Changeset 42343 for trunk/src/wp-admin/includes/post.php
- Timestamp:
- 11/30/2017 11:09:33 PM (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/post.php
r42228 r42343 20 20 function _wp_translate_postdata( $update = false, $post_data = null ) { 21 21 22 if ( empty( $post_data) )22 if ( empty( $post_data ) ) { 23 23 $post_data = &$_POST; 24 25 if ( $update ) 24 } 25 26 if ( $update ) { 26 27 $post_data['ID'] = (int) $post_data['post_ID']; 28 } 27 29 28 30 $ptype = get_post_type_object( $post_data['post_type'] ); 29 31 30 32 if ( $update && ! current_user_can( 'edit_post', $post_data['ID'] ) ) { 31 if ( 'page' == $post_data['post_type'] ) 33 if ( 'page' == $post_data['post_type'] ) { 32 34 return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) ); 33 else35 } else { 34 36 return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) ); 37 } 35 38 } elseif ( ! $update && ! current_user_can( $ptype->cap->create_posts ) ) { 36 if ( 'page' == $post_data['post_type'] ) 39 if ( 'page' == $post_data['post_type'] ) { 37 40 return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) ); 38 else41 } else { 39 42 return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) ); 40 } 41 42 if ( isset( $post_data['content'] ) ) 43 } 44 } 45 46 if ( isset( $post_data['content'] ) ) { 43 47 $post_data['post_content'] = $post_data['content']; 44 45 if ( isset( $post_data['excerpt'] ) ) 48 } 49 50 if ( isset( $post_data['excerpt'] ) ) { 46 51 $post_data['post_excerpt'] = $post_data['excerpt']; 47 48 if ( isset( $post_data['parent_id'] ) ) 52 } 53 54 if ( isset( $post_data['parent_id'] ) ) { 49 55 $post_data['post_parent'] = (int) $post_data['parent_id']; 50 51 if ( isset($post_data['trackback_url']) ) 56 } 57 58 if ( isset( $post_data['trackback_url'] ) ) { 52 59 $post_data['to_ping'] = $post_data['trackback_url']; 60 } 53 61 54 62 $post_data['user_ID'] = get_current_user_id(); 55 63 56 if ( !empty( $post_data['post_author_override'] ) ) {64 if ( ! empty( $post_data['post_author_override'] ) ) { 57 65 $post_data['post_author'] = (int) $post_data['post_author_override']; 58 66 } else { 59 if ( !empty( $post_data['post_author'] ) ) {67 if ( ! empty( $post_data['post_author'] ) ) { 60 68 $post_data['post_author'] = (int) $post_data['post_author']; 61 69 } else { … … 68 76 69 77 if ( $update ) { 70 if ( 'page' == $post_data['post_type'] ) 78 if ( 'page' == $post_data['post_type'] ) { 71 79 return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to edit pages as this user.' ) ); 72 else80 } else { 73 81 return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to edit posts as this user.' ) ); 82 } 74 83 } else { 75 if ( 'page' == $post_data['post_type'] ) 84 if ( 'page' == $post_data['post_type'] ) { 76 85 return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) ); 77 else86 } else { 78 87 return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) ); 88 } 79 89 } 80 90 } … … 94 104 95 105 // What to do based on which button they pressed 96 if ( isset( $post_data['saveasdraft']) && '' != $post_data['saveasdraft'] )106 if ( isset( $post_data['saveasdraft'] ) && '' != $post_data['saveasdraft'] ) { 97 107 $post_data['post_status'] = 'draft'; 98 if ( isset($post_data['saveasprivate']) && '' != $post_data['saveasprivate'] ) 108 } 109 if ( isset( $post_data['saveasprivate'] ) && '' != $post_data['saveasprivate'] ) { 99 110 $post_data['post_status'] = 'private'; 100 if ( isset($post_data['publish']) && ( '' != $post_data['publish'] ) && ( !isset($post_data['post_status']) || $post_data['post_status'] != 'private' ) ) 111 } 112 if ( isset( $post_data['publish'] ) && ( '' != $post_data['publish'] ) && ( ! isset( $post_data['post_status'] ) || $post_data['post_status'] != 'private' ) ) { 101 113 $post_data['post_status'] = 'publish'; 102 if ( isset($post_data['advanced']) && '' != $post_data['advanced'] ) 114 } 115 if ( isset( $post_data['advanced'] ) && '' != $post_data['advanced'] ) { 103 116 $post_data['post_status'] = 'draft'; 104 if ( isset($post_data['pending']) && '' != $post_data['pending'] ) 117 } 118 if ( isset( $post_data['pending'] ) && '' != $post_data['pending'] ) { 105 119 $post_data['post_status'] = 'pending'; 106 107 if ( isset( $post_data['ID'] ) ) 120 } 121 122 if ( isset( $post_data['ID'] ) ) { 108 123 $post_id = $post_data['ID']; 109 else124 } else { 110 125 $post_id = false; 126 } 111 127 $previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false; 112 128 … … 119 135 // Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published. 120 136 // Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts. 121 if ( isset( $post_data['post_status']) && (in_array( $post_data['post_status'], $published_statuses ) && !current_user_can( $ptype->cap->publish_posts )) )122 if ( ! in_array( $previous_status, $published_statuses ) || ! current_user_can( 'edit_post', $post_id ) )137 if ( isset( $post_data['post_status'] ) && ( in_array( $post_data['post_status'], $published_statuses ) && ! current_user_can( $ptype->cap->publish_posts ) ) ) { 138 if ( ! in_array( $previous_status, $published_statuses ) || ! current_user_can( 'edit_post', $post_id ) ) { 123 139 $post_data['post_status'] = 'pending'; 140 } 141 } 124 142 125 143 if ( ! isset( $post_data['post_status'] ) ) { … … 131 149 } 132 150 133 if ( !isset( $post_data['comment_status'] ))151 if ( ! isset( $post_data['comment_status'] ) ) { 134 152 $post_data['comment_status'] = 'closed'; 135 136 if (!isset( $post_data['ping_status'] )) 153 } 154 155 if ( ! isset( $post_data['ping_status'] ) ) { 137 156 $post_data['ping_status'] = 'closed'; 138 139 foreach ( array('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) { 140 if ( !empty( $post_data['hidden_' . $timeunit] ) && $post_data['hidden_' . $timeunit] != $post_data[$timeunit] ) { 157 } 158 159 foreach ( array( 'aa', 'mm', 'jj', 'hh', 'mn' ) as $timeunit ) { 160 if ( ! empty( $post_data[ 'hidden_' . $timeunit ] ) && $post_data[ 'hidden_' . $timeunit ] != $post_data[ $timeunit ] ) { 141 161 $post_data['edit_date'] = '1'; 142 162 break; … … 144 164 } 145 165 146 if ( ! empty( $post_data['edit_date'] ) ) {147 $aa = $post_data['aa'];148 $mm = $post_data['mm'];149 $jj = $post_data['jj'];150 $hh = $post_data['hh'];151 $mn = $post_data['mn'];152 $ss = $post_data['ss'];153 $aa = ($aa <= 0 ) ? date('Y') : $aa;154 $mm = ($mm <= 0 ) ? date('n') : $mm;155 $jj = ($jj > 31 ) ? 