| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * REST API: WP_REST_Attachments_Controller class 4 * 5 * @package WordPress 6 * @subpackage REST_API 7 * @since 4.7.0 8 */ 9 10 /** 11 * Core controller used to access attachments via the REST API. 12 * 13 * @since 4.7.0 14 * 15 * @see WP_REST_Posts_Controller 16 */ 17 class WP_REST_Attachments_Controller extends WP_REST_Posts_Controller { 18 19 /** 20 * Registers the routes for attachments. 21 * 22 * @since 5.3.0 23 * 24 * @see register_rest_route() 25 */ 26 public function register_routes() { 27 parent::register_routes(); 28 register_rest_route( 29 $this->namespace, 30 '/' . $this->rest_base . '/(?P<id>[\d]+)/post-process', 31 array( 32 'methods' => WP_REST_Server::CREATABLE, 33 'callback' => array( $this, 'post_process_item' ), 34 'permission_callback' => array( $this, 'post_process_item_permissions_check' ), 35 'args' => array( 36 'id' => array( 37 'description' => __( 'Unique identifier for the object.' ), 38 'type' => 'integer', 39 ), 40 'action' => array( 41 'type' => 'string', 42 'enum' => array( 'create-image-subsizes' ), 43 'required' => true, 44 ), 45 ), 46 ) 47 ); 48 register_rest_route( 49 $this->namespace, 50 '/' . $this->rest_base . '/(?P<id>[\d]+)/edit', 51 array( 52 'methods' => WP_REST_Server::CREATABLE, 53 'callback' => array( $this, 'edit_media_item' ), 54 'permission_callback' => array( $this, 'edit_media_item_permissions_check' ), 55 'args' => $this->get_edit_media_item_args(), 56 ) 57 ); 58 } 59 60 /** 61 * Determines the allowed query_vars for a get_items() response and 62 * prepares for WP_Query. 63 * 64 * @since 4.7.0 65 * 66 * @param array $prepared_args Optional. Array of prepared arguments. Default empty array. 67 * @param WP_REST_Request $request Optional. Request to prepare items for. 68 * @return array Array of query arguments. 69 */ 70 protected function prepare_items_query( $prepared_args = array(), $request = null ) { 71 $query_args = parent::prepare_items_query( $prepared_args, $request ); 72 73 if ( empty( $query_args['post_status'] ) ) { 74 $query_args['post_status'] = 'inherit'; 75 } 76 77 $media_types = $this->get_media_types(); 78 79 if ( ! empty( $request['media_type'] ) && isset( $media_types[ $request['media_type'] ] ) ) { 80 $query_args['post_mime_type'] = $media_types[ $request['media_type'] ]; 81 } 82 83 if ( ! empty( $request['mime_type'] ) ) { 84 $parts = explode( '/', $request['mime_type'] ); 85 if ( isset( $media_types[ $parts[0] ] ) && in_array( $request['mime_type'], $media_types[ $parts[0] ], true ) ) { 86 $query_args['post_mime_type'] = $request['mime_type']; 87 } 88 } 89 90 // Filter query clauses to include filenames. 91 if ( isset( $query_args['s'] ) ) { 92 add_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); 93 } 94 95 return $query_args; 96 } 97 98 /** 99 * Checks if a given request has access to create an attachment. 100 * 101 * @since 4.7.0 102 * 103 * @param WP_REST_Request $request Full details about the request. 104 * @return true|WP_Error Boolean true if the attachment may be created, or a WP_Error if not. 105 */ 106 public function create_item_permissions_check( $request ) { 107 $ret = parent::create_item_permissions_check( $request ); 108 109 if ( ! $ret || is_wp_error( $ret ) ) { 110 return $ret; 111 } 112 113 if ( ! current_user_can( 'upload_files' ) ) { 114 return new WP_Error( 115 'rest_cannot_create', 116 __( 'Sorry, you are not allowed to upload media on this site.' ), 117 array( 'status' => 400 ) 118 ); 119 } 120 121 // Attaching media to a post requires ability to edit said post. 122 if ( ! empty( $request['post'] ) && ! current_user_can( 'edit_post', (int) $request['post'] ) ) { 123 return new WP_Error( 124 'rest_cannot_edit', 125 __( 'Sorry, you are not allowed to upload media to this post.' ), 126 array( 'status' => rest_authorization_required_code() ) 127 ); 128 } 129 130 return true; 131 } 132 133 /** 134 * Creates a single attachment. 135 * 136 * @since 4.7.0 137 * 138 * @param WP_REST_Request $request Full details about the request. 139 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 140 */ 141 public function create_item( $request ) { 142 if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { 143 return new WP_Error( 144 'rest_invalid_param', 145 __( 'Invalid parent type.' ), 146 array( 'status' => 400 ) 147 ); 148 } 149 150 $insert = $this->insert_attachment( $request ); 151 152 if ( is_wp_error( $insert ) ) { 153 return $insert; 154 } 155 156 $schema = $this->get_item_schema(); 157 158 // Extract by name. 159 $attachment_id = $insert['attachment_id']; 160 $file = $insert['file']; 161 162 if ( isset( $request['alt_text'] ) ) { 163 update_post_meta( $attachment_id, '_wp_attachment_image_alt', sanitize_text_field( $request['alt_text'] ) ); 164 } 165 166 if ( ! empty( $schema['properties']['meta'] ) && isset( $request['meta'] ) ) { 167 $meta_update = $this->meta->update_value( $request['meta'], $attachment_id ); 168 169 if ( is_wp_error( $meta_update ) ) { 170 return $meta_update; 171 } 172 } 173 174 $attachment = get_post( $attachment_id ); 175 $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); 176 177 if ( is_wp_error( $fields_update ) ) { 178 return $fields_update; 179 } 180 181 $request->set_param( 'context', 'edit' ); 182 183 /** 184 * Fires after a single attachment is completely created or updated via the REST API. 185 * 186 * @since 5.0.0 187 * 188 * @param WP_Post $attachment Inserted or updated attachment object. 