public function test_get_comment_with_parent() { $comment_parent_id = $this->_create_comment(); $comment_id = $this->_create_comment(array('comment_parent' => (int) $comment_parent_id)); $response = $this->endpoint->get_comment($comment_id); $this->assertNotInstanceOf('WP_Error', $response); $response = json_ensure_response($response); $this->assertEquals(200, $response->get_status()); }
public function test_access_single_revision() { wp_set_current_user(0); $response = $this->endpoint->get_post($this->revision_id); $this->assertErrorResponse('json_user_cannot_read', $response, 401); wp_set_current_user($this->author); $response = $this->endpoint->get_post($this->revision_id); $this->assertNotInstanceOf('WP_Error', $response); $response = json_ensure_response($response); $this->assertEquals(200, $response->get_status()); }
public function test_post_no_revisions() { $no_revisions_id = $this->factory->post->create(array('post_author' => $this->author, 'post_title' => md5(wp_generate_password()), 'post_content' => md5(wp_generate_password()))); wp_set_current_user($this->author); $response = $this->endpoint->get_revisions($no_revisions_id); $this->assertNotInstanceOf('WP_Error', $response); $response = json_ensure_response($response); $this->assertEquals(200, $response->get_status()); $data = $response->get_data(); $this->assertEquals(0, count($data)); }
/** * Get all registered menus. * * @return WP_Error|WP_JSON_ResponseInterface */ public function get_menus() { $menus = get_registered_nav_menus(); if ($menus) { $response = json_ensure_response($menus); $response->set_status(201); $response->header('Location', json_url('jpwp/menus/')); return $response; } else { return new WP_Error('jwp_api_error' . __FUNCTION__, __('Menus could not be returned.', 'jpwp-api')); } }
/** * Add meta to a post. * * Ensures that the correct location header is sent with the response. * * @param int $id Post ID * @param array $data { * @type string|null $key Meta key * @type string|null $key Meta value * } * @return bool|WP_Error */ public function add_meta($id, $data) { $response = parent::add_meta($id, $data); if (is_wp_error($response)) { return $response; } $data = (object) $response->get_data(); $response = new WP_JSON_Response(); $response->header('Location', json_url('/posts/' . $id . '/meta/' . $data->ID)); $response->set_data($data); $response = json_ensure_response($response); return $response; }
function delete_vote($id) { $user_vote = $this->get_user_vote(get_current_user_id(), $id); if ($user_vote) { $result = delete_post_meta($id, 'votes', $user_vote); } else { return new WP_Error('bikeit_vote_not_found', __('Vote not found.', 'bikeit'), array('status' => 404)); } $this->update_vote_totals($id); $post = get_post($id); $this->update_author_votes($post->post_author); $response = json_ensure_response($result); return $response; }
function contact($data) { $value = array('name' => $data['name'], 'email' => $data['email'], 'body' => $data['body']); // Send email $email = get_option('admin_email'); $body = '<p>Nova mensagem de <strong>' . $value['name'] . '</strong></p><p>Email: <strong>' . $value['email'] . '</strong></p><p><strong>Mensagem</strong>:</p><p><blockquote>' . $data['body'] . '</blockquote></p>'; $headers = array('Content-Type:text/html;charset=UTF-8'); $mailed = wp_mail($email, '[CACI] Nova mensagem de ' . $value['name'], $body, $headers); if (!$mailed) { return new WP_Error('vindig_mail_error', print_r($GLOBALS['phpmailer']->ErrorInfo, true), array('status' => 500)); } $response = json_ensure_response(true); $response->set_status(201); return $response; }
function denuncia($id, $data) { $value = array('message' => $data['message'], 'date' => date('c')); $meta = add_post_meta($id, 'denuncia', $value); if (!$meta) { return new WP_Error('vindig_denuncia_error', 'Erro ao enviar contribuição', array('status' => 500)); } else { // Send email $email = get_option('admin_email'); $body = '<p>Nova contribuição anônima para o <a href="' . get_option('home') . '#!/caso/' . $id . '/">caso "' . get_the_title($id) . '"</a></p><p><strong>Mensagem</strong>:</p><p><blockquote>' . $data['message'] . '</blockquote></p>'; $headers = array('Content-Type: text/html; charset=UTF-8'); wp_mail($email, 'Nova contribuição para o caso #' . $id, $body, $headers); $response = json_ensure_response($result); $response->set_status(201); return $response; } }
