Context Navigation

Reverse Diff

admin-functions.php [4418:3501]

File:

: 1 edited

trunk/wp-admin/admin-functions.php (modified) (64 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/wp-admin/admin-functions.php

-                      r4418
+                      r3501
 <?php
+// Creates a new post from the "Write Post" form using $_POST information.
 function write_post() {
-    $result = wp_write_post();
-    if( is_wp_error($result) )
-        wp_die( $result->get_error_message() );
-    else
-        return $result;
+}
-// Creates a new post from the "Write Post" form using $_POST information.
-function wp_write_post() {
     global $user_ID;
+    if ( 'page' == $_POST['post_type'] ) {
+        if ( !current_user_can('edit_pages') )
+            return new WP_Error('edit_pages', __('You are not allowed to create pages on this blog.'));
+    } else {
+        if ( !current_user_can('edit_posts') )
+            return new WP_Error('edit_posts', __('You are not allowed to create posts or drafts on this blog.'));
+    }
+    if (!current_user_can('edit_posts'))
+        die(__('You are not allowed to create posts or drafts on this blog.'));
     // Rename.
 …
     if (!empty ($_POST['post_author_override'])) {
         $_POST['post_author'] = (int) $_POST['post_author_override'];
     } else {
+    } else
         if (!empty ($_POST['post_author'])) {
             $_POST['post_author'] = (int) $_POST['post_author'];
 …
+        }
+    }
+    if ($_POST['post_author'] != $_POST['user_ID']) {
+        if ( 'page' == $_POST['post_type'] ) {
+            if ( !current_user_can('edit_others_pages') )
+                return new WP_Error('edit_others_pages', __('You cannot create pages as this user.'));
+        } else {
+            if ( !current_user_can('edit_others_posts') )
+                return new WP_Error('edit_others_posts', __('You cannot post as this user.'));
+        }
+    }
+    if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
+        die(__('You cannot post as this user.'));
     // What to do based on which button they pressed
 …
     if ('' != $_POST['advanced'])
         $_POST['post_status'] = 'draft';
+    if ( 'page' == $_POST['post_type'] ) {
+        if ('publish' == $_POST['post_status'] && !current_user_can('publish_pages'))
+            $_POST['post_status'] = 'draft';
+    } else {
+        if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
+            $_POST['post_status'] = 'draft';
+    }
+    if (!isset ($_POST['comment_status']))
+        $_POST['comment_status'] = 'closed';
+    if (!isset ($_POST['ping_status']))
+        $_POST['ping_status'] = 'closed';
+    if (!empty ($_POST['edit_date'])) {
+        $aa = $_POST['aa'];
+        $mm = $_POST['mm'];
+        $jj = $_POST['jj'];
+        $hh = $_POST['hh'];
+        $mn = $_POST['mn'];
+        $ss = $_POST['ss'];
+        $jj = ($jj > 31) ? 31 : $jj;
+        $hh = ($hh > 23) ? $hh -24 : $hh;
+        $mn = ($mn > 59) ? $mn -60 : $mn;
+        $ss = ($ss > 59) ? $ss -60 : $ss;
+        $_POST['post_date'] = sprintf("%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss);
+        $_POST['post_date_gmt'] = get_gmt_from_date($_POST['post_date']);
+    }
+    // Create the post.
+    $post_ID = wp_insert_post($_POST);
+    add_meta($post_ID);
+    // Reunite any orphaned attachments with their parent
+    if ( $_POST['temp_ID'] )
+        relocate_children($_POST['temp_ID'], $post_ID);
+    // Now that we have an ID we can fix any attachment anchor hrefs
+    fix_attachment_links($post_ID);
+    return $post_ID;
+}
+// Move child posts to a new parent
+function relocate_children($old_ID, $new_ID) {
+    global $wpdb;
+    $old_ID = (int) $old_ID;
+    $new_ID = (int) $new_ID;
+    return $wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
+}
+// Replace hrefs of attachment anchors with up-to-date permalinks.
+function fix_attachment_links($post_ID) {
+    global $wp_rewrite;
+    $post = & get_post($post_ID, ARRAY_A);
+    $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
+    // See if we have any rel="attachment" links
+    if ( 0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER) )
+        return;
+    $i = 0;
+    $search = "#[\s]+rel=(\"|')(.*?)wp-att-(\d+)\\1#i";
+    foreach ( $anchor_matches[0] as $anchor ) {
+        if ( 0 == preg_match($search, $anchor, $id_matches) )
+            continue;
+        $id = $id_matches[3];
+        // While we have the attachment ID, let's adopt any orphans.
+        $attachment = & get_post($id, ARRAY_A);
+        if ( ! empty($attachment) && ! is_object(get_post($attachment['post_parent'])) ) {
+            $attachment['post_parent'] = $post_ID;
+            // Escape data pulled from DB.
+            $attachment = add_magic_quotes($attachment);
+            wp_update_post($attachment);
+        }
+        $post_search[$i] = $anchor;
+        $post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link($id).stripslashes('\\1')", $anchor);
+        ++$i;
+    }
+    $post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
+    // Escape data pulled from DB.
+    $post = add_magic_quotes($post);
+    return wp_update_post($post);
+}
+// Update an existing post with values provided in $_POST.
+function edit_post() {
+    global $user_ID;
+    $post_ID = (int) $_POST['post_ID'];
+    if ( 'page' == $_POST['post_type'] ) {
+        if ( !current_user_can('edit_page', $post_ID) )
+            wp_die(__('You are not allowed to edit this page.'));
+    } else {
+        if ( !current_user_can('edit_post', $post_ID) )
+            wp_die(__('You are not allowed to edit this post.'));
+    }
+    // Rename.
+    $_POST['ID'] = (int) $_POST['post_ID'];
+    $_POST['post_content'] = $_POST['content'];
+    $_POST['post_excerpt'] = $_POST['excerpt'];
+    $_POST['post_parent'] = $_POST['parent_id'];
+    $_POST['to_ping'] = $_POST['trackback_url'];
+    if (!empty ($_POST['post_author_override'])) {
+        $_POST['post_author'] = (int) $_POST['post_author_override'];
+    } else
+        if (!empty ($_POST['post_author'])) {
+            $_POST['post_author'] = (int) $_POST['post_author'];
+        } else {
+            $_POST['post_author'] = (int) $_POST['user_ID'];
+        }
+    if ($_POST['post_author'] != $_POST['user_ID']) {
+        if ( 'page' == $_POST['post_type'] ) {
+            if ( !current_user_can('edit_others_pages') )
+                wp_die(__('You cannot edit pages as this user.'));
+        } else {
+            if ( !current_user_can('edit_others_posts') )
+                wp_die(__('You cannot edit posts as this user.'));
+        }
+    }
+    // What to do based on which button they pressed
+    if ('' != $_POST['saveasdraft'])
+    if ('' != $_POST['savepage'])
+        $_POST['post_status'] = 'static';
+    if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
         $_POST['post_status'] = 'draft';
+    if ('' != $_POST['saveasprivate'])
+        $_POST['post_status'] = 'private';
+    if ('' != $_POST['publish'])
+        $_POST['post_status'] = 'publish';
+    if ('' != $_POST['advanced'])
+        $_POST['post_status'] = 'draft';
+    if ( 'page' == $_POST['post_type'] ) {
+        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_pages'))
+            $_POST['post_status'] = 'draft';
+    } else {
+        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_posts'))
+            $_POST['post_status'] = 'draft';
+    }
+    if (!isset ($_POST['comment_status']))
+        $_POST['comment_status'] = 'closed';
+    if (!isset ($_POST['ping_status']))
+        $_POST['ping_status'] = 'closed';
+    if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
+        die(__('This user cannot edit pages.'));
     if (!empty ($_POST['edit_date'])) {
 …
+    }
+    // Create the post.
