Commit b62e9757 authored by lucha's avatar lucha

[auto] plugin: feedwordpress 2017.1004

parent 4dbddc0e
......@@ -194,15 +194,25 @@ class FeedWordPressFeedsPage extends FeedWordPressAdminPage {
</select>
<div id="cron-job-explanation" class="setting-description">
<p><?php
$path = `which curl`; $opts = '--silent %s';
if (is_null($path) or strlen(trim($path))==0) :
// Do we have shell_exec() available from here, or is it disabled for security reasons?
// If it's available, use it to execute `which` to try to get a realistic path to curl,
// or to wget. If everything fails or shell_exec() isn't available, then just make
// up something for the sake of example.
$shellExecAvailable = (is_callable('shell_exec') && false === stripos(ini_get('disable_functions'), 'shell_exec'));
if ($shellExecAvailable) :
$path = `which curl`; $opts = '--silent %s';
endif;
if ($shellExecAvailable and (is_null($path) or strlen(trim($path))==0)) :
$path = `which wget`; $opts = '-q -O - %s';
if (is_null($path) or strlen(trim($path))==0) :
$path = '/usr/bin/curl'; $opts = '--silent %s';
endif;
endif;
if (is_null($path) or strlen(trim($path))==0) :
$path = '/usr/bin/curl'; $opts = '--silent %s';
endif;
$path = preg_replace('/\n+$/', '', $path);
$crontab = `crontab -l`;
$cmdline = $path . ' ' . sprintf($opts, get_bloginfo('url').'?update_feedwordpress=1');
......
......@@ -3,7 +3,7 @@
Plugin Name: FeedWordPress
Plugin URI: http://feedwordpress.radgeek.com/
Description: simple and flexible Atom/RSS syndication for WordPress
Version: 2016.1213
Version: 2017.1004
Author: Charles Johnson
Author URI: http://radgeek.com/
License: GPL
......@@ -11,7 +11,7 @@ License: GPL
/**
* @package FeedWordPress
* @version 2016.1213
* @version 2017.1004
*/
# This uses code derived from:
......@@ -32,7 +32,7 @@ License: GPL
# -- Don't change these unless you know what you're doing...
define ('FEEDWORDPRESS_VERSION', '2016.1213');
define ('FEEDWORDPRESS_VERSION', '2017.1004');
define ('FEEDWORDPRESS_AUTHOR_CONTACT', 'http://radgeek.com/contact');
if (!defined('FEEDWORDPRESS_BLEG')) :
......@@ -634,7 +634,7 @@ function syndication_comments_feed_link ($link) {
$source = get_syndication_feed_object();
$replacement = NULL;
if ($source->setting('munge comments feed links', 'munge_comments_feed_links', 'yes') != 'no') :
if (is_object($source) && $source->setting('munge comments feed links', 'munge_comments_feed_links', 'yes') != 'no') :
$commentFeeds = get_post_custom_values('wfw:commentRSS');
if (
is_array($commentFeeds)
......@@ -1823,7 +1823,8 @@ class FeedWordPress {
// Explicit update request in the HTTP request (e.g. from a cron job)
if (self::update_requested()) :
/*DBG*/ header("Content-Type: text/plain");
$this->update_hooked = "Initiating a CRON JOB CHECK-IN ON UPDATE SCHEDULE due to URL parameter = ".trim($this->val($_REQUEST['update_feedwordpress']));
$this->update($this->update_requested_url());
......
......@@ -93,7 +93,9 @@ class FeedWordPressLocalPost {
public function feed () {
global $feedwordpress;
$this->link = $feedwordpress->subscription($this->feed_id());
if (is_object($feedwordpress) and method_exists($feedwordpress, 'subscription')) :
$this->link = $feedwordpress->subscription($this->feed_id());
endif;
return $this->link;
}
......
