| 1716 | /** |
| 1717 | * Create a new post for any registered post type. |
| 1718 | * |
| 1719 | * The 'content_struct' argument can contain: |
| 1720 | * - post_type (default: 'post') |
| 1721 | * - post_status (default: 'draft') |
| 1722 | * - post_title |
| 1723 | * - post_author |
| 1724 | * - post_exerpt |
| 1725 | * - post_content |
| 1726 | * - post_date_gmt | post_date |
| 1727 | * - post_format |
| 1728 | * - post_password |
| 1729 | * - comment_status - can be 'open' | 'closed' |
| 1730 | * - ping_status - can be 'open' | 'closed' |
| 1731 | * - sticky |
| 1732 | * - custom_fields - array, with each element containing 'key' and 'value' |
| 1733 | * - terms - array, with taxonomy names as keys and arrays of term IDs as values |
| 1734 | * - terms_names - array, with taxonomy names as keys and arrays of term names as values |
| 1735 | * - enclosure |
| 1736 | * - any other fields supported by wp_insert_post() |
| 1737 | * |
| 1738 | * @since 3.4 |
| 1739 | * @uses wp_insert_post() |
| 1740 | * @uses do_action() Calls 'xmlrpc_call' passing 'wp.newPost' |
| 1741 | * @uses apply_filters() Calls 'xmlrpc_wp_newPost_post_data' passing $post_data, $content_struct prior to calling wp_insert_post() |
| 1742 | * |
| 1743 | * @param array $args Method parameters. Contains: |
| 1744 | * - blog_id |
| 1745 | * - username |
| 1746 | * - password |
| 1747 | * - content_struct |
| 1748 | * @return string post_id |
| 1749 | */ |
| 1750 | function wp_newPost( $args ) { |
| 1751 | $this->escape( $args ); |
| 1752 | |
| 1753 | $blog_id = (int) $args[0]; // we will support this in the near future |
| 1754 | $username = $args[1]; |
| 1755 | $password = $args[2]; |
| 1756 | $content_struct = $args[3]; |
| 1757 | |
| 1758 | if ( ! $user = $this->login($username, $password) ) |
| 1759 | return $this->error; |
| 1760 | |
| 1761 | do_action( 'xmlrpc_call', 'wp.newPost' ); |
| 1762 | |
| 1763 | unset( $content_struct['ID'] ); |
| 1764 | |
| 1765 | return $this->_wp_insertPost( $user, $content_struct ); |
| 1766 | } |
| 1767 | |
| 1768 | /* |
| 1769 | * Helper method for wp_newPost and wp_editPost, containing shared logic. |
| 1770 | */ |
| 1771 | function _wp_insertPost( $user, $content_struct ) { |
| 1772 | $defaults = array( 'post_status' => 'draft', 'post_type' => 'post', 'post_author' => 0, |
| 1773 | 'post_password' => '', 'post_excerpt' => '', 'post_content' => '', 'post_title' => '', 'sticky' => 0 ); |
| 1774 | |
| 1775 | $post_data = wp_parse_args( $content_struct, $defaults ); |
| 1776 | |
| 1777 | $post_type = get_post_type_object( $post_data['post_type'] ); |
| 1778 | if( ! ( (bool)$post_type ) ) |
| 1779 | return new IXR_Error( 403, __( 'Invalid post type' ) ); |
| 1780 | |
| 1781 | if( ! current_user_can( $post_type->cap->edit_posts ) ) |
| 1782 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) ); |
| 1783 | |
| 1784 | switch ( $post_data['post_status'] ) { |
| 1785 | case 'draft': |
| 1786 | case 'pending': |
| 1787 | break; |
| 1788 | case 'private': |
| 1789 | if( ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1790 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' )); |
| 1791 | break; |
| 1792 | case 'publish': |
| 1793 | case 'future': |
| 1794 | if( ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1795 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' )); |
| 1796 | break; |
| 1797 | default: |
| 1798 | $post_data['post_status'] = 'draft'; |
| 1799 | break; |