31 : $jj;156 $jj = ($jj <= 0 ) ? date('j') : $jj;157 $hh = ($hh > 23 ) ? $hh -24 : $hh;158 $mn = ($mn > 59 ) ? $mn -60 : $mn;159 $ss = ($ss > 59 ) ? $ss -60 : $ss;160 $post_data['post_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss );161 $valid_date = wp_checkdate( $mm, $jj, $aa, $post_data['post_date'] );162 if ( ! $valid_date ) {166 if ( ! empty( $post_data['edit_date'] ) ) { 167 $aa = $post_data['aa']; 168 $mm = $post_data['mm']; 169 $jj = $post_data['jj']; 170 $hh = $post_data['hh']; 171 $mn = $post_data['mn']; 172 $ss = $post_data['ss']; 173 $aa = ( $aa <= 0 ) ? date( 'Y' ) : $aa; 174 $mm = ( $mm <= 0 ) ? date( 'n' ) : $mm; 175 $jj = ( $jj > 31 ) ? 31 : $jj; 176 $jj = ( $jj <= 0 ) ? date( 'j' ) : $jj; 177 $hh = ( $hh > 23 ) ? $hh - 24 : $hh; 178 $mn = ( $mn > 59 ) ? $mn - 60 : $mn; 179 $ss = ( $ss > 59 ) ? $ss - 60 : $ss; 180 $post_data['post_date'] = sprintf( '%04d-%02d-%02d %02d:%02d:%02d', $aa, $mm, $jj, $hh, $mn, $ss ); 181 $valid_date = wp_checkdate( $mm, $jj, $aa, $post_data['post_date'] ); 182 if ( ! $valid_date ) { 163 183 return new WP_Error( 'invalid_date', __( 'Invalid date.' ) ); 164 184 } … … 189 209 global $wpdb; 190 210 191 if ( empty( $post_data) )211 if ( empty( $post_data ) ) { 192 212 $post_data = &$_POST; 213 } 193 214 194 215 // Clear out any data in internal vars. 195 216 unset( $post_data['filter'] ); 196 217 197 $post_ID = (int) $post_data['post_ID'];198 $post = get_post( $post_ID );199 $post_data['post_type'] = $post->post_type;218 $post_ID = (int) $post_data['post_ID']; 219 $post = get_post( $post_ID ); 220 $post_data['post_type'] = $post->post_type; 200 221 $post_data['post_mime_type'] = $post->post_mime_type; 201 222 … … 208 229 } 209 230 210 $ptype = get_post_type_object($post_data['post_type']); 211 if ( !current_user_can( 'edit_post', $post_ID ) ) { 212 if ( 'page' == $post_data['post_type'] ) 213 wp_die( __('Sorry, you are not allowed to edit this page.' )); 214 else 215 wp_die( __('Sorry, you are not allowed to edit this post.' )); 231 $ptype = get_post_type_object( $post_data['post_type'] ); 232 if ( ! current_user_can( 'edit_post', $post_ID ) ) { 233 if ( 'page' == $post_data['post_type'] ) { 234 wp_die( __( 'Sorry, you are not allowed to edit this page.' ) ); 235 } else { 236 wp_die( __( 'Sorry, you are not allowed to edit this post.' ) ); 237 } 216 238 } 217 239 218 240 if ( post_type_supports( $ptype->name, 'revisions' ) ) { 219 $revisions = wp_get_post_revisions( $post_ID, array( 'order' => 'ASC', 'posts_per_page' => 1 ) ); 220 $revision = current( $revisions ); 241 $revisions = wp_get_post_revisions( 242 $post_ID, array( 243 'order' => 'ASC', 244 'posts_per_page' => 1, 245 ) 246 ); 247 $revision = current( $revisions ); 221 248 222 249 // Check if the revisions have been upgraded 223 if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 ) 250 if ( $revisions && _wp_get_post_revision_version( $revision ) < 1 ) { 224 251 _wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) ); 225 } 226 227 if ( isset($post_data['visibility']) ) { 252 } 253 } 254 255 if ( isset( $post_data['visibility'] ) ) { 228 256 switch ( $post_data['visibility'] ) { 229 case 'public' 257 case 'public': 230 258 $post_data['post_password'] = ''; 231 259 break; 232 case 'password' 260 case 'password': 233 261 unset( $post_data['sticky'] ); 234 262 break; 235 case 'private' 236 $post_data['post_status'] = 'private';263 case 'private': 264 $post_data['post_status'] = 'private'; 237 265 $post_data['post_password'] = ''; 238 266 unset( $post_data['sticky'] ); … … 242 270 243 271 $post_data = _wp_translate_postdata( true, $post_data ); 244 if ( is_wp_error( $post_data) )272 if ( is_wp_error( $post_data ) ) { 245 273 wp_die( $post_data->get_error_message() ); 274 } 246 275 247 276 // Post Formats 248 if ( isset( $post_data['post_format'] ) ) 277 if ( isset( $post_data['post_format'] ) ) { 249 278 set_post_format( $post_ID, $post_data['post_format'] ); 279 } 250 280 251 281 $format_meta_urls = array( 'url', 'link_url', 'quote_source_url' ); 252 282 foreach ( $format_meta_urls as $format_meta_url ) { 253 283 $keyed = '_format_' . $format_meta_url; 254 if ( isset( $post_data[ $keyed ] ) ) 284 if ( isset( $post_data[ $keyed ] ) ) { 255 285 update_post_meta( $post_ID, $keyed, wp_slash( esc_url_raw( wp_unslash( $post_data[ $keyed ] ) ) ) ); 286 } 256 287 } 257 288 … … 261 292 $keyed = '_format_' . $key; 262 293 if ( isset( $post_data[ $keyed ] ) ) { 263 if ( current_user_can( 'unfiltered_html' ) ) 294 if ( current_user_can( 'unfiltered_html' ) ) { 264 295 update_post_meta( $post_ID, $keyed, $post_data[ $keyed ] ); 265 else296 } else { 266 297 update_post_meta( $post_ID, $keyed, wp_filter_post_kses( $post_data[ $keyed ] ) ); 298 } 267 299 } 268 300 } … … 283 315 284 316 // Meta Stuff 285 if ( isset( $post_data['meta']) && $post_data['meta'] ) {317 if ( isset( $post_data['meta'] ) && $post_data['meta'] ) { 286 318 foreach ( $post_data['meta'] as $key => $value ) { 287 if ( ! $meta = get_post_meta_by_id( $key ) )319 if ( ! $meta = get_post_meta_by_id( $key ) ) { 288 320 continue; 289 if ( $meta->post_id != $post_ID ) 321 } 322 if ( $meta->post_id != $post_ID ) { 290 323 continue; 291 if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $meta->meta_key ) ) 324 } 325 if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $meta->meta_key ) ) { 292 326 continue; 293 if ( is_protected_meta( $value['key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $value['key'] ) ) 327 } 328 if ( is_protected_meta( $value['key'], 'post' ) || ! current_user_can( 'edit_post_meta', $post_ID, $value['key'] ) ) { 294 329 continue; 330 } 295 331 update_meta( $key, $value['key'], $value['value'] ); 296 332 } 297 333 } 298 334 299 if ( isset( $post_data['deletemeta']) && $post_data['deletemeta'] ) {335 if ( isset( $post_data['deletemeta'] ) && $post_data['deletemeta'] ) { 300 336 foreach ( $post_data['deletemeta'] as $key => $value ) { 301 if ( ! $meta = get_post_meta_by_id( $key ) )337 if ( ! $meta = get_post_meta_by_id( $key ) ) { 302 338 continue; 303 if ( $meta->post_id != $post_ID ) 339 } 340 if ( $meta->post_id != $post_ID ) { 304 341 continue; 305 if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $post_ID, $meta->meta_key ) ) 342 } 343 if ( is_protected_meta( $meta->meta_key, 'post' ) || ! current_user_can( 'delete_post_meta', $post_ID, $meta->meta_key ) ) { 306 344 continue; 345 } 307 346 delete_meta( $key ); 308 347 } … … 311 350 // Attachment stuff 312 351 if ( 'attachment' == $post_data['post_type'] ) { 313 if ( isset( $post_data[ '_wp_attachment_image_alt'] ) ) {352 if ( isset( $post_data['_wp_attachment_image_alt'] ) ) { 314 353 $image_alt = wp_unslash( $post_data['_wp_attachment_image_alt'] ); 315 354 if ( $image_alt != get_post_meta( $post_ID, '_wp_attachment_image_alt', true ) ) { … … 361 400 362 401 if ( current_user_can( $ptype->cap->edit_others_posts ) && current_user_can( $ptype->cap->publish_posts ) ) { 363 if ( ! empty( $post_data['sticky'] ) ) 