}
}
- if ( ! empty( $post_data['post_status'] ) )
+ if ( ! empty( $post_data['post_status'] ) ) {
$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+ // No longer an auto-draft
+ if ( 'auto-draft' === $post_data['post_status'] ) {
+ $post_data['post_status'] = 'draft';
+ }
+
+ if ( ! get_post_status_object( $post_data['post_status'] ) ) {
+ unset( $post_data['post_status'] );
+ }
+ }
+
// What to do based on which button they pressed
if ( isset($post_data['saveasdraft']) && '' != $post_data['saveasdraft'] )
$post_data['post_status'] = 'draft';
if ( ! in_array( $previous_status, $published_statuses ) || !current_user_can( 'edit_post', $post_id ) )
$post_data['post_status'] = 'pending';
- if ( ! isset($post_data['post_status']) )
- $post_data['post_status'] = $previous_status;
+ if ( ! isset( $post_data['post_status'] ) ) {
+ $post_data['post_status'] = 'auto-draft' === $previous_status ? 'draft' : $previous_status;
+ }
if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) {
unset( $post_data['post_password'] );
_wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) );
}
- if ( ( empty( $post_data['action'] ) || 'autosave' != $post_data['action'] ) && 'auto-draft' == $post_data['post_status'] ) {
- $post_data['post_status'] = 'draft';
- }
-
if ( isset($post_data['visibility']) ) {
switch ( $post_data['visibility'] ) {
case 'public' :
}
}
+ if ( 'attachment' === $post_data['post_type'] && preg_match( '#^(audio|video)/#', $post_data['post_mime_type'] ) ) {
+ $id3data = wp_get_attachment_metadata( $post_ID );
+ if ( ! is_array( $id3data ) ) {
+ $id3data = array();
+ }
+
+ foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) {
+ if ( isset( $post_data[ 'id3_' . $key ] ) ) {
+ $id3data[ $key ] = sanitize_text_field( wp_unslash( $post_data[ 'id3_' . $key ] ) );
+ }
+ }
+ wp_update_attachment_metadata( $post_ID, $id3data );
+ }
+
// Meta Stuff
if ( isset($post_data['meta']) && $post_data['meta'] ) {
foreach ( $post_data['meta'] as $key => $value ) {
$image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] );
if ( $image_alt != get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) ) {
$image_alt = wp_strip_all_tags( $image_alt, true );
- // update_meta expects slashed
+ // update_meta expects slashed.
update_post_meta( $post_ID, '_wp_attachment_image_alt', wp_slash( $image_alt ) );
}
}
$attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array();
+
/** This filter is documented in wp-admin/includes/media.php */
$post_data = apply_filters( 'attachment_fields_to_save', $post_data, $attachment_data );
}
}
$updated = $skipped = $locked = array();
+ $shared_post_data = $post_data;
+
foreach ( $post_IDs as $post_ID ) {
+ // Start with fresh post data with each iteration.
+ $post_data = $shared_post_data;
+
$post_type_object = get_post_type_object( get_post_type( $post_ID ) );
if ( !isset( $post_type_object ) || ( isset($children) && in_array($post_ID, $children) ) || !current_user_can( 'edit_post', $post_ID ) ) {
$post_data['ID'] = $post_ID;
$post_data['post_ID'] = $post_ID;
- $translated_post_data = _wp_translate_postdata( true, $post_data );
- if ( is_wp_error( $translated_post_data ) ) {
+ $post_data = _wp_translate_postdata( true, $post_data );
+ if ( is_wp_error( $post_data ) ) {
$skipped[] = $post_ID;
continue;
}
- $updated[] = wp_update_post( $translated_post_data );
+ $updated[] = wp_update_post( $post_data );
if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) {
if ( 'sticky' == $post_data['sticky'] )
* @return WP_Post Post object containing all the default post data as attributes
*/
function get_default_post_to_edit( $post_type = 'post', $create_in_db = false ) {
- global $wpdb;
-
$post_title = '';
if ( !empty( $_REQUEST['post_title'] ) )
$post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ));
$post = new WP_Post( $post );
}
+ /**
+ * Filter the default post content initially used in the "Write Post" form.