| 1800 | } |
| 1801 | |
| 1802 | if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1803 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to create password protected posts in this post type' ) ); |
| 1804 | |
| 1805 | |
| 1806 | $post_data['post_author'] = absint( $post_data['post_author'] ); |
| 1807 | if( ! empty( $post_data['post_author'] ) && $post_data['post_author'] != $user->ID ) { |
| 1808 | if( ! current_user_can( $post_type->cap->edit_others_posts ) ) |
| 1809 | return new IXR_Error( 401, __( 'You are not allowed to create posts as this user.' ) ); |
| 1810 | |
| 1811 | $author = get_userdata( $post_data['post_author'] ); |
| 1812 | |
| 1813 | if( ! $author ) |
| 1814 | return new IXR_Error( 404, __( 'Invalid author ID.' ) ); |
| 1815 | } |
| 1816 | else { |
| 1817 | $post_data['post_author'] = $user->ID; |
| 1818 | } |
| 1819 | |
| 1820 | if( isset( $post_data['comment_status'] ) ) |
| 1821 | if( ! post_type_supports( $post_data['post_type'], 'comments' ) || ( $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' ) ) |
| 1822 | unset( $post_data['comment_status'] ); |
| 1823 | |
| 1824 | if( isset( $post_data['ping_status'] ) ) |
| 1825 | if( ! post_type_supports( $post_data['post_type'], 'trackbacks' ) || ( $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' ) ) |
| 1826 | unset( $post_data['ping_status'] ); |
| 1827 | |
| 1828 | // Do some timestamp voodoo |
| 1829 | if ( ! empty( $post_data['post_date_gmt'] ) ) |
| 1830 | $dateCreated = str_replace( 'Z', '', $post_data['post_date_gmt']->getIso() ) . 'Z'; // We know this is supposed to be GMT, so we're going to slap that Z on there by force |
| 1831 | elseif ( ! empty( $post_data['post_date']) ) |
| 1832 | $dateCreated = $post_data['post_date']->getIso(); |
| 1833 | |
| 1834 | if ( ! empty( $dateCreated ) ) { |
| 1835 | $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); |
| 1836 | $post_data['post_date_gmt'] = iso8601_to_datetime( $dateCreated, 'GMT' ); |
| 1837 | } |
| 1838 | |
| 1839 | if ( ! isset( $post_data['ID'] ) ) { |
| 1840 | $post_data['ID'] = get_default_post_to_edit( $post_data['post_type'], true )->ID; |
| 1841 | } |
| 1842 | $post_ID = $post_data['ID']; |
| 1843 | |
| 1844 | $sticky = $post_data['sticky'] ? true : false; |
| 1845 | |
| 1846 | if( $post_data['post_type'] == 'post' && $sticky == true ) { |
| 1847 | if( ! current_user_can( $post_type->cap->edit_others_posts ) ) |
| 1848 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); |
| 1849 | |
| 1850 | if( $post_data['post_status'] != 'publish' ) |
| 1851 | return new IXR_Error( 401, __( 'Only published posts can be made sticky.' )); |
| 1852 | |
| 1853 | stick_post( $post_ID ); |
| 1854 | } |
| 1855 | |
| 1856 | if( isset ( $post_data['custom_fields'] ) && post_type_supports( $post_data['post_type'], 'custom-fields' ) ) { |
| 1857 | $this->set_custom_fields( $post_ID, $post_data['custom_fields'] ); |
| 1858 | } |
| 1859 | |
| 1860 | if( isset( $post_data['terms'] ) || isset( $post_data['terms_names'] ) ) { |
| 1861 | $post_type_taxonomies = get_object_taxonomies( $post_data['post_type'], 'objects' ); |
| 1862 | |
| 1863 | // accumulate term IDs from terms and terms_names |
| 1864 | $terms = array(); |
| 1865 | |
| 1866 | // first validate the terms specified by ID |
| 1867 | if( isset( $post_data['terms'] ) && is_array( $post_data['terms'] ) ) { |
| 1868 | $taxonomies = array_keys( $post_data['terms'] ); |
| 1869 | |