+    $post_ID = wp_insert_post($_POST);
+    add_meta($post_ID);
+    // Reunite any orphaned attachments with their parent
+    if ( $_POST['temp_ID'] )
+        relocate_children($_POST['temp_ID'], $post_ID);
+    // Now that we have an ID we can fix any attachment anchor hrefs
+    fix_attachment_links($post_ID);
+    return $post_ID;
+}
+// Move child posts to a new parent
+function relocate_children($old_ID, $new_ID) {
+    global $wpdb;
+    $old_ID = (int) $old_ID;
+    $new_ID = (int) $new_ID;
+    return $wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
+}
+// Replace hrefs of attachment anchors with up-to-date permalinks.
+function fix_attachment_links($post_ID) {
+    global $wp_rewrite;
+    $post = & get_post($post_ID);
+    $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
+    // See if we have any rel="attachment" links
+    if ( 0 == preg_match_all($search, $post->post_content, $anchor_matches, PREG_PATTERN_ORDER) )
+        return;
+    $i = 0;
+    $search = "# id=(\"|')p(\d+)\\1#i";
+    foreach ( $anchor_matches[0] as $anchor ) {
+        if ( 0 == preg_match($search, $anchor, $id_matches) )
+            continue;
+        $id = $id_matches[2];
+        // While we have the attachment ID, let's adopt any orphans.
+        $attachment = & get_post($id);
+        if ( ! is_object(get_post($attachment->post_parent)) ) {
+            $attachment->post_parent = $post_ID;
+            wp_update_post($attachment);
+        }
+        $post_search[$i] = $anchor;
+        $post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link($id).stripslashes('\\1')", $anchor);
+        ++$i;
+    }
+    $post->post_content = str_replace($post_search, $post_replace, $post->post_content);
+    return wp_update_post($post);
+}
+// Update an existing post with values provided in $_POST.
+function edit_post() {
+    global $user_ID;
+    $post_ID = (int) $_POST['post_ID'];
+    if (!current_user_can('edit_post', $post_ID))
+        die(__('You are not allowed to edit this post.'));
+    // Rename.
+    $_POST['ID'] = (int) $_POST['post_ID'];
+    $_POST['post_content'] = $_POST['content'];
+    $_POST['post_excerpt'] = $_POST['excerpt'];
+    $_POST['post_parent'] = $_POST['parent_id'];
+    $_POST['to_ping'] = $_POST['trackback_url'];
+    if (!empty ($_POST['post_author_override'])) {
+        $_POST['post_author'] = (int) $_POST['post_author_override'];
+    } else
+        if (!empty ($_POST['post_author'])) {
+            $_POST['post_author'] = (int) $_POST['post_author'];
+        } else {
+            $_POST['post_author'] = (int) $_POST['user_ID'];
+        }
+    if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
+        die(__('You cannot post as this user.'));
+    // What to do based on which button they pressed
+    if ('' != $_POST['saveasdraft'])
+        $_POST['post_status'] = 'draft';
+    if ('' != $_POST['saveasprivate'])
+        $_POST['post_status'] = 'private';
+    if ('' != $_POST['publish'])
+        $_POST['post_status'] = 'publish';
+    if ('' != $_POST['advanced'])
+        $_POST['post_status'] = 'draft';
+    if ('' != $_POST['savepage'])
+        $_POST['post_status'] = 'static';
+    if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
+        $_POST['post_status'] = 'draft';
+    if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
+        die(__('This user cannot edit pages.'));
+    if (!isset ($_POST['comment_status']))
+        $_POST['comment_status'] = 'closed';
+    if (!isset ($_POST['ping_status']))
+        $_POST['ping_status'] = 'closed';
+    if (!empty ($_POST['edit_date'])) {
+        $aa = $_POST['aa'];
+        $mm = $_POST['mm'];
+        $jj = $_POST['jj'];
+        $hh = $_POST['hh'];
+        $mn = $_POST['mn'];
+        $ss = $_POST['ss'];
+        $jj = ($jj > 31) ? 31 : $jj;
+        $hh = ($hh > 23) ? $hh -24 : $hh;
+        $mn = ($mn > 59) ? $mn -60 : $mn;
+        $ss = ($ss > 59) ? $ss -60 : $ss;
+        $_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
+        $_POST['post_date_gmt'] = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
+    }
     // Meta Stuff
     if ($_POST['meta']) {
 …
             update_meta($key, $value['key'], $value['value']);
+    }
     if ($_POST['deletemeta']) {
         foreach ($_POST['deletemeta'] as $key => $value)
 …
     if (!current_user_can('edit_post', $comment_post_ID))
         wp_die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
+        die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
     $_POST['comment_author'] = $_POST['newcomment_author'];
 …
 // Get an existing post and format it for editing.
 function get_post_to_edit($id) {
+    global $richedit;
+    $richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
     $post = get_post($id);
     $post->post_content = format_to_edit($post->post_content, user_can_richedit());
+    $post->post_content = format_to_edit($post->post_content, $richedit);
     $post->post_content = apply_filters('content_edit_pre', $post->post_content);
 …
     $post->post_title = apply_filters('title_edit_pre', $post->post_title);
+    $post->post_password = format_to_edit($post->post_password);
+    if ($post->post_type == 'page')
+    if ($post->post_status == 'static')
         $post->page_template = get_post_meta($id, '_wp_page_template', true);
 …
     $post->post_status = 'draft';
     $post->comment_status = get_option('default_comment_status');
     $post->ping_status = get_option('default_ping_status');
     $post->post_pingback = get_option('default_pingback_flag');
     $post->post_category = get_option('default_category');
+    $post->comment_status = get_settings('default_comment_status');
+    $post->ping_status = get_settings('default_ping_status');
+    $post->post_pingback = get_settings('default_pingback_flag');
+    $post->post_category = get_settings('default_category');
     $post->post_content = apply_filters('default_content', $post_content);
     $post->post_title = apply_filters('default_title', $post_title);
 …
 function get_comment_to_edit($id) {
+    global $richedit;
+    $richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
     $comment = get_comment($id);
     $comment->comment_content = format_to_edit($comment->comment_content, user_can_richedit());
+    $comment->comment_content = format_to_edit($comment->comment_content, $richedit);
     $comment->comment_content = apply_filters('comment_edit_pre', $comment->comment_content);
 …
+}
-function wp_dropdown_roles( $default = false ) {
-    global $wp_roles;
-    $r = '';
-    foreach($wp_roles->role_names as $role => $name)
-        if ( $default == $role ) // Make default first in list
-            $p = "\n\t<option selected='selected' value='$role'>$name</option>";
-        else
-            $r .= "\n\t<option value='$role'>$name</option>";
-    echo $p . $r;
+}
-function get_user_to_edit($user_id) {
-    $user = new WP_User($user_id);
-    $user->user_login = wp_specialchars($user->user_login, 1);
-    $user->user_email = wp_specialchars($user->user_email, 1);
-    $user->user_url = wp_specialchars($user->user_url, 1);
-    $user->first_name = wp_specialchars($user->first_name, 1);
-    $user->last_name = wp_specialchars($user->last_name, 1);
-    $user->display_name = wp_specialchars($user->display_name, 1);
-    $user->nickname = wp_specialchars($user->nickname, 1);
-    $user->aim = wp_specialchars($user->aim, 1);
-    $user->yim = wp_specialchars($user->yim, 1);
-    $user->jabber = wp_specialchars($user->jabber, 1);
-    $user->description = wp_specialchars($user->description);
-    return $user;
+}
 // Creates a new user from the "Users" form using $_POST information.
