WordPress 3.8.2
[autoinstalls/wordpress.git] / wp-includes / class-wp-xmlrpc-server.php
1 <?php
2 /**
3  * XML-RPC protocol support for WordPress
4  *
5  * @package WordPress
6  */
7
8 /**
9  * WordPress XMLRPC server implementation.
10  *
11  * Implements compatibility for Blogger API, MetaWeblog API, MovableType, and
12  * pingback. Additional WordPress API for managing comments, pages, posts,
13  * options, etc.
14  *
15  * As of WordPress 3.5.0, XML-RPC is enabled by default. It can be disabled
16  * via the xmlrpc_enabled filter found in wp_xmlrpc_server::login().
17  *
18  * @package WordPress
19  * @subpackage Publishing
20  * @since 1.5.0
21  */
22 class wp_xmlrpc_server extends IXR_Server {
23
24         /**
25          * Register all of the XMLRPC methods that XMLRPC server understands.
26          *
27          * Sets up server and method property. Passes XMLRPC
28          * methods through the 'xmlrpc_methods' filter to allow plugins to extend
29          * or replace XMLRPC methods.
30          *
31          * @since 1.5.0
32          *
33          * @return wp_xmlrpc_server
34          */
35         function __construct() {
36                 $this->methods = array(
37                         // WordPress API
38                         'wp.getUsersBlogs'              => 'this:wp_getUsersBlogs',
39                         'wp.newPost'                    => 'this:wp_newPost',
40                         'wp.editPost'                   => 'this:wp_editPost',
41                         'wp.deletePost'                 => 'this:wp_deletePost',
42                         'wp.getPost'                    => 'this:wp_getPost',
43                         'wp.getPosts'                   => 'this:wp_getPosts',
44                         'wp.newTerm'                    => 'this:wp_newTerm',
45                         'wp.editTerm'                   => 'this:wp_editTerm',
46                         'wp.deleteTerm'                 => 'this:wp_deleteTerm',
47                         'wp.getTerm'                    => 'this:wp_getTerm',
48                         'wp.getTerms'                   => 'this:wp_getTerms',
49                         'wp.getTaxonomy'                => 'this:wp_getTaxonomy',
50                         'wp.getTaxonomies'              => 'this:wp_getTaxonomies',
51                         'wp.getUser'                    => 'this:wp_getUser',
52                         'wp.getUsers'                   => 'this:wp_getUsers',
53                         'wp.getProfile'                 => 'this:wp_getProfile',
54                         'wp.editProfile'                => 'this:wp_editProfile',
55                         'wp.getPage'                    => 'this:wp_getPage',
56                         'wp.getPages'                   => 'this:wp_getPages',
57                         'wp.newPage'                    => 'this:wp_newPage',
58                         'wp.deletePage'                 => 'this:wp_deletePage',
59                         'wp.editPage'                   => 'this:wp_editPage',
60                         'wp.getPageList'                => 'this:wp_getPageList',
61                         'wp.getAuthors'                 => 'this:wp_getAuthors',
62                         'wp.getCategories'              => 'this:mw_getCategories',             // Alias
63                         'wp.getTags'                    => 'this:wp_getTags',
64                         'wp.newCategory'                => 'this:wp_newCategory',
65                         'wp.deleteCategory'             => 'this:wp_deleteCategory',
66                         'wp.suggestCategories'  => 'this:wp_suggestCategories',
67                         'wp.uploadFile'                 => 'this:mw_newMediaObject',    // Alias
68                         'wp.getCommentCount'    => 'this:wp_getCommentCount',
69                         'wp.getPostStatusList'  => 'this:wp_getPostStatusList',
70                         'wp.getPageStatusList'  => 'this:wp_getPageStatusList',
71                         'wp.getPageTemplates'   => 'this:wp_getPageTemplates',
72                         'wp.getOptions'                 => 'this:wp_getOptions',
73                         'wp.setOptions'                 => 'this:wp_setOptions',
74                         'wp.getComment'                 => 'this:wp_getComment',
75                         'wp.getComments'                => 'this:wp_getComments',
76                         'wp.deleteComment'              => 'this:wp_deleteComment',
77                         'wp.editComment'                => 'this:wp_editComment',
78                         'wp.newComment'                 => 'this:wp_newComment',
79                         'wp.getCommentStatusList' => 'this:wp_getCommentStatusList',
80                         'wp.getMediaItem'               => 'this:wp_getMediaItem',
81                         'wp.getMediaLibrary'    => 'this:wp_getMediaLibrary',
82                         'wp.getPostFormats'     => 'this:wp_getPostFormats',
83                         'wp.getPostType'                => 'this:wp_getPostType',
84                         'wp.getPostTypes'               => 'this:wp_getPostTypes',
85                         'wp.getRevisions'               => 'this:wp_getRevisions',
86                         'wp.restoreRevision'    => 'this:wp_restoreRevision',
87
88                         // Blogger API
89                         'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs',
90                         'blogger.getUserInfo' => 'this:blogger_getUserInfo',
91                         'blogger.getPost' => 'this:blogger_getPost',
92                         'blogger.getRecentPosts' => 'this:blogger_getRecentPosts',
93                         'blogger.newPost' => 'this:blogger_newPost',
94                         'blogger.editPost' => 'this:blogger_editPost',
95                         'blogger.deletePost' => 'this:blogger_deletePost',
96
97                         // MetaWeblog API (with MT extensions to structs)
98                         'metaWeblog.newPost' => 'this:mw_newPost',
99                         'metaWeblog.editPost' => 'this:mw_editPost',
100                         'metaWeblog.getPost' => 'this:mw_getPost',
101                         'metaWeblog.getRecentPosts' => 'this:mw_getRecentPosts',
102                         'metaWeblog.getCategories' => 'this:mw_getCategories',
103                         'metaWeblog.newMediaObject' => 'this:mw_newMediaObject',
104
105                         // MetaWeblog API aliases for Blogger API
106                         // see http://www.xmlrpc.com/stories/storyReader$2460
107                         'metaWeblog.deletePost' => 'this:blogger_deletePost',
108                         'metaWeblog.getUsersBlogs' => 'this:blogger_getUsersBlogs',
109
110                         // MovableType API
111                         'mt.getCategoryList' => 'this:mt_getCategoryList',
112                         'mt.getRecentPostTitles' => 'this:mt_getRecentPostTitles',
113                         'mt.getPostCategories' => 'this:mt_getPostCategories',
114                         'mt.setPostCategories' => 'this:mt_setPostCategories',
115                         'mt.supportedMethods' => 'this:mt_supportedMethods',
116                         'mt.supportedTextFilters' => 'this:mt_supportedTextFilters',
117                         'mt.getTrackbackPings' => 'this:mt_getTrackbackPings',
118                         'mt.publishPost' => 'this:mt_publishPost',
119
120                         // PingBack
121                         'pingback.ping' => 'this:pingback_ping',
122                         'pingback.extensions.getPingbacks' => 'this:pingback_extensions_getPingbacks',
123
124                         'demo.sayHello' => 'this:sayHello',
125                         'demo.addTwoNumbers' => 'this:addTwoNumbers'
126                 );
127
128                 $this->initialise_blog_option_info();
129                 $this->methods = apply_filters('xmlrpc_methods', $this->methods);
130         }
131
132         function serve_request() {
133                 $this->IXR_Server($this->methods);
134         }
135
136         /**
137          * Test XMLRPC API by saying, "Hello!" to client.
138          *
139          * @since 1.5.0
140          *
141          * @param array $args Method Parameters.
142          * @return string
143          */
144         function sayHello($args) {
145                 return 'Hello!';
146         }
147
148         /**
149          * Test XMLRPC API by adding two numbers for client.
150          *
151          * @since 1.5.0
152          *
153          * @param array $args Method Parameters.
154          * @return int
155          */
156         function addTwoNumbers($args) {
157                 $number1 = $args[0];
158                 $number2 = $args[1];
159                 return $number1 + $number2;
160         }
161
162         /**
163          * Log user in.
164          *
165          * @since 2.8.0
166          *
167          * @param string $username User's username.
168          * @param string $password User's password.
169          * @return mixed WP_User object if authentication passed, false otherwise
170          */
171         function login( $username, $password ) {
172                 // Respect any old filters against get_option() for 'enable_xmlrpc'.
173                 $enabled = apply_filters( 'pre_option_enable_xmlrpc', false ); // Deprecated
174                 if ( false === $enabled )
175                         $enabled = apply_filters( 'option_enable_xmlrpc', true ); // Deprecated
176
177                 // Proper filter for turning off XML-RPC. It is on by default.
178                 $enabled = apply_filters( 'xmlrpc_enabled', $enabled );
179
180                 if ( ! $enabled ) {
181                         $this->error = new IXR_Error( 405, sprintf( __( 'XML-RPC services are disabled on this site.' ) ) );
182                         return false;
183                 }
184
185                 $user = wp_authenticate($username, $password);
186
187                 if (is_wp_error($user)) {
188                         $this->error = new IXR_Error( 403, __( 'Incorrect username or password.' ) );
189                         $this->error = apply_filters( 'xmlrpc_login_error', $this->error, $user );
190                         return false;
191                 }
192
193                 wp_set_current_user( $user->ID );
194                 return $user;
195         }
196
197         /**
198          * Check user's credentials. Deprecated.
199          *
200          * @since 1.5.0
201          * @deprecated 2.8.0
202          * @deprecated use wp_xmlrpc_server::login
203          * @see wp_xmlrpc_server::login
204          *
205          * @param string $username User's username.
206          * @param string $password User's password.
207          * @return bool Whether authentication passed.
208          */
209         function login_pass_ok( $username, $password ) {
210                 return (bool) $this->login( $username, $password );
211         }
212
213         /**
214          * Escape string or array of strings for database.
215          *
216          * @since 1.5.2
217          *
218          * @param string|array $data Escape single string or array of strings.
219          * @return string|array Type matches $data and sanitized for the database.
220          */
221         function escape( &$data ) {
222                 if ( ! is_array( $data ) )
223                         return wp_slash( $data );
224
225                 foreach ( $data as &$v ) {
226                         if ( is_array( $v ) )
227                                 $this->escape( $v );
228                         elseif ( ! is_object( $v ) )
229                                 $v = wp_slash( $v );
230                 }
231         }
232
233         /**
234          * Retrieve custom fields for post.
235          *
236          * @since 2.5.0
237          *
238          * @param int $post_id Post ID.
239          * @return array Custom fields, if exist.
240          */
241         function get_custom_fields($post_id) {
242                 $post_id = (int) $post_id;
243
244                 $custom_fields = array();
245
246                 foreach ( (array) has_meta($post_id) as $meta ) {
247                         // Don't expose protected fields.
248                         if ( ! current_user_can( 'edit_post_meta', $post_id , $meta['meta_key'] ) )
249                                 continue;
250
251                         $custom_fields[] = array(
252                                 "id"    => $meta['meta_id'],
253                                 "key"   => $meta['meta_key'],
254                                 "value" => $meta['meta_value']
255                         );
256                 }
257
258                 return $custom_fields;
259         }
260
261         /**
262          * Set custom fields for post.
263          *
264          * @since 2.5.0
265          *
266          * @param int $post_id Post ID.
267          * @param array $fields Custom fields.
268          */
269         function set_custom_fields($post_id, $fields) {
270                 $post_id = (int) $post_id;
271
272                 foreach ( (array) $fields as $meta ) {
273                         if ( isset($meta['id']) ) {
274                                 $meta['id'] = (int) $meta['id'];
275                                 $pmeta = get_metadata_by_mid( 'post', $meta['id'] );
276                                 if ( isset($meta['key']) ) {
277                                         $meta['key'] = wp_unslash( $meta['key'] );
278                                         if ( $meta['key'] !== $pmeta->meta_key )
279                                                 continue;
280                                         $meta['value'] = wp_unslash( $meta['value'] );
281                                         if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) )
282                                                 update_metadata_by_mid( 'post', $meta['id'], $meta['value'] );
283                                 } elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) {
284                                         delete_metadata_by_mid( 'post', $meta['id'] );
285                                 }
286                         } elseif ( current_user_can( 'add_post_meta', $post_id, wp_unslash( $meta['key'] ) ) ) {
287                                 add_post_meta( $post_id, $meta['key'], $meta['value'] );
288                         }
289                 }
290         }
291
292         /**
293          * Set up blog options property.
294          *
295          * Passes property through 'xmlrpc_blog_options' filter.
