function mw_editPost($args) { global $wpdb, $post_default_category; $this->escape($args); $post_ID = (int) $args[0]; $user_login = $args[1]; $user_pass = $args[2]; $content_struct = $args[3]; $publish = $args[4]; if (!$this->login_pass_ok($user_login, $user_pass)) { return $this->error; } $user = set_current_user(0, $user_login); $cap = $publish ? 'publish_posts' : 'edit_posts'; $error_message = __('Sorry, you are not allowed to publish posts on this blog.'); $post_type = 'post'; if (!empty($content_struct['post_type'])) { if ($content_struct['post_type'] == 'page') { $cap = $publish ? 'publish_pages' : 'edit_pages'; $error_message = __('Sorry, you are not allowed to publish pages on this blog.'); $post_type = 'page'; } elseif ($content_type['post_type'] == 'post') { // This is the default, no changes needed } else { // No other post_type values are allowed here return new IXR_Error(401, __('Invalid post type.')); } } if (!current_user_can($cap)) { return new IXR_Error(401, $error_message); } $postdata = wp_get_single_post($post_ID, ARRAY_A); // If there is no post data for the give post id, stop // now and return an error. Other wise a new post will be // created (which was the old behavior). if (empty($postdata["ID"])) { return new IXR_Error(404, __("Invalid post id.")); } $this->escape($postdata); extract($postdata, EXTR_SKIP); // Let WordPress manage slug if none was provided. $post_name = ""; if (isset($content_struct["wp_slug"])) { $post_name = $content_struct["wp_slug"]; } // Only use a password if one was given. if (isset($content_struct["wp_password"])) { $post_password = $content_struct["wp_password"]; } // Only set a post parent if one was given. if (isset($content_struct["wp_page_parent_id"])) { $post_parent = $content_struct["wp_page_parent_id"]; } // Only set the menu_order if it was given. if (isset($content_struct["wp_page_order"])) { $menu_order = $content_struct["wp_page_order"]; } $post_author = $postdata["post_author"]; // Only set the post_author if one is set. if (isset($content_struct["wp_author_id"]) && $user->ID != $content_struct["wp_author_id"]) { switch ($post_type) { case "post": if (!current_user_can("edit_others_posts")) { return new IXR_Error(401, __("You are not allowed to change the post author as this user.")); } break; case "page": if (!current_user_can("edit_others_pages")) { return new IXR_Error(401, __("You are not allowed to change the page author as this user.")); } break; default: return new IXR_Error(401, __("Invalid post type.")); break; } $post_author = $content_struct["wp_author_id"]; } if (isset($content_struct["mt_allow_comments"])) { if (!is_numeric($content_struct["mt_allow_comments"])) { switch ($content_struct["mt_allow_comments"]) { case "closed": $comment_status = "closed"; break; case "open": $comment_status = "open"; break; default: $comment_status = get_option("default_comment_status"); break; } } else { switch ((int) $content_struct["mt_allow_comments"]) { case 0: $comment_status = "closed"; break; case 1: $comment_status = "open"; break; default: $comment_status = get_option("default_comment_status"); break; } } } if (isset($content_struct["mt_allow_pings"])) { if (!is_numeric($content_struct["mt_allow_pings"])) { switch ($content_struct["mt_allow_pings"]) { case "closed": $ping_status = "closed"; break; case "open": $ping_status = "open"; break; default: $ping_status = get_option("default_ping_status"); break; } } else { switch ((int) $content_struct["mt_allow_pings"]) { case 0: $ping_status = "closed"; break; case 1: $ping_status = "open"; break; default: $ping_status = get_option("default_ping_status"); break; } } } $post_title = $content_struct['title']; $post_content = apply_filters('content_save_pre', $content_struct['description']); $catnames = $content_struct['categories']; $post_category = array(); if (is_array($catnames)) { foreach ($catnames as $cat) { $post_category[] = get_cat_ID($cat); } } $post_excerpt = $content_struct['mt_excerpt']; $post_more = $content_struct['mt_text_more']; $post_status = $publish ? 'publish' : 'draft'; $tags_input = $content_struct['mt_keywords']; if ('publish' == $post_status) { if ('page' == $post_type && !current_user_can('publish_pages')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); } else { if (!current_user_can('publish_posts')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); } } } if ($post_more) { $post_content = $post_content . "\n<!--more-->\n" . $post_more; } $to_ping = $content_struct['mt_tb_ping_urls']; if (is_array($to_ping)) { $to_ping = implode(' ', $to_ping); } // Do some timestamp voodoo $dateCreatedd = $content_struct['dateCreated']; if (!empty($dateCreatedd)) { $dateCreated = $dateCreatedd->getIso(); $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $post_date_gmt = iso8601_to_datetime($dateCreated . "Z", GMT); } else { $post_date = $postdata['post_date']; $post_date_gmt = $postdata['post_date_gmt']; } // We've got all the data -- post it: $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input'); $result = wp_update_post($newpost); if (!$result) { return new IXR_Error(500, __('Sorry, your entry could not be edited. Something wrong happened.')); } $this->attach_uploads($ID, $post_content); logIO('O', "(MW) Edited ! ID: {$post_ID}"); return true; }