 function add_user() {
+    if ( func_num_args() ) { // The hackiest hack that ever did hack
+        global $current_user, $wp_roles;
+        $user_id = func_get_arg(0);
+        if (isset ($_POST['role'])) {
+            if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users')) {
+                $user = new WP_User($user_id);
+                $user->set_role($_POST['role']);
+            }
+        }
+    } else {
+        add_action('user_register', 'add_user'); // See above
+        return edit_user();
+    }
+    return edit_user();
+}
 function edit_user($user_id = 0) {
     global $current_user, $wp_roles, $wpdb;
     if ($user_id != 0) {
         $update = true;
 …
         $pass2 = $_POST['pass2'];
     if (isset ($_POST['role']) && current_user_can('edit_users')) {
+    if (isset ($_POST['role'])) {
         if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
             $user->role = $_POST['role'];
 …
         $user->display_name = wp_specialchars(trim($_POST['display_name']));
     if (isset ($_POST['description']))
         $user->description = trim($_POST['description']);
+        $user->description = wp_specialchars(trim($_POST['description']));
     if (isset ($_POST['jabber']))
         $user->jabber = wp_specialchars(trim($_POST['jabber']));
 …
         $user->yim = wp_specialchars(trim($_POST['yim']));
     $errors = new WP_Error();
+    $errors = array ();
     /* checking that username has been typed */
     if ($user->user_login == '')
         $errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.'));
+        $errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.');
     /* checking the password has been typed twice */
     do_action_ref_array('check_passwords', array ($user->user_login, & $pass1, & $pass2));
+    do_action('check_passwords', array ($user->user_login, & $pass1, & $pass2));
     if (!$update) {
         if ($pass1 == '' || $pass2 == '')
             $errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.'));
+            $errors['pass'] = __('<strong>ERROR</strong>: Please enter your password twice.');
     } else {
         if ((empty ($pass1) && !empty ($pass2)) || (empty ($pass2) && !empty ($pass1)))
             $errors->add('pass', __("<strong>ERROR</strong>: you typed your new password only once."));
+            $errors['pass'] = __("<strong>ERROR</strong>: you typed your new password only once.");
+    }
     /* Check for "\" in password */
     if( strpos( " ".$pass1, "\\" ) )
         $errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".'));
+        $errors['pass'] = __('<strong>ERROR</strong>: Passwords may not contain the character "\\".');
     /* checking the password has been typed twice the same */
     if ($pass1 != $pass2)
         $errors->add('pass', __('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
+        $errors['pass'] = __('<strong>ERROR</strong>: Please type the same password in the two password fields.');
     if (!empty ($pass1))
 …
     if ( !validate_username($user->user_login) )
         $errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.'));
+        $errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.');
     if (!$update && username_exists($user->user_login))
         $errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
+        $errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.');
     /* checking e-mail address */
     if (empty ($user->user_email)) {
         $errors->add('user_email', __("<strong>ERROR</strong>: please type an e-mail address"));
+        $errors['user_email'] = __("<strong>ERROR</strong>: please type an e-mail address");
     } else
         if (!is_email($user->user_email)) {
             $errors->add('user_email', __("<strong>ERROR</strong>: the email address isn't correct"));
+        }
     if ( $errors->get_error_codes() )
+            $errors['user_email'] = __("<strong>ERROR</strong>: the email address isn't correct");
+        }
+    if (count($errors) != 0)
         return $errors;
 …
         wp_new_user_notification($user_id);
+    }
+    return $user_id;
+    return $errors;
+}
 …
 function get_link_to_edit($link_id) {
     $link = get_link($link_id);
     $link->link_url = wp_specialchars($link->link_url, 1);
     $link->link_name = wp_specialchars($link->link_name, 1);
+    $link->link_image = wp_specialchars($link->link_image, 1);
+    $link->link_description = wp_specialchars($link->link_description, 1);
+    $link->link_description = wp_specialchars($link->link_description);
     $link->link_notes = wp_specialchars($link->link_notes);
+    $link->link_rss = wp_specialchars($link->link_rss, 1);
+    $link->link_rel = wp_specialchars($link->link_rel, 1);
+    $link->post_category = $link->link_category;
+    $link->link_rss = wp_specialchars($link->link_rss);
     return $link;
+}
 …
     else
         $link->link_url = '';
     if ( isset($_GET['name']) )
         $link->link_name = wp_specialchars($_GET['name'], 1);
     else
         $link->link_name = '';
+    $link->link_visible = 'Y';
     return $link;
+}
 function add_link() {
     return edit_link();
+    return edit_link();
+}
 function edit_link($link_id = '') {
     if (!current_user_can('manage_links'))
         wp_die(__("Cheatin' uh ?"));
+        die(__("Cheatin' uh ?"));
     $_POST['link_url'] = wp_specialchars($_POST['link_url']);
 …
     $_POST['link_image'] = wp_specialchars($_POST['link_image']);
     $_POST['link_rss'] = wp_specialchars($_POST['link_rss']);
+    $_POST['link_category'] = $_POST['post_category'];
+    $auto_toggle = get_autotoggle($_POST['link_category']);
+    // if we are in an auto toggle category and this one is visible then we
+    // need to make the others invisible before we add this new one.
+    // FIXME Add category toggle func.
+    //if (($auto_toggle == 'Y') && ($link_visible == 'Y')) {
+    //  $wpdb->query("UPDATE $wpdb->links set link_visible = 'N' WHERE link_category = $link_category");
+    //}
     if ( !empty($link_id) ) {
 …
 function return_categories_list($parent = 0) {
     global $wpdb;
     return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC");
+    return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC LIMIT 100");
+}
 …
 function get_nested_categories($default = 0, $parent = 0) {
     global $post_ID, $link_id, $mode, $wpdb;
+    global $post_ID, $mode, $wpdb;
     if ($post_ID) {
 …
             $checked_categories[] = $default;
+        }
+    } else if ($link_id) {
+        $checked_categories = $wpdb->get_col("
+             SELECT category_id
+             FROM $wpdb->categories, $wpdb->link2cat
+             WHERE $wpdb->link2cat.category_id = cat_ID AND $wpdb->link2cat.link_id = '$link_id'
+             ");
+        if (count($checked_categories) == 0) {
+            // No selected categories, strange
+            $checked_categories[] = $default;
+        }
     } else {
         $checked_categories[] = $default;
 …
+        }
+    }
     usort($result, 'sort_cats');
 …
 function write_nested_categories($categories) {
     foreach ($categories as $category) {
         echo '<li id="category-', $category['cat_ID'], '"><label for="in-category-', $category['cat_ID'], '" class="selectit"><input value="', $category['cat_ID'], '" type="checkbox" name="post_category[]" id="in-category-', $category['cat_ID'], '"', ($category['checked'] ? ' checked="checked"' : ""), '/> ', wp_specialchars($category['cat_name']), "</label></li>\n";
         if ( $category['children'] ) {
             echo "<ul>\n";
+        echo '<label for="category-', $category['cat_ID'], '" class="selectit"><input value="', $category['cat_ID'], '" type="checkbox" name="post_category[]" id="category-', $category['cat_ID'], '"', ($category['checked'] ? ' checked="checked"' : ""), '/> ', wp_specialchars($category['cat_name']), "</label>\n";
+        if (isset ($category['children'])) {
+            echo "\n<span class='cat-nest'>\n";
             write_nested_categories($category['children']);
             echo "</ul>\n";
+            echo "</span>\n";
+        }
+    }
 …
+}
-function return_link_categories_list($parent = 0) {
-    global $wpdb;
-    return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY link_count DESC");
+}
-function get_nested_link_categories( $default = 0, $parent = 0 ) {
-    global $post_ID, $link_id, $mode, $wpdb;
-    if ($link_id) {
-        $checked_categories = $wpdb->get_col("
-             SELECT category_id
-             FROM $wpdb->categories, $wpdb->link2cat
-             WHERE $wpdb->link2cat.category_id = cat_ID AND $wpdb->link2cat.link_id = '$link_id'
-             ");
-        if (count($checked_categories) == 0) {
-            // No selected categories, strange
-            $checked_categories[] = $default;
+        }
-    } else {
-        $checked_categories[] = $default;
+    }
-    $cats = return_link_categories_list($parent);
-    $result = array ();
-    if (is_array($cats)) {
-        foreach ($cats as $cat) {
-            $result[$cat]['children'] = get_nested_link_categories($default, $cat);
-            $result[$cat]['cat_ID'] = $cat;
-            $result[$cat]['checked'] = in_array($cat, $checked_categories);
-            $result[$cat]['cat_name'] = get_the_category_by_ID($cat);
+        }
+    }
-    usort($result, 'sort_cats');
-    return $result;
+}
-function dropdown_link_categories($default = 0) {
-    write_nested_categories(get_nested_link_categories($default));
+}
 // Dandy new recursive multiple category stuff.