......@@ -701,7 +701,7 @@ class FeedWordPressSyndicationPage extends FeedWordPressAdminPage {
var s = document.createElement('script'), t = document.getElementsByTagName('script')[0];
s.type = 'text/javascript';
s.async = true;
s.src = 'http://api.flattr.com/js/0.6/load.js?mode=auto';
s.src = 'https://api.flattr.com/js/0.6/load.js?mode=auto';
t.parentNode.insertBefore(s, t);
})();
/* ]]> */</script>
......@@ -723,7 +723,7 @@ support, and documentation.</p>
<div style="display: inline-block; vertical-align: middle; ">
<a class="FlattrButton" style="display:none;" href="http://feedwordpress.radgeek.com/"></a>
<noscript>
<a href="http://flattr.com/thing/1380856/FeedWordPress" target="_blank"><img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a>
<a href="https://flattr.com/thing/1380856/FeedWordPress" target="_blank"><img src="https://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a>
</noscript>
<div>via Flattr</div>
......@@ -865,7 +865,7 @@ regular donation</a>) using an existing PayPal account or any major credit card.
foreach ($alter as $sql) :
$result = $wpdb->query($sql);
if (!$result):
$errs[] = mysql_error();
$errs[] = $wpdb->last_error;
endif;
endforeach;
......@@ -988,7 +988,7 @@ regular donation</a>) using an existing PayPal account or any major credit card.
foreach ($alter as $sql) :
$result = $wpdb->query($sql);
if (!$result):
$errs[] = mysql_error();
$errs[] = $wpdb->last_error;
endif;
endforeach;
......@@ -1218,7 +1218,7 @@ has been added as a contributing site, using the feed at
&lt;<a href="<?php print $fwp_post['feed']; ?>"><?php print esc_html($fwp_post['feed']); ?></a>&gt;.
| <a href="admin.php?page=<?php print $fwp_path; ?>/feeds-page.php&amp;link_id=<?php print $link_id; ?>">Configure settings</a>.</p></div>
<?php else: ?>
<div class="updated"><p>There was a problem adding the feed. [SQL: <?php echo esc_html(mysql_error()); ?>]</p></div>
<div class="updated"><p>There was a problem adding the feed. [SQL: <?php echo esc_html($wpdb->last_error); ?>]</p></div>
<?php endif;
elseif (isset($fwp_post['save_link_id'])):
$existingLink = new SyndicatedLink($fwp_post['save_link_id']);
......
......@@ -3,8 +3,8 @@ Contributors: Charles Johnson
Donate link: http://feedwordpress.radgeek.com/
Tags: syndication, aggregation, feed, atom, rss
Requires at least: 4.5
Tested up to: 4.7
Stable tag: 2016.1213
Tested up to: 4.8.2
Stable tag: 2017.1004
FeedWordPress syndicates content from feeds you choose into your WordPress weblog.
......@@ -93,9 +93,42 @@ outs, see the documentation at the [FeedWordPress project homepage][].
== Changelog ==
= 2017.0913 =
* PARTIAL FIX FOR 2X DUPLICATE POSTS APPEARING ON DUAL HTTP/HTTPS SITES: Some
users reported an issue in which their FeedWordPress sites, which are over
both insecure HTTP and over HTTPS, would pick up exactly 2 copies of every
post or almost every post from certain feeds, and where the guids for each
of the pair of duplicate posts would look exactly alike, except for a
difference in the protocol, for example:
http://www.example.com/?guid=c1cd28da39e8d7babcf6499983aca545
https://www.example.com/?guid=c1cd28da39e8d7babcf6499983aca545
... where www.example.com is the server that your own copy of FeedWordPress
is installed. This release of FeedWordPress normalizes post guid prefixes
so as to avoid or limit the scope of this problem.
* PHP 7 Compatibility: eliminate remaining sources of PHP 7 compatibility-check
failures -- remove the use of depreciated mysql_error() function, and make
sure all classes make use of __construct() convention for constructors.
* AVOID "PHP Warning: shell_exec() has been disabled for security reasons in
[...]/feedwordpress/feeds-page.php on line 197": FeedWordPress uses the PHP
shell_exec() function in a very narrowly limited way for information gathering,
trying to find the real path to curl or wget on your system, so that it can
give as realistic as possible a recommendation for the sample crontab line
displayed in Syndication > Feeds & Updates. Some web hosting environments
disable shell_exec for security reasons (since it could in theory be used to
do a lot more stuff than the very limited information gathering FWP uses it
for); in which case, this part of the code in FeedWordPress could spit out
a nasty-looking and potentially worrisome-looking error message. So, now this
code is fenced with checks to make sure that shell_exec is available, before
FWP attempts to make use of it.
= 2016.1213 =
* WORDPRSS BACKWARD COMPATIBILITY FOR VERSIONS [4.5, 4.7]: This change fixes
* WORDPRESS BACKWARD COMPATIBILITY FOR VERSIONS [4.5, 4.7]: This change fixes
a fatal PHP error (on some web server configurations you'd see the message
"Fatal error: require_once(): Failed opening required '[...]/wp-includes/class-wp-feed-cache.php'"
on others, you might just see an HTTP 500 Internal Server Error or a blank
......
......@@ -12,7 +12,7 @@ require_once(dirname(__FILE__).'/syndicatedpostxpathquery.class.php');
* different feed formats, which may be useful to FeedWordPress users
* who make use of feed data in PHP add-ons and filters.
*
* @version 2013.0525
* @version 2017.1004
*/
class SyndicatedPost {
var $item = null; // MagpieRSS representation
......@@ -129,6 +129,7 @@ class SyndicatedPost {
);
$excerpt = apply_filters('syndicated_item_excerpt', $this->excerpt(), $this);
if (!empty($excerpt)):
$this->post['post_excerpt'] = $excerpt;
endif;
......@@ -258,7 +259,6 @@ class SyndicatedPost {
$this->post['post_type'] = apply_filters('syndicated_post_type', $this->link->setting('syndicated post type', 'syndicated_post_type', 'post'), $this);
endif;
} /* SyndicatedPost::__construct() */
#####################################
......@@ -413,18 +413,23 @@ class SyndicatedPost {
$content = $this->content();
// Ignore whitespace, case, and tag cruft.
$theExcerpt = preg_replace('/\s+/', '', strtolower(strip_tags($excerpt)));
$theContent = preg_replace('/\s+/', '', strtolower(strip_tags($content)));
$theExcerpt = preg_replace('/\s+/', '', strtolower(strip_tags(html_entity_decode($excerpt))));
$theContent = preg_replace('/\s+/', '', strtolower(strip_tags(html_entity_decode($content))));
if ( empty($excerpt) or $theExcerpt == $theContent ) :
# If content is available, generate an excerpt.
if ( strlen(trim($content)) > 0 ) :
$excerpt = strip_tags($content);
if (strlen($excerpt) > 255) :
$excerpt = substr($excerpt,0,252).'...';
if (is_object($this->link) and is_object($this->link->simplepie)) :
$encoding = $this->link->simplepie->get_encoding();
else :
$encoding = get_option('blog_charset', 'utf8');
endif;
$excerpt = mb_substr($excerpt,0,252,$encoding).'...';
endif;
endif;
endif;
return $excerpt;
} /* SyndicatedPost::excerpt() */
......@@ -584,9 +589,24 @@ class SyndicatedPost {
return $hash;
} /* SyndicatedPost::update_hash() */
/**
* SyndicatedPost::normalize_guid_prefix(): generates a normalized URL
* prefix (including scheme, authority, full path, and the beginning of
* a query string) for creating guids that conform to WordPress's
* internal constraints on the URL space for valid guids. To create a
* normalized guid, just concatenate a valid URL query parameter value
* to the returned URL.
*
* @return string The URL prefix generated.
*
* @uses trailingslashit()
* @uses home_url()
* @uses apply_filters()
*/
static function normalize_guid_prefix () {
return trailingslashit(get_bloginfo('url')).'?guid=';
}
$url = trailingslashit(home_url(/*path=*/ '', /*scheme=*/ 'http'));
return apply_filters('syndicated_item_guid_normalized_prefix', $url . '?guid=');
} /* SyndicatedPost::normalize_guid_prefix() */
static function normalize_guid ($guid) {
$guid = trim($guid);
......@@ -596,6 +616,23 @@ class SyndicatedPost {
$guid = SyndicatedPost::normalize_guid_prefix().md5($guid);
endif;
$guid = trim($guid);
return $guid;
} /* SyndicatedPost::normalize_guid() */
static function alternative_guid_prefix () {
$url = trailingslashit(home_url(/*path=*/ '', /*scheme=*/ 'https'));
return apply_filters('syndicated_item_guid_normalized_prefix', $url . '?guid=');
}
static function alternative_guid ($guid) {
$guid = trim($guid);
if (preg_match('/^[0-9a-z]{32}$/i', $guid)) : // MD5
$guid = SyndicatedPost::alternative_guid_prefix().strtolower($guid);
elseif ((strlen(esc_url($guid)) == 0) or (esc_url($guid) != $guid)) :
$guid = SyndicatedPost::alternative_guid_prefix().md5($guid);
endif;
$guid = trim($guid);
return $guid;
} /* SyndicatedPost::normalize_guid() */
......@@ -1417,7 +1454,7 @@ class SyndicatedPost {
return $this->_wp_id;
}
function store () {
public function store () {
global $wpdb;
if ($this->filtered()) : // This should never happen.
......@@ -1679,6 +1716,7 @@ class SyndicatedPost {
// Go ahead and insert the first post record to
// anchor the revision history.
$this->_wp_id = wp_insert_post($sdbpost, /*return wp_error=*/ true);
$dbpost['ID'] = $this->_wp_id;
......
......@@ -15,7 +15,7 @@ class SyndicationDataQueries {
$wp->add_query_var('guid');
}
function parse_query (&$q) {
function parse_query ($q) {
if ($q->get('guid')) :
$q->is_single = false; // Causes nasty side-effects.
$q->is_singular = true; // Doesn't?
......@@ -27,18 +27,18 @@ class SyndicationDataQueries {
endif;
} /* SyndicationDataQueries::parse_query () */
function pre_get_posts (&$q) {
function pre_get_posts ($q) {
//
}
function posts_request ($sql, &$query) {
function posts_request ($sql, $query) {
if ($query->get('fields') == '_synfresh') :
FeedWordPress::diagnostic('feed_items:freshness:sql', "SQL: ".$sql);
endif;
return $sql;
}
function posts_search ($search, &$query) {
function posts_search ($search, $query) {
global $wpdb;
if ($guid = $query->get('guid')) :
if (strlen(trim($guid)) > 0) :
......@@ -47,6 +47,7 @@ class SyndicationDataQueries {
// MD5 hashes
if (preg_match('/^[0-9a-f]{32}$/i', $guid)) :
$seek[] = SyndicatedPost::normalize_guid_prefix().$guid;
$seek[] = SyndicatedPost::alternative_guid_prefix().$guid;
endif;
// Invalid URIs, URIs that WordPress just doesn't like, and URIs
......@@ -54,8 +55,9 @@ class SyndicationDataQueries {
$nGuid = SyndicatedPost::normalize_guid($guid);
if ($guid != $nGuid) :
$seek[] = $nGuid;
$seek[] = SyndicatedPost::alternative_guid($guid);
endif;
// Escape to prevent frak-ups, injections, etc.
$seek = array_map('esc_sql', $seek);
......@@ -75,7 +77,7 @@ class SyndicationDataQueries {
return $search;
} /* SyndicationDataQueries::posts_search () */
function posts_where ($where, &$q) {
function posts_where ($where, $q) {
global $wpdb;
// Ugly hack to ensure we ONLY check by guid in syndicated freshness
......@@ -92,7 +94,7 @@ class SyndicationDataQueries {
return $where;
} /* SyndicationDataQueries::post_where () */
function posts_fields ($fields, &$query) {
function posts_fields ($fields, $query) {
global $wpdb;
if ($f = $query->get('fields')) :
switch ($f) :
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment