| | 3904 | /** |
| | 3905 | * Sideload a remote file. |
| | 3906 | * |
| | 3907 | * Useful for hosts with small MAX_POST_SIZE configurations. |
| | 3908 | * |
| | 3909 | * @since 4.0.0 |
| | 3910 | * |
| | 3911 | * @param array $args Method parameters. |
| | 3912 | * @return array |
| | 3913 | */ |
| | 3914 | function wp_sideloadFile( $args ) { |
| | 3915 | $blog_ID = (int) $args[0]; |
| | 3916 | $username = $this->escape( $args[1] ); |
| | 3917 | $password = $this->escape( $args[2] ); |
| | 3918 | $data = $args[3]; |
| | 3919 | |
| | 3920 | $url = esc_url_raw( $data['url'] ); |
| | 3921 | $md5 = isset( $data['md5'] ) ? $data['md5'] : null; |
| | 3922 | $post_id = isset( $data['post_id'] ) ? (int) $data['post_id'] : 0; |
| | 3923 | $desc = isset( $data['desc'] ) ? $data['desc'] : null; |
| | 3924 | // @todo: Add overwrite handling? |
| | 3925 | |
| | 3926 | if ( ! $user = $this->login( $username, $password ) ) { |
| | 3927 | return $this->error; |
| | 3928 | } |
| | 3929 | |
| | 3930 | /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ |
| | 3931 | do_action( 'xmlrpc_call', 'wp.sideloadMediaObject' ); |
| | 3932 | |
| | 3933 | if ( ! current_user_can( 'upload_files' ) ) { |
| | 3934 | $this->error = new IXR_Error( 401, __( 'You do not have permission to upload files.' ) ); |
| | 3935 | return $this->error; |
| | 3936 | } |
| | 3937 | |
| | 3938 | if ( empty( $url ) ) { |
| | 3939 | $this->error = new IXR_Error( 400, __( 'Missing URL.' ) ); |
| | 3940 | return $this->error; |
| | 3941 | } |
| | 3942 | |
| | 3943 | // Set variables for storage |
| | 3944 | // fix file filename for query strings |
| | 3945 | $file_array['name'] = basename( parse_url( $url, PHP_URL_PATH ) ); |
| | 3946 | |
| | 3947 | if ( ! $file_array['name'] ) { |
| | 3948 | $this->error = new IXR_Error( 400, __( 'Could not parse filename from url.' ) ); |
| | 3949 | return $this->error; |
| | 3950 | } |
| | 3951 | |
| | 3952 | // Download file to temp location |
| | 3953 | $file_array['tmp_name'] = download_url( $url ); |
| | 3954 | |
| | 3955 | // If error storing temporarily, return an error. |
| | 3956 | if ( is_wp_error( $file_array['tmp_name'] ) ) { |
| | 3957 | $this->error = new IXR_Error( 400, __( 'Could not download file.' ) ); |
| | 3958 | return $this->error; |
| | 3959 | } |
| | 3960 | |
| | 3961 | if ( $md5 && md5_file( $file_array['tmp_name'] ) !== $md5 ) { |
| | 3962 | @unlink( $file_array['tmp_name'] ); |
| | 3963 | $this->error = new IXR_Error( 400, __( 'File did not match md5 hash.' ) ); |
| | 3964 | return $this->error; |
| | 3965 | } |
| | 3966 | |
| | 3967 | // do the validation and storage stuff |
| | 3968 | $id = media_handle_sideload( $file_array, $post_id, $desc ); |
| | 3969 | |
| | 3970 | // If error storing permanently, unlink |
| | 3971 | if ( is_wp_error( $id ) ) { |
| | 3972 | @unlink( $file_array['tmp_name'] ); |
| | 3973 | $this->error = new IXR_Error( 400, __( 'Could not handle the sideload.' ) ); |
| | 3974 | return $this->error; |
| | 3975 | } |
| | 3976 | |
| | 3977 | $struct = array( |
| | 3978 | 'id' => $id, |
| | 3979 | 'url' => wp_get_attachment_url( $id ), |
| | 3980 | ); |
| | 3981 | |
| | 3982 | return $struct; |
| | 3983 | } |
| | 3984 | |