~sajoupa/wordpress/wp-plugin-jetpack

if ( ( isset( $input['status'] ) && 'publish' === $input['status'] ) && 'publish' !== $post->post_status && !current_user_can( 'publish_post', $post->ID ) ) {

115

$input['status'] = 'pending';

116

}

117

$last_status = $post->post_status;

118

$new_status = isset( $input['status'] ) ? $input['status'] : $last_status;

119

120

// Make sure that drafts get the current date when transitioning to publish if not supplied in the post.

121

$date_in_past = ( strtotime($post->post_date_gmt) < time() );

122

if ( 'publish' === $new_status && 'draft' === $last_status && ! isset( $input['date_gmt'] ) && $date_in_past ) {

123

$input['date_gmt'] = gmdate( 'Y-m-d H:i:s' );

124

}

125

}

126

127

if ( function_exists( 'wpcom_switch_to_locale' ) ) {

128

// fixes calypso-pre-oss #12476: respect blog locale when creating the post slug

129

wpcom_switch_to_locale( get_blog_lang_code( $blog_id ) );

130

}

131

132

// If date was set, $this->input will set date_gmt, date still needs to be adjusted for the blog's offset

133

if ( isset( $input['date_gmt'] ) ) {

134

$gmt_offset = get_option( 'gmt_offset' );

135

$time_with_offset = strtotime( $input['date_gmt'] ) + $gmt_offset * HOUR_IN_SECONDS;

136

$input['date'] = date( 'Y-m-d H:i:s', $time_with_offset );

137

}

138

139

if ( ! empty( $author_id ) && get_current_user_id() != $author_id ) {

140

if ( ! current_user_can( $post_type->cap->edit_others_posts ) ) {

141

return new WP_Error( 'unauthorized', "User is not allowed to publish others' posts.", 403 );

142

} elseif ( ! user_can( $author_id, $post_type->cap->edit_posts ) ) {

143

return new WP_Error( 'unauthorized', 'Assigned author cannot publish post.', 403 );

144

}

145

}

146

147

if ( !is_post_type_hierarchical( $post_type->name ) && 'revision' !== $post_type->name ) {

148

unset( $input['parent'] );

149

}

150

151

$tax_input = array();

152

153

foreach ( array( 'categories' => 'category', 'tags' => 'post_tag' ) as $key => $taxonomy ) {

154

if ( ! isset( $input[ $key ] ) ) {

155

continue;

156

}

157

158

$tax_input[ $taxonomy ] = array();

159

160

$is_hierarchical = is_taxonomy_hierarchical( $taxonomy );

161

162

if ( is_array( $input[$key] ) ) {

163

$terms = $input[$key];

164

} else {

165

$terms = explode( ',', $input[$key] );

166

}

167

168

foreach ( $terms as $term ) {

169

/**

170

* `curl --data 'category[]=123'` should be interpreted as a category ID,

171

* not a category whose name is '123'.

172

173

* Consequence: To add a category/tag whose name is '123', the client must

174

* first look up its ID.

175

176

$term = (string) $term; // ctype_digit compat

177

if ( ctype_digit( $term ) ) {

178

$term = (int) $term;

179

}

180

181

$term_info = term_exists( $term, $taxonomy );

182

183

if ( ! $term_info ) {

184

// A term ID that doesn't already exist. Ignore it: we don't know what name to give it.

185

if ( is_int( $term ) ){

186

continue;

187

}

188

// only add a new tag/cat if the user has access to

189

$tax = get_taxonomy( $taxonomy );

190

191

// see https://core.trac.wordpress.org/ticket/26409

192

if ( 'category' === $taxonomy && ! current_user_can( $tax->cap->edit_terms ) ) {

193

continue;

194

} else if ( ! current_user_can( $tax->cap->assign_terms ) ) {

195

continue;

196

}

197

198

$term_info = wp_insert_term( $term, $taxonomy );

199

}

200

201

if ( ! is_wp_error( $term_info ) ) {

202

if ( $is_hierarchical ) {

203

// Categories must be added by ID

204

$tax_input[$taxonomy][] = (int) $term_info['term_id'];

205

} else {

206

// Tags must be added by name

207

if ( is_int( $term ) ) {

208

$term = get_term( $term, $taxonomy );

