[ Index ]

PHP Cross Reference of WordPress

title

Body

[close]

/ -> wp-mail.php (source)

   1  <?php
   2  /**
   3   * Gets the email message from the user's mailbox to add as
   4   * a WordPress post. Mailbox connection information must be
   5   * configured under Settings > Writing
   6   *
   7   * @package WordPress
   8   */
   9  
  10  /** Make sure that the WordPress bootstrap has run before continuing. */
  11  require  __DIR__ . '/wp-load.php';
  12  
  13  /** This filter is documented in wp-admin/options.php */
  14  if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) {
  15      wp_die( __( 'This action has been disabled by the administrator.' ), 403 );
  16  }
  17  
  18  $mailserver_url = get_option( 'mailserver_url' );
  19  
  20  if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) {
  21      wp_die( __( 'This action has been disabled by the administrator.' ), 403 );
  22  }
  23  
  24  /**
  25   * Fires to allow a plugin to do a complete takeover of Post by Email.
  26   *
  27   * @since 2.9.0
  28   */
  29  do_action( 'wp-mail.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
  30  
  31  /** Get the POP3 class with which to access the mailbox. */
  32  require_once ABSPATH . WPINC . '/class-pop3.php';
  33  
  34  /** Only check at this interval for new messages. */
  35  if ( ! defined( 'WP_MAIL_INTERVAL' ) ) {
  36      define( 'WP_MAIL_INTERVAL', 5 * MINUTE_IN_SECONDS );
  37  }
  38  
  39  $last_checked = get_transient( 'mailserver_last_checked' );
  40  
  41  if ( $last_checked ) {
  42      wp_die( __( 'Slow down cowboy, no need to check for new mails so often!' ) );
  43  }
  44  
  45  set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL );
  46  
  47  $time_difference = get_option( 'gmt_offset' ) * HOUR_IN_SECONDS;
  48  
  49  $phone_delim = '::';
  50  
  51  $pop3 = new POP3();
  52  
  53  if ( ! $pop3->connect( get_option( 'mailserver_url' ), get_option( 'mailserver_port' ) ) || ! $pop3->user( get_option( 'mailserver_login' ) ) ) {
  54      wp_die( esc_html( $pop3->ERROR ) );
  55  }
  56  
  57  $count = $pop3->pass( get_option( 'mailserver_pass' ) );
  58  
  59  if ( false === $count ) {
  60      wp_die( esc_html( $pop3->ERROR ) );
  61  }
  62  
  63  if ( 0 === $count ) {
  64      $pop3->quit();
  65      wp_die( __( 'There does not seem to be any new mail.' ) );
  66  }
  67  
  68  for ( $i = 1; $i <= $count; $i++ ) {
  69  
  70      $message = $pop3->get( $i );
  71  
  72      $bodysignal                = false;
  73      $boundary                  = '';
  74      $charset                   = '';
  75      $content                   = '';
  76      $content_type              = '';
  77      $content_transfer_encoding = '';
  78      $post_author               = 1;
  79      $author_found              = false;
  80      $post_date                 = null;
  81      $post_date_gmt             = null;
  82  
  83      foreach ( $message as $line ) {
  84          // Body signal.
  85          if ( strlen( $line ) < 3 ) {
  86              $bodysignal = true;
  87          }
  88          if ( $bodysignal ) {
  89              $content .= $line;
  90          } else {
  91              if ( preg_match( '/Content-Type: /i', $line ) ) {
  92                  $content_type = trim( $line );
  93                  $content_type = substr( $content_type, 14, strlen( $content_type ) - 14 );
  94                  $content_type = explode( ';', $content_type );
  95                  if ( ! empty( $content_type[1] ) ) {
  96                      $charset = explode( '=', $content_type[1] );
  97                      $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1] ) : '';
  98                  }
  99                  $content_type = $content_type[0];
 100              }
 101              if ( preg_match( '/Content-Transfer-Encoding: /i', $line ) ) {
 102                  $content_transfer_encoding = trim( $line );
 103                  $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen( $content_transfer_encoding ) - 27 );
 104                  $content_transfer_encoding = explode( ';', $content_transfer_encoding );
 105                  $content_transfer_encoding = $content_transfer_encoding[0];
 106              }
 107              if ( ( 'multipart/alternative' === $content_type ) && ( false !== strpos( $line, 'boundary="' ) ) && ( '' === $boundary ) ) {
 108                  $boundary = trim( $line );
 109                  $boundary = explode( '"', $boundary );
 110                  $boundary = $boundary[1];
 111              }
 112              if ( preg_match( '/Subject: /i', $line ) ) {
 113                  $subject = trim( $line );
 114                  $subject = substr( $subject, 9, strlen( $subject ) - 9 );
 115                  // Captures any text in the subject before $phone_delim as the subject.
 116                  if ( function_exists( 'iconv_mime_decode' ) ) {
 117                      $subject = iconv_mime_decode( $subject, 2, get_option( 'blog_charset' ) );
 118                  } else {
 119                      $subject = wp_iso_descrambler( $subject );
 120                  }
 121                  $subject = explode( $phone_delim, $subject );
 122                  $subject = $subject[0];
 123              }
 124  
 125              /*
 126               * Set the author using the email address (From or Reply-To, the last used)
 127               * otherwise use the site admin.
 128               */
 129              if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) {
 130                  if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches ) ) {
 131                      $author = $matches[0];
