*/
function get_default_post_to_edit() {
if ( !empty( $_REQUEST['post_title'] ) )
- $post_title = wp_specialchars( stripslashes( $_REQUEST['post_title'] ));
+ $post_title = esc_html( stripslashes( $_REQUEST['post_title'] ));
else if ( !empty( $_REQUEST['popuptitle'] ) ) {
- $post_title = wp_specialchars( stripslashes( $_REQUEST['popuptitle'] ));
+ $post_title = esc_html( stripslashes( $_REQUEST['popuptitle'] ));
$post_title = funky_javascript_fix( $post_title );
} else {
$post_title = '';
$post_content = '';
if ( !empty( $_REQUEST['content'] ) )
- $post_content = wp_specialchars( stripslashes( $_REQUEST['content'] ));
+ $post_content = esc_html( stripslashes( $_REQUEST['content'] ));
else if ( !empty( $post_title ) ) {
- $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );
+ $text = esc_html( stripslashes( urldecode( $_REQUEST['text'] ) ) );
$text = funky_javascript_fix( $text);
- $popupurl = clean_url($_REQUEST['popupurl']);
+ $popupurl = esc_url($_REQUEST['popupurl']);
$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
}
if ( !empty( $_REQUEST['excerpt'] ) )
- $post_excerpt = wp_specialchars( stripslashes( $_REQUEST['excerpt'] ));
+ $post_excerpt = esc_html( stripslashes( $_REQUEST['excerpt'] ));
else
$post_excerpt = '';
$post->post_name = '';
$post->post_author = '';
$post->post_date = '';
+ $post->post_date_gmt = '';
$post->post_password = '';
$post->post_status = 'draft';
$post->post_type = 'post';
}
/**
- * {@internal Missing Short Description}}
+ * Determine if a post exists based on title, content, and date
*
* @since unknown
*
- * @param unknown_type $title
- * @param unknown_type $content
- * @param unknown_type $post_date
- * @return unknown
+ * @param string $title Post title
+ * @param string $content Optional post content
+ * @param string $date Optional post date
+ * @return int Post ID if post exists, 0 otherwise.
*/
-function post_exists($title, $content = '', $post_date = '') {
+function post_exists($title, $content = '', $date = '') {
global $wpdb;
- $title = stripslashes($title);
- $content = stripslashes($content);
- $post_date = stripslashes($post_date);
+ $post_title = stripslashes( sanitize_post_field( 'post_title', $title, 0, 'db' ) );
+ $post_content = stripslashes( sanitize_post_field( 'post_content', $content, 0, 'db' ) );
+ $post_date = stripslashes( sanitize_post_field( 'post_date', $date, 0, 'db' ) );
- if (!empty ($post_date))
- $post_date = $wpdb->prepare("AND post_date = %s", $post_date);
+ $query = "SELECT ID FROM $wpdb->posts WHERE 1=1";
+ $args = array();
- if (!empty ($title))
- return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_title = %s $post_date", $title) );
- else
- if (!empty ($content))
- return $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_content = %s $post_date", $content) );
+ if ( !empty ( $date ) ) {
+ $query .= ' AND post_date = %s';
+ $args[] = $post_date;
+ }
+
+ if ( !empty ( $title ) ) {
+ $query .= ' AND post_title = %s';
+ $args[] = $post_title;
+ }
+
+ if ( !empty ( $content ) ) {
+ $query .= 'AND post_content = %s';
+ $args[] = $post_content;
+ }
+
+ if ( !empty ( $args ) )
+ return $wpdb->get_var( $wpdb->prepare($query, $args) );
return 0;
}
if ( in_array($meta_key, $protected) )
return false;
+ if ( '' === trim( $meta_value ) )
+ return false;
+
$post_id = $wpdb->get_var( $wpdb->prepare("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = %d", $meta_id) );
wp_cache_delete($post_id, 'post_meta');
- $meta_value = maybe_serialize( stripslashes( $meta_value ));
+ $meta_value = maybe_serialize( stripslashes( $meta_value ) );
$meta_id = (int) $meta_id;
$data = compact( 'meta_key', 'meta_value' );
global $wpdb;
$old_ID = (int) $old_ID;
$new_ID = (int) $new_ID;
