Ticket #21963: 21963.diff

wp-includes/post.php

@@ -2553 +2553 @@
                 'ping_status' => get_option('default_ping_status'), 'post_parent' => 0,
                 'menu_order' => 0, 'to_ping' =>  '', 'pinged' => '', 'post_password' => '',
                 'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0,
-                'post_content' => '', 'post_title' => '');
+                'post_content' => '', 'post_title' => '', 'context' => '');
 
         $postarr = wp_parse_args($postarr, $defaults);
 
@@ -2588 +2588 @@
         if ( empty($post_status) )
                 $post_status = 'draft';
 
+        if ( $post_type == 'attachment' && ! in_array( $post_status, array( 'inherit', 'private', 'publish' ) ) )
+                $post_status = 'inherit';
+
         if ( !empty($post_category) )
                 $post_category = array_filter($post_category); // Filter out empty terms
 
@@ -2788 +2791 @@
                 update_post_meta($post_ID, '_wp_page_template',  $page_template);
         }
 
+        if ( 'attachment' == $data['post_type'] ) {
+                if ( ! empty( $context ) )
+                        add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
+                if ( ! empty( $file ) )
+                        update_attached_file( $post_ID, $file );
+        }
+
         wp_transition_post_status($data['post_status'], $previous_status, $post);
 
         if ( $update ) {
                 do_action('edit_post', $post_ID, $post);
                 $post_after = get_post($post_ID);
                 do_action( 'post_updated', $post_ID, $post_after, $post_before);
+                if ( 'attachment' == $post_type )
+                        do_action( 'edit_attachment', $post_ID );
+        } elseif ( 'attachment' == $post_type ) {
+                do_action( 'add_attachment', $post_ID );
         }
 
         do_action('save_post', $post_ID, $post);
@@ -3706 +3720 @@
 /**
  * Insert an attachment.
  *
- * If you set the 'ID' in the $object parameter, it will mean that you are
- * updating and attempt to update the attachment. You can also set the
- * attachment name or title by setting the key 'post_name' or 'post_title'.
- *
- * You can set the dates for the attachment manually by setting the 'post_date'
- * and 'post_date_gmt' keys' values.
- *
- * By default, the comments will use the default settings for whether the
- * comments are allowed. You can close them manually or keep them open by
- * setting the value for the 'comment_status' key.
- *
- * The $object parameter can have the following:
- *     'post_status'   - Default is 'draft'. Can not be overridden, set the same as parent post.
- *     'post_type'     - Default is 'post', will be set to attachment. Can not override.
- *     'post_author'   - Default is current user ID. The ID of the user, who added the attachment.
- *     'ping_status'   - Default is the value in default ping status option. Whether the attachment
- *                       can accept pings.
- *     'post_parent'   - Default is 0. Can use $parent parameter or set this for the post it belongs
- *                       to, if any.
- *     'menu_order'    - Default is 0. The order it is displayed.
- *     'to_ping'       - Whether to ping.
- *     'pinged'        - Default is empty string.
- *     'post_password' - Default is empty string. The password to access the attachment.
- *     'guid'          - Global Unique ID for referencing the attachment.
- *     'post_content_filtered' - Attachment post content filtered.
- *     'post_excerpt'  - Attachment excerpt.
- *
  * @since 2.0.0
- * @uses $wpdb
- * @uses $user_ID
- * @uses do_action() Calls 'edit_attachment' on $post_ID if this is an update.
- * @uses do_action() Calls 'add_attachment' on $post_ID if this is not an update.
+ * @uses wp_insert_post()
  *
- * @param string|array $object Arguments to override defaults.
+ * @param array $postarr Arguments to override defaults.
  * @param string $file Optional filename.
  * @param int $parent Parent post ID.
  * @return int Attachment ID.
  */
-function wp_insert_attachment($object, $file = false, $parent = 0) {
-        global $wpdb, $user_ID;
+function wp_insert_attachment( $postarr, $file = false, $parent = 0 ) {
+        if ( $parent )
+                $postarr['post_parent'] = $parent;
 
