[ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * REST API: WP_REST_Attachments_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core controller used to access attachments via the REST API. 12 * 13 * @since 4.7.0 14 * 15 * @see WP_REST_Posts_Controller 16 */ 17 class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { 18 19 /** 20 * Whether the controller supports batching. 21 * 22 * @since 5.9.0 23 * @var false 24 */ 25 protected $allow_batch = false; 26 27 /** 28 * Registers the routes for attachments. 29 * 30 * @since 5.3.0 31 * 32 * @see register_rest_route() 33 */ 34 public function register_routes() { 35 parent::register_routes(); 36 register_rest_route( 37 $this->namespace, 38 '/' . $this->rest_base . '/(?P<id>[\d]+)/post-process', 39 array( 40 'methods' => WP_REST_Server::CREATABLE, 41 'callback' => array( $this, 'post_process_item' ), 42 'permission_callback' => array( $this, 'post_process_item_permissions_check' ), 43 'args' => array( 44 'id' => array( 45 'description' => __( 'Unique identifier for the attachment.' ), 46 'type' => 'integer', 47 ), 48 'action' => array( 49 'type' => 'string', 50 'enum' => array( 'create-image-subsizes' ), 51 'required' => true, 52 ), 53 ), 54 ) 55 ); 56 register_rest_route( 57 $this->namespace, 58 '/' . $this->rest_base . '/(?P<id>[\d]+)/edit', 59 array( 60 'methods' => WP_REST_Server::CREATABLE, 61 'callback' => array( $this, 'edit_media_item' ), 62 'permission_callback' => array( $this, 'edit_media_item_permissions_check' ), 63 'args' => $this->get_edit_media_item_args(), 64 ) 65 ); 66 } 67 68 /** 69 * Determines the allowed query_vars for a get_items() response and 70 * prepares for WP_Query. 71 * 72 * @since 4.7.0 73 * 74 * @param array $prepared_args Optional. Array of prepared arguments. Default empty array. 75 * @param WP_REST_Request $request Optional. Request to prepare items for. 76 * @return array Array of query arguments. 77 */ 78 protected function prepare_items_query( $prepared_args = array(), $request = null ) { 79 $query_args = parent::prepare_items_query( $prepared_args, $request ); 80 81 if ( empty( $query_args['post_status'] ) ) { 82 $query_args['post_status'] = 'inherit'; 83 } 84 85 $media_types = $this->get_media_types(); 86 87 if ( ! empty( $request['media_type'] ) && isset( $media_types[ $request['media_type'] ] ) ) { 88 $query_args['post_mime_type'] = $media_types[ $request['media_type'] ]; 89 } 90 91 if ( ! empty( $request['mime_type'] ) ) { 92 $parts = explode( '/', $request['mime_type'] ); 93 if ( isset( $media_types[ $parts[0] ] ) && in_array( $request['mime_type'], $media_types[ $parts[0] ], true ) ) { 94 $query_args['post_mime_type'] = $request['mime_type']; 95 } 96 } 97 98 // Filter query clauses to include filenames. 99 if ( isset( $query_args['s'] ) ) { 100 add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); 101 } 102 103 return $query_args; 104 } 105 106 /** 107 * Checks if a given request has access to create an attachment. 108 * 109 * @since 4.7.0 110 * 111 * @param WP_REST_Request $request Full details about the request. 112 * @return true|WP_Error Boolean true if the attachment may be created, or a WP_Error if not. 113 */ 114 public function create_item_permissions_check( $request ) { 115 $ret = parent::create_item_permissions_check( $request ); 116 117 if ( ! $ret || is_wp_error( $ret ) ) { 118 return $ret; 119 } 120 121 if ( ! current_user_can( 'upload_files' ) ) { 122 return new WP_Error( 123 'rest_cannot_create', 124 __( 'Sorry, you are not allowed to upload media on this site.' ), 125 array( 'status' => 400 ) 126 ); 127 } 128 129 // Attaching media to a post requires ability to edit said post. 130 if ( ! empty( $request['post'] ) && ! current_user_can( 'edit_post', (int) $request['post'] ) ) { 131 return new WP_Error( 132 'rest_cannot_edit', 133 __( 'Sorry, you are not allowed to upload media to this post.' ), 134 array( 'status' => rest_authorization_required_code() ) 135 ); 136 } 137 $files = $request->get_file_params(); 138 139 /** 140 * Filter whether the server should prevent uploads for image types it doesn't support. Default true. 141 * 142 * Developers can use this filter to enable uploads of certain image types. By default image types that are not 143 * supported by the server are prevented from being uploaded. 144 * 145 * @since 6.8.0 146 * 147 * @param bool $check_mime Whether to prevent uploads of unsupported image types. 148 * @param string|null $mime_type The mime type of the file being uploaded (if available). 149 */ 150 $prevent_unsupported_uploads = apply_filters( 'wp_prevent_unsupported_mime_type_uploads', true, isset( $files['file']['type'] ) ? $files['file']['type'] : null ); 151 152 // If the upload is an image, check if the server can handle the mime type. 153 if ( 154 $prevent_unsupported_uploads && 155 isset( $files['file']['type'] ) && 156 str_starts_with( $files['file']['type'], 'image/' ) 157 ) { 158 // List of non-resizable image formats. 159 $editor_non_resizable_formats = array( 160 'image/svg+xml', 161 ); 162 163 // Check if the image editor supports the type or ignore if it isn't a format resizable by an editor. 164 if ( 165 ! in_array( $files['file']['type'], $editor_non_resizable_formats, true ) && 166 ! wp_image_editor_supports( array( 'mime_type' => $files['file']['type'] ) ) 167 ) { 168 return new WP_Error( 169 'rest_upload_image_type_not_supported', 170 __( 'The web server cannot generate responsive image sizes for this image. Convert it to JPEG or PNG before uploading.' ), 171 array( 'status' => 400 ) 172 ); 173 } 174 } 175 176 return true; 177 } 178 179 /** 180 * Creates a single attachment. 181 * 182 * @since 4.7.0 183 * 184 * @param WP_REST_Request $request Full details about the request. 