function mw_editPost($args) { global $wpdb, $post_default_category; $this->escape($args); $post_ID = $args[0]; $user_login = $args[1]; $user_pass = $args[2]; $content_struct = $args[3]; $publish = $args[4]; if (!$this->login_pass_ok($user_login, $user_pass)) { return $this->error; } set_current_user(0, $user_login); if ( !current_user_can('edit_post', $post_ID) ) return new IXR_Error(401, 'Sorry, you can not edit this post.'); $postdata = wp_get_single_post($post_ID, ARRAY_A); extract($postdata); $this->escape($postdata); $post_title = $content_struct['title']; $post_content = apply_filters( 'content_save_pre', $content_struct['description'] ); $catnames = $content_struct['categories']; $post_category = array(); if (is_array($catnames)) { foreach ($catnames as $cat) { $post_category[] = get_cat_ID($cat); } } $post_excerpt = $content_struct['mt_excerpt']; $post_more = $content_struct['mt_text_more']; $post_status = $publish ? 'publish' : 'draft'; if ($post_more) { $post_content = $post_content . "\n<!--more-->\n" . $post_more; } $to_ping = $content_struct['mt_tb_ping_urls']; if ( is_array($to_ping) ) $to_ping = implode(' ', $to_ping); $comment_status = (empty($content_struct['mt_allow_comments'])) ? get_option('default_comment_status') : $content_struct['mt_allow_comments']; $ping_status = (empty($content_struct['mt_allow_pings'])) ? get_option('default_ping_status') : $content_struct['mt_allow_pings']; // Do some timestamp voodoo $dateCreatedd = $content_struct['dateCreated']; if (!empty($dateCreatedd)) { $dateCreated = $dateCreatedd->getIso(); $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $post_date_gmt = iso8601_to_datetime($dateCreated, GMT); } else { $post_date = $postdata['post_date']; $post_date_gmt = $postdata['post_date_gmt']; } // We've got all the data -- post it: $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping'); $result = wp_update_post($newpost); if (!$result) { return new IXR_Error(500, 'Sorry, your entry could not be edited. Something wrong happened.'); } $this->attach_uploads( $ID, $post_content ); logIO('O',"(MW) Edited ! ID: $post_ID"); return true; }
/** * Edit a post. * * @since 1.5.0 * * @param array $args Method parameters. * @return bool|IXR_Error True on success. */ public function mw_editPost($args) { $this->escape($args); $post_ID = (int) $args[0]; $username = $args[1]; $password = $args[2]; $content_struct = $args[3]; $publish = isset($args[4]) ? $args[4] : 0; if (!($user = $this->login($username, $password))) { return $this->error; } /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ do_action('xmlrpc_call', 'metaWeblog.editPost'); $postdata = get_post($post_ID, ARRAY_A); // If there is no post data for the give post id, stop // now and return an error. Other wise a new post will be // created (which was the old behavior). if (!$postdata || empty($postdata['ID'])) { return new IXR_Error(404, __('Invalid post ID.')); } if (!current_user_can('edit_post', $post_ID)) { return new IXR_Error(401, __('Sorry, you do not have the right to edit this post.')); } // Use wp.editPost to edit post types other than post and page. if (!in_array($postdata['post_type'], array('post', 'page'))) { return new IXR_Error(401, __('Invalid post type')); } // Thwart attempt to change the post type. if (!empty($content_struct['post_type']) && $content_struct['post_type'] != $postdata['post_type']) { return new IXR_Error(401, __('The post type may not be changed.')); } // Check for a valid post format if one was given if (isset($content_struct['wp_post_format'])) { $content_struct['wp_post_format'] = sanitize_key($content_struct['wp_post_format']); if (!array_key_exists($content_struct['wp_post_format'], get_post_format_strings())) { return new IXR_Error(404, __('Invalid post format')); } } $this->escape($postdata); $ID = $postdata['ID']; $post_content = $postdata['post_content']; $post_title = $postdata['post_title']; $post_excerpt = $postdata['post_excerpt']; $post_password = $postdata['post_password']; $post_parent = $postdata['post_parent']; $post_type = $postdata['post_type']; $menu_order = $postdata['menu_order']; // Let WordPress manage slug if none was provided. $post_name = ""; $post_name = $postdata['post_name']; if (isset($content_struct['wp_slug'])) { $post_name = $content_struct['wp_slug']; } // Only use a password if one was given. if (isset($content_struct['wp_password'])) { $post_password = $content_struct['wp_password']; } // Only set a post parent if one was given. if (isset($content_struct['wp_page_parent_id'])) { $post_parent = $content_struct['wp_page_parent_id']; } // Only set the menu_order if it was given. if (isset($content_struct['wp_page_order'])) { $menu_order = $content_struct['wp_page_order']; } $page_template = null; if (!empty($content_struct['wp_page_template']) && 'page' == $post_type) { $page_template = $content_struct['wp_page_template']; } $post_author = $postdata['post_author']; // Only set the post_author if one is set. if (isset($content_struct['wp_author_id']) && $user->ID != $content_struct['wp_author_id']) { switch ($post_type) { case 'post': if (!current_user_can('edit_others_posts')) { return new IXR_Error(401, __('You are not allowed to change the post author as this user.')); } break; case 'page': if (!current_user_can('edit_others_pages')) { return new IXR_Error(401, __('You are not allowed to change the page author as this user.')); } break; default: return new IXR_Error(401, __('Invalid post type')); break; } $post_author = $content_struct['wp_author_id']; } if (isset($content_struct['mt_allow_comments'])) { if (!is_numeric($content_struct['mt_allow_comments'])) { switch ($content_struct['mt_allow_comments']) { case 'closed': $comment_status = 'closed'; break; case 'open': $comment_status = 'open'; break; default: $comment_status = get_option('default_comment_status'); break; } } else { switch ((int) $content_struct['mt_allow_comments']) { case 