/**
* Check that the object can be accessed.
*
* @param mixed $id Object ID
* @return boolean|WP_Error
*/
protected function check_object($id)
{
$id = (int) $id;
$post = get_post($id, ARRAY_A);
if (empty($id) || empty($post['ID'])) {
return new WP_Error('json_post_invalid_id', __('Invalid post ID.'), array('status' => 404));
}
if (!json_check_post_permission($post, 'edit')) {
return new WP_Error('json_cannot_edit', __('Sorry, you cannot edit this post'), array('status' => 403));
}
return true;
}
/**
* Check that the object can be accessed.
*
* @param mixed $id Object ID
* @return boolean|WP_Error
*/
protected function check_object($id)
{
$id = (int) $id;
$post = get_post($id, ARRAY_A);
if (empty($id) || empty($post['ID'])) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "empty {$id}");
}
if (!json_check_post_permission($post, 'edit')) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "cant read:{$id}");
}
return true;
}
/**
* Retrieve comments
*
* @param int $id Post ID to retrieve comments for
* @return array List of Comment entities
*/
public function get_comments($id)
{
//$args = array('status' => $status, 'post_id' => $id, 'offset' => $offset, 'number' => $number )l
$comments = get_comments(array('post_id' => $id));
$post = get_post($id, ARRAY_A);
if (empty($post['ID'])) {
return new WP_Error('json_post_invalid_id', __('Invalid post ID.'), array('status' => 404));
}
if (!json_check_post_permission($post, 'read')) {
return new WP_Error('json_user_cannot_read', __('Sorry, you cannot read this post.'), array('status' => 401));
}
$struct = array();
foreach ($comments as $comment) {
$struct[] = $this->prepare_comment($comment, array('comment', 'meta'), 'collection');
}
return $struct;
}
public function tax_query($data)
{
$allowed = array('post_type', 'tax_query');
foreach ($data as $key => $value) {
if (!in_array($key, $allowed)) {
unset($data[$key]);
}
}
if (!is_array($data) || empty($data) || !isset($data['tax_query'])) {
return new WP_Error('jp_api_tax_query', __('Invalid tax query.'), array('status' => 500));
}
$post_query = new WP_Query();
$posts_list = $post_query->query($data);
$response = new WP_JSON_Response();
$response->query_navigation_headers($post_query);
if (!$posts_list) {
$response->set_data(array());
return $response;
}
// holds all the posts data
$struct = array();
$response->header('Last-Modified', mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0) . ' GMT');
foreach ($posts_list as $post) {
$post = get_object_vars($post);
// Do we have permission to read this post?
if (json_check_post_permission($post, 'read')) {
continue;
}
$response->link_header('item', json_url('/posts/' . $post['ID']), array('title' => $post['post_title']));
$post_data = $this->prepare_post($post, 'view');
if (is_wp_error($post_data)) {
continue;
}
$struct[] = $post_data;
}
$response->set_data($struct);
return $response;
}
/**
* Check if we have permission to interact with the post object.
*
* @param WP_Post $post Post object.
* @param string $capability Permission to check.
* @return boolean Can we interact with it?
*/
function json_check_post_permission($post, $capability = 'read')
{
$permission = false;
$post_type = get_post_type_object($post['post_type']);
switch ($capability) {
case 'read':
if (!$post_type->show_in_json) {
return false;
}
if ('publish' === $post['post_status'] || current_user_can($post_type->cap->read_post, $post['ID'])) {
$permission = true;
}
// Can we read the parent if we're inheriting?