209

$tax_input[$taxonomy][] = $term->name;

210

} else {

211

$tax_input[$taxonomy][] = $term;

212

}

213

}

214

}

215

}

216

}

217

218

if ( isset( $input['categories'] ) && empty( $tax_input['category'] ) && 'revision' !== $post_type->name ) {

219

$tax_input['category'][] = get_option( 'default_category' );

220

}

221

222

unset( $input['tags'], $input['categories'] );

223

224

$insert = array();

225

226

if ( !empty( $input['slug'] ) ) {

227

$insert['post_name'] = $input['slug'];

228

unset( $input['slug'] );

229

}

230

231

if ( isset( $input['comments_open'] ) ) {

232

$insert['comment_status'] = ( true === $input['comments_open'] ) ? 'open' : 'closed';

233

}

234

235

if ( isset( $input['pings_open'] ) ) {

236

$insert['ping_status'] = ( true === $input['pings_open'] ) ? 'open' : 'closed';

237

}

238

239

unset( $input['comments_open'], $input['pings_open'] );

240

241

if ( isset( $input['menu_order'] ) ) {

242

$insert['menu_order'] = $input['menu_order'];

243

unset( $input['menu_order'] );

244

}

245

246

$publicize = isset( $input['publicize'] ) ? $input['publicize'] : null;

247

unset( $input['publicize'] );

248

249

$publicize_custom_message = isset( $input['publicize_message'] ) ? $input['publicize_message'] : null;

250

unset( $input['publicize_message'] );

251

252

if ( isset( $input['featured_image'] ) ) {

253

$featured_image = trim( $input['featured_image'] );

254

$delete_featured_image = empty( $featured_image );

255

unset( $input['featured_image'] );

256

}

257

258

$metadata = isset( $input['metadata'] ) ? $input['metadata'] : null;

259

unset( $input['metadata'] );

260

261

$likes = isset( $input['likes_enabled'] ) ? $input['likes_enabled'] : null;

262

unset( $input['likes_enabled'] );

263

264

$sharing = isset( $input['sharing_enabled'] ) ? $input['sharing_enabled'] : null;

265

unset( $input['sharing_enabled'] );

266

267

$sticky = isset( $input['sticky'] ) ? $input['sticky'] : null;

268

unset( $input['sticky'] );

269

270

foreach ( $input as $key => $value ) {

271

$insert["post_$key"] = $value;

272

}

273

274

if ( ! empty( $author_id ) ) {

275

$insert['post_author'] = absint( $author_id );

276

}

277

278

if ( ! empty( $tax_input ) ) {

279

$insert['tax_input'] = $tax_input;

280

}

281

282

$has_media = isset( $input['media'] ) && $input['media'] ? count( $input['media'] ) : false;

283

$has_media_by_url = isset( $input['media_urls'] ) && $input['media_urls'] ? count( $input['media_urls'] ) : false;

284

285

if ( $new ) {

286

287

if ( isset( $input['content'] ) && ! has_shortcode( $input['content'], 'gallery' ) && ( $has_media || $has_media_by_url ) ) {

288

switch ( ( $has_media + $has_media_by_url ) ) {

289

case 0 :

290

// No images - do nothing.

291

break;

292

case 1 :

293

// 1 image - make it big

294

$insert['post_content'] = $input['content'] = "[gallery size=full columns=1]\n\n" . $input['content'];

295

break;

296

default :

297

// Several images - 3 column gallery

298

$insert['post_content'] = $input['content'] = "[gallery]\n\n" . $input['content'];

299

break;

300

}

301

}

302

303

$post_id = wp_insert_post( add_magic_quotes( $insert ), true );

304

} else {

305

$insert['ID'] = $post->ID;

306

307

// wp_update_post ignores date unless edit_date is set

308

// See: http://codex.wordpress.org/Function_Reference/wp_update_post#Scheduling_posts

309

// See: https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/post.php#L3302

310

if ( isset( $input['date_gmt'] ) || isset( $input['date'] ) ) {

311

$insert['edit_date'] = true;

312

}

313

314

// this two-step process ensures any changes submitted along with status=trash get saved before trashing

315

if ( isset( $input['status'] ) && 'trash' === $input['status'] ) {

316

// if we insert it with status='trash', it will get double-trashed, so insert it as a draft first