185 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 186 */ 187 public function create_item( $request ) { 188 if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { 189 return new WP_Error( 190 'rest_invalid_param', 191 __( 'Invalid parent type.' ), 192 array( 'status' => 400 ) 193 ); 194 } 195 196 $insert = $this->insert_attachment( $request ); 197 198 if ( is_wp_error( $insert ) ) { 199 return $insert; 200 } 201 202 $schema = $this->get_item_schema(); 203 204 // Extract by name. 205 $attachment_id = $insert['attachment_id']; 206 $file = $insert['file']; 207 208 if ( isset( $request['alt_text'] ) ) { 209 update_post_meta( $attachment_id, '_wp_attachment_image_alt', sanitize_text_field( $request['alt_text'] ) ); 210 } 211 212 if ( ! empty( $schema['properties']['featured_media'] ) && isset( $request['featured_media'] ) ) { 213 $thumbnail_update = $this->handle_featured_media( $request['featured_media'], $attachment_id ); 214 215 if ( is_wp_error( $thumbnail_update ) ) { 216 return $thumbnail_update; 217 } 218 } 219 220 if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { 221 $meta_update = $this->meta->update_value( $request['meta'], $attachment_id ); 222 223 if ( is_wp_error( $meta_update ) ) { 224 return $meta_update; 225 } 226 } 227 228 $attachment = get_post( $attachment_id ); 229 $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); 230 231 if ( is_wp_error( $fields_update ) ) { 232 return $fields_update; 233 } 234 235 $terms_update = $this->handle_terms( $attachment_id, $request ); 236 237 if ( is_wp_error( $terms_update ) ) { 238 return $terms_update; 239 } 240 241 $request->set_param( 'context', 'edit' ); 242 243 /** 244 * Fires after a single attachment is completely created or updated via the REST API. 245 * 246 * @since 5.0.0 247 * 248 * @param WP_Post $attachment Inserted or updated attachment object. 249 * @param WP_REST_Request $request Request object. 250 * @param bool $creating True when creating an attachment, false when updating. 251 */ 252 do_action( 'rest_after_insert_attachment', $attachment, $request, true ); 253 254 wp_after_insert_post( $attachment, false, null ); 255 256 if ( wp_is_serving_rest_request() ) { 257 /* 258 * Set a custom header with the attachment_id. 259 * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. 260 */ 261 header( 'X-WP-Upload-Attachment-ID: ' . $attachment_id ); 262 } 263 264 // Include media and image functions to get access to wp_generate_attachment_metadata(). 265 require_once ABSPATH . 'wp-admin/includes/media.php'; 266 require_once ABSPATH . 'wp-admin/includes/image.php'; 267 268 /* 269 * Post-process the upload (create image sub-sizes, make PDF thumbnails, etc.) and insert attachment meta. 270 * At this point the server may run out of resources and post-processing of uploaded images may fail. 271 */ 272 wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); 273 274 $response = $this->prepare_item_for_response( $attachment, $request ); 275 $response = rest_ensure_response( $response ); 276 $response->set_status( 201 ); 277 $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $attachment_id ) ) ); 278 279 return $response; 280 } 281 282 /** 283 * Inserts the attachment post in the database. Does not update the attachment meta. 284 * 285 * @since 5.3.0 286 * 287 * @param WP_REST_Request $request 288 * @return array|WP_Error 289 */ 290 protected function insert_attachment( $request ) { 291 // Get the file via $_FILES or raw data. 292 $files = $request->get_file_params(); 293 $headers = $request->get_headers(); 294 295 $time = null; 296 297 // Matches logic in media_handle_upload(). 298 if ( ! empty( $request['post'] ) ) { 299 $post = get_post( $request['post'] ); 300 // The post date doesn't usually matter for pages, so don't backdate this upload. 301 if ( $post && 'page' !== $post->post_type && substr( $post->post_date, 0, 4 ) > 0 ) { 302 $time = $post->post_date; 303 } 304 } 305 306 if ( ! empty( $files ) ) { 307 $file = $this->upload_from_file( $files, $headers, $time ); 308 } else { 309 $file = $this->upload_from_data( $request->get_body(), $headers, $time ); 310 } 311 312 if ( is_wp_error( $file ) ) { 313 return $file; 314 } 315 316 $name = wp_basename( $file['file'] ); 317 $name_parts = pathinfo( $name ); 318 $name = trim( substr( $name, 0, -( 1 + strlen( $name_parts['extension'] ) ) ) ); 319 320 $url = $file['url']; 321 $type = $file['type']; 322 $file = $file['file']; 323 324 // Include image functions to get access to wp_read_image_metadata(). 325 require_once ABSPATH . 'wp-admin/includes/image.php'; 326 327 // Use image exif/iptc data for title and caption defaults if possible. 328 $image_meta = wp_read_image_metadata( $file ); 329 330 if ( ! empty( $image_meta ) ) { 331 if ( empty( $request['title'] ) && trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) ) { 332 $request['title'] = $image_meta['title']; 333 } 334 335 if ( empty( $request['caption'] ) && trim( $image_meta['caption'] ) ) { 336 $request['caption'] = $image_meta['caption']; 337 } 338 } 339 340 $attachment = $this->prepare_item_for_database( $request ); 341 342 $attachment->post_mime_type = $type; 343 $attachment->guid = $url; 344 345 // If the title was not set, use the original filename. 346 if ( empty( $attachment->post_title ) && ! empty( $files['file']['name'] ) ) { 347 // Remove the file extension (after the last `.`) 348 $tmp_title = substr( $files['file']['name'], 0, strrpos( $files['file']['name'], '.' ) ); 349 350 if ( ! empty( $tmp_title ) ) { 351 $attachment->post_title = $tmp_title; 352 } 353 } 354 355 // Fall back to the original approach. 356 if ( empty( $attachment->post_title ) ) { 357 $attachment->post_title = preg_replace( '/\.[^.]+$/', '', wp_basename( $file ) ); 358 } 359 360 // $post_parent is inherited from $attachment['post_parent']. 361 $id = wp_insert_attachment( wp_slash( (array) $attachment ), $file, 0, true, false ); 362 363 if ( is_wp_error( $id ) ) { 364 if ( 'db_update_error' === $id->get_error_code() ) { 365 $id->add_data( array( 'status' => 500 ) ); 366 } else { 367 $id->add_data( array( 'status' => 400 ) ); 368 } 369 370 return $id; 371 } 372 373 $attachment = get_post( $id ); 374 375 /** 376 * Fires after a single attachment is created or updated via the REST API. 377 * 378 * @since 4.7.0 379 * 380 * @param WP_Post $attachment Inserted or updated attachment object. 381 * @param WP_REST_Request $request The request sent to the API. 382 * @param bool $creating True when creating an attachment, false when updating. 