a0827cac41c7fa242b893a5d6ac9a3415816ca53
[autoinstalls/wordpress.git] / wp-includes / class-wp-xmlrpc-server.php
1 <?php
2 /**
3  * XML-RPC protocol support for WordPress
4  *
5  * @package WordPress
6  */
7
8 /**
9  * WordPress XMLRPC server implementation.
10  *
11  * Implements compatibility for Blogger API, MetaWeblog API, MovableType, and
12  * pingback. Additional WordPress API for managing comments, pages, posts,
13  * options, etc.
14  *
15  * Since WordPress 2.6.0, WordPress XMLRPC server can be disabled in the
16  * administration panels.
17  *
18  * @package WordPress
19  * @subpackage Publishing
20  * @since 1.5.0
21  */
22 class wp_xmlrpc_server extends IXR_Server {
23
24         /**
25          * Register all of the XMLRPC methods that XMLRPC server understands.
26          *
27          * Sets up server and method property. Passes XMLRPC
28          * methods through the 'xmlrpc_methods' filter to allow plugins to extend
29          * or replace XMLRPC methods.
30          *
31          * @since 1.5.0
32          *
33          * @return wp_xmlrpc_server
34          */
35         function __construct() {
36                 $this->methods = array(
37                         // WordPress API
38                         'wp.getUsersBlogs'              => 'this:wp_getUsersBlogs',
39                         'wp.newPost'                    => 'this:wp_newPost',
40                         'wp.editPost'                   => 'this:wp_editPost',
41                         'wp.deletePost'                 => 'this:wp_deletePost',
42                         'wp.getPost'                    => 'this:wp_getPost',
43                         'wp.getPosts'                   => 'this:wp_getPosts',
44                         'wp.newTerm'                    => 'this:wp_newTerm',
45                         'wp.editTerm'                   => 'this:wp_editTerm',
46                         'wp.deleteTerm'                 => 'this:wp_deleteTerm',
47                         'wp.getTerm'                    => 'this:wp_getTerm',
48                         'wp.getTerms'                   => 'this:wp_getTerms',
49                         'wp.getTaxonomy'                => 'this:wp_getTaxonomy',
50                         'wp.getTaxonomies'              => 'this:wp_getTaxonomies',
51                         'wp.getUser'                    => 'this:wp_getUser',
52                         'wp.getUsers'                   => 'this:wp_getUsers',
53                         'wp.getProfile'                 => 'this:wp_getProfile',
54                         'wp.editProfile'                => 'this:wp_editProfile',
55                         'wp.getPage'                    => 'this:wp_getPage',
56                         'wp.getPages'                   => 'this:wp_getPages',
57                         'wp.newPage'                    => 'this:wp_newPage',
58                         'wp.deletePage'                 => 'this:wp_deletePage',
59                         'wp.editPage'                   => 'this:wp_editPage',
60                         'wp.getPageList'                => 'this:wp_getPageList',
61                         'wp.getAuthors'                 => 'this:wp_getAuthors',
62                         'wp.getCategories'              => 'this:mw_getCategories',             // Alias
63                         'wp.getTags'                    => 'this:wp_getTags',
64                         'wp.newCategory'                => 'this:wp_newCategory',
65                         'wp.deleteCategory'             => 'this:wp_deleteCategory',
66                         'wp.suggestCategories'  => 'this:wp_suggestCategories',
67                         'wp.uploadFile'                 => 'this:mw_newMediaObject',    // Alias
68                         'wp.getCommentCount'    => 'this:wp_getCommentCount',
69                         'wp.getPostStatusList'  => 'this:wp_getPostStatusList',
70                         'wp.getPageStatusList'  => 'this:wp_getPageStatusList',
71                         'wp.getPageTemplates'   => 'this:wp_getPageTemplates',
72                         'wp.getOptions'                 => 'this:wp_getOptions',
73                         'wp.setOptions'                 => 'this:wp_setOptions',
74                         'wp.getComment'                 => 'this:wp_getComment',
75                         'wp.getComments'                => 'this:wp_getComments',
76                         'wp.deleteComment'              => 'this:wp_deleteComment',
77                         'wp.editComment'                => 'this:wp_editComment',
78                         'wp.newComment'                 => 'this:wp_newComment',
79                         'wp.getCommentStatusList' => 'this:wp_getCommentStatusList',
80                         'wp.getMediaItem'               => 'this:wp_getMediaItem',
81                         'wp.getMediaLibrary'    => 'this:wp_getMediaLibrary',
82                         'wp.getPostFormats'     => 'this:wp_getPostFormats',
83                         'wp.getPostType'                => 'this:wp_getPostType',
84                         'wp.getPostTypes'               => 'this:wp_getPostTypes',
85                         'wp.getRevisions'               => 'this:wp_getRevisions',
86                         'wp.restoreRevision'    => 'this:wp_restoreRevision',
87
88                         // Blogger API
89                         'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs',
90                         'blogger.getUserInfo' => 'this:blogger_getUserInfo',
91                         'blogger.getPost' => 'this:blogger_getPost',
92                         'blogger.getRecentPosts' => 'this:blogger_getRecentPosts',
93                         'blogger.newPost' => 'this:blogger_newPost',
94                         'blogger.editPost' => 'this:blogger_editPost',
95                         'blogger.deletePost' => 'this:blogger_deletePost',
96
97                         // MetaWeblog API (with MT extensions to structs)
98                         'metaWeblog.newPost' => 'this:mw_newPost',
99                         'metaWeblog.editPost' => 'this:mw_editPost',
100                         'metaWeblog.getPost' => 'this:mw_getPost',
101                         'metaWeblog.getRecentPosts' => 'this:mw_getRecentPosts',
102                         'metaWeblog.getCategories' => 'this:mw_getCategories',
103                         'metaWeblog.newMediaObject' => 'this:mw_newMediaObject',
104
105                         // MetaWeblog API aliases for Blogger API
106                         // see http://www.xmlrpc.com/stories/storyReader$2460
107                         'metaWeblog.deletePost' => 'this:blogger_deletePost',
108                         'metaWeblog.getUsersBlogs' => 'this:blogger_getUsersBlogs',
109
110                         // MovableType API
111                         'mt.getCategoryList' => 'this:mt_getCategoryList',
112                         'mt.getRecentPostTitles' => 'this:mt_getRecentPostTitles',
113                         'mt.getPostCategories' => 'this:mt_getPostCategories',
114                         'mt.setPostCategories' => 'this:mt_setPostCategories',
115                         'mt.supportedMethods' => 'this:mt_supportedMethods',
116                         'mt.supportedTextFilters' => 'this:mt_supportedTextFilters',
117                         'mt.getTrackbackPings' => 'this:mt_getTrackbackPings',
118                         'mt.publishPost' => 'this:mt_publishPost',
119
120                         // PingBack
121                         'pingback.ping' => 'this:pingback_ping',
122                         'pingback.extensions.getPingbacks' => 'this:pingback_extensions_getPingbacks',
123
124                         'demo.sayHello' => 'this:sayHello',
125                         'demo.addTwoNumbers' => 'this:addTwoNumbers'
126                 );
127
128                 $this->initialise_blog_option_info();
129                 $this->methods = apply_filters('xmlrpc_methods', $this->methods);
130         }
131
132         function serve_request() {
133                 $this->IXR_Server($this->methods);
134         }
135
136         /**
137          * Test XMLRPC API by saying, "Hello!" to client.
138          *
139          * @since 1.5.0
140          *
141          * @param array $args Method Parameters.
142          * @return string
143          */
144         function sayHello($args) {
145                 return 'Hello!';
146         }
147
148         /**
149          * Test XMLRPC API by adding two numbers for client.
150          *
151          * @since 1.5.0
152          *
153          * @param array $args Method Parameters.
154          * @return int
155          */
156         function addTwoNumbers($args) {
157                 $number1 = $args[0];
158                 $number2 = $args[1];
159                 return $number1 + $number2;
160         }
161
162         /**
163          * Log user in.
164          *
165          * @since 2.8.0
166          *
167          * @param string $username User's username.
168          * @param string $password User's password.
169          * @return mixed WP_User object if authentication passed, false otherwise
170          */
171         function login( $username, $password ) {
172                 // Respect any old filters against get_option() for 'enable_xmlrpc'.
173                 $enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated
174                 if ( false === $enabled )
175                         $enabled = apply_filters( 'option_enable_xmlrpc', true ); // Deprecated
176
177                 // Proper filter for turning off XML-RPC. It is on by default.
178                 $enabled = apply_filters( 'xmlrpc_enabled', $enabled );
179
180                 if ( ! $enabled ) {
181                         $this->error = new IXR_Error( 405, sprintf( __( 'XML-RPC services are disabled on this site.' ) ) );
182                         return false;
183                 }
184
185                 $user = wp_authenticate($username, $password);
186
187                 if (is_wp_error($user)) {
188                         $this->error = new IXR_Error( 403, __( 'Incorrect username or password.' ) );
189                         $this->error = apply_filters( 'xmlrpc_login_error', $this->error, $user );
190                         return false;
191                 }
192
193                 wp_set_current_user( $user->ID );
194                 return $user;
195         }
196
197         /**
198          * Check user's credentials. Deprecated.
199          *
200          * @since 1.5.0
201          * @deprecated 2.8.0
202          * @deprecated use wp_xmlrpc_server::login
203          * @see wp_xmlrpc_server::login
204          *
205          * @param string $username User's username.
206          * @param string $password User's password.
207          * @return bool Whether authentication passed.
208          */
209         function login_pass_ok( $username, $password ) {
210                 return (bool) $this->login( $username, $password );
211         }
212
213         /**
214          * Sanitize string or array of strings for database.
215          *
216          * @since 1.5.2
217          *
218          * @param string|array $array Sanitize single string or array of strings.
219          * @return string|array Type matches $array and sanitized for the database.
220          */
221         function escape(&$array) {
222                 global $wpdb;
223
224                 if (!is_array($array)) {
225                         return($wpdb->escape($array));
226                 } else {
227                         foreach ( (array) $array as $k => $v ) {
228                                 if ( is_array($v) ) {
229                                         $this->escape($array[$k]);
230                                 } else if ( is_object($v) ) {
231                                         //skip
232                                 } else {
233                                         $array[$k] = $wpdb->escape($v);
234                                 }
235                         }
236                 }
237         }
238
239         /**
240          * Retrieve custom fields for post.
241          *
242          * @since 2.5.0
243          *
244          * @param int $post_id Post ID.
245          * @return array Custom fields, if exist.
246          */
247         function get_custom_fields($post_id) {
248                 $post_id = (int) $post_id;
249
250                 $custom_fields = array();
251
252                 foreach ( (array) has_meta($post_id) as $meta ) {
253                         // Don't expose protected fields.
254                         if ( ! current_user_can( 'edit_post_meta', $post_id , $meta['meta_key'] ) )
255                                 continue;
256
257                         $custom_fields[] = array(
258                                 "id"    => $meta['meta_id'],
259                                 "key"   => $meta['meta_key'],
260                                 "value" => $meta['meta_value']
261                         );
262                 }
263
264                 return $custom_fields;
265         }
266
267         /**
268          * Set custom fields for post.
269          *
270          * @since 2.5.0
271          *
272          * @param int $post_id Post ID.
273          * @param array $fields Custom fields.
274          */
275         function set_custom_fields($post_id, $fields) {
276                 $post_id = (int) $post_id;
277
278                 foreach ( (array) $fields as $meta ) {
279                         if ( isset($meta['id']) ) {
280                                 $meta['id'] = (int) $meta['id'];
281                                 $pmeta = get_metadata_by_mid( 'post', $meta['id'] );
282                                 if ( isset($meta['key']) ) {
283                                         $meta['key'] = stripslashes( $meta['key'] );
284                                         if ( $meta['key'] != $pmeta->meta_key )
285                                                 continue;
286                                         $meta['value'] = stripslashes_deep( $meta['value'] );
287                                         if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) )
288                                                 update_metadata_by_mid( 'post', $meta['id'], $meta['value'] );
289                                 } elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) {
290                                         delete_metadata_by_mid( 'post', $meta['id'] );
291                                 }
292                         } elseif ( current_user_can( 'add_post_meta', $post_id, stripslashes( $meta['key'] ) ) ) {
293                                 add_post_meta( $post_id, $meta['key'], $meta['value'] );
294                         }
295                 }
296         }
297
298         /**
299          * Set up blog options property.
300          *
301          * Passes property through 'xmlrpc_blog_options' filter.
