/wp-admin/includes/class-wp-press-this.php

  1. <?php 
  2. /** 
  3. * Press This class and display functionality 
  4. * 
  5. * @package WordPress 
  6. * @subpackage Press_This 
  7. * @since 4.2.0 
  8. */ 
  9.  
  10. /** 
  11. * Press This class. 
  12. * 
  13. * @since 4.2.0 
  14. */ 
  15. class WP_Press_This { 
  16.  
  17. // Used to trigger the bookmarklet update notice. 
  18. public $version = 8; 
  19.  
  20. private $images = array(); 
  21.  
  22. private $embeds = array(); 
  23.  
  24. private $domain = ''; 
  25.  
  26. /** 
  27. * Constructor. 
  28. * 
  29. * @since 4.2.0 
  30. * @access public 
  31. */ 
  32. public function __construct() {} 
  33.  
  34. /** 
  35. * App and site settings data, including i18n strings for the client-side. 
  36. * 
  37. * @since 4.2.0 
  38. * @access public 
  39. * 
  40. * @return array Site settings. 
  41. */ 
  42. public function site_settings() { 
  43. return array( 
  44. /** 
  45. * Filters whether or not Press This should redirect the user in the parent window upon save. 
  46. * 
  47. * @since 4.2.0 
  48. * 
  49. * @param bool $redirect Whether to redirect in parent window or not. Default false. 
  50. */ 
  51. 'redirInParent' => apply_filters( 'press_this_redirect_in_parent', false ),  
  52. ); 
  53.  
  54. /** 
  55. * Get the source's images and save them locally, for posterity, unless we can't. 
  56. * 
  57. * @since 4.2.0 
  58. * @access public 
  59. * 
  60. * @param int $post_id Post ID. 
  61. * @param string $content Optional. Current expected markup for Press This. Expects slashed. Default empty. 
  62. * @return string New markup with old image URLs replaced with the local attachment ones if swapped. 
  63. */ 
  64. public function side_load_images( $post_id, $content = '' ) { 
  65. $content = wp_unslash( $content ); 
  66.  
  67. if ( preg_match_all( '/<img [^>]+>/', $content, $matches ) && current_user_can( 'upload_files' ) ) { 
  68. foreach ( (array) $matches[0] as $image ) { 
  69. // This is inserted from our JS so HTML attributes should always be in double quotes. 
  70. if ( ! preg_match( '/src="([^"]+)"/', $image, $url_matches ) ) { 
  71. continue; 
  72.  
  73. $image_src = $url_matches[1]; 
  74.  
  75. // Don't try to sideload a file without a file extension, leads to WP upload error. 
  76. if ( ! preg_match( '/[^\?]+\.(?:jpe?g|jpe|gif|png)(?:\?|$)/i', $image_src ) ) { 
  77. continue; 
  78.  
  79. // Sideload image, which gives us a new image src. 
  80. $new_src = media_sideload_image( $image_src, $post_id, null, 'src' ); 
  81.  
  82. if ( ! is_wp_error( $new_src ) ) { 
  83. // Replace the POSTED content <img> with correct uploaded ones. 
  84. // Need to do it in two steps so we don't replace links to the original image if any. 
  85. $new_image = str_replace( $image_src, $new_src, $image ); 
  86. $content = str_replace( $image, $new_image, $content ); 
  87.  
  88. // Expected slashed 
  89. return wp_slash( $content ); 
  90.  
  91. /** 
  92. * Ajax handler for saving the post as draft or published. 
  93. * 
  94. * @since 4.2.0 
  95. * @access public 
  96. */ 
  97. public function save_post() { 
  98. if ( empty( $_POST['post_ID'] ) || ! $post_id = (int) $_POST['post_ID'] ) { 
  99. wp_send_json_error( array( 'errorMessage' => __( 'Missing post ID.' ) ) ); 
  100.  
  101. if ( empty( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'update-post_' . $post_id ) || 
  102. ! current_user_can( 'edit_post', $post_id ) ) { 
  103.  
  104. wp_send_json_error( array( 'errorMessage' => __( 'Invalid post.' ) ) ); 
  105.  
  106. $post_data = array( 
  107. 'ID' => $post_id,  
  108. 'post_title' => ( ! empty( $_POST['post_title'] ) ) ? sanitize_text_field( trim( $_POST['post_title'] ) ) : '',  
  109. 'post_content' => ( ! empty( $_POST['post_content'] ) ) ? trim( $_POST['post_content'] ) : '',  
  110. 'post_type' => 'post',  
  111. 'post_status' => 'draft',  
  112. 'post_format' => ( ! empty( $_POST['post_format'] ) ) ? sanitize_text_field( $_POST['post_format'] ) : '',  
  113. 'tax_input' => ( ! empty( $_POST['tax_input'] ) ) ? $_POST['tax_input'] : array(),  
  114. 'post_category' => ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array(),  
  115. ); 
  116.  
  117. if ( ! empty( $_POST['post_status'] ) && 'publish' === $_POST['post_status'] ) { 
  118. if ( current_user_can( 'publish_posts' ) ) { 
  119. $post_data['post_status'] = 'publish'; 
  120. } else { 
  121. $post_data['post_status'] = 'pending'; 
  122.  
  123. $post_data['post_content'] = $this->side_load_images( $post_id, $post_data['post_content'] ); 
  124.  
  125. /** 
  126. * Filters the post data of a Press This post before saving/updating. 
  127. * 
  128. * The {@see 'side_load_images'} action has already run at this point. 
  129. * 
  130. * @since 4.5.0 
  131. * 
  132. * @param array $post_data The post data. 
  133. */ 
  134. $post_data = apply_filters( 'press_this_save_post', $post_data ); 
  135.  
  136. $updated = wp_update_post( $post_data, true ); 
  137.  
  138. if ( is_wp_error( $updated ) ) { 
  139. wp_send_json_error( array( 'errorMessage' => $updated->get_error_message() ) ); 
  140. } else { 
  141. if ( isset( $post_data['post_format'] ) ) { 
  142. if ( current_theme_supports( 'post-formats', $post_data['post_format'] ) ) { 
  143. set_post_format( $post_id, $post_data['post_format'] ); 
  144. } elseif ( $post_data['post_format'] ) { 
  145. set_post_format( $post_id, false ); 
  146.  
  147. $forceRedirect = false; 
  148.  
  149. if ( 'publish' === get_post_status( $post_id ) ) { 
  150. $redirect = get_post_permalink( $post_id ); 
  151. } elseif ( isset( $_POST['pt-force-redirect'] ) && $_POST['pt-force-redirect'] === 'true' ) { 
  152. $forceRedirect = true; 
  153. $redirect = get_edit_post_link( $post_id, 'js' ); 
  154. } else { 
  155. $redirect = false; 
  156.  
  157. /** 
  158. * Filters the URL to redirect to when Press This saves. 
  159. * 
  160. * @since 4.2.0 
  161. * 
  162. * @param string $url Redirect URL. If `$status` is 'publish', this will be the post permalink. 
  163. * Otherwise, the default is false resulting in no redirect. 
  164. * @param int $post_id Post ID. 
  165. * @param string $status Post status. 
  166. */ 
  167. $redirect = apply_filters( 'press_this_save_redirect', $redirect, $post_id, $post_data['post_status'] ); 
  168.  
  169. if ( $redirect ) { 
  170. wp_send_json_success( array( 'redirect' => $redirect, 'force' => $forceRedirect ) ); 
  171. } else { 
  172. wp_send_json_success( array( 'postSaved' => true ) ); 
  173.  
  174. /** 
  175. * Ajax handler for adding a new category. 
  176. * 
  177. * @since 4.2.0 
  178. * @access public 
  179. */ 
  180. public function add_category() { 
  181. if ( false === wp_verify_nonce( $_POST['new_cat_nonce'], 'add-category' ) ) { 
  182. wp_send_json_error(); 
  183.  
  184. $taxonomy = get_taxonomy( 'category' ); 
  185.  
