Changeset 42343 for trunk/src/wp-includes/class-wp-xmlrpc-server.php
- Timestamp:
- 11/30/2017 11:09:33 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/class-wp-xmlrpc-server.php
r42201 r42343 62 62 $this->methods = array( 63 63 // WordPress API 64 'wp.getUsersBlogs' 65 'wp.newPost' 66 'wp.editPost' 67 'wp.deletePost' 68 'wp.getPost' 69 'wp.getPosts' 70 'wp.newTerm' 71 'wp.editTerm' 72 'wp.deleteTerm' 73 'wp.getTerm' 74 'wp.getTerms' 75 'wp.getTaxonomy' 76 'wp.getTaxonomies' 77 'wp.getUser' 78 'wp.getUsers' 79 'wp.getProfile' 80 'wp.editProfile' 81 'wp.getPage' 82 'wp.getPages' 83 'wp.newPage' 84 'wp.deletePage' 85 'wp.editPage' 86 'wp.getPageList' 87 'wp.getAuthors' 88 'wp.getCategories' => 'this:mw_getCategories',// Alias89 'wp.getTags' 90 'wp.newCategory' 91 'wp.deleteCategory' 92 'wp.suggestCategories' 93 'wp.uploadFile' => 'this:mw_newMediaObject',// Alias94 'wp.deleteFile' => 'this:wp_deletePost',// Alias95 'wp.getCommentCount' 96 'wp.getPostStatusList' 97 'wp.getPageStatusList' 98 'wp.getPageTemplates' 99 'wp.getOptions' 100 'wp.setOptions' 101 'wp.getComment' 102 'wp.getComments' 103 'wp.deleteComment' 104 'wp.editComment' 105 'wp.newComment' 106 'wp.getCommentStatusList' => 'this:wp_getCommentStatusList',107 'wp.getMediaItem' 108 'wp.getMediaLibrary' 109 'wp.getPostFormats' => 'this:wp_getPostFormats',110 'wp.getPostType' 111 'wp.getPostTypes' 112 'wp.getRevisions' 113 'wp.restoreRevision' 64 'wp.getUsersBlogs' => 'this:wp_getUsersBlogs', 65 'wp.newPost' => 'this:wp_newPost', 66 'wp.editPost' => 'this:wp_editPost', 67 'wp.deletePost' => 'this:wp_deletePost', 68 'wp.getPost' => 'this:wp_getPost', 69 'wp.getPosts' => 'this:wp_getPosts', 70 'wp.newTerm' => 'this:wp_newTerm', 71 'wp.editTerm' => 'this:wp_editTerm', 72 'wp.deleteTerm' => 'this:wp_deleteTerm', 73 'wp.getTerm' => 'this:wp_getTerm', 74 'wp.getTerms' => 'this:wp_getTerms', 75 'wp.getTaxonomy' => 'this:wp_getTaxonomy', 76 'wp.getTaxonomies' => 'this:wp_getTaxonomies', 77 'wp.getUser' => 'this:wp_getUser', 78 'wp.getUsers' => 'this:wp_getUsers', 79 'wp.getProfile' => 'this:wp_getProfile', 80 'wp.editProfile' => 'this:wp_editProfile', 81 'wp.getPage' => 'this:wp_getPage', 82 'wp.getPages' => 'this:wp_getPages', 83 'wp.newPage' => 'this:wp_newPage', 84 'wp.deletePage' => 'this:wp_deletePage', 85 'wp.editPage' => 'this:wp_editPage', 86 'wp.getPageList' => 'this:wp_getPageList', 87 'wp.getAuthors' => 'this:wp_getAuthors', 88 'wp.getCategories' => 'this:mw_getCategories', // Alias 89 'wp.getTags' => 'this:wp_getTags', 90 'wp.newCategory' => 'this:wp_newCategory', 91 'wp.deleteCategory' => 'this:wp_deleteCategory', 92 'wp.suggestCategories' => 'this:wp_suggestCategories', 93 'wp.uploadFile' => 'this:mw_newMediaObject', // Alias 94 'wp.deleteFile' => 'this:wp_deletePost', // Alias 95 'wp.getCommentCount' => 'this:wp_getCommentCount', 96 'wp.getPostStatusList' => 'this:wp_getPostStatusList', 97 'wp.getPageStatusList' => 'this:wp_getPageStatusList', 98 'wp.getPageTemplates' => 'this:wp_getPageTemplates', 99 'wp.getOptions' => 'this:wp_getOptions', 100 'wp.setOptions' => 'this:wp_setOptions', 101 'wp.getComment' => 'this:wp_getComment', 102 'wp.getComments' => 'this:wp_getComments', 103 'wp.deleteComment' => 'this:wp_deleteComment', 104 'wp.editComment' => 'this:wp_editComment', 105 'wp.newComment' => 'this:wp_newComment', 106 'wp.getCommentStatusList' => 'this:wp_getCommentStatusList', 107 'wp.getMediaItem' => 'this:wp_getMediaItem', 108 'wp.getMediaLibrary' => 'this:wp_getMediaLibrary', 109 'wp.getPostFormats' => 'this:wp_getPostFormats', 110 'wp.getPostType' => 'this:wp_getPostType', 111 'wp.getPostTypes' => 'this:wp_getPostTypes', 112 'wp.getRevisions' => 'this:wp_getRevisions', 113 'wp.restoreRevision' => 'this:wp_restoreRevision', 114 114 115 115 // Blogger API 116 'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs',117 'blogger.getUserInfo' => 'this:blogger_getUserInfo',118 'blogger.getPost' => 'this:blogger_getPost',119 'blogger.getRecentPosts' => 'this:blogger_getRecentPosts',120 'blogger.newPost' => 'this:blogger_newPost',121 'blogger.editPost' => 'this:blogger_editPost',122 'blogger.deletePost' => 'this:blogger_deletePost',116 'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs', 117 'blogger.getUserInfo' => 'this:blogger_getUserInfo', 118 'blogger.getPost' => 'this:blogger_getPost', 119 'blogger.getRecentPosts' => 'this:blogger_getRecentPosts', 120 'blogger.newPost' => 'this:blogger_newPost', 121 'blogger.editPost' => 'this:blogger_editPost', 122 'blogger.deletePost' => 'this:blogger_deletePost', 123 123 124 124 // MetaWeblog API (with MT extensions to structs) 125 'metaWeblog.newPost' => 'this:mw_newPost',126 'metaWeblog.editPost' => 'this:mw_editPost',127 'metaWeblog.getPost' => 'this:mw_getPost',128 'metaWeblog.getRecentPosts' => 'this:mw_getRecentPosts',129 'metaWeblog.getCategories' => 'this:mw_getCategories',130 'metaWeblog.newMediaObject' => 'this:mw_newMediaObject',125 'metaWeblog.newPost' => 'this:mw_newPost', 126 'metaWeblog.editPost' => 'this:mw_editPost', 127 'metaWeblog.getPost' => 'this:mw_getPost', 128 'metaWeblog.getRecentPosts' => 'this:mw_getRecentPosts', 129 'metaWeblog.getCategories' => 'this:mw_getCategories', 130 'metaWeblog.newMediaObject' => 'this:mw_newMediaObject', 131 131 132 132 // MetaWeblog API aliases for Blogger API 133 133 // see http://www.xmlrpc.com/stories/storyReader$2460 134 'metaWeblog.deletePost' => 'this:blogger_deletePost',135 'metaWeblog.getUsersBlogs' => 'this:blogger_getUsersBlogs',134 'metaWeblog.deletePost' => 'this:blogger_deletePost', 135 'metaWeblog.getUsersBlogs' => 'this:blogger_getUsersBlogs', 136 136 137 137 // MovableType API 138 'mt.getCategoryList' => 'this:mt_getCategoryList',139 'mt.getRecentPostTitles' => 'this:mt_getRecentPostTitles',140 'mt.getPostCategories' => 'this:mt_getPostCategories',141 'mt.setPostCategories' => 'this:mt_setPostCategories',142 'mt.supportedMethods' => 'this:mt_supportedMethods',143 'mt.supportedTextFilters' => 'this:mt_supportedTextFilters',144 'mt.getTrackbackPings' => 'this:mt_getTrackbackPings',145 'mt.publishPost' => 'this:mt_publishPost',138 'mt.getCategoryList' => 'this:mt_getCategoryList', 139 'mt.getRecentPostTitles' => 'this:mt_getRecentPostTitles', 140 'mt.getPostCategories' => 'this:mt_getPostCategories', 141 'mt.setPostCategories' => 'this:mt_setPostCategories', 142 'mt.supportedMethods' => 'this:mt_supportedMethods', 143 'mt.supportedTextFilters' => 'this:mt_supportedTextFilters', 144 'mt.getTrackbackPings' => 'this:mt_getTrackbackPings', 145 'mt.publishPost' => 'this:mt_publishPost', 146 146 147 147 // PingBack 148 'pingback.ping' => 'this:pingback_ping',148 'pingback.ping' => 'this:pingback_ping', 149 149 'pingback.extensions.getPingbacks' => 'this:pingback_extensions_getPingbacks', 150 150 151 'demo.sayHello' => 'this:sayHello',152 'demo.addTwoNumbers' => 'this:addTwoNumbers'151 'demo.sayHello' => 'this:sayHello', 152 'demo.addTwoNumbers' => 'this:addTwoNumbers', 153 153 ); 154 154 … … 189 189 */ 190 190 public function serve_request() { 191 $this->IXR_Server( $this->methods);191 $this->IXR_Server( $this->methods ); 192 192 } 193 193 … … 323 323 */ 324 324 public function escape( &$data ) { 325 if ( ! is_array( $data ) ) 325 if ( ! is_array( $data ) ) { 326 326 return wp_slash( $data ); 327 } 327 328 328 329 foreach ( $data as &$v ) { 329 if ( is_array( $v ) ) 330 if ( is_array( $v ) ) { 330 331 $this->escape( $v ); 331 elseif ( ! is_object( $v ) )332 } elseif ( ! is_object( $v ) ) { 332 333 $v = wp_slash( $v ); 334 } 333 335 } 334 336 } … … 342 344 * @return array Custom fields, if exist. 343 345 */ 344 public function get_custom_fields( $post_id) {346 public function get_custom_fields( $post_id ) { 345 347 $post_id = (int) $post_id; 346 348 347 349 $custom_fields = array(); 348 350 349 foreach ( (array) has_meta( $post_id) as $meta ) {351 foreach ( (array) has_meta( $post_id ) as $meta ) { 350 352 // Don't expose protected fields. 351 if ( ! current_user_can( 'edit_post_meta', $post_id , $meta['meta_key'] ) )353 if ( ! current_user_can( 'edit_post_meta', $post_id, $meta['meta_key'] ) ) { 352 354 continue; 355 } 353 356 354 357 $custom_fields[] = array( 355 "id"=> $meta['meta_id'],356 "key"=> $meta['meta_key'],357 "value" => $meta['meta_value']358 'id' => $meta['meta_id'], 359 'key' => $meta['meta_key'], 360 'value' => $meta['meta_value'], 358 361 ); 359 362 } … … 370 373 * @param array $fields Custom fields. 371 374 */ 372 public function set_custom_fields( $post_id, $fields) {375 public function set_custom_fields( $post_id, $fields ) { 373 376 $post_id = (int) $post_id; 374 377 375 378 foreach ( (array) $fields as $meta ) { 376 if ( isset( $meta['id']) ) {379 if ( isset( $meta['id'] ) ) { 377 380 $meta['id'] = (int) $meta['id']; 378 $pmeta = get_metadata_by_mid( 'post', $meta['id'] );381 $pmeta = get_metadata_by_mid( 'post', $meta['id'] ); 379 382 380 383 if ( ! $pmeta || $pmeta->post_id != $post_id ) { … … 382 385 } 383 386 384 if ( isset( $meta['key']) ) {387 if ( isset( $meta['key'] ) ) { 385 388 $meta['key'] = wp_unslash( $meta['key'] ); 386 if ( $meta['key'] !== $pmeta->meta_key ) 389 if ( $meta['key'] !== $pmeta->meta_key ) { 387 390 continue; 391 } 388 392 $meta['value'] = wp_unslash( $meta['value'] ); 389 if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) ) 393 if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) ) { 390 394 update_metadata_by_mid( 'post', $meta['id'], $meta['value'] ); 395 } 391 396 } elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) { 392 397 delete_metadata_by_mid( 'post', $meta['id'] ); … … 441 446 if ( isset( $meta['id'] ) ) { 442 447 $meta['id'] = (int) $meta['id']; 443 $pmeta = get_metadata_by_mid( 'term', $meta['id'] );448 $pmeta = get_metadata_by_mid( 'term', $meta['id'] ); 444 449 if ( isset( $meta['key'] ) ) { 445 450 $meta['key'] = wp_unslash( $meta['key'] ); … … 470 475 $this->blog_options = array( 471 476 // Read only options 472 'software_name' => array(473 'desc' 474 'readonly' 475 'value' => 'WordPress'477 'software_name' => array( 478 'desc' => __( 'Software Name' ), 479 'readonly' => true, 480 'value' => 'WordPress', 476 481 ), 477 'software_version' => array(478 'desc' 479 'readonly' 480 'value' => get_bloginfo( 'version' )482 'software_version' => array( 483 'desc' => __( 'Software Version' ), 484 'readonly' => true, 485 'value' => get_bloginfo( 'version' ), 481 486 ), 482 'blog_url' => array(483 'desc' 484 'readonly' 485 'option' => 'siteurl'487 'blog_url' => array( 488 'desc' => __( 'WordPress Address (URL)' ), 489 'readonly' => true, 490 'option' => 'siteurl', 486 491 ), 487 'home_url' => array(488 'desc' 489 'readonly' 490 'option' => 'home'492 'home_url' => array( 493 'desc' => __( 'Site Address (URL)' ), 494 'readonly' => true, 495 'option' => 'home', 491 496 ), 492 'login_url' => array(493 'desc' 494 'readonly' 495 'value' => wp_login_url( )497 'login_url' => array( 498 'desc' => __( 'Login Address (URL)' ), 499 'readonly' => true, 500 'value' => wp_login_url(), 496 501 ), 497 'admin_url' => array(498 'desc' 499 'readonly' 500 'value' => get_admin_url( )502 'admin_url' => array( 503 'desc' => __( 'The URL to the admin area' ), 504 'readonly' => true, 505 'value' => get_admin_url(), 501 506 ), 502 507 'image_default_link_type' => array( 503 'desc' 504 'readonly' 505 'option' => 'image_default_link_type'508 'desc' => __( 'Image default link type' ), 509 'readonly' => true, 510 'option' => 'image_default_link_type', 506 511 ), 507 'image_default_size' => array(508 'desc' 509 'readonly' 510 'option' => 'image_default_size'512 'image_default_size' => array( 513 'desc' => __( 'Image default size' ), 514 'readonly' => true, 515 'option' => 'image_default_size', 511 516 ), 512 'image_default_align' => array(513 'desc' 514 'readonly' 515 'option' => 'image_default_align'517 'image_default_align' => array( 518 'desc' => __( 'Image default align' ), 519 'readonly' => true, 520 'option' => 'image_default_align', 516 521 ), 517 'template' => array(518 'desc' 519 'readonly' 520 'option' => 'template'522 'template' => array( 523 'desc' => __( 'Template' ), 524 'readonly' => true, 525 'option' => 'template', 521 526 ), 522 'stylesheet' => array(523 'desc' 524 'readonly' 525 'option' => 'stylesheet'527 'stylesheet' => array( 528 'desc' => __( 'Stylesheet' ), 529 'readonly' => true, 530 'option' => 'stylesheet', 526 531 ), 527 'post_thumbnail' => array(528 'desc' => __('Post Thumbnail'),529 'readonly' 530 'value' => current_theme_supports( 'post-thumbnails' )532 'post_thumbnail' => array( 533 'desc' => __( 'Post Thumbnail' ), 534 'readonly' => true, 535 'value' => current_theme_supports( 'post-thumbnails' ), 531 536 ), 532 537 533 538 // Updatable options 534 'time_zone' => array(535 'desc' 536 'readonly' 537 'option' => 'gmt_offset'539 'time_zone' => array( 540 'desc' => __( 'Time Zone' ), 541 'readonly' => false, 542 'option' => 'gmt_offset', 538 543 ), 539 'blog_title' => array(540 'desc' 541 'readonly' 542 'option' => 'blogname'544 'blog_title' => array( 545 'desc' => __( 'Site Title' ), 546 'readonly' => false, 547 'option' => 'blogname', 543 548 ), 544 'blog_tagline' => array(545 'desc' 546 'readonly' 547 'option' => 'blogdescription'549 'blog_tagline' => array( 550 'desc' => __( 'Site Tagline' ), 551 'readonly' => false, 552 'option' => 'blogdescription', 548 553 ), 549 'date_format' => array(550 'desc' 551 'readonly' 552 'option' => 'date_format'554 'date_format' => array( 555 'desc' => __( 'Date Format' ), 556 'readonly' => false, 557 'option' => 'date_format', 553 558 ), 554 'time_format' => array(555 'desc' 556 'readonly' 557 'option' => 'time_format'559 'time_format' => array( 560 'desc' => __( 'Time Format' ), 561 'readonly' => false, 562 'option' => 'time_format', 558 563 ), 559 'users_can_register' => array(560 'desc' 561 'readonly' 562 'option' => 'users_can_register'564 'users_can_register' => array( 565 'desc' => __( 'Allow new users to sign up' ), 566 'readonly' => false, 567 'option' => 'users_can_register', 563 568 ), 564 'thumbnail_size_w' => array(565 'desc' 566 'readonly' 567 'option' => 'thumbnail_size_w'569 'thumbnail_size_w' => array( 570 'desc' => __( 'Thumbnail Width' ), 571 'readonly' => false, 572 'option' => 'thumbnail_size_w', 568 573 ), 569 'thumbnail_size_h' => array(570 'desc' 571 'readonly' 572 'option' => 'thumbnail_size_h'574 'thumbnail_size_h' => array( 575 'desc' => __( 'Thumbnail Height' ), 576 'readonly' => false, 577 'option' => 'thumbnail_size_h', 573 578 ), 574 'thumbnail_crop' => array(575 'desc' 576 'readonly' 577 'option' => 'thumbnail_crop'579 'thumbnail_crop' => array( 580 'desc' => __( 'Crop thumbnail to exact dimensions' ), 581 'readonly' => false, 582 'option' => 'thumbnail_crop', 578 583 ), 579 'medium_size_w' => array(580 'desc' 581 'readonly' 582 'option' => 'medium_size_w'584 'medium_size_w' => array( 585 'desc' => __( 'Medium size image width' ), 586 'readonly' => false, 587 'option' => 'medium_size_w', 583 588 ), 584 'medium_size_h' => array(585 'desc' 586 'readonly' 587 'option' => 'medium_size_h'589 'medium_size_h' => array( 590 'desc' => __( 'Medium size image height' ), 591 'readonly' => false, 592 'option' => 'medium_size_h', 588 593 ), 589 'medium_large_size_w' => array(590 'desc' 591 'readonly' 592 'option' => 'medium_large_size_w'594 'medium_large_size_w' => array( 595 'desc' => __( 'Medium-Large size image width' ), 596 'readonly' => false, 597 'option' => 'medium_large_size_w', 593 598 ), 594 'medium_large_size_h' => array(595 'desc' 596 'readonly' 597 'option' => 'medium_large_size_h'599 'medium_large_size_h' => array( 600 'desc' => __( 'Medium-Large size image height' ), 601 'readonly' => false, 602 'option' => 'medium_large_size_h', 598 603 ), 599 'large_size_w' => array(600 'desc' 601 'readonly' 602 'option' => 'large_size_w'604 'large_size_w' => array( 605 'desc' => __( 'Large size image width' ), 606 'readonly' => false, 607 'option' => 'large_size_w', 603 608 ), 604 'large_size_h' => array(605 'desc' 606 'readonly' 607 'option' => 'large_size_h'609 'large_size_h' => array( 610 'desc' => __( 'Large size image height' ), 611 'readonly' => false, 612 'option' => 'large_size_h', 608 613 ), 609 'default_comment_status' => array(610 'desc' 611 'readonly' 612 'option' => 'default_comment_status'614 'default_comment_status' => array( 615 'desc' => __( 'Allow people to post comments on new articles' ), 616 'readonly' => false, 617 'option' => 'default_comment_status', 613 618 ), 614 'default_ping_status' => array(615 'desc' 616 'readonly' 617 'option' => 'default_ping_status'618 ) 619 'default_ping_status' => array( 620 'desc' => __( 'Allow link notifications from other blogs (pingbacks and trackbacks) on new articles' ), 621 'readonly' => false, 622 'option' => 'default_ping_status', 623 ), 619 624 ); 620 625 … … 654 659 655 660 // If this isn't on WPMU then just use blogger_getUsersBlogs 656 if ( ! is_multisite() ) {661 if ( ! is_multisite() ) { 657 662 array_unshift( $args, 1 ); 658 663 return $this->blogger_getUsersBlogs( $args ); … … 664 669 $password = $args[1]; 665 670 666 if ( !$user = $this->login($username, $password) ) 667 return $this->error; 671 if ( ! $user = $this->login( $username, $password ) ) { 672 return $this->error; 673 } 668 674 669 675 /** … … 680 686 do_action( 'xmlrpc_call', 'wp.getUsersBlogs' ); 681 687 682 $blogs = (array) get_blogs_of_user( $user->ID );683 $struct = array();688 $blogs = (array) get_blogs_of_user( $user->ID ); 689 $struct = array(); 684 690 $primary_blog_id = 0; 685 $active_blog = get_active_blog_for_user( $user->ID );691 $active_blog = get_active_blog_for_user( $user->ID ); 686 692 if ( $active_blog ) { 687 693 $primary_blog_id = (int) $active_blog->blog_id; … … 690 696 foreach ( $blogs as $blog ) { 691 697 // Don't include blogs that aren't hosted at this site. 692 if ( $blog->site_id != get_current_network_id() ) 698 if ( $blog->site_id != get_current_network_id() ) { 693 699 continue; 700 } 694 701 695 702 $blog_id = $blog->userblog_id; … … 697 704 switch_to_blog( $blog_id ); 698 705 699 $is_admin = current_user_can( 'manage_options' );706 $is_admin = current_user_can( 'manage_options' ); 700 707 $is_primary = ( (int) $blog_id === $primary_blog_id ); 701 708 … … 736 743 * Prepares taxonomy data for return in an XML-RPC object. 737 744 * 738 *739 745 * @param object $taxonomy The unprepared taxonomy data. 740 746 * @param array $fields The subset of taxonomy fields to return. … … 743 749 protected function _prepare_taxonomy( $taxonomy, $fields ) { 744 750 $_taxonomy = array( 745 'name' => $taxonomy->name,746 'label' => $taxonomy->label,751 'name' => $taxonomy->name, 752 'label' => $taxonomy->label, 747 753 'hierarchical' => (bool) $taxonomy->hierarchical, 748 'public' => (bool) $taxonomy->public,749 'show_ui' => (bool) $taxonomy->show_ui,750 '_builtin' => (bool) $taxonomy->_builtin,754 'public' => (bool) $taxonomy->public, 755 'show_ui' => (bool) $taxonomy->show_ui, 756 '_builtin' => (bool) $taxonomy->_builtin, 751 757 ); 752 758 753 if ( in_array( 'labels', $fields ) ) 759 if ( in_array( 'labels', $fields ) ) { 754 760 $_taxonomy['labels'] = (array) $taxonomy->labels; 755 756 if ( in_array( 'cap', $fields ) ) 761 } 762 763 if ( in_array( 'cap', $fields ) ) { 757 764 $_taxonomy['cap'] = (array) $taxonomy->cap; 758 759 if ( in_array( 'menu', $fields ) ) 765 } 766 767 if ( in_array( 'menu', $fields ) ) { 760 768 $_taxonomy['show_in_menu'] = (bool) $_taxonomy->show_in_menu; 761 762 if ( in_array( 'object_type', $fields ) ) 769 } 770 771 if ( in_array( 'object_type', $fields ) ) { 763 772 $_taxonomy['object_type'] = array_unique( (array) $taxonomy->object_type ); 773 } 764 774 765 775 /** … … 778 788 * Prepares term data for return in an XML-RPC object. 779 789 * 780 *781 790 * @param array|object $term The unprepared term data. 782 791 * @return array The prepared term data. … … 784 793 protected function _prepare_term( $term ) { 785 794 $_term = $term; 786 if ( ! is_array( $_term ) ) 795 if ( ! is_array( $_term ) ) { 787 796 $_term = get_object_vars( $_term ); 797 } 788 798 789 799 // For integers which may be larger than XML-RPC supports ensure we return strings. 790 $_term['term_id'] = strval( $_term['term_id'] );791 $_term['term_group'] = strval( $_term['term_group'] );800 $_term['term_id'] = strval( $_term['term_id'] ); 801 $_term['term_group'] = strval( $_term['term_group'] ); 792 802 $_term['term_taxonomy_id'] = strval( $_term['term_taxonomy_id'] ); 793 $_term['parent'] = strval( $_term['parent'] );803 $_term['parent'] = strval( $_term['parent'] ); 794 804 795 805 // Count we are happy to return as an integer because people really shouldn't use terms that much. … … 813 823 * Convert a WordPress date string to an IXR_Date object. 814 824 * 815 *816 825 * @param string $date Date string to convert. 817 826 * @return IXR_Date IXR_Date object. … … 827 836 * Convert a WordPress GMT date string to an IXR_Date object. 828 837 * 829 *830 838 * @param string $date_gmt WordPress GMT date string. 831 839 * @param string $date Date string. … … 841 849 /** 842 850 * Prepares post data for return in an XML-RPC object. 843 *844 851 * 845 852 * @param array $post The unprepared post data. … … 877 884 // Thumbnail. 878 885 $post_fields['post_thumbnail'] = array(); 879 $thumbnail_id = get_post_thumbnail_id( $post['ID'] );886 $thumbnail_id = get_post_thumbnail_id( $post['ID'] ); 880 887 if ( $thumbnail_id ) { 881 $thumbnail_size = current_theme_supports('post-thumbnail') ? 'post-thumbnail' : 'thumbnail';888 $thumbnail_size = current_theme_supports( 'post-thumbnail' ) ? 'post-thumbnail' : 'thumbnail'; 882 889 $post_fields['post_thumbnail'] = $this->_prepare_media_item( get_post( $thumbnail_id ), $thumbnail_size ); 883 890 } 884 891 885 892 // Consider future posts as published. 886 if ( $post_fields['post_status'] === 'future' ) 893 if ( $post_fields['post_status'] === 'future' ) { 887 894 $post_fields['post_status'] = 'publish'; 895 } 888 896 889 897 // Fill in blank post format. 