Make WordPress Core

Changeset 1861


Ignore:
Timestamp:
11/18/2004 07:40:36 PM (19 years ago)
Author:
saxmatt
Message:

Allow users 9+ to post as other users, minor advanced post reorg.

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-form-advanced.php

    r1812 r1861  
    2121$form_prevstatus = '<input type="hidden" name="prev_status" value="'.$post_status.'" />';
    2222
    23 $form_trackback = '<p><label for="trackback"><a href="http://wordpress.org/docs/reference/post/#trackback" title="' . __('Help on trackbacks') . '">' . __('<strong>TrackBack</strong> a <abbr title="Universal Resource Identifier">URI</abbr></a>') . '</label> ' . __('(Separate multiple <abbr title="Universal Resource Identifier">URI</abbr>s with spaces.)') . '<br />
    24 <input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $to_ping) .'" /></p>';
     23$form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $to_ping) .'" />';
     24
    2525if ('' != $pinged) {
    2626    $pings .= '<p>'. __('Already pinged:') . '</p><ul>';
     
    8484</div>
    8585</fieldset>
    86 <fieldset id="slugdiv">
    87 <legend><?php _e('Post Slug') ?></legend>
    88 <div><input name="post_name" type="text" size="17" id="post_name" value="<?php echo $post_name ?>" /></div>
    89 </fieldset>
    9086    <fieldset id="postpassworddiv">
    9187      <legend><a href="http://wordpress.org/docs/reference/post/#post_password" title="<?php _e('Help on post password') ?>"><?php _e('Post Password') ?></a></legend>
     
    119115<?php echo $form_pingback ?>
    120116<?php echo $form_prevstatus ?>
    121 <?php echo $form_trackback; ?>
     117
    122118
    123119<p class="submit"><?php echo $saveasdraft; ?> <input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="6" />
     
    133129    <input name="referredby" type="hidden" id="referredby" value="<?php echo htmlspecialchars($_SERVER['HTTP_REFERER']); ?>" />
    134130</p>
    135 <?php
    136 if ('' != $pinged) {
    137     echo $pings;
    138 }
    139 
    140 // if the level is 5+, allow user to edit the timestamp - not on 'new post' screen though
    141 // if (($user_level > 4) && ($action != "post"))
    142 if ($user_level > 4) {
    143     touch_time(($action == 'edit'));
    144 }
    145 ?>
     131
     132<?php do_action('edit_form_advanced', ''); ?>
     133</div>
     134
     135</div>
     136
     137<div class="wrap">
     138<h2><?php _e('Advanced'); ?></h2>
     139
     140<table width="100%" cellspacing="2" cellpadding="5" class="editform">
     141    <tr>
     142        <th scope="row" valign="top"><?php _e('Send trackbacks to'); ?>:</th>
     143        <td><?php echo $form_trackback; ?> <br />
     144        <?php _e('Separate multiple URIs with spaces'); ?></td>
     145    </tr>
     146    <tr valign="top">
     147        <th scope="row" width="25%"><?php _e('Post slug') ?>:</th>
     148        <td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post_name ?>" /></td>
     149    </tr>
     150<?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login, user_firstname, user_lastname FROM $wpdb->users WHERE user_level <= $user_level") ) : ?>
     151    <tr>
     152        <th scope="row"><?php _e('Post author'); ?>:</th>
     153        <td>
     154        <select name="post_author" id="post_author">
     155        <?php
     156        foreach ($users as $o) :
     157            if ( $post_author == $o->ID ) $selected = 'selected="selected"';
     158            else $selected = '';
     159            echo "<option value='$o->ID' $selected>$o->user_login ($o->user_firstname $o->user_lastname)</option>";
     160        endforeach;
     161        ?>
     162        </select>
     163        </td>
     164    </tr>
     165<?php endif; ?>
     166<?php if ($user_level > 4) : ?>
     167    <tr>
     168        <th scope="row"><?php _e('Edit time'); ?>:</th>
     169        <td><?php touch_time(($action == 'edit')); ?></td>
     170    </tr>
     171<?php endif; ?>
     172    <tr>
     173        <th scope="row"><?php _e('Delete'); ?>:</th>
     174        <td><?php if ('edit' == $action) : ?>
     175        <input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title) ) . "')\""; ?> />
     176<?php endif; ?></td>
     177    </tr>
     178</table>
     179
    146180<fieldset id="postcustom">
    147181<legend><?php _e('Custom Fields') ?></legend>
     182<div id="postcustomstuff">
    148183<?php
    149184if($metadata = has_meta($post_ID)) {
     
    156191    meta_form();
    157192?>
    158 </fieldset>
    159 <?php do_action('edit_form_advanced', ''); ?>
    160 </div>
     193</div>
     194</fieldset>
     195<?php
     196if ('' != $pinged)
     197    echo $pings;
     198?>
     199</div>
     200
    161201</form>
    162 <?php if ('edit' == $action) echo "
    163 <p><a class='delete' href='post.php?action=delete&amp;post=$post_ID' onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title)) . "')\">" .  __('Delete this post') . "</a></p>";
    164 ?>
    165 </div>
  • trunk/wp-admin/edit-page-form.php

    r1857 r1861  
    8383<fieldset id="pageoptions">
    8484     <legend><?php _e('Page Options') ?></legend>
    85    <table width="100%" cellspacing="2" cellpadding="5" class="editform">
    86      <tr valign="top">
    87      <th scope="row"><?php _e('Page Template:') ?></th>
    88    <td><div><select name="page_template">
    89      <option value='default'><?php _e('Default Template'); ?></option>
    90      <?php page_template_dropdown($page_template); ?>
    91      </select>
    92      </div>
    93      </td>
    94      </tr>
    95      </table>
     85<table width="100%" cellspacing="2" cellpadding="5" class="editform">
     86    <tr valign="top">
     87        <th scope="row" width="30%"><?php _e('Page Template:') ?></th>
     88        <td><div><select name="page_template">
     89        <option value='default'><?php _e('Default Template'); ?></option>
     90        <?php page_template_dropdown($page_template); ?>
     91        </select>
     92        </div>
     93        </td>
     94    </tr>
     95</table>
    9696</fieldset>
    9797
  • trunk/wp-admin/post.php

    r1857 r1861  
    191191    $post_name = $postdata->post_name;
    192192    $post_parent = $postdata->post_parent;
     193    $post_author = $postdata->post_author;
    193194
    194195    if ($post_status == 'static') {
     
    223224    $post_ID = $_POST['post_ID'];
    224225
    225     if (!user_can_edit_post($user_ID, $post_ID, $blog_ID)) {
     226    if (!user_can_edit_post($user_ID, $post_ID, $blog_ID))
    226227        die('You are not allowed to edit this post.');
    227     }
     228
    228229    $post_categories = $_POST['post_category'];
    229230    if (!$post_categories) $post_categories[] = 1;
     
    235236    $prev_status = $_POST['prev_status'];
    236237    $post_status = $_POST['post_status'];
     238    $post_author = (int) $_POST['post_author'];
     239    if ( !user_can_edit_user($user_ID, $post_author) )
     240        die( __('You cannot post as this user.') );
     241
    237242    $comment_status = $_POST['comment_status'];
    238243    if (empty($comment_status)) $comment_status = 'closed';
     
    314319            comment_status = '$comment_status',
    315320            ping_status = '$ping_status',
     321            post_author = '$post_author',
    316322            post_password = '$post_password',
    317323            post_name = '$post_name',
  • trunk/wp-includes/functions-post.php

    r1804 r1861  
    380380}
    381381
     382function user_can_edit_user($user_id, $other_user) {
     383    $user  = get_userdata($user_id);
     384    $other = get_userdata($other_user);
     385    if ( $user->user_level > $other->user_level || $user->user_level > 8 || $user->ID == $other->ID )
     386        return true;
     387    else
     388        return false;
     389}
     390
    382391
    383392function wp_new_comment($commentdata) {
Note: See TracChangeset for help on using the changeset viewer.