WordPress.org

Make WordPress Core


Ignore:
Timestamp:
04/28/2010 02:04:30 AM (11 years ago)
Author:
nacin
Message:

Verify nav menu items. props filosofo, fixes #13154.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-ajax.php

    r14248 r14263  
    403403        die('-1');
    404404
    405     if ( 'nav_menu_item' == get_post_type( $menu_item_id ) && wp_delete_post( $menu_item_id, true ) )
     405    if ( is_nav_menu_item( $menu_item_id ) && wp_delete_post( $menu_item_id, true ) )
    406406        die('1');
    407407    else
     
    14671467    }
    14681468    die( '0' );
    1469 case 'save-custom-link':
    1470     if ( ! current_user_can('manage_links') )
    1471         die('-1');
    1472 
    1473     $link_name = isset( $_POST['link_name'] ) ? esc_html($_POST['link_name']) : null;
    1474     $link_url = isset( $_POST['link_url'] ) ? esc_url_raw($_POST['link_url']) : null;
    1475 
    1476     if ( !$link_name || !$link_url )
    1477         die('-1');
    1478 
    1479     $post = array(
    1480         'post_status' => 'draft', 'post_type' => 'nav_menu_item', 'ping_status' => 0,
    1481         'post_author' => $user_ID, 'post_title' => $link_name, 'post_excerpt' => '',
    1482         'post_parent' => 0, 'menu_order' => 0, 'post_content' => '',
    1483     );
    1484 
    1485     $link_id = wp_insert_post( $post );
    1486 
    1487     update_post_meta( $link_id, '_menu_item_type', 'custom' );
    1488     update_post_meta( $link_id, '_menu_item_object_id', (int) $link_id );
    1489     update_post_meta( $link_id, '_menu_item_object', 'custom' );
    1490     update_post_meta( $link_id, '_menu_item_target', '' );
    1491     update_post_meta( $link_id, '_menu_item_classes', '' );
    1492     update_post_meta( $link_id, '_menu_item_xfn', '' );
    1493     update_post_meta( $link_id, '_menu_item_url', $link_url );
    1494 
    1495     die( json_encode($link_id) );
     1469    break;
    14961470default :
    14971471    do_action( 'wp_ajax_' . $_POST['action'] );
Note: See TracChangeset for help on using the changeset viewer.