diff --git a/wp-admin/post.php b/wp-admin/post.php
index 0a67f4141..4f453dfeb 100644
--- a/wp-admin/post.php
+++ b/wp-admin/post.php
@@ -13,9 +13,9 @@ return $array;
}
if (!get_magic_quotes_gpc()) {
-$_GET = add_magic_quotes($_GET);
-$_POST = add_magic_quotes($_POST);
-$_COOKIE = add_magic_quotes($_COOKIE);
+ $_GET = add_magic_quotes($_GET);
+ $_POST = add_magic_quotes($_POST);
+ $_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'poststart', 'postend', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder', 'enclosure_url' );
@@ -37,46 +37,47 @@ if (!isset($$wpvar)) {
switch($action) {
case 'post':
- $standalone = 1;
- require_once('admin-header.php');
+ $standalone = 1;
+ require_once('admin-header.php');
- $post_ID = $wpdb->get_var("SELECT ID FROM $wpdb->posts ORDER BY ID DESC LIMIT 1") + 1;
+ $post_ID = $wpdb->get_var("SELECT MAX(ID) FROM $wpdb->posts") + 1;
- $post_pingback = intval($_POST['post_pingback']);
- $content = apply_filters('content_save_pre', $_POST['content']);
- $content = format_to_post($content);
- $excerpt = apply_filters('excerpt_save_pre',$_POST['excerpt']);
- $excerpt = format_to_post($excerpt);
- $post_title = $_POST['post_title'];
- $post_categories = $_POST['post_category'];
- $post_status = $_POST['post_status'];
- $post_name = $_POST['post_name'];
- $post_parent = 0;
- if (isset($_POST['parent_id'])) {
- $post_parent = $_POST['parent_id'];
- }
+ $post_pingback = intval($_POST['post_pingback']);
+ $content = apply_filters('content_save_pre', $_POST['content']);
+ $content = format_to_post($content);
+ $excerpt = apply_filters('excerpt_save_pre',$_POST['excerpt']);
+ $excerpt = format_to_post($excerpt);
+ $post_title = $_POST['post_title'];
+ $post_categories = $_POST['post_category'];
+ $post_status = $_POST['post_status'];
+ $post_name = $_POST['post_name'];
+ $post_parent = 0;
- if (empty($post_status)) $post_status = 'draft';
- // Double-check
- if ( 'publish' == $post_status && 1 == $user_level && 2 != get_option('new_users_can_blog') )
- $post_status = 'draft';
- $comment_status = $_POST['comment_status'];
- if (empty($comment_status)) $comment_status = get_settings('default_comment_status');
- $ping_status = $_POST['ping_status'];
- if (empty($ping_status)) $ping_status = get_settings('default_ping_status');
- $post_password = $_POST['post_password'];
-
- if (empty($post_name)) {
- if (! empty($post_title)) {
- $post_name = sanitize_title($post_title, $post_ID);
- }
- } else {
- $post_name = sanitize_title($post_name, $post_ID);
- }
+ if ( isset($_POST['parent_id']) )
+ $post_parent = $_POST['parent_id'];
- $trackback = $_POST['trackback_url'];
- // Format trackbacks
- $trackback = preg_replace('|\s+|', '\n', $trackback);
+ if ( empty($post_status) )
+ $post_status = 'draft';
+ // Double-check
+ if ( 'publish' == $post_status && 1 == $user_level && 2 != get_option('new_users_can_blog') )
+ $post_status = 'draft';
+ $comment_status = $_POST['comment_status'];
+ if ( empty($comment_status) )
+ $comment_status = get_option('default_comment_status');
+ $ping_status = $_POST['ping_status'];
+ if ( empty($ping_status) )
+ $ping_status = get_option('default_ping_status');
+ $post_password = $_POST['post_password'];
+
+ if ( empty($post_name) ) {
+ if ( !empty($post_title) )
+ $post_name = sanitize_title($post_title, $post_ID);
+ } else {
+ $post_name = sanitize_title($post_name, $post_ID);
+ }
+
+ $trackback = $_POST['trackback_url'];
+ $trackback = preg_replace('|\s+|', "\n", $trackback);
if ($user_level == 0)
die (__('Cheatin’ uh?'));
@@ -92,11 +93,11 @@ case 'post':
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
$ss = ($ss > 59) ? $ss - 60 : $ss;
- $now = "$aa-$mm-$jj $hh:$mn:$ss";
- $now_gmt = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
+ $now = "$aa-$mm-$jj $hh:$mn:$ss";
+ $now_gmt = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