296          *
297          * @since 2.6.0
298          */
299         function initialise_blog_option_info() {
300                 global $wp_version;
301
302                 $this->blog_options = array(
303                         // Read only options
304                         'software_name'     => array(
305                                 'desc'          => __( 'Software Name' ),
306                                 'readonly'      => true,
307                                 'value'         => 'WordPress'
308                         ),
309                         'software_version'  => array(
310                                 'desc'          => __( 'Software Version' ),
311                                 'readonly'      => true,
312                                 'value'         => $wp_version
313                         ),
314                         'blog_url'          => array(
315                                 'desc'          => __( 'WordPress Address (URL)' ),
316                                 'readonly'      => true,
317                                 'option'        => 'siteurl'
318                         ),
319                         'home_url'          => array(
320                                 'desc'          => __( 'Site Address (URL)' ),
321                                 'readonly'      => true,
322                                 'option'        => 'home'
323                         ),
324                         'login_url'          => array(
325                                 'desc'          => __( 'Login Address (URL)' ),
326                                 'readonly'      => true,
327                                 'value'         => wp_login_url( )
328                         ),
329                         'admin_url'          => array(
330                                 'desc'          => __( 'The URL to the admin area' ),
331                                 'readonly'      => true,
332                                 'value'         => get_admin_url( )
333                         ),
334                         'image_default_link_type' => array(
335                                 'desc'          => __( 'Image default link type' ),
336                                 'readonly'      => true,
337                                 'option'        => 'image_default_link_type'
338                         ),
339                         'image_default_size' => array(
340                                 'desc'          => __( 'Image default size' ),
341                                 'readonly'      => true,
342                                 'option'        => 'image_default_size'
343                         ),
344                         'image_default_align' => array(
345                                 'desc'          => __( 'Image default align' ),
346                                 'readonly'      => true,
347                                 'option'        => 'image_default_align'
348                         ),
349                         'template'          => array(
350                                 'desc'          => __( 'Template' ),
351                                 'readonly'      => true,
352                                 'option'        => 'template'
353                         ),
354                         'stylesheet'        => array(
355                                 'desc'          => __( 'Stylesheet' ),
356                                 'readonly'      => true,
357                                 'option'        => 'stylesheet'
358                         ),
359                         'post_thumbnail'    => array(
360                                 'desc'          => __('Post Thumbnail'),
361                                 'readonly'      => true,
362                                 'value'         => current_theme_supports( 'post-thumbnails' )
363                         ),
364
365                         // Updatable options
366                         'time_zone'         => array(
367                                 'desc'          => __( 'Time Zone' ),
368                                 'readonly'      => false,
369                                 'option'        => 'gmt_offset'
370                         ),
371                         'blog_title'        => array(
372                                 'desc'          => __( 'Site Title' ),
373                                 'readonly'      => false,
374                                 'option'        => 'blogname'
375                         ),
376                         'blog_tagline'      => array(
377                                 'desc'          => __( 'Site Tagline' ),
378                                 'readonly'      => false,
379                                 'option'        => 'blogdescription'
380                         ),
381                         'date_format'       => array(
382                                 'desc'          => __( 'Date Format' ),
383                                 'readonly'      => false,
384                                 'option'        => 'date_format'
385                         ),
386                         'time_format'       => array(
387                                 'desc'          => __( 'Time Format' ),
388                                 'readonly'      => false,
389                                 'option'        => 'time_format'
390                         ),
391                         'users_can_register' => array(
392                                 'desc'          => __( 'Allow new users to sign up' ),
393                                 'readonly'      => false,
394                                 'option'        => 'users_can_register'
395                         ),
396                         'thumbnail_size_w'  => array(
397                                 'desc'          => __( 'Thumbnail Width' ),
398                                 'readonly'      => false,
399                                 'option'        => 'thumbnail_size_w'
400                         ),
401                         'thumbnail_size_h'  => array(
402                                 'desc'          => __( 'Thumbnail Height' ),
403                                 'readonly'      => false,
404                                 'option'        => 'thumbnail_size_h'
405                         ),
406                         'thumbnail_crop'    => array(
407                                 'desc'          => __( 'Crop thumbnail to exact dimensions' ),
408                                 'readonly'      => false,
409                                 'option'        => 'thumbnail_crop'
410                         ),
411                         'medium_size_w'     => array(
412                                 'desc'          => __( 'Medium size image width' ),
413                                 'readonly'      => false,
414                                 'option'        => 'medium_size_w'
415                         ),
416                         'medium_size_h'     => array(
417                                 'desc'          => __( 'Medium size image height' ),
418                                 'readonly'      => false,
419                                 'option'        => 'medium_size_h'
420                         ),
421                         'large_size_w'      => array(
422                                 'desc'          => __( 'Large size image width' ),
423                                 'readonly'      => false,
424                                 'option'        => 'large_size_w'
425                         ),
426                         'large_size_h'      => array(
427                                 'desc'          => __( 'Large size image height' ),
428                                 'readonly'      => false,
429                                 'option'        => 'large_size_h'
430                         ),
431                         'default_comment_status' => array(
432                                 'desc'          => __( 'Allow people to post comments on new articles' ),
433                                 'readonly'      => false,
434                                 'option'        => 'default_comment_status'
435                         ),
436                         'default_ping_status' => array(
437                                 'desc'          => __( 'Allow link notifications from other blogs (pingbacks and trackbacks)' ),
438                                 'readonly'      => false,
439                                 'option'        => 'default_ping_status'
440                         )
441                 );
442
443                 $this->blog_options = apply_filters( 'xmlrpc_blog_options', $this->blog_options );
444         }
445
446         /**
447          * Retrieve the blogs of the user.
448          *
449          * @since 2.6.0
450          *
451          * @param array $args Method parameters. Contains:
452          *  - username
453          *  - password
454          * @return array. Contains:
455          *  - 'isAdmin'
456          *  - 'url'
457          *  - 'blogid'
458          *  - 'blogName'
459          *  - 'xmlrpc' - url of xmlrpc endpoint
460          */
461         function wp_getUsersBlogs( $args ) {
462                 // If this isn't on WPMU then just use blogger_getUsersBlogs
463                 if ( !is_multisite() ) {
464                         array_unshift( $args, 1 );
465                         return $this->blogger_getUsersBlogs( $args );
466                 }
467
468                 $this->escape( $args );
469
470                 $username = $args[0];
471                 $password = $args[1];
472
473                 if ( !$user = $this->login($username, $password) )
474                         return $this->error;
475
476                 do_action( 'xmlrpc_call', 'wp.getUsersBlogs' );
477
478                 $blogs = (array) get_blogs_of_user( $user->ID );
479                 $struct = array();
480
481                 foreach ( $blogs as $blog ) {
482                         // Don't include blogs that aren't hosted at this site
483                         if ( $blog->site_id != get_current_site()->id )
484                                 continue;
485
486                         $blog_id = $blog->userblog_id;
487
488                         switch_to_blog( $blog_id );
489
490                         $is_admin = current_user_can( 'manage_options' );
491
492                         $struct[] = array(
493                                 'isAdmin'               => $is_admin,
494                                 'url'                   => home_url( '/' ),
495                                 'blogid'                => (string) $blog_id,
496                                 'blogName'              => get_option( 'blogname' ),
497                                 'xmlrpc'                => site_url( 'xmlrpc.php', 'rpc' ),
498                         );
499
500                         restore_current_blog();
501                 }
502
503                 return $struct;
504         }
505
506         /**
507          * Checks if the method received at least the minimum number of arguments.
508          *
509          * @since 3.4.0
510          *
511          * @param string|array $args Sanitize single string or array of strings.
512          * @param int $count Minimum number of arguments.
513          * @return boolean if $args contains at least $count arguments.
514          */
515         protected function minimum_args( $args, $count ) {
516                 if ( count( $args ) < $count ) {
517                         $this->error = new IXR_Error( 400, __( 'Insufficient arguments passed to this XML-RPC method.' ) );
518                         return false;
519                 }
520
521                 return true;
522         }
523
524         /**
525          * Prepares taxonomy data for return in an XML-RPC object.
526          *
527          * @access protected
528          *
529          * @param object $taxonomy The unprepared taxonomy data
530          * @param array $fields The subset of taxonomy fields to return
531          * @return array The prepared taxonomy data
532          */
533         protected function _prepare_taxonomy( $taxonomy, $fields ) {
534                 $_taxonomy = array(
535                         'name' => $taxonomy->name,
536                         'label' => $taxonomy->label,
537                         'hierarchical' => (bool) $taxonomy->hierarchical,
538                         'public' => (bool) $taxonomy->public,
539                         'show_ui' => (bool) $taxonomy->show_ui,
540                         '_builtin' => (bool) $taxonomy->_builtin,
541                 );
542
543                 if ( in_array( 'labels', $fields ) )
544                         $_taxonomy['labels'] = (array) $taxonomy->labels;
545
546                 if ( in_array( 'cap', $fields ) )
547                         $_taxonomy['cap'] = (array) $taxonomy->cap;
548
549                 if ( in_array( 'menu', $fields ) )
550                         $_taxonomy['show_in_menu'] = (bool) $_taxonomy->show_in_menu;
551
552                 if ( in_array( 'object_type', $fields ) )
553                         $_taxonomy['object_type'] = array_unique( (array) $taxonomy->object_type );
554
555                 return apply_filters( 'xmlrpc_prepare_taxonomy', $_taxonomy, $taxonomy, $fields );
556         }
557
558         /**
559          * Prepares term data for return in an XML-RPC object.
560          *
561          * @access protected
562          *
563          * @param array|object $term The unprepared term data
564          * @return array The prepared term data
565          */
566         protected function _prepare_term( $term ) {
567                 $_term = $term;
568                 if ( ! is_array( $_term) )
569                         $_term = get_object_vars( $_term );
570
571                 // For integers which may be larger than XML-RPC supports ensure we return strings.
572                 $_term['term_id'] = strval( $_term['term_id'] );
573                 $_term['term_group'] = strval( $_term['term_group'] );
574                 $_term['term_taxonomy_id'] = strval( $_term['term_taxonomy_id'] );
575                 $_term['parent'] = strval( $_term['parent'] );
576
577                 // Count we are happy to return as an integer because people really shouldn't use terms that much.
578                 $_term['count'] = intval( $_term['count'] );
579
580                 return apply_filters( 'xmlrpc_prepare_term', $_term, $term );
581         }
582
583         /**
584          * Convert a WordPress date string to an IXR_Date object.
585          *
586          * @access protected
587          *
588          * @param string $date
589          * @return IXR_Date
590          */
591         protected function _convert_date( $date ) {
592                 if ( $date === '0000-00-00 00:00:00' ) {
593                         return new IXR_Date( '00000000T00:00:00Z' );
594                 }
595                 return new IXR_Date( mysql2date( 'Ymd\TH:i:s', $date, false ) );
596         }
597
598         /**
599          * Convert a WordPress GMT date string to an IXR_Date object.
600          *
601          * @access protected
602          *
603          * @param string $date_gmt
604          * @param string $date
605          * @return IXR_Date
606          */
607         protected function _convert_date_gmt( $date_gmt, $date ) {
608                 if ( $date !== '0000-00-00 00:00:00' && $date_gmt === '0000-00-00 00:00:00' ) {
609                         return new IXR_Date( get_gmt_from_date( mysql2date( 'Y-m-d H:i:s', $date, false ), 'Ymd\TH:i:s' ) );
610                 }
611                 return $this->_convert_date( $date_gmt );
612         }
613
614         /**
615          * Prepares post data for return in an XML-RPC object.
616          *
617          * @access protected
618          *
619          * @param array $post The unprepared post data
620          * @param array $fields The subset of post type fields to return
621          * @return array The prepared post data
622          */
623         protected function _prepare_post( $post, $fields ) {
624                 // holds the data for this post. built up based on $fields
625                 $_post = array( 'post_id' => strval( $post['ID'] ) );
626
627                 // prepare common post fields
628                 $post_fields = array(
629                         'post_title'        => $post['post_title'],
630                         'post_date'         => $this->_convert_date( $post['post_date'] ),
631                         'post_date_gmt'     => $this->_convert_date_gmt( $post['post_date_gmt'], $post['post_date'] ),
632                         'post_modified'     => $this->_convert_date( $post['post_modified'] ),
633                         'post_modified_gmt' => $this->_convert_date_gmt( $post['post_modified_gmt'], $post['post_modified'] ),
634                         'post_status'       => $post['post_status'],
635                         'post_type'         => $post['post_type'],
636                         'post_name'         => $post['post_name'],
637                         'post_author'       => $post['post_author'],
638                         'post_password'     => $post['post_password'],
639                         'post_excerpt'      => $post['post_excerpt'],
640                         'post_content'      => $post['post_content'],
641                         'post_parent'       => strval( $post['post_parent'] ),
642                         'post_mime_type'    => $post['post_mime_type'],
643                         'link'              => post_permalink( $post['ID'] ),
644                         'guid'              => $post['guid'],
645                         'menu_order'        => intval( $post['menu_order'] ),
646                         'comment_status'    => $post['comment_status'],
647                         'ping_status'       => $post['ping_status'],
648                         'sticky'            => ( $post['post_type'] === 'post' && is_sticky( $post['ID'] ) ),
649                 );
650
651                 // Thumbnail
652                 $post_fields['post_thumbnail'] = array();
653                 $thumbnail_id = get_post_thumbnail_id( $post['ID'] );
654                 if ( $thumbnail_id ) {
655                         $thumbnail_size = current_theme_supports('post-thumbnail') ? 'post-thumbnail' : 'thumbnail';
656                         $post_fields['post_thumbnail'] = $this->_prepare_media_item( get_post( $thumbnail_id ), $thumbnail_size );
657                 }
658
659                 // Consider future posts as published
660                 if ( $post_fields['post_status'] === 'future' )
661                         $post_fields['post_status'] = 'publish';
662
663                 // Fill in blank post format
664                 $post_fields['post_format'] = get_post_format( $post['ID'] );
665                 if ( empty( $post_fields['post_format'] ) )
666                         $post_fields['post_format'] = 'standard';
667
668                 // Merge requested $post_fields fields into $_post
669                 if ( in_array( 'post', $fields ) ) {
670                         $_post = array_merge( $_post, $post_fields );
671                 } else {
672                         $requested_fields = array_intersect_key( $post_fields, array_flip( $fields ) );
673                         $_post = array_merge( $_post, $requested_fields );
674                 }
675
676                 $all_taxonomy_fields = in_array( 'taxonomies', $fields );
677
678                 if ( $all_taxonomy_fields || in_array( 'terms', $fields ) ) {
679                         $post_type_taxonomies = get_object_taxonomies( $post['post_type'], 'names' );
680                         $terms = wp_get_object_terms( $post['ID'], $post_type_taxonomies );
681                         $_post['terms'] = array();
682                         foreach ( $terms as $term ) {
683                                 $_post['terms'][] = $this->_prepare_term( $term );
684                         }
685                 }
686
687                 if ( in_array( 'custom_fields', $fields ) )
688                         $_post['custom_fields'] = $this->get_custom_fields( $post['ID'] );
689
690                 if ( in_array( 'enclosure', $fields ) ) {
691                         $_post['enclosure'] = array();
692                         $enclosures = (array) get_post_meta( $post['ID'], 'enclosure' );
693                         if ( ! empty( $enclosures ) ) {
694                                 $encdata = explode( "\n", $enclosures[0] );
695                                 $_post['enclosure']['url'] = trim( htmlspecialchars( $encdata[0] ) );
696                                 $_post['enclosure']['length'] = (int) trim( $encdata[1] );
697                                 $_post['enclosure']['type'] = trim( $encdata[2] );
698                         }
699                 }
700
701                 return apply_filters( 'xmlrpc_prepare_post', $_post, $post, $fields );
702         }
703
704         /**
705          * Prepares post data for return in an XML-RPC object.
706          *
707          * @access protected
708          *
709          * @param object $post_type Post type object
710          * @param array $fields The subset of post fields to return
711          * @return array The prepared post type data
712          */
713         protected function _prepare_post_type( $post_type, $fields ) {
714                 $_post_type = array(
715                         'name' => $post_type->name,
716                         'label' => $post_type->label,
717                         'hierarchical' => (bool) $post_type->hierarchical,
718                         'public' => (bool) $post_type->public,
719                         'show_ui' => (bool) $post_type->show_ui,
720                         '_builtin' => (bool) $post_type->_builtin,
721                         'has_archive' => (bool) $post_type->has_archive,
722                         'supports' => get_all_post_type_supports( $post_type->name ),
723                 );
724
725                 if ( in_array( 'labels', $fields ) ) {
726                         $_post_type['labels'] = (array) $post_type->labels;
727                 }
728
729                 if ( in_array( 'cap', $fields ) ) {
730                         $_post_type['cap'] = (array) $post_type->cap;
731                         $_post_type['map_meta_cap'] = (bool) $post_type->map_meta_cap;
732                 }
733
734                 if ( in_array( 'menu', $fields ) ) {
735                         $_post_type['menu_position'] = (int) $post_type->menu_position;
736                         $_post_type['menu_icon'] = $post_type->menu_icon;
737                         $_post_type['show_in_menu'] = (bool) $post_type->show_in_menu;
738                 }
739
740                 if ( in_array( 'taxonomies', $fields ) )
741                         $_post_type['taxonomies'] = get_object_taxonomies( $post_type->name, 'names' );
742
743                 return apply_filters( 'xmlrpc_prepare_post_type', $_post_type, $post_type );
744         }
745
746         /**
747          * Prepares media item data for return in an XML-RPC object.
