Make WordPress Core


Ignore:
Timestamp:
11/30/2017 11:09:33 PM (4 years ago)
Author:
pento
Message:

Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/post.php

    r42228 r42343  
    1212require_once( dirname( __FILE__ ) . '/admin.php' );
    1313
    14 $parent_file = 'edit.php';
     14$parent_file  = 'edit.php';
    1515$submenu_file = 'edit.php';
    1616
    1717wp_reset_vars( array( 'action' ) );
    1818
    19 if ( isset( $_GET['post'] ) )
    20     $post_id = $post_ID = (int) $_GET['post'];
    21 elseif ( isset( $_POST['post_ID'] ) )
    22     $post_id = $post_ID = (int) $_POST['post_ID'];
    23 else
    24     $post_id = $post_ID = 0;
     19if ( isset( $_GET['post'] ) ) {
     20    $post_id = $post_ID = (int) $_GET['post'];
     21} elseif ( isset( $_POST['post_ID'] ) ) {
     22    $post_id = $post_ID = (int) $_POST['post_ID'];
     23} else {
     24    $post_id = $post_ID = 0;
     25}
    2526
    2627/**
     
    3132global $post_type, $post_type_object, $post;
    3233
    33 if ( $post_id )
     34if ( $post_id ) {
    3435    $post = get_post( $post_id );
     36}
    3537
    3638if ( $post ) {
    37     $post_type = $post->post_type;
     39    $post_type        = $post->post_type;
    3840    $post_type_object = get_post_type_object( $post_type );
    3941}
    4042
    41 if ( isset( $_POST['deletepost'] ) )
     43if ( isset( $_POST['deletepost'] ) ) {
    4244    $action = 'delete';
    43 elseif ( isset($_POST['wp-preview']) && 'dopreview' == $_POST['wp-preview'] )
     45} elseif ( isset( $_POST['wp-preview'] ) && 'dopreview' == $_POST['wp-preview'] ) {
    4446    $action = 'preview';
     47}
    4548
    4649$sendback = wp_get_referer();
     
    5760    }
    5861} else {
    59     $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), $sendback );
    60 }
    61 
    62 switch($action) {
    63 case 'post-quickdraft-save':
    64     // Check nonce and capabilities
    65     $nonce = $_REQUEST['_wpnonce'];
    66     $error_msg = false;
    67 
    68     // For output of the quickdraft dashboard widget
    69     require_once ABSPATH . 'wp-admin/includes/dashboard.php';
    70 
    71     if ( ! wp_verify_nonce( $nonce, 'add-post' ) )
    72         $error_msg = __( 'Unable to submit this form, please refresh and try again.' );
    73 
    74     if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) {
     62    $sendback = remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'ids' ), $sendback );
     63}
     64
     65switch ( $action ) {
     66    case 'post-quickdraft-save':
     67        // Check nonce and capabilities
     68        $nonce     = $_REQUEST['_wpnonce'];
     69        $error_msg = false;
     70
     71        // For output of the quickdraft dashboard widget
     72        require_once ABSPATH . 'wp-admin/includes/dashboard.php';
     73
     74        if ( ! wp_verify_nonce( $nonce, 'add-post' ) ) {
     75            $error_msg = __( 'Unable to submit this form, please refresh and try again.' );
     76        }
     77
     78        if ( ! current_user_can( get_post_type_object( 'post' )->cap->create_posts ) ) {
     79            exit;
     80        }
     81
     82        if ( $error_msg ) {
     83            return wp_dashboard_quick_press( $error_msg );
     84        }
     85
     86        $post = get_post( $_REQUEST['post_ID'] );
     87        check_admin_referer( 'add-' . $post->post_type );
