2003-10-26 21:34:24 +01:00
< ? php
2004-10-19 05:03:06 +02:00
require_once ( 'admin.php' );
2003-10-26 21:34:24 +01:00
2004-11-16 20:29:51 +01:00
$wpvarstoreset = array ( 'action' , 'safe_mode' , 'withcomments' , 'posts' , 'poststart' , 'postend' , 'content' , 'edited_post_title' , 'comment_error' , 'profile' , 'trackback_url' , 'excerpt' , 'showcomments' , 'commentstart' , 'commentend' , 'commentorder' );
2003-12-18 10:36:13 +01:00
for ( $i = 0 ; $i < count ( $wpvarstoreset ); $i += 1 ) {
2004-10-22 16:41:01 +02:00
$wpvar = $wpvarstoreset [ $i ];
if ( ! isset ( $$wpvar )) {
if ( empty ( $_POST [ " $wpvar " ])) {
if ( empty ( $_GET [ " $wpvar " ])) {
$$wpvar = '' ;
} else {
2004-04-28 06:49:16 +02:00
$$wpvar = $_GET [ " $wpvar " ];
2004-10-22 16:41:01 +02:00
}
} else {
$$wpvar = $_POST [ " $wpvar " ];
2004-04-28 06:49:16 +02:00
}
}
}
2003-10-26 21:34:24 +01:00
switch ( $action ) {
2004-04-28 06:49:16 +02:00
case 'post' :
2004-11-16 20:29:51 +01:00
if ( ! user_can_create_draft ( $user_ID ) )
2004-10-15 18:21:32 +02:00
die ( 'You are not allowed to create posts or drafts on this blog.' );
2004-10-14 09:26:41 +02:00
$post_pingback = intval ( $_POST [ 'post_pingback' ]);
$content = apply_filters ( 'content_save_pre' , $_POST [ 'content' ]);
$content = format_to_post ( $content );
$excerpt = apply_filters ( 'excerpt_save_pre' , $_POST [ 'excerpt' ]);
$excerpt = format_to_post ( $excerpt );
$post_title = $_POST [ 'post_title' ];
$post_categories = $_POST [ 'post_category' ];
$post_status = $_POST [ 'post_status' ];
$post_name = $_POST [ 'post_name' ];
$post_parent = 0 ;
2004-05-20 00:43:15 +02:00
2004-10-14 09:26:41 +02:00
if ( isset ( $_POST [ 'parent_id' ]) )
$post_parent = $_POST [ 'parent_id' ];
2004-05-20 00:43:15 +02:00
2004-10-14 09:26:41 +02:00
if ( empty ( $post_status ) )
$post_status = 'draft' ;
// Double-check
2004-10-15 18:21:32 +02:00
if ( 'publish' == $post_status && ( ! user_can_create_post ( $user_ID )) && 2 != get_option ( 'new_users_can_blog' ) )
2004-10-14 09:26:41 +02:00
$post_status = 'draft' ;
$comment_status = $_POST [ 'comment_status' ];
if ( empty ( $comment_status ) )
$comment_status = get_option ( 'default_comment_status' );
$ping_status = $_POST [ 'ping_status' ];
if ( empty ( $ping_status ) )
$ping_status = get_option ( 'default_ping_status' );
$post_password = $_POST [ 'post_password' ];
$trackback = $_POST [ 'trackback_url' ];
$trackback = preg_replace ( '|\s+|' , " \n " , $trackback );
2003-12-28 12:44:05 +01:00
2004-10-15 18:21:32 +02:00
if ( user_can_set_post_date ( $user_ID ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
2004-04-28 06:49:16 +02:00
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
2004-10-14 09:26:41 +02:00
$now = " $aa - $mm - $jj $hh : $mn : $ss " ;
$now_gmt = get_gmt_from_date ( " $aa - $mm - $jj $hh : $mn : $ss " );
2004-04-28 06:49:16 +02:00
} else {
2004-10-14 09:26:41 +02:00
$now = current_time ( 'mysql' );
$now_gmt = current_time ( 'mysql' , 1 );
2004-04-28 06:49:16 +02:00
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
// What to do based on which button they pressed
if ( '' != $_POST [ 'saveasdraft' ]) $post_status = 'draft' ;
if ( '' != $_POST [ 'saveasprivate' ]) $post_status = 'private' ;
if ( '' != $_POST [ 'publish' ]) $post_status = 'publish' ;
if ( '' != $_POST [ 'advanced' ]) $post_status = 'draft' ;
2004-08-10 07:35:59 +02:00
if ( '' != $_POST [ 'savepage' ]) $post_status = 'static' ;
2003-10-26 21:34:24 +01:00
2004-10-18 17:58:06 +02:00
$id_result = $wpdb -> get_row ( " SHOW TABLE STATUS LIKE ' $wpdb->posts ' " );
$post_ID = $id_result -> Auto_increment ;
if ( empty ( $post_name ) ) {
if ( ! empty ( $post_title ) )
$post_name = sanitize_title ( $post_title , $post_ID );
} else {
$post_name = sanitize_title ( $post_name , $post_ID );
}
2004-05-24 10:22:18 +02:00
$postquery = " INSERT INTO $wpdb->posts
2004-10-06 04:18:37 +02:00
( ID , post_author , post_date , post_date_gmt , post_content , post_title , post_excerpt , post_status , comment_status , ping_status , post_password , post_name , to_ping , post_modified , post_modified_gmt , post_parent )
2004-04-28 06:49:16 +02:00
VALUES
2004-10-14 09:26:41 +02:00
( '$post_ID' , '$user_ID' , '$now' , '$now_gmt' , '$content' , '$post_title' , '$excerpt' , '$post_status' , '$comment_status' , '$ping_status' , '$post_password' , '$post_name' , '$trackback' , '$now' , '$now_gmt' , '$post_parent' )
2004-04-28 06:49:16 +02:00
" ;
2004-06-10 05:29:59 +02:00
2004-04-28 06:49:16 +02:00
$result = $wpdb -> query ( $postquery );
2003-10-26 21:34:24 +01:00
2004-05-10 10:33:03 +02:00
if ( ! empty ( $_POST [ 'mode' ])) {
switch ( $_POST [ 'mode' ]) {
case 'bookmarklet' :
$location = 'bookmarklet.php?a=b' ;
break ;
case 'sidebar' :
$location = 'sidebar.php?a=b' ;
break ;
default :
$location = 'post.php' ;
break ;
}
} else {
2004-10-14 09:26:41 +02:00
$location = 'post.php?posted=true' ;
2004-05-10 10:33:03 +02:00
}
2004-10-14 09:26:41 +02:00
2004-11-16 20:29:51 +01:00
if ( 'static' == $_POST [ 'post_status' ] )
$location = " page-new.php?saved=true " ;
2004-05-14 10:38:34 +02:00
if ( '' != $_POST [ 'advanced' ] || isset ( $_POST [ 'save' ]) )
2004-04-28 06:49:16 +02:00
$location = " post.php?action=edit&post= $post_ID " ;
2003-10-26 21:34:24 +01:00
2004-05-10 10:33:03 +02:00
header ( " Location: $location " ); // Send user on their way while we keep working
2004-04-28 06:49:16 +02:00
// Insert categories
// Check to make sure there is a category, if not just set it to some default
2004-10-14 09:26:41 +02:00
if ( ! $post_categories ) $post_categories [] = get_option ( 'default_category' );
2004-04-28 06:49:16 +02:00
foreach ( $post_categories as $post_category ) {
// Double check it's not there already
2004-05-24 10:22:18 +02:00
$exists = $wpdb -> get_row ( " SELECT * FROM $wpdb->post2cat WHERE post_id = $post_ID AND category_id = $post_category " );
2003-10-26 21:34:24 +01:00
2004-10-14 09:26:41 +02:00
if ( ! $exists ) {
2004-04-28 06:49:16 +02:00
$wpdb -> query ( "
2004-05-24 10:22:18 +02:00
INSERT INTO $wpdb -> post2cat
2004-04-28 06:49:16 +02:00
( post_id , category_id )
VALUES
( $post_ID , $post_category )
" );
}
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
add_meta ( $post_ID );
2004-09-05 04:03:51 +02:00
$wpdb -> query ( " UPDATE $wpdb->posts SET guid = ' " . get_permalink ( $post_ID ) . " ' WHERE ID = ' $post_ID ' " );
2003-10-26 21:34:24 +01:00
2004-10-14 09:26:41 +02:00
do_action ( 'save_post' , $post_ID );
2003-10-26 21:34:24 +01:00
2004-10-14 09:26:41 +02:00
if ( 'publish' == $post_status ) {
if ( $post_pingback )
2004-04-28 06:49:16 +02:00
pingback ( $content , $post_ID );
2004-10-22 16:41:01 +02:00
do_enclose ( $content , $post_ID );
2004-10-14 09:26:41 +02:00
do_trackbacks ( $post_ID );
2004-04-28 06:49:16 +02:00
do_action ( 'publish_post' , $post_ID );
2004-10-14 09:26:41 +02:00
}
2003-10-26 21:34:24 +01:00
2004-10-12 19:54:54 +02:00
if ( $post_status == 'static' ) {
2004-10-06 04:18:37 +02:00
generate_page_rewrite_rules ();
2004-10-06 07:11:11 +02:00
add_post_meta ( $post_ID , '_wp_page_template' , $_POST [ 'page_template' ], true );
2004-10-06 04:18:37 +02:00
}
2004-10-20 23:27:40 +02:00
require_once ( 'admin-header.php' );
2004-04-28 06:49:16 +02:00
exit ();
break ;
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
case 'edit' :
$title = __ ( 'Edit' );
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
require_once ( 'admin-header.php' );