748          *
749          * @access protected
750          *
751          * @param object $media_item The unprepared media item data
752          * @param string $thumbnail_size The image size to use for the thumbnail URL
753          * @return array The prepared media item data
754          */
755         protected function _prepare_media_item( $media_item, $thumbnail_size = 'thumbnail' ) {
756                 $_media_item = array(
757                         'attachment_id'    => strval( $media_item->ID ),
758                         'date_created_gmt' => $this->_convert_date_gmt( $media_item->post_date_gmt, $media_item->post_date ),
759                         'parent'           => $media_item->post_parent,
760                         'link'             => wp_get_attachment_url( $media_item->ID ),
761                         'title'            => $media_item->post_title,
762                         'caption'          => $media_item->post_excerpt,
763                         'description'      => $media_item->post_content,
764                         'metadata'         => wp_get_attachment_metadata( $media_item->ID ),
765                 );
766
767                 $thumbnail_src = image_downsize( $media_item->ID, $thumbnail_size );
768                 if ( $thumbnail_src )
769                         $_media_item['thumbnail'] = $thumbnail_src[0];
770                 else
771                         $_media_item['thumbnail'] = $_media_item['link'];
772
773                 return apply_filters( 'xmlrpc_prepare_media_item', $_media_item, $media_item, $thumbnail_size );
774         }
775
776         /**
777          * Prepares page data for return in an XML-RPC object.
778          *
779          * @access protected
780          *
781          * @param object $page The unprepared page data
782          * @return array The prepared page data
783          */
784         protected function _prepare_page( $page ) {
785                 // Get all of the page content and link.
786                 $full_page = get_extended( $page->post_content );
787                 $link = post_permalink( $page->ID );
788
789                 // Get info the page parent if there is one.
790                 $parent_title = "";
791                 if ( ! empty( $page->post_parent ) ) {
792                         $parent = get_post( $page->post_parent );
793                         $parent_title = $parent->post_title;
794                 }
795
796                 // Determine comment and ping settings.
797                 $allow_comments = comments_open( $page->ID ) ? 1 : 0;
798                 $allow_pings = pings_open( $page->ID ) ? 1 : 0;
799
800                 // Format page date.
801                 $page_date = $this->_convert_date( $page->post_date );
802                 $page_date_gmt = $this->_convert_date_gmt( $page->post_date_gmt, $page->post_date );
803
804                 // Pull the categories info together.
805                 $categories = array();
806                 foreach ( wp_get_post_categories( $page->ID ) as $cat_id ) {
807                         $categories[] = get_cat_name( $cat_id );
808                 }
809
810                 // Get the author info.
811                 $author = get_userdata( $page->post_author );
812
813                 $page_template = get_page_template_slug( $page->ID );
814                 if ( empty( $page_template ) )
815                         $page_template = 'default';
816
817                 $_page = array(
818                         'dateCreated'            => $page_date,
819                         'userid'                 => $page->post_author,
820                         'page_id'                => $page->ID,
821                         'page_status'            => $page->post_status,
822                         'description'            => $full_page['main'],
823                         'title'                  => $page->post_title,
824                         'link'                   => $link,
825                         'permaLink'              => $link,
826                         'categories'             => $categories,
827                         'excerpt'                => $page->post_excerpt,
828                         'text_more'              => $full_page['extended'],
829                         'mt_allow_comments'      => $allow_comments,
830                         'mt_allow_pings'         => $allow_pings,
831                         'wp_slug'                => $page->post_name,
832                         'wp_password'            => $page->post_password,
833                         'wp_author'              => $author->display_name,
834                         'wp_page_parent_id'      => $page->post_parent,
835                         'wp_page_parent_title'   => $parent_title,
836                         'wp_page_order'          => $page->menu_order,
837                         'wp_author_id'           => (string) $author->ID,
838                         'wp_author_display_name' => $author->display_name,
839                         'date_created_gmt'       => $page_date_gmt,
840                         'custom_fields'          => $this->get_custom_fields( $page->ID ),
841                         'wp_page_template'       => $page_template
842                 );
843
844                 return apply_filters( 'xmlrpc_prepare_page', $_page, $page );
845         }
846
847         /**
848          * Prepares comment data for return in an XML-RPC object.
849          *
850          * @access protected
851          *
852          * @param object $comment The unprepared comment data
853          * @return array The prepared comment data
854          */
855         protected function _prepare_comment( $comment ) {
856                 // Format page date.
857                 $comment_date = $this->_convert_date( $comment->comment_date );
858                 $comment_date_gmt = $this->_convert_date_gmt( $comment->comment_date_gmt, $comment->comment_date );
859
860                 if ( '0' == $comment->comment_approved )
861                         $comment_status = 'hold';
862                 else if ( 'spam' == $comment->comment_approved )
863                         $comment_status = 'spam';
864                 else if ( '1' == $comment->comment_approved )
865                         $comment_status = 'approve';
866                 else
867                         $comment_status = $comment->comment_approved;
868
869                 $_comment = array(
870                         'date_created_gmt' => $comment_date_gmt,
871                         'user_id'          => $comment->user_id,
872                         'comment_id'       => $comment->comment_ID,
873                         'parent'           => $comment->comment_parent,
874                         'status'           => $comment_status,
875                         'content'          => $comment->comment_content,
876                         'link'             => get_comment_link($comment),
877                         'post_id'          => $comment->comment_post_ID,
878                         'post_title'       => get_the_title($comment->comment_post_ID),
879                         'author'           => $comment->comment_author,
880                         'author_url'       => $comment->comment_author_url,
881                         'author_email'     => $comment->comment_author_email,
882                         'author_ip'        => $comment->comment_author_IP,
883                         'type'             => $comment->comment_type,
884                 );
885
886                 return apply_filters( 'xmlrpc_prepare_comment', $_comment, $comment );
887         }
888
889         /**
890          * Prepares user data for return in an XML-RPC object.
891          *
892          * @access protected
893          *
894          * @param WP_User $user The unprepared user object
895          * @param array $fields The subset of user fields to return
896          * @return array The prepared user data
897          */
898         protected function _prepare_user( $user, $fields ) {
899                 $_user = array( 'user_id' => strval( $user->ID ) );
900
901                 $user_fields = array(
902                         'username'          => $user->user_login,
903                         'first_name'        => $user->user_firstname,
904                         'last_name'         => $user->user_lastname,
905                         'registered'        => $this->_convert_date( $user->user_registered ),
906                         'bio'               => $user->user_description,
907                         'email'             => $user->user_email,
908                         'nickname'          => $user->nickname,
909                         'nicename'          => $user->user_nicename,
910                         'url'               => $user->user_url,
911                         'display_name'      => $user->display_name,
912                         'roles'             => $user->roles,
913                 );
914
915                 if ( in_array( 'all', $fields ) ) {
916                         $_user = array_merge( $_user, $user_fields );
917                 } else {
918                         if ( in_array( 'basic', $fields ) ) {
919                                 $basic_fields = array( 'username', 'email', 'registered', 'display_name', 'nicename' );
920                                 $fields = array_merge( $fields, $basic_fields );
921                         }
922                         $requested_fields = array_intersect_key( $user_fields, array_flip( $fields ) );
923                         $_user = array_merge( $_user, $requested_fields );
924                 }
925
926                 return apply_filters( 'xmlrpc_prepare_user', $_user, $user, $fields );
927         }
928
929         /**
930          * Create a new post for any registered post type.
931          *
932          * @since 3.4.0
933          *
934          * @param array $args Method parameters. Contains:
935          *  - int     $blog_id
936          *  - string  $username
937          *  - string  $password
938          *  - array   $content_struct
939          *      $content_struct can contain:
940          *      - post_type (default: 'post')
941          *      - post_status (default: 'draft')
942          *      - post_title
943          *      - post_author
944          *      - post_excerpt
945          *      - post_content
946          *      - post_date_gmt | post_date
947          *      - post_format
948          *      - post_password
949          *      - comment_status - can be 'open' | 'closed'
950          *      - ping_status - can be 'open' | 'closed'
951          *      - sticky
952          *      - post_thumbnail - ID of a media item to use as the post thumbnail/featured image
953          *      - custom_fields - array, with each element containing 'key' and 'value'
954          *      - terms - array, with taxonomy names as keys and arrays of term IDs as values
955          *      - terms_names - array, with taxonomy names as keys and arrays of term names as values
956          *      - enclosure
957          *      - any other fields supported by wp_insert_post()
958          * @return string post_id
959          */
960         function wp_newPost( $args ) {
961                 if ( ! $this->minimum_args( $args, 4 ) )
962                         return $this->error;
963
964                 $this->escape( $args );
965
966                 $blog_id        = (int) $args[0];
967                 $username       = $args[1];
968                 $password       = $args[2];
969                 $content_struct = $args[3];
970
971                 if ( ! $user = $this->login( $username, $password ) )
972                         return $this->error;
973
974                 do_action( 'xmlrpc_call', 'wp.newPost' );
975
976                 unset( $content_struct['ID'] );
977
978                 return $this->_insert_post( $user, $content_struct );
979         }
980
981         /**
982          * Helper method for filtering out elements from an array.
983          *
984          * @since 3.4.0
985          *
986          * @param int $count Number to compare to one.
987          */
988         private function _is_greater_than_one( $count ) {
989                 return $count > 1;
990         }
991
992         /**
993          * Helper method for wp_newPost and wp_editPost, containing shared logic.
994          *
995          * @since 3.4.0
996          * @uses wp_insert_post()
997          *
998          * @param WP_User $user The post author if post_author isn't set in $content_struct.
999          * @param array $content_struct Post data to insert.
1000          */
1001         protected function _insert_post( $user, $content_struct ) {
1002                 $defaults = array( 'post_status' => 'draft', 'post_type' => 'post', 'post_author' => 0,
1003                         'post_password' => '', 'post_excerpt' => '', 'post_content' => '', 'post_title' => '' );
1004
1005                 $post_data = wp_parse_args( $content_struct, $defaults );
1006
1007                 $post_type = get_post_type_object( $post_data['post_type'] );
1008                 if ( ! $post_type )
1009                         return new IXR_Error( 403, __( 'Invalid post type' ) );
1010
1011                 $update = ! empty( $post_data['ID'] );
1012
1013                 if ( $update ) {
1014                         if ( ! get_post( $post_data['ID'] ) )
1015                                 return new IXR_Error( 401, __( 'Invalid post ID.' ) );
1016                         if ( ! current_user_can( 'edit_post', $post_data['ID'] ) )
1017                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) );
1018                         if ( $post_data['post_type'] != get_post_type( $post_data['ID'] ) )
1019                                 return new IXR_Error( 401, __( 'The post type may not be changed.' ) );
1020                 } else {
1021                         if ( ! current_user_can( $post_type->cap->create_posts ) || ! current_user_can( $post_type->cap->edit_posts ) )
1022                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to post on this site.' ) );
1023                 }
1024
1025                 switch ( $post_data['post_status'] ) {
1026                         case 'draft':
1027                         case 'pending':
1028                                 break;
1029                         case 'private':
1030                                 if ( ! current_user_can( $post_type->cap->publish_posts ) )
1031                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to create private posts in this post type' ) );
1032                                 break;
1033                         case 'publish':
1034                         case 'future':
1035                                 if ( ! current_user_can( $post_type->cap->publish_posts ) )
1036                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts in this post type' ) );
1037                                 break;
1038                         default:
1039                                 if ( ! get_post_status_object( $post_data['post_status'] ) )
1040                                         $post_data['post_status'] = 'draft';
1041                         break;
1042                 }
1043
1044                 if ( ! empty( $post_data['post_password'] ) && ! current_user_can( $post_type->cap->publish_posts ) )
1045                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to create password protected posts in this post type' ) );
1046
1047                 $post_data['post_author'] = absint( $post_data['post_author'] );
1048                 if ( ! empty( $post_data['post_author'] ) && $post_data['post_author'] != $user->ID ) {
1049                         if ( ! current_user_can( $post_type->cap->edit_others_posts ) )
1050                                 return new IXR_Error( 401, __( 'You are not allowed to create posts as this user.' ) );
1051
1052                         $author = get_userdata( $post_data['post_author'] );
1053
1054                         if ( ! $author )
1055                                 return new IXR_Error( 404, __( 'Invalid author ID.' ) );
1056                 } else {
1057                         $post_data['post_author'] = $user->ID;
1058                 }
1059
1060                 if ( isset( $post_data['comment_status'] ) && $post_data['comment_status'] != 'open' && $post_data['comment_status'] != 'closed' )
1061                         unset( $post_data['comment_status'] );
1062
1063                 if ( isset( $post_data['ping_status'] ) && $post_data['ping_status'] != 'open' && $post_data['ping_status'] != 'closed' )
1064                         unset( $post_data['ping_status'] );
1065
1066                 // Do some timestamp voodoo
1067                 if ( ! empty( $post_data['post_date_gmt'] ) ) {
1068                         // We know this is supposed to be GMT, so we're going to slap that Z on there by force
1069                         $dateCreated = rtrim( $post_data['post_date_gmt']->getIso(), 'Z' ) . 'Z';
1070                 } elseif ( ! empty( $post_data['post_date'] ) ) {
1071                         $dateCreated = $post_data['post_date']->getIso();
1072                 }
1073
1074                 if ( ! empty( $dateCreated ) ) {
1075                         $post_data['post_date'] = get_date_from_gmt( iso8601_to_datetime( $dateCreated ) );
1076                         $post_data['post_date_gmt'] = iso8601_to_datetime( $dateCreated, 'GMT' );
1077                 }
1078
1079                 if ( ! isset( $post_data['ID'] ) )
1080                         $post_data['ID'] = get_default_post_to_edit( $post_data['post_type'], true )->ID;
1081                 $post_ID = $post_data['ID'];
1082
1083                 if ( $post_data['post_type'] == 'post' ) {
1084                         // Private and password-protected posts cannot be stickied.
1085                         if ( $post_data['post_status'] == 'private' || ! empty( $post_data['post_password'] ) ) {
1086                                 // Error if the client tried to stick the post, otherwise, silently unstick.
