WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

_wp_translate_postdata()

_wp_translate_postdata( bool $update = false, array|null $post_data = null ): array|WP_Error

In this article

Back to top

Renames $_POST data from form names to DB post columns.

Description

Manipulates $_POST directly.

Parameters

$updatebooloptional
Whether the post already exists.

Default:false

$post_dataarray|nulloptional
The array of post data to process.
Defaults to the $_POST superglobal.

Default:null

Return

array|WP_Error Array of post data on success, WP_Error on failure.

Source

function _wp_translate_postdata( $update = false, $post_data = null ) {

	if ( empty( $post_data ) ) {
		$post_data = &$_POST;
	}

	if ( $update ) {
		$post_data['ID'] = (int) $post_data['post_ID'];
	}

	$ptype = get_post_type_object( $post_data['post_type'] );

	if ( $update && ! current_user_can( 'edit_post', $post_data['ID'] ) ) {
		if ( 'page' === $post_data['post_type'] ) {
			return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) );
		} else {
			return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) );
		}
	} elseif ( ! $update && ! current_user_can( $ptype->cap->create_posts ) ) {
		if ( 'page' === $post_data['post_type'] ) {
			return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) );
		} else {
			return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) );
		}
	}

	if ( isset( $post_data['content'] ) ) {
		$post_data['post_content'] = $post_data['content'];
	}

	if ( isset( $post_data['excerpt'] ) ) {
		$post_data['post_excerpt'] = $post_data['excerpt'];
	}

	if ( isset( $post_data['parent_id'] ) ) {
		$post_data['post_parent'] = (int) $post_data['parent_id'];
	}

	if ( isset( $post_data['trackback_url'] ) ) {
		$post_data['to_ping'] = $post_data['trackback_url'];
	}

	$post_data['user_ID'] = get_current_user_id();

	if ( ! empty( $post_data['post_author_override'] ) ) {
		$post_data['post_author'] = (int) $post_data['post_author_override'];
	} else {
		if ( ! empty( $post_data['post_author'] ) ) {
			$post_data['post_author'] = (int) $post_data['post_author'];
		} else {
			$post_data['post_author'] = (int) $post_data['user_ID'];
		}
	}

	if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] )
		&& ! current_user_can( $ptype->cap->edit_others_posts ) ) {

		if ( $update ) {
			if ( 'page' === $post_data['post_type'] ) {
				return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) );
			} else {
				return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) );
			}
		} else {
			if ( 'page' === $post_data['post_type'] ) {
				return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) );
			} else {
				return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) );
			}
		}
	}

	if ( ! empty( $post_data['post_status'] ) ) {
		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );

		// No longer an auto-draft.
		if ( 'auto-draft' === $post_data['post_status'] ) {
			$post_data['post_status'] = 'draft';
		}

		if ( ! get_post_status_object( $post_data['post_status'] ) ) {
			unset( $post_data['post_status'] );
		}
	}

	// What to do based on which button they pressed.
	if ( isset( $post_data['saveasdraft'] ) && '' !== $post_data['saveasdraft'] ) {
		$post_data['post_status'] = 'draft';
	}
	if ( isset( $post_data['saveasprivate'] ) && '' !== $post_data['saveasprivate'] ) {
		$post_data['post_status'] = 'private';
	}
	if ( isset( $post_data['publish'] ) && ( '' !== $post_data['publish'] )
		&& ( ! isset( $post_data['post_status'] ) || 'private' !== $post_data['post_status'] )
	) {
		$post_data['post_status'] = 'publish';
	}
	if ( isset( $post_data['advanced'] ) && '' !== $post_data['advanced'] ) {
		$post_data['post_status'] = 'draft';
	}
	if ( isset( $post_data['pending'] ) && '' !== $post_data['pending'] ) {
		$post_data['post_status'] = 'pending';
	}

	if ( isset( $post_data['ID'] ) ) {
		$post_id = $post_data['ID'];
	} else {
		$post_id = false;
	}
	$previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false;

	if ( isset( $post_data['post_status'] ) && 'private' === $post_data['post_status'] && ! current_user_can( $ptype->cap->publish_posts ) ) {
		$post_data['post_status'] = $previous_status ? $previous_status : 'pending';
	}

	$published_statuses = array( 'publish', 'future' );

