Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: 1.3.55
Fetching contributors…

Cannot retrieve contributors at this time

157 lines (127 sloc) 5.503 kb
<?php
if( basename(__FILE__) == basename($_SERVER['SCRIPT_FILENAME']) )
die();
/**
* FeedInterceptor_RS PHP class for the WordPress plugin Role Scoper
* feed-interceptor_rs.php
*
* Provides optional http authentication for RSS feeds.
*
* Also allows replacement of readable RSS feed content with a permalink to the post.
* This may be desirable since browsers sometimes cache the feed content after user logout.
*
* @author Sören Weber, with adaptations by Kevin Behrens
*
*/
define( 'HTTP_AUTH_RS', 'http_auth' );
define( 'PERMALINK_PLACEHOLDER_RS', '%permalink%' );
define( 'RSS_FULL_CONTENT_RS', 'full_content' );
define( 'RSS_EXCERPT_ONLY_RS', 'excerpt_only' );
define( 'RSS_TITLE_ONLY_RS', 'title_only' );
// Override WP's get_currentuserinfo in order to do the login
// via HTTP auth. Adapted from WP core get_currentuserinfo
if ( ! empty($_GET[HTTP_AUTH_RS]) ) {
if ( function_exists( 'get_currentuserinfo' ) )
define( 'HTTP_AUTH_DISABLED_RS', true );
else {
function get_currentuserinfo() {
// Use HTTP auth instead of cookies
global $current_user;
if (!empty($current_user))
return;
// Some apache versions prepend "REDIRECT_" to server variable name, according to http://www.besthostratings.com/articles/http-auth-php-cgi.html
if ( isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && ! isset($_SERVER['HTTP_AUTHORIZATION']) )
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
// Workaround for HTTP Authentication with PHP running as CGI (htaccess rule copies authentication data into HTTP_AUTHORIZATION)
if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
$ha = base64_decode( substr($_SERVER['HTTP_AUTHORIZATION'],6) );
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', $ha);
unset($ha);
}
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])
|| !wp_login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
{
header('WWW-Authenticate: Basic realm="'. get_bloginfo('name'). '"');
header('HTTP/1.0 401 Unauthorized');
scoper_load_textdomain(); // otherwise this is only loaded for wp-admin
die( __('Access denied: Incorrect credentials supplied.', 'scoper') );
}
$user_login = $_SERVER['PHP_AUTH_USER'];
wp_set_current_user(0, $user_login);
}
}
}
class FeedInterceptor_RS {
function FeedInterceptor_RS() {
$http_auth_if = scoper_get_option( 'feed_link_http_auth' );
if ( 'logged' == $http_auth_if ) {
global $current_user;
$http_auth_if = ! empty($current_user->ID);
}
if ( $http_auth_if ) {
add_filter('feed_link', array(&$this, 'filter_feed_link'));
add_filter('category_feed_link', array(&$this, 'filter_feed_link'));
add_filter('tag_feed_link', array(&$this, 'filter_feed_link'));
add_filter('author_feed_link', array(&$this, 'filter_feed_link'));
add_filter('post_comments_feed_link', array(&$this, 'filter_feed_link'));
}
add_filter('the_content_rss', array(&$this, 'filter_the_content_rss'));
add_filter('the_excerpt_rss', array(&$this, 'filter_the_excerpt_rss'));
if ( is_feed() ) {
// Only filter the_content if we're sure this is an RSS request (TODO: is this still necessary?)
if ( ! empty($_GET[HTTP_AUTH_RS]) )
add_filter('the_content', array(&$this, 'filter_the_content_rss'));
}
}
function replace_feed_teaser_placeholder($content) {
if ( ! empty( $GLOBALS['post'] ) ) {
$search[] = PERMALINK_PLACEHOLDER_RS;
$replace[] = get_permalink($GLOBALS['post']->ID);
$content = str_replace($search, $replace, $content);
}
return $content;
}
function filter_rss( $text, $subject = 'content' ) {
global $post;
if ( ! empty($post) && ! empty($post->scoper_teaser) )
return $text;
if ( $post->post_status == 'private')
$feed_privacy = scoper_get_option( 'rss_private_feed_mode' );
else
$feed_privacy = scoper_get_option( 'rss_nonprivate_feed_mode' );
switch ($feed_privacy) {
case RSS_FULL_CONTENT_RS:
return $text;
case RSS_EXCERPT_ONLY_RS:
if ( 'content' == $subject )
return apply_filters( 'the_excerpt_rss', get_the_excerpt(true) );
else
return $text;
default:
if ( $msg = scoper_get_option( 'feed_teaser' ) ) {
if ( defined('SCOPER_TRANSLATE_TEASER') ) {
scoper_load_textdomain(); // otherwise this is only loaded for wp-admin
$msg = translate( $msg, 'scoper');
if ( ! empty($msg) && ! is_null($msg) && is_string($msg) )
$msg = htmlspecialchars_decode( $msg );
}
return $this->replace_feed_teaser_placeholder( $msg );
}
} // end switch
}
// Called when using HTTP auth -- changes the article content for items which are not already filtered by Hidden Content Teaser
function filter_the_content_rss($content) {
return $this->filter_rss($content, 'content');
}
// Called when using HTTP auth -- changes the article excerpt for items which are not already filtered by Hidden Content Teaser
function filter_the_excerpt_rss($excerpt) {
return $this->filter_rss($excerpt, 'excerpt');
}
// Rewrites RSS feed links to support http authentication
// if the user is logged in
function filter_feed_link($output) {
$delim = (strpos($output, '?') === false) ? '?' : '&';
return $output. $delim . HTTP_AUTH_RS . '=1';
}
}
?>
Jump to Line
Something went wrong with that request. Please try again.