public function do_execute()
{
$variables = array();
// Handle updating of theme options.
if (isset($_POST[Ai1ec_View_Theme_Options::SUBMIT_ID])) {
$_POST = stripslashes_deep($_POST);
$lessphp = $this->_registry->get('less.lessphp');
$variables = $lessphp->get_saved_variables();
foreach ($variables as $variable_name => $variable_params) {
if (isset($_POST[$variable_name])) {
// Avoid problems for those who are foolish enough to leave php.ini
// settings at their defaults, which has magic quotes enabled.
if (get_magic_quotes_gpc()) {
$_POST[$variable_name] = stripslashes($_POST[$variable_name]);
}
if (Ai1ec_Less_Variable_Font::CUSTOM_FONT === $_POST[$variable_name]) {
$_POST[$variable_name] = $_POST[$variable_name . Ai1ec_Less_Variable_Font::CUSTOM_FONT_ID_SUFFIX];
}
// update the original array
$variables[$variable_name]['value'] = $_POST[$variable_name];
}
}
$_POST = add_magic_quotes($_POST);
} elseif (isset($_POST[Ai1ec_View_Theme_Options::RESET_ID])) {
$option = $this->_registry->get('model.option');
$option->delete('ai1ec_less_variables');
$option->delete('ai1ec_render_css');
do_action('ai1ec_reset_less_variables');
}
$css = $this->_registry->get('css.frontend');
$css->update_variables_and_compile_css($variables, isset($_POST[Ai1ec_View_Theme_Options::RESET_ID]));
return array('url' => ai1ec_admin_url('edit.php?post_type=ai1ec_event&page=all-in-one-event-calendar-edit-css'), 'query_args' => array());
}
/**
* Tests the controller function that expects slashed data
*
*/
function test_edit_post()
{
$id = $this->factory->post->create();
$_POST = array();
$_POST['post_ID'] = $id;
$_POST['post_title'] = $this->slash_1;
$_POST['content'] = $this->slash_5;
$_POST['excerpt'] = $this->slash_7;
$_POST = add_magic_quotes($_POST);
// the edit_post() function will strip slashes
$post_id = edit_post();
$post = get_post($post_id);
$this->assertEquals($this->slash_1, $post->post_title);
$this->assertEquals($this->slash_5, $post->post_content);
$this->assertEquals($this->slash_7, $post->post_excerpt);
$_POST = array();
$_POST['post_ID'] = $id;
$_POST['post_title'] = $this->slash_2;
$_POST['content'] = $this->slash_4;
$_POST['excerpt'] = $this->slash_6;
$_POST = add_magic_quotes($_POST);
$post_id = edit_post();
$post = get_post($post_id);
$this->assertEquals($this->slash_2, $post->post_title);
$this->assertEquals($this->slash_4, $post->post_content);
$this->assertEquals($this->slash_6, $post->post_excerpt);
}
function wp_update_user($userdata)
{
global $wpdb, $current_user;
$ID = (int) $userdata['ID'];
// First, get all of the original fields
$user = get_userdata($ID);
// Escape data pulled from DB.
$user = add_magic_quotes(get_object_vars($user));
// If password is changing, hash it now.
if (!empty($userdata['user_pass'])) {
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = md5($userdata['user_pass']);
}
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);
// Update the cookies if the password changed.
if ($current_user->id == $ID) {
if (isset($plaintext_pass)) {
wp_clearcookie();
wp_setcookie($userdata['user_login'], $plaintext_pass);
}
}
return $user_id;
}
/**
* Tests the controller function that expects slashed data
*
*/
function test_edit_comment()
{
$post_id = self::factory()->post->create();
$comment_id = self::factory()->comment->create(array('comment_post_ID' => $post_id));
// not testing comment_author_email or comment_author_url
// as slashes are not permitted in that data
$_POST = array();
$_POST['comment_ID'] = $comment_id;
$_POST['comment_status'] = '';
$_POST['newcomment_author'] = $this->slash_1;
$_POST['newcomment_author_url'] = '';
$_POST['newcomment_author_email'] = '';
$_POST['content'] = $this->slash_7;
$_POST = add_magic_quotes($_POST);
edit_comment();
$comment = get_comment($comment_id);
$this->assertEquals($this->slash_1, $comment->comment_author);
$this->assertEquals($this->slash_7, $comment->comment_content);
$_POST = array();
$_POST['comment_ID'] = $comment_id;
$_POST['comment_status'] = '';
$_POST['newcomment_author'] = $this->slash_2;
$_POST['newcomment_author_url'] = '';
$_POST['newcomment_author_email'] = '';
$_POST['content'] = $this->slash_4;
$_POST = add_magic_quotes($_POST);
edit_comment();
$comment = get_comment($comment_id);
$this->assertEquals($this->slash_2, $comment->comment_author);
$this->assertEquals($this->slash_4, $comment->comment_content);
}
function add_magic_quotes($string)
{
if (!is_array($string)) {
return addslashes($string);
}
foreach ($string as $key => $val) {
$string[$key] = add_magic_quotes($val);
}
return $string;
}
function add_magic_quotes($array)
{
foreach ($array as $k => $v) {
if (is_array($v)) {
$array[$k] = add_magic_quotes($v);
} else {
$array[$k] = addslashes($v);
}
}
return $array;
}
/**
* @param array $current_import
*/
function import(array $current_import)
{
try {
$imscc = new IMSCCParser($current_import['file']);
} catch (\Exception $e) {
return FALSE;
}
$items = $imscc->manifestGetItems();
$match_ids = array_flip(array_keys($current_import['chapters']));
$total = 0;
if (!empty($items)) {
$current_post_parent = -1;
foreach ($items as $id => $item) {
// Skip
if (!$this->flaggedForImport($id)) {
continue;
}
if (!isset($match_ids[$id])) {
continue;
}
$post_type = $this->determinePostType($id);
$new_post = array('post_title' => wp_strip_all_tags($item['title']), 'post_type' => $post_type, 'post_status' => 'part' == $post_type ? 'publish' : 'draft');
if ('part' != $post_type) {
$new_post['post_content'] = $imscc->getContent($id);
}
if ('chapter' == $post_type) {
if ($current_post_parent == -1) {
$new_post['post_parent'] = $this->getChapterParent();
} else {
$new_post['post_parent'] = $current_post_parent;
}
}
$pid = wp_insert_post(add_magic_quotes($new_post));
//store part post ID to use as parent for subsequent chapters
if ('part' == $post_type) {
$current_post_parent = $pid;
}
// @todo postmeta like author
update_post_meta($pid, 'pb_show_title', 'on');
update_post_meta($pid, 'pb_export', 'on');
if ('part' == $post_type && $imscc->getContent($id)) {
update_post_meta($pid, 'pb_part_content', $imscc->getContent($id));
}
Book::consolidatePost($pid, get_post($pid));
++$total;
}
}
// Done
$_SESSION['pb_notices'][] = sprintf(__('Imported %d chapters.', 'pressbooks'), $total);
$imscc->cleanUp();
return $this->revokeCurrentImport();
}
function DreamCMS_plugins($arguments, &$DreamCMS)
{
add_magic_quotes($arguments);
strpos($arguments['name'], '..') !== false && exit('Forbidden');
$fn = 'DreamCMS_plugins_' . $arguments['name'];
if (!function_exists($fn)) {
$funpath = DC_PLUGINS_PATH . "/{$arguments['name']}.php";
if (file_exists($funpath)) {
require_once $funpath;
}
}
return call_user_func_array($fn, array($arguments, $DreamCMS));
}
function add_magic_quotes($array)
{
if (empty($array)) {
return NULL;
}
foreach ((array) $array as $k => $v) {
if (is_array($v)) {
$array[$k] = add_magic_quotes($v);
} else {
$array[$k] = addslashes($v);
}
}
return $array;
}
function wp_magic_quotes()
{
// If already slashed, strip.
if (get_magic_quotes_gpc()) {
$_GET = stripslashes_deep($_GET);
$_POST = stripslashes_deep($_POST);
$_COOKIE = stripslashes_deep($_COOKIE);
}
// Escape with wpdb.