890 898 $post_fields['post_format'] = get_post_format( $post['ID'] ); 891 if ( empty( $post_fields['post_format'] ) ) 899 if ( empty( $post_fields['post_format'] ) ) { 892 900 $post_fields['post_format'] = 'standard'; 901 } 893 902 894 903 // Merge requested $post_fields fields into $_post. … … 897 906 } else { 898 907 $requested_fields = array_intersect_key( $post_fields, array_flip( $fields ) ); 899 $_post = array_merge( $_post, $requested_fields );908 $_post = array_merge( $_post, $requested_fields ); 900 909 } 901 910 … … 904 913 if ( $all_taxonomy_fields || in_array( 'terms', $fields ) ) { 905 914 $post_type_taxonomies = get_object_taxonomies( $post['post_type'], 'names' ); 906 $terms = wp_get_object_terms( $post['ID'], $post_type_taxonomies );907 $_post['terms'] = array();915 $terms = wp_get_object_terms( $post['ID'], $post_type_taxonomies ); 916 $_post['terms'] = array(); 908 917 foreach ( $terms as $term ) { 909 918 $_post['terms'][] = $this->_prepare_term( $term ); … … 911 920 } 912 921 913 if ( in_array( 'custom_fields', $fields ) ) 922 if ( in_array( 'custom_fields', $fields ) ) { 914 923 $_post['custom_fields'] = $this->get_custom_fields( $post['ID'] ); 924 } 915 925 916 926 if ( in_array( 'enclosure', $fields ) ) { 917 927 $_post['enclosure'] = array(); 918 $enclosures = (array) get_post_meta( $post['ID'], 'enclosure' );928 $enclosures = (array) get_post_meta( $post['ID'], 'enclosure' ); 919 929 if ( ! empty( $enclosures ) ) { 920 $encdata = explode( "\n", $enclosures[0] );921 $_post['enclosure']['url'] = trim( htmlspecialchars( $encdata[0] ) );930 $encdata = explode( "\n", $enclosures[0] ); 931 $_post['enclosure']['url'] = trim( htmlspecialchars( $encdata[0] ) ); 922 932 $_post['enclosure']['length'] = (int) trim( $encdata[1] ); 923 $_post['enclosure']['type'] = trim( $encdata[2] );933 $_post['enclosure']['type'] = trim( $encdata[2] ); 924 934 } 925 935 } … … 949 959 protected function _prepare_post_type( $post_type, $fields ) { 950 960 $_post_type = array( 951 'name' => $post_type->name,952 'label' => $post_type->label,961 'name' => $post_type->name, 962 'label' => $post_type->label, 953 963 'hierarchical' => (bool) $post_type->hierarchical, 954 'public' => (bool) $post_type->public,955 'show_ui' => (bool) $post_type->show_ui,956 '_builtin' => (bool) $post_type->_builtin,957 'has_archive' => (bool) $post_type->has_archive,958 'supports' => get_all_post_type_supports( $post_type->name ),964 'public' => (bool) $post_type->public, 965 'show_ui' => (bool) $post_type->show_ui, 966 '_builtin' => (bool) $post_type->_builtin, 967 'has_archive' => (bool) $post_type->has_archive, 968 'supports' => get_all_post_type_supports( $post_type->name ), 959 969 ); 960 970 … … 964 974 965 975 if ( in_array( 'cap', $fields ) ) { 966 $_post_type['cap'] = (array) $post_type->cap;976 $_post_type['cap'] = (array) $post_type->cap; 967 977 $_post_type['map_meta_cap'] = (bool) $post_type->map_meta_cap; 968 978 } … … 970 980 if ( in_array( 'menu', $fields ) ) { 971 981 $_post_type['menu_position'] = (int) $post_type->menu_position; 972 $_post_type['menu_icon'] = $post_type->menu_icon;973 $_post_type['show_in_menu'] = (bool) $post_type->show_in_menu;974 } 975 976 if ( in_array( 'taxonomies', $fields ) ) 982 $_post_type['menu_icon'] = $post_type->menu_icon; 983 $_post_type['show_in_menu'] = (bool) $post_type->show_in_menu; 984 } 985 986 if ( in_array( 'taxonomies', $fields ) ) { 977 987 $_post_type['taxonomies'] = get_object_taxonomies( $post_type->name, 'names' ); 988 } 978 989 979 990 /** … … 992 1003 * Prepares media item data for return in an XML-RPC object. 993 1004 * 994 *995 1005 * @param object $media_item The unprepared media item data. 996 1006 * @param string $thumbnail_size The image size to use for the thumbnail URL. … … 1007 1017 'description' => $media_item->post_content, 1008 1018 'metadata' => wp_get_attachment_metadata( $media_item->ID ), 1009 'type' => $media_item->post_mime_type 1019 'type' => $media_item->post_mime_type, 1010 1020 ); 1011 1021 1012 1022 $thumbnail_src = image_downsize( $media_item->ID, $thumbnail_size ); 1013 if ( $thumbnail_src ) 1023 if ( $thumbnail_src ) { 1014 1024 $_media_item['thumbnail'] = $thumbnail_src[0]; 1015 else1025 } else { 1016 1026 $_media_item['thumbnail'] = $_media_item['link']; 1027 } 1017 1028 1018 1029 /** … … 1031 1042 * Prepares page data for return in an XML-RPC object. 1032 1043 * 1033 *1034 1044 * @param object $page The unprepared page data. 1035 1045 * @return array The prepared page data. … … 1038 1048 // Get all of the page content and link. 1039 1049 $full_page = get_extended( $page->post_content ); 1040 $link = get_permalink( $page->ID );1050 $link = get_permalink( $page->ID ); 1041 1051 1042 1052 // Get info the page parent if there is one. 1043 $parent_title = "";1053 $parent_title = ''; 1044 1054 if ( ! empty( $page->post_parent ) ) { 1045 $parent = get_post( $page->post_parent );1055 $parent = get_post( $page->post_parent ); 1046 1056 $parent_title = $parent->post_title; 1047 1057 } … … 1049 1059 // Determine comment and ping settings. 1050 1060 $allow_comments = comments_open( $page->ID ) ? 1 : 0; 1051 $allow_pings = pings_open( $page->ID ) ? 1 : 0;1061 $allow_pings = pings_open( $page->ID ) ? 1 : 0; 1052 1062 1053 1063 // Format page date. 1054 $page_date = $this->_convert_date( $page->post_date );1064 $page_date = $this->_convert_date( $page->post_date ); 1055 1065 $page_date_gmt = $this->_convert_date_gmt( $page->post_date_gmt, $page->post_date ); 1056 1066 … … 1067 1077 1068 1078 $page_template = get_page_template_slug( $page->ID ); 1069 if ( empty( $page_template ) ) 1079 if ( empty( $page_template ) ) { 1070 1080 $page_template = 'default'; 1081 } 1071 1082 1072 1083 $_page = array( … … 1094 1105 'date_created_gmt' => $page_date_gmt, 1095 1106 'custom_fields' => $this->get_custom_fields( $page->ID ), 1096 'wp_page_template' => $page_template 1107 'wp_page_template' => $page_template, 1097 1108 ); 1098 1109 … … 1111 1122 * Prepares comment data for return in an XML-RPC object. 1112 1123 * 1113 *1114 1124 * @param object $comment The unprepared comment data. 1115 1125 * @return array The prepared comment data. … … 1135 1145 'status' => $comment_status, 1136 1146 'content' => $comment->comment_content, 1137 'link' => get_comment_link( $comment),1147 'link' => get_comment_link( $comment ), 1138 1148 'post_id' => $comment->comment_post_ID, 1139 'post_title' => get_the_title( $comment->comment_post_ID),1149 'post_title' => get_the_title( $comment->comment_post_ID ), 1140 1150 'author' => $comment->comment_author, 1141 1151 'author_url' => $comment->comment_author_url, … … 1159 1169 * Prepares user data for return in an XML-RPC object. 1160 1170 * 1161 *1162 1171 * @param WP_User $user The unprepared user object. 1163 1172 * @param array $fields The subset of user fields to return. … … 1168 1177 1169 1178 $user_fields = array( 1170 'username' 1171 'first_name' 1172 'last_name' 1173 'registered' 1174 'bio' 1175 'email' 1176 'nickname' 1177 'nicename' 1178 'url' 1179 'display_name' 1180 'roles' 1179 'username' => $user->user_login, 1180 'first_name' => $user->user_firstname, 1181 'last_name' => $user->user_lastname, 1182 'registered' => $this->_convert_date( $user->user_registered ), 1183 'bio' => $user->user_description, 1184 'email' => $user->user_email, 1185 'nickname' => $user->nickname, 1186 'nicename' => $user->user_nicename, 1187 'url' => $user->user_url, 1188 'display_name' => $user->display_name, 1189 'roles' => $user->roles, 1181 1190 ); 1182 1191 … … 1186 1195 if ( in_array( 'basic', $fields ) ) { 1187 1196 $basic_fields = array( 'username', 'email', 'registered', 'display_name', 'nicename' ); 1188 $fields = array_merge( $fields, $basic_fields );1197 $fields = array_merge( $fields, $basic_fields ); 1189 1198 } 1190 1199 $requested_fields = array_intersect_key( $user_fields, array_flip( $fields ) ); 1191 $_user = array_merge( $_user, $requested_fields );1200 $_user = array_merge( $_user, $requested_fields ); 1192 1201 } 1193 1202 … … 1252 1261 */ 1253 1262 public function wp_newPost( $args ) { 1254 if ( ! $this->minimum_args( $args, 4 ) ) 1255 return $this->error; 1263 if ( ! $this->minimum_args( $args, 4 ) ) { 1264 return $this->error; 1265 } 1256 1266 1257 1267 $this->escape( $args ); … … 1261 1271 $content_struct = $args[3]; 1262 1272 1263 if ( ! $user = $this->login( $username, $password ) ) 1264 return $this->error; 1273 if ( ! $user = $this->login( $username, $password ) ) { 1274 return $this->error; 1275 } 1265 1276 1266 1277 // convert the date field back to IXR form … … 1321 1332 unstick_post( $post_data['ID'] ); 1322 1333 } 1323 } elseif ( isset( $post_data['sticky'] ) ) 1334 } elseif ( isset( $post_data['sticky'] ) ) { 1324 1335 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) { 1325 1336 return new IXR_Error( 401, __( 'Sorry, you are not allowed to make posts sticky.' ) ); … … 1374 1385 1375 1386 $post_type = get_post_type_object( $post_data['post_type'] ); 1376 if ( ! $post_type ) 1387 if ( ! $post_type ) { 1377 1388 return new IXR_Error( 403, __( 'Invalid post type.' ) ); 1389 } 1378 1390 1379 1391 $update = ! empty( $post_data['ID'] ); 1380 1392 1381 1393 if ( $update ) { 1382 if ( ! get_post( $post_data['ID'] ) ) 1394 if ( ! get_post( $post_data['ID'] ) ) { 1383 1395 return new IXR_Error( 401, __( 'Invalid post ID.' ) ); 1384 if ( ! current_user_can( 'edit_post', $post_data['ID'] ) ) 1396 } 1397 if ( ! current_user_can( 'edit_post', $post_data['ID'] ) ) { 1385 1398 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 1386 if ( $post_data['post_type'] != get_post_type( $post_data['ID'] ) ) 1399 } 1400 if ( $post_data['post_type'] != get_post_type( $post_data['ID'] ) ) { 1387 1401 return new IXR_Error( 401, __( 'The post type may not be changed.' ) ); 1402 } 1388 1403 } else { 1389 if ( ! current_user_can( $post_type->cap->create_posts ) || ! current_user_can( $post_type->cap->edit_posts ) ) 1404 if ( ! current_user_can( $post_type->cap->create_posts ) || ! current_user_can( $post_type->cap->edit_posts ) ) { 1390 1405 return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) ); 1406 } 1391 1407 } 1392 1408 … … 1396 1412 break; 1397 1413 case 'private': 1398 if ( ! current_user_can( $post_type->cap->publish_posts ) ) 1414 if ( ! current_user_can( $post_type->cap->publish_posts ) ) { 1399 1415 return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type.' ) ); 1416 } 1400 1417 break; 1401 1418 case 'publish': 1402 1419 case 'future': 1403 if ( ! current_user_can( $post_type->cap->publish_posts ) ) 1420 if ( ! current_user_can( $post_type->cap->publish_posts ) ) { 1404 1421 return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type.' ) ); 1422 } 1405 1423 break; 1406 1424 default: 1407 if ( ! get_post_status_object( $post_data['post_status'] ) ) 1425 if ( ! get_post_status_object( $post_data['post_status'] ) ) { 1408 1426 $post_data['post_status'] = 'draft'; 1409 break; 1410 } 1411 1412 if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) ) 1427 } 1428 break; 1429 } 1430 1431 if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) ) { 1413 1432 return new IXR_Error( 401, __( 'Sorry, you are not allowed to create password protected posts in this post type.' ) ); 1433 } 1414 1434 1415 1435 $post_data['post_author'] = absint( $post_data['post_author'] ); 1416 1436 if ( ! empty( $post_data['post_author'] ) && $post_data['post_author'] != $user->ID ) { 1417 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) 1437 if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) { 1418 1438 return new IXR_Error( 401, __( 'Sorry, you are not allowed to create posts as this user.' ) ); 1439 } 1419 1440 1420 1441 $author = get_userdata( $post_data['post_author'] ); 1421 1442 1422 if ( ! $author ) 1443 if ( ! $author ) { 1423 1444 return new IXR_Error( 404, __( 'Invalid author ID.' ) ); 1445 } 1424 1446 } else { 1425 1447 $post_data['post_author'] = $user->ID; 1426 1448 } 1427 1449 1428 if ( isset( $post_data['comment_status'] ) && $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' ) 1450 if ( isset( $post_data['comment_status'] ) && $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' ) { 1429 1451 unset( $post_data['comment_status'] ); 1430 1431 if ( isset( $post_data['ping_status'] ) && $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' ) 1452 } 1453 1454 if ( isset( $post_data['ping_status'] ) && $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' ) { 1432 1455 unset( $post_data['ping_status'] ); 1456 } 1433 1457 1434 1458 // Do some timestamp voodoo. … … 1444 1468 1445 1469 if ( ! empty( $dateCreated ) ) { 1446 $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) );1470 $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); 1447 1471 $post_data['post_date_gmt'] = iso8601_to_datetime( $dateCreated, 'GMT' ); 1448 1472 … … 1451 1475 } 1452 1476 1453 if ( ! isset( $post_data['ID'] ) ) 1477 if ( ! isset( $post_data['ID'] ) ) { 1454 1478 $post_data['ID'] = get_default_post_to_edit( $post_data['post_type'], true )->ID; 1479 } 1455 1480 $post_ID = $post_data['ID']; 1456 1481 … … 1464 1489 if ( isset( $post_data['post_thumbnail'] ) ) { 1465 1490 // empty value deletes, non-empty value adds/updates. 1466 if ( ! $post_data['post_thumbnail'] ) 1491 if ( ! $post_data['post_thumbnail'] ) { 1467 1492 delete_post_thumbnail( $post_ID ); 1468 elseif ( ! get_post( absint( $post_data['post_thumbnail'] ) ) )1493 } elseif ( ! get_post( absint( $post_data['post_thumbnail'] ) ) ) { 1469 1494 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 1495 } 1470 1496 set_post_thumbnail( $post_ID, $post_data['post_thumbnail'] ); 1471 1497 unset( $content_struct['post_thumbnail'] ); 1472 1498 } 1473 1499 1474 if ( isset( $post_data['custom_fields'] ) ) 1500 if ( isset( $post_data['custom_fields'] ) ) { 1475 1501 $this->set_custom_fields( $post_ID, $post_data['custom_fields'] ); 1502 } 1476 1503 1477 1504 if ( isset( $post_data['terms'] ) || isset( $post_data['terms_names'] ) ) { … … 1487 1514 // Validating term ids. 1488 1515 foreach ( $taxonomies as $taxonomy ) { 1489 if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )1516 if ( ! array_key_exists( $taxonomy, $post_type_taxonomies ) ) { 1490 1517 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) ); 1491 1492 if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) 1518 } 1519 1520 if ( ! current_user_can( $post_type_taxonomies[ $taxonomy ]->cap->assign_terms ) ) { 1493 1521 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) ); 1494 1495 $term_ids = $post_data['terms'][$taxonomy]; 1522 } 1523 1524 $term_ids = $post_data['terms'][ $taxonomy ]; 1496 1525 $terms[ $taxonomy ] = array(); 1497 1526 foreach ( $term_ids as $term_id ) { 1498 1527 $term = get_term_by( 'id', $term_id, $taxonomy ); 1499 1528 1500 if ( ! $term ) 1529 if ( ! $term ) { 1501 1530 return new IXR_Error( 403, __( 'Invalid term ID.' ) ); 1502 1503 $terms[$taxonomy][] = (int) $term_id; 1531 } 1532 1533 $terms[ $taxonomy ][] = (int) $term_id; 1504 1534 } 1505 1535 } … … 1511 1541 1512 1542 foreach ( $taxonomies as $taxonomy ) { 1513 if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )1543 if ( ! array_key_exists( $taxonomy, $post_type_taxonomies ) ) { 1514 1544 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) ); 1515 1516 if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) ) 1545 } 1546 1547 if ( ! current_user_can( $post_type_taxonomies[ $taxonomy ]->cap->assign_terms ) ) { 1517 1548 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) ); 1549 } 1518 1550 1519 1551 /* … … 1523 1555 $ambiguous_terms = array(); 1524 1556 if ( is_taxonomy_hierarchical( $taxonomy ) ) { 1525 $tax_term_names = get_terms( $taxonomy, array( 'fields' => 'names', 'hide_empty' => false ) ); 1557 $tax_term_names = get_terms( 1558 $taxonomy, array( 1559 'fields' => 'names', 1560 'hide_empty' => false, 1561 ) 1562 ); 1526 1563 1527 1564 // Count the number of terms with the same name. … … 1529 1566 1530 1567 // Filter out non-ambiguous term names. 1531 $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, array( $this, '_is_greater_than_one' ) );1568 $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, array( $this, '_is_greater_than_one' ) ); 1532 1569 1533 1570 $ambiguous_terms = array_keys( $ambiguous_tax_term_counts ); 1534 1571 } 1535 1572 1536 $term_names = $post_data['terms_names'][ $taxonomy];1573 $term_names = $post_data['terms_names'][ $taxonomy ]; 1537 1574 foreach ( $term_names as $term_name ) { 1538 if ( in_array( $term_name, $ambiguous_terms ) ) 1575 if ( in_array( $term_name, $ambiguous_terms ) ) { 1539 1576 return new IXR_Error( 401, __( 'Ambiguous term name used in a hierarchical taxonomy. Please use term ID instead.' ) ); 1577 } 1540 1578 1541 1579 $term = get_term_by( 'name', $term_name, $taxonomy ); … … 1543 1581 if ( ! $term ) { 1544 1582 // Term doesn't exist, so check that the user is allowed to create new terms. 1545 if ( ! current_user_can( $post_type_taxonomies[ $taxonomy]->cap->edit_terms ) )1583 if ( ! current_user_can( $post_type_taxonomies[ $taxonomy ]->cap->edit_terms ) ) { 1546 1584 return new IXR_Error( 401, __( 'Sorry, you are not allowed to add a term to one of the given taxonomies.' ) ); 1585 } 1547 1586 1548 1587 // Create the new term. 1549 1588 $term_info = wp_insert_term( $term_name, $taxonomy ); 1550 if ( is_wp_error( $term_info ) ) 1589 if ( is_wp_error( $term_info ) ) { 1551 1590 return new IXR_Error( 500, $term_info->get_error_message() ); 1552 1553 $terms[$taxonomy][] = (int) $term_info['term_id']; 1591 } 1592 1593 $terms[ $taxonomy ][] = (int) $term_info['term_id']; 1554 1594 } else { 1555 $terms[ $taxonomy][] = (int) $term->term_id;1595 $terms[ $taxonomy ][] = (int) $term->term_id; 1556 1596 } 1557 1597 } … … 1566 1606 $format = set_post_format( $post_ID, $post_data['post_format'] ); 1567 1607 1568 if ( is_wp_error( $format ) ) 1608 if ( is_wp_error( $format ) ) { 1569 1609 return new IXR_Error( 500, $format->get_error_message() ); 1610 } 1570 1611 1571 1612 unset( $post_data['post_format'] ); … … 1589 1630 1590 1631 $post_ID = $update ? wp_update_post( $post_data, true ) : wp_insert_post( $post_data, true ); 1591 if ( is_wp_error( $post_ID ) ) 1632 if ( is_wp_error( $post_ID ) ) { 1592 1633 return new IXR_Error( 500, $post_ID->get_error_message() ); 1593 1594 if ( ! $post_ID ) 1634 } 1635 1636 if ( ! $post_ID ) { 1595 1637 return new IXR_Error( 401, __( 'Sorry, your entry could not be posted.' ) ); 1638 } 1596 1639 1597 1640 return strval( $post_ID ); … … 1618 1661 */ 1619 1662 public function wp_editPost( $args ) { 1620 if ( ! $this->minimum_args( $args, 5 ) ) 1621 return $this->error; 1663 if ( ! $this->minimum_args( $args, 5 ) ) { 1664 return $this->error; 1665 } 1622 1666 1623 1667 $this->escape( $args ); … … 1628 1672 $content_struct = $args[4]; 1629 1673 1630 if ( ! $user = $this->login( $username, $password ) ) 1631 return $this->error; 1674 if ( ! $user = $this->login( $username, $password ) ) { 1675 return $this->error; 1676 } 1632 1677 1633 1678 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 1636 1681 $post = get_post( $post_id, ARRAY_A ); 1637 1682 1638 if ( empty( $post['ID'] ) ) 1683 if ( empty( $post['ID'] ) ) { 1639 1684 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 1685 } 1640 1686 1641 1687 if ( isset( $content_struct['if_not_modified_since'] ) ) { … … 1653 1699 * since _insert_post() will ignore the non-GMT date if the GMT date is set. 1654 1700 */ 1655 if ( $post['post_date_gmt'] == '0000-00-00 00:00:00' || isset( $content_struct['post_date'] ) ) 1701 if ( $post['post_date_gmt'] == '0000-00-00 00:00:00' || isset( $content_struct['post_date'] ) ) { 1656 1702 unset( $post['post_date_gmt'] ); 1657 else1703 } else { 1658 1704 $post['post_date_gmt'] = $this->_convert_date( $post['post_date_gmt'] ); 1705 } 1659 1706 1660 1707 $this->escape( $post ); … … 1662 1709 1663 1710 $retval = $this->_insert_post( $user, $merged_content_struct ); 1664 if ( $retval instanceof IXR_Error ) 1711 if ( $retval instanceof IXR_Error ) { 1665 1712 return $retval; 1713 } 1666 1714 1667 1715 return true; … … 1686 1734 */ 1687 1735 public function wp_deletePost( $args ) { 1688 if ( ! $this->minimum_args( $args, 4 ) ) 1689 return $this->error; 1736 if ( ! $this->minimum_args( $args, 4 ) ) { 1737 return $this->error; 1738 } 1690 1739 1691 1740 $this->escape( $args ); 1692 1741 1693 $username = $args[1]; 1694 $password = $args[2]; 1695 $post_id = (int) $args[3]; 1696 1697 if ( ! $user = $this->login( $username, $password ) ) 1698 return $this->error; 1742 $username = $args[1]; 1743 $password = $args[2]; 1744 $post_id = (int) $args[3]; 1745 1746 if ( ! $user = $this->login( $username, $password ) ) { 1747 return $this->error; 1748 } 1699 1749 1700 1750 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 1769 1819 */ 1770 1820 public function wp_getPost( $args ) { 1771 if ( ! $this->minimum_args( $args, 4 ) ) 1772 return $this->error; 1821 if ( ! $this->minimum_args( $args, 4 ) ) { 1822 return $this->error; 1823 } 1773 1824 1774 1825 $this->escape( $args ); … … 1792 1843 } 1793 1844 1794 if ( ! $user = $this->login( $username, $password ) ) 1795 return $this->error; 1845 if ( ! $user = $this->login( $username, $password ) ) { 1846 return $this->error; 1847 } 1796 1848 1797 1849 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 1800 1852 $post = get_post( $post_id, ARRAY_A ); 1801 1853 1802 if ( empty( $post['ID'] ) ) 1854 if ( empty( $post['ID'] ) ) { 1803 1855 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 1804 1805 if ( ! current_user_can( 'edit_post', $post_id ) ) 1856 } 1857 1858 if ( ! current_user_can( 'edit_post', $post_id ) ) { 1806 1859 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 1860 } 1807 1861 1808 1862 return $this->_prepare_post( $post, $fields ); … … 1832 1886 */ 1833 1887 public function wp_getPosts( $args ) { 1834 if ( ! $this->minimum_args( $args, 