  186. if ( ! current_user_can( $taxonomy->cap->edit_terms ) || empty( $_POST['name'] ) ) { 
  187. wp_send_json_error(); 
  188.  
  189. $parent = isset( $_POST['parent'] ) && (int) $_POST['parent'] > 0 ? (int) $_POST['parent'] : 0; 
  190. $names = explode( ', ', $_POST['name'] ); 
  191. $added = $data = array(); 
  192.  
  193. foreach ( $names as $cat_name ) { 
  194. $cat_name = trim( $cat_name ); 
  195. $cat_nicename = sanitize_title( $cat_name ); 
  196.  
  197. if ( empty( $cat_nicename ) ) { 
  198. continue; 
  199.  
  200. // @todo Find a more performant way to check existence, maybe get_term() with a separate parent check. 
  201. if ( term_exists( $cat_name, $taxonomy->name, $parent ) ) { 
  202. if ( count( $names ) === 1 ) { 
  203. wp_send_json_error( array( 'errorMessage' => __( 'This category already exists.' ) ) ); 
  204. } else { 
  205. continue; 
  206.  
  207. $cat_id = wp_insert_term( $cat_name, $taxonomy->name, array( 'parent' => $parent ) ); 
  208.  
  209. if ( is_wp_error( $cat_id ) ) { 
  210. continue; 
  211. } elseif ( is_array( $cat_id ) ) { 
  212. $cat_id = $cat_id['term_id']; 
  213.  
  214. $added[] = $cat_id; 
  215.  
  216. if ( empty( $added ) ) { 
  217. wp_send_json_error( array( 'errorMessage' => __( 'This category cannot be added. Please change the name and try again.' ) ) ); 
  218.  
  219. foreach ( $added as $new_cat_id ) { 
  220. $new_cat = get_category( $new_cat_id ); 
  221.  
  222. if ( is_wp_error( $new_cat ) ) { 
  223. wp_send_json_error( array( 'errorMessage' => __( 'Error while adding the category. Please try again later.' ) ) ); 
  224.  
  225. $data[] = array( 
  226. 'term_id' => $new_cat->term_id,  
  227. 'name' => $new_cat->name,  
  228. 'parent' => $new_cat->parent,  
  229. ); 
  230. wp_send_json_success( $data ); 
  231.  
  232. /** 
  233. * Downloads the source's HTML via server-side call for the given URL. 
  234. * 
  235. * @since 4.2.0 
  236. * @access public 
  237. * 
  238. * @param string $url URL to scan. 
  239. * @return string Source's HTML sanitized markup 
  240. */ 
  241. public function fetch_source_html( $url ) { 
  242. global $wp_version; 
  243.  
  244. if ( empty( $url ) ) { 
  245. return new WP_Error( 'invalid-url', __( 'A valid URL was not provided.' ) ); 
  246.  
  247. $remote_url = wp_safe_remote_get( $url, array( 
  248. 'timeout' => 30,  
  249. // Use an explicit user-agent for Press This 
  250. 'user-agent' => 'Press This (WordPress/' . $wp_version . '); ' . get_bloginfo( 'url' ) 
  251. ) ); 
  252.  
  253. if ( is_wp_error( $remote_url ) ) { 
  254. return $remote_url; 
  255.  
  256. $allowed_elements = array( 
  257. 'img' => array( 
  258. 'src' => true,  
  259. 'width' => true,  
  260. 'height' => true,  
  261. ),  
  262. 'iframe' => array( 
  263. 'src' => true,  
  264. ),  
  265. 'link' => array( 
  266. 'rel' => true,  
  267. 'itemprop' => true,  
  268. 'href' => true,  
  269. ),  
  270. 'meta' => array( 
  271. 'property' => true,  
  272. 'name' => true,  
  273. 'content' => true,  
  274. ); 
  275.  
  276. $source_content = wp_remote_retrieve_body( $remote_url ); 
  277. $source_content = wp_kses( $source_content, $allowed_elements ); 
  278.  
  279. return $source_content; 
  280.  
  281. /** 
  282. * Utility method to limit an array to 50 values. 
  283. * 
  284. * @ignore 
  285. * @since 4.2.0 
  286. * 
  287. * @param array $value Array to limit. 
  288. * @return array Original array if fewer than 50 values, limited array, empty array otherwise. 
  289. */ 
  290. private function _limit_array( $value ) { 
  291. if ( is_array( $value ) ) { 
  292. if ( count( $value ) > 50 ) { 
  293. return array_slice( $value, 0, 50 ); 
  294.  
  295. return $value; 
  296.  
  297. return array(); 
  298.  
  299. /** 
  300. * Utility method to limit the length of a given string to 5, 000 characters. 
  301. * 
  302. * @ignore 
  303. * @since 4.2.0 
  304. * 
  305. * @param string $value String to limit. 
  306. * @return bool|int|string If boolean or integer, that value. If a string, the original value 
  307. * if fewer than 5, 000 characters, a truncated version, otherwise an 
  308. * empty string. 
  309. */ 
  310. private function _limit_string( $value ) { 
  311. $return = ''; 
  312.  
  313. if ( is_numeric( $value ) || is_bool( $value ) ) { 
  314. $return = $value; 
  315. } else if ( is_string( $value ) ) { 
  316. if ( mb_strlen( $value ) > 5000 ) { 
  317. $return = mb_substr( $value, 0, 5000 ); 
  318. } else { 
  319. $return = $value; 
  320.  
  321. $return = html_entity_decode( $return, ENT_QUOTES, 'UTF-8' ); 
  322. $return = sanitize_text_field( trim( $return ) ); 
  323.  
  324. return $return; 
  325.  
  326. /** 
  327. * Utility method to limit a given URL to 2, 048 characters. 
  328. * 
  329. * @ignore 
  330. * @since 4.2.0 
  331. * 
  332. * @param string $url URL to check for length and validity. 
  333. * @return string Escaped URL if of valid length (< 2048) and makeup. Empty string otherwise. 
  334. */ 
  335. private function _limit_url( $url ) { 
  336. if ( ! is_string( $url ) ) { 
  337. return ''; 
  338.  
  339. // HTTP 1.1 allows 8000 chars but the "de-facto" standard supported in all current browsers is 2048. 
  340. if ( strlen( $url ) > 2048 ) { 
  341. return ''; // Return empty rather than a truncated/invalid URL 
  342.  
  343. // Does not look like a URL. 
  344. if ( ! preg_match( '/^([!#$&-;=?-\[\]_a-z~]|%[0-9a-fA-F]{2})+$/', $url ) ) { 
  345. return ''; 
  346.  
  347. // If the URL is root-relative, prepend the protocol and domain name 
  348. if ( $url && $this->domain && preg_match( '%^/[^/]+%', $url ) ) { 
  349. $url = $this->domain . $url; 
  350.  
  351. // Not absolute or protocol-relative URL. 
  352. if ( ! preg_match( '%^(?:https?:)?//[^/]+%', $url ) ) { 
  353. return ''; 
  354.  
  355. return esc_url_raw( $url, array( 'http', 'https' ) ); 
  356.  
  357. /** 
  358. * Utility method to limit image source URLs. 
  359. * 
  360. * Excluded URLs include share-this type buttons, loaders, spinners, spacers, WordPress interface images,  
  361. * tiny buttons or thumbs, mathtag.com or quantserve.com images, or the WordPress.com stats gif. 
  362. * 
  363. * @ignore 
  364. * @since 4.2.0 
  365. * 
  366. * @param string $src Image source URL. 
  367. * @return string If not matched an excluded URL type, the original URL, empty string otherwise. 
  368. */ 
  369. private function _limit_img( $src ) { 
  370. $src = $this->_limit_url( $src ); 
  371.  
