Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added API doc; fixed code formatting

Browse Source
This commit is contained in:
azett 2022-12-29 14:20:31 +01:00
parent aa10022f48
commit d8991285c6
5 changed files with 322 additions and 275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
admin/panels/entry/admin.entry.delete.php
View File

@ -12,51 +12,50 @@
* @author NoWhereMan <real_nowhereman at users dot sf dot com> * @author NoWhereMan <real_nowhereman at users dot sf dot com>
* *
*/ */
class admin_entry_delete extends AdminPanelAction {
var $events = array(
'delete',
'cancel'
);
class admin_entry_delete extends AdminPanelAction { function main() {
global $fpdb;
var $events = array('delete', 'cancel'); if (isset($_REQUEST ['entry'])) {
$id = $_REQUEST ['entry'];
if ($a = entry_parse($id))
;
else
$a = draft_parse($id);
function main() { if ($a) {
global $fpdb;
if (isset($_REQUEST['entry'])){
$id = $_REQUEST['entry'];
if ($a = entry_parse($id));
else
$a = draft_parse($id);
if ($a) {
if (THEME_LEGACY_MODE) {
theme_entry_filters($a, $id);
}
$this->smarty->assign('entry', $a);
$this->smarty->assign('id', $id);
return 0;
if (THEME_LEGACY_MODE) {
theme_entry_filters($a, $id);
} }
$this->smarty->assign('entry', $a);
$this->smarty->assign('id', $id);
return 0;
} }
return 1;
}
function ondelete() {
$id=$_REQUEST['entry'];
$ok=draft_delete($id) || entry_delete($id);
$success = $ok? 2 : -2;
$this->smarty->assign('success',$success);
return 1;
}
function oncancel() {
return 1;
} }
return 1;
} }
function ondelete() {
$id = $_REQUEST ['entry'];
$ok = draft_delete($id) || entry_delete($id);
$success = $ok ? 2 : -2;
$this->smarty->assign('success', $success);
return 1;
}
function oncancel() {
return 1;
}
}
?> ?>

