~canonical-sysadmins/wordpress/5.1 : contents of wp-trackback.php at revision 37

~canonical-sysadmins/wordpress/5.1 : (revision 37)

<?php
/**
 * Handle Trackbacks and Pingbacks Sent to WordPress
 *
 * @since 0.71
 *
 * @package WordPress
 * @subpackage Trackbacks
 */

if (empty($wp)) {
	require_once( dirname( __FILE__ ) . '/wp-load.php' );
	wp( array( 'tb' => '1' ) );
}

/**
 * Response to a trackback.
 *
 * Responds with an error or success XML message.
 *
 * @since 0.71
 *
 * @param mixed  $error         Whether there was an error.
 *                              Default '0'. Accepts '0' or '1', true or false.
 * @param string $error_message Error message if an error occurred.
 */
function trackback_response($error = 0, $error_message = '') {
	header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
	if ($error) {
		echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
		echo "<response>\n";
		echo "<error>1</error>\n";
		echo "<message>$error_message</message>\n";
		echo "</response>";
		die();
	} else {
		echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
		echo "<response>\n";
		echo "<error>0</error>\n";
		echo "</response>";
	}
}

// Trackback is done by a POST.
$request_array = 'HTTP_POST_VARS';

if ( !isset($_GET['tb_id']) || !$_GET['tb_id'] ) {
	$tb_id = explode('/', $_SERVER['REQUEST_URI']);
	$tb_id = intval( $tb_id[ count($tb_id) - 1 ] );
}

$tb_url  = isset($_POST['url'])     ? $_POST['url']     : '';
$charset = isset($_POST['charset']) ? $_POST['charset'] : '';

// These three are stripslashed here so they can be properly escaped after mb_convert_encoding().
$title     = isset($_POST['title'])     ? wp_unslash($_POST['title'])      : '';
$excerpt   = isset($_POST['excerpt'])   ? wp_unslash($_POST['excerpt'])    : '';
$blog_name = isset($_POST['blog_name']) ? wp_unslash($_POST['blog_name'])  : '';

if ($charset)
	$charset = str_replace( array(',', ' '), '', strtoupper( trim($charset) ) );
else
	$charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS';

// No valid uses for UTF-7.
if ( false !== strpos($charset, 'UTF-7') )
	die;

// For international trackbacks.
if ( function_exists('mb_convert_encoding') ) {
	$title     = mb_convert_encoding($title, get_option('blog_charset'), $charset);
	$excerpt   = mb_convert_encoding($excerpt, get_option('blog_charset'), $charset);
	$blog_name = mb_convert_encoding($blog_name, get_option('blog_charset'), $charset);
}

// Now that mb_convert_encoding() has been given a swing, we need to escape these three.
$title     = wp_slash($title);
$excerpt   = wp_slash($excerpt);
$blog_name = wp_slash($blog_name);

if ( is_single() || is_page() )
	$tb_id = $posts[0]->ID;

if ( !isset($tb_id) || !intval( $tb_id ) )
	trackback_response( 1, __( 'I really need an ID for this to work.' ) );

if (empty($title) && empty($tb_url) && empty($blog_name)) {
	// If it doesn't look like a trackback at all.
	wp_redirect(get_permalink($tb_id));
	exit;
}

if ( !empty($tb_url) && !empty($title) ) {
	/**
	* Fires before the trackback is added to a post.
	*
	* @since 4.7.0
	*
	* @param int    $tb_id     Post ID related to the trackback.
	* @param string $tb_url    Trackback URL.
	* @param string $charset   Character Set.
	* @param string $title     Trackback Title.
	* @param string $excerpt   Trackback Excerpt.
	* @param string $blog_name Blog Name.
	*/
	do_action( 'pre_trackback_post', $tb_id, $tb_url, $charset, $title, $excerpt, $blog_name );

	header('Content-Type: text/xml; charset=' . get_option('blog_charset') );

	if ( !pings_open($tb_id) )
		trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) );

	$title =  wp_html_excerpt( $title, 250, '&#8230;' );
	$excerpt = wp_html_excerpt( $excerpt, 252, '&#8230;' );

	$comment_post_ID = (int) $tb_id;
	$comment_author = $blog_name;
	$comment_author_email = '';
	$comment_author_url = $tb_url;
	$comment_content = "<strong>$title</strong>\n\n$excerpt";
	$comment_type = 'trackback';

	$dupe = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url) );
	if ( $dupe )
		trackback_response( 1, __( 'We already have a ping from that URL for this post.' ) );

	$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');

	$result = wp_new_comment( $commentdata );

	if ( is_wp_error( $result ) ) {
		trackback_response( 1, $result->get_error_message() );
	}

	$trackback_id = $wpdb->insert_id;

	/**
	 * Fires after a trackback is added to a post.
	 *
	 * @since 1.2.0
	 *
	 * @param int $trackback_id Trackback ID.
	 */
	do_action( 'trackback_post', $trackback_id );
	trackback_response( 0 );
}