383 */ 384 do_action( 'rest_insert_attachment', $attachment, $request, true ); 385 386 return array( 387 'attachment_id' => $id, 388 'file' => $file, 389 ); 390 } 391 392 /** 393 * Determines the featured media based on a request param. 394 * 395 * @since 6.5.0 396 * 397 * @param int $featured_media Featured Media ID. 398 * @param int $post_id Post ID. 399 * @return bool|WP_Error Whether the post thumbnail was successfully deleted, otherwise WP_Error. 400 */ 401 protected function handle_featured_media( $featured_media, $post_id ) { 402 $post_type = get_post_type( $post_id ); 403 $thumbnail_support = current_theme_supports( 'post-thumbnails', $post_type ) && post_type_supports( $post_type, 'thumbnail' ); 404 405 // Similar check as in wp_insert_post(). 406 if ( ! $thumbnail_support && get_post_mime_type( $post_id ) ) { 407 if ( wp_attachment_is( 'audio', $post_id ) ) { 408 $thumbnail_support = post_type_supports( 'attachment:audio', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:audio' ); 409 } elseif ( wp_attachment_is( 'video', $post_id ) ) { 410 $thumbnail_support = post_type_supports( 'attachment:video', 'thumbnail' ) || current_theme_supports( 'post-thumbnails', 'attachment:video' ); 411 } 412 } 413 414 if ( $thumbnail_support ) { 415 return parent::handle_featured_media( $featured_media, $post_id ); 416 } 417 418 return new WP_Error( 419 'rest_no_featured_media', 420 sprintf( 421 /* translators: %s: attachment mime type */ 422 __( 'This site does not support post thumbnails on attachments with MIME type %s.' ), 423 get_post_mime_type( $post_id ) 424 ), 425 array( 'status' => 400 ) 426 ); 427 } 428 429 /** 430 * Updates a single attachment. 431 * 432 * @since 4.7.0 433 * 434 * @param WP_REST_Request $request Full details about the request. 435 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 436 */ 437 public function update_item( $request ) { 438 if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { 439 return new WP_Error( 440 'rest_invalid_param', 441 __( 'Invalid parent type.' ), 442 array( 'status' => 400 ) 443 ); 444 } 445 446 $attachment_before = get_post( $request['id'] ); 447 $response = parent::update_item( $request ); 448 449 if ( is_wp_error( $response ) ) { 450 return $response; 451 } 452 453 $response = rest_ensure_response( $response ); 454 $data = $response->get_data(); 455 456 if ( isset( $request['alt_text'] ) ) { 457 update_post_meta( $data['id'], '_wp_attachment_image_alt', $request['alt_text'] ); 458 } 459 460 $attachment = get_post( $request['id'] ); 461 462 if ( ! empty( $schema['properties']['featured_media'] ) && isset( $request['featured_media'] ) ) { 463 $thumbnail_update = $this->handle_featured_media( $request['featured_media'], $attachment->ID ); 464 465 if ( is_wp_error( $thumbnail_update ) ) { 466 return $thumbnail_update; 467 } 468 } 469 470 $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); 471 472 if ( is_wp_error( $fields_update ) ) { 473 return $fields_update; 474 } 475 476 $request->set_param( 'context', 'edit' ); 477 478 /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php */ 479 do_action( 'rest_after_insert_attachment', $attachment, $request, false ); 480 481 wp_after_insert_post( $attachment, true, $attachment_before ); 482 483 $response = $this->prepare_item_for_response( $attachment, $request ); 484 $response = rest_ensure_response( $response ); 485 486 return $response; 487 } 488 489 /** 490 * Performs post-processing on an attachment. 491 * 492 * @since 5.3.0 493 * 494 * @param WP_REST_Request $request Full details about the request. 495 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 496 */ 497 public function post_process_item( $request ) { 498 switch ( $request['action'] ) { 499 case 'create-image-subsizes': 500 require_once ABSPATH . 'wp-admin/includes/image.php'; 501 wp_update_image_subsizes( $request['id'] ); 502 break; 503 } 504 505 $request['context'] = 'edit'; 506 507 return $this->prepare_item_for_response( get_post( $request['id'] ), $request ); 508 } 509 510 /** 511 * Checks if a given request can perform post-processing on an attachment. 512 * 513 * @since 5.3.0 514 * 515 * @param WP_REST_Request $request Full details about the request. 516 * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. 517 */ 518 public function post_process_item_permissions_check( $request ) { 519 return $this->update_item_permissions_check( $request ); 520 } 521 522 /** 523 * Checks if a given request has access to editing media. 524 * 525 * @since 5.5.0 526 * 527 * @param WP_REST_Request $request Full details about the request. 528 * @return true|WP_Error True if the request has read access, WP_Error object otherwise. 529 */ 530 public function edit_media_item_permissions_check( $request ) { 531 if ( ! current_user_can( 'upload_files' ) ) { 532 return new WP_Error( 533 'rest_cannot_edit_image', 534 __( 'Sorry, you are not allowed to upload media on this site.' ), 535 array( 'status' => rest_authorization_required_code() ) 536 ); 537 } 538 539 return $this->update_item_permissions_check( $request ); 540 } 541 542 /** 543 * Applies edits to a media item and creates a new attachment record. 544 * 545 * @since 5.5.0 546 * 547 * @param WP_REST_Request $request Full details about the request. 548 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 549 */ 550 public function edit_media_item( $request ) { 551 require_once ABSPATH . 'wp-admin/includes/image.php'; 552 553 $attachment_id = $request['id']; 554 555 // This also confirms the attachment is an image. 556 $image_file = wp_get_original_image_path( $attachment_id ); 557 $image_meta = wp_get_attachment_metadata( $attachment_id ); 558 559 if ( 560 ! $image_meta || 561 ! $image_file || 562 ! wp_image_file_matches_image_meta( $request['src'], $image_meta, $attachment_id ) 563 ) { 564 return new WP_Error( 565 'rest_unknown_attachment', 566 __( 'Unable to get meta information for file.' ), 567 array( 'status' => 404 ) 568 ); 569 } 570 571 $supported_types = array( 'image/jpeg', 'image/png', 'image/gif', 'image/webp', 'image/avif', 'image/heic' ); 572 $mime_type = get_post_mime_type( $attachment_id ); 573 if ( ! in_array( $mime_type, $supported_types, true ) ) { 574 return new WP_Error( 575 'rest_cannot_edit_file_type', 576 __( 'This type of file cannot be edited.' ), 577 array( 'status' => 400 ) 578 ); 579 } 580 581 // The `modifiers` param takes precedence over the older format. 