     88
     89        $_POST['comment_status'] = get_default_comment_status( $post->post_type );
     90        $_POST['ping_status']    = get_default_comment_status( $post->post_type, 'pingback' );
     91
     92        edit_post();
     93        wp_dashboard_quick_press();
    7594        exit;
    76     }
    77 
    78     if ( $error_msg )
    79         return wp_dashboard_quick_press( $error_msg );
    80 
    81     $post = get_post( $_REQUEST['post_ID'] );
    82     check_admin_referer( 'add-' . $post->post_type );
    83 
    84     $_POST['comment_status'] = get_default_comment_status( $post->post_type );
    85     $_POST['ping_status']    = get_default_comment_status( $post->post_type, 'pingback' );
    86 
    87     edit_post();
    88     wp_dashboard_quick_press();
    89     exit;
    90 
    91 case 'postajaxpost':
    92 case 'post':
    93     check_admin_referer( 'add-' . $post_type );
    94     $post_id = 'postajaxpost' == $action ? edit_post() : write_post();
    95     redirect_post( $post_id );
    96     exit();
    97 
    98 case 'edit':
    99     $editing = true;
    100 
    101     if ( empty( $post_id ) ) {
    102         wp_redirect( admin_url('post.php') );
    103         exit();
    104     }
    105 
    106     if ( ! $post )
    107         wp_die( __( 'You attempted to edit an item that doesn’t exist. Perhaps it was deleted?' ) );
    108 
    109     if ( ! $post_type_object )
    110         wp_die( __( 'Invalid post type.' ) );
    111 
    112     if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ) ) ) {
    113         wp_die( __( 'Sorry, you are not allowed to edit posts in this post type.' ) );
    114     }
    115 
    116     if ( ! current_user_can( 'edit_post', $post_id ) )
    117         wp_die( __( 'Sorry, you are not allowed to edit this item.' ) );
    118 
    119     if ( 'trash' == $post->post_status )
    120         wp_die( __( 'You can’t edit this item because it is in the Trash. Please restore it and try again.' ) );
    121 
    122     if ( ! empty( $_GET['get-post-lock'] ) ) {
    123         check_admin_referer( 'lock-post_' . $post_id );
    124         wp_set_post_lock( $post_id );
    125         wp_redirect( get_edit_post_link( $post_id, 'url' ) );
    126         exit();
    127     }
    128 
    129     $post_type = $post->post_type;
    130     if ( 'post' == $post_type ) {
    131         $parent_file = "edit.php";
    132         $submenu_file = "edit.php";
    133         $post_new_file = "post-new.php";
    134     } elseif ( 'attachment' == $post_type ) {
    135         $parent_file = 'upload.php';
    136         $submenu_file = 'upload.php';
    137         $post_new_file = 'media-new.php';
    138     } else {
    139         if ( isset( $post_type_object ) && $post_type_object->show_in_menu && $post_type_object->show_in_menu !== true )
    140             $parent_file = $post_type_object->show_in_menu;
    141         else
    142             $parent_file = "edit.php?post_type=$post_type";
    143         $submenu_file = "edit.php?post_type=$post_type";
    144         $post_new_file = "post-new.php?post_type=$post_type";
    145     }
    146 
    147     /**
    148      * Allows replacement of the editor.
    149      *
    150      * @since 4.9.0
    151      *
    152      * @param boolean      Whether to replace the editor. Default false.
    153      * @param object $post Post object.
