Make WordPress Core


Ignore:
Timestamp:
05/17/2014 03:52:11 PM (11 years ago)
Author:
wonderboymusic
Message:

Eliminate the use of extract() in wp_insert_post().

See #22400.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/post.php

    r28382 r28469  
    29242924    $postarr = sanitize_post($postarr, 'db');
    29252925
    2926     // export array as variables
    2927     extract($postarr, EXTR_SKIP);
    2928 
    29292926    // Are we updating or creating?
    29302927    $post_ID = 0;
    29312928    $update = false;
    2932     if ( ! empty( $ID ) ) {
     2929    $guid = $postarr['guid'];
     2930
     2931    if ( ! empty( $postarr['ID'] ) ) {
    29332932        $update = true;
    29342933
    29352934        // Get the post ID and GUID
    2936         $post_ID = $ID;
     2935        $post_ID = $postarr['ID'];
    29372936        $post_before = get_post( $post_ID );
    29382937        if ( is_null( $post_before ) ) {
    2939             if ( $wp_error )
     2938            if ( $wp_error ) {
    29402939                return new WP_Error( 'invalid_post', __( 'Invalid post ID.' ) );
     2940            }
    29412941            return 0;
    29422942        }
    29432943
    29442944        $guid = get_post_field( 'guid', $post_ID );
    2945         $previous_status = get_post_field('post_status', $ID);
     2945        $previous_status = get_post_field('post_status', $post_ID );
    29462946    } else {
    29472947        $previous_status = 'new';
     2948    }
     2949
     2950    $post_type = empty( $postarr['post_type'] ) ? 'post' : $postarr['post_type'];
     2951
     2952    $post_title = $postarr['post_title'];
     2953    $post_content = $postarr['post_content'];
     2954    $post_excerpt = $postarr['post_excerpt'];
     2955    if ( isset( $postarr['post_name'] ) ) {
     2956        $post_name = $postarr['post_name'];
    29482957    }
    29492958
     
