Edit File by line
/home/barbar84/public_h...
File: wp-trackback.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* Handle Trackbacks and Pingbacks Sent to WordPress
[2] Fix | Delete
*
[3] Fix | Delete
* @since 0.71
[4] Fix | Delete
*
[5] Fix | Delete
* @package WordPress
[6] Fix | Delete
* @subpackage Trackbacks
[7] Fix | Delete
*/
[8] Fix | Delete
[9] Fix | Delete
if ( empty( $wp ) ) {
[10] Fix | Delete
require_once __DIR__ . '/wp-load.php';
[11] Fix | Delete
wp( array( 'tb' => '1' ) );
[12] Fix | Delete
}
[13] Fix | Delete
[14] Fix | Delete
// Always run as an unauthenticated user.
[15] Fix | Delete
wp_set_current_user( 0 );
[16] Fix | Delete
[17] Fix | Delete
/**
[18] Fix | Delete
* Response to a trackback.
[19] Fix | Delete
*
[20] Fix | Delete
* Responds with an error or success XML message.
[21] Fix | Delete
*
[22] Fix | Delete
* @since 0.71
[23] Fix | Delete
*
[24] Fix | Delete
* @param int|bool $error Whether there was an error.
[25] Fix | Delete
* Default '0'. Accepts '0' or '1', true or false.
[26] Fix | Delete
* @param string $error_message Error message if an error occurred.
[27] Fix | Delete
*/
[28] Fix | Delete
function trackback_response( $error = 0, $error_message = '' ) {
[29] Fix | Delete
header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
[30] Fix | Delete
if ( $error ) {
[31] Fix | Delete
echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
[32] Fix | Delete
echo "<response>\n";
[33] Fix | Delete
echo "<error>1</error>\n";
[34] Fix | Delete
echo "<message>$error_message</message>\n";
[35] Fix | Delete
echo '</response>';
[36] Fix | Delete
die();
[37] Fix | Delete
} else {
[38] Fix | Delete
echo '<?xml version="1.0" encoding="utf-8"?' . ">\n";
[39] Fix | Delete
echo "<response>\n";
[40] Fix | Delete
echo "<error>0</error>\n";
[41] Fix | Delete
echo '</response>';
[42] Fix | Delete
}
[43] Fix | Delete
}
[44] Fix | Delete
[45] Fix | Delete
// Trackback is done by a POST.
[46] Fix | Delete
$request_array = 'HTTP_POST_VARS';
[47] Fix | Delete
[48] Fix | Delete
if ( ! isset( $_GET['tb_id'] ) || ! $_GET['tb_id'] ) {
[49] Fix | Delete
$tb_id = explode( '/', $_SERVER['REQUEST_URI'] );
[50] Fix | Delete
$tb_id = (int) $tb_id[ count( $tb_id ) - 1 ];
[51] Fix | Delete
}
[52] Fix | Delete
[53] Fix | Delete
$tb_url = isset( $_POST['url'] ) ? $_POST['url'] : '';
[54] Fix | Delete
$charset = isset( $_POST['charset'] ) ? $_POST['charset'] : '';
[55] Fix | Delete
[56] Fix | Delete
// These three are stripslashed here so they can be properly escaped after mb_convert_encoding().
[57] Fix | Delete
$title = isset( $_POST['title'] ) ? wp_unslash( $_POST['title'] ) : '';
[58] Fix | Delete
$excerpt = isset( $_POST['excerpt'] ) ? wp_unslash( $_POST['excerpt'] ) : '';
[59] Fix | Delete
$blog_name = isset( $_POST['blog_name'] ) ? wp_unslash( $_POST['blog_name'] ) : '';
[60] Fix | Delete
[61] Fix | Delete
if ( $charset ) {
[62] Fix | Delete
$charset = str_replace( array( ',', ' ' ), '', strtoupper( trim( $charset ) ) );
[63] Fix | Delete
} else {
[64] Fix | Delete
$charset = 'ASCII, UTF-8, ISO-8859-1, JIS, EUC-JP, SJIS';
[65] Fix | Delete
}
[66] Fix | Delete
[67] Fix | Delete
// No valid uses for UTF-7.
[68] Fix | Delete
if ( false !== strpos( $charset, 'UTF-7' ) ) {
[69] Fix | Delete
die;
[70] Fix | Delete
}
[71] Fix | Delete
[72] Fix | Delete
// For international trackbacks.
