Changeset 1172

trunk/wp-admin/admin.php

r1164	r1172
1	1	<?php
	2	define('WP_ADMIN', TRUE);
	3
2	4	if ( defined('ABSPATH') )
3	5	require_once( ABSPATH . 'wp-config.php');
…	…
65	67
66	68	if (! isset($_GET['noheader']))
67		require_once(ABSPATH . '/wp-admin/admin-header.php');
	69	require_once(ABSPATH . 'wp-admin/admin-header.php');
68	70
69	71	if ( file_exists(ABSPATH . MUPLUGINDIR . "/$plugin_page") )

trunk/wp-admin/includes/file.php

r1133	r1172
44	44
45	45	function validate_file( $file, $allowed_files = '' ) {
	46	if ( false !== strpos( $file, '..' ))
	47	return 1;
	48
46	49	if ( false !== strpos( $file, './' ))
47	50	return 1;

trunk/wp-admin/js/cat.js

r1139	r1172
10	10	$('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
11	11	}
12

trunk/wp-admin/js/link-cat.js

r1139	r1172
9	9	$('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); };
10	10	}
11

trunk/wp-admin/setup-config.php

r1139	r1172
5	5	require_once('../wp-includes/compat.php');
6	6	require_once('../wp-includes/functions.php');
	7	require_once('../wp-includes/classes.php');
7	8
8	9	if (!file_exists('../wp-config-sample.php'))
…	…
163	164	// We'll fail here if the values are no good.
164	165	require_once('../wp-includes/wp-db.php');
	166	if ( !empty($wpdb->error) )
	167	wp_die($wpdb->error->get_error_message());
	168
165	169	$handle = fopen('../wp-config.php', 'w');
166	170

trunk/wp-app.php

r1139	r1172
160	160	function get_service() {
161	161	log_app('function','get_service()');
	162
	163	if( !current_user_can( 'edit_posts' ) )
	164	$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
	165
162	166	$entries_url = attribute_escape($this->get_entries_url());
163	167	$categories_url = attribute_escape($this->get_categories_url());
…	…
189	193
190	194	function get_categories_xml() {
191
192	195	log_app('function','get_categories_xml()');
	196
	197	if( !current_user_can( 'edit_posts' ) )
	198	$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
	199
193	200	$home = attribute_escape(get_bloginfo_rss('home'));
194	201
…	…
283	290
284	291	function get_post($postID) {
285
286	292	global $entry;
	293
	294	if( !current_user_can( 'edit_post', $postID ) )
	295	$this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
	296
287	297	$this->set_current_entry($postID);
288	298	$output = $this->get_entry($postID);
…	…
373	383
374	384	function get_attachment($postID = NULL) {
375
376		global $entry;
	385	if( !current_user_can( 'upload_files' ) )
	386	$this->auth_required( __( 'Sorry, you do not have the right to file uploads on this blog.' ) );
	387
377	388	if (!isset($postID)) {
378	389	$this->get_attachments();
…	…
495	506
496	507	$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
	508	$filetype = wp_check_filetype($location);
	509
	510	if(!isset($location) \|\| 'attachment' != $entry['post_type'] \|\| empty($filetype['ext']))
	511	$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
497	512
498	513	// delete file
…	…
796	811	<author>
797	812	<name><?php the_author()?></name>
798		~~<email><?php the_author_email()?></email>~~
799	813	<?php if (get_the_author_url() && get_the_author_url() != 'http://') { ?>
800	814	<uri><?php the_author_url()?></uri>

