Projects : mp-wp : mp-wp_genesis
| 1 | <?php |
| 2 | /** |
| 3 | * Atom Publishing Protocol support for WordPress |
| 4 | * |
| 5 | * @author Original by Elias Torres <http://torrez.us/archives/2006/08/31/491/> |
| 6 | * @author Modified by Dougal Campbell <http://dougal.gunters.org/> |
| 7 | * @version 1.0.5-dc |
| 8 | */ |
| 9 | |
| 10 | /** |
| 11 | * WordPress is handling an Atom Publishing Protocol request. |
| 12 | * |
| 13 | * @var bool |
| 14 | */ |
| 15 | define('APP_REQUEST', true); |
| 16 | |
| 17 | /** Set up WordPress environment */ |
| 18 | require_once('./wp-load.php'); |
| 19 | |
| 20 | /** Post Template API */ |
| 21 | require_once(ABSPATH . WPINC . '/post-template.php'); |
| 22 | |
| 23 | /** Atom Publishing Protocol Class */ |
| 24 | require_once(ABSPATH . WPINC . '/atomlib.php'); |
| 25 | |
| 26 | /** Feed Handling API */ |
| 27 | require_once(ABSPATH . WPINC . '/feed.php'); |
| 28 | |
| 29 | $_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] ); |
| 30 | |
| 31 | /** |
| 32 | * Whether to enable Atom Publishing Protocol Logging. |
| 33 | * |
| 34 | * @name app_logging |
| 35 | * @var int|bool |
| 36 | */ |
| 37 | $app_logging = 0; |
| 38 | |
| 39 | /** |
| 40 | * Whether to always authenticate user. Permanently set to true. |
| 41 | * |
| 42 | * @name always_authenticate |
| 43 | * @var int|bool |
| 44 | * @todo Should be an option somewhere |
| 45 | */ |
| 46 | $always_authenticate = 1; |
| 47 | |
| 48 | /** |
| 49 | * Writes logging info to a file. |
| 50 | * |
| 51 | * @since 2.2.0 |
| 52 | * @uses $app_logging |
| 53 | * @package WordPress |
| 54 | * @subpackage Logging |
| 55 | * |
| 56 | * @param string $label Type of logging |
| 57 | * @param string $msg Information describing logging reason. |
| 58 | */ |
| 59 | function log_app($label,$msg) { |
| 60 | global $app_logging; |
| 61 | if ($app_logging) { |
| 62 | $fp = fopen( 'wp-app.log', 'a+'); |
| 63 | $date = gmdate( 'Y-m-d H:i:s' ); |
| 64 | fwrite($fp, "\n\n$date - $label\n$msg\n"); |
| 65 | fclose($fp); |
| 66 | } |
| 67 | } |
| 68 | |
| 69 | if ( !function_exists('wp_set_current_user') ) : |
| 70 | /** |
| 71 | * @ignore |
| 72 | */ |
| 73 | function wp_set_current_user($id, $name = '') { |
| 74 | global $current_user; |
| 75 | |
| 76 | if ( isset($current_user) && ($id == $current_user->ID) ) |
| 77 | return $current_user; |
| 78 | |
| 79 | $current_user = new WP_User($id, $name); |
| 80 | |
| 81 | return $current_user; |
| 82 | } |
| 83 | endif; |
| 84 | |
| 85 | /** |
| 86 | * Filter to add more post statuses. |
| 87 | * |
| 88 | * @since 2.2.0 |
| 89 | * |
| 90 | * @param string $where SQL statement to filter. |
| 91 | * @return string Filtered SQL statement with added post_status for where clause. |
| 92 | */ |
| 93 | function wa_posts_where_include_drafts_filter($where) { |
| 94 | $where = str_replace("post_status = 'publish'","post_status = 'publish' OR post_status = 'future' OR post_status = 'draft' OR post_status = 'inherit'", $where); |
| 95 | return $where; |
| 96 | |
| 97 | } |
| 98 | add_filter('posts_where', 'wa_posts_where_include_drafts_filter'); |
| 99 | |
| 100 | /** |
| 101 | * WordPress AtomPub API implementation. |
| 102 | * |
| 103 | * @package WordPress |
| 104 | * @subpackage Publishing |
| 105 | * @since 2.2.0 |
| 106 | */ |
| 107 | class AtomServer { |
| 108 | |
| 109 | /** |
| 110 | * ATOM content type. |
| 111 | * |
| 112 | * @since 2.2.0 |
| 113 | * @var string |
| 114 | */ |
| 115 | var $ATOM_CONTENT_TYPE = 'application/atom+xml'; |
| 116 | |
| 117 | /** |
| 118 | * Categories ATOM content type. |
| 119 | * |
| 120 | * @since 2.2.0 |
| 121 | * @var string |
| 122 | */ |
| 123 | var $CATEGORIES_CONTENT_TYPE = 'application/atomcat+xml'; |
| 124 | |
| 125 | /** |
| 126 | * Service ATOM content type. |
| 127 | * |
| 128 | * @since 2.3.0 |
| 129 | * @var string |
| 130 | */ |
| 131 | var $SERVICE_CONTENT_TYPE = 'application/atomsvc+xml'; |
| 132 | |
| 133 | /** |
| 134 | * ATOM XML namespace. |
| 135 | * |
| 136 | * @since 2.3.0 |
| 137 | * @var string |
| 138 | */ |
| 139 | var $ATOM_NS = 'http://www.w3.org/2005/Atom'; |
| 140 | |
| 141 | /** |
| 142 | * ATOMPUB XML namespace. |
| 143 | * |
| 144 | * @since 2.3.0 |
| 145 | * @var string |
| 146 | */ |
| 147 | var $ATOMPUB_NS = 'http://www.w3.org/2007/app'; |
| 148 | |
| 149 | /** |
| 150 | * Entries path. |
| 151 | * |
| 152 | * @since 2.2.0 |
| 153 | * @var string |
| 154 | */ |
| 155 | var $ENTRIES_PATH = "posts"; |
| 156 | |
| 157 | /** |
| 158 | * Categories path. |
| 159 | * |
| 160 | * @since 2.2.0 |
| 161 | * @var string |
| 162 | */ |
| 163 | var $CATEGORIES_PATH = "categories"; |
| 164 | |
| 165 | /** |
| 166 | * Media path. |
| 167 | * |
| 168 | * @since 2.2.0 |
| 169 | * @var string |
| 170 | */ |
| 171 | var $MEDIA_PATH = "attachments"; |
| 172 | |
| 173 | /** |
| 174 | * Entry path. |
| 175 | * |
| 176 | * @since 2.2.0 |
| 177 | * @var string |
| 178 | */ |
| 179 | var $ENTRY_PATH = "post"; |
| 180 | |
| 181 | /** |
| 182 | * Service path. |
| 183 | * |
| 184 | * @since 2.2.0 |
| 185 | * @var string |
| 186 | */ |
| 187 | var $SERVICE_PATH = "service"; |
| 188 | |
| 189 | /** |
| 190 | * Media single path. |
| 191 | * |
| 192 | * @since 2.2.0 |
| 193 | * @var string |
| 194 | */ |
| 195 | var $MEDIA_SINGLE_PATH = "attachment"; |
| 196 | |
| 197 | /** |
| 198 | * ATOMPUB parameters. |
| 199 | * |
| 200 | * @since 2.2.0 |
| 201 | * @var array |
| 202 | */ |
| 203 | var $params = array(); |
| 204 | |
| 205 | /** |
| 206 | * Supported ATOMPUB media types. |
| 207 | * |
| 208 | * @since 2.3.0 |
| 209 | * @var array |
| 210 | */ |
| 211 | var $media_content_types = array('image/*','audio/*','video/*'); |
| 212 | |
| 213 | /** |
| 214 | * ATOMPUB content type(s). |
| 215 | * |
| 216 | * @since 2.2.0 |
| 217 | * @var array |
| 218 | */ |
| 219 | var $atom_content_types = array('application/atom+xml'); |
| 220 | |
| 221 | /** |
| 222 | * ATOMPUB methods. |
| 223 | * |
| 224 | * @since 2.2.0 |
| 225 | * @var unknown_type |
| 226 | */ |
| 227 | var $selectors = array(); |
| 228 | |
| 229 | /** |
| 230 | * Whether to do output. |
| 231 | * |
| 232 | * Support for head. |
| 233 | * |
| 234 | * @since 2.2.0 |
| 235 | * @var bool |
| 236 | */ |
| 237 | var $do_output = true; |
| 238 | |
| 239 | /** |
| 240 | * PHP4 constructor - Sets up object properties. |
| 241 | * |
| 242 | * @since 2.2.0 |
| 243 | * @return AtomServer |
| 244 | */ |
| 245 | function AtomServer() { |
| 246 | |
| 247 | $this->script_name = array_pop(explode('/',$_SERVER['SCRIPT_NAME'])); |
| 248 | $this->app_base = get_bloginfo('url') . '/' . $this->script_name . '/'; |