  372. if ( preg_match( '!/ad[sx]?/!i', $src ) ) { 
  373. // Ads 
  374. return ''; 
  375. } else if ( preg_match( '!(/share-?this[^.]+?\.[a-z0-9]{3, 4})(\?.*)?$!i', $src ) ) { 
  376. // Share-this type button 
  377. return ''; 
  378. } else if ( preg_match( '!/(spinner|loading|spacer|blank|rss)\.(gif|jpg|png)!i', $src ) ) { 
  379. // Loaders, spinners, spacers 
  380. return ''; 
  381. } else if ( preg_match( '!/([^./]+[-_])?(spinner|loading|spacer|blank)s?([-_][^./]+)?\.[a-z0-9]{3, 4}!i', $src ) ) { 
  382. // Fancy loaders, spinners, spacers 
  383. return ''; 
  384. } else if ( preg_match( '!([^./]+[-_])?thumb[^.]*\.(gif|jpg|png)$!i', $src ) ) { 
  385. // Thumbnails, too small, usually irrelevant to context 
  386. return ''; 
  387. } else if ( false !== stripos( $src, '/wp-includes/' ) ) { 
  388. // Classic WordPress interface images 
  389. return ''; 
  390. } else if ( preg_match( '![^\d]\d{1, 2}x\d+\.(gif|jpg|png)$!i', $src ) ) { 
  391. // Most often tiny buttons/thumbs (< 100px wide) 
  392. return ''; 
  393. } else if ( preg_match( '!/pixel\.(mathtag|quantserve)\.com!i', $src ) ) { 
  394. // See mathtag.com and https://www.quantcast.com/how-we-do-it/iab-standard-measurement/how-we-collect-data/ 
  395. return ''; 
  396. } else if ( preg_match( '!/[gb]\.gif(\?.+)?$!i', $src ) ) { 
  397. // WordPress.com stats gif 
  398. return ''; 
  399.  
  400. return $src; 
  401.  
  402. /** 
  403. * Limit embed source URLs to specific providers. 
  404. * 
  405. * Not all core oEmbed providers are supported. Supported providers include YouTube, Vimeo,  
  406. * Vine, Daily Motion, SoundCloud, and Twitter. 
  407. * 
  408. * @ignore 
  409. * @since 4.2.0 
  410. * 
  411. * @param string $src Embed source URL. 
  412. * @return string If not from a supported provider, an empty string. Otherwise, a reformattd embed URL. 
  413. */ 
  414. private function _limit_embed( $src ) { 
  415. $src = $this->_limit_url( $src ); 
  416.  
  417. if ( empty( $src ) ) 
  418. return ''; 
  419.  
  420. if ( preg_match( '!//(m|www)\.youtube\.com/(embed|v)/([^?]+)\?.+$!i', $src, $src_matches ) ) { 
  421. // Embedded Youtube videos (www or mobile) 
  422. $src = 'https://www.youtube.com/watch?v=' . $src_matches[3]; 
  423. } else if ( preg_match( '!//player\.vimeo\.com/video/([\d]+)([?/].*)?$!i', $src, $src_matches ) ) { 
  424. // Embedded Vimeo iframe videos 
  425. $src = 'https://vimeo.com/' . (int) $src_matches[1]; 
  426. } else if ( preg_match( '!//vimeo\.com/moogaloop\.swf\?clip_id=([\d]+)$!i', $src, $src_matches ) ) { 
  427. // Embedded Vimeo Flash videos 
  428. $src = 'https://vimeo.com/' . (int) $src_matches[1]; 
  429. } else if ( preg_match( '!//vine\.co/v/([^/]+)/embed!i', $src, $src_matches ) ) { 
  430. // Embedded Vine videos 
  431. $src = 'https://vine.co/v/' . $src_matches[1]; 
  432. } else if ( preg_match( '!//(www\.)?dailymotion\.com/embed/video/([^/?]+)([/?].+)?!i', $src, $src_matches ) ) { 
  433. // Embedded Daily Motion videos 
  434. $src = 'https://www.dailymotion.com/video/' . $src_matches[2]; 
  435. } else { 
  436. require_once( ABSPATH . WPINC . '/class-oembed.php' ); 
  437. $oembed = _wp_oembed_get_object(); 
  438.  
  439. if ( ! $oembed->get_provider( $src, array( 'discover' => false ) ) ) { 
  440. $src = ''; 
  441.  
  442. return $src; 
  443.  
  444. /** 
  445. * Process a meta data entry from the source. 
  446. * 
  447. * @ignore 
  448. * @since 4.2.0 
  449. * 
  450. * @param string $meta_name Meta key name. 
  451. * @param mixed $meta_value Meta value. 
  452. * @param array $data Associative array of source data. 
  453. * @return array Processed data array. 
  454. */ 
  455. private function _process_meta_entry( $meta_name, $meta_value, $data ) { 
  456. if ( preg_match( '/:?(title|description|keywords|site_name)$/', $meta_name ) ) { 
  457. $data['_meta'][ $meta_name ] = $meta_value; 
  458. } else { 
  459. switch ( $meta_name ) { 
  460. case 'og:url': 
  461. case 'og:video': 
  462. case 'og:video:secure_url': 
  463. $meta_value = $this->_limit_embed( $meta_value ); 
  464.  
  465. if ( ! isset( $data['_embeds'] ) ) { 
  466. $data['_embeds'] = array(); 
  467.  
  468. if ( ! empty( $meta_value ) && ! in_array( $meta_value, $data['_embeds'] ) ) { 
  469. $data['_embeds'][] = $meta_value; 
  470.  
  471. break; 
  472. case 'og:image': 
  473. case 'og:image:secure_url': 
  474. case 'twitter:image0:src': 
  475. case 'twitter:image0': 
  476. case 'twitter:image:src': 
  477. case 'twitter:image': 
  478. $meta_value = $this->_limit_img( $meta_value ); 
  479.  
  480. if ( ! isset( $data['_images'] ) ) { 
  481. $data['_images'] = array(); 
  482.  
  483. if ( ! empty( $meta_value ) && ! in_array( $meta_value, $data['_images'] ) ) { 
  484. $data['_images'][] = $meta_value; 
  485.  
  486. break; 
  487.  
  488. return $data; 
  489.  
  490. /** 
  491. * Fetches and parses _meta, _images, and _links data from the source. 
  492. * 
  493. * @since 4.2.0 
  494. * @access public 
  495. * 
  496. * @param string $url URL to scan. 
  497. * @param array $data Optional. Existing data array if you have one. Default empty array. 
  498. * @return array New data array. 
  499. */ 
  500. public function source_data_fetch_fallback( $url, $data = array() ) { 
  501. if ( empty( $url ) ) { 
  502. return array(); 
  503.  
  504. // Download source page to tmp file. 
  505. $source_content = $this->fetch_source_html( $url ); 
  506. if ( is_wp_error( $source_content ) ) { 
  507. return array( 'errors' => $source_content->get_error_messages() ); 
  508.  
  509. // Fetch and gather <meta> data first, so discovered media is offered 1st to user. 
  510. if ( empty( $data['_meta'] ) ) { 
  511. $data['_meta'] = array(); 
  512.  
  513. if ( preg_match_all( '/<meta [^>]+>/', $source_content, $matches ) ) { 
  514. $items = $this->_limit_array( $matches[0] ); 
  515.  
  516. foreach ( $items as $value ) { 
  517. if ( preg_match( '/(property|name)="([^"]+)"[^>]+content="([^"]+)"/', $value, $new_matches ) ) { 
  518. $meta_name = $this->_limit_string( $new_matches[2] ); 
  519. $meta_value = $this->_limit_string( $new_matches[3] ); 
  520.  
  521. // Sanity check. $key is usually things like 'title', 'description', 'keywords', etc. 
  522. if ( strlen( $meta_name ) > 100 ) { 
  523. continue; 
  524.  
  525. $data = $this->_process_meta_entry( $meta_name, $meta_value, $data ); 
  526.  
  527. // Fetch and gather <img> data. 
  528. if ( empty( $data['_images'] ) ) { 
  529. $data['_images'] = array(); 
  530.  
  531. if ( preg_match_all( '/<img [^>]+>/', $source_content, $matches ) ) { 
  532. $items = $this->_limit_array( $matches[0] ); 
  533.  
  534. foreach ( $items as $value ) { 
  535. if ( ( preg_match( '/width=(\'|")(\d+)\\1/i', $value, $new_matches ) && $new_matches[2] < 256 ) || 
  536. ( preg_match( '/height=(\'|")(\d+)\\1/i', $value, $new_matches ) && $new_matches[2] < 128 ) ) { 
  537.  
  538. continue; 
  539.  
  540. if ( preg_match( '/src=(\'|")([^\'"]+)\\1/i', $value, $new_matches ) ) { 
  541. $src = $this->_limit_img( $new_matches[2] ); 
  542. if ( ! empty( $src ) && ! in_array( $src, $data['_images'] ) ) { 
  543. $data['_images'][] = $src; 
  544.  
  545. // Fetch and gather <iframe> data. 
  546. if ( empty( $data['_embeds'] ) ) { 
  547. $data['_embeds'] = array(); 
  548.  
  549. if ( preg_match_all( '/<iframe [^>]+>/', $source_content, $matches ) ) { 
  550. $items = $this->_limit_array( $matches[0] ); 
  551.  
  552. foreach ( $items as $value ) { 
  553. if ( preg_match( '/src=(\'|")([^\'"]+)\\1/', $value, $new_matches ) ) { 
  554. $src = $this->_limit_embed( $new_matches[2] ); 
  555.  
  556. if ( ! empty( $src ) && ! in_array( $src, $data['_embeds'] ) ) { 
  557. $data['_embeds'][] = $src; 
  558.  
  559. // Fetch and gather <link> data. 
  560. if ( empty( $data['_links'] ) ) { 
  561. $data['_links'] = array(); 
  562.  
  563. if ( preg_match_all( '/<link [^>]+>/', $source_content, $matches ) ) { 
  564. $items = $this->_limit_array( $matches[0] ); 
  565.  
  566. foreach ( $items as $value ) { 
  567. if ( preg_match( '/rel=["\'](canonical|shortlink|icon)["\']/i', $value, $matches_rel ) && preg_match( '/href=[\'"]([^\'" ]+)[\'"]/i', $value, $matches_url ) ) { 
  568. $rel = $matches_rel[1]; 
  569. $url = $this->_limit_url( $matches_url[1] ); 
  570.  
  571. if ( ! empty( $url ) && empty( $data['_links'][ $rel ] ) ) { 
  572. $data['_links'][ $rel ] = $url; 
  573.  
  574. return $data; 
  575.  
  576. /** 
  577. * Handles backward-compat with the legacy version of Press This by supporting its query string params. 
  578. * 
  579. * @since 4.2.0 
  580. * @access public 
  581. * 
  582. * @return array 
  583. */ 
  584. public function merge_or_fetch_data() { 
  585. // Get data from $_POST and $_GET, as appropriate ($_POST > $_GET), to remain backward compatible. 
  586. $data = array(); 
  587.  
  588. // Only instantiate the keys we want. Sanity check and sanitize each one. 
  589. foreach ( array( 'u', 's', 't', 'v' ) as $key ) { 
  590. if ( ! empty( $_POST[ $key ] ) ) { 
  591. $value = wp_unslash( $_POST[ $key ] ); 
  592. } else if ( ! empty( $_GET[ $key ] ) ) { 
  593. $value = wp_unslash( $_GET[ $key ] ); 
  594. } else { 
  595. continue; 
  596.  
  597. if ( 'u' === $key ) { 
  598. $value = $this->_limit_url( $value ); 
  599.  
  600. if ( preg_match( '%^(?:https?:)?//[^/]+%i', $value, $domain_match ) ) { 
  601. $this->domain = $domain_match[0]; 
  602. } else { 
  603. $value = $this->_limit_string( $value ); 
  604.  
  605. if ( ! empty( $value ) ) { 
  606. $data[ $key ] = $value; 
  607.  
  608. /** 
  609. * Filters whether to enable in-source media discovery in Press This. 
  610. * 
  611. * @since 4.2.0 
  612. * 
  613. * @param bool $enable Whether to enable media discovery. 
  614. */ 
  615. if ( apply_filters( 'enable_press_this_media_discovery', true ) ) { 
  616. /** 
  617. * If no title, _images, _embed, and _meta was passed via $_POST, fetch data from source as fallback,  
  618. * making PT fully backward compatible with the older bookmarklet. 
  619. */ 
  620. if ( empty( $_POST ) && ! empty( $data['u'] ) ) { 
  621. $data = $this->source_data_fetch_fallback( $data['u'], $data ); 
  622. } else { 
  623. foreach ( array( '_images', '_embeds' ) as $type ) { 
  624. if ( empty( $_POST[ $type ] ) ) { 
  625. continue; 
  626.  
  627. $data[ $type ] = array(); 
  628. $items = $this->_limit_array( $_POST[ $type ] ); 
  629.  
  630. foreach ( $items as $key => $value ) { 
  631. if ( $type === '_images' ) { 
  632. $value = $this->_limit_img( wp_unslash( $value ) ); 
  633. } else { 
  634. $value = $this->_limit_embed( wp_unslash( $value ) ); 
  635.  
  636. if ( ! empty( $value ) ) { 
  637. $data[ $type ][] = $value; 
  638.  
  639. foreach ( array( '_meta', '_links' ) as $type ) { 
  640. if ( empty( $_POST[ $type ] ) ) { 
  641. continue; 
  642.  
  643. $data[ $type ] = array(); 
  644. $items = $this->_limit_array( $_POST[ $type ] ); 
  645.  
  646. foreach ( $items as $key => $value ) { 
  647. // Sanity check. These are associative arrays, $key is usually things like 'title', 'description', 'keywords', etc. 
  648. if ( empty( $key ) || strlen( $key ) > 100 ) { 
  649. continue; 
  650.  
  651. if ( $type === '_meta' ) { 
  652. $value = $this->_limit_string( wp_unslash( $value ) ); 
  653.  
  654. if ( ! empty( $value ) ) { 
  655. $data = $this->_process_meta_entry( $key, $value, $data ); 
  656. } else { 
  657. if ( in_array( $key, array( 'canonical', 'shortlink', 'icon' ), true ) ) { 
  658. $data[ $type ][ $key ] = $this->_limit_url( wp_unslash( $value ) ); 
  659.  
  660. // Support passing a single image src as `i` 
  661. if ( ! empty( $_REQUEST['i'] ) && ( $img_src = $this->_limit_img( wp_unslash( $_REQUEST['i'] ) ) ) ) { 
  662. if ( empty( $data['_images'] ) ) { 
  663. $data['_images'] = array( $img_src ); 
  664. } elseif ( ! in_array( $img_src, $data['_images'], true ) ) { 
  665. array_unshift( $data['_images'], $img_src ); 
  666.  
  667. /** 
  668. * Filters the Press This data array. 
  669. * 
  670. * @since 4.2.0 
  671. * 
  672. * @param array $data Press This Data array. 
  673. */ 
  674. return apply_filters( 'press_this_data', $data ); 
  675.  
  676. /** 
  677. * Adds another stylesheet inside TinyMCE. 
  678. * 
  679. * @since 4.2.0 
  680. * @access public 
  681. * 
  682. * @param string $styles URL to editor stylesheet. 
  683. * @return string Possibly modified stylesheets list. 
  684. */ 
  685. public function add_editor_style( $styles ) { 
  686. if ( ! empty( $styles ) ) { 
  687. $styles .= ', '; 
  688.  
  689. $press_this = admin_url( 'css/press-this-editor.css' ); 
  690. if ( is_rtl() ) { 
  691. $press_this = str_replace( '.css', '-rtl.css', $press_this ); 
  692.  
  693. return $styles . $press_this; 
  694.  
  695. /** 
  696. * Outputs the post format selection HTML. 
  697. * 
  698. * @since 4.2.0 
  699. * @access public 
  700. * 
  701. * @param WP_Post $post Post object. 
  702. */ 
  703. public function post_formats_html( $post ) { 
  704. if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) ) { 
  705. $post_formats = get_theme_support( 'post-formats' ); 
  706.  
  707. if ( is_array( $post_formats[0] ) ) { 
  708. $post_format = get_post_format( $post->ID ); 
  709.  
