Automattic /
jetpack
| @@ 524-605 (lines=82) @@ | ||
| 521 | $this->parse_and_set_featured_image( $post_id, $delete_featured_image, $featured_image ); |
|
| 522 | } |
|
| 523 | ||
| 524 | if ( ! empty( $metadata ) ) { |
|
| 525 | foreach ( (array) $metadata as $meta ) { |
|
| 526 | ||
| 527 | $meta = (object) $meta; |
|
| 528 | ||
| 529 | // Custom meta description can only be set on sites that have a business subscription. |
|
| 530 | if ( Jetpack_SEO_Posts::DESCRIPTION_META_KEY == $meta->key && ! Jetpack_SEO_Utils::is_enabled_jetpack_seo() ) { |
|
| 531 | return new WP_Error( 'unauthorized', __( 'SEO tools are not enabled for this site.', 'jetpack' ), 403 ); |
|
| 532 | } |
|
| 533 | ||
| 534 | $existing_meta_item = new stdClass; |
|
| 535 | ||
| 536 | if ( empty( $meta->operation ) ) |
|
| 537 | $meta->operation = 'update'; |
|
| 538 | ||
| 539 | if ( ! empty( $meta->value ) ) { |
|
| 540 | if ( 'true' == $meta->value ) |
|
| 541 | $meta->value = true; |
|
| 542 | if ( 'false' == $meta->value ) |
|
| 543 | $meta->value = false; |
|
| 544 | } |
|
| 545 | ||
| 546 | if ( ! empty( $meta->id ) ) { |
|
| 547 | $meta->id = absint( $meta->id ); |
|
| 548 | $existing_meta_item = get_metadata_by_mid( 'post', $meta->id ); |
|
| 549 | if ( $post_id !== (int) $existing_meta_item->post_id ) { |
|
| 550 | // Only allow updates for metadata on this post |
|
| 551 | continue; |
|
| 552 | } |
|
| 553 | } |
|
| 554 | ||
| 555 | $unslashed_meta_key = wp_unslash( $meta->key ); // should match what the final key will be |
|
| 556 | $meta->key = wp_slash( $meta->key ); |
|
| 557 | $unslashed_existing_meta_key = wp_unslash( $existing_meta_item->meta_key ); |
|
| 558 | $existing_meta_item->meta_key = wp_slash( $existing_meta_item->meta_key ); |
|
| 559 | ||
| 560 | // make sure that the meta id passed matches the existing meta key |
|
| 561 | if ( ! empty( $meta->id ) && ! empty( $meta->key ) ) { |
|
| 562 | $meta_by_id = get_metadata_by_mid( 'post', $meta->id ); |
|
| 563 | if ( $meta_by_id->meta_key !== $meta->key ) { |
|
| 564 | continue; // skip this meta |
|
| 565 | } |
|
| 566 | } |
|
| 567 | ||
| 568 | switch ( $meta->operation ) { |
|
| 569 | case 'delete': |
|
| 570 | ||
| 571 | if ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_existing_meta_key ) ) { |
|
| 572 | delete_metadata_by_mid( 'post', $meta->id ); |
|
| 573 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 574 | delete_post_meta( $post_id, $meta->key, $meta->previous_value ); |
|
| 575 | } elseif ( ! empty( $meta->key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 576 | delete_post_meta( $post_id, $meta->key ); |
|
| 577 | } |
|
| 578 | ||
| 579 | break; |
|
| 580 | case 'add': |
|
| 581 | ||
| 582 | if ( ! empty( $meta->id ) || ! empty( $meta->previous_value ) ) { |
|
| 583 | continue; |
|
| 584 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->value ) && ( current_user_can( 'add_post_meta', $post_id, $unslashed_meta_key ) ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) { |
|
| 585 | add_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 586 | } |
|
| 587 | ||
| 588 | break; |
|
| 589 | case 'update': |
|
| 590 | ||
| 591 | if ( ! isset( $meta->value ) ) { |
|
| 592 | continue; |
|
| 593 | } elseif ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_existing_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 594 | update_metadata_by_mid( 'post', $meta->id, $meta->value ); |
|
| 595 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 596 | update_post_meta( $post_id, $meta->key,$meta->value, $meta->previous_value ); |
|
| 597 | } elseif ( ! empty( $meta->key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 598 | update_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 599 | } |
|
| 600 | ||
| 601 | break; |
|
| 602 | } |
|
| 603 | ||
| 604 | } |
|
| 605 | } |
|
| 606 | ||
| 607 | /** |
|
| 608 | * Fires when a post is created via the REST API. |
|
| @@ 592-673 (lines=82) @@ | ||
| 589 | $this->parse_and_set_featured_image( $post_id, $delete_featured_image, $featured_image ); |
|
| 590 | } |
