X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/f9001779751f83dc8a10e478bfecb4d8dd5f964c..refs/tags/wordpress-3.7:/wp-admin/includes/bookmark.php diff --git a/wp-admin/includes/bookmark.php b/wp-admin/includes/bookmark.php index 0ed560c1..33785964 100644 --- a/wp-admin/includes/bookmark.php +++ b/wp-admin/includes/bookmark.php @@ -53,13 +53,14 @@ function edit_link( $link_id = 0 ) { * @return object Default link */ function get_default_link_to_edit() { + $link = new stdClass; if ( isset( $_GET['linkurl'] ) ) - $link->link_url = esc_url( $_GET['linkurl'] ); + $link->link_url = esc_url( wp_unslash( $_GET['linkurl'] ) ); else $link->link_url = ''; if ( isset( $_GET['name'] ) ) - $link->link_name = esc_attr( $_GET['name'] ); + $link->link_name = esc_attr( wp_unslash( $_GET['name'] ) ); else $link->link_name = ''; @@ -69,7 +70,7 @@ function get_default_link_to_edit() { } /** - * Delete link specified from database + * Delete link specified from database. * * @since 2.0.0 * @@ -78,13 +79,25 @@ function get_default_link_to_edit() { */ function wp_delete_link( $link_id ) { global $wpdb; - + /** + * Fires before a link is deleted. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link to delete. + */ do_action( 'delete_link', $link_id ); wp_delete_object_term_relationships( $link_id, 'link_category' ); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->links WHERE link_id = %d", $link_id ) ); - + $wpdb->delete( $wpdb->links, array( 'link_id' => $link_id ) ); + /** + * Fires after a link has been deleted. + * + * @since 2.2.0 + * + * @param int $link_id ID of the deleted link. + */ do_action( 'deleted_link', $link_id ); clean_bookmark_cache( $link_id ); @@ -136,7 +149,7 @@ function wp_insert_link( $linkdata, $wp_error = false ) { $linkdata = wp_parse_args( $linkdata, $defaults ); $linkdata = sanitize_bookmark( $linkdata, 'db' ); - extract( stripslashes_deep( $linkdata ), EXTR_SKIP ); + extract( wp_unslash( $linkdata ), EXTR_SKIP ); $update = false; @@ -205,11 +218,25 @@ function wp_insert_link( $linkdata, $wp_error = false ) { wp_set_link_cats( $link_id, $link_category ); - if ( $update ) + if ( $update ) { + /** + * Fires after a link was updated in the database. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link that was updated. + */ do_action( 'edit_link', $link_id ); - else + } else { + /** + * Fires after a link was added to the database. + * + * @since 2.0.0 + * + * @param int $link_id ID of the link that was added. + */ do_action( 'add_link', $link_id ); - + } clean_bookmark_cache( $link_id ); return $link_id; @@ -250,7 +277,7 @@ function wp_update_link( $linkdata ) { $link = get_bookmark( $link_id, ARRAY_A ); // Escape data pulled from DB. - $link = add_magic_quotes( $link ); + $link = wp_slash( $link ); // Passed link category list overwrites existing category list if not empty. if ( isset( $linkdata['link_category'] ) && is_array( $linkdata['link_category'] ) @@ -266,4 +293,24 @@ function wp_update_link( $linkdata ) { return wp_insert_link( $linkdata ); } -?> +/** + * @since 3.5.0 + * @access private + */ +function wp_link_manager_disabled_message() { + global $pagenow; + if ( 'link-manager.php' != $pagenow && 'link-add.php' != $pagenow && 'link.php' != $pagenow ) + return; + + add_filter( 'pre_option_link_manager_enabled', '__return_true', 100 ); + $really_can_manage_links = current_user_can( 'manage_links' ); + remove_filter( 'pre_option_link_manager_enabled', '__return_true', 100 ); + + if ( $really_can_manage_links && current_user_can( 'install_plugins' ) ) { + $link = network_admin_url( 'plugin-install.php?tab=search&s=Link+Manager' ); + wp_die( sprintf( __( 'If you are looking to use the link manager, please install the Link Manager plugin.' ), $link ) ); + } + + wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) ); +} +add_action( 'admin_page_access_denied', 'wp_link_manager_disabled_message' );