317

unset( $insert['status'] );

318

$post_id = wp_update_post( (object) $insert );

319

// now call wp_trash_post so post_meta gets set and any filters get called

320

wp_trash_post( $post_id );

321

} else {

322

$post_id = wp_update_post( (object) $insert );

323

}

324

325

}

326

327

if ( !$post_id || is_wp_error( $post_id ) ) {

328

return $post_id;

329

}

330

331

// make sure this post actually exists and is not an error of some kind (ie, trying to load media in the posts endpoint)

332

$post_check = $this->get_post_by( 'ID', $post_id, $args['context'] );

333

if ( is_wp_error( $post_check ) ) {

334

return $post_check;

335

}

336

337

if ( $has_media ) {

338

$this->api->trap_wp_die( 'upload_error' );

339

foreach ( $input['media'] as $media_item ) {

340

$_FILES['.api.media.item.'] = $media_item;

341

// check for WP_Error if we ever actually need $media_id

342

$media_id = media_handle_upload( '.api.media.item.', $post_id );

343

}

344

$this->api->trap_wp_die( null );

345

346

unset( $_FILES['.api.media.item.'] );

347

}

348

349

if ( $has_media_by_url ) {

350

foreach ( $input['media_urls'] as $url ) {

351

$this->handle_media_sideload( $url, $post_id );

352

}

353

}

354

355

// Set like status for the post

356

/** This filter is documented in modules/likes.php */

357

$sitewide_likes_enabled = (bool) apply_filters( 'wpl_is_enabled_sitewide', ! get_option( 'disabled_likes' ) );

358

if ( $new ) {

359

if ( $sitewide_likes_enabled ) {

360

if ( false === $likes ) {

361

update_post_meta( $post_id, 'switch_like_status', 1 );

362

} else {

363

delete_post_meta( $post_id, 'switch_like_status' );

364

}

365

} else {

366

if ( $likes ) {

367

update_post_meta( $post_id, 'switch_like_status', 1 );

368

} else {

369

delete_post_meta( $post_id, 'switch_like_status' );

370

}

371

}

372

} else {

373

if ( isset( $likes ) ) {

374

if ( $sitewide_likes_enabled ) {

375

if ( false === $likes ) {

376

update_post_meta( $post_id, 'switch_like_status', 1 );

377

} else {

378

delete_post_meta( $post_id, 'switch_like_status' );

379

}

380

} else {

381

if ( true === $likes ) {

382

update_post_meta( $post_id, 'switch_like_status', 1 );

383

} else {

384

delete_post_meta( $post_id, 'switch_like_status' );

385

}

386

}

387

}

388

}

389

390

// Set sharing status of the post

391

if ( $new ) {

392

$sharing_enabled = isset( $sharing ) ? (bool) $sharing : true;

393

if ( false === $sharing_enabled ) {

394

update_post_meta( $post_id, 'sharing_disabled', 1 );

395

}

396

}

397

else {

398

if ( isset( $sharing ) && true === $sharing ) {

399

delete_post_meta( $post_id, 'sharing_disabled' );

400

} else if ( isset( $sharing ) && false == $sharing ) {

401

update_post_meta( $post_id, 'sharing_disabled', 1 );

402

}

403

}

404

405

if ( isset( $sticky ) ) {

406

if ( true === $sticky ) {

407

stick_post( $post_id );

408

} else {

409

unstick_post( $post_id );

410

}

411

}

412

413

// WPCOM Specific (Jetpack's will get bumped elsewhere

414

// Tracks how many posts are published and sets meta

415

// so we can track some other cool stats (like likes & comments on posts published)

416

if ( defined( 'IS_WPCOM' ) && IS_WPCOM ) {

417

if (

418

( $new && 'publish' == $input['status'] )

419

|| (

420

! $new && isset( $last_status )

421

&& 'publish' != $last_status

422

&& isset( $new_status )

423

&& 'publish' == $new_status

424

)

425

) {

426

/** This action is documented in modules/widgets/social-media-icons.php */

427

do_action( 'jetpack_bump_stats_extras', 'api-insights-posts', $this->api->token_details['client_id'] );

428

update_post_meta( $post_id, '_rest_api_published', 1 );

429

update_post_meta( $post_id, '_rest_api_client_id', $this->api->token_details['client_id'] );

430

}

431

}

432

433

434

// We ask the user/dev to pass Publicize services he/she wants activated for the post, but Publicize expects us

435

// to instead flag the ones we don't want to be skipped. proceed with said logic.

