Index: wp-includes/js/wp-lists.js =================================================================== --- wp-includes/js/wp-lists.js (revision 0) +++ wp-includes/js/wp-lists.js (revision 0) @@ -0,0 +1,373 @@ +(function($) { +var currentFormEl = false; +var fs = {add:'ajaxAdd',del:'ajaxDel',dim:'ajaxDim',process:'process',recolor:'recolor'}; + +wpAjax = { + unserialize: function( s ) { + var r = {}; if ( !s ) { return r; } + var q = s.split('?'); if ( q[1] ) { s = q[1]; } + var pp = s.split('&'); + for ( var i in pp ) { + var p = pp[i].split('='); + r[p[0]] = p[1]; + } + return r; + }, + parseAjaxResponse: function( x, r ) { // 1 = good, 0 = strange (bad data?), -1 = you lack permission + var re = $('#' + r).html(''); + if ( x && typeof x == 'object' && x.getElementsByTagName('wp_ajax') ) { + if ( $('wp_error', x).each( function() { re.append('

' + this.firstChild.nodeValue + '

'); } ).size() ) { + return !re.wrap( '
' ); + } + return true; + } + if ( isNaN(x) ) { return !re.html('

' + x + '

'); } + x = parseInt(x,10); + if ( -1 == x ) { return !re.html('

You do not have permission to do that.

'); } + else if ( 0 === x ) { return !re.html('

AJAX is teh b0rked.