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
$_SERVER = add_magic_quotes($_SERVER);
// Force REQUEST to be GET + POST.
$_REQUEST = array_merge($_GET, $_POST);
}
/**
* Tests the controller function that expects slashed data
*
*/
function test_edit_post()
{
$id = self::factory()->post->create();
if (function_exists('wp_add_post_meta')) {
$meta_1 = wp_add_post_meta($id, 'slash_test_1', 'foo');
$meta_2 = wp_add_post_meta($id, 'slash_test_2', 'foo');
$meta_3 = wp_add_post_meta($id, 'slash_test_3', 'foo');
} else {
// expects slashed data
$meta_1 = add_post_meta($id, 'slash_test_1', addslashes('foo'));
$meta_2 = add_post_meta($id, 'slash_test_2', addslashes('foo'));
$meta_3 = add_post_meta($id, 'slash_test_3', addslashes('foo'));
}
$_POST = array();
$_POST['post_ID'] = $id;
$_POST['metakeyselect'] = '#NONE#';
$_POST['metakeyinput'] = 'slash_test_0';
$_POST['metavalue'] = $this->slash_6;
$_POST['meta'] = array($meta_1 => array('key' => 'slash_test_1', 'value' => $this->slash_1), $meta_2 => array('key' => 'slash_test_2', 'value' => $this->slash_3), $meta_3 => array('key' => 'slash_test_3', 'value' => $this->slash_4));
$_POST = add_magic_quotes($_POST);
// the edit_post() function will strip slashes
edit_post();
$post = get_post($id);
$this->assertEquals($this->slash_6, get_post_meta($id, 'slash_test_0', true));
$this->assertEquals($this->slash_1, get_post_meta($id, 'slash_test_1', true));
$this->assertEquals($this->slash_3, get_post_meta($id, 'slash_test_2', true));
$this->assertEquals($this->slash_4, get_post_meta($id, 'slash_test_3', true));
$_POST = array();
$_POST['post_ID'] = $id;
$_POST['metakeyselect'] = '#NONE#';
$_POST['metakeyinput'] = 'slash_test_0';
$_POST['metavalue'] = $this->slash_7;
$_POST['meta'] = array($meta_1 => array('key' => 'slash_test_1', 'value' => $this->slash_2), $meta_2 => array('key' => 'slash_test_2', 'value' => $this->slash_4), $meta_3 => array('key' => 'slash_test_3', 'value' => $this->slash_5));
$_POST = add_magic_quotes($_POST);
// the edit_post() function will strip slashes
edit_post();
$post = get_post($id);
$this->assertEquals($this->slash_2, get_post_meta($id, 'slash_test_1', true));
$this->assertEquals($this->slash_4, get_post_meta($id, 'slash_test_2', true));
$this->assertEquals($this->slash_5, get_post_meta($id, 'slash_test_3', true));
}
function insert($token)
{
// Avoid duplicates by checking to see if this exists already
$found = get_posts(array('numberposts' => 1, 'post_type' => 'kr_' . $token->type() . '_token', 'meta_key' => 'service', 'meta_value' => $token->get_name(), 'author' => get_current_user_id(), 's' => serialize($token->token), 'exact' => true));
if ($found) {
$token->unique_id = $found[0]->ID;
return $this->update($token);
}
$post = array('post_type' => 'kr_' . $token->type() . '_token', 'post_status' => 'publish', 'post_content' => serialize($token->token));
$id = wp_insert_post(add_magic_quotes($post));
if ($id) {
// Always record what service this token is for
update_post_meta($id, 'service', $token->get_name());
// Optionally include any meta related to this token
foreach ((array) $token->get_meta(false, true) as $key => $val) {
update_post_meta($id, $key, $val);
}
return $id;
}
return false;
}
function iCMS_plugins($arguments, &$iCMS)
{
add_magic_quotes($arguments);
$plugName = $arguments['name'];
strpos($plugName, '..') !== false && exit('Forbidden');
$plugins = $iCMS->getCache('system/plugins', $plugName);
//!$plugins['status'] && $iCMS->trigger_error("'" . $plugName . "' plugins status is 0 ", E_USER_ERROR,__FILE__,__LINE__);
if (!$plugins['status'] || !$plugins['isSetup']) {
return;
}
$fn = 'iCMS_plugins_' . $plugName;
if (!function_exists($fn)) {
!plugin::fn($plugName) && $iCMS->trigger_error("function '" . $fn . "' does not exist in iCMS plugins", E_USER_ERROR, __FILE__, __LINE__);
}
$iCMS->pluginName = $plugName;
$rs = $fn($arguments, $iCMS);
$iCMS->value($plugName, $rs);
return $rs;
// $iCMS->output($plugName,plugin::path($plugName,'templates/'.$plugName),'file:');
// return call_user_func_array($fn,array($arguments,$iCMS));
}
/**
* @package iCMS V3.1
* @copyright 2007-2009, iDreamSoft
* @license http://www.idreamsoft.cn iDreamSoft
* @author coolmoo <*****@*****.**>
*/
function iCMS_plugins($arguments, &$iCMS)
{
add_magic_quotes($arguments);
strpos($arguments['name'], '..') !== false && exit('Forbidden');
$fn = 'iCMS_plugins_' . $arguments['name'];
if (!function_exists($fn)) {
$plugpath = iCMS_PLUGINS_PATH . '/' . $arguments['name'];
$confpath = $plugpath . '/config.php';
$funpath = $plugpath . '/function.php';
$arguments['tpl'] = $plugpath . '/templates';
if (file_exists($funpath)) {
// $arguments['config']= $iCMS->cache('config',"plugins/".$arguments['name'],0,true);
require_once $confpath;
require_once $funpath;
// $iCMS->output($arguments['name'],$arguments['tpl']);
} else {
$iCMS->trigger_error("function '" . $fn . "' does not exist in iCMS plugins", E_USER_ERROR, __FILE__, __LINE__);
}
}
return $fn($arguments, $iCMS);
// return call_user_func_array($fn,array($arguments,$iCMS));
}
/**
* Pummel then insert HTML into our database
*
* @param string $href
* @param string $post_type
* @param int $chapter_parent
* @param string $domain domain name of the webpage
*/
function kneadandInsert($html, $post_type, $chapter_parent, $domain)
{
$matches = array();
$meta = $this->getLicenseAttribution($html);
$author = isset($meta['authors']) ? $meta['authors'] : $this->getAuthors($html);
$license = isset($meta['license']) ? $this->extractCCLicense($meta['license']) : '';
// get the title, preference to title set by PB
preg_match('/<h2 class="entry-title">(.*)<\\/h2>/', $html, $matches);
if (!empty($matches[1])) {
$title = wp_strip_all_tags($matches[1]);
} else {
preg_match('/<title>(.+)<\\/title>/', $html, $matches);
$title = !empty($matches[1]) ? wp_strip_all_tags($matches[1]) : '__UNKNOWN__';
}
// just get the body
preg_match('/(?:<body[^>]*>)(.*)<\\/body>/isU', $html, $matches);
// get rid of stuff we don't need
$body = $this->regexSearchReplace($matches[1]);
// clean it up
$xhtml = $this->tidy($body);
$body = $this->kneadHtml($xhtml, $post_type, $domain);
$new_post = array('post_title' => $title, 'post_content' => $body, 'post_type' => $post_type, 'post_status' => 'draft');
if ('chapter' == $post_type) {
$new_post['post_parent'] = $chapter_parent;
}
$pid = wp_insert_post(add_magic_quotes($new_post));
if (!empty($author)) {
update_post_meta($pid, 'pb_section_author', $author);