trunk/wp-includes/formatting.php

r1125	r1172
623	623	}
624	624
	625	function _make_url_clickable_cb($matches) {
	626	$url = $matches[2];
	627	$url = clean_url($url);
	628	if ( empty($url) )
	629	return $matches[0];
	630	return $matches[1] . "<a href=\"$url\" rel=\"nofollow\">$url</a>";
	631	}
	632
	633	function _make_web_ftp_clickable_cb($matches) {
	634	$dest = $matches[2];
	635	$dest = 'http://' . $dest;
	636	$dest = clean_url($dest);
	637	if ( empty($dest) )
	638	return $matches[0];
	639
	640	return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>";
	641	}
	642
	643	function _make_email_clickable_cb($matches) {
	644	$email = $matches[2] . '@' . $matches[3];
	645	return $matches[1] . "<a href=\"mailto:$email\">$email</a>";
	646	}
	647
625	648	function make_clickable($ret) {
626	649	$ret = ' ' . $ret;
627	650	// in testing, using arrays here was found to be faster
628		$ret = preg_replace(
629		array(
630		'#([\s>])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is',
631		'#([\s>])((www\|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is',
632		'#([\s>])([a-z0-9\-_.]+)@([^,< \n\r]+)#i'),
633		array(
634		'$1<a href="$2" rel="nofollow">$2</a>',
635		'$1<a href="http://$2" rel="nofollow">$2</a>',
636		'$1<a href="mailto:$2@$3">$2@$3</a>'),$ret);
	651	$ret = preg_replace_callback('#([\s>])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
	652	$ret = preg_replace_callback('#([\s>])((www\|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
	653	$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
637	654	// this one is not in an array because we need it to run last, for cleanup of accidental links within links
638	655	$ret = preg_replace("#(<a( [^>]+?>\|>))<a [^>]+?>([^>]+?)</a></a>#i", "$1$3</a>", $ret);

trunk/wp-includes/functions.php

r1139	r1172
205	205	if ( false === $value ) {
206	206	if ( defined('WP_INSTALLING') )
207		$wpdb->hide_errors();
	207	$show = $wpdb->hide_errors();
208	208	$row = $wpdb->get_row("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1");
209	209	if ( defined('WP_INSTALLING') )
210		$wpdb->show_errors();
	210	$wpdb->show_errors($show);
211	211
212	212	if( is_object( $row) ) { // Has to be get_row instead of get_var because of funkiness with 0, false, null values
…	…
243	243	function get_alloptions() {
244	244	global $wpdb, $wp_queries;
245		$wpdb->hide_errors();
	245	$show = $wpdb->hide_errors();
246	246	if ( !$options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") ) {
247	247	$options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options");
248	248	}
249		$wpdb->show_errors();
	249	$wpdb->show_errors($show);
250	250
251	251	foreach ($options as $option) {
…	…
270	270
271	271	if ( !$alloptions ) {
272		$wpdb->hide_errors();
	272	$show = $wpdb->hide_errors();
273	273	if ( !$alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") )
274	274	$alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options");
275		$wpdb->show_errors();
	275	$wpdb->show_errors($show);
276	276	$alloptions = array();
277	277	foreach ( (array) $alloptions_db as $o )
…	…
900	900	function is_blog_installed() {
901	901	global $wpdb;
902		$wpdb->hide_errors();
	902	$show = $wpdb->hide_errors();
903	903	$installed = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'");
904		$wpdb->show_errors();
	904	$wpdb->show_errors($show);
905	905
906	906	$install_status = !empty( $installed ) ? TRUE : FALSE;
…	…
1427	1427	}
1428	1428
	1429	function dead_db() {
	1430	global $wpdb;
	1431
	1432	// Load custom DB error template, if present.
	1433	if ( file_exists( ABSPATH . 'wp-content/db-error.php' ) ) {
	1434	require_once( ABSPATH . 'wp-content/db-error.php' );
	1435	die();
	1436	}
	1437
	1438	// If installing or in the admin, provide the verbose message.
	1439	if ( defined('WP_INSTALLING') \|\| defined('WP_ADMIN') )
	1440	wp_die($wpdb->error);
	1441
	1442	// Otherwise, be terse.
	1443	status_header( 500 );
	1444	nocache_headers();
	1445	header( 'Content-Type: text/html; charset=utf-8' );
1429	1446	?>
	1447	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	1448	<html xmlns="http://www.w3.org/1999/xhtml" <?php if ( function_exists( 'language_attributes' ) ) language_attributes(); ?>>
	1449	<head>
	1450	<title>Database Error</title>
	1451	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	1452	</head>
	1453	<body>
	1454	<h1>Error establishing a database connection</h1>
	1455	</body>
	1456	</html>
	1457	<?php
	1458	die();
	1459	}
	1460
	1461	?>

trunk/wp-includes/pluggable.php

r1169	r1172
80	80	return false;
81	81
82		$wpdb->hide_errors();
	82	$show = $wpdb->hide_errors();
83	83	$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
84		$wpdb->show_errors();
	84	$wpdb->show_errors($show);
85	85
86	86	if ($metavalues) {