|
| 591 | ||
| 592 | if ( ! empty( $metadata ) ) { |
|
| 593 | foreach ( (array) $metadata as $meta ) { |
|
| 594 | ||
| 595 | $meta = (object) $meta; |
|
| 596 | ||
| 597 | // Custom meta description can only be set on sites that have a business subscription. |
|
| 598 | if ( Jetpack_SEO_Posts::DESCRIPTION_META_KEY == $meta->key && ! Jetpack_SEO_Utils::is_enabled_jetpack_seo() ) { |
|
| 599 | return new WP_Error( 'unauthorized', __( 'SEO tools are not enabled for this site.', 'jetpack' ), 403 ); |
|
| 600 | } |
|
| 601 | ||
| 602 | $existing_meta_item = new stdClass; |
|
| 603 | ||
| 604 | if ( empty( $meta->operation ) ) |
|
| 605 | $meta->operation = 'update'; |
|
| 606 | ||
| 607 | if ( ! empty( $meta->value ) ) { |
|
| 608 | if ( 'true' == $meta->value ) |
|
| 609 | $meta->value = true; |
|
| 610 | if ( 'false' == $meta->value ) |
|
| 611 | $meta->value = false; |
|
| 612 | } |
|
| 613 | ||
| 614 | if ( ! empty( $meta->id ) ) { |
|
| 615 | $meta->id = absint( $meta->id ); |
|
| 616 | $existing_meta_item = get_metadata_by_mid( 'post', $meta->id ); |
|
| 617 | if ( $post_id !== (int) $existing_meta_item->post_id ) { |
|
| 618 | // Only allow updates for metadata on this post |
|
| 619 | continue; |
|
| 620 | } |
|
| 621 | } |
|
| 622 | ||
| 623 | $unslashed_meta_key = wp_unslash( $meta->key ); // should match what the final key will be |
|
| 624 | $meta->key = wp_slash( $meta->key ); |
|
| 625 | $unslashed_existing_meta_key = wp_unslash( $existing_meta_item->meta_key ); |
|
| 626 | $existing_meta_item->meta_key = wp_slash( $existing_meta_item->meta_key ); |
|
| 627 | ||
| 628 | // make sure that the meta id passed matches the existing meta key |
|
| 629 | if ( ! empty( $meta->id ) && ! empty( $meta->key ) ) { |
|
| 630 | $meta_by_id = get_metadata_by_mid( 'post', $meta->id ); |
|
| 631 | if ( $meta_by_id->meta_key !== $meta->key ) { |
|
| 632 | continue; // skip this meta |
|
| 633 | } |
|
| 634 | } |
|
| 635 | ||
| 636 | switch ( $meta->operation ) { |
|
| 637 | case 'delete': |
|
| 638 | ||
| 639 | if ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_existing_meta_key ) ) { |
|
| 640 | delete_metadata_by_mid( 'post', $meta->id ); |
|
| 641 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 642 | delete_post_meta( $post_id, $meta->key, $meta->previous_value ); |
|
| 643 | } elseif ( ! empty( $meta->key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 644 | delete_post_meta( $post_id, $meta->key ); |
|
| 645 | } |
|
| 646 | ||
| 647 | break; |
|
| 648 | case 'add': |
|
| 649 | ||
| 650 | if ( ! empty( $meta->id ) || ! empty( $meta->previous_value ) ) { |
|
| 651 | continue; |
|
| 652 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->value ) && ( current_user_can( 'add_post_meta', $post_id, $unslashed_meta_key ) ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) { |
|
| 653 | add_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 654 | } |
|
| 655 | ||
| 656 | break; |
|
| 657 | case 'update': |
|
| 658 | ||
| 659 | if ( ! isset( $meta->value ) ) { |
|
| 660 | continue; |
|
| 661 | } elseif ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_existing_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 662 | update_metadata_by_mid( 'post', $meta->id, $meta->value ); |
|
| 663 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 664 | update_post_meta( $post_id, $meta->key,$meta->value, $meta->previous_value ); |
|
| 665 | } elseif ( ! empty( $meta->key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 666 | update_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 667 | } |
|
| 668 | ||
| 669 | break; |
|
| 670 | } |
|
| 671 | ||
| 672 | } |
|
| 673 | } |
|
| 674 | ||
| 675 | /** This action is documented in json-endpoints/class.wpcom-json-api-update-post-endpoint.php */ |
|
| 676 | do_action( 'rest_api_inserted_post', $post_id, $insert, $new ); |
|
| @@ 593-674 (lines=82) @@ | ||
| 590 | parent::parse_and_set_featured_image( $post_id, $delete_featured_image, $featured_image ); |
|
| 591 | } |
|
| 592 | ||
| 593 | if ( ! empty( $metadata ) ) { |
