public function allow_unfiltered($value)
{
global $post;
if (isset($post->post_type) && $this->cpt->post_type == $post->post_type && current_user_can('edit_posts')) {
kses_remove_filters();
}
return $value;
}
/**
* Sets up most of the Kses filters for input form content.
*
* If you remove the kses_init() function from 'init' hook and
* 'set_current_user' (priority is default), then none of the Kses filter hooks
* will be added.
*
* First removes all of the Kses filters in case the current user does not need
* to have Kses filter the content. If the user does not have unfiltered_html
* capability, then Kses filters are added.
*
* @since 2.0.0
*/
function kses_init()
{
kses_remove_filters();
if (!current_user_can('unfiltered_html')) {
kses_init_filters();
}
}
开发者ID:zoran180,项目名称:wp_szf,代码行数:20,代码来源:kses.php
示例9: test_the_content_attribute_value_with_colon
function test_the_content_attribute_value_with_colon()
{
kses_init_filters();
// http://bpr3.org/?p=87
// the title attribute should make it through unfiltered
$post_content = <<<EOF
<span title="My friends: Alice, Bob and Carol">foo</span>
EOF;
$expected = <<<EOF
<p><span title="My friends: Alice, Bob and Carol">foo</span></p>
EOF;
$post_id = self::factory()->post->create(compact('post_content'));
$this->go_to(get_permalink($post_id));
$this->assertTrue(is_single());
$this->assertTrue(have_posts());
$this->assertNull(the_post());
$this->assertEquals(strip_ws($expected), strip_ws(get_echo('the_content')));
kses_remove_filters();
}
/**
* Set a specific user context for WordPress.
*
* @param array $assoc_args
*/
private static function set_user($assoc_args)
{
if (isset($assoc_args['user'])) {
$fetcher = new \WP_CLI\Fetchers\User();
$user = $fetcher->get_check($assoc_args['user']);
wp_set_current_user($user->ID);
} else {
kses_remove_filters();
}
}
$status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
if ( empty($status) )
die('1');
elseif ( in_array($status, array('draft', 'pending', 'trash') ) )
die( __('Error: you are replying to a comment on a draft post.') );
$user = wp_get_current_user();
if ( $user->ID ) {
$comment_author = $wpdb->escape($user->display_name);
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
$comment_content = trim($_POST['content']);
if ( current_user_can('unfiltered_html') ) {
if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
}
}
} else {
die( __('Sorry, you must be logged in to reply to a comment.') );
}
if ( '' == $comment_content )
die( __('Error: please type a comment.') );
$comment_parent = absint($_POST['comment_ID']);
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
$comment_id = wp_new_comment( $commentdata );
$comment = get_comment($comment_id);
function maybe_override_kses()
{
if (!empty($_POST) && !empty($_POST['action']) && 'editpost' == $_POST['action']) {
if (current_user_can('unfiltered_html')) {
// initial core cap check in kses_init() is unfilterable
kses_remove_filters();
}
}
}
/**
* Sets up most of the Kses filters for input form content.
*
* If you remove the kses_init() function from 'init' hook and
* 'set_current_user' (priority is default), then none of the Kses filter hooks
* will be added.
*
* First removes all of the Kses filters in case the current user does not need
* to have Kses filter the content. If the user does not have unfiltered html
* capability, then Kses filters are added.
*
* @uses kses_remove_filters() Removes the Kses filters
* @uses kses_init_filters() Adds the Kses filters back if the user
* does not have unfiltered HTML capability.
* @since 2.0.0
*/
function kses_init()
{
global $allowedposttags, $allowedtags;
$allowedposttags = apply_filters('edit_allowedposttags', $allowedposttags);
$allowedtags = apply_filters('edit_allowedtags', $allowedtags);
kses_remove_filters();
kses_init_filters();
}
function save_post_translation($translation_id, $translation)
{
global $wpdb, $sitepress_settings, $sitepress, $icl_adjust_id_url_filter_off;
$icl_adjust_id_url_filter_off = true;
$translation_info = $wpdb->get_row($wpdb->prepare("\n SELECT * FROM {$wpdb->prefix}icl_translations tr\n JOIN {$wpdb->prefix}icl_translation_status ts ON ts.translation_id = tr.translation_id\n WHERE tr.translation_id=%d", $translation_id));
$lang_code = $translation_info->language_code;
$trid = $translation_info->trid;
$original_post_details = $wpdb->get_row("\n SELECT p.post_author, p.post_type, p.post_status, p.comment_status, p.ping_status, p.post_parent, p.menu_order, p.post_date, t.language_code\n FROM {$wpdb->prefix}icl_translations t \n JOIN {$wpdb->posts} p ON t.element_id = p.ID AND CONCAT('post_',p.post_type) = t.element_type\n WHERE trid='{$trid}' AND p.ID = '{$translation['original_id']}'\n ");
//is the original post a sticky post?
$sticky_posts = get_option('sticky_posts');
$is_original_sticky = $original_post_details->post_type == 'post' && in_array($translation['original_id'], $sticky_posts);
$this->_content_fix_image_paths_in_body($translation);
$this->_content_fix_relative_link_paths_in_body($translation);
$this->_content_decode_shortcodes($translation);
// handle the page parent and set it to the translated parent if we have one.
if ($original_post_details->post_parent) {
$post_parent_trid = $wpdb->get_var($wpdb->prepare("\tSELECT trid\n\t\t\t\t\t\tFROM {$wpdb->prefix}icl_translations\n\t\t\t\t\t\tWHERE element_type= %s AND element_id = %d ", 'post_' . $original_post_details->post_type, $original_post_details->post_parent));
if ($post_parent_trid) {
$parent_id = $wpdb->get_var($wpdb->prepare("SELECT element_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t FROM {$wpdb->prefix}icl_translations\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE element_type = %s\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t AND trid = %d\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t AND language_code = %s ", 'post_' . $original_post_details->post_type, $post_parent_trid, $lang_code));
}
}
// determine post id based on trid
$post_id = $translation_info->element_id;
if ($post_id) {
// see if the post really exists - make sure it wasn't deleted while the plugin was
if (!$wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE ID = %d ", $post_id))) {
$is_update = false;
$q = "DELETE FROM {$wpdb->prefix}icl_translations WHERE element_type=%s AND element_id=%d";
$q_prepared = $wpdb->prepare($q, array('post_' . $original_post_details->post_type, $post_id));
$wpdb->query($q_prepared);
} else {
$is_update = true;
$postarr['ID'] = $_POST['post_ID'] = $post_id;
}
} else {
$is_update = false;
}
$postarr['post_title'] = $translation['title'];
if ($sitepress_settings['translated_document_page_url'] == 'translate' && isset($translation['URL'])) {
$postarr['post_name'] = $translation['URL'];
}
$postarr['post_content'] = $translation['body'];
if (isset($translation['excerpt']) && $translation['excerpt'] != "") {
$postarr['post_excerpt'] = $translation['excerpt'];
}
if (isset($translated_taxonomies) && is_array($translated_taxonomies)) {
foreach ($translated_taxonomies as $taxonomy => $values) {
$postarr['tax_input'][$taxonomy] = join(',', (array) $values);
}
}
$postarr['post_author'] = $original_post_details->post_author;
$postarr['post_type'] = $original_post_details->post_type;
if ($sitepress_settings['sync_comment_status']) {
$postarr['comment_status'] = $original_post_details->comment_status;
}
if ($sitepress_settings['sync_ping_status']) {
$postarr['ping_status'] = $original_post_details->ping_status;
}
if ($sitepress_settings['sync_page_ordering']) {
$postarr['menu_order'] = $original_post_details->menu_order;
}
if ($sitepress_settings['sync_private_flag'] && $original_post_details->post_status == 'private') {
$postarr['post_status'] = 'private';
}
if (!$is_update) {
$postarr['post_status'] = !$sitepress_settings['translated_document_status'] ? 'draft' : $original_post_details->post_status;
} else {
// set post_status to the current post status.
$postarr['post_status'] = $wpdb->get_var($wpdb->prepare("SELECT post_status\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t FROM {$wpdb->prefix}posts\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE ID = %d ", $post_id));
}
if ($sitepress_settings['sync_post_date']) {
$postarr['post_date'] = $original_post_details->post_date;
}
if (isset($parent_id) && $sitepress_settings['sync_page_parent']) {
$_POST['post_parent'] = $postarr['post_parent'] = $parent_id;
$_POST['parent_id'] = $postarr['parent_id'] = $parent_id;
}
if ($is_update) {
$postarr['post_name'] = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM {$wpdb->posts} WHERE ID=%d", $post_id));
}
$_POST['trid'] = $trid;
$_POST['lang'] = $lang_code;
$_POST['skip_sitepress_actions'] = true;
global $wp_rewrite;
if (!isset($wp_rewrite)) {
$wp_rewrite = new WP_Rewrite();
}
kses_remove_filters();
$postarr = apply_filters('icl_pre_save_pro_translation', $postarr);
$new_post_id = wp_insert_post($postarr);
do_action('icl_pro_translation_saved', $new_post_id);
// set stickiness
if ($is_original_sticky && $sitepress_settings['sync_sticky_flag']) {
stick_post($new_post_id);
} else {
if ($original_post_details->post_type == 'post' && $is_update) {
unstick_post($new_post_id);
//just in case - if this is an update and the original post stckiness has changed since the post was sent to translation
}
}
//.........这里部分代码省略.........
请发表评论