302          *
303          * @since 2.6.0
304          */
305         function initialise_blog_option_info() {
306                 global $wp_version;
307
308                 $this->blog_options = array(
309                         // Read only options
310                         'software_name'     => array(
311                                 'desc'          => __( 'Software Name' ),
312                                 'readonly'      => true,
313                                 'value'         => 'WordPress'
314                         ),
315                         'software_version'  => array(
316                                 'desc'          => __( 'Software Version' ),
317                                 'readonly'      => true,
318                                 'value'         => $wp_version
319                         ),
320                         'blog_url'          => array(
321                                 'desc'          => __( 'Site URL' ),
322                                 'readonly'      => true,
323                                 'option'        => 'siteurl'
324                         ),
325                         'home_url'          => array(
326                                 'desc'          => __( 'Home URL' ),
327                                 'readonly'      => true,
328                                 'option'        => 'home'
329                         ),
330                         'image_default_link_type' => array(
331                                 'desc'          => __( 'Image default link type' ),
332                                 'readonly'      => true,
333                                 'option'        => 'image_default_link_type'
334                         ),
335                         'image_default_size' => array(
336                                 'desc'          => __( 'Image default size' ),
337                                 'readonly'      => true,
338                                 'option'        => 'image_default_size'
339                         ),
340                         'image_default_align' => array(
341                                 'desc'          => __( 'Image default align' ),
342                                 'readonly'      => true,
343                                 'option'        => 'image_default_align'
344                         ),
345                         'template'          => array(
346                                 'desc'          => __( 'Template' ),
347                                 'readonly'      => true,
348                                 'option'        => 'template'
349                         ),
350                         'stylesheet'        => array(
351                                 'desc'          => __( 'Stylesheet' ),
352                                 'readonly'      => true,
353                                 'option'        => 'stylesheet'
354                         ),
355                         'post_thumbnail'    => array(
356                                 'desc'          => __('Post Thumbnail'),
357                                 'readonly'      => true,
358                                 'value'         => current_theme_supports( 'post-thumbnails' )
359                         ),
360
361                         // Updatable options
362                         'time_zone'         => array(
363                                 'desc'          => __( 'Time Zone' ),
364                                 'readonly'      => false,
365                                 'option'        => 'gmt_offset'
366                         ),
367                         'blog_title'        => array(
368                                 'desc'          => __( 'Site Title' ),
369                                 'readonly'      => false,
370                                 'option'        => 'blogname'
371                         ),
372                         'blog_tagline'      => array(
373                                 'desc'          => __( 'Site Tagline' ),
374                                 'readonly'      => false,
375                                 'option'        => 'blogdescription'
376                         ),
377                         'date_format'       => array(
378                                 'desc'          => __( 'Date Format' ),
379                                 'readonly'      => false,
380                                 'option'        => 'date_format'
381                         ),
382                         'time_format'       => array(
383                                 'desc'          => __( 'Time Format' ),
384                                 'readonly'      => false,
385                                 'option'        => 'time_format'
386                         ),
387                         'users_can_register' => array(
388                                 'desc'          => __( 'Allow new users to sign up' ),
389                                 'readonly'      => false,
390                                 'option'        => 'users_can_register'
391                         ),
392                         'thumbnail_size_w'  => array(
393                                 'desc'          => __( 'Thumbnail Width' ),
394                                 'readonly'      => false,
395                                 'option'        => 'thumbnail_size_w'
396                         ),
397                         'thumbnail_size_h'  => array(
398                                 'desc'          => __( 'Thumbnail Height' ),
399                                 'readonly'      => false,
400                                 'option'        => 'thumbnail_size_h'
401                         ),
402                         'thumbnail_crop'    => array(
403                                 'desc'          => __( 'Crop thumbnail to exact dimensions' ),
404                                 'readonly'      => false,
405                                 'option'        => 'thumbnail_crop'
406                         ),
407                         'medium_size_w'     => array(
408                                 'desc'          => __( 'Medium size image width' ),
409                                 'readonly'      => false,
410                                 'option'        => 'medium_size_w'
411                         ),
412                         'medium_size_h'     => array(
413                                 'desc'          => __( 'Medium size image height' ),
414                                 'readonly'      => false,
415                                 'option'        => 'medium_size_h'
416                         ),
417                         'large_size_w'      => array(
418                                 'desc'          => __( 'Large size image width' ),
419                                 'readonly'      => false,
420                                 'option'        => 'large_size_w'
421                         ),
422                         'large_size_h'      => array(
423                                 'desc'          => __( 'Large size image height' ),
424                                 'readonly'      => false,
425                                 'option'        => 'large_size_h'
426                         ),
427                         'default_comment_status' => array(
428                                 'desc'          => __( 'Allow people to post comments on new articles' ),
429                                 'readonly'      => false,
430                                 'option'        => 'default_comment_status'
431                         ),
432                         'default_ping_status' => array(
433                                 'desc'          => __( 'Allow link notifications from other blogs (pingbacks and trackbacks)' ),
434                                 'readonly'      => false,
435                                 'option'        => 'default_ping_status'
436                         )
437                 );
438
439                 $this->blog_options = apply_filters( 'xmlrpc_blog_options', $this->blog_options );
440         }
441
442         /**
443          * Retrieve the blogs of the user.
444          *
445          * @since 2.6.0
446          *
447          * @param array $args Method parameters. Contains:
448          *  - username
449          *  - password
450          * @return array. Contains:
451          *  - 'isAdmin'
452          *  - 'url'
453          *  - 'blogid'
454          *  - 'blogName'
455          *  - 'xmlrpc' - url of xmlrpc endpoint
456          */
457         function wp_getUsersBlogs( $args ) {
458                 global $current_site;
459                 // If this isn't on WPMU then just use blogger_getUsersBlogs
460                 if ( !is_multisite() ) {
461                         array_unshift( $args, 1 );
462                         return $this->blogger_getUsersBlogs( $args );
463                 }
464
465                 $this->escape( $args );
466
467                 $username = $args[0];
468                 $password = $args[1];
469
470                 if ( !$user = $this->login($username, $password) )
471                         return $this->error;
472
473                 do_action( 'xmlrpc_call', 'wp.getUsersBlogs' );
474
475                 $blogs = (array) get_blogs_of_user( $user->ID );
476                 $struct = array();
477
478                 foreach ( $blogs as $blog ) {
479                         // Don't include blogs that aren't hosted at this site
480                         if ( $blog->site_id != $current_site->id )
481                                 continue;
482
483                         $blog_id = $blog->userblog_id;
484
485                         switch_to_blog( $blog_id );
486
487                         $is_admin = current_user_can( 'manage_options' );
488
489                         $struct[] = array(
490                                 'isAdmin'               => $is_admin,
491                                 'url'                   => home_url( '/' ),
492                                 'blogid'                => (string) $blog_id,
493                                 'blogName'              => get_option( 'blogname' ),
494                                 'xmlrpc'                => site_url( 'xmlrpc.php', 'rpc' ),
495                         );
496
497                         restore_current_blog();
498                 }
499
500                 return $struct;
501         }
502
503         /**
504          * Checks if the method received at least the minimum number of arguments.
505          *
506          * @since 3.4.0
507          *
508          * @param string|array $args Sanitize single string or array of strings.
509          * @param int $count Minimum number of arguments.
510          * @return boolean if $args contains at least $count arguments.
511          */
512         protected function minimum_args( $args, $count ) {
513                 if ( count( $args ) < $count ) {
514                         $this->error = new IXR_Error( 400, __( 'Insufficient arguments passed to this XML-RPC method.' ) );
515                         return false;
516                 }
517
518                 return true;
519         }
520
521         /**
522          * Prepares taxonomy data for return in an XML-RPC object.
523          *
524          * @access protected
525          *
526          * @param object $taxonomy The unprepared taxonomy data
527          * @param array $fields The subset of taxonomy fields to return
528          * @return array The prepared taxonomy data
529          */
530         protected function _prepare_taxonomy( $taxonomy, $fields ) {
531                 $_taxonomy = array(
532                         'name' => $taxonomy->name,
533                         'label' => $taxonomy->label,
534                         'hierarchical' => (bool) $taxonomy->hierarchical,
535                         'public' => (bool) $taxonomy->public,
536                         'show_ui' => (bool) $taxonomy->show_ui,
537                         '_builtin' => (bool) $taxonomy->_builtin,
538                 );
539
540                 if ( in_array( 'labels', $fields ) )
541                         $_taxonomy['labels'] = (array) $taxonomy->labels;
542
543                 if ( in_array( 'cap', $fields ) )
544                         $_taxonomy['cap'] = (array) $taxonomy->cap;
545
546                 if ( in_array( 'object_type', $fields ) )
547                         $_taxonomy['object_type'] = array_unique( (array) $taxonomy->object_type );
548
549                 return apply_filters( 'xmlrpc_prepare_taxonomy', $_taxonomy, $taxonomy, $fields );
550         }
551
552         /**
553          * Prepares term data for return in an XML-RPC object.
554          *
555          * @access protected
556          *
557          * @param array|object $term The unprepared term data
558          * @return array The prepared term data
559          */
560         protected function _prepare_term( $term ) {
561                 $_term = $term;
562                 if ( ! is_array( $_term) )
563                         $_term = get_object_vars( $_term );
564
565                 // For Intergers which may be largeer than XMLRPC supports ensure we return strings.
566                 $_term['term_id'] = strval( $_term['term_id'] );
567                 $_term['term_group'] = strval( $_term['term_group'] );
568                 $_term['term_taxonomy_id'] = strval( $_term['term_taxonomy_id'] );
569                 $_term['parent'] = strval( $_term['parent'] );
570
571                 // Count we are happy to return as an Integer because people really shouldn't use Terms that much.
572                 $_term['count'] = intval( $_term['count'] );
573
574                 return apply_filters( 'xmlrpc_prepare_term', $_term, $term );
575         }
576
577         /**
578          * Convert a WordPress date string to an IXR_Date object.
579          *
580          * @access protected
581          *
582          * @param string $date
583          * @return IXR_Date
584          */
585         protected function _convert_date( $date ) {
586                 if ( $date === '0000-00-00 00:00:00' ) {
587                         return new IXR_Date( '00000000T00:00:00Z' );
588                 }
589                 return new IXR_Date( mysql2date( 'Ymd\TH:i:s', $date, false ) );
590         }
591
592         /**
593          * Convert a WordPress GMT date string to an IXR_Date object.
594          *
595          * @access protected
596          *
597          * @param string $date_gmt
598          * @param string $date
599          * @return IXR_Date
600          */
601         protected function _convert_date_gmt( $date_gmt, $date ) {
602                 if ( $date !== '0000-00-00 00:00:00' && $date_gmt === '0000-00-00 00:00:00' ) {
603                         return new IXR_Date( get_gmt_from_date( mysql2date( 'Y-m-d H:i:s', $date, false ), 'Ymd\TH:i:s' ) );
604                 }
605                 return $this->_convert_date( $date_gmt );
606         }
607
608         /**
609          * Prepares post data for return in an XML-RPC object.
610          *
611          * @access protected
612          *
613          * @param array $post The unprepared post data
614          * @param array $fields The subset of post type fields to return
615          * @return array The prepared post data
616          */
617         protected function _prepare_post( $post, $fields ) {
618                 // holds the data for this post. built up based on $fields
619                 $_post = array( 'post_id' => strval( $post['ID'] ) );
620
621                 // prepare common post fields
622                 $post_fields = array(
623                         'post_title'        => $post['post_title'],
624                         'post_date'         => $this->_convert_date( $post['post_date'] ),
625                         'post_date_gmt'     => $this->_convert_date_gmt( $post['post_date_gmt'], $post['post_date'] ),
626                         'post_modified'     => $this->_convert_date( $post['post_modified'] ),
627                         'post_modified_gmt' => $this->_convert_date_gmt( $post['post_modified_gmt'], $post['post_modified'] ),
628                         'post_status'       => $post['post_status'],
629                         'post_type'         => $post['post_type'],
630                         'post_name'         => $post['post_name'],
631                         'post_author'       => $post['post_author'],
632                         'post_password'     => $post['post_password'],
633                         'post_excerpt'      => $post['post_excerpt'],
634                         'post_content'      => $post['post_content'],
635                         'post_parent'       => strval( $post['post_parent'] ),
636                         'post_mime_type'    => $post['post_mime_type'],
637                         'link'              => post_permalink( $post['ID'] ),
638                         'guid'              => $post['guid'],
639                         'menu_order'        => intval( $post['menu_order'] ),
640                         'comment_status'    => $post['comment_status'],
641                         'ping_status'       => $post['ping_status'],
642                         'sticky'            => ( $post['post_type'] === 'post' && is_sticky( $post['ID'] ) ),
643                 );
644
645                 // Thumbnail
646                 $post_fields['post_thumbnail'] = array();
647                 $thumbnail_id = get_post_thumbnail_id( $post['ID'] );
648                 if ( $thumbnail_id ) {
649                         $thumbnail_size = current_theme_supports('post-thumbnail') ? 'post-thumbnail' : 'thumbnail';
650                         $post_fields['post_thumbnail'] = $this->_prepare_media_item( get_post( $thumbnail_id ), $thumbnail_size );
651                 }
652
653                 // Consider future posts as published
654                 if ( $post_fields['post_status'] === 'future' )
655                         $post_fields['post_status'] = 'publish';
656
657                 // Fill in blank post format
658                 $post_fields['post_format'] = get_post_format( $post['ID'] );
659                 if ( empty( $post_fields['post_format'] ) )
660                         $post_fields['post_format'] = 'standard';
661
662                 // Merge requested $post_fields fields into $_post
663                 if ( in_array( 'post', $fields ) ) {
664                         $_post = array_merge( $_post, $post_fields );
665                 } else {
666                         $requested_fields = array_intersect_key( $post_fields, array_flip( $fields ) );
667                         $_post = array_merge( $_post, $requested_fields );
668                 }
669
670                 $all_taxonomy_fields = in_array( 'taxonomies', $fields );
671
672                 if ( $all_taxonomy_fields || in_array( 'terms', $fields ) ) {
673                         $post_type_taxonomies = get_object_taxonomies( $post['post_type'], 'names' );
674                         $terms = wp_get_object_terms( $post['ID'], $post_type_taxonomies );
675                         $_post['terms'] = array();
676                         foreach ( $terms as $term ) {
677                                 $_post['terms'][] = $this->_prepare_term( $term );
678                         }
679                 }
680
681                 if ( in_array( 'custom_fields', $fields ) )
682                         $_post['custom_fields'] = $this->get_custom_fields( $post['ID'] );
683
684                 if ( in_array( 'enclosure', $fields ) ) {
685                         $_post['enclosure'] = array();
686                         $enclosures = (array) get_post_meta( $post['ID'], 'enclosure' );
687                         if ( ! empty( $enclosures ) ) {
688                                 $encdata = explode( "\n", $enclosures[0] );
689                                 $_post['enclosure']['url'] = trim( htmlspecialchars( $encdata[0] ) );
690                                 $_post['enclosure']['length'] = (int) trim( $encdata[1] );
691                                 $_post['enclosure']['type'] = trim( $encdata[2] );
692                         }
693                 }
694
695                 return apply_filters( 'xmlrpc_prepare_post', $_post, $post, $fields );
696         }
697
698         /**
699          * Prepares post data for return in an XML-RPC object.
700          *
701          * @access protected
702          *
703          * @param object $post_type Post type object
704          * @param array $fields The subset of post fields to return
705          * @return array The prepared post type data
706          */
707         protected function _prepare_post_type( $post_type, $fields ) {
708                 $_post_type = array(
709                         'name' => $post_type->name,
710                         'label' => $post_type->label,
711                         'hierarchical' => (bool) $post_type->hierarchical,
712                         'public' => (bool) $post_type->public,
713                         'show_ui' => (bool) $post_type->show_ui,
714                         '_builtin' => (bool) $post_type->_builtin,
715                         'has_archive' => (bool) $post_type->has_archive,
716                         'supports' => get_all_post_type_supports( $post_type->name ),
717                 );
718
719                 if ( in_array( 'labels', $fields ) ) {
720                         $_post_type['labels'] = (array) $post_type->labels;
721                 }
722
723                 if ( in_array( 'cap', $fields ) ) {
724                         $_post_type['cap'] = (array) $post_type->cap;
725                         $_post_type['map_meta_cap'] = (bool) $post_type->map_meta_cap;
726                 }
727
728                 if ( in_array( 'menu', $fields ) ) {
729                         $_post_type['menu_position'] = (int) $post_type->menu_position;
730                         $_post_type['menu_icon'] = $post_type->menu_icon;
731                         $_post_type['show_in_menu'] = (bool) $post_type->show_in_menu;
732                 }
733
734                 if ( in_array( 'taxonomies', $fields ) )
735                         $_post_type['taxonomies'] = get_object_taxonomies( $post_type->name, 'names' );
736
737                 return apply_filters( 'xmlrpc_prepare_post_type', $_post_type, $post_type );
738         }
739
740         /**
741          * Prepares media item data for return in an XML-RPC object.