    29682977     */
    29692978    if ( apply_filters( 'wp_insert_post_empty_content', $maybe_empty, $postarr ) ) {
    2970         if ( $wp_error )
     2979        if ( $wp_error ) {
    29712980            return new WP_Error( 'empty_content', __( 'Content, title, and excerpt are empty.' ) );
    2972         else
     2981        } else {
    29732982            return 0;
    2974     }
    2975 
    2976     if ( empty($post_type) )
    2977         $post_type = 'post';
    2978 
    2979     if ( empty($post_status) )
    2980         $post_status = 'draft';
    2981 
    2982     if ( !empty($post_category) )
    2983         $post_category = array_filter($post_category); // Filter out empty terms
     2983        }
     2984    }
     2985
     2986    $post_status = empty( $postarr['post_status'] ) ? 'draft' : $postarr['post_status'];
     2987
     2988    if ( ! empty( $postarr['post_category'] ) ) {
     2989        $post_category = array_filter( $postarr['post_category'] ); // Filter out empty terms
     2990    }
    29842991
    29852992    // Make sure we set a valid category.
    2986     if ( empty($post_category) || 0 == count($post_category) || !is_array($post_category) ) {
     2993    if ( empty( $post_category ) || 0 == count( $post_category ) || ! is_array( $post_category ) ) {
    29872994        // 'post' requires at least one category.
    2988         if ( 'post' == $post_type && 'auto-draft' != $post_status )
     2995        if ( 'post' == $post_type && 'auto-draft' != $post_status ) {
    29892996            $post_category = array( get_option('default_category') );
    2990         else
     2997        } else {
    29912998            $post_category = array();
    2992     }
    2993 
    2994     if ( empty($post_author) )
    2995         $post_author = $user_id;
     2999        }
     3000    }
    29963001
    29973002    // Don't allow contributors to set the post slug for pending review posts
    2998     if ( 'pending' == $post_status && !current_user_can( 'publish_posts' ) )
     3003    if ( 'pending' == $post_status && !current_user_can( 'publish_posts' ) ) {
    29993004        $post_name = '';
     3005    }
    30003006
    30013007    // Create a valid post name. Drafts and pending posts are allowed to have an empty
    30023008    // post name.
    30033009    if ( empty($post_name) ) {
    3004         if ( !in_array( $post_status, array( 'draft', 'pending', 'auto-draft' ) ) )
     3010        if ( !in_array( $post_status, array( 'draft', 'pending', 'auto-draft' ) ) ) {
    30053011            $post_name = sanitize_title($post_title);
    3006         else
     3012        } else {
    30073013            $post_name = '';
     3014        }
    30083015    } else {
    30093016        // On updates, we need to check to see if it's using the old, fixed sanitization context.
    30103017        $check_name = sanitize_title( $post_name, '', 'old-save' );
    3011         if ( $update && strtolower( urlencode( $post_name ) ) == $check_name && get_post_field( 'post_name', $ID ) == $check_name )
     3018        if ( $update && strtolower( urlencode( $post_name ) ) == $check_name && get_post_field( 'post_name', $post_ID ) == $check_name ) {
    30123019            $post_name = $check_name;
    3013         else // new post, or slug has changed.
     3020        } else { // new post, or slug has changed.
    30143021            $post_name = sanitize_title($post_name);
     3022        }
    30153023    }
    30163024
    30173025    // If the post date is empty (due to having been new or a draft) and status is not 'draft' or 'pending', set date to now
    3018     if ( empty($post_date) || '0000-00-00 00:00:00' == $post_date )
    3019         $post_date = current_time('mysql');
    3020 
    3021         // validate the date
    3022         $mm = substr( $post_date, 5, 2 );
    3023         $jj = substr( $post_date, 8, 2 );
    3024         $aa = substr( $post_date, 0, 4 );
    3025         $valid_date = wp_checkdate( $mm, $jj, $aa, $post_date );
    3026         if ( !$valid_date ) {
    3027             if ( $wp_error )
    3028                 return new WP_Error( 'invalid_date', __( 'Whoops, the provided date is invalid.' ) );
    3029             else
    3030                 return 0;
    3031         }
    3032 
    3033     if ( empty($post_date_gmt) || '0000-00-00 00:00:00' == $post_date_gmt ) {
    3034         if ( !in_array( $post_status, array( 'draft', 'pending', 'auto-draft' ) ) )
    3035             $post_date_gmt = get_gmt_from_date($post_date);
    3036         else
     3026    if ( empty( $postarr['post_date'] ) || '0000-00-00 00:00:00' == $postarr['post_date'] ) {
     3027        $post_date = current_time( 'mysql' );
     3028    } else {
     3029        $post_date = $postarr['post_date'];
     3030    }
     3031
     3032    // validate the date
     3033    $mm = substr( $post_date, 5, 2 );
     3034    $jj = substr( $post_date, 8, 2 );
     3035    $aa = substr( $post_date, 0, 4 );
     3036    $valid_date = wp_checkdate( $mm, $jj, $aa, $post_date );
     3037    if ( ! $valid_date ) {
     3038        if ( $wp_error ) {
     3039            return new WP_Error( 'invalid_date', __( 'Whoops, the provided date is invalid.' ) );
     3040        } else {
     3041            return 0;
     3042        }
     3043    }
     3044
     3045    if ( empty( $postarr['post_date_gmt'] ) || '0000-00-00 00:00:00' == $postarr['post_date_gmt'] ) {
     3046        if ( ! in_array( $post_status, array( 'draft', 'pending', 'auto-draft' ) ) ) {
     3047            $post_date_gmt = get_gmt_from_date( $post_date );
     3048        } else {
    30373049            $post_date_gmt = '0000-00-00 00:00:00';
     3050        }
     3051    } else {
     3052        $post_date_gmt = $postarr['post_date_gmt'];
    30383053    }
    30393054
     
