function pre_http_request($pre, $args, $url) { $this->args = wp_parse_args($args, array('authentication' => NULL, 'username' => NULL, 'password' => NULL)); // Ruh roh... if (!is_null($this->args['authentication'])) { switch ($this->args['authentication']) { case '-': // No HTTP Auth method. Remove this stuff. $this->args['authentication'] = NULL; $this->args['username'] = NULL; $this->args['password'] = NULL; break; case 'basic': if ($this->have_curl($args, $url)) { // Don't need to do anything. http_api_curl hook takes care // of it. break; } elseif ($this->have_streams($args, $url)) { // curl has a nice native way to jam in the username and // passwd but streams and fsockopen do not. So we have to // make a recursive call with the credentials in the URL. // Wee ha! $method = $this->args['authentication']; $credentials = $this->args['username']; if (!is_null($this->args['password'])) { $credentials .= ':' . $args['password']; } // Remove these so we don't recurse all the way down unset($this->args['authentication']); unset($this->args['username']); unset($this->args['password']); $url = preg_replace('!(https?://)!', '$1' . $credentials . '@', $url); // Subsidiary request $pre = wp_remote_request($url, $this->args); break; } case 'digest': if ($this->have_curl($args, $url)) { // Don't need to do anything. http_api_curl hook takes care // of it. break; } default: if (is_callable('WP_Http', '_get_first_available_transport')) { $trans = WP_Http::_get_first_available_transport($args, $url); if (!$trans) { $trans = WP_Http::_get_first_available_transport(array(), $url); } } elseif (is_callable('WP_Http', '_getTransport')) { $transports = WP_Http::_getTransport($args); $trans = get_class(reset($transports)); } else { $trans = 'HTTP'; } $pre = new WP_Error('http_request_failed', sprintf(__('%s cannot use %s authentication with the %s transport.'), __CLASS__, $args['authentication'], $trans)); } } return $pre; }
/** * Send a HTTP request to a URI. * * The body and headers are part of the arguments. The 'body' argument is for the body and will * accept either a string or an array. The 'headers' argument should be an array, but a string * is acceptable. If the 'body' argument is an array, then it will automatically be escaped * using http_build_query(). * * The only URI that are supported in the HTTP Transport implementation are the HTTP and HTTPS * protocols. HTTP and HTTPS are assumed so the server might not know how to handle the send * headers. Other protocols are unsupported and most likely will fail. * * The defaults are 'method', 'timeout', 'redirection', 'httpversion', 'blocking' and * 'user-agent'. * * Accepted 'method' values are 'GET', 'POST', and 'HEAD', some transports technically allow * others, but should not be assumed. The 'timeout' is used to sent how long the connection * should stay open before failing when no response. 'redirection' is used to track how many * redirects were taken and used to sent the amount for other transports, but not all transports * accept setting that value. * * The 'httpversion' option is used to sent the HTTP version and accepted values are '1.0', and * '1.1' and should be a string. Version 1.1 is not supported, because of chunk response. The * 'user-agent' option is the user-agent and is used to replace the default user-agent, which is * 'WordPress/WP_Version', where WP_Version is the value from $wp_version. * * 'blocking' is the default, which is used to tell the transport, whether it should halt PHP * while it performs the request or continue regardless. Actually, that isn't entirely correct. * Blocking mode really just means whether the fread should just pull what it can whenever it * gets bytes or if it should wait until it has enough in the buffer to read or finishes reading * the entire content. It doesn't actually always mean that PHP will continue going after making * the request. * * @access public * @since 2.7.0 * @todo Refactor this code. The code in this method extends the scope of its original purpose * and should be refactored to allow for cleaner abstraction and reduce duplication of the * code. One suggestion is to create a class specifically for the arguments, however * preliminary refactoring to this affect has affect more than just the scope