[73] Fix | Delete
if ( function_exists( 'mb_convert_encoding' ) ) {
[74] Fix | Delete
$title = mb_convert_encoding( $title, get_option( 'blog_charset' ), $charset );
[75] Fix | Delete
$excerpt = mb_convert_encoding( $excerpt, get_option( 'blog_charset' ), $charset );
[76] Fix | Delete
$blog_name = mb_convert_encoding( $blog_name, get_option( 'blog_charset' ), $charset );
[77] Fix | Delete
}
[78] Fix | Delete
[79] Fix | Delete
// Now that mb_convert_encoding() has been given a swing, we need to escape these three.
[80] Fix | Delete
$title = wp_slash( $title );
[81] Fix | Delete
$excerpt = wp_slash( $excerpt );
[82] Fix | Delete
$blog_name = wp_slash( $blog_name );
[83] Fix | Delete
[84] Fix | Delete
if ( is_single() || is_page() ) {
[85] Fix | Delete
$tb_id = $posts[0]->ID;
[86] Fix | Delete
}
[87] Fix | Delete
[88] Fix | Delete
if ( ! isset( $tb_id ) || ! (int) $tb_id ) {
[89] Fix | Delete
trackback_response( 1, __( 'I really need an ID for this to work.' ) );
[90] Fix | Delete
}
[91] Fix | Delete
[92] Fix | Delete
if ( empty( $title ) && empty( $tb_url ) && empty( $blog_name ) ) {
[93] Fix | Delete
// If it doesn't look like a trackback at all.
[94] Fix | Delete
wp_redirect( get_permalink( $tb_id ) );
[95] Fix | Delete
exit;
[96] Fix | Delete
}
[97] Fix | Delete
[98] Fix | Delete
if ( ! empty( $tb_url ) && ! empty( $title ) ) {
[99] Fix | Delete
/**
[100] Fix | Delete
* Fires before the trackback is added to a post.
[101] Fix | Delete
*
[102] Fix | Delete
* @since 4.7.0
[103] Fix | Delete
*
[104] Fix | Delete
* @param int $tb_id Post ID related to the trackback.
[105] Fix | Delete
* @param string $tb_url Trackback URL.
[106] Fix | Delete
* @param string $charset Character Set.
[107] Fix | Delete
* @param string $title Trackback Title.
[108] Fix | Delete
* @param string $excerpt Trackback Excerpt.
[109] Fix | Delete
* @param string $blog_name Blog Name.
[110] Fix | Delete
*/
[111] Fix | Delete
do_action( 'pre_trackback_post', $tb_id, $tb_url, $charset, $title, $excerpt, $blog_name );
[112] Fix | Delete
[113] Fix | Delete
header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ) );
[114] Fix | Delete
[115] Fix | Delete
if ( ! pings_open( $tb_id ) ) {
[116] Fix | Delete
trackback_response( 1, __( 'Sorry, trackbacks are closed for this item.' ) );
[117] Fix | Delete
}
[118] Fix | Delete
[119] Fix | Delete
$title = wp_html_excerpt( $title, 250, '&#8230;' );
[120] Fix | Delete
$excerpt = wp_html_excerpt( $excerpt, 252, '&#8230;' );
[121] Fix | Delete
[122] Fix | Delete
$comment_post_ID = (int) $tb_id;
[123] Fix | Delete
$comment_author = $blog_name;
[124] Fix | Delete
$comment_author_email = '';
[125] Fix | Delete
$comment_author_url = $tb_url;
[126] Fix | Delete
$comment_content = "<strong>$title</strong>\n\n$excerpt";
[127] Fix | Delete
$comment_type = 'trackback';
[128] Fix | Delete
[129] Fix | Delete
$dupe = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $comment_post_ID, $comment_author_url ) );
[130] Fix | Delete
if ( $dupe ) {
[131] Fix | Delete
trackback_response( 1, __( 'We already have a ping from that URL for this post.' ) );
[132] Fix | Delete
}
[133] Fix | Delete
[134] Fix | Delete
$commentdata = compact( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type' );
[135] Fix | Delete
[136] Fix | Delete
$result = wp_new_comment( $commentdata );
[137] Fix | Delete
[138] Fix | Delete
if ( is_wp_error( $result ) ) {
[139] Fix | Delete
trackback_response( 1, $result->get_error_message() );
[140] Fix | Delete
}
[141] Fix | Delete
[142] Fix | Delete
$trackback_id = $wpdb->insert_id;
[143] Fix | Delete
[144] Fix | Delete
/**
[145] Fix | Delete
* Fires after a trackback is added to a post.
[146] Fix | Delete
*
[147] Fix | Delete
* @since 1.2.0
[148] Fix | Delete
*
[149] Fix | Delete
* @param int $trackback_id Trackback ID.
[150] Fix | Delete
*/
[151] Fix | Delete
do_action( 'trackback_post', $trackback_id );
[152] Fix | Delete
trackback_response( 0 );
[153] Fix | Delete
}
[154] Fix | Delete
[155] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function