/** * Upgrade the revisions author, add the current post as a revision and set the revisions version to 1 * * @since 3.6.0 * @access private * * @global wpdb $wpdb WordPress database abstraction object. * * @param WP_Post $post Post object * @param array $revisions Current revisions of the post * @return bool true if the revisions were upgraded, false if problems */ function _wp_upgrade_revisions_of_post($post, $revisions) { global $wpdb; // Add post option exclusively $lock = "revision-upgrade-{$post->ID}"; $now = time(); $result = $wpdb->query($wpdb->prepare("INSERT IGNORE INTO `{$wpdb->options}` (`option_name`, `option_value`, `autoload`) VALUES (%s, %s, 'no') /* LOCK */", $lock, $now)); if (!$result) { // If we couldn't get a lock, see how old the previous lock is $locked = get_option($lock); if (!$locked) { // Can't write to the lock, and can't read the lock. // Something broken has happened return false; } if ($locked > $now - 3600) { // Lock is not too old: some other process may be upgrading this post. Bail. return false; } // Lock is too old - update it (below) and continue } // If we could get a lock, re-"add" the option to fire all the correct filters. update_option($lock, $now); reset($revisions); $add_last = true; do { $this_revision = current($revisions); $prev_revision = next($revisions); $this_revision_version = _wp_get_post_revision_version($this_revision); // Something terrible happened if (false === $this_revision_version) { continue; } // 1 is the latest revision version, so we're already up to date. // No need to add a copy of the post as latest revision. if (0 < $this_revision_version) { $add_last = false; continue; } // Always update the revision version $update = array('post_name' => preg_replace('/^(\\d+-(?:autosave|revision))[\\d-]*$/', '$1-v1', $this_revision->post_name)); // If this revision is the oldest revision of the post, i.e. no $prev_revision, // the correct post_author is probably $post->post_author, but that's only a good guess. // Update the revision version only and Leave the author as-is. if ($prev_revision) { $prev_revision_version = _wp_get_post_revision_version($prev_revision); // If the previous revision is already up to date, it no longer has the information we need :( if ($prev_revision_version < 1) { $update['post_author'] = $prev_revision->post_author; } } // Upgrade this revision $result = $wpdb->update($wpdb->posts, $update, array('ID' => $this_revision->ID)); if ($result) { wp_cache_delete($this_revision->ID, 'posts'); } } while ($prev_revision); delete_option($lock); // Add a copy of the post as latest revision. if ($add_last) { wp_save_post_revision($post->ID); } return true; }
/** * Update an existing post with values provided in $_POST. * * @since 1.5.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param array $post_data Optional. * @return int Post ID. */ function edit_post($post_data = null) { global $wpdb; if (empty($post_data)) { $post_data =& $_POST; } // Clear out any data in internal vars. unset($post_data['filter']); $post_ID = (int) $post_data['post_ID']; $post = get_post($post_ID); $post_data['post_type'] = $post->post_type; $post_data['post_mime_type'] = $post->post_mime_type; if (!empty($post_data['post_status'])) { $post_data['post_status'] = sanitize_key($post_data['post_status']); if ('inherit' == $post_data['post_status']) { unset($post_data['post_status']); } } $ptype = get_post_type_object($post_data['post_type']); if (!current_user_can('edit_post', $post_ID)) { if ('page' == $post_data['post_type']) { wp_die(__('Sorry, you are not allowed to edit this page.')); } else { wp_die(__('Sorry, you are not allowed to edit this post.')); } } if (post_type_supports($ptype->name, 'revisions')) { $revisions = wp_get_post_revisions($post_ID, array('order' => 'ASC', 'posts_per_page' => 1)); $revision = current($revisions); // Check if the revisions have been upgraded if ($revisions && _wp_get_post_revision_version($revision) < 1) { _wp_upgrade_revisions_of_post($post, wp_get_post_revisions($post_ID)); } } if (isset($post_data['visibility'])) { switch ($post_data['visibility']) { case 'public': $post_data['post_password'] = ''; break; case 'password': unset($post_data['sticky']); break; case 'private': $post_data['post_status'] = 'private'; $post_data['post_password'] = ''; unset($post_data['sticky']); break; } } $post_data = _wp_translate_postdata(true, $post_data); if (is_wp_error($post_data)) { wp_die($post_data->get_error_message()); } // Post Formats if (isset($post_data['post_format'])) { set_post_format($post_ID, $post_data['post_format']); } $format_meta_urls = array('url', 'link_url', 'quote_source_url'); foreach ($format_meta_urls as $format_meta_url) { $keyed = '_format_' . $format_meta_url; if (isset($post_data[$keyed])) { update_post_meta($post_ID, $keyed, wp_slash(esc_url_raw(wp_unslash($post_data[$keyed])))); } } $format_keys = array('quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed'); foreach ($format_keys as $key) { $keyed = '_format_' . $key; if (isset($post_data[$keyed])) { if (current_user_can('unfiltered_html')) { update_post_meta($post_ID, $keyed, $post_data[$keyed]); } else { update_post_meta($post_ID, $keyed, wp_filter_post_kses($post_data[$keyed])); } } } if ('attachment' === $post_data['post_type'] && preg_match('#^(audio|video)/#', $post_data['post_mime_type'])) { $id3data = wp_get_attachment_metadata($post_ID); if (!is_array($id3data)) { $id3data = array(); } foreach (wp_get_attachment_id3_keys($post, 'edit') as $key => $label) { if (isset($post_data['id3_' . $key])) { $id3data[$key] = sanitize_text_field(wp_unslash($post_data['id3_' . $key])); } } wp_update_attachment_metadata($post_ID, $id3data); } // Meta Stuff if (isset($post_data['meta']) && $post_data['meta']) { foreach ($post_data['meta'] as $key => $value) { if (!($meta = get_post_meta_by_id($key))) { continue; } if ($meta->post_id != $post_ID) { continue; } if (is_protected_meta($value['key'], 'post') || !current_user_can('edit_post_meta', $post_ID, $value['key'])) { continue; } update_meta($key, $value['key'], $value['value']); } } if (isset($post_data['deletemeta']) && $post_data['deletemeta']) { foreach ($post_data['deletemeta'] as $key => $value) { if (!($meta = get_post_meta_by_id($key))) { continue; } if ($meta->post_id != $post_ID) { continue; } if (is_protected_meta($meta->meta_key, 'post') || !current_user_can('delete_post_meta', $post_ID, $meta->meta_key)) { continue; } delete_meta($key); } } // Attachment stuff if ('attachment' == $post_data['post_type']) { if (isset($post_data['_wp_attachment_image_alt'])) { $image_alt = wp_unslash($post_data['_wp_attachment_image_alt']); if ($image_alt != get_post_meta($post_ID, '_wp_attachment_image_alt', true)) { $image_alt = wp_strip_all_tags($image_alt, true); // update_meta expects slashed. update_post_meta($post_ID, '_wp_attachment_image_alt', wp_slash($image_alt)); } } $attachment_data = isset($post_data['attachments'][$post_ID]) ? $post_data['attachments'][$post_ID] : array(); /** This filter is documented in wp-admin/includes/media.php */ $post_data = apply_filters('attachment_fields_to_save', $post_data, $attachment_data); } // Convert taxonomy input to term IDs, to avoid ambiguity. if (isset($post_data['tax_input'])) { foreach ((array) $post_data['tax_input'] as $taxonomy => $terms) { // Hierarchical taxonomy data is already sent as term IDs, so no conversion is necessary. if (is_taxonomy_hierarchical($taxonomy)) { continue; } /* * Assume that a 'tax_input' string is a comma-separated list of term names. * Some languages may use a character other than a comma as a delimiter, so we standardize on * commas before parsing the list. */ if (!is_array($terms)) { $comma = _x(',', 'tag delimiter'); if (',' !== $comma) { $terms = str_replace($comma, ',', $terms); } $terms = explode(',', trim($terms, " \n\t\r\v,")); } $clean_terms = array(); foreach ($terms as $term) { // Empty terms are invalid input. if (empty($term)) { continue; } $_term = get_terms($taxonomy, array('name' => $term, 'fields' => 'ids', 'hide_empty' => false)); if (!empty($_term)) { $clean_terms[] = intval($_term[0]); } else { // No existing term was found, so pass the string. A new term will be created. $clean_terms[] = $term; } } $post_data['tax_input'][$taxonomy] = $clean_terms; } } add_meta($post_ID); update_post_meta($post_ID, '_edit_last', get_current_user_id()); $success = wp_update_post($post_data); // If the save failed, see if we can sanity check the main fields and try again if (!$success && is_callable(array($wpdb, 'strip_invalid_text_for_column'))) { $fields = array('post_title', 'post_content', 'post_excerpt'); foreach ($fields as $field) { if (isset($post_data[$field])) { $post_data[$field] = $wpdb->strip_invalid_text_for_column($wpdb->posts, $field, $post_data[$field]); } } wp_update_post($post_data); } // Now that we have an ID we can fix any attachment anchor hrefs _fix_attachment_links($post_ID); wp_set_post_lock($post_ID); if (current_user_can($ptype->cap->edit_others_posts) && current_user_can($ptype->cap->publish_posts)) { if (!empty($post_data['sticky'])) { stick_post($post_ID); } else { unstick_post($post_ID); } } return $post_ID; }
} } // If this autosave isn't different from the current post, begone. if (!$notice) { wp_delete_post_revision($autosave->ID); } unset($autosave_field, $_autosave_field); } $post_type_object = get_post_type_object($post_type); // All meta boxes should be defined and added before the first do_meta_boxes() call (or potentially during the do_meta_boxes action). require_once ABSPATH . 'wp-admin/includes/meta-boxes.php'; $publish_callback_args = null; if (post_type_supports($post_type, 'revisions') && 'auto-draft' != $post->post_status) { $revisions = wp_get_post_revisions($post_ID); // Check if the revisions have been upgraded if (!empty($revisions) && _wp_get_post_revision_version(end($revisions)) < 1) { _wp_upgrade_revisions_of_post($post, $revisions); } // We should aim to show the revisions metabox only when there are revisions. if (count($revisions) > 1) { reset($revisions); // Reset pointer for key() $publish_callback_args = array('revisions_count' => count($revisions), 'revision_id' => key($revisions)); add_meta_box('revisionsdiv', __('Revisions'), 'post_revisions_meta_box', null, 'normal', 'core'); } } if ('attachment' == $post_type) { wp_enqueue_script('image-edit'); wp_enqueue_style('imgareaselect'); add_meta_box('submitdiv', __('Save'), 'attachment_submit_meta_box', null, 'side', 'core'); add_action('edit_form_after_title', 'edit_form_image_editor');
/** * Update an existing post with values provided in $_POST. * * @since 1.5.0 * * @param array $post_data Optional. * @return int Post ID. */ function edit_post($post_data = null) { global $wpdb; if (empty($post_data)) { $post_data =& $_POST; } // Clear out any data in internal vars. unset($post_data['filter']); $post_ID = (int) $post_data['post_ID']; $post = get_post($post_ID); $post_data['post_type'] = $post->post_type; $post_data['post_mime_type'] = $post->post_mime_type; if (!empty($post_data['post_status'])) { $post_data['post_status'] = sanitize_key($post_data['post_status']); if ('inherit' == $post_data['post_status']) { unset($post_data['post_status']); } } $ptype = get_post_type_object($post_data['post_type']); if (!current_user_can('edit_post', $post_ID)) { if ('page' == $post_data['post_type']) { wp_die(__('You are not allowed to edit this page.')); } else { wp_die(__('You are not allowed to edit this post.')); } } if (post_type_supports($ptype->name, 'revisions')) { $revisions = wp_get_post_revisions($post_ID, array('order' => 'ASC', 'posts_per_page' => 1)); $revision = current($revisions); // Check if the revisions have been upgraded if ($revisions && _wp_get_post_revision_version($revision) < 1) { _wp_upgrade_revisions_of_post($post, wp_get_post_revisions($post_ID)); } } if (isset($post_data['visibility'])) { switch ($post_data['visibility']) { case 'public': $post_data['post_password'] = ''; break; case 'password': unset($post_data['sticky']); break; case 'private': $post_data['post_status'] = 'private'; $post_data['post_password'] = ''; unset($post_data['sticky']); break; } } $post_data = _wp_translate_postdata(true, $post_data); if (is_wp_error($post_data)) { wp_die($post_data->get_error_message()); } // Post Formats if (isset($post_data['post_format'])) { set_post_format($post_ID, $post_data['post_format']); } $format_meta_urls = array('url', 'link_url', 'quote_source_url'); foreach ($format_meta_urls as $format_meta_url) { $keyed = '_format_' . $format_meta_url; if (isset($post_data[$keyed])) { update_post_meta($post_ID, $keyed, wp_slash(esc_url_raw(wp_unslash($post_data[$keyed])))); } } $format_keys = array('quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed'); foreach ($format_keys as $key) { $keyed = '_format_' . $key; if (isset($post_data[$keyed])) { if (current_user_can('unfiltered_html')) { update_post_meta($post_ID, $keyed, $post_data[$keyed]); } else { update_post_meta($post_ID, $keyed, wp_filter_post_kses($post_data[$keyed])); } } } if ('attachment' === $post_data['post_type'] && preg_match('#^(audio|video)/#', $post_data['post_mime_type'])) { $id3data = wp_get_attachment_metadata($post_ID); if (!is_array($id3data)) { $id3data = array(); } foreach (wp_get_attachment_id3_keys($post, 'edit') as $key => $label) { if (isset($post_data['id3_' . $key])) { $id3data[$key] = sanitize_text_field(wp_unslash($post_data['id3_' . $key])); } } wp_update_attachment_metadata($post_ID, $id3data); } // Meta Stuff if (isset($post_data['meta']) && $post_data['meta']) { foreach ($post_data['meta'] as $key => $value) { if (!($meta = get_post_meta_by_id($key))) { continue; } if ($meta->post_id != $post_ID) { continue; } if (is_protected_meta($value['key'], 'post') || !current_user_can('edit_post_meta', $post_ID, $value['key'])) { continue; } update_meta($key, $value['key'], $value['value']); } } if (isset($post_data['deletemeta']) && $post_data['deletemeta']) { foreach ($post_data['deletemeta'] as $key => $value) { if (!($meta = get_post_meta_by_id($key))) { continue; } if ($meta->post_id != $post_ID) { continue; } if (is_protected_meta($meta->meta_key, 'post') || !current_user_can('delete_post_meta', $post_ID, $meta->meta_key)) { continue; } delete_meta($key); } } // Attachment stuff if ('attachment' == $post_data['post_type']) { if (isset($post_data['_wp_attachment_image_alt'])) { $image_alt = wp_unslash($post_data['_wp_attachment_image_alt']); if ($image_alt != get_post_meta($post_ID, '_wp_attachment_image_alt', true)) { $image_alt = wp_strip_all_tags($image_alt, true); // update_meta expects slashed. update_post_meta($post_ID, '_wp_attachment_image_alt', wp_slash($image_alt)); } } $attachment_data = isset($post_data['attachments'][$post_ID]) ? $post_data['attachments'][$post_ID] : array(); /** This filter is documented in wp-admin/includes/media.php */ $post_data = apply_filters('attachment_fields_to_save', $post_data, $attachment_data); } add_meta($post_ID); update_post_meta($post_ID, '_edit_last', get_current_user_id()); $success = wp_update_post($post_data); // If the save failed, see if we can sanity check the main fields and try again if (!$success && is_callable(array($wpdb, 'strip_invalid_text_for_column'))) { $fields = array('post_title', 'post_content', 'post_excerpt'); foreach ($fields as $field) { if (isset($post_data[$field])) { $post_data[$field] = $wpdb->strip_invalid_text_for_column($wpdb->posts, $field, $post_data[$field]); } } wp_update_post($post_data); } // Now that we have an ID we can fix any attachment anchor hrefs _fix_attachment_links($post_ID); wp_set_post_lock($post_ID); if (current_user_can($ptype->cap->edit_others_posts)) { if (!empty($post_data['sticky'])) { stick_post($post_ID); } else { unstick_post($post_ID); } } return $post_ID; }
/** * Update an existing post with values provided in $_POST. * * @since 1.5.0 * * @param array $post_data Optional. * @return int Post ID. */ function edit_post( $post_data = null ) { if ( empty($post_data) ) $post_data = &$_POST; // Clear out any data in internal vars. unset( $post_data['filter'] ); $post_ID = (int) $post_data['post_ID']; $post = get_post( $post_ID ); $post_data['post_type'] = $post->post_type; $post_data['post_mime_type'] = $post->post_mime_type; if ( ! empty( $post_data['post_status'] ) ) { $post_data['post_status'] = sanitize_key( $post_data['post_status'] ); if ( 'inherit' == $post_data['post_status'] ) { unset( $post_data['post_status'] ); } } $ptype = get_post_type_object($post_data['post_type']); if ( !current_user_can( 'edit_post', $post_ID ) ) { if ( 'page' == $post_data['post_type'] ) wp_die( __('You are not allowed to edit this page.' )); else wp_die( __('You are not allowed to edit this post.' )); } if ( post_type_supports( $ptype->name, 'revisions' ) ) { $revisions = wp_get_post_revisions( $post_ID, array( 'order' => 'ASC', 'posts_per_page' => 1 ) ); $revision = current( $revisions ); // Check if the revisions have been upgraded if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 ) _wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) ); } if ( ( empty( $post_data['action'] ) || 'autosave' != $post_data['action'] ) && 'auto-draft' == $post_data['post_status'] ) { $post_data['post_status'] = 'draft'; } if ( isset($post_data['visibility']) ) { switch ( $post_data['visibility'] ) { case 'public' : $post_data['post_password'] = ''; break; case 'password' : unset( $post_data['sticky'] ); break; case 'private' : $post_data['post_status'] = 'private'; $post_data['post_password'] = ''; unset( $post_data['sticky'] ); break; } } $post_data = _wp_translate_postdata( true, $post_data ); if ( is_wp_error($post_data) ) wp_die( $post_data->get_error_message() ); // Post Formats if ( isset( $post_data['post_format'] ) ) set_post_format( $post_ID, $post_data['post_format'] ); $format_meta_urls = array( 'url', 'link_url', 'quote_source_url' ); foreach ( $format_meta_urls as $format_meta_url ) { $keyed = '_format_' . $format_meta_url; if ( isset( $post_data[ $keyed ] ) ) update_post_meta( $post_ID, $keyed, wp_slash( esc_url_raw( wp_unslash( $post_data[ $keyed ] ) ) ) ); } $format_keys = array( 'quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed' ); foreach ( $format_keys as $key ) { $keyed = '_format_' . $key; if ( isset( $post_data[ $keyed ] ) ) { if ( current_user_can( 'unfiltered_html' ) ) update_post_meta( $post_ID, $keyed, $post_data[ $keyed ] ); else update_post_meta( $post_ID, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) ); } } // Meta Stuff if ( isset($post_data['meta']) && $post_data['meta'] ) { foreach ( $post_data['meta'] as $key => $value ) { if ( !$meta = get_post_meta_by_id( $key ) ) continue; if ( $meta->post_id != $post_ID ) continue; if ( is_protected_meta( $value['key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $value['key'] ) ) continue; update_meta( $key, $value['key'], $value['value'] ); } } if ( isset($post_data['deletemeta']) && $post_data['deletemeta'] ) { foreach ( $post_data['deletemeta'] as $key => $value ) { if ( !$meta = get_post_meta_by_id( $key ) ) continue; if ( $meta->post_id != $post_ID ) continue; if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $post_ID, $meta->meta_key ) ) continue; delete_meta( $key ); } } // Attachment stuff if ( 'attachment' == $post_data['post_type'] ) { if ( isset( $post_data[ '_wp_attachment_image_alt' ] ) ) { $image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] ); if ( $image_alt != get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) ) { $image_alt = wp_strip_all_tags( $image_alt, true ); // update_meta expects slashed update_post_meta( $post_ID, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); } } $attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array(); /** This filter is documented in wp-admin/includes/media.php */ $post_data = apply_filters( 'attachment_fields_to_save', $post_data, $attachment_data ); } add_meta( $post_ID ); update_post_meta( $post_ID, '_edit_last', get_current_user_id() ); wp_update_post( $post_data ); // Now that we have an ID we can fix any attachment anchor hrefs _fix_attachment_links( $post_ID ); wp_set_post_lock( $post_ID ); if ( current_user_can( $ptype->cap->edit_others_posts ) ) { if ( ! empty( $post_data['sticky'] ) ) stick_post( $post_ID ); else unstick_post( $post_ID ); } return $post_ID; }