Changes from branches/3.0/wp-admin/admin-ajax.php at r15470 to trunk/wp-admin/admin-ajax.php at r17354

File:

• trunk/wp-admin/admin-ajax.php (modified) (30 diffs)

trunk/wp-admin/admin-ajax.php

@@ -10 +10 @@
  * Executing AJAX process.
  *
- * @since unknown
+ * @since 2.1.0
  */
 define('DOING_AJAX', true);
 define('WP_ADMIN', true);
 
-require_once('../wp-load.php');
-
 if ( ! isset( $_REQUEST['action'] ) )
     die('-1');
+
+require_once('../wp-load.php');
 
 require_once('./includes/admin.php');
@@ -51 +51 @@
 if ( isset( $_GET['action'] ) ) :
 switch ( $action = $_GET['action'] ) :
+case 'fetch-list' :
+
+    $list_class = $_GET['list_args']['class'];
+    check_ajax_referer( "fetch-list-$list_class", '_ajax_fetch_list_nonce' );
+
+    $current_screen = (object) $_GET['list_args']['screen'];
+    //TODO fix this in a better way see #15336
+    $current_screen->is_network = 'false' === $current_screen->is_network ? false : true;
+    $current_screen->is_user = 'false' === $current_screen->is_user ? false : true;
+
+    define( 'WP_NETWORK_ADMIN', $current_screen->is_network );
+    define( 'WP_USER_ADMIN', $current_screen->is_user );
+
+    $wp_list_table = _get_list_table( $list_class );
+    if ( ! $wp_list_table )
+        die( '0' );
+
+    if ( ! $wp_list_table->ajax_user_can() )
+        die( '-1' );
+
+    $wp_list_table->ajax_response();
+
+    die( '0' );
+    break;
 case 'ajax-tag-search' :
-    if ( !current_user_can( 'edit_posts' ) )
-        die('-1');
-
-    $s = $_GET['q']; // is this slashed already?
-
-    if ( isset($_GET['tax']) )
-        $taxonomy = sanitize_title($_GET['tax']);
-    else
+    if ( isset( $_GET['tax'] ) ) {
+        $taxonomy = sanitize_key( $_GET['tax'] );
+        $tax = get_taxonomy( $taxonomy );
+        if ( ! $tax )
+            die( '0' );
+        if ( ! current_user_can( $tax->cap->assign_terms ) )
+            die( '-1' );
+    } else {
         die('0');
+    }
+
+    $s = stripslashes( $_GET['q'] );
 
     if ( false !== strpos( $s, ',' ) ) {
@@ -70 +97 @@
         die; // require 2 chars for matching
 
-    $results = $wpdb->get_col( "SELECT t.name FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.name LIKE ('%" . $s . "%')" );
+    $results = $wpdb->get_col( $wpdb->prepare( "SELECT t.name FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.name LIKE (%s)", $taxonomy, '%' . like_escape( $s ) . '%' ) );
 
     echo join( $results, "\n" );
@@ -163 +190 @@
  * @return die
  */
-function _wp_ajax_delete_comment_response( $comment_id ) {
+function _wp_ajax_delete_comment_response( $comment_id, $delta = -1 ) {
     $total = (int) @$_POST['_total'];
     $per_page = (int) @$_POST['_per_page'];
@@ -172 +199 @@
         die( (string) time() );
 
-    if ( --$total < 0 ) // Take the total from POST and decrement it (since we just deleted one)
+    $total += $delta;
+    if ( $total < 0 )
         $total = 0;
 
