Make WordPress Core

Changeset 7920


Ignore:
Timestamp:
05/12/2008 11:43:40 PM (17 years ago)
Author:
ryan
Message:

wp_insert_post() -- Validate page template, check return of insert and update queries, add option to return WP_Error. fixes #6227 see #6098. for 2.5

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.5/wp-includes/post.php

    r7877 r7920  
    11651165 * @return int post ID or 0 on error
    11661166 */
    1167 function wp_insert_post($postarr = array()) {
     1167function wp_insert_post($postarr = array(), $wp_error = false) {
    11681168    global $wpdb, $wp_rewrite, $user_ID;
    11691169
     
    11881188    }
    11891189
    1190     if ( ('' == $post_content) && ('' == $post_title) && ('' == $post_excerpt) )
    1191         return 0;
     1190    if ( ('' == $post_content) && ('' == $post_title) && ('' == $post_excerpt) ) {
     1191        if ( $wp_error )
     1192            return new WP_Error('empty_content', __('Content, title, and excerpt are empty.'));
     1193        else
     1194            return 0;
     1195    }
    11921196
    11931197    // Make sure we set a valid category
     
    13001304    if ($update) {
    13011305        do_action( 'pre_post_update', $post_ID );
    1302         $wpdb->update( $wpdb->posts, $data, $where );
     1306        if ( false === $wpdb->update( $wpdb->posts, $data, $where ) ) {
     1307            if ( $wp_error )
     1308                return new WP_Error('db_update_error', __('Could not update post in the database'), $wpdb->last_error);
     1309            else
     1310                return 0;
     1311        }
    13031312    } else {
    13041313        $data['post_mime_type'] = stripslashes( $post_mime_type ); // This isn't in the update
    1305         $wpdb->insert( $wpdb->posts, $data );
     1314        if ( false === $wpdb->insert( $wpdb->posts, $data ) ) {
     1315            if ( $wp_error )
     1316                return new WP_Error('db_insert_error', __('Could not insert post into the database'), $wpdb->last_error);
     1317            else
     1318                return 0;   
     1319        }
    13061320        $post_ID = (int) $wpdb->insert_id;
    13071321
     
    13201334    $current_guid = get_post_field( 'guid', $post_ID );
    13211335
    1322     if ( 'page' == $post_type ) {
     1336    if ( 'page' == $post_type )
    13231337        clean_page_cache($post_ID);
    1324     } else {
     1338    else
    13251339        clean_post_cache($post_ID);
    1326     }
    13271340
    13281341    // Set GUID
     
    13311344
    13321345    $post = get_post($post_ID);
    1333     if ( !empty($page_template) )
     1346
     1347    if ( !empty($page_template) && 'page' == $post_type ) {
    13341348        $post->page_template = $page_template;
     1349        $page_templates = get_page_templates();
     1350        if ( ! in_array($page_template, $page_templates) ) {
     1351            if ( $wp_error )
     1352                return new WP_Error('invalid_page_template', __('The page template is invalid.'));
     1353            else
     1354                return 0;
     1355        }
     1356        if ( ! update_post_meta($post_ID, '_wp_page_template',  $page_template) )
     1357            add_post_meta($post_ID, '_wp_page_template',  $page_template, true);
     1358    }
    13351359
    13361360    wp_transition_post_status($post_status, $previous_status, $post);
     
    29432967function _save_post_hook($post_id, $post) {
    29442968    if ( $post->post_type == 'page' ) {
    2945         if ( !empty($post->page_template) )
    2946             if ( ! update_post_meta($post_id, '_wp_page_template',  $post->page_template))
    2947                 add_post_meta($post_id, '_wp_page_template',  $post->page_template, true);
    2948 
    29492969        clean_page_cache($post_id);
    29502970        global $wp_rewrite;
Note: See TracChangeset for help on using the changeset viewer.