582 if ( isset( $request['modifiers'] ) ) { 583 $modifiers = $request['modifiers']; 584 } else { 585 $modifiers = array(); 586 587 if ( ! empty( $request['rotation'] ) ) { 588 $modifiers[] = array( 589 'type' => 'rotate', 590 'args' => array( 591 'angle' => $request['rotation'], 592 ), 593 ); 594 } 595 596 if ( isset( $request['x'], $request['y'], $request['width'], $request['height'] ) ) { 597 $modifiers[] = array( 598 'type' => 'crop', 599 'args' => array( 600 'left' => $request['x'], 601 'top' => $request['y'], 602 'width' => $request['width'], 603 'height' => $request['height'], 604 ), 605 ); 606 } 607 608 if ( 0 === count( $modifiers ) ) { 609 return new WP_Error( 610 'rest_image_not_edited', 611 __( 'The image was not edited. Edit the image before applying the changes.' ), 612 array( 'status' => 400 ) 613 ); 614 } 615 } 616 617 /* 618 * If the file doesn't exist, attempt a URL fopen on the src link. 619 * This can occur with certain file replication plugins. 620 * Keep the original file path to get a modified name later. 621 */ 622 $image_file_to_edit = $image_file; 623 if ( ! file_exists( $image_file_to_edit ) ) { 624 $image_file_to_edit = _load_image_to_edit_path( $attachment_id ); 625 } 626 627 $image_editor = wp_get_image_editor( $image_file_to_edit ); 628 629 if ( is_wp_error( $image_editor ) ) { 630 return new WP_Error( 631 'rest_unknown_image_file_type', 632 __( 'Unable to edit this image.' ), 633 array( 'status' => 500 ) 634 ); 635 } 636 637 foreach ( $modifiers as $modifier ) { 638 $args = $modifier['args']; 639 switch ( $modifier['type'] ) { 640 case 'rotate': 641 // Rotation direction: clockwise vs. counterclockwise. 642 $rotate = 0 - $args['angle']; 643 644 if ( 0 !== $rotate ) { 645 $result = $image_editor->rotate( $rotate ); 646 647 if ( is_wp_error( $result ) ) { 648 return new WP_Error( 649 'rest_image_rotation_failed', 650 __( 'Unable to rotate this image.' ), 651 array( 'status' => 500 ) 652 ); 653 } 654 } 655 656 break; 657 658 case 'crop': 659 $size = $image_editor->get_size(); 660 661 $crop_x = (int) round( ( $size['width'] * $args['left'] ) / 100.0 ); 662 $crop_y = (int) round( ( $size['height'] * $args['top'] ) / 100.0 ); 663 $width = (int) round( ( $size['width'] * $args['width'] ) / 100.0 ); 664 $height = (int) round( ( $size['height'] * $args['height'] ) / 100.0 ); 665 666 if ( $size['width'] !== $width || $size['height'] !== $height ) { 667 $result = $image_editor->crop( $crop_x, $crop_y, $width, $height ); 668 669 if ( is_wp_error( $result ) ) { 670 return new WP_Error( 671 'rest_image_crop_failed', 672 __( 'Unable to crop this image.' ), 673 array( 'status' => 500 ) 674 ); 675 } 676 } 677 678 break; 679 680 } 681 } 682 683 // Calculate the file name. 684 $image_ext = pathinfo( $image_file, PATHINFO_EXTENSION ); 685 $image_name = wp_basename( $image_file, ".{$image_ext}" ); 686 687 /* 688 * Do not append multiple `-edited` to the file name. 689 * The user may be editing a previously edited image. 690 */ 691 if ( preg_match( '/-edited(-\d+)?$/', $image_name ) ) { 692 // Remove any `-1`, `-2`, etc. `wp_unique_filename()` will add the proper number. 693 $image_name = preg_replace( '/-edited(-\d+)?$/', '-edited', $image_name ); 694 } else { 695 // Append `-edited` before the extension. 696 $image_name .= '-edited'; 697 } 698 699 $filename = "{$image_name}.{$image_ext}"; 700 701 // Create the uploads subdirectory if needed. 702 $uploads = wp_upload_dir(); 703 704 // Make the file name unique in the (new) upload directory. 705 $filename = wp_unique_filename( $uploads['path'], $filename ); 706 707 // Save to disk. 708 $saved = $image_editor->save( $uploads['path'] . "/$filename" ); 709 710 if ( is_wp_error( $saved ) ) { 711 return $saved; 712 } 713 714 // Create new attachment post. 715 $new_attachment_post = array( 716 'post_mime_type' => $saved['mime-type'], 717 'guid' => $uploads['url'] . "/$filename", 718 'post_title' => $image_name, 719 'post_content' => '', 720 ); 721 722 // Copy post_content, post_excerpt, and post_title from the edited image's attachment post. 723 $attachment_post = get_post( $attachment_id ); 724 725 if ( $attachment_post ) { 726 $new_attachment_post['post_content'] = $attachment_post->post_content; 727 $new_attachment_post['post_excerpt'] = $attachment_post->post_excerpt; 728 $new_attachment_post['post_title'] = $attachment_post->post_title; 729 } 730 731 $new_attachment_id = wp_insert_attachment( wp_slash( $new_attachment_post ), $saved['path'], 0, true ); 732 733 if ( is_wp_error( $new_attachment_id ) ) { 734 if ( 'db_update_error' === $new_attachment_id->get_error_code() ) { 735 $new_attachment_id->add_data( array( 'status' => 500 ) ); 736 } else { 737 $new_attachment_id->add_data( array( 'status' => 400 ) ); 738 } 739 740 return $new_attachment_id; 741 } 742 743 // Copy the image alt text from the edited image. 744 $image_alt = get_post_meta( $attachment_id, '_wp_attachment_image_alt', true ); 745 746 if ( ! empty( $image_alt ) ) { 747 // update_post_meta() expects slashed. 748 update_post_meta( $new_attachment_id, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); 749 } 750 751 if ( wp_is_serving_rest_request() ) { 752 /* 753 * Set a custom header with the attachment_id. 754 * Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. 755 */ 756 header( 'X-WP-Upload-Attachment-ID: ' . $new_attachment_id ); 757 } 758 759 // Generate image sub-sizes and meta. 760 $new_image_meta = wp_generate_attachment_metadata( $new_attachment_id, $saved['path'] ); 761 762 // Copy the EXIF metadata from the original attachment if not generated for the edited image. 763 if ( isset( $image_meta['image_meta'] ) && isset( $new_image_meta['image_meta'] ) && is_array( $new_image_meta['image_meta'] ) ) { 764 // Merge but skip empty values. 765 foreach ( (array) $image_meta['image_meta'] as $key => $value ) { 766 if ( empty( $new_image_meta['image_meta'][ $key ] ) && ! empty( $value ) ) { 767 $new_image_meta['image_meta'][ $key ] = $value; 768 } 769 } 770 } 771 772 // Reset orientation. At this point the image is edited and orientation is correct. 