WordPress.org

Make WordPress Core


Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-form-advanced.php

    r3456 r4349  
    1515
    1616<div class="wrap">
    17 <h2 id="write-post"><?php _e('Write Post'); ?><?php if ( 0 != $post_ID ) : ?>
    18  <small class="quickjump"><a href="#preview-post"><?php _e('preview &darr;'); ?></a></small><?php endif; ?></h2>
    1917<?php
    2018
     
    2220    $form_action = 'post';
    2321    $temp_ID = -1 * time();
    24     $form_extra = "<input type='hidden' name='temp_ID' value='$temp_ID' />";
     22    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
     23    wp_nonce_field('add-post');
    2524} else {
    2625    $form_action = 'editpost';
    27     $form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
     26    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
     27    wp_nonce_field('update-post_' .  $post_ID);
    2828}
    2929
     
    3838    $already_pinged = explode("\n", trim($post->pinged));
    3939    foreach ($already_pinged as $pinged_url) {
    40         $pings .= "\n\t<li>$pinged_url</li>";
     40        $pings .= "\n\t<li>" . wp_specialchars($pinged_url) . "</li>";
    4141    }
    4242    $pings .= '</ul>';
     
    5050
    5151<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
    52 <input type="hidden" name="action" value="<?php echo $form_action ?>" />
     52<input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" />
     53<input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
    5354<input type="hidden" name="post_author" value="<?php echo $post->post_author ?>" />
     55<input type="hidden" id="post_type" name="post_type" value="post" />
    5456
    5557<?php echo $form_extra ?>
     
    6769<div id="moremeta">
    6870<div id="grabit" class="dbx-group">
     71
     72<fieldset id="categorydiv" class="dbx-box">
     73<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
     74<div class="dbx-content">
     75<p id="jaxcat"></p>
     76<ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div>
     77</fieldset>
    6978
    7079<fieldset id="commentstatusdiv" class="dbx-box">
     
    8089
    8190<fieldset id="passworddiv" class="dbx-box">
    82 <h3 class="dbx-handle"><?php _e('Password-Protect Post') ?></h3>
     91<h3 class="dbx-handle"><?php _e('Post Password') ?></h3>
    8392<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password ?>" /></div>
    8493</fieldset>
    8594
    8695<fieldset id="slugdiv" class="dbx-box">
    87 <h3 class="dbx-handle"><?php _e('Post slug') ?></h3>
     96<h3 class="dbx-handle"><?php _e('Post Slug') ?></h3>
    8897<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name ?>" /></div>
    8998</fieldset>
    9099
    91 <fieldset id="categorydiv" class="dbx-box">
    92 <h3 class="dbx-handle"><?php _e('Categories') ?></h3>
    93 <div class="dbx-content">
    94 <p id="jaxcat"></p>
    95 <div id="categorychecklist"><?php dropdown_categories(get_settings('default_category')); ?></div></div>
    96 </fieldset>
    97 
    98 <fieldset class="dbx-box">
     100<fieldset id="poststatusdiv" class="dbx-box">
    99101<h3 class="dbx-handle"><?php _e('Post Status') ?></h3>
    100102<div class="dbx-content"><?php if ( current_user_can('publish_posts') ) : ?>
    101 <label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); ?> /> <?php _e('Published') ?></label>
     103<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); checked($post->post_status, 'future'); ?> /> <?php _e('Published') ?></label>
    102104<?php endif; ?>
    103105      <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post->post_status, 'draft'); ?> /> <?php _e('Draft') ?></label>
     
    106108
    107109<?php if ( current_user_can('edit_posts') ) : ?>
    108 <fieldset class="dbx-box">
     110<fieldset id="posttimestampdiv" class="dbx-box">
    109111<h3 class="dbx-handle"><?php _e('Post Timestamp'); ?>:</h3>
    110112<div class="dbx-content"><?php touch_time(($action == 'edit')); ?></div>
     
    112114<?php endif; ?>
    113115
    114 <?php if ( $authors = get_editable_authors( $current_user->id ) ) : // TODO: ROLE SYSTEM ?>
     116<?php
     117$authors = get_editable_authors( $current_user->id ); // TODO: ROLE SYSTEM
     118if ( $authors && count( $authors ) > 1 ) :
     119?>
    115120<fieldset id="authordiv" class="dbx-box">
    116 <h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3>
     121<h3 class="dbx-handle"><?php _e('Post Author'); ?>:</h3>
    117122<div class="dbx-content">
    118123<select name="post_author_override" id="post_author_override">
     
