/** * Create a single attachment * * @param WP_REST_Request $request Full details about the request * @return WP_Error|WP_REST_Response */ public function create_item($request) { // Permissions check - Note: "upload_files" cap is returned for an attachment by $post_type_obj->cap->create_posts $post_type_obj = get_post_type_object($this->post_type); if (!current_user_can($post_type_obj->cap->create_posts) || !current_user_can($post_type_obj->cap->edit_posts)) { return new WP_Error('rest_cannot_create', __('Sorry, you are not allowed to post on this site.'), array('status' => 400)); } // If a user is trying to attach to a post make sure they have permissions. Bail early if post_id is not being passed if (!empty($request['post'])) { $parent = get_post((int) $request['post']); $post_parent_type = get_post_type_object($parent->post_type); if (!current_user_can($post_parent_type->cap->edit_post, $request['post'])) { return new WP_Error('rest_cannot_edit', __('Sorry, you are not allowed to edit this post.'), array('status' => 401)); } } // Get the file via $_FILES or raw data $files = $request->get_file_params(); $headers = $request->get_headers(); if (!empty($files)) { $file = $this->upload_from_file($files, $headers); } else { $file = $this->upload_from_data($request->get_body(), $headers); } if (is_wp_error($file)) { return $file; } $name = basename($file['file']); $name_parts = pathinfo($name); $name = trim(substr($name, 0, -(1 + strlen($name_parts['extension'])))); $url = $file['url']; $type = $file['type']; $file = $file['file']; $title = $name; $caption = ''; // use image exif/iptc data for title and caption defaults if possible // @codingStandardsIgnoreStart $image_meta = @wp_read_image_metadata($file); // @codingStandardsIgnoreEnd if (!empty($image_meta)) { if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) { $title = $image_meta['title']; } if (empty($request['caption']) && trim($image_meta['caption'])) { $caption = $image_meta['caption']; } } $attachment = $this->prepare_item_for_database($request); $attachment->file = $file; $attachment->post_mime_type = $type; $attachment->guid = $url; $id = wp_insert_post($attachment, true); if (is_wp_error($id)) { return $id; } /** Include admin functions to get access to wp_generate_attachment_metadata() */ require_once ABSPATH . 'wp-admin/includes/admin.php'; wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file)); if (isset($request['alt_text'])) { update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text'])); } $this->update_additional_fields_for_object($attachment, $request); $response = $this->get_item(array('id' => $id, 'context' => 'edit')); $response = rest_ensure_response($response); $response->set_status(201); $response->header('Location', rest_url('/wp/v2/' . $this->get_post_type_base($attachment->post_type) . '/' . $id)); /** * Fires after a single attachment is created or updated via the REST API. * * @param object $attachment Inserted attachment. * @param WP_REST_Request $request The request sent to the API. * @param bool $creating True when creating an attachment, false when updating. */ do_action('rest_insert_attachment', $attachment, $request, true); return $response; }
/** * Creates a single attachment. * * @since 4.7.0 * @access public * * @param WP_REST_Request $request Full details about the request. * @return WP_Error|WP_REST_Response Response object on success, WP_Error object on failure. */ public function create_item($request) { if (!empty($request['post']) && in_array(get_post_type($request['post']), array('revision', 'attachment'), true)) { return new WP_Error('rest_invalid_param', __('Invalid parent type.'), array('status' => 400)); } // Get the file via $_FILES or raw data. $files = $request->get_file_params(); $headers = $request->get_headers(); if (!empty($files)) { $file = $this->upload_from_file($files, $headers); } else { $file = $this->upload_from_data($request->get_body(), $headers); } if (is_wp_error($file)) { return $file; } $name = basename($file['file']); $name_parts = pathinfo($name); $name = trim(substr($name, 0, -(1 + strlen($name_parts['extension'])))); $url = $file['url']; $type = $file['type']; $file = $file['file']; // use image exif/iptc data for title and caption defaults if possible $image_meta = @wp_read_image_metadata($file); if (!empty($image_meta)) { if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) { $request['title'] = $image_meta['title']; } if (empty($request['caption']) && trim($image_meta['caption'])) { $request['caption'] = $image_meta['caption']; } } $attachment = $this->prepare_item_for_database($request); $attachment->file = $file; $attachment->post_mime_type = $type; $attachment->guid = $url; if (empty($attachment->post_title)) { $attachment->post_title = preg_replace('/\\.