function vote($id, $data) { $vote = $data['vote']; if (!is_user_logged_in()) { return new WP_Error('bikeit_user_cannot_vote', __('Sorry, you must be logged in to vote.'), array('status' => 401)); } if (!$vote || $vote !== 'up' && $vote !== 'down') { return new WP_Error('bikeit_invalid_vote', __('Invalid vote.'), array('status' => 500)); } $votes = get_post_meta($id, 'votes'); $prev_value = $this->get_user_vote(get_current_user_id(), $id); if (!$prev_value) { $result = add_post_meta($id, 'votes', array('user_id' => get_current_user_id(), 'vote' => $vote)); } else { $result = update_post_meta($id, 'votes', array('user_id' => get_current_user_id(), 'vote' => $vote), $prev_value); } $this->update_vote_totals($id); $post = get_post($id); $this->update_author_votes($post->post_author); $response = json_ensure_response($result); $response->set_status(201); return $response; }
function test_edit_post_sticky_false() { $data = $this->set_data(array('sticky' => false)); $response = $this->endpoint->edit_post($this->post_id, $data); $response = json_ensure_response($response); $edited_post = get_post($this->post_id); $this->check_get_post_response($response, $edited_post); $this->assertFalse(is_sticky($this->post_id)); }
public function add_meta($id, $data) { $id = (int) $id; if (empty($id)) { $this->set_status(404); return array('message' => __('Invalid post ID.')); } $post = get_post($id, ARRAY_A); if (empty($post['ID'])) { $this->set_status(404); return array('message' => __('Invalid post ID.')); } if (!array_key_exists('key', $data)) { $this->set_status(400); return array('message' => __('Missing meta key.')); } if (!array_key_exists('value', $data)) { $this->set_status(400); return array('message' => __('Missing meta value.')); } if (empty($data['key'])) { $this->set_status(400); return array('message' => __('Invalid meta key.')); } if (!$this->is_valid_meta_data($data['value'])) { // for now let's not allow updating of arrays, objects or serialized values. $this->set_status(400); return array('message' => __('Invalid provided meta data for action.')); } if (is_protected_meta($data['key'])) { $this->set_status(403); return array('message' => __('Forbidden Error.')); } $meta_key = wp_slash($data['key']); $value = wp_slash($data['value']); $result = add_post_meta($id, $meta_key, $value); if (!$result) { $this->set_status(400); return array('message' => __('Could not add post meta.')); } $response = json_ensure_response($this->get_meta($id, $result)); if (is_wp_error($response)) { return $response; } $response->set_status(201); $response->header('Location', json_url('/posts/' . $id . '/meta/' . $result)); return $response; }
/** * Create a new post for any registered post type. * * @since 3.4.0 * @internal 'data' is used here rather than 'content', as get_default_post_to_edit uses $_REQUEST['content'] * * @param array $content Content data. Can contain: * - post_type (default: 'post') * - post_status (default: 'draft') * - post_title * - post_author * - post_excerpt * - post_content * - post_date_gmt | post_date * - post_format * - post_password * - comment_status - can be 'open' | 'closed' * - ping_status - can be 'open' | 'closed' * - sticky * - post_thumbnail - ID of a media item to use as the post thumbnail/featured image * - custom_fields - array, with each element containing 'key' and 'value' * - terms - array, with taxonomy names as keys and arrays of term IDs as values * - terms_names - array, with taxonomy names as keys and arrays of term names as values * - enclosure * - any other fields supported by wp_insert_post() * @return array Post data (see {@see WP_JSON_Posts::get_post}) */ public function create_post($data) { unset($data['ID']); $result = $this->insert_post($data); if ($result instanceof WP_Error) { return $result; } $response = json_ensure_response($this->get_post($result, 'edit')); $response->set_status(201); $response->header('Location', json_url('/posts/' . $result)); return $response; }