1 by Jacek Nykis Initial commit	1	<?php
	2	/**
	3	* Handle Trackbacks and Pingbacks Sent to WordPress
	4	*
	5	* @since 0.71
	6	*
	7	* @package WordPress
	8	* @subpackage Trackbacks
	9	*/
	10
	11	if (empty($wp)) {
	12	require_once( dirname( __FILE__ ) . '/wp-load.php' );
	13	wp( array( 'tb' => '1' ) );
	14	}
	15
	16	/**
	17	* Response to a trackback.
	18	*
	19	* Responds with an error or success XML message.
	20	*
	21	* @since 0.71
	22	*
1.1.1 by Nick Moffitt New Upstream Version 4.1	23	* @param mixed $error Whether there was an error.
	24	* Default '0'. Accepts '0' or '1', true or false.
	25	* @param string $error_message Error message if an error occurred.
1 by Jacek Nykis Initial commit	26	*/
	27	function trackback_response($error = 0, $error_message = '') {
	28	header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
	29	if ($error) {
	30	echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
	31	echo "<response>\n";
	32	echo "<error>1</error>\n";
	33	echo "<message>$error_message</message>\n";
	34	echo "</response>";
	35	die();
	36	} else {
	37	echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
	38	echo "<response>\n";
	39	echo "<error>0</error>\n";
	40	echo "</response>";
	41	}
	42	}
	43
	44	// Trackback is done by a POST.
	45	$request_array = 'HTTP_POST_VARS';
	46
	47	if ( !isset($_GET['tb_id']) \|\| !$_GET['tb_id'] ) {
	48	$tb_id = explode('/', $_SERVER['REQUEST_URI']);
	49	$tb_id = intval( $tb_id[ count($tb_id) - 1 ] );
	50	}
	51
	52	$tb_url = isset($_POST['url']) ? $_POST['url'] : '';
	53	$charset = isset($_POST['charset']) ? $_POST['charset'] : '';
	54
	55	// These three are stripslashed here so they can be properly escaped after mb_convert_encoding().
	56	$title = isset($_POST['title']) ? wp_unslash($_POST['title']) : '';
	57	$excerpt = isset($_POST['excerpt']) ? wp_unslash($_POST['excerpt']) : '';
	58	$blog_name = isset($_POST['blog_name']) ? wp_unslash($_POST['blog_name']) : '';
	59
	60	if ($charset)
	61	$charset = str_replace( array(',', ' '), '', strtoupper( trim($charset) ) );
	62	else
	63	$charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS';
	64
	65	// No valid uses for UTF-7.
	66	if ( false !== strpos($charset, 'UTF-7') )
	67	die;
	68
	69	// For international trackbacks.
	70	if ( function_exists('mb_convert_encoding') ) {
	71	$title = mb_convert_encoding($title, get_option('blog_charset'), $charset);
	72	$excerpt = mb_convert_encoding($excerpt, get_option('blog_charset'), $charset);
	73	$blog_name = mb_convert_encoding($blog_name, get_option('blog_charset'), $charset);
	74	}
	75
	76	// Now that mb_convert_encoding() has been given a swing, we need to escape these three.
	77	$title = wp_slash($title);
	78	$excerpt = wp_slash($excerpt);
	79	$blog_name = wp_slash($blog_name);
	80
	81	if ( is_single() \|\| is_page() )
	82	$tb_id = $posts[0]->ID;
	83
	84	if ( !isset($tb_id) \|\| !intval( $tb_id ) )
1.1.20 by Haw Loeung New upstream version 4.7.	85	trackback_response( 1, __( 'I really need an ID for this to work.' ) );
1 by Jacek Nykis Initial commit	86
	87	if (empty($title) && empty($tb_url) && empty($blog_name)) {
	88	// If it doesn't look like a trackback at all.
	89	wp_redirect(get_permalink($tb_id));
	90	exit;
	91	}
	92
	93	if ( !empty($tb_url) && !empty($title) ) {
1.1.20 by Haw Loeung New upstream version 4.7.	94	/**
	95	* Fires before the trackback is added to a post.
	96	*
	97	* @since 4.7.0
	98	*
	99	* @param int $tb_id Post ID related to the trackback.
	100	* @param string $tb_url Trackback URL.
	101	* @param string $charset Character Set.
	102	* @param string $title Trackback Title.
	103	* @param string $excerpt Trackback Excerpt.
	104	* @param string $blog_name Blog Name.
	105	*/
	106	do_action( 'pre_trackback_post', $tb_id, $tb_url, $charset, $title, $excerpt, $blog_name );
	107
1 by Jacek Nykis Initial commit	108	header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
	109
	110	if ( !pings_open($tb_id) )
1.1.20 by Haw Loeung New upstream version 4.7.	111	trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) );
1 by Jacek Nykis Initial commit	112
	113	$title = wp_html_excerpt( $title, 250, '…' );
	114	$excerpt = wp_html_excerpt( $excerpt, 252, '…' );
	115
	116	$comment_post_ID = (int) $tb_id;
	117	$comment_author = $blog_name;
	118	$comment_author_email = '';
	119	$comment_author_url = $tb_url;
	120	$comment_content = "<strong>$title</strong>\n\n$excerpt";
	121	$comment_type = 'trackback';
	122
	123	$dupe = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url) );
	124	if ( $dupe )
1.1.20 by Haw Loeung New upstream version 4.7.	125	trackback_response( 1, __( 'We already have a ping from that URL for this post.' ) );
1 by Jacek Nykis Initial commit	126
	127	$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');
	128
1.1.30 by Barry Price new upstream release 4.4	129	$result = wp_new_comment( $commentdata );
	130
	131	if ( is_wp_error( $result ) ) {
	132	trackback_response( 1, $result->get_error_message() );
	133	}
	134
1 by Jacek Nykis Initial commit	135	$trackback_id = $wpdb->insert_id;
	136
	137	/**
	138	* Fires after a trackback is added to a post.
	139	*
	140	* @since 1.2.0
	141	*
	142	* @param int $trackback_id Trackback ID.
	143	*/
	144	do_action( 'trackback_post', $trackback_id );
	145	trackback_response( 0 );
	146	}