WP_Press_This

Press This class.

Defined (1)

The class is defined in the following location(s).

/wp-admin/includes/class-wp-press-this.php  
  1. class WP_Press_This { 
  2. // Used to trigger the bookmarklet update notice. 
  3. const VERSION = 8; 
  4. public $version = 8; 
  5.  
  6. private $images = array(); 
  7.  
  8. private $embeds = array(); 
  9.  
  10. private $domain = ''; 
  11.  
  12. /** 
  13. * Constructor. 
  14. * @since 4.2.0 
  15. * @access public 
  16. */ 
  17. public function __construct() {} 
  18.  
  19. /** 
  20. * App and site settings data, including i18n strings for the client-side. 
  21. * @since 4.2.0 
  22. * @access public 
  23. * @return array Site settings. 
  24. */ 
  25. public function site_settings() { 
  26. return array( 
  27. /** 
  28. * Filters whether or not Press This should redirect the user in the parent window upon save. 
  29. * @since 4.2.0 
  30. * @param bool $redirect Whether to redirect in parent window or not. Default false. 
  31. */ 
  32. 'redirInParent' => apply_filters( 'press_this_redirect_in_parent', false ),  
  33. ); 
  34.  
  35. /** 
  36. * Get the source's images and save them locally, for posterity, unless we can't. 
  37. * @since 4.2.0 
  38. * @access public 
  39. * @param int $post_id Post ID. 
  40. * @param string $content Optional. Current expected markup for Press This. Expects slashed. Default empty. 
  41. * @return string New markup with old image URLs replaced with the local attachment ones if swapped. 
  42. */ 
  43. public function side_load_images( $post_id, $content = '' ) { 
  44. $content = wp_unslash( $content ); 
  45.  
  46. if ( preg_match_all( '/<img [^>]+>/', $content, $matches ) && current_user_can( 'upload_files' ) ) { 
  47. foreach ( (array) $matches[0] as $image ) { 
  48. // This is inserted from our JS so HTML attributes should always be in double quotes. 
  49. if ( ! preg_match( '/src="([^"]+)"/', $image, $url_matches ) ) { 
  50. continue; 
  51.  
  52. $image_src = $url_matches[1]; 
  53.  
  54. // Don't try to sideload a file without a file extension, leads to WP upload error. 
  55. if ( ! preg_match( '/[^\?]+\.(?:jpe?g|jpe|gif|png)(?:\?|$)/i', $image_src ) ) { 
  56. continue; 
  57.  
  58. // Sideload image, which gives us a new image src. 
  59. $new_src = media_sideload_image( $image_src, $post_id, null, 'src' ); 
  60.  
  61. if ( ! is_wp_error( $new_src ) ) { 
  62. // Replace the POSTED content <img> with correct uploaded ones. 
  63. // Need to do it in two steps so we don't replace links to the original image if any. 
  64. $new_image = str_replace( $image_src, $new_src, $image ); 
  65. $content = str_replace( $image, $new_image, $content ); 
  66.  
  67. // Expected slashed 
  68. return wp_slash( $content ); 
  69.  
  70. /** 
  71. * Ajax handler for saving the post as draft or published. 
  72. * @since 4.2.0 
  73. * @access public 
  74. */ 
  75. public function save_post() { 
  76. if ( empty( $_POST['post_ID'] ) || ! $post_id = (int) $_POST['post_ID'] ) { 
  77. wp_send_json_error( array( 'errorMessage' => __( 'Missing post ID.' ) ) ); 
  78.  
  79. if ( empty( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'update-post_' . $post_id ) || 
  80. ! current_user_can( 'edit_post', $post_id ) ) { 
  81.  
  82. wp_send_json_error( array( 'errorMessage' => __( 'Invalid post.' ) ) ); 
  83.  
  84. $post_data = array( 
  85. 'ID' => $post_id,  
  86. 'post_title' => ( ! empty( $_POST['post_title'] ) ) ? sanitize_text_field( trim( $_POST['post_title'] ) ) : '',  
  87. 'post_content' => ( ! empty( $_POST['post_content'] ) ) ? trim( $_POST['post_content'] ) : '',  
  88. 'post_type' => 'post',  
  89. 'post_status' => 'draft',  
  90. 'post_format' => ( ! empty( $_POST['post_format'] ) ) ? sanitize_text_field( $_POST['post_format'] ) : '',  
  91. ); 
  92.  
  93. // Only accept categories if the user actually can assign 
  94. $category_tax = get_taxonomy( 'category' ); 
  95. if ( current_user_can( $category_tax->cap->assign_terms ) ) { 
  96. $post_data['post_category'] = ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array(); 
  97.  
  98. // Only accept taxonomies if the user can actually assign 
  99. if ( ! empty( $_POST['tax_input'] ) ) { 
  100. $tax_input = $_POST['tax_input']; 
  101. foreach ( $tax_input as $tax => $_ti ) { 
  102. $tax_object = get_taxonomy( $tax ); 
  103. if ( ! $tax_object || ! current_user_can( $tax_object->cap->assign_terms ) ) { 
  104. unset( $tax_input[ $tax ] ); 
  105.  
  106. $post_data['tax_input'] = $tax_input; 
  107.  
  108. // Toggle status to pending if user cannot actually publish 
  109. if ( ! empty( $_POST['post_status'] ) && 'publish' === $_POST['post_status'] ) { 
  110. if ( current_user_can( 'publish_posts' ) ) { 
  111. $post_data['post_status'] = 'publish'; 
  112. } else { 
  113. $post_data['post_status'] = 'pending'; 
  114.  
  115. $post_data['post_content'] = $this->side_load_images( $post_id, $post_data['post_content'] ); 
  116.  
  117. /** 
  118. * Filters the post data of a Press This post before saving/updating. 
  119. * The {@see 'side_load_images'} action has already run at this point. 
  120. * @since 4.5.0 
  121. * @param array $post_data The post data. 
  122. */ 
  123. $post_data = apply_filters( 'press_this_save_post', $post_data ); 
  124.  
  125. $updated = wp_update_post( $post_data, true ); 
  126.  
  127. if ( is_wp_error( $updated ) ) { 
  128. wp_send_json_error( array( 'errorMessage' => $updated->get_error_message() ) ); 
  129. } else { 
  130. if ( isset( $post_data['post_format'] ) ) { 
  131. if ( current_theme_supports( 'post-formats', $post_data['post_format'] ) ) { 
  132. set_post_format( $post_id, $post_data['post_format'] ); 
  133. } elseif ( $post_data['post_format'] ) { 
  134. set_post_format( $post_id, false ); 
  135.  
  136. $forceRedirect = false; 
  137.  
  138. if ( 'publish' === get_post_status( $post_id ) ) { 
  139. $redirect = get_post_permalink( $post_id ); 
  140. } elseif ( isset( $_POST['pt-force-redirect'] ) && $_POST['pt-force-redirect'] === 'true' ) { 
  141. $forceRedirect = true; 
  142. $redirect = get_edit_post_link( $post_id, 'js' ); 
  143. } else { 
  144. $redirect = false; 
  145.  
  146. /** 
  147. * Filters the URL to redirect to when Press This saves. 
  148. * @since 4.2.0 
  149. * @param string $url Redirect URL. If `$status` is 'publish', this will be the post permalink. 
  150. * Otherwise, the default is false resulting in no redirect. 
  151. * @param int $post_id Post ID. 
  152. * @param string $status Post status. 
  153. */ 
  154. $redirect = apply_filters( 'press_this_save_redirect', $redirect, $post_id, $post_data['post_status'] ); 
  155.  
  156. if ( $redirect ) { 
  157. wp_send_json_success( array( 'redirect' => $redirect, 'force' => $forceRedirect ) ); 
  158. } else { 
  159. wp_send_json_success( array( 'postSaved' => true ) ); 
  160.  
  161. /** 
  162. * Ajax handler for adding a new category. 
  163. * @since 4.2.0 
  164. * @access public 
  165. */ 
  166. public function add_category() { 
  167. if ( false === wp_verify_nonce( $_POST['new_cat_nonce'], 'add-category' ) ) { 
  168. wp_send_json_error(); 
  169.  