3 ) ) 1835 return $this->error; 1888 if ( ! $this->minimum_args( $args, 3 ) ) { 1889 return $this->error; 1890 } 1836 1891 1837 1892 $this->escape( $args ); … … 1848 1903 } 1849 1904 1850 if ( ! $user = $this->login( $username, $password ) ) 1851 return $this->error; 1905 if ( ! $user = $this->login( $username, $password ) ) { 1906 return $this->error; 1907 } 1852 1908 1853 1909 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 1858 1914 if ( isset( $filter['post_type'] ) ) { 1859 1915 $post_type = get_post_type_object( $filter['post_type'] ); 1860 if ( ! ( (bool) $post_type ) ) 1916 if ( ! ( (bool) $post_type ) ) { 1861 1917 return new IXR_Error( 403, __( 'Invalid post type.' ) ); 1918 } 1862 1919 } else { 1863 1920 $post_type = get_post_type_object( 'post' ); 1864 1921 } 1865 1922 1866 if ( ! current_user_can( $post_type->cap->edit_posts ) ) 1923 if ( ! current_user_can( $post_type->cap->edit_posts ) ) { 1867 1924 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts in this post type.' ) ); 1925 } 1868 1926 1869 1927 $query['post_type'] = $post_type->name; 1870 1928 1871 if ( isset( $filter['post_status'] ) ) 1929 if ( isset( $filter['post_status'] ) ) { 1872 1930 $query['post_status'] = $filter['post_status']; 1873 1874 if ( isset( $filter['number'] ) ) 1931 } 1932 1933 if ( isset( $filter['number'] ) ) { 1875 1934 $query['numberposts'] = absint( $filter['number'] ); 1876 1877 if ( isset( $filter['offset'] ) ) 1935 } 1936 1937 if ( isset( $filter['offset'] ) ) { 1878 1938 $query['offset'] = absint( $filter['offset'] ); 1939 } 1879 1940 1880 1941 if ( isset( $filter['orderby'] ) ) { 1881 1942 $query['orderby'] = $filter['orderby']; 1882 1943 1883 if ( isset( $filter['order'] ) ) 1944 if ( isset( $filter['order'] ) ) { 1884 1945 $query['order'] = $filter['order']; 1946 } 1885 1947 } 1886 1948 … … 1891 1953 $posts_list = wp_get_recent_posts( $query ); 1892 1954 1893 if ( ! $posts_list ) 1955 if ( ! $posts_list ) { 1894 1956 return array(); 1957 } 1895 1958 1896 1959 // Holds all the posts data. … … 1898 1961 1899 1962 foreach ( $posts_list as $post ) { 1900 if ( ! current_user_can( 'edit_post', $post['ID'] ) ) 1963 if ( ! current_user_can( 'edit_post', $post['ID'] ) ) { 1901 1964 continue; 1965 } 1902 1966 1903 1967 $struct[] = $this->_prepare_post( $post, $fields ); … … 1927 1991 */ 1928 1992 public function wp_newTerm( $args ) { 1929 if ( ! $this->minimum_args( $args, 4 ) ) 1930 return $this->error; 1993 if ( ! $this->minimum_args( $args, 4 ) ) { 1994 return $this->error; 1995 } 1931 1996 1932 1997 $this->escape( $args ); … … 1936 2001 $content_struct = $args[3]; 1937 2002 1938 if ( ! $user = $this->login( $username, $password ) ) 1939 return $this->error; 2003 if ( ! $user = $this->login( $username, $password ) ) { 2004 return $this->error; 2005 } 1940 2006 1941 2007 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 1942 2008 do_action( 'xmlrpc_call', 'wp.newTerm' ); 1943 2009 1944 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) 2010 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) { 1945 2011 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2012 } 1946 2013 1947 2014 $taxonomy = get_taxonomy( $content_struct['taxonomy'] ); … … 1957 2024 1958 2025 $term_data['name'] = trim( $content_struct['name'] ); 1959 if ( empty( $term_data['name'] ) ) 2026 if ( empty( $term_data['name'] ) ) { 1960 2027 return new IXR_Error( 403, __( 'The term name cannot be empty.' ) ); 2028 } 1961 2029 1962 2030 if ( isset( $content_struct['parent'] ) ) { 1963 if ( ! $taxonomy['hierarchical'] ) 2031 if ( ! $taxonomy['hierarchical'] ) { 1964 2032 return new IXR_Error( 403, __( 'This taxonomy is not hierarchical.' ) ); 2033 } 1965 2034 1966 2035 $parent_term_id = (int) $content_struct['parent']; 1967 $parent_term = get_term( $parent_term_id, $taxonomy['name'] );1968 1969 if ( is_wp_error( $parent_term ) ) 2036 $parent_term = get_term( $parent_term_id, $taxonomy['name'] ); 2037 2038 if ( is_wp_error( $parent_term ) ) { 1970 2039 return new IXR_Error( 500, $parent_term->get_error_message() ); 1971 1972 if ( ! $parent_term ) 2040 } 2041 2042 if ( ! $parent_term ) { 1973 2043 return new IXR_Error( 403, __( 'Parent term does not exist.' ) ); 2044 } 1974 2045 1975 2046 $term_data['parent'] = $content_struct['parent']; 1976 2047 } 1977 2048 1978 if ( isset( $content_struct['description'] ) ) 2049 if ( isset( $content_struct['description'] ) ) { 1979 2050 $term_data['description'] = $content_struct['description']; 1980 1981 if ( isset( $content_struct['slug'] ) ) 2051 } 2052 2053 if ( isset( $content_struct['slug'] ) ) { 1982 2054 $term_data['slug'] = $content_struct['slug']; 1983 1984 $term = wp_insert_term( $term_data['name'] , $taxonomy['name'] , $term_data ); 1985 1986 if ( is_wp_error( $term ) ) 2055 } 2056 2057 $term = wp_insert_term( $term_data['name'], $taxonomy['name'], $term_data ); 2058 2059 if ( is_wp_error( $term ) ) { 1987 2060 return new IXR_Error( 500, $term->get_error_message() ); 1988 1989 if ( ! $term ) 2061 } 2062 2063 if ( ! $term ) { 1990 2064 return new IXR_Error( 500, __( 'Sorry, your term could not be created.' ) ); 2065 } 1991 2066 1992 2067 // Add term meta. … … 2019 2094 */ 2020 2095 public function wp_editTerm( $args ) { 2021 if ( ! $this->minimum_args( $args, 5 ) ) 2022 return $this->error; 2096 if ( ! $this->minimum_args( $args, 5 ) ) { 2097 return $this->error; 2098 } 2023 2099 2024 2100 $this->escape( $args ); … … 2029 2105 $content_struct = $args[4]; 2030 2106 2031 if ( ! $user = $this->login( $username, $password ) ) 2032 return $this->error; 2107 if ( ! $user = $this->login( $username, $password ) ) { 2108 return $this->error; 2109 } 2033 2110 2034 2111 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2035 2112 do_action( 'xmlrpc_call', 'wp.editTerm' ); 2036 2113 2037 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) 2114 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) ) { 2038 2115 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2116 } 2039 2117 2040 2118 $taxonomy = get_taxonomy( $content_struct['taxonomy'] ); … … 2045 2123 $term_data = array(); 2046 2124 2047 $term = get_term( $term_id 2048 2049 if ( is_wp_error( $term ) ) 2125 $term = get_term( $term_id, $content_struct['taxonomy'] ); 2126 2127 if ( is_wp_error( $term ) ) { 2050 2128 return new IXR_Error( 500, $term->get_error_message() ); 2051 2052 if ( ! $term ) 2129 } 2130 2131 if ( ! $term ) { 2053 2132 return new IXR_Error( 404, __( 'Invalid term ID.' ) ); 2133 } 2054 2134 2055 2135 if ( ! current_user_can( 'edit_term', $term_id ) ) { … … 2060 2140 $term_data['name'] = trim( $content_struct['name'] ); 2061 2141 2062 if ( empty( $term_data['name'] ) ) 2142 if ( empty( $term_data['name'] ) ) { 2063 2143 return new IXR_Error( 403, __( 'The term name cannot be empty.' ) ); 2144 } 2064 2145 } 2065 2146 2066 2147 if ( ! empty( $content_struct['parent'] ) ) { 2067 if ( ! $taxonomy['hierarchical'] ) 2148 if ( ! $taxonomy['hierarchical'] ) { 2068 2149 return new IXR_Error( 403, __( 'Cannot set parent term, taxonomy is not hierarchical.' ) ); 2150 } 2069 2151 2070 2152 $parent_term_id = (int) $content_struct['parent']; 2071 $parent_term = get_term( $parent_term_id, $taxonomy['name'] );2072 2073 if ( is_wp_error( $parent_term ) ) 2153 $parent_term = get_term( $parent_term_id, $taxonomy['name'] ); 2154 2155 if ( is_wp_error( $parent_term ) ) { 2074 2156 return new IXR_Error( 500, $parent_term->get_error_message() ); 2075 2076 if ( ! $parent_term ) 2157 } 2158 2159 if ( ! $parent_term ) { 2077 2160 return new IXR_Error( 403, __( 'Parent term does not exist.' ) ); 2161 } 2078 2162 2079 2163 $term_data['parent'] = $content_struct['parent']; 2080 2164 } 2081 2165 2082 if ( isset( $content_struct['description'] ) ) 2166 if ( isset( $content_struct['description'] ) ) { 2083 2167 $term_data['description'] = $content_struct['description']; 2084 2085 if ( isset( $content_struct['slug'] ) ) 2168 } 2169 2170 if ( isset( $content_struct['slug'] ) ) { 2086 2171 $term_data['slug'] = $content_struct['slug']; 2087 2088 $term = wp_update_term( $term_id , $taxonomy['name'] , $term_data ); 2089 2090 if ( is_wp_error( $term ) ) 2172 } 2173 2174 $term = wp_update_term( $term_id, $taxonomy['name'], $term_data ); 2175 2176 if ( is_wp_error( $term ) ) { 2091 2177 return new IXR_Error( 500, $term->get_error_message() ); 2092 2093 if ( ! $term ) 2178 } 2179 2180 if ( ! $term ) { 2094 2181 return new IXR_Error( 500, __( 'Sorry, editing the term failed.' ) ); 2182 } 2095 2183 2096 2184 // Update term meta. … … 2121 2209 */ 2122 2210 public function wp_deleteTerm( $args ) { 2123 if ( ! $this->minimum_args( $args, 5 ) ) 2124 return $this->error; 2211 if ( ! $this->minimum_args( $args, 5 ) ) { 2212 return $this->error; 2213 } 2125 2214 2126 2215 $this->escape( $args ); 2127 2216 2128 $username = $args[1]; 2129 $password = $args[2]; 2130 $taxonomy = $args[3]; 2131 $term_id = (int) $args[4]; 2132 2133 if ( ! $user = $this->login( $username, $password ) ) 2134 return $this->error; 2217 $username = $args[1]; 2218 $password = $args[2]; 2219 $taxonomy = $args[3]; 2220 $term_id = (int) $args[4]; 2221 2222 if ( ! $user = $this->login( $username, $password ) ) { 2223 return $this->error; 2224 } 2135 2225 2136 2226 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2137 2227 do_action( 'xmlrpc_call', 'wp.deleteTerm' ); 2138 2228 2139 if ( ! taxonomy_exists( $taxonomy ) ) 2229 if ( ! taxonomy_exists( $taxonomy ) ) { 2140 2230 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2231 } 2141 2232 2142 2233 $taxonomy = get_taxonomy( $taxonomy ); 2143 $term = get_term( $term_id, $taxonomy->name );2144 2145 if ( is_wp_error( $term ) ) 2234 $term = get_term( $term_id, $taxonomy->name ); 2235 2236 if ( is_wp_error( $term ) ) { 2146 2237 return new IXR_Error( 500, $term->get_error_message() ); 2147 2148 if ( ! $term ) 2238 } 2239 2240 if ( ! $term ) { 2149 2241 return new IXR_Error( 404, __( 'Invalid term ID.' ) ); 2242 } 2150 2243 2151 2244 if ( ! current_user_can( 'delete_term', $term_id ) ) { … … 2155 2248 $result = wp_delete_term( $term_id, $taxonomy->name ); 2156 2249 2157 if ( is_wp_error( $result ) ) 2250 if ( is_wp_error( $result ) ) { 2158 2251 return new IXR_Error( 500, $term->get_error_message() ); 2159 2160 if ( ! $result ) 2252 } 2253 2254 if ( ! $result ) { 2161 2255 return new IXR_Error( 500, __( 'Sorry, deleting the term failed.' ) ); 2256 } 2162 2257 2163 2258 return $result; … … 2192 2287 */ 2193 2288 public function wp_getTerm( $args ) { 2194 if ( ! $this->minimum_args( $args, 5 ) ) 2195 return $this->error; 2289 if ( ! $this->minimum_args( $args, 5 ) ) { 2290 return $this->error; 2291 } 2196 2292 2197 2293 $this->escape( $args ); 2198 2294 2199 $username = $args[1]; 2200 $password = $args[2]; 2201 $taxonomy = $args[3]; 2202 $term_id = (int) $args[4]; 2203 2204 if ( ! $user = $this->login( $username, $password ) ) 2205 return $this->error; 2295 $username = $args[1]; 2296 $password = $args[2]; 2297 $taxonomy = $args[3]; 2298 $term_id = (int) $args[4]; 2299 2300 if ( ! $user = $this->login( $username, $password ) ) { 2301 return $this->error; 2302 } 2206 2303 2207 2304 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2208 2305 do_action( 'xmlrpc_call', 'wp.getTerm' ); 2209 2306 2210 if ( ! taxonomy_exists( $taxonomy ) ) 2307 if ( ! taxonomy_exists( $taxonomy ) ) { 2211 2308 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2309 } 2212 2310 2213 2311 $taxonomy = get_taxonomy( $taxonomy ); 2214 2312 2215 $term = get_term( $term_id 2216 2217 if ( is_wp_error( $term ) ) 2313 $term = get_term( $term_id, $taxonomy->name, ARRAY_A ); 2314 2315 if ( is_wp_error( $term ) ) { 2218 2316 return new IXR_Error( 500, $term->get_error_message() ); 2219 2220 if ( ! $term ) 2317 } 2318 2319 if ( ! $term ) { 2221 2320 return new IXR_Error( 404, __( 'Invalid term ID.' ) ); 2321 } 2222 2322 2223 2323 if ( ! current_user_can( 'assign_term', $term_id ) ) { … … 2251 2351 */ 2252 2352 public function wp_getTerms( $args ) { 2253 if ( ! $this->minimum_args( $args, 4 ) ) 2254 return $this->error; 2353 if ( ! $this->minimum_args( $args, 4 ) ) { 2354 return $this->error; 2355 } 2255 2356 2256 2357 $this->escape( $args ); 2257 2358 2258 $username = $args[1]; 2259 $password = $args[2]; 2260 $taxonomy = $args[3]; 2261 $filter = isset( $args[4] ) ? $args[4] : array(); 2262 2263 if ( ! $user = $this->login( $username, $password ) ) 2264 return $this->error; 2359 $username = $args[1]; 2360 $password = $args[2]; 2361 $taxonomy = $args[3]; 2362 $filter = isset( $args[4] ) ? $args[4] : array(); 2363 2364 if ( ! $user = $this->login( $username, $password ) ) { 2365 return $this->error; 2366 } 2265 2367 2266 2368 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2267 2369 do_action( 'xmlrpc_call', 'wp.getTerms' ); 2268 2370 2269 if ( ! taxonomy_exists( $taxonomy ) ) 2371 if ( ! taxonomy_exists( $taxonomy ) ) { 2270 2372 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2373 } 2271 2374 2272 2375 $taxonomy = get_taxonomy( $taxonomy ); 2273 2376 2274 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) 2377 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) { 2275 2378 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign terms in this taxonomy.' ) ); 2379 } 2276 2380 2277 2381 $query = array(); 2278 2382 2279 if ( isset( $filter['number'] ) ) 2383 if ( isset( $filter['number'] ) ) { 2280 2384 $query['number'] = absint( $filter['number'] ); 2281 2282 if ( isset( $filter['offset'] ) ) 2385 } 2386 2387 if ( isset( $filter['offset'] ) ) { 2283 2388 $query['offset'] = absint( $filter['offset'] ); 2389 } 2284 2390 2285 2391 if ( isset( $filter['orderby'] ) ) { 2286 2392 $query['orderby'] = $filter['orderby']; 2287 2393 2288 if ( isset( $filter['order'] ) ) 2394 if ( isset( $filter['order'] ) ) { 2289 2395 $query['order'] = $filter['order']; 2290 } 2291 2292 if ( isset( $filter['hide_empty'] ) ) 2396 } 2397 } 2398 2399 if ( isset( $filter['hide_empty'] ) ) { 2293 2400 $query['hide_empty'] = $filter['hide_empty']; 2294 else2401 } else { 2295 2402 $query['get'] = 'all'; 2296 2297 if ( isset( $filter['search'] ) ) 2403 } 2404 2405 if ( isset( $filter['search'] ) ) { 2298 2406 $query['search'] = $filter['search']; 2407 } 2299 2408 2300 2409 $terms = get_terms( $taxonomy->name, $query ); 2301 2410 2302 if ( is_wp_error( $terms ) ) 2411 if ( is_wp_error( $terms ) ) { 2303 2412 return new IXR_Error( 500, $terms->get_error_message() ); 2413 } 2304 2414 2305 2415 $struct = array(); … … 2333 2443 */ 2334 2444 public function wp_getTaxonomy( $args ) { 2335 if ( ! $this->minimum_args( $args, 4 ) ) 2336 return $this->error; 2445 if ( ! $this->minimum_args( $args, 4 ) ) { 2446 return $this->error; 2447 } 2337 2448 2338 2449 $this->escape( $args ); … … 2356 2467 } 2357 2468 2358 if ( ! $user = $this->login( $username, $password ) ) 2359 return $this->error; 2469 if ( ! $user = $this->login( $username, $password ) ) { 2470 return $this->error; 2471 } 2360 2472 2361 2473 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2362 2474 do_action( 'xmlrpc_call', 'wp.getTaxonomy' ); 2363 2475 2364 if ( ! taxonomy_exists( $taxonomy ) ) 2476 if ( ! taxonomy_exists( $taxonomy ) ) { 2365 2477 return new IXR_Error( 403, __( 'Invalid taxonomy.' ) ); 2478 } 2366 2479 2367 2480 $taxonomy = get_taxonomy( $taxonomy ); 2368 2481 2369 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) 2482 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) { 2370 2483 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign terms in this taxonomy.' ) ); 2484 } 2371 2485 2372 2486 return $this->_prepare_taxonomy( $taxonomy, $fields ); … … 2393 2507 */ 2394 2508 public function wp_getTaxonomies( $args ) { 2395 if ( ! $this->minimum_args( $args, 3 ) ) 2396 return $this->error; 2509 if ( ! $this->minimum_args( $args, 3 ) ) { 2510 return $this->error; 2511 } 2397 2512 2398 2513 $this->escape( $args ); … … 2409 2524 } 2410 2525 2411 if ( ! $user = $this->login( $username, $password ) ) 2412 return $this->error; 2526 if ( ! $user = $this->login( $username, $password ) ) { 2527 return $this->error; 2528 } 2413 2529 2414 2530 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 2422 2538 foreach ( $taxonomies as $taxonomy ) { 2423 2539 // capability check for post_types 2424 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) 2540 if ( ! current_user_can( $taxonomy->cap->assign_terms ) ) { 2425 2541 continue; 2542 } 2426 2543 2427 2544 $struct[] = $this->_prepare_taxonomy( $taxonomy, $fields ); … … 2468 2585 */ 2469 2586 public function wp_getUser( $args ) { 2470 if ( ! $this->minimum_args( $args, 4 ) ) 2471 return $this->error; 2587 if ( ! $this->minimum_args( $args, 4 ) ) { 2588 return $this->error; 2589 } 2472 2590 2473 2591 $this->escape( $args ); … … 2491 2609 } 2492 2610 2493 if ( ! $user = $this->login( $username, $password ) ) 2494 return $this->error; 2611 if ( ! $user = $this->login( $username, $password ) ) { 2612 return $this->error; 2613 } 2495 2614 2496 2615 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2497 2616 do_action( 'xmlrpc_call', 'wp.getUser' ); 2498 2617 2499 if ( ! current_user_can( 'edit_user', $user_id ) ) 2618 if ( ! current_user_can( 'edit_user', $user_id ) ) { 2500 2619 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this user.' ) ); 2620 } 2501 2621 2502 2622 $user_data = get_userdata( $user_id ); 2503 2623 2504 if ( ! $user_data ) 2624 if ( ! $user_data ) { 2505 2625 return new IXR_Error( 404, __( 'Invalid user ID.' ) ); 2626 } 2506 2627 2507 2628 return $this->_prepare_user( $user_data, $fields ); … … 2533 2654 */ 2534 2655 public function wp_getUsers( $args ) { 2535 if ( ! $this->minimum_args( $args, 3 ) ) 2536 return $this->error; 2656 if ( ! $this->minimum_args( $args, 3 ) ) { 2657 return $this->error; 2658 } 2537 2659 2538 2660 $this->escape( $args ); … … 2549 2671 } 2550 2672 2551 if ( ! $user = $this->login( $username, $password ) ) 2552 return $this->error; 2673 if ( ! $user = $this->login( $username, $password ) ) { 2674 return $this->error; 2675 } 2553 2676 2554 2677 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2555 2678 do_action( 'xmlrpc_call', 'wp.getUsers' ); 2556 2679 2557 if ( ! current_user_can( 'list_users' ) ) 2680 if ( ! current_user_can( 'list_users' ) ) { 2558 2681 return new IXR_Error( 401, __( 'Sorry, you are not allowed to list users.' ) ); 2682 } 2559 2683 2560 2684 $query = array( 'fields' => 'all_with_meta' ); … … 2566 2690 $query['orderby'] = $filter['orderby']; 2567 2691 2568 if ( isset( $filter['order'] ) ) 2692 if ( isset( $filter['order'] ) ) { 2569 2693 $query['order'] = $filter['order']; 2694 } 2570 2695 } 2571 2696 2572 2697 if ( isset( $filter['role'] ) ) { 2573 if ( get_role( $filter['role'] ) === null ) 2698 if ( get_role( $filter['role'] ) === null ) { 2574 2699 return new IXR_Error( 403, __( 'Invalid role.' ) ); 2700 } 2575 2701 2576 2702 $query['role'] = $filter['role']; … … 2585 2711 $_users = array(); 2586 2712 foreach ( $users as $user_data ) { 2587 if ( current_user_can( 'edit_user', $user_data->ID ) ) 2713 if ( current_user_can( 'edit_user', $user_data->ID ) ) { 2588 2714 $_users[] = $this->_prepare_user( $user_data, $fields ); 2715 } 2589 2716 } 2590 2717 return $_users; … … 2607 2734 */ 2608 2735 public function wp_getProfile( $args ) { 2609 if ( ! $this->minimum_args( $args, 3 ) ) 2610 return $this->error; 2736 if ( ! $this->minimum_args( $args, 3 ) ) { 2737 return $this->error; 2738 } 2611 2739 2612 2740 $this->escape( $args ); … … 2622 2750 } 2623 2751 2624 if ( ! $user = $this->login( $username, $password ) ) 2625 return $this->error; 2752 if ( ! $user = $this->login( $username, $password ) ) { 2753 return $this->error; 2754 } 2626 2755 2627 2756 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2628 2757 do_action( 'xmlrpc_call', 'wp.getProfile' ); 2629 2758 2630 if ( ! current_user_can( 'edit_user', $user->ID ) ) 2759 if ( ! current_user_can( 'edit_user', $user->ID ) ) { 2631 2760 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit your profile.' ) ); 2761 } 2632 2762 2633 2763 $user_data = get_userdata( $user->ID ); … … 2659 2789 */ 2660 2790 public function wp_editProfile( $args ) { 2661 if ( ! $this->minimum_args( $args, 4 ) ) 2662 return $this->error; 2791 if ( ! $this->minimum_args( $args, 4 ) ) { 2792 return $this->error; 2793 } 2663 2794 2664 2795 $this->escape( $args ); … … 2668 2799 $content_struct = $args[3]; 2669 2800 2670 if ( ! $user = $this->login( $username, $password ) ) 2671 return $this->error; 2801 if ( ! $user = $this->login( $username, $password ) ) { 2802 return $this->error; 2803 } 2672 2804 2673 2805 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2674 2806 do_action( 'xmlrpc_call', 'wp.editProfile' ); 2675 2807 2676 if ( ! current_user_can( 'edit_user', $user->ID ) ) 2808 if ( ! current_user_can( 'edit_user', $user->ID ) ) { 2677 2809 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit your profile.' ) ); 2810 } 2678 2811 2679 2812 // holds data of the user 2680 $user_data = array();2813 $user_data = array(); 2681 2814 $user_data['ID'] = $user->ID; 2682 2815 2683 2816 // only set the user details if it was given 2684 if ( isset( $content_struct['first_name'] ) ) 2817 if ( isset( $content_struct['first_name'] ) ) { 2685 2818 $user_data['first_name'] = $content_struct['first_name']; 2686 2687 if ( isset( $content_struct['last_name'] ) ) 2819 } 2820 2821 if ( isset( $content_struct['last_name'] ) ) { 2688 2822 $user_data['last_name'] = $content_struct['last_name']; 2689 2690 if ( isset( $content_struct['url'] ) ) 2823 } 2824 2825 if ( isset( $content_struct['url'] ) ) { 2691 2826 $user_data['user_url'] = $content_struct['url']; 2692 2693 if ( isset( $content_struct['display_name'] ) ) 2827 } 2828 2829 if ( isset( $content_struct['display_name'] ) ) { 2694 2830 $user_data['display_name'] = $content_struct['display_name']; 2695 2696 if ( isset( $content_struct['nickname'] ) ) 2831 } 2832 2833 if ( isset( $content_struct['nickname'] ) ) { 2697 2834 $user_data['nickname'] = $content_struct['nickname']; 2698 2699 if ( isset( $content_struct['nicename'] ) ) 2835 } 2836 2837 if ( isset( $content_struct['nicename'] ) ) { 2700 2838 $user_data['user_nicename'] = $content_struct['nicename']; 2701 2702 if ( isset( $content_struct['bio'] ) ) 2839 } 2840 2841 if ( isset( $content_struct['bio'] ) ) { 2703 2842 $user_data['description'] = $content_struct['bio']; 2843 } 2704 2844 2705 2845 $result = wp_update_user( $user_data ); 2706 2846 2707 if ( is_wp_error( $result ) ) 2847 if ( is_wp_error( $result ) ) { 2708 2848 return new IXR_Error( 500, $result->get_error_message() ); 2709 2710 if ( ! $result ) 2849 } 2850 2851 if ( ! $result ) { 2711 2852 return new IXR_Error( 500, __( 'Sorry, the user cannot be updated.' ) ); 2853 } 2712 2854 2713 2855 return true; … … 2736 2878 $password = $args[3]; 2737 2879 2738 if ( ! $user = $this->login($username, $password) ) {2739 return $this->error; 2740 } 2741 2742 $page = get_post( $page_id);2743 if ( ! $page ) 2880 if ( ! $user = $this->login( $username, $password ) ) { 2881 return $this->error; 2882 } 2883 2884 $page = get_post( $page_id ); 2885 if ( ! $page ) { 2744 2886 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 2745 2746 if ( !current_user_can( 'edit_page', $page_id ) ) 2887 } 2888 2889 if ( ! current_user_can( 'edit_page', $page_id ) ) { 2747 2890 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this page.' ) ); 2891 } 2748 2892 2749 2893 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 2751 2895 2752 2896 // If we found the page then format the data. 2753 if ( $page->ID && ( $page->post_type == 'page') ) {2897 if ( $page->ID && ( $page->post_type == 'page' ) ) { 2754 2898 return $this->_prepare_page( $page ); 2755 } 2756 // If the page doesn't exist indicate that. 2899 } // If the page doesn't exist indicate that. 2757 2900 else { 2758 2901 return new IXR_Error( 404, __( 'Sorry, no such page.' ) ); … … 2780 2923 $username = $args[1]; 2781 2924 $password = $args[2]; 2782 $num_pages = isset($args[3]) ? (int) $args[3] : 10; 2783 2784 if ( !