742          *
743          * @access protected
744          *
745          * @param object $media_item The unprepared media item data
746          * @param string $thumbnail_size The image size to use for the thumbnail URL
747          * @return array The prepared media item data
748          */
749         protected function _prepare_media_item( $media_item, $thumbnail_size = 'thumbnail' ) {
750                 $_media_item = array(
751                         'attachment_id'    => strval( $media_item->ID ),
752                         'date_created_gmt' => $this->_convert_date_gmt( $media_item->post_date_gmt, $media_item->post_date ),
753                         'parent'           => $media_item->post_parent,
754                         'link'             => wp_get_attachment_url( $media_item->ID ),
755                         'title'            => $media_item->post_title,
756                         'caption'          => $media_item->post_excerpt,
757                         'description'      => $media_item->post_content,
758                         'metadata'         => wp_get_attachment_metadata( $media_item->ID ),
759                 );
760
761                 $thumbnail_src = image_downsize( $media_item->ID, $thumbnail_size );
762                 if ( $thumbnail_src )
763                         $_media_item['thumbnail'] = $thumbnail_src[0];
764                 else
765                         $_media_item['thumbnail'] = $_media_item['link'];
766
767                 return apply_filters( 'xmlrpc_prepare_media_item', $_media_item, $media_item, $thumbnail_size );
768         }
769
770         /**
771          * Prepares page data for return in an XML-RPC object.
772          *
773          * @access protected
774          *
775          * @param object $page The unprepared page data
776          * @return array The prepared page data
777          */
778         protected function _prepare_page( $page ) {
779                 // Get all of the page content and link.
780                 $full_page = get_extended( $page->post_content );
781                 $link = post_permalink( $page->ID );
782
783                 // Get info the page parent if there is one.
784                 $parent_title = "";
785                 if ( ! empty( $page->post_parent ) ) {
786                         $parent = get_post( $page->post_parent );
787                         $parent_title = $parent->post_title;
788                 }
789
790                 // Determine comment and ping settings.
791                 $allow_comments = comments_open( $page->ID ) ? 1 : 0;
792                 $allow_pings = pings_open( $page->ID ) ? 1 : 0;
793
794                 // Format page date.
795                 $page_date = $this->_convert_date( $page->post_date );
796                 $page_date_gmt = $this->_convert_date_gmt( $page->post_date_gmt, $page->post_date );
797
798                 // Pull the categories info together.
799                 $categories = array();
800                 foreach ( wp_get_post_categories( $page->ID ) as $cat_id ) {
801                         $categories[] = get_cat_name( $cat_id );
802                 }
803
804                 // Get the author info.
805                 $author = get_userdata( $page->post_author );
806
807                 $page_template = get_page_template_slug( $page->ID );
808                 if ( empty( $page_template ) )
809                         $page_template = 'default';
810
811                 $_page = array(
812                         'dateCreated'            => $page_date,
813                         'userid'                 => $page->post_author,
814                         'page_id'                => $page->ID,
815                         'page_status'            => $page->post_status,
816                         'description'            => $full_page['main'],
817                         'title'                  => $page->post_title,
818                         'link'                   => $link,
819                         'permaLink'              => $link,
820                         'categories'             => $categories,
821                         'excerpt'                => $page->post_excerpt,
822                         'text_more'              => $full_page['extended'],
823                         'mt_allow_comments'      => $allow_comments,
824                         'mt_allow_pings'         => $allow_pings,
825                         'wp_slug'                => $page->post_name,
826                         'wp_password'            => $page->post_password,
827                         'wp_author'              => $author->display_name,
828                         'wp_page_parent_id'      => $page->post_parent,
829                         'wp_page_parent_title'   => $parent_title,
830                         'wp_page_order'          => $page->menu_order,
831                         'wp_author_id'           => (string) $author->ID,
832                         'wp_author_display_name' => $author->display_name,
833                         'date_created_gmt'       => $page_date_gmt,
834                         'custom_fields'          => $this->get_custom_fields( $page->ID ),
835                         'wp_page_template'       => $page_template
836                 );
837
838                 return apply_filters( 'xmlrpc_prepare_page', $_page, $page );
839         }
840
841         /**
842          * Prepares comment data for return in an XML-RPC object.
843          *
844          * @access protected
845          *
846          * @param object $comment The unprepared comment data
847          * @return array The prepared comment data
848          */
849         protected function _prepare_comment( $comment ) {
850                 // Format page date.
851                 $comment_date = $this->_convert_date( $comment->comment_date );
852                 $comment_date_gmt = $this->_convert_date_gmt( $comment->comment_date_gmt, $comment->comment_date );
853
854                 if ( '0' == $comment->comment_approved )
855                         $comment_status = 'hold';
856                 else if ( 'spam' == $comment->comment_approved )
857                         $comment_status = 'spam';
858                 else if ( '1' == $comment->comment_approved )
859                         $comment_status = 'approve';
860                 else
861                         $comment_status = $comment->comment_approved;
862
863                 $_comment = array(
864                         'date_created_gmt' => $comment_date_gmt,
865                         'user_id'          => $comment->user_id,
866                         'comment_id'       => $comment->comment_ID,
867                         'parent'           => $comment->comment_parent,
868                         'status'           => $comment_status,
869                         'content'          => $comment->comment_content,
870                         'link'             => get_comment_link($comment),
871                         'post_id'          => $comment->comment_post_ID,
872                         'post_title'       => get_the_title($comment->comment_post_ID),
873                         'author'           => $comment->comment_author,
874                         'author_url'       => $comment->comment_author_url,
875                         'author_email'     => $comment->comment_author_email,
876                         'author_ip'        => $comment->comment_author_IP,
877                         'type'             => $comment->comment_type,
878                 );
879
880                 return apply_filters( 'xmlrpc_prepare_comment', $_comment, $comment );
881         }
882
883         /**
884          * Prepares user data for return in an XML-RPC object.
885          *
886          * @access protected
887          *
888          * @param WP_User $user The unprepared user object
889          * @param array $fields The subset of user fields to return
890          * @return array The prepared user data
891          */
892         protected function _prepare_user( $user, $fields ) {
893                 $_user = array( 'user_id' => strval( $user->ID ) );
894
895                 $user_fields = array(
896                         'username'          => $user->user_login,
897                         'first_name'        => $user->user_firstname,
898                         'last_name'         => $user->user_lastname,
899                         'registered'        => $this->_convert_date( $user->user_registered ),
900                         'bio'               => $user->user_description,
901                         'email'             => $user->user_email,
902                         'nickname'          => $user->nickname,
903                         'nicename'          => $user->user_nicename,
904                         'url'               => $user->user_url,
905                         'display_name'      => $user->display_name,
906                         'roles'             => $user->roles,
907                 );
908
909                 if ( in_array( 'all', $fields ) ) {
910                         $_user = array_merge( $_user, $user_fields );
911                 } else {
912                         if ( in_array( 'basic', $fields ) ) {
913                                 $basic_fields = array( 'username', 'email', 'registered', 'display_name', 'nicename' );
914                                 $fields = array_merge( $fields, $basic_fields );
915                         }
916                         $requested_fields = array_intersect_key( $user_fields, array_flip( $fields ) );
917                         $_user = array_merge( $_user, $requested_fields );
918                 }
919
920                 return apply_filters( 'xmlrpc_prepare_user', $_user, $user, $fields );
921         }
922
923         /**
924          * Create a new post for any registered post type.
925          *
926          * @since 3.4.0
927          *
928          * @param array $args Method parameters. Contains:
929          *  - int     $blog_id
930          *  - string  $username
931          *  - string  $password
932          *  - array   $content_struct
933          *      $content_struct can contain:
934          *      - post_type (default: 'post')
935          *      - post_status (default: 'draft')
936          *      - post_title
937          *      - post_author
938          *      - post_excerpt
939          *      - post_content
940          *      - post_date_gmt | post_date
941          *      - post_format
942          *      - post_password
943          *      - comment_status - can be 'open' | 'closed'
944          *      - ping_status - can be 'open' | 'closed'
945          *      - sticky
946          *      - post_thumbnail - ID of a media item to use as the post thumbnail/featured image
947          *      - custom_fields - array, with each element containing 'key' and 'value'
948          *      - terms - array, with taxonomy names as keys and arrays of term IDs as values
949          *      - terms_names - array, with taxonomy names as keys and arrays of term names as values
950          *      - enclosure
951          *      - any other fields supported by wp_insert_post()
952          * @return string post_id
953          */
954         function wp_newPost( $args ) {
955                 if ( ! $this->minimum_args( $args, 4 ) )
956                         return $this->error;
957
958                 $this->escape( $args );
959
960                 $blog_id        = (int) $args[0];
961                 $username       = $args[1];
962                 $password       = $args[2];
963                 $content_struct = $args[3];
964
965                 if ( ! $user = $this->login( $username, $password ) )
966                         return $this->error;
967
968                 do_action( 'xmlrpc_call', 'wp.newPost' );
969
970                 unset( $content_struct['ID'] );
971
972                 return $this->_insert_post( $user, $content_struct );
973         }
974
975         /**
976          * Helper method for filtering out elements from an array.
977          *
978          * @since 3.4.0
979          *
980          * @param int $count Number to compare to one.
981          */
982         private function _is_greater_than_one( $count ) {
983                 return $count > 1;
984         }
985
986         /**
987          * Helper method for wp_newPost and wp_editPost, containing shared logic.
988          *
989          * @since 3.4.0
990          * @uses wp_insert_post()
991          *
992          * @param WP_User $user The post author if post_author isn't set in $content_struct.
993          * @param array $content_struct Post data to insert.
994          */
995         protected function _insert_post( $user, $content_struct ) {
996                 $defaults = array( 'post_status' => 'draft', 'post_type' => 'post', 'post_author' => 0,
997                         'post_password' => '', 'post_excerpt' => '', 'post_content' => '', 'post_title' => '' );
998
999                 $post_data = wp_parse_args( $content_struct, $defaults );
1000
1001                 $post_type = get_post_type_object( $post_data['post_type'] );
1002                 if ( ! $post_type )
1003                         return new IXR_Error( 403, __( 'Invalid post type' ) );
1004
1005                 $update = ! empty( $post_data['ID'] );
1006
1007                 if ( $update ) {
1008                         if ( ! get_post( $post_data['ID'] ) )
1009                                 return new IXR_Error( 401, __( 'Invalid post ID.' ) );
1010                         if ( ! current_user_can( $post_type->cap->edit_post, $post_data['ID'] ) )
1011                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) );
1012                         if ( $post_data['post_type'] != get_post_type( $post_data['ID'] ) )
1013                                 return new IXR_Error( 401, __( 'The post type may not be changed.' ) );
1014                 } else {
1015                         if ( ! current_user_can( $post_type->cap->create_posts ) || ! current_user_can( $post_type->cap->edit_posts ) )
1016                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) );
1017                 }
1018
1019                 switch ( $post_data['post_status'] ) {
1020                         case 'draft':
1021                         case 'pending':
1022                                 break;
1023                         case 'private':
1024                                 if ( ! current_user_can( $post_type->cap->publish_posts ) )
1025                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' ) );
1026                                 break;
1027                         case 'publish':
1028                         case 'future':
1029                                 if ( ! current_user_can( $post_type->cap->publish_posts ) )
1030                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' ) );
1031                                 break;
1032                         default:
1033                                 if ( ! get_post_status_object( $post_data['post_status'] ) )
1034                                         $post_data['post_status'] = 'draft';
1035                         break;
1036                 }
1037
1038                 if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) )
1039                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to create password protected posts in this post type' ) );
1040
1041                 $post_data['post_author'] = absint( $post_data['post_author'] );
1042                 if ( ! empty( $post_data['post_author'] ) && $post_data['post_author'] != $user->ID ) {
1043                         if ( ! current_user_can( $post_type->cap->edit_others_posts ) )
1044                                 return new IXR_Error( 401, __( 'You are not allowed to create posts as this user.' ) );
1045
1046                         $author = get_userdata( $post_data['post_author'] );
1047
1048                         if ( ! $author )
1049                                 return new IXR_Error( 404, __( 'Invalid author ID.' ) );
1050                 } else {
1051                         $post_data['post_author'] = $user->ID;
1052                 }
1053
1054                 if ( isset( $post_data['comment_status'] ) && $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' )
1055                         unset( $post_data['comment_status'] );
1056
1057                 if ( isset( $post_data['ping_status'] ) && $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' )
1058                         unset( $post_data['ping_status'] );
1059
1060                 // Do some timestamp voodoo
1061                 if ( ! empty( $post_data['post_date_gmt'] ) ) {
1062                         // We know this is supposed to be GMT, so we're going to slap that Z on there by force
1063                         $dateCreated = rtrim( $post_data['post_date_gmt']->getIso(), 'Z' ) . 'Z';
1064                 } elseif ( ! empty( $post_data['post_date'] ) ) {
1065                         $dateCreated = $post_data['post_date']->getIso();
1066                 }
1067
1068                 if ( ! empty( $dateCreated ) ) {
1069                         $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) );
1070                         $post_data['post_date_gmt'] = iso8601_to_datetime( $dateCreated, 'GMT' );
1071                 }
1072
1073                 if ( ! isset( $post_data['ID'] ) )
1074                         $post_data['ID'] = get_default_post_to_edit( $post_data['post_type'], true )->ID;
1075                 $post_ID = $post_data['ID'];
1076
1077                 if ( $post_data['post_type'] == 'post' ) {
1078                         // Private and password-protected posts cannot be stickied.
1079                         if ( $post_data['post_status'] == 'private' || ! empty( $post_data['post_password'] ) ) {
1080                                 // Error if the client tried to stick the post, otherwise, silently unstick.