} else {
- $now = current_time('mysql');
- $now_gmt = current_time('mysql', 1);
+ $now = current_time('mysql');
+ $now_gmt = current_time('mysql', 1);
}
// What to do based on which button they pressed
@@ -109,7 +110,7 @@ case 'post':
$postquery ="INSERT INTO $wpdb->posts
(ID, post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt, post_status, comment_status, ping_status, post_password, post_name, to_ping, post_modified, post_modified_gmt, post_parent)
VALUES
- ('0', '$user_ID', '$now', '$now_gmt', '$content', '$post_title', '$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$trackback', '$now', '$now_gmt', '$post_parent')
+ ('$post_ID', '$user_ID', '$now', '$now_gmt', '$content', '$post_title', '$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$trackback', '$now', '$now_gmt', '$post_parent')
";
$result = $wpdb->query($postquery);
@@ -127,8 +128,9 @@ case 'post':
break;
}
} else {
- $location = 'post.php';
+ $location = 'post.php?posted=true';
}
+
if ( '' != $_POST['advanced'] || isset($_POST['save']) )
$location = "post.php?action=edit&post=$post_ID";
@@ -137,15 +139,14 @@ case 'post':
header("Location: $location"); // Send user on their way while we keep working
-
// Insert categories
// Check to make sure there is a category, if not just set it to some default
- if (!$post_categories) $post_categories[] = 1;
+ if (!$post_categories) $post_categories[] = get_option('default_category');
foreach ($post_categories as $post_category) {
// Double check it's not there already
$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_ID AND category_id = $post_category");
- if (!$exists && $result) {
+ if (!$exists) {
$wpdb->query("
INSERT INTO $wpdb->post2cat
(post_id, category_id)
@@ -158,44 +159,18 @@ case 'post':
add_meta($post_ID);
$wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'");
-
- if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
- sleep($sleep_after_edit);
- }
- if ($post_status == 'publish') {
+ do_action('save_post', $post_ID);
- if ($post_pingback) {
+ if ('publish' == $post_status) {
+ if ($post_pingback)
pingback($content, $post_ID);
- }
-
+ do_trackbacks($post_ID);
do_action('publish_post', $post_ID);
-
- // Time for trackbacks
- $to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_ID");
- $pinged = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_ID");
- $pinged = explode("\n", $pinged);
- if ('' != $to_ping) {
- if (strlen($excerpt) > 0) {
- $the_excerpt = (strlen(strip_tags($excerpt)) > 255) ? substr(strip_tags($excerpt), 0, 252) . '...' : strip_tags($excerpt) ;
- } else {
- $the_excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
- }
- $excerpt = stripslashes($the_excerpt);
- $to_pings = explode("\n", $to_ping);
- foreach ($to_pings as $tb_ping) {
- $tb_ping = trim($tb_ping);
- if (!in_array($tb_ping, $pinged)) {
- trackback($tb_ping, stripslashes($post_title), $excerpt, $post_ID);
- }
- }
- }
-
- } // end if publish
+ }
if ($post_status == 'static') {
generate_page_rewrite_rules();
-
add_post_meta($post_ID, '_wp_page_template', $_POST['page_template'], true);
}
@@ -349,7 +324,7 @@ case 'editpost':
} else {
$location = 'post.php';
}
- header ('Location: ' . $location); // Send user on their way while we keep working
+ //header ('Location: ' . $location); // Send user on their way while we keep working
$now = current_time('mysql');
$now_gmt = current_time('mysql', 1);
@@ -402,10 +377,6 @@ $now_gmt = current_time('mysql', 1);
if (!in_array($new_cat, $old_categories))
$wpdb->query("INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ($post_ID, $new_cat)");
}
-
- if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
- sleep($sleep_after_edit);
- }
// Enclosures
$enclosures = split( " ", $enclosure_url );
@@ -446,35 +417,15 @@ $now_gmt = current_time('mysql', 1);
}
}
- // are we going from draft/private to published?