-    if ( 0 != $total % $per_page && 1 != mt_rand( 1, $per_page ) ) // Only do the expensive stuff on a page-break, and about 1 other time per page
-        die( (string) time() );
-
-    $post_id = 0;
-    $status = 'total_comments'; // What type of comment count are we looking for?
-    $parsed = parse_url( $url );
-    if ( isset( $parsed['query'] ) ) {
-        parse_str( $parsed['query'], $query_vars );
-        if ( !empty( $query_vars['comment_status'] ) )
-            $status = $query_vars['comment_status'];
-        if ( !empty( $query_vars['p'] ) )
-            $post_id = (int) $query_vars['p'];
-    }
-
-    $comment_count = wp_count_comments($post_id);
+    // Only do the expensive stuff on a page-break, and about 1 other time per page
+    if ( 0 == $total % $per_page || 1 == mt_rand( 1, $per_page ) ) {
+        $post_id = 0;
+        $status = 'total_comments'; // What type of comment count are we looking for?
+        $parsed = parse_url( $url );
+        if ( isset( $parsed['query'] ) ) {
+            parse_str( $parsed['query'], $query_vars );
+            if ( !empty( $query_vars['comment_status'] ) )
+                $status = $query_vars['comment_status'];
+            if ( !empty( $query_vars['p'] ) )
+                $post_id = (int) $query_vars['p'];
+        }
+
+        $comment_count = wp_count_comments($post_id);
+
+        if ( isset( $comment_count->$status ) ) // We're looking for a known type of comment count
+            $total = $comment_count->$status;
+            // else use the decremented value from above
+    }
+
     $time = time(); // The time since the last comment count
 
-    if ( isset( $comment_count->$status ) ) // We're looking for a known type of comment count
-        $total = $comment_count->$status;
-    // else use the decremented value from above
-
-    $page_links = paginate_links( array(
-        'base' => add_query_arg( 'apage', '%#%', $url ),
-        'format' => '',
-        'prev_text' => __('&laquo;'),
-        'next_text' => __('&raquo;'),
-        'total' => ceil($total / $per_page),
-        'current' => $page
-    ) );
     $x = new WP_Ajax_Response( array(
         'what' => 'comment',
         'id' => $comment_id, // here for completeness - not used
         'supplemental' => array(
-            'pageLinks' => $page_links,
+            'total_items_i18n' => sprintf( _n( '1 item', '%s items', $total ), number_format_i18n( $total ) ),
+            'total_pages' => ceil( $total / $per_page ),
+            'total_pages_i18n' => number_format_i18n( ceil( $total / $per_page ) ),
             'total' => $total,
             'time' => $time
@@ -305 +328 @@
     $status = wp_get_comment_status( $comment->comment_ID );
 
+    $delta = -1;
     if ( isset($_POST['trash']) && 1 == $_POST['trash'] ) {
         if ( 'trash' == $status )
@@ -313 +337 @@
             die( (string) time() );
         $r = wp_untrash_comment( $comment->comment_ID );
+        if ( ! isset( $_POST['comment_status'] ) || $_POST['comment_status'] != 'trash' ) // undo trash, not in trash
+            $delta = 1;
     } elseif ( isset($_POST['spam']) && 1 == $_POST['spam'] ) {
         if ( 'spam' == $status )
@@ -321 +347 @@
             die( (string) time() );
         $r = wp_unspam_comment( $comment->comment_ID );
+        if ( ! isset( $_POST['comment_status'] ) || $_POST['comment_status'] != 'spam' ) // undo spam, not in spam
+            $delta = 1;
     } elseif ( isset($_POST['delete']) && 1 == $_POST['delete'] ) {
         $r = wp_delete_comment( $comment->comment_ID );
@@ -328 +356 @@
 