189 * @param WP_REST_Request $request Request object. 190 * @param bool $creating True when creating an attachment, false when updating. 191 */ 192 do_action( 'rest_after_insert_attachment', $attachment, $request, true ); 193 194 if ( defined( 'REST_REQUEST' ) && REST_REQUEST ) { 195 // Set a custom header with the attachment_id. 196 // Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. 197 header( 'X-WP-Upload-Attachment-ID: ' . $attachment_id ); 198 } 199 200 // Include media and image functions to get access to wp_generate_attachment_metadata(). 201 require_once ABSPATH . 'wp-admin/includes/media.php'; 202 require_once ABSPATH . 'wp-admin/includes/image.php'; 203 204 // Post-process the upload (create image sub-sizes, make PDF thumbnails, etc.) and insert attachment meta. 205 // At this point the server may run out of resources and post-processing of uploaded images may fail. 206 wp_update_attachment_metadata( $attachment_id, wp_generate_attachment_metadata( $attachment_id, $file ) ); 207 208 $response = $this->prepare_item_for_response( $attachment, $request ); 209 $response = rest_ensure_response( $response ); 210 $response->set_status( 201 ); 211 $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $attachment_id ) ) ); 212 213 return $response; 214 } 215 216 /** 217 * Inserts the attachment post in the database. Does not update the attachment meta. 218 * 219 * @since 5.3.0 220 * 221 * @param WP_REST_Request $request 222 * @return array|WP_Error 223 */ 224 protected function insert_attachment( $request ) { 225 // Get the file via $_FILES or raw data. 226 $files = $request->get_file_params(); 227 $headers = $request->get_headers(); 228 229 if ( ! empty( $files ) ) { 230 $file = $this->upload_from_file( $files, $headers ); 231 } else { 232 $file = $this->upload_from_data( $request->get_body(), $headers ); 233 } 234 235 if ( is_wp_error( $file ) ) { 236 return $file; 237 } 238 239 $name = wp_basename( $file['file'] ); 240 $name_parts = pathinfo( $name ); 241 $name = trim( substr( $name, 0, -( 1 + strlen( $name_parts['extension'] ) ) ) ); 242 243 $url = $file['url']; 244 $type = $file['type']; 245 $file = $file['file']; 246 247 // Include image functions to get access to wp_read_image_metadata(). 248 require_once ABSPATH . 'wp-admin/includes/image.php'; 249 250 // Use image exif/iptc data for title and caption defaults if possible. 251 $image_meta = wp_read_image_metadata( $file ); 252 253 if ( ! empty( $image_meta ) ) { 254 if ( empty( $request['title'] ) && trim( $image_meta['title'] ) && ! is_numeric( sanitize_title( $image_meta['title'] ) ) ) { 255 $request['title'] = $image_meta['title']; 256 } 257 258 if ( empty( $request['caption'] ) && trim( $image_meta['caption'] ) ) { 259 $request['caption'] = $image_meta['caption']; 260 } 261 } 262 263 $attachment = $this->prepare_item_for_database( $request ); 264 265 $attachment->post_mime_type = $type; 266 $attachment->guid = $url; 267 268 if ( empty( $attachment->post_title ) ) { 269 $attachment->post_title = preg_replace( '/\.[^.]+$/', '', wp_basename( $file ) ); 270 } 271 272 // $post_parent is inherited from $attachment['post_parent']. 273 $id = wp_insert_attachment( wp_slash( (array) $attachment ), $file, 0, true ); 274 275 if ( is_wp_error( $id ) ) { 276 if ( 'db_update_error' === $id->get_error_code() ) { 277 $id->add_data( array( 'status' => 500 ) ); 278 } else { 279 $id->add_data( array( 'status' => 400 ) ); 280 } 281 282 return $id; 283 } 284 285 $attachment = get_post( $id ); 286 287 /** 288 * Fires after a single attachment is created or updated via the REST API. 289 * 290 * @since 4.7.0 291 * 292 * @param WP_Post $attachment Inserted or updated attachment 293 * object. 294 * @param WP_REST_Request $request The request sent to the API. 295 * @param bool $creating True when creating an attachment, false when updating. 296 */ 297 do_action( 'rest_insert_attachment', $attachment, $request, true ); 298 299 return array( 300 'attachment_id' => $id, 301 'file' => $file, 302 ); 303 } 304 305 /** 306 * Updates a single attachment. 307 * 308 * @since 4.7.0 309 * 310 * @param WP_REST_Request $request Full details about the request. 311 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 312 */ 313 public function update_item( $request ) { 314 if ( ! empty( $request['post'] ) && in_array( get_post_type( $request['post'] ), array( 'revision', 'attachment' ), true ) ) { 315 return new WP_Error( 316 'rest_invalid_param', 317 __( 'Invalid parent type.' ), 318 array( 'status' => 400 ) 319 ); 320 } 321 322 $response = parent::update_item( $request ); 323 324 if ( is_wp_error( $response ) ) { 325 return $response; 326 } 327 328 $response = rest_ensure_response( $response ); 329 $data = $response->get_data(); 330 331 if ( isset( $request['alt_text'] ) ) { 332 update_post_meta( $data['id'], '_wp_attachment_image_alt', $request['alt_text'] ); 333 } 334 335 $attachment = get_post( $request['id'] ); 336 337 $fields_update = $this->update_additional_fields_for_object( $attachment, $request ); 338 339 if ( is_wp_error( $fields_update ) ) { 340 return $fields_update; 341 } 342 343 $request->set_param( 'context', 'edit' ); 344 345 /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php */ 346 do_action( 'rest_after_insert_attachment', $attachment, $request, false ); 347 348 $response = $this->prepare_item_for_response( $attachment, $request ); 349 $response = rest_ensure_response( $response ); 350 351 return $response; 352 } 353 354 /** 355 * Performs post processing on an attachment. 