- if ($prev_status != 'publish' && $post_status == 'publish') {
- if ($post_pingback) {
- pingback($content, $post_ID);
- }
- } // end if moving from draft/private to published
+ if ($prev_status != 'publish' && $post_status == 'publish')
+ do_action('private_to_published', $post_ID);
+
if ($post_status == 'publish') {
do_action('publish_post', $post_ID);
-
- // Trackback time.
- $to_ping = trim($wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_ID"));
- $pinged = trim($wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_ID"));
- $pinged = explode("\n", $pinged);
- if ('' != $to_ping) {
- if (strlen($excerpt) > 0) {
- $the_excerpt = (strlen(strip_tags($excerpt)) > 255) ? substr(strip_tags($excerpt), 0, 252) . '...' : strip_tags($excerpt) ;
- } else {
- $the_excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
- }
- $excerpt = stripslashes($the_excerpt);
- $to_pings = explode("\n", $to_ping);
- foreach ($to_pings as $tb_ping) {
- $tb_ping = trim($tb_ping);
- if (!in_array($tb_ping, $pinged)) {
- trackback($tb_ping, stripslashes($post_title), $excerpt, $post_ID);
- }
- }
- }
- } // end if publish
+ do_trackbacks($post_ID);
+ if ( get_option('default_pingback_flag') )
+ pingback($content, $post_ID);
+ }
if ($post_status == 'static') {
generate_page_rewrite_rules();
@@ -499,8 +450,8 @@ case 'delete':
die ('Cheatin’ uh?');
$post_id = intval($_GET['post']);
- $postdata = get_postdata($post_id) or die(sprintf(__('Oops, no post with this ID. Go back!'), 'post.php'));
- $authordata = get_userdata($postdata['Author_ID']);
+ $postdata = $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = '$post_id'") or die(sprintf(__('Oops, no post with this ID. Go back!'), 'post.php'));
+ $authordata = get_userdata($postdata->post_author);
if ($user_level < $authordata->user_level)
die (sprintf(__('You don’t have the right to delete %s’s posts.'), $authordata[1]));
@@ -515,10 +466,6 @@ case 'delete':
$meta = $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = $post_id");
- if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
- sleep($sleep_after_edit);
- }
-
$sendback = $_SERVER['HTTP_REFERER'];
if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
diff --git a/wp-includes/functions-post.php b/wp-includes/functions-post.php
index 81394d884..48d5fc9ea 100644
--- a/wp-includes/functions-post.php
+++ b/wp-includes/functions-post.php
@@ -360,16 +360,13 @@ function wp_new_comment($commentdata) {
$comment_author = strip_tags($comment_author);
$comment_author = htmlspecialchars($comment_author);
- $comment_author = $wpdb->escape($comment_author);
$comment_author_email = preg_replace('/[^a-z+_.@-]/i', '', $comment_author_email);
$comment_author_url = strip_tags($comment_author_url);
$comment_author_url = htmlspecialchars($comment_author_url);
- $comment_author_url = $wpdb->escape($comment_author_url);
$comment_content = apply_filters('comment_content_presave', $comment_content);
- $comment_content = $wpdb->escape($comment_content);
$user_ip = addslashes($_SERVER['REMOTE_ADDR']);
$user_domain = addslashes( gethostbyaddr($user_ip) );
@@ -406,4 +403,52 @@ function wp_new_comment($commentdata) {
return $result;
}
+function do_trackbacks($post_id) {
+ global $wpdb;
+
+ $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = $post_id");