'); } + return true; + } +}; + +var wpList = { + settings: { + url: wpListL10n.url, type: 'POST', + response: 'ajax-response', + + what: '', + alt: 'alternate', altOffset: 0, + addColor: null, delColor: null, dimAddColor: null, dimDelColor: null, + + confirm: null, + addBefore: null, addAfter: null, + delBefore: null, delAfter: null, + dimBefore: null, dimAfter: null + }, + + nonce: function(e,s) { + var url = wpAjax.unserialize(e.attr('href')); + return s.nonce || url._ajax_nonce || $('#' + s.element + ' input[@name=_ajax_nonce]').val() || url._wpnonce || $('#' + s.element + ' input[@name=_wpnonce]').val() || 0; + }, + + parseClass: function(e,t) { + var c = []; try { c = $(e).attr('class').match(new RegExp(t+':[A-Za-z0-9:_=-]+'))[0].split(':'); } catch(r) {} + return c; + }, + + pre: function(e,s,a) { + var bg; var r; + s = $.extend( {}, this.wpList.settings, { + element: null, + nonce: 0 + }, s || {} ); + if ( $.isFunction( s.confirm ) ) { + if ( 'add' != a ) { + bg = $('#' + s.element).css('background-color'); + $('#' + s.element).css('background-color', '#FF9966'); + } + r = s.confirm.call(this,e,s,a,bg); + if ( 'add' != a ) { $('#' + s.element).css('background-color', bg ); } + if ( !r ) { return false; } + } + return s; + }, + + ajaxAdd: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'add'); + s = $.extend(s, { + element: s.element || cls[2] || e.attr( 'id' ) || null, + addColor: s.addColor || '#' + ( cls[3] || 'FFFF33' ) + } ); + s = wpList.pre.call( list, e, s, 'add' ); + if ( !s ) { return false; } + + if ( !e.is("[@class^=add:" + list.id + ":]") ) { return !wpList.add.call( list, e, s ); } + + if ( !s.element ) { return true; } + + s.action = 'add-' + s.what; + + s.nonce = wpList.nonce(e,s); + + var es = $('#' + s.element + ' :input').not('[@name=_ajax_nonce], [@name=_wpnonce], [@name=action]'); + s.data = $.param( $.extend( { _ajax_nonce: s.nonce, action: s.action }, wpAjax.unserialize( cls[4] || '' ) ) ); + var formData = $.isFunction(es.fieldSerialize) ? es.fieldSerialize() : es.serialize(); + if ( formData ) { s.data += '&' + formData; } + + if ( $.isFunction(s.addBefore) ) { + s = s.addBefore( s ); + if ( !s ) { return true; } + } + if ( !s.data.match(/_ajax_nonce=[a-f0-9]+/) ) { return true; } + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { return false; } + + $(s.what + ' response_data', r).each( function() { + var t = $(this); + wpList.add.call( list, t.text(), $.extend( {}, s, { // this.firstChild.nodevalue + pos: t.parent().attr( 'position' ) || 0, + id: t.parent().attr( 'id' ) || 0, + oldId: t.parent().attr( 'old_id' ) || null + } ) ); + } ); + + if ( $.isFunction(s.addAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.addAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + list.wpList.recolor(); + wpList.clear.call(list,'#' + s.element); + }; + + $.ajax( s ); + return false; + }, + + ajaxDel: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'delete'); + s = $.extend(s, { + element: s.element || cls[2] || null, + delColor: s.delColor || '#' + ( cls[3] || 'FF3333' ) + } ); + s = wpList.pre.call( list, e, s, 'delete' ); + if ( !s || !s.element ) { return false; } + + s.action = 'delete-' + s.what; + + s.nonce = wpList.nonce(e,s); + + s.data = $.extend( + { action: s.action, id: s.element.split('-').pop(), _ajax_nonce: s.nonce }, + wpAjax.unserialize( cls[4] || '' ) + ); + + if ( $.isFunction(s.delBefore) ) { + s = s.delBefore( s ); + if ( !s ) { return true; } + } + if ( !s.data._ajax_nonce ) { return true; } + + var func = function() { $('#' + s.element).css( 'background-color', '' ).hide(); list.wpList.recolor(); }; + var hideTO = -1; + if ( 'none' != s.delColor ) { + Fat.fade_element(s.element,null,700,s.delColor); + hideTO = setTimeout(func, 705); + } else { + func(); + } + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { + clearTimeout(hideTO); + func = function() { $('#' + s.element).css( 'background-color', '#FF3333' ).show(); list.wpList.recolor(); }; + func(); setTimeout(func, 705); // In case it's still fading + return false; + } + if ( $.isFunction(s.delAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.delAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + }; + $.ajax( s ); + return false; + }, + + ajaxDim: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'dim'); + s = $.extend(s, { + element: s.element || cls[2] || null, + dimClass: s.dimClass || cls[3] || null, + dimAddColor: s.dimAddColor || '#' + ( cls[4] || 'FFFF33' ), + dimDelColor: s.dimDelColor || '#' + ( cls[5] || 'FF3333' ) + } ); + s = wpList.pre.call( list, e, s, 'dim' ); + if ( !s || !s.element || !s.dimClass ) { return true; } + + s.action = 'dim-' + s.what; + + s.nonce = wpList.nonce(e,s); + + s.data = $.extend( + { action: s.action, id: s.element.split('-').pop(), dimClass: s.dimClass, _ajax_nonce : s.nonce }, + wpAjax.unserialize( cls[6] || '' ) + ); + + if ( $.isFunction(s.dimBefore) ) { + s = s.dimBefore( s ); + if ( !s ) { return true; } + } + + if ( !s.data._ajax_nonce ) { return true; } + + var isClass = $('#' + s.element).toggleClass(s.dimClass).is('.' + s.dimClass); + if ( isClass && 'none' != s.dimAddColor ) { Fat.fade_element(s.element,null,700,s.dimAddColor); } + else if ( !isClass && 'none' != s.dimDelColor ) { Fat.fade_element(s.element,null,700,s.dimDelColor); } + + var dimTO = setTimeout( function() { $('#' + s.element).css( 'background-color', '' ); }, 705 ); + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { + clearTimeout(dimTO); + func = function() { $('#' + s.element).css( 'background-color', '#FF3333' )[isClass?'removeClass':'addClass'](s.dimClass); }; + func(); setTimeout(func, 705); + return false; + } + if ( $.isFunction(s.dimAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.dimAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + }; + + $.ajax( s ); + return false; + }, + + add: function( e, s ) { + list = $(this); + e = $(e); + + var old = false; var next = false; + var _s = { pos: 0, id: 0, oldId: null }; + if ( 'string' == typeof s ) { s = { what: s }; } + s = $.extend(_s, this.wpList.settings, s); + + if ( !e.size() || !s.what ) { return false; } + if ( s.oldId ) { + old = $('#' + s.what + '-' + s.oldId); + next = old.next(); + old.remove(); + } + if ( s.id ) { $('#' + s.what + '-' + s.id).remove(); } + + if ( old && old.size() ) { + if ( next && next.size() ) { + next.before(e); + } else { + list.append(e); + } + } else if ( isNaN(s.pos) ) { + var ba = 'after'; + if ( '-' == s.pos.substr(0,1) ) { + s.pos = s.pos.substr(1); + ba = 'before'; + } + var ref = list.find( '#' + s.pos ); + if ( 1 === ref.size() ) { ref[ba](e); } + else { list.append(e); } + } else if ( s.pos < 0 ) { + list.prepend(e); + } else { + list.append(e); + } + + if ( s.alt ) { + if ( ( list.children(':visible').index( e[0] ) + s.altOffset ) % 2 ) { e.removeClass( s.alt ); } + else { e.addClass( s.alt ); } + } + + if ( 'none' != s.addColor ) { + Fat.fade_element(e.attr('id'),null,700,s.addColor); + setTimeout( function() { + var b = e.css( 'background-color' ); + var g = e.css( 'background-color', '' ).css( 'background-color' ); + if ( b != g ) { e.css( 'background-color', b ); } + }, 705 ); + } + list.each( function() { this.wpList.process( e ); } ); + return e; + }, + + clear: function(e) { + var list = this; + e = $(e); + if ( list.wpList && e.parents( '#' + list.id ).size() ) { return; } + e.find(':input').each( function() { + var t = this.type.toLowerCase(); var tag = this.tagName.toLowerCase(); + if ( 'text' == t || 'password' == t || 'textarea' == tag ) { this.value = ''; } + else if ( 'checkbox' == t || 'radio' == t ) { this.checked = false; } + else if ( 'select' == tag ) { this.selectedIndex = null; } + }); + }, + + process: function(el) { + var list = this; + var bl = function() { currentFormEl = false; }; + var fo = function() { currentFormEl = this; }; + var a = $("[@class^=add:" + list.id + ":]", el || null) + .filter('form').submit( function() { return list.wpList.add(this); } ).end() + .not('form').click( function() { return list.wpList.add(this); } ).each( function() { + var addEl = this; + var c = wpList.parseClass(this,'add')[2] || addEl.id; + if ( !c ) { return; } + var forms = []; var ins = []; + $('#' + c + ' :input').click( function() { $(this).unbind( 'blur', bl ).unbind( 'focus', fo ).blur( bl ).focus( fo ).focus(); } ).each( function() { + ins.push(this); + $.merge(forms,$(this).parents('form')); + forms = $.unique(forms); + } ); + $(forms).submit( function() { + var e = currentFormEl; + if ( 0 <= $.inArray(e,ins) ) { + $(addEl).trigger( 'click' ); + $(e).focus(); + return false; + } + } ); + } ); + var d = $("[@class^=delete:" + list.id + ":]", el || null).click( function() { return list.wpList.del(this); } ); + var c = $("[@class^=dim:" + list.id + ":]", el || null).click( function() { return list.wpList.dim(this); } ); + }, + + recolor: function() { + var list = this; + if ( !list.wpList.settings.alt ) { return; } + var items = $('.list-item:visible', list); + if ( !items.size() ) { items = $(list).children(':visible'); } + var eo = [':even',':odd']; + if ( list.wpList.settings.altOffset % 2 ) { eo.reverse(); } + items.filter(eo[0]).addClass(list.wpList.settings.alt).end().filter(eo[1]).removeClass(list.wpList.settings.alt); + }, + + init: function() { + var lists = this; + lists.wpList.process = function(a) { + lists.each( function() { + this.wpList.process(a); + } ); + }; + lists.wpList.recolor = function() { + lists.each( function() { + this.wpList.recolor(); + } ); + }; + } +}; + +$.fn.wpList = function( settings ) { + this.each( function() { + var _this = this; + this.wpList = { settings: $.extend( {}, wpList.settings, { what: wpList.parseClass(this,'list')[1] || '' }, settings ) }; + $.each( fs, function(i,f) { _this.wpList[i] = function( e, s ) { return wpList[f].call( _this, e, s ); }; } ); + } ); + wpList.init.call(this); + this.wpList.process(); + return this; +}; + +})(jQuery); Index: wp-includes/classes.php =================================================================== --- wp-includes/classes.php (revision 6185) +++ wp-includes/classes.php (working copy) @@ -696,11 +696,13 @@ $defaults = array( 'what' => 'object', 'action' => false, 'id' => '0', 'old_id' => false, + 'position' => 1, // -1 = top, 1 = bottom, html ID = after, -html ID = before 'data' => '', 'supplemental' => array() ); $r = wp_parse_args( $args, $defaults ); extract( $r, EXTR_SKIP ); + $postition = preg_replace( '/[^a-z0-9:_-]/i', '', $position ); if ( is_wp_error($id) ) { $data = $id; @@ -724,7 +726,7 @@ $x = ''; $x .= ""; // The action attribute in the xml output is formatted like a nonce action - $x .= "<$what id='$id'" . ( false !== $old_id ? "old_id='$old_id'>" : '>' ); + $x .= "<$what id='$id' " . ( false === $old_id ? '' : "old_id='$old_id' " ) . "position='$position'>"; $x .= $response; $x .= $s; $x .= ""; Index: wp-includes/pluggable.php =================================================================== --- wp-includes/pluggable.php (revision 6185) +++ wp-includes/pluggable.php (working copy) @@ -346,23 +346,26 @@ }endif; if ( !function_exists('check_ajax_referer') ) : -function check_ajax_referer() { - $current_name = ''; - if ( ( $current = wp_get_current_user() ) && $current->ID ) - $current_name = $current->data->user_login; - if ( !$current_name ) - die('-1'); +function check_ajax_referer( $action = -1 ) { + $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; + if ( !wp_verify_nonce( $nonce, $action ) ) { + $current_name = ''; + if ( ( $current = wp_get_current_user() ) && $current->ID ) + $current_name = $current->data->user_login; + if ( !$current_name ) + die('-1'); - $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie - foreach ( $cookie as $tasty ) { - if ( false !== strpos($tasty, USER_COOKIE) ) - $user = substr(strstr($tasty, '='), 1); - if ( false !== strpos($tasty, PASS_COOKIE) ) - $pass = substr(strstr($tasty, '='), 1); + $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie + foreach ( $cookie as $tasty ) { + if ( false !== strpos($tasty, USER_COOKIE) ) + $user = substr(strstr($tasty, '='), 1); + if ( false !== strpos($tasty, PASS_COOKIE) ) + $pass = substr(strstr($tasty, '='), 1); + } + + if ( $current_name != $user || !wp_login( $user, $pass, true ) ) + die('-1'); } - - if ( $current_name != $user || !wp_login( $user, $pass, true ) ) - die('-1'); do_action('check_ajax_referer'); } endif; Index: wp-includes/script-loader.php =================================================================== --- wp-includes/script-loader.php (revision 6185) +++ wp-includes/script-loader.php (working copy) @@ -61,6 +61,11 @@ 'delText' => __('Are you sure you want to delete this %thing%?') ) ); + $this->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('jquery'), '20070823' ); + $this->localize( 'wp-lists', 'wpListL10n', array( + 'url' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php' + ) ); + $this->add( 'scriptaculous-root', '/wp-includes/js/scriptaculous/scriptaculous.js', array('prototype'), '1.7.1-b3'); $this->add( 'scriptaculous-builder', '/wp-includes/js/scriptaculous/builder.js', array('scriptaculous-root'), '1.7.1-b3'); $this->add( 'scriptaculous-dragdrop', '/wp-includes/js/scriptaculous/dragdrop.js', array('scriptaculous-builder', 'scriptaculous-effects'), '1.7.1-b3'); @@ -105,20 +110,16 @@ 'toggleKey' => __(', or press the enter key to %toggle% it'), ) ); } - $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array('listman'), '20070724' ); + $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array( 'wp-lists' ), '20070823' ); $this->localize( 'ajaxcat', 'catL10n', array( 'add' => attribute_escape(__('Add')), 'how' => __('Separate multiple categories with commas.') ) ); - $this->add( 'ajaxlinkcat', '/wp-admin/js/link-cat.js', array('listman'), '200700601' ); - $this->localize( 'ajaxlinkcat', 'linkcatL10n', array( - 'add' => attribute_escape(__('Add')), - 'how' => __('Separate multiple categories with commas.') - ) ); - $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('listman'), '3684' ); - $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('listman'), '3733' ); - $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('listman'), '20070327' ); - $this->add( 'admin-users', '/wp-admin/js/users.js', array('listman'), '4583' ); + $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('wp-lists'), '20070822' ); + $this->add( 'admin-posts', '/wp-admin/js/edit-posts.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' ); $this->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' ); $this->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' ); $this->localize( 'upload', 'uploadL10n', array( Index: wp-admin/users.php =================================================================== --- wp-admin/users.php (revision 6185) +++ wp-admin/users.php (working copy) @@ -393,7 +393,7 @@ -" class="list:user user-list">' . sprintf(__('Users cannot currently register themselves, but you can manually create users here.'), get_option('siteurl').'/wp-admin/options-general.php#users_can_register') . '