0: case 2: $comment_status = 'closed'; break; case 1: $comment_status = 'open'; break; default: $comment_status = get_option('default_comment_status'); break; } } } if (isset($content_struct['mt_allow_pings'])) { if (!is_numeric($content_struct['mt_allow_pings'])) { switch ($content_struct['mt_allow_pings']) { case 'closed': $ping_status = 'closed'; break; case 'open': $ping_status = 'open'; break; default: $ping_status = get_option('default_ping_status'); break; } } else { switch ((int) $content_struct["mt_allow_pings"]) { case 0: $ping_status = 'closed'; break; case 1: $ping_status = 'open'; break; default: $ping_status = get_option('default_ping_status'); break; } } } if (isset($content_struct['title'])) { $post_title = $content_struct['title']; } if (isset($content_struct['description'])) { $post_content = $content_struct['description']; } $post_category = array(); if (isset($content_struct['categories'])) { $catnames = $content_struct['categories']; if (is_array($catnames)) { foreach ($catnames as $cat) { $post_category[] = get_cat_ID($cat); } } } if (isset($content_struct['mt_excerpt'])) { $post_excerpt = $content_struct['mt_excerpt']; } $post_more = isset($content_struct['mt_text_more']) ? $content_struct['mt_text_more'] : null; $post_status = $publish ? 'publish' : 'draft'; if (isset($content_struct["{$post_type}_status"])) { switch ($content_struct["{$post_type}_status"]) { case 'draft': case 'pending': case 'private': case 'publish': $post_status = $content_struct["{$post_type}_status"]; break; default: $post_status = $publish ? 'publish' : 'draft'; break; } } $tags_input = isset($content_struct['mt_keywords']) ? $content_struct['mt_keywords'] : null; if ('publish' == $post_status) { if ('page' == $post_type && !current_user_can('publish_pages')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); } else { if (!current_user_can('publish_posts')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); } } } if ($post_more) { $post_content = $post_content . "<!--more-->" . $post_more; } $to_ping = null; if (isset($content_struct['mt_tb_ping_urls'])) { $to_ping = $content_struct['mt_tb_ping_urls']; if (is_array($to_ping)) { $to_ping = implode(' ', $to_ping); } } // Do some timestamp voodoo if (!empty($content_struct['date_created_gmt'])) { // We know this is supposed to be GMT, so we're going to slap that Z on there by force $dateCreated = rtrim($content_struct['date_created_gmt']->getIso(), 'Z') . 'Z'; } elseif (!empty($content_struct['dateCreated'])) { $dateCreated = $content_struct['dateCreated']->getIso(); } if (!empty($dateCreated)) { $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $post_date_gmt = iso8601_to_datetime($dateCreated, 'GMT'); } else { $post_date = $postdata['post_date']; $post_date_gmt = $postdata['post_date_gmt']; } // We've got all the data -- post it: $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input', 'page_template'); $result = wp_update_post($newpost, true); if (is_wp_error($result)) { return new IXR_Error(500, $result->get_error_message()); } if (!$result) { return new IXR_Error(500, __('Sorry, your entry could not be edited. Something wrong happened.')); } // Only posts can be sticky if ($post_type == 'post' && isset($content_struct['sticky'])) { if ($content_struct['sticky'] == true) { stick_post($post_ID); } elseif ($content_struct['sticky'] == false) { unstick_post($post_ID); } } if (isset($content_struct['custom_fields'])) { $this->set_custom_fields($post_ID, $content_struct['custom_fields']); } if (isset($content_struct['wp_post_thumbnail'])) { // empty value deletes, non-empty value adds/updates if (empty($content_struct['wp_post_thumbnail'])) { delete_post_thumbnail($post_ID); } else { if (set_post_thumbnail($post_ID, $content_struct['wp_post_thumbnail']) === false) { return new IXR_Error(404, __('Invalid attachment ID.')); } } unset($content_struct['wp_post_thumbnail']); } // Handle enclosures $thisEnclosure = isset($content_struct['enclosure']) ? $content_struct['enclosure'] : null; $this->add_enclosure_if_new($post_ID, $thisEnclosure); $this->attach_uploads($ID, $post_content); // Handle post formats if assigned, validation is handled // earlier in this function if (isset($content_struct['wp_post_format'])) { set_post_format($post_ID, $content_struct['wp_post_format']); } /** * Fires after a post has been successfully updated via the XML-RPC MovableType API. * * @since 3.4.0 * * @param int $post_ID ID of the updated post. * @param array $args An array of arguments to update the post. */ do_action('xmlrpc_call_success_mw_editPost', $post_ID, $args); return true; }
/** * Remap Facebook comment fields to WordPress comment object. * * @since 1.1 * * @param array $comment comment array returned from Facebook Graph API * @param int $post_id optional. sets comment_post_ID if present * @return stdClass WordPress style comment object */ public static function to_wp_comment($comment, $post_id = 0) { if (!(is_array($comment) && !empty($comment))) { return ''; } $wp_comment = new stdClass(); $wp_comment->comment_approved = 1; // FB comments map best to pre-approved WP comment $wp_comment->comment_type = ''; // not a pingback or a trackback $wp_comment->user_id = 0; // not a WP user if (is_int($post_id) && $post_id) { $wp_comment->comment_post_ID = $post_id; } $wp_comment->comment_ID = $comment['id']; $wp_comment->comment_date = iso8601_to_datetime($comment['created_time']); $wp_comment->comment_date_gmt = iso8601_to_datetime($comment['created_time'], 'gmt'); $wp_comment->comment_content = $comment['message']; if (is_array($comment['from'])) { if (isset($comment['from']['name'])) { $wp_comment->comment_author = $comment['from']['name']; } if (isset($comment['from']['id'])) { $wp_comment->comment_author_url = 'https://www.facebook.com/profile.php?' . http_build_query(array('id' => $comment['from']['id'])); } } return $wp_comment; }
