * Retrieve categories list in XML format.
+ *
+ * @since 2.2.0
+ */
function get_categories_xml() {
log_app('function','get_categories_xml()');
- if( !current_user_can( 'edit_posts' ) )
- $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
+ if ( !current_user_can( 'edit_posts' ) )
+ $this->auth_required( __( 'Sorry, you do not have the right to access this site.' ) );
- $home = attribute_escape(get_bloginfo_rss('home'));
+ $home = esc_attr(get_bloginfo_rss('url'));
$categories = "";
- $cats = get_categories("hierarchical=0&hide_empty=0");
- foreach ((array) $cats as $cat) {
- $categories .= " name) . "\" />\n";
-}
+ $cats = get_categories(array('hierarchical' => 0, 'hide_empty' => 0));
+ foreach ( (array) $cats as $cat ) {
+ $categories .= " name) . "\" />\n";
+ }
$output = <<
EOD;
- $this->output($output, $this->CATEGORIES_CONTENT_TYPE);
-}
+ $this->output($output, $this->CATEGORIES_CONTENT_TYPE);
+ }
- /*
- * Create Post (No arguments)
+ /**
+ * Create new post.
+ *
+ * @since 2.2.0
*/
function create_post() {
- global $blog_id, $user_ID;
+ global $user_ID;
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
- if(!$parser->parse()) {
+ if ( !$parser->parse() )
$this->client_error();
- }
$entry = array_pop($parser->feed->entries);
log_app('Received entry:', print_r($entry,true));
$catnames = array();
- foreach($entry->categories as $cat)
+ foreach ( $entry->categories as $cat ) {
array_push($catnames, $cat["term"]);
+ }
$wp_cats = get_categories(array('hide_empty' => false));
$post_category = array();
- foreach($wp_cats as $cat) {
- if(in_array($cat->name, $catnames))
+ foreach ( $wp_cats as $cat ) {
+ if ( in_array($cat->name, $catnames) )
array_push($post_category, $cat->term_id);
}
- $publish = (isset($entry->draft) && trim($entry->draft) == 'yes') ? false : true;
+ $publish = ! ( isset( $entry->draft ) && 'yes' == trim( $entry->draft ) );
$cap = ($publish) ? 'publish_posts' : 'edit_posts';
- if(!current_user_can($cap))
+ if ( !current_user_can($cap) )
$this->auth_required(__('Sorry, you do not have the right to edit/publish new posts.'));
- $blog_ID = (int ) $blog_id;
+ $blog_ID = get_current_blog_id();
$post_status = ($publish) ? 'publish' : 'draft';
$post_author = (int) $user_ID;
$post_title = $entry->title[1];
@@ -342,7 +442,7 @@ EOD;
if ( is_wp_error( $postID ) )
$this->internal_error($postID->get_error_message());
- if (!$postID)
+ if ( !$postID )
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
// getting warning here about unable to set headers
@@ -351,16 +451,25 @@ EOD;
// this could affect our ability to send back the right headers
@wp_set_post_categories($postID, $post_category);
+ do_action( 'atompub_create_post', $postID, $entry );
+
$output = $this->get_entry($postID);
log_app('function',"create_post($postID)");
$this->created($postID, $output);
}
+ /**
+ * Retrieve post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function get_post($postID) {
global $entry;
- if( !current_user_can( 'edit_post', $postID ) )
+ if ( !current_user_can( 'edit_post', $postID ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
$this->set_current_entry($postID);
@@ -370,15 +479,21 @@ EOD;
}
+ /**
+ * Update post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_post($postID) {
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
- if(!$parser->parse()) {
+ if ( !$parser->parse() )
$this->bad_request();
- }
$parsed = array_pop($parser->feed->entries);
@@ -388,10 +503,10 @@ EOD;
global $entry;
$this->set_current_entry($postID);
- if(!current_user_can('edit_post', $entry['ID']))
+ if ( !current_user_can('edit_post', $entry['ID']) )
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
- $publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true;
+ $publish = ! ( isset($parsed->draft) && 'yes' == trim($parsed->draft) );
$post_status = ($publish) ? 'publish' : 'draft';
extract($entry);
@@ -411,30 +526,37 @@ EOD;
$result = wp_update_post($postdata);
- if (!$result) {
+ if ( !$result )
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
- }
+
+ do_action( 'atompub_put_post', $ID, $parsed );
