WordPress.org

Make WordPress Core


Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-functions.php

    r3501 r4418  
    11<?php
    22
     3function write_post() {
     4    $result = wp_write_post();
     5    if( is_wp_error($result) )
     6        wp_die( $result->get_error_message() );
     7    else
     8        return $result;
     9}
     10
    311// Creates a new post from the "Write Post" form using $_POST information.
    4 function write_post() {
     12function wp_write_post() {
    513    global $user_ID;
    614
    7     if (!current_user_can('edit_posts'))
    8         die(__('You are not allowed to create posts or drafts on this blog.'));
     15    if ( 'page' == $_POST['post_type'] ) {
     16        if ( !current_user_can('edit_pages') )
     17            return new WP_Error('edit_pages', __('You are not allowed to create pages on this blog.'));
     18    } else {
     19        if ( !current_user_can('edit_posts') )
     20            return new WP_Error('edit_posts', __('You are not allowed to create posts or drafts on this blog.'));
     21    }
    922
    1023    // Rename.
     
    1629    if (!empty ($_POST['post_author_override'])) {
    1730        $_POST['post_author'] = (int) $_POST['post_author_override'];
    18     } else
     31    } else {
    1932        if (!empty ($_POST['post_author'])) {
    2033            $_POST['post_author'] = (int) $_POST['post_author'];
     
    2336        }
    2437
    25     if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
    26         die(__('You cannot post as this user.'));
     38    }
     39
     40    if ($_POST['post_author'] != $_POST['user_ID']) {
     41        if ( 'page' == $_POST['post_type'] ) {
     42            if ( !current_user_can('edit_others_pages') )
     43                return new WP_Error('edit_others_pages', __('You cannot create pages as this user.'));
     44        } else {
     45            if ( !current_user_can('edit_others_posts') )
     46                return new WP_Error('edit_others_posts', __('You cannot post as this user.'));
     47
     48        }
     49    }
    2750
    2851    // What to do based on which button they pressed
     
    3558    if ('' != $_POST['advanced'])
    3659        $_POST['post_status'] = 'draft';
    37     if ('' != $_POST['savepage'])
    38         $_POST['post_status'] = 'static';
    39 
    40     if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
     60
     61    if ( 'page' == $_POST['post_type'] ) {
     62        if ('publish' == $_POST['post_status'] && !current_user_can('publish_pages'))
     63            $_POST['post_status'] = 'draft';
     64    } else {
     65        if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
     66            $_POST['post_status'] = 'draft';
     67    }
     68
     69    if (!isset ($_POST['comment_status']))
     70        $_POST['comment_status'] = 'closed';
     71
     72    if (!isset ($_POST['ping_status']))
     73        $_POST['ping_status'] = 'closed';
     74
     75    if (!empty ($_POST['edit_date'])) {
     76        $aa = $_POST['aa'];
     77        $mm = $_POST['mm'];
     78        $jj = $_POST['jj'];
     79        $hh = $_POST['hh'];
     80        $mn = $_POST['mn'];
     81        $ss = $_POST['ss'];
     82        $jj = ($jj > 31) ? 31 : $jj;
     83        $hh = ($hh > 23) ? $hh -24 : $hh;
     84        $mn = ($mn > 59) ? $mn -60 : $mn;
     85        $ss = ($ss > 59) ? $ss -60 : $ss;
     86        $_POST['post_date'] = sprintf("%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss);
     87        $_POST['post_date_gmt'] = get_gmt_from_date($_POST['post_date']);
     88    }
     89
     90    // Create the post.
     91    $post_ID = wp_insert_post($_POST);
     92    add_meta($post_ID);
     93
     94    // Reunite any orphaned attachments with their parent
     95    if ( $_POST['temp_ID'] )
     96        relocate_children($_POST['temp_ID'], $post_ID);
     97
     98    // Now that we have an ID we can fix any attachment anchor hrefs
     99    fix_attachment_links($post_ID);
     100
     101    return $post_ID;
     102}
     103
     104// Move child posts to a new parent
     105function relocate_children($old_ID, $new_ID) {
     106    global $wpdb;
     107    $old_ID = (int) $old_ID;
     108    $new_ID = (int) $new_ID;
     109    return $wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
     110}
     111
     112// Replace hrefs of attachment anchors with up-to-date permalinks.
     113function fix_attachment_links($post_ID) {
     114    global $wp_rewrite;
     115
     116    $post = & get_post($post_ID, ARRAY_A);
     117
     118    $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
     119
     120    // See if we have any rel="attachment" links
     121    if ( 0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER) )
     122        return;
     123
     124    $i = 0;
     125    $search = "#[\s]+rel=(\"|')(.*?)wp-att-(\d+)\\1#i";
     126    foreach ( $anchor_matches[0] as $anchor ) {
     127        if ( 0 == preg_match($search, $anchor, $id_matches) )
     128            continue;
     129
     130        $id = $id_matches[3];
     131
     132        // While we have the attachment ID, let's adopt any orphans.
     133        $attachment = & get_post($id, ARRAY_A);
     134        if ( ! empty($attachment) && ! is_object(get_post($attachment['post_parent'])) ) {
     135            $attachment['post_parent'] = $post_ID;
     136            // Escape data pulled from DB.
     137            $attachment = add_magic_quotes($attachment);
     138            wp_update_post($attachment);
     139        }
     140
     141        $post_search[$i] = $anchor;
     142        $post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link($id).stripslashes('\\1')", $anchor);
     143        ++$i;
     144    }
     145
     146    $post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
     147
     148    // Escape data pulled from DB.
     149    $post = add_magic_quotes($post);
     150
     151    return wp_update_post($post);
     152}
     153
     154// Update an existing post with values provided in $_POST.
     155function edit_post() {
     156    global $user_ID;
     157
     158    $post_ID = (int) $_POST['post_ID'];
     159
     160    if ( 'page' == $_POST['post_type'] ) {
     161        if ( !current_user_can('edit_page', $post_ID) )
     162            wp_die(__('You are not allowed to edit this page.'));
     163    } else {
     164        if ( !current_user_can('edit_post', $post_ID) )
     165            wp_die(__('You are not allowed to edit this post.'));
     166    }
     167
     168    // Rename.
     169    $_POST['ID'] = (int) $_POST['post_ID'];
     170    $_POST['post_content'] = $_POST['content'];
     171    $_POST['post_excerpt'] = $_POST['excerpt'];
     172    $_POST['post_parent'] = $_POST['parent_id'];
     173    $_POST['to_ping'] = $_POST['trackback_url'];
     174
     175    if (!empty ($_POST['post_author_override'])) {
     176        $_POST['post_author'] = (int) $_POST['post_author_override'];
     177    } else
     178        if (!empty ($_POST['post_author'])) {
     179            $_POST['post_author'] = (int) $_POST['post_author'];
     180        } else {
     181            $_POST['post_author'] = (int) $_POST['user_ID'];
     182        }
     183
     184    if ($_POST['post_author'] != $_POST['user_ID']) {
     185        if ( 'page' == $_POST['post_type'] ) {
     186            if ( !current_user_can('edit_others_pages') )
     187                wp_die(__('You cannot edit pages as this user.'));
     188        } else {
     189            if ( !current_user_can('edit_others_posts') )
     190                wp_die(__('You cannot edit posts as this user.'));
     191
     192        }
     193    }
     194
     195    // What to do based on which button they pressed
     196    if ('' != $_POST['saveasdraft'])
    41197        $_POST['post_status'] = 'draft';
    42 
    43     if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
    44         die(__('This user cannot edit pages.'));
     198    if ('' != $_POST['saveasprivate'])
     199        $_POST['post_status'] = 'private';
     200    if ('' != $_POST['publish'])
     201        $_POST['post_status'] = 'publish';
     202    if ('' != $_POST['advanced'])
     203        $_POST['post_status'] = 'draft';
     204
     205    if ( 'page' == $_POST['post_type'] ) {
     206        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_pages'))
     207            $_POST['post_status'] = 'draft';
     208    } else {
     209        if ('publish' == $_POST['post_status'] && !current_user_can('edit_published_posts'))
     210            $_POST['post_status'] = 'draft';
     211    }
     212
     213    if (!isset ($_POST['comment_status']))
     214        $_POST['comment_status'] = 'closed';
     215
     216    if (!isset ($_POST['ping_status']))
     217        $_POST['ping_status'] = 'closed';
    45218
    46219    if (!empty ($_POST['edit_date'])) {
     