+ $to_ping = get_to_ping($post_id);
+ $pinged = get_pung($post_id);
+ $content = strip_tags($post->post_content);
+ $excerpt = strip_tags($post->post_excerpt);
+ $post_title = strip_tags($post->post_title);
+
+ if ( $excerpt )
+ $excerpt = substr($excerpt, 0, 252) . '...';
+ else
+ $excerpt = substr($content, 0, 252) . '...';
+
+ if ($to_ping) : foreach ($to_ping as $tb_ping) :
+ $tb_ping = trim($tb_ping);
+ if ( !in_array($tb_ping, $pinged) )
+ trackback($tb_ping, $post_title, $excerpt, $post_id);
+ endforeach; endif;
+}
+
+function get_pung($post_id) { // Get URIs already pung for a post
+ global $wpdb;
+ $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id");
+ $pung = trim($pung);
+ $pung = preg_split('/\s/', $pung);
+ return $pung;
+}
+
+function get_to_ping($post_id) { // Get any URIs in the todo list
+ global $wpdb;
+ $to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_id");
+ $to_ping = trim($to_ping);
+ $to_ping = preg_split('/\s/', $to_ping);
+ return $to_ping;
+}
+
+function add_ping($post_id, $uri) { // Add a URI to those already pung
+ global $wpdb;
+ $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id");
+ $pung = trim($pung);
+ $pung = preg_split('/\s/', $pung);
+ $pung[] = $uri;
+ $new = implode("\n", $pung);
+ return $wpdb->query("UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = $post_id");
+}
+
?>
\ No newline at end of file
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index f628b2726..e36ba2a26 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -734,20 +734,21 @@ function debug_fclose($fp) {
}
function pingback($content, $post_ID) {
-
- global $wp_version;
+ global $wp_version, $wpdb;
include_once (ABSPATH . WPINC . '/class-IXR.php');
// original code by Mort (http://mort.mine.nu:8080)
- $log = debug_fopen('./pingback.log', 'a');
+ $log = debug_fopen(ABSPATH . '/pingback.log', 'a');
$post_links = array();
debug_fwrite($log, 'BEGIN '.date('YmdHis', time())."\n");
+ $pung = get_pung($post_ID);
+
// Variables
$ltrs = '\w';
$gunk = '/#~:.?+=&%@!\-';
$punc = '.:?\-';
- $any = $ltrs.$gunk.$punc;
+ $any = $ltrs . $gunk . $punc;
// Step 1
// Parsing the post, external links (if any) are stored in the $post_links array
@@ -768,25 +769,23 @@ function pingback($content, $post_ID) {
// http://dummy-weblog.org/post.php
// We don't wanna ping first and second types, even if they have a valid
- foreach($post_links_temp[0] as $link_test){
- $test = parse_url($link_test);
- if (isset($test['query'])) {
- $post_links[] = $link_test;
- } elseif(($test['path'] != '/') && ($test['path'] != '')) {
- $post_links[] = $link_test;
- }
- }
+ foreach($post_links_temp[0] as $link_test) :
+ if ( !in_array($link_test, $pung) ) : // If we haven't pung it already
+ $test = parse_url($link_test);
+ if (isset($test['query']))
+ $post_links[] = $link_test;
+ elseif(($test['path'] != '/') && ($test['path'] != ''))
+ $post_links[] = $link_test;
+ endif;
+ endforeach;
foreach ($post_links as $pagelinkedto){
-
debug_fwrite($log, "Processing -- $pagelinkedto\n");
$pingback_server_url = discover_pingback_server_uri($pagelinkedto, 2048);
- if($pingback_server_url) {
-
+ if ($pingback_server_url) {
// Now, the RPC call
- $method = 'pingback.ping';