-        $defaults = array('post_status' => 'inherit', 'post_type' => 'post', 'post_author' => $user_ID,
-                'ping_status' => get_option('default_ping_status'), 'post_parent' => 0,
-                'menu_order' => 0, 'to_ping' =>  '', 'pinged' => '', 'post_password' => '',
-                'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0, 'context' => '');
-
-        $object = wp_parse_args($object, $defaults);
-        if ( !empty($parent) )
-                $object['post_parent'] = $parent;
-
-        unset( $object[ 'filter' ] );
-
-        $object = sanitize_post($object, 'db');
-
-        // export array as variables
-        extract($object, EXTR_SKIP);
-
-        if ( empty($post_author) )
-                $post_author = $user_ID;
-
-        $post_type = 'attachment';
-
-        if ( ! in_array( $post_status, array( 'inherit', 'private' ) ) )
-                $post_status = 'inherit';
-
-        if ( !empty($post_category) )
-                $post_category = array_filter($post_category); // Filter out empty terms
-
-        // Make sure we set a valid category.
-        if ( empty($post_category) || 0 == count($post_category) || !is_array($post_category) ) {
-                $post_category = array();
-        }
-
-        // Are we updating or creating?
-        if ( !empty($ID) ) {
-                $update = true;
-                $post_ID = (int) $ID;
-        } else {
-                $update = false;
-                $post_ID = 0;
-        }
-
-        // Create a valid post name.
-        if ( empty($post_name) )
-                $post_name = sanitize_title($post_title);
-        else
-                $post_name = sanitize_title($post_name);
-
-        // expected_slashed ($post_name)
-        $post_name = wp_unique_post_slug($post_name, $post_ID, $post_status, $post_type, $post_parent);
-
-        if ( empty($post_date) )
-                $post_date = current_time('mysql');
-        if ( empty($post_date_gmt) )
-                $post_date_gmt = current_time('mysql', 1);
-
-        if ( empty($post_modified) )
-                $post_modified = $post_date;
-        if ( empty($post_modified_gmt) )
-                $post_modified_gmt = $post_date_gmt;
-
-        if ( empty($comment_status) ) {
-                if ( $update )
-                        $comment_status = 'closed';
-                else
-                        $comment_status = get_option('default_comment_status');
-        }
-        if ( empty($ping_status) )
-                $ping_status = get_option('default_ping_status');
-
-        if ( isset($to_ping) )
-                $to_ping = preg_replace('|\s+|', "\n", $to_ping);
-        else
-                $to_ping = '';
-
-        if ( isset($post_parent) )
-                $post_parent = (int) $post_parent;
-        else
-                $post_parent = 0;
-
-        if ( isset($menu_order) )
-                $menu_order = (int) $menu_order;
-        else
-                $menu_order = 0;
-
-        if ( !isset($post_password) )
-                $post_password = '';
-
-        if ( ! isset($pinged) )
-                $pinged = '';
-
-        // expected_slashed (everything!)
-        $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'guid' ) );
-        $data = stripslashes_deep( $data );
-
-        if ( $update ) {
-                $wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) );
-        } else {
-                // If there is a suggested ID, use it if not already present
-                if ( !empty($import_id) ) {
-                        $import_id = (int) $import_id;
-                        if ( ! $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE ID = %d", $import_id) ) ) {
-                                $data['ID'] = $import_id;
-                        }
-                }
-
-                $wpdb->insert( $wpdb->posts, $data );
-                $post_ID = (int) $wpdb->insert_id;
-        }
-
-        if ( empty($post_name) ) {
-                $post_name = sanitize_title($post_title, $post_ID);
-                $wpdb->update( $wpdb->posts, compact("post_name"), array( 'ID' => $post_ID ) );
-        }
-
-        if ( is_object_in_taxonomy($post_type, 'category') )
-                wp_set_post_categories( $post_ID, $post_category );
-
-        if ( isset( $tags_input ) && is_object_in_taxonomy($post_type, 'post_tag') )
-                wp_set_post_tags( $post_ID, $tags_input );
-
-        // support for all custom taxonomies
-        if ( !empty($tax_input) ) {
-                foreach ( $tax_input as $taxonomy => $tags ) {
-                        $taxonomy_obj = get_taxonomy($taxonomy);
-                        if ( is_array($tags) ) // array = hierarchical, string = non-hierarchical.
-                                $tags = array_filter($tags);
-                        if ( current_user_can($taxonomy_obj->cap->assign_terms) )
-                                wp_set_post_terms( $post_ID, $tags, $taxonomy );
-                }
-        }
-
         if ( $file )
-                update_attached_file( $post_ID, $file );
+                $postarr['file'] = $file;
 
