mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 01:27:36 +01:00
Split up post and edit screens.
git-svn-id: http://svn.automattic.com/wordpress/trunk@479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
490e3288d9
commit
380a1c8c02
@ -257,7 +257,7 @@ default:
|
||||
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); /* different all the time */
|
||||
header("Cache-Control: no-cache, must-revalidate"); /* to cope with HTTP/1.1 */
|
||||
header("Pragma: no-cache");
|
||||
header("Location: wp-admin/b2edit.php");
|
||||
header("Location: wp-admin/");
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
@ -297,7 +297,7 @@ if ($error) echo "<div align=\"right\" style=\"padding:4px;\"><font color=\"#FF0
|
||||
<input type="hidden" name="popupurl" value="<?php echo $popupurl ?>" />
|
||||
<input type="hidden" name="popuptitle" value="<?php echo $popuptitle ?>" />
|
||||
<?php } ?>
|
||||
<input type="hidden" name="redirect_to" value="wp-admin/b2edit.php" />
|
||||
<input type="hidden" name="redirect_to" value="wp-admin/" />
|
||||
<input type="hidden" name="action" value="login" />
|
||||
<label>Login: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label><br />
|
||||
<label>Password: <input type="password" name="pwd" value="" size="20" tabindex="2" /></label><br />
|
||||
|
@ -79,6 +79,7 @@ switch($action) {
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_name = sanitize_title($post_title);
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
@ -101,15 +102,15 @@ switch($action) {
|
||||
|
||||
if((get_settings('use_geo_positions')) && (strlen($latstr) > 2) && (strlen($lonstr) > 2) ) {
|
||||
$postquery ="INSERT INTO $tableposts
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password)
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
|
||||
VALUES
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
|
||||
";
|
||||
} else {
|
||||
$postquery ="INSERT INTO $tableposts
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password)
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
|
||||
VALUES
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password')
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
|
||||
";
|
||||
}
|
||||
$postquery =
|
||||
@ -239,6 +240,7 @@ switch($action) {
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_name = sanitize_title($post_title);
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
@ -266,7 +268,8 @@ switch($action) {
|
||||
post_status = '$post_status',
|
||||
comment_status = '$comment_status',
|
||||
ping_status = '$ping_status',
|
||||
post_password = '$post_password'
|
||||
post_password = '$post_password',
|
||||
post_name = '$post_name'
|
||||
WHERE ID = $post_ID ");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
@ -276,7 +279,6 @@ switch($action) {
|
||||
// are we going from draft/private to published?
|
||||
if ((($prev_status == 'draft') || ($prev_status == 'private')) && ($post_status == 'publish')) {
|
||||
pingWeblogs($blog_ID);
|
||||
pingCafelog($cafelogID, $post_title, $post_ID);
|
||||
pingBlogs($blog_ID);
|
||||
|
||||
if ($post_pingback) {
|
||||
|
@ -1,4 +1,5 @@
|
||||
1 b2edit.php Post / Edit
|
||||
1 wp-post.php Post
|
||||
1 edit.php Edit
|
||||
3 b2team.php Team
|
||||
4 wp-options.php Options
|
||||
3 b2categories.php Categories
|
||||
|
342
wp-admin/edit.php
Normal file
342
wp-admin/edit.php
Normal file
@ -0,0 +1,342 @@
|
||||
<?php
|
||||
$title = 'Edit Posts';
|
||||
require_once('b2header.php');
|
||||
if (!$showposts) {
|
||||
if ($posts_per_page) {
|
||||
$showposts=$posts_per_page;
|
||||
} else {
|
||||
$showposts=10;
|
||||
$posts_per_page=$showposts;
|
||||
}
|
||||
} else {
|
||||
$posts_per_page = $showposts;
|
||||
}
|
||||
|
||||
if ((!empty($poststart)) && (!empty($postend)) && ($poststart == $postend)) {
|
||||
$p=$poststart;
|
||||
$poststart=0;
|
||||
$postend=0;
|
||||
}
|
||||
|
||||
if (!$poststart) {
|
||||
$poststart=0;
|
||||
$postend=$showposts;
|
||||
}
|
||||
|
||||
$nextXstart=$postend;