1087                                 if ( ! empty( $post_data['sticky'] ) )
1088                                         return new IXR_Error( 401, __( 'Sorry, you cannot stick a private post.' ) );
1089                                 if ( $update )
1090                                         unstick_post( $post_ID );
1091                         } elseif ( isset( $post_data['sticky'] ) )  {
1092                                 if ( ! current_user_can( $post_type->cap->edit_others_posts ) )
1093                                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to stick this post.' ) );
1094                                 if ( $post_data['sticky'] )
1095                                         stick_post( $post_ID );
1096                                 else
1097                                         unstick_post( $post_ID );
1098                         }
1099                 }
1100
1101                 if ( isset( $post_data['post_thumbnail'] ) ) {
1102                         // empty value deletes, non-empty value adds/updates
1103                         if ( ! $post_data['post_thumbnail'] )
1104                                 delete_post_thumbnail( $post_ID );
1105                         elseif ( ! get_post( absint( $post_data['post_thumbnail'] ) ) )
1106                                 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) );
1107                         set_post_thumbnail( $post_ID, $post_data['post_thumbnail'] );
1108                         unset( $content_struct['post_thumbnail'] );
1109                 }
1110
1111                 if ( isset( $post_data['custom_fields'] ) )
1112                         $this->set_custom_fields( $post_ID, $post_data['custom_fields'] );
1113
1114                 if ( isset( $post_data['terms'] ) || isset( $post_data['terms_names'] ) ) {
1115                         $post_type_taxonomies = get_object_taxonomies( $post_data['post_type'], 'objects' );
1116
1117                         // accumulate term IDs from terms and terms_names
1118                         $terms = array();
1119
1120                         // first validate the terms specified by ID
1121                         if ( isset( $post_data['terms'] ) && is_array( $post_data['terms'] ) ) {
1122                                 $taxonomies = array_keys( $post_data['terms'] );
1123
1124                                 // validating term ids
1125                                 foreach ( $taxonomies as $taxonomy ) {
1126                                         if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )
1127                                                 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) );
1128
1129                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) )
1130                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) );
1131
1132                                         $term_ids = $post_data['terms'][$taxonomy];
1133                                         foreach ( $term_ids as $term_id ) {
1134                                                 $term = get_term_by( 'id', $term_id, $taxonomy );
1135
1136                                                 if ( ! $term )
1137                                                         return new IXR_Error( 403, __( 'Invalid term ID' ) );
1138
1139                                                 $terms[$taxonomy][] = (int) $term_id;
1140                                         }
1141                                 }
1142                         }
1143
1144                         // now validate terms specified by name
1145                         if ( isset( $post_data['terms_names'] ) && is_array( $post_data['terms_names'] ) ) {
1146                                 $taxonomies = array_keys( $post_data['terms_names'] );
1147
1148                                 foreach ( $taxonomies as $taxonomy ) {
1149                                         if ( ! array_key_exists( $taxonomy , $post_type_taxonomies ) )
1150                                                 return new IXR_Error( 401, __( 'Sorry, one of the given taxonomies is not supported by the post type.' ) );
1151
1152                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->assign_terms ) )
1153                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to assign a term to one of the given taxonomies.' ) );
1154
1155                                         // for hierarchical taxonomies, we can't assign a term when multiple terms in the hierarchy share the same name
1156                                         $ambiguous_terms = array();
1157                                         if ( is_taxonomy_hierarchical( $taxonomy ) ) {
1158                                                 $tax_term_names = get_terms( $taxonomy, array( 'fields' => 'names', 'hide_empty' => false ) );
1159
1160                                                 // count the number of terms with the same name
1161                                                 $tax_term_names_count = array_count_values( $tax_term_names );
1162
1163                                                 // filter out non-ambiguous term names
1164                                                 $ambiguous_tax_term_counts = array_filter( $tax_term_names_count, array( $this, '_is_greater_than_one') );
1165
1166                                                 $ambiguous_terms = array_keys( $ambiguous_tax_term_counts );
1167                                         }
1168
1169                                         $term_names = $post_data['terms_names'][$taxonomy];
1170                                         foreach ( $term_names as $term_name ) {
1171                                                 if ( in_array( $term_name, $ambiguous_terms ) )
1172                                                         return new IXR_Error( 401, __( 'Ambiguous term name used in a hierarchical taxonomy. Please use term ID instead.' ) );
1173
1174                                                 $term = get_term_by( 'name', $term_name, $taxonomy );
1175
1176                                                 if ( ! $term ) {
1177                                                         // term doesn't exist, so check that the user is allowed to create new terms
1178                                                         if ( ! current_user_can( $post_type_taxonomies[$taxonomy]->cap->edit_terms ) )
1179                                                                 return new IXR_Error( 401, __( 'Sorry, you are not allowed to add a term to one of the given taxonomies.' ) );
1180
1181                                                         // create the new term
1182                                                         $term_info = wp_insert_term( $term_name, $taxonomy );
1183                                                         if ( is_wp_error( $term_info ) )
1184                                                                 return new IXR_Error( 500, $term_info->get_error_message() );
1185
1186                                                         $terms[$taxonomy][] = (int) $term_info['term_id'];
1187                                                 } else {
1188                                                         $terms[$taxonomy][] = (int) $term->term_id;
1189                                                 }
1190                                         }
1191                                 }
1192                         }
1193
1194                         $post_data['tax_input'] = $terms;
1195                         unset( $post_data['terms'], $post_data['terms_names'] );
1196                 } else {
1197                         // do not allow direct submission of 'tax_input', clients must use 'terms' and/or 'terms_names'
1198                         unset( $post_data['tax_input'], $post_data['post_category'], $post_data['tags_input'] );
1199                 }
1200
1201                 if ( isset( $post_data['post_format'] ) ) {
1202                         $format = set_post_format( $post_ID, $post_data['post_format'] );
1203
1204                         if ( is_wp_error( $format ) )
1205                                 return new IXR_Error( 500, $format->get_error_message() );
1206
1207                         unset( $post_data['post_format'] );
1208                 }
1209
1210                 // Handle enclosures
1211                 $enclosure = isset( $post_data['enclosure'] ) ? $post_data['enclosure'] : null;
1212                 $this->add_enclosure_if_new( $post_ID, $enclosure );
1213
1214                 $this->attach_uploads( $post_ID, $post_data['post_content'] );
1215
1216                 $post_data = apply_filters( 'xmlrpc_wp_insert_post_data', $post_data, $content_struct );
1217
1218                 $post_ID = $update ? wp_update_post( $post_data, true ) : wp_insert_post( $post_data, true );
1219                 if ( is_wp_error( $post_ID ) )
1220                         return new IXR_Error( 500, $post_ID->get_error_message() );
1221
1222                 if ( ! $post_ID )
1223                         return new IXR_Error( 401, __( 'Sorry, your entry could not be posted. Something wrong happened.' ) );
1224
1225                 return strval( $post_ID );
1226         }
1227
1228         /**
1229          * Edit a post for any registered post type.
1230          *
1231          * The $content_struct parameter only needs to contain fields that
1232          * should be changed. All other fields will retain their existing values.
1233          *
1234          * @since 3.4.0
1235          *
1236          * @param array $args Method parameters. Contains:
1237          *  - int     $blog_id
1238          *  - string  $username
1239          *  - string  $password
1240          *  - int     $post_id
1241          *  - array   $content_struct
1242          * @return true on success
1243          */
1244         function wp_editPost( $args ) {
1245                 if ( ! $this->minimum_args( $args, 5 ) )
1246                         return $this->error;
1247
1248                 $this->escape( $args );
1249
1250                 $blog_id        = (int) $args[0];
1251                 $username       = $args[1];
1252                 $password       = $args[2];
1253                 $post_id        = (int) $args[3];
1254                 $content_struct = $args[4];
1255
1256                 if ( ! $user = $this->login( $username, $password ) )
1257                         return $this->error;
1258
1259                 do_action( 'xmlrpc_call', 'wp.editPost' );
1260
1261                 $post = get_post( $post_id, ARRAY_A );
1262
1263                 if ( empty( $post['ID'] ) )
1264                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1265
1266                 if ( isset( $content_struct['if_not_modified_since'] ) ) {
1267                         // If the post has been modified since the date provided, return an error.
1268                         if ( mysql2date( 'U', $post['post_modified_gmt'] ) > $content_struct['if_not_modified_since']->getTimestamp() ) {
1269                                 return new IXR_Error( 409, __( 'There is a revision of this post that is more recent.' ) );
1270                         }
1271                 }
1272
1273                 // convert the date field back to IXR form
1274                 $post['post_date'] = $this->_convert_date( $post['post_date'] );
1275
1276                 // ignore the existing GMT date if it is empty or a non-GMT date was supplied in $content_struct,
1277                 // since _insert_post will ignore the non-GMT date if the GMT date is set
1278                 if ( $post['post_date_gmt'] == '0000-00-00 00:00:00' || isset( $content_struct['post_date'] ) )
1279                         unset( $post['post_date_gmt'] );
1280                 else
1281                         $post['post_date_gmt'] = $this->_convert_date( $post['post_date_gmt'] );
1282
1283                 $this->escape( $post );
1284                 $merged_content_struct = array_merge( $post, $content_struct );
1285
1286                 $retval = $this->_insert_post( $user, $merged_content_struct );
1287                 if ( $retval instanceof IXR_Error )
1288                         return $retval;
1289
1290                 return true;
1291         }
1292
1293         /**
1294          * Delete a post for any registered post type.
1295          *
1296          * @since 3.4.0
1297          *
1298          * @uses wp_delete_post()
1299          * @param array $args Method parameters. Contains:
1300          *  - int     $blog_id
1301          *  - string  $username
1302          *  - string  $password
1303          *  - int     $post_id
1304          * @return true on success
1305          */
1306         function wp_deletePost( $args ) {
1307                 if ( ! $this->minimum_args( $args, 4 ) )
1308                         return $this->error;
1309
1310                 $this->escape( $args );
1311
1312                 $blog_id    = (int) $args[0];
1313                 $username   = $args[1];
1314                 $password   = $args[2];
1315                 $post_id    = (int) $args[3];
1316
1317                 if ( ! $user = $this->login( $username, $password ) )
1318                         return $this->error;
1319
1320                 do_action( 'xmlrpc_call', 'wp.deletePost' );
1321
1322                 $post = get_post( $post_id, ARRAY_A );
1323                 if ( empty( $post['ID'] ) )
1324                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1325
1326                 if ( ! current_user_can( 'delete_post', $post_id ) )
1327                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to delete this post.' ) );
1328
1329                 $result = wp_delete_post( $post_id );
1330
1331                 if ( ! $result )
1332                         return new IXR_Error( 500, __( 'The post cannot be deleted.' ) );
1333
1334                 return true;
1335         }
1336
1337         /**
1338          * Retrieve a post.
1339          *
1340          * @since 3.4.0
1341          *
1342          * The optional $fields parameter specifies what fields will be included
1343          * in the response array. This should be a list of field names. 'post_id' will
1344          * always be included in the response regardless of the value of $fields.
1345          *
1346          * Instead of, or in addition to, individual field names, conceptual group
1347          * names can be used to specify multiple fields. The available conceptual
1348          * groups are 'post' (all basic fields), 'taxonomies', 'custom_fields',
1349          * and 'enclosure'.
1350          *
1351          * @uses get_post()
1352          * @param array $args Method parameters. Contains:
1353          *  - int     $post_id
1354          *  - string  $username
1355          *  - string  $password
1356          *  - array   $fields optional
1357          * @return array contains (based on $fields parameter):
1358          *  - 'post_id'
1359          *  - 'post_title'
1360          *  - 'post_date'
1361          *  - 'post_date_gmt'
1362          *  - 'post_modified'
1363          *  - 'post_modified_gmt'
1364          *  - 'post_status'
1365          *  - 'post_type'
1366          *  - 'post_name'
1367          *  - 'post_author'
1368          *  - 'post_password'
1369          *  - 'post_excerpt'
1370          *  - 'post_content'
1371          *  - 'link'
1372          *  - 'comment_status'
1373          *  - 'ping_status'
1374          *  - 'sticky'
1375          *  - 'custom_fields'
1376          *  - 'terms'
1377          *  - 'categories'
1378          *  - 'tags'
1379          *  - 'enclosure'
1380          */
1381         function wp_getPost( $args ) {
1382                 if ( ! $this->minimum_args( $args, 4 ) )
1383                         return $this->error;
1384
1385                 $this->escape( $args );
1386
1387                 $blog_id            = (int) $args[0];
1388                 $username           = $args[1];
1389                 $password           = $args[2];
1390                 $post_id            = (int) $args[3];
1391
1392                 if ( isset( $args[4] ) )
1393                         $fields = $args[4];
1394                 else
1395                         $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPost' );
1396
1397                 if ( ! $user = $this->login( $username, $password ) )
1398                         return $this->error;
1399
1400                 do_action( 'xmlrpc_call', 'wp.getPost' );
1401
1402                 $post = get_post( $post_id, ARRAY_A );
1403
1404                 if ( empty( $post['ID'] ) )
1405                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
1406
1407                 if ( ! current_user_can( 'edit_post', $post_id ) )
1408                         return new IXR_Error( 401, __( 'Sorry, you cannot edit this post.' ) );
1409
1410                 return $this->_prepare_post( $post, $fields );
1411         }
1412
1413         /**
1414          * Retrieve posts.
1415          *
1416          * @since 3.4.0
1417          *
1418          * The optional $filter parameter modifies the query used to retrieve posts.
1419          * Accepted keys are 'post_type', 'post_status', 'number', 'offset',
1420          * 'orderby', and 'order'.
1421          *
1422          * The optional $fields parameter specifies what fields will be included
1423          * in the response array.
1424          *
1425          * @uses wp_get_recent_posts()
1426          * @see wp_getPost() for more on $fields
1427          * @see get_posts() for more on $filter values
1428          *
1429          * @param array $args Method parameters. Contains:
1430          *  - int     $blog_id
1431          *  - string  $username
1432          *  - string  $password
1433          *  - array   $filter optional
1434          *  - array   $fields optional
1435          * @return array contains a collection of posts.