/** * Decode the dateCreated * * @param struct * @return string MYSQL date */ function _mw_decode_date($contentstruct) { global $Settings; $postdate = NULL; if (!empty($contentstruct['date_created_gmt'])) { $postdate = iso8601_to_datetime($contentstruct['date_created_gmt']); // Add time difference to GMT date $postdate = date('Y-m-d H:i:s', mysql2timestamp($postdate, true) + $Settings->get('time_difference')); logIO('Using contentstruct date_created_gmt: ' . $postdate); } if (empty($postdate) && !empty($contentstruct['dateCreated'])) { $postdate = $contentstruct['dateCreated']; if (strpos($postdate, 'T') > 0) { // Date is in ISO 8601 format $postdate = iso8601_to_datetime($postdate); } logIO('Using contentstruct dateCreated: ' . $postdate); } return $postdate; }
/** * Creates posts from write.skyword.com */ public function skyword_post($args) { global $coauthors_plus; $login = $this->login($args); if ('success' == $login['status']) { $data = $args[3]; if (null != $data['publication-date']) { $dateCreated = $data['publication-date']->getIso(); $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); } else { $post_date = current_time('mysql'); } if (null != $data['publication-state']) { $state = $data['publication-state']; } else { $state = "draft"; } $categories = $data['categories']; $post_category = array(); foreach ($categories as $category) { $categoryId = (int) $category['id']; if ($categoryId != null && $categoryId != 0) { $post_category[] = $category['id']; } } $data['post-id'] = $this->check_content_exists($data['skyword_content_id'], $data['post-type']); $new_post = array('post_status' => $state, 'post_date' => $post_date, 'post_excerpt' => $data['excerpt'], 'post_type' => $data['post-type'], 'comment_status' => 'open', 'post_category' => $post_category); if (null != $data['title']) { $new_post['post_title'] = $data['title']; } if (null != $data['description']) { $new_post['post_content'] = addslashes($data['description']); } if (null != $data['slug']) { $new_post['post_name'] = $data['slug']; } if (null != $data['post-id']) { $new_post['ID'] = $data['post-id']; } if (null != $data['user-id'] && is_numeric(trim($data['user-id']))) { $new_post['post_author'] = $data['user-id']; } $post_id = wp_insert_post($new_post); $utf8string = html_entity_decode($data['tags-input']); wp_set_post_tags($post_id, $utf8string, false); //attach attachments to new post; $this->attach_attachments($post_id, $data); //add content template/attachment information as meta $this->create_custom_fields($post_id, $data); $this->update_custom_field($post_id, 'skyword_tracking_tag', $data['tracking']); $this->update_custom_field($post_id, 'skyword_seo_title', $data['metatitle']); $this->update_custom_field($post_id, 'skyword_metadescription', $data['metadescription']); $this->update_custom_field($post_id, 'skyword_keyword', $data['metakeyword']); $this->update_custom_field($post_id, '_yoast_wpseo_title', $data['metatitle']); $this->update_custom_field($post_id, '_yoast_wpseo_metadesc', $data['metadescription']); $this->update_custom_field($post_id, '_yoast_wpseo_focuskw', $data['keyword']); $this->update_custom_field($post_id, 'skyword_content_id', $data['skyword_content_id']); //add custom taxonomy values foreach ($data["taxonomies"] as $taxonomy) { wp_set_post_terms($post_id, $taxonomy['values'], $taxonomy['name'], true); } if (null != $data['gmwlocation_wppl_street']) { global $wpdb; $wpdb->replace($wpdb->prefix . 'places_locator', array('post_id' => $post_id, 'feature' => 0, 'post_type' => $data['post-type'], 'post_title' => $data['title'], 'post_status' => $state, 'street' => $data['gmwlocation_wppl_street'], 'city' => $data['gmwlocation_wppl_city'], 'state' => $data['gmwlocation_wppl_state'], 'zipcode' => $data['gmwlocation_wppl_zipcode'], 'lat' => $data['gmwlocation_wppl_lat'], 'long' => $data['gmwlocation_wppl_long'])); $this->update_custom_field($post_id, '_wppl_street', $data['gmwlocation_wppl_street']); $this->update_custom_field($post_id, '_wppl_city', $data['gmwlocation_wppl_city']); $this->update_custom_field($post_id, '_wppl_state', $data['gmwlocation_wppl_state']); $this->update_custom_field($post_id, '_wppl_zipcode', $data['gmwlocation_wppl_zipcode']); $this->update_custom_field($post_id, '_wppl_lat', $data['gmwlocation_wppl_lat']); $this->update_custom_field($post_id, '_wppl_long', $data['gmwlocation_wppl_long']); $this->update_custom_field($post_id, '_wppl_phone', $data['gmwlocation_wppl_phone']); } //Create sitemap information if ('news' == $data['publication-type']) { $this->update_custom_field($post_id, 'skyword_publication_type', 'news'); if (null != $data['publication-access']) { $this->update_custom_field($post_id, 'skyword_publication_access', $data['publication-access']); } if (null != $data['publication-name']) { $this->update_custom_field($post_id, 'skyword_publication_name', $data['publication-name']); } if (null != $data['publication-geolocation']) { $this->update_custom_field($post_id, 'skyword_geolocation', $data['publication-geolocation']); } if (null != $data['publication-keywords']) { $this->update_custom_field($post_id, 'skyword_tags', $data['publication-keywords']); } if (null != $data['publication-stocktickers']) { $this->update_custom_field($post_id, 'skyword_stocktickers', $data['publication-stocktickers']); } } else { $this->update_custom_field($post_id, 'skyword_publication_type', 'evergreen'); } if (null != $coauthors_plus) { if (!is_numeric($data['user-id'])) { $data['user-id'] = str_replace('guest-', '', $data['user-id']); $author = $coauthors_plus->guest_authors->get_guest_author_by('ID', $data['user-id']); $author_term = $coauthors_plus->update_author_term($author); wp_set_post_terms($post_id, $author_term->slug, $coauthors_plus->coauthor_taxonomy, true); } } return strval($post_id); } else { return $login['message']; } }