-        clean_post_cache( $post_ID );
-
-        if ( ! empty( $context ) )
-                add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
-
-        if ( $update) {
-                do_action('edit_attachment', $post_ID);
-        } else {
-                do_action('add_attachment', $post_ID);
-        }
-
-        return $post_ID;
+        return wp_insert_post( $postarr );
 }
 
 /**

wp-admin/includes/post.php

@@ -503 +503 @@
         return 0;
 }
 
-/**
- * Creates a new post from the "Write Post" form using $_POST information.
- *
- * @since 2.1.0
- *
- * @return unknown
- */
-function wp_write_post() {
-        global $user_ID;
-
-        if ( isset($_POST['post_type']) )
-                $ptype = get_post_type_object($_POST['post_type']);
-        else
-                $ptype = get_post_type_object('post');
-
-        if ( !current_user_can( $ptype->cap->edit_posts ) ) {
-                if ( 'page' == $ptype->name )
-                        return new WP_Error( 'edit_pages', __( 'You are not allowed to create pages on this site.' ) );
-                else
-                        return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this site.' ) );
-        }
-
-        $_POST['post_mime_type'] = '';
-
-        // Clear out any data in internal vars.
-        unset( $_POST['filter'] );
-
-        // Edit don't write if we have a post id.
-        if ( isset( $_POST['post_ID'] ) )
-                return edit_post();
-
-        $translated = _wp_translate_postdata( false );
-        if ( is_wp_error($translated) )
-                return $translated;
-
-        if ( isset($_POST['visibility']) ) {
-                switch ( $_POST['visibility'] ) {
-                        case 'public' :
-                                $_POST['post_password'] = '';
-                                break;
-                        case 'password' :
-                                unset( $_POST['sticky'] );
-                                break;
-                        case 'private' :
-                                $_POST['post_status'] = 'private';
-                                $_POST['post_password'] = '';
-                                unset( $_POST['sticky'] );
-                                break;
-                }
-        }
-
-        // Create the post.
-        $post_ID = wp_insert_post( $_POST );
-        if ( is_wp_error( $post_ID ) )
-                return $post_ID;
-
-        if ( empty($post_ID) )
-                return 0;
-
-        add_meta( $post_ID );
-
-        add_post_meta( $post_ID, '_edit_last', $GLOBALS['current_user']->ID );
-
-        // Now that we have an ID we can fix any attachment anchor hrefs
-        _fix_attachment_links( $post_ID );
-
-        wp_set_post_lock( $post_ID );
-
-        return $post_ID;
-}
-
-/**
- * Calls wp_write_post() and handles the errors.
- *
- * @since 2.0.0
-
- * @uses wp_write_post()
- * @uses is_wp_error()
- * @uses wp_die()
- * @return unknown
- */
-function write_post() {
-        $result = wp_write_post();
-        if ( is_wp_error( $result ) )
-                wp_die( $result->get_error_message() );
-        else
-                return $result;
-}
-
 //
 // Post Meta
 //

wp-admin/includes/dashboard.php

@@ -461 +461 @@
         if ( 'post' === strtolower( $_SERVER['REQUEST_METHOD'] ) && isset( $_POST['action'] ) && 0 === strpos( $_POST['action'], 'post-quickpress' ) && (int) $_POST['post_ID'] ) {
                 $view = get_permalink( $_POST['post_ID'] );
                 $edit = esc_url( get_edit_post_link( $_POST['post_ID'] ) );
-                if ( 'post-quickpress-publish' == $_POST['action'] ) {
+                if ( ! empty( $_POST['publish'] ) ) {
                         if ( current_user_can('publish_posts') )
                                 printf( '<div class="updated"><p>' . __( 'Post published. <a href="%s">View post</a> | <a href="%s">Edit post</a>' ) . '</p></div>', esc_url( $view ), $edit );
                         else
@@ -527 +527 @@
                 </div>
 
