X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/3f5685912e89eb3b0534acd85aa0946b1ca2bbe3..refs/tags/wordpress-4.3:/wp-admin/press-this.php diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php index 4eda788c..6f27a095 100644 --- a/wp-admin/press-this.php +++ b/wp-admin/press-this.php @@ -6,592 +6,19 @@ * @subpackage Press_This */ +define('IFRAME_REQUEST' , true); + /** WordPress Administration Bootstrap */ -require_once('admin.php'); -header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); +require_once( dirname( __FILE__ ) . '/admin.php' ); -if ( ! current_user_can('edit_posts') ) - wp_die( __( 'Cheatin’ uh?' ) ); +if ( ! current_user_can( 'edit_posts' ) || ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) + wp_die( __( 'Cheatin’ uh?' ), 403 ); /** - * Convert characters. - * - * @package WordPress - * @subpackage Press_This - * @since 2.6.0 - * - * @param string $text - * @return string + * @global WP_Press_This $wp_press_this */ -function aposfix($text) { - $translation_table[chr(34)] = '"'; - $translation_table[chr(38)] = '&'; - $translation_table[chr(39)] = '''; - return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($text, $translation_table)); -} - -/** - * Press It form handler. - * - * @package WordPress - * @subpackage Press_This - * @since 2.6.0 - * - * @return int Post ID - */ -function press_it() { - // define some basic variables - $quick['post_status'] = 'draft'; // set as draft first - $quick['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : null; - $quick['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : null; - $quick['post_title'] = ( trim($_POST['title']) != '' ) ? $_POST['title'] : ' '; - $quick['post_content'] = isset($_POST['post_content']) ? $_POST['post_content'] : ''; - - // insert the post with nothing in it, to get an ID - $post_ID = wp_insert_post($quick, true); - if ( is_wp_error($post_ID) ) - wp_die($post_ID); - - $content = isset($_POST['content']) ? $_POST['content'] : ''; - - $upload = false; - if( !empty($_POST['photo_src']) && current_user_can('upload_files') ) { - foreach( (array) $_POST['photo_src'] as $key => $image) { - // see if files exist in content - we don't want to upload non-used selected files. - if ( strpos($_POST['content'], htmlspecialchars($image)) !== false ) { - $desc = isset($_POST['photo_description'][$key]) ? $_POST['photo_description'][$key] : ''; - $upload = media_sideload_image($image, $post_ID, $desc); - - // Replace the POSTED content with correct uploaded ones. Regex contains fix for Magic Quotes - if( !is_wp_error($upload) ) - $content = preg_replace('/]*)src=\\\?(\"|\')'.preg_quote(htmlspecialchars($image), '/').'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content); - } - } - } - // set the post_content and status - $quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft'; - $quick['post_content'] = $content; - // error handling for media_sideload - if ( is_wp_error($upload) ) { - wp_delete_post($post_ID); - wp_die($upload); - } else { - $quick['ID'] = $post_ID; - wp_update_post($quick); - } - return $post_ID; -} - -// For submitted posts. -if ( isset($_REQUEST['action']) && 'post' == $_REQUEST['action'] ) { - check_admin_referer('press-this'); - $post_ID = press_it(); - $posted = $post_ID; -} else { - $post_ID = 0; -} - -// Set Variables -$title = isset( $_GET['t'] ) ? trim( strip_tags( aposfix( stripslashes( $_GET['t'] ) ) ) ) : ''; -$selection = isset( $_GET['s'] ) ? trim( htmlspecialchars( html_entity_decode( aposfix( stripslashes( $_GET['s'] ) ) ) ) ) : ''; -if ( ! empty($selection) ) { - $selection = preg_replace('/(\r?\n|\r)/', '

', $selection); - $selection = '

'.str_replace('

', '', $selection).'

'; -} - -$url = isset($_GET['u']) ? esc_url($_GET['u']) : ''; -$image = isset($_GET['i']) ? $_GET['i'] : ''; - -if ( !empty($_REQUEST['ajax']) ) { - switch ($_REQUEST['ajax']) { - case 'video': ?> - -
-

-
- -

-
-
- - -

-
-
- -
-
- -

- - - <?php echo esc_attr(__('Click to insert.')); ?> - -

- -

- - -

-
-
- -
-
-

-
-
- -
-
- -

|

- ]*)src=(\"|\')([^<>\'\"]+)(\2)([^>]*)\/*>/i'; - $content = str_replace(array("\n","\t","\r"), '', $content); - preg_match_all($pattern, $content, $matches); - if ( empty($matches[0]) ) - return ''; - $sources = array(); - foreach ($matches[3] as $src) { - // if no http in url - if(strpos($src, 'http') === false) - // if it doesn't have a relative uri - if( strpos($src, '../') === false && strpos($src, './') === false && strpos($src, '/') === 0) - $src = 'http://'.str_replace('//','/', $host['host'].'/'.$src); - else - $src = 'http://'.str_replace('//','/', $host['host'].'/'.dirname($host['path']).'/'.$src); - $sources[] = esc_attr($src); - } - return "'" . implode("','", $sources) . "'"; - } - $url = wp_kses(urldecode($url), null); - echo 'new Array('.get_images_from_uri($url).')'; - break; - - case 'photo_js': ?> - // gather images and load some default JS - var last = null - var img, img_tag, aspect, w, h, skip, i, strtoappend = ""; - if(photostorage == false) { - var my_src = eval( - jQuery.ajax({ - type: "GET", - url: "", - cache : false, - async : false, - data: "ajax=photo_images&u=", - dataType : "script" - }).responseText - ); - if(my_src.length == 0) { - var my_src = eval( - jQuery.ajax({ - type: "GET", - url: "", - cache : false, - async : false, - data: "ajax=photo_images&u=", - dataType : "script" - }).responseText - ); - if(my_src.length == 0) { - strtoappend = ''; - } - } - } - for (i = 0; i < my_src.length; i++) { - img = new Image(); - img.src = my_src[i]; - img_attr = 'id="img' + i + '"'; - skip = false; - - maybeappend = ''; - - if (img.width && img.height) { - if (img.width >= 30 && img.height >= 30) { - aspect = img.width / img.height; - scale = (aspect > 1) ? (71 / img.width) : (71 / img.height); - - w = img.width; - h = img.height; - - if (scale < 1) { - w = parseInt(img.width * scale); - h = parseInt(img.height * scale); - } - img_attr += ' style="width: ' + w + 'px; height: ' + h + 'px;"'; - strtoappend += maybeappend; - } - } else { - strtoappend += maybeappend; - } - } - - function pick(img, desc) { - if (img) { - if('object' == typeof jQuery('.photolist input') && jQuery('.photolist input').length != 0) length = jQuery('.photolist input').length; - if(length == 0) length = 1; - jQuery('.photolist').append(''); - jQuery('.photolist').append(''); - insert_editor( "\n\n" + encodeURI('

' + desc + '

')); - } - return false; - } - - function image_selector() { - tb_remove(); - desc = jQuery('#this_photo_description').val(); - src = jQuery('#this_photo').val(); - pick(src, desc); - jQuery('#extra-fields').hide(); - jQuery('#extra-fields').html(''); - return false; - } - jQuery('#extra-fields').html('

Add Photos ()

'); - jQuery('#img_container').html(strtoappend); - - - > - - - <?php _e('Press This') ?> - - - - - '370' ) ); -?> - - - - -
-
-
-
-

- - - - - - - - -
- -
-
-
-
-

-
-

- - - - -

- - -

-
-
- -
-
-
-
-

-
- -
- -
    - -
-
- -
- -

- - 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?> - - - -

-
-
-
- -
-
-
-
-

-
-
-

- - -

- - -
-

-
-
-

-
-
-
-
-
- -

| |

- - -
-
- -
-
- - - -
-
    - -
  • - Add: -<?php _e('Insert an Image'); ?> - -
    • -
  • - <?php _e('Embed a Video'); ?> -
    • - -
  • - - - - -
    -
    • - -
-
-
- -
-
-
-
-
- - - - +$GLOBALS['wp_press_this']->html();