1436          */
1437         function wp_getPosts( $args ) {
1438                 if ( ! $this->minimum_args( $args, 3 ) )
1439                         return $this->error;
1440
1441                 $this->escape( $args );
1442
1443                 $blog_id    = (int) $args[0];
1444                 $username   = $args[1];
1445                 $password   = $args[2];
1446                 $filter     = isset( $args[3] ) ? $args[3] : array();
1447
1448                 if ( isset( $args[4] ) )
1449                         $fields = $args[4];
1450                 else
1451                         $fields = apply_filters( 'xmlrpc_default_post_fields', array( 'post', 'terms', 'custom_fields' ), 'wp.getPosts' );
1452
1453                 if ( ! $user = $this->login( $username, $password ) )
1454                         return $this->error;
1455
1456                 do_action( 'xmlrpc_call', 'wp.getPosts' );
1457
1458                 $query = array();
1459
1460                 if ( isset( $filter['post_type'] ) ) {
1461                         $post_type = get_post_type_object( $filter['post_type'] );
1462                         if ( ! ( (bool) $post_type ) )
1463                                 return new IXR_Error( 403, __( 'The post type specified is not valid' ) );
1464                 } else {
1465                         $post_type = get_post_type_object( 'post' );
1466                 }
1467
1468                 if ( ! current_user_can( $post_type->cap->edit_posts ) )
1469                         return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit posts in this post type' ));
1470
1471                 $query['post_type'] = $post_type->name;
1472
1473                 if ( isset( $filter['post_status'] ) )
1474                         $query['post_status'] = $filter['post_status'];
1475
1476                 if ( isset( $filter['number'] ) )
1477                         $query['numberposts'] = absint( $filter['number'] );
1478
1479                 if ( isset( $filter['offset'] ) )
1480                         $query['offset'] = absint( $filter['offset'] );
1481
1482                 if ( isset( $filter['orderby'] ) ) {
1483                         $query['orderby'] = $filter['orderby'];
1484
1485                         if ( isset( $filter['order'] ) )
1486                                 $query['order'] = $filter['order'];
1487                 }
1488
1489                 if ( isset( $filter['s'] ) ) {
1490                         $query['s'] = $filter['s'];
1491                 }
1492
1493                 $posts_list = wp_get_recent_posts( $query );
1494
1495                 if ( ! $posts_list )
1496                         return array();
1497
1498                 // holds all the posts data
1499                 $struct = array();
1500
1501                 foreach ( $posts_list as $post ) {
1502                         if ( ! current_user_can( 'edit_post', $post['ID'] ) )
1503                                 continue;
1504
1505                         $struct[] = $this->_prepare_post( $post, $fields );
1506                 }
1507
1508                 return $struct;
1509         }
1510
1511         /**
1512          * Create a new term.
1513          *
1514          * @since 3.4.0
1515          *
1516          * @uses wp_insert_term()
1517          * @param array $args Method parameters. Contains:
1518          *  - int     $blog_id
1519          *  - string  $username
1520          *  - string  $password
1521          *  - array   $content_struct
1522          *      The $content_struct must contain:
1523          *      - 'name'
1524          *      - 'taxonomy'
1525          *      Also, it can optionally contain:
1526          *      - 'parent'
1527          *      - 'description'
1528          *      - 'slug'
1529          * @return string term_id
1530          */
1531         function wp_newTerm( $args ) {
1532                 if ( ! $this->minimum_args( $args, 4 ) )
1533                         return $this->error;
1534
1535                 $this->escape( $args );
1536
1537                 $blog_id            = (int) $args[0];
1538                 $username           = $args[1];
1539                 $password           = $args[2];
1540                 $content_struct     = $args[3];
1541
1542                 if ( ! $user = $this->login( $username, $password ) )
1543                         return $this->error;
1544
1545                 do_action( 'xmlrpc_call', 'wp.newTerm' );
1546
1547                 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) )
1548                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1549
1550                 $taxonomy = get_taxonomy( $content_struct['taxonomy'] );
1551
1552                 if ( ! current_user_can( $taxonomy->cap->manage_terms ) )
1553                         return new IXR_Error( 401, __( 'You are not allowed to create terms in this taxonomy.' ) );
1554
1555                 $taxonomy = (array) $taxonomy;
1556
1557                 // hold the data of the term
1558                 $term_data = array();
1559
1560                 $term_data['name'] = trim( $content_struct['name'] );
1561                 if ( empty( $term_data['name'] ) )
1562                         return new IXR_Error( 403, __( 'The term name cannot be empty.' ) );
1563
1564                 if ( isset( $content_struct['parent'] ) ) {
1565                         if ( ! $taxonomy['hierarchical'] )
1566                                 return new IXR_Error( 403, __( 'This taxonomy is not hierarchical.' ) );
1567
1568                         $parent_term_id = (int) $content_struct['parent'];
1569                         $parent_term = get_term( $parent_term_id , $taxonomy['name'] );
1570
1571                         if ( is_wp_error( $parent_term ) )
1572                                 return new IXR_Error( 500, $parent_term->get_error_message() );
1573
1574                         if ( ! $parent_term )
1575                                 return new IXR_Error( 403, __( 'Parent term does not exist.' ) );
1576
1577                         $term_data['parent'] = $content_struct['parent'];
1578                 }
1579
1580                 if ( isset( $content_struct['description'] ) )
1581                         $term_data['description'] = $content_struct['description'];
1582
1583                 if ( isset( $content_struct['slug'] ) )
1584                         $term_data['slug'] = $content_struct['slug'];
1585
1586                 $term = wp_insert_term( $term_data['name'] , $taxonomy['name'] , $term_data );
1587
1588                 if ( is_wp_error( $term ) )
1589                         return new IXR_Error( 500, $term->get_error_message() );
1590
1591                 if ( ! $term )
1592                         return new IXR_Error( 500, __( 'Sorry, your term could not be created. Something wrong happened.' ) );
1593
1594                 return strval( $term['term_id'] );
1595         }
1596
1597         /**
1598          * Edit a term.
1599          *
1600          * @since 3.4.0
1601          *
1602          * @uses wp_update_term()
1603          * @param array $args Method parameters. Contains:
1604          *  - int     $blog_id
1605          *  - string  $username
1606          *  - string  $password
1607          *  - string  $term_id
1608          *  - array   $content_struct
1609          *      The $content_struct must contain:
1610          *      - 'taxonomy'
1611          *      Also, it can optionally contain:
1612          *      - 'name'
1613          *      - 'parent'
1614          *      - 'description'
1615          *      - 'slug'
1616          * @return bool True, on success.
1617          */
1618         function wp_editTerm( $args ) {
1619                 if ( ! $this->minimum_args( $args, 5 ) )
1620                         return $this->error;
1621
1622                 $this->escape( $args );
1623
1624                 $blog_id            = (int) $args[0];
1625                 $username           = $args[1];
1626                 $password           = $args[2];
1627                 $term_id            = (int) $args[3];
1628                 $content_struct     = $args[4];
1629
1630                 if ( ! $user = $this->login( $username, $password ) )
1631                         return $this->error;
1632
1633                 do_action( 'xmlrpc_call', 'wp.editTerm' );
1634
1635                 if ( ! taxonomy_exists( $content_struct['taxonomy'] ) )
1636                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1637
1638                 $taxonomy = get_taxonomy( $content_struct['taxonomy'] );
1639
1640                 if ( ! current_user_can( $taxonomy->cap->edit_terms ) )
1641                         return new IXR_Error( 401, __( 'You are not allowed to edit terms in this taxonomy.' ) );
1642
1643                 $taxonomy = (array) $taxonomy;
1644
1645                 // hold the data of the term
1646                 $term_data = array();
1647
1648                 $term = get_term( $term_id , $content_struct['taxonomy'] );
1649
1650                 if ( is_wp_error( $term ) )
1651                         return new IXR_Error( 500, $term->get_error_message() );
1652
1653                 if ( ! $term )
1654                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1655
1656                 if ( isset( $content_struct['name'] ) ) {
1657                         $term_data['name'] = trim( $content_struct['name'] );
1658
1659                         if ( empty( $term_data['name'] ) )
1660                                 return new IXR_Error( 403, __( 'The term name cannot be empty.' ) );
1661                 }
1662
1663                 if ( isset( $content_struct['parent'] ) ) {
1664                         if ( ! $taxonomy['hierarchical'] )
1665                                 return new IXR_Error( 403, __( "This taxonomy is not hierarchical so you can't set a parent." ) );
1666
1667                         $parent_term_id = (int) $content_struct['parent'];
1668                         $parent_term = get_term( $parent_term_id , $taxonomy['name'] );
1669
1670                         if ( is_wp_error( $parent_term ) )
1671                                 return new IXR_Error( 500, $parent_term->get_error_message() );
1672
1673                         if ( ! $parent_term )
1674                                 return new IXR_Error( 403, __( 'Parent term does not exist.' ) );
1675
1676                         $term_data['parent'] = $content_struct['parent'];
1677                 }
1678
1679                 if ( isset( $content_struct['description'] ) )
1680                         $term_data['description'] = $content_struct['description'];
1681
1682                 if ( isset( $content_struct['slug'] ) )
1683                         $term_data['slug'] = $content_struct['slug'];
1684
1685                 $term = wp_update_term( $term_id , $taxonomy['name'] , $term_data );
1686
1687                 if ( is_wp_error( $term ) )
1688                         return new IXR_Error( 500, $term->get_error_message() );
1689
1690                 if ( ! $term )
1691                         return new IXR_Error( 500, __( 'Sorry, editing the term failed.' ) );
1692
1693                 return true;
1694         }
1695
1696         /**
1697          * Delete a term.
1698          *
1699          * @since 3.4.0
1700          *
1701          * @uses wp_delete_term()
1702          * @param array $args Method parameters. Contains:
1703          *  - int     $blog_id
1704          *  - string  $username
1705          *  - string  $password
1706          *  - string  $taxnomy_name
1707          *  - string     $term_id
1708          * @return boolean|IXR_Error If it suceeded true else a reason why not
1709          */
1710         function wp_deleteTerm( $args ) {
1711                 if ( ! $this->minimum_args( $args, 5 ) )
1712                         return $this->error;
1713
1714                 $this->escape( $args );
1715
1716                 $blog_id            = (int) $args[0];
1717                 $username           = $args[1];
1718                 $password           = $args[2];
1719                 $taxonomy           = $args[3];
1720                 $term_id            = (int) $args[4];
1721
1722                 if ( ! $user = $this->login( $username, $password ) )
1723                         return $this->error;
1724
1725                 do_action( 'xmlrpc_call', 'wp.deleteTerm' );
1726
1727                 if ( ! taxonomy_exists( $taxonomy ) )
1728                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1729
1730                 $taxonomy = get_taxonomy( $taxonomy );
1731
1732                 if ( ! current_user_can( $taxonomy->cap->delete_terms ) )
1733                         return new IXR_Error( 401, __( 'You are not allowed to delete terms in this taxonomy.' ) );
1734
1735                 $term = get_term( $term_id, $taxonomy->name );
1736
1737                 if ( is_wp_error( $term ) )
1738                         return new IXR_Error( 500, $term->get_error_message() );
1739
1740                 if ( ! $term )
1741                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1742
1743                 $result = wp_delete_term( $term_id, $taxonomy->name );
1744
1745                 if ( is_wp_error( $result ) )
1746                         return new IXR_Error( 500, $term->get_error_message() );
1747
1748                 if ( ! $result )
1749                         return new IXR_Error( 500, __( 'Sorry, deleting the term failed.' ) );
1750
1751                 return $result;
1752         }
1753
1754         /**
1755          * Retrieve a term.
1756          *
1757          * @since 3.4.0
1758          *
1759          * @uses get_term()
1760          * @param array $args Method parameters. Contains:
1761          *  - int     $blog_id
1762          *  - string  $username
1763          *  - string  $password
1764          *  - string  $taxonomy
1765          *  - string  $term_id
1766          * @return array contains:
1767          *  - 'term_id'
1768          *  - 'name'
1769          *  - 'slug'
1770          *  - 'term_group'
1771          *  - 'term_taxonomy_id'
1772          *  - 'taxonomy'
1773          *  - 'description'
1774          *  - 'parent'
1775          *  - 'count'
1776          */
1777         function wp_getTerm( $args ) {
1778                 if ( ! $this->minimum_args( $args, 5 ) )
1779                         return $this->error;
1780
1781                 $this->escape( $args );
1782
1783                 $blog_id            = (int) $args[0];
1784                 $username           = $args[1];
1785                 $password           = $args[2];
1786                 $taxonomy           = $args[3];
1787                 $term_id            = (int) $args[4];
1788
1789                 if ( ! $user = $this->login( $username, $password ) )
1790                         return $this->error;
1791
1792                 do_action( 'xmlrpc_call', 'wp.getTerm' );
1793
1794                 if ( ! taxonomy_exists( $taxonomy ) )
1795                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1796
1797                 $taxonomy = get_taxonomy( $taxonomy );
1798
1799                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1800                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1801
1802                 $term = get_term( $term_id , $taxonomy->name, ARRAY_A );
1803
1804                 if ( is_wp_error( $term ) )
1805                         return new IXR_Error( 500, $term->get_error_message() );
1806
1807                 if ( ! $term )
1808                         return new IXR_Error( 404, __( 'Invalid term ID' ) );
1809
1810                 return $this->_prepare_term( $term );
1811         }
1812
1813         /**
1814          * Retrieve all terms for a taxonomy.
1815          *
1816          * @since 3.4.0
1817          *
1818          * The optional $filter parameter modifies the query used to retrieve terms.
1819          * Accepted keys are 'number', 'offset', 'orderby', 'order', 'hide_empty', and 'search'.
1820          *
1821          * @uses get_terms()
1822          * @param array $args Method parameters. Contains:
1823          *  - int     $blog_id
1824          *  - string  $username
1825          *  - string  $password
1826          *  - string  $taxonomy
1827          *  - array   $filter optional
1828          * @return array terms
1829          */
1830         function wp_getTerms( $args ) {
1831                 if ( ! $this->minimum_args( $args, 4 ) )
1832                         return $this->error;
1833
1834                 $this->escape( $args );
1835
1836                 $blog_id        = (int) $args[0];
1837                 $username       = $args[1];
1838                 $password       = $args[2];
1839                 $taxonomy       = $args[3];
1840                 $filter         = isset( $args[4] ) ? $args[4] : array();
1841
1842                 if ( ! $user = $this->login( $username, $password ) )
1843                         return $this->error;
1844
1845                 do_action( 'xmlrpc_call', 'wp.getTerms' );
1846
1847                 if ( ! taxonomy_exists( $taxonomy ) )
1848                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1849
1850                 $taxonomy = get_taxonomy( $taxonomy );
1851
1852                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1853                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1854
1855                 $query = array();
1856
1857                 if ( isset( $filter['number'] ) )
1858                         $query['number'] = absint( $filter['number'] );
1859
1860                 if ( isset( $filter['offset'] ) )
1861                         $query['offset'] = absint( $filter['offset'] );
1862
1863                 if ( isset( $filter['orderby'] ) ) {
1864                         $query['orderby'] = $filter['orderby'];
1865
1866                         if ( isset( $filter['order'] ) )
1867                                 $query['order'] = $filter['order'];
1868                 }
1869
1870                 if ( isset( $filter['hide_empty'] ) )
1871                         $query['hide_empty'] = $filter['hide_empty'];
1872                 else
1873                         $query['get'] = 'all';
1874
1875                 if ( isset( $filter['search'] ) )
1876                         $query['search'] = $filter['search'];
1877
1878                 $terms = get_terms( $taxonomy->name, $query );
1879
1880                 if ( is_wp_error( $terms ) )
1881                         return new IXR_Error( 500, $terms->get_error_message() );
1882
1883                 $struct = array();
1884
1885                 foreach ( $terms as $term ) {
1886                         $struct[] = $this->_prepare_term( $term );
1887                 }
1888
1889                 return $struct;
1890         }
1891
1892         /**
1893          * Retrieve a taxonomy.
1894          *
1895          * @since 3.4.0
1896          *
1897          * @uses get_taxonomy()
1898          * @param array $args Method parameters. Contains:
1899          *  - int     $blog_id
1900          *  - string  $username
1901          *  - string  $password
1902          *  - string  $taxonomy
1903          * @return array (@see get_taxonomy())
1904          */
1905         function wp_getTaxonomy( $args ) {
1906                 if ( ! $this->minimum_args( $args, 4 ) )
1907                         return $this->error;
1908
1909                 $this->escape( $args );
1910
1911                 $blog_id        = (int) $args[0];
1912                 $username       = $args[1];
1913                 $password       = $args[2];
1914                 $taxonomy       = $args[3];
1915
1916                 if ( isset( $args[4] ) )
1917                         $fields = $args[4];
1918                 else
1919                         $fields = apply_filters( 'xmlrpc_default_taxonomy_fields', array( 'labels', 'cap', 'object_type' ), 'wp.getTaxonomy' );
1920
1921                 if ( ! $user = $this->login( $username, $password ) )
1922                         return $this->error;
1923
1924                 do_action( 'xmlrpc_call', 'wp.getTaxonomy' );
1925
1926                 if ( ! taxonomy_exists( $taxonomy ) )
1927                         return new IXR_Error( 403, __( 'Invalid taxonomy' ) );
1928
1929                 $taxonomy = get_taxonomy( $taxonomy );
1930
1931                 if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1932                         return new IXR_Error( 401, __( 'You are not allowed to assign terms in this taxonomy.' ) );
1933
1934                 return $this->_prepare_taxonomy( $taxonomy, $fields );
1935         }
1936
1937         /**
1938          * Retrieve all taxonomies.
1939          *
1940          * @since 3.4.0
1941          *
1942          * @uses get_taxonomies()
1943          * @param array $args Method parameters. Contains:
1944          *  - int     $blog_id
1945          *  - string  $username
1946          *  - string  $password
1947          * @return array taxonomies
1948          */
1949         function wp_getTaxonomies( $args ) {
1950                 if ( ! $this->minimum_args( $args, 3 ) )
1951                         return $this->error;
1952
1953                 $this->escape( $args );
1954
1955                 $blog_id            = (int) $args[0];
1956                 $username           = $args[1];
1957                 $password           = $args[2];
1958                 $filter             = isset( $args[3] ) ? $args[3] : array( 'public' => true );
1959
1960                 if ( isset( $args[4] ) )
1961                         $fields = $args[4];
1962                 else
1963                         $fields = apply_filters( 'xmlrpc_default_taxonomy_fields', array( 'labels', 'cap', 'object_type' ), 'wp.getTaxonomies' );
1964
1965                 if ( ! $user = $this->login( $username, $password ) )
1966                         return $this->error;
1967
1968                 do_action( 'xmlrpc_call', 'wp.getTaxonomies' );
1969
1970                 $taxonomies = get_taxonomies( $filter, 'objects' );
1971
1972                 // holds all the taxonomy data
1973                 $struct = array();
1974
1975                 foreach ( $taxonomies as $taxonomy ) {
1976                         // capability check for post_types
1977                         if ( ! current_user_can( $taxonomy->cap->assign_terms ) )
1978                                 continue;
1979
1980                         $struct[] = $this->_prepare_taxonomy( $taxonomy, $fields );
1981                 }
1982
1983                 return $struct;
1984         }
1985
1986         /**
1987          * Retrieve a user.
1988          *
1989          * The optional $fields parameter specifies what fields will be included
1990          * in the response array. This should be a list of field names. 'user_id' will
1991          * always be included in the response regardless of the value of $fields.
1992          *
1993          * Instead of, or in addition to, individual field names, conceptual group
1994          * names can be used to specify multiple fields. The available conceptual
1995          * groups are 'basic' and 'all'.
1996          *
1997          * @uses get_userdata()
1998          * @param array $args Method parameters. Contains:
1999          *  - int     $blog_id
2000          *  - string  $username
2001          *  - string  $password
2002          *  - int     $user_id
2003          *  - array   $fields optional
2004          * @return array contains (based on $fields parameter):
2005          *  - 'user_id'
2006          *  - 'username'
2007          *  - 'first_name'
2008          *  - 'last_name'
2009          *  - 'registered'
2010          *  - 'bio'
2011          *  - 'email'
2012          *  - 'nickname'
2013          *  - 'nicename'
2014          *  - 'url'
2015          *  - 'display_name'
2016          *  - 'roles'
2017          */
2018         function wp_getUser( $args ) {
2019                 if ( ! $this->minimum_args( $args, 4 ) )
2020                         return $this->error;
2021
2022                 $this->escape( $args );
2023
2024                 $blog_id    = (int) $args[0];
2025                 $username   = $args[1];
2026                 $password   = $args[2];
2027                 $user_id    = (int) $args[3];
2028
2029                 if ( isset( $args[4] ) )
2030                         $fields = $args[4];
2031                 else
2032                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getUser' );
2033
2034                 if ( ! $user = $this->login( $username, $password ) )
2035                         return $this->error;
2036
2037                 do_action( 'xmlrpc_call', 'wp.getUser' );
2038
2039                 if ( ! current_user_can( 'edit_user', $user_id ) )
2040                         return new IXR_Error( 401, __( 'Sorry, you cannot edit users.' ) );
2041
2042                 $user_data = get_userdata( $user_id );
2043
2044                 if ( ! $user_data )
2045                         return new IXR_Error( 404, __( 'Invalid user ID' ) );
2046
2047                 return $this->_prepare_user( $user_data, $fields );
2048         }
2049
2050         /**
2051          * Retrieve users.
2052          *
2053          * The optional $filter parameter modifies the query used to retrieve users.
2054          * Accepted keys are 'number' (default: 50), 'offset' (default: 0), 'role',
2055          * 'who', 'orderby', and 'order'.
2056          *
2057          * The optional $fields parameter specifies what fields will be included
2058          * in the response array.
2059          *
2060          * @uses get_users()
2061          * @see wp_getUser() for more on $fields and return values
2062          *
2063          * @param array $args Method parameters. Contains:
2064          *  - int     $blog_id
2065          *  - string  $username
2066          *  - string  $password
2067          *  - array   $filter optional
2068          *  - array   $fields optional
2069          * @return array users data
2070          */
2071         function wp_getUsers( $args ) {
2072                 if ( ! $this->minimum_args( $args, 3 ) )
2073                         return $this->error;
2074
2075                 $this->escape( $args );
2076
2077                 $blog_id    = (int) $args[0];
2078                 $username   = $args[1];
2079                 $password   = $args[2];
2080                 $filter     = isset( $args[3] ) ? $args[3] : array();
2081
2082                 if ( isset( $args[4] ) )
2083                         $fields = $args[4];
2084                 else
2085                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getUsers' );
2086
2087                 if ( ! $user = $this->login( $username, $password ) )
2088                         return $this->error;
2089
2090                 do_action( 'xmlrpc_call', 'wp.getUsers' );
2091
2092                 if ( ! current_user_can( 'list_users' ) )
2093                         return new IXR_Error( 401, __( 'Sorry, you cannot list users.' ) );
2094
2095                 $query = array( 'fields' => 'all_with_meta' );
2096
2097                 $query['number'] = ( isset( $filter['number'] ) ) ? absint( $filter['number'] ) : 50;
2098                 $query['offset'] = ( isset( $filter['offset'] ) ) ? absint( $filter['offset'] ) : 0;
2099
2100                 if ( isset( $filter['orderby'] ) ) {
2101                         $query['orderby'] = $filter['orderby'];
2102
2103                         if ( isset( $filter['order'] ) )
2104                                 $query['order'] = $filter['order'];
2105                 }
2106
2107                 if ( isset( $filter['role'] ) ) {
2108                         if ( get_role( $filter['role'] ) === null )
2109                                 return new IXR_Error( 403, __( 'The role specified is not valid' ) );
2110
2111                         $query['role'] = $filter['role'];
2112                 }
2113
2114                 if ( isset( $filter['who'] ) ) {
2115                         $query['who'] = $filter['who'];
2116                 }
2117
2118                 $users = get_users( $query );
2119
2120                 $_users = array();
2121                 foreach ( $users as $user_data ) {
2122                         if ( current_user_can( 'edit_user', $user_data->ID ) )
2123                                 $_users[] = $this->_prepare_user( $user_data, $fields );
2124                 }
2125                 return $_users;
2126         }
2127
2128         /**
2129          * Retrieve information about the requesting user.
2130          *
2131          * @uses get_userdata()
2132          * @param array $args Method parameters. Contains:
2133          *  - int     $blog_id
2134          *  - string  $username
2135          *  - string  $password
2136          *  - array   $fields optional
2137          * @return array (@see wp_getUser)
2138          */
2139         function wp_getProfile( $args ) {
2140                 if ( ! $this->minimum_args( $args, 3 ) )
2141                         return $this->error;
2142
2143                 $this->escape( $args );
2144
2145                 $blog_id    = (int) $args[0];
2146                 $username   = $args[1];
2147                 $password   = $args[2];
2148
2149                 if ( isset( $args[3] ) )
2150                         $fields = $args[3];
2151                 else
2152                         $fields = apply_filters( 'xmlrpc_default_user_fields', array( 'all' ), 'wp.getProfile' );
2153
2154                 if ( ! $user = $this->login( $username, $password ) )
2155                         return $this->error;
2156
2157                 do_action( 'xmlrpc_call', 'wp.getProfile' );
2158
2159                 if ( ! current_user_can( 'edit_user', $user->ID ) )
2160                         return new IXR_Error( 401, __( 'Sorry, you cannot edit your profile.' ) );
2161
2162                 $user_data = get_userdata( $user->ID );
2163
2164                 return $this->_prepare_user( $user_data, $fields );
2165         }
2166
2167         /**
2168          * Edit user's profile.
2169          *
2170          * @uses wp_update_user()
2171          * @param array $args Method parameters. Contains:
2172          *  - int     $blog_id
2173          *  - string  $username
2174          *  - string  $password
2175          *  - array   $content_struct
2176          *      It can optionally contain:
2177          *      - 'first_name'
2178          *      - 'last_name'
2179          *      - 'website'
2180          *      - 'display_name'
2181          *      - 'nickname'
2182          *      - 'nicename'
2183          *      - 'bio'
2184          * @return bool True, on success.
2185          */
2186         function wp_editProfile( $args ) {
2187                 if ( ! $this->minimum_args( $args, 4 ) )
2188                         return $this->error;
2189
2190                 $this->escape( $args );
2191
2192                 $blog_id        = (int) $args[0];
2193                 $username       = $args[1];
2194                 $password       = $args[2];
2195                 $content_struct = $args[3];
2196
2197                 if ( ! $user = $this->login( $username, $password ) )
2198                         return $this->error;
2199
2200                 do_action( 'xmlrpc_call', 'wp.editProfile' );
2201
2202                 if ( ! current_user_can( 'edit_user', $user->ID ) )
2203                         return new IXR_Error( 401, __( 'Sorry, you cannot edit your profile.' ) );
2204
2205                 // holds data of the user
2206                 $user_data = array();
2207                 $user_data['ID'] = $user->ID;
2208
2209                 // only set the user details if it was given
2210                 if ( isset( $content_struct['first_name'] ) )
2211                         $user_data['first_name'] = $content_struct['first_name'];
2212
2213                 if ( isset( $content_struct['last_name'] ) )
2214                         $user_data['last_name'] = $content_struct['last_name'];
2215
2216                 if ( isset( $content_struct['url'] ) )
2217                         $user_data['user_url'] = $content_struct['url'];
2218
2219                 if ( isset( $content_struct['display_name'] ) )
2220                         $user_data['display_name'] = $content_struct['display_name'];
2221
2222                 if ( isset( $content_struct['nickname'] ) )
2223                         $user_data['nickname'] = $content_struct['nickname'];
2224
2225                 if ( isset( $content_struct['nicename'] ) )
2226                         $user_data['user_nicename'] = $content_struct['nicename'];
2227
2228                 if ( isset( $content_struct['bio'] ) )
2229                         $user_data['description'] = $content_struct['bio'];
2230
2231                 $result = wp_update_user( $user_data );
2232
2233                 if ( is_wp_error( $result ) )
2234                         return new IXR_Error( 500, $result->get_error_message() );
2235
2236                 if ( ! $result )
2237                         return new IXR_Error( 500, __( 'Sorry, the user cannot be updated.' ) );
2238
2239                 return true;
2240         }
2241
2242         /**
2243          * Retrieve page.
2244          *
2245          * @since 2.2.0
2246          *
2247          * @param array $args Method parameters. Contains:
2248          *  - blog_id
2249          *  - page_id
2250          *  - username
2251          *  - password
2252          * @return array
2253          */
2254         function wp_getPage($args) {
2255                 $this->escape($args);
2256
2257                 $blog_id        = (int) $args[0];
2258                 $page_id        = (int) $args[1];
2259                 $username       = $args[2];
2260                 $password       = $args[3];
2261
2262                 if ( !$user = $this->login($username, $password) ) {
2263                         return $this->error;
2264                 }
2265
2266                 $page = get_post($page_id);
2267                 if ( ! $page )
2268                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2269
2270                 if ( !current_user_can( 'edit_page', $page_id ) )
2271                         return new IXR_Error( 401, __( 'Sorry, you cannot edit this page.' ) );
2272
2273                 do_action('xmlrpc_call', 'wp.getPage');
2274
2275                 // If we found the page then format the data.
2276                 if ( $page->ID && ($page->post_type == 'page') ) {
2277                         return $this->_prepare_page( $page );
2278                 }
2279                 // If the page doesn't exist indicate that.
2280                 else {
2281                         return(new IXR_Error(404, __('Sorry, no such page.')));
2282                 }
2283         }
2284
2285         /**
2286          * Retrieve Pages.
