static function init( $method = null, $url = null, $post_body = null ) { if ( !self::$self ) { $class = function_exists( 'get_called_class' ) ? get_called_class() : __CLASS__; self::$self = new $class( $method, $url, $post_body ); } return self::$self; }
function callback($path = '', $blog_id = 0) { global $wpdb; if ('mine' === $blog_id) { $api = WPCOM_JSON_API::init(); if (!$api->token_details || empty($api->token_details['blog_id'])) { return new WP_Error('authorization_required', 'An active access token must be used to query information about the current blog.', 403); } $blog_id = $api->token_details['blog_id']; } $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } $response = $this->build_current_site_response(); do_action('wpcom_json_api_objects', 'sites'); return $response; }
function callback($path = '', $blog_id = 0) { if ('mine' === $blog_id) { $api = WPCOM_JSON_API::init(); if (!$api->token_details || empty($api->token_details['blog_id'])) { return new WP_Error('authorization_required', 'An active access token must be used to query information about the current blog.', 403); } $blog_id = $api->token_details['blog_id']; } $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } // TODO: enable this when we can do so without being interfered with by // other endpoints that might be wrapping this one. // Uncomment and see failing test: test_jetpack_site_should_have_true_jetpack_property_via_site_meta // $this->filter_fields_and_options(); $response = $this->build_current_site_response(); /** This action is documented in json-endpoints/class.wpcom-json-api-site-settings-endpoint.php */ do_action('wpcom_json_api_objects', 'sites'); return $response; }
function write_post($path, $blog_id, $post_id) { $new = $this->api->ends_with($path, '/new'); $args = $this->query_args(); // unhook publicize, it's hooked again later -- without this, skipping services is impossible if (defined('IS_WPCOM') && IS_WPCOM) { remove_action('save_post', array($GLOBALS['publicize_ui']->publicize, 'async_publicize_post'), 100, 2); add_action('rest_api_inserted_post', array($GLOBALS['publicize_ui']->publicize, 'async_publicize_post')); } if ($new) { $input = $this->input(true); if ('revision' === $input['type']) { if (!isset($input['parent'])) { return new WP_Error('invalid_input', 'Invalid request input', 400); } $input['status'] = 'inherit'; // force inherit for revision type $input['slug'] = $input['parent'] . '-autosave-v1'; } elseif (!isset($input['title']) && !isset($input['content']) && !isset($input['excerpt'])) { return new WP_Error('invalid_input', 'Invalid request input', 400); } // default to post if (empty($input['type'])) { $input['type'] = 'post'; } $post_type = get_post_type_object($input['type']); if (!$this->is_post_type_allowed($input['type'])) { return new WP_Error('unknown_post_type', 'Unknown post type', 404); } if (!empty($input['author'])) { $author_id = parent::parse_and_set_author($input['author'], $input['type']); unset($input['author']); if (is_wp_error($author_id)) { return $author_id; } } if ('publish' === $input['status']) { if (!current_user_can($post_type->cap->publish_posts)) { if (current_user_can($post_type->cap->edit_posts)) { $input['status'] = 'pending'; } else { return new WP_Error('unauthorized', 'User cannot publish posts', 403); } } } else { if (!current_user_can($post_type->cap->edit_posts)) { return new WP_Error('unauthorized', 'User cannot edit posts', 403); } } } else { $input = $this->input(false); if (!is_array($input) || !$input) { return new WP_Error('invalid_input', 'Invalid request input', 400); } $post = get_post($post_id); $_post_type = !empty($input['type']) ? $input['type'] : $post->post_type; $post_type = get_post_type_object($_post_type); if (!$post || is_wp_error($post)) { return new WP_Error('unknown_post', 'Unknown post', 404); } if (!current_user_can('edit_post', $post->ID)) { return new WP_Error('unauthorized', 'User cannot edit post', 403); } if (!empty($input['author'])) { $author_id = parent::parse_and_set_author($input['author'], $_post_type); unset($input['author']); if (is_wp_error($author_id)) { return $author_id; } } if ('publish' === $input['status'] && 'publish' !== $post->post_status && !current_user_can('publish_post', $post->ID)) { $input['status'] = 'pending'; } $last_status = $post->post_status; $new_status = $input['status']; } // Fix for https://iorequests.wordpress.com/2014/08/13/scheduled-posts-made-in-the/ // See: https://a8c.slack.com/archives/io/p1408047082000273 // If date was set, $this->input will set date_gmt, date still needs to be adjusted for the blog's offset if (isset($input['date_gmt'])) { $gmt_offset = get_option('gmt_offset'); $time_with_offset = strtotime($input['date_gmt']) + $gmt_offset * HOUR_IN_SECONDS; $input['date'] = date('Y-m-d H:i:s', $time_with_offset); } if (!empty($author_id) && get_current_user_id() != $author_id) { if (!current_user_can($post_type->cap->edit_others_posts)) { return new WP_Error('unauthorized', "User is not allowed to publish others' posts.", 403); } elseif (!user_can($author_id, $post_type->cap->edit_posts)) { return new WP_Error('unauthorized', 'Assigned author cannot publish post.', 403); } } if (!is_post_type_hierarchical($post_type->name) && 'revision' !== $post_type->name) { unset($input['parent']); } /* add taxonomies by name */ $tax_input = array(); foreach (array('categories' => 'category', 'tags' => 'post_tag') as $key => $taxonomy) { if (!isset($input[$key])) { continue; } $tax_input[$taxonomy] = array(); $is_hierarchical = is_taxonomy_hierarchical($taxonomy); if (is_array($input[$key])) { $terms = $input[$key]; } else { $terms = explode(',', $input[$key]); } foreach ($terms as $term) { /** * We assume these are names, not IDs, even if they are numeric. * Note: A category named "0" will not work right. * https://core.trac.wordpress.org/ticket/9059 */ $term_info = get_term_by('name', $term, $taxonomy, ARRAY_A); if (!$term_info) { // only add a new tag/cat if the user has access to $tax = get_taxonomy($taxonomy); if (!current_user_can($tax->cap->edit_terms)) { continue; } $term_info = wp_insert_term($term, $taxonomy); } if (!is_wp_error($term_info)) { if ($is_hierarchical) { // Categories must be added by ID $tax_input[$taxonomy][] = (int) $term_info['term_id']; } else { // Tags must be added by name $tax_input[$taxonomy][] = $term; } } } } /* add taxonomies by ID */ foreach (array('categories_by_id' => 'category', 'tags_by_id' => 'post_tag') as $key => $taxonomy) { if (!isset($input[$key])) { continue; } // combine with any previous selections if (!is_array($tax_input[$taxonomy])) { $tax_input[$taxonomy] = array(); } $is_hierarchical = is_taxonomy_hierarchical($taxonomy); if (is_array($input[$key])) { $terms = $input[$key]; } else { $terms = explode(',', $input[$key]); } foreach ($terms as $term) { if (!ctype_digit($term)) { // skip anything that doesn't look like an ID continue; } $term = (int) $term; $term_info = get_term_by('id', $term, $taxonomy, ARRAY_A); if ($term_info && !is_wp_error($term_info)) { if ($is_hierarchical) { // Categories must be added by ID $tax_input[$taxonomy][] = $term; } else { // Tags must be added by name $tax_input[$taxonomy][] = $term_info['name']; } } } } if ((isset($input['categories']) || isset($input['categories_by_id'])) && empty($tax_input['category']) && 'revision' !