log_app('function',"put_post($postID)");
$this->ok();
}
+ /**
+ * Remove post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function delete_post($postID) {
// check for not found
global $entry;
$this->set_current_entry($postID);
- if(!current_user_can('edit_post', $postID)) {
+ if ( !current_user_can('edit_post', $postID) )
$this->auth_required(__('Sorry, you do not have the right to delete this post.'));
- }
- if ($entry['post_type'] == 'attachment') {
+ if ( $entry['post_type'] == 'attachment' ) {
$this->delete_attachment($postID);
} else {
$result = wp_delete_post($postID);
- if (!$result) {
+ if ( !$result ) {
$this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.'));
}
@@ -444,11 +566,18 @@ EOD;
}
- function get_attachment($postID = NULL) {
- if( !current_user_can( 'upload_files' ) )
+ /**
+ * Retrieve attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Optional. Post ID.
+ */
+ function get_attachment($postID = null) {
+ if ( !current_user_can( 'upload_files' ) )
$this->auth_required( __( 'Sorry, you do not have permission to upload files.' ) );
- if (!isset($postID)) {
+ if ( !isset($postID) ) {
$this->get_attachments();
} else {
$this->set_current_entry($postID);
@@ -458,29 +587,34 @@ EOD;
}
}
+ /**
+ * Create new attachment.
+ *
+ * @since 2.2.0
+ */
function create_attachment() {
$type = $this->get_accepted_content_type();
- if(!current_user_can('upload_files'))
+ if ( !current_user_can('upload_files') )
$this->auth_required(__('You do not have permission to upload files.'));
$fp = fopen("php://input", "rb");
- $bits = NULL;
- while(!feof($fp)) {
+ $bits = null;
+ while ( !feof($fp) ) {
$bits .= fread($fp, 4096);
}
fclose($fp);
$slug = '';
if ( isset( $_SERVER['HTTP_SLUG'] ) )
- $slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] );
+ $slug = $_SERVER['HTTP_SLUG'];
elseif ( isset( $_SERVER['HTTP_TITLE'] ) )
- $slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] );
+ $slug = $_SERVER['HTTP_TITLE'];
elseif ( empty( $slug ) ) // just make a random name
$slug = substr( md5( uniqid( microtime() ) ), 0, 7);
$ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
- $slug = "$slug.$ext";
+ $slug = sanitize_file_name( "$slug.$ext" );
$file = wp_upload_bits( $slug, NULL, $bits);
log_app('wp_upload_bits returns:',print_r($file,true));
@@ -512,13 +646,20 @@ EOD;
log_app('function',"create_attachment($postID)");
}
+ /**
+ * Update attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_attachment($postID) {
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
- if(!$parser->parse()) {
+ if (!$parser->parse()) {
$this->bad_request();
}
@@ -528,13 +669,13 @@ EOD;
global $entry;
$this->set_current_entry($postID);
- if(!current_user_can('edit_post', $entry['ID']))
+ if ( !current_user_can('edit_post', $entry['ID']) )
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
extract($entry);
$post_title = $parsed->title[1];
- $post_content = $parsed->content[1];
+ $post_content = $parsed->summary[1];
$pubtimes = $this->get_publish_time($parsed->updated);
$post_modified = $pubtimes[0];
$post_modified_gmt = $pubtimes[1];
@@ -544,14 +685,20 @@ EOD;
$result = wp_update_post($postdata);
- if (!$result) {
+ if ( !$result )
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
- }
log_app('function',"put_attachment($postID)");
$this->ok();
}
+ /**
+ * Remove attachment.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function delete_attachment($postID) {
log_app('function',"delete_attachment($postID). File '$location' deleted.");
@@ -559,15 +706,14 @@ EOD;
global $entry;
$this->set_current_entry($postID);
- if(!current_user_can('edit_post', $postID)) {
+ if ( !current_user_can('edit_post', $postID) )
$this->auth_required(__('Sorry, you do not have the right to delete this post.'));
- }
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
- if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
- $this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
+ if ( !isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']) )
+ $this->internal_error(__('Error occurred while accessing post metadata for file location.'));