     if ( $r ) // Decide if we need to send back '1' or a more complicated response including page links and comment counts
-        _wp_ajax_delete_comment_response( $comment->comment_ID );
+        _wp_ajax_delete_comment_response( $comment->comment_ID, $delta );
     die( '0' );
     break;
@@ -349 +377 @@
     else
         die('0');
-    break;
-case 'delete-link-cat' :
-    check_ajax_referer( "delete-link-category_$id" );
-    if ( !current_user_can( 'manage_categories' ) )
-        die('-1');
-
-    $cat = get_term( $id, 'link_category' );
-    if ( !$cat || is_wp_error( $cat ) )
-        die('1');
-
-    $cat_name = get_term_field('name', $id, 'link_category');
-
-    $default = get_option('default_link_category');
-
-    // Don't delete the default cats.
-    if ( $id == $default ) {
-        $x = new WP_AJAX_Response( array(
-            'what' => 'link-cat',
-            'id' => $id,
-            'data' => new WP_Error( 'default-link-cat', sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name) )
-        ) );
-        $x->send();
-    }
-
-    $r = wp_delete_term($id, 'link_category', array('default' => $default));
-    if ( !$r )
-        die('0');
-    if ( is_wp_error($r) ) {
-        $x = new WP_AJAX_Response( array(
-            'what' => 'link-cat',
-            'id' => $id,
-            'data' => $r
-        ) );
-        $x->send();
-    }
-    die('1');
     break;
 case 'delete-link' :
@@ -516 +508 @@
     $x->send();
     break;
-case 'add-link-cat' : // From Blogroll -> Categories
-    check_ajax_referer( 'add-link-category' );
-    if ( !current_user_can( 'manage_categories' ) )
-        die('-1');
-
-    if ( '' === trim($_POST['name']) ) {
-        $x = new WP_Ajax_Response( array(
-            'what' => 'link-cat',
-            'id' => new WP_Error( 'name', __('You did not enter a category name.') )
-        ) );
-        $x->send();
-    }
-
-    $r = wp_insert_term($_POST['name'], 'link_category', $_POST );
-    if ( is_wp_error( $r ) ) {
-        $x = new WP_AJAX_Response( array(
-            'what' => 'link-cat',
-            'id' => $r
-        ) );
-        $x->send();
-    }
-
-    extract($r, EXTR_SKIP);
-
-    if ( !$link_cat = link_cat_row( $term_id ) )
-        die('0');
-
-    $x = new WP_Ajax_Response( array(
-        'what' => 'link-cat',
-        'id' => $term_id,
-        'position' => -1,
-        'data' => $link_cat
-    ) );
-    $x->send();
-    break;
-case 'add-tag' : // From Manage->Tags
+case 'add-tag' :
     check_ajax_referer( 'add-tag' );
     $post_type = !empty($_POST['post_type']) ? $_POST['post_type'] : 'post';
@@ -557 +514 @@
     $tax = get_taxonomy($taxonomy);
 
+    if ( !current_user_can( $tax->cap->edit_terms ) )
+        die('-1');
+
     $x = new WP_Ajax_Response();
 
-    if ( !current_user_can( $tax->cap->edit_terms ) )
-        die('-1');
-
     $tag = wp_insert_term($_POST['tag-name'], $taxonomy, $_POST );
 
     if ( !$tag || is_wp_error($tag) || (!$tag = get_term( $tag['term_id'], $taxonomy )) ) {
-        $message = __('An error has occured. Please reload the page and try again.');
+        $message = __('An error has occurred. Please reload the page and try again.');
         if ( is_wp_error($tag) && $tag->get_error_message() )
             $message = $tag->get_error_message();
@@ -576 +533 @@
     }
 
-    if ( isset($_POST['screen']) )
-        set_current_screen($_POST['screen']);
+    set_current_screen( $_POST['screen'] );
+
+    $wp_list_table = _get_list_table('WP_Terms_List_Table');
 
     $level = 0;
-    $tag_full_name = false;
-    $tag_full_name = $tag->name;
     if ( is_taxonomy_hierarchical($taxonomy) ) {
-        $_tag = $tag;
-        while ( $_tag->parent  ) {
-            $_tag = get_term( $_tag->parent, $taxonomy );
-            $tag_full_name = $_tag->name . ' &#8212; ' . $tag_full_name;
-            $level++;
-        }
-        $noparents = _tag_row( $tag, $level, $taxonomy );
-    }
-    $tag->name = $tag_full_name;
-    $parents = _tag_row( $tag, 0, $taxonomy);
+        $level = count( get_ancestors( $tag->term_id, $taxonomy ) );
+        ob_start();
+        $wp_list_table->single_row( $tag, $level );
+        $noparents = ob_get_clean();
+    }
+
+    ob_start();
+    $wp_list_table->single_row( $tag );
+    $parents = ob_get_clean();
 
