示例#1
0
 /**
  * Attempts to parse data sent to the Salmon endpoint and post it as a
  * comment for the current blog.
  */
 public static function parse_salmon_post()
 {
     // Allow cross domain JavaScript requests, from salmon-playground.
     if (strtoupper($_SERVER['REQUEST_METHOD']) == "OPTIONS" && strtoupper($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']) == "POST") {
         // See https://developer.mozilla.org/En/HTTP_access_control
         header('HTTP/1.1 200 OK');
         header('Access-Control-Allow-Origin: * ');
         die;
     }
     //TODO(kurrik): Check that this always works, even if always_populate_raw_post_data is Off
     $request_body = @file_get_contents('php://input');
     $array = MagicSig::parse($request_body);
     $entry = SalmonEntry::from_atom($array['data']);
     // Validate the request if the option is set.
     if (get_option('salmonpress_validate')) {
         if ($entry->validate() === false) {
             header('HTTP/1.1 403 Forbidden');
             print "The posted Salmon entry's signature did not validate.";
             die;
         }
     }
     $commentdata = $entry->to_commentdata();
     if ($commentdata === false) {
         header('HTTP/1.1 400 Bad Request');
         print "The posted Salmon entry was malformed.";
     } else {
         if (!isset($commentdata['user_id'])) {
             if (get_option('comment_registration')) {
                 header('HTTP/1.1 403 Forbidden');
                 print "The blog settings only allow registered users to post comments.";
                 die;
             }
         } else {
             wp_new_comment($commentdata);
             header('HTTP/1.1 201 Created');
             print "The Salmon entry was posted.";
         }
     }
     die;
 }
示例#2
0
 function parse($text)
 {
     $dom = DOMDocument::loadXML($text);
     return MagicSig::from_dom($dom);
 }