436

// any posts coming from Path (client ID 25952) should also not publicize

437

if ( $publicize === false || ( isset( $this->api->token_details['client_id'] ) && 25952 == $this->api->token_details['client_id'] ) ) {

438

// No publicize at all, skip all by ID

439

foreach ( $GLOBALS['publicize_ui']->publicize->get_services( 'all' ) as $name => $service ) {

440

delete_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name );

441

$service_connections = $GLOBALS['publicize_ui']->publicize->get_connections( $name );

442

if ( ! $service_connections ) {

443

continue;

444

}

445

foreach ( $service_connections as $service_connection ) {

446

update_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1 );

447

}

448

}

449

} else if ( is_array( $publicize ) && ( count ( $publicize ) > 0 ) ) {

450

foreach ( $GLOBALS['publicize_ui']->publicize->get_services( 'all' ) as $name => $service ) {

451

452

* We support both indexed and associative arrays:

453

* * indexed are to pass entire services

454

* * associative are to pass specific connections per service

455

456

* We do support mixed arrays: mixed integer and string keys (see 3rd example below).

457

458

* EG: array( 'twitter', 'facebook') will only publicize to those, ignoring the other available services

459

* Form data: publicize[]=twitter&publicize[]=facebook

460

* EG: array( 'twitter' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3', 'facebook' => (int) $pub_conn_id_7 ) will publicize to two Twitter accounts, and one Facebook connection, of potentially many.

461

* Form data: publicize[twitter]=$pub_conn_id_0,$pub_conn_id_3&publicize[facebook]=$pub_conn_id_7

462

* EG: array( 'twitter', 'facebook' => '(int) $pub_conn_id_0, (int) $pub_conn_id_3' ) will publicize to all available Twitter accounts, but only 2 of potentially many Facebook connections

463

* Form data: publicize[]=twitter&publicize[facebook]=$pub_conn_id_0,$pub_conn_id_3

464

465

466

// Delete any stale SKIP value for the service by name. We'll add it back by ID.

467

delete_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $name );

468

469

// Get the user's connections

470

$service_connections = $GLOBALS['publicize_ui']->publicize->get_connections( $name );

471

472

// if the user doesn't have any connections for this service, move on

473

if ( ! $service_connections ) {

474

continue;

475

}

476

477

if ( !in_array( $name, $publicize ) && !array_key_exists( $name, $publicize ) ) {

478

// Skip the whole service by adding each connection ID

479

foreach ( $service_connections as $service_connection ) {

480

update_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1 );

481

}

482

} else if ( !empty( $publicize[ $name ] ) ) {

483

// Seems we're being asked to only push to [a] specific connection[s].

484

// Explode the list on commas, which will also support a single passed ID

485

$requested_connections = explode( ',', ( preg_replace( '/[\s]*/', '', $publicize[ $name ] ) ) );

486

// Flag the connections we can't match with the requested list to be skipped.

487

foreach ( $service_connections as $service_connection ) {

488

if ( !in_array( $service_connection->meta['connection_data']->id, $requested_connections ) ) {

489

update_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id, 1 );

490

} else {

491

delete_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id );

492

}

493

}

494

} else {

495

// delete all SKIP values; it's okay to publish to all connected IDs for this service

496

foreach ( $service_connections as $service_connection ) {

497

delete_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_SKIP . $service_connection->unique_id );

498

}

499

}

500

}

501

}

502

503

if ( ! is_null( $publicize_custom_message ) ) {

504

if ( empty( $publicize_custom_message ) ) {

505

delete_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_MESS );

506

} else {

507

update_post_meta( $post_id, $GLOBALS['publicize_ui']->publicize->POST_MESS, trim( $publicize_custom_message ) );

508

}

509

}

510

511

if ( ! empty( $insert['post_format'] ) ) {

512

if ( 'default' !== strtolower( $insert['post_format'] ) ) {

513

set_post_format( $post_id, $insert['post_format'] );

514

}

515

else {

516

set_post_format( $post_id, get_option( 'default_post_format' ) );

517

}

518

}

519

520

if ( isset( $featured_image ) ) {

521

$this->parse_and_set_featured_image( $post_id, $delete_featured_image, $featured_image );

522

}

523

524

if ( ! empty( $metadata ) ) {

525

foreach ( (array) $metadata as $meta ) {

526

527

$meta = (object) $meta;

528

529

// Custom meta description can only be set on sites that have a business subscription.