| 249 | if ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) { |
| 250 | $this->app_base = preg_replace( '/^http:\/\//', 'https://', $this->app_base ); |
| 251 | } |
| 252 | |
| 253 | $this->selectors = array( |
| 254 | '@/service$@' => |
| 255 | array('GET' => 'get_service'), |
| 256 | '@/categories$@' => |
| 257 | array('GET' => 'get_categories_xml'), |
| 258 | '@/post/(\d+)$@' => |
| 259 | array('GET' => 'get_post', |
| 260 | 'PUT' => 'put_post', |
| 261 | 'DELETE' => 'delete_post'), |
| 262 | '@/posts/?(\d+)?$@' => |
| 263 | array('GET' => 'get_posts', |
| 264 | 'POST' => 'create_post'), |
| 265 | '@/attachments/?(\d+)?$@' => |
| 266 | array('GET' => 'get_attachment', |
| 267 | 'POST' => 'create_attachment'), |
| 268 | '@/attachment/file/(\d+)$@' => |
| 269 | array('GET' => 'get_file', |
| 270 | 'PUT' => 'put_file', |
| 271 | 'DELETE' => 'delete_file'), |
| 272 | '@/attachment/(\d+)$@' => |
| 273 | array('GET' => 'get_attachment', |
| 274 | 'PUT' => 'put_attachment', |
| 275 | 'DELETE' => 'delete_attachment'), |
| 276 | ); |
| 277 | } |
| 278 | |
| 279 | /** |
| 280 | * Handle ATOMPUB request. |
| 281 | * |
| 282 | * @since 2.2.0 |
| 283 | */ |
| 284 | function handle_request() { |
| 285 | global $always_authenticate; |
| 286 | |
| 287 | if( !empty( $_SERVER['ORIG_PATH_INFO'] ) ) |
| 288 | $path = $_SERVER['ORIG_PATH_INFO']; |
| 289 | else |
| 290 | $path = $_SERVER['PATH_INFO']; |
| 291 | |
| 292 | $method = $_SERVER['REQUEST_METHOD']; |
| 293 | |
| 294 | log_app('REQUEST',"$method $path\n================"); |
| 295 | |
| 296 | $this->process_conditionals(); |
| 297 | //$this->process_conditionals(); |
| 298 | |
| 299 | // exception case for HEAD (treat exactly as GET, but don't output) |
| 300 | if($method == 'HEAD') { |
| 301 | $this->do_output = false; |
| 302 | $method = 'GET'; |
| 303 | } |
| 304 | |
| 305 | // redirect to /service in case no path is found. |
| 306 | if(strlen($path) == 0 || $path == '/') { |
| 307 | $this->redirect($this->get_service_url()); |
| 308 | } |
| 309 | |
| 310 | // check to see if AtomPub is enabled |
| 311 | if( !get_option( 'enable_app' ) ) |
| 312 | $this->forbidden( sprintf( __( 'AtomPub services are disabled on this blog. An admin user can enable them at %s' ), admin_url('options-writing.php') ) ); |
| 313 | |
| 314 | // dispatch |
| 315 | foreach($this->selectors as $regex => $funcs) { |
| 316 | if(preg_match($regex, $path, $matches)) { |
| 317 | if(isset($funcs[$method])) { |
| 318 | |
| 319 | // authenticate regardless of the operation and set the current |
| 320 | // user. each handler will decide if auth is required or not. |
| 321 | if(!$this->authenticate()) { |
| 322 | if ($always_authenticate) { |
| 323 | $this->auth_required('Credentials required.'); |
| 324 | } |
| 325 | } |
| 326 | |
| 327 | array_shift($matches); |
| 328 | call_user_func_array(array(&$this,$funcs[$method]), $matches); |
| 329 | exit(); |
| 330 | } else { |
| 331 | // only allow what we have handlers for... |
| 332 | $this->not_allowed(array_keys($funcs)); |
| 333 | } |
| 334 | } |
| 335 | } |
| 336 | |
| 337 | // oops, nothing found |
| 338 | $this->not_found(); |
| 339 | } |
| 340 | |
| 341 | /** |
| 342 | * Retrieve XML for ATOMPUB service. |
| 343 | * |
| 344 | * @since 2.2.0 |
| 345 | */ |
| 346 | function get_service() { |
| 347 | log_app('function','get_service()'); |
| 348 | |
| 349 | if( !current_user_can( 'edit_posts' ) ) |
| 350 | $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) ); |
| 351 | |
| 352 | $entries_url = attribute_escape($this->get_entries_url()); |
| 353 | $categories_url = attribute_escape($this->get_categories_url()); |
| 354 | $media_url = attribute_escape($this->get_attachments_url()); |
| 355 | foreach ($this->media_content_types as $med) { |
| 356 | $accepted_media_types = $accepted_media_types . "<accept>" . $med . "</accept>"; |
| 357 | } |
| 358 | $atom_prefix="atom"; |
| 359 | $atom_blogname=get_bloginfo('name'); |
| 360 | $service_doc = <<<EOD |
| 361 | <service xmlns="$this->ATOMPUB_NS" xmlns:$atom_prefix="$this->ATOM_NS"> |
| 362 | <workspace> |
| 363 | <$atom_prefix:title>$atom_blogname Workspace</$atom_prefix:title> |
| 364 | <collection href="$entries_url"> |
| 365 | <$atom_prefix:title>$atom_blogname Posts</$atom_prefix:title> |
| 366 | <accept>$this->ATOM_CONTENT_TYPE;type=entry</accept> |
| 367 | <categories href="$categories_url" /> |
| 368 | </collection> |
| 369 | <collection href="$media_url"> |
| 370 | <$atom_prefix:title>$atom_blogname Media</$atom_prefix:title> |
| 371 | $accepted_media_types |
| 372 | </collection> |
| 373 | </workspace> |
| 374 | </service> |
| 375 | |
| 376 | EOD; |
| 377 | |
| 378 | $this->output($service_doc, $this->SERVICE_CONTENT_TYPE); |
| 379 | } |
| 380 | |
| 381 | /** |
| 382 | * Retrieve categories list in XML format. |
| 383 | * |
| 384 | * @since 2.2.0 |
| 385 | */ |
| 386 | function get_categories_xml() { |
| 387 | log_app('function','get_categories_xml()'); |
| 388 | |
| 389 | if( !current_user_can( 'edit_posts' ) ) |
| 390 | $this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) ); |
| 391 | |
| 392 | $home = attribute_escape(get_bloginfo_rss('home')); |
| 393 | |
| 394 | $categories = ""; |
| 395 | $cats = get_categories("hierarchical=0&hide_empty=0"); |
| 396 | foreach ((array) $cats as $cat) { |
| 397 | $categories .= " <category term=\"" . attribute_escape($cat->name) . "\" />\n"; |
| 398 | } |
| 399 | $output = <<<EOD |
| 400 | <app:categories xmlns:app="$this->ATOMPUB_NS" |
| 401 | xmlns="$this->ATOM_NS" |
| 402 | fixed="yes" scheme="$home"> |
| 403 | $categories |
| 404 | </app:categories> |
| 405 | EOD; |
| 406 | $this->output($output, $this->CATEGORIES_CONTENT_TYPE); |
| 407 | } |
| 408 | |
| 409 | /** |
| 410 | * Create new post. |
| 411 | * |
| 412 | * @since 2.2.0 |
| 413 | */ |
| 414 | function create_post() { |
| 415 | global $blog_id, $user_ID; |
| 416 | $this->get_accepted_content_type($this->atom_content_types); |
| 417 | |
| 418 | $parser = new AtomParser(); |
| 419 | if(!$parser->parse()) { |
| 420 | $this->client_error(); |
| 421 | } |
| 422 | |
| 423 | $entry = array_pop($parser->feed->entries); |
| 424 | |
| 425 | log_app('Received entry:', print_r($entry,true)); |
| 426 | |
| 427 | $catnames = array(); |
| 428 | foreach($entry->categories as $cat) |
| 429 | array_push($catnames, $cat["term"]); |
| 430 | |
| 431 | $wp_cats = get_categories(array('hide_empty' => false)); |
| 432 | |
| 433 | $post_category = array(); |
| 434 | |
| 435 | foreach($wp_cats as $cat) { |
| 436 | if(in_array($cat->name, $catnames)) |
| 437 | array_push($post_category, $cat->term_id); |
| 438 | } |
| 439 | |