// delete file
@unlink($location);
@@ -575,14 +721,20 @@ EOD;
// delete attachment
$result = wp_delete_post($postID);
- if (!$result) {
+ if ( !$result )
$this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.'));
- }
log_app('function',"delete_attachment($postID). File '$location' deleted.");
$this->ok();
}
+ /**
+ * Retrieve attachment from post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function get_file($postID) {
// check for not found
@@ -590,34 +742,49 @@ EOD;
$this->set_current_entry($postID);
// then whether user can edit the specific post
- if(!current_user_can('edit_post', $postID)) {
+ if ( !current_user_can('edit_post', $postID) )
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
- }
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
+ $location = get_option ('upload_path') . '/' . $location;
$filetype = wp_check_filetype($location);
- if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
- $this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
+ if ( !isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']) )
+ $this->internal_error(__('Error occurred while accessing post metadata for file location.'));
status_header('200');
header('Content-Type: ' . $entry['post_mime_type']);
header('Connection: close');
- $fp = fopen($location, "rb");
- while(!feof($fp)) {
- echo fread($fp, 4096);
+ if ( $fp = fopen($location, "rb") ) {
+ status_header('200');
+ header('Content-Type: ' . $entry['post_mime_type']);
+ header('Connection: close');
+
+ while ( !feof($fp) ) {
+ echo fread($fp, 4096);
+ }
+
+ fclose($fp);
+ } else {
+ status_header ('404');
}
- fclose($fp);
log_app('function',"get_file($postID)");
exit;
}
+ /**
+ * Upload file to blog and add attachment to post.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function put_file($postID) {
// first check if user can upload
- if(!current_user_can('upload_files'))
+ if ( !current_user_can('upload_files') )
$this->auth_required(__('You do not have permission to upload files.'));
// check for not found
@@ -625,19 +792,21 @@ EOD;
$this->set_current_entry($postID);
// then whether user can edit the specific post
- if(!current_user_can('edit_post', $postID)) {
+ if ( !current_user_can('edit_post', $postID) )
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
- }
+ $upload_dir = wp_upload_dir( );
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
- if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
- $this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
+ $location = "{$upload_dir['basedir']}/{$location}";
+
+ if (!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
+ $this->internal_error(__('Error occurred while accessing post metadata for file location.'));
$fp = fopen("php://input", "rb");
$localfp = fopen($location, "w+");
- while(!feof($fp)) {
+ while ( !feof($fp) ) {
fwrite($localfp,fread($fp, 4096));
}
fclose($fp);
@@ -654,57 +823,116 @@ EOD;
$post_data = compact('ID', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt');
$result = wp_update_post($post_data);
- if (!$result) {
+ if ( !$result )
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
- }
+
+ wp_update_attachment_metadata( $postID, wp_generate_attachment_metadata( $postID, $location ) );
log_app('function',"put_file($postID)");
$this->ok();
}
- function get_entries_url($page = NULL) {
- if($GLOBALS['post_type'] == 'attachment') {
+ /**
+ * Retrieve entries URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @return string
+ */
+ function get_entries_url($page = null) {
+ if ( isset($GLOBALS['post_type']) && ( $GLOBALS['post_type'] == 'attachment' ) )
$path = $this->MEDIA_PATH;
- } else {
+ else
$path = $this->ENTRIES_PATH;
- }
$url = $this->app_base . $path;
- if(isset($page) && is_int($page)) {
+ if ( isset($page) && is_int($page) )
$url .= "/$page";
- }
return $url;
}
- function the_entries_url($page = NULL) {
+ /**
+ * Display entries URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ */
+ function the_entries_url($page = null) {
echo $this->get_entries_url($page);
}
+ /**
+ * Retrieve categories URL.