/** * Edit a form given an ID. This is an API endpoint. * * @param int $id * @param array $data * @param array $_headers * @since 6.0 * @return int|WP_Error|WP_JSON_ResponseInterface */ function edit_form($id, $data, $_headers = array()) { $id = (int) $id; if (empty($id)) { return new WP_Error('json_invalid_id_ccf_form', esc_html__('Invalid form ID.', 'custom-contact-forms'), array('status' => 404)); } $form = get_post($id, ARRAY_A); if (empty($form['ID'])) { return new WP_Error('json_invalid_ccf_form', esc_html__('Invalid form.', 'custom-contact-forms'), array('status' => 404)); } // @todo: remove hack. Needed for broken API if (isset($data['author'])) { unset($data['author']); } // @todo: remove hack. Needed for broken API if (isset($data['date'])) { unset($data['date']); } // @todo: remove hack. Needed for broken API if (isset($data['date_gmt'])) { unset($data['date_gmt']); } $result = $this->insert_post($data); if ($result instanceof WP_Error) { return $result; } if (isset($data['fields'])) { if (empty($data['fields'])) { $data['fields'] = array(); } $this->create_and_map_fields($data['fields'], $result); } if (isset($data['buttonText'])) { update_post_meta($result, 'ccf_form_buttonText', sanitize_text_field($data['buttonText'])); } if (isset($data['description'])) { update_post_meta($result, 'ccf_form_description', sanitize_text_field($data['description'])); } if (isset($data['completionActionType'])) { update_post_meta($result, 'ccf_form_completion_action_type', sanitize_text_field($data['completionActionType'])); } if (isset($data['completionMessage'])) { update_post_meta($result, 'ccf_form_completion_message', sanitize_text_field($data['completionMessage'])); } if (isset($data['pause'])) { update_post_meta($result, 'ccf_form_pause', (bool) $data['pause']); } if (isset($data['pauseMessage'])) { update_post_meta($result, 'ccf_form_pause_message', sanitize_text_field($data['pauseMessage'])); } if (isset($data['completionRedirectUrl'])) { update_post_meta($result, 'ccf_form_completion_redirect_url', esc_url_raw($data['completionRedirectUrl'])); } if (isset($data['sendEmailNotifications'])) { update_post_meta($result, 'ccf_form_send_email_notifications', (bool) $data['sendEmailNotifications']); } if (isset($data['emailNotificationAddresses'])) { update_post_meta($result, 'ccf_form_email_notification_addresses', sanitize_text_field($data['emailNotificationAddresses'])); } if (isset($data['emailNotificationFromType'])) { update_post_meta($result, 'ccf_form_email_notification_from_type', sanitize_text_field($data['emailNotificationFromType'])); } if (isset($data['emailNotificationFromAddress'])) { update_post_meta($result, 'ccf_form_email_notification_from_address', sanitize_text_field($data['emailNotificationFromAddress'])); } if (isset($data['emailNotificationFromField'])) { update_post_meta($result, 'ccf_form_email_notification_from_field', sanitize_text_field($data['emailNotificationFromField'])); } if (isset($data['emailNotificationFromNameType'])) { update_post_meta($result, 'ccf_form_email_notification_from_name_type', sanitize_text_field($data['emailNotificationFromNameType'])); } if (isset($data['emailNotificationFromName'])) { update_post_meta($result, 'ccf_form_email_notification_from_name', sanitize_text_field($data['emailNotificationFromName'])); } if (isset($data['emailNotificationFromNameField'])) { update_post_meta($result, 'ccf_form_email_notification_from_name_field', sanitize_text_field($data['emailNotificationFromNameField'])); } if (isset($data['emailNotificationSubjectType'])) { update_post_meta($result, 'ccf_form_email_notification_subject_type', sanitize_text_field($data['emailNotificationSubjectType'])); } if (isset($data['emailNotificationSubject'])) { update_post_meta($result, 'ccf_form_email_notification_subject', sanitize_text_field($data['emailNotificationSubject'])); } if (isset($data['emailNotificationSubjectField'])) { update_post_meta($result, 'ccf_form_email_notification_subject_field', sanitize_text_field($data['emailNotificationSubjectField'])); } $response = json_ensure_response($this->get_post($result)); $response->set_status(201); $response->header('Location', json_url('/ccf/forms/' . $result)); return $response; }
