| 1715 | /** |
| 1716 | * Create a new post for any registered post type. |
| 1717 | * |
| 1718 | * The 'content_struct' argument can contain: |
| 1719 | * - post_type (default: 'post') |
| 1720 | * - post_status (default: 'draft') |
| 1721 | * - post_title |
| 1722 | * - post_author |
| 1723 | * - post_exerpt |
| 1724 | * - post_content |
| 1725 | * - post_date_gmt | post_date |
| 1726 | * - post_format |
| 1727 | * - post_password |
| 1728 | * - comment_status - can be 'open' | 'closed' |
| 1729 | * - ping_status - can be 'open' | 'closed' |
| 1730 | * - sticky |
| 1731 | * - custom_fields - array, with each element containing 'key' and 'value' |
| 1732 | * - terms - array, with taxonomy names as keys and arrays of term IDs as values |
| 1733 | * - terms_names - array, with taxonomy names as keys and arrays of term names as values |
| 1734 | * - enclosure |
| 1735 | * - any other fields supported by wp_insert_post() |
| 1736 | * |
| 1737 | * @since 3.4 |
| 1738 | * @uses wp_insert_post() |
| 1739 | * @uses do_action() Calls 'xmlrpc_call' passing 'wp.newPost' |
| 1740 | * @uses apply_filters() Calls 'xmlrpc_wp_newPost_post_data' passing $post_data, $content_struct prior to calling wp_insert_post() |
| 1741 | * |
| 1742 | * @param array $args Method parameters. Contains: |
| 1743 | * - blog_id |
| 1744 | * - username |
| 1745 | * - password |
| 1746 | * - content_struct |
| 1747 | * @return string post_id |
| 1748 | */ |
| 1749 | function wp_newPost( $args ) { |
| 1750 | $this->escape( $args ); |
| 1751 | |
| 1752 | $blog_id = (int) $args[0]; // we will support this in the near future |
| 1753 | $username = $args[1]; |
| 1754 | $password = $args[2]; |
| 1755 | $content_struct = $args[3]; |
| 1756 | |
| 1757 | if ( ! $user = $this->login($username, $password) ) |
| 1758 | return $this->error; |
| 1759 | |
| 1760 | do_action( 'xmlrpc_call', 'wp.newPost' ); |
| 1761 | |
| 1762 | $defaults = array( 'post_status' => 'draft', 'post_type' => 'post', 'post_author' => 0, |
| 1763 | 'post_password' => '', 'post_excerpt' => '', 'post_content' => '', 'post_title' => '', 'sticky' => 0 ); |
| 1764 | |
| 1765 | $post_data = wp_parse_args( $content_struct, $defaults ); |
| 1766 | |
| 1767 | $post_type = get_post_type_object( $post_data['post_type'] ); |
| 1768 | if( ! ( (bool)$post_type ) ) |
| 1769 | return new IXR_Error( 403, __( 'Invalid post type' ) ); |
| 1770 | |
| 1771 | if( ! current_user_can( $post_type->cap->edit_posts ) ) |
| 1772 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) ); |
| 1773 | |
| 1774 | switch ( $post_data['post_status'] ) { |
| 1775 | case 'draft': |
| 1776 | case 'pending': |
| 1777 | break; |
| 1778 | case 'private': |
| 1779 | if( ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1780 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' )); |
| 1781 | break; |
| 1782 | case 'publish': |
| 1783 | case 'future': |
| 1784 | if( ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1785 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' )); |
| 1786 | break; |
| 1787 | default: |
| 1788 | $post_data['post_status'] = 'draft'; |
| 1789 | break; |
| 1790 | } |
| 1791 | |
| 1792 | if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) ) |
| 1793 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to create password protected posts in this post type' ) ); |
| 1794 | |
| 1795 | |
| 1796 | $post_data['post_author'] = absint( $post_data['post_author'] ); |
| 1797 | if( ! empty( $post_data['post_author'] ) && $post_data['post_author'] != $user->ID ) { |
| 1798 | if( ! current_user_can( $post_type->cap->edit_others_posts ) ) |
| 1799 | return new IXR_Error( 401, __( 'You are not allowed to create posts as this user.' ) ); |
| 1800 | |
| 1801 | $author = get_userdata( $post_data['post_author'] ); |