| 440 | $publish = (isset($entry->draft) && trim($entry->draft) == 'yes') ? false : true; |
| 441 | |
| 442 | $cap = ($publish) ? 'publish_posts' : 'edit_posts'; |
| 443 | |
| 444 | if(!current_user_can($cap)) |
| 445 | $this->auth_required(__('Sorry, you do not have the right to edit/publish new posts.')); |
| 446 | |
| 447 | $blog_ID = (int ) $blog_id; |
| 448 | $post_status = ($publish) ? 'publish' : 'draft'; |
| 449 | $post_author = (int) $user_ID; |
| 450 | $post_title = $entry->title[1]; |
| 451 | $post_content = $entry->content[1]; |
| 452 | $post_excerpt = $entry->summary[1]; |
| 453 | $pubtimes = $this->get_publish_time($entry->published); |
| 454 | $post_date = $pubtimes[0]; |
| 455 | $post_date_gmt = $pubtimes[1]; |
| 456 | |
| 457 | if ( isset( $_SERVER['HTTP_SLUG'] ) ) |
| 458 | $post_name = $_SERVER['HTTP_SLUG']; |
| 459 | |
| 460 | $post_data = compact('blog_ID', 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_name'); |
| 461 | |
| 462 | $this->escape($post_data); |
| 463 | log_app('Inserting Post. Data:', print_r($post_data,true)); |
| 464 | |
| 465 | $postID = wp_insert_post($post_data); |
| 466 | if ( is_wp_error( $postID ) ) |
| 467 | $this->internal_error($postID->get_error_message()); |
| 468 | |
| 469 | if (!$postID) |
| 470 | $this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.')); |
| 471 | |
| 472 | // getting warning here about unable to set headers |
| 473 | // because something in the cache is printing to the buffer |
| 474 | // could we clean up wp_set_post_categories or cache to not print |
| 475 | // this could affect our ability to send back the right headers |
| 476 | @wp_set_post_categories($postID, $post_category); |
| 477 | |
| 478 | $output = $this->get_entry($postID); |
| 479 | |
| 480 | log_app('function',"create_post($postID)"); |
| 481 | $this->created($postID, $output); |
| 482 | } |
| 483 | |
| 484 | /** |
| 485 | * Retrieve post. |
| 486 | * |
| 487 | * @since 2.2.0 |
| 488 | * |
| 489 | * @param int $postID Post ID. |
| 490 | */ |
| 491 | function get_post($postID) { |
| 492 | global $entry; |
| 493 | |
| 494 | if( !current_user_can( 'edit_post', $postID ) ) |
| 495 | $this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) ); |
| 496 | |
| 497 | $this->set_current_entry($postID); |
| 498 | $output = $this->get_entry($postID); |
| 499 | log_app('function',"get_post($postID)"); |
| 500 | $this->output($output); |
| 501 | |
| 502 | } |
| 503 | |
| 504 | /** |
| 505 | * Update post. |
| 506 | * |
| 507 | * @since 2.2.0 |
| 508 | * |
| 509 | * @param int $postID Post ID. |
| 510 | */ |
| 511 | function put_post($postID) { |
| 512 | // checked for valid content-types (atom+xml) |
| 513 | // quick check and exit |
| 514 | $this->get_accepted_content_type($this->atom_content_types); |
| 515 | |
| 516 | $parser = new AtomParser(); |
| 517 | if(!$parser->parse()) { |
| 518 | $this->bad_request(); |
| 519 | } |
| 520 | |
| 521 | $parsed = array_pop($parser->feed->entries); |
| 522 | |
| 523 | log_app('Received UPDATED entry:', print_r($parsed,true)); |
| 524 | |
| 525 | // check for not found |
| 526 | global $entry; |
| 527 | $this->set_current_entry($postID); |
| 528 | |
| 529 | if(!current_user_can('edit_post', $entry['ID'])) |
| 530 | $this->auth_required(__('Sorry, you do not have the right to edit this post.')); |
| 531 | |
| 532 | $publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true; |
| 533 | $post_status = ($publish) ? 'publish' : 'draft'; |
| 534 | |
| 535 | extract($entry); |
| 536 | |
| 537 | $post_title = $parsed->title[1]; |
| 538 | $post_content = $parsed->content[1]; |
| 539 | $post_excerpt = $parsed->summary[1]; |
| 540 | $pubtimes = $this->get_publish_time($entry->published); |
| 541 | $post_date = $pubtimes[0]; |
| 542 | $post_date_gmt = $pubtimes[1]; |
| 543 | $pubtimes = $this->get_publish_time($parsed->updated); |
| 544 | $post_modified = $pubtimes[0]; |
| 545 | $post_modified_gmt = $pubtimes[1]; |
| 546 | |
| 547 | $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt'); |
| 548 | $this->escape($postdata); |
| 549 | |
| 550 | $result = wp_update_post($postdata); |
| 551 | |
| 552 | if (!$result) { |
| 553 | $this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.')); |
| 554 | } |
| 555 | |
| 556 | log_app('function',"put_post($postID)"); |
| 557 | $this->ok(); |
| 558 | } |
| 559 | |
| 560 | /** |
| 561 | * Remove post. |
| 562 | * |
| 563 | * @since 2.2.0 |
| 564 | * |
| 565 | * @param int $postID Post ID. |
| 566 | */ |
| 567 | function delete_post($postID) { |
| 568 | |
| 569 | // check for not found |
| 570 | global $entry; |
| 571 | $this->set_current_entry($postID); |
| 572 | |
| 573 | if(!current_user_can('edit_post', $postID)) { |
| 574 | $this->auth_required(__('Sorry, you do not have the right to delete this post.')); |
| 575 | } |
| 576 | |
| 577 | if ($entry['post_type'] == 'attachment') { |
| 578 | $this->delete_attachment($postID); |
| 579 | } else { |
| 580 | $result = wp_delete_post($postID); |
| 581 | |
| 582 | if (!$result) { |
| 583 | $this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.')); |
| 584 | } |
| 585 | |
| 586 | log_app('function',"delete_post($postID)"); |
| 587 | $this->ok(); |
| 588 | } |
| 589 | |
| 590 | } |
| 591 | |
| 592 | /** |
| 593 | * Retrieve attachment. |
| 594 | * |
| 595 | * @since 2.2.0 |
| 596 | * |
| 597 | * @param int $postID Optional. Post ID. |
| 598 | */ |
| 599 | function get_attachment($postID = null) { |
| 600 | if( !current_user_can( 'upload_files' ) ) |
| 601 | $this->auth_required( __( 'Sorry, you do not have permission to upload files.' ) ); |
| 602 | |
| 603 | if (!isset($postID)) { |
| 604 | $this->get_attachments(); |
| 605 | } else { |
| 606 | $this->set_current_entry($postID); |
| 607 | $output = $this->get_entry($postID, 'attachment'); |
| 608 | log_app('function',"get_attachment($postID)"); |
| 609 | $this->output($output); |
| 610 | } |
| 611 | } |
| 612 | |
| 613 | /** |
| 614 | * Create new attachment. |
| 615 | * |
| 616 | * @since 2.2.0 |
| 617 | */ |
| 618 | function create_attachment() { |
| 619 | |
| 620 | $type = $this->get_accepted_content_type(); |
| 621 | |
| 622 | if(!current_user_can('upload_files')) |
| 623 | $this->auth_required(__('You do not have permission to upload files.')); |
| 624 | |
| 625 | $fp = fopen("php://input", "rb"); |
| 626 | $bits = null; |
| 627 | while(!feof($fp)) { |
| 628 | $bits .= fread($fp, 4096); |
| 629 | } |
| 630 | fclose($fp); |
| 631 | |
| 632 | $slug = ''; |
| 633 | if ( isset( $_SERVER['HTTP_SLUG'] ) ) |
| 634 | $slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] ); |
| 635 | elseif ( isset( $_SERVER['HTTP_TITLE'] ) ) |
