Post meta handler; Allow for updating, adding, and deleting of post m…

…eta. Filter for passing sanitization callbacks; filter for requiring santizition callbacks. This method assumes values are passed as they are intended to be stored (array or single). In response to WP-API#68 Remove sanitization callback functionality - see WP-API#68
kellbot · May 3, 2014 · a088cf7 · a088cf7
1 parent af9e530
commit a088cf7
Showing 1 changed file with 53 additions and 2 deletions.
diff --git a/lib/class-wp-json-posts.php b/lib/class-wp-json-posts.php
@@ -629,12 +629,60 @@ protected function prepare_meta( $post_id ) {
 		foreach ( $custom_fields as $meta_key => $meta_value ) {
 			// Don't expose protected fields.
 			if ( is_protected_meta( $meta_key ) )
-			    unset( $custom_fields[$meta_key] );
+				unset( $custom_fields[$meta_key] );
 		}
 
 		return apply_filters( 'json_prepare_meta', $custom_fields );
 	}
 
+	/**
+	 * Update/add post meta for a post. This method relies on the user to provide sanitization callbacks.
+	 * If none are provided, post meta will go unsanitized unless the require sanitization filter returns
+	 * true. Post meta is expected to be sent like so:
+	 * {
+	 * 	post_meta : [
+	 * 		{
+	 * 			key : 'meta_key',
+	 * 			value : 'meta_value', (OPTIONAL)
+	 * 			action : (update|add|delete) (OPTIONAL, default=update)
+	 * 		}
+	 * 	]
+	 * }
+	 *
+	 * @uses update_post_meta, apply_filters, add_post_meta, wp_parse_args, delete_post_meta
+	 * @param array $data
+	 * @param int $post_ID
+	 * @return bool|WP_Error
+	 */
+	protected function insert_post_meta( $data, $post_ID ) {
+		if ( empty( $post_ID ) || empty( $data['post_meta'] ) || ! is_array( $data['post_meta'] ) ) {
+			return false;
+		}
+
+		$meta_array_defaults = array(
+			'action' => 'update',
+			'value' => null,
+		);
+
+		foreach ( $data['post_meta'] as $meta_array ) {
+
+			$meta_array = wp_parse_args( $meta_array, $meta_array_defaults );
+
+			if ( 'update' == $meta_array['action'] ) {
+				update_post_meta( $post_ID, $meta_array['key'], $meta_array['value'] );
+			} elseif ( 'add' == $meta_array['action'] ) {
+				add_post_meta( $post_ID, $meta_array['key'], $meta_array['value'] );
+			} elseif ( 'delete' == $meta_array['action'] ) {
+				delete_post_meta( $post_ID, $meta_array['key'] );
+			} else {
+				// Return a WP_Error here?
+				continue;
+			}
+		}
+
+		return true;
+	}
+
 	protected function prepare_author( $author ) {
 		$user = get_user_by( 'id', $author );
 
@@ -747,7 +795,7 @@ protected function insert_post( $data ) {
 				default:
 					if ( ! get_post_status_object( $post['post_status'] ) )
 						$post['post_status'] = 'draft';
-				break;
+					break;
 			}
 		}
 
@@ -863,6 +911,9 @@ protected function insert_post( $data ) {
 			return $post_ID;
 		}
 
+		// Post meta
+		$this->insert_post_meta( $data, $post_ID );
+
 		// Sticky
 		if ( isset( $post['sticky'] ) )  {
 			if ( $post['sticky'] )