trunk/wp-includes/post.php

r1139	r1172
429	429
430	430	function sanitize_post($post, $context = 'display') {
	431
	432	if ( 'raw' == $context )
	433	return $post;
	434
431	435	// TODO: Use array keys instead of hard coded list
432	436	$fields = array('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_date', 'post_date_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'post_category');
…	…
1140	1144	$meta_key = '';
1141	1145	$meta_value = '';
	1146	$hierarchical = false;
1142	1147	$incpages = preg_split('/[\s,]+/',$include);
1143	1148	if ( count($incpages) ) {

trunk/wp-includes/query.php

r1139	r1172
33	33
34	34	function is_admin () {
35		~~global $wp_query;~~
36
37		return ~~($wp_query->is_admin \|\| (stripos($_SERVER['REQUEST_URI'], 'wp-admin/') !== false))~~;
	35	if ( defined('WP_ADMIN') )
	36	return WP_ADMIN;
	37	return false;
38	38	}
39	39
…	…
643	643	$this->is_preview = true;
644	644
645		if ( ~~strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false~~ )
	645	if ( is_admin() )
646	646	$this->is_admin = true;
647	647

trunk/wp-includes/taxonomy.php

r1139	r1172
664	664	*/
665	665	function sanitize_term($term, $taxonomy, $context = 'display') {
	666
	667	if ( 'raw' == $context )
	668	return $term;
	669
666	670	$fields = array('term_id', 'name', 'description', 'slug', 'count', 'parent', 'term_group');
667	671
…	…
934	938	} else {
935	939	// The alias isn't in a group, so let's create a new one and firstly add the alias term to it.
936		$term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1;
937		$wpdb->query( ~~$wpdb->prepare( "UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $alias->term_id )~~ );
	940	$term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1;
	941	$wpdb->query("UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id");
938	942	}
939	943	}

trunk/wp-includes/version.php

r1139	r1172
3	3	// This holds the version number in a separate file so we can bump it without cluttering the SVN
4	4
5		$wp_version = '2.3.1';
6		$wpmu_version = '1.3';
	5	$wp_version = '2.3.2';
	6	$wpmu_version = '1.3.1';
7	7	$wp_db_version = 6124;
8	8

trunk/wp-includes/wp-db.php

r1139	r1172
16	16	class wpdb {
17	17
18		var $show_errors = ~~tru~~e;
	18	var $show_errors = false;
19	19	var $num_queries = 0;
20	20	var $last_query;
21	21	var $col_info;
22	22	var $queries;
	23	var $ready = false;
23	24
24	25	// Our tables
…	…
59	60	register_shutdown_function(array(&$this, "__destruct"));
60	61
	62	if ( defined('WP_DEBUG') and WP_DEBUG == true )
	63	$this->show_errors();
	64
61	65	$this->charset = 'utf8';
62	66	$this->collete = 'utf8';
…	…
80	84	<p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>
81	85	");
82		}
	86	return;
	87	}
	88
	89	$this->ready = true;
83	90
84	91	if ( !empty($this->charset) && version_compare(mysql_get_server_info(), '4.1.0', '>=') )
…	…
98	105	function select($db, &$dbh) {
99	106	if (!@mysql_select_db($db, $dbh)) {
	107	$this->ready = false;
100	108	$this->bail("
101	109	<h1>Can’t select database</h1>
…	…
106	114	</ul>
107	115	<p>If you don't know how to setup a database you should <strong>contact your host</strong>. If all else fails you may find help at the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>");
	116	return;
108	117	}
109	118	}
…	…
175	184	// Turn error handling on or off..
176	185
177		function show_errors() {
178		$this->show_errors = true;
	186	function show_errors( $show = true ) {
	187	$errors = $this->show_errors;
	188	$this->show_errors = $show;
	189	return $errors;
179	190	}
180	191
181	192	function hide_errors() {
	193	$show = $this->show_errors;
182	194	$this->show_errors = false;
	195	return $show;
183	196	}
184	197
…	…
232	245
233	246	function query($query) {
	247	if ( ! $this->ready )
	248	return false;
	249
234	250	// filter the query, if filters are available
235	251	// NOTE: some queries are made before the plugins have been loaded, and thus cannot be filtered with this method
…	…
471	487	*/
472	488	function bail($message) { // Just wraps errors in a nice header and footer
473		if ( !$this->show_errors )
	489	if ( !$this->show_errors ) {
	490	if ( class_exists('WP_Error') )
	491	$this->error = new WP_Error('500', $message);
	492	else
	493	$this->error = $message;
474	494	return false;
	495	}
475	496	wp_die($message);
476	497	}