| 1802 | |
| 1803 | if( ! $author ) |
| 1804 | return new IXR_Error( 404, __( 'Invalid author ID.' ) ); |
| 1805 | } |
| 1806 | else { |
| 1807 | $post_data['post_author'] = $user->ID; |
| 1808 | } |
| 1809 | |
| 1810 | if( isset( $post_data['comment_status'] ) ) |
| 1811 | if( ! post_type_supports( $post_data['post_type'], 'comments' ) || ( $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' ) ) |
| 1812 | unset( $post_data['comment_status'] ); |
| 1813 | |
| 1814 | if( isset( $post_data['ping_status'] ) ) |
| 1815 | if( ! post_type_supports( $post_data['post_type'], 'trackbacks' ) || ( $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' ) ) |
| 1816 | unset( $post_data['ping_status'] ); |
| 1817 | |
| 1818 | // Do some timestamp voodoo |
| 1819 | if ( ! empty( $post_data['post_date_gmt'] ) ) |
| 1820 | $dateCreated = str_replace( 'Z', '', $post_data['post_date_gmt']->getIso() ) . 'Z'; // We know this is supposed to be GMT, so we're going to slap that Z on there by force |
| 1821 | elseif ( ! empty( $post_data['post_date']) ) |
| 1822 | $dateCreated = $post_data['post_date']->getIso(); |
| 1823 | |
| 1824 | if ( ! empty( $dateCreated ) ) { |
| 1825 | $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); |
| 1826 | $post_data['post_date_gmt'] = iso8601_to_datetime( $dateCreated, 'GMT' ); |
| 1827 | } |
| 1828 | |
| 1829 | $post_ID = $post_data['ID'] = get_default_post_to_edit( $post_data['post_type'], true )->ID; |
| 1830 | |
| 1831 | $sticky = $post_data['sticky'] ? true : false; |
| 1832 | |
| 1833 | if( $post_data['post_type'] == 'post' && $sticky == true ) { |
| 1834 | if( ! current_user_can( $post_type->cap->edit_others_posts ) ) |
| 1835 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) ); |
| 1836 | |
| 1837 | if( $post_data['post_status'] != 'publish' ) |
| 1838 | return new IXR_Error( 401, __( 'Only published posts can be made sticky.' )); |
| 1839 | |
| 1840 | stick_post( $post_ID ); |
| 1841 | } |
| 1842 | |
| 1843 | if( isset ( $post_data['custom_fields'] ) && post_type_supports( $post_data['post_type'], 'custom-fields' ) ) { |
| 1844 | $this->set_custom_fields( $post_ID, $post_data['custom_fields'] ); |
| 1845 | } |
| 1846 | |
| 1847 | if( isset( $post_data['terms'] ) || isset( $post_data['terms_names'] ) ) { |
| 1848 | $post_type_taxonomies = get_object_taxonomies( $post_data['post_type'], 'objects' ); |
| 1849 | |
| 1850 | // accumulate term IDs from terms and terms_names |
| 1851 | $terms = array(); |
| 1852 | |
| 1853 | // first validate the terms specified by ID |
| 1854 | if( isset( $post_data['terms'] ) && is_array( $post_data['terms'] ) ) { |
| 1855 | $taxonomies = array_keys( $post_data['terms'] ); |
| 1856 | |
| 1857 | // validating term ids |
| 1858 | foreach ( $taxonomies as $taxonomy ) { |
| 1859 | if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) ) |
| 1860 | return new IXR_Error( 401, __( 'Sorry, one of the given taxonomy is not supported by the post type.' ) ); |
| 1861 | |
| 1862 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) |
| 1863 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies' ) ); |
| 1864 | |
| 1865 | $term_ids = $post_data['terms'][$taxonomy]; |
| 1866 | foreach ( $term_ids as $term_id ) { |
| 1867 | $term = get_term_by( 'id', $term_id, $taxonomy ); |
| 1868 | |
| 1869 | if ( ! $term ) |
| 1870 | return new IXR_Error( 403, __( 'Invalid term ID' ) ); |
| 1871 | |
| 1872 | $terms[$taxonomy][] = (int)$term_id; |
| 1873 | } |
| 1874 | } |
| 1875 | } |
| 1876 | |
| 1877 | // now validate terms specified by name |
| 1878 | if ( isset( $post_data['terms_names'] ) && is_array( $post_data['terms_names'] ) ) { |
| 1879 | $taxonomies = array_keys( $post_data['terms_names'] ); |
| 1880 | |