$user = $this->login($username, $password) ) 2785 return $this->error; 2786 2787 if ( !current_user_can( 'edit_pages' ) ) 2925 $num_pages = isset( $args[3] ) ? (int) $args[3] : 10; 2926 2927 if ( ! $user = $this->login( $username, $password ) ) { 2928 return $this->error; 2929 } 2930 2931 if ( ! current_user_can( 'edit_pages' ) ) { 2788 2932 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit pages.' ) ); 2933 } 2789 2934 2790 2935 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 2791 2936 do_action( 'xmlrpc_call', 'wp.getPages' ); 2792 2937 2793 $pages = get_posts( array('post_type' => 'page', 'post_status' => 'any', 'numberposts' => $num_pages) ); 2794 $num_pages = count($pages); 2938 $pages = get_posts( 2939 array( 2940 'post_type' => 'page', 2941 'post_status' => 'any', 2942 'numberposts' => $num_pages, 2943 ) 2944 ); 2945 $num_pages = count( $pages ); 2795 2946 2796 2947 // If we have pages, put together their info. … … 2798 2949 $pages_struct = array(); 2799 2950 2800 foreach ( $pages as $page) {2801 if ( current_user_can( 'edit_page', $page->ID ) ) 2951 foreach ( $pages as $page ) { 2952 if ( current_user_can( 'edit_page', $page->ID ) ) { 2802 2953 $pages_struct[] = $this->_prepare_page( $page ); 2954 } 2803 2955 } 2804 2956 … … 2831 2983 $password = $this->escape( $args[2] ); 2832 2984 2833 if ( !$user = $this->login($username, $password) ) 2834 return $this->error; 2985 if ( ! $user = $this->login( $username, $password ) ) { 2986 return $this->error; 2987 } 2835 2988 2836 2989 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 2838 2991 2839 2992 // Mark this as content for a page. 2840 $args[3][ "post_type"] = 'page';2993 $args[3]['post_type'] = 'page'; 2841 2994 2842 2995 // Let mw_newPost do all of the heavy lifting. … … 2866 3019 $page_id = (int) $args[3]; 2867 3020 2868 if ( !$user = $this->login($username, $password) ) 2869 return $this->error; 3021 if ( ! $user = $this->login( $username, $password ) ) { 3022 return $this->error; 3023 } 2870 3024 2871 3025 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 2874 3028 // Get the current page based on the page_id and 2875 3029 // make sure it is a page and not a post. 2876 $actual_page = get_post( $page_id, ARRAY_A);2877 if ( ! $actual_page || ($actual_page['post_type'] != 'page') )3030 $actual_page = get_post( $page_id, ARRAY_A ); 3031 if ( ! $actual_page || ( $actual_page['post_type'] != 'page' ) ) { 2878 3032 return new IXR_Error( 404, __( 'Sorry, no such page.' ) ); 3033 } 2879 3034 2880 3035 // Make sure the user can delete pages. 2881 if ( ! current_user_can('delete_page', $page_id) )3036 if ( ! current_user_can( 'delete_page', $page_id ) ) { 2882 3037 return new IXR_Error( 401, __( 'Sorry, you are not allowed to delete this page.' ) ); 3038 } 2883 3039 2884 3040 // Attempt to delete the page. 2885 $result = wp_delete_post( $page_id);2886 if ( ! $result )3041 $result = wp_delete_post( $page_id ); 3042 if ( ! $result ) { 2887 3043 return new IXR_Error( 500, __( 'Failed to delete the page.' ) ); 3044 } 2888 3045 2889 3046 /** … … 2928 3085 $escaped_password = $this->escape( $password ); 2929 3086 2930 if ( ! $user = $this->login( $escaped_username, $escaped_password ) ) {3087 if ( ! $user = $this->login( $escaped_username, $escaped_password ) ) { 2931 3088 return $this->error; 2932 3089 } … … 2936 3093 2937 3094 // Get the page data and make sure it is a page. 2938 $actual_page = get_post( $page_id, ARRAY_A);2939 if ( ! $actual_page || ($actual_page['post_type'] != 'page') )3095 $actual_page = get_post( $page_id, ARRAY_A ); 3096 if ( ! $actual_page || ( $actual_page['post_type'] != 'page' ) ) { 2940 3097 return new IXR_Error( 404, __( 'Sorry, no such page.' ) ); 3098 } 2941 3099 2942 3100 // Make sure the user is allowed to edit pages. 2943 if ( ! current_user_can('edit_page', $page_id) )3101 if ( ! current_user_can( 'edit_page', $page_id ) ) { 2944 3102 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this page.' ) ); 3103 } 2945 3104 2946 3105 // Mark this as content for a page. … … 2953 3112 $password, 2954 3113 $content, 2955 $publish 3114 $publish, 2956 3115 ); 2957 3116 … … 2984 3143 $password = $args[2]; 2985 3144 2986 if ( !$user = $this->login($username, $password) ) 2987 return $this->error; 2988 2989 if ( !current_user_can( 'edit_pages' ) ) 3145 if ( ! $user = $this->login( $username, $password ) ) { 3146 return $this->error; 3147 } 3148 3149 if ( ! current_user_can( 'edit_pages' ) ) { 2990 3150 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit pages.' ) ); 3151 } 2991 3152 2992 3153 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 2994 3155 2995 3156 // Get list of pages ids and titles 2996 $page_list = $wpdb->get_results(" 3157 $page_list = $wpdb->get_results( 3158 " 2997 3159 SELECT ID page_id, 2998 3160 post_title page_title, … … 3004 3166 WHERE post_type = 'page' 3005 3167 ORDER BY ID 3006 "); 3168 " 3169 ); 3007 3170 3008 3171 // The date needs to be formatted properly. 3009 $num_pages = count( $page_list);3172 $num_pages = count( $page_list ); 3010 3173 for ( $i = 0; $i < $num_pages; $i++ ) { 3011 $page_list[ $i]->dateCreated = $this->_convert_date( $page_list[$i]->post_date );3012 $page_list[ $i]->date_created_gmt = $this->_convert_date_gmt( $page_list[$i]->post_date_gmt, $page_list[$i]->post_date );3013 3014 unset( $page_list[$i]->post_date_gmt);3015 unset( $page_list[$i]->post_date);3016 unset( $page_list[$i]->post_status);3174 $page_list[ $i ]->dateCreated = $this->_convert_date( $page_list[ $i ]->post_date ); 3175 $page_list[ $i ]->date_created_gmt = $this->_convert_date_gmt( $page_list[ $i ]->post_date_gmt, $page_list[ $i ]->post_date ); 3176 3177 unset( $page_list[ $i ]->post_date_gmt ); 3178 unset( $page_list[ $i ]->post_date ); 3179 unset( $page_list[ $i ]->post_status ); 3017 3180 } 3018 3181 … … 3040 3203 $password = $args[2]; 3041 3204 3042 if ( !$user = $this->login($username, $password) ) 3043 return $this->error; 3044 3045 if ( !current_user_can('edit_posts') ) 3205 if ( ! $user = $this->login( $username, $password ) ) { 3206 return $this->error; 3207 } 3208 3209 if ( ! current_user_can( 'edit_posts' ) ) { 3046 3210 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts.' ) ); 3211 } 3047 3212 3048 3213 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3050 3215 3051 3216 $authors = array(); 3052 foreach ( get_users( array( 'fields' => array( 'ID','user_login','display_name') ) ) as $user ) {3217 foreach ( get_users( array( 'fields' => array( 'ID', 'user_login', 'display_name' ) ) ) as $user ) { 3053 3218 $authors[] = array( 3054 'user_id' 3055 'user_login' 3056 'display_name' => $user->display_name3219 'user_id' => $user->ID, 3220 'user_login' => $user->user_login, 3221 'display_name' => $user->display_name, 3057 3222 ); 3058 3223 } … … 3081 3246 $password = $args[2]; 3082 3247 3083 if ( !$user = $this->login($username, $password) ) 3084 return $this->error; 3085 3086 if ( !current_user_can( 'edit_posts' ) ) 3248 if ( ! $user = $this->login( $username, $password ) ) { 3249 return $this->error; 3250 } 3251 3252 if ( ! current_user_can( 'edit_posts' ) ) { 3087 3253 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view tags.' ) ); 3254 } 3088 3255 3089 3256 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3094 3261 if ( $all_tags = get_tags() ) { 3095 3262 foreach ( (array) $all_tags as $tag ) { 3096 $struct = array();3097 $struct['tag_id'] 3098 $struct['name'] 3099 $struct['count'] 3100 $struct['slug'] 3101 $struct['html_url'] 3102 $struct['rss_url'] 3263 $struct = array(); 3264 $struct['tag_id'] = $tag->term_id; 3265 $struct['name'] = $tag->name; 3266 $struct['count'] = $tag->count; 3267 $struct['slug'] = $tag->slug; 3268 $struct['html_url'] = esc_html( get_tag_link( $tag->term_id ) ); 3269 $struct['rss_url'] = esc_html( get_tag_feed_link( $tag->term_id ) ); 3103 3270 3104 3271 $tags[] = $struct; … … 3131 3298 $category = $args[3]; 3132 3299 3133 if ( !$user = $this->login($username, $password) ) 3134 return $this->error; 3300 if ( ! $user = $this->login( $username, $password ) ) { 3301 return $this->error; 3302 } 3135 3303 3136 3304 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3144 3312 // If no slug was provided make it empty so that 3145 3313 // WordPress will generate one. 3146 if ( empty( $category['slug']) )3314 if ( empty( $category['slug'] ) ) { 3147 3315 $category['slug'] = ''; 3316 } 3148 3317 3149 3318 // If no parent_id was provided make it empty 3150 3319 // so that it will be a top level page (no parent). 3151 if ( ! isset($category['parent_id']) )3320 if ( ! isset( $category['parent_id'] ) ) { 3152 3321 $category['parent_id'] = ''; 3322 } 3153 3323 3154 3324 // If no description was provided make it empty. 3155 if ( empty($category["description"]) ) 3156 $category["description"] = ""; 3325 if ( empty( $category['description'] ) ) { 3326 $category['description'] = ''; 3327 } 3157 3328 3158 3329 $new_category = array( 3159 'cat_name' 3160 'category_nicename' 3161 'category_parent' 3162 'category_description' => $category['description']3330 'cat_name' => $category['name'], 3331 'category_nicename' => $category['slug'], 3332 'category_parent' => $category['parent_id'], 3333 'category_description' => $category['description'], 3163 3334 ); 3164 3335 3165 $cat_id = wp_insert_category( $new_category, true);3336 $cat_id = wp_insert_category( $new_category, true ); 3166 3337 if ( is_wp_error( $cat_id ) ) { 3167 if ( 'term_exists' == $cat_id->get_error_code() ) 3338 if ( 'term_exists' == $cat_id->get_error_code() ) { 3168 3339 return (int) $cat_id->get_error_data(); 3169 else 3170 return new IXR_Error(500, __('Sorry, the new category failed.')); 3340 } else { 3341 return new IXR_Error( 500, __( 'Sorry, the new category failed.' ) ); 3342 } 3171 3343 } elseif ( ! $cat_id ) { 3172 return new IXR_Error( 500, __('Sorry, the new category failed.'));3344 return new IXR_Error( 500, __( 'Sorry, the new category failed.' ) ); 3173 3345 } 3174 3346 … … 3208 3380 $category_id = (int) $args[3]; 3209 3381 3210 if ( !$user = $this->login($username, $password) ) 3211 return $this->error; 3382 if ( ! $user = $this->login( $username, $password ) ) { 3383 return $this->error; 3384 } 3212 3385 3213 3386 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3259 3432 $max_results = (int) $args[4]; 3260 3433 3261 if ( !$user = $this->login($username, $password) ) 3262 return $this->error; 3263 3264 if ( !current_user_can( 'edit_posts' ) ) 3434 if ( ! $user = $this->login( $username, $password ) ) { 3435 return $this->error; 3436 } 3437 3438 if ( ! current_user_can( 'edit_posts' ) ) { 3265 3439 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) ); 3440 } 3266 3441 3267 3442 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3269 3444 3270 3445 $category_suggestions = array(); 3271 $args = array('get' => 'all', 'number' => $max_results, 'name__like' => $category); 3272 foreach ( (array) get_categories($args) as $cat ) { 3446 $args = array( 3447 'get' => 'all', 3448 'number' => $max_results, 3449 'name__like' => $category, 3450 ); 3451 foreach ( (array) get_categories( $args ) as $cat ) { 3273 3452 $category_suggestions[] = array( 3274 'category_id' 3275 'category_name' => $cat->name3453 'category_id' => $cat->term_id, 3454 'category_name' => $cat->name, 3276 3455 ); 3277 3456 } … … 3295 3474 * @return array|IXR_Error 3296 3475 */ 3297 public function wp_getComment( $args) {3298 $this->escape( $args);3299 3300 $username 3301 $password 3302 $comment_id 3476 public function wp_getComment( $args ) { 3477 $this->escape( $args ); 3478 3479 $username = $args[1]; 3480 $password = $args[2]; 3481 $comment_id = (int) $args[3]; 3303 3482 3304 3483 if ( ! $user = $this->login( $username, $password ) ) { … … 3351 3530 $username = $args[1]; 3352 3531 $password = $args[2]; 3353 $struct 3532 $struct = isset( $args[3] ) ? $args[3] : array(); 3354 3533 3355 3534 if ( ! $user = $this->login( $username, $password ) ) { … … 3394 3573 } 3395 3574 3396 $comments = get_comments( array( 3397 'status' => $status, 3398 'post_id' => $post_id, 3399 'offset' => $offset, 3400 'number' => $number, 3401 'post_type' => $post_type, 3402 ) ); 3575 $comments = get_comments( 3576 array( 3577 'status' => $status, 3578 'post_id' => $post_id, 3579 'offset' => $offset, 3580 'number' => $number, 3581 'post_type' => $post_type, 3582 ) 3583 ); 3403 3584 3404 3585 $comments_struct = array(); … … 3431 3612 */ 3432 3613 public function wp_deleteComment( $args ) { 3433 $this->escape( $args);3434 3435 $username 3436 $password 3437 $comment_ID 3614 $this->escape( $args ); 3615 3616 $username = $args[1]; 3617 $password = $args[2]; 3618 $comment_ID = (int) $args[3]; 3438 3619 3439 3620 if ( ! $user = $this->login( $username, $password ) ) { … … 3499 3680 $this->escape( $args ); 3500 3681 3501 $username 3502 $password 3503 $comment_ID 3682 $username = $args[1]; 3683 $password = $args[2]; 3684 $comment_ID = (int) $args[3]; 3504 3685 $content_struct = $args[4]; 3505 3686 3506 if ( ! $user = $this->login( $username, $password ) ) {3687 if ( ! $user = $this->login( $username, $password ) ) { 3507 3688 return $this->error; 3508 3689 } … … 3519 3700 do_action( 'xmlrpc_call', 'wp.editComment' ); 3520 3701 3521 if ( isset( $content_struct['status']) ) {3702 if ( isset( $content_struct['status'] ) ) { 3522 3703 $statuses = get_comment_statuses(); 3523 $statuses = array_keys( $statuses);3524 3525 if ( ! in_array( $content_struct['status'], $statuses) )3704 $statuses = array_keys( $statuses ); 3705 3706 if ( ! in_array( $content_struct['status'], $statuses ) ) { 3526 3707 return new IXR_Error( 401, __( 'Invalid comment status.' ) ); 3708 } 3527 3709 $comment_approved = $content_struct['status']; 3528 3710 } 3529 3711 3530 3712 // Do some timestamp voodoo 3531 if ( ! empty( $content_struct['date_created_gmt'] ) ) {3713 if ( ! empty( $content_struct['date_created_gmt'] ) ) { 3532 3714 // We know this is supposed to be GMT, so we're going to slap that Z on there by force 3533 $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z';3534 $comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));3535 $comment_date_gmt = iso8601_to_datetime( $dateCreated, 'GMT');3536 } 3537 3538 if ( isset( $content_struct['content']) )3715 $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z'; 3716 $comment_date = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); 3717 $comment_date_gmt = iso8601_to_datetime( $dateCreated, 'GMT' ); 3718 } 3719 3720 if ( isset( $content_struct['content'] ) ) { 3539 3721 $comment_content = $content_struct['content']; 3540 3541 if ( isset($content_struct['author']) ) 3722 } 3723 3724 if ( isset( $content_struct['author'] ) ) { 3542 3725 $comment_author = $content_struct['author']; 3543 3544 if ( isset($content_struct['author_url']) ) 3726 } 3727 3728 if ( isset( $content_struct['author_url'] ) ) { 3545 3729 $comment_author_url = $content_struct['author_url']; 3546 3547 if ( isset($content_struct['author_email']) ) 3730 } 3731 3732 if ( isset( $content_struct['author_email'] ) ) { 3548 3733 $comment_author_email = $content_struct['author_email']; 3734 } 3549 3735 3550 3736 // We've got all the data -- post it: 3551 $comment = compact('comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url'); 3552 3553 $result = wp_update_comment($comment); 3554 if ( is_wp_error( $result ) ) 3555 return new IXR_Error(500, $result->get_error_message()); 3556 3557 if ( !$result ) 3558 return new IXR_Error(500, __('Sorry, the comment could not be edited.')); 3737 $comment = compact( 'comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url' ); 3738 3739 $result = wp_update_comment( $comment ); 3740 if ( is_wp_error( $result ) ) { 3741 return new IXR_Error( 500, $result->get_error_message() ); 3742 } 3743 3744 if ( ! $result ) { 3745 return new IXR_Error( 500, __( 'Sorry, the comment could not be edited.' ) ); 3746 } 3559 3747 3560 3748 /** … … 3587 3775 * @return int|IXR_Error See wp_new_comment(). 3588 3776 */ 3589 public function wp_newComment( $args) {3590 $this->escape( $args);3777 public function wp_newComment( $args ) { 3778 $this->escape( $args ); 3591 3779 3592 3780 $username = $args[1]; … … 3605 3793 $allow_anon = apply_filters( 'xmlrpc_allow_anonymous_comments', false ); 3606 3794 3607 $user = $this->login( $username, $password);3608 3609 if ( ! $user ) {3795 $user = $this->login( $username, $password ); 3796 3797 if ( ! $user ) { 3610 3798 $logged_in = false; 3611 if ( $allow_anon && get_option( 'comment_registration') ) {3799 if ( $allow_anon && get_option( 'comment_registration' ) ) { 3612 3800 return new IXR_Error( 403, __( 'You must be registered to comment.' ) ); 3613 3801 } elseif ( ! $allow_anon ) { … … 3618 3806 } 3619 3807 3620 if ( is_numeric($post) ) 3621 $post_id = absint($post); 3622 else 3623 $post_id = url_to_postid($post); 3808 if ( is_numeric( $post ) ) { 3809 $post_id = absint( $post ); 3810 } else { 3811 $post_id = url_to_postid( $post ); 3812 } 3624 3813 3625 3814 if ( ! $post_id ) { … … 3646 3835 if ( $logged_in ) { 3647 3836 $display_name = $user->display_name; 3648 $user_email = $user->user_email;3649 $user_url = $user->user_url;3650 3651 $comment['comment_author'] = $this->escape( $display_name );3837 $user_email = $user->user_email; 3838 $user_url = $user->user_url; 3839 3840 $comment['comment_author'] = $this->escape( $display_name ); 3652 3841 $comment['comment_author_email'] = $this->escape( $user_email ); 3653 $comment['comment_author_url'] = $this->escape( $user_url );3654 $comment['user_ID'] = $user->ID;3842 $comment['comment_author_url'] = $this->escape( $user_url ); 3843 $comment['user_ID'] = $user->ID; 3655 3844 } else { 3656 3845 $comment['comment_author'] = ''; 3657 if ( isset( $content_struct['author']) )3846 if ( isset( $content_struct['author'] ) ) { 3658 3847 $comment['comment_author'] = $content_struct['author']; 3848 } 3659 3849 3660 3850 $comment['comment_author_email'] = ''; 3661 if ( isset( $content_struct['author_email']) )3851 if ( isset( $content_struct['author_email'] ) ) { 3662 3852 $comment['comment_author_email'] = $content_struct['author_email']; 3853 } 3663 3854 3664 3855 $comment['comment_author_url'] = ''; 3665 if ( isset( $content_struct['author_url']) )3856 if ( isset( $content_struct['author_url'] ) ) { 3666 3857 $comment['comment_author_url'] = $content_struct['author_url']; 3858 } 3667 3859 3668 3860 $comment['user_ID'] = 0; 3669 3861 3670 if ( get_option( 'require_name_email') ) {3671 if ( 6 > strlen( $comment['comment_author_email']) || '' == $comment['comment_author'] )3862 if ( get_option( 'require_name_email' ) ) { 3863 if ( 6 > strlen( $comment['comment_author_email'] ) || '' == $comment['comment_author'] ) { 3672 3864 return new IXR_Error( 403, __( 'Comment author name and email are required.' ) ); 3673 elseif ( !is_email($comment['comment_author_email']) )3865 } elseif ( ! is_email( $comment['comment_author_email'] ) ) { 3674 3866 return new IXR_Error( 403, __( 'A valid email address is required.' ) ); 3675 } 3676 } 3677 3678 $comment['comment_parent'] = isset($content_struct['comment_parent']) ? absint($content_struct['comment_parent']) : 0; 3867 } 3868 } 3869 } 3870 3871 $comment['comment_parent'] = isset( $content_struct['comment_parent'] ) ? absint( $content_struct['comment_parent'] ) : 0; 3679 3872 3680 3873 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3755 3948 $this->escape( $args ); 3756 3949 3757 $username 3758 $password 3759 $post_id 3950 $username = $args[1]; 3951 $password = $args[2]; 3952 $post_id = (int) $args[3]; 3760 3953 3761 3954 if ( ! $user = $this->login( $username, $password ) ) { … … 3778 3971 3779 3972 return array( 3780 'approved' => $count->approved,3973 'approved' => $count->approved, 3781 3974 'awaiting_moderation' => $count->moderated, 3782 'spam' => $count->spam,3783 'total_comments' => $count->total_comments3975 'spam' => $count->spam, 3976 'total_comments' => $count->total_comments, 3784 3977 ); 3785 3978 } … … 3805 3998 $password = $args[2]; 3806 3999 3807 if ( !