- return $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_parent = %d WHERE post_parent = %d", $new_ID, $old_ID) );
+ return $wpdb->update($wpdb->posts, array('post_parent' => $new_ID), array('post_parent' => $old_ID) );
}
/**
$q['m'] = isset($q['m']) ? (int) $q['m'] : 0;
$q['cat'] = isset($q['cat']) ? (int) $q['cat'] : 0;
$post_stati = array( // array( adj, noun )
- 'publish' => array(__('Published'), __('Published posts'), __ngettext_noop('Published <span class="count">(%s)</span>', 'Published <span class="count">(%s)</span>')),
- 'future' => array(__('Scheduled'), __('Scheduled posts'), __ngettext_noop('Scheduled <span class="count">(%s)</span>', 'Scheduled <span class="count">(%s)</span>')),
- 'pending' => array(__('Pending Review'), __('Pending posts'), __ngettext_noop('Pending Review <span class="count">(%s)</span>', 'Pending Review <span class="count">(%s)</span>')),
- 'draft' => array(__('Draft'), _c('Drafts|manage posts header'), __ngettext_noop('Draft <span class="count">(%s)</span>', 'Drafts <span class="count">(%s)</span>')),
- 'private' => array(__('Private'), __('Private posts'), __ngettext_noop('Private <span class="count">(%s)</span>', 'Private <span class="count">(%s)</span>')),
+ 'publish' => array(_x('Published', 'post'), __('Published posts'), _n_noop('Published <span class="count">(%s)</span>', 'Published <span class="count">(%s)</span>')),
+ 'future' => array(_x('Scheduled', 'post'), __('Scheduled posts'), _n_noop('Scheduled <span class="count">(%s)</span>', 'Scheduled <span class="count">(%s)</span>')),
+ 'pending' => array(_x('Pending Review', 'post'), __('Pending posts'), _n_noop('Pending Review <span class="count">(%s)</span>', 'Pending Review <span class="count">(%s)</span>')),
+ 'draft' => array(_x('Draft', 'post'), _x('Drafts', 'manage posts header'), _n_noop('Draft <span class="count">(%s)</span>', 'Drafts <span class="count">(%s)</span>')),
+ 'private' => array(_x('Private', 'post'), __('Private posts'), _n_noop('Private <span class="count">(%s)</span>', 'Private <span class="count">(%s)</span>')),
);
$post_stati = apply_filters('post_stati', $post_stati);
$orderby = 'date';
}
- wp("post_type=post&what_to_show=posts$post_status_q&posts_per_page=15&order=$order&orderby=$orderby");
+ $posts_per_page = get_user_option('edit_per_page');
+ if ( empty($posts_per_page) )
+ $posts_per_page = 15;
+ $posts_per_page = apply_filters('edit_posts_per_page', $posts_per_page);
+
+ wp("post_type=post&$post_status_q&posts_per_page=$posts_per_page&order=$order&orderby=$orderby");
return array($post_stati, $avail_post_stati);
}
$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
$q['post_type'] = 'attachment';
$q['post_status'] = 'any';
- $q['posts_per_page'] = 15;
+ $media_per_page = get_user_option('upload_per_page');
+ if ( empty($media_per_page) )
+ $media_per_page = 20;
+ $q['posts_per_page'] = $media_per_page;
$post_mime_types = array( // array( adj, noun )
- 'image' => array(__('Images'), __('Manage Images'), __ngettext_noop('Image <span class="count">(%s)</span>', 'Images <span class="count">(%s)</span>')),
- 'audio' => array(__('Audio'), __('Manage Audio'), __ngettext_noop('Audio <span class="count">(%s)</span>', 'Audio <span class="count">(%s)</span>')),
- 'video' => array(__('Video'), __('Manage Video'), __ngettext_noop('Video <span class="count">(%s)</span>', 'Video <span class="count">(%s)</span>')),
+ 'image' => array(__('Images'), __('Manage Images'), _n_noop('Image <span class="count">(%s)</span>', 'Images <span class="count">(%s)</span>')),
+ 'audio' => array(__('Audio'), __('Manage Audio'), _n_noop('Audio <span class="count">(%s)</span>', 'Audio <span class="count">(%s)</span>')),
+ 'video' => array(__('Video'), __('Manage Video'), _n_noop('Video <span class="count">(%s)</span>', 'Video <span class="count">(%s)</span>')),
