X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/4f9d63e13cd8c6e275797c75b401b074b82937bc..e3ff8f35458a959c1879c0a4976701ed8dcfe651:/wp-admin/press-this.php?ajax=photo_thickbox;height=400;i=%27%20%20%20encodeURIComponent%28img.src%29%20%20%20%27;u=%3C%3Fphp%20echo%20urlencode%28%24url%29;width=500
diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php
index a1a6f780..46322bc4 100644
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@@ -6,605 +6,19 @@
* @subpackage Press_This
*/
-/** WordPress Administration Bootstrap */
-require_once('./admin.php');
-header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
-
-if ( ! current_user_can('edit_posts') )
- wp_die( __( 'Cheatin’ uh?' ) );
-
-/**
- * Press It form handler.
- *
- * @package WordPress
- * @subpackage Press_This
- * @since 2.6.0
- *
- * @return int Post ID
- */
-function press_it() {
- // define some basic variables
- $quick['post_status'] = 'draft'; // set as draft first
- $quick['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : null;
- $quick['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : null;
- $quick['post_title'] = ( trim($_POST['title']) != '' ) ? $_POST['title'] : ' ';
- $quick['post_content'] = isset($_POST['post_content']) ? $_POST['post_content'] : '';
-
- // insert the post with nothing in it, to get an ID
- $post_ID = wp_insert_post($quick, true);
- if ( is_wp_error($post_ID) )
- wp_die($post_ID);
-
- $content = isset($_POST['content']) ? $_POST['content'] : '';
-
- $upload = false;
- if ( !empty($_POST['photo_src']) && current_user_can('upload_files') ) {
- foreach( (array) $_POST['photo_src'] as $key => $image) {
- // see if files exist in content - we don't want to upload non-used selected files.
- if ( strpos($_POST['content'], htmlspecialchars($image)) !== false ) {
- $desc = isset($_POST['photo_description'][$key]) ? $_POST['photo_description'][$key] : '';
- $upload = media_sideload_image($image, $post_ID, $desc);
-
- // Replace the POSTED content with correct uploaded ones. Regex contains fix for Magic Quotes
- if ( !is_wp_error($upload) )
- $content = preg_replace('/
]*)src=\\\?(\"|\')'.preg_quote(htmlspecialchars($image), '/').'\\\?(\2)([^>\/]*)\/*>/is', $upload, $content);
- }
- }
- }
- // set the post_content and status
- $quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft';
- $quick['post_content'] = $content;
- // error handling for media_sideload
- if ( is_wp_error($upload) ) {
- wp_delete_post($post_ID);
- wp_die($upload);
- } else {
- $quick['ID'] = $post_ID;
- wp_update_post($quick);
- }
- return $post_ID;
-}
-
-// For submitted posts.
-if ( isset($_REQUEST['action']) && 'post' == $_REQUEST['action'] ) {
- check_admin_referer('press-this');
- $post_ID = press_it();
- $posted = $post_ID;
-} else {
- $post_ID = 0;
-}
-
-// Set Variables
-$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
-
-$selection = '';
-if ( !empty($_GET['s']) ) {
- $selection = str_replace(''', "'", stripslashes($_GET['s']));
- $selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) );
-}
-
-if ( ! empty($selection) ) {
- $selection = preg_replace('/(\r?\n|\r)/', '
', $selection); - $selection = '
' . str_replace('
', '', $selection) . ''; -} - -$url = isset($_GET['u']) ? esc_url($_GET['u']) : ''; -$image = isset($_GET['i']) ? $_GET['i'] : ''; - -if ( !empty($_REQUEST['ajax']) ) { - switch ($_REQUEST['ajax']) { - case 'video': ?> - - - - - -
-
-
-
-
-
' . __( 'Sorry, you are not allowed to create posts as this user.' ) . '
', + 403 + ); } -?> - - > - - -