773 if ( ! empty( $new_image_meta['image_meta']['orientation'] ) ) { 774 $new_image_meta['image_meta']['orientation'] = 1; 775 } 776 777 // The attachment_id may change if the site is exported and imported. 778 $new_image_meta['parent_image'] = array( 779 'attachment_id' => $attachment_id, 780 // Path to the originally uploaded image file relative to the uploads directory. 781 'file' => _wp_relative_upload_path( $image_file ), 782 ); 783 784 /** 785 * Filters the meta data for the new image created by editing an existing image. 786 * 787 * @since 5.5.0 788 * 789 * @param array $new_image_meta Meta data for the new image. 790 * @param int $new_attachment_id Attachment post ID for the new image. 791 * @param int $attachment_id Attachment post ID for the edited (parent) image. 792 */ 793 $new_image_meta = apply_filters( 'wp_edited_image_metadata', $new_image_meta, $new_attachment_id, $attachment_id ); 794 795 wp_update_attachment_metadata( $new_attachment_id, $new_image_meta ); 796 797 $response = $this->prepare_item_for_response( get_post( $new_attachment_id ), $request ); 798 $response->set_status( 201 ); 799 $response->header( 'Location', rest_url( sprintf( '%s/%s/%s', $this->namespace, $this->rest_base, $new_attachment_id ) ) ); 800 801 return $response; 802 } 803 804 /** 805 * Prepares a single attachment for create or update. 806 * 807 * @since 4.7.0 808 * 809 * @param WP_REST_Request $request Request object. 810 * @return stdClass|WP_Error Post object. 811 */ 812 protected function prepare_item_for_database( $request ) { 813 $prepared_attachment = parent::prepare_item_for_database( $request ); 814 815 // Attachment caption (post_excerpt internally). 816 if ( isset( $request['caption'] ) ) { 817 if ( is_string( $request['caption'] ) ) { 818 $prepared_attachment->post_excerpt = $request['caption']; 819 } elseif ( isset( $request['caption']['raw'] ) ) { 820 $prepared_attachment->post_excerpt = $request['caption']['raw']; 821 } 822 } 823 824 // Attachment description (post_content internally). 825 if ( isset( $request['description'] ) ) { 826 if ( is_string( $request['description'] ) ) { 827 $prepared_attachment->post_content = $request['description']; 828 } elseif ( isset( $request['description']['raw'] ) ) { 829 $prepared_attachment->post_content = $request['description']['raw']; 830 } 831 } 832 833 if ( isset( $request['post'] ) ) { 834 $prepared_attachment->post_parent = (int) $request['post']; 835 } 836 837 return $prepared_attachment; 838 } 839 840 /** 841 * Prepares a single attachment output for response. 842 * 843 * @since 4.7.0 844 * @since 5.9.0 Renamed `$post` to `$item` to match parent class for PHP 8 named parameter support. 845 * 846 * @param WP_Post $item Attachment object. 847 * @param WP_REST_Request $request Request object. 848 * @return WP_REST_Response Response object. 849 */ 850 public function prepare_item_for_response( $item, $request ) { 851 // Restores the more descriptive, specific name for use within this method. 852 $post = $item; 853 854 $response = parent::prepare_item_for_response( $post, $request ); 855 $fields = $this->get_fields_for_response( $request ); 856 $data = $response->get_data(); 857 858 if ( in_array( 'description', $fields, true ) ) { 859 $data['description'] = array( 860 'raw' => $post->post_content, 861 /** This filter is documented in wp-includes/post-template.php */ 862 'rendered' => apply_filters( 'the_content', $post->post_content ), 863 ); 864 } 865 866 if ( in_array( 'caption', $fields, true ) ) { 867 /** This filter is documented in wp-includes/post-template.php */ 868 $caption = apply_filters( 'get_the_excerpt', $post->post_excerpt, $post ); 869 870 /** This filter is documented in wp-includes/post-template.php */ 871 $caption = apply_filters( 'the_excerpt', $caption ); 872 873 $data['caption'] = array( 874 'raw' => $post->post_excerpt, 875 'rendered' => $caption, 876 ); 877 } 878 879 if ( in_array( 'alt_text', $fields, true ) ) { 880 $data['alt_text'] = get_post_meta( $post->ID, '_wp_attachment_image_alt', true ); 881 } 882 883 if ( in_array( 'media_type', $fields, true ) ) { 884 $data['media_type'] = wp_attachment_is_image( $post->ID ) ? 'image' : 'file'; 885 } 886 887 if ( in_array( 'mime_type', $fields, true ) ) { 888 $data['mime_type'] = $post->post_mime_type; 889 } 890 891 if ( in_array( 'media_details', $fields, true ) ) { 892 $data['media_details'] = wp_get_attachment_metadata( $post->ID ); 893 894 // Ensure empty details is an empty object. 895 if ( empty( $data['media_details'] ) ) { 896 $data['media_details'] = new stdClass(); 897 } elseif ( ! empty( $data['media_details']['sizes'] ) ) { 898 899 foreach ( $data['media_details']['sizes'] as $size => &$size_data ) { 900 901 if ( isset( $size_data['mime-type'] ) ) { 902 $size_data['mime_type'] = $size_data['mime-type']; 903 unset( $size_data['mime-type'] ); 904 } 905 906 // Use the same method image_downsize() does. 907 $image_src = wp_get_attachment_image_src( $post->ID, $size ); 908 if ( ! $image_src ) { 909 continue; 910 } 911 912 $size_data['source_url'] = $image_src[0]; 913 } 914 915 $full_src = wp_get_attachment_image_src( $post->ID, 'full' ); 916 917 if ( ! empty( $full_src ) ) { 918 $data['media_details']['sizes']['full'] = array( 919 'file' => wp_basename( $full_src[0] ), 920 'width' => $full_src[1], 921 'height' => $full_src[2], 922 'mime_type' => $post->post_mime_type, 923 'source_url' => $full_src[0], 924 ); 925 } 926 } else { 927 $data['media_details']['sizes'] = new stdClass(); 928 } 929 } 930 931 if ( in_array( 'post', $fields, true ) ) { 932 $data['post'] = ! empty( $post->post_parent ) ? (int) $post->post_parent : null; 933 } 934 935 if ( in_array( 'source_url', $fields, true ) ) { 936 $data['source_url'] = wp_get_attachment_url( $post->ID ); 937 } 938 939 if ( in_array( 'missing_image_sizes', $fields, true ) ) { 940 require_once ABSPATH . 'wp-admin/includes/image.php'; 941 $data['missing_image_sizes'] = array_keys( wp_get_missing_image_subsizes( $post->ID ) ); 942 } 943 944 $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; 945 946 $data = $this->filter_response_by_context( $data, $context ); 947 948 $links = $response->get_links(); 949 950 // Wrap the data in a response object. 