 function cat_rows($parent = 0, $level = 0, $categories = 0) {
+    global $wpdb, $class;
     if (!$categories)
         $categories = get_categories('hide_empty=0');
+        $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
     if ($categories) {
         foreach ($categories as $category) {
             if ($category->category_parent == $parent) {
+                echo "\t" . _cat_row( $category, $level );
+                $category->cat_name = wp_specialchars($category->cat_name);
+                $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
+                $pad = str_repeat('&#8212; ', $level);
+                if ( current_user_can('manage_categories') ) {
+                    $edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->cat_ID' class='edit'>".__('Edit')."</a></td>";
+                    $default_cat_id = get_option('default_category');
+                    if ($category->cat_ID != $default_cat_id)
+                        $edit .= "<td><a href='categories.php?action=delete&amp;cat_ID=$category->cat_ID' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '".sprintf(__("You are about to delete the category &quot;%s&quot;.  All of its posts will go to the default category.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."</a>";
+                    else
+                        $edit .= "<td style='text-align:center'>".__("Default");
+                }
+                else
+                    $edit = '';
+                $class = ('alternate' == $class) ? '' : 'alternate';
+                echo "<tr id='cat-$category->cat_ID' class='$class'><th scope='row'>$category->cat_ID</th><td>$pad $category->cat_name</td>
+                                <td>$category->category_description</td>
+                                <td>$count</td>
+                                <td>$edit</td>
+                                </tr>";
                 cat_rows($category->cat_ID, $level +1, $categories);
+            }
 …
+}
+function _cat_row( $category, $level, $name_override = false ) {
+    global $class;
+    $pad = str_repeat('&#8212; ', $level);
+    if ( current_user_can('manage_categories') ) {
+        $edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->cat_ID' class='edit'>".__('Edit')."</a></td>";
+        $default_cat_id = get_option('default_category');
+        $default_link_cat_id = get_option('default_link_category');
+        if ( ($category->cat_ID != $default_cat_id) && ($category->cat_ID != $default_link_cat_id) )
+            $edit .= "<td><a href='" . wp_nonce_url("categories.php?action=delete&amp;cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category &quot;%s&quot;.\\nAll of its posts will go into the default category of &quot;%s&quot;\\nAll of its bookmarks will go into the default category of &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), js_escape($category->cat_name), js_escape(get_catname($default_cat_id)), js_escape(get_catname($default_link_cat_id))) . "' );\" class='delete'>".__('Delete')."</a>";
+        else
+            $edit .= "<td style='text-align:center'>".__("Default");
+    } else
+        $edit = '';
+    $class = ( ( defined('DOING_AJAX') && DOING_AJAX ) || " class='alternate'" == $class ) ? '' : " class='alternate'";
+    $category->category_count = number_format( $category->category_count );
+    $category->link_count = number_format( $category->link_count );
+    return "<tr id='cat-$category->cat_ID'$class>
+        <th scope='row' style='text-align: center'>$category->cat_ID</th>
+        <td>" . ( $name_override ? $name_override : $pad . ' ' . $category->cat_name ) . "</td>
+        <td>$category->category_description</td>
+        <td align='center'>$category->category_count</td>
+        <td align='center'>$category->link_count</td>
+        <td>$edit</td>\n\t</tr>\n";
+}
+function page_rows($parent = 0, $level = 0, $pages = 0, $hierarchy = true) {
+function page_rows($parent = 0, $level = 0, $pages = 0) {
     global $wpdb, $class, $post;
     if (!$pages)
+        $pages = get_pages('sort_column=menu_order');
+    if (! $pages)
+        return false;
+    foreach ($pages as $post) {
+        setup_postdata($post);
+        if ( $hierarchy && ($post->post_parent != $parent) )
+            continue;
+        $post->post_title = wp_specialchars($post->post_title);
+        $pad = str_repeat('&#8212; ', $level);
+        $id = $post->ID;
+        $class = ('alternate' == $class) ? '' : 'alternate';
+        $pages = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static' ORDER BY menu_order");
+    if ($pages) {
+        foreach ($pages as $post) {
+            start_wp();
+            if ($post->post_parent == $parent) {
+                $post->post_title = wp_specialchars($post->post_title);
+                $pad = str_repeat('&#8212; ', $level);
+                $id = $post->ID;
+                $class = ('alternate' == $class) ? '' : 'alternate';
 ?>
   <tr id='page-<?php echo $id; ?>' class='<?php echo $class; ?>'>
     <th scope="row" style="text-align: center"><?php echo $post->ID; ?></th>
+    <th scope="row"><?php echo $post->ID; ?></th>
     <td>
+      <?php echo $pad; ?><?php the_title() ?>
+      <?php if ('private' == $post->post_status) _e(' - <strong>Private</strong>'); ?>
+      <?php echo $pad; ?><?php the_title() ?>
     </td>
     <td><?php the_author() ?></td>
     <td><?php echo mysql2date('Y-m-d g:i a', $post->post_modified); ?></td>
     <td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td>
     <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
     <td><?php if ( current_user_can('delete_page', $id) ) { echo "<a href='" . wp_nonce_url("page.php?action=delete&amp;post=$id", 'delete-page_' . $id) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), js_escape(get_the_title()) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
+    <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
+    <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars(get_the_title('','',0), 1)) . "' );\">" . __('Delete') . "</a>"; } ?></td>
   </tr>
 <?php
+        if ( $hierarchy) page_rows($id, $level + 1, $pages);
+    }
+}
+function user_row( $user_object, $style = '' ) {
+    if ( !(is_object($user_object) && is_a($user_object, 'WP_User')) )
+        $user_object = new WP_User( (int) $user_object );
+    $email = $user_object->user_email;
+    $url = $user_object->user_url;
+    $short_url = str_replace('http://', '', $url);
+    $short_url = str_replace('www.', '', $short_url);
+    if ('/' == substr($short_url, -1))
+        $short_url = substr($short_url, 0, -1);
+    if (strlen($short_url) > 35)
+        $short_url =  substr($short_url, 0, 32).'...';
+    $numposts = get_usernumposts($user_object->ID);
+    $r = "<tr id='user-$user_object->ID'$style>
+        <td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td>
+        <td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td>
+        <td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td>
+        <td><a href='mailto:$email' title='" . sprintf(__('e-mail: %s'), $email) . "'>$email</a></td>
+        <td><a href='$url' title='website: $url'>$short_url</a></td>";
+    $r .= "\n\t\t<td align='center'>";
+    if ($numposts > 0) {
+        $r .= "<a href='edit.php?author=$user_object->ID' title='" . __('View posts by this author') . "' class='edit'>";
+        $r .= sprintf(__('View %1$s %2$s'), $numposts, __ngettext('post', 'posts', $numposts));
+    }
+    $r .= "</td>\n\t\t<td>";
+    $edit_link = add_query_arg('wp_http_referer', wp_specialchars(urlencode(stripslashes($_SERVER['REQUEST_URI']))), "user-edit.php?user_id=$user_object->ID");
+    if ( current_user_can('edit_user', $user_object->ID) )
+        $r .= "<a href='$edit_link' class='edit'>".__('Edit')."</a>";
+    $r .= "</td>\n\t</tr>";
+    return $r;
+                page_rows($id, $level +1, $pages);
+            }
+        }
+    } else {
+        return false;
+    }
+}
 function wp_dropdown_cats($currentcat = 0, $currentparent = 0, $parent = 0, $level = 0, $categories = 0) {
     global $wpdb;
     if (!$categories)
         $categories = get_categories('hide_empty=0');
+    global $wpdb, $bgcolor;
+    if (!$categories) {
+        $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
+    }
     if ($categories) {
         foreach ($categories as $category) {
             if ($currentcat != $category->cat_ID && $parent == $category->category_parent) {
