wp_ajax_save_attachment()
云策文档标注
概述
wp_ajax_save_attachment() 是一个 WordPress AJAX 处理函数,用于更新附件属性。它通过接收 AJAX 请求中的 ID 和变更数据,验证权限和安全性,然后更新附件的标题、描述、替代文本等字段,并处理音频元数据和媒体回收站状态。
关键要点
- 函数通过 AJAX 处理附件属性更新,需要提供 ID 和 changes 参数。
- 执行前会检查 nonce 验证、用户权限和附件类型,确保安全性。
- 支持更新附件的父级、标题、说明、描述、替代文本和状态等属性。
- 对于音频附件,会处理 ID3 元数据的更新。
- 根据 MEDIA_TRASH 常量,可能将附件移至回收站或直接删除。
- 使用 wp_update_post() 或 wp_delete_post() 执行最终更新,并返回 JSON 响应。
代码示例
if ( ! isset( $_REQUEST['id'] ) || ! isset( $_REQUEST['changes'] ) ) {
wp_send_json_error();
}
$id = absint( $_REQUEST['id'] );
if ( ! $id ) {
wp_send_json_error();
}
check_ajax_referer( 'update-post_' . $id, 'nonce' );
if ( ! current_user_can( 'edit_post', $id ) ) {
wp_send_json_error();
}
$changes = $_REQUEST['changes'];
$post = get_post( $id, ARRAY_A );
if ( 'attachment' !== $post['post_type'] ) {
wp_send_json_error();
}
if ( isset( $changes['parent'] ) ) {
$post['post_parent'] = $changes['parent'];
}
if ( isset( $changes['title'] ) ) {
$post['post_title'] = $changes['title'];
}
if ( isset( $changes['caption'] ) ) {
$post['post_excerpt'] = $changes['caption'];
}
if ( isset( $changes['description'] ) ) {
$post['post_content'] = $changes['description'];
}
if ( MEDIA_TRASH && isset( $changes['status'] ) ) {
$post['post_status'] = $changes['status'];
}
if ( isset( $changes['alt'] ) ) {
$alt = wp_unslash( $changes['alt'] );
if ( get_post_meta( $id, '_wp_attachment_image_alt', true ) !== $alt ) {
$alt = wp_strip_all_tags( $alt, true );
update_post_meta( $id, '_wp_attachment_image_alt', wp_slash( $alt ) );
}
}
if ( wp_attachment_is( 'audio', $post['ID'] ) ) {
$changed = false;
$id3data = wp_get_attachment_metadata( $post['ID'] );
if ( ! is_array( $id3data ) ) {
$changed = true;
$id3data = array();
}
foreach ( wp_get_attachment_id3_keys( (object) $post, 'edit' ) as $key => $label ) {
if ( isset( $changes[ $key ] ) ) {
$changed = true;
$id3data[ $key ] = sanitize_text_field( wp_unslash( $changes[ $key ] ) );
}
}
if ( $changed ) {
wp_update_attachment_metadata( $id, $id3data );
}
}
if ( MEDIA_TRASH && isset( $changes['status'] ) && 'trash' === $changes['status'] ) {
wp_delete_post( $id );
} else {
wp_update_post( $post );
}
wp_send_json_success();注意事项
- 函数依赖于 $_REQUEST 数组获取参数,需确保 AJAX 请求正确传递 id 和 changes。
- 使用 check_ajax_referer() 进行 nonce 验证,防止 CSRF 攻击。
- 用户必须具有 edit_post 权限才能执行更新操作。
- 音频附件的元数据更新仅当 wp_attachment_is() 返回 true 时触发。
- MEDIA_TRASH 常量影响状态处理,需根据 WordPress 配置调整。
原文内容
Handles updating attachment attributes via AJAX.
Source
function wp_ajax_save_attachment() {
if ( ! isset( $_REQUEST['id'] ) || ! isset( $_REQUEST['changes'] ) ) {
wp_send_json_error();
}
$id = absint( $_REQUEST['id'] );
if ( ! $id ) {
wp_send_json_error();
}
check_ajax_referer( 'update-post_' . $id, 'nonce' );
if ( ! current_user_can( 'edit_post', $id ) ) {
wp_send_json_error();
}
$changes = $_REQUEST['changes'];
$post = get_post( $id, ARRAY_A );
if ( 'attachment' !== $post['post_type'] ) {
wp_send_json_error();
}
if ( isset( $changes['parent'] ) ) {
$post['post_parent'] = $changes['parent'];
}
if ( isset( $changes['title'] ) ) {
$post['post_title'] = $changes['title'];
}
if ( isset( $changes['caption'] ) ) {
$post['post_excerpt'] = $changes['caption'];
}
if ( isset( $changes['description'] ) ) {
$post['post_content'] = $changes['description'];
}
if ( MEDIA_TRASH && isset( $changes['status'] ) ) {
$post['post_status'] = $changes['status'];
}
if ( isset( $changes['alt'] ) ) {
$alt = wp_unslash( $changes['alt'] );
if ( get_post_meta( $id, '_wp_attachment_image_alt', true ) !== $alt ) {
$alt = wp_strip_all_tags( $alt, true );
update_post_meta( $id, '_wp_attachment_image_alt', wp_slash( $alt ) );
}
}
if ( wp_attachment_is( 'audio', $post['ID'] ) ) {
$changed = false;
$id3data = wp_get_attachment_metadata( $post['ID'] );
if ( ! is_array( $id3data ) ) {
$changed = true;
$id3data = array();
}
foreach ( wp_get_attachment_id3_keys( (object) $post, 'edit' ) as $key => $label ) {
if ( isset( $changes[ $key ] ) ) {
$changed = true;
$id3data[ $key ] = sanitize_text_field( wp_unslash( $changes[ $key ] ) );
}
}
if ( $changed ) {
wp_update_attachment_metadata( $id, $id3data );
}
}
if ( MEDIA_TRASH && isset( $changes['status'] ) && 'trash' === $changes['status'] ) {
wp_delete_post( $id );
} else {
wp_update_post( $post );
}
wp_send_json_success();
}
Changelog
| Version | Description |
|---|---|
| 3.5.0 | Introduced. |