2004-04-30 10:56:49 +02:00
$post = $post_ID = $p = ( int ) $_GET [ 'post' ];
2004-04-28 06:49:16 +02:00
2004-10-15 18:21:32 +02:00
if ( ! user_can_edit_post ( $user_ID , $post_ID )) {
die ( 'You are not allowed to edit this post.' );
}
2004-10-22 16:41:01 +02:00
$postdata = $wpdb -> get_row ( " SELECT * FROM $wpdb->posts WHERE ID = ' $post_ID ' " );
$content = $postdata -> post_content ;
$content = format_to_edit ( $content );
$content = apply_filters ( 'content_edit_pre' , $content );
$excerpt = $postdata -> post_excerpt ;
$excerpt = format_to_edit ( $excerpt );
$excerpt = apply_filters ( 'excerpt_edit_pre' , $excerpt );
$edited_post_title = format_to_edit ( $postdata -> post_title );
$edited_post_title = apply_filters ( 'title_edit_pre' , $edited_post_title );
$post_status = $postdata -> post_status ;
$comment_status = $postdata -> comment_status ;
$ping_status = $postdata -> ping_status ;
$post_password = $postdata -> post_password ;
$to_ping = $postdata -> to_ping ;
$pinged = $postdata -> pinged ;
$post_name = $postdata -> post_name ;
$post_parent = $postdata -> post_parent ;
2004-11-18 20:40:36 +01:00
$post_author = $postdata -> post_author ;
2004-04-30 10:56:49 +02:00
2004-10-22 16:41:01 +02:00
if ( $post_status == 'static' ) {
$page_template = get_post_meta ( $post_ID , '_wp_page_template' , true );
include ( 'edit-page-form.php' );
} else {
include ( 'edit-form-advanced.php' );
}
$post = $wpdb -> get_row ( " SELECT * FROM $wpdb->posts WHERE ID = ' $post_ID ' " );
?>
< div id = 'preview' class = 'wrap' >
< h2 >< ? php _e ( 'Post Preview (updated when post is saved)' ); ?> </h2>
< h3 class = " storytitle " id = " post-<?php the_ID(); ?> " >< a href = " <?php the_permalink() ?> " rel = " bookmark " title = " <?php printf(__( " Permanent Link : % s " ), the_title()); ?> " >< ? php the_title (); ?> </a></h3>
< div class = " meta " >< ? php _e ( " Filed under: " ); ?> <?php the_category(','); ?> — <?php the_author() ?> @ <?php the_time() ?></div>
< div class = " storycontent " >
< ? php
$content = apply_filters ( 'the_content' , $post -> post_content );
echo $content ;
?>
</ div >
</ div >
< ? php
2004-04-28 06:49:16 +02:00
break ;
case 'editpost' :
2004-10-22 16:41:01 +02:00
// die(var_dump('<pre>', $_POST));
2004-04-28 06:49:16 +02:00
if ( ! isset ( $blog_ID )) {
$blog_ID = 1 ;
}
2004-10-15 18:21:32 +02:00
$post_ID = $_POST [ 'post_ID' ];
2004-11-18 20:40:36 +01:00
if ( ! user_can_edit_post ( $user_ID , $post_ID , $blog_ID ))
2004-10-15 18:21:32 +02:00
die ( 'You are not allowed to edit this post.' );
2004-11-18 20:40:36 +01:00
2004-10-22 16:41:01 +02:00
$post_categories = $_POST [ 'post_category' ];
if ( ! $post_categories ) $post_categories [] = 1 ;
$content = apply_filters ( 'content_save_pre' , $_POST [ 'content' ]);
$content = format_to_post ( $content );
$excerpt = apply_filters ( 'excerpt_save_pre' , $_POST [ 'excerpt' ]);
$excerpt = format_to_post ( $excerpt );
$post_title = $_POST [ 'post_title' ];
$prev_status = $_POST [ 'prev_status' ];
$post_status = $_POST [ 'post_status' ];
2004-11-21 22:28:18 +01:00
if ( ! empty ( $_POST [ 'post_author' ])) {
$post_author = ( int ) $_POST [ 'post_author' ];
} else {
$post_author = ( int ) $_POST [ 'user_ID' ];
}
2004-11-18 20:40:36 +01:00
if ( ! user_can_edit_user ( $user_ID , $post_author ) )
die ( __ ( 'You cannot post as this user.' ) );
2004-10-22 16:41:01 +02:00
$comment_status = $_POST [ 'comment_status' ];
if ( empty ( $comment_status )) $comment_status = 'closed' ;
//if (!$_POST['comment_status']) $comment_status = get_settings('default_comment_status');
2004-09-18 07:38:47 +02:00
2004-10-22 16:41:01 +02:00
$ping_status = $_POST [ 'ping_status' ];
if ( empty ( $ping_status )) $ping_status = 'closed' ;
//if (!$_POST['ping_status']) $ping_status = get_settings('default_ping_status');
$post_password = $_POST [ 'post_password' ];
$post_name = $_POST [ 'post_name' ];
if ( empty ( $post_name )) {
$post_name = $post_title ;
}
2004-10-06 04:18:37 +02:00
2004-10-22 16:41:01 +02:00
$post_parent = 0 ;
if ( isset ( $_POST [ 'parent_id' ])) {
$post_parent = $_POST [ 'parent_id' ];
}
if ( empty ( $post_name )) {
if ( ! empty ( $post_title )) {
$post_name = sanitize_title ( $post_title , $post_ID );
2004-09-18 07:38:47 +02:00
}
2004-10-22 16:41:01 +02:00
} else {
$post_name = sanitize_title ( $post_name , $post_ID );
}
2004-09-18 07:38:47 +02:00
2004-10-22 16:41:01 +02:00
$trackback = $_POST [ 'trackback_url' ];
2004-04-28 06:49:16 +02:00
// Format trackbacks
$trackback = preg_replace ( '|\s+|' , '\n' , $trackback );
2003-11-12 16:22:47 +01:00
2004-05-10 10:13:42 +02:00
if ( isset ( $_POST [ 'publish' ])) $post_status = 'publish' ;
2004-09-14 14:41:09 +02:00
// Double-check
2004-10-15 18:21:32 +02:00
if ( 'publish' == $post_status && ( ! user_can_create_post ( $user_ID )) && 2 != get_option ( 'new_users_can_blog' ) )
2004-09-14 14:41:09 +02:00
$post_status = 'draft' ;
2004-04-28 06:49:16 +02:00
2004-10-15 18:21:32 +02:00
if ( user_can_edit_post_date ( $user_ID , $post_ID ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
2004-04-28 06:49:16 +02:00
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , post_date = ' $aa - $mm - $jj $hh : $mn : $ss ' " ;
2004-05-12 09:58:01 +02:00
$datemodif_gmt = " , post_date_gmt = ' " . get_gmt_from_date ( " $aa - $mm - $jj $hh : $mn : $ss " ) . " ' " ;
2004-04-28 06:49:16 +02:00
} else {
$datemodif = '' ;
$datemodif_gmt = '' ;
}
2004-05-10 10:33:03 +02:00
if ( $_POST [ 'save' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ];
} elseif ( $_POST [ 'updatemeta' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ] . '&message=2#postcustom' ;
} elseif ( $_POST [ 'deletemeta' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ] . '&message=3#postcustom' ;
2004-06-14 22:09:46 +02:00
} elseif ( isset ( $_POST [ 'referredby' ]) && $_POST [ 'referredby' ] != $_SERVER [ 'HTTP_REFERER' ]) {
$location = $_POST [ 'referredby' ];
2004-05-10 10:33:03 +02:00
} else {
$location = 'post.php' ;
}
2004-10-14 09:34:55 +02:00
header ( 'Location: ' . $location ); // Send user on their way while we keep working
2004-05-10 10:33:03 +02:00
2004-10-22 16:41:01 +02:00
$now = current_time ( 'mysql' );
$now_gmt = current_time ( 'mysql' , 1 );
2004-04-28 06:49:16 +02:00
$result = $wpdb -> query ( "
2004-05-24 10:22:18 +02:00
UPDATE $wpdb -> posts SET
2004-04-28 06:49:16 +02:00
post_content = '$content' ,
post_excerpt = '$excerpt' ,
post_title = '$post_title' "
2004-05-12 09:58:01 +02:00
. $datemodif_gmt
2004-09-15 17:09:39 +02:00
. $datemodif . " ,
2004-04-28 06:49:16 +02:00
post_status = '$post_status' ,
comment_status = '$comment_status' ,
ping_status = '$ping_status' ,
2004-11-18 20:40:36 +01:00
post_author = '$post_author' ,
2004-04-28 06:49:16 +02:00
post_password = '$post_password' ,
post_name = '$post_name' ,
to_ping = '$trackback' ,
post_modified = '$now' ,
2004-10-06 04:18:37 +02:00
post_modified_gmt = '$now_gmt' ,
2004-10-18 14:09:20 +02:00
post_parent = '$post_parent'
2004-04-28 06:49:16 +02:00
WHERE ID = $post_ID " );
2004-09-14 08:54:09 +02:00
// Meta Stuff
if ( $_POST [ 'meta' ]) :
foreach ( $_POST [ 'meta' ] as $key => $value ) :
update_meta ( $key , $value [ 'key' ], $value [ 'value' ]);
endforeach ;
endif ;
if ( $_POST [ 'deletemeta' ]) :
foreach ( $_POST [ 'deletemeta' ] as $key => $value ) :
delete_meta ( $key );
endforeach ;
endif ;
add_meta ( $post_ID );
2004-04-28 06:49:16 +02:00
// Now it's category time!
// First the old categories
2004-05-24 10:22:18 +02:00
$old_categories = $wpdb -> get_col ( " SELECT category_id FROM $wpdb->post2cat WHERE post_id = $post_ID " );
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
// Delete any?
foreach ( $old_categories as $old_cat ) {
if ( ! in_array ( $old_cat , $post_categories )) // If a category was there before but isn't now
2004-05-24 10:22:18 +02:00
$wpdb -> query ( " DELETE FROM $wpdb->post2cat WHERE category_id = $old_cat AND post_id = $post_ID LIMIT 1 " );
2004-04-28 06:49:16 +02:00
}
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
// Add any?
foreach ( $post_categories as $new_cat ) {
if ( ! in_array ( $new_cat , $old_categories ))
2004-05-24 10:22:18 +02:00
$wpdb -> query ( " INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ( $post_ID , $new_cat ) " );
2004-04-28 06:49:16 +02:00
}
2004-10-14 09:26:41 +02:00
if ( $prev_status != 'publish' && $post_status == 'publish' )
do_action ( 'private_to_published' , $post_ID );
2004-04-28 06:49:16 +02:00
if ( $post_status == 'publish' ) {
do_action ( 'publish_post' , $post_ID );
2004-10-14 09:26:41 +02:00
do_trackbacks ( $post_ID );
2004-10-22 16:41:01 +02:00
do_enclose ( $content , $post_ID );
2004-10-14 09:26:41 +02:00
if ( get_option ( 'default_pingback_flag' ) )
pingback ( $content , $post_ID );
}
2004-04-28 06:49:16 +02:00
2004-10-12 19:54:54 +02:00
if ( $post_status == 'static' ) {
2004-10-06 04:18:37 +02:00
generate_page_rewrite_rules ();
2004-10-06 07:11:11 +02:00
if ( ! update_post_meta ( $post_ID , '_wp_page_template' , $_POST [ 'page_template' ])) {
add_post_meta ( $post_ID , '_wp_page_template' , $_POST [ 'page_template' ], true );
}
2004-10-06 04:18:37 +02:00
}
2004-04-28 06:49:16 +02:00
do_action ( 'edit_post' , $post_ID );
2004-04-30 10:56:49 +02:00
exit ();
2003-11-12 16:22:47 +01:00
break ;
2003-11-06 01:34:41 +01:00
2004-04-28 06:49:16 +02:00
case 'delete' :
2004-05-17 21:44:53 +02:00
check_admin_referer ();
2004-04-28 06:49:16 +02:00
$post_id = intval ( $_GET [ 'post' ]);
2004-10-15 18:21:32 +02:00
if ( ! user_can_delete_post ( $user_ID , $post_id )) {
die ( 'You are not allowed to delete this post.' );
}
2004-04-28 06:49:16 +02:00
2004-05-24 10:22:18 +02:00
$result = $wpdb -> query ( " DELETE FROM $wpdb->posts WHERE ID= $post_id " );
2004-04-28 06:49:16 +02:00
if ( ! $result )
die ( __ ( 'Error in deleting...' ));
2003-11-12 16:22:47 +01:00
2004-05-24 10:22:18 +02:00
$result = $wpdb -> query ( " DELETE FROM $wpdb->comments WHERE comment_post_ID= $post_id " );
2003-11-12 16:22:47 +01:00
2004-05-24 10:22:18 +02:00
$categories = $wpdb -> query ( " DELETE FROM $wpdb->post2cat WHERE post_id = $post_id " );
2003-11-12 16:22:47 +01:00
2004-10-22 16:41:01 +02:00
$meta = $wpdb -> query ( " DELETE FROM $wpdb->postmeta WHERE post_id = $post_id " );
2004-07-28 18:08:03 +02:00
2004-04-28 06:49:16 +02:00
$sendback = $_SERVER [ 'HTTP_REFERER' ];
if ( strstr ( $sendback , 'post.php' )) $sendback = get_settings ( 'siteurl' ) . '/wp-admin/post.php' ;
2004-10-05 18:22:31 +02:00
$sendback = preg_replace ( '|[^a-z0-9-~+_.?#=&;,/:]|i' , '' , $sendback );
2004-04-28 06:49:16 +02:00
header ( 'Location: ' . $sendback );
2004-08-28 10:54:44 +02:00
do_action ( 'delete_post' , $post_id );
2003-11-12 16:22:47 +01:00
break ;
2004-04-28 06:49:16 +02:00
case 'editcomment' :
$title = __ ( 'Edit Comment' );
$parent_file = 'edit.php' ;
require_once ( 'admin-header.php' );
get_currentuserinfo ();
2004-04-21 00:56:47 +02:00
$comment = $_GET [ 'comment' ];
2004-04-28 06:49:16 +02:00
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'javascript:history.go(-1)' ));
2004-10-15 18:21:32 +02:00
if ( ! user_can_edit_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to edit comments on this post.' );
}
2004-04-28 06:49:16 +02:00
$content = $commentdata [ 'comment_content' ];
$content = format_to_edit ( $content );
2004-10-12 00:13:40 +02:00
$content = apply_filters ( 'comment_edit_pre' , $content );
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
include ( 'edit-form-comment.php' );
break ;
case 'confirmdeletecomment' :
2004-10-22 16:41:01 +02:00
require_once ( './admin-header.php' );
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if ( ! user_can_delete_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to delete comments on this post.' );
}
2004-10-15 18:21:32 +02:00
2004-10-22 16:41:01 +02:00
echo " <div class= \" wrap \" > \n " ;
echo " <p> " . __ ( '<strong>Caution:</strong> You are about to delete the following comment:' ) . " </p> \n " ;
echo " <table border= \" 0 \" > \n " ;
echo " <tr><td> " . __ ( 'Author:' ) . " </td><td> " . $commentdata [ " comment_author " ] . " </td></tr> \n " ;
echo " <tr><td> " . __ ( 'E-mail:' ) . " </td><td> " . $commentdata [ " comment_author_email " ] . " </td></tr> \n " ;
echo " <tr><td> " . __ ( 'URL:' ) . " </td><td> " . $commentdata [ " comment_author_url " ] . " </td></tr> \n " ;
echo " <tr><td> " . __ ( 'Comment:' ) . " </td><td> " . stripslashes ( $commentdata [ " comment_content " ]) . " </td></tr> \n " ;
echo " </table> \n " ;
echo " <p> " . __ ( 'Are you sure you want to do that?' ) . " </p> \n " ;
echo " <form action=' " . get_settings ( 'siteurl' ) . " /wp-admin/post.php' method='get'> \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" deletecomment \" /> \n " ;
echo " <input type= \" hidden \" name= \" p \" value= \" $p\ " /> \n " ;
echo " <input type= \" hidden \" name= \" comment \" value= \" $comment\ " /> \n " ;
echo " <input type= \" hidden \" name= \" noredir \" value= \" 1 \" /> \n " ;
echo " <input type= \" submit \" value= \" " . __ ( 'Yes' ) . " \" /> " ;
echo " " ;
echo " <input type= \" button \" value= \" " . __ ( 'No' ) . " \" onClick= \" self.location=' " . get_settings ( 'siteurl' ) . " /wp-admin/edit.php?p= $p &c=1#comments'; \" /> \n " ;
echo " </form> \n " ;
echo " </div> \n " ;
break ;
2004-04-28 06:49:16 +02:00
case 'deletecomment' :
2004-10-22 16:41:01 +02:00
check_admin_referer ();
2004-05-17 21:44:53 +02:00
2004-10-22 16:41:01 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
$postdata = get_postdata ( $p ) or die ( sprintf ( __ ( 'Oops, no post with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'post.php' ));
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if ( ! user_can_delete_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to edit comments on this post.' );
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
wp_set_comment_status ( $comment , " delete " );
do_action ( 'delete_comment' , $comment );
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
clear_smarty_cache ();
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
break ;
2004-04-28 06:49:16 +02:00
case 'unapprovecomment' :
2004-10-22 16:41:01 +02:00
require_once ( './admin-header.php' );
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
check_admin_referer ();
2004-05-17 21:44:53 +02:00
2004-10-22 16:41:01 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
$commentdata = get_commentdata ( $comment ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if ( ! user_can_edit_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to edit comments on this post, so you cannot disapprove this comment.' );
}
2004-10-15 18:21:32 +02:00
2004-10-22 16:41:01 +02:00
wp_set_comment_status ( $comment , " hold " );
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
break ;
2004-04-28 06:49:16 +02:00
case 'mailapprovecomment' :
2004-10-22 16:41:01 +02:00
$comment = ( int ) $_GET [ 'comment' ];
2004-10-14 07:00:51 +02:00
2004-10-22 16:41:01 +02:00
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if ( ! user_can_edit_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to edit comments on this post, so you cannot approve this comment.' );
}
2004-10-15 18:21:32 +02:00
2004-10-22 16:41:01 +02:00
if ( '1' != $commentdata [ 'comment_approved' ]) {
wp_set_comment_status ( $comment , 'approve' );
if ( true == get_option ( 'comments_notify' ))
wp_notify_postauthor ( $comment );
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
header ( 'Location: ' . get_option ( 'siteurl' ) . '/wp-admin/moderation.php?approved=1' );
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
break ;
2004-04-28 06:49:16 +02:00
case 'approvecomment' :
2004-10-22 16:41:01 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
$commentdata = get_commentdata ( $comment ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if ( ! user_can_edit_post_comments ( $user_ID , $commentdata [ 'comment_post_id' ])) {
die ( 'You are not allowed to edit comments on this post, so you cannot approve this comment.' );
}
2004-10-15 18:21:32 +02:00
2004-10-22 16:41:01 +02:00
wp_set_comment_status ( $comment , " approve " );
if ( get_settings ( " comments_notify " ) == true ) {
wp_notify_postauthor ( $comment );
}
2004-04-28 06:49:16 +02:00
2004-10-22 16:41:01 +02:00
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
break ;
2004-04-28 06:49:16 +02:00
case 'editedcomment' :
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
$comment_ID = $_POST [ 'comment_ID' ];
$comment_post_ID = $_POST [ 'comment_post_ID' ];
$newcomment_author = $_POST [ 'newcomment_author' ];
$newcomment_author_email = $_POST [ 'newcomment_author_email' ];
$newcomment_author_url = $_POST [ 'newcomment_author_url' ];
2004-10-15 18:21:32 +02:00
if ( ! user_can_edit_post_comments ( $user_ID , $comment_post_ID )) {
die ( 'You are not allowed to edit comments on this post, so you cannot edit this comment.' );
}
if ( user_can_edit_post_date ( $user_ID , $post_ID ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
2004-04-28 06:49:16 +02:00
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , comment_date = ' $aa - $mm - $jj $hh : $mn : $ss ' " ;
2003-11-12 16:22:47 +01:00
} else {
2004-04-28 06:49:16 +02:00
$datemodif = '' ;
2003-11-12 16:22:47 +01:00
}
2004-10-12 00:07:09 +02:00
$content = apply_filters ( 'comment_save_pre' , $_POST [ 'content' ]);
2004-04-28 06:49:16 +02:00
$content = format_to_post ( $content );
$result = $wpdb -> query ( "
2004-05-24 10:22:18 +02:00
UPDATE $wpdb -> comments SET
2004-04-28 06:49:16 +02:00
comment_content = '$content' ,
comment_author = '$newcomment_author' ,
comment_author_email = '$newcomment_author_email' ,
comment_author_url = '$newcomment_author_url' " . $datemodif . "
WHERE comment_ID = $comment_ID "
);
$referredby = $_POST [ 'referredby' ];
2004-10-22 16:41:01 +02:00
if ( ! empty ( $referredby )) {
header ( 'Location: ' . $referredby );
} else {
header ( " Location: edit.php?p= $comment_post_ID &c=1#comments " );
}
2004-04-28 06:49:16 +02:00
do_action ( 'edit_comment' , $comment_ID );
2003-11-12 16:22:47 +01:00
break ;
2004-04-28 06:49:16 +02:00
default :
$title = __ ( 'Create New Post' );
require_once ( './admin-header.php' );
2004-10-15 18:21:32 +02:00
if ( user_can_create_draft ( $user_ID )) {
2004-05-08 01:56:33 +02:00
$action = 'post' ;
get_currentuserinfo ();
2004-05-24 10:22:18 +02:00
$drafts = $wpdb -> get_results ( " SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_ID " );
2004-05-08 01:56:33 +02:00
if ( $drafts ) {
?>
< div class = " wrap " >
< p >< strong >< ? php _e ( 'Your Drafts:' ) ?> </strong>
< ? php
$i = 0 ;
foreach ( $drafts as $draft ) {
if ( 0 != $i )
echo ', ' ;
$draft -> post_title = stripslashes ( $draft -> post_title );
if ( $draft -> post_title == '' )
$draft -> post_title = sprintf ( __ ( 'Post # %s' ), $draft -> ID );
echo " <a href='post.php?action=edit&post= $draft->ID ' title=' " . __ ( 'Edit this draft' ) . " '> $draft->post_title </a> " ;
++ $i ;
}
?> .</p>
</ div >
< ? php
}
//set defaults
2004-05-14 10:38:34 +02:00
$post_status = 'draft' ;
2004-05-08 01:56:33 +02:00
$comment_status = get_settings ( 'default_comment_status' );
$ping_status = get_settings ( 'default_ping_status' );
$post_pingback = get_settings ( 'default_pingback_flag' );
2004-09-10 08:31:19 +02:00
$default_post_cat = get_settings ( 'default_category' );
2004-05-08 01:56:33 +02:00
2004-10-29 17:29:36 +02:00
$content = htmlspecialchars ( $content );
2004-10-12 00:13:40 +02:00
$content = apply_filters ( 'default_content' , $content );
$edited_post_title = apply_filters ( 'default_title' , $edited_post_title );
$excerpt = apply_filters ( 'default_excerpt' , $excerpt );
2004-05-08 01:56:33 +02:00
if ( get_settings ( 'advanced_edit' )) {
include ( 'edit-form-advanced.php' );
} else {
include ( 'edit-form.php' );
2004-04-28 06:49:16 +02:00
}
2003-12-18 18:10:20 +01:00
?>
< div class = " wrap " >
2004-04-20 06:15:18 +02:00
< ? php _e ( ' < h3 > WordPress bookmarklet </ h3 >
2004-06-11 20:23:12 +02:00
< p > You can drag the following link to your links bar or add it to your bookmarks and when you " Press it " it will open up a popup window with information and a link to the site you & #8217;re currently browsing so you can make a quick post about it. Try it out:</p>') ?>
2003-12-18 18:10:20 +01:00
< p >
2004-01-03 01:13:11 +01:00
< ? php
2004-10-22 16:41:01 +02:00
$bookmarklet_height = ( get_settings ( 'use_trackback' )) ? 480 : 440 ;
2004-01-03 01:13:11 +01:00
2003-12-18 18:10:20 +01:00
if ( $is_NS4 || $is_gecko ) {
?>
2004-08-23 10:29:14 +02:00
< a href = " javascript:if(navigator.userAgent.indexOf('Safari') >= 0) { Q=getSelection();}else { Q=document.selection?document.selection.createRange().text:document.getSelection();}void(window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title),'<?php _e('WordPress bookmarklet') ?>','scrollbars=yes,width=600,height=460,left=100,top=150,status=yes')); " >< ? php printf ( __ ( 'Press It - %s' ), htmlspecialchars ( get_settings ( 'blogname' ))); ?> </a>
2004-04-28 06:49:16 +02:00
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_winIE ) {
?>
2004-08-23 10:29:14 +02:00
< a href = " javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;void(btw=window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'<?php echo $bookmarklet_tbpb ?>&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title),'bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus(); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
2004-08-01 10:04:39 +02:00
< script type = " text/javascript " >
2003-12-18 18:10:20 +01:00
<!--
function oneclickbookmarklet ( blah ) {
2004-04-28 06:49:16 +02:00
window . open ( " profile.php?action=IErightclick " , " oneclickbookmarklet " , " width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120 " );
2003-12-18 18:10:20 +01:00
}
// -->
</ script >
2004-04-28 06:49:16 +02:00
< br />
< br />
2004-05-23 19:24:38 +02:00
< ? php _e ( 'One-click bookmarklet:' ) ?> <br />
< a href = " javascript:oneclickbookmarklet(0); " >< ? php _e ( 'click here' ) ?> </a>
2004-04-28 06:49:16 +02:00
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_opera ) {
?>
2004-04-28 06:49:16 +02:00
< a href = " javascript:void(window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes')); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_macIE ) {
?>
2004-04-28 06:49:16 +02:00
< a href = " javascript:Q='';if(top.frames.length==0);void(btw=window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus(); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
< ? php
2003-12-18 18:10:20 +01:00
}
?>
</ p >
</ div >
< ? php
2004-10-22 16:41:01 +02:00
} else {
2003-10-26 21:34:24 +01:00
?>
< div class = " wrap " >
2004-10-22 16:41:01 +02:00
< p >< ? php printf ( __ ( ' Since you & #8217;re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
2004-06-13 18:14:58 +02:00
You can also < a href = " mailto:%s?subject=Promotion? " > e - mail the admin </ a > to ask for a promotion .< br />
When you & #8217;re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
2004-10-22 16:41:01 +02:00
</ p >
2003-10-26 21:34:24 +01:00
</ div >
< ? php
2004-10-22 16:41:01 +02:00
}
2003-10-30 02:54:05 +01:00
2004-04-28 06:49:16 +02:00
break ;
2003-10-26 21:34:24 +01:00
} // end switch
/* </Edit> */
2003-12-11 01:22:36 +01:00
include ( 'admin-footer.php' );
2003-11-12 16:22:47 +01:00
?>