                 <p class="submit">
-                        <input type="hidden" name="action" id="quickpost-action" value="post-quickpress-save" />
+                        <input type="hidden" name="action" id="quickpost-action" value="quickpost" />
                         <input type="hidden" name="post_ID" value="<?php echo $post_ID; ?>" />
                         <input type="hidden" name="post_type" value="post" />
-                        <?php wp_nonce_field('add-post'); ?>
+                        <?php wp_nonce_field( 'quick-post_' . $post_ID ); ?>
                         <?php submit_button( __( 'Save Draft' ), 'button', 'save', false, array( 'id' => 'save-post' ) ); ?>
                         <input type="reset" value="<?php esc_attr_e( 'Reset' ); ?>" class="button" />
                         <span id="publishing-action">

wp-admin/includes/deprecated.php

@@ -997 +997 @@
  *
  * @since 2.5.0
  * @deprecated 3.5.0
- * @deprecated Use get_default_post_to_edit() 
+ * @deprecated Use get_default_post_to_edit()
  *
  * @return WP_Post Post object containing all the default post data as attributes
  */
@@ -1009 +1009 @@
         return $page;
 }
 
+/**
+ * Creates a new post.
+ *
+ * @since 2.1.0
+ * @deprecated 3.5.0
+ * @deprecated Use wp_insert_post()
+ * @see wp_insert_post()
+ */
+function wp_write_post() {
+        _deprecated_function( __FUNCTION__, '3.5', 'wp_insert_post()' );
+
+        $ptype = get_post_type_object( isset( $_POST['post_type'] ) ? $_POST['post_type'] : 'post' );
+        if ( ! current_user_can( $ptype->cap->edit_posts ) )
+                return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this site.' ) );
+
+        if ( ! isset($_POST['post_ID'] ) )
+                $_POST['post_ID'] = get_default_post_to_edit( 'post', true );
+        return edit_post();
+}
+
+/**
+ * Calls wp_write_post() and handles the errors.
+ *
+ * @since 2.0.0
+ * @deprecated 3.5.0
+ * @deprecated Use wp_insert_post()
+ * @see wp_insert_post()
+ */
+function write_post() {
+        _deprecated_function( __FUNCTION__, '3.5', 'wp_insert_post()' );
+        $result = wp_write_post();
+        if ( is_wp_error( $result ) )
+                wp_die( $result->get_error_message() );
+        return $result;
+}

wp-admin/post.php

@@ -96 +96 @@
 }
 
 switch($action) {
-case 'postajaxpost':
-case 'post':
-case 'post-quickpress-publish':
-case 'post-quickpress-save':
-        check_admin_referer('add-' . $post_type);
-
-        if ( 'post-quickpress-publish' == $action )
-                $_POST['publish'] = 'publish'; // tell write_post() to publish
-
-        if ( 'post-quickpress-publish' == $action || 'post-quickpress-save' == $action ) {
-                $_POST['comment_status'] = get_option('default_comment_status');
-                $_POST['ping_status'] = get_option('default_ping_status');
-                $post_id = edit_post();
-        } else {
-                $post_id = 'postajaxpost' == $action ? edit_post() : write_post();
-        }
-
-        if ( 0 === strpos( $action, 'post-quickpress' ) ) {
-                $_POST['post_ID'] = $post_id;
-                // output the quickpress dashboard widget
-                require_once(ABSPATH . 'wp-admin/includes/dashboard.php');
-                wp_dashboard_quick_press();
-                exit;
-        }
-
-        redirect_post($post_id);
-        exit();
-        break;
-
 case 'edit':
         $editing = true;
 
@@ -184 +155 @@
 
         break;
 
-case 'editattachment':
-        check_admin_referer('update-post_' . $post_id);
+case 'quickpost':
+        check_admin_referer( 'quick-post_' . $post_id );
 
-        // Don't let these be changed
-        unset($_POST['guid']);
-        $_POST['post_type'] = 'attachment';
+        $_POST['post_ID'] = edit_post();
+        // output the quickpress dashboard widget
+        require_once(ABSPATH . 'wp-admin/includes/dashboard.php');
+        wp_dashboard_quick_press();
 
-        // Update the thumbnail filename
-        $newmeta = wp_get_attachment_metadata( $post_id, true );
-        $newmeta['thumb'] = $_POST['thumb'];
+        exit;
+        break;
 
-        wp_update_attachment_metadata( $post_id, $newmeta );
-
 case 'editpost':
         check_admin_referer('update-post_' . $post_id);
 
         $post_id = edit_post();
 
-        redirect_post($post_id); // Send user on their way while we keep working
+        redirect_post($post_id);
 
         exit();
         break;