2013-10-25 00:58:23 +02:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Handle Trackbacks and Pingbacks Sent to WordPress
|
|
|
|
*
|
|
|
|
* @since 0.71
|
|
|
|
*
|
|
|
|
* @package WordPress
|
|
|
|
* @subpackage Trackbacks
|
|
|
|
*/
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( empty( $wp ) ) {
|
2020-02-06 07:33:11 +01:00
|
|
|
require_once __DIR__ . '/wp-load.php';
|
2013-10-25 00:58:23 +02:00
|
|
|
wp( array( 'tb' => '1' ) );
|
|
|
|
}
|
|
|
|
|
2022-10-17 13:22:11 +02:00
|
|
|
// Always run as an unauthenticated user.
|
|
|
|
wp_set_current_user( 0 );
|
|
|
|
|
2013-10-25 00:58:23 +02:00
|
|
|
/**
|
|
|
|
* Response to a trackback.
|
|
|
|
*
|
|
|
|
* Responds with an error or success XML message.
|
|
|
|
*
|
|
|
|
* @since 0.71
|
|
|
|
*
|
2019-11-05 22:23:02 +01:00
|
|
|
* @param int|bool $error Whether there was an error.
|
|
|
|
* Default '0'. Accepts '0' or '1', true or false.
|
2022-10-20 20:23:14 +02:00
|
|
|
* @param string $error_message Error message if an error occurred. Default empty string.
|
2013-10-25 00:58:23 +02:00
|
|
|
*/
|
2017-12-01 00:11:00 +01:00
|
|
|
function trackback_response( $error = 0, $error_message = '' ) {
|
|
|
|
header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
|
2022-07-19 16:02:10 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $error ) {
|
|
|
|
echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
|
2013-10-25 00:58:23 +02:00
|
|
|
echo "<response>\n";
|
|
|
|
echo "<error>1</error>\n";
|
|
|
|
echo "<message>$error_message</message>\n";
|
2017-12-01 00:11:00 +01:00
|
|
|
echo '</response>';
|
2013-10-25 00:58:23 +02:00
|
|
|
die();
|
|
|
|
} else {
|
2017-12-01 00:11:00 +01:00
|
|
|
echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
|
2013-10-25 00:58:23 +02:00
|
|
|
echo "<response>\n";
|
|
|
|
echo "<error>0</error>\n";
|
2017-12-01 00:11:00 +01:00
|
|
|
echo '</response>';
|
2013-10-25 00:58:23 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( ! isset( $_GET['tb_id'] ) || ! $_GET['tb_id'] ) {
|
2022-07-19 16:02:10 +02:00
|
|
|
$post_id = explode( '/', $_SERVER['REQUEST_URI'] );
|
|
|
|
$post_id = (int) $post_id[ count( $post_id ) - 1 ];
|
2013-10-25 00:58:23 +02:00
|
|
|
}
|
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
$trackback_url = isset( $_POST['url'] ) ? $_POST['url'] : '';
|
|
|
|
$charset = isset( $_POST['charset'] ) ? $_POST['charset'] : '';
|
2013-10-25 00:58:23 +02:00
|
|
|
|
|
|
|
// These three are stripslashed here so they can be properly escaped after mb_convert_encoding().
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = isset( $_POST['title'] ) ? wp_unslash( $_POST['title'] ) : '';
|
|
|
|
$excerpt = isset( $_POST['excerpt'] ) ? wp_unslash( $_POST['excerpt'] ) : '';
|
|
|
|
$blog_name = isset( $_POST['blog_name'] ) ? wp_unslash( $_POST['blog_name'] ) : '';
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $charset ) {
|
|
|
|
$charset = str_replace( array( ',', ' ' ), '', strtoupper( trim( $charset ) ) );
|
2024-10-18 17:56:18 +02:00
|
|
|
|
|
|
|
// Validate the specified "sender" charset is available on the receiving site.
|
|
|
|
if ( function_exists( 'mb_list_encodings' ) && ! in_array( $charset, mb_list_encodings(), true ) ) {
|
|
|
|
$charset = '';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ! $charset ) {
|
2013-10-25 00:58:23 +02:00
|
|
|
$charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS';
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
|
|
|
// No valid uses for UTF-7.
|
Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 16:36:26 +02:00
|
|
|
if ( str_contains( $charset, 'UTF-7' ) ) {
|
2013-10-25 00:58:23 +02:00
|
|
|
die;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
|
|
|
// For international trackbacks.