/** * Add meta to a post * * @param int $id Post ID * @param array $data { * @type string|null $key Meta key * @type string|null $key Meta value * } * @return bool|WP_Error */ public function add_meta($id, $data) { $id = (int) $id; if (empty($id)) { return new WP_Error('json_post_invalid_id', __('Invalid post ID.'), array('status' => 404)); } $post = get_post($id, ARRAY_A); if (empty($post['ID'])) { return new WP_Error('json_post_invalid_id', __('Invalid post ID.'), array('status' => 404)); } /*if ( ! $this->check_edit_permission( $post ) ) { return new WP_Error( 'json_cannot_edit', __( 'Sorry, you cannot edit this post' ), array( 'status' => 403 ) ); }*/ if (!array_key_exists('key', $data)) { return new WP_Error('json_post_missing_key', __('Missing meta key.'), array('status' => 400)); } if (!array_key_exists('value', $data)) { return new WP_Error('json_post_missing_value', __('Missing meta value.'), array('status' => 400)); } if (empty($data['key'])) { return new WP_Error('json_meta_invalid_key', __('Invalid meta key.'), array('status' => 400)); } if (!$this->is_valid_meta_data($data['value'])) { // for now let's not allow updating of arrays, objects or serialized values. return new WP_Error('json_post_invalid_action', __('Invalid provided meta data for action.'), array('status' => 400)); } if (is_protected_meta($data['key'])) { return new WP_Error('json_meta_protected', sprintf(__('%s is marked as a protected field.'), $data['key']), array('status' => 403)); } $meta_key = wp_slash($data['key']); $value = wp_slash($data['value']); $result = add_post_meta($id, $meta_key, $value); if (!$result) { return new WP_Error('json_meta_could_not_add', __('Could not add post meta.'), array('status' => 400)); } $response = json_ensure_response($this->get_meta($id, $result)); if (is_wp_error($response)) { return $response; } $response->set_status(201); $response->header('Location', json_url('/posts/' . $id . '/meta/' . $result)); return $response; }
/** * Recieves and stores data from Foursquare User Push APIs */ public function new_push($checkin, $secret, $user) { if (!isset($checkin) && !isset($secret)) { // send error back exit; } $options = get_option('hm_time_options'); $push_secret = $options['foursquare_push_secret']; $google_tz_api_key = $options['google_timezone_api_key']; if ($secret != $push_secret) { // send error back exit; } // fix mapping issue where its unescaping the values. $checkin = $this->hm_stripslashes($checkin); $checkinDecoded = json_decode($checkin); $user = $this->hm_stripslashes($user); $userDecoded = json_decode($user); $wp_user = $this->get_user_by_meta_data('hm_time_foursquare_user_id', $userDecoded->id); $venue = $checkinDecoded->venue; $venue_lat = $venue->location->lat; $venue_lng = $venue->location->lng; $timestamp = time(); $google_tz_api_url = 'https://maps.googleapis.com/maps/api/timezone/json?location=' . $venue_lat . ',' . $venue_lng . '×tamp=' . $timestamp . '&sensor=false&key=' . $google_tz_api_key; $google_tz_api_response = wp_remote_get($google_tz_api_url); $google_tz_api_body = json_decode($google_tz_api_response['body']); $timezone_id = $google_tz_api_body->timeZoneId; $location = $venue->location->city . ', ' . $venue->location->country; hm_time_save_profile_fields($wp_user->id, $timezone_id, $location); $response = json_ensure_response('success'); $response->set_status(201); $response->header('Location', json_url('/hm-time/' . $result)); return $response; }
