mt.php

Revision 5406, 14.8 kB (checked in by ryan, 1 year ago)
Add nonces to importers
Property svn:eol-style set to `native`

Line
1	<?php
2
3	class MT_Import {
4
5	var $posts = array ();
6	var $file;
7	var $id;
8	var $mtnames = array ();
9	var $newauthornames = array ();
10	var $j = -1;
11
12	function header() {
13	echo '<div class="wrap">';
14	echo '<h2>'.__('Import Movable Type and Typepad').'</h2>';
15	}
16
17	function footer() {
18	echo '</div>';
19	}
20
21	function greet() {
22	$this->header();
23	?>
24	<p><?php _e('Howdy! We’re about to begin the process to import all of your Movable Type entries into WordPress. To begin, select a file to upload and click Import.'); ?></p>
25	<?php wp_import_upload_form( add_query_arg('step', 1) ); ?>
26	<p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if—for whatever reason—it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
27	<?php
28	$this->footer();
29	}
30
31	function users_form($n) {
32	global $wpdb, $testing;
33	$users = $wpdb->get_results("SELECT * FROM $wpdb->users ORDER BY ID");
34	?><select name="userselect[<?php echo $n; ?>]">
35	<option value="#NONE#"><?php _e('- Select -') ?></option>
36	<?php
37
38
39	foreach ($users as $user) {
40	echo '<option value="'.$user->user_login.'">'.$user->user_login.'</option>';
41	}
42	?>
43	</select>
44	<?php
45
46
47	}
48
49	//function to check the authorname and do the mapping
50	function checkauthor($author) {
51	global $wpdb;
52	//mtnames is an array with the names in the mt import file
53	$pass = 'changeme';
54	if (!(in_array($author, $this->mtnames))) { //a new mt author name is found
55	++ $this->j;
56	$this->mtnames[$this->j] = $author; //add that new mt author name to an array
57	$user_id = username_exists($this->newauthornames[$this->j]); //check if the new author name defined by the user is a pre-existing wp user
58	if (!$user_id) { //banging my head against the desk now.
59	if ($newauthornames[$this->j] == 'left_blank') { //check if the user does not want to change the authorname
60	$user_id = wp_create_user($author, $pass);
61	$this->newauthornames[$this->j] = $author; //now we have a name, in the place of left_blank.
62	} else {
63	$user_id = wp_create_user($this->newauthornames[$this->j], $pass);
64	}
65	} else {
66	return $user_id; // return pre-existing wp username if it exists
67	}
68	} else {
69	$key = array_search($author, $this->mtnames); //find the array key for $author in the $mtnames array
70	$user_id = username_exists($this->newauthornames[$key]); //use that key to get the value of the author's name from $newauthornames
71	}
72
73	return $user_id;
74	}
75
76	function get_entries() {
77	set_magic_quotes_runtime(0);
78	$importdata = file($this->file); // Read the file into an array
79	$importdata = implode('', $importdata); // squish it
80	$importdata = preg_replace("/(\r\n\|\n\|\r)/", "\n", $importdata);
81	$importdata = preg_replace("/\n--------\n/", "--MT-ENTRY--\n", $importdata);
82	$this->posts = explode("--MT-ENTRY--", $importdata);
83	}
84
85	function get_mt_authors() {
86	$temp = array ();
87	$i = -1;
88	foreach ($this->posts as $post) {
89	if ('' != trim($post)) {
90	++ $i;
91	preg_match("\|AUTHOR:(.*)\|", $post, $thematch);
92	$thematch = trim($thematch[1]);
93	array_push($temp, "$thematch"); //store the extracted author names in a temporary array
94	}
95	}
96
97	//we need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
98	$authors[0] = array_shift($temp);
99	$y = count($temp) + 1;
100	for ($x = 1; $x < $y; $x ++) {
101	$next = array_shift($temp);
102	if (!(in_array($next, $authors)))
103	array_push($authors, "$next");
104	}
105
106	return $authors;
107	}
108
109	function get_authors_from_post() {
110	$formnames = array ();
111	$selectnames = array ();
112
113	foreach ($_POST['user'] as $key => $line) {
114	$newname = trim(stripslashes($line));
115	if ($newname == '')
116	$newname = 'left_blank'; //passing author names from step 1 to step 2 is accomplished by using POST. left_blank denotes an empty entry in the form.