| 636 | $slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] ); |
| 637 | elseif ( empty( $slug ) ) // just make a random name |
| 638 | $slug = substr( md5( uniqid( microtime() ) ), 0, 7); |
| 639 | $ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] ); |
| 640 | $slug = "$slug.$ext"; |
| 641 | $file = wp_upload_bits( $slug, NULL, $bits); |
| 642 | |
| 643 | log_app('wp_upload_bits returns:',print_r($file,true)); |
| 644 | |
| 645 | $url = $file['url']; |
| 646 | $file = $file['file']; |
| 647 | |
| 648 | do_action('wp_create_file_in_uploads', $file); // replicate |
| 649 | |
| 650 | // Construct the attachment array |
| 651 | $attachment = array( |
| 652 | 'post_title' => $slug, |
| 653 | 'post_content' => $slug, |
| 654 | 'post_status' => 'attachment', |
| 655 | 'post_parent' => 0, |
| 656 | 'post_mime_type' => $type, |
| 657 | 'guid' => $url |
| 658 | ); |
| 659 | |
| 660 | // Save the data |
| 661 | $postID = wp_insert_attachment($attachment, $file); |
| 662 | |
| 663 | if (!$postID) |
| 664 | $this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.')); |
| 665 | |
| 666 | $output = $this->get_entry($postID, 'attachment'); |
| 667 | |
| 668 | $this->created($postID, $output, 'attachment'); |
| 669 | log_app('function',"create_attachment($postID)"); |
| 670 | } |
| 671 | |
| 672 | /** |
| 673 | * Update attachment. |
| 674 | * |
| 675 | * @since 2.2.0 |
| 676 | * |
| 677 | * @param int $postID Post ID. |
| 678 | */ |
| 679 | function put_attachment($postID) { |
| 680 | // checked for valid content-types (atom+xml) |
| 681 | // quick check and exit |
| 682 | $this->get_accepted_content_type($this->atom_content_types); |
| 683 | |
| 684 | $parser = new AtomParser(); |
| 685 | if(!$parser->parse()) { |
| 686 | $this->bad_request(); |
| 687 | } |
| 688 | |
| 689 | $parsed = array_pop($parser->feed->entries); |
| 690 | |
| 691 | // check for not found |
| 692 | global $entry; |
| 693 | $this->set_current_entry($postID); |
| 694 | |
| 695 | if(!current_user_can('edit_post', $entry['ID'])) |
| 696 | $this->auth_required(__('Sorry, you do not have the right to edit this post.')); |
| 697 | |
| 698 | extract($entry); |
| 699 | |
| 700 | $post_title = $parsed->title[1]; |
| 701 | $post_content = $parsed->content[1]; |
| 702 | $pubtimes = $this->get_publish_time($parsed->updated); |
| 703 | $post_modified = $pubtimes[0]; |
| 704 | $post_modified_gmt = $pubtimes[1]; |
| 705 | |
| 706 | $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_modified', 'post_modified_gmt'); |
| 707 | $this->escape($postdata); |
| 708 | |
| 709 | $result = wp_update_post($postdata); |
| 710 | |
| 711 | if (!$result) { |
| 712 | $this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.')); |
| 713 | } |
| 714 | |
| 715 | log_app('function',"put_attachment($postID)"); |
| 716 | $this->ok(); |
| 717 | } |
| 718 | |
| 719 | /** |
| 720 | * Remove attachment. |
| 721 | * |
| 722 | * @since 2.2.0 |
| 723 | * |
| 724 | * @param int $postID Post ID. |
| 725 | */ |
| 726 | function delete_attachment($postID) { |
| 727 | log_app('function',"delete_attachment($postID). File '$location' deleted."); |
| 728 | |
| 729 | // check for not found |
| 730 | global $entry; |
| 731 | $this->set_current_entry($postID); |
| 732 | |
| 733 | if(!current_user_can('edit_post', $postID)) { |
| 734 | $this->auth_required(__('Sorry, you do not have the right to delete this post.')); |
| 735 | } |
| 736 | |
| 737 | $location = get_post_meta($entry['ID'], '_wp_attached_file', true); |
| 738 | $filetype = wp_check_filetype($location); |
| 739 | |
| 740 | if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext'])) |
| 741 | $this->internal_error(__('Error ocurred while accessing post metadata for file location.')); |
| 742 | |
| 743 | // delete file |
| 744 | @unlink($location); |
| 745 | |
| 746 | // delete attachment |
| 747 | $result = wp_delete_post($postID); |
| 748 | |
| 749 | if (!$result) { |
| 750 | $this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.')); |
| 751 | } |
| 752 | |
| 753 | log_app('function',"delete_attachment($postID). File '$location' deleted."); |
| 754 | $this->ok(); |
| 755 | } |
| 756 | |
| 757 | /** |
| 758 | * Retrieve attachment from post. |
| 759 | * |
| 760 | * @since 2.2.0 |
| 761 | * |
| 762 | * @param int $postID Post ID. |
| 763 | */ |
| 764 | function get_file($postID) { |
| 765 | |
| 766 | // check for not found |
| 767 | global $entry; |
| 768 | $this->set_current_entry($postID); |
| 769 | |
| 770 | // then whether user can edit the specific post |
| 771 | if(!current_user_can('edit_post', $postID)) { |
| 772 | $this->auth_required(__('Sorry, you do not have the right to edit this post.')); |
| 773 | } |
| 774 | |
| 775 | $location = get_post_meta($entry['ID'], '_wp_attached_file', true); |
| 776 | $filetype = wp_check_filetype($location); |
| 777 | |
| 778 | if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext'])) |
| 779 | $this->internal_error(__('Error ocurred while accessing post metadata for file location.')); |
| 780 | |
| 781 | status_header('200'); |
| 782 | header('Content-Type: ' . $entry['post_mime_type']); |
| 783 | header('Connection: close'); |
| 784 | |
| 785 | $fp = fopen($location, "rb"); |
| 786 | while(!feof($fp)) { |
| 787 | echo fread($fp, 4096); |
| 788 | } |
| 789 | fclose($fp); |
| 790 | |
| 791 | log_app('function',"get_file($postID)"); |
| 792 | exit; |
| 793 | } |
| 794 | |
| 795 | /** |
| 796 | * Upload file to blog and add attachment to post. |
| 797 | * |
| 798 | * @since 2.2.0 |
| 799 | * |
| 800 | * @param int $postID Post ID. |
| 801 | */ |
| 802 | function put_file($postID) { |
| 803 | |
| 804 | // first check if user can upload |
| 805 | if(!current_user_can('upload_files')) |
| 806 | $this->auth_required(__('You do not have permission to upload files.')); |
| 807 | |
| 808 | // check for not found |
| 809 | global $entry; |
| 810 | $this->set_current_entry($postID); |
| 811 | |
| 812 | // then whether user can edit the specific post |
| 813 | if(!current_user_can('edit_post', $postID)) { |
| 814 | $this->auth_required(__('Sorry, you do not have the right to edit this post.')); |
| 815 | } |
| 816 | |
| 817 | $location = get_post_meta($entry['ID'], '_wp_attached_file', true); |
| 818 | $filetype = wp_check_filetype($location); |
| 819 | |
| 820 | if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext'])) |
| 821 | $this->internal_error(__('Error ocurred while accessing post metadata for file location.')); |
| 822 | |
| 823 | $fp = fopen("php://input", "rb"); |
| 824 | $localfp = fopen($location, "w+"); |
| 825 | while(!feof($fp)) { |