$user = $this->login($username, $password) ) 3808 return $this->error; 3809 3810 if ( !current_user_can( 'edit_posts' ) ) 4000 if ( ! $user = $this->login( $username, $password ) ) { 4001 return $this->error; 4002 } 4003 4004 if ( ! current_user_can( 'edit_posts' ) ) { 3811 4005 return new IXR_Error( 403, __( 'Sorry, you are not allowed access to details about this site.' ) ); 4006 } 3812 4007 3813 4008 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3837 4032 $password = $args[2]; 3838 4033 3839 if ( !$user = $this->login($username, $password) ) 3840 return $this->error; 3841 3842 if ( !current_user_can( 'edit_pages' ) ) 4034 if ( ! $user = $this->login( $username, $password ) ) { 4035 return $this->error; 4036 } 4037 4038 if ( ! current_user_can( 'edit_pages' ) ) { 3843 4039 return new IXR_Error( 403, __( 'Sorry, you are not allowed access to details about this site.' ) ); 4040 } 3844 4041 3845 4042 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 3869 4066 $password = $args[2]; 3870 4067 3871 if ( !$user = $this->login($username, $password) ) 3872 return $this->error; 3873 3874 if ( !current_user_can( 'edit_pages' ) ) 4068 if ( ! $user = $this->login( $username, $password ) ) { 4069 return $this->error; 4070 } 4071 4072 if ( ! current_user_can( 'edit_pages' ) ) { 3875 4073 return new IXR_Error( 403, __( 'Sorry, you are not allowed access to details about this site.' ) ); 3876 3877 $templates = get_page_templates(); 4074 } 4075 4076 $templates = get_page_templates(); 3878 4077 $templates['Default'] = 'default'; 3879 4078 … … 3899 4098 $this->escape( $args ); 3900 4099 3901 $username = $args[1]; 3902 $password = $args[2]; 3903 $options = isset( $args[3] ) ? (array) $args[3] : array(); 3904 3905 if ( !$user = $this->login($username, $password) ) 3906 return $this->error; 4100 $username = $args[1]; 4101 $password = $args[2]; 4102 $options = isset( $args[3] ) ? (array) $args[3] : array(); 4103 4104 if ( ! $user = $this->login( $username, $password ) ) { 4105 return $this->error; 4106 } 3907 4107 3908 4108 // If no specific options where asked for, return all of them 3909 if ( count( $options ) == 0 ) 3910 $options = array_keys($this->blog_options); 3911 3912 return $this->_getOptions($options); 4109 if ( count( $options ) == 0 ) { 4110 $options = array_keys( $this->blog_options ); 4111 } 4112 4113 return $this->_getOptions( $options ); 3913 4114 } 3914 4115 … … 3921 4122 * @return array 3922 4123 */ 3923 public function _getOptions( $options) {3924 $data = array();4124 public function _getOptions( $options ) { 4125 $data = array(); 3925 4126 $can_manage = current_user_can( 'manage_options' ); 3926 4127 foreach ( $options as $option ) { 3927 4128 if ( array_key_exists( $option, $this->blog_options ) ) { 3928 $data[ $option] = $this->blog_options[$option];4129 $data[ $option ] = $this->blog_options[ $option ]; 3929 4130 //Is the value static or dynamic? 3930 if ( isset( $data[ $option]['option'] ) ) {3931 $data[ $option]['value'] = get_option( $data[$option]['option'] );3932 unset( $data[$option]['option']);4131 if ( isset( $data[ $option ]['option'] ) ) { 4132 $data[ $option ]['value'] = get_option( $data[ $option ]['option'] ); 4133 unset( $data[ $option ]['option'] ); 3933 4134 } 3934 4135 3935 if ( ! $can_manage ) 3936 $data[$option]['readonly'] = true; 4136 if ( ! $can_manage ) { 4137 $data[ $option ]['readonly'] = true; 4138 } 3937 4139 } 3938 4140 } … … 3959 4161 $this->escape( $args ); 3960 4162 3961 $username = $args[1]; 3962 $password = $args[2]; 3963 $options = (array) $args[3]; 3964 3965 if ( !$user = $this->login($username, $password) ) 3966 return $this->error; 3967 3968 if ( !current_user_can( 'manage_options' ) ) 4163 $username = $args[1]; 4164 $password = $args[2]; 4165 $options = (array) $args[3]; 4166 4167 if ( ! $user = $this->login( $username, $password ) ) { 4168 return $this->error; 4169 } 4170 4171 if ( ! current_user_can( 'manage_options' ) ) { 3969 4172 return new IXR_Error( 403, __( 'Sorry, you are not allowed to update options.' ) ); 4173 } 3970 4174 3971 4175 $option_names = array(); 3972 4176 foreach ( $options as $o_name => $o_value ) { 3973 4177 $option_names[] = $o_name; 3974 if ( ! array_key_exists( $o_name, $this->blog_options ) )4178 if ( ! array_key_exists( $o_name, $this->blog_options ) ) { 3975 4179 continue; 3976 3977 if ( $this->blog_options[$o_name]['readonly'] == true ) 4180 } 4181 4182 if ( $this->blog_options[ $o_name ]['readonly'] == true ) { 3978 4183 continue; 3979 3980 update_option( $this->blog_options[$o_name]['option'], wp_unslash( $o_value ) ); 4184 } 4185 4186 update_option( $this->blog_options[ $o_name ]['option'], wp_unslash( $o_value ) ); 3981 4187 } 3982 4188 3983 4189 //Now return the updated values 3984 return $this->_getOptions( $option_names);4190 return $this->_getOptions( $option_names ); 3985 4191 } 3986 4192 … … 4011 4217 $this->escape( $args ); 4012 4218 4013 $username = $args[1]; 4014 $password = $args[2]; 4015 $attachment_id = (int) $args[3]; 4016 4017 if ( !$user = $this->login($username, $password) ) 4018 return $this->error; 4019 4020 if ( !current_user_can( 'upload_files' ) ) 4219 $username = $args[1]; 4220 $password = $args[2]; 4221 $attachment_id = (int) $args[3]; 4222 4223 if ( ! $user = $this->login( $username, $password ) ) { 4224 return $this->error; 4225 } 4226 4227 if ( ! current_user_can( 'upload_files' ) ) { 4021 4228 return new IXR_Error( 403, __( 'Sorry, you are not allowed to upload files.' ) ); 4229 } 4022 4230 4023 4231 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4024 4232 do_action( 'xmlrpc_call', 'wp.getMediaItem' ); 4025 4233 4026 if ( ! $attachment = get_post( $attachment_id) )4234 if ( ! $attachment = get_post( $attachment_id ) ) { 4027 4235 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 4236 } 4028 4237 4029 4238 return $this->_prepare_media_item( $attachment ); … … 4056 4265 * @return array|IXR_Error Contains a collection of media items. See wp_xmlrpc_server::wp_getMediaItem() for a description of each item contents 4057 4266 */ 4058 public function wp_getMediaLibrary($args) { 4059 $this->escape($args); 4060 4061 $username = $args[1]; 4062 $password = $args[2]; 4063 $struct = isset( $args[3] ) ? $args[3] : array() ; 4064 4065 if ( !$user = $this->login($username, $password) ) 4066 return $this->error; 4067 4068 if ( !current_user_can( 'upload_files' ) ) 4267 public function wp_getMediaLibrary( $args ) { 4268 $this->escape( $args ); 4269 4270 $username = $args[1]; 4271 $password = $args[2]; 4272 $struct = isset( $args[3] ) ? $args[3] : array(); 4273 4274 if ( ! $user = $this->login( $username, $password ) ) { 4275 return $this->error; 4276 } 4277 4278 if ( ! current_user_can( 'upload_files' ) ) { 4069 4279 return new IXR_Error( 401, __( 'Sorry, you are not allowed to upload files.' ) ); 4280 } 4070 4281 4071 4282 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4072 4283 do_action( 'xmlrpc_call', 'wp.getMediaLibrary' ); 4073 4284 4074 $parent_id = ( isset($struct['parent_id']) ) ? absint($struct['parent_id']) : '' ; 4075 $mime_type = ( isset($struct['mime_type']) ) ? $struct['mime_type'] : '' ; 4076 $offset = ( isset($struct['offset']) ) ? absint($struct['offset']) : 0 ; 4077 $number = ( isset($struct['number']) ) ? absint($struct['number']) : -1 ; 4078 4079 $attachments = get_posts( array('post_type' => 'attachment', 'post_parent' => $parent_id, 'offset' => $offset, 'numberposts' => $number, 'post_mime_type' => $mime_type ) ); 4285 $parent_id = ( isset( $struct['parent_id'] ) ) ? absint( $struct['parent_id'] ) : ''; 4286 $mime_type = ( isset( $struct['mime_type'] ) ) ? $struct['mime_type'] : ''; 4287 $offset = ( isset( $struct['offset'] ) ) ? absint( $struct['offset'] ) : 0; 4288 $number = ( isset( $struct['number'] ) ) ? absint( $struct['number'] ) : -1; 4289 4290 $attachments = get_posts( 4291 array( 4292 'post_type' => 'attachment', 4293 'post_parent' => $parent_id, 4294 'offset' => $offset, 4295 'numberposts' => $number, 4296 'post_mime_type' => $mime_type, 4297 ) 4298 ); 4080 4299 4081 4300 $attachments_struct = array(); 4082 4301 4083 foreach ( $attachments as $attachment )4302 foreach ( $attachments as $attachment ) { 4084 4303 $attachments_struct[] = $this->_prepare_media_item( $attachment ); 4304 } 4085 4305 4086 4306 return $attachments_struct; … … 4107 4327 $password = $args[2]; 4108 4328 4109 if ( !$user = $this->login( $username, $password ) ) 4110 return $this->error; 4111 4112 if ( !current_user_can( 'edit_posts' ) ) 4329 if ( ! $user = $this->login( $username, $password ) ) { 4330 return $this->error; 4331 } 4332 4333 if ( ! current_user_can( 'edit_posts' ) ) { 4113 4334 return new IXR_Error( 403, __( 'Sorry, you are not allowed access to details about this site.' ) ); 4335 } 4114 4336 4115 4337 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4124 4346 $supported = get_theme_support( 'post-formats' ); 4125 4347 4126 $data = array();4127 $data['all'] = $formats;4348 $data = array(); 4349 $data['all'] = $formats; 4128 4350 $data['supported'] = $supported[0]; 4129 4351 … … 4164 4386 */ 4165 4387 public function wp_getPostType( $args ) { 4166 if ( ! $this->minimum_args( $args, 4 ) ) 4167 return $this->error; 4388 if ( ! $this->minimum_args( $args, 4 ) ) { 4389 return $this->error; 4390 } 4168 4391 4169 4392 $this->escape( $args ); … … 4187 4410 } 4188 4411 4189 if ( !$user = $this->login( $username, $password ) ) 4190 return $this->error; 4412 if ( ! $user = $this->login( $username, $password ) ) { 4413 return $this->error; 4414 } 4191 4415 4192 4416 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4193 4417 do_action( 'xmlrpc_call', 'wp.getPostType' ); 4194 4418 4195 if ( ! post_type_exists( $post_type_name ) ) 4419 if ( ! post_type_exists( $post_type_name ) ) { 4196 4420 return new IXR_Error( 403, __( 'Invalid post type.' ) ); 4421 } 4197 4422 4198 4423 $post_type = get_post_type_object( $post_type_name ); 4199 4424 4200 if ( ! current_user_can( $post_type->cap->edit_posts ) ) 4425 if ( ! current_user_can( $post_type->cap->edit_posts ) ) { 4201 4426 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts in this post type.' ) ); 4427 } 4202 4428 4203 4429 return $this->_prepare_post_type( $post_type, $fields ); … … 4223 4449 */ 4224 4450 public function wp_getPostTypes( $args ) { 4225 if ( ! $this->minimum_args( $args, 3 ) ) 4226 return $this->error; 4451 if ( ! $this->minimum_args( $args, 3 ) ) { 4452 return $this->error; 4453 } 4227 4454 4228 4455 $this->escape( $args ); … … 4239 4466 } 4240 4467 4241 if ( ! $user = $this->login( $username, $password ) ) 4242 return $this->error; 4468 if ( ! $user = $this->login( $username, $password ) ) { 4469 return $this->error; 4470 } 4243 4471 4244 4472 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4250 4478 4251 4479 foreach ( $post_types as $post_type ) { 4252 if ( ! current_user_can( $post_type->cap->edit_posts ) ) 4480 if ( ! current_user_can( $post_type->cap->edit_posts ) ) { 4253 4481 continue; 4254 4255 $struct[$post_type->name] = $this->_prepare_post_type( $post_type, $fields ); 4482 } 4483 4484 $struct[ $post_type->name ] = $this->_prepare_post_type( $post_type, $fields ); 4256 4485 } 4257 4486 … … 4282 4511 */ 4283 4512 public function wp_getRevisions( $args ) { 4284 if ( ! $this->minimum_args( $args, 4 ) ) 4285 return $this->error; 4513 if ( ! $this->minimum_args( $args, 4 ) ) { 4514 return $this->error; 4515 } 4286 4516 4287 4517 $this->escape( $args ); … … 4305 4535 } 4306 4536 4307 if ( ! $user = $this->login( $username, $password ) ) 4308 return $this->error; 4537 if ( ! $user = $this->login( $username, $password ) ) { 4538 return $this->error; 4539 } 4309 4540 4310 4541 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4311 4542 do_action( 'xmlrpc_call', 'wp.getRevisions' ); 4312 4543 4313 if ( ! $post = get_post( $post_id ) ) 4544 if ( ! $post = get_post( $post_id ) ) { 4314 4545 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 4315 4316 if ( ! current_user_can( 'edit_post', $post_id ) ) 4546 } 4547 4548 if ( ! current_user_can( 'edit_post', $post_id ) ) { 4317 4549 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts.' ) ); 4550 } 4318 4551 4319 4552 // Check if revisions are enabled. 4320 if ( ! wp_revisions_enabled( $post ) ) 4553 if ( ! wp_revisions_enabled( $post ) ) { 4321 4554 return new IXR_Error( 401, __( 'Sorry, revisions are disabled.' ) ); 4555 } 4322 4556 4323 4557 $revisions = wp_get_post_revisions( $post_id ); 4324 4558 4325 if ( ! $revisions ) 4559 if ( ! $revisions ) { 4326 4560 return array(); 4561 } 4327 4562 4328 4563 $struct = array(); 4329 4564 4330 4565 foreach ( $revisions as $revision ) { 4331 if ( ! current_user_can( 'read_post', $revision->ID ) ) 4566 if ( ! current_user_can( 'read_post', $revision->ID ) ) { 4332 4567 continue; 4568 } 4333 4569 4334 4570 // Skip autosaves 4335 if ( wp_is_post_autosave( $revision ) ) 4571 if ( wp_is_post_autosave( $revision ) ) { 4336 4572 continue; 4573 } 4337 4574 4338 4575 $struct[] = $this->_prepare_post( get_object_vars( $revision ), $fields ); … … 4360 4597 */ 4361 4598 public function wp_restoreRevision( $args ) { 4362 if ( ! $this->minimum_args( $args, 3 ) ) 4363 return $this->error; 4599 if ( ! $this->minimum_args( $args, 3 ) ) { 4600 return $this->error; 4601 } 4364 4602 4365 4603 $this->escape( $args ); … … 4369 4607 $revision_id = (int) $args[3]; 4370 4608 4371 if ( ! $user = $this->login( $username, $password ) ) 4372 return $this->error; 4609 if ( ! $user = $this->login( $username, $password ) ) { 4610 return $this->error; 4611 } 4373 4612 4374 4613 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4375 4614 do_action( 'xmlrpc_call', 'wp.restoreRevision' ); 4376 4615 4377 if ( ! $revision = wp_get_post_revision( $revision_id ) ) 4616 if ( ! $revision = wp_get_post_revision( $revision_id ) ) { 4378 4617 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 4379 4380 if ( wp_is_post_autosave( $revision ) ) 4618 } 4619 4620 if ( wp_is_post_autosave( $revision ) ) { 4381 4621 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 4382 4383 if ( ! $post = get_post( $revision->post_parent ) ) 4622 } 4623 4624 if ( ! $post = get_post( $revision->post_parent ) ) { 4384 4625 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 4385 4386 if ( ! current_user_can( 'edit_post', $revision->post_parent ) ) 4626 } 4627 4628 if ( ! current_user_can( 'edit_post', $revision->post_parent ) ) { 4387 4629 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 4630 } 4388 4631 4389 4632 // Check if revisions are disabled. 4390 if ( ! wp_revisions_enabled( $post ) ) 4633 if ( ! wp_revisions_enabled( $post ) ) { 4391 4634 return new IXR_Error( 401, __( 'Sorry, revisions are disabled.' ) ); 4635 } 4392 4636 4393 4637 $post = wp_restore_post_revision( $revision_id ); … … 4416 4660 * @return array|IXR_Error 4417 4661 */ 4418 public function blogger_getUsersBlogs( $args) {4662 public function blogger_getUsersBlogs( $args ) { 4419 4663 if ( ! $this->minimum_args( $args, 3 ) ) { 4420 4664 return $this->error; … … 4422 4666 4423 4667 if ( is_multisite() ) { 4424 return $this->_multisite_getUsersBlogs( $args);4425 } 4426 4427 $this->escape( $args);4668 return $this->_multisite_getUsersBlogs( $args ); 4669 } 4670 4671 $this->escape( $args ); 4428 4672 4429 4673 $username = $args[1]; 4430 4674 $password = $args[2]; 4431 4675 4432 if ( !$user = $this->login($username, $password) ) 4433 return $this->error; 4676 if ( ! $user = $this->login( $username, $password ) ) { 4677 return $this->error; 4678 } 4434 4679 4435 4680 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4436 4681 do_action( 'xmlrpc_call', 'blogger.getUsersBlogs' ); 4437 4682 4438 $is_admin = current_user_can( 'manage_options');4683 $is_admin = current_user_can( 'manage_options' ); 4439 4684 4440 4685 $struct = array( 4441 4686 'isAdmin' => $is_admin, 4442 'url' => get_option( 'home') . '/',4687 'url' => get_option( 'home' ) . '/', 4443 4688 'blogid' => '1', 4444 'blogName' => get_option( 'blogname'),4689 'blogName' => get_option( 'blogname' ), 4445 4690 'xmlrpc' => site_url( 'xmlrpc.php', 'rpc' ), 4446 4691 ); 4447 4692 4448 return array( $struct);4693 return array( $struct ); 4449 4694 } 4450 4695 … … 4466 4711 4467 4712 $domain = $current_blog->domain; 4468 $path = $current_blog->path . 'xmlrpc.php';4713 $path = $current_blog->path . 'xmlrpc.php'; 4469 4714 4470 4715 $rpc = new IXR_Client( set_url_scheme( "http://{$domain}{$path}" ) ); 4471 $rpc->query( 'wp.getUsersBlogs', $args[1], $args[2]);4716 $rpc->query( 'wp.getUsersBlogs', $args[1], $args[2] ); 4472 4717 $blogs = $rpc->getResponse(); 4473 4718 4474 if ( isset($blogs['faultCode']) ) 4475 return new IXR_Error($blogs['faultCode'], $blogs['faultString']); 4719 if ( isset( $blogs['faultCode'] ) ) { 4720 return new IXR_Error( $blogs['faultCode'], $blogs['faultString'] ); 4721 } 4476 4722 4477 4723 if ( $_SERVER['HTTP_HOST'] == $domain && $_SERVER['REQUEST_URI'] == $path ) { … … 4479 4725 } else { 4480 4726 foreach ( (array) $blogs as $blog ) { 4481 if ( strpos($blog['url'], $_SERVER['HTTP_HOST']) ) 4482 return array($blog); 4727 if ( strpos( $blog['url'], $_SERVER['HTTP_HOST'] ) ) { 4728 return array( $blog ); 4729 } 4483 4730 } 4484 4731 return array(); … … 4508 4755 $password = $args[2]; 4509 4756 4510 if ( !$user = $this->login($username, $password) ) 4511 return $this->error; 4512 4513 if ( !current_user_can( 'edit_posts' ) ) 4757 if ( ! $user = $this->login( $username, $password ) ) { 4758 return $this->error; 4759 } 4760 4761 if ( ! current_user_can( 'edit_posts' ) ) { 4514 4762 return new IXR_Error( 401, __( 'Sorry, you are not allowed to access user data on this site.' ) ); 4763 } 4515 4764 4516 4765 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4522 4771 'url' => $user->user_url, 4523 4772 'lastname' => $user->last_name, 4524 'firstname' => $user->first_name 4773 'firstname' => $user->first_name, 4525 4774 ); 4526 4775 … … 4550 4799 $password = $args[3]; 4551 4800 4552 if ( !$user = $this->login($username, $password) ) 4553 return $this->error; 4554 4555 $post_data = get_post($post_ID, ARRAY_A); 4556 if ( ! $post_data ) 4801 if ( ! $user = $this->login( $username, $password ) ) { 4802 return $this->error; 4803 } 4804 4805 $post_data = get_post( $post_ID, ARRAY_A ); 4806 if ( ! $post_data ) { 4557 4807 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 4558 4559 if ( !current_user_can( 'edit_post', $post_ID ) ) 4808 } 4809 4810 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 4560 4811 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 4812 } 4561 4813 4562 4814 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4563 4815 do_action( 'xmlrpc_call', 'blogger.getPost' ); 4564 4816 4565 $categories = implode( ',', wp_get_post_categories($post_ID));4566 4567 $content = '<title>' .wp_unslash($post_data['post_title']).'</title>';4568 $content .= '<category>' .$categories.'</category>';4569 $content .= wp_unslash( $post_data['post_content']);4817 $categories = implode( ',', wp_get_post_categories( $post_ID ) ); 4818 4819 $content = '<title>' . wp_unslash( $post_data['post_title'] ) . '</title>'; 4820 $content .= '<category>' . $categories . '</category>'; 4821 $content .= wp_unslash( $post_data['post_content'] ); 4570 4822 4571 4823 $struct = array( 4572 'userid' => $post_data['post_author'],4824 'userid' => $post_data['post_author'], 4573 4825 'dateCreated' => $this->_convert_date( $post_data['post_date'] ), 4574 4826 'content' => $content, 4575 'postid' => (string) $post_data['ID']4827 'postid' => (string) $post_data['ID'], 4576 4828 ); 4577 4829 … … 4597 4849 public function blogger_getRecentPosts( $args ) { 4598 4850 4599 $this->escape( $args);4851 $this->escape( $args ); 4600 4852 4601 4853 // $args[0] = appkey - ignored 4602 4854 $username = $args[2]; 4603 4855 $password = $args[3]; 4604 if ( isset( $args[4] ) ) 4856 if ( isset( $args[4] ) ) { 4605 4857 $query = array( 'numberposts' => absint( $args[4] ) ); 4606 else4858 } else { 4607 4859 $query = array(); 4608 4609 if ( !$user = $this->login($username, $password) ) 4610 return $this->error; 4611 4612 if ( ! current_user_can( 'edit_posts' ) ) 4860 } 4861 4862 if ( ! $user = $this->login( $username, $password ) ) { 4863 return $this->error; 4864 } 4865 4866 if ( ! current_user_can( 'edit_posts' ) ) { 4613 4867 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts.' ) ); 4868 } 4614 4869 4615 4870 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4618 4873 $posts_list = wp_get_recent_posts( $query ); 4619 4874 4620 if ( ! $posts_list ) {4621 $this->error = new IXR_Error( 500, __('Either there are no posts, or something went wrong.'));4875 if ( ! $posts_list ) { 4876 $this->error = new IXR_Error( 500, __( 'Either there are no posts, or something went wrong.' ) ); 4622 4877 return $this->error; 4623 4878 } 4624 4879 4625 4880 $recent_posts = array(); 4626 foreach ( $posts_list as $entry) {4627 if ( ! current_user_can( 'edit_post', $entry['ID'] ) )4881 foreach ( $posts_list as $entry ) { 4882 if ( ! current_user_can( 'edit_post', $entry['ID'] ) ) { 4628 4883 continue; 4884 } 4629 4885 4630 4886 $post_date = $this->_convert_date( $entry['post_date'] ); 4631 $categories = implode( ',', wp_get_post_categories($entry['ID']));4632 4633 $content = '<title>' .wp_unslash($entry['post_title']).'</title>';4634 $content .= '<category>' .$categories.'</category>';4635 $content .= wp_unslash( $entry['post_content']);4887 $categories = implode( ',', wp_get_post_categories( $entry['ID'] ) ); 4888 4889 $content = '<title>' . wp_unslash( $entry['post_title'] ) . '</title>'; 4890 $content .= '<category>' . $categories . '</category>'; 4891 $content .