function callback($path = '', $blog_id = 0, $post_id = 0) { $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } $args = $this->query_args(); $input = $this->input(false); if (!is_array($input) || !$input) { return new WP_Error('invalid_input', 'Invalid request input', 400); } $post = get_post($post_id); if (!$post || is_wp_error($post)) { return new WP_Error('unknown_post', 'Unknown post', 404); } if (!current_user_can('edit_post', $post->ID)) { return new WP_Error('unauthorized', 'User cannot edit post', 403); } $post_data = array('post_ID' => $post_id, 'post_title' => $input['title'], 'post_content' => $input['content'], 'post_excerpt' => $input['excerpt']); $preview_url = add_query_arg('preview', 'true', get_permalink($post->ID)); if (!wp_check_post_lock($post->ID) && get_current_user_id() == $post->post_author && ('auto-draft' == $post->post_status || 'draft' == $post->post_status)) { // Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked $auto_ID = edit_post(wp_slash($post_data)); } else { // Non drafts or other users drafts are not overwritten. The autosave is stored in a special post revision for each user. $auto_ID = wp_create_post_autosave(wp_slash($post_data)); $nonce = wp_create_nonce('post_preview_' . $post->ID); $preview_url = add_query_arg(array('preview_id' => $auto_ID, 'preview_nonce' => $nonce), $preview_url); } $updated_post = get_post($auto_ID); if ($updated_post && $updated_post->ID && $updated_post->post_modified) { return array('ID' => $auto_ID, 'post_ID' => $post->ID, 'modified' => $this->format_date($updated_post->post_modified), 'preview_URL' => $preview_url); } else { return new WP_Error('autosave_error', __('Autosave encountered an unexpected error', 'jetpack'), 500); } }
/** * create a autosave revision with this content * * @param $pid * @param $content */ public function update_autosave_version($pid, $content) { $post = get_post($pid); // only when something has changed if ($post && normalize_whitespace($post->post_content) != normalize_whitespace($content)) { $post->post_content = $content; $post = $post->to_array(); $post['post_ID'] = $pid; wp_create_post_autosave($post); } }
function wp_ajax_autosave() { global $login_grace_period; define('DOING_AUTOSAVE', true); $nonce_age = check_ajax_referer('autosave', 'autosavenonce'); $_POST['post_category'] = explode(",", $_POST['catslist']); if ($_POST['post_type'] == 'page' || empty($_POST['post_category'])) { unset($_POST['post_category']); } $do_autosave = (bool) $_POST['autosave']; $do_lock = true; $data = $alert = ''; /* translators: draft saved date format, see http://php.net/date */ $draft_saved_date_format = __('g:i:s a'); /* translators: %s: date and time */ $message = sprintf(__('Draft saved at %s.'), date_i18n($draft_saved_date_format)); $supplemental = array(); if (isset($login_grace_period)) { $alert .= sprintf(__('Your login has expired. Please open a new browser window and <a href="%s" target="_blank">log in again</a>. '), add_query_arg('interim-login', 1, wp_login_url())); } $id = $revision_id = 0; $post_ID = (int) $_POST['post_ID']; $_POST['ID'] = $post_ID; $post = get_post($post_ID); if ('auto-draft' == $post->post_status) { $_POST['post_status'] = 'draft'; } if ($last = wp_check_post_lock($post->ID)) { $do_autosave = $do_lock = false; $last_user = get_userdata($last); $last_user_name = $last_user ? $last_user->display_name : __('Someone'); $data = __('Autosave disabled.'); $supplemental['disable_autosave'] = 'disable'; $alert .= sprintf(__('%s is currently editing this article. If you update it, you will overwrite the changes.'), esc_html($last_user_name)); } if ('page' == $post->post_type) { if (!current_user_can('edit_page', $post_ID)) { wp_die(__('You are not allowed to edit this page.')); } } else { if (!current_user_can('edit_post', $post_ID)) { wp_die(__('You are not allowed to edit this post.')); } } if ($do_autosave) { // Drafts and auto-drafts are just overwritten by autosave if ('auto-draft' == $post->post_status || 'draft' == $post->post_status) { $id = edit_post(); } else { // Non drafts are not overwritten. The autosave is stored in a special post revision. $revision_id = wp_create_post_autosave($post->ID); if (is_wp_error($revision_id)) { $id = $revision_id; } else { $id = $post->ID; } } $data = $message; } else { if (!empty($_POST['auto_draft'])) { $id = 0; } else { $id = $post->ID; } } if ($do_lock && empty($_POST['auto_draft']) && $id && is_numeric($id)) { $lock_result = wp_set_post_lock($id); $supplemental['active-post-lock'] = implode(':', $lock_result); } if ($nonce_age == 2) { $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave'); $supplemental['replace-getpermalinknonce'] = wp_create_nonce('getpermalink'); $supplemental['replace-samplepermalinknonce'] = wp_create_nonce('samplepermalink'); $supplemental['replace-closedpostboxesnonce'] = wp_create_nonce('closedpostboxes'); $supplemental['replace-_ajax_linking_nonce'] = wp_create_nonce('internal-linking'); if ($id) { if ($_POST['post_type'] == 'post') { $supplemental['replace-_wpnonce'] = wp_create_nonce('update-post_' . $id); } elseif ($_POST['post_type'] == 'page') { $supplemental['replace-_wpnonce'] = wp_create_nonce('update-page_' . $id); } } } if (!empty($alert)) { $supplemental['alert'] = $alert; } $x = new WP_Ajax_Response(array('what' => 'autosave', 'id' => $id, 'data' => $id ? $data : '', 'supplemental' => $supplemental)); $x->send(); }
function wp_ajax_autosave() { define('DOING_AUTOSAVE', true); check_ajax_referer('autosave', 'autosavenonce'); if (!empty($_POST['catslist'])) { $_POST['post_category'] = explode(',', $_POST['catslist']); } if ($_POST['post_type'] == 'page' || empty($_POST['post_category'])) { unset($_POST['post_category']); } $data = ''; $supplemental = array(); $id = $revision_id = 0; $post_id = (int) $_POST['post_id']; $_POST['ID'] = $_POST['post_ID'] = $post_id; $post = get_post($post_id); if (empty($post->ID) || !current_user_can('edit_post', $post->ID)) { wp_die(__('You are not allowed to edit this post.')); } if ('page' == $post->post_type && !current_user_can('edit_page', $post->ID)) { wp_die(__('You are not allowed to edit this page.')); } if ('auto-draft' == $post->post_status) { $_POST['post_status'] = 'draft'; } if (!empty($_POST['autosave'])) { if (!wp_check_post_lock($post->ID) && get_current_user_id() == $post->post_author && ('auto-draft' == $post->post_status || 'draft' == $post->post_status)) { // Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked $id = edit_post(); } else { // Non drafts or other users drafts are not overwritten. The autosave is stored in a special post revision for each user. $revision_id = wp_create_post_autosave($post->ID); if (is_wp_error($revision_id)) { $id = $revision_id; } else { $id = $post->ID; } } if (!is_wp_error($id)) { /* translators: draft saved date format, see http://php.net/date */ $draft_saved_date_format = __('g:i:s a'); /* translators: %s: date and time */ $data = sprintf(__('Draft saved at %s.'), date_i18n($draft_saved_date_format)); } } else { if (!empty($_POST['auto_draft'])) { $id = 0; } else { $id = $post->ID; } } // @todo Consider exposing any errors, rather than having 'Saving draft...' $x = new WP_Ajax_Response(array('what' => 'autosave', 'id' => $id, 'data' => $data, 'supplemental' => $supplemental)); $x->send(); }
/** * Save a post submitted with XHR * * Intended for use with heartbeat and autosave.js * * @since 3.9.0 * * @param array $post_data Associative array of the submitted post data. * @return mixed The value 0 or WP_Error on failure. The saved post ID on success. * The ID can be the draft post_id or the autosave revision post_id. */ function wp_autosave($post_data) { // Back-compat if (!defined('DOING_AUTOSAVE')) { define('DOING_AUTOSAVE', true); } $post_id = (int) $post_data['post_id']; $post_data['ID'] = $post_data['post_ID'] = $post_id; if (false === wp_verify_nonce($post_data['_wpnonce'], 'update-post_' . $post_id)) { return new WP_Error('invalid_nonce', __('Error while saving.')); } $post = get_post($post_id); if (!current_user_can('edit_post', $post->ID)) { return new WP_Error('edit_posts', __('Sorry, you are not allowed to edit this item.')); } if ('auto-draft' == $post->post_status) { $post_data['post_status'] = 'draft'; } if ($post_data['post_type'] != 'page' && !empty($post_data['catslist'])) { $post_data['post_category'] = explode(',', $post_data['catslist']); } if (!wp_check_post_lock($post->ID) && get_current_user_id() == $post->post_author && ('auto-draft' == $post->post_status || 'draft' == $post->post_status)) { // Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked return edit_post(wp_slash($post_data)); } else { // Non drafts or other users drafts are not overwritten. The autosave is stored in a special post revision for each user. return wp_create_post_autosave(wp_slash($post_data)); } }