| 826 | fwrite($localfp,fread($fp, 4096)); |
| 827 | } |
| 828 | fclose($fp); |
| 829 | fclose($localfp); |
| 830 | |
| 831 | $ID = $entry['ID']; |
| 832 | $pubtimes = $this->get_publish_time($entry->published); |
| 833 | $post_date = $pubtimes[0]; |
| 834 | $post_date_gmt = $pubtimes[1]; |
| 835 | $pubtimes = $this->get_publish_time($parsed->updated); |
| 836 | $post_modified = $pubtimes[0]; |
| 837 | $post_modified_gmt = $pubtimes[1]; |
| 838 | |
| 839 | $post_data = compact('ID', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt'); |
| 840 | $result = wp_update_post($post_data); |
| 841 | |
| 842 | if (!$result) { |
| 843 | $this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.')); |
| 844 | } |
| 845 | |
| 846 | log_app('function',"put_file($postID)"); |
| 847 | $this->ok(); |
| 848 | } |
| 849 | |
| 850 | /** |
| 851 | * Retrieve entries URL. |
| 852 | * |
| 853 | * @since 2.2.0 |
| 854 | * |
| 855 | * @param int $page Page ID. |
| 856 | * @return string |
| 857 | */ |
| 858 | function get_entries_url($page = null) { |
| 859 | if($GLOBALS['post_type'] == 'attachment') { |
| 860 | $path = $this->MEDIA_PATH; |
| 861 | } else { |
| 862 | $path = $this->ENTRIES_PATH; |
| 863 | } |
| 864 | $url = $this->app_base . $path; |
| 865 | if(isset($page) && is_int($page)) { |
| 866 | $url .= "/$page"; |
| 867 | } |
| 868 | return $url; |
| 869 | } |
| 870 | |
| 871 | /** |
| 872 | * Display entries URL. |
| 873 | * |
| 874 | * @since 2.2.0 |
| 875 | * |
| 876 | * @param int $page Page ID. |
| 877 | */ |
| 878 | function the_entries_url($page = null) { |
| 879 | echo $this->get_entries_url($page); |
| 880 | } |
| 881 | |
| 882 | /** |
| 883 | * Retrieve categories URL. |
| 884 | * |
| 885 | * @since 2.2.0 |
| 886 | * |
| 887 | * @param mixed $deprecated Optional, not used. |
| 888 | * @return string |
| 889 | */ |
| 890 | function get_categories_url($deprecated = '') { |
| 891 | return $this->app_base . $this->CATEGORIES_PATH; |
| 892 | } |
| 893 | |
| 894 | /** |
| 895 | * Display category URL. |
| 896 | * |
| 897 | * @since 2.2.0 |
| 898 | */ |
| 899 | function the_categories_url() { |
| 900 | echo $this->get_categories_url(); |
| 901 | } |
| 902 | |
| 903 | /** |
| 904 | * Retrieve attachment URL. |
| 905 | * |
| 906 | * @since 2.2.0 |
| 907 | * |
| 908 | * @param int $page Page ID. |
| 909 | * @return string |
| 910 | */ |
| 911 | function get_attachments_url($page = null) { |
| 912 | $url = $this->app_base . $this->MEDIA_PATH; |
| 913 | if(isset($page) && is_int($page)) { |
| 914 | $url .= "/$page"; |
| 915 | } |
| 916 | return $url; |
| 917 | } |
| 918 | |
| 919 | /** |
| 920 | * Display attachment URL. |
| 921 | * |
| 922 | * @since 2.2.0 |
| 923 | * |
| 924 | * @param int $page Page ID. |
| 925 | */ |
| 926 | function the_attachments_url($page = null) { |
| 927 | echo $this->get_attachments_url($page); |
| 928 | } |
| 929 | |
| 930 | /** |
| 931 | * Retrieve service URL. |
| 932 | * |
| 933 | * @since 2.3.0 |
| 934 | * |
| 935 | * @return string |
| 936 | */ |
| 937 | function get_service_url() { |
| 938 | return $this->app_base . $this->SERVICE_PATH; |
| 939 | } |
| 940 | |
| 941 | /** |
| 942 | * Retrieve entry URL. |
| 943 | * |
| 944 | * @since 2.7.0 |
| 945 | * |
| 946 | * @param int $postID Post ID. |
| 947 | * @return string |
| 948 | */ |
| 949 | function get_entry_url($postID = null) { |
| 950 | if(!isset($postID)) { |
| 951 | global $post; |
| 952 | $postID = (int) $post->ID; |
| 953 | } |
| 954 | |
| 955 | $url = $this->app_base . $this->ENTRY_PATH . "/$postID"; |
| 956 | |
| 957 | log_app('function',"get_entry_url() = $url"); |
| 958 | return $url; |
| 959 | } |
| 960 | |
| 961 | /** |
| 962 | * Display entry URL. |
| 963 | * |
| 964 | * @since 2.7.0 |
| 965 | * |
| 966 | * @param int $postID Post ID. |
| 967 | */ |
| 968 | function the_entry_url($postID = null) { |
| 969 | echo $this->get_entry_url($postID); |
| 970 | } |
| 971 | |
| 972 | /** |
| 973 | * Retrieve media URL. |
| 974 | * |
| 975 | * @since 2.2.0 |
| 976 | * |
| 977 | * @param int $postID Post ID. |
| 978 | * @return string |
| 979 | */ |
| 980 | function get_media_url($postID = null) { |
| 981 | if(!isset($postID)) { |
| 982 | global $post; |
| 983 | $postID = (int) $post->ID; |
| 984 | } |
| 985 | |
| 986 | $url = $this->app_base . $this->MEDIA_SINGLE_PATH ."/file/$postID"; |
| 987 | |
| 988 | log_app('function',"get_media_url() = $url"); |
| 989 | return $url; |
| 990 | } |
| 991 | |
| 992 | /** |
| 993 | * Display the media URL. |
| 994 | * |
| 995 | * @since 2.2.0 |
| 996 | * |
| 997 | * @param int $postID Post ID. |
| 998 | */ |
| 999 | function the_media_url($postID = null) { |
| 1000 | echo $this->get_media_url($postID); |
| 1001 | } |
| 1002 | |
| 1003 | /** |
| 1004 | * Set the current entry to post ID. |
| 1005 | * |
| 1006 | * @since 2.2.0 |
| 1007 | * |
| 1008 | * @param int $postID Post ID. |
| 1009 | */ |
| 1010 | function set_current_entry($postID) { |
| 1011 | global $entry; |
| 1012 | log_app('function',"set_current_entry($postID)"); |
| 1013 | |
| 1014 | if(!isset($postID)) { |
| 1015 | // $this->bad_request(); |
| 1016 | $this->not_found(); |
| 1017 | } |
| 1018 | |
| 1019 | $entry = wp_get_single_post($postID,ARRAY_A); |
| 1020 | |
| 1021 | if(!isset($entry) || !isset($entry['ID'])) |
| 1022 | $this->not_found(); |
| 1023 | |
| 1024 | return; |
| 1025 | } |
| 1026 | |
| 1027 | /** |
| 1028 | * Display posts XML. |
| 1029 | * |
| 1030 | * @since 2.2.0 |
| 1031 | * |
| 1032 | * @param int $page Optional. Page ID. |
| 1033 | * @param string $post_type Optional, default is 'post'. Post Type. |
| 1034 | */ |
| 1035 | function get_posts($page = 1, $post_type = 'post') { |
| 1036 | log_app('function',"get_posts($page, '$post_type')"); |
| 1037 | $feed = $this->get_feed($page, $post_type); |
| 1038 | $this->output($feed); |
| 1039 | } |
| 1040 | |
| 1041 | /** |
| 1042 | * Display attachment XML. |
| 1043 | * |
| 1044 | * @since 2.2.0 |
| 1045 | * |
| 1046 | * @param int $page Page ID. |
| 1047 | * @param string $post_type Optional, default is 'attachment'. Post type. |
| 1048 | */ |
| 1049 | function get_attachments($page = 1, $post_type = 'attachment') { |
| 1050 | log_app('function',"get_attachments($page, '$post_type')"); |
| 1051 | $GLOBALS['post_type'] = $post_type; |
| 1052 | $feed = $this->get_feed($page, $post_type); |
| 1053 | $this->output($feed); |
| 1054 | } |
| 1055 | |
| 1056 | /** |
| 1057 | * Retrieve feed XML. |
| 1058 | * |
| 1059 | * @since 2.2.0 |
| 1060 | * |
| 1061 | * @param int $page Page ID. |
| 1062 | * @param string $post_type Optional, default is post. Post type. |
| 1063 | * @return string |
| 1064 | */ |