| 1870 | // validating term ids |
| 1871 | foreach ( $taxonomies as $taxonomy ) { |
| 1872 | if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) ) |
| 1873 | return new IXR_Error( 401, __( 'Sorry, one of the given taxonomy is not supported by the post type.' ) ); |
| 1874 | |
| 1875 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) |
| 1876 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies' ) ); |
| 1877 | |
| 1878 | $term_ids = $post_data['terms'][$taxonomy]; |
| 1879 | foreach ( $term_ids as $term_id ) { |
| 1880 | $term = get_term_by( 'id', $term_id, $taxonomy ); |
| 1881 | |
| 1882 | if ( ! $term ) |
| 1883 | return new IXR_Error( 403, __( 'Invalid term ID' ) ); |
| 1884 | |
| 1885 | $terms[$taxonomy][] = (int)$term_id; |
| 1886 | } |
| 1887 | } |
| 1888 | } |
| 1889 | |
| 1890 | // now validate terms specified by name |
| 1891 | if ( isset( $post_data['terms_names'] ) && is_array( $post_data['terms_names'] ) ) { |
| 1892 | $taxonomies = array_keys( $post_data['terms_names'] ); |
| 1893 | |
| 1894 | foreach ( $taxonomies as $taxonomy ) { |
| 1895 | if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) ) |
| 1896 | return new IXR_Error( 401, __( 'Sorry, one of the given taxonomy is not supported by the post type.' ) ); |
| 1897 | |
| 1898 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) |
| 1899 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) ); |
| 1900 | |
| 1901 | // for hierarchical taxonomies, we can't assign a term when multiple terms in the hierarchy share the same name |
| 1902 | $ambiguous_terms = array(); |
| 1903 | if( is_taxonomy_hierarchical( $taxonomy ) ) { |
| 1904 | $tax_term_names = get_terms( $taxonomy, array( 'fields' => 'names', 'hide_empty' => false ) ); |
| 1905 | |
| 1906 | // count the number of terms with the same name |
| 1907 | $tax_term_names_count = array_count_values( $tax_term_names ); |
| 1908 | |
| 1909 | // filter out non-ambiguous term names |
| 1910 | $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, function($count){ |
| 1911 | return $count > 1; |
| 1912 | } ); |
| 1913 | |
| 1914 | $ambiguous_terms = array_keys( $ambiguous_tax_term_counts ); |
| 1915 | } |
| 1916 | |
| 1917 | $term_names = $post_data['terms_names'][$taxonomy]; |
| 1918 | foreach ( $term_names as $term_name ) { |
| 1919 | if ( in_array( $term_name, $ambiguous_terms ) ) |
| 1920 | return new IXR_Error( 401, __( 'Ambiguous term name used in a hierarhical taxonomy. Please use term ID instead.' ) ); |
| 1921 | |
| 1922 | $term = get_term_by( 'name', $term_name, $taxonomy ); |
| 1923 | |
| 1924 | if ( ! $term ) { |
| 1925 | // term doesn't exist, so check that the user is allowed to create new terms |
| 1926 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->edit_terms ) ) |
| 1927 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to add a term to one of the given taxonomies.' ) ); |
| 1928 | |
| 1929 | // create the new term |
| 1930 | $term_info = wp_insert_term( $term_name, $taxonomy ); |
| 1931 | if ( is_wp_error( $term_info ) ) |
| 1932 | return new IXR_Error( 500, $term_info->get_error_message() ); |
| 1933 | |
| 1934 | $terms[$taxonomy][] = (int)$term_info['term_id']; |
| 1935 | } |
| 1936 | else { |
| 1937 | $terms[$taxonomy][] = (int)$term->term_id; |
| 1938 | } |
| 1939 | } |
| 1940 | } |
| 1941 | } |
| 1942 | |
| 1943 | $post_data['tax_input'] = $terms; |
| 1944 | unset( $post_data['terms'] ); |
| 1945 | unset( $post_data['terms_names'] ); |
| 1946 | } |
| 1947 | else { |
| 1948 | // do not allow direct submission of 'tax_input', clients must use 'terms' and/or 'terms_names' |
| 1949 | unset( $post_data['tax_input'] ); |
| 1950 | } |
| 1951 | |
| 1952 | if( isset( $post_data['post_format'] ) ) { |
| 1953 | $format = set_post_format( $post_ID, $post_data['post_format'] ); |
| 1954 | |
| 1955 | if ( is_wp_error( $format ) ) |
| 1956 | return new IXR_Error( 500, $format->get_error_message() ); |
| 1957 | |
| 1958 | unset( $post_data['post_format'] ); |
| 1959 | } |
| 1960 | |
| 1961 | // Handle enclosures |
| 1962 | $enclosure = isset( $post_data['enclosure'] ) ? $post_data['enclosure'] : null; |
| 1963 | $this->add_enclosure_if_new( $post_ID, $enclosure ); |
| 1964 | |
| 1965 | $this->attach_uploads( $post_ID, $post_data['post_content'] ); |
| 1966 | |
| 1967 | $post_data = apply_filters( 'xmlrpc_wp_insert_post_data', $post_data, $content_struct ); |
| 1968 | |
| 1969 | $post_ID = wp_insert_post( $post_data, true ); |
| 1970 | if ( is_wp_error( $post_ID ) ) |
| 1971 | return new IXR_Error( 500, $post_ID->get_error_message() ); |
| 1972 | |
| 1973 | if ( ! $post_ID ) |
| 1974 | return new IXR_Error( 401, __( 'Sorry, your entry could not be posted. Something wrong happened.' ) ); |
| 1975 | |
| 1976 | return strval( $post_ID ); |
| 1977 | } |
| 1978 | |
| 1979 | /* |
| 1980 | * Update a post for any registered post type. |
| 1981 | * |
| 1982 | * @since 3.4 |
| 1983 | * @uses wp_newPost() |
| 1984 | * @uses do_action() Calls 'xmlrpc_call' passing 'wp.editPost' |
| 1985 | * |
| 1986 | * @param array $args Method parameters. Contains: |
| 1987 | * - blog_id |
| 1988 | * - username |
| 1989 | * - password |
| 1990 | * - post_id |
| 1991 | * - content_struct |
| 1992 | * @return true on success |
| 1993 | */ |
| 1994 | function wp_editPost($args) { |
| 1995 | $this->escape( $args ); |
| 1996 | |
| 1997 | $blog_id = (int) $args[0]; // we will support this in the near future |
| 1998 | $username = $args[1]; |
| 1999 | $password = $args[2]; |
| 2000 | $post_id = $args[3]; |
| 2001 | $content_struct = $args[4]; |
| 2002 | |
| 2003 | if ( ! $user = $this->login($username, $password) ) |
| 2004 | return $this->error; |
| 2005 | |
| 2006 | do_action( 'xmlrpc_call', 'wp.editPost' ); |
| 2007 | |
| 2008 | $post = get_post( $post_id, ARRAY_A ); |
| 2009 | |
| 2010 | if ( empty( $post["ID"] ) ) |
| 2011 | return new IXR_Error( 404, __( 'Invalid post ID.' ) ); |
| 2012 | |
| 2013 | // convert the date field back to IXR form |
| 2014 | $post['post_date'] = new IXR_Date( mysql2date( 'Ymd\TH:i:s', $post['post_date'], false ) ); |
| 2015 | |
| 2016 | // ignore the existing GMT date if it is empty or a non-GMT date was supplied in $content_struct, |
| 2017 | // since _wp_insertPost will ignore the non-GMT date if the GMT date is set |
| 2018 | if ( $post['post_date_gmt'] == '0000-00-00 00:00:00' || isset( $content_struct['post_date'] ) ) |
| 2019 | unset( $post['post_date_gmt'] ); |
| 2020 | else |
| 2021 | $post['post_date_gmt'] = new IXR_Date( mysql2date( 'Ymd\TH:i:s', $post['post_date_gmt'], false ) ); |
| 2022 | |
| 2023 | $this->escape( $post ); |
| 2024 | $merged_content_struct = array_merge( $post, $content_struct ); |
| 2025 | |
| 2026 | $retval = $this->_wp_insertPost( $user, $merged_content_struct ); |
| 2027 | if ( $retval instanceof IXR_Error ) |
| 2028 | return $retval; |
| 2029 | |
| 2030 | return true; |
| 2031 | } |
| 2032 | |