 132                  } else {
 133                      $author = trim( $line );
 134                  }
 135                  $author = sanitize_email( $author );
 136                  if ( is_email( $author ) ) {
 137                      /* translators: %s: Post author email address. */
 138                      echo '<p>' . sprintf( __( 'Author is %s' ), $author ) . '</p>';
 139                      $userdata = get_user_by( 'email', $author );
 140                      if ( ! empty( $userdata ) ) {
 141                          $post_author  = $userdata->ID;
 142                          $author_found = true;
 143                      }
 144                  }
 145              }
 146  
 147              if ( preg_match( '/Date: /i', $line ) ) { // Of the form '20 Mar 2002 20:32:37 +0100'.
 148                  $ddate = str_replace( 'Date: ', '', trim( $line ) );
 149                  // Remove parenthesised timezone string if it exists, as this confuses strtotime().
 150                  $ddate           = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate );
 151                  $ddate_timestamp = strtotime( $ddate );
 152                  $post_date       = gmdate( 'Y-m-d H:i:s', $ddate_timestamp + $time_difference );
 153                  $post_date_gmt   = gmdate( 'Y-m-d H:i:s', $ddate_timestamp );
 154              }
 155          }
 156      }
 157  
 158      // Set $post_status based on $author_found and on author's publish_posts capability.
 159      if ( $author_found ) {
 160          $user        = new WP_User( $post_author );
 161          $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending';
 162      } else {
 163          // Author not found in DB, set status to pending. Author already set to admin.
 164          $post_status = 'pending';
 165      }
 166  
 167      $subject = trim( $subject );
 168  
 169      if ( 'multipart/alternative' === $content_type ) {
 170          $content = explode( '--' . $boundary, $content );
 171          $content = $content[2];
 172  
 173          // Match case-insensitive content-transfer-encoding.
 174          if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) {
 175              $content = explode( $delim[0], $content );
 176              $content = $content[1];
 177          }
 178          $content = strip_tags( $content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>' );
 179      }
 180      $content = trim( $content );
 181  
 182      /**
 183       * Filters the original content of the email.
 184       *
 185       * Give Post-By-Email extending plugins full access to the content, either
 186       * the raw content, or the content of the last quoted-printable section.
 187       *
 188       * @since 2.8.0
 189       *
 190       * @param string $content The original email content.
 191       */
 192      $content = apply_filters( 'wp_mail_original_content', $content );
 193  
 194      if ( false !== stripos( $content_transfer_encoding, 'quoted-printable' ) ) {
 195          $content = quoted_printable_decode( $content );
 196      }
 197  
 198      if ( function_exists( 'iconv' ) && ! empty( $charset ) ) {
 199          $content = iconv( $charset, get_option( 'blog_charset' ), $content );
 200      }
 201  
 202      // Captures any text in the body after $phone_delim as the body.
 203      $content = explode( $phone_delim, $content );
 204      $content = empty( $content[1] ) ? $content[0] : $content[1];
 205  
 206      $content = trim( $content );
 207  
 208      /**
 209       * Filters the content of the post submitted by email before saving.
 210       *
 211       * @since 1.2.0
 212       *
 213       * @param string $content The email content.
 214       */
 215      $post_content = apply_filters( 'phone_content', $content );
 216  
 217      $post_title = xmlrpc_getposttitle( $content );
 218  
 219      if ( '' === trim( $post_title ) ) {
 220          $post_title = $subject;
 221      }
 222  
 223      $post_category = array( get_option( 'default_email_category' ) );
 224  
 225      $post_data = compact( 'post_content', 'post_title', 'post_date', 'post_date_gmt', 'post_author', 'post_category', 'post_status' );
 226      $post_data = wp_slash( $post_data );
 227  
 228      $post_ID = wp_insert_post( $post_data );
 229      if ( is_wp_error( $post_ID ) ) {
 230          echo "\n" . $post_ID->get_error_message();
 231      }
 232  
 233      // We couldn't post, for whatever reason. Better move forward to the next email.
 234      if ( empty( $post_ID ) ) {
 235          continue;
 236      }
 237  
 238      /**
 239       * Fires after a post submitted by email is published.
 240       *
 241       * @since 1.2.0
 242       *
 243       * @param int $post_ID The post ID.
 244       */
 245      do_action( 'publish_phone', $post_ID );
 246  
 247      echo "\n<p><strong>" . __( 'Author:' ) . '</strong> ' . esc_html( $post_author ) . '</p>';
 248      echo "\n<p><strong>" . __( 'Posted title:' ) . '</strong> ' . esc_html( $post_title ) . '</p>';
 249  
 250      if ( ! $pop3->delete( $i ) ) {
 251          echo '<p>' . sprintf(
 252              /* translators: %s: POP3 error. */
 253              __( 'Oops: %s' ),
 254              esc_html( $pop3->ERROR )
 255          ) . '</p>';
 256          $pop3->reset();
 257          exit;
 258      } else {
 259          echo '<p>' . sprintf(
 260              /* translators: %s: The message ID. */
 261              __( 'Mission complete. Message %s deleted.' ),
 262              '<strong>' . $i . '</strong>'
 263          ) . '</p>';
 264      }
 265  }
 266  
 267  $pop3->quit();


Generated: Sat Dec 21 01:00:02 2024 Cross-referenced by PHPXref 0.7.1