= wp_unslash( $entry['post_content'] ); 4636 4892 4637 4893 $recent_posts[] = array( 4638 'userid' => $entry['post_author'],4894 'userid' => $entry['post_author'], 4639 4895 'dateCreated' => $post_date, 4640 'content' => $content,4641 'postid' => (string) $entry['ID'],4896 'content' => $content, 4897 'postid' => (string) $entry['ID'], 4642 4898 ); 4643 4899 } … … 4655 4911 * @return IXR_Error Error object. 4656 4912 */ 4657 public function blogger_getTemplate( $args) {4658 return new IXR_Error( 403, __( 'Sorry, that file cannot be edited.' ) );4913 public function blogger_getTemplate( $args ) { 4914 return new IXR_Error( 403, __( 'Sorry, that file cannot be edited.' ) ); 4659 4915 } 4660 4916 … … 4668 4924 * @return IXR_Error Error object. 4669 4925 */ 4670 public function blogger_setTemplate( $args) {4671 return new IXR_Error( 403, __( 'Sorry, that file cannot be edited.' ) );4926 public function blogger_setTemplate( $args ) { 4927 return new IXR_Error( 403, __( 'Sorry, that file cannot be edited.' ) ); 4672 4928 } 4673 4929 … … 4697 4953 $publish = $args[5]; 4698 4954 4699 if ( !$user = $this->login($username, $password) ) 4700 return $this->error; 4955 if ( ! $user = $this->login( $username, $password ) ) { 4956 return $this->error; 4957 } 4701 4958 4702 4959 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 4703 4960 do_action( 'xmlrpc_call', 'blogger.newPost' ); 4704 4961 4705 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 4706 if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) || !current_user_can($cap) ) 4707 return new IXR_Error(401, __('Sorry, you are not allowed to post on this site.')); 4708 4709 $post_status = ($publish) ? 'publish' : 'draft'; 4962 $cap = ( $publish ) ? 'publish_posts' : 'edit_posts'; 4963 if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) || ! current_user_can( $cap ) ) { 4964 return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) ); 4965 } 4966 4967 $post_status = ( $publish ) ? 'publish' : 'draft'; 4710 4968 4711 4969 $post_author = $user->ID; 4712 4970 4713 $post_title = xmlrpc_getposttitle($content); 4714 $post_category = xmlrpc_getpostcategory($content); 4715 $post_content = xmlrpc_removepostdata($content); 4716 4717 $post_date = current_time('mysql'); 4718 $post_date_gmt = current_time('mysql', 1); 4719 4720 $post_data = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status'); 4721 4722 $post_ID = wp_insert_post($post_data); 4723 if ( is_wp_error( $post_ID ) ) 4724 return new IXR_Error(500, $post_ID->get_error_message()); 4725 4726 if ( !$post_ID ) 4727 return new IXR_Error(500, __('Sorry, your entry could not be posted.')); 4971 $post_title = xmlrpc_getposttitle( $content ); 4972 $post_category = xmlrpc_getpostcategory( $content ); 4973 $post_content = xmlrpc_removepostdata( $content ); 4974 4975 $post_date = current_time( 'mysql' ); 4976 $post_date_gmt = current_time( 'mysql', 1 ); 4977 4978 $post_data = compact( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status' ); 4979 4980 $post_ID = wp_insert_post( $post_data ); 4981 if ( is_wp_error( $post_ID ) ) { 4982 return new IXR_Error( 500, $post_ID->get_error_message() ); 4983 } 4984 4985 if ( ! $post_ID ) { 4986 return new IXR_Error( 500, __( 'Sorry, your entry could not be posted.' ) ); 4987 } 4728 4988 4729 4989 $this->attach_uploads( $post_ID, $post_content ); … … 4761 5021 public function blogger_editPost( $args ) { 4762 5022 4763 $this->escape( $args);5023 $this->escape( $args ); 4764 5024 4765 5025 $post_ID = (int) $args[1]; … … 4782 5042 } 4783 5043 4784 $this->escape( $actual_post);5044 $this->escape( $actual_post ); 4785 5045 4786 5046 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 4787 return new IXR_Error( 401, __('Sorry, you are not allowed to edit this post.'));5047 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 4788 5048 } 4789 5049 if ( 'publish' == $actual_post['post_status'] && ! current_user_can( 'publish_posts' ) ) { … … 4791 5051 } 4792 5052 4793 $postdata = array();4794 $postdata['ID'] = $actual_post['ID'];4795 $postdata['post_content'] = xmlrpc_removepostdata( $content );4796 $postdata['post_title'] = xmlrpc_getposttitle( $content );5053 $postdata = array(); 5054 $postdata['ID'] = $actual_post['ID']; 5055 $postdata['post_content'] = xmlrpc_removepostdata( $content ); 5056 $postdata['post_title'] = xmlrpc_getposttitle( $content ); 4797 5057 $postdata['post_category'] = xmlrpc_getpostcategory( $content ); 4798 $postdata['post_status'] = $actual_post['post_status'];4799 $postdata['post_excerpt'] = $actual_post['post_excerpt'];4800 $postdata['post_status'] = $publish ? 'publish' : 'draft';5058 $postdata['post_status'] = $actual_post['post_status']; 5059 $postdata['post_excerpt'] = $actual_post['post_excerpt']; 5060 $postdata['post_status'] = $publish ? 'publish' : 'draft'; 4801 5061 4802 5062 $result = wp_update_post( $postdata ); 4803 5063 4804 5064 if ( ! $result ) { 4805 return new IXR_Error( 500, __('For some strange yet very annoying reason, this post could not be edited.'));5065 return new IXR_Error( 500, __( 'For some strange yet very annoying reason, this post could not be edited.' ) ); 4806 5066 } 4807 5067 $this->attach_uploads( $actual_post['ID'], $postdata['post_content'] ); … … 4842 5102 $password = $args[3]; 4843 5103 4844 if ( !$user = $this->login($username, $password) ) 4845 return $this->error; 5104 if ( ! $user = $this->login( $username, $password ) ) { 5105 return $this->error; 5106 } 4846 5107 4847 5108 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4919 5180 * @return int|IXR_Error 4920 5181 */ 4921 public function mw_newPost( $args) {4922 $this->escape( $args);5182 public function mw_newPost( $args ) { 5183 $this->escape( $args ); 4923 5184 4924 5185 $username = $args[1]; … … 4927 5188 $publish = isset( $args[4] ) ? $args[4] : 0; 4928 5189 4929 if ( !$user = $this->login($username, $password) ) 4930 return $this->error; 5190 if ( ! $user = $this->login( $username, $password ) ) { 5191 return $this->error; 5192 } 4931 5193 4932 5194 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 4934 5196 4935 5197 $page_template = ''; 4936 if ( ! empty( $content_struct['post_type'] ) ) {5198 if ( ! empty( $content_struct['post_type'] ) ) { 4937 5199 if ( $content_struct['post_type'] == 'page' ) { 4938 if ( $publish ) 4939 $cap 4940 elseif ( isset( $content_struct['page_status'] ) && 'publish' == $content_struct['page_status'] )4941 $cap 4942 else5200 if ( $publish ) { 5201 $cap = 'publish_pages'; 5202 } elseif ( isset( $content_struct['page_status'] ) && 'publish' == $content_struct['page_status'] ) { 5203 $cap = 'publish_pages'; 5204 } else { 4943 5205 $cap = 'edit_pages'; 5206 } 4944 5207 $error_message = __( 'Sorry, you are not allowed to publish pages on this site.' ); 4945 $post_type = 'page';4946 if ( ! empty( $content_struct['wp_page_template'] ) )5208 $post_type = 'page'; 5209 if ( ! empty( $content_struct['wp_page_template'] ) ) { 4947 5210 $page_template = $content_struct['wp_page_template']; 5211 } 4948 5212 } elseif ( $content_struct['post_type'] == 'post' ) { 4949 if ( $publish ) 4950 $cap 4951 elseif ( isset( $content_struct['post_status'] ) && 'publish' == $content_struct['post_status'] )4952 $cap 4953 else5213 if ( $publish ) { 5214 $cap = 'publish_posts'; 5215 } elseif ( isset( $content_struct['post_status'] ) && 'publish' == $content_struct['post_status'] ) { 5216 $cap = 'publish_posts'; 5217 } else { 4954 5218 $cap = 'edit_posts'; 5219 } 4955 5220 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' ); 4956 $post_type = 'post';5221 $post_type = 'post'; 4957 5222 } else { 4958 5223 // No other post_type values are allowed here … … 4960 5225 } 4961 5226 } else { 4962 if ( $publish ) 4963 $cap 4964 elseif ( isset( $content_struct['post_status'] ) && 'publish' == $content_struct['post_status'])4965 $cap 4966 else5227 if ( $publish ) { 5228 $cap = 'publish_posts'; 5229 } elseif ( isset( $content_struct['post_status'] ) && 'publish' == $content_struct['post_status'] ) { 5230 $cap = 'publish_posts'; 5231 } else { 4967 5232 $cap = 'edit_posts'; 5233 } 4968 5234 $error_message = __( 'Sorry, you are not allowed to publish posts on this site.' ); 4969 $post_type = 'post';4970 } 4971 4972 if ( ! current_user_can( get_post_type_object( $post_type )->cap->create_posts ) ) 5235 $post_type = 'post'; 5236 } 5237 5238 if ( ! current_user_can( get_post_type_object( $post_type )->cap->create_posts ) ) { 4973 5239 return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts on this site.' ) ); 4974 if ( !current_user_can( $cap ) ) 5240 } 5241 if ( ! current_user_can( $cap ) ) { 4975 5242 return new IXR_Error( 401, $error_message ); 5243 } 4976 5244 4977 5245 // Check for a valid post format if one was given 4978 5246 if ( isset( $content_struct['wp_post_format'] ) ) { 4979 5247 $content_struct['wp_post_format'] = sanitize_key( $content_struct['wp_post_format'] ); 4980 if ( ! array_key_exists( $content_struct['wp_post_format'], get_post_format_strings() ) ) {5248 if ( ! array_key_exists( $content_struct['wp_post_format'], get_post_format_strings() ) ) { 4981 5249 return new IXR_Error( 404, __( 'Invalid post format.' ) ); 4982 5250 } … … 4985 5253 // Let WordPress generate the post_name (slug) unless 4986 5254 // one has been provided. 4987 $post_name = "";4988 if ( isset( $content_struct['wp_slug']) )5255 $post_name = ''; 5256 if ( isset( $content_struct['wp_slug'] ) ) { 4989 5257 $post_name = $content_struct['wp_slug']; 5258 } 4990 5259 4991 5260 // Only use a password if one was given. 4992 if ( isset( $content_struct['wp_password']) )5261 if ( isset( $content_struct['wp_password'] ) ) { 4993 5262 $post_password = $content_struct['wp_password']; 5263 } 4994 5264 4995 5265 // Only set a post parent if one was provided. 4996 if ( isset( $content_struct['wp_page_parent_id']) )5266 if ( isset( $content_struct['wp_page_parent_id'] ) ) { 4997 5267 $post_parent = $content_struct['wp_page_parent_id']; 5268 } 4998 5269 4999 5270 // Only set the menu_order if it was provided. 5000 if ( isset( $content_struct['wp_page_order']) )5271 if ( isset( $content_struct['wp_page_order'] ) ) { 5001 5272 $menu_order = $content_struct['wp_page_order']; 5273 } 5002 5274 5003 5275 $post_author = $user->ID; … … 5006 5278 if ( isset( $content_struct['wp_author_id'] ) && ( $user->ID != $content_struct['wp_author_id'] ) ) { 5007 5279 switch ( $post_type ) { 5008 case "post":5009 if ( ! current_user_can( 'edit_others_posts' ) )5280 case 'post': 5281 if ( ! current_user_can( 'edit_others_posts' ) ) { 5010 5282 return new IXR_Error( 401, __( 'Sorry, you are not allowed to create posts as this user.' ) ); 5283 } 5011 5284 break; 5012 case "page":5013 if ( ! current_user_can( 'edit_others_pages' ) )5285 case 'page': 5286 if ( ! current_user_can( 'edit_others_pages' ) ) { 5014 5287 return new IXR_Error( 401, __( 'Sorry, you are not allowed to create pages as this user.' ) ); 5288 } 5015 5289 break; 5016 5290 default: … … 5018 5292 } 5019 5293 $author = get_userdata( $content_struct['wp_author_id'] ); 5020 if ( ! $author ) 5294 if ( ! $author ) { 5021 5295 return new IXR_Error( 404, __( 'Invalid author ID.' ) ); 5296 } 5022 5297 $post_author = $content_struct['wp_author_id']; 5023 5298 } 5024 5299 5025 $post_title = isset( $content_struct['title'] ) ? $content_struct['title'] : null;5300 $post_title = isset( $content_struct['title'] ) ? $content_struct['title'] : null; 5026 5301 $post_content = isset( $content_struct['description'] ) ? $content_struct['description'] : null; 5027 5302 5028 5303 $post_status = $publish ? 'publish' : 'draft'; 5029 5304 5030 if ( isset( $content_struct[ "{$post_type}_status"] ) ) {5031 switch ( $content_struct[ "{$post_type}_status"] ) {5305 if ( isset( $content_struct[ "{$post_type}_status" ] ) ) { 5306 switch ( $content_struct[ "{$post_type}_status" ] ) { 5032 5307 case 'draft': 5033 5308 case 'pending': 5034 5309 case 'private': 5035 5310 case 'publish': 5036 $post_status = $content_struct[ "{$post_type}_status"];5311 $post_status = $content_struct[ "{$post_type}_status" ]; 5037 5312 break; 5038 5313 default: … … 5042 5317 } 5043 5318 5044 $post_excerpt = isset( $content_struct['mt_excerpt']) ? $content_struct['mt_excerpt'] : null;5045 $post_more = isset($content_struct['mt_text_more']) ? $content_struct['mt_text_more'] : null;5046 5047 $tags_input = isset( $content_struct['mt_keywords']) ? $content_struct['mt_keywords'] : null;5048 5049 if ( isset( $content_struct['mt_allow_comments']) ) {5050 if ( ! is_numeric($content_struct['mt_allow_comments']) ) {5319 $post_excerpt = isset( $content_struct['mt_excerpt'] ) ? $content_struct['mt_excerpt'] : null; 5320 $post_more = isset( $content_struct['mt_text_more'] ) ? $content_struct['mt_text_more'] : null; 5321 5322 $tags_input = isset( $content_struct['mt_keywords'] ) ? $content_struct['mt_keywords'] : null; 5323 5324 if ( isset( $content_struct['mt_allow_comments'] ) ) { 5325 if ( ! is_numeric( $content_struct['mt_allow_comments'] ) ) { 5051 5326 switch ( $content_struct['mt_allow_comments'] ) { 5052 5327 case 'closed': … … 5078 5353 } 5079 5354 5080 if ( isset( $content_struct['mt_allow_pings']) ) {5081 if ( ! is_numeric($content_struct['mt_allow_pings']) ) {5355 if ( isset( $content_struct['mt_allow_pings'] ) ) { 5356 if ( ! is_numeric( $content_struct['mt_allow_pings'] ) ) { 5082 5357 switch ( $content_struct['mt_allow_pings'] ) { 5083 5358 case 'closed': … … 5108 5383 } 5109 5384 5110 if ( $post_more ) 5385 if ( $post_more ) { 5111 5386 $post_content = $post_content . '<!--more-->' . $post_more; 5387 } 5112 5388 5113 5389 $to_ping = null; 5114 5390 if ( isset( $content_struct['mt_tb_ping_urls'] ) ) { 5115 5391 $to_ping = $content_struct['mt_tb_ping_urls']; 5116 if ( is_array($to_ping) ) 5117 $to_ping = implode(' ', $to_ping); 5392 if ( is_array( $to_ping ) ) { 5393 $to_ping = implode( ' ', $to_ping ); 5394 } 5118 5395 } 5119 5396 5120 5397 // Do some timestamp voodoo 5121 if ( ! empty( $content_struct['date_created_gmt'] ) )5398 if ( ! empty( $content_struct['date_created_gmt'] ) ) { 5122 5399 // We know this is supposed to be GMT, so we're going to slap that Z on there by force 5123 5400 $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z'; 5124 elseif ( !empty( $content_struct['dateCreated']) )5401 } elseif ( ! empty( $content_struct['dateCreated'] ) ) { 5125 5402 $dateCreated = $content_struct['dateCreated']->getIso(); 5126 5127 if ( !empty( $dateCreated ) ) { 5128 $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); 5129 $post_date_gmt = iso8601_to_datetime($dateCreated, 'GMT'); 5403 } 5404 5405 if ( ! empty( $dateCreated ) ) { 5406 $post_date = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); 5407 $post_date_gmt = iso8601_to_datetime( $dateCreated, 'GMT' ); 5130 5408 } else { 5131 $post_date = '';5409 $post_date = ''; 5132 5410 $post_date_gmt = ''; 5133 5411 } … … 5137 5415 $catnames = $content_struct['categories']; 5138 5416 5139 if ( is_array( $catnames) ) {5140 foreach ( $catnames as $cat) {5141 $post_category[] = get_cat_ID( $cat);5417 if ( is_array( $catnames ) ) { 5418 foreach ( $catnames as $cat ) { 5419 $post_category[] = get_cat_ID( $cat ); 5142 5420 } 5143 5421 } 5144 5422 } 5145 5423 5146 $postdata = compact( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'to_ping', 'post_type', 'post_name', 'post_password', 'post_parent', 'menu_order', 'tags_input', 'page_template');5424 $postdata = compact( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'to_ping', 'post_type', 'post_name', 'post_password', 'post_parent', 'menu_order', 'tags_input', 'page_template' ); 5147 5425 5148 5426 $post_ID = $postdata['ID'] = get_default_post_to_edit( $post_type, true )->ID; … … 5150 5428 // Only posts can be sticky 5151 5429 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 5152 $data = $postdata;5430 $data = $postdata; 5153 5431 $data['sticky'] = $content_struct['sticky']; 5154 $error = $this->_toggle_sticky( $data );5432 $error = $this->_toggle_sticky( $data ); 5155 5433 if ( $error ) { 5156 5434 return $error; … … 5158 5436 } 5159 5437 5160 if ( isset($content_struct['custom_fields']) ) 5161 $this->set_custom_fields($post_ID, $content_struct['custom_fields']); 5162 5163 if ( isset ( $content_struct['wp_post_thumbnail'] ) ) { 5164 if ( set_post_thumbnail( $post_ID, $content_struct['wp_post_thumbnail'] ) === false ) 5438 if ( isset( $content_struct['custom_fields'] ) ) { 5439 $this->set_custom_fields( $post_ID, $content_struct['custom_fields'] ); 5440 } 5441 5442 if ( isset( $content_struct['wp_post_thumbnail'] ) ) { 5443 if ( set_post_thumbnail( $post_ID, $content_struct['wp_post_thumbnail'] ) === false ) { 5165 5444 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 5445 } 5166 5446 5167 5447 unset( $content_struct['wp_post_thumbnail'] ); … … 5169 5449 5170 5450 // Handle enclosures 5171 $thisEnclosure = isset( $content_struct['enclosure']) ? $content_struct['enclosure'] : null;5172 $this->add_enclosure_if_new( $post_ID, $thisEnclosure);5451 $thisEnclosure = isset( $content_struct['enclosure'] ) ? $content_struct['enclosure'] : null; 5452 $this->add_enclosure_if_new( $post_ID, $thisEnclosure ); 5173 5453 5174 5454 $this->attach_uploads( $post_ID, $post_content ); … … 5176 5456 // Handle post formats if assigned, value is validated earlier 5177 5457 // in this function 5178 if ( isset( $content_struct['wp_post_format'] ) ) 5458 if ( isset( $content_struct['wp_post_format'] ) ) { 5179 5459 set_post_format( $post_ID, $content_struct['wp_post_format'] ); 5460 } 5180 5461 5181 5462 $post_ID = wp_insert_post( $postdata, true ); 5182 if ( is_wp_error( $post_ID ) ) 5183 return new IXR_Error(500, $post_ID->get_error_message()); 5184 5185 if ( !$post_ID ) 5186 return new IXR_Error(500, __('Sorry, your entry could not be posted.')); 5463 if ( is_wp_error( $post_ID ) ) { 5464 return new IXR_Error( 500, $post_ID->get_error_message() ); 5465 } 5466 5467 if ( ! $post_ID ) { 5468 return new IXR_Error( 500, __( 'Sorry, your entry could not be posted.' ) ); 5469 } 5187 5470 5188 5471 /** … … 5196 5479 do_action( 'xmlrpc_call_success_mw_newPost', $post_ID, $args ); 5197 5480 5198 return strval( $post_ID);5481 return strval( $post_ID ); 5199 5482 } 5200 5483 … … 5210 5493 if ( is_array( $enclosure ) && isset( $enclosure['url'] ) && isset( $enclosure['length'] ) && isset( $enclosure['type'] ) ) { 5211 5494 $encstring = $enclosure['url'] . "\n" . $enclosure['length'] . "\n" . $enclosure['type'] . "\n"; 5212 $found = false;5495 $found = false; 5213 5496 if ( $enclosures = get_post_meta( $post_ID, 'enclosure' ) ) { 5214 5497 foreach ( $enclosures as $enc ) { … … 5220 5503 } 5221 5504 } 5222 if ( ! $found ) 5505 if ( ! $found ) { 5223 5506 add_post_meta( $post_ID, 'enclosure', $encstring ); 5507 } 5224 5508 } 5225 5509 } … … 5242 5526 if ( is_array( $attachments ) ) { 5243 5527 foreach ( $attachments as $file ) { 5244 if ( ! empty( $file->guid ) && strpos( $post_content, $file->guid ) !== false ) 5245 $wpdb->update($wpdb->posts, array('post_parent' => $post_ID), array('ID' => $file->ID) ); 5528 if ( ! empty( $file->guid ) && strpos( $post_content, $file->guid ) !== false ) { 5529 $wpdb->update( $wpdb->posts, array( 'post_parent' => $post_ID ), array( 'ID' => $file->ID ) ); 5530 } 5246 5531 } 5247 5532 } … … 5273 5558 $publish = isset( $args[4] ) ? $args[4] : 0; 5274 5559 5275 if ( ! $user = $this->login($username, $password) ) 5276 return $this->error; 5560 if ( ! $user = $this->login( $username, $password ) ) { 5561 return $this->error; 5562 } 5277 5563 5278 5564 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 5285 5571 * Otherwise a new post will be created (which was the old behavior). 5286 5572 */ 5287 if ( ! $postdata || empty( $postdata[ 'ID' ] ) )5573 if ( ! $postdata || empty( $postdata['ID'] ) ) { 5288 5574 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 5289 5290 if ( ! current_user_can( 'edit_post', $post_ID ) ) 5575 } 5576 5577 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 5291 5578 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 5579 } 5292 5580 5293 5581 // Use wp.editPost to edit post types other than post and page. 5294 if ( ! in_array( $postdata[ 'post_type' ], array( 'post', 'page' ) ) )5582 if ( ! in_array( $postdata['post_type'], array( 'post', 'page' ) ) ) { 5295 5583 return new IXR_Error( 401, __( 'Invalid post type.' ) ); 5584 } 5296 5585 5297 5586 // Thwart attempt to change the post type. 5298 if ( ! empty( $content_struct[ 'post_type' ] ) && ( $content_struct['post_type'] != $postdata[ 'post_type' ] ) )5587 if ( ! empty( $content_struct['post_type'] ) && ( $content_struct['post_type'] != $postdata['post_type'] ) ) { 5299 5588 return new IXR_Error( 401, __( 'The post type may not be changed.' ) ); 5589 } 5300 5590 5301 5591 // Check for a valid post format if one was given 5302 5592 if ( isset( $content_struct['wp_post_format'] ) ) { 5303 5593 $content_struct['wp_post_format'] = sanitize_key( $content_struct['wp_post_format'] ); 5304 if ( ! array_key_exists( $content_struct['wp_post_format'], get_post_format_strings() ) ) {5594 if ( ! array_key_exists( $content_struct['wp_post_format'], get_post_format_strings() ) ) { 5305 5595 return new IXR_Error( 404, __( 'Invalid post format.' ) ); 5306 5596 } 5307 5597 } 5308 5598 5309 $this->escape( $postdata);5310 5311 $ID = $postdata['ID'];5312 $post_content = $postdata['post_content'];5313 $post_title = $postdata['post_title'];5314 $post_excerpt = $postdata['post_excerpt'];5599 $this->escape( $postdata ); 5600 5601 $ID = $postdata['ID']; 5602 $post_content = $postdata['post_content']; 5603 $post_title = $postdata['post_title']; 5604 $post_excerpt = $postdata['post_excerpt']; 5315 5605 $post_password = $postdata['post_password']; 5316 $post_parent = $postdata['post_parent'];5317 $post_type = $postdata['post_type'];5318 $menu_order = $postdata['menu_order'];5606 $post_parent = $postdata['post_parent']; 5607 $post_type = $postdata['post_type']; 5608 $menu_order = $postdata['menu_order']; 5319 5609 5320 5610 // Let WordPress manage slug if none was provided. 