2 require_once('admin.php');
4 $wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder' );
6 for ($i=0; $i<count($wpvarstoreset); $i += 1) {
7 $wpvar = $wpvarstoreset[$i];
9 if (empty($_POST["$wpvar"])) {
10 if (empty($_GET["$wpvar"])) {
13 $$wpvar = $_GET["$wpvar"];
16 $$wpvar = $_POST["$wpvar"];
21 if (isset($_POST['deletepost'])) {
25 // Fix submenu highlighting for pages.
26 if ( isset($_REQUEST['post']) && 'static' == get_post_status($_REQUEST['post']) )
27 $submenu_file = 'page-new.php';
33 check_admin_referer('add-post');
35 $post_ID = write_post();
38 if (!empty($_POST['mode'])) {
39 switch($_POST['mode']) {
41 $location = $_POST['referredby'];
44 $location = 'sidebar.php?a=b';
47 $location = 'post.php';
51 $location = 'post.php?posted=true';
54 if ( 'static' == $_POST['post_status'] )
55 $location = "page-new.php?saved=true";
57 if ( isset($_POST['save']) )
58 $location = "post.php?action=edit&post=$post_ID";
60 wp_redirect($location);
67 require_once('admin-header.php');
69 $post_ID = $p = (int) $_GET['post'];
71 if ( !current_user_can('edit_post', $post_ID) )
72 die ( __('You are not allowed to edit this post.') );
74 $post = get_post_to_edit($post_ID);
76 if ($post->post_status == 'static')
77 include('edit-page-form.php');
79 include('edit-form-advanced.php');
82 <div id='preview' class='wrap'>
83 <h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit ↑'); ?></a></small></h2>
84 <iframe src="<?php echo add_query_arg('preview', 'true', get_permalink($post->ID)); ?>" width="100%" height="600" ></iframe>
89 case 'editattachment':
90 $post_id = (int) $_POST['post_ID'];
92 check_admin_referer('update-attachment_' . $post_id);
94 // Don't let these be changed
95 unset($_POST['guid']);
96 $_POST['post_status'] = 'attachment';
98 // Update the thumbnail filename
99 $oldmeta = $newmeta = get_post_meta($post_id, '_wp_attachment_metadata', true);
100 $newmeta['thumb'] = $_POST['thumb'];
102 if ( '' !== $oldmeta )
103 update_post_meta($post_id, '_wp_attachment_metadata', $newmeta, $oldmeta);
105 add_post_meta($post_id, '_wp_attachment_metadata', $newmeta);
108 $post_ID = (int) $_POST['post_ID'];
109 check_admin_referer('update-post_' . $post_ID);
111 $post_ID = edit_post();
114 if ( !empty($_POST['referredby']) )
115 $referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']);
116 $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer());
118 if ($_POST['save']) {
119 $location = wp_get_referer();
120 } elseif ($_POST['updatemeta']) {
121 $location = wp_get_referer() . '&message=2#postcustom';
122 } elseif ($_POST['deletemeta']) {
123 $location = wp_get_referer() . '&message=3#postcustom';
124 } elseif (!empty($referredby) && $referredby != $referer) {
125 $location = $_POST['referredby'];
126 if ( $_POST['referredby'] == 'redo' )
127 $location = get_permalink( $post_ID );
128 } elseif ($action == 'editattachment') {
129 $location = 'attachments.php';
131 $location = 'post.php';
134 wp_redirect($location); // Send user on their way while we keep working
140 $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']);
141 check_admin_referer('delete-post_' . $post_id);
143 $post = & get_post($post_id);
145 if ( !current_user_can('edit_post', $post_id) )
146 die( __('You are not allowed to delete this post.') );
148 if ( $post->post_status == 'attachment' ) {
149 if ( ! wp_delete_attachment($post_id) )
150 die( __('Error in deleting...') );
152 if ( !wp_delete_post($post_id) )
153 die( __('Error in deleting...') );
156 $sendback = wp_get_referer();
157 if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
158 elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php';
159 $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
160 wp_redirect($sendback);
164 $title = __('Edit Comment');
165 $parent_file = 'edit.php';
166 require_once ('admin-header.php');
168 get_currentuserinfo();
170 $comment = (int) $_GET['comment'];
172 if ( ! $comment = get_comment($comment) )
173 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
175 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
176 die( __('You are not allowed to edit comments on this post.') );
178 $comment = get_comment_to_edit($comment);
180 include('edit-form-comment.php');
184 case 'confirmdeletecomment':
186 require_once('./admin-header.php');
188 $comment = (int) $_GET['comment'];
189 $p = (int) $_GET['p'];
191 if ( ! $comment = get_comment($comment) )
192 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
194 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
195 die( __('You are not allowed to delete comments on this post.') );
197 echo "<div class='wrap'>\n";
198 echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n";
199 echo "<table border='0'>\n";
200 echo "<tr><td>" . __('Author:') . "</td><td>$comment->comment_author</td></tr>\n";
201 echo "<tr><td>" . __('E-mail:') . "</td><td>$comment->comment_author_email</td></tr>\n";
202 echo "<tr><td>". __('URL:') . "</td><td>$comment->comment_author_url</td></tr>\n";
203 echo "<tr><td>". __('Comment:') . "</td><td>$comment->comment_content</td></tr>\n";
205 echo "<p>" . __('Are you sure you want to do that?') . "</p>\n";
207 echo "<form action='".get_settings('siteurl')."/wp-admin/post.php' method='get'>\n";
208 echo "<input type='hidden' name='action' value='deletecomment' />\n";
209 echo "<input type='hidden' name='p' value='$p' />\n";
210 echo "<input type='hidden' name='comment' value='{$comment->comment_ID}' />\n";
211 echo "<input type='hidden' name='noredir' value='1' />\n";
212 wp_nonce_field('delete-comment_' . $comment->comment_ID);
213 echo "<input type='submit' value='" . __('Yes') . "' />";
215 echo "<input type='button' value='" . __('No') . "' onclick=\"self.location='". get_settings('siteurl') ."/wp-admin/edit.php?p=$p&c=1#comments';\" />\n";
221 case 'deletecomment':
222 $comment = (int) $_GET['comment'];
223 check_admin_referer('delete-comment_' . $comment);
225 $p = (int) $_GET['p'];
226 if (isset($_GET['noredir'])) {
232 $postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
234 if ( ! $comment = get_comment($comment) )
235 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));
237 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
238 die( __('You are not allowed to edit comments on this post.') );
240 wp_set_comment_status($comment->comment_ID, "delete");
241 do_action('delete_comment', $comment->comment_ID);
243 if ((wp_get_referer() != "") && (false == $noredir)) {
244 wp_redirect(wp_get_referer());
246 wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
251 case 'unapprovecomment':
252 $comment = (int) $_GET['comment'];
253 check_admin_referer('unapprove-comment_' . $comment);
255 $p = (int) $_GET['p'];
256 if (isset($_GET['noredir'])) {
262 if ( ! $comment = get_comment($comment) )
263 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
265 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
266 die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
268 wp_set_comment_status($comment->comment_ID, "hold");
270 if ((wp_get_referer() != "") && (false == $noredir)) {
271 wp_redirect(wp_get_referer());
273 wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
278 case 'mailapprovecomment':
279 $comment = (int) $_GET['comment'];
280 check_admin_referer('approve-comment_' . $comment);
282 if ( ! $comment = get_comment($comment) )
283 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
285 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
286 die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
288 if ('1' != $comment->comment_approved) {
289 wp_set_comment_status($comment->comment_ID, 'approve');
290 if (true == get_option('comments_notify'))
291 wp_notify_postauthor($comment->comment_ID);
294 wp_redirect(get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
298 case 'approvecomment':
299 $comment = (int) $_GET['comment'];
300 check_admin_referer('approve-comment_' . $comment);
302 $p = (int) $_GET['p'];
303 if (isset($_GET['noredir'])) {
309 if ( ! $comment = get_comment($comment) )
310 die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
312 if ( !current_user_can('edit_post', $comment->comment_post_ID) )
313 die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
315 wp_set_comment_status($comment->comment_ID, "approve");
316 if (get_settings("comments_notify") == true) {
317 wp_notify_postauthor($comment->comment_ID);
321 if ((wp_get_referer() != "") && (false == $noredir)) {
322 wp_redirect(wp_get_referer());
324 wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
329 case 'editedcomment':
331 $comment_ID = (int) $_POST['comment_ID'];
332 $comment_post_ID = (int) $_POST['comment_post_ID'];
334 check_admin_referer('update-comment_' . $comment_ID);
338 $referredby = $_POST['referredby'];
339 if (!empty($referredby)) {
340 wp_redirect($referredby);
342 wp_redirect("edit.php?p=$comment_post_ID&c=1#comments");
348 $title = __('Create New Post');
349 require_once ('./admin-header.php');
351 <?php if ( isset($_GET['posted']) ) : ?>
352 <div id="message" class="updated fade"><p><?php printf(__('Post saved. <a href="%s">View site »</a>'), get_bloginfo('home') . '/'); ?></p></div>
355 if ( current_user_can('edit_posts') ) {
357 get_currentuserinfo();
358 if ( $drafts = get_users_drafts( $user_ID ) ) {
361 <p><strong><?php _e('Your Drafts:') ?></strong>
363 $num_drafts = count($drafts);
364 if ( $num_drafts > 15 ) $num_drafts = 15;
365 for ( $i = 0; $i < $num_drafts; $i++ ) {
366 $draft = $drafts[$i];
369 $draft->post_title = stripslashes($draft->post_title);
370 if ( empty($draft->post_title) )
371 $draft->post_title = sprintf(__('Post # %s'), $draft->ID);
372 echo "<a href='post.php?action=edit&post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
375 <?php if ( 15 < count($drafts) ) { ?>
376 , <a href="edit.php"><?php echo sprintf(__('and %s more'), (count($drafts) - 15) ); ?> »</a>
383 $post = get_default_post_to_edit();
385 include('edit-form-advanced.php');
388 <?php echo '<h3>'.__('WordPress bookmarklet').'</h3>
389 <p>'.__('Right click on the following link and choose "Add to favorites" to create a posting shortcut.').'</p>'; ?>
393 if ($is_NS4 || $is_gecko) {
395 <a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press It - %s'), wp_specialchars(get_settings('blogname'))); ?></a>
397 } else if ($is_winIE) {
399 <a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
400 <script type="text/javascript">
402 function oneclickbookmarklet(blah) {
403 window.open ("profile.php?action=IErightclick", "oneclickbookmarklet", "width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120");
409 <?php _e('One-click bookmarklet:') ?><br />
410 <a href="javascript:oneclickbookmarklet(0);"><?php _e('click here') ?></a>
412 } else if ($is_opera) {
414 <a href="javascript:location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/post.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
416 } else if ($is_macIE) {
418 <a href="javascript:Q='';location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
428 <p><?php printf(__('Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
429 You can also <a href="mailto:%s?subject=Promotion?">e-mail the admin</a> to ask for a promotion.<br />
430 When you’re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
439 include('admin-footer.php');