'; ?> -
+ @@ -507,6 +507,11 @@

+
+ + +
+ Index: wp-admin/edit-comments.php =================================================================== --- wp-admin/edit-comments.php (revision 6185) +++ wp-admin/edit-comments.php (working copy) @@ -102,7 +102,7 @@ $offset = $offset + 1; $start = " start='$offset'"; - echo "
    \n"; + echo "
      \n"; $i = 0; foreach ( $comments as $comment ) { get_comment( $comment ); // Cache it @@ -112,14 +112,18 @@ if ( $extra_comments ) : ?>
    +
    + + + @@ -149,7 +153,8 @@ ' . __('Comment Excerpt') . ' ' . __('Actions') . ' -'; + +'; foreach ($comments as $comment) { $post = get_post($comment->comment_post_ID); $authordata = get_userdata($post->post_author); @@ -159,7 +164,7 @@ ?> comment_post_ID) ) { ?> - + @@ -173,12 +178,14 @@ comment_post_ID) ) { echo "" . __('Edit') . ""; } ?> comment_post_ID) ) { - echo "comment_post_ID."&c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n 'Cancel' to stop, 'OK' to delete."), $comment->comment_author )) . "', theCommentList );\" class='delete'>" . __('Delete') . " "; + $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); + echo "" . __('Delete') . " "; } ?> + ?> +

    '); return false } return confirm('')" /> '); return false } return confirm('')" />