|
| 594 | foreach ( (array) $metadata as $meta ) { |
|
| 595 | ||
| 596 | $meta = (object) $meta; |
|
| 597 | ||
| 598 | // Custom meta description can only be set on sites that have a business subscription. |
|
| 599 | if ( Jetpack_SEO_Posts::DESCRIPTION_META_KEY == $meta->key && ! Jetpack_SEO_Utils::is_enabled_jetpack_seo() ) { |
|
| 600 | return new WP_Error( 'unauthorized', __( 'SEO tools are not enabled for this site.', 'jetpack' ), 403 ); |
|
| 601 | } |
|
| 602 | ||
| 603 | $existing_meta_item = new stdClass; |
|
| 604 | ||
| 605 | if ( empty( $meta->operation ) ) |
|
| 606 | $meta->operation = 'update'; |
|
| 607 | ||
| 608 | if ( ! empty( $meta->value ) ) { |
|
| 609 | if ( 'true' == $meta->value ) |
|
| 610 | $meta->value = true; |
|
| 611 | if ( 'false' == $meta->value ) |
|
| 612 | $meta->value = false; |
|
| 613 | } |
|
| 614 | ||
| 615 | if ( ! empty( $meta->id ) ) { |
|
| 616 | $meta->id = absint( $meta->id ); |
|
| 617 | $existing_meta_item = get_metadata_by_mid( 'post', $meta->id ); |
|
| 618 | if ( $post_id !== (int) $existing_meta_item->post_id ) { |
|
| 619 | // Only allow updates for metadata on this post |
|
| 620 | continue; |
|
| 621 | } |
|
| 622 | } |
|
| 623 | ||
| 624 | $unslashed_meta_key = wp_unslash( $meta->key ); // should match what the final key will be |
|
| 625 | $meta->key = wp_slash( $meta->key ); |
|
| 626 | $unslashed_existing_meta_key = wp_unslash( $existing_meta_item->meta_key ); |
|
| 627 | $existing_meta_item->meta_key = wp_slash( $existing_meta_item->meta_key ); |
|
| 628 | ||
| 629 | // make sure that the meta id passed matches the existing meta key |
|
| 630 | if ( ! empty( $meta->id ) && ! empty( $meta->key ) ) { |
|
| 631 | $meta_by_id = get_metadata_by_mid( 'post', $meta->id ); |
|
| 632 | if ( $meta_by_id->meta_key !== $meta->key ) { |
|
| 633 | continue; // skip this meta |
|
| 634 | } |
|
| 635 | } |
|
| 636 | ||
| 637 | switch ( $meta->operation ) { |
|
| 638 | case 'delete': |
|
| 639 | ||
| 640 | if ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_existing_meta_key ) ) { |
|
| 641 | delete_metadata_by_mid( 'post', $meta->id ); |
|
| 642 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 643 | delete_post_meta( $post_id, $meta->key, $meta->previous_value ); |
|
| 644 | } elseif ( ! empty( $meta->key ) && current_user_can( 'delete_post_meta', $post_id, $unslashed_meta_key ) ) { |
|
| 645 | delete_post_meta( $post_id, $meta->key ); |
|
| 646 | } |
|
| 647 | ||
| 648 | break; |
|
| 649 | case 'add': |
|
| 650 | ||
| 651 | if ( ! empty( $meta->id ) || ! empty( $meta->previous_value ) ) { |
|
| 652 | continue; |
|
| 653 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->value ) && ( current_user_can( 'add_post_meta', $post_id, $unslashed_meta_key ) ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) { |
|
| 654 | add_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 655 | } |
|
| 656 | ||
| 657 | break; |
|
| 658 | case 'update': |
|
| 659 | ||
| 660 | if ( ! isset( $meta->value ) ) { |
|
| 661 | continue; |
|
| 662 | } elseif ( ! empty( $meta->id ) && ! empty( $existing_meta_item->meta_key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_existing_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 663 | update_metadata_by_mid( 'post', $meta->id, $meta->value ); |
|
| 664 | } elseif ( ! empty( $meta->key ) && ! empty( $meta->previous_value ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 665 | update_post_meta( $post_id, $meta->key,$meta->value, $meta->previous_value ); |
|
| 666 | } elseif ( ! empty( $meta->key ) && ( current_user_can( 'edit_post_meta', $post_id, $unslashed_meta_key ) || WPCOM_JSON_API_Metadata::is_public( $meta->key ) ) ) { |
|
| 667 | update_post_meta( $post_id, $meta->key, $meta->value ); |
|
| 668 | } |
|
| 669 | ||
| 670 | break; |
|
| 671 | } |
|
| 672 | ||
| 673 | } |
|
| 674 | } |
|
| 675 | ||
| 676 | /** This action is documented in json-endpoints/class.wpcom-json-api-update-post-endpoint.php */ |
|
| 677 | do_action( 'rest_api_inserted_post', $post_id, $insert, $new ); |
|