  170. $taxonomy = get_taxonomy( 'category' ); 
  171.  
  172. if ( ! current_user_can( $taxonomy->cap->edit_terms ) || empty( $_POST['name'] ) ) { 
  173. wp_send_json_error(); 
  174.  
  175. $parent = isset( $_POST['parent'] ) && (int) $_POST['parent'] > 0 ? (int) $_POST['parent'] : 0; 
  176. $names = explode( ', ', $_POST['name'] ); 
  177. $added = $data = array(); 
  178.  
  179. foreach ( $names as $cat_name ) { 
  180. $cat_name = trim( $cat_name ); 
  181. $cat_nicename = sanitize_title( $cat_name ); 
  182.  
  183. if ( empty( $cat_nicename ) ) { 
  184. continue; 
  185.  
  186. // @todo Find a more performant way to check existence, maybe get_term() with a separate parent check. 
  187. if ( term_exists( $cat_name, $taxonomy->name, $parent ) ) { 
  188. if ( count( $names ) === 1 ) { 
  189. wp_send_json_error( array( 'errorMessage' => __( 'This category already exists.' ) ) ); 
  190. } else { 
  191. continue; 
  192.  
  193. $cat_id = wp_insert_term( $cat_name, $taxonomy->name, array( 'parent' => $parent ) ); 
  194.  
  195. if ( is_wp_error( $cat_id ) ) { 
  196. continue; 
  197. } elseif ( is_array( $cat_id ) ) { 
  198. $cat_id = $cat_id['term_id']; 
  199.  
  200. $added[] = $cat_id; 
  201.  
  202. if ( empty( $added ) ) { 
  203. wp_send_json_error( array( 'errorMessage' => __( 'This category cannot be added. Please change the name and try again.' ) ) ); 
  204.  
  205. foreach ( $added as $new_cat_id ) { 
  206. $new_cat = get_category( $new_cat_id ); 
  207.  
  208. if ( is_wp_error( $new_cat ) ) { 
  209. wp_send_json_error( array( 'errorMessage' => __( 'Error while adding the category. Please try again later.' ) ) ); 
  210.  
  211. $data[] = array( 
  212. 'term_id' => $new_cat->term_id,  
  213. 'name' => $new_cat->name,  
  214. 'parent' => $new_cat->parent,  
  215. ); 
  216. wp_send_json_success( $data ); 
  217.  
  218. /** 
  219. * Downloads the source's HTML via server-side call for the given URL. 
  220. * @since 4.2.0 
  221. * @access public 
  222. * @param string $url URL to scan. 
  223. * @return string Source's HTML sanitized markup 
  224. */ 
  225. public function fetch_source_html( $url ) { 
  226. if ( empty( $url ) ) { 
  227. return new WP_Error( 'invalid-url', __( 'A valid URL was not provided.' ) ); 
  228.  
  229. $remote_url = wp_safe_remote_get( $url, array( 
  230. 'timeout' => 30,  
  231. // Use an explicit user-agent for Press This 
  232. 'user-agent' => 'Press This (WordPress/' . get_bloginfo( 'version' ) . '); ' . get_bloginfo( 'url' ) 
  233. ) ); 
  234.  
  235. if ( is_wp_error( $remote_url ) ) { 
  236. return $remote_url; 
  237.  
  238. $allowed_elements = array( 
  239. 'img' => array( 
  240. 'src' => true,  
  241. 'width' => true,  
  242. 'height' => true,  
  243. ),  
  244. 'iframe' => array( 
  245. 'src' => true,  
  246. ),  
  247. 'link' => array( 
  248. 'rel' => true,  
  249. 'itemprop' => true,  
  250. 'href' => true,  
  251. ),  
  252. 'meta' => array( 
  253. 'property' => true,  
  254. 'name' => true,  
  255. 'content' => true,  
  256. ); 
  257.  
  258. $source_content = wp_remote_retrieve_body( $remote_url ); 
  259. $source_content = wp_kses( $source_content, $allowed_elements ); 
  260.  
  261. return $source_content; 
  262.  
  263. /** 
  264. * Utility method to limit an array to 50 values. 
  265. * @ignore 
  266. * @since 4.2.0 
  267. * @param array $value Array to limit. 
  268. * @return array Original array if fewer than 50 values, limited array, empty array otherwise. 
  269. */ 
  270. private function _limit_array( $value ) { 
  271. if ( is_array( $value ) ) { 
  272. if ( count( $value ) > 50 ) { 
  273. return array_slice( $value, 0, 50 ); 
  274.  
  275. return $value; 
  276.  
  277. return array(); 
  278.  
  279. /** 
  280. * Utility method to limit the length of a given string to 5, 000 characters. 
  281. * @ignore 
  282. * @since 4.2.0 
  283. * @param string $value String to limit. 
  284. * @return bool|int|string If boolean or integer, that value. If a string, the original value 
  285. * if fewer than 5, 000 characters, a truncated version, otherwise an 
  286. * empty string. 
  287. */ 
  288. private function _limit_string( $value ) { 
  289. $return = ''; 
  290.  
  291. if ( is_numeric( $value ) || is_bool( $value ) ) { 
  292. $return = $value; 
  293. } else if ( is_string( $value ) ) { 
  294. if ( mb_strlen( $value ) > 5000 ) { 
  295. $return = mb_substr( $value, 0, 5000 ); 
  296. } else { 
  297. $return = $value; 
  298.  
  299. $return = html_entity_decode( $return, ENT_QUOTES, 'UTF-8' ); 
  300. $return = sanitize_text_field( trim( $return ) ); 
  301.  
  302. return $return; 
  303.  
  304. /** 
  305. * Utility method to limit a given URL to 2, 048 characters. 
  306. * @ignore 
  307. * @since 4.2.0 
  308. * @param string $url URL to check for length and validity. 
  309. * @return string Escaped URL if of valid length (< 2048) and makeup. Empty string otherwise. 
  310. */ 
  311. private function _limit_url( $url ) { 
  312. if ( ! is_string( $url ) ) { 
  313. return ''; 
  314.  
  315. // HTTP 1.1 allows 8000 chars but the "de-facto" standard supported in all current browsers is 2048. 
  316. if ( strlen( $url ) > 2048 ) { 
  317. return ''; // Return empty rather than a truncated/invalid URL 
  318.  
  319. // Does not look like a URL. 
  320. if ( ! preg_match( '/^([!#$&-;=?-\[\]_a-z~]|%[0-9a-fA-F]{2})+$/', $url ) ) { 
  321. return ''; 
  322.  
  323. // If the URL is root-relative, prepend the protocol and domain name 
  324. if ( $url && $this->domain && preg_match( '%^/[^/]+%', $url ) ) { 
  325. $url = $this->domain . $url; 
  326.  
  327. // Not absolute or protocol-relative URL. 
  328. if ( ! preg_match( '%^(?:https?:)?//[^/]+%', $url ) ) { 
  329. return ''; 
  330.  
  331. return esc_url_raw( $url, array( 'http', 'https' ) ); 
  332.  
  333. /** 
  334. * Utility method to limit image source URLs. 
  335. * Excluded URLs include share-this type buttons, loaders, spinners, spacers, WordPress interface images,  
  336. * tiny buttons or thumbs, mathtag.com or quantserve.com images, or the WordPress.com stats gif. 
  337. * @ignore 
  338. * @since 4.2.0 
  339. * @param string $src Image source URL. 
  340. * @return string If not matched an excluded URL type, the original URL, empty string otherwise. 
  341. */ 
  342. private function _limit_img( $src ) { 
  343. $src = $this->_limit_url( $src ); 
  344.  
  345. if ( preg_match( '!/ad[sx]?/!i', $src ) ) { 
  346. // Ads 
  347. return ''; 
  348. } else if ( preg_match( '!(/share-?this[^.]+?\.[a-z0-9]{3, 4})(\?.*)?$!i', $src ) ) { 
  349. // Share-this type button 
  350. return ''; 
  351. } else if ( preg_match( '!/(spinner|loading|spacer|blank|rss)\.(gif|jpg|png)!i', $src ) ) { 
  352. // Loaders, spinners, spacers 
  353. return ''; 
  354. } else if ( preg_match( '!/([^./]+[-_])?(spinner|loading|spacer|blank)s?([-_][^./]+)?\.[a-z0-9]{3, 4}!i', $src ) ) { 
  355. // Fancy loaders, spinners, spacers 
  356. return ''; 
  357. } else if ( preg_match( '!([^./]+[-_])?thumb[^.]*\.(gif|jpg|png)$!i', $src ) ) { 
  358. // Thumbnails, too small, usually irrelevant to context 
  359. return ''; 
  360. } else if ( false !== stripos( $src, '/wp-includes/' ) ) { 
  361. // Classic WordPress interface images 
  362. return ''; 
  363. } else if ( preg_match( '![^\d]\d{1, 2}x\d+\.(gif|jpg|png)$!i', $src ) ) { 
  364. // Most often tiny buttons/thumbs (< 100px wide) 
  365. return ''; 
  366. } else if ( preg_match( '!/pixel\.(mathtag|quantserve)\.com!i', $src ) ) { 
  367. // See mathtag.com and https://www.quantcast.com/how-we-do-it/iab-standard-measurement/how-we-collect-data/ 
  368. return ''; 
  369. } else if ( preg_match( '!/[gb]\.gif(\?.+)?$!i', $src ) ) { 
  370. // WordPress.com stats gif 
  371. return ''; 
  372.  
  373. return $src; 
  374.  
  375. /** 
  376. * Limit embed source URLs to specific providers. 
  377. * Not all core oEmbed providers are supported. Supported providers include YouTube, Vimeo,  
  378. * Vine, Daily Motion, SoundCloud, and Twitter. 
  379. * @ignore 
  380. * @since 4.2.0 
  381. * @param string $src Embed source URL. 
  382. * @return string If not from a supported provider, an empty string. Otherwise, a reformatted embed URL. 
  383. */ 
  384. private function _limit_embed( $src ) { 
  385. $src = $this->_limit_url( $src ); 
  386.  
  387. if ( empty( $src ) ) 
  388. return ''; 
  389.  
  390. if ( preg_match( '!//(m|www)\.youtube\.com/(embed|v)/([^?]+)\?.+$!i', $src, $src_matches ) ) { 
  391. // Embedded Youtube videos (www or mobile) 
  392. $src = 'https://www.youtube.com/watch?v=' . $src_matches[3]; 
  393. } else if ( preg_match( '!//player\.vimeo\.com/video/([\d]+)([?/].*)?$!i', $src, $src_matches ) ) { 
  394. // Embedded Vimeo iframe videos 
  395. $src = 'https://vimeo.com/' . (int) $src_matches[1]; 
  396. } else if ( preg_match( '!//vimeo\.com/moogaloop\.swf\?clip_id=([\d]+)$!i', $src, $src_matches ) ) { 
  397. // Embedded Vimeo Flash videos 
  398. $src = 'https://vimeo.com/' . (int) $src_matches[1]; 
  399. } else if ( preg_match( '!//vine\.co/v/([^/]+)/embed!i', $src, $src_matches ) ) { 
  400. // Embedded Vine videos 
  401. $src = 'https://vine.co/v/' . $src_matches[1]; 
  402. } else if ( preg_match( '!//(www\.)?dailymotion\.com/embed/video/([^/?]+)([/?].+)?!i', $src, $src_matches ) ) { 
  403. // Embedded Daily Motion videos 
  404. $src = 'https://www.dailymotion.com/video/' . $src_matches[2]; 
  405. } else { 
  406. $oembed = _wp_oembed_get_object(); 
  407.  
  408. if ( ! $oembed->get_provider( $src, array( 'discover' => false ) ) ) { 
  409. $src = ''; 
  410.  
  411. return $src; 
  412.  
  413. /** 
  414. * Process a meta data entry from the source. 
  415. * @ignore 
  416. * @since 4.2.0 
  417. * @param string $meta_name Meta key name. 
  418. * @param mixed $meta_value Meta value. 
  419. * @param array $data Associative array of source data. 
  420. * @return array Processed data array. 
  421. */ 
  422. private function _process_meta_entry( $meta_name, $meta_value, $data ) { 
  423. if ( preg_match( '/:?(title|description|keywords|site_name)$/', $meta_name ) ) { 
  424. $data['_meta'][ $meta_name ] = $meta_value; 
  425. } else { 
  426. switch ( $meta_name ) { 
  427. case 'og:url': 
  428. case 'og:video': 
  429. case 'og:video:secure_url': 
  430. $meta_value = $this->_limit_embed( $meta_value ); 
  431.  
  432. if ( ! isset( $data['_embeds'] ) ) { 
  433. $data['_embeds'] = array(); 
  434.  
  435. if ( ! empty( $meta_value ) && ! in_array( $meta_value, $data['_embeds'] ) ) { 
  436. $data['_embeds'][] = $meta_value; 
  437.  
  438. break; 
  439. case 'og:image': 
  440. case 'og:image:secure_url': 
  441. case 'twitter:image0:src': 
  442. case 'twitter:image0': 
  443. case 'twitter:image:src': 
  444. case 'twitter:image': 
  445. $meta_value = $this->_limit_img( $meta_value ); 
  446.  
  447. if ( ! isset( $data['_images'] ) ) { 
  448. $data['_images'] = array(); 
  449.  
  450. if ( ! empty( $meta_value ) && ! in_array( $meta_value, $data['_images'] ) ) { 
  451. $data['_images'][] = $meta_value; 
  452.  
  453. break; 
  454.  
  455. return $data; 
  456.  
  457. /** 
  458. * Fetches and parses _meta, _images, and _links data from the source. 
  459. * @since 4.2.0 
  460. * @access public 
  461. * @param string $url URL to scan. 
  462. * @param array $data Optional. Existing data array if you have one. Default empty array. 
  463. * @return array New data array. 
  464. */ 
  465. public function source_data_fetch_fallback( $url, $data = array() ) { 
  466. if ( empty( $url ) ) { 
  467. return array(); 
  468.  
  469. // Download source page to tmp file. 
  470. $source_content = $this->fetch_source_html( $url ); 
  471. if ( is_wp_error( $source_content ) ) { 
  472. return array( 'errors' => $source_content->get_error_messages() ); 
  473.  
  474. // Fetch and gather <meta> data first, so discovered media is offered 1st to user. 
  475. if ( empty( $data['_meta'] ) ) { 
  476. $data['_meta'] = array(); 
  477.  
  478. if ( preg_match_all( '/<meta [^>]+>/', $source_content, $matches ) ) { 
  479. $items = $this->_limit_array( $matches[0] ); 
  480.  
  481. foreach ( $items as $value ) { 
  482. if ( preg_match( '/(property|name)="([^"]+)"[^>]+content="([^"]+)"/', $value, $new_matches ) ) { 
  483. $meta_name = $this->_limit_string( $new_matches[2] ); 
  484. $meta_value = $this->_limit_string( $new_matches[3] ); 
  485.  
  486. // Sanity check. $key is usually things like 'title', 'description', 'keywords', etc. 
  487. if ( strlen( $meta_name ) > 100 ) { 
  488. continue; 
  489.  
  490. $data = $this->_process_meta_entry( $meta_name, $meta_value, $data ); 
  491.  
  492. // Fetch and gather <img> data. 
  493. if ( empty( $data['_images'] ) ) { 
  494. $data['_images'] = array(); 
  495.  
  496. if ( preg_match_all( '/<img [^>]+>/', $source_content, $matches ) ) { 
  497. $items = $this->_limit_array( $matches[0] ); 
  498.  
  499. foreach ( $items as $value ) { 
  500. if ( ( preg_match( '/width=(\'|")(\d+)\\1/i', $value, $new_matches ) && $new_matches[2] < 256 ) || 
  501. ( preg_match( '/height=(\'|")(\d+)\\1/i', $value, $new_matches ) && $new_matches[2] < 128 ) ) { 
  502.  
  503. continue; 
  504.  