|
||||
$nextXend=$postend+$showposts;
|
||||
|
||||
$previousXstart=($poststart-$showposts);
|
||||
$previousXend=$poststart;
|
||||
if ($previousXstart < 0) {
|
||||
$previousXstart=0;
|
||||
$previousXend=$showposts;
|
||||
}
|
||||
|
||||
ob_start();
|
||||
?>
|
||||
|
||||
<div class="wrap">
|
||||
<table width="100%">
|
||||
<tr>
|
||||
<td valign="top" width="200">
|
||||
Show posts:
|
||||
</td>
|
||||
<td>
|
||||
<table cellpadding="0" cellspacing="0" border="0">
|
||||
<tr>
|
||||
<td colspan="2" align="center"><!-- show next/previous X posts -->
|
||||
<form name="previousXposts" method="get" action="">
|
||||
<?php
|
||||
if ($previousXstart > 0) {
|
||||
?>
|
||||
<input type="hidden" name="showposts" value="<?php echo $showposts; ?>" />
|
||||
<input type="hidden" name="poststart" value="<?php echo $previousXstart; ?>" />
|
||||
<input type="hidden" name="postend" value="<?php echo $previousXend; ?>" />
|
||||
<input type="submit" name="submitprevious" class="search" value="< <?php echo $showposts ?>" />
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</form>
|
||||
</td>
|
||||
<td>
|
||||
<form name="nextXposts" method="get" action="">
|
||||
<input type="hidden" name="showposts" value="<?php echo $showposts; ?>" />
|
||||
<input type="hidden" name="poststart" value="<?php echo $nextXstart; ?>" />
|
||||
<input type="hidden" name="postend" value="<?php echo $nextXend; ?>" />
|
||||
<input type="submit" name="submitnext" class="search" value="<?php echo $showposts ?> >" />
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td valign="top" width="200"><!-- show X first/last posts -->
|
||||
<form name="showXfirstlastposts" method="get" action="">
|
||||
<input type="text" name="showposts" value="<?php echo $showposts ?>" style="width:40px;" /?>
|
||||
<?php
|
||||
if (!isset($order))
|
||||
$order="DESC";
|
||||
$i = $order;
|
||||
if ($i == "DESC")
|
||||
$besp_selected = "selected='selected'";
|
||||
?>
|
||||
<select name="order">
|
||||
<option value="DESC" <?php echo $besp_selected ?>>last posts</option>
|
||||
<?php
|
||||
$besp_selected = "";
|
||||
if ($i == "ASC")
|
||||
$besp_selected = "selected='selected'";
|
||||
?>
|
||||
<option value="ASC" <?php echo $besp_selected?>>first posts</option>
|
||||
</select>
|
||||
<input type="submit" name="submitfirstlast" class="search" value="OK" />
|
||||
</form>
|
||||
</td>
|
||||
<td valign="top"><!-- show post X to post X -->
|
||||
<form name="showXfirstlastposts" method="get" action="">
|
||||
<input type="text" name="poststart" value="<?php echo $poststart ?>" style="width:40px;" /?> to <input type="text" name="postend" value="<?php echo $postend ?>" style="width:40px;" /?>
|
||||
<select name="order">
|
||||
<?php
|
||||
$besp_selected = "";
|
||||
$i = $order;
|
||||
if ($i == "DESC")
|
||||
$besp_selected = "selected='selected'";
|
||||
?>
|
||||
<option value="DESC" "<?php echo $besp_selected ?>">from the end</option>
|
||||
<?php
|
||||
$besp_selected = "";
|
||||
if ($i == "ASC")
|
||||
$besp_selected = "selected='selected'";
|
||||
?> <option value="ASC" "<?php echo $besp_selected ?>">from the start</option>
|
||||
</select>
|
||||
<input type="submit" name="submitXtoX" class="search" value="OK" />
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
$posts_nav_bar = ob_get_contents();
|
||||
ob_end_clean();
|
||||
echo $posts_nav_bar;
|
||||
?>
|
||||
|
||||
<div class="wrap">
|
||||
<table width="100%">
|
||||
<tr>
|
||||
<td valign="top" width="33%">
|
||||
<form name="searchform" action="" method="get">
|
||||
<input type="hidden" name="a" value="s" />
|
||||
<input onfocus="this.value='';" onblur="if (this.value=='') {this.value='search...';}" type="text" name="s" value="search..." size="7" style="width: 100px;" />
|
||||
<input type="submit" name="submit" value="search" class="search" />
|
||||
</form>
|
||||
</td>
|
||||
<td valign="top" width="33%" align="center">
|
||||
<form name="viewcat" action="" method="get">
|
||||