402 if ( ! empty( $post_data['sticky'] ) ) { 364 403 stick_post( $post_ID ); 365 else404 } else { 366 405 unstick_post( $post_ID ); 406 } 367 407 } 368 408 … … 386 426 global $wpdb; 387 427 388 if ( empty( $post_data) )428 if ( empty( $post_data ) ) { 389 429 $post_data = &$_POST; 390 391 if ( isset($post_data['post_type']) ) 392 $ptype = get_post_type_object($post_data['post_type']); 393 else 394 $ptype = get_post_type_object('post'); 395 396 if ( !current_user_can( $ptype->cap->edit_posts ) ) { 397 if ( 'page' == $ptype->name ) 398 wp_die( __('Sorry, you are not allowed to edit pages.')); 399 else 400 wp_die( __('Sorry, you are not allowed to edit posts.')); 430 } 431 432 if ( isset( $post_data['post_type'] ) ) { 433 $ptype = get_post_type_object( $post_data['post_type'] ); 434 } else { 435 $ptype = get_post_type_object( 'post' ); 436 } 437 438 if ( ! current_user_can( $ptype->cap->edit_posts ) ) { 439 if ( 'page' == $ptype->name ) { 440 wp_die( __( 'Sorry, you are not allowed to edit pages.' ) ); 441 } else { 442 wp_die( __( 'Sorry, you are not allowed to edit posts.' ) ); 443 } 401 444 } 402 445 403 446 if ( -1 == $post_data['_status'] ) { 404 447 $post_data['post_status'] = null; 405 unset( $post_data['post_status']);448 unset( $post_data['post_status'] ); 406 449 } else { 407 450 $post_data['post_status'] = $post_data['_status']; 408 451 } 409 unset( $post_data['_status']);452 unset( $post_data['_status'] ); 410 453 411 454 if ( ! empty( $post_data['post_status'] ) ) { … … 420 463 421 464 $reset = array( 422 'post_author', 'post_status', 'post_password', 423 'post_parent', 'page_template', 'comment_status', 424 'ping_status', 'keep_private', 'tax_input', 425 'post_category', 'sticky', 'post_format', 465 'post_author', 466 'post_status', 467 'post_password', 468 'post_parent', 469 'page_template', 470 'comment_status', 471 'ping_status', 472 'keep_private', 473 'tax_input', 474 'post_category', 475 'sticky', 476 'post_format', 426 477 ); 427 478 428 479 foreach ( $reset as $field ) { 429 if ( isset($post_data[$field]) && ( '' == $post_data[$field] || -1 == $post_data[$field] ) ) 430 unset($post_data[$field]); 431 } 432 433 if ( isset($post_data['post_category']) ) { 434 if ( is_array($post_data['post_category']) && ! empty($post_data['post_category']) ) 480 if ( isset( $post_data[ $field ] ) && ( '' == $post_data[ $field ] || -1 == $post_data[ $field ] ) ) { 481 unset( $post_data[ $field ] ); 482 } 483 } 484 485 if ( isset( $post_data['post_category'] ) ) { 486 if ( is_array( $post_data['post_category'] ) && ! empty( $post_data['post_category'] ) ) { 435 487 $new_cats = array_map( 'absint', $post_data['post_category'] ); 436 else 437 unset($post_data['post_category']); 488 } else { 489 unset( $post_data['post_category'] ); 490 } 438 491 } 439 492 440 493 $tax_input = array(); 441 if ( isset( $post_data['tax_input'])) {494 if ( isset( $post_data['tax_input'] ) ) { 442 495 foreach ( $post_data['tax_input'] as $tax_name => $terms ) { 443 if ( empty( $terms) )496 if ( empty( $terms ) ) { 444 497 continue; 498 } 445 499 if ( is_taxonomy_hierarchical( $tax_name ) ) { 446 500 $tax_input[ $tax_name ] = array_map( 'absint', $terms ); 447 501 } else { 448 502 $comma = _x( ',', 'tag delimiter' ); 449 if ( ',' !== $comma ) 503 if ( ',' !== $comma ) { 450 504 $terms = str_replace( $comma, ',', $terms ); 505 } 451 506 $tax_input[ $tax_name ] = explode( ',', trim( $terms, " \n\t\r\0\x0B," ) ); 452 507 } … … 454 509 } 455 510 456 if ( isset( $post_data['post_parent']) && ($parent = (int) $post_data['post_parent']) ) {457 $pages = $wpdb->get_results("SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'page'");511 if ( isset( $post_data['post_parent'] ) && ( $parent = (int) $post_data['post_parent'] ) ) { 512 $pages = $wpdb->get_results( "SELECT ID, post_parent FROM $wpdb->posts WHERE post_type = 'page'" ); 458 513 $children = array(); 459 514 … … 470 525 } 471 526 472 $updated = $skipped = $locked = array();527 $updated = $skipped = $locked = array(); 473 528 $shared_post_data = $post_data; 474 529 … … 479 534 $post_type_object = get_post_type_object( get_post_type( $post_ID ) ); 480 535 481 if ( ! isset( $post_type_object ) || ( isset($children) && in_array($post_ID, $children) ) || !current_user_can( 'edit_post', $post_ID ) ) {536 if ( ! isset( $post_type_object ) || ( isset( $children ) && in_array( $post_ID, $children ) ) || ! current_user_can( 'edit_post', $post_ID ) ) { 482 537 $skipped[] = $post_ID; 483 538 continue; … … 489 544 } 490 545 491 $post = get_post( $post_ID );546 $post = get_post( $post_ID ); 492 547 $tax_names = get_object_taxonomies( $post ); 493 548 foreach ( $tax_names as $tax_name ) { 494 $taxonomy_obj = get_taxonomy( $tax_name);495 if ( isset( $tax_input[ $tax_name]) && current_user_can( $taxonomy_obj->cap->assign_terms ) )496 $new_terms = $tax_input[ $tax_name];497 else549 $taxonomy_obj = get_taxonomy( $tax_name ); 550 if ( isset( $tax_input[ $tax_name ] ) && current_user_can( $taxonomy_obj->cap->assign_terms ) ) { 551 $new_terms = $tax_input[ $tax_name ]; 552 } else { 498 553 $new_terms = array(); 499 500 if ( $taxonomy_obj->hierarchical ) 501 $current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array('fields' => 'ids') ); 502 else 503 $current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array('fields' => 'names') ); 504 505 $post_data['tax_input'][$tax_name] = array_merge( $current_terms, $new_terms ); 506 } 507 508 if ( isset($new_cats) && in_array( 'category', $tax_names ) ) { 509 $cats = (array) wp_get_post_categories($post_ID); 510 $post_data['post_category'] = array_unique( array_merge($cats, $new_cats) ); 554 } 555 556 if ( $taxonomy_obj->hierarchical ) { 557 $current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array( 'fields' => 'ids' ) ); 558 } else { 559 $current_terms = (array) wp_get_object_terms( $post_ID, $tax_name, array( 'fields' => 'names' ) ); 560 } 561 562 $post_data['tax_input'][ $tax_name ] = array_merge( $current_terms, $new_terms ); 563 } 564 565 if ( isset( $new_cats ) && in_array( 'category', $tax_names ) ) { 566 $cats = (array) wp_get_post_categories( $post_ID ); 567 $post_data['post_category'] = array_unique( array_merge( $cats, $new_cats ) ); 511 568 unset( $post_data['tax_input']['category'] ); 512 569 } 513 570 514 $post_data['post_type'] = $post->post_type;571 $post_data['post_type'] = $post->post_type; 515 572 $post_data['post_mime_type'] = $post->post_mime_type; 516 $post_data['guid'] = $post->guid;573 $post_data['guid'] = $post->guid; 517 574 518 575 foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) { … … 522 579 } 523 580 524 $post_data['ID'] = $post_ID;581 $post_data['ID'] = $post_ID; 525 582 $post_data['post_ID'] = $post_ID; 526 583 … … 539 596 540 597 if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) { 541 if ( 'sticky' == $post_data['sticky'] ) 598 if ( 'sticky' == $post_data['sticky'] ) { 542 599 stick_post( $post_ID ); 543 else600 } else { 544 601 unstick_post( $post_ID ); 545 } 546 } 547 548 return array( 'updated' => $updated, 'skipped' => $skipped, 'locked' => $locked ); 602 } 603 } 604 } 605 606 return array( 607 'updated' => $updated, 608 'skipped' => $skipped, 609 'locked' => $locked, 610 ); 549 611 } 550 612 … … 560 622 function get_default_post_to_edit( $post_type = 'post', $create_in_db = false ) { 561 623 $post_title = ''; 562 if ( !empty( $_REQUEST['post_title'] ) ) 563 $post_title = esc_html( wp_unslash( $_REQUEST['post_title'] )); 624 if ( ! empty( $_REQUEST['post_title'] ) ) { 625 $post_title = esc_html( wp_unslash( $_REQUEST['post_title'] ) ); 626 } 564 627 565 628 $post_content = ''; 566 if ( !empty( $_REQUEST['content'] ) ) 567 $post_content = esc_html( wp_unslash( $_REQUEST['content'] )); 629 if ( ! empty( $_REQUEST['content'] ) ) { 630 $post_content = esc_html( wp_unslash( $_REQUEST['content'] ) ); 631 } 568 632 569 633 $post_excerpt = ''; 570 if ( !empty( $_REQUEST['excerpt'] ) ) 571 $post_excerpt = esc_html( wp_unslash( $_REQUEST['excerpt'] )); 634 if ( ! empty( $_REQUEST['excerpt'] ) ) { 635 $post_excerpt = esc_html( wp_unslash( $_REQUEST['excerpt'] ) ); 636 } 572 637 573 638 if ( $create_in_db ) { 574 $post_id = wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft' ) ); 575 $post = get_post( $post_id ); 576 if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) && get_option( 'default_post_format' ) ) 639 $post_id = wp_insert_post( 640 array( 641 'post_title' => __( 'Auto Draft' ), 642 'post_type' => $post_type, 643 'post_status' => 'auto-draft', 644 ) 645 ); 646 $post = get_post( $post_id ); 647 if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post->post_type, 'post-formats' ) && get_option( 'default_post_format' ) ) { 577 648 set_post_format( $post, get_option( 'default_post_format' ) ); 649 } 578 650 } else { 579 $post = new stdClass;580 $post->ID = 0;581 $post->post_author = '';582 $post->post_date = '';583 $post->post_date_gmt = '';584 $post->post_password = '';585 $post->post_name = '';586 $post->post_type = $post_type;587 $post->post_status = 'draft';588 $post->to_ping = '';589 $post->pinged = '';651 $post = new stdClass; 652 $post->ID = 0; 653 $post->post_author = ''; 654 $post->post_date = ''; 655 $post->post_date_gmt = ''; 656 $post->post_password = ''; 657 $post->post_name = ''; 658 $post->post_type = $post_type; 659 $post->post_status = 'draft'; 660 $post->to_ping = ''; 661 $post->pinged = ''; 590 662 $post->comment_status = get_default_comment_status( $post_type ); 591 $post->ping_status = get_default_comment_status( $post_type, 'pingback' );592 $post->post_pingback = get_option( 'default_pingback_flag' );593 $post->post_category = get_option( 'default_category' );594 $post->page_template = 'default';595 $post->post_parent = 0;596 $post->menu_order = 0;597 $post = new WP_Post( $post );663 $post->ping_status = get_default_comment_status( $post_type, 'pingback' ); 664 $post->post_pingback = get_option( 'default_pingback_flag' ); 665 $post->post_category = get_option( 'default_category' ); 666 $post->page_template = 'default'; 667 $post->post_parent = 0; 668 $post->menu_order = 0; 669 $post = new WP_Post( $post ); 598 670 } 599 671 … … 643 715 * @return int Post ID if post exists, 0 otherwise. 644 716 */ 645 function post_exists( $title, $content = '', $date = '') {717 function post_exists( $title, $content = '', $date = '' ) { 646 718 global $wpdb; 647 719 648 $post_title = wp_unslash( sanitize_post_field( 'post_title', $title, 0, 'db' ) );720 $post_title = wp_unslash( sanitize_post_field( 'post_title', $title, 0, 'db' ) ); 649 721 $post_content = wp_unslash( sanitize_post_field( 'post_content', $content, 0, 'db' ) ); 650 $post_date = wp_unslash( sanitize_post_field( 'post_date', $date, 0, 'db' ) );722 $post_date = wp_unslash( sanitize_post_field( 'post_date', $date, 0, 'db' ) ); 651 723 652 724 $query = "SELECT ID FROM $wpdb->posts WHERE 1=1"; 653 $args = array();654 655 if ( ! empty( $date ) ) {725 $args = array(); 726 727 if ( ! empty( $date ) ) { 656 728 $query .= ' AND post_date = %s'; 657 729 $args[] = $post_date; 658 730 } 659 731 660 if ( ! empty( $title ) ) {732 if ( ! empty( $title ) ) { 661 733 $query .= ' AND post_title = %s'; 662 734 $args[] = $post_title; 663 735 } 664 736 665 if ( ! empty( $content ) ) {737 if ( ! empty( $content ) ) { 666 738 $query .= ' AND post_content = %s'; 667 739 $args[] = $post_content; 668 740 } 669 741 670 if ( !empty ( $args ) ) 671 return (int) $wpdb->get_var( $wpdb->prepare($query, $args) ); 742 if ( ! empty( $args ) ) { 743 return (int) $wpdb->get_var( $wpdb->prepare( $query, $args ) ); 744 } 672 745 673 746 return 0; … … 684 757 */ 685 758 function wp_write_post() { 686 if ( isset($_POST['post_type']) ) 687 $ptype = get_post_type_object($_POST['post_type']); 688 else 689 $ptype = get_post_type_object('post'); 690 691 if ( !current_user_can( $ptype->cap->edit_posts ) ) { 692 if ( 'page' == $ptype->name ) 759 if ( isset( $_POST['post_type'] ) ) { 760 $ptype = get_post_type_object( $_POST['post_type'] ); 761 } else { 762 $ptype = get_post_type_object( 'post' ); 763 } 764 765 if ( ! current_user_can( $ptype->cap->edit_posts ) ) { 766 if ( 'page' == $ptype->name ) { 693 767 return new WP_Error( 'edit_pages', __( 'Sorry, you are not allowed to create pages on this site.' ) ); 694 else768 } else { 695 769 return new WP_Error( 'edit_posts', __( 'Sorry, you are not allowed to create posts or drafts on this site.' ) ); 770 } 696 771 } 697 772 … … 702 777 703 778 // Edit don't write if we have a post id. 704 if ( isset( $_POST['post_ID'] ) ) 779 if ( isset( $_POST['post_ID'] ) ) { 705 780 return edit_post(); 706 707 if ( isset($_POST['visibility']) ) { 781 } 782 783 if ( isset( $_POST['visibility'] ) ) { 708 784 switch ( $_POST['visibility'] ) { 709 case 'public' 785 case 'public': 710 786 $_POST['post_password'] = ''; 711 787 break; 712 case 'password' 788 case 'password': 713 789 unset( $_POST['sticky'] ); 714 790 break; 715 case 'private' 716 $_POST['post_status'] = 'private';791 case 'private': 792 $_POST['post_status'] = 'private'; 717 793 $_POST['post_password'] = ''; 718 794 unset( $_POST['sticky'] ); … … 722 798 723 799 $translated = _wp_translate_postdata( false ); 724 if ( is_wp_error( $translated) )800 if ( is_wp_error( $translated ) ) { 725 801 return $translated; 802 } 726 803 727 804 // Create the post. 