Ticket #23697: 23697-5.patch
File 23697-5.patch, 4.9 KB (added by , 11 years ago) |
---|
-
wp-admin/includes/ajax-actions.php
1038 1038 function wp_ajax_autosave() { 1039 1039 define( 'DOING_AUTOSAVE', true ); 1040 1040 1041 $nonce_age =check_ajax_referer( 'autosave', 'autosavenonce' );1041 check_ajax_referer( 'autosave', 'autosavenonce' ); 1042 1042 1043 1043 $_POST['post_category'] = explode(",", $_POST['catslist']); 1044 1044 if ( $_POST['post_type'] == 'page' || empty($_POST['post_category']) ) … … 1090 1090 $id = $post->ID; 1091 1091 } 1092 1092 1093 if ( $nonce_age == 2 ) {1094 $supplemental['replace-autosavenonce'] = wp_create_nonce('autosave');1095 $supplemental['replace-getpermalinknonce'] = wp_create_nonce('getpermalink');1096 $supplemental['replace-samplepermalinknonce'] = wp_create_nonce('samplepermalink');1097 $supplemental['replace-closedpostboxesnonce'] = wp_create_nonce('closedpostboxes');1098 $supplemental['replace-_ajax_linking_nonce'] = wp_create_nonce( 'internal-linking' );1099 $supplemental['replace-_wpnonce'] = wp_create_nonce( 'update-post_' . $post->ID );1100 }1101 1102 1093 $x = new WP_Ajax_Response( array( 1103 1094 'what' => 'autosave', 1104 1095 'id' => $id, -
wp-admin/includes/misc.php
623 623 $send['new_lock'] = implode( ':', $new_lock ); 624 624 } 625 625 626 if ( ! empty( $received['post_nonce'] ) && 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) { 627 $send['update_nonces'] = array( 628 'replace-autosavenonce' => wp_create_nonce('autosave'), 629 'replace-getpermalinknonce' => wp_create_nonce('getpermalink'), 630 'replace-samplepermalinknonce' => wp_create_nonce('samplepermalink'), 631 'replace-closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 632 'replace-_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 633 'replace-_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 634 ); 635 } 636 626 637 $response['wp-refresh-post-lock'] = $send; 627 638 } 628 639 -
wp-admin/js/post.js
252 252 }; 253 253 254 254 $(document).on( 'heartbeat-send.refresh-lock', function( e, data ) { 255 var lock = $('#active_post_lock').val(), post_id = $('#post_ID').val(), send = {}; 255 var lock = $('#active_post_lock').val(), 256 post_id = $('#post_ID').val(), 257 post_nonce = $('#_wpnonce').val(), 258 send = {}; 256 259 257 260 if ( !post_id ) 258 261 return; … … 262 265 if ( lock ) 263 266 send['lock'] = lock; 264 267 268 if ( post_nonce ) 269 send['post_nonce'] = post_nonce; 270 265 271 data['wp-refresh-post-lock'] = send; 266 272 }); 267 273 … … 286 292 }); 287 293 288 294 // Save the latest changes and disable 289 autosave(); 295 if ( ! autosave() ) 296 window.onbeforeunload = null; 297 290 298 autosave = function(){}; 291 299 } 292 300 … … 301 309 } else if ( received.new_lock ) { 302 310 $('#active_post_lock').val( received.new_lock ); 303 311 } 312 313 if ( received.update_nonces ) { 314 $.each( received.update_nonces, function( selector, value ) { 315 if ( selector.match(/^replace-/) ) 316 $( '#' + selector.replace('replace-', '') ).val( value ); 317 }); 318 } 304 319 } 305 320 }); 306 321 -
wp-includes/js/autosave.js
254 254 } 255 255 256 256 autosave = function() { 257 // (bool) is rich editor enabled and active 257 var post_data = wp.autosave.getPostData(), 258 doAutoSave = post_data.autosave, 259 successCallback; 260 258 261 blockSave = true; 259 var rich = (typeof tinymce != "undefined") && tinymce.activeEditor && !tinymce.activeEditor.isHidden(),260 post_data, doAutoSave, ed, origStatus, successCallback;261 262 262 // Disable buttons until we know the save completed.263 autosave_disable_buttons();264 265 post_data = wp.autosave.getPostData();266 267 // We always send the ajax request in order to keep the post lock fresh.268 // This (bool) tells whether or not to write the post to the DB during the ajax request.269 doAutoSave = post_data.autosave;270 271 263 // No autosave while thickbox is open (media buttons) 272 264 if ( jQuery("#TB_window").css('display') == 'block' ) 273 265 doAutoSave = false; … … 281 273 autosaveLast = post_data["post_title"] + post_data["content"]; 282 274 jQuery(document).triggerHandler('wpcountwords', [ post_data["content"] ]); 283 275 } else { 284 post_data['autosave'] = 0;276 return false; 285 277 } 286 278 279 // Disable buttons until we know the save completed. 280 autosave_disable_buttons(); 281 287 282 if ( post_data["auto_draft"] == '1' ) { 288 283 successCallback = autosave_saved_new; // new post 289 284 } else { … … 297 292 url: ajaxurl, 298 293 success: successCallback 299 294 }); 295 296 return true; 300 297 } 301 298 302 299 // Autosave in localStorage