951 $response = rest_ensure_response( $data ); 952 953 foreach ( $links as $rel => $rel_links ) { 954 foreach ( $rel_links as $link ) { 955 $response->add_link( $rel, $link['href'], $link['attributes'] ); 956 } 957 } 958 959 /** 960 * Filters an attachment returned from the REST API. 961 * 962 * Allows modification of the attachment right before it is returned. 963 * 964 * @since 4.7.0 965 * 966 * @param WP_REST_Response $response The response object. 967 * @param WP_Post $post The original attachment post. 968 * @param WP_REST_Request $request Request used to generate the response. 969 */ 970 return apply_filters( 'rest_prepare_attachment', $response, $post, $request ); 971 } 972 973 /** 974 * Retrieves the attachment's schema, conforming to JSON Schema. 975 * 976 * @since 4.7.0 977 * 978 * @return array Item schema as an array. 979 */ 980 public function get_item_schema() { 981 if ( $this->schema ) { 982 return $this->add_additional_fields_schema( $this->schema ); 983 } 984 985 $schema = parent::get_item_schema(); 986 987 $schema['properties']['alt_text'] = array( 988 'description' => __( 'Alternative text to display when attachment is not displayed.' ), 989 'type' => 'string', 990 'context' => array( 'view', 'edit', 'embed' ), 991 'arg_options' => array( 992 'sanitize_callback' => 'sanitize_text_field', 993 ), 994 ); 995 996 $schema['properties']['caption'] = array( 997 'description' => __( 'The attachment caption.' ), 998 'type' => 'object', 999 'context' => array( 'view', 'edit', 'embed' ), 1000 'arg_options' => array( 1001 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 1002 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). 1003 ), 1004 'properties' => array( 1005 'raw' => array( 1006 'description' => __( 'Caption for the attachment, as it exists in the database.' ), 1007 'type' => 'string', 1008 'context' => array( 'edit' ), 1009 ), 1010 'rendered' => array( 1011 'description' => __( 'HTML caption for the attachment, transformed for display.' ), 1012 'type' => 'string', 1013 'context' => array( 'view', 'edit', 'embed' ), 1014 'readonly' => true, 1015 ), 1016 ), 1017 ); 1018 1019 $schema['properties']['description'] = array( 1020 'description' => __( 'The attachment description.' ), 1021 'type' => 'object', 1022 'context' => array( 'view', 'edit' ), 1023 'arg_options' => array( 1024 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 1025 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). 1026 ), 1027 'properties' => array( 1028 'raw' => array( 1029 'description' => __( 'Description for the attachment, as it exists in the database.' ), 1030 'type' => 'string', 1031 'context' => array( 'edit' ), 1032 ), 1033 'rendered' => array( 1034 'description' => __( 'HTML description for the attachment, transformed for display.' ), 1035 'type' => 'string', 1036 'context' => array( 'view', 'edit' ), 1037 'readonly' => true, 1038 ), 1039 ), 1040 ); 1041 1042 $schema['properties']['media_type'] = array( 1043 'description' => __( 'Attachment type.' ), 1044 'type' => 'string', 1045 'enum' => array( 'image', 'file' ), 1046 'context' => array( 'view', 'edit', 'embed' ), 1047 'readonly' => true, 1048 ); 1049 1050 $schema['properties']['mime_type'] = array( 1051 'description' => __( 'The attachment MIME type.' ), 1052 'type' => 'string', 1053 'context' => array( 'view', 'edit', 'embed' ), 1054 'readonly' => true, 1055 ); 1056 1057 $schema['properties']['media_details'] = array( 1058 'description' => __( 'Details about the media file, specific to its type.' ), 1059 'type' => 'object', 1060 'context' => array( 'view', 'edit', 'embed' ), 1061 'readonly' => true, 1062 ); 1063 1064 $schema['properties']['post'] = array( 1065 'description' => __( 'The ID for the associated post of the attachment.' ), 1066 'type' => 'integer', 1067 'context' => array( 'view', 'edit' ), 1068 ); 1069 1070 $schema['properties']['source_url'] = array( 1071 'description' => __( 'URL to the original attachment file.' ), 1072 'type' => 'string', 1073 'format' => 'uri', 1074 'context' => array( 'view', 'edit', 'embed' ), 1075 'readonly' => true, 1076 ); 1077 1078 $schema['properties']['missing_image_sizes'] = array( 1079 'description' => __( 'List of the missing image sizes of the attachment.' ), 1080 'type' => 'array', 1081 'items' => array( 'type' => 'string' ), 1082 'context' => array( 'edit' ), 1083 'readonly' => true, 1084 ); 1085 1086 unset( $schema['properties']['password'] ); 1087 1088 $this->schema = $schema; 1089 1090 return $this->add_additional_fields_schema( $this->schema ); 1091 } 1092 1093 /** 1094 * Handles an upload via raw POST data. 1095 * 1096 * @since 4.7.0 1097 * @since 6.6.0 Added the `$time` parameter. 1098 * 1099 * @param string $data Supplied file data. 1100 * @param array $headers HTTP headers from the request. 1101 * @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null. 1102 * @return array|WP_Error Data from wp_handle_sideload(). 1103 */ 1104 protected function upload_from_data( $data, $headers, $time = null ) { 1105 if ( empty( $data ) ) { 1106 return new WP_Error( 1107 'rest_upload_no_data', 1108 __( 'No data supplied.' ), 1109 array( 'status' => 400 ) 1110 ); 1111 } 1112 1113 if ( empty( $headers['content_type'] ) ) { 1114 return new WP_Error( 1115 'rest_upload_no_content_type', 1116 __( 'No Content-Type supplied.' ), 1117 array( 'status' => 400 ) 1118 ); 1119 } 1120 1121 if ( empty( $headers['content_disposition'] ) ) { 1122 return new WP_Error( 1123 'rest_upload_no_content_disposition', 1124 __( 'No Content-Disposition supplied.' ), 1125 array( 'status' => 400 ) 1126 ); 1127 } 1128 1129 $filename = self::get_filename_from_disposition( $headers['content_disposition'] ); 1130 1131 if ( empty( $filename ) ) { 1132 return new WP_Error( 1133 'rest_upload_invalid_disposition', 1134 __( 'Invalid Content-Disposition supplied. Content-Disposition needs to be formatted as `attachment; filename="image.png"` or similar.' ), 1135 array( 'status' => 400 ) 1136 ); 1137 } 1138 1139 if ( ! empty( $headers['content_md5'] ) ) { 1140 $content_md5 = array_shift( $headers['content_md5'] ); 1141 $expected = trim( $content_md5 ); 1142 $actual = md5( $data ); 1143 1144 if ( $expected !