/**
* Create a single attachment
*
* @param WP_REST_Request $request Full details about the request
* @return WP_Error|WP_REST_Response
*/
public function create_item($request)
{
// Permissions check - Note: "upload_files" cap is returned for an attachment by $post_type_obj->cap->create_posts
$post_type_obj = get_post_type_object($this->post_type);
if (!current_user_can($post_type_obj->cap->create_posts) || !current_user_can($post_type_obj->cap->edit_posts)) {
return new WP_Error('rest_cannot_create', __('Sorry, you are not allowed to post on this site.'), array('status' => 400));
}
// If a user is trying to attach to a post make sure they have permissions. Bail early if post_id is not being passed
if (!empty($request['post'])) {
$parent = get_post((int) $request['post']);
$post_parent_type = get_post_type_object($parent->post_type);
if (!current_user_can($post_parent_type->cap->edit_post, $request['post'])) {
return new WP_Error('rest_cannot_edit', __('Sorry, you are not allowed to edit this post.'), array('status' => 401));
}
}
// Get the file via $_FILES or raw data
$files = $request->get_file_params();
$headers = $request->get_headers();
if (!empty($files)) {
$file = $this->upload_from_file($files, $headers);
} else {
$file = $this->upload_from_data($request->get_body(), $headers);
}
if (is_wp_error($file)) {
return $file;
}
$name = basename($file['file']);
$name_parts = pathinfo($name);
$name = trim(substr($name, 0, -(1 + strlen($name_parts['extension']))));
$url = $file['url'];
$type = $file['type'];
$file = $file['file'];
$title = $name;
$caption = '';
// use image exif/iptc data for title and caption defaults if possible
// @codingStandardsIgnoreStart
$image_meta = @wp_read_image_metadata($file);
// @codingStandardsIgnoreEnd
if (!empty($image_meta)) {
if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) {
$title = $image_meta['title'];
}
if (empty($request['caption']) && trim($image_meta['caption'])) {
$caption = $image_meta['caption'];
}
}
$attachment = $this->prepare_item_for_database($request);
$attachment->file = $file;
$attachment->post_mime_type = $type;
$attachment->guid = $url;
$id = wp_insert_post($attachment, true);
if (is_wp_error($id)) {
return $id;
}
/** Include admin functions to get access to wp_generate_attachment_metadata() */
require_once ABSPATH . 'wp-admin/includes/admin.php';
wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file));
if (isset($request['alt_text'])) {
update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text']));
}
$this->update_additional_fields_for_object($attachment, $request);
$response = $this->get_item(array('id' => $id, 'context' => 'edit'));
$response = rest_ensure_response($response);
$response->set_status(201);
$response->header('Location', rest_url('/wp/v2/' . $this->get_post_type_base($attachment->post_type) . '/' . $id));
/**
* Fires after a single attachment is created or updated via the REST API.
*
* @param object $attachment Inserted attachment.
* @param WP_REST_Request $request The request sent to the API.
* @param bool $creating True when creating an attachment, false when updating.
*/
do_action('rest_insert_attachment', $attachment, $request, true);
return $response;
}
/**
* Creates a single attachment.
*
* @since 4.7.0
* @access public
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response Response object on success, WP_Error object on failure.
*/
public function create_item($request)
{
if (!empty($request['post']) && in_array(get_post_type($request['post']), array('revision', 'attachment'), true)) {
return new WP_Error('rest_invalid_param', __('Invalid parent type.'), array('status' => 400));
}
// Get the file via $_FILES or raw data.