     $x->add( array(
@@ -601 +556 @@
         'what' => 'term',
         'position' => $level,
-        'supplemental' => get_term( $tag->term_id, $taxonomy, ARRAY_A ) //Refetch as $tag has been contaminated by the full name.
+        'supplemental' => (array) $tag
         ) );
     $x->send();
     break;
 case 'get-tagcloud' :
-    if ( !current_user_can( 'edit_posts' ) )
-        die('-1');
-
-    if ( isset($_POST['tax']) )
-        $taxonomy = sanitize_title($_POST['tax']);
-    else
+    if ( isset( $_POST['tax'] ) ) {
+        $taxonomy = sanitize_key( $_POST['tax'] );
+        $tax = get_taxonomy( $taxonomy );
+        if ( ! $tax )
+            die( '0' );
+        if ( ! current_user_can( $tax->cap->assign_terms ) )
+            die( '-1' );
+    } else {
         die('0');
+    }
 
     $tags = get_terms( $taxonomy, array( 'number' => 45, 'orderby' => 'count', 'order' => 'DESC' ) );
 
-    if ( empty( $tags ) ) {
-        $tax = get_taxonomy( $taxonomy );
+    if ( empty( $tags ) )
         die( isset( $tax->no_tagcloud ) ? $tax->no_tagcloud : __('No tags found!') );
-    }
-
-    if ( is_wp_error($tags) )
-        die($tags->get_error_message());
+
+    if ( is_wp_error( $tags ) )
+        die( $tags->get_error_message() );
 
     foreach ( $tags as $key => $tag ) {
@@ -639 +595 @@
     exit;
     break;
-case 'add-comment' :
+case 'get-comments' :
     check_ajax_referer( $action );
-    if ( !current_user_can( 'edit_posts' ) )
-        die('-1');
-    $search = isset($_POST['s']) ? $_POST['s'] : false;
-    $status = isset($_POST['comment_status']) ? $_POST['comment_status'] : 'all';
-    $per_page = isset($_POST['per_page']) ?  (int) $_POST['per_page'] + 8 : 28;
-    $start = isset($_POST['page']) ? ( intval($_POST['page']) * $per_page ) -1 : $per_page - 1;
-    if ( 1 > $start )
-        $start = 27;
-
-    $mode = isset($_POST['mode']) ? $_POST['mode'] : 'detail';
-    $p = isset($_POST['p']) ? $_POST['p'] : 0;
-    $comment_type = isset($_POST['comment_type']) ? $_POST['comment_type'] : '';
-    list($comments, $total) = _wp_get_comment_list( $status, $search, $start, 1, $p, $comment_type );
-
-    if ( get_option('show_avatars') )
-        add_filter( 'comment_author', 'floated_admin_avatar' );
-
-    if ( !$comments )
+
+    set_current_screen( 'edit-comments' );
+
+    $wp_list_table = _get_list_table('WP_Post_Comments_List_Table');
+
+    if ( !current_user_can( 'edit_post', $post_id ) )
+        die('-1');
+
+    $wp_list_table->prepare_items();
+
+    if ( !$wp_list_table->has_items() )
         die('1');
+
+    $comment_list_item = '';
     $x = new WP_Ajax_Response();
-    foreach ( (array) $comments as $comment ) {
+    foreach ( $wp_list_table->items as $comment ) {
         get_comment( $comment );
         ob_start();
-            _wp_comment_row( $comment->comment_ID, $mode, $status, true, true );
-            $comment_list_item = ob_get_contents();
-        ob_end_clean();
-        $x->add( array(
-            'what' => 'comment',
-            'id' => $comment->comment_ID,
-            'data' => $comment_list_item
-        ) );
-    }
-    $x->send();
-    break;
-case 'get-comments' :
-    check_ajax_referer( $action );
-
-    $post_ID = (int) $_POST['post_ID'];
-    if ( !current_user_can( 'edit_post', $post_ID ) )
-        die('-1');
-
-    $start = isset($_POST['start']) ? intval($_POST['start']) : 0;
-    $num = isset($_POST['num']) ? intval($_POST['num']) : 10;
-
-    list($comments, $total) = _wp_get_comment_list( false, false, $start, $num, $post_ID );
-
-    if ( !$comments )
-        die('1');
-
-    $comment_list_item = '';
-    $x = new WP_Ajax_Response();
-    foreach ( (array) $comments as $comment ) {
-        get_comment( $comment );
-        ob_start();
-            _wp_comment_row( $comment->comment_ID, 'single', false, false );
+            $wp_list_table->single_row( $comment );
             $comment_list_item .= ob_get_contents();
         ob_end_clean();
@@ -707 +627 @@
 case 'replyto-comment' :
     check_ajax_referer( $action, '_ajax_nonce-replyto-comment' );
+
+    set_current_screen( 'edit-comments' );
 
     $comment_post_ID = (int) $_POST['comment_post_ID'];
@@ -745 +667 @@
     if ( ! $comment ) die('1');
 
-    $modes = array( 'single', 'detail', 'dashboard' );
-    $mode = isset($_POST['mode']) && in_array( $_POST['mode'], $modes ) ? $_POST['mode'] : 'detail';
     $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1';
-    $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0;
-
-    if ( get_option('show_avatars') && 'single' != $mode )
-        add_filter( 'comment_author', 'floated_admin_avatar' );
 
     $x = new WP_Ajax_Response();
 
     ob_start();
-        if ( 'dashboard' == $mode ) {
+        if ( 'dashboard' == $_REQUEST['mode'] ) {
             require_once( ABSPATH . 'wp-admin/includes/dashboard.php' );
-            _wp_dashboard_recent_comments_row( $comment, false );
+            _wp_dashboard_recent_comments_row( $comment );
         } else {
-            _wp_comment_row( $comment->comment_ID, $mode, false, $checkbox );
+            if ( 'single' == $_REQUEST['mode'] ) {
+                $wp_list_table = _get_list_table('WP_Post_Comments_List_Table');
+            } else {
+                $wp_list_table = _get_list_table('WP_Comments_List_Table');
+            }
+            $wp_list_table->single_row( $comment );
         }
         $comment_list_item = ob_get_contents();
@@ -777 +698 @@
     check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' );
 
+    set_current_screen( 'edit-comments' );
+
     $comment_post_ID = (int) $_POST['comment_post_ID'];
     if ( ! current_user_can( 'edit_post', $comment_post_ID ) )
@@ -788 +711 @@
     edit_comment();
 
-    $mode = ( isset($_POST['mode']) && 'single' == $_POST['mode'] ) ? 'single' : 'detail';
     $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1';
+    $comments_status = isset($_POST['comments_listing']) ? $_POST['comments_listing'] : '';
+
     $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0;
-    $comments_listing = isset($_POST['comments_listing']) ? $_POST['comments_listing'] : '';
-
-    if ( get_option('show_avatars') && 'single' != $mode )
-        add_filter( 'comment_author', 'floated_admin_avatar' );
-
-    $x = new WP_Ajax_Response();
+    $wp_list_table = _get_list_table( $checkbox ? 'WP_Comments_List_Table' : 'WP_Post_Comments_List_Table' );
 
     ob_start();
-        _wp_comment_row( $comment_id, $mode, $comments_listing, $checkbox );
+        $wp_list_table->single_row( get_comment( $comment_id ) );
         $comment_list_item = ob_get_contents();
     ob_end_clean();
+
+    $x = new WP_Ajax_Response();
 
     $x->add( array(
@@ -820 +741 @@
     require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
 
-    $item_ids = wp_save_nav_menu_items( 0, $_POST['menu-item'] );
+    // For performance reasons, we omit some object properties from the checklist.
+    // The following is a hacky way to restore them when adding non-custom items.
+
+    $menu_items_data = array();
+    foreach ( (array) $_POST['menu-item'] as $menu_item_data ) {
+        if (
+            ! empty( $menu_item_data['menu-item-type'] ) &&
+            'custom' != $menu_item_data['menu-item-type'] &&
+            ! empty( $menu_item_data['menu-item-object-id'] )
+        ) {
+            switch( $menu_item_data['menu-item-type'] ) {
+                case 'post_type' :
+                    $_object = get_post( $menu_item_data['menu-item-object-id'] );
+                break;
+
+                case 'taxonomy' :
+                    $_object = get_term( $menu_item_data['menu-item-object-id'], $menu_item_data['menu-item-object'] );
+                break;
+            }
+
+            $_menu_items = array_map( 'wp_setup_nav_menu_item', array( $_object ) );
+            $_menu_item = array_shift( $_menu_items );
+
+            // Restore the missing menu item properties
+            $menu_item_data['menu-item-description'] = $_menu_item->description;
+        }
+
+        $menu_items_data[] = $menu_item_data;
+    }
+
+    $item_ids = wp_save_nav_menu_items( 0, $menu_items_data );
     if ( is_wp_error( $item_ids ) )
         die('-1');
@@ -930 +881 @@
     if ( !current_user_can('create_users') )
         die('-1');
-    require_once(ABSPATH . WPINC . '/registration.php');
     if ( !$user_id = add_user() )
         die('0');
@@ -942 +892 @@
     $user_object = new WP_User( $user_id );
 
+    $wp_list_table = _get_list_table('WP_Users_List_Table');
+
     $x = new WP_Ajax_Response( array(
         'what' => 'user',
         'id' => $user_id,
-        'data' => user_row( $user_object, '', $user_object->roles[0] ),
+        'data' => $wp_list_table->single_row( $user_object, '', $user_object->roles[0] ),
         'supplemental' => array(
             'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login),
@@ -1136 +1088 @@
 
     _wp_ajax_menu_quick_search( $_REQUEST );
+
+    exit;
+    break;
+case 'wp-link-ajax':
+    require_once ABSPATH . 'wp-admin/includes/internal-linking.php';
+
+    check_ajax_referer( 'internal-linking', '_ajax_linking_nonce' );
+
+    $args = array();
+
+    if ( isset( $_POST['search'] ) )
+        $args['s'] = stripslashes( $_POST['search'] );
+    $args['pagenum'] = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1;
+
+    $results = wp_link_query( $args );
+
+    if ( ! isset( $results ) )
+        die( '0' );
+
+    echo json_encode( $results );
+    echo "\n";
 
     exit;
@@ -1194 +1167 @@
     }
 
-    if ( isset($_POST['screen']) )
-        set_current_screen($_POST['screen']);
+    set_current_screen( $_POST['screen'] );
 
     if ( $last = wp_check_post_lock( $post_ID ) ) {
@@ -1232 +1204 @@
     edit_post();
 
-    if ( in_array( $_POST['post_type'], get_post_types( array( 'show_ui' => true ) ) ) ) {
-        $post = array();
-        $post[] = get_post($_POST['post_ID']);
-        if ( is_post_type_hierarchical( $_POST['post_type'] ) ) {
-            page_rows( $post );
-        } else {
-            $mode = $_POST['post_view'];
-            post_rows( $post );
-        }
-    }
+    $wp_list_table = _get_list_table('WP_Posts_List_Table');
+
+    $mode = $_POST['post_view'];
+    $wp_list_table->display_rows( array( get_post( $_POST['post_ID'] ) ) );
 
     exit;
@@ -1248 +1214 @@
     check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
 
-    $taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : false;
-    if ( ! $taxonomy )
-        die( __('Cheatin&#8217; uh?') );
-    $tax = get_taxonomy($taxonomy);
+    $taxonomy = sanitize_key( $_POST['taxonomy'] );
+    $tax = get_taxonomy( $taxonomy );
+    if ( ! $tax )
+        die( '0' );
 
     if ( ! current_user_can( $tax->cap->edit_terms ) )
-        die( __('Cheatin&#8217; uh?') );
+        die( '-1' );
+
+    set_current_screen( 'edit-' . $taxonomy );
+
+    $wp_list_table = _get_list_table('WP_Terms_List_Table');
 
     if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
         die(-1);
 
