W3cubDocs

/WordPress

edit_post( array $post_data = null )

Update an existing post with values provided in $_POST.

Description

If post data is passed as an argument, it is treated as an array of data keyed appropriately for turning into a post object.

If post data is not passed, the $_POST global variable is used instead.

Parameters

$post_data

(array) (Optional) Defaults to the $_POST global.

Default value: null

Return

(int) Post ID.

Source

File: wp-admin/includes/post.php

function edit_post( $post_data = null ) {
	global $wpdb;

	if ( empty( $post_data ) ) {
		$post_data = &$_POST;
	}

	// Clear out any data in internal vars.
	unset( $post_data['filter'] );

	$post_ID                     = (int) $post_data['post_ID'];
	$post                        = get_post( $post_ID );
	$post_data['post_type']      = $post->post_type;
	$post_data['post_mime_type'] = $post->post_mime_type;

	if ( ! empty( $post_data['post_status'] ) ) {
		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );

		if ( 'inherit' === $post_data['post_status'] ) {
			unset( $post_data['post_status'] );
		}
	}

	$ptype = get_post_type_object( $post_data['post_type'] );
	if ( ! current_user_can( 'edit_post', $post_ID ) ) {
		if ( 'page' === $post_data['post_type'] ) {
			wp_die( __( 'Sorry, you are not allowed to edit this page.' ) );
		} else {
			wp_die( __( 'Sorry, you are not allowed to edit this post.' ) );
		}
	}

	if ( post_type_supports( $ptype->name, 'revisions' ) ) {
		$revisions = wp_get_post_revisions(
			$post_ID,
			array(
				'order'          => 'ASC',
				'posts_per_page' => 1,
			)
		);
		$revision  = current( $revisions );

		// Check if the revisions have been upgraded.
		if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 ) {
			_wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) );
		}
	}

	if ( isset( $post_data['visibility'] ) ) {
		switch ( $post_data['visibility'] ) {
			case 'public':
				$post_data['post_password'] = '';
				break;
			case 'password':
				unset( $post_data['sticky'] );
				break;
			case 'private':
				$post_data['post_status']   = 'private';
				$post_data['post_password'] = '';
				unset( $post_data['sticky'] );
				break;
		}
	}

	$post_data = _wp_translate_postdata( true, $post_data );
	if ( is_wp_error( $post_data ) ) {
		wp_die( $post_data->get_error_message() );
	}
	$translated = _wp_get_allowed_postdata( $post_data );

	// Post formats.
	if ( isset( $post_data['post_format'] ) ) {
		set_post_format( $post_ID, $post_data['post_format'] );
	}

	$format_meta_urls = array( 'url', 'link_url', 'quote_source_url' );
	foreach ( $format_meta_urls as $format_meta_url ) {
		$keyed = '_format_' . $format_meta_url;
		if ( isset( $post_data[ $keyed ] ) ) {
			update_post_meta( $post_ID, $keyed, wp_slash( esc_url_raw( wp_unslash( $post_data[ $keyed ] ) ) ) );
		}
	}

	$format_keys = array( 'quote', 'quote_source_name', 'image', 'gallery', 'audio_embed', 'video_embed' );

	foreach ( $format_keys as $key ) {
		$keyed = '_format_' . $key;
		if ( isset( $post_data[ $keyed ] ) ) {
			if ( current_user_can( 'unfiltered_html' ) ) {
				update_post_meta( $post_ID, $keyed, $post_data[ $keyed ] );
			} else {
				update_post_meta( $post_ID, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) );
			}
		}
	}

	if ( 'attachment' === $post_data['post_type'] && preg_match( '#^(audio|video)/#', $post_data['post_mime_type'] ) ) {
		$id3data = wp_get_attachment_metadata( $post_ID );
		if ( ! is_array( $id3data ) ) {
			$id3data = array();
		}

		foreach ( wp_get_attachment_id3_keys( $post, 'edit' ) as $key => $label ) {
			if ( isset( $post_data[ 'id3_' . $key ] ) ) {
				$id3data[ $key ] = sanitize_text_field( wp_unslash( $post_data[ 'id3_' . $key ] ) );
			}
		}
		wp_update_attachment_metadata( $post_ID, $id3data );
	}