+ *
+ * @since 2.2.0
+ *
+ * @param mixed $deprecated Not used.
+ * @return string
+ */
function get_categories_url($deprecated = '') {
+ if ( !empty( $deprecated ) )
+ _deprecated_argument( __FUNCTION__, '2.5' );
return $this->app_base . $this->CATEGORIES_PATH;
}
+ /**
+ * Display category URL.
+ *
+ * @since 2.2.0
+ */
function the_categories_url() {
echo $this->get_categories_url();
}
- function get_attachments_url($page = NULL) {
+ /**
+ * Retrieve attachment URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @return string
+ */
+ function get_attachments_url($page = null) {
$url = $this->app_base . $this->MEDIA_PATH;
- if(isset($page) && is_int($page)) {
+ if (isset($page) && is_int($page)) {
$url .= "/$page";
}
return $url;
}
- function the_attachments_url($page = NULL) {
+ /**
+ * Display attachment URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ */
+ function the_attachments_url($page = null) {
echo $this->get_attachments_url($page);
}
+ /**
+ * Retrieve service URL.
+ *
+ * @since 2.3.0
+ *
+ * @return string
+ */
function get_service_url() {
return $this->app_base . $this->SERVICE_PATH;
}
- function get_entry_url($postID = NULL) {
- if(!isset($postID)) {
+ /**
+ * Retrieve entry URL.
+ *
+ * @since 2.7.0
+ *
+ * @param int $postID Post ID.
+ * @return string
+ */
+ function get_entry_url($postID = null) {
+ if (!isset($postID)) {
global $post;
$postID = (int) $post->ID;
}
@@ -715,12 +943,27 @@ EOD;
return $url;
}
- function the_entry_url($postID = NULL) {
+ /**
+ * Display entry URL.
+ *
+ * @since 2.7.0
+ *
+ * @param int $postID Post ID.
+ */
+ function the_entry_url($postID = null) {
echo $this->get_entry_url($postID);
}
- function get_media_url($postID = NULL) {
- if(!isset($postID)) {
+ /**
+ * Retrieve media URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ * @return string
+ */
+ function get_media_url($postID = null) {
+ if (!isset($postID)) {
global $post;
$postID = (int) $post->ID;
}
@@ -731,53 +974,94 @@ EOD;
return $url;
}
- function the_media_url($postID = NULL) {
+ /**
+ * Display the media URL.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
+ function the_media_url($postID = null) {
echo $this->get_media_url($postID);
}
+ /**
+ * Set the current entry to post ID.
+ *
+ * @since 2.2.0
+ *
+ * @param int $postID Post ID.
+ */
function set_current_entry($postID) {
global $entry;
log_app('function',"set_current_entry($postID)");
- if(!isset($postID)) {
+ if (!isset($postID)) {
// $this->bad_request();
$this->not_found();
}
$entry = wp_get_single_post($postID,ARRAY_A);
- if(!isset($entry) || !isset($entry['ID']))
+ if (!isset($entry) || !isset($entry['ID']))
$this->not_found();
return;
}
+ /**
+ * Display posts XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Optional. Page ID.
+ * @param string $post_type Optional, default is 'post'. Post Type.
+ */
function get_posts($page = 1, $post_type = 'post') {
log_app('function',"get_posts($page, '$post_type')");
$feed = $this->get_feed($page, $post_type);
$this->output($feed);
}
+ /**
+ * Display attachment XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @param string $post_type Optional, default is 'attachment'. Post type.