| 1065 | function get_feed($page = 1, $post_type = 'post') { |
| 1066 | global $post, $wp, $wp_query, $posts, $wpdb, $blog_id; |
| 1067 | log_app('function',"get_feed($page, '$post_type')"); |
| 1068 | ob_start(); |
| 1069 | |
| 1070 | if(!isset($page)) { |
| 1071 | $page = 1; |
| 1072 | } |
| 1073 | $page = (int) $page; |
| 1074 | |
| 1075 | $count = get_option('posts_per_rss'); |
| 1076 | |
| 1077 | wp('what_to_show=posts&posts_per_page=' . $count . '&offset=' . ($count * ($page-1) . '&orderby=modified')); |
| 1078 | |
| 1079 | $post = $GLOBALS['post']; |
| 1080 | $posts = $GLOBALS['posts']; |
| 1081 | $wp = $GLOBALS['wp']; |
| 1082 | $wp_query = $GLOBALS['wp_query']; |
| 1083 | $wpdb = $GLOBALS['wpdb']; |
| 1084 | $blog_id = (int) $GLOBALS['blog_id']; |
| 1085 | log_app('function',"query_posts(# " . print_r($wp_query, true) . "#)"); |
| 1086 | |
| 1087 | log_app('function',"total_count(# $wp_query->max_num_pages #)"); |
| 1088 | $last_page = $wp_query->max_num_pages; |
| 1089 | $next_page = (($page + 1) > $last_page) ? NULL : $page + 1; |
| 1090 | $prev_page = ($page - 1) < 1 ? NULL : $page - 1; |
| 1091 | $last_page = ((int)$last_page == 1 || (int)$last_page == 0) ? NULL : (int) $last_page; |
| 1092 | $self_page = $page > 1 ? $page : NULL; |
| 1093 | ?><feed xmlns="<?php echo $this->ATOM_NS ?>" xmlns:app="<?php echo $this->ATOMPUB_NS ?>" xml:lang="<?php echo get_option('rss_language'); ?>"> |
| 1094 | <id><?php $this->the_entries_url() ?></id> |
| 1095 | <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastpostmodified('GMT')); ?></updated> |
| 1096 | <title type="text"><?php bloginfo_rss('name') ?></title> |
| 1097 | <subtitle type="text"><?php bloginfo_rss("description") ?></subtitle> |
| 1098 | <link rel="first" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url() ?>" /> |
| 1099 | <?php if(isset($prev_page)): ?> |
| 1100 | <link rel="previous" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($prev_page) ?>" /> |
| 1101 | <?php endif; ?> |
| 1102 | <?php if(isset($next_page)): ?> |
| 1103 | <link rel="next" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($next_page) ?>" /> |
| 1104 | <?php endif; ?> |
| 1105 | <link rel="last" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($last_page) ?>" /> |
| 1106 | <link rel="self" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($self_page) ?>" /> |
| 1107 | <rights type="text">Copyright <?php echo mysql2date('Y', get_lastpostdate('blog')); ?></rights> |
| 1108 | <?php the_generator( 'atom' ); ?> |
| 1109 | <?php if ( have_posts() ) { |
| 1110 | while ( have_posts() ) { |
| 1111 | the_post(); |
| 1112 | $this->echo_entry(); |
| 1113 | } |
| 1114 | } |
| 1115 | ?></feed> |
| 1116 | <?php |
| 1117 | $feed = ob_get_contents(); |
| 1118 | ob_end_clean(); |
| 1119 | return $feed; |
| 1120 | } |
| 1121 | |
| 1122 | /** |
| 1123 | * Display entry XML. |
| 1124 | * |
| 1125 | * @since 2.2.0 |
| 1126 | * |
| 1127 | * @param int $postID Post ID. |
| 1128 | * @param string $post_type Optional, default is post. Post type. |
| 1129 | * @return string. |
| 1130 | */ |
| 1131 | function get_entry($postID, $post_type = 'post') { |
| 1132 | log_app('function',"get_entry($postID, '$post_type')"); |
| 1133 | ob_start(); |
| 1134 | switch($post_type) { |
| 1135 | case 'post': |
| 1136 | $varname = 'p'; |
| 1137 | break; |
| 1138 | case 'attachment': |
| 1139 | $varname = 'attachment_id'; |
| 1140 | break; |
| 1141 | } |
| 1142 | query_posts($varname . '=' . $postID); |
| 1143 | if ( have_posts() ) { |
| 1144 | while ( have_posts() ) { |
| 1145 | the_post(); |
| 1146 | $this->echo_entry(); |
| 1147 | log_app('$post',print_r($GLOBALS['post'],true)); |
| 1148 | $entry = ob_get_contents(); |
| 1149 | break; |
| 1150 | } |
| 1151 | } |
| 1152 | ob_end_clean(); |
| 1153 | |
| 1154 | log_app('get_entry returning:',$entry); |
| 1155 | return $entry; |
| 1156 | } |
| 1157 | |
| 1158 | /** |
| 1159 | * Display post content XML. |
| 1160 | * |
| 1161 | * @since 2.3.0 |
| 1162 | */ |
| 1163 | function echo_entry() { ?> |
| 1164 | <entry xmlns="<?php echo $this->ATOM_NS ?>" |
| 1165 | xmlns:app="<?php echo $this->ATOMPUB_NS ?>" xml:lang="<?php echo get_option('rss_language'); ?>"> |
| 1166 | <id><?php the_guid($GLOBALS['post']->ID); ?></id> |
| 1167 | <?php list($content_type, $content) = prep_atom_text_construct(get_the_title()); ?> |
| 1168 | <title type="<?php echo $content_type ?>"><?php echo $content ?></title> |
| 1169 | <updated><?php echo get_post_modified_time('Y-m-d\TH:i:s\Z', true); ?></updated> |
| 1170 | <published><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></published> |
| 1171 | <app:edited><?php echo get_post_modified_time('Y-m-d\TH:i:s\Z', true); ?></app:edited> |
| 1172 | <app:control> |
| 1173 | <app:draft><?php echo ($GLOBALS['post']->post_status == 'draft' ? 'yes' : 'no') ?></app:draft> |
| 1174 | </app:control> |
| 1175 | <author> |
| 1176 | <name><?php the_author()?></name> |
| 1177 | <?php if (get_the_author_url() && get_the_author_url() != 'http://') { ?> |
| 1178 | <uri><?php the_author_url()?></uri> |
| 1179 | <?php } ?> |
| 1180 | </author> |
| 1181 | <?php if($GLOBALS['post']->post_type == 'attachment') { ?> |
| 1182 | <link rel="edit-media" href="<?php $this->the_media_url() ?>" /> |
| 1183 | <content type="<?php echo $GLOBALS['post']->post_mime_type ?>" src="<?php the_guid(); ?>"/> |
| 1184 | <?php } else { ?> |
| 1185 | <link href="<?php the_permalink_rss() ?>" /> |
| 1186 | <?php if ( strlen( $GLOBALS['post']->post_content ) ) : |
| 1187 | list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?> |
| 1188 | <content type="<?php echo $content_type ?>"><?php echo $content ?></content> |
| 1189 | <?php endif; ?> |
| 1190 | <?php } ?> |
| 1191 | <link rel="edit" href="<?php $this->the_entry_url() ?>" /> |
| 1192 | <?php foreach(get_the_category() as $category) { ?> |
| 1193 | <category scheme="<?php bloginfo_rss('home') ?>" term="<?php echo $category->name?>" /> |
| 1194 | <?php } ?> |
| 1195 | <?php list($content_type, $content) = prep_atom_text_construct(get_the_excerpt()); ?> |
| 1196 | <summary type="<?php echo $content_type ?>"><?php echo $content ?></summary> |
| 1197 | </entry> |
| 1198 | <?php } |
| 1199 | |
| 1200 | /** |
| 1201 | * Set 'OK' (200) status header. |
| 1202 | * |
| 1203 | * @since 2.2.0 |
| 1204 | */ |
| 1205 | function ok() { |
| 1206 | log_app('Status','200: OK'); |
| 1207 | header('Content-Type: text/plain'); |
| 1208 | status_header('200'); |
| 1209 | exit; |
| 1210 | } |
| 1211 | |
| 1212 | /** |
| 1213 | * Set 'No Content' (204) status header. |
| 1214 | * |
| 1215 | * @since 2.2.0 |
| 1216 | */ |
