/** * Update snapshots via AJAX. */ public function handle_update_snapshot_request() { if (!check_ajax_referer(self::AJAX_ACTION, 'nonce', false)) { status_header(400); wp_send_json_error('bad_nonce'); } elseif (!current_user_can('customize')) { status_header(403); wp_send_json_error('customize_not_allowed'); } elseif (!isset($_SERVER['REQUEST_METHOD']) || 'POST' !== $_SERVER['REQUEST_METHOD']) { // WPCS: input var ok. status_header(405); wp_send_json_error('bad_method'); } elseif (empty($this->current_snapshot_uuid)) { status_header(400); wp_send_json_error('invalid_customize_snapshot_uuid'); } elseif (0 === count($this->customize_manager->unsanitized_post_values())) { status_header(400); wp_send_json_error('missing_snapshot_customized'); } if (isset($_POST['status'])) { // WPCS: input var ok. $status = sanitize_key($_POST['status']); } else { $status = 'draft'; } if (!in_array($status, array('draft', 'pending', 'future'), true)) { status_header(400); wp_send_json_error('bad_status'); } if ('future' === $status && !current_user_can('customize_publish')) { status_header(400); wp_send_json_error('customize_not_allowed'); } $publish_date = isset($_POST['publish_date']) ? $_POST['publish_date'] : ''; if ('future' === $status) { $publish_date_obj = new \DateTime($publish_date); $current_date = new \DateTime(); if (empty($publish_date) || !$publish_date_obj || $publish_date > $current_date) { status_header(400); wp_send_json_error('bad_schedule_time'); } } // Prevent attempting to modify a "locked" snapshot (a published one). $post = $this->snapshot->post(); if ($post && 'publish' === $post->post_status) { wp_send_json_error(array('errors' => array('already_published' => array('message' => __('The snapshot has already published so it is locked.', 'customize-snapshots'))))); } // Set the snapshot UUID. $post_type = get_post_type_object(Post_Type::SLUG); $authorized = $post ? current_user_can($post_type->cap->edit_post, $post->ID) : current_user_can('customize'); if (!$authorized) { status_header(403); wp_send_json_error('unauthorized'); } $data = array('errors' => null); $settings_data = array_map(function ($value) { return compact('value'); }, $this->customize_manager->unsanitized_post_values()); $r = $this->snapshot->set($settings_data); if (method_exists($this->customize_manager, 'prepare_setting_validity_for_js')) { $data['setting_validities'] = array_map(array($this->customize_manager, 'prepare_setting_validity_for_js'), $r['validities']); } if ($r['errors']) { $data['errors'] = $this->prepare_errors_for_response($r['errors']); wp_send_json_error($data); } $args = array('status' => $status); $args['edit_date'] = current_time('mysql'); if (isset($publish_date_obj) && 'future' === $status) { $args['post_date'] = $publish_date_obj->format('Y-m-d H:i:s'); $args['post_date_gmt'] = '0000-00-00 00:00:00'; } else { $args['post_date_gmt'] = $args['post_date'] = '0000-00-00 00:00:00'; } $r = $this->snapshot->save($args); $post = $this->snapshot->post(); if ($post) { $data['edit_link'] = get_edit_post_link($post, 'raw'); $data['snapshot_publish_date'] = $post->post_date; } if (is_wp_error($r)) { $data['errors'] = $this->prepare_errors_for_response($r); wp_send_json_error($data); } wp_send_json_success($data); }
/** * Test set with a non-array param. * * @see Customize_Snapshot::set() * @expectedException Exception */ function test_set_with_non_array_params() { $manager = new Customize_Snapshot_Manager($this->plugin); $manager->ensure_customize_manager(); $manager->init(); $snapshot = new Customize_Snapshot($manager, self::UUID); $snapshot->set(array('foo' => 'bad')); }