);
$post_mime_types = apply_filters('post_mime_types', $post_mime_types);
$current_user = wp_get_current_user();
if ( $closed = get_user_option('closedpostboxes_'.$page, 0, false ) ) {
if ( !is_array( $closed ) ) return '';
- return in_array( $id, $closed )? 'if-js-closed' : '';
+ return in_array( $id, $closed )? 'closed' : '';
} else {
return '';
}
$post->post_name = sanitize_title($post->post_name? $post->post_name : $post->post_title, $post->ID);
}
+ $post->post_name = wp_unique_post_slug($post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent);
+
// If the user wants to set a new name -- override the current one
// Note: if empty name is supplied -- use the title instead, see #6072
if (!is_null($name)) {
$post->post_name = sanitize_title($name? $name : $title, $post->ID);
}
- $post->filter = 'sample';
+ $post->filter = 'sample';
$permalink = get_permalink($post, true);
* @param unknown_type $new_slug
* @return unknown
*/
-function get_sample_permalink_html($id, $new_title=null, $new_slug=null) {
+function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) {
$post = &get_post($id);
list($permalink, $post_name) = get_sample_permalink($post->ID, $new_title, $new_slug);
- if (false === strpos($permalink, '%postname%') && false === strpos($permalink, '%pagename%')) {
- return '';
+ if ( 'publish' == $post->post_status )
+ $view_post = 'post' == $post->post_type ? __('View Post') : __('View Page');
+
+ if ( false === strpos($permalink, '%postname%') && false === strpos($permalink, '%pagename%') ) {
+ $return = '<strong>' . __('Permalink:') . "</strong>\n" . '<span id="sample-permalink">' . $permalink . "</span>\n";
+ if ( current_user_can( 'manage_options' ) )
+ $return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button" target="_blank">' . __('Change Permalinks') . "</a></span>\n";
+ if ( isset($view_post) )
+ $return .= "<span id='view-post-btn'><a href='$permalink' class='button' target='_blank'>$view_post</a></span>\n";
+
+ return $return;
}
+
$title = __('Click to edit this part of the permalink');
if (function_exists('mb_strlen')) {
if (mb_strlen($post_name) > 30) {
$post_name_abridged = $post_name;
}
}
- $post_name_html = '<span id="editable-post-name" title="'.$title.'">'.$post_name_abridged.'</span><span id="editable-post-name-full">'.$post_name.'</span>';
+
+ $post_name_html = '<span id="editable-post-name" title="' . $title . '">' . $post_name_abridged . '</span>';
$display_link = str_replace(array('%pagename%','%postname%'), $post_name_html, $permalink);
+ $view_link = str_replace(array('%pagename%','%postname%'), $post_name, $permalink);
$return = '<strong>' . __('Permalink:') . "</strong>\n" . '<span id="sample-permalink">' . $display_link . "</span>\n";
- $return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button" onclick="edit_permalink(' . $id . '); return false;">' . __('Edit') . "</a></span>\n";
+ $return .= '<span id="edit-slug-buttons"><a href="#post_name" class="edit-slug button hide-if-no-js" onclick="edit_permalink(' . $id . '); return false;">' . __('Edit') . "</a></span>\n";
+ $return .= '<span id="editable-post-name-full">' . $post_name . "</span>\n";
+ if ( isset($view_post) )
+ $return .= "<span id='view-post-btn'><a href='$view_link' class='button' target='_blank'>$view_post</a></span>\n";
+
return $return;
}
return wp_update_post( $new_autosave );
}
+ // _wp_put_post_revision() expects unescaped.
+ $_POST = stripslashes_deep($_POST);
+
// Otherwise create the new autosave as a special post revision
return _wp_put_post_revision( $_POST, true );
}
/**
* Adds the TinyMCE editor used on the Write and Edit screens.
*
- * Has option to output a trimmed down version used in Press This.