if ('inherit' === $post['post_status'] && $post['post_parent'] > 0) {
$parent = get_post($post['post_parent'], ARRAY_A);
if (json_check_post_permission($parent, 'read')) {
$permission = true;
}
}
// If we don't have a parent, but the status is set to inherit, assume
// it's published (as per get_post_status())
if ('inherit' === $post['post_status']) {
$permission = true;
}
break;
case 'edit':
if (current_user_can($post_type->cap->edit_post, $post['ID'])) {
$permission = true;
}
break;
case 'create':
if (current_user_can($post_type->cap->create_posts) || current_user_can($post_type->cap->edit_posts)) {
$permission = true;
}
break;
case 'delete':
if (current_user_can($post_type->cap->delete_post, $post['ID'])) {
$permission = true;
}
break;
default:
if (current_user_can($post_type->cap->{$capability})) {
$permission = true;
}
}
return apply_filters("json_check_post_{$capability}_permission", $permission, $post);
}
public function Sync_post($select, $where, $refguid, $limit)
{
global $wp, $wpdb;
$where .= " AND {$wpdb->posts}.ID < " . $refguid;
$querystr = $select . $where . " ORDER BY {$wpdb->posts}.ID ASC LIMIT " . $limit;
$posts_list = $wpdb->get_results($querystr);
error_log("Sync - " . $querystr);
$struct = array();
if (!$posts_list) {
return $struct;
}
foreach ($posts_list as $post) {
//error_log("post id ".$post['ID']);
$post = get_object_vars($post);
// Do we have permission to read this post?
if (!json_check_post_permission($post, 'read')) {
continue;
}
$post_data["guid"] = $post['ID'];
$post_data["title"] = $post['post_title'];
$post_data["description"] = strip_tags($post['post_content']);
$authorid = get_the_author_id($post);
$post_data["iconurl"] = get_avatar_url($authorid);
//$post_data["icontime"] = $post['post_title'];
$post_data["time"] = get_post_modified_time('U', false, $post, false);
if (is_wp_error($post_data)) {
continue;
}
//error_log("ajaay".serialize($post));
$struct[] = $post_data;
}
return $struct;
}
/**
* Check if we can edit a post
*
* @deprecated WPAPI-1.2
*
* @param array $post Post data
* @return boolean Can we edit it?
*/
protected function check_edit_permission($post)
{
_deprecated_function('WP_JSON_Posts::check_edit_permission', 'WPAPI-1.2', 'json_check_post_permission');
return json_check_post_permission($post, 'edit');
}
/**
* Return a form given an ID. This is an API endpoint.
*
* @param int $id
* @param string $context
* @since 6.0
* @return array|WP_Error
*/
public function get_form($id, $context = 'view')
{
$id = (int) $id;
if (empty($id)) {
return new WP_Error('json_invalid_id_ccf_form', esc_html__('Invalid form ID.', 'custom-contact-forms'), array('status' => 404));
}
$form = get_post($id, ARRAY_A);
if (empty($form)) {
return new WP_Error('json_invalid_ccf_form', esc_html__('Invalid form.', 'custom-contact-forms'), array('status' => 404));
}
if (!json_check_post_permission($form, 'read')) {
return new WP_Error('json_cannot_view_ccf_form', esc_html__('Sorry, you cannot view this form.', 'custom-contact-forms'), array('status' => 403));
}
return $this->get_post($id, $context);
}
/**
* Retrieve comments
*
* @param int $id Post ID to retrieve comments for
* @return array List of Comment entities
* filter: array(pre_page,status)
* page : 页码
* 返回的都是审核完毕的
*/
public function get_comments($id, $filter = array(), $page = 1)
{
$post = get_post($id, ARRAY_A);
if (empty($post['ID'])) {
json_error(BigAppErr::$comment['code'], "post id is empty", $id);
}
show_debug($post, __FILE__, __LINE__);
if (!json_check_post_permission($post, 'read')) {
json_error(BigAppErr::$comment['code'], "cannot read this post.");
}
$quer_vars = array('pre_page');
$number = 10;
if (isset($filter['pre_page'])) {
$number = intval($filter['pre_page']);
}
if ($page < 1) {
$page = 1;
}
$offset = ($page - 1) * $number;
$status = 'approve';
if (isset($filter['status'])) {
$status = $filter['status'];
}
$comments = get_comments(array('post_id' => $id, 'number' => $number, 'status' => $status, 'offset' => $offset));
show_debug($comments, __FILE__, __LINE__);
$struct = array();
foreach ($comments as $comment) {
$struct[] = $this->prepare_comment($comment, array('comment', 'meta'), 'collection');
}
return $struct;
}