    59232    }
    60233
    61     // Create the post.
    62     $post_ID = wp_insert_post($_POST);
    63     add_meta($post_ID);
    64 
    65     // Reunite any orphaned attachments with their parent
    66     if ( $_POST['temp_ID'] )
    67         relocate_children($_POST['temp_ID'], $post_ID);
    68 
    69     // Now that we have an ID we can fix any attachment anchor hrefs
    70     fix_attachment_links($post_ID);
    71 
    72     return $post_ID;
    73 }
    74 
    75 // Move child posts to a new parent
    76 function relocate_children($old_ID, $new_ID) {
    77     global $wpdb;
    78     $old_ID = (int) $old_ID;
    79     $new_ID = (int) $new_ID;
    80     return $wpdb->query("UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID");
    81 }
    82 
    83 // Replace hrefs of attachment anchors with up-to-date permalinks.
    84 function fix_attachment_links($post_ID) {
    85     global $wp_rewrite;
    86 
    87     $post = & get_post($post_ID);
    88 
    89     $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
    90 
    91     // See if we have any rel="attachment" links
    92     if ( 0 == preg_match_all($search, $post->post_content, $anchor_matches, PREG_PATTERN_ORDER) )
    93         return;
    94 
    95     $i = 0;
    96     $search = "# id=(\"|')p(\d+)\\1#i";
    97     foreach ( $anchor_matches[0] as $anchor ) {
    98         if ( 0 == preg_match($search, $anchor, $id_matches) )
    99             continue;
    100 
    101         $id = $id_matches[2];
    102 
    103         // While we have the attachment ID, let's adopt any orphans.
    104         $attachment = & get_post($id);
    105         if ( ! is_object(get_post($attachment->post_parent)) ) {
    106             $attachment->post_parent = $post_ID;
    107             wp_update_post($attachment);
    108         }
    109 
    110         $post_search[$i] = $anchor;
    111         $post_replace[$i] = preg_replace("#href=(\"|')[^'\"]*\\1#e", "stripslashes('href=\\1').get_attachment_link($id).stripslashes('\\1')", $anchor);
    112         ++$i;
    113     }
    114 
    115     $post->post_content = str_replace($post_search, $post_replace, $post->post_content);
    116 
    117     return wp_update_post($post);
    118 }
    119 
    120 // Update an existing post with values provided in $_POST.
    121 function edit_post() {
    122     global $user_ID;
    123 
    124     $post_ID = (int) $_POST['post_ID'];
    125 
    126     if (!current_user_can('edit_post', $post_ID))
    127         die(__('You are not allowed to edit this post.'));
    128 
    129     // Rename.
    130     $_POST['ID'] = (int) $_POST['post_ID'];
    131     $_POST['post_content'] = $_POST['content'];
    132     $_POST['post_excerpt'] = $_POST['excerpt'];
    133     $_POST['post_parent'] = $_POST['parent_id'];
    134     $_POST['to_ping'] = $_POST['trackback_url'];
    135 
    136     if (!empty ($_POST['post_author_override'])) {
    137         $_POST['post_author'] = (int) $_POST['post_author_override'];
    138     } else
    139         if (!empty ($_POST['post_author'])) {
    140             $_POST['post_author'] = (int) $_POST['post_author'];
    141         } else {
    142             $_POST['post_author'] = (int) $_POST['user_ID'];
    143         }
    144 
    145     if (($_POST['post_author'] != $_POST['user_ID']) && !current_user_can('edit_others_posts'))
    146         die(__('You cannot post as this user.'));
    147 
    148     // What to do based on which button they pressed
    149     if ('' != $_POST['saveasdraft'])
    150         $_POST['post_status'] = 'draft';
    151     if ('' != $_POST['saveasprivate'])
    152         $_POST['post_status'] = 'private';
    153     if ('' != $_POST['publish'])
    154         $_POST['post_status'] = 'publish';
    155     if ('' != $_POST['advanced'])
    156         $_POST['post_status'] = 'draft';
    157     if ('' != $_POST['savepage'])
    158         $_POST['post_status'] = 'static';
    159 
    160     if ('publish' == $_POST['post_status'] && !current_user_can('publish_posts'))
    161         $_POST['post_status'] = 'draft';
    162 
    163     if ('static' == $_POST['post_status'] && !current_user_can('edit_pages'))
    164         die(__('This user cannot edit pages.'));
    165 
    166     if (!isset ($_POST['comment_status']))
    167         $_POST['comment_status'] = 'closed';
    168 
    169     if (!isset ($_POST['ping_status']))
    170         $_POST['ping_status'] = 'closed';
    171 
    172     if (!empty ($_POST['edit_date'])) {
    173         $aa = $_POST['aa'];
    174         $mm = $_POST['mm'];
    175         $jj = $_POST['jj'];
    176         $hh = $_POST['hh'];
    177         $mn = $_POST['mn'];
    178         $ss = $_POST['ss'];
    179         $jj = ($jj > 31) ? 31 : $jj;
    180         $hh = ($hh > 23) ? $hh -24 : $hh;
    181         $mn = ($mn > 59) ? $mn -60 : $mn;
    182         $ss = ($ss > 59) ? $ss -60 : $ss;
    183         $_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
    184         $_POST['post_date_gmt'] = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
    185     }
    186 
    187234    // Meta Stuff
    188235    if ($_POST['meta']) {
     
    190237            update_meta($key, $value['key'], $value['value']);
    191238    }
    192    
     239
    193240    if ($_POST['deletemeta']) {
    194241        foreach ($_POST['deletemeta'] as $key => $value)
     
    213260
    214261    if (!current_user_can('edit_post', $comment_post_ID))
    215         die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
     262        wp_die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.'));
    216263
    217264    $_POST['comment_author'] = $_POST['newcomment_author'];
     
    241288// Get an existing post and format it for editing.
    242289function get_post_to_edit($id) {
    243     global $richedit;
    244     $richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
    245290
    246291    $post = get_post($id);
    247292
    248     $post->post_content = format_to_edit($post->post_content, $richedit);
     293    $post->post_content = format_to_edit($post->post_content, user_can_richedit());
    249294    $post->post_content = apply_filters('content_edit_pre', $post->post_content);
    250295
     
    255300    $post->post_title = apply_filters('title_edit_pre', $post->post_title);
    256301
    257     if ($post->post_status == 'static')
     302    $post->post_password = format_to_edit($post->post_password);
     303
     304    if ($post->post_type == 'page')
    258305        $post->page_template = get_post_meta($id, '_wp_page_template', true);
    259306
     
    287334
    288335    $post->post_status = 'draft';
    289     $post->comment_status = get_settings('default_comment_status');
    290     $post->ping_status = get_settings('default_ping_status');
    291     $post->post_pingback = get_settings('default_pingback_flag');
    292     $post->post_category = get_settings('default_category');
     336    $post->comment_status = get_option('default_comment_status');
     337    $post->ping_status = get_option('default_ping_status');
     338    $post->post_pingback = get_option('default_pingback_flag');
     339    $post->post_category = get_option('default_category');
    293340    $post->post_content = apply_filters('default_content', $post_content);
    294341    $post->post_title = apply_filters('default_title', $post_title);
     
    302349
    303350function get_comment_to_edit($id) {
    304     global $richedit;
    305     $richedit = ( 'true' == get_user_option('rich_editing') ) ? true : false;
    306 
    307351    $comment = get_comment($id);
    308352
    309     $comment->comment_content = format_to_edit($comment->comment_content, $richedit);
     353    $comment->comment_content = format_to_edit($comment->comment_content, user_can_richedit());
    310354    $comment->comment_content = apply_filters('comment_edit_pre', $comment->comment_content);
    311355
     
    323367}
    324368
     369function wp_dropdown_roles( $default = false ) {
     370    global $wp_roles;
     371    $r = '';
     372    foreach($wp_roles->role_names as $role => $name)
     373        if ( $default == $role ) // Make default first in list
     374            $p = "\n\t<option selected='selected' value='$role'>$name</option>";
     375        else
     376            $r .= "\n\t<option value='$role'>$name</option>";
     377    echo $p . $r;
     378}
     379
     380
     381function get_user_to_edit($user_id) {
     382    $user = new WP_User($user_id);
     383    $user->user_login = wp_specialchars($user->user_login, 1);
     384    $user->user_email = wp_specialchars($user->user_email, 1);
     385    $user->user_url = wp_specialchars($user->user_url, 1);
     386    $user->first_name = wp_specialchars($user->first_name, 1);
     387    $user->last_name = wp_specialchars($user->last_name, 1);
     388    $user->display_name = wp_specialchars($user->display_name, 1);
     389    $user->nickname = wp_specialchars($user->nickname, 1);
     390    $user->aim = wp_specialchars($user->aim, 1);
     391    $user->yim = wp_specialchars($user->yim, 1);
     392    $user->jabber = wp_specialchars($user->jabber, 1);
     393    $user->description = wp_specialchars($user->description);
     394
     395    return $user;
     396}
     397
    325398// Creates a new user from the "Users" form using $_POST information.
    326399
    327400function add_user() {
    328     return edit_user();
     401    if ( func_num_args() ) { // The hackiest hack that ever did hack
     402        global $current_user, $wp_roles;
     403        $user_id = func_get_arg(0);
     404
     405        if (isset ($_POST['role'])) {
     406            if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users')) {
     407                $user = new WP_User($user_id);
     408                $user->set_role($_POST['role']);
     409            }
     410        }
     411    } else {
     412        add_action('user_register', 'add_user'); // See above
     413        return edit_user();
     414    }
    329415}
    330416
    331417function edit_user($user_id = 0) {
    332418    global $current_user, $wp_roles, $wpdb;
    333 
    334419    if ($user_id != 0) {
    335420        $update = true;
     
