| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Gets the email message from the user's mailbox to add as 4 * a WordPress post. Mailbox connection information must be 5 * configured under Settings > Writing 6 * 7 * @package WordPress 8 */ 9 10 /** Make sure that the WordPress bootstrap has run before continuing. */ 11 require __DIR__ . '/wp-load.php'; 12 13 /** This filter is documented in wp-admin/options.php */ 14 if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) { 15 wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); 16 } 17 18 $mailserver_url = get_option( 'mailserver_url' ); 19 20 if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) { 21 wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); 22 } 23 24 /** 25 * Fires to allow a plugin to do a complete takeover of Post by Email. 26 * 27 * @since 2.9.0 28 */ 29 do_action( 'wp-mail.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores 30 31 /** Get the POP3 class with which to access the mailbox. */ 32 require_once ABSPATH . WPINC . '/class-pop3.php'; 33 34 /** Only check at this interval for new messages. */ 35 if ( ! defined( 'WP_MAIL_INTERVAL' ) ) { 36 define( 'WP_MAIL_INTERVAL', 5 * MINUTE_IN_SECONDS ); 37 } 38 39 $last_checked = get_transient( 'mailserver_last_checked' ); 40 41 if ( $last_checked ) { 42 wp_die( 43 sprintf( 44 // translators: %s human readable rate limit. 45 __( 'Email checks are rate limited to once every %s.' ), 46 human_time_diff( time() - WP_MAIL_INTERVAL, time() ) 47 ), 48 __( 'Slow down, no need to check for new mails so often!' ), 49 429 50 ); 51 } 52 53 set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL ); 54 55 $time_difference = (int) ( (float) get_option( 'gmt_offset' ) * HOUR_IN_SECONDS ); 56 57 $phone_delim = '::'; 58 59 $pop3 = new POP3(); 60 61 if ( ! $pop3->connect( get_option( 'mailserver_url' ), get_option( 'mailserver_port' ) ) || ! $pop3->user( get_option( 'mailserver_login' ) ) ) { 62 wp_die( esc_html( $pop3->ERROR ) ); 63 } 64 65 $count = $pop3->pass( get_option( 'mailserver_pass' ) ); 66 67 if ( false === $count ) { 68 wp_die( esc_html( $pop3->ERROR ) ); 69 } 70 71 if ( 0 === $count ) { 72 $pop3->quit(); 73 wp_die( __( 'There does not seem to be any new mail.' ) ); 74 } 75 76 // Always run as an unauthenticated user. 77 wp_set_current_user( 0 ); 78 79 for ( $i = 1; $i <= $count; $i++ ) { 80 81 $message = $pop3->get( $i ); 82 83 $bodysignal = false; 84 $boundary = ''; 85 $charset = ''; 86 $content = ''; 87 $content_type = ''; 88 $content_transfer_encoding = ''; 89 $post_author = 1; 90 $author_found = false; 91 $post_date = null; 92 $post_date_gmt = null; 93 94 foreach ( $message as $line ) { 95 // Body signal. 96 if ( strlen( $line ) < 3 ) { 97 $bodysignal = true; 98 } 99 if ( $bodysignal ) { 100 $content .= $line; 101 } else { 102 if ( preg_match( '/Content-Type: /i', $line ) ) { 103 $content_type = trim( $line ); 104 $content_type = substr( $content_type, 14, strlen( $content_type ) - 14 ); 105 $content_type = explode( ';', $content_type ); 106 if ( ! empty( $content_type[1] ) ) { 107 $charset = explode( '=', $content_type[1] ); 108 $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1] ) : ''; 109 } 110 $content_type = $content_type[0]; 111 } 112 if ( preg_match( '/Content-Transfer-Encoding: /i', $line ) ) { 113 $content_transfer_encoding = trim( $line ); 114 $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen( $content_transfer_encoding ) - 27 ); 115 $content_transfer_encoding = explode( ';', $content_transfer_encoding ); 116 $content_transfer_encoding = $content_transfer_encoding[0]; 117 } 118 if ( 'multipart/alternative' === $content_type && str_contains( $line, 'boundary="' ) && '' === $boundary ) { 119 $boundary = trim( $line ); 120 $boundary = explode( '"', $boundary ); 121 $boundary = $boundary[1]; 122 } 123 if ( preg_match( '/Subject: /i', $line ) ) { 124 $subject = trim( $line ); 125 $subject = substr( $subject, 9, strlen( $subject ) - 9 ); 126 // Captures any text in the subject before $phone_delim as the subject. 127 if ( function_exists( 'iconv_mime_decode' ) ) { 128 $subject = iconv_mime_decode( $subject, 2, get_option( 'blog_charset' ) ); 129 } else { 130 $subject = wp_iso_descrambler( $subject ); 131 } 132 $subject = explode( $phone_delim, $subject ); 133 $subject = $subject[0]; 134 } 135 136 /* 137 * Set the author using the email address (From or Reply-To, the last used) 138 * otherwise use the site admin. 