5321 5611 $post_name = $postdata['post_name']; 5322 if ( isset( $content_struct['wp_slug']) )5612 if ( isset( $content_struct['wp_slug'] ) ) { 5323 5613 $post_name = $content_struct['wp_slug']; 5614 } 5324 5615 5325 5616 // Only use a password if one was given. 5326 if ( isset( $content_struct['wp_password']) )5617 if ( isset( $content_struct['wp_password'] ) ) { 5327 5618 $post_password = $content_struct['wp_password']; 5619 } 5328 5620 5329 5621 // Only set a post parent if one was given. 5330 if ( isset( $content_struct['wp_page_parent_id']) )5622 if ( isset( $content_struct['wp_page_parent_id'] ) ) { 5331 5623 $post_parent = $content_struct['wp_page_parent_id']; 5624 } 5332 5625 5333 5626 // Only set the menu_order if it was given. 5334 if ( isset( $content_struct['wp_page_order']) )5627 if ( isset( $content_struct['wp_page_order'] ) ) { 5335 5628 $menu_order = $content_struct['wp_page_order']; 5629 } 5336 5630 5337 5631 $page_template = null; 5338 if ( ! empty( $content_struct['wp_page_template'] ) && 'page' == $post_type ) 5632 if ( ! empty( $content_struct['wp_page_template'] ) && 'page' == $post_type ) { 5339 5633 $page_template = $content_struct['wp_page_template']; 5634 } 5340 5635 5341 5636 $post_author = $postdata['post_author']; … … 5363 5658 } 5364 5659 5365 if ( isset( $content_struct['mt_allow_comments']) ) {5366 if ( ! is_numeric($content_struct['mt_allow_comments']) ) {5660 if ( isset( $content_struct['mt_allow_comments'] ) ) { 5661 if ( ! is_numeric( $content_struct['mt_allow_comments'] ) ) { 5367 5662 switch ( $content_struct['mt_allow_comments'] ) { 5368 5663 case 'closed': … … 5392 5687 } 5393 5688 5394 if ( isset( $content_struct['mt_allow_pings']) ) {5395 if ( ! is_numeric($content_struct['mt_allow_pings']) ) {5689 if ( isset( $content_struct['mt_allow_pings'] ) ) { 5690 if ( ! is_numeric( $content_struct['mt_allow_pings'] ) ) { 5396 5691 switch ( $content_struct['mt_allow_pings'] ) { 5397 5692 case 'closed': … … 5406 5701 } 5407 5702 } else { 5408 switch ( (int) $content_struct[ "mt_allow_pings"] ) {5703 switch ( (int) $content_struct['mt_allow_pings'] ) { 5409 5704 case 0: 5410 5705 $ping_status = 'closed'; … … 5420 5715 } 5421 5716 5422 if ( isset( $content_struct['title'] ) ) 5423 $post_title = $content_struct['title']; 5424 5425 if ( isset( $content_struct['description'] ) ) 5717 if ( isset( $content_struct['title'] ) ) { 5718 $post_title = $content_struct['title']; 5719 } 5720 5721 if ( isset( $content_struct['description'] ) ) { 5426 5722 $post_content = $content_struct['description']; 5723 } 5427 5724 5428 5725 $post_category = array(); 5429 5726 if ( isset( $content_struct['categories'] ) ) { 5430 5727 $catnames = $content_struct['categories']; 5431 if ( is_array( $catnames) ) {5432 foreach ( $catnames as $cat) {5433 $post_category[] = get_cat_ID( $cat);5728 if ( is_array( $catnames ) ) { 5729 foreach ( $catnames as $cat ) { 5730 $post_category[] = get_cat_ID( $cat ); 5434 5731 } 5435 5732 } 5436 5733 } 5437 5734 5438 if ( isset( $content_struct['mt_excerpt'] ) ) 5439 $post_excerpt = $content_struct['mt_excerpt']; 5735 if ( isset( $content_struct['mt_excerpt'] ) ) { 5736 $post_excerpt = $content_struct['mt_excerpt']; 5737 } 5440 5738 5441 5739 $post_more = isset( $content_struct['mt_text_more'] ) ? $content_struct['mt_text_more'] : null; 5442 5740 5443 5741 $post_status = $publish ? 'publish' : 'draft'; 5444 if ( isset( $content_struct[ "{$post_type}_status"] ) ) {5445 switch ( $content_struct["{$post_type}_status"] ) {5742 if ( isset( $content_struct[ "{$post_type}_status" ] ) ) { 5743 switch ( $content_struct[ "{$post_type}_status" ] ) { 5446 5744 case 'draft': 5447 5745 case 'pending': 5448 5746 case 'private': 5449 5747 case 'publish': 5450 $post_status = $content_struct[ "{$post_type}_status"];5748 $post_status = $content_struct[ "{$post_type}_status" ]; 5451 5749 break; 5452 5750 default: … … 5466 5764 } 5467 5765 5468 if ( $post_more ) 5469 $post_content = $post_content . "<!--more-->" . $post_more; 5766 if ( $post_more ) { 5767 $post_content = $post_content . '<!--more-->' . $post_more; 5768 } 5470 5769 5471 5770 $to_ping = null; 5472 5771 if ( isset( $content_struct['mt_tb_ping_urls'] ) ) { 5473 5772 $to_ping = $content_struct['mt_tb_ping_urls']; 5474 if ( is_array($to_ping) ) 5475 $to_ping = implode(' ', $to_ping); 5773 if ( is_array( $to_ping ) ) { 5774 $to_ping = implode( ' ', $to_ping ); 5775 } 5476 5776 } 5477 5777 5478 5778 // Do some timestamp voodoo. 5479 if ( ! empty( $content_struct['date_created_gmt'] ) )5779 if ( ! empty( $content_struct['date_created_gmt'] ) ) { 5480 5780 // We know this is supposed to be GMT, so we're going to slap that Z on there by force. 5481 5781 $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z'; 5482 elseif ( !empty( $content_struct['dateCreated']) )5782 } elseif ( ! empty( $content_struct['dateCreated'] ) ) { 5483 5783 $dateCreated = $content_struct['dateCreated']->getIso(); 5784 } 5484 5785 5485 5786 // Default to not flagging the post date to be edited unless it's intentional. 5486 5787 $edit_date = false; 5487 5788 5488 if ( ! empty( $dateCreated ) ) {5489 $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));5490 $post_date_gmt = iso8601_to_datetime( $dateCreated, 'GMT');5789 if ( ! empty( $dateCreated ) ) { 5790 $post_date = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) ); 5791 $post_date_gmt = iso8601_to_datetime( $dateCreated, 'GMT' ); 5491 5792 5492 5793 // Flag the post date to be edited. … … 5498 5799 5499 5800 // We've got all the data -- post it. 5500 $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'edit_date', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input', 'page_template'); 5501 5502 $result = wp_update_post($newpost, true); 5503 if ( is_wp_error( $result ) ) 5504 return new IXR_Error(500, $result->get_error_message()); 5505 5506 if ( !$result ) 5507 return new IXR_Error(500, __('Sorry, your entry could not be edited.')); 5801 $newpost = compact( 'ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'edit_date', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input', 'page_template' ); 5802 5803 $result = wp_update_post( $newpost, true ); 5804 if ( is_wp_error( $result ) ) { 5805 return new IXR_Error( 500, $result->get_error_message() ); 5806 } 5807 5808 if ( ! $result ) { 5809 return new IXR_Error( 500, __( 'Sorry, your entry could not be edited.' ) ); 5810 } 5508 5811 5509 5812 // Only posts can be sticky 5510 5813 if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) { 5511 $data = $newpost;5512 $data['sticky'] = $content_struct['sticky'];5814 $data = $newpost; 5815 $data['sticky'] = $content_struct['sticky']; 5513 5816 $data['post_type'] = 'post'; 5514 $error = $this->_toggle_sticky( $data, true );5817 $error = $this->_toggle_sticky( $data, true ); 5515 5818 if ( $error ) { 5516 5819 return $error; … … 5518 5821 } 5519 5822 5520 if ( isset($content_struct['custom_fields']) ) 5521 $this->set_custom_fields($post_ID, $content_struct['custom_fields']); 5522 5523 if ( isset ( $content_struct['wp_post_thumbnail'] ) ) { 5823 if ( isset( $content_struct['custom_fields'] ) ) { 5824 $this->set_custom_fields( $post_ID, $content_struct['custom_fields'] ); 5825 } 5826 5827 if ( isset( $content_struct['wp_post_thumbnail'] ) ) { 5524 5828 5525 5829 // Empty value deletes, non-empty value adds/updates. … … 5527 5831 delete_post_thumbnail( $post_ID ); 5528 5832 } else { 5529 if ( set_post_thumbnail( $post_ID, $content_struct['wp_post_thumbnail'] ) === false ) 5833 if ( set_post_thumbnail( $post_ID, $content_struct['wp_post_thumbnail'] ) === false ) { 5530 5834 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 5835 } 5531 5836 } 5532 5837 unset( $content_struct['wp_post_thumbnail'] ); … … 5534 5839 5535 5840 // Handle enclosures. 5536 $thisEnclosure = isset( $content_struct['enclosure']) ? $content_struct['enclosure'] : null;5537 $this->add_enclosure_if_new( $post_ID, $thisEnclosure);5841 $thisEnclosure = isset( $content_struct['enclosure'] ) ? $content_struct['enclosure'] : null; 5842 $this->add_enclosure_if_new( $post_ID, $thisEnclosure ); 5538 5843 5539 5844 $this->attach_uploads( $ID, $post_content ); 5540 5845 5541 5846 // Handle post formats if assigned, validation is handled earlier in this function. 5542 if ( isset( $content_struct['wp_post_format'] ) ) 5847 if ( isset( $content_struct['wp_post_format'] ) ) { 5543 5848 set_post_format( $post_ID, $content_struct['wp_post_format'] ); 5849 } 5544 5850 5545 5851 /** … … 5578 5884 $password = $args[2]; 5579 5885 5580 if ( !$user = $this->login($username, $password) ) 5581 return $this->error; 5582 5583 $postdata = get_post($post_ID, ARRAY_A); 5584 if ( ! $postdata ) 5886 if ( ! $user = $this->login( $username, $password ) ) { 5887 return $this->error; 5888 } 5889 5890 $postdata = get_post( $post_ID, ARRAY_A ); 5891 if ( ! $postdata ) { 5585 5892 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 5586 5587 if ( !current_user_can( 'edit_post', $post_ID ) ) 5893 } 5894 5895 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 5588 5896 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 5897 } 5589 5898 5590 5899 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5591 5900 do_action( 'xmlrpc_call', 'metaWeblog.getPost' ); 5592 5901 5593 if ( $postdata['post_date'] != '') {5594 $post_date = $this->_convert_date( $postdata['post_date'] );5595 $post_date_gmt = $this->_convert_date_gmt( $postdata['post_date_gmt'],$postdata['post_date'] );5596 $post_modified = $this->_convert_date( $postdata['post_modified'] );5902 if ( $postdata['post_date'] != '' ) { 5903 $post_date = $this->_convert_date( $postdata['post_date'] ); 5904 $post_date_gmt = $this->_convert_date_gmt( $postdata['post_date_gmt'], $postdata['post_date'] ); 5905 $post_modified = $this->_convert_date( $postdata['post_modified'] ); 5597 5906 $post_modified_gmt = $this->_convert_date_gmt( $postdata['post_modified_gmt'], $postdata['post_modified'] ); 5598 5907 5599 5908 $categories = array(); 5600 $catids = wp_get_post_categories($post_ID); 5601 foreach ($catids as $catid) 5602 $categories[] = get_cat_name($catid); 5909 $catids = wp_get_post_categories( $post_ID ); 5910 foreach ( $catids as $catid ) { 5911 $categories[] = get_cat_name( $catid ); 5912 } 5603 5913 5604 5914 $tagnames = array(); 5605 $tags = wp_get_post_tags( $post_ID );5606 if ( ! empty( $tags ) ) {5607 foreach ( $tags as $tag ) 5915 $tags = wp_get_post_tags( $post_ID ); 5916 if ( ! empty( $tags ) ) { 5917 foreach ( $tags as $tag ) { 5608 5918 $tagnames[] = $tag->name; 5919 } 5609 5920 $tagnames = implode( ', ', $tagnames ); 5610 5921 } else { … … 5612 5923 } 5613 5924 5614 $post = get_extended( $postdata['post_content']);5615 $link = get_permalink( $postdata['ID']);5925 $post = get_extended( $postdata['post_content'] ); 5926 $link = get_permalink( $postdata['ID'] ); 5616 5927 5617 5928 // Get the author info. 5618 $author = get_userdata( $postdata['post_author']);5619 5620 $allow_comments = ( 'open' == $postdata['comment_status']) ? 1 : 0;5621 $allow_pings = ('open' == $postdata['ping_status']) ? 1 : 0;5929 $author = get_userdata( $postdata['post_author'] ); 5930 5931 $allow_comments = ( 'open' == $postdata['comment_status'] ) ? 1 : 0; 5932 $allow_pings = ( 'open' == $postdata['ping_status'] ) ? 1 : 0; 5622 5933 5623 5934 // Consider future posts as published 5624 if ( $postdata['post_status'] === 'future' ) 5935 if ( $postdata['post_status'] === 'future' ) { 5625 5936 $postdata['post_status'] = 'publish'; 5937 } 5626 5938 5627 5939 // Get post format 5628 5940 $post_format = get_post_format( $post_ID ); 5629 if ( empty( $post_format ) ) 5941 if ( empty( $post_format ) ) { 5630 5942 $post_format = 'standard'; 5943 } 5631 5944 5632 5945 $sticky = false; 5633 if ( is_sticky( $post_ID ) ) 5946 if ( is_sticky( $post_ID ) ) { 5634 5947 $sticky = true; 5948 } 5635 5949 5636 5950 $enclosure = array(); 5637 foreach ( (array) get_post_custom( $post_ID) as $key => $val) {5638 if ( $key == 'enclosure') {5951 foreach ( (array) get_post_custom( $post_ID ) as $key => $val ) { 5952 if ( $key == 'enclosure' ) { 5639 5953 foreach ( (array) $val as $enc ) { 5640 $encdata = explode("\n", $enc);5641 $enclosure['url'] = trim(htmlspecialchars($encdata[0]));5642 $enclosure['length'] = (int) trim( $encdata[1]);5643 $enclosure['type'] = trim($encdata[2]);5954 $encdata = explode( "\n", $enc ); 5955 $enclosure['url'] = trim( htmlspecialchars( $encdata[0] ) ); 5956 $enclosure['length'] = (int) trim( $encdata[1] ); 5957 $enclosure['type'] = trim( $encdata[2] ); 5644 5958 break 2; 5645 5959 } … … 5648 5962 5649 5963 $resp = array( 5650 'dateCreated' => $post_date,5651 'userid' => $postdata['post_author'],5652 'postid' => $postdata['ID'],5653 'description' => $post['main'],5654 'title' => $postdata['post_title'],5655 'link' => $link,5656 'permaLink' => $link,5964 'dateCreated' => $post_date, 5965 'userid' => $postdata['post_author'], 5966 'postid' => $postdata['ID'], 5967 'description' => $post['main'], 5968 'title' => $postdata['post_title'], 5969 'link' => $link, 5970 'permaLink' => $link, 5657 5971 // commented out because no other tool seems to use this 5658 5972 // 'content' => $entry['post_content'], 5659 'categories' => $categories,5660 'mt_excerpt' => $postdata['post_excerpt'],5661 'mt_text_more' => $post['extended'],5662 'wp_more_text' => $post['more_text'],5663 'mt_allow_comments' => $allow_comments,5664 'mt_allow_pings' => $allow_pings,5665 'mt_keywords' => $tagnames,5666 'wp_slug' => $postdata['post_name'],5667 'wp_password' => $postdata['post_password'],5668 'wp_author_id' => (string) $author->ID,5973 'categories' => $categories, 5974 'mt_excerpt' => $postdata['post_excerpt'], 5975 'mt_text_more' => $post['extended'], 5976 'wp_more_text' => $post['more_text'], 5977 'mt_allow_comments' => $allow_comments, 5978 'mt_allow_pings' => $allow_pings, 5979 'mt_keywords' => $tagnames, 5980 'wp_slug' => $postdata['post_name'], 5981 'wp_password' => $postdata['post_password'], 5982 'wp_author_id' => (string) $author->ID, 5669 5983 'wp_author_display_name' => $author->display_name, 5670 'date_created_gmt' => $post_date_gmt,5671 'post_status' => $postdata['post_status'],5672 'custom_fields' => $this->get_custom_fields($post_ID),5673 'wp_post_format' => $post_format,5674 'sticky' => $sticky,5675 'date_modified' => $post_modified,5676 'date_modified_gmt' => $post_modified_gmt5984 'date_created_gmt' => $post_date_gmt, 5985 'post_status' => $postdata['post_status'], 5986 'custom_fields' => $this->get_custom_fields( $post_ID ), 5987 'wp_post_format' => $post_format, 5988 'sticky' => $sticky, 5989 'date_modified' => $post_modified, 5990 'date_modified_gmt' => $post_modified_gmt, 5677 5991 ); 5678 5992 5679 if ( !empty($enclosure) ) $resp['enclosure'] = $enclosure; 5993 if ( ! empty( $enclosure ) ) { 5994 $resp['enclosure'] = $enclosure; 5995 } 5680 5996 5681 5997 $resp['wp_post_thumbnail'] = get_post_thumbnail_id( $postdata['ID'] ); … … 5683 5999 return $resp; 5684 6000 } else { 5685 return new IXR_Error( 404, __('Sorry, no such post.'));6001 return new IXR_Error( 404, __( 'Sorry, no such post.' ) ); 5686 6002 } 5687 6003 } … … 5707 6023 $username = $args[1]; 5708 6024 $password = $args[2]; 5709 if ( isset( $args[3] ) ) 6025 if ( isset( $args[3] ) ) { 5710 6026 $query = array( 'numberposts' => absint( $args[3] ) ); 5711 else6027 } else { 5712 6028 $query = array(); 5713 5714 if ( !$user = $this->login($username, $password) ) 5715 return $this->error; 5716 5717 if ( ! current_user_can( 'edit_posts' ) ) 6029 } 6030 6031 if ( ! $user = $this->login( $username, $password ) ) { 6032 return $this->error; 6033 } 6034 6035 if ( ! current_user_can( 'edit_posts' ) ) { 5718 6036 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts.' ) ); 6037 } 5719 6038 5720 6039 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 5723 6042 $posts_list = wp_get_recent_posts( $query ); 5724 6043 5725 if ( ! $posts_list )6044 if ( ! $posts_list ) { 5726 6045 return array(); 6046 } 5727 6047 5728 6048 $recent_posts = array(); 5729 foreach ( $posts_list as $entry) {5730 if ( ! current_user_can( 'edit_post', $entry['ID'] ) )6049 foreach ( $posts_list as $entry ) { 6050 if ( ! current_user_can( 'edit_post', $entry['ID'] ) ) { 5731 6051 continue; 5732 5733 $post_date = $this->_convert_date( $entry['post_date'] ); 5734 $post_date_gmt = $this->_convert_date_gmt( $entry['post_date_gmt'], $entry['post_date'] ); 5735 $post_modified = $this->_convert_date( $entry['post_modified'] ); 6052 } 6053 6054 $post_date = $this->_convert_date( $entry['post_date'] ); 6055 $post_date_gmt = $this->_convert_date_gmt( $entry['post_date_gmt'], $entry['post_date'] ); 6056 $post_modified = $this->_convert_date( $entry['post_modified'] ); 5736 6057 $post_modified_gmt = $this->_convert_date_gmt( $entry['post_modified_gmt'], $entry['post_modified'] ); 5737 6058 5738 6059 $categories = array(); 5739 $catids = wp_get_post_categories($entry['ID']); 5740 foreach ( $catids as $catid ) 5741 $categories[] = get_cat_name($catid); 6060 $catids = wp_get_post_categories( $entry['ID'] ); 6061 foreach ( $catids as $catid ) { 6062 $categories[] = get_cat_name( $catid ); 6063 } 5742 6064 5743 6065 $tagnames = array(); 5744 $tags = wp_get_post_tags( $entry['ID'] );5745 if ( ! empty( $tags ) ) {6066 $tags = wp_get_post_tags( $entry['ID'] ); 6067 if ( ! empty( $tags ) ) { 5746 6068 foreach ( $tags as $tag ) { 5747 6069 $tagnames[] = $tag->name; … … 5752 6074 } 5753 6075 5754 $post = get_extended( $entry['post_content']);5755 $link = get_permalink( $entry['ID']);6076 $post = get_extended( $entry['post_content'] ); 6077 $link = get_permalink( $entry['ID'] ); 5756 6078 5757 6079 // Get the post author info. 5758 $author = get_userdata( $entry['post_author']);5759 5760 $allow_comments = ( 'open' == $entry['comment_status']) ? 1 : 0;5761 $allow_pings = ('open' == $entry['ping_status']) ? 1 : 0;6080 $author = get_userdata( $entry['post_author'] ); 6081 6082 $allow_comments = ( 'open' == $entry['comment_status'] ) ? 1 : 0; 6083 $allow_pings = ( 'open' == $entry['ping_status'] ) ? 1 : 0; 5762 6084 5763 6085 // Consider future posts as published 5764 if ( $entry['post_status'] === 'future' ) 6086 if ( $entry['post_status'] === 'future' ) { 5765 6087 $entry['post_status'] = 'publish'; 6088 } 5766 6089 5767 6090 // Get post format 5768 6091 $post_format = get_post_format( $entry['ID'] ); 5769 if ( empty( $post_format ) ) 6092 if ( empty( $post_format ) ) { 5770 6093 $post_format = 'standard'; 6094 } 5771 6095 5772 6096 $recent_posts[] = array( 5773 'dateCreated' => $post_date,5774 'userid' => $entry['post_author'],5775 'postid' => (string) $entry['ID'],5776 'description' => $post['main'],5777 'title' => $entry['post_title'],5778 'link' => $link,5779 'permaLink' => $link,6097 'dateCreated' => $post_date, 6098 'userid' => $entry['post_author'], 6099 'postid' => (string) $entry['ID'], 6100 'description' => $post['main'], 6101 'title' => $entry['post_title'], 6102 'link' => $link, 6103 'permaLink' => $link, 5780 6104 // commented out because no other tool seems to use this 5781 6105 // 'content' => $entry['post_content'], 5782 'categories' => $categories,5783 'mt_excerpt' => $entry['post_excerpt'],5784 'mt_text_more' => $post['extended'],5785 'wp_more_text' => $post['more_text'],5786 'mt_allow_comments' => $allow_comments,5787 'mt_allow_pings' => $allow_pings,5788 'mt_keywords' => $tagnames,5789 'wp_slug' => $entry['post_name'],5790 'wp_password' => $entry['post_password'],5791 'wp_author_id' => (string) $author->ID,6106 'categories' => $categories, 6107 'mt_excerpt' => $entry['post_excerpt'], 6108 'mt_text_more' => $post['extended'], 6109 'wp_more_text' => $post['more_text'], 6110 'mt_allow_comments' => $allow_comments, 6111 'mt_allow_pings' => $allow_pings, 6112 'mt_keywords' => $tagnames, 6113 'wp_slug' => $entry['post_name'], 6114 'wp_password' => $entry['post_password'], 6115 'wp_author_id' => (string) $author->ID, 5792 6116 'wp_author_display_name' => $author->display_name, 5793 'date_created_gmt' => $post_date_gmt,5794 'post_status' => $entry['post_status'],5795 'custom_fields' => $this->get_custom_fields($entry['ID']),5796 'wp_post_format' => $post_format,5797 'date_modified' => $post_modified,5798 'date_modified_gmt' => $post_modified_gmt,5799 'sticky' => ( $entry['post_type'] === 'post' && is_sticky( $entry['ID'] ) ),5800 'wp_post_thumbnail' => get_post_thumbnail_id( $entry['ID'] )6117 'date_created_gmt' => $post_date_gmt, 6118 'post_status' => $entry['post_status'], 6119 'custom_fields' => $this->get_custom_fields( $entry['ID'] ), 6120 'wp_post_format' => $post_format, 6121 'date_modified' => $post_modified, 6122 'date_modified_gmt' => $post_modified_gmt, 6123 'sticky' => ( $entry['post_type'] === 'post' && is_sticky( $entry['ID'] ) ), 6124 'wp_post_thumbnail' => get_post_thumbnail_id( $entry['ID'] ), 5801 6125 ); 5802 6126 } … … 5825 6149 $password = $args[2]; 5826 6150 5827 if ( !$user = $this->login($username, $password) ) 5828 return $this->error; 5829 5830 if ( !current_user_can( 'edit_posts' ) ) 6151 if ( ! $user = $this->login( $username, $password ) ) { 6152 return $this->error; 6153 } 6154 6155 if ( ! current_user_can( 'edit_posts' ) ) { 5831 6156 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) ); 6157 } 5832 6158 5833 6159 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 5836 6162 $categories_struct = array(); 5837 6163 5838 if ( $cats = get_categories( array('get' => 'all')) ) {6164 if ( $cats = get_categories( array( 'get' => 'all' ) ) ) { 5839 6165 foreach ( $cats as $cat ) { 5840 $struct = array();5841 $struct['categoryId'] = $cat->term_id;5842 $struct['parentId'] = $cat->parent;5843 $struct['description'] = $cat->name;6166 $struct = array(); 6167 $struct['categoryId'] = $cat->term_id; 6168 $struct['parentId'] = $cat->parent; 6169 $struct['description'] = $cat->name; 5844 6170 $struct['categoryDescription'] = $cat->description; 5845 $struct['categoryName'] = $cat->name;5846 $struct['htmlUrl'] = esc_html(get_category_link($cat->term_id));5847 $struct['rssUrl'] = esc_html(get_category_feed_link($cat->term_id, 'rss2'));6171 $struct['categoryName'] = $cat->name; 6172 $struct['htmlUrl'] = esc_html( get_category_link( $cat->term_id ) ); 6173 $struct['rssUrl'] = esc_html( get_category_feed_link( $cat->term_id, 'rss2' ) ); 5848 6174 5849 6175 $categories_struct[] = $struct; … … 5886 6212 $bits = $data['bits']; 5887 6213 5888 if ( !