sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

XML-RPC: Have the deprecated login_pass_ok() method wrap login(). Move it below login() so the proper method is found first. see #21907. 

git-svn-id: https://develop.svn.wordpress.org/trunk@21910 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2012-09-19 01:27:21 +00:00
parent 7b999727ce
commit 7854ebaeab
1 changed files with 19 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
wp-includes/class-wp-xmlrpc-server.php
View File

@ -161,49 +161,16 @@ class wp_xmlrpc_server extends IXR_Server {
return $number1 + $number2; return $number1 + $number2;
} }
/**
* Check user's credentials.
*
* @since 1.5.0
*
* @param string $user_login User's username.
* @param string $user_pass User's password.
* @return bool Whether authentication passed.
* @deprecated use wp_xmlrpc_server::login
* @see wp_xmlrpc_server::login
*/
function login_pass_ok($user_login, $user_pass) {
// Respect any old filters against get_option() for 'enable_xmlrpc'.
$enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated
if ( false === $enabled )
$enabled = apply_filters( 'option_enable_xmlrpc', true ); // Deprecated
// Proper filter for turning off XML-RPC. It is on by default.
$enabled = apply_filters( 'xmlrpc_enabled', $enabled );
if ( ! $enabled ) {
$this->error = new IXR_Error( 405, sprintf( __( 'XML-RPC services are disabled on this site.' ) ) );
return false;
}
if (!user_pass_ok($user_login, $user_pass)) {
$this->error = new IXR_Error(403, __('Bad login/pass combination.'));
return false;
}
return true;
}
/** /**
* Log user in. * Log user in.
* *
* @since 2.8 * @since 2.8.0
* *
* @param string $username User's username. * @param string $username User's username.
* @param string $password User's password. * @param string $password User's password.
* @return mixed WP_User object if authentication passed, false otherwise * @return mixed WP_User object if authentication passed, false otherwise
*/ */
function login($username, $password) { function login( $username, $password ) {
// Respect any old filters against get_option() for 'enable_xmlrpc'. // Respect any old filters against get_option() for 'enable_xmlrpc'.
$enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated $enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated
if ( false === $enabled ) if ( false === $enabled )
@ -220,7 +187,7 @@ class wp_xmlrpc_server extends IXR_Server {
$user = wp_authenticate($username, $password); $user = wp_authenticate($username, $password);
if (is_wp_error($user)) { if (is_wp_error($user)) {
$this->error = new IXR_Error(403, __('Bad login/pass combination.')); $this->error = new IXR_Error( 403, __('Bad login/pass combination.' ) );
return false; return false;
} }
@ -228,6 +195,22 @@ class wp_xmlrpc_server extends IXR_Server {
return $user; return $user;
} }
/**
* Check user's credentials. Deprecated.
*
* @since 1.5.0
* @deprecated 2.8.0
* @deprecated use wp_xmlrpc_server::login
* @see wp_xmlrpc_server::login
*
* @param string $username User's username.
* @param string $password User's password.
* @return bool Whether authentication passed.
*/
function login_pass_ok( $username, $password ) {
return (bool) $this->login( $username, $password );
}
/** /**
* Sanitize string or array of strings for database. * Sanitize string or array of strings for database.
* *