  710. if ( ! $post_format ) { 
  711. $post_format = '0'; 
  712.  
  713. // Add in the current one if it isn't there yet, in case the current theme doesn't support it. 
  714. if ( $post_format && ! in_array( $post_format, $post_formats[0] ) ) { 
  715. $post_formats[0][] = $post_format; 
  716.  
  717. ?> 
  718. <div id="post-formats-select"> 
  719. <fieldset><legend class="screen-reader-text"><?php _e( 'Post Formats' ); ?></legend> 
  720. <input type="radio" name="post_format" class="post-format" id="post-format-0" value="0" <?php checked( $post_format, '0' ); ?> /> 
  721. <label for="post-format-0" class="post-format-icon post-format-standard"><?php echo get_post_format_string( 'standard' ); ?></label> 
  722. <?php 
  723.  
  724. foreach ( $post_formats[0] as $format ) { 
  725. $attr_format = esc_attr( $format ); 
  726. ?> 
  727. <br /> 
  728. <input type="radio" name="post_format" class="post-format" id="post-format-<?php echo $attr_format; ?>" value="<?php echo $attr_format; ?>" <?php checked( $post_format, $format ); ?> /> 
  729. <label for="post-format-<?php echo $attr_format ?>" class="post-format-icon post-format-<?php echo $attr_format; ?>"><?php echo esc_html( get_post_format_string( $format ) ); ?></label> 
  730. <?php 
  731.  
  732. ?> 
  733. </fieldset> 
  734. </div> 
  735. <?php 
  736.  
  737. /** 
  738. * Outputs the categories HTML. 
  739. * 
  740. * @since 4.2.0 
  741. * @access public 
  742. * 
  743. * @param WP_Post $post Post object. 
  744. */ 
  745. public function categories_html( $post ) { 
  746. $taxonomy = get_taxonomy( 'category' ); 
  747.  
  748. if ( current_user_can( $taxonomy->cap->edit_terms ) ) { 
  749. ?> 
  750. <button type="button" class="add-cat-toggle button-link" aria-expanded="false"> 
  751. <span class="dashicons dashicons-plus"></span><span class="screen-reader-text"><?php _e( 'Toggle add category' ); ?></span> 
  752. </button> 
  753. <div class="add-category is-hidden"> 
  754. <label class="screen-reader-text" for="new-category"><?php echo $taxonomy->labels->add_new_item; ?></label> 
  755. <input type="text" id="new-category" class="add-category-name" placeholder="<?php echo esc_attr( $taxonomy->labels->new_item_name ); ?>" value="" aria-required="true"> 
  756. <label class="screen-reader-text" for="new-category-parent"><?php echo $taxonomy->labels->parent_item_colon; ?></label> 
  757. <div class="postform-wrapper"> 
  758. <?php 
  759. wp_dropdown_categories( array( 
  760. 'taxonomy' => 'category',  
  761. 'hide_empty' => 0,  
  762. 'name' => 'new-category-parent',  
  763. 'orderby' => 'name',  
  764. 'hierarchical' => 1,  
  765. 'show_option_none' => '— ' . $taxonomy->labels->parent_item . ' —' 
  766. ) ); 
  767. ?> 
  768. </div> 
  769. <button type="button" class="add-cat-submit"><?php _e( 'Add' ); ?></button> 
  770. </div> 
  771. <?php 
  772.  
  773. ?> 
  774. <div class="categories-search-wrapper"> 
  775. <input id="categories-search" type="search" class="categories-search" placeholder="<?php esc_attr_e( 'Search categories by name' ) ?>"> 
  776. <label for="categories-search"> 
  777. <span class="dashicons dashicons-search"></span><span class="screen-reader-text"><?php _e( 'Search categories' ); ?></span> 
  778. </label> 
  779. </div> 
  780. <div aria-label="<?php esc_attr_e( 'Categories' ); ?>"> 
  781. <ul class="categories-select"> 
  782. <?php wp_terms_checklist( $post->ID, array( 'taxonomy' => 'category', 'list_only' => true ) ); ?> 
  783. </ul> 
  784. </div> 
  785. <?php 
  786.  
  787. /** 
  788. * Outputs the tags HTML. 
  789. * 
  790. * @since 4.2.0 
  791. * @access public 
  792. * 
  793. * @param WP_Post $post Post object. 
  794. */ 
  795. public function tags_html( $post ) { 
  796. $taxonomy = get_taxonomy( 'post_tag' ); 
  797. $user_can_assign_terms = current_user_can( $taxonomy->cap->assign_terms ); 
  798. $esc_tags = get_terms_to_edit( $post->ID, 'post_tag' ); 
  799.  
  800. if ( ! $esc_tags || is_wp_error( $esc_tags ) ) { 
  801. $esc_tags = ''; 
  802.  
  803. ?> 
  804. <div class="tagsdiv" id="post_tag"> 
  805. <div class="jaxtag"> 
  806. <input type="hidden" name="tax_input[post_tag]" class="the-tags" value="<?php echo $esc_tags; // escaped in get_terms_to_edit() ?>"> 
  807. <?php 
  808.  
  809. if ( $user_can_assign_terms ) { 
  810. ?> 
  811. <div class="ajaxtag hide-if-no-js"> 
  812. <label class="screen-reader-text" for="new-tag-post_tag"><?php _e( 'Tags' ); ?></label> 
  813. <p> 
  814. <input type="text" id="new-tag-post_tag" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="" aria-describedby="new-tag-desc" /> 
  815. <button type="button" class="tagadd"><?php _e( 'Add' ); ?></button> 
  816. </p> 
  817. </div> 
  818. <p class="howto" id="new-tag-desc"> 
  819. <?php echo $taxonomy->labels->separate_items_with_commas; ?> 
  820. </p> 
  821. <?php 
  822.  
  823. ?> 
  824. </div> 
  825. <div class="tagchecklist"></div> 
  826. </div> 
  827. <?php 
  828.  
  829. if ( $user_can_assign_terms ) { 
  830. ?> 
  831. <button type="button" class="button-link tagcloud-link" id="link-post_tag"><?php echo $taxonomy->labels->choose_from_most_used; ?></button> 
  832. <?php 
  833.  
  834. /** 
  835. * Get a list of embeds with no duplicates. 
  836. * 
  837. * @since 4.2.0 
  838. * @access public 
  839. * 
  840. * @param array $data The site's data. 
  841. * @return array Embeds selected to be available. 
  842. */ 
  843. public function get_embeds( $data ) { 
  844. $selected_embeds = array(); 
  845.  
  846. // Make sure to add the Pressed page if it's a valid oembed itself 
  847. if ( ! empty ( $data['u'] ) && $this->_limit_embed( $data['u'] ) ) { 
  848. $data['_embeds'][] = $data['u']; 
  849.  
  850. if ( ! empty( $data['_embeds'] ) ) { 
  851. foreach ( $data['_embeds'] as $src ) { 
  852. $prot_relative_src = preg_replace( '/^https?:/', '', $src ); 
  853.  
  854. if ( in_array( $prot_relative_src, $this->embeds ) ) { 
  855. continue; 
  856.  
  857. $selected_embeds[] = $src; 
  858. $this->embeds[] = $prot_relative_src; 
  859.  
  860. return $selected_embeds; 
  861.  
  862. /** 
  863. * Get a list of images with no duplicates. 
  864. * 
  865. * @since 4.2.0 
  866. * @access public 
  867. * 
  868. * @param array $data The site's data. 
  869. * @return array 
  870. */ 
  871. public function get_images( $data ) { 
  872. $selected_images = array(); 
  873.  
  874. if ( ! empty( $data['_images'] ) ) { 
  875. foreach ( $data['_images'] as $src ) { 
  876. if ( false !== strpos( $src, 'gravatar.com' ) ) { 
  877. $src = preg_replace( '%http://[\d]+\.gravatar\.com/%', 'https://secure.gravatar.com/', $src ); 
  878.  
  879. $prot_relative_src = preg_replace( '/^https?:/', '', $src ); 
  880.  