<select name="cat" style="width:140px;">
|
||||
<option value="all">All Categories</option>
|
||||
<?php
|
||||
$categories = $wpdb->get_results("SELECT * FROM $tablecategories");
|
||||
$querycount++;
|
||||
$width = ($mode=="sidebar") ? "100%" : "170px";
|
||||
foreach ($categories as $category) {
|
||||
echo "<option value=\"".$category->cat_ID."\"";
|
||||
if ($category->cat_ID == $postdata["Category"])
|
||||
echo " selected='selected'";
|
||||
echo ">".$category->cat_name."</option>";
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
<input type="submit" name="submit" value="View" class="search" />
|
||||
</form>
|
||||
</td>
|
||||
<td valign="top" width="33%" align="right">
|
||||
<form name="viewarc" action="" method="get">
|
||||
<?php
|
||||
|
||||
if ($archive_mode == "monthly") {
|
||||
echo "<select name=\"m\" style=\"width:120px;\">";
|
||||
$querycount++;
|
||||
$arc_result=$wpdb->get_results("SELECT DISTINCT YEAR(post_date), MONTH(post_date) FROM $tableposts ORDER BY post_date DESC",ARRAY_A);
|
||||
foreach ($arc_result as $arc_row) {
|
||||
$arc_year = $arc_row["YEAR(post_date)"];
|
||||
$arc_month = $arc_row["MONTH(post_date)"];
|
||||
echo "<option value=\"$arc_year".zeroise($arc_month,2)."\">";
|
||||
echo $month[zeroise($arc_month,2)]." $arc_year";
|
||||
echo "</option>\n";
|
||||
}
|
||||
} elseif ($archive_mode == "daily") {
|
||||
echo "<select name=\"d\" style=\"width:120px;\">";
|
||||
$archive_day_date_format = "Y/m/d";
|
||||
$querycount++;
|
||||
$arc_result=$wpdb->get_results("SELECT DISTINCT YEAR(post_date), MONTH(post_date), DAYOFMONTH(post_date) FROM $tableposts ORDER BY post_date DESC", ARRAY_A);
|
||||
foreach ($arc_result as $arc_row) {
|
||||
$arc_year = $arc_row["YEAR(post_date)"];
|
||||
$arc_month = $arc_row["MONTH(post_date)"];
|
||||
$arc_dayofmonth = $arc_row["DAYOFMONTH(post_date)"];
|
||||
echo "<option value=\"$arc_year".zeroise($arc_month,2).zeroise($arc_dayofmonth,2)."\">";
|
||||
echo mysql2date($archive_day_date_format, $arc_year.zeroise($arc_month,2).zeroise($arc_dayofmonth,2)." 00:00:00");
|
||||
echo "</option>\n";
|
||||
}
|
||||
} elseif ($archive_mode == "weekly") {
|
||||
echo "<select name=\"w\" style=\"width:120px;\">";
|
||||
if (!isset($start_of_week)) {
|
||||
$start_of_week = 1;
|
||||
}
|
||||
$archive_week_start_date_format = "Y/m/d";
|
||||
$archive_week_end_date_format = "Y/m/d";
|
||||
$archive_week_separator = " - ";
|
||||
$querycount++;
|
||||
$arc_result=$wpdb->geT_results("SELECT DISTINCT YEAR(post_date), MONTH(post_date), DAYOFMONTH(post_date), WEEK(post_date) FROM $tableposts ORDER BY post_date DESC", ARRAY_A);
|
||||
$arc_w_last = '';
|
||||
foreach ($arc_result as $arc_row) {
|
||||
$arc_year = $arc_row["YEAR(post_date)"];
|
||||
$arc_w = $arc_row["WEEK(post_date)"];
|
||||
if ($arc_w != $arc_w_last) {
|
||||
$arc_w_last = $arc_w;
|
||||
$arc_ymd = $arc_year."-".zeroise($arc_row["MONTH(post_date)"],2)."-" .zeroise($arc_row["DAYOFMONTH(post_date)"],2);
|
||||
$arc_week = get_weekstartend($arc_ymd, $start_of_week);
|
||||
$arc_week_start = date($archive_week_start_date_format, $arc_week['start']);
|
||||
$arc_week_end = date($archive_week_end_date_format, $arc_week['end']);
|
||||
echo "<option value=\"$arc_w\">";
|
||||
echo $arc_week_start.$archive_week_separator.$arc_week_end;
|
||||
echo "</option>\n";
|
||||
}
|
||||
}
|
||||
} elseif ($archive_mode == "postbypost") {
|
||||
echo '<input type="hidden" name="more" value="1" />';
|
||||
echo '<select name="p" style="width:120px;">';
|
||||
$querycount++;
|
||||
$resultarc = $wpdb->get_results("SELECT ID,post_date,post_title FROM $tableposts ORDER BY post_date DESC");
|
||||
foreach ($resultarc as $row) {
|
||||
if ($row->post_date != "0000-00-00 00:00:00") {
|
||||
echo "<option value=\"".$row->ID."\">";
|
||||
if (strip_tags($row->post_title)) {
|
||||
echo strip_tags(stripslashes($row->post_title));
|
||||
} else {
|
||||
echo $row->ID;
|
||||
}
|
||||
echo "</option>\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