== $actual ) { 1145 return new WP_Error( 1146 'rest_upload_hash_mismatch', 1147 __( 'Content hash did not match expected.' ), 1148 array( 'status' => 412 ) 1149 ); 1150 } 1151 } 1152 1153 // Get the content-type. 1154 $type = array_shift( $headers['content_type'] ); 1155 1156 // Include filesystem functions to get access to wp_tempnam() and wp_handle_sideload(). 1157 require_once ABSPATH . 'wp-admin/includes/file.php'; 1158 1159 // Save the file. 1160 $tmpfname = wp_tempnam( $filename ); 1161 1162 $fp = fopen( $tmpfname, 'w+' ); 1163 1164 if ( ! $fp ) { 1165 return new WP_Error( 1166 'rest_upload_file_error', 1167 __( 'Could not open file handle.' ), 1168 array( 'status' => 500 ) 1169 ); 1170 } 1171 1172 fwrite( $fp, $data ); 1173 fclose( $fp ); 1174 1175 // Now, sideload it in. 1176 $file_data = array( 1177 'error' => null, 1178 'tmp_name' => $tmpfname, 1179 'name' => $filename, 1180 'type' => $type, 1181 ); 1182 1183 $size_check = self::check_upload_size( $file_data ); 1184 if ( is_wp_error( $size_check ) ) { 1185 return $size_check; 1186 } 1187 1188 $overrides = array( 1189 'test_form' => false, 1190 ); 1191 1192 $sideloaded = wp_handle_sideload( $file_data, $overrides, $time ); 1193 1194 if ( isset( $sideloaded['error'] ) ) { 1195 @unlink( $tmpfname ); 1196 1197 return new WP_Error( 1198 'rest_upload_sideload_error', 1199 $sideloaded['error'], 1200 array( 'status' => 500 ) 1201 ); 1202 } 1203 1204 return $sideloaded; 1205 } 1206 1207 /** 1208 * Parses filename from a Content-Disposition header value. 1209 * 1210 * As per RFC6266: 1211 * 1212 * content-disposition = "Content-Disposition" ":" 1213 * disposition-type *( ";" disposition-parm ) 1214 * 1215 * disposition-type = "inline" | "attachment" | disp-ext-type 1216 * ; case-insensitive 1217 * disp-ext-type = token 1218 * 1219 * disposition-parm = filename-parm | disp-ext-parm 1220 * 1221 * filename-parm = "filename" "=" value 1222 * | "filename*" "=" ext-value 1223 * 1224 * disp-ext-parm = token "=" value 1225 * | ext-token "=" ext-value 1226 * ext-token = <the characters in token, followed by "*"> 1227 * 1228 * @since 4.7.0 1229 * 1230 * @link https://tools.ietf.org/html/rfc2388 1231 * @link https://tools.ietf.org/html/rfc6266 1232 * 1233 * @param string[] $disposition_header List of Content-Disposition header values. 1234 * @return string|null Filename if available, or null if not found. 1235 */ 1236 public static function get_filename_from_disposition( $disposition_header ) { 1237 // Get the filename. 1238 $filename = null; 1239 1240 foreach ( $disposition_header as $value ) { 1241 $value = trim( $value ); 1242 1243 if ( ! str_contains( $value, ';' ) ) { 1244 continue; 1245 } 1246 1247 list( , $attr_parts ) = explode( ';', $value, 2 ); 1248 1249 $attr_parts = explode( ';', $attr_parts ); 1250 $attributes = array(); 1251 1252 foreach ( $attr_parts as $part ) { 1253 if ( ! str_contains( $part, '=' ) ) { 1254 continue; 1255 } 1256 1257 list( $key, $value ) = explode( '=', $part, 2 ); 1258 1259 $attributes[ trim( $key ) ] = trim( $value ); 1260 } 1261 1262 if ( empty( $attributes['filename'] ) ) { 1263 continue; 1264 } 1265 1266 $filename = trim( $attributes['filename'] ); 1267 1268 // Unquote quoted filename, but after trimming. 1269 if ( str_starts_with( $filename, '"' ) && str_ends_with( $filename, '"' ) ) { 1270 $filename = substr( $filename, 1, -1 ); 1271 } 1272 } 1273 1274 return $filename; 1275 } 1276 1277 /** 1278 * Retrieves the query params for collections of attachments. 1279 * 1280 * @since 4.7.0 1281 * 1282 * @return array Query parameters for the attachment collection as an array. 1283 */ 1284 public function get_collection_params() { 1285 $params = parent::get_collection_params(); 1286 $params['status']['default'] = 'inherit'; 1287 $params['status']['items']['enum'] = array( 'inherit', 'private', 'trash' ); 1288 $media_types = $this->get_media_types(); 1289 1290 $params['media_type'] = array( 1291 'default' => null, 1292 'description' => __( 'Limit result set to attachments of a particular media type.' ), 1293 'type' => 'string', 1294 'enum' => array_keys( $media_types ), 1295 ); 1296 1297 $params['mime_type'] = array( 1298 'default' => null, 1299 'description' => __( 'Limit result set to attachments of a particular MIME type.' ), 1300 'type' => 'string', 1301 ); 1302 1303 return $params; 1304 } 1305 1306 /** 1307 * Handles an upload via multipart/form-data ($_FILES). 1308 * 1309 * @since 4.7.0 1310 * @since 6.6.0 Added the `$time` parameter. 1311 * 1312 * @param array $files Data from the `$_FILES` superglobal. 1313 * @param array $headers HTTP headers from the request. 1314 * @param string|null $time Optional. Time formatted in 'yyyy/mm'. Default null. 1315 * @return array|WP_Error Data from wp_handle_upload(). 1316 */ 1317 protected function upload_from_file( $files, $headers, $time = null ) { 1318 if ( empty( $files ) ) { 1319 return new WP_Error( 1320 'rest_upload_no_data', 1321 __( 'No data supplied.' ), 1322 array( 'status' => 400 ) 1323 ); 1324 } 1325 1326 // Verify hash, if given. 1327 if ( ! empty( $headers['content_md5'] ) ) { 1328 $content_md5 = array_shift( $headers['content_md5'] ); 1329 $expected = trim( $content_md5 ); 1330 $actual = md5_file( $files['file']['tmp_name'] ); 1331 1332 if ( $expected !== $actual ) { 1333 return new WP_Error( 1334 'rest_upload_hash_mismatch', 1335 __( 'Content hash did not match expected.' ), 1336 array( 'status' => 412 ) 1337 ); 1338 } 1339 } 1340 1341 // Pass off to WP to handle the actual upload. 1342 $overrides = array( 1343 'test_form' => false, 1344 ); 1345 1346 // Bypasses is_uploaded_file() when running unit tests. 1347 if ( defined( 'DIR_TESTDATA' ) && DIR_TESTDATA ) { 1348 $overrides['action'] = 'wp_handle_mock_upload'; 1349 } 1350 1351 $size_check = self::check_upload_size( $files['file'] ); 1352 if ( is_wp_error( $size_check ) ) { 1353 return $size_check; 1354 } 1355 1356 // Include filesystem functions to get access to wp_handle_upload(). 1357 require_once ABSPATH . 