	// Meta stuff.
	if ( isset( $post_data['meta'] ) && $post_data['meta'] ) {
		foreach ( $post_data['meta'] as $key => $value ) {
			$meta = get_post_meta_by_id( $key );
			if ( ! $meta ) {
				continue;
			}
			if ( $meta->post_id != $post_ID ) {
				continue;
			}
			if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $meta->meta_key ) ) {
				continue;
			}
			if ( is_protected_meta( $value['key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $value['key'] ) ) {
				continue;
			}
			update_meta( $key, $value['key'], $value['value'] );
		}
	}

	if ( isset( $post_data['deletemeta'] ) && $post_data['deletemeta'] ) {
		foreach ( $post_data['deletemeta'] as $key => $value ) {
			$meta = get_post_meta_by_id( $key );
			if ( ! $meta ) {
				continue;
			}
			if ( $meta->post_id != $post_ID ) {
				continue;
			}
			if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $post_ID, $meta->meta_key ) ) {
				continue;
			}
			delete_meta( $key );
		}
	}

	// Attachment stuff.
	if ( 'attachment' === $post_data['post_type'] ) {
		if ( isset( $post_data['_wp_attachment_image_alt'] ) ) {
			$image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] );

			if ( get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) !== $image_alt ) {
				$image_alt = wp_strip_all_tags( $image_alt, true );

				// update_post_meta() expects slashed.
				update_post_meta( $post_ID, '_wp_attachment_image_alt', wp_slash( $image_alt ) );
			}
		}

		$attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array();

		/** This filter is documented in wp-admin/includes/media.php */
		$translated = apply_filters( 'attachment_fields_to_save', $translated, $attachment_data );
	}

	// Convert taxonomy input to term IDs, to avoid ambiguity.
	if ( isset( $post_data['tax_input'] ) ) {
		foreach ( (array) $post_data['tax_input'] as $taxonomy => $terms ) {
			$tax_object = get_taxonomy( $taxonomy );

			if ( $tax_object && isset( $tax_object->meta_box_sanitize_cb ) ) {
				$translated['tax_input'][ $taxonomy ] = call_user_func_array( $tax_object->meta_box_sanitize_cb, array( $taxonomy, $terms ) );
			}
		}
	}

	add_meta( $post_ID );

	update_post_meta( $post_ID, '_edit_last', get_current_user_id() );

	$success = wp_update_post( $translated );

	// If the save failed, see if we can sanity check the main fields and try again.
	if ( ! $success && is_callable( array( $wpdb, 'strip_invalid_text_for_column' ) ) ) {
		$fields = array( 'post_title', 'post_content', 'post_excerpt' );

		foreach ( $fields as $field ) {
			if ( isset( $translated[ $field ] ) ) {
				$translated[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->posts, $field, $translated[ $field ] );
			}
		}

		wp_update_post( $translated );
	}

	// Now that we have an ID we can fix any attachment anchor hrefs.
	_fix_attachment_links( $post_ID );

	wp_set_post_lock( $post_ID );

	if ( current_user_can( $ptype->cap->edit_others_posts ) && current_user_can( $ptype->cap->publish_posts ) ) {
		if ( ! empty( $post_data['sticky'] ) ) {
			stick_post( $post_ID );
		} else {
			unstick_post( $post_ID );
		}
	}

