/** * Called by livepress webservice to create a new live post. * * @param array $args { * An array of arguments. * @param int $blog_id Id of blog to to add post to. * @param string $username Username for action. * @param string $password Livepress generated user access key. * @param array $content_struct Initial post content. * @return Object Post object or false on error. * } */ function livepress_new_live_post($args) { global $wp_xmlrpc_server, $wpdb; $wp_xmlrpc_server->escape($args); $blog_id = (int) $args[0]; $username = $args[1]; $password = $args[2]; $content_struct = $args[3]; // Verify user is authorized if (!($user = _livepress_authenticate($username, $password))) { return false; } // Verify user can edit posts if (!user_can($user, 'edit_posts')) { return false; } unset($content_struct['ID']); $defaults = array('post_status' => 'publish', 'post_type' => 'post', 'post_author' => $user->ID, 'post_title' => $content_struct['title']); $post_data = wp_parse_args($content_struct, $defaults); // Insert the new post $post_id = wp_insert_post($post_data, true); if (is_wp_error($post_id)) { return false; } if (!$post_id) { return false; } $post = get_post($post_id); if (!$post) { return false; } // Set the post live status to live $blogging_tools = new LivePress_Blogging_Tools(); $blogging_tools->set_post_live_status($post_id, true); return $post; }
/** * Uploads a file, following your settings. From WordPress XMLRPC * server - mw_newMediaObject() * * @param array $args Method parameters. * @return array */ function livepress_upload_file($args) { global $wpdb, $wp_xmlrpc_server; $blog_ID = (int) $args[0]; $username = $wp_xmlrpc_server->escape($args[1]); $password = $wp_xmlrpc_server->escape($args[2]); $data = $args[3]; $name = sanitize_file_name($data['name']); $type = $data['type']; $bits = $data['bits']; if (!($user = _livepress_authenticate($username, $password))) { return false; } if (!user_can($user, 'upload_files')) { return false; } /** * Filter whether to preempt the XML-RPC media upload. * * Passing a truthy value will effectively short-circuit the media upload, * returning that value as a 500 error instead. * * @param bool $error Whether to pre-empt the media upload. Default false. */ if ($upload_err = apply_filters('pre_upload_error', false)) { return false; } if (!empty($data['overwrite']) && $data['overwrite'] == true) { // Get postmeta info on the object. $old_file = $wpdb->get_row("\n\t\t\t\tSELECT ID\n\t\t\t\tFROM {$wpdb->posts}\n\t\t\t\tWHERE post_title = '{$name}'\n\t\t\t\t\tAND post_type = 'attachment'\n\t\t\t"); // Delete previous file. wp_delete_attachment($old_file->ID); // Make sure the new name is different by pre-pending the // previous post id. $filename = preg_replace('/^wpid\\d+-/', '', $name); $name = "wpid{$old_file->ID}-{$filename}"; } $upload = wp_upload_bits($name, null, $bits); if (!empty($upload['error'])) { $errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']); return false; } // Construct the attachment array $post_id = 0; if (!empty($data['post_id'])) { $post_id = (int) $data['post_id']; if (!current_user_can('edit_post', $post_id)) { return false; } } $attachment = array('post_title' => $name, 'post_content' => '', 'post_type' => 'attachment', 'post_parent' => $post_id, 'post_mime_type' => $type, 'guid' => $upload['url']); // Save the data $id = wp_insert_attachment($attachment, $upload['file'], $post_id); wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $upload['file'])); $struct = array('id' => strval($id), 'file' => $name, 'url' => $upload['url'], 'type' => $type); /** This filter is documented in wp-admin/includes/file.php */ return apply_filters('wp_handle_upload', $struct, 'upload'); }