    154      */
    155     if ( apply_filters( 'replace_editor', false, $post ) === true ) {
     95
     96    case 'postajaxpost':
     97    case 'post':
     98        check_admin_referer( 'add-' . $post_type );
     99        $post_id = 'postajaxpost' == $action ? edit_post() : write_post();
     100        redirect_post( $post_id );
     101        exit();
     102
     103    case 'edit':
     104        $editing = true;
     105
     106        if ( empty( $post_id ) ) {
     107            wp_redirect( admin_url( 'post.php' ) );
     108            exit();
     109        }
     110
     111        if ( ! $post ) {
     112            wp_die( __( 'You attempted to edit an item that doesn’t exist. Perhaps it was deleted?' ) );
     113        }
     114
     115        if ( ! $post_type_object ) {
     116            wp_die( __( 'Invalid post type.' ) );
     117        }
     118
     119        if ( ! in_array( $typenow, get_post_types( array( 'show_ui' => true ) ) ) ) {
     120            wp_die( __( 'Sorry, you are not allowed to edit posts in this post type.' ) );
     121        }
     122
     123        if ( ! current_user_can( 'edit_post', $post_id ) ) {
     124            wp_die( __( 'Sorry, you are not allowed to edit this item.' ) );
     125        }
     126
     127        if ( 'trash' == $post->post_status ) {
     128            wp_die( __( 'You can’t edit this item because it is in the Trash. Please restore it and try again.' ) );
     129        }
     130
     131        if ( ! empty( $_GET['get-post-lock'] ) ) {
     132            check_admin_referer( 'lock-post_' . $post_id );
     133            wp_set_post_lock( $post_id );
     134            wp_redirect( get_edit_post_link( $post_id, 'url' ) );
     135            exit();
     136        }
     137
     138        $post_type = $post->post_type;
     139        if ( 'post' == $post_type ) {
     140            $parent_file   = 'edit.php';
     141            $submenu_file  = 'edit.php';
     142            $post_new_file = 'post-new.php';
     143        } elseif ( 'attachment' == $post_type ) {
     144            $parent_file   = 'upload.php';
     145            $submenu_file  = 'upload.php';
     146            $post_new_file = 'media-new.php';
     147        } else {
     148            if ( isset( $post_type_object ) && $post_type_object->show_in_menu && $post_type_object->show_in_menu !== true ) {
     149                $parent_file = $post_type_object->show_in_menu;
     150            } else {
     151                $parent_file = "edit.php?post_type=$post_type";
     152            }
     153            $submenu_file  = "edit.php?post_type=$post_type";
     154            $post_new_file = "post-new.php?post_type=$post_type";
     155        }
     156
     157        /**
     158         * Allows replacement of the editor.
     159         *
     160         * @since 4.9.0
     161         *
     162         * @param boolean      Whether to replace the editor. Default false.
     163         * @param object $post Post object.
     164         */
     165        if ( apply_filters( 'replace_editor', false, $post ) === true ) {
     166            break;
     167        }
     168
     169        if ( ! wp_check_post_lock( $post->ID ) ) {
     170            $active_post_lock = wp_set_post_lock( $post->ID );
     171
     172            if ( 'attachment' !== $post_type ) {
     173                wp_enqueue_script( 'autosave' );
     174            }
     175        }
     176
     177        $title = $post_type_object->labels->edit_item;
     178        $post  = get_post( $post_id, OBJECT, 'edit' );
     179
     180        if ( post_type_supports( $post_type, 'comments' ) ) {
     181            wp_enqueue_script( 'admin-comments' );
     182            enqueue_comment_hotkeys_js();
     183        }
     184
     185        include( ABSPATH . 'wp-admin/edit-form-advanced.php' );
     186
    156187        break;
    157     }
    158 
    159     if ( ! wp_check_post_lock( $post->ID ) ) {
    160         $active_post_lock = wp_set_post_lock( $post->ID );
    161 
    162         if ( 'attachment' !== $post_type )
    163             wp_enqueue_script('autosave');
    164     }
    165 
    166     $title = $post_type_object->labels->edit_item;
    167     $post = get_post($post_id, OBJECT, 'edit');
    168 
    169     if ( post_type_supports($post_type, 'comments') ) {