+                $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
                 $pad = str_repeat('&#8211; ', $level);
                 $category->cat_name = wp_specialchars($category->cat_name);
 …
+}
+function link_category_dropdown($fieldname, $selected = 0) {
+    global $wpdb;
+    $results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
+    echo "\n<select name='$fieldname' size='1'>\n";
+    foreach ($results as $row) {
+        echo "\n\t<option value='$row->cat_id'";
+        if ($row->cat_id == $selected)
+            echo " selected='selected'";
+        echo ">$row->cat_id : " . wp_specialchars($row->cat_name);
+        if ($row->auto_toggle == 'Y')
+            echo ' (auto toggle)';
+        echo "</option>";
+    }
+    echo "\n</select>\n";
+}
 function wp_create_thumbnail($file, $max_side, $effect = '') {
 …
         return $error;
     } else {
-        apply_filters( 'wp_create_thumbnail', $thumbpath );
         return $thumbpath;
+    }
 …
     global $post_ID;
     // Exit if no meta
+    if (!$meta) {
+        echo '<tbody id="the-list"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
+    if (!$meta)
         return;
+    }
     $count = 0;
 ?>
     <thead>
+<table id='meta-list' cellpadding="3">
     <tr>
         <th><?php _e('Key') ?></th>
 …
         <th colspan='2'><?php _e('Action') ?></th>
     </tr>
-    </thead>
 <?php
+    $r ="\n\t<tbody id='the-list'>";
     foreach ($meta as $entry) {
         ++ $count;
 …
         if ('_' == $entry['meta_key'] { 0 })
             $style .= ' hidden';
+        if ( is_serialized($entry['meta_value']) ) {
+            if ( is_serialized_string($entry['meta_value']) ) {
+                // this is a serialized string, so we should display it
+                $entry['meta_value'] = maybe_unserialize($entry['meta_value']);
+            } else {
+                // this is a serialized array/object so we should NOT display it
+                --$count;
+                continue;
+            }
+        }
+        $key_js = js_escape($entry['meta_key']);
+        $entry['meta_key'] = wp_specialchars( $entry['meta_key'], true );
+        $entry['meta_value'] = wp_specialchars( $entry['meta_value'], true );
+        $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
+        $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
+        $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
+        $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".__('Update')."' /><br />";
+        $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '";
+        $r .= sprintf(__("You are about to delete the &quot;%s&quot; custom field on this post.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), $key_js);
+        $r .= "' );\" class='deletemeta' tabindex='6' value='".__('Delete')."' /></td>";
+        $r .= "\n\t</tr>";
+    }
+    echo $r;
+    echo "\n\t</tbody>";
+        echo "
+            <tr class='$style'>
+                <td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>
+                <td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>
+                <td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".__('Update')."' /><br />
+                <input name='deletemeta[{$entry['meta_id']}]' type='submit' class='deletemeta' tabindex='6' value='".__('Delete')."' /></td>
+            </tr>
+        ";
+    }
+    echo "
+        </table>
+    ";
+}
 …
 function meta_form() {
     global $wpdb;
-    $limit = (int) apply_filters('postmeta_form_limit', 30);
     $keys = $wpdb->get_col("
+        SELECT meta_key
+        FROM $wpdb->postmeta
+        GROUP BY meta_key
+        ORDER BY meta_id DESC
+        LIMIT $limit");
+    natcasesort($keys);
+            SELECT meta_key
+            FROM $wpdb->postmeta
+            GROUP BY meta_key
+            ORDER BY meta_id DESC
+            LIMIT 10");
 ?>
 <h3><?php _e('Add a new custom field:') ?></h3>
 <table id="newmeta" cellspacing="3" cellpadding="3">
+<table cellspacing="3" cellpadding="3">
     <tr>
 <th colspan="2"><?php _e('Key') ?></th>
 …
     <tr valign="top">
         <td align="right" width="18%">
 <?php if ( $keys ) : ?>
+<?php if ($keys) : ?>
 <select id="metakeyselect" name="metakeyselect" tabindex="7">
 <option value="#NONE#"><?php _e('- Select -'); ?></option>
 <?php
+    foreach ( $keys as $key ) {
+        $key = wp_specialchars($key, 1);
+    foreach ($keys as $key) {
         echo "\n\t<option value='$key'>$key</option>";
+    }
 …
 </table>
 <p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e('Add Custom Field &raquo;') ?>" /></p>
+<p class="submit"><input type="submit" name="updatemeta" tabindex="9" value="<?php _e('Add Custom Field &raquo;') ?>" /></p>
 <?php
 …
 function add_meta($post_ID) {
     global $wpdb;
-    $post_ID = (int) $post_ID;
     $metakeyselect = $wpdb->escape(stripslashes(trim($_POST['metakeyselect'])));
     $metakeyinput = $wpdb->escape(stripslashes(trim($_POST['metakeyinput'])));
+    $metavalue = maybe_serialize(stripslashes((trim($_POST['metavalue']))));
+    $metavalue = $wpdb->escape($metavalue);
+    $metavalue = $wpdb->escape(stripslashes(trim($_POST['metavalue'])));
     if ( ('0' === $metavalue || !empty ($metavalue)) && ((('#NONE#' != $metakeyselect) && !empty ($metakeyselect)) || !empty ($metakeyinput)) ) {
 …
         // input for the key have data, the input takes precedence:
         if ('#NONE#' != $metakeyselect)
+        if ('#NONE#' != $metakeyselect)
             $metakey = $metakeyselect;
 …
                         VALUES ('$post_ID','$metakey','$metavalue')
                     ");
+        return $wpdb->insert_id;
+    }
+    return false;
+    }
 } // add_meta
 function delete_meta($mid) {
     global $wpdb;
+    $mid = (int) $mid;
+    return $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
+    $result = $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
+}
 function update_meta($mid, $mkey, $mvalue) {
     global $wpdb;
+    $mvalue = maybe_serialize(stripslashes($mvalue));
+    $mvalue = $wpdb->escape($mvalue);
+    $mid = (int) $mid;
     return $wpdb->query("UPDATE $wpdb->postmeta SET meta_key = '$mkey', meta_value = '$mvalue' WHERE meta_id = '$mid'");
+}
-function get_post_meta_by_id($mid) {
-    global $wpdb;
-    $mid = (int) $mid;
-    $meta = $wpdb->get_row("SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'");
-    if ( is_serialized_string($meta->meta_value) )
-        $meta->meta_value = maybe_unserialize($meta->meta_value);
-    return $meta;
+}
 function touch_time($edit = 1, $for_post = 1) {
     global $wp_locale, $post, $comment;
+    global $month, $post, $comment;
     if ( $for_post )
 …
     echo '<fieldset><legend><input type="checkbox" class="checkbox" name="edit_date" value="1" id="timestamp" /> <label for="timestamp">'.__('Edit timestamp').'</label></legend>';
     $time_adj = time() + (get_option('gmt_offset') * 3600);
+    $time_adj = time() + (get_settings('gmt_offset') * 3600);
     $post_date = ($for_post) ? $post->post_date : $comment->comment_date;
     $jj = ($edit) ? mysql2date('d', $post_date) : gmdate('d', $time_adj);
 …
     $ss = ($edit) ? mysql2date('s', $post_date) : gmdate('s', $time_adj);
     echo "<select name=\"mm\" onchange=\"edit_date.checked=true\">\n";
+    echo "<select name=\"mm\">\n";
     for ($i = 1; $i < 13; $i = $i +1) {
         echo "\t\t\t<option value=\"$i\"";
         if ($i == $mm)
+            echo ' selected="selected"';
+        echo '>' . $wp_locale->get_month($i) . "</option>\n";
+            echo " selected='selected'";
+        if ($i < 10) {
+            $ii = "0".$i;
+        } else {
+            $ii = "$i";
+        }
+        echo ">".$month["$ii"]."</option>\n";
+    }
 ?>
 </select>
 <input type="text" id="jj" name="jj" value="<?php echo $jj; ?>" size="2" maxlength="2" onchange="edit_date.checked=true"/>
 <input type="text" id="aa" name="aa" value="<?php echo $aa ?>" size="4" maxlength="5" onchange="edit_date.checked=true" /> @
 <input type="text" id="hh" name="hh" value="<?php echo $hh ?>" size="2" maxlength="2" onchange="edit_date.checked=true" /> :
 <input type="text" id="mn" name="mn" value="<?php echo $mn ?>" size="2" maxlength="2" onchange="edit_date.checked=true" />
 <input type="hidden" id="ss" name="ss" value="<?php echo $ss ?>" size="2" maxlength="2" onchange="edit_date.checked=true" />
+<input type="text" id="jj" name="jj" value="<?php echo $jj; ?>" size="2" maxlength="2" />
+<input type="text" id="aa" name="aa" value="<?php echo $aa ?>" size="4" maxlength="5" /> @
