X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/8f374b7233bc2815ccc387e448d208c5434eb961..16e7b37c7914d753890c1a05a9335f3b43751eb8:/wp-admin/edit.php diff --git a/wp-admin/edit.php b/wp-admin/edit.php index ab16be08..3b11eb71 100644 --- a/wp-admin/edit.php +++ b/wp-admin/edit.php @@ -7,19 +7,40 @@ */ /** WordPress Administration Bootstrap */ -require_once( './admin.php' ); +require_once( dirname( __FILE__ ) . '/admin.php' ); if ( ! $typenow ) - wp_die( __( 'Invalid post type' ) ); + wp_die( __( 'Invalid post type.' ) ); + +if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ) ) ) { + wp_die( __( 'Sorry, you are not allowed to edit posts in this post type.' ) ); +} + +if ( 'attachment' === $typenow ) { + if ( wp_redirect( admin_url( 'upload.php' ) ) ) { + exit; + } +} + +/** + * @global string $post_type + * @global WP_Post_Type $post_type_object + */ +global $post_type, $post_type_object; $post_type = $typenow; $post_type_object = get_post_type_object( $post_type ); if ( ! $post_type_object ) - wp_die( __( 'Invalid post type' ) ); + wp_die( __( 'Invalid post type.' ) ); -if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) - wp_die( __( 'Cheatin’ uh?' ) ); +if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) { + wp_die( + '

' . __( 'Cheatin’ uh?' ) . '

' . + '

' . __( 'Sorry, you are not allowed to edit posts in this post type.' ) . '

', + 403 + ); +} $wp_list_table = _get_list_table('WP_Posts_List_Table'); $pagenum = $wp_list_table->get_pagenum(); @@ -48,7 +69,7 @@ $doaction = $wp_list_table->current_action(); if ( $doaction ) { check_admin_referer('bulk-posts'); - $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), wp_get_referer() ); + $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'locked', 'ids'), wp_get_referer() ); if ( ! $sendback ) $sendback = admin_url( $parent_file ); $sendback = add_query_arg( 'paged', $pagenum, $sendback ); @@ -56,9 +77,12 @@ if ( $doaction ) { $sendback = admin_url($post_new_file); if ( 'delete_all' == $doaction ) { + // Prepare for deletion of all posts with a specified post status (i.e. Empty trash). $post_status = preg_replace('/[^a-z0-9_-]+/i', '', $_REQUEST['post_status']); - if ( get_post_status_object($post_status) ) // Check the post status exists first + // Validate the post status exists. + if ( get_post_status_object( $post_status ) ) { $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_type=%s AND post_status = %s", $post_type, $post_status ) ); + } $doaction = 'delete'; } elseif ( isset( $_REQUEST['media'] ) ) { $post_ids = $_REQUEST['media']; @@ -75,23 +99,30 @@ if ( $doaction ) { switch ( $doaction ) { case 'trash': - $trashed = 0; - foreach( (array) $post_ids as $post_id ) { - if ( !current_user_can($post_type_object->cap->delete_post, $post_id) ) - wp_die( __('You are not allowed to move this item to the Trash.') ); + $trashed = $locked = 0; + + foreach ( (array) $post_ids as $post_id ) { + if ( !current_user_can( 'delete_post', $post_id) ) + wp_die( __('Sorry, you are not allowed to move this item to the Trash.') ); + + if ( wp_check_post_lock( $post_id ) ) { + $locked++; + continue; + } if ( !wp_trash_post($post_id) ) wp_die( __('Error in moving to Trash.') ); $trashed++; } - $sendback = add_query_arg( array('trashed' => $trashed, 'ids' => join(',', $post_ids) ), $sendback ); + + $sendback = add_query_arg( array('trashed' => $trashed, 'ids' => join(',', $post_ids), 'locked' => $locked ), $sendback ); break; case 'untrash': $untrashed = 0; - foreach( (array) $post_ids as $post_id ) { - if ( !current_user_can($post_type_object->cap->delete_post, $post_id) ) - wp_die( __('You are not allowed to restore this item from the Trash.') ); + foreach ( (array) $post_ids as $post_id ) { + if ( !current_user_can( 'delete_post', $post_id) ) + wp_die( __('Sorry, you are not allowed to restore this item from the Trash.') ); if ( !wp_untrash_post($post_id) ) wp_die( __('Error in restoring from Trash.') ); @@ -102,18 +133,18 @@ if ( $doaction ) { break; case 'delete': $deleted = 0; - foreach( (array) $post_ids as $post_id ) { - $post_del = & get_post($post_id); + foreach ( (array) $post_ids as $post_id ) { + $post_del = get_post($post_id); - if ( !current_user_can($post_type_object->cap->delete_post, $post_id) ) - wp_die( __('You are not allowed to delete this item.') ); + if ( !current_user_can( 'delete_post', $post_id ) ) + wp_die( __('Sorry, you are not allowed to delete this item.') ); if ( $post_del->post_type == 'attachment' ) { if ( ! wp_delete_attachment($post_id) ) - wp_die( __('Error in deleting...') ); + wp_die( __('Error in deleting.') ); } else { if ( !wp_delete_post($post_id) ) - wp_die( __('Error in deleting...') ); + wp_die( __('Error in deleting.') ); } $deleted++; } @@ -131,6 +162,10 @@ if ( $doaction ) { } } break; + default: + /** This action is documented in wp-admin/edit-comments.php */ + $sendback = apply_filters( 'handle_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $post_ids ); + break; } $sendback = remove_query_arg( array('action', 'action2', 'tags_input', 'post_author', 'comment_status', 'ping_status', '_status', 'post', 'bulk_edit', 'post_view'), $sendback ); @@ -138,13 +173,14 @@ if ( $doaction ) { wp_redirect($sendback); exit(); } elseif ( ! empty($_REQUEST['_wp_http_referer']) ) { - wp_redirect( remove_query_arg( array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']) ) ); + wp_redirect( remove_query_arg( array('_wp_http_referer', '_wpnonce'), wp_unslash($_SERVER['REQUEST_URI']) ) ); exit; } $wp_list_table->prepare_items(); wp_enqueue_script('inline-edit-post'); +wp_enqueue_script('heartbeat'); $title = $post_type_object->labels->name; @@ -162,8 +198,8 @@ if ( 'post' == $post_type ) { '

' . __('You can customize the display of this screen’s contents in a number of ways:') . '

' . '' ) ); @@ -189,8 +225,8 @@ if ( 'post' == $post_type ) { get_current_screen()->set_help_sidebar( '

' . __('For more information:') . '

' . - '

' . __('Documentation on Managing Posts') . '

' . - '

' . __('Support Forums') . '

' + '

' . __('Documentation on Managing Posts') . '

' . + '

' . __('Support Forums') . '

' ); } elseif ( 'page' == $post_type ) { @@ -210,60 +246,105 @@ if ( 'post' == $post_type ) { get_current_screen()->set_help_sidebar( '

' . __('For more information:') . '

' . - '

' . __('Documentation on Managing Pages') . '

' . - '

' . __('Support Forums') . '

' + '

' . __('Documentation on Managing Pages') . '

' . + '

' . __('Support Forums') . '

' ); + } -add_screen_option( 'per_page', array('label' => $title, 'default' => 20) ); +get_current_screen()->set_screen_reader_content( array( + 'heading_views' => $post_type_object->labels->filter_items_list, + 'heading_pagination' => $post_type_object->labels->items_list_navigation, + 'heading_list' => $post_type_object->labels->items_list, +) ); + +add_screen_option( 'per_page', array( 'default' => 20, 'option' => 'edit_' . $post_type . '_per_page' ) ); + +$bulk_counts = array( + 'updated' => isset( $_REQUEST['updated'] ) ? absint( $_REQUEST['updated'] ) : 0, + 'locked' => isset( $_REQUEST['locked'] ) ? absint( $_REQUEST['locked'] ) : 0, + 'deleted' => isset( $_REQUEST['deleted'] ) ? absint( $_REQUEST['deleted'] ) : 0, + 'trashed' => isset( $_REQUEST['trashed'] ) ? absint( $_REQUEST['trashed'] ) : 0, + 'untrashed' => isset( $_REQUEST['untrashed'] ) ? absint( $_REQUEST['untrashed'] ) : 0, +); + +$bulk_messages = array(); +$bulk_messages['post'] = array( + 'updated' => _n( '%s post updated.', '%s posts updated.', $bulk_counts['updated'] ), + 'locked' => ( 1 == $bulk_counts['locked'] ) ? __( '1 post not updated, somebody is editing it.' ) : + _n( '%s post not updated, somebody is editing it.', '%s posts not updated, somebody is editing them.', $bulk_counts['locked'] ), + 'deleted' => _n( '%s post permanently deleted.', '%s posts permanently deleted.', $bulk_counts['deleted'] ), + 'trashed' => _n( '%s post moved to the Trash.', '%s posts moved to the Trash.', $bulk_counts['trashed'] ), + 'untrashed' => _n( '%s post restored from the Trash.', '%s posts restored from the Trash.', $bulk_counts['untrashed'] ), +); +$bulk_messages['page'] = array( + 'updated' => _n( '%s page updated.', '%s pages updated.', $bulk_counts['updated'] ), + 'locked' => ( 1 == $bulk_counts['locked'] ) ? __( '1 page not updated, somebody is editing it.' ) : + _n( '%s page not updated, somebody is editing it.', '%s pages not updated, somebody is editing them.', $bulk_counts['locked'] ), + 'deleted' => _n( '%s page permanently deleted.', '%s pages permanently deleted.', $bulk_counts['deleted'] ), + 'trashed' => _n( '%s page moved to the Trash.', '%s pages moved to the Trash.', $bulk_counts['trashed'] ), + 'untrashed' => _n( '%s page restored from the Trash.', '%s pages restored from the Trash.', $bulk_counts['untrashed'] ), +); + +/** + * Filters the bulk action updated messages. + * + * By default, custom post types use the messages for the 'post' post type. + * + * @since 3.7.0 + * + * @param array $bulk_messages Arrays of messages, each keyed by the corresponding post type. Messages are + * keyed with 'updated', 'locked', 'deleted', 'trashed', and 'untrashed'. + * @param array $bulk_counts Array of item counts for each message, used to build internationalized strings. + */ +$bulk_messages = apply_filters( 'bulk_post_updated_messages', $bulk_messages, $bulk_counts ); +$bulk_counts = array_filter( $bulk_counts ); -require_once('./admin-header.php'); +require_once( ABSPATH . 'wp-admin/admin-header.php' ); ?>
- -

labels->name ); ?> labels->add_new); ?> ' . __('Search results for “%s”') . '', get_search_query() ); ?> -

- - -

-labels->name ); +?> -if ( isset( $_REQUEST['locked'] ) && $locked = absint( $_REQUEST['locked'] ) ) { - $messages[] = sprintf( _n( '%s item not updated, somebody is editing it.', '%s items not updated, somebody is editing them.', $locked ), number_format_i18n( $locked ) ); +cap->create_posts ) ) { + echo ' ' . esc_html( $post_type_object->labels->add_new ) . ''; } -if ( isset( $_REQUEST['deleted'] ) && $deleted = absint( $_REQUEST['deleted'] ) ) { - $messages[] = sprintf( _n( 'Item permanently deleted.', '%s items permanently deleted.', $deleted ), number_format_i18n( $deleted ) ); +if ( isset( $_REQUEST['s'] ) && strlen( $_REQUEST['s'] ) ) { + /* translators: %s: search keywords */ + printf( ' ' . __( 'Search results for “%s”' ) . '', get_search_query() ); } +?> -if ( isset( $_REQUEST['trashed'] ) && $trashed = absint( $_REQUEST['trashed'] ) ) { - $messages[] = sprintf( _n( 'Item moved to the Trash.', '%s items moved to the Trash.', $trashed ), number_format_i18n( $trashed ) ); - $ids = isset($_REQUEST['ids']) ? $_REQUEST['ids'] : 0; - $messages[] = '' . __('Undo') . ''; -} +

-if ( isset( $_REQUEST['untrashed'] ) && $untrashed = absint( $_REQUEST['untrashed'] ) ) { - $messages[] = sprintf( _n( 'Item restored from the Trash.', '%s items restored from the Trash.', $untrashed ), number_format_i18n( $untrashed ) ); + $count ) { + if ( isset( $bulk_messages[ $post_type ][ $message ] ) ) + $messages[] = sprintf( $bulk_messages[ $post_type ][ $message ], number_format_i18n( $count ) ); + elseif ( isset( $bulk_messages['post'][ $message ] ) ) + $messages[] = sprintf( $bulk_messages['post'][ $message ], number_format_i18n( $count ) ); + + if ( $message == 'trashed' && isset( $_REQUEST['ids'] ) ) { + $ids = preg_replace( '/[^0-9,]/', '', $_REQUEST['ids'] ); + $messages[] = '' . __('Undo') . ''; + } } if ( $messages ) - echo join( ' ', $messages ); + echo '

' . join( ' ', $messages ) . '

'; unset( $messages ); $_SERVER['REQUEST_URI'] = remove_query_arg( array( 'locked', 'skipped', 'updated', 'deleted', 'trashed', 'untrashed' ), $_SERVER['REQUEST_URI'] ); ?> -

- views(); ?> -
+ search_box( $post_type_object->labels->search_items, 'post' ); ?> @@ -287,4 +368,4 @@ if ( $wp_list_table->has_items() )