== $post_type->name) { $tax_input['category'][] = get_option('default_category'); } unset($input['tags'], $input['categories'], $input['tags_by_id'], $input['categories_by_id']); $insert = array(); if (!empty($input['slug'])) { $insert['post_name'] = $input['slug']; unset($input['slug']); } if (isset($input['discussion'])) { $discussion = (array) $input['discussion']; foreach (array('comment', 'ping') as $discussion_type) { $discussion_open = sprintf('%ss_open', $discussion_type); $discussion_status = sprintf('%s_status', $discussion_type); if (isset($discussion[$discussion_open])) { $is_open = WPCOM_JSON_API::is_truthy($discussion[$discussion_open]); $discussion[$discussion_status] = $is_open ? 'open' : 'closed'; } if (in_array($discussion[$discussion_status], array('open', 'closed'))) { $insert[$discussion_status] = $discussion[$discussion_status]; } } } unset($input['discussion']); if (isset($input['menu_order'])) { $insert['menu_order'] = $input['menu_order']; unset($input['menu_order']); } if (isset($input['publicize'])) { $publicize = $input['publicize']; unset($input['publicize']); } if (isset($input['publicize_message'])) { $publicize_custom_message = $input['publicize_message']; unset($input['publicize_message']); } if (isset($input['featured_image'])) { $featured_image = trim($input['featured_image']); $delete_featured_image = empty($featured_image); unset($input['featured_image']); } if (isset($input['metadata'])) { $metadata = $input['metadata']; unset($input['metadata']); } if (isset($input['likes_enabled'])) { $likes = $input['likes_enabled']; unset($input['likes_enabled']); } if (isset($input['sharing_enabled'])) { $sharing = $input['sharing_enabled']; unset($input['sharing_enabled']); } if (isset($input['sticky'])) { $sticky = $input['sticky']; unset($input['sticky']); } foreach ($input as $key => $value) { $insert["post_{$key}"] = $value; } if (!empty($author_id)) { $insert['post_author'] = absint($author_id); } if (!empty($tax_input)) { $insert['tax_input'] = $tax_input; } $has_media = !empty($input['media']) ? count($input['media']) : false; $has_media_by_url = !empty($input['media_urls']) ? count($input['media_urls']) : false; if ($new) { if (false === strpos($input['content'], '[gallery') && ($has_media || $has_media_by_url)) { switch ($has_media + $has_media_by_url) { case 0: // No images - do nothing. break; case 1: // 1 image - make it big $insert['post_content'] = $input['content'] = "[gallery size=full columns=1]\n\n" . $input['content']; break; default: // Several images - 3 column gallery $insert['post_content'] = $input['content'] = "[gallery]\n\n" . $input['content']; break; } } $post_id = wp_insert_post(add_magic_quotes($insert), true); } else { $insert['ID'] = $post->ID; // wp_update_post ignores date unless edit_date is set // See: http://codex.wordpress.org/Function_Reference/wp_update_post#Scheduling_posts // See: https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/post.php#L3302 if (isset($input['date_gmt']) || isset($input['date'])) { $insert['edit_date'] = true; } $post_id = wp_update_post((object) $insert); } if (!$post_id || is_wp_error($post_id)) { return $post_id; } // make sure this post actually exists and is not an error of some kind (ie, trying to load media in the posts endpoint) $post_check = $this->get_post_by('ID', $post_id, $args['context']); if (is_wp_error($post_check)) { return $post_check; } if ($has_media || $has_media_by_url) { $media_files = !empty($input['media']) ? $input['media'] : array(); $media_urls = !empty($input['media_urls']) ? $input['media_urls'] : array(); $media_attrs = !empty($input['media_attrs']) ? $input['media_attrs'] : array(); $force_parent_id = $post_id; $media_results = $this->handle_media_creation_v1_1($media_files, $media_urls, $media_attrs, $force_parent_id); } // set page template for this post.. if (isset($input['page_template']) && 'page' == $post_type->name) { $page_template = $input['page_template']; $page_templates = wp_get_theme()->get_page_templates(get_post($post_id)); if (empty($page_template) || 'default' == $page_template || isset($page_templates[$page_template])) { update_post_meta($post_id, '_wp_page_template', $page_template); } } // Set like status for the post $sitewide_likes_enabled = (bool) apply_filters('wpl_is_enabled_sitewide', !get_option('disabled_likes')); if ($new) { if ($sitewide_likes_enabled) { if (false === $likes) { update_post_meta($post_id, 'switch_like_status', 1); } else { delete_post_meta($post_id, 'switch_like_status'); } } else { if ($likes) { update_post_meta($post_id, 'switch_like_status', 1); } else { delete_post_meta($post_id, 'switch_like_status'); } } } else { if (isset($likes)) { if ($sitewide_likes_enabled) { if (false === $likes) { update_post_meta($post_id, 'switch_like_status', 1); } else { delete_post_meta($post_id, 'switch_like_status'); } } else { if (true === $likes) { update_post_meta($post_id, 'switch_like_status', 1); } else { delete_post_meta($post_id, 'switch_like_status'); } } } } // Set sharing status of the post if ($new) { $sharing_enabled = isset($sharing) ? (bool) $sharing : true; if (false === $sharing_enabled) { update_post_meta($post_id, 'sharing_disabled', 1); } } else { if (isset($sharing) && true === $sharing) { delete_post_meta($post_id, 'sharing_disabled'); } else { if (isset($sharing) && false == $sharing) { update_post_meta($post_id, 'sharing_disabled', 1); } } } if (true === $sticky) { stick_post($post_id); } else { unstick_post($post_id); } // WPCOM Specific (Jetpack's will get bumped elsewhere // Tracks how many posts are published and sets meta so we can track some other cool stats (like likes & comments on posts published) if ($new && 'publish' == $input['status'] || !$new && isset($last_status) && 'publish' != $last_status && isset($new_status) && 'publish' == $new_status) { if (function_exists('bump_stats_extras')) { bump_stats_extras('api-insights-posts', $this->api->token_details['client_id']); update_post_meta($post_id, '_rest_api_published', 1); update_post_meta($post_id, '_rest_api_client_id', $this->api->token_details['client_id']); } } // We ask the user/dev to pass Publicize services he/she wants activated for the post, but Publicize expects us // to instead flag the ones we don't want to be skipped. proceed with said logic. // any posts coming from Path (client ID 25952) should also not publicize if ($publicize === false || isset($this->api->token_details['client_id']) && 25952 == $this->api->token_details['client_id']) { // No publicize at all, skip all by ID foreach ($GLOBALS['publicize_ui']->publicize->get_services('all') as $name => $service) { delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name); $service_connections = $GLOBALS['publicize_ui']->publicize->get_connections($name); if (!