2287          *
2288          * @since 2.2.0
2289          *
2290          * @param array $args Method parameters. Contains:
2291          *  - blog_id
2292          *  - username
2293          *  - password
2294          *  - num_pages
2295          * @return array
2296          */
2297         function wp_getPages($args) {
2298                 $this->escape($args);
2299
2300                 $blog_id        = (int) $args[0];
2301                 $username       = $args[1];
2302                 $password       = $args[2];
2303                 $num_pages      = isset($args[3]) ? (int) $args[3] : 10;
2304
2305                 if ( !$user = $this->login($username, $password) )
2306                         return $this->error;
2307
2308                 if ( !current_user_can( 'edit_pages' ) )
2309                         return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) );
2310
2311                 do_action('xmlrpc_call', 'wp.getPages');
2312
2313                 $pages = get_posts( array('post_type' => 'page', 'post_status' => 'any', 'numberposts' => $num_pages) );
2314                 $num_pages = count($pages);
2315
2316                 // If we have pages, put together their info.
2317                 if ( $num_pages >= 1 ) {
2318                         $pages_struct = array();
2319
2320                         foreach ($pages as $page) {
2321                                 if ( current_user_can( 'edit_page', $page->ID ) )
2322                                         $pages_struct[] = $this->_prepare_page( $page );
2323                         }
2324
2325                         return($pages_struct);
2326                 }
2327                 // If no pages were found return an error.
2328                 else {
2329                         return(array());
2330                 }
2331         }
2332
2333         /**
2334          * Create new page.
2335          *
2336          * @since 2.2.0
2337          *
2338          * @param array $args Method parameters. See {@link wp_xmlrpc_server::mw_newPost()}
2339          * @return unknown
2340          */
2341         function wp_newPage($args) {
2342                 // Items not escaped here will be escaped in newPost.
2343                 $username       = $this->escape($args[1]);
2344                 $password       = $this->escape($args[2]);
2345                 $page           = $args[3];
2346                 $publish        = $args[4];
2347
2348                 if ( !$user = $this->login($username, $password) )
2349                         return $this->error;
2350
2351                 do_action('xmlrpc_call', 'wp.newPage');
2352
2353                 // Mark this as content for a page.
2354                 $args[3]["post_type"] = 'page';
2355
2356                 // Let mw_newPost do all of the heavy lifting.
2357                 return($this->mw_newPost($args));
2358         }
2359
2360         /**
2361          * Delete page.
2362          *
2363          * @since 2.2.0
2364          *
2365          * @param array $args Method parameters.
2366          * @return bool True, if success.
2367          */
2368         function wp_deletePage($args) {
2369                 $this->escape($args);
2370
2371                 $blog_id        = (int) $args[0];
2372                 $username       = $args[1];
2373                 $password       = $args[2];
2374                 $page_id        = (int) $args[3];
2375
2376                 if ( !$user = $this->login($username, $password) )
2377                         return $this->error;
2378
2379                 do_action('xmlrpc_call', 'wp.deletePage');
2380
2381                 // Get the current page based on the page_id and
2382                 // make sure it is a page and not a post.
2383                 $actual_page = get_post($page_id, ARRAY_A);
2384                 if ( !$actual_page || ($actual_page['post_type'] != 'page') )
2385                         return(new IXR_Error(404, __('Sorry, no such page.')));
2386
2387                 // Make sure the user can delete pages.
2388                 if ( !current_user_can('delete_page', $page_id) )
2389                         return(new IXR_Error(401, __('Sorry, you do not have the right to delete this page.')));
2390
2391                 // Attempt to delete the page.
2392                 $result = wp_delete_post($page_id);
2393                 if ( !$result )
2394                         return(new IXR_Error(500, __('Failed to delete the page.')));
2395
2396                 do_action( 'xmlrpc_call_success_wp_deletePage', $page_id, $args );
2397
2398                 return(true);
2399         }
2400
2401         /**
2402          * Edit page.
2403          *
2404          * @since 2.2.0
2405          *
2406          * @param array $args Method parameters.
2407          * @return unknown
2408          */
2409         function wp_editPage($args) {
2410                 // Items not escaped here will be escaped in editPost.
2411                 $blog_id        = (int) $args[0];
2412                 $page_id        = (int) $this->escape($args[1]);
2413                 $username       = $this->escape($args[2]);
2414                 $password       = $this->escape($args[3]);
2415                 $content        = $args[4];
2416                 $publish        = $args[5];
2417
2418                 if ( !$user = $this->login($username, $password) )
2419                         return $this->error;
2420
2421                 do_action('xmlrpc_call', 'wp.editPage');
2422
2423                 // Get the page data and make sure it is a page.
2424                 $actual_page = get_post($page_id, ARRAY_A);
2425                 if ( !$actual_page || ($actual_page['post_type'] != 'page') )
2426                         return(new IXR_Error(404, __('Sorry, no such page.')));
2427
2428                 // Make sure the user is allowed to edit pages.
2429                 if ( !current_user_can('edit_page', $page_id) )
2430                         return(new IXR_Error(401, __('Sorry, you do not have the right to edit this page.')));
2431
2432                 // Mark this as content for a page.
2433                 $content['post_type'] = 'page';
2434
2435                 // Arrange args in the way mw_editPost understands.
2436                 $args = array(
2437                         $page_id,
2438                         $username,
2439                         $password,
2440                         $content,
2441                         $publish
2442                 );
2443
2444                 // Let mw_editPost do all of the heavy lifting.
2445                 return($this->mw_editPost($args));
2446         }
2447
2448         /**
2449          * Retrieve page list.
2450          *
2451          * @since 2.2.0
2452          *
2453          * @param array $args Method parameters.
2454          * @return unknown
2455          */
2456         function wp_getPageList($args) {
2457                 global $wpdb;
2458
2459                 $this->escape($args);
2460
2461                 $blog_id                                = (int) $args[0];
2462                 $username                               = $args[1];
2463                 $password                               = $args[2];
2464
2465                 if ( !$user = $this->login($username, $password) )
2466                         return $this->error;
2467
2468                 if ( !current_user_can( 'edit_pages' ) )
2469                         return new IXR_Error( 401, __( 'Sorry, you cannot edit pages.' ) );
2470
2471                 do_action('xmlrpc_call', 'wp.getPageList');
2472
2473                 // Get list of pages ids and titles
2474                 $page_list = $wpdb->get_results("
2475                         SELECT ID page_id,
2476                                 post_title page_title,
2477                                 post_parent page_parent_id,
2478                                 post_date_gmt,
2479                                 post_date,
2480                                 post_status
2481                         FROM {$wpdb->posts}
2482                         WHERE post_type = 'page'
2483                         ORDER BY ID
2484                 ");
2485
2486                 // The date needs to be formatted properly.
2487                 $num_pages = count($page_list);
2488                 for ( $i = 0; $i < $num_pages; $i++ ) {
2489                         $page_list[$i]->dateCreated = $this->_convert_date(  $page_list[$i]->post_date );
2490                         $page_list[$i]->date_created_gmt = $this->_convert_date_gmt( $page_list[$i]->post_date_gmt, $page_list[$i]->post_date );
2491
2492                         unset($page_list[$i]->post_date_gmt);
2493                         unset($page_list[$i]->post_date);
2494                         unset($page_list[$i]->post_status);
2495                 }
2496
2497                 return($page_list);
2498         }
2499
2500         /**
2501          * Retrieve authors list.
2502          *
2503          * @since 2.2.0
2504          *
2505          * @param array $args Method parameters.
2506          * @return array
2507          */
2508         function wp_getAuthors($args) {
2509
2510                 $this->escape($args);
2511
2512                 $blog_id        = (int) $args[0];
2513                 $username       = $args[1];
2514                 $password       = $args[2];
2515
2516                 if ( !$user = $this->login($username, $password) )
2517                         return $this->error;
2518
2519                 if ( !current_user_can('edit_posts') )
2520                         return(new IXR_Error(401, __('Sorry, you cannot edit posts on this site.')));
2521
2522                 do_action('xmlrpc_call', 'wp.getAuthors');
2523
2524                 $authors = array();
2525                 foreach ( get_users( array( 'fields' => array('ID','user_login','display_name') ) ) as $user ) {
2526                         $authors[] = array(
2527                                 'user_id'       => $user->ID,
2528                                 'user_login'    => $user->user_login,
2529                                 'display_name'  => $user->display_name
2530                         );
2531                 }
2532
2533                 return $authors;
2534         }
2535
2536         /**
2537          * Get list of all tags
2538          *
2539          * @since 2.7.0
2540          *
2541          * @param array $args Method parameters.
2542          * @return array
2543          */
2544         function wp_getTags( $args ) {
2545                 $this->escape( $args );
2546
2547                 $blog_id                = (int) $args[0];
2548                 $username               = $args[1];
2549                 $password               = $args[2];
2550
2551                 if ( !$user = $this->login($username, $password) )
2552                         return $this->error;
2553
2554                 if ( !current_user_can( 'edit_posts' ) )
2555                         return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view tags.' ) );
2556
2557                 do_action( 'xmlrpc_call', 'wp.getKeywords' );
2558
2559                 $tags = array();
2560
2561                 if ( $all_tags = get_tags() ) {
2562                         foreach( (array) $all_tags as $tag ) {
2563                                 $struct['tag_id']                       = $tag->term_id;
2564                                 $struct['name']                         = $tag->name;
2565                                 $struct['count']                        = $tag->count;
2566                                 $struct['slug']                         = $tag->slug;
2567                                 $struct['html_url']                     = esc_html( get_tag_link( $tag->term_id ) );
2568                                 $struct['rss_url']                      = esc_html( get_tag_feed_link( $tag->term_id ) );
2569
2570                                 $tags[] = $struct;
2571                         }
2572                 }
2573
2574                 return $tags;
2575         }
2576
2577         /**
2578          * Create new category.
2579          *
2580          * @since 2.2.0
2581          *
2582          * @param array $args Method parameters.
2583          * @return int Category ID.
2584          */
2585         function wp_newCategory($args) {
2586                 $this->escape($args);
2587
2588                 $blog_id                                = (int) $args[0];
2589                 $username                               = $args[1];
2590                 $password                               = $args[2];
2591                 $category                               = $args[3];
2592
2593                 if ( !$user = $this->login($username, $password) )
2594                         return $this->error;
2595
2596                 do_action('xmlrpc_call', 'wp.newCategory');
2597
2598                 // Make sure the user is allowed to add a category.
2599                 if ( !current_user_can('manage_categories') )
2600                         return(new IXR_Error(401, __('Sorry, you do not have the right to add a category.')));
2601
2602                 // If no slug was provided make it empty so that
2603                 // WordPress will generate one.
2604                 if ( empty($category['slug']) )
2605                         $category['slug'] = '';
2606
2607                 // If no parent_id was provided make it empty
2608                 // so that it will be a top level page (no parent).
2609                 if ( !isset($category['parent_id']) )
2610                         $category['parent_id'] = '';
2611
2612                 // If no description was provided make it empty.
2613                 if ( empty($category["description"]) )
2614                         $category["description"] = "";
2615
2616                 $new_category = array(
2617                         'cat_name'                              => $category['name'],
2618                         'category_nicename'             => $category['slug'],
2619                         'category_parent'               => $category['parent_id'],
2620                         'category_description'  => $category['description']
2621                 );
2622
2623                 $cat_id = wp_insert_category($new_category, true);
2624                 if ( is_wp_error( $cat_id ) ) {
2625                         if ( 'term_exists' == $cat_id->get_error_code() )
2626                                 return (int) $cat_id->get_error_data();
2627                         else
2628                                 return(new IXR_Error(500, __('Sorry, the new category failed.')));
2629                 } elseif ( ! $cat_id ) {
2630                         return(new IXR_Error(500, __('Sorry, the new category failed.')));
2631                 }
2632
2633                 do_action( 'xmlrpc_call_success_wp_newCategory', $cat_id, $args );
2634
2635                 return $cat_id;
2636         }
2637
2638         /**
2639          * Remove category.
2640          *
2641          * @since 2.5.0
2642          *
2643          * @param array $args Method parameters.
2644          * @return mixed See {@link wp_delete_term()} for return info.
2645          */
2646         function wp_deleteCategory($args) {
2647                 $this->escape($args);
2648
2649                 $blog_id                = (int) $args[0];
2650                 $username               = $args[1];
2651                 $password               = $args[2];
2652                 $category_id    = (int) $args[3];
2653
2654                 if ( !$user = $this->login($username, $password) )
2655                         return $this->error;
2656
2657                 do_action('xmlrpc_call', 'wp.deleteCategory');
2658
2659                 if ( !current_user_can('manage_categories') )
2660                         return new IXR_Error( 401, __( 'Sorry, you do not have the right to delete a category.' ) );
2661
2662                 $status = wp_delete_term( $category_id, 'category' );
2663
2664                 if( true == $status )
2665                         do_action( 'xmlrpc_call_success_wp_deleteCategory', $category_id, $args );
2666
2667                 return $status;
2668         }
2669
2670         /**
2671          * Retrieve category list.
2672          *
2673          * @since 2.2.0
2674          *
2675          * @param array $args Method parameters.
2676          * @return array
2677          */
2678         function wp_suggestCategories($args) {
2679                 $this->escape($args);
2680
2681                 $blog_id                                = (int) $args[0];
2682                 $username                               = $args[1];
2683                 $password                               = $args[2];
2684                 $category                               = $args[3];
2685                 $max_results                    = (int) $args[4];
2686
2687                 if ( !$user = $this->login($username, $password) )
2688                         return $this->error;
2689
2690                 if ( !current_user_can( 'edit_posts' ) )
2691                         return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts to this site in order to view categories.' ) );
2692
2693                 do_action('xmlrpc_call', 'wp.suggestCategories');
2694
2695                 $category_suggestions = array();
2696                 $args = array('get' => 'all', 'number' => $max_results, 'name__like' => $category);
2697                 foreach ( (array) get_categories($args) as $cat ) {
2698                         $category_suggestions[] = array(
2699                                 'category_id'   => $cat->term_id,
2700                                 'category_name' => $cat->name
2701                         );
2702                 }
2703
2704                 return($category_suggestions);
2705         }
2706
2707         /**
2708          * Retrieve comment.
2709          *
2710          * @since 2.7.0
2711          *
2712          * @param array $args Method parameters.
2713          * @return array
2714          */
2715         function wp_getComment($args) {
2716                 $this->escape($args);
2717
2718                 $blog_id        = (int) $args[0];
2719                 $username       = $args[1];
2720                 $password       = $args[2];
2721                 $comment_id     = (int) $args[3];
2722
2723                 if ( !$user = $this->login($username, $password) )
2724                         return $this->error;
2725
2726                 if ( !current_user_can( 'moderate_comments' ) )
2727                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2728
2729                 do_action('xmlrpc_call', 'wp.getComment');
2730
2731                 if ( ! $comment = get_comment($comment_id) )
2732                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2733
2734                 return $this->_prepare_comment( $comment );
2735         }
2736
2737         /**
2738          * Retrieve comments.