+ *
+ * @since 1.5.0
+ *
+ * @param string $post_content Default post content.
+ * @param WP_Post $post Post object.
+ */
$post->post_content = apply_filters( 'default_content', $post_content, $post );
- $post->post_title = apply_filters( 'default_title', $post_title, $post );
+
+ /**
+ * Filter the default post title initially used in the "Write Post" form.
+ *
+ * @since 1.5.0
+ *
+ * @param string $post_title Default post title.
+ * @param WP_Post $post Post object.
+ */
+ $post->post_title = apply_filters( 'default_title', $post_title, $post );
+
+ /**
+ * Filter the default post excerpt initially used in the "Write Post" form.
+ *
+ * @since 1.5.0
+ *
+ * @param string $post_excerpt Default post excerpt.
+ * @param WP_Post $post Post object.
+ */
$post->post_excerpt = apply_filters( 'default_excerpt', $post_excerpt, $post );
$post->post_name = '';
* @return unknown
*/
function add_meta( $post_ID ) {
- global $wpdb;
$post_ID = (int) $post_ID;
$metakeyselect = isset($_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';
$metavalue = trim( $metavalue );
if ( ('0' === $metavalue || ! empty ( $metavalue ) ) && ( ( ( '#NONE#' != $metakeyselect ) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput ) ) ) {
- // We have a key/value pair. If both the select and the
- // input for the key have data, the input takes precedence:
-
+ /*
+ * We have a key/value pair. If both the select and the input
+ * for the key have data, the input takes precedence.
+ */
if ( '#NONE#' != $metakeyselect )
$metakey = $metakeyselect;
}
}
-/**
- * Move child posts to a new parent.
- *
- * @since 2.3.0
- * @access private
- *
- * @param unknown_type $old_ID
- * @param unknown_type $new_ID
- * @return unknown
- */
-function _relocate_children( $old_ID, $new_ID ) {
- global $wpdb;
- $old_ID = (int) $old_ID;
- $new_ID = (int) $new_ID;
-
- $children = $wpdb->get_col( $wpdb->prepare("
- SELECT post_id
- FROM $wpdb->postmeta
- WHERE meta_key = '_wp_attachment_temp_parent'
- AND meta_value = %d", $old_ID) );
-
- foreach ( $children as $child_id ) {
- $wpdb->update($wpdb->posts, array('post_parent' => $new_ID), array('ID' => $child_id) );
- delete_post_meta($child_id, '_wp_attachment_temp_parent');
- }
-}
-
/**
* Get all the possible statuses for a post_type
*
elseif ( isset($q['post_status']) && 'pending' == $q['post_status'] )
$order = 'ASC';
- $per_page = 'edit_' . $post_type . '_per_page';
+ $per_page = "edit_{$post_type}_per_page";
$posts_per_page = (int) get_user_option( $per_page );
if ( empty( $posts_per_page ) || $posts_per_page < 1 )
$posts_per_page = 20;
- $posts_per_page = apply_filters( $per_page, $posts_per_page );
+ /**
+ * Filter the number of items per page to show for a specific 'per_page' type.
+ *
+ * The dynamic portion of the hook name, $post_type, refers to the post type.
+ *
+ * Some examples of filter hooks generated here include: 'edit_attachment_per_page',
+ * 'edit_post_per_page', 'edit_page_per_page', etc.
+ *
+ * @since 3.0.0
+ *
+ * @param int $posts_per_page Number of posts to display per page for the given post
+ * type. Default 20.
+ */
+ $posts_per_page = apply_filters( "edit_{$post_type}_per_page", $posts_per_page );
+
+ /**
+ * Filter the number of posts displayed per page when specifically listing "posts".