356 * 357 * @since 5.3.0 358 * 359 * @param WP_REST_Request $request Full details about the request. 360 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 361 */ 362 public function post_process_item( $request ) { 363 switch ( $request['action'] ) { 364 case 'create-image-subsizes': 365 require_once ABSPATH . 'wp-admin/includes/image.php'; 366 wp_update_image_subsizes( $request['id'] ); 367 break; 368 } 369 370 $request['context'] = 'edit'; 371 372 return $this->prepare_item_for_response( get_post( $request['id'] ), $request ); 373 } 374 375 /** 376 * Checks if a given request can perform post processing on an attachment. 377 * 378 * @since 5.3.0 379 * 380 * @param WP_REST_Request $request Full details about the request. 381 * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise. 382 */ 383 public function post_process_item_permissions_check( $request ) { 384 return $this->update_item_permissions_check( $request ); 385 } 386 387 /** 388 * Checks if a given request has access to editing media. 389 * 390 * @since 5.5.0 391 * 392 * @param WP_REST_Request $request Full details about the request. 393 * @return true|WP_Error True if the request has read access, WP_Error object otherwise. 394 */ 395 public function edit_media_item_permissions_check( $request ) { 396 if ( ! current_user_can( 'upload_files' ) ) { 397 return new WP_Error( 398 'rest_cannot_edit_image', 399 __( 'Sorry, you are not allowed to upload media on this site.' ), 400 array( 'status' => rest_authorization_required_code() ) 401 ); 402 } 403 404 return $this->update_item_permissions_check( $request ); 405 } 406 407 /** 408 * Applies edits to a media item and creates a new attachment record. 409 * 410 * @since 5.5.0 411 * 412 * @param WP_REST_Request $request Full details about the request. 413 * @return WP_REST_Response|WP_Error Response object on success, WP_Error object on failure. 414 */ 415 public function edit_media_item( $request ) { 416 require_once ABSPATH . 'wp-admin/includes/image.php'; 417 418 $attachment_id = $request['id']; 419 420 // This also confirms the attachment is an image. 421 $image_file = wp_get_original_image_path( $attachment_id ); 422 $image_meta = wp_get_attachment_metadata( $attachment_id ); 423 424 if ( 425 ! $image_meta || 426 ! $image_file || 427 ! wp_image_file_matches_image_meta( $request['src'], $image_meta, $attachment_id ) 428 ) { 429 return new WP_Error( 430 'rest_unknown_attachment', 431 __( 'Unable to get meta information for file.' ), 432 array( 'status' => 404 ) 433 ); 434 } 435 436 $supported_types = array( 'image/jpeg', 'image/png', 'image/gif' ); 437 $mime_type = get_post_mime_type( $attachment_id ); 438 if ( ! in_array( $mime_type, $supported_types, true ) ) { 439 return new WP_Error( 440 'rest_cannot_edit_file_type', 441 __( 'This type of file cannot be edited.' ), 442 array( 'status' => 400 ) 443 ); 444 } 445 446 // Check if we need to do anything. 447 $rotate = 0; 448 $crop = false; 449 450 if ( ! empty( $request['rotation'] ) ) { 451 // Rotation direction: clockwise vs. counter clockwise. 452 $rotate = 0 - (int) $request['rotation']; 453 } 454 455 if ( isset( $request['x'], $request['y'], $request['width'], $request['height'] ) ) { 456 $crop = true; 457 } 458 459 if ( ! $rotate && ! $crop ) { 460 return new WP_Error( 461 'rest_image_not_edited', 462 __( 'The image was not edited. Edit the image before applying the changes.' ), 463 array( 'status' => 400 ) 464 ); 465 } 466 467 /* 468 * If the file doesn't exist, attempt a URL fopen on the src link. 469 * This can occur with certain file replication plugins. 470 * Keep the original file path to get a modified name later. 471 */ 472 $image_file_to_edit = $image_file; 473 if ( ! file_exists( $image_file_to_edit ) ) { 474 $image_file_to_edit = _load_image_to_edit_path( $attachment_id ); 475 } 476 477 $image_editor = wp_get_image_editor( $image_file_to_edit ); 478 479 if ( is_wp_error( $image_editor ) ) { 480 return new WP_Error( 481 'rest_unknown_image_file_type', 482 __( 'Unable to edit this image.' ), 483 array( 'status' => 500 ) 484 ); 485 } 486 487 if ( 0 !