Changeset 11807 for trunk/wp-admin/edit.php
- Timestamp:
- 08/12/2009 10:57:15 AM (17 years ago)
- File:
-
- 1 edited
-
trunk/wp-admin/edit.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/edit.php
r11779 r11807 22 22 23 23 // Handle bulk actions 24 if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {24 if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) || isset($_GET['bulk_edit']) ) { 25 25 check_admin_referer('bulk-posts'); 26 26 $sendback = wp_get_referer(); 27 28 if ( strpos($sendback, 'post.php') !== false ) 29 $sendback = admin_url('post-new.php'); 30 27 31 if ( isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) { 28 $post_status = $wpdb->escape($_GET['post_status']);29 $post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_type='post' AND post_status = '$post_status'");32 $post_status = preg_replace('/[^a-z0-9_-]+/i', '', $_GET['post_status']); 33 $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_type='post' AND post_status = %s", $post_status ) ); 30 34 $doaction = 'delete'; 31 } elseif ( ($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post'])) {32 $post_ids = $_GET['post'];35 } elseif ( ($_GET['action'] != -1 || $_GET['action2'] != -1) && isset($_GET['post']) ) { 36 $post_ids = array_map( 'intval', (array) $_GET['post'] ); 33 37 $doaction = ($_GET['action'] != -1) ? $_GET['action'] : $_GET['action2']; 34 } else wp_redirect($_SERVER['HTTP_REFERER']); 35 38 } else { 39 wp_redirect( admin_url('edit.php') ); 40 } 41 36 42 switch ( $doaction ) { 37 43 case 'trash': 38 44 $trashed = 0; 39 45 foreach( (array) $post_ids as $post_id ) { 40 $post_del = & get_post($post_id); 41 42 if ( !current_user_can('delete_post', $post_id_del) ) 46 if ( !current_user_can('delete_post', $post_id) ) 43 47 wp_die( __('You are not allowed to move this post to the trash.') ); 44 48 … … 48 52 $trashed++; 49 53 } 54 $sendback = add_query_arg('trashed', $trashed, $sendback); 50 55 break; 51 56 case 'untrash': 52 57 $untrashed = 0; 53 58 foreach( (array) $post_ids as $post_id ) { 54 $post_del = & get_post($post_id); 55 56 if ( !current_user_can('delete_post', $post_id_del) ) 57 wp_die( __('You are not allowed to remove this post from the trash.') ); 59 if ( !current_user_can('delete_post', $post_id) ) 60 wp_die( __('You are not allowed to restore this post from the trash.') ); 58 61 59 62 if ( !wp_untrash_post($post_id) ) 60 wp_die( __('Error in re moving from trash...') );63 wp_die( __('Error in restoring from trash...') ); 61 64 62 65 $untrashed++; 63 66 } 67 $sendback = add_query_arg('untrashed', $untrashed, $sendback); 64 68 break; 65 69 case 'delete': 66 70 $deleted = 0; 67 foreach( (array) $post_ids as $post_id _del) {68 $post_del = & get_post($post_id _del);69 70 if ( !current_user_can('delete_post', $post_id _del) )71 foreach( (array) $post_ids as $post_id ) { 72 $post_del = & get_post($post_id); 73 74 if ( !current_user_can('delete_post', $post_id) ) 71 75 wp_die( __('You are not allowed to delete this post.') ); 72 76 73 77 if ( $post_del->post_type == 'attachment' ) { 74 if ( ! wp_delete_attachment($post_id _del) )78 if ( ! wp_delete_attachment($post_id) ) 75 79 wp_die( __('Error in deleting...') ); 76 80 } else { 77 if ( !wp_delete_post($post_id _del) )81 if ( !wp_delete_post($post_id) ) 78 82 wp_die( __('Error in deleting...') ); 79 83 } 80 84 $deleted++; 81 85 } 86 $sendback = add_query_arg('deleted', $deleted, $sendback); 82 87 break; 83 88 case 'edit': 84 if ( -1 == $_GET['_status'] ) { 85 $_GET['post_status'] = null; 86 unset($_GET['_status'], $_GET['post_status']); 87 } else { 88 $_GET['post_status'] = $_GET['_status']; 89 $done = bulk_edit_posts($_GET); 90 91 if ( is_array($done) ) { 92 $done['updated'] = count( $done['updated'] ); 93 $done['skipped'] = count( $done['skipped'] ); 94 $done['locked'] = count( $done['locked'] ); 95 $sendback = add_query_arg( $done, $sendback ); 89 96 } 90 91 $done = bulk_edit_posts($_GET);92 97 break; 93 98 } 94 99 95 $sendback = wp_get_referer(); 96 if ( strpos($sendback, 'post.php') !== false ) $sendback = admin_url('post-new.php'); 97 elseif ( strpos($sendback, 'attachments.php') !== false ) $sendback = admin_url('attachments.php'); 98 if ( isset($done) ) { 99 $done['updated'] = count( $done['updated'] ); 100 $done['skipped'] = count( $done['skipped'] ); 101 $done['locked'] = count( $done['locked'] ); 102 $sendback = add_query_arg( $done, $sendback ); 103 } 104 if ( isset($deleted) ) 105 $sendback = add_query_arg('deleted', $deleted, $sendback); 106 elseif ( isset($trashed) ) 107 $sendback = add_query_arg('trashed', $trashed, $sendback); 108 elseif ( isset($untrashed) ) 109 $sendback = add_query_arg('untrashed', $untrashed, $sendback); 100 if ( isset($_GET['action']) ) 101 $sendback = remove_query_arg( array('action', 'action2', 'cat', 'tags_input', 'post_author', 'comment_status', 'ping_status', '_status', 'post', 'bulk_edit', 'post_view', 'post_type'), $sendback ); 102 110 103 wp_redirect($sendback); 111 104 exit(); … … 180 173 <?php } ?> 181 174 182 <form id="posts-filter" action=" " method="get">175 <form id="posts-filter" action="<?php echo admin_url('edit.php'); ?>" method="get"> 183 176 184 177 <ul class="subsubsub">
Note: See TracChangeset
for help on using the changeset viewer.