angelovcom.net

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

wp-trackback.php (4747B)

      1 <?php
      2 /**
      3  * Handle Trackbacks and Pingbacks Sent to WordPress
      4  *
      5  * @since 0.71
      6  *
      7  * @package WordPress
      8  * @subpackage Trackbacks
      9  */
     10 
     11 if ( empty( $wp ) ) {
     12 	require_once __DIR__ . '/wp-load.php';
     13 	wp( array( 'tb' => '1' ) );
     14 }
     15 
     16 /**
     17  * Response to a trackback.
     18  *
     19  * Responds with an error or success XML message.
     20  *
     21  * @since 0.71
     22  *
     23  * @param int|bool $error         Whether there was an error.
     24  *                                Default '0'. Accepts '0' or '1', true or false.
     25  * @param string   $error_message Error message if an error occurred.
     26  */
     27 function trackback_response( $error = 0, $error_message = '' ) {
     28 	header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
     29 	if ( $error ) {
     30 		echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
     31 		echo "<response>\n";
     32 		echo "<error>1</error>\n";
     33 		echo "<message>$error_message</message>\n";
     34 		echo '</response>';
     35 		die();
     36 	} else {
     37 		echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
     38 		echo "<response>\n";
     39 		echo "<error>0</error>\n";
     40 		echo '</response>';
     41 	}
     42 }
     43 
     44 // Trackback is done by a POST.
     45 $request_array = 'HTTP_POST_VARS';
     46 
     47 if ( ! isset( $_GET['tb_id'] ) || ! $_GET['tb_id'] ) {
     48 	$tb_id = explode( '/', $_SERVER['REQUEST_URI'] );
     49 	$tb_id = (int) $tb_id[ count( $tb_id ) - 1 ];
     50 }
     51 
     52 $tb_url  = isset( $_POST['url'] ) ? $_POST['url'] : '';
     53 $charset = isset( $_POST['charset'] ) ? $_POST['charset'] : '';
     54 
     55 // These three are stripslashed here so they can be properly escaped after mb_convert_encoding().
     56 $title     = isset( $_POST['title'] ) ? wp_unslash( $_POST['title'] ) : '';
     57 $excerpt   = isset( $_POST['excerpt'] ) ? wp_unslash( $_POST['excerpt'] ) : '';
     58 $blog_name = isset( $_POST['blog_name'] ) ? wp_unslash( $_POST['blog_name'] ) : '';
     59 
     60 if ( $charset ) {
     61 	$charset = str_replace( array( ',', ' ' ), '', strtoupper( trim( $charset ) ) );
     62 } else {
     63 	$charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS';
     64 }
     65 
     66 // No valid uses for UTF-7.
     67 if ( false !== strpos( $charset, 'UTF-7' ) ) {
     68 	die;
     69 }
     70 
     71 // For international trackbacks.
     72 if ( function_exists( 'mb_convert_encoding' ) ) {
     73 	$title     = mb_convert_encoding( $title, get_option( 'blog_charset' ), $charset );
     74 	$excerpt   = mb_convert_encoding( $excerpt, get_option( 'blog_charset' ), $charset );
     75 	$blog_name = mb_convert_encoding( $blog_name, get_option( 'blog_charset' ), $charset );
     76 }
     77 
     78 // Now that mb_convert_encoding() has been given a swing, we need to escape these three.
     79 $title     = wp_slash( $title );
     80 $excerpt   = wp_slash( $excerpt );
     81 $blog_name = wp_slash( $blog_name );
     82 
     83 if ( is_single() || is_page() ) {
     84 	$tb_id = $posts[0]->ID;
     85 }
     86 
     87 if ( ! isset( $tb_id ) || ! (int) $tb_id ) {
     88 	trackback_response( 1, __( 'I really need an ID for this to work.' ) );
     89 }
     90 
     91 if ( empty( $title ) && empty( $tb_url ) && empty( $blog_name ) ) {
     92 	// If it doesn't look like a trackback at all.
     93 	wp_redirect( get_permalink( $tb_id ) );
     94 	exit;
     95 }
     96 
     97 if ( ! empty( $tb_url ) && ! empty( $title ) ) {
     98 	/**
     99 	 * Fires before the trackback is added to a post.
    100 	 *
    101 	 * @since 4.7.0
    102 	 *
    103 	 * @param int    $tb_id     Post ID related to the trackback.
    104 	 * @param string $tb_url    Trackback URL.
    105 	 * @param string $charset   Character Set.
    106 	 * @param string $title     Trackback Title.
    107 	 * @param string $excerpt   Trackback Excerpt.
    108 	 * @param string $blog_name Blog Name.
    109 	 */
    110 	do_action( 'pre_trackback_post', $tb_id, $tb_url, $charset, $title, $excerpt, $blog_name );
    111 
    112 	header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
    113 
    114 	if ( ! pings_open( $tb_id ) ) {
    115 		trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) );
    116 	}
    117 
    118 	$title   = wp_html_excerpt( $title, 250, '&#8230;' );
    119 	$excerpt = wp_html_excerpt( $excerpt, 252, '&#8230;' );
    120 
    121 	$comment_post_ID      = (int) $tb_id;
    122 	$comment_author       = $blog_name;
    123 	$comment_author_email = '';
    124 	$comment_author_url   = $tb_url;
    125 	$comment_content      = "<strong>$title</strong>\n\n$excerpt";
    126 	$comment_type         = 'trackback';
    127 
    128 	$dupe = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url ) );
    129 	if ( $dupe ) {
    130 		trackback_response( 1, __( 'We already have a ping from that URL for this post.' ) );
    131 	}
    132 
    133 	$commentdata = compact( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type' );
    134 
    135 	$result = wp_new_comment( $commentdata );
    136 
    137 	if ( is_wp_error( $result ) ) {
    138 		trackback_response( 1, $result->get_error_message() );
    139 	}
    140 
    141 	$trackback_id = $wpdb->insert_id;
    142 
    143 	/**
    144 	 * Fires after a trackback is added to a post.
    145 	 *
    146 	 * @since 1.2.0
    147 	 *
    148 	 * @param int $trackback_id Trackback ID.
    149 	 */
    150 	do_action( 'trackback_post', $trackback_id );
    151 	trackback_response( 0 );
    152 }