1081                                 if ( ! empty( $post_data['sticky'] ) )
1082                                         return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) );
1083                                 if ( $update )
1084                                         unstick_post( $post_ID );
1085                         } elseif ( isset( $post_data['sticky'] ) )  {
1086                                 if ( ! current_user_can( $post_type->cap->edit_others_posts ) )
1087                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) );
1088                                 if ( $post_data['sticky'] )
1089                                         stick_post( $post_ID );
1090                                 else
1091                                         unstick_post( $post_ID );
1092                         }
1093                 }
1094
1095                 if ( isset( $post_data['post_thumbnail'] ) ) {
1096                         // empty value deletes, non-empty value adds/updates
1097                         if ( ! $post_data['post_thumbnail'] )
1098                                 delete_post_thumbnail( $post_ID );
1099                         elseif ( ! get_post( absint( $post_data['post_thumbnail'] ) ) )
1100                                 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) );
1101                         set_post_thumbnail( $post_ID, $post_data['post_thumbnail'] );
1102                         unset( $content_struct['post_thumbnail'] );
1103                 }
1104
1105                 if ( isset( $post_data['custom_fields'] ) )
1106                         $this->set_custom_fields( $post_ID, $post_data['custom_fields'] );
1107
1108                 if ( isset( $post_data['terms'] ) || isset( $post_data['terms_names'] ) ) {
1109                         $post_type_taxonomies = get_object_taxonomies( $post_data['post_type'], 'objects' );
1110
1111                         // accumulate term IDs from terms and terms_names
1112                         $terms = array();
1113
1114                         // first validate the terms specified by ID
1115                         if ( isset( $post_data['terms'] ) && is_array( $post_data['terms'] ) ) {
1116                                 $taxonomies = array_keys( $post_data['terms'] );
1117
1118                                 // validating term ids
1119                                 foreach ( $taxonomies as $taxonomy ) {
1120                                         if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )
1121                                                 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) );
1122
1123                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) )
1124                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) );
1125
1126                                         $term_ids = $post_data['terms'][$taxonomy];
1127                                         foreach ( $term_ids as $term_id ) {
1128                                                 $term = get_term_by( 'id', $term_id, $taxonomy );
1129
1130                                                 if ( ! $term )
1131                                                         return new IXR_Error( 403, __( 'Invalid term ID' ) );
1132
1133                                                 $terms[$taxonomy][] = (int) $term_id;
1134                                         }
1135                                 }
1136                         }
1137
1138                         // now validate terms specified by name
1139                         if ( isset( $post_data['terms_names'] ) && is_array( $post_data['terms_names'] ) ) {
1140                                 $taxonomies = array_keys( $post_data['terms_names'] );
1141
1142                                 foreach ( $taxonomies as $taxonomy ) {
1143                                         if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )
1144                                                 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) );
1145
1146                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) )
1147                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) );
1148
1149                                         // for hierarchical taxonomies, we can't assign a term when multiple terms in the hierarchy share the same name
1150                                         $ambiguous_terms = array();
1151                                         if ( is_taxonomy_hierarchical( $taxonomy ) ) {
1152                                                 $tax_term_names = get_terms( $taxonomy, array( 'fields' => 'names', 'hide_empty' => false ) );
1153
1154                                                 // count the number of terms with the same name
1155                                                 $tax_term_names_count = array_count_values( $tax_term_names );
1156
1157                                                 // filter out non-ambiguous term names
1158                                                 $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, array( $this, '_is_greater_than_one') );
1159
1160                                                 $ambiguous_terms = array_keys( $ambiguous_tax_term_counts );
1161                                         }
1162
1163                                         $term_names = $post_data['terms_names'][$taxonomy];
1164                                         foreach ( $term_names as $term_name ) {
1165                                                 if ( in_array( $term_name, $ambiguous_terms ) )
1166                                                         return new IXR_Error( 401, __( 'Ambiguous term name used in a hierarchical taxonomy. Please use term ID instead.' ) );
1167
1168                                                 $term = get_term_by( 'name', $term_name, $taxonomy );
1169
1170                                                 if ( ! $term ) {
1171                                                         // term doesn't exist, so check that the user is allowed to create new terms
1172                                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->edit_terms ) )
1173                                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to add a term to one of the given taxonomies.' ) );
1174
1175                                                         // create the new term
1176                                                         $term_info = wp_insert_term( $term_name, $taxonomy );
1177                                                         if ( is_wp_error( $term_info ) )
1178                                                                 return new IXR_Error( 500, $term_info->get_error_message() );
1179
1180                                                         $terms[$taxonomy][] = (int) $term_info['term_id'];
1181                                                 } else {
1182                                                         $terms[$taxonomy][] = (int) $term->term_id;
1183                                                 }
1184                                         }
1185                                 }
1186                         }
1187
1188                         $post_data['tax_input'] = $terms;
1189                         unset( $post_data['terms'], $post_data['terms_names'] );
1190                 } else {
1191                         // do not allow direct submission of 'tax_input', clients must use 'terms' and/or 'terms_names'
1192                         unset( $post_data['tax_input'], $post_data['post_category'], $post_data['tags_input'] );
1193                 }
1194
1195                 if ( isset( $post_data['post_format'] ) ) {
1196                         $format = set_post_format( $post_ID, $post_data['post_format'] );
1197
1198                         if ( is_wp_error( $format ) )
1199                                 return new IXR_Error( 500, $format->get_error_message() );
1200
1201                         unset( $post_data['post_format'] );
1202                 }
1203
1204                 // Handle enclosures
1205                 $enclosure = isset( $post_data['enclosure'] ) ? $post_data['enclosure'] : null;
1206                 $this->add_enclosure_if_new( $post_ID, $enclosure );
1207
1208                 $this->attach_uploads( $post_ID, $post_data['post_content'] );
1209
1210                 $post_data = apply_filters( 'xmlrpc_wp_insert_post_data', $post_data, $content_struct );
1211
1212                 $post_ID = $update ? wp_update_post( $post_data, true ) : wp_insert_post( $post_data, true );
1213                 if ( is_wp_error( $post_ID ) )
1214                         return new IXR_Error( 500, $post_ID->get_error_message() );
1215
1216                 if ( ! $post_ID )
1217                         return new IXR_Error( 401, __( 'Sorry, your entry could not be posted. Something wrong happened.' ) );
1218
1219                 return strval( $post_ID );
1220         }
1221
1222         /**
1223          * Edit a post for any registered post type.
1224          *
1225          * The $content_struct parameter only needs to contain fields that
1226          * should be changed. All other fields will retain their existing values.
1227          *
1228          * @since 3.4.0
1229          *
1230          * @param array $args Method parameters. Contains:
1231          *  - int     $blog_id
1232          *  - string  $username
1233          *  - string  $password
1234          *  - int     $post_id
1235          *  - array   $content_struct
1236          * @return true on success
1237          */
1238         function wp_editPost( $args ) {
1239                 if ( ! $this->minimum_args( $args, 5 ) )
1240                         return $this->error;
1241
1242                 $this->escape( $args );
1243
1244                 $blog_id        = (int) $args[0];
1245                 $username       = $args[1];
1246                 $password       = $args[2];
1247                 $post_id        = (int) $args[3];
1248                 $content_struct = $args[4];
1249
1250                 if ( ! $user = $this->login( $username, $password ) )
1251                         return $this->error;
1252
1253                 do_action( 'xmlrpc_call', 'wp.editPost' );
1254
1255                 $post = get_post( $post_id, ARRAY_A );
1256
1257                 if ( empty( $post['ID'] ) )
1258                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1259
1260                 if ( isset( $content_struct['if_not_modified_since'] ) ) {
1261                         // If the post has been modified since the date provided, return an error.
1262                         if ( mysql2date( 'U', $post['post_modified_gmt'] ) > $content_struct['if_not_modified_since']->getTimestamp() ) {
1263                                 return new IXR_Error( 409, __( 'There is a revision of this post that is more recent.' ) );
1264                         }
1265                 }
1266
1267                 // convert the date field back to IXR form
1268                 $post['post_date'] = $this->_convert_date( $post['post_date'] );
1269
1270                 // ignore the existing GMT date if it is empty or a non-GMT date was supplied in $content_struct,
1271                 // since _insert_post will ignore the non-GMT date if the GMT date is set
1272                 if ( $post['post_date_gmt'] == '0000-00-00 00:00:00' || isset( $content_struct['post_date'] ) )
1273                         unset( $post['post_date_gmt'] );
1274                 else
1275                         $post['post_date_gmt'] = $this->_convert_date( $post['post_date_gmt'] );
1276
1277                 $this->escape( $post );
1278                 $merged_content_struct = array_merge( $post, $content_struct );
1279
1280                 $retval = $this->_insert_post( $user, $merged_content_struct );
1281                 if ( $retval instanceof IXR_Error )
1282                         return $retval;
1283
1284                 return true;
1285         }
1286
1287         /**
1288          * Delete a post for any registered post type.
1289          *
1290          * @since 3.4.0
1291          *
1292          * @uses wp_delete_post()
1293          * @param array $args Method parameters. Contains:
1294          *  - int     $blog_id
1295          *  - string  $username
1296          *  - string  $password
1297          *  - int     $post_id
1298          * @return true on success
1299          */
1300         function wp_deletePost( $args ) {
1301                 if ( ! $this->minimum_args( $args, 4 ) )
1302                         return $this->error;
1303
1304                 $this->escape( $args );
1305
1306                 $blog_id    = (int) $args[0];
1307                 $username   = $args[1];
1308                 $password   = $args[2];
1309                 $post_id    = (int) $args[3];
1310
1311                 if ( ! $user = $this->login( $username, $password ) )
1312                         return $this->error;
1313
1314                 do_action( 'xmlrpc_call', 'wp.deletePost' );
1315
1316                 $post = get_post( $post_id, ARRAY_A );
1317                 if ( empty( $post['ID'] ) )
1318                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1319
1320                 $post_type = get_post_type_object( $post['post_type'] );
1321                 if ( ! current_user_can( $post_type->cap->delete_post, $post_id ) )
1322                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to delete this post.' ) );
1323
1324                 $result = wp_delete_post( $post_id );
1325
1326                 if ( ! $result )
1327                         return new IXR_Error( 500, __( 'The post cannot be deleted.' ) );
1328
1329                 return true;
1330         }
1331
1332         /**
1333          * Retrieve a post.
1334          *
1335          * @since 3.4.0
1336          *
1337          * The optional $fields parameter specifies what fields will be included
1338          * in the response array. This should be a list of field names. 'post_id' will
1339          * always be included in the response regardless of the value of $fields.
1340          *
1341          * Instead of, or in addition to, individual field names, conceptual group
1342          * names can be used to specify multiple fields. The available conceptual
1343          * groups are 'post' (all basic fields), 'taxonomies', 'custom_fields',
1344          * and 'enclosure'.
1345          *
1346          * @uses get_post()
1347          * @param array $args Method parameters. Contains:
1348          *  - int     $post_id
1349          *  - string  $username
1350          *  - string  $password
1351          *  - array   $fields optional
1352          * @return array contains (based on $fields parameter):
1353          *  - 'post_id'
1354          *  - 'post_title'
1355          *  - 'post_date'
1356          *  - 'post_date_gmt'
1357          *  - 'post_modified'
1358          *  - 'post_modified_gmt'
1359          *  - 'post_status'
1360          *  - 'post_type'
1361          *  - 'post_name'
1362          *  - 'post_author'
1363          *  - 'post_password'
1364          *  - 'post_excerpt'
1365          *  - 'post_content'
1366          *  - 'link'
1367          *  - 'comment_status'
1368          *  - 'ping_status'
1369          *  - 'sticky'
1370          *  - 'custom_fields'
1371          *  - 'terms'
1372          *  - 'categories'
1373          *  - 'tags'
1374          *  - 'enclosure'
1375          */
1376         function wp_getPost( $args ) {
1377                 if ( ! $this->minimum_args( $args, 4 ) )
1378                         return $this->error;
1379
1380                 $this->escape( $args );
1381
1382                 $blog_id            = (int) $args[0];
1383                 $username           = $args[1];
1384                 $password           = $args[2];
1385                 $post_id            = (int) $args[3];
1386
1387                 if ( isset( $args[4] ) )
1388                         $fields = $args[4];
1389                 else
1390                         $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPost' );
1391
1392                 if ( ! $user = $this->login( $username, $password ) )
1393                         return $this->error;
1394
1395                 do_action( 'xmlrpc_call', 'wp.getPost' );
1396
1397                 $post = get_post( $post_id, ARRAY_A );
1398
1399                 if ( empty( $post['ID'] ) )
1400                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1401
1402                 $post_type = get_post_type_object( $post['post_type'] );
1403                 if ( ! current_user_can( $post_type->cap->edit_post, $post_id ) )
1404                         return new IXR_Error( 401, __( 'Sorry, you cannot edit this post.' ) );
1405
1406                 return $this->_prepare_post( $post, $fields );
1407         }
1408
1409         /**
1410          * Retrieve posts.
1411          *
1412          * @since 3.4.0
1413          *
1414          * The optional $filter parameter modifies the query used to retrieve posts.
1415          * Accepted keys are 'post_type', 'post_status', 'number', 'offset',
1416          * 'orderby', and 'order'.
1417          *
1418          * The optional $fields parameter specifies what fields will be included
1419          * in the response array.
1420          *
1421          * @uses wp_get_recent_posts()
1422          * @see wp_getPost() for more on $fields
1423          * @see get_posts() for more on $filter values
1424          *
1425          * @param array $args Method parameters. Contains:
1426          *  - int     $blog_id
1427          *  - string  $username
1428          *  - string  $password
1429          *  - array   $filter optional
1430          *  - array   $fields optional
1431          * @return array contains a collection of posts.