== $rotate ) { 488 $result = $image_editor->rotate( $rotate ); 489 490 if ( is_wp_error( $result ) ) { 491 return new WP_Error( 492 'rest_image_rotation_failed', 493 __( 'Unable to rotate this image.' ), 494 array( 'status' => 500 ) 495 ); 496 } 497 } 498 499 if ( $crop ) { 500 $size = $image_editor->get_size(); 501 502 $crop_x = round( ( $size['width'] * floatval( $request['x'] ) ) / 100.0 ); 503 $crop_y = round( ( $size['height'] * floatval( $request['y'] ) ) / 100.0 ); 504 $width = round( ( $size['width'] * floatval( $request['width'] ) ) / 100.0 ); 505 $height = round( ( $size['height'] * floatval( $request['height'] ) ) / 100.0 ); 506 507 $result = $image_editor->crop( $crop_x, $crop_y, $width, $height ); 508 509 if ( is_wp_error( $result ) ) { 510 return new WP_Error( 511 'rest_image_crop_failed', 512 __( 'Unable to crop this image.' ), 513 array( 'status' => 500 ) 514 ); 515 } 516 } 517 518 // Calculate the file name. 519 $image_ext = pathinfo( $image_file, PATHINFO_EXTENSION ); 520 $image_name = wp_basename( $image_file, ".{$image_ext}" ); 521 522 // Do not append multiple `-edited` to the file name. 523 // The user may be editing a previously edited image. 524 if ( preg_match( '/-edited(-\d+)?$/', $image_name ) ) { 525 // Remove any `-1`, `-2`, etc. `wp_unique_filename()` will add the proper number. 526 $image_name = preg_replace( '/-edited(-\d+)?$/', '-edited', $image_name ); 527 } else { 528 // Append `-edited` before the extension. 529 $image_name .= '-edited'; 530 } 531 532 $filename = "{$image_name}.{$image_ext}"; 533 534 // Create the uploads sub-directory if needed. 535 $uploads = wp_upload_dir(); 536 537 // Make the file name unique in the (new) upload directory. 538 $filename = wp_unique_filename( $uploads['path'], $filename ); 539 540 // Save to disk. 541 $saved = $image_editor->save( $uploads['path'] . "/$filename" ); 542 543 if ( is_wp_error( $saved ) ) { 544 return $saved; 545 } 546 547 // Create new attachment post. 548 $new_attachment_post = array( 549 'post_mime_type' => $saved['mime-type'], 550 'guid' => $uploads['url'] . "/$filename", 551 'post_title' => $image_name, 552 'post_content' => '', 553 ); 554 555 // Copy post_content, post_excerpt, and post_title from the edited image's attachment post. 556 $attachment_post = get_post( $attachment_id ); 557 558 if ( $attachment_post ) { 559 $new_attachment_post['post_content'] = $attachment_post->post_content; 560 $new_attachment_post['post_excerpt'] = $attachment_post->post_excerpt; 561 $new_attachment_post['post_title'] = $attachment_post->post_title; 562 } 563 564 $new_attachment_id = wp_insert_attachment( wp_slash( $new_attachment_post ), $saved['path'], 0, true ); 565 566 if ( is_wp_error( $new_attachment_id ) ) { 567 if ( 'db_update_error' === $new_attachment_id->get_error_code() ) { 568 $new_attachment_id->add_data( array( 'status' => 500 ) ); 569 } else { 570 $new_attachment_id->add_data( array( 'status' => 400 ) ); 571 } 572 573 return $new_attachment_id; 574 } 575 576 // Copy the image alt text from the edited image. 577 $image_alt = get_post_meta( $attachment_id, '_wp_attachment_image_alt', true ); 578 579 if ( ! empty( $image_alt ) ) { 580 // update_post_meta() expects slashed. 581 update_post_meta( $new_attachment_id, '_wp_attachment_image_alt', wp_slash( $image_alt ) ); 582 } 583 584 if ( defined( 'REST_REQUEST' ) && REST_REQUEST ) { 585 // Set a custom header with the attachment_id. 586 // Used by the browser/client to resume creating image sub-sizes after a PHP fatal error. 587 header( 'X-WP-Upload-Attachment-ID: ' . $new_attachment_id ); 588 } 589 590 // Generate image sub-sizes and meta. 591 $new_image_meta = wp_generate_attachment_metadata( $new_attachment_id, $saved['path'] ); 592 593 // Copy the EXIF metadata from the original attachment if not generated for the edited image. 594 if ( isset( $image_meta['image_meta'] ) && isset( $new_image_meta['image_meta'] ) && is_array( $new_image_meta['image_meta'] ) ) { 595 // Merge but skip empty values. 596 foreach ( (array) $image_meta['image_meta'] as $key => $value ) { 597 if ( empty( $new_image_meta['image_meta'][ $key ] ) && ! empty( $value ) ) { 598 $new_image_meta['image_meta'][ $key ] = $value; 599 } 600 } 601 } 602 603 // Reset orientation. At this point the image is edited and orientation is correct. 604 if ( ! empty( $new_image_meta['image_meta']['orientation'] ) ) { 605 $new_image_meta['image_meta']['orientation'] = 1; 606 } 607 608 // The attachment_id may change if the site is exported and imported. 609 $new_image_meta['parent_image'] = array( 610 'attachment_id' => $attachment_id, 611 // Path to the originally uploaded image file relative to the uploads directory. 612 'file' => _wp_relative_upload_path( $image_file ), 613 ); 614 615 /** 616 * Filters the meta data for the new image created by editing an existing image. 617 * 618 * @since 5.5.0 619 * 620 * @param array $new_image_meta Meta data for the new image. 621 * @param int $new_attachment_id Attachment post ID for the new image. 622 * @param int $attachment_id Attachment post ID for the edited (parent) image. 623 */ 624 $new_image_meta = apply_filters( 'wp_edited_image_metadata', $new_image_meta, $new_attachment_id, $attachment_id ); 625 626 wp_update_attachment_metadata( $new_attachment_id, $new_image_meta ); 627 628 $response = $this->prepare_item_for_response( get_post( $new_attachment_id ), $request ); 629 $response->set_status( 201 ); 630 $response->header( 'Location', rest_url( sprintf( '%s/%s/%s', $this->namespace, $this->rest_base, $new_attachment_id ) ) ); 631 632 return $response; 633 } 634 635 /** 636 * Prepares a single attachment for create or update. 