Changeset 15667
- Timestamp:
- 09/26/2010 10:56:36 AM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/edit.php
r15642 r15667 32 32 33 33 if ( 'delete_all' == $doaction ) { 34 $post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_type='attachment' AND post_status = 'trash'" ); 34 $post_status = preg_replace('/[^a-z0-9_-]+/i', '', $_REQUEST['post_status']); 35 if ( get_post_status_object($post_status) ) // Check the post status exists first 36 $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_type=%s AND post_status = %s", $post_type, $post_status ) ); 35 37 $doaction = 'delete'; 36 38 } elseif ( isset( $_REQUEST['media'] ) ) { … … 38 40 } elseif ( isset( $_REQUEST['ids'] ) ) { 39 41 $post_ids = explode( ',', $_REQUEST['ids'] ); 42 } elseif ( !empty( $_REQUEST['post'] ) ) { 43 $post_ids = array_map('intval', $_REQUEST['post']); 40 44 } 41 45 42 46 if ( !isset( $post_ids ) ) { 43 47 wp_redirect( admin_url("edit.php?post_type=$post_type") ); 48 exit; 44 49 } 45 50
Note: See TracChangeset
for help on using the changeset viewer.