    Index: wp-admin/admin-ajax.php =================================================================== --- wp-admin/admin-ajax.php (revision 6185) +++ wp-admin/admin-ajax.php (working copy) @@ -4,50 +4,45 @@ define('DOING_AJAX', true); -check_ajax_referer(); if ( !is_user_logged_in() ) die('-1'); function get_out_now() { exit; } add_action( 'shutdown', 'get_out_now', -1 ); -function wp_ajax_meta_row( $pid, $mid, $key, $value ) { - $value = attribute_escape($value); - $key_js = addslashes(wp_specialchars($key, 'double')); - $key = attribute_escape($key); - $r .= ""; - $r .= ""; - $r .= ""; - $r .= "
    "; - $r .= ""; - return $r; -} - $id = (int) $_POST['id']; -switch ( $_POST['action'] ) : +switch ( $action = $_POST['action'] ) : +case 'add-post' : + check_ajax_referer( 'add-post' ); + add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; $start += intval(trim($b[2])) - 1; return "LIMIT $start, 1";' ) ); + wp_edit_posts_query( '_POST' ); + $posts_columns = wp_manage_posts_columns(); + ob_start(); + include( 'edit-post-rows.php' ); + $data = ob_get_contents(); + ob_end_clean(); + if ( !preg_match('|(.+)|s', $data, $matches) ) + my_dump($data); + $data = trim($matches[1]); + $x = new WP_Ajax_Response( array( 'what' => 'post', 'id' => $id, 'data' => $data ) ); + $x->send(); + break; case 'delete-comment' : + check_ajax_referer( "delete-comment_$id" ); if ( !$comment = get_comment( $id ) ) die('0'); if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) die('-1'); - if ( wp_delete_comment( $comment->comment_ID ) ) - die('1'); - else die('0'); - break; -case 'delete-comment-as-spam' : - if ( !$comment = get_comment( $id ) ) - die('0'); - if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) - die('-1'); + if ( isset($_POST['spam']) && 1 == $_POST['spam'] ) + $r = wp_set_comment_status( $comment->comment_ID, 'spam' ); + else + $r = wp_delete_comment( $comment->comment_ID ); - if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) ) - die('1'); - else die('0'); + die( $r ? '1' : '0' ); break; case 'delete-cat' : + check_ajax_referer( "delete-category_$id" ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); @@ -56,6 +51,7 @@ else die('0'); break; case 'delete-link' : + check_ajax_referer( "delete-bookmark_$id" ); if ( !current_user_can( 'manage_links' ) ) die('-1'); @@ -64,6 +60,7 @@ else die('0'); break; case 'delete-meta' : + check_ajax_referer( 'change_meta' ); if ( !$meta = get_post_meta_by_id( $id ) ) die('0'); if ( !current_user_can( 'edit_post', $meta->post_id ) ) @@ -73,14 +70,17 @@ die('0'); break; case 'delete-post' : + check_ajax_referer( "{$action}_$id" ); if ( !current_user_can( 'delete_post', $id ) ) die('-1'); if ( wp_delete_post( $id ) ) die('1'); - else die('0'); + else + die('0'); break; case 'delete-page' : + check_ajax_referer( "{$action}_$id" ); if ( !current_user_can( 'delete_page', $id ) ) die('-1'); @@ -97,15 +97,18 @@ die('-1'); if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) { + check_ajax_referer( "approve-comment_$id" ); if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) ) die('1'); } else { + check_ajax_referer( "unapprove-comment_$id" ); if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) ) die('1'); } die('0'); break; case 'add-category' : // On the Fly + check_ajax_referer( $action ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); $names = explode(',', $_POST['newcat']); @@ -120,12 +123,14 @@ $x->add( array( 'what' => 'category', 'id' => $cat_id, - 'data' => "
    2. " + 'data' => "
    3. ", + 'position' => -1 ) ); } $x->send(); break; case 'add-link-category' : // On the Fly + check_ajax_referer( $action ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); $names = explode(',', $_POST['newcat']); @@ -136,18 +141,20 @@ die('0'); if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) { $cat_id = wp_insert_term( $cat_name, 'link_category' ); - $cat_id = $cat_id['term_id']; } + $cat_id = $cat_id['term_id']; $cat_name = wp_specialchars(stripslashes($cat_name)); $x->add( array( 'what' => 'link-category', 'id' => $cat_id, - 'data' => "" + 'data' => "", + 'position' => -1 ) ); } $x->send(); break; case 'add-cat' : // From Manage->Categories + check_ajax_referer( 'add-category' ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); if ( !$cat = wp_insert_category( $_POST ) ) @@ -155,28 +162,29 @@ if ( !$cat = get_category( $cat ) ) die('0'); $level = 0; - $cat_full_name = $cat->cat_name; + $cat_full_name = $cat->name; $_cat = $cat; - while ( $_cat->category_parent ) { - $_cat = get_category( $_cat->category_parent ); - $cat_full_name = $_cat->cat_name . ' — ' . $cat_full_name; + while ( $_cat->parent ) { + $_cat = get_category( $_cat->parent ); + $cat_full_name = $_cat->name . ' — ' . $cat_full_name; $level++; } $cat_full_name = attribute_escape($cat_full_name); $x = new WP_Ajax_Response( array( 'what' => 'cat', - 'id' => $cat->cat_ID, + 'id' => $cat->term_id, 'data' => _cat_row( $cat, $level, $cat_full_name ), - 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category %s added' ), "cat-$cat->cat_ID", $cat_full_name)) + 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category %s added' ), "cat-$cat->term_id", $cat_full_name)) ) ); $x->send(); break; case 'add-comment' : + check_ajax_referer( $action ); if ( !current_user_can( 'edit_post', $id ) ) die('-1'); $search = isset($_POST['s']) ? $_POST['s'] : false; - $start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25; + $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24; list($comments, $total) = _wp_get_comment_list( $search, $start, 1 ); @@ -198,58 +206,70 @@ $x->send(); break; case 'add-meta' : - if ( !current_user_can( 'edit_post', $id ) ) - die('-1'); - if ( $id < 0 ) { - $now = current_time('timestamp', 1); - if ( $pid = wp_insert_post( array( - 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) - ) ) ) { - if ( is_wp_error( $pid ) ) - return $pid; - $mid = add_meta( $pid ); + check_ajax_referer( 'change_meta' ); + $c = 0; + $pid = (int) $_POST['post_id']; + if ( isset($_POST['addmeta']) ) { + if ( !current_user_can( 'edit_post', $pid ) ) + die('-1'); + if ( $pid < 0 ) { + $now = current_time('timestamp', 1); + if ( $pid = wp_insert_post( array( + 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) + ) ) ) { + if ( is_wp_error( $pid ) ) { + $x = new WP_Ajax_Response( array( + 'what' => 'meta', + 'data' => $pid + ) ); + $x->send(); + } + $mid = add_meta( $pid ); + } else { + die('0'); + } + } else if ( !$mid = add_meta( $pid ) ) { + die('0'); } - else - die('0'); - } else if ( !$mid = add_meta( $id ) ) { - die('0'); - } - $meta = get_post_meta_by_id( $mid ); - $key = $meta->meta_key; - $value = $meta->meta_value; - $pid = (int) $meta->post_id; - - $x = new WP_Ajax_Response( array( - 'what' => 'meta', - 'id' => $mid, - 'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ), - 'supplemental' => array('postid' => $pid) - ) ); - $x->send(); - break; -case 'update-meta' : - $mid = (int) array_pop(array_keys($_POST['meta'])); - $key = $_POST['meta'][$mid]['key']; - $value = $_POST['meta'][$mid]['value']; - if ( !$meta = get_post_meta_by_id( $mid ) ) - die('0'); // if meta doesn't exist - if ( !current_user_can( 'edit_post', $meta->post_id ) ) - die('-1'); - if ( $u = update_meta( $mid, $key, $value ) ) { + $meta = get_post_meta_by_id( $mid ); + $pid = (int) $meta->post_id; + $meta = get_object_vars( $meta ); + $x = new WP_Ajax_Response( array( + 'what' => 'meta', + 'id' => $mid, + 'data' => _list_meta_row( $meta, $c ), + 'position' => 1, + 'supplemental' => array('postid' => $pid) + ) ); + } else { + $mid = (int) array_pop(array_keys($_POST['meta'])); + $key = $_POST['meta'][$mid]['key']; + $value = $_POST['meta'][$mid]['value']; + if ( !$meta = get_post_meta_by_id( $mid ) ) + die('0'); // if meta doesn't exist + if ( !current_user_can( 'edit_post', $meta->post_id ) ) + die('-1'); + if ( !$u = update_meta( $mid, $key, $value ) ) + die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). $key = stripslashes($key); $value = stripslashes($value); $x = new WP_Ajax_Response( array( 'what' => 'meta', - 'id' => $mid, - 'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ), + 'id' => $mid, 'old_id' => $mid, + 'data' => _list_meta_row( array( + 'meta_key' => $key, + 'meta_value' => $value, + 'meta_id' => $mid + ), $c ), + 'position' => 0, 'supplemental' => array('postid' => $meta->post_id) ) ); - $x->send(); } - die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). + $x->send(); break; case 'add-user' : + check_ajax_referer( $action ); if ( !current_user_can('edit_users') ) die('-1'); require_once(ABSPATH . WPINC . '/registration.php'); @@ -261,15 +281,20 @@ exit; } $user_object = new WP_User( $user_id ); + $x = new WP_Ajax_Response( array( 'what' => 'user', 'id' => $user_id, 'data' => user_row( $user_object ), - 'supplemental' => array('show-link' => sprintf(__( 'User %s added' ), "user-$user_id", $user_object->user_login)) + 'supplemental' => array( + 'show-link' => sprintf(__( 'User %s added' ), "user-$user_id", $user_object->user_login), + 'role' => $user_object->roles[0] + ) ) ); $x->send(); break; case 'autosave' : // The name of this action is hardcoded in edit_post() + check_ajax_referer( $action ); $_POST['post_content'] = $_POST['content']; $_POST['post_excerpt'] = $_POST['excerpt']; $_POST['post_status'] = 'draft'; @@ -300,6 +325,7 @@ die('0'); break; case 'autosave-generate-nonces' : + check_ajax_referer( $action ); $ID = (int) $_POST['post_ID']; if($_POST['post_type'] == 'post') { if(current_user_can('edit_post', $ID)) Index: wp-admin/wp-admin.css =================================================================== --- wp-admin/wp-admin.css (revision 6185) +++ wp-admin/wp-admin.css (working copy) @@ -819,6 +819,10 @@ width: 95%; } +#postcustom table #addmetasub { + width: auto; +} + #poststuff { margin-right: 16em; } Index: wp-admin/includes/template.php =================================================================== --- wp-admin/includes/template.php (revision 6185) +++ wp-admin/includes/template.php (working copy) @@ -40,7 +40,7 @@ $default_cat_id = (int) get_option( 'default_category' ); if ( $category->term_id != $default_cat_id ) - $edit .= "term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' ).""; + $edit .= "term_id ) . "' class='delete:the-list:cat-$category->term_id delete'>".__( 'Delete' ).""; else $edit .= "".__( "Default" ); } else @@ -163,6 +163,31 @@ } } +// define the columns to display, the syntax is 'internal name' => 'display name' +function wp_manage_posts_columns() { + $posts_columns = array(); + $posts_columns['id'] = '
    ' . __('ID') . '
    '; + if ( 'draft' === $_GET['post_status'] ) + $posts_columns['modified'] = __('Modified'); + elseif ( 'pending' === $_GET['post_status'] ) + $posts_columns['modified'] = __('Submitted'); + else + $posts_columns['date'] = __('When'); + $posts_columns['title'] = __('Title'); + $posts_columns['categories'] = __('Categories'); + if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) ) + $posts_columns['comments'] = '
    ' . __('Comments') . '
    '; + $posts_columns['author'] = __('Author'); + $posts_columns = apply_filters('manage_posts_columns', $posts_columns); + + // you can not edit these at the moment + $posts_columns['control_view'] = ''; + $posts_columns['control_edit'] = ''; + $posts_columns['control_delete'] = ''; + + return $posts_columns; +} + function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) { global $wpdb, $class, $post; @@ -189,9 +214,9 @@ post_modified ) _e('Unpublished'); else echo mysql2date( __('Y-m-d g:i a'), $post->post_modified ); ?> - + " . __( 'Edit' ) . ""; } ?> - " . __( 'Delete' ) . ""; } ?> + " . __( 'Delete' ) . ""; } ?> comment_ID; $class = ''; $post = get_post($comment->comment_post_ID); $authordata = get_userdata($post->post_author); - $comment_status = wp_get_comment_status($comment->comment_ID); + $comment_status = wp_get_comment_status($id); if ( 'unapproved' == $comment_status ) $class .= ' unapproved'; if ( $alt % 2 ) $class .= ' alternate'; - echo "
  3. "; + echo "
  4. "; ?> -

    comment_author_email) { ?>| comment_author_url && 'http://' != $comment->comment_author_url) { ?> | |

    +

    comment_author_email) { ?>| comment_author_url && 'http://' != $comment->comment_author_url) { ?> | |

    — [ comment_post_ID) ) { - echo " " . __('Edit') . ''; - echo ' | comment_author)) . "', theCommentList );\">" . __('Delete') . ' '; + echo " " . __('Edit') . ''; + $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) ); + echo " | " . __('Delete') . ' '; if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { - echo ' | ' . __('Unapprove') . ' '; - echo ' | ' . __('Approve') . ' '; + $url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$id", "unapprove-comment_$id" ) ); + echo " | " . __('Unapprove') . ' '; + $url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$id", "approve-comment_$id" ) ); + echo " | " . __('Approve') . ' '; } - echo " | comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . " "; + $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) ); + echo " | " . __('Spam') . ' '; } $post = get_post($comment->comment_post_ID, OBJECT, 'display'); $post_title = wp_specialchars( $post->post_title, 'double' ); @@ -323,7 +352,7 @@ global $post_ID; // Exit if no meta if (!$meta ) { - echo ' '; //TBODY needed for list-manipulation JS + echo ' '; //TBODY needed for list-manipulation JS return; } $count = 0; @@ -335,43 +364,47 @@ + "; - foreach ( $meta as $entry ) { - ++ $count; - if ( $count % 2 ) - $style = 'alternate'; - else - $style = ''; - if ('_' == $entry['meta_key'] { 0 } ) - $style .= ' hidden'; + foreach ( $meta as $entry ) + echo _list_meta_row( $entry, $count ); + echo "\n\t"; +} - if ( is_serialized( $entry['meta_value'] ) ) { - if ( is_serialized_string( $entry['meta_value'] ) ) { - // this is a serialized string, so we should display it - $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); - } else { - // this is a serialized array/object so we should NOT display it - --$count; - continue; - } +function _list_meta_row( $entry, &$count ) { + $r = ''; + ++ $count; + if ( $count % 2 ) + $style = 'alternate'; + else + $style = ''; + if ('_' == $entry['meta_key'] { 0 } ) + $style .= ' hidden'; + + if ( is_serialized( $entry['meta_value'] ) ) { + if ( is_serialized_string( $entry['meta_value'] ) ) { + // this is a serialized string, so we should display it + $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); + } else { + // this is a serialized array/object so we should NOT display it + --$count; + return; } + } - $key_js = js_escape( $entry['meta_key'] ); - $entry['meta_key'] = attribute_escape($entry['meta_key']); - $entry['meta_value'] = attribute_escape($entry['meta_value']); - $entry['meta_id'] = (int) $entry['meta_id']; - $r .= "\n\t"; - $r .= "\n\t\t"; - $r .= "\n\t\t"; - $r .= "\n\t\t
    "; - $r .= "\n\t\t"; - $r .= "\n\t"; - } - echo $r; - echo "\n\t"; + $key_js = js_escape( $entry['meta_key'] ); + $entry['meta_key'] = attribute_escape($entry['meta_key']); + $entry['meta_value'] = attribute_escape($entry['meta_value']); + $entry['meta_id'] = (int) $entry['meta_id']; + $r .= "\n\t"; + $r .= "\n\t\t"; + $r .= "\n\t\t"; + $r .= "\n\t\t
    "; + $r .= "\n\t\t"; + $r .= ""; + $r .= "\n\t"; + return $r; } function meta_form() { @@ -412,8 +445,11 @@ + + + + -

    query( "UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID" ); } -?> \ No newline at end of file +function wp_edit_posts_query( $q = '_GET' ) { + global $wpdb; + $$q['m'] = (int) $$q['m']; + $$q['cat'] = (int) $$q['cat']; + $post_stati = array( // array( adj, noun ) + 'draft' => array(__('Draft'), _c('Drafts|manage posts header')), + 'future' => array(__('Scheduled'), __('Scheduled posts')), + 'pending' => array(__('Pending Review'), __('Pending posts')), + 'private' => array(__('Private'), __('Private posts')), + 'publish' => array(__('Published'), __('Published posts')) + ); + + $avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'"); + + $post_status_q = ''; + $post_status_label = _c('Posts|manage posts header'); + if ( isset($$q['post_status']) && in_array( $$q['post_status'], array_keys($post_stati) ) ) { + $post_status_label = $post_stati[$$q['post_status']][1]; + $post_status_q = '&post_status=' . $$q['post_status']; + } + + if ( 'pending' === $$q['post_status'] ) { + $order = 'ASC'; + $orderby = 'modified'; + } elseif ( 'draft' === $$q['post_status'] ) { + $order = 'DESC'; + $orderby = 'modified'; + } else { + $order = 'DESC'; + $orderby = 'date'; + } + + wp("what_to_show=posts$post_status_q&posts_per_page=20&order=$order&orderby=$orderby"); + + return array($post_stati, $avail_post_stati); +} + +?> Index: wp-admin/post.php =================================================================== --- wp-admin/post.php (revision 6185) +++ wp-admin/post.php (working copy) @@ -121,10 +121,14 @@ if ($_POST['save']) { $location = "post.php?action=edit&post=$post_ID"; - } elseif ($_POST['updatemeta']) { - $location = wp_get_referer() . '&message=2#postcustom'; + } elseif ($_POST['addemeta']) { + $location = add_query_arg( 'message', 2, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; } elseif ($_POST['deletemeta']) { - $location = wp_get_referer() . '&message=3#postcustom'; + $location = add_query_arg( 'message', 3, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; } elseif (!empty($referredby) && $referredby != $referer) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) Index: wp-admin/js/categories.js =================================================================== --- wp-admin/js/categories.js (revision 6185) +++ wp-admin/js/categories.js (working copy) @@ -1,16 +1,18 @@ -addLoadEvent(function() { - if (!theList.theList) return false; - document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); }; - theList.addComplete = function(what, where, update, transport) { - var name = getNodeValue(transport.responseXML, 'name').unescapeHTML(); - var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id'); - var options = document.forms['addcat'].category_parent.options; +jQuery(function($) { + var options = document.forms['addcat'].category_parent.options; + + var addAfter = function( r, settings ) { + var name = $("" + $('name', r).text() + "").html(); + var id = $('cat', r).attr('id'); options[options.length] = new Option(name, id); - }; - theList.delComplete = function(what, id) { - var options = document.forms['addcat'].category_parent.options; + } + + var delAfter = function( r, settings ) { + var id = $('cat', r).attr('id'); for ( var o = 0; o < options.length; o++ ) if ( id == options[o].value ) options[o] = null; - }; + } + + var a = $('#the-list').wpList( { addAfter: addAfter, delAfter: delAfter } ); }); Index: wp-admin/js/cat.js =================================================================== --- wp-admin/js/cat.js (revision 6185) +++ wp-admin/js/cat.js (working copy) @@ -1,11 +1,4 @@ -addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;}); -addLoadEvent(newCatAddIn); -function newCatAddIn() { - var jaxcat = $('jaxcat'); - if ( !jaxcat ) - return false; - // These multiple blank hidden inputs are needed: https://bugzilla.mozilla.org/show_bug.cgi?id=377815 , #3895 , #4664 - Element.update(jaxcat,'' + catL10n.how + ''); - $('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); }; - $('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); }; -} +jQuery( function($) { + $('#jaxcat').prepend('' + catL10n.how + '') + var a = $('#categorychecklist').wpList( { alt: '', response: 'cat-ajax-response' } ); +} ); Index: wp-admin/js/edit-comments.js =================================================================== --- wp-admin/js/edit-comments.js (revision 6185) +++ wp-admin/js/edit-comments.js (working copy) @@ -1,59 +1,26 @@ -addLoadEvent(function() { - theCommentList = new listMan('the-comment-list'); - if ( !theCommentList ) - return false; +var list; var extra; +jQuery(function($) { - theExtraCommentList = new listMan('the-extra-comment-list'); - if ( theExtraCommentList ) { - theExtraCommentList.showLink = 0; - theExtraCommentList.altOffset = 1; - if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes ) - var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length; - else - var commentNum = 0; - var urlQ = document.location.href.split('?'); - var params = urlQ[1] ? urlQ[1].toQueryParams() : []; - var search = params['s'] ? params['s'] : ''; - var page = params['apage'] ? params['apage'] : 1; - } +var dimAfter = function( r, settings ) { + var a = $('#awaitmod'); + a.html( parseInt(a.html(),10) + ( $('#' + settings.element).is('.' + settings.dimClass) ? 1 : -1 ) ); +} - theCommentList.dimComplete = function(what,id,dimClass) { - var m = document.getElementById('awaitmod'); - if ( document.getElementById(what + '-' + id).className.match(dimClass) ) - m.innerHTML = parseInt(m.innerHTML,10) + 1; - else - m.innerHTML = parseInt(m.innerHTML,10) - 1; +var delAfter = function( r, settings ) { + var a = $('#awaitmod'); + if ( $('#' + settings.element).is('.unapproved') && parseInt(a.html(),10) > 0 ) { + a.html( parseInt(a.html(),10) - 1 ); } - theCommentList.delComplete = function(what,id) { - var m = document.getElementById('awaitmod'); - what = what.split('-')[0]; - if ( document.getElementById(what + '-' + id).className.match('unapproved') ) - m.innerHTML = parseInt(m.innerHTML,10) - 1; - if ( theExtraCommentList && commentNum ) { - var theMover = theExtraCommentList.theList.childNodes[0]; - Element.removeClassName(theMover,'alternate'); - theCommentList.theList.appendChild(theMover); - theExtraCommentList.inputData += '&page=' + page; - if ( search ) - theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box - theExtraCommentList.addComplete = function() { - if ( theExtraCommentList.theList.childNodes ) - var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length; - else - var commentNum = 0; - } - theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request - } + if ( extra.size() == 0 || extra.children().size() == 0 ) { + return; } - if ( theList ) // the post list: edit.php - theList.delComplete = function() { - var comments = document.getElementById('comments'); - var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments); - var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList); - setTimeout(commdel,705); - setTimeout(listdel,705); - } -}); + list[0].wpList.add( extra.children(':eq(0)').remove().clone() ); + $('#get-extra-comments').submit(); +} +extra = $('#the-extra-comment-list').wpList( { alt: '', delColor: 'none', addColor: 'none' } ); +list = $('#the-comment-list').wpList( { dimAfter : dimAfter, delAfter : delAfter, addColor: 'none' } ); + +} ); Index: wp-admin/js/edit-posts.js =================================================================== --- wp-admin/js/edit-posts.js (revision 0) +++ wp-admin/js/edit-posts.js (revision 0) @@ -0,0 +1,22 @@ +jQuery(function($) { +var delAfter; var extra; var list; + +if ( document.location.href.match(/(\?|&)c=/) ) + delAfter = function() { $('#comments, #the-comment-list').remove(); } +else + delAfter = function() { + list[0].wpList.add( extra.children(':eq(0)').remove().clone() ); + $('#get-extra-button').click(); + } + +var addBefore = function ( settings ) { + var q = document.location.href.split('?'); + if ( q[1] ) + settings.data += '&' + q[1]; + return settings; +} + +extra = $('#the-extra-list').wpList( { alt: '', addBefore: addBefore, addColor: 'none', delColor: 'none' } ); +list = $('#the-list').wpList( { delAfter: delAfter, addColor: 'none' } ); + +} ); Index: wp-admin/js/custom-fields.js =================================================================== --- wp-admin/js/custom-fields.js (revision 6185) +++ wp-admin/js/custom-fields.js (working copy) @@ -1,26 +1,33 @@ -function customFieldsOnComplete( what, where, update, transport ) { - var pidEl = $('post_ID'); - pidEl.name = 'post_ID'; - pidEl.value = getNodeValue(transport.responseXML, 'postid'); - var aEl = $('hiddenaction') - if ( aEl.value == 'post' ) aEl.value = 'postajaxpost'; -} -addLoadEvent(customFieldsAddIn); -function customFieldsAddIn() { - theList.showLink=0; - theList.addComplete = customFieldsOnComplete; - if (!theList.theList) return false; - inputs = theList.theList.getElementsByTagName('input'); - for ( var i=0; i < inputs.length; i++ ) { - if ('text' == inputs[i].type) { - inputs[i].setAttribute('autocomplete', 'off'); - inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); }; - } - if ('updatemeta' == inputs[i].className) { - inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); }; - } +jQuery( function($) { + var before = function() { + var nonce = $('#newmeta [@name=_ajax_nonce]').val(); + var postId = $('#post_ID').val(); + if ( !nonce || !postId ) { return false; } + return [nonce,postId]; } - $('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); }; - $('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); }; -} + var addBefore = function( s ) { + var b = before(); + if ( !b ) { return false; } + s.data = s.data.replace(/_ajax_nonce=[a-f0-9]+/, '_ajax_nonce=' + b[0]) + '&post_id=' + b[1]; + return s; + }; + + var addAfter = function( r, s ) { + var postId = $('postid', r).text(); + if ( !postId ) { return; } + $('#post_ID').attr( 'name', 'post_ID' ).val( postId ); + var h = $('#hiddenaction'); + if ( 'post' == h.val() ) { h.val( 'postajaxpost' ); } + }; + + var delBefore = function( s ) { + var b = before(); if ( !b ) return false; + s.data._ajax_nonce = b[0]; s.data.post_id = b[1]; + return s; + } + + $('#the-list') + .wpList( { addBefore: addBefore, addAfter: addAfter, delBefore: delBefore } ) + .find('.updatemeta, .deletemeta').attr( 'type', 'button' ); +} ); Index: wp-admin/js/users.js =================================================================== --- wp-admin/js/users.js (revision 6185) +++ wp-admin/js/users.js (working copy) @@ -1,21 +1,22 @@ -addLoadEvent(function() { - theListEls = document.getElementsByTagName('tbody'); - theUserLists = new Array(); - for ( var l = 0; l < theListEls.length; l++ ) { - if ( theListEls[l].id ) - theUserLists[theListEls[l].id] = new listMan(theListEls[l].id); - } - addUserInputs = document.getElementById('adduser').getElementsByTagName('input'); - for ( var i = 0; i < addUserInputs.length; i++ ) { - addUserInputs[i].onkeypress = function(e) { return killSubmit('addUserSubmit();', e); } - } - document.getElementById('addusersub').onclick = function(e) { return killSubmit('addUserSubmit();', e); } -} -); +jQuery( function($) { + var userLists; var list; var addBefore; var addAfter; -function addUserSubmit() { - var roleEl = document.getElementById('role'); - var role = roleEl.options[roleEl.selectedIndex].value; - if ( !theUserLists['role-' + role] ) return true; - return theUserLists['role-' + role].ajaxAdder('user', 'adduser'); -} + addBefore = function( s ) { + if ( $( '#role-' + $('#role').val() ).size() ) + return s; + return false; + }; + + addAfter = function( r, s ) { + var roleTable = $( '#role-' + $('role', r).text() ); + + var e = $('#user-' + $('user', r).attr('id') ); + if ( !roleTable.size() ) { return; } + if ( !e.size() ) { return; } + + roleTable[0].wpList.add(e.remove().clone()); + }; + + userLists = $('.user-list').wpList(); + list = $('#user-list').wpList( { addBefore: addBefore, addAfter: addAfter } ); +} ); Index: wp-admin/js/link-cat.js =================================================================== --- wp-admin/js/link-cat.js (revision 6185) +++ wp-admin/js/link-cat.js (working copy) @@ -1,10 +0,0 @@ -addLoadEvent(function(){linkcatList=new listMan('linkcategorychecklist');linkcatList.ajaxRespEl='jaxcat';linkcatList.topAdder=1;linkcatList.alt=0;linkcatList.showLink=0;}); -addLoadEvent(newLinkCatAddIn); -function newLinkCatAddIn() { - var jaxcat = $('jaxcat'); - if ( !jaxcat ) - return false; - Element.update(jaxcat,'' + linkcatL10n.how + ''); - $('newcat').onkeypress = function(e) { return killSubmit("linkcatList.ajaxAdder('link-category','jaxcat');", e); }; - $('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); }; -} Index: wp-admin/edit-post-rows.php =================================================================== --- wp-admin/edit-post-rows.php (revision 6185) +++ wp-admin/edit-post-rows.php (working copy) @@ -8,13 +8,16 @@ - + \n\t\n"; // Hack! +$class = ( $i_post > 15 || 'alternate' == $class) ? '' : 'alternate'; global $current_user; $post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' ); ?> @@ -90,7 +93,7 @@ case 'control_delete': ?> - ID) ) { echo "ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . ""; } ?> + ID) ) { echo "ID) . "' class='delete:the-list:post-$post->ID delete'>" . __('Delete') . ""; } ?>