}
if (!empty($license)) {
update_post_meta($pid, 'pb_section_license', $license);
}
update_post_meta($pid, 'pb_show_title', 'on');
update_post_meta($pid, 'pb_export', 'on');
Book::consolidatePost($pid, get_post($pid));
// Reorder
}
function wp_ajax_inline_save()
{
global $wp_list_table;
check_ajax_referer('inlineeditnonce', '_inline_edit');
if (!isset($_POST['post_ID']) || !($post_ID = (int) $_POST['post_ID'])) {
wp_die();
}
if ('page' == $_POST['post_type']) {
if (!current_user_can('edit_page', $post_ID)) {
wp_die(__('You are not allowed to edit this page.'));
}
} else {
if (!current_user_can('edit_post', $post_ID)) {
wp_die(__('You are not allowed to edit this post.'));
}
}
set_current_screen($_POST['screen']);
if ($last = wp_check_post_lock($post_ID)) {
$last_user = get_userdata($last);
$last_user_name = $last_user ? $last_user->display_name : __('Someone');
printf($_POST['post_type'] == 'page' ? __('Saving is disabled: %s is currently editing this page.') : __('Saving is disabled: %s is currently editing this post.'), esc_html($last_user_name));
wp_die();
}
$data =& $_POST;
$post = get_post($post_ID, ARRAY_A);
$post = add_magic_quotes($post);
//since it is from db
$data['content'] = $post['post_content'];
$data['excerpt'] = $post['post_excerpt'];
// rename
$data['user_ID'] = $GLOBALS['user_ID'];
if (isset($data['post_parent'])) {
$data['parent_id'] = $data['post_parent'];
}
// status
if (isset($data['keep_private']) && 'private' == $data['keep_private']) {
$data['post_status'] = 'private';
} else {
$data['post_status'] = $data['_status'];
}
if (empty($data['comment_status'])) {
$data['comment_status'] = 'closed';
}
if (empty($data['ping_status'])) {
$data['ping_status'] = 'closed';
}
// update the post
edit_post();
$wp_list_table = _get_list_table('WP_Posts_List_Table');
$mode = $_POST['post_view'];
$wp_list_table->display_rows(array(get_post($_POST['post_ID'])));
wp_die();
}
function wp_update_post($postarr = array()) {
global $wpdb;
if ( is_object($postarr) )
$postarr = get_object_vars($postarr);
// First, get all of the original fields
$post = wp_get_single_post($postarr['ID'], ARRAY_A);
// Escape data pulled from DB.
$post = add_magic_quotes($post);
// Passed post category list overwrites existing category list if not empty.
if ( isset($postarr['post_category']) && is_array($postarr['post_category'])
&& 0 != count($postarr['post_category']) )
$post_cats = $postarr['post_category'];
else
$post_cats = $post['post_category'];
// Drafts shouldn't be assigned a date unless explicitly done so by the user
if ( 'draft' == $post['post_status'] && empty($postarr['edit_date']) && empty($postarr['post_date']) &&
('0000-00-00 00:00:00' == $post['post_date']) )
$clear_date = true;
else
$clear_date = false;
// Merge old and new fields with new fields overwriting old ones.
$postarr = array_merge($post, $postarr);
$postarr['post_category'] = $post_cats;
if ( $clear_date ) {
$postarr['post_date'] = '';
$postarr['post_date_gmt'] = '';
}
if ($postarr['post_status'] == 'attachment')
return wp_insert_attachment($postarr);
return wp_insert_post($postarr);
}
/**
* Update an user in the database.
*
* It is possible to update a user's password by specifying the 'user_pass'
* value in the $userdata parameter array.
*
* If $userdata does not contain an 'ID' key, then a new user will be created
* and the new user's ID will be returned.
*
* If current user's password is being updated, then the cookies will be
* cleared.
*
* @since 2.0.0
* @see wp_insert_user() For what fields can be set in $userdata
* @uses wp_insert_user() Used to update existing user or add new one if user doesn't exist already
*
* @param array $userdata An array of user data.
* @return int The updated user's ID.
*/
function wp_update_user($userdata)
{
$ID = (int) $userdata['ID'];
// First, get all of the original fields
$user_obj = get_userdata($ID);
$user = get_object_vars($user_obj->data);
// Add additional custom fields
foreach (_get_additional_user_keys($user_obj) as $key) {
$user[$key] = get_user_meta($ID, $key, true);
}
// Escape data pulled from DB.
$user = add_magic_quotes($user);
// If password is changing, hash it now.
if (!empty($userdata['user_pass'])) {
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = wp_hash_password($userdata['user_pass']);
}
wp_cache_delete($user['user_email'], 'useremail');
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);
// Update the cookies if the password changed.
$current_user = wp_get_current_user();
if ($current_user->ID == $ID) {
if (isset($plaintext_pass)) {
wp_clear_auth_cookie();
wp_set_auth_cookie($ID);
}
}
return $user_id;
}
/**
* wp_update_term() - Update term based on arguments provided
*
* The $args will indiscriminately override all values with the same field name. Care
* must be taken to not override important information need to update or update will
* fail (or perhaps create a new term, neither would be acceptable).
*
* Defaults will set 'alias_of', 'description', 'parent', and 'slug' if not defined
* in $args already.
*
* 'alias_of' will create a term group, if it doesn't already exist, and update it for
* the $term.
*
* If the 'slug' argument in $args is missing, then the 'name' in $args will be used.
* It should also be noted that if you set 'slug' and it isn't unique then a WP_Error
* will be passed back. If you don't pass any slug, then a unique one will be created
* for you.
*
* For what can be overrode in $args, check the term scheme can contain and stay away
* from the term keys.
*
* @package WordPress
* @subpackage Taxonomy
* @since 2.3
*
* @uses $wpdb
* @uses do_action() Will call both 'edit_term' and 'edit_$taxonomy' twice.
* @uses apply_filters() Will call the 'term_id_filter' filter and pass the term id and
* taxonomy id.
*
* @param int $term The ID of the term
* @param string $taxonomy The context in which to relate the term to the object.
* @param array|string $args Overwrite term field values
* @return array|WP_Error Returns Term ID and Taxonomy Term ID
*/
function wp_update_term( $term, $taxonomy, $args = array() ) {
global $wpdb;
if ( ! is_taxonomy($taxonomy) )
return new WP_Error('invalid_taxonomy', __('Invalid taxonomy'));
$term_id = (int) $term;
// First, get all of the original args
$term = get_term ($term_id, $taxonomy, ARRAY_A);
// Escape data pulled from DB.
$term = add_magic_quotes($term);
// Merge old and new args with new args overwriting old ones.
