X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/022dfbbbe3215917d84708eb09acca93b21ae9e0..849f15aeed7a5e39314057bdc0064d8edd60dd7d:/wp-admin/post.php diff --git a/wp-admin/post.php b/wp-admin/post.php index 44a3ea2d..805c46e6 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -1,443 +1,318 @@ post_type; + $post_type_object = get_post_type_object( $post_type ); +} + +/** + * Redirect to previous page. + * + * @param int $post_id Optional. Post ID. + */ +function redirect_post($post_id = '') { + if ( isset($_POST['save']) || isset($_POST['publish']) ) { + $status = get_post_status( $post_id ); + + if ( isset( $_POST['publish'] ) ) { + switch ( $status ) { + case 'pending': + $message = 8; + break; + case 'future': + $message = 9; + break; + default: + $message = 6; } } else { - $$wpvar = $_POST["$wpvar"]; + $message = 'draft' == $status ? 10 : 1; } + + $location = add_query_arg( 'message', $message, get_edit_post_link( $post_id, 'url' ) ); + } elseif ( isset($_POST['addmeta']) && $_POST['addmeta'] ) { + $location = add_query_arg( 'message', 2, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; + } elseif ( isset($_POST['deletemeta']) && $_POST['deletemeta'] ) { + $location = add_query_arg( 'message', 3, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; + } else { + $location = add_query_arg( 'message', 4, get_edit_post_link( $post_id, 'url' ) ); } -} -if (isset($_POST['deletepost'])) { -$action = "delete"; + /** + * Filter the post redirect destination URL. + * + * @since 2.9.0 + * + * @param string $location The destination URL. + * @param int $post_id The post ID. + */ + wp_redirect( apply_filters( 'redirect_post_location', $location, $post_id ) ); + exit; } -// Fix submenu highlighting for pages. -if ( isset($_REQUEST['post']) && 'static' == get_post_status($_REQUEST['post']) ) - $submenu_file = 'page-new.php'; - -$editing = true; - -switch($action) { -case 'post': - check_admin_referer('add-post'); - - $post_ID = write_post(); - - // Redirect. - if (!empty($_POST['mode'])) { - switch($_POST['mode']) { - case 'bookmarklet': - $location = $_POST['referredby']; - break; - case 'sidebar': - $location = 'sidebar.php?a=b'; - break; - default: - $location = 'post.php'; - break; - } +if ( isset( $_POST['deletepost'] ) ) + $action = 'delete'; +elseif ( isset($_POST['wp-preview']) && 'dopreview' == $_POST['wp-preview'] ) + $action = 'preview'; + +$sendback = wp_get_referer(); +if ( ! $sendback || + strpos( $sendback, 'post.php' ) !== false || + strpos( $sendback, 'post-new.php' ) !== false ) { + if ( 'attachment' == $post_type ) { + $sendback = admin_url( 'upload.php' ); } else { - $location = "post.php?posted=$post_ID"; + $sendback = admin_url( 'edit.php' ); + $sendback .= ( ! empty( $post_type ) ) ? '?post_type=' . $post_type : ''; } +} else { + $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), $sendback ); +} - if ( 'static' == $_POST['post_status'] ) - $location = "page-new.php?saved=$post_ID"; - - if ( isset($_POST['save']) ) - $location = "post.php?action=edit&post=$post_ID"; - - wp_redirect($location); - exit(); - break; - -case 'edit': - $title = __('Edit'); - - require_once('admin-header.php'); +switch($action) { +case 'post-quickdraft-save': + // Check nonce and capabilities + $nonce = $_REQUEST['_wpnonce']; + $error_msg = false; - $post_ID = $p = (int) $_GET['post']; + // For output of the quickdraft dashboard widget + require_once ABSPATH . 'wp-admin/includes/dashboard.php'; - if ( !current_user_can('edit_post', $post_ID) ) - die ( __('You are not allowed to edit this post.') ); + if ( ! wp_verify_nonce( $nonce, 'add-post' ) ) + $error_msg = __( 'Unable to submit this form, please refresh and try again.' ); - $post = get_post_to_edit($post_ID); - - if ($post->post_status == 'static') - include('edit-page-form.php'); - else - include('edit-form-advanced.php'); + if ( ! current_user_can( 'edit_posts' ) ) + $error_msg = __( 'Oops, you don’t have access to add new drafts.' ); - ?> -
-

- -
- post_type ); - check_admin_referer('update-attachment_' . $post_id); + $_POST['comment_status'] = get_option( 'default_comment_status' ); + $_POST['ping_status'] = get_option( 'default_ping_status' ); - // Don't let these be changed - unset($_POST['guid']); - $_POST['post_status'] = 'attachment'; + edit_post(); + wp_dashboard_quick_press(); + exit; - // Update the thumbnail filename - $oldmeta = $newmeta = get_post_meta($post_id, '_wp_attachment_metadata', true); - $newmeta['thumb'] = $_POST['thumb']; +case 'postajaxpost': +case 'post': + check_admin_referer( 'add-' . $post_type ); + $post_id = 'postajaxpost' == $action ? edit_post() : write_post(); + redirect_post( $post_id ); + exit(); - if ( '' !== $oldmeta ) - update_post_meta($post_id, '_wp_attachment_metadata', $newmeta, $oldmeta); - else - add_post_meta($post_id, '_wp_attachment_metadata', $newmeta); +case 'edit': + $editing = true; -case 'editpost': - $post_ID = (int) $_POST['post_ID']; - check_admin_referer('update-post_' . $post_ID); - - $post_ID = edit_post(); - - $referredby = ''; - if ( !empty($_POST['referredby']) ) - $referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']); - $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer()); - - if ($_POST['save']) { - $location = wp_get_referer(); - } elseif ($_POST['updatemeta']) { - $location = wp_get_referer() . '&message=2#postcustom'; - } elseif ($_POST['deletemeta']) { - $location = wp_get_referer() . '&message=3#postcustom'; - } elseif (!empty($referredby) && $referredby != $referer) { - $location = $_POST['referredby']; - if ( $_POST['referredby'] == 'redo' ) - $location = get_permalink( $post_ID ); - } elseif ($action == 'editattachment') { - $location = 'attachments.php'; - } else { - $location = 'post.php'; + if ( empty( $post_id ) ) { + wp_redirect( admin_url('post.php') ); + exit(); } - wp_redirect($location); // Send user on their way while we keep working + if ( ! $post ) + wp_die( __( 'You attempted to edit an item that doesn’t exist. Perhaps it was deleted?' ) ); - exit(); - break; + if ( ! $post_type_object ) + wp_die( __( 'Unknown post type.' ) ); -case 'delete': - $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']); + if ( ! current_user_can( 'edit_post', $post_id ) ) + wp_die( __( 'You are not allowed to edit this item.' ) ); - $post = & get_post($post_id); - if ( 'static' == $post->post_status ) - check_admin_referer('delete-page_' . $post_id); - else - check_admin_referer('delete-post_' . $post_id); + if ( 'trash' == $post->post_status ) + wp_die( __( 'You can’t edit this item because it is in the Trash. Please restore it and try again.' ) ); - if ( !current_user_can('edit_post', $post_id) ) - die( __('You are not allowed to delete this post.') ); + if ( ! empty( $_GET['get-post-lock'] ) ) { + wp_set_post_lock( $post_id ); + wp_redirect( get_edit_post_link( $post_id, 'url' ) ); + exit(); + } - if ( $post->post_status == 'attachment' ) { - if ( ! wp_delete_attachment($post_id) ) - die( __('Error in deleting...') ); + $post_type = $post->post_type; + if ( 'post' == $post_type ) { + $parent_file = "edit.php"; + $submenu_file = "edit.php"; + $post_new_file = "post-new.php"; + } elseif ( 'attachment' == $post_type ) { + $parent_file = 'upload.php'; + $submenu_file = 'upload.php'; + $post_new_file = 'media-new.php'; } else { - if ( !wp_delete_post($post_id) ) - die( __('Error in deleting...') ); + if ( isset( $post_type_object ) && $post_type_object->show_in_menu && $post_type_object->show_in_menu !== true ) + $parent_file = $post_type_object->show_in_menu; + else + $parent_file = "edit.php?post_type=$post_type"; + $submenu_file = "edit.php?post_type=$post_type"; + $post_new_file = "post-new.php?post_type=$post_type"; } - $sendback = wp_get_referer(); - if ( 'static' == $post->post_status ) - $sendback = get_option('siteurl') . '/wp-admin/edit-pages.php'; - elseif ( strstr($sendback, 'post.php') ) - $sendback = get_option('siteurl') .'/wp-admin/post.php'; - elseif ( strstr($sendback, 'attachments.php') ) - $sendback = get_option('siteurl') .'/wp-admin/attachments.php'; - wp_redirect($sendback); - break; - -case 'editcomment': - $title = __('Edit Comment'); - $parent_file = 'edit.php'; - require_once ('admin-header.php'); - - get_currentuserinfo(); + if ( ! wp_check_post_lock( $post->ID ) ) { + $active_post_lock = wp_set_post_lock( $post->ID ); - $comment = (int) $_GET['comment']; + if ( 'attachment' !== $post_type ) + wp_enqueue_script('autosave'); + } - if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'javascript:history.go(-1)')); + if ( is_multisite() ) { + add_action( 'admin_footer', '_admin_notice_post_locked' ); + } else { + $check_users = get_users( array( 'fields' => 'ID', 'number' => 2 ) ); - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post.') ); + if ( count( $check_users ) > 1 ) + add_action( 'admin_footer', '_admin_notice_post_locked' ); - $comment = get_comment_to_edit($comment); + unset( $check_users ); + } - include('edit-form-comment.php'); + $title = $post_type_object->labels->edit_item; + $post = get_post($post_id, OBJECT, 'edit'); - break; + if ( post_type_supports($post_type, 'comments') ) { + wp_enqueue_script('admin-comments'); + enqueue_comment_hotkeys_js(); + } -case 'confirmdeletecomment': - - require_once('./admin-header.php'); - - $comment = (int) $_GET['comment']; - $p = (int) $_GET['p']; - - if ( ! $comment = get_comment_to_edit($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'edit.php')); - - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to delete comments on this post.') ); - - echo "
\n"; - echo "