/** * Save draft or manually autosave for showing preview. * * @package WordPress * @since 2.7.0 * * @uses get_post_status() * @uses edit_post() * @uses get_post() * @uses current_user_can() * @uses wp_die() * @uses wp_create_post_autosave() * @uses add_query_arg() * @uses wp_create_nonce() * * @return str URL to redirect to show the preview */ function post_preview() { $post_ID = (int) $_POST['post_ID']; $status = get_post_status($post_ID); if ('auto-draft' == $status) { wp_die(__('Preview not available. Please save as a draft first.')); } if (isset($_POST['catslist'])) { $_POST['post_category'] = explode(",", $_POST['catslist']); } if (isset($_POST['tags_input'])) { $_POST['tags_input'] = explode(",", $_POST['tags_input']); } if ($_POST['post_type'] == 'page' || empty($_POST['post_category'])) { unset($_POST['post_category']); } $_POST['ID'] = $post_ID; $post = get_post($post_ID); if ('page' == $post->post_type) { if (!current_user_can('edit_page', $post_ID)) { wp_die(__('You are not allowed to edit this page.')); } } else { if (!current_user_can('edit_post', $post_ID)) { wp_die(__('You are not allowed to edit this post.')); } } $user_id = get_current_user_id(); $locked = wp_check_post_lock($post->ID); if (!$locked && 'draft' == $post->post_status && $user_id == $post->post_author) { $id = edit_post(); } else { // Non drafts are not overwritten. The autosave is stored in a special post revision. $id = wp_create_post_autosave($post->ID); if (!is_wp_error($id)) { $id = $post->ID; } } if (is_wp_error($id)) { wp_die($id->get_error_message()); } if (!$locked && $_POST['post_status'] == 'draft' && $user_id == $post->post_author) { $url = add_query_arg('preview', 'true', get_permalink($id)); } else { $nonce = wp_create_nonce('post_preview_' . $id); $args = array('preview' => 'true', 'preview_id' => $id, 'preview_nonce' => $nonce); if (isset($_POST['post_format'])) { $args['post_format'] = empty($_POST['post_format']) ? 'standard' : sanitize_key($_POST['post_format']); } $url = add_query_arg($args, get_permalink($id)); } return apply_filters('preview_post_link', $url); }
/** * Save draft or manually autosave for showing preview. * * @package WordPress * @since 2.7 * * @uses wp_write_post() * @uses edit_post() * @uses get_post() * @uses current_user_can() * @uses wp_create_post_autosave() * * @return str URL to redirect to show the preview */ function post_preview() { $post_ID = (int) $_POST['post_ID']; if ($post_ID < 1) { wp_die(__('Preview not available. Please save as a draft first.')); } if (isset($_POST['catslist'])) { $_POST['post_category'] = explode(",", $_POST['catslist']); } if (isset($_POST['tags_input'])) { $_POST['tags_input'] = explode(",", $_POST['tags_input']); } if ($_POST['post_type'] == 'page' || empty($_POST['post_category'])) { unset($_POST['post_category']); } $_POST['ID'] = $post_ID; $post = get_post($post_ID); if ('page' == $post->post_type) { if (!current_user_can('edit_page', $post_ID)) { wp_die(__('You are not allowed to edit this page.')); } } else { if (!current_user_can('edit_post', $post_ID)) { wp_die(__('You are not allowed to edit this post.')); } } if ('draft' == $post->post_status) { $id = edit_post(); } else { // Non drafts are not overwritten. The autosave is stored in a special post revision. $id = wp_create_post_autosave($post->ID); if (!is_wp_error($id)) { $id = $post->ID; } } if (is_wp_error($id)) { wp_die($id->get_error_message()); } if ($_POST['post_status'] == 'draft') { $url = add_query_arg('preview', 'true', get_permalink($id)); } else { $nonce = wp_create_nonce('post_preview_' . $id); $url = add_query_arg(array('preview' => 'true', 'preview_id' => $id, 'preview_nonce' => $nonce), get_permalink($id)); } return $url; }
if ('page' == $post->post_type) { if (!current_user_can('edit_page', $post_ID)) { die(__('You are not allowed to edit this page.')); } } else { if (!current_user_can('edit_post', $post_ID)) { die(__('You are not allowed to edit this post.')); } } if ($do_autosave) { // Drafts are just overwritten by autosave if ('draft' == $post->post_status) { $id = edit_post(); } else { // Non drafts are not overwritten. The autosave is stored in a special post revision. $revision_id = wp_create_post_autosave($post->ID); if (is_wp_error($revision_id)) { $id = $revision_id; } else { $id = $post->ID; } } $data = $message; } else { $id = $post->ID; } } if ($do_lock && $id && is_numeric($id)) { wp_set_post_lock($id); } if ($nonce_age == 2) {