$args = array_merge($term, $args);
$defaults = array( 'alias_of' => '', 'description' => '', 'parent' => 0, 'slug' => '');
$args = wp_parse_args($args, $defaults);
$args = sanitize_term($args, $taxonomy, 'db');
extract($args, EXTR_SKIP);
// expected_slashed ($name)
$name = stripslashes($name);
$description = stripslashes($description);
$empty_slug = false;
if ( empty($slug) ) {
$empty_slug = true;
$slug = sanitize_title($name);
}
if ( $alias_of ) {
$alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) );
if ( $alias->term_group ) {
// The alias we want is already in a group, so let's use that one.
$term_group = $alias->term_group;
} else {
// The alias isn't in a group, so let's create a new one and firstly add the alias term to it.
$term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1;
$wpdb->update( $wpdb->terms, compact('term_group'), array( 'term_id' => $alias->term_id ) );
}
}
// Check for duplicate slug
$id = $wpdb->get_var( $wpdb->prepare( "SELECT term_id FROM $wpdb->terms WHERE slug = %s", $slug ) );
if ( $id && ($id != $term_id) ) {
// If an empty slug was passed or the parent changed, reset the slug to something unique.
// Otherwise, bail.
if ( $empty_slug || ( $parent != $term->parent) )
$slug = wp_unique_term_slug($slug, (object) $args);
else
return new WP_Error('duplicate_term_slug', sprintf(__('The slug "%s" is already in use by another term'), $slug));
}
$wpdb->update($wpdb->terms, compact( 'name', 'slug', 'term_group' ), compact( 'term_id' ) );
if ( empty($slug) ) {
$slug = sanitize_title($name, $term_id);
$wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) );
}
$tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id) );
$wpdb->update( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent' ), array( 'term_taxonomy_id' => $tt_id ) );
do_action("edit_term", $term_id, $tt_id);
do_action("edit_$taxonomy", $term_id, $tt_id);
$term_id = apply_filters('term_id_filter', $term_id, $tt_id);
clean_term_cache($term_id, $taxonomy);
do_action("edited_term", $term_id, $tt_id);
do_action("edited_$taxonomy", $term_id, $tt_id);
return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id);
}
/**
* Pummel then insert HTML into our database
*
* @param string $html
* @param string $title
* @param string $post_type (front-matter', 'chapter', 'back-matter')
* @param int $chapter_parent
*/
protected function kneadAndInsert($html, $title, $post_type, $chapter_parent)
{
$body = $this->tidy($html);
$body = $this->kneadHTML($body);
$title = wp_strip_all_tags($title);
$new_post = array('post_title' => $title, 'post_content' => $body, 'post_type' => $post_type, 'post_status' => 'draft');
if ('chapter' == $post_type) {
$new_post['post_parent'] = $chapter_parent;
}
$pid = wp_insert_post(add_magic_quotes($new_post));
update_post_meta($pid, 'pb_show_title', 'on');
update_post_meta($pid, 'pb_export', 'on');
Book::consolidatePost($pid, get_post($pid));
// Reorder
}
/**
* Update a user in the database.
*
* It is possible to update a user's password by specifying the 'user_pass'
* value in the $userdata parameter array.
*
* If current user's password is being updated, then the cookies will be
* cleared.
*
* @since 2.0.0
*
* @see wp_insert_user() For what fields can be set in $userdata.
*
* @param mixed $userdata An array of user data or a user object of type stdClass or WP_User.
* @return int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated.
*/
function wp_update_user($userdata)
{
if ($userdata instanceof stdClass) {
$userdata = get_object_vars($userdata);
} elseif ($userdata instanceof WP_User) {
$userdata = $userdata->to_array();
}
$ID = isset($userdata['ID']) ? (int) $userdata['ID'] : 0;
if (!$ID) {
return new WP_Error('invalid_user_id', __('Invalid user ID.'));
}
// First, get all of the original fields
$user_obj = get_userdata($ID);
if (!$user_obj) {
return new WP_Error('invalid_user_id', __('Invalid user ID.'));
}
$user = $user_obj->to_array();
// Add additional custom fields
foreach (_get_additional_user_keys($user_obj) as $key) {
$user[$key] = get_user_meta($ID, $key, true);
}
// Escape data pulled from DB.
$user = add_magic_quotes($user);
if (!empty($userdata['user_pass']) && $userdata['user_pass'] !== $user_obj->user_pass) {
// If password is changing, hash it now
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = wp_hash_password($userdata['user_pass']);
/**
* Filter whether to send the password change email.
*
* @since 4.3.0
*
* @see wp_insert_user() For `$user` and `$userdata` fields.
*
* @param bool $send Whether to send the email.
* @param array $user The original user array.
* @param array $userdata The updated user array.
*
*/
$send_password_change_email = apply_filters('send_password_change_email', true, $user, $userdata);
}
if (isset($userdata['user_email']) && $user['user_email'] !== $userdata['user_email']) {
/**
* Filter whether to send the email change email.
*
* @since 4.3.0
*
* @see wp_insert_user() For `$user` and `$userdata` fields.
*
* @param bool $send Whether to send the email.
* @param array $user The original user array.
* @param array $userdata The updated user array.
*
*/
$send_email_change_email = apply_filters('send_email_change_email', true, $user, $userdata);
}
wp_cache_delete($user['user_email'], 'useremail');
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);
if (!is_wp_error($user_id)) {
$blog_name = wp_specialchars_decode(get_option('blogname'));
if (!empty($send_password_change_email)) {
/* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$pass_change_text = __('Hi ###USERNAME###,
This notice confirms that your password was changed on ###SITENAME###.
If you did not change your password, please contact the Site Administrator at
###ADMIN_EMAIL###
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###');
$pass_change_email = array('to' => $user['user_email'], 'subject' => __('[%s] Notice of Password Change'), 'message' => $pass_change_text, 'headers' => '');
/**
* Filter the contents of the email sent when the user's password is changed.
*
* @since 4.3.0
*
* @param array $pass_change_email {
* Used to build wp_mail().
* @type string $to The intended recipients. Add emails in a comma separated string.
* @type string $subject The subject of the email.
* @type string $message The content of the email.
* The following strings have a special meaning and will get replaced dynamically:
* - ###USERNAME### The current user's username.
* - ###ADMIN_EMAIL### The admin email in case this was unexpected.
* - ###EMAIL### The old email.
* - ###SITENAME### The name of the site.
* - ###SITEURL### The URL to the site.
* @type string $headers Headers. Add headers in a newline (\r\n) separated string.
* }
* @param array $user The original user array.
* @param array $userdata The updated user array.
*
*/
$pass_change_email = apply_filters('password_change_email', $pass_change_email, $user, $userdata);
$pass_change_email['message'] = str_replace('###USERNAME###', $user['user_login'], $pass_change_email['message']);
$pass_change_email['message'] = str_replace('###ADMIN_EMAIL###', get_option('admin_email'), $pass_change_email['message']);
$pass_change_email['message'] = str_replace('###EMAIL###', $user['user_email'], $pass_change_email['message']);
$pass_change_email['message'] = str_replace('###SITENAME###', get_option('blogname'), $pass_change_email['message']);
$pass_change_email['message'] = str_replace('###SITEURL###', home_url(), $pass_change_email['message']);
wp_mail($pass_change_email['to'], sprintf($pass_change_email['subject'], $blog_name), $pass_change_email['message'], $pass_change_email['headers']);
}
if (!empty($send_email_change_email)) {
/* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_change_text = __('Hi ###USERNAME###,
This notice confirms that your email was changed on ###SITENAME###.
