X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/41578db67d72562346e4dbb2a14889b23d522813..53f4633144ed68c8b8fb5861f992b5489894a940:/wp-admin/post.php diff --git a/wp-admin/post.php b/wp-admin/post.php index f378c220..89bdc38c 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -23,7 +23,12 @@ elseif ( isset( $_POST['post_ID'] ) ) else $post_id = $post_ID = 0; -$post = $post_type = $post_type_object = null; +/** + * @global string $post_type + * @global object $post_type_object + * @global WP_Post $post + */ +global $post_type, $post_type_object, $post; if ( $post_id ) $post = get_post( $post_id ); @@ -54,7 +59,7 @@ function redirect_post($post_id = '') { $message = 6; } } else { - $message = 'draft' == $status ? 10 : 1; + $message = 'draft' == $status ? 10 : 1; } $location = add_query_arg( 'message', $message, get_edit_post_link( $post_id, 'url' ) ); @@ -95,7 +100,9 @@ if ( ! $sendback || $sendback = admin_url( 'upload.php' ); } else { $sendback = admin_url( 'edit.php' ); - $sendback .= ( ! empty( $post_type ) ) ? '?post_type=' . $post_type : ''; + if ( ! empty( $post_type ) ) { + $sendback = add_query_arg( 'post_type', $post_type, $sendback ); + } } } else { $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), $sendback ); @@ -113,8 +120,9 @@ case 'post-quickdraft-save': if ( ! wp_verify_nonce( $nonce, 'add-post' ) ) $error_msg = __( 'Unable to submit this form, please refresh and try again.' ); - if ( ! current_user_can( 'edit_posts' ) ) - $error_msg = __( 'Oops, you don’t have access to add new drafts.' ); + if ( ! current_user_can( 'edit_posts' ) ) { + exit; + } if ( $error_msg ) return wp_dashboard_quick_press( $error_msg ); @@ -122,13 +130,12 @@ case 'post-quickdraft-save': $post = get_post( $_REQUEST['post_ID'] ); check_admin_referer( 'add-' . $post->post_type ); - $_POST['comment_status'] = get_option( 'default_comment_status' ); - $_POST['ping_status'] = get_option( 'default_ping_status' ); + $_POST['comment_status'] = get_default_comment_status( $post->post_type ); + $_POST['ping_status'] = get_default_comment_status( $post->post_type, 'pingback' ); edit_post(); wp_dashboard_quick_press(); exit; - break; case 'postajaxpost': case 'post': @@ -136,7 +143,6 @@ case 'post': $post_id = 'postajaxpost' == $action ? edit_post() : write_post(); redirect_post( $post_id ); exit(); - break; case 'edit': $editing = true; @@ -159,6 +165,7 @@ case 'edit': wp_die( __( 'You can’t edit this item because it is in the Trash. Please restore it and try again.' ) ); if ( ! empty( $_GET['get-post-lock'] ) ) { + check_admin_referer( 'lock-post_' . $post_id ); wp_set_post_lock( $post_id ); wp_redirect( get_edit_post_link( $post_id, 'url' ) ); exit(); @@ -231,13 +238,13 @@ case 'editpost': $post_id = edit_post(); // Session cookie flag that the post was saved - if ( isset( $_COOKIE['wp-saving-post-' . $post_id] ) ) - setcookie( 'wp-saving-post-' . $post_id, 'saved' ); + if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) { + setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS ); + } redirect_post($post_id); // Send user on their way while we keep working exit(); - break; case 'trash': check_admin_referer('trash-post_' . $post_id); @@ -261,7 +268,6 @@ case 'trash': wp_redirect( add_query_arg( array('trashed' => 1, 'ids' => $post_id), $sendback ) ); exit(); - break; case 'untrash': check_admin_referer('untrash-post_' . $post_id); @@ -273,14 +279,13 @@ case 'untrash': wp_die( __( 'Unknown post type.' ) ); if ( ! current_user_can( 'delete_post', $post_id ) ) - wp_die( __( 'You are not allowed to move this item out of the Trash.' ) ); + wp_die( __( 'You are not allowed to restore this item from the Trash.' ) ); if ( ! wp_untrash_post( $post_id ) ) wp_die( __( 'Error in restoring from Trash.' ) ); wp_redirect( add_query_arg('untrashed', 1, $sendback) ); exit(); - break; case 'delete': check_admin_referer('delete-post_' . $post_id); @@ -306,7 +311,6 @@ case 'delete': wp_redirect( add_query_arg('deleted', 1, $sendback) ); exit(); - break; case 'preview': check_admin_referer( 'update-post_' . $post_id ); @@ -315,11 +319,9 @@ case 'preview': wp_redirect($url); exit(); - break; default: wp_redirect( admin_url('edit.php') ); exit(); - break; } // end switch include( ABSPATH . 'wp-admin/admin-footer.php' );