	/*
	 * Posts 'submitted for approval' are submitted to $_POST the same as if they were being published.
	 * Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts.
	 */
	if ( isset( $post_data['post_status'] )
		&& ( in_array( $post_data['post_status'], $published_statuses, true )
		&& ! current_user_can( $ptype->cap->publish_posts ) )
	) {
		if ( ! in_array( $previous_status, $published_statuses, true ) || ! current_user_can( 'edit_post', $post_id ) ) {
			$post_data['post_status'] = 'pending';
		}
	}

	if ( ! isset( $post_data['post_status'] ) ) {
		$post_data['post_status'] = 'auto-draft' === $previous_status ? 'draft' : $previous_status;
	}

	if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) {
		unset( $post_data['post_password'] );
	}

	if ( ! isset( $post_data['comment_status'] ) ) {
		$post_data['comment_status'] = 'closed';
	}

	if ( ! isset( $post_data['ping_status'] ) ) {
		$post_data['ping_status'] = 'closed';
	}

	foreach ( array( 'aa', 'mm', 'jj', 'hh', 'mn' ) as $timeunit ) {
		if ( ! empty( $post_data[ 'hidden_' . $timeunit ] ) && $post_data[ 'hidden_' . $timeunit ] != $post_data[ $timeunit ] ) {
			$post_data['edit_date'] = '1';
			break;
		}
	}

	if ( ! empty( $post_data['edit_date'] ) ) {
		$aa = $post_data['aa'];
		$mm = $post_data['mm'];
		$jj = $post_data['jj'];
		$hh = $post_data['hh'];
		$mn = $post_data['mn'];
		$ss = $post_data['ss'];
		$aa = ( $aa <= 0 ) ? gmdate( 'Y' ) : $aa;
		$mm = ( $mm <= 0 ) ? gmdate( 'n' ) : $mm;
		$jj = ( $jj > 31 ) ? 31 : $jj;
		$jj = ( $jj <= 0 ) ? gmdate( 'j' ) : $jj;
		$hh = ( $hh > 23 ) ? $hh - 24 : $hh;
		$mn = ( $mn > 59 ) ? $mn - 60 : $mn;
		$ss = ( $ss > 59 ) ? $ss - 60 : $ss;

		$post_data['post_date'] = sprintf( '%04d-%02d-%02d %02d:%02d:%02d', $aa, $mm, $jj, $hh, $mn, $ss );

		$valid_date = wp_checkdate( $mm, $jj, $aa, $post_data['post_date'] );
		if ( ! $valid_date ) {
			return new WP_Error( 'invalid_date', __( 'Invalid date.' ) );
		}

		/*
		 * Only assign a post date if the user has explicitly set a new value.
		 * See #59125 and #19907.
		 */
		$previous_date = $post_id ? get_post_field( 'post_date', $post_id ) : false;
		if ( $previous_date && $previous_date !== $post_data['post_date'] ) {
			$post_data['edit_date']     = true;
			$post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] );
		} else {
			$post_data['edit_date'] = false;
			unset( $post_data['post_date'] );
			unset( $post_data['post_date_gmt'] );
		}
	}

	if ( isset( $post_data['post_category'] ) ) {
		$category_object = get_taxonomy( 'category' );
		if ( ! current_user_can( $category_object->cap->assign_terms ) ) {
			unset( $post_data['post_category'] );
		}
	}

	return $post_data;
}

View all references View on Trac View on GitHub

UsesDescription
get_gmt_from_date()wp-includes/formatting.php

Given a date in the timezone of the site, returns that date in UTC.

wp_checkdate()wp-includes/functions.php

Tests if the supplied date is valid for the Gregorian calendar.

get_post_status_object()wp-includes/post.php

Retrieves a post status object by name.

get_post_field()wp-includes/post.php

Retrieves data from a post field based on Post ID.

current_user_can()wp-includes/capabilities.php

Returns whether the current user has the specified capability.

__()wp-includes/l10n.php

Retrieves the translation of $text.

sanitize_key()wp-includes/formatting.php

Sanitizes a string key.

get_taxonomy()wp-includes/taxonomy.php

Retrieves the taxonomy object of $taxonomy.

get_current_user_id()wp-includes/user.php

Gets the current user’s ID.

get_post_type_object()wp-includes/post.php

Retrieves a post type object by name.

WP_Error::__construct()wp-includes/class-wp-error.php

Initializes the error.

Show 7 moreShow less
Used byDescription
wp_create_post_autosave()wp-admin/includes/post.php

Creates autosave data for the specified post from $_POST data.

wp_write_post()wp-admin/includes/post.php

Creates a new post from the “Write Post” form using $_POST information.

edit_post()wp-admin/includes/post.php

Updates an existing post with values provided in $_POST.

bulk_edit_posts()wp-admin/includes/post.php

Processes the post data for the bulk editing of posts.

wp_ajax_upload_attachment()wp-admin/includes/ajax-actions.php

Handles uploading attachments via AJAX.

Changelog

VersionDescription
2.6.0Introduced.

User Contributed Notes

  1. Skip to note 2 content
    Irian
    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note

    This code has a bug regarding

    if ( isset( $post_data['user_ID'] )
    && ( $post_data['post_author'] != $post_data['user_ID'] )
    && ! current_user_can( $ptype->cap->edit_others_posts ) ) {

    Here, current_user_can() checks if a user can edit others posts without providing a post id. This makes it impossible to allow to edit others posts conditionally using user_has_cap and map_meta_cap filters.

    danielbachhuber has found a workaround: https://gist.github.com/danielbachhuber/18850d571c5dce419f8b

    See trac ticket here

You must log in before being able to contribute a note or feedback.