637 * 638 * @since 4.7.0 639 * 640 * @param WP_REST_Request $request Request object. 641 * @return stdClass|WP_Error Post object. 642 */ 643 protected function prepare_item_for_database( $request ) { 644 $prepared_attachment = parent::prepare_item_for_database( $request ); 645 646 // Attachment caption (post_excerpt internally). 647 if ( isset( $request['caption'] ) ) { 648 if ( is_string( $request['caption'] ) ) { 649 $prepared_attachment->post_excerpt = $request['caption']; 650 } elseif ( isset( $request['caption']['raw'] ) ) { 651 $prepared_attachment->post_excerpt = $request['caption']['raw']; 652 } 653 } 654 655 // Attachment description (post_content internally). 656 if ( isset( $request['description'] ) ) { 657 if ( is_string( $request['description'] ) ) { 658 $prepared_attachment->post_content = $request['description']; 659 } elseif ( isset( $request['description']['raw'] ) ) { 660 $prepared_attachment->post_content = $request['description']['raw']; 661 } 662 } 663 664 if ( isset( $request['post'] ) ) { 665 $prepared_attachment->post_parent = (int) $request['post']; 666 } 667 668 return $prepared_attachment; 669 } 670 671 /** 672 * Prepares a single attachment output for response. 673 * 674 * @since 4.7.0 675 * 676 * @param WP_Post $post Attachment object. 677 * @param WP_REST_Request $request Request object. 678 * @return WP_REST_Response Response object. 679 */ 680 public function prepare_item_for_response( $post, $request ) { 681 $response = parent::prepare_item_for_response( $post, $request ); 682 $fields = $this->get_fields_for_response( $request ); 683 $data = $response->get_data(); 684 685 if ( in_array( 'description', $fields, true ) ) { 686 $data['description'] = array( 687 'raw' => $post->post_content, 688 /** This filter is documented in wp-includes/post-template.php */ 689 'rendered' => apply_filters( 'the_content', $post->post_content ), 690 ); 691 } 692 693 if ( in_array( 'caption', $fields, true ) ) { 694 /** This filter is documented in wp-includes/post-template.php */ 695 $caption = apply_filters( 'get_the_excerpt', $post->post_excerpt, $post ); 696 697 /** This filter is documented in wp-includes/post-template.php */ 698 $caption = apply_filters( 'the_excerpt', $caption ); 699 700 $data['caption'] = array( 701 'raw' => $post->post_excerpt, 702 'rendered' => $caption, 703 ); 704 } 705 706 if ( in_array( 'alt_text', $fields, true ) ) { 707 $data['alt_text'] = get_post_meta( $post->ID, '_wp_attachment_image_alt', true ); 708 } 709 710 if ( in_array( 'media_type', $fields, true ) ) { 711 $data['media_type'] = wp_attachment_is_image( $post->ID ) ? 'image' : 'file'; 712 } 713 714 if ( in_array( 'mime_type', $fields, true ) ) { 715 $data['mime_type'] = $post->post_mime_type; 716 } 717 718 if ( in_array( 'media_details', $fields, true ) ) { 719 $data['media_details'] = wp_get_attachment_metadata( $post->ID ); 720 721 // Ensure empty details is an empty object. 722 if ( empty( $data['media_details'] ) ) { 723 $data['media_details'] = new stdClass; 724 } elseif ( ! empty( $data['media_details']['sizes'] ) ) { 725 726 foreach ( $data['media_details']['sizes'] as $size => &$size_data ) { 727 728 if ( isset( $size_data['mime-type'] ) ) { 729 $size_data['mime_type'] = $size_data['mime-type']; 730 unset( $size_data['mime-type'] ); 731 } 732 733 // Use the same method image_downsize() does. 734 $image_src = wp_get_attachment_image_src( $post->ID, $size ); 735 if ( ! $image_src ) { 736 continue; 737 } 738 739 $size_data['source_url'] = $image_src[0]; 740 } 741 742 $full_src = wp_get_attachment_image_src( $post->ID, 'full' ); 743 744 if ( ! empty( $full_src ) ) { 745 $data['media_details']['sizes']['full'] = array( 746 'file' => wp_basename( $full_src[0] ), 747 'width' => $full_src[1], 748 'height' => $full_src[2], 749 'mime_type' => $post->post_mime_type, 750 'source_url' => $full_src[0], 751 ); 752 } 753 } else { 754 $data['media_details']['sizes'] = new stdClass; 755 } 756 } 757 758 if ( in_array( 'post', $fields, true ) ) { 759 $data['post'] = ! empty( $post->post_parent ) ? (int) $post->post_parent : null; 760 } 761 762 if ( in_array( 'source_url', $fields, true ) ) { 763 $data['source_url'] = wp_get_attachment_url( $post->ID ); 764 } 765 766 if ( in_array( 'missing_image_sizes', $fields, true ) ) { 767 require_once ABSPATH . 'wp-admin/includes/image.php'; 768 $data['missing_image_sizes'] = array_keys( wp_get_missing_image_subsizes( $post->ID ) ); 769 } 770 771 $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; 772 773 $data = $this->filter_response_by_context( $data, $context ); 774 775 $links = $response->get_links(); 776 777 // Wrap the data in a response object. 778 $response = rest_ensure_response( $data ); 779 780 foreach ( $links as $rel => $rel_links ) { 781 foreach ( $rel_links as $link ) { 782 $response->add_link( $rel, $link['href'], $link['attributes'] ); 783 } 784 } 785 786 /** 787 * Filters an attachment returned from the REST API. 788 * 789 * Allows modification of the attachment right before it is returned. 