-    switch ($_POST['tax_type']) {
-        case 'link-cat' :
-            $updated = wp_update_term($id, 'link_category', $_POST);
-
-            if ( $updated && !is_wp_error($updated) )
-                echo link_cat_row($updated['term_id']);
-            else
-                die( __('Category not updated.') );
-
-            break;
-        case 'tag' :
-            $taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
-
-            $tag = get_term( $id, $taxonomy );
-            $_POST['description'] = $tag->description;
-
-            $updated = wp_update_term($id, $taxonomy, $_POST);
-            if ( $updated && !is_wp_error($updated) ) {
-                $tag = get_term( $updated['term_id'], $taxonomy );
-                if ( !$tag || is_wp_error( $tag ) ) {
-                    if ( is_wp_error($tag) && $tag->get_error_message() )
-                        die( $tag->get_error_message() );
-                    die( __('Item not updated.') );
-                }
-
-                set_current_screen( 'edit-' . $taxonomy );
-
-                echo _tag_row($tag, 0, $taxonomy);
-            } else {
-                if ( is_wp_error($updated) && $updated->get_error_message() )
-                    die( $updated->get_error_message() );
-                die( __('Item not updated.') );
-            }
-
-            break;
+    $tag = get_term( $id, $taxonomy );
+    $_POST['description'] = $tag->description;
+
+    $updated = wp_update_term($id, $taxonomy, $_POST);
+    if ( $updated && !is_wp_error($updated) ) {
+        $tag = get_term( $updated['term_id'], $taxonomy );
+        if ( !$tag || is_wp_error( $tag ) ) {
+            if ( is_wp_error($tag) && $tag->get_error_message() )
+                die( $tag->get_error_message() );
+            die( __('Item not updated.') );
+        }
+
+        echo $wp_list_table->single_row( $tag );
+    } else {
+        if ( is_wp_error($updated) && $updated->get_error_message() )
+            die( $updated->get_error_message() );
+        die( __('Item not updated.') );
     }
 
@@ -1315 +1267 @@
     $searchand = $search = '';
     foreach ( (array) $search_terms as $term ) {
-        $term = addslashes_gpc($term);
+        $term = esc_sql( like_escape( $term ) );
         $search .= "{$searchand}(($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%'))";
         $searchand = ' AND ';
     }
-    $term = $wpdb->escape($s);
+    $term = esc_sql( like_escape( $s ) );
     if ( count($search_terms) > 1 && $search_terms[0] != $s )
         $search .= " OR ($wpdb->posts.post_title LIKE '%{$term}%') OR ($wpdb->posts.post_content LIKE '%{$term}%')";
@@ -1369 +1321 @@
 
     break;
-case 'lj-importer' :
-    check_ajax_referer( 'lj-api-import' );
-    if ( !current_user_can( 'publish_posts' ) )
-        die('-1');
-    if ( empty( $_POST['step'] ) )
-        die( '-1' );
-    define('WP_IMPORTING', true);
-    include( ABSPATH . 'wp-admin/import/livejournal.php' );
-    $result = $lj_api_import->{ 'step' . ( (int) $_POST['step'] ) }();
-    if ( is_wp_error( $result ) )
-        echo $result->get_error_message();
-    die;
-    break;
 case 'widgets-order' :
     check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
@@ -1429 +1368 @@
     $multi_number = !empty($_POST['multi_number']) ? (int) $_POST['multi_number'] : 0;
     $settings = isset($_POST['widget-' . $id_base]) && is_array($_POST['widget-' . $id_base]) ? $_POST['widget-' . $id_base] : false;
-    $error = '<p>' . __('An error has occured. Please reload the page and try again.') . '</p>';
+    $error = '<p>' . __('An error has occurred. Please reload the page and try again.') . '</p>';
 
     $sidebars = wp_get_sidebars_widgets();
@@ -1519 +1458 @@
     }
 
-    if ( $thumbnail_id && get_post( $thumbnail_id ) ) {
-        $thumbnail_html = wp_get_attachment_image( $thumbnail_id, 'thumbnail' );
-        if ( !empty( $thumbnail_html ) ) {
-            update_post_meta( $post_ID, '_thumbnail_id', $thumbnail_id );
-            die( _wp_post_thumbnail_html( $thumbnail_id ) );
-        }
-    }
+    if ( set_post_thumbnail( $post_ID, $thumbnail_id ) )
+        die( _wp_post_thumbnail_html( $thumbnail_id ) );
     die( '0' );
+    break;
+case 'date_format' :
+    die( date_i18n( sanitize_option( 'date_format', $_POST['date'] ) ) );
+    break;
+case 'time_format' :
+    die( date_i18n( sanitize_option( 'time_format', $_POST['date'] ) ) );
     break;
 default :