117	array_push($formnames, "$newname");
118	} // $formnames is the array with the form entered names
119
120	foreach ($_POST['userselect'] as $user => $key) {
121	$selected = trim(stripslashes($key));
122	array_push($selectnames, "$selected");
123	}
124
125	$count = count($formnames);
126	for ($i = 0; $i < $count; $i ++) {
127	if ($selectnames[$i] != '#NONE#') { //if no name was selected from the select menu, use the name entered in the form
128	array_push($this->newauthornames, "$selectnames[$i]");
129	} else {
130	array_push($this->newauthornames, "$formnames[$i]");
131	}
132	}
133	}
134
135	function mt_authors_form() {
136	?>
137	<div class="wrap">
138	<h2><?php _e('Assign Authors'); ?></h2>
139	<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
140	<p><?php _e('Below, you can see the names of the authors of the MovableType posts in <i>italics</i>. For each of these names, you can either pick an author in your WordPress installation from the menu, or enter a name for the author in the textbox.'); ?></p>
141	<p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
142	<?php
143
144
145	$authors = $this->get_mt_authors();
146	echo '<ol id="authors">';
147	echo '<form action="?import=mt&step=2&id=' . $this->id . '" method="post">';
148	wp_nonce_field('import-mt');
149	$j = -1;
150	foreach ($authors as $author) {
151	++ $j;
152	echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
153	$this->users_form($j);
154	echo '</li>';
155	}
156
157	echo '<input type="submit" value="'.__('Submit').'">'.'<br/>';
158	echo '</form>';
159	echo '</ol></div>';
160
161	}
162
163	function select_authors() {
164	$file = wp_import_handle_upload();
165	if ( isset($file['error']) ) {
166	$this->header();
167	echo '<p>'.__('Sorry, there has been an error').'.</p>';
168	echo '<p><strong>' . $file['error'] . '</strong></p>';
169	$this->footer();
170	return;
171	}
172	$this->file = $file['file'];
173	$this->id = (int) $file['id'];
174
175	$this->get_entries();
176	$this->mt_authors_form();
177	}
178
179	function process_posts() {
180	global $wpdb;
181	$i = -1;
182	echo "<div class='wrap'><ol>";
183	foreach ($this->posts as $post) {
184	if ('' != trim($post)) {
185	++ $i;
186	unset ($post_categories);
187
188	// Take the pings out first
189	preg_match("\|(-----\n\nPING:.*)\|s", $post, $pings);
190	$post = preg_replace("\|(-----\n\nPING:.*)\|s", '', $post);
191
192	// Then take the comments out
193	preg_match("\|(-----\nCOMMENT:.*)\|s", $post, $comments);
194	$post = preg_replace("\|(-----\nCOMMENT:.*)\|s", '', $post);
195
196	// We ignore the keywords
197	$post = preg_replace("\|(-----\nKEYWORDS:.*)\|s", '', $post);
198
199	// We want the excerpt
200	preg_match("\|-----\nEXCERPT:(.*)\|s", $post, $excerpt);
201	$post_excerpt = $wpdb->escape(trim($excerpt[1]));
202	$post = preg_replace("\|(-----\nEXCERPT:.*)\|s", '', $post);
203
204	// We're going to put extended body into main body with a more tag
205	preg_match("\|-----\nEXTENDED BODY:(.*)\|s", $post, $extended);
206	$extended = trim($extended[1]);
207	if ('' != $extended)
208	$extended = "\n<!--more-->\n$extended";
209	$post = preg_replace("\|(-----\nEXTENDED BODY:.*)\|s", '', $post);
210
211	// Now for the main body
212	preg_match("\|-----\nBODY:(.*)\|s", $post, $body);
213	$body = trim($body[1]);
214	$post_content = $wpdb->escape($body.$extended);
215	$post = preg_replace("\|(-----\nBODY:.*)\|s", '', $post);
216
217	// Grab the metadata from what's left
218	$metadata = explode("\n", $post);
219	foreach ($metadata as $line) {
220	preg_match("/^(.?):(.)/", $line, $token);
221	$key = trim($token[1]);
222	$value = trim($token[2]);
223	// Now we decide what it is and what to do with it
224	switch ($key) {
225	case '' :
226	break;
227	case 'AUTHOR' :
228	$post_author = $value;
229	break;
230	case 'TITLE' :
231	$post_title = $wpdb->escape($value);
232	break;
233	case 'STATUS' :
234	// "publish" and "draft" enumeration items match up; no change required
235	$post_status = $value;
236	if (empty ($post_status))
237	$post_status = 'publish';
238	break;
239	case 'ALLOW COMMENTS' :
240	$post_allow_comments = $value;
241	if ($post_allow_comments == 1) {
242	$comment_status = 'open';
243	} else {
244	$comment_status = 'closed';
245	}
246	break;
247	case 'CONVERT BREAKS' :
248	$post_convert_breaks = $value;
249	break;
250	case 'ALLOW PINGS' :
251	$ping_status = trim($meta[2][0]);
252	if ($ping_status == 1) {
253	$ping_status = 'open';
254	} else {
255	$ping_status = 'closed';
256	}
257	break;
258	case 'PRIMARY CATEGORY' :
259	if (! empty ($value) )
260	$post_categories[] = $wpdb->escape($value);
261	break;
262	case 'CATEGORY' :
263	if (! empty ($value) )
264	$post_categories[] = $wpdb->escape($value);
265	break;
266	case 'DATE' :
267	$post_modified = strtotime($value);
268	$post_modified = date('Y-m-d H:i:s', $post_modified);
269	$post_modified_gmt = get_gmt_from_date("$post_modified");
270	$post_date = $post_modified;
271	$post_date_gmt = $post_modified_gmt;
272	break;
273	default :
274	// echo "\n$key: $value";
275	break;
276	} // end switch
277	} // End foreach
278
279	// Let's check to see if it's in already
280	if ($post_id = post_exists($post_title, '', $post_date)) {
281	echo '<li>';
282	printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
283	} else {
284	echo '<li>';
285	printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
286
287	$post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor
288
289	$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt');
290	$post_id = wp_insert_post($postdata);
291	// Add categories.