728 805 $post_ID = wp_insert_post( $_POST ); 729 if ( is_wp_error( $post_ID ) ) 806 if ( is_wp_error( $post_ID ) ) { 730 807 return $post_ID; 731 732 if ( empty($post_ID) ) 808 } 809 810 if ( empty( $post_ID ) ) { 733 811 return 0; 812 } 734 813 735 814 add_meta( $post_ID ); … … 754 833 function write_post() { 755 834 $result = wp_write_post(); 756 if ( is_wp_error( $result ) ) 835 if ( is_wp_error( $result ) ) { 757 836 wp_die( $result->get_error_message() ); 758 else837 } else { 759 838 return $result; 839 } 760 840 } 761 841 … … 775 855 $post_ID = (int) $post_ID; 776 856 777 $metakeyselect = isset( $_POST['metakeyselect']) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : '';778 $metakeyinput = isset($_POST['metakeyinput']) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : '';779 $metavalue = isset($_POST['metavalue']) ? $_POST['metavalue'] : '';780 if ( is_string( $metavalue ) ) 857 $metakeyselect = isset( $_POST['metakeyselect'] ) ? wp_unslash( trim( $_POST['metakeyselect'] ) ) : ''; 858 $metakeyinput = isset( $_POST['metakeyinput'] ) ? wp_unslash( trim( $_POST['metakeyinput'] ) ) : ''; 859 $metavalue = isset( $_POST['metavalue'] ) ? $_POST['metavalue'] : ''; 860 if ( is_string( $metavalue ) ) { 781 861 $metavalue = trim( $metavalue ); 782 783 if ( ('0' === $metavalue || ! empty ( $metavalue ) ) && ( ( ( '#NONE#' != $metakeyselect ) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput ) ) ) { 862 } 863 864 if ( ( '0' === $metavalue || ! empty( $metavalue ) ) && ( ( ( '#NONE#' != $metakeyselect ) && ! empty( $metakeyselect ) ) || ! empty( $metakeyinput ) ) ) { 784 865 /* 785 866 * We have a key/value pair. If both the select and the input 786 867 * for the key have data, the input takes precedence. 787 868 */ 788 if ( '#NONE#' != $metakeyselect ) 869 if ( '#NONE#' != $metakeyselect ) { 789 870 $metakey = $metakeyselect; 790 791 if ( $metakeyinput ) 871 } 872 873 if ( $metakeyinput ) { 792 874 $metakey = $metakeyinput; // default 793 794 if ( is_protected_meta( $metakey, 'post' ) || ! current_user_can( 'add_post_meta', $post_ID, $metakey ) ) 875 } 876 877 if ( is_protected_meta( $metakey, 'post' ) || ! current_user_can( 'add_post_meta', $post_ID, $metakey ) ) { 795 878 return false; 879 } 796 880 797 881 $metakey = wp_slash( $metakey ); … … 812 896 */ 813 897 function delete_meta( $mid ) { 814 return delete_metadata_by_mid( 'post' 898 return delete_metadata_by_mid( 'post', $mid ); 815 899 } 816 900 … … 827 911 global $wpdb; 828 912 829 $keys = $wpdb->get_col( " 913 $keys = $wpdb->get_col( 914 " 830 915 SELECT meta_key 831 916 FROM $wpdb->postmeta 832 917 GROUP BY meta_key 833 ORDER BY meta_key" ); 918 ORDER BY meta_key" 919 ); 834 920 835 921 return $keys; … … 861 947 global $wpdb; 862 948 863 return $wpdb->get_results( $wpdb->prepare("SELECT meta_key, meta_value, meta_id, post_id 949 return $wpdb->get_results( 950 $wpdb->prepare( 951 "SELECT meta_key, meta_value, meta_id, post_id 864 952 FROM $wpdb->postmeta WHERE post_id = %d 865 ORDER BY meta_key,meta_id", $postid), ARRAY_A ); 953 ORDER BY meta_key,meta_id", $postid 954 ), ARRAY_A 955 ); 866 956 } 867 957 … … 877 967 */ 878 968 function update_meta( $meta_id, $meta_key, $meta_value ) { 879 $meta_key = wp_unslash( $meta_key );969 $meta_key = wp_unslash( $meta_key ); 880 970 $meta_value = wp_unslash( $meta_value ); 881 971 … … 897 987 */ 898 988 function _fix_attachment_links( $post ) { 899 $post = get_post( $post, ARRAY_A );989 $post = get_post( $post, ARRAY_A ); 900 990 $content = $post['post_content']; 901 991 902 992 // Don't run if no pretty permalinks or post is not published, scheduled, or privately published. 903 if ( ! get_option( 'permalink_structure' ) || ! in_array( $post['post_status'], array( 'publish', 'future', 'private' ) ) ) 993 if ( ! get_option( 'permalink_structure' ) || ! in_array( $post['post_status'], array( 'publish', 'future', 'private' ) ) ) { 904 994 return; 995 } 905 996 906 997 // Short if there aren't any links or no '?attachment_id=' strings (strpos cannot be zero) 907 if ( ! strpos($content, '?attachment_id=') || !preg_match_all( '/<a ([^>]+)>[\s\S]+?<\/a>/', $content, $link_matches ) )998 if ( ! strpos( $content, '?attachment_id=' ) || ! preg_match_all( '/<a ([^>]+)>[\s\S]+?<\/a>/', $content, $link_matches ) ) { 908 999 return; 909 910 $site_url = get_bloginfo('url'); 911 $site_url = substr( $site_url, (int) strpos($site_url, '://') ); // remove the http(s) 912 $replace = ''; 1000 } 1001 1002 $site_url = get_bloginfo( 'url' ); 1003 $site_url = substr( $site_url, (int) strpos( $site_url, '://' ) ); // remove the http(s) 1004 $replace = ''; 913 1005 914 1006 foreach ( $link_matches[1] as $key => $value ) { 915 if ( ! strpos($value, '?attachment_id=') || !strpos($value, 'wp-att-')916 || ! preg_match( '/href=(["\'])[^"\']*\?attachment_id=(\d+)[^"\']*\\1/', $value, $url_match )917 || ! preg_match( '/rel=["\'][^"\']*wp-att-(\d+)/', $value, $rel_match ) )1007 if ( ! strpos( $value, '?attachment_id=' ) || ! strpos( $value, 'wp-att-' ) 1008 || ! preg_match( '/href=(["\'])[^"\']*\?attachment_id=(\d+)[^"\']*\\1/', $value, $url_match ) 1009 || ! preg_match( '/rel=["\'][^"\']*wp-att-(\d+)/', $value, $rel_match ) ) { 918 1010 continue; 919 920 $quote = $url_match[1]; // the quote (single or double) 1011 } 1012 1013 $quote = $url_match[1]; // the quote (single or double) 921 1014 $url_id = (int) $url_match[2]; 922 1015 $rel_id = (int) $rel_match[1]; 923 1016 924 if ( ! $url_id || !$rel_id || $url_id != $rel_id || strpos($url_match[0], $site_url) === false )1017 if ( ! $url_id || ! $rel_id || $url_id != $rel_id || strpos( $url_match[0], $site_url ) === false ) { 925 1018 continue; 926 927 $link = $link_matches[0][$key]; 1019 } 1020 1021 $link = $link_matches[0][ $key ]; 928 1022 $replace = str_replace( $url_match[0], 'href=' . $quote . get_attachment_link( $url_id ) . $quote, $link ); 929 1023 … … 934 1028 $post['post_content'] = $content; 935 1029 // Escape data pulled from DB. 936 $post = add_magic_quotes( $post);937 938 return wp_update_post( $post);1030 $post = add_magic_quotes( $post ); 1031 1032 return wp_update_post( $post ); 939 1033 } 940 1034 } … … 948 1042 * @return array As array of all the statuses for the supplied post type 949 1043 */ 950 function get_available_post_statuses( $type = 'post') {951 $stati = wp_count_posts( $type);952 953 return array_keys( get_object_vars($stati));1044 function get_available_post_statuses( $type = 'post' ) { 1045 $stati = wp_count_posts( $type ); 1046 1047 return array_keys( get_object_vars( $stati ) ); 954 1048 } 955 1049 … … 963 1057 */ 964 1058 function wp_edit_posts_query( $q = false ) { 965 if ( false === $q ) 1059 if ( false === $q ) { 966 1060 $q = $_GET; 967 $q['m'] = isset($q['m']) ? (int) $q['m'] : 0; 968 $q['cat'] = isset($q['cat']) ? (int) $q['cat'] : 0; 969 $post_stati = get_post_stati(); 970 971 if ( isset($q['post_type']) && in_array( $q['post_type'], get_post_types() ) ) 1061 } 1062 $q['m'] = isset( $q['m'] ) ? (int) $q['m'] : 0; 1063 $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0; 1064 $post_stati = get_post_stati(); 1065 1066 if ( isset( $q['post_type'] ) && in_array( $q['post_type'], get_post_types() ) ) { 972 1067 $post_type = $q['post_type']; 973 else1068 } else { 974 1069 $post_type = 'post'; 975 976 $avail_post_stati = get_available_post_statuses($post_type); 977 978 if ( isset($q['post_status']) && in_array( $q['post_status'], $post_stati ) ) { 1070 } 1071 1072 $avail_post_stati = get_available_post_statuses( $post_type ); 1073 1074 if ( isset( $q['post_status'] ) && in_array( $q['post_status'], $post_stati ) ) { 979 1075 $post_status = $q['post_status']; 980 $perm = 'readable';1076 $perm = 'readable'; 981 1077 } 982 1078 … … 993 1089 } 994 1090 995 $per_page = "edit_{$post_type}_per_page";1091 $per_page = "edit_{$post_type}_per_page"; 996 1092 $posts_per_page = (int) get_user_option( $per_page ); 997 if ( empty( $posts_per_page ) || $posts_per_page < 1 ) 1093 if ( empty( $posts_per_page ) || $posts_per_page < 1 ) { 998 1094 $posts_per_page = 20; 1095 } 999 1096 1000 1097 /** … … 1023 1120 $posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type ); 1024 1121 1025 $query = compact( 'post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page');1122 $query = compact( 'post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page' ); 1026 1123 1027 1124 // Hierarchical types require special args. 1028 if ( is_post_type_hierarchical( $post_type ) && ! isset($orderby) ) {1029 $query['orderby'] = 'menu_order title';1030 $query['order'] = 'asc';1031 $query['posts_per_page'] = -1;1125 if ( is_post_type_hierarchical( $post_type ) && ! isset( $orderby ) ) { 1126 $query['orderby'] = 'menu_order title'; 1127 $query['order'] = 'asc'; 1128 $query['posts_per_page'] = -1; 1032 1129 $query['posts_per_archive_page'] = -1; 1033 $query['fields'] = 'id=>parent';1034 } 1035 1036 if ( ! empty( $q['show_sticky'] ) ) 1130 $query['fields'] = 'id=>parent'; 1131 } 1132 1133 if ( ! empty( $q['show_sticky'] ) ) { 1037 1134 $query['post__in'] = (array) get_option( 'sticky_posts' ); 1135 } 1038 1136 1039 1137 wp( $query ); … … 1052 1150 * @return mixed 1053 1151 */ 1054 function get_available_post_mime_types( $type = 'attachment') {1152 function get_available_post_mime_types( $type = 'attachment' ) { 1055 1153 global $wpdb; 1056 1154 1057 $types = $wpdb->get_col( $wpdb->prepare("SELECT DISTINCT post_mime_type FROM $wpdb->posts WHERE post_type = %s", $type));1155 $types = $wpdb->get_col( $wpdb->prepare( "SELECT DISTINCT post_mime_type FROM $wpdb->posts WHERE post_type = %s", $type ) ); 1058 1156 return $types; 1059 1157 } … … 1072 1170 $q = $_GET; 1073 1171 } 1074 $q['m'] = isset( $q['m'] ) ? (int) $q['m'] : 0;1075 $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;1172 $q['m'] = isset( $q['m'] ) ? (int) $q['m'] : 0; 1173 $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0; 1076 1174 $q['post_type'] = 'attachment'; 1077 $post_type = get_post_type_object( 'attachment' );1078 $states = 'inherit';1175 $post_type = get_post_type_object( 'attachment' ); 1176 $states = 'inherit'; 1079 1177 if ( current_user_can( $post_type->cap->read_private_posts ) ) { 1080 1178 $states .= ',private'; … … 1099 1197 1100 1198 $post_mime_types = get_post_mime_types(); 1101 if ( isset( $q['post_mime_type']) && !array_intersect( (array) $q['post_mime_type'], array_keys($post_mime_types) ) ) {1102 unset( $q['post_mime_type']);1199 if ( isset( $q['post_mime_type'] ) && ! array_intersect( (array) $q['post_mime_type'], array_keys( $post_mime_types ) ) ) { 1200 unset( $q['post_mime_type'] ); 1103 1201 } 1104 1202 … … 1134 1232 wp( wp_edit_attachments_query_vars( $q ) ); 1135 1233 1136 $post_mime_types = get_post_mime_types();1234 $post_mime_types = get_post_mime_types(); 1137 1235 $avail_post_mime_types = get_available_post_mime_types( 'attachment' ); 1138 1236 … … 1152 1250 if ( isset( $_GET['edit'] ) && $_GET['edit'] == $id ) { 1153 1251 $classes = array( '' ); 1154 } elseif ( $closed = get_user_option( 'closedpostboxes_'.$page ) ) {1155 if ( ! is_array( $closed ) ) {1252 } elseif ( $closed = get_user_option( 'closedpostboxes_' . $page ) ) { 1253 if ( ! is_array( $closed ) ) { 1156 1254 $classes = array( '' ); 1157 1255 } else { … … 1186 1284 * @return array Array containing the sample permalink with placeholder for the post name, and the post name. 1187 1285 */ 1188 function get_sample_permalink( $id, $title = null, $name = null) {1286 function get_sample_permalink( $id, $title = null, $name = null ) { 1189 1287 $post = get_post( $id ); 1190 if ( ! $post ) 1288 if ( ! $post ) { 1191 1289 return array( '', '' ); 1192 1193 $ptype = get_post_type_object($post->post_type); 1290 } 1291 1292 $ptype = get_post_type_object( $post->post_type ); 1194 1293 1195 1294 $original_status = $post->post_status; 1196 $original_date = $post->post_date;1197 $original_name = $post->post_name;1295 $original_date = $post->post_date; 1296 $original_name = $post->post_name; 1198 1297 1199 1298 // Hack: get_permalink() would return ugly permalink for drafts, so we will fake that our post is published. 1200 1299 if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ) ) ) { 1201 1300 $post->post_status = 'publish'; 1202 $post->post_name = sanitize_title($post->post_name ? $post->post_name : $post->post_title, $post->ID);1301 $post->post_name = sanitize_title( $post->post_name ? $post->post_name : $post->post_title, $post->ID ); 1203 1302 } 1204 1303 1205 1304 // If the user wants to set a new name -- override the current one 1206 1305 // Note: if empty name is supplied -- use the title instead, see #6072 1207 if ( !is_null($name) ) 1208 $post->post_name = sanitize_title($name ? $name : $title, $post->ID); 1209 1210 $post->post_name = wp_unique_post_slug($post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent); 1306 if ( ! is_null( $name ) ) { 1307 $post->post_name = sanitize_title( $name ? $name : $title, $post->ID ); 1308 } 1309 1310 $post->post_name = wp_unique_post_slug( $post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent ); 1211 1311 1212 1312 $post->filter = 'sample'; 1213 1313 1214 $permalink = get_permalink( $post, true);1314 $permalink = get_permalink( $post, true ); 1215 1315 1216 1316 // Replace custom post_type Token with generic pagename token for ease of use. 1217 $permalink = str_replace( "%$post->post_type%", '%pagename%', $permalink);1317 $permalink = str_replace( "%$post->post_type%", '%pagename%', $permalink ); 1218 1318 1219 1319 // Handle page hierarchy 1220 1320 if ( $ptype->hierarchical ) { 1221 $uri = get_page_uri( $post);1321 $uri = get_page_uri( $post ); 1222 1322 if ( $uri ) { 1223 $uri = untrailingslashit( $uri);1323 $uri = untrailingslashit( $uri ); 1224 1324 $uri = strrev( stristr( strrev( $uri ), '/' ) ); 1225 $uri = untrailingslashit( $uri);1325 $uri = untrailingslashit( $uri ); 1226 1326 } 1227 1327 1228 1328 /** This filter is documented in wp-admin/edit-tag-form.php */ 1229 1329 $uri = apply_filters( 'editable_slug', $uri, $post ); 1230 if ( ! empty($uri) )1330 if ( ! empty( $uri ) ) { 1231 1331 $uri .