1432          */
1433         function wp_getPosts( $args ) {
1434                 if ( ! $this->minimum_args( $args, 3 ) )
1435                         return $this->error;
1436
1437                 $this->escape( $args );
1438
1439                 $blog_id    = (int) $args[0];
1440                 $username   = $args[1];
1441                 $password   = $args[2];
1442                 $filter     = isset( $args[3] ) ? $args[3] : array();
1443
1444                 if ( isset( $args[4] ) )
1445                         $fields = $args[4];
1446                 else
1447                         $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPosts' );
1448
1449                 if ( ! $user = $this->login( $username, $password ) )
1450                         return $this->error;
1451
1452                 do_action( 'xmlrpc_call', 'wp.getPosts' );
1453
1454                 $query = array();
1455
1456                 if ( isset( $filter['post_type'] ) ) {
1457                         $post_type = get_post_type_object( $filter['post_type'] );
1458                         if ( ! ( (bool) $post_type ) )
1459                                 return new IXR_Error( 403, __( 'The post type specified is not valid' ) );
1460                 } else {
1461                         $post_type = get_post_type_object( 'post' );
1462                 }
1463
1464                 if ( ! current_user_can( $post_type->cap->edit_posts ) )
1465                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts in this post type' ));
1466
1467                 $query['post_type'] = $post_type->name;
1468
1469                 if ( isset( $filter['post_status'] ) )
1470                         $query['post_status'] = $filter['post_status'];
1471
1472                 if ( isset( $filter['number'] ) )
1473                         $query['numberposts'] = absint( $filter['number'] );
1474
1475                 if ( isset( $filter['offset'] ) )
1476                         $query['offset'] = absint( $filter['offset'] );
1477
1478                 if ( isset( $filter['orderby'] ) ) {
1479                         $query['orderby'] = $filter['orderby'];
1480
1481                         if ( isset( $filter['order'] ) )
1482                                 $query['order'] = $filter['order'];
1483                 }
1484
1485                 if ( isset( $filter['s'] ) ) {
1486                         $query['s'] = $filter['s'];
1487                 }
1488
1489                 $posts_list = wp_get_recent_posts( $query );
1490
1491                 if ( ! $posts_list )
1492                         return array();
1493
1494                 // holds all the posts data
1495                 $struct = array();
1496
1497                 foreach ( $posts_list as $post ) {
1498                         $post_type = get_post_type_object( $post['post_type'] );
1499                         if ( ! current_user_can( $post_type->cap->edit_post, $post['ID'] ) )
1500                                 continue;
1501
1502                         $struct[] = $this->_prepare_post( $post, $fields );
1503                 }
1504
1505                 return $struct;
1506         }
1507
1508         /**
1509          * Create a new term.
1510          *
1511          * @since 3.4.0
1512          *
1513          * @uses wp_insert_term()
1514          * @param array $args Method parameters. Contains:
1515          *  - int     $blog_id
1516          *  - string  $username
1517          *  - string  $password
1518          *  - array   $content_struct
1519          *      The $content_struct must contain:
1520          *      - 'name'
1521          *      - 'taxonomy'
1522          *      Also, it can optionally contain:
1523          *      - 'parent'
1524          *      - 'description'
1525          *      - 'slug'
1526          * @return string term_id
1527          */
1528         function wp_newTerm( $args ) {
1529                 if ( ! $this->minimum_args( $args, 4 ) )
1530                         return $this->error;
1531
1532                 $this->escape( $args );
1533
1534                 $blog_id            = (int) $args[0];
1535                 $username           = $args[1];
1536                 $password           = $args[2];
1537                 $content_struct     = $args[3];
1538
1539                 if ( ! $user = $this->login( $username, $password ) )
1540                         return $this->error;
1541
1542                 do_action( 'xmlrpc_call', 'wp.newTerm' );
1543
1544                 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) )
1545                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1546
1547                 $taxonomy = get_taxonomy( $content_struct['taxonomy'] );
1548
1549                 if ( ! current_user_can( $taxonomy->cap->manage_terms ) )
1550                         return new IXR_Error( 401, __( 'You are not allowed to create terms in this taxonomy.' ) );
1551
1552                 $taxonomy = (array) $taxonomy;
1553
1554                 // hold the data of the term
1555                 $term_data = array();
1556
1557                 $term_data['name'] = trim( $content_struct['name'] );
1558                 if ( empty( $term_data['name'] ) )
1559                         return new IXR_Error( 403, __( 'The term name cannot be empty.' ) );
1560
1561                 if ( isset( $content_struct['parent'] ) ) {
1562                         if ( ! $taxonomy['hierarchical'] )
1563                                 return new IXR_Error( 403, __( 'This taxonomy is not hierarchical.' ) );
1564
1565                         $parent_term_id = (int) $content_struct['parent'];
1566                         $parent_term = get_term( $parent_term_id , $taxonomy['name'] );
1567
1568                         if ( is_wp_error( $parent_term ) )
1569                                 return new IXR_Error( 500, $parent_term->get_error_message() );
1570
1571                         if ( ! $parent_term )
1572                                 return new IXR_Error( 403, __( 'Parent term does not exist.' ) );
1573
1574                         $term_data['parent'] = $content_struct['parent'];
1575                 }
1576
1577                 if ( isset( $content_struct['description'] ) )
1578                         $term_data['description'] = $content_struct['description'];
1579
1580                 if ( isset( $content_struct['slug'] ) )
1581                         $term_data['slug'] = $content_struct['slug'];
1582
1583                 $term = wp_insert_term( $term_data['name'] , $taxonomy['name'] , $term_data );
1584
1585                 if ( is_wp_error( $term ) )
1586                         return new IXR_Error( 500, $term->get_error_message() );
1587
1588                 if ( ! $term )
1589                         return new IXR_Error( 500, __( 'Sorry, your term could not be created. Something wrong happened.' ) );
1590
1591                 return strval( $term['term_id'] );
1592         }
1593
1594         /**
1595          * Edit a term.
1596          *
1597          * @since 3.4.0
1598          *
1599          * @uses wp_update_term()
1600          * @param array $args Method parameters. Contains:
1601          *  - int     $blog_id
1602          *  - string  $username
1603          *  - string  $password
1604          *  - string  $term_id
1605          *  - array   $content_struct
1606          *      The $content_struct must contain:
1607          *      - 'taxonomy'
1608          *      Also, it can optionally contain:
1609          *      - 'name'
1610          *      - 'parent'
1611          *      - 'description'
1612          *      - 'slug'
1613          * @return bool True, on success.
1614          */
1615         function wp_editTerm( $args ) {
1616                 if ( ! $this->minimum_args( $args, 5 ) )
1617                         return $this->error;
1618
1619                 $this->escape( $args );
1620
1621                 $blog_id            = (int) $args[0];
1622                 $username           = $args[1];
1623                 $password           = $args[2];
1624                 $term_id            = (int) $args[3];
1625                 $content_struct     = $args[4];
1626
1627                 if ( ! $user = $this->login( $username, $password ) )
1628                         return $this->error;
1629
1630                 do_action( 'xmlrpc_call', 'wp.editTerm' );
1631
1632                 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) )
1633                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1634
1635                 $taxonomy = get_taxonomy( $content_struct['taxonomy'] );
1636
1637                 if ( ! current_user_can( $taxonomy->cap->edit_terms ) )
1638                         return new IXR_Error( 401, __( 'You are not allowed to edit terms in this taxonomy.' ) );
1639
1640                 $taxonomy = (array) $taxonomy;
1641
1642                 // hold the data of the term
1643                 $term_data = array();
1644
1645                 $term = get_term( $term_id , $content_struct['taxonomy'] );
1646
1647                 if ( is_wp_error( $term ) )
1648                         return new IXR_Error( 500, $term->get_error_message() );
1649
1650                 if ( ! $term )
1651                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1652
1653                 if ( isset( $content_struct['name'] ) ) {
1654                         $term_data['name'] = trim( $content_struct['name'] );
1655
1656                         if ( empty( $term_data['name'] ) )
1657                                 return new IXR_Error( 403, __( 'The term name cannot be empty.' ) );
1658                 }
1659
1660                 if ( isset( $content_struct['parent'] ) ) {
1661                         if ( ! $taxonomy['hierarchical'] )
1662                                 return new IXR_Error( 403, __( "This taxonomy is not hierarchical so you can't set a parent." ) );
1663
1664                         $parent_term_id = (int) $content_struct['parent'];
1665                         $parent_term = get_term( $parent_term_id , $taxonomy['name'] );
1666
1667                         if ( is_wp_error( $parent_term ) )
1668                                 return new IXR_Error( 500, $parent_term->get_error_message() );
1669
1670                         if ( ! $parent_term )
1671                                 return new IXR_Error( 403, __( 'Parent term does not exist.' ) );
1672
1673                         $term_data['parent'] = $content_struct['parent'];
1674                 }
1675
1676                 if ( isset( $content_struct['description'] ) )
1677                         $term_data['description'] = $content_struct['description'];
1678
1679                 if ( isset( $content_struct['slug'] ) )
1680                         $term_data['slug'] = $content_struct['slug'];
1681
1682                 $term = wp_update_term( $term_id , $taxonomy['name'] , $term_data );
1683
1684                 if ( is_wp_error( $term ) )
1685                         return new IXR_Error( 500, $term->get_error_message() );
1686
1687                 if ( ! $term )
1688                         return new IXR_Error( 500, __( 'Sorry, editing the term failed.' ) );
1689
1690                 return true;
1691         }
1692
1693         /**
1694          * Delete a term.
1695          *
1696          * @since 3.4.0
1697          *
1698          * @uses wp_delete_term()
1699          * @param array $args Method parameters. Contains:
1700          *  - int     $blog_id
1701          *  - string  $username
1702          *  - string  $password
1703          *  - string  $taxnomy_name
1704          *  - string     $term_id
1705          * @return boolean|IXR_Error If it suceeded true else a reason why not
1706          */
1707         function wp_deleteTerm( $args ) {
1708                 if ( ! $this->minimum_args( $args, 5 ) )
1709                         return $this->error;
1710
1711                 $this->escape( $args );
1712
1713                 $blog_id            = (int) $args[0];
1714                 $username           = $args[1];
1715                 $password           = $args[2];
1716                 $taxonomy           = $args[3];
1717                 $term_id            = (int) $args[4];
1718
1719                 if ( ! $user = $this->login( $username, $password ) )
1720                         return $this->error;
1721
1722                 do_action( 'xmlrpc_call', 'wp.deleteTerm' );
1723
1724                 if ( ! taxonomy_exists( $taxonomy ) )
1725                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1726
1727                 $taxonomy = get_taxonomy( $taxonomy );
1728
1729                 if ( ! current_user_can( $taxonomy->cap->delete_terms ) )
1730                         return new IXR_Error( 401, __( 'You are not allowed to delete terms in this taxonomy.' ) );
1731
1732                 $term = get_term( $term_id, $taxonomy->name );
1733
1734                 if ( is_wp_error( $term ) )
1735                         return new IXR_Error( 500, $term->get_error_message() );
1736
1737                 if ( ! $term )
1738                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1739
1740                 $result = wp_delete_term( $term_id, $taxonomy->name );
1741
1742                 if ( is_wp_error( $result ) )
1743                         return new IXR_Error( 500, $term->get_error_message() );
1744
1745                 if ( ! $result )
1746                         return new IXR_Error( 500, __( 'Sorry, deleting the term failed.' ) );
1747
1748                 return $result;
1749         }
1750
1751         /**
1752          * Retrieve a term.
1753          *
1754          * @since 3.4.0
1755          *
1756          * @uses get_term()
1757          * @param array $args Method parameters. Contains:
1758          *  - int     $blog_id
1759          *  - string  $username
1760          *  - string  $password
1761          *  - string  $taxonomy
1762          *  - string  $term_id
1763          * @return array contains:
1764          *  - 'term_id'
1765          *  - 'name'
1766          *  - 'slug'
1767          *  - 'term_group'
1768          *  - 'term_taxonomy_id'
1769          *  - 'taxonomy'
1770          *  - 'description'
1771          *  - 'parent'
1772          *  - 'count'
1773          */
1774         function wp_getTerm( $args ) {
1775                 if ( ! $this->minimum_args( $args, 5 ) )
1776                         return $this->error;
1777
1778                 $this->escape( $args );
1779
1780                 $blog_id            = (int) $args[0];
1781                 $username           = $args[1];
1782                 $password           = $args[2];
1783                 $taxonomy           = $args[3];
1784                 $term_id            = (int) $args[4];
1785
1786                 if ( ! $user = $this->login( $username, $password ) )
1787                         return $this->error;
1788
1789                 do_action( 'xmlrpc_call', 'wp.getTerm' );
1790
1791                 if ( ! taxonomy_exists( $taxonomy ) )
1792                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1793
1794                 $taxonomy = get_taxonomy( $taxonomy );
1795
1796                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1797                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1798
1799                 $term = get_term( $term_id , $taxonomy->name, ARRAY_A );
1800
1801                 if ( is_wp_error( $term ) )
1802                         return new IXR_Error( 500, $term->get_error_message() );
1803
1804                 if ( ! $term )
1805                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1806
1807                 return $this->_prepare_term( $term );
1808         }
1809
1810         /**
1811          * Retrieve all terms for a taxonomy.
1812          *
1813          * @since 3.4.0
1814          *
1815          * The optional $filter parameter modifies the query used to retrieve terms.
1816          * Accepted keys are 'number', 'offset', 'orderby', 'order', 'hide_empty', and 'search'.
1817          *
1818          * @uses get_terms()
1819          * @param array $args Method parameters. Contains:
1820          *  - int     $blog_id
1821          *  - string  $username
1822          *  - string  $password
1823          *  - string  $taxonomy
1824          *  - array   $filter optional
1825          * @return array terms
1826          */
1827         function wp_getTerms( $args ) {
1828                 if ( ! $this->minimum_args( $args, 4 ) )
1829                         return $this->error;
1830
1831                 $this->escape( $args );
1832
1833                 $blog_id        = (int) $args[0];
1834                 $username       = $args[1];
1835                 $password       = $args[2];
1836                 $taxonomy       = $args[3];
1837                 $filter         = isset( $args[4] ) ? $args[4] : array();
1838
1839                 if ( ! $user = $this->login( $username, $password ) )
1840                         return $this->error;
1841
1842                 do_action( 'xmlrpc_call', 'wp.getTerms' );
1843
1844                 if ( ! taxonomy_exists( $taxonomy ) )
1845                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1846
1847                 $taxonomy = get_taxonomy( $taxonomy );
1848
1849                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1850                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1851
1852                 $query = array();
1853
1854                 if ( isset( $filter['number'] ) )
1855                         $query['number'] = absint( $filter['number'] );
1856
1857                 if ( isset( $filter['offset'] ) )
1858                         $query['offset'] = absint( $filter['offset'] );
1859
1860                 if ( isset( $filter['orderby'] ) ) {
1861                         $query['orderby'] = $filter['orderby'];
1862
1863                         if ( isset( $filter['order'] ) )
1864                                 $query['order'] = $filter['order'];
1865                 }
1866
1867                 if ( isset( $filter['hide_empty'] ) )
1868                         $query['hide_empty'] = $filter['hide_empty'];
1869                 else
1870                         $query['get'] = 'all';
1871
1872                 if ( isset( $filter['search'] ) )
1873                         $query['search'] = $filter['search'];
1874
1875                 $terms = get_terms( $taxonomy->name, $query );
1876
1877                 if ( is_wp_error( $terms ) )
1878                         return new IXR_Error( 500, $terms->get_error_message() );
1879
1880                 $struct = array();
1881
1882                 foreach ( $terms as $term ) {
1883                         $struct[] = $this->_prepare_term( $term );
1884                 }
1885
1886                 return $struct;
1887         }
1888
1889         /**
1890          * Retrieve a taxonomy.
