<?php
+/**
+ * Edit post administration panel.
+ *
+ * Manage Post actions: post, edit, delete, etc.
+ *
+ * @package WordPress
+ * @subpackage Administration
+ */
+
+/** WordPress Administration Bootstrap */
require_once('admin.php');
-$wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder' );
-
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
- $wpvar = $wpvarstoreset[$i];
- if (!isset($$wpvar)) {
- if (empty($_POST["$wpvar"])) {
- if (empty($_GET["$wpvar"])) {
- $$wpvar = '';
- } else {
- $$wpvar = $_GET["$wpvar"];
- }
+$parent_file = 'edit.php';
+$submenu_file = 'edit.php';
+
+wp_reset_vars(array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder'));
+
+/**
+ * Redirect to previous page.
+ *
+ * @param int $post_ID Optional. Post ID.
+ */
+function redirect_post($post_ID = '') {
+ global $action;
+
+ $referredby = '';
+ if ( !empty($_POST['referredby']) ) {
+ $referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']);
+ $referredby = remove_query_arg('_wp_original_http_referer', $referredby);
+ }
+ $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer());
+
+ if ( !empty($_POST['mode']) && 'bookmarklet' == $_POST['mode'] ) {
+ $location = $_POST['referredby'];
+ } elseif ( !empty($_POST['mode']) && 'sidebar' == $_POST['mode'] ) {
+ if ( isset($_POST['saveasdraft']) )
+ $location = 'sidebar.php?a=c';
+ elseif ( isset($_POST['publish']) )
+ $location = 'sidebar.php?a=b';
+ } elseif ( ( isset($_POST['save']) || isset($_POST['publish']) ) ) {
+ if ( isset( $_POST['publish'] ) ) {
+ if ( 'pending' == get_post_status( $post_ID ) )
+ $location = add_query_arg( 'message', 8, get_edit_post_link( $post_ID, 'url' ) );
+ else
+ $location = add_query_arg( 'message', 6, get_edit_post_link( $post_ID, 'url' ) );
} else {
- $$wpvar = $_POST["$wpvar"];
+ $location = add_query_arg( 'message', 1, get_edit_post_link( $post_ID, 'url' ) );
}
+ } elseif (isset($_POST['addmeta']) && $_POST['addmeta']) {
+ $location = add_query_arg( 'message', 2, wp_get_referer() );
+ $location = explode('#', $location);
+ $location = $location[0] . '#postcustom';
+ } elseif (isset($_POST['deletemeta']) && $_POST['deletemeta']) {
+ $location = add_query_arg( 'message', 3, wp_get_referer() );
+ $location = explode('#', $location);
+ $location = $location[0] . '#postcustom';
+ } elseif ($action == 'editattachment') {
+ $location = 'attachments.php';
+ } elseif ( 'post-quickpress-save-cont' == $_POST['action'] ) {
+ $location = "post.php?action=edit&post=$post_ID&message=7";
+ } else {
+ $location = add_query_arg( 'message', 4, get_edit_post_link( $post_ID, 'url' ) );
}
-}
-if (isset($_POST['deletepost'])) {
-$action = "delete";
+ wp_redirect( $location );
}
-// Fix submenu highlighting for pages.
-if ( isset($_REQUEST['post']) && 'static' == get_post_status($_REQUEST['post']) )
- $submenu_file = 'page-new.php';
-
-$editing = true;
+if ( isset( $_POST['deletepost'] ) )
+ $action = 'delete';
+elseif ( isset($_POST['wp-preview']) && 'dopreview' == $_POST['wp-preview'] )
+ $action = 'preview';
switch($action) {
+case 'postajaxpost':
case 'post':
+case 'post-quickpress-publish':
+case 'post-quickpress-save':
check_admin_referer('add-post');
-
- $post_ID = write_post();
-
- // Redirect.