| 1217 | function no_content() { |
| 1218 | log_app('Status','204: No Content'); |
| 1219 | header('Content-Type: text/plain'); |
| 1220 | status_header('204'); |
| 1221 | echo "Deleted."; |
| 1222 | exit; |
| 1223 | } |
| 1224 | |
| 1225 | /** |
| 1226 | * Display 'Internal Server Error' (500) status header. |
| 1227 | * |
| 1228 | * @since 2.2.0 |
| 1229 | * |
| 1230 | * @param string $msg Optional. Status string. |
| 1231 | */ |
| 1232 | function internal_error($msg = 'Internal Server Error') { |
| 1233 | log_app('Status','500: Server Error'); |
| 1234 | header('Content-Type: text/plain'); |
| 1235 | status_header('500'); |
| 1236 | echo $msg; |
| 1237 | exit; |
| 1238 | } |
| 1239 | |
| 1240 | /** |
| 1241 | * Set 'Bad Request' (400) status header. |
| 1242 | * |
| 1243 | * @since 2.2.0 |
| 1244 | */ |
| 1245 | function bad_request() { |
| 1246 | log_app('Status','400: Bad Request'); |
| 1247 | header('Content-Type: text/plain'); |
| 1248 | status_header('400'); |
| 1249 | exit; |
| 1250 | } |
| 1251 | |
| 1252 | /** |
| 1253 | * Set 'Length Required' (411) status header. |
| 1254 | * |
| 1255 | * @since 2.2.0 |
| 1256 | */ |
| 1257 | function length_required() { |
| 1258 | log_app('Status','411: Length Required'); |
| 1259 | header("HTTP/1.1 411 Length Required"); |
| 1260 | header('Content-Type: text/plain'); |
| 1261 | status_header('411'); |
| 1262 | exit; |
| 1263 | } |
| 1264 | |
| 1265 | /** |
| 1266 | * Set 'Unsupported Media Type' (415) status header. |
| 1267 | * |
| 1268 | * @since 2.2.0 |
| 1269 | */ |
| 1270 | function invalid_media() { |
| 1271 | log_app('Status','415: Unsupported Media Type'); |
| 1272 | header("HTTP/1.1 415 Unsupported Media Type"); |
| 1273 | header('Content-Type: text/plain'); |
| 1274 | exit; |
| 1275 | } |
| 1276 | |
| 1277 | /** |
| 1278 | * Set 'Forbidden' (403) status header. |
| 1279 | * |
| 1280 | * @since 2.6.0 |
| 1281 | */ |
| 1282 | function forbidden($reason='') { |
| 1283 | log_app('Status','403: Forbidden'); |
| 1284 | header('Content-Type: text/plain'); |
| 1285 | status_header('403'); |
| 1286 | echo $reason; |
| 1287 | exit; |
| 1288 | } |
| 1289 | |
| 1290 | /** |
| 1291 | * Set 'Not Found' (404) status header. |
| 1292 | * |
| 1293 | * @since 2.2.0 |
| 1294 | */ |
| 1295 | function not_found() { |
| 1296 | log_app('Status','404: Not Found'); |
| 1297 | header('Content-Type: text/plain'); |
| 1298 | status_header('404'); |
| 1299 | exit; |
| 1300 | } |
| 1301 | |
| 1302 | /** |
| 1303 | * Set 'Not Allowed' (405) status header. |
| 1304 | * |
| 1305 | * @since 2.2.0 |
| 1306 | */ |
| 1307 | function not_allowed($allow) { |
| 1308 | log_app('Status','405: Not Allowed'); |
| 1309 | header('Allow: ' . join(',', $allow)); |
| 1310 | status_header('405'); |
| 1311 | exit; |
| 1312 | } |
| 1313 | |
| 1314 | /** |
| 1315 | * Display Redirect (302) content and set status headers. |
| 1316 | * |
| 1317 | * @since 2.3.0 |
| 1318 | */ |
| 1319 | function redirect($url) { |
| 1320 | |
| 1321 | log_app('Status','302: Redirect'); |
| 1322 | $escaped_url = attribute_escape($url); |
| 1323 | $content = <<<EOD |
| 1324 | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> |
| 1325 | <html> |
| 1326 | <head> |
| 1327 | <title>302 Found</title> |
| 1328 | </head> |
| 1329 | <body> |
| 1330 | <h1>Found</h1> |
| 1331 | <p>The document has moved <a href="$escaped_url">here</a>.</p> |
| 1332 | </body> |
| 1333 | </html> |
| 1334 | |
| 1335 | EOD; |
| 1336 | header('HTTP/1.1 302 Moved'); |
| 1337 | header('Content-Type: text/html'); |
| 1338 | header('Location: ' . $url); |
| 1339 | echo $content; |
| 1340 | exit; |
| 1341 | |
| 1342 | } |
| 1343 | |
| 1344 | /** |
| 1345 | * Set 'Client Error' (400) status header. |
| 1346 | * |
| 1347 | * @since 2.2.0 |
| 1348 | */ |
| 1349 | function client_error($msg = 'Client Error') { |
| 1350 | log_app('Status','400: Client Error'); |
| 1351 | header('Content-Type: text/plain'); |
| 1352 | status_header('400'); |
| 1353 | exit; |
| 1354 | } |
| 1355 | |
| 1356 | /** |
| 1357 | * Set created status headers (201). |
| 1358 | * |
| 1359 | * Sets the 'content-type', 'content-location', and 'location'. |
| 1360 | * |
| 1361 | * @since 2.2.0 |
| 1362 | */ |
| 1363 | function created($post_ID, $content, $post_type = 'post') { |
| 1364 | log_app('created()::$post_ID',"$post_ID, $post_type"); |
| 1365 | $edit = $this->get_entry_url($post_ID); |
| 1366 | switch($post_type) { |
| 1367 | case 'post': |
| 1368 | $ctloc = $this->get_entry_url($post_ID); |
| 1369 | break; |
| 1370 | case 'attachment': |
| 1371 | $edit = $this->app_base . "attachments/$post_ID"; |
| 1372 | break; |
| 1373 | } |
| 1374 | header("Content-Type: $this->ATOM_CONTENT_TYPE"); |
| 1375 | if(isset($ctloc)) |
| 1376 | header('Content-Location: ' . $ctloc); |
| 1377 | header('Location: ' . $edit); |
| 1378 | status_header('201'); |
| 1379 | echo $content; |
| 1380 | exit; |
| 1381 | } |
| 1382 | |
| 1383 | /** |
| 1384 | * Set 'Auth Required' (401) headers. |
| 1385 | * |
| 1386 | * @since 2.2.0 |
| 1387 | * |
| 1388 | * @param string $msg Status header content and HTML content. |
| 1389 | */ |
| 1390 | function auth_required($msg) { |
| 1391 | log_app('Status','401: Auth Required'); |
| 1392 | nocache_headers(); |
| 1393 | header('WWW-Authenticate: Basic realm="WordPress Atom Protocol"'); |
| 1394 | header("HTTP/1.1 401 $msg"); |
| 1395 | header('Status: 401 ' . $msg); |
| 1396 | header('Content-Type: text/html'); |
| 1397 | $content = <<<EOD |
| 1398 | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> |
| 1399 | <html> |
| 1400 | <head> |
| 1401 | <title>401 Unauthorized</title> |
| 1402 | </head> |
| 1403 | <body> |
| 1404 | <h1>401 Unauthorized</h1> |
| 1405 | <p>$msg</p> |
| 1406 | </body> |
| 1407 | </html> |
| 1408 | |
| 1409 | EOD; |
| 1410 | echo $content; |
| 1411 | exit; |
| 1412 | } |
| 1413 | |
| 1414 | /** |
| 1415 | * Display XML and set headers with content type. |
| 1416 | * |
| 1417 | * @since 2.2.0 |
| 1418 | * |
| 1419 | * @param string $xml Display feed content. |
| 1420 | * @param string $ctype Optional, default is 'atom+xml'. Feed content type. |
| 1421 | */ |
| 1422 | function output($xml, $ctype = 'application/atom+xml') { |
| 1423 | status_header('200'); |
| 1424 | $xml = '<?xml version="1.0" encoding="' . strtolower(get_option('blog_charset')) . '"?>'."\n".$xml; |
| 1425 | header('Connection: close'); |
| 1426 | header('Content-Length: '. strlen($xml)); |
| 1427 | header('Content-Type: ' . $ctype); |
| 1428 | header('Content-Disposition: attachment; filename=atom.xml'); |
| 1429 | header('Date: '. date('r')); |
| 1430 | if($this->do_output) |
