Easy enough to test. I set up two blogs, activated xpost on one of them and posted to the other.
The plugin works as promised. You can selectively post to multiple blogs and assign categories. Tags and standard properties are preserved. Most impressively, the relationship between source and target blogs is maintained. Changes in the source are updated in the targets.
However markup in the cross posts is broken because single and double quotes are escaped with a backslash. For example, link tags become
From what I can find a SQL injection vulnerability.intentionally introduced within the WordPress’ XML-RPC implementation as brute force protection against
I don’t want to expose myself to this vulnerability. Nor do I want to hack a wordpress build.
It occurred to me one way to get past this issue is to strip those backslashes at the presentation level within the theme of the blog to which I want to crosspost. I don’t see any reason to render backslashes within posts.
So, with guidance from the WordPress codex, I modified the single and index templates…
<?php the_content(); ?>
$content = get_the_content();
$content = apply_filters('the_content', $content);
$content = str_replace(']]>', ']]>', $content);
$content = str_replace('\\','',$content); /* This strips escapes inserted through XML-RPC */
print $content ?>
I think this will work for me. I’m glad to be proven wrong. Am I missing something?