diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-01-16 10:01:10 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-01-16 10:01:10 +0000 |
| commit | 7c334d6658c4a820552a9c2e285a0392d790f2d5 (patch) | |
| tree | 3ce7bf35dca1beeb19bac90fc2d685ed92914dd1 /wp-inst/xmlrpc.php | |
| parent | 295edf34ba88e2bcbf3828d0692b1366ff9ccce2 (diff) | |
WP Merge
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@503 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-inst/xmlrpc.php')
| -rw-r--r-- | wp-inst/xmlrpc.php | 51 |
1 files changed, 27 insertions, 24 deletions
diff --git a/wp-inst/xmlrpc.php b/wp-inst/xmlrpc.php index c4cdbaf..e5473e0 100644 --- a/wp-inst/xmlrpc.php +++ b/wp-inst/xmlrpc.php @@ -1,5 +1,10 @@ <?php +define('XMLRPC_REQUEST', true); + +// Some browser-embedded clients send cookies. We don't want them. +$_COOKIE = array(); + # fix for mozBlog and other cases where '<?xml' isn't on the very first line $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); @@ -179,8 +184,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - $is_admin = $user->has_cap('level_8'); + set_current_user(0, $user_login); + $is_admin = current_user_can('level_8'); $struct = array( 'isAdmin' => $is_admin, @@ -317,8 +322,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_themes') ) { + set_current_user(0, $user_login); + if ( !current_user_can('edit_themes') ) { return new IXR_Error(401, 'Sorry, this user can not edit the template.'); } @@ -352,8 +357,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_themes') ) { + set_current_user(0, $user_login); + if ( !current_user_can('edit_themes') ) { return new IXR_Error(401, 'Sorry, this user can not edit the template.'); } @@ -390,9 +395,8 @@ class wp_xmlrpc_server extends IXR_Server { } $cap = ($publish) ? 'publish_posts' : 'edit_posts'; - - $user = new WP_User(0, $user_login); - if ( !$user->has_cap($cap) ) + $user = set_current_user(0, $user_login); + if ( !current_user_can($cap) ) return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); $post_status = ($publish) ? 'publish' : 'draft'; @@ -445,8 +449,8 @@ class wp_xmlrpc_server extends IXR_Server { $this->escape($actual_post); - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_post', $post_ID) ) + set_current_user(0, $user_login); + if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you do not have the right to edit this post.'); extract($actual_post); @@ -489,8 +493,8 @@ class wp_xmlrpc_server extends IXR_Server { return new IXR_Error(404, 'Sorry, no such post.'); } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_post', $post_ID) ) + set_current_user(0, $user_login); + if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you do not have the right to delete this post.'); $result = wp_delete_post($post_ID); @@ -525,8 +529,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('publish_posts') ) + $user = set_current_user(0, $user_login); + if ( !current_user_can('publish_posts') ) return new IXR_Error(401, 'Sorry, you can not post on this weblog or category.'); $post_author = $user->ID; @@ -605,8 +609,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_post', $post_ID) ) + set_current_user(0, $user_login); + if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you can not edit this post.'); $postdata = wp_get_single_post($post_ID, ARRAY_A); @@ -844,9 +848,8 @@ class wp_xmlrpc_server extends IXR_Server { if ( !$this->login_pass_ok($user_login, $user_pass) ) return $this->error; - $user = new WP_User(0, $user_login); - - if ( !$user->has_cap('upload_files') ) { + set_current_user(0, $user_login); + if ( !current_user_can('upload_files') ) { logIO('O', '(MW) User does not have upload_files capability'); $this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.'); return $this->error; @@ -984,8 +987,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_post', $post_ID) ) + set_current_user(0, $user_login); + if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you can not edit this post.'); foreach($categories as $cat) { @@ -1066,8 +1069,8 @@ class wp_xmlrpc_server extends IXR_Server { return $this->error; } - $user = new WP_User(0, $user_login); - if ( !$user->has_cap('edit_post', $post_ID) ) + set_current_user(0, $user_login); + if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you can not edit this post.'); $postdata = wp_get_single_post($post_ID,ARRAY_A); |