- debug_fwrite($log, 'Page Linked To: '.$pagelinkedto."\n");
+ debug_fwrite($log, "Page Linked To: $pagelinkedto \n");
debug_fwrite($log, 'Page Linked From: ');
$pagelinkedfrom = get_permalink($post_ID);
debug_fwrite($log, $pagelinkedfrom."\n");
@@ -794,19 +793,20 @@ function pingback($content, $post_ID) {
// using a timeout of 3 seconds should be enough to cover slow servers
$client = new IXR_Client($pingback_server_url);
$client->timeout = 3;
- $client->useragent .= ' -- WordPress/'.$wp_version;
+ $client->useragent .= ' -- WordPress/' . $wp_version;
// when set to true, this outputs debug messages by itself
$client->debug = false;
$client->query('pingback.ping', array($pagelinkedfrom, $pagelinkedto));
-
- if (!$client->query('pingback.ping', array($pagelinkedfrom, $pagelinkedto))) {
+
+ if ( !$client->query('pingback.ping', array($pagelinkedfrom, $pagelinkedto) ) )
debug_fwrite($log, "Error.\n Fault code: ".$client->getErrorCode()." : ".$client->getErrorMessage()."\n");
- }
+ else
+ add_ping( $post_ID, $pagelinkedto );
}
}
- debug_fwrite($log, "\nEND: ".time()."\n****************************\n\r");
+ debug_fwrite($log, "\nEND: ".time()."\n****************************\n");
debug_fclose($log);
}
@@ -1607,12 +1607,7 @@ function update_post_caches($posts) {
}
// Get post-meta info
- if ( $meta_list = $wpdb->get_results("
- SELECT post_id,meta_key,meta_value
- FROM $wpdb->postmeta
- WHERE post_id IN($post_id_list)
- ORDER BY post_id,meta_key
- ", ARRAY_A) ) {
+ if ( $meta_list = $wpdb->get_results("SELECT post_id, meta_key, meta_value FROM $wpdb->postmeta WHERE post_id IN($post_id_list) ORDER BY post_id, meta_key", ARRAY_A) ) {
// Change from flat structure to hierarchical:
$post_meta_cache = array();
diff --git a/wp-settings.php b/wp-settings.php
index 52fd807c6..98cc1d04f 100644
--- a/wp-settings.php
+++ b/wp-settings.php
@@ -49,6 +49,7 @@ $tablepostmeta = $wpdb->postmeta;
require (ABSPATH . WPINC . '/functions.php');
require (ABSPATH . WPINC . '/functions-formatting.php');
+require (ABSPATH . WPINC . '/functions-post.php');
require (ABSPATH . WPINC . '/classes.php');
require (ABSPATH . WPINC . '/template-functions.php');
require (ABSPATH . WPINC . '/links.php');
diff --git a/wp-trackback.php b/wp-trackback.php
index d268a265f..4ae183f23 100644
--- a/wp-trackback.php
+++ b/wp-trackback.php
@@ -1,12 +1,27 @@
$v) {
+ if (is_array($v)) {
+ $array[$k] = add_magic_quotes($v);
+ } else {
+ $array[$k] = addslashes($v);
+ }
+ }
+ return $array;
+}
+
+if (!get_magic_quotes_gpc()) {
+ $_GET = add_magic_quotes($_GET);
+ $_POST = add_magic_quotes($_POST);
+ $_COOKIE = add_magic_quotes($_COOKIE);
+}
+
if ( !$doing_trackback) {
$doing_trackback = 1;
require('wp-blog-header.php');
}
-include_once (ABSPATH . WPINC . '/functions-post.php');
-
function trackback_response($error = 0, $error_message = '') {
header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
if ($error) {
diff --git a/xmlrpc.php b/xmlrpc.php
index 45cd410c2..93656e4ab 100644
--- a/xmlrpc.php
+++ b/xmlrpc.php
@@ -5,7 +5,6 @@ $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA);
include('./wp-config.php');
include_once(ABSPATH . WPINC . '/class-IXR.php');
-include_once(ABSPATH . WPINC . '/functions-post.php');
// Turn off all warnings and errors.
// error_reporting(0);