trunk/wp-mail.php

r1125	r1172
13	13
14	14	if (!$pop3->connect(get_option('mailserver_url'), get_option('mailserver_port')))
15		wp_die(~~$pop3->ERROR~~);
	15	wp_die(wp_specialchars($pop3->ERROR));
16	16
17	17	$count = $pop3->login(get_option('mailserver_login'), get_option('mailserver_pass'));
…	…
130	130	$content[1] ? $content = $content[1] : $content = $content[0];
131	131
132		~~echo "<p><b>Content-type:</b> $content_type, <b>Content-Transfer-Encoding:</b> $content_transfer_encoding, <b>boundary:</b> $boundary</p>\n";~~
133		~~echo "<p><b>Raw content:</b><br /><pre>".$content.'</pre></p>';~~
134
135	132	$content = trim($content);
136	133
…	…
162	159	do_action('publish_phone', $post_ID);
163	160
164		echo "\n<p><b>Author:</b> $post_author</p>";
165		echo "\n<p><b>Posted title:</b> $post_title<br />";
166		echo "\n<b>Posted content:</b><br /><pre>".$content.'</pre></p>';
	161	echo "\n<p><b>Author:</b> " . wp_specialchars($post_author) . "</p>";
	162	echo "\n<p><b>Posted title:</b> " . wp_specialchars($post_title) . "<br />";
167	163
168	164	if(!$pop3->delete($i)) {
169		echo '<p>Oops '.~~$pop3->ERROR~~.'</p></div>';
	165	echo '<p>Oops '.wp_specialchars($pop3->ERROR).'</p></div>';
170	166	$pop3->reset();
171	167	exit;

trunk/wp-settings.php

r1143	r1172
131	131	require_once (ABSPATH . WPINC . '/wp-db.php');
132	132
	133	if ( !empty($wpdb->error) )
	134	dead_db();
	135
133	136	// $table_prefix is deprecated as of 2.1
134	137	$wpdb->prefix = $wpdb->base_prefix = $table_prefix;
…	…
138	141
139	142	// Table names
	143	$wpdb->usermeta = $wpdb->prefix . 'usermeta';
140	144	$wpdb->blogs = $wpdb->prefix . 'blogs';
141	145	$wpdb->site = $wpdb->prefix . 'site';
…	…
146	150	$wpdb->blog_versions = $wpdb->prefix . 'blog_versions';
147	151	$wpdb->users = $wpdb->prefix . 'users';
148		~~$wpdb->usermeta = $wpdb->prefix . 'usermeta';~~
149	152
150	153	if( defined( 'SUNRISE' ) )
…	…
172	175	if ( defined('CUSTOM_USER_META_TABLE') )
173	176	$wpdb->usermeta = CUSTOM_USER_META_TABLE;
174
175		~~// To be removed in 2.2~~
176		~~$tableposts = $tableusers = $tablecategories = $tablepost2cat = $tablecomments = $tablelink2cat = $tablelinks = $tablelinkcategories = $tableoptions = $tablepostmeta = '';~~
177	177
178	178	if ( file_exists(ABSPATH . 'wp-content/object-cache.php') )