    351436        $pass2 = $_POST['pass2'];
    352437
    353     if (isset ($_POST['role'])) {
     438    if (isset ($_POST['role']) && current_user_can('edit_users')) {
    354439        if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
    355440            $user->role = $_POST['role'];
     
    371456        $user->display_name = wp_specialchars(trim($_POST['display_name']));
    372457    if (isset ($_POST['description']))
    373         $user->description = wp_specialchars(trim($_POST['description']));
     458        $user->description = trim($_POST['description']);
    374459    if (isset ($_POST['jabber']))
    375460        $user->jabber = wp_specialchars(trim($_POST['jabber']));
     
    379464        $user->yim = wp_specialchars(trim($_POST['yim']));
    380465
    381     $errors = array ();
     466    $errors = new WP_Error();
    382467
    383468    /* checking that username has been typed */
    384469    if ($user->user_login == '')
    385         $errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.');
     470        $errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.'));
    386471
    387472    /* checking the password has been typed twice */
    388     do_action('check_passwords', array ($user->user_login, & $pass1, & $pass2));
     473    do_action_ref_array('check_passwords', array ($user->user_login, & $pass1, & $pass2));
    389474
    390475    if (!$update) {
    391476        if ($pass1 == '' || $pass2 == '')
    392             $errors['pass'] = __('<strong>ERROR</strong>: Please enter your password twice.');
     477            $errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.'));
    393478    } else {
    394479        if ((empty ($pass1) && !empty ($pass2)) || (empty ($pass2) && !empty ($pass1)))
    395             $errors['pass'] = __("<strong>ERROR</strong>: you typed your new password only once.");
     480            $errors->add('pass', __("<strong>ERROR</strong>: you typed your new password only once."));
    396481    }
    397482
    398483    /* Check for "\" in password */
    399484    if( strpos( " ".$pass1, "\\" ) )
    400         $errors['pass'] = __('<strong>ERROR</strong>: Passwords may not contain the character "\\".');
     485        $errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".'));
    401486
    402487    /* checking the password has been typed twice the same */
    403488    if ($pass1 != $pass2)
    404         $errors['pass'] = __('<strong>ERROR</strong>: Please type the same password in the two password fields.');
     489        $errors->add('pass', __('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
    405490
    406491    if (!empty ($pass1))
     
    408493
    409494    if ( !validate_username($user->user_login) )
    410         $errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.');
     495        $errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.'));
    411496
    412497    if (!$update && username_exists($user->user_login))
    413         $errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.');
     498        $errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
    414499
    415500    /* checking e-mail address */
    416501    if (empty ($user->user_email)) {
    417         $errors['user_email'] = __("<strong>ERROR</strong>: please type an e-mail address");
     502        $errors->add('user_email', __("<strong>ERROR</strong>: please type an e-mail address"));
    418503    } else
    419504        if (!is_email($user->user_email)) {
    420             $errors['user_email'] = __("<strong>ERROR</strong>: the email address isn't correct");
    421         }
    422 
    423     if (count($errors) != 0)
     505            $errors->add('user_email', __("<strong>ERROR</strong>: the email address isn't correct"));
     506        }
     507
     508    if ( $errors->get_error_codes() )
    424509        return $errors;
    425510
     
    430515        wp_new_user_notification($user_id);
    431516    }
    432 
    433     return $errors;
     517    return $user_id;
    434518}
    435519
     
    437521function get_link_to_edit($link_id) {
    438522    $link = get_link($link_id);
    439    
     523
    440524    $link->link_url = wp_specialchars($link->link_url, 1);
    441525    $link->link_name = wp_specialchars($link->link_name, 1);
    442     $link->link_description = wp_specialchars($link->link_description);
     526    $link->link_image = wp_specialchars($link->link_image, 1);
     527    $link->link_description = wp_specialchars($link->link_description, 1);
    443528    $link->link_notes = wp_specialchars($link->link_notes);
    444     $link->link_rss = wp_specialchars($link->link_rss);
    445    
     529    $link->link_rss = wp_specialchars($link->link_rss, 1);
     530    $link->link_rel = wp_specialchars($link->link_rel, 1);
     531    $link->post_category = $link->link_category;
     532
    446533    return $link;
    447534}
     
    452539    else
    453540        $link->link_url = '';
    454    
     541
    455542    if ( isset($_GET['name']) )
    456543        $link->link_name = wp_specialchars($_GET['name'], 1);
    457544    else
    458545        $link->link_name = '';
    459        
     546
     547    $link->link_visible = 'Y';
     548
    460549    return $link;
    461550}
    462551
    463552function add_link() {
    464     return edit_link(); 
     553    return edit_link();
    465554}
    466555
    467556function edit_link($link_id = '') {
    468557    if (!current_user_can('manage_links'))
    469         die(__("Cheatin' uh ?"));
     558        wp_die(__("Cheatin' uh ?"));
    470559
    471560    $_POST['link_url'] = wp_specialchars($_POST['link_url']);
     
    474563    $_POST['link_image'] = wp_specialchars($_POST['link_image']);
    475564    $_POST['link_rss'] = wp_specialchars($_POST['link_rss']);
    476     $auto_toggle = get_autotoggle($_POST['link_category']);
    477    
    478     // if we are in an auto toggle category and this one is visible then we
    479     // need to make the others invisible before we add this new one.
    480     // FIXME Add category toggle func.
    481     //if (($auto_toggle == 'Y') && ($link_visible == 'Y')) {
    482     //  $wpdb->query("UPDATE $wpdb->links set link_visible = 'N' WHERE link_category = $link_category");
    483     //}
     565    $_POST['link_category'] = $_POST['post_category'];
    484566
    485567    if ( !empty($link_id) ) {
     
    513595function return_categories_list($parent = 0) {
    514596    global $wpdb;
    515     return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC LIMIT 100");
     597    return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC");
    516598}
    517599
     
    521603
    522604function get_nested_categories($default = 0, $parent = 0) {
    523     global $post_ID, $mode, $wpdb;
     605    global $post_ID, $link_id, $mode, $wpdb;
    524606
    525607    if ($post_ID) {
     
    534616            $checked_categories[] = $default;
    535617        }
    536 
     618    } else if ($link_id) {
     619        $checked_categories = $wpdb->get_col("
     620             SELECT category_id
     621             FROM $wpdb->categories, $wpdb->link2cat
     622             WHERE $wpdb->link2cat.category_id = cat_ID AND $wpdb->link2cat.link_id = '$link_id'
     623             ");
     624
     625        if (count($checked_categories) == 0) {
     626            // No selected categories, strange
     627            $checked_categories[] = $default;
     628        }   
    537629    } else {
    538630        $checked_categories[] = $default;
     
    550642        }
    551643    }
    552    
     644
    553645    usort($result, 'sort_cats');
    554646
     
    558650function write_nested_categories($categories) {
    559651    foreach ($categories as $category) {
    560         echo '<label for="category-', $category['cat_ID'], '" class="selectit"><input value="', $category['cat_ID'], '" type="checkbox" name="post_category[]" id="category-', $category['cat_ID'], '"', ($category['checked'] ? ' checked="checked"' : ""), '/> ', wp_specialchars($category['cat_name']), "</label>\n";
    561 
    562         if (isset ($category['children'])) {
    563             echo "\n<span class='cat-nest'>\n";
     652        echo '<li id="category-', $category['cat_ID'], '"><label for="in-category-', $category['cat_ID'], '" class="selectit"><input value="', $category['cat_ID'], '" type="checkbox" name="post_category[]" id="in-category-', $category['cat_ID'], '"', ($category['checked'] ? ' checked="checked"' : ""), '/> ', wp_specialchars($category['cat_name']), "</label></li>\n";
     653
     654        if ( $category['children'] ) {
     655            echo "<ul>\n";
    564656            write_nested_categories($category['children']);
    565             echo "</span>\n";
     657            echo "</ul>\n";
    566658        }
    567659    }
     