- *
* @package WordPress
* @since 2.7
+ *
+ * TinyMCE is loaded separately from other Javascript by using wp-tinymce.php. It outputs concatenated
+ * and optionaly pre-compressed version of the core and all default plugins. Additional plugins are loaded
+ * directly by TinyMCE using non-blocking method. Custom plugins can be refreshed by adding a query string
+ * to the URL when queueing them with the mce_external_plugins filter.
+ *
+ * @param bool $teeny optional Output a trimmed down version used in Press This.
*/
function wp_tiny_mce( $teeny = false ) {
+ global $concatenate_scripts, $compress_scripts, $tinymce_version;
+
if ( ! user_can_richedit() )
return;
$baseurl = includes_url('js/tinymce');
- $mce_css = $baseurl . '/wordpress.css';
- $mce_css = apply_filters('mce_css', $mce_css);
-
$mce_locale = ( '' == get_locale() ) ? 'en' : strtolower( substr(get_locale(), 0, 2) ); // only ISO 639-1
/*
$plugins = apply_filters( 'teeny_mce_plugins', array('safari', 'inlinepopups', 'media', 'autosave', 'fullscreen') );
$ext_plugins = '';
} else {
- $plugins = array( 'safari', 'inlinepopups', 'autosave', 'spellchecker', 'paste', 'wordpress', 'media', 'fullscreen', 'wpeditimage', 'wpgallery' );
+ $plugins = array( 'safari', 'inlinepopups', 'spellchecker', 'paste', 'wordpress', 'media', 'fullscreen', 'wpeditimage', 'wpgallery', 'tabfocus' );
/*
The following filter takes an associative array of external plugins for TinyMCE in the form 'plugin_name' => 'url'.
*/
$mce_external_plugins = apply_filters('mce_external_plugins', array());
- $ext_plugins = "\n";
+ $ext_plugins = '';
if ( ! empty($mce_external_plugins) ) {
/*
// TinyMCE init settings
$initArray = array (
- 'mode' => 'none',
- 'onpageload' => 'switchEditors.edInit',
+ 'mode' => 'specific_textareas',
+ 'editor_selector' => 'theEditor',
'width' => '100%',
'theme' => 'advanced',
'skin' => 'wp_theme',
'convert_urls' => false,
'apply_source_formatting' => false,
'remove_linebreaks' => true,
- 'paste_convert_middot_lists' => true,
- 'paste_remove_spans' => true,
- 'paste_remove_styles' => true,
'gecko_spellcheck' => true,
'entities' => '38,amp,60,lt,62,gt',
'accessibility_focus' => true,
- 'tab_focus' => ':prev,:next',
- 'content_css' => "$mce_css",
+ 'tabfocus_elements' => 'major-publishing-actions',
+ 'media_strict' => false,
'save_callback' => 'switchEditors.saveCallback',
'wpeditimage_disable_captions' => $no_captions,
'plugins' => "$plugins"
);
+ $mce_css = trim(apply_filters('mce_css', ''), ' ,');
+
+ if ( ! empty($mce_css) )
+ $initArray['content_css'] = "$mce_css";
+
// For people who really REALLY know what they're doing with TinyMCE
// You can modify initArray to add, remove, change elements of the config before tinyMCE.init
// Setting "valid_elements", "invalid_elements" and "extended_valid_elements" can be done through "tiny_mce_before_init".
$initArray = apply_filters('tiny_mce_before_init', $initArray);
}
- $language = $initArray['language'];
+ if ( empty($initArray['theme_advanced_buttons3']) && !empty($initArray['theme_advanced_buttons4']) ) {
+ $initArray['theme_advanced_buttons3'] = $initArray['theme_advanced_buttons4'];
+ $initArray['theme_advanced_buttons4'] = '';
+ }
- $ver = apply_filters('tiny_mce_version', '3101');
+ if ( ! isset($concatenate_scripts) )
+ script_concat_settings();
+
+ $language = $initArray['language'];
+ $zip = $compress_scripts ? 1 : 0;
+
+ /**
+ * Deprecated
+ *
+ * The tiny_mce_version filter is not needed since external plugins are loaded directly by TinyMCE.
+ * These plugins can be refreshed by appending query string to the URL passed to mce_external_plugins filter.