    30483063    if ( 'publish' == $post_status ) {
    30493064        $now = gmdate('Y-m-d H:i:59');
    3050         if ( mysql2date('U', $post_date_gmt, false) > mysql2date('U', $now, false) )
     3065        if ( mysql2date('U', $post_date_gmt, false) > mysql2date('U', $now, false) ) {
    30513066            $post_status = 'future';
     3067        }
    30523068    } elseif( 'future' == $post_status ) {
    30533069        $now = gmdate('Y-m-d H:i:59');
    3054         if ( mysql2date('U', $post_date_gmt, false) <= mysql2date('U', $now, false) )
     3070        if ( mysql2date('U', $post_date_gmt, false) <= mysql2date('U', $now, false) ) {
    30553071            $post_status = 'publish';
    3056     }
    3057 
    3058     if ( empty($comment_status) ) {
    3059         if ( $update )
     3072        }
     3073    }
     3074
     3075    if ( empty( $postarr['comment_status'] ) ) {
     3076        if ( $update ) {
    30603077            $comment_status = 'closed';
    3061         else
     3078        } else {
    30623079            $comment_status = get_option('default_comment_status');
    3063     }
    3064     if ( empty($ping_status) )
    3065         $ping_status = get_option('default_ping_status');
    3066 
    3067     if ( isset($to_ping) )
    3068         $to_ping = sanitize_trackback_urls( $to_ping );
    3069     else
    3070         $to_ping = '';
    3071 
    3072     if ( ! isset($pinged) )
    3073         $pinged = '';
    3074 
    3075     if ( isset($post_parent) )
    3076         $post_parent = (int) $post_parent;
    3077     else
     3080        }
     3081    } else {
     3082        $comment_status = $postarr['comment_status'];
     3083    }
     3084
     3085    // these variables are needed by compact() later
     3086    $post_content_filtered = $postarr['post_content_filtered'];
     3087    $post_author = empty( $postarr['post_author'] ) ? $user_id : $postarr['post_author'];
     3088    $ping_status = empty( $postarr['ping_status'] ) ? get_option( 'default_ping_status' ) : $postarr['ping_status'];
     3089    $to_ping = isset( $postarr['to_ping'] ) ? sanitize_trackback_urls( $postarr['to_ping'] ) : '';
     3090    $pinged = isset( $postarr['pinged'] ) ? $postarr['pinged'] : '';
     3091    $import_id = isset( $postarr['import_id'] ) ? $postarr['import_id'] : 0;
     3092
     3093    // The 'wp_insert_post_parent' filter expects all variables to be present.
     3094    // Previously, these variables would have already been extracted
     3095    if ( isset( $postarr['menu_order'] ) ) {
     3096        $menu_order = (int) $postarr['menu_order'];
     3097    } else {
     3098        $menu_order = 0;
     3099    }
     3100
     3101    $post_password = isset( $postarr['post_password'] ) ? $postarr['post_password'] : '';
     3102    if ( 'private' == $post_status ) {
     3103        $post_password = '';
     3104    }
     3105
     3106    if ( isset( $postarr['post_parent'] ) ) {
     3107        $post_parent = (int) $postarr['post_parent'];
     3108    } else {
    30783109        $post_parent = 0;
     3110    }
    30793111
    30803112    /**
     
    30903122    $post_parent = apply_filters( 'wp_insert_post_parent', $post_parent, $post_ID, compact( array_keys( $postarr ) ), $postarr );
    30913123
    3092     if ( isset($menu_order) )
    3093         $menu_order = (int) $menu_order;
    3094     else
    3095         $menu_order = 0;
    3096 
    3097     if ( !isset($post_password) || 'private' == $post_status )
    3098         $post_password = '';
    3099 
    3100     $post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
     3124    $post_name = wp_unique_post_slug( $post_name, $post_ID, $post_status, $post_type, $post_parent );
    31013125
    31023126    // expected_slashed (everything!)
    3103     $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'guid' ) );
     3127    $data = compact( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'guid' );
    31043128
    31053129    /**
     
    31263150        do_action( 'pre_post_update', $post_ID, $data );
    31273151        if ( false === $wpdb->update( $wpdb->posts, $data, $where ) ) {
    3128             if ( $wp_error )
     3152            if ( $wp_error ) {
    31293153                return new WP_Error('db_update_error', __('Could not update post in the database'), $wpdb->last_error);
    3130             else
     3154            } else {
    31313155                return 0;
     3156            }
    31323157        }
    31333158    } else {
    3134         if ( isset($post_mime_type) )
    3135             $data['post_mime_type'] = wp_unslash( $post_mime_type ); // This isn't in the update
     3159        if ( isset( $postarr['post_mime_type'] ) ) {
     3160            $data['post_mime_type'] = wp_unslash( $postarr['post_mime_type'] ); // This isn't in the update
     3161        }
    31363162        // If there is a suggested ID, use it if not already present
    3137         if ( !empty($import_id) ) {
     3163        if ( ! empty( $import_id ) ) {
    31383164            $import_id = (int) $import_id;
    31393165            if ( ! $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE ID = %d", $import_id) ) ) {
     