2739          *
2740          * Besides the common blog_id, username, and password arguments, it takes a filter
2741          * array as last argument.
2742          *
2743          * Accepted 'filter' keys are 'status', 'post_id', 'offset', and 'number'.
2744          *
2745          * The defaults are as follows:
2746          * - 'status' - Default is ''. Filter by status (e.g., 'approve', 'hold')
2747          * - 'post_id' - Default is ''. The post where the comment is posted. Empty string shows all comments.
2748          * - 'number' - Default is 10. Total number of media items to retrieve.
2749          * - 'offset' - Default is 0. See {@link WP_Query::query()} for more.
2750          *
2751          * @since 2.7.0
2752          *
2753          * @param array $args Method parameters.
2754          * @return array. Contains a collection of comments. See {@link wp_xmlrpc_server::wp_getComment()} for a description of each item contents
2755          */
2756         function wp_getComments($args) {
2757                 $this->escape($args);
2758
2759                 $blog_id        = (int) $args[0];
2760                 $username       = $args[1];
2761                 $password       = $args[2];
2762                 $struct         = isset( $args[3] ) ? $args[3] : array();
2763
2764                 if ( !$user = $this->login($username, $password) )
2765                         return $this->error;
2766
2767                 if ( !current_user_can( 'moderate_comments' ) )
2768                         return new IXR_Error( 401, __( 'Sorry, you cannot edit comments.' ) );
2769
2770                 do_action('xmlrpc_call', 'wp.getComments');
2771
2772                 if ( isset($struct['status']) )
2773                         $status = $struct['status'];
2774                 else
2775                         $status = '';
2776
2777                 $post_id = '';
2778                 if ( isset($struct['post_id']) )
2779                         $post_id = absint($struct['post_id']);
2780
2781                 $offset = 0;
2782                 if ( isset($struct['offset']) )
2783                         $offset = absint($struct['offset']);
2784
2785                 $number = 10;
2786                 if ( isset($struct['number']) )
2787                         $number = absint($struct['number']);
2788
2789                 $comments = get_comments( array('status' => $status, 'post_id' => $post_id, 'offset' => $offset, 'number' => $number ) );
2790
2791                 $comments_struct = array();
2792
2793                 foreach ( $comments as $comment ) {
2794                         $comments_struct[] = $this->_prepare_comment( $comment );
2795                 }
2796
2797                 return $comments_struct;
2798         }
2799
2800         /**
2801          * Delete a comment.
2802          *
2803          * By default, the comment will be moved to the trash instead of deleted.
2804          * See {@link wp_delete_comment()} for more information on
2805          * this behavior.
2806          *
2807          * @since 2.7.0
2808          *
2809          * @param array $args Method parameters. Contains:
2810          *  - blog_id
2811          *  - username
2812          *  - password
2813          *  - comment_id
2814          * @return mixed {@link wp_delete_comment()}
2815          */
2816         function wp_deleteComment($args) {
2817                 $this->escape($args);
2818
2819                 $blog_id        = (int) $args[0];
2820                 $username       = $args[1];
2821                 $password       = $args[2];
2822                 $comment_ID     = (int) $args[3];
2823
2824                 if ( !$user = $this->login($username, $password) )
2825                         return $this->error;
2826
2827                 if ( !current_user_can( 'moderate_comments' ) )
2828                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2829
2830                 if ( ! get_comment($comment_ID) )
2831                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2832
2833                 if ( !current_user_can( 'edit_comment', $comment_ID ) )
2834                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2835
2836                 do_action('xmlrpc_call', 'wp.deleteComment');
2837
2838                 $status = wp_delete_comment( $comment_ID );
2839
2840                 if( true == $status )
2841                         do_action( 'xmlrpc_call_success_wp_deleteComment', $comment_ID, $args );
2842
2843                 return $status;
2844         }
2845
2846         /**
2847          * Edit comment.
2848          *
2849          * Besides the common blog_id, username, and password arguments, it takes a
2850          * comment_id integer and a content_struct array as last argument.
2851          *
2852          * The allowed keys in the content_struct array are:
2853          *  - 'author'
2854          *  - 'author_url'
2855          *  - 'author_email'
2856          *  - 'content'
2857          *  - 'date_created_gmt'
2858          *  - 'status'. Common statuses are 'approve', 'hold', 'spam'. See {@link get_comment_statuses()} for more details
2859          *
2860          * @since 2.7.0
2861          *
2862          * @param array $args. Contains:
2863          *  - blog_id
2864          *  - username
2865          *  - password
2866          *  - comment_id
2867          *  - content_struct
2868          * @return bool True, on success.
2869          */
2870         function wp_editComment($args) {
2871                 $this->escape($args);
2872
2873                 $blog_id        = (int) $args[0];
2874                 $username       = $args[1];
2875                 $password       = $args[2];
2876                 $comment_ID     = (int) $args[3];
2877                 $content_struct = $args[4];
2878
2879                 if ( !$user = $this->login($username, $password) )
2880                         return $this->error;
2881
2882                 if ( !current_user_can( 'moderate_comments' ) )
2883                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2884
2885                 if ( ! get_comment($comment_ID) )
2886                         return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
2887
2888                 if ( !current_user_can( 'edit_comment', $comment_ID ) )
2889                         return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
2890
2891                 do_action('xmlrpc_call', 'wp.editComment');
2892
2893                 if ( isset($content_struct['status']) ) {
2894                         $statuses = get_comment_statuses();
2895                         $statuses = array_keys($statuses);
2896
2897                         if ( ! in_array($content_struct['status'], $statuses) )
2898                                 return new IXR_Error( 401, __( 'Invalid comment status.' ) );
2899                         $comment_approved = $content_struct['status'];
2900                 }
2901
2902                 // Do some timestamp voodoo
2903                 if ( !empty( $content_struct['date_created_gmt'] ) ) {
2904                         // We know this is supposed to be GMT, so we're going to slap that Z on there by force
2905                         $dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z';
2906                         $comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));
2907                         $comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT');
2908                 }
2909
2910                 if ( isset($content_struct['content']) )
2911                         $comment_content = $content_struct['content'];
2912
2913                 if ( isset($content_struct['author']) )
2914                         $comment_author = $content_struct['author'];
2915
2916                 if ( isset($content_struct['author_url']) )
2917                         $comment_author_url = $content_struct['author_url'];
2918
2919                 if ( isset($content_struct['author_email']) )
2920                         $comment_author_email = $content_struct['author_email'];
2921
2922                 // We've got all the data -- post it:
2923                 $comment = compact('comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url');
2924
2925                 $result = wp_update_comment($comment);
2926                 if ( is_wp_error( $result ) )
2927                         return new IXR_Error(500, $result->get_error_message());
2928
2929                 if ( !$result )
2930                         return new IXR_Error(500, __('Sorry, the comment could not be edited. Something wrong happened.'));
2931
2932                 do_action( 'xmlrpc_call_success_wp_editComment', $comment_ID, $args );
2933
2934                 return true;
2935         }
2936
2937         /**
2938          * Create new comment.
2939          *
2940          * @since 2.7.0
2941          *
2942          * @param array $args Method parameters.
2943          * @return mixed {@link wp_new_comment()}
2944          */
2945         function wp_newComment($args) {
2946                 global $wpdb;
2947
2948                 $this->escape($args);
2949
2950                 $blog_id        = (int) $args[0];
2951                 $username       = $args[1];
2952                 $password       = $args[2];
2953                 $post           = $args[3];
2954                 $content_struct = $args[4];
2955
2956                 $allow_anon = apply_filters('xmlrpc_allow_anonymous_comments', false);
2957
2958                 $user = $this->login($username, $password);
2959
2960                 if ( !$user ) {
2961                         $logged_in = false;
2962                         if ( $allow_anon && get_option('comment_registration') )
2963                                 return new IXR_Error( 403, __( 'You must be registered to comment' ) );
2964                         else if ( !$allow_anon )
2965                                 return $this->error;
2966                 } else {
2967                         $logged_in = true;
2968                 }
2969
2970                 if ( is_numeric($post) )
2971                         $post_id = absint($post);
2972                 else
2973                         $post_id = url_to_postid($post);
2974
2975                 if ( ! $post_id )
2976                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2977
2978                 if ( ! get_post($post_id) )
2979                         return new IXR_Error( 404, __( 'Invalid post ID.' ) );
2980
2981                 $comment['comment_post_ID'] = $post_id;
2982
2983                 if ( $logged_in ) {
2984                         $comment['comment_author'] = $this->escape( $user->display_name );
2985                         $comment['comment_author_email'] = $this->escape( $user->user_email );
2986                         $comment['comment_author_url'] = $this->escape( $user->user_url );
2987                         $comment['user_ID'] = $user->ID;
2988                 } else {
2989                         $comment['comment_author'] = '';
2990                         if ( isset($content_struct['author']) )
2991                                 $comment['comment_author'] = $content_struct['author'];
2992
2993                         $comment['comment_author_email'] = '';
2994                         if ( isset($content_struct['author_email']) )
2995                                 $comment['comment_author_email'] = $content_struct['author_email'];
2996
2997                         $comment['comment_author_url'] = '';
2998                         if ( isset($content_struct['author_url']) )
2999                                 $comment['comment_author_url'] = $content_struct['author_url'];
3000
3001                         $comment['user_ID'] = 0;
3002
3003                         if ( get_option('require_name_email') ) {
3004                                 if ( 6 > strlen($comment['comment_author_email']) || '' == $comment['comment_author'] )
3005                                         return new IXR_Error( 403, __( 'Comment author name and email are required' ) );
3006                                 elseif ( !is_email($comment['comment_author_email']) )
3007                                         return new IXR_Error( 403, __( 'A valid email address is required' ) );
3008                         }
3009                 }
3010
3011                 $comment['comment_parent'] = isset($content_struct['comment_parent']) ? absint($content_struct['comment_parent']) : 0;
3012
3013                 $comment['comment_content'] =  isset($content_struct['content']) ? $content_struct['content'] : null;
3014
3015                 do_action('xmlrpc_call', 'wp.newComment');
3016
3017                 $comment_ID = wp_new_comment( $comment );
3018
3019                 do_action( 'xmlrpc_call_success_wp_newComment', $comment_ID, $args );
3020
3021                 return $comment_ID;
3022         }
3023
3024         /**
3025          * Retrieve all of the comment status.
3026          *
3027          * @since 2.7.0
3028          *
3029          * @param array $args Method parameters.
3030          * @return array
3031          */
3032         function wp_getCommentStatusList($args) {
3033                 $this->escape( $args );
3034
3035                 $blog_id        = (int) $args[0];
3036                 $username       = $args[1];
3037                 $password       = $args[2];
3038
3039                 if ( !$user = $this->login($username, $password) )
3040                         return $this->error;
3041
3042                 if ( !current_user_can( 'moderate_comments' ) )
3043                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3044
3045                 do_action('xmlrpc_call', 'wp.getCommentStatusList');
3046
3047                 return get_comment_statuses();
3048         }
3049
3050         /**
3051          * Retrieve comment count.
3052          *
3053          * @since 2.5.0
3054          *
3055          * @param array $args Method parameters.
3056          * @return array
3057          */
3058         function wp_getCommentCount( $args ) {
3059                 $this->escape($args);
3060
3061                 $blog_id        = (int) $args[0];
3062                 $username       = $args[1];
3063                 $password       = $args[2];
3064                 $post_id        = (int) $args[3];
3065
3066                 if ( !$user = $this->login($username, $password) )
3067                         return $this->error;
3068
3069                 if ( !current_user_can( 'edit_posts' ) )
3070                         return new IXR_Error( 403, __( 'You are not allowed access to details about comments.' ) );
3071
3072                 do_action('xmlrpc_call', 'wp.getCommentCount');
3073
3074                 $count = wp_count_comments( $post_id );
3075                 return array(
3076                         'approved' => $count->approved,
3077                         'awaiting_moderation' => $count->moderated,
3078                         'spam' => $count->spam,
3079                         'total_comments' => $count->total_comments
3080                 );
3081         }
3082
3083         /**
3084          * Retrieve post statuses.
3085          *
3086          * @since 2.5.0
3087          *
3088          * @param array $args Method parameters.
3089          * @return array
3090          */
3091         function wp_getPostStatusList( $args ) {
3092                 $this->escape( $args );
3093
3094                 $blog_id        = (int) $args[0];
3095                 $username       = $args[1];
3096                 $password       = $args[2];
3097
3098                 if ( !$user = $this->login($username, $password) )
3099                         return $this->error;
3100
3101                 if ( !current_user_can( 'edit_posts' ) )
3102                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3103
3104                 do_action('xmlrpc_call', 'wp.getPostStatusList');
3105
3106                 return get_post_statuses();
3107         }
3108
3109         /**
3110          * Retrieve page statuses.
3111          *
3112          * @since 2.5.0
3113          *
3114          * @param array $args Method parameters.
3115          * @return array
3116          */
3117         function wp_getPageStatusList( $args ) {
3118                 $this->escape( $args );
3119
3120                 $blog_id        = (int) $args[0];
3121                 $username       = $args[1];
3122                 $password       = $args[2];
3123
3124                 if ( !$user = $this->login($username, $password) )
3125                         return $this->error;
3126
3127                 if ( !current_user_can( 'edit_pages' ) )
3128                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3129
3130                 do_action('xmlrpc_call', 'wp.getPageStatusList');
3131
3132                 return get_page_statuses();
3133         }
3134
3135         /**
3136          * Retrieve page templates.
3137          *
3138          * @since 2.6.0
3139          *
3140          * @param array $args Method parameters.
3141          * @return array
3142          */
3143         function wp_getPageTemplates( $args ) {
3144                 $this->escape( $args );
3145
3146                 $blog_id        = (int) $args[0];
3147                 $username       = $args[1];
3148                 $password       = $args[2];
3149
3150                 if ( !$user = $this->login($username, $password) )
3151                         return $this->error;
3152
3153                 if ( !current_user_can( 'edit_pages' ) )
3154                         return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
3155
3156                 $templates = get_page_templates();
3157                 $templates['Default'] = 'default';
3158
3159                 return $templates;
3160         }
3161
3162         /**
3163          * Retrieve blog options.
3164          *
3165          * @since 2.6.0
3166          *
3167          * @param array $args Method parameters.
3168          * @return array
3169          */
3170         function wp_getOptions( $args ) {
3171                 $this->escape( $args );
3172
3173                 $blog_id        = (int) $args[0];
31