function callback($path = '', $blog_id = 0, $user_id = 0)
{
$blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id));
if (is_wp_error($blog_id)) {
return $blog_id;
}
if (defined('IS_WPCOM') && IS_WPCOM) {
if (wpcom_get_blog_owner($blog_id) == $user_id) {
return new WP_Error('forbidden', 'A site owner can not be removed through this endpoint.', 403);
}
}
if ($this->api->ends_with($path, '/delete')) {
return $this->delete_or_remove_user($user_id);
}
return false;
}
/**
* Updates user data
*
* @return (array)
*/
public function update_user($user_id, $blog_id)
{
$input = $this->input();
$user['ID'] = $user_id;
$is_wpcom = defined('IS_WPCOM') && IS_WPCOM;
if (get_current_user_id() == $user_id && isset($input['roles'])) {
return new WP_Error('unauthorized', 'You cannot change your own role', 403);
}
if ($is_wpcom && $user_id !== get_current_user_id() && $user_id == wpcom_get_blog_owner($blog_id)) {
return new WP_Error('unauthorized_edit_owner', 'Current user can not edit blog owner', 403);
}
if (!$is_wpcom) {
foreach ($input as $key => $value) {
if (!is_array($value)) {
$value = trim($value);
}
$value = wp_unslash($value);
switch ($key) {
case 'first_name':
case 'last_name':
$user[$key] = $value;
break;
case 'display_name':
case 'name':
$user['display_name'] = $value;
break;
}
}
}
if (isset($input['roles'])) {
if (is_array($input['roles'])) {
$user['role'] = $input['roles'][0];
} else {
$user['role'] = $input['roles'];
}
}
$result = wp_update_user($user);
if (is_wp_error($result)) {
return $result;
}
return $this->get_user($user_id);
}
/**
* SyndicatedPost::normalize_post()
*
* @param bool $new If true, this post is to be inserted anew. If false, it is an update of an existing post.
* @return array A normalized representation of the post ready to be inserted into the database or sent to the WordPress API functions
*/
function normalize_post($new = true)
{
$out = array();
// Why doesn't wp_insert_post already do this?
foreach ($this->post as $key => $value) {
// For DB sanitization, no post ID needs passed
$out[$key] = sanitize_post_field($key, $this->post[$key], null, 'db');
}
// May not always have a post excerpt
$excerpt = isset($out['post_excerpt']) ? $out['post_excerpt'] : '';
if (strlen($out['post_title'] . $out['post_content'] . $excerpt) == 0) {
// FIXME: Option for filtering out empty posts
}
if (strlen($out['post_title']) == 0) {
$offset = (int) get_option('gmt_offset') * 60 * 60;
$out['post_title'] = $this->post['meta']['syndication_source'] . ' ' . gmdate('Y-m-d H:i:s', $this->published() + $offset);
// FIXME: Option for what to fill a blank title with...
}
// WPCOM: never allow 1 (super admin) as the author
if (function_exists('wpcom_get_blog_owner') && 1 == $out['post_author']) {
$out['post_author'] = wpcom_get_blog_owner();
}
return $out;
}