356
admin/panels/entry/admin.entry.write.php
View File

@ -12,191 +12,203 @@
* @author NoWhereMan <real_nowhereman at users dot sf dot com> * @author NoWhereMan <real_nowhereman at users dot sf dot com>
* *
*/ */
class admin_entry_write extends AdminPanelActionValidated {
var $validators = array(
array(
'subject',
'subject',
'notEmpty',
false,
false,
'trim,stripslashes'
),
array(
'content',
'content',
'notEmpty',
false,
false,
'stripslashes'
)
);
var $events = array(
'save',
'preview',
'savecontinue'
);
var $draft = false;
class admin_entry_write extends AdminPanelActionValidated { function _makePreview($arr, $id = null) {
if (!$id) {
var $validators = array( $arr ['subject'] = apply_filters('title_save_pre', $arr ['subject']);
array('subject', 'subject', 'notEmpty', false, false, 'trim,stripslashes'), $arr ['content'] = apply_filters('content_save_pre', $arr ['content']);
array('content', 'content', 'notEmpty', false, false, 'stripslashes'),
);
var $events = array('save', 'preview', 'savecontinue');
var $draft = false;
function _makePreview($arr, $id=null) {
if (!$id) {
$arr['subject'] = apply_filters('title_save_pre', $arr['subject']);
$arr['content'] = apply_filters('content_save_pre', $arr['content']);
}
if ($this->draft || $this->draft = draft_exists($this->id)) {
if (isset($arr['categories'])
&& is_array($arr['categories']) && !in_array('draft', $arr['categories']) ) {
$arr['categories'][] = 'draft';
} else {
$arr['categories'][] = 'draft';
}
}
// unfiltered content (for editing)
$this->smarty->assign('post', $arr);
if (THEME_LEGACY_MODE) {
theme_entry_filters($arr, $id);
}
// content for preview
$this->smarty->assign('entry', $arr);
$this->smarty->assign('preview', true);
} }
function makePageTitle($title, $sep) { if ($this->draft || $this->draft = draft_exists($this->id)) {
global $lang, $panel; if (isset($arr ['categories']) && is_array($arr ['categories']) && !in_array('draft', $arr ['categories'])) {
if ($this->draft) { $arr ['categories'] [] = 'draft';
$this->smarty->append(
'warnings',
$lang['admin']['entry']['write']['msgs']['draft']
);
}
return "$title $sep {$lang['admin']['entry']['write']['head']}";
}
function draft_class($string) {
return "$string draft";
}
function _getCatsFlags() {
//$this->smarty->assign('saved_categories', entry_categories_format());
$this->smarty->assign('saved_flags', entry_flags_get());
}
function setup() {
$this->id = @$_REQUEST['entry'];
$this->smarty->assign('id', $this->id);
}
function main() {
global $lang;
$id = $this->id;
if (isset($_REQUEST['entry'])) {
$arr = draft_parse($id);
if (!$arr)
$arr = entry_parse($id);
else
$this->smarty->assign('draft', true);
// if entry does not exists
if ($arr) {
$this->_makePreview($arr, $id);
}
}
$this->_getCatsFlags();
add_filter('wp_title', array(&$this, 'makePageTitle'), 10, 2);
if ($this->draft) add_filter('admin_body_class', array(&$this, 'draft_class'));
}
function _getposteddata() {
$arr['version'] = system_ver();
$arr['subject'] = ($_POST['subject']);
$arr['content'] = ($_POST['content']);
$author = user_get();
$arr['author'] = $author['userid'];
$arr['date'] = !empty($_POST['timestamp'])?$_POST['timestamp']:date_time();
$cats = !empty($_POST['cats'])?$_POST['cats']:array();
$flags = !empty($_POST['flags'])?$_POST['flags']:array();
$catids = array_merge(array_keys($flags), array_keys($cats));
$this->draft = isset($flags['draft']);
if ($catids)
$arr['categories'] = $catids;
return $arr;
}
function onsave($do_preview = false) {
$id = $this->id;
$data = $this->_getposteddata();
if ($this->draft) {
$success=draft_save($data, $id, true);
$this->smarty->assign('success', $success? 1 : -1 );
} else { } else {
$success=entry_save($data, $id); $arr ['categories'] [] = 'draft';
$this->smarty->assign('success', is_numeric($success)? $success : 1 );
} }
// if ($success) sess_remove('entry');
if ($do_preview)
$this->_makePreview($data);
if ($success<0) {
$this->main();
return PANEL_NOREDIRECT;
}
return 1;
} }
// unfiltered content (for editing)
$this->smarty->assign('post', $arr);
function onpreview() { if (THEME_LEGACY_MODE) {
global $lang; theme_entry_filters($arr, $id);
$this->_makePreview($this->_getposteddata());
$this->_getCatsFlags();
add_filter('wp_title', array(&$this, 'makePageTitle'), 10, 2);
if ($this->draft) add_filter('admin_body_class', array(&$this, 'draft_class'));
return 0;
}
function onsavecontinue() {
global $lang;
$this->onsave(true);
$this->_getCatsFlags();
add_filter('wp_title', array(&$this, 'makePageTitle'), 10, 2);
if ($this->draft) add_filter('admin_body_class', array(&$this, 'draft_class'));
}
function onerror() {
$this->main();
return 0;
} }
// content for preview
$this->smarty->assign('entry', $arr);
$this->smarty->assign('preview', true);
} }
function makePageTitle($title, $sep) {
global $lang, $panel;
if ($this->draft) {
$this->smarty->append('warnings', $lang ['admin'] ['entry'] ['write'] ['msgs'] ['draft']);
}
return "$title $sep {$lang['admin']['entry']['write']['head']}";
}
function draft_class($string) {
return "$string draft";
}
function _getCatsFlags() {
// $this->smarty->assign('saved_categories', entry_categories_format());
$this->smarty->assign('saved_flags', entry_flags_get());
}
function setup() {
$this->id = @$_REQUEST ['entry'];
$this->smarty->assign('id', $this->id);
}
function main() {
global $lang;
$id = $this->id;
if (isset($_REQUEST ['entry'])) {
$arr = draft_parse($id);
if (!$arr)
$arr = entry_parse($id);
else
$this->smarty->assign('draft', true);
// if entry does not exists
if ($arr) {
$this->_makePreview($arr, $id);
}
}
$this->_getCatsFlags();
add_filter('wp_title', array(
&$this,
'makePageTitle'
), 10, 2);
if ($this->draft)
add_filter('admin_body_class', array(
&$this,
'draft_class'
));
}
function _getposteddata() {
$arr ['version'] = system_ver();
$arr ['subject'] = ($_POST ['subject']);
$arr ['content'] = ($_POST ['content']);
$author = user_get();
$arr ['author'] = $author ['userid'];
$arr ['date'] = !empty($_POST ['timestamp']) ? $_POST ['timestamp'] : date_time();
$cats = !empty($_POST ['cats']) ? $_POST ['cats'] : array();
$flags = !empty($_POST ['flags']) ? $_POST ['flags'] : array();
$catids = array_merge(array_keys($flags), array_keys($cats));
$this->draft = isset($flags ['draft']);
if ($catids)
$arr ['categories'] = $catids;
return $arr;
}
function onsave($do_preview = false) {
$id = $this->id;
$data = $this->_getposteddata();
if ($this->draft) {
$success = draft_save($data, $id, true);
$this->smarty->assign('success', $success ? 1 : -1);
} else {
$success = entry_save($data, $id);
$this->smarty->assign('success', is_numeric($success) ? $success : 1);
}
// if ($success) sess_remove('entry');
if ($do_preview)
$this->_makePreview($data);
if ($success < 0) {
$this->main();
return PANEL_NOREDIRECT;
}
return 1;
}
function onpreview() {
global $lang;
$this->_makePreview($this->_getposteddata());
$this->_getCatsFlags();
add_filter('wp_title', array(
&$this,
'makePageTitle'
), 10, 2);
if ($this->draft)
add_filter('admin_body_class', array(
&$this,
'draft_class'
));
return 0;
}
function onsavecontinue() {
global $lang;
$this->onsave(true);
$this->_getCatsFlags();
add_filter('wp_title', array(
&$this,
'makePageTitle'
), 10, 2);
if ($this->draft)
add_filter('admin_body_class', array(
&$this,
'draft_class'
));
}
function onerror() {
$this->main();
return 0;
}
}
?> ?>

10
fp-includes/core/core.users.php
View File

@ -49,7 +49,8 @@ function user_login($userid, $pwd, $params = null) {
if (password_verify($userid . $pwd, $user ['password'])) { if (password_verify($userid . $pwd, $user ['password'])) {
$loggedin = true; $loggedin = true;
} // } //
// for FP instances updated from 1.1 to 1.2: check password the old-fashioned way (with wp_hash() which uses md5) // If this didn't work, the passwords may have been created with FlatPress 1.1 or earlier.
// So we check the password the old-fashioned way (with wp_hash() which uses md5):
elseif (wp_hash($userid . $pwd) == $user ['password']) { elseif (wp_hash($userid . $pwd) == $user ['password']) {
$loggedin = true; $loggedin = true;
@ -110,6 +111,13 @@ function user_loggedin() {
return false; return false;
} }
/**
* Returns the user information as associative array
*
* @param string $userid
* optional: The ID (shortname) of a specific user
* @return array the user information array
*/
function user_get($userid = null) { function user_get($userid = null) {
if ($userid == null && ($user = user_loggedin())) { if ($userid == null && ($user = user_loggedin())) {
return $user; return $user;

79
fp-includes/core/core.wp-functions.php
View File

@ -1,70 +1,85 @@
<?php <?php
/**
* Returns the given action URL with the current nonce.
*
* @param string $actionurl
* the URL
* @param unknown $action
* @return string the URL with the nonce
*/
function wp_nonce_url($actionurl, $action = -1) { function wp_nonce_url($actionurl, $action = -1) {
return wp_specialchars( $actionurl . '&_wpnonce=' . wp_create_nonce($action) ); return wp_specialchars($actionurl . '&_wpnonce=' . wp_create_nonce($action));
} }
/**
* Echoes a hidden input field containing the Nonce
*
* @param int $action
*/
function wp_nonce_field($action = -1) { function wp_nonce_field($action = -1) {
echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />'; echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />';
wp_referer_field(); wp_referer_field();
} }
/**
* Echoes a hidden input field containing the referrer
*/
function wp_referer_field() { function wp_referer_field() {
$ref = wp_specialchars($_SERVER['REQUEST_URI']); $ref = wp_specialchars($_SERVER ['REQUEST_URI']);
echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />'; echo '<input type="hidden" name="_wp_http_referer" value="' . $ref . '" />';
if ( wp_get_original_referer() ) { if (wp_get_original_referer()) {
$original_ref = wp_specialchars(stripslashes(wp_get_original_referer())); $original_ref = wp_specialchars(stripslashes(wp_get_original_referer()));
echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />'; echo '<input type="hidden" name="_wp_original_http_referer" value="' . $original_ref . '" />';
} }
} }
function wp_original_referer_field() { function wp_original_referer_field() {
echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER ['REQUEST_URI'])) . '" />';
} }
function wp_get_referer() { function wp_get_referer() {
foreach ( array(@$_REQUEST['_wp_http_referer'],@$_SERVER['HTTP_REFERER']) as $ref ) foreach (array(
if ( !empty($ref) ) @$_REQUEST ['_wp_http_referer'],
return $ref; @$_SERVER ['HTTP_REFERER']
return false; ) as $ref)
if (!empty($ref))
return $ref;
return false;
} }
function wp_get_original_referer() { function wp_get_original_referer() {
if ( !empty($_REQUEST['_wp_original_http_referer']) ) if (!empty($_REQUEST ['_wp_original_http_referer']))
return $_REQUEST['_wp_original_http_referer']; return $_REQUEST ['_wp_original_http_referer'];
return false; return false;
} }
function add_magic_quotes($array) { function add_magic_quotes($array) {
foreach ($array as $k => $v) { foreach ($array as $k => $v) {
if (is_array($v)) { if (is_array($v)) {
$array[$k] = add_magic_quotes($v); $array [$k] = add_magic_quotes($v);
} else { } else {
$array[$k] = addslashes($v); $array [$k] = addslashes($v);
} }
} }
return $array; return $array;
} }
function wp_remote_fopen( $uri ) { function wp_remote_fopen($uri) {
if ( ini_get('allow_url_fopen') ) { if (ini_get('allow_url_fopen')) {
$fp = fopen( $uri, 'r' ); $fp = fopen($uri, 'r');
if ( !$fp ) if (!$fp)
return false; return false;
$linea = ''; $linea = '';
while( $remote_read = fread($fp, 4096) ) while ($remote_read = fread($fp, 4096))
$linea .= $remote_read; $linea .= $remote_read;
fclose($fp); fclose($fp);
return $linea; return $linea;
} else if ( function_exists('curl_init') ) { } else if (function_exists('curl_init')) {
$handle = curl_init(); $handle = curl_init();
curl_setopt ($handle, CURLOPT_URL, $uri); curl_setopt($handle, CURLOPT_URL, $uri);
curl_setopt ($handle, CURLOPT_CONNECTTIMEOUT, 1); curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 1);
curl_setopt ($handle, CURLOPT_RETURNTRANSFER, 1); curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
$buffer = curl_exec($handle); $buffer = curl_exec($handle);
curl_close($handle); curl_close($handle);
return $buffer; return $buffer;

31
fp-includes/core/core.wp-pluggable-funcs.php
View File

@ -331,7 +331,8 @@ if (!function_exists('wp_verify_nonce')) :
$user = user_get(); $user = user_get();
$uid = $user ['userid']; $uid = $user ['userid'];
$i = ceil(time() / 43200); // new nonce each 12 hours
$i = ceil(time() / (60 * 60 * 12));
// Allow for expanding range, but only do one check if we can // Allow for expanding range, but only do one check if we can
if (substr(wp_hash($i . $action . $uid), -12, 10) == $nonce || substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce) if (substr(wp_hash($i . $action . $uid), -12, 10) == $nonce || substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce)
@ -342,11 +343,20 @@ endif;
if (!function_exists('wp_create_nonce')) : if (!function_exists('wp_create_nonce')) :
/**
* Creates and returns the valid nonce.
*
* @param int $action
* optional: the action
* @return string the nonce
*/
function wp_create_nonce($action = -1) { function wp_create_nonce($action = -1) {
// get the info array of the user currenty logged in
$user = user_get(); $user = user_get();
$uid = $user ['userid']; $uid = $user ['userid'];
$i = ceil(time() / 43200); // new nonce each 12 hours
$i = ceil(time() / (60 * 60 * 12));
return substr(wp_hash($i . $action . $uid), -12, 10); return substr(wp_hash($i . $action . $uid), -12, 10);
} }
@ -355,18 +365,20 @@ endif;
if (!function_exists('wp_salt')) : if (!function_exists('wp_salt')) :
/** /**
* Returns a salt for hashing.<br>
* The salt is unique for each FlatPress installation; see <code>fp-content/config/hashsalt.conf.php</code>
* *
* @return NULL|unknown * @return string the salt
* @deprecated as of FlatPress 1.2 - still here only to be able to update pre-1.2 credentials
*/ */
function wp_salt() { function wp_salt() {
global $fp_config; global $fp_config;
static $salt = null; static $salt = null;
if (!$salt) { if (!$salt) {
// get the salt from the hashsalt file
@include (HASHSALT_FILE); @include (HASHSALT_FILE);
if (!$fp_hashsalt) if (!$fp_hashsalt) {
trigger_error('Cannot load hash salt: reinstall FlatPress', E_USER_ERROR); trigger_error('Cannot load hash salt: reinstall FlatPress', E_USER_ERROR);
}
$salt = $fp_hashsalt; $salt = $fp_hashsalt;
} }
return $salt; return $salt;
@ -376,10 +388,11 @@ endif;
if (!function_exists('wp_hash')) : if (!function_exists('wp_hash')) :
/** /**
* Creates a salted MD5 hash of the given string.
* *
* @param unknown $data * @param string $data
* @return string * the string to hash
* @deprecated as of FlatPress 1.2 - still here only to be able to update pre-1.2 credentials * @return string the hash
*/ */
function wp_hash($data) { function wp_hash($data) {
$salt = wp_salt(); $salt = wp_salt();