+ *
+ * @since 2.8.0
+ *
+ * @param int $posts_per_page Number of posts to be displayed. Default 20.
+ * @param string $post_type The post type.
+ */
$posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type );
$query = compact('post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page');
* can be passed in, which will override the arguments set by this function.
*
* @since 2.5.0
- * @uses apply_filters() Calls 'upload_per_page' on posts_per_page argument
*
* @param array|bool $q Array of query variables to use to build the query or false to use $_GET superglobal.
* @return array
$states .= ',private';
$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
+ $q['post_status'] = isset( $q['attachment-filter'] ) && 'trash' == $q['attachment-filter'] ? 'trash' : $states;
+
$media_per_page = (int) get_user_option( 'upload_per_page' );
if ( empty( $media_per_page ) || $media_per_page < 1 )
$media_per_page = 20;
+
+ /**
+ * Filter the number of items to list per page when listing media items.
+ *
+ * @since 2.9.0
+ *
+ * @param int $media_per_page Number of media to list. Default 20.
+ */
$q['posts_per_page'] = apply_filters( 'upload_per_page', $media_per_page );
$post_mime_types = get_post_mime_types();
if ( isset($q['post_mime_type']) && !array_intersect( (array) $q['post_mime_type'], array_keys($post_mime_types) ) )
unset($q['post_mime_type']);
- if ( isset($q['detached']) )
- add_filter('posts_where', '_edit_attachments_query_helper');
+ foreach( array_keys( $post_mime_types ) as $type ) {
+ if ( isset( $q['attachment-filter'] ) && "post_mime_type:$type" == $q['attachment-filter'] ) {
+ $q['post_mime_type'] = $type;
+ break;
+ }
+ }
+
+ if ( isset( $q['detached'] ) || ( isset( $q['attachment-filter'] ) && 'detached' == $q['attachment-filter'] ) ) {
+ $q['post_parent'] = 0;
+ }
wp( $q );
- if ( isset($q['detached']) )
- remove_filter('posts_where', '_edit_attachments_query_helper');
-
return array($post_mime_types, $avail_post_mime_types);
}
-function _edit_attachments_query_helper($where) {
- global $wpdb;
- return $where .= " AND {$wpdb->posts}.post_parent < 1";
-}
-
/**
* Returns the list of classes to be used by a metabox
*
$classes = array( '' );
}
+ /**
+ * Filter the postbox classes for a specific screen and screen ID combo.
+ *
+ * The dynamic portions of the hook name, $page, and $id, refer to
+ * the screen, and screen ID, respectively.
+ *
+ * @since 3.2.0
+ *
+ * @param array $classes An array of postbox classes.
+ */
$classes = apply_filters( "postbox_classes_{$page}_{$id}", $classes );
return implode( ' ', $classes );
}
$uri = untrailingslashit($uri);
$uri = strrev( stristr( strrev( $uri ), '/' ) );
$uri = untrailingslashit($uri);
+
+ /** This filter is documented in wp-admin/edit-tag-form.php */
$uri = apply_filters( 'editable_slug', $uri );
if ( !empty($uri) )
$uri .= '/';
$permalink = str_replace('%pagename%', "{$uri}%pagename%", $permalink);
}
- $permalink = array($permalink, apply_filters('editable_slug', $post->post_name));
+ /** This filter is documented in wp-admin/edit-tag-form.php */
+ $permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name ) );
$post->post_status = $original_status;
$post->post_date = $original_date;
$post->post_name = $original_name;
list($permalink, $post_name) = get_sample_permalink($post->ID, $new_title, $new_slug);
- if ( 'publish' == get_post_status( $post ) ) {
- $ptype = get_post_type_object($post->post_type);
+ if ( current_user_can( 'read_post', $post->ID ) ) {
+ $ptype = get_post_type_object( $post->post_type );
$view_post = $ptype->labels->view_item;
+ }
+
+ if ( 'publish' == get_post_status( $post ) ) {