'wp-admin/includes/file.php'; 1358 1359 $file = wp_handle_upload( $files['file'], $overrides, $time ); 1360 1361 if ( isset( $file['error'] ) ) { 1362 return new WP_Error( 1363 'rest_upload_unknown_error', 1364 $file['error'], 1365 array( 'status' => 500 ) 1366 ); 1367 } 1368 1369 return $file; 1370 } 1371 1372 /** 1373 * Retrieves the supported media types. 1374 * 1375 * Media types are considered the MIME type category. 1376 * 1377 * @since 4.7.0 1378 * 1379 * @return array Array of supported media types. 1380 */ 1381 protected function get_media_types() { 1382 $media_types = array(); 1383 1384 foreach ( get_allowed_mime_types() as $mime_type ) { 1385 $parts = explode( '/', $mime_type ); 1386 1387 if ( ! isset( $media_types[ $parts[0] ] ) ) { 1388 $media_types[ $parts[0] ] = array(); 1389 } 1390 1391 $media_types[ $parts[0] ][] = $mime_type; 1392 } 1393 1394 return $media_types; 1395 } 1396 1397 /** 1398 * Determine if uploaded file exceeds space quota on multisite. 1399 * 1400 * Replicates check_upload_size(). 1401 * 1402 * @since 4.9.8 1403 * 1404 * @param array $file $_FILES array for a given file. 1405 * @return true|WP_Error True if can upload, error for errors. 1406 */ 1407 protected function check_upload_size( $file ) { 1408 if ( ! is_multisite() ) { 1409 return true; 1410 } 1411 1412 if ( get_site_option( 'upload_space_check_disabled' ) ) { 1413 return true; 1414 } 1415 1416 $space_left = get_upload_space_available(); 1417 1418 $file_size = filesize( $file['tmp_name'] ); 1419 1420 if ( $space_left < $file_size ) { 1421 return new WP_Error( 1422 'rest_upload_limited_space', 1423 /* translators: %s: Required disk space in kilobytes. */ 1424 sprintf( __( 'Not enough space to upload. %s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ), 1425 array( 'status' => 400 ) 1426 ); 1427 } 1428 1429 if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { 1430 return new WP_Error( 1431 'rest_upload_file_too_big', 1432 /* translators: %s: Maximum allowed file size in kilobytes. */ 1433 sprintf( __( 'This file is too big. Files must be less than %s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ), 1434 array( 'status' => 400 ) 1435 ); 1436 } 1437 1438 // Include multisite admin functions to get access to upload_is_user_over_quota(). 1439 require_once ABSPATH . 'wp-admin/includes/ms.php'; 1440 1441 if ( upload_is_user_over_quota( false ) ) { 1442 return new WP_Error( 1443 'rest_upload_user_quota_exceeded', 1444 __( 'You have used your space quota. Please delete files before uploading.' ), 1445 array( 'status' => 400 ) 1446 ); 1447 } 1448 1449 return true; 1450 } 1451 1452 /** 1453 * Gets the request args for the edit item route. 1454 * 1455 * @since 5.5.0 1456 * 1457 * @return array 1458 */ 1459 protected function get_edit_media_item_args() { 1460 return array( 1461 'src' => array( 1462 'description' => __( 'URL to the edited image file.' ), 1463 'type' => 'string', 1464 'format' => 'uri', 1465 'required' => true, 1466 ), 1467 'modifiers' => array( 1468 'description' => __( 'Array of image edits.' ), 1469 'type' => 'array', 1470 'minItems' => 1, 1471 'items' => array( 1472 'description' => __( 'Image edit.' ), 1473 'type' => 'object', 1474 'required' => array( 1475 'type', 1476 'args', 1477 ), 1478 'oneOf' => array( 1479 array( 1480 'title' => __( 'Rotation' ), 1481 'properties' => array( 1482 'type' => array( 1483 'description' => __( 'Rotation type.' ), 1484 'type' => 'string', 1485 'enum' => array( 'rotate' ), 1486 ), 1487 'args' => array( 1488 'description' => __( 'Rotation arguments.' ), 1489 'type' => 'object', 1490 'required' => array( 1491 'angle', 1492 ), 1493 'properties' => array( 1494 'angle' => array( 1495 'description' => __( 'Angle to rotate clockwise in degrees.' ), 1496 'type' => 'number', 1497 ), 1498 ), 1499 ), 1500 ), 1501 ), 1502 array( 1503 'title' => __( 'Crop' ), 1504 'properties' => array( 1505 'type' => array( 1506 'description' => __( 'Crop type.' ), 1507 'type' => 'string', 1508 'enum' => array( 'crop' ), 1509 ), 1510 'args' => array( 1511 'description' => __( 'Crop arguments.' ), 1512 'type' => 'object', 1513 'required' => array( 1514 'left', 1515 'top', 1516 'width', 1517 'height', 1518 ), 1519 'properties' => array( 1520 'left' => array( 1521 'description' => __( 'Horizontal position from the left to begin the crop as a percentage of the image width.' ), 1522 'type' => 'number', 1523 ), 1524 'top' => array( 1525 'description' => __( 'Vertical position from the top to begin the crop as a percentage of the image height.' ), 1526 'type' => 'number', 1527 ), 1528 'width' => array( 1529 'description' => __( 'Width of the crop as a percentage of the image width.' ), 1530 'type' => 'number', 1531 ), 1532 'height' => array( 1533 'description' => __( 'Height of the crop as a percentage of the image height.' ), 1534 'type' => 'number', 1535 ), 1536 ), 1537 ), 1538 ), 1539 ), 1540 ), 1541 ), 1542 ), 1543 'rotation' => array( 1544 'description' => __( 'The amount to rotate the image clockwise in degrees. DEPRECATED: Use `modifiers` instead.' ), 1545 'type' => 'integer', 1546 'minimum' => 0, 1547 'exclusiveMinimum' => true, 1548 'maximum' => 360, 1549 'exclusiveMaximum' => true, 1550 ), 1551 'x' => array( 1552 'description' => __( 'As a percentage of the image, the x position to start the crop from. DEPRECATED: Use `modifiers` instead.' ), 1553 'type' => 'number', 1554 'minimum' => 0, 1555 'maximum' => 100, 1556 ), 1557 'y' => array( 1558 'description' => __( 'As a percentage of the image, the y position to start the crop from. DEPRECATED: Use `modifiers` instead.' ), 1559 'type' => 'number', 1560 'minimum' => 0, 1561 'maximum' => 100, 1562 ), 1563 'width' => array( 1564 'description' => __( 'As a percentage of the image, the width to crop the image to. DEPRECATED: Use `modifiers` instead.' ), 1565 'type' => 'number', 1566 'minimum' => 0, 1567 'maximum' => 100, 1568 ), 1569 'height' => array( 1570 'description' => __( 'As a percentage of the image, the height to crop the image to. DEPRECATED: Use `modifiers` instead.' ), 1571 'type' => 'number', 1572 'minimum' => 0, 1573 'maximum' => 100, 1574 ), 1575 ); 1576 } 1577 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated : Sat May 3 08:20:01 2025 | Cross-referenced by PHPXref |