of the * arguments. Something to ponder at least. * * @param string $url URI resource. * @param str|array $args Optional. Override the defaults. * @return array containing 'headers', 'body', 'response', 'cookies' */ function request($url, $args = array()) { global $wp_version; $defaults = array('method' => 'GET', 'timeout' => apply_filters('http_request_timeout', 5), 'redirection' => apply_filters('http_request_redirection_count', 5), 'httpversion' => apply_filters('http_request_version', '1.0'), 'user-agent' => apply_filters('http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo('url')), 'blocking' => true, 'headers' => array(), 'cookies' => array(), 'body' => null, 'compress' => false, 'decompress' => true, 'sslverify' => true); $r = wp_parse_args($args, $defaults); $r = apply_filters('http_request_args', $r, $url); // Allow plugins to short-circuit the request $pre = apply_filters('pre_http_request', false, $r, $url); if (false !== $pre) { return $pre; } $arrURL = parse_url($url); if ($this->block_request($url)) { return new WP_Error('http_request_failed', __('User has blocked requests through HTTP.')); } // Determine if this is a https call and pass that on to the transport functions // so that we can blacklist the transports that do not support ssl verification $r['ssl'] = $arrURL['scheme'] == 'https' || $arrURL['scheme'] == 'ssl'; // Determine if this request is to OUR install of WordPress $homeURL = parse_url(get_bloginfo('url')); $r['local'] = $homeURL['host'] == $arrURL['host'] || 'localhost' == $arrURL['host']; unset($homeURL); if (is_null($r['headers'])) { $r['headers'] = array(); } if (!is_array($r['headers'])) { $processedHeaders = WP_Http::processHeaders($r['headers']); $r['headers'] = $processedHeaders['headers']; } if (isset($r['headers']['User-Agent'])) { $r['user-agent'] = $r['headers']['User-Agent']; unset($r['headers']['User-Agent']); } if (isset($r['headers']['user-agent'])) { $r['user-agent'] = $r['headers']['user-agent']; unset($r['headers']['user-agent']); } // Construct Cookie: header if any cookies are set WP_Http::buildCookieHeader($r); if (WP_Http_Encoding::is_available()) { $r['headers']['Accept-Encoding'] = WP_Http_Encoding::accept_encoding(); } if (empty($r['body'])) { // Some servers fail when sending content without the content-length header being set. // Also, to fix another bug, we only send when doing POST and PUT and the content-length // header isn't already set. if (($r['method'] == 'POST' || $r['method'] == 'PUT') && !isset($r['headers']['Content-Length'])) { $r['headers']['Content-Length'] = 0; } // The method is ambiguous, because we aren't talking about HTTP methods, the "get" in // this case is simply that we aren't sending any bodies and to get the transports that // don't support sending bodies along with those which do. $transports = WP_Http::_getTransport($r); } else { if (is_array($r['body']) || is_object($r['body'])) { if (!version_compare(phpversion(), '5.1.2', '>=')) { $r['body'] = _http_build_query($r['body'], null, '&'); } else { $r['body'] = http_build_query($r['body'], null, '&'); } $r['headers']['Content-Type'] = 'application/x-www-form-urlencoded; charset=' . get_option('blog_charset'); $r['headers']['Content-Length'] = strlen($r['body']); } if (!isset($r['headers']['Content-Length']) && !isset($r['headers']['content-length'])) { $r['headers']['Content-Length'] = strlen($r['body']); } // The method is ambiguous, because we aren't talking about HTTP methods, the "post" in // this case is simply that we are sending HTTP body and to get the transports that do // support sending the body. Not all do, depending on the limitations of the PHP core // limitations. $transports = WP_Http::_postTransport($r); } do_action('http_api_debug', $transports, 'transports_list'); $response = array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array()); foreach ((array) $transports as $transport) { $response = $transport->request($url, $r); do_action('http_api_debug', $response, 'response', get_class($transport)); if (!is_wp_error($response)) { return apply_filters('http_response', $response, $r, $url); } } return $response; }
