* @subpackage Administration
*/
-if ( ! defined('ABSPATH') ) die();
+// don't load directly
+if ( !defined('ABSPATH') )
+ die('-1');
if ( have_posts() ) { ?>
<table class="widefat fixed" cellspacing="0">
<tbody id="the-list" class="list:post">
<?php
-add_filter('the_title','wp_specialchars');
+add_filter('the_title','esc_html');
$alt = '';
$posts_columns = get_column_headers('upload');
$hidden = get_hidden_columns('upload');
-while (have_posts()) : the_post();
+
+while ( have_posts() ) : the_post();
+
+if ( $is_trash && $post->post_status != 'trash' )
+ continue;
+elseif ( !$is_trash && $post->post_status == 'trash' )
+ continue;
+
$alt = ( 'alternate' == $alt ) ? '' : 'alternate';
-global $current_user;
-$post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
-$att_title = _draft_or_post_title();
+$post_owner = ( get_current_user_id() == $post->post_author ? 'self' : 'other' );
+$att_title = _draft_or_post_title();
?>
<tr id='post-<?php echo $id; ?>' class='<?php echo trim( $alt . ' author-' . $post_owner . ' status-' . $post->post_status ); ?>' valign="top">
case 'cb':
?>
- <th scope="row" class="check-column"><input type="checkbox" name="media[]" value="<?php the_ID(); ?>" /></th>
+ <th scope="row" class="check-column"><?php if ( current_user_can('edit_post', $post->ID) ) { ?><input type="checkbox" name="media[]" value="<?php the_ID(); ?>" /><?php } ?></th>
<?php
break;
?>
<td <?php echo $attributes ?>><?php
if ( $thumb = wp_get_attachment_image( $post->ID, array(80, 60), true ) ) {
+ if ( $is_trash ) echo $thumb;
+ else {
?>
-
- <a href="media.php?action=edit&attachment_id=<?php the_ID(); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>">
+ <a href="<?php echo get_edit_post_link( $post->ID, true ); ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $att_title)); ?>">
<?php echo $thumb; ?>
</a>
<?php }
+ }
?></td>
<?php
// TODO
case 'media':
?>
- <td <?php echo $attributes ?>><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
- <?php echo strtoupper(preg_replace('/^.*?\.(\w+)$/', '$1', get_attached_file($post->ID))); ?>
+ <td <?php echo $attributes ?>><strong><?php if ( $is_trash ) echo $att_title; else { ?><a href="<?php echo get_edit_post_link( $post->ID, true ); ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $att_title)); ?>"><?php echo $att_title; ?></a><?php } ?></strong>
<p>
<?php
+ if ( preg_match( '/^.*?\.(\w+)$/', get_attached_file( $post->ID ), $matches ) )
+ echo esc_html( strtoupper( $matches[1] ) );
+ else
+ echo strtoupper( str_replace( 'image/', '', get_post_mime_type() ) );
+ ?>
+ </p>
+ <?php
$actions = array();
- if ( current_user_can('edit_post', $post->ID) )
+ if ( current_user_can('edit_post', $post->ID) && !$is_trash )
$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>';
- if ( current_user_can('delete_post', $post->ID) )
- $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
- $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attribute_escape(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+ if ( current_user_can('delete_post', $post->ID) ) {
+ if ( $is_trash )
+ $actions['untrash'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=untrash&post=$post->ID", 'untrash-attachment_' . $post->ID) . "'>" . __('Restore') . "</a>";
+ elseif ( EMPTY_TRASH_DAYS && MEDIA_TRASH )
+ $actions['trash'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=trash&post=$post->ID", 'trash-attachment_' . $post->ID) . "'>" . __('Trash') . "</a>";
+ if ( $is_trash || !EMPTY_TRASH_DAYS || !MEDIA_TRASH ) {
+ $delete_ays = (!$is_trash && !MEDIA_TRASH) ? " onclick='return showNotice.warn();'" : '';
+ $actions['delete'] = "<a class='submitdelete'$delete_ays href='" . wp_nonce_url("post.php?action=delete&post=$post->ID", 'delete-attachment_' . $post->ID) . "'>" . __('Delete Permanently') . "</a>";
+ }
+ }
+ if ( !$is_trash ) {
+ $title =_draft_or_post_title($post->post_parent);
+ $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . esc_attr(sprintf(__('View “%s”'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+ }
+ $actions = apply_filters( 'media_row_actions', $actions, $post );
$action_count = count($actions);
$i = 0;
echo '<div class="row-actions">';
echo "<span class='$action'>$link$sep</span>";
}
echo '</div>';
- ?></p></td>
+ ?></td>
<?php
break;
if ( !empty( $tags ) ) {
$out = array();
foreach ( $tags as $c )
- $out[] = "<a href='edit.php?tag=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";
+ $out[] = "<a href='edit.php?tag=$c->slug'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";
echo join( ', ', $out );
} else {
_e('No Tags');
} else {
$t_time = get_the_time(__('Y/m/d g:i:s A'));
$m_time = $post->post_date;
- $time = get_post_time( 'G', true, $post );
+ $time = get_post_time( 'G', true, $post, false );
if ( ( abs($t_diff = time() - $time) ) < 86400 ) {
if ( $t_diff < 0 )
$h_time = sprintf( __('%s from now'), human_time_diff( $time ) );
<?php
} else {
?>
- <td <?php echo $attributes ?>> </td>
+ <td <?php echo $attributes ?>><?php _e('(Unattached)'); ?><br />
+ <a class="hide-if-no-js" onclick="findPosts.open('media[]','<?php echo $post->ID ?>');return false;" href="#the-list"><?php _e('Attach'); ?></a></td>
<?php
}
$pending_phrase = sprintf( __('%s pending'), number_format( $left ) );
if ( $left )
echo '<strong>';
- comments_number("<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . __('0') . '</span></a>', "<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . __('1') . '</span></a>', "<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . __('%') . '</span></a>');
+ comments_number("<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . /* translators: comment count link */ _x('0', 'comment count') . '</span></a>', "<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . /* translators: comment count link */ _x('1', 'comment count') . '</span></a>', "<a href='edit-comments.php?p=$id' title='$pending_phrase' class='post-com-count'><span class='comment-count'>" . /* translators: comment count link: % will be substituted by comment count */ _x('%', 'comment count') . '</span></a>');
if ( $left )
echo '</strong>';
?>
case 'actions':
?>
<td <?php echo $attributes ?>>
- <a href="media.php?action=edit&attachment_id=<?php the_ID(); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
+ <a href="media.php?action=edit&attachment_id=<?php the_ID(); ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
<a href="<?php the_permalink(); ?>"><?php _e('Get permalink'); ?></a>
</td>
<?php
</table>
<?php } else { ?>
-<p><?php _e('No posts found.') ?></p>
+<p><?php _e('No media attachments found.') ?></p>
<?php
} // end if ( have_posts() )