/** * Edit a post. * * @since 1.5.0 * * @param array $args Method parameters. * @return bool True on success. */ function mw_editPost($args) { $this->escape($args); $post_ID = (int) $args[0]; $username = $args[1]; $password = $args[2]; $content_struct = $args[3]; $publish = $args[4]; if (!($user = $this->login($username, $password))) { return $this->error; } do_action('xmlrpc_call', 'metaWeblog.editPost'); $cap = $publish ? 'publish_posts' : 'edit_posts'; $error_message = __('Sorry, you are not allowed to publish posts on this site.'); $post_type = 'post'; $page_template = ''; if (!empty($content_struct['post_type'])) { if ($content_struct['post_type'] == 'page') { if ($publish || 'publish' == $content_struct['page_status']) { $cap = 'publish_pages'; } else { $cap = 'edit_pages'; } $error_message = __('Sorry, you are not allowed to publish pages on this site.'); $post_type = 'page'; if (!empty($content_struct['wp_page_template'])) { $page_template = $content_struct['wp_page_template']; } } elseif ($content_struct['post_type'] == 'post') { if ($publish || 'publish' == $content_struct['post_status']) { $cap = 'publish_posts'; } else { $cap = 'edit_posts'; } $error_message = __('Sorry, you are not allowed to publish posts on this site.'); $post_type = 'post'; } else { // No other post_type values are allowed here return new IXR_Error(401, __('Invalid post type.')); } } else { if ($publish || 'publish' == $content_struct['post_status']) { $cap = 'publish_posts'; } else { $cap = 'edit_posts'; } $error_message = __('Sorry, you are not allowed to publish posts on this site.'); $post_type = 'post'; } if (!current_user_can($cap)) { return new IXR_Error(401, $error_message); } // Check for a valid post format if one was given if (isset($content_struct['wp_post_format'])) { $content_struct['wp_post_format'] = sanitize_key($content_struct['wp_post_format']); if (!array_key_exists($content_struct['wp_post_format'], get_post_format_strings())) { return new IXR_Error(404, __('Invalid post format')); } } $postdata = wp_get_single_post($post_ID, ARRAY_A); // If there is no post data for the give post id, stop // now and return an error. Other wise a new post will be // created (which was the old behavior). if (empty($postdata["ID"])) { return new IXR_Error(404, __('Invalid post ID.')); } $this->escape($postdata); extract($postdata, EXTR_SKIP); // Let WordPress manage slug if none was provided. $post_name = ""; $post_name = $postdata['post_name']; if (isset($content_struct['wp_slug'])) { $post_name = $content_struct['wp_slug']; } // Only use a password if one was given. if (isset($content_struct['wp_password'])) { $post_password = $content_struct['wp_password']; } // Only set a post parent if one was given. if (isset($content_struct['wp_page_parent_id'])) { $post_parent = $content_struct['wp_page_parent_id']; } // Only set the menu_order if it was given. if (isset($content_struct['wp_page_order'])) { $menu_order = $content_struct['wp_page_order']; } $post_author = $postdata['post_author']; // Only set the post_author if one is set. if (isset($content_struct['wp_author_id']) && $user->ID != $content_struct['wp_author_id']) { switch ($post_type) { case 'post': if (!current_user_can('edit_others_posts')) { return new IXR_Error(401, __('You are not allowed to change the post author as this user.')); } break; case 'page': if (!current_user_can('edit_others_pages')) { return new IXR_Error(401, __('You are not allowed to change the page author as this user.')); } break; default: return new IXR_Error(401, __('Invalid post type.')); break; } $post_author = $content_struct['wp_author_id']; } if (isset($content_struct['mt_allow_comments'])) { if (!is_numeric($content_struct['mt_allow_comments'])) { switch ($content_struct['mt_allow_comments']) { case 'closed': $comment_status = 'closed'; break; case 'open': $comment_status = 'open'; break; default: $comment_status = get_option('default_comment_status'); break; } } else { switch ((int) $content_struct['mt_allow_comments']) { case 0: case 2: $comment_status = 'closed'; break; case 1: $comment_status = 'open'; break; default: $comment_status = get_option('default_comment_status'); break; } } } if (isset($content_struct['mt_allow_pings'])) { if (!is_numeric($content_struct['mt_allow_pings'])) { switch ($content_struct['mt_allow_pings']) { case 'closed': $ping_status = 'closed'; break; case 'open': $ping_status = 'open'; break; default: $ping_status = get_option('default_ping_status'); break; } } else { switch ((int) $content_struct["mt_allow_pings"]) { case 0: $ping_status = 'closed'; break; case 1: $ping_status = 'open'; break; default: $ping_status = get_option('default_ping_status'); break; } } } $post_title = isset($content_struct['title']) ? $content_struct['title'] : null; $post_content = isset($content_struct['description']) ? $content_struct['description'] : null; $post_category = array(); if (isset($content_struct['categories'])) { $catnames = $content_struct['categories']; if (is_array($catnames)) { foreach ($catnames as $cat) { $post_category[] = get_cat_ID($cat); } } } $post_excerpt = isset($content_struct['mt_excerpt']) ? $content_struct['mt_excerpt'] : null; $post_more = isset($content_struct['mt_text_more']) ? $content_struct['mt_text_more'] : null; $post_status = $publish ? 