$service_connections) { continue; } foreach ($service_connections as $service_connection) { update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1); } } } else { if (is_array($publicize) && count($publicize) > 0) { foreach ($GLOBALS['publicize_ui']->publicize->get_services('all') as $name => $service) { /* * We support both indexed and associative arrays: * * indexed are to pass entire services * * associative are to pass specific connections per service * * We do support mixed arrays: mixed integer and string keys (see 3rd example below). * * EG: array( 'twitter', 'facebook') will only publicize to those, ignoring the other available services * Form data: publicize[]=twitter&publicize[]=facebook * EG: array( 'twitter' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3', 'facebook' => (int) $pub_conn_id_7 ) will publicize to two Twitter accounts, and one Facebook connection, of potentially many. * Form data: publicize[twitter]=$pub_conn_id_0,$pub_conn_id_3&publicize[facebook]=$pub_conn_id_7 * EG: array( 'twitter', 'facebook' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3' ) will publicize to all available Twitter accounts, but only 2 of potentially many Facebook connections * Form data: publicize[]=twitter&publicize[facebook]=$pub_conn_id_0,$pub_conn_id_3 */ // Delete any stale SKIP value for the service by name. We'll add it back by ID. delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name); // Get the user's connections $service_connections = $GLOBALS['publicize_ui']->publicize->get_connections($name); // if the user doesn't have any connections for this service, move on if (!$service_connections) { continue; } if (!in_array($name, $publicize) && !array_key_exists($name, $publicize)) { // Skip the whole service by adding each connection ID foreach ($service_connections as $service_connection) { update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1); } } else { if (!empty($publicize[$name])) { // Seems we're being asked to only push to [a] specific connection[s]. // Explode the list on commas, which will also support a single passed ID $requested_connections = explode(',', preg_replace('/[\\s]*/', '', $publicize[$name])); // Flag the connections we can't match with the requested list to be skipped. foreach ($service_connections as $service_connection) { if (!in_array($service_connection->meta['connection_data']->id, $requested_connections)) { update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1); } else { delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id); } } } else { // delete all SKIP values; it's okay to publish to all connected IDs for this service foreach ($service_connections as $service_connection) { delete_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id); } } } } } } if (!empty($publicize_custom_message)) { update_post_meta($post_id, $GLOBALS['publicize_ui']->publicize->POST_MESS, trim($publicize_custom_message)); } set_post_format($post_id, $insert['post_format']); if (isset($featured_image)) { parent::parse_and_set_featured_image($post_id, $delete_featured_image, $featured_image); } if (!empty($metadata)) { foreach ((array) $metadata as $meta) { $meta = (object) $meta; $existing_meta_item = new stdClass(); if (empty($meta->operation)) { $meta->operation = 'update'; } if (!empty($meta->value)) { if ('true' == $meta->value) { $meta->value = true; } if ('false' == $meta->value) { $meta->value = false; } } if (!empty($meta->id)) { $meta->id = absint($meta->id); $existing_meta_item = get_metadata_by_mid('post', $meta->id); } $unslashed_meta_key = wp_unslash($meta->key); // should match what the final key will be $meta->key = wp_slash($meta->key); $unslashed_existing_meta_key = wp_unslash($existing_meta_item->meta_key); $existing_meta_item->meta_key = wp_slash($existing_meta_item->meta_key); // make sure that the meta id passed matches the existing meta key if (!empty($meta->id) && !empty($meta->key)) { $meta_by_id = get_metadata_by_mid('post', $meta->id); if ($meta_by_id->meta_key !== $meta->key) { continue; // skip this meta } } switch ($meta->operation) { case 'delete': if (!empty($meta->id) && !empty($existing_meta_item->meta_key) && current_user_can('delete_post_meta', $post_id, $unslashed_existing_meta_key)) { delete_metadata_by_mid('post', $meta->id); } elseif (!empty($meta->key) && !empty($meta->previous_value) && current_user_can('delete_post_meta', $post_id, $unslashed_meta_key)) { delete_post_meta($post_id, $meta->key, $meta->previous_value); } elseif (!empty($meta->key) && current_user_can('delete_post_meta', $post_id, $unslashed_meta_key)) { delete_post_meta($post_id, $meta->key); } break; case 'add': if (!empty($meta->id) || !empty($meta->previous_value)) { continue; } elseif (!empty($meta->key) && !empty($meta->value) && current_user_can('add_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key)) { add_post_meta($post_id, $meta->key, $meta->value); } break; case 'update': if (!isset($meta->value)) { continue; } elseif (!empty($meta->id) && !empty($existing_meta_item->meta_key) && (current_user_can('edit_post_meta', $post_id, $unslashed_existing_meta_key) || $this->is_metadata_public($meta->key))) { update_metadata_by_mid('post', $meta->id, $meta->value); } elseif (!empty($meta->key) && !empty($meta->previous_value) && (current_user_can('edit_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key))) { update_post_meta($post_id, $meta->key, $meta->value, $meta->previous_value); } elseif (!empty($meta->key) && (current_user_can('edit_post_meta', $post_id, $unslashed_meta_key) || $this->is_metadata_public($meta->key))) { update_post_meta($post_id, $meta->key, $meta->value); } break; } } } do_action('rest_api_inserted_post', $post_id, $insert, $new); $return = $this->get_post_by('ID', $post_id, $args['context']); if (!$return || is_wp_error($return)) { return $return; } if (isset($input['type']) && 'revision' === $input['type']) { $return['preview_nonce'] = wp_create_nonce('post_preview_' . $input['parent']); } // workaround for sticky test occasionally failing, maybe a race condition with stick_post() above $return['sticky'] = true === $sticky; if (!empty($media_results['errors'])) { $return['media_errors'] = $media_results['errors']; } do_action('wpcom_json_api_objects', 'posts'); return $return; }