= '/'; 1232 $permalink = str_replace('%pagename%', "{$uri}%pagename%", $permalink); 1332 } 1333 $permalink = str_replace( '%pagename%', "{$uri}%pagename%", $permalink ); 1233 1334 } 1234 1335 1235 1336 /** This filter is documented in wp-admin/edit-tag-form.php */ 1236 $permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name, $post ) );1337 $permalink = array( $permalink, apply_filters( 'editable_slug', $post->post_name, $post ) ); 1237 1338 $post->post_status = $original_status; 1238 $post->post_date = $original_date;1239 $post->post_name = $original_name;1240 unset( $post->filter);1339 $post->post_date = $original_date; 1340 $post->post_name = $original_name; 1341 unset( $post->filter ); 1241 1342 1242 1343 /** … … 1266 1367 function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) { 1267 1368 $post = get_post( $id ); 1268 if ( ! $post ) 1369 if ( ! $post ) { 1269 1370 return ''; 1270 1271 list($permalink, $post_name) = get_sample_permalink($post->ID, $new_title, $new_slug); 1272 1273 $view_link = false; 1371 } 1372 1373 list($permalink, $post_name) = get_sample_permalink( $post->ID, $new_title, $new_slug ); 1374 1375 $view_link = false; 1274 1376 $preview_target = ''; 1275 1377 1276 1378 if ( current_user_can( 'read_post', $post->ID ) ) { 1277 1379 if ( 'draft' === $post->post_status || empty( $post->post_name ) ) { 1278 $view_link = get_preview_post_link( $post );1380 $view_link = get_preview_post_link( $post ); 1279 1381 $preview_target = " target='wp-preview-{$post->ID}'"; 1280 1382 } else { … … 1294 1396 if ( false !== $view_link ) { 1295 1397 $display_link = urldecode( $view_link ); 1296 $return .= '<a id="sample-permalink" href="' . esc_url( $view_link ) . '"' . $preview_target . '>' . esc_html( $display_link ) . "</a>\n";1398 $return .= '<a id="sample-permalink" href="' . esc_url( $view_link ) . '"' . $preview_target . '>' . esc_html( $display_link ) . "</a>\n"; 1297 1399 } else { 1298 1400 $return .= '<span id="sample-permalink">' . $permalink . "</span>\n"; … … 1300 1402 1301 1403 // Encourage a pretty permalink setting 1302 if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && ! ( 'page' == get_option('show_on_front') && $id == get_option('page_on_front') ) ) {1303 $return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small" target="_blank">' . __( 'Change Permalinks') . "</a></span>\n";1404 if ( '' == get_option( 'permalink_structure' ) && current_user_can( 'manage_options' ) && ! ( 'page' == get_option( 'show_on_front' ) && $id == get_option( 'page_on_front' ) ) ) { 1405 $return .= '<span id="change-permalinks"><a href="options-permalink.php" class="button button-small" target="_blank">' . __( 'Change Permalinks' ) . "</a></span>\n"; 1304 1406 } 1305 1407 } else { … … 1311 1413 1312 1414 $post_name_html = '<span id="editable-post-name">' . esc_html( $post_name_abridged ) . '</span>'; 1313 $display_link = str_replace( array( '%pagename%', '%postname%' ), $post_name_html, esc_html( urldecode( $permalink ) ) );1314 1315 $return = '<strong>' . __( 'Permalink:' ) . "</strong>\n";1415 $display_link = str_replace( array( '%pagename%', '%postname%' ), $post_name_html, esc_html( urldecode( $permalink ) ) ); 1416 1417 $return = '<strong>' . __( 'Permalink:' ) . "</strong>\n"; 1316 1418 $return .= '<span id="sample-permalink"><a href="' . esc_url( $view_link ) . '"' . $preview_target . '>' . $display_link . "</a></span>\n"; 1317 1419 $return .= '‎'; // Fix bi-directional text display defect in RTL languages. … … 1354 1456 $upload_iframe_src = get_upload_iframe_src( 'image', $post->ID ); 1355 1457 1356 $content = sprintf( $set_thumbnail_link, 1458 $content = sprintf( 1459 $set_thumbnail_link, 1357 1460 esc_url( $upload_iframe_src ), 1358 1461 '', // Empty when there's no featured image set, `aria-describedby` attribute otherwise. … … 1385 1488 1386 1489 if ( ! empty( $thumbnail_html ) ) { 1387 $content = sprintf( $set_thumbnail_link, 1490 $content = sprintf( 1491 $set_thumbnail_link, 1388 1492 esc_url( $upload_iframe_src ), 1389 1493 ' aria-describedby="set-post-thumbnail-desc"', … … 1465 1569 } 1466 1570 1467 $now = time();1571 $now = time(); 1468 1572 $lock = "$now:$user_id"; 1469 1573 … … 1480 1584 */ 1481 1585 function _admin_notice_post_locked() { 1482 if ( ! $post = get_post() ) 1586 if ( ! $post = get_post() ) { 1483 1587 return; 1588 } 1484 1589 1485 1590 $user = null; 1486 if ( $user_id = wp_check_post_lock( $post->ID ) )1591 if ( $user_id = wp_check_post_lock( $post->ID ) ) { 1487 1592 $user = get_userdata( $user_id ); 1593 } 1488 1594 1489 1595 if ( $user ) { … … 1500 1606 * @param WP_User|bool $user WP_User object on success, false otherwise. 1501 1607 */ 1502 if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) ) 1608 if ( ! apply_filters( 'show_post_locked_dialog', true, $post, $user ) ) { 1503 1609 return; 1610 } 1504 1611 1505 1612 $locked = true; … … 1511 1618 false === strpos( $sendback, 'post.php' ) && false === strpos( $sendback, 'post-new.php' ) ) { 1512 1619 1513 $sendback_text = __( 'Go back');1620 $sendback_text = __( 'Go back' ); 1514 1621 } else { 1515 1622 $sendback = admin_url( 'edit.php' ); 1516 1623 1517 if ( 'post' != $post->post_type ) 1624 if ( 'post' != $post->post_type ) { 1518 1625 $sendback = add_query_arg( 'post_type', $post->post_type, $sendback ); 1626 } 1519 1627 1520 1628 $sendback_text = get_post_type_object( $post->post_type )->labels->all_items; … … 1534 1642 if ( 'publish' == $post->post_status || $user->ID != $post->post_author ) { 1535 1643 // Latest content is in autosave 1536 $nonce = wp_create_nonce( 'post_preview_' . $post->ID );1537 $query_args['preview_id'] = $post->ID;1644 $nonce = wp_create_nonce( 'post_preview_' . $post->ID ); 1645 $query_args['preview_id'] = $post->ID; 1538 1646 $query_args['preview_nonce'] = $nonce; 1539 1647 } … … 1562 1670 <p class="currently-editing wp-tab-first" tabindex="0"> 1563 1671 <?php 1564 1565 1566 1567 1568 1569 1570 1672 if ( $override ) { 1673 /* translators: %s: user's display name */ 1674 printf( __( '%s is already editing this post. Do you want to take over?' ), esc_html( $user->display_name ) ); 1675 } else { 1676 /* translators: %s: user's display name */ 1677 printf( __( '%s is already editing this post.' ), esc_html( $user->display_name ) ); 1678 } 1571 1679 ?