- if (!empty($_POST['mode'])) {
- switch($_POST['mode']) {
- case 'bookmarklet':
- $location = $_POST['referredby'];
- break;
- case 'sidebar':
- $location = 'sidebar.php?a=b';
- break;
- default:
- $location = 'post.php';
- break;
- }
- } else {
- $location = 'post.php?posted=true';
+
+ if ( 'post-quickpress-publish' == $action )
+ $_POST['publish'] = 'publish'; // tell write_post() to publish
+
+ if ( 'post-quickpress-publish' == $action || 'post-quickpress-save' == $action ) {
+ $_POST['comment_status'] = get_option('default_comment_status');
+ $_POST['ping_status'] = get_option('default_ping_status');
}
- if ( 'static' == $_POST['post_status'] )
- $location = "page-new.php?saved=true";
+ if ( !empty( $_POST['quickpress_post_ID'] ) ) {
+ $_POST['post_ID'] = (int) $_POST['quickpress_post_ID'];
+ $post_ID = edit_post();
+ } else {
+ $post_ID = 'postajaxpost' == $action ? edit_post() : write_post();
+ }
- if ( isset($_POST['save']) )
- $location = "post.php?action=edit&post=$post_ID";
+ if ( 0 === strpos( $action, 'post-quickpress' ) ) {
+ $_POST['post_ID'] = $post_ID;
+ // output the quickpress dashboard widget
+ require_once(ABSPATH . 'wp-admin/includes/dashboard.php');
+ wp_dashboard_quick_press();
+ exit;
+ }
- wp_redirect($location);
+ redirect_post($post_ID);
exit();
break;
case 'edit':
- $title = __('Edit');
-
- require_once('admin-header.php');
+ $editing = true;
+ if ( empty( $_GET['post'] ) ) {
+ wp_redirect("post.php");
+ exit();
+ }
$post_ID = $p = (int) $_GET['post'];
+ $post = get_post($post_ID);
+
+ if ( empty($post->ID) ) wp_die( __('You attempted to edit a post that doesn’t exist. Perhaps it was deleted?') );
+
+ if ( 'post' != $post->post_type ) {
+ wp_redirect( get_edit_post_link( $post->ID, 'url' ) );
+ exit();
+ }
+
+ wp_enqueue_script('post');
+ if ( user_can_richedit() )
+ wp_enqueue_script('editor');
+ add_thickbox();
+ wp_enqueue_script('media-upload');
+ wp_enqueue_script('word-count');
+ wp_enqueue_script( 'admin-comments' );
+ enqueue_comment_hotkeys_js();
+
+ if ( current_user_can('edit_post', $post_ID) ) {
+ if ( $last = wp_check_post_lock( $post->ID ) ) {
+ add_action('admin_notices', '_admin_notice_post_locked' );
+ } else {
+ wp_set_post_lock( $post->ID );
+ wp_enqueue_script('autosave');
+ }
+ }
+
+ $title = __('Edit Post');
if ( !current_user_can('edit_post', $post_ID) )
die ( __('You are not allowed to edit this post.') );
$post = get_post_to_edit($post_ID);
-
- if ($post->post_status == 'static')
- include('edit-page-form.php');
- else
- include('edit-form-advanced.php');
-
- ?>
- <div id='preview' class='wrap'>
- <h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit ↑'); ?></a></small></h2>
- <iframe src="<?php echo add_query_arg('preview', 'true', get_permalink($post->ID)); ?>" width="100%" height="600" ></iframe>
- </div>
- <?php
+
+ include('edit-form-advanced.php');
+
break;
case 'editattachment':
// Don't let these be changed
unset($_POST['guid']);
- $_POST['post_status'] = 'attachment';
+ $_POST['post_type'] = 'attachment';
// Update the thumbnail filename
- $oldmeta = $newmeta = get_post_meta($post_id, '_wp_attachment_metadata', true);
+ $newmeta = wp_get_attachment_metadata( $post_id, true );
$newmeta['thumb'] = $_POST['thumb'];
- if ( '' !== $oldmeta )
- update_post_meta($post_id, '_wp_attachment_metadata', $newmeta, $oldmeta);
- else
- add_post_meta($post_id, '_wp_attachment_metadata', $newmeta);
+ wp_update_attachment_metadata( $post_id, $newmeta );
case 'editpost':
$post_ID = (int) $_POST['post_ID'];
check_admin_referer('update-post_' . $post_ID);
-
- $post_ID = edit_post();
- $referredby = '';
- if ( !empty($_POST['referredby']) )
- $referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']);
- $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer());
-
- if ($_POST['save']) {
- $location = wp_get_referer();
- } elseif ($_POST['updatemeta']) {
- $location = wp_get_referer() . '&message=2#postcustom';
- } elseif ($_POST['deletemeta']) {
- $location = wp_get_referer() . '&message=3#postcustom';
- } elseif (!empty($referredby) && $referredby != $referer) {
- $location = $_POST['referredby'];
- if ( $_POST['referredby'] == 'redo' )
- $location = get_permalink( $post_ID );
- } elseif ($action == 'editattachment') {
- $location = 'attachments.php';
- } else {
- $location = 'post.php';
- }
+ $post_ID = edit_post();
- wp_redirect($location); // Send user on their way while we keep working
+ redirect_post($post_ID); // Send user on their way while we keep working
exit();
break;
check_admin_referer('delete-post_' . $post_id);
$post = & get_post($post_id);
-
- if ( !current_user_can('edit_post', $post_id) )
- die( __('You are not allowed to delete this post.') );
- if ( $post->post_status == 'attachment' ) {
+ if ( !current_user_can('delete_post', $post_id) )
+ wp_die( __('You are not allowed to delete this post.') );
+
+ if ( $post->post_type == 'attachment' ) {
if ( ! wp_delete_attachment($post_id) )
- die( __('Error in deleting...') );
+ wp_die( __('Error in deleting...') );
} else {
- if ( !wp_delete_post($post_id) )
- die( __('Error in deleting...') );
+ if ( !wp_delete_post($post_id) )
+ wp_die( __('Error in deleting...') );
}
$sendback = wp_get_referer();
- if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
- elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php';
- $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
+ if (strpos($sendback, 'post.php') !== false) $sendback = admin_url('edit.php?deleted=1');
+ elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
+ else $sendback = add_query_arg('deleted', 1, $sendback);
wp_redirect($sendback);
+ exit();
break;
-case 'editcomment':
- $title = __('Edit Comment');
- $parent_file = 'edit.php';
- require_once ('admin-header.php');
-
- get_currentuserinfo();
-
- $comment = (int) $_GET['comment'];
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post.') );
-
- $comment = get_comment_to_edit($comment);
-
- include('edit-form-comment.php');
-
- break;
-
-case 'confirmdeletecomment':
-
- require_once('./admin-header.php');
-
- $comment = (int) $_GET['comment'];
- $p = (int) $_GET['p'];
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to delete comments on this post.') );
-
- echo "<div class='wrap'>\n";
- echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n";
- echo "<table border='0'>\n";
- echo "<tr><td>" . __('Author:') . "</td><td>$comment->comment_author</td></tr>\n";
- echo "<tr><td>" . __('E-mail:') . "</td><td>$comment->comment_author_email</td></tr>\n";
- echo "<tr><td>". __('URL:') . "</td><td>$comment->comment_author_url</td></tr>\n";
- echo "<tr><td>". __('Comment:') . "</td><td>$comment->comment_content</td></tr>\n";
- echo "</table>\n";
- echo "<p>" . __('Are you sure you want to do that?') . "</p>\n";
-
- echo "<form action='".get_settings('siteurl')."/wp-admin/post.php' method='get'>\n";
- echo "<input type='hidden' name='action' value='deletecomment' />\n";
- echo "<input type='hidden' name='p' value='$p' />\n";
- echo "<input type='hidden' name='comment' value='{$comment->comment_ID}' />\n";
- echo "<input type='hidden' name='noredir' value='1' />\n";
- wp_nonce_field('delete-comment_' . $comment->comment_ID);
- echo "<input type='submit' value='" . __('Yes') . "' />";
- echo " ";
- echo "<input type='button' value='" . __('No') . "' onclick=\"self.location='". get_settings('siteurl') ."/wp-admin/edit.php?p=$p&c=1#comments';\" />\n";
- echo "</form>\n";
- echo "</div>\n";
-
- break;
-
-case 'deletecomment':
- $comment = (int) $_GET['comment'];
- check_admin_referer('delete-comment_' . $comment);
-
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- $postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post.') );
-
- wp_set_comment_status($comment->comment_ID, "delete");
- do_action('delete_comment', $comment->comment_ID);
-
- if ((wp_get_referer() != "") && (false == $noredir)) {
- wp_redirect(wp_get_referer());
- } else {
- wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'unapprovecomment':
- $comment = (int) $_GET['comment'];
- check_admin_referer('unapprove-comment_' . $comment);
-
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
-
- wp_set_comment_status($comment->comment_ID, "hold");
-
- if ((wp_get_referer() != "") && (false == $noredir)) {
- wp_redirect(wp_get_referer());
- } else {
- wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'mailapprovecomment':
- $comment = (int) $_GET['comment'];
- check_admin_referer('approve-comment_' . $comment);
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-
- if ('1' != $comment->comment_approved) {