/** * Send a HTTP request to a URI. * * The body and headers are part of the arguments. The 'body' argument is * for the body and will accept either a string or an array. The 'headers' * argument should be an array, but a string is acceptable. If the 'body' * argument is an array, then it will automatically be escaped using * http_build_query(). * * The only URI that are supported in the HTTP Transport implementation are * the HTTP and HTTPS protocols. HTTP and HTTPS are assumed so the server * might not know how to handle the send headers. Other protocols are * unsupported and most likely will fail. * * The defaults are 'method', 'timeout', 'redirection', 'httpversion', * 'blocking' and 'user-agent'. * * Accepted 'method' values are 'GET', 'POST', and 'HEAD', some transports * technically allow others, but should not be assumed. The 'timeout' is * used to sent how long the connection should stay open before failing when * no response. 'redirection' is used to track how many redirects were taken * and used to sent the amount for other transports, but not all transports * accept setting that value. * * The 'httpversion' option is used to sent the HTTP version and accepted * values are '1.0', and '1.1' and should be a string. Version 1.1 is not * supported, because of chunk response. The 'user-agent' option is the * user-agent and is used to replace the default user-agent, which is * 'WordPress/WP_Version', where WP_Version is the value from $wp_version. * * 'blocking' is the default, which is used to tell the transport, whether * it should halt PHP while it performs the request or continue regardless. * Actually, that isn't entirely correct. Blocking mode really just means * whether the fread should just pull what it can whenever it gets bytes or * if it should wait until it has enough in the buffer to read or finishes * reading the entire content. It doesn't actually always mean that PHP will * continue going after making the request. * * @access public * @since 2.7.0 * * @param string $url URI resource. * @param str|array $args Optional. Override the defaults. * @return boolean */ function request($url, $args = array()) { global $wp_version; $defaults = array('method' => 'GET', 'timeout' => apply_filters('http_request_timeout', 5), 'redirection' => apply_filters('http_request_redirection_count', 5), 'httpversion' => apply_filters('http_request_version', '1.0'), 'user-agent' => apply_filters('http_headers_useragent', 'WordPress/' . $wp_version), 'blocking' => true, 'headers' => array(), 'body' => null, 'compress' => false, 'decompress' => true); $r = wp_parse_args($args, $defaults); $r = apply_filters('http_request_args', $r, $url); if (is_null($r['headers'])) { $r['headers'] = array(); } if (!is_array($r['headers'])) { $processedHeaders = WP_Http::processHeaders($r['headers']); $r['headers'] = $processedHeaders['headers']; } if (isset($r['headers']['User-Agent'])) { $r['user-agent'] = $r['headers']['User-Agent']; unset($r['headers']['User-Agent']); } if (isset($r['headers']['user-agent'])) { $r['user-agent'] = $r['headers']['user-agent']; unset($r['headers']['user-agent']); } if (WP_Http_Encoding::is_available()) { $r['headers']['Accept-Encoding'] = WP_Http_Encoding::accept_encoding(); } if (is_null($r['body'])) { // Some servers fail when sending content without the content-length // header being set. $r['headers']['Content-Length'] = 0; $transports = WP_Http::_getTransport($r); } else { if (is_array($r['body']) || is_object($r['body'])) { $r['body'] = http_build_query($r['body'], null, '&'); $r['headers']['Content-Type'] = 'application/x-www-form-urlencoded; charset=' . get_option('blog_charset'); $r['headers']['Content-Length'] = strlen($r['body']); } if (!isset($r['headers']['Content-Length']) && !isset($r['headers']['content-length'])) { $r['headers']['Content-Length'] = strlen($r['body']); } $transports = WP_Http::_postTransport($r); } if (has_action('http_api_debug')) { do_action('http_api_debug', $transports, 'transports_list'); } $response = array('headers' => array(), 'body' => '', 'response' => array('code', 'message')); foreach ((array) $transports as $transport) { $response = $transport->request($url, $r); if (has_action('http_api_debug')) { do_action('http_api_debug', $response, 'response', get_class($transport)); } if (!is_wp_error($response)) { return $response; } } return $response; }