echo "</select>";
|
||||
?>
|
||||
<input type="submit" name="submit" value="View" class="search" />
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<?php
|
||||
include($abspath.'blog.header.php');
|
||||
|
||||
if ($posts) {
|
||||
foreach ($posts as $post) { start_b2();
|
||||
?>
|
||||
<p>
|
||||
<strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments") ?></a>
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo " - <a href='wp-post.php?action=edit&post=$id";
|
||||
if ($m)
|
||||
echo "&m=$m";
|
||||
echo "'>Edit</a>";
|
||||
echo " - <a href='wp-post.php?action=delete&post=$id' onclick=\"return confirm('You are about to delete this post \'".the_title('','',0)."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ";
|
||||
}
|
||||
if ('private' == $post->post_status) echo ' - <strong>Private</strong>';
|
||||
?>
|
||||
]
|
||||
<br />
|
||||
<font color="#999999"><b><a href="<?php permalink_single($siteurl.'/'.$blogfilename); ?>" title="permalink"><?php the_title() ?></a></b> by <b><?php the_author() ?> (<a href="javascript:profile(<?php the_author_ID() ?>)"><?php the_author_nickname() ?></a>)</b>, in <b><?php the_category() ?></b></font><br />
|
||||
<?php permalink_anchor(); ?>
|
||||
<?php
|
||||
the_content();
|
||||
?>
|
||||
</p>
|
||||
<?php
|
||||
|
||||
// comments
|
||||
if (($withcomments) or ($c)) {
|
||||
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
|
||||
if ($comments) {
|
||||
?>
|
||||
|
||||
<h3>Comments</h3>
|
||||
<ol id="comments">
|
||||
<?php
|
||||
foreach ($comments as $comment) {
|
||||
?>
|
||||
|
||||
<!-- comment -->
|
||||
<li>
|
||||
<?php comment_date('Y/m/d') ?> @ <?php comment_time() ?>
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo "[ <a href=\"wp-post.php?action=editcomment&comment=".$comment->comment_ID."\">Edit</a>";
|
||||
echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ]";
|
||||
} // end if any comments to show
|
||||
?>
|
||||
<br />
|
||||
<strong><?php comment_author() ?> ( <?php comment_author_email_link() ?> / <?php comment_author_url_link() ?> )</strong> (IP: <?php comment_author_IP() ?>)
|
||||
<?php comment_text() ?>
|
||||
</li>
|
||||
<!-- /comment -->
|
||||
|
||||
<?php //end of the loop, don't delete
|
||||
} // end foreach
|
||||
echo '</ol>';
|
||||
}//end if comments
|
||||
if ($comment_error)
|
||||
echo "<p>Error: please fill the required fields (name & comment)</p>";
|
||||
?>
|
||||
|
||||
<h3>Leave Comment</h3>
|
||||
|
||||
|
||||
<!-- form to add a comment -->
|
||||
|
||||
<form action="<?php echo $siteurl.'/b2comments.post.php'?>" method="post">
|
||||
<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
|
||||
<input type="hidden" name="redirect_to" value="<?php echo $HTTP_SERVER_VARS["REQUEST_URI"]; ?>" />
|
||||
<input type="text" name="author" class="textarea" value="<?php echo $user_nickname ?>" size="20" tabindex="1" /><br />
|
||||
<input type="text" name="email" class="textarea" value="<?php echo $user_email ?>" size="20" tabindex="2" /><br />
|
||||
<input type="text" name="url" class="textarea" value="<?php echo $user_url ?>" size="20" tabindex="3" /><br />
|
||||
<textarea cols="40" rows="4" name="comment" tabindex="4" class="textarea">comment</textarea><br />
|
||||
<input type="submit" name="submit" class="buttonarea" value="ok" tabindex="5" />
|
||||
</form>
|
||||
<!-- /form -->
|
||||
|
||||
<?php // if you delete this the sky will fall on your head
|
||||
}
|
||||
?>
|
||||
<br />
|
||||
|
||||
<?php
|
||||
|
||||
} // end b2 loop
|
||||
|
||||
} else {
|
||||
|
||||
?>
|
||||
<p>
|
||||
<strong>No results found.</strong>
|
||||
</p>
|
||||
|
||||
<?php
|
||||
} // end if ($posts)
|
||||
|
||||
?>
|
||||
|
||||
</div>
|
||||
|
||||
<?php
|
||||
// uncomment this to show the nav bar at the bottom as well
|
||||
echo $posts_nav_bar;
|
||||
include('b2footer.php');
|
||||
?>
|
@ -2,5 +2,5 @@
|
||||
|
||||
/* This will possibly be more later but for now let's just redirect. */
|
||||
|
||||