+ */
function get_attachments($page = 1, $post_type = 'attachment') {
- log_app('function',"get_attachments($page, '$post_type')");
- $GLOBALS['post_type'] = $post_type;
- $feed = $this->get_feed($page, $post_type);
- $this->output($feed);
+ log_app('function',"get_attachments($page, '$post_type')");
+ $GLOBALS['post_type'] = $post_type;
+ $feed = $this->get_feed($page, $post_type);
+ $this->output($feed);
}
+ /**
+ * Retrieve feed XML.
+ *
+ * @since 2.2.0
+ *
+ * @param int $page Page ID.
+ * @param string $post_type Optional, default is post. Post type.
+ * @return string
+ */
function get_feed($page = 1, $post_type = 'post') {
global $post, $wp, $wp_query, $posts, $wpdb, $blog_id;
log_app('function',"get_feed($page, '$post_type')");
ob_start();
- if(!isset($page)) {
+ $this->ENTRY_PATH = $post_type;
+
+ if (!isset($page)) {
$page = 1;
}
$page = (int) $page;
$count = get_option('posts_per_rss');
- wp('what_to_show=posts&posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified'));
+ wp('posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified'));
$post = $GLOBALS['post'];
$posts = $GLOBALS['posts'];
@@ -793,22 +1077,22 @@ EOD;
$prev_page = ($page - 1) < 1 ? NULL : $page - 1;
$last_page = ((int)$last_page == 1 || (int)$last_page == 0) ? NULL : (int) $last_page;
$self_page = $page > 1 ? $page : NULL;
-?>
+?> >
the_entries_url() ?>
-
+
<?php bloginfo_rss('name') ?>
-
+
-
+
-Copyright
-
+Copyright
+
ENTRY_PATH = 'attachment';
$varname = 'attachment_id';
break;
}
@@ -849,10 +1143,15 @@ EOD;
return $entry;
}
+ /**
+ * Display post content XML.
+ *
+ * @since 2.3.0
+ */
function echo_entry() { ?>
- ID); ?>
+ ID ); ?>
<?php echo $content ?>
@@ -863,13 +1162,13 @@ EOD;
-
-
+
+
-post_type == 'attachment') { ?>
+post_type == 'attachment') { ?>
-
+
post_content ) ) :
@@ -878,14 +1177,18 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
-
-
-
+
+
exit;
}
+ /**
+ * Set 'No Content' (204) status header.
+ *
+ * @since 2.2.0
+ */
function no_content() {
log_app('Status','204: No Content');
header('Content-Type: text/plain');
status_header('204');
- echo "Deleted.";
+ echo "Moved to Trash.";
exit;
}
+ /**
+ * Display 'Internal Server Error' (500) status header.
+ *
+ * @since 2.2.0
+ *
+ * @param string $msg Optional. Status string.
+ */
function internal_error($msg = 'Internal Server Error') {
log_app('Status','500: Server Error');
header('Content-Type: text/plain');
@@ -909,6 +1224,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Bad Request' (400) status header.
+ *
+ * @since 2.2.0
+ */
function bad_request() {
log_app('Status','400: Bad Request');
header('Content-Type: text/plain');
@@ -916,6 +1236,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Length Required' (411) status header.
+ *
+ * @since 2.2.0
+ */
function length_required() {
log_app('Status','411: Length Required');
header("HTTP/1.1 411 Length Required");
@@ -924,6 +1249,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Unsupported Media Type' (415) status header.
+ *
+ * @since 2.2.0
+ */
function invalid_media() {
log_app('Status','415: Unsupported Media Type');
header("HTTP/1.1 415 Unsupported Media Type");
@@ -931,6 +1261,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Forbidden' (403) status header.
