W3cubDocs

/WordPress

wp_xmlrpc_server::mw_newPost( array $args )

Create a new post.

Description

The ‘content_struct’ argument must contain:

  • title
  • description
  • mt_excerpt
  • mt_text_more
  • mt_keywords
  • mt_tb_ping_urls
  • categories

Also, it can optionally contain:

  • wp_slug
  • wp_password
  • wp_page_parent_id
  • wp_page_order
  • wp_author_id
  • post_status | page_status – can be ‘draft’, ‘private’, ‘publish’, or ‘pending’
  • mt_allow_comments – can be ‘open’ or ‘closed’
  • mt_allow_pings – can be ‘open’ or ‘closed’
  • date_created_gmt
  • dateCreated
  • wp_post_thumbnail

Parameters

$args

(array) (Required) Method arguments. Note: arguments must be ordered as documented.

  • 'blog_id'
    (int) (unused)
  • 'username'
    (string)
  • 'password'
    (string)
  • 'content_struct'
    (array)
  • 'publish'
    (int)

Return

(int|IXR_Error)

Source

File: wp-includes/class-wp-xmlrpc-server.php 

public function mw_newPost( $args ) {
		$this->escape( $args );

		$username       = $args[1];
		$password       = $args[2];
		$content_struct = $args[3];
		$publish        = isset( $args[4] ) ? $args[4] : 0;

		$user = $this->login( $username, $password );
		if ( ! $user ) {
			return $this->error;
		}

		/** This action is documented in wp-includes/class-wp-xmlrpc-server.php */
		do_action( 'xmlrpc_call', 'metaWeblog.newPost' );

		$page_template = '';
		if ( ! empty( $content_struct['post_type'] ) ) {
			if ( 'page' === $content_struct['post_type'] ) {
				if ( $publish ) {
					$cap = 'publish_pages';
				} elseif ( isset( $content_struct['page_status'] ) && 'publish' === $content_struct['page_status'] ) {
					$cap = 'publish_pages';
				} else {
					$cap = 'edit_pages';
				}
				$error_message = __( 'Sorry, you are not allowed to publish pages on this site.' );
				$post_type     = 'page';
				if ( ! empty( $content_struct['wp_page_template'] ) ) {
					$page_template = $content_struct['wp_page_template'];
				}
			} elseif ( 'post' === $content_struct['post_type'] ) {
				if ( $publish ) {
					$cap = 'publish_posts';
				} elseif ( isset( $content_struct['post_status'] ) && 'publish' === $content_struct['post_status'] ) {
					$cap = 'publish_posts';
				} else {
					$cap = 'edit_posts';
				}
				$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
				$post_type     = 'post';
			} else {
				// No other 'post_type' values are allowed here.
				return new IXR_Error( 401, __( 'Invalid post type.' ) );
			}
		} else {
			if ( $publish ) {
				$cap = 'publish_posts';
			} elseif ( isset( $content_struct['post_status'] ) && 'publish' === $content_struct['post_status'] ) {
				$cap = 'publish_posts';
			} else {
				$cap = 'edit_posts';
			}
			$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
			$post_type     = 'post';
		}

		if ( ! current_user_can( get_post_type_object( $post_type )->cap->create_posts ) ) {
			return new IXR_Error( 401, __( 'Sorry, you are not allowed to publish posts on this site.' ) );
		}
		if ( ! current_user_can( $cap ) ) {
			return new IXR_Error( 401, $error_message );
		}

		// Check for a valid post format if one was given.
		if ( isset( $content_struct['wp_post_format'] ) ) {
			$content_struct['wp_post_format'] = sanitize_key( $content_struct['wp_post_format'] );
			if ( ! array_key_exists( $content_struct['wp_post_format'], get_post_format_strings() ) ) {
				return new IXR_Error( 404, __( 'Invalid post format.' ) );
			}
		}

		// Let WordPress generate the 'post_name' (slug) unless
		// one has been provided.
		$post_name = '';
		if ( isset( $content_struct['wp_slug'] ) ) {
			$post_name = $content_struct['wp_slug'];
		}

		// Only use a password if one was given.
		if ( isset( $content_struct['wp_password'] ) ) {
			$post_password = $content_struct['wp_password'];
		} else {
			$post_password = '';
		}

		// Only set a post parent if one was given.
		if ( isset( $content_struct['wp_page_parent_id'] ) ) {
			$post_parent = $content_struct['wp_page_parent_id'];
		} else {
			$post_parent = 0;
		}

		// Only set the 'menu_order' if it was given.
		if ( isset( $content_struct['wp_page_order'] ) ) {
			$menu_order = $content_struct['wp_page_order'];
		} else {
			$menu_order = 0;
		}

		$post_author = $user->ID;

		// If an author id was provided then use it instead.
		if ( isset( $content_struct['wp_author_id'] ) && ( $user->ID != $content_struct['wp_author_id'] ) ) {
			switch ( $post_type ) {
				case 'post':
					if ( ! current_user_can( 'edit_others_posts' ) ) {
						return new IXR_Error( 401, __( 'Sorry, you are not allowed to create posts as this user.' ) );
					}
					break;
				case 'page':
					if ( ! current_user_can( 'edit_others_pages' ) ) {
						return new IXR_Error( 401, __( 'Sorry, you are not allowed to create pages as this user.' ) );
					}
					break;
				default:
					return new IXR_Error( 401, __( 'Invalid post type.' ) );
			}
			$author = get_userdata( $content_struct['wp_author_id'] );
			if ( ! $author ) {
				return new IXR_Error( 404, __( 'Invalid author ID.' ) );
			}
			$post_author = $content_struct['wp_author_id'];
		}

		$post_title   = isset( $content_struct['title'] ) ? $content_struct['title'] : null;
		$post_content = isset( $content_struct['description'] ) ? $content_struct['description'] : null;

		$post_status = $publish ? 'publish' : 'draft';

		if ( isset( $content_struct[ "{$post_type}_status" ] ) ) {
			switch ( $content_struct[ "{$post_type}_status" ] ) {
				case 'draft':
				case 'pending':
				case 'private':
				case 'publish':
					$post_status = $content_struct[ "{$post_type}_status" ];
					break;
				default:
					$post_status = $publish ? 'publish' : 'draft';
					break;
			}
		}

		$post_excerpt = isset( $content_struct['mt_excerpt'] ) ? $content_struct['mt_excerpt'] : null;
		$post_more    = isset( $content_struct['mt_text_more'] ) ? $content_struct['mt_text_more'] : null;

		$tags_input = isset( $content_struct['mt_keywords'] ) ? $content_struct['mt_keywords'] : null;

		if ( isset( $content_struct['mt_allow_comments'] ) ) {
			if ( ! is_numeric( $content_struct['mt_allow_comments'] ) ) {
				switch ( $content_struct['mt_allow_comments'] ) {
					case 'closed':
						$comment_status = 'closed';
						break;
					case 'open':
						$comment_status = 'open';
						break;
					default:
						$comment_status = get_default_comment_status( $post_type );
						break;
				}
			} else {
				switch ( (int) $content_struct['mt_allow_comments'] ) {
					case 0:
					case 2:
						$comment_status = 'closed';
						break;
					case 1:
						$comment_status = 'open';
						break;
					default:
						$comment_status = get_default_comment_status( $post_type );
						break;
				}
			}
		} else {
			$comment_status = get_default_comment_status( $post_type );
		}

		if ( isset( $content_struct['mt_allow_pings'] ) ) {
			if ( ! is_numeric( $content_struct['mt_allow_pings'] ) ) {
				switch ( $content_struct['mt_allow_pings'] ) {
					case 'closed':
						$ping_status = 'closed';
						break;
					case 'open':
						$ping_status = 'open';
						break;
					default:
						$ping_status = get_default_comment_status( $post_type, 'pingback' );
						break;
				}
			} else {
				switch ( (int) $content_struct['mt_allow_pings'] ) {
					case 0:
						$ping_status = 'closed';
						break;
					case 1:
						$ping_status = 'open';
						break;
					default:
						$ping_status = get_default_comment_status( $post_type, 'pingback' );
						break;
				}
			}
		} else {
			$ping_status = get_default_comment_status( $post_type, 'pingback' );
		}

		if ( $post_more ) {
			$post_content = $post_content . '<!--more-->' . $post_more;
		}

		$to_ping = null;
		if ( isset( $content_struct['mt_tb_ping_urls'] ) ) {
			$to_ping = $content_struct['mt_tb_ping_urls'];
			if ( is_array( $to_ping ) ) {
				$to_ping = implode( ' ', $to_ping );
			}
		}

		// Do some timestamp voodoo.
		if ( ! empty( $content_struct['date_created_gmt'] ) ) {
			// We know this is supposed to be GMT, so we're going to slap that Z on there by force.
			$dateCreated = rtrim( $content_struct['date_created_gmt']->getIso(), 'Z' ) . 'Z';
		} elseif ( ! empty( $content_struct['dateCreated'] ) ) {
			$dateCreated = $content_struct['dateCreated']->getIso();
		}

		if ( ! empty( $dateCreated ) ) {
			$post_date     = iso8601_to_datetime( $dateCreated );
			$post_date_gmt = iso8601_to_datetime( $dateCreated, 'gmt' );
		} else {
			$post_date     = '';
			$post_date_gmt = '';
		}

		$post_category = array();
		if ( isset( $content_struct['categories'] ) ) {
			$catnames = $content_struct['categories'];

			if ( is_array( $catnames ) ) {
				foreach ( $catnames as $cat ) {
					$post_category[] = get_cat_ID( $cat );
				}
			}
		}

		$postdata = compact( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'to_ping', 'post_type', 'post_name', 'post_password', 'post_parent', 'menu_order', 'tags_input', 'page_template' );

		$post_ID        = get_default_post_to_edit( $post_type, true )->ID;
		$postdata['ID'] = $post_ID;

		// Only posts can be sticky.
		if ( 'post' === $post_type && isset( $content_struct['sticky'] ) ) {
			$data           = $postdata;
			$data['sticky'] = $content_struct['sticky'];
			$error          = $this->_toggle_sticky( $data );
			if ( $error ) {
				return $error;
			}
		}

		if ( isset( $content_struct['custom_fields'] ) ) {
			$this->set_custom_fields( $post_ID, $content_struct['custom_fields'] );
		}

		if ( isset( $content_struct['wp_post_thumbnail'] ) ) {
			if ( set_post_thumbnail( $post_ID, $content_struct['wp_post_thumbnail'] ) === false ) {
				return new IXR_Error( 404, __( 'Invalid attachment ID.' ) );
			}

			unset( $content_struct['wp_post_thumbnail'] );
		}

		// Handle enclosures.
		$thisEnclosure = isset( $content_struct['enclosure'] ) ? $content_struct['enclosure'] : null;
		$this->add_enclosure_if_new( $post_ID, $thisEnclosure );

		$this->attach_uploads( $post_ID, $post_content );

		// Handle post formats if assigned, value is validated earlier
		// in this function.
		if ( isset( $content_struct['wp_post_format'] ) ) {
			set_post_format( $post_ID, $content_struct['wp_post_format'] );
		}

		$post_ID = wp_insert_post( $postdata, true );
		if ( is_wp_error( $post_ID ) ) {
			return new IXR_Error( 500, $post_ID->get_error_message() );
		}

		if ( ! $post_ID ) {
			return new IXR_Error( 500, __( 'Sorry, the post could not be created.' ) );
		}

		/**
		 * Fires after a new post has been successfully created via the XML-RPC MovableType API.
		 *
		 * @since 3.4.0
		 *
		 * @param int   $post_ID ID of the new post.
		 * @param array $args    An array of arguments to create the new post.
		 */
		do_action( 'xmlrpc_call_success_mw_newPost', $post_ID, $args ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.NotLowercase

		return strval( $post_ID );
	}

Uses

Uses Description
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::_toggle_sticky()

Encapsulate the logic for sticking a post and determining if the user has permission to do so
wp-includes/comment.php: get_default_comment_status()

Gets the default comment status for a post type.
wp-admin/includes/post.php: get_default_post_to_edit()

Default post information to use when populating the “Write Post” form.
wp-includes/capabilities.php: current_user_can()

Returns whether the current user has the specified capability.
wp-includes/l10n.php: __()

Retrieve the translation of $text.
wp-includes/formatting.php: iso8601_to_datetime()

Given an ISO 8601 (Ymd\TH:i:sO) date, returns a MySQL DateTime (Y-m-d H:i:s) format used by post_date[_gmt].
wp-includes/formatting.php: sanitize_key()

Sanitizes a string key.
wp-includes/pluggable.php: get_userdata()

Retrieve user info by user ID.
wp-includes/category.php: get_cat_ID()

Retrieves the ID of a category from its name.
wp-includes/plugin.php: do_action()

Execute functions hooked on a specific action hook.
wp-includes/post.php: set_post_thumbnail()

Sets the post thumbnail (featured image) for the given post.
wp-includes/post.php: wp_insert_post()

Insert or update a post.
wp-includes/post.php: get_post_type_object()

Retrieves a post type object by name.
wp-includes/post-formats.php: get_post_format_strings()

Returns an array of post format slugs to their translated and pretty display versions
wp-includes/post-formats.php: set_post_format()

Assign a format to a post
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::add_enclosure_if_new()

Adds an enclosure to a post if it’s new.
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::attach_uploads()

Attach upload to a post.
wp-includes/class-wp-xmlrpc-server.php: xmlrpc_call_success_mw_newPost

Fires after a new post has been successfully created via the XML-RPC MovableType API.
wp-includes/class-wp-xmlrpc-server.php: xmlrpc_call

Fires after the XML-RPC user has been authenticated but before the rest of the method logic begins.
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::escape()

Escape string or array of strings for database.
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::login()

Log user in.
wp-includes/class-wp-xmlrpc-server.php: wp_xmlrpc_server::set_custom_fields()

Set custom fields for post.
wp-includes/load.php: is_wp_error()

Check whether variable is a WordPress Error.

Changelog

Version Description
1.5.0 Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_xmlrpc_server/mw_newpost