header ('Location: b2edit.php');
|
||||
header ('Location: wp-post.php');
|
||||
?>
|
@ -1,4 +1,3 @@
|
||||
<p class="anchors">Go to: <a href="b2edit.php#top">Post/Edit</a> | <a href="b2edit.php#posts">Posts</a> | <a href="b2edit.php#comments">Comments</a></p>
|
||||
|
||||
<div class="wrap">
|
||||
<?php
|
||||
@ -53,7 +52,7 @@ switch($action) {
|
||||
|
||||
?>
|
||||
|
||||
<form name="post" action="b2edit.php" method="post" id="post">
|
||||
<form name="post" action="wp-post.php" method="post" id="post">
|
||||
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
|
||||
<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
|
||||
|
||||
@ -205,7 +204,9 @@ if (get_settings('use_geo_positions')) {
|
||||
<?php echo $form_pingback ?>
|
||||
<?php echo $form_prevstatus ?>
|
||||
|
||||
<p><input type="submit" name="submit" value="<?php echo $submitbutton_text ?>" class="search" style="font-weight: bold;" tabindex="6" /></p>
|
||||
<p><input type="submit" name="submit" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
|
||||
<input name="referredby" type="hidden" id="referredby" value="<?php echo $HTTP_SERVER_VARS['HTTP_REFERER']; ?>" />
|
||||
</p>
|
||||
|
||||
|
||||
<?php if ( ($use_fileupload) && ($user_level >= $fileupload_minlevel) && (in_array($user_login, $allowed_users) || (trim($fileupload_allowedusers)=="")) ) { ?>
|
||||
|
467
wp-admin/wp-post.php
Normal file
467
wp-admin/wp-post.php
Normal file
@ -0,0 +1,467 @@
|
||||
<?php
|
||||
/* <Edit> */
|
||||
|
||||
function add_magic_quotes($array) {
|
||||
foreach ($array as $k => $v) {
|
||||
if (is_array($v)) {
|
||||
$array[$k] = add_magic_quotes($v);
|
||||
} else {
|
||||
$array[$k] = addslashes($v);
|
||||
}
|
||||
}
|
||||
return $array;
|
||||
}
|
||||
|
||||
if (!get_magic_quotes_gpc()) {
|
||||
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
|
||||
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
|
||||
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
|
||||
}
|
||||
|
||||
$b2varstoreset = array('action', 'safe_mode', 'withcomments', 'c', 'posts', 'poststart', 'postend', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder');
|
||||
|
||||
for ($i=0; $i<count($b2varstoreset); $i += 1) {
|
||||
$b2var = $b2varstoreset[$i];
|
||||
if (!isset($$b2var)) {
|
||||
if (empty($HTTP_POST_VARS["$b2var"])) {
|
||||
if (empty($HTTP_GET_VARS["$b2var"])) {
|
||||
$$b2var = '';
|
||||
} else {
|
||||
$$b2var = $HTTP_GET_VARS["$b2var"];
|
||||
}
|
||||
} else {
|
||||
$$b2var = $HTTP_POST_VARS["$b2var"];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
switch($action) {
|
||||
|
||||
case 'post':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('b2header.php');
|
||||
|
||||
$post_pingback = intval($HTTP_POST_VARS['post_pingback']);
|
||||
$content = balanceTags($HTTP_POST_VARS['content']);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS['post_title']);
|
||||
$post_category = intval($HTTP_POST_VARS['post_category']);
|
||||
if(get_settings('use_geo_positions')) {
|
||||
$latstr = $HTTP_POST_VARS['post_latf'];
|
||||
$lonstr = $HTTP_POST_VARS['post_lonf'];
|
||||
if((strlen($latstr) > 2) && (strlen($lonstr) > 2 ) ) {
|
||||
$post_latf = floatval($HTTP_POST_VARS['post_latf']);
|
||||
$post_lonf = floatval($HTTP_POST_VARS['post_lonf']);
|
||||
}
|
||||
}
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_name = sanitize_title($post_title);
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
$ss = ($ss > 59) ? $ss - 60 : $ss;
|
||||
$now = "$aa-$mm-$jj $hh:$mn:$ss";
|
||||
} else {
|
||||
$now = date('Y-m-d H:i:s', (time() + ($time_difference * 3600)));
|
||||
}
|
||||
|
||||
if((get_settings('use_geo_positions')) && (strlen($latstr) > 2) && (strlen($lonstr) > 2) ) {
|
||||
$postquery ="INSERT INTO $tableposts
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_lat, post_lon, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
|
||||
VALUES
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category',$post_latf,$post_lonf,'$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
|
||||
";
|
||||
} else {
|
||||
$postquery ="INSERT INTO $tableposts
|
||||
(ID, post_author, post_date, post_content, post_title, post_category, post_excerpt, post_status, comment_status, ping_status, post_password, post_name)
|
||||
VALUES
|
||||
('0','$user_ID','$now','$content','$post_title','$post_category','$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name')
|
||||
";
|
||||
}
|
||||
$postquery =
|
||||
$result = $wpdb->query($postquery);
|
||||
|
||||
$post_ID = $wpdb->get_var("SELECT ID FROM $tableposts ORDER BY ID DESC LIMIT 1");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
sleep($sleep_after_edit);
|
||||
}
|
||||
|
||||
if ($post_status == 'publish') {
|
||||
if((get_settings('use_geo_positions')) && ($post_latf != null) && ($post_lonf != null)) {
|
||||
pingGeoUrl($post_ID);
|
||||
}
|
||||
pingWeblogs($blog_ID);
|
||||
pingBlogs($blog_ID);
|
||||
|
||||
if ($post_pingback) {
|
||||
pingback($content, $post_ID);
|
||||
}
|
||||
|
||||
if (!empty($HTTP_POST_VARS['trackback_url'])) {
|
||||
if (strlen($excerpt) > 0) {
|
||||
$the_excerpt = (strlen(strip_tags($excerpt)) > 255) ? substr(strip_tags($excerpt), 0, 252) . '...' : strip_tags($excerpt) ;
|
||||
} else {
|
||||
$the_excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
|
||||
}
|
||||
$excerpt = stripslashes($the_excerpt);
|
||||
$trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
|
||||
foreach($trackback_urls as $tb_url) {
|
||||
$tb_url = trim($tb_url);
|
||||
trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID);
|
||||
}
|
||||
}
|
||||
} // end if publish
|
||||
|
||||
if (!empty($HTTP_POST_VARS['mode'])) {
|
||||
switch($HTTP_POST_VARS['mode']) {
|
||||
case 'bookmarklet':
|
||||
$location = 'b2bookmarklet.php?a=b';
|
||||
break;
|
||||
case 'sidebar':
|
||||
$location = 'b2sidebar.php?a=b';
|
||||
break;
|
||||
default:
|
||||
$location = 'wp-post.php';
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
$location = 'wp-post.php';
|
||||
}
|
||||
header("Location: $location");
|
||||
exit();
|
||||
break;
|
||||
|
||||
case 'edit':
|
||||
$title = 'Edit';
|
||||
|
||||
$standalone = 0;
|
||||
require_once('b2header.php');
|
||||
|
||||
$post = $HTTP_GET_VARS['post'];
|
||||
if ($user_level > 0) {
|
||||
$postdata = get_postdata($post);
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to edit <strong>'.$authordata[1].'</strong>’s posts.');
|
||||
|
||||
$content = $postdata['Content'];
|
||||
$content = format_to_edit($content);
|
||||
$edited_lat = $postdata["Lat"];
|
||||
$edited_lon = $postdata["Lon"];
|
||||
$excerpt = $postdata['Excerpt'];
|
||||
$excerpt = format_to_edit($excerpt);
|
||||
$edited_post_title = format_to_edit($postdata['Title']);
|
||||
$post_status = $postdata['post_status'];
|
||||
$comment_status = $postdata['comment_status'];
|
||||
$ping_status = $postdata['ping_status'];
|
||||
$post_password = $postdata['post_password'];
|
||||
|
||||
include('wp-edit.form.php');
|
||||
} else {
|
||||
?>
|
||||
<p>Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1,
|
||||
in order to be authorized to post.<br />
|
||||
You can also <a href="mailto:<?php echo $admin_email ?>?subject=Promotion?">e-mail the admin</a>
|
||||
to ask for a promotion.<br />
|
||||
When you’re promoted, just reload this page and you’ll be able to blog. :)
|
||||
</p>
|
||||
<?php
|
||||
}
|
||||
break;
|
||||
|
||||
case 'editpost':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
if (!isset($blog_ID)) {
|
||||
$blog_ID = 1;
|
||||
}
|
||||
$post_ID = $HTTP_POST_VARS['post_ID'];
|
||||
$post_category = intval($HTTP_POST_VARS['post_category']);
|
||||
$post_autobr = intval($HTTP_POST_VARS['post_autobr']);
|
||||
$content = balanceTags($HTTP_POST_VARS['content']);
|
||||
$content = format_to_post($content);
|
||||
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
|
||||
$excerpt = format_to_post($excerpt);
|
||||
$post_title = addslashes($HTTP_POST_VARS['post_title']);
|
||||
if(get_settings('use_geo_positions')) {
|
||||
$latf = floatval($HTTP_POST_VARS["post_latf"]);
|
||||
$lonf = floatval($HTTP_POST_VARS["post_lonf"]);
|
||||
$latlonaddition = "";
|
||||
if( ($latf != null) && ($latf <= 90 ) && ($latf >= -90) && ($lonf != null) && ($lonf <= 360) && ($lonf >= -360) ) {
|
||||
pingGeoUrl($post_ID);
|
||||
$latlonaddition = " post_lat=".$latf.", post_lon =".$lonf.", ";
|
||||
} else {
|
||||
$latlonaddition = " post_lat=null, post_lon=null, ";
|
||||
}
|
||||
}
|
||||
$post_status = $HTTP_POST_VARS['post_status'];
|
||||
$prev_status = $HTTP_POST_VARS['prev_status'];
|
||||
$comment_status = $HTTP_POST_VARS['comment_status'];
|
||||
$ping_status = $HTTP_POST_VARS['ping_status'];
|
||||
$post_password = addslashes($HTTP_POST_VARS['post_password']);
|
||||
$post_name = sanitize_title($post_title);
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
$ss = ($ss > 59) ? $ss - 60 : $ss;
|
||||
$datemodif = ", post_date=\"$aa-$mm-$jj $hh:$mn:$ss\"";
|
||||
} else {
|
||||
$datemodif = '';
|
||||
}
|
||||
|
||||
$result = $wpdb->query("
|
||||
UPDATE $tableposts SET
|
||||
post_content = '$content',
|
||||
post_excerpt = '$excerpt',
|
||||
post_title = '$post_title',
|
||||
post_category = '$post_category'".$datemodif.",
|
||||
".$latlonaddition."
|
||||
post_status = '$post_status',
|
||||
comment_status = '$comment_status',
|
||||
ping_status = '$ping_status',
|
||||
post_password = '$post_password',
|
||||
post_name = '$post_name'
|
||||
WHERE ID = $post_ID ");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
sleep($sleep_after_edit);
|
||||
}
|
||||
|
||||
// are we going from draft/private to published?
|
||||
if ((($prev_status == 'draft') || ($prev_status == 'private')) && ($post_status == 'publish')) {
|
||||
pingWeblogs($blog_ID);
|
||||
pingBlogs($blog_ID);
|
||||
|
||||
if ($post_pingback) {
|
||||
pingback($content, $post_ID);
|
||||
}
|
||||
|
||||
if (!empty($HTTP_POST_VARS['trackback_url'])) {
|
||||
$excerpt = (strlen(strip_tags($content)) > 255) ? substr(strip_tags($content), 0, 252) . '...' : strip_tags($content);
|
||||
$excerpt = stripslashes($excerpt);
|
||||
$trackback_urls = explode(',', $HTTP_POST_VARS['trackback_url']);
|
||||
foreach($trackback_urls as $tb_url) {
|
||||
$tb_url = trim($tb_url);
|
||||
trackback($tb_url, stripslashes($post_title), $excerpt, $post_ID);
|
||||
}
|
||||
}
|
||||
} // end if publish
|
||||
|
||||
$location = "Location: wp-post.php";
|
||||
header ($location);
|
||||
break;
|
||||
|
||||
case 'delete':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$post = $HTTP_GET_VARS['post'];
|
||||
$postdata = get_postdata($post) or die('Oops, no post with this ID. <a href="b2edit.php">Go back</a>!');
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to delete <strong>'.$authordata[1].'</strong>’s posts.');
|
||||
|
||||
// send geoURL ping to "erase" from their DB
|
||||
$query = "SELECT post_lat from $tableposts WHERE ID=$post";
|
||||
$rows = $wpdb->query($query);
|
||||
$myrow = $rows[0];
|
||||
$latf = $myrow->post_lat;
|
||||
if($latf != null ) {
|
||||
pingGeoUrl($post);
|
||||
}
|
||||
|
||||
$result = $wpdb->query("DELETE FROM $tableposts WHERE ID=$post");
|
||||
if (!$result)
|
||||
die('Error in deleting... contact the <a href="mailto:$admin_email">webmaster</a>.');
|
||||
|
||||
$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_post_ID=$post");
|
||||
|
||||
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
|
||||
sleep($sleep_after_edit);
|
||||
}
|
||||
|
||||
// pingWeblogs($blog_ID);
|
||||
|
||||
header ('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
|
||||
break;
|
||||
|
||||
case 'editcomment':
|
||||
$title = 'Edit Comment';
|
||||
$standalone = 0;
|
||||
require_once ('b2header.php');
|
||||
|
||||
get_currentuserinfo();
|
||||
|
||||
if ($user_level == 0) {
|
||||
die ('Cheatin’ uh?');
|
||||
}
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');
|
||||
$content = $commentdata['comment_content'];
|
||||
$content = format_to_edit($content);
|
||||
|
||||
include('wp-edit.form.php');
|
||||
|
||||
break;
|
||||
|
||||
case 'deletecomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="b2edit.php">Go back</a>!');
|
||||
|
||||
$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
|
||||
|
||||
header ('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
|
||||
break;
|
||||
|
||||
case 'editedcomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment_ID = $HTTP_POST_VARS['comment_ID'];
|
||||
$comment_post_ID = $HTTP_POST_VARS['comment_post_ID'];
|
||||
$newcomment_author = $HTTP_POST_VARS['newcomment_author'];
|
||||
$newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email'];
|
||||
$newcomment_author_url = $HTTP_POST_VARS['newcomment_author_url'];
|
||||
$newcomment_author = addslashes($newcomment_author);
|
||||
$newcomment_author_email = addslashes($newcomment_author_email);
|
||||
$newcomment_author_url = addslashes($newcomment_author_url);
|
||||
|
||||
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
|
||||
$aa = $HTTP_POST_VARS['aa'];
|
||||
$mm = $HTTP_POST_VARS['mm'];
|
||||
$jj = $HTTP_POST_VARS['jj'];
|
||||
$hh = $HTTP_POST_VARS['hh'];
|
||||
$mn = $HTTP_POST_VARS['mn'];
|
||||
$ss = $HTTP_POST_VARS['ss'];
|
||||
$jj = ($jj > 31) ? 31 : $jj;
|
||||
$hh = ($hh > 23) ? $hh - 24 : $hh;
|
||||
$mn = ($mn > 59) ? $mn - 60 : $mn;
|
||||
$ss = ($ss > 59) ? $ss - 60 : $ss;
|
||||
$datemodif = ", comment_date = 'aa-$mm-$jj $hh:$mn:$ss'";
|
||||
} else {
|
||||
$datemodif = '';
|
||||
}
|
||||
$content = balanceTags($content);
|
||||
$content = format_to_post($content);
|
||||
|
||||
$result = $wpdb->query("
|
||||
UPDATE $tablecomments SET
|
||||
comment_content = '$content',
|
||||
comment_author = '$newcomment_author',
|
||||
comment_author_email = '$newcomment_author_email',
|
||||
comment_author_url = '$newcomment_author_url'".$datemodif."
|
||||
WHERE comment_ID = $comment_ID"
|
||||
);
|
||||
|
||||
$referredby = $HTTP_SERVER_VARS['HTTP_REFERER'];
|
||||
if (!empty($referredby)) header('Location: ' . $referredby);
|
||||
else header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
$title = 'Create New Post';
|
||||
$standalone = 0;
|
||||
require_once ('./b2header.php');
|
||||
|
||||
if ($user_level > 0) {
|
||||
if ((!$withcomments) && (!$c)) {
|
||||
|
||||
$action = 'post';
|
||||
get_currentuserinfo();
|
||||
$drafts = $wpdb->get_results("SELECT ID, post_title FROM $tableposts WHERE post_status = 'draft' AND post_author = $user_ID");
|
||||
if ($drafts) {
|
||||
?>
|
||||
<div class="wrap">
|
||||
<p><strong>Your Drafts:</strong>
|
||||
<?php
|
||||
$i = 0;
|
||||
foreach ($drafts as $draft) {
|
||||
if (0 != $i) echo ', ';
|
||||
$draft->post_title = stripslashes($draft->post_title); if ($draft->post_title == '') $draft->post_title = 'post-'.$draft->ID;
|
||||
echo "<a href='b2edit.php?action=edit&post=$draft->ID' title='Edit this draft'>$draft->post_title</a>";
|
||||
++$i;
|
||||
}
|
||||
?>.</p>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
//set defaults
|
||||
$post_status = get_settings('default_post_status');
|
||||
$comment_status = get_settings('default_comment_status');
|
||||
$ping_status = get_settings('default_ping_status');
|
||||
$post_pingback = get_settings('default_pingback_flag');
|
||||
$default_post_cat = get_settings('default_post_category');
|
||||
include('wp-edit.form.php');
|
||||
echo '<br /><br />';
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
|
||||
?>
|
||||
<div class="wrap">
|
||||
<p>Since you’re a newcomer, you’ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
|
||||
You can also <a href="mailto:<?php echo $admin_email ?>?subject=b2-promotion">e-mail the admin</a> to ask for a promotion.<br />
|
||||
When you’re promoted, just reload this page and you’ll be able to blog. :)</p>
|
||||
</div>
|
||||
<?php
|
||||
|
||||
}
|
||||
|
||||
break;
|
||||
} // end switch
|
||||
/* </Edit> */
|
||||
include('b2footer.php');
|
||||
?>
|
Loading…
Reference in New Issue
Block a user