trunk/xmlrpc.php

r1139	r1172
187	187	return($this->error);
188	188	}
	189
	190	set_current_user( 0, $username );
	191	if( !current_user_can( 'edit_page', $page_id ) )
	192	return new IXR_Error( 401, __( 'Sorry, you can not edit this page.' ) );
	193
	194	do_action('xmlrpc_call', 'wp.getPage');
189	195
190	196	// Lookup page info.
…	…
269	275	}
270	276
	277	set_current_user( 0, $username );
	278	if( !current_user_can( 'edit_pages' ) )
	279	return new IXR_Error( 401, __( 'Sorry, you can not edit pages.' ) );
	280
	281	do_action('xmlrpc_call', 'wp.getPages');
	282
271	283	// Lookup info on pages.
272	284	$pages = get_pages();
…	…
427	439	}
428	440
	441	set_current_user( 0, $username );
	442	if( !current_user_can( 'edit_pages' ) )
	443	return new IXR_Error( 401, __( 'Sorry, you can not edit pages.' ) );
	444
	445	do_action('xmlrpc_call', 'wp.getPageList');
	446
429	447	// Get list of pages ids and titles
430	448	$page_list = $wpdb->get_results("
…	…
460	478	*/
461	479	function wp_getAuthors($args) {
462		~~global $wpdb;~~
463	480
464	481	$this->escape($args);
…	…
472	489	}
473	490
474		return(get_users_of_blog());
	491	set_current_user(0, $username);
	492	if(!current_user_can("edit_posts")) {
	493	return(new IXR_Error(401, __("Sorry, you can not edit posts on this blog.")));
	494	}
	495
	496	do_action('xmlrpc_call', 'wp.getAuthors');
	497
	498	$authors = array();
	499	foreach( (array) get_users_of_blog() as $row ) {
	500	$authors[] = array(
	501	"user_id" => $row->user_id,
	502	"user_login" => $row->user_login,
	503	"display_name" => $row->display_name
	504	);
	505	}
	506
	507	return($authors);
475	508	}
476	509
…	…
494	527	// allowed to add a category.
495	528	set_current_user(0, $username);
496		if(!current_user_can("manage_categories"~~, $page_id~~)) {
	529	if(!current_user_can("manage_categories")) {
497	530	return(new IXR_Error(401, __("Sorry, you do not have the right to add a category.")));
498	531	}
…	…
548	581	}
549	582
	583	set_current_user(0, $username);
	584	if( !current_user_can( 'edit_posts' ) )
	585	return new IXR_Error( 401, __( 'Sorry, you must be able to publish to this blog in order to view categories.' ) );
	586
	587	do_action('xmlrpc_call', 'wp.suggestCategories');
	588
550	589	$args = array('get' => 'all', 'number' => $max_results, 'name__like' => $category);
551	590	$category_suggestions = get_categories($args);
…	…
611	650	}
612	651
	652	set_current_user( 0, $user_login );
	653	if( !current_user_can( 'edit_posts' ) )
	654	return new IXR_Error( 401, __( 'Sorry, you do not have access to user data on this blog.' ) );
	655
	656	do_action('xmlrpc_call', 'blogger.getUserInfo');
	657
613	658	$user_data = get_userdatabylogin($user_login);
614	659
…	…
617	662	'userid' => $user_data->ID,
618	663	'url' => $user_data->user_url,
619		~~'email' => $user_data->user_email,~~
620	664	'lastname' => $user_data->last_name,
621	665	'firstname' => $user_data->first_name
…	…
639	683	}
640	684
641		$user_data = get_userdatabylogin($user_login);
	685	set_current_user( 0, $user_login );
	686	if( !current_user_can( 'edit_post', $post_ID ) )
	687	return new IXR_Error( 401, __( 'Sorry, you can not edit this post.' ) );
	688
	689	do_action('xmlrpc_call', 'blogger.getPost');
	690
642	691	$post_data = wp_get_single_post($post_ID, ARRAY_A);
643	692
…	…
677	726	$posts_list = wp_get_recent_posts($num_posts);
678	727
	728	set_current_user( 0, $user_login );
	729
679	730	if (!$posts_list) {
680	731	$this->error = new IXR_Error(500, __('Either there are no posts, or something went wrong.'));
…	…
683	734
684	735	foreach ($posts_list as $entry) {
	736	if( !current_user_can( 'edit_post', $entry['ID'] ) )
