Changeset 13610
- Timestamp:
- 04/29/2024 07:36:53 AM (10 months ago)
- Location:
- sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory
- Files:
-
- 1 added
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/api/class-base.php
r12999 r13610 40 40 new Routes\Plugin_Upload(); 41 41 new Routes\Plugin_Blueprint(); 42 new Routes\Pending_Plugin(); 42 43 } 43 44 -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/api/routes/class-plugin.php
r13147 r13610 39 39 */ 40 40 function plugin_info( $request ) { 41 $plugin_slug = $request['plugin_slug']; 42 43 global $post; 44 $post = Plugin_Directory::get_plugin_post( $plugin_slug ); 45 46 if ( 'publish' != $post->post_status ) { 41 $post = Plugin_Directory::get_plugin_post( $request['plugin_slug'] ); 42 43 if ( ! $post || 'publish' != $post->post_status ) { 47 44 // Copy what the REST API does if the param is incorrect 48 45 return new \WP_Error( … … 58 55 } 59 56 57 return $this->plugin_info_data( $request, $post ); 58 } 59 60 /** 61 * The underlying API for the plugin information. 62 * 63 * Expects that the input has been validated, and that the $post object is safe for display. 64 * This is shared with/called from Pending_Plugin too. 65 * 66 * @param \WP_REST_Request $request The request object. 67 * @param \WP_Post $post The post object for the plugin. 68 * @return array The formatted array of all the data for the plugin. 69 */ 70 public function plugin_info_data( $request, $post ) { 71 $GLOBALS['post'] = $post; 72 $plugin_slug = $post->post_name; 73 $post_id = $post->ID; 74 60 75 // Support returning API data in different locales, even on wordpress.org (for api.wordpress.org usage) 61 76 if ( ! empty( $request['locale'] ) && ! in_array( strtolower( $request['locale'] ), array( 'en_us', 'en' ) ) ) { 62 77 switch_to_locale( $request['locale'] ); 63 78 } 64 65 $post_id = $post->ID;66 79 67 80 $result = array(); -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php
r13438 r13610 52 52 add_action( 'wp_head', array( Template::class, 'hreflang_link_attributes' ), 2 ); 53 53 add_filter( 'allowed_redirect_hosts', array( $this, 'filter_redirect_hosts' ) ); 54 add_filter( 'wp_get_attachment_url', array( $this, 'add_info_to_zip_url' ), 100, 2 ); 54 55 55 56 // Add no-index headers where appropriate. … … 1832 1833 1833 1834 return update_post_meta( $plugin->ID, 'releases', $releases ); 1835 } 1836 1837 /** 1838 * Add additional context to ZIP urls. 1839 * 1840 * The ZIP URL will have a 'info' key attached which is a rest api URL to information about the plugin. 1841 * 1842 * @param string $url The URL to the ZIP file. 1843 * @param int $attachment_id The attachment ID. 1844 * @return string The URL to the ZIP file. 1845 */ 1846 public function add_info_to_zip_url( $url, $attachment_id ) { 1847 $attachment = get_post( $attachment_id ); 1848 $post = get_post( $attachment->post_parent ); 1849 $token = $post->{'_pending_access_token'} ?? false; 1850 1851 if ( ! $url || ! $attachment || ! $post || ! $token || ! current_user_can( 'edit_post', $post->ID ) ) { 1852 return $url; 1853 } 1854 1855 $url = add_query_arg( 1856 'info', 1857 urlencode( rest_url( sprintf( 1858 'plugins/v1/pending-plugin/%d-%s/', 1859 $post->ID, 1860 $token 1861 ) ) ), 1862 $url 1863 ); 1864 1865 return $url; 1834 1866 } 1835 1867 -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/shortcodes/class-upload-handler.php
r13609 r13610 469 469 // First time submission, track some additional metadata. 470 470 if ( ! $updating_existing ) { 471 $post_args['meta_input']['_author_ip'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] ); 472 $post_args['meta_input']['_submitted_date'] = time(); 473 $post_args['meta_input']['_used_upload_token'] = $has_upload_token; 471 $post_args['meta_input']['_author_ip'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] ); 472 $post_args['meta_input']['_submitted_date'] = time(); 473 $post_args['meta_input']['_used_upload_token'] = $has_upload_token; 474 $post_args['meta_input']['_pending_access_token'] = md5( wp_generate_password( 32, true, true ) ); 474 475 } 475 476
Note: See TracChangeset
for help on using the changeset viewer.