| 1881 | foreach ( $taxonomies as $taxonomy ) { |
| 1882 | if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) ) |
| 1883 | return new IXR_Error( 401, __( 'Sorry, one of the given taxonomy is not supported by the post type.' ) ); |
| 1884 | |
| 1885 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) |
| 1886 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) ); |
| 1887 | |
| 1888 | // for hierarchical taxonomies, we can't assign a term when multiple terms in the hierarchy share the same name |
| 1889 | $ambiguous_terms = array(); |
| 1890 | if( is_taxonomy_hierarchical( $taxonomy ) ) { |
| 1891 | $tax_term_names = get_terms( $taxonomy, array( 'fields' => 'names', 'hide_empty' => false ) ); |
| 1892 | |
| 1893 | // count the number of terms with the same name |
| 1894 | $tax_term_names_count = array_count_values( $tax_term_names ); |
| 1895 | |
| 1896 | // filter out non-ambiguous term names |
| 1897 | $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, function($count){ |
| 1898 | return $count > 1; |
| 1899 | } ); |
| 1900 | |
| 1901 | $ambiguous_terms = array_keys( $ambiguous_tax_term_counts ); |
| 1902 | } |
| 1903 | |
| 1904 | $term_names = $post_data['terms_names'][$taxonomy]; |
| 1905 | foreach ( $term_names as $term_name ) { |
| 1906 | if ( in_array( $term_name, $ambiguous_terms ) ) |
| 1907 | return new IXR_Error( 401, __( 'Ambiguous term name used in a hierarhical taxonomy. Please use term ID instead.' ) ); |
| 1908 | |
| 1909 | $term = get_term_by( 'name', $term_name, $taxonomy ); |
| 1910 | |
| 1911 | if ( ! $term ) { |
| 1912 | // term doesn't exist, so check that the user is allowed to create new terms |
| 1913 | if( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->edit_terms ) ) |
| 1914 | return new IXR_Error( 401, __( 'Sorry, you are not allowed to add a term to one of the given taxonomies.' ) ); |
| 1915 | |
| 1916 | // create the new term |
| 1917 | $term_info = wp_insert_term( $term_name, $taxonomy ); |
| 1918 | if ( is_wp_error( $term_info ) ) |
| 1919 | return new IXR_Error( 500, $term_info->get_error_message() ); |
| 1920 | |
| 1921 | $terms[$taxonomy][] = (int)$term_info['term_id']; |
| 1922 | } |
| 1923 | else { |
| 1924 | $terms[$taxonomy][] = (int)$term->term_id; |
| 1925 | } |
| 1926 | } |
| 1927 | } |
| 1928 | } |
| 1929 | |
| 1930 | $post_data['tax_input'] = $terms; |
| 1931 | unset( $post_data['terms'] ); |
| 1932 | unset( $post_data['terms_names'] ); |
| 1933 | } |
| 1934 | else { |
| 1935 | // do not allow direct submission of 'tax_input', clients must use 'terms' and/or 'terms_names' |
| 1936 | unset( $post_data['tax_input'] ); |
| 1937 | } |
| 1938 | |
| 1939 | if( isset( $post_data['post_format'] ) ) { |
| 1940 | $format = set_post_format( $post_ID, $post_data['post_format'] ); |
| 1941 | |
| 1942 | if ( is_wp_error( $format ) ) |
| 1943 | return new IXR_Error( 500, $format->get_error_message() ); |
| 1944 | |
| 1945 | unset( $post_data['post_format'] ); |
| 1946 | } |
| 1947 | |
| 1948 | // Handle enclosures |
| 1949 | $enclosure = isset( $post_data['enclosure'] ) ? $post_data['enclosure'] : null; |
| 1950 | $this->add_enclosure_if_new( $post_ID, $enclosure ); |
| 1951 | |
| 1952 | $this->attach_uploads( $post_ID, $post_data['post_content'] ); |
| 1953 | |
| 1954 | $post_data = apply_filters( 'xmlrpc_wp_newPost_post_data', $post_data, $content_struct ); |
| 1955 | |
| 1956 | $post_ID = wp_insert_post( $post_data, true ); |
| 1957 | if ( is_wp_error( $post_ID ) ) |
| 1958 | return new IXR_Error( 500, $post_ID->get_error_message() ); |
| 1959 | |
| 1960 | if ( ! $post_ID ) |
| 1961 | return new IXR_Error( 401, __( 'Sorry, your entry could not be posted. Something wrong happened.' ) ); |
| 1962 | |
| 1963 | return strval( $post_ID ); |
| 1964 | } |
| 1965 | |