$files = $request->get_file_params();
$headers = $request->get_headers();
if (!empty($files)) {
$file = $this->upload_from_file($files, $headers);
} else {
$file = $this->upload_from_data($request->get_body(), $headers);
}
if (is_wp_error($file)) {
return $file;
}
$name = basename($file['file']);
$name_parts = pathinfo($name);
$name = trim(substr($name, 0, -(1 + strlen($name_parts['extension']))));
$url = $file['url'];
$type = $file['type'];
$file = $file['file'];
// use image exif/iptc data for title and caption defaults if possible
$image_meta = @wp_read_image_metadata($file);
if (!empty($image_meta)) {
if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) {
$request['title'] = $image_meta['title'];
}
if (empty($request['caption']) && trim($image_meta['caption'])) {
$request['caption'] = $image_meta['caption'];
}
}
$attachment = $this->prepare_item_for_database($request);
$attachment->file = $file;
$attachment->post_mime_type = $type;
$attachment->guid = $url;
if (empty($attachment->post_title)) {
$attachment->post_title = preg_replace('/\\.[^.]+$/', '', basename($file));
}
$id = wp_insert_post(wp_slash((array) $attachment), true);
if (is_wp_error($id)) {
if ('db_update_error' === $id->get_error_code()) {
$id->add_data(array('status' => 500));
} else {
$id->add_data(array('status' => 400));
}
return $id;
}
$attachment = get_post($id);
/**
* Fires after a single attachment is created or updated via the REST API.
*
* @since 4.7.0
*
* @param WP_Post $attachment Inserted or updated attachment
* object.
* @param WP_REST_Request $request The request sent to the API.
* @param bool $creating True when creating an attachment, false when updating.
*/
do_action('rest_insert_attachment', $attachment, $request, true);
// Include admin functions to get access to wp_generate_attachment_metadata().
require_once ABSPATH . 'wp-admin/includes/admin.php';
wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file));
if (isset($request['alt_text'])) {
update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text']));
}
$fields_update = $this->update_additional_fields_for_object($attachment, $request);
if (is_wp_error($fields_update)) {
return $fields_update;
}
$request->set_param('context', 'edit');
$response = $this->prepare_item_for_response($attachment, $request);
$response = rest_ensure_response($response);
$response->set_status(201);
$response->header('Location', rest_url(sprintf('%s/%s/%d', $this->namespace, $this->rest_base, $id)));
return $response;
}
/**
* Create a single attachment
*
* @param WP_REST_Request $request Full details about the request
* @return WP_Error|WP_REST_Response
*/
public function create_item($request)
{
// Get the file via $_FILES or raw data
$files = $request->get_file_params();
$headers = $request->get_headers();
if (!empty($files)) {
$file = $this->upload_from_file($files, $headers);
} else {
$file = $this->upload_from_data($request->get_body(), $headers);
}
if (is_wp_error($file)) {
return $file;
}
$name = basename($file['file']);
$name_parts = pathinfo($name);
$name = trim(substr($name, 0, -(1 + strlen($name_parts['extension']))));
$url = $file['url'];
$type = $file['type'];
$file = $file['file'];
// use image exif/iptc data for title and caption defaults if possible
// @codingStandardsIgnoreStart
$image_meta = @wp_read_image_metadata($file);
// @codingStandardsIgnoreEnd
if (!empty($image_meta)) {
if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) {
$request['title'] = $image_meta['title'];
}
if (empty($request['caption']) && trim($image_meta['caption'])) {
$request['caption'] = $image_meta['caption'];
}
}
$attachment = $this->prepare_item_for_database($request);
$attachment->file = $file;
$attachment->post_mime_type = $type;
$attachment->guid = $url;
$id = wp_insert_post($attachment, true);
if (is_wp_error($id)) {
if (in_array($id->get_error_code(), array('db_update_error'))) {
$id->add_data(array('status' => 500));
} else {
$id->add_data(array('status' => 400));
}
return $id;
}
$attachment = get_post($id);
/** Include admin functions to get access to wp_generate_attachment_metadata() */
require_once ABSPATH . 'wp-admin/includes/admin.php';
wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file));
if (isset($request['alt_text'])) {
update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text']));
}
$this->update_additional_fields_for_object($attachment, $request);
$request->set_param('context', 'edit');
$response = $this->prepare_item_for_response($attachment, $request);
$response = rest_ensure_response($response);
$response->set_status(201);
$response->header('Location', rest_url('/wp/v2/' . $this->get_post_type_base($attachment->post_type) . '/' . $id));
/**
* Fires after a single attachment is created or updated via the REST API.
*
* @param object $attachment Inserted attachment.
* @param WP_REST_Request $request The request sent to the API.
* @param boolean $creating True when creating an attachment, false when updating.
*/
do_action('rest_insert_attachment', $attachment, $request, true);
return $response;
}