    -

    -
    +

    +
    Index: wp-admin/edit-form-advanced.php =================================================================== --- wp-admin/edit-form-advanced.php (revision 6185) +++ wp-admin/edit-form-advanced.php (working copy) @@ -74,8 +74,8 @@

    -

    -
    +

    +
    Index: wp-admin/link-add.php =================================================================== --- wp-admin/link-add.php (revision 6185) +++ wp-admin/link-add.php (working copy) @@ -13,7 +13,7 @@ wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') ); if ( current_user_can( 'manage_categories' ) ) - wp_enqueue_script( 'ajaxlinkcat' ); + wp_enqueue_script( 'ajaxcat' ); require('admin-header.php'); ?> Index: wp-admin/edit.php =================================================================== --- wp-admin/edit.php (revision 6185) +++ wp-admin/edit.php (working copy) @@ -3,68 +3,22 @@ $title = __('Posts'); $parent_file = 'edit.php'; -wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' ); +wp_enqueue_script( 'admin-posts' ); +if ( 1 == $_GET['c'] ) + wp_enqueue_script( 'admin-comments' ); require_once('admin-header.php'); -$_GET['m'] = (int) $_GET['m']; -$_GET['cat'] = (int) $_GET['cat']; -$post_stati = array( // array( adj, noun ) - 'publish' => array(__('Published'), __('Published posts')), - 'future' => array(__('Scheduled'), __('Scheduled posts')), - 'pending' => array(__('Pending Review'), __('Pending posts')), - 'draft' => array(__('Draft'), _c('Drafts|manage posts header')), - 'private' => array(__('Private'), __('Private posts')) - ); - -$avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'"); - -$post_status_q = ''; -$post_status_label = __('Posts'); -if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) { - $post_status_label = $post_stati[$_GET['post_status']][1]; - $post_status_q = '&post_status=' . $_GET['post_status']; -} +add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; return "LIMIT $start, 20";' ) ); +list($post_stati, $avail_post_stati) = wp_edit_posts_query(); +$wp_query->max_num_pages = ceil( $wp_query->found_posts / 15 ); // We grab 20 but only show 15 ( 5 more for ajax extra ) ?>
    'display name' -$posts_columns = array(); -$posts_columns['id'] = '
    ' . __('ID') . '
    '; -if ( 'draft' === $_GET['post_status'] ) - $posts_columns['modified'] = __('Modified'); -elseif ( 'pending' === $_GET['post_status'] ) - $posts_columns['modified'] = __('Submitted'); -else - $posts_columns['date'] = __('When'); -$posts_columns['title'] = __('Title'); -$posts_columns['categories'] = __('Categories'); -if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) ) - $posts_columns['comments'] = '
    ' . __('Comments') . '
    '; -$posts_columns['author'] = __('Author'); - -$posts_columns = apply_filters('manage_posts_columns', $posts_columns); - -// you can not edit these at the moment -$posts_columns['control_view'] = ''; -$posts_columns['control_edit'] = ''; -$posts_columns['control_delete'] = ''; - ?>

    + + Index: wp-admin/edit-category-form.php =================================================================== --- wp-admin/edit-category-form.php (revision 6185) +++ wp-admin/edit-category-form.php (working copy) @@ -9,7 +9,7 @@ } else { $heading = __('Add Category'); $submit_text = __('Add Category »'); - $form = '
    '; + $form = ''; $action = 'addcat'; $nonce_action = 'add-category'; do_action('add_category_form_pre', $category); @@ -43,7 +43,7 @@ -

    +

    Index: wp-admin/link-manager.php =================================================================== --- wp-admin/link-manager.php (revision 6185) +++ wp-admin/link-manager.php (working copy) @@ -6,7 +6,7 @@ require_once ('admin.php'); -wp_enqueue_script( 'listman' ); +wp_enqueue_script( 'wp-lists' ); wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]')); @@ -46,7 +46,7 @@ } ?> - + '.__('Edit').''; - echo 'link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').''; + echo "" . __('Edit') . ''; + echo "link_id ) . "' class='delete:the-list:link-$link->link_id delete'>" . __('Delete') . ''; break; default: ?> Index: wp-admin/page.php =================================================================== --- wp-admin/page.php (revision 6185) +++ wp-admin/page.php (working copy) @@ -107,10 +107,14 @@ } else { if ($_POST['save']) { $location = "page.php?action=edit&post=$page_ID"; - } elseif ($_POST['updatemeta']) { - $location = wp_get_referer() . '&message=2#postcustom'; + } elseif ($_POST['addemeta']) { + $location = add_query_arg( 'message', 2, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; } elseif ($_POST['deletemeta']) { - $location = wp_get_referer() . '&message=3#postcustom'; + $location = add_query_arg( 'message', 3, wp_get_referer() ); + $location = explode('#', $location); + $location = $location[0] . '#postcustom'; } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) Index: wp-admin/edit-pages.php =================================================================== --- wp-admin/edit-pages.php (revision 6185) +++ wp-admin/edit-pages.php (working copy) @@ -2,7 +2,7 @@ require_once('admin.php'); $title = __('Pages'); $parent_file = 'edit.php'; -wp_enqueue_script( 'listman' ); +wp_enqueue_script( 'wp-lists' ); require_once('admin-header.php'); $post_stati = array( // array( adj, noun ) @@ -20,9 +20,12 @@ } ?> - +
    -

    - + Index: wp-admin/categories.php =================================================================== --- wp-admin/categories.php (revision 6185) +++ wp-admin/categories.php (working copy) @@ -99,7 +99,7 @@ - +