" . __('Caution: You are about to delete the following comment:') . "

\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "
" . __('Author:') . "$comment->comment_author
" . __('E-mail:') . "$comment->comment_author_email
". __('URL:') . "$comment->comment_author_url
". __('Comment:') . "$comment->comment_content
\n"; - echo "

" . __('Are you sure you want to do that?') . "

\n"; - - echo "
\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - wp_nonce_field('delete-comment_' . $comment->comment_ID); - echo ""; - echo "  "; - echo "\n"; - echo "
\n"; - echo "
\n"; + include( ABSPATH . 'wp-admin/edit-form-advanced.php' ); break; -case 'deletecomment': - $comment = (int) $_GET['comment']; - check_admin_referer('delete-comment_' . $comment); +case 'editattachment': + check_admin_referer('update-post_' . $post_id); - $p = (int) $_GET['p']; - if (isset($_GET['noredir'])) { - $noredir = true; - } else { - $noredir = false; - } + // Don't let these be changed + unset($_POST['guid']); + $_POST['post_type'] = 'attachment'; - $postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID. Go back!'), 'edit.php')); + // Update the thumbnail filename + $newmeta = wp_get_attachment_metadata( $post_id, true ); + $newmeta['thumb'] = $_POST['thumb']; - if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'post.php')); + wp_update_attachment_metadata( $post_id, $newmeta ); - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post.') ); +case 'editpost': + check_admin_referer('update-post_' . $post_id); - wp_set_comment_status($comment->comment_ID, "delete"); - do_action('delete_comment', $comment->comment_ID); + $post_id = edit_post(); - if ((wp_get_referer() != "") && (false == $noredir)) { - wp_redirect(wp_get_referer()); - } else { - wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); + // Session cookie flag that the post was saved + if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) { + setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS ); } - break; + redirect_post($post_id); // Send user on their way while we keep working -case 'unapprovecomment': - $comment = (int) $_GET['comment']; - check_admin_referer('unapprove-comment_' . $comment); + exit(); - $p = (int) $_GET['p']; - if (isset($_GET['noredir'])) { - $noredir = true; - } else { - $noredir = false; - } +case 'trash': + check_admin_referer('trash-post_' . $post_id); - if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'edit.php')); + if ( ! $post ) + wp_die( __( 'The item you are trying to move to the Trash no longer exists.' ) ); - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') ); + if ( ! $post_type_object ) + wp_die( __( 'Unknown post type.' ) ); - wp_set_comment_status($comment->comment_ID, "hold"); + if ( ! current_user_can( 'delete_post', $post_id ) ) + wp_die( __( 'You are not allowed to move this item to the Trash.' ) ); - if ((wp_get_referer() != "") && (false == $noredir)) { - wp_redirect(wp_get_referer()); - } else { - wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); + if ( $user_id = wp_check_post_lock( $post_id ) ) { + $user = get_userdata( $user_id ); + wp_die( sprintf( __( 'You cannot move this item to the Trash. %s is currently editing.' ), $user->display_name ) ); } - break; + if ( ! wp_trash_post( $post_id ) ) + wp_die( __( 'Error in moving to Trash.' ) ); -case 'mailapprovecomment': - $comment = (int) $_GET['comment']; - check_admin_referer('approve-comment_' . $comment); - - if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'edit.php')); + wp_redirect( add_query_arg( array('trashed' => 1, 'ids' => $post_id), $sendback ) ); + exit(); - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); +case 'untrash': + check_admin_referer('untrash-post_' . $post_id); - if ('1' != $comment->comment_approved) { - wp_set_comment_status($comment->comment_ID, 'approve'); - if (true == get_option('comments_notify')) - wp_notify_postauthor($comment->comment_ID); - } + if ( ! $post ) + wp_die( __( 'The item you are trying to restore from the Trash no longer exists.' ) ); - wp_redirect(get_option('siteurl') . '/wp-admin/moderation.php?approved=1'); + if ( ! $post_type_object ) + wp_die( __( 'Unknown post type.' ) ); - break; + if ( ! current_user_can( 'delete_post', $post_id ) ) + wp_die( __( 'You are not allowed to move this item out of the Trash.' ) ); -case 'approvecomment': - $comment = (int) $_GET['comment']; - check_admin_referer('approve-comment_' . $comment); + if ( ! wp_untrash_post( $post_id ) ) + wp_die( __( 'Error in restoring from Trash.' ) ); - $p = (int) $_GET['p']; - if (isset($_GET['noredir'])) { - $noredir = true; - } else { - $noredir = false; - } + wp_redirect( add_query_arg('untrashed', 1, $sendback) ); + exit(); - if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. Go back!'), 'edit.php')); +case 'delete': + check_admin_referer('delete-post_' . $post_id); - if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); + if ( ! $post ) + wp_die( __( 'This item has already been deleted.' ) ); - wp_set_comment_status($comment->comment_ID, "approve"); - if (get_settings("comments_notify") == true) { - wp_notify_postauthor($comment->comment_ID); - } + if ( ! $post_type_object ) + wp_die( __( 'Unknown post type.' ) ); + if ( ! current_user_can( 'delete_post', $post_id ) ) + wp_die( __( 'You are not allowed to delete this item.' ) ); - if ((wp_get_referer() != "") && (false == $noredir)) { - wp_redirect(wp_get_referer()); + $force = ! EMPTY_TRASH_DAYS; + if ( $post->post_type == 'attachment' ) { + $force = ( $force || ! MEDIA_TRASH ); + if ( ! wp_delete_attachment( $post_id, $force ) ) + wp_die( __( 'Error in deleting.' ) ); } else { - wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments'); + if ( ! wp_delete_post( $post_id, $force ) ) + wp_die( __( 'Error in deleting.' ) ); } - break; - -case 'editedcomment': - - $comment_ID = (int) $_POST['comment_ID']; - $comment_post_ID = (int) $_POST['comment_post_ID']; + wp_redirect( add_query_arg('deleted', 1, $sendback) ); + exit(); - check_admin_referer('update-comment_' . $comment_ID); +case 'preview': + check_admin_referer( 'update-post_' . $post_id ); - edit_comment(); + $url = post_preview(); - $location = ( empty($_POST['referredby']) ? "edit.php?p=$comment_post_ID&c=1" : $_POST['referredby'] ) . '#comment-' . $comment_ID; - $location = apply_filters('comment_edit_redirect', $location, $comment_ID); - wp_redirect($location); + wp_redirect($url); exit(); - break; default: - $title = __('Create New Post'); - require_once ('./admin-header.php'); -?> - -

»

- - -
-

- 15 ) $num_drafts = 15; - for ( $i = 0; $i < $num_drafts; $i++ ) { - $draft = $drafts[$i]; - if ( 0 != $i ) - echo ', '; - $draft->post_title = stripslashes($draft->post_title); - if ( empty($draft->post_title) ) - $draft->post_title = sprintf(__('Post # %s'), $draft->ID); - echo "$draft->post_title"; - } - ?> - - , » - - .

-
- -
-'.__('WordPress bookmarklet').' -

'.__('Right click on the following link and choose "Add to favorites" to create a posting shortcut.').'

'; ?> -

- - - - - - -
-
-
- - - - - - -

-
- -
-

-You can also e-mail the admin to ask for a promotion.
-When you’re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?> -

-
- */ -include('admin-footer.php'); -?> +include( ABSPATH . 'wp-admin/admin-footer.php' );