If you did not change your email, please contact the Site Administrator at
###ADMIN_EMAIL###
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###');
$email_change_email = array('to' => $user['user_email'], 'subject' => __('[%s] Notice of Email Change'), 'message' => $email_change_text, 'headers' => '');
/**
* Filter the contents of the email sent when the user's email is changed.
*
* @since 4.3.0
*
* @param array $email_change_email {
* Used to build wp_mail().
* @type string $to The intended recipients.
* @type string $subject The subject of the email.
* @type string $message The content of the email.
* The following strings have a special meaning and will get replaced dynamically:
* - ###USERNAME### The current user's username.
* - ###ADMIN_EMAIL### The admin email in case this was unexpected.
* - ###EMAIL### The old email.
* - ###SITENAME### The name of the site.
* - ###SITEURL### The URL to the site.
* @type string $headers Headers.
* }
* @param array $user The original user array.
* @param array $userdata The updated user array.
*/
$email_change_email = apply_filters('email_change_email', $email_change_email, $user, $userdata);
$email_change_email['message'] = str_replace('###USERNAME###', $user['user_login'], $email_change_email['message']);
$email_change_email['message'] = str_replace('###ADMIN_EMAIL###', get_option('admin_email'), $email_change_email['message']);
$email_change_email['message'] = str_replace('###EMAIL###', $user['user_email'], $email_change_email['message']);
$email_change_email['message'] = str_replace('###SITENAME###', get_option('blogname'), $email_change_email['message']);
$email_change_email['message'] = str_replace('###SITEURL###', home_url(), $email_change_email['message']);
wp_mail($email_change_email['to'], sprintf($email_change_email['subject'], $blog_name), $email_change_email['message'], $email_change_email['headers']);
}
}
// Update the cookies if the password changed.
$current_user = wp_get_current_user();
if ($current_user->ID == $ID) {
if (isset($plaintext_pass)) {
wp_clear_auth_cookie();
// Here we calculate the expiration length of the current auth cookie and compare it to the default expiration.
// If it's greater than this, then we know the user checked 'Remember Me' when they logged in.
$logged_in_cookie = wp_parse_auth_cookie('', 'logged_in');
/** This filter is documented in wp-includes/pluggable.php */
$default_cookie_life = apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $ID, false);
$remember = $logged_in_cookie['expiration'] - time() > $default_cookie_life;
wp_set_auth_cookie($ID, $remember);
}
}
return $user_id;
}
do_action('plugins_loaded');
// If already slashed, strip.
if ( get_magic_quotes_gpc() ) {
$_GET = stripslashes_deep($_GET );
$_POST = stripslashes_deep($_POST );
$_COOKIE = stripslashes_deep($_COOKIE);
$_SERVER = stripslashes_deep($_SERVER);
}
// Escape with wpdb.
$_GET = add_magic_quotes($_GET );
$_POST = add_magic_quotes($_POST );
$_COOKIE = add_magic_quotes($_COOKIE);
$_SERVER = add_magic_quotes($_SERVER);
$wp_query = new WP_Query();
$wp_rewrite = new WP_Rewrite();
$wp = new WP();
define('TEMPLATEPATH', get_template_directory());
// Load the default text localization domain.
load_default_textdomain();
// Pull in locale data after loading text domain.
require_once(ABSPATH . WPINC . '/locale.php');
// Load functions for active theme.
if ( file_exists(TEMPLATEPATH . "/functions.php") )
/**
* Update a row in the table with an array of data.
*
* @since 2.5.0
*
* @param string $table WARNING: not sanitized!
* @param array $data Should not already be SQL-escaped
* @param array $where A named array of WHERE column => value relationships. Multiple member pairs will be joined with ANDs. WARNING: the column names are not currently sanitized!
* @return mixed Results of $this->query()
*/
function update($table, $data, $where)
{
$data = add_magic_quotes($data);
$bits = $wheres = array();
foreach ((array) array_keys($data) as $k) {
$bits[] = "`{$k}` = '{$data[$k]}'";
}
if (is_array($where)) {
foreach ($where as $c => $v) {
$wheres[] = "{$c} = '" . $this->escape($v) . "'";
}
} else {
return false;
}
return $this->query("UPDATE {$table} SET " . implode(', ', $bits) . ' WHERE ' . implode(' AND ', $wheres));
}
function fix_attachment_links($post_ID)
{
global $wp_rewrite;
$post =& get_post($post_ID, ARRAY_A);
$search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
// See if we have any rel="attachment" links
if (0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER)) {
return;
}
$i = 0;
$search = "# id=(\"|')p(\\d+)\\1#i";
foreach ($anchor_matches[0] as $anchor) {
if (0 == preg_match($search, $anchor, $id_matches)) {
continue;
}
$id = $id_matches[2];
// While we have the attachment ID, let's adopt any orphans.
$attachment =& get_post($id, ARRAY_A);
if (!empty($attachment) && !is_object(get_post($attachment['post_parent']))) {
$attachment['post_parent'] = $post_ID;
// Escape data pulled from DB.
$attachment = add_magic_quotes($attachment);
wp_update_post($attachment);
}
$post_search[$i] = $anchor;
$post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link({$id}).stripslashes('\\1')", $anchor);
++$i;
}
$post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
// Escape data pulled from DB.
$post = add_magic_quotes($post);
return wp_update_post($post);
}
function write_post($path, $blog_id, $post_id)
{
$new = $this->api->ends_with($path, '/new');
$args = $this->query_args();
// unhook publicize, it's hooked again later -- without this, skipping services is impossible
if (defined('IS_WPCOM') && IS_WPCOM) {
remove_action('save_post', array($GLOBALS['publicize_ui']->publicize, 'async_publicize_post'), 100, 2);
add_action('rest_api_inserted_post', array($GLOBALS['publicize_ui']->publicize, 'async_publicize_post'));
}
if ($new) {
$input = $this->input(true);
if ('revision' === $input['type']) {
if (!isset($input['parent'])) {
return new WP_Error('invalid_input', 'Invalid request input', 400);
}
$input['status'] = 'inherit';
// force inherit for revision type
$input['slug'] = $input['parent'] . '-autosave-v1';
} elseif (!isset($input['title']) && !isset($input['content']) && !isset($input['excerpt'])) {
return new WP_Error('invalid_input', 'Invalid request input', 400);
}
// default to post
if (empty($input['type'])) {
$input['type'] = 'post';
}
$post_type = get_post_type_object($input['type']);
if (!$this->is_post_type_allowed($input['type'])) {
return new WP_Error('unknown_post_type', 'Unknown post type', 404);
}
if (!empty($input['author'])) {
$author_id = parent::parse_and_set_author($input['author'], $input['type']);
unset($input['author']);
if (is_wp_error($author_id)) {
return $author_id;
}
}
if ('publish' === $input['status']) {
if (!current_user_can($post_type->cap->publish_posts)) {
if (current_user_can($post_type->cap->edit_posts)) {
$input['status'] = 'pending';
} else {
return new WP_Error('unauthorized', 'User cannot publish posts', 403);
}
}
} else {
if (!current_user_can($post_type->cap->edit_posts)) {
return new WP_Error('unauthorized', 'User cannot edit posts', 403);
}
}
} else {
$input = $this->input(false);
if (!is_array($input) || !$input) {
return new WP_Error('invalid_input', 'Invalid request input', 400);
}
$post = get_post($post_id);
$_post_type = !empty($input['type']) ? $input['type'] : $post->post_type;
$post_type = get_post_type_object($_post_type);
if (!$post || is_wp_error($post)) {
return new WP_Error('unknown_post', 'Unknown post', 404);
}
if (!current_user_can('edit_post', $post->ID)) {
return new WP_Error('unauthorized', 'User cannot edit post', 403);
}
if (!empty($input['author'])) {
$author_id = parent::parse_and_set_author($input['author'], $_post_type);
unset($input['author']);
if (is_wp_error($author_id)) {
return $author_id;
}
}
if ('publish' === $input['status'] && 'publish' !== $post->post_status && !current_user_can('publish_post', $post->ID)) {
$input['status'] = 'pending';
}
$last_status = $post->post_status;
$new_status = $input['status'];
}
// Fix for https://iorequests.wordpress.com/2014/08/13/scheduled-posts-made-in-the/
// See: https://a8c.slack.com/archives/io/p1408047082000273
// If date was set, $this->input will set date_gmt, date still needs to be adjusted for the blog's offset
if (isset($input['date_gmt'])) {
$gmt_offset = get_option('gmt_offset');
$time_with_offset = strtotime($input['date_gmt']) + $gmt_offset * HOUR_IN_SECONDS;
$input['date'] = date('Y-m-d H:i:s', $time_with_offset);
}
if (!empty($author_id) && get_current_user_id() != $author_id) {
if (!current_user_can($post_type->cap->edit_others_posts)) {
return new WP_Error('unauthorized', "User is not allowed to publish others' posts.", 403);
} elseif (!user_can($author_id, $post_type->cap->edit_posts)) {
return new WP_Error('unauthorized', 'Assigned author cannot publish post.', 403);
}
}
if (!is_post_type_hierarchical($post_type->name) && 'revision' !== $post_type->name) {
unset($input['parent']);
}
/* add taxonomies by name */
$tax_input = array();
foreach (array('categories' => 'category', 'tags' => 'post_tag') as $key => $taxonomy) {
if (!isset($input[$key])) {
continue;
}
$tax_input[$taxonomy] = array();
$is_hierarchical = is_taxonomy_hierarchical($taxonomy);
if (is_array($input[$key])) {
$terms = $input[$key];
} else {
$terms = explode(',', $input[$key]);
}
foreach ($terms as $term) {
/**
* We assume these are names, not IDs, even if they are numeric.
* Note: A category named "0" will not work right.
* https://core.trac.wordpress.org/ticket/9059
*/
$term_info = get_term_by('name', $term, $taxonomy, ARRAY_A);
if (!$term_info) {
// only add a new tag/cat if the user has access to
$tax = get_taxonomy($taxonomy);
if (!current_user_can($tax->cap->edit_terms)) {
continue;
}
$term_info = wp_insert_term($term, $taxonomy);
}
if (!is_wp_error($term_info)) {
if ($is_hierarchical) {
// Categories must be added by ID
$tax_input[$taxonomy][] = (int) $term_info['term_id'];
} else {
// Tags must be added by name
$tax_input[$taxonomy][] = $term;
}
}
}
}
/* add taxonomies by ID */
foreach (array('categories_by_id' => 'category', 'tags_by_id' => 'post_tag') as $key => $taxonomy) {
if (!isset($input[$key])) {
continue;
}
// combine with any previous selections
if (!is_array($tax_input[$taxonomy])) {
$tax_input[$taxonomy] = array();
}
$is_hierarchical = is_taxonomy_hierarchical($taxonomy);
if (is_array($input[$key])) {
$terms = $input[$key];
} else {
$terms = explode(',', $input[$key]);
}
foreach ($terms as $term) {
if (!ctype_digit($term)) {
// skip anything that doesn't look like an ID
continue;
}
$term = (int) $term;
$term_info = get_term_by('id', $term, $taxonomy, ARRAY_A);
if ($term_info && !is_wp_error($term_info)) {
if ($is_hierarchical) {
// Categories must be added by ID
$tax_input[$taxonomy][] = $term;
} else {
// Tags must be added by name
$tax_input[$taxonomy][] = $term_info['name'];
}
}
}
}
if ((isset($input['categories']) || isset($input['categories_by_id'])) && empty($tax_input['category']) && 'revision' !== $post_type->name) {
$tax_input['category'][] = get_option('default_category');
}
unset($input['tags'], $input['categories'], $input['tags_by_id'], $input['categories_by_id']);
$insert = array();
if (!empty($input['slug'])) {
$insert['post_name'] = $input['slug'];
unset($input['slug']);
}
if (isset($input['discussion'])) {
$discussion = (array) $input['discussion'];
foreach (array('comment', 'ping') as $discussion_type) {
$discussion_open = sprintf('%ss_open', $discussion_type);
$discussion_status = sprintf('%s_status', $discussion_type);
if (isset($discussion[$discussion_open])) {
$is_open = WPCOM_JSON_API::is_truthy($discussion[$discussion_open]);
$discussion[$discussion_status] = $is_open ? 'open' : 'closed';
}
if (in_array($discussion[$discussion_status], array('open', 'closed'))) {
$insert[$discussion_status] = $discussion[$discussion_status];
}
}
}
unset($input['discussion']);
if (isset($input['menu_order'])) {
$insert['menu_order'] = $input['menu_order'];
unset($input['menu_order']);
}
if (isset($input['publicize'])) {
$publicize = $input['publicize'];
unset($input['publicize']);
}
if (isset($input['publicize_message'])) {
$publicize_custom_message = $input['publicize_message'];
unset($input['publicize_message']);
}
if (isset($input['featured_image'])) {
$featured_image = trim($input['featured_image']);
$delete_featured_image = empty($featured_image);
unset($input['featured_image']);
}
if (isset($input['metadata'])) {
$metadata = $input['metadata'];
unset($input['metadata']);
}
if (isset($input['likes_enabled'])) {
$likes = $input['likes_enabled'];
unset($input['likes_enabled']);
}
if (isset($input['sharing_enabled'])) {
$sharing = $input['sharing_enabled'];
unset($input['sharing_enabled']);
}
if (isset($input['sticky'])) {
$sticky = $input['sticky'];
unset($input['sticky']);
}
foreach ($input as $key => $value) {
$insert["post_{$key}"] = $value;
}
if (!empty($author_id)) {
$insert['post_author'] = absint($author_id);
}
if (!empty($tax_input)) {
$insert['tax_input'] = $tax_input;
}
$has_media = !empty($input['media']) ? count($input['media']) : false;
$has_media_by_url = !empty($input['media_urls']) ? count($input['media_urls']) : false;
if ($new) {
if (false === strpos($input['content'], '[gallery') && ($has_media || $has_media_by_url)) {
switch ($has_media + $has_media_by_url) {
case 0:
// No images - do nothing.
break;
case 1:
// 1 image - make it big
$insert['post_content'] = $input['content'] = "[gallery size=full columns=1]\n\n" . $input['content'];
break;
default:
// Several images - 3 column gallery
$insert['post_content'] = $input['content'] = "[gallery]\n\n" . $input['content'];
break;
}
}
$post_id = wp_insert_post(add_magic_quotes($insert), true);
} else {
$insert['ID'] = $post->ID;
// wp_update_post ignores date unless edit_date is set
// See: http://codex.wordpress.org/Function_Reference/wp_update_post#Scheduling_posts
// See: https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/post.php#L3302
if (isset($input['date_gmt']) || isset($input['date'])) {
$insert['edit_date'] = true;
}
$post_id = wp_update_post((object) $insert);
}
if (!$post_id || is_wp_error($post_id)) {
return $post_id;
}
// make sure this post actually exists and is not an error of some kind (ie, trying to load media in the posts endpoint)
$post_check = $this->get_post_by('ID', $post_id, $args['context']);
if (is_wp_error($post_check)) {
return $post_check;
}
if ($has_media || $has_media_by_url) {
$media_files = !empty($input['media']) ? $input['media'] : array();
$media_urls = !empty($input['media_urls']) ? $input['media_urls'] : array();
$media_attrs = !empty($input['media_attrs']) ? $input['media_attrs'] : array();
$force_parent_id = $post_id;
$media_results = $this->handle_media_creation_v1_1($media_files, $media_urls, $media_attrs, $force_parent_id);
}
// set page template for this post..
if (isset($input['page_template']) && 'page' == $post_type->name) {
$page_template = $input['page_template'];
$page_templates = wp_get_theme()->get_page_templates(get_post($post_id));
if (empty($page_template) || 'default' == $page_template || isset($page_templates[$page_template])) {
update_post_meta($post_id, '_wp_page_template', $page_template);
}
}
// Set like status for the post
$sitewide_likes_enabled = (bool) apply_filters('wpl_is_enabled_sitewide', !get_option('disabled_likes'));
if ($new) {
if ($sitewide_likes_enabled) {
if (false === $likes) {
update_post_meta($post_id, 'switch_like_status', 1);
} else {
delete_post_meta($post_id, 'switch_like_status');
}
} else {
if ($likes) {
update_post_meta($post_id, 'switch_like_status', 1);
} else {
delete_post_meta($post_id, 'switch_like_status');
}
}
} else {
if (isset($likes)) {
if ($sitewide_likes_enabled) {
if (false === $likes) {
update_post_meta($post_id, 'switch_like_status', 1);
} else {
delete_post_meta($post_id, 'switch_like_status');
}
} else {
if (true === $likes) {
update_post_meta($post_id, 'switch_like_status', 1);
} else {
delete_post_meta($post_id, 'switch_like_status');
}
}
}
}
// Set sharing status of the post
if ($new) {
$sharing_enabled = isset($sharing) ? (bool) $sharing : true;
if (false === $sharing_enabled) {
update_post_meta($post_id, 'sharing_disabled', 1);
}
} else {
if (isset($sharing) && true === $sharing) {
delete_post_meta($post_id, 'sharing_disabled');
} else {
if (isset($sharing) && false == $sharing) {
update_post_meta($post_id, 'sharing_disabled', 1);
}
}
}
if (true === $sticky) {
stick_post($post_id);
} else {
unstick_post($post_id);
}
// WPCOM Specific (Jetpack's will get bumped elsewhere
// Tracks how many posts are published and sets meta so we can track some other cool stats (like likes & comments on posts published)
if ($new && 'publish' == $input['status'] || !$new && isset($last_status) && 'publish' != $last_status && isset($new_status) && 'publish' == $new_status) {
if (function_exists('bump_stats_extras')) {
bump_stats_extras('api-insights-posts', $this->api->token_details['client_id']);
update_post_meta($post_id, '_rest_api_published', 1);
update_post_meta($post_id, '_rest_api_client_id', $this->api->token_details['client_id']);
}
}
// We ask the user/dev to pass Publicize services he/she wants activated for the post, but Publicize expects us
// to instead flag the ones we don't want to be skipped. proceed with said logic.
// any posts coming from Path (client ID 25952) should also not publicize
if ($publicize === false || isset($this->api->token_details['client_id']) && 25952 == $this->api->token_details['client_id']) {
// No publicize at all, skip all by ID
foreach ($GLOBALS['publicize_ui']->publicize->get_services('all') as $name => $service) {
delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name);
$service_connections = $GLOBALS['publicize_ui']->publicize->get_connections($name);
if (!$service_connections) {
continue;
}
foreach ($service_connections as $service_connection) {
update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1);
}
}
} else {
if (is_array($publicize) && count($publicize) > 0) {
foreach ($GLOBALS['publicize_ui']->publicize->get_services('all') as $name => $service) {
/*
* We support both indexed and associative arrays:
* * indexed are to pass entire services
* * associative are to pass specific connections per service
*
* We do support mixed arrays: mixed integer and string keys (see 3rd example below).
*
* EG: array( 'twitter', 'facebook') will only publicize to those, ignoring the other available services
* Form data: publicize[]=twitter&publicize[]=facebook
* EG: array( 'twitter' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3', 'facebook' => (int) $pub_conn_id_7 ) will publicize to two Twitter accounts, and one Facebook connection, of potentially many.
* Form data: publicize[twitter]=$pub_conn_id_0,$pub_conn_id_3&publicize[facebook]=$pub_conn_id_7
* EG: array( 'twitter', 'facebook' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3' ) will publicize to all available Twitter accounts, but only 2 of potentially many Facebook connections
* Form data: publicize[]=twitter&publicize[facebook]=$pub_conn_id_0,$pub_conn_id_3
*/
// Delete any stale SKIP value for the service by name. We'll add it back by ID.
delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name);
// Get the user's connections
$service_connections = $GLOBALS['publicize_ui']->publicize->get_connections($name);
// if the user doesn't have any connections for this service, move on
if (!$service_connections) {
continue;
}
if (!in_array($name, $publicize) && !array_key_exists($name, $publicize)) {
// Skip the whole service by adding each connection ID
foreach ($service_connections as $service_connection) {
update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1);
}
} else {
if (!empty($publicize[$name])) {
// Seems we're being asked to only push to [a] specific connection[s].
// Explode the list on commas, which will also support a single passed ID
$requested_connections = explode(',', preg_replace('/[\\s]*/', '', $publicize[$name]));
// Flag the connections we can't match with the requested list to be skipped.
foreach ($service_connections as $service_connection) {
if (!in_array($service_connection->meta['connection_data']->id, $requested_connections)) {
update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1);
} else {
delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id);
}
}
} else {
// delete all SKIP values; it's okay to publish to all connected IDs for this service
foreach ($service_connections as $service_connection) {
delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id);
}
}
}
}
}
}
if (!empty($publicize_custom_message)) {
update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_MESS, trim($publicize_custom_message));
}
set_post_format($post_id, $insert['post_format']);
if (isset($featured_image)) {
parent::parse_and_set_featured_image($post_id, $delete_featured_image, $featured_image);
}
if (!empty($metadata)) {
foreach ((array) $metadata as $meta) {
$meta = (object) $meta;
$existing_meta_item = new stdClass();
if (empty($meta->operation)) {
$meta->operation = 'update';
}
if (!empty($meta->value)) {
if ('true' == $meta->value) {
$meta->value = true;
}
if ('false' == $meta->value) {
$meta->value = false;
}
}
if (!empty($meta->id)) {
$meta->id = absint($meta->id);
$existing_meta_item = get_metadata_by_mid('post', $meta->id);
}
$unslashed_meta_key = wp_unslash($meta->key);
// should match what the final key will be
$meta->key = wp_slash($meta->key);
$unslashed_existing_meta_key = wp_unslash($existing_meta_item->meta_key);
$existing_meta_item->meta_key = wp_slash($existing_meta_item->meta_key);
// make sure that the meta id passed matches the existing meta key
if (!empty($meta->id) && !empty($meta->key)) {
$meta_by_id = get_metadata_by_mid('post', $meta->id);
if ($meta_by_id->meta_key !== $meta->key) {
continue;
// skip this meta
}
}
switch ($meta->operation) {
case 'delete':
if (!empty($meta->id) && !empty($existing_meta_item->meta_key) && current_user_can('delete_post_meta', $post_id, $unslashed_existing_meta_key)) {
delete_metadata_by_mid('post', $meta->id);
} elseif (!empty($meta->key) && !empty($meta->previous_value) && current_user_can('delete_post_meta', $post_id, $unslashed_meta_key)) {
delete_post_meta($post_id, $meta->key, $meta->previous_value);
} elseif (!empty($meta->key) && current_user_can('delete_post_meta', $post_id, $unslashed_meta_key)) {
delete_post_meta($post_id, $meta->key);
}
break;
case 'add':
if (!empty($meta->id) || !empty($meta->previous_value)) {
continue;
} elseif (!empty($meta->key) && !empty($meta->value) && current_user_can('add_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key)) {
add_post_meta($post_id, $meta->key, $meta->value);
}
break;
case 'update':
if (!isset($meta->value)) {
continue;
} elseif (!empty($meta->id) && !empty($existing_meta_item->meta_key) && (current_user_can('edit_post_meta', $post_id, $unslashed_existing_meta_key) || $this->is_metadata_public($meta->key))) {
update_metadata_by_mid('post', $meta->id, $meta->value);
} elseif (!empty($meta->key) && !empty($meta->previous_value) && (current_user_can('edit_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key))) {
update_post_meta($post_id, $meta->key, $meta->value, $meta->previous_value);
} elseif (!empty($meta->key) && (current_user_can('edit_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key))) {
update_post_meta($post_id, $meta->key, $meta->value);
}
break;
}
}
}
do_action('rest_api_inserted_post', $post_id, $insert, $new);
$return = $this->get_post_by('ID', $post_id, $args['context']);
if (!$return || is_wp_error($return)) {
return $return;
}
if (isset($input['type']) && 'revision' === $input['type']) {
$return['preview_nonce'] = wp_create_nonce('post_preview_' . $input['parent']);
}
// workaround for sticky test occasionally failing, maybe a race condition with stick_post() above
$return['sticky'] = true === $sticky;
if (!empty($media_results['errors'])) {
$return['media_errors'] = $media_results['errors'];
}
do_action('wpcom_json_api_objects', 'posts');
return $return;
}
function wp_update_link($linkdata)
{
global $wpdb;
$link_id = (int) $linkdata['link_id'];
$link = get_link($link_id, ARRAY_A);
// Escape data pulled from DB.
$link = add_magic_quotes($link);
// Merge old and new fields with new fields overwriting old ones.
$linkdata = array_merge($link, $linkdata);
return wp_insert_link($linkdata);
}
/**
* Walks the array while sanitizing the contents.
*
* @uses $wpdb Used to sanitize values
* @since 0.71
*
* @param array $array Array to used to walk while sanitizing contents.
* @return array Sanitized $array.
*/
function add_magic_quotes($array)
{
global $wpdb;
foreach ((array) $array as $k => $v) {
if (is_array($v)) {
$array[$k] = add_magic_quotes($v);
} else {
$array[$k] = $wpdb->escape($v);
}
}
return $array;
}
/**
* Replace hrefs of attachment anchors with up-to-date permalinks.
*
* @since 2.3.0
* @access private
*
* @param int|object $post Post ID or post object.
* @return void|int|WP_Error Void if nothing fixed. 0 or WP_Error on update failure. The post ID on update success.
*/
function _fix_attachment_links($post)
{
$post = get_post($post, ARRAY_A);
$content = $post['post_content'];
// Don't run if no pretty permalinks or post is not published, scheduled, or privately published.
if (!get_option('permalink_structure') || !in_array($post['post_status'], array('publish', 'future', 'private'))) {
return;
}
// Short if there aren't any links or no '?attachment_id=' strings (strpos cannot be zero)
if (!strpos($content, '?attachment_id=') || !preg_match_all('/<a ([^>]+)>[\\s\\S]+?<\\/a>/', $content, $link_matches)) {
return;
}
$site_url = get_bloginfo('url');
$site_url = substr($site_url, (int) strpos($site_url, '://'));
// remove the http(s)
$replace = '';
foreach ($link_matches[1] as $key => $value) {
if (!strpos($value, '?attachment_id=') || !strpos($value, 'wp-att-') || !preg_match('/href=(["\'])[^"\']*\\?attachment_id=(\\d+)[^"\']*\\1/', $value, $url_match) || !preg_match('/rel=["\'][^"\']*wp-att-(\\d+)/', $value, $rel_match)) {
continue;
}
$quote = $url_match[1];
// the quote (single or double)
$url_id = (int) $url_match[2];
$rel_id = (int) $rel_match[1];
if (!$url_id || !$rel_id || $url_id != $rel_id || strpos($url_match[0], $site_url) === false) {
continue;
}
$link = $link_matches[0][$key];
$replace = str_replace($url_match[0], 'href=' . $quote . get_attachment_link($url_id) . $quote, $link);
$content = str_replace($link, $replace, $content);
}
if ($replace) {
$post['post_content'] = $content;
// Escape data pulled from DB.
$post = add_magic_quotes($post);
return wp_update_post($post);
}
}
/**
* Restores a post to the specified revision.
*
* Can restore a past revision using all fields of the post revision, or only selected fields.
*
* @package WordPress
* @subpackage Post_Revisions
* @since 2.6.0
*
* @uses wp_get_post_revision()
* @uses wp_update_post()
* @uses do_action() Calls 'wp_restore_post_revision' on post ID and revision ID if wp_update_post()
* is successful.
*
* @param int|object $revision_id Revision ID or revision object.
* @param array $fields Optional. What fields to restore from. Defaults to all.
* @return mixed Null if error, false if no fields to restore, (int) post ID if success.
*/
function wp_restore_post_revision($revision_id, $fields = null)
{
if (!($revision = wp_get_post_revision($revision_id, ARRAY_A))) {
return $revision;
}
if (!is_array($fields)) {
$fields = array_keys(_wp_post_revision_fields());
}
$update = array();
foreach (array_intersect(array_keys($revision), $fields) as $field) {
$update[$field] = $revision[$field];
}
if (!$update) {
return false;
}
$update['ID'] = $revision['post_parent'];
$update = add_magic_quotes($update);
//since data is from db
$post_id = wp_update_post($update);
if (is_wp_error($post_id)) {
return $post_id;
}
if ($post_id) {
do_action('wp_restore_post_revision', $post_id, $revision['ID']);
}
return $post_id;
}
// Captures any text in the body after $phone_delim as the body
$content = explode($phone_delim, $content);
$content = empty( $content[1] ) ? $content[0] : $content[1];
$content = trim($content);
$post_content = apply_filters('phone_content', $content);
$post_title = xmlrpc_getposttitle($content);
if ($post_title == '') $post_title = $subject;
$post_category = array(get_option('default_email_category'));
$post_data = compact('post_content','post_title','post_date','post_date_gmt','post_author','post_category', 'post_status');
$post_data = add_magic_quotes($post_data);
$post_ID = wp_insert_post($post_data);
if ( is_wp_error( $post_ID ) )
echo "\n" . $post_ID->get_error_message();
// We couldn't post, for whatever reason. Better move forward to the next email.
if ( empty( $post_ID ) )
continue;
do_action('publish_phone', $post_ID);
echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), esc_html($post_author)) . '</p>';
echo "\n<p>" . sprintf(__('<strong>Posted title:</strong> %s'), esc_html($post_title)) . '</p>';
if(!$pop3->delete($i)) {
