/**
* Takes $_POST data and saves it to, calling save_to_post_meta() once validation is passed
* When using Fieldmanager as an API, do not call this function directly, call save_to_post_meta()
* @param int $post_id
* @return void
*/
public function save_fields_for_quickedit($post_id)
{
// Make sure this field is attached to the post type being saved.
if (!isset($_POST['post_type']) || defined('DOING_AUTOSAVE') && DOING_AUTOSAVE || $_POST['action'] != 'inline-save') {
return;
}
$use_this_post_type = false;
foreach ($this->post_types as $type) {
if ($type == $_POST['post_type']) {
$use_this_post_type = true;
break;
}
}
if (!$use_this_post_type) {
return;
}
// Ensure that the nonce is set and valid
if (!$this->is_valid_nonce()) {
return;
}
// Make sure the current user can save this post
if ($_POST['post_type'] == 'post') {
if (!current_user_can('edit_post', $post_id)) {
$this->fm->_unauthorized_access(__('User cannot edit this post', 'fieldmanager'));
return;
}
}
$this->save_to_post_meta($post_id);
}
/**
* Saves custom term fields
* @access public
* @param int $term_id
* @param int $tt_id
* @param string $taxonomy
* @return void
*/
public function save_term_fields($term_id, $tt_id, $taxonomy)
{
// Make sure this field is attached to the taxonomy being saved and this is the appropriate action
if (!in_array($taxonomy, $this->taxonomies)) {
return;
}
// Make sure that our nonce field arrived intact
if (!$this->is_valid_nonce()) {
return;
}
// Make sure the current user can save this post
$tax_obj = get_taxonomy($taxonomy);
if (!current_user_can($tax_obj->cap->manage_terms)) {
$this->fm->_unauthorized_access(__('User cannot edit this term', 'fieldmanager'));
return;
}
// Save the data
$this->save_to_term_meta($term_id, $taxonomy);
}
/**
* Takes $_POST data and saves it to, calling save_to_post_meta() once validation is passed
* When using Fieldmanager as an API, do not call this function directly, call save_to_post_meta()
* @param int $post_id
* @return void
*/
public function save_fields_for_post($post_id)
{
// Make sure this field is attached to the post type being saved.
if (empty($_POST['post_ID']) || defined('DOING_AUTOSAVE') && DOING_AUTOSAVE || $_POST['action'] != 'editpost') {
return;
}
// Make sure this hook fired on the post being saved, not a side-effect post for which the $_POST context is invalid.
if ($post_id !== absint($_POST['post_ID'])) {
return;
}
// Prevent saving the same post twice; FM does not yet use revisions.
if (get_post_type($post_id) == 'revision') {
return;
}
// Make sure this post type is intended for handling by this FM context.
if (!in_array(get_post_type($post_id), $this->post_types)) {
return;
}
// Do not handle quickedit in this context.
if ($_POST['action'] == 'inline-save') {
return;
}
// Verify nonce is present and valid. If present but not valid, this
// throws an exception, but if it's absent we can assume our data is
// not present.
if (!$this->is_valid_nonce()) {
return;
}
// Make sure the current user is authorized to save this post.
if ($_POST['post_type'] == 'post') {
if (!current_user_can('edit_post', $post_id)) {
$this->fm->_unauthorized_access(__('User cannot edit this post', 'fieldmanager'));
return;
}
}
$this->save_to_post_meta($post_id);
}