/** * Updates site settings for authorized users * * @return (array) */ public function update_settings() { // $this->input() retrieves posted arguments whitelisted and casted to the $request_format // specs that get passed in when this class is instantiated /** * Filters the settings to be updated on the site. * * @since 3.6.0 * * @param array $input Associative array of site settings to be updated. */ $input = apply_filters('rest_api_update_site_settings', $this->input()); $jetpack_relatedposts_options = array(); $sharing_options = array(); $updated = array(); foreach ($input as $key => $value) { if (!is_array($value)) { $value = trim($value); } $value = wp_unslash($value); switch ($key) { case 'default_ping_status': case 'default_comment_status': // settings are stored as closed|open $coerce_value = $value ? 'open' : 'closed'; if (update_option($key, $coerce_value)) { $updated[$key] = $value; } break; case 'jetpack_protect_whitelist': if (function_exists('jetpack_protect_save_whitelist')) { $result = jetpack_protect_save_whitelist($value); if (is_wp_error($result)) { return $result; } $updated[$key] = jetpack_protect_format_whitelist(); } break; case 'jetpack_sync_non_public_post_stati': Jetpack_Options::update_option('sync_non_public_post_stati', $value); break; case 'jetpack_relatedposts_enabled': case 'jetpack_relatedposts_show_thumbnails': case 'jetpack_relatedposts_show_headline': if (!$this->jetpack_relatedposts_supported()) { break; } if ('jetpack_relatedposts_enabled' === $key && method_exists('Jetpack', 'is_module_active') && $this->jetpack_relatedposts_supported()) { $before_action = Jetpack::is_module_active('related-posts'); if ($value) { Jetpack::activate_module('related-posts', false, false); } else { Jetpack::deactivate_module('related-posts'); } $after_action = Jetpack::is_module_active('related-posts'); if ($after_action == $before_action) { break; } } $just_the_key = substr($key, 21); $jetpack_relatedposts_options[$just_the_key] = $value; break; case 'social_notifications_like': case 'social_notifications_reblog': case 'social_notifications_subscribe': // settings are stored as on|off $coerce_value = $value ? 'on' : 'off'; if (update_option($key, $coerce_value)) { $updated[$key] = $value; } break; case 'wga': if (!isset($value['code']) || !preg_match('/^$|^UA-[\\d-]+$/i', $value['code'])) { return new WP_Error('invalid_code', 'Invalid UA ID'); } $wga = get_option('wga', array()); $wga['code'] = $value['code']; // maintain compatibility with wp-google-analytics if (update_option('wga', $wga)) { $updated[$key] = $value; } $enabled_or_disabled = $wga['code'] ? 'enabled' : 'disabled'; do_action('jetpack_bump_stats_extras', 'google-analytics', $enabled_or_disabled); $business_plugins = WPCOM_Business_Plugins::instance(); $business_plugins->activate_plugin('wp-google-analytics'); break; case 'jetpack_comment_likes_enabled': // settings are stored as 1|0 $coerce_value = (int) $value; if (update_option($key, $coerce_value)) { $updated[$key] = $value; } break; // Sharing options // Sharing options case 'sharing_button_style': case 'sharing_show': case 'sharing_open_links': $sharing_options[preg_replace('/^sharing_/', '', $key)] = $value; break; case 'sharing_label': $sharing_options[$key] = $value; break; // Keyring token option // Keyring token option case 'eventbrite_api_token': // These options can only be updated for sites hosted on WordPress.com if (defined('IS_WPCOM') && IS_WPCOM) { if (empty($value) || WPCOM_JSON_API::is_falsy($value)) { if (delete_option($key)) { $updated[$key] = null; } } else { if (update_option($key, $value)) { $updated[$key] = (int) $value; } } } break; // no worries, we've already whitelisted and casted arguments above // no worries, we've already whitelisted and casted arguments above default: if (update_option($key, $value)) { $updated[$key] = $value; } } } if (count($jetpack_relatedposts_options)) { // track new jetpack_relatedposts options against old $old_relatedposts_options = Jetpack_Options::get_option('relatedposts'); if (Jetpack_Options::update_option('relatedposts', $jetpack_relatedposts_options)) { foreach ($jetpack_relatedposts_options as $key => $value) { if ($value !== $old_relatedposts_options[$key]) { $updated['jetpack_relatedposts_' . $key] = $value; } } } } if (!empty($sharing_options) && class_exists('Sharing_Service')) { $ss = new Sharing_Service(); // Merge current values with updated, since Sharing_Service expects // all values to be included when updating $current_sharing_options = $ss->get_global_options(); foreach ($current_sharing_options as $key => $val) { if (!isset($sharing_options[$key])) { $sharing_options[$key] = $val; } } $updated_social_options = $ss->set_global_options($sharing_options); if (isset($input['sharing_button_style'])) { $updated['sharing_button_style'] = (string) $updated_social_options['button_style']; } if (isset($input['sharing_label'])) { // Sharing_Service won't report label as updated if set to default $updated['sharing_label'] = (string) $sharing_options['sharing_label']; } if (isset($input['sharing_show'])) { $updated['sharing_show'] = (array) $updated_social_options['show']; } if (isset($input['sharing_open_links'])) { $updated['sharing_open_links'] = (string) $updated_social_options['open_links']; } } return array('updated' => $updated); }
protected function __construct() { $this->api = WPCOM_JSON_API::init(); }
function json_api($args = array()) { $json_api_args = $args[0]; $verify_api_user_args = $args[1]; $method = (string) $json_api_args[0]; $url = (string) $json_api_args[1]; $post_body = is_null($json_api_args[2]) ? null : (string) $json_api_args[2]; $my_id = (int) $json_api_args[3]; $user_details = (array) $json_api_args[4]; if (!$verify_api_user_args) { $user_id = 0; } elseif ('internal' === $verify_api_user_args[0]) { $user_id = (int) $verify_api_user_args[1]; if ($user_id) { $user = get_user_by('id', $user_id); if (!$user || is_wp_error($user)) { return false; } } } else { $user_id = call_user_func(array($this, 'test_api_user_code'), $verify_api_user_args); if (!$user_id) { return false; } } /* debugging error_log( "-- begin json api via jetpack debugging -- " ); error_log( "METHOD: $method" ); error_log( "URL: $url" ); error_log( "POST BODY: $post_body" ); error_log( "MY JETPACK ID: $my_id" ); error_log( "VERIFY_ARGS: " . print_r( $verify_api_user_args, 1 ) ); error_log( "VERIFIED USER_ID: " . (int) $user_id ); error_log( "-- end json api via jetpack debugging -- " ); */ $old_user = wp_get_current_user(); wp_set_current_user($user_id); $token = Jetpack_Data::get_access_token(get_current_user_id()); if (!$token || is_wp_error($token)) { return false; } define('REST_API_REQUEST', true); define('WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1'); // needed? require_once ABSPATH . 'wp-admin/includes/admin.php'; require_once dirname(__FILE__) . '/class.json-api.php'; $api = WPCOM_JSON_API::init($method, $url, $post_body); $api->token_details['user'] = $user_details; require_once dirname(__FILE__) . '/class.json-api-endpoints.php'; $display_errors = ini_set('display_errors', 0); ob_start(); $content_type = $api->serve(false); $output = ob_get_clean(); ini_set('display_errors', $display_errors); $nonce = wp_generate_password(10, false); $hmac = hash_hmac('md5', $nonce . $output, $token->secret); wp_set_current_user(isset($old_user->ID) ? $old_user->ID : 0); return array((string) $output, (string) $nonce, (string) $hmac); }
/** * Casts $value according to $type. * Handles fallbacks for certain values of $type when $value is not that $type * Currently, only handles fallback between string <-> array (two way), from string -> false (one way), and from object -> false (one way) * * Handles "child types" - array:URL, object:category * array:URL means an array of URLs * object:category means a hash of categories * * Handles object typing - object>post means an object of type post */ function cast_and_filter_item(&$return, $type, $key, $value, $types = array(), $for_output = false) { if (is_string($type)) { $type = compact('type'); } switch ($type['type']) { case 'false': $return[$key] = false; break; case 'url': $return[$key] = (string) esc_url_raw($value); break; case 'string': // Fallback string -> array if (is_array($value)) { if (!empty($types[0])) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } // Fallback string -> false if (!is_string($value)) { if (!empty($types[0]) && 'false' === $types[0]['type']) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } $return[$key] = (string) $value; break; case 'html': $return[$key] = (string) $value; break; case 'safehtml': $return[$key] = wp_kses((string) $value, wp_kses_allowed_html()); break; case 'media': if (is_array($value)) { if (isset($value['name'])) { // It's a $_FILES array // Reformat into array of $_FILES items $files = array(); foreach ($value['name'] as $k => $v) { $files[$k] = array(); foreach (array_keys($value) as $file_key) { $files[$k][$file_key] = $value[$file_key][$k]; } } $return[$key] = $files; } break; } else { // no break - treat as 'array' } // nobreak // nobreak case 'array': // Fallback array -> string if (is_string($value)) { if (!empty($types[0])) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } if (isset($type['children'])) { $children = array(); foreach ((array) $value as $k => $child) { $this->cast_and_filter_item($children, $type['children'], $k, $child, array(), $for_output); } $return[$key] = (array) $children; break; } $return[$key] = (array) $value; break; case 'iso 8601 datetime': case 'datetime': // (string)s $dates = $this->parse_date((string) $value); if ($for_output) { $return[$key] = $this->format_date($dates[1], $dates[0]); } else { list($return[$key], $return["{$key}_gmt"]) = $dates; } break; case 'float': $return[$key] = (double) $value; break; case 'int': case 'integer': $return[$key] = (int) $value; break; case 'bool': case 'boolean': $return[$key] = (bool) WPCOM_JSON_API::is_truthy($value); break; case 'object': // Fallback object -> false if (is_scalar($value) || is_null($value)) { if (!empty($types[0]) && 'false' === $types[0]['type']) { return $this->cast_and_filter_item($return, 'false', $key, $value, $types, $for_output); } } if (isset($type['children'])) { $children = array(); foreach ((array) $value as $k => $child) { $this->cast_and_filter_item($children, $type['children'], $k, $child, array(), $for_output); } $return[$key] = (object) $children; break; } if (isset($type['subtype'])) { return $this->cast_and_filter_item($return, $type['subtype'], $key, $value, $types, $for_output); } $return[$key] = (object) $value; break; case 'post': $return[$key] = (object) $this->cast_and_filter($value, $this->post_object_format, false, $for_output); break; case 'comment': $return[$key] = (object) $this->cast_and_filter($value, $this->comment_object_format, false, $for_output); break; case 'tag': case 'category': $docs = array('ID' => '(int)', 'name' => '(string)', 'slug' => '(string)', 'description' => '(HTML)', 'post_count' => '(int)', 'meta' => '(object)'); if ('category' === $type['type']) { $docs['parent'] = '(int)'; } $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'post_reference': case 'comment_reference': $docs = array('ID' => '(int)', 'type' => '(string)', 'title' => '(string)', 'link' => '(URL)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'geo': $docs = array('latitude' => '(float)', 'longitude' => '(float)', 'address' => '(string)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'author': $docs = array('ID' => '(int)', 'user_login' => '(string)', 'email' => '(string|false)', 'name' => '(string)', 'URL' => '(URL)', 'avatar_URL' => '(URL)', 'profile_URL' => '(URL)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'attachment': $docs = array('ID' => '(int)', 'URL' => '(URL)', 'guid' => '(string)', 'mime_type' => '(string)', 'width' => '(int)', 'height' => '(int)', 'duration' => '(int)'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_attachment_cast_and_filter', $docs), false, $for_output); break; case 'metadata': $docs = array('id' => '(int)', 'key' => '(string)', 'value' => '(string|false|float|int|array|object)', 'previous_value' => '(string)', 'operation' => '(string)'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_attachment_cast_and_filter', $docs), false, $for_output); break; case 'plugin': $docs = array('id' => '(string) The plugin\'s ID', 'active' => '(boolean) The plugin status.', 'update' => '(object) The plugin update info.', 'name' => '(string) The name of the plugin.', 'plugin_url' => '(url) Link to the plugin\'s web site.', 'version' => '(string) The plugin version number.', 'description' => '(safehtml) Description of what the plugin does and/or notes from the author', 'author' => '(string) The plugin author\'s name', 'author_url' => '(url) The plugin author web site address', 'network' => '(boolean) Whether the plugin can only be activated network wide.', 'autoupdate' => '(boolean) Whether the plugin is automatically updated', 'log' => '(array) An array of log strings telling how the plugin was modified'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_plugin_cast_and_filter', $docs), false, $for_output); break; case 'jetpackmodule': $docs = array('id' => '(string) The module\'s ID', 'active' => '(boolean) The module\'s status.', 'name' => '(string) The module\'s name.', 'description' => '(safehtml) The module\'s description.', 'sort' => '(int) The module\'s display order.', 'introduced' => '(string) The Jetpack version when the module was introduced.', 'changed' => '(string) The Jetpack version when the module was changed.', 'free' => '(boolean) The module\'s Free or Paid status.', 'module_tags' => '(array) The module\'s tags.'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_plugin_cast_and_filter', $docs), false, $for_output); break; default: trigger_error("Unknown API casting type {$type['type']}", E_USER_WARNING); } }