    170         wp_enqueue_script('admin-comments');
    171         enqueue_comment_hotkeys_js();
    172     }
    173 
    174     include( ABSPATH . 'wp-admin/edit-form-advanced.php' );
    175 
    176     break;
    177 
    178 case 'editattachment':
    179     check_admin_referer('update-post_' . $post_id);
    180 
    181     // Don't let these be changed
    182     unset($_POST['guid']);
    183     $_POST['post_type'] = 'attachment';
    184 
    185     // Update the thumbnail filename
    186     $newmeta = wp_get_attachment_metadata( $post_id, true );
    187     $newmeta['thumb'] = $_POST['thumb'];
    188 
    189     wp_update_attachment_metadata( $post_id, $newmeta );
    190 
    191 case 'editpost':
    192     check_admin_referer('update-post_' . $post_id);
    193 
    194     $post_id = edit_post();
    195 
    196     // Session cookie flag that the post was saved
    197     if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) {
    198         setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, is_ssl() );
    199     }
    200 
    201     redirect_post($post_id); // Send user on their way while we keep working
    202 
    203     exit();
    204 
    205 case 'trash':
    206     check_admin_referer('trash-post_' . $post_id);
    207 
    208     if ( ! $post )
    209         wp_die( __( 'The item you are trying to move to the Trash no longer exists.' ) );
    210 
    211     if ( ! $post_type_object )
    212         wp_die( __( 'Invalid post type.' ) );
    213 
    214     if ( ! current_user_can( 'delete_post', $post_id ) )
    215         wp_die( __( 'Sorry, you are not allowed to move this item to the Trash.' ) );
    216 
    217     if ( $user_id = wp_check_post_lock( $post_id ) ) {
    218         $user = get_userdata( $user_id );
    219         wp_die( sprintf( __( 'You cannot move this item to the Trash. %s is currently editing.' ), $user->display_name ) );
    220     }
    221 
    222     if ( ! wp_trash_post( $post_id ) )
    223         wp_die( __( 'Error in moving to Trash.' ) );
    224 
    225     wp_redirect( add_query_arg( array('trashed' => 1, 'ids' => $post_id), $sendback ) );
    226     exit();
    227 
    228 case 'untrash':
    229     check_admin_referer('untrash-post_' . $post_id);
    230 
    231     if ( ! $post )
    232         wp_die( __( 'The item you are trying to restore from the Trash no longer exists.' ) );
    233 
    234     if ( ! $post_type_object )
    235         wp_die( __( 'Invalid post type.' ) );
    236 
    237     if ( ! current_user_can( 'delete_post', $post_id ) )
    238         wp_die( __( 'Sorry, you are not allowed to restore this item from the Trash.' ) );
    239 
    240     if ( ! wp_untrash_post( $post_id ) )
    241         wp_die( __( 'Error in restoring from Trash.' ) );
    242 
    243     wp_redirect( add_query_arg('untrashed', 1, $sendback) );
    244     exit();
    245 
    246 case 'delete':
    247     check_admin_referer('delete-post_' . $post_id);
    248 
    249     if ( ! $post )
    250         wp_die( __( 'This item has already been deleted.' ) );
    251 
    252     if ( ! $post_type_object )
    253         wp_die( __( 'Invalid post type.' ) );
    254 
    255     if ( ! current_user_can( 'delete_post', $post_id ) )
    256         wp_die( __( 'Sorry, you are not allowed to delete this item.' ) );
    257 
    258     if ( $post->post_type == 'attachment' ) {
    259         $force = ( ! MEDIA_TRASH );
    260         if ( ! wp_delete_attachment( $post_id, $force ) )
    261             wp_die( __( 'Error in deleting.' ) );
    262     } else {
    263         if ( ! wp_delete_post( $post_id, true ) )
    264             wp_die( __( 'Error in deleting.' ) );
    265     }
    266 
    267     wp_redirect( add_query_arg('deleted', 1, $sendback) );
    268     exit();
    269 
    270 case 'preview':
    271     check_admin_referer( 'update-post_' . $post_id );
    272 
    273     $url = post_preview();
    274 
    275     wp_redirect($url);
    276     exit();
    277 
    278 default:
    279     /**
    280     * Fires for a given custom post action request.
    281     *
    282     * The dynamic portion of the hook name, `$action`, refers to the custom post action.
    283     *
    284     * @since 4.6.0
    285     *
    286     * @param int $post_id Post ID sent with the request.