  881. if ( in_array( $prot_relative_src, $this->images ) || 
  882. ( false !== strpos( $src, 'avatar' ) && count( $this->images ) > 15 ) ) { 
  883. // Skip: already selected or some type of avatar and we've already gathered more than 15 images. 
  884. continue; 
  885.  
  886. $selected_images[] = $src; 
  887. $this->images[] = $prot_relative_src; 
  888.  
  889. return $selected_images; 
  890.  
  891. /** 
  892. * Gets the source page's canonical link, based on passed location and meta data. 
  893. * 
  894. * @since 4.2.0 
  895. * @access public 
  896. * 
  897. * @param array $data The site's data. 
  898. * @return string Discovered canonical URL, or empty 
  899. */ 
  900. public function get_canonical_link( $data ) { 
  901. $link = ''; 
  902.  
  903. if ( ! empty( $data['_links']['canonical'] ) ) { 
  904. $link = $data['_links']['canonical']; 
  905. } elseif ( ! empty( $data['u'] ) ) { 
  906. $link = $data['u']; 
  907. } elseif ( ! empty( $data['_meta'] ) ) { 
  908. if ( ! empty( $data['_meta']['twitter:url'] ) ) { 
  909. $link = $data['_meta']['twitter:url']; 
  910. } else if ( ! empty( $data['_meta']['og:url'] ) ) { 
  911. $link = $data['_meta']['og:url']; 
  912.  
  913. if ( empty( $link ) && ! empty( $data['_links']['shortlink'] ) ) { 
  914. $link = $data['_links']['shortlink']; 
  915.  
  916. return $link; 
  917.  
  918. /** 
  919. * Gets the source page's site name, based on passed meta data. 
  920. * 
  921. * @since 4.2.0 
  922. * @access public 
  923. * 
  924. * @param array $data The site's data. 
  925. * @return string Discovered site name, or empty 
  926. */ 
  927. public function get_source_site_name( $data ) { 
  928. $name = ''; 
  929.  
  930. if ( ! empty( $data['_meta'] ) ) { 
  931. if ( ! empty( $data['_meta']['og:site_name'] ) ) { 
  932. $name = $data['_meta']['og:site_name']; 
  933. } else if ( ! empty( $data['_meta']['application-name'] ) ) { 
  934. $name = $data['_meta']['application-name']; 
  935.  
  936. return $name; 
  937.  
  938. /** 
  939. * Gets the source page's title, based on passed title and meta data. 
  940. * 
  941. * @since 4.2.0 
  942. * @access public 
  943. * 
  944. * @param array $data The site's data. 
  945. * @return string Discovered page title, or empty 
  946. */ 
  947. public function get_suggested_title( $data ) { 
  948. $title = ''; 
  949.  
  950. if ( ! empty( $data['t'] ) ) { 
  951. $title = $data['t']; 
  952. } elseif ( ! empty( $data['_meta'] ) ) { 
  953. if ( ! empty( $data['_meta']['twitter:title'] ) ) { 
  954. $title = $data['_meta']['twitter:title']; 
  955. } else if ( ! empty( $data['_meta']['og:title'] ) ) { 
  956. $title = $data['_meta']['og:title']; 
  957. } else if ( ! empty( $data['_meta']['title'] ) ) { 
  958. $title = $data['_meta']['title']; 
  959.  
  960. return $title; 
  961.  
  962. /** 
  963. * Gets the source page's suggested content, based on passed data (description, selection, etc). 
  964. * 
  965. * Features a blockquoted excerpt, as well as content attribution, if any. 
  966. * 
  967. * @since 4.2.0 
  968. * @access public 
  969. * 
  970. * @param array $data The site's data. 
  971. * @return string Discovered content, or empty 
  972. */ 
  973. public function get_suggested_content( $data ) { 
  974. $content = $text = ''; 
  975.  
  976. if ( ! empty( $data['s'] ) ) { 
  977. $text = $data['s']; 
  978. } else if ( ! empty( $data['_meta'] ) ) { 
  979. if ( ! empty( $data['_meta']['twitter:description'] ) ) { 
  980. $text = $data['_meta']['twitter:description']; 
  981. } else if ( ! empty( $data['_meta']['og:description'] ) ) { 
  982. $text = $data['_meta']['og:description']; 
  983. } else if ( ! empty( $data['_meta']['description'] ) ) { 
  984. $text = $data['_meta']['description']; 
  985.  
  986. // If there is an ellipsis at the end, the description is very likely auto-generated. Better to ignore it. 
  987. if ( $text && substr( $text, -3 ) === '...' ) { 
  988. $text = ''; 
  989.  
  990. $default_html = array( 'quote' => '', 'link' => '', 'embed' => '' ); 
  991.  
  992. if ( ! empty( $data['u'] ) && $this->_limit_embed( $data['u'] ) ) { 
  993. $default_html['embed'] = '<p></p>'; 
  994.  
  995. if ( ! empty( $data['s'] ) ) { 
  996. // If the user has selected some text, do quote it. 
  997. $default_html['quote'] = '<blockquote>%1$s</blockquote>'; 
  998. } else { 
  999. $default_html['quote'] = '<blockquote>%1$s</blockquote>'; 
  1000. $default_html['link'] = '<p>' . _x( 'Source:', 'Used in Press This to indicate where the content comes from.' ) . 
  1001. ' <em><a href="%1$s">%2$s</a></em></p>'; 
  1002.  
  1003. /** 
  1004. * Filters the default HTML tags used in the suggested content for the editor. 
  1005. * 
  1006. * The HTML strings use printf format. After filtering the content is added at the specified places with `sprintf()`. 
  1007. * 
  1008. * @since 4.2.0 
  1009. * 
  1010. * @param array $default_html Associative array with three possible keys: 
  1011. * - 'quote' where %1$s is replaced with the site description or the selected content. 
  1012. * - 'link' where %1$s is link href, %2$s is link text, usually the source page title. 
  1013. * - 'embed' which contains an shortcode when the source page offers embeddable content. 
  1014. * @param array $data Associative array containing the data from the source page. 
  1015. */ 
  1016. $default_html = apply_filters( 'press_this_suggested_html', $default_html, $data ); 
  1017.  
  1018. if ( ! empty( $default_html['embed'] ) ) { 
  1019. $content .= $default_html['embed']; 
  1020.  
  1021. // Wrap suggested content in the specified HTML. 
  1022. if ( ! empty( $default_html['quote'] ) && $text ) { 
  1023. $content .= sprintf( $default_html['quote'], $text ); 
  1024.  
  1025. // Add source attribution if there is one available. 
  1026. if ( ! empty( $default_html['link'] ) ) { 
  1027. $title = $this->get_suggested_title( $data ); 
  1028. $url = $this->get_canonical_link( $data ); 
  1029.  
  1030. if ( ! $title ) { 
  1031. $title = $this->get_source_site_name( $data ); 
  1032.  
  1033. if ( $url && $title ) { 
  1034. $content .= sprintf( $default_html['link'], $url, $title ); 
  1035.  
  1036. return $content; 
  1037.  
  1038. /** 
  1039. * Serves the app's base HTML, which in turns calls the load script. 
  1040. * 
  1041. * @since 4.2.0 
  1042. * @access public 
  1043. * 
  1044. * @global WP_Locale $wp_locale 
  1045. * @global string $wp_version 
  1046. * @global bool $is_IE 
  1047. */ 
  1048. public function html() { 
  1049. global $wp_locale, $wp_version; 
  1050.  
  1051. // Get data, new (POST) and old (GET). 
  1052. $data = $this->merge_or_fetch_data(); 
  1053.  
  1054. $post_title = $this->get_suggested_title( $data ); 
  1055.  
  1056. $post_content = $this->get_suggested_content( $data ); 
  1057.  
  1058. // Get site settings array/data. 
  1059. $site_settings = $this->site_settings(); 
  1060.  
  1061. // Pass the images and embeds 
  1062. $images = $this->get_images( $data ); 
  1063. $embeds = $this->get_embeds( $data ); 
  1064.  