1891          *
1892          * @since 3.4.0
1893          *
1894          * @uses get_taxonomy()
1895          * @param array $args Method parameters. Contains:
1896          *  - int     $blog_id
1897          *  - string  $username
1898          *  - string  $password
1899          *  - string  $taxonomy
1900          * @return array (@see get_taxonomy())
1901          */
1902         function wp_getTaxonomy( $args ) {
1903                 if ( ! $this->minimum_args( $args, 4 ) )
1904                         return $this->error;
1905
1906                 $this->escape( $args );
1907
1908                 $blog_id        = (int) $args[0];
1909                 $username       = $args[1];
1910                 $password       = $args[2];
1911                 $taxonomy       = $args[3];
1912
1913                 if ( isset( $args[4] ) )
1914                         $fields = $args[4];
1915                 else
1916                         $fields = apply_filters( 'xmlrpc_default_taxonomy_fields', array( 'labels', 'cap', 'object_type' ), 'wp.getTaxonomy' );
1917
1918                 if ( ! $user = $this->login( $username, $password ) )
1919                         return $this->error;
1920
1921                 do_action( 'xmlrpc_call', 'wp.getTaxonomy' );
1922
1923                 if ( ! taxonomy_exists( $taxonomy ) )
1924                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1925
1926                 $taxonomy = get_taxonomy( $taxonomy );
1927
1928                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1929                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1930
1931                 return $this->_prepare_taxonomy( $taxonomy, $fields );
1932         }
1933
1934         /**
1935          * Retrieve all taxonomies.
1936          *
1937          * @since 3.4.0
1938          *
1939          * @uses get_taxonomies()
1940          * @param array $args Method parameters. Contains:
1941          *  - int     $blog_id
1942          *  - string  $username
1943          *  - string  $password
1944          * @return array taxonomies
1945          */
1946         function wp_getTaxonomies( $args ) {
1947                 if ( ! $this->minimum_args( $args, 3 ) )
1948                         return $this->error;
1949
1950                 $this->escape( $args );
1951
1952                 $blog_id            = (int) $args[0];
1953                 $username           = $args[1];
1954                 $password           = $args[2];
1955                 $filter             = isset( $args[3] ) ? $args[3] : array( 'public' => true );
1956
1957                 if ( isset( $args[4] ) )
1958                         $fields = $args[4];
1959                 else
1960                         $fields = apply_filters( 'xmlrpc_default_taxonomy_fields', array( 'labels', 'cap', 'object_type' ), 'wp.getTaxonomies' );
1961
1962                 if ( ! $user = $this->login( $username, $password ) )
1963                         return $this->error;
1964
1965                 do_action( 'xmlrpc_call', 'wp.getTaxonomies' );
1966
1967                 $taxonomies = get_taxonomies( $filter, 'objects' );
1968
1969                 // holds all the taxonomy data
1970                 $struct = array();
1971
1972                 foreach ( $taxonomies as $taxonomy ) {
1973                         // capability check for post_types
1974                         if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1975                                 continue;
1976
1977                         $struct[] = $this->_prepare_taxonomy( $taxonomy, $fields );
1978                 }
1979
1980                 return $struct;
1981         }
1982
1983         /**
1984          * Retrieve a user.
1985          *
1986          * The optional $fields parameter specifies what fields will be included
1987          * in the response array. This should be a list of field names. 'user_id' will
1988          * always be included in the response regardless of the value of $fields.
1989          *
1990          * Instead of, or in addition to, individual field names, conceptual group
1991          * names can be used to specify multiple fields. The available conceptual
1992          * groups are 'basic' and 'all'.
1993          *
1994          * @uses get_userdata()
1995          * @param array $args Method parameters. Contains:
1996          *  - int     $blog_id
1997          *  - string  $username
1998          *  - string  $password
1999          *  - int     $user_id
2000          *  - array   $fields optional
2001          * @return array contains (based on $fields parameter):
2002          *  - 'user_id'
2003          *  - 'username'
2004          *  - 'first_name'
2005          *  - 'last_name'
2006          *  - 'registered'
2007          *  - 'bio'
2008          *  - 'email'
2009          *  - 'nickname'
2010          *  - 'nicename'
2011          *  - 'url'
2012          *  - 'display_name'
2013          *  - 'roles'
2014          */
2015         function wp_getUser( $args ) {
2016                 if ( ! $this->minimum_args( $args, 4 ) )
2017                         return $this->error;
2018
2019                 $this->escape( $args );
2020
2021                 $blog_id    = (int) $args[0];
2022                 $username   = $args[1];
2023                 $password   = $args[2];
2024                 $user_id    = (int) $args[3];
2025
2026                 if ( isset( $args[4] ) )
2027                         $fields = $args[4];
2028                 else
2029                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getUser' );
2030
2031                 if ( ! $user = $this->login( $username, $password ) )
2032                         return $this->error;
2033
2034                 do_action( 'xmlrpc_call', 'wp.getUser' );
2035
2036                 if ( ! current_user_can( 'edit_user', $user_id ) )
2037                         return new IXR_Error( 401, __( 'Sorry, you cannot edit users.' ) );
2038
2039                 $user_data = get_userdata( $user_id );
2040
2041                 if ( ! $user_data )
2042                         return new IXR_Error( 404, __( 'Invalid user ID' ) );
2043
2044                 return $this->_prepare_user( $user_data, $fields );
2045         }
2046
2047         /**
2048          * Retrieve users.
2049          *
2050          * The optional $filter parameter modifies the query used to retrieve users.
2051          * Accepted keys are 'number' (default: 50), 'offset' (default: 0), 'role',
2052          * 'who', 'orderby', and 'order'.
2053          *
2054          * The optional $fields parameter specifies what fields will be included
2055          * in the response array.
2056          *
2057          * @uses get_users()
2058          * @see wp_getUser() for more on $fields and return values
2059          *
2060          * @param array $args Method parameters. Contains:
2061          *  - int     $blog_id
2062          *  - string  $username
2063          *  - string  $password
2064          *  - array   $filter optional
2065          *  - array   $fields optional
2066          * @return array users data
2067          */
2068         function wp_getUsers( $args ) {
2069                 if ( ! $this->minimum_args( $args, 3 ) )
2070                         return $this->error;
2071
2072                 $this->escape( $args );
2073
2074                 $blog_id    = (int) $args[0];
2075                 $username   = $args[1];
2076                 $password   = $args[2];
2077                 $filter     = isset( $args[3] ) ? $args[3] : array();
2078
2079                 if ( isset( $args[4] ) )
2080                         $fields = $args[4];
2081                 else
2082                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getUsers' );
2083
2084                 if ( ! $user = $this->login( $username, $password ) )
2085                         return $this->error;
2086
2087                 do_action( 'xmlrpc_call', 'wp.getUsers' );
2088
2089                 if ( ! current_user_can( 'list_users' ) )
2090                         return new IXR_Error( 401, __( 'Sorry, you cannot list users.' ) );
2091
2092                 $query = array( 'fields' => 'all_with_meta' );
2093
2094                 $query['number'] = ( isset( $filter['number'] ) ) ? absint( $filter['number'] ) : 50;
2095                 $query['offset'] = ( isset( $filter['offset'] ) ) ? absint( $filter['offset'] ) : 0;
2096
2097                 if ( isset( $filter['orderby'] ) ) {
2098                         $query['orderby'] = $filter['orderby'];
2099
2100                         if ( isset( $filter['order'] ) )
2101                                 $query['order'] = $filter['order'];
2102                 }
2103
2104                 if ( isset( $filter['role'] ) ) {
2105                         if ( get_role( $filter['role'] ) === null )
2106                                 return new IXR_Error( 403, __( 'The role specified is not valid' ) );
2107
2108                         $query['role'] = $filter['role'];
2109                 }
2110
2111                 if ( isset( $filter['who'] ) ) {
2112                         $query['who'] = $filter['who'];
2113                 }
2114
2115                 $users = get_users( $query );
2116
2117                 $_users = array();
2118                 foreach ( $users as $user_data ) {
2119                         if ( current_user_can( 'edit_user', $user_data->ID ) )
2120                                 $_users[] = $this->_prepare_user( $user_data, $fields );
2121                 }
2122                 return $_users;
2123         }
2124
2125         /**
2126          * Retrieve information about the requesting user.
2127          *
2128          * @uses get_userdata()
2129          * @param array $args Method parameters. Contains:
2130          *  - int     $blog_id
2131          *  - string  $username
2132          *  - string  $password
2133          *  - array   $fields optional
2134          * @return array (@see wp_getUser)
2135          */
2136         function wp_getProfile( $args ) {
2137                 if ( ! $this->minimum_args( $args, 3 ) )
2138                         return $this->error;
2139
2140                 $this->escape( $args );
2141
2142                 $blog_id    = (int) $args[0];
2143                 $username   = $args[1];
2144                 $password   = $args[2];
2145
2146                 if ( isset( $args[3] ) )
2147                         $fields = $args[3];
2148                 else
2149                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getProfile' );
2150
2151                 if ( ! $user = $this->login( $username, $password ) )
2152                         return $this->error;
2153
2154                 do_action( 'xmlrpc_call', 'wp.getProfile' );
2155
2156                 if ( ! current_user_can( 'edit_user', $user->ID ) )
2157                         return new IXR_Error( 401, __( 'Sorry, you cannot edit your profile.' ) );
2158
2159                 $user_data = get_userdata( $user->ID );
2160
2161                 return $this->_prepare_user( $user_data, $fields );
2162         }
2163
2164         /**
2165          * Edit user's profile.
2166          *
2167          * @uses wp_update_user()
2168          * @param array $args Method parameters. Contains:
2169          *  - int     $blog_id
2170          *  - string  $username
2171          *  - string  $password
2172          *  - array   $content_struct
2173          *      It can optionally contain:
2174          *      - 'first_name'
2175          *      - 'last_name'
2176          *      - 'website'
2177          *      - 'display_name'
2178          *      - 'nickname'
2179          *      - 'nicename'
2180          *      - 'bio'
2181          * @return bool True, on success.
2182          */
2183         function wp_editProfile( $args ) {
2184                 if ( ! $this->minimum_args( $args, 4 ) )
2185                         return $this->error;
2186
2187                 $this->escape( $args );
2188
2189                 $blog_id        = (int) $args[0];
2190                 $username       = $args[1];
2191                 $password       = $args[2];
2192                 $content_struct = $args[3];
2193
2194                 if ( ! $user = $this->login( $username, $password ) )
2195                         return $this->error;
2196
2197                 do_action( 'xmlrpc_call', 'wp.editProfile' );
2198
2199                 if ( ! current_user_can( 'edit_user', $user->ID ) )
2200                         return new IXR_Error( 401, __( 'Sorry, you cannot edit your profile.' ) );
2201
2202                 // holds data of the user
2203                 $user_data = array();
2204                 $user_data['ID'] = $user->ID;
2205
2206                 // only set the user details if it was given
2207                 if ( isset( $content_struct['first_name'] ) )
2208                         $user_data['first_name'] = $content_struct['first_name'];
2209
2210                 if ( isset( $content_struct['last_name'] ) )
2211                         $user_data['last_name'] = $content_struct['last_name'];
2212
2213                 if ( isset( $content_struct['url'] ) )
2214                         $user_data['user_url'] = $content_struct['url'];
2215
2216                 if ( isset( $content_struct['display_name'] ) )
2217                         $user_data['display_name'] = $content_struct['display_name'];
2218
2219                 if ( isset( $content_struct['nickname'] ) )
2220                         $user_data['nickname'] = $content_struct['nickname'];
2221
2222                 if ( isset( $content_struct['nicename'] ) )
2223                         $user_data['user_nicename'] = $content_struct['nicename'];
2224
2225                 if ( isset( $content_struct['bio'] ) )
2226                         $user_data['description'] = $content_struct['bio'];
2227
2228                 $result = wp_update_user( $user_data );
2229
2230                 if ( is_wp_error( $result ) )
2231                         return new IXR_Error( 500, $result->get_error_message() );
2232
2233                 if ( ! $result )
2234                         return new IXR_Error( 500, __( 'Sorry, the user cannot be updated.' ) );
2235
2236                 return true;
2237         }
2238
2239         /**
2240          * Retrieve page.
2241          *
2242          * @since 2.2.0
2243          *
2244          * @param array $args Method parameters. Contains:
2245          *  - blog_id
2246          *  - page_id
2247          *  - username
2248          *  - password
2249          * @return array
2250          */
2251         function wp_getPage($args) {
2252                 $this->escape($args);
2253
2254                 $blog_id        = (int) $args[0];
2255                 $page_id        = (int) $args[1];
2256                 $username       = $args[2];
2257                 $password       = $args[3];
2258
2259                 if ( !$user = $this->login($username, $password) ) {
2260                         return $this->error;
2261                 }
2262
2263                 $page = get_post($page_id);
2264                 if ( ! $page )
2265                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2266
2267                 if ( !current_user_can( 'edit_page', $page_id ) )
2268                         return new IXR_Error( 401, __( 'Sorry, you cannot edit this page.' ) );
2269
2270                 do_action('xmlrpc_call', 'wp.getPage');
2271
2272                 // If we found the page then format the data.
2273                 if ( $page->ID && ($page->post_type == 'page') ) {
2274                         return $this->_prepare_page( $page );
2275                 }
2276                 // If the page doesn't exist indicate that.
2277                 else {
2278                         return(new IXR_Error(404, __('Sorry, no such page.')));
2279                 }
2280         }
2281
2282         /**
2283          * Retrieve Pages.