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( function_exists( 'mb_convert_encoding' ) ) {
|
|
|
|
$title = mb_convert_encoding( $title, get_option( 'blog_charset' ), $charset );
|
|
|
|
$excerpt = mb_convert_encoding( $excerpt, get_option( 'blog_charset' ), $charset );
|
|
|
|
$blog_name = mb_convert_encoding( $blog_name, get_option( 'blog_charset' ), $charset );
|
2013-10-25 00:58:23 +02:00
|
|
|
}
|
|
|
|
|
Docs: Revise comments using “we” in WordPress root directory files.
This updates some inline comments to better match the guidelines and recommendations set forth in the make/core and make/docs handbooks:
> In general, use second person in your documentation. Second person depicts a friendly tone, with a perfect focus on the reader. In addition to this, directly addressing the reader helps avoid passive voice; thereby preventing unwanted confusion.
> ...
> the word “we” should be avoided (...) unless its made very clear which group is speaking.
Includes:
* Replacing first-person usage of "we" with second person point of view.
* Making small clarification adjustments where the voice is much too casual or lacks clear context, especially for non-native English speakers.
References:
* [https://make.wordpress.org/docs/style-guide/language-grammar/grammatical-person/ Style Guide: Grammatical person]
* [https://make.wordpress.org/docs/handbook/documentation-team-handbook/handbooks-style-and-formatting-guide/ Handbooks & HelpHub Style and Formatting Guide]
* [https://make.wordpress.org/core/handbook/best-practices/post-comment-guidelines/#style-and-substance Post & Comment Guidelines: Style and Substance]
Follow-up to [2176], [3430], [4676], [6009], [7991], [12688], [12762], [26008], [28978], [44488], [44962], [51979], [53131], [53132], [53156], [53131], [54200].
Props ironprogrammer, costdev, jorbin, SergeyBiryukov.
See #57052.
Built from https://develop.svn.wordpress.org/trunk@54866
git-svn-id: http://core.svn.wordpress.org/trunk@54418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-23 16:43:13 +01:00
|
|
|
// Escape values to use in the trackback.
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = wp_slash( $title );
|
|
|
|
$excerpt = wp_slash( $excerpt );
|
|
|
|
$blog_name = wp_slash( $blog_name );
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( is_single() || is_page() ) {
|
2022-07-19 16:02:10 +02:00
|
|
|
$post_id = $posts[0]->ID;
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
if ( ! isset( $post_id ) || ! (int) $post_id ) {
|
2016-10-06 20:09:29 +02:00
|
|
|
trackback_response( 1, __( 'I really need an ID for this to work.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
if ( empty( $title ) && empty( $trackback_url ) && empty( $blog_name ) ) {
|
2013-10-25 00:58:23 +02:00
|
|
|
// If it doesn't look like a trackback at all.
|
2022-07-19 16:02:10 +02:00
|
|
|
wp_redirect( get_permalink( $post_id ) );
|
2013-10-25 00:58:23 +02:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
if ( ! empty( $trackback_url ) && ! empty( $title ) ) {
|
2016-10-14 21:39:28 +02:00
|
|
|
/**
|
2017-12-01 00:11:00 +01:00
|
|
|
* Fires before the trackback is added to a post.
|
|
|
|
*
|
|
|
|
* @since 4.7.0
|
|
|
|
*
|
2022-07-19 16:02:10 +02:00
|
|
|
* @param int $post_id Post ID related to the trackback.
|
|
|
|
* @param string $trackback_url Trackback URL.
|
|
|
|
* @param string $charset Character set.
|
|
|
|
* @param string $title Trackback title.
