/** * Generate a URL to an endpoint * * Used to construct meta links in API responses * * @param mixed $args Optional arguments to be appended to URL * @return string Endpoint URL **/ function get_link() { $args = func_get_args(); $format = array_shift($args); $base = WPCOM_JSON_API__BASE; $path = array_pop($args); if ($path) { $path = '/' . ltrim($path, '/'); } $args[] = $path; // Escape any % in args before using sprintf $escaped_args = array(); foreach ($args as $arg_key => $arg_value) { $escaped_args[$arg_key] = str_replace('%', '%%', $arg_value); } $relative_path = vsprintf("{$format}%s", $escaped_args); if (!wp_startswith($relative_path, '.')) { // Generic version. Match the requested version as best we can $api_version = $this->get_closest_version_of_endpoint($format, $relative_path); $base = substr($base, 0, -1) . $api_version; } // escape any % in the relative path before running it through sprintf again $relative_path = str_replace('%', '%%', $relative_path); // http, WPCOM_JSON_API__BASE, ... , path // %s , %s , $format, %s return esc_url_raw(sprintf("https://%s{$relative_path}", $base)); }
function callback($path = '', $blog_id = 0) { $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } if (!current_user_can('edit_posts')) { return new WP_Error('unauthorized', 'Your token must have permission to post on this blog.', 403); } $args = $this->query_args(); $shortcode = trim($args['shortcode']); // Quick validation - shortcodes should always be enclosed in brackets [] if (!wp_startswith($shortcode, '[') || !wp_endswith($shortcode, ']')) { return new WP_Error('invalid_shortcode', 'The shortcode parameter must begin and end with square brackets.', 400); } // Make sure only one shortcode is being rendered at a time $pattern = get_shortcode_regex(); preg_match_all("/{$pattern}/s", $shortcode, $matches); if (count($matches[0]) > 1) { return new WP_Error('invalid_shortcode', 'Only one shortcode can be rendered at a time.', 400); } $render = $this->process_render(array($this, 'do_shortcode'), $shortcode); // if nothing happened, then the shortcode does not exist. if ($shortcode == $render['result']) { return new WP_Error('invalid_shortcode', 'The requested shortcode does not exist.', 400); } // our output for this endpoint.. $return['shortcode'] = $shortcode; $return['result'] = $render['result']; $return = $this->add_assets($return, $render['loaded_scripts'], $render['loaded_styles']); return $return; }
/** * Should we allow the meta key to be synced? * * @param string $meta_key The meta key. * * @return bool */ function is_meta_key_allowed($meta_key) { if ('_' === $meta_key[0] && !in_array($meta_key, Jetpack_Sync_Defaults::$default_whitelist_meta_keys) && !wp_startswith($meta_key, '_wpas_skip_')) { return false; } if (in_array($meta_key, Jetpack_Sync_Settings::get_setting('meta_blacklist'))) { return false; } return true; }
public static function imagecreatefromurl($image_url) { $data = null; // If it's a URL: if (preg_match('#^https?://#i', $image_url)) { // If it's a url pointing to a local media library url: $content_url = content_url(); $_image_url = set_url_scheme($image_url); if (wp_startswith($_image_url, $content_url)) { $_image_path = str_replace($content_url, ABSPATH . 'wp-content', $_image_url); if (file_exists($_image_path)) { $filetype = wp_check_filetype($_image_path); $ext = $filetype['ext']; $type = $filetype['type']; if (wp_startswith($type, 'image/')) { $data = file_get_contents($_image_path); } } } if (empty($data)) { $response = wp_remote_get($image_url); if (is_wp_error($response)) { return $response; } $data = wp_remote_retrieve_body($response); } } // If it's a local path in our WordPress install: if (file_exists($image_url)) { $filetype = wp_check_filetype($image_url); $ext = $filetype['ext']; $type = $filetype['type']; if (wp_startswith($type, 'image/')) { $data = file_get_contents($image_url); } } // Now turn it into an image and return it. return imagecreatefromstring($data); }
/** * Populate an array with all values necessary to submit a NEW contact-form feedback to Akismet. * Note that this includes the current user_ip etc, so this should only be called when accepting a new item via $_POST * * @param array $form Contact form feedback array * @return array feedback array with additional data ready for submission to Akismet */ function prepare_for_akismet($form) { $form['comment_type'] = 'contact_form'; $form['user_ip'] = $_SERVER['REMOTE_ADDR']; $form['user_agent'] = $_SERVER['HTTP_USER_AGENT']; $form['referrer'] = $_SERVER['HTTP_REFERER']; $form['blog'] = get_option('home'); foreach ($_SERVER as $key => $value) { if (!is_string($value)) { continue; } if (in_array($key, array('HTTP_COOKIE', 'HTTP_COOKIE2', 'HTTP_USER_AGENT', 'HTTP_REFERER'))) { // We don't care about cookies, and the UA and Referrer were caught above. continue; } elseif (in_array($key, array('REMOTE_ADDR', 'REQUEST_URI', 'DOCUMENT_URI'))) { // All three of these are relevant indicators and should be passed along. $form[$key] = $value; } elseif (wp_startswith($key, 'HTTP_')) { // Any other HTTP header indicators. // `wp_startswith()` is a wpcom helper function and is included in Jetpack via `functions.compat.php` $form[$key] = $value; } } return $form; }
function jetpack_photon_banned_domains($skip, $image_url, $args, $scheme) { $banned_domains = array('http://chart.googleapis.com/', 'https://chart.googleapis.com/', 'http://chart.apis.google.com/'); foreach ($banned_domains as $banned_domain) { if (wp_startswith($image_url, $banned_domain)) { return true; } } return $skip; }
function is_whitelisted_post_meta($meta_key) { // _wpas_skip_ is used by publicize return in_array($meta_key, Jetpack_Sync_Settings::get_setting('post_meta_whitelist')) || wp_startswith($meta_key, '_wpas_skip_'); }
function is_whitelisted_post_meta($meta_key) { // _wpas_skip_ is used by publicize return in_array($meta_key, $this->get_post_meta_whitelist()) || wp_startswith($meta_key, '_wpas_skip_'); }