$user = $this->login($username, $password) ) 5889 return $this->error; 6214 if ( ! $user = $this->login( $username, $password ) ) { 6215 return $this->error; 6216 } 5890 6217 5891 6218 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 5892 6219 do_action( 'xmlrpc_call', 'metaWeblog.newMediaObject' ); 5893 6220 5894 if ( ! current_user_can('upload_files') ) {6221 if ( ! current_user_can( 'upload_files' ) ) { 5895 6222 $this->error = new IXR_Error( 401, __( 'Sorry, you are not allowed to upload files.' ) ); 5896 6223 return $this->error; … … 5916 6243 } 5917 6244 5918 $upload = wp_upload_bits( $name, null, $bits);5919 if ( ! empty( $upload['error']) ) {6245 $upload = wp_upload_bits( $name, null, $bits ); 6246 if ( ! empty( $upload['error'] ) ) { 5920 6247 /* translators: 1: file name, 2: error message */ 5921 6248 $errorString = sprintf( __( 'Could not write file %1$s (%2$s).' ), $name, $upload['error'] ); … … 5927 6254 $post_id = (int) $data['post_id']; 5928 6255 5929 if ( ! current_user_can( 'edit_post', $post_id ) ) 6256 if ( ! current_user_can( 'edit_post', $post_id ) ) { 5930 6257 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 6258 } 5931 6259 } 5932 6260 $attachment = array( 5933 'post_title' => $name,5934 'post_content' => '',5935 'post_type' => 'attachment',5936 'post_parent' => $post_id,6261 'post_title' => $name, 6262 'post_content' => '', 6263 'post_type' => 'attachment', 6264 'post_parent' => $post_id, 5937 6265 'post_mime_type' => $type, 5938 'guid' => $upload[ 'url' ]6266 'guid' => $upload['url'], 5939 6267 ); 5940 6268 5941 6269 // Save the data 5942 $id = wp_insert_attachment( $attachment, $upload[ 'file'], $post_id );6270 $id = wp_insert_attachment( $attachment, $upload['file'], $post_id ); 5943 6271 wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $upload['file'] ) ); 5944 6272 … … 5987 6315 $username = $args[1]; 5988 6316 $password = $args[2]; 5989 if ( isset( $args[3] ) ) 6317 if ( isset( $args[3] ) ) { 5990 6318 $query = array( 'numberposts' => absint( $args[3] ) ); 5991 else6319 } else { 5992 6320 $query = array(); 5993 5994 if ( !$user = $this->login($username, $password) ) 5995 return $this->error; 6321 } 6322 6323 if ( ! $user = $this->login( $username, $password ) ) { 6324 return $this->error; 6325 } 5996 6326 5997 6327 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 6000 6330 $posts_list = wp_get_recent_posts( $query ); 6001 6331 6002 if ( ! $posts_list ) {6003 $this->error = new IXR_Error( 500, __('Either there are no posts, or something went wrong.'));6332 if ( ! $posts_list ) { 6333 $this->error = new IXR_Error( 500, __( 'Either there are no posts, or something went wrong.' ) ); 6004 6334 return $this->error; 6005 6335 } … … 6007 6337 $recent_posts = array(); 6008 6338 6009 foreach ( $posts_list as $entry) {6010 if ( ! current_user_can( 'edit_post', $entry['ID'] ) )6339 foreach ( $posts_list as $entry ) { 6340 if ( ! current_user_can( 'edit_post', $entry['ID'] ) ) { 6011 6341 continue; 6012 6013 $post_date = $this->_convert_date( $entry['post_date'] ); 6342 } 6343 6344 $post_date = $this->_convert_date( $entry['post_date'] ); 6014 6345 $post_date_gmt = $this->_convert_date_gmt( $entry['post_date_gmt'], $entry['post_date'] ); 6015 6346 6016 6347 $recent_posts[] = array( 6017 'dateCreated' => $post_date,6018 'userid' => $entry['post_author'],6019 'postid' => (string) $entry['ID'],6020 'title' => $entry['post_title'],6021 'post_status' => $entry['post_status'],6022 'date_created_gmt' => $post_date_gmt 6348 'dateCreated' => $post_date, 6349 'userid' => $entry['post_author'], 6350 'postid' => (string) $entry['ID'], 6351 'title' => $entry['post_title'], 6352 'post_status' => $entry['post_status'], 6353 'date_created_gmt' => $post_date_gmt, 6023 6354 ); 6024 6355 } … … 6047 6378 $password = $args[2]; 6048 6379 6049 if ( !$user = $this->login($username, $password) ) 6050 return $this->error; 6051 6052 if ( !current_user_can( 'edit_posts' ) ) 6380 if ( ! $user = $this->login( $username, $password ) ) { 6381 return $this->error; 6382 } 6383 6384 if ( ! current_user_can( 'edit_posts' ) ) { 6053 6385 return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) ); 6386 } 6054 6387 6055 6388 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 6058 6391 $categories_struct = array(); 6059 6392 6060 if ( $cats = get_categories(array('hide_empty' => 0, 'hierarchical' => 0)) ) { 6393 if ( $cats = get_categories( 6394 array( 6395 'hide_empty' => 0, 6396 'hierarchical' => 0, 6397 ) 6398 ) ) { 6061 6399 foreach ( $cats as $cat ) { 6062 $struct = array();6063 $struct['categoryId'] = $cat->term_id;6400 $struct = array(); 6401 $struct['categoryId'] = $cat->term_id; 6064 6402 $struct['categoryName'] = $cat->name; 6065 6403 … … 6092 6430 $password = $args[2]; 6093 6431 6094 if ( !$user = $this->login($username, $password) ) 6095 return $this->error; 6096 6097 if ( ! get_post( $post_ID ) ) 6432 if ( ! $user = $this->login( $username, $password ) ) { 6433 return $this->error; 6434 } 6435 6436 if ( ! get_post( $post_ID ) ) { 6098 6437 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 6099 6100 if ( !current_user_can( 'edit_post', $post_ID ) ) 6438 } 6439 6440 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 6101 6441 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 6442 } 6102 6443 6103 6444 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ … … 6105 6446 6106 6447 $categories = array(); 6107 $catids = wp_get_post_categories(intval($post_ID));6448 $catids = wp_get_post_categories( intval( $post_ID ) ); 6108 6449 // first listed category will be the primary category 6109 6450 $isPrimary = true; 6110 6451 foreach ( $catids as $catid ) { 6111 6452 $categories[] = array( 6112 'categoryName' => get_cat_name( $catid),6113 'categoryId' => (string) $catid,6114 'isPrimary' => $isPrimary6453 'categoryName' => get_cat_name( $catid ), 6454 'categoryId' => (string) $catid, 6455 'isPrimary' => $isPrimary, 6115 6456 ); 6116 $isPrimary = false;6457 $isPrimary = false; 6117 6458 } 6118 6459 … … 6143 6484 $categories = $args[3]; 6144 6485 6145 if ( !$user = $this->login($username, $password) ) 6146 return $this->error; 6486 if ( ! $user = $this->login( $username, $password ) ) { 6487 return $this->error; 6488 } 6147 6489 6148 6490 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 6149 6491 do_action( 'xmlrpc_call', 'mt.setPostCategories' ); 6150 6492 6151 if ( ! get_post( $post_ID ) ) 6493 if ( ! get_post( $post_ID ) ) { 6152 6494 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 6153 6154 if ( !current_user_can('edit_post', $post_ID) ) 6155 return new IXR_Error(401, __('Sorry, you are not allowed to edit this post.')); 6495 } 6496 6497 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 6498 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) ); 6499 } 6156 6500 6157 6501 $catids = array(); … … 6160 6504 } 6161 6505 6162 wp_set_post_categories( $post_ID, $catids);6506 wp_set_post_categories( $post_ID, $catids ); 6163 6507 6164 6508 return true; … … 6214 6558 do_action( 'xmlrpc_call', 'mt.getTrackbackPings' ); 6215 6559 6216 $actual_post = get_post($post_ID, ARRAY_A); 6217 6218 if ( !$actual_post ) 6219 return new IXR_Error(404, __('Sorry, no such post.')); 6220 6221 $comments = $wpdb->get_results( $wpdb->prepare("SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID) ); 6222 6223 if ( !$comments ) 6560 $actual_post = get_post( $post_ID, ARRAY_A ); 6561 6562 if ( ! $actual_post ) { 6563 return new IXR_Error( 404, __( 'Sorry, no such post.' ) ); 6564 } 6565 6566 $comments = $wpdb->get_results( $wpdb->prepare( "SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID ) ); 6567 6568 if ( ! $comments ) { 6224 6569 return array(); 6570 } 6225 6571 6226 6572 $trackback_pings = array(); 6227 6573 foreach ( $comments as $comment ) { 6228 6574 if ( 'trackback' == $comment->comment_type ) { 6229 $content = $comment->comment_content;6230 $title = substr($content, 8, (strpos($content, '</strong>') - 8));6575 $content = $comment->comment_content; 6576 $title = substr( $content, 8, ( strpos( $content, '</strong>' ) - 8 ) ); 6231 6577 $trackback_pings[] = array( 6232 6578 'pingTitle' => $title, 6233 6579 'pingURL' => $comment->comment_author_url, 6234 'pingIP' => $comment->comment_author_IP 6580 'pingIP' => $comment->comment_author_IP, 6235 6581 ); 6236 6582 } … … 6261 6607 $password = $args[2]; 6262 6608 6263 if ( !$user = $this->login($username, $password) ) 6264 return $this->error; 6609 if ( ! $user = $this->login( $username, $password ) ) { 6610 return $this->error; 6611 } 6265 6612 6266 6613 /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ 6267 6614 do_action( 'xmlrpc_call', 'mt.publishPost' ); 6268 6615 6269 $postdata = get_post( $post_ID, ARRAY_A);6270 if ( ! $postdata ) 6616 $postdata = get_post( $post_ID, ARRAY_A ); 6617 if ( ! $postdata ) { 6271 6618 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 6272 6273 if ( !current_user_can('publish_posts') || !current_user_can('edit_post', $post_ID) ) 6274 return new IXR_Error(401, __('Sorry, you are not allowed to publish this post.')); 6619 } 6620 6621 if ( ! current_user_can( 'publish_posts' ) || ! current_user_can( 'edit_post', $post_ID ) ) { 6622 return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish this post.' ) ); 6623 } 6275 6624 6276 6625 $postdata['post_status'] = 'publish'; 6277 6626 6278 6627 // retain old cats 6279 $cats = wp_get_post_categories($post_ID);6628 $cats = wp_get_post_categories( $post_ID ); 6280 6629 $postdata['post_category'] = $cats; 6281 $this->escape( $postdata);6630 $this->escape( $postdata ); 6282 6631 6283 6632 return wp_update_post( $postdata ); … … 6310 6659 6311 6660 $pagelinkedfrom = str_replace( '&', '&', $args[0] ); 6312 $pagelinkedto = str_replace( '&', '&', $args[1] );6313 $pagelinkedto = str_replace( '&', '&', $pagelinkedto );6661 $pagelinkedto = str_replace( '&', '&', $args[1] ); 6662 $pagelinkedto = str_replace( '&', '&', $pagelinkedto ); 6314 6663 6315 6664 /** … … 6323 6672 $pagelinkedfrom = apply_filters( 'pingback_ping_source_uri', $pagelinkedfrom, $pagelinkedto ); 6324 6673 6325 if ( ! $pagelinkedfrom ) 6674 if ( ! $pagelinkedfrom ) { 6326 6675 return $this->pingback_error( 0, __( 'A valid URL was not provided.' ) ); 6676 } 6327 6677 6328 6678 // Check if the page linked to is in our site 6329 $pos1 = strpos( $pagelinkedto, str_replace(array('http://www.','http://','https://www.','https://'), '', get_option('home')));6330 if ( ! $pos1 )6679 $pos1 = strpos( $pagelinkedto, str_replace( array( 'http://www.', 'http://', 'https://www.', 'https://' ), '', get_option( 'home' ) ) ); 6680 if ( ! $pos1 ) { 6331 6681 return $this->pingback_error( 0, __( 'Is there no link to us?' ) ); 6682 } 6332 6683 6333 6684 // let's find which post is linked to 6334 6685 // FIXME: does url_to_postid() cover all these cases already? 6335 6686 // if so, then let's use it and drop the old code. 6336 $urltest = parse_url( $pagelinkedto);6337 if ( $post_ID = url_to_postid( $pagelinkedto) ) {6687 $urltest = parse_url( $pagelinkedto ); 6688 if ( $post_ID = url_to_postid( $pagelinkedto ) ) { 6338 6689 // $way 6339 } elseif ( isset( $urltest['path'] ) && preg_match( '#p/[0-9]{1,}#', $urltest['path'], $match) ) {6690 } elseif ( isset( $urltest['path'] ) && preg_match( '#p/[0-9]{1,}#', $urltest['path'], $match ) ) { 6340 6691 // the path defines the post_ID (archives/p/XXXX) 6341 $blah = explode('/', $match[0]);6692 $blah = explode( '/', $match[0] ); 6342 6693 $post_ID = (int) $blah[1]; 6343 } elseif ( isset( $urltest['query'] ) && preg_match( '#p=[0-9]{1,}#', $urltest['query'], $match) ) {6694 } elseif ( isset( $urltest['query'] ) && preg_match( '#p=[0-9]{1,}#', $urltest['query'], $match ) ) { 6344 6695 // the querystring defines the post_ID (?p=XXXX) 6345 $blah = explode('=', $match[0]);6696 $blah = explode( '=', $match[0] ); 6346 6697 $post_ID = (int) $blah[1]; 6347 } elseif ( isset( $urltest['fragment']) ) {6698 } elseif ( isset( $urltest['fragment'] ) ) { 6348 6699 // an #anchor is there, it's either... 6349 if ( intval( $urltest['fragment']) ) {6700 if ( intval( $urltest['fragment'] ) ) { 6350 6701 // ...an integer #XXXX (simplest case) 6351 6702 $post_ID = (int) $urltest['fragment']; 6352 } elseif ( preg_match( '/post-[0-9]+/',$urltest['fragment']) ) {6703 } elseif ( preg_match( '/post-[0-9]+/', $urltest['fragment'] ) ) { 6353 6704 // ...a post id in the form 'post-###' 6354 $post_ID = preg_replace( '/[^0-9]+/', '', $urltest['fragment']);6355 } elseif ( is_string( $urltest['fragment']) ) {6705 $post_ID = preg_replace( '/[^0-9]+/', '', $urltest['fragment'] ); 6706 } elseif ( is_string( $urltest['fragment'] ) ) { 6356 6707 // ...or a string #title, a little more complicated 6357 $title = preg_replace( '/[^a-z0-9]/i', '.', $urltest['fragment']);6358 $sql = $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title );6359 if ( ! ($post_ID = $wpdb->get_var($sql)) ) {6708 $title = preg_replace( '/[^a-z0-9]/i', '.', $urltest['fragment'] ); 6709 $sql = $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title RLIKE %s", $title ); 6710 if ( ! ( $post_ID = $wpdb->get_var( $sql ) ) ) { 6360 6711 // returning unknown error '0' is better than die()ing 6361 6712 return $this->pingback_error( 0, '' ); 6362 6713 } 6363 6714 } 6364 6715 } else { 6365 6716 // TODO: Attempt to extract a post ID from the given URL 6366 return $this->pingback_error( 33, __('The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) );6717 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6367 6718 } 6368 6719 $post_ID = (int) $post_ID; 6369 6720 6370 $post = get_post($post_ID); 6371 6372 if ( !$post ) // Post_ID not found 6373 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6374 6375 if ( $post_ID == url_to_postid($pagelinkedfrom) ) 6721 $post = get_post( $post_ID ); 6722 6723 if ( ! $post ) { // Post_ID not found 6724 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6725 } 6726 6727 if ( $post_ID == url_to_postid( $pagelinkedfrom ) ) { 6376 6728 return $this->pingback_error( 0, __( 'The source URL and the target URL cannot both point to the same resource.' ) ); 6729 } 6377 6730 6378 6731 // Check if pings are on 6379 if ( !pings_open($post) ) 6380 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6732 if ( ! pings_open( $post ) ) { 6733 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6734 } 6381 6735 6382 6736 // Let's check that the remote site didn't already pingback this entry 6383 if ( $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $post_ID, $pagelinkedfrom) ) )6737 if ( $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_author_url = %s", $post_ID, $pagelinkedfrom ) ) ) { 6384 6738 return $this->pingback_error( 48, __( 'The pingback has already been registered.' ) ); 6739 } 6385 6740 6386 6741 // very stupid, but gives time to the 'from' server to publish ! 6387 sleep( 1);6742 sleep( 1 ); 6388 6743 6389 6744 $remote_ip = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] ); … … 6394 6749 // Let's check the remote site 6395 6750 $http_api_args = array( 6396 'timeout' => 10,6397 'redirection' => 0,6751 'timeout' => 10, 6752 'redirection' => 0, 6398 6753 'limit_response_size' => 153600, // 150 KB 6399 'user-agent' => "$user_agent; verifying pingback from $remote_ip",6400 'headers' => array(6754 'user-agent' => "$user_agent; verifying pingback from $remote_ip", 6755 'headers' => array( 6401 6756 'X-Pingback-Forwarded-For' => $remote_ip, 6402 6757 ), 6403 6758 ); 6404 6759 6405 $request = wp_safe_remote_get( $pagelinkedfrom, $http_api_args );6760 $request = wp_safe_remote_get( $pagelinkedfrom, $http_api_args ); 6406 6761 $remote_source = $remote_source_original = wp_remote_retrieve_body( $request ); 6407 6762 … … 6423 6778 $remote_source = str_replace( '<!DOC', '<DOC', $remote_source ); 6424 6779 $remote_source = preg_replace( '/[\r\n\t ]+/', ' ', $remote_source ); // normalize spaces 6425 $remote_source = preg_replace( "/<\/*(h1|h2|h3|h4|h5|h6|p|th|td|li|dt|dd|pre|caption|input|textarea|button|body)[^>]*>/", "\n\n", $remote_source );6780 $remote_source = preg_replace( '/<\/*(h1|h2|h3|h4|h5|h6|p|th|td|li|dt|dd|pre|caption|input|textarea|button|body)[^>]*>/', "\n\n", $remote_source ); 6426 6781 6427 6782 preg_match( '|<title>([^<]*?)</title>|is', $remote_source, $matchtitle ); … … 6435 6790 $p = explode( "\n\n", $remote_source ); 6436 6791 6437 $preg_target = preg_quote( $pagelinkedto, '|');6792 $preg_target = preg_quote( $pagelinkedto, '|' ); 6438 6793 6439 6794 foreach ( $p as $para ) { 6440 if ( strpos( $para, $pagelinkedto) !== false ) { // it exists, but is it a link?6441 preg_match( "|<a[^>]+?".$preg_target."[^>]*>([^>]+?)</a>|", $para, $context);6795 if ( strpos( $para, $pagelinkedto ) !== false ) { // it exists, but is it a link? 6796 preg_match( '|<a[^>]+?' . $preg_target . '[^>]*>([^>]+?)</a>|', $para, $context ); 6442 6797 6443 6798 // If the URL isn't in a link context, keep looking 6444 if ( empty( $context) )6799 if ( empty( $context ) ) { 6445 6800 continue; 6801 } 6446 6802 6447 6803 // We're going to use this fake tag to mark the context in a bit 6448 6804 // the marker is needed in case the link text appears more than once in the paragraph 6449 $excerpt = preg_replace( '|\</?wpcontext\>|', '', $para);6805 $excerpt = preg_replace( '|\</?wpcontext\>|', '', $para ); 6450 6806 6451 6807 // prevent really long link text 6452 if ( strlen($context[1]) > 100 ) 6453 $context[1] = substr($context[1], 0, 100) . '…'; 6454 6455 $marker = '<wpcontext>'.$context[1].'</wpcontext>'; // set up our marker 6456 $excerpt= str_replace($context[0], $marker, $excerpt); // swap out the link for our marker 6457 $excerpt = strip_tags($excerpt, '<wpcontext>'); // strip all tags but our context marker 6458 $excerpt = trim($excerpt); 6459 $preg_marker = preg_quote($marker, '|'); 6460 $excerpt = preg_replace("|.*?\s(.{0,100}$preg_marker.{0,100})\s.*|s", '$1', $excerpt); 6461 $excerpt = strip_tags($excerpt); // YES, again, to remove the marker wrapper 6808 if ( strlen( $context[1] ) > 100 ) { 6809 $context[1] = substr( $context[1], 0, 100 ) . '…'; 6810 } 6811 6812 $marker = '<wpcontext>' . $context[1] . '</wpcontext>'; // set up our marker 6813 $excerpt = str_replace( $context[0], $marker, $excerpt ); // swap out the link for our marker 6814 $excerpt = strip_tags( $excerpt, '<wpcontext>' ); // strip all tags but our context marker 6815 $excerpt = trim( $excerpt ); 6816 $preg_marker = preg_quote( $marker, '|' ); 6817 $excerpt = preg_replace( "|.*?\s(.{0,100}$preg_marker.{0,100})\s.*|s", '$1', $excerpt ); 6818 $excerpt = strip_tags( $excerpt ); // YES, again, to remove the marker wrapper 6462 6819 break; 6463 6820 } 6464 6821 } 6465 6822 6466 if ( empty( $context) )// Link to target not found6823 if ( empty( $context ) ) { // Link to target not found 6467 6824 return $this->pingback_error( 17, __( 'The source URL does not contain a link to the target URL, and so cannot be used as a source.' ) ); 6468 6469 $pagelinkedfrom = str_replace('&', '&', $pagelinkedfrom); 6470 6471 $context = '[…] ' . esc_html( $excerpt ) . ' […]'; 6825 } 6826 6827 $pagelinkedfrom = str_replace( '&', '&', $pagelinkedfrom ); 6828 6829 $context = '[…] ' . esc_html( $excerpt ) . ' […]'; 6472 6830 $pagelinkedfrom = $this->escape( $pagelinkedfrom ); 6473 6831 6474 $comment_post_ID = (int) $post_ID;6475 $comment_author = $title;6832 $comment_post_ID = (int) $post_ID; 6833 $comment_author = $title; 6476 6834 $comment_author_email = ''; 6477 $this->escape( $comment_author);6835 $this->escape( $comment_author ); 6478 6836 $comment_author_url = $pagelinkedfrom; 6479 $comment_content = $context;6480 $this->escape( $comment_content);6837 $comment_content = $context; 6838 $this->escape( $comment_content ); 6481 6839 $comment_type = 'pingback'; 6482 6840 … … 6486 6844 ); 6487 6845 6488 $comment_ID = wp_new_comment( $commentdata);6846 $comment_ID = wp_new_comment( $commentdata ); 6489 6847 6490 6848 if ( is_wp_error( $comment_ID ) ) { … … 6525 6883 $url = $this->escape( $url ); 6526 6884 6527 $post_ID = url_to_postid( $url);6528 if ( ! $post_ID ) {6885 $post_ID = url_to_postid( $url ); 6886 if ( ! $post_ID ) { 6529 6887 // We aren't sure that the resource is available and/or pingback enabled 6530 6531 } 6532 6533 $actual_post = get_post( $post_ID, ARRAY_A);6534 6535 if ( ! $actual_post ) {6888 return $this->pingback_error( 33, __( 'The specified target URL cannot be used as a target. It either doesn’t exist, or it is not a pingback-enabled resource.' ) ); 6889 } 6890 6891 $actual_post = get_post( $post_ID, ARRAY_A ); 6892 6893 if ( ! $actual_post ) { 6536 6894 // No such post = resource not found 6537 return $this->pingback_error( 32, __('The specified target URL does not exist.' ) );6538 } 6539 6540 $comments = $wpdb->get_results( $wpdb->prepare( "SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID) );6541 6542 if ( ! $comments )6895 return $this->pingback_error( 32, __( 'The specified target URL does not exist.' ) ); 6896 } 6897 6898 $comments = $wpdb->get_results( $wpdb->prepare( "SELECT comment_author_url, comment_content, comment_author_IP, comment_type FROM $wpdb->comments WHERE comment_post_ID = %d", $post_ID ) ); 6899 6900 if ( ! $comments ) { 6543 6901 return array(); 6902 } 6544 6903 6545 6904 $pingbacks = array(); 6546 6905 foreach ( $comments as $comment ) { 6547 if ( 'pingback' == $comment->comment_type ) 6906 if ( 'pingback' == $comment->comment_type ) { 6548 6907 $pingbacks[] = $comment->comment_author_url; 6908 } 6549 6909 } 6550 6910
Note: See TracChangeset
for help on using the changeset viewer.