	737	continue;
685	738
686	739	$post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']);
…	…
1342	1395	function mw_getPost($args) {
1343	1396
1344		global $wpdb;
1345
1346		$this->escape($args);
1347
1348		$post_ID = (int) $args[0];
1349		$user_login = $args[1];
1350		$user_pass = $args[2];
1351
1352		if (!$this->login_pass_ok($user_login, $user_pass)) {
1353		return $this->error;
1354		}
1355
1356		$postdata = wp_get_single_post($post_ID, ARRAY_A);
1357
1358		if ($postdata['post_date'] != '') {
1359
1360		$post_date = mysql2date('Ymd\TH:i:s', $postdata['post_date']);
1361		$post_date_gmt = mysql2date('Ymd\TH:i:s', $postdata['post_date_gmt']);
1362
1363		$categories = array();
1364		$catids = wp_get_post_categories($post_ID);
1365		foreach($catids as $catid) {
1366		$categories[] = get_cat_name($catid);
1367		}
1368
1369		$tagnames = array();
1370		$tags = wp_get_post_tags( $post_ID );
1371		if ( !empty( $tags ) ) {
1372		foreach ( $tags as $tag ) {
1373		$tagnames[] = $tag->name;
1374		}
1375		$tagnames = implode( ', ', $tagnames );
	1397	global $wpdb;
	1398
	1399	$this->escape($args);
	1400
	1401	$post_ID = (int) $args[0];
	1402	$user_login = $args[1];
	1403	$user_pass = $args[2];
	1404
	1405	if (!$this->login_pass_ok($user_login, $user_pass)) {
	1406	return $this->error;
	1407	}
	1408
	1409	set_current_user( 0, $user_login );
	1410	if( !current_user_can( 'edit_post', $post_ID ) )
	1411	return new IXR_Error( 401, __( 'Sorry, you can not edit this post.' ) );
	1412
	1413	do_action('xmlrpc_call', 'metaWeblog.getPost');
	1414
	1415	$postdata = wp_get_single_post($post_ID, ARRAY_A);
	1416
	1417	if ($postdata['post_date'] != '') {
	1418	$post_date = mysql2date('Ymd\TH:i:s', $postdata['post_date']);
	1419	$post_date_gmt = mysql2date('Ymd\TH:i:s', $postdata['post_date_gmt']);
	1420
	1421	$categories = array();
	1422	$catids = wp_get_post_categories($post_ID);
	1423	foreach($catids as $catid) {
	1424	$categories[] = get_cat_name($catid);
	1425	}
	1426
	1427	$tagnames = array();
	1428	$tags = wp_get_post_tags( $post_ID );
	1429	if ( !empty( $tags ) ) {
	1430	foreach ( $tags as $tag ) {
	1431	$tagnames[] = $tag->name;
	1432	}
	1433	$tagnames = implode( ', ', $tagnames );
	1434	} else {
	1435	$tagnames = '';
	1436	}
	1437
	1438	$post = get_extended($postdata['post_content']);
	1439	$link = post_permalink($postdata['ID']);
	1440
	1441	// Get the author info.
	1442	$author = get_userdata($postdata['post_author']);
	1443
	1444	$allow_comments = ('open' == $postdata['comment_status']) ? 1 : 0;
	1445	$allow_pings = ('open' == $postdata['ping_status']) ? 1 : 0;
	1446
	1447	$resp = array(
	1448	'dateCreated' => new IXR_Date($post_date),
	1449	'userid' => $postdata['post_author'],
	1450	'postid' => $postdata['ID'],
	1451	'description' => $post['main'],
	1452	'title' => $postdata['post_title'],
	1453	'link' => $link,
	1454	'permaLink' => $link,
	1455	// commented out because no other tool seems to use this
	1456	// 'content' => $entry['post_content'],
	1457	'categories' => $categories,
	1458	'mt_excerpt' => $postdata['post_excerpt'],
	1459	'mt_text_more' => $post['extended'],
	1460	'mt_allow_comments' => $allow_comments,
	1461	'mt_allow_pings' => $allow_pings,
	1462	'mt_keywords' => $tagnames,
	1463	'wp_slug' => $postdata['post_name'],
	1464	'wp_password' => $postdata['post_password'],
	1465	'wp_author_id' => $author->ID,
	1466	'wp_author_display_name' => $author->display_name,
	1467	'date_created_gmt' => new IXR_Date($post_date_gmt)
	1468	);
	1469
	1470	return $resp;
1376	1471	} else {
1377		$tagnames = '';
1378		}
1379
1380		$post = get_extended($postdata['post_content']);
1381		$link = post_permalink($postdata['ID']);
1382
1383		// Get the author info.
1384		$author = get_userdata($postdata['post_author']);
1385
1386		$allow_comments = ('open' == $postdata['comment_status']) ? 1 : 0;
1387		$allow_pings = ('open' == $postdata['ping_status']) ? 1 : 0;
1388
1389		$resp = array(
1390		'dateCreated' => new IXR_Date($post_date),
1391		'userid' => $postdata['post_author'],
1392		'postid' => $postdata['ID'],
1393		'description' => $post['main'],
1394		'title' => $postdata['post_title'],
1395		'link' => $link,
1396		'permaLink' => $link,
1397		// commented out because no other tool seems to use this
1398		// 'content' => $entry['post_content'],
1399		'categories' => $categories,
1400		'mt_excerpt' => $postdata['post_excerpt'],
1401		'mt_text_more' => $post['extended'],
1402		'mt_allow_comments' => $allow_comments,
1403		'mt_allow_pings' => $allow_pings,
1404		'mt_keywords' => $tagnames,
1405		'wp_slug' => $postdata['post_name'],
1406		'wp_password' => $postdata['post_password'],
1407		'wp_author_id' => $author->ID,
1408		'wp_author_display_name' => $author->display_name,
1409		'date_created_gmt' => new IXR_Date($post_date_gmt)
1410		);
1411
1412		return $resp;
1413		} else {
1414		return new IXR_Error(404, __('Sorry, no such post.'));
1415		}
	1472	return new IXR_Error(404, __('Sorry, no such post.'));
	1473	}
1416	1474	}
1417	1475
…	…
1438	1496	}
1439	1497
	1498	set_current_user( 0, $user_login );
	1499
1440	1500	foreach ($posts_list as $entry) {
	1501	if( !current_user_can( 'edit_post', $entry['ID'] ) )
	1502	continue;
1441	1503
1442	1504	$post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']);
…	…
1518	1580	}
1519	1581
	1582	set_current_user( 0, $user_login );
	1583	if( !current_user_can( 'edit_posts' ) )
	1584	return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this blog in order to view categories.' ) );
	1585
	1586	do_action('xmlrpc_call', 'metaWeblog.getCategories');
	1587
1520	1588	$categories_struct = array();
1521	1589
…	…
1637	1705	}
1638	1706
	1707	set_current_user( 0, $user_login );
	1708
1639	1709	foreach ($posts_list as $entry) {
	1710	if( !current_user_can( 'edit_post', $entry['ID'] ) )
	1711	continue;
1640	1712
1641	1713	$post_date = mysql2date('Ymd\TH:i:s', $entry['post_date']);
…	…
1676	1748	}
1677	1749
	1750	set_current_user( 0, $user_login );
	1751	if( !current_user_can( 'edit_posts' ) )
	1752	return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this blog in order to view categories.' ) );
	1753
	1754	do_action('xmlrpc_call', 'mt.getCategoryList');
	1755
1678	1756	$categories_struct = array();
1679	1757
1680		~~// FIXME: can we avoid using direct SQL there?~~
1681	1758	if ( $cats = get_categories('hide_empty=0&hierarchical=0') ) {
1682	1759	foreach ($cats as $cat) {
…	…
1704	1781	return $this->error;
1705	1782	}
	1783
	1784	set_current_user( 0, $user_login );
	1785	if( !current_user_can( 'edit_post', $post_ID ) )
	1786	return new IXR_Error( 401, __( 'Sorry, you can not edit this post.' ) );
	1787
	1788	do_action('xmlrpc_call', 'mt.getPostCategories');
1706	1789
1707	1790	$categories = array();

Navigation

Legend:

trunk/wp-admin/admin.php

trunk/wp-admin/includes/file.php

trunk/wp-admin/js/cat.js

trunk/wp-admin/js/link-cat.js

trunk/wp-admin/setup-config.php

trunk/wp-app.php

trunk/wp-includes/formatting.php

trunk/wp-includes/functions.php

trunk/wp-includes/pluggable.php

trunk/wp-includes/post.php

trunk/wp-includes/query.php

trunk/wp-includes/taxonomy.php

trunk/wp-includes/version.php

trunk/wp-includes/wp-db.php

trunk/wp-mail.php

trunk/wp-settings.php

trunk/xmlrpc.php

Download in other formats: