2003-10-26 21:34:24 +01:00
< ? php
/* <Edit> */
2004-04-20 06:15:18 +02:00
require_once ( '../wp-includes/wp-l10n.php' );
2003-10-26 21:34:24 +01:00
function add_magic_quotes ( $array ) {
2004-04-28 06:49:16 +02:00
foreach ( $array as $k => $v ) {
if ( is_array ( $v )) {
$array [ $k ] = add_magic_quotes ( $v );
} else {
$array [ $k ] = addslashes ( $v );
}
}
return $array ;
2003-10-26 21:34:24 +01:00
}
if ( ! get_magic_quotes_gpc ()) {
2004-04-28 06:49:16 +02:00
$_GET = add_magic_quotes ( $_GET );
$_POST = add_magic_quotes ( $_POST );
$_COOKIE = add_magic_quotes ( $_COOKIE );
2003-10-26 21:34:24 +01:00
}
2004-01-29 07:49:19 +01:00
$wpvarstoreset = array ( 'action' , 'safe_mode' , 'withcomments' , 'posts' , 'poststart' , 'postend' , 'content' , 'edited_post_title' , 'comment_error' , 'profile' , 'trackback_url' , 'excerpt' , 'showcomments' , 'commentstart' , 'commentend' , 'commentorder' );
2003-12-18 10:36:13 +01:00
for ( $i = 0 ; $i < count ( $wpvarstoreset ); $i += 1 ) {
2004-04-28 06:49:16 +02:00
$wpvar = $wpvarstoreset [ $i ];
if ( ! isset ( $$wpvar )) {
if ( empty ( $_POST [ " $wpvar " ])) {
if ( empty ( $_GET [ " $wpvar " ])) {
$$wpvar = '' ;
} else {
$$wpvar = $_GET [ " $wpvar " ];
}
} else {
$$wpvar = $_POST [ " $wpvar " ];
}
}
2003-10-26 21:34:24 +01:00
}
switch ( $action ) {
2004-03-23 19:02:05 +01:00
2004-04-28 06:49:16 +02:00
case 'post' :
$standalone = 1 ;
require_once ( 'admin-header.php' );
2004-07-24 05:22:49 +02:00
$post_ID = $wpdb -> get_var ( " SELECT ID FROM $wpdb->posts ORDER BY ID DESC LIMIT 1 " ) + 1 ;
2004-04-28 06:49:16 +02:00
$post_pingback = intval ( $_POST [ 'post_pingback' ]);
$content = balanceTags ( $_POST [ 'content' ]);
$content = format_to_post ( $content );
$excerpt = balanceTags ( $_POST [ 'excerpt' ]);
$excerpt = format_to_post ( $excerpt );
2004-06-11 10:02:40 +02:00
$post_title = $_POST [ 'post_title' ];
2004-04-28 06:49:16 +02:00
$post_categories = $_POST [ 'post_category' ];
$post_status = $_POST [ 'post_status' ];
2004-05-20 00:43:15 +02:00
$post_name = $_POST [ 'post_name' ];
2004-05-14 10:38:34 +02:00
if ( empty ( $post_status )) $post_status = 'draft' ;
2004-09-14 14:41:09 +02:00
// Double-check
if ( 'publish' == $post_status && 1 == $user_level && 2 != get_option ( 'new_users_can_blog' ) )
$post_status = 'draft' ;
2004-04-28 06:49:16 +02:00
$comment_status = $_POST [ 'comment_status' ];
if ( empty ( $comment_status )) $comment_status = get_settings ( 'default_comment_status' );
$ping_status = $_POST [ 'ping_status' ];
if ( empty ( $ping_status )) $ping_status = get_settings ( 'default_ping_status' );
2004-06-11 10:02:40 +02:00
$post_password = $_POST [ 'post_password' ];
2004-05-20 00:43:15 +02:00
2004-09-18 07:36:18 +02:00
if ( empty ( $post_name )) {
if ( ! empty ( $post_title )) {
$post_name = sanitize_title ( $post_title , $post_ID );
}
} else {
2004-07-24 05:22:49 +02:00
$post_name = sanitize_title ( $post_name , $post_ID );
2004-09-18 07:36:18 +02:00
}
2004-05-20 00:43:15 +02:00
2004-04-28 06:49:16 +02:00
$trackback = $_POST [ 'trackback_url' ];
// Format trackbacks
$trackback = preg_replace ( '|\s+|' , '\n' , $trackback );
2003-12-28 12:44:05 +01:00
2004-04-28 06:49:16 +02:00
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
2003-12-22 03:46:40 +01:00
2004-04-28 06:49:16 +02:00
if (( $user_level > 4 ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
2004-05-03 23:45:34 +02:00
$now = " $aa - $mm - $jj $hh : $mn : $ss " ;
2004-04-28 06:49:16 +02:00
$now_gmt = get_gmt_from_date ( " $aa - $mm - $jj $hh : $mn : $ss " );
} else {
2004-03-25 02:43:47 +01:00
$now = current_time ( 'mysql' );
$now_gmt = current_time ( 'mysql' , 1 );
2004-04-28 06:49:16 +02:00
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
// What to do based on which button they pressed
if ( '' != $_POST [ 'saveasdraft' ]) $post_status = 'draft' ;
if ( '' != $_POST [ 'saveasprivate' ]) $post_status = 'private' ;
if ( '' != $_POST [ 'publish' ]) $post_status = 'publish' ;
if ( '' != $_POST [ 'advanced' ]) $post_status = 'draft' ;
2004-08-10 07:35:59 +02:00
if ( '' != $_POST [ 'savepage' ]) $post_status = 'static' ;
2003-10-26 21:34:24 +01:00
2004-05-24 10:22:18 +02:00
$postquery = " INSERT INTO $wpdb->posts
2004-04-28 06:49:16 +02:00
( ID , post_author , post_date , post_date_gmt , post_content , post_title , post_excerpt , post_status , comment_status , ping_status , post_password , post_name , to_ping , post_modified , post_modified_gmt )
VALUES
( '0' , '$user_ID' , '$now' , '$now_gmt' , '$content' , '$post_title' , '$excerpt' , '$post_status' , '$comment_status' , '$ping_status' , '$post_password' , '$post_name' , '$trackback' , '$now' , '$now_gmt' )
" ;
2004-06-10 05:29:59 +02:00
2004-04-28 06:49:16 +02:00
$result = $wpdb -> query ( $postquery );
2003-10-26 21:34:24 +01:00
2004-05-10 10:33:03 +02:00
if ( ! empty ( $_POST [ 'mode' ])) {
switch ( $_POST [ 'mode' ]) {
case 'bookmarklet' :
$location = 'bookmarklet.php?a=b' ;
break ;
case 'sidebar' :
$location = 'sidebar.php?a=b' ;
break ;
default :
$location = 'post.php' ;
break ;
}
} else {
$location = 'post.php' ;
}
2004-05-14 10:38:34 +02:00
if ( '' != $_POST [ 'advanced' ] || isset ( $_POST [ 'save' ]) )
2004-04-28 06:49:16 +02:00
$location = " post.php?action=edit&post= $post_ID " ;
2003-10-26 21:34:24 +01:00
2004-08-10 07:35:59 +02:00
if ( '' != $_POST [ 'savepage' ] )
$location = " post.php?action=createpage " ;
2004-05-10 10:33:03 +02:00
header ( " Location: $location " ); // Send user on their way while we keep working
2003-12-05 10:41:27 +01:00
2004-04-28 06:49:16 +02:00
// Insert categories
// Check to make sure there is a category, if not just set it to some default
if ( ! $post_categories ) $post_categories [] = 1 ;
foreach ( $post_categories as $post_category ) {
// Double check it's not there already
2004-05-24 10:22:18 +02:00
$exists = $wpdb -> get_row ( " SELECT * FROM $wpdb->post2cat WHERE post_id = $post_ID AND category_id = $post_category " );
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
if ( ! $exists && $result ) {
$wpdb -> query ( "
2004-05-24 10:22:18 +02:00
INSERT INTO $wpdb -> post2cat
2004-04-28 06:49:16 +02:00
( post_id , category_id )
VALUES
( $post_ID , $post_category )
" );
}
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
add_meta ( $post_ID );
2004-09-05 04:03:51 +02:00
$wpdb -> query ( " UPDATE $wpdb->posts SET guid = ' " . get_permalink ( $post_ID ) . " ' WHERE ID = ' $post_ID ' " );
2004-04-28 06:49:16 +02:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
if ( $post_status == 'publish' ) {
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
if ( $post_pingback ) {
pingback ( $content , $post_ID );
}
do_action ( 'publish_post' , $post_ID );
// Time for trackbacks
2004-05-24 10:22:18 +02:00
$to_ping = $wpdb -> get_var ( " SELECT to_ping FROM $wpdb->posts WHERE ID = $post_ID " );
$pinged = $wpdb -> get_var ( " SELECT pinged FROM $wpdb->posts WHERE ID = $post_ID " );
2004-04-28 06:49:16 +02:00
$pinged = explode ( " \n " , $pinged );
if ( '' != $to_ping ) {
if ( strlen ( $excerpt ) > 0 ) {
$the_excerpt = ( strlen ( strip_tags ( $excerpt )) > 255 ) ? substr ( strip_tags ( $excerpt ), 0 , 252 ) . '...' : strip_tags ( $excerpt ) ;
} else {
$the_excerpt = ( strlen ( strip_tags ( $content )) > 255 ) ? substr ( strip_tags ( $content ), 0 , 252 ) . '...' : strip_tags ( $content );
}
$excerpt = stripslashes ( $the_excerpt );
$to_pings = explode ( " \n " , $to_ping );
foreach ( $to_pings as $tb_ping ) {
$tb_ping = trim ( $tb_ping );
if ( ! in_array ( $tb_ping , $pinged )) {
trackback ( $tb_ping , stripslashes ( $post_title ), $excerpt , $post_ID );
}
}
}
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
} // end if publish
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
exit ();
break ;
2003-10-26 21:34:24 +01:00
2004-04-28 06:49:16 +02:00
case 'edit' :
$title = __ ( 'Edit' );
2003-10-26 21:34:24 +01:00
2003-11-12 16:22:47 +01:00
$standalone = 0 ;
2004-04-28 06:49:16 +02:00
require_once ( 'admin-header.php' );
2004-04-30 10:56:49 +02:00
$post = $post_ID = $p = ( int ) $_GET [ 'post' ];
2004-04-28 06:49:16 +02:00
if ( $user_level > 0 ) {
2004-05-24 10:22:18 +02:00
$postdata = $wpdb -> get_row ( " SELECT * FROM $wpdb->posts WHERE ID = ' $post_ID ' " );
2004-04-30 10:56:49 +02:00
$authordata = get_userdata ( $postdata -> post_author );
2004-04-28 06:49:16 +02:00
if ( $user_level < $authordata -> user_level )
die ( 'You don’t have the right to edit <strong>' . $authordata [ 1 ] . '</strong>’s posts.' );
2004-04-30 10:56:49 +02:00
$content = $postdata -> post_content ;
2004-04-28 06:49:16 +02:00
$content = format_to_edit ( $content );
2004-04-30 10:56:49 +02:00
$excerpt = $postdata -> post_excerpt ;
2004-04-28 06:49:16 +02:00
$excerpt = format_to_edit ( $excerpt );
2004-04-30 10:56:49 +02:00
$edited_post_title = format_to_edit ( $postdata -> post_title );
$post_status = $postdata -> post_status ;
$comment_status = $postdata -> comment_status ;
$ping_status = $postdata -> ping_status ;
$post_password = $postdata -> post_password ;
$to_ping = $postdata -> to_ping ;
$pinged = $postdata -> pinged ;
$post_name = $postdata -> post_name ;
2004-04-28 06:49:16 +02:00
2004-08-10 07:35:59 +02:00
if ( $post_status == 'static' ) {
include ( 'edit-page-form.php' );
} else {
include ( 'edit-form-advanced.php' );
}
2004-04-30 10:56:49 +02:00
2004-05-24 10:22:18 +02:00
$post = $wpdb -> get_row ( " SELECT * FROM $wpdb->posts WHERE ID = ' $post_ID ' " );
2004-04-28 06:49:16 +02:00
?>
< div id = 'preview' class = 'wrap' >
< h2 >< ? php _e ( 'Post Preview (updated when post is saved)' ); ?> </h2>
< h3 class = " storytitle " id = " post-<?php the_ID(); ?> " >< a href = " <?php the_permalink() ?> " rel = " bookmark " title = " <?php printf(__( " Permanent Link : % s " ), the_title()); ?> " >< ? php the_title (); ?> </a></h3>
2004-04-30 10:56:49 +02:00
< div class = " meta " >< ? php _e ( " Filed under: " ); ?> <?php the_category(','); ?> — <?php the_author() ?> @ <?php the_time() ?></div>
2004-04-28 06:49:16 +02:00
< div class = " storycontent " >
2004-04-30 10:56:49 +02:00
< ? php
$content = apply_filters ( 'the_content' , $post -> post_content );
echo $content ;
?>
2004-04-28 06:49:16 +02:00
</ div >
</ div >
< ? php
} else {
?>
< p >< ? php printf ( __ ( ' Since you & #8217;re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
You can also < a href = " mailto:%s?subject=Promotion? " > e - mail the admin </ a > to ask for a promotion .< br />
When you & #8217;re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
</ p >
< ? php
}
break ;
case 'editpost' :
2004-04-30 10:56:49 +02:00
// die(var_dump('<pre>', $_POST));
2004-04-28 06:49:16 +02:00
$standalone = 1 ;
2003-12-11 01:22:36 +01:00
require_once ( './admin-header.php' );
2004-04-28 06:49:16 +02:00
2003-11-12 16:22:47 +01:00
if ( $user_level == 0 )
2004-04-20 06:15:18 +02:00
die ( __ ( 'Cheatin’ uh?' ));
2004-04-28 06:49:16 +02:00
if ( ! isset ( $blog_ID )) {
$blog_ID = 1 ;
}
$post_ID = $_POST [ 'post_ID' ];
$post_categories = $_POST [ 'post_category' ];
if ( ! $post_categories ) $post_categories [] = 1 ;
$content = balanceTags ( $_POST [ 'content' ]);
$content = format_to_post ( $content );
$excerpt = balanceTags ( $_POST [ 'excerpt' ]);
$excerpt = format_to_post ( $excerpt );
2004-06-11 10:02:40 +02:00
$post_title = $_POST [ 'post_title' ];
2004-04-28 06:49:16 +02:00
$prev_status = $_POST [ 'prev_status' ];
$post_status = $_POST [ 'post_status' ];
$comment_status = $_POST [ 'comment_status' ];
2004-04-30 10:56:49 +02:00
if ( empty ( $comment_status )) $comment_status = 'closed' ;
//if (!$_POST['comment_status']) $comment_status = get_settings('default_comment_status');
2004-04-28 06:49:16 +02:00
$ping_status = $_POST [ 'ping_status' ];
2004-04-30 10:56:49 +02:00
if ( empty ( $ping_status )) $ping_status = 'closed' ;
//if (!$_POST['ping_status']) $ping_status = get_settings('default_ping_status');
2004-06-11 10:02:40 +02:00
$post_password = $_POST [ 'post_password' ];
2004-08-06 03:28:51 +02:00
$post_name = $_POST [ 'post_name' ];
if ( empty ( $post_name )) {
$post_name = $post_title ;
}
2004-09-18 07:38:47 +02:00
if ( empty ( $post_name )) {
if ( ! empty ( $post_title )) {
$post_name = sanitize_title ( $post_title , $post_ID );
}
} else {
$post_name = sanitize_title ( $post_name , $post_ID );
}
2004-04-28 06:49:16 +02:00
$trackback = $_POST [ 'trackback_url' ];
// Format trackbacks
$trackback = preg_replace ( '|\s+|' , '\n' , $trackback );
2003-11-12 16:22:47 +01:00
2004-05-10 10:13:42 +02:00
if ( isset ( $_POST [ 'publish' ])) $post_status = 'publish' ;
2004-09-14 14:41:09 +02:00
// Double-check
if ( 'publish' == $post_status && 1 == $user_level && 2 != get_option ( 'new_users_can_blog' ) )
$post_status = 'draft' ;
2004-04-28 06:49:16 +02:00
if (( $user_level > 4 ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , post_date = ' $aa - $mm - $jj $hh : $mn : $ss ' " ;
2004-05-12 09:58:01 +02:00
$datemodif_gmt = " , post_date_gmt = ' " . get_gmt_from_date ( " $aa - $mm - $jj $hh : $mn : $ss " ) . " ' " ;
2004-04-28 06:49:16 +02:00
} else {
$datemodif = '' ;
$datemodif_gmt = '' ;
}
2004-05-10 10:33:03 +02:00
if ( $_POST [ 'save' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ];
} elseif ( $_POST [ 'updatemeta' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ] . '&message=2#postcustom' ;
} elseif ( $_POST [ 'deletemeta' ]) {
$location = $_SERVER [ 'HTTP_REFERER' ] . '&message=3#postcustom' ;
2004-06-14 22:09:46 +02:00
} elseif ( isset ( $_POST [ 'referredby' ]) && $_POST [ 'referredby' ] != $_SERVER [ 'HTTP_REFERER' ]) {
$location = $_POST [ 'referredby' ];
2004-05-10 10:33:03 +02:00
} else {
$location = 'post.php' ;
}
header ( 'Location: ' . $location ); // Send user on their way while we keep working
2004-04-28 06:49:16 +02:00
$now = current_time ( 'mysql' );
$now_gmt = current_time ( 'mysql' , 1 );
$result = $wpdb -> query ( "
2004-05-24 10:22:18 +02:00
UPDATE $wpdb -> posts SET
2004-04-28 06:49:16 +02:00
post_content = '$content' ,
post_excerpt = '$excerpt' ,
post_title = '$post_title' "
2004-05-12 09:58:01 +02:00
. $datemodif_gmt
2004-09-15 17:09:39 +02:00
. $datemodif . " ,
2004-04-28 06:49:16 +02:00
post_status = '$post_status' ,
comment_status = '$comment_status' ,
ping_status = '$ping_status' ,
post_password = '$post_password' ,
post_name = '$post_name' ,
to_ping = '$trackback' ,
post_modified = '$now' ,
post_modified_gmt = '$now_gmt'
WHERE ID = $post_ID " );
2004-09-14 08:54:09 +02:00
// Meta Stuff
if ( $_POST [ 'meta' ]) :
foreach ( $_POST [ 'meta' ] as $key => $value ) :
update_meta ( $key , $value [ 'key' ], $value [ 'value' ]);
endforeach ;
endif ;
if ( $_POST [ 'deletemeta' ]) :
foreach ( $_POST [ 'deletemeta' ] as $key => $value ) :
delete_meta ( $key );
endforeach ;
endif ;
add_meta ( $post_ID );
2004-04-28 06:49:16 +02:00
// Now it's category time!
// First the old categories
2004-05-24 10:22:18 +02:00
$old_categories = $wpdb -> get_col ( " SELECT category_id FROM $wpdb->post2cat WHERE post_id = $post_ID " );
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
// Delete any?
foreach ( $old_categories as $old_cat ) {
if ( ! in_array ( $old_cat , $post_categories )) // If a category was there before but isn't now
2004-05-24 10:22:18 +02:00
$wpdb -> query ( " DELETE FROM $wpdb->post2cat WHERE category_id = $old_cat AND post_id = $post_ID LIMIT 1 " );
2004-04-28 06:49:16 +02:00
}
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
// Add any?
foreach ( $post_categories as $new_cat ) {
if ( ! in_array ( $new_cat , $old_categories ))
2004-05-24 10:22:18 +02:00
$wpdb -> query ( " INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ( $post_ID , $new_cat ) " );
2004-04-28 06:49:16 +02:00
}
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
}
// are we going from draft/private to published?
2004-05-10 10:13:42 +02:00
if ( $prev_status != 'publish' && $post_status == 'publish' ) {
2004-05-12 09:55:37 +02:00
if ( $post_pingback ) {
pingback ( $content , $post_ID );
}
2004-04-28 06:49:16 +02:00
} // end if moving from draft/private to published
if ( $post_status == 'publish' ) {
do_action ( 'publish_post' , $post_ID );
2004-09-14 08:54:09 +02:00
2004-04-28 06:49:16 +02:00
// Trackback time.
2004-05-24 10:22:18 +02:00
$to_ping = trim ( $wpdb -> get_var ( " SELECT to_ping FROM $wpdb->posts WHERE ID = $post_ID " ));
$pinged = trim ( $wpdb -> get_var ( " SELECT pinged FROM $wpdb->posts WHERE ID = $post_ID " ));
2004-04-28 06:49:16 +02:00
$pinged = explode ( " \n " , $pinged );
if ( '' != $to_ping ) {
if ( strlen ( $excerpt ) > 0 ) {
$the_excerpt = ( strlen ( strip_tags ( $excerpt )) > 255 ) ? substr ( strip_tags ( $excerpt ), 0 , 252 ) . '...' : strip_tags ( $excerpt ) ;
} else {
$the_excerpt = ( strlen ( strip_tags ( $content )) > 255 ) ? substr ( strip_tags ( $content ), 0 , 252 ) . '...' : strip_tags ( $content );
}
$excerpt = stripslashes ( $the_excerpt );
$to_pings = explode ( " \n " , $to_ping );
foreach ( $to_pings as $tb_ping ) {
$tb_ping = trim ( $tb_ping );
if ( ! in_array ( $tb_ping , $pinged )) {
trackback ( $tb_ping , stripslashes ( $post_title ), $excerpt , $post_ID );
}
}
}
} // end if publish
do_action ( 'edit_post' , $post_ID );
2004-04-30 10:56:49 +02:00
exit ();
2003-11-12 16:22:47 +01:00
break ;
2003-11-06 01:34:41 +01:00
2004-04-28 06:49:16 +02:00
case 'delete' :
2003-10-26 21:34:24 +01:00
2003-11-12 16:22:47 +01:00
$standalone = 1 ;
2003-12-11 01:22:36 +01:00
require_once ( './admin-header.php' );
2003-11-12 16:22:47 +01:00
2004-05-17 21:44:53 +02:00
check_admin_referer ();
2003-11-12 16:22:47 +01:00
if ( $user_level == 0 )
2004-04-28 06:49:16 +02:00
die ( 'Cheatin’ uh?' );
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
$post_id = intval ( $_GET [ 'post' ]);
$postdata = get_postdata ( $post_id ) or die ( sprintf ( __ ( 'Oops, no post with this ID. <a href="%s">Go back</a>!' ), 'post.php' ));
$authordata = get_userdata ( $postdata [ 'Author_ID' ]);
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
if ( $user_level < $authordata -> user_level )
die ( sprintf ( __ ( 'You don’t have the right to delete <strong>%s</strong>’s posts.' ), $authordata [ 1 ]));
2004-05-24 10:22:18 +02:00
$result = $wpdb -> query ( " DELETE FROM $wpdb->posts WHERE ID= $post_id " );
2004-04-28 06:49:16 +02:00
if ( ! $result )
die ( __ ( 'Error in deleting...' ));
2003-11-12 16:22:47 +01:00
2004-05-24 10:22:18 +02:00
$result = $wpdb -> query ( " DELETE FROM $wpdb->comments WHERE comment_post_ID= $post_id " );
2003-11-12 16:22:47 +01:00
2004-05-24 10:22:18 +02:00
$categories = $wpdb -> query ( " DELETE FROM $wpdb->post2cat WHERE post_id = $post_id " );
2003-11-12 16:22:47 +01:00
2004-07-28 18:08:03 +02:00
$meta = $wpdb -> query ( " DELETE FROM $wpdb->postmeta WHERE post_id = $post_id " );
2004-04-28 06:49:16 +02:00
if ( isset ( $sleep_after_edit ) && $sleep_after_edit > 0 ) {
sleep ( $sleep_after_edit );
2003-11-12 16:22:47 +01:00
}
2004-04-28 06:49:16 +02:00
$sendback = $_SERVER [ 'HTTP_REFERER' ];
if ( strstr ( $sendback , 'post.php' )) $sendback = get_settings ( 'siteurl' ) . '/wp-admin/post.php' ;
header ( 'Location: ' . $sendback );
2004-08-28 10:54:44 +02:00
do_action ( 'delete_post' , $post_id );
2003-11-12 16:22:47 +01:00
break ;
2004-04-28 06:49:16 +02:00
case 'editcomment' :
$title = __ ( 'Edit Comment' );
2003-11-12 16:22:47 +01:00
$standalone = 0 ;
2004-04-28 06:49:16 +02:00
$parent_file = 'edit.php' ;
require_once ( 'admin-header.php' );
get_currentuserinfo ();
if ( $user_level == 0 ) {
2004-04-20 06:15:18 +02:00
die ( __ ( 'Cheatin’ uh?' ));
2004-04-28 06:49:16 +02:00
}
2004-04-21 00:56:47 +02:00
$comment = $_GET [ 'comment' ];
2004-04-28 06:49:16 +02:00
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'javascript:history.go(-1)' ));
$content = $commentdata [ 'comment_content' ];
$content = format_to_edit ( $content );
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
include ( 'edit-form-comment.php' );
break ;
case 'confirmdeletecomment' :
$standalone = 0 ;
require_once ( './admin-header.php' );
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
echo " <div class= \" wrap \" > \n " ;
2004-07-28 06:01:45 +02:00
echo " <p> " . __ ( '<strong>Caution:</strong> You are about to delete the following comment:' ) . " </p> \n " ;
2004-04-28 06:49:16 +02:00
echo " <table border= \" 0 \" > \n " ;
echo " <tr><td> " . __ ( 'Author:' ) . " </td><td> " . $commentdata [ " comment_author " ] . " </td></tr> \n " ;
2004-06-13 18:14:58 +02:00
echo " <tr><td> " . __ ( 'E-mail:' ) . " </td><td> " . $commentdata [ " comment_author_email " ] . " </td></tr> \n " ;
2004-04-28 06:49:16 +02:00
echo " <tr><td> " . __ ( 'URL:' ) . " </td><td> " . $commentdata [ " comment_author_url " ] . " </td></tr> \n " ;
echo " <tr><td> " . __ ( 'Comment:' ) . " </td><td> " . stripslashes ( $commentdata [ " comment_content " ]) . " </td></tr> \n " ;
echo " </table> \n " ;
echo " <p> " . __ ( 'Are you sure you want to do that?' ) . " </p> \n " ;
echo " <form action=' " . get_settings ( 'siteurl' ) . " /wp-admin/post.php' method='get'> \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" deletecomment \" /> \n " ;
echo " <input type= \" hidden \" name= \" p \" value= \" $p\ " /> \n " ;
echo " <input type= \" hidden \" name= \" comment \" value= \" $comment\ " /> \n " ;
echo " <input type= \" hidden \" name= \" noredir \" value= \" 1 \" /> \n " ;
echo " <input type= \" submit \" value= \" " . __ ( 'Yes' ) . " \" /> " ;
echo " " ;
echo " <input type= \" button \" value= \" " . __ ( 'No' ) . " \" onClick= \" self.location=' " . get_settings ( 'siteurl' ) . " /wp-admin/edit.php?p= $p &c=1#comments'; \" /> \n " ;
echo " </form> \n " ;
echo " </div> \n " ;
break ;
case 'deletecomment' :
$standalone = 1 ;
require_once ( './admin-header.php' );
2004-05-17 21:44:53 +02:00
check_admin_referer ();
2004-04-28 06:49:16 +02:00
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
$postdata = get_postdata ( $p ) or die ( sprintf ( __ ( 'Oops, no post with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'post.php' ));
$authordata = get_userdata ( $postdata [ 'Author_ID' ]);
if ( $user_level < $authordata -> user_level )
die ( sprintf ( __ ( 'You don’t have the right to delete <strong>%1$s</strong>’s post comments. <a href="%2$s">Go back</a>!' ), $authordata -> user_nickname , 'post.php' ));
wp_set_comment_status ( $comment , " delete " );
do_action ( 'delete_comment' , $comment );
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
break ;
case 'unapprovecomment' :
$standalone = 1 ;
require_once ( './admin-header.php' );
2004-05-17 21:44:53 +02:00
check_admin_referer ();
2004-04-28 06:49:16 +02:00
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
$commentdata = get_commentdata ( $comment ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
wp_set_comment_status ( $comment , " hold " );
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
break ;
case 'mailapprovecomment' :
$standalone = 0 ;
require_once ( './admin-header.php' );
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
$commentdata = get_commentdata ( $comment , 1 , true ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
wp_set_comment_status ( $comment , " approve " );
if ( get_settings ( " comments_notify " ) == true ) {
wp_notify_postauthor ( $comment );
}
echo " <div class= \" wrap \" > \n " ;
echo " <p> " . __ ( 'Comment has been approved.' ) . " </p> \n " ;
echo " <form action= \" " . get_settings ( 'siteurl' ) . " /wp-admin/edit.php?p= $p &c=1#comments \" method= \" get \" > \n " ;
echo " <input type= \" hidden \" name= \" p \" value= \" $p\ " /> \n " ;
echo " <input type= \" hidden \" name= \" c \" value= \" 1 \" /> \n " ;
echo " <input type= \" submit \" value= \" " . __ ( 'Ok' ) . " \" /> " ;
echo " </form> \n " ;
echo " </div> \n " ;
break ;
case 'approvecomment' :
$standalone = 1 ;
require_once ( './admin-header.php' );
if ( $user_level == 0 )
die ( __ ( 'Cheatin’ uh?' ));
2003-11-12 16:22:47 +01:00
2004-04-28 06:49:16 +02:00
$comment = $_GET [ 'comment' ];
$p = $_GET [ 'p' ];
if ( isset ( $_GET [ 'noredir' ])) {
$noredir = true ;
} else {
$noredir = false ;
}
$commentdata = get_commentdata ( $comment ) or die ( sprintf ( __ ( 'Oops, no comment with this ID. <a href="%s">Go back</a>!' ), 'edit.php' ));
wp_set_comment_status ( $comment , " approve " );
if ( get_settings ( " comments_notify " ) == true ) {
wp_notify_postauthor ( $comment );
}
if (( $_SERVER [ 'HTTP_REFERER' ] != " " ) && ( false == $noredir )) {
header ( 'Location: ' . $_SERVER [ 'HTTP_REFERER' ]);
} else {
header ( 'Location: ' . get_settings ( 'siteurl' ) . '/wp-admin/edit.php?p=' . $p . '&c=1#comments' );
}
break ;
case 'editedcomment' :
2003-11-12 16:22:47 +01:00
$standalone = 1 ;
2003-12-11 01:22:36 +01:00
require_once ( './admin-header.php' );
2004-04-28 06:49:16 +02:00
2003-11-12 16:22:47 +01:00
if ( $user_level == 0 )
2004-04-20 06:15:18 +02:00
die ( __ ( 'Cheatin’ uh?' ));
2004-04-28 06:49:16 +02:00
$comment_ID = $_POST [ 'comment_ID' ];
$comment_post_ID = $_POST [ 'comment_post_ID' ];
$newcomment_author = $_POST [ 'newcomment_author' ];
$newcomment_author_email = $_POST [ 'newcomment_author_email' ];
$newcomment_author_url = $_POST [ 'newcomment_author_url' ];
if (( $user_level > 4 ) && ( ! empty ( $_POST [ 'edit_date' ]))) {
$aa = $_POST [ 'aa' ];
$mm = $_POST [ 'mm' ];
$jj = $_POST [ 'jj' ];
$hh = $_POST [ 'hh' ];
$mn = $_POST [ 'mn' ];
$ss = $_POST [ 'ss' ];
$jj = ( $jj > 31 ) ? 31 : $jj ;
$hh = ( $hh > 23 ) ? $hh - 24 : $hh ;
$mn = ( $mn > 59 ) ? $mn - 60 : $mn ;
$ss = ( $ss > 59 ) ? $ss - 60 : $ss ;
$datemodif = " , comment_date = ' $aa - $mm - $jj $hh : $mn : $ss ' " ;
2003-11-12 16:22:47 +01:00
} else {
2004-04-28 06:49:16 +02:00
$datemodif = '' ;
2003-11-12 16:22:47 +01:00
}
2004-06-10 10:28:38 +02:00
$content = balanceTags ( $_POST [ 'content' ]);
2004-04-28 06:49:16 +02:00
$content = format_to_post ( $content );
$result = $wpdb -> query ( "
2004-05-24 10:22:18 +02:00
UPDATE $wpdb -> comments SET
2004-04-28 06:49:16 +02:00
comment_content = '$content' ,
comment_author = '$newcomment_author' ,
comment_author_email = '$newcomment_author_email' ,
comment_author_url = '$newcomment_author_url' " . $datemodif . "
WHERE comment_ID = $comment_ID "
);
$referredby = $_POST [ 'referredby' ];
if ( ! empty ( $referredby )) header ( 'Location: ' . $referredby );
else header ( " Location: edit.php?p= $comment_post_ID &c=1#comments " );
do_action ( 'edit_comment' , $comment_ID );
2003-11-12 16:22:47 +01:00
break ;
2004-04-28 06:49:16 +02:00
2004-08-10 07:35:59 +02:00
case 'createpage' :
$standalone = 0 ;
$title = __ ( 'Create New Page' );
require_once ( './admin-header.php' );
if ( $user_level > 0 ) {
$action = 'post' ;
get_currentuserinfo ();
//set defaults
$post_status = 'static' ;
$comment_status = get_settings ( 'default_comment_status' );
$ping_status = get_settings ( 'default_ping_status' );
$post_pingback = get_settings ( 'default_pingback_flag' );
include ( 'edit-page-form.php' );
} else {
?>
< div class = " wrap " >
< p >< ? php printf ( __ ( ' Since you & #8217;re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
You can also < a href = " mailto:%s?subject=Promotion? " > e - mail the admin </ a > to ask for a promotion .< br />
When you & #8217;re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
</ p >
</ div >
< ? php
}
break ;
2004-04-28 06:49:16 +02:00
default :
$standalone = 0 ;
$title = __ ( 'Create New Post' );
require_once ( './admin-header.php' );
if ( $user_level > 0 ) {
2004-05-08 01:56:33 +02:00
$action = 'post' ;
get_currentuserinfo ();
2004-05-24 10:22:18 +02:00
$drafts = $wpdb -> get_results ( " SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_ID " );
2004-05-08 01:56:33 +02:00
if ( $drafts ) {
?>
< div class = " wrap " >
< p >< strong >< ? php _e ( 'Your Drafts:' ) ?> </strong>
< ? php
$i = 0 ;
foreach ( $drafts as $draft ) {
if ( 0 != $i )
echo ', ' ;
$draft -> post_title = stripslashes ( $draft -> post_title );
if ( $draft -> post_title == '' )
$draft -> post_title = sprintf ( __ ( 'Post # %s' ), $draft -> ID );
echo " <a href='post.php?action=edit&post= $draft->ID ' title=' " . __ ( 'Edit this draft' ) . " '> $draft->post_title </a> " ;
++ $i ;
}
?> .</p>
</ div >
< ? php
}
//set defaults
2004-05-14 10:38:34 +02:00
$post_status = 'draft' ;
2004-05-08 01:56:33 +02:00
$comment_status = get_settings ( 'default_comment_status' );
$ping_status = get_settings ( 'default_ping_status' );
$post_pingback = get_settings ( 'default_pingback_flag' );
2004-09-10 08:31:19 +02:00
$default_post_cat = get_settings ( 'default_category' );
2004-05-08 01:56:33 +02:00
if ( get_settings ( 'advanced_edit' )) {
include ( 'edit-form-advanced.php' );
} else {
include ( 'edit-form.php' );
2004-04-28 06:49:16 +02:00
}
2003-12-18 18:10:20 +01:00
?>
< div class = " wrap " >
2004-04-20 06:15:18 +02:00
< ? php _e ( ' < h3 > WordPress bookmarklet </ h3 >
2004-06-11 20:23:12 +02:00
< p > You can drag the following link to your links bar or add it to your bookmarks and when you " Press it " it will open up a popup window with information and a link to the site you & #8217;re currently browsing so you can make a quick post about it. Try it out:</p>') ?>
2003-12-18 18:10:20 +01:00
< p >
2004-01-03 01:13:11 +01:00
< ? php
2004-09-05 02:24:28 +02:00
$bookmarklet_height = 420 ;
2004-01-03 01:13:11 +01:00
2003-12-18 18:10:20 +01:00
if ( $is_NS4 || $is_gecko ) {
?>
2004-08-23 10:29:14 +02:00
< a href = " javascript:if(navigator.userAgent.indexOf('Safari') >= 0) { Q=getSelection();}else { Q=document.selection?document.selection.createRange().text:document.getSelection();}void(window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title),'<?php _e('WordPress bookmarklet') ?>','scrollbars=yes,width=600,height=460,left=100,top=150,status=yes')); " >< ? php printf ( __ ( 'Press It - %s' ), htmlspecialchars ( get_settings ( 'blogname' ))); ?> </a>
2004-04-28 06:49:16 +02:00
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_winIE ) {
?>
2004-08-23 10:29:14 +02:00
< a href = " javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;void(btw=window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'<?php echo $bookmarklet_tbpb ?>&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title),'bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus(); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
2004-08-01 10:04:39 +02:00
< script type = " text/javascript " >
2003-12-18 18:10:20 +01:00
<!--
function oneclickbookmarklet ( blah ) {
2004-04-28 06:49:16 +02:00
window . open ( " profile.php?action=IErightclick " , " oneclickbookmarklet " , " width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120 " );
2003-12-18 18:10:20 +01:00
}
// -->
</ script >
2004-04-28 06:49:16 +02:00
< br />
< br />
2004-05-23 19:24:38 +02:00
< ? php _e ( 'One-click bookmarklet:' ) ?> <br />
< a href = " javascript:oneclickbookmarklet(0); " >< ? php _e ( 'click here' ) ?> </a>
2004-04-28 06:49:16 +02:00
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_opera ) {
?>
2004-04-28 06:49:16 +02:00
< a href = " javascript:void(window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes')); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
< ? php
2003-12-18 18:10:20 +01:00
} else if ( $is_macIE ) {
?>
2004-04-28 06:49:16 +02:00
< a href = " javascript:Q='';if(top.frames.length==0);void(btw=window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus(); " >< ? php printf ( __ ( 'Press it - %s' ), get_settings ( 'blogname' )); ?> </a>
< ? php
2003-12-18 18:10:20 +01:00
}
?>
</ p >
</ div >
< ? php
2004-04-28 06:49:16 +02:00
} else {
2003-10-26 21:34:24 +01:00
?>
< div class = " wrap " >
2004-06-13 18:14:58 +02:00
< p >< ? php printf ( __ ( ' Since you & #8217;re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
You can also < a href = " mailto:%s?subject=Promotion? " > e - mail the admin </ a > to ask for a promotion .< br />
When you & #8217;re promoted, just reload this page and you’ll be able to blog. :)'), get_settings('admin_email')); ?>
</ p >
2003-10-26 21:34:24 +01:00
</ div >
< ? php
2004-04-28 06:49:16 +02:00
}
2003-10-30 02:54:05 +01:00
2004-04-28 06:49:16 +02:00
break ;
2003-10-26 21:34:24 +01:00
} // end switch
/* </Edit> */
2003-12-11 01:22:36 +01:00
include ( 'admin-footer.php' );
2003-11-12 16:22:47 +01:00
?>