'publish' : 'draft'; if (isset($content_struct["{$post_type}_status"])) { switch ($content_struct["{$post_type}_status"]) { case 'draft': case 'pending': case 'private': case 'publish': $post_status = $content_struct["{$post_type}_status"]; break; default: $post_status = $publish ? 'publish' : 'draft'; break; } } $tags_input = isset($content_struct['mt_keywords']) ? $content_struct['mt_keywords'] : null; if ('publish' == $post_status) { if ('page' == $post_type && !current_user_can('publish_pages')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); } else { if (!current_user_can('publish_posts')) { return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); } } } if ($post_more) { $post_content = $post_content . "<!--more-->" . $post_more; } $to_ping = null; if (isset($content_struct['mt_tb_ping_urls'])) { $to_ping = $content_struct['mt_tb_ping_urls']; if (is_array($to_ping)) { $to_ping = implode(' ', $to_ping); } } // Do some timestamp voodoo if (!empty($content_struct['date_created_gmt'])) { $dateCreated = str_replace('Z', '', $content_struct['date_created_gmt']->getIso()) . 'Z'; } elseif (!empty($content_struct['dateCreated'])) { $dateCreated = $content_struct['dateCreated']->getIso(); } if (!empty($dateCreated)) { $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $post_date_gmt = iso8601_to_datetime($dateCreated, 'GMT'); } else { $post_date = $postdata['post_date']; $post_date_gmt = $postdata['post_date_gmt']; } // We've got all the data -- post it: $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input', 'page_template'); $result = wp_update_post($newpost, true); if (is_wp_error($result)) { return new IXR_Error(500, $result->get_error_message()); } if (!$result) { return new IXR_Error(500, __('Sorry, your entry could not be edited. Something wrong happened.')); } // Only posts can be sticky if ($post_type == 'post' && isset($content_struct['sticky'])) { if ($content_struct['sticky'] == true) { stick_post($post_ID); } elseif ($content_struct['sticky'] == false) { unstick_post($post_ID); } } if (isset($content_struct['custom_fields'])) { $this->set_custom_fields($post_ID, $content_struct['custom_fields']); } // Handle enclosures $thisEnclosure = isset($content_struct['enclosure']) ? $content_struct['enclosure'] : null; $this->add_enclosure_if_new($post_ID, $thisEnclosure); $this->attach_uploads($ID, $post_content); // Handle post formats if assigned, validation is handled // earlier in this function if (isset($content_struct['wp_post_format'])) { wp_set_post_terms($post_ID, array('post-format-' . $content_struct['wp_post_format']), 'post_format'); } logIO('O', "(MW) Edited ! ID: {$post_ID}"); return true; }
/** * Creates posts from write.skyword.com */ public function skyword_post($args) { global $coauthors_plus; $login = $this->login($args); if ('success' == $login['status']) { $data = $args[3]; if (null != $data['publication-date']) { $dateCreated = $data['publication-date']->getIso(); $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); } else { $post_date = current_time('mysql'); } if (null != $data['publication-state']) { $state = sanitize_text_field($data['publication-state']); } else { $state = "draft"; } $categories = $data['categories']; $post_category = array(); foreach ($categories as $category) { $categoryId = (int) $category['id']; if ($categoryId != null && $categoryId != 0) { $post_category[] = $category['id']; } } $data['post-id'] = $this->check_content_exists($data['skyword_content_id'], $data['post-type']); $new_post = array('post_status' => $state, 'post_date' => $post_date, 'post_excerpt' => wp_kses_post($data['excerpt']), 'post_type' => sanitize_text_field($data['post-type']), 'comment_status' => 'open', 'post_category' => $post_category); if (null != $data['title']) { $new_post['post_title'] = wp_kses_post($data['title']); } if (null != $data['description']) { $new_post['post_content'] = wp_kses_post($data['description']); } if (null != $data['slug']) { $new_post['post_name'] = sanitize_text_field($data['slug']); } if (null != $data['post-id']) { $new_post['ID'] = (int) $data['post-id']; } if (null != $data['user-id'] && is_numeric(trim($data['user-id']))) { $new_post['post_author'] = $data['user-id']; } $post_id = wp_insert_post($new_post); $utf8string = html_entity_decode($data['tags-input']); wp_set_post_tags($post_id, $utf8string, false); //attach attachments to new post; $this->attach_attachments($post_id, $data); //add content template/attachment information as meta $this->create_custom_fields($post_id, $data); $this->update_custom_field($post_id, 'skyword_tracking_tag', $data['tracking']); $this->update_custom_field($post_id, 'skyword_seo_title', wp_kses_post($data['metatitle'])); $this->update_custom_field($post_id, 'skyword_metadescription', wp_kses_post($data['metadescription'])); $this->update_custom_field($post_id, 'skyword_keyword', wp_kses_post($data['metakeyword'])); $this->update_custom_field($post_id, 'skyword_content_id', wp_kses_post($data['skyword_content_id'])); //add custom taxonomy values foreach ($data["taxonomies"] as $taxonomy) { wp_set_post_terms($post_id, $taxonomy['values'], $taxonomy['name'], true); } //Create sitemap information //@todo the input below should be sanitized before being inserted into the DB. if ('news' == $data['publication-type']) { $this->update_custom_field($post_id, 