$title = __('Click to edit this part of the permalink');
} else {
$title = __('Temporary permalink. Click to edit this part.');
}
- if ( false === strpos($permalink, '%postname%') && false === strpos($permalink, '%pagename%') ) {
+ if ( false === strpos( $permalink, '%postname%' ) && false === strpos( $permalink, '%pagename%' ) ) {
$return = '<strong>' . __('Permalink:') . "</strong>\n" . '<span id="sample-permalink" tabindex="-1">' . $permalink . "</span>\n";
- if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && !( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) )
+ if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && !( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) ) {
$return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small" target="_blank">' . __('Change Permalinks') . "</a></span>\n";
- if ( isset( $view_post ) )
- $return .= "<span id='view-post-btn'><a href='$permalink' class='button button-small'>$view_post</a></span>\n";
+ }
+ } else {
+ if ( function_exists( 'mb_strlen' ) ) {
+ if ( mb_strlen( $post_name ) > 30 ) {
+ $post_name_abridged = mb_substr( $post_name, 0, 14 ) . '…' . mb_substr( $post_name, -14 );
+ } else {
+ $post_name_abridged = $post_name;
+ }
+ } else {
+ if ( strlen( $post_name ) > 30 ) {
+ $post_name_abridged = substr( $post_name, 0, 14 ) . '…' . substr( $post_name, -14 );
+ } else {
+ $post_name_abridged = $post_name;
+ }
+ }
- $return = apply_filters('get_sample_permalink_html', $return, $id, $new_title, $new_slug);
+ $post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
+ $display_link = str_replace( array( '%pagename%', '%postname%' ), $post_name_html, $permalink );
- return $return;
+ $return = '<strong>' . __( 'Permalink:' ) . "</strong>\n";
+ $return .= '<span id="sample-permalink" tabindex="-1">' . $display_link . "</span>\n";
+ $return .= '‎'; // Fix bi-directional text display defect in RTL languages.
+ $return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button button-small hide-if-no-js" onclick="editPermalink(' . $id . '); return false;">' . __( 'Edit' ) . "</a></span>\n";
+ $return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
}
- if ( function_exists('mb_strlen') ) {
- if ( mb_strlen($post_name) > 30 ) {
- $post_name_abridged = mb_substr($post_name, 0, 14). '…' . mb_substr($post_name, -14);
+ if ( isset( $view_post ) ) {
+ if( 'draft' == $post->post_status ) {
+ $preview_link = set_url_scheme( get_permalink( $post->ID ) );
+ /** This filter is documented in wp-admin/includes/meta-boxes.php */
+ $preview_link = apply_filters( 'preview_post_link', add_query_arg( 'preview', 'true', $preview_link ), $post );
+ $return .= "<span id='view-post-btn'><a href='" . esc_url( $preview_link ) . "' class='button button-small' target='wp-preview-{$post->ID}'>$view_post</a></span>\n";
} else {
- $post_name_abridged = $post_name;
- }
- } else {
- if ( strlen($post_name) > 30 ) {
- $post_name_abridged = substr($post_name, 0, 14). '…' . substr($post_name, -14);
- } else {
- $post_name_abridged = $post_name;
+ $return .= "<span id='view-post-btn'><a href='" . get_permalink( $post ) . "' class='button button-small'>$view_post</a></span>\n";
}
}
- $post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
- $display_link = str_replace(array('%pagename%','%postname%'), $post_name_html, $permalink);
- $view_link = str_replace(array('%pagename%','%postname%'), $post_name, $permalink);
- $return = '<strong>' . __('Permalink:') . "</strong>\n";
- $return .= '<span id="sample-permalink" tabindex="-1">' . $display_link . "</span>\n";
- $return .= '‎'; // Fix bi-directional text display defect in RTL languages.