| 1431 | echo $xml; |
| 1432 | log_app('function', "output:\n$xml"); |
| 1433 | exit; |
| 1434 | } |
| 1435 | |
| 1436 | /** |
| 1437 | * Sanitize content for database usage. |
| 1438 | * |
| 1439 | * @since 2.2.0 |
| 1440 | * |
| 1441 | * @param array $array Sanitize array and multi-dimension array. |
| 1442 | */ |
| 1443 | function escape(&$array) { |
| 1444 | global $wpdb; |
| 1445 | |
| 1446 | foreach ($array as $k => $v) { |
| 1447 | if (is_array($v)) { |
| 1448 | $this->escape($array[$k]); |
| 1449 | } else if (is_object($v)) { |
| 1450 | //skip |
| 1451 | } else { |
| 1452 | $array[$k] = $wpdb->escape($v); |
| 1453 | } |
| 1454 | } |
| 1455 | } |
| 1456 | |
| 1457 | /** |
| 1458 | * Access credential through various methods and perform login. |
| 1459 | * |
| 1460 | * @since 2.2.0 |
| 1461 | * |
| 1462 | * @return bool |
| 1463 | */ |
| 1464 | function authenticate() { |
| 1465 | log_app("authenticate()",print_r($_ENV, true)); |
| 1466 | |
| 1467 | // if using mod_rewrite/ENV hack |
| 1468 | // http://www.besthostratings.com/articles/http-auth-php-cgi.html |
| 1469 | if(isset($_SERVER['HTTP_AUTHORIZATION'])) { |
| 1470 | list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = |
| 1471 | explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); |
| 1472 | } else if (isset($_SERVER['REDIRECT_REMOTE_USER'])) { |
| 1473 | // Workaround for setups that do not forward HTTP_AUTHORIZATION |
| 1474 | // See http://trac.wordpress.org/ticket/7361 |
| 1475 | list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = |
| 1476 | explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6))); |
| 1477 | } |
| 1478 | |
| 1479 | // If Basic Auth is working... |
| 1480 | if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { |
| 1481 | log_app("Basic Auth",$_SERVER['PHP_AUTH_USER']); |
| 1482 | $user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); |
| 1483 | if ( $user && !is_wp_error($user) ) { |
| 1484 | wp_set_current_user($user->ID); |
| 1485 | log_app("authenticate()", $_SERVER['PHP_AUTH_USER']); |
| 1486 | return true; |
| 1487 | } |
| 1488 | } |
| 1489 | |
| 1490 | return false; |
| 1491 | } |
| 1492 | |
| 1493 | /** |
| 1494 | * Retrieve accepted content types. |
| 1495 | * |
| 1496 | * @since 2.2.0 |
| 1497 | * |
| 1498 | * @param array $types Optional. Content Types. |
| 1499 | * @return string |
| 1500 | */ |
| 1501 | function get_accepted_content_type($types = null) { |
| 1502 | |
| 1503 | if(!isset($types)) { |
| 1504 | $types = $this->media_content_types; |
| 1505 | } |
| 1506 | |
| 1507 | if(!isset($_SERVER['CONTENT_LENGTH']) || !isset($_SERVER['CONTENT_TYPE'])) { |
| 1508 | $this->length_required(); |
| 1509 | } |
| 1510 | |
| 1511 | $type = $_SERVER['CONTENT_TYPE']; |
| 1512 | list($type,$subtype) = explode('/',$type); |
| 1513 | list($subtype) = explode(";",$subtype); // strip MIME parameters |
| 1514 | log_app("get_accepted_content_type", "type=$type, subtype=$subtype"); |
| 1515 | |
| 1516 | foreach($types as $t) { |
| 1517 | list($acceptedType,$acceptedSubtype) = explode('/',$t); |
| 1518 | if($acceptedType == '*' || $acceptedType == $type) { |
| 1519 | if($acceptedSubtype == '*' || $acceptedSubtype == $subtype) |
| 1520 | return $type . "/" . $subtype; |
| 1521 | } |
| 1522 | } |
| 1523 | |
| 1524 | $this->invalid_media(); |
| 1525 | } |
| 1526 | |
| 1527 | /** |
| 1528 | * Process conditionals for posts. |
| 1529 | * |
| 1530 | * @since 2.2.0 |
| 1531 | */ |
| 1532 | function process_conditionals() { |
| 1533 | |
| 1534 | if(empty($this->params)) return; |
| 1535 | if($_SERVER['REQUEST_METHOD'] == 'DELETE') return; |
| 1536 | |
| 1537 | switch($this->params[0]) { |
| 1538 | case $this->ENTRY_PATH: |
| 1539 | global $post; |
| 1540 | $post = wp_get_single_post($this->params[1]); |
| 1541 | $wp_last_modified = get_post_modified_time('D, d M Y H:i:s', true); |
| 1542 | $post = NULL; |
| 1543 | break; |
| 1544 | case $this->ENTRIES_PATH: |
| 1545 | $wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0).' GMT'; |
| 1546 | break; |
| 1547 | default: |
| 1548 | return; |
| 1549 | } |
| 1550 | $wp_etag = md5($wp_last_modified); |
| 1551 | @header("Last-Modified: $wp_last_modified"); |
| 1552 | @header("ETag: $wp_etag"); |
| 1553 | |
| 1554 | // Support for Conditional GET |
| 1555 | if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) |
| 1556 | $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); |
| 1557 | else |
| 1558 | $client_etag = false; |
| 1559 | |
| 1560 | $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); |
| 1561 | // If string is empty, return 0. If not, attempt to parse into a timestamp |
| 1562 | $client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; |
| 1563 | |
| 1564 | // Make a timestamp for our most recent modification... |
| 1565 | $wp_modified_timestamp = strtotime($wp_last_modified); |
| 1566 | |
| 1567 | if ( ($client_last_modified && $client_etag) ? |
| 1568 | (($client_modified_timestamp >= $wp_modified_timestamp) && ($client_etag == $wp_etag)) : |
| 1569 | (($client_modified_timestamp >= $wp_modified_timestamp) || ($client_etag == $wp_etag)) ) { |
| 1570 | status_header( 304 ); |
| 1571 | exit; |
| 1572 | } |
| 1573 | } |
| 1574 | |
| 1575 | /** |
| 1576 | * Convert RFC3339 time string to timestamp. |
| 1577 | * |
| 1578 | * @since 2.3.0 |
| 1579 | * |
| 1580 | * @param string $str String to time. |
| 1581 | * @return bool|int false if format is incorrect. |
| 1582 | */ |
| 1583 | function rfc3339_str2time($str) { |
| 1584 | |
| 1585 | $match = false; |
| 1586 | if(!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match)) |
| 1587 | return false; |
| 1588 | |
| 1589 | if($match[3] == 'Z') |
| 1590 | $match[3] == '+0000'; |
| 1591 | |
| 1592 | return strtotime($match[1] . " " . $match[2] . " " . $match[3]); |
| 1593 | } |
| 1594 | |
| 1595 | /** |
| 1596 | * Retrieve published time to display in XML. |
| 1597 | * |
| 1598 | * @since 2.3.0 |
| 1599 | * |
| 1600 | * @param string $published Time string. |
| 1601 | * @return string |
| 1602 | */ |
| 1603 | function get_publish_time($published) { |
| 1604 | |
| 1605 | $pubtime = $this->rfc3339_str2time($published); |
| 1606 | |
| 1607 | if(!$pubtime) { |
| 1608 | return array(current_time('mysql'),current_time('mysql',1)); |
| 1609 | } else { |
| 1610 | return array(date("Y-m-d H:i:s", $pubtime), gmdate("Y-m-d H:i:s", $pubtime)); |
| 1611 | } |
| 1612 | } |
| 1613 | |
| 1614 | } |
| 1615 | |
| 1616 | /** |
| 1617 | * AtomServer |
| 1618 | * @var AtomServer |
| 1619 | * @global object $server |
| 1620 | */ |
| 1621 | $server = new AtomServer(); |
| 1622 | $server->handle_request(); |
| 1623 | |
| 1624 | ?> |