+ * If the plugin has a popup dialog, a query string can be added to the button action that opens it (in the plugin's code).
+ */
+ $version = apply_filters('tiny_mce_version', '');
+ $version = 'ver=' . $tinymce_version . $version;
if ( 'en' != $language )
include_once(ABSPATH . WPINC . '/js/tinymce/langs/wp-langs.php');
tinyMCEPreInit = {
base : "<?php echo $baseurl; ?>",
suffix : "",
- query : "ver=<?php echo $ver; ?>",
+ query : "<?php echo $version; ?>",
mceInit : {<?php echo $mce_options; ?>},
-
- go : function() {
- var t = this, sl = tinymce.ScriptLoader, ln = t.mceInit.language, th = t.mceInit.theme, pl = t.mceInit.plugins;
-
- sl.markDone(t.base + '/langs/' + ln + '.js');
-
- sl.markDone(t.base + '/themes/' + th + '/langs/' + ln + '.js');
- sl.markDone(t.base + '/themes/' + th + '/langs/' + ln + '_dlg.js');
-
- tinymce.each(pl.split(','), function(n) {
- if (n && n.charAt(0) != '-') {
- sl.markDone(t.base + '/plugins/' + n + '/langs/' + ln + '.js');
- sl.markDone(t.base + '/plugins/' + n + '/langs/' + ln + '_dlg.js');
- }
- });
- },
-
- load_ext : function(url,lang) {
- var sl = tinymce.ScriptLoader;
-
- sl.markDone(url + '/langs/' + lang + '.js');
- sl.markDone(url + '/langs/' + lang + '_dlg.js');
- }
+ load_ext : function(url,lang){var sl=tinymce.ScriptLoader;sl.markDone(url+'/langs/'+lang+'.js');sl.markDone(url+'/langs/'+lang+'_dlg.js');}
};
/* ]]> */
</script>
-<script type="text/javascript" src="<?php echo $baseurl; ?>/tiny_mce.js?ver=<?php echo $ver; ?>"></script>
-<?php if ( 'en' != $language && isset($lang) ) { ?>
+
+<?php
+ if ( $concatenate_scripts )
+ echo "<script type='text/javascript' src='$baseurl/wp-tinymce.php?c=$zip&$version'></script>\n";
+ else
+ echo "<script type='text/javascript' src='$baseurl/tiny_mce.js?$version'></script>\n";
+
+ if ( 'en' != $language && isset($lang) )
+ echo "<script type='text/javascript'>\n$lang\n</script>\n";
+ else
+ echo "<script type='text/javascript' src='$baseurl/langs/wp-langs-en.js?$version'></script>\n";
+?>
+
<script type="text/javascript">
-<?php echo $lang; ?>
-</script>
+/* <![CDATA[ */
+<?php if ( $ext_plugins ) echo "$ext_plugins\n"; ?>
+<?php if ( $concatenate_scripts ) { ?>
+tinyMCEPreInit.go();
<?php } else { ?>
-<script type="text/javascript" src="<?php echo $baseurl; ?>/langs/wp-langs-en.js?ver=<?php echo $ver; ?>"></script>
+(function(){var t=tinyMCEPreInit,sl=tinymce.ScriptLoader,ln=t.mceInit.language,th=t.mceInit.theme,pl=t.mceInit.plugins;sl.markDone(t.base+'/langs/'+ln+'.js');sl.markDone(t.base+'/themes/'+th+'/langs/'+ln+'.js');sl.markDone(t.base+'/themes/'+th+'/langs/'+ln+'_dlg.js');tinymce.each(pl.split(','),function(n){if(n&&n.charAt(0)!='-'){sl.markDone(t.base+'/plugins/'+n+'/langs/'+ln+'.js');sl.markDone(t.base+'/plugins/'+n+'/langs/'+ln+'_dlg.js');}});})();
<?php } ?>
-<script type="text/javascript">
-<?php if ( $ext_plugins ) echo $ext_plugins; ?>
-
-// Mark translations as done
-tinyMCEPreInit.go();
-
-// Init
tinyMCE.init(tinyMCEPreInit.mceInit);
+/* ]]> */
</script>
-
<?php
}
-?>