    572664}
    573665
     666function return_link_categories_list($parent = 0) {
     667    global $wpdb;
     668    return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY link_count DESC");
     669}
     670
     671function get_nested_link_categories( $default = 0, $parent = 0 ) {
     672    global $post_ID, $link_id, $mode, $wpdb;
     673
     674    if ($link_id) {
     675        $checked_categories = $wpdb->get_col("
     676             SELECT category_id
     677             FROM $wpdb->categories, $wpdb->link2cat
     678             WHERE $wpdb->link2cat.category_id = cat_ID AND $wpdb->link2cat.link_id = '$link_id'
     679             ");
     680
     681        if (count($checked_categories) == 0) {
     682            // No selected categories, strange
     683            $checked_categories[] = $default;
     684        }   
     685    } else {
     686        $checked_categories[] = $default;
     687    }
     688
     689    $cats = return_link_categories_list($parent);
     690    $result = array ();
     691
     692    if (is_array($cats)) {
     693        foreach ($cats as $cat) {
     694            $result[$cat]['children'] = get_nested_link_categories($default, $cat);
     695            $result[$cat]['cat_ID'] = $cat;
     696            $result[$cat]['checked'] = in_array($cat, $checked_categories);
     697            $result[$cat]['cat_name'] = get_the_category_by_ID($cat);
     698        }
     699    }
     700
     701    usort($result, 'sort_cats');
     702
     703    return $result;
     704}
     705
     706function dropdown_link_categories($default = 0) {
     707    write_nested_categories(get_nested_link_categories($default));
     708}
     709
    574710// Dandy new recursive multiple category stuff.
    575711function cat_rows($parent = 0, $level = 0, $categories = 0) {
    576     global $wpdb, $class;
    577 
    578712    if (!$categories)
    579         $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
     713        $categories = get_categories('hide_empty=0');
    580714
    581715    if ($categories) {
    582716        foreach ($categories as $category) {
    583717            if ($category->category_parent == $parent) {
    584                 $category->cat_name = wp_specialchars($category->cat_name);
    585                 $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
    586                 $pad = str_repeat('&#8212; ', $level);
    587                 if ( current_user_can('manage_categories') ) {
    588                     $edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->cat_ID' class='edit'>".__('Edit')."</a></td>";
    589                     $default_cat_id = get_option('default_category');
    590                    
    591                     if ($category->cat_ID != $default_cat_id)
    592                         $edit .= "<td><a href='categories.php?action=delete&amp;cat_ID=$category->cat_ID' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '".sprintf(__("You are about to delete the category &quot;%s&quot;.  All of its posts will go to the default category.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."</a>";
    593                     else
    594                         $edit .= "<td style='text-align:center'>".__("Default");
    595                 }
    596                 else
    597                     $edit = '';
    598 
    599                 $class = ('alternate' == $class) ? '' : 'alternate';
    600                 echo "<tr id='cat-$category->cat_ID' class='$class'><th scope='row'>$category->cat_ID</th><td>$pad $category->cat_name</td>
    601                                 <td>$category->category_description</td>
    602                                 <td>$count</td>
    603                                 <td>$edit</td>
    604                                 </tr>";
     718                echo "\t" . _cat_row( $category, $level );
    605719                cat_rows($category->cat_ID, $level +1, $categories);
    606720            }
     
    611725}
    612726
    613 function page_rows($parent = 0, $level = 0, $pages = 0) {
     727function _cat_row( $category, $level, $name_override = false ) {
     728    global $class;
     729
     730    $pad = str_repeat('&#8212; ', $level);
     731    if ( current_user_can('manage_categories') ) {
     732        $edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->cat_ID' class='edit'>".__('Edit')."</a></td>";
     733        $default_cat_id = get_option('default_category');
     734        $default_link_cat_id = get_option('default_link_category');
     735
     736        if ( ($category->cat_ID != $default_cat_id) && ($category->cat_ID != $default_link_cat_id) )
     737            $edit .= "<td><a href='" . wp_nonce_url("categories.php?action=delete&amp;cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category &quot;%s&quot;.\\nAll of its posts will go into the default category of &quot;%s&quot;\\nAll of its bookmarks will go into the default category of &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), js_escape($category->cat_name), js_escape(get_catname($default_cat_id)), js_escape(get_catname($default_link_cat_id))) . "' );\" class='delete'>".__('Delete')."</a>";
     738        else
     739            $edit .= "<td style='text-align:center'>".__("Default");
     740    } else
     741        $edit = '';
     742
     743    $class = ( ( defined('DOING_AJAX') && DOING_AJAX ) || " class='alternate'" == $class ) ? '' : " class='alternate'";
     744
     745    $category->category_count = number_format( $category->category_count );
     746    $category->link_count = number_format( $category->link_count );
     747    return "<tr id='cat-$category->cat_ID'$class>
     748        <th scope='row' style='text-align: center'>$category->cat_ID</th>
     749        <td>" . ( $name_override ? $name_override : $pad . ' ' . $category->cat_name ) . "</td>
     750        <td>$category->category_description</td>
     751        <td align='center'>$category->category_count</td>
     752        <td align='center'>$category->link_count</td>
     753        <td>$edit</td>\n\t</tr>\n";
     754}
     755
     756function page_rows($parent = 0, $level = 0, $pages = 0, $hierarchy = true) {
    614757    global $wpdb, $class, $post;
     758
    615759    if (!$pages)
    616         $pages = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static' ORDER BY menu_order");
    617 
    618     if ($pages) {
    619         foreach ($pages as $post) {
    620             start_wp();
    621             if ($post->post_parent == $parent) {
    622                 $post->post_title = wp_specialchars($post->post_title);
    623                 $pad = str_repeat('&#8212; ', $level);
    624                 $id = $post->ID;
    625                 $class = ('alternate' == $class) ? '' : 'alternate';
     760        $pages = get_pages('sort_column=menu_order');
     761
     762    if (! $pages)
     763        return false;
     764
     765    foreach ($pages as $post) {
     766        setup_postdata($post);
     767        if ( $hierarchy && ($post->post_parent != $parent) )
     768            continue;
     769
     770        $post->post_title = wp_specialchars($post->post_title);
     771        $pad = str_repeat('&#8212; ', $level);
     772        $id = $post->ID;
     773        $class = ('alternate' == $class) ? '' : 'alternate';
    626774?>
    627775  <tr id='page-<?php echo $id; ?>' class='<?php echo $class; ?>'>
    628     <th scope="row"><?php echo $post->ID; ?></th>
     776    <th scope="row" style="text-align: center"><?php echo $post->ID; ?></th>
    629777    <td>
    630       <?php echo $pad; ?><?php the_title() ?>
     778      <?php echo $pad; ?><?php the_title() ?>
     779      <?php if ('private' == $post->post_status) _e(' - <strong>Private</strong>'); ?>
    631780    </td>
    632781    <td><?php the_author() ?></td>
    633782    <td><?php echo mysql2date('Y-m-d g:i a', $post->post_modified); ?></td>
    634783    <td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td>
    635     <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
    636     <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars(get_the_title('','',0), 1)) . "' );\">" . __('Delete') . "</a>"; } ?></td>
     784    <td><?php if ( current_user_can('edit_page', $id) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
     785    <td><?php if ( current_user_can('delete_page', $id) ) { echo "<a href='" . wp_nonce_url("page.php?action=delete&amp;post=$id", 'delete-page_' . $id) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), js_escape(get_the_title()) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
    637786  </tr>
    638787
    639788<?php
    640 
    641                 page_rows($id, $level +1, $pages);
    642             }
    643         }
    644     } else {
    645         return false;
    646     }
     789        if ( $hierarchy) page_rows($id, $level + 1, $pages);
     790    }
     791}
     792
     793function user_row( $user_object, $style = '' ) {
     794    if ( !(is_object($user_object) && is_a($user_object, 'WP_User')) )
     795        $user_object = new WP_User( (int) $user_object );
     796    $email = $user_object->user_email;
     797    $url = $user_object->user_url;
     798    $short_url = str_replace('http://', '', $url);
     799    $short_url = str_replace('www.', '', $short_url);
     800    if ('/' == substr($short_url, -1))
     801        $short_url = substr($short_url, 0, -1);
     802    if (strlen($short_url) > 35)
     803        $short_url =  substr($short_url, 0, 32).'...';
     804    $numposts = get_usernumposts($user_object->ID);
     805    $r = "<tr id='user-$user_object->ID'$style>
     806        <td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td>
     807        <td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td>
     808        <td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td>
     809        <td><a href='mailto:$email' title='" . sprintf(__('e-mail: %s'), $email) . "'>$email</a></td>
     810        <td><a href='$url' title='website: $url'>$short_url</a></td>";
     811    $r .= "\n\t\t<td align='center'>";
     812    if ($numposts > 0) {
     813        $r .= "<a href='edit.php?author=$user_object->ID' title='" . __('View posts by this author') . "' class='edit'>";
     814        $r .= sprintf(__('View %1$s %2$s'), $numposts, __ngettext('post', 'posts', $numposts));
     815    }
     816    $r .= "</td>\n\t\t<td>";
     817    $edit_link = add_query_arg('wp_http_referer', wp_specialchars(urlencode(stripslashes($_SERVER['REQUEST_URI']))), "user-edit.php?user_id=$user_object->ID");
     818    if ( current_user_can('edit_user', $user_object->ID) )
     819        $r .= "<a href='$edit_link' class='edit'>".__('Edit')."</a>";
     820    $r .= "</td>\n\t</tr>";
     821    return $r;
    647822}
    648823
    649824function wp_dropdown_cats($currentcat = 0, $currentparent = 0, $parent = 0, $level = 0, $categories = 0) {
    650     global $wpdb, $bgcolor;
    651     if (!$categories) {
    652         $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
    653     }
     825    global $wpdb;
     826    if (!$categories)
     827        $categories = get_categories('hide_empty=0');
     828
    654829    if ($categories) {
    655830        foreach ($categories as $category) {
    656831            if ($currentcat != $category->cat_ID && $parent == $category->category_parent) {
    657                 $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
    658832                $pad = str_repeat('&#8211; ', $level);
    659833                $category->cat_name = wp_specialchars($category->cat_name);
     
    668842        return false;
    669843    }
    670 }
    671 
    672 function link_category_dropdown($fieldname, $selected = 0) {
    673     global $wpdb;
    674    
    675     $results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
    676     echo "\n<select name='$fieldname' size='1'>\n";
    677     foreach ($results as $row) {
    678         echo "\n\t<option value='$row->cat_id'";
    679         if ($row->cat_id == $selected)
    680             echo " selected='selected'";
    681         echo ">$row->cat_id : " . wp_specialchars($row->cat_name);
    682         if ($row->auto_toggle == 'Y')
    683             echo ' (auto toggle)';
    684         echo "</option>";
    685     }
    686     echo "\n</select>\n";
    687844}
    688845
     
    777934        return $error;
    778935    } else {
     936        apply_filters( 'wp_create_thumbnail', $thumbpath );
    779937        return $thumbpath;
    780938    }
     
    796954    global $post_ID;
    797955    // Exit if no meta
    798     if (!$meta)
     956    if (!$meta) {
     957        echo '<tbody id="the-list"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
    799958        return;
     959    }
    800960    $count = 0;
    801961?>
    802 <table id='meta-list' cellpadding="3">
     962    <thead>
    803963    <tr>
    804964        <th><?php _e('Key') ?></th>
     
    806966        <th colspan='2'><?php _e('Action') ?></th>
    807967    </tr>
     968    </thead>
    808969<?php
    809 
    810 
     970    $r ="\n\t<tbody id='the-list'>";
    811971    foreach ($meta as $entry) {
    812972        ++ $count;
     
    817977        if ('_' == $entry['meta_key'] { 0 })
    818978            $style .= ' hidden';
    819         echo "
    820             <tr class='$style'>
    821                 <td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>
    822                 <td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>
    823                 <td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".__('Update')."' /><br />
    824                 <input name='deletemeta[{$entry['meta_id']}]' type='submit' class='deletemeta' tabindex='6' value='".__('Delete')."' /></td>
    825             </tr>
    826         ";
    827     }
    828     echo "
    829         </table>
    830     ";
     979
     980        if ( is_serialized($entry['meta_value']) ) {
     981            if ( is_serialized_string($entry['meta_value']) ) {
     982                // this is a serialized string, so we should display it
     983                $entry['meta_value'] = maybe_unserialize($entry['meta_value']);
     984            } else {
     985                // this is a serialized array/object so we should NOT display it
     986                --$count;
     987                continue;
     988            }
     989        }
     990
     991        $key_js = js_escape($entry['meta_key']);
     992        $entry['meta_key'] = wp_specialchars( $entry['meta_key'], true );
     993        $entry['meta_value'] = wp_specialchars( $entry['meta_value'], true );
     994        $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
     995        $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
     996        $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
     997        $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".__('Update')."' /><br />";
     998        $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '";
     999        $r .= sprintf(__("You are about to delete the &quot;%s&quot; custom field on this post.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), $key_js);
     1000        $r .= "' );\" class='deletemeta' tabindex='6' value='".__('Delete')."' /></td>";
     1001        $r .= "\n\t</tr>";
     1002    }
     1003    echo $r;
     1004    echo "\n\t</tbody>";
    8311005}
    8321006
     
    8461020function meta_form() {
    8471021    global $wpdb;
     1022    $limit = (int) apply_filters('postmeta_form_limit', 30);
    8481023    $keys = $wpdb->get_col("
    849             SELECT meta_key
    850             FROM $wpdb->postmeta
    851             GROUP BY meta_key
    852             ORDER BY meta_id DESC
    853             LIMIT 10");
     1024        SELECT meta_key
     1025        FROM $wpdb->postmeta
     1026        GROUP BY meta_key
     1027        ORDER BY meta_id DESC
     1028        LIMIT $limit");
     1029    natcasesort($keys);
    8541030?>
    8551031<h3><?php _e('Add a new custom field:') ?></h3>
    856 <table cellspacing="3" cellpadding="3">
     1032<table id="newmeta" cellspacing="3" cellpadding="3">
    8571033    <tr>
    8581034<th colspan="2"><?php _e('Key') ?></th>
     
    8611037    <tr valign="top">
    8621038        <td align="right" width="18%">
    863 <?php if ($keys) : ?>
     1039<?php if ( $keys ) : ?>
    8641040<select id="metakeyselect" name="metakeyselect" tabindex="7">
    8651041<option value="#NONE#"><?php _e('- Select -'); ?></option>
    8661042<?php
    8671043
    868     foreach ($keys as $key) {
     1044    foreach ( $keys as $key ) {
     1045        $key = wp_specialchars($key, 1);
    8691046        echo "\n\t<option value='$key'>$key</option>";
    8701047    }
     
    8781055
    8791056</table>
    880 <p class="submit"><input type="submit" name="updatemeta" tabindex="9" value="<?php _e('Add Custom Field &raquo;') ?>" /></p>
     1057<p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e('Add Custom Field &raquo;') ?>" /></p>
    8811058<?php
    8821059
     
    8851062function add_meta($post_ID) {
    8861063    global $wpdb;
     1064    $post_ID = (int) $post_ID;
    8871065
    8881066    $metakeyselect = $wpdb->escape(stripslashes(trim($_POST['metakeyselect'])));
    8891067    $metakeyinput = $wpdb->escape(stripslashes(trim($_POST['metakeyinput'])));
    890     $metavalue = $wpdb->escape(stripslashes(trim($_POST['metavalue'])));
     1068    $metavalue = maybe_serialize(stripslashes((trim($_POST['metavalue']))));
     1069    $metavalue = $wpdb->escape($metavalue);
    8911070
    8921071    if ( ('0' === $metavalue || !empty ($metavalue)) && ((('#NONE#' != $metakeyselect) && !empty ($metakeyselect)) || !empty ($metakeyinput)) ) {
     
    8941073        // input for the key have data, the input takes precedence:
    8951074
    896         if ('#NONE#' != $metakeyselect)
     1075        if ('#NONE#' != $metakeyselect)
    8971076            $metakey = $metakeyselect;
    8981077
     
    9051084                        VALUES ('$post_ID','$metakey','$metavalue')
    9061085                    ");
    907     }
     1086        return $wpdb->insert_id;
     1087    }
     1088    return false;
    9081089} // add_meta
    9091090
    9101091function delete_meta($mid) {
    9111092    global $wpdb;
    912 
    913     $result = $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
     1093    $mid = (int) $mid;
     1094
     1095    return $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'");
    9141096}
    9151097
    9161098function update_meta($mid, $mkey, $mvalue) {
    9171099    global $wpdb;
    918 
     1100    $mvalue = maybe_serialize(stripslashes($mvalue));
     1101    $mvalue = $wpdb->escape($mvalue);
     1102    $mid = (int) $mid;
    9191103    return $wpdb->query("UPDATE $wpdb->postmeta SET meta_key = '$mkey', meta_value = '$mvalue' WHERE meta_id = '$mid'");
    9201104}
    9211105
     1106function get_post_meta_by_id($mid) {
     1107    global $wpdb;
     1108    $mid = (int) $mid;
     1109
     1110    $meta = $wpdb->get_row("SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'");
     1111    if ( is_serialized_string($meta->meta_value) )
     1112        $meta->meta_value = maybe_unserialize($meta->meta_value);
     1113    return $meta;
     1114}
     1115
    9221116function touch_time($edit = 1, $for_post = 1) {
    923     global $month, $post, $comment;
     1117    global $wp_locale, $post, $comment;
    9241118
    9251119    if ( $for_post )
     
    9281122    echo '<fieldset><legend><input type="checkbox" class="checkbox" name="edit_date" value="1" id="timestamp" /> <label for="timestamp">'.__('Edit timestamp').'</label></legend>';
    9291123
    930     $time_adj = time() + (get_settings('gmt_offset') * 3600);
     1124    $time_adj = time() + (get_option('gmt_offset') * 3600);
    9311125    $post_date = ($for_post) ? $post->post_date : $comment->comment_date;
    9321126    $jj = ($edit) ? mysql2date('d', $post_date) : gmdate('d', $time_adj);
     
    9371131    $ss = ($edit) ? mysql2date('s', $post_date) : gmdate('s', $time_adj);
    9381132
    939     echo "<select name=\"mm\">\n";
     1133    echo "<select name=\"mm\" onchange=\"edit_date.checked=true\">\n";
    9401134    for ($i = 1; $i < 13; $i = $i +1) {
    9411135        echo "\t\t\t<option value=\"$i\"";
    9421136        if ($i == $mm)
    943             echo " selected='selected'";
    944         if ($i < 10) {
    945             $ii = "0".$i;
    946         } else {
    947             $ii = "$i";
    948         }
    949         echo ">".$month["$ii"]."</option>\n";
     1137            echo ' selected="selected"';
     1138        echo '>' . $wp_locale->get_month($i) . "</option>\n";
    9501139    }
    9511140?>
    9521141</select>
    953 <input type="text" id="jj" name="jj" value="<?php echo $jj; ?>" size="2" maxlength="2" />
    954 <input type="text" id="aa" name="aa" value="<?php echo $aa ?>" size="4" maxlength="5" /> @
    955 <input type="text" id="hh" name="hh" value="<?php echo $hh ?>" size="2" maxlength="2" /> :
    956 <input type="text" id="mn" name="mn" value="<?php echo $mn ?>" size="2" maxlength="2" />
    957 <input type="hidden" id="ss" name="ss" value="<?php echo $ss ?>" size="2" maxlength="2" />
     1142<input type="text" id="jj" name="jj" value="<?php echo $jj; ?>" size="2" maxlength="2" onchange="edit_date.checked=true"/>
     1143<input type="text" id="aa" name="aa" value="<?php echo $aa ?>" size="4" maxlength="5" onchange="edit_date.checked=true" /> @
     1144<input type="text" id="hh" name="hh" value="<?php echo $hh ?>" size="2" maxlength="2" onchange="edit_date.checked=true" /> :
     1145<input type="text" id="mn" name="mn" value="<?php echo $mn ?>" size="2" maxlength="2" onchange="edit_date.checked=true" />
     1146<input type="hidden" id="ss" name="ss" value="<?php echo $ss ?>" size="2" maxlength="2" onchange="edit_date.checked=true" />
    9581147<?php
    9591148    if ( $edit ) {
    9601149        _e('Existing timestamp');
    961         echo ": {$month[$mm]} $jj, $aa @ $hh:$mn";
     1150        //echo ': ' . $wp_locale->get_month($mm) . "$jj, $aa @ $hh:$mn";
     1151        echo sprintf(__(': %1$s %2$s, %3$s @ %4$s:%5$s'), $wp_locale->get_month($mm), $jj, $aa, $hh, $mn);
    9621152    }
    9631153?>
     
    9841174        if ($markerdata) {
    9851175            $state = true;
    986             foreach ($markerdata as $markerline) {
     1176            foreach ($markerdata as $n => $markerline) {
    9871177                if (strstr($markerline, "# BEGIN {$marker}"))
    9881178                    $state = false;
    989                 if ($state)
    990                     fwrite($f, "{$markerline}\n");
     1179                if ($state) {
     1180                    if ( $n + 1 < count($markerdata) )
     1181                        fwrite($f, "{$markerline}\n");
     1182                    else
     1183                        fwrite($f, "{$markerline}");
     1184                }
    9911185                if (strstr($markerline, "# END {$marker}")) {
    9921186                    fwrite($f, "# BEGIN {$marker}\n");
     
    10711265}
    10721266
    1073 function the_quicktags() {
    1074     // Browser detection sucks, but until Safari supports the JS needed for this to work people just assume it's a bug in WP
    1075     if (!strstr($_SERVER['HTTP_USER_AGENT'], 'Safari'))
    1076         echo '
    1077         <div id="quicktags">
    1078             <script src="../wp-includes/js/quicktags.js" type="text/javascript"></script>
    1079             <script type="text/javascript">if ( typeof tinyMCE == "undefined" || tinyMCE.configs.length < 1 ) edToolbar();</script>
    1080         </div>
    1081 ';
    1082     else echo '
    1083 <script type="text/javascript">
    1084 function edInsertContent(myField, myValue) {
    1085     //IE support
    1086     if (document.selection) {
    1087         myField.focus();
    1088         sel = document.selection.createRange();
    1089         sel.text = myValue;
    1090         myField.focus();
    1091     }
    1092     //MOZILLA/NETSCAPE support
    1093     else if (myField.selectionStart || myField.selectionStart == "0") {
    1094         var startPos = myField.selectionStart;
    1095         var endPos = myField.selectionEnd;
    1096         myField.value = myField.value.substring(0, startPos)
    1097                       + myValue
    1098                       + myField.value.substring(endPos, myField.value.length);
    1099         myField.focus();
    1100         myField.selectionStart = startPos + myValue.length;
    1101         myField.selectionEnd = startPos + myValue.length;
    1102     } else {
    1103         myField.value += myValue;
    1104         myField.focus();
    1105     }
    1106 }
    1107 </script>
    1108 ';
    1109 }
    1110 
    1111 function validate_current_theme() {
    1112     $theme_loc = 'wp-content/themes';
    1113     $theme_root = ABSPATH.$theme_loc;
    1114 
    1115     $template = get_settings('template');
    1116     $stylesheet = get_settings('stylesheet');
    1117 
    1118     if (($template != 'default') && (!file_exists("$theme_root/$template/index.php"))) {
    1119         update_option('template', 'default');
    1120         update_option('stylesheet', 'default');
    1121         do_action('switch_theme', 'Default');
    1122         return false;
    1123     }
    1124 
    1125     if (($stylesheet != 'default') && (!file_exists("$theme_root/$stylesheet/style.css"))) {
    1126         update_option('template', 'default');
    1127         update_option('stylesheet', 'default');
    1128         do_action('switch_theme', 'Default');
    1129         return false;
    1130     }
    1131 
    1132     return true;
    1133 }
    1134 
    11351267function get_broken_themes() {
    11361268    global $wp_broken_themes;
     
    11771309function parent_dropdown($default = 0, $parent = 0, $level = 0) {
    11781310    global $wpdb, $post_ID;
    1179     $items = $wpdb->get_results("SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = $parent AND post_status = 'static' ORDER BY menu_order");
     1311    $items = $wpdb->get_results("SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = $parent AND post_type = 'page' ORDER BY menu_order");
    11801312
    11811313    if ($items) {
     
    12051337    global $menu;
    12061338    global $submenu;
     1339    global $_wp_menu_nopriv;
     1340    global $_wp_submenu_nopriv;
     1341    global $plugin_page;
    12071342
    12081343    $parent = get_admin_page_parent();
    1209 
    1210     foreach ($menu as $menu_array) {
    1211         //echo "parent array: " . $menu_array[2];
    1212         if ($menu_array[2] == $parent) {
    1213             if (!current_user_can($menu_array[1])) {
     1344    /*echo "pa: $parent pn: $pagenow pp: $plugin_page<br/>";
     1345    echo "<pre>";
     1346    print_r($_wp_menu_nopriv);
     1347    print_r($_wp_submenu_nopriv);
     1348    echo "</pre>";*/
     1349    if ( isset($_wp_submenu_nopriv[$parent][$pagenow]) )
     1350        return false;
     1351
     1352    if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$parent][$plugin_page]) )
     1353        return false;
     1354   
     1355    if ( empty($parent) ) {
     1356        if ( isset($_wp_menu_nopriv[$pagenow]) )
     1357            return false;
     1358        if ( isset($_wp_submenu_nopriv[$pagenow][$pagenow]) )
     1359            return false;
     1360        if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$pagenow][$plugin_page]) )
     1361            return false;
     1362        foreach (array_keys($_wp_submenu_nopriv) as $key) {
     1363            if ( isset($_wp_submenu_nopriv[$key][$pagenow]) )
    12141364                return false;
    1215             } else {
    1216                 break;
    1217             }
    1218         }
     1365            if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$key][$plugin_page]) )
     1366            return false;   
     1367        }
     1368        return true;
    12191369    }
    12201370
     
    12221372        foreach ($submenu[$parent] as $submenu_array) {
    12231373            if ($submenu_array[2] == $pagenow) {
    1224                 if (!current_user_can($submenu_array[1])) {
     1374                if (current_user_can($submenu_array[1]))
     1375                    return true;
     1376                else
    12251377                    return false;
    1226                 } else {
    1227                     return true;
    1228                 }
    12291378            }
    12301379        }
    12311380    }
    12321381
     1382    foreach ($menu as $menu_array) {
     1383        if ($menu_array[2] == $parent) {
     1384            if (current_user_can($menu_array[1]))
     1385                return true;
     1386            else
     1387                return false;
     1388        }
     1389    }
     1390   
    12331391    return true;
    12341392}
     
    12871445    global $pagenow;
    12881446    global $plugin_page;
    1289 
    1290     if (isset ($parent_file) && !empty ($parent_file)) {
     1447    global $_wp_real_parent_file;
     1448    global $_wp_menu_nopriv;
     1449    global $_wp_submenu_nopriv;
     1450
     1451    if ( !empty ($parent_file) ) {
     1452        if ( isset($_wp_real_parent_file[$parent_file]) )
     1453            $parent_file = $_wp_real_parent_file[$parent_file];
     1454
    12911455        return $parent_file;
    12921456    }
     
    12961460            if ($parent_menu[2] == $plugin_page) {
    12971461                $parent_file = $plugin_page;
    1298                 return $plugin_page;
     1462                if ( isset($_wp_real_parent_file[$parent_file]) )
     1463                    $parent_file = $_wp_real_parent_file[$parent_file];
     1464                return $parent_file;
    12991465            }
    13001466        }
     1467        if ( isset($_wp_menu_nopriv[$plugin_page]) ) {
     1468            $parent_file = $plugin_page;
     1469            if ( isset($_wp_real_parent_file[$parent_file]) )
     1470                    $parent_file = $_wp_real_parent_file[$parent_file];
     1471            return $parent_file;
     1472        }           
     1473    }
     1474
     1475    if ( isset($plugin_page) && isset($_wp_submenu_nopriv[$pagenow][$plugin_page]) ) {
     1476        $parent_file = $pagenow;
     1477        if ( isset($_wp_real_parent_file[$parent_file]) )
     1478            $parent_file = $_wp_real_parent_file[$parent_file];
     1479        return $parent_file;       
    13011480    }
    13021481
    13031482    foreach (array_keys($submenu) as $parent) {
    13041483        foreach ($submenu[$parent] as $submenu_array) {
     1484            if ( isset($_wp_real_parent_file[$parent]) )
     1485                $parent = $_wp_real_parent_file[$parent];
    13051486            if ($submenu_array[2] == $pagenow) {
    13061487                $parent_file = $parent;
     
    13371518    global $submenu;
    13381519    global $menu;
     1520    global $_wp_real_parent_file;
     1521    global $_wp_submenu_nopriv;
     1522    global $_wp_menu_nopriv;
     1523
     1524    $file = plugin_basename($file);
    13391525
    13401526    $parent = plugin_basename($parent);
    1341     $file = plugin_basename($file);
     1527    if ( isset($_wp_real_parent_file[$parent]) )
     1528        $parent = $_wp_real_parent_file[$parent];
     1529
     1530    if ( !current_user_can($access_level) ) {
     1531        $_wp_submenu_nopriv[$parent][$file] = true;
     1532        return false;
     1533    }
    13421534
    13431535    // If the parent doesn't already have a submenu, add a link to the parent
     
    13451537    // parent file someone is trying to link back to the parent manually.  In
    13461538    // this case, don't automatically add a link back to avoid duplication.
    1347     if (!isset ($submenu[$parent]) && $file != $parent) {
     1539    if (!isset ($submenu[$parent]) && $file != $parent  ) {
    13481540        foreach ($menu as $parent_menu) {
    1349             if ($parent_menu[2] == $parent) {
     1541            if ( $parent_menu[2] == $parent && current_user_can($parent_menu[1]) ) {
    13501542                $submenu[$parent][] = $parent_menu;
    13511543            }
     
    13971589    switch ($code) {
    13981590        case 1 :
    1399             die(__('Sorry, can&#8217;t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
     1591            wp_die(__('Sorry, can&#8217;t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.'));
    14001592
    14011593        case 2 :
    1402             die(__('Sorry, can&#8217;t call files with their real path.'));
     1594            wp_die(__('Sorry, can&#8217;t call files with their real path.'));
    14031595
    14041596        case 3 :
    1405             die(__('Sorry, that file cannot be edited.'));
     1597            wp_die(__('Sorry, that file cannot be edited.'));
    14061598    }
    14071599}
    14081600
    14091601function get_home_path() {
    1410     $home = get_settings('home');
    1411     if ($home != '' && $home != get_settings('siteurl')) {
     1602    $home = get_option('home');
     1603    if ($home != '' && $home != get_option('siteurl')) {
    14121604        $home_path = parse_url($home);
    14131605        $home_path = $home_path['path'];
     
    14411633        return $wp_file_descriptions[basename($file)];
    14421634    }
    1443     elseif (file_exists(ABSPATH.$file)) {
    1444         $template_data = implode('', file(ABSPATH.$file));
     1635    elseif ( file_exists( ABSPATH . $file ) && is_file( ABSPATH . $file ) ) {
     1636        $template_data = implode('', file( ABSPATH . $file ));
    14451637        if (preg_match("|Template Name:(.*)|i", $template_data, $name))
    14461638            return $name[1];
     
    14731665    preg_match("|Author URI:(.*)|i", $plugin_data, $author_uri);
    14741666    if (preg_match("|Version:(.*)|i", $plugin_data, $version))
    1475         $version = $version[1];
     1667        $version = trim($version[1]);
    14761668    else
    14771669        $version = '';
    14781670
    1479     $description = wptexturize($description[1]);
     1671    $description = wptexturize(trim($description[1]));
    14801672
    14811673    $name = $plugin_name[1];
     
    14831675    $plugin = $name;
    14841676    if ('' != $plugin_uri[1] && '' != $name) {
    1485         $plugin = '<a href="'.$plugin_uri[1].'" title="'.__('Visit plugin homepage').'">'.$plugin.'</a>';
     1677        $plugin = '<a href="' . trim($plugin_uri[1]) . '" title="'.__('Visit plugin homepage').'">'.$plugin.'</a>';
    14861678    }
    14871679
    14881680    if ('' == $author_uri[1]) {
    1489         $author = $author_name[1];
    1490     } else {
    1491         $author = '<a href="'.$author_uri[1].'" title="'.__('Visit author homepage').'">'.$author_name[1].'</a>';
     1681        $author = trim($author_name[1]);
     1682    } else {
     1683        $author = '<a href="' . trim($author_uri[1]) . '" title="'.__('Visit author homepage').'">' . trim($author_name[1]) . '</a>';
    14921684    }
    14931685
     
    15031695
    15041696    $wp_plugins = array ();
    1505     $plugin_loc = 'wp-content/plugins';
    1506     $plugin_root = ABSPATH.$plugin_loc;
     1697    $plugin_root = ABSPATH . PLUGINDIR;
    15071698
    15081699    // Files in wp-content/plugins directory
     
    15291720    }
    15301721
    1531     if (!$plugins_dir || !$plugin_files) {
     1722    if ( !$plugins_dir || !$plugin_files )
    15321723        return $wp_plugins;
    1533     }
    1534 
    1535     sort($plugin_files);
    1536 
    1537     foreach ($plugin_files as $plugin_file) {
    1538         if ( !is_readable("$plugin_root/$plugin_file"))
     1724
     1725    foreach ( $plugin_files as $plugin_file ) {
     1726        if ( !is_readable("$plugin_root/$plugin_file") )
    15391727            continue;
    15401728
    15411729        $plugin_data = get_plugin_data("$plugin_root/$plugin_file");
    15421730
    1543         if (empty ($plugin_data['Name'])) {
     1731        if ( empty ($plugin_data['Name']) )
    15441732            continue;
    1545         }
    15461733
    15471734        $wp_plugins[plugin_basename($plugin_file)] = $plugin_data;
    15481735    }
     1736
     1737    uasort($wp_plugins, create_function('$a, $b', 'return strnatcasecmp($a["Name"], $b["Name"]);'));
    15491738
    15501739    return $wp_plugins;
     
    16551844        __("Failed to write file to disk."));
    16561845
    1657     // Accepted MIME types are set here as PCRE. Override with $override['mimes'].
    1658     $mimes = apply_filters('upload_mimes', array (
    1659         'jpg|jpeg|jpe' => 'image/jpeg',
    1660         'gif' => 'image/gif',
    1661         'png' => 'image/png',
    1662         'bmp' => 'image/bmp',
    1663         'tif|tiff' => 'image/tiff',
    1664         'ico' => 'image/x-icon',
    1665         'asf|asx|wax|wmv|wmx' => 'video/asf',
    1666         'avi' => 'video/avi',
    1667         'mov|qt' => 'video/quicktime',
    1668         'mpeg|mpg|mpe' => 'video/mpeg',
    1669         'txt|c|cc|h' => 'text/plain',
    1670         'rtx' => 'text/richtext',
    1671         'css' => 'text/css',
    1672         'htm|html' => 'text/html',
    1673         'mp3|mp4' => 'audio/mpeg',
    1674         'ra|ram' => 'audio/x-realaudio',
    1675         'wav' => 'audio/wav',
    1676         'ogg' => 'audio/ogg',
    1677         'mid|midi' => 'audio/midi',
    1678         'wma' => 'audio/wma',
    1679         'rtf' => 'application/rtf',
    1680         'js' => 'application/javascript',
    1681         'pdf' => 'application/pdf',
    1682         'doc' => 'application/msword',
    1683         'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
    1684         'wri' => 'application/vnd.ms-write',
    1685         'xla|xls|xlt|xlw' => 'application/vnd.ms-excel',
    1686         'mdb' => 'application/vnd.ms-access',
    1687         'mpp' => 'application/vnd.ms-project',
    1688         'swf' => 'application/x-shockwave-flash',
    1689         'class' => 'application/java',
    1690         'tar' => 'application/x-tar',
    1691         'zip' => 'application/zip',
    1692         'gz|gzip' => 'application/x-gzip',
    1693         'exe' => 'application/x-msdownload'
    1694     ));
    1695 
    16961846    // All tests are on by default. Most can be turned off by $override[{test_name}] = false;
    16971847    $test_form = true;
     
    17211871        return $upload_error_handler($file, __('Specified file failed upload test.'));
    17221872
    1723     // A correct MIME type will pass this test.
     1873    // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter.
    17241874    if ( $test_type ) {
    1725         $type = false;
    1726         $ext = false;
    1727         foreach ($mimes as $ext_preg => $mime_match) {
    1728             $ext_preg = '![^.]\.(' . $ext_preg . ')$!i';
    1729             if ( preg_match($ext_preg, $file['name'], $ext_matches) ) {
    1730                 $type = $mime_match;
    1731                 $ext = $ext_matches[1];
    1732             }
    1733         }
     1875        $wp_filetype = wp_check_filetype($file['name'], $mimes);
     1876
     1877        extract($wp_filetype);
    17341878
    17351879        if ( !$type || !$ext )
     
    17581902                $filename = str_replace("$number$ext", ++$number . $ext, $filename);
    17591903        }
     1904        $filename = str_replace($ext, '', $filename);
     1905        $filename = sanitize_title_with_dashes($filename) . $ext;
    17601906    }
    17611907
     
    17631909    $new_file = $uploads['path'] . "/$filename";
    17641910    if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) )
    1765         die(printf(__('The uploaded file could not be moved to %s.'), $file['path']));
     1911        wp_die(printf(__('The uploaded file could not be moved to %s.'), $uploads['path']));
    17661912
    17671913    // Set correct file permissions
     
    17721918    // Compute the URL
    17731919    $url = $uploads['url'] . "/$filename";
    1774 
    1775     return array('file' => $new_file, 'url' => $url, 'type' => $type);
     1920   
     1921    $return = apply_filters( 'wp_handle_upload', array('file' => $new_file, 'url' => $url, 'type' => $type) );
     1922
     1923    return $return;
    17761924}
    17771925
     
    17901938
    17911939function wp_import_upload_form($action) {
     1940    $size = strtolower( ini_get('upload_max_filesize') );
     1941    $bytes = 0;
     1942    if ( strstr( $size, 'k' ) )
     1943        $bytes = $size * 1024;
     1944    if ( strstr( $size, 'm' ) )
     1945        $bytes = $size * 1024 * 1024;
     1946    if ( strstr( $size, 'g' ) )
     1947        $bytes = $size * 1024 * 1024 * 1024;
    17921948?>
    1793 <script type="text/javascript">
    1794 function cancelUpload() {
    1795 o = document.getElementById('uploadForm');
    1796 o.method = 'GET';
    1797 o.action.value = 'view';
    1798 o.submit();
    1799 }
    1800 </script>
    1801 <form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo $action ?>">
    1802 <label for="upload"><?php _e('File:'); ?></label><input type="file" id="upload" name="import" />
     1949<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo $action ?>">
     1950<p>
     1951<label for="upload"><?php _e('Choose a file from your computer:'); ?></label> (<?php printf( __('Maximum size: %s'), $size ); ?>)
     1952<input type="file" id="upload" name="import" size="25" />
    18031953<input type="hidden" name="action" value="save" />
    1804 <div id="buttons">
    1805 <input type="submit" value="<?php _e('Import'); ?>" />
    1806 <input type="button" value="<?php _e('Cancel'); ?>" onclick="cancelUpload()" />
    1807 </div>
     1954<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" />
     1955</p>
     1956<p class="submit">
     1957<input type="submit" value="<?php _e('Upload file and import'); ?> &raquo;" />
     1958</p>
    18081959</form>
    1809 <?php   
     1960<?php
    18101961}
    18111962
     
    18181969
    18191970    $url = $file['url'];
    1820     $file = $file['file'];
     1971    $file = addslashes( $file['file'] );
    18211972    $filename = basename($file);
    18221973
     
    18351986}
    18361987
    1837 function user_can_richedit() {
    1838     if ( 'true' != get_user_option('rich_editing') )
    1839         return false;
    1840 
    1841     if ( preg_match('!opera[ /][2-8]|konqueror|safari!i', $_SERVER['HTTP_USER_AGENT']) )
    1842         return false;
    1843 
    1844     return true; // Best guess
    1845 }
    1846 
    18471988function the_attachment_links($id = false) {
    18481989    $id = (int) $id;
    18491990    $post = & get_post($id);
    18501991
    1851     if ( $post->post_status != 'attachment' )
     1992    if ( $post->post_type != 'attachment' )
    18521993        return false;
    18531994
    18541995    $icon = get_attachment_icon($post->ID);
    1855 
     1996    $attachment_data = get_post_meta( $id, '_wp_attachment_metadata', true );
     1997    $thumb = isset($attachment_data['thumb']);
    18561998?>
    1857 <p><?php _e('Text linked to file') ?><br />
    1858 <textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo basename($post->guid) ?></a></textarea></p>
    1859 <p><?php _e('Text linked to subpost') ?><br />
    1860 <textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment" id="<?php echo $post->ID ?>"><?php echo $post->post_title ?></a></textarea></p>
     1999<form id="the-attachment-links">
     2000<table>
     2001    <col />
     2002    <col class="widefat" />
     2003    <tr>
     2004        <th scope="row"><?php _e('URL') ?></th>
     2005        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><?php echo $post->guid ?></textarea></td>
     2006    </tr>
    18612007<?php if ( $icon ) : ?>
    1862 <p><?php _e('Thumbnail linked to file') ?><br />
    1863 <textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo $icon ?></a></textarea></p>
    1864 <p><?php _e('Thumbnail linked to subpost') ?><br />
    1865 <textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment" id="<?php echo $post->ID ?>"><?php echo $icon ?></a></textarea></p>
     2008    <tr>
     2009        <th scope="row"><?php $thumb ? _e('Thumbnail linked to file') : _e('Image linked to file'); ?></th>
     2010        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid; ?>"><?php echo $icon ?></a></textarea></td>
     2011    </tr>
     2012    <tr>
     2013        <th scope="row"><?php $thumb ? _e('Thumbnail linked to page') : _e('Image linked to file'); ?></th>
     2014        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment wp-att-<?php echo $post->ID; ?>"><?php echo $icon ?></a></textarea></td>
     2015    </tr>
     2016<?php else : ?>
     2017    <tr>
     2018        <th scope="row"><?php _e('Link to file') ?></th>
     2019        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo $post->guid ?>" class="attachmentlink"><?php echo basename($post->guid);  ?></a></textarea></td>
     2020    </tr>
     2021    <tr>
     2022        <th scope="row"><?php _e('Link to page') ?></th>
     2023        <td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link($post->ID) ?>" rel="attachment wp-att-<?php echo $post->ID ?>"><?php the_title(); ?></a></textarea></td>
     2024    </tr>
    18662025<?php endif; ?>
     2026</table>
     2027</form>
    18672028<?php
    18682029}
     
    18772038}
    18782039
     2040function wp_reset_vars($vars) {
     2041    for ($i=0; $i<count($vars); $i += 1) {
     2042        $var = $vars[$i];
     2043        global $$var;
     2044
     2045        if (!isset($$var)) {
     2046            if (empty($_POST["$var"])) {
     2047                if (empty($_GET["$var"]))
     2048                    $$var = '';
     2049                else
     2050                    $$var = $_GET["$var"];
     2051            } else {
     2052                $$var = $_POST["$var"];
     2053            }
     2054        }
     2055    }
     2056}
     2057
     2058// If siteurl or home changed, reset cookies and flush rewrite rules.
     2059function update_home_siteurl($old_value, $value) {
     2060    global $wp_rewrite, $user_login, $user_pass_md5;
     2061
     2062    if ( defined("WP_INSTALLING") )
     2063        return;
     2064
     2065    // If home changed, write rewrite rules to new location.
     2066    $wp_rewrite->flush_rules();
     2067    // Clear cookies for old paths.
     2068    wp_clearcookie();
     2069    // Set cookies for new paths.
     2070    wp_setcookie($user_login, $user_pass_md5, true, get_option('home'), get_option('siteurl'));
     2071}
     2072
     2073add_action('update_option_home', 'update_home_siteurl', 10, 2);
     2074add_action('update_option_siteurl', 'update_home_siteurl', 10, 2);
     2075
     2076function wp_crop_image($src_file, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_h, $src_abs = false, $dst_file = false) {
     2077    if ( ctype_digit($src_file) ) // Handle int as attachment ID
     2078        $src_file = get_attached_file($src_file);
     2079
     2080    $src = wp_load_image($src_file);
     2081
     2082    if ( !is_resource($src) )
     2083        return $src;
     2084
     2085    $dst = imagecreatetruecolor($dst_w, $dst_h);
     2086
     2087    if ( $src_abs ) {
     2088        $src_w -= $src_x;
     2089        $src_h -= $src_y;
     2090    }
     2091
     2092    imageantialias($dst, true);
     2093    imagecopyresampled($dst, $src, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h);
     2094
     2095    if ( !$dst_file )
     2096        $dst_file = str_replace(basename($src_file), 'cropped-'.basename($src_file), $src_file);
     2097
     2098    $dst_file = preg_replace('/\\.[^\\.]+$/', '.jpg', $dst_file);
     2099
     2100    if ( imagejpeg($dst, $dst_file) )
     2101        return $dst_file;
     2102    else
     2103        return false;
     2104}
     2105
     2106function wp_load_image($file) {
     2107    if ( ctype_digit($file) )
     2108        $file = get_attached_file($file);
     2109
     2110    if ( !file_exists($file) )
     2111        return "File '$file' doesn't exist?";
     2112
     2113    $contents = file_get_contents($file);
     2114
     2115    $image = imagecreatefromstring($contents);
     2116
     2117    if ( !is_resource($image) )
     2118        return "File '$file' is not image?";
     2119
     2120    return $image;
     2121}
     2122
    18792123?>
Note: See TracChangeset for help on using the changeset viewer.