    287     */
    288     do_action( "post_action_{$action}", $post_id );
    289 
    290     wp_redirect( admin_url('edit.php') );
    291     exit();
     188
     189    case 'editattachment':
     190        check_admin_referer( 'update-post_' . $post_id );
     191
     192        // Don't let these be changed
     193        unset( $_POST['guid'] );
     194        $_POST['post_type'] = 'attachment';
     195
     196        // Update the thumbnail filename
     197        $newmeta          = wp_get_attachment_metadata( $post_id, true );
     198        $newmeta['thumb'] = $_POST['thumb'];
     199
     200        wp_update_attachment_metadata( $post_id, $newmeta );
     201
     202    case 'editpost':
     203        check_admin_referer( 'update-post_' . $post_id );
     204
     205        $post_id = edit_post();
     206
     207        // Session cookie flag that the post was saved
     208        if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) {
     209            setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, is_ssl() );
     210        }
     211
     212        redirect_post( $post_id ); // Send user on their way while we keep working
     213
     214        exit();
     215
     216    case 'trash':
     217        check_admin_referer( 'trash-post_' . $post_id );
     218
     219        if ( ! $post ) {
     220            wp_die( __( 'The item you are trying to move to the Trash no longer exists.' ) );
     221        }
     222
     223        if ( ! $post_type_object ) {
     224            wp_die( __( 'Invalid post type.' ) );
     225        }
     226
     227        if ( ! current_user_can( 'delete_post', $post_id ) ) {
     228            wp_die( __( 'Sorry, you are not allowed to move this item to the Trash.' ) );
     229        }
     230
     231        if ( $user_id = wp_check_post_lock( $post_id ) ) {
     232            $user = get_userdata( $user_id );
     233            wp_die( sprintf( __( 'You cannot move this item to the Trash. %s is currently editing.' ), $user->display_name ) );
     234        }
     235
     236        if ( ! wp_trash_post( $post_id ) ) {
     237            wp_die( __( 'Error in moving to Trash.' ) );
     238        }
     239
     240        wp_redirect(
     241            add_query_arg(
     242                array(
     243                    'trashed' => 1,
     244                    'ids'     => $post_id,
     245                ), $sendback
     246            )
     247        );
     248        exit();
     249
     250    case 'untrash':
     251        check_admin_referer( 'untrash-post_' . $post_id );
     252
     253        if ( ! $post ) {
     254            wp_die( __( 'The item you are trying to restore from the Trash no longer exists.' ) );
     255        }
     256
     257        if ( ! $post_type_object ) {
     258            wp_die( __( 'Invalid post type.' ) );
     259        }
     260
     261        if ( ! current_user_can( 'delete_post', $post_id ) ) {
     262            wp_die( __( 'Sorry, you are not allowed to restore this item from the Trash.' ) );
     263        }
     264
     265        if ( ! wp_untrash_post( $post_id ) ) {
     266            wp_die( __( 'Error in restoring from Trash.' ) );
     267        }
     268
     269        wp_redirect( add_query_arg( 'untrashed', 1, $sendback ) );
     270        exit();
     271
     272    case 'delete':
     273        check_admin_referer( 'delete-post_' . $post_id );
     274
     275        if ( ! $post ) {
     276            wp_die( __( 'This item has already been deleted.' ) );
     277        }
     278
     279        if ( ! $post_type_object ) {
     280            wp_die( __( 'Invalid post type.' ) );
     281        }
     282
     283        if ( ! current_user_can( 'delete_post', $post_id ) ) {
     284            wp_die( __( 'Sorry, you are not allowed to delete this item.' ) );
     285        }
     286
     287        if ( $post->post_type == 'attachment' ) {
     288            $force = ( ! MEDIA_TRASH );
     289            if ( ! wp_delete_attachment( $post_id, $force ) ) {
     290                wp_die( __( 'Error in deleting.' ) );
     291            }
     292        } else {
     293            if ( ! wp_delete_post( $post_id, true ) ) {
     294                wp_die( __( 'Error in deleting.' ) );
     295            }
     296        }
     297
     298        wp_redirect( add_query_arg( 'deleted', 1, $sendback ) );
     299        exit();
     300
     301    case 'preview':
     302        check_admin_referer( 'update-post_' . $post_id );
     303
     304        $url = post_preview();
     305
     306        wp_redirect( $url );
     307        exit();
     308
     309    default:
     310        /**
     311        * Fires for a given custom post action request.
     312        *
     313        * The dynamic portion of the hook name, `$action`, refers to the custom post action.
     314        *
     315        * @since 4.6.0
     316        *
     317        * @param int $post_id Post ID sent with the request.
     318        */
     319        do_action( "post_action_{$action}", $post_id );
     320
     321        wp_redirect( admin_url( 'edit.php' ) );
     322        exit();
    292323} // end switch
    293324include( ABSPATH . 'wp-admin/admin-footer.php' );
Note: See TracChangeset for help on using the changeset viewer.