- $return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button button-small hide-if-no-js" onclick="editPermalink(' . $id . '); return false;">' . __('Edit') . "</a></span>\n";
- $return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
- if ( isset($view_post) )
- $return .= "<span id='view-post-btn'><a href='$view_link' class='button button-small'>$view_post</a></span>\n";
-
- $return = apply_filters('get_sample_permalink_html', $return, $id, $new_title, $new_slug);
+ /**
+ * Filter the sample permalink HTML markup.
+ *
+ * @since 2.9.0
+ *
+ * @param string $return Sample permalink HTML markup.
+ * @param int|WP_Post $id Post object or ID.
+ * @param string $new_title New sample permalink title.
+ * @param string $new_slug New sample permalink slug.
+ */
+ $return = apply_filters( 'get_sample_permalink_html', $return, $id, $new_title, $new_slug );
return $return;
}
$content_width = $old_content_width;
}
+ /**
+ * Filter the admin post thumbnail HTML markup to return.
+ *
+ * @since 2.9.0
+ *
+ * @param string $content Admin post thumbnail HTML markup.
+ * @param int $post_id Post ID.
+ */
return apply_filters( 'admin_post_thumbnail_html', $content, $post->ID );
}
$time = $lock[0];
$user = isset( $lock[1] ) ? $lock[1] : get_post_meta( $post->ID, '_edit_last', true );
+ /** This filter is documented in wp-admin/includes/ajax-actions.php */
$time_window = apply_filters( 'wp_check_post_lock_window', 150 );
if ( $time && $time > time() - $time_window && $user != get_current_user_id() )
$user = get_userdata( $user_id );
if ( $user ) {
+
+ /**
+ * Filter whether to show the post locked dialog.
+ *
+ * Returning a falsey value to the filter will short-circuit displaying the dialog.
+ *
+ * @since 3.6.0
+ *
+ * @param bool $display Whether to display the dialog. Default true.
+ * @param WP_User|bool $user WP_User object on success, false otherwise.
+ */
if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) )
return;
$preview_link = '';
}
- $preview_link = apply_filters( 'preview_post_link', $preview_link );
+ /** This filter is documented in wp-admin/includes/meta-boxes.php */
+ $preview_link = apply_filters( 'preview_post_link', $preview_link, $post );
+
+ /**
+ * Filter whether to allow the post lock to be overridden.
+ *
+ * Returning a falsey value to the filter will disable the ability
+ * to override the post lock.
+ *
+ * @since 3.6.0
+ *
+ * @param bool $override Whether to allow overriding post locks. Default true.
+ * @param WP_Post $post Post object.
+ * @param WP_User $user User object.
+ */
$override = apply_filters( 'override_post_lock', true, $post, $user );
$tab_last = $override ? '' : ' wp-tab-last';
printf( ' ' . __( 'If you take over, %s will be blocked from continuing to edit.' ), esc_html( $user->display_name ) );
?>
</p>
- <?php do_action( 'post_locked_dialog', $post ); ?>
+ <?php
+ /**
+ * Fires inside the post locked dialog before the buttons are displayed.
+ *
+ * @since 3.6.0
+ *
+ * @param WP_Post $post Post object.
+ */
+ do_action( 'post_locked_dialog', $post );
+ ?>
<p>
<a class="button" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a>
<?php if ( $preview_link ) { ?>
<div class="post-taken-over">
<div class="post-locked-avatar"></div>
<p class="wp-tab-first" tabindex="0">
- <span class="currently-editing"></span><br>
+ <span class="currently-editing"></span><br />
<span class="locked-saving hidden"><img src="images/wpspin_light-2x.gif" width="16" height="16" /> <?php _e('Saving revision...'); ?></span>
<span class="locked-saved hidden"><?php _e('Your latest changes were saved as a revision.'); ?></span>
</p>
- <?php do_action( 'post_lock_lost_dialog', $post ); ?>
+ <?php
+ /**
+ * Fires inside the dialog displayed when a user has lost the post lock.
+ *
+ * @since 3.6.0
+ *
+ * @param WP_Post $post Post object.