- wp_set_comment_status($comment->comment_ID, 'approve');
- if (true == get_option('comments_notify'))
- wp_notify_postauthor($comment->comment_ID);
- }
-
- wp_redirect(get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
-
- break;
-
-case 'approvecomment':
- $comment = (int) $_GET['comment'];
- check_admin_referer('approve-comment_' . $comment);
-
- $p = (int) $_GET['p'];
- if (isset($_GET['noredir'])) {
- $noredir = true;
- } else {
- $noredir = false;
- }
-
- if ( ! $comment = get_comment($comment) )
- die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
- if ( !current_user_can('edit_post', $comment->comment_post_ID) )
- die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-
- wp_set_comment_status($comment->comment_ID, "approve");
- if (get_settings("comments_notify") == true) {
- wp_notify_postauthor($comment->comment_ID);
- }
-
-
- if ((wp_get_referer() != "") && (false == $noredir)) {
- wp_redirect(wp_get_referer());
- } else {
- wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
- }
-
- break;
-
-case 'editedcomment':
-
- $comment_ID = (int) $_POST['comment_ID'];
- $comment_post_ID = (int) $_POST['comment_post_ID'];
-
- check_admin_referer('update-comment_' . $comment_ID);
+case 'preview':
+ check_admin_referer( 'autosave', 'autosavenonce' );
- edit_comment();
-
- $referredby = $_POST['referredby'];
- if (!empty($referredby)) {
- wp_redirect($referredby);
- } else {
- wp_redirect("edit.php?p=$comment_post_ID&c=1#comments");
- }
+ $url = post_preview();
+ wp_redirect($url);
+ exit();
break;
default:
- $title = __('Create New Post');
- require_once ('./admin-header.php');
-?>
-<?php if ( isset($_GET['posted']) ) : ?>
-<div id="message" class="updated fade"><p><?php printf(__('Post saved. <a href="%s">View site »</a>'), get_bloginfo('home') . '/'); ?></p></div>
-<?php endif; ?>
-<?php
- if ( current_user_can('edit_posts') ) {
- $action = 'post';
- get_currentuserinfo();
- if ( $drafts = get_users_drafts( $user_ID ) ) {
- ?>
- <div class="wrap">
- <p><strong><?php _e('Your Drafts:') ?></strong>
- <?php
- $num_drafts = count($drafts);
- if ( $num_drafts > 15 ) $num_drafts = 15;
- for ( $i = 0; $i < $num_drafts; $i++ ) {
- $draft = $drafts[$i];
- if ( 0 != $i )
- echo ', ';
- $draft->post_title = stripslashes($draft->post_title);
- if ( empty($draft->post_title) )
- $draft->post_title = sprintf(__('Post # %s'), $draft->ID);
- echo "<a href='post.php?action=edit&post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
- }
- ?>
- <?php if ( 15 < count($drafts) ) { ?>
- , <a href="edit.php"><?php echo sprintf(__('and %s more'), (count($drafts) - 15) ); ?> »</a>
- <?php } ?>
- .</p>
- </div>
- <?php
- }
-
- $post = get_default_post_to_edit();
-
- include('edit-form-advanced.php');
-?>
-<div class="wrap">
-<?php echo '<h3>'.__('WordPress bookmarklet').'</h3>
-<p>'.__('Right click on the following link and choose "Add to favorites" to create a posting shortcut.').'</p>'; ?>
-<p>
-
-<?php
-if ($is_NS4 || $is_gecko) {
-?>
-<a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press It - %s'), wp_specialchars(get_settings('blogname'))); ?></a>
-<?php
-} else if ($is_winIE) {
-?>
-<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
-<script type="text/javascript">
-<!--
-function oneclickbookmarklet(blah) {
-window.open ("profile.php?action=IErightclick", "oneclickbookmarklet", "width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120");
-}
-// -->
-</script>
-<br />
-<br />
-<?php _e('One-click bookmarklet:') ?><br />
-<a href="javascript:oneclickbookmarklet(0);"><?php _e('click here') ?></a>
-<?php
-} else if ($is_opera) {
-?>
-<a href="javascript:location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/post.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
-<?php
-} else if ($is_macIE) {
-?>
-<a href="javascript:Q='';location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
-<?php
-}
-?>
-</p>
-</div>
-<?php
-} else {
-?>
-<div class="wrap">
-<p><?php printf(__('Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
-You can also <a href="mailto:%s?subject=Promotion?">e-mail the admin</a> to ask for a promotion.<br />
-When you’re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
-</p>
-</div>
-<?php
-}
-
+ wp_redirect('edit.php');
+ exit();
break;
} // end switch
-/* </Edit> */
include('admin-footer.php');
?>