+<input type="text" id="hh" name="hh" value="<?php echo $hh ?>" size="2" maxlength="2" /> :
+<input type="text" id="mn" name="mn" value="<?php echo $mn ?>" size="2" maxlength="2" />
+<input type="hidden" id="ss" name="ss" value="<?php echo $ss ?>" size="2" maxlength="2" />
 <?php
     if ( $edit ) {
         _e('Existing timestamp');
+        //echo ': ' . $wp_locale->get_month($mm) . "$jj, $aa @ $hh:$mn";
+        echo sprintf(__(': %1$s %2$s, %3$s @ %4$s:%5$s'), $wp_locale->get_month($mm), $jj, $aa, $hh, $mn);
+        echo ": {$month[$mm]} $jj, $aa @ $hh:$mn";
+    }
 ?>
 …
         if ($markerdata) {
             $state = true;
             foreach ($markerdata as $n => $markerline) {
+            foreach ($markerdata as $markerline) {
                 if (strstr($markerline, "# BEGIN {$marker}"))
                     $state = false;
+                if ($state) {
+                    if ( $n + 1 < count($markerdata) )
+                        fwrite($f, "{$markerline}\n");
+                    else
+                        fwrite($f, "{$markerline}");
+                }
+                if ($state)
+                    fwrite($f, "{$markerline}\n");
                 if (strstr($markerline, "# END {$marker}")) {
                     fwrite($f, "# BEGIN {$marker}\n");
 …
+}
+function the_quicktags() {
+    // Browser detection sucks, but until Safari supports the JS needed for this to work people just assume it's a bug in WP
+    if (!strstr($_SERVER['HTTP_USER_AGENT'], 'Safari'))
+        echo '
+        <div id="quicktags">
+            <script src="../wp-includes/js/quicktags.js" type="text/javascript"></script>
+            <script type="text/javascript">if ( typeof tinyMCE == "undefined" || tinyMCE.configs.length < 1 ) edToolbar();</script>
+        </div>
+';
+    else echo '
+<script type="text/javascript">
+function edInsertContent(myField, myValue) {
+    //IE support
+    if (document.selection) {
+        myField.focus();
+        sel = document.selection.createRange();
+        sel.text = myValue;
+        myField.focus();
+    }
+    //MOZILLA/NETSCAPE support
+    else if (myField.selectionStart || myField.selectionStart == "0") {
+        var startPos = myField.selectionStart;
+        var endPos = myField.selectionEnd;
+        myField.value = myField.value.substring(0, startPos)
+                      + myValue
+                      + myField.value.substring(endPos, myField.value.length);
+        myField.focus();
+        myField.selectionStart = startPos + myValue.length;
+        myField.selectionEnd = startPos + myValue.length;
+    } else {
+        myField.value += myValue;
+        myField.focus();
+    }
+}
+</script>
+';
+}
+function validate_current_theme() {
+    $theme_loc = 'wp-content/themes';
+    $theme_root = ABSPATH.$theme_loc;
+    $template = get_settings('template');
+    $stylesheet = get_settings('stylesheet');
+    if (($template != 'default') && (!file_exists("$theme_root/$template/index.php"))) {
+        update_option('template', 'default');
+        update_option('stylesheet', 'default');
+        do_action('switch_theme', 'Default');
+        return false;
+    }
+    if (($stylesheet != 'default') && (!file_exists("$theme_root/$stylesheet/style.css"))) {
+        update_option('template', 'default');
+        update_option('stylesheet', 'default');
+        do_action('switch_theme', 'Default');
+        return false;
+    }
+    return true;
+}
 function get_broken_themes() {
     global $wp_broken_themes;
 …
 function parent_dropdown($default = 0, $parent = 0, $level = 0) {
     global $wpdb, $post_ID;
     $items = $wpdb->get_results("SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = $parent AND post_type = 'page' ORDER BY menu_order");
+    $items = $wpdb->get_results("SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = $parent AND post_status = 'static' ORDER BY menu_order");
     if ($items) {
 …
     global $menu;
     global $submenu;
-    global $_wp_menu_nopriv;
-    global $_wp_submenu_nopriv;
-    global $plugin_page;
     $parent = get_admin_page_parent();
+    /*echo "pa: $parent pn: $pagenow pp: $plugin_page<br/>";
+    echo "<pre>";
+    print_r($_wp_menu_nopriv);
+    print_r($_wp_submenu_nopriv);
+    echo "</pre>";*/
+    if ( isset($_wp_submenu_nopriv[$parent][$pagenow]) )
+        return false;
+    if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$parent][$plugin_page]) )
+        return false;
+    if ( empty($parent) ) {
+        if ( isset($_wp_menu_nopriv[$pagenow]) )
+            return false;
+        if ( isset($_wp_submenu_nopriv[$pagenow][$pagenow]) )
+            return false;
+        if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$pagenow][$plugin_page]) )
+            return false;
+        foreach (array_keys($_wp_submenu_nopriv) as $key) {
+            if ( isset($_wp_submenu_nopriv[$key][$pagenow]) )
+    foreach ($menu as $menu_array) {
+        //echo "parent array: " . $menu_array[2];
+        if ($menu_array[2] == $parent) {
+            if (!current_user_can($menu_array[1])) {
                 return false;
             if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$key][$plugin_page]) )
             return false;
+        }
         return true;
+            } else {
+                break;
+            }
+        }
+    }
 …
         foreach ($submenu[$parent] as $submenu_array) {
             if ($submenu_array[2] == $pagenow) {
+                if (current_user_can($submenu_array[1]))
+                if (!current_user_can($submenu_array[1])) {
+                    return false;
+                } else {
                     return true;
+                else
+                    return false;
+            }
+        }
+    }
+    foreach ($menu as $menu_array) {
+        if ($menu_array[2] == $parent) {
+            if (current_user_can($menu_array[1]))
+                return true;
+            else
+                return false;
+        }
+    }
+                }
+            }
+        }
+    }
     return true;
+}
 …
     global $pagenow;
     global $plugin_page;
+    global $_wp_real_parent_file;
+    global $_wp_menu_nopriv;
+    global $_wp_submenu_nopriv;
+    if ( !empty ($parent_file) ) {
+        if ( isset($_wp_real_parent_file[$parent_file]) )
+            $parent_file = $_wp_real_parent_file[$parent_file];
+    if (isset ($parent_file) && !empty ($parent_file)) {
         return $parent_file;
+    }
 …
             if ($parent_menu[2] == $plugin_page) {
                 $parent_file = $plugin_page;
+                if ( isset($_wp_real_parent_file[$parent_file]) )
+                    $parent_file = $_wp_real_parent_file[$parent_file];
+                return $parent_file;
+            }
+        }
+        if ( isset($_wp_menu_nopriv[$plugin_page]) ) {
+            $parent_file = $plugin_page;
+            if ( isset($_wp_real_parent_file[$parent_file]) )
+                    $parent_file = $_wp_real_parent_file[$parent_file];
+            return $parent_file;
+        }
+    }
+    if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$pagenow][$plugin_page]) ) {
+        $parent_file = $pagenow;
+        if ( isset($_wp_real_parent_file[$parent_file]) )
+            $parent_file = $_wp_real_parent_file[$parent_file];
+        return $parent_file;
+                return $plugin_page;
+            }
+        }
+    }
     foreach (array_keys($submenu) as $parent) {
         foreach ($submenu[$parent] as $submenu_array) {
-            if ( isset($_wp_real_parent_file[$parent]) )
-                $parent = $_wp_real_parent_file[$parent];
             if ($submenu_array[2] == $pagenow) {
                 $parent_file = $parent;
 …
     global $submenu;
     global $menu;
+    global $_wp_real_parent_file;
+    global $_wp_submenu_nopriv;
+    global $_wp_menu_nopriv;
+    $parent = plugin_basename($parent);
     $file = plugin_basename($file);
-    $parent = plugin_basename($parent);
-    if ( isset($_wp_real_parent_file[$parent]) )
-        $parent = $_wp_real_parent_file[$parent];
-    if ( !current_user_can($access_level) ) {
-        $_wp_submenu_nopriv[$parent][$file] = true;
-        return false;
+    }
     // If the parent doesn't already have a submenu, add a link to the parent
 …
     // parent file someone is trying to link back to the parent manually.  In
     // this case, don't automatically add a link back to avoid duplication.
     if (!isset ($submenu[$parent]) && $file != $parent  ) {
+    if (!isset ($submenu[$parent]) && $file != $parent) {
         foreach ($menu as $parent_menu) {
             if ( $parent_menu[2] == $parent && current_user_can($parent_menu[1]) ) {
+            if ($parent_menu[2] == $parent) {
                 $submenu[$parent][] = $parent_menu;
+            }
 …
     switch ($code) {
         case 1 :
             wp_die(__('Sorry, can&#8217;t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
+            die(__('Sorry, can&#8217;t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
         case 2 :
             wp_die(__('Sorry, can&#8217;t call files with their real path.'));
+            die(__('Sorry, can&#8217;t call files with their real path.'));
         case 3 :
             wp_die(__('Sorry, that file cannot be edited.'));
+            die(__('Sorry, that file cannot be edited.'));
+    }
+}
 function get_home_path() {
     $home = get_option('home');
     if ($home != '' && $home != get_option('siteurl')) {
+    $home = get_settings('home');
+    if ($home != '' && $home != get_settings('siteurl')) {
         $home_path = parse_url($home);
         $home_path = $home_path['path'];
 …
         return $wp_file_descriptions[basename($file)];
+    }
     elseif ( file_exists( ABSPATH . $file ) && is_file( ABSPATH . $file ) ) {
         $template_data = implode('', file( ABSPATH . $file ));
+    elseif (file_exists(ABSPATH.$file)) {
+        $template_data = implode('', file(ABSPATH.$file));
         if (preg_match("|Template Name:(.*)|i", $template_data, $name))
             return $name[1];
 …
     preg_match("|Author URI:(.*)|i", $plugin_data, $author_uri);
     if (preg_match("|Version:(.*)|i", $plugin_data, $version))
         $version = trim($version[1]);
+        $version = $version[1];
     else
         $version = '';
     $description = wptexturize(trim($description[1]));
+    $description = wptexturize($description[1]);
     $name = $plugin_name[1];
 …
     $plugin = $name;
     if ('' != $plugin_uri[1] && '' != $name) {
         $plugin = '<a href="' . trim($plugin_uri[1]) . '" title="'.__('Visit plugin homepage').'">'.$plugin.'</a>';
+        $plugin = '<a href="'.$plugin_uri[1].'" title="'.__('Visit plugin homepage').'">'.$plugin.'</a>';
+    }
     if ('' == $author_uri[1]) {
         $author = trim($author_name[1]);
     } else {
         $author = '<a href="' . trim($author_uri[1]) . '" title="'.__('Visit author homepage').'">' . trim($author_name[1]) . '</a>';
+        $author = $author_name[1];
+    } else {
+        $author = '<a href="'.$author_uri[1].'" title="'.__('Visit author homepage').'">'.$author_name[1].'</a>';
+    }
 …
     $wp_plugins = array ();
+    $plugin_root = ABSPATH . PLUGINDIR;
+    $plugin_loc = 'wp-content/plugins';
+    $plugin_root = ABSPATH.$plugin_loc;
     // Files in wp-content/plugins directory
 …
+    }
     if ( !$plugins_dir || !$plugin_files )
+    if (!$plugins_dir || !$plugin_files) {
         return $wp_plugins;
+    foreach ( $plugin_files as $plugin_file ) {
+        if ( !is_readable("$plugin_root/$plugin_file") )
+    }
+    sort($plugin_files);
+    foreach ($plugin_files as $plugin_file) {
+        if ( !is_readable("$plugin_root/$plugin_file"))
             continue;
         $plugin_data = get_plugin_data("$plugin_root/$plugin_file");
         if ( empty ($plugin_data['Name']) )
+        if (empty ($plugin_data['Name'])) {
             continue;
+        }
         $wp_plugins[plugin_basename($plugin_file)] = $plugin_data;
+    }
-    uasort($wp_plugins, create_function('$a, $b', 'return strnatcasecmp($a["Name"], $b["Name"]);'));
     return $wp_plugins;
 …
         __("Failed to write file to disk."));
+    // Accepted MIME types are set here as PCRE. Override with $override['mimes'].
+    $mimes = apply_filters('upload_mimes', array (
+        'jpg|jpeg|jpe' => 'image/jpeg',
+        'gif' => 'image/gif',
+        'png' => 'image/png',
+        'bmp' => 'image/bmp',
+        'tif|tiff' => 'image/tiff',
+        'ico' => 'image/x-icon',
+        'asf|asx|wax|wmv|wmx' => 'video/asf',
+        'avi' => 'video/avi',
+        'mov|qt' => 'video/quicktime',
+        'mpeg|mpg|mpe' => 'video/mpeg',
+        'txt|c|cc|h' => 'text/plain',
+        'rtx' => 'text/richtext',
+        'css' => 'text/css',
+        'htm|html' => 'text/html',
+        'mp3|mp4' => 'audio/mpeg',
+        'ra|ram' => 'audio/x-realaudio',
+        'wav' => 'audio/wav',
+        'ogg' => 'audio/ogg',
+        'mid|midi' => 'audio/midi',
+        'wma' => 'audio/wma',
+        'rtf' => 'application/rtf',
+        'js' => 'application/javascript',
+        'pdf' => 'application/pdf',
+        'doc' => 'application/msword',
+        'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
+        'wri' => 'application/vnd.ms-write',
+        'xla|xls|xlt|xlw' => 'application/vnd.ms-excel',
+        'mdb' => 'application/vnd.ms-access',
+        'mpp' => 'application/vnd.ms-project',
+        'swf' => 'application/x-shockwave-flash',
+        'class' => 'application/java',
+        'tar' => 'application/x-tar',
+        'zip' => 'application/zip',
+        'gz|gzip' => 'application/x-gzip',
+        'exe' => 'application/x-msdownload'
+    ));
     // All tests are on by default. Most can be turned off by $override[{test_name}] = false;
     $test_form = true;
 …
         return $upload_error_handler($file, __('Specified file failed upload test.'));
     // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter.
+    // A correct MIME type will pass this test.
     if ( $test_type ) {
+        $wp_filetype = wp_check_filetype($file['name'], $mimes);
+        extract($wp_filetype);
+        $type = false;
+        $ext = false;
+        foreach ($mimes as $ext_preg => $mime_match) {
+            $ext_preg = '![^.]\.(' . $ext_preg . ')$!i';
+            if ( preg_match($ext_preg, $file['name'], $ext_matches) ) {
+                $type = $mime_match;
+                $ext = $ext_matches[1];
+            }
+        }
         if ( !$type || !$ext )
 …
                 $filename = str_replace("$number$ext", ++$number . $ext, $filename);
+        }
-        $filename = str_replace($ext, '', $filename);
-        $filename = sanitize_title_with_dashes($filename) . $ext;
+    }
 …
     $new_file = $uploads['path'] . "/$filename";
     if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) )
         wp_die(printf(__('The uploaded file could not be moved to %s.'), $uploads['path']));
+        die(printf(__('The uploaded file could not be moved to %s.'), $file['path']));
     // Set correct file permissions
 …
     // Compute the URL
     $url = $uploads['url'] . "/$filename";
+    $return = apply_filters( 'wp_handle_upload', array('file' => $new_file, 'url' => $url, 'type' => $type) );
+    return $return;
+    return array('file' => $new_file, 'url' => $url, 'type' => $type);
+}
 …
 function wp_import_upload_form($action) {
-    $size = strtolower( ini_get('upload_max_filesize') );
-    $bytes = 0;
-    if ( strstr( $size, 'k' ) )
-        $bytes = $size * 1024;
-    if ( strstr( $size, 'm' ) )
-        $bytes = $size * 1024 * 1024;
-    if ( strstr( $size, 'g' ) )
-        $bytes = $size * 1024 * 1024 * 1024;
 ?>
+<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo $action ?>">
+<p>
+<label for="upload"><?php _e('Choose a file from your computer:'); ?></label> (<?php printf( __('Maximum size: %s'), $size ); ?>)
+<input type="file" id="upload" name="import" size="25" />
+<script type="text/javascript">
+function cancelUpload() {
+o = document.getElementById('uploadForm');
+o.method = 'GET';
+o.action.value = 'view';
+o.submit();
+}
+</script>
+<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo $action ?>">
+<label for="upload"><?php _e('File:'); ?></label><input type="file" id="upload" name="import" />
 <input type="hidden" name="action" value="save" />
+<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" />
+</p>
+<p class="submit">
+<input type="submit" value="<?php _e('Upload file and import'); ?> &raquo;" />
+</p>
+<div id="buttons">
+<input type="submit" value="<?php _e('Import'); ?>" />
+<input type="button" value="<?php _e('Cancel'); ?>" onclick="cancelUpload()" />
+</div>
 </form>
 <?php
+<?php
+}
 …
     $url = $file['url'];
     $file = addslashes( $file['file'] );
+    $file = $file['file'];
     $filename = basename($file);
 …
+}
+function user_can_richedit() {
+    if ( 'true' != get_user_option('rich_editing') )
+        return false;
+    if ( preg_match('!opera[ /][2-8]|konqueror|safari!i', $_SERVER['HTTP_USER_AGENT']) )
+        return false;
+    return true; // Best guess
+}
 function the_attachment_links($id = false) {
     $id = (int) $id;
     $post = & get_post($id);
     if ( $post->post_type != 'attachment' )
+    if ( $post->post_status != 'attachment' )
         return false;
     $icon = get_attachment_icon($post->ID);
+    $attachment_data = get_post_meta( $id, '_wp_attachment_metadata', true );
+    $thumb = isset($attachment_data['thumb']);
 ?>
+<form id="the-attachment-links">
+<table>
+    <col />
+    <col class="widefat" />
+    <tr>
+        <th scope="row"><?php _e('URL') ?></th>
+        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><?php echo $post->guid ?></textarea></td>
+    </tr>
+<p><?php _e('Text linked to file') ?><br />
+<textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo basename($post->guid) ?></a></textarea></p>
+<p><?php _e('Text linked to subpost') ?><br />
+<textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment" id="<?php echo $post->ID ?>"><?php echo $post->post_title ?></a></textarea></p>
 <?php if ( $icon ) : ?>
+    <tr>
+        <th scope="row"><?php $thumb ? _e('Thumbnail linked to file') : _e('Image linked to file'); ?></th>
+        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid; ?>"><?php echo $icon ?></a></textarea></td>
+    </tr>
+    <tr>
+        <th scope="row"><?php $thumb ? _e('Thumbnail linked to page') : _e('Image linked to file'); ?></th>
+        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment wp-att-<?php echo $post->ID; ?>"><?php echo $icon ?></a></textarea></td>
+    </tr>
+<?php else : ?>
+    <tr>
+        <th scope="row"><?php _e('Link to file') ?></th>
+        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo basename($post->guid);  ?></a></textarea></td>
+    </tr>
+    <tr>
+        <th scope="row"><?php _e('Link to page') ?></th>
+        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment wp-att-<?php echo $post->ID ?>"><?php the_title(); ?></a></textarea></td>
+    </tr>
+<p><?php _e('Thumbnail linked to file') ?><br />
+<textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo $icon ?></a></textarea></p>
+<p><?php _e('Thumbnail linked to subpost') ?><br />
+<textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment" id="<?php echo $post->ID ?>"><?php echo $icon ?></a></textarea></p>
 <?php endif; ?>
-</table>
-</form>
 <?php
+}
 …
+}
-function wp_reset_vars($vars) {
-    for ($i=0; $i<count($vars); $i += 1) {
-        $var = $vars[$i];
-        global $$var;
-        if (!isset($$var)) {
-            if (empty($_POST["$var"])) {
-                if (empty($_GET["$var"]))
-                    $$var = '';
-                else
-                    $$var = $_GET["$var"];
-            } else {
-                $$var = $_POST["$var"];
+            }
+        }
+    }
+}
-// If siteurl or home changed, reset cookies and flush rewrite rules.
-function update_home_siteurl($old_value, $value) {
-    global $wp_rewrite, $user_login, $user_pass_md5;
-    if ( defined("WP_INSTALLING") )
-        return;
-    // If home changed, write rewrite rules to new location.
-    $wp_rewrite->flush_rules();
-    // Clear cookies for old paths.
-    wp_clearcookie();
-    // Set cookies for new paths.
-    wp_setcookie($user_login, $user_pass_md5, true, get_option('home'), get_option('siteurl'));
+}
-add_action('update_option_home', 'update_home_siteurl', 10, 2);
-add_action('update_option_siteurl', 'update_home_siteurl', 10, 2);
-function wp_crop_image($src_file, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_h, $src_abs = false, $dst_file = false) {
-    if ( ctype_digit($src_file) ) // Handle int as attachment ID
-        $src_file = get_attached_file($src_file);
-    $src = wp_load_image($src_file);
-    if ( !is_resource($src) )
-        return $src;
-    $dst = imagecreatetruecolor($dst_w, $dst_h);
-    if ( $src_abs ) {
-        $src_w -= $src_x;
-        $src_h -= $src_y;
+    }
-    imageantialias($dst, true);
-    imagecopyresampled($dst, $src, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h);
-    if ( !$dst_file )
-        $dst_file = str_replace(basename($src_file), 'cropped-'.basename($src_file), $src_file);
-    $dst_file = preg_replace('/\\.[^\\.]+$/', '.jpg', $dst_file);
-    if ( imagejpeg($dst, $dst_file) )
-        return $dst_file;
-    else
-        return false;
+}
-function wp_load_image($file) {
-    if ( ctype_digit($file) )
-        $file = get_attached_file($file);
-    if ( !file_exists($file) )
-        return "File '$file' doesn't exist?";
-    $contents = file_get_contents($file);
-    $image = imagecreatefromstring($contents);
-    if ( !is_resource($image) )
-        return "File '$file' is not image?";
-    return $image;
+}
 ?>

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changes in trunk/wp-admin/admin-functions.php [4418:3501]

Legend:

trunk/wp-admin/admin-functions.php

Download in other formats: