Changeset 1861
- Timestamp:
- 11/18/2004 07:40:36 PM (19 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/edit-form-advanced.php
r1812 r1861 21 21 $form_prevstatus = '<input type="hidden" name="prev_status" value="'.$post_status.'" />'; 22 22 23 $form_trackback = '< p><label for="trackback"><a href="http://wordpress.org/docs/reference/post/#trackback" title="' . __('Help on trackbacks') . '">' . __('<strong>TrackBack</strong> a <abbr title="Universal Resource Identifier">URI</abbr></a>') . '</label> ' . __('(Separate multiple <abbr title="Universal Resource Identifier">URI</abbr>s with spaces.)') . '<br />24 <input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $to_ping) .'" /></p>'; 23 $form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $to_ping) .'" />'; 24 25 25 if ('' != $pinged) { 26 26 $pings .= '<p>'. __('Already pinged:') . '</p><ul>'; … … 84 84 </div> 85 85 </fieldset> 86 <fieldset id="slugdiv">87 <legend><?php _e('Post Slug') ?></legend>88 <div><input name="post_name" type="text" size="17" id="post_name" value="<?php echo $post_name ?>" /></div>89 </fieldset>90 86 <fieldset id="postpassworddiv"> 91 87 <legend><a href="http://wordpress.org/docs/reference/post/#post_password" title="<?php _e('Help on post password') ?>"><?php _e('Post Password') ?></a></legend> … … 119 115 <?php echo $form_pingback ?> 120 116 <?php echo $form_prevstatus ?> 121 <?php echo $form_trackback; ?> 117 122 118 123 119 <p class="submit"><?php echo $saveasdraft; ?> <input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="6" /> … … 133 129 <input name="referredby" type="hidden" id="referredby" value="<?php echo htmlspecialchars($_SERVER['HTTP_REFERER']); ?>" /> 134 130 </p> 135 <?php 136 if ('' != $pinged) { 137 echo $pings; 138 } 139 140 // if the level is 5+, allow user to edit the timestamp - not on 'new post' screen though 141 // if (($user_level > 4) && ($action != "post")) 142 if ($user_level > 4) { 143 touch_time(($action == 'edit')); 144 } 145 ?> 131 132 <?php do_action('edit_form_advanced', ''); ?> 133 </div> 134 135 </div> 136 137 <div class="wrap"> 138 <h2><?php _e('Advanced'); ?></h2> 139 140 <table width="100%" cellspacing="2" cellpadding="5" class="editform"> 141 <tr> 142 <th scope="row" valign="top"><?php _e('Send trackbacks to'); ?>:</th> 143 <td><?php echo $form_trackback; ?> <br /> 144 <?php _e('Separate multiple URIs with spaces'); ?></td> 145 </tr> 146 <tr valign="top"> 147 <th scope="row" width="25%"><?php _e('Post slug') ?>:</th> 148 <td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post_name ?>" /></td> 149 </tr> 150 <?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login, user_firstname, user_lastname FROM $wpdb->users WHERE user_level <= $user_level") ) : ?> 151 <tr> 152 <th scope="row"><?php _e('Post author'); ?>:</th> 153 <td> 154 <select name="post_author" id="post_author"> 155 <?php 156 foreach ($users as $o) : 157 if ( $post_author == $o->ID ) $selected = 'selected="selected"'; 158 else $selected = ''; 159 echo "<option value='$o->ID' $selected>$o->user_login ($o->user_firstname $o->user_lastname)</option>"; 160 endforeach; 161 ?> 162 </select> 163 </td> 164 </tr> 165 <?php endif; ?> 166 <?php if ($user_level > 4) : ?> 167 <tr> 168 <th scope="row"><?php _e('Edit time'); ?>:</th> 169 <td><?php touch_time(($action == 'edit')); ?></td> 170 </tr> 171 <?php endif; ?> 172 <tr> 173 <th scope="row"><?php _e('Delete'); ?>:</th> 174 <td><?php if ('edit' == $action) : ?> 175 <input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title) ) . "')\""; ?> /> 176 <?php endif; ?></td> 177 </tr> 178 </table> 179 146 180 <fieldset id="postcustom"> 147 181 <legend><?php _e('Custom Fields') ?></legend> 182 <div id="postcustomstuff"> 148 183 <?php 149 184 if($metadata = has_meta($post_ID)) { … … 156 191 meta_form(); 157 192 ?> 158 </fieldset> 159 <?php do_action('edit_form_advanced', ''); ?> 160 </div> 193 </div> 194 </fieldset> 195 <?php 196 if ('' != $pinged) 197 echo $pings; 198 ?> 199 </div> 200 161 201 </form> 162 <?php if ('edit' == $action) echo "163 <p><a class='delete' href='post.php?action=delete&post=$post_ID' onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title)) . "')\">" . __('Delete this post') . "</a></p>";164 ?>165 </div> -
trunk/wp-admin/edit-page-form.php
r1857 r1861 83 83 <fieldset id="pageoptions"> 84 84 <legend><?php _e('Page Options') ?></legend> 85 86 87 <th scope="row"><?php _e('Page Template:') ?></th>88 89 90 91 92 93 94 95 85 <table width="100%" cellspacing="2" cellpadding="5" class="editform"> 86 <tr valign="top"> 87 <th scope="row" width="30%"><?php _e('Page Template:') ?></th> 88 <td><div><select name="page_template"> 89 <option value='default'><?php _e('Default Template'); ?></option> 90 <?php page_template_dropdown($page_template); ?> 91 </select> 92 </div> 93 </td> 94 </tr> 95 </table> 96 96 </fieldset> 97 97 -
trunk/wp-admin/post.php
r1857 r1861 191 191 $post_name = $postdata->post_name; 192 192 $post_parent = $postdata->post_parent; 193 $post_author = $postdata->post_author; 193 194 194 195 if ($post_status == 'static') { … … 223 224 $post_ID = $_POST['post_ID']; 224 225 225 if (!user_can_edit_post($user_ID, $post_ID, $blog_ID)) {226 if (!user_can_edit_post($user_ID, $post_ID, $blog_ID)) 226 227 die('You are not allowed to edit this post.'); 227 } 228 228 229 $post_categories = $_POST['post_category']; 229 230 if (!$post_categories) $post_categories[] = 1; … … 235 236 $prev_status = $_POST['prev_status']; 236 237 $post_status = $_POST['post_status']; 238 $post_author = (int) $_POST['post_author']; 239 if ( !user_can_edit_user($user_ID, $post_author) ) 240 die( __('You cannot post as this user.') ); 241 237 242 $comment_status = $_POST['comment_status']; 238 243 if (empty($comment_status)) $comment_status = 'closed'; … … 314 319 comment_status = '$comment_status', 315 320 ping_status = '$ping_status', 321 post_author = '$post_author', 316 322 post_password = '$post_password', 317 323 post_name = '$post_name', -
trunk/wp-includes/functions-post.php
r1804 r1861 380 380 } 381 381 382 function user_can_edit_user($user_id, $other_user) { 383 $user = get_userdata($user_id); 384 $other = get_userdata($other_user); 385 if ( $user->user_level > $other->user_level || $user->user_level > 8 || $user->ID == $other->ID ) 386 return true; 387 else 388 return false; 389 } 390 382 391 383 392 function wp_new_comment($commentdata) {
Note: See TracChangeset
for help on using the changeset viewer.