	return $post_ID;
}

Uses

Uses	Description
wp-admin/includes/post.php: _wp_get_allowed_postdata()	Returns only allowed post data fields
wp-includes/wp-db.php: wpdb::strip_invalid_text_for_column()	Strips any invalid characters from the string for a given table and column.
wp-admin/includes/media.php: attachment_fields_to_save	Filters the attachment fields to be saved.
wp-admin/includes/post.php: wp_set_post_lock()	Mark the post as currently being edited by the current user
wp-admin/includes/post.php: get_post_meta_by_id()	Get post meta data by meta ID.
wp-admin/includes/post.php: update_meta()	Update post meta data by meta ID.
wp-admin/includes/post.php: delete_meta()	Delete post meta data by meta ID.
wp-admin/includes/post.php: add_meta()	Add post meta data defined in $_POST superglobal for post with given ID.
wp-admin/includes/post.php: _fix_attachment_links()	Replace hrefs of attachment anchors with up-to-date permalinks.
wp-admin/includes/post.php: _wp_translate_postdata()	Rename $_POST data from form names to DB post columns.
wp-includes/capabilities.php: current_user_can()	Returns whether the current user has the specified capability.
wp-includes/l10n.php: __()	Retrieve the translation of $text.
wp-includes/formatting.php: wp_slash()	Add slashes to a string or array of strings, in a recursive manner.
wp-includes/formatting.php: wp_unslash()	Remove slashes from a string or array of strings.
wp-includes/formatting.php: sanitize_text_field()	Sanitizes a string from user input or from the database.
wp-includes/formatting.php: wp_strip_all_tags()	Properly strip all HTML tags including script and style
wp-includes/formatting.php: esc_url_raw()	Performs esc_url() for database usage.
wp-includes/formatting.php: sanitize_key()	Sanitizes a string key.
wp-includes/kses.php: wp_filter_post_kses()	Sanitizes content for allowed HTML tags for post content.
wp-includes/functions.php: wp_die()	Kills WordPress execution and displays HTML page with an error message.
wp-includes/taxonomy.php: get_taxonomy()	Retrieves the taxonomy object of $taxonomy.
wp-includes/plugin.php: apply_filters()	Calls the callback functions that have been added to a filter hook.
wp-includes/user.php: get_current_user_id()	Get the current user’s ID
wp-includes/media.php: wp_get_attachment_id3_keys()	Returns useful keys to use to lookup data from an attachment’s stored metadata.
wp-includes/post.php: wp_get_attachment_metadata()	Retrieves attachment metadata for attachment ID.
wp-includes/post.php: wp_update_attachment_metadata()	Updates metadata for an attachment.
wp-includes/post.php: wp_update_post()	Update a post with new post data.
wp-includes/post.php: stick_post()	Make a post sticky.
wp-includes/post.php: unstick_post()	Un-stick a post.
wp-includes/post.php: post_type_supports()	Check a post type’s support for a given feature.
wp-includes/post.php: update_post_meta()	Updates a post meta field based on the given post ID.
wp-includes/post.php: get_post_meta()	Retrieves a post meta field for the given post ID.
wp-includes/post.php: get_post()	Retrieves post data given a post ID or post object.
wp-includes/post.php: get_post_type_object()	Retrieves a post type object by name.
wp-includes/revision.php: wp_get_post_revisions()	Returns all revisions of specified post.
wp-includes/revision.php: _wp_get_post_revision_version()	Gets the post revision version.
wp-includes/revision.php: _wp_upgrade_revisions_of_post()	Upgrade the revisions author, add the current post as a revision and set the revisions version to 1
wp-includes/post-formats.php: set_post_format()	Assign a format to a post
wp-includes/meta.php: is_protected_meta()	Determines whether a meta key is considered protected.
wp-includes/load.php: is_wp_error()	Check whether variable is a WordPress Error.

Used By

Used By	Description
wp-admin/includes/post.php: post_preview()	Saves a draft or manually autosaves for the purpose of showing a post preview.
wp-admin/includes/post.php: wp_autosave()	Save a post submitted with XHR
wp-admin/includes/post.php: wp_write_post()	Creates a new post from the “Write Post” form using $_POST information.
wp-admin/includes/ajax-actions.php: wp_ajax_wp_fullscreen_save_post()	Ajax handler for saving posts from the fullscreen editor.
wp-admin/includes/ajax-actions.php: wp_ajax_add_meta()	Ajax handler for adding meta.
wp-admin/includes/ajax-actions.php: wp_ajax_inline_save()	Ajax handler for Quick Edit saving a post from a list table.

Changelog

Version	Description
1.5.0	Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/edit_post