WordPress.org

Make WordPress Core


Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.2/wp-admin/admin-functions.php

    r5453 r5732  
    348348
    349349    $post->post_password = format_to_edit( $post->post_password );
     350   
     351    $post->menu_order = (int) $post->menu_order;
    350352
    351353    if ( $post->post_type == 'page' )
     
    397399function get_comment_to_edit( $id ) {
    398400    $comment = get_comment( $id );
    399 
    400     $comment->comment_content = format_to_edit( $comment->comment_content, user_can_richedit() );
     401   
     402    $comment->comment_ID = (int) $comment->comment_ID;
     403    $comment->comment_post_ID = (int) $comment->comment_post_ID;
     404
     405    $comment->comment_content = format_to_edit( $comment->comment_content );
    401406    $comment->comment_content = apply_filters( 'comment_edit_pre', $comment->comment_content);
    402407
    403408    $comment->comment_author = format_to_edit( $comment->comment_author );
    404409    $comment->comment_author_email = format_to_edit( $comment->comment_author_email );
     410    $comment->comment_author_url = clean_url($comment->comment_author_url);
    405411    $comment->comment_author_url = format_to_edit( $comment->comment_author_url );
    406412
     
    410416function get_category_to_edit( $id ) {
    411417    $category = get_category( $id );
     418   
     419    $category->term_id = (int) $category->term_id;
     420    $category->parent = (int) $category->parent;
    412421
    413422    return $category;
     
    936945if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    937946    echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
    938     echo ' | <a href="' . wp_nonce_url('ocomment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
     947    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
    939948    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
    940949        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
     
    10271036        $entry['meta_key']   = attribute_escape($entry['meta_key']);
    10281037        $entry['meta_value'] = attribute_escape($entry['meta_value']);
     1038        $entry['meta_id'] = (int) $entry['meta_id'];
    10291039        $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
    10301040        $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
     
    10791089
    10801090    foreach ( $keys as $key ) {
    1081         $key = attribute_escape( $key);
     1091        $key = attribute_escape( $key );
    10821092        echo "\n\t<option value='$key'>$key</option>";
    10831093    }
     
    11001110    $post_ID = (int) $post_ID;
    11011111
     1112    $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
     1113
    11021114    $metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) );
    11031115    $metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) );
     
    11141126        if ( $metakeyinput)
    11151127            $metakey = $metakeyinput; // default
     1128
     1129        if ( in_array($metakey, $protected) )
     1130            return false;
    11161131
    11171132        $result = $wpdb->query( "
     
    11341149function update_meta( $mid, $mkey, $mvalue ) {
    11351150    global $wpdb;
     1151
     1152    $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
     1153
     1154    if ( in_array($mkey, $protected) )
     1155        return false;
     1156
    11361157    $mvalue = maybe_serialize( stripslashes( $mvalue ));
    11371158    $mvalue = $wpdb->escape( $mvalue );
Note: See TracChangeset for help on using the changeset viewer.