+ *
+ * @since 2.6.0
+ */
function forbidden($reason='') {
log_app('Status','403: Forbidden');
header('Content-Type: text/plain');
@@ -939,6 +1274,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Not Found' (404) status header.
+ *
+ * @since 2.2.0
+ */
function not_found() {
log_app('Status','404: Not Found');
header('Content-Type: text/plain');
@@ -946,6 +1286,11 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Set 'Not Allowed' (405) status header.
+ *
+ * @since 2.2.0
+ */
function not_allowed($allow) {
log_app('Status','405: Not Allowed');
header('Allow: ' . join(',', $allow));
@@ -953,10 +1298,15 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
exit;
}
+ /**
+ * Display Redirect (302) content and set status headers.
+ *
+ * @since 2.3.0
+ */
function redirect($url) {
log_app('Status','302: Redirect');
- $escaped_url = attribute_escape($url);
+ $escaped_url = esc_attr($url);
$content = <<
@@ -978,7 +1328,11 @@ EOD;
}
-
+ /**
+ * Set 'Client Error' (400) status header.
+ *
+ * @since 2.2.0
+ */
function client_error($msg = 'Client Error') {
log_app('Status','400: Client Error');
header('Content-Type: text/plain');
@@ -986,6 +1340,13 @@ EOD;
exit;
}
+ /**
+ * Set created status headers (201).
+ *
+ * Sets the 'content-type', 'content-location', and 'location'.
+ *
+ * @since 2.2.0
+ */
function created($post_ID, $content, $post_type = 'post') {
log_app('created()::$post_ID',"$post_ID, $post_type");
$edit = $this->get_entry_url($post_ID);
@@ -998,7 +1359,7 @@ EOD;
break;
}
header("Content-Type: $this->ATOM_CONTENT_TYPE");
- if(isset($ctloc))
+ if (isset($ctloc))
header('Content-Location: ' . $ctloc);
header('Location: ' . $edit);
status_header('201');
@@ -1006,12 +1367,19 @@ EOD;
exit;
}
+ /**
+ * Set 'Auth Required' (401) headers.
+ *
+ * @since 2.2.0
+ *
+ * @param string $msg Status header content and HTML content.
+ */
function auth_required($msg) {
log_app('Status','401: Auth Required');
nocache_headers();
header('WWW-Authenticate: Basic realm="WordPress Atom Protocol"');
header("HTTP/1.1 401 $msg");
- header('Status: ' . $msg);
+ header('Status: 401 ' . $msg);
header('Content-Type: text/html');
$content = <<
@@ -1030,6 +1398,14 @@ EOD;
exit;
}
+ /**
+ * Display XML and set headers with content type.
+ *
+ * @since 2.2.0
+ *
+ * @param string $xml Display feed content.
+ * @param string $ctype Optional, default is 'atom+xml'. Feed content type.
+ */
function output($xml, $ctype = 'application/atom+xml') {
status_header('200');
$xml = ''."\n".$xml;
@@ -1038,12 +1414,19 @@ EOD;
header('Content-Type: ' . $ctype);
header('Content-Disposition: attachment; filename=atom.xml');
header('Date: '. date('r'));
- if($this->do_output)
+ if ($this->do_output)
echo $xml;
log_app('function', "output:\n$xml");
exit;
}
+ /**
+ * Sanitize content for database usage.
+ *
+ * @since 2.2.0
+ *
+ * @param array $array Sanitize array and multi-dimension array.
+ */
function escape(&$array) {
global $wpdb;
@@ -1058,26 +1441,36 @@ EOD;
}
}
- /*
- * Access credential through various methods and perform login
+ /**
+ * Access credential through various methods and perform login.