/** * Send a HTTP request to a URI. * * The body and headers are part of the arguments. The 'body' argument is for the body and will * accept either a string or an array. The 'headers' argument should be an array, but a string * is acceptable. If the 'body' argument is an array, then it will automatically be escaped * using http_build_query(). * * The only URI that are supported in the HTTP Transport implementation are the HTTP and HTTPS * protocols. HTTP and HTTPS are assumed so the server might not know how to handle the send * headers. Other protocols are unsupported and most likely will fail. * * The defaults are 'method', 'timeout', 'redirection', 'httpversion', 'blocking' and * 'user-agent'. * * Accepted 'method' values are 'GET', 'POST', and 'HEAD', some transports technically allow * others, but should not be assumed. The 'timeout' is used to sent how long the connection * should stay open before failing when no response. 'redirection' is used to track how many * redirects were taken and used to sent the amount for other transports, but not all transports * accept setting that value. * * The 'httpversion' option is used to sent the HTTP version and accepted values are '1.0', and * '1.1' and should be a string. Version 1.1 is not supported, because of chunk response. The * 'user-agent' option is the user-agent and is used to replace the default user-agent, which is * 'WordPress/WP_Version', where WP_Version is the value from $wp_version. * * 'blocking' is the default, which is used to tell the transport, whether it should halt PHP * while it performs the request or continue regardless. Actually, that isn't entirely correct. * Blocking mode really just means whether the fread should just pull what it can whenever it * gets bytes or if it should wait until it has enough in the buffer to read or finishes reading * the entire content. It doesn't actually always mean that PHP will continue going after making * the request. * * @access public * @since 2.7.0 * * @param string $url URI resource. * @param str|array $args Optional. Override the defaults. * @return array containing 'headers', 'body', 'response', 'cookies' */ function request( $url, $args = array() ) { global $wp_version; $defaults = array( 'method' => 'GET', 'timeout' => apply_filters( 'http_request_timeout', 5), 'redirection' => apply_filters( 'http_request_redirection_count', 5), 'httpversion' => apply_filters( 'http_request_version', '1.0'), 'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ), 'blocking' => true, 'headers' => array(), 'cookies' => array(), 'body' => null, 'compress' => false, 'decompress' => true, 'sslverify' => true ); $r = wp_parse_args( $args, $defaults ); $r = apply_filters( 'http_request_args', $r, $url ); $arrURL = parse_url($url); if ( $this->block_request( $url ) ) return new WP_Error('http_request_failed', 'User has blocked requests through HTTP.'); // Determine if this is a https call and pass that on to the transport functions // so that we can blacklist the transports that do not support ssl verification $r['ssl'] = $arrURL['scheme'] == 'https' || $arrURL['scheme'] == 'ssl'; // Determine if this request is to OUR install of WordPress $homeURL = parse_url(get_bloginfo('url')); $r['local'] = $homeURL['host'] == $arrURL['host'] || 'localhost' == $arrURL['host']; unset($homeURL); if ( is_null( $r['headers'] ) ) $r['headers'] = array(); if ( ! is_array($r['headers']) ) { $processedHeaders = WP_Http::processHeaders($r['headers']); $r['headers'] = $processedHeaders['headers']; } if ( isset($r['headers']['User-Agent']) ) { $r['user-agent'] = $r['headers']['User-Agent']; unset($r['headers']['User-Agent']); } if ( isset($r['headers']['user-agent']) ) { $r['user-agent'] = $r['headers']['user-agent']; unset($r['headers']['user-agent']); } // Construct Cookie: header if any cookies are set WP_Http::buildCookieHeader( $r ); if ( WP_Http_Encoding::is_available() ) $r['headers']['Accept-Encoding'] = WP_Http_Encoding::accept_encoding(); if ( is_null($r['body']) ) { // Some servers fail when sending content without the content-length // header being set. $r['headers']['Content-Length'] = 0; $transports = WP_Http::_getTransport($r); } else { if ( is_array( $r['body'] ) || is_object( $r['body'] ) ) { if ( ! version_compare(phpversion(), '5.1.2', '>=') ) $r['body'] = _http_build_query($r['body'], null, '&'); else $r['body'] = http_build_query($r['body'], null, '&'); $r['headers']['Content-Type'] = 'application/x-www-form-urlencoded; charset=' . get_option('blog_charset'); $r['headers']['Content-Length'] = strlen($r['body']); } if ( ! isset( $r['headers']['Content-Length'] ) && ! isset( $r['headers']['content-length'] ) ) $r['headers']['Content-Length'] = strlen($r['body']); $transports = WP_Http::_postTransport($r); } if ( has_action('http_api_debug') ) do_action('http_api_debug', $transports, 'transports_list'); $response = array( 'headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array() ); foreach ( (array) $transports as $transport ) { $response = $transport->request($url, $r); if ( has_action('http_api_debug') ) do_action( 'http_api_debug', $response, 'response', get_class($transport) ); if ( ! is_wp_error($response) ) return $response; } return $response; }
/** * Print and request user for Google in profile. Token link present * uses if settings in user level * run by action 'show_user_profile' from user-edit.php * * @param object $user */ function user_profile($user) { if (!current_user_can('picasa_dialog')) { return; } if ($this->options['pe2_level'] != 'user') { return; } $user_id = $user->ID; if (isset($_GET['revoke'])) { $response = $this->get_feed("https://www.google.com/accounts/AuthSubRevokeToken"); if (is_wp_error($response)) { $message = __('Google returned error: ', 'pe2') . $response->get_error_message(); } else { $message = __('Private access revoked', 'pe2'); } delete_user_meta($user_id, 'pe2_token'); $this->options['pe2_token'] = ''; } if (isset($_GET['message']) && $_GET['message']) { $message = esc_html(stripcslashes($_GET['message'])); } if (!get_user_meta($user_id, 'pe2_user_name', true) && current_user_can('manage_options')) { update_user_meta($user_id, 'pe2_user_name', $this->options['pe2_user_name']); if ($this->options['pe2_token']) { update_user_meta($user_id, 'pe2_token', $this->options['pe2_token']); } } ?> <h3><?php _e('Google+ Express access', 'pe2'); ?> </h3> <?php if ($message) { echo '<div id="picasa-express-x2-message" class="updated"><p><strong>' . $message . '</strong></p></div>'; } ?> <table class="form-table"> <?php $user = get_user_meta($user_id, 'pe2_user_name', true); $result = 'ok'; $feed_url = "http://picasaweb.google.com/data/feed/base/user/{$user}?alt=rss&kind=album&hl=en_US"; $response = $this->get_feed($feed_url); if (is_wp_error($response)) { $result = 'error: ' . $response->get_error_message(); } else { if (!$this->get_item($response, 'atom:id')) { $result = 'error: wrong answer'; } } if (method_exists('WP_Http', '_getTransport')) { $ta = array(); $transports = WP_Http::_getTransport(array()); foreach ($transports as $t) { $ta[] = strtolower(str_replace('WP_Http_', '', get_class($t))); } if ($ta) { $result = sprintf(__("Checking user: %s - Transport: %s - <a href=\"%s\" target=\"_blank\">URL</a>", 'pe2'), $result, implode(',', $ta), $feed_url); } } else { if (method_exists('WP_Http', '_get_first_available_transport')) { $transport = WP_Http::_get_first_available_transport(array()); if ($transport) { $transport_name = strtolower(str_replace('WP_HTTP_', '', $transport)); $result = sprintf(' ' . __("Checking user: %s - Transport: %s - <a href=\"%s\" target=\"_blank\">URL</a>", 'pe2'), $result, $transport_name, $feed_url); } } else { $result = ''; } } $this->make_settings_row(__('Google user name', 'pe2'), '<input type="text" class="regular-text" name="pe2_user_name" value="' . esc_attr($user) . '" />' . $result . (!get_user_meta($user_id, 'pe2_token', true) ? '<br /><a href="https://www.google.com/accounts/AuthSubRequest?next=' . urlencode($this->google_authorize_plugin_URL . '?authorize&user='******'&scope=http%3A%2F%2Fpicasaweb.google.com%2Fdata%2F&session=1&secure=0">' . __('Requesting access to private albums', 'pe2') . '</a>' : '<br/><a href="?revoke=true">' . __('Revoke access to private albums', 'pe2') . '</a>'), get_user_meta($user_id, 'pe2_token', true) ? __('You already received the access to private albums', 'pe2') : __('By this link you will be redirected to the Google authorization page. Please, use same name as above to login before accept.', 'pe2')); $option = get_user_meta($user_id, 'pe2_save_state', true); $this->make_settings_row(__('Save last state', 'pe2'), '<label><input type="checkbox" name="pe2_save_state" value="1" ' . checked($option, '1', false) . ' /> ' . __('Save last state in dialog', 'pe2') . '</label> ', __('Save user when changes, album if you insert images or albums list if you shorcode for album', 'pe2')); ?> </table> <?php }
/** * Send a HTTP request to a URI. * * The body and headers are part of the arguments. The 'body' argument is * for the body and will accept either a string or an array. The 'headers' * argument should be an array, but a string is acceptable. If the 'body' * argument is an array, then it will automatically be escaped using * http_build_query(). * * The only URI that are supported in the HTTP Transport implementation are * the HTTP and HTTPS protocols. HTTP and HTTPS are assumed so the server * might not know how to handle the send headers. Other protocols are * unsupported and most likely will fail. * * The defaults are 'method', 'timeout', 'redirection', 'httpversion', * 'blocking' and 'user-agent'. * * Accepted 'method' values are 'GET', 'POST', and 'HEAD', some transports * technically allow others, but should not be assumed. The 'timeout' is * used to sent how long the connection should stay open before failing when * no response. 'redirection' is used to track how many redirects were taken * and used to sent the amount for other transports, but not all transports * accept setting that value. * * The 'httpversion' option is used to sent the HTTP version and accepted * values are '1.0', and '1.1' and should be a string. Version 1.1 is not * supported, because of chunk response. The 'user-agent' option is the * user-agent and is used to replace the default user-agent, which is * 'WordPress/WP_Version', where WP_Version is the value from $wp_version. * * 'blocking' is the default, which is used to tell the transport, whether * it should halt PHP while it performs the request or continue regardless. * Actually, that isn't entirely correct. Blocking mode really just means * whether the fread should just pull what it can whenever it gets bytes or * if it should wait until it has enough in the buffer to read or finishes * reading the entire content. It doesn't actually always mean that PHP will * continue going after making the request. * * @access public * @since 2.7 * * @param string $url URI resource. * @param str|array $args Optional. Override the defaults. * @return boolean */ function request( $url, $args = array() ) { global $wp_version; $defaults = array( 'method' => 'GET', 'timeout' => apply_filters( 'http_request_timeout', 5), 'redirection' => apply_filters( 'http_request_redirection_count', 5), 'httpversion' => apply_filters( 'http_request_version', '1.0'), 'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version ), 'blocking' => true, 'headers' => array(), 'body' => null ); $r = wp_parse_args( $args, $defaults ); $r = apply_filters( 'http_request_args', $r ); if ( is_null( $r['headers'] ) ) $r['headers'] = array(); if ( ! is_array($r['headers']) ) { $processedHeaders = WP_Http::processHeaders($r['headers']); $r['headers'] = $processedHeaders['headers']; } if ( isset($r['headers']['User-Agent']) ) { $r['user-agent'] = $r['headers']['User-Agent']; unset($r['headers']['User-Agent']); } if ( isset($r['headers']['user-agent']) ) { $r['user-agent'] = $r['headers']['user-agent']; unset($r['headers']['user-agent']); } if ( is_null($r['body']) ) { $transports = WP_Http::_getTransport($r); } else { if ( is_array( $r['body'] ) || is_object( $r['body'] ) ) { $r['body'] = http_build_query($r['body'], null, '&'); $r['headers']['Content-Type'] = 'application/x-www-form-urlencoded; charset=' . get_option('blog_charset'); $r['headers']['Content-Length'] = strlen($r['body']); } if ( ! isset( $r['headers']['Content-Length'] ) && ! isset( $r['headers']['content-length'] ) ) $r['headers']['Content-Length'] = strlen($r['body']); $transports = WP_Http::_postTransport($r); } $response = array( 'headers' => array(), 'body' => '', 'response' => array('code', 'message') ); foreach( (array) $transports as $transport ) { $response = $transport->request($url, $r); if( !is_wp_error($response) ) return $response; } return $response; }