function callback($path = '', $blog_id = 0) { global $wpdb; if ('mine' === $blog_id) { $api = WPCOM_JSON_API::init(); if (!$api->token_details || empty($api->token_details['blog_id'])) { return new WP_Error('authorization_required', 'An active access token must be used to query information about the current blog.', 403); } $blog_id = $api->token_details['blog_id']; } $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } $is_user_logged_in = is_user_logged_in(); $response = array(); foreach (array_keys($this->response_format) as $key) { switch ($key) { case 'ID': $response[$key] = (int) $this->api->get_blog_id_for_output(); break; case 'name': $response[$key] = (string) get_bloginfo('name'); break; case 'description': $response[$key] = (string) get_bloginfo('description'); break; case 'URL': $response[$key] = (string) home_url(); break; case 'jetpack': if ($is_user_logged_in) { $response[$key] = false; } // magic break; case 'post_count': if ($is_user_logged_in) { $response[$key] = (int) $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_status = 'publish'"); } break; case 'lang': if ($is_user_logged_in) { $response[$key] = (string) get_bloginfo('language'); } break; case 'meta': $response[$key] = (object) array('links' => (object) array('self' => (string) $this->get_site_link($this->api->get_blog_id_for_output()), 'help' => (string) $this->get_site_link($this->api->get_blog_id_for_output(), 'help'), 'posts' => (string) $this->get_site_link($this->api->get_blog_id_for_output(), 'posts/'), 'comments' => (string) $this->get_site_link($this->api->get_blog_id_for_output(), 'comments/'))); break; } } do_action('wpcom_json_api_objects', 'sites'); return $response; }
/** * Casts $value according to $type. * Handles fallbacks for certain values of $type when $value is not that $type * Currently, only handles fallback between string <-> array (two way), from string -> false (one way), and from object -> false (one way), * and string -> object (one way) * * Handles "child types" - array:URL, object:category * array:URL means an array of URLs * object:category means a hash of categories * * Handles object typing - object>post means an object of type post */ function cast_and_filter_item(&$return, $type, $key, $value, $types = array(), $for_output = false) { if (is_string($type)) { $type = compact('type'); } switch ($type['type']) { case 'false': $return[$key] = false; break; case 'url': $return[$key] = (string) esc_url_raw($value); break; case 'string': // Fallback string -> array, or for string -> object if (is_array($value) || is_object($value)) { if (!empty($types[0])) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } // Fallback string -> false if (!is_string($value)) { if (!empty($types[0]) && 'false' === $types[0]['type']) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } $return[$key] = (string) $value; break; case 'html': $return[$key] = (string) $value; break; case 'safehtml': $return[$key] = wp_kses((string) $value, wp_kses_allowed_html()); break; case 'media': if (is_array($value)) { if (isset($value['name']) && is_array($value['name'])) { // It's a $_FILES array // Reformat into array of $_FILES items $files = array(); foreach ($value['name'] as $k => $v) { $files[$k] = array(); foreach (array_keys($value) as $file_key) { $files[$k][$file_key] = $value[$file_key][$k]; } } $return[$key] = $files; break; } } else { // no break - treat as 'array' } // nobreak // nobreak case 'array': // Fallback array -> string if (is_string($value)) { if (!empty($types[0])) { $next_type = array_shift($types); return $this->cast_and_filter_item($return, $next_type, $key, $value, $types, $for_output); } } if (isset($type['children'])) { $children = array(); foreach ((array) $value as $k => $child) { $this->cast_and_filter_item($children, $type['children'], $k, $child, array(), $for_output); } $return[$key] = (array) $children; break; } $return[$key] = (array) $value; break; case 'iso 8601 datetime': case 'datetime': // (string)s $dates = $this->parse_date((string) $value); if ($for_output) { $return[$key] = $this->format_date($dates[1], $dates[0]); } else { list($return[$key], $return["{$key}_gmt"]) = $dates; } break; case 'float': $return[$key] = (double) $value; break; case 'int': case 'integer': $return[$key] = (int) $value; break; case 'bool': case 'boolean': $return[$key] = (bool) WPCOM_JSON_API::is_truthy($value); break; case 'object': // Fallback object -> false if (is_scalar($value) || is_null($value)) { if (!empty($types[0]) && 'false' === $types[0]['type']) { return $this->cast_and_filter_item($return, 'false', $key, $value, $types, $for_output); } } if (isset($type['children'])) { $children = array(); foreach ((array) $value as $k => $child) { $this->cast_and_filter_item($children, $type['children'], $k, $child, array(), $for_output); } $return[$key] = (object) $children; break; } if (isset($type['subtype'])) { return $this->cast_and_filter_item($return, $type['subtype'], $key, $value, $types, $for_output); } $return[$key] = (object) $value; break; case 'post': $return[$key] = (object) $this->cast_and_filter($value, $this->post_object_format, false, $for_output); break; case 'comment': $return[$key] = (object) $this->cast_and_filter($value, $this->comment_object_format, false, $for_output); break; case 'tag': case 'category': $docs = array('ID' => '(int)', 'name' => '(string)', 'slug' => '(string)', 'description' => '(HTML)', 'post_count' => '(int)', 'meta' => '(object)'); if ('category' === $type['type']) { $docs['parent'] = '(int)'; } $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'post_reference': case 'comment_reference': $docs = array('ID' => '(int)', 'type' => '(string)', 'title' => '(string)', 'link' => '(URL)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'geo': $docs = array('latitude' => '(float)', 'longitude' => '(float)', 'address' => '(string)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'author': $docs = array('ID' => '(int)', 'user_login' => '(string)', 'login' => '(string)', 'email' => '(string|false)', 'name' => '(string)', 'first_name' => '(string)', 'last_name' => '(string)', 'nice_name' => '(string)', 'URL' => '(URL)', 'avatar_URL' => '(URL)', 'profile_URL' => '(URL)', 'is_super_admin' => '(bool)', 'roles' => '(array:string)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'role': $docs = array('name' => '(string)', 'display_name' => '(string)', 'capabilities' => '(object:boolean)'); $return[$key] = (object) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'attachment': $docs = array('ID' => '(int)', 'URL' => '(URL)', 'guid' => '(string)', 