/** * Create a new post for any registered post type. * * @since 3.4.0 * @internal 'data' is used here rather than 'content', as get_default_post_to_edit uses $_REQUEST['content'] * * @param array $content Content data. Can contain: * - post_type (default: 'post') * - post_status (default: 'draft') * - post_title * - post_author * - post_excerpt * - post_content * - post_date_gmt | post_date * - post_format * - post_password * - comment_status - can be 'open' | 'closed' * - ping_status - can be 'open' | 'closed' * - sticky * - post_thumbnail - ID of a media item to use as the post thumbnail/featured image * - custom_fields - array, with each element containing 'key' and 'value' * - terms - array, with taxonomy names as keys and arrays of term IDs as values * - terms_names - array, with taxonomy names as keys and arrays of term names as values * - enclosure * - any other fields supported by wp_insert_post() * @return array Post data (see {@see WP_JSON_Posts::get_post}) */ public function create_post($data) { unset($data['ID']); $result = $this->insert_post($data); if ($result == false) { json_error(BigAppErr::$post['code'], "create post faild!"); } $response = json_ensure_response($this->get_post($result, 'edit')); $response->set_status(201); return $response; }
public function check_get_taxonomy_term_response($response) { $this->assertNotInstanceOf('WP_Error', $response); $response = json_ensure_response($response); $this->assertEquals(200, $response->get_status()); $data = $response->get_data(); $category = get_term(1, 'category'); $this->check_taxonomy_term($category, $data); }
public function test_update_user_role_privilage_escalation() { $response = $this->endpoint->edit_user($this->user, array('role' => 'administrator')); $response = json_ensure_response($response); $this->assertErrorResponse('json_cannot_edit_roles', $response, 403); $user = get_userdata($this->user); $this->assertArrayHasKey('subscriber', $user->caps); }
function nonce() { return json_ensure_response(array('nonce' => wp_create_nonce('wp_json'))); }
/** * Add meta to an object. * * @param int $id Object ID * @param array $data { * @type string|null $key Meta key * @type string|null $key Meta value * } * @return bool|WP_Error */ public function add_meta($id, $data) { $check = $this->check_object($id); if (is_wp_error($check)) { return $check; } if (!array_key_exists('key', $data)) { $code = $this->type === 'post' ? 'json_post_missing_key' : 'json_meta_missing_key'; return new WP_Error($code, __('Missing meta key.'), array('status' => 400)); } if (!array_key_exists('value', $data)) { $code = $this->type === 'post' ? 'json_post_missing_value' : 'json_meta_missing_value'; return new WP_Error($code, __('Missing meta value.'), array('status' => 400)); } if (empty($data['key'])) { return new WP_Error('json_meta_invalid_key', __('Invalid meta key.'), array('status' => 400)); } if (!$this->is_valid_meta_data($data['value'])) { $code = $this->type === 'post' ? 'json_post_invalid_action' : 'json_meta_invalid_action'; // for now let's not allow updating of arrays, objects or serialized values. return new WP_Error($code, __('Invalid provided meta data for action.'), array('status' => 400)); } if (is_protected_meta($data['key'])) { return new WP_Error('json_meta_protected', sprintf(__('%s is marked as a protected field.'), $data['key']), array('status' => 403)); } $meta_key = wp_slash($data['key']); $value = wp_slash($data['value']); $result = add_metadata($this->type, $id, $meta_key, $value); if (!$result) { return new WP_Error('json_meta_could_not_add', __('Could not add meta.'), array('status' => 400)); } $response = json_ensure_response($this->get_meta($id, $result)); if (is_wp_error($response)) { return $response; } $response->set_status(201); return $response; }
public function test_delete_meta() { $post_id = $this->factory->post->create(); $meta_id = add_post_meta($post_id, 'testkey', 'testvalue'); $response = $this->endpoint->delete_meta($post_id, $meta_id); $this->assertNotInstanceOf('WP_Error', $response); $response = json_ensure_response($response); $this->assertEquals(200, $response->get_status()); $data = $response->get_data(); $this->assertArrayHasKey('message', $data); $this->assertNotEmpty($data['message']); $meta = get_post_meta($post_id, 'testkey', false); $this->assertEmpty($meta); }