+ */
+ do_action( 'post_lock_lost_dialog', $post );
+ ?>
<p><a class="button button-primary wp-tab-last" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a></p>
</div>
<?php
* @uses _wp_translate_postdata()
* @uses _wp_post_revision_fields()
*
- * @return unknown
+ * @param mixed $post_data Associative array containing the post data or int post ID.
+ * @return mixed The autosave revision ID. WP_Error or 0 on error.
*/
-function wp_create_post_autosave( $post_id ) {
- $translated = _wp_translate_postdata( true );
- if ( is_wp_error( $translated ) )
- return $translated;
+function wp_create_post_autosave( $post_data ) {
+ if ( is_numeric( $post_data ) ) {
+ $post_id = $post_data;
+ $post_data = &$_POST;
+ } else {
+ $post_id = (int) $post_data['post_ID'];
+ }
+
+ $post_data = _wp_translate_postdata( true, $post_data );
+ if ( is_wp_error( $post_data ) )
+ return $post_data;
$post_author = get_current_user_id();
// Store one autosave per author. If there is already an autosave, overwrite it.
if ( $old_autosave = wp_get_post_autosave( $post_id, $post_author ) ) {
- $new_autosave = _wp_post_revision_fields( $_POST, true );
+ $new_autosave = _wp_post_revision_fields( $post_data, true );
$new_autosave['ID'] = $old_autosave->ID;
$new_autosave['post_author'] = $post_author;
- // If the new autosave is the same content as the post, delete the old autosave.
+ // If the new autosave has the same content as the post, delete the autosave.
$post = get_post( $post_id );
$autosave_is_different = false;
- foreach ( array_keys( _wp_post_revision_fields() ) as $field ) {
+ foreach ( array_intersect( array_keys( $new_autosave ), array_keys( _wp_post_revision_fields() ) ) as $field ) {
if ( normalize_whitespace( $new_autosave[ $field ] ) != normalize_whitespace( $post->$field ) ) {
$autosave_is_different = true;
break;
if ( ! $autosave_is_different ) {
wp_delete_post_revision( $old_autosave->ID );
- return;
+ return 0;
}
return wp_update_post( $new_autosave );
}
// _wp_put_post_revision() expects unescaped.
- $post_data = wp_unslash( $_POST );
+ $post_data = wp_unslash( $post_data );
// Otherwise create the new autosave as a special post revision
return _wp_put_post_revision( $post_data, true );
function post_preview() {
$post_ID = (int) $_POST['post_ID'];
- $status = get_post_status( $post_ID );
- if ( 'auto-draft' == $status )
- wp_die( __('Preview not available. Please save as a draft first.') );
-
- if ( isset($_POST['catslist']) )
- $_POST['post_category'] = explode(",", $_POST['catslist']);
+ $_POST['ID'] = $post_ID;
- if ( isset($_POST['tags_input']) )
- $_POST['tags_input'] = explode(",", $_POST['tags_input']);
+ if ( ! $post = get_post( $post_ID ) ) {
+ wp_die( __( 'You are not allowed to edit this post.' ) );
+ }
- if ( $_POST['post_type'] == 'page' || empty($_POST['post_category']) )
- unset($_POST['post_category']);
+ if ( ! current_user_can( 'edit_post', $post->ID ) ) {
+ wp_die( __( 'You are not allowed to edit this post.' ) );
+ }
- $_POST['ID'] = $post_ID;
- $post = get_post($post_ID);
+ $is_autosave = false;
- if ( 'page' == $post->post_type ) {
- if ( ! current_user_can('edit_page', $post_ID) )
- wp_die( __('You are not allowed to edit this page.') );
+ if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'draft' == $post->post_status || 'auto-draft' == $post->post_status ) ) {
+ $saved_post_id = edit_post();
} else {
- if ( ! current_user_can('edit_post', $post_ID) )
- wp_die( __('You are not allowed to edit this post.') );
- }
+ $is_autosave = true;
- $user_id = get_current_user_id();
- $locked = wp_check_post_lock( $post->ID );
- if ( ! $locked && 'draft' == $post->post_status && $user_id == $post->post_author ) {
- $id = edit_post();
- } else { // Non drafts are not overwritten. The autosave is stored in a special post revision.
- $id = wp_create_post_autosave( $post->ID );
- if ( ! is_wp_error($id) )
- $id = $post->ID;
+ if ( 'auto-draft' == $_POST['post_status'] )
+ $_POST['post_status'] = 'draft';
+
+ $saved_post_id = wp_create_post_autosave( $post->ID );
}
- if ( is_wp_error($id) )
- wp_die( $id->get_error_message() );
+ if ( is_wp_error( $saved_post_id ) )
+ wp_die( $saved_post_id->get_error_message() );
- if ( ! $locked && $_POST['post_status'] == 'draft' && $user_id == $post->post_author ) {
- $url = add_query_arg( 'preview', 'true', get_permalink($id) );
- } else {
- $nonce = wp_create_nonce('post_preview_' . $id);
- $args = array(
- 'preview' => 'true',
- 'preview_id' => $id,
- 'preview_nonce' => $nonce,
- );
+ $query_args = array( 'preview' => 'true' );
+
+ if ( $is_autosave && $saved_post_id ) {
+ $query_args['preview_id'] = $post->ID;
+ $query_args['preview_nonce'] = wp_create_nonce( 'post_preview_' . $post->ID );
if ( isset( $_POST['post_format'] ) )
- $args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] );
+ $query_args['post_format'] = empty( $_POST['post_format'] ) ? 'standard' : sanitize_key( $_POST['post_format'] );
+ }
+
+ $url = add_query_arg( $query_args, get_permalink( $post->ID ) );
+
+ /** This filter is documented in wp-admin/includes/meta-boxes.php */
+ return apply_filters( 'preview_post_link', $url, $post );
+}
+
+/**
+ * Save a post submitted with XHR
+ *
+ * Intended for use with heartbeat and autosave.js
+ *
+ * @since 3.9.0
+ *
+ * @param $post_data Associative array of the submitted post data.
+ * @return mixed The value 0 or WP_Error on failure. The saved post ID on success.
+ * Te ID can be the draft post_id or the autosave revision post_id.
+ */
+function wp_autosave( $post_data ) {
+ // Back-compat
+ if ( ! defined( 'DOING_AUTOSAVE' ) )
+ define( 'DOING_AUTOSAVE', true );
- $url = add_query_arg( $args, get_permalink($id) );
+ $post_id = (int) $post_data['post_id'];
+ $post_data['ID'] = $post_data['post_ID'] = $post_id;
+
+ if ( false === wp_verify_nonce( $post_data['_wpnonce'], 'update-post_' . $post_id ) ) {
+ return new WP_Error( 'invalid_nonce', __( 'Error while saving.' ) );
}
- return apply_filters( 'preview_post_link', $url );
+ $post = get_post( $post_id );
+
+ if ( ! current_user_can( 'edit_post', $post->ID ) ) {
+ return new WP_Error( 'edit_posts', __( 'You are not allowed to edit this item.' ) );
+ }
+
+ if ( 'auto-draft' == $post->post_status )
+ $post_data['post_status'] = 'draft';
+
+ if ( $post_data['post_type'] != 'page' && ! empty( $post_data['catslist'] ) )
+ $post_data['post_category'] = explode( ',', $post_data['catslist'] );
+
+ if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'auto-draft' == $post->post_status || 'draft' == $post->post_status ) ) {
+ // Drafts and auto-drafts are just overwritten by autosave for the same user if the post is not locked
+ return edit_post( wp_slash( $post_data ) );
+ } else {
+ // Non drafts or other users drafts are not overwritten. The autosave is stored in a special post revision for each user.
+ return wp_create_post_autosave( wp_slash( $post_data ) );
+ }
}