2284          *
2285          * @since 2.2.0
2286          *
2287          * @param array $args Method parameters. Contains:
2288          *  - blog_id
2289          *  - username
2290          *  - password
2291          *  - num_pages
2292          * @return array
2293          */
2294         function wp_getPages($args) {
2295                 $this->escape($args);
2296
2297                 $blog_id        = (int) $args[0];
2298                 $username       = $args[1];
2299                 $password       = $args[2];
2300                 $num_pages      = isset($args[3]) ? (int) $args[3] : 10;
2301
2302                 if ( !$user = $this->login($username, $password) )
2303                         return $this->error;
2304
2305                 if ( !current_user_can( 'edit_pages' ) )
2306                         return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) );
2307
2308                 do_action('xmlrpc_call', 'wp.getPages');
2309
2310                 $pages = get_posts( array('post_type' => 'page', 'post_status' => 'any', 'numberposts' => $num_pages) );
2311                 $num_pages = count($pages);
2312
2313                 // If we have pages, put together their info.
2314                 if ( $num_pages >= 1 ) {
2315                         $pages_struct = array();
2316
2317                         foreach ($pages as $page) {
2318                                 if ( current_user_can( 'edit_page', $page->ID ) )
2319                                         $pages_struct[] = $this->_prepare_page( $page );
2320                         }
2321
2322                         return($pages_struct);
2323                 }
2324                 // If no pages were found return an error.
2325                 else {
2326                         return(array());
2327                 }
2328         }
2329
2330         /**
2331          * Create new page.
2332          *
2333          * @since 2.2.0
2334          *
2335          * @param array $args Method parameters. See {@link wp_xmlrpc_server::mw_newPost()}
2336          * @return unknown
2337          */
2338         function wp_newPage($args) {
2339                 // Items not escaped here will be escaped in newPost.
2340                 $username       = $this->escape($args[1]);
2341                 $password       = $this->escape($args[2]);
2342                 $page           = $args[3];
2343                 $publish        = $args[4];
2344
2345                 if ( !$user = $this->login($username, $password) )
2346                         return $this->error;
2347
2348                 do_action('xmlrpc_call', 'wp.newPage');
2349
2350                 // Mark this as content for a page.
2351                 $args[3]["post_type"] = 'page';
2352
2353                 // Let mw_newPost do all of the heavy lifting.
2354                 return($this->mw_newPost($args));
2355         }
2356
2357         /**
2358          * Delete page.
2359          *
2360          * @since 2.2.0
2361          *
2362          * @param array $args Method parameters.
2363          * @return bool True, if success.
2364          */
2365         function wp_deletePage($args) {
2366                 $this->escape($args);
2367
2368                 $blog_id        = (int) $args[0];
2369                 $username       = $args[1];
2370                 $password       = $args[2];
2371                 $page_id        = (int) $args[3];
2372
2373                 if ( !$user = $this->login($username, $password) )
2374                         return $this->error;
2375
2376                 do_action('xmlrpc_call', 'wp.deletePage');
2377
2378                 // Get the current page based on the page_id and
2379                 // make sure it is a page and not a post.
2380                 $actual_page = get_post($page_id, ARRAY_A);
2381                 if ( !$actual_page || ($actual_page['post_type'] != 'page') )
2382                         return(new IXR_Error(404, __('Sorry, no such page.')));
2383
2384                 // Make sure the user can delete pages.
2385                 if ( !current_user_can('delete_page', $page_id) )
2386                         return(new IXR_Error(401, __('Sorry, you do not have the right to delete this page.')));
2387
2388                 // Attempt to delete the page.
2389                 $result = wp_delete_post($page_id);
2390                 if ( !$result )
2391                         return(new IXR_Error(500, __('Failed to delete the page.')));
2392
2393                 do_action( 'xmlrpc_call_success_wp_deletePage', $page_id, $args );
2394
2395                 return(true);
2396         }
2397
2398         /**
2399          * Edit page.
2400          *
2401          * @since 2.2.0
2402          *
2403          * @param array $args Method parameters.
2404          * @return unknown
2405          */
2406         function wp_editPage($args) {
2407                 // Items not escaped here will be escaped in editPost.
2408                 $blog_id        = (int) $args[0];
2409                 $page_id        = (int) $this->escape($args[1]);
2410                 $username       = $this->escape($args[2]);
2411                 $password       = $this->escape($args[3]);
2412                 $content        = $args[4];
2413                 $publish        = $args[5];
2414
2415                 if ( !$user = $this->login($username, $password) )
2416                         return $this->error;
2417
2418                 do_action('xmlrpc_call', 'wp.editPage');
2419
2420                 // Get the page data and make sure it is a page.
2421                 $actual_page = get_post($page_id, ARRAY_A);
2422                 if ( !$actual_page || ($actual_page['post_type'] != 'page') )
2423                         return(new IXR_Error(404, __('Sorry, no such page.')));
2424
2425                 // Make sure the user is allowed to edit pages.
2426                 if ( !current_user_can('edit_page', $page_id) )
2427                         return(new IXR_Error(401, __('Sorry, you do not have the right to edit this page.')));
2428
2429                 // Mark this as content for a page.
2430                 $content['post_type'] = 'page';
2431
2432                 // Arrange args in the way mw_editPost understands.
2433                 $args = array(
2434                         $page_id,
2435                         $username,
2436                         $password,
2437                         $content,
2438                         $publish
2439                 );
2440
2441                 // Let mw_editPost do all of the heavy lifting.
2442                 return($this->mw_editPost($args));
2443         }
2444
2445         /**
2446          * Retrieve page list.
2447          *
2448          * @since 2.2.0
2449          *
2450          * @param array $args Method parameters.
2451          * @return unknown
2452          */
2453         function wp_getPageList($args) {
2454                 global $wpdb;
2455
2456                 $this->escape($args);
2457
2458                 $blog_id                                = (int) $args[0];
2459                 $username                               = $args[1];
2460                 $password                               = $args[2];
2461
2462                 if ( !$user = $this->login($username, $password) )
2463                         return $this->error;
2464
2465                 if ( !current_user_can( 'edit_pages' ) )
2466                         return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) );
2467
2468                 do_action('xmlrpc_call', 'wp.getPageList');
2469
2470                 // Get list of pages ids and titles
2471                 $page_list = $wpdb->get_results("
2472                         SELECT ID page_id,
2473                                 post_title page_title,
2474                                 post_parent page_parent_id,
2475                                 post_date_gmt,
2476                                 post_date,
2477                                 post_status
2478                         FROM {$wpdb->posts}
2479                         WHERE post_type = 'page'
2480                         ORDER BY ID
2481                 ");
2482
2483                 // The date needs to be formatted properly.
2484                 $num_pages = count($page_list);
2485                 for ( $i = 0; $i < $num_pages; $i++ ) {
2486                         $page_list[$i]->dateCreated = $this->_convert_date(  $page_list[$i]->post_date );
2487                         $page_list[$i]->date_created_gmt = $this->_convert_date_gmt( $page_list[$i]->post_date_gmt, $page_list[$i]->post_date );
2488
2489                         unset($page_list[$i]->post_date_gmt);
2490                         unset($page_list[$i]->post_date);
2491                         unset($page_list[$i]->post_status);
2492                 }
2493
2494                 return($page_list);
2495         }
2496
2497         /**
2498          * Retrieve authors list.
2499          *
2500          * @since 2.2.0
2501          *
2502          * @param array $args Method parameters.
2503          * @return array
2504          */
2505         function wp_getAuthors($args) {
2506
2507                 $this->escape($args);
2508
2509                 $blog_id        = (int) $args[0];
2510                 $username       = $args[1];
2511                 $password       = $args[2];
2512
2513                 if ( !$user = $this->login($username, $password) )
2514                         return $this->error;
2515
2516                 if ( !current_user_can('edit_posts') )
2517                         return(new IXR_Error(401, __('Sorry, you cannot edit posts on this site.')));
2518
2519                 do_action('xmlrpc_call', 'wp.getAuthors');
2520
2521                 $authors = array();
2522                 foreach ( get_users( array( 'fields' => array('ID','user_login','display_name') ) ) as $user ) {
2523                         $authors[] = array(
2524                                 'user_id'       => $user->ID,
2525                                 'user_login'    => $user->user_login,
2526                                 'display_name'  => $user->display_name
2527                         );
2528                 }
2529
2530                 return $authors;
2531         }
2532
2533         /**
2534          * Get list of all tags
2535          *
2536          * @since 2.7.0
2537          *
2538          * @param array $args Method parameters.
2539          * @return array
2540          */
2541         function wp_getTags( $args ) {
2542                 $this->escape( $args );
2543
2544                 $blog_id                = (int) $args[0];
2545                 $username               = $args[1];
2546                 $password               = $args[2];
2547
2548                 if ( !$user = $this->login($username, $password) )
2549                         return $this->error;
2550
2551                 if ( !current_user_can( 'edit_posts' ) )
2552                         return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view tags.' ) );
2553
2554                 do_action( 'xmlrpc_call', 'wp.getKeywords' );
2555
2556                 $tags = array();
2557
2558                 if ( $all_tags = get_tags() ) {
2559                         foreach( (array) $all_tags as $tag ) {
2560                                 $struct['tag_id']                       = $tag->term_id;
2561                                 $struct['name']                         = $tag->name;
2562                                 $struct['count']                        = $tag->count;
2563                                 $struct['slug']                         = $tag->slug;
2564                                 $struct['html_url']                     = esc_html( get_tag_link( $tag->term_id ) );
2565                                 $struct['rss_url']                      = esc_html( get_tag_feed_link( $tag->term_id ) );
2566
2567                                 $tags[] = $struct;
2568                         }
2569                 }
2570
2571                 return $tags;
2572         }
2573
2574         /**
2575          * Create new category.
2576          *
2577          * @since 2.2.0
2578          *
2579          * @param array $args Method parameters.
2580          * @return int Category ID.
2581          */
2582         function wp_newCategory($args) {
2583                 $this->escape($args);
2584
2585                 $blog_id                                = (int) $args[0];
2586                 $username                               = $args[1];
2587                 $password                               = $args[2];
2588                 $category                               = $args[3];
2589
2590                 if ( !$user = $this->login($username, $password) )
2591                         return $this->error;
2592
2593                 do_action('xmlrpc_call', 'wp.newCategory');
2594
2595                 // Make sure the user is allowed to add a category.
2596                 if ( !current_user_can('manage_categories') )
2597                         return(new IXR_Error(401, __('Sorry, you do not have the right to add a category.')));
2598
2599                 // If no slug was provided make it empty so that
2600                 // WordPress will generate one.
2601                 if ( empty($category['slug']) )
2602                         $category['slug'] = '';
2603
2604                 // If no parent_id was provided make it empty
2605                 // so that it will be a top level page (no parent).
2606                 if ( !isset($category['parent_id']) )
2607                         $category['parent_id'] = '';
2608
2609                 // If no description was provided make it empty.
2610                 if ( empty($category["description"]) )
2611                         $category["description"] = "";
2612
2613                 $new_category = array(
2614                         'cat_name'                              => $category['name'],
2615                         'category_nicename'             => $category['slug'],
2616                         'category_parent'               => $category['parent_id'],
2617                         'category_description'  => $category['description']
2618                 );
2619
2620                 $cat_id = wp_insert_category($new_category, true);
2621                 if ( is_wp_error( $cat_id ) ) {
2622                         if ( 'term_exists' == $cat_id->get_error_code() )
2623                                 return (int) $cat_id->get_error_data();
2624                         else
2625                                 return(new IXR_Error(500, __('Sorry, the new category failed.')));
2626                 } elseif ( ! $cat_id ) {
2627                         return(new IXR_Error(500, __('Sorry, the new category failed.')));
2628                 }
2629
2630                 do_action( 'xmlrpc_call_success_wp_newCategory', $cat_id, $args );
2631
2632                 return $cat_id;
2633         }
2634
2635         /**
2636          * Remove category.
2637          *
2638          * @since 2.5.0
2639          *
2640          * @param array $args Method parameters.
2641          * @return mixed See {@link wp_delete_term()} for return info.
2642          */
2643         function wp_deleteCategory($args) {
2644                 $this->escape($args);
2645
2646                 $blog_id                = (int) $args[0];
2647                 $username               = $args[1];
2648                 $password               = $args[2];
2649                 $category_id    = (int) $args[3];
2650
2651                 if ( !$user = $this->login($username, $password) )
2652                         return $this->error;
2653
2654                 do_action('xmlrpc_call', 'wp.deleteCategory');
2655
2656                 if ( !current_user_can('manage_categories') )
2657                         return new IXR_Error( 401, __( 'Sorry, you do not have the right to delete a category.' ) );
2658
2659                 $status = wp_delete_term( $category_id, 'category' );
2660
2661                 if( true == $status )
2662                         do_action( 'xmlrpc_call_success_wp_deleteCategory', $category_id, $args );
2663
2664                 return $status;
2665         }
2666
2667         /**
2668          * Retrieve category list.
2669          *
2670          * @since 2.2.0
2671          *
2672          * @param array $args Method parameters.
2673          * @return array
2674          */
2675         function wp_suggestCategories($args) {
2676                 $this->escape($args);
2677
2678                 $blog_id                                = (int) $args[0];
2679                 $username                               = $args[1];
2680                 $password                               = $args[2];
2681                 $category                               = $args[3];
2682                 $max_results                    = (int) $args[4];
2683
2684                 if ( !$user = $this->login($username, $password) )
2685                         return $this->error;
2686
2687                 if ( !current_user_can( 'edit_posts' ) )
2688                         return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts to this site in order to view categories.' ) );
2689
2690                 do_action('xmlrpc_call', 'wp.suggestCategories');
2691
2692                 $category_suggestions = array();
2693                 $args = array('get' => 'all', 'number' => $max_results, 'name__like' => $category);
2694                 foreach ( (array) get_categories($args) as $cat ) {
2695                         $category_suggestions[] = array(
2696                                 'category_id'   => $cat->term_id,
2697                                 'category_name' => $cat->name
2698                         );
2699                 }
2700
2701                 return($category_suggestions);
2702         }
2703
2704         /**
2705          * Retrieve comment.
2706          *
2707          * @since 2.7.0
2708          *
2709          * @param array $args Method parameters.
2710          * @return array
2711          */
2712         function wp_getComment($args) {
2713                 $this->escape($args);
2714
2715                 $blog_id        = (int) $args[0];
2716                 $username       = $args[1];
2717                 $password       = $args[2];
2718                 $comment_id     = (int) $args[3];
2719
2720                 if ( !$user = $this->login($username, $password) )
2721                         return $this->error;
2722
2723                 if ( !current_user_can( 'moderate_comments' ) )
2724                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2725
2726                 do_action('xmlrpc_call', 'wp.getComment');
2727
2728                 if ( ! $comment = get_comment($comment_id) )
2729                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2730
2731                 return $this->_prepare_comment( $comment );
2732         }
2733
2734         /**
2735          * Retrieve comments.
2736          *
2737          * Besides the common blog_id, username, and password arguments, it takes a filter
2738          * array as last argument.
2739          *
2740          * Accepted 'filter' keys are 'status', 'post_id', 'offset', and 'number'.
2741          *
2742          * The defaults are as follows:
2743          * - 'status' - Default is ''. Filter by status (e.g., 'approve', 'hold')
2744          * - 'post_id' - Default is ''. The post where the comment is posted. Empty string shows all comments.
2745          * - 'number' - Default is 10. Total number of media items to retrieve.
2746          * - 'offset' - Default is 0. See {@link WP_Query::query()} for more.
2747          *
2748          * @since 2.7.0
2749          *
2750          * @param array $args Method parameters.
2751          * @return array. Contains a collection of comments. See {@link wp_xmlrpc_server::wp_getComment()} for a description of each item contents
2752          */
2753         function wp_getComments($args) {
2754                 $this->escape($args);
2755
2756                 $blog_id        = (int) $args[0];
2757                 $username       = $args[1];
2758                 $password       = $args[2];
2759                 $struct         = isset( $args[3] ) ? $args[3] : array();
2760
2761                 if ( !$user = $this->login($username, $password) )
2762                         return $this->error;
2763
2764                 if ( !current_user_can( 'moderate_comments' ) )
2765                         return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) );
2766
2767                 do_action('xmlrpc_call', 'wp.getComments');
2768
2769                 if ( isset($struct['status']) )
2770                         $status = $struct['status'];
2771                 else
2772                         $status = '';
2773
2774                 $post_id = '';
2775                 if ( isset($struct['post_id']) )
2776                         $post_id = absint($struct['post_id']);
2777
2778                 $offset = 0;
2779                 if ( isset($struct['offset']) )
2780                         $offset = absint($struct['offset']);
2781
2782                 $number = 10;
2783                 if ( isset($struct['number']) )
2784                         $number = absint($struct['number']);
2785
2786                 $comments = get_comments( array('status' => $status, 'post_id' => $post_id, 'offset' => $offset, 'number' => $number ) );
2787
2788                 $comments_struct = array();
2789
2790                 foreach ( $comments as $comment ) {
2791                         $comments_struct[] = $this->_prepare_comment( $comment );
2792                 }
2793
2794                 return $comments_struct;
2795         }
2796
2797         /**
2798          * Delete a comment.
2799          *
2800          * By default, the comment will be moved to the trash instead of deleted.
2801          * See {@link wp_delete_comment()} for more information on
2802          * this behavior.
2803          *
2804          * @since 2.7.0
2805          *
2806          * @param array $args Method parameters. Contains:
2807          *  - blog_id
2808          *  - username
2809          *  - password
2810          *  - comment_id
2811          * @return mixed {@link wp_delete_comment()}
2812          */
2813         function wp_deleteComment($args) {
2814                 $this->escape($args);
2815
2816                 $blog_id        = (int) $args[0];
2817                 $username       = $args[1];
2818                 $password       = $args[2];
2819                 $comment_ID     = (int) $args[3];
2820
2821                 if ( !$user = $this->login($username, $password) )
2822                         return $this->error;
2823
2824                 if ( !current_user_can( 'moderate_comments' ) )
2825                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2826
2827                 if ( ! get_comment($comment_ID) )
2828                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2829
2830                 if ( !current_user_can( 'edit_comment', $comment_ID ) )
2831                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2832
2833                 do_action('xmlrpc_call', 'wp.deleteComment');
2834
2835                 $status = wp_delete_comment( $comment_ID );
2836
2837                 if( true == $status )
2838                         do_action( 'xmlrpc_call_success_wp_deleteComment', $comment_ID, $args );
2839
2840                 return $status;
2841         }
2842
2843         /**
2844          * Edit comment.
2845          *
2846          * Besides the common blog_id, username, and password arguments, it takes a
2847          * comment_id integer and a content_struct array as last argument.
2848          *
2849          * The allowed keys in the content_struct array are:
2850          *  - 'author'
2851          *  - 'author_url'
2852          *  - 'author_email'
2853          *  - 'content'
2854          *  - 'date_created_gmt'
2855          *  - 'status'. Common statuses are 'approve', 'hold', 'spam'. See {@link get_comment_statuses()} for more details
2856          *
2857          * @since 2.7.0
2858          *
2859          * @param array $args. Contains:
2860          *  - blog_id
2861          *  - username
2862          *  - password
2863          *  - comment_id
2864          *  - content_struct
2865          * @return bool True, on success.
2866          */
2867         function wp_editComment($args) {
2868                 $this->escape($args);
2869
2870                 $blog_id        = (int) $args[0];
2871                 $username       = $args[1];
2872                 $password       = $args[2];
2873                 $comment_ID     = (int) $args[3];
2874                 $content_struct = $args[4];
2875
2876                 if ( !$user = $this->login($username, $password) )
2877                         return $this->error;
2878
2879                 if ( !current_user_can( 'moderate_comments' ) )
2880                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2881
2882                 if ( ! get_comment($comment_ID) )
2883                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2884
2885                 if ( !current_user_can( 'edit_comment', $comment_ID ) )
2886                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2887
2888                 do_action('xmlrpc_call', 'wp.editComment');
2889
2890                 if ( isset($content_struct['status']) ) {
2891                         $statuses = get_comment_statuses();
2892                         $statuses = array_keys($statuses);
2893
2894                         if ( ! in_array($content_struct['status'], $statuses) )
2895                                 return new IXR_Error( 401, __( 'Invalid comment status.' ) );
2896                         $comment_approved = $content_struct['status'];
2897                 }
2898
2899                 // Do some timestamp voodoo
2900                 if ( !empty( $content_struct['date_created_gmt'] ) ) {
2901                         // We know this is supposed to be GMT, so we're going to slap that Z on there by force
2902                         $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z';
2903                         $comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));
2904                         $comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT');
2905                 }
2906
2907                 if ( isset($content_struct['content']) )
2908                         $comment_content = $content_struct['content'];
2909
2910                 if ( isset($content_struct['author']) )
2911                         $comment_author = $content_struct['author'];
2912
2913                 if ( isset($content_struct['author_url']) )
2914                         $comment_author_url = $content_struct['author_url'];
2915
2916                 if ( isset($content_struct['author_email']) )
2917                         $comment_author_email = $content_struct['author_email'];
2918
2919                 // We've got all the data -- post it:
2920                 $comment = compact('comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url');
2921
2922                 $result = wp_update_comment($comment);
2923                 if ( is_wp_error( $result ) )
2924                         return new IXR_Error(500, $result->get_error_message());
2925
2926                 if ( !$result )
2927                         return new IXR_Error(500, __('Sorry, the comment could not be edited. Something wrong happened.'));
2928
2929                 do_action( 'xmlrpc_call_success_wp_editComment', $comment_ID, $args );
2930
2931                 return true;
2932         }
2933
2934         /**
2935          * Create new comment.
2936          *
2937          * @since 2.7.0
2938          *
2939          * @param array $args Method parameters.
2940          * @return mixed {@link wp_new_comment()}
2941          */
2942         function wp_newComment($args) {
2943                 global $wpdb;
2944
2945                 $this->escape($args);
2946
2947                 $blog_id        = (int) $args[0];
2948                 $username       = $args[1];
2949                 $password       = $args[2];
2950                 $post           = $args[3];
2951                 $content_struct = $args[4];
2952
2953                 $allow_anon = apply_filters('xmlrpc_allow_anonymous_comments', false);
2954
2955                 $user = $this->login($username, $password);
2956
2957                 if ( !$user ) {
2958                         $logged_in = false;
2959                         if ( $allow_anon && get_option('comment_registration') )
2960                                 return new IXR_Error( 403, __( 'You must be registered to comment' ) );
2961                         else if ( !$allow_anon )
2962                                 return $this->error;
2963                 } else {
2964                         $logged_in = true;
2965                 }
2966
2967                 if ( is_numeric($post) )
2968                         $post_id = absint($post);
2969                 else
2970                         $post_id = url_to_postid($post);
2971
2972                 if ( ! $post_id )
2973                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2974
2975                 if ( ! get_post($post_id) )
2976                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2977
2978                 $comment['comment_post_ID'] = $post_id;
2979
2980                 if ( $logged_in ) {
2981                         $comment['comment_author'] = $wpdb->escape( $user->display_name );
2982                         $comment['comment_author_email'] = $wpdb->escape( $user->user_email );
2983                         $comment['comment_author_url'] = $wpdb->escape( $user->user_url );
2984                         $comment['user_ID'] = $user->ID;
2985                 } else {
2986                         $comment['comment_author'] = '';
2987                         if ( isset($content_struct['author']) )
2988                                 $comment['comment_author'] = $content_struct['author'];
2989
2990                         $comment['comment_author_email'] = '';
2991                         if ( isset($content_struct['author_email']) )
2992                                 $comment['comment_author_email'] = $content_struct['author_email'];
2993
2994                         $comment['comment_author_url'] = '';
2995                         if ( isset($content_struct['author_url']) )
2996                                 $comment['comment_author_url'] = $content_struct['author_url'];
2997
2998                         $comment['user_ID'] = 0;
2999
3000                         if ( get_option('require_name_email') ) {
3001                                 if ( 6 > strlen($comment['comment_author_email']) || '' == $comment['comment_author'] )
3002                                         return new IXR_Error( 403, __( 'Comment author name and email are required' ) );
3003                                 elseif ( !is_email($comment['comment_author_email']) )
3004                                         return new IXR_Error( 403, __( 'A valid email address is required' ) );
3005                         }
3006                 }
3007
3008                 $comment['comment_parent'] = isset($content_struct['comment_parent']) ? absint($content_struct['comment_parent']) : 0;
3009
3010                 $comment['comment_content'] =  isset($content_struct['content']) ? $content_struct['content'] : null;
3011
3012                 do_action('xmlrpc_call', 'wp.newComment');
3013
3014                 $comment_ID = wp_new_comment( $comment );
3015
3016                 do_action( 'xmlrpc_call_success_wp_newComment', $comment_ID, $args );
3017
3018                 return $comment_ID;
3019         }
3020
3021         /**
3022          * Retrieve all of the comment status.
3023          *
3024          * @since 2.7.0
3025          *
3026          * @param array $args Method parameters.
3027          * @return array
3028          */
3029         function wp_getCommentStatusList($args) {
3030                 $this->escape( $args );
3031
3032                 $blog_id        = (int) $args[0];
3033                 $username       = $args[1];
3034                 $password       = $args[2];
3035
3036                 if ( !$user = $this->login($username, $password) )
3037                         return $this->error;
3038
3039                 if ( !current_user_can( 'moderate_comments' ) )
3040                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3041
3042                 do_action('xmlrpc_call', 'wp.getCommentStatusList');
3043
3044                 return get_comment_statuses();
3045         }
3046
3047         /**
3048          * Retrieve comment count.
3049          *
3050          * @since 2.5.0
3051          *
3052          * @param array $args Method parameters.
3053          * @return array
3054          */
3055         function wp_getCommentCount( $args ) {
3056                 $this->escape($args);
3057
3058                 $blog_id        = (int) $args[0];
3059                 $username       = $args[1];
3060                 $password       = $args[2];
3061                 $post_id        = (int) $args[3];
3062
3063                 if ( !$user = $this->login($username, $password) )
3064                         return $this->error;
3065
3066                 if ( !current_user_can( 'edit_posts' ) )
3067                         return new IXR_Error( 403, __( 'You are not allowed access to details about comments.' ) );
3068
3069                 do_action('xmlrpc_call', 'wp.getCommentCount');
3070
3071                 $count = wp_count_comments( $post_id );
3072                 return array(
3073                         'approved' => $count->approved,
3074                         'awaiting_moderation' => $count->moderated,
3075                         'spam' => $count->spam,
3076                         'total_comments' => $count->total_comments
3077                 );
3078         }
3079
3080         /**
3081          * Retrieve post statuses.
3082          *
3083          * @since 2.5.0
3084          *
3085          * @param array $args Method parameters.
3086          * @return array
3087          */
3088         function wp_getPostStatusList( $args ) {
3089                 $this->escape( $args );
3090
3091                 $blog_id        = (int) $args[0];
3092                 $username       = $args[1];
3093                 $password       = $args[2];
3094
3095                 if ( !$user = $this->login($username, $password) )
3096                         return $this->error;
3097
3098                 if ( !current_user_can( 'edit_posts' ) )
3099                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3100
3101                 do_action('xmlrpc_call', 'wp.getPostStatusList');
3102
3103                 return get_post_statuses();
3104         }
3105
3106         /**
3107          * Retrieve page statuses.
3108          *
3109          * @since 2.5.0
3110          *
3111          * @param array $args Method parameters.
3112          * @return array
3113          */
3114         function wp_getPageStatusList( $args ) {
3115                 $this->escape( $args );
3116
3117                 $blog_id        = (int) $args[0];
3118                 $username       = $args[1];
3119                 $password       = $args[2];
3120
3121                 if ( !$user = $this->login($username, $password) )
3122                         return $this->error;
3123
3124                 if ( !current_user_can( 'edit_pages' ) )
3125                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3126
3127                 do_action('xmlrpc_call', 'wp.getPageStatusList');
3128
3129                 return get_page_statuses();
3130         }
3131
3132         /**
3133          * Retrieve page templates.
3134          *
3135          * @since 2.6.0
3136          *
3137          * @param array $args Method parameters.
3138          * @return array
3139          */
3140         function wp_getPageTemplates( $args ) {
3141                 $this->escape( $args );
3142
3143                 $blog_id        = (int) $args[0];
3144                 $username       = $args[1];
3145                 $password       = $args[2];
3146
3147                 if ( !$user = $this->login($username, $password) )
3148                         return $this->error;
3149
3150                 if ( !current_user_can( 'edit_pages' ) )
3151                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3152
3153                 $templates = get_page_templates();
3154                 $templates['Default'] = 'default';
3155
3156                 return $templates;
3157         }
3158
3159         /**
3160          * Retrieve blog options.
3161          *
3162          * @since 2.6.0
3163          *
3164          * @param array $args Method parameters.
3165          * @return array
3166          */
3167         function wp_getOptions( $args ) {
3168                 $this->escape( $args );
3169