+ *
+ * @since 2.2.0
+ *
+ * @return bool
*/
function authenticate() {
log_app("authenticate()",print_r($_ENV, true));
// if using mod_rewrite/ENV hack
// http://www.besthostratings.com/articles/http-auth-php-cgi.html
- if(isset($_SERVER['HTTP_AUTHORIZATION'])) {
+ if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+ } else if (isset($_SERVER['REDIRECT_REMOTE_USER'])) {
+ // Workaround for setups that do not forward HTTP_AUTHORIZATION
+ // See http://trac.wordpress.org/ticket/7361
+ list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
+ explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
}
// If Basic Auth is working...
- if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+ if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
log_app("Basic Auth",$_SERVER['PHP_AUTH_USER']);
+
$user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ( $user && !is_wp_error($user) ) {
wp_set_current_user($user->ID);
- log_app("authenticate()", $_SERVER['PHP_AUTH_USER']);
+ log_app("authenticate()", $user->user_login);
return true;
}
}
@@ -1085,13 +1478,21 @@ EOD;
return false;
}
- function get_accepted_content_type($types = NULL) {
+ /**
+ * Retrieve accepted content types.
+ *
+ * @since 2.2.0
+ *
+ * @param array $types Optional. Content Types.
+ * @return string
+ */
+ function get_accepted_content_type($types = null) {
- if(!isset($types)) {
+ if (!isset($types)) {
$types = $this->media_content_types;
}
- if(!isset($_SERVER['CONTENT_LENGTH']) || !isset($_SERVER['CONTENT_TYPE'])) {
+ if (!isset($_SERVER['CONTENT_LENGTH']) || !isset($_SERVER['CONTENT_TYPE'])) {
$this->length_required();
}
@@ -1102,8 +1503,8 @@ EOD;
foreach($types as $t) {
list($acceptedType,$acceptedSubtype) = explode('/',$t);
- if($acceptedType == '*' || $acceptedType == $type) {
- if($acceptedSubtype == '*' || $acceptedSubtype == $subtype)
+ if ($acceptedType == '*' || $acceptedType == $type) {
+ if ($acceptedSubtype == '*' || $acceptedSubtype == $subtype)
return $type . "/" . $subtype;
}
}
@@ -1111,10 +1512,15 @@ EOD;
$this->invalid_media();
}
+ /**
+ * Process conditionals for posts.
+ *
+ * @since 2.2.0
+ */
function process_conditionals() {
- if(empty($this->params)) return;
- if($_SERVER['REQUEST_METHOD'] == 'DELETE') return;
+ if (empty($this->params)) return;
+ if ($_SERVER['REQUEST_METHOD'] == 'DELETE') return;
switch($this->params[0]) {
case $this->ENTRY_PATH:
@@ -1154,31 +1560,52 @@ EOD;
}
}
+ /**
+ * Convert RFC3339 time string to timestamp.
+ *
+ * @since 2.3.0
+ *
+ * @param string $str String to time.
+ * @return bool|int false if format is incorrect.
+ */
function rfc3339_str2time($str) {
- $match = false;
- if(!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match))
+ $match = false;
+ if (!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match))
return false;
- if($match[3] == 'Z')
- $match[3] == '+0000';
+ if ($match[3] == 'Z')
+ $match[3] = '+0000';
- return strtotime($match[1] . " " . $match[2] . " " . $match[3]);
+ return strtotime($match[1] . " " . $match[2] . " " . $match[3]);
}
+ /**
+ * Retrieve published time to display in XML.
+ *
+ * @since 2.3.0
+ *
+ * @param string $published Time string.
+ * @return string
+ */
function get_publish_time($published) {
- $pubtime = $this->rfc3339_str2time($published);
+ $pubtime = $this->rfc3339_str2time($published);
- if(!$pubtime) {
+ if (!$pubtime) {
return array(current_time('mysql'),current_time('mysql',1));
- } else {
+ } else {
return array(date("Y-m-d H:i:s", $pubtime), gmdate("Y-m-d H:i:s", $pubtime));
- }
+ }
}
}
+/**
+ * AtomServer
+ * @var AtomServer
+ * @global object $server
+ */
$server = new AtomServer();
$server->handle_request();