292	if (0 != count($post_categories)) {
293	wp_create_categories($post_categories, $post_id);
294	}
295	}
296
297	$comment_post_ID = (int) $post_id;
298	$comment_approved = 1;
299
300	// Now for comments
301	$comments = explode("-----\nCOMMENT:", $comments[0]);
302	$num_comments = 0;
303	foreach ($comments as $comment) {
304	if ('' != trim($comment)) {
305	// Author
306	preg_match("\|AUTHOR:(.*)\|", $comment, $comment_author);
307	$comment_author = $wpdb->escape(trim($comment_author[1]));
308	$comment = preg_replace('\|(\n?AUTHOR:.*)\|', '', $comment);
309	preg_match("\|EMAIL:(.*)\|", $comment, $comment_author_email);
310	$comment_author_email = $wpdb->escape(trim($comment_author_email[1]));
311	$comment = preg_replace('\|(\n?EMAIL:.*)\|', '', $comment);
312
313	preg_match("\|IP:(.*)\|", $comment, $comment_author_IP);
314	$comment_author_IP = trim($comment_author_IP[1]);
315	$comment = preg_replace('\|(\n?IP:.*)\|', '', $comment);
316
317	preg_match("\|URL:(.*)\|", $comment, $comment_author_url);
318	$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
319	$comment = preg_replace('\|(\n?URL:.*)\|', '', $comment);
320
321	preg_match("\|DATE:(.*)\|", $comment, $comment_date);
322	$comment_date = trim($comment_date[1]);
323	$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
324	$comment = preg_replace('\|(\n?DATE:.*)\|', '', $comment);
325
326	$comment_content = $wpdb->escape(trim($comment));
327	$comment_content = str_replace('-----', '', $comment_content);
328	// Check if it's already there
329	if (!comment_exists($comment_author, $comment_date)) {
330	$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_approved');
331	$commentdata = wp_filter_comment($commentdata);
332	wp_insert_comment($commentdata);
333	$num_comments++;
334	}
335	}
336	}
337	if ( $num_comments )
338	printf(' '.__('(%s comments)'), $num_comments);
339
340	// Finally the pings
341	// fix the double newline on the first one
342	$pings[0] = str_replace("-----\n\n", "-----\n", $pings[0]);
343	$pings = explode("-----\nPING:", $pings[0]);
344	$num_pings = 0;
345	foreach ($pings as $ping) {
346	if ('' != trim($ping)) {
347	// 'Author'
348	preg_match("\|BLOG NAME:(.*)\|", $ping, $comment_author);
349	$comment_author = $wpdb->escape(trim($comment_author[1]));
350	$ping = preg_replace('\|(\n?BLOG NAME:.*)\|', '', $ping);
351
352	preg_match("\|IP:(.*)\|", $ping, $comment_author_IP);
353	$comment_author_IP = trim($comment_author_IP[1]);
354	$ping = preg_replace('\|(\n?IP:.*)\|', '', $ping);
355
356	preg_match("\|URL:(.*)\|", $ping, $comment_author_url);
357	$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
358	$ping = preg_replace('\|(\n?URL:.*)\|', '', $ping);
359
360	preg_match("\|DATE:(.*)\|", $ping, $comment_date);
361	$comment_date = trim($comment_date[1]);
362	$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
363	$ping = preg_replace('\|(\n?DATE:.*)\|', '', $ping);
364
365	preg_match("\|TITLE:(.*)\|", $ping, $ping_title);
366	$ping_title = $wpdb->escape(trim($ping_title[1]));
367	$ping = preg_replace('\|(\n?TITLE:.*)\|', '', $ping);
368
369	$comment_content = $wpdb->escape(trim($ping));
370	$comment_content = str_replace('-----', '', $comment_content);
371
372	$comment_content = "<strong>$ping_title</strong>\n\n$comment_content";
373
374	$comment_type = 'trackback';
375
376	// Check if it's already there
377	if (!comment_exists($comment_author, $comment_date)) {
378	$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_type', 'comment_approved');
379	$commentdata = wp_filter_comment($commentdata);
380	wp_insert_comment($commentdata);
381	$num_pings++;
382	}
383	}
384	}
385	if ( $num_pings )
386	printf(' '.__('(%s pings)'), $num_pings);
387
388	echo "</li>";
389	}
390	}
391
392	echo '</ol>';
393
394	wp_import_cleanup($this->id);
395
396	echo '<h3>'.sprintf(__('All done. <a href="%s">Have fun!</a>'), get_option('home')).'</h3></div>';
397	}
398
399	function import() {
400	$this->id = (int) $_GET['id'];
401
402	$this->file = get_attached_file($this->id);
403	$this->get_authors_from_post();
404	$this->get_entries();
405	$this->process_posts();
406	}
407
408	function dispatch() {
409	if (empty ($_GET['step']))