530

if ( Jetpack_SEO_Posts::DESCRIPTION_META_KEY == $meta->key && ! Jetpack_SEO_Utils::is_enabled_jetpack_seo() ) {

531

return new WP_Error( 'unauthorized', __( 'SEO tools are not enabled for this site.', 'jetpack' ), 403 );

532

}

533

534

$existing_meta_item = new stdClass;

535

536

if ( empty( $meta->operation ) )

537

$meta->operation = 'update';

538

539

if ( ! empty( $meta->value ) ) {

540

if ( 'true' == $meta->value )

541

$meta->value = true;

542

if ( 'false' == $meta->value )

543

$meta->value = false;

544

}

545

546

if ( ! empty( $meta->id ) ) {

547

$meta->id = absint( $meta->id );

548

$existing_meta_item = get_metadata_by_mid( 'post', $meta->id );

549

if ( $post_id !== (int) $existing_meta_item->post_id ) {

550

// Only allow updates for metadata on this post

551

continue;

552

}

553

}

554

555

$unslashed_meta_key = wp_unslash( $meta->key ); // should match what the final key will be

556

$meta->key = wp_slash( $meta->key );

557

$unslashed_existing_meta_key = wp_unslash( $existing_meta_item->meta_key );

558

$existing_meta_item->meta_key = wp_slash( $existing_meta_item->meta_key );

559

560

// make sure that the meta id passed matches the existing meta key

561

if ( ! empty( $meta->id ) && ! empty( $meta->key ) ) {

562

$meta_by_id = get_metadata_by_mid( 'post', $meta->id );

563

if ( $meta_by_id->meta_key !== $meta->key ) {

564

continue; // skip this meta

565

}

566

}

567

568

switch ( $meta->operation ) {

569

case 'delete':

570

571

if ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_existing_meta_key ) ) {

572

delete_metadata_by_mid( 'post', $meta->id );

573

} elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) {

574

delete_post_meta( $post_id, $meta->key, $meta->previous_value );

575

} elseif ( ! empty( $meta->key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) {

576

delete_post_meta( $post_id, $meta->key );

577

}

578

579

break;

580

case 'add':

581

582

if ( ! empty( $meta->id ) || ! empty( $meta->previous_value ) ) {

583

continue;

584

} elseif ( ! empty( $meta->key ) && ! empty( $meta->value ) && ( current_user_can( 'add_post_meta', $post_id, $unslashed_meta_key ) ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) {

585

add_post_meta( $post_id, $meta->key, $meta->value );

586

}

587

588

break;

589

case 'update':

590

591

if ( ! isset( $meta->value ) ) {

592

continue;

593

} elseif ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_existing_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) {

594

update_metadata_by_mid( 'post', $meta->id, $meta->value );

595

} elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) {

596

update_post_meta( $post_id, $meta->key,$meta->value, $meta->previous_value );

597

} elseif ( ! empty( $meta->key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) {

598

update_post_meta( $post_id, $meta->key, $meta->value );

599

}

600

601

break;

602

}

603

604

}

605

}

606

607

/**

608

* Fires when a post is created via the REST API.

609

610

* @module json-api

611

612

* @since 2.3.0

613

614

* @param int $post_id Post ID.

615

* @param array $insert Data used to build the post.

616

* @param string $new New post URL suffix.

617

618

do_action( 'rest_api_inserted_post', $post_id, $insert, $new );

619

620

$return = $this->get_post_by( 'ID', $post_id, $args['context'] );

621

if ( !$return || is_wp_error( $return ) ) {

622

return $return;

623

}

624

625

if ( isset( $input['type'] ) && 'revision' === $input['type'] ) {

626

$return['preview_nonce'] = wp_create_nonce( 'post_preview_' . $input['parent'] );

627

}

628

629

if ( isset( $sticky ) ) {

630

// workaround for sticky test occasionally failing, maybe a race condition with stick_post() above

631

$return['sticky'] = ( true === $sticky );

632

}

633

634

/** This action is documented in json-endpoints/class.wpcom-json-api-site-settings-endpoint.php */

635

do_action( 'wpcom_json_api_objects', 'posts' );

636

637

return $return;

638

}

639

640

// /sites/%s/posts/%d/delete -> $blog_id, $post_id

641

function delete_post( $path, $blog_id, $post_id ) {

642

$post = get_post( $post_id );

643

if ( !$post || is_wp_error( $post ) ) {

644

return new WP_Error( 'unknown_post', 'Unknown post', 404 );

645

}

646

647

if ( ! $this->is_post_type_allowed( $post->post_type ) ) {

648

return new WP_Error( 'unknown_post_type', 'Unknown post type', 404 );

649

}

650

651

if ( !current_user_can( 'delete_post', $post->ID ) ) {

652

return new WP_Error( 'unauthorized', 'User cannot delete posts', 403 );

653

}

654

655

$args = $this->query_args();

656

$return = $this->get_post_by( 'ID', $post->ID, $args['context'] );

657

if ( !$return || is_wp_error( $return ) ) {

658

return $return;

659

}

660

661

/** This action is documented in json-endpoints/class.wpcom-json-api-site-settings-endpoint.php */

662

do_action( 'wpcom_json_api_objects', 'posts' );

663

664

// we need to call wp_trash_post so that untrash will work correctly for all post types

665

if ( 'trash' === $post->post_status )

666

wp_delete_post( $post->ID );

667

else

668

wp_trash_post( $post->ID );

669

670

$status = get_post_status( $post->ID );

671

if ( false === $status ) {

672

$return['status'] = 'deleted';

673

return $return;

674

}

675

676

return $this->get_post_by( 'ID', $post->ID, $args['context'] );

677

}

678

679

// /sites/%s/posts/%d/restore -> $blog_id, $post_id

680

function restore_post( $path, $blog_id, $post_id ) {

681

$args = $this->query_args();

682

$post = get_post( $post_id );

683

684

if ( !$post || is_wp_error( $post ) ) {

685

return new WP_Error( 'unknown_post', 'Unknown post', 404 );

686

}

687

688

if ( !current_user_can( 'delete_post', $post->ID ) ) {

689

return new WP_Error( 'unauthorized', 'User cannot restore trashed posts', 403 );

690

}

691

692

/** This action is documented in json-endpoints/class.wpcom-json-api-site-settings-endpoint.php */

693

do_action( 'wpcom_json_api_objects', 'posts' );

694

695

wp_untrash_post( $post->ID );

696

697

return $this->get_post_by( 'ID', $post->ID, $args['context'] );

698

}

699

700

private function parse_and_set_featured_image( $post_id, $delete_featured_image, $featured_image ) {

701

if ( $delete_featured_image ) {

702

delete_post_thumbnail( $post_id );

703

return;

704

}

705

706

$featured_image = (string) $featured_image;

707

708

// if we got a post ID, we can just set it as the thumbnail

709

if ( ctype_digit( $featured_image ) && 'attachment' == get_post_type( $featured_image ) ) {

710

set_post_thumbnail( $post_id, $featured_image );

711

return $featured_image;

712

}

713

714

$featured_image_id = $this->handle_media_sideload( $featured_image, $post_id, 'image' );

715

716

if ( empty( $featured_image_id ) || ! is_int( $featured_image_id ) )

717

return false;

718

719

set_post_thumbnail( $post_id, $featured_image_id );

720

return $featured_image_id;

721

}

722

723

private function parse_and_set_author( $author = null, $post_type = 'post' ) {

724

if ( empty( $author ) || ! post_type_supports( $post_type, 'author' ) )

725

return get_current_user_id();

726

727

$author = (string) $author;

728

if ( ctype_digit( $author ) ) {

729

$_user = get_user_by( 'id', $author );

730

if ( ! $_user || is_wp_error( $_user ) )

731

return new WP_Error( 'invalid_author', 'Invalid author provided' );

732

733

return $_user->ID;

734

}

735

736

$_user = get_user_by( 'login', $author );

737

if ( ! $_user || is_wp_error( $_user ) )

738

return new WP_Error( 'invalid_author', 'Invalid author provided' );

739

740

return $_user->ID;

741

}

742

}