wp_xmlrpc_server::mw_newMediaObject( array $args ): array|IXR_Error

Uploads a file, following your settings.

Description

Adapted from a patch by Johann Richard.

Parameters

$argsarrayrequired
Method arguments. Note: arguments must be ordered as documented.
  • 0 int
    Blog ID (unused).
  • 1 string
    Username.
  • 2 string
    Password.
  • 3 array
    Data.

Return

array|IXR_Error

Source

public function mw_newMediaObject( $args ) {
	$username = $this->escape( $args[1] );
	$password = $this->escape( $args[2] );
	$data     = $args[3];

	$name = sanitize_file_name( $data['name'] );
	$type = $data['type'];
	$bits = $data['bits'];

	$user = $this->login( $username, $password );
	if ( ! $user ) {
		return $this->error;
	}

	/** This action is documented in wp-includes/class-wp-xmlrpc-server.php */
	do_action( 'xmlrpc_call', 'metaWeblog.newMediaObject', $args, $this );

	if ( ! current_user_can( 'upload_files' ) ) {
		$this->error = new IXR_Error( 401, __( 'Sorry, you are not allowed to upload files.' ) );
		return $this->error;
	}

	if ( is_multisite() && upload_is_user_over_quota( false ) ) {
		$this->error = new IXR_Error(
			401,
			sprintf(
				/* translators: %s: Allowed space allocation. */
				__( 'Sorry, you have used your space allocation of %s. Please delete some files to upload more files.' ),
				size_format( get_space_allowed() * MB_IN_BYTES )
			)
		);
		return $this->error;
	}

	/**
	 * Filters whether to preempt the XML-RPC media upload.
	 *
	 * Returning a truthy value will effectively short-circuit the media upload,
	 * returning that value as a 500 error instead.
	 *
	 * @since 2.1.0
	 *
	 * @param bool $error Whether to pre-empt the media upload. Default false.
	 */
	$upload_err = apply_filters( 'pre_upload_error', false );
	if ( $upload_err ) {
		return new IXR_Error( 500, $upload_err );
	}

	$upload = wp_upload_bits( $name, null, $bits );
	if ( ! empty( $upload['error'] ) ) {
		/* translators: 1: File name, 2: Error message. */
		$errorString = sprintf( __( 'Could not write file %1$s (%2$s).' ), $name, $upload['error'] );
		return new IXR_Error( 500, $errorString );
	}
	// Construct the attachment array.
	$post_id = 0;
	if ( ! empty( $data['post_id'] ) ) {
		$post_id = (int) $data['post_id'];

		if ( ! current_user_can( 'edit_post', $post_id ) ) {
			return new IXR_Error( 401, __( 'Sorry, you are not allowed to edit this post.' ) );
		}
	}
	$attachment = array(
		'post_title'     => $name,
		'post_content'   => '',
		'post_type'      => 'attachment',
		'post_parent'    => $post_id,
		'post_mime_type' => $type,
		'guid'           => $upload['url'],
	);

	// Save the data.
	$id = wp_insert_attachment( $attachment, $upload['file'], $post_id );
	wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $upload['file'] ) );

	/**
	 * Fires after a new attachment has been added via the XML-RPC MovableType API.
	 *
	 * @since 3.4.0
	 *
	 * @param int   $id   ID of the new attachment.
	 * @param array $args An array of arguments to add the attachment.
	 */
	do_action( 'xmlrpc_call_success_mw_newMediaObject', $id, $args ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.NotLowercase

	$struct = $this->_prepare_media_item( get_post( $id ) );

	// Deprecated values.
	$struct['id']   = $struct['attachment_id'];
	$struct['file'] = $struct['title'];
	$struct['url']  = $struct['link'];

	return $struct;
}

Hooks

apply_filters( ‘pre_upload_error’, bool $error )

Filters whether to preempt the XML-RPC media upload.

do_action( ‘xmlrpc_call’, string $name, array|string $args, wp_xmlrpc_server $server )

Fires after the XML-RPC user has been authenticated but before the rest of the method logic begins.

do_action( ‘xmlrpc_call_success_mw_newMediaObject’, int $id, array $args )

Fires after a new attachment has been added via the XML-RPC MovableType API.

Changelog

VersionDescription
1.5.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.