    31423168        }
    31433169        if ( false === $wpdb->insert( $wpdb->posts, $data ) ) {
    3144             if ( $wp_error )
     3170            if ( $wp_error ) {
    31453171                return new WP_Error('db_insert_error', __('Could not insert post into the database'), $wpdb->last_error);
    3146             else
     3172            } else {
    31473173                return 0;
     3174            }
    31483175        }
    31493176        $post_ID = (int) $wpdb->insert_id;
     
    31583185    }
    31593186
    3160     if ( is_object_in_taxonomy($post_type, 'category') )
     3187    if ( is_object_in_taxonomy( $post_type, 'category' ) ) {
    31613188        wp_set_post_categories( $post_ID, $post_category );
    3162 
    3163     if ( isset( $tags_input ) && is_object_in_taxonomy($post_type, 'post_tag') )
    3164         wp_set_post_tags( $post_ID, $tags_input );
     3189    }
     3190
     3191    if ( isset( $postarr['tags_input'] ) && is_object_in_taxonomy( $post_type, 'post_tag' ) ) {
     3192        wp_set_post_tags( $post_ID, $postarr['tags_input'] );
     3193    }
    31653194
    31663195    // new-style support for all custom taxonomies
    3167     if ( !empty($tax_input) ) {
    3168         foreach ( $tax_input as $taxonomy => $tags ) {
     3196    if ( ! empty( $postarr['tax_input'] ) ) {
     3197        foreach ( $postarr['tax_input'] as $taxonomy => $tags ) {
    31693198            $taxonomy_obj = get_taxonomy($taxonomy);
    3170             if ( is_array($tags) ) // array = hierarchical, string = non-hierarchical.
     3199            if ( is_array( $tags ) ) { // array = hierarchical, string = non-hierarchical.
    31713200                $tags = array_filter($tags);
    3172             if ( current_user_can($taxonomy_obj->cap->assign_terms) )
     3201            }
     3202            if ( current_user_can( $taxonomy_obj->cap->assign_terms ) ) {
    31733203                wp_set_post_terms( $post_ID, $tags, $taxonomy );
     3204            }
    31743205        }
    31753206    }
     
    31783209
    31793210    // Set GUID
    3180     if ( !$update && '' == $current_guid )
     3211    if ( ! $update && '' == $current_guid ) {
    31813212        $wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post_ID ) ), $where );
    3182 
     3213    }
    31833214    clean_post_cache( $post_ID );
    31843215
    3185     $post = get_post($post_ID);
    3186 
    3187     if ( !empty($page_template) && 'page' == $data['post_type'] ) {
    3188         $post->page_template = $page_template;
     3216    $post = get_post( $post_ID );
     3217
     3218    if ( ! empty( $postarr['page_template'] ) && 'page' == $data['post_type'] ) {
     3219        $post->page_template = $postarr['page_template'];
    31893220        $page_templates = wp_get_theme()->get_page_templates( $post );
    3190         if ( 'default' != $page_template && ! isset( $page_templates[ $page_template ] ) ) {
    3191             if ( $wp_error )
     3221        if ( 'default' != $postarr['page_template'] && ! isset( $page_templates[ $postarr['page_template'] ] ) ) {
     3222            if ( $wp_error ) {
    31923223                return new WP_Error('invalid_page_template', __('The page template is invalid.'));
    3193             else
     3224            } else {
    31943225                return 0;
    3195         }
    3196         update_post_meta($post_ID, '_wp_page_template',  $page_template);
     3226            }
     3227        }
     3228        update_post_meta( $post_ID, '_wp_page_template', $postarr['page_template'] );
    31973229    }
    31983230
Note: See TracChangeset for help on using the changeset viewer.