Changeset 31654 for trunk/src/wp-admin/includes/class-wp-press-this.php
- Timestamp:
- 03/07/2015 01:16:05 AM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/class-wp-press-this.php
r31651 r31654 134 134 */ 135 135 public function save_post() { 136 if ( empty( $_POST['pressthis-nonce'] ) || ! wp_verify_nonce( $_POST['pressthis-nonce'], 'press-this' ) ) {137 wp_send_json_error( array( 'errorMessage' => __( 'Cheatin’ uh?' ) ) );138 }139 140 136 if ( empty( $_POST['post_ID'] ) || ! $post_id = (int) $_POST['post_ID'] ) { 141 137 wp_send_json_error( array( 'errorMessage' => __( 'Missing post ID.' ) ) ); 142 138 } 143 139 144 if ( ! current_user_can( 'edit_post', $post_id ) ) { 145 wp_send_json_error( array( 'errorMessage' => __( 'Cheatin’ uh?' ) ) ); 140 if ( empty( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'update-post_' . $post_id ) || 141 ! current_user_can( 'edit_post', $post_id ) ) { 142 143 wp_send_json_error( array( 'errorMessage' => __( 'Invalid post.' ) ) ); 146 144 } 147 145 148 146 $post = array( 149 147 'ID' => $post_id, 150 'post_title' => ( ! empty( $_POST[' title'] ) ) ? sanitize_text_field( trim( $_POST['title'] ) ) : '',151 'post_content' => ( ! empty( $_POST['p ressthis'] ) ) ? trim( $_POST['pressthis'] ) : '',148 'post_title' => ( ! empty( $_POST['post_title'] ) ) ? sanitize_text_field( trim( $_POST['post_title'] ) ) : '', 149 'post_content' => ( ! empty( $_POST['post_content'] ) ) ? trim( $_POST['post_content'] ) : '', 152 150 'post_type' => 'post', 153 151 'post_status' => 'draft', … … 888 886 <!--[if gt IE 8]><!--> <html <?php language_attributes(); ?>> <!--<![endif]--> 889 887 <head> 890 <meta http-equiv="Content-Type" content="<?php e sc_attr(bloginfo( 'html_type' ) ); ?>; charset=<?php echo esc_attr( get_option( 'blog_charset' ) ); ?>" />888 <meta http-equiv="Content-Type" content="<?php echo esc_attr( get_bloginfo( 'html_type' ) ); ?>; charset=<?php echo esc_attr( get_option( 'blog_charset' ) ); ?>" /> 891 889 <meta name="viewport" content="width=device-width"> 892 890 <title><?php esc_html_e( 'Press This!' ) ?></title> … … 955 953 </head> 956 954 <?php 957 $admin_body_class = 'press-this'; 958 $admin_body_class .= ( is_rtl() ) ? ' rtl' : ''; 959 $admin_body_class .= ' branch-' . str_replace( array( '.', ',' ), '-', floatval( $wp_version ) ); 960 $admin_body_class .= ' version-' . str_replace( '.', '-', preg_replace( '/^([.0-9]+).*/', '$1', $wp_version ) ); 961 $admin_body_class .= ' admin-color-' . sanitize_html_class( get_user_option( 'admin_color' ), 'fresh' ); 962 $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) ); 963 964 /** This filter is documented in wp-admin/admin-header.php */ 965 $admin_body_classes = apply_filters( 'admin_body_class', '' ); 955 956 $admin_body_class = 'press-this'; 957 $admin_body_class .= ( is_rtl() ) ? ' rtl' : ''; 958 $admin_body_class .= ' branch-' . str_replace( array( '.', ',' ), '-', floatval( $wp_version ) ); 959 $admin_body_class .= ' version-' . str_replace( '.', '-', preg_replace( '/^([.0-9]+).*/', '$1', $wp_version ) ); 960 $admin_body_class .= ' admin-color-' . sanitize_html_class( get_user_option( 'admin_color' ), 'fresh' ); 961 $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) ); 962 963 /** This filter is documented in wp-admin/admin-header.php */ 964 $admin_body_classes = apply_filters( 'admin_body_class', '' ); 965 966 966 ?> 967 967 <body class="wp-admin wp-core-ui <?php echo $admin_body_classes . ' ' . $admin_body_class; ?>"> … … 985 985 </div> 986 986 987 <form id="pressthis-form" name="pressthis-form" method="POST" autocomplete="off">987 <form id="pressthis-form" method="post" action="post.php" autocomplete="off"> 988 988 <input type="hidden" name="post_ID" id="post_ID" value="<?php echo $post_ID; ?>" /> 989 989 <input type="hidden" name="action" value="press-this-save-post" /> 990 990 <input type="hidden" name="post_status" id="post_status" value="draft" /> 991 <input type="hidden" name="wp-preview" id="wp-preview" value="" /> 992 <input type="hidden" name="post_title" id="post_title" value="" /> 991 993 <?php 992 wp_nonce_field( 'press-this', 'pressthis-nonce', false ); 994 995 wp_nonce_field( 'update-post_' . $post_ID, '_wpnonce', false ); 993 996 wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); 997 994 998 ?> 995 <input type="hidden" name="title" id="title-field" value="" />996 999 997 1000 <div class="wrapper"> … … 1017 1020 'editor_height' => 600, 1018 1021 'media_buttons' => false, 1022 'textarea_name' => 'post_content', 1019 1023 'teeny' => true, 1020 1024 'tinymce' => array( … … 1029 1033 'toolbar2' => 'undo,redo', 1030 1034 ), 1031 'quicktags' 1035 'quicktags' => false, 1032 1036 ) ); 1033 1037 … … 1052 1056 <span class="dashicons dashicons-category"></span> 1053 1057 <span class="post-option-title"><?php _e( 'Categories' ); ?></span> 1054 <span class="post-option-contents" id="post-option-category"></span>1055 1058 <span class="dashicons post-option-forward"></span> 1056 1059 </button> … … 1059 1062 <span class="dashicons dashicons-tag"></span> 1060 1063 <span class="post-option-title"><?php _e( 'Tags' ); ?></span> 1061 <span class="post-option-contents" id="post-option-tags"></span>1062 1064 <span class="dashicons post-option-forward"></span> 1063 1065 </button> … … 1103 1105 </div> 1104 1106 <div class="post-actions"> 1105 <button type="button" class="button-subtle" id="draft-field"><?php _e( 'Save Draft' ); ?></button> 1106 <button type="button" class="button-primary" id="publish-field"><?php _e( 'Publish' ); ?></button> 1107 <button type="button" class="button-subtle draft-button"><?php _e( 'Save Draft' ); ?></button> 1108 <button type="button" class="button preview-button"><?php _e( 'Preview' ); ?></button> 1109 <button type="button" class="button-primary publish-button"><?php _e( 'Publish' ); ?></button> 1107 1110 </div> 1108 1111 </div>
Note: See TracChangeset
for help on using the changeset viewer.