'mime_type' => '(string)', 'width' => '(int)', 'height' => '(int)', 'duration' => '(int)'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_attachment_cast_and_filter', $docs), false, $for_output); break; case 'metadata': $docs = array('id' => '(int)', 'key' => '(string)', 'value' => '(string|false|float|int|array|object)', 'previous_value' => '(string)', 'operation' => '(string)'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_attachment_cast_and_filter', $docs), false, $for_output); break; case 'plugin': $docs = array('id' => '(safehtml) The plugin\'s ID', 'slug' => '(safehtml) The plugin\'s Slug', 'active' => '(boolean) The plugin status.', 'update' => '(object) The plugin update info.', 'name' => '(safehtml) The name of the plugin.', 'plugin_url' => '(url) Link to the plugin\'s web site.', 'version' => '(safehtml) The plugin version number.', 'description' => '(safehtml) Description of what the plugin does and/or notes from the author', 'author' => '(safehtml) The plugin author\'s name', 'author_url' => '(url) The plugin author web site address', 'network' => '(boolean) Whether the plugin can only be activated network wide.', 'autoupdate' => '(boolean) Whether the plugin is auto updated', 'log' => '(array:safehtml) An array of update log strings.'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_plugin_cast_and_filter', $docs), false, $for_output); break; case 'jetpackmodule': $docs = array('id' => '(string) The module\'s ID', 'active' => '(boolean) The module\'s status.', 'name' => '(string) The module\'s name.', 'description' => '(safehtml) The module\'s description.', 'sort' => '(int) The module\'s display order.', 'introduced' => '(string) The Jetpack version when the module was introduced.', 'changed' => '(string) The Jetpack version when the module was changed.', 'free' => '(boolean) The module\'s Free or Paid status.', 'module_tags' => '(array) The module\'s tags.'); $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_plugin_cast_and_filter', $docs), false, $for_output); break; case 'sharing_button': $docs = array('ID' => '(string)', 'name' => '(string)', 'URL' => '(string)', 'icon' => '(string)', 'enabled' => '(bool)', 'visibility' => '(string)'); $return[$key] = (array) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'sharing_button_service': $docs = array('ID' => '(string) The service identifier', 'name' => '(string) The service name', 'class_name' => '(string) Class name for custom style sharing button elements', 'genericon' => '(string) The Genericon unicode character for the custom style sharing button icon', 'preview_smart' => '(string) An HTML snippet of a rendered sharing button smart preview', 'preview_smart_js' => '(string) An HTML snippet of the page-wide initialization scripts used for rendering the sharing button smart preview'); $return[$key] = (array) $this->cast_and_filter($value, $docs, false, $for_output); break; case 'taxonomy': $docs = array('name' => '(string) The taxonomy slug', 'label' => '(string) The taxonomy human-readable name', 'labels' => '(object) Mapping of labels for the taxonomy', 'description' => '(string) The taxonomy description', 'hierarchical' => '(bool) Whether the taxonomy is hierarchical', 'public' => '(bool) Whether the taxonomy is public', 'capabilities' => '(object) Mapping of current user capabilities for the taxonomy'); $return[$key] = (array) $this->cast_and_filter($value, $docs, false, $for_output); break; default: $method_name = $type['type'] . '_docs'; if (method_exists(WPCOM_JSON_API_Jetpack_Overrides, $method_name)) { $docs = WPCOM_JSON_API_Jetpack_Overrides::$method_name(); } if (!empty($docs)) { $return[$key] = (object) $this->cast_and_filter($value, apply_filters('wpcom_json_api_plugin_cast_and_filter', $docs), false, $for_output); } else { trigger_error("Unknown API casting type {$type['type']}", E_USER_WARNING); } } }
function json_api($args = array()) { $json_api_args = $args[0]; $verify_api_user_args = $args[1]; $method = (string) $json_api_args[0]; $url = (string) $json_api_args[1]; $post_body = is_null($json_api_args[2]) ? null : (string) $json_api_args[2]; $user_details = (array) $json_api_args[4]; $locale = (string) $json_api_args[5]; if (!$verify_api_user_args) { $user_id = 0; } elseif ('internal' === $verify_api_user_args[0]) { $user_id = (int) $verify_api_user_args[1]; if ($user_id) { $user = get_user_by('id', $user_id); if (!$user || is_wp_error($user)) { return false; } } } else { $user_id = call_user_func(array($this, 'test_api_user_code'), $verify_api_user_args); if (!$user_id) { return false; } } /* debugging error_log( "-- begin json api via jetpack debugging -- " ); error_log( "METHOD: $method" ); error_log( "URL: $url" ); error_log( "POST BODY: $post_body" ); error_log( "VERIFY_ARGS: " . print_r( $verify_api_user_args, 1 ) ); error_log( "VERIFIED USER_ID: " . (int) $user_id ); error_log( "-- end json api via jetpack debugging -- " ); */ if ('en' !== $locale) { // .org mo files are named slightly different from .com, and all we have is this the locale -- try to guess them. $new_locale = $locale; if (strpos($locale, '-') !== false) { $pieces = explode('-', $locale); $new_locale = $locale_pieces[0]; $new_locale .= !empty($locale_pieces[1]) ? '_' . strtoupper($locale_pieces[1]) : ''; } else { // .com might pass 'fr' because thats what our language files are named as, where core seems // to do fr_FR - so try that if we don't think we can load the file. if (!file_exists(WP_LANG_DIR . '/' . $locale . '.mo')) { $new_locale = $locale . '_' . strtoupper($locale); } } if (file_exists(WP_LANG_DIR . '/' . $new_locale . '.mo')) { unload_textdomain('default'); load_textdomain('default', WP_LANG_DIR . '/' . $new_locale . '.mo'); } } $old_user = wp_get_current_user(); wp_set_current_user($user_id); $token = Jetpack_Data::get_access_token(get_current_user_id()); if (!$token || is_wp_error($token)) { return false; } define('REST_API_REQUEST', true); define('WPCOM_JSON_API__BASE', 'public-api.wordpress.com/rest/v1'); // needed? require_once ABSPATH . 'wp-admin/includes/admin.php'; require_once JETPACK__PLUGIN_DIR . 'class.json-api.php'; $api = WPCOM_JSON_API::init($method, $url, $post_body); $api->token_details['user'] = $user_details; require_once JETPACK__PLUGIN_DIR . 'class.json-api-endpoints.php'; $display_errors = ini_set('display_errors', 0); ob_start(); $content_type = $api->serve(false); $output = ob_get_clean(); ini_set('display_errors', $display_errors); $nonce = wp_generate_password(10, false); $hmac = hash_hmac('md5', $nonce . $output, $token->secret); wp_set_current_user(isset($old_user->ID) ? $old_user->ID : 0); return array((string) $output, (string) $nonce, (string) $hmac); }
/** * Updates site settings for authorized users * * @return (array) */ public function update_settings() { // $this->input() retrieves posted arguments whitelisted and casted to the $request_format // specs that get passed in when this class is instantiated /** * Filters the settings to be updated on the site. * * @module json-api * * @since 3.6.0 * * @param array $input Associative array of site settings to be updated. */ $input = apply_filters('rest_api_update_site_settings', $this->input()); $jetpack_relatedposts_options = array(); $sharing_options = array(); $updated = array(); foreach ($input as $key => $value) { if (!is_array($value)) { $value = trim($value); } $value = wp_unslash($value); switch ($key) { case 'default_ping_status': case 'default_comment_status': // settings are stored as closed|open $coerce_value = $value ? 'open' : 'closed'; if (update_option($key, $coerce_value)) { $updated[$key] = $value; } break; case 'jetpack_protect_whitelist': if (function_exists('jetpack_protect_save_whitelist')) { $result = jetpack_protect_save_whitelist($value); if (is_wp_error($result)) { return $result; } $updated[$key] = jetpack_protect_format_whitelist(); } break; case 'jetpack_sync_non_public_post_stati': Jetpack_Options::update_option('sync_non_public_post_stati', $value); break; case 'jetpack_relatedposts_enabled': case 'jetpack_relatedposts_show_thumbnails': case 'jetpack_relatedposts_show_headline': if (!$this->jetpack_relatedposts_supported()) { break; } if ('jetpack_relatedposts_enabled' === $key && method_exists('Jetpack', 'is_module_active') && $this->jetpack_relatedposts_supported()) { $before_action = Jetpack::is_module_active('related-posts'); if ($value) { Jetpack::activate_module('related-posts', false, false); } else { Jetpack::deactivate_module('related-posts'); } $after_action = Jetpack::is_module_active('related-posts'); if ($after_action == $before_action) { break; } } $just_the_key = substr($key, 21); $jetpack_relatedposts_options[$just_the_key] = $value; break; case 'social_notifications_like': case 'social_notifications_reblog': case 'social_notifications_subscribe': // settings are stored as on|off $coerce_value = $value ? 'on' : 'off'; if (update_option($key, $coerce_value)) { $updated[$key] = $value; } break; case 'wga': if (!isset($value['code']) || !preg_match('/^$|^UA-[\\d-]+$/i', $value['code'])) { return new WP_Error('invalid_code', 'Invalid UA ID'); } $wga = get_option('wga', array()); $wga['code'] = $value['code']; // maintain compatibility with wp-google-analytics if (update_option('wga', $wga)) { $updated[$key] = $value; } $enabled_or_disabled = $wga['code'] ? 'enabled' : 'disabled'; /** This action is documented in modules/widgets/social-media-icons.php */ do_action('jetpack_bump_stats_extras', 'google-analytics', $enabled_or_disabled); $business_plugins = WPCOM_Business_Plugins::instance(); $business_plugins->activate_plugin('wp-google-analytics'); break; case 'jetpack_testimonial': case 'jetpack_portfolio': case 'jetpack_comment_likes_enabled': // settings are stored as 1|0 $coerce_value = (int) $value; if (update_option($key, $coerce_value)) { $updated[$key] = (bool) $value; } break; case 'jetpack_testimonial_posts_per_page': case 'jetpack_portfolio_posts_per_page': // settings are stored as numeric $coerce_value = (int) $value; if (update_option($key, $coerce_value)) { $updated[$key] = $coerce_value; } break; // Sharing options // Sharing options case 'sharing_button_style': case 'sharing_show': case 'sharing_open_links': $sharing_options[preg_replace('/^sharing_/', '', $key)] = $value; break; case 'sharing_label': $sharing_options[$key] = $value; break; // Keyring token option // Keyring token option case 'eventbrite_api_token': // These options can only be updated for sites hosted on WordPress.com if (defined('IS_WPCOM') && IS_WPCOM) { if (empty($value) || WPCOM_JSON_API::is_falsy($value)) { if (delete_option($key)) { $updated[$key] = null; } } else { if (update_option($key, $value)) { $updated[$key] = (int) $value; } } } break; case 'holidaysnow': if (empty($value) || WPCOM_JSON_API::is_falsy($value)) { if (function_exists('jetpack_holiday_snow_option_name') && delete_option(jetpack_holiday_snow_option_name())) { $updated[$key] = false; } } else { if (function_exists('jetpack_holiday_snow_option_name') && update_option(jetpack_holiday_snow_option_name(), 'letitsnow')) { $updated[$key] = true; } } break; case 'timezone_string': // Map UTC+- timezones to gmt_offsets and set timezone_string to empty // https://github.com/WordPress/WordPress/blob/4.4.2/wp-admin/options.php#L175 if (!empty($value) && preg_match('/^UTC[+-]/', $value)) { $gmt_offset = preg_replace('/UTC\\+?/', '', $value); if (update_option('gmt_offset', $gmt_offset)) { $updated['gmt_offset'] = $gmt_offset; } $value = ''; } // Always set timezone_string either with the given value or with an // empty string if (update_option($key, $value)) { $updated[$key] = $value; } break; default: //allow future versions of this endpoint to support additional settings keys if (has_filter('site_settings_endpoint_update_' . $key)) { /** * Filter current site setting value to be updated. * * @module json-api * * @since 3.9.3 * * @param mixed $response_item A single site setting value. */ $value = apply_filters('site_settings_endpoint_update_' . $key, $value); $updated[$key] = $value; continue; } // no worries, we've already whitelisted and casted arguments above if (update_option($key, $value)) { $updated[$key] = $value; } } } if (count($jetpack_relatedposts_options)) { // track new jetpack_relatedposts options against old $old_relatedposts_options = Jetpack_Options::get_option('relatedposts'); if (Jetpack_Options::update_option('relatedposts', $jetpack_relatedposts_options)) { foreach ($jetpack_relatedposts_options as $key => $value) { if ($value !== $old_relatedposts_options[$key]) { $updated['jetpack_relatedposts_' . $key] = $value; } } } } if (!empty($sharing_options) && class_exists('Sharing_Service')) { $ss = new Sharing_Service(); // Merge current values with updated, since Sharing_Service expects // all values to be included when updating $current_sharing_options = $ss->get_global_options(); foreach ($current_sharing_options as $key => $val) { if (!isset($sharing_options[$key])) { $sharing_options[$key] = $val; } } $updated_social_options = $ss->set_global_options($sharing_options); if (isset($input['sharing_button_style'])) { $updated['sharing_button_style'] = (string) $updated_social_options['button_style']; } if (isset($input['sharing_label'])) { // Sharing_Service won't report label as updated if set to default $updated['sharing_label'] = (string) $sharing_options['sharing_label']; } if (isset($input['sharing_show'])) { $updated['sharing_show'] = (array) $updated_social_options['show']; } if (isset($input['sharing_open_links'])) { $updated['sharing_open_links'] = (string) $updated_social_options['open_links']; } } return array('updated' => $updated); }