[^.]+$/', '', basename($file)); } $id = wp_insert_post(wp_slash((array) $attachment), true); if (is_wp_error($id)) { if ('db_update_error' === $id->get_error_code()) { $id->add_data(array('status' => 500)); } else { $id->add_data(array('status' => 400)); } return $id; } $attachment = get_post($id); /** * Fires after a single attachment is created or updated via the REST API. * * @since 4.7.0 * * @param WP_Post $attachment Inserted or updated attachment * object. * @param WP_REST_Request $request The request sent to the API. * @param bool $creating True when creating an attachment, false when updating. */ do_action('rest_insert_attachment', $attachment, $request, true); // Include admin functions to get access to wp_generate_attachment_metadata(). require_once ABSPATH . 'wp-admin/includes/admin.php'; wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file)); if (isset($request['alt_text'])) { update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text'])); } $fields_update = $this->update_additional_fields_for_object($attachment, $request); if (is_wp_error($fields_update)) { return $fields_update; } $request->set_param('context', 'edit'); $response = $this->prepare_item_for_response($attachment, $request); $response = rest_ensure_response($response); $response->set_status(201); $response->header('Location', rest_url(sprintf('%s/%s/%d', $this->namespace, $this->rest_base, $id))); return $response; }
/** * Create a single attachment * * @param WP_REST_Request $request Full details about the request * @return WP_Error|WP_REST_Response */ public function create_item($request) { // Get the file via $_FILES or raw data $files = $request->get_file_params(); $headers = $request->get_headers(); if (!empty($files)) { $file = $this->upload_from_file($files, $headers); } else { $file = $this->upload_from_data($request->get_body(), $headers); } if (is_wp_error($file)) { return $file; } $name = basename($file['file']); $name_parts = pathinfo($name); $name = trim(substr($name, 0, -(1 + strlen($name_parts['extension'])))); $url = $file['url']; $type = $file['type']; $file = $file['file']; // use image exif/iptc data for title and caption defaults if possible // @codingStandardsIgnoreStart $image_meta = @wp_read_image_metadata($file); // @codingStandardsIgnoreEnd if (!empty($image_meta)) { if (empty($request['title']) && trim($image_meta['title']) && !is_numeric(sanitize_title($image_meta['title']))) { $request['title'] = $image_meta['title']; } if (empty($request['caption']) && trim($image_meta['caption'])) { $request['caption'] = $image_meta['caption']; } } $attachment = $this->prepare_item_for_database($request); $attachment->file = $file; $attachment->post_mime_type = $type; $attachment->guid = $url; $id = wp_insert_post($attachment, true); if (is_wp_error($id)) { if (in_array($id->get_error_code(), array('db_update_error'))) { $id->add_data(array('status' => 500)); } else { $id->add_data(array('status' => 400)); } return $id; } $attachment = get_post($id); /** Include admin functions to get access to wp_generate_attachment_metadata() */ require_once ABSPATH . 'wp-admin/includes/admin.php'; wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $file)); if (isset($request['alt_text'])) { update_post_meta($id, '_wp_attachment_image_alt', sanitize_text_field($request['alt_text'])); } $this->update_additional_fields_for_object($attachment, $request); $request->set_param('context', 'edit'); $response = $this->prepare_item_for_response($attachment, $request); $response = rest_ensure_response($response); $response->set_status(201); $response->header('Location', rest_url('/wp/v2/' . $this->get_post_type_base($attachment->post_type) . '/' . $id)); /** * Fires after a single attachment is created or updated via the REST API. * * @param object $attachment Inserted attachment. * @param WP_REST_Request $request The request sent to the API. * @param boolean $creating True when creating an attachment, false when updating. */ do_action('rest_insert_attachment', $attachment, $request, true); return $response; }