    143148<legend><?php _e('Post') ?></legend>
    144149
    145 <?php
    146  $rows = get_settings('default_post_edit_rows');
    147  if (($rows < 3) || ($rows > 100)) {
    148      $rows = 12;
    149  }
    150 ?>
    151 <?php the_quicktags(); ?>
    152 
    153 <div><textarea <?php if ( user_can_richedit() ) echo 'title="true" '; ?>rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="2" id="content"><?php echo user_can_richedit() ? wp_richedit_pre($post->post_content) : $post->post_content; ?></textarea></div>
    154 </fieldset>
    155 
    156 <script type="text/javascript">
    157 <!--
    158 edCanvas = document.getElementById('content');
    159 <?php if ( user_can_richedit() ) : ?>
    160 // This code is meant to allow tabbing from Title to Post (TinyMCE).
    161 if ( tinyMCE.isMSIE )
    162     document.getElementById('title').onkeydown = function (e)
    163         {
    164             e = e ? e : window.event;
    165             if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
    166                 var i = tinyMCE.selectedInstance;
    167                 if(typeof i ==  'undefined')
    168                     return true;
    169                                 tinyMCE.execCommand("mceStartTyping");
    170                 this.blur();
    171                 i.contentWindow.focus();
    172                 e.returnValue = false;
    173                 return false;
    174             }
    175         }
    176 else
    177     document.getElementById('title').onkeypress = function (e)
    178         {
    179             e = e ? e : window.event;
    180             if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
    181                 var i = tinyMCE.selectedInstance;
    182                 if(typeof i ==  'undefined')
    183                     return true;
    184                                 tinyMCE.execCommand("mceStartTyping");
    185                 this.blur();
    186                 i.contentWindow.focus();
    187                 e.returnValue = false;
    188                 return false;
    189             }
    190         }
    191 <?php endif; ?>
    192 //-->
    193 </script>
     150    <?php the_editor($post->post_content); ?>
     151</fieldset>
    194152
    195153<?php echo $form_pingback ?>
     
    197155
    198156
    199 <p class="submit"><?php echo $saveasdraft; ?> <input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" />
     157<p class="submit">
     158<span id="autosave"></span>
     159<?php echo $saveasdraft; ?>
     160<input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" />
    200161<?php
    201162if ('publish' != $post->post_status || 0 == $post_ID) {
     
    210171if ( !empty($_REQUEST['popupurl']) )
    211172    echo wp_specialchars($_REQUEST['popupurl']);
    212 else if ( url_to_postid($_SERVER['HTTP_REFERER']) == $post_ID )
     173else if ( url_to_postid(wp_get_referer()) == $post_ID )
    213174    echo 'redo';
    214175else
    215     echo wp_specialchars($_SERVER['HTTP_REFERER']);
     176    echo wp_specialchars(wp_get_referer());
    216177?>" /></p>
    217178
     
    221182if (current_user_can('upload_files')) {
    222183    $uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
    223     $uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
     184    $uploading_iframe_src = wp_nonce_url("upload.php?style=inline&amp;tab=upload&amp;post_id=$uploading_iframe_ID", 'inlineuploading');
    224185    $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
    225186    if ( false != $uploading_iframe_src )
    226         echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
     187        echo '<iframe id="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
    227188}
    228189?>
     
    230191<div id="advancedstuff" class="dbx-group" >
    231192
     193<div class="dbx-box-wrapper">
    232194<fieldset id="postexcerpt" class="dbx-box">
     195<div class="dbx-handle-wrapper">
    233196<h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3>
     197</div>
     198<div class="dbx-content-wrapper">
    234199<div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div>
    235 </fieldset>
    236 
    237 <fieldset class="dbx-box">
     200</div>
     201</fieldset>
     202</div>
     203
     204<div class="dbx-box-wrapper">
     205<fieldset id="trackbacksdiv" class="dbx-box">
     206<div class="dbx-handle-wrapper">
    238207<h3 class="dbx-handle"><?php _e('Trackbacks') ?></h3>
     208</div>
     209<div class="dbx-content-wrapper">
    239210<div class="dbx-content"><?php _e('Send trackbacks to'); ?>: <?php echo $form_trackback; ?> (<?php _e('Separate multiple URIs with spaces'); ?>)
    240211<?php
     
    243214?>
    244215</div>
    245 </fieldset>
    246 
     216</div>
     217</fieldset>
     218</div>
     219
     220<div class="dbx-box-wrapper">
    247221<fieldset id="postcustom" class="dbx-box">
     222<div class="dbx-handle-wrapper">
    248223<h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
     224</div>
     225<div class="dbx-content-wrapper">
    249226<div id="postcustomstuff" class="dbx-content">
    250 <?php
    251 if($metadata = has_meta($post_ID)) {
    252 ?>
    253 <?php
    254     list_meta($metadata);
    255 ?>
    256 <?php
    257 }
     227<table cellpadding="3">
     228<?php
     229$metadata = has_meta($post_ID);
     230list_meta($metadata);
     231?>
     232
     233</table>
     234<?php
    258235    meta_form();
    259236?>
    260 </div>
    261 </fieldset>
     237<div id="ajax-response"></div>
     238</div>
     239</div>
     240</fieldset>
     241</div>
    262242
    263243<?php do_action('dbx_post_advanced'); ?>
     
    265245</div>
    266246
    267 <?php if ('edit' == $action) : ?>
    268 <input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($post->post_title) ) . "')\""; ?> />
     247<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?>
     248<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
    269249<?php endif; ?>
    270250
Note: See TracChangeset for help on using the changeset viewer.