'skyword_publication_type', 'news'); if (null != $data['publication-access']) { $this->update_custom_field($post_id, 'skyword_publication_access', wp_kses_post(['publication-access'])); } if (null != $data['publication-name']) { $this->update_custom_field($post_id, 'skyword_publication_name', wp_kses_post($data['publication-name'])); } if (null != $data['publication-geolocation']) { $this->update_custom_field($post_id, 'skyword_geolocation', wp_kses_post($data['publication-geolocation'])); } if (null != $data['publication-keywords']) { $this->update_custom_field($post_id, 'skyword_tags', wp_kses_post($data['publication-keywords'])); } if (null != $data['publication-stocktickers']) { $this->update_custom_field($post_id, 'skyword_stocktickers', wp_kses_post($data['publication-stocktickers'])); } } else { $this->update_custom_field($post_id, 'skyword_publication_type', 'evergreen'); } if (null != $coauthors_plus) { if (!is_numeric(trim($data['user-id']))) { $data['user-id'] = str_replace('guest-', '', $data['user-id']); $author = $coauthors_plus->guest_authors->get_guest_author_by('ID', $data['user-id']); $author_term = $coauthors_plus->update_author_term($author); wp_set_post_terms($post_id, $author_term->slug, $coauthors_plus->coauthor_taxonomy, true); } } return esc_html(strval($post_id)); } else { return esc_html($login['message']); } }
/** * Edit comment. * * Besides the common blog_id (unused), username, and password arguments, it takes a * comment_id integer and a content_struct array as last argument. * * The allowed keys in the content_struct array are: * - 'author' * - 'author_url' * - 'author_email' * - 'content' * - 'date_created_gmt' * - 'status'. Common statuses are 'approve', 'hold', 'spam'. See get_comment_statuses() for more details * * @since 2.7.0 * * @param array $args { * Method arguments. Note: arguments must be ordered as documented. * * @type int $blog_id (unused) * @type string $username * @type string $password * @type int $comment_ID * @type array $content_struct * } * @return true|IXR_Error True, on success. */ public function wp_editComment($args) { $this->escape($args); $username = $args[1]; $password = $args[2]; $comment_ID = (int) $args[3]; $content_struct = $args[4]; if (!($user = $this->login($username, $password))) { return $this->error; } if (!get_comment($comment_ID)) { return new IXR_Error(404, __('Invalid comment ID.')); } if (!current_user_can('edit_comment', $comment_ID)) { return new IXR_Error(403, __('You are not allowed to moderate or edit this comment.')); } /** This action is documented in wp-includes/class-wp-xmlrpc-server.php */ do_action('xmlrpc_call', 'wp.editComment'); if (isset($content_struct['status'])) { $statuses = get_comment_statuses(); $statuses = array_keys($statuses); if (!in_array($content_struct['status'], $statuses)) { return new IXR_Error(401, __('Invalid comment status.')); } $comment_approved = $content_struct['status']; } // Do some timestamp voodoo if (!empty($content_struct['date_created_gmt'])) { // We know this is supposed to be GMT, so we're going to slap that Z on there by force $dateCreated = rtrim($content_struct['date_created_gmt']->getIso(), 'Z') . 'Z'; $comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT'); } if (isset($content_struct['content'])) { $comment_content = $content_struct['content']; } if (isset($content_struct['author'])) { $comment_author = $content_struct['author']; } if (isset($content_struct['author_url'])) { $comment_author_url = $content_struct['author_url']; } if (isset($content_struct['author_email'])) { $comment_author_email = $content_struct['author_email']; } // We've got all the data -- post it: $comment = compact('comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url'); $result = wp_update_comment($comment); if (is_wp_error($result)) { return new IXR_Error(500, $result->get_error_message()); } if (!$result) { return new IXR_Error(500, __('Sorry, the comment could not be edited. Something wrong happened.')); } /** * Fires after a comment has been successfully updated via XML-RPC. * * @since 3.4.0 * * @param int $comment_ID ID of the updated comment. * @param array $args An array of arguments to update the comment. */ do_action('xmlrpc_call_success_wp_editComment', $comment_ID, $args); return true; }
/** * Edit a post. * * @since 1.5.0 * * @param array $args Method parameters. * @return bool True on success. */ function mw_editPost($args) { $this->escape($args); $post_ID = (int) $args[0]; $username = $args[1]; $password = $args[2]; $content_struct = $args[3]; $publish = $args[4]; if ( !$user = $this->login($username, $password) ) { return $this->error; } do_action('xmlrpc_call', 'metaWeblog.editPost'); $cap = ( $publish ) ? 'publish_posts' : 'edit_posts'; $error_message = __( 'Sorry, you are not allowed to publish posts on this blog.' ); $post_type = 'post'; $page_template = ''; if( !empty( $content_struct['post_type'] ) ) { if( $content_struct['post_type'] == 'page' ) { $cap = ( $publish ) ? 'publish_pages' : 'edit_pages'; $error_message = __( 'Sorry, you are not allowed to publish pages on this blog.' ); $post_type = 'page'; if( !empty( $content_struct['wp_page_template'] ) ) $page_template = $content_struct['wp_page_template']; } elseif( $content_struct['post_type'] == 'post' ) { // This is the default, no changes needed } else { // No other post_type values are allowed here return new IXR_Error( 401, __( 'Invalid post type.' ) ); } } if( !current_user_can( $cap ) ) { return new IXR_Error( 401, $error_message ); } $postdata = wp_get_single_post($post_ID, ARRAY_A); // If there is no post data for the give post id, stop // now and return an error. Other wise a new post will be // created (which was the old behavior). if(empty($postdata["ID"])) { return(new IXR_Error(404, __("Invalid post ID."))); } $this->escape($postdata); extract($postdata, EXTR_SKIP); // Let WordPress manage slug if none was provided. $post_name = ""; if(isset($content_struct["wp_slug"])) { $post_name = $content_struct["wp_slug"]; } // Only use a password if one was given. if(isset($content_struct["wp_password"])) { $post_password = $content_struct["wp_password"]; } // Only set a post parent if one was given. if(isset($content_struct["wp_page_parent_id"])) { $post_parent = $content_struct["wp_page_parent_id"]; } // Only set the menu_order if it was given. if(isset($content_struct["wp_page_order"])) { $menu_order = $content_struct["wp_page_order"]; } $post_author = $postdata["post_author"]; // Only set the post_author if one is set. if( isset($content_struct["wp_author_id"]) && ($user->ID != $content_struct["wp_author_id"]) ) { switch($post_type) { case "post": if(!current_user_can("edit_others_posts")) { return(new IXR_Error(401, __("You are not allowed to change the post author as this user."))); } break; case "page": if(!current_user_can("edit_others_pages")) { return(new IXR_Error(401, __("You are not allowed to change the page author as this user."))); } break; default: return(new IXR_Error(401, __("Invalid post type."))); break; } $post_author = $content_struct["wp_author_id"]; } if(isset($content_struct["mt_allow_comments"])) { if(!is_numeric($content_struct["mt_allow_comments"])) { switch($content_struct["mt_allow_comments"]) { case "closed": $comment_status = "closed"; break; case "open": $comment_status = "open"; break; default: $comment_status = get_option("default_comment_status"); break; } } else { switch((int) $content_struct["mt_allow_comments"]) { case 0: case 2: $comment_status = "closed"; break; case 1: $comment_status = "open"; break; default: $comment_status = get_option("default_comment_status"); break; } } } if(isset($content_struct["mt_allow_pings"])) { if(!is_numeric($content_struct["mt_allow_pings"])) { switch($content_struct["mt_allow_pings"]) { case "closed": $ping_status = "closed"; break; case "open": $ping_status = "open"; break; default: $ping_status = get_option("default_ping_status"); break; } } else { switch((int) $content_struct["mt_allow_pings"]) { case 0: $ping_status = "closed"; break; case 1: $ping_status = "open"; break; default: $ping_status = get_option("default_ping_status"); break; } } } $post_title = $content_struct['title']; $post_content = apply_filters( 'content_save_pre', $content_struct['description'] ); $catnames = $content_struct['categories']; $post_category = array(); if (is_array($catnames)) { foreach ($catnames as $cat) { $post_category[] = get_cat_ID($cat); } } $post_excerpt = $content_struct['mt_excerpt']; $post_more = $content_struct['mt_text_more']; $post_status = $publish ? 'publish' : 'draft'; if( isset( $content_struct["{$post_type}_status"] ) ) { switch( $content_struct["{$post_type}_status"] ) { case 'draft': case 'private': case 'publish': $post_status = $content_struct["{$post_type}_status"]; break; case 'pending': // Pending is only valid for posts, not pages. if( $post_type === 'post' ) { $post_status = $content_struct["{$post_type}_status"]; } break; default: $post_status = $publish ? 'publish' : 'draft'; break; } } $tags_input = $content_struct['mt_keywords']; if ( ('publish' == $post_status) ) { if ( ( 'page' == $post_type ) && !current_user_can('publish_pages') ) return new IXR_Error(401, __('Sorry, you do not have the right to publish this page.')); else if ( !current_user_can('publish_posts') ) return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.')); } if ($post_more) { $post_content = $post_content . "<!--more-->" . $post_more; } $to_ping = $content_struct['mt_tb_ping_urls']; if ( is_array($to_ping) ) $to_ping = implode(' ', $to_ping); // Do some timestamp voodoo if ( !empty( $content_struct['date_created_gmt'] ) ) $dateCreated = str_replace( 'Z', '', $content_struct['date_created_gmt']->getIso() ) . 'Z'; // We know this is supposed to be GMT, so we're going to slap that Z on there by force elseif ( !empty( $content_struct['dateCreated']) ) $dateCreated = $content_struct['dateCreated']->getIso(); if ( !empty( $dateCreated ) ) { $post_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $post_date_gmt = iso8601_to_datetime($dateCreated, GMT); } else { $post_date = $postdata['post_date']; $post_date_gmt = $postdata['post_date_gmt']; } // We've got all the data -- post it: $newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date', 'post_date_gmt', 'to_ping', 'post_name', 'post_password', 'post_parent', 'menu_order', 'post_author', 'tags_input', 'page_template'); $result = wp_update_post($newpost, true); if ( is_wp_error( $result ) ) return new IXR_Error(500, $result->get_error_message()); if (!$result) { return new IXR_Error(500, __('Sorry, your entry could not be edited. Something wrong happened.')); } // Only posts can be sticky if ( $post_type == 'post' && isset( $content_struct['sticky'] ) ) if ( $content_struct['sticky'] == true ) stick_post( $post_ID ); elseif ( $content_struct['sticky'] == false ) unstick_post( $post_ID ); if ( isset($content_struct['custom_fields']) ) { $this->set_custom_fields($post_ID, $content_struct['custom_fields']); } // Handle enclosures $this->add_enclosure_if_new($post_ID, $content_struct['enclosure']); $this->attach_uploads( $ID, $post_content ); logIO('O',"(MW) Edited ! ID: $post_ID"); return true; }