  1065. $site_data = array( 
  1066. 'v' => ! empty( $data['v'] ) ? $data['v'] : '',  
  1067. 'u' => ! empty( $data['u'] ) ? $data['u'] : '',  
  1068. 'hasData' => ! empty( $data ),  
  1069. ); 
  1070.  
  1071. if ( ! empty( $images ) ) { 
  1072. $site_data['_images'] = $images; 
  1073.  
  1074. if ( ! empty( $embeds ) ) { 
  1075. $site_data['_embeds'] = $embeds; 
  1076.  
  1077. // Add press-this-editor.css and remove theme's editor-style.css, if any. 
  1078. remove_editor_styles(); 
  1079.  
  1080. add_filter( 'mce_css', array( $this, 'add_editor_style' ) ); 
  1081.  
  1082. if ( ! empty( $GLOBALS['is_IE'] ) ) { 
  1083. @header( 'X-UA-Compatible: IE=edge' ); 
  1084.  
  1085. @header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); 
  1086.  
  1087. ?> 
  1088. <!DOCTYPE html> 
  1089. <!--[if IE 7]> <html class="lt-ie9 lt-ie8" <?php language_attributes(); ?>> <![endif]--> 
  1090. <!--[if IE 8]> <html class="lt-ie9" <?php language_attributes(); ?>> <![endif]--> 
  1091. <!--[if gt IE 8]><!--> <html <?php language_attributes(); ?>> <!--<![endif]--> 
  1092. <head> 
  1093. <meta http-equiv="Content-Type" content="<?php echo esc_attr( get_bloginfo( 'html_type' ) ); ?>; charset=<?php echo esc_attr( get_option( 'blog_charset' ) ); ?>" /> 
  1094. <meta name="viewport" content="width=device-width"> 
  1095. <title><?php esc_html_e( 'Press This!' ) ?></title> 
  1096.  
  1097. <script> 
  1098. window.wpPressThisData = <?php echo wp_json_encode( $site_data ); ?>; 
  1099. window.wpPressThisConfig = <?php echo wp_json_encode( $site_settings ); ?>; 
  1100. </script> 
  1101.  
  1102. <script type="text/javascript"> 
  1103. var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',  
  1104. pagenow = 'press-this',  
  1105. typenow = 'post',  
  1106. adminpage = 'press-this-php',  
  1107. thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',  
  1108. decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',  
  1109. isRtl = <?php echo (int) is_rtl(); ?>; 
  1110. </script> 
  1111.  
  1112. <?php 
  1113. /** 
  1114. * $post->ID is needed for the embed shortcode so we can show oEmbed previews in the editor. 
  1115. * Maybe find a way without it. 
  1116. */ 
  1117. $post = get_default_post_to_edit( 'post', true ); 
  1118. $post_ID = (int) $post->ID; 
  1119.  
  1120. wp_enqueue_media( array( 'post' => $post_ID ) ); 
  1121. wp_enqueue_style( 'press-this' ); 
  1122. wp_enqueue_script( 'press-this' ); 
  1123. wp_enqueue_script( 'json2' ); 
  1124. wp_enqueue_script( 'editor' ); 
  1125.  
  1126. $supports_formats = false; 
  1127. $post_format = 0; 
  1128.  
  1129. if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) ) { 
  1130. $supports_formats = true; 
  1131.  
  1132. if ( ! ( $post_format = get_post_format( $post_ID ) ) ) { 
  1133. $post_format = 0; 
  1134.  
  1135. /** This action is documented in wp-admin/admin-header.php */ 
  1136. do_action( 'admin_enqueue_scripts', 'press-this.php' ); 
  1137.  
  1138. /** This action is documented in wp-admin/admin-header.php */ 
  1139. do_action( 'admin_print_styles-press-this.php' ); 
  1140.  
  1141. /** This action is documented in wp-admin/admin-header.php */ 
  1142. do_action( 'admin_print_styles' ); 
  1143.  
  1144. /** This action is documented in wp-admin/admin-header.php */ 
  1145. do_action( 'admin_print_scripts-press-this.php' ); 
  1146.  
  1147. /** This action is documented in wp-admin/admin-header.php */ 
  1148. do_action( 'admin_print_scripts' ); 
  1149.  
  1150. /** This action is documented in wp-admin/admin-header.php */ 
  1151. do_action( 'admin_head-press-this.php' ); 
  1152.  
  1153. /** This action is documented in wp-admin/admin-header.php */ 
  1154. do_action( 'admin_head' ); 
  1155. ?> 
  1156. </head> 
  1157. <?php 
  1158.  
  1159. $admin_body_class = 'press-this'; 
  1160. $admin_body_class .= ( is_rtl() ) ? ' rtl' : ''; 
  1161. $admin_body_class .= ' branch-' . str_replace( array( '.', ', ' ), '-', floatval( $wp_version ) ); 
  1162. $admin_body_class .= ' version-' . str_replace( '.', '-', preg_replace( '/^([.0-9]+).*/', '$1', $wp_version ) ); 
  1163. $admin_body_class .= ' admin-color-' . sanitize_html_class( get_user_option( 'admin_color' ), 'fresh' ); 
  1164. $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) ); 
  1165.  
  1166. /** This filter is documented in wp-admin/admin-header.php */ 
  1167. $admin_body_classes = apply_filters( 'admin_body_class', '' ); 
  1168.  
  1169. ?> 
  1170. <body class="wp-admin wp-core-ui <?php echo $admin_body_classes . ' ' . $admin_body_class; ?>"> 
  1171. <div id="adminbar" class="adminbar"> 
  1172. <h1 id="current-site" class="current-site"> 
  1173. <a class="current-site-link" href="<?php echo esc_url( home_url( '/' ) ); ?>" target="_blank" rel="home"> 
  1174. <span class="dashicons dashicons-wordpress"></span> 
  1175. <span class="current-site-name"><?php bloginfo( 'name' ); ?></span> 
  1176. </a> 
  1177. </h1> 
  1178. <button type="button" class="options button-link closed"> 
  1179. <span class="dashicons dashicons-tag on-closed"></span> 
  1180. <span class="screen-reader-text on-closed"><?php _e( 'Show post options' ); ?></span> 
  1181. <span aria-hidden="true" class="on-open"><?php _e( 'Done' ); ?></span> 
  1182. <span class="screen-reader-text on-open"><?php _e( 'Hide post options' ); ?></span> 
  1183. </button> 
  1184. </div> 
  1185.  
  1186. <div id="scanbar" class="scan"> 
  1187. <form method="GET"> 
  1188. <label for="url-scan" class="screen-reader-text"><?php _e( 'Scan site for content' ); ?></label> 
  1189. <input type="url" name="u" id="url-scan" class="scan-url" value="" placeholder="<?php esc_attr_e( 'Enter a URL to scan' ) ?>" /> 
  1190. <input type="submit" name="url-scan-submit" id="url-scan-submit" class="scan-submit" value="<?php esc_attr_e( 'Scan' ) ?>" /> 
  1191. </form> 
  1192. </div> 
  1193.  
  1194. <form id="pressthis-form" method="post" action="post.php" autocomplete="off"> 
  1195. <input type="hidden" name="post_ID" id="post_ID" value="<?php echo $post_ID; ?>" /> 
  1196. <input type="hidden" name="action" value="press-this-save-post" /> 
  1197. <input type="hidden" name="post_status" id="post_status" value="draft" /> 
  1198. <input type="hidden" name="wp-preview" id="wp-preview" value="" /> 
  1199. <input type="hidden" name="post_title" id="post_title" value="" /> 
  1200. <input type="hidden" name="pt-force-redirect" id="pt-force-redirect" value="" /> 
  1201. <?php 
  1202.  
  1203. wp_nonce_field( 'update-post_' . $post_ID, '_wpnonce', false ); 
  1204. wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); 
  1205.  
  1206. ?> 
  1207.  
  1208. <div class="wrapper"> 
  1209. <div class="editor-wrapper"> 
  1210. <div class="alerts" role="alert" aria-live="assertive" aria-relevant="all" aria-atomic="true"> 
  1211. <?php 
  1212.  
  1213. if ( isset( $data['v'] ) && $this->version > $data['v'] ) { 
  1214. ?> 
  1215. <p class="alert is-notice"> 
  1216. <?php printf( __( 'You should upgrade <a href="%s" target="_blank">your bookmarklet</a> to the latest version!' ), admin_url( 'tools.php' ) ); ?> 
  1217. </p> 
  1218. <?php 
  1219.  
  1220. ?> 
  1221. </div> 
  1222.  
  1223. <div id="app-container" class="editor"> 
  1224. <span id="title-container-label" class="post-title-placeholder" aria-hidden="true"><?php _e( 'Post title' ); ?></span> 
  1225. <h2 id="title-container" class="post-title" contenteditable="true" spellcheck="true" aria-label="<?php esc_attr_e( 'Post title' ); ?>" tabindex="0"><?php echo esc_html( $post_title ); ?></h2> 
  1226.  
  1227. <div class="media-list-container"> 
  1228. <div class="media-list-inner-container"> 
  1229. <h2 class="screen-reader-text"><?php _e( 'Suggested media' ); ?></h2> 
  1230. <ul class="media-list"></ul> 
  1231. </div> 
  1232. </div> 
  1233.  
  1234. <?php 
  1235. wp_editor( $post_content, 'pressthis', array( 
  1236. 'drag_drop_upload' => true,  
  1237. 'editor_height' => 600,  
  1238. 'media_buttons' => false,  
  1239. 'textarea_name' => 'post_content',  
  1240. 'teeny' => true,  
  1241. 'tinymce' => array( 
  1242. 'resize' => false,  
  1243. 'wordpress_adv_hidden' => false,  
  1244. 'add_unload_trigger' => false,  
  1245. 'statusbar' => false,  
  1246. 'autoresize_min_height' => 600,  
  1247. 'wp_autoresize_on' => true,  
  1248. 'plugins' => 'lists, media, paste, tabfocus, fullscreen, wordpress, wpautoresize, wpeditimage, wpgallery, wplink, wptextpattern, wpview',  
  1249. 'toolbar1' => 'bold, italic, bullist, numlist, blockquote, link, unlink',  
  1250. 'toolbar2' => 'undo, redo',  
  1251. ),  
  1252. 'quicktags' => array( 
  1253. 'buttons' => 'strong, em, link, block, del, ins, img, ul, ol, li, code, more',  
  1254. ),  
  1255. ) ); 
  1256.  
  1257. ?> 
  1258. </div> 
  1259. </div> 
  1260.  
  1261. <div class="options-panel-back is-hidden" tabindex="-1"></div> 
  1262. <div class="options-panel is-off-screen is-hidden" tabindex="-1"> 
  1263. <div class="post-options"> 
  1264.  
  1265. <?php if ( $supports_formats ) : ?> 
  1266. <button type="button" class="button-link post-option"> 
  1267. <span class="dashicons dashicons-admin-post"></span> 
  1268. <span class="post-option-title"><?php _ex( 'Format', 'post format' ); ?></span> 
  1269. <span class="post-option-contents" id="post-option-post-format"><?php echo esc_html( get_post_format_string( $post_format ) ); ?></span> 
  1270. <span class="dashicons post-option-forward"></span> 
  1271. </button> 
  1272. <?php endif; ?> 
  1273.  
  1274. <button type="button" class="button-link post-option"> 
  1275. <span class="dashicons dashicons-category"></span> 
  1276. <span class="post-option-title"><?php _e( 'Categories' ); ?></span> 
  1277. <span class="dashicons post-option-forward"></span> 
  1278. </button> 
  1279.  
  1280. <button type="button" class="button-link post-option"> 
  1281. <span class="dashicons dashicons-tag"></span> 
  1282. <span class="post-option-title"><?php _e( 'Tags' ); ?></span> 
  1283. <span class="dashicons post-option-forward"></span> 
  1284. </button> 
  1285. </div> 
  1286.  
  1287. <?php if ( $supports_formats ) : ?> 
  1288. <div class="setting-modal is-off-screen is-hidden"> 
  1289. <button type="button" class="button-link modal-close"> 
  1290. <span class="dashicons post-option-back"></span> 
  1291. <span class="setting-title" aria-hidden="true"><?php _ex( 'Format', 'post format' ); ?></span> 
  1292. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1293. </button> 
  1294. <?php $this->post_formats_html( $post ); ?> 
  1295. </div> 
  1296. <?php endif; ?> 
  1297.  
  1298. <div class="setting-modal is-off-screen is-hidden"> 
  1299. <button type="button" class="button-link modal-close"> 
  1300. <span class="dashicons post-option-back"></span> 
  1301. <span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span> 
  1302. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1303. </button> 
  1304. <?php $this->categories_html( $post ); ?> 
  1305. </div> 
  1306.  
  1307. <div class="setting-modal tags is-off-screen is-hidden"> 
  1308. <button type="button" class="button-link modal-close"> 
  1309. <span class="dashicons post-option-back"></span> 
  1310. <span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span> 
  1311. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1312. </button> 
  1313. <?php $this->tags_html( $post ); ?> 
  1314. </div> 
  1315. </div><!-- .options-panel --> 
  1316. </div><!-- .wrapper --> 
  1317.  
  1318. <div class="press-this-actions"> 
  1319. <div class="pressthis-media-buttons"> 
  1320. <button type="button" class="insert-media button-link" data-editor="pressthis"> 
  1321. <span class="dashicons dashicons-admin-media"></span> 
  1322. <span class="screen-reader-text"><?php _e( 'Add Media' ); ?></span> 
  1323. </button> 
  1324. </div> 
  1325. <div class="post-actions"> 
  1326. <span class="spinner"> </span> 
  1327. <div class="split-button"> 
  1328. <div class="split-button-head"> 
  1329. <button type="button" class="publish-button split-button-primary" aria-live="polite"> 
  1330. <span class="publish"><?php echo ( current_user_can( 'publish_posts' ) ) ? __( 'Publish' ) : __( 'Submit for Review' ); ?></span> 
  1331. <span class="saving-draft"><?php _e( 'Saving…' ); ?></span> 
  1332. </button><button type="button" class="split-button-toggle" aria-haspopup="true" aria-expanded="false"> 
  1333. <i class="dashicons dashicons-arrow-down-alt2"></i> 
  1334. <span class="screen-reader-text"><?php _e('More actions'); ?></span> 
  1335. </button> 
  1336. </div> 
  1337. <ul class="split-button-body"> 
  1338. <li><button type="button" class="button-link draft-button split-button-option"><?php _e( 'Save Draft' ); ?></button></li> 
  1339. <li><button type="button" class="button-link standard-editor-button split-button-option"><?php _e( 'Standard Editor' ); ?></button></li> 
  1340. <li><button type="button" class="button-link preview-button split-button-option"><?php _e( 'Preview' ); ?></button></li> 
  1341. </ul> 
  1342. </div> 
  1343. </div> 
  1344. </div> 
  1345. </form> 
  1346.  
  1347. <?php 
  1348. /** This action is documented in wp-admin/admin-footer.php */ 
  1349. do_action( 'admin_footer' ); 
  1350.  
  1351. /** This action is documented in wp-admin/admin-footer.php */ 
  1352. do_action( 'admin_print_footer_scripts-press-this.php' ); 
  1353.  
  1354. /** This action is documented in wp-admin/admin-footer.php */ 
  1355. do_action( 'admin_print_footer_scripts' ); 
  1356.  
  1357. /** This action is documented in wp-admin/admin-footer.php */ 
  1358. do_action( 'admin_footer-press-this.php' ); 
  1359. ?> 
  1360. </body> 
  1361. </html> 
  1362. <?php 
  1363. die(); 
  1364.  
  1365. /** 
  1366. * 
  1367. * @global WP_Press_This $wp_press_this 
  1368. */ 
  1369. $GLOBALS['wp_press_this'] = new WP_Press_This; 
.