139 */ 140 if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) { 141 if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches ) ) { 142 $author = $matches[0]; 143 } else { 144 $author = trim( $line ); 145 } 146 $author = sanitize_email( $author ); 147 if ( is_email( $author ) ) { 148 $userdata = get_user_by( 'email', $author ); 149 if ( ! empty( $userdata ) ) { 150 $post_author = $userdata->ID; 151 $author_found = true; 152 } 153 } 154 } 155 156 if ( preg_match( '/Date: /i', $line ) ) { // Of the form '20 Mar 2002 20:32:37 +0100'. 157 $ddate = str_replace( 'Date: ', '', trim( $line ) ); 158 // Remove parenthesized timezone string if it exists, as this confuses strtotime(). 159 $ddate = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate ); 160 $ddate_timestamp = strtotime( $ddate ); 161 $post_date = gmdate( 'Y-m-d H:i:s', $ddate_timestamp + $time_difference ); 162 $post_date_gmt = gmdate( 'Y-m-d H:i:s', $ddate_timestamp ); 163 } 164 } 165 } 166 167 // Set $post_status based on $author_found and on author's publish_posts capability. 168 if ( $author_found ) { 169 $user = new WP_User( $post_author ); 170 $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending'; 171 } else { 172 // Author not found in DB, set status to pending. Author already set to admin. 173 $post_status = 'pending'; 174 } 175 176 $subject = trim( $subject ); 177 178 if ( 'multipart/alternative' === $content_type ) { 179 $content = explode( '--' . $boundary, $content ); 180 $content = $content[2]; 181 182 // Match case-insensitive Content-Transfer-Encoding. 183 if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) { 184 $content = explode( $delim[0], $content ); 185 $content = $content[1]; 186 } 187 $content = strip_tags( $content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>' ); 188 } 189 $content = trim( $content ); 190 191 /** 192 * Filters the original content of the email. 193 * 194 * Give Post-By-Email extending plugins full access to the content, either 195 * the raw content, or the content of the last quoted-printable section. 196 * 197 * @since 2.8.0 198 * 199 * @param string $content The original email content. 200 */ 201 $content = apply_filters( 'wp_mail_original_content', $content ); 202 203 if ( false !== stripos( $content_transfer_encoding, 'quoted-printable' ) ) { 204 $content = quoted_printable_decode( $content ); 205 } 206 207 if ( function_exists( 'iconv' ) && ! empty( $charset ) ) { 208 $content = iconv( $charset, get_option( 'blog_charset' ), $content ); 209 } 210 211 // Captures any text in the body after $phone_delim as the body. 212 $content = explode( $phone_delim, $content ); 213 $content = empty( $content[1] ) ? $content[0] : $content[1]; 214 215 $content = trim( $content ); 216 217 /** 218 * Filters the content of the post submitted by email before saving. 219 * 220 * @since 1.2.0 221 * 222 * @param string $content The email content. 223 */ 224 $post_content = apply_filters( 'phone_content', $content ); 225 226 $post_title = xmlrpc_getposttitle( $content ); 227 228 if ( '' === trim( $post_title ) ) { 229 $post_title = $subject; 230 } 231 232 $post_category = array( get_option( 'default_email_category' ) ); 233 234 $post_data = compact( 'post_content', 'post_title', 'post_date', 'post_date_gmt', 'post_author', 'post_category', 'post_status' ); 235 $post_data = wp_slash( $post_data ); 236 237 $post_ID = wp_insert_post( $post_data ); 238 if ( is_wp_error( $post_ID ) ) { 239 echo "\n" . $post_ID->get_error_message(); 240 } 241 242 // The post wasn't inserted or updated, for whatever reason. Better move forward to the next email. 243 if ( empty( $post_ID ) ) { 244 continue; 245 } 246 247 /** 248 * Fires after a post submitted by email is published. 249 * 250 * @since 1.2.0 251 * 252 * @param int $post_ID The post ID. 253 */ 254 do_action( 'publish_phone', $post_ID ); 255 256 echo "\n<p><strong>" . __( 'Author:' ) . '</strong> ' . esc_html( $post_author ) . '</p>'; 257 echo "\n<p><strong>" . __( 'Posted title:' ) . '</strong> ' . esc_html( $post_title ) . '</p>'; 258 259 if ( ! $pop3->delete( $i ) ) { 260 echo '<p>' . sprintf( 261 /* translators: %s: POP3 error. */ 262 __( 'Oops: %s' ), 263 esc_html( $pop3->ERROR ) 264 ) . '</p>'; 265 $pop3->reset(); 266 exit; 267 } else { 268 echo '<p>' . sprintf( 269 /* translators: %s: The message ID. */ 270 __( 'Mission complete. Message %s deleted.' ), 271 '<strong>' . $i . '</strong>' 272 ) . '</p>'; 273 } 274 } 275 276 $pop3->quit();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Sun Mar 9 08:20:01 2025 | Cross-referenced by PHPXref |