> 1572 1680 </p> … … 1584 1692 <a class="button" href="<?php echo esc_url( $sendback ); ?>"><?php echo $sendback_text; ?></a> 1585 1693 <?php if ( $preview_link ) { ?> 1586 <a class="button<?php echo $tab_last; ?>" href="<?php echo esc_url( $preview_link ); ?>"><?php _e( 'Preview'); ?></a>1694 <a class="button<?php echo $tab_last; ?>" href="<?php echo esc_url( $preview_link ); ?>"><?php _e( 'Preview' ); ?></a> 1587 1695 <?php 1588 1696 } 1589 1697 1590 1698 // Allow plugins to prevent some users overriding the post lock 1591 1592 1593 <a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', wp_nonce_url( get_edit_post_link( $post->ID, 'url' ), 'lock-post_' . $post->ID ) ) ); ?>"><?php _e('Take over'); ?></a>1699 if ( $override ) { 1700 ?> 1701 <a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', wp_nonce_url( get_edit_post_link( $post->ID, 'url' ), 'lock-post_' . $post->ID ) ) ); ?>"><?php _e( 'Take over' ); ?></a> 1594 1702 <?php 1595 1703 } 1596 1704 1597 1705 ?> … … 1606 1714 <span class="currently-editing"></span><br /> 1607 1715 <span class="locked-saving hidden"><img src="<?php echo esc_url( admin_url( 'images/spinner-2x.gif' ) ); ?>" width="16" height="16" alt="" /> <?php _e( 'Saving revision…' ); ?></span> 1608 <span class="locked-saved hidden"><?php _e( 'Your latest changes were saved as a revision.'); ?></span>1716 <span class="locked-saved hidden"><?php _e( 'Your latest changes were saved as a revision.' ); ?></span> 1609 1717 </p> 1610 1718 <?php … … 1639 1747 function wp_create_post_autosave( $post_data ) { 1640 1748 if ( is_numeric( $post_data ) ) { 1641 $post_id = $post_data;1749 $post_id = $post_data; 1642 1750 $post_data = $_POST; 1643 1751 } else { … … 1646 1754 1647 1755 $post_data = _wp_translate_postdata( true, $post_data ); 1648 if ( is_wp_error( $post_data ) ) 1756 if ( is_wp_error( $post_data ) ) { 1649 1757 return $post_data; 1758 } 1650 1759 1651 1760 $post_author = get_current_user_id(); … … 1653 1762 // Store one autosave per author. If there is already an autosave, overwrite it. 1654 1763 if ( $old_autosave = wp_get_post_autosave( $post_id, $post_author ) ) { 1655 $new_autosave = _wp_post_revision_data( $post_data, true );1656 $new_autosave['ID'] = $old_autosave->ID;1764 $new_autosave = _wp_post_revision_data( $post_data, true ); 1765 $new_autosave['ID'] = $old_autosave->ID; 1657 1766 $new_autosave['post_author'] = $post_author; 1658 1767 1659 1768 // If the new autosave has the same content as the post, delete the autosave. 1660 $post = get_post( $post_id );1769 $post = get_post( $post_id ); 1661 1770 $autosave_is_different = false; 1662 1771 foreach ( array_intersect( array_keys( $new_autosave ), array_keys( _wp_post_revision_fields( $post ) ) ) as $field ) { … … 1700 1809 function post_preview() { 1701 1810 1702 $post_ID = (int) $_POST['post_ID'];1811 $post_ID = (int) $_POST['post_ID']; 1703 1812 $_POST['ID'] = $post_ID; 1704 1813 … … 1718 1827 $is_autosave = true; 1719 1828 1720 if ( isset( $_POST['post_status'] ) && 'auto-draft' == $_POST['post_status'] ) 1829 if ( isset( $_POST['post_status'] ) && 'auto-draft' == $_POST['post_status'] ) { 1721 1830 $_POST['post_status'] = 'draft'; 1831 } 1722 1832 1723 1833 $saved_post_id = wp_create_post_autosave( $post->ID ); 1724 1834 } 1725 1835 1726 if ( is_wp_error( $saved_post_id ) ) 1836 if ( is_wp_error( $saved_post_id ) ) { 1727 1837 wp_die( $saved_post_id->get_error_message() ); 1838 } 1728 1839 1729 1840 $query_args = array(); 1730 1841 1731 1842 if ( $is_autosave && $saved_post_id ) { 1732 $query_args['preview_id'] = $post->ID;1843 $query_args['preview_id'] = $post->ID; 1733 1844 $query_args['preview_nonce'] = wp_create_nonce( 'post_preview_' . $post->ID ); 1734 1845 … … 1758 1869 function wp_autosave( $post_data ) { 1759 1870 // Back-compat 1760 if ( ! defined( 'DOING_AUTOSAVE' ) ) 1871 if ( ! defined( 'DOING_AUTOSAVE' ) ) { 1761 1872 define( 'DOING_AUTOSAVE', true ); 1762 1763 $post_id = (int) $post_data['post_id']; 1873 } 1874 1875 $post_id = (int) $post_data['post_id']; 1764 1876 $post_data['ID'] = $post_data['post_ID'] = $post_id; 1765 1877 … … 1774 1886 } 1775 1887 1776 if ( 'auto-draft' == $post->post_status ) 1888 if ( 'auto-draft' == $post->post_status ) { 1777 1889 $post_data['post_status'] = 'draft'; 1778 1779 if ( $post_data['post_type'] != 'page' && ! empty( $post_data['catslist'] ) ) 1890 } 1891 1892 if ( $post_data['post_type'] != 'page' && ! empty( $post_data['catslist'] ) ) { 1780 1893 $post_data['post_category'] = explode( ',', $post_data['catslist'] ); 1894 } 1781 1895 1782 1896 if ( ! wp_check_post_lock( $post->ID ) && get_current_user_id() == $post->post_author && ( 'auto-draft' == $post->post_status || 'draft' == $post->post_status ) ) { … … 1794 1908 * @param int $post_id Optional. Post ID. 1795 1909 */ 1796 function redirect_post( $post_id = '') {1797 if ( isset( $_POST['save']) || isset($_POST['publish']) ) {1910 function redirect_post( $post_id = '' ) { 1911 if ( isset( $_POST['save'] ) || isset( $_POST['publish'] ) ) { 1798 1912 $status = get_post_status( $post_id ); 1799 1913 … … 1814 1928 1815 1929 $location = add_query_arg( 'message', $message, get_edit_post_link( $post_id, 'url' ) ); 1816 } elseif ( isset( $_POST['addmeta']) && $_POST['addmeta'] ) {1930 } elseif ( isset( $_POST['addmeta'] ) && $_POST['addmeta'] ) { 1817 1931 $location = add_query_arg( 'message', 2, wp_get_referer() ); 1818 $location = explode( '#', $location);1932 $location = explode( '#', $location ); 1819 1933 $location = $location[0] . '#postcustom'; 1820 } elseif ( isset( $_POST['deletemeta']) && $_POST['deletemeta'] ) {1934 } elseif ( isset( $_POST['deletemeta'] ) && $_POST['deletemeta'] ) { 1821 1935 $location = add_query_arg( 'message', 3, wp_get_referer() ); 1822 $location = explode( '#', $location);1936 $location = explode( '#', $location ); 1823 1937 $location = $location[0] . '#postcustom'; 1824 1938 } else { … … 1879 1993 } 1880 1994 1881 $_term = get_terms( $taxonomy, array( 1882 'name' => $term, 1883 'fields' => 'ids', 1884 'hide_empty' => false, 1885 ) ); 1995 $_term = get_terms( 1996 $taxonomy, array( 1997 'name' => $term, 1998 'fields' => 'ids', 1999 'hide_empty' => false, 2000 ) 2001 ); 1886 2002 1887 2003 if ( ! empty( $_term ) ) {
Note: See TracChangeset
for help on using the changeset viewer.