  505. if ( preg_match( '/src=(\'|")([^\'"]+)\\1/i', $value, $new_matches ) ) { 
  506. $src = $this->_limit_img( $new_matches[2] ); 
  507. if ( ! empty( $src ) && ! in_array( $src, $data['_images'] ) ) { 
  508. $data['_images'][] = $src; 
  509.  
  510. // Fetch and gather <iframe> data. 
  511. if ( empty( $data['_embeds'] ) ) { 
  512. $data['_embeds'] = array(); 
  513.  
  514. if ( preg_match_all( '/<iframe [^>]+>/', $source_content, $matches ) ) { 
  515. $items = $this->_limit_array( $matches[0] ); 
  516.  
  517. foreach ( $items as $value ) { 
  518. if ( preg_match( '/src=(\'|")([^\'"]+)\\1/', $value, $new_matches ) ) { 
  519. $src = $this->_limit_embed( $new_matches[2] ); 
  520.  
  521. if ( ! empty( $src ) && ! in_array( $src, $data['_embeds'] ) ) { 
  522. $data['_embeds'][] = $src; 
  523.  
  524. // Fetch and gather <link> data. 
  525. if ( empty( $data['_links'] ) ) { 
  526. $data['_links'] = array(); 
  527.  
  528. if ( preg_match_all( '/<link [^>]+>/', $source_content, $matches ) ) { 
  529. $items = $this->_limit_array( $matches[0] ); 
  530.  
  531. foreach ( $items as $value ) { 
  532. if ( preg_match( '/rel=["\'](canonical|shortlink|icon)["\']/i', $value, $matches_rel ) && preg_match( '/href=[\'"]([^\'" ]+)[\'"]/i', $value, $matches_url ) ) { 
  533. $rel = $matches_rel[1]; 
  534. $url = $this->_limit_url( $matches_url[1] ); 
  535.  
  536. if ( ! empty( $url ) && empty( $data['_links'][ $rel ] ) ) { 
  537. $data['_links'][ $rel ] = $url; 
  538.  
  539. return $data; 
  540.  
  541. /** 
  542. * Handles backward-compat with the legacy version of Press This by supporting its query string params. 
  543. * @since 4.2.0 
  544. * @access public 
  545. * @return array 
  546. */ 
  547. public function merge_or_fetch_data() { 
  548. // Get data from $_POST and $_GET, as appropriate ($_POST > $_GET), to remain backward compatible. 
  549. $data = array(); 
  550.  
  551. // Only instantiate the keys we want. Sanity check and sanitize each one. 
  552. foreach ( array( 'u', 's', 't', 'v' ) as $key ) { 
  553. if ( ! empty( $_POST[ $key ] ) ) { 
  554. $value = wp_unslash( $_POST[ $key ] ); 
  555. } else if ( ! empty( $_GET[ $key ] ) ) { 
  556. $value = wp_unslash( $_GET[ $key ] ); 
  557. } else { 
  558. continue; 
  559.  
  560. if ( 'u' === $key ) { 
  561. $value = $this->_limit_url( $value ); 
  562.  
  563. if ( preg_match( '%^(?:https?:)?//[^/]+%i', $value, $domain_match ) ) { 
  564. $this->domain = $domain_match[0]; 
  565. } else { 
  566. $value = $this->_limit_string( $value ); 
  567.  
  568. if ( ! empty( $value ) ) { 
  569. $data[ $key ] = $value; 
  570.  
  571. /** 
  572. * Filters whether to enable in-source media discovery in Press This. 
  573. * @since 4.2.0 
  574. * @param bool $enable Whether to enable media discovery. 
  575. */ 
  576. if ( apply_filters( 'enable_press_this_media_discovery', true ) ) { 
  577. /** 
  578. * If no title, _images, _embed, and _meta was passed via $_POST, fetch data from source as fallback,  
  579. * making PT fully backward compatible with the older bookmarklet. 
  580. */ 
  581. if ( empty( $_POST ) && ! empty( $data['u'] ) ) { 
  582. if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], 'scan-site' ) ) { 
  583. $data = $this->source_data_fetch_fallback( $data['u'], $data ); 
  584. } else { 
  585. $data['errors'] = 'missing nonce'; 
  586. } else { 
  587. foreach ( array( '_images', '_embeds' ) as $type ) { 
  588. if ( empty( $_POST[ $type ] ) ) { 
  589. continue; 
  590.  
  591. $data[ $type ] = array(); 
  592. $items = $this->_limit_array( $_POST[ $type ] ); 
  593.  
  594. foreach ( $items as $key => $value ) { 
  595. if ( $type === '_images' ) { 
  596. $value = $this->_limit_img( wp_unslash( $value ) ); 
  597. } else { 
  598. $value = $this->_limit_embed( wp_unslash( $value ) ); 
  599.  
  600. if ( ! empty( $value ) ) { 
  601. $data[ $type ][] = $value; 
  602.  
  603. foreach ( array( '_meta', '_links' ) as $type ) { 
  604. if ( empty( $_POST[ $type ] ) ) { 
  605. continue; 
  606.  
  607. $data[ $type ] = array(); 
  608. $items = $this->_limit_array( $_POST[ $type ] ); 
  609.  
  610. foreach ( $items as $key => $value ) { 
  611. // Sanity check. These are associative arrays, $key is usually things like 'title', 'description', 'keywords', etc. 
  612. if ( empty( $key ) || strlen( $key ) > 100 ) { 
  613. continue; 
  614.  
  615. if ( $type === '_meta' ) { 
  616. $value = $this->_limit_string( wp_unslash( $value ) ); 
  617.  
  618. if ( ! empty( $value ) ) { 
  619. $data = $this->_process_meta_entry( $key, $value, $data ); 
  620. } else { 
  621. if ( in_array( $key, array( 'canonical', 'shortlink', 'icon' ), true ) ) { 
  622. $data[ $type ][ $key ] = $this->_limit_url( wp_unslash( $value ) ); 
  623.  
  624. // Support passing a single image src as `i` 
  625. if ( ! empty( $_REQUEST['i'] ) && ( $img_src = $this->_limit_img( wp_unslash( $_REQUEST['i'] ) ) ) ) { 
  626. if ( empty( $data['_images'] ) ) { 
  627. $data['_images'] = array( $img_src ); 
  628. } elseif ( ! in_array( $img_src, $data['_images'], true ) ) { 
  629. array_unshift( $data['_images'], $img_src ); 
  630.  
  631. /** 
  632. * Filters the Press This data array. 
  633. * @since 4.2.0 
  634. * @param array $data Press This Data array. 
  635. */ 
  636. return apply_filters( 'press_this_data', $data ); 
  637.  
  638. /** 
  639. * Adds another stylesheet inside TinyMCE. 
  640. * @since 4.2.0 
  641. * @access public 
  642. * @param string $styles URL to editor stylesheet. 
  643. * @return string Possibly modified stylesheets list. 
  644. */ 
  645. public function add_editor_style( $styles ) { 
  646. if ( ! empty( $styles ) ) { 
  647. $styles .= ', '; 
  648.  
  649. $press_this = admin_url( 'css/press-this-editor.css' ); 
  650. if ( is_rtl() ) { 
  651. $press_this = str_replace( '.css', '-rtl.css', $press_this ); 
  652.  
  653. return $styles . $press_this; 
  654.  
  655. /** 
  656. * Outputs the post format selection HTML. 
  657. * @since 4.2.0 
  658. * @access public 
  659. * @param WP_Post $post Post object. 
  660. */ 
  661. public function post_formats_html( $post ) { 
  662. if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) ) { 
  663. $post_formats = get_theme_support( 'post-formats' ); 
  664.  
  665. if ( is_array( $post_formats[0] ) ) { 
  666. $post_format = get_post_format( $post->ID ); 
  667.  
  668. if ( ! $post_format ) { 
  669. $post_format = '0'; 
  670.  
  671. // Add in the current one if it isn't there yet, in case the current theme doesn't support it. 
  672. if ( $post_format && ! in_array( $post_format, $post_formats[0] ) ) { 
  673. $post_formats[0][] = $post_format; 
  674.  
  675. ?> 
  676. <div id="post-formats-select"> 
  677. <fieldset><legend class="screen-reader-text"><?php _e( 'Post Formats' ); ?></legend> 
  678. <input type="radio" name="post_format" class="post-format" id="post-format-0" value="0" <?php checked( $post_format, '0' ); ?> /> 
  679. <label for="post-format-0" class="post-format-icon post-format-standard"><?php echo get_post_format_string( 'standard' ); ?></label> 
  680. <?php 
  681.  
  682. foreach ( $post_formats[0] as $format ) { 
  683. $attr_format = esc_attr( $format ); 
  684. ?> 
  685. <br /> 
  686. <input type="radio" name="post_format" class="post-format" id="post-format-<?php echo $attr_format; ?>" value="<?php echo $attr_format; ?>" <?php checked( $post_format, $format ); ?> /> 
  687. <label for="post-format-<?php echo $attr_format ?>" class="post-format-icon post-format-<?php echo $attr_format; ?>"><?php echo esc_html( get_post_format_string( $format ) ); ?></label> 
  688. <?php 
  689.  
  690. ?> 
  691. </fieldset> 
  692. </div> 
  693. <?php 
  694.  
  695. /** 
  696. * Outputs the categories HTML. 
  697. * @since 4.2.0 
  698. * @access public 
  699. * @param WP_Post $post Post object. 
  700. */ 
  701. public function categories_html( $post ) { 
  702. $taxonomy = get_taxonomy( 'category' ); 
  703.  
  704. // Bail if user cannot assign terms 
  705. if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) { 
  706. return; 
  707.  
  708. // Only show "add" if user can edit terms 
  709. if ( current_user_can( $taxonomy->cap->edit_terms ) ) { 
  710. ?> 
  711. <button type="button" class="add-cat-toggle button-link" aria-expanded="false"> 
  712. <span class="dashicons dashicons-plus"></span><span class="screen-reader-text"><?php _e( 'Toggle add category' ); ?></span> 
  713. </button> 
  714. <div class="add-category is-hidden"> 
  715. <label class="screen-reader-text" for="new-category"><?php echo $taxonomy->labels->add_new_item; ?></label> 
  716. <input type="text" id="new-category" class="add-category-name" placeholder="<?php echo esc_attr( $taxonomy->labels->new_item_name ); ?>" value="" aria-required="true"> 
  717. <label class="screen-reader-text" for="new-category-parent"><?php echo $taxonomy->labels->parent_item_colon; ?></label> 
  718. <div class="postform-wrapper"> 
  719. <?php 
  720. wp_dropdown_categories( array( 
  721. 'taxonomy' => 'category',  
  722. 'hide_empty' => 0,  
  723. 'name' => 'new-category-parent',  
  724. 'orderby' => 'name',  
  725. 'hierarchical' => 1,  
  726. 'show_option_none' => '— ' . $taxonomy->labels->parent_item . ' —' 
  727. ) ); 
  728. ?> 
  729. </div> 
  730. <button type="button" class="add-cat-submit"><?php _e( 'Add' ); ?></button> 
  731. </div> 
  732. <?php 
  733.  
  734. ?> 
  735. <div class="categories-search-wrapper"> 
  736. <input id="categories-search" type="search" class="categories-search" placeholder="<?php esc_attr_e( 'Search categories by name' ) ?>"> 
  737. <label for="categories-search"> 
  738. <span class="dashicons dashicons-search"></span><span class="screen-reader-text"><?php _e( 'Search categories' ); ?></span> 
  739. </label> 
  740. </div> 
  741. <div aria-label="<?php esc_attr_e( 'Categories' ); ?>"> 
  742. <ul class="categories-select"> 
  743. <?php wp_terms_checklist( $post->ID, array( 'taxonomy' => 'category', 'list_only' => true ) ); ?> 
  744. </ul> 
  745. </div> 
  746. <?php 
  747.  
  748. /** 
  749. * Outputs the tags HTML. 
  750. * @since 4.2.0 
  751. * @access public 
  752. * @param WP_Post $post Post object. 
  753. */ 
  754. public function tags_html( $post ) { 
  755. $taxonomy = get_taxonomy( 'post_tag' ); 
  756. $user_can_assign_terms = current_user_can( $taxonomy->cap->assign_terms ); 
  757. $esc_tags = get_terms_to_edit( $post->ID, 'post_tag' ); 
  758.  
  759. if ( ! $esc_tags || is_wp_error( $esc_tags ) ) { 
  760. $esc_tags = ''; 
  761.  
  762. ?> 
  763. <div class="tagsdiv" id="post_tag"> 
  764. <div class="jaxtag"> 
  765. <input type="hidden" name="tax_input[post_tag]" class="the-tags" value="<?php echo $esc_tags; // escaped in get_terms_to_edit() ?>"> 
  766. <?php 
  767.  
  768. if ( $user_can_assign_terms ) { 
  769. ?> 
  770. <div class="ajaxtag hide-if-no-js"> 
  771. <label class="screen-reader-text" for="new-tag-post_tag"><?php _e( 'Tags' ); ?></label> 
  772. <p> 
  773. <input type="text" id="new-tag-post_tag" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="" aria-describedby="new-tag-desc" /> 
  774. <button type="button" class="tagadd"><?php _e( 'Add' ); ?></button> 
  775. </p> 
  776. </div> 
  777. <p class="howto" id="new-tag-desc"> 
  778. <?php echo $taxonomy->labels->separate_items_with_commas; ?> 
  779. </p> 
  780. <?php 
  781.  
  782. ?> 
  783. </div> 
  784. <div class="tagchecklist"></div> 
  785. </div> 
  786. <?php 
  787.  
  788. if ( $user_can_assign_terms ) { 
  789. ?> 
  790. <button type="button" class="button-link tagcloud-link" id="link-post_tag" aria-expanded="false"><?php echo $taxonomy->labels->choose_from_most_used; ?></button> 
  791. <?php 
  792.  
  793. /** 
  794. * Get a list of embeds with no duplicates. 
  795. * @since 4.2.0 
  796. * @access public 
  797. * @param array $data The site's data. 
  798. * @return array Embeds selected to be available. 
  799. */ 
  800. public function get_embeds( $data ) { 
  801. $selected_embeds = array(); 
  802.  
  803. // Make sure to add the Pressed page if it's a valid oembed itself 
  804. if ( ! empty ( $data['u'] ) && $this->_limit_embed( $data['u'] ) ) { 
  805. $data['_embeds'][] = $data['u']; 
  806.  
  807. if ( ! empty( $data['_embeds'] ) ) { 
  808. foreach ( $data['_embeds'] as $src ) { 
  809. $prot_relative_src = preg_replace( '/^https?:/', '', $src ); 
  810.  
  811. if ( in_array( $prot_relative_src, $this->embeds ) ) { 
  812. continue; 
  813.  
  814. $selected_embeds[] = $src; 
  815. $this->embeds[] = $prot_relative_src; 
  816.  
  817. return $selected_embeds; 
  818.  
  819. /** 
  820. * Get a list of images with no duplicates. 
  821. * @since 4.2.0 
  822. * @access public 
  823. * @param array $data The site's data. 
  824. * @return array 
  825. */ 
  826. public function get_images( $data ) { 
  827. $selected_images = array(); 
  828.  
  829. if ( ! empty( $data['_images'] ) ) { 
  830. foreach ( $data['_images'] as $src ) { 
  831. if ( false !== strpos( $src, 'gravatar.com' ) ) { 
  832. $src = preg_replace( '%http://[\d]+\.gravatar\.com/%', 'https://secure.gravatar.com/', $src ); 
  833.  
  834. $prot_relative_src = preg_replace( '/^https?:/', '', $src ); 
  835.  
  836. if ( in_array( $prot_relative_src, $this->images ) || 
  837. ( false !== strpos( $src, 'avatar' ) && count( $this->images ) > 15 ) ) { 
  838. // Skip: already selected or some type of avatar and we've already gathered more than 15 images. 
  839. continue; 
  840.  
  841. $selected_images[] = $src; 
  842. $this->images[] = $prot_relative_src; 
  843.  
  844. return $selected_images; 
  845.  
  846. /** 
  847. * Gets the source page's canonical link, based on passed location and meta data. 
  848. * @since 4.2.0 
  849. * @access public 
  850. * @param array $data The site's data. 
  851. * @return string Discovered canonical URL, or empty 
  852. */ 
  853. public function get_canonical_link( $data ) { 
  854. $link = ''; 
  855.  
  856. if ( ! empty( $data['_links']['canonical'] ) ) { 
  857. $link = $data['_links']['canonical']; 
  858. } elseif ( ! empty( $data['u'] ) ) { 
  859. $link = $data['u']; 
  860. } elseif ( ! empty( $data['_meta'] ) ) { 
  861. if ( ! empty( $data['_meta']['twitter:url'] ) ) { 
  862. $link = $data['_meta']['twitter:url']; 
  863. } else if ( ! empty( $data['_meta']['og:url'] ) ) { 
  864. $link = $data['_meta']['og:url']; 
  865.  
  866. if ( empty( $link ) && ! empty( $data['_links']['shortlink'] ) ) { 
  867. $link = $data['_links']['shortlink']; 
  868.  
  869. return $link; 
  870.  
  871. /** 
  872. * Gets the source page's site name, based on passed meta data. 
  873. * @since 4.2.0 
  874. * @access public 
  875. * @param array $data The site's data. 
  876. * @return string Discovered site name, or empty 
  877. */ 
  878. public function get_source_site_name( $data ) { 
  879. $name = ''; 
  880.  
  881. if ( ! empty( $data['_meta'] ) ) { 
  882. if ( ! empty( $data['_meta']['og:site_name'] ) ) { 
  883. $name = $data['_meta']['og:site_name']; 
  884. } else if ( ! empty( $data['_meta']['application-name'] ) ) { 
  885. $name = $data['_meta']['application-name']; 
  886.  
  887. return $name; 
  888.  
  889. /** 
  890. * Gets the source page's title, based on passed title and meta data. 
  891. * @since 4.2.0 
  892. * @access public 
  893. * @param array $data The site's data. 
  894. * @return string Discovered page title, or empty 
  895. */ 
  896. public function get_suggested_title( $data ) { 
  897. $title = ''; 
  898.  
  899. if ( ! empty( $data['t'] ) ) { 
  900. $title = $data['t']; 
  901. } elseif ( ! empty( $data['_meta'] ) ) { 
  902. if ( ! empty( $data['_meta']['twitter:title'] ) ) { 
  903. $title = $data['_meta']['twitter:title']; 
  904. } else if ( ! empty( $data['_meta']['og:title'] ) ) { 
  905. $title = $data['_meta']['og:title']; 
  906. } else if ( ! empty( $data['_meta']['title'] ) ) { 
  907. $title = $data['_meta']['title']; 
  908.  
  909. return $title; 
  910.  
  911. /** 
  912. * Gets the source page's suggested content, based on passed data (description, selection, etc). 
  913. * Features a blockquoted excerpt, as well as content attribution, if any. 
  914. * @since 4.2.0 
  915. * @access public 
  916. * @param array $data The site's data. 
  917. * @return string Discovered content, or empty 
  918. */ 
  919. public function get_suggested_content( $data ) { 
  920. $content = $text = ''; 
  921.  
  922. if ( ! empty( $data['s'] ) ) { 
  923. $text = $data['s']; 
  924. } else if ( ! empty( $data['_meta'] ) ) { 
  925. if ( ! empty( $data['_meta']['twitter:description'] ) ) { 
  926. $text = $data['_meta']['twitter:description']; 
  927. } else if ( ! empty( $data['_meta']['og:description'] ) ) { 
  928. $text = $data['_meta']['og:description']; 
  929. } else if ( ! empty( $data['_meta']['description'] ) ) { 
  930. $text = $data['_meta']['description']; 
  931.  
  932. // If there is an ellipsis at the end, the description is very likely auto-generated. Better to ignore it. 
  933. if ( $text && substr( $text, -3 ) === '...' ) { 
  934. $text = ''; 
  935.  
  936. $default_html = array( 'quote' => '', 'link' => '', 'embed' => '' ); 
  937.  
  938. if ( ! empty( $data['u'] ) && $this->_limit_embed( $data['u'] ) ) { 
  939. $default_html['embed'] = '<p>[embed]' . $data['u'] . '[/embed]</p>'; 
  940.  
  941. if ( ! empty( $data['s'] ) ) { 
  942. // If the user has selected some text, do quote it. 
  943. $default_html['quote'] = '<blockquote>%1$s</blockquote>'; 
  944. } else { 
  945. $default_html['quote'] = '<blockquote>%1$s</blockquote>'; 
  946. $default_html['link'] = '<p>' . _x( 'Source:', 'Used in Press This to indicate where the content comes from.' ) . 
  947. ' <em><a href="%1$s">%2$s</a></em></p>'; 
  948.  
  949. /** 
  950. * Filters the default HTML tags used in the suggested content for the editor. 
  951. * The HTML strings use printf format. After filtering the content is added at the specified places with `sprintf()`. 
  952. * @since 4.2.0 
  953. * @param array $default_html Associative array with three possible keys: 
  954. * - 'quote' where %1$s is replaced with the site description or the selected content. 
  955. * - 'link' where %1$s is link href, %2$s is link text, usually the source page title. 
  956. * - 'embed' which contains an [embed] shortcode when the source page offers embeddable content. 
  957. * @param array $data Associative array containing the data from the source page. 
  958. */ 
  959. $default_html = apply_filters( 'press_this_suggested_html', $default_html, $data ); 
  960.  
  961. if ( ! empty( $default_html['embed'] ) ) { 
  962. $content .= $default_html['embed']; 
  963.  
  964. // Wrap suggested content in the specified HTML. 
  965. if ( ! empty( $default_html['quote'] ) && $text ) { 
  966. $content .= sprintf( $default_html['quote'], $text ); 
  967.  
  968. // Add source attribution if there is one available. 
  969. if ( ! empty( $default_html['link'] ) ) { 
  970. $title = $this->get_suggested_title( $data ); 
  971. $url = $this->get_canonical_link( $data ); 
  972.  
  973. if ( ! $title ) { 
  974. $title = $this->get_source_site_name( $data ); 
  975.  
  976. if ( $url && $title ) { 
  977. $content .= sprintf( $default_html['link'], $url, $title ); 
  978.  
  979. return $content; 
  980.  
  981. /** 
  982. * Serves the app's base HTML, which in turns calls the load script. 
  983. * @since 4.2.0 
  984. * @access public 
  985. * @global WP_Locale $wp_locale 
  986. * @global bool $is_IE 
  987. */ 
  988. public function html() { 
  989. global $wp_locale; 
  990.  
  991. $wp_version = get_bloginfo( 'version' ); 
  992.  
  993. // Get data, new (POST) and old (GET). 
  994. $data = $this->merge_or_fetch_data(); 
  995.  
  996. $post_title = $this->get_suggested_title( $data ); 
  997.  
  998. $post_content = $this->get_suggested_content( $data ); 
  999.  
  1000. // Get site settings array/data. 
  1001. $site_settings = $this->site_settings(); 
  1002.  
  1003. // Pass the images and embeds 
  1004. $images = $this->get_images( $data ); 
  1005. $embeds = $this->get_embeds( $data ); 
  1006.  
  1007. $site_data = array( 
  1008. 'v' => ! empty( $data['v'] ) ? $data['v'] : '',  
  1009. 'u' => ! empty( $data['u'] ) ? $data['u'] : '',  
  1010. 'hasData' => ! empty( $data ) && ! isset( $data['errors'] ),  
  1011. ); 
  1012.  
  1013. if ( ! empty( $images ) ) { 
  1014. $site_data['_images'] = $images; 
  1015.  
  1016. if ( ! empty( $embeds ) ) { 
  1017. $site_data['_embeds'] = $embeds; 
  1018.  
  1019. // Add press-this-editor.css and remove theme's editor-style.css, if any. 
  1020. remove_editor_styles(); 
  1021.  
  1022. add_filter( 'mce_css', array( $this, 'add_editor_style' ) ); 
  1023.  
  1024. if ( ! empty( $GLOBALS['is_IE'] ) ) { 
  1025. @header( 'X-UA-Compatible: IE=edge' ); 
  1026.  
  1027. @header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); 
  1028.  
  1029. ?> 
  1030. <!DOCTYPE html> 
  1031. <!--[if IE 7]> <html class="lt-ie9 lt-ie8" <?php language_attributes(); ?>> <![endif]--> 
  1032. <!--[if IE 8]> <html class="lt-ie9" <?php language_attributes(); ?>> <![endif]--> 
  1033. <!--[if gt IE 8]><!--> <html <?php language_attributes(); ?>> <!--<![endif]--> 
  1034. <head> 
  1035. <meta http-equiv="Content-Type" content="<?php echo esc_attr( get_bloginfo( 'html_type' ) ); ?>; charset=<?php echo esc_attr( get_option( 'blog_charset' ) ); ?>" /> 
  1036. <meta name="viewport" content="width=device-width"> 
  1037. <title><?php esc_html_e( 'Press This!' ) ?></title> 
  1038.  
  1039. <script> 
  1040. window.wpPressThisData = <?php echo wp_json_encode( $site_data ); ?>; 
  1041. window.wpPressThisConfig = <?php echo wp_json_encode( $site_settings ); ?>; 
  1042. </script> 
  1043.  
  1044. <script type="text/javascript"> 
  1045. var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',  
  1046. pagenow = 'press-this',  
  1047. typenow = 'post',  
  1048. adminpage = 'press-this-php',  
  1049. thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',  
  1050. decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',  
  1051. isRtl = <?php echo (int) is_rtl(); ?>; 
  1052. </script> 
  1053.  
  1054. <?php 
  1055. /** 
  1056. * $post->ID is needed for the embed shortcode so we can show oEmbed previews in the editor. 
  1057. * Maybe find a way without it. 
  1058. */ 
  1059. $post = get_default_post_to_edit( 'post', true ); 
  1060. $post_ID = (int) $post->ID; 
  1061.  
  1062. wp_enqueue_media( array( 'post' => $post_ID ) ); 
  1063. wp_enqueue_style( 'press-this' ); 
  1064. wp_enqueue_script( 'press-this' ); 
  1065. wp_enqueue_script( 'json2' ); 
  1066. wp_enqueue_script( 'editor' ); 
  1067.  
  1068. $categories_tax = get_taxonomy( 'category' ); 
  1069. $show_categories = current_user_can( $categories_tax->cap->assign_terms ) || current_user_can( $categories_tax->cap->edit_terms ); 
  1070.  
  1071. $tag_tax = get_taxonomy( 'post_tag' ); 
  1072. $show_tags = current_user_can( $tag_tax->cap->assign_terms ); 
  1073.  
  1074. $supports_formats = false; 
  1075. $post_format = 0; 
  1076.  
  1077. if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) ) { 
  1078. $supports_formats = true; 
  1079.  
  1080. if ( ! ( $post_format = get_post_format( $post_ID ) ) ) { 
  1081. $post_format = 0; 
  1082.  
  1083. /** This action is documented in wp-admin/admin-header.php */ 
  1084. do_action( 'admin_enqueue_scripts', 'press-this.php' ); 
  1085.  
  1086. /** This action is documented in wp-admin/admin-header.php */ 
  1087. do_action( 'admin_print_styles-press-this.php' ); 
  1088.  
  1089. /** This action is documented in wp-admin/admin-header.php */ 
  1090. do_action( 'admin_print_styles' ); 
  1091.  
  1092. /** This action is documented in wp-admin/admin-header.php */ 
  1093. do_action( 'admin_print_scripts-press-this.php' ); 
  1094.  
  1095. /** This action is documented in wp-admin/admin-header.php */ 
  1096. do_action( 'admin_print_scripts' ); 
  1097.  
  1098. /** This action is documented in wp-admin/admin-header.php */ 
  1099. do_action( 'admin_head-press-this.php' ); 
  1100.  
  1101. /** This action is documented in wp-admin/admin-header.php */ 
  1102. do_action( 'admin_head' ); 
  1103. ?> 
  1104. </head> 
  1105. <?php 
  1106.  
  1107. $admin_body_class = 'press-this'; 
  1108. $admin_body_class .= ( is_rtl() ) ? ' rtl' : ''; 
  1109. $admin_body_class .= ' branch-' . str_replace( array( '.', ', ' ), '-', floatval( $wp_version ) ); 
  1110. $admin_body_class .= ' version-' . str_replace( '.', '-', preg_replace( '/^([.0-9]+).*/', '$1', $wp_version ) ); 
  1111. $admin_body_class .= ' admin-color-' . sanitize_html_class( get_user_option( 'admin_color' ), 'fresh' ); 
  1112. $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_user_locale() ) ) ); 
  1113.  
  1114. /** This filter is documented in wp-admin/admin-header.php */ 
  1115. $admin_body_classes = apply_filters( 'admin_body_class', '' ); 
  1116.  
  1117. ?> 
  1118. <body class="wp-admin wp-core-ui <?php echo $admin_body_classes . ' ' . $admin_body_class; ?>"> 
  1119. <div id="adminbar" class="adminbar"> 
  1120. <h1 id="current-site" class="current-site"> 
  1121. <a class="current-site-link" href="<?php echo esc_url( home_url( '/' ) ); ?>" target="_blank" rel="home"> 
  1122. <span class="dashicons dashicons-wordpress"></span> 
  1123. <span class="current-site-name"><?php bloginfo( 'name' ); ?></span> 
  1124. </a> 
  1125. </h1> 
  1126. <button type="button" class="options button-link closed"> 
  1127. <span class="dashicons dashicons-tag on-closed"></span> 
  1128. <span class="screen-reader-text on-closed"><?php _e( 'Show post options' ); ?></span> 
  1129. <span aria-hidden="true" class="on-open"><?php _e( 'Done' ); ?></span> 
  1130. <span class="screen-reader-text on-open"><?php _e( 'Hide post options' ); ?></span> 
  1131. </button> 
  1132. </div> 
  1133.  
  1134. <div id="scanbar" class="scan"> 
  1135. <form method="GET"> 
  1136. <label for="url-scan" class="screen-reader-text"><?php _e( 'Scan site for content' ); ?></label> 
  1137. <input type="url" name="u" id="url-scan" class="scan-url" value="<?php echo esc_attr( $site_data['u'] ) ?>" placeholder="<?php esc_attr_e( 'Enter a URL to scan' ) ?>" /> 
  1138. <input type="submit" name="url-scan-submit" id="url-scan-submit" class="scan-submit" value="<?php esc_attr_e( 'Scan' ) ?>" /> 
  1139. <?php wp_nonce_field( 'scan-site' ); ?> 
  1140. </form> 
  1141. </div> 
  1142.  
  1143. <form id="pressthis-form" method="post" action="post.php" autocomplete="off"> 
  1144. <input type="hidden" name="post_ID" id="post_ID" value="<?php echo $post_ID; ?>" /> 
  1145. <input type="hidden" name="action" value="press-this-save-post" /> 
  1146. <input type="hidden" name="post_status" id="post_status" value="draft" /> 
  1147. <input type="hidden" name="wp-preview" id="wp-preview" value="" /> 
  1148. <input type="hidden" name="post_title" id="post_title" value="" /> 
  1149. <input type="hidden" name="pt-force-redirect" id="pt-force-redirect" value="" /> 
  1150. <?php 
  1151.  
  1152. wp_nonce_field( 'update-post_' . $post_ID, '_wpnonce', false ); 
  1153. wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); 
  1154.  
  1155. ?> 
  1156.  
  1157. <div class="wrapper"> 
  1158. <div class="editor-wrapper"> 
  1159. <div class="alerts" role="alert" aria-live="assertive" aria-relevant="all" aria-atomic="true"> 
  1160. <?php 
  1161.  
  1162. if ( isset( $data['v'] ) && $this->version > $data['v'] ) { 
  1163. ?> 
  1164. <p class="alert is-notice"> 
  1165. <?php printf( __( 'You should upgrade <a href="%s" target="_blank">your bookmarklet</a> to the latest version!' ), admin_url( 'tools.php' ) ); ?> 
  1166. </p> 
  1167. <?php 
  1168.  
  1169. ?> 
  1170. </div> 
  1171.  
  1172. <div id="app-container" class="editor"> 
  1173. <span id="title-container-label" class="post-title-placeholder" aria-hidden="true"><?php _e( 'Post title' ); ?></span> 
  1174. <h2 id="title-container" class="post-title" contenteditable="true" spellcheck="true" aria-label="<?php esc_attr_e( 'Post title' ); ?>" tabindex="0"><?php echo esc_html( $post_title ); ?></h2> 
  1175.  
  1176. <div class="media-list-container"> 
  1177. <div class="media-list-inner-container"> 
  1178. <h2 class="screen-reader-text"><?php _e( 'Suggested media' ); ?></h2> 
  1179. <ul class="media-list"></ul> 
  1180. </div> 
  1181. </div> 
  1182.  
  1183. <?php 
  1184. wp_editor( $post_content, 'pressthis', array( 
  1185. 'drag_drop_upload' => true,  
  1186. 'editor_height' => 600,  
  1187. 'media_buttons' => false,  
  1188. 'textarea_name' => 'post_content',  
  1189. 'teeny' => true,  
  1190. 'tinymce' => array( 
  1191. 'resize' => false,  
  1192. 'wordpress_adv_hidden' => false,  
  1193. 'add_unload_trigger' => false,  
  1194. 'statusbar' => false,  
  1195. 'autoresize_min_height' => 600,  
  1196. 'wp_autoresize_on' => true,  
  1197. 'plugins' => 'lists, media, paste, tabfocus, fullscreen, wordpress, wpautoresize, wpeditimage, wpgallery, wplink, wptextpattern, wpview',  
  1198. 'toolbar1' => 'bold, italic, bullist, numlist, blockquote, link, unlink',  
  1199. 'toolbar2' => 'undo, redo',  
  1200. ),  
  1201. 'quicktags' => array( 
  1202. 'buttons' => 'strong, em, link, block, del, ins, img, ul, ol, li, code, more',  
  1203. ),  
  1204. ) ); 
  1205.  
  1206. ?> 
  1207. </div> 
  1208. </div> 
  1209.  
  1210. <div class="options-panel-back is-hidden" tabindex="-1"></div> 
  1211. <div class="options-panel is-off-screen is-hidden" tabindex="-1"> 
  1212. <div class="post-options"> 
  1213.  
  1214. <?php if ( $supports_formats ) : ?> 
  1215. <button type="button" class="button-link post-option"> 
  1216. <span class="dashicons dashicons-admin-post"></span> 
  1217. <span class="post-option-title"><?php _ex( 'Format', 'post format' ); ?></span> 
  1218. <span class="post-option-contents" id="post-option-post-format"><?php echo esc_html( get_post_format_string( $post_format ) ); ?></span> 
  1219. <span class="dashicons post-option-forward"></span> 
  1220. </button> 
  1221. <?php endif; ?> 
  1222.  
  1223. <?php if ( $show_categories ) : ?> 
  1224. <button type="button" class="button-link post-option"> 
  1225. <span class="dashicons dashicons-category"></span> 
  1226. <span class="post-option-title"><?php _e( 'Categories' ); ?></span> 
  1227. <span class="dashicons post-option-forward"></span> 
  1228. </button> 
  1229. <?php endif; ?> 
  1230.  
  1231. <?php if ( $show_tags ) : ?> 
  1232. <button type="button" class="button-link post-option"> 
  1233. <span class="dashicons dashicons-tag"></span> 
  1234. <span class="post-option-title"><?php _e( 'Tags' ); ?></span> 
  1235. <span class="dashicons post-option-forward"></span> 
  1236. </button> 
  1237. <?php endif; ?> 
  1238. </div> 
  1239.  
  1240. <?php if ( $supports_formats ) : ?> 
  1241. <div class="setting-modal is-off-screen is-hidden"> 
  1242. <button type="button" class="button-link modal-close"> 
  1243. <span class="dashicons post-option-back"></span> 
  1244. <span class="setting-title" aria-hidden="true"><?php _ex( 'Format', 'post format' ); ?></span> 
  1245. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1246. </button> 
  1247. <?php $this->post_formats_html( $post ); ?> 
  1248. </div> 
  1249. <?php endif; ?> 
  1250.  
  1251. <?php if ( $show_categories ) : ?> 
  1252. <div class="setting-modal is-off-screen is-hidden"> 
  1253. <button type="button" class="button-link modal-close"> 
  1254. <span class="dashicons post-option-back"></span> 
  1255. <span class="setting-title" aria-hidden="true"><?php _e( 'Categories' ); ?></span> 
  1256. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1257. </button> 
  1258. <?php $this->categories_html( $post ); ?> 
  1259. </div> 
  1260. <?php endif; ?> 
  1261.  
  1262. <?php if ( $show_tags ) : ?> 
  1263. <div class="setting-modal tags is-off-screen is-hidden"> 
  1264. <button type="button" class="button-link modal-close"> 
  1265. <span class="dashicons post-option-back"></span> 
  1266. <span class="setting-title" aria-hidden="true"><?php _e( 'Tags' ); ?></span> 
  1267. <span class="screen-reader-text"><?php _e( 'Back to post options' ) ?></span> 
  1268. </button> 
  1269. <?php $this->tags_html( $post ); ?> 
  1270. </div> 
  1271. <?php endif; ?> 
  1272. </div><!-- .options-panel --> 
  1273. </div><!-- .wrapper --> 
  1274.  
  1275. <div class="press-this-actions"> 
  1276. <div class="pressthis-media-buttons"> 
  1277. <button type="button" class="insert-media button-link" data-editor="pressthis"> 
  1278. <span class="dashicons dashicons-admin-media"></span> 
  1279. <span class="screen-reader-text"><?php _e( 'Add Media' ); ?></span> 
  1280. </button> 
  1281. </div> 
  1282. <div class="post-actions"> 
  1283. <span class="spinner"> </span> 
  1284. <div class="split-button"> 
  1285. <div class="split-button-head"> 
  1286. <button type="button" class="publish-button split-button-primary" aria-live="polite"> 
  1287. <span class="publish"><?php echo ( current_user_can( 'publish_posts' ) ) ? __( 'Publish' ) : __( 'Submit for Review' ); ?></span> 
  1288. <span class="saving-draft"><?php _e( 'Saving…' ); ?></span> 
  1289. </button><button type="button" class="split-button-toggle" aria-haspopup="true" aria-expanded="false"> 
  1290. <i class="dashicons dashicons-arrow-down-alt2"></i> 
  1291. <span class="screen-reader-text"><?php _e('More actions'); ?></span> 
  1292. </button> 
  1293. </div> 
  1294. <ul class="split-button-body"> 
  1295. <li><button type="button" class="button-link draft-button split-button-option"><?php _e( 'Save Draft' ); ?></button></li> 
  1296. <li><button type="button" class="button-link standard-editor-button split-button-option"><?php _e( 'Standard Editor' ); ?></button></li> 
  1297. <li><button type="button" class="button-link preview-button split-button-option"><?php _e( 'Preview' ); ?></button></li> 
  1298. </ul> 
  1299. </div> 
  1300. </div> 
  1301. </div> 
  1302. </form> 
  1303.  
  1304. <?php 
  1305. /** This action is documented in wp-admin/admin-footer.php */ 
  1306. do_action( 'admin_footer' ); 
  1307.  
  1308. /** This action is documented in wp-admin/admin-footer.php */ 
  1309. do_action( 'admin_print_footer_scripts-press-this.php' ); 
  1310.  
  1311. /** This action is documented in wp-admin/admin-footer.php */ 
  1312. do_action( 'admin_print_footer_scripts' ); 
  1313.  
  1314. /** This action is documented in wp-admin/admin-footer.php */ 
  1315. do_action( 'admin_footer-press-this.php' ); 
  1316. ?> 
  1317. </body> 
  1318. </html> 
  1319. <?php 
  1320. die();