-
Notifications
You must be signed in to change notification settings - Fork 3
/
book.php
139 lines (133 loc) · 4.17 KB
/
book.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
/*
Template Name: BookAsJson
GET: Return the json for a book
*/
if($_SERVER['REQUEST_METHOD'] == 'GET') {
// get the parameters
$id = getParam('id', 0, '/\d+/');
if ($id) {
$post = get_post($id);
if (!$post) {
header("HTTP/1.0 404 Not Found");
die();
}
} else {
$slug = getParam('slug', '', '/[^\/]+/');
if ($slug) {
query_posts("cat=3&name=$slug");
if(have_posts()) {
the_post();
} else {
header("HTTP/1.0 404 Not Found");
die();
}
} else {
header("HTTP/1.0 400 Bad Parameter");
die();
}
}
$book = ParseBookPost($post);
if (!$book) {
header("HTTP/1.0 404 Not Found");
die();
}
$output = json_encode($book);
header('Content-Type: application/json');
header('Content-Size: ' . strlen($output));
echo $output;
die();
} elseif($_SERVER['REQUEST_METHOD'] == 'POST') {
// posting a new or updated book
$id = getParam('id', 0, '/\d+/', 'post');
$publish = getParam('publish', 'false', '/false|true/', 'post');
$content = json_decode(getParam('book', '', null, 'post'), true);
// validate user
if (!is_user_logged_in() || !current_user_can('publish_posts') || ($id && !current_user_can('edit_post', $id))) {
header("HTTP/1.0 401 Not Authorized");
die();
}
$current_user = wp_get_current_user();
if ($id) {
$post = get_post($id);
$book = ParseBookPost($post);
if (!$book) {
header("HTTP/1.0 404 Not Found");
die();
}
} else {
$book = array();
}
$canPublish = $publish === 'true';
$book['title'] = trim($content['title']);
$canPublish = $canPublish && strlen($book['title']) > 0;
$book['author'] = trim($content['author']);
$canPublish = $canPublish && strlen($book['author']) > 0;
// validate type
if (!in_array($content['type'], array('T', 'C', 'O', ' '))) {
header("HTTP/1.0 400 Bad Type");
die();
}
$book['type'] = $content['type'];
// validate audience
if (!in_array($content['audience'], array('E', 'C', ' '))) {
header("HTTP/1.0 400 Bad Audience");
die();
}
$book['audience'] = $content['audience'];
// validate reviewed
$book['reviewed'] = current_user_can('edit_others_posts') && $content['reviewed'];
// validate language
if (!in_array($content['language'], $LangNameToLangCode) && $content['language'] != ' ') {
header("HTTP/1.0 400 Bad Language");
die();
}
$book['language'] = $content['language'];
$canPublish = $canPublish && $book['language'] != ' ';
// validate categories
foreach($content['categories'] as $category) {
if (!in_array($category, $CategoryAbbrv)) {
header("HTTP/1.0 400 Bad Category");
die();
}
}
$book['categories'] = $content['categories'];
if ($content['tags']) {
$book['tags'] = $content['tags']; // TODO: Validate this
}
// validate pages
$pageNo = 1;
$pages = array();
foreach($content['pages'] as $page) {
if ($pageNo == 1 && $page['text'] != $book['title']) {
header("HTTP/1.0 400 Bad Page");
die();
}
$p = make_page(trim($page['text']), $page['url']);
if ($p === false) {
header("HTTP/1.0 500 Cache failure");
die();
}
$canPublish = $canPublish && strlen($p['text']) > 0;
$pages[] = $p;
$pageNo += 1;
}
$book['pages'] = $pages;
$canPublish = $canPublish && count($pages) > 3;
$book['status'] = $publish && $canPublish ? 'publish' : 'draft';
$book = SaveBookPost($id, $book);
if ($book === false) {
header("HTTP/1.0 400 Save Post Failed");
die();
}
$id = $book['ID'];
$output = json_encode($book);
header('Content-Type: application/json');
header('Content-Size: ' . mb_strlen($output));
echo $output;
if ($book['status'] == 'publish') {
updateSpeech($book, 1, count($pages)); // generate audio for first two pages
}
die();
}
?>