790 * 791 * @since 4.7.0 792 * 793 * @param WP_REST_Response $response The response object. 794 * @param WP_Post $post The original attachment post. 795 * @param WP_REST_Request $request Request used to generate the response. 796 */ 797 return apply_filters( 'rest_prepare_attachment', $response, $post, $request ); 798 } 799 800 /** 801 * Retrieves the attachment's schema, conforming to JSON Schema. 802 * 803 * @since 4.7.0 804 * 805 * @return array Item schema as an array. 806 */ 807 public function get_item_schema() { 808 if ( $this->schema ) { 809 return $this->add_additional_fields_schema( $this->schema ); 810 } 811 812 $schema = parent::get_item_schema(); 813 814 $schema['properties']['alt_text'] = array( 815 'description' => __( 'Alternative text to display when attachment is not displayed.' ), 816 'type' => 'string', 817 'context' => array( 'view', 'edit', 'embed' ), 818 'arg_options' => array( 819 'sanitize_callback' => 'sanitize_text_field', 820 ), 821 ); 822 823 $schema['properties']['caption'] = array( 824 'description' => __( 'The attachment caption.' ), 825 'type' => 'object', 826 'context' => array( 'view', 'edit', 'embed' ), 827 'arg_options' => array( 828 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 829 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). 830 ), 831 'properties' => array( 832 'raw' => array( 833 'description' => __( 'Caption for the attachment, as it exists in the database.' ), 834 'type' => 'string', 835 'context' => array( 'edit' ), 836 ), 837 'rendered' => array( 838 'description' => __( 'HTML caption for the attachment, transformed for display.' ), 839 'type' => 'string', 840 'context' => array( 'view', 'edit', 'embed' ), 841 'readonly' => true, 842 ), 843 ), 844 ); 845 846 $schema['properties']['description'] = array( 847 'description' => __( 'The attachment description.' ), 848 'type' => 'object', 849 'context' => array( 'view', 'edit' ), 850 'arg_options' => array( 851 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database(). 852 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database(). 853 ), 854 'properties' => array( 855 'raw' => array( 856 'description' => __( 'Description for the object, as it exists in the database.' ), 857 'type' => 'string', 858 'context' => array( 'edit' ), 859 ), 860 'rendered' => array( 861 'description' => __( 'HTML description for the object, transformed for display.' ), 862 'type' => 'string', 863 'context' => array( 'view', 'edit' ), 864 'readonly' => true, 865 ), 866 ), 867 ); 868 869 $schema['properties']['media_type'] = array( 870 'description' => __( 'Attachment type.' ), 871 'type' => 'string', 872 'enum' => array( 'image', 'file' ), 873 'context' => array( 'view', 'edit', 'embed' ), 874 'readonly' => true, 875 ); 876 877 $schema['properties']['mime_type'] = array( 878 'description' => __( 'The attachment MIME type.' ), 879 'type' => 'string', 880 'context' => array( 'view', 'edit', 'embed' ), 881 'readonly' => true, 882 ); 883 884 $schema['properties']['media_details'] = array( 885 'description' => __( 'Details about the media file, specific to its type.' ), 886 'type' => 'object', 887 'context' => array( 'view', 'edit', 'embed' ), 888 'readonly' => true, 889 ); 890 891 $schema['properties']['post'] = array( 892 'description' => __( 'The ID for the associated post of the attachment.' ), 893 'type' => 'integer', 894 'context' => array( 'view', 'edit' ), 895 ); 896 897 $schema['properties']['source_url'] = array( 898 'description' => __( 'URL to the original attachment file.' ), 899 'type' => 'string', 900 'format' => 'uri', 901 'context' => array( 'view', 'edit', 'embed' ), 902 'readonly' => true, 903 ); 904 905 $schema['properties']['missing_image_sizes'] = array( 906 'description' => __( 'List of the missing image sizes of the attachment.' ), 907 'type' => 'array', 908 'items' => array( 'type' => 'string' ), 909 'context' => array( 'edit' ), 910 'readonly' => true, 911 ); 912 913 unset( $schema['properties']['password'] ); 914 915 $this->schema = $schema; 916 917 return $this->add_additional_fields_schema( $this->schema ); 918 } 919 920 /** 921 * Handles an upload via raw POST data. 922 * 923 * @since 4.7.0 924 * 925 * @param array $data Supplied file data. 926 * @param array $headers HTTP headers from the request. 927 * @return array|WP_Error Data from wp_handle_sideload(). 928 */ 929 protected function upload_from_data( $data, $headers ) { 930 if ( empty( $data ) ) { 931 return new WP_Error( 932 'rest_upload_no_data', 933 __( 'No data supplied.' ), 934 array( 'status' => 400 ) 935 ); 936 } 937 938 if ( empty( $headers['content_type'] ) ) { 939 return new WP_Error( 940 'rest_upload_no_content_type', 941 __( 'No Content-Type supplied.' ), 942 array( 'status' => 400 ) 943 ); 944 } 945 946 if ( empty( $headers['content_disposition'] ) ) { 947 return new WP_Error( 948 'rest_upload_no_content_disposition', 949 __( 'No Content-Disposition supplied.' ), 950 array( 'status' => 400 ) 951 ); 952 } 953 954 $filename = self::get_filename_from_disposition( $headers['content_disposition'] ); 955 956 if ( empty( $filename ) ) { 957 return new WP_Error( 958 'rest_upload_invalid_disposition', 959 __( 'Invalid Content-Disposition supplied. Content-Disposition needs to be formatted as `attachment; filename="image.png"` or similar.' ), 960 array( 'status' => 400 ) 961 ); 962 } 963 964 if ( ! empty( $headers['content_md5'] ) ) { 965 $content_md5 = array_shift( $headers['content_md5'] ); 966 $expected = trim( $content_md5 ); 967 $actual = md5( $data ); 968 969 if ( $expected !== $actual ) { 970 return new WP_Error( 971 'rest_upload_hash_mismatch', 972 __( 'Content hash did not match expected.' ), 973 array( 'status' => 412 ) 974 ); 975 } 976 } 977 978 // Get the content-type. 979 $type = array_shift( $headers['content_type'] ); 980 981 // Include filesystem functions to get access to wp_tempnam() and wp_handle_sideload(). 982 require_once ABSPATH . 'wp-admin/includes/file.php'; 983 984 // Save the file. 985 $tmpfname = wp_tempnam( $filename ); 986 987 $fp = fopen( $tmpfname, 'w+' ); 988 989 if ( ! $fp ) { 990 return new WP_Error( 991 'rest_upload_file_error', 992 __( 'Could not open file handle.' ), 993 array( 'status' => 500 ) 994 ); 995 } 996 997 fwrite( $fp, $data ); 998 fclose( $fp ); 999 1000 // Now, sideload it in. 1001 $file_data = array( 1002 'error' => null, 1003 'tmp_name' => $tmpfname, 1004 'name' => $filename, 1005 'type' => $type, 1006 ); 1007 1008 $size_check = self::check_upload_size( $file_data ); 1009 if ( is_wp_error( $size_check ) ) { 1010 return $size_check; 1011 } 1012 1013 $overrides = array( 1014 'test_form' => false, 1015 ); 1016 1017 $sideloaded = wp_handle_sideload( $file_data, $overrides ); 1018 1019 if ( isset( $sideloaded['error'] ) ) { 1020 @unlink( $tmpfname ); 1021 1022 return new WP_Error( 1023 'rest_upload_sideload_error', 1024 $sideloaded['error'], 1025 array( 'status' => 500 ) 1026 ); 1027 } 1028 1029 return $sideloaded; 1030 } 1031 1032 /** 1033 * Parses filename from a Content-Disposition header value. 1034 * 1035 * As per RFC6266: 1036 * 1037 * content-disposition = "Content-Disposition" ":" 1038 * disposition-type *( ";" disposition-parm ) 1039 * 1040 * disposition-type = "inline" | "attachment" | disp-ext-type 1041 * ; case-insensitive 1042 * disp-ext-type = token 1043 * 1044 * disposition-parm = filename-parm | disp-ext-parm 1045 * 1046 * filename-parm = "filename" "=" value 1047 * | "filename*" "=" ext-value 1048 * 1049 * disp-ext-parm = token "=" value 1050 * | ext-token "=" ext-value 1051 * ext-token = <the characters in token, followed by "*"> 1052 * 1053 * @since 4.7.0 1054 * 1055 * @link https://tools.ietf.org/html/rfc2388 1056 * @link https://tools.ietf.org/html/rfc6266 1057 * 1058 * @param string[] $disposition_header List of Content-Disposition header values. 1059 * @return string|null Filename if available, or null if not found. 1060 */ 1061 public static function get_filename_from_disposition( $disposition_header ) { 1062 // Get the filename. 1063 $filename = null; 1064 1065 foreach ( $disposition_header as $value ) { 1066 $value = trim( $value ); 1067 1068 if ( strpos( $value, ';' ) === false ) { 1069 continue; 1070 } 1071 1072 list( $type, $attr_parts ) = explode( ';', $value, 2 ); 1073 1074 $attr_parts = explode( ';', $attr_parts ); 1075 $attributes = array(); 1076 1077 foreach ( $attr_parts as $part ) { 1078 if ( strpos( $part, '=' ) === false ) { 1079 continue; 1080 } 1081 1082 list( $key, $value ) = explode( '=', $part, 2 ); 1083 1084 $attributes[ trim( $key ) ] = trim( $value ); 1085 } 1086 1087 if ( empty( $attributes['filename'] ) ) { 1088 continue; 1089 } 1090 1091 $filename = trim( $attributes['filename'] ); 1092 1093 // Unquote quoted filename, but after trimming. 1094 if ( substr( $filename, 0, 1 ) === '"' && substr( $filename, -1, 1 ) === '"' ) { 1095 $filename = substr( $filename, 1, -1 ); 1096 } 1097 } 1098 1099 return $filename; 1100 } 1101 1102 /** 1103 * Retrieves the query params for collections of attachments. 1104 * 1105 * @since 4.7.0 1106 * 1107 * @return array Query parameters for the attachment collection as an array. 1108 */ 1109 public function get_collection_params() { 1110 $params = parent::get_collection_params(); 1111 $params['status']['default'] = 'inherit'; 1112 $params['status']['items']['enum'] = array( 'inherit', 'private', 'trash' ); 1113 $media_types = $this->get_media_types(); 1114 1115 $params['media_type'] = array( 1116 'default' => null, 1117 'description' => __( 'Limit result set to attachments of a particular media type.' ), 1118 'type' => 'string', 1119 'enum' => array_keys( $media_types ), 1120 ); 1121 1122 $params['mime_type'] = array( 1123 'default' => null, 1124 'description' => __( 'Limit result set to attachments of a particular MIME type.' ), 1125 'type' => 'string', 1126 ); 1127 1128 return $params; 1129 } 1130 1131 /** 1132 * Handles an upload via multipart/form-data ($_FILES). 1133 * 1134 * @since 4.7.0 1135 * 1136 * @param array $files Data from the `$_FILES` superglobal. 1137 * @param array $headers HTTP headers from the request. 1138 * @return array|WP_Error Data from wp_handle_upload(). 1139 */ 1140 protected function upload_from_file( $files, $headers ) { 1141 if ( empty( $files ) ) { 1142 return new WP_Error( 1143 'rest_upload_no_data', 1144 __( 'No data supplied.' ), 1145 array( 'status' => 400 ) 1146 ); 1147 } 1148 1149 // Verify hash, if given. 1150 if ( ! empty( $headers['content_md5'] ) ) { 1151 $content_md5 = array_shift( $headers['content_md5'] ); 1152 $expected = trim( $content_md5 ); 1153 $actual = md5_file( $files['file']['tmp_name'] ); 1154 1155 if ( $expected !== $actual ) { 1156 return new WP_Error( 1157 'rest_upload_hash_mismatch', 1158 __( 'Content hash did not match expected.' ), 1159 array( 'status' => 412 ) 1160 ); 1161 } 1162 } 1163 1164 // Pass off to WP to handle the actual upload. 1165 $overrides = array( 1166 'test_form' => false, 1167 ); 1168 1169 // Bypasses is_uploaded_file() when running unit tests. 1170 if ( defined( 'DIR_TESTDATA' ) && DIR_TESTDATA ) { 1171 $overrides['action'] = 'wp_handle_mock_upload'; 1172 } 1173 1174 $size_check = self::check_upload_size( $files['file'] ); 1175 if ( is_wp_error( $size_check ) ) { 1176 return $size_check; 1177 } 1178 1179 // Include filesystem functions to get access to wp_handle_upload(). 1180 require_once ABSPATH . 'wp-admin/includes/file.php'; 1181 1182 $file = wp_handle_upload( $files['file'], $overrides ); 1183 1184 if ( isset( $file['error'] ) ) { 1185 return new WP_Error( 1186 'rest_upload_unknown_error', 1187 $file['error'], 1188 array( 'status' => 500 ) 1189 ); 1190 } 1191 1192 return $file; 1193 } 1194 1195 /** 1196 * Retrieves the supported media types. 1197 * 1198 * Media types are considered the MIME type category. 1199 * 1200 * @since 4.7.0 1201 * 1202 * @return array Array of supported media types. 1203 */ 1204 protected function get_media_types() { 1205 $media_types = array(); 1206 1207 foreach ( get_allowed_mime_types() as $mime_type ) { 1208 $parts = explode( '/', $mime_type ); 1209 1210 if ( ! isset( $media_types[ $parts[0] ] ) ) { 1211 $media_types[ $parts[0] ] = array(); 1212 } 1213 1214 $media_types[ $parts[0] ][] = $mime_type; 1215 } 1216 1217 return $media_types; 1218 } 1219 1220 /** 1221 * Determine if uploaded file exceeds space quota on multisite. 1222 * 1223 * Replicates check_upload_size(). 1224 * 1225 * @since 4.9.8 1226 * 1227 * @param array $file $_FILES array for a given file. 1228 * @return true|WP_Error True if can upload, error for errors. 1229 */ 1230 protected function check_upload_size( $file ) { 1231 if ( ! is_multisite() ) { 1232 return true; 1233 } 1234 1235 if ( get_site_option( 'upload_space_check_disabled' ) ) { 1236 return true; 1237 } 1238 1239 $space_left = get_upload_space_available(); 1240 1241 $file_size = filesize( $file['tmp_name'] ); 1242 1243 if ( $space_left < $file_size ) { 1244 return new WP_Error( 1245 'rest_upload_limited_space', 1246 /* translators: %s: Required disk space in kilobytes. */ 1247 sprintf( __( 'Not enough space to upload. %s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ), 1248 array( 'status' => 400 ) 1249 ); 1250 } 1251 1252 if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { 1253 return new WP_Error( 1254 'rest_upload_file_too_big', 1255 /* translators: %s: Maximum allowed file size in kilobytes. */ 1256 sprintf( __( 'This file is too big. Files must be less than %s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ), 1257 array( 'status' => 400 ) 1258 ); 1259 } 1260 1261 // Include multisite admin functions to get access to upload_is_user_over_quota(). 1262 require_once ABSPATH . 'wp-admin/includes/ms.php'; 1263 1264 if ( upload_is_user_over_quota( false ) ) { 1265 return new WP_Error( 1266 'rest_upload_user_quota_exceeded', 1267 __( 'You have used your space quota. Please delete files before uploading.' ), 1268 array( 'status' => 400 ) 1269 ); 1270 } 1271 1272 return true; 1273 } 1274 1275 /** 1276 * Gets the request args for the edit item route. 1277 * 1278 * @since 5.5.0 1279 * 1280 * @return array 1281 */ 1282 protected function get_edit_media_item_args() { 1283 return array( 1284 'rotation' => array( 1285 'description' => __( 'The amount to rotate the image clockwise in degrees.' ), 1286 'type' => 'integer', 1287 'minimum' => 0, 1288 'exclusiveMinimum' => true, 1289 'maximum' => 360, 1290 'exclusiveMaximum' => true, 1291 ), 1292 'x' => array( 1293 'description' => __( 'As a percentage of the image, the x position to start the crop from.' ), 1294 'type' => 'number', 1295 'minimum' => 0, 1296 'maximum' => 100, 1297 ), 1298 'y' => array( 1299 'description' => __( 'As a percentage of the image, the y position to start the crop from.' ), 1300 'type' => 'number', 1301 'minimum' => 0, 1302 'maximum' => 100, 1303 ), 1304 'width' => array( 1305 'description' => __( 'As a percentage of the image, the width to crop the image to.' ), 1306 'type' => 'number', 1307 'minimum' => 0, 1308 'maximum' => 100, 1309 ), 1310 'height' => array( 1311 'description' => __( 'As a percentage of the image, the height to crop the image to.' ), 1312 'type' => 'number', 1313 'minimum' => 0, 1314 'maximum' => 100, 1315 ), 1316 'src' => array( 1317 'description' => __( 'URL to the edited image file.' ), 1318 'type' => 'string', 1319 'format' => 'uri', 1320 'required' => true, 1321 ), 1322 ); 1323 } 1324 1325 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Tue Aug 11 08:20:01 2020 | Cross-referenced by PHPXref |