|
|
|
|
* @param string $excerpt Trackback excerpt.
|
2023-06-19 20:27:27 +02:00
|
|
|
* @param string $blog_name Site name.
|
2017-12-01 00:11:00 +01:00
|
|
|
*/
|
2022-07-19 16:02:10 +02:00
|
|
|
do_action( 'pre_trackback_post', $post_id, $trackback_url, $charset, $title, $excerpt, $blog_name );
|
2016-10-14 21:39:28 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
if ( ! pings_open( $post_id ) ) {
|
2016-10-06 20:09:29 +02:00
|
|
|
trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
$title = wp_html_excerpt( $title, 250, '…' );
|
2013-10-25 00:58:23 +02:00
|
|
|
$excerpt = wp_html_excerpt( $excerpt, 252, '…' );
|
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
$comment_post_id = (int) $post_id;
|
2017-12-01 00:11:00 +01:00
|
|
|
$comment_author = $blog_name;
|
2013-10-25 00:58:23 +02:00
|
|
|
$comment_author_email = '';
|
2022-07-19 16:02:10 +02:00
|
|
|
$comment_author_url = $trackback_url;
|
2017-12-01 00:11:00 +01:00
|
|
|
$comment_content = "<strong>$title</strong>\n\n$excerpt";
|
|
|
|
$comment_type = 'trackback';
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
$dupe = $wpdb->get_results(
|
|
|
|
$wpdb->prepare(
|
|
|
|
"SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s",
|
|
|
|
$comment_post_id,
|
|
|
|
$comment_author_url
|
|
|
|
)
|
|
|
|
);
|
|
|
|
|
2017-12-01 00:11:00 +01:00
|
|
|
if ( $dupe ) {
|
Administration: Remove self-reference ("we") in WordPress Admin.
This changes updates many strings to remove self-references to an undefined "we" collective across the WordPress Administration.
The goal of this change is to better match the guidelines and recommendations set forth in the make/core handbook, specifically:
> the word "we" should be avoided (…) unless its made very clear which group is speaking.
Props johnbillion, shital-patel, audrasjb, marybaum, SergeyBiryukov, peterwilsoncc, johnjamesjacoby, kebbet, costdev, chaion07, davidbaumwald.
Fixes #46057.
Built from https://develop.svn.wordpress.org/trunk@53131
git-svn-id: http://core.svn.wordpress.org/trunk@52720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-11 13:42:04 +02:00
|
|
|
trackback_response( 1, __( 'There is already a ping from that URL for this post.' ) );
|
2017-12-01 00:11:00 +01:00
|
|
|
}
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2022-07-19 16:02:10 +02:00
|
|
|
$commentdata = array(
|
|
|
|
'comment_post_ID' => $comment_post_id,
|
|
|
|
);
|
|
|
|
|
|
|
|
$commentdata += compact(
|
|
|
|
'comment_author',
|
|
|
|
'comment_author_email',
|
|
|
|
'comment_author_url',
|
|
|
|
'comment_content',
|
|
|
|
'comment_type'
|
|
|
|
);
|
2013-10-25 00:58:23 +02:00
|
|
|
|
2017-10-24 00:12:51 +02:00
|
|
|
$result = wp_new_comment( $commentdata );
|
|
|
|
|
|
|
|
if ( is_wp_error( $result ) ) {
|
|
|
|
trackback_response( 1, $result->get_error_message() );
|
|
|
|
}
|
|
|
|
|
2013-10-25 00:58:23 +02:00
|
|
|
$trackback_id = $wpdb->insert_id;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Fires after a trackback is added to a post.
|
|
|
|
*
|
|
|
|
* @since 1.2.0
|
|
|
|
*
|
|
|
|
* @param int $trackback_id Trackback ID.
|
|
|
|
*/
|
|
|
|
do_action( 'trackback_post', $